TEST(MFP), TEST(BLOCK_BA), TEST(PSPOLL),
TEST(UAPSD), TEST(SP), TEST(TDLS_PEER),
TEST(TDLS_PEER_AUTH), TEST(4ADDR_EVENT),
+@@ -455,6 +455,15 @@ void ieee80211_sta_debugfs_add(struct st
+ DEBUGFS_ADD_COUNTER(tx_retry_count, tx_retry_count);
+ DEBUGFS_ADD_COUNTER(wep_weak_iv_count, wep_weak_iv_count);
+
++ if (sizeof(sta->driver_buffered_tids) == sizeof(u32))
++ debugfs_create_x32("driver_buffered_tids", 0400,
++ sta->debugfs.dir,
++ (u32 *)&sta->driver_buffered_tids);
++ else
++ debugfs_create_x64("driver_buffered_tids", 0400,
++ sta->debugfs.dir,
++ (u64 *)&sta->driver_buffered_tids);
++
+ drv_sta_add_debugfs(local, sdata, &sta->sta, sta->debugfs.dir);
+ }
+
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
-@@ -463,7 +463,6 @@ int ieee80211_do_open(struct wireless_de
+@@ -274,6 +274,12 @@ static int ieee80211_check_concurrent_if
+ if (iftype == NL80211_IFTYPE_ADHOC &&
+ nsdata->vif.type == NL80211_IFTYPE_ADHOC)
+ return -EBUSY;
++ /*
++ * will not add another interface while any channel
++ * switch is active.
++ */
++ if (nsdata->vif.csa_active)
++ return -EBUSY;
+
+ /*
+ * The remaining checks are only performed for interfaces
+@@ -463,7 +469,6 @@ int ieee80211_do_open(struct wireless_de
struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
struct net_device *dev = wdev->netdev;
struct ieee80211_local *local = sdata->local;
u32 changed = 0;
int res;
u32 hw_reconf_flags = 0;
-@@ -629,30 +628,8 @@ int ieee80211_do_open(struct wireless_de
+@@ -629,30 +634,8 @@ int ieee80211_do_open(struct wireless_de
set_bit(SDATA_STATE_RUNNING, &sdata->state);
/*
* set_multicast_list will be invoked by the networking core
-@@ -1116,6 +1093,74 @@ static void ieee80211_if_setup(struct ne
+@@ -809,6 +792,8 @@ static void ieee80211_do_stop(struct iee
+ cancel_work_sync(&local->dynamic_ps_enable_work);
+
+ cancel_work_sync(&sdata->recalc_smps);
++ sdata->vif.csa_active = false;
++ cancel_work_sync(&sdata->csa_finalize_work);
+
+ cancel_delayed_work_sync(&sdata->dfs_cac_timer_work);
+
+@@ -1116,6 +1101,74 @@ static void ieee80211_if_setup(struct ne
dev->destructor = free_netdev;
}
static void ieee80211_iface_work(struct work_struct *work)
{
struct ieee80211_sub_if_data *sdata =
-@@ -1220,6 +1265,9 @@ static void ieee80211_iface_work(struct
+@@ -1220,6 +1273,9 @@ static void ieee80211_iface_work(struct
break;
ieee80211_mesh_rx_queued_mgmt(sdata, skb);
break;
default:
WARN(1, "frame for unexpected interface type");
break;
+@@ -1282,6 +1338,7 @@ static void ieee80211_setup_sdata(struct
+ skb_queue_head_init(&sdata->skb_queue);
+ INIT_WORK(&sdata->work, ieee80211_iface_work);
+ INIT_WORK(&sdata->recalc_smps, ieee80211_recalc_smps_work);
++ INIT_WORK(&sdata->csa_finalize_work, ieee80211_csa_finalize_work);
+
+ switch (type) {
+ case NL80211_IFTYPE_P2P_GO:
--- a/net/mac80211/rc80211_minstrel_ht.c
+++ b/net/mac80211/rc80211_minstrel_ht.c
-@@ -804,10 +804,18 @@ minstrel_ht_get_rate(void *priv, struct
+@@ -365,6 +365,14 @@ minstrel_ht_update_stats(struct minstrel
+ }
+ }
+
++#ifdef CPTCFG_MAC80211_DEBUGFS
++ /* use fixed index if set */
++ if (mp->fixed_rate_idx != -1) {
++ mi->max_tp_rate = mp->fixed_rate_idx;
++ mi->max_tp_rate2 = mp->fixed_rate_idx;
++ mi->max_prob_rate = mp->fixed_rate_idx;
++ }
++#endif
+
+ mi->stats_update = jiffies;
+ }
+@@ -774,6 +782,11 @@ minstrel_ht_get_rate(void *priv, struct
+ info->flags |= mi->tx_flags;
+ minstrel_ht_check_cck_shortpreamble(mp, mi, txrc->short_preamble);
+
++#ifdef CPTCFG_MAC80211_DEBUGFS
++ if (mp->fixed_rate_idx != -1)
++ return;
++#endif
++
+ /* Don't use EAPOL frames for sampling on non-mrr hw */
+ if (mp->hw->max_rates == 1 &&
+ txrc->skb->protocol == cpu_to_be16(ETH_P_PAE))
+@@ -781,16 +794,6 @@ minstrel_ht_get_rate(void *priv, struct
+ else
+ sample_idx = minstrel_get_sample_rate(mp, mi);
+
+-#ifdef CPTCFG_MAC80211_DEBUGFS
+- /* use fixed index if set */
+- if (mp->fixed_rate_idx != -1) {
+- mi->max_tp_rate = mp->fixed_rate_idx;
+- mi->max_tp_rate2 = mp->fixed_rate_idx;
+- mi->max_prob_rate = mp->fixed_rate_idx;
+- sample_idx = -1;
+- }
+-#endif
+-
+ mi->total_packets++;
+
+ /* wraparound */
+@@ -804,10 +807,18 @@ minstrel_ht_get_rate(void *priv, struct
sample_group = &minstrel_mcs_groups[sample_idx / MCS_GROUP_RATES];
info->flags |= IEEE80211_TX_CTL_RATE_CTRL_PROBE;
}
static void
+@@ -820,6 +831,9 @@ minstrel_ht_update_cck(struct minstrel_p
+ if (sband->band != IEEE80211_BAND_2GHZ)
+ return;
+
++ if (!(mp->hw->flags & IEEE80211_HW_SUPPORTS_HT_CCK_RATES))
++ return;
++
+ mi->cck_supported = 0;
+ mi->cck_supported_short = 0;
+ for (i = 0; i < 4; i++) {
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -936,8 +936,14 @@ ieee80211_rx_h_check(struct ieee80211_rx
break;
case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP):
case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP):
