---- a/net/mac80211/agg-rx.c
-+++ b/net/mac80211/agg-rx.c
-@@ -204,6 +204,8 @@ static void ieee80211_send_addba_resp(st
- memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
- else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
- memcpy(mgmt->bssid, sdata->u.ibss.bssid, ETH_ALEN);
-+ else if (sdata->vif.type == NL80211_IFTYPE_WDS)
-+ memcpy(mgmt->bssid, da, ETH_ALEN);
-
- mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
- IEEE80211_STYPE_ACTION);
---- a/net/mac80211/agg-tx.c
-+++ b/net/mac80211/agg-tx.c
-@@ -81,7 +81,8 @@ static void ieee80211_send_addba_request
- memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
- if (sdata->vif.type == NL80211_IFTYPE_AP ||
- sdata->vif.type == NL80211_IFTYPE_AP_VLAN ||
-- sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
-+ sdata->vif.type == NL80211_IFTYPE_MESH_POINT ||
-+ sdata->vif.type == NL80211_IFTYPE_WDS)
- memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN);
- else if (sdata->vif.type == NL80211_IFTYPE_STATION)
- memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
-@@ -527,6 +528,7 @@ int ieee80211_start_tx_ba_session(struct
- sdata->vif.type != NL80211_IFTYPE_MESH_POINT &&
- sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
- sdata->vif.type != NL80211_IFTYPE_AP &&
-+ sdata->vif.type != NL80211_IFTYPE_WDS &&
- sdata->vif.type != NL80211_IFTYPE_ADHOC)
- return -EINVAL;
-
---- a/net/mac80211/debugfs_sta.c
-+++ b/net/mac80211/debugfs_sta.c
-@@ -66,11 +66,11 @@ static ssize_t sta_flags_read(struct fil
- test_sta_flag(sta, WLAN_STA_##flg) ? #flg "\n" : ""
-
- int res = scnprintf(buf, sizeof(buf),
-- "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
-+ "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
- TEST(AUTH), TEST(ASSOC), TEST(PS_STA),
- TEST(PS_DRIVER), TEST(AUTHORIZED),
- TEST(SHORT_PREAMBLE),
-- TEST(WME), TEST(WDS), TEST(CLEAR_PS_FILT),
-+ TEST(WME), TEST(CLEAR_PS_FILT),
- TEST(MFP), TEST(BLOCK_BA), TEST(PSPOLL),
- TEST(UAPSD), TEST(SP), TEST(TDLS_PEER),
- TEST(TDLS_PEER_AUTH), TEST(4ADDR_EVENT),
-@@ -455,6 +455,15 @@ void ieee80211_sta_debugfs_add(struct st
- DEBUGFS_ADD_COUNTER(tx_retry_count, tx_retry_count);
- DEBUGFS_ADD_COUNTER(wep_weak_iv_count, wep_weak_iv_count);
-
-+ if (sizeof(sta->driver_buffered_tids) == sizeof(u32))
-+ debugfs_create_x32("driver_buffered_tids", 0400,
-+ sta->debugfs.dir,
-+ (u32 *)&sta->driver_buffered_tids);
-+ else
-+ debugfs_create_x64("driver_buffered_tids", 0400,
-+ sta->debugfs.dir,
-+ (u64 *)&sta->driver_buffered_tids);
-+
- drv_sta_add_debugfs(local, sdata, &sta->sta, sta->debugfs.dir);
+commit ff9655bebd25d35ab13c2515a029723b69949720
+Author: Felix Fietkau <nbd@openwrt.org>
+Date: Mon May 19 21:20:49 2014 +0200
+
+ ath9k: avoid passing buffers to the hardware during flush
+
+ The commit "ath9k: fix possible hang on flush" changed the receive code
+ to always link rx descriptors of processed frames, even when flushing.
+ In some cases, this leads to flushed rx buffers being passed to the
+ hardware while rx is already stopped.
+
+ Signed-off-by: Felix Fietkau <nbd@openwrt.org>
+
+commit 46c5d7d207a2a0725066c0928fd19b8c578b7d4f
+Author: Oleksij Rempel <linux@rempel-privat.de>
+Date: Tue May 20 00:02:03 2014 +0200
+
+ ath9k_htc: fix build with disabled debug
+
+ CC [M] drivers/net/wireless/ath/ath9k/htc_drv_txrx.o
+ drivers/net/wireless/ath/ath9k/htc_drv_txrx.c: In function ‘ath9k_rx_prepare’:
+ drivers/net/wireless/ath/ath9k/htc_drv_txrx.c:1006:2: warning: passing argument 2 of ‘ath9k_htc_err_stat_rx’ from incompatible pointer type [enabled by default]
+ ath9k_htc_err_stat_rx(priv, &rx_stats);
+ ^
+ In file included from drivers/net/wireless/ath/ath9k/htc_drv_txrx.c:17:0:
+ drivers/net/wireless/ath/ath9k/htc.h:380:20: note: expected ‘struct ath_htc_rx_status *’ but argument is of type ‘struct ath_rx_status *’
+ static inline void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
+
+ Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
+
+commit 2d331334e9dc5659fdf9a89326c34c3db5a15279
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Mon May 19 17:59:50 2014 +0200
+
+ cfg80211: constify wowlan/coalesce mask/pattern pointers
+
+ This requires changing the nl80211 parsing code a bit to use
+ intermediate pointers for the allocation, but clarifies the
+ API towards the drivers.
+
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 6788105c46babaa6938cbacb72fdf20bec4bb2e3
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Mon May 19 17:53:16 2014 +0200
+
+ cfg80211: constify more pointers in the cfg80211 API
+
+ This also propagates through the drivers.
+
+ The orinoco driver uses the cfg80211 API structs for internal
+ bookkeeping, and so needs a (void *) cast that removes the
+ const - but that's OK because it allocates those pointers.
+
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit c3d95010fd881da0fa0a4e88532412f5d0c092f6
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Mon May 19 17:19:31 2014 +0200
+
+ cfg80211: constify MAC addresses in cfg80211 ops
+
+ This propagates through all the drivers and mac80211.
+
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit ddf1e6f0f0354c601af7d42e5ace4b51f8b0bffc
+Author: Luciano Coelho <luciano.coelho@intel.com>
+Date: Thu May 15 20:32:08 2014 +0300
+
+ mac80211: fix csa_counter_offs argument name in docbook
+
+ The csa_counter_offs was erroneously described as csa_offs in
+ the docbook section.
+
+ This fixes two warnings when making htmldocs (at least):
+
+ Warning(include/net/mac80211.h:3428): No description found for parameter 'csa_counter_offs[IEEE80211_MAX_CSA_COUNTERS_NUM]'
+ Warning(include/net/mac80211.h:3428): Excess struct/union/enum/typedef member 'csa_offs' description in 'ieee80211_mutable_offsets'
+
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 202322d1c04b8e498bd5bb78606fcf3941512b35
+Author: Luciano Coelho <luciano.coelho@intel.com>
+Date: Thu May 15 20:18:09 2014 +0300
+
+ cfg80211: add documentation for max_num_csa_counters
+
+ Move the comment in the structure to a description of the
+ max_num_csa_counters field in the docbook area.
+
+ This fixes a warning when building htmldocs (at least):
+
+ Warning(include/net/cfg80211.h:3064): No description found for parameter 'max_num_csa_counters'
+
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 457a33192f64b7637e8fd0ae0e9f32701c908603
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Mon May 19 11:24:19 2014 +0200
+
+ mac80211: minstrel-ht: small clarifications
+
+ Antonio and I were looking over this code and some things
+ didn't immediately make sense, so we came up with two small
+ clarifications.
+
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 1e35dce952a64a957de97ae1f2bb19301756b936
+Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+Date: Fri May 9 14:11:50 2014 +0300
+
+ mac80211: Handle the CSA counters correctly
+
+ Make the beacon CSA counters part of ieee80211_mutable_offsets and don't
+ decrement CSA counters when generating a beacon template. This permits the
+ driver to offload the CSA counters handling. Since mac80211 updates the probe
+ responses with the correct counter, the driver should sync the counter's value
+ with mac80211 using ieee80211_csa_update_counter function.
+
+ Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit e7b5c449815d28a2105fde5b42e112f78cc711ac
+Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+Date: Fri May 9 14:11:49 2014 +0300
+
+ mac80211: Provide ieee80211_beacon_get_template API
+
+ Add a new API ieee80211_beacon_get_template, which doesn't
+ affect DTIM counter and should be used if the device generates beacon
+ frames, and new beacon template is needed. In addition set the offsets
+ to TIM IE for MESH interface.
+
+ Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit e54eda80273ce8aded058c3c9365dca2342e2e75
+Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+Date: Fri May 9 14:11:47 2014 +0300
+
+ mac80211: Support multiple CSA counters
+
+ Support up to IEEE80211_MAX_CSA_COUNTERS_NUM csa counters.
+ This is defined to be 2 now, to support both CSA and eCSA
+ counters.
+
+ Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 678e87c3b929dd60d59470e8981eb551cee10319
+Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+Date: Fri May 9 14:11:46 2014 +0300
+
+ cfg80211: Support multiple CSA counters
+
+ Change the type of NL80211_ATTR_CSA_C_OFF_BEACON and
+ NL80211_ATTR_CSA_C_OFF_PRESP to be NLA_BINARY which allows
+ userspace to use beacons and probe responses with
+ multiple CSA counters.
+ This isn't breaking the API since userspace can
+ continue to use nla_put_u16 for this attributes, which
+ is equivalent to a single element u16 array.
+ In addition advertise max number of supported CSA counters.
+ This is needed when using CSA and eCSA IEs together.
+
+ Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 93f4867a966cc8645659031bbd44a9bb4b78485f
+Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+Date: Fri May 9 14:11:45 2014 +0300
+
+ mac80211: Update CSA counters in mgmt frames
+
+ Track current csa counter value and use it
+ to update mgmt frames at the provided offsets.
+
+ Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 6c8461fcc03ff4d250027e47f53315b5e0ec43aa
+Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+Date: Fri May 9 14:11:44 2014 +0300
+
+ cfg80211: Add API to update CSA counters in mgmt frames
+
+ Add NL80211_ATTR_CSA_C_OFFSETS_TX which holds an array
+ of offsets to the CSA counters which should be updated
+ when sending a management frames with NL80211_CMD_FRAME.
+
+ This API should be used by the drivers that wish to keep the
+ CSA counter updated in probe responses, but do not implement
+ probe response offloading and so, do not use
+ ieee80211_proberesp_get function.
+
+ Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 7d09fc9f1903b3d5e7d046bdf10467f37a97c4f9
+Author: Luciano Coelho <luciano.coelho@intel.com>
+Date: Thu May 15 13:05:39 2014 +0300
+
+ cfg80211: pass the actual iftype when calling cfg80211_chandef_dfs_required()
+
+ There is no need to pass NL80211_IFTYPE_UNSPECIFIED when calling
+ cfg80211_chandef_dfs_required() since we always already have the
+ interface type. So, pass the actual interface type instead.
+
+ Additionally, have cfg80211_chandef_dfs_required() WARN if the passed
+ interface type is NL80211_IFTYPE_UNSPECIFIED, so we can detect
+ problems more easily.
+
+ Tested-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
+ Reported-by: Eliad Peller <eliad@wizery.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 2b7443b15f26ecb98281474666383cf2a882fbad
+Author: Janusz Dziedzic <janusz.dziedzic@tieto.com>
+Date: Wed May 14 13:25:04 2014 +0200
+
+ cfg80211: fix start_radar_detection issue
+
+ After patch:
+ cfg80211/mac80211: refactor cfg80211_chandef_dfs_required()
+
+ start_radar_detection always fail with -EINVAL.
+
+ Acked-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 4f46eb8b28f96aca212a364e0fa847eb5333df67
+Author: Felix Fietkau <nbd@openwrt.org>
+Date: Mon May 5 11:48:40 2014 +0200
+
+ cfg80211: allow restricting supported dfs regions
+
+ At the moment, the ath9k/ath10k DFS module only supports detecting ETSI
+ radar patterns.
+ Add a bitmap in the interface combinations, indicating which DFS regions
+ are supported by the detector. If unset, support for all regions is
+ assumed.
+
+ Signed-off-by: Felix Fietkau <nbd@openwrt.org>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 0277b034768d1800a00829a755fc56b925aa6b95
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Wed Apr 30 14:19:04 2014 +0200
+
+ mac80211: handle failed restart/resume better
+
+ When the driver fails during HW restart or resume, the whole
+ stack goes into a very confused state with interfaces being
+ up while the hardware is down etc.
+
+ Address this by shutting down everything; we'll run into a
+ lot of warnings in the process but that's better than having
+ the whole stack get messed up.
+
+ Reviewed-by: Arik Nemtsov <arik@wizery.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 43fd71bc4b83d24981e90ca178f505cf6a6b16dc
+Author: Luciano Coelho <luciano.coelho@intel.com>
+Date: Wed May 7 20:05:12 2014 +0300
+
+ mac80211: fix sparse warning caused by __ieee80211_channel_switch()
+
+ Commit 59af6928 (mac80211: fix CSA tx queue stopping) introduced a
+ sparse warning:
+
+ net/mac80211/cfg.c:3274:5: warning: symbol '__ieee80211_channel_switch' was not declared. Should it be static?
+
+ Fix it by declaring the function static.
+
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit dd4371e2957db19870bb22ab84e841e1ac6e8997
+Author: Luciano Coelho <luciano.coelho@intel.com>
+Date: Wed May 7 19:07:05 2014 +0300
+
+ cfg80211: fix docbook warning
+
+ When trying to generate documentation, at least xmldocs, we get the
+ following warning:
+
+ Warning(include/net/cfg80211.h:461): No description found for parameter 'nl80211_iftype'
+
+ Fix it by adding the iftype argument name to the
+ cfg80211_chandef_dfs_required() function declaration.
+
+ Reported-and-tested-by: Masanari Iida <standby24x7@gmail.com>
+ Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 56de850ae960f096c784ec07864ca5b71abd16e6
+Author: Michal Kazior <michal.kazior@tieto.com>
+Date: Thu May 8 09:10:02 2014 +0200
+
+ mac80211: disconnect iface if CSA unexpectedly fails
+
+ It doesn't make much sense to leave a crippled
+ interface running.
+
+ As a side effect this will unblock tx queues with
+ CSA reason immediately after failure instead of
+ until after userspace requests interface to stop.
+
+ This also gives userspace an opportunity to
+ indirectly see CSA failure.
+
+ Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
+ [small code cleanup]
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit f5894c4f19e55bb1ea6376031fe9d47d7528be9e
+Author: Loic Poulain <loic.poulain@intel.com>
+Date: Wed May 7 11:38:11 2014 +0200
+
+ rfkill-gpio: Use gpio cansleep version
+
+ If gpio controller requires waiting for read and write
+ GPIO values, then we have to use the gpio cansleep api.
+ Fix the rfkill_gpio_set_power which calls only the
+ nonsleep version (causing kernel warning).
+ There is no problem to use the cansleep version here
+ because we are not in IRQ handler or similar context
+ (cf rfkill_set_block).
+
+ Signed-off-by: Loic Poulain <loic.poulain@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 47fdf5d4f3704d2db9d1c0f647f788edef104fc8
+Author: Michal Kazior <michal.kazior@tieto.com>
+Date: Wed Apr 9 15:45:36 2014 +0200
+
+ mac80211: ignore cqm during csa
+
+ It is not guaranteed that multi-vif channel
+ switching is tightly synchronized. It makes sense
+ to ignore cqm (missing beacons, et al) while csa
+ is progressing and re-check it after it completes.
+
+ Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 1a8ed386e1684b266a15dacf675102ae53361ee5
+Author: Michal Kazior <michal.kazior@tieto.com>
+Date: Wed Apr 9 15:11:01 2014 +0200
+
+ cfg80211: export interface stopping function
+
+ This exports a new cfg80211_stop_iface() function.
+
+ This is intended for driver internal interface
+ combination management and channel switching.
+
+ Due to locking issues (it re-enters driver) the
+ call is asynchronous and uses cfg80211 event
+ list/worker.
+
+ Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 573f31d6d0e572ff8186c45a1ecd9273242233e6
+Author: Michal Kazior <michal.kazior@tieto.com>
+Date: Wed Apr 9 15:11:00 2014 +0200
+
+ mac80211: split CSA finalize function
+
+ Improves readability and modularity.
+
+ Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 2d104d52e7c7640d68f29f2136dbe3938b7bc9ba
+Author: Michal Kazior <michal.kazior@tieto.com>
+Date: Wed Apr 9 15:10:59 2014 +0200
+
+ mac80211: fix CSA tx queue stopping
+
+ It was possible for tx queues to be stuck stopped
+ if AP CSA finalization failed. In that case
+ neither stop_ap nor do_stop woke the queues up.
+ This means it was impossible to perform tx at all
+ until driver was reloaded or a successful CSA was
+ performed later.
+
+ It was possible to solve this in a simpler manner
+ however this is more robust and future proof
+ (having multi-vif CSA in mind).
+
+ New sdata->csa_block_tx is introduced to keep
+ track of which interfaces requested tx to be
+ blocked for CSA. This is required because mac80211
+ stops all tx queues for that purpose. This means
+ queues must be awoken only when last tx-blocking
+ CSA interface is finished.
+
+ It is still possible to have tx queues stopped
+ after CSA failure but as soon as offending
+ interfaces are stopped from userspace (stop_ap or
+ ifdown) tx queues are woken up properly.
+
+ Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 6be615d6d42aa7fdab6c4278031d8fa0953e594f
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Wed Apr 9 21:31:13 2014 +0200
+
+ mac80211: mark local variable __maybe_unused
+
+ The 'local' variable in __ieee80211_vif_copy_chanctx_to_vlans()
+ is only used/needed when lockdep is compiled in, mark it as such
+ to avoid compile warnings in the other case.
+
+ While at it, fix some indentation where it's used.
+
+ Reviewed-by: Luciano Coelho <luciano.coelho@intel.com>
+ Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 43279e584aeb78aa0c853728db047b58156c0753
+Author: Arik Nemtsov <arik@wizery.com>
+Date: Thu May 1 10:17:28 2014 +0300
+
+ mac80211: move TDLS code to another file
+
+ With new additions planned, this code is getting too big for cfg.c.
+
+ Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit bf9c234b83c77f1ebbcbab73de2a9e4a5d4aafc6
+Author: Arik Nemtsov <arik@wizery.com>
+Date: Thu May 1 10:17:27 2014 +0300
+
+ mac80211: set an external flag for TDLS stations
+
+ Expose a new tdls flag for the public ieee80211_sta struct.
+ This can be used in some rate control decisions.
+
+ Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit 910e65141a17f645ab85dae1a497e64ebe63df70
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Tue Apr 29 17:55:26 2014 +0200
+
+ mac80211: remove BUG_ON usage
+
+ These BUG_ON statements should never trigger, but in the unlikely
+ event that somebody does manage don't stop everything but simply
+ exit the code path with an error.
+
+ Leave the one BUG_ON where changing it would result in a NULL
+ pointer dereference.
+
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+commit ff36b582a10285530351aab036087b57ddb4ae2b
+Author: Johannes Berg <johannes.berg@intel.com>
+Date: Tue Apr 29 17:52:36 2014 +0200
+
+ cfg80211: remove BUG_ON usage
+
+ These really can't trigger unless somebody messes up the code,
+ but don't make debugging it needlessly complicated, WARN and
+ return instead of BUG_ON().
+
+ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+--- a/drivers/net/wireless/ath/ath6kl/cfg80211.c
++++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c
+@@ -1759,7 +1759,7 @@ static bool is_rate_ht40(s32 rate, u8 *m
}
---- a/net/mac80211/iface.c
-+++ b/net/mac80211/iface.c
-@@ -274,6 +274,12 @@ static int ieee80211_check_concurrent_if
- if (iftype == NL80211_IFTYPE_ADHOC &&
- nsdata->vif.type == NL80211_IFTYPE_ADHOC)
- return -EBUSY;
-+ /*
-+ * will not add another interface while any channel
-+ * switch is active.
-+ */
-+ if (nsdata->vif.csa_active)
-+ return -EBUSY;
-
- /*
- * The remaining checks are only performed for interfaces
-@@ -463,7 +469,6 @@ int ieee80211_do_open(struct wireless_de
- struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
- struct net_device *dev = wdev->netdev;
- struct ieee80211_local *local = sdata->local;
-- struct sta_info *sta;
- u32 changed = 0;
- int res;
- u32 hw_reconf_flags = 0;
-@@ -629,30 +634,8 @@ int ieee80211_do_open(struct wireless_de
+ static int ath6kl_get_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_info *sinfo)
++ const u8 *mac, struct station_info *sinfo)
+ {
+ struct ath6kl *ar = ath6kl_priv(dev);
+ struct ath6kl_vif *vif = netdev_priv(dev);
+@@ -2974,7 +2974,7 @@ static int ath6kl_stop_ap(struct wiphy *
+ static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+
+ static int ath6kl_del_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac)
++ const u8 *mac)
+ {
+ struct ath6kl *ar = ath6kl_priv(dev);
+ struct ath6kl_vif *vif = netdev_priv(dev);
+@@ -2985,7 +2985,8 @@ static int ath6kl_del_station(struct wip
+ }
- set_bit(SDATA_STATE_RUNNING, &sdata->state);
+ static int ath6kl_change_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_parameters *params)
++ const u8 *mac,
++ struct station_parameters *params)
+ {
+ struct ath6kl *ar = ath6kl_priv(dev);
+ struct ath6kl_vif *vif = netdev_priv(dev);
+--- a/drivers/net/wireless/ath/ath6kl/wmi.c
++++ b/drivers/net/wireless/ath/ath6kl/wmi.c
+@@ -2320,7 +2320,7 @@ int ath6kl_wmi_addkey_cmd(struct wmi *wm
+ return ret;
+ }
-- if (sdata->vif.type == NL80211_IFTYPE_WDS) {
-- /* Create STA entry for the WDS peer */
-- sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
-- GFP_KERNEL);
-- if (!sta) {
-- res = -ENOMEM;
-- goto err_del_interface;
-- }
--
-- sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
-- sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
-- sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
--
-- res = sta_info_insert(sta);
-- if (res) {
-- /* STA has been freed */
-- goto err_del_interface;
-- }
--
-- rate_control_rate_init(sta);
-- netif_carrier_on(dev);
-- } else if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE) {
-+ if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
- rcu_assign_pointer(local->p2p_sdata, sdata);
-- }
+-int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, u8 *krk)
++int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, const u8 *krk)
+ {
+ struct sk_buff *skb;
+ struct wmi_add_krk_cmd *cmd;
+--- a/drivers/net/wireless/ath/ath6kl/wmi.h
++++ b/drivers/net/wireless/ath/ath6kl/wmi.h
+@@ -2616,7 +2616,7 @@ int ath6kl_wmi_addkey_cmd(struct wmi *wm
+ u8 *key_material,
+ u8 key_op_ctrl, u8 *mac_addr,
+ enum wmi_sync_flag sync_flag);
+-int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, u8 *krk);
++int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, const u8 *krk);
+ int ath6kl_wmi_deletekey_cmd(struct wmi *wmi, u8 if_idx, u8 key_index);
+ int ath6kl_wmi_setpmkid_cmd(struct wmi *wmi, u8 if_idx, const u8 *bssid,
+ const u8 *pmkid, bool set);
+--- a/drivers/net/wireless/ath/ath9k/htc.h
++++ b/drivers/net/wireless/ath/ath9k/htc.h
+@@ -378,7 +378,7 @@ void ath9k_htc_get_et_stats(struct ieee8
+ #define TX_QSTAT_INC(c) do { } while (0)
+
+ static inline void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
+- struct ath_htc_rx_status *rxs)
++ struct ath_rx_status *rs);
+ {
+ }
- /*
- * set_multicast_list will be invoked by the networking core
-@@ -809,6 +792,8 @@ static void ieee80211_do_stop(struct iee
- cancel_work_sync(&local->dynamic_ps_enable_work);
+--- a/drivers/net/wireless/ath/wil6210/cfg80211.c
++++ b/drivers/net/wireless/ath/wil6210/cfg80211.c
+@@ -172,7 +172,7 @@ static int wil_cid_fill_sinfo(struct wil
- cancel_work_sync(&sdata->recalc_smps);
-+ sdata->vif.csa_active = false;
-+ cancel_work_sync(&sdata->csa_finalize_work);
+ static int wil_cfg80211_get_station(struct wiphy *wiphy,
+ struct net_device *ndev,
+- u8 *mac, struct station_info *sinfo)
++ const u8 *mac, struct station_info *sinfo)
+ {
+ struct wil6210_priv *wil = wiphy_to_wil(wiphy);
+ int rc;
+@@ -671,7 +671,7 @@ static int wil_cfg80211_stop_ap(struct w
+ }
- cancel_delayed_work_sync(&sdata->dfs_cac_timer_work);
+ static int wil_cfg80211_del_station(struct wiphy *wiphy,
+- struct net_device *dev, u8 *mac)
++ struct net_device *dev, const u8 *mac)
+ {
+ struct wil6210_priv *wil = wiphy_to_wil(wiphy);
-@@ -1116,6 +1101,74 @@ static void ieee80211_if_setup(struct ne
- dev->destructor = free_netdev;
+--- a/drivers/net/wireless/ath/wil6210/main.c
++++ b/drivers/net/wireless/ath/wil6210/main.c
+@@ -81,7 +81,7 @@ static void wil_disconnect_cid(struct wi
+ memset(&sta->stats, 0, sizeof(sta->stats));
}
-+static void ieee80211_wds_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
-+ struct sk_buff *skb)
-+{
-+ struct ieee80211_local *local = sdata->local;
-+ struct ieee80211_rx_status *rx_status;
-+ struct ieee802_11_elems elems;
-+ struct ieee80211_mgmt *mgmt;
-+ struct sta_info *sta;
-+ size_t baselen;
-+ u32 rates = 0;
-+ u16 stype;
-+ bool new = false;
-+ enum ieee80211_band band;
-+ struct ieee80211_supported_band *sband;
-+
-+ rx_status = IEEE80211_SKB_RXCB(skb);
-+ band = rx_status->band;
-+ sband = local->hw.wiphy->bands[band];
-+ mgmt = (struct ieee80211_mgmt *) skb->data;
-+ stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
-+
-+ if (stype != IEEE80211_STYPE_BEACON)
-+ return;
-+
-+ baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
-+ if (baselen > skb->len)
-+ return;
-+
-+ ieee802_11_parse_elems(mgmt->u.probe_resp.variable,
-+ skb->len - baselen, false, &elems);
-+
-+ rates = ieee80211_sta_get_rates(local, &elems, band, NULL);
-+
-+ rcu_read_lock();
-+
-+ sta = sta_info_get(sdata, sdata->u.wds.remote_addr);
-+
-+ if (!sta) {
-+ rcu_read_unlock();
-+ sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
-+ GFP_KERNEL);
-+ if (!sta)
-+ return;
-+
-+ new = true;
-+ }
-+
-+ sta->last_rx = jiffies;
-+ sta->sta.supp_rates[band] = rates;
-+
-+ if (elems.ht_cap_elem)
-+ ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband,
-+ elems.ht_cap_elem, sta);
-+
-+ if (elems.wmm_param)
-+ set_sta_flag(sta, WLAN_STA_WME);
-+
-+ if (new) {
-+ sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
-+ sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
-+ sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
-+ rate_control_rate_init(sta);
-+ sta_info_insert_rcu(sta);
-+ }
-+
-+ rcu_read_unlock();
-+}
-+
- static void ieee80211_iface_work(struct work_struct *work)
+-static void _wil6210_disconnect(struct wil6210_priv *wil, void *bssid)
++static void _wil6210_disconnect(struct wil6210_priv *wil, const u8 *bssid)
{
- struct ieee80211_sub_if_data *sdata =
-@@ -1220,6 +1273,9 @@ static void ieee80211_iface_work(struct
- break;
- ieee80211_mesh_rx_queued_mgmt(sdata, skb);
- break;
-+ case NL80211_IFTYPE_WDS:
-+ ieee80211_wds_rx_queued_mgmt(sdata, skb);
-+ break;
- default:
- WARN(1, "frame for unexpected interface type");
- break;
-@@ -1282,6 +1338,7 @@ static void ieee80211_setup_sdata(struct
- skb_queue_head_init(&sdata->skb_queue);
- INIT_WORK(&sdata->work, ieee80211_iface_work);
- INIT_WORK(&sdata->recalc_smps, ieee80211_recalc_smps_work);
-+ INIT_WORK(&sdata->csa_finalize_work, ieee80211_csa_finalize_work);
-
- switch (type) {
- case NL80211_IFTYPE_P2P_GO:
---- a/net/mac80211/rc80211_minstrel_ht.c
-+++ b/net/mac80211/rc80211_minstrel_ht.c
-@@ -365,6 +365,14 @@ minstrel_ht_update_stats(struct minstrel
- }
- }
+ int cid = -ENOENT;
+ struct net_device *ndev = wil_to_ndev(wil);
+@@ -252,7 +252,7 @@ int wil_priv_init(struct wil6210_priv *w
+ return 0;
+ }
-+#ifdef CPTCFG_MAC80211_DEBUGFS
-+ /* use fixed index if set */
-+ if (mp->fixed_rate_idx != -1) {
-+ mi->max_tp_rate = mp->fixed_rate_idx;
-+ mi->max_tp_rate2 = mp->fixed_rate_idx;
-+ mi->max_prob_rate = mp->fixed_rate_idx;
-+ }
-+#endif
+-void wil6210_disconnect(struct wil6210_priv *wil, void *bssid)
++void wil6210_disconnect(struct wil6210_priv *wil, const u8 *bssid)
+ {
+ del_timer_sync(&wil->connect_timer);
+ _wil6210_disconnect(wil, bssid);
+--- a/drivers/net/wireless/ath/wil6210/wil6210.h
++++ b/drivers/net/wireless/ath/wil6210/wil6210.h
+@@ -508,7 +508,7 @@ void wil_wdev_free(struct wil6210_priv *
+ int wmi_set_mac_address(struct wil6210_priv *wil, void *addr);
+ int wmi_pcp_start(struct wil6210_priv *wil, int bi, u8 wmi_nettype, u8 chan);
+ int wmi_pcp_stop(struct wil6210_priv *wil);
+-void wil6210_disconnect(struct wil6210_priv *wil, void *bssid);
++void wil6210_disconnect(struct wil6210_priv *wil, const u8 *bssid);
+
+ int wil_rx_init(struct wil6210_priv *wil);
+ void wil_rx_fini(struct wil6210_priv *wil);
+--- a/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
++++ b/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
+@@ -2236,7 +2236,7 @@ brcmf_cfg80211_config_default_mgmt_key(s
+
+ static s32
+ brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
+- u8 *mac, struct station_info *sinfo)
++ const u8 *mac, struct station_info *sinfo)
+ {
+ struct brcmf_if *ifp = netdev_priv(ndev);
+ struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
+@@ -4014,7 +4014,7 @@ brcmf_cfg80211_change_beacon(struct wiph
- mi->stats_update = jiffies;
+ static int
+ brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
+- u8 *mac)
++ const u8 *mac)
+ {
+ struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
+ struct brcmf_scb_val_le scbval;
+@@ -4242,7 +4242,7 @@ static int brcmf_convert_nl80211_tdls_op
}
-@@ -774,6 +782,11 @@ minstrel_ht_get_rate(void *priv, struct
- info->flags |= mi->tx_flags;
- minstrel_ht_check_cck_shortpreamble(mp, mi, txrc->short_preamble);
-+#ifdef CPTCFG_MAC80211_DEBUGFS
-+ if (mp->fixed_rate_idx != -1)
-+ return;
-+#endif
-+
- /* Don't use EAPOL frames for sampling on non-mrr hw */
- if (mp->hw->max_rates == 1 &&
- txrc->skb->protocol == cpu_to_be16(ETH_P_PAE))
-@@ -781,16 +794,6 @@ minstrel_ht_get_rate(void *priv, struct
- else
- sample_idx = minstrel_get_sample_rate(mp, mi);
-
--#ifdef CPTCFG_MAC80211_DEBUGFS
-- /* use fixed index if set */
-- if (mp->fixed_rate_idx != -1) {
-- mi->max_tp_rate = mp->fixed_rate_idx;
-- mi->max_tp_rate2 = mp->fixed_rate_idx;
-- mi->max_prob_rate = mp->fixed_rate_idx;
-- sample_idx = -1;
-- }
--#endif
--
- mi->total_packets++;
+ static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
+- struct net_device *ndev, u8 *peer,
++ struct net_device *ndev, const u8 *peer,
+ enum nl80211_tdls_operation oper)
+ {
+ struct brcmf_if *ifp;
+--- a/drivers/net/wireless/libertas/cfg.c
++++ b/drivers/net/wireless/libertas/cfg.c
+@@ -1006,9 +1006,8 @@ struct cmd_key_material {
+ } __packed;
+
+ static int lbs_set_key_material(struct lbs_private *priv,
+- int key_type,
+- int key_info,
+- u8 *key, u16 key_len)
++ int key_type, int key_info,
++ const u8 *key, u16 key_len)
+ {
+ struct cmd_key_material cmd;
+ int ret;
+@@ -1610,7 +1609,7 @@ static int lbs_cfg_del_key(struct wiphy
+ */
- /* wraparound */
-@@ -804,10 +807,18 @@ minstrel_ht_get_rate(void *priv, struct
+ static int lbs_cfg_get_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_info *sinfo)
++ const u8 *mac, struct station_info *sinfo)
+ {
+ struct lbs_private *priv = wiphy_priv(wiphy);
+ s8 signal, noise;
+--- a/drivers/net/wireless/libertas/defs.h
++++ b/drivers/net/wireless/libertas/defs.h
+@@ -90,7 +90,8 @@ do { if ((lbs_debug & (grp)) == (grp)) \
+ #define lbs_deb_cfg80211(fmt, args...) LBS_DEB_LL(LBS_DEB_CFG80211, " cfg80211", fmt, ##args)
+
+ #ifdef DEBUG
+-static inline void lbs_deb_hex(unsigned int grp, const char *prompt, u8 *buf, int len)
++static inline void lbs_deb_hex(unsigned int grp, const char *prompt,
++ const u8 *buf, int len)
+ {
+ int i = 0;
- sample_group = &minstrel_mcs_groups[sample_idx / MCS_GROUP_RATES];
- info->flags |= IEEE80211_TX_CTL_RATE_CTRL_PROBE;
-+ rate->count = 1;
-+
-+ if (sample_idx / MCS_GROUP_RATES == MINSTREL_CCK_GROUP) {
-+ int idx = sample_idx % ARRAY_SIZE(mp->cck_rates);
-+ rate->idx = mp->cck_rates[idx];
-+ rate->flags = 0;
-+ return;
-+ }
-+
- rate->idx = sample_idx % MCS_GROUP_RATES +
- (sample_group->streams - 1) * MCS_GROUP_RATES;
- rate->flags = IEEE80211_TX_RC_MCS | sample_group->flags;
-- rate->count = 1;
+--- a/drivers/net/wireless/mwifiex/11n.h
++++ b/drivers/net/wireless/mwifiex/11n.h
+@@ -200,7 +200,7 @@ static inline int mwifiex_is_sta_11n_ena
}
- static void
-@@ -820,6 +831,9 @@ minstrel_ht_update_cck(struct minstrel_p
- if (sband->band != IEEE80211_BAND_2GHZ)
- return;
-
-+ if (!(mp->hw->flags & IEEE80211_HW_SUPPORTS_HT_CCK_RATES))
-+ return;
-+
- mi->cck_supported = 0;
- mi->cck_supported_short = 0;
- for (i = 0; i < 4; i++) {
---- a/net/mac80211/rx.c
-+++ b/net/mac80211/rx.c
-@@ -936,8 +936,14 @@ ieee80211_rx_h_check(struct ieee80211_rx
- struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
- struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
-
-- /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
-- if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
-+ /*
-+ * Drop duplicate 802.11 retransmissions
-+ * (IEEE 802.11-2012: 9.3.2.10 "Duplicate detection and recovery")
-+ */
-+ if (rx->skb->len >= 24 && rx->sta &&
-+ !ieee80211_is_ctl(hdr->frame_control) &&
-+ !ieee80211_is_qos_nullfunc(hdr->frame_control) &&
-+ !is_multicast_ether_addr(hdr->addr1)) {
- if (unlikely(ieee80211_has_retry(hdr->frame_control) &&
- rx->sta->last_seq_ctrl[rx->seqno_idx] ==
- hdr->seq_ctrl)) {
-@@ -2369,6 +2375,7 @@ ieee80211_rx_h_action(struct ieee80211_r
- sdata->vif.type != NL80211_IFTYPE_MESH_POINT &&
- sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
- sdata->vif.type != NL80211_IFTYPE_AP &&
-+ sdata->vif.type != NL80211_IFTYPE_WDS &&
- sdata->vif.type != NL80211_IFTYPE_ADHOC)
- break;
+ static inline u8
+-mwifiex_tdls_peer_11n_enabled(struct mwifiex_private *priv, u8 *ra)
++mwifiex_tdls_peer_11n_enabled(struct mwifiex_private *priv, const u8 *ra)
+ {
+ struct mwifiex_sta_node *node = mwifiex_get_sta_entry(priv, ra);
+ if (node)
+--- a/drivers/net/wireless/mwifiex/cfg80211.c
++++ b/drivers/net/wireless/mwifiex/cfg80211.c
+@@ -994,7 +994,7 @@ mwifiex_dump_station_info(struct mwifiex
+ */
+ static int
+ mwifiex_cfg80211_get_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_info *sinfo)
++ const u8 *mac, struct station_info *sinfo)
+ {
+ struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
-@@ -2720,14 +2727,15 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_
-
- if (!ieee80211_vif_is_mesh(&sdata->vif) &&
- sdata->vif.type != NL80211_IFTYPE_ADHOC &&
-- sdata->vif.type != NL80211_IFTYPE_STATION)
-+ sdata->vif.type != NL80211_IFTYPE_STATION &&
-+ sdata->vif.type != NL80211_IFTYPE_WDS)
- return RX_DROP_MONITOR;
-
- switch (stype) {
- case cpu_to_le16(IEEE80211_STYPE_AUTH):
- case cpu_to_le16(IEEE80211_STYPE_BEACON):
- case cpu_to_le16(IEEE80211_STYPE_PROBE_RESP):
-- /* process for all: mesh, mlme, ibss */
-+ /* process for all: mesh, mlme, ibss, wds */
- break;
- case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP):
- case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP):
-@@ -3008,6 +3016,9 @@ static int prepare_for_handlers(struct i
- case NL80211_IFTYPE_ADHOC:
- if (!bssid)
- return 0;
-+ if (ether_addr_equal(sdata->vif.addr, hdr->addr2) ||
-+ ether_addr_equal(sdata->u.ibss.bssid, hdr->addr2))
-+ return 0;
- if (ieee80211_is_beacon(hdr->frame_control)) {
- return 1;
- } else if (!ieee80211_bssid_match(bssid, sdata->u.ibss.bssid)) {
-@@ -3059,10 +3070,16 @@ static int prepare_for_handlers(struct i
- }
- break;
- case NL80211_IFTYPE_WDS:
-- if (bssid || !ieee80211_is_data(hdr->frame_control))
-- return 0;
- if (!ether_addr_equal(sdata->u.wds.remote_addr, hdr->addr2))
- return 0;
-+
-+ if (ieee80211_is_data(hdr->frame_control) ||
-+ ieee80211_is_action(hdr->frame_control)) {
-+ if (compare_ether_addr(sdata->vif.addr, hdr->addr1))
-+ return 0;
-+ } else if (!ieee80211_is_beacon(hdr->frame_control))
-+ return 0;
-+
- break;
- case NL80211_IFTYPE_P2P_DEVICE:
- if (!ieee80211_is_public_action(hdr, skb->len) &&
---- a/net/mac80211/sta_info.h
-+++ b/net/mac80211/sta_info.h
-@@ -32,7 +32,6 @@
- * @WLAN_STA_SHORT_PREAMBLE: Station is capable of receiving short-preamble
- * frames.
- * @WLAN_STA_WME: Station is a QoS-STA.
-- * @WLAN_STA_WDS: Station is one of our WDS peers.
- * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
- * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next
- * frame to this station is transmitted.
-@@ -66,7 +65,6 @@ enum ieee80211_sta_info_flags {
- WLAN_STA_AUTHORIZED,
- WLAN_STA_SHORT_PREAMBLE,
- WLAN_STA_WME,
-- WLAN_STA_WDS,
- WLAN_STA_CLEAR_PS_FILT,
- WLAN_STA_MFP,
- WLAN_STA_BLOCK_BA,
---- a/drivers/net/wireless/ath/ath9k/xmit.c
-+++ b/drivers/net/wireless/ath/ath9k/xmit.c
-@@ -135,6 +135,9 @@ static struct ath_frame_info *get_frame_
-
- static void ath_send_bar(struct ath_atx_tid *tid, u16 seqno)
+@@ -1270,7 +1270,7 @@ static int mwifiex_cfg80211_change_beaco
+ */
+ static int
+ mwifiex_cfg80211_del_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac)
++ const u8 *mac)
{
-+ if (!tid->an->sta)
-+ return;
-+
- ieee80211_send_bar(tid->an->vif, tid->an->sta->addr, tid->tidno,
- seqno << IEEE80211_SEQ_SEQ_SHIFT);
- }
-@@ -146,6 +149,93 @@ static void ath_set_rates(struct ieee802
- ARRAY_SIZE(bf->rates));
- }
+ struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
+ struct mwifiex_sta_node *sta_node;
+@@ -2629,7 +2629,7 @@ static int mwifiex_cfg80211_set_coalesce
+ */
+ static int
+ mwifiex_cfg80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, u8 action_code, u8 dialog_token,
++ const u8 *peer, u8 action_code, u8 dialog_token,
+ u16 status_code, u32 peer_capability,
+ const u8 *extra_ies, size_t extra_ies_len)
+ {
+@@ -2701,7 +2701,7 @@ mwifiex_cfg80211_tdls_mgmt(struct wiphy
-+static void ath_txq_skb_done(struct ath_softc *sc, struct ath_txq *txq,
-+ struct sk_buff *skb)
-+{
-+ int q;
-+
-+ q = skb_get_queue_mapping(skb);
-+ if (txq == sc->tx.uapsdq)
-+ txq = sc->tx.txq_map[q];
-+
-+ if (txq != sc->tx.txq_map[q])
-+ return;
-+
-+ if (WARN_ON(--txq->pending_frames < 0))
-+ txq->pending_frames = 0;
-+
-+ if (txq->stopped &&
-+ txq->pending_frames < sc->tx.txq_max_pending[q]) {
-+ ieee80211_wake_queue(sc->hw, q);
-+ txq->stopped = false;
-+ }
-+}
-+
-+static struct ath_atx_tid *
-+ath_get_skb_tid(struct ath_softc *sc, struct ath_node *an, struct sk_buff *skb)
-+{
-+ struct ieee80211_hdr *hdr;
-+ u8 tidno = 0;
-+
-+ hdr = (struct ieee80211_hdr *) skb->data;
-+ if (ieee80211_is_data_qos(hdr->frame_control))
-+ tidno = ieee80211_get_qos_ctl(hdr)[0];
-+
-+ tidno &= IEEE80211_QOS_CTL_TID_MASK;
-+ return ATH_AN_2_TID(an, tidno);
-+}
-+
-+static bool ath_tid_has_buffered(struct ath_atx_tid *tid)
-+{
-+ return !skb_queue_empty(&tid->buf_q) || !skb_queue_empty(&tid->retry_q);
-+}
-+
-+static struct sk_buff *ath_tid_dequeue(struct ath_atx_tid *tid)
-+{
-+ struct sk_buff *skb;
-+
-+ skb = __skb_dequeue(&tid->retry_q);
-+ if (!skb)
-+ skb = __skb_dequeue(&tid->buf_q);
-+
-+ return skb;
-+}
-+
-+/*
-+ * ath_tx_tid_change_state:
-+ * - clears a-mpdu flag of previous session
-+ * - force sequence number allocation to fix next BlockAck Window
-+ */
-+static void
-+ath_tx_tid_change_state(struct ath_softc *sc, struct ath_atx_tid *tid)
-+{
-+ struct ath_txq *txq = tid->ac->txq;
-+ struct ieee80211_tx_info *tx_info;
-+ struct sk_buff *skb, *tskb;
-+ struct ath_buf *bf;
-+ struct ath_frame_info *fi;
-+
-+ skb_queue_walk_safe(&tid->buf_q, skb, tskb) {
-+ fi = get_frame_info(skb);
-+ bf = fi->bf;
-+
-+ tx_info = IEEE80211_SKB_CB(skb);
-+ tx_info->flags &= ~IEEE80211_TX_CTL_AMPDU;
-+
-+ if (bf)
-+ continue;
-+
-+ bf = ath_tx_setup_buffer(sc, txq, tid, skb);
-+ if (!bf) {
-+ __skb_unlink(skb, &tid->buf_q);
-+ ath_txq_skb_done(sc, txq, skb);
-+ ieee80211_free_txskb(sc->hw, skb);
-+ continue;
-+ }
-+ }
-+
-+}
-+
- static void ath_tx_flush_tid(struct ath_softc *sc, struct ath_atx_tid *tid)
+ static int
+ mwifiex_cfg80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, enum nl80211_tdls_operation action)
++ const u8 *peer, enum nl80211_tdls_operation action)
{
- struct ath_txq *txq = tid->ac->txq;
-@@ -160,27 +250,22 @@ static void ath_tx_flush_tid(struct ath_
+ struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
- memset(&ts, 0, sizeof(ts));
+@@ -2748,9 +2748,8 @@ mwifiex_cfg80211_tdls_oper(struct wiphy
+ }
-- while ((skb = __skb_dequeue(&tid->buf_q))) {
-+ while ((skb = __skb_dequeue(&tid->retry_q))) {
- fi = get_frame_info(skb);
- bf = fi->bf;
--
- if (!bf) {
-- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
-- if (!bf) {
-- ieee80211_free_txskb(sc->hw, skb);
-- continue;
-- }
-+ ath_txq_skb_done(sc, txq, skb);
-+ ieee80211_free_txskb(sc->hw, skb);
-+ continue;
- }
+ static int
+-mwifiex_cfg80211_add_station(struct wiphy *wiphy,
+- struct net_device *dev,
+- u8 *mac, struct station_parameters *params)
++mwifiex_cfg80211_add_station(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *mac, struct station_parameters *params)
+ {
+ struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
-- if (fi->retries) {
-- list_add_tail(&bf->list, &bf_head);
-+ if (fi->baw_tracked) {
- ath_tx_update_baw(sc, tid, bf->bf_state.seqno);
-- ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
- sendbar = true;
-- } else {
-- ath_set_rates(tid->an->vif, tid->an->sta, bf);
-- ath_tx_send_normal(sc, txq, NULL, skb);
- }
-+
-+ list_add_tail(&bf->list, &bf_head);
-+ ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
- }
+@@ -2765,9 +2764,9 @@ mwifiex_cfg80211_add_station(struct wiph
+ }
- if (sendbar) {
-@@ -209,13 +294,16 @@ static void ath_tx_update_baw(struct ath
+ static int
+-mwifiex_cfg80211_change_station(struct wiphy *wiphy,
+- struct net_device *dev,
+- u8 *mac, struct station_parameters *params)
++mwifiex_cfg80211_change_station(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *mac,
++ struct station_parameters *params)
+ {
+ int ret;
+ struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
+--- a/drivers/net/wireless/mwifiex/main.h
++++ b/drivers/net/wireless/mwifiex/main.h
+@@ -910,8 +910,6 @@ int mwifiex_handle_uap_rx_forward(struct
+ struct sk_buff *skb);
+ int mwifiex_process_sta_event(struct mwifiex_private *);
+ int mwifiex_process_uap_event(struct mwifiex_private *);
+-struct mwifiex_sta_node *
+-mwifiex_get_sta_entry(struct mwifiex_private *priv, u8 *mac);
+ void mwifiex_delete_all_station_list(struct mwifiex_private *priv);
+ void *mwifiex_process_sta_txpd(struct mwifiex_private *, struct sk_buff *skb);
+ void *mwifiex_process_uap_txpd(struct mwifiex_private *, struct sk_buff *skb);
+@@ -1220,26 +1218,26 @@ void mwifiex_dnld_txpwr_table(struct mwi
+ extern const struct ethtool_ops mwifiex_ethtool_ops;
+
+ void mwifiex_del_all_sta_list(struct mwifiex_private *priv);
+-void mwifiex_del_sta_entry(struct mwifiex_private *priv, u8 *mac);
++void mwifiex_del_sta_entry(struct mwifiex_private *priv, const u8 *mac);
+ void
+ mwifiex_set_sta_ht_cap(struct mwifiex_private *priv, const u8 *ies,
+ int ies_len, struct mwifiex_sta_node *node);
+ struct mwifiex_sta_node *
+-mwifiex_add_sta_entry(struct mwifiex_private *priv, u8 *mac);
++mwifiex_add_sta_entry(struct mwifiex_private *priv, const u8 *mac);
+ struct mwifiex_sta_node *
+-mwifiex_get_sta_entry(struct mwifiex_private *priv, u8 *mac);
+-int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv, u8 *peer,
++mwifiex_get_sta_entry(struct mwifiex_private *priv, const u8 *mac);
++int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv, const u8 *peer,
+ u8 action_code, u8 dialog_token,
+ u16 status_code, const u8 *extra_ies,
+ size_t extra_ies_len);
+-int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv,
+- u8 *peer, u8 action_code, u8 dialog_token,
+- u16 status_code, const u8 *extra_ies,
+- size_t extra_ies_len);
++int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv, const u8 *peer,
++ u8 action_code, u8 dialog_token,
++ u16 status_code, const u8 *extra_ies,
++ size_t extra_ies_len);
+ void mwifiex_process_tdls_action_frame(struct mwifiex_private *priv,
+ u8 *buf, int len);
+-int mwifiex_tdls_oper(struct mwifiex_private *priv, u8 *peer, u8 action);
+-int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, u8 *mac);
++int mwifiex_tdls_oper(struct mwifiex_private *priv, const u8 *peer, u8 action);
++int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, const u8 *mac);
+ void mwifiex_disable_all_tdls_links(struct mwifiex_private *priv);
+ bool mwifiex_is_bss_in_11ac_mode(struct mwifiex_private *priv);
+ u8 mwifiex_get_center_freq_index(struct mwifiex_private *priv, u8 band,
+--- a/drivers/net/wireless/mwifiex/tdls.c
++++ b/drivers/net/wireless/mwifiex/tdls.c
+@@ -25,8 +25,8 @@
+ #define TDLS_RESP_FIX_LEN 8
+ #define TDLS_CONFIRM_FIX_LEN 6
+
+-static void
+-mwifiex_restore_tdls_packets(struct mwifiex_private *priv, u8 *mac, u8 status)
++static void mwifiex_restore_tdls_packets(struct mwifiex_private *priv,
++ const u8 *mac, u8 status)
+ {
+ struct mwifiex_ra_list_tbl *ra_list;
+ struct list_head *tid_list;
+@@ -84,7 +84,8 @@ mwifiex_restore_tdls_packets(struct mwif
+ return;
}
- static void ath_tx_addto_baw(struct ath_softc *sc, struct ath_atx_tid *tid,
-- u16 seqno)
-+ struct ath_buf *bf)
+-static void mwifiex_hold_tdls_packets(struct mwifiex_private *priv, u8 *mac)
++static void mwifiex_hold_tdls_packets(struct mwifiex_private *priv,
++ const u8 *mac)
{
-+ struct ath_frame_info *fi = get_frame_info(bf->bf_mpdu);
-+ u16 seqno = bf->bf_state.seqno;
- int index, cindex;
-
- index = ATH_BA_INDEX(tid->seq_start, seqno);
- cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
- __set_bit(cindex, tid->tx_buf);
-+ fi->baw_tracked = 1;
-
- if (index >= ((tid->baw_tail - tid->baw_head) &
- (ATH_TID_MAX_BUFS - 1))) {
-@@ -224,12 +312,6 @@ static void ath_tx_addto_baw(struct ath_
- }
+ struct mwifiex_ra_list_tbl *ra_list;
+ struct list_head *ra_list_head;
+@@ -228,7 +229,7 @@ mwifiex_tdls_add_ht_oper(struct mwifiex_
}
--/*
-- * TODO: For frame(s) that are in the retry state, we will reuse the
-- * sequence number(s) without setting the retry bit. The
-- * alternative is to give up on these and BAR the receiver's window
-- * forward.
-- */
- static void ath_tid_drain(struct ath_softc *sc, struct ath_txq *txq,
- struct ath_atx_tid *tid)
-
-@@ -243,7 +325,7 @@ static void ath_tid_drain(struct ath_sof
- memset(&ts, 0, sizeof(ts));
- INIT_LIST_HEAD(&bf_head);
-
-- while ((skb = __skb_dequeue(&tid->buf_q))) {
-+ while ((skb = ath_tid_dequeue(tid))) {
- fi = get_frame_info(skb);
- bf = fi->bf;
-
-@@ -253,14 +335,8 @@ static void ath_tid_drain(struct ath_sof
- }
+ static int mwifiex_tdls_add_vht_oper(struct mwifiex_private *priv,
+- u8 *mac, struct sk_buff *skb)
++ const u8 *mac, struct sk_buff *skb)
+ {
+ struct mwifiex_bssdescriptor *bss_desc;
+ struct ieee80211_vht_operation *vht_oper;
+@@ -367,8 +368,9 @@ static void mwifiex_tdls_add_qos_capab(s
+ }
- list_add_tail(&bf->list, &bf_head);
--
-- ath_tx_update_baw(sc, tid, bf->bf_state.seqno);
- ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
- }
--
-- tid->seq_next = tid->seq_start;
-- tid->baw_tail = tid->baw_head;
-- tid->bar_index = -1;
+ static int mwifiex_prep_tdls_encap_data(struct mwifiex_private *priv,
+- u8 *peer, u8 action_code, u8 dialog_token,
+- u16 status_code, struct sk_buff *skb)
++ const u8 *peer, u8 action_code,
++ u8 dialog_token,
++ u16 status_code, struct sk_buff *skb)
+ {
+ struct ieee80211_tdls_data *tf;
+ int ret;
+@@ -506,7 +508,8 @@ static int mwifiex_prep_tdls_encap_data(
}
- static void ath_tx_set_retry(struct ath_softc *sc, struct ath_txq *txq,
-@@ -323,6 +399,7 @@ static struct ath_buf* ath_clone_txbuf(s
- tbf->bf_buf_addr = bf->bf_buf_addr;
- memcpy(tbf->bf_desc, bf->bf_desc, sc->sc_ah->caps.tx_desc_len);
- tbf->bf_state = bf->bf_state;
-+ tbf->bf_state.stale = false;
+ static void
+-mwifiex_tdls_add_link_ie(struct sk_buff *skb, u8 *src_addr, u8 *peer, u8 *bssid)
++mwifiex_tdls_add_link_ie(struct sk_buff *skb, const u8 *src_addr,
++ const u8 *peer, const u8 *bssid)
+ {
+ struct ieee80211_tdls_lnkie *lnkid;
- return tbf;
+@@ -520,8 +523,8 @@ mwifiex_tdls_add_link_ie(struct sk_buff
+ memcpy(lnkid->resp_sta, peer, ETH_ALEN);
}
-@@ -380,7 +457,6 @@ static void ath_tx_complete_aggr(struct
- struct ieee80211_tx_rate rates[4];
- struct ath_frame_info *fi;
- int nframes;
-- u8 tidno;
- bool flush = !!(ts->ts_status & ATH9K_TX_FLUSH);
- int i, retries;
- int bar_index = -1;
-@@ -406,7 +482,7 @@ static void ath_tx_complete_aggr(struct
- while (bf) {
- bf_next = bf->bf_next;
-
-- if (!bf->bf_stale || bf_next != NULL)
-+ if (!bf->bf_state.stale || bf_next != NULL)
- list_move_tail(&bf->list, &bf_head);
-
- ath_tx_complete_buf(sc, bf, txq, &bf_head, ts, 0);
-@@ -417,8 +493,7 @@ static void ath_tx_complete_aggr(struct
- }
- an = (struct ath_node *)sta->drv_priv;
-- tidno = ieee80211_get_qos_ctl(hdr)[0] & IEEE80211_QOS_CTL_TID_MASK;
-- tid = ATH_AN_2_TID(an, tidno);
-+ tid = ath_get_skb_tid(sc, an, skb);
- seq_first = tid->seq_start;
- isba = ts->ts_flags & ATH9K_TX_BA;
-
-@@ -430,7 +505,7 @@ static void ath_tx_complete_aggr(struct
- * Only BlockAcks have a TID and therefore normal Acks cannot be
- * checked
- */
-- if (isba && tidno != ts->tid)
-+ if (isba && tid->tidno != ts->tid)
- txok = false;
-
- isaggr = bf_isaggr(bf);
-@@ -466,7 +541,8 @@ static void ath_tx_complete_aggr(struct
- tx_info = IEEE80211_SKB_CB(skb);
- fi = get_frame_info(skb);
-
-- if (!BAW_WITHIN(tid->seq_start, tid->baw_size, seqno)) {
-+ if (!BAW_WITHIN(tid->seq_start, tid->baw_size, seqno) ||
-+ !tid->active) {
- /*
- * Outside of the current BlockAck window,
- * maybe part of a previous session
-@@ -499,7 +575,7 @@ static void ath_tx_complete_aggr(struct
- * not a holding desc.
- */
- INIT_LIST_HEAD(&bf_head);
-- if (bf_next != NULL || !bf_last->bf_stale)
-+ if (bf_next != NULL || !bf_last->bf_state.stale)
- list_move_tail(&bf->list, &bf_head);
-
- if (!txpending) {
-@@ -523,7 +599,7 @@ static void ath_tx_complete_aggr(struct
- ieee80211_sta_eosp(sta);
- }
- /* retry the un-acked ones */
-- if (bf->bf_next == NULL && bf_last->bf_stale) {
-+ if (bf->bf_next == NULL && bf_last->bf_state.stale) {
- struct ath_buf *tbf;
-
- tbf = ath_clone_txbuf(sc, bf_last);
-@@ -560,7 +636,7 @@ static void ath_tx_complete_aggr(struct
- if (an->sleeping)
- ieee80211_sta_set_buffered(sta, tid->tidno, true);
-
-- skb_queue_splice(&bf_pending, &tid->buf_q);
-+ skb_queue_splice_tail(&bf_pending, &tid->retry_q);
- if (!an->sleeping) {
- ath_tx_queue_tid(txq, tid);
-
-@@ -618,7 +694,7 @@ static void ath_tx_process_buffer(struct
- } else
- ath_tx_complete_aggr(sc, txq, bf, bf_head, ts, txok);
-
-- if ((sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT) && !flush)
-+ if (!flush)
- ath_txq_schedule(sc, txq);
+-int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv,
+- u8 *peer, u8 action_code, u8 dialog_token,
++int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv, const u8 *peer,
++ u8 action_code, u8 dialog_token,
+ u16 status_code, const u8 *extra_ies,
+ size_t extra_ies_len)
+ {
+@@ -613,7 +616,8 @@ int mwifiex_send_tdls_data_frame(struct
}
-@@ -792,15 +868,20 @@ static int ath_compute_num_delims(struct
+ static int
+-mwifiex_construct_tdls_action_frame(struct mwifiex_private *priv, u8 *peer,
++mwifiex_construct_tdls_action_frame(struct mwifiex_private *priv,
++ const u8 *peer,
+ u8 action_code, u8 dialog_token,
+ u16 status_code, struct sk_buff *skb)
+ {
+@@ -691,10 +695,10 @@ mwifiex_construct_tdls_action_frame(stru
+ return 0;
+ }
- static struct ath_buf *
- ath_tx_get_tid_subframe(struct ath_softc *sc, struct ath_txq *txq,
-- struct ath_atx_tid *tid)
-+ struct ath_atx_tid *tid, struct sk_buff_head **q)
+-int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv,
+- u8 *peer, u8 action_code, u8 dialog_token,
+- u16 status_code, const u8 *extra_ies,
+- size_t extra_ies_len)
++int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv, const u8 *peer,
++ u8 action_code, u8 dialog_token,
++ u16 status_code, const u8 *extra_ies,
++ size_t extra_ies_len)
{
-+ struct ieee80211_tx_info *tx_info;
- struct ath_frame_info *fi;
struct sk_buff *skb;
- struct ath_buf *bf;
- u16 seqno;
-
- while (1) {
-- skb = skb_peek(&tid->buf_q);
-+ *q = &tid->retry_q;
-+ if (skb_queue_empty(*q))
-+ *q = &tid->buf_q;
-+
-+ skb = skb_peek(*q);
- if (!skb)
- break;
-
-@@ -808,13 +889,26 @@ ath_tx_get_tid_subframe(struct ath_softc
- bf = fi->bf;
- if (!fi->bf)
- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
-+ else
-+ bf->bf_state.stale = false;
-
- if (!bf) {
-- __skb_unlink(skb, &tid->buf_q);
-+ __skb_unlink(skb, *q);
-+ ath_txq_skb_done(sc, txq, skb);
- ieee80211_free_txskb(sc->hw, skb);
- continue;
- }
-
-+ bf->bf_next = NULL;
-+ bf->bf_lastbf = bf;
-+
-+ tx_info = IEEE80211_SKB_CB(skb);
-+ tx_info->flags &= ~IEEE80211_TX_CTL_CLEAR_PS_FILT;
-+ if (!(tx_info->flags & IEEE80211_TX_CTL_AMPDU)) {
-+ bf->bf_state.bf_type = 0;
-+ return bf;
-+ }
-+
- bf->bf_state.bf_type = BUF_AMPDU | BUF_AGGR;
- seqno = bf->bf_state.seqno;
-
-@@ -828,73 +922,52 @@ ath_tx_get_tid_subframe(struct ath_softc
-
- INIT_LIST_HEAD(&bf_head);
- list_add(&bf->list, &bf_head);
-- __skb_unlink(skb, &tid->buf_q);
-+ __skb_unlink(skb, *q);
- ath_tx_update_baw(sc, tid, seqno);
- ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
- continue;
- }
-
-- bf->bf_next = NULL;
-- bf->bf_lastbf = bf;
- return bf;
- }
+ struct mwifiex_txinfo *tx_info;
+@@ -901,7 +905,7 @@ void mwifiex_process_tdls_action_frame(s
+ }
- return NULL;
+ static int
+-mwifiex_tdls_process_config_link(struct mwifiex_private *priv, u8 *peer)
++mwifiex_tdls_process_config_link(struct mwifiex_private *priv, const u8 *peer)
+ {
+ struct mwifiex_sta_node *sta_ptr;
+ struct mwifiex_ds_tdls_oper tdls_oper;
+@@ -922,7 +926,7 @@ mwifiex_tdls_process_config_link(struct
}
--static enum ATH_AGGR_STATUS ath_tx_form_aggr(struct ath_softc *sc,
-- struct ath_txq *txq,
-- struct ath_atx_tid *tid,
-- struct list_head *bf_q,
-- int *aggr_len)
-+static bool
-+ath_tx_form_aggr(struct ath_softc *sc, struct ath_txq *txq,
-+ struct ath_atx_tid *tid, struct list_head *bf_q,
-+ struct ath_buf *bf_first, struct sk_buff_head *tid_q,
-+ int *aggr_len)
+ static int
+-mwifiex_tdls_process_create_link(struct mwifiex_private *priv, u8 *peer)
++mwifiex_tdls_process_create_link(struct mwifiex_private *priv, const u8 *peer)
{
- #define PADBYTES(_len) ((4 - ((_len) % 4)) % 4)
-- struct ath_buf *bf, *bf_first = NULL, *bf_prev = NULL;
-- int rl = 0, nframes = 0, ndelim, prev_al = 0;
-+ struct ath_buf *bf = bf_first, *bf_prev = NULL;
-+ int nframes = 0, ndelim;
- u16 aggr_limit = 0, al = 0, bpad = 0,
-- al_delta, h_baw = tid->baw_size / 2;
-- enum ATH_AGGR_STATUS status = ATH_AGGR_DONE;
-+ al_delta, h_baw = tid->baw_size / 2;
- struct ieee80211_tx_info *tx_info;
- struct ath_frame_info *fi;
- struct sk_buff *skb;
-+ bool closed = false;
+ struct mwifiex_sta_node *sta_ptr;
+ struct mwifiex_ds_tdls_oper tdls_oper;
+@@ -949,7 +953,7 @@ mwifiex_tdls_process_create_link(struct
+ }
-- do {
-- bf = ath_tx_get_tid_subframe(sc, txq, tid);
-- if (!bf) {
-- status = ATH_AGGR_BAW_CLOSED;
-- break;
-- }
-+ bf = bf_first;
-+ aggr_limit = ath_lookup_rate(sc, bf, tid);
+ static int
+-mwifiex_tdls_process_disable_link(struct mwifiex_private *priv, u8 *peer)
++mwifiex_tdls_process_disable_link(struct mwifiex_private *priv, const u8 *peer)
+ {
+ struct mwifiex_sta_node *sta_ptr;
+ struct mwifiex_ds_tdls_oper tdls_oper;
+@@ -978,7 +982,7 @@ mwifiex_tdls_process_disable_link(struct
+ }
-+ do {
- skb = bf->bf_mpdu;
- fi = get_frame_info(skb);
+ static int
+-mwifiex_tdls_process_enable_link(struct mwifiex_private *priv, u8 *peer)
++mwifiex_tdls_process_enable_link(struct mwifiex_private *priv, const u8 *peer)
+ {
+ struct mwifiex_sta_node *sta_ptr;
+ struct ieee80211_mcs_info mcs;
+@@ -1035,7 +1039,7 @@ mwifiex_tdls_process_enable_link(struct
+ return 0;
+ }
-- if (!bf_first)
-- bf_first = bf;
--
-- if (!rl) {
-- ath_set_rates(tid->an->vif, tid->an->sta, bf);
-- aggr_limit = ath_lookup_rate(sc, bf, tid);
-- rl = 1;
-- }
--
- /* do not exceed aggregation limit */
- al_delta = ATH_AGGR_DELIM_SZ + fi->framelen;
-+ if (nframes) {
-+ if (aggr_limit < al + bpad + al_delta ||
-+ ath_lookup_legacy(bf) || nframes >= h_baw)
-+ break;
-
-- if (nframes &&
-- ((aggr_limit < (al + bpad + al_delta + prev_al)) ||
-- ath_lookup_legacy(bf))) {
-- status = ATH_AGGR_LIMITED;
-- break;
-- }
--
-- tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
-- if (nframes && (tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE))
-- break;
--
-- /* do not exceed subframe limit */
-- if (nframes >= min((int)h_baw, ATH_AMPDU_SUBFRAME_DEFAULT)) {
-- status = ATH_AGGR_LIMITED;
-- break;
-+ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
-+ if ((tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) ||
-+ !(tx_info->flags & IEEE80211_TX_CTL_AMPDU))
-+ break;
- }
+-int mwifiex_tdls_oper(struct mwifiex_private *priv, u8 *peer, u8 action)
++int mwifiex_tdls_oper(struct mwifiex_private *priv, const u8 *peer, u8 action)
+ {
+ switch (action) {
+ case MWIFIEX_TDLS_ENABLE_LINK:
+@@ -1050,7 +1054,7 @@ int mwifiex_tdls_oper(struct mwifiex_pri
+ return 0;
+ }
- /* add padding for previous frame to aggregation length */
-@@ -912,22 +985,37 @@ static enum ATH_AGGR_STATUS ath_tx_form_
- bf->bf_next = NULL;
-
- /* link buffers of this frame to the aggregate */
-- if (!fi->retries)
-- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
-+ if (!fi->baw_tracked)
-+ ath_tx_addto_baw(sc, tid, bf);
- bf->bf_state.ndelim = ndelim;
-
-- __skb_unlink(skb, &tid->buf_q);
-+ __skb_unlink(skb, tid_q);
- list_add_tail(&bf->list, bf_q);
- if (bf_prev)
- bf_prev->bf_next = bf;
-
- bf_prev = bf;
-
-- } while (!skb_queue_empty(&tid->buf_q));
-+ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
-+ if (!bf) {
-+ closed = true;
-+ break;
-+ }
-+ } while (ath_tid_has_buffered(tid));
-+
-+ bf = bf_first;
-+ bf->bf_lastbf = bf_prev;
-+
-+ if (bf == bf_prev) {
-+ al = get_frame_info(bf->bf_mpdu)->framelen;
-+ bf->bf_state.bf_type = BUF_AMPDU;
-+ } else {
-+ TX_STAT_INC(txq->axq_qnum, a_aggr);
-+ }
+-int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, u8 *mac)
++int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, const u8 *mac)
+ {
+ struct mwifiex_sta_node *sta_ptr;
- *aggr_len = al;
+--- a/drivers/net/wireless/mwifiex/util.c
++++ b/drivers/net/wireless/mwifiex/util.c
+@@ -259,7 +259,7 @@ int mwifiex_complete_cmd(struct mwifiex_
+ * NULL is returned if station entry is not found in associated STA list.