-@@ -3059,10 +3067,16 @@ static int prepare_for_handlers(struct i
+@@ -3008,6 +3016,9 @@ static int prepare_for_handlers(struct i
+ case NL80211_IFTYPE_ADHOC:
+ if (!bssid)
+ return 0;
++ if (ether_addr_equal(sdata->vif.addr, hdr->addr2) ||
++ ether_addr_equal(sdata->u.ibss.bssid, hdr->addr2))
++ return 0;
+ if (ieee80211_is_beacon(hdr->frame_control)) {
+ return 1;
+ } else if (!ieee80211_bssid_match(bssid, sdata->u.ibss.bssid)) {
+@@ -3059,10 +3070,16 @@ static int prepare_for_handlers(struct i
}
break;
case NL80211_IFTYPE_WDS:
WLAN_STA_BLOCK_BA,
--- a/drivers/net/wireless/ath/ath9k/xmit.c
+++ b/drivers/net/wireless/ath/ath9k/xmit.c
-@@ -146,6 +146,28 @@ static void ath_set_rates(struct ieee802
+@@ -135,6 +135,9 @@ static struct ath_frame_info *get_frame_
+
+ static void ath_send_bar(struct ath_atx_tid *tid, u16 seqno)
+ {
++ if (!tid->an->sta)
++ return;
++
+ ieee80211_send_bar(tid->an->vif, tid->an->sta->addr, tid->tidno,
+ seqno << IEEE80211_SEQ_SEQ_SHIFT);
+ }
+@@ -146,6 +149,93 @@ static void ath_set_rates(struct ieee802
ARRAY_SIZE(bf->rates));
}
+ txq->stopped = false;
+ }
+}
++
++static struct ath_atx_tid *
++ath_get_skb_tid(struct ath_softc *sc, struct ath_node *an, struct sk_buff *skb)
++{
++ struct ieee80211_hdr *hdr;
++ u8 tidno = 0;
++
++ hdr = (struct ieee80211_hdr *) skb->data;
++ if (ieee80211_is_data_qos(hdr->frame_control))
++ tidno = ieee80211_get_qos_ctl(hdr)[0];
++
++ tidno &= IEEE80211_QOS_CTL_TID_MASK;
++ return ATH_AN_2_TID(an, tidno);
++}
++
++static bool ath_tid_has_buffered(struct ath_atx_tid *tid)
++{
++ return !skb_queue_empty(&tid->buf_q) || !skb_queue_empty(&tid->retry_q);
++}
++
++static struct sk_buff *ath_tid_dequeue(struct ath_atx_tid *tid)
++{
++ struct sk_buff *skb;
++
++ skb = __skb_dequeue(&tid->retry_q);
++ if (!skb)
++ skb = __skb_dequeue(&tid->buf_q);
++
++ return skb;
++}
++
++/*
++ * ath_tx_tid_change_state:
++ * - clears a-mpdu flag of previous session
++ * - force sequence number allocation to fix next BlockAck Window
++ */
++static void
++ath_tx_tid_change_state(struct ath_softc *sc, struct ath_atx_tid *tid)
++{
++ struct ath_txq *txq = tid->ac->txq;
++ struct ieee80211_tx_info *tx_info;
++ struct sk_buff *skb, *tskb;
++ struct ath_buf *bf;
++ struct ath_frame_info *fi;
++
++ skb_queue_walk_safe(&tid->buf_q, skb, tskb) {
++ fi = get_frame_info(skb);
++ bf = fi->bf;
++
++ tx_info = IEEE80211_SKB_CB(skb);
++ tx_info->flags &= ~IEEE80211_TX_CTL_AMPDU;
++
++ if (bf)
++ continue;
++
++ bf = ath_tx_setup_buffer(sc, txq, tid, skb);
++ if (!bf) {
++ __skb_unlink(skb, &tid->buf_q);
++ ath_txq_skb_done(sc, txq, skb);
++ ieee80211_free_txskb(sc->hw, skb);
++ continue;
++ }
++ }
++
++}
+
static void ath_tx_flush_tid(struct ath_softc *sc, struct ath_atx_tid *tid)
{
struct ath_txq *txq = tid->ac->txq;
-@@ -167,6 +189,7 @@ static void ath_tx_flush_tid(struct ath_
+@@ -160,27 +250,22 @@ static void ath_tx_flush_tid(struct ath_
+
+ memset(&ts, 0, sizeof(ts));
+
+- while ((skb = __skb_dequeue(&tid->buf_q))) {
++ while ((skb = __skb_dequeue(&tid->retry_q))) {
+ fi = get_frame_info(skb);
+ bf = fi->bf;
+-
if (!bf) {
- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
- if (!bf) {
-+ ath_txq_skb_done(sc, txq, skb);
- ieee80211_free_txskb(sc->hw, skb);
- continue;
+- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
+- if (!bf) {
+- ieee80211_free_txskb(sc->hw, skb);
+- continue;
+- }
++ ath_txq_skb_done(sc, txq, skb);
++ ieee80211_free_txskb(sc->hw, skb);
++ continue;
+ }
+
+- if (fi->retries) {
+- list_add_tail(&bf->list, &bf_head);
++ if (fi->baw_tracked) {
+ ath_tx_update_baw(sc, tid, bf->bf_state.seqno);
+- ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ sendbar = true;
+- } else {
+- ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- ath_tx_send_normal(sc, txq, NULL, skb);
+ }
++
++ list_add_tail(&bf->list, &bf_head);
++ ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ }
+
+ if (sendbar) {
+@@ -209,13 +294,16 @@ static void ath_tx_update_baw(struct ath
+ }
+
+ static void ath_tx_addto_baw(struct ath_softc *sc, struct ath_atx_tid *tid,
+- u16 seqno)
++ struct ath_buf *bf)
+ {
++ struct ath_frame_info *fi = get_frame_info(bf->bf_mpdu);
++ u16 seqno = bf->bf_state.seqno;
+ int index, cindex;
+
+ index = ATH_BA_INDEX(tid->seq_start, seqno);
+ cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
+ __set_bit(cindex, tid->tx_buf);
++ fi->baw_tracked = 1;
+
+ if (index >= ((tid->baw_tail - tid->baw_head) &
+ (ATH_TID_MAX_BUFS - 1))) {
+@@ -224,12 +312,6 @@ static void ath_tx_addto_baw(struct ath_
+ }
+ }
+
+-/*
+- * TODO: For frame(s) that are in the retry state, we will reuse the
+- * sequence number(s) without setting the retry bit. The
+- * alternative is to give up on these and BAR the receiver's window
+- * forward.
+- */
+ static void ath_tid_drain(struct ath_softc *sc, struct ath_txq *txq,
+ struct ath_atx_tid *tid)
+
+@@ -243,7 +325,7 @@ static void ath_tid_drain(struct ath_sof
+ memset(&ts, 0, sizeof(ts));
+ INIT_LIST_HEAD(&bf_head);
+
+- while ((skb = __skb_dequeue(&tid->buf_q))) {
++ while ((skb = ath_tid_dequeue(tid))) {
+ fi = get_frame_info(skb);
+ bf = fi->bf;
+
+@@ -253,14 +335,8 @@ static void ath_tid_drain(struct ath_sof
+ }
+
+ list_add_tail(&bf->list, &bf_head);
+-
+- ath_tx_update_baw(sc, tid, bf->bf_state.seqno);
+ ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ }
+-
+- tid->seq_next = tid->seq_start;
+- tid->baw_tail = tid->baw_head;
+- tid->bar_index = -1;
+ }
+
+ static void ath_tx_set_retry(struct ath_softc *sc, struct ath_txq *txq,
+@@ -323,6 +399,7 @@ static struct ath_buf* ath_clone_txbuf(s
+ tbf->bf_buf_addr = bf->bf_buf_addr;
+ memcpy(tbf->bf_desc, bf->bf_desc, sc->sc_ah->caps.tx_desc_len);
+ tbf->bf_state = bf->bf_state;
++ tbf->bf_state.stale = false;
+
+ return tbf;
+ }
+@@ -380,7 +457,6 @@ static void ath_tx_complete_aggr(struct
+ struct ieee80211_tx_rate rates[4];
+ struct ath_frame_info *fi;
+ int nframes;
+- u8 tidno;
+ bool flush = !!(ts->ts_status & ATH9K_TX_FLUSH);
+ int i, retries;
+ int bar_index = -1;
+@@ -406,7 +482,7 @@ static void ath_tx_complete_aggr(struct
+ while (bf) {
+ bf_next = bf->bf_next;
+
+- if (!bf->bf_stale || bf_next != NULL)
++ if (!bf->bf_state.stale || bf_next != NULL)
+ list_move_tail(&bf->list, &bf_head);
+
+ ath_tx_complete_buf(sc, bf, txq, &bf_head, ts, 0);
+@@ -417,8 +493,7 @@ static void ath_tx_complete_aggr(struct
+ }
+
+ an = (struct ath_node *)sta->drv_priv;
+- tidno = ieee80211_get_qos_ctl(hdr)[0] & IEEE80211_QOS_CTL_TID_MASK;
+- tid = ATH_AN_2_TID(an, tidno);
++ tid = ath_get_skb_tid(sc, an, skb);
+ seq_first = tid->seq_start;
+ isba = ts->ts_flags & ATH9K_TX_BA;
+
+@@ -430,7 +505,7 @@ static void ath_tx_complete_aggr(struct
+ * Only BlockAcks have a TID and therefore normal Acks cannot be
+ * checked
+ */
+- if (isba && tidno != ts->tid)
++ if (isba && tid->tidno != ts->tid)
+ txok = false;
+
+ isaggr = bf_isaggr(bf);
+@@ -466,7 +541,8 @@ static void ath_tx_complete_aggr(struct
+ tx_info = IEEE80211_SKB_CB(skb);
+ fi = get_frame_info(skb);
+
+- if (!BAW_WITHIN(tid->seq_start, tid->baw_size, seqno)) {
++ if (!BAW_WITHIN(tid->seq_start, tid->baw_size, seqno) ||
++ !tid->active) {
+ /*
+ * Outside of the current BlockAck window,
+ * maybe part of a previous session
+@@ -499,7 +575,7 @@ static void ath_tx_complete_aggr(struct
+ * not a holding desc.