+ */
+ struct mwifiex_sta_node *
+-mwifiex_get_sta_entry(struct mwifiex_private *priv, u8 *mac)
++mwifiex_get_sta_entry(struct mwifiex_private *priv, const u8 *mac)
+ {
+ struct mwifiex_sta_node *node;
-- return status;
-+ return closed;
- #undef PADBYTES
+@@ -280,7 +280,7 @@ mwifiex_get_sta_entry(struct mwifiex_pri
+ * If received mac address is NULL, NULL is returned.
+ */
+ struct mwifiex_sta_node *
+-mwifiex_add_sta_entry(struct mwifiex_private *priv, u8 *mac)
++mwifiex_add_sta_entry(struct mwifiex_private *priv, const u8 *mac)
+ {
+ struct mwifiex_sta_node *node;
+ unsigned long flags;
+@@ -332,7 +332,7 @@ mwifiex_set_sta_ht_cap(struct mwifiex_pr
}
-@@ -999,7 +1087,7 @@ void ath_update_max_aggr_framelen(struct
- }
+ /* This function will delete a station entry from station list */
+-void mwifiex_del_sta_entry(struct mwifiex_private *priv, u8 *mac)
++void mwifiex_del_sta_entry(struct mwifiex_private *priv, const u8 *mac)
+ {
+ struct mwifiex_sta_node *node;
+ unsigned long flags;
+--- a/drivers/net/wireless/mwifiex/wmm.c
++++ b/drivers/net/wireless/mwifiex/wmm.c
+@@ -92,7 +92,7 @@ mwifiex_wmm_ac_debug_print(const struct
+ * The function also initializes the list with the provided RA.
+ */
+ static struct mwifiex_ra_list_tbl *
+-mwifiex_wmm_allocate_ralist_node(struct mwifiex_adapter *adapter, u8 *ra)
++mwifiex_wmm_allocate_ralist_node(struct mwifiex_adapter *adapter, const u8 *ra)
+ {
+ struct mwifiex_ra_list_tbl *ra_list;
- static void ath_buf_set_rate(struct ath_softc *sc, struct ath_buf *bf,
-- struct ath_tx_info *info, int len)
-+ struct ath_tx_info *info, int len, bool rts)
+@@ -139,8 +139,7 @@ static u8 mwifiex_get_random_ba_threshol
+ * This function allocates and adds a RA list for all TIDs
+ * with the given RA.
+ */
+-void
+-mwifiex_ralist_add(struct mwifiex_private *priv, u8 *ra)
++void mwifiex_ralist_add(struct mwifiex_private *priv, const u8 *ra)
{
- struct ath_hw *ah = sc->sc_ah;
- struct sk_buff *skb;
-@@ -1008,6 +1096,7 @@ static void ath_buf_set_rate(struct ath_
- const struct ieee80211_rate *rate;
- struct ieee80211_hdr *hdr;
- struct ath_frame_info *fi = get_frame_info(bf->bf_mpdu);
-+ u32 rts_thresh = sc->hw->wiphy->rts_threshold;
int i;
- u8 rix = 0;
-
-@@ -1030,7 +1119,17 @@ static void ath_buf_set_rate(struct ath_
- rix = rates[i].idx;
- info->rates[i].Tries = rates[i].count;
-
-- if (rates[i].flags & IEEE80211_TX_RC_USE_RTS_CTS) {
-+ /*
-+ * Handle RTS threshold for unaggregated HT frames.
-+ */
-+ if (bf_isampdu(bf) && !bf_isaggr(bf) &&
-+ (rates[i].flags & IEEE80211_TX_RC_MCS) &&
-+ unlikely(rts_thresh != (u32) -1)) {
-+ if (!rts_thresh || (len > rts_thresh))
-+ rts = true;
-+ }
-+
-+ if (rts || rates[i].flags & IEEE80211_TX_RC_USE_RTS_CTS) {
- info->rates[i].RateFlags |= ATH9K_RATESERIES_RTS_CTS;
- info->flags |= ATH9K_TXDESC_RTSENA;
- } else if (rates[i].flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
-@@ -1123,6 +1222,8 @@ static void ath_tx_fill_desc(struct ath_
- struct ath_hw *ah = sc->sc_ah;
- struct ath_buf *bf_first = NULL;
- struct ath_tx_info info;
-+ u32 rts_thresh = sc->hw->wiphy->rts_threshold;
-+ bool rts = false;
-
- memset(&info, 0, sizeof(info));
- info.is_first = true;
-@@ -1159,7 +1260,22 @@ static void ath_tx_fill_desc(struct ath_
- info.flags |= (u32) bf->bf_state.bfs_paprd <<
- ATH9K_TXDESC_PAPRD_S;
-
-- ath_buf_set_rate(sc, bf, &info, len);
-+ /*
-+ * mac80211 doesn't handle RTS threshold for HT because
-+ * the decision has to be taken based on AMPDU length
-+ * and aggregation is done entirely inside ath9k.
-+ * Set the RTS/CTS flag for the first subframe based
-+ * on the threshold.
-+ */
-+ if (aggr && (bf == bf_first) &&
-+ unlikely(rts_thresh != (u32) -1)) {
-+ /*
-+ * "len" is the size of the entire AMPDU.
-+ */
-+ if (!rts_thresh || (len > rts_thresh))
-+ rts = true;
-+ }
-+ ath_buf_set_rate(sc, bf, &info, len, rts);
- }
+ struct mwifiex_ra_list_tbl *ra_list;
+@@ -566,7 +565,7 @@ mwifiex_clean_txrx(struct mwifiex_privat
+ */
+ static struct mwifiex_ra_list_tbl *
+ mwifiex_wmm_get_ralist_node(struct mwifiex_private *priv, u8 tid,
+- u8 *ra_addr)
++ const u8 *ra_addr)
+ {
+ struct mwifiex_ra_list_tbl *ra_list;
- info.buf_addr[0] = bf->bf_buf_addr;
-@@ -1188,64 +1304,101 @@ static void ath_tx_fill_desc(struct ath_
- }
+@@ -587,7 +586,8 @@ mwifiex_wmm_get_ralist_node(struct mwifi
+ * retrieved.
+ */
+ struct mwifiex_ra_list_tbl *
+-mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid, u8 *ra_addr)
++mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid,
++ const u8 *ra_addr)
+ {
+ struct mwifiex_ra_list_tbl *ra_list;
+
+--- a/drivers/net/wireless/mwifiex/wmm.h
++++ b/drivers/net/wireless/mwifiex/wmm.h
+@@ -99,7 +99,7 @@ mwifiex_wmm_is_ra_list_empty(struct list
+
+ void mwifiex_wmm_add_buf_txqueue(struct mwifiex_private *priv,
+ struct sk_buff *skb);
+-void mwifiex_ralist_add(struct mwifiex_private *priv, u8 *ra);
++void mwifiex_ralist_add(struct mwifiex_private *priv, const u8 *ra);
+ void mwifiex_rotate_priolists(struct mwifiex_private *priv,
+ struct mwifiex_ra_list_tbl *ra, int tid);
+
+@@ -123,7 +123,8 @@ void mwifiex_wmm_setup_ac_downgrade(stru
+ int mwifiex_ret_wmm_get_status(struct mwifiex_private *priv,
+ const struct host_cmd_ds_command *resp);
+ struct mwifiex_ra_list_tbl *
+-mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid, u8 *ra_addr);
++mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid,
++ const u8 *ra_addr);
+ u8 mwifiex_wmm_downgrade_tid(struct mwifiex_private *priv, u32 tid);
+
+ #endif /* !_MWIFIEX_WMM_H_ */
+--- a/drivers/net/wireless/orinoco/hw.c
++++ b/drivers/net/wireless/orinoco/hw.c
+@@ -988,8 +988,8 @@ int __orinoco_hw_setup_enc(struct orinoc
+ * tsc must be NULL or up to 8 bytes
+ */
+ int __orinoco_hw_set_tkip_key(struct orinoco_private *priv, int key_idx,
+- int set_tx, u8 *key, u8 *rsc, size_t rsc_len,
+- u8 *tsc, size_t tsc_len)
++ int set_tx, const u8 *key, const u8 *rsc,
++ size_t rsc_len, const u8 *tsc, size_t tsc_len)
+ {
+ struct {
+ __le16 idx;
+--- a/drivers/net/wireless/orinoco/hw.h
++++ b/drivers/net/wireless/orinoco/hw.h
+@@ -38,8 +38,8 @@ int __orinoco_hw_set_wap(struct orinoco_
+ int __orinoco_hw_setup_wepkeys(struct orinoco_private *priv);
+ int __orinoco_hw_setup_enc(struct orinoco_private *priv);
+ int __orinoco_hw_set_tkip_key(struct orinoco_private *priv, int key_idx,
+- int set_tx, u8 *key, u8 *rsc, size_t rsc_len,
+- u8 *tsc, size_t tsc_len);
++ int set_tx, const u8 *key, const u8 *rsc,
++ size_t rsc_len, const u8 *tsc, size_t tsc_len);
+ int orinoco_clear_tkip_key(struct orinoco_private *priv, int key_idx);
+ int __orinoco_hw_set_multicast_list(struct orinoco_private *priv,
+ struct net_device *dev,
+--- a/drivers/net/wireless/orinoco/wext.c
++++ b/drivers/net/wireless/orinoco/wext.c
+@@ -52,9 +52,9 @@ static int orinoco_set_key(struct orinoc
+ priv->keys[index].seq_len = seq_len;
+
+ if (key_len)
+- memcpy(priv->keys[index].key, key, key_len);
++ memcpy((void *)priv->keys[index].key, key, key_len);
+ if (seq_len)
+- memcpy(priv->keys[index].seq, seq, seq_len);
++ memcpy((void *)priv->keys[index].seq, seq, seq_len);
+
+ switch (alg) {
+ case ORINOCO_ALG_TKIP:
+--- a/drivers/net/wireless/rndis_wlan.c
++++ b/drivers/net/wireless/rndis_wlan.c
+@@ -517,7 +517,7 @@ static int rndis_set_default_key(struct
+ u8 key_index, bool unicast, bool multicast);
+
+ static int rndis_get_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_info *sinfo);
++ const u8 *mac, struct station_info *sinfo);
+
+ static int rndis_dump_station(struct wiphy *wiphy, struct net_device *dev,
+ int idx, u8 *mac, struct station_info *sinfo);
+@@ -2490,7 +2490,7 @@ static void rndis_fill_station_info(stru
}
--static void ath_tx_sched_aggr(struct ath_softc *sc, struct ath_txq *txq,
-- struct ath_atx_tid *tid)
-+static void
-+ath_tx_form_burst(struct ath_softc *sc, struct ath_txq *txq,
-+ struct ath_atx_tid *tid, struct list_head *bf_q,
-+ struct ath_buf *bf_first, struct sk_buff_head *tid_q)
+ static int rndis_get_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_info *sinfo)
++ const u8 *mac, struct station_info *sinfo)
{
-- struct ath_buf *bf;
-- enum ATH_AGGR_STATUS status;
-- struct ieee80211_tx_info *tx_info;
-- struct list_head bf_q;
-- int aggr_len;
-+ struct ath_buf *bf = bf_first, *bf_prev = NULL;
-+ struct sk_buff *skb;
-+ int nframes = 0;
-
- do {
-- if (skb_queue_empty(&tid->buf_q))
-- return;
-+ struct ieee80211_tx_info *tx_info;
-+ skb = bf->bf_mpdu;
-
-- INIT_LIST_HEAD(&bf_q);
-+ nframes++;
-+ __skb_unlink(skb, tid_q);
-+ list_add_tail(&bf->list, bf_q);
-+ if (bf_prev)
-+ bf_prev->bf_next = bf;
-+ bf_prev = bf;
-
-- status = ath_tx_form_aggr(sc, txq, tid, &bf_q, &aggr_len);
-+ if (nframes >= 2)
-+ break;
+ struct rndis_wlan_private *priv = wiphy_priv(wiphy);
+ struct usbnet *usbdev = priv->usbdev;
+--- a/drivers/net/wireless/ti/wlcore/main.c
++++ b/drivers/net/wireless/ti/wlcore/main.c
+@@ -1416,7 +1416,7 @@ void wl1271_rx_filter_free(struct wl12xx
-- /*
-- * no frames picked up to be aggregated;
-- * block-ack window is not open.
-- */
-- if (list_empty(&bf_q))
-+ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
-+ if (!bf)
- break;
+ int wl1271_rx_filter_alloc_field(struct wl12xx_rx_filter *filter,
+ u16 offset, u8 flags,
+- u8 *pattern, u8 len)
++ const u8 *pattern, u8 len)
+ {
+ struct wl12xx_rx_filter_field *field;
+
+--- a/drivers/net/wireless/ti/wlcore/wlcore_i.h
++++ b/drivers/net/wireless/ti/wlcore/wlcore_i.h
+@@ -512,8 +512,8 @@ int wl1271_recalc_rx_streaming(struct wl
+ void wl12xx_queue_recovery_work(struct wl1271 *wl);
+ size_t wl12xx_copy_fwlog(struct wl1271 *wl, u8 *memblock, size_t maxlen);
+ int wl1271_rx_filter_alloc_field(struct wl12xx_rx_filter *filter,
+- u16 offset, u8 flags,
+- u8 *pattern, u8 len);
++ u16 offset, u8 flags,
++ const u8 *pattern, u8 len);
+ void wl1271_rx_filter_free(struct wl12xx_rx_filter *filter);
+ struct wl12xx_rx_filter *wl1271_rx_filter_alloc(void);
+ int wl1271_rx_filter_get_fields_size(struct wl12xx_rx_filter *filter);
+--- a/include/net/cfg80211.h
++++ b/include/net/cfg80211.h
+@@ -341,8 +341,8 @@ struct vif_params {
+ * @seq_len: length of @seq.
+ */
+ struct key_params {
+- u8 *key;
+- u8 *seq;
++ const u8 *key;
++ const u8 *seq;
+ int key_len;
+ int seq_len;
+ u32 cipher;
+@@ -458,7 +458,7 @@ bool cfg80211_chandef_usable(struct wiph
+ */
+ int cfg80211_chandef_dfs_required(struct wiphy *wiphy,
+ const struct cfg80211_chan_def *chandef,
+- enum nl80211_iftype);
++ enum nl80211_iftype iftype);
-- bf = list_first_entry(&bf_q, struct ath_buf, list);
-- bf->bf_lastbf = list_entry(bf_q.prev, struct ath_buf, list);
- tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
-+ if (tx_info->flags & IEEE80211_TX_CTL_AMPDU)
-+ break;
+ /**
+ * ieee80211_chandef_rate_flags - returns rate flags for a channel
+@@ -694,8 +694,10 @@ struct cfg80211_ap_settings {
+ *
+ * @chandef: defines the channel to use after the switch
+ * @beacon_csa: beacon data while performing the switch
+- * @counter_offset_beacon: offset for the counter within the beacon (tail)
+- * @counter_offset_presp: offset for the counter within the probe response
++ * @counter_offsets_beacon: offsets of the counters within the beacon (tail)
++ * @counter_offsets_presp: offsets of the counters within the probe response
++ * @n_counter_offsets_beacon: number of csa counters the beacon (tail)
++ * @n_counter_offsets_presp: number of csa counters in the probe response
+ * @beacon_after: beacon data to be used on the new channel
+ * @radar_required: whether radar detection is required on the new channel
+ * @block_tx: whether transmissions should be blocked while changing
+@@ -704,7 +706,10 @@ struct cfg80211_ap_settings {
+ struct cfg80211_csa_settings {
+ struct cfg80211_chan_def chandef;
+ struct cfg80211_beacon_data beacon_csa;
+- u16 counter_offset_beacon, counter_offset_presp;
++ const u16 *counter_offsets_beacon;
++ const u16 *counter_offsets_presp;
++ unsigned int n_counter_offsets_beacon;
++ unsigned int n_counter_offsets_presp;
+ struct cfg80211_beacon_data beacon_after;
+ bool radar_required;
+ bool block_tx;
+@@ -1164,7 +1169,7 @@ struct bss_parameters {
+ int use_cts_prot;
+ int use_short_preamble;
+ int use_short_slot_time;
+- u8 *basic_rates;
++ const u8 *basic_rates;
+ u8 basic_rates_len;
+ int ap_isolate;
+ int ht_opmode;
+@@ -1694,10 +1699,10 @@ struct cfg80211_disassoc_request {
+ * @ht_capa_mask: The bits of ht_capa which are to be used.
+ */
+ struct cfg80211_ibss_params {
+- u8 *ssid;
+- u8 *bssid;
++ const u8 *ssid;
++ const u8 *bssid;
+ struct cfg80211_chan_def chandef;
+- u8 *ie;
++ const u8 *ie;
+ u8 ssid_len, ie_len;
+ u16 beacon_interval;
+ u32 basic_rates;
+@@ -1806,8 +1811,8 @@ struct cfg80211_bitrate_mask {
+ * @pmkid: The PMK material itself.
+ */
+ struct cfg80211_pmksa {
+- u8 *bssid;
+- u8 *pmkid;
++ const u8 *bssid;
++ const u8 *pmkid;
+ };
-- if (tid->ac->clear_ps_filter) {
-- tid->ac->clear_ps_filter = false;
-- tx_info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
-- } else {
-- tx_info->flags &= ~IEEE80211_TX_CTL_CLEAR_PS_FILT;
-- }
-+ ath_set_rates(tid->an->vif, tid->an->sta, bf);
-+ } while (1);
-+}
+ /**
+@@ -1822,7 +1827,7 @@ struct cfg80211_pmksa {
+ * memory, free @mask only!
+ */
+ struct cfg80211_pkt_pattern {
+- u8 *mask, *pattern;
++ const u8 *mask, *pattern;
+ int pattern_len;
+ int pkt_offset;
+ };
+@@ -1986,6 +1991,8 @@ struct cfg80211_update_ft_ies_params {
+ * @len: buffer length
+ * @no_cck: don't use cck rates for this frame
+ * @dont_wait_for_ack: tells the low level not to wait for an ack
++ * @n_csa_offsets: length of csa_offsets array
++ * @csa_offsets: array of all the csa offsets in the frame
+ */
+ struct cfg80211_mgmt_tx_params {
+ struct ieee80211_channel *chan;
+@@ -1995,6 +2002,8 @@ struct cfg80211_mgmt_tx_params {
+ size_t len;
+ bool no_cck;
+ bool dont_wait_for_ack;
++ int n_csa_offsets;
++ const u16 *csa_offsets;
+ };
-- /* if only one frame, send as non-aggregate */
-- if (bf == bf->bf_lastbf) {
-- aggr_len = get_frame_info(bf->bf_mpdu)->framelen;
-- bf->bf_state.bf_type = BUF_AMPDU;
-- } else {
-- TX_STAT_INC(txq->axq_qnum, a_aggr);
-- }
-+static bool ath_tx_sched_aggr(struct ath_softc *sc, struct ath_txq *txq,
-+ struct ath_atx_tid *tid, bool *stop)
-+{
-+ struct ath_buf *bf;
-+ struct ieee80211_tx_info *tx_info;
-+ struct sk_buff_head *tid_q;
-+ struct list_head bf_q;
-+ int aggr_len = 0;
-+ bool aggr, last = true;
-+
-+ if (!ath_tid_has_buffered(tid))
-+ return false;
-+
-+ INIT_LIST_HEAD(&bf_q);
-
-- ath_tx_fill_desc(sc, bf, txq, aggr_len);
-- ath_tx_txqaddbuf(sc, txq, &bf_q, false);
-- } while (txq->axq_ampdu_depth < ATH_AGGR_MIN_QDEPTH &&
-- status != ATH_AGGR_BAW_CLOSED);
-+ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
-+ if (!bf)
-+ return false;
-+
-+ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
-+ aggr = !!(tx_info->flags & IEEE80211_TX_CTL_AMPDU);
-+ if ((aggr && txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH) ||
-+ (!aggr && txq->axq_depth >= ATH_NON_AGGR_MIN_QDEPTH)) {
-+ *stop = true;
-+ return false;
-+ }
+ /**
+@@ -2336,28 +2345,29 @@ struct cfg80211_ops {
+
+
+ int (*add_station)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_parameters *params);
++ const u8 *mac,
++ struct station_parameters *params);
+ int (*del_station)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac);
++ const u8 *mac);
+ int (*change_station)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_parameters *params);
++ const u8 *mac,
++ struct station_parameters *params);
+ int (*get_station)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_info *sinfo);
++ const u8 *mac, struct station_info *sinfo);
+ int (*dump_station)(struct wiphy *wiphy, struct net_device *dev,
+- int idx, u8 *mac, struct station_info *sinfo);
++ int idx, u8 *mac, struct station_info *sinfo);
+
+ int (*add_mpath)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *dst, u8 *next_hop);
++ const u8 *dst, const u8 *next_hop);
+ int (*del_mpath)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *dst);
++ const u8 *dst);
+ int (*change_mpath)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *dst, u8 *next_hop);
++ const u8 *dst, const u8 *next_hop);
+ int (*get_mpath)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *dst, u8 *next_hop,
+- struct mpath_info *pinfo);
++ u8 *dst, u8 *next_hop, struct mpath_info *pinfo);
+ int (*dump_mpath)(struct wiphy *wiphy, struct net_device *dev,
+- int idx, u8 *dst, u8 *next_hop,
+- struct mpath_info *pinfo);
++ int idx, u8 *dst, u8 *next_hop,
++ struct mpath_info *pinfo);
+ int (*get_mesh_config)(struct wiphy *wiphy,
+ struct net_device *dev,
+ struct mesh_config *conf);
+@@ -2487,11 +2497,11 @@ struct cfg80211_ops {
+ struct cfg80211_gtk_rekey_data *data);
+
+ int (*tdls_mgmt)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, u8 action_code, u8 dialog_token,
++ const u8 *peer, u8 action_code, u8 dialog_token,
+ u16 status_code, u32 peer_capability,
+ const u8 *buf, size_t len);
+ int (*tdls_oper)(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, enum nl80211_tdls_operation oper);
++ const u8 *peer, enum nl80211_tdls_operation oper);
+
+ int (*probe_client)(struct wiphy *wiphy, struct net_device *dev,
+ const u8 *peer, u64 *cookie);
+@@ -2638,6 +2648,7 @@ struct ieee80211_iface_limit {
+ * between infrastructure and AP types must match. This is required
+ * only in special cases.
+ * @radar_detect_widths: bitmap of channel widths supported for radar detection
++ * @radar_detect_regions: bitmap of regions supported for radar detection
+ *
+ * With this structure the driver can describe which interface
+ * combinations it supports concurrently.
+@@ -2695,6 +2706,7 @@ struct ieee80211_iface_combination {
+ u8 n_limits;
+ bool beacon_int_infra_match;
+ u8 radar_detect_widths;
++ u8 radar_detect_regions;
+ };
+
+ struct ieee80211_txrx_stypes {
+@@ -2925,6 +2937,11 @@ struct wiphy_vendor_command {
+ * (including P2P GO) or 0 to indicate no such limit is advertised. The
+ * driver is allowed to advertise a theoretical limit that it can reach in
+ * some cases, but may not always reach.
++ *
++ * @max_num_csa_counters: Number of supported csa_counters in beacons
++ * and probe responses. This value should be set if the driver
++ * wishes to limit the number of csa counters. Default (0) means
++ * infinite.
+ */
+ struct wiphy {
+ /* assign these fields before you register the wiphy */
+@@ -3045,6 +3062,8 @@ struct wiphy {
+
+ u16 max_ap_assoc_sta;
+
++ u8 max_num_csa_counters;
++
+ char priv[0] __aligned(NETDEV_ALIGN);
+ };
+
+@@ -3273,7 +3292,7 @@ struct wireless_dev {
+ struct cfg80211_ibss_params ibss;
+ struct cfg80211_connect_params connect;
+ struct cfg80211_cached_keys *keys;
+- u8 *ie;
++ const u8 *ie;
+ size_t ie_len;
+ u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
+ u8 ssid[IEEE80211_MAX_SSID_LEN];
+@@ -3514,7 +3533,8 @@ int ieee80211_data_to_8023(struct sk_buf
+ * Return: 0 on success, or a negative error code.
+ */
+ int ieee80211_data_from_8023(struct sk_buff *skb, const u8 *addr,
+- enum nl80211_iftype iftype, u8 *bssid, bool qos);
++ enum nl80211_iftype iftype, const u8 *bssid,
++ bool qos);
+
+ /**
+ * ieee80211_amsdu_to_8023s - decode an IEEE 802.11n A-MSDU frame
+@@ -4315,7 +4335,7 @@ void cfg80211_roamed_bss(struct net_devi
+ * and not try to connect to any AP any more.
+ */
+ void cfg80211_disconnected(struct net_device *dev, u16 reason,
+- u8 *ie, size_t ie_len, gfp_t gfp);
++ const u8 *ie, size_t ie_len, gfp_t gfp);
+
+ /**
+ * cfg80211_ready_on_channel - notification of remain_on_channel start
+@@ -4771,6 +4791,35 @@ int cfg80211_iter_combinations(struct wi
+ void *data),
+ void *data);
+
++/*
++ * cfg80211_stop_iface - trigger interface disconnection
++ *
++ * @wiphy: the wiphy
++ * @wdev: wireless device
++ * @gfp: context flags
++ *
++ * Trigger interface to be stopped as if AP was stopped, IBSS/mesh left, STA
++ * disconnected.
++ *
++ * Note: This doesn't need any locks and is asynchronous.
++ */
++void cfg80211_stop_iface(struct wiphy *wiphy, struct wireless_dev *wdev,
++ gfp_t gfp);
++
++/**
++ * cfg80211_shutdown_all_interfaces - shut down all interfaces for a wiphy
++ * @wiphy: the wiphy to shut down
++ *
++ * This function shuts down all interfaces belonging to this wiphy by
++ * calling dev_close() (and treating non-netdev interfaces as needed).
++ * It shouldn't really be used unless there are some fatal device errors
++ * that really can't be recovered in any other way.
++ *
++ * Callers must hold the RTNL and be able to deal with callbacks into
++ * the driver while the function is running.
++ */
++void cfg80211_shutdown_all_interfaces(struct wiphy *wiphy);
++
+ /* Logging, debugging and troubleshooting/diagnostic helpers. */
+
+ /* wiphy_printk helpers, similar to dev_printk */
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -1113,7 +1113,9 @@ enum ieee80211_vif_flags {
+ * @addr: address of this interface
+ * @p2p: indicates whether this AP or STA interface is a p2p
+ * interface, i.e. a GO or p2p-sta respectively
+- * @csa_active: marks whether a channel switch is going on
++ * @csa_active: marks whether a channel switch is going on. Internally it is
++ * write-protected by sdata_lock and local->mtx so holding either is fine
++ * for read access.
+ * @driver_flags: flags/capabilities the driver has for this interface,
+ * these need to be set (or cleared) when the interface is added
+ * or, if supported by the driver, the interface type is changed
+@@ -1374,6 +1376,7 @@ struct ieee80211_sta_rates {
+ * the station moves to associated state.
+ * @smps_mode: current SMPS mode (off, static or dynamic)
+ * @rates: rate control selection table
++ * @tdls: indicates whether the STA is a TDLS peer
+ */
+ struct ieee80211_sta {
+ u32 supp_rates[IEEE80211_NUM_BANDS];
+@@ -1388,6 +1391,7 @@ struct ieee80211_sta {
+ enum ieee80211_sta_rx_bandwidth bandwidth;
+ enum ieee80211_smps_mode smps_mode;
+ struct ieee80211_sta_rates __rcu *rates;
++ bool tdls;
+
+ /* must be last */
+ u8 drv_priv[0] __aligned(sizeof(void *));
+@@ -3407,6 +3411,47 @@ void ieee80211_tx_status_irqsafe(struct
+ */
+ void ieee80211_report_low_ack(struct ieee80211_sta *sta, u32 num_packets);
+
++#define IEEE80211_MAX_CSA_COUNTERS_NUM 2
+
-+ ath_set_rates(tid->an->vif, tid->an->sta, bf);
-+ if (aggr)
-+ last = ath_tx_form_aggr(sc, txq, tid, &bf_q, bf,
-+ tid_q, &aggr_len);
-+ else
-+ ath_tx_form_burst(sc, txq, tid, &bf_q, bf, tid_q);
++/**
++ * struct ieee80211_mutable_offsets - mutable beacon offsets
++ * @tim_offset: position of TIM element
++ * @tim_length: size of TIM element
++ * @csa_counter_offs: array of IEEE80211_MAX_CSA_COUNTERS_NUM offsets
++ * to CSA counters. This array can contain zero values which
++ * should be ignored.
++ */
++struct ieee80211_mutable_offsets {
++ u16 tim_offset;
++ u16 tim_length;
+
-+ if (list_empty(&bf_q))
-+ return false;
++ u16 csa_counter_offs[IEEE80211_MAX_CSA_COUNTERS_NUM];
++};
+
-+ if (tid->ac->clear_ps_filter || tid->an->no_ps_filter) {
-+ tid->ac->clear_ps_filter = false;
-+ tx_info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
-+ }
++/**
++ * ieee80211_beacon_get_template - beacon template generation function
++ * @hw: pointer obtained from ieee80211_alloc_hw().
++ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
++ * @offs: &struct ieee80211_mutable_offsets pointer to struct that will
++ * receive the offsets that may be updated by the driver.
++ *
++ * If the driver implements beaconing modes, it must use this function to
++ * obtain the beacon template.
++ *
++ * This function should be used if the beacon frames are generated by the
++ * device, and then the driver must use the returned beacon as the template
++ * The driver or the device are responsible to update the DTIM and, when
++ * applicable, the CSA count.
++ *
++ * The driver is responsible for freeing the returned skb.
++ *
++ * Return: The beacon template. %NULL on error.
++ */
++struct sk_buff *
++ieee80211_beacon_get_template(struct ieee80211_hw *hw,
++ struct ieee80211_vif *vif,
++ struct ieee80211_mutable_offsets *offs);
+
-+ ath_tx_fill_desc(sc, bf, txq, aggr_len);
-+ ath_tx_txqaddbuf(sc, txq, &bf_q, false);
-+ return true;
+ /**
+ * ieee80211_beacon_get_tim - beacon generation function
+ * @hw: pointer obtained from ieee80211_alloc_hw().
+@@ -3418,16 +3463,12 @@ void ieee80211_report_low_ack(struct iee
+ * Set to 0 if invalid (in non-AP modes).
+ *
+ * If the driver implements beaconing modes, it must use this function to
+- * obtain the beacon frame/template.
++ * obtain the beacon frame.
+ *
+ * If the beacon frames are generated by the host system (i.e., not in
+ * hardware/firmware), the driver uses this function to get each beacon
+- * frame from mac80211 -- it is responsible for calling this function
+- * before the beacon is needed (e.g. based on hardware interrupt).
+- *
+- * If the beacon frames are generated by the device, then the driver
+- * must use the returned beacon as the template and change the TIM IE
+- * according to the current DTIM parameters/TIM bitmap.
++ * frame from mac80211 -- it is responsible for calling this function exactly
++ * once before the beacon is needed (e.g. based on hardware interrupt).
+ *
+ * The driver is responsible for freeing the returned skb.
+ *
+@@ -3453,6 +3494,20 @@ static inline struct sk_buff *ieee80211_
}
- int ath_tx_aggr_start(struct ath_softc *sc, struct ieee80211_sta *sta,
- u16 tid, u16 *ssn)
- {
- struct ath_atx_tid *txtid;
-+ struct ath_txq *txq;
- struct ath_node *an;
- u8 density;
-
- an = (struct ath_node *)sta->drv_priv;
- txtid = ATH_AN_2_TID(an, tid);
-+ txq = txtid->ac->txq;
+ /**
++ * ieee80211_csa_update_counter - request mac80211 to decrement the csa counter
++ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
++ *
++ * The csa counter should be updated after each beacon transmission.
++ * This function is called implicitly when
++ * ieee80211_beacon_get/ieee80211_beacon_get_tim are called, however if the
++ * beacon frames are generated by the device, the driver should call this
++ * function after each beacon transmission to sync mac80211's csa counters.
++ *
++ * Return: new csa counter value
++ */
++u8 ieee80211_csa_update_counter(struct ieee80211_vif *vif);
+
-+ ath_txq_lock(sc, txq);
++/**
+ * ieee80211_csa_finish - notify mac80211 about channel switch
+ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
+ *
+--- a/include/uapi/linux/nl80211.h
++++ b/include/uapi/linux/nl80211.h
+@@ -503,6 +503,9 @@
+ * TX status event pertaining to the TX request.
+ * %NL80211_ATTR_TX_NO_CCK_RATE is used to decide whether to send the
+ * management frames at CCK rate or not in 2GHz band.
++ * %NL80211_ATTR_CSA_C_OFFSETS_TX is an array of offsets to CSA
++ * counters which will be updated to the current value. This attribute
++ * is used during CSA period.
+ * @NL80211_CMD_FRAME_WAIT_CANCEL: When an off-channel TX was requested, this
+ * command may be used with the corresponding cookie to cancel the wait
+ * time if it is known that it is no longer necessary.
+@@ -1525,10 +1528,10 @@ enum nl80211_commands {
+ * operation).
+ * @NL80211_ATTR_CSA_IES: Nested set of attributes containing the IE information
+ * for the time while performing a channel switch.
+- * @NL80211_ATTR_CSA_C_OFF_BEACON: Offset of the channel switch counter
+- * field in the beacons tail (%NL80211_ATTR_BEACON_TAIL).
+- * @NL80211_ATTR_CSA_C_OFF_PRESP: Offset of the channel switch counter
+- * field in the probe response (%NL80211_ATTR_PROBE_RESP).
++ * @NL80211_ATTR_CSA_C_OFF_BEACON: An array of offsets (u16) to the channel
++ * switch counters in the beacons tail (%NL80211_ATTR_BEACON_TAIL).
++ * @NL80211_ATTR_CSA_C_OFF_PRESP: An array of offsets (u16) to the channel
++ * switch counters in the probe response (%NL80211_ATTR_PROBE_RESP).
+ *
+ * @NL80211_ATTR_RXMGMT_FLAGS: flags for nl80211_send_mgmt(), u32.
+ * As specified in the &enum nl80211_rxmgmt_flags.
+@@ -1576,6 +1579,11 @@ enum nl80211_commands {
+ * advertise values that cannot always be met. In such cases, an attempt
+ * to add a new station entry with @NL80211_CMD_NEW_STATION may fail.
+ *
++ * @NL80211_ATTR_CSA_C_OFFSETS_TX: An array of csa counter offsets (u16) which
++ * should be updated when the frame is transmitted.
++ * @NL80211_ATTR_MAX_CSA_COUNTERS: U8 attribute used to advertise the maximum
++ * supported number of csa counters.
++ *
+ * @NL80211_ATTR_TDLS_PEER_CAPABILITY: flags for TDLS peer capabilities, u32.
+ * As specified in the &enum nl80211_tdls_peer_capability.
+ *
+@@ -1920,6 +1928,9 @@ enum nl80211_attrs {
- /* update ampdu factor/density, they may have changed. This may happen
- * in HT IBSS when a beacon with HT-info is received after the station
-@@ -1258,6 +1411,9 @@ int ath_tx_aggr_start(struct ath_softc *
- an->mpdudensity = density;
- }
+ NL80211_ATTR_IFACE_SOCKET_OWNER,
-+ /* force sequence number allocation for pending frames */
-+ ath_tx_tid_change_state(sc, txtid);
++ NL80211_ATTR_CSA_C_OFFSETS_TX,
++ NL80211_ATTR_MAX_CSA_COUNTERS,
+
- txtid->active = true;
- txtid->paused = true;
- *ssn = txtid->seq_start = txtid->seq_next;
-@@ -1266,6 +1422,8 @@ int ath_tx_aggr_start(struct ath_softc *
- memset(txtid->tx_buf, 0, sizeof(txtid->tx_buf));
- txtid->baw_head = txtid->baw_tail = 0;
+ /* add attributes here, update the policy in nl80211.c */
-+ ath_txq_unlock_complete(sc, txq);
-+
- return 0;
+ __NL80211_ATTR_AFTER_LAST,
+@@ -3688,6 +3699,8 @@ enum nl80211_iface_limit_attrs {
+ * different channels may be used within this group.
+ * @NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS: u32 attribute containing the bitmap
+ * of supported channel widths for radar detection.
++ * @NL80211_IFACE_COMB_RADAR_DETECT_REGIONS: u32 attribute containing the bitmap
++ * of supported regulatory regions for radar detection.
+ * @NUM_NL80211_IFACE_COMB: number of attributes
+ * @MAX_NL80211_IFACE_COMB: highest attribute number
+ *
+@@ -3721,6 +3734,7 @@ enum nl80211_if_combination_attrs {
+ NL80211_IFACE_COMB_STA_AP_BI_MATCH,
+ NL80211_IFACE_COMB_NUM_CHANNELS,
+ NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
++ NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
+
+ /* keep last */
+ NUM_NL80211_IFACE_COMB,
+--- a/net/mac80211/Makefile
++++ b/net/mac80211/Makefile
+@@ -25,7 +25,8 @@ mac80211-y := \
+ wme.o \
+ event.o \
+ chan.o \
+- trace.o mlme.o
++ trace.o mlme.o \
++ tdls.o
+
+ mac80211-$(CPTCFG_MAC80211_LEDS) += led.o
+ mac80211-$(CPTCFG_MAC80211_DEBUGFS) += \
+--- a/net/mac80211/cfg.c
++++ b/net/mac80211/cfg.c
+@@ -777,7 +777,7 @@ static void ieee80211_get_et_strings(str
}
-@@ -1277,8 +1435,9 @@ void ath_tx_aggr_stop(struct ath_softc *
-
- ath_txq_lock(sc, txq);
- txtid->active = false;
-- txtid->paused = true;
-+ txtid->paused = false;
- ath_tx_flush_tid(sc, txtid);
-+ ath_tx_tid_change_state(sc, txtid);
- ath_txq_unlock_complete(sc, txq);
+ static int ieee80211_dump_station(struct wiphy *wiphy, struct net_device *dev,
+- int idx, u8 *mac, struct station_info *sinfo)
++ int idx, u8 *mac, struct station_info *sinfo)
+ {
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+ struct ieee80211_local *local = sdata->local;
+@@ -807,7 +807,7 @@ static int ieee80211_dump_survey(struct
}
-@@ -1302,7 +1461,7 @@ void ath_tx_aggr_sleep(struct ieee80211_
-
- ath_txq_lock(sc, txq);
+ static int ieee80211_get_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_info *sinfo)
++ const u8 *mac, struct station_info *sinfo)
+ {
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+ struct ieee80211_local *local = sdata->local;
+@@ -1084,6 +1084,31 @@ static int ieee80211_change_beacon(struc
+ return 0;
+ }
-- buffered = !skb_queue_empty(&tid->buf_q);
-+ buffered = ath_tid_has_buffered(tid);
++bool ieee80211_csa_needs_block_tx(struct ieee80211_local *local)
++{
++ struct ieee80211_sub_if_data *sdata;
++
++ lockdep_assert_held(&local->mtx);
++
++ rcu_read_lock();
++ list_for_each_entry_rcu(sdata, &local->interfaces, list) {
++ if (!ieee80211_sdata_running(sdata))
++ continue;
++
++ if (!sdata->vif.csa_active)
++ continue;
++
++ if (!sdata->csa_block_tx)
++ continue;
++
++ rcu_read_unlock();
++ return true;
++ }
++ rcu_read_unlock();
++
++ return false;
++}
++
+ static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
+ {
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+@@ -1101,7 +1126,14 @@ static int ieee80211_stop_ap(struct wiph
+ old_probe_resp = sdata_dereference(sdata->u.ap.probe_resp, sdata);
+
+ /* abort any running channel switch */
++ mutex_lock(&local->mtx);
+ sdata->vif.csa_active = false;
++ if (!ieee80211_csa_needs_block_tx(local))
++ ieee80211_wake_queues_by_reason(&local->hw,
++ IEEE80211_MAX_QUEUE_MAP,
++ IEEE80211_QUEUE_STOP_REASON_CSA);
++ mutex_unlock(&local->mtx);
++
+ kfree(sdata->u.ap.next_beacon);
+ sdata->u.ap.next_beacon = NULL;
- tid->sched = false;
- list_del(&tid->list);
-@@ -1334,7 +1493,7 @@ void ath_tx_aggr_wakeup(struct ath_softc
- ath_txq_lock(sc, txq);
- ac->clear_ps_filter = true;
+@@ -1425,7 +1457,8 @@ static int sta_apply_parameters(struct i
+ }
-- if (!skb_queue_empty(&tid->buf_q) && !tid->paused) {
-+ if (!tid->paused && ath_tid_has_buffered(tid)) {
- ath_tx_queue_tid(txq, tid);
- ath_txq_schedule(sc, txq);
- }
-@@ -1359,7 +1518,7 @@ void ath_tx_aggr_resume(struct ath_softc
- tid->baw_size = IEEE80211_MIN_AMPDU_BUF << sta->ht_cap.ampdu_factor;
- tid->paused = false;
-
-- if (!skb_queue_empty(&tid->buf_q)) {
-+ if (ath_tid_has_buffered(tid)) {
- ath_tx_queue_tid(txq, tid);
- ath_txq_schedule(sc, txq);
+ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac, struct station_parameters *params)
++ const u8 *mac,
++ struct station_parameters *params)
+ {
+ struct ieee80211_local *local = wiphy_priv(wiphy);
+ struct sta_info *sta;
+@@ -1459,6 +1492,8 @@ static int ieee80211_add_station(struct
+ if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) {
+ sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
+ sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
++ } else {
++ sta->sta.tdls = true;
}
-@@ -1379,6 +1538,7 @@ void ath9k_release_buffered_frames(struc
- struct ieee80211_tx_info *info;
- struct list_head bf_q;
- struct ath_buf *bf_tail = NULL, *bf;
-+ struct sk_buff_head *tid_q;
- int sent = 0;
- int i;
-@@ -1394,16 +1554,18 @@ void ath9k_release_buffered_frames(struc
- continue;
-
- ath_txq_lock(sc, tid->ac->txq);
-- while (!skb_queue_empty(&tid->buf_q) && nframes > 0) {
-- bf = ath_tx_get_tid_subframe(sc, sc->tx.uapsdq, tid);
-+ while (nframes > 0) {
-+ bf = ath_tx_get_tid_subframe(sc, sc->tx.uapsdq, tid, &tid_q);
- if (!bf)
- break;
-
-- __skb_unlink(bf->bf_mpdu, &tid->buf_q);
-+ __skb_unlink(bf->bf_mpdu, tid_q);
- list_add_tail(&bf->list, &bf_q);
- ath_set_rates(tid->an->vif, tid->an->sta, bf);
-- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
-- bf->bf_state.bf_type &= ~BUF_AGGR;
-+ if (bf_isampdu(bf)) {
-+ ath_tx_addto_baw(sc, tid, bf);
-+ bf->bf_state.bf_type &= ~BUF_AGGR;
-+ }
- if (bf_tail)
- bf_tail->bf_next = bf;
+ err = sta_apply_parameters(local, sta, params);
+@@ -1492,7 +1527,7 @@ static int ieee80211_add_station(struct
+ }
+
+ static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
+- u8 *mac)
++ const u8 *mac)
+ {
+ struct ieee80211_sub_if_data *sdata;
-@@ -1412,7 +1574,7 @@ void ath9k_release_buffered_frames(struc
- sent++;
- TX_STAT_INC(txq->axq_qnum, a_queued_hw);
+@@ -1506,7 +1541,7 @@ static int ieee80211_del_station(struct
+ }
-- if (skb_queue_empty(&tid->buf_q))
-+ if (an->sta && !ath_tid_has_buffered(tid))
- ieee80211_sta_set_buffered(an->sta, i, false);
- }
- ath_txq_unlock_complete(sc, tid->ac->txq);
-@@ -1542,16 +1704,9 @@ int ath_cabq_update(struct ath_softc *sc
- int qnum = sc->beacon.cabq->axq_qnum;
+ static int ieee80211_change_station(struct wiphy *wiphy,
+- struct net_device *dev, u8 *mac,
++ struct net_device *dev, const u8 *mac,
+ struct station_parameters *params)
+ {
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+@@ -1631,7 +1666,7 @@ out_err:
- ath9k_hw_get_txq_props(sc->sc_ah, qnum, &qi);
-- /*
-- * Ensure the readytime % is within the bounds.
-- */
-- if (sc->config.cabqReadytime < ATH9K_READY_TIME_LO_BOUND)
-- sc->config.cabqReadytime = ATH9K_READY_TIME_LO_BOUND;
-- else if (sc->config.cabqReadytime > ATH9K_READY_TIME_HI_BOUND)
-- sc->config.cabqReadytime = ATH9K_READY_TIME_HI_BOUND;
+ #ifdef CPTCFG_MAC80211_MESH
+ static int ieee80211_add_mpath(struct wiphy *wiphy, struct net_device *dev,
+- u8 *dst, u8 *next_hop)
++ const u8 *dst, const u8 *next_hop)
+ {
+ struct ieee80211_sub_if_data *sdata;
+ struct mesh_path *mpath;
+@@ -1659,7 +1694,7 @@ static int ieee80211_add_mpath(struct wi
+ }
- qi.tqi_readyTime = (cur_conf->beacon_interval *
-- sc->config.cabqReadytime) / 100;
-+ ATH_CABQ_READY_TIME) / 100;
- ath_txq_update(sc, qnum, &qi);
+ static int ieee80211_del_mpath(struct wiphy *wiphy, struct net_device *dev,
+- u8 *dst)
++ const u8 *dst)
+ {
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+@@ -1670,9 +1705,8 @@ static int ieee80211_del_mpath(struct wi
return 0;
-@@ -1571,7 +1726,7 @@ static void ath_drain_txq_list(struct at
- while (!list_empty(list)) {
- bf = list_first_entry(list, struct ath_buf, list);
+ }
-- if (bf->bf_stale) {
-+ if (bf->bf_state.stale) {
- list_del(&bf->list);
+-static int ieee80211_change_mpath(struct wiphy *wiphy,
+- struct net_device *dev,
+- u8 *dst, u8 *next_hop)
++static int ieee80211_change_mpath(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *dst, const u8 *next_hop)
+ {
+ struct ieee80211_sub_if_data *sdata;
+ struct mesh_path *mpath;
+@@ -1764,8 +1798,8 @@ static int ieee80211_get_mpath(struct wi
+ }
- ath_tx_return_buffer(sc, bf);
-@@ -1665,25 +1820,27 @@ void ath_tx_cleanupq(struct ath_softc *s
- */
- void ath_txq_schedule(struct ath_softc *sc, struct ath_txq *txq)
+ static int ieee80211_dump_mpath(struct wiphy *wiphy, struct net_device *dev,
+- int idx, u8 *dst, u8 *next_hop,
+- struct mpath_info *pinfo)
++ int idx, u8 *dst, u8 *next_hop,
++ struct mpath_info *pinfo)
{
-- struct ath_atx_ac *ac, *ac_tmp, *last_ac;
-+ struct ath_atx_ac *ac, *last_ac;
- struct ath_atx_tid *tid, *last_tid;
-+ bool sent = false;
-
- if (test_bit(SC_OP_HW_RESET, &sc->sc_flags) ||
-- list_empty(&txq->axq_acq) ||
-- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
-+ list_empty(&txq->axq_acq))
- return;
+ struct ieee80211_sub_if_data *sdata;
+ struct mesh_path *mpath;
+@@ -3019,26 +3053,11 @@ void ieee80211_csa_finish(struct ieee802
+ }
+ EXPORT_SYMBOL(ieee80211_csa_finish);
- rcu_read_lock();
+-static void ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
++static int ieee80211_set_after_csa_beacon(struct ieee80211_sub_if_data *sdata,
++ u32 *changed)
+ {
+- struct ieee80211_local *local = sdata->local;
+- int err, changed = 0;
+-
+- sdata_assert_lock(sdata);
+-
+- mutex_lock(&local->mtx);
+- sdata->radar_required = sdata->csa_radar_required;
+- err = ieee80211_vif_change_channel(sdata, &changed);
+- mutex_unlock(&local->mtx);
+- if (WARN_ON(err < 0))
+- return;
+-
+- if (!local->use_chanctx) {
+- local->_oper_chandef = sdata->csa_chandef;
+- ieee80211_hw_config(local, 0);
+- }
++ int err;
-- ac = list_first_entry(&txq->axq_acq, struct ath_atx_ac, list);
- last_ac = list_entry(txq->axq_acq.prev, struct ath_atx_ac, list);
-+ while (!list_empty(&txq->axq_acq)) {
-+ bool stop = false;
+- sdata->vif.csa_active = false;
+ switch (sdata->vif.type) {
+ case NL80211_IFTYPE_AP:
+ err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon);
+@@ -3046,35 +3065,75 @@ static void ieee80211_csa_finalize(struc
+ sdata->u.ap.next_beacon = NULL;
-- list_for_each_entry_safe(ac, ac_tmp, &txq->axq_acq, list) {
-+ ac = list_first_entry(&txq->axq_acq, struct ath_atx_ac, list);
- last_tid = list_entry(ac->tid_q.prev, struct ath_atx_tid, list);
- list_del(&ac->list);
- ac->sched = false;
+ if (err < 0)
+- return;
+- changed |= err;
++ return err;
++ *changed |= err;
+ break;
+ case NL80211_IFTYPE_ADHOC:
+ err = ieee80211_ibss_finish_csa(sdata);
+ if (err < 0)
+- return;
+- changed |= err;
++ return err;
++ *changed |= err;
+ break;
+ #ifdef CPTCFG_MAC80211_MESH
+ case NL80211_IFTYPE_MESH_POINT:
+ err = ieee80211_mesh_finish_csa(sdata);
+ if (err < 0)
+- return;
+- changed |= err;
++ return err;
++ *changed |= err;
+ break;
+ #endif
+ default:
+ WARN_ON(1);
+- return;
++ return -EINVAL;
+ }
- while (!list_empty(&ac->tid_q)) {
+
- tid = list_first_entry(&ac->tid_q, struct ath_atx_tid,
- list);
- list_del(&tid->list);
-@@ -1692,17 +1849,17 @@ void ath_txq_schedule(struct ath_softc *
- if (tid->paused)
- continue;
++ return 0;
++}
++
++static int __ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
++{
++ struct ieee80211_local *local = sdata->local;
++ u32 changed = 0;
++ int err;
++
++ sdata_assert_lock(sdata);
++ lockdep_assert_held(&local->mtx);
++
++ sdata->radar_required = sdata->csa_radar_required;
++ err = ieee80211_vif_change_channel(sdata, &changed);
++ if (err < 0)
++ return err;
++
++ if (!local->use_chanctx) {
++ local->_oper_chandef = sdata->csa_chandef;
++ ieee80211_hw_config(local, 0);
++ }
++
++ sdata->vif.csa_active = false;
++
++ err = ieee80211_set_after_csa_beacon(sdata, &changed);
++ if (err)
++ return err;
++
+ ieee80211_bss_info_change_notify(sdata, changed);
++ cfg80211_ch_switch_notify(sdata->dev, &sdata->csa_chandef);
-- ath_tx_sched_aggr(sc, txq, tid);
-+ if (ath_tx_sched_aggr(sc, txq, tid, &stop))
-+ sent = true;
+- ieee80211_wake_queues_by_reason(&sdata->local->hw,
++ if (!ieee80211_csa_needs_block_tx(local))
++ ieee80211_wake_queues_by_reason(&local->hw,
+ IEEE80211_MAX_QUEUE_MAP,
+ IEEE80211_QUEUE_STOP_REASON_CSA);
- /*
- * add tid to round-robin queue if more frames
- * are pending for the tid
- */
-- if (!skb_queue_empty(&tid->buf_q))
-+ if (ath_tid_has_buffered(tid))
- ath_tx_queue_tid(txq, tid);
-
-- if (tid == last_tid ||
-- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
-+ if (stop || tid == last_tid)
- break;
- }
+- cfg80211_ch_switch_notify(sdata->dev, &sdata->csa_chandef);
++ return 0;
++}
++
++static void ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
++{
++ if (__ieee80211_csa_finalize(sdata)) {
++ sdata_info(sdata, "failed to finalize CSA, disconnecting\n");
++ cfg80211_stop_iface(sdata->local->hw.wiphy, &sdata->wdev,
++ GFP_KERNEL);
++ }
+ }
-@@ -1711,9 +1868,17 @@ void ath_txq_schedule(struct ath_softc *
- list_add_tail(&ac->list, &txq->axq_acq);
- }
+ void ieee80211_csa_finalize_work(struct work_struct *work)
+@@ -3082,8 +3141,11 @@ void ieee80211_csa_finalize_work(struct
+ struct ieee80211_sub_if_data *sdata =
+ container_of(work, struct ieee80211_sub_if_data,
+ csa_finalize_work);
++ struct ieee80211_local *local = sdata->local;
-- if (ac == last_ac ||
-- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
-+ if (stop)
- break;
-+
-+ if (ac == last_ac) {
-+ if (!sent)
-+ break;
+ sdata_lock(sdata);
++ mutex_lock(&local->mtx);
+
-+ sent = false;
-+ last_ac = list_entry(txq->axq_acq.prev,
-+ struct ath_atx_ac, list);
-+ }
- }
+ /* AP might have been stopped while waiting for the lock. */
+ if (!sdata->vif.csa_active)
+ goto unlock;
+@@ -3094,6 +3156,7 @@ void ieee80211_csa_finalize_work(struct
+ ieee80211_csa_finalize(sdata);
- rcu_read_unlock();
-@@ -1787,74 +1952,28 @@ static void ath_tx_txqaddbuf(struct ath_
- if (bf_is_ampdu_not_probing(bf))
- txq->axq_ampdu_depth++;
-
-- bf = bf->bf_lastbf->bf_next;
-+ bf_last = bf->bf_lastbf;
-+ bf = bf_last->bf_next;
-+ bf_last->bf_next = NULL;
- }
- }
+ unlock:
++ mutex_unlock(&local->mtx);
+ sdata_unlock(sdata);
}
--static void ath_tx_send_ampdu(struct ath_softc *sc, struct ath_txq *txq,
-- struct ath_atx_tid *tid, struct sk_buff *skb,
-- struct ath_tx_control *txctl)
--{
-- struct ath_frame_info *fi = get_frame_info(skb);
-- struct list_head bf_head;
-- struct ath_buf *bf;
--
-- /*
-- * Do not queue to h/w when any of the following conditions is true:
-- * - there are pending frames in software queue
-- * - the TID is currently paused for ADDBA/BAR request
-- * - seqno is not within block-ack window
-- * - h/w queue depth exceeds low water mark
-- */
-- if ((!skb_queue_empty(&tid->buf_q) || tid->paused ||
-- !BAW_WITHIN(tid->seq_start, tid->baw_size, tid->seq_next) ||
-- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH) &&
-- txq != sc->tx.uapsdq) {
-- /*
-- * Add this frame to software queue for scheduling later
-- * for aggregation.
-- */
-- TX_STAT_INC(txq->axq_qnum, a_queued_sw);
-- __skb_queue_tail(&tid->buf_q, skb);
-- if (!txctl->an || !txctl->an->sleeping)
-- ath_tx_queue_tid(txq, tid);
-- return;
-- }
--
-- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
-- if (!bf) {
-- ieee80211_free_txskb(sc->hw, skb);
-- return;
-- }
--
-- ath_set_rates(tid->an->vif, tid->an->sta, bf);
-- bf->bf_state.bf_type = BUF_AMPDU;
-- INIT_LIST_HEAD(&bf_head);
-- list_add(&bf->list, &bf_head);
--
-- /* Add sub-frame to BAW */
-- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
--
-- /* Queue to h/w without aggregation */
-- TX_STAT_INC(txq->axq_qnum, a_queued_hw);
-- bf->bf_lastbf = bf;
-- ath_tx_fill_desc(sc, bf, txq, fi->framelen);
-- ath_tx_txqaddbuf(sc, txq, &bf_head, false);
--}
--
- static void ath_tx_send_normal(struct ath_softc *sc, struct ath_txq *txq,
- struct ath_atx_tid *tid, struct sk_buff *skb)
+@@ -3129,9 +3192,25 @@ static int ieee80211_set_csa_beacon(stru
+ if (params->count <= 1)
+ break;
+
+- sdata->csa_counter_offset_beacon =
+- params->counter_offset_beacon;
+- sdata->csa_counter_offset_presp = params->counter_offset_presp;
++ if ((params->n_counter_offsets_beacon >
++ IEEE80211_MAX_CSA_COUNTERS_NUM) ||
++ (params->n_counter_offsets_presp >
++ IEEE80211_MAX_CSA_COUNTERS_NUM))
++ return -EINVAL;
++
++ /* make sure we don't have garbage in other counters */
++ memset(sdata->csa_counter_offset_beacon, 0,
++ sizeof(sdata->csa_counter_offset_beacon));
++ memset(sdata->csa_counter_offset_presp, 0,
++ sizeof(sdata->csa_counter_offset_presp));
++
++ memcpy(sdata->csa_counter_offset_beacon,
++ params->counter_offsets_beacon,
++ params->n_counter_offsets_beacon * sizeof(u16));
++ memcpy(sdata->csa_counter_offset_presp,
++ params->counter_offsets_presp,
++ params->n_counter_offsets_presp * sizeof(u16));
++
+ err = ieee80211_assign_beacon(sdata, ¶ms->beacon_csa);
+ if (err < 0) {
+ kfree(sdata->u.ap.next_beacon);
+@@ -3220,8 +3299,9 @@ static int ieee80211_set_csa_beacon(stru
+ return 0;
+ }
+
+-int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
+- struct cfg80211_csa_settings *params)
++static int
++__ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
++ struct cfg80211_csa_settings *params)
{
-+ struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
- struct ath_frame_info *fi = get_frame_info(skb);
- struct list_head bf_head;
-- struct ath_buf *bf;
--
-- bf = fi->bf;
-+ struct ath_buf *bf = fi->bf;
-
- INIT_LIST_HEAD(&bf_head);
- list_add_tail(&bf->list, &bf_head);
- bf->bf_state.bf_type = 0;
-+ if (tid && (tx_info->flags & IEEE80211_TX_CTL_AMPDU)) {
-+ bf->bf_state.bf_type = BUF_AMPDU;
-+ ath_tx_addto_baw(sc, tid, bf);
-+ }
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+ struct ieee80211_local *local = sdata->local;
+@@ -3230,6 +3310,7 @@ int ieee80211_channel_switch(struct wiph
+ int err, num_chanctx, changed = 0;
- bf->bf_next = NULL;
- bf->bf_lastbf = bf;
-@@ -1911,8 +2030,7 @@ u8 ath_txchainmask_reduction(struct ath_
- struct ath_hw *ah = sc->sc_ah;
- struct ath9k_channel *curchan = ah->curchan;
-
-- if ((ah->caps.hw_caps & ATH9K_HW_CAP_APM) &&
-- (curchan->channelFlags & CHANNEL_5GHZ) &&
-+ if ((ah->caps.hw_caps & ATH9K_HW_CAP_APM) && IS_CHAN_5GHZ(curchan) &&
- (chainmask == 0x7) && (rate < 0x90))
- return 0x3;
- else if (AR_SREV_9462(ah) && ath9k_hw_btcoex_is_enabled(ah) &&
-@@ -1985,6 +2103,7 @@ static int ath_tx_prepare(struct ieee802
- struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
- struct ieee80211_sta *sta = txctl->sta;
- struct ieee80211_vif *vif = info->control.vif;
-+ struct ath_vif *avp;
- struct ath_softc *sc = hw->priv;
- int frmlen = skb->len + FCS_LEN;
- int padpos, padsize;
-@@ -1992,6 +2111,10 @@ static int ath_tx_prepare(struct ieee802
- /* NOTE: sta can be NULL according to net/mac80211.h */
- if (sta)
- txctl->an = (struct ath_node *)sta->drv_priv;
-+ else if (vif && ieee80211_is_data(hdr->frame_control)) {
-+ avp = (void *)vif->drv_priv;
-+ txctl->an = &avp->mcast_node;
-+ }
+ sdata_assert_lock(sdata);
++ lockdep_assert_held(&local->mtx);
- if (info->control.hw_key)
- frmlen += info->control.hw_key->icv_len;
-@@ -2041,7 +2164,6 @@ int ath_tx_start(struct ieee80211_hw *hw
- struct ath_txq *txq = txctl->txq;
- struct ath_atx_tid *tid = NULL;
- struct ath_buf *bf;
-- u8 tidno;
- int q;
- int ret;
+ if (!list_empty(&local->roc_list) || local->scanning)
+ return -EBUSY;
+@@ -3272,15 +3353,16 @@ int ieee80211_channel_switch(struct wiph
+ return err;
-@@ -2069,27 +2191,31 @@ int ath_tx_start(struct ieee80211_hw *hw
- ath_txq_unlock(sc, txq);
- txq = sc->tx.uapsdq;
- ath_txq_lock(sc, txq);
-- }
+ sdata->csa_radar_required = params->radar_required;
-
-- if (txctl->an && ieee80211_is_data_qos(hdr->frame_control)) {
-- tidno = ieee80211_get_qos_ctl(hdr)[0] &
-- IEEE80211_QOS_CTL_TID_MASK;
-- tid = ATH_AN_2_TID(txctl->an, tidno);
-+ } else if (txctl->an &&
-+ ieee80211_is_data_present(hdr->frame_control)) {
-+ tid = ath_get_skb_tid(sc, txctl->an, skb);
-
- WARN_ON(tid->ac->txq != txctl->txq);
-- }
+- if (params->block_tx)
+- ieee80211_stop_queues_by_reason(&local->hw,
+- IEEE80211_MAX_QUEUE_MAP,
+- IEEE80211_QUEUE_STOP_REASON_CSA);
+-
+ sdata->csa_chandef = params->chandef;
++ sdata->csa_block_tx = params->block_tx;
++ sdata->csa_current_counter = params->count;
+ sdata->vif.csa_active = true;
-- if ((info->flags & IEEE80211_TX_CTL_AMPDU) && tid) {
-+ if (info->flags & IEEE80211_TX_CTL_CLEAR_PS_FILT)
-+ tid->ac->clear_ps_filter = true;
-+
- /*
-- * Try aggregation if it's a unicast data frame
-- * and the destination is HT capable.
-+ * Add this frame to software queue for scheduling later
-+ * for aggregation.