+ */
+ INIT_LIST_HEAD(&bf_head);
+- if (bf_next != NULL || !bf_last->bf_stale)
++ if (bf_next != NULL || !bf_last->bf_state.stale)
+ list_move_tail(&bf->list, &bf_head);
+
+ if (!txpending) {
+@@ -523,7 +599,7 @@ static void ath_tx_complete_aggr(struct
+ ieee80211_sta_eosp(sta);
}
-@@ -811,6 +834,7 @@ ath_tx_get_tid_subframe(struct ath_softc
+ /* retry the un-acked ones */
+- if (bf->bf_next == NULL && bf_last->bf_stale) {
++ if (bf->bf_next == NULL && bf_last->bf_state.stale) {
+ struct ath_buf *tbf;
+
+ tbf = ath_clone_txbuf(sc, bf_last);
+@@ -560,7 +636,7 @@ static void ath_tx_complete_aggr(struct
+ if (an->sleeping)
+ ieee80211_sta_set_buffered(sta, tid->tidno, true);
+
+- skb_queue_splice(&bf_pending, &tid->buf_q);
++ skb_queue_splice_tail(&bf_pending, &tid->retry_q);
+ if (!an->sleeping) {
+ ath_tx_queue_tid(txq, tid);
+
+@@ -618,7 +694,7 @@ static void ath_tx_process_buffer(struct
+ } else
+ ath_tx_complete_aggr(sc, txq, bf, bf_head, ts, txok);
+
+- if ((sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT) && !flush)
++ if (!flush)
+ ath_txq_schedule(sc, txq);
+ }
+
+@@ -792,15 +868,20 @@ static int ath_compute_num_delims(struct
+
+ static struct ath_buf *
+ ath_tx_get_tid_subframe(struct ath_softc *sc, struct ath_txq *txq,
+- struct ath_atx_tid *tid)
++ struct ath_atx_tid *tid, struct sk_buff_head **q)
+ {
++ struct ieee80211_tx_info *tx_info;
+ struct ath_frame_info *fi;
+ struct sk_buff *skb;
+ struct ath_buf *bf;
+ u16 seqno;
+
+ while (1) {
+- skb = skb_peek(&tid->buf_q);
++ *q = &tid->retry_q;
++ if (skb_queue_empty(*q))
++ *q = &tid->buf_q;
++
++ skb = skb_peek(*q);
+ if (!skb)
+ break;
+
+@@ -808,13 +889,26 @@ ath_tx_get_tid_subframe(struct ath_softc
+ bf = fi->bf;
+ if (!fi->bf)
+ bf = ath_tx_setup_buffer(sc, txq, tid, skb);
++ else
++ bf->bf_state.stale = false;
if (!bf) {
- __skb_unlink(skb, &tid->buf_q);
+- __skb_unlink(skb, &tid->buf_q);
++ __skb_unlink(skb, *q);
+ ath_txq_skb_done(sc, txq, skb);
ieee80211_free_txskb(sc->hw, skb);
continue;
}
-@@ -1824,6 +1848,7 @@ static void ath_tx_send_ampdu(struct ath
- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
- if (!bf) {
-+ ath_txq_skb_done(sc, txq, skb);
- ieee80211_free_txskb(sc->hw, skb);
- return;
++ bf->bf_next = NULL;
++ bf->bf_lastbf = bf;
++
++ tx_info = IEEE80211_SKB_CB(skb);
++ tx_info->flags &= ~IEEE80211_TX_CTL_CLEAR_PS_FILT;
++ if (!(tx_info->flags & IEEE80211_TX_CTL_AMPDU)) {
++ bf->bf_state.bf_type = 0;
++ return bf;
++ }
++
+ bf->bf_state.bf_type = BUF_AMPDU | BUF_AGGR;
+ seqno = bf->bf_state.seqno;
+
+@@ -828,73 +922,52 @@ ath_tx_get_tid_subframe(struct ath_softc
+
+ INIT_LIST_HEAD(&bf_head);
+ list_add(&bf->list, &bf_head);
+- __skb_unlink(skb, &tid->buf_q);
++ __skb_unlink(skb, *q);
+ ath_tx_update_baw(sc, tid, seqno);
+ ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ continue;
+ }
+
+- bf->bf_next = NULL;
+- bf->bf_lastbf = bf;
+ return bf;
}
-@@ -2090,6 +2115,7 @@ int ath_tx_start(struct ieee80211_hw *hw
- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
- if (!bf) {
-+ ath_txq_skb_done(sc, txq, skb);
- if (txctl->paprd)
- dev_kfree_skb_any(skb);
- else
-@@ -2189,7 +2215,7 @@ static void ath_tx_complete(struct ath_s
- struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
- struct ath_common *common = ath9k_hw_common(sc->sc_ah);
- struct ieee80211_hdr * hdr = (struct ieee80211_hdr *)skb->data;
-- int q, padpos, padsize;
-+ int padpos, padsize;
- unsigned long flags;
+ return NULL;
+ }
- ath_dbg(common, XMIT, "TX complete: skb: %p\n", skb);
-@@ -2225,21 +2251,7 @@ static void ath_tx_complete(struct ath_s
- spin_unlock_irqrestore(&sc->sc_pm_lock, flags);
+-static enum ATH_AGGR_STATUS ath_tx_form_aggr(struct ath_softc *sc,
+- struct ath_txq *txq,
+- struct ath_atx_tid *tid,
+- struct list_head *bf_q,
+- int *aggr_len)
++static bool
++ath_tx_form_aggr(struct ath_softc *sc, struct ath_txq *txq,
++ struct ath_atx_tid *tid, struct list_head *bf_q,
++ struct ath_buf *bf_first, struct sk_buff_head *tid_q,
++ int *aggr_len)
+ {
+ #define PADBYTES(_len) ((4 - ((_len) % 4)) % 4)
+- struct ath_buf *bf, *bf_first = NULL, *bf_prev = NULL;
+- int rl = 0, nframes = 0, ndelim, prev_al = 0;
++ struct ath_buf *bf = bf_first, *bf_prev = NULL;
++ int nframes = 0, ndelim;
+ u16 aggr_limit = 0, al = 0, bpad = 0,
+- al_delta, h_baw = tid->baw_size / 2;
+- enum ATH_AGGR_STATUS status = ATH_AGGR_DONE;
++ al_delta, h_baw = tid->baw_size / 2;
+ struct ieee80211_tx_info *tx_info;
+ struct ath_frame_info *fi;
+ struct sk_buff *skb;
++ bool closed = false;
- __skb_queue_tail(&txq->complete_q, skb);
--
-- q = skb_get_queue_mapping(skb);
-- if (txq == sc->tx.uapsdq)
-- txq = sc->tx.txq_map[q];
+- do {
+- bf = ath_tx_get_tid_subframe(sc, txq, tid);
+- if (!bf) {
+- status = ATH_AGGR_BAW_CLOSED;
+- break;
+- }
++ bf = bf_first;
++ aggr_limit = ath_lookup_rate(sc, bf, tid);
+
++ do {
+ skb = bf->bf_mpdu;
+ fi = get_frame_info(skb);
+
+- if (!bf_first)
+- bf_first = bf;
-
-- if (txq == sc->tx.txq_map[q]) {
-- if (WARN_ON(--txq->pending_frames < 0))
-- txq->pending_frames = 0;
+- if (!rl) {
+- ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- aggr_limit = ath_lookup_rate(sc, bf, tid);
+- rl = 1;
+- }
-
-- if (txq->stopped &&
-- txq->pending_frames < sc->tx.txq_max_pending[q]) {
-- ieee80211_wake_queue(sc->hw, q);
-- txq->stopped = false;
+ /* do not exceed aggregation limit */
+ al_delta = ATH_AGGR_DELIM_SZ + fi->framelen;