- */
-- ath_tx_send_ampdu(sc, txq, tid, skb, txctl);
-+ TX_STAT_INC(txq->axq_qnum, a_queued_sw);
-+ __skb_queue_tail(&tid->buf_q, skb);
-+ if (!txctl->an->sleeping)
-+ ath_tx_queue_tid(txq, tid);
-+
-+ ath_txq_schedule(sc, txq);
- goto out;
++ if (sdata->csa_block_tx)
++ ieee80211_stop_queues_by_reason(&local->hw,
++ IEEE80211_MAX_QUEUE_MAP,
++ IEEE80211_QUEUE_STOP_REASON_CSA);
++
+ if (changed) {
+ ieee80211_bss_info_change_notify(sdata, changed);
+ drv_channel_switch_beacon(sdata, ¶ms->chandef);
+@@ -3292,6 +3374,20 @@ int ieee80211_channel_switch(struct wiph
+ return 0;
+ }
+
++int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
++ struct cfg80211_csa_settings *params)
++{
++ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
++ struct ieee80211_local *local = sdata->local;
++ int err;
++
++ mutex_lock(&local->mtx);
++ err = __ieee80211_channel_switch(wiphy, dev, params);
++ mutex_unlock(&local->mtx);
++
++ return err;
++}
++
+ static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
+ struct cfg80211_mgmt_tx_params *params,
+ u64 *cookie)
+@@ -3304,6 +3400,7 @@ static int ieee80211_mgmt_tx(struct wiph
+ bool need_offchan = false;
+ u32 flags;
+ int ret;
++ u8 *data;
+
+ if (params->dont_wait_for_ack)
+ flags = IEEE80211_TX_CTL_NO_ACK;
+@@ -3397,7 +3494,20 @@ static int ieee80211_mgmt_tx(struct wiph
}
+ skb_reserve(skb, local->hw.extra_tx_headroom);
+
+- memcpy(skb_put(skb, params->len), params->buf, params->len);
++ data = skb_put(skb, params->len);
++ memcpy(data, params->buf, params->len);
++
++ /* Update CSA counters */
++ if (sdata->vif.csa_active &&
++ (sdata->vif.type == NL80211_IFTYPE_AP ||
++ sdata->vif.type == NL80211_IFTYPE_ADHOC) &&
++ params->n_csa_offsets) {
++ int i;
++ u8 c = sdata->csa_current_counter;
++
++ for (i = 0; i < params->n_csa_offsets; i++)
++ data[params->csa_offsets[i]] = c;
++ }
- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
- if (!bf) {
-+ ath_txq_skb_done(sc, txq, skb);
- if (txctl->paprd)
- dev_kfree_skb_any(skb);
- else
-@@ -2142,7 +2268,7 @@ void ath_tx_cabq(struct ieee80211_hw *hw
-
- bf->bf_lastbf = bf;
- ath_set_rates(vif, NULL, bf);
-- ath_buf_set_rate(sc, bf, &info, fi->framelen);
-+ ath_buf_set_rate(sc, bf, &info, fi->framelen, false);
- duration += info.rates[0].PktDuration;
- if (bf_tail)
- bf_tail->bf_next = bf;
-@@ -2189,7 +2315,7 @@ static void ath_tx_complete(struct ath_s
- struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
- struct ieee80211_hdr * hdr = (struct ieee80211_hdr *)skb->data;
-- int q, padpos, padsize;
-+ int padpos, padsize;
- unsigned long flags;
+ IEEE80211_SKB_CB(skb)->flags = flags;
- ath_dbg(common, XMIT, "TX complete: skb: %p\n", skb);
-@@ -2225,21 +2351,7 @@ static void ath_tx_complete(struct ath_s
- spin_unlock_irqrestore(&sc->sc_pm_lock, flags);
+@@ -3506,320 +3616,6 @@ static int ieee80211_set_rekey_data(stru
+ return 0;
+ }
- __skb_queue_tail(&txq->complete_q, skb);
+-static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
+-{
+- u8 *pos = (void *)skb_put(skb, 7);
+-
+- *pos++ = WLAN_EID_EXT_CAPABILITY;
+- *pos++ = 5; /* len */
+- *pos++ = 0x0;
+- *pos++ = 0x0;
+- *pos++ = 0x0;
+- *pos++ = 0x0;
+- *pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
+-}
+-
+-static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata)
+-{
+- struct ieee80211_local *local = sdata->local;
+- u16 capab;
+-
+- capab = 0;
+- if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
+- return capab;
+-
+- if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
+- capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
+- if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
+- capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
+-
+- return capab;
+-}
+-
+-static void ieee80211_tdls_add_link_ie(struct sk_buff *skb, u8 *src_addr,
+- u8 *peer, u8 *bssid)
+-{
+- struct ieee80211_tdls_lnkie *lnkid;
+-
+- lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
+-
+- lnkid->ie_type = WLAN_EID_LINK_ID;
+- lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
+-
+- memcpy(lnkid->bssid, bssid, ETH_ALEN);
+- memcpy(lnkid->init_sta, src_addr, ETH_ALEN);
+- memcpy(lnkid->resp_sta, peer, ETH_ALEN);
+-}
+-
+-static int
+-ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, u8 action_code, u8 dialog_token,
+- u16 status_code, struct sk_buff *skb)
+-{
+- struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+- enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
+- struct ieee80211_tdls_data *tf;
+-
+- tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
+-
+- memcpy(tf->da, peer, ETH_ALEN);
+- memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
+- tf->ether_type = cpu_to_be16(ETH_P_TDLS);
+- tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
+-
+- switch (action_code) {
+- case WLAN_TDLS_SETUP_REQUEST:
+- tf->category = WLAN_CATEGORY_TDLS;
+- tf->action_code = WLAN_TDLS_SETUP_REQUEST;
+-
+- skb_put(skb, sizeof(tf->u.setup_req));
+- tf->u.setup_req.dialog_token = dialog_token;
+- tf->u.setup_req.capability =
+- cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
+-
+- ieee80211_add_srates_ie(sdata, skb, false, band);
+- ieee80211_add_ext_srates_ie(sdata, skb, false, band);
+- ieee80211_tdls_add_ext_capab(skb);
+- break;
+- case WLAN_TDLS_SETUP_RESPONSE:
+- tf->category = WLAN_CATEGORY_TDLS;
+- tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
+-
+- skb_put(skb, sizeof(tf->u.setup_resp));
+- tf->u.setup_resp.status_code = cpu_to_le16(status_code);
+- tf->u.setup_resp.dialog_token = dialog_token;
+- tf->u.setup_resp.capability =
+- cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
+-
+- ieee80211_add_srates_ie(sdata, skb, false, band);
+- ieee80211_add_ext_srates_ie(sdata, skb, false, band);
+- ieee80211_tdls_add_ext_capab(skb);
+- break;
+- case WLAN_TDLS_SETUP_CONFIRM:
+- tf->category = WLAN_CATEGORY_TDLS;
+- tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
+-
+- skb_put(skb, sizeof(tf->u.setup_cfm));
+- tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
+- tf->u.setup_cfm.dialog_token = dialog_token;
+- break;
+- case WLAN_TDLS_TEARDOWN:
+- tf->category = WLAN_CATEGORY_TDLS;
+- tf->action_code = WLAN_TDLS_TEARDOWN;
+-
+- skb_put(skb, sizeof(tf->u.teardown));
+- tf->u.teardown.reason_code = cpu_to_le16(status_code);
+- break;
+- case WLAN_TDLS_DISCOVERY_REQUEST:
+- tf->category = WLAN_CATEGORY_TDLS;
+- tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
+-
+- skb_put(skb, sizeof(tf->u.discover_req));
+- tf->u.discover_req.dialog_token = dialog_token;
+- break;
+- default:
+- return -EINVAL;
+- }
+-
+- return 0;
+-}
+-
+-static int
+-ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, u8 action_code, u8 dialog_token,
+- u16 status_code, struct sk_buff *skb)
+-{
+- struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+- enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
+- struct ieee80211_mgmt *mgmt;
+-
+- mgmt = (void *)skb_put(skb, 24);
+- memset(mgmt, 0, 24);
+- memcpy(mgmt->da, peer, ETH_ALEN);
+- memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
+- memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
+-
+- mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
+- IEEE80211_STYPE_ACTION);
+-
+- switch (action_code) {
+- case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
+- skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
+- mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
+- mgmt->u.action.u.tdls_discover_resp.action_code =
+- WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
+- mgmt->u.action.u.tdls_discover_resp.dialog_token =
+- dialog_token;
+- mgmt->u.action.u.tdls_discover_resp.capability =
+- cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
+-
+- ieee80211_add_srates_ie(sdata, skb, false, band);
+- ieee80211_add_ext_srates_ie(sdata, skb, false, band);
+- ieee80211_tdls_add_ext_capab(skb);
+- break;
+- default:
+- return -EINVAL;
+- }
+-
+- return 0;
+-}
+-
+-static int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, u8 action_code, u8 dialog_token,
+- u16 status_code, u32 peer_capability,
+- const u8 *extra_ies, size_t extra_ies_len)
+-{
+- struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+- struct ieee80211_local *local = sdata->local;
+- struct sk_buff *skb = NULL;
+- bool send_direct;
+- int ret;
+-
+- if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
+- return -ENOTSUPP;
+-
+- /* make sure we are in managed mode, and associated */
+- if (sdata->vif.type != NL80211_IFTYPE_STATION ||
+- !sdata->u.mgd.associated)
+- return -EINVAL;
+-
+- tdls_dbg(sdata, "TDLS mgmt action %d peer %pM\n",
+- action_code, peer);
+-
+- skb = dev_alloc_skb(local->hw.extra_tx_headroom +
+- max(sizeof(struct ieee80211_mgmt),
+- sizeof(struct ieee80211_tdls_data)) +
+- 50 + /* supported rates */
+- 7 + /* ext capab */
+- extra_ies_len +
+- sizeof(struct ieee80211_tdls_lnkie));
+- if (!skb)
+- return -ENOMEM;
+-
+- skb_reserve(skb, local->hw.extra_tx_headroom);
+-
+- switch (action_code) {
+- case WLAN_TDLS_SETUP_REQUEST:
+- case WLAN_TDLS_SETUP_RESPONSE:
+- case WLAN_TDLS_SETUP_CONFIRM:
+- case WLAN_TDLS_TEARDOWN:
+- case WLAN_TDLS_DISCOVERY_REQUEST:
+- ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
+- action_code, dialog_token,
+- status_code, skb);
+- send_direct = false;
+- break;
+- case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
+- ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
+- dialog_token, status_code,
+- skb);
+- send_direct = true;
+- break;
+- default:
+- ret = -ENOTSUPP;
+- break;
+- }
+-
+- if (ret < 0)
+- goto fail;
+-
+- if (extra_ies_len)
+- memcpy(skb_put(skb, extra_ies_len), extra_ies, extra_ies_len);
+-
+- /* the TDLS link IE is always added last */
+- switch (action_code) {
+- case WLAN_TDLS_SETUP_REQUEST:
+- case WLAN_TDLS_SETUP_CONFIRM:
+- case WLAN_TDLS_TEARDOWN:
+- case WLAN_TDLS_DISCOVERY_REQUEST:
+- /* we are the initiator */
+- ieee80211_tdls_add_link_ie(skb, sdata->vif.addr, peer,
+- sdata->u.mgd.bssid);
+- break;
+- case WLAN_TDLS_SETUP_RESPONSE:
+- case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
+- /* we are the responder */
+- ieee80211_tdls_add_link_ie(skb, peer, sdata->vif.addr,
+- sdata->u.mgd.bssid);
+- break;
+- default:
+- ret = -ENOTSUPP;
+- goto fail;
+- }
+-
+- if (send_direct) {
+- ieee80211_tx_skb(sdata, skb);
+- return 0;
+- }
+-
+- /*
+- * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
+- * we should default to AC_VI.
+- */
+- switch (action_code) {
+- case WLAN_TDLS_SETUP_REQUEST:
+- case WLAN_TDLS_SETUP_RESPONSE:
+- skb_set_queue_mapping(skb, IEEE80211_AC_BK);
+- skb->priority = 2;
+- break;
+- default:
+- skb_set_queue_mapping(skb, IEEE80211_AC_VI);
+- skb->priority = 5;
+- break;
+- }
-
-- q = skb_get_queue_mapping(skb);
-- if (txq == sc->tx.uapsdq)
-- txq = sc->tx.txq_map[q];
+- /* disable bottom halves when entering the Tx path */
+- local_bh_disable();
+- ret = ieee80211_subif_start_xmit(skb, dev);
+- local_bh_enable();
-
-- if (txq == sc->tx.txq_map[q]) {
-- if (WARN_ON(--txq->pending_frames < 0))
-- txq->pending_frames = 0;
+- return ret;
-
-- if (txq->stopped &&
-- txq->pending_frames < sc->tx.txq_max_pending[q]) {
-- ieee80211_wake_queue(sc->hw, q);
-- txq->stopped = false;
+-fail:
+- dev_kfree_skb(skb);
+- return ret;
+-}
+-
+-static int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
+- u8 *peer, enum nl80211_tdls_operation oper)
+-{
+- struct sta_info *sta;
+- struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+-
+- if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
+- return -ENOTSUPP;
+-
+- if (sdata->vif.type != NL80211_IFTYPE_STATION)
+- return -EINVAL;
+-
+- tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
+-
+- switch (oper) {
+- case NL80211_TDLS_ENABLE_LINK:
+- rcu_read_lock();
+- sta = sta_info_get(sdata, peer);
+- if (!sta) {
+- rcu_read_unlock();
+- return -ENOLINK;
- }
+-
+- set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
+- rcu_read_unlock();
+- break;
+- case NL80211_TDLS_DISABLE_LINK:
+- return sta_info_destroy_addr(sdata, peer);
+- case NL80211_TDLS_TEARDOWN:
+- case NL80211_TDLS_SETUP:
+- case NL80211_TDLS_DISCOVERY_REQ:
+- /* We don't support in-driver setup/teardown/discovery */
+- return -ENOTSUPP;
+- default:
+- return -ENOTSUPP;
- }
-+ ath_txq_skb_done(sc, txq, skb);
+-
+- return 0;
+-}
+-
+ static int ieee80211_probe_client(struct wiphy *wiphy, struct net_device *dev,
+ const u8 *peer, u64 *cookie)
+ {
+--- a/net/mac80211/chan.c
++++ b/net/mac80211/chan.c
+@@ -855,7 +855,7 @@ static void
+ __ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
+ bool clear)
+ {
+- struct ieee80211_local *local = sdata->local;
++ struct ieee80211_local *local __maybe_unused = sdata->local;
+ struct ieee80211_sub_if_data *vlan;
+ struct ieee80211_chanctx_conf *conf;
+
+@@ -871,7 +871,7 @@ __ieee80211_vif_copy_chanctx_to_vlans(st
+ * to a channel context that has already been freed.
+ */
+ conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
+- lockdep_is_held(&local->chanctx_mtx));
++ lockdep_is_held(&local->chanctx_mtx));
+ WARN_ON(!conf);
+
+ if (clear)
+--- a/net/mac80211/driver-ops.h
++++ b/net/mac80211/driver-ops.h
+@@ -5,11 +5,11 @@
+ #include "ieee80211_i.h"
+ #include "trace.h"
+
+-static inline void check_sdata_in_driver(struct ieee80211_sub_if_data *sdata)
++static inline bool check_sdata_in_driver(struct ieee80211_sub_if_data *sdata)
+ {
+- WARN(!(sdata->flags & IEEE80211_SDATA_IN_DRIVER),
+- "%s: Failed check-sdata-in-driver check, flags: 0x%x\n",
+- sdata->dev ? sdata->dev->name : sdata->name, sdata->flags);
++ return !WARN(!(sdata->flags & IEEE80211_SDATA_IN_DRIVER),
++ "%s: Failed check-sdata-in-driver check, flags: 0x%x\n",
++ sdata->dev ? sdata->dev->name : sdata->name, sdata->flags);
}
- static void ath_tx_complete_buf(struct ath_softc *sc, struct ath_buf *bf,
-@@ -2360,8 +2472,7 @@ static void ath_tx_processq(struct ath_s
+ static inline struct ieee80211_sub_if_data *
+@@ -168,7 +168,8 @@ static inline int drv_change_interface(s
- if (list_empty(&txq->axq_q)) {
- txq->axq_link = NULL;
-- if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT)
-- ath_txq_schedule(sc, txq);
-+ ath_txq_schedule(sc, txq);
- break;
- }
- bf = list_first_entry(&txq->axq_q, struct ath_buf, list);
-@@ -2375,7 +2486,7 @@ static void ath_tx_processq(struct ath_s
- * it with the STALE flag.
- */
- bf_held = NULL;
-- if (bf->bf_stale) {
-+ if (bf->bf_state.stale) {
- bf_held = bf;
- if (list_is_last(&bf_held->list, &txq->axq_q))
- break;
-@@ -2399,7 +2510,7 @@ static void ath_tx_processq(struct ath_s
- * however leave the last descriptor back as the holding
- * descriptor for hw.
- */
-- lastbf->bf_stale = true;
-+ lastbf->bf_state.stale = true;
- INIT_LIST_HEAD(&bf_head);
- if (!list_is_singular(&lastbf->list))
- list_cut_position(&bf_head,
-@@ -2470,7 +2581,7 @@ void ath_tx_edma_tasklet(struct ath_soft
- }
+ might_sleep();
- bf = list_first_entry(fifo_list, struct ath_buf, list);
-- if (bf->bf_stale) {
-+ if (bf->bf_state.stale) {
- list_del(&bf->list);
- ath_tx_return_buffer(sc, bf);
- bf = list_first_entry(fifo_list, struct ath_buf, list);
-@@ -2492,7 +2603,7 @@ void ath_tx_edma_tasklet(struct ath_soft
- ath_tx_txqaddbuf(sc, txq, &bf_q, true);
- }
- } else {
-- lastbf->bf_stale = true;
-+ lastbf->bf_state.stale = true;
- if (bf != lastbf)
- list_cut_position(&bf_head, fifo_list,
- lastbf->list.prev);
-@@ -2583,6 +2694,7 @@ void ath_tx_node_init(struct ath_softc *
- tid->paused = false;
- tid->active = false;
- __skb_queue_head_init(&tid->buf_q);
-+ __skb_queue_head_init(&tid->retry_q);
- acno = TID_TO_WME_AC(tidno);
- tid->ac = &an->ac[acno];
- }
-@@ -2590,6 +2702,7 @@ void ath_tx_node_init(struct ath_softc *
- for (acno = 0, ac = &an->ac[acno];
- acno < IEEE80211_NUM_ACS; acno++, ac++) {
- ac->sched = false;
-+ ac->clear_ps_filter = true;
- ac->txq = sc->tx.txq_map[acno];
- INIT_LIST_HEAD(&ac->tid_q);
- }
---- a/drivers/net/wireless/ath/ath9k/main.c
-+++ b/drivers/net/wireless/ath/ath9k/main.c
-@@ -173,8 +173,7 @@ static void ath_restart_work(struct ath_
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
+
+ trace_drv_change_interface(local, sdata, type, p2p);
+ ret = local->ops->change_interface(&local->hw, &sdata->vif, type, p2p);
+@@ -181,7 +182,8 @@ static inline void drv_remove_interface(
{
- ieee80211_queue_delayed_work(sc->hw, &sc->tx_complete_work, 0);
+ might_sleep();
-- if (AR_SREV_9340(sc->sc_ah) || AR_SREV_9485(sc->sc_ah) ||
-- AR_SREV_9550(sc->sc_ah))
-+ if (AR_SREV_9340(sc->sc_ah) || AR_SREV_9330(sc->sc_ah))
- ieee80211_queue_delayed_work(sc->hw, &sc->hw_pll_work,
- msecs_to_jiffies(ATH_PLL_WORK_INTERVAL));
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
-@@ -209,6 +208,7 @@ static bool ath_complete_reset(struct at
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
- unsigned long flags;
-+ int i;
+ trace_drv_remove_interface(local, sdata);
+ local->ops->remove_interface(&local->hw, &sdata->vif);
+@@ -219,7 +221,8 @@ static inline void drv_bss_info_changed(
+ sdata->vif.type == NL80211_IFTYPE_MONITOR))
+ return;
- if (ath_startrecv(sc) != 0) {
- ath_err(common, "Unable to restart recv logic\n");
-@@ -236,10 +236,16 @@ static bool ath_complete_reset(struct at
- }
- work:
- ath_restart_work(sc);
-- }
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
-- if ((ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) && sc->ant_rx != 3)
-- ath_ant_comb_update(sc);
-+ for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++) {
-+ if (!ATH_TXQ_SETUP(sc, i))
-+ continue;
-+
-+ spin_lock_bh(&sc->tx.txq[i].axq_lock);
-+ ath_txq_schedule(sc, &sc->tx.txq[i]);
-+ spin_unlock_bh(&sc->tx.txq[i].axq_lock);
-+ }
-+ }
+ trace_drv_bss_info_changed(local, sdata, info, changed);
+ if (local->ops->bss_info_changed)
+@@ -278,7 +281,8 @@ static inline int drv_set_key(struct iee
+ might_sleep();
- ieee80211_wake_queues(sc->hw);
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
-@@ -306,17 +312,91 @@ out:
- * by reseting the chip. To accomplish this we must first cleanup any pending
- * DMA, then restart stuff.
- */
--static int ath_set_channel(struct ath_softc *sc, struct ieee80211_hw *hw,
-- struct ath9k_channel *hchan)
-+static int ath_set_channel(struct ath_softc *sc, struct cfg80211_chan_def *chandef)
- {
-+ struct ath_hw *ah = sc->sc_ah;
-+ struct ath_common *common = ath9k_hw_common(ah);
-+ struct ieee80211_hw *hw = sc->hw;
-+ struct ath9k_channel *hchan;
-+ struct ieee80211_channel *chan = chandef->chan;
-+ unsigned long flags;
-+ bool offchannel;
-+ int pos = chan->hw_value;
-+ int old_pos = -1;
- int r;
+ trace_drv_set_key(local, cmd, sdata, sta, key);
+ ret = local->ops->set_key(&local->hw, cmd, &sdata->vif, sta, key);
+@@ -298,7 +302,8 @@ static inline void drv_update_tkip_key(s
+ ista = &sta->sta;
- if (test_bit(SC_OP_INVALID, &sc->sc_flags))
- return -EIO;
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
-+ offchannel = !!(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL);
-+
-+ if (ah->curchan)
-+ old_pos = ah->curchan - &ah->channels[0];
-+
-+ ath_dbg(common, CONFIG, "Set channel: %d MHz width: %d\n",
-+ chan->center_freq, chandef->width);
-+
-+ /* update survey stats for the old channel before switching */
-+ spin_lock_irqsave(&common->cc_lock, flags);
-+ ath_update_survey_stats(sc);
-+ spin_unlock_irqrestore(&common->cc_lock, flags);
-+
-+ ath9k_cmn_get_channel(hw, ah, chandef);
-+
-+ /*
-+ * If the operating channel changes, change the survey in-use flags
-+ * along with it.
-+ * Reset the survey data for the new channel, unless we're switching
-+ * back to the operating channel from an off-channel operation.
-+ */
-+ if (!offchannel && sc->cur_survey != &sc->survey[pos]) {
-+ if (sc->cur_survey)
-+ sc->cur_survey->filled &= ~SURVEY_INFO_IN_USE;
-+
-+ sc->cur_survey = &sc->survey[pos];
-+
-+ memset(sc->cur_survey, 0, sizeof(struct survey_info));
-+ sc->cur_survey->filled |= SURVEY_INFO_IN_USE;
-+ } else if (!(sc->survey[pos].filled & SURVEY_INFO_IN_USE)) {
-+ memset(&sc->survey[pos], 0, sizeof(struct survey_info));
-+ }
-+
-+ hchan = &sc->sc_ah->channels[pos];
- r = ath_reset_internal(sc, hchan);
-+ if (r)
-+ return r;
+ trace_drv_update_tkip_key(local, sdata, conf, ista, iv32);
+ if (local->ops->update_tkip_key)
+@@ -315,7 +320,8 @@ static inline int drv_hw_scan(struct iee
-- return r;
-+ /*
-+ * The most recent snapshot of channel->noisefloor for the old
-+ * channel is only available after the hardware reset. Copy it to
-+ * the survey stats now.
-+ */
-+ if (old_pos >= 0)
-+ ath_update_survey_nf(sc, old_pos);
-+
-+ /*
-+ * Enable radar pulse detection if on a DFS channel. Spectral
-+ * scanning and radar detection can not be used concurrently.
-+ */
-+ if (hw->conf.radar_enabled) {
-+ u32 rxfilter;
-+
-+ /* set HW specific DFS configuration */
-+ ath9k_hw_set_radar_params(ah);
-+ rxfilter = ath9k_hw_getrxfilter(ah);
-+ rxfilter |= ATH9K_RX_FILTER_PHYRADAR |
-+ ATH9K_RX_FILTER_PHYERR;
-+ ath9k_hw_setrxfilter(ah, rxfilter);
-+ ath_dbg(common, DFS, "DFS enabled at freq %d\n",
-+ chan->center_freq);
-+ } else {
-+ /* perform spectral scan if requested. */
-+ if (test_bit(SC_OP_SCANNING, &sc->sc_flags) &&
-+ sc->spectral_mode == SPECTRAL_CHANSCAN)
-+ ath9k_spectral_scan_trigger(hw);
-+ }
-+
-+ return 0;
- }
+ might_sleep();
- static void ath_node_attach(struct ath_softc *sc, struct ieee80211_sta *sta,
-@@ -543,21 +623,10 @@ chip_reset:
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
- static int ath_reset(struct ath_softc *sc)
+ trace_drv_hw_scan(local, sdata);
+ ret = local->ops->hw_scan(&local->hw, &sdata->vif, req);
+@@ -328,7 +334,8 @@ static inline void drv_cancel_hw_scan(st
{
-- int i, r;
-+ int r;
+ might_sleep();
- ath9k_ps_wakeup(sc);
--
- r = ath_reset_internal(sc, NULL);
--
-- for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++) {
-- if (!ATH_TXQ_SETUP(sc, i))
-- continue;
--
-- spin_lock_bh(&sc->tx.txq[i].axq_lock);
-- ath_txq_schedule(sc, &sc->tx.txq[i]);
-- spin_unlock_bh(&sc->tx.txq[i].axq_lock);
-- }
--
- ath9k_ps_restore(sc);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
- return r;
-@@ -599,7 +668,7 @@ static int ath9k_start(struct ieee80211_
- ath9k_ps_wakeup(sc);
- mutex_lock(&sc->mutex);
+ trace_drv_cancel_hw_scan(local, sdata);
+ local->ops->cancel_hw_scan(&local->hw, &sdata->vif);
+@@ -345,7 +352,8 @@ drv_sched_scan_start(struct ieee80211_lo
-- init_channel = ath9k_cmn_get_curchannel(hw, ah);
-+ init_channel = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
+ might_sleep();
- /* Reset SERDES registers */
- ath9k_hw_configpcipowersave(ah, false);
-@@ -802,7 +871,7 @@ static void ath9k_stop(struct ieee80211_
- }
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
- if (!ah->curchan)
-- ah->curchan = ath9k_cmn_get_curchannel(hw, ah);
-+ ah->curchan = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
+ trace_drv_sched_scan_start(local, sdata);
+ ret = local->ops->sched_scan_start(&local->hw, &sdata->vif,
+@@ -361,7 +369,8 @@ static inline int drv_sched_scan_stop(st
- ath9k_hw_reset(ah, ah->curchan, ah->caldata, false);
- ath9k_hw_phy_disable(ah);
-@@ -821,7 +890,7 @@ static void ath9k_stop(struct ieee80211_
- ath_dbg(common, CONFIG, "Driver halt\n");
- }
+ might_sleep();
+
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
--bool ath9k_uses_beacons(int type)
-+static bool ath9k_uses_beacons(int type)
+ trace_drv_sched_scan_stop(local, sdata);
+ ret = local->ops->sched_scan_stop(&local->hw, &sdata->vif);
+@@ -462,7 +471,8 @@ static inline void drv_sta_notify(struct
+ struct ieee80211_sta *sta)
{
- switch (type) {
- case NL80211_IFTYPE_AP:
-@@ -966,6 +1035,8 @@ static int ath9k_add_interface(struct ie
- struct ath_softc *sc = hw->priv;
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
-+ struct ath_vif *avp = (void *)vif->drv_priv;
-+ struct ath_node *an = &avp->mcast_node;
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
- mutex_lock(&sc->mutex);
+ trace_drv_sta_notify(local, sdata, cmd, sta);
+ if (local->ops->sta_notify)
+@@ -479,7 +489,8 @@ static inline int drv_sta_add(struct iee
+ might_sleep();
-@@ -979,6 +1050,12 @@ static int ath9k_add_interface(struct ie
- if (ath9k_uses_beacons(vif->type))
- ath9k_beacon_assign_slot(sc, vif);
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
-+ an->sc = sc;
-+ an->sta = NULL;
-+ an->vif = vif;
-+ an->no_ps_filter = true;
-+ ath_tx_node_init(sc, an);
-+
- mutex_unlock(&sc->mutex);
- return 0;
- }
-@@ -1016,6 +1093,7 @@ static void ath9k_remove_interface(struc
- {
- struct ath_softc *sc = hw->priv;
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
-+ struct ath_vif *avp = (void *)vif->drv_priv;
+ trace_drv_sta_add(local, sdata, sta);
+ if (local->ops->sta_add)
+@@ -497,7 +508,8 @@ static inline void drv_sta_remove(struct
+ might_sleep();
- ath_dbg(common, CONFIG, "Detach Interface\n");
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
-@@ -1030,6 +1108,8 @@ static void ath9k_remove_interface(struc
- ath9k_calculate_summary_state(hw, NULL);
- ath9k_ps_restore(sc);
+ trace_drv_sta_remove(local, sdata, sta);
+ if (local->ops->sta_remove)
+@@ -515,7 +527,8 @@ static inline void drv_sta_add_debugfs(s
+ might_sleep();
-+ ath_tx_node_cleanup(sc, &avp->mcast_node);
-+
- mutex_unlock(&sc->mutex);
- }
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
-@@ -1192,83 +1272,12 @@ static int ath9k_config(struct ieee80211
- }
+ if (local->ops->sta_add_debugfs)
+ local->ops->sta_add_debugfs(&local->hw, &sdata->vif,
+@@ -545,7 +558,8 @@ static inline void drv_sta_pre_rcu_remov
+ might_sleep();
- if ((changed & IEEE80211_CONF_CHANGE_CHANNEL) || reset_channel) {
-- struct ieee80211_channel *curchan = hw->conf.chandef.chan;
-- enum nl80211_channel_type channel_type =
-- cfg80211_get_chandef_type(&conf->chandef);
-- int pos = curchan->hw_value;
-- int old_pos = -1;
-- unsigned long flags;
--
-- if (ah->curchan)
-- old_pos = ah->curchan - &ah->channels[0];
--
-- ath_dbg(common, CONFIG, "Set channel: %d MHz type: %d\n",
-- curchan->center_freq, channel_type);
--
-- /* update survey stats for the old channel before switching */
-- spin_lock_irqsave(&common->cc_lock, flags);
-- ath_update_survey_stats(sc);
-- spin_unlock_irqrestore(&common->cc_lock, flags);
--
-- ath9k_cmn_update_ichannel(&sc->sc_ah->channels[pos],
-- curchan, channel_type);
--
-- /*
-- * If the operating channel changes, change the survey in-use flags
-- * along with it.
-- * Reset the survey data for the new channel, unless we're switching
-- * back to the operating channel from an off-channel operation.
-- */
-- if (!(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL) &&
-- sc->cur_survey != &sc->survey[pos]) {
--
-- if (sc->cur_survey)
-- sc->cur_survey->filled &= ~SURVEY_INFO_IN_USE;
--
-- sc->cur_survey = &sc->survey[pos];
--
-- memset(sc->cur_survey, 0, sizeof(struct survey_info));
-- sc->cur_survey->filled |= SURVEY_INFO_IN_USE;
-- } else if (!(sc->survey[pos].filled & SURVEY_INFO_IN_USE)) {
-- memset(&sc->survey[pos], 0, sizeof(struct survey_info));
-- }
--
-- if (ath_set_channel(sc, hw, &sc->sc_ah->channels[pos]) < 0) {
-+ if (ath_set_channel(sc, &hw->conf.chandef) < 0) {
- ath_err(common, "Unable to set channel\n");
- mutex_unlock(&sc->mutex);
- ath9k_ps_restore(sc);
- return -EINVAL;
- }
--
-- /*
-- * The most recent snapshot of channel->noisefloor for the old
-- * channel is only available after the hardware reset. Copy it to
-- * the survey stats now.
-- */
-- if (old_pos >= 0)
-- ath_update_survey_nf(sc, old_pos);
--
-- /*
-- * Enable radar pulse detection if on a DFS channel. Spectral
-- * scanning and radar detection can not be used concurrently.
-- */
-- if (hw->conf.radar_enabled) {
-- u32 rxfilter;
--
-- /* set HW specific DFS configuration */
-- ath9k_hw_set_radar_params(ah);
-- rxfilter = ath9k_hw_getrxfilter(ah);
-- rxfilter |= ATH9K_RX_FILTER_PHYRADAR |
-- ATH9K_RX_FILTER_PHYERR;
-- ath9k_hw_setrxfilter(ah, rxfilter);
-- ath_dbg(common, DFS, "DFS enabled at freq %d\n",
-- curchan->center_freq);
-- } else {
-- /* perform spectral scan if requested. */
-- if (test_bit(SC_OP_SCANNING, &sc->sc_flags) &&
-- sc->spectral_mode == SPECTRAL_CHANSCAN)
-- ath9k_spectral_scan_trigger(hw);
-- }
- }
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
- if (changed & IEEE80211_CONF_CHANGE_POWER) {
-@@ -1374,9 +1383,6 @@ static void ath9k_sta_notify(struct ieee
- struct ath_softc *sc = hw->priv;
- struct ath_node *an = (struct ath_node *) sta->drv_priv;
+ trace_drv_sta_pre_rcu_remove(local, sdata, &sta->sta);
+ if (local->ops->sta_pre_rcu_remove)
+@@ -566,7 +580,8 @@ int drv_sta_state(struct ieee80211_local
+ might_sleep();
-- if (!sta->ht_cap.ht_supported)
-- return;
--
- switch (cmd) {
- case STA_NOTIFY_SLEEP:
- an->sleeping = true;
-@@ -2094,7 +2100,7 @@ static void ath9k_wow_add_pattern(struct
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
+
+ trace_drv_sta_state(local, sdata, &sta->sta, old_state, new_state);
+ if (local->ops->sta_state) {
+@@ -590,7 +605,8 @@ static inline void drv_sta_rc_update(str
+ struct ieee80211_sta *sta, u32 changed)
{
- struct ath_hw *ah = sc->sc_ah;
- struct ath9k_wow_pattern *wow_pattern = NULL;
-- struct cfg80211_wowlan_trig_pkt_pattern *patterns = wowlan->patterns;
-+ struct cfg80211_pkt_pattern *patterns = wowlan->patterns;
- int mask_len;
- s8 i = 0;
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
---- a/drivers/net/wireless/mwifiex/cfg80211.c
-+++ b/drivers/net/wireless/mwifiex/cfg80211.c
-@@ -2298,8 +2298,7 @@ EXPORT_SYMBOL_GPL(mwifiex_del_virtual_in
+ WARN_ON(changed & IEEE80211_RC_SUPP_RATES_CHANGED &&
+ (sdata->vif.type != NL80211_IFTYPE_ADHOC &&
+@@ -612,7 +628,8 @@ static inline int drv_conf_tx(struct iee
- #ifdef CONFIG_PM
- static bool
--mwifiex_is_pattern_supported(struct cfg80211_wowlan_trig_pkt_pattern *pat,
-- s8 *byte_seq)
-+mwifiex_is_pattern_supported(struct cfg80211_pkt_pattern *pat, s8 *byte_seq)
- {
- int j, k, valid_byte_cnt = 0;
- bool dont_care_byte = false;
---- a/drivers/net/wireless/ti/wlcore/main.c
-+++ b/drivers/net/wireless/ti/wlcore/main.c
-@@ -1315,7 +1315,7 @@ static struct sk_buff *wl12xx_alloc_dumm
+ might_sleep();
- #ifdef CONFIG_PM
- static int
--wl1271_validate_wowlan_pattern(struct cfg80211_wowlan_trig_pkt_pattern *p)
-+wl1271_validate_wowlan_pattern(struct cfg80211_pkt_pattern *p)
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
+
+ trace_drv_conf_tx(local, sdata, ac, params);
+ if (local->ops->conf_tx)
+@@ -629,7 +646,8 @@ static inline u64 drv_get_tsf(struct iee
+
+ might_sleep();
+
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return ret;
+
+ trace_drv_get_tsf(local, sdata);
+ if (local->ops->get_tsf)
+@@ -644,7 +662,8 @@ static inline void drv_set_tsf(struct ie
{
- int num_fields = 0, in_field = 0, fields_size = 0;
- int i, pattern_len = 0;
-@@ -1458,9 +1458,9 @@ void wl1271_rx_filter_flatten_fields(str
- * Allocates an RX filter returned through f
- * which needs to be freed using rx_filter_free()
- */
--static int wl1271_convert_wowlan_pattern_to_rx_filter(
-- struct cfg80211_wowlan_trig_pkt_pattern *p,
-- struct wl12xx_rx_filter **f)
-+static int
-+wl1271_convert_wowlan_pattern_to_rx_filter(struct cfg80211_pkt_pattern *p,
-+ struct wl12xx_rx_filter **f)
+ might_sleep();
+
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
+
+ trace_drv_set_tsf(local, sdata, tsf);
+ if (local->ops->set_tsf)
+@@ -657,7 +676,8 @@ static inline void drv_reset_tsf(struct
{
- int i, j, ret = 0;
- struct wl12xx_rx_filter *filter;
-@@ -1562,7 +1562,7 @@ static int wl1271_configure_wowlan(struc
+ might_sleep();
- /* Translate WoWLAN patterns into filters */
- for (i = 0; i < wow->n_patterns; i++) {
-- struct cfg80211_wowlan_trig_pkt_pattern *p;
-+ struct cfg80211_pkt_pattern *p;
- struct wl12xx_rx_filter *filter = NULL;
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
- p = &wow->patterns[i];
---- a/include/net/cfg80211.h
-+++ b/include/net/cfg80211.h
-@@ -639,6 +639,30 @@ struct cfg80211_ap_settings {
- };
+ trace_drv_reset_tsf(local, sdata);
+ if (local->ops->reset_tsf)
+@@ -689,7 +709,8 @@ static inline int drv_ampdu_action(struc
+ might_sleep();
- /**
-+ * struct cfg80211_csa_settings - channel switch settings
-+ *
-+ * Used for channel switch
-+ *
-+ * @chandef: defines the channel to use after the switch
-+ * @beacon_csa: beacon data while performing the switch
-+ * @counter_offset_beacon: offset for the counter within the beacon (tail)
-+ * @counter_offset_presp: offset for the counter within the probe response
-+ * @beacon_after: beacon data to be used on the new channel
-+ * @radar_required: whether radar detection is required on the new channel
-+ * @block_tx: whether transmissions should be blocked while changing
-+ * @count: number of beacons until switch
-+ */
-+struct cfg80211_csa_settings {
-+ struct cfg80211_chan_def chandef;
-+ struct cfg80211_beacon_data beacon_csa;
-+ u16 counter_offset_beacon, counter_offset_presp;
-+ struct cfg80211_beacon_data beacon_after;
-+ bool radar_required;
-+ bool block_tx;
-+ u8 count;
-+};
-+
-+/**
- * enum station_parameters_apply_mask - station parameter values to apply
- * @STATION_PARAM_APPLY_UAPSD: apply new uAPSD parameters (uapsd_queues, max_sp)
- * @STATION_PARAM_APPLY_CAPABILITY: apply new capability
-@@ -1698,7 +1722,7 @@ struct cfg80211_pmksa {
- };
-
- /**
-- * struct cfg80211_wowlan_trig_pkt_pattern - packet pattern
-+ * struct cfg80211_pkt_pattern - packet pattern
- * @mask: bitmask where to match pattern and where to ignore bytes,
- * one bit per byte, in same format as nl80211
- * @pattern: bytes to match where bitmask is 1
-@@ -1708,7 +1732,7 @@ struct cfg80211_pmksa {
- * Internal note: @mask and @pattern are allocated in one chunk of
- * memory, free @mask only!
- */
--struct cfg80211_wowlan_trig_pkt_pattern {
-+struct cfg80211_pkt_pattern {
- u8 *mask, *pattern;
- int pattern_len;
- int pkt_offset;
-@@ -1770,7 +1794,7 @@ struct cfg80211_wowlan {
- bool any, disconnect, magic_pkt, gtk_rekey_failure,
- eap_identity_req, four_way_handshake,
- rfkill_release;
-- struct cfg80211_wowlan_trig_pkt_pattern *patterns;
-+ struct cfg80211_pkt_pattern *patterns;
- struct cfg80211_wowlan_tcp *tcp;
- int n_patterns;
- };
-@@ -2071,6 +2095,8 @@ struct cfg80211_update_ft_ies_params {
- * driver can take the most appropriate actions.
- * @crit_proto_stop: Indicates critical protocol no longer needs increased link
- * reliability. This operation can not fail.
-+ *
-+ * @channel_switch: initiate channel-switch procedure (with CSA)
- */
- struct cfg80211_ops {
- int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
-@@ -2306,6 +2332,10 @@ struct cfg80211_ops {
- u16 duration);
- void (*crit_proto_stop)(struct wiphy *wiphy,
- struct wireless_dev *wdev);
-+
-+ int (*channel_switch)(struct wiphy *wiphy,
-+ struct net_device *dev,
-+ struct cfg80211_csa_settings *params);
- };
-
- /*
-@@ -2371,6 +2401,8 @@ struct cfg80211_ops {
- * @WIPHY_FLAG_OFFCHAN_TX: Device supports direct off-channel TX.
- * @WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL: Device supports remain-on-channel call.
- * @WIPHY_FLAG_SUPPORTS_5_10_MHZ: Device supports 5 MHz and 10 MHz channels.
-+ * @WIPHY_FLAG_HAS_CHANNEL_SWITCH: Device supports channel switch in
-+ * beaconing mode (AP, IBSS, Mesh, ...).
- */
- enum wiphy_flags {
- WIPHY_FLAG_CUSTOM_REGULATORY = BIT(0),
-@@ -2395,6 +2427,7 @@ enum wiphy_flags {
- WIPHY_FLAG_OFFCHAN_TX = BIT(20),
- WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL = BIT(21),
- WIPHY_FLAG_SUPPORTS_5_10_MHZ = BIT(22),
-+ WIPHY_FLAG_HAS_CHANNEL_SWITCH = BIT(23),
- };
-
- /**
---- a/include/uapi/linux/nl80211.h
-+++ b/include/uapi/linux/nl80211.h
-@@ -648,6 +648,16 @@
- * @NL80211_CMD_CRIT_PROTOCOL_STOP: Indicates the connection reliability can
- * return back to normal.
- *
-+ * @NL80211_CMD_CHANNEL_SWITCH: Perform a channel switch by announcing the
-+ * the new channel information (Channel Switch Announcement - CSA)
-+ * in the beacon for some time (as defined in the
-+ * %NL80211_ATTR_CH_SWITCH_COUNT parameter) and then change to the
-+ * new channel. Userspace provides the new channel information (using
-+ * %NL80211_ATTR_WIPHY_FREQ and the attributes determining channel
-+ * width). %NL80211_ATTR_CH_SWITCH_BLOCK_TX may be supplied to inform
-+ * other station that transmission must be blocked until the channel
-+ * switch is complete.
-+ *
- * @NL80211_CMD_MAX: highest used command number
- * @__NL80211_CMD_AFTER_LAST: internal use
- */
-@@ -810,6 +820,8 @@ enum nl80211_commands {
- NL80211_CMD_CRIT_PROTOCOL_START,
- NL80211_CMD_CRIT_PROTOCOL_STOP,
-
-+ NL80211_CMD_CHANNEL_SWITCH,
-+
- /* add new commands above here */
+ sdata = get_bss_sdata(sdata);
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
- /* used to define NL80211_CMD_MAX below */
-@@ -1436,6 +1448,18 @@ enum nl80211_commands {
- * allowed to be used with the first @NL80211_CMD_SET_STATION command to
- * update a TDLS peer STA entry.
- *
-+ * @NL80211_ATTR_CH_SWITCH_COUNT: u32 attribute specifying the number of TBTT's
-+ * until the channel switch event.
-+ * @NL80211_ATTR_CH_SWITCH_BLOCK_TX: flag attribute specifying that transmission
-+ * must be blocked on the current channel (before the channel switch
-+ * operation).
-+ * @NL80211_ATTR_CSA_IES: Nested set of attributes containing the IE information
-+ * for the time while performing a channel switch.
-+ * @NL80211_ATTR_CSA_C_OFF_BEACON: Offset of the channel switch counter
-+ * field in the beacons tail (%NL80211_ATTR_BEACON_TAIL).
-+ * @NL80211_ATTR_CSA_C_OFF_PRESP: Offset of the channel switch counter
-+ * field in the probe response (%NL80211_ATTR_PROBE_RESP).
-+ *
- * @NL80211_ATTR_MAX: highest attribute number currently defined
- * @__NL80211_ATTR_AFTER_LAST: internal use
- */
-@@ -1736,6 +1760,12 @@ enum nl80211_attrs {
-
- NL80211_ATTR_PEER_AID,
+ trace_drv_ampdu_action(local, sdata, action, sta, tid, ssn, buf_size);
-+ NL80211_ATTR_CH_SWITCH_COUNT,
-+ NL80211_ATTR_CH_SWITCH_BLOCK_TX,
-+ NL80211_ATTR_CSA_IES,
-+ NL80211_ATTR_CSA_C_OFF_BEACON,
-+ NL80211_ATTR_CSA_C_OFF_PRESP,
-+
- /* add attributes here, update the policy in nl80211.c */
-
- __NL80211_ATTR_AFTER_LAST,
-@@ -3060,11 +3090,11 @@ enum nl80211_tx_power_setting {
- };
+@@ -733,8 +754,8 @@ static inline void drv_flush(struct ieee
- /**
-- * enum nl80211_wowlan_packet_pattern_attr - WoWLAN packet pattern attribute
-- * @__NL80211_WOWLAN_PKTPAT_INVALID: invalid number for nested attribute
-- * @NL80211_WOWLAN_PKTPAT_PATTERN: the pattern, values where the mask has
-+ * enum nl80211_packet_pattern_attr - packet pattern attribute
-+ * @__NL80211_PKTPAT_INVALID: invalid number for nested attribute
-+ * @NL80211_PKTPAT_PATTERN: the pattern, values where the mask has
- * a zero bit are ignored
-- * @NL80211_WOWLAN_PKTPAT_MASK: pattern mask, must be long enough to have
-+ * @NL80211_PKTPAT_MASK: pattern mask, must be long enough to have
- * a bit for each byte in the pattern. The lowest-order bit corresponds
- * to the first byte of the pattern, but the bytes of the pattern are
- * in a little-endian-like format, i.e. the 9th byte of the pattern
-@@ -3075,23 +3105,23 @@ enum nl80211_tx_power_setting {
- * Note that the pattern matching is done as though frames were not
- * 802.11 frames but 802.3 frames, i.e. the frame is fully unpacked
- * first (including SNAP header unpacking) and then matched.
-- * @NL80211_WOWLAN_PKTPAT_OFFSET: packet offset, pattern is matched after
-+ * @NL80211_PKTPAT_OFFSET: packet offset, pattern is matched after
- * these fixed number of bytes of received packet
-- * @NUM_NL80211_WOWLAN_PKTPAT: number of attributes
-- * @MAX_NL80211_WOWLAN_PKTPAT: max attribute number
-+ * @NUM_NL80211_PKTPAT: number of attributes
-+ * @MAX_NL80211_PKTPAT: max attribute number
- */
--enum nl80211_wowlan_packet_pattern_attr {
-- __NL80211_WOWLAN_PKTPAT_INVALID,
-- NL80211_WOWLAN_PKTPAT_MASK,
-- NL80211_WOWLAN_PKTPAT_PATTERN,
-- NL80211_WOWLAN_PKTPAT_OFFSET,
-+enum nl80211_packet_pattern_attr {
-+ __NL80211_PKTPAT_INVALID,
-+ NL80211_PKTPAT_MASK,
-+ NL80211_PKTPAT_PATTERN,
-+ NL80211_PKTPAT_OFFSET,
-
-- NUM_NL80211_WOWLAN_PKTPAT,
-- MAX_NL80211_WOWLAN_PKTPAT = NUM_NL80211_WOWLAN_PKTPAT - 1,
-+ NUM_NL80211_PKTPAT,
-+ MAX_NL80211_PKTPAT = NUM_NL80211_PKTPAT - 1,
- };
+ might_sleep();
- /**
-- * struct nl80211_wowlan_pattern_support - pattern support information
-+ * struct nl80211_pattern_support - packet pattern support information
- * @max_patterns: maximum number of patterns supported
- * @min_pattern_len: minimum length of each pattern
- * @max_pattern_len: maximum length of each pattern
-@@ -3101,13 +3131,22 @@ enum nl80211_wowlan_packet_pattern_attr
- * that is part of %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED in the
- * capability information given by the kernel to userspace.
- */
--struct nl80211_wowlan_pattern_support {
-+struct nl80211_pattern_support {
- __u32 max_patterns;
- __u32 min_pattern_len;
- __u32 max_pattern_len;
- __u32 max_pkt_offset;
- } __attribute__((packed));
-
-+/* only for backward compatibility */
-+#define __NL80211_WOWLAN_PKTPAT_INVALID __NL80211_PKTPAT_INVALID
-+#define NL80211_WOWLAN_PKTPAT_MASK NL80211_PKTPAT_MASK
-+#define NL80211_WOWLAN_PKTPAT_PATTERN NL80211_PKTPAT_PATTERN
-+#define NL80211_WOWLAN_PKTPAT_OFFSET NL80211_PKTPAT_OFFSET
-+#define NUM_NL80211_WOWLAN_PKTPAT NUM_NL80211_PKTPAT
-+#define MAX_NL80211_WOWLAN_PKTPAT MAX_NL80211_PKTPAT
-+#define nl80211_wowlan_pattern_support nl80211_pattern_support
-+
- /**
- * enum nl80211_wowlan_triggers - WoWLAN trigger definitions
- * @__NL80211_WOWLAN_TRIG_INVALID: invalid number for nested attributes
-@@ -3127,7 +3166,7 @@ struct nl80211_wowlan_pattern_support {
- * pattern matching is done after the packet is converted to the MSDU.
- *
- * In %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED, it is a binary attribute
-- * carrying a &struct nl80211_wowlan_pattern_support.
-+ * carrying a &struct nl80211_pattern_support.
- *
- * When reporting wakeup. it is a u32 attribute containing the 0-based
- * index of the pattern that caused the wakeup, in the patterns passed
-@@ -3284,7 +3323,7 @@ struct nl80211_wowlan_tcp_data_token_fea
- * @NL80211_WOWLAN_TCP_WAKE_PAYLOAD: wake packet payload, for advertising a
- * u32 attribute holding the maximum length
- * @NL80211_WOWLAN_TCP_WAKE_MASK: Wake packet payload mask, not used for
-- * feature advertising. The mask works like @NL80211_WOWLAN_PKTPAT_MASK
-+ * feature advertising. The mask works like @NL80211_PKTPAT_MASK
- * but on the TCP payload only.
- * @NUM_NL80211_WOWLAN_TCP: number of TCP attributes
- * @MAX_NL80211_WOWLAN_TCP: highest attribute number
---- a/net/mac80211/mesh_ps.c
-+++ b/net/mac80211/mesh_ps.c
-@@ -229,6 +229,10 @@ void ieee80211_mps_sta_status_update(str
- enum nl80211_mesh_power_mode pm;
- bool do_buffer;
-
-+ /* For non-assoc STA, prevent buffering or frame transmission */
-+ if (sta->sta_state < IEEE80211_STA_ASSOC)
+- if (sdata)
+- check_sdata_in_driver(sdata);
++ if (sdata && !check_sdata_in_driver(sdata))
+ return;
-+
- /*
- * use peer-specific power mode if peering is established and the
- * peer's power mode is known
---- a/net/wireless/nl80211.c
-+++ b/net/wireless/nl80211.c
-@@ -349,6 +349,11 @@ static const struct nla_policy nl80211_p
- [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
- .len = IEEE80211_MAX_DATA_LEN },
- [NL80211_ATTR_PEER_AID] = { .type = NLA_U16 },
-+ [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
-+ [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
-+ [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
-+ [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_U16 },
-+ [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_U16 },
- };
-
- /* policy for the key attributes */
-@@ -441,10 +446,12 @@ static int nl80211_prepare_wdev_dump(str
- goto out_unlock;
- }
- *rdev = wiphy_to_dev((*wdev)->wiphy);
-- cb->args[0] = (*rdev)->wiphy_idx;
-+ /* 0 is the first index - add 1 to parse only once */
-+ cb->args[0] = (*rdev)->wiphy_idx + 1;
- cb->args[1] = (*wdev)->identifier;
- } else {
-- struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0]);
-+ /* subtract the 1 again here */
-+ struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
- struct wireless_dev *tmp;
-
- if (!wiphy) {
-@@ -974,7 +981,7 @@ static int nl80211_send_wowlan(struct sk
- return -ENOBUFS;
-
- if (dev->wiphy.wowlan->n_patterns) {
-- struct nl80211_wowlan_pattern_support pat = {
-+ struct nl80211_pattern_support pat = {
- .max_patterns = dev->wiphy.wowlan->n_patterns,
- .min_pattern_len = dev->wiphy.wowlan->pattern_min_len,
- .max_pattern_len = dev->wiphy.wowlan->pattern_max_len,
-@@ -1393,6 +1400,8 @@ static int nl80211_send_wiphy(struct cfg
- if (state->split) {
- CMD(crit_proto_start, CRIT_PROTOCOL_START);
- CMD(crit_proto_stop, CRIT_PROTOCOL_STOP);
-+ if (dev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)
-+ CMD(channel_switch, CHANNEL_SWITCH);
- }
-
- #ifdef CPTCFG_NL80211_TESTMODE
-@@ -1568,8 +1577,10 @@ static int nl80211_dump_wiphy(struct sk_
- rtnl_lock();
- if (!state) {
- state = kzalloc(sizeof(*state), GFP_KERNEL);
-- if (!state)
-+ if (!state) {
-+ rtnl_unlock();
- return -ENOMEM;
-+ }
- state->filter_wiphy = -1;
- ret = nl80211_dump_wiphy_parse(skb, cb, state);
- if (ret) {
-@@ -2620,8 +2631,8 @@ static int nl80211_get_key(struct sk_buf
-
- hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
- NL80211_CMD_NEW_KEY);
-- if (IS_ERR(hdr))
-- return PTR_ERR(hdr);
-+ if (!hdr)
-+ return -ENOBUFS;
-
- cookie.msg = msg;
- cookie.idx = key_idx;
-@@ -4770,9 +4781,9 @@ do { \
- FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 0, 1,
- mask, NL80211_MESHCONF_FORWARDING,
- nla_get_u8);
-- FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, 1, 255,
-+ FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, -255, 0,
- mask, NL80211_MESHCONF_RSSI_THRESHOLD,
-- nla_get_u32);
-+ nla_get_s32);
- FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode, 0, 16,
- mask, NL80211_MESHCONF_HT_OPMODE,
- nla_get_u16);
-@@ -5578,6 +5589,111 @@ static int nl80211_start_radar_detection
- return err;
- }
-
-+static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info)
-+{
-+ struct cfg80211_registered_device *rdev = info->user_ptr[0];
-+ struct net_device *dev = info->user_ptr[1];
-+ struct wireless_dev *wdev = dev->ieee80211_ptr;
-+ struct cfg80211_csa_settings params;
-+ /* csa_attrs is defined static to avoid waste of stack size - this
-+ * function is called under RTNL lock, so this should not be a problem.
-+ */
-+ static struct nlattr *csa_attrs[NL80211_ATTR_MAX+1];
-+ u8 radar_detect_width = 0;
-+ int err;
-+
-+ if (!rdev->ops->channel_switch ||
-+ !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
-+ return -EOPNOTSUPP;
-+
-+ /* may add IBSS support later */
-+ if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
-+ dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
-+ return -EOPNOTSUPP;
-+
-+ memset(¶ms, 0, sizeof(params));
-+
-+ if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
-+ !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT])
-+ return -EINVAL;
-+
-+ /* only important for AP, IBSS and mesh create IEs internally */
-+ if (!info->attrs[NL80211_ATTR_CSA_IES])
-+ return -EINVAL;
-+
-+ /* useless if AP is not running */
-+ if (!wdev->beacon_interval)
-+ return -EINVAL;
-+
-+ params.count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]);
-+
-+ err = nl80211_parse_beacon(info->attrs, ¶ms.beacon_after);
-+ if (err)
-+ return err;
-+
-+ err = nla_parse_nested(csa_attrs, NL80211_ATTR_MAX,
-+ info->attrs[NL80211_ATTR_CSA_IES],
-+ nl80211_policy);
-+ if (err)
-+ return err;
-+
-+ err = nl80211_parse_beacon(csa_attrs, ¶ms.beacon_csa);
-+ if (err)
-+ return err;
-+
-+ if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON])
-+ return -EINVAL;
-+
-+ params.counter_offset_beacon =
-+ nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
-+ if (params.counter_offset_beacon >= params.beacon_csa.tail_len)
-+ return -EINVAL;
-+
-+ /* sanity check - counters should be the same */
-+ if (params.beacon_csa.tail[params.counter_offset_beacon] !=
-+ params.count)
-+ return -EINVAL;
-+
-+ if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) {
-+ params.counter_offset_presp =
-+ nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
-+ if (params.counter_offset_presp >=
-+ params.beacon_csa.probe_resp_len)
-+ return -EINVAL;
-+
-+ if (params.beacon_csa.probe_resp[params.counter_offset_presp] !=
-+ params.count)
-+ return -EINVAL;
-+ }
-+
-+ err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
-+ if (err)
-+ return err;
-+
-+ if (!cfg80211_reg_can_beacon(&rdev->wiphy, ¶ms.chandef))
-+ return -EINVAL;
-+
-+ err = cfg80211_chandef_dfs_required(wdev->wiphy, ¶ms.chandef);
-+ if (err < 0) {
-+ return err;
-+ } else if (err) {
-+ radar_detect_width = BIT(params.chandef.width);
-+ params.radar_required = true;
-+ }
-+
-+ err = cfg80211_can_use_iftype_chan(rdev, wdev, wdev->iftype,
-+ params.chandef.chan,
-+ CHAN_MODE_SHARED,
-+ radar_detect_width);
-+ if (err)
-+ return err;
-+
-+ if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX])
-+ params.block_tx = true;
-+
-+ return rdev_channel_switch(rdev, dev, ¶ms);
-+}
-+
- static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
- u32 seq, int flags,
- struct cfg80211_registered_device *rdev,
-@@ -6507,6 +6623,9 @@ static int nl80211_testmode_dump(struct
- NL80211_CMD_TESTMODE);
- struct nlattr *tmdata;
-
-+ if (!hdr)
-+ break;
-+
- if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
- genlmsg_cancel(skb, hdr);
- break;
-@@ -6615,12 +6734,14 @@ EXPORT_SYMBOL(cfg80211_testmode_alloc_ev
-
- void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
- {
-+ struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
- void *hdr = ((void **)skb->cb)[1];
- struct nlattr *data = ((void **)skb->cb)[2];
-
- nla_nest_end(skb, data);
- genlmsg_end(skb, hdr);
-- genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
-+ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), skb, 0,
-+ nl80211_testmode_mcgrp.id, gfp);
- }
- EXPORT_SYMBOL(cfg80211_testmode_event);
- #endif
-@@ -6949,9 +7070,8 @@ static int nl80211_remain_on_channel(str
-
- hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
- NL80211_CMD_REMAIN_ON_CHANNEL);
--
-- if (IS_ERR(hdr)) {
-- err = PTR_ERR(hdr);
-+ if (!hdr) {
-+ err = -ENOBUFS;
- goto free_msg;
- }
-
-@@ -7249,9 +7369,8 @@ static int nl80211_tx_mgmt(struct sk_buf
-
- hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
- NL80211_CMD_FRAME);
--
-- if (IS_ERR(hdr)) {
-- err = PTR_ERR(hdr);
-+ if (!hdr) {
-+ err = -ENOBUFS;
- goto free_msg;
- }
- }
-@@ -7593,12 +7712,11 @@ static int nl80211_send_wowlan_patterns(
- if (!nl_pat)
- return -ENOBUFS;
- pat_len = wowlan->patterns[i].pattern_len;
-- if (nla_put(msg, NL80211_WOWLAN_PKTPAT_MASK,
-- DIV_ROUND_UP(pat_len, 8),
-+ if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
- wowlan->patterns[i].mask) ||
-- nla_put(msg, NL80211_WOWLAN_PKTPAT_PATTERN,
-- pat_len, wowlan->patterns[i].pattern) ||
-- nla_put_u32(msg, NL80211_WOWLAN_PKTPAT_OFFSET,
-+ nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
-+ wowlan->patterns[i].pattern) ||
-+ nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
- wowlan->patterns[i].pkt_offset))
- return -ENOBUFS;
- nla_nest_end(msg, nl_pat);
-@@ -7939,7 +8057,7 @@ static int nl80211_set_wowlan(struct sk_
- struct nlattr *pat;
- int n_patterns = 0;
- int rem, pat_len, mask_len, pkt_offset;
-- struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT];
-+ struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
-
- nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
- rem)
-@@ -7958,26 +8076,25 @@ static int nl80211_set_wowlan(struct sk_
-
- nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
- rem) {
-- nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT,
-- nla_data(pat), nla_len(pat), NULL);
-+ nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
-+ nla_len(pat), NULL);
- err = -EINVAL;
-- if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] ||
-- !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN])
-+ if (!pat_tb[NL80211_PKTPAT_MASK] ||
-+ !pat_tb[NL80211_PKTPAT_PATTERN])
- goto error;
-- pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]);
-+ pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
- mask_len = DIV_ROUND_UP(pat_len, 8);
-- if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) !=
-- mask_len)
-+ if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
- goto error;
- if (pat_len > wowlan->pattern_max_len ||
- pat_len < wowlan->pattern_min_len)
- goto error;
-
-- if (!pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET])
-+ if (!pat_tb[NL80211_PKTPAT_OFFSET])
- pkt_offset = 0;
- else
- pkt_offset = nla_get_u32(
-- pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET]);
-+ pat_tb[NL80211_PKTPAT_OFFSET]);
- if (pkt_offset > wowlan->max_pkt_offset)
- goto error;
- new_triggers.patterns[i].pkt_offset = pkt_offset;
-@@ -7991,11 +8108,11 @@ static int nl80211_set_wowlan(struct sk_
- new_triggers.patterns[i].pattern =
- new_triggers.patterns[i].mask + mask_len;
- memcpy(new_triggers.patterns[i].mask,
-- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]),
-+ nla_data(pat_tb[NL80211_PKTPAT_MASK]),
- mask_len);
- new_triggers.patterns[i].pattern_len = pat_len;
- memcpy(new_triggers.patterns[i].pattern,
-- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]),
-+ nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
- pat_len);
- i++;
- }
-@@ -8130,9 +8247,8 @@ static int nl80211_probe_client(struct s
-
- hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
- NL80211_CMD_PROBE_CLIENT);
--
-- if (IS_ERR(hdr)) {
-- err = PTR_ERR(hdr);
-+ if (!hdr) {
-+ err = -ENOBUFS;
- goto free_msg;
- }
-
-@@ -9041,7 +9157,15 @@ static struct genl_ops nl80211_ops[] = {
- .flags = GENL_ADMIN_PERM,
- .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
- NL80211_FLAG_NEED_RTNL,
-- }
-+ },
-+ {
-+ .cmd = NL80211_CMD_CHANNEL_SWITCH,
-+ .doit = nl80211_channel_switch,
-+ .policy = nl80211_policy,
-+ .flags = GENL_ADMIN_PERM,
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
-+ NL80211_FLAG_NEED_RTNL,
-+ },
- };
-
- static struct genl_multicast_group nl80211_mlme_mcgrp = {
-@@ -10066,7 +10190,8 @@ void cfg80211_mgmt_tx_status(struct wire
-
- genlmsg_end(msg, hdr);
-
-- genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
-+ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
-+ nl80211_mlme_mcgrp.id, gfp);
- return;
-
- nla_put_failure:
---- a/net/wireless/reg.c
-+++ b/net/wireless/reg.c
-@@ -2247,10 +2247,13 @@ int reg_device_uevent(struct device *dev
-
- void wiphy_regulatory_register(struct wiphy *wiphy)
- {
-+ struct regulatory_request *lr;
-+
- if (!reg_dev_ignore_cell_hint(wiphy))
- reg_num_devs_support_basehint++;
-
-- wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE);
-+ lr = get_last_request();
-+ wiphy_update_regulatory(wiphy, lr->initiator);
- }
-
- void wiphy_regulatory_deregister(struct wiphy *wiphy)
-@@ -2279,7 +2282,9 @@ void wiphy_regulatory_deregister(struct
- static void reg_timeout_work(struct work_struct *work)
- {
- REG_DBG_PRINT("Timeout while waiting for CRDA to reply, restoring regulatory settings\n");
-+ rtnl_lock();
- restore_regulatory_settings(true);
-+ rtnl_unlock();
- }
-
- int __init regulatory_init(void)
---- a/net/wireless/sme.c
-+++ b/net/wireless/sme.c
-@@ -34,8 +34,10 @@ struct cfg80211_conn {
- CFG80211_CONN_SCAN_AGAIN,
- CFG80211_CONN_AUTHENTICATE_NEXT,
- CFG80211_CONN_AUTHENTICATING,
-+ CFG80211_CONN_AUTH_FAILED,
- CFG80211_CONN_ASSOCIATE_NEXT,
- CFG80211_CONN_ASSOCIATING,
-+ CFG80211_CONN_ASSOC_FAILED,
- CFG80211_CONN_DEAUTH,
- CFG80211_CONN_CONNECTED,
- } state;
-@@ -164,6 +166,8 @@ static int cfg80211_conn_do_work(struct
- NULL, 0,
- params->key, params->key_len,
- params->key_idx, NULL, 0);
-+ case CFG80211_CONN_AUTH_FAILED:
-+ return -ENOTCONN;
- case CFG80211_CONN_ASSOCIATE_NEXT:
- BUG_ON(!rdev->ops->assoc);
- wdev->conn->state = CFG80211_CONN_ASSOCIATING;
-@@ -188,10 +192,17 @@ static int cfg80211_conn_do_work(struct
- WLAN_REASON_DEAUTH_LEAVING,
- false);
- return err;
-+ case CFG80211_CONN_ASSOC_FAILED:
-+ cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
-+ NULL, 0,
-+ WLAN_REASON_DEAUTH_LEAVING, false);
-+ return -ENOTCONN;
- case CFG80211_CONN_DEAUTH:
- cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
- NULL, 0,
- WLAN_REASON_DEAUTH_LEAVING, false);
-+ /* free directly, disconnected event already sent */
-+ cfg80211_sme_free(wdev);
- return 0;
- default:
- return 0;
-@@ -371,7 +382,7 @@ bool cfg80211_sme_rx_assoc_resp(struct w
- return true;
- }
-- wdev->conn->state = CFG80211_CONN_DEAUTH;
-+ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
- schedule_work(&rdev->conn_work);
- return false;
- }
-@@ -383,7 +394,13 @@ void cfg80211_sme_deauth(struct wireless
+ trace_drv_flush(local, queues, drop);
+ if (local->ops->flush)
+@@ -854,7 +875,8 @@ static inline int drv_set_bitrate_mask(s
- void cfg80211_sme_auth_timeout(struct wireless_dev *wdev)
- {
-- cfg80211_sme_free(wdev);
-+ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
-+
-+ if (!wdev->conn)
-+ return;
-+
-+ wdev->conn->state = CFG80211_CONN_AUTH_FAILED;
-+ schedule_work(&rdev->conn_work);
- }
+ might_sleep();
- void cfg80211_sme_disassoc(struct wireless_dev *wdev)
-@@ -399,7 +416,13 @@ void cfg80211_sme_disassoc(struct wirele
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
- void cfg80211_sme_assoc_timeout(struct wireless_dev *wdev)
+ trace_drv_set_bitrate_mask(local, sdata, mask);
+ if (local->ops->set_bitrate_mask)
+@@ -869,7 +891,8 @@ static inline void drv_set_rekey_data(st
+ struct ieee80211_sub_if_data *sdata,
+ struct cfg80211_gtk_rekey_data *data)
{
-- cfg80211_sme_disassoc(wdev);
-+ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
-+
-+ if (!wdev->conn)
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
+ return;
-+
-+ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
-+ schedule_work(&rdev->conn_work);
- }
- static int cfg80211_sme_connect(struct wireless_dev *wdev,
-@@ -953,21 +976,19 @@ int cfg80211_disconnect(struct cfg80211_
- struct net_device *dev, u16 reason, bool wextev)
+ trace_drv_set_rekey_data(local, sdata, data);
+ if (local->ops->set_rekey_data)
+@@ -937,7 +960,8 @@ static inline void drv_mgd_prepare_tx(st
{
- struct wireless_dev *wdev = dev->ieee80211_ptr;
-- int err;
-+ int err = 0;
-
- ASSERT_WDEV_LOCK(wdev);
-
- kfree(wdev->connect_keys);
- wdev->connect_keys = NULL;
-
-- if (wdev->conn) {
-+ if (wdev->conn)
- err = cfg80211_sme_disconnect(wdev, reason);
-- } else if (!rdev->ops->disconnect) {
-+ else if (!rdev->ops->disconnect)
- cfg80211_mlme_down(rdev, dev);
-- err = 0;
-- } else {
-+ else if (wdev->current_bss)
- err = rdev_disconnect(rdev, dev, reason);
-- }
-
- return err;
- }
---- a/net/mac80211/rc80211_minstrel.c
-+++ b/net/mac80211/rc80211_minstrel.c
-@@ -203,6 +203,15 @@ minstrel_update_stats(struct minstrel_pr
- memcpy(mi->max_tp_rate, tmp_tp_rate, sizeof(mi->max_tp_rate));
- mi->max_prob_rate = tmp_prob_rate;
-
-+#ifdef CPTCFG_MAC80211_DEBUGFS
-+ /* use fixed index if set */
-+ if (mp->fixed_rate_idx != -1) {
-+ mi->max_tp_rate[0] = mp->fixed_rate_idx;
-+ mi->max_tp_rate[1] = mp->fixed_rate_idx;
-+ mi->max_prob_rate = mp->fixed_rate_idx;
-+ }
-+#endif
-+
- /* Reset update timer */
- mi->stats_update = jiffies;
-
-@@ -290,7 +299,7 @@ minstrel_get_rate(void *priv, struct iee
- struct minstrel_rate *msr, *mr;
- unsigned int ndx;
- bool mrr_capable;
-- bool prev_sample = mi->prev_sample;
-+ bool prev_sample;
- int delta;
- int sampling_ratio;
-
-@@ -310,10 +319,16 @@ minstrel_get_rate(void *priv, struct iee
- /* increase sum packet counter */
- mi->packet_count++;
-
-+#ifdef CPTCFG_MAC80211_DEBUGFS
-+ if (mp->fixed_rate_idx != -1)
-+ return;
-+#endif
-+
- delta = (mi->packet_count * sampling_ratio / 100) -
- (mi->sample_count + mi->sample_deferred / 2);
-
- /* delta < 0: no sampling required */
-+ prev_sample = mi->prev_sample;
- mi->prev_sample = false;
- if (delta < 0 || (!mrr_capable && prev_sample))
- return;
---- a/drivers/net/wireless/rt2x00/rt2x00queue.c
-+++ b/drivers/net/wireless/rt2x00/rt2x00queue.c
-@@ -936,13 +936,8 @@ void rt2x00queue_index_inc(struct queue_
- spin_unlock_irqrestore(&queue->index_lock, irqflags);
- }
+ might_sleep();
--void rt2x00queue_pause_queue(struct data_queue *queue)
-+void rt2x00queue_pause_queue_nocheck(struct data_queue *queue)
- {
-- if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
-- !test_bit(QUEUE_STARTED, &queue->flags) ||
-- test_and_set_bit(QUEUE_PAUSED, &queue->flags))
-- return;
--
- switch (queue->qid) {
- case QID_AC_VO:
- case QID_AC_VI:
-@@ -958,6 +953,15 @@ void rt2x00queue_pause_queue(struct data
- break;
- }
- }
-+void rt2x00queue_pause_queue(struct data_queue *queue)
-+{
-+ if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
-+ !test_bit(QUEUE_STARTED, &queue->flags) ||
-+ test_and_set_bit(QUEUE_PAUSED, &queue->flags))
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
+ return;
-+
-+ rt2x00queue_pause_queue_nocheck(queue);
-+}
- EXPORT_SYMBOL_GPL(rt2x00queue_pause_queue);
-
- void rt2x00queue_unpause_queue(struct data_queue *queue)
-@@ -1019,7 +1023,7 @@ void rt2x00queue_stop_queue(struct data_
- return;
- }
-
-- rt2x00queue_pause_queue(queue);
-+ rt2x00queue_pause_queue_nocheck(queue);
-
- queue->rt2x00dev->ops->lib->stop_queue(queue);
-
---- a/net/mac80211/mlme.c
-+++ b/net/mac80211/mlme.c
-@@ -31,10 +31,12 @@
- #include "led.h"
-
- #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
-+#define IEEE80211_AUTH_TIMEOUT_LONG (HZ / 2)
- #define IEEE80211_AUTH_TIMEOUT_SHORT (HZ / 10)
- #define IEEE80211_AUTH_MAX_TRIES 3
- #define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5)
- #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
-+#define IEEE80211_ASSOC_TIMEOUT_LONG (HZ / 2)
- #define IEEE80211_ASSOC_TIMEOUT_SHORT (HZ / 10)
- #define IEEE80211_ASSOC_MAX_TRIES 3
-
-@@ -209,8 +211,9 @@ ieee80211_determine_chantype(struct ieee
- struct ieee80211_channel *channel,
- const struct ieee80211_ht_operation *ht_oper,
- const struct ieee80211_vht_operation *vht_oper,
-- struct cfg80211_chan_def *chandef, bool verbose)
-+ struct cfg80211_chan_def *chandef, bool tracking)
- {
-+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
- struct cfg80211_chan_def vht_chandef;
- u32 ht_cfreq, ret;
-
-@@ -229,7 +232,7 @@ ieee80211_determine_chantype(struct ieee
- ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan,
- channel->band);
- /* check that channel matches the right operating channel */
-- if (channel->center_freq != ht_cfreq) {
-+ if (!tracking && channel->center_freq != ht_cfreq) {
- /*
- * It's possible that some APs are confused here;
- * Netgear WNDR3700 sometimes reports 4 higher than
-@@ -237,11 +240,10 @@ ieee80211_determine_chantype(struct ieee
- * since we look at probe response/beacon data here
- * it should be OK.