++ if (nframes) {
++ if (aggr_limit < al + bpad + al_delta ||
++ ath_lookup_legacy(bf) || nframes >= h_baw)
++ break;
+
+- if (nframes &&
+- ((aggr_limit < (al + bpad + al_delta + prev_al)) ||
+- ath_lookup_legacy(bf))) {
+- status = ATH_AGGR_LIMITED;
+- break;
- }
-- }
-+ ath_txq_skb_done(sc, txq, skb);
+-
+- tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
+- if (nframes && (tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE))
+- break;
+-
+- /* do not exceed subframe limit */
+- if (nframes >= min((int)h_baw, ATH_AMPDU_SUBFRAME_DEFAULT)) {
+- status = ATH_AGGR_LIMITED;
+- break;
++ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
++ if ((tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) ||
++ !(tx_info->flags & IEEE80211_TX_CTL_AMPDU))
++ break;
+ }
+
+ /* add padding for previous frame to aggregation length */
+@@ -912,22 +985,37 @@ static enum ATH_AGGR_STATUS ath_tx_form_
+ bf->bf_next = NULL;
+
+ /* link buffers of this frame to the aggregate */
+- if (!fi->retries)
+- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
++ if (!fi->baw_tracked)
++ ath_tx_addto_baw(sc, tid, bf);
+ bf->bf_state.ndelim = ndelim;
+
+- __skb_unlink(skb, &tid->buf_q);
++ __skb_unlink(skb, tid_q);
+ list_add_tail(&bf->list, bf_q);
+ if (bf_prev)
+ bf_prev->bf_next = bf;
+
+ bf_prev = bf;
+
+- } while (!skb_queue_empty(&tid->buf_q));
++ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
++ if (!bf) {
++ closed = true;
++ break;
++ }
++ } while (ath_tid_has_buffered(tid));
++
++ bf = bf_first;
++ bf->bf_lastbf = bf_prev;
++
++ if (bf == bf_prev) {
++ al = get_frame_info(bf->bf_mpdu)->framelen;
++ bf->bf_state.bf_type = BUF_AMPDU;
++ } else {
++ TX_STAT_INC(txq->axq_qnum, a_aggr);
++ }
+
+ *aggr_len = al;
+
+- return status;
++ return closed;
+ #undef PADBYTES
}
- static void ath_tx_complete_buf(struct ath_softc *sc, struct ath_buf *bf,
---- a/drivers/net/wireless/ath/ath9k/main.c
-+++ b/drivers/net/wireless/ath/ath9k/main.c
-@@ -2094,7 +2094,7 @@ static void ath9k_wow_add_pattern(struct
+@@ -999,7 +1087,7 @@ void ath_update_max_aggr_framelen(struct
+ }
+
+ static void ath_buf_set_rate(struct ath_softc *sc, struct ath_buf *bf,
+- struct ath_tx_info *info, int len)
++ struct ath_tx_info *info, int len, bool rts)
{
struct ath_hw *ah = sc->sc_ah;
- struct ath9k_wow_pattern *wow_pattern = NULL;
-- struct cfg80211_wowlan_trig_pkt_pattern *patterns = wowlan->patterns;
-+ struct cfg80211_pkt_pattern *patterns = wowlan->patterns;
- int mask_len;
- s8 i = 0;
+ struct sk_buff *skb;
+@@ -1008,6 +1096,7 @@ static void ath_buf_set_rate(struct ath_
+ const struct ieee80211_rate *rate;
+ struct ieee80211_hdr *hdr;
+ struct ath_frame_info *fi = get_frame_info(bf->bf_mpdu);
++ u32 rts_thresh = sc->hw->wiphy->rts_threshold;
+ int i;
+ u8 rix = 0;
---- a/drivers/net/wireless/mwifiex/cfg80211.c
-+++ b/drivers/net/wireless/mwifiex/cfg80211.c
-@@ -2298,8 +2298,7 @@ EXPORT_SYMBOL_GPL(mwifiex_del_virtual_in
+@@ -1030,7 +1119,17 @@ static void ath_buf_set_rate(struct ath_
+ rix = rates[i].idx;
+ info->rates[i].Tries = rates[i].count;
- #ifdef CONFIG_PM
- static bool
--mwifiex_is_pattern_supported(struct cfg80211_wowlan_trig_pkt_pattern *pat,
-- s8 *byte_seq)
-+mwifiex_is_pattern_supported(struct cfg80211_pkt_pattern *pat, s8 *byte_seq)
- {
- int j, k, valid_byte_cnt = 0;
- bool dont_care_byte = false;
---- a/drivers/net/wireless/ti/wlcore/main.c
-+++ b/drivers/net/wireless/ti/wlcore/main.c
-@@ -1315,7 +1315,7 @@ static struct sk_buff *wl12xx_alloc_dumm
+- if (rates[i].flags & IEEE80211_TX_RC_USE_RTS_CTS) {
++ /*
++ * Handle RTS threshold for unaggregated HT frames.
++ */
++ if (bf_isampdu(bf) && !bf_isaggr(bf) &&
++ (rates[i].flags & IEEE80211_TX_RC_MCS) &&
++ unlikely(rts_thresh != (u32) -1)) {
++ if (!rts_thresh || (len > rts_thresh))
++ rts = true;
++ }
++
++ if (rts || rates[i].flags & IEEE80211_TX_RC_USE_RTS_CTS) {
+ info->rates[i].RateFlags |= ATH9K_RATESERIES_RTS_CTS;
+ info->flags |= ATH9K_TXDESC_RTSENA;
+ } else if (rates[i].flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
+@@ -1123,6 +1222,8 @@ static void ath_tx_fill_desc(struct ath_
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_buf *bf_first = NULL;
+ struct ath_tx_info info;
++ u32 rts_thresh = sc->hw->wiphy->rts_threshold;
++ bool rts = false;
- #ifdef CONFIG_PM
- static int
--wl1271_validate_wowlan_pattern(struct cfg80211_wowlan_trig_pkt_pattern *p)
-+wl1271_validate_wowlan_pattern(struct cfg80211_pkt_pattern *p)
- {
- int num_fields = 0, in_field = 0, fields_size = 0;
- int i, pattern_len = 0;
-@@ -1458,9 +1458,9 @@ void wl1271_rx_filter_flatten_fields(str
- * Allocates an RX filter returned through f
- * which needs to be freed using rx_filter_free()
- */
--static int wl1271_convert_wowlan_pattern_to_rx_filter(
-- struct cfg80211_wowlan_trig_pkt_pattern *p,
-- struct wl12xx_rx_filter **f)
-+static int
-+wl1271_convert_wowlan_pattern_to_rx_filter(struct cfg80211_pkt_pattern *p,
-+ struct wl12xx_rx_filter **f)
+ memset(&info, 0, sizeof(info));
+ info.is_first = true;
+@@ -1159,7 +1260,22 @@ static void ath_tx_fill_desc(struct ath_
+ info.flags |= (u32) bf->bf_state.bfs_paprd <<
+ ATH9K_TXDESC_PAPRD_S;
+
+- ath_buf_set_rate(sc, bf, &info, len);
++ /*
++ * mac80211 doesn't handle RTS threshold for HT because
++ * the decision has to be taken based on AMPDU length
++ * and aggregation is done entirely inside ath9k.
++ * Set the RTS/CTS flag for the first subframe based
++ * on the threshold.
++ */
++ if (aggr && (bf == bf_first) &&
++ unlikely(rts_thresh != (u32) -1)) {
++ /*
++ * "len" is the size of the entire AMPDU.
++ */
++ if (!rts_thresh || (len > rts_thresh))
++ rts = true;
++ }
++ ath_buf_set_rate(sc, bf, &info, len, rts);
+ }
+
+ info.buf_addr[0] = bf->bf_buf_addr;
+@@ -1188,64 +1304,101 @@ static void ath_tx_fill_desc(struct ath_
+ }
+ }
+
+-static void ath_tx_sched_aggr(struct ath_softc *sc, struct ath_txq *txq,
+- struct ath_atx_tid *tid)
++static void
++ath_tx_form_burst(struct ath_softc *sc, struct ath_txq *txq,
++ struct ath_atx_tid *tid, struct list_head *bf_q,
++ struct ath_buf *bf_first, struct sk_buff_head *tid_q)
{
- int i, j, ret = 0;
- struct wl12xx_rx_filter *filter;
-@@ -1562,7 +1562,7 @@ static int wl1271_configure_wowlan(struc
+- struct ath_buf *bf;
+- enum ATH_AGGR_STATUS status;
+- struct ieee80211_tx_info *tx_info;
+- struct list_head bf_q;
+- int aggr_len;
++ struct ath_buf *bf = bf_first, *bf_prev = NULL;
++ struct sk_buff *skb;
++ int nframes = 0;
- /* Translate WoWLAN patterns into filters */
- for (i = 0; i < wow->n_patterns; i++) {
-- struct cfg80211_wowlan_trig_pkt_pattern *p;
-+ struct cfg80211_pkt_pattern *p;
- struct wl12xx_rx_filter *filter = NULL;
+ do {
+- if (skb_queue_empty(&tid->buf_q))
+- return;
++ struct ieee80211_tx_info *tx_info;
++ skb = bf->bf_mpdu;
- p = &wow->patterns[i];
---- a/include/net/cfg80211.h
-+++ b/include/net/cfg80211.h
-@@ -1698,7 +1698,7 @@ struct cfg80211_pmksa {
- };
+- INIT_LIST_HEAD(&bf_q);
++ nframes++;
++ __skb_unlink(skb, tid_q);
++ list_add_tail(&bf->list, bf_q);
++ if (bf_prev)
++ bf_prev->bf_next = bf;
++ bf_prev = bf;
- /**
-- * struct cfg80211_wowlan_trig_pkt_pattern - packet pattern
-+ * struct cfg80211_pkt_pattern - packet pattern
- * @mask: bitmask where to match pattern and where to ignore bytes,
- * one bit per byte, in same format as nl80211
- * @pattern: bytes to match where bitmask is 1
-@@ -1708,7 +1708,7 @@ struct cfg80211_pmksa {
- * Internal note: @mask and @pattern are allocated in one chunk of
- * memory, free @mask only!
- */
--struct cfg80211_wowlan_trig_pkt_pattern {
-+struct cfg80211_pkt_pattern {
- u8 *mask, *pattern;
- int pattern_len;
- int pkt_offset;
-@@ -1770,7 +1770,7 @@ struct cfg80211_wowlan {
- bool any, disconnect, magic_pkt, gtk_rekey_failure,
- eap_identity_req, four_way_handshake,
- rfkill_release;
-- struct cfg80211_wowlan_trig_pkt_pattern *patterns;
-+ struct cfg80211_pkt_pattern *patterns;
- struct cfg80211_wowlan_tcp *tcp;
- int n_patterns;
- };
+- status = ath_tx_form_aggr(sc, txq, tid, &bf_q, &aggr_len);
++ if (nframes >= 2)
++ break;
+
+- /*
+- * no frames picked up to be aggregated;
+- * block-ack window is not open.