- */
-- if (verbose)
-- sdata_info(sdata,
-- "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
-- channel->center_freq, ht_cfreq,
-- ht_oper->primary_chan, channel->band);
-+ sdata_info(sdata,
-+ "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
-+ channel->center_freq, ht_cfreq,
-+ ht_oper->primary_chan, channel->band);
- ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
- goto out;
- }
-@@ -295,7 +297,7 @@ ieee80211_determine_chantype(struct ieee
- channel->band);
- break;
- default:
-- if (verbose)
-+ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
- sdata_info(sdata,
- "AP VHT operation IE has invalid channel width (%d), disable VHT\n",
- vht_oper->chan_width);
-@@ -304,7 +306,7 @@ ieee80211_determine_chantype(struct ieee
- }
-
- if (!cfg80211_chandef_valid(&vht_chandef)) {
-- if (verbose)
-+ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
- sdata_info(sdata,
- "AP VHT information is invalid, disable VHT\n");
- ret = IEEE80211_STA_DISABLE_VHT;
-@@ -317,7 +319,7 @@ ieee80211_determine_chantype(struct ieee
- }
-
- if (!cfg80211_chandef_compatible(chandef, &vht_chandef)) {
-- if (verbose)
-+ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
- sdata_info(sdata,
- "AP VHT information doesn't match HT, disable VHT\n");
- ret = IEEE80211_STA_DISABLE_VHT;
-@@ -333,18 +335,27 @@ out:
- if (ret & IEEE80211_STA_DISABLE_VHT)
- vht_chandef = *chandef;
-
-+ /*
-+ * Ignore the DISABLED flag when we're already connected and only
-+ * tracking the APs beacon for bandwidth changes - otherwise we
-+ * might get disconnected here if we connect to an AP, update our
-+ * regulatory information based on the AP's country IE and the
-+ * information we have is wrong/outdated and disables the channel
-+ * that we're actually using for the connection to the AP.
-+ */
- while (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
-- IEEE80211_CHAN_DISABLED)) {
-+ tracking ? 0 :
-+ IEEE80211_CHAN_DISABLED)) {
- if (WARN_ON(chandef->width == NL80211_CHAN_WIDTH_20_NOHT)) {
- ret = IEEE80211_STA_DISABLE_HT |
- IEEE80211_STA_DISABLE_VHT;
-- goto out;
-+ break;
- }
-
- ret |= chandef_downgrade(chandef);
- }
-
-- if (chandef->width != vht_chandef.width && verbose)
-+ if (chandef->width != vht_chandef.width && !tracking)
- sdata_info(sdata,
- "capabilities/regulatory prevented using AP HT/VHT configuration, downgraded\n");
-
-@@ -384,7 +395,7 @@ static int ieee80211_config_bw(struct ie
-
- /* calculate new channel (type) based on HT/VHT operation IEs */
- flags = ieee80211_determine_chantype(sdata, sband, chan, ht_oper,
-- vht_oper, &chandef, false);
-+ vht_oper, &chandef, true);
-
- /*
- * Downgrade the new channel if we associated with restricted
-@@ -1043,6 +1054,13 @@ ieee80211_sta_process_chanswitch(struct
- if (!ieee80211_operating_class_to_band(
- elems->ext_chansw_ie->new_operating_class,
- &new_band)) {
-+ /*
-+ * Some APs send invalid ECSA IEs in probe response
-+ * frames, so check for these and ignore them.
-+ */
-+ if (beacon && elems->ext_chansw_ie->new_ch_num == 0 &&
-+ elems->ext_chansw_ie->new_operating_class == 0)
-+ return;
- sdata_info(sdata,
- "cannot understand ECSA IE operating class %d, disconnecting\n",
- elems->ext_chansw_ie->new_operating_class);
-@@ -1110,6 +1128,15 @@ ieee80211_sta_process_chanswitch(struct
- case -1:
- cfg80211_chandef_create(&new_chandef, new_chan,
- NL80211_CHAN_NO_HT);
-+ /* keep width for 5/10 MHz channels */
-+ switch (sdata->vif.bss_conf.chandef.width) {
-+ case NL80211_CHAN_WIDTH_5:
-+ case NL80211_CHAN_WIDTH_10:
-+ new_chandef.width = sdata->vif.bss_conf.chandef.width;
-+ break;
-+ default:
-+ break;
-+ }
- break;
- }
-
-@@ -3394,10 +3421,13 @@ static int ieee80211_probe_auth(struct i
-
- if (tx_flags == 0) {
- auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
-- ifmgd->auth_data->timeout_started = true;
-+ auth_data->timeout_started = true;
- run_again(sdata, auth_data->timeout);
- } else {
-- auth_data->timeout_started = false;
-+ auth_data->timeout =
-+ round_jiffies_up(jiffies + IEEE80211_AUTH_TIMEOUT_LONG);
-+ auth_data->timeout_started = true;
-+ run_again(sdata, auth_data->timeout);
- }
-
- return 0;
-@@ -3434,7 +3464,11 @@ static int ieee80211_do_assoc(struct iee
- assoc_data->timeout_started = true;
- run_again(sdata, assoc_data->timeout);
- } else {
-- assoc_data->timeout_started = false;
-+ assoc_data->timeout =
-+ round_jiffies_up(jiffies +
-+ IEEE80211_ASSOC_TIMEOUT_LONG);
-+ assoc_data->timeout_started = true;
-+ run_again(sdata, assoc_data->timeout);
- }
-
- return 0;
-@@ -3829,7 +3863,7 @@ static int ieee80211_prep_channel(struct
- ifmgd->flags |= ieee80211_determine_chantype(sdata, sband,
- cbss->channel,
- ht_oper, vht_oper,
-- &chandef, true);
-+ &chandef, false);
-
- sdata->needed_rx_chains = min(ieee80211_ht_vht_rx_chains(sdata, cbss),
- local->rx_chains);
---- a/net/wireless/core.c
-+++ b/net/wireless/core.c
-@@ -772,6 +772,7 @@ void cfg80211_leave(struct cfg80211_regi
- cfg80211_leave_mesh(rdev, dev);
- break;
- case NL80211_IFTYPE_AP:
-+ case NL80211_IFTYPE_P2P_GO:
- cfg80211_stop_ap(rdev, dev);
- break;
- default:
---- a/drivers/net/wireless/rtlwifi/Kconfig
-+++ b/drivers/net/wireless/rtlwifi/Kconfig
-@@ -1,29 +1,22 @@
--config RTLWIFI
-- tristate "Realtek wireless card support"
-+menuconfig RTL_CARDS
-+ tristate "Realtek rtlwifi family of devices"
- depends on m
-- depends on MAC80211
-- select BACKPORT_FW_LOADER
-- ---help---
-- This is common code for RTL8192CE/RTL8192CU/RTL8192SE/RTL8723AE
-- drivers. This module does nothing by itself - the various front-end
-- drivers need to be enabled to support any desired devices.
--
-- If you choose to build as a module, it'll be called rtlwifi.
--
--config RTLWIFI_DEBUG
-- bool "Debugging output for rtlwifi driver family"
-- depends on RTLWIFI
-+ depends on MAC80211 && (PCI || USB)
- default y
- ---help---
-- To use the module option that sets the dynamic-debugging level for,
-- the front-end driver, this parameter must be "Y". For memory-limited
-- systems, choose "N". If in doubt, choose "Y".
-+ This option will enable support for the Realtek mac80211-based
-+ wireless drivers. Drivers rtl8192ce, rtl8192cu, rtl8192se, rtl8192de,
-+ rtl8723eu, and rtl8188eu share some common code.
-+
-+if RTL_CARDS
-
- config RTL8192CE
- tristate "Realtek RTL8192CE/RTL8188CE Wireless Network Adapter"
- depends on m
-- depends on RTLWIFI && PCI
-+ depends on PCI
- select RTL8192C_COMMON
-+ select RTLWIFI
-+ select RTLWIFI_PCI
- ---help---
- This is the driver for Realtek RTL8192CE/RTL8188CE 802.11n PCIe
- wireless network adapters.
-@@ -33,7 +26,9 @@ config RTL8192CE
- config RTL8192SE
- tristate "Realtek RTL8192SE/RTL8191SE PCIe Wireless Network Adapter"
- depends on m
-- depends on RTLWIFI && PCI
-+ depends on PCI
-+ select RTLWIFI
-+ select RTLWIFI_PCI
- ---help---
- This is the driver for Realtek RTL8192SE/RTL8191SE 802.11n PCIe
- wireless network adapters.
-@@ -43,7 +38,9 @@ config RTL8192SE
- config RTL8192DE
- tristate "Realtek RTL8192DE/RTL8188DE PCIe Wireless Network Adapter"
- depends on m
-- depends on RTLWIFI && PCI
-+ depends on PCI
-+ select RTLWIFI
-+ select RTLWIFI_PCI
- ---help---
- This is the driver for Realtek RTL8192DE/RTL8188DE 802.11n PCIe
- wireless network adapters.
-@@ -53,7 +50,9 @@ config RTL8192DE
- config RTL8723AE
- tristate "Realtek RTL8723AE PCIe Wireless Network Adapter"
- depends on m
-- depends on RTLWIFI && PCI
-+ depends on PCI
-+ select RTLWIFI
-+ select RTLWIFI_PCI
- ---help---
- This is the driver for Realtek RTL8723AE 802.11n PCIe
- wireless network adapters.
-@@ -63,7 +62,9 @@ config RTL8723AE
- config RTL8188EE
- tristate "Realtek RTL8188EE Wireless Network Adapter"
- depends on m
-- depends on RTLWIFI && PCI
-+ depends on PCI
-+ select RTLWIFI
-+ select RTLWIFI_PCI
- ---help---
- This is the driver for Realtek RTL8188EE 802.11n PCIe
- wireless network adapters.
-@@ -73,7 +74,9 @@ config RTL8188EE
- config RTL8192CU
- tristate "Realtek RTL8192CU/RTL8188CU USB Wireless Network Adapter"
- depends on m
-- depends on RTLWIFI && USB
-+ depends on USB
-+ select RTLWIFI
-+ select RTLWIFI_USB
- select RTL8192C_COMMON
- ---help---
- This is the driver for Realtek RTL8192CU/RTL8188CU 802.11n USB
-@@ -81,8 +84,32 @@ config RTL8192CU
-
- If you choose to build it as a module, it will be called rtl8192cu
-
-+config RTLWIFI
-+ tristate
-+ depends on m
-+ select BACKPORT_FW_LOADER
-+
-+config RTLWIFI_PCI
-+ tristate
-+ depends on m
-+
-+config RTLWIFI_USB
-+ tristate
-+ depends on m
-+
-+config RTLWIFI_DEBUG
-+ bool "Debugging output for rtlwifi driver family"
-+ depends on RTLWIFI
-+ default y
-+ ---help---
-+ To use the module option that sets the dynamic-debugging level for,
-+ the front-end driver, this parameter must be "Y". For memory-limited
-+ systems, choose "N". If in doubt, choose "Y".
-+
- config RTL8192C_COMMON
- tristate
- depends on m
- depends on RTL8192CE || RTL8192CU
-- default m
-+ default y
-+
-+endif
---- a/drivers/net/wireless/rtlwifi/Makefile
-+++ b/drivers/net/wireless/rtlwifi/Makefile
-@@ -12,13 +12,11 @@ rtlwifi-objs := \
-
- rtl8192c_common-objs += \
-
--ifneq ($(CONFIG_PCI),)
--rtlwifi-objs += pci.o
--endif
-+obj-$(CPTCFG_RTLWIFI_PCI) += rtl_pci.o
-+rtl_pci-objs := pci.o
-
--ifneq ($(CONFIG_USB),)
--rtlwifi-objs += usb.o
--endif
-+obj-$(CPTCFG_RTLWIFI_USB) += rtl_usb.o
-+rtl_usb-objs := usb.o
-
- obj-$(CPTCFG_RTL8192C_COMMON) += rtl8192c/
- obj-$(CPTCFG_RTL8192CE) += rtl8192ce/
---- a/drivers/net/wireless/rtlwifi/ps.h
-+++ b/drivers/net/wireless/rtlwifi/ps.h
-@@ -49,5 +49,6 @@ void rtl_swlps_rf_awake(struct ieee80211
- void rtl_swlps_rf_sleep(struct ieee80211_hw *hw);
- void rtl_p2p_ps_cmd(struct ieee80211_hw *hw, u8 p2p_ps_state);
- void rtl_p2p_info(struct ieee80211_hw *hw, void *data, unsigned int len);
-+void rtl_lps_change_work_callback(struct work_struct *work);
-
- #endif
---- a/drivers/net/wireless/rtlwifi/base.c
-+++ b/drivers/net/wireless/rtlwifi/base.c
-@@ -173,6 +173,7 @@ u8 rtl_tid_to_ac(u8 tid)
- {
- return tid_to_ac[tid];
- }
-+EXPORT_SYMBOL_GPL(rtl_tid_to_ac);
-
- static void _rtl_init_hw_ht_capab(struct ieee80211_hw *hw,
- struct ieee80211_sta_ht_cap *ht_cap)
-@@ -407,6 +408,7 @@ void rtl_deinit_deferred_work(struct iee
- cancel_delayed_work(&rtlpriv->works.ps_rfon_wq);
- cancel_delayed_work(&rtlpriv->works.fwevt_wq);
- }
-+EXPORT_SYMBOL_GPL(rtl_deinit_deferred_work);
-
- void rtl_init_rfkill(struct ieee80211_hw *hw)
- {
-@@ -440,6 +442,7 @@ void rtl_deinit_rfkill(struct ieee80211_
- {
- wiphy_rfkill_stop_polling(hw->wiphy);
- }
-+EXPORT_SYMBOL_GPL(rtl_deinit_rfkill);
-
- int rtl_init_core(struct ieee80211_hw *hw)
- {
-@@ -490,10 +493,12 @@ int rtl_init_core(struct ieee80211_hw *h
-
- return 0;
- }
-+EXPORT_SYMBOL_GPL(rtl_init_core);
-
- void rtl_deinit_core(struct ieee80211_hw *hw)
- {
- }
-+EXPORT_SYMBOL_GPL(rtl_deinit_core);
-
- void rtl_init_rx_config(struct ieee80211_hw *hw)
- {
-@@ -502,6 +507,7 @@ void rtl_init_rx_config(struct ieee80211
-
- rtlpriv->cfg->ops->get_hw_reg(hw, HW_VAR_RCR, (u8 *) (&mac->rx_conf));
- }
-+EXPORT_SYMBOL_GPL(rtl_init_rx_config);
-
- /*********************************************************
- *
-@@ -880,6 +886,7 @@ bool rtl_tx_mgmt_proc(struct ieee80211_h
-
- return true;
- }
-+EXPORT_SYMBOL_GPL(rtl_tx_mgmt_proc);
-
- void rtl_get_tcb_desc(struct ieee80211_hw *hw,
- struct ieee80211_tx_info *info,
-@@ -1053,6 +1060,7 @@ bool rtl_action_proc(struct ieee80211_hw
-
- return true;
- }
-+EXPORT_SYMBOL_GPL(rtl_action_proc);
-
- /*should call before software enc*/
- u8 rtl_is_special_data(struct ieee80211_hw *hw, struct sk_buff *skb, u8 is_tx)
-@@ -1126,6 +1134,7 @@ u8 rtl_is_special_data(struct ieee80211_
-
- return false;
- }
-+EXPORT_SYMBOL_GPL(rtl_is_special_data);
-
- /*********************************************************
- *
-@@ -1301,6 +1310,7 @@ void rtl_beacon_statistic(struct ieee802
-
- rtlpriv->link_info.bcn_rx_inperiod++;
- }
-+EXPORT_SYMBOL_GPL(rtl_beacon_statistic);
-
- void rtl_watchdog_wq_callback(void *data)
- {
-@@ -1794,6 +1804,7 @@ void rtl_recognize_peer(struct ieee80211
-
- mac->vendor = vendor;
- }
-+EXPORT_SYMBOL_GPL(rtl_recognize_peer);
-
- /*********************************************************
- *
-@@ -1850,6 +1861,7 @@ struct attribute_group rtl_attribute_gro
- .name = "rtlsysfs",
- .attrs = rtl_sysfs_entries,
- };
-+EXPORT_SYMBOL_GPL(rtl_attribute_group);
-
- MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
- MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
-@@ -1857,7 +1869,8 @@ MODULE_AUTHOR("Larry Finger <Larry.FInge
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Realtek 802.11n PCI wireless core");
-
--struct rtl_global_var global_var = {};
-+struct rtl_global_var rtl_global_var = {};
-+EXPORT_SYMBOL_GPL(rtl_global_var);
-
- static int __init rtl_core_module_init(void)
- {
-@@ -1865,8 +1878,8 @@ static int __init rtl_core_module_init(v
- pr_err("Unable to register rtl_rc, use default RC !!\n");
-
- /* init some global vars */
-- INIT_LIST_HEAD(&global_var.glb_priv_list);
-- spin_lock_init(&global_var.glb_list_lock);
-+ INIT_LIST_HEAD(&rtl_global_var.glb_priv_list);
-+ spin_lock_init(&rtl_global_var.glb_list_lock);
-
- return 0;
- }
---- a/drivers/net/wireless/rtlwifi/base.h
-+++ b/drivers/net/wireless/rtlwifi/base.h
-@@ -147,7 +147,7 @@ void rtl_recognize_peer(struct ieee80211
- u8 rtl_tid_to_ac(u8 tid);
- extern struct attribute_group rtl_attribute_group;
- void rtl_easy_concurrent_retrytimer_callback(unsigned long data);
--extern struct rtl_global_var global_var;
-+extern struct rtl_global_var rtl_global_var;
- int rtlwifi_rate_mapping(struct ieee80211_hw *hw,
- bool isht, u8 desc_rate, bool first_ampdu);
- bool rtl_tx_mgmt_proc(struct ieee80211_hw *hw, struct sk_buff *skb);
---- a/drivers/net/wireless/rtlwifi/core.c
-+++ b/drivers/net/wireless/rtlwifi/core.c
-@@ -1330,3 +1330,4 @@ const struct ieee80211_ops rtl_ops = {
- .rfkill_poll = rtl_op_rfkill_poll,
- .flush = rtl_op_flush,
- };
-+EXPORT_SYMBOL_GPL(rtl_ops);
---- a/drivers/net/wireless/rtlwifi/debug.c
-+++ b/drivers/net/wireless/rtlwifi/debug.c
-@@ -51,3 +51,4 @@ void rtl_dbgp_flag_init(struct ieee80211
-
- /*Init Debug flag enable condition */
- }
-+EXPORT_SYMBOL_GPL(rtl_dbgp_flag_init);
---- a/drivers/net/wireless/rtlwifi/efuse.c
-+++ b/drivers/net/wireless/rtlwifi/efuse.c
-@@ -229,6 +229,7 @@ void read_efuse_byte(struct ieee80211_hw
-
- *pbuf = (u8) (value32 & 0xff);
- }
-+EXPORT_SYMBOL_GPL(read_efuse_byte);
-
- void read_efuse(struct ieee80211_hw *hw, u16 _offset, u16 _size_byte, u8 *pbuf)
- {
---- a/drivers/net/wireless/rtlwifi/pci.c
-+++ b/drivers/net/wireless/rtlwifi/pci.c
-@@ -35,6 +35,13 @@
- #include "efuse.h"
- #include <linux/export.h>
- #include <linux/kmemleak.h>
-+#include <linux/module.h>
-+
-+MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
-+MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
-+MODULE_AUTHOR("Larry Finger <Larry.FInger@lwfinger.net>");
-+MODULE_LICENSE("GPL");
-+MODULE_DESCRIPTION("PCI basic driver for rtlwifi");
-
- static const u16 pcibridge_vendors[PCI_BRIDGE_VENDOR_MAX] = {
- PCI_VENDOR_ID_INTEL,
-@@ -1008,19 +1015,6 @@ static void _rtl_pci_prepare_bcn_tasklet
- return;
- }
-
--static void rtl_lps_change_work_callback(struct work_struct *work)
--{
-- struct rtl_works *rtlworks =
-- container_of(work, struct rtl_works, lps_change_work);
-- struct ieee80211_hw *hw = rtlworks->hw;
-- struct rtl_priv *rtlpriv = rtl_priv(hw);
--
-- if (rtlpriv->enter_ps)
-- rtl_lps_enter(hw);
-- else
-- rtl_lps_leave(hw);
--}
--
- static void _rtl_pci_init_trx_var(struct ieee80211_hw *hw)
- {
- struct rtl_pci *rtlpci = rtl_pcidev(rtl_pcipriv(hw));
-@@ -1899,7 +1893,7 @@ int rtl_pci_probe(struct pci_dev *pdev,
- rtlpriv->rtlhal.interface = INTF_PCI;
- rtlpriv->cfg = (struct rtl_hal_cfg *)(id->driver_data);
- rtlpriv->intf_ops = &rtl_pci_ops;
-- rtlpriv->glb_var = &global_var;
-+ rtlpriv->glb_var = &rtl_global_var;
-
- /*
- *init dbgp flags before all
---- a/drivers/net/wireless/rtlwifi/ps.c
-+++ b/drivers/net/wireless/rtlwifi/ps.c
-@@ -269,6 +269,7 @@ void rtl_ips_nic_on(struct ieee80211_hw
-
- spin_unlock_irqrestore(&rtlpriv->locks.ips_lock, flags);
- }
-+EXPORT_SYMBOL_GPL(rtl_ips_nic_on);
-
- /*for FW LPS*/
-
-@@ -518,6 +519,7 @@ void rtl_swlps_beacon(struct ieee80211_h
- "u_bufferd: %x, m_buffered: %x\n", u_buffed, m_buffed);
- }
- }
-+EXPORT_SYMBOL_GPL(rtl_swlps_beacon);
-
- void rtl_swlps_rf_awake(struct ieee80211_hw *hw)
- {
-@@ -611,6 +613,19 @@ void rtl_swlps_rf_sleep(struct ieee80211
- MSECS(sleep_intv * mac->vif->bss_conf.beacon_int - 40));
- }
-
-+void rtl_lps_change_work_callback(struct work_struct *work)
-+{
-+ struct rtl_works *rtlworks =
-+ container_of(work, struct rtl_works, lps_change_work);
-+ struct ieee80211_hw *hw = rtlworks->hw;
-+ struct rtl_priv *rtlpriv = rtl_priv(hw);
-+
-+ if (rtlpriv->enter_ps)
-+ rtl_lps_enter(hw);
-+ else
-+ rtl_lps_leave(hw);
-+}
-+EXPORT_SYMBOL_GPL(rtl_lps_change_work_callback);
-
- void rtl_swlps_wq_callback(void *data)
- {
-@@ -922,3 +937,4 @@ void rtl_p2p_info(struct ieee80211_hw *h
- else
- rtl_p2p_noa_ie(hw, data, len - FCS_LEN);
- }
-+EXPORT_SYMBOL_GPL(rtl_p2p_info);
---- a/drivers/net/wireless/rtlwifi/usb.c
-+++ b/drivers/net/wireless/rtlwifi/usb.c
-@@ -32,6 +32,13 @@
- #include "ps.h"
- #include "rtl8192c/fw_common.h"
- #include <linux/export.h>
-+#include <linux/module.h>
-+
-+MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
-+MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
-+MODULE_AUTHOR("Larry Finger <Larry.FInger@lwfinger.net>");
-+MODULE_LICENSE("GPL");
-+MODULE_DESCRIPTION("USB basic driver for rtlwifi");
-
- #define REALTEK_USB_VENQT_READ 0xC0
- #define REALTEK_USB_VENQT_WRITE 0x40
-@@ -1070,6 +1077,8 @@ int rtl_usb_probe(struct usb_interface *
- spin_lock_init(&rtlpriv->locks.usb_lock);
- INIT_WORK(&rtlpriv->works.fill_h2c_cmd,
- rtl_fill_h2c_cmd_work_callback);
-+ INIT_WORK(&rtlpriv->works.lps_change_work,
-+ rtl_lps_change_work_callback);
-
- rtlpriv->usb_data_index = 0;
- init_completion(&rtlpriv->firmware_loading_complete);
---- a/drivers/net/wireless/ath/ath9k/ath9k.h
-+++ b/drivers/net/wireless/ath/ath9k/ath9k.h
-@@ -64,7 +64,6 @@ struct ath_node;
-
- struct ath_config {
- u16 txpowlimit;
-- u8 cabqReadytime;
- };
-
- /*************************/
-@@ -72,17 +71,12 @@ struct ath_config {
- /*************************/
-
- #define ATH_TXBUF_RESET(_bf) do { \
-- (_bf)->bf_stale = false; \
- (_bf)->bf_lastbf = NULL; \
- (_bf)->bf_next = NULL; \
- memset(&((_bf)->bf_state), 0, \
- sizeof(struct ath_buf_state)); \
- } while (0)
-
--#define ATH_RXBUF_RESET(_bf) do { \
-- (_bf)->bf_stale = false; \
-- } while (0)
--
- /**
- * enum buffer_type - Buffer type flags
- *
-@@ -137,7 +131,8 @@ int ath_descdma_setup(struct ath_softc *
- #define ATH_AGGR_ENCRYPTDELIM 10
- /* minimum h/w qdepth to be sustained to maximize aggregation */
- #define ATH_AGGR_MIN_QDEPTH 2
--#define ATH_AMPDU_SUBFRAME_DEFAULT 32
-+/* minimum h/w qdepth for non-aggregated traffic */
-+#define ATH_NON_AGGR_MIN_QDEPTH 8
-
- #define IEEE80211_SEQ_SEQ_SHIFT 4
- #define IEEE80211_SEQ_MAX 4096
-@@ -174,12 +169,6 @@ int ath_descdma_setup(struct ath_softc *
-
- #define ATH_TX_COMPLETE_POLL_INT 1000
-
--enum ATH_AGGR_STATUS {
-- ATH_AGGR_DONE,
-- ATH_AGGR_BAW_CLOSED,
-- ATH_AGGR_LIMITED,
--};
--
- #define ATH_TXFIFO_DEPTH 8
- struct ath_txq {
- int mac80211_qnum; /* mac80211 queue number, -1 means not mac80211 Q */
-@@ -201,10 +190,10 @@ struct ath_txq {
-
- struct ath_atx_ac {
- struct ath_txq *txq;
-- int sched;
- struct list_head list;
- struct list_head tid_q;
- bool clear_ps_filter;
-+ bool sched;
- };
-
- struct ath_frame_info {
-@@ -212,14 +201,24 @@ struct ath_frame_info {
- int framelen;
- enum ath9k_key_type keytype;
- u8 keyix;
-- u8 retries;
- u8 rtscts_rate;
-+ u8 retries : 7;
-+ u8 baw_tracked : 1;
-+};
-+
-+struct ath_rxbuf {
-+ struct list_head list;
-+ struct sk_buff *bf_mpdu;
-+ void *bf_desc;
-+ dma_addr_t bf_daddr;
-+ dma_addr_t bf_buf_addr;
- };
-
- struct ath_buf_state {
- u8 bf_type;
- u8 bfs_paprd;
- u8 ndelim;
-+ bool stale;
- u16 seqno;
- unsigned long bfs_paprd_timestamp;
- };
-@@ -233,7 +232,6 @@ struct ath_buf {
- void *bf_desc; /* virtual addr of desc */
- dma_addr_t bf_daddr; /* physical addr of desc */
- dma_addr_t bf_buf_addr; /* physical addr of data buffer, for DMA */
-- bool bf_stale;
- struct ieee80211_tx_rate rates[4];
- struct ath_buf_state bf_state;
- };
-@@ -241,16 +239,18 @@ struct ath_buf {
- struct ath_atx_tid {
- struct list_head list;
- struct sk_buff_head buf_q;
-+ struct sk_buff_head retry_q;
- struct ath_node *an;
- struct ath_atx_ac *ac;
- unsigned long tx_buf[BITS_TO_LONGS(ATH_TID_MAX_BUFS)];
-- int bar_index;
- u16 seq_start;
- u16 seq_next;
- u16 baw_size;
-- int tidno;
-+ u8 tidno;
- int baw_head; /* first un-acked tx buffer */
- int baw_tail; /* next unused tx buffer slot */
-+
-+ s8 bar_index;
- bool sched;
- bool paused;
- bool active;
-@@ -262,12 +262,13 @@ struct ath_node {
- struct ieee80211_vif *vif; /* interface with which we're associated */
- struct ath_atx_tid tid[IEEE80211_NUM_TIDS];
- struct ath_atx_ac ac[IEEE80211_NUM_ACS];
-- int ps_key;
-
- u16 maxampdu;
- u8 mpdudensity;
-+ s8 ps_key;
-
- bool sleeping;
-+ bool no_ps_filter;
-
- #if defined(CPTCFG_MAC80211_DEBUGFS) && defined(CPTCFG_ATH9K_DEBUGFS)
- struct dentry *node_stat;
-@@ -317,6 +318,7 @@ struct ath_rx {
- struct ath_descdma rxdma;
- struct ath_rx_edma rx_edma[ATH9K_RX_QUEUE_MAX];
-
-+ struct ath_rxbuf *buf_hold;
- struct sk_buff *frag;
-
- u32 ampdu_ref;
-@@ -367,6 +369,7 @@ void ath9k_release_buffered_frames(struc
- /********/
-
- struct ath_vif {
-+ struct ath_node mcast_node;
- int av_bslot;
- bool primary_sta_vif;
- __le64 tsf_adjust; /* TSF adjustment for staggered beacons */
-@@ -585,19 +588,14 @@ static inline void ath_fill_led_pin(stru
- #define ATH_ANT_DIV_COMB_MAX_COUNT 100
- #define ATH_ANT_DIV_COMB_ALT_ANT_RATIO 30
- #define ATH_ANT_DIV_COMB_ALT_ANT_RATIO2 20
-+#define ATH_ANT_DIV_COMB_ALT_ANT_RATIO_LOW_RSSI 50
-+#define ATH_ANT_DIV_COMB_ALT_ANT_RATIO2_LOW_RSSI 50
-
- #define ATH_ANT_DIV_COMB_LNA1_LNA2_SWITCH_DELTA -1
- #define ATH_ANT_DIV_COMB_LNA1_DELTA_HI -4
- #define ATH_ANT_DIV_COMB_LNA1_DELTA_MID -2
- #define ATH_ANT_DIV_COMB_LNA1_DELTA_LOW 2
-
--enum ath9k_ant_div_comb_lna_conf {
-- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2,
-- ATH_ANT_DIV_COMB_LNA2,
-- ATH_ANT_DIV_COMB_LNA1,
-- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2,
--};
--
- struct ath_ant_comb {
- u16 count;
- u16 total_pkt_count;
-@@ -614,27 +612,36 @@ struct ath_ant_comb {
- int rssi_first;
- int rssi_second;
- int rssi_third;
-+ int ant_ratio;
-+ int ant_ratio2;
- bool alt_good;
- int quick_scan_cnt;
-- int main_conf;
-+ enum ath9k_ant_div_comb_lna_conf main_conf;
- enum ath9k_ant_div_comb_lna_conf first_quick_scan_conf;
- enum ath9k_ant_div_comb_lna_conf second_quick_scan_conf;
- bool first_ratio;
- bool second_ratio;
- unsigned long scan_start_time;
-+
-+ /*
-+ * Card-specific config values.
-+ */
-+ int low_rssi_thresh;
-+ int fast_div_bias;
- };
-
- void ath_ant_comb_scan(struct ath_softc *sc, struct ath_rx_status *rs);
--void ath_ant_comb_update(struct ath_softc *sc);
-
- /********************/
- /* Main driver core */
- /********************/
-
--#define ATH9K_PCI_CUS198 0x0001
--#define ATH9K_PCI_CUS230 0x0002
--#define ATH9K_PCI_CUS217 0x0004
--#define ATH9K_PCI_WOW 0x0008
-+#define ATH9K_PCI_CUS198 0x0001
-+#define ATH9K_PCI_CUS230 0x0002
-+#define ATH9K_PCI_CUS217 0x0004
-+#define ATH9K_PCI_WOW 0x0008
-+#define ATH9K_PCI_BT_ANT_DIV 0x0010
-+#define ATH9K_PCI_D3_L1_WAR 0x0020
-
- /*
- * Default cache line size, in bytes.
-@@ -926,7 +933,6 @@ void ath9k_deinit_device(struct ath_soft
- void ath9k_set_hw_capab(struct ath_softc *sc, struct ieee80211_hw *hw);
- void ath9k_reload_chainmask_settings(struct ath_softc *sc);
-
--bool ath9k_uses_beacons(int type);
- void ath9k_spectral_scan_trigger(struct ieee80211_hw *hw);
- int ath9k_spectral_scan_config(struct ieee80211_hw *hw,
- enum spectral_mode spectral_mode);
---- a/drivers/net/wireless/ath/ath9k/debug.c
-+++ b/drivers/net/wireless/ath/ath9k/debug.c
-@@ -270,25 +270,29 @@ static const struct file_operations fops
- .llseek = default_llseek,
- };
-
--static ssize_t read_file_ant_diversity(struct file *file, char __user *user_buf,
-- size_t count, loff_t *ppos)
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+
-+static ssize_t read_file_bt_ant_diversity(struct file *file,
-+ char __user *user_buf,
-+ size_t count, loff_t *ppos)
- {
- struct ath_softc *sc = file->private_data;
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
- char buf[32];
- unsigned int len;
-
-- len = sprintf(buf, "%d\n", common->antenna_diversity);
-+ len = sprintf(buf, "%d\n", common->bt_ant_diversity);
- return simple_read_from_buffer(user_buf, count, ppos, buf, len);
- }
-
--static ssize_t write_file_ant_diversity(struct file *file,
-- const char __user *user_buf,
-- size_t count, loff_t *ppos)
-+static ssize_t write_file_bt_ant_diversity(struct file *file,
-+ const char __user *user_buf,
-+ size_t count, loff_t *ppos)
- {
- struct ath_softc *sc = file->private_data;
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
-- unsigned long antenna_diversity;
-+ struct ath9k_hw_capabilities *pCap = &sc->sc_ah->caps;
-+ unsigned long bt_ant_diversity;
- char buf[32];
- ssize_t len;
-
-@@ -296,26 +300,147 @@ static ssize_t write_file_ant_diversity(
- if (copy_from_user(buf, user_buf, len))
- return -EFAULT;
-
-- if (!AR_SREV_9565(sc->sc_ah))
-+ if (!(pCap->hw_caps & ATH9K_HW_CAP_BT_ANT_DIV))
- goto exit;
-
- buf[len] = '\0';
-- if (strict_strtoul(buf, 0, &antenna_diversity))
-+ if (kstrtoul(buf, 0, &bt_ant_diversity))
- return -EINVAL;
-
-- common->antenna_diversity = !!antenna_diversity;
-+ common->bt_ant_diversity = !!bt_ant_diversity;
- ath9k_ps_wakeup(sc);
-- ath_ant_comb_update(sc);
-- ath_dbg(common, CONFIG, "Antenna diversity: %d\n",
-- common->antenna_diversity);
-+ ath9k_hw_set_bt_ant_diversity(sc->sc_ah, common->bt_ant_diversity);
-+ ath_dbg(common, CONFIG, "Enable WLAN/BT RX Antenna diversity: %d\n",
-+ common->bt_ant_diversity);
- ath9k_ps_restore(sc);
- exit:
- return count;
- }
-
--static const struct file_operations fops_ant_diversity = {
-- .read = read_file_ant_diversity,
-- .write = write_file_ant_diversity,
-+static const struct file_operations fops_bt_ant_diversity = {
-+ .read = read_file_bt_ant_diversity,
-+ .write = write_file_bt_ant_diversity,
-+ .open = simple_open,
-+ .owner = THIS_MODULE,
-+ .llseek = default_llseek,
-+};
-+
-+#endif
-+
-+void ath9k_debug_stat_ant(struct ath_softc *sc,
-+ struct ath_hw_antcomb_conf *div_ant_conf,
-+ int main_rssi_avg, int alt_rssi_avg)
-+{
-+ struct ath_antenna_stats *as_main = &sc->debug.stats.ant_stats[ANT_MAIN];
-+ struct ath_antenna_stats *as_alt = &sc->debug.stats.ant_stats[ANT_ALT];
-+
-+ as_main->lna_attempt_cnt[div_ant_conf->main_lna_conf]++;
-+ as_alt->lna_attempt_cnt[div_ant_conf->alt_lna_conf]++;
-+
-+ as_main->rssi_avg = main_rssi_avg;
-+ as_alt->rssi_avg = alt_rssi_avg;
-+}
-+
-+static ssize_t read_file_antenna_diversity(struct file *file,
-+ char __user *user_buf,
-+ size_t count, loff_t *ppos)
-+{
-+ struct ath_softc *sc = file->private_data;
-+ struct ath_hw *ah = sc->sc_ah;
-+ struct ath9k_hw_capabilities *pCap = &ah->caps;
-+ struct ath_antenna_stats *as_main = &sc->debug.stats.ant_stats[ANT_MAIN];
-+ struct ath_antenna_stats *as_alt = &sc->debug.stats.ant_stats[ANT_ALT];
-+ struct ath_hw_antcomb_conf div_ant_conf;
-+ unsigned int len = 0, size = 1024;
-+ ssize_t retval = 0;
-+ char *buf;
-+ char *lna_conf_str[4] = {"LNA1_MINUS_LNA2",
-+ "LNA2",
-+ "LNA1",
-+ "LNA1_PLUS_LNA2"};
-+
-+ buf = kzalloc(size, GFP_KERNEL);
-+ if (buf == NULL)
-+ return -ENOMEM;
-+
-+ if (!(pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB)) {
-+ len += snprintf(buf + len, size - len, "%s\n",
-+ "Antenna Diversity Combining is disabled");
-+ goto exit;
-+ }
-+
-+ ath9k_ps_wakeup(sc);
-+ ath9k_hw_antdiv_comb_conf_get(ah, &div_ant_conf);
-+ len += snprintf(buf + len, size - len, "Current MAIN config : %s\n",
-+ lna_conf_str[div_ant_conf.main_lna_conf]);
-+ len += snprintf(buf + len, size - len, "Current ALT config : %s\n",
-+ lna_conf_str[div_ant_conf.alt_lna_conf]);
-+ len += snprintf(buf + len, size - len, "Average MAIN RSSI : %d\n",
-+ as_main->rssi_avg);
-+ len += snprintf(buf + len, size - len, "Average ALT RSSI : %d\n\n",
-+ as_alt->rssi_avg);
-+ ath9k_ps_restore(sc);
-+
-+ len += snprintf(buf + len, size - len, "Packet Receive Cnt:\n");
-+ len += snprintf(buf + len, size - len, "-------------------\n");
-+
-+ len += snprintf(buf + len, size - len, "%30s%15s\n",
-+ "MAIN", "ALT");
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "TOTAL COUNT",
-+ as_main->recv_cnt,
-+ as_alt->recv_cnt);
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA1",
-+ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1],
-+ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1]);
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA2",
-+ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA2],
-+ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA2]);
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA1 + LNA2",
-+ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2],
-+ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2]);
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA1 - LNA2",
-+ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2],
-+ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2]);
-+
-+ len += snprintf(buf + len, size - len, "\nLNA Config Attempts:\n");
-+ len += snprintf(buf + len, size - len, "--------------------\n");
-+
-+ len += snprintf(buf + len, size - len, "%30s%15s\n",
-+ "MAIN", "ALT");
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA1",
-+ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1],
-+ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1]);
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA2",
-+ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA2],
-+ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA2]);
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA1 + LNA2",
-+ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2],
-+ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2]);
-+ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
-+ "LNA1 - LNA2",
-+ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2],
-+ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2]);
-+
-+exit:
-+ if (len > size)
-+ len = size;
-+
-+ retval = simple_read_from_buffer(user_buf, count, ppos, buf, len);
-+ kfree(buf);
-+
-+ return retval;
-+}
-+
-+static const struct file_operations fops_antenna_diversity = {
-+ .read = read_file_antenna_diversity,
- .open = simple_open,
- .owner = THIS_MODULE,
- .llseek = default_llseek,
-@@ -607,6 +732,28 @@ static ssize_t read_file_xmit(struct fil
- return retval;
- }
-
-+static ssize_t print_queue(struct ath_softc *sc, struct ath_txq *txq,
-+ char *buf, ssize_t size)
-+{
-+ ssize_t len = 0;
-+
-+ ath_txq_lock(sc, txq);
-+
-+ len += snprintf(buf + len, size - len, "%s: %d ",
-+ "qnum", txq->axq_qnum);
-+ len += snprintf(buf + len, size - len, "%s: %2d ",
-+ "qdepth", txq->axq_depth);
-+ len += snprintf(buf + len, size - len, "%s: %2d ",
-+ "ampdu-depth", txq->axq_ampdu_depth);
-+ len += snprintf(buf + len, size - len, "%s: %3d ",
-+ "pending", txq->pending_frames);
-+ len += snprintf(buf + len, size - len, "%s: %d\n",
-+ "stopped", txq->stopped);
-+
-+ ath_txq_unlock(sc, txq);
-+ return len;
-+}
-+
- static ssize_t read_file_queues(struct file *file, char __user *user_buf,
- size_t count, loff_t *ppos)
- {
-@@ -624,24 +771,13 @@ static ssize_t read_file_queues(struct f
-
- for (i = 0; i < IEEE80211_NUM_ACS; i++) {
- txq = sc->tx.txq_map[i];
-- len += snprintf(buf + len, size - len, "(%s): ", qname[i]);
--
-- ath_txq_lock(sc, txq);
--
-- len += snprintf(buf + len, size - len, "%s: %d ",
-- "qnum", txq->axq_qnum);
-- len += snprintf(buf + len, size - len, "%s: %2d ",
-- "qdepth", txq->axq_depth);
-- len += snprintf(buf + len, size - len, "%s: %2d ",
-- "ampdu-depth", txq->axq_ampdu_depth);
-- len += snprintf(buf + len, size - len, "%s: %3d ",
-- "pending", txq->pending_frames);
-- len += snprintf(buf + len, size - len, "%s: %d\n",
-- "stopped", txq->stopped);
--
-- ath_txq_unlock(sc, txq);
-+ len += snprintf(buf + len, size - len, "(%s): ", qname[i]);
-+ len += print_queue(sc, txq, buf + len, size - len);
- }
-
-+ len += snprintf(buf + len, size - len, "(CAB): ");
-+ len += print_queue(sc, sc->beacon.cabq, buf + len, size - len);
-+
- if (len > size)
- len = size;
-
-@@ -1818,9 +1954,11 @@ int ath9k_init_debug(struct ath_hw *ah)
- sc->debug.debugfs_phy, &sc->sc_ah->gpio_mask);
- debugfs_create_u32("gpio_val", S_IRUSR | S_IWUSR,
- sc->debug.debugfs_phy, &sc->sc_ah->gpio_val);
-- debugfs_create_file("diversity", S_IRUSR | S_IWUSR,
-- sc->debug.debugfs_phy, sc, &fops_ant_diversity);
-+ debugfs_create_file("antenna_diversity", S_IRUSR,
-+ sc->debug.debugfs_phy, sc, &fops_antenna_diversity);
- #ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+ debugfs_create_file("bt_ant_diversity", S_IRUSR | S_IWUSR,
-+ sc->debug.debugfs_phy, sc, &fops_bt_ant_diversity);
- debugfs_create_file("btcoex", S_IRUSR, sc->debug.debugfs_phy, sc,
- &fops_btcoex);
- #endif
---- a/net/mac80211/ibss.c
-+++ b/net/mac80211/ibss.c
-@@ -30,13 +30,14 @@
-
- #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
- #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
-+#define IEEE80211_IBSS_RSN_INACTIVITY_LIMIT (10 * HZ)
-
- #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
-
-
- static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
- const u8 *bssid, const int beacon_int,
-- struct ieee80211_channel *chan,
-+ struct cfg80211_chan_def *req_chandef,
- const u32 basic_rates,
- const u16 capability, u64 tsf,
- bool creator)
-@@ -51,6 +52,7 @@ static void __ieee80211_sta_join_ibss(st
- u32 bss_change;
- u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
- struct cfg80211_chan_def chandef;
-+ struct ieee80211_channel *chan;
- struct beacon_data *presp;
- int frame_len;
-
-@@ -81,7 +83,9 @@ static void __ieee80211_sta_join_ibss(st
-
- sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
-
-- chandef = ifibss->chandef;
-+ /* make a copy of the chandef, it could be modified below. */
-+ chandef = *req_chandef;
-+ chan = chandef.chan;
- if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
- chandef.width = NL80211_CHAN_WIDTH_20;
- chandef.center_freq1 = chan->center_freq;
-@@ -259,10 +263,12 @@ static void ieee80211_sta_join_ibss(stru
- struct cfg80211_bss *cbss =
- container_of((void *)bss, struct cfg80211_bss, priv);
- struct ieee80211_supported_band *sband;
-+ struct cfg80211_chan_def chandef;
- u32 basic_rates;
- int i, j;
- u16 beacon_int = cbss->beacon_interval;
- const struct cfg80211_bss_ies *ies;
-+ enum nl80211_channel_type chan_type;
- u64 tsf;
-
- sdata_assert_lock(sdata);
-@@ -270,6 +276,26 @@ static void ieee80211_sta_join_ibss(stru
- if (beacon_int < 10)
- beacon_int = 10;
-
-+ switch (sdata->u.ibss.chandef.width) {
-+ case NL80211_CHAN_WIDTH_20_NOHT:
-+ case NL80211_CHAN_WIDTH_20:
-+ case NL80211_CHAN_WIDTH_40:
-+ chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef);
-+ cfg80211_chandef_create(&chandef, cbss->channel, chan_type);
-+ break;
-+ case NL80211_CHAN_WIDTH_5:
-+ case NL80211_CHAN_WIDTH_10:
-+ cfg80211_chandef_create(&chandef, cbss->channel,
-+ NL80211_CHAN_WIDTH_20_NOHT);
-+ chandef.width = sdata->u.ibss.chandef.width;
-+ break;
-+ default:
-+ /* fall back to 20 MHz for unsupported modes */
-+ cfg80211_chandef_create(&chandef, cbss->channel,
-+ NL80211_CHAN_WIDTH_20_NOHT);
-+ break;
-+ }
-+
- sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
-
- basic_rates = 0;
-@@ -294,7 +320,7 @@ static void ieee80211_sta_join_ibss(stru
-
- __ieee80211_sta_join_ibss(sdata, cbss->bssid,
- beacon_int,
-- cbss->channel,
-+ &chandef,
- basic_rates,
- cbss->capability,
- tsf, false);
-@@ -672,6 +698,33 @@ static int ieee80211_sta_active_ibss(str
- return active;
- }
-
-+static void ieee80211_ibss_sta_expire(struct ieee80211_sub_if_data *sdata)
-+{
-+ struct ieee80211_local *local = sdata->local;
-+ struct sta_info *sta, *tmp;
-+ unsigned long exp_time = IEEE80211_IBSS_INACTIVITY_LIMIT;
-+ unsigned long exp_rsn_time = IEEE80211_IBSS_RSN_INACTIVITY_LIMIT;
-+
-+ mutex_lock(&local->sta_mtx);
-+
-+ list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
-+ if (sdata != sta->sdata)
-+ continue;
-+
-+ if (time_after(jiffies, sta->last_rx + exp_time) ||
-+ (time_after(jiffies, sta->last_rx + exp_rsn_time) &&
-+ sta->sta_state != IEEE80211_STA_AUTHORIZED)) {
-+ sta_dbg(sta->sdata, "expiring inactive %sSTA %pM\n",
-+ sta->sta_state != IEEE80211_STA_AUTHORIZED ?
-+ "not authorized " : "", sta->sta.addr);
-+
-+ WARN_ON(__sta_info_destroy(sta));
-+ }
-+ }
-+
-+ mutex_unlock(&local->sta_mtx);
-+}
-+
- /*
- * This function is called with state == IEEE80211_IBSS_MLME_JOINED
- */
-@@ -685,7 +738,7 @@ static void ieee80211_sta_merge_ibss(str
- mod_timer(&ifibss->timer,
- round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
-
-- ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
-+ ieee80211_ibss_sta_expire(sdata);
-
- if (time_before(jiffies, ifibss->last_scan_completed +
- IEEE80211_IBSS_MERGE_INTERVAL))
-@@ -736,7 +789,7 @@ static void ieee80211_sta_create_ibss(st
- sdata->drop_unencrypted = 0;
-
- __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
-- ifibss->chandef.chan, ifibss->basic_rates,
-+ &ifibss->chandef, ifibss->basic_rates,
- capability, 0, true);
- }
-
-@@ -792,6 +845,17 @@ static void ieee80211_sta_find_ibss(stru
- return;
- }
-
-+ /* if a fixed bssid and a fixed freq have been provided create the IBSS
-+ * directly and do not waste time scanning
-+ */
-+ if (ifibss->fixed_bssid && ifibss->fixed_channel) {
-+ sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n",
-+ bssid);
-+ ieee80211_sta_create_ibss(sdata);
-+ return;
-+ }
-+
-+
- ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
-
- /* Selected IBSS not found in current scan results - try to scan */
-@@ -1138,6 +1202,7 @@ int ieee80211_ibss_leave(struct ieee8021
- clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
- ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
- BSS_CHANGED_IBSS);
-+ ieee80211_vif_release_channel(sdata);
- synchronize_rcu();
- kfree(presp);
-
---- a/drivers/net/wireless/ath/ath9k/ar9003_phy.c
-+++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.c
-@@ -551,8 +551,7 @@ static void ar9003_hw_set_channel_regs(s
- if (IS_CHAN_HT40(chan)) {
- phymode |= AR_PHY_GC_DYN2040_EN;
- /* Configure control (primary) channel at +-10MHz */
-- if ((chan->chanmode == CHANNEL_A_HT40PLUS) ||
-- (chan->chanmode == CHANNEL_G_HT40PLUS))
-+ if (IS_CHAN_HT40PLUS(chan))
- phymode |= AR_PHY_GC_DYN2040_PRI_CH;
-
- }
-@@ -565,7 +564,7 @@ static void ar9003_hw_set_channel_regs(s
- REG_WRITE(ah, AR_PHY_GEN_CTRL, phymode);
-
- /* Configure MAC for 20/40 operation */
-- ath9k_hw_set11nmac2040(ah);
-+ ath9k_hw_set11nmac2040(ah, chan);
-
- /* global transmit timeout (25 TUs default)*/
- REG_WRITE(ah, AR_GTXTO, 25 << AR_GTXTO_TIMEOUT_LIMIT_S);
-@@ -632,6 +631,22 @@ static void ar9003_hw_override_ini(struc
-
- REG_SET_BIT(ah, AR_PHY_CCK_DETECT,
- AR_PHY_CCK_DETECT_BB_ENABLE_ANT_FAST_DIV);
-+
-+ if (AR_SREV_9462(ah) || AR_SREV_9565(ah)) {
-+ REG_WRITE(ah, AR_GLB_SWREG_DISCONT_MODE,
-+ AR_GLB_SWREG_DISCONT_EN_BT_WLAN);
-+
-+ if (REG_READ_FIELD(ah, AR_PHY_TX_IQCAL_CONTROL_0,
-+ AR_PHY_TX_IQCAL_CONTROL_0_ENABLE_TXIQ_CAL))
-+ ah->enabled_cals |= TX_IQ_CAL;
-+ else
-+ ah->enabled_cals &= ~TX_IQ_CAL;
-+
-+ if (REG_READ(ah, AR_PHY_CL_CAL_CTL) & AR_PHY_CL_CAL_ENABLE)
-+ ah->enabled_cals |= TX_CL_CAL;
-+ else
-+ ah->enabled_cals &= ~TX_CL_CAL;
-+ }
- }
-
- static void ar9003_hw_prog_ini(struct ath_hw *ah,
-@@ -667,41 +682,22 @@ static int ar9550_hw_get_modes_txgain_in
- {
- int ret;
-
-- switch (chan->chanmode) {
-- case CHANNEL_A:
-- case CHANNEL_A_HT20:
-- if (chan->channel <= 5350)
-- ret = 1;
-- else if ((chan->channel > 5350) && (chan->channel <= 5600))
-- ret = 3;
-+ if (IS_CHAN_2GHZ(chan)) {
-+ if (IS_CHAN_HT40(chan))
-+ return 7;
- else
-- ret = 5;
-- break;
--
-- case CHANNEL_A_HT40PLUS:
-- case CHANNEL_A_HT40MINUS:
-- if (chan->channel <= 5350)
-- ret = 2;
-- else if ((chan->channel > 5350) && (chan->channel <= 5600))
-- ret = 4;
-- else
-- ret = 6;
-- break;
-+ return 8;
-+ }
-
-- case CHANNEL_G:
-- case CHANNEL_G_HT20:
-- case CHANNEL_B:
-- ret = 8;
-- break;
-+ if (chan->channel <= 5350)
-+ ret = 1;
-+ else if ((chan->channel > 5350) && (chan->channel <= 5600))
-+ ret = 3;
-+ else
-+ ret = 5;
-
-- case CHANNEL_G_HT40PLUS:
-- case CHANNEL_G_HT40MINUS:
-- ret = 7;
-- break;
--
-- default:
-- ret = -EINVAL;
-- }
-+ if (IS_CHAN_HT40(chan))
-+ ret++;
-
- return ret;
- }
-@@ -712,28 +708,10 @@ static int ar9003_hw_process_ini(struct
- unsigned int regWrites = 0, i;
- u32 modesIndex;
-
-- switch (chan->chanmode) {
-- case CHANNEL_A:
-- case CHANNEL_A_HT20:
-- modesIndex = 1;
-- break;
-- case CHANNEL_A_HT40PLUS:
-- case CHANNEL_A_HT40MINUS:
-- modesIndex = 2;
-- break;
-- case CHANNEL_G:
-- case CHANNEL_G_HT20:
-- case CHANNEL_B:
-- modesIndex = 4;
-- break;
-- case CHANNEL_G_HT40PLUS:
-- case CHANNEL_G_HT40MINUS:
-- modesIndex = 3;
-- break;
--
-- default:
-- return -EINVAL;
-- }
-+ if (IS_CHAN_5GHZ(chan))
-+ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
-+ else
-+ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
-
- /*
- * SOC, MAC, BB, RADIO initvals.
-@@ -814,29 +792,12 @@ static int ar9003_hw_process_ini(struct
- if (chan->channel == 2484)
- ar9003_hw_prog_ini(ah, &ah->iniCckfirJapan2484, 1);
-
-- if (AR_SREV_9462(ah) || AR_SREV_9565(ah))
-- REG_WRITE(ah, AR_GLB_SWREG_DISCONT_MODE,
-- AR_GLB_SWREG_DISCONT_EN_BT_WLAN);
--
- ah->modes_index = modesIndex;
- ar9003_hw_override_ini(ah);
- ar9003_hw_set_channel_regs(ah, chan);
- ar9003_hw_set_chain_masks(ah, ah->rxchainmask, ah->txchainmask);
- ath9k_hw_apply_txpower(ah, chan, false);
-
-- if (AR_SREV_9462(ah) || AR_SREV_9565(ah)) {
-- if (REG_READ_FIELD(ah, AR_PHY_TX_IQCAL_CONTROL_0,
-- AR_PHY_TX_IQCAL_CONTROL_0_ENABLE_TXIQ_CAL))
-- ah->enabled_cals |= TX_IQ_CAL;
-- else
-- ah->enabled_cals &= ~TX_IQ_CAL;
--
-- if (REG_READ(ah, AR_PHY_CL_CAL_CTL) & AR_PHY_CL_CAL_ENABLE)
-- ah->enabled_cals |= TX_CL_CAL;
-- else
-- ah->enabled_cals &= ~TX_CL_CAL;
-- }
--
- return 0;
- }
-
-@@ -848,8 +809,10 @@ static void ar9003_hw_set_rfmode(struct
- if (chan == NULL)
- return;
-
-- rfMode |= (IS_CHAN_B(chan) || IS_CHAN_G(chan))
-- ? AR_PHY_MODE_DYNAMIC : AR_PHY_MODE_OFDM;
-+ if (IS_CHAN_2GHZ(chan))
-+ rfMode |= AR_PHY_MODE_DYNAMIC;
-+ else
-+ rfMode |= AR_PHY_MODE_OFDM;
-
- if (IS_CHAN_A_FAST_CLOCK(ah, chan))
- rfMode |= (AR_PHY_MODE_DYNAMIC | AR_PHY_MODE_DYN_CCK_DISABLE);
-@@ -1173,6 +1136,10 @@ skip_ws_det:
- * is_on == 0 means MRC CCK is OFF (more noise imm)
- */
- bool is_on = param ? 1 : 0;
-+
-+ if (ah->caps.rx_chainmask == 1)
-+ break;
-+
- REG_RMW_FIELD(ah, AR_PHY_MRC_CCK_CTRL,
- AR_PHY_MRC_CCK_ENABLE, is_on);
- REG_RMW_FIELD(ah, AR_PHY_MRC_CCK_CTRL,
-@@ -1273,12 +1240,11 @@ static void ar9003_hw_ani_cache_ini_regs
- aniState = &ah->ani;
- iniDef = &aniState->iniDef;
-
-- ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz/0x%x\n",
-+ ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz\n",
- ah->hw_version.macVersion,
- ah->hw_version.macRev,
- ah->opmode,
-- chan->channel,
-- chan->channelFlags);
-+ chan->channel);
-
- val = REG_READ(ah, AR_PHY_SFCORR);
- iniDef->m1Thresh = MS(val, AR_PHY_SFCORR_M1_THRESH);
-@@ -1413,65 +1379,111 @@ static void ar9003_hw_antdiv_comb_conf_s
- REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
- }
-
--static void ar9003_hw_antctrl_shared_chain_lnadiv(struct ath_hw *ah,
-- bool enable)
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+
-+static void ar9003_hw_set_bt_ant_diversity(struct ath_hw *ah, bool enable)
- {
-+ struct ath9k_hw_capabilities *pCap = &ah->caps;
- u8 ant_div_ctl1;
- u32 regval;
-
-- if (!AR_SREV_9565(ah))
-+ if (!AR_SREV_9485(ah) && !AR_SREV_9565(ah))
- return;
-
-- ah->shared_chain_lnadiv = enable;
-+ if (AR_SREV_9485(ah)) {
-+ regval = ar9003_hw_ant_ctrl_common_2_get(ah,
-+ IS_CHAN_2GHZ(ah->curchan));
-+ if (enable) {
-+ regval &= ~AR_SWITCH_TABLE_COM2_ALL;
-+ regval |= ah->config.ant_ctrl_comm2g_switch_enable;
-+ }
-+ REG_RMW_FIELD(ah, AR_PHY_SWITCH_COM_2,
-+ AR_SWITCH_TABLE_COM2_ALL, regval);
-+ }
-+
- ant_div_ctl1 = ah->eep_ops->get_eeprom(ah, EEP_ANT_DIV_CTL1);
-
-+ /*
-+ * Set MAIN/ALT LNA conf.
-+ * Set MAIN/ALT gain_tb.
-+ */
- regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
- regval &= (~AR_ANT_DIV_CTRL_ALL);
- regval |= (ant_div_ctl1 & 0x3f) << AR_ANT_DIV_CTRL_ALL_S;
-- regval &= ~AR_PHY_ANT_DIV_LNADIV;
-- regval |= ((ant_div_ctl1 >> 6) & 0x1) << AR_PHY_ANT_DIV_LNADIV_S;
--
-- if (enable)
-- regval |= AR_ANT_DIV_ENABLE;
--
- REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
-
-- regval = REG_READ(ah, AR_PHY_CCK_DETECT);
-- regval &= ~AR_FAST_DIV_ENABLE;
-- regval |= ((ant_div_ctl1 >> 7) & 0x1) << AR_FAST_DIV_ENABLE_S;
--
-- if (enable)
-- regval |= AR_FAST_DIV_ENABLE;
--
-- REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
--
-- if (enable) {
-- REG_SET_BIT(ah, AR_PHY_MC_GAIN_CTRL,
-- (1 << AR_PHY_ANT_SW_RX_PROT_S));
-- if (ah->curchan && IS_CHAN_2GHZ(ah->curchan))
-- REG_SET_BIT(ah, AR_PHY_RESTART,
-- AR_PHY_RESTART_ENABLE_DIV_M2FLAG);
-- REG_SET_BIT(ah, AR_BTCOEX_WL_LNADIV,
-- AR_BTCOEX_WL_LNADIV_FORCE_ON);
-- } else {
-- REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL, AR_ANT_DIV_ENABLE);
-- REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL,
-- (1 << AR_PHY_ANT_SW_RX_PROT_S));
-- REG_CLR_BIT(ah, AR_PHY_CCK_DETECT, AR_FAST_DIV_ENABLE);
-- REG_CLR_BIT(ah, AR_BTCOEX_WL_LNADIV,
-- AR_BTCOEX_WL_LNADIV_FORCE_ON);
--
-+ if (AR_SREV_9485_11_OR_LATER(ah)) {
-+ /*
-+ * Enable LNA diversity.
-+ */
- regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
-- regval &= ~(AR_PHY_ANT_DIV_MAIN_LNACONF |
-- AR_PHY_ANT_DIV_ALT_LNACONF |
-- AR_PHY_ANT_DIV_MAIN_GAINTB |
-- AR_PHY_ANT_DIV_ALT_GAINTB);
-- regval |= (AR_PHY_ANT_DIV_LNA1 << AR_PHY_ANT_DIV_MAIN_LNACONF_S);
-- regval |= (AR_PHY_ANT_DIV_LNA2 << AR_PHY_ANT_DIV_ALT_LNACONF_S);
-+ regval &= ~AR_PHY_ANT_DIV_LNADIV;
-+ regval |= ((ant_div_ctl1 >> 6) & 0x1) << AR_PHY_ANT_DIV_LNADIV_S;
-+ if (enable)
-+ regval |= AR_ANT_DIV_ENABLE;
-+
- REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
-+
-+ /*
-+ * Enable fast antenna diversity.
-+ */
-+ regval = REG_READ(ah, AR_PHY_CCK_DETECT);
-+ regval &= ~AR_FAST_DIV_ENABLE;
-+ regval |= ((ant_div_ctl1 >> 7) & 0x1) << AR_FAST_DIV_ENABLE_S;
-+ if (enable)
-+ regval |= AR_FAST_DIV_ENABLE;
-+
-+ REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
-+
-+ if (pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
-+ regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
-+ regval &= (~(AR_PHY_ANT_DIV_MAIN_LNACONF |
-+ AR_PHY_ANT_DIV_ALT_LNACONF |
-+ AR_PHY_ANT_DIV_ALT_GAINTB |
-+ AR_PHY_ANT_DIV_MAIN_GAINTB));
-+ /*
-+ * Set MAIN to LNA1 and ALT to LNA2 at the
-+ * beginning.
-+ */
-+ regval |= (ATH_ANT_DIV_COMB_LNA1 <<
-+ AR_PHY_ANT_DIV_MAIN_LNACONF_S);
-+ regval |= (ATH_ANT_DIV_COMB_LNA2 <<
-+ AR_PHY_ANT_DIV_ALT_LNACONF_S);
-+ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
-+ }
-+ } else if (AR_SREV_9565(ah)) {
-+ if (enable) {
-+ REG_SET_BIT(ah, AR_PHY_MC_GAIN_CTRL,
-+ (1 << AR_PHY_ANT_SW_RX_PROT_S));
-+ if (ah->curchan && IS_CHAN_2GHZ(ah->curchan))
-+ REG_SET_BIT(ah, AR_PHY_RESTART,
-+ AR_PHY_RESTART_ENABLE_DIV_M2FLAG);
-+ REG_SET_BIT(ah, AR_BTCOEX_WL_LNADIV,
-+ AR_BTCOEX_WL_LNADIV_FORCE_ON);
-+ } else {
-+ REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL, AR_ANT_DIV_ENABLE);
-+ REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL,
-+ (1 << AR_PHY_ANT_SW_RX_PROT_S));
-+ REG_CLR_BIT(ah, AR_PHY_CCK_DETECT, AR_FAST_DIV_ENABLE);
-+ REG_CLR_BIT(ah, AR_BTCOEX_WL_LNADIV,
-+ AR_BTCOEX_WL_LNADIV_FORCE_ON);
-+
-+ regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
-+ regval &= ~(AR_PHY_ANT_DIV_MAIN_LNACONF |
-+ AR_PHY_ANT_DIV_ALT_LNACONF |
-+ AR_PHY_ANT_DIV_MAIN_GAINTB |
-+ AR_PHY_ANT_DIV_ALT_GAINTB);
-+ regval |= (ATH_ANT_DIV_COMB_LNA1 <<
-+ AR_PHY_ANT_DIV_MAIN_LNACONF_S);
-+ regval |= (ATH_ANT_DIV_COMB_LNA2 <<
-+ AR_PHY_ANT_DIV_ALT_LNACONF_S);
-+ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
-+ }
- }
- }
-
-+#endif
-+
- static int ar9003_hw_fast_chan_change(struct ath_hw *ah,
- struct ath9k_channel *chan,
- u8 *ini_reloaded)
-@@ -1479,28 +1491,10 @@ static int ar9003_hw_fast_chan_change(st
- unsigned int regWrites = 0;
- u32 modesIndex;
-
-- switch (chan->chanmode) {
-- case CHANNEL_A:
-- case CHANNEL_A_HT20:
-- modesIndex = 1;
-- break;
-- case CHANNEL_A_HT40PLUS:
-- case CHANNEL_A_HT40MINUS:
-- modesIndex = 2;
-- break;
-- case CHANNEL_G:
-- case CHANNEL_G_HT20:
-- case CHANNEL_B:
-- modesIndex = 4;
-- break;
-- case CHANNEL_G_HT40PLUS:
-- case CHANNEL_G_HT40MINUS:
-- modesIndex = 3;
-- break;
--
-- default:
-- return -EINVAL;
-- }
-+ if (IS_CHAN_5GHZ(chan))
-+ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
-+ else
-+ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
-
- if (modesIndex == ah->modes_index) {
- *ini_reloaded = false;
-@@ -1518,6 +1512,18 @@ static int ar9003_hw_fast_chan_change(st
-
- REG_WRITE_ARRAY(&ah->iniModesTxGain, modesIndex, regWrites);
-
-+ if (AR_SREV_9462_20_OR_LATER(ah)) {
-+ /*
-+ * CUS217 mix LNA mode.
-+ */
-+ if (ar9003_hw_get_rx_gain_idx(ah) == 2) {
-+ REG_WRITE_ARRAY(&ah->ini_modes_rxgain_bb_core,
-+ 1, regWrites);
-+ REG_WRITE_ARRAY(&ah->ini_modes_rxgain_bb_postamble,
-+ modesIndex, regWrites);
-+ }
-+ }
-+
- /*
- * For 5GHz channels requiring Fast Clock, apply
- * different modal values.
-@@ -1528,7 +1534,11 @@ static int ar9003_hw_fast_chan_change(st
- if (AR_SREV_9565(ah))
- REG_WRITE_ARRAY(&ah->iniModesFastClock, 1, regWrites);
-
-- REG_WRITE_ARRAY(&ah->iniAdditional, 1, regWrites);
-+ /*
-+ * JAPAN regulatory.
-+ */
-+ if (chan->channel == 2484)
-+ ar9003_hw_prog_ini(ah, &ah->iniCckfirJapan2484, 1);
-
- ah->modes_index = modesIndex;
- *ini_reloaded = true;
-@@ -1631,11 +1641,14 @@ void ar9003_hw_attach_phy_ops(struct ath
-
- ops->antdiv_comb_conf_get = ar9003_hw_antdiv_comb_conf_get;
- ops->antdiv_comb_conf_set = ar9003_hw_antdiv_comb_conf_set;
-- ops->antctrl_shared_chain_lnadiv = ar9003_hw_antctrl_shared_chain_lnadiv;
- ops->spectral_scan_config = ar9003_hw_spectral_scan_config;
- ops->spectral_scan_trigger = ar9003_hw_spectral_scan_trigger;
- ops->spectral_scan_wait = ar9003_hw_spectral_scan_wait;
-
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+ ops->set_bt_ant_diversity = ar9003_hw_set_bt_ant_diversity;
-+#endif
-+
- ar9003_hw_set_nf_limits(ah);
- ar9003_hw_set_radar_conf(ah);
- memcpy(ah->nf_regs, ar9300_cca_regs, sizeof(ah->nf_regs));
---- a/drivers/net/wireless/ath/ath9k/recv.c
-+++ b/drivers/net/wireless/ath/ath9k/recv.c
-@@ -19,7 +19,7 @@
- #include "ath9k.h"
- #include "ar9003_mac.h"
-
--#define SKB_CB_ATHBUF(__skb) (*((struct ath_buf **)__skb->cb))
-+#define SKB_CB_ATHBUF(__skb) (*((struct ath_rxbuf **)__skb->cb))
-
- static inline bool ath9k_check_auto_sleep(struct ath_softc *sc)
- {
-@@ -35,15 +35,13 @@ static inline bool ath9k_check_auto_slee
- * buffer (or rx fifo). This can incorrectly acknowledge packets
- * to a sender if last desc is self-linked.
- */
--static void ath_rx_buf_link(struct ath_softc *sc, struct ath_buf *bf)
-+static void ath_rx_buf_link(struct ath_softc *sc, struct ath_rxbuf *bf)
- {
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
- struct ath_desc *ds;
- struct sk_buff *skb;
-
-- ATH_RXBUF_RESET(bf);
--
- ds = bf->bf_desc;
- ds->ds_link = 0; /* link to null */
- ds->ds_data = bf->bf_buf_addr;
-@@ -70,6 +68,14 @@ static void ath_rx_buf_link(struct ath_s
- sc->rx.rxlink = &ds->ds_link;
- }
-
-+static void ath_rx_buf_relink(struct ath_softc *sc, struct ath_rxbuf *bf)
-+{
-+ if (sc->rx.buf_hold)
-+ ath_rx_buf_link(sc, sc->rx.buf_hold);
-+
-+ sc->rx.buf_hold = bf;
-+}
-+
- static void ath_setdefantenna(struct ath_softc *sc, u32 antenna)
- {
- /* XXX block beacon interrupts */
-@@ -106,18 +112,17 @@ static bool ath_rx_edma_buf_link(struct
- struct ath_hw *ah = sc->sc_ah;
- struct ath_rx_edma *rx_edma;
- struct sk_buff *skb;
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
-
- rx_edma = &sc->rx.rx_edma[qtype];
- if (skb_queue_len(&rx_edma->rx_fifo) >= rx_edma->rx_fifo_hwsize)
- return false;
-
-- bf = list_first_entry(&sc->rx.rxbuf, struct ath_buf, list);
-+ bf = list_first_entry(&sc->rx.rxbuf, struct ath_rxbuf, list);
- list_del_init(&bf->list);
-
- skb = bf->bf_mpdu;
-
-- ATH_RXBUF_RESET(bf);
- memset(skb->data, 0, ah->caps.rx_status_len);
- dma_sync_single_for_device(sc->dev, bf->bf_buf_addr,
- ah->caps.rx_status_len, DMA_TO_DEVICE);
-@@ -133,7 +138,7 @@ static void ath_rx_addbuffer_edma(struct
- enum ath9k_rx_qtype qtype)
- {
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
-- struct ath_buf *bf, *tbf;
-+ struct ath_rxbuf *bf, *tbf;
-
- if (list_empty(&sc->rx.rxbuf)) {
- ath_dbg(common, QUEUE, "No free rx buf available\n");
-@@ -149,7 +154,7 @@ static void ath_rx_addbuffer_edma(struct
- static void ath_rx_remove_buffer(struct ath_softc *sc,
- enum ath9k_rx_qtype qtype)
- {
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
- struct ath_rx_edma *rx_edma;
- struct sk_buff *skb;
-
-@@ -166,7 +171,7 @@ static void ath_rx_edma_cleanup(struct a
- {
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
-
- ath_rx_remove_buffer(sc, ATH9K_RX_QUEUE_LP);
- ath_rx_remove_buffer(sc, ATH9K_RX_QUEUE_HP);
-@@ -185,7 +190,7 @@ static void ath_rx_edma_cleanup(struct a
-
- static void ath_rx_edma_init_queue(struct ath_rx_edma *rx_edma, int size)
- {
-- skb_queue_head_init(&rx_edma->rx_fifo);
-+ __skb_queue_head_init(&rx_edma->rx_fifo);
- rx_edma->rx_fifo_hwsize = size;
- }
-
-@@ -194,7 +199,7 @@ static int ath_rx_edma_init(struct ath_s
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
- struct ath_hw *ah = sc->sc_ah;
- struct sk_buff *skb;
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
- int error = 0, i;
- u32 size;
-
-@@ -206,7 +211,7 @@ static int ath_rx_edma_init(struct ath_s
- ath_rx_edma_init_queue(&sc->rx.rx_edma[ATH9K_RX_QUEUE_HP],
- ah->caps.rx_hp_qdepth);
-
-- size = sizeof(struct ath_buf) * nbufs;
-+ size = sizeof(struct ath_rxbuf) * nbufs;
- bf = devm_kzalloc(sc->dev, size, GFP_KERNEL);
- if (!bf)
- return -ENOMEM;
-@@ -266,7 +271,7 @@ int ath_rx_init(struct ath_softc *sc, in
- {
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
- struct sk_buff *skb;
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
- int error = 0;
-
- spin_lock_init(&sc->sc_pcu_lock);
-@@ -327,7 +332,7 @@ void ath_rx_cleanup(struct ath_softc *sc
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
- struct sk_buff *skb;
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
-
- if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) {
- ath_rx_edma_cleanup(sc);
-@@ -422,7 +427,7 @@ u32 ath_calcrxfilter(struct ath_softc *s
- int ath_startrecv(struct ath_softc *sc)
- {
- struct ath_hw *ah = sc->sc_ah;
-- struct ath_buf *bf, *tbf;
-+ struct ath_rxbuf *bf, *tbf;
-
- if (ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) {
- ath_edma_start_recv(sc);
-@@ -432,6 +437,7 @@ int ath_startrecv(struct ath_softc *sc)
- if (list_empty(&sc->rx.rxbuf))
- goto start_recv;
-
-+ sc->rx.buf_hold = NULL;
- sc->rx.rxlink = NULL;
- list_for_each_entry_safe(bf, tbf, &sc->rx.rxbuf, list) {
- ath_rx_buf_link(sc, bf);
-@@ -441,7 +447,7 @@ int ath_startrecv(struct ath_softc *sc)
- if (list_empty(&sc->rx.rxbuf))
- goto start_recv;
-
-- bf = list_first_entry(&sc->rx.rxbuf, struct ath_buf, list);
-+ bf = list_first_entry(&sc->rx.rxbuf, struct ath_rxbuf, list);
- ath9k_hw_putrxbuf(ah, bf->bf_daddr);
- ath9k_hw_rxena(ah);
-
-@@ -597,13 +603,13 @@ static void ath_rx_ps(struct ath_softc *
- static bool ath_edma_get_buffers(struct ath_softc *sc,
- enum ath9k_rx_qtype qtype,
- struct ath_rx_status *rs,
-- struct ath_buf **dest)
-+ struct ath_rxbuf **dest)
- {
- struct ath_rx_edma *rx_edma = &sc->rx.rx_edma[qtype];
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
- struct sk_buff *skb;
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
- int ret;
-
- skb = skb_peek(&rx_edma->rx_fifo);
-@@ -647,11 +653,11 @@ static bool ath_edma_get_buffers(struct
- return true;
- }
-
--static struct ath_buf *ath_edma_get_next_rx_buf(struct ath_softc *sc,
-+static struct ath_rxbuf *ath_edma_get_next_rx_buf(struct ath_softc *sc,
- struct ath_rx_status *rs,
- enum ath9k_rx_qtype qtype)
- {
-- struct ath_buf *bf = NULL;
-+ struct ath_rxbuf *bf = NULL;
-
- while (ath_edma_get_buffers(sc, qtype, rs, &bf)) {
- if (!bf)
-@@ -662,13 +668,13 @@ static struct ath_buf *ath_edma_get_next
- return NULL;
- }
-
--static struct ath_buf *ath_get_next_rx_buf(struct ath_softc *sc,
-+static struct ath_rxbuf *ath_get_next_rx_buf(struct ath_softc *sc,
- struct ath_rx_status *rs)
- {
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
- struct ath_desc *ds;
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
- int ret;
-
- if (list_empty(&sc->rx.rxbuf)) {
-@@ -676,7 +682,10 @@ static struct ath_buf *ath_get_next_rx_b
- return NULL;
- }
-
-- bf = list_first_entry(&sc->rx.rxbuf, struct ath_buf, list);
-+ bf = list_first_entry(&sc->rx.rxbuf, struct ath_rxbuf, list);
-+ if (bf == sc->rx.buf_hold)
-+ return NULL;
-+
- ds = bf->bf_desc;
-
- /*
-@@ -693,7 +702,7 @@ static struct ath_buf *ath_get_next_rx_b
- ret = ath9k_hw_rxprocdesc(ah, ds, rs);
- if (ret == -EINPROGRESS) {
- struct ath_rx_status trs;
-- struct ath_buf *tbf;
-+ struct ath_rxbuf *tbf;
- struct ath_desc *tds;
-
- memset(&trs, 0, sizeof(trs));
-@@ -702,7 +711,7 @@ static struct ath_buf *ath_get_next_rx_b
- return NULL;
- }
-
-- tbf = list_entry(bf->list.next, struct ath_buf, list);
-+ tbf = list_entry(bf->list.next, struct ath_rxbuf, list);
-
- /*
- * On some hardware the descriptor status words could
-@@ -755,7 +764,6 @@ static bool ath9k_rx_accept(struct ath_c
- bool is_mc, is_valid_tkip, strip_mic, mic_error;
- struct ath_hw *ah = common->ah;
- __le16 fc;
-- u8 rx_status_len = ah->caps.rx_status_len;
-
- fc = hdr->frame_control;
-
-@@ -777,25 +785,6 @@ static bool ath9k_rx_accept(struct ath_c
- !test_bit(rx_stats->rs_keyix, common->ccmp_keymap))
- rx_stats->rs_status &= ~ATH9K_RXERR_KEYMISS;
-
-- if (!rx_stats->rs_datalen) {
-- RX_STAT_INC(rx_len_err);
-- return false;
-- }
--
-- /*
-- * rs_status follows rs_datalen so if rs_datalen is too large
-- * we can take a hint that hardware corrupted it, so ignore
-- * those frames.
-- */
-- if (rx_stats->rs_datalen > (common->rx_bufsize - rx_status_len)) {
-- RX_STAT_INC(rx_len_err);
-- return false;
-- }
--
-- /* Only use error bits from the last fragment */
-- if (rx_stats->rs_more)
-- return true;
--
- mic_error = is_valid_tkip && !ieee80211_is_ctl(fc) &&
- !ieee80211_has_morefrags(fc) &&
- !(le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG) &&
-@@ -814,8 +803,6 @@ static bool ath9k_rx_accept(struct ath_c
- rxs->flag |= RX_FLAG_FAILED_FCS_CRC;
- mic_error = false;
- }
-- if (rx_stats->rs_status & ATH9K_RXERR_PHY)
-- return false;
-
- if ((rx_stats->rs_status & ATH9K_RXERR_DECRYPT) ||
- (!is_mc && (rx_stats->rs_status & ATH9K_RXERR_KEYMISS))) {
-@@ -898,129 +885,65 @@ static int ath9k_process_rate(struct ath
-
- static void ath9k_process_rssi(struct ath_common *common,
- struct ieee80211_hw *hw,
-- struct ieee80211_hdr *hdr,
-- struct ath_rx_status *rx_stats)
-+ struct ath_rx_status *rx_stats,
-+ struct ieee80211_rx_status *rxs)
- {
- struct ath_softc *sc = hw->priv;
- struct ath_hw *ah = common->ah;
- int last_rssi;
- int rssi = rx_stats->rs_rssi;
-
-- if (!rx_stats->is_mybeacon ||
-- ((ah->opmode != NL80211_IFTYPE_STATION) &&
-- (ah->opmode != NL80211_IFTYPE_ADHOC)))
-+ /*
-+ * RSSI is not available for subframes in an A-MPDU.
-+ */
-+ if (rx_stats->rs_moreaggr) {
-+ rxs->flag |= RX_FLAG_NO_SIGNAL_VAL;
- return;
--
-- if (rx_stats->rs_rssi != ATH9K_RSSI_BAD && !rx_stats->rs_moreaggr)
-- ATH_RSSI_LPF(sc->last_rssi, rx_stats->rs_rssi);
--
-- last_rssi = sc->last_rssi;
-- if (likely(last_rssi != ATH_RSSI_DUMMY_MARKER))
-- rssi = ATH_EP_RND(last_rssi, ATH_RSSI_EP_MULTIPLIER);
-- if (rssi < 0)
-- rssi = 0;
--
-- /* Update Beacon RSSI, this is used by ANI. */
-- ah->stats.avgbrssi = rssi;
--}
--
--/*
-- * For Decrypt or Demic errors, we only mark packet status here and always push
-- * up the frame up to let mac80211 handle the actual error case, be it no
-- * decryption key or real decryption error. This let us keep statistics there.
-- */
--static int ath9k_rx_skb_preprocess(struct ath_softc *sc,
-- struct ieee80211_hdr *hdr,
-- struct ath_rx_status *rx_stats,
-- struct ieee80211_rx_status *rx_status,
-- bool *decrypt_error)
--{
-- struct ieee80211_hw *hw = sc->hw;
-- struct ath_hw *ah = sc->sc_ah;
-- struct ath_common *common = ath9k_hw_common(ah);
-- bool discard_current = sc->rx.discard_next;
--
-- sc->rx.discard_next = rx_stats->rs_more;
-- if (discard_current)
-- return -EINVAL;
-+ }
-
- /*
-- * everything but the rate is checked here, the rate check is done
-- * separately to avoid doing two lookups for a rate for each frame.
-+ * Check if the RSSI for the last subframe in an A-MPDU
-+ * or an unaggregated frame is valid.
- */
-- if (!ath9k_rx_accept(common, hdr, rx_status, rx_stats, decrypt_error))
-- return -EINVAL;
--
-- /* Only use status info from the last fragment */
-- if (rx_stats->rs_more)
-- return 0;
-+ if (rx_stats->rs_rssi == ATH9K_RSSI_BAD) {
-+ rxs->flag |= RX_FLAG_NO_SIGNAL_VAL;
-+ return;
-+ }
-
-- if (ath9k_process_rate(common, hw, rx_stats, rx_status))
-- return -EINVAL;
-+ /*
-+ * Update Beacon RSSI, this is used by ANI.
-+ */
-+ if (rx_stats->is_mybeacon &&
-+ ((ah->opmode == NL80211_IFTYPE_STATION) ||
-+ (ah->opmode == NL80211_IFTYPE_ADHOC))) {
-+ ATH_RSSI_LPF(sc->last_rssi, rx_stats->rs_rssi);
-+ last_rssi = sc->last_rssi;
-
-- ath9k_process_rssi(common, hw, hdr, rx_stats);
-+ if (likely(last_rssi != ATH_RSSI_DUMMY_MARKER))
-+ rssi = ATH_EP_RND(last_rssi, ATH_RSSI_EP_MULTIPLIER);
-+ if (rssi < 0)
-+ rssi = 0;
-
-- rx_status->band = hw->conf.chandef.chan->band;
-- rx_status->freq = hw->conf.chandef.chan->center_freq;
-- rx_status->signal = ah->noise + rx_stats->rs_rssi;
-- rx_status->antenna = rx_stats->rs_antenna;
-- rx_status->flag |= RX_FLAG_MACTIME_END;
-- if (rx_stats->rs_moreaggr)
-- rx_status->flag |= RX_FLAG_NO_SIGNAL_VAL;
-+ ah->stats.avgbrssi = rssi;
-+ }
-
-- sc->rx.discard_next = false;
-- return 0;
-+ rxs->signal = ah->noise + rx_stats->rs_rssi;
- }
-
--static void ath9k_rx_skb_postprocess(struct ath_common *common,
-- struct sk_buff *skb,
-- struct ath_rx_status *rx_stats,
-- struct ieee80211_rx_status *rxs,
-- bool decrypt_error)
-+static void ath9k_process_tsf(struct ath_rx_status *rs,
-+ struct ieee80211_rx_status *rxs,
-+ u64 tsf)
- {
-- struct ath_hw *ah = common->ah;
-- struct ieee80211_hdr *hdr;
-- int hdrlen, padpos, padsize;
-- u8 keyix;
-- __le16 fc;
-+ u32 tsf_lower = tsf & 0xffffffff;
-
-- /* see if any padding is done by the hw and remove it */
-- hdr = (struct ieee80211_hdr *) skb->data;
-- hdrlen = ieee80211_get_hdrlen_from_skb(skb);
-- fc = hdr->frame_control;
-- padpos = ieee80211_hdrlen(fc);
-+ rxs->mactime = (tsf & ~0xffffffffULL) | rs->rs_tstamp;
-+ if (rs->rs_tstamp > tsf_lower &&
-+ unlikely(rs->rs_tstamp - tsf_lower > 0x10000000))
-+ rxs->mactime -= 0x100000000ULL;
-
-- /* The MAC header is padded to have 32-bit boundary if the
-- * packet payload is non-zero. The general calculation for
-- * padsize would take into account odd header lengths:
-- * padsize = (4 - padpos % 4) % 4; However, since only
-- * even-length headers are used, padding can only be 0 or 2
-- * bytes and we can optimize this a bit. In addition, we must
-- * not try to remove padding from short control frames that do
-- * not have payload. */
-- padsize = padpos & 3;
-- if (padsize && skb->len>=padpos+padsize+FCS_LEN) {
-- memmove(skb->data + padsize, skb->data, padpos);
-- skb_pull(skb, padsize);
-- }
--
-- keyix = rx_stats->rs_keyix;
--
-- if (!(keyix == ATH9K_RXKEYIX_INVALID) && !decrypt_error &&
-- ieee80211_has_protected(fc)) {
-- rxs->flag |= RX_FLAG_DECRYPTED;
-- } else if (ieee80211_has_protected(fc)
-- && !decrypt_error && skb->len >= hdrlen + 4) {
-- keyix = skb->data[hdrlen + 3] >> 6;
--
-- if (test_bit(keyix, common->keymap))
-- rxs->flag |= RX_FLAG_DECRYPTED;
-- }
-- if (ah->sw_mgmt_crypto &&
-- (rxs->flag & RX_FLAG_DECRYPTED) &&
-- ieee80211_is_mgmt(fc))
-- /* Use software decrypt for management frames. */
-- rxs->flag &= ~RX_FLAG_DECRYPTED;
-+ if (rs->rs_tstamp < tsf_lower &&
-+ unlikely(tsf_lower - rs->rs_tstamp > 0x10000000))
-+ rxs->mactime += 0x100000000ULL;
- }
-
- #ifdef CPTCFG_ATH9K_DEBUGFS
-@@ -1133,6 +1056,234 @@ static int ath_process_fft(struct ath_so
- #endif
- }
-
-+static bool ath9k_is_mybeacon(struct ath_softc *sc, struct ieee80211_hdr *hdr)
-+{
-+ struct ath_hw *ah = sc->sc_ah;
-+ struct ath_common *common = ath9k_hw_common(ah);
-+
-+ if (ieee80211_is_beacon(hdr->frame_control)) {
-+ RX_STAT_INC(rx_beacons);
-+ if (!is_zero_ether_addr(common->curbssid) &&
-+ ether_addr_equal(hdr->addr3, common->curbssid))
-+ return true;
-+ }
-+
-+ return false;
-+}
-+
-+/*
-+ * For Decrypt or Demic errors, we only mark packet status here and always push
-+ * up the frame up to let mac80211 handle the actual error case, be it no
-+ * decryption key or real decryption error. This let us keep statistics there.
-+ */
-+static int ath9k_rx_skb_preprocess(struct ath_softc *sc,
-+ struct sk_buff *skb,
-+ struct ath_rx_status *rx_stats,
-+ struct ieee80211_rx_status *rx_status,
-+ bool *decrypt_error, u64 tsf)
-+{
-+ struct ieee80211_hw *hw = sc->hw;
-+ struct ath_hw *ah = sc->sc_ah;
-+ struct ath_common *common = ath9k_hw_common(ah);
-+ struct ieee80211_hdr *hdr;
-+ bool discard_current = sc->rx.discard_next;
-+ int ret = 0;
-+
-+ /*
-+ * Discard corrupt descriptors which are marked in
-+ * ath_get_next_rx_buf().
-+ */
-+ sc->rx.discard_next = rx_stats->rs_more;
-+ if (discard_current)
-+ return -EINVAL;
-+
-+ /*
-+ * Discard zero-length packets.
-+ */
-+ if (!rx_stats->rs_datalen) {
-+ RX_STAT_INC(rx_len_err);
-+ return -EINVAL;
-+ }
-+
-+ /*
-+ * rs_status follows rs_datalen so if rs_datalen is too large
-+ * we can take a hint that hardware corrupted it, so ignore
-+ * those frames.
-+ */
-+ if (rx_stats->rs_datalen > (common->rx_bufsize - ah->caps.rx_status_len)) {
-+ RX_STAT_INC(rx_len_err);
-+ return -EINVAL;
-+ }
-+
-+ /* Only use status info from the last fragment */
-+ if (rx_stats->rs_more)
-+ return 0;
-+
-+ /*
-+ * Return immediately if the RX descriptor has been marked
-+ * as corrupt based on the various error bits.
-+ *
-+ * This is different from the other corrupt descriptor
-+ * condition handled above.
-+ */
-+ if (rx_stats->rs_status & ATH9K_RXERR_CORRUPT_DESC) {
-+ ret = -EINVAL;
-+ goto exit;
-+ }
-+
-+ hdr = (struct ieee80211_hdr *) (skb->data + ah->caps.rx_status_len);
-+
-+ ath9k_process_tsf(rx_stats, rx_status, tsf);
-+ ath_debug_stat_rx(sc, rx_stats);
-+
-+ /*
-+ * Process PHY errors and return so that the packet
-+ * can be dropped.
-+ */
-+ if (rx_stats->rs_status & ATH9K_RXERR_PHY) {
-+ ath9k_dfs_process_phyerr(sc, hdr, rx_stats, rx_status->mactime);
-+ if (ath_process_fft(sc, hdr, rx_stats, rx_status->mactime))
-+ RX_STAT_INC(rx_spectral);
-+
-+ ret = -EINVAL;
-+ goto exit;
-+ }
-+
-+ /*
-+ * everything but the rate is checked here, the rate check is done
-+ * separately to avoid doing two lookups for a rate for each frame.
-+ */
-+ if (!ath9k_rx_accept(common, hdr, rx_status, rx_stats, decrypt_error)) {
-+ ret = -EINVAL;
-+ goto exit;
-+ }
-+
-+ rx_stats->is_mybeacon = ath9k_is_mybeacon(sc, hdr);
-+ if (rx_stats->is_mybeacon) {
-+ sc->hw_busy_count = 0;
-+ ath_start_rx_poll(sc, 3);
-+ }
-+
-+ if (ath9k_process_rate(common, hw, rx_stats, rx_status)) {
-+ ret =-EINVAL;
-+ goto exit;
-+ }
-+
-+ ath9k_process_rssi(common, hw, rx_stats, rx_status);
-+
-+ rx_status->band = hw->conf.chandef.chan->band;
-+ rx_status->freq = hw->conf.chandef.chan->center_freq;
-+ rx_status->antenna = rx_stats->rs_antenna;
-+ rx_status->flag |= RX_FLAG_MACTIME_END;
-+
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+ if (ieee80211_is_data_present(hdr->frame_control) &&
-+ !ieee80211_is_qos_nullfunc(hdr->frame_control))
-+ sc->rx.num_pkts++;
-+#endif
-+
-+exit:
-+ sc->rx.discard_next = false;
-+ return ret;
-+}
-+
-+static void ath9k_rx_skb_postprocess(struct ath_common *common,
-+ struct sk_buff *skb,
-+ struct ath_rx_status *rx_stats,
-+ struct ieee80211_rx_status *rxs,
-+ bool decrypt_error)
-+{
-+ struct ath_hw *ah = common->ah;
-+ struct ieee80211_hdr *hdr;
-+ int hdrlen, padpos, padsize;
-+ u8 keyix;
-+ __le16 fc;
-+
-+ /* see if any padding is done by the hw and remove it */
-+ hdr = (struct ieee80211_hdr *) skb->data;
-+ hdrlen = ieee80211_get_hdrlen_from_skb(skb);
-+ fc = hdr->frame_control;
-+ padpos = ieee80211_hdrlen(fc);
-+
-+ /* The MAC header is padded to have 32-bit boundary if the
-+ * packet payload is non-zero. The general calculation for
-+ * padsize would take into account odd header lengths:
-+ * padsize = (4 - padpos % 4) % 4; However, since only
-+ * even-length headers are used, padding can only be 0 or 2
-+ * bytes and we can optimize this a bit. In addition, we must
-+ * not try to remove padding from short control frames that do
-+ * not have payload. */
-+ padsize = padpos & 3;
-+ if (padsize && skb->len>=padpos+padsize+FCS_LEN) {
-+ memmove(skb->data + padsize, skb->data, padpos);
-+ skb_pull(skb, padsize);
-+ }
-+
-+ keyix = rx_stats->rs_keyix;
-+
-+ if (!(keyix == ATH9K_RXKEYIX_INVALID) && !decrypt_error &&
-+ ieee80211_has_protected(fc)) {
-+ rxs->flag |= RX_FLAG_DECRYPTED;
-+ } else if (ieee80211_has_protected(fc)
-+ && !decrypt_error && skb->len >= hdrlen + 4) {
-+ keyix = skb->data[hdrlen + 3] >> 6;
-+
-+ if (test_bit(keyix, common->keymap))
-+ rxs->flag |= RX_FLAG_DECRYPTED;
-+ }
-+ if (ah->sw_mgmt_crypto &&
-+ (rxs->flag & RX_FLAG_DECRYPTED) &&
-+ ieee80211_is_mgmt(fc))
-+ /* Use software decrypt for management frames. */
-+ rxs->flag &= ~RX_FLAG_DECRYPTED;
-+}
-+
-+/*
-+ * Run the LNA combining algorithm only in these cases:
-+ *
-+ * Standalone WLAN cards with both LNA/Antenna diversity
-+ * enabled in the EEPROM.
-+ *
-+ * WLAN+BT cards which are in the supported card list
-+ * in ath_pci_id_table and the user has loaded the
-+ * driver with "bt_ant_diversity" set to true.
-+ */
-+static void ath9k_antenna_check(struct ath_softc *sc,
-+ struct ath_rx_status *rs)
-+{
-+ struct ath_hw *ah = sc->sc_ah;
-+ struct ath9k_hw_capabilities *pCap = &ah->caps;
-+ struct ath_common *common = ath9k_hw_common(ah);
-+
-+ if (!(ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB))
-+ return;
-+
-+ /*
-+ * All MPDUs in an aggregate will use the same LNA
-+ * as the first MPDU.
-+ */
-+ if (rs->rs_isaggr && !rs->rs_firstaggr)
-+ return;
-+
-+ /*
-+ * Change the default rx antenna if rx diversity
-+ * chooses the other antenna 3 times in a row.
-+ */
-+ if (sc->rx.defant != rs->rs_antenna) {
-+ if (++sc->rx.rxotherant >= 3)
-+ ath_setdefantenna(sc, rs->rs_antenna);
-+ } else {
-+ sc->rx.rxotherant = 0;
-+ }
-+
-+ if (pCap->hw_caps & ATH9K_HW_CAP_BT_ANT_DIV) {
-+ if (common->bt_ant_diversity)
-+ ath_ant_comb_scan(sc, rs);
-+ } else {
-+ ath_ant_comb_scan(sc, rs);
-+ }
-+}
-+
- static void ath9k_apply_ampdu_details(struct ath_softc *sc,
- struct ath_rx_status *rs, struct ieee80211_rx_status *rxs)
- {
-@@ -1153,21 +1304,18 @@ static void ath9k_apply_ampdu_details(st
-
- int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp)
- {
-- struct ath_buf *bf;
-+ struct ath_rxbuf *bf;
- struct sk_buff *skb = NULL, *requeue_skb, *hdr_skb;
- struct ieee80211_rx_status *rxs;
- struct ath_hw *ah = sc->sc_ah;
- struct ath_common *common = ath9k_hw_common(ah);
- struct ieee80211_hw *hw = sc->hw;
-- struct ieee80211_hdr *hdr;
- int retval;
- struct ath_rx_status rs;
- enum ath9k_rx_qtype qtype;
- bool edma = !!(ah->caps.hw_caps & ATH9K_HW_CAP_EDMA);
- int dma_type;
-- u8 rx_status_len = ah->caps.rx_status_len;
- u64 tsf = 0;
-- u32 tsf_lower = 0;
- unsigned long flags;
- dma_addr_t new_buf_addr;
-
-@@ -1179,7 +1327,6 @@ int ath_rx_tasklet(struct ath_softc *sc,
- qtype = hp ? ATH9K_RX_QUEUE_HP : ATH9K_RX_QUEUE_LP;
-
- tsf = ath9k_hw_gettsf64(ah);
-- tsf_lower = tsf & 0xffffffff;
-
- do {
- bool decrypt_error = false;
-@@ -1206,55 +1353,14 @@ int ath_rx_tasklet(struct ath_softc *sc,
- else
- hdr_skb = skb;
-
-- hdr = (struct ieee80211_hdr *) (hdr_skb->data + rx_status_len);
- rxs = IEEE80211_SKB_RXCB(hdr_skb);
-- if (ieee80211_is_beacon(hdr->frame_control)) {
-- RX_STAT_INC(rx_beacons);
-- if (!is_zero_ether_addr(common->curbssid) &&
-- ether_addr_equal(hdr->addr3, common->curbssid))
-- rs.is_mybeacon = true;
-- else
-- rs.is_mybeacon = false;
-- }
-- else
-- rs.is_mybeacon = false;
--
-- if (ieee80211_is_data_present(hdr->frame_control) &&
-- !ieee80211_is_qos_nullfunc(hdr->frame_control))
-- sc->rx.num_pkts++;
--
-- ath_debug_stat_rx(sc, &rs);
--
- memset(rxs, 0, sizeof(struct ieee80211_rx_status));
-
-- rxs->mactime = (tsf & ~0xffffffffULL) | rs.rs_tstamp;
-- if (rs.rs_tstamp > tsf_lower &&
-- unlikely(rs.rs_tstamp - tsf_lower > 0x10000000))
-- rxs->mactime -= 0x100000000ULL;
--
-- if (rs.rs_tstamp < tsf_lower &&
-- unlikely(tsf_lower - rs.rs_tstamp > 0x10000000))
-- rxs->mactime += 0x100000000ULL;
--
-- if (rs.rs_phyerr == ATH9K_PHYERR_RADAR)
-- ath9k_dfs_process_phyerr(sc, hdr, &rs, rxs->mactime);
--
-- if (rs.rs_status & ATH9K_RXERR_PHY) {
-- if (ath_process_fft(sc, hdr, &rs, rxs->mactime)) {
-- RX_STAT_INC(rx_spectral);
-- goto requeue_drop_frag;
-- }
-- }
--
-- retval = ath9k_rx_skb_preprocess(sc, hdr, &rs, rxs,
-- &decrypt_error);
-+ retval = ath9k_rx_skb_preprocess(sc, hdr_skb, &rs, rxs,
-+ &decrypt_error, tsf);
- if (retval)
- goto requeue_drop_frag;
-
-- if (rs.is_mybeacon) {
-- sc->hw_busy_count = 0;
-- ath_start_rx_poll(sc, 3);
-- }
- /* Ensure we always have an skb to requeue once we are done
- * processing the current buffer's skb */
- requeue_skb = ath_rxbuf_alloc(common, common->rx_bufsize, GFP_ATOMIC);
-@@ -1308,8 +1414,6 @@ int ath_rx_tasklet(struct ath_softc *sc,
- sc->rx.frag = skb;
- goto requeue;
- }
-- if (rs.rs_status & ATH9K_RXERR_CORRUPT_DESC)
-- goto requeue_drop_frag;
-
- if (sc->rx.frag) {
- int space = skb->len - skb_tailroom(hdr_skb);
-@@ -1328,22 +1432,6 @@ int ath_rx_tasklet(struct ath_softc *sc,
- skb = hdr_skb;
- }
-
--
-- if (ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
--
-- /*
-- * change the default rx antenna if rx diversity
-- * chooses the other antenna 3 times in a row.
-- */
-- if (sc->rx.defant != rs.rs_antenna) {
-- if (++sc->rx.rxotherant >= 3)
-- ath_setdefantenna(sc, rs.rs_antenna);
-- } else {
-- sc->rx.rxotherant = 0;
-- }
--
-- }
--
- if (rxs->flag & RX_FLAG_MMIC_STRIPPED)
- skb_trim(skb, skb->len - 8);
-
-@@ -1355,8 +1443,7 @@ int ath_rx_tasklet(struct ath_softc *sc,
- ath_rx_ps(sc, skb, rs.is_mybeacon);
- spin_unlock_irqrestore(&sc->sc_pm_lock, flags);
-
-- if ((ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) && sc->ant_rx == 3)
-- ath_ant_comb_scan(sc, &rs);
-+ ath9k_antenna_check(sc, &rs);
-
- ath9k_apply_ampdu_details(sc, &rs, rxs);
-
-@@ -1375,7 +1462,7 @@ requeue:
- if (edma) {
- ath_rx_edma_buf_link(sc, qtype);
- } else {
-- ath_rx_buf_link(sc, bf);
-+ ath_rx_buf_relink(sc, bf);
- ath9k_hw_rxena(ah);
- }
- } while (1);
---- a/drivers/net/wireless/ath/ath9k/init.c
-+++ b/drivers/net/wireless/ath/ath9k/init.c
-@@ -53,9 +53,9 @@ static int ath9k_btcoex_enable;
- module_param_named(btcoex_enable, ath9k_btcoex_enable, int, 0444);
- MODULE_PARM_DESC(btcoex_enable, "Enable wifi-BT coexistence");
-
--static int ath9k_enable_diversity;
--module_param_named(enable_diversity, ath9k_enable_diversity, int, 0444);
--MODULE_PARM_DESC(enable_diversity, "Enable Antenna diversity for AR9565");
-+static int ath9k_bt_ant_diversity;
-+module_param_named(bt_ant_diversity, ath9k_bt_ant_diversity, int, 0444);
-+MODULE_PARM_DESC(bt_ant_diversity, "Enable WLAN/BT RX antenna diversity");
-
- bool is_ath9k_unloaded;
- /* We use the hw_value as an index into our private channel structure */
-@@ -339,7 +339,6 @@ int ath_descdma_setup(struct ath_softc *
- {
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
- u8 *ds;
-- struct ath_buf *bf;
- int i, bsize, desc_len;
-
- ath_dbg(common, CONFIG, "%s DMA: %u buffers %u desc/buf\n",
-@@ -391,33 +390,68 @@ int ath_descdma_setup(struct ath_softc *
- ito64(dd->dd_desc_paddr), /*XXX*/(u32) dd->dd_desc_len);
-
- /* allocate buffers */
-- bsize = sizeof(struct ath_buf) * nbuf;
-- bf = devm_kzalloc(sc->dev, bsize, GFP_KERNEL);
-- if (!bf)
-- return -ENOMEM;
-+ if (is_tx) {
-+ struct ath_buf *bf;
-+
-+ bsize = sizeof(struct ath_buf) * nbuf;
-+ bf = devm_kzalloc(sc->dev, bsize, GFP_KERNEL);
-+ if (!bf)
-+ return -ENOMEM;
-+
-+ for (i = 0; i < nbuf; i++, bf++, ds += (desc_len * ndesc)) {
-+ bf->bf_desc = ds;
-+ bf->bf_daddr = DS2PHYS(dd, ds);
-+
-+ if (!(sc->sc_ah->caps.hw_caps &
-+ ATH9K_HW_CAP_4KB_SPLITTRANS)) {
-+ /*
-+ * Skip descriptor addresses which can cause 4KB
-+ * boundary crossing (addr + length) with a 32 dword
-+ * descriptor fetch.
-+ */
-+ while (ATH_DESC_4KB_BOUND_CHECK(bf->bf_daddr)) {
-+ BUG_ON((caddr_t) bf->bf_desc >=
-+ ((caddr_t) dd->dd_desc +
-+ dd->dd_desc_len));
-+
-+ ds += (desc_len * ndesc);
-+ bf->bf_desc = ds;
-+ bf->bf_daddr = DS2PHYS(dd, ds);
-+ }
-+ }
-+ list_add_tail(&bf->list, head);
-+ }
-+ } else {
-+ struct ath_rxbuf *bf;
-
-- for (i = 0; i < nbuf; i++, bf++, ds += (desc_len * ndesc)) {
-- bf->bf_desc = ds;
-- bf->bf_daddr = DS2PHYS(dd, ds);
--
-- if (!(sc->sc_ah->caps.hw_caps &
-- ATH9K_HW_CAP_4KB_SPLITTRANS)) {
-- /*
-- * Skip descriptor addresses which can cause 4KB
-- * boundary crossing (addr + length) with a 32 dword
-- * descriptor fetch.
-- */
-- while (ATH_DESC_4KB_BOUND_CHECK(bf->bf_daddr)) {
-- BUG_ON((caddr_t) bf->bf_desc >=
-- ((caddr_t) dd->dd_desc +
-- dd->dd_desc_len));
--
-- ds += (desc_len * ndesc);
-- bf->bf_desc = ds;
-- bf->bf_daddr = DS2PHYS(dd, ds);
-+ bsize = sizeof(struct ath_rxbuf) * nbuf;
-+ bf = devm_kzalloc(sc->dev, bsize, GFP_KERNEL);
-+ if (!bf)
-+ return -ENOMEM;
-+
-+ for (i = 0; i < nbuf; i++, bf++, ds += (desc_len * ndesc)) {
-+ bf->bf_desc = ds;
-+ bf->bf_daddr = DS2PHYS(dd, ds);
-+
-+ if (!(sc->sc_ah->caps.hw_caps &
-+ ATH9K_HW_CAP_4KB_SPLITTRANS)) {
-+ /*
-+ * Skip descriptor addresses which can cause 4KB
-+ * boundary crossing (addr + length) with a 32 dword
-+ * descriptor fetch.
-+ */
-+ while (ATH_DESC_4KB_BOUND_CHECK(bf->bf_daddr)) {
-+ BUG_ON((caddr_t) bf->bf_desc >=
-+ ((caddr_t) dd->dd_desc +
-+ dd->dd_desc_len));
-+
-+ ds += (desc_len * ndesc);
-+ bf->bf_desc = ds;
-+ bf->bf_daddr = DS2PHYS(dd, ds);
-+ }
- }
-+ list_add_tail(&bf->list, head);
- }
-- list_add_tail(&bf->list, head);
- }
- return 0;
- }
-@@ -429,7 +463,6 @@ static int ath9k_init_queues(struct ath_
- sc->beacon.beaconq = ath9k_hw_beaconq_setup(sc->sc_ah);
- sc->beacon.cabq = ath_txq_setup(sc, ATH9K_TX_QUEUE_CAB, 0);
-
-- sc->config.cabqReadytime = ATH_CABQ_READY_TIME;
- ath_cabq_update(sc);
-
- sc->tx.uapsdq = ath_txq_setup(sc, ATH9K_TX_QUEUE_UAPSD, 0);
-@@ -516,6 +549,7 @@ static void ath9k_init_misc(struct ath_s
- static void ath9k_init_platform(struct ath_softc *sc)
- {
- struct ath_hw *ah = sc->sc_ah;
-+ struct ath9k_hw_capabilities *pCap = &ah->caps;
- struct ath_common *common = ath9k_hw_common(ah);
-
- if (common->bus_ops->ath_bus_type != ATH_PCI)
-@@ -525,12 +559,27 @@ static void ath9k_init_platform(struct a
- ATH9K_PCI_CUS230)) {
- ah->config.xlna_gpio = 9;
- ah->config.xatten_margin_cfg = true;
-+ ah->config.alt_mingainidx = true;
-+ ah->config.ant_ctrl_comm2g_switch_enable = 0x000BBB88;
-+ sc->ant_comb.low_rssi_thresh = 20;
-+ sc->ant_comb.fast_div_bias = 3;
-
- ath_info(common, "Set parameters for %s\n",
- (sc->driver_data & ATH9K_PCI_CUS198) ?
- "CUS198" : "CUS230");
-- } else if (sc->driver_data & ATH9K_PCI_CUS217) {
-+ }
-+
-+ if (sc->driver_data & ATH9K_PCI_CUS217)
- ath_info(common, "CUS217 card detected\n");
-+
-+ if (sc->driver_data & ATH9K_PCI_BT_ANT_DIV) {
-+ pCap->hw_caps |= ATH9K_HW_CAP_BT_ANT_DIV;
-+ ath_info(common, "Set BT/WLAN RX diversity capability\n");
-+ }
-+
-+ if (sc->driver_data & ATH9K_PCI_D3_L1_WAR) {
-+ ah->config.pcie_waen = 0x0040473b;
-+ ath_info(common, "Enable WAR for ASPM D3/L1\n");
- }
- }
-
-@@ -584,6 +633,7 @@ static int ath9k_init_softc(u16 devid, s
- {
- struct ath9k_platform_data *pdata = sc->dev->platform_data;
- struct ath_hw *ah = NULL;
-+ struct ath9k_hw_capabilities *pCap;
- struct ath_common *common;
- int ret = 0, i;
- int csz = 0;
-@@ -600,6 +650,7 @@ static int ath9k_init_softc(u16 devid, s
- ah->reg_ops.rmw = ath9k_reg_rmw;
- atomic_set(&ah->intr_ref_cnt, -1);
- sc->sc_ah = ah;
-+ pCap = &ah->caps;
-
- sc->dfs_detector = dfs_pattern_detector_init(ah, NL80211_DFS_UNSET);
-
-@@ -631,11 +682,15 @@ static int ath9k_init_softc(u16 devid, s
- ath9k_init_platform(sc);
-
- /*
-- * Enable Antenna diversity only when BTCOEX is disabled
-- * and the user manually requests the feature.
-+ * Enable WLAN/BT RX Antenna diversity only when:
-+ *
-+ * - BTCOEX is disabled.
-+ * - the user manually requests the feature.
-+ * - the HW cap is set using the platform data.
- */
-- if (!common->btcoex_enabled && ath9k_enable_diversity)
-- common->antenna_diversity = 1;
-+ if (!common->btcoex_enabled && ath9k_bt_ant_diversity &&
-+ (pCap->hw_caps & ATH9K_HW_CAP_BT_ANT_DIV))
-+ common->bt_ant_diversity = 1;
-
- spin_lock_init(&common->cc_lock);
-
-@@ -710,13 +765,15 @@ static void ath9k_init_band_txpower(stru
- struct ieee80211_supported_band *sband;
- struct ieee80211_channel *chan;
- struct ath_hw *ah = sc->sc_ah;
-+ struct cfg80211_chan_def chandef;
- int i;
-
- sband = &sc->sbands[band];
- for (i = 0; i < sband->n_channels; i++) {
- chan = &sband->channels[i];
- ah->curchan = &ah->channels[chan->hw_value];
-- ath9k_cmn_update_ichannel(ah->curchan, chan, NL80211_CHAN_HT20);
-+ cfg80211_chandef_create(&chandef, chan, NL80211_CHAN_HT20);
-+ ath9k_cmn_get_channel(sc->hw, ah, &chandef);
- ath9k_hw_set_txpowerlimit(ah, MAX_RATE_POWER, true);
- }
- }
-@@ -802,7 +859,8 @@ void ath9k_set_hw_capab(struct ath_softc
- IEEE80211_HW_PS_NULLFUNC_STACK |
- IEEE80211_HW_SPECTRUM_MGMT |
- IEEE80211_HW_REPORTS_TX_ACK_STATUS |
-- IEEE80211_HW_SUPPORTS_RC_TABLE;
-+ IEEE80211_HW_SUPPORTS_RC_TABLE |
-+ IEEE80211_HW_SUPPORTS_HT_CCK_RATES;
-
- if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT) {
- hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
---- a/drivers/net/wireless/ath/carl9170/main.c
-+++ b/drivers/net/wireless/ath/carl9170/main.c
-@@ -1878,7 +1878,8 @@ void *carl9170_alloc(size_t priv_size)
- IEEE80211_HW_PS_NULLFUNC_STACK |
- IEEE80211_HW_NEED_DTIM_BEFORE_ASSOC |
- IEEE80211_HW_SUPPORTS_RC_TABLE |
-- IEEE80211_HW_SIGNAL_DBM;
-+ IEEE80211_HW_SIGNAL_DBM |
-+ IEEE80211_HW_SUPPORTS_HT_CCK_RATES;
-
- if (!modparam_noht) {
- /*
---- a/drivers/net/wireless/rt2x00/rt2800lib.c
-+++ b/drivers/net/wireless/rt2x00/rt2800lib.c
-@@ -6133,7 +6133,8 @@ static int rt2800_probe_hw_mode(struct r
- IEEE80211_HW_SUPPORTS_PS |
- IEEE80211_HW_PS_NULLFUNC_STACK |
- IEEE80211_HW_AMPDU_AGGREGATION |
-- IEEE80211_HW_REPORTS_TX_ACK_STATUS;
-+ IEEE80211_HW_REPORTS_TX_ACK_STATUS |
-+ IEEE80211_HW_SUPPORTS_HT_CCK_RATES;
-
- /*
- * Don't set IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING for USB devices
---- a/include/net/mac80211.h
-+++ b/include/net/mac80211.h
-@@ -152,11 +152,14 @@ struct ieee80211_low_level_stats {
- * @IEEE80211_CHANCTX_CHANGE_WIDTH: The channel width changed
- * @IEEE80211_CHANCTX_CHANGE_RX_CHAINS: The number of RX chains changed
- * @IEEE80211_CHANCTX_CHANGE_RADAR: radar detection flag changed
-+ * @IEEE80211_CHANCTX_CHANGE_CHANNEL: switched to another operating channel,
-+ * this is used only with channel switching with CSA
- */
- enum ieee80211_chanctx_change {
- IEEE80211_CHANCTX_CHANGE_WIDTH = BIT(0),
- IEEE80211_CHANCTX_CHANGE_RX_CHAINS = BIT(1),
- IEEE80211_CHANCTX_CHANGE_RADAR = BIT(2),
-+ IEEE80211_CHANCTX_CHANGE_CHANNEL = BIT(3),
- };
-
- /**
-@@ -1080,6 +1083,7 @@ enum ieee80211_vif_flags {
- * @addr: address of this interface
- * @p2p: indicates whether this AP or STA interface is a p2p
- * interface, i.e. a GO or p2p-sta respectively
-+ * @csa_active: marks whether a channel switch is going on
- * @driver_flags: flags/capabilities the driver has for this interface,
- * these need to be set (or cleared) when the interface is added
- * or, if supported by the driver, the interface type is changed
-@@ -1102,6 +1106,7 @@ struct ieee80211_vif {
- struct ieee80211_bss_conf bss_conf;
- u8 addr[ETH_ALEN];
- bool p2p;
-+ bool csa_active;
-
- u8 cab_queue;
- u8 hw_queue[IEEE80211_NUM_ACS];
-@@ -1499,6 +1504,7 @@ enum ieee80211_hw_flags {
- IEEE80211_HW_SUPPORTS_RC_TABLE = 1<<24,
- IEEE80211_HW_P2P_DEV_ADDR_FOR_INTF = 1<<25,
- IEEE80211_HW_TIMING_BEACON_ONLY = 1<<26,
-+ IEEE80211_HW_SUPPORTS_HT_CCK_RATES = 1<<27,
- };
-
- /**
-@@ -2633,6 +2639,16 @@ enum ieee80211_roc_type {
- * @ipv6_addr_change: IPv6 address assignment on the given interface changed.
- * Currently, this is only called for managed or P2P client interfaces.
- * This callback is optional; it must not sleep.
-+ *
-+ * @channel_switch_beacon: Starts a channel switch to a new channel.
-+ * Beacons are modified to include CSA or ECSA IEs before calling this
-+ * function. The corresponding count fields in these IEs must be
-+ * decremented, and when they reach zero the driver must call
-+ * ieee80211_csa_finish(). Drivers which use ieee80211_beacon_get()
-+ * get the csa counter decremented by mac80211, but must check if it is
-+ * zero using ieee80211_csa_is_complete() after the beacon has been
-+ * transmitted and then call ieee80211_csa_finish().
-+ *
- */
- struct ieee80211_ops {
- void (*tx)(struct ieee80211_hw *hw,
-@@ -2830,6 +2846,9 @@ struct ieee80211_ops {
- struct ieee80211_vif *vif,
- struct inet6_dev *idev);
- #endif
-+ void (*channel_switch_beacon)(struct ieee80211_hw *hw,
-+ struct ieee80211_vif *vif,
-+ struct cfg80211_chan_def *chandef);
- };
-
- /**
-@@ -3325,6 +3344,25 @@ static inline struct sk_buff *ieee80211_
- }
-
- /**
-+ * ieee80211_csa_finish - notify mac80211 about channel switch
-+ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
-+ *
-+ * After a channel switch announcement was scheduled and the counter in this
-+ * announcement hit zero, this function must be called by the driver to
-+ * notify mac80211 that the channel can be changed.
-+ */
-+void ieee80211_csa_finish(struct ieee80211_vif *vif);
-+
-+/**
-+ * ieee80211_csa_is_complete - find out if counters reached zero
-+ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
-+ *
-+ * This function returns whether the channel switch counters reached zero.
-+ */
-+bool ieee80211_csa_is_complete(struct ieee80211_vif *vif);
-+
-+
-+/**
- * ieee80211_proberesp_get - retrieve a Probe Response template
- * @hw: pointer obtained from ieee80211_alloc_hw().
- * @vif: &struct ieee80211_vif pointer from the add_interface callback.