+- */
+- if (list_empty(&bf_q))
++ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
++ if (!bf)
+ break;
+
+- bf = list_first_entry(&bf_q, struct ath_buf, list);
+- bf->bf_lastbf = list_entry(bf_q.prev, struct ath_buf, list);
+ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
++ if (tx_info->flags & IEEE80211_TX_CTL_AMPDU)
++ break;
+
+- if (tid->ac->clear_ps_filter) {
+- tid->ac->clear_ps_filter = false;
+- tx_info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
+- } else {
+- tx_info->flags &= ~IEEE80211_TX_CTL_CLEAR_PS_FILT;
+- }
++ ath_set_rates(tid->an->vif, tid->an->sta, bf);
++ } while (1);
++}
+
+- /* if only one frame, send as non-aggregate */
+- if (bf == bf->bf_lastbf) {
+- aggr_len = get_frame_info(bf->bf_mpdu)->framelen;
+- bf->bf_state.bf_type = BUF_AMPDU;
+- } else {
+- TX_STAT_INC(txq->axq_qnum, a_aggr);
+- }
++static bool ath_tx_sched_aggr(struct ath_softc *sc, struct ath_txq *txq,
++ struct ath_atx_tid *tid, bool *stop)
++{
++ struct ath_buf *bf;
++ struct ieee80211_tx_info *tx_info;
++ struct sk_buff_head *tid_q;
++ struct list_head bf_q;
++ int aggr_len = 0;
++ bool aggr, last = true;
++
++ if (!ath_tid_has_buffered(tid))
++ return false;
++
++ INIT_LIST_HEAD(&bf_q);
+
+- ath_tx_fill_desc(sc, bf, txq, aggr_len);
+- ath_tx_txqaddbuf(sc, txq, &bf_q, false);
+- } while (txq->axq_ampdu_depth < ATH_AGGR_MIN_QDEPTH &&
+- status != ATH_AGGR_BAW_CLOSED);
++ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
++ if (!bf)
++ return false;
++
++ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
++ aggr = !!(tx_info->flags & IEEE80211_TX_CTL_AMPDU);
++ if ((aggr && txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH) ||
++ (!aggr && txq->axq_depth >= ATH_NON_AGGR_MIN_QDEPTH)) {
++ *stop = true;
++ return false;
++ }
++
++ ath_set_rates(tid->an->vif, tid->an->sta, bf);
++ if (aggr)
++ last = ath_tx_form_aggr(sc, txq, tid, &bf_q, bf,
++ tid_q, &aggr_len);
++ else
++ ath_tx_form_burst(sc, txq, tid, &bf_q, bf, tid_q);
++
++ if (list_empty(&bf_q))
++ return false;
++
++ if (tid->ac->clear_ps_filter || tid->an->no_ps_filter) {
++ tid->ac->clear_ps_filter = false;
++ tx_info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
++ }
++
++ ath_tx_fill_desc(sc, bf, txq, aggr_len);
++ ath_tx_txqaddbuf(sc, txq, &bf_q, false);
++ return true;
+ }
+
+ int ath_tx_aggr_start(struct ath_softc *sc, struct ieee80211_sta *sta,
+ u16 tid, u16 *ssn)
+ {
+ struct ath_atx_tid *txtid;
++ struct ath_txq *txq;
+ struct ath_node *an;
+ u8 density;
+
+ an = (struct ath_node *)sta->drv_priv;
+ txtid = ATH_AN_2_TID(an, tid);
++ txq = txtid->ac->txq;
++
++ ath_txq_lock(sc, txq);
+
+ /* update ampdu factor/density, they may have changed. This may happen
+ * in HT IBSS when a beacon with HT-info is received after the station
+@@ -1258,6 +1411,9 @@ int ath_tx_aggr_start(struct ath_softc *
+ an->mpdudensity = density;
+ }
+
++ /* force sequence number allocation for pending frames */
++ ath_tx_tid_change_state(sc, txtid);
++
+ txtid->active = true;
+ txtid->paused = true;
+ *ssn = txtid->seq_start = txtid->seq_next;
+@@ -1266,6 +1422,8 @@ int ath_tx_aggr_start(struct ath_softc *
+ memset(txtid->tx_buf, 0, sizeof(txtid->tx_buf));
+ txtid->baw_head = txtid->baw_tail = 0;
+
++ ath_txq_unlock_complete(sc, txq);
++
+ return 0;
+ }
+
+@@ -1277,8 +1435,9 @@ void ath_tx_aggr_stop(struct ath_softc *
+
+ ath_txq_lock(sc, txq);
+ txtid->active = false;
+- txtid->paused = true;
++ txtid->paused = false;
+ ath_tx_flush_tid(sc, txtid);
++ ath_tx_tid_change_state(sc, txtid);
+ ath_txq_unlock_complete(sc, txq);
+ }
+
+@@ -1302,7 +1461,7 @@ void ath_tx_aggr_sleep(struct ieee80211_
+
+ ath_txq_lock(sc, txq);
+
+- buffered = !skb_queue_empty(&tid->buf_q);
++ buffered = ath_tid_has_buffered(tid);
+
+ tid->sched = false;
+ list_del(&tid->list);
+@@ -1334,7 +1493,7 @@ void ath_tx_aggr_wakeup(struct ath_softc
+ ath_txq_lock(sc, txq);
+ ac->clear_ps_filter = true;
+
+- if (!skb_queue_empty(&tid->buf_q) && !tid->paused) {
++ if (!tid->paused && ath_tid_has_buffered(tid)) {
+ ath_tx_queue_tid(txq, tid);
+ ath_txq_schedule(sc, txq);
+ }
+@@ -1359,7 +1518,7 @@ void ath_tx_aggr_resume(struct ath_softc
+ tid->baw_size = IEEE80211_MIN_AMPDU_BUF << sta->ht_cap.ampdu_factor;
+ tid->paused = false;
+
+- if (!skb_queue_empty(&tid->buf_q)) {
++ if (ath_tid_has_buffered(tid)) {
+ ath_tx_queue_tid(txq, tid);
+ ath_txq_schedule(sc, txq);
+ }
+@@ -1379,6 +1538,7 @@ void ath9k_release_buffered_frames(struc
+ struct ieee80211_tx_info *info;
+ struct list_head bf_q;
+ struct ath_buf *bf_tail = NULL, *bf;
++ struct sk_buff_head *tid_q;
+ int sent = 0;
+ int i;
+
+@@ -1394,16 +1554,18 @@ void ath9k_release_buffered_frames(struc
+ continue;
+
+ ath_txq_lock(sc, tid->ac->txq);
+- while (!skb_queue_empty(&tid->buf_q) && nframes > 0) {
+- bf = ath_tx_get_tid_subframe(sc, sc->tx.uapsdq, tid);
++ while (nframes > 0) {
++ bf = ath_tx_get_tid_subframe(sc, sc->tx.uapsdq, tid, &tid_q);
+ if (!bf)
+ break;
+
+- __skb_unlink(bf->bf_mpdu, &tid->buf_q);
++ __skb_unlink(bf->bf_mpdu, tid_q);
+ list_add_tail(&bf->list, &bf_q);
+ ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
+- bf->bf_state.bf_type &= ~BUF_AGGR;
++ if (bf_isampdu(bf)) {
++ ath_tx_addto_baw(sc, tid, bf);
++ bf->bf_state.bf_type &= ~BUF_AGGR;
++ }
+ if (bf_tail)
+ bf_tail->bf_next = bf;
+
+@@ -1412,7 +1574,7 @@ void ath9k_release_buffered_frames(struc
+ sent++;
+ TX_STAT_INC(txq->axq_qnum, a_queued_hw);
+
+- if (skb_queue_empty(&tid->buf_q))
++ if (an->sta && !ath_tid_has_buffered(tid))
+ ieee80211_sta_set_buffered(an->sta, i, false);
+ }
+ ath_txq_unlock_complete(sc, tid->ac->txq);
+@@ -1542,16 +1704,9 @@ int ath_cabq_update(struct ath_softc *sc
+ int qnum = sc->beacon.cabq->axq_qnum;
+
+ ath9k_hw_get_txq_props(sc->sc_ah, qnum, &qi);
+- /*
+- * Ensure the readytime % is within the bounds.