---- a/net/mac80211/cfg.c
-+++ b/net/mac80211/cfg.c
-@@ -854,8 +854,8 @@ static int ieee80211_set_probe_resp(stru
- return 0;
- }
-
--static int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
-- struct cfg80211_beacon_data *params)
-+int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
-+ struct cfg80211_beacon_data *params)
- {
- struct beacon_data *new, *old;
- int new_head_len, new_tail_len;
-@@ -1018,6 +1018,12 @@ static int ieee80211_change_beacon(struc
-
- sdata = IEEE80211_DEV_TO_SUB_IF(dev);
-
-+ /* don't allow changing the beacon while CSA is in place - offset
-+ * of channel switch counter may change
-+ */
-+ if (sdata->vif.csa_active)
-+ return -EBUSY;
-+
- old = rtnl_dereference(sdata->u.ap.beacon);
- if (!old)
- return -ENOENT;
-@@ -1042,6 +1048,10 @@ static int ieee80211_stop_ap(struct wiph
- return -ENOENT;
- old_probe_resp = rtnl_dereference(sdata->u.ap.probe_resp);
-
-+ /* abort any running channel switch */
-+ sdata->vif.csa_active = false;
-+ cancel_work_sync(&sdata->csa_finalize_work);
-+
- /* turn off carrier for this interface and dependent VLANs */
- list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
- netif_carrier_off(vlan->dev);
-@@ -2784,6 +2794,178 @@ static int ieee80211_start_radar_detecti
- return 0;
- }
-
-+static struct cfg80211_beacon_data *
-+cfg80211_beacon_dup(struct cfg80211_beacon_data *beacon)
-+{
-+ struct cfg80211_beacon_data *new_beacon;
-+ u8 *pos;
-+ int len;
-+
-+ len = beacon->head_len + beacon->tail_len + beacon->beacon_ies_len +
-+ beacon->proberesp_ies_len + beacon->assocresp_ies_len +
-+ beacon->probe_resp_len;
-+
-+ new_beacon = kzalloc(sizeof(*new_beacon) + len, GFP_KERNEL);
-+ if (!new_beacon)
-+ return NULL;
-+
-+ pos = (u8 *)(new_beacon + 1);
-+ if (beacon->head_len) {
-+ new_beacon->head_len = beacon->head_len;
-+ new_beacon->head = pos;
-+ memcpy(pos, beacon->head, beacon->head_len);
-+ pos += beacon->head_len;
-+ }
-+ if (beacon->tail_len) {
-+ new_beacon->tail_len = beacon->tail_len;
-+ new_beacon->tail = pos;
-+ memcpy(pos, beacon->tail, beacon->tail_len);
-+ pos += beacon->tail_len;
-+ }
-+ if (beacon->beacon_ies_len) {
-+ new_beacon->beacon_ies_len = beacon->beacon_ies_len;
-+ new_beacon->beacon_ies = pos;
-+ memcpy(pos, beacon->beacon_ies, beacon->beacon_ies_len);
-+ pos += beacon->beacon_ies_len;
-+ }
-+ if (beacon->proberesp_ies_len) {
-+ new_beacon->proberesp_ies_len = beacon->proberesp_ies_len;
-+ new_beacon->proberesp_ies = pos;
-+ memcpy(pos, beacon->proberesp_ies, beacon->proberesp_ies_len);
-+ pos += beacon->proberesp_ies_len;
-+ }
-+ if (beacon->assocresp_ies_len) {
-+ new_beacon->assocresp_ies_len = beacon->assocresp_ies_len;
-+ new_beacon->assocresp_ies = pos;
-+ memcpy(pos, beacon->assocresp_ies, beacon->assocresp_ies_len);
-+ pos += beacon->assocresp_ies_len;
-+ }
-+ if (beacon->probe_resp_len) {
-+ new_beacon->probe_resp_len = beacon->probe_resp_len;
-+ beacon->probe_resp = pos;
-+ memcpy(pos, beacon->probe_resp, beacon->probe_resp_len);
-+ pos += beacon->probe_resp_len;
-+ }
-+
-+ return new_beacon;
-+}
-+
-+void ieee80211_csa_finalize_work(struct work_struct *work)
-+{
-+ struct ieee80211_sub_if_data *sdata =
-+ container_of(work, struct ieee80211_sub_if_data,
-+ csa_finalize_work);
-+ struct ieee80211_local *local = sdata->local;
-+ int err, changed;
-+
-+ if (!ieee80211_sdata_running(sdata))
-+ return;
-+
-+ if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP))
-+ return;
-+
-+ sdata->radar_required = sdata->csa_radar_required;
-+ err = ieee80211_vif_change_channel(sdata, &local->csa_chandef,
-+ &changed);
-+ if (WARN_ON(err < 0))
-+ return;
-+
-+ err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon);
-+ if (err < 0)
-+ return;
-+
-+ changed |= err;
-+ kfree(sdata->u.ap.next_beacon);
-+ sdata->u.ap.next_beacon = NULL;
-+ sdata->vif.csa_active = false;
-+
-+ ieee80211_wake_queues_by_reason(&sdata->local->hw,
-+ IEEE80211_MAX_QUEUE_MAP,
-+ IEEE80211_QUEUE_STOP_REASON_CSA);
-+
-+ ieee80211_bss_info_change_notify(sdata, changed);
-+
-+ cfg80211_ch_switch_notify(sdata->dev, &local->csa_chandef);
-+}
-+
-+static int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
-+ struct cfg80211_csa_settings *params)
-+{
-+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
-+ struct ieee80211_local *local = sdata->local;
-+ struct ieee80211_chanctx_conf *chanctx_conf;
-+ struct ieee80211_chanctx *chanctx;
-+ int err, num_chanctx;
-+
-+ if (!list_empty(&local->roc_list) || local->scanning)
-+ return -EBUSY;
-+
-+ if (sdata->wdev.cac_started)
-+ return -EBUSY;
-+
-+ if (cfg80211_chandef_identical(¶ms->chandef,
-+ &sdata->vif.bss_conf.chandef))
-+ return -EINVAL;
-+
-+ rcu_read_lock();
-+ chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
-+ if (!chanctx_conf) {
-+ rcu_read_unlock();
-+ return -EBUSY;
-+ }
-+
-+ /* don't handle for multi-VIF cases */
-+ chanctx = container_of(chanctx_conf, struct ieee80211_chanctx, conf);
-+ if (chanctx->refcount > 1) {
-+ rcu_read_unlock();
-+ return -EBUSY;
-+ }
-+ num_chanctx = 0;
-+ list_for_each_entry_rcu(chanctx, &local->chanctx_list, list)
-+ num_chanctx++;
-+ rcu_read_unlock();
-+
-+ if (num_chanctx > 1)
-+ return -EBUSY;
-+
-+ /* don't allow another channel switch if one is already active. */
-+ if (sdata->vif.csa_active)
-+ return -EBUSY;
-+
-+ /* only handle AP for now. */
-+ switch (sdata->vif.type) {
-+ case NL80211_IFTYPE_AP:
-+ break;
-+ default:
-+ return -EOPNOTSUPP;
-+ }
-+
-+ sdata->u.ap.next_beacon = cfg80211_beacon_dup(¶ms->beacon_after);
-+ if (!sdata->u.ap.next_beacon)
-+ return -ENOMEM;
-+
-+ sdata->csa_counter_offset_beacon = params->counter_offset_beacon;
-+ sdata->csa_counter_offset_presp = params->counter_offset_presp;
-+ sdata->csa_radar_required = params->radar_required;
-+
-+ if (params->block_tx)
-+ ieee80211_stop_queues_by_reason(&local->hw,
-+ IEEE80211_MAX_QUEUE_MAP,
-+ IEEE80211_QUEUE_STOP_REASON_CSA);
-+
-+ err = ieee80211_assign_beacon(sdata, ¶ms->beacon_csa);
-+ if (err < 0)
-+ return err;
-+
-+ local->csa_chandef = params->chandef;
-+ sdata->vif.csa_active = true;
-+
-+ ieee80211_bss_info_change_notify(sdata, err);
-+ drv_channel_switch_beacon(sdata, ¶ms->chandef);
-+
-+ return 0;
-+}
-+
- static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
- struct ieee80211_channel *chan, bool offchan,
- unsigned int wait, const u8 *buf, size_t len,
-@@ -3332,7 +3514,7 @@ static int ieee80211_probe_client(struct
- return -EINVAL;
- }
- band = chanctx_conf->def.chan->band;
-- sta = sta_info_get(sdata, peer);
-+ sta = sta_info_get_bss(sdata, peer);
- if (sta) {
- qos = test_sta_flag(sta, WLAN_STA_WME);
- } else {
-@@ -3501,4 +3683,5 @@ struct cfg80211_ops mac80211_config_ops
- .get_et_strings = ieee80211_get_et_strings,
- .get_channel = ieee80211_cfg_get_channel,
- .start_radar_detection = ieee80211_start_radar_detection,
-+ .channel_switch = ieee80211_channel_switch,
- };
---- a/net/mac80211/chan.c
-+++ b/net/mac80211/chan.c
-@@ -410,6 +410,64 @@ int ieee80211_vif_use_channel(struct iee
- return ret;
- }
-
-+int ieee80211_vif_change_channel(struct ieee80211_sub_if_data *sdata,
-+ const struct cfg80211_chan_def *chandef,
-+ u32 *changed)
-+{
-+ struct ieee80211_local *local = sdata->local;
-+ struct ieee80211_chanctx_conf *conf;
-+ struct ieee80211_chanctx *ctx;
-+ int ret;
-+ u32 chanctx_changed = 0;
-+
-+ /* should never be called if not performing a channel switch. */
-+ if (WARN_ON(!sdata->vif.csa_active))
-+ return -EINVAL;
-+
-+ if (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
-+ IEEE80211_CHAN_DISABLED))
-+ return -EINVAL;
-+
-+ mutex_lock(&local->chanctx_mtx);
-+ conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
-+ lockdep_is_held(&local->chanctx_mtx));
-+ if (!conf) {
-+ ret = -EINVAL;
-+ goto out;
-+ }
-+
-+ ctx = container_of(conf, struct ieee80211_chanctx, conf);
-+ if (ctx->refcount != 1) {
-+ ret = -EINVAL;
-+ goto out;
-+ }
-+
-+ if (sdata->vif.bss_conf.chandef.width != chandef->width) {
-+ chanctx_changed = IEEE80211_CHANCTX_CHANGE_WIDTH;
-+ *changed |= BSS_CHANGED_BANDWIDTH;
-+ }
-+
-+ sdata->vif.bss_conf.chandef = *chandef;
-+ ctx->conf.def = *chandef;
-+
-+ chanctx_changed |= IEEE80211_CHANCTX_CHANGE_CHANNEL;
-+ drv_change_chanctx(local, ctx, chanctx_changed);
-+
-+ if (!local->use_chanctx) {
-+ local->_oper_chandef = *chandef;
-+ ieee80211_hw_config(local, 0);
-+ }
-+
-+ ieee80211_recalc_chanctx_chantype(local, ctx);
-+ ieee80211_recalc_smps_chanctx(local, ctx);
-+ ieee80211_recalc_radar_chanctx(local, ctx);
-+
-+ ret = 0;
-+ out:
-+ mutex_unlock(&local->chanctx_mtx);
-+ return ret;
-+}
-+
- int ieee80211_vif_change_bandwidth(struct ieee80211_sub_if_data *sdata,
- const struct cfg80211_chan_def *chandef,
- u32 *changed)
---- a/net/mac80211/driver-ops.h
-+++ b/net/mac80211/driver-ops.h
-@@ -1104,4 +1104,17 @@ static inline void drv_ipv6_addr_change(
- }
- #endif
+ WARN_ON_ONCE(sdata->vif.type != NL80211_IFTYPE_STATION);
-+static inline void
-+drv_channel_switch_beacon(struct ieee80211_sub_if_data *sdata,
-+ struct cfg80211_chan_def *chandef)
-+{
-+ struct ieee80211_local *local = sdata->local;
-+
-+ if (local->ops->channel_switch_beacon) {
-+ trace_drv_channel_switch_beacon(local, sdata, chandef);
-+ local->ops->channel_switch_beacon(&local->hw, &sdata->vif,
-+ chandef);
-+ }
-+}
+ trace_drv_mgd_prepare_tx(local, sdata);
+@@ -964,6 +988,9 @@ static inline int drv_add_chanctx(struct
+ static inline void drv_remove_chanctx(struct ieee80211_local *local,
+ struct ieee80211_chanctx *ctx)
+ {
++ if (WARN_ON(!ctx->driver_present))
++ return;
+
- #endif /* __MAC80211_DRIVER_OPS */
---- a/net/mac80211/ieee80211_i.h
-+++ b/net/mac80211/ieee80211_i.h
-@@ -53,9 +53,6 @@ struct ieee80211_local;
- * increased memory use (about 2 kB of RAM per entry). */
- #define IEEE80211_FRAGMENT_MAX 4
+ trace_drv_remove_chanctx(local, ctx);
+ if (local->ops->remove_chanctx)
+ local->ops->remove_chanctx(&local->hw, &ctx->conf);
+@@ -989,7 +1016,8 @@ static inline int drv_assign_vif_chanctx
+ {
+ int ret = 0;
--#define TU_TO_JIFFIES(x) (usecs_to_jiffies((x) * 1024))
--#define TU_TO_EXP_TIME(x) (jiffies + TU_TO_JIFFIES(x))
--
- /* power level hasn't been configured (or set to automatic) */
- #define IEEE80211_UNSET_POWER_LEVEL INT_MIN
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
+
+ trace_drv_assign_vif_chanctx(local, sdata, ctx);
+ if (local->ops->assign_vif_chanctx) {
+@@ -1007,7 +1035,8 @@ static inline void drv_unassign_vif_chan
+ struct ieee80211_sub_if_data *sdata,
+ struct ieee80211_chanctx *ctx)
+ {
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
+
+ trace_drv_unassign_vif_chanctx(local, sdata, ctx);
+ if (local->ops->unassign_vif_chanctx) {
+@@ -1024,7 +1053,8 @@ static inline int drv_start_ap(struct ie
+ {
+ int ret = 0;
-@@ -259,6 +256,8 @@ struct ieee80211_if_ap {
- struct beacon_data __rcu *beacon;
- struct probe_resp __rcu *probe_resp;
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
-+ /* to be used after channel switch. */
-+ struct cfg80211_beacon_data *next_beacon;
- struct list_head vlans;
+ trace_drv_start_ap(local, sdata, &sdata->vif.bss_conf);
+ if (local->ops->start_ap)
+@@ -1036,7 +1066,8 @@ static inline int drv_start_ap(struct ie
+ static inline void drv_stop_ap(struct ieee80211_local *local,
+ struct ieee80211_sub_if_data *sdata)
+ {
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
+
+ trace_drv_stop_ap(local, sdata);
+ if (local->ops->stop_ap)
+@@ -1059,7 +1090,8 @@ drv_set_default_unicast_key(struct ieee8
+ struct ieee80211_sub_if_data *sdata,
+ int key_idx)
+ {
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
- struct ps_data ps;
-@@ -713,6 +712,11 @@ struct ieee80211_sub_if_data {
+ WARN_ON_ONCE(key_idx < -1 || key_idx > 3);
- struct ieee80211_tx_queue_params tx_conf[IEEE80211_NUM_ACS];
+@@ -1101,7 +1133,8 @@ static inline int drv_join_ibss(struct i
+ int ret = 0;
+
+ might_sleep();
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return -EIO;
+
+ trace_drv_join_ibss(local, sdata, &sdata->vif.bss_conf);
+ if (local->ops->join_ibss)
+@@ -1114,7 +1147,8 @@ static inline void drv_leave_ibss(struct
+ struct ieee80211_sub_if_data *sdata)
+ {
+ might_sleep();
+- check_sdata_in_driver(sdata);
++ if (!check_sdata_in_driver(sdata))
++ return;
+
+ trace_drv_leave_ibss(local, sdata);
+ if (local->ops->leave_ibss)
+--- a/net/mac80211/ibss.c
++++ b/net/mac80211/ibss.c
+@@ -143,7 +143,7 @@ ieee80211_ibss_build_presp(struct ieee80
+ *pos++ = csa_settings->block_tx ? 1 : 0;
+ *pos++ = ieee80211_frequency_to_channel(
+ csa_settings->chandef.chan->center_freq);
+- sdata->csa_counter_offset_beacon = (pos - presp->head);
++ sdata->csa_counter_offset_beacon[0] = (pos - presp->head);
+ *pos++ = csa_settings->count;
+ }
+
+--- a/net/mac80211/ieee80211_i.h
++++ b/net/mac80211/ieee80211_i.h
+@@ -754,9 +754,10 @@ struct ieee80211_sub_if_data {
+ struct mac80211_qos_map __rcu *qos_map;
+
+ struct work_struct csa_finalize_work;
+- int csa_counter_offset_beacon;
+- int csa_counter_offset_presp;
++ u16 csa_counter_offset_beacon[IEEE80211_MAX_CSA_COUNTERS_NUM];
++ u16 csa_counter_offset_presp[IEEE80211_MAX_CSA_COUNTERS_NUM];
+ bool csa_radar_required;
++ bool csa_block_tx; /* write-protected by sdata_lock and local->mtx */
+ struct cfg80211_chan_def csa_chandef;
+
+ struct list_head assigned_chanctx_list; /* protected by chanctx_mtx */
+@@ -766,6 +767,7 @@ struct ieee80211_sub_if_data {
+ struct ieee80211_chanctx *reserved_chanctx;
+ struct cfg80211_chan_def reserved_chandef;
+ bool reserved_radar_required;
++ u8 csa_current_counter;
-+ struct work_struct csa_finalize_work;
-+ int csa_counter_offset_beacon;
-+ int csa_counter_offset_presp;
-+ bool csa_radar_required;
-+
/* used to reconfigure hardware SM PS */
struct work_struct recalc_smps;
-
-@@ -1346,6 +1350,9 @@ void ieee80211_roc_notify_destroy(struct
- void ieee80211_sw_roc_work(struct work_struct *work);
+@@ -1462,6 +1464,7 @@ __ieee80211_request_sched_scan_start(str
+ int ieee80211_request_sched_scan_start(struct ieee80211_sub_if_data *sdata,
+ struct cfg80211_sched_scan_request *req);
+ int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata);
++void ieee80211_sched_scan_end(struct ieee80211_local *local);
+ void ieee80211_sched_scan_stopped_work(struct work_struct *work);
+
+ /* off-channel helpers */
+@@ -1476,6 +1479,7 @@ void ieee80211_sw_roc_work(struct work_s
void ieee80211_handle_roc_started(struct ieee80211_roc_work *roc);
-+/* channel switch handling */
-+void ieee80211_csa_finalize_work(struct work_struct *work);
+ /* channel switch handling */
++bool ieee80211_csa_needs_block_tx(struct ieee80211_local *local);
+ void ieee80211_csa_finalize_work(struct work_struct *work);
+ int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
+ struct cfg80211_csa_settings *params);
+@@ -1837,6 +1841,15 @@ int ieee80211_check_combinations(struct
+ u8 radar_detect);
+ int ieee80211_max_num_channels(struct ieee80211_local *local);
+
++/* TDLS */
++int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *peer, u8 action_code, u8 dialog_token,
++ u16 status_code, u32 peer_capability,
++ const u8 *extra_ies, size_t extra_ies_len);
++int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *peer, enum nl80211_tdls_operation oper);
++
++
+ #ifdef CPTCFG_MAC80211_NOINLINE
+ #define debug_noinline noinline
+ #else
+--- a/net/mac80211/iface.c
++++ b/net/mac80211/iface.c
+@@ -838,8 +838,15 @@ static void ieee80211_do_stop(struct iee
+
+ cancel_work_sync(&sdata->recalc_smps);
+ sdata_lock(sdata);
++ mutex_lock(&local->mtx);
+ sdata->vif.csa_active = false;
++ if (!ieee80211_csa_needs_block_tx(local))
++ ieee80211_wake_queues_by_reason(&local->hw,
++ IEEE80211_MAX_QUEUE_MAP,
++ IEEE80211_QUEUE_STOP_REASON_CSA);
++ mutex_unlock(&local->mtx);
+ sdata_unlock(sdata);
+
- /* interface handling */
- int ieee80211_iface_init(void);
- void ieee80211_iface_exit(void);
-@@ -1367,6 +1374,8 @@ void ieee80211_del_virtual_monitor(struc
+ cancel_work_sync(&sdata->csa_finalize_work);
- bool __ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata);
- void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata);
-+int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
-+ struct cfg80211_beacon_data *params);
+ cancel_delayed_work_sync(&sdata->dfs_cac_timer_work);
+--- a/net/mac80211/key.c
++++ b/net/mac80211/key.c
+@@ -325,7 +325,8 @@ ieee80211_key_alloc(u32 cipher, int idx,
+ struct ieee80211_key *key;
+ int i, j, err;
+
+- BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
++ if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
++ return ERR_PTR(-EINVAL);
+
+ key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
+ if (!key)
+@@ -481,8 +482,8 @@ int ieee80211_key_link(struct ieee80211_
+ int idx, ret;
+ bool pairwise;
+
+- BUG_ON(!sdata);
+- BUG_ON(!key);
++ if (WARN_ON(!sdata || !key))
++ return -EINVAL;
- static inline bool ieee80211_sdata_running(struct ieee80211_sub_if_data *sdata)
- {
-@@ -1627,6 +1636,11 @@ int __must_check
- ieee80211_vif_change_bandwidth(struct ieee80211_sub_if_data *sdata,
- const struct cfg80211_chan_def *chandef,
- u32 *changed);
-+/* NOTE: only use ieee80211_vif_change_channel() for channel switch */
-+int __must_check
-+ieee80211_vif_change_channel(struct ieee80211_sub_if_data *sdata,
-+ const struct cfg80211_chan_def *chandef,
-+ u32 *changed);
- void ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata);
- void ieee80211_vif_vlan_copy_chanctx(struct ieee80211_sub_if_data *sdata);
- void ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
---- a/net/mac80211/trace.h
-+++ b/net/mac80211/trace.h
-@@ -1906,6 +1906,32 @@ TRACE_EVENT(api_radar_detected,
- )
- );
+ pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
+ idx = key->conf.keyidx;
+--- a/net/mac80211/main.c
++++ b/net/mac80211/main.c
+@@ -956,6 +956,8 @@ int ieee80211_register_hw(struct ieee802
+ if (local->hw.wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS)
+ local->hw.wiphy->flags |= WIPHY_FLAG_TDLS_EXTERNAL_SETUP;
+
++ local->hw.wiphy->max_num_csa_counters = IEEE80211_MAX_CSA_COUNTERS_NUM;
++
+ result = wiphy_register(local->hw.wiphy);
+ if (result < 0)
+ goto fail_wiphy_register;
+--- a/net/mac80211/mesh.c
++++ b/net/mac80211/mesh.c
+@@ -679,7 +679,7 @@ ieee80211_mesh_build_beacon(struct ieee8
+ *pos++ = 0x0;
+ *pos++ = ieee80211_frequency_to_channel(
+ csa->settings.chandef.chan->center_freq);
+- sdata->csa_counter_offset_beacon = hdr_len + 6;
++ sdata->csa_counter_offset_beacon[0] = hdr_len + 6;
+ *pos++ = csa->settings.count;
+ *pos++ = WLAN_EID_CHAN_SWITCH_PARAM;
+ *pos++ = 6;
+--- a/net/mac80211/mesh_pathtbl.c
++++ b/net/mac80211/mesh_pathtbl.c
+@@ -287,8 +287,10 @@ static void mesh_path_move_to_queue(stru
+ struct sk_buff_head failq;
+ unsigned long flags;
-+TRACE_EVENT(drv_channel_switch_beacon,
-+ TP_PROTO(struct ieee80211_local *local,
-+ struct ieee80211_sub_if_data *sdata,
-+ struct cfg80211_chan_def *chandef),
+- BUG_ON(gate_mpath == from_mpath);
+- BUG_ON(!gate_mpath->next_hop);
++ if (WARN_ON(gate_mpath == from_mpath))
++ return;
++ if (WARN_ON(!gate_mpath->next_hop))
++ return;
+
+ __skb_queue_head_init(&failq);
+
+--- a/net/mac80211/mesh_sync.c
++++ b/net/mac80211/mesh_sync.c
+@@ -171,7 +171,7 @@ static void mesh_sync_offset_adjust_tbtt
+ u8 cap;
+
+ WARN_ON(ifmsh->mesh_sp_id != IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET);
+- BUG_ON(!rcu_read_lock_held());
++ WARN_ON(!rcu_read_lock_held());
+ cap = beacon->meshconf->meshconf_cap;
+
+ spin_lock_bh(&ifmsh->sync_offset_lock);
+--- a/net/mac80211/mlme.c
++++ b/net/mac80211/mlme.c
+@@ -975,16 +975,23 @@ static void ieee80211_chswitch_work(stru
+ /* XXX: shouldn't really modify cfg80211-owned data! */
+ ifmgd->associated->channel = sdata->csa_chandef.chan;
+
++ ieee80211_bss_info_change_notify(sdata, changed);
+
-+ TP_ARGS(local, sdata, chandef),
++ mutex_lock(&local->mtx);
++ sdata->vif.csa_active = false;
+ /* XXX: wait for a beacon first? */
+- ieee80211_wake_queues_by_reason(&local->hw,
++ if (!ieee80211_csa_needs_block_tx(local))
++ ieee80211_wake_queues_by_reason(&local->hw,
+ IEEE80211_MAX_QUEUE_MAP,
+ IEEE80211_QUEUE_STOP_REASON_CSA);
++ mutex_unlock(&local->mtx);
+
+- ieee80211_bss_info_change_notify(sdata, changed);
+-
+- out:
+- sdata->vif.csa_active = false;
+ ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
+
-+ TP_STRUCT__entry(
-+ LOCAL_ENTRY
-+ VIF_ENTRY
-+ CHANDEF_ENTRY
-+ ),
++ ieee80211_sta_reset_beacon_monitor(sdata);
++ ieee80211_sta_reset_conn_monitor(sdata);
+
-+ TP_fast_assign(
-+ LOCAL_ASSIGN;
-+ VIF_ASSIGN;
-+ CHANDEF_ASSIGN(chandef);
-+ ),
++out:
+ sdata_unlock(sdata);
+ }
+
+@@ -1100,12 +1107,16 @@ ieee80211_sta_process_chanswitch(struct
+ mutex_unlock(&local->chanctx_mtx);
+
+ sdata->csa_chandef = csa_ie.chandef;
+
-+ TP_printk(
-+ LOCAL_PR_FMT VIF_PR_FMT " channel switch to " CHANDEF_PR_FMT,
-+ LOCAL_PR_ARG, VIF_PR_ARG, CHANDEF_PR_ARG
-+ )
-+);
++ mutex_lock(&local->mtx);
+ sdata->vif.csa_active = true;
++ sdata->csa_block_tx = csa_ie.mode;
+
+- if (csa_ie.mode)
++ if (sdata->csa_block_tx)
+ ieee80211_stop_queues_by_reason(&local->hw,
+- IEEE80211_MAX_QUEUE_MAP,
+- IEEE80211_QUEUE_STOP_REASON_CSA);
++ IEEE80211_MAX_QUEUE_MAP,
++ IEEE80211_QUEUE_STOP_REASON_CSA);
++ mutex_unlock(&local->mtx);
+
+ if (local->ops->channel_switch) {
+ /* use driver's channel switch callback */
+@@ -1817,6 +1828,12 @@ static void ieee80211_set_disassoc(struc
+ ifmgd->flags = 0;
+ mutex_lock(&local->mtx);
+ ieee80211_vif_release_channel(sdata);
++
++ sdata->vif.csa_active = false;
++ if (!ieee80211_csa_needs_block_tx(local))
++ ieee80211_wake_queues_by_reason(&local->hw,
++ IEEE80211_MAX_QUEUE_MAP,
++ IEEE80211_QUEUE_STOP_REASON_CSA);
+ mutex_unlock(&local->mtx);
+
+ sdata->encrypt_headroom = IEEE80211_ENCRYPT_HEADROOM;
+@@ -2045,6 +2062,7 @@ EXPORT_SYMBOL(ieee80211_ap_probereq_get)
+
+ static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata)
+ {
++ struct ieee80211_local *local = sdata->local;
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
+
+@@ -2058,10 +2076,14 @@ static void __ieee80211_disconnect(struc
+ WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
+ true, frame_buf);
+ ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
++
++ mutex_lock(&local->mtx);
+ sdata->vif.csa_active = false;
+- ieee80211_wake_queues_by_reason(&sdata->local->hw,
++ if (!ieee80211_csa_needs_block_tx(local))
++ ieee80211_wake_queues_by_reason(&local->hw,
+ IEEE80211_MAX_QUEUE_MAP,
+ IEEE80211_QUEUE_STOP_REASON_CSA);
++ mutex_unlock(&local->mtx);
+
+ cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
+ IEEE80211_DEAUTH_FRAME_LEN);
+@@ -3546,6 +3568,9 @@ static void ieee80211_sta_bcn_mon_timer(
+ if (local->quiescing)
+ return;
+
++ if (sdata->vif.csa_active)
++ return;
+
+ sdata->u.mgd.connection_loss = false;
+ ieee80211_queue_work(&sdata->local->hw,
+ &sdata->u.mgd.beacon_connection_loss_work);
+@@ -3561,6 +3586,9 @@ static void ieee80211_sta_conn_mon_timer
+ if (local->quiescing)
+ return;
+
++ if (sdata->vif.csa_active)
++ return;
+
- #ifdef CPTCFG_MAC80211_MESSAGE_TRACING
- #undef TRACE_SYSTEM
- #define TRACE_SYSTEM mac80211_msg
---- a/net/mac80211/tx.c
-+++ b/net/mac80211/tx.c
-@@ -1101,7 +1101,8 @@ ieee80211_tx_prepare(struct ieee80211_su
- tx->sta = rcu_dereference(sdata->u.vlan.sta);
- if (!tx->sta && sdata->dev->ieee80211_ptr->use_4addr)
- return TX_DROP;
-- } else if (info->flags & IEEE80211_TX_CTL_INJECTED ||
-+ } else if (info->flags & (IEEE80211_TX_CTL_INJECTED |
-+ IEEE80211_TX_INTFL_NL80211_FRAME_TX) ||
- tx->sdata->control_port_protocol == tx->skb->protocol) {
- tx->sta = sta_info_get_bss(sdata, hdr->addr1);
- }
-@@ -2326,6 +2327,81 @@ static int ieee80211_beacon_add_tim(stru
- return 0;
+ ieee80211_queue_work(&local->hw, &ifmgd->monitor_work);
+ }
+
+--- a/net/mac80211/rc80211_minstrel_ht.c
++++ b/net/mac80211/rc80211_minstrel_ht.c
+@@ -22,7 +22,7 @@
+ #define MCS_NBITS (AVG_PKT_SIZE << 3)
+
+ /* Number of symbols for a packet with (bps) bits per symbol */
+-#define MCS_NSYMS(bps) ((MCS_NBITS + (bps) - 1) / (bps))
++#define MCS_NSYMS(bps) DIV_ROUND_UP(MCS_NBITS, (bps))
+
+ /* Transmission time (nanoseconds) for a packet containing (syms) symbols */
+ #define MCS_SYMBOL_TIME(sgi, syms) \
+@@ -226,8 +226,9 @@ minstrel_ht_calc_tp(struct minstrel_ht_s
+ nsecs = 1000 * mi->overhead / MINSTREL_TRUNC(mi->avg_ampdu_len);
+
+ nsecs += minstrel_mcs_groups[group].duration[rate];
+- tp = 1000000 * ((prob * 1000) / nsecs);
+
++ /* prob is scaled - see MINSTREL_FRAC above */
++ tp = 1000000 * ((prob * 1000) / nsecs);
+ mr->cur_tp = MINSTREL_TRUNC(tp);
+ }
+
+--- a/net/mac80211/scan.c
++++ b/net/mac80211/scan.c
+@@ -1076,12 +1076,8 @@ void ieee80211_sched_scan_results(struct
+ }
+ EXPORT_SYMBOL(ieee80211_sched_scan_results);
+
+-void ieee80211_sched_scan_stopped_work(struct work_struct *work)
++void ieee80211_sched_scan_end(struct ieee80211_local *local)
+ {
+- struct ieee80211_local *local =
+- container_of(work, struct ieee80211_local,
+- sched_scan_stopped_work);
+-
+ mutex_lock(&local->mtx);
+
+ if (!rcu_access_pointer(local->sched_scan_sdata)) {
+@@ -1099,6 +1095,15 @@ void ieee80211_sched_scan_stopped_work(s
+ cfg80211_sched_scan_stopped(local->hw.wiphy);
}
-+void ieee80211_csa_finish(struct ieee80211_vif *vif)
++void ieee80211_sched_scan_stopped_work(struct work_struct *work)
+{
-+ struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
++ struct ieee80211_local *local =
++ container_of(work, struct ieee80211_local,
++ sched_scan_stopped_work);
+
-+ ieee80211_queue_work(&sdata->local->hw,
-+ &sdata->csa_finalize_work);
++ ieee80211_sched_scan_end(local);
+}
-+EXPORT_SYMBOL(ieee80211_csa_finish);
-+
-+static void ieee80211_update_csa(struct ieee80211_sub_if_data *sdata,
-+ struct beacon_data *beacon)
-+{
-+ struct probe_resp *resp;
-+ int counter_offset_beacon = sdata->csa_counter_offset_beacon;
-+ int counter_offset_presp = sdata->csa_counter_offset_presp;
-+
-+ /* warn if the driver did not check for/react to csa completeness */
-+ if (WARN_ON(((u8 *)beacon->tail)[counter_offset_beacon] == 0))
-+ return;
+
-+ ((u8 *)beacon->tail)[counter_offset_beacon]--;
+ void ieee80211_sched_scan_stopped(struct ieee80211_hw *hw)
+ {
+ struct ieee80211_local *local = hw_to_local(hw);
+--- /dev/null
++++ b/net/mac80211/tdls.c
+@@ -0,0 +1,325 @@
++/*
++ * mac80211 TDLS handling code
++ *
++ * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
++ * Copyright 2014, Intel Corporation
++ *
++ * This file is GPLv2 as found in COPYING.
++ */
+
-+ if (sdata->vif.type == NL80211_IFTYPE_AP &&
-+ counter_offset_presp) {
-+ rcu_read_lock();
-+ resp = rcu_dereference(sdata->u.ap.probe_resp);
++#include <linux/ieee80211.h>
++#include "ieee80211_i.h"
+
-+ /* if nl80211 accepted the offset, this should not happen. */
-+ if (WARN_ON(!resp)) {
-+ rcu_read_unlock();
-+ return;
-+ }
-+ resp->data[counter_offset_presp]--;
-+ rcu_read_unlock();
-+ }
++static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
++{
++ u8 *pos = (void *)skb_put(skb, 7);
++
++ *pos++ = WLAN_EID_EXT_CAPABILITY;
++ *pos++ = 5; /* len */
++ *pos++ = 0x0;
++ *pos++ = 0x0;
++ *pos++ = 0x0;
++ *pos++ = 0x0;
++ *pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
+}
+
-+bool ieee80211_csa_is_complete(struct ieee80211_vif *vif)
++static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata)
+{
-+ struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
-+ struct beacon_data *beacon = NULL;
-+ u8 *beacon_data;
-+ size_t beacon_data_len;
-+ int counter_beacon = sdata->csa_counter_offset_beacon;
-+ int ret = false;
-+
-+ if (!ieee80211_sdata_running(sdata))
-+ return false;
-+
-+ rcu_read_lock();
-+ if (vif->type == NL80211_IFTYPE_AP) {
-+ struct ieee80211_if_ap *ap = &sdata->u.ap;
-+
-+ beacon = rcu_dereference(ap->beacon);
-+ if (WARN_ON(!beacon || !beacon->tail))
-+ goto out;
-+ beacon_data = beacon->tail;
-+ beacon_data_len = beacon->tail_len;
-+ } else {
-+ WARN_ON(1);
-+ goto out;
-+ }
++ struct ieee80211_local *local = sdata->local;
++ u16 capab;
+
-+ if (WARN_ON(counter_beacon > beacon_data_len))
-+ goto out;
++ capab = 0;
++ if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
++ return capab;
+
-+ if (beacon_data[counter_beacon] == 0)
-+ ret = true;
-+ out:
-+ rcu_read_unlock();
++ if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
++ capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
++ if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
++ capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
+
-+ return ret;
++ return capab;
+}
-+EXPORT_SYMBOL(ieee80211_csa_is_complete);
-+
- struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
- struct ieee80211_vif *vif,
- u16 *tim_offset, u16 *tim_length)
-@@ -2356,6 +2432,9 @@ struct sk_buff *ieee80211_beacon_get_tim
- struct beacon_data *beacon = rcu_dereference(ap->beacon);
-
- if (beacon) {
-+ if (sdata->vif.csa_active)
-+ ieee80211_update_csa(sdata, beacon);
+
- /*
- * headroom, head length,
- * tail length and maximum TIM length
---- a/net/wireless/rdev-ops.h
-+++ b/net/wireless/rdev-ops.h
-@@ -923,4 +923,16 @@ static inline void rdev_crit_proto_stop(
- trace_rdev_return_void(&rdev->wiphy);
- }
-
-+static inline int rdev_channel_switch(struct cfg80211_registered_device *rdev,
-+ struct net_device *dev,
-+ struct cfg80211_csa_settings *params)
++static void ieee80211_tdls_add_link_ie(struct sk_buff *skb, const u8 *src_addr,
++ const u8 *peer, const u8 *bssid)
+{
-+ int ret;
-+
-+ trace_rdev_channel_switch(&rdev->wiphy, dev, params);
-+ ret = rdev->ops->channel_switch(&rdev->wiphy, dev, params);
-+ trace_rdev_return_int(&rdev->wiphy, ret);
-+ return ret;
-+}
++ struct ieee80211_tdls_lnkie *lnkid;
+
- #endif /* __CFG80211_RDEV_OPS */
---- a/net/wireless/trace.h
-+++ b/net/wireless/trace.h
-@@ -1841,6 +1841,39 @@ TRACE_EVENT(rdev_crit_proto_stop,
- WIPHY_PR_ARG, WDEV_PR_ARG)
- );
-
-+TRACE_EVENT(rdev_channel_switch,
-+ TP_PROTO(struct wiphy *wiphy, struct net_device *netdev,
-+ struct cfg80211_csa_settings *params),
-+ TP_ARGS(wiphy, netdev, params),
-+ TP_STRUCT__entry(
-+ WIPHY_ENTRY
-+ NETDEV_ENTRY
-+ CHAN_DEF_ENTRY
-+ __field(u16, counter_offset_beacon)
-+ __field(u16, counter_offset_presp)
-+ __field(bool, radar_required)
-+ __field(bool, block_tx)
-+ __field(u8, count)
-+ ),
-+ TP_fast_assign(
-+ WIPHY_ASSIGN;
-+ NETDEV_ASSIGN;
-+ CHAN_DEF_ASSIGN(¶ms->chandef);
-+ __entry->counter_offset_beacon = params->counter_offset_beacon;
-+ __entry->counter_offset_presp = params->counter_offset_presp;
-+ __entry->radar_required = params->radar_required;
-+ __entry->block_tx = params->block_tx;
-+ __entry->count = params->count;
-+ ),
-+ TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", " CHAN_DEF_PR_FMT
-+ ", block_tx: %d, count: %u, radar_required: %d"
-+ ", counter offsets (beacon/presp): %u/%u",
-+ WIPHY_PR_ARG, NETDEV_PR_ARG, CHAN_DEF_PR_ARG,
-+ __entry->block_tx, __entry->count, __entry->radar_required,
-+ __entry->counter_offset_beacon,
-+ __entry->counter_offset_presp)
-+);
++ lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
+
- /*************************************************************
- * cfg80211 exported functions traces *
- *************************************************************/
---- a/drivers/net/wireless/ath/ath.h
-+++ b/drivers/net/wireless/ath/ath.h
-@@ -159,7 +159,7 @@ struct ath_common {
-
- bool btcoex_enabled;
- bool disable_ani;
-- bool antenna_diversity;
-+ bool bt_ant_diversity;
- };
-
- struct sk_buff *ath_rxbuf_alloc(struct ath_common *common,
---- a/drivers/net/wireless/ath/ath9k/antenna.c
-+++ b/drivers/net/wireless/ath/ath9k/antenna.c
-@@ -16,37 +16,119 @@
-
- #include "ath9k.h"
-
--static inline bool ath_is_alt_ant_ratio_better(int alt_ratio, int maxdelta,
-+/*
-+ * AR9285
-+ * ======
-+ *
-+ * EEPROM has 2 4-bit fields containing the card configuration.
-+ *
-+ * antdiv_ctl1:
-+ * ------------
-+ * bb_enable_ant_div_lnadiv : 1
-+ * bb_ant_div_alt_gaintb : 1
-+ * bb_ant_div_main_gaintb : 1
-+ * bb_enable_ant_fast_div : 1
-+ *
-+ * antdiv_ctl2:
-+ * -----------
-+ * bb_ant_div_alt_lnaconf : 2
-+ * bb_ant_div_main_lnaconf : 2
-+ *
-+ * The EEPROM bits are used as follows:
-+ * ------------------------------------
-+ *
-+ * bb_enable_ant_div_lnadiv - Enable LNA path rx antenna diversity/combining.
-+ * Set in AR_PHY_MULTICHAIN_GAIN_CTL.
-+ *
-+ * bb_ant_div_[alt/main]_gaintb - 0 -> Antenna config Alt/Main uses gaintable 0
-+ * 1 -> Antenna config Alt/Main uses gaintable 1
-+ * Set in AR_PHY_MULTICHAIN_GAIN_CTL.
-+ *
-+ * bb_enable_ant_fast_div - Enable fast antenna diversity.
-+ * Set in AR_PHY_CCK_DETECT.
-+ *
-+ * bb_ant_div_[alt/main]_lnaconf - Alt/Main LNA diversity/combining input config.
-+ * Set in AR_PHY_MULTICHAIN_GAIN_CTL.
-+ * 10=LNA1
-+ * 01=LNA2
-+ * 11=LNA1+LNA2
-+ * 00=LNA1-LNA2
-+ *
-+ * AR9485 / AR9565 / AR9331
-+ * ========================
-+ *
-+ * The same bits are present in the EEPROM, but the location in the
-+ * EEPROM is different (ant_div_control in ar9300_BaseExtension_1).
-+ *
-+ * ant_div_alt_lnaconf ==> bit 0~1
-+ * ant_div_main_lnaconf ==> bit 2~3
-+ * ant_div_alt_gaintb ==> bit 4
-+ * ant_div_main_gaintb ==> bit 5
-+ * enable_ant_div_lnadiv ==> bit 6
-+ * enable_ant_fast_div ==> bit 7
-+ */
++ lnkid->ie_type = WLAN_EID_LINK_ID;
++ lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
+
-+static inline bool ath_is_alt_ant_ratio_better(struct ath_ant_comb *antcomb,
-+ int alt_ratio, int maxdelta,
- int mindelta, int main_rssi_avg,
- int alt_rssi_avg, int pkt_count)
- {
-- return (((alt_ratio >= ATH_ANT_DIV_COMB_ALT_ANT_RATIO2) &&
-- (alt_rssi_avg > main_rssi_avg + maxdelta)) ||
-- (alt_rssi_avg > main_rssi_avg + mindelta)) && (pkt_count > 50);
-+ if (pkt_count <= 50)
-+ return false;
++ memcpy(lnkid->bssid, bssid, ETH_ALEN);
++ memcpy(lnkid->init_sta, src_addr, ETH_ALEN);
++ memcpy(lnkid->resp_sta, peer, ETH_ALEN);
++}
+
-+ if (alt_rssi_avg > main_rssi_avg + mindelta)
-+ return true;
++static int
++ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *peer, u8 action_code, u8 dialog_token,
++ u16 status_code, struct sk_buff *skb)
++{
++ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
++ enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
++ struct ieee80211_tdls_data *tf;
+
-+ if (alt_ratio >= antcomb->ant_ratio2 &&
-+ alt_rssi_avg >= antcomb->low_rssi_thresh &&
-+ (alt_rssi_avg > main_rssi_avg + maxdelta))
-+ return true;
++ tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
+
-+ return false;
- }
-
--static inline bool ath_ant_div_comb_alt_check(u8 div_group, int alt_ratio,
-- int curr_main_set, int curr_alt_set,
-- int alt_rssi_avg, int main_rssi_avg)
-+static inline bool ath_ant_div_comb_alt_check(struct ath_hw_antcomb_conf *conf,
-+ struct ath_ant_comb *antcomb,
-+ int alt_ratio, int alt_rssi_avg,
-+ int main_rssi_avg)
- {
-- bool result = false;
-- switch (div_group) {
-+ bool result, set1, set2;
++ memcpy(tf->da, peer, ETH_ALEN);
++ memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
++ tf->ether_type = cpu_to_be16(ETH_P_TDLS);
++ tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
+
-+ result = set1 = set2 = false;
++ switch (action_code) {
++ case WLAN_TDLS_SETUP_REQUEST:
++ tf->category = WLAN_CATEGORY_TDLS;
++ tf->action_code = WLAN_TDLS_SETUP_REQUEST;
+
-+ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2 &&
-+ conf->alt_lna_conf == ATH_ANT_DIV_COMB_LNA1)
-+ set1 = true;
++ skb_put(skb, sizeof(tf->u.setup_req));
++ tf->u.setup_req.dialog_token = dialog_token;
++ tf->u.setup_req.capability =
++ cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
+
-+ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA1 &&
-+ conf->alt_lna_conf == ATH_ANT_DIV_COMB_LNA2)
-+ set2 = true;
++ ieee80211_add_srates_ie(sdata, skb, false, band);
++ ieee80211_add_ext_srates_ie(sdata, skb, false, band);
++ ieee80211_tdls_add_ext_capab(skb);
++ break;
++ case WLAN_TDLS_SETUP_RESPONSE:
++ tf->category = WLAN_CATEGORY_TDLS;
++ tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
++
++ skb_put(skb, sizeof(tf->u.setup_resp));
++ tf->u.setup_resp.status_code = cpu_to_le16(status_code);
++ tf->u.setup_resp.dialog_token = dialog_token;
++ tf->u.setup_resp.capability =
++ cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
++
++ ieee80211_add_srates_ie(sdata, skb, false, band);
++ ieee80211_add_ext_srates_ie(sdata, skb, false, band);
++ ieee80211_tdls_add_ext_capab(skb);
++ break;
++ case WLAN_TDLS_SETUP_CONFIRM:
++ tf->category = WLAN_CATEGORY_TDLS;
++ tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
+
-+ switch (conf->div_group) {
- case 0:
- if (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO)
- result = true;
- break;
- case 1:
- case 2:
-- if ((((curr_main_set == ATH_ANT_DIV_COMB_LNA2) &&
-- (curr_alt_set == ATH_ANT_DIV_COMB_LNA1) &&
-- (alt_rssi_avg >= (main_rssi_avg - 5))) ||
-- ((curr_main_set == ATH_ANT_DIV_COMB_LNA1) &&
-- (curr_alt_set == ATH_ANT_DIV_COMB_LNA2) &&
-- (alt_rssi_avg >= (main_rssi_avg - 2)))) &&
-- (alt_rssi_avg >= 4))
-+ if (alt_rssi_avg < 4 || alt_rssi_avg < antcomb->low_rssi_thresh)
-+ break;
++ skb_put(skb, sizeof(tf->u.setup_cfm));
++ tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
++ tf->u.setup_cfm.dialog_token = dialog_token;
++ break;
++ case WLAN_TDLS_TEARDOWN:
++ tf->category = WLAN_CATEGORY_TDLS;
++ tf->action_code = WLAN_TDLS_TEARDOWN;
+
-+ if ((set1 && (alt_rssi_avg >= (main_rssi_avg - 5))) ||
-+ (set2 && (alt_rssi_avg >= (main_rssi_avg - 2))) ||
-+ (alt_ratio > antcomb->ant_ratio))
- result = true;
-- else
-- result = false;
++ skb_put(skb, sizeof(tf->u.teardown));
++ tf->u.teardown.reason_code = cpu_to_le16(status_code);
++ break;
++ case WLAN_TDLS_DISCOVERY_REQUEST:
++ tf->category = WLAN_CATEGORY_TDLS;
++ tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
+
++ skb_put(skb, sizeof(tf->u.discover_req));
++ tf->u.discover_req.dialog_token = dialog_token;
+ break;
-+ case 3:
-+ if (alt_rssi_avg < 4 || alt_rssi_avg < antcomb->low_rssi_thresh)
-+ break;
++ default:
++ return -EINVAL;
++ }
+
-+ if ((set1 && (alt_rssi_avg >= (main_rssi_avg - 3))) ||
-+ (set2 && (alt_rssi_avg >= (main_rssi_avg + 3))) ||
-+ (alt_ratio > antcomb->ant_ratio))
-+ result = true;
++ return 0;
++}
+
- break;
- }
-
-@@ -108,6 +190,74 @@ static void ath_lnaconf_alt_good_scan(st
- }
- }
-
-+static void ath_ant_set_alt_ratio(struct ath_ant_comb *antcomb,
-+ struct ath_hw_antcomb_conf *conf)
++static int
++ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *peer, u8 action_code, u8 dialog_token,
++ u16 status_code, struct sk_buff *skb)
+{
-+ /* set alt to the conf with maximun ratio */
-+ if (antcomb->first_ratio && antcomb->second_ratio) {
-+ if (antcomb->rssi_second > antcomb->rssi_third) {
-+ /* first alt*/
-+ if ((antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
-+ (antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2))
-+ /* Set alt LNA1 or LNA2*/
-+ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ else
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ else
-+ /* Set alt to A+B or A-B */
-+ conf->alt_lna_conf =
-+ antcomb->first_quick_scan_conf;
-+ } else if ((antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
-+ (antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2)) {
-+ /* Set alt LNA1 or LNA2 */
-+ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ else
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ } else {
-+ /* Set alt to A+B or A-B */
-+ conf->alt_lna_conf = antcomb->second_quick_scan_conf;
-+ }
-+ } else if (antcomb->first_ratio) {
-+ /* first alt */
-+ if ((antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
-+ (antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2))
-+ /* Set alt LNA1 or LNA2 */
-+ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ else
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ else
-+ /* Set alt to A+B or A-B */
-+ conf->alt_lna_conf = antcomb->first_quick_scan_conf;
-+ } else if (antcomb->second_ratio) {
-+ /* second alt */
-+ if ((antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
-+ (antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2))
-+ /* Set alt LNA1 or LNA2 */
-+ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ else
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ else
-+ /* Set alt to A+B or A-B */
-+ conf->alt_lna_conf = antcomb->second_quick_scan_conf;
-+ } else {
-+ /* main is largest */
-+ if ((antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) ||
-+ (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2))
-+ /* Set alt LNA1 or LNA2 */
-+ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ else
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ else
-+ /* Set alt to A+B or A-B */
-+ conf->alt_lna_conf = antcomb->main_conf;
++ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
++ enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
++ struct ieee80211_mgmt *mgmt;
++
++ mgmt = (void *)skb_put(skb, 24);
++ memset(mgmt, 0, 24);
++ memcpy(mgmt->da, peer, ETH_ALEN);
++ memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
++ memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
++
++ mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
++ IEEE80211_STYPE_ACTION);
++
++ switch (action_code) {
++ case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
++ skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
++ mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
++ mgmt->u.action.u.tdls_discover_resp.action_code =
++ WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
++ mgmt->u.action.u.tdls_discover_resp.dialog_token =
++ dialog_token;
++ mgmt->u.action.u.tdls_discover_resp.capability =
++ cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
++
++ ieee80211_add_srates_ie(sdata, skb, false, band);
++ ieee80211_add_ext_srates_ie(sdata, skb, false, band);
++ ieee80211_tdls_add_ext_capab(skb);
++ break;
++ default:
++ return -EINVAL;
+ }
++
++ return 0;
+}
+
- static void ath_select_ant_div_from_quick_scan(struct ath_ant_comb *antcomb,
- struct ath_hw_antcomb_conf *div_ant_conf,
- int main_rssi_avg, int alt_rssi_avg,
-@@ -129,7 +279,7 @@ static void ath_select_ant_div_from_quic
-
- if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) {
- /* main is LNA1 */
-- if (ath_is_alt_ant_ratio_better(alt_ratio,
-+ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
- ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
- ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
- main_rssi_avg, alt_rssi_avg,
-@@ -138,7 +288,7 @@ static void ath_select_ant_div_from_quic
- else
- antcomb->first_ratio = false;
- } else if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2) {
-- if (ath_is_alt_ant_ratio_better(alt_ratio,
-+ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
- ATH_ANT_DIV_COMB_LNA1_DELTA_MID,
- ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
- main_rssi_avg, alt_rssi_avg,
-@@ -147,11 +297,11 @@ static void ath_select_ant_div_from_quic
- else
- antcomb->first_ratio = false;
- } else {
-- if ((((alt_ratio >= ATH_ANT_DIV_COMB_ALT_ANT_RATIO2) &&
-- (alt_rssi_avg > main_rssi_avg +
-- ATH_ANT_DIV_COMB_LNA1_DELTA_HI)) ||
-- (alt_rssi_avg > main_rssi_avg)) &&
-- (antcomb->total_pkt_count > 50))
-+ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
-+ ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
-+ 0,
-+ main_rssi_avg, alt_rssi_avg,
-+ antcomb->total_pkt_count))
- antcomb->first_ratio = true;
- else
- antcomb->first_ratio = false;
-@@ -164,17 +314,21 @@ static void ath_select_ant_div_from_quic
- antcomb->rssi_first = main_rssi_avg;
- antcomb->rssi_third = alt_rssi_avg;
-
-- if (antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1)
-+ switch(antcomb->second_quick_scan_conf) {
-+ case ATH_ANT_DIV_COMB_LNA1:
- antcomb->rssi_lna1 = alt_rssi_avg;
-- else if (antcomb->second_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA2)
-+ break;
-+ case ATH_ANT_DIV_COMB_LNA2:
- antcomb->rssi_lna2 = alt_rssi_avg;
-- else if (antcomb->second_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2) {
-+ break;
-+ case ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2:
- if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2)
- antcomb->rssi_lna2 = main_rssi_avg;
- else if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1)
- antcomb->rssi_lna1 = main_rssi_avg;
-+ break;
-+ default:
-+ break;
- }
-
- if (antcomb->rssi_lna2 > antcomb->rssi_lna1 +
-@@ -184,7 +338,7 @@ static void ath_select_ant_div_from_quic
- div_ant_conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-
- if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) {
-- if (ath_is_alt_ant_ratio_better(alt_ratio,
-+ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
- ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
- ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
- main_rssi_avg, alt_rssi_avg,
-@@ -193,7 +347,7 @@ static void ath_select_ant_div_from_quic
- else
- antcomb->second_ratio = false;
- } else if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2) {
-- if (ath_is_alt_ant_ratio_better(alt_ratio,
-+ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
- ATH_ANT_DIV_COMB_LNA1_DELTA_MID,
- ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
- main_rssi_avg, alt_rssi_avg,
-@@ -202,105 +356,18 @@ static void ath_select_ant_div_from_quic
- else
- antcomb->second_ratio = false;
- } else {
-- if ((((alt_ratio >= ATH_ANT_DIV_COMB_ALT_ANT_RATIO2) &&
-- (alt_rssi_avg > main_rssi_avg +
-- ATH_ANT_DIV_COMB_LNA1_DELTA_HI)) ||
-- (alt_rssi_avg > main_rssi_avg)) &&
-- (antcomb->total_pkt_count > 50))
-+ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
-+ ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
-+ 0,
-+ main_rssi_avg, alt_rssi_avg,
-+ antcomb->total_pkt_count))
- antcomb->second_ratio = true;
- else
- antcomb->second_ratio = false;
- }
-
-- /* set alt to the conf with maximun ratio */
-- if (antcomb->first_ratio && antcomb->second_ratio) {
-- if (antcomb->rssi_second > antcomb->rssi_third) {
-- /* first alt*/
-- if ((antcomb->first_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA1) ||
-- (antcomb->first_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA2))
-- /* Set alt LNA1 or LNA2*/
-- if (div_ant_conf->main_lna_conf ==
-- ATH_ANT_DIV_COMB_LNA2)
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- else
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- else
-- /* Set alt to A+B or A-B */
-- div_ant_conf->alt_lna_conf =
-- antcomb->first_quick_scan_conf;
-- } else if ((antcomb->second_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA1) ||
-- (antcomb->second_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA2)) {
-- /* Set alt LNA1 or LNA2 */
-- if (div_ant_conf->main_lna_conf ==
-- ATH_ANT_DIV_COMB_LNA2)
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- else
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- } else {
-- /* Set alt to A+B or A-B */
-- div_ant_conf->alt_lna_conf =
-- antcomb->second_quick_scan_conf;
-- }
-- } else if (antcomb->first_ratio) {
-- /* first alt */
-- if ((antcomb->first_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA1) ||
-- (antcomb->first_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA2))
-- /* Set alt LNA1 or LNA2 */
-- if (div_ant_conf->main_lna_conf ==
-- ATH_ANT_DIV_COMB_LNA2)
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- else
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- else
-- /* Set alt to A+B or A-B */
-- div_ant_conf->alt_lna_conf =
-- antcomb->first_quick_scan_conf;
-- } else if (antcomb->second_ratio) {
-- /* second alt */
-- if ((antcomb->second_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA1) ||
-- (antcomb->second_quick_scan_conf ==
-- ATH_ANT_DIV_COMB_LNA2))
-- /* Set alt LNA1 or LNA2 */
-- if (div_ant_conf->main_lna_conf ==
-- ATH_ANT_DIV_COMB_LNA2)
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- else
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- else
-- /* Set alt to A+B or A-B */
-- div_ant_conf->alt_lna_conf =
-- antcomb->second_quick_scan_conf;
-- } else {
-- /* main is largest */
-- if ((antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) ||
-- (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2))
-- /* Set alt LNA1 or LNA2 */
-- if (div_ant_conf->main_lna_conf ==
-- ATH_ANT_DIV_COMB_LNA2)
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- else
-- div_ant_conf->alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- else
-- /* Set alt to A+B or A-B */
-- div_ant_conf->alt_lna_conf = antcomb->main_conf;
-- }
-+ ath_ant_set_alt_ratio(antcomb, div_ant_conf);
++int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *peer, u8 action_code, u8 dialog_token,
++ u16 status_code, u32 peer_capability,
++ const u8 *extra_ies, size_t extra_ies_len)
++{
++ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
++ struct ieee80211_local *local = sdata->local;
++ struct sk_buff *skb = NULL;
++ bool send_direct;
++ int ret;
+
- break;
- default:
- break;
-@@ -430,8 +497,7 @@ static void ath_ant_div_conf_fast_divbia
- ant_conf->fast_div_bias = 0x1;
- break;
- case 0x10: /* LNA2 A-B */
-- if (!(antcomb->scan) &&
-- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
-+ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
- ant_conf->fast_div_bias = 0x1;
- else
- ant_conf->fast_div_bias = 0x2;
-@@ -440,15 +506,13 @@ static void ath_ant_div_conf_fast_divbia
- ant_conf->fast_div_bias = 0x1;
- break;
- case 0x13: /* LNA2 A+B */
-- if (!(antcomb->scan) &&
-- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
-+ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
- ant_conf->fast_div_bias = 0x1;
- else
- ant_conf->fast_div_bias = 0x2;
- break;
- case 0x20: /* LNA1 A-B */
-- if (!(antcomb->scan) &&
-- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
-+ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
- ant_conf->fast_div_bias = 0x1;
- else
- ant_conf->fast_div_bias = 0x2;
-@@ -457,8 +521,7 @@ static void ath_ant_div_conf_fast_divbia
- ant_conf->fast_div_bias = 0x1;
- break;
- case 0x23: /* LNA1 A+B */
-- if (!(antcomb->scan) &&
-- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
-+ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
- ant_conf->fast_div_bias = 0x1;
- else
- ant_conf->fast_div_bias = 0x2;
-@@ -475,6 +538,9 @@ static void ath_ant_div_conf_fast_divbia
- default:
- break;
- }
++ if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
++ return -ENOTSUPP;
+
-+ if (antcomb->fast_div_bias)
-+ ant_conf->fast_div_bias = antcomb->fast_div_bias;
- } else if (ant_conf->div_group == 3) {
- switch ((ant_conf->main_lna_conf << 4) |
- ant_conf->alt_lna_conf) {
-@@ -540,6 +606,138 @@ static void ath_ant_div_conf_fast_divbia
- }
- }
-
-+static void ath_ant_try_scan(struct ath_ant_comb *antcomb,
-+ struct ath_hw_antcomb_conf *conf,
-+ int curr_alt_set, int alt_rssi_avg,
-+ int main_rssi_avg)
-+{
-+ switch (curr_alt_set) {
-+ case ATH_ANT_DIV_COMB_LNA2:
-+ antcomb->rssi_lna2 = alt_rssi_avg;
-+ antcomb->rssi_lna1 = main_rssi_avg;
-+ antcomb->scan = true;
-+ /* set to A+B */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
++ /* make sure we are in managed mode, and associated */
++ if (sdata->vif.type != NL80211_IFTYPE_STATION ||
++ !sdata->u.mgd.associated)
++ return -EINVAL;
++
++ tdls_dbg(sdata, "TDLS mgmt action %d peer %pM\n",
++ action_code, peer);
++
++ skb = dev_alloc_skb(local->hw.extra_tx_headroom +
++ max(sizeof(struct ieee80211_mgmt),
++ sizeof(struct ieee80211_tdls_data)) +
++ 50 + /* supported rates */
++ 7 + /* ext capab */
++ extra_ies_len +
++ sizeof(struct ieee80211_tdls_lnkie));
++ if (!skb)
++ return -ENOMEM;
++
++ skb_reserve(skb, local->hw.extra_tx_headroom);
++
++ switch (action_code) {
++ case WLAN_TDLS_SETUP_REQUEST:
++ case WLAN_TDLS_SETUP_RESPONSE:
++ case WLAN_TDLS_SETUP_CONFIRM:
++ case WLAN_TDLS_TEARDOWN:
++ case WLAN_TDLS_DISCOVERY_REQUEST:
++ ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
++ action_code, dialog_token,
++ status_code, skb);
++ send_direct = false;
+ break;
-+ case ATH_ANT_DIV_COMB_LNA1:
-+ antcomb->rssi_lna1 = alt_rssi_avg;
-+ antcomb->rssi_lna2 = main_rssi_avg;
-+ antcomb->scan = true;
-+ /* set to A+B */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
++ case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
++ ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
++ dialog_token, status_code,
++ skb);
++ send_direct = true;
+ break;
-+ case ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2:
-+ antcomb->rssi_add = alt_rssi_avg;
-+ antcomb->scan = true;
-+ /* set to A-B */
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
++ default:
++ ret = -ENOTSUPP;
+ break;
-+ case ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2:
-+ antcomb->rssi_sub = alt_rssi_avg;
-+ antcomb->scan = false;
-+ if (antcomb->rssi_lna2 >
-+ (antcomb->rssi_lna1 + ATH_ANT_DIV_COMB_LNA1_LNA2_SWITCH_DELTA)) {
-+ /* use LNA2 as main LNA */
-+ if ((antcomb->rssi_add > antcomb->rssi_lna1) &&
-+ (antcomb->rssi_add > antcomb->rssi_sub)) {
-+ /* set to A+B */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
-+ } else if (antcomb->rssi_sub >
-+ antcomb->rssi_lna1) {
-+ /* set to A-B */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
-+ } else {
-+ /* set to LNA1 */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ }
-+ } else {
-+ /* use LNA1 as main LNA */
-+ if ((antcomb->rssi_add > antcomb->rssi_lna2) &&
-+ (antcomb->rssi_add > antcomb->rssi_sub)) {
-+ /* set to A+B */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
-+ } else if (antcomb->rssi_sub >
-+ antcomb->rssi_lna1) {
-+ /* set to A-B */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
-+ } else {
-+ /* set to LNA2 */
-+ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ }
-+ }
++ }
++
++ if (ret < 0)
++ goto fail;
++
++ if (extra_ies_len)
++ memcpy(skb_put(skb, extra_ies_len), extra_ies, extra_ies_len);
++
++ /* the TDLS link IE is always added last */
++ switch (action_code) {
++ case WLAN_TDLS_SETUP_REQUEST:
++ case WLAN_TDLS_SETUP_CONFIRM:
++ case WLAN_TDLS_TEARDOWN:
++ case WLAN_TDLS_DISCOVERY_REQUEST:
++ /* we are the initiator */
++ ieee80211_tdls_add_link_ie(skb, sdata->vif.addr, peer,
++ sdata->u.mgd.bssid);
++ break;
++ case WLAN_TDLS_SETUP_RESPONSE:
++ case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
++ /* we are the responder */
++ ieee80211_tdls_add_link_ie(skb, peer, sdata->vif.addr,
++ sdata->u.mgd.bssid);
+ break;
+ default:
-+ break;
++ ret = -ENOTSUPP;
++ goto fail;
+ }
-+}
-+
-+static bool ath_ant_try_switch(struct ath_hw_antcomb_conf *div_ant_conf,
-+ struct ath_ant_comb *antcomb,
-+ int alt_ratio, int alt_rssi_avg,
-+ int main_rssi_avg, int curr_main_set,
-+ int curr_alt_set)
-+{
-+ bool ret = false;
+
-+ if (ath_ant_div_comb_alt_check(div_ant_conf, antcomb, alt_ratio,
-+ alt_rssi_avg, main_rssi_avg)) {
-+ if (curr_alt_set == ATH_ANT_DIV_COMB_LNA2) {
-+ /*
-+ * Switch main and alt LNA.
-+ */
-+ div_ant_conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ } else if (curr_alt_set == ATH_ANT_DIV_COMB_LNA1) {
-+ div_ant_conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+ }
++ if (send_direct) {
++ ieee80211_tx_skb(sdata, skb);
++ return 0;
++ }
+
-+ ret = true;
-+ } else if ((curr_alt_set != ATH_ANT_DIV_COMB_LNA1) &&
-+ (curr_alt_set != ATH_ANT_DIV_COMB_LNA2)) {
-+ /*
-+ Set alt to another LNA.
-+ */
-+ if (curr_main_set == ATH_ANT_DIV_COMB_LNA2)
-+ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
-+ else if (curr_main_set == ATH_ANT_DIV_COMB_LNA1)
-+ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-+
-+ ret = true;
++ /*
++ * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
++ * we should default to AC_VI.
++ */
++ switch (action_code) {
++ case WLAN_TDLS_SETUP_REQUEST:
++ case WLAN_TDLS_SETUP_RESPONSE:
++ skb_set_queue_mapping(skb, IEEE80211_AC_BK);
++ skb->priority = 2;
++ break;
++ default:
++ skb_set_queue_mapping(skb, IEEE80211_AC_VI);
++ skb->priority = 5;
++ break;
+ }
+
++ /* disable bottom halves when entering the Tx path */
++ local_bh_disable();
++ ret = ieee80211_subif_start_xmit(skb, dev);
++ local_bh_enable();
++
++ return ret;
++
++fail:
++ dev_kfree_skb(skb);
+ return ret;
+}
+
-+static bool ath_ant_short_scan_check(struct ath_ant_comb *antcomb)
++int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
++ const u8 *peer, enum nl80211_tdls_operation oper)
+{
-+ int alt_ratio;
++ struct sta_info *sta;
++ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+
-+ if (!antcomb->scan || !antcomb->alt_good)
-+ return false;
++ if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
++ return -ENOTSUPP;
+
-+ if (time_after(jiffies, antcomb->scan_start_time +
-+ msecs_to_jiffies(ATH_ANT_DIV_COMB_SHORT_SCAN_INTR)))
-+ return true;
++ if (sdata->vif.type != NL80211_IFTYPE_STATION)
++ return -EINVAL;
+
-+ if (antcomb->total_pkt_count == ATH_ANT_DIV_COMB_SHORT_SCAN_PKTCOUNT) {
-+ alt_ratio = ((antcomb->alt_recv_cnt * 100) /
-+ antcomb->total_pkt_count);
-+ if (alt_ratio < antcomb->ant_ratio)
-+ return true;
-+ }
++ tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
+
-+ return false;
-+}
++ switch (oper) {
++ case NL80211_TDLS_ENABLE_LINK:
++ rcu_read_lock();
++ sta = sta_info_get(sdata, peer);
++ if (!sta) {
++ rcu_read_unlock();
++ return -ENOLINK;
++ }
+
- void ath_ant_comb_scan(struct ath_softc *sc, struct ath_rx_status *rs)
- {
- struct ath_hw_antcomb_conf div_ant_conf;
-@@ -549,41 +747,46 @@ void ath_ant_comb_scan(struct ath_softc
- int main_rssi = rs->rs_rssi_ctl0;
- int alt_rssi = rs->rs_rssi_ctl1;
- int rx_ant_conf, main_ant_conf;
-- bool short_scan = false;
-+ bool short_scan = false, ret;
-
- rx_ant_conf = (rs->rs_rssi_ctl2 >> ATH_ANT_RX_CURRENT_SHIFT) &
- ATH_ANT_RX_MASK;
- main_ant_conf = (rs->rs_rssi_ctl2 >> ATH_ANT_RX_MAIN_SHIFT) &
- ATH_ANT_RX_MASK;
-
-+ if (alt_rssi >= antcomb->low_rssi_thresh) {
-+ antcomb->ant_ratio = ATH_ANT_DIV_COMB_ALT_ANT_RATIO;
-+ antcomb->ant_ratio2 = ATH_ANT_DIV_COMB_ALT_ANT_RATIO2;
-+ } else {
-+ antcomb->ant_ratio = ATH_ANT_DIV_COMB_ALT_ANT_RATIO_LOW_RSSI;
-+ antcomb->ant_ratio2 = ATH_ANT_DIV_COMB_ALT_ANT_RATIO2_LOW_RSSI;
++ set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
++ rcu_read_unlock();
++ break;
++ case NL80211_TDLS_DISABLE_LINK:
++ return sta_info_destroy_addr(sdata, peer);
++ case NL80211_TDLS_TEARDOWN:
++ case NL80211_TDLS_SETUP:
++ case NL80211_TDLS_DISCOVERY_REQ:
++ /* We don't support in-driver setup/teardown/discovery */
++ return -ENOTSUPP;
++ default:
++ return -ENOTSUPP;
+ }
+
- /* Record packet only when both main_rssi and alt_rssi is positive */
- if (main_rssi > 0 && alt_rssi > 0) {
- antcomb->total_pkt_count++;
- antcomb->main_total_rssi += main_rssi;
- antcomb->alt_total_rssi += alt_rssi;
-+
- if (main_ant_conf == rx_ant_conf)
- antcomb->main_recv_cnt++;
- else
- antcomb->alt_recv_cnt++;
- }
-
-- /* Short scan check */
-- if (antcomb->scan && antcomb->alt_good) {
-- if (time_after(jiffies, antcomb->scan_start_time +
-- msecs_to_jiffies(ATH_ANT_DIV_COMB_SHORT_SCAN_INTR)))
-- short_scan = true;
-- else
-- if (antcomb->total_pkt_count ==
-- ATH_ANT_DIV_COMB_SHORT_SCAN_PKTCOUNT) {
-- alt_ratio = ((antcomb->alt_recv_cnt * 100) /
-- antcomb->total_pkt_count);
-- if (alt_ratio < ATH_ANT_DIV_COMB_ALT_ANT_RATIO)
-- short_scan = true;
-- }
-+ if (main_ant_conf == rx_ant_conf) {
-+ ANT_STAT_INC(ANT_MAIN, recv_cnt);
-+ ANT_LNA_INC(ANT_MAIN, rx_ant_conf);
-+ } else {
-+ ANT_STAT_INC(ANT_ALT, recv_cnt);
-+ ANT_LNA_INC(ANT_ALT, rx_ant_conf);
- }
-
-+ /* Short scan check */
-+ short_scan = ath_ant_short_scan_check(antcomb);
-+
- if (((antcomb->total_pkt_count < ATH_ANT_DIV_COMB_MAX_PKTCOUNT) ||
-- rs->rs_moreaggr) && !short_scan)
-+ rs->rs_moreaggr) && !short_scan)
- return;
++ return 0;
++}
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -2330,7 +2330,8 @@ void ieee80211_tx_pending(unsigned long
+ /* functions for drivers to get certain frames */
- if (antcomb->total_pkt_count) {
-@@ -595,15 +798,13 @@ void ath_ant_comb_scan(struct ath_softc
- antcomb->total_pkt_count);
- }
+ static void __ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
+- struct ps_data *ps, struct sk_buff *skb)
++ struct ps_data *ps, struct sk_buff *skb,
++ bool is_template)
+ {
+ u8 *pos, *tim;
+ int aid0 = 0;
+@@ -2343,11 +2344,12 @@ static void __ieee80211_beacon_add_tim(s
+ * checking byte-for-byte */
+ have_bits = !bitmap_empty((unsigned long *)ps->tim,
+ IEEE80211_MAX_AID+1);
+-
+- if (ps->dtim_count == 0)
+- ps->dtim_count = sdata->vif.bss_conf.dtim_period - 1;
+- else
+- ps->dtim_count--;
++ if (!is_template) {
++ if (ps->dtim_count == 0)
++ ps->dtim_count = sdata->vif.bss_conf.dtim_period - 1;
++ else
++ ps->dtim_count--;
++ }
--
- ath9k_hw_antdiv_comb_conf_get(sc->sc_ah, &div_ant_conf);
- curr_alt_set = div_ant_conf.alt_lna_conf;
- curr_main_set = div_ant_conf.main_lna_conf;
--
- antcomb->count++;
-
- if (antcomb->count == ATH_ANT_DIV_COMB_MAX_COUNT) {
-- if (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO) {
-+ if (alt_ratio > antcomb->ant_ratio) {
- ath_lnaconf_alt_good_scan(antcomb, div_ant_conf,
- main_rssi_avg);
- antcomb->alt_good = true;
-@@ -617,153 +818,47 @@ void ath_ant_comb_scan(struct ath_softc
- }
+ tim = pos = (u8 *) skb_put(skb, 6);
+ *pos++ = WLAN_EID_TIM;
+@@ -2393,7 +2395,8 @@ static void __ieee80211_beacon_add_tim(s
+ }
- if (!antcomb->scan) {
-- if (ath_ant_div_comb_alt_check(div_ant_conf.div_group,
-- alt_ratio, curr_main_set, curr_alt_set,
-- alt_rssi_avg, main_rssi_avg)) {
-- if (curr_alt_set == ATH_ANT_DIV_COMB_LNA2) {
-- /* Switch main and alt LNA */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- } else if (curr_alt_set == ATH_ANT_DIV_COMB_LNA1) {
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- }
--
-- goto div_comb_done;
-- } else if ((curr_alt_set != ATH_ANT_DIV_COMB_LNA1) &&
-- (curr_alt_set != ATH_ANT_DIV_COMB_LNA2)) {
-- /* Set alt to another LNA */
-- if (curr_main_set == ATH_ANT_DIV_COMB_LNA2)
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- else if (curr_main_set == ATH_ANT_DIV_COMB_LNA1)
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
--
-- goto div_comb_done;
-- }
--
-- if ((alt_rssi_avg < (main_rssi_avg +
-- div_ant_conf.lna1_lna2_delta)))
-+ ret = ath_ant_try_switch(&div_ant_conf, antcomb, alt_ratio,
-+ alt_rssi_avg, main_rssi_avg,
-+ curr_main_set, curr_alt_set);
-+ if (ret)
- goto div_comb_done;
- }
+ static int ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
+- struct ps_data *ps, struct sk_buff *skb)
++ struct ps_data *ps, struct sk_buff *skb,
++ bool is_template)
+ {
+ struct ieee80211_local *local = sdata->local;
-+ if (!antcomb->scan &&
-+ (alt_rssi_avg < (main_rssi_avg + div_ant_conf.lna1_lna2_delta)))
-+ goto div_comb_done;
-+
- if (!antcomb->scan_not_start) {
-- switch (curr_alt_set) {
-- case ATH_ANT_DIV_COMB_LNA2:
-- antcomb->rssi_lna2 = alt_rssi_avg;
-- antcomb->rssi_lna1 = main_rssi_avg;
-- antcomb->scan = true;
-- /* set to A+B */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
-- break;
-- case ATH_ANT_DIV_COMB_LNA1:
-- antcomb->rssi_lna1 = alt_rssi_avg;
-- antcomb->rssi_lna2 = main_rssi_avg;
-- antcomb->scan = true;
-- /* set to A+B */
-- div_ant_conf.main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
-- break;
-- case ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2:
-- antcomb->rssi_add = alt_rssi_avg;
-- antcomb->scan = true;
-- /* set to A-B */
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
-- break;
-- case ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2:
-- antcomb->rssi_sub = alt_rssi_avg;
-- antcomb->scan = false;
-- if (antcomb->rssi_lna2 >
-- (antcomb->rssi_lna1 +
-- ATH_ANT_DIV_COMB_LNA1_LNA2_SWITCH_DELTA)) {
-- /* use LNA2 as main LNA */
-- if ((antcomb->rssi_add > antcomb->rssi_lna1) &&
-- (antcomb->rssi_add > antcomb->rssi_sub)) {
-- /* set to A+B */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
-- } else if (antcomb->rssi_sub >
-- antcomb->rssi_lna1) {
-- /* set to A-B */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
-- } else {
-- /* set to LNA1 */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- }
-- } else {
-- /* use LNA1 as main LNA */
-- if ((antcomb->rssi_add > antcomb->rssi_lna2) &&
-- (antcomb->rssi_add > antcomb->rssi_sub)) {
-- /* set to A+B */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
-- } else if (antcomb->rssi_sub >
-- antcomb->rssi_lna1) {
-- /* set to A-B */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
-- } else {
-- /* set to LNA2 */
-- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-- }
-- }
-- break;
-- default:
-- break;
-- }
-+ ath_ant_try_scan(antcomb, &div_ant_conf, curr_alt_set,
-+ alt_rssi_avg, main_rssi_avg);
+@@ -2405,24 +2408,24 @@ static int ieee80211_beacon_add_tim(stru
+ * of the tim bitmap in mac80211 and the driver.
+ */
+ if (local->tim_in_locked_section) {
+- __ieee80211_beacon_add_tim(sdata, ps, skb);
++ __ieee80211_beacon_add_tim(sdata, ps, skb, is_template);
} else {
- if (!antcomb->alt_good) {
- antcomb->scan_not_start = false;
- /* Set alt to another LNA */
- if (curr_main_set == ATH_ANT_DIV_COMB_LNA2) {
- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-+ ATH_ANT_DIV_COMB_LNA2;
- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-+ ATH_ANT_DIV_COMB_LNA1;
- } else if (curr_main_set == ATH_ANT_DIV_COMB_LNA1) {
- div_ant_conf.main_lna_conf =
-- ATH_ANT_DIV_COMB_LNA1;
-+ ATH_ANT_DIV_COMB_LNA1;
- div_ant_conf.alt_lna_conf =
-- ATH_ANT_DIV_COMB_LNA2;
-+ ATH_ANT_DIV_COMB_LNA2;
- }
- goto div_comb_done;
- }
-+ ath_select_ant_div_from_quick_scan(antcomb, &div_ant_conf,
-+ main_rssi_avg, alt_rssi_avg,
-+ alt_ratio);
-+ antcomb->quick_scan_cnt++;
+ spin_lock_bh(&local->tim_lock);
+- __ieee80211_beacon_add_tim(sdata, ps, skb);
++ __ieee80211_beacon_add_tim(sdata, ps, skb, is_template);
+ spin_unlock_bh(&local->tim_lock);
}
-- ath_select_ant_div_from_quick_scan(antcomb, &div_ant_conf,
-- main_rssi_avg, alt_rssi_avg,
-- alt_ratio);
--
-- antcomb->quick_scan_cnt++;
--
- div_comb_done:
- ath_ant_div_conf_fast_divbias(&div_ant_conf, antcomb, alt_ratio);
- ath9k_hw_antdiv_comb_conf_set(sc->sc_ah, &div_ant_conf);
-+ ath9k_debug_stat_ant(sc, &div_ant_conf, main_rssi_avg, alt_rssi_avg);
-
- antcomb->scan_start_time = jiffies;
- antcomb->total_pkt_count = 0;
-@@ -772,26 +867,3 @@ div_comb_done:
- antcomb->main_recv_cnt = 0;
- antcomb->alt_recv_cnt = 0;
+ return 0;
}
--
--void ath_ant_comb_update(struct ath_softc *sc)
--{
-- struct ath_hw *ah = sc->sc_ah;
-- struct ath_common *common = ath9k_hw_common(ah);
-- struct ath_hw_antcomb_conf div_ant_conf;
-- u8 lna_conf;
--
-- ath9k_hw_antdiv_comb_conf_get(ah, &div_ant_conf);
--
-- if (sc->ant_rx == 1)
-- lna_conf = ATH_ANT_DIV_COMB_LNA1;
-- else
-- lna_conf = ATH_ANT_DIV_COMB_LNA2;
--
-- div_ant_conf.main_lna_conf = lna_conf;
-- div_ant_conf.alt_lna_conf = lna_conf;
--
-- ath9k_hw_antdiv_comb_conf_set(ah, &div_ant_conf);
--
-- if (common->antenna_diversity)
-- ath9k_hw_antctrl_shared_chain_lnadiv(ah, true);
--}
---- a/drivers/net/wireless/ath/ath9k/ar5008_phy.c
-+++ b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
-@@ -610,7 +610,15 @@ static void ar5008_hw_override_ini(struc
- REG_SET_BIT(ah, AR_DIAG_SW, (AR_DIAG_RX_DIS | AR_DIAG_RX_ABORT));
-
- if (AR_SREV_9280_20_OR_LATER(ah)) {
-- val = REG_READ(ah, AR_PCU_MISC_MODE2);
-+ /*
-+ * For AR9280 and above, there is a new feature that allows
-+ * Multicast search based on both MAC Address and Key ID.
-+ * By default, this feature is enabled. But since the driver
-+ * is not using this feature, we switch it off; otherwise
-+ * multicast search based on MAC addr only will fail.
-+ */
-+ val = REG_READ(ah, AR_PCU_MISC_MODE2) &
-+ (~AR_ADHOC_MCAST_KEYID_ENABLE);
-
- if (!AR_SREV_9271(ah))
- val &= ~AR_PCU_MISC_MODE2_HWWAR1;
-@@ -659,14 +667,13 @@ static void ar5008_hw_set_channel_regs(s
- if (IS_CHAN_HT40(chan)) {
- phymode |= AR_PHY_FC_DYN2040_EN;
-
-- if ((chan->chanmode == CHANNEL_A_HT40PLUS) ||
-- (chan->chanmode == CHANNEL_G_HT40PLUS))
-+ if (IS_CHAN_HT40PLUS(chan))
- phymode |= AR_PHY_FC_DYN2040_PRI_CH;
- }
- REG_WRITE(ah, AR_PHY_TURBO, phymode);
+-static void ieee80211_update_csa(struct ieee80211_sub_if_data *sdata,
+- struct beacon_data *beacon)
++static void ieee80211_set_csa(struct ieee80211_sub_if_data *sdata,
++ struct beacon_data *beacon)
+ {
+ struct probe_resp *resp;
+- int counter_offset_beacon = sdata->csa_counter_offset_beacon;
+- int counter_offset_presp = sdata->csa_counter_offset_presp;
+ u8 *beacon_data;
+ size_t beacon_data_len;
++ int i;
++ u8 count = sdata->csa_current_counter;
-- ath9k_hw_set11nmac2040(ah);
-+ ath9k_hw_set11nmac2040(ah, chan);
+ switch (sdata->vif.type) {
+ case NL80211_IFTYPE_AP:
+@@ -2440,40 +2443,57 @@ static void ieee80211_update_csa(struct
+ default:
+ return;
+ }
+- if (WARN_ON(counter_offset_beacon >= beacon_data_len))
+- return;
- ENABLE_REGWRITE_BUFFER(ah);
+- /* Warn if the driver did not check for/react to csa
+- * completeness. A beacon with CSA counter set to 0 should
+- * never occur, because a counter of 1 means switch just
+- * before the next beacon.
+- */
+- if (WARN_ON(beacon_data[counter_offset_beacon] == 1))
+- return;
++ for (i = 0; i < IEEE80211_MAX_CSA_COUNTERS_NUM; ++i) {
++ u16 counter_offset_beacon =
++ sdata->csa_counter_offset_beacon[i];
++ u16 counter_offset_presp = sdata->csa_counter_offset_presp[i];
++
++ if (counter_offset_beacon) {
++ if (WARN_ON(counter_offset_beacon >= beacon_data_len))
++ return;
-@@ -684,31 +691,12 @@ static int ar5008_hw_process_ini(struct
- int i, regWrites = 0;
- u32 modesIndex, freqIndex;
+- beacon_data[counter_offset_beacon]--;
++ beacon_data[counter_offset_beacon] = count;
++ }
-- switch (chan->chanmode) {
-- case CHANNEL_A:
-- case CHANNEL_A_HT20:
-- modesIndex = 1;
-- freqIndex = 1;
-- break;
-- case CHANNEL_A_HT40PLUS:
-- case CHANNEL_A_HT40MINUS:
-- modesIndex = 2;
-+ if (IS_CHAN_5GHZ(chan)) {
- freqIndex = 1;
-- break;
-- case CHANNEL_G:
-- case CHANNEL_G_HT20:
-- case CHANNEL_B:
-- modesIndex = 4;
-+ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
-+ } else {
- freqIndex = 2;
-- break;
-- case CHANNEL_G_HT40PLUS:
-- case CHANNEL_G_HT40MINUS:
-- modesIndex = 3;
-- freqIndex = 2;
-- break;
--
-- default:
-- return -EINVAL;
-+ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
+- if (sdata->vif.type == NL80211_IFTYPE_AP && counter_offset_presp) {
+- rcu_read_lock();
+- resp = rcu_dereference(sdata->u.ap.probe_resp);
++ if (sdata->vif.type == NL80211_IFTYPE_AP &&
++ counter_offset_presp) {
++ rcu_read_lock();
++ resp = rcu_dereference(sdata->u.ap.probe_resp);
+
+- /* if nl80211 accepted the offset, this should not happen. */
+- if (WARN_ON(!resp)) {
++ /* If nl80211 accepted the offset, this should
++ * not happen.
++ */
++ if (WARN_ON(!resp)) {
++ rcu_read_unlock();
++ return;
++ }
++ resp->data[counter_offset_presp] = count;
+ rcu_read_unlock();
+- return;
+ }
+- resp->data[counter_offset_presp]--;
+- rcu_read_unlock();
}
-
- /*
-@@ -807,8 +795,10 @@ static void ar5008_hw_set_rfmode(struct
- if (chan == NULL)
- return;
-
-- rfMode |= (IS_CHAN_B(chan) || IS_CHAN_G(chan))
-- ? AR_PHY_MODE_DYNAMIC : AR_PHY_MODE_OFDM;
-+ if (IS_CHAN_2GHZ(chan))
-+ rfMode |= AR_PHY_MODE_DYNAMIC;
-+ else
-+ rfMode |= AR_PHY_MODE_OFDM;
-
- if (!AR_SREV_9280_20_OR_LATER(ah))
- rfMode |= (IS_CHAN_5GHZ(chan)) ?
-@@ -1213,12 +1203,11 @@ static void ar5008_hw_ani_cache_ini_regs
-
- iniDef = &aniState->iniDef;
-
-- ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz/0x%x\n",
-+ ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz\n",
- ah->hw_version.macVersion,
- ah->hw_version.macRev,
- ah->opmode,
-- chan->channel,
-- chan->channelFlags);
-+ chan->channel);
-
- val = REG_READ(ah, AR_PHY_SFCORR);
- iniDef->m1Thresh = MS(val, AR_PHY_SFCORR_M1_THRESH);
---- a/drivers/net/wireless/ath/ath9k/ar9002_phy.c
-+++ b/drivers/net/wireless/ath/ath9k/ar9002_phy.c
-@@ -555,6 +555,69 @@ static void ar9002_hw_antdiv_comb_conf_s
- REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regval);
}
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+
-+static void ar9002_hw_set_bt_ant_diversity(struct ath_hw *ah, bool enable)
++u8 ieee80211_csa_update_counter(struct ieee80211_vif *vif)
+{
-+ struct ath_btcoex_hw *btcoex = &ah->btcoex_hw;
-+ u8 antdiv_ctrl1, antdiv_ctrl2;
-+ u32 regval;
-+
-+ if (enable) {
-+ antdiv_ctrl1 = ATH_BT_COEX_ANTDIV_CONTROL1_ENABLE;
-+ antdiv_ctrl2 = ATH_BT_COEX_ANTDIV_CONTROL2_ENABLE;
-+
-+ /*
-+ * Don't disable BT ant to allow BB to control SWCOM.
-+ */
-+ btcoex->bt_coex_mode2 &= (~(AR_BT_DISABLE_BT_ANT));
-+ REG_WRITE(ah, AR_BT_COEX_MODE2, btcoex->bt_coex_mode2);
-+
-+ REG_WRITE(ah, AR_PHY_SWITCH_COM, ATH_BT_COEX_ANT_DIV_SWITCH_COM);
-+ REG_RMW(ah, AR_PHY_SWITCH_CHAIN_0, 0, 0xf0000000);
-+ } else {
-+ /*
-+ * Disable antenna diversity, use LNA1 only.
-+ */
-+ antdiv_ctrl1 = ATH_BT_COEX_ANTDIV_CONTROL1_FIXED_A;
-+ antdiv_ctrl2 = ATH_BT_COEX_ANTDIV_CONTROL2_FIXED_A;
-+
-+ /*
-+ * Disable BT Ant. to allow concurrent BT and WLAN receive.
-+ */
-+ btcoex->bt_coex_mode2 |= AR_BT_DISABLE_BT_ANT;
-+ REG_WRITE(ah, AR_BT_COEX_MODE2, btcoex->bt_coex_mode2);
-+
-+ /*
-+ * Program SWCOM table to make sure RF switch always parks
-+ * at BT side.
-+ */
-+ REG_WRITE(ah, AR_PHY_SWITCH_COM, 0);
-+ REG_RMW(ah, AR_PHY_SWITCH_CHAIN_0, 0, 0xf0000000);
-+ }
++ struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
+
-+ regval = REG_READ(ah, AR_PHY_MULTICHAIN_GAIN_CTL);
-+ regval &= (~(AR_PHY_9285_ANT_DIV_CTL_ALL));
-+ /*
-+ * Clear ant_fast_div_bias [14:9] since for WB195,
-+ * the main LNA is always LNA1.
-+ */
-+ regval &= (~(AR_PHY_9285_FAST_DIV_BIAS));
-+ regval |= SM(antdiv_ctrl1, AR_PHY_9285_ANT_DIV_CTL);
-+ regval |= SM(antdiv_ctrl2, AR_PHY_9285_ANT_DIV_ALT_LNACONF);
-+ regval |= SM((antdiv_ctrl2 >> 2), AR_PHY_9285_ANT_DIV_MAIN_LNACONF);
-+ regval |= SM((antdiv_ctrl1 >> 1), AR_PHY_9285_ANT_DIV_ALT_GAINTB);
-+ regval |= SM((antdiv_ctrl1 >> 2), AR_PHY_9285_ANT_DIV_MAIN_GAINTB);
-+ REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regval);
-+
-+ regval = REG_READ(ah, AR_PHY_CCK_DETECT);
-+ regval &= (~AR_PHY_CCK_DETECT_BB_ENABLE_ANT_FAST_DIV);
-+ regval |= SM((antdiv_ctrl1 >> 3), AR_PHY_CCK_DETECT_BB_ENABLE_ANT_FAST_DIV);
-+ REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
-+}
++ sdata->csa_current_counter--;
+
-+#endif
++ /* the counter should never reach 0 */
++ WARN_ON(!sdata->csa_current_counter);
+
- static void ar9002_hw_spectral_scan_config(struct ath_hw *ah,
- struct ath_spec_scan *param)
- {
-@@ -634,5 +697,9 @@ void ar9002_hw_attach_phy_ops(struct ath
- ops->spectral_scan_trigger = ar9002_hw_spectral_scan_trigger;
- ops->spectral_scan_wait = ar9002_hw_spectral_scan_wait;
-
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+ ops->set_bt_ant_diversity = ar9002_hw_set_bt_ant_diversity;
-+#endif
++ return sdata->csa_current_counter;
++}
++EXPORT_SYMBOL(ieee80211_csa_update_counter);
+
- ar9002_hw_set_nf_limits(ah);
- }
---- a/drivers/net/wireless/ath/ath9k/ar9002_phy.h
-+++ b/drivers/net/wireless/ath/ath9k/ar9002_phy.h
-@@ -317,13 +317,15 @@
- #define AR_PHY_9285_ANT_DIV_ALT_GAINTB_S 29
- #define AR_PHY_9285_ANT_DIV_MAIN_GAINTB 0x40000000
- #define AR_PHY_9285_ANT_DIV_MAIN_GAINTB_S 30
--#define AR_PHY_9285_ANT_DIV_LNA1 2
--#define AR_PHY_9285_ANT_DIV_LNA2 1
--#define AR_PHY_9285_ANT_DIV_LNA1_PLUS_LNA2 3
--#define AR_PHY_9285_ANT_DIV_LNA1_MINUS_LNA2 0
- #define AR_PHY_9285_ANT_DIV_GAINTB_0 0
- #define AR_PHY_9285_ANT_DIV_GAINTB_1 1
-
-+#define ATH_BT_COEX_ANTDIV_CONTROL1_ENABLE 0x0b
-+#define ATH_BT_COEX_ANTDIV_CONTROL2_ENABLE 0x09
-+#define ATH_BT_COEX_ANTDIV_CONTROL1_FIXED_A 0x04
-+#define ATH_BT_COEX_ANTDIV_CONTROL2_FIXED_A 0x09
-+#define ATH_BT_COEX_ANT_DIV_SWITCH_COM 0x66666666
-+
- #define AR_PHY_EXT_CCA0 0x99b8
- #define AR_PHY_EXT_CCA0_THRESH62 0x000000FF
- #define AR_PHY_EXT_CCA0_THRESH62_S 0
---- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
-+++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
-@@ -3541,13 +3541,12 @@ static u16 ar9003_switch_com_spdt_get(st
- return le16_to_cpu(ar9003_modal_header(ah, is2ghz)->switchcomspdt);
- }
-
--
--static u32 ar9003_hw_ant_ctrl_common_get(struct ath_hw *ah, bool is2ghz)
-+u32 ar9003_hw_ant_ctrl_common_get(struct ath_hw *ah, bool is2ghz)
+ bool ieee80211_csa_is_complete(struct ieee80211_vif *vif)
{
- return le32_to_cpu(ar9003_modal_header(ah, is2ghz)->antCtrlCommon);
+ struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
+ struct beacon_data *beacon = NULL;
+ u8 *beacon_data;
+ size_t beacon_data_len;
+- int counter_beacon = sdata->csa_counter_offset_beacon;
++ int counter_beacon = sdata->csa_counter_offset_beacon[0];
+ int ret = false;
+
+ if (!ieee80211_sdata_running(sdata))
+@@ -2523,9 +2543,11 @@ bool ieee80211_csa_is_complete(struct ie
}
-
--static u32 ar9003_hw_ant_ctrl_common_2_get(struct ath_hw *ah, bool is2ghz)
-+u32 ar9003_hw_ant_ctrl_common_2_get(struct ath_hw *ah, bool is2ghz)
+ EXPORT_SYMBOL(ieee80211_csa_is_complete);
+
+-struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
+- struct ieee80211_vif *vif,
+- u16 *tim_offset, u16 *tim_length)
++static struct sk_buff *
++__ieee80211_beacon_get(struct ieee80211_hw *hw,
++ struct ieee80211_vif *vif,
++ struct ieee80211_mutable_offsets *offs,
++ bool is_template)
{
- return le32_to_cpu(ar9003_modal_header(ah, is2ghz)->antCtrlCommon2);
- }
-@@ -3561,6 +3560,7 @@ static u16 ar9003_hw_ant_ctrl_chain_get(
+ struct ieee80211_local *local = hw_to_local(hw);
+ struct sk_buff *skb = NULL;
+@@ -2534,6 +2556,7 @@ struct sk_buff *ieee80211_beacon_get_tim
+ enum ieee80211_band band;
+ struct ieee80211_tx_rate_control txrc;
+ struct ieee80211_chanctx_conf *chanctx_conf;
++ int csa_off_base = 0;
- static void ar9003_hw_ant_ctrl_apply(struct ath_hw *ah, bool is2ghz)
- {
-+ struct ath_common *common = ath9k_hw_common(ah);
- struct ath9k_hw_capabilities *pCap = &ah->caps;
- int chain;
- u32 regval, value, gpio;
-@@ -3614,6 +3614,11 @@ static void ar9003_hw_ant_ctrl_apply(str
- }
+ rcu_read_lock();
- value = ar9003_hw_ant_ctrl_common_2_get(ah, is2ghz);
-+ if (AR_SREV_9485(ah) && common->bt_ant_diversity) {
-+ regval &= ~AR_SWITCH_TABLE_COM2_ALL;
-+ regval |= ah->config.ant_ctrl_comm2g_switch_enable;
-+
-+ }
- REG_RMW_FIELD(ah, AR_PHY_SWITCH_COM_2, AR_SWITCH_TABLE_COM2_ALL, value);
-
- if ((AR_SREV_9462(ah)) && (ah->rxchainmask == 0x2)) {
-@@ -3645,8 +3650,11 @@ static void ar9003_hw_ant_ctrl_apply(str
- regval &= (~AR_PHY_ANT_DIV_LNADIV);
- regval |= ((value >> 6) & 0x1) << AR_PHY_ANT_DIV_LNADIV_S;
-
-+ if (AR_SREV_9485(ah) && common->bt_ant_diversity)
-+ regval |= AR_ANT_DIV_ENABLE;
-+
- if (AR_SREV_9565(ah)) {
-- if (ah->shared_chain_lnadiv) {
-+ if (common->bt_ant_diversity) {
- regval |= (1 << AR_PHY_ANT_SW_RX_PROT_S);
- } else {
- regval &= ~(1 << AR_PHY_ANT_DIV_LNADIV_S);
-@@ -3656,10 +3664,14 @@ static void ar9003_hw_ant_ctrl_apply(str
-
- REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
-
-- /*enable fast_div */
-+ /* enable fast_div */
- regval = REG_READ(ah, AR_PHY_CCK_DETECT);
- regval &= (~AR_FAST_DIV_ENABLE);
- regval |= ((value >> 7) & 0x1) << AR_FAST_DIV_ENABLE_S;
-+
-+ if (AR_SREV_9485(ah) && common->bt_ant_diversity)
-+ regval |= AR_FAST_DIV_ENABLE;
-+
- REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
-
- if (pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
-@@ -3673,9 +3685,9 @@ static void ar9003_hw_ant_ctrl_apply(str
- AR_PHY_ANT_DIV_ALT_GAINTB |
- AR_PHY_ANT_DIV_MAIN_GAINTB));
- /* by default use LNA1 for the main antenna */
-- regval |= (AR_PHY_ANT_DIV_LNA1 <<
-+ regval |= (ATH_ANT_DIV_COMB_LNA1 <<
- AR_PHY_ANT_DIV_MAIN_LNACONF_S);
-- regval |= (AR_PHY_ANT_DIV_LNA2 <<
-+ regval |= (ATH_ANT_DIV_COMB_LNA2 <<
- AR_PHY_ANT_DIV_ALT_LNACONF_S);
- REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
- }
-@@ -3813,6 +3825,11 @@ static void ar9003_hw_atten_apply(struct
- else
- value = ar9003_hw_atten_chain_get_margin(ah, i, chan);
-
-+ if (ah->config.alt_mingainidx)
-+ REG_RMW_FIELD(ah, AR_PHY_EXT_ATTEN_CTL_0,
-+ AR_PHY_EXT_ATTEN_CTL_XATTEN1_MARGIN,
-+ value);
-+
- REG_RMW_FIELD(ah, ext_atten_reg[i],
- AR_PHY_EXT_ATTEN_CTL_XATTEN1_MARGIN,
- value);
---- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h
-+++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h
-@@ -334,6 +334,8 @@ struct ar9300_eeprom {
-
- s32 ar9003_hw_get_tx_gain_idx(struct ath_hw *ah);
- s32 ar9003_hw_get_rx_gain_idx(struct ath_hw *ah);
-+u32 ar9003_hw_ant_ctrl_common_get(struct ath_hw *ah, bool is2ghz);
-+u32 ar9003_hw_ant_ctrl_common_2_get(struct ath_hw *ah, bool is2ghz);
-
- u8 *ar9003_get_spur_chan_ptr(struct ath_hw *ah, bool is_2ghz);
-
---- a/drivers/net/wireless/ath/ath9k/ar9003_phy.h
-+++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.h
-@@ -148,6 +148,8 @@
- #define AR_PHY_SFCORR_SPUR_SUBCHNL_SD_S 28
- #define AR_PHY_EXT_CCA_THRESH62 0x007F0000
- #define AR_PHY_EXT_CCA_THRESH62_S 16
-+#define AR_PHY_EXTCHN_PWRTHR1_ANT_DIV_ALT_ANT_MINGAINIDX 0x0000FF00
-+#define AR_PHY_EXTCHN_PWRTHR1_ANT_DIV_ALT_ANT_MINGAINIDX_S 8
- #define AR_PHY_EXT_MINCCA_PWR 0x01FF0000
- #define AR_PHY_EXT_MINCCA_PWR_S 16
- #define AR_PHY_EXT_CYCPWR_THR1 0x0000FE00L
-@@ -296,11 +298,6 @@
- #define AR_PHY_ANT_DIV_MAIN_GAINTB 0x40000000
- #define AR_PHY_ANT_DIV_MAIN_GAINTB_S 30
-
--#define AR_PHY_ANT_DIV_LNA1_MINUS_LNA2 0x0
--#define AR_PHY_ANT_DIV_LNA2 0x1
--#define AR_PHY_ANT_DIV_LNA1 0x2
--#define AR_PHY_ANT_DIV_LNA1_PLUS_LNA2 0x3
--
- #define AR_PHY_EXTCHN_PWRTHR1 (AR_AGC_BASE + 0x2c)
- #define AR_PHY_EXT_CHN_WIN (AR_AGC_BASE + 0x30)
- #define AR_PHY_20_40_DET_THR (AR_AGC_BASE + 0x34)
---- a/drivers/net/wireless/ath/ath9k/debug.h
-+++ b/drivers/net/wireless/ath/ath9k/debug.h
-@@ -28,9 +28,13 @@ struct fft_sample_tlv;
- #ifdef CPTCFG_ATH9K_DEBUGFS
- #define TX_STAT_INC(q, c) sc->debug.stats.txstats[q].c++
- #define RESET_STAT_INC(sc, type) sc->debug.stats.reset[type]++
-+#define ANT_STAT_INC(i, c) sc->debug.stats.ant_stats[i].c++
-+#define ANT_LNA_INC(i, c) sc->debug.stats.ant_stats[i].lna_recv_cnt[c]++;
- #else
- #define TX_STAT_INC(q, c) do { } while (0)
- #define RESET_STAT_INC(sc, type) do { } while (0)
-+#define ANT_STAT_INC(i, c) do { } while (0)
-+#define ANT_LNA_INC(i, c) do { } while (0)
- #endif
+@@ -2543,18 +2566,20 @@ struct sk_buff *ieee80211_beacon_get_tim
+ if (!ieee80211_sdata_running(sdata) || !chanctx_conf)
+ goto out;
- enum ath_reset_type {
-@@ -243,11 +247,22 @@ struct ath_rx_stats {
- u32 rx_spectral;
- };
+- if (tim_offset)
+- *tim_offset = 0;
+- if (tim_length)
+- *tim_length = 0;
++ if (offs)
++ memset(offs, 0, sizeof(*offs));
-+#define ANT_MAIN 0
-+#define ANT_ALT 1
-+
-+struct ath_antenna_stats {
-+ u32 recv_cnt;
-+ u32 rssi_avg;
-+ u32 lna_recv_cnt[4];
-+ u32 lna_attempt_cnt[4];
-+};
+ if (sdata->vif.type == NL80211_IFTYPE_AP) {
+ struct ieee80211_if_ap *ap = &sdata->u.ap;
+ struct beacon_data *beacon = rcu_dereference(ap->beacon);
+
+ if (beacon) {
+- if (sdata->vif.csa_active)
+- ieee80211_update_csa(sdata, beacon);
++ if (sdata->vif.csa_active) {
++ if (!is_template)
++ ieee80211_csa_update_counter(vif);
+
- struct ath_stats {
- struct ath_interrupt_stats istats;
- struct ath_tx_stats txstats[ATH9K_NUM_TX_QUEUES];
- struct ath_rx_stats rxstats;
- struct ath_dfs_stats dfs_stats;
-+ struct ath_antenna_stats ant_stats[2];
- u32 reset[__RESET_TYPE_MAX];
- };
++ ieee80211_set_csa(sdata, beacon);
++ }
-@@ -281,10 +296,11 @@ void ath9k_sta_remove_debugfs(struct iee
- struct ieee80211_vif *vif,
- struct ieee80211_sta *sta,
- struct dentry *dir);
--
- void ath_debug_send_fft_sample(struct ath_softc *sc,
- struct fft_sample_tlv *fft_sample);
--
-+void ath9k_debug_stat_ant(struct ath_softc *sc,
-+ struct ath_hw_antcomb_conf *div_ant_conf,
-+ int main_rssi_avg, int alt_rssi_avg);
- #else
+ /*
+ * headroom, head length,
+@@ -2571,12 +2596,16 @@ struct sk_buff *ieee80211_beacon_get_tim
+ memcpy(skb_put(skb, beacon->head_len), beacon->head,
+ beacon->head_len);
+
+- ieee80211_beacon_add_tim(sdata, &ap->ps, skb);
++ ieee80211_beacon_add_tim(sdata, &ap->ps, skb,
++ is_template);
++
++ if (offs) {
++ offs->tim_offset = beacon->head_len;
++ offs->tim_length = skb->len - beacon->head_len;
+
+- if (tim_offset)
+- *tim_offset = beacon->head_len;
+- if (tim_length)
+- *tim_length = skb->len - beacon->head_len;
++ /* for AP the csa offsets are from tail */
++ csa_off_base = skb->len;
++ }
- #define RX_STAT_INC(c) /* NOP */
-@@ -297,12 +313,10 @@ static inline int ath9k_init_debug(struc
- static inline void ath9k_deinit_debug(struct ath_softc *sc)
- {
- }
--
- static inline void ath_debug_stat_interrupt(struct ath_softc *sc,
- enum ath9k_int status)
- {
- }
--
- static inline void ath_debug_stat_tx(struct ath_softc *sc,
- struct ath_buf *bf,
- struct ath_tx_status *ts,
-@@ -310,11 +324,16 @@ static inline void ath_debug_stat_tx(str
- unsigned int flags)
- {
- }
--
- static inline void ath_debug_stat_rx(struct ath_softc *sc,
- struct ath_rx_status *rs)
- {
- }
-+static inline void ath9k_debug_stat_ant(struct ath_softc *sc,
-+ struct ath_hw_antcomb_conf *div_ant_conf,
-+ int main_rssi_avg, int alt_rssi_avg)
-+{
-+
-+}
+ if (beacon->tail)
+ memcpy(skb_put(skb, beacon->tail_len),
+@@ -2591,9 +2620,12 @@ struct sk_buff *ieee80211_beacon_get_tim
+ if (!presp)
+ goto out;
- #endif /* CPTCFG_ATH9K_DEBUGFS */
+- if (sdata->vif.csa_active)
+- ieee80211_update_csa(sdata, presp);
++ if (sdata->vif.csa_active) {
++ if (!is_template)
++ ieee80211_csa_update_counter(vif);
---- a/drivers/net/wireless/ath/ath9k/eeprom_4k.c
-+++ b/drivers/net/wireless/ath/ath9k/eeprom_4k.c
-@@ -812,6 +812,7 @@ static void ath9k_hw_4k_set_gain(struct
- static void ath9k_hw_4k_set_board_values(struct ath_hw *ah,
- struct ath9k_channel *chan)
- {
-+ struct ath9k_hw_capabilities *pCap = &ah->caps;
- struct modal_eep_4k_header *pModal;
- struct ar5416_eeprom_4k *eep = &ah->eeprom.map4k;
- struct base_eep_header_4k *pBase = &eep->baseEepHeader;
-@@ -858,6 +859,24 @@ static void ath9k_hw_4k_set_board_values
-
- REG_WRITE(ah, AR_PHY_CCK_DETECT, regVal);
- regVal = REG_READ(ah, AR_PHY_CCK_DETECT);
-+
-+ if (pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
-+ /*
-+ * If diversity combining is enabled,
-+ * set MAIN to LNA1 and ALT to LNA2 initially.
-+ */
-+ regVal = REG_READ(ah, AR_PHY_MULTICHAIN_GAIN_CTL);
-+ regVal &= (~(AR_PHY_9285_ANT_DIV_MAIN_LNACONF |
-+ AR_PHY_9285_ANT_DIV_ALT_LNACONF));
-+
-+ regVal |= (ATH_ANT_DIV_COMB_LNA1 <<
-+ AR_PHY_9285_ANT_DIV_MAIN_LNACONF_S);
-+ regVal |= (ATH_ANT_DIV_COMB_LNA2 <<
-+ AR_PHY_9285_ANT_DIV_ALT_LNACONF_S);
-+ regVal &= (~(AR_PHY_9285_FAST_DIV_BIAS));
-+ regVal |= (0 << AR_PHY_9285_FAST_DIV_BIAS_S);
-+ REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regVal);
++ ieee80211_set_csa(sdata, presp);
+ }
- }
-
- if (pModal->version >= 2) {
---- a/drivers/net/wireless/ath/ath9k/hw-ops.h
-+++ b/drivers/net/wireless/ath/ath9k/hw-ops.h
-@@ -78,13 +78,16 @@ static inline void ath9k_hw_antdiv_comb_
- ath9k_hw_ops(ah)->antdiv_comb_conf_set(ah, antconf);
- }
--static inline void ath9k_hw_antctrl_shared_chain_lnadiv(struct ath_hw *ah,
-- bool enable)
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
+ skb = dev_alloc_skb(local->tx_headroom + presp->head_len +
+ local->hw.extra_beacon_tailroom);
+@@ -2613,8 +2645,17 @@ struct sk_buff *ieee80211_beacon_get_tim
+ if (!bcn)
+ goto out;
+
+- if (sdata->vif.csa_active)
+- ieee80211_update_csa(sdata, bcn);
++ if (sdata->vif.csa_active) {
++ if (!is_template)
++ /* TODO: For mesh csa_counter is in TU, so
++ * decrementing it by one isn't correct, but
++ * for now we leave it consistent with overall
++ * mac80211's behavior.
++ */
++ ieee80211_csa_update_counter(vif);
+
-+static inline void ath9k_hw_set_bt_ant_diversity(struct ath_hw *ah, bool enable)
- {
-- if (ath9k_hw_ops(ah)->antctrl_shared_chain_lnadiv)
-- ath9k_hw_ops(ah)->antctrl_shared_chain_lnadiv(ah, enable);
-+ if (ath9k_hw_ops(ah)->set_bt_ant_diversity)
-+ ath9k_hw_ops(ah)->set_bt_ant_diversity(ah, enable);
- }
++ ieee80211_set_csa(sdata, bcn);
++ }
-+#endif
+ if (ifmsh->sync_ops)
+ ifmsh->sync_ops->adjust_tbtt(sdata, bcn);
+@@ -2628,13 +2669,33 @@ struct sk_buff *ieee80211_beacon_get_tim
+ goto out;
+ skb_reserve(skb, local->tx_headroom);
+ memcpy(skb_put(skb, bcn->head_len), bcn->head, bcn->head_len);
+- ieee80211_beacon_add_tim(sdata, &ifmsh->ps, skb);
++ ieee80211_beacon_add_tim(sdata, &ifmsh->ps, skb, is_template);
++
++ if (offs) {
++ offs->tim_offset = bcn->head_len;
++ offs->tim_length = skb->len - bcn->head_len;
++ }
+
- /* Private hardware call ops */
-
- /* PHY ops */
---- a/drivers/net/wireless/ath/ath9k/hw.c
-+++ b/drivers/net/wireless/ath/ath9k/hw.c
-@@ -130,29 +130,29 @@ void ath9k_debug_sync_cause(struct ath_c
-
- static void ath9k_hw_set_clockrate(struct ath_hw *ah)
- {
-- struct ieee80211_conf *conf = &ath9k_hw_common(ah)->hw->conf;
- struct ath_common *common = ath9k_hw_common(ah);
-+ struct ath9k_channel *chan = ah->curchan;
- unsigned int clockrate;
-
- /* AR9287 v1.3+ uses async FIFO and runs the MAC at 117 MHz */
- if (AR_SREV_9287(ah) && AR_SREV_9287_13_OR_LATER(ah))
- clockrate = 117;
-- else if (!ah->curchan) /* should really check for CCK instead */
-+ else if (!chan) /* should really check for CCK instead */
- clockrate = ATH9K_CLOCK_RATE_CCK;
-- else if (conf->chandef.chan->band == IEEE80211_BAND_2GHZ)
-+ else if (IS_CHAN_2GHZ(chan))
- clockrate = ATH9K_CLOCK_RATE_2GHZ_OFDM;
- else if (ah->caps.hw_caps & ATH9K_HW_CAP_FASTCLOCK)
- clockrate = ATH9K_CLOCK_FAST_RATE_5GHZ_OFDM;
- else
- clockrate = ATH9K_CLOCK_RATE_5GHZ_OFDM;
-
-- if (conf_is_ht40(conf))
-+ if (IS_CHAN_HT40(chan))
- clockrate *= 2;
-
- if (ah->curchan) {
-- if (IS_CHAN_HALF_RATE(ah->curchan))
-+ if (IS_CHAN_HALF_RATE(chan))
- clockrate /= 2;
-- if (IS_CHAN_QUARTER_RATE(ah->curchan))
-+ if (IS_CHAN_QUARTER_RATE(chan))
- clockrate /= 4;
- }
-
-@@ -190,10 +190,7 @@ EXPORT_SYMBOL(ath9k_hw_wait);
- void ath9k_hw_synth_delay(struct ath_hw *ah, struct ath9k_channel *chan,
- int hw_delay)
- {
-- if (IS_CHAN_B(chan))
-- hw_delay = (4 * hw_delay) / 22;
-- else
-- hw_delay /= 10;
-+ hw_delay /= 10;
-
- if (IS_CHAN_HALF_RATE(chan))
- hw_delay *= 2;
-@@ -294,8 +291,7 @@ void ath9k_hw_get_channel_centers(struct
- return;
- }
-
-- if ((chan->chanmode == CHANNEL_A_HT40PLUS) ||
-- (chan->chanmode == CHANNEL_G_HT40PLUS)) {
-+ if (IS_CHAN_HT40PLUS(chan)) {
- centers->synth_center =
- chan->channel + HT40_CHANNEL_CENTER_SHIFT;
- extoff = 1;
-@@ -450,7 +446,6 @@ static void ath9k_hw_init_config(struct
- ah->config.ack_6mb = 0x0;
- ah->config.cwm_ignore_extcca = 0;
- ah->config.pcie_clock_req = 0;
-- ah->config.pcie_waen = 0;
- ah->config.analog_shiftreg = 1;
-
- for (i = 0; i < AR_EEPROM_MODAL_SPURS; i++) {
-@@ -1034,7 +1029,6 @@ static bool ath9k_hw_set_global_txtimeou
- void ath9k_hw_init_global_settings(struct ath_hw *ah)
- {
- struct ath_common *common = ath9k_hw_common(ah);
-- struct ieee80211_conf *conf = &common->hw->conf;
- const struct ath9k_channel *chan = ah->curchan;
- int acktimeout, ctstimeout, ack_offset = 0;
- int slottime;
-@@ -1069,7 +1063,7 @@ void ath9k_hw_init_global_settings(struc
- if (IS_CHAN_A_FAST_CLOCK(ah, chan))
- tx_lat += 11;
-
-- sifstime *= 2;
-+ sifstime = 32;
- ack_offset = 16;
- slottime = 13;
- } else if (IS_CHAN_QUARTER_RATE(chan)) {
-@@ -1079,7 +1073,7 @@ void ath9k_hw_init_global_settings(struc
- if (IS_CHAN_A_FAST_CLOCK(ah, chan))
- tx_lat += 22;
-
-- sifstime *= 4;
-+ sifstime = 64;
- ack_offset = 32;
- slottime = 21;
+ memcpy(skb_put(skb, bcn->tail_len), bcn->tail, bcn->tail_len);
} else {
-@@ -1109,14 +1103,12 @@ void ath9k_hw_init_global_settings(struc
- * BA frames in some implementations, but it has been found to fix ACK
- * timeout issues in other cases as well.
- */
-- if (conf->chandef.chan &&
-- conf->chandef.chan->band == IEEE80211_BAND_2GHZ &&
-+ if (IS_CHAN_2GHZ(chan) &&
- !IS_CHAN_HALF_RATE(chan) && !IS_CHAN_QUARTER_RATE(chan)) {
- acktimeout += 64 - sifstime - ah->slottime;
- ctstimeout += 48 - sifstime - ah->slottime;
+ WARN_ON(1);
+ goto out;
}
--
- ath9k_hw_set_sifs_time(ah, sifstime);
- ath9k_hw_setslottime(ah, slottime);
- ath9k_hw_set_ack_timeout(ah, acktimeout);
-@@ -1153,9 +1145,7 @@ u32 ath9k_regd_get_ctl(struct ath_regula
- {
- u32 ctl = ath_regd_get_band_ctl(reg, chan->chan->band);
-
-- if (IS_CHAN_B(chan))
-- ctl |= CTL_11B;
-- else if (IS_CHAN_G(chan))
-+ if (IS_CHAN_2GHZ(chan))
- ctl |= CTL_11G;
- else
- ctl |= CTL_11A;
-@@ -1496,16 +1486,16 @@ static bool ath9k_hw_channel_change(stru
- struct ath9k_channel *chan)
- {
- struct ath_common *common = ath9k_hw_common(ah);
-+ struct ath9k_hw_capabilities *pCap = &ah->caps;
-+ bool band_switch = false, mode_diff = false;
-+ u8 ini_reloaded = 0;
- u32 qnum;
- int r;
-- bool edma = !!(ah->caps.hw_caps & ATH9K_HW_CAP_EDMA);
-- bool band_switch, mode_diff;
-- u8 ini_reloaded;
--
-- band_switch = (chan->channelFlags & (CHANNEL_2GHZ | CHANNEL_5GHZ)) !=
-- (ah->curchan->channelFlags & (CHANNEL_2GHZ |
-- CHANNEL_5GHZ));
-- mode_diff = (chan->chanmode != ah->curchan->chanmode);
-+
-+ if (pCap->hw_caps & ATH9K_HW_CAP_FCC_BAND_SWITCH) {
-+ band_switch = IS_CHAN_5GHZ(ah->curchan) != IS_CHAN_5GHZ(chan);
-+ mode_diff = (chan->channelFlags != ah->curchan->channelFlags);
++ /* CSA offsets */
++ if (offs) {
++ int i;
++
++ for (i = 0; i < IEEE80211_MAX_CSA_COUNTERS_NUM; i++) {
++ u16 csa_off = sdata->csa_counter_offset_beacon[i];
++
++ if (!csa_off)
++ continue;
++
++ offs->csa_counter_offs[i] = csa_off_base + csa_off;
++ }
+ }
++
+ band = chanctx_conf->def.chan->band;
- for (qnum = 0; qnum < AR_NUM_QCU; qnum++) {
- if (ath9k_hw_numtxpending(ah, qnum)) {
-@@ -1520,11 +1510,12 @@ static bool ath9k_hw_channel_change(stru
- return false;
- }
-
-- if (edma && (band_switch || mode_diff)) {
-+ if (band_switch || mode_diff) {
- ath9k_hw_mark_phy_inactive(ah);
- udelay(5);
-
-- ath9k_hw_init_pll(ah, NULL);
-+ if (band_switch)
-+ ath9k_hw_init_pll(ah, chan);
-
- if (ath9k_hw_fast_chan_change(ah, chan, &ini_reloaded)) {
- ath_err(common, "Failed to do fast channel change\n");
-@@ -1541,22 +1532,19 @@ static bool ath9k_hw_channel_change(stru
- }
- ath9k_hw_set_clockrate(ah);
- ath9k_hw_apply_txpower(ah, chan, false);
-- ath9k_hw_rfbus_done(ah);
--
-- if (IS_CHAN_OFDM(chan) || IS_CHAN_HT(chan))
-- ath9k_hw_set_delta_slope(ah, chan);
-
-+ ath9k_hw_set_delta_slope(ah, chan);
- ath9k_hw_spur_mitigate_freq(ah, chan);
-
-- if (edma && (band_switch || mode_diff)) {
-- ah->ah_flags |= AH_FASTCC;
-- if (band_switch || ini_reloaded)
-- ah->eep_ops->set_board_values(ah, chan);
-+ if (band_switch || ini_reloaded)
-+ ah->eep_ops->set_board_values(ah, chan);
-
-- ath9k_hw_init_bb(ah, chan);
-+ ath9k_hw_init_bb(ah, chan);
-+ ath9k_hw_rfbus_done(ah);
-
-- if (band_switch || ini_reloaded)
-- ath9k_hw_init_cal(ah, chan);
-+ if (band_switch || ini_reloaded) {
-+ ah->ah_flags |= AH_FASTCC;
-+ ath9k_hw_init_cal(ah, chan);
- ah->ah_flags &= ~AH_FASTCC;
- }
-
-@@ -1778,16 +1766,11 @@ static void ath9k_hw_init_desc(struct at
- /*
- * Fast channel change:
- * (Change synthesizer based on channel freq without resetting chip)
-- *
-- * Don't do FCC when
-- * - Flag is not set
-- * - Chip is just coming out of full sleep
-- * - Channel to be set is same as current channel
-- * - Channel flags are different, (eg.,moving from 2GHz to 5GHz channel)
- */
- static int ath9k_hw_do_fastcc(struct ath_hw *ah, struct ath9k_channel *chan)
- {
- struct ath_common *common = ath9k_hw_common(ah);
-+ struct ath9k_hw_capabilities *pCap = &ah->caps;
- int ret;
+ info = IEEE80211_SKB_CB(skb);
+@@ -2665,6 +2726,32 @@ struct sk_buff *ieee80211_beacon_get_tim
+ out:
+ rcu_read_unlock();
+ return skb;
++
++}
++
++struct sk_buff *
++ieee80211_beacon_get_template(struct ieee80211_hw *hw,
++ struct ieee80211_vif *vif,
++ struct ieee80211_mutable_offsets *offs)
++{
++ return __ieee80211_beacon_get(hw, vif, offs, true);
++}
++EXPORT_SYMBOL(ieee80211_beacon_get_template);
++
++struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
++ struct ieee80211_vif *vif,
++ u16 *tim_offset, u16 *tim_length)
++{
++ struct ieee80211_mutable_offsets offs = {};
++ struct sk_buff *bcn = __ieee80211_beacon_get(hw, vif, &offs, false);
++
++ if (tim_offset)
++ *tim_offset = offs.tim_offset;
++
++ if (tim_length)
++ *tim_length = offs.tim_length;
++
++ return bcn;
+ }
+ EXPORT_SYMBOL(ieee80211_beacon_get_tim);
- if (AR_SREV_9280(ah) && common->bus_ops->ath_bus_type == ATH_PCI)
-@@ -1806,8 +1789,11 @@ static int ath9k_hw_do_fastcc(struct ath
- (CHANNEL_HALF | CHANNEL_QUARTER))
- goto fail;
+--- a/net/mac80211/util.c
++++ b/net/mac80211/util.c
+@@ -1457,6 +1457,44 @@ void ieee80211_stop_device(struct ieee80
+ drv_stop(local);
+ }
-- if ((chan->channelFlags & CHANNEL_ALL) !=
-- (ah->curchan->channelFlags & CHANNEL_ALL))
++static void ieee80211_handle_reconfig_failure(struct ieee80211_local *local)
++{
++ struct ieee80211_sub_if_data *sdata;
++ struct ieee80211_chanctx *ctx;
++
+ /*
-+ * If cross-band fcc is not supoprted, bail out if channelFlags differ.
++ * We get here if during resume the device can't be restarted properly.
++ * We might also get here if this happens during HW reset, which is a
++ * slightly different situation and we need to drop all connections in
++ * the latter case.
++ *
++ * Ask cfg80211 to turn off all interfaces, this will result in more
++ * warnings but at least we'll then get into a clean stopped state.
+ */
-+ if (!(pCap->hw_caps & ATH9K_HW_CAP_FCC_BAND_SWITCH) &&
-+ chan->channelFlags != ah->curchan->channelFlags)
- goto fail;
-
- if (!ath9k_hw_check_alive(ah))
-@@ -1870,8 +1856,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
-
- ah->caldata = caldata;
- if (caldata && (chan->channel != caldata->channel ||
-- chan->channelFlags != caldata->channelFlags ||
-- chan->chanmode != caldata->chanmode)) {
-+ chan->channelFlags != caldata->channelFlags)) {
- /* Operating channel changed, reset channel calibration data */
- memset(caldata, 0, sizeof(*caldata));
- ath9k_init_nfcal_hist_buffer(ah, chan);
-@@ -1960,9 +1945,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
-
- ath9k_hw_init_mfp(ah);
-
-- if (IS_CHAN_OFDM(chan) || IS_CHAN_HT(chan))
-- ath9k_hw_set_delta_slope(ah, chan);
--
-+ ath9k_hw_set_delta_slope(ah, chan);
- ath9k_hw_spur_mitigate_freq(ah, chan);
- ah->eep_ops->set_board_values(ah, chan);
-
-@@ -2047,7 +2030,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
++
++ local->resuming = false;
++ local->suspended = false;
++ local->started = false;
++
++ /* scheduled scan clearly can't be running any more, but tell
++ * cfg80211 and clear local state
++ */
++ ieee80211_sched_scan_end(local);
++
++ list_for_each_entry(sdata, &local->interfaces, list)
++ sdata->flags &= ~IEEE80211_SDATA_IN_DRIVER;
++
++ /* Mark channel contexts as not being in the driver any more to avoid
++ * removing them from the driver during the shutdown process...
++ */
++ mutex_lock(&local->chanctx_mtx);
++ list_for_each_entry(ctx, &local->chanctx_list, list)
++ ctx->driver_present = false;
++ mutex_unlock(&local->chanctx_mtx);
++
++ cfg80211_shutdown_all_interfaces(local->hw.wiphy);
++}
++
+ static void ieee80211_assign_chanctx(struct ieee80211_local *local,
+ struct ieee80211_sub_if_data *sdata)
+ {
+@@ -1520,9 +1558,11 @@ int ieee80211_reconfig(struct ieee80211_
+ */
+ res = drv_start(local);
+ if (res) {
+- WARN(local->suspended, "Hardware became unavailable "
+- "upon resume. This could be a software issue "
+- "prior to suspend or a hardware issue.\n");
++ if (local->suspended)
++ WARN(1, "Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n");
++ else
++ WARN(1, "Hardware became unavailable during restart.\n");
++ ieee80211_handle_reconfig_failure(local);
+ return res;
+ }
- ath9k_hw_apply_gpio_override(ah);
+--- a/net/wireless/ap.c
++++ b/net/wireless/ap.c
+@@ -6,8 +6,8 @@
+ #include "rdev-ops.h"
-- if (AR_SREV_9565(ah) && ah->shared_chain_lnadiv)
-+ if (AR_SREV_9565(ah) && common->bt_ant_diversity)
- REG_SET_BIT(ah, AR_BTCOEX_WL_LNADIV, AR_BTCOEX_WL_LNADIV_FORCE_ON);
- return 0;
-@@ -2550,34 +2533,28 @@ int ath9k_hw_fill_cap_info(struct ath_hw
- if (AR_SREV_9287_11_OR_LATER(ah) || AR_SREV_9271(ah))
- pCap->hw_caps |= ATH9K_HW_CAP_SGI_20;
-
-- if (AR_SREV_9285(ah))
-+ if (AR_SREV_9285(ah)) {
- if (ah->eep_ops->get_eeprom(ah, EEP_MODAL_VER) >= 3) {
- ant_div_ctl1 =
- ah->eep_ops->get_eeprom(ah, EEP_ANT_DIV_CTL1);
-- if ((ant_div_ctl1 & 0x1) && ((ant_div_ctl1 >> 3) & 0x1))
-+ if ((ant_div_ctl1 & 0x1) && ((ant_div_ctl1 >> 3) & 0x1)) {
- pCap->hw_caps |= ATH9K_HW_CAP_ANT_DIV_COMB;
-+ ath_info(common, "Enable LNA combining\n");
-+ }
- }
-+ }
-+
- if (AR_SREV_9300_20_OR_LATER(ah)) {
- if (ah->eep_ops->get_eeprom(ah, EEP_CHAIN_MASK_REDUCE))
- pCap->hw_caps |= ATH9K_HW_CAP_APM;
+-static int __cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
+- struct net_device *dev, bool notify)
++int __cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
++ struct net_device *dev, bool notify)
+ {
+ struct wireless_dev *wdev = dev->ieee80211_ptr;
+ int err;
+--- a/net/wireless/chan.c
++++ b/net/wireless/chan.c
+@@ -370,8 +370,8 @@ int cfg80211_chandef_dfs_required(struct
+ case NL80211_IFTYPE_AP_VLAN:
+ case NL80211_IFTYPE_WDS:
+ case NL80211_IFTYPE_P2P_DEVICE:
+- case NL80211_IFTYPE_UNSPECIFIED:
+ break;
++ case NL80211_IFTYPE_UNSPECIFIED:
+ case NUM_NL80211_IFTYPES:
+ WARN_ON(1);
+ }
+@@ -796,8 +796,7 @@ bool cfg80211_reg_can_beacon(struct wiph
+ !cfg80211_go_permissive_chan(rdev, chandef->chan))
+ prohibited_flags |= IEEE80211_CHAN_NO_IR;
+
+- if (cfg80211_chandef_dfs_required(wiphy, chandef,
+- NL80211_IFTYPE_UNSPECIFIED) > 0 &&
++ if (cfg80211_chandef_dfs_required(wiphy, chandef, iftype) > 0 &&
+ cfg80211_chandef_dfs_available(wiphy, chandef)) {
+ /* We can skip IEEE80211_CHAN_NO_IR if chandef dfs available */
+ prohibited_flags = IEEE80211_CHAN_DISABLED;
+--- a/net/wireless/core.c
++++ b/net/wireless/core.c
+@@ -210,15 +210,12 @@ void cfg80211_stop_p2p_device(struct cfg
}
+ }
+
+-static int cfg80211_rfkill_set_block(void *data, bool blocked)
++void cfg80211_shutdown_all_interfaces(struct wiphy *wiphy)
+ {
+- struct cfg80211_registered_device *rdev = data;
++ struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
+ struct wireless_dev *wdev;
+- if (!blocked)
+- return 0;
-
- if (AR_SREV_9330(ah) || AR_SREV_9485(ah) || AR_SREV_9565(ah)) {
- ant_div_ctl1 = ah->eep_ops->get_eeprom(ah, EEP_ANT_DIV_CTL1);
-- /*
-- * enable the diversity-combining algorithm only when
-- * both enable_lna_div and enable_fast_div are set
-- * Table for Diversity
-- * ant_div_alt_lnaconf bit 0-1
-- * ant_div_main_lnaconf bit 2-3
-- * ant_div_alt_gaintb bit 4
-- * ant_div_main_gaintb bit 5
-- * enable_ant_div_lnadiv bit 6
-- * enable_ant_fast_div bit 7
-- */
-- if ((ant_div_ctl1 >> 0x6) == 0x3)
-+ if ((ant_div_ctl1 >> 0x6) == 0x3) {
- pCap->hw_caps |= ATH9K_HW_CAP_ANT_DIV_COMB;
-+ ath_info(common, "Enable LNA combining\n");
-+ }
- }
+- rtnl_lock();
++ ASSERT_RTNL();
- if (ath9k_hw_dfs_tested(ah))
-@@ -2610,6 +2587,13 @@ int ath9k_hw_fill_cap_info(struct ath_hw
- ah->eep_ops->get_eeprom(ah, EEP_PAPRD))
- pCap->hw_caps |= ATH9K_HW_CAP_PAPRD;
+ list_for_each_entry(wdev, &rdev->wdev_list, list) {
+ if (wdev->netdev) {
+@@ -234,7 +231,18 @@ static int cfg80211_rfkill_set_block(voi
+ break;
+ }
+ }
++}
++EXPORT_SYMBOL_GPL(cfg80211_shutdown_all_interfaces);
-+ /*
-+ * Fast channel change across bands is available
-+ * only for AR9462 and AR9565.
-+ */
-+ if (AR_SREV_9462(ah) || AR_SREV_9565(ah))
-+ pCap->hw_caps |= ATH9K_HW_CAP_FCC_BAND_SWITCH;
++static int cfg80211_rfkill_set_block(void *data, bool blocked)
++{
++ struct cfg80211_registered_device *rdev = data;
++
++ if (!blocked)
++ return 0;
+
++ rtnl_lock();
++ cfg80211_shutdown_all_interfaces(&rdev->wiphy);
+ rtnl_unlock();
+
return 0;
- }
+@@ -401,6 +409,8 @@ struct wiphy *wiphy_new(const struct cfg
+ rdev->wiphy.rts_threshold = (u32) -1;
+ rdev->wiphy.coverage_class = 0;
-@@ -2938,12 +2922,11 @@ void ath9k_hw_set_tsfadjust(struct ath_h
++ rdev->wiphy.max_num_csa_counters = 1;
++
+ return &rdev->wiphy;
}
- EXPORT_SYMBOL(ath9k_hw_set_tsfadjust);
-
--void ath9k_hw_set11nmac2040(struct ath_hw *ah)
-+void ath9k_hw_set11nmac2040(struct ath_hw *ah, struct ath9k_channel *chan)
- {
-- struct ieee80211_conf *conf = &ath9k_hw_common(ah)->hw->conf;
- u32 macmode;
-
-- if (conf_is_ht40(conf) && !ah->config.cwm_ignore_extcca)
-+ if (IS_CHAN_HT40(chan) && !ah->config.cwm_ignore_extcca)
- macmode = AR_2040_JOINED_RX_CLEAR;
- else
- macmode = 0;
---- a/drivers/net/wireless/ath/ath9k/hw.h
-+++ b/drivers/net/wireless/ath/ath9k/hw.h
-@@ -247,6 +247,8 @@ enum ath9k_hw_caps {
- ATH9K_HW_CAP_DFS = BIT(16),
- ATH9K_HW_WOW_DEVICE_CAPABLE = BIT(17),
- ATH9K_HW_CAP_PAPRD = BIT(18),
-+ ATH9K_HW_CAP_FCC_BAND_SWITCH = BIT(19),
-+ ATH9K_HW_CAP_BT_ANT_DIV = BIT(20),
- };
-
- /*
-@@ -309,8 +311,11 @@ struct ath9k_ops_config {
- u16 ani_poll_interval; /* ANI poll interval in ms */
-
- /* Platform specific config */
-+ u32 aspm_l1_fix;
- u32 xlna_gpio;
-+ u32 ant_ctrl_comm2g_switch_enable;
- bool xatten_margin_cfg;
-+ bool alt_mingainidx;
- };
+ EXPORT_SYMBOL(wiphy_new);
+@@ -697,7 +707,7 @@ void wiphy_unregister(struct wiphy *wiph
+ rtnl_lock();
+ rdev->wiphy.registered = false;
- enum ath9k_int {
-@@ -364,36 +369,6 @@ enum ath9k_int {
- ATH9K_INT_NOCARD = 0xffffffff
- };
+- BUG_ON(!list_empty(&rdev->wdev_list));
++ WARN_ON(!list_empty(&rdev->wdev_list));
--#define CHANNEL_CCK 0x00020
--#define CHANNEL_OFDM 0x00040
--#define CHANNEL_2GHZ 0x00080
--#define CHANNEL_5GHZ 0x00100
--#define CHANNEL_PASSIVE 0x00200
--#define CHANNEL_DYN 0x00400
--#define CHANNEL_HALF 0x04000
--#define CHANNEL_QUARTER 0x08000
--#define CHANNEL_HT20 0x10000
--#define CHANNEL_HT40PLUS 0x20000
--#define CHANNEL_HT40MINUS 0x40000
--
--#define CHANNEL_A (CHANNEL_5GHZ|CHANNEL_OFDM)
--#define CHANNEL_B (CHANNEL_2GHZ|CHANNEL_CCK)
--#define CHANNEL_G (CHANNEL_2GHZ|CHANNEL_OFDM)
--#define CHANNEL_G_HT20 (CHANNEL_2GHZ|CHANNEL_HT20)
--#define CHANNEL_A_HT20 (CHANNEL_5GHZ|CHANNEL_HT20)
--#define CHANNEL_G_HT40PLUS (CHANNEL_2GHZ|CHANNEL_HT40PLUS)
--#define CHANNEL_G_HT40MINUS (CHANNEL_2GHZ|CHANNEL_HT40MINUS)
--#define CHANNEL_A_HT40PLUS (CHANNEL_5GHZ|CHANNEL_HT40PLUS)
--#define CHANNEL_A_HT40MINUS (CHANNEL_5GHZ|CHANNEL_HT40MINUS)
--#define CHANNEL_ALL \
-- (CHANNEL_OFDM| \
-- CHANNEL_CCK| \
-- CHANNEL_2GHZ | \
-- CHANNEL_5GHZ | \
-- CHANNEL_HT20 | \
-- CHANNEL_HT40PLUS | \
-- CHANNEL_HT40MINUS)
--
- #define MAX_RTT_TABLE_ENTRY 6
- #define MAX_IQCAL_MEASUREMENT 8
- #define MAX_CL_TAB_ENTRY 16
-@@ -401,8 +376,7 @@ enum ath9k_int {
-
- struct ath9k_hw_cal_data {
- u16 channel;
-- u32 channelFlags;
-- u32 chanmode;
-+ u16 channelFlags;
- int32_t CalValid;
- int8_t iCoff;
- int8_t qCoff;
-@@ -425,33 +399,34 @@ struct ath9k_hw_cal_data {
- struct ath9k_channel {
- struct ieee80211_channel *chan;
- u16 channel;
-- u32 channelFlags;
-- u32 chanmode;
-+ u16 channelFlags;
- s16 noisefloor;
- };
+ /*
+ * First remove the hardware from everywhere, this makes
+@@ -799,23 +809,23 @@ void cfg80211_update_iface_num(struct cf
+ rdev->num_running_monitor_ifaces += num;
+ }
--#define IS_CHAN_G(_c) ((((_c)->channelFlags & (CHANNEL_G)) == CHANNEL_G) || \
-- (((_c)->channelFlags & CHANNEL_G_HT20) == CHANNEL_G_HT20) || \
-- (((_c)->channelFlags & CHANNEL_G_HT40PLUS) == CHANNEL_G_HT40PLUS) || \
-- (((_c)->channelFlags & CHANNEL_G_HT40MINUS) == CHANNEL_G_HT40MINUS))
--#define IS_CHAN_OFDM(_c) (((_c)->channelFlags & CHANNEL_OFDM) != 0)
--#define IS_CHAN_5GHZ(_c) (((_c)->channelFlags & CHANNEL_5GHZ) != 0)
--#define IS_CHAN_2GHZ(_c) (((_c)->channelFlags & CHANNEL_2GHZ) != 0)
--#define IS_CHAN_HALF_RATE(_c) (((_c)->channelFlags & CHANNEL_HALF) != 0)
--#define IS_CHAN_QUARTER_RATE(_c) (((_c)->channelFlags & CHANNEL_QUARTER) != 0)
-+#define CHANNEL_5GHZ BIT(0)
-+#define CHANNEL_HALF BIT(1)
-+#define CHANNEL_QUARTER BIT(2)
-+#define CHANNEL_HT BIT(3)
-+#define CHANNEL_HT40PLUS BIT(4)
-+#define CHANNEL_HT40MINUS BIT(5)
-+
-+#define IS_CHAN_5GHZ(_c) (!!((_c)->channelFlags & CHANNEL_5GHZ))
-+#define IS_CHAN_2GHZ(_c) (!IS_CHAN_5GHZ(_c))
-+
-+#define IS_CHAN_HALF_RATE(_c) (!!((_c)->channelFlags & CHANNEL_HALF))
-+#define IS_CHAN_QUARTER_RATE(_c) (!!((_c)->channelFlags & CHANNEL_QUARTER))
- #define IS_CHAN_A_FAST_CLOCK(_ah, _c) \
-- ((((_c)->channelFlags & CHANNEL_5GHZ) != 0) && \
-- ((_ah)->caps.hw_caps & ATH9K_HW_CAP_FASTCLOCK))
-+ (IS_CHAN_5GHZ(_c) && ((_ah)->caps.hw_caps & ATH9K_HW_CAP_FASTCLOCK))
-+
-+#define IS_CHAN_HT(_c) ((_c)->channelFlags & CHANNEL_HT)
-+
-+#define IS_CHAN_HT20(_c) (IS_CHAN_HT(_c) && !IS_CHAN_HT40(_c))
-
--/* These macros check chanmode and not channelFlags */
--#define IS_CHAN_B(_c) ((_c)->chanmode == CHANNEL_B)
--#define IS_CHAN_HT20(_c) (((_c)->chanmode == CHANNEL_A_HT20) || \
-- ((_c)->chanmode == CHANNEL_G_HT20))
--#define IS_CHAN_HT40(_c) (((_c)->chanmode == CHANNEL_A_HT40PLUS) || \
-- ((_c)->chanmode == CHANNEL_A_HT40MINUS) || \
-- ((_c)->chanmode == CHANNEL_G_HT40PLUS) || \
-- ((_c)->chanmode == CHANNEL_G_HT40MINUS))
--#define IS_CHAN_HT(_c) (IS_CHAN_HT20((_c)) || IS_CHAN_HT40((_c)))
-+#define IS_CHAN_HT40(_c) \
-+ (!!((_c)->channelFlags & (CHANNEL_HT40PLUS | CHANNEL_HT40MINUS)))
-+
-+#define IS_CHAN_HT40PLUS(_c) ((_c)->channelFlags & CHANNEL_HT40PLUS)
-+#define IS_CHAN_HT40MINUS(_c) ((_c)->channelFlags & CHANNEL_HT40MINUS)
-
- enum ath9k_power_mode {
- ATH9K_PM_AWAKE = 0,
-@@ -716,11 +691,14 @@ struct ath_hw_ops {
- struct ath_hw_antcomb_conf *antconf);
- void (*antdiv_comb_conf_set)(struct ath_hw *ah,
- struct ath_hw_antcomb_conf *antconf);
-- void (*antctrl_shared_chain_lnadiv)(struct ath_hw *hw, bool enable);
- void (*spectral_scan_config)(struct ath_hw *ah,
- struct ath_spec_scan *param);
- void (*spectral_scan_trigger)(struct ath_hw *ah);
- void (*spectral_scan_wait)(struct ath_hw *ah);
-+
-+#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
-+ void (*set_bt_ant_diversity)(struct ath_hw *hw, bool enable);
-+#endif
- };
+-void cfg80211_leave(struct cfg80211_registered_device *rdev,
+- struct wireless_dev *wdev)
++void __cfg80211_leave(struct cfg80211_registered_device *rdev,
++ struct wireless_dev *wdev)
+ {
+ struct net_device *dev = wdev->netdev;
- struct ath_nf_limits {
-@@ -765,7 +743,6 @@ struct ath_hw {
- bool aspm_enabled;
- bool is_monitoring;
- bool need_an_top2_fixup;
-- bool shared_chain_lnadiv;
- u16 tx_trig_level;
-
- u32 nf_regs[6];
-@@ -1019,7 +996,7 @@ void ath9k_hw_reset_tsf(struct ath_hw *a
- void ath9k_hw_set_tsfadjust(struct ath_hw *ah, bool set);
- void ath9k_hw_init_global_settings(struct ath_hw *ah);
- u32 ar9003_get_pll_sqsum_dvc(struct ath_hw *ah);
--void ath9k_hw_set11nmac2040(struct ath_hw *ah);
-+void ath9k_hw_set11nmac2040(struct ath_hw *ah, struct ath9k_channel *chan);
- void ath9k_hw_beaconinit(struct ath_hw *ah, u32 next_beacon, u32 beacon_period);
- void ath9k_hw_set_sta_beacon_timers(struct ath_hw *ah,
- const struct ath9k_beacon_state *bs);
---- a/drivers/net/wireless/ath/ath9k/pci.c
-+++ b/drivers/net/wireless/ath/ath9k/pci.c
-@@ -29,6 +29,60 @@ static DEFINE_PCI_DEVICE_TABLE(ath_pci_i
- { PCI_VDEVICE(ATHEROS, 0x0027) }, /* PCI */
- { PCI_VDEVICE(ATHEROS, 0x0029) }, /* PCI */
- { PCI_VDEVICE(ATHEROS, 0x002A) }, /* PCI-E */
-+
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ PCI_VENDOR_ID_AZWAVE,
-+ 0x1C71),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ PCI_VENDOR_ID_FOXCONN,
-+ 0xE01F),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ 0x11AD, /* LITEON */
-+ 0x6632),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ 0x11AD, /* LITEON */
-+ 0x6642),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ PCI_VENDOR_ID_QMI,
-+ 0x0306),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ 0x185F, /* WNC */
-+ 0x309D),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ 0x10CF, /* Fujitsu */
-+ 0x147C),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ 0x10CF, /* Fujitsu */
-+ 0x147D),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002A,
-+ 0x10CF, /* Fujitsu */
-+ 0x1536),
-+ .driver_data = ATH9K_PCI_D3_L1_WAR },
-+
-+ /* AR9285 card for Asus */
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x002B,
-+ PCI_VENDOR_ID_AZWAVE,
-+ 0x2C37),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+
- { PCI_VDEVICE(ATHEROS, 0x002B) }, /* PCI-E */
- { PCI_VDEVICE(ATHEROS, 0x002C) }, /* PCI-E 802.11n bonded out */
- { PCI_VDEVICE(ATHEROS, 0x002D) }, /* PCI */
-@@ -40,29 +94,106 @@ static DEFINE_PCI_DEVICE_TABLE(ath_pci_i
- 0x0032,
- PCI_VENDOR_ID_AZWAVE,
- 0x2086),
-- .driver_data = ATH9K_PCI_CUS198 },
-+ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
- { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
- 0x0032,
- PCI_VENDOR_ID_AZWAVE,
- 0x1237),
-- .driver_data = ATH9K_PCI_CUS198 },
-+ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
- { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
- 0x0032,
- PCI_VENDOR_ID_AZWAVE,
- 0x2126),
-- .driver_data = ATH9K_PCI_CUS198 },
-+ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_AZWAVE,
-+ 0x126A),
-+ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
-
- /* PCI-E CUS230 */
- { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
- 0x0032,
- PCI_VENDOR_ID_AZWAVE,
- 0x2152),
-- .driver_data = ATH9K_PCI_CUS230 },
-+ .driver_data = ATH9K_PCI_CUS230 | ATH9K_PCI_BT_ANT_DIV },
- { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
- 0x0032,
- PCI_VENDOR_ID_FOXCONN,
- 0xE075),
-- .driver_data = ATH9K_PCI_CUS230 },
-+ .driver_data = ATH9K_PCI_CUS230 | ATH9K_PCI_BT_ANT_DIV },
-+
-+ /* WB225 */
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_ATHEROS,
-+ 0x3119),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_ATHEROS,
-+ 0x3122),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ 0x185F, /* WNC */
-+ 0x3119),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ 0x185F, /* WNC */
-+ 0x3027),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0x4105),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0x4106),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0x410D),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0x410E),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0x410F),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0xC706),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0xC680),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_SAMSUNG,
-+ 0xC708),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_LENOVO,
-+ 0x3218),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
-+ 0x0032,
-+ PCI_VENDOR_ID_LENOVO,
-+ 0x3219),
-+ .driver_data = ATH9K_PCI_BT_ANT_DIV },
-
- { PCI_VDEVICE(ATHEROS, 0x0032) }, /* PCI-E AR9485 */
- { PCI_VDEVICE(ATHEROS, 0x0033) }, /* PCI-E AR9580 */
-@@ -229,6 +360,22 @@ static void ath_pci_aspm_init(struct ath
- return;
- }
+ ASSERT_RTNL();
++ ASSERT_WDEV_LOCK(wdev);
-+ /*
-+ * 0x70c - Ack Frequency Register.