+- */
+- if (sc->config.cabqReadytime < ATH9K_READY_TIME_LO_BOUND)
+- sc->config.cabqReadytime = ATH9K_READY_TIME_LO_BOUND;
+- else if (sc->config.cabqReadytime > ATH9K_READY_TIME_HI_BOUND)
+- sc->config.cabqReadytime = ATH9K_READY_TIME_HI_BOUND;
+
+ qi.tqi_readyTime = (cur_conf->beacon_interval *
+- sc->config.cabqReadytime) / 100;
++ ATH_CABQ_READY_TIME) / 100;
+ ath_txq_update(sc, qnum, &qi);
+
+ return 0;
+@@ -1571,7 +1726,7 @@ static void ath_drain_txq_list(struct at
+ while (!list_empty(list)) {
+ bf = list_first_entry(list, struct ath_buf, list);
+
+- if (bf->bf_stale) {
++ if (bf->bf_state.stale) {
+ list_del(&bf->list);
+
+ ath_tx_return_buffer(sc, bf);
+@@ -1665,25 +1820,27 @@ void ath_tx_cleanupq(struct ath_softc *s
+ */
+ void ath_txq_schedule(struct ath_softc *sc, struct ath_txq *txq)
+ {
+- struct ath_atx_ac *ac, *ac_tmp, *last_ac;
++ struct ath_atx_ac *ac, *last_ac;
+ struct ath_atx_tid *tid, *last_tid;
++ bool sent = false;
+
+ if (test_bit(SC_OP_HW_RESET, &sc->sc_flags) ||
+- list_empty(&txq->axq_acq) ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
++ list_empty(&txq->axq_acq))
+ return;
+
+ rcu_read_lock();
+
+- ac = list_first_entry(&txq->axq_acq, struct ath_atx_ac, list);
+ last_ac = list_entry(txq->axq_acq.prev, struct ath_atx_ac, list);
++ while (!list_empty(&txq->axq_acq)) {
++ bool stop = false;
+
+- list_for_each_entry_safe(ac, ac_tmp, &txq->axq_acq, list) {
++ ac = list_first_entry(&txq->axq_acq, struct ath_atx_ac, list);
+ last_tid = list_entry(ac->tid_q.prev, struct ath_atx_tid, list);
+ list_del(&ac->list);
+ ac->sched = false;
+
+ while (!list_empty(&ac->tid_q)) {
++
+ tid = list_first_entry(&ac->tid_q, struct ath_atx_tid,
+ list);
+ list_del(&tid->list);
+@@ -1692,17 +1849,17 @@ void ath_txq_schedule(struct ath_softc *
+ if (tid->paused)
+ continue;
+
+- ath_tx_sched_aggr(sc, txq, tid);
++ if (ath_tx_sched_aggr(sc, txq, tid, &stop))
++ sent = true;
+
+ /*
+ * add tid to round-robin queue if more frames
+ * are pending for the tid
+ */
+- if (!skb_queue_empty(&tid->buf_q))
++ if (ath_tid_has_buffered(tid))
+ ath_tx_queue_tid(txq, tid);
+
+- if (tid == last_tid ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
++ if (stop || tid == last_tid)
+ break;
+ }
+
+@@ -1711,9 +1868,17 @@ void ath_txq_schedule(struct ath_softc *
+ list_add_tail(&ac->list, &txq->axq_acq);
+ }
+
+- if (ac == last_ac ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
++ if (stop)
+ break;
++
++ if (ac == last_ac) {
++ if (!sent)
++ break;
++
++ sent = false;
++ last_ac = list_entry(txq->axq_acq.prev,
++ struct ath_atx_ac, list);
++ }
+ }
+
+ rcu_read_unlock();
+@@ -1787,74 +1952,28 @@ static void ath_tx_txqaddbuf(struct ath_
+ if (bf_is_ampdu_not_probing(bf))
+ txq->axq_ampdu_depth++;
+
+- bf = bf->bf_lastbf->bf_next;
++ bf_last = bf->bf_lastbf;
++ bf = bf_last->bf_next;
++ bf_last->bf_next = NULL;
+ }
+ }
+ }
+
+-static void ath_tx_send_ampdu(struct ath_softc *sc, struct ath_txq *txq,
+- struct ath_atx_tid *tid, struct sk_buff *skb,
+- struct ath_tx_control *txctl)
+-{
+- struct ath_frame_info *fi = get_frame_info(skb);
+- struct list_head bf_head;
+- struct ath_buf *bf;
+-
+- /*
+- * Do not queue to h/w when any of the following conditions is true:
+- * - there are pending frames in software queue
+- * - the TID is currently paused for ADDBA/BAR request
+- * - seqno is not within block-ack window
+- * - h/w queue depth exceeds low water mark
+- */
+- if ((!skb_queue_empty(&tid->buf_q) || tid->paused ||
+- !BAW_WITHIN(tid->seq_start, tid->baw_size, tid->seq_next) ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH) &&
+- txq != sc->tx.uapsdq) {
+- /*
+- * Add this frame to software queue for scheduling later
+- * for aggregation.
+- */
+- TX_STAT_INC(txq->axq_qnum, a_queued_sw);
+- __skb_queue_tail(&tid->buf_q, skb);
+- if (!txctl->an || !txctl->an->sleeping)
+- ath_tx_queue_tid(txq, tid);
+- return;
+- }
+-
+- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
+- if (!bf) {
+- ieee80211_free_txskb(sc->hw, skb);
+- return;
+- }
+-
+- ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- bf->bf_state.bf_type = BUF_AMPDU;
+- INIT_LIST_HEAD(&bf_head);
+- list_add(&bf->list, &bf_head);
+-
+- /* Add sub-frame to BAW */
+- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
+-
+- /* Queue to h/w without aggregation */
+- TX_STAT_INC(txq->axq_qnum, a_queued_hw);
+- bf->bf_lastbf = bf;
+- ath_tx