-+ *
-+ * Bits 27:29 - DEFAULT_L1_ENTRANCE_LATENCY.
-+ *
-+ * 000 : 1 us
-+ * 001 : 2 us
-+ * 010 : 4 us
-+ * 011 : 8 us
-+ * 100 : 16 us
-+ * 101 : 32 us
-+ * 110/111 : 64 us
-+ */
-+ if (AR_SREV_9462(ah))
-+ pci_read_config_dword(pdev, 0x70c, &ah->config.aspm_l1_fix);
-+
- pcie_capability_read_word(parent, PCI_EXP_LNKCTL, &aspm);
- if (aspm & (PCI_EXP_LNKCTL_ASPM_L0S | PCI_EXP_LNKCTL_ASPM_L1)) {
- ah->aspm_enabled = true;
---- a/drivers/net/wireless/ath/ath9k/phy.h
-+++ b/drivers/net/wireless/ath/ath9k/phy.h
-@@ -48,4 +48,11 @@
- #define AR_PHY_PLL_CONTROL 0x16180
- #define AR_PHY_PLL_MODE 0x16184
-
-+enum ath9k_ant_div_comb_lna_conf {
-+ ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2,
-+ ATH_ANT_DIV_COMB_LNA2,
-+ ATH_ANT_DIV_COMB_LNA1,
-+ ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2,
-+};
-+
+ switch (wdev->iftype) {
+ case NL80211_IFTYPE_ADHOC:
+- cfg80211_leave_ibss(rdev, dev, true);
++ __cfg80211_leave_ibss(rdev, dev, true);
+ break;
+ case NL80211_IFTYPE_P2P_CLIENT:
+ case NL80211_IFTYPE_STATION:
+ if (rdev->sched_scan_req && dev == rdev->sched_scan_req->dev)
+ __cfg80211_stop_sched_scan(rdev, false);
+
+- wdev_lock(wdev);
+ #ifdef CPTCFG_CFG80211_WEXT
+ kfree(wdev->wext.ie);
+ wdev->wext.ie = NULL;
+@@ -824,20 +834,49 @@ void cfg80211_leave(struct cfg80211_regi
#endif
---- a/drivers/net/wireless/iwlwifi/mvm/time-event.c
-+++ b/drivers/net/wireless/iwlwifi/mvm/time-event.c
-@@ -73,7 +73,6 @@
- #include "iwl-prph.h"
-
- /* A TimeUnit is 1024 microsecond */
--#define TU_TO_JIFFIES(_tu) (usecs_to_jiffies((_tu) * 1024))
- #define MSEC_TO_TU(_msec) (_msec*1000/1024)
-
- /*
-@@ -191,8 +190,7 @@ static void iwl_mvm_te_handle_notif(stru
- iwl_mvm_te_clear_data(mvm, te_data);
- } else if (le32_to_cpu(notif->action) & TE_NOTIF_HOST_EVENT_START) {
- te_data->running = true;
-- te_data->end_jiffies = jiffies +
-- TU_TO_JIFFIES(te_data->duration);
-+ te_data->end_jiffies = TU_TO_EXP_TIME(te_data->duration);
-
- if (te_data->vif->type == NL80211_IFTYPE_P2P_DEVICE) {
- set_bit(IWL_MVM_STATUS_ROC_RUNNING, &mvm->status);
-@@ -329,8 +327,7 @@ void iwl_mvm_protect_session(struct iwl_
- lockdep_assert_held(&mvm->mutex);
-
- if (te_data->running &&
-- time_after(te_data->end_jiffies,
-- jiffies + TU_TO_JIFFIES(min_duration))) {
-+ time_after(te_data->end_jiffies, TU_TO_EXP_TIME(min_duration))) {
- IWL_DEBUG_TE(mvm, "We have enough time in the current TE: %u\n",
- jiffies_to_msecs(te_data->end_jiffies - jiffies));
- return;
---- a/include/linux/ieee80211.h
-+++ b/include/linux/ieee80211.h
-@@ -2279,4 +2279,8 @@ static inline bool ieee80211_check_tim(c
- return !!(tim->virtual_map[index] & mask);
+ cfg80211_disconnect(rdev, dev,
+ WLAN_REASON_DEAUTH_LEAVING, true);
+- wdev_unlock(wdev);
+ break;
+ case NL80211_IFTYPE_MESH_POINT:
+- cfg80211_leave_mesh(rdev, dev);
++ __cfg80211_leave_mesh(rdev, dev);
+ break;
+ case NL80211_IFTYPE_AP:
+ case NL80211_IFTYPE_P2P_GO:
+- cfg80211_stop_ap(rdev, dev, true);
++ __cfg80211_stop_ap(rdev, dev, true);
+ break;
+ default:
+ break;
+ }
}
-+/* convert time units */
-+#define TU_TO_JIFFIES(x) (usecs_to_jiffies((x) * 1024))
-+#define TU_TO_EXP_TIME(x) (jiffies + TU_TO_JIFFIES(x))
++void cfg80211_leave(struct cfg80211_registered_device *rdev,
++ struct wireless_dev *wdev)
++{
++ wdev_lock(wdev);
++ __cfg80211_leave(rdev, wdev);
++ wdev_unlock(wdev);
++}
+
- #endif /* LINUX_IEEE80211_H */
---- a/net/mac80211/rate.c
-+++ b/net/mac80211/rate.c
-@@ -210,7 +210,7 @@ static bool rc_no_data_or_no_ack_use_min
- !ieee80211_is_data(fc);
- }
-
--static void rc_send_low_broadcast(s8 *idx, u32 basic_rates,
-+static void rc_send_low_basicrate(s8 *idx, u32 basic_rates,
- struct ieee80211_supported_band *sband)
++void cfg80211_stop_iface(struct wiphy *wiphy, struct wireless_dev *wdev,
++ gfp_t gfp)
++{
++ struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
++ struct cfg80211_event *ev;
++ unsigned long flags;
++
++ trace_cfg80211_stop_iface(wiphy, wdev);
++
++ ev = kzalloc(sizeof(*ev), gfp);
++ if (!ev)
++ return;
++
++ ev->type = EVENT_STOPPED;
++
++ spin_lock_irqsave(&wdev->event_lock, flags);
++ list_add_tail(&ev->list, &wdev->event_list);
++ spin_unlock_irqrestore(&wdev->event_lock, flags);
++ queue_work(cfg80211_wq, &rdev->event_work);
++}
++EXPORT_SYMBOL(cfg80211_stop_iface);
++
+ static int cfg80211_netdev_notifier_call(struct notifier_block *nb,
+ unsigned long state, void *ptr)
{
- u8 i;
-@@ -272,28 +272,37 @@ static void __rate_control_send_low(stru
- }
+--- a/net/wireless/core.h
++++ b/net/wireless/core.h
+@@ -185,6 +185,7 @@ enum cfg80211_event_type {
+ EVENT_ROAMED,
+ EVENT_DISCONNECTED,
+ EVENT_IBSS_JOINED,
++ EVENT_STOPPED,
+ };
+ struct cfg80211_event {
+@@ -281,6 +282,8 @@ int cfg80211_join_mesh(struct cfg80211_r
+ struct net_device *dev,
+ struct mesh_setup *setup,
+ const struct mesh_config *conf);
++int __cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
++ struct net_device *dev);
+ int cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
+ struct net_device *dev);
+ int cfg80211_set_mesh_channel(struct cfg80211_registered_device *rdev,
+@@ -288,6 +291,8 @@ int cfg80211_set_mesh_channel(struct cfg
+ struct cfg80211_chan_def *chandef);
+
+ /* AP */
++int __cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
++ struct net_device *dev, bool notify);
+ int cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
+ struct net_device *dev, bool notify);
+
+@@ -441,6 +446,8 @@ int cfg80211_validate_beacon_int(struct
+ void cfg80211_update_iface_num(struct cfg80211_registered_device *rdev,
+ enum nl80211_iftype iftype, int num);
+
++void __cfg80211_leave(struct cfg80211_registered_device *rdev,
++ struct wireless_dev *wdev);
+ void cfg80211_leave(struct cfg80211_registered_device *rdev,
+ struct wireless_dev *wdev);
+
+--- a/net/wireless/ibss.c
++++ b/net/wireless/ibss.c
+@@ -420,8 +420,8 @@ int cfg80211_ibss_wext_siwessid(struct n
+ if (len > 0 && ssid[len - 1] == '\0')
+ len--;
+
++ memcpy(wdev->ssid, ssid, len);
+ wdev->wext.ibss.ssid = wdev->ssid;
+- memcpy(wdev->wext.ibss.ssid, ssid, len);
+ wdev->wext.ibss.ssid_len = len;
+
+ wdev_lock(wdev);
+--- a/net/wireless/mesh.c
++++ b/net/wireless/mesh.c
+@@ -238,8 +238,8 @@ int cfg80211_set_mesh_channel(struct cfg
+ return 0;
+ }
--bool rate_control_send_low(struct ieee80211_sta *sta,
-+bool rate_control_send_low(struct ieee80211_sta *pubsta,
- void *priv_sta,
- struct ieee80211_tx_rate_control *txrc)
+-static int __cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
+- struct net_device *dev)
++int __cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
++ struct net_device *dev)
{
- struct ieee80211_tx_info *info = IEEE80211_SKB_CB(txrc->skb);
- struct ieee80211_supported_band *sband = txrc->sband;
-+ struct sta_info *sta;
- int mcast_rate;
-+ bool use_basicrate = false;
-
-- if (!sta || !priv_sta || rc_no_data_or_no_ack_use_min(txrc)) {
-- __rate_control_send_low(txrc->hw, sband, sta, info);
-+ if (!pubsta || !priv_sta || rc_no_data_or_no_ack_use_min(txrc)) {
-+ __rate_control_send_low(txrc->hw, sband, pubsta, info);
-
-- if (!sta && txrc->bss) {
-+ if (!pubsta && txrc->bss) {
- mcast_rate = txrc->bss_conf->mcast_rate[sband->band];
- if (mcast_rate > 0) {
- info->control.rates[0].idx = mcast_rate - 1;
- return true;
- }
-+ use_basicrate = true;
-+ } else if (pubsta) {
-+ sta = container_of(pubsta, struct sta_info, sta);
-+ if (ieee80211_vif_is_mesh(&sta->sdata->vif))
-+ use_basicrate = true;
-+ }
+ struct wireless_dev *wdev = dev->ieee80211_ptr;
+ int err;
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -371,8 +371,8 @@ static const struct nla_policy nl80211_p
+ [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
+ [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
+ [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
+- [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_U16 },
+- [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_U16 },
++ [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_BINARY },
++ [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_BINARY },
+ [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = { .type = NLA_BINARY },
+ [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] = { .type = NLA_BINARY },
+ [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
+@@ -386,6 +386,7 @@ static const struct nla_policy nl80211_p
+ [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
+ [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
+ [NL80211_ATTR_IFACE_SOCKET_OWNER] = { .type = NLA_FLAG },
++ [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY },
+ };
-- rc_send_low_broadcast(&info->control.rates[0].idx,
-+ if (use_basicrate)
-+ rc_send_low_basicrate(&info->control.rates[0].idx,
- txrc->bss_conf->basic_rates,
- sband);
-- }
-+
- return true;
- }
- return false;
---- a/drivers/net/wireless/ath/ath9k/Kconfig
-+++ b/drivers/net/wireless/ath/ath9k/Kconfig
-@@ -60,7 +60,7 @@ config ATH9K_AHB
-
- config ATH9K_DEBUGFS
- bool "Atheros ath9k debugging"
-- depends on ATH9K
-+ depends on ATH9K && DEBUG_FS
- select MAC80211_DEBUGFS
- depends on RELAY
- ---help---
---- a/drivers/net/wireless/ath/ath9k/ar9002_hw.c
-+++ b/drivers/net/wireless/ath/ath9k/ar9002_hw.c
-@@ -269,13 +269,12 @@ static void ar9002_hw_configpcipowersave
- if (ah->config.pcie_waen & AR_WA_D3_L1_DISABLE)
- val |= AR_WA_D3_L1_DISABLE;
- } else {
-- if (((AR_SREV_9285(ah) ||
-- AR_SREV_9271(ah) ||
-- AR_SREV_9287(ah)) &&
-- (AR9285_WA_DEFAULT & AR_WA_D3_L1_DISABLE)) ||
-- (AR_SREV_9280(ah) &&
-- (AR9280_WA_DEFAULT & AR_WA_D3_L1_DISABLE))) {
-- val |= AR_WA_D3_L1_DISABLE;
-+ if (AR_SREV_9285(ah) || AR_SREV_9271(ah) || AR_SREV_9287(ah)) {
-+ if (AR9285_WA_DEFAULT & AR_WA_D3_L1_DISABLE)
-+ val |= AR_WA_D3_L1_DISABLE;
-+ } else if (AR_SREV_9280(ah)) {
-+ if (AR9280_WA_DEFAULT & AR_WA_D3_L1_DISABLE)
-+ val |= AR_WA_D3_L1_DISABLE;
+ /* policy for the key attributes */
+@@ -970,8 +971,10 @@ static int nl80211_put_iface_combination
+ c->max_interfaces))
+ goto nla_put_failure;
+ if (large &&
+- nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
+- c->radar_detect_widths))
++ (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
++ c->radar_detect_widths) ||
++ nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
++ c->radar_detect_regions)))
+ goto nla_put_failure;
+
+ nla_nest_end(msg, nl_combi);
+@@ -1667,6 +1670,13 @@ static int nl80211_send_wiphy(struct cfg
}
+ nla_nest_end(msg, nested);
}
++ state->split_start++;
++ break;
++ case 12:
++ if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH &&
++ nla_put_u8(msg, NL80211_ATTR_MAX_CSA_COUNTERS,
++ rdev->wiphy.max_num_csa_counters))
++ goto nla_put_failure;
+
+ /* done */
+ state->split_start = 0;
+@@ -5825,7 +5835,7 @@ static int nl80211_start_radar_detection
+ return -EBUSY;
+
+ err = cfg80211_chandef_dfs_required(wdev->wiphy, &chandef,
+- NL80211_IFTYPE_UNSPECIFIED);
++ wdev->iftype);
+ if (err < 0)
+ return err;
-@@ -297,24 +296,18 @@ static void ar9002_hw_configpcipowersave
- } else {
- if (ah->config.pcie_waen) {
- val = ah->config.pcie_waen;
-- if (!power_off)
-- val &= (~AR_WA_D3_L1_DISABLE);
-+ val &= (~AR_WA_D3_L1_DISABLE);
- } else {
-- if (AR_SREV_9285(ah) ||
-- AR_SREV_9271(ah) ||
-- AR_SREV_9287(ah)) {
-+ if (AR_SREV_9285(ah) || AR_SREV_9271(ah) || AR_SREV_9287(ah)) {
- val = AR9285_WA_DEFAULT;
-- if (!power_off)
-- val &= (~AR_WA_D3_L1_DISABLE);
-- }
-- else if (AR_SREV_9280(ah)) {
-+ val &= (~AR_WA_D3_L1_DISABLE);
-+ } else if (AR_SREV_9280(ah)) {
- /*
- * For AR9280 chips, bit 22 of 0x4004
- * needs to be set.
- */
- val = AR9280_WA_DEFAULT;
-- if (!power_off)
-- val &= (~AR_WA_D3_L1_DISABLE);
-+ val &= (~AR_WA_D3_L1_DISABLE);
- } else {
- val = AR_WA_DEFAULT;
- }
-@@ -426,28 +419,10 @@ void ar9002_hw_load_ani_reg(struct ath_h
- u32 modesIndex;
- int i;
+@@ -5866,6 +5876,7 @@ static int nl80211_channel_switch(struct
+ u8 radar_detect_width = 0;
+ int err;
+ bool need_new_beacon = false;
++ int len, i;
-- switch (chan->chanmode) {
-- case CHANNEL_A:
-- case CHANNEL_A_HT20:
-- modesIndex = 1;
-- break;
-- case CHANNEL_A_HT40PLUS:
-- case CHANNEL_A_HT40MINUS:
-- modesIndex = 2;
-- break;
-- case CHANNEL_G:
-- case CHANNEL_G_HT20:
-- case CHANNEL_B:
-- modesIndex = 4;
-- break;
-- case CHANNEL_G_HT40PLUS:
-- case CHANNEL_G_HT40MINUS:
-- modesIndex = 3;
-- break;
--
-- default:
-- return;
-- }
-+ if (IS_CHAN_5GHZ(chan))
-+ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
-+ else
-+ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
-
- ENABLE_REGWRITE_BUFFER(ah);
-
---- a/drivers/net/wireless/ath/ath9k/ar9003_hw.c
-+++ b/drivers/net/wireless/ath/ath9k/ar9003_hw.c
-@@ -153,7 +153,7 @@ static void ar9003_hw_init_mode_regs(str
- if (!ah->is_clk_25mhz)
- INIT_INI_ARRAY(&ah->iniAdditional,
- ar9340_1p0_radio_core_40M);
-- } else if (AR_SREV_9485_11(ah)) {
-+ } else if (AR_SREV_9485_11_OR_LATER(ah)) {
- /* mac */
- INIT_INI_ARRAY(&ah->iniMac[ATH_INI_CORE],
- ar9485_1_1_mac_core);
-@@ -424,7 +424,7 @@ static void ar9003_tx_gain_table_mode0(s
- else if (AR_SREV_9340(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9340Modes_lowest_ob_db_tx_gain_table_1p0);
-- else if (AR_SREV_9485_11(ah))
-+ else if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9485_modes_lowest_ob_db_tx_gain_1_1);
- else if (AR_SREV_9550(ah))
-@@ -458,7 +458,7 @@ static void ar9003_tx_gain_table_mode1(s
- else if (AR_SREV_9340(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9340Modes_high_ob_db_tx_gain_table_1p0);
-- else if (AR_SREV_9485_11(ah))
-+ else if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9485Modes_high_ob_db_tx_gain_1_1);
- else if (AR_SREV_9580(ah))
-@@ -492,7 +492,7 @@ static void ar9003_tx_gain_table_mode2(s
- else if (AR_SREV_9340(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9340Modes_low_ob_db_tx_gain_table_1p0);
-- else if (AR_SREV_9485_11(ah))
-+ else if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9485Modes_low_ob_db_tx_gain_1_1);
- else if (AR_SREV_9580(ah))
-@@ -517,7 +517,7 @@ static void ar9003_tx_gain_table_mode3(s
- else if (AR_SREV_9340(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9340Modes_high_power_tx_gain_table_1p0);
-- else if (AR_SREV_9485_11(ah))
-+ else if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9485Modes_high_power_tx_gain_1_1);
- else if (AR_SREV_9580(ah))
-@@ -552,7 +552,7 @@ static void ar9003_tx_gain_table_mode4(s
-
- static void ar9003_tx_gain_table_mode5(struct ath_hw *ah)
- {
-- if (AR_SREV_9485_11(ah))
-+ if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9485Modes_green_ob_db_tx_gain_1_1);
- else if (AR_SREV_9340(ah))
-@@ -571,7 +571,7 @@ static void ar9003_tx_gain_table_mode6(s
- if (AR_SREV_9340(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9340Modes_low_ob_db_and_spur_tx_gain_table_1p0);
-- else if (AR_SREV_9485_11(ah))
-+ else if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesTxGain,
- ar9485Modes_green_spur_ob_db_tx_gain_1_1);
- else if (AR_SREV_9580(ah))
-@@ -611,7 +611,7 @@ static void ar9003_rx_gain_table_mode0(s
- else if (AR_SREV_9340(ah))
- INIT_INI_ARRAY(&ah->iniModesRxGain,
- ar9340Common_rx_gain_table_1p0);
-- else if (AR_SREV_9485_11(ah))
-+ else if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesRxGain,
- ar9485_common_rx_gain_1_1);
- else if (AR_SREV_9550(ah)) {
-@@ -644,7 +644,7 @@ static void ar9003_rx_gain_table_mode1(s
- else if (AR_SREV_9340(ah))
- INIT_INI_ARRAY(&ah->iniModesRxGain,
- ar9340Common_wo_xlna_rx_gain_table_1p0);
-- else if (AR_SREV_9485_11(ah))
-+ else if (AR_SREV_9485_11_OR_LATER(ah))
- INIT_INI_ARRAY(&ah->iniModesRxGain,
- ar9485Common_wo_xlna_rx_gain_1_1);
- else if (AR_SREV_9462_21(ah))
-@@ -745,16 +745,25 @@ static void ar9003_hw_init_mode_gain_reg
- static void ar9003_hw_configpcipowersave(struct ath_hw *ah,
- bool power_off)
- {
-+ /*
-+ * Increase L1 Entry Latency. Some WB222 boards don't have
-+ * this change in eeprom/OTP.
-+ *
-+ */
-+ if (AR_SREV_9462(ah)) {
-+ u32 val = ah->config.aspm_l1_fix;
-+ if ((val & 0xff000000) == 0x17000000) {
-+ val &= 0x00ffffff;
-+ val |= 0x27000000;
-+ REG_WRITE(ah, 0x570c, val);
-+ }
+ if (!rdev->ops->channel_switch ||
+ !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
+@@ -5924,26 +5935,55 @@ static int nl80211_channel_switch(struct
+ if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON])
+ return -EINVAL;
+
+- params.counter_offset_beacon =
+- nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
+- if (params.counter_offset_beacon >= params.beacon_csa.tail_len)
++ len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
++ if (!len || (len % sizeof(u16)))
+ return -EINVAL;
+
+- /* sanity check - counters should be the same */
+- if (params.beacon_csa.tail[params.counter_offset_beacon] !=
+- params.count)
++ params.n_counter_offsets_beacon = len / sizeof(u16);
++ if (rdev->wiphy.max_num_csa_counters &&
++ (params.n_counter_offsets_beacon >
++ rdev->wiphy.max_num_csa_counters))
+ return -EINVAL;
+
++ params.counter_offsets_beacon =
++ nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
++
++ /* sanity checks - counters should fit and be the same */
++ for (i = 0; i < params.n_counter_offsets_beacon; i++) {
++ u16 offset = params.counter_offsets_beacon[i];
++
++ if (offset >= params.beacon_csa.tail_len)
++ return -EINVAL;
++
++ if (params.beacon_csa.tail[offset] != params.count)
++ return -EINVAL;
+ }
+
- /* Nothing to do on restore for 11N */
- if (!power_off /* !restore */) {
- /* set bit 19 to allow forcing of pcie core into L1 state */
- REG_SET_BIT(ah, AR_PCIE_PM_CTRL, AR_PCIE_PM_CTRL_ENA);
--
-- /* Several PCIe massages to ensure proper behaviour */
-- if (ah->config.pcie_waen)
-- REG_WRITE(ah, AR_WA, ah->config.pcie_waen);
-- else
-- REG_WRITE(ah, AR_WA, ah->WARegVal);
-+ REG_WRITE(ah, AR_WA, ah->WARegVal);
- }
-
- /*
---- a/drivers/net/wireless/ath/ath9k/ar9003_mac.c
-+++ b/drivers/net/wireless/ath/ath9k/ar9003_mac.c
-@@ -491,6 +491,7 @@ int ath9k_hw_process_rxdesc_edma(struct
- rxs->rs_rate = MS(rxsp->status1, AR_RxRate);
- rxs->rs_more = (rxsp->status2 & AR_RxMore) ? 1 : 0;
-
-+ rxs->rs_firstaggr = (rxsp->status11 & AR_RxFirstAggr) ? 1 : 0;
- rxs->rs_isaggr = (rxsp->status11 & AR_RxAggr) ? 1 : 0;
- rxs->rs_moreaggr = (rxsp->status11 & AR_RxMoreAggr) ? 1 : 0;
- rxs->rs_antenna = (MS(rxsp->status4, AR_RxAntenna) & 0x7);
---- a/drivers/net/wireless/ath/ath9k/common.c
-+++ b/drivers/net/wireless/ath/ath9k/common.c
-@@ -49,88 +49,64 @@ int ath9k_cmn_get_hw_crypto_keytype(stru
- }
- EXPORT_SYMBOL(ath9k_cmn_get_hw_crypto_keytype);
+ if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) {
+- params.counter_offset_presp =
+- nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
+- if (params.counter_offset_presp >=
+- params.beacon_csa.probe_resp_len)
++ len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
++ if (!len || (len % sizeof(u16)))
+ return -EINVAL;
--static u32 ath9k_get_extchanmode(struct ieee80211_channel *chan,
-- enum nl80211_channel_type channel_type)
--{
-- u32 chanmode = 0;
--
-- switch (chan->band) {
-- case IEEE80211_BAND_2GHZ:
-- switch (channel_type) {
-- case NL80211_CHAN_NO_HT:
-- case NL80211_CHAN_HT20:
-- chanmode = CHANNEL_G_HT20;
-- break;
-- case NL80211_CHAN_HT40PLUS:
-- chanmode = CHANNEL_G_HT40PLUS;
-- break;
-- case NL80211_CHAN_HT40MINUS:
-- chanmode = CHANNEL_G_HT40MINUS;
-- break;
-- }
-- break;
-- case IEEE80211_BAND_5GHZ:
-- switch (channel_type) {
-- case NL80211_CHAN_NO_HT:
-- case NL80211_CHAN_HT20:
-- chanmode = CHANNEL_A_HT20;
-- break;
-- case NL80211_CHAN_HT40PLUS:
-- chanmode = CHANNEL_A_HT40PLUS;
-- break;
-- case NL80211_CHAN_HT40MINUS:
-- chanmode = CHANNEL_A_HT40MINUS;
-- break;
-- }
-- break;
-- default:
-- break;
-- }
--
-- return chanmode;
--}
--
- /*
- * Update internal channel flags.
- */
--void ath9k_cmn_update_ichannel(struct ath9k_channel *ichan,
-- struct ieee80211_channel *chan,
-- enum nl80211_channel_type channel_type)
-+static void ath9k_cmn_update_ichannel(struct ath9k_channel *ichan,
-+ struct cfg80211_chan_def *chandef)
- {
-+ struct ieee80211_channel *chan = chandef->chan;
-+ u16 flags = 0;
-+
- ichan->channel = chan->center_freq;
- ichan->chan = chan;
-
-- if (chan->band == IEEE80211_BAND_2GHZ) {
-- ichan->chanmode = CHANNEL_G;
-- ichan->channelFlags = CHANNEL_2GHZ | CHANNEL_OFDM;
-- } else {
-- ichan->chanmode = CHANNEL_A;
-- ichan->channelFlags = CHANNEL_5GHZ | CHANNEL_OFDM;
-+ if (chan->band == IEEE80211_BAND_5GHZ)
-+ flags |= CHANNEL_5GHZ;
-+
-+ switch (chandef->width) {
-+ case NL80211_CHAN_WIDTH_5:
-+ flags |= CHANNEL_QUARTER;
-+ break;
-+ case NL80211_CHAN_WIDTH_10:
-+ flags |= CHANNEL_HALF;
-+ break;
-+ case NL80211_CHAN_WIDTH_20_NOHT:
-+ break;
-+ case NL80211_CHAN_WIDTH_20:
-+ flags |= CHANNEL_HT;
-+ break;
-+ case NL80211_CHAN_WIDTH_40:
-+ if (chandef->center_freq1 > chandef->chan->center_freq)
-+ flags |= CHANNEL_HT40PLUS | CHANNEL_HT;
-+ else
-+ flags |= CHANNEL_HT40MINUS | CHANNEL_HT;
-+ break;
-+ default:
-+ WARN_ON(1);
+- if (params.beacon_csa.probe_resp[params.counter_offset_presp] !=
+- params.count)
++ params.n_counter_offsets_presp = len / sizeof(u16);
++ if (rdev->wiphy.max_num_csa_counters &&
++ (params.n_counter_offsets_beacon >
++ rdev->wiphy.max_num_csa_counters))
+ return -EINVAL;
++
++ params.counter_offsets_presp =
++ nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
++
++ /* sanity checks - counters should fit and be the same */
++ for (i = 0; i < params.n_counter_offsets_presp; i++) {
++ u16 offset = params.counter_offsets_presp[i];
++
++ if (offset >= params.beacon_csa.probe_resp_len)
++ return -EINVAL;
++
++ if (params.beacon_csa.probe_resp[offset] !=
++ params.count)
++ return -EINVAL;
++ }
}
-- if (channel_type != NL80211_CHAN_NO_HT)
-- ichan->chanmode = ath9k_get_extchanmode(chan, channel_type);
-+ ichan->channelFlags = flags;
- }
--EXPORT_SYMBOL(ath9k_cmn_update_ichannel);
-
- /*
- * Get the internal channel reference.
- */
--struct ath9k_channel *ath9k_cmn_get_curchannel(struct ieee80211_hw *hw,
-- struct ath_hw *ah)
-+struct ath9k_channel *ath9k_cmn_get_channel(struct ieee80211_hw *hw,
-+ struct ath_hw *ah,
-+ struct cfg80211_chan_def *chandef)
- {
-- struct ieee80211_channel *curchan = hw->conf.chandef.chan;
-+ struct ieee80211_channel *curchan = chandef->chan;
- struct ath9k_channel *channel;
- u8 chan_idx;
-
- chan_idx = curchan->hw_value;
- channel = &ah->channels[chan_idx];
-- ath9k_cmn_update_ichannel(channel, curchan,
-- cfg80211_get_chandef_type(&hw->conf.chandef));
-+ ath9k_cmn_update_ichannel(channel, chandef);
-
- return channel;
- }
--EXPORT_SYMBOL(ath9k_cmn_get_curchannel);
-+EXPORT_SYMBOL(ath9k_cmn_get_channel);
+ skip_beacons:
+@@ -7793,6 +7833,27 @@ static int nl80211_tx_mgmt(struct sk_buf
+ if (!chandef.chan && params.offchan)
+ return -EINVAL;
- int ath9k_cmn_count_streams(unsigned int chainmask, int max)
- {
---- a/drivers/net/wireless/ath/ath9k/common.h
-+++ b/drivers/net/wireless/ath/ath9k/common.h
-@@ -43,11 +43,9 @@
- (((x) + ((mul)/2)) / (mul))
-
- int ath9k_cmn_get_hw_crypto_keytype(struct sk_buff *skb);
--void ath9k_cmn_update_ichannel(struct ath9k_channel *ichan,
-- struct ieee80211_channel *chan,
-- enum nl80211_channel_type channel_type);
--struct ath9k_channel *ath9k_cmn_get_curchannel(struct ieee80211_hw *hw,
-- struct ath_hw *ah);
-+struct ath9k_channel *ath9k_cmn_get_channel(struct ieee80211_hw *hw,
-+ struct ath_hw *ah,
-+ struct cfg80211_chan_def *chandef);
- int ath9k_cmn_count_streams(unsigned int chainmask, int max);
- void ath9k_cmn_btcoex_bt_stomp(struct ath_common *common,
- enum ath_stomp_type stomp_type);
---- a/drivers/net/wireless/ath/ath9k/hif_usb.c
-+++ b/drivers/net/wireless/ath/ath9k/hif_usb.c
-@@ -115,10 +115,10 @@ static int hif_usb_send_regout(struct hi
- cmd->skb = skb;
- cmd->hif_dev = hif_dev;
-
-- usb_fill_bulk_urb(urb, hif_dev->udev,
-- usb_sndbulkpipe(hif_dev->udev, USB_REG_OUT_PIPE),
-+ usb_fill_int_urb(urb, hif_dev->udev,
-+ usb_sndintpipe(hif_dev->udev, USB_REG_OUT_PIPE),
- skb->data, skb->len,
-- hif_usb_regout_cb, cmd);
-+ hif_usb_regout_cb, cmd, 1);
-
- usb_anchor_urb(urb, &hif_dev->regout_submitted);
- ret = usb_submit_urb(urb, GFP_KERNEL);
-@@ -723,11 +723,11 @@ static void ath9k_hif_usb_reg_in_cb(stru
- return;
++ params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
++ params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
++
++ if (info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]) {
++ int len = nla_len(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
++ int i;
++
++ if (len % sizeof(u16))
++ return -EINVAL;
++
++ params.n_csa_offsets = len / sizeof(u16);
++ params.csa_offsets =
++ nla_data(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
++
++ /* check that all the offsets fit the frame */
++ for (i = 0; i < params.n_csa_offsets; i++) {
++ if (params.csa_offsets[i] >= params.len)
++ return -EINVAL;
++ }
++ }
++
+ if (!params.dont_wait_for_ack) {
+ msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
+ if (!msg)
+@@ -7807,8 +7868,6 @@ static int nl80211_tx_mgmt(struct sk_buf
}
-
-- usb_fill_bulk_urb(urb, hif_dev->udev,
-- usb_rcvbulkpipe(hif_dev->udev,
-+ usb_fill_int_urb(urb, hif_dev->udev,
-+ usb_rcvintpipe(hif_dev->udev,
- USB_REG_IN_PIPE),
- nskb->data, MAX_REG_IN_BUF_SIZE,
-- ath9k_hif_usb_reg_in_cb, nskb);
-+ ath9k_hif_usb_reg_in_cb, nskb, 1);
}
- resubmit:
-@@ -909,11 +909,11 @@ static int ath9k_hif_usb_alloc_reg_in_ur
- goto err_skb;
- }
+- params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
+- params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
+ params.chan = chandef.chan;
+ err = cfg80211_mlme_mgmt_tx(rdev, wdev, ¶ms, &cookie);
+ if (err)
+@@ -8507,6 +8566,8 @@ static int nl80211_set_wowlan(struct sk_
-- usb_fill_bulk_urb(urb, hif_dev->udev,
-- usb_rcvbulkpipe(hif_dev->udev,
-+ usb_fill_int_urb(urb, hif_dev->udev,
-+ usb_rcvintpipe(hif_dev->udev,
- USB_REG_IN_PIPE),
- skb->data, MAX_REG_IN_BUF_SIZE,
-- ath9k_hif_usb_reg_in_cb, skb);
-+ ath9k_hif_usb_reg_in_cb, skb, 1);
+ nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
+ rem) {
++ u8 *mask_pat;
++
+ nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
+ nla_len(pat), NULL);
+ err = -EINVAL;
+@@ -8530,19 +8591,18 @@ static int nl80211_set_wowlan(struct sk_
+ goto error;
+ new_triggers.patterns[i].pkt_offset = pkt_offset;
- /* Anchor URB */
- usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
-@@ -1031,9 +1031,7 @@ static int ath9k_hif_usb_download_fw(str
+- new_triggers.patterns[i].mask =
+- kmalloc(mask_len + pat_len, GFP_KERNEL);
+- if (!new_triggers.patterns[i].mask) {
++ mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
++ if (!mask_pat) {
+ err = -ENOMEM;
+ goto error;
+ }
+- new_triggers.patterns[i].pattern =
+- new_triggers.patterns[i].mask + mask_len;
+- memcpy(new_triggers.patterns[i].mask,
+- nla_data(pat_tb[NL80211_PKTPAT_MASK]),
++ new_triggers.patterns[i].mask = mask_pat;
++ memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
+ mask_len);
++ mask_pat += mask_len;
++ new_triggers.patterns[i].pattern = mask_pat;
+ new_triggers.patterns[i].pattern_len = pat_len;
+- memcpy(new_triggers.patterns[i].pattern,
++ memcpy(mask_pat,
+ nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
+ pat_len);
+ i++;
+@@ -8735,6 +8795,8 @@ static int nl80211_parse_coalesce_rule(s
- static int ath9k_hif_usb_dev_init(struct hif_device_usb *hif_dev)
- {
-- struct usb_host_interface *alt = &hif_dev->interface->altsetting[0];
-- struct usb_endpoint_descriptor *endp;
-- int ret, idx;
-+ int ret;
+ nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
+ rem) {
++ u8 *mask_pat;
++
+ nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
+ nla_len(pat), NULL);
+ if (!pat_tb[NL80211_PKTPAT_MASK] ||
+@@ -8756,17 +8818,19 @@ static int nl80211_parse_coalesce_rule(s
+ return -EINVAL;
+ new_rule->patterns[i].pkt_offset = pkt_offset;
- ret = ath9k_hif_usb_download_fw(hif_dev);
- if (ret) {
-@@ -1043,20 +1041,6 @@ static int ath9k_hif_usb_dev_init(struct
- return ret;
+- new_rule->patterns[i].mask =
+- kmalloc(mask_len + pat_len, GFP_KERNEL);
+- if (!new_rule->patterns[i].mask)
++ mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
++ if (!mask_pat)
+ return -ENOMEM;
+- new_rule->patterns[i].pattern =
+- new_rule->patterns[i].mask + mask_len;
+- memcpy(new_rule->patterns[i].mask,
+- nla_data(pat_tb[NL80211_PKTPAT_MASK]), mask_len);
++
++ new_rule->patterns[i].mask = mask_pat;
++ memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
++ mask_len);
++
++ mask_pat += mask_len;
++ new_rule->patterns[i].pattern = mask_pat;
+ new_rule->patterns[i].pattern_len = pat_len;
+- memcpy(new_rule->patterns[i].pattern,
+- nla_data(pat_tb[NL80211_PKTPAT_PATTERN]), pat_len);
++ memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
++ pat_len);
+ i++;
}
-- /* On downloading the firmware to the target, the USB descriptor of EP4
-- * is 'patched' to change the type of the endpoint to Bulk. This will
-- * bring down CPU usage during the scan period.
-- */
-- for (idx = 0; idx < alt->desc.bNumEndpoints; idx++) {
-- endp = &alt->endpoint[idx].desc;
-- if ((endp->bmAttributes & USB_ENDPOINT_XFERTYPE_MASK)
-- == USB_ENDPOINT_XFER_INT) {
-- endp->bmAttributes &= ~USB_ENDPOINT_XFERTYPE_MASK;
-- endp->bmAttributes |= USB_ENDPOINT_XFER_BULK;
-- endp->bInterval = 0;
-- }
-- }
--
- /* Alloc URBs */
- ret = ath9k_hif_usb_alloc_urbs(hif_dev);
- if (ret) {
-@@ -1268,7 +1252,7 @@ static void ath9k_hif_usb_reboot(struct
- if (!buf)
- return;
+--- a/net/wireless/sme.c
++++ b/net/wireless/sme.c
+@@ -149,7 +149,8 @@ static int cfg80211_conn_do_work(struct
+ case CFG80211_CONN_SCAN_AGAIN:
+ return cfg80211_conn_scan(wdev);
+ case CFG80211_CONN_AUTHENTICATE_NEXT:
+- BUG_ON(!rdev->ops->auth);
++ if (WARN_ON(!rdev->ops->auth))
++ return -EOPNOTSUPP;
+ wdev->conn->state = CFG80211_CONN_AUTHENTICATING;
+ return cfg80211_mlme_auth(rdev, wdev->netdev,
+ params->channel, params->auth_type,
+@@ -161,7 +162,8 @@ static int cfg80211_conn_do_work(struct
+ case CFG80211_CONN_AUTH_FAILED:
+ return -ENOTCONN;
+ case CFG80211_CONN_ASSOCIATE_NEXT:
+- BUG_ON(!rdev->ops->assoc);
++ if (WARN_ON(!rdev->ops->assoc))
++ return -EOPNOTSUPP;
+ wdev->conn->state = CFG80211_CONN_ASSOCIATING;
+ if (wdev->conn->prev_bssid_valid)
+ req.prev_bssid = wdev->conn->prev_bssid;
+@@ -877,7 +879,7 @@ void __cfg80211_disconnected(struct net_
+ }
-- ret = usb_bulk_msg(udev, usb_sndbulkpipe(udev, USB_REG_OUT_PIPE),
-+ ret = usb_interrupt_msg(udev, usb_sndintpipe(udev, USB_REG_OUT_PIPE),
- buf, 4, NULL, HZ);
- if (ret)
- dev_err(&udev->dev, "ath9k_htc: USB reboot failed\n");
---- a/drivers/net/wireless/ath/ath9k/htc_drv_main.c
-+++ b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
-@@ -24,30 +24,10 @@
- static enum htc_phymode ath9k_htc_get_curmode(struct ath9k_htc_priv *priv,
- struct ath9k_channel *ichan)
+ void cfg80211_disconnected(struct net_device *dev, u16 reason,
+- u8 *ie, size_t ie_len, gfp_t gfp)
++ const u8 *ie, size_t ie_len, gfp_t gfp)
{
-- enum htc_phymode mode;
--
-- mode = -EINVAL;
--
-- switch (ichan->chanmode) {
-- case CHANNEL_G:
-- case CHANNEL_G_HT20:
-- case CHANNEL_G_HT40PLUS:
-- case CHANNEL_G_HT40MINUS:
-- mode = HTC_MODE_11NG;
-- break;
-- case CHANNEL_A:
-- case CHANNEL_A_HT20:
-- case CHANNEL_A_HT40PLUS:
-- case CHANNEL_A_HT40MINUS:
-- mode = HTC_MODE_11NA;
-- break;
-- default:
-- break;
-- }
-+ if (IS_CHAN_5GHZ(ichan))
-+ return HTC_MODE_11NA;
-
-- WARN_ON(mode < 0);
--
-- return mode;
-+ return HTC_MODE_11NG;
- }
+ struct wireless_dev *wdev = dev->ieee80211_ptr;
+ struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
+--- a/net/wireless/trace.h
++++ b/net/wireless/trace.h
+@@ -1876,29 +1876,33 @@ TRACE_EVENT(rdev_channel_switch,
+ WIPHY_ENTRY
+ NETDEV_ENTRY
+ CHAN_DEF_ENTRY
+- __field(u16, counter_offset_beacon)
+- __field(u16, counter_offset_presp)
+ __field(bool, radar_required)
+ __field(bool, block_tx)
+ __field(u8, count)
++ __dynamic_array(u16, bcn_ofs, params->n_counter_offsets_beacon)
++ __dynamic_array(u16, pres_ofs, params->n_counter_offsets_presp)
+ ),
+ TP_fast_assign(
+ WIPHY_ASSIGN;
+ NETDEV_ASSIGN;
+ CHAN_DEF_ASSIGN(¶ms->chandef);
+- __entry->counter_offset_beacon = params->counter_offset_beacon;
+- __entry->counter_offset_presp = params->counter_offset_presp;
+ __entry->radar_required = params->radar_required;
+ __entry->block_tx = params->block_tx;
+ __entry->count = params->count;
++ memcpy(__get_dynamic_array(bcn_ofs),
++ params->counter_offsets_beacon,
++ params->n_counter_offsets_beacon * sizeof(u16));
++
++ /* probe response offsets are optional */
++ if (params->n_counter_offsets_presp)
++ memcpy(__get_dynamic_array(pres_ofs),
++ params->counter_offsets_presp,
++ params->n_counter_offsets_presp * sizeof(u16));
+ ),
+ TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", " CHAN_DEF_PR_FMT
+- ", block_tx: %d, count: %u, radar_required: %d"
+- ", counter offsets (beacon/presp): %u/%u",
++ ", block_tx: %d, count: %u, radar_required: %d",
+ WIPHY_PR_ARG, NETDEV_PR_ARG, CHAN_DEF_PR_ARG,
+- __entry->block_tx, __entry->count, __entry->radar_required,
+- __entry->counter_offset_beacon,
+- __entry->counter_offset_presp)
++ __entry->block_tx, __entry->count, __entry->radar_required)
+ );
- bool ath9k_htc_setpower(struct ath9k_htc_priv *priv,
-@@ -926,7 +906,7 @@ static int ath9k_htc_start(struct ieee80
- WMI_CMD(WMI_FLUSH_RECV_CMDID);
+ TRACE_EVENT(rdev_set_qos_map,
+@@ -2636,6 +2640,21 @@ TRACE_EVENT(cfg80211_ft_event,
+ WIPHY_PR_ARG, NETDEV_PR_ARG, MAC_PR_ARG(target_ap))
+ );
- /* setup initial channel */
-- init_channel = ath9k_cmn_get_curchannel(hw, ah);
-+ init_channel = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
++TRACE_EVENT(cfg80211_stop_iface,
++ TP_PROTO(struct wiphy *wiphy, struct wireless_dev *wdev),
++ TP_ARGS(wiphy, wdev),
++ TP_STRUCT__entry(
++ WIPHY_ENTRY
++ WDEV_ENTRY
++ ),
++ TP_fast_assign(
++ WIPHY_ASSIGN;
++ WDEV_ASSIGN;
++ ),
++ TP_printk(WIPHY_PR_FMT ", " WDEV_PR_FMT,
++ WIPHY_PR_ARG, WDEV_PR_ARG)
++);
++
+ #endif /* !__RDEV_OPS_TRACE || TRACE_HEADER_MULTI_READ */
- ret = ath9k_hw_reset(ah, init_channel, ah->caldata, false);
- if (ret) {
-@@ -1203,17 +1183,12 @@ static int ath9k_htc_config(struct ieee8
+ #undef TRACE_INCLUDE_PATH
+--- a/net/wireless/util.c
++++ b/net/wireless/util.c
+@@ -476,7 +476,8 @@ int ieee80211_data_to_8023(struct sk_buf
+ EXPORT_SYMBOL(ieee80211_data_to_8023);
- if ((changed & IEEE80211_CONF_CHANGE_CHANNEL) || chip_reset) {
- struct ieee80211_channel *curchan = hw->conf.chandef.chan;
-- enum nl80211_channel_type channel_type =
-- cfg80211_get_chandef_type(&hw->conf.chandef);
- int pos = curchan->hw_value;
+ int ieee80211_data_from_8023(struct sk_buff *skb, const u8 *addr,
+- enum nl80211_iftype iftype, u8 *bssid, bool qos)
++ enum nl80211_iftype iftype,
++ const u8 *bssid, bool qos)
+ {
+ struct ieee80211_hdr hdr;
+ u16 hdrlen, ethertype;
+@@ -839,6 +840,9 @@ void cfg80211_process_wdev_events(struct
+ __cfg80211_ibss_joined(wdev->netdev, ev->ij.bssid,
+ ev->ij.channel);
+ break;
++ case EVENT_STOPPED:
++ __cfg80211_leave(wiphy_to_rdev(wdev->wiphy), wdev);
++ break;
+ }
+ wdev_unlock(wdev);
- ath_dbg(common, CONFIG, "Set channel: %d MHz\n",
- curchan->center_freq);
+@@ -1271,10 +1275,20 @@ int cfg80211_iter_combinations(struct wi
+ void *data),
+ void *data)
+ {
++ const struct ieee80211_regdomain *regdom;
++ enum nl80211_dfs_regions region = 0;
+ int i, j, iftype;
+ int num_interfaces = 0;
+ u32 used_iftypes = 0;
-- ath9k_cmn_update_ichannel(&priv->ah->channels[pos],
-- hw->conf.chandef.chan,
-- channel_type);
--
-+ ath9k_cmn_get_channel(hw, priv->ah, &hw->conf.chandef);
- if (ath9k_htc_set_channel(priv, hw, &priv->ah->channels[pos]) < 0) {
- ath_err(common, "Unable to set channel\n");
- ret = -EINVAL;
---- a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
-+++ b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
-@@ -448,6 +448,7 @@ static void ath9k_htc_tx_process(struct
- struct ieee80211_conf *cur_conf = &priv->hw->conf;
- bool txok;
- int slot;
-+ int hdrlen, padsize;
-
- slot = strip_drv_header(priv, skb);
- if (slot < 0) {
-@@ -504,6 +505,15 @@ send_mac80211:
-
- ath9k_htc_tx_clear_slot(priv, slot);
-
-+ /* Remove padding before handing frame back to mac80211 */
-+ hdrlen = ieee80211_get_hdrlen_from_skb(skb);
-+
-+ padsize = hdrlen & 3;
-+ if (padsize && skb->len > hdrlen + padsize) {
-+ memmove(skb->data + padsize, skb->data, hdrlen);
-+ skb_pull(skb, padsize);
++ if (radar_detect) {
++ rcu_read_lock();
++ regdom = rcu_dereference(cfg80211_regdomain);
++ if (regdom)
++ region = regdom->dfs_region;
++ rcu_read_unlock();
+ }
+
- /* Send status to mac80211 */
- ieee80211_tx_status(priv->hw, skb);
- }
---- a/drivers/net/wireless/ath/ath9k/link.c
-+++ b/drivers/net/wireless/ath/ath9k/link.c
-@@ -41,7 +41,7 @@ void ath_tx_complete_poll_work(struct wo
- txq->axq_tx_inprogress = true;
- }
- }
-- ath_txq_unlock_complete(sc, txq);
-+ ath_txq_unlock(sc, txq);
- }
+ for (iftype = 0; iftype < NUM_NL80211_IFTYPES; iftype++) {
+ num_interfaces += iftype_num[iftype];
+ if (iftype_num[iftype] > 0 &&
+@@ -1315,6 +1329,10 @@ int cfg80211_iter_combinations(struct wi
+ if (radar_detect != (c->radar_detect_widths & radar_detect))
+ goto cont;
- if (needreset) {
---- a/drivers/net/wireless/ath/ath9k/mac.c
-+++ b/drivers/net/wireless/ath/ath9k/mac.c
-@@ -374,7 +374,6 @@ EXPORT_SYMBOL(ath9k_hw_releasetxqueue);
- bool ath9k_hw_resettxqueue(struct ath_hw *ah, u32 q)
++ if (radar_detect && c->radar_detect_regions &&
++ !(c->radar_detect_regions & BIT(region)))
++ goto cont;
++
+ /* Finally check that all iftypes that we're currently
+ * using are actually part of this combination. If they
+ * aren't then we can't use this combination and have
+--- a/drivers/net/wireless/ath/ath9k/recv.c
++++ b/drivers/net/wireless/ath/ath9k/recv.c
+@@ -34,7 +34,8 @@ static inline bool ath9k_check_auto_slee
+ * buffer (or rx fifo). This can incorrectly acknowledge packets
+ * to a sender if last desc is self-linked.
+ */
+-static void ath_rx_buf_link(struct ath_softc *sc, struct ath_rxbuf *bf)
++static void ath_rx_buf_link(struct ath_softc *sc, struct ath_rxbuf *bf,
++ bool flush)
{
+ struct ath_hw *ah = sc->sc_ah;
struct ath_common *common = ath9k_hw_common(ah);
-- struct ath9k_channel *chan = ah->curchan;
- struct ath9k_tx_queue_info *qi;
- u32 cwMin, chanCwMin, value;
-
-@@ -387,10 +386,7 @@ bool ath9k_hw_resettxqueue(struct ath_hw
- ath_dbg(common, QUEUE, "Reset TX queue: %u\n", q);
-
- if (qi->tqi_cwmin == ATH9K_TXQ_USEDEFAULT) {
-- if (chan && IS_CHAN_B(chan))
-- chanCwMin = INIT_CWMIN_11B;
-- else
-- chanCwMin = INIT_CWMIN;
-+ chanCwMin = INIT_CWMIN;
-
- for (cwMin = 1; cwMin < chanCwMin; cwMin = (cwMin << 1) | 1);
- } else
-@@ -583,9 +579,9 @@ int ath9k_hw_rxprocdesc(struct ath_hw *a
- rs->rs_rate = MS(ads.ds_rxstatus0, AR_RxRate);
- rs->rs_more = (ads.ds_rxstatus1 & AR_RxMore) ? 1 : 0;
-
-+ rs->rs_firstaggr = (ads.ds_rxstatus8 & AR_RxFirstAggr) ? 1 : 0;
- rs->rs_isaggr = (ads.ds_rxstatus8 & AR_RxAggr) ? 1 : 0;
-- rs->rs_moreaggr =
-- (ads.ds_rxstatus8 & AR_RxMoreAggr) ? 1 : 0;
-+ rs->rs_moreaggr = (ads.ds_rxstatus8 & AR_RxMoreAggr) ? 1 : 0;
- rs->rs_antenna = MS(ads.ds_rxstatus3, AR_RxAntenna);
-
- /* directly mapped flags for ieee80211_rx_status */
---- a/drivers/net/wireless/ath/ath9k/mac.h
-+++ b/drivers/net/wireless/ath/ath9k/mac.h
-@@ -140,6 +140,7 @@ struct ath_rx_status {
- int8_t rs_rssi_ext1;
- int8_t rs_rssi_ext2;
- u8 rs_isaggr;
-+ u8 rs_firstaggr;
- u8 rs_moreaggr;
- u8 rs_num_delims;
- u8 rs_flags;
-@@ -569,6 +570,7 @@ struct ar5416_desc {
- #define AR_RxAggr 0x00020000
- #define AR_PostDelimCRCErr 0x00040000
- #define AR_RxStatusRsvd71 0x3ff80000
-+#define AR_RxFirstAggr 0x20000000
- #define AR_DecryptBusyErr 0x40000000
- #define AR_KeyMiss 0x80000000
-
-@@ -601,8 +603,6 @@ enum ath9k_tx_queue_flags {
- #define ATH9K_TXQ_USE_LOCKOUT_BKOFF_DIS 0x00000001
-
- #define ATH9K_DECOMP_MASK_SIZE 128
--#define ATH9K_READY_TIME_LO_BOUND 50
--#define ATH9K_READY_TIME_HI_BOUND 96
-
- enum ath9k_pkt_type {
- ATH9K_PKT_TYPE_NORMAL = 0,
---- a/drivers/net/wireless/ath/ath9k/rc.c
-+++ b/drivers/net/wireless/ath/ath9k/rc.c
-@@ -1324,8 +1324,8 @@ static void ath_rate_update(void *priv,
- ath_rc_init(sc, priv_sta);
-
- ath_dbg(ath9k_hw_common(sc->sc_ah), CONFIG,
-- "Operating HT Bandwidth changed to: %d\n",
-- cfg80211_get_chandef_type(&sc->hw->conf.chandef));
-+ "Operating Bandwidth changed to: %d\n",
-+ sc->hw->conf.chandef.width);
- }
+@@ -59,18 +60,19 @@ static void ath_rx_buf_link(struct ath_s
+ common->rx_bufsize,
+ 0);
+
+- if (sc->rx.rxlink == NULL)
+- ath9k_hw_putrxbuf(ah, bf->bf_daddr);
+- else
++ if (sc->rx.rxlink)
+ *sc->rx.rxlink = bf->bf_daddr;
++ else if (!flush)
++ ath9k_hw_putrxbuf(ah, bf->bf_daddr);
+
+ sc->rx.rxlink = &ds->ds_link;
}
---- a/drivers/net/wireless/ath/ath9k/reg.h
-+++ b/drivers/net/wireless/ath/ath9k/reg.h
-@@ -893,9 +893,9 @@
-
- #define AR_SREV_9485(_ah) \
- (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9485))
--#define AR_SREV_9485_11(_ah) \
-- (AR_SREV_9485(_ah) && \
-- ((_ah)->hw_version.macRev == AR_SREV_REVISION_9485_11))
-+#define AR_SREV_9485_11_OR_LATER(_ah) \
-+ (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9485) && \
-+ ((_ah)->hw_version.macRev >= AR_SREV_REVISION_9485_11))
- #define AR_SREV_9485_OR_LATER(_ah) \
- (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9485))
+-static void ath_rx_buf_relink(struct ath_softc *sc, struct ath_rxbuf *bf)
++static void ath_rx_buf_relink(struct ath_softc *sc, struct ath_rxbuf *bf,
++ bool flush)
+ {
+ if (sc->rx.buf_hold)
+- ath_rx_buf_link(sc, sc->rx.buf_hold);
++ ath_rx_buf_link(sc, sc->rx.buf_hold, flush);
---- a/net/mac80211/main.c
-+++ b/net/mac80211/main.c
-@@ -101,7 +101,7 @@ static u32 ieee80211_hw_conf_chan(struct
- struct ieee80211_sub_if_data *sdata;
- struct cfg80211_chan_def chandef = {};
- u32 changed = 0;
-- int power;
-+ int power = 0;
- u32 offchannel_flag;
-
- offchannel_flag = local->hw.conf.flags & IEEE80211_CONF_OFFCHANNEL;
-@@ -155,16 +155,16 @@ static u32 ieee80211_hw_conf_chan(struct
- changed |= IEEE80211_CONF_CHANGE_SMPS;
+ sc->rx.buf_hold = bf;
+ }
+@@ -442,7 +444,7 @@ int ath_startrecv(struct ath_softc *sc)
+ sc->rx.buf_hold = NULL;
+ sc->rx.rxlink = NULL;
+ list_for_each_entry_safe(bf, tbf, &sc->rx.rxbuf, list) {
+- ath_rx_buf_link(sc, bf);
++ ath_rx_buf_link(sc, bf, false);
}
-- power = chandef.chan->max_power;
--
- rcu_read_lock();
- list_for_each_entry_rcu(sdata, &local->interfaces, list) {
- if (!rcu_access_pointer(sdata->vif.chanctx_conf))
- continue;
-- power = min(power, sdata->vif.bss_conf.txpower);
-+ power = max(power, sdata->vif.bss_conf.txpower);
- }
- rcu_read_unlock();
+ /* We could have deleted elements so the list may be empty now */
+@@ -1118,12 +1120,12 @@ requeue_drop_frag:
+ requeue:
+ list_add_tail(&bf->list, &sc->rx.rxbuf);
-+ power = min(power, chandef.chan->max_power);
-+
- if (local->hw.conf.power_level != power) {
- changed |= IEEE80211_CONF_CHANGE_POWER;
- local->hw.conf.power_level = power;
---- a/net/mac80211/status.c
-+++ b/net/mac80211/status.c
-@@ -180,6 +180,9 @@ static void ieee80211_frame_acked(struct
- struct ieee80211_local *local = sta->local;
- struct ieee80211_sub_if_data *sdata = sta->sdata;
-
-+ if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
-+ sta->last_rx = jiffies;
-+
- if (ieee80211_is_data_qos(mgmt->frame_control)) {
- struct ieee80211_hdr *hdr = (void *) skb->data;
- u8 *qc = ieee80211_get_qos_ctl(hdr);
---- a/drivers/net/wireless/ath/ath9k/ani.c
-+++ b/drivers/net/wireless/ath/ath9k/ani.c
-@@ -341,10 +341,9 @@ void ath9k_ani_reset(struct ath_hw *ah,
- aniState->cckNoiseImmunityLevel !=
- ATH9K_ANI_CCK_DEF_LEVEL) {
- ath_dbg(common, ANI,
-- "Restore defaults: opmode %u chan %d Mhz/0x%x is_scanning=%d ofdm:%d cck:%d\n",
-+ "Restore defaults: opmode %u chan %d Mhz is_scanning=%d ofdm:%d cck:%d\n",
- ah->opmode,
- chan->channel,
-- chan->channelFlags,
- is_scanning,
- aniState->ofdmNoiseImmunityLevel,
- aniState->cckNoiseImmunityLevel);
-@@ -357,10 +356,9 @@ void ath9k_ani_reset(struct ath_hw *ah,
- * restore historical levels for this channel
- */
- ath_dbg(common, ANI,
-- "Restore history: opmode %u chan %d Mhz/0x%x is_scanning=%d ofdm:%d cck:%d\n",
-+ "Restore history: opmode %u chan %d Mhz is_scanning=%d ofdm:%d cck:%d\n",
- ah->opmode,
- chan->channel,
-- chan->channelFlags,
- is_scanning,
- aniState->ofdmNoiseImmunityLevel,
- aniState->cckNoiseImmunityLevel);
---- a/drivers/net/wireless/ath/ath9k/ar9002_calib.c
-+++ b/drivers/net/wireless/ath/ath9k/ar9002_calib.c
-@@ -33,15 +33,12 @@ static bool ar9002_hw_is_cal_supported(s
- bool supported = false;
- switch (ah->supp_cals & cal_type) {
- case IQ_MISMATCH_CAL:
-- /* Run IQ Mismatch for non-CCK only */
-- if (!IS_CHAN_B(chan))
-- supported = true;
-+ supported = true;
- break;
- case ADC_GAIN_CAL:
- case ADC_DC_CAL:
- /* Run ADC Gain Cal for non-CCK & non 2GHz-HT20 only */
-- if (!IS_CHAN_B(chan) &&
-- !((IS_CHAN_2GHZ(chan) || IS_CHAN_A_FAST_CLOCK(ah, chan)) &&
-+ if (!((IS_CHAN_2GHZ(chan) || IS_CHAN_A_FAST_CLOCK(ah, chan)) &&
- IS_CHAN_HT20(chan)))
- supported = true;
- break;
---- a/drivers/net/wireless/ath/ath9k/calib.c
-+++ b/drivers/net/wireless/ath/ath9k/calib.c
-@@ -186,7 +186,6 @@ void ath9k_hw_reset_calibration(struct a
- bool ath9k_hw_reset_calvalid(struct ath_hw *ah)
- {
- struct ath_common *common = ath9k_hw_common(ah);
-- struct ieee80211_conf *conf = &common->hw->conf;
- struct ath9k_cal_list *currCal = ah->cal_list_curr;
-
- if (!ah->caldata)
-@@ -208,7 +207,7 @@ bool ath9k_hw_reset_calvalid(struct ath_
- return true;
-
- ath_dbg(common, CALIBRATE, "Resetting Cal %d state for channel %u\n",
-- currCal->calData->calType, conf->chandef.chan->center_freq);
-+ currCal->calData->calType, ah->curchan->chan->center_freq);
-
- ah->caldata->CalValid &= ~currCal->calData->calType;
- currCal->calState = CAL_WAITING;
-@@ -242,7 +241,6 @@ void ath9k_hw_loadnf(struct ath_hw *ah,
- int32_t val;
- u8 chainmask = (ah->rxchainmask << 3) | ah->rxchainmask;
- struct ath_common *common = ath9k_hw_common(ah);
-- struct ieee80211_conf *conf = &common->hw->conf;
- s16 default_nf = ath9k_hw_get_default_nf(ah, chan);
-
- if (ah->caldata)
-@@ -252,7 +250,7 @@ void ath9k_hw_loadnf(struct ath_hw *ah,
- if (chainmask & (1 << i)) {
- s16 nfval;
-
-- if ((i >= AR5416_MAX_CHAINS) && !conf_is_ht40(conf))
-+ if ((i >= AR5416_MAX_CHAINS) && !IS_CHAN_HT40(chan))
- continue;
-
- if (h)
-@@ -314,7 +312,7 @@ void ath9k_hw_loadnf(struct ath_hw *ah,
- ENABLE_REGWRITE_BUFFER(ah);
- for (i = 0; i < NUM_NF_READINGS; i++) {
- if (chainmask & (1 << i)) {
-- if ((i >= AR5416_MAX_CHAINS) && !conf_is_ht40(conf))
-+ if ((i >= AR5416_MAX_CHAINS) && !IS_CHAN_HT40(chan))
- continue;
-
- val = REG_READ(ah, ah->nf_regs[i]);
-@@ -408,7 +406,6 @@ void ath9k_init_nfcal_hist_buffer(struct
-
- ah->caldata->channel = chan->channel;
- ah->caldata->channelFlags = chan->channelFlags;
-- ah->caldata->chanmode = chan->chanmode;
- h = ah->caldata->nfCalHist;
- default_nf = ath9k_hw_get_default_nf(ah, chan);
- for (i = 0; i < NUM_NF_READINGS; i++) {
---- a/drivers/net/wireless/ath/ath9k/mci.c
-+++ b/drivers/net/wireless/ath/ath9k/mci.c
-@@ -661,9 +661,9 @@ void ath9k_mci_update_wlan_channels(stru
- chan_start = wlan_chan - 10;
- chan_end = wlan_chan + 10;
-
-- if (chan->chanmode == CHANNEL_G_HT40PLUS)
-+ if (IS_CHAN_HT40PLUS(chan))
- chan_end += 20;
-- else if (chan->chanmode == CHANNEL_G_HT40MINUS)
-+ else if (IS_CHAN_HT40MINUS(chan))
- chan_start -= 20;
-
- /* adjust side band */
-@@ -707,11 +707,11 @@ void ath9k_mci_set_txpower(struct ath_so
-
- if (setchannel) {
- struct ath9k_hw_cal_data *caldata = &sc->caldata;
-- if ((caldata->chanmode == CHANNEL_G_HT40PLUS) &&
-+ if (IS_CHAN_HT40PLUS(ah->curchan) &&
- (ah->curchan->channel > caldata->channel) &&
- (ah->curchan->channel <= caldata->channel + 20))
- return;
-- if ((caldata->chanmode == CHANNEL_G_HT40MINUS) &&
-+ if (IS_CHAN_HT40MINUS(ah->curchan) &&
- (ah->curchan->channel < caldata->channel) &&
- (ah->curchan->channel >= caldata->channel - 20))
- return;
+- if (edma) {
+- ath_rx_edma_buf_link(sc, qtype);
+- } else {
+- ath_rx_buf_relink(sc, bf);
++ if (!edma) {
++ ath_rx_buf_relink(sc, bf, flush);
+ if (!flush)
+ ath9k_hw_rxena(ah);
++ } else if (!flush) {
++ ath_rx_edma_buf_link(sc, qtype);
+ }
+
+ if (!budget--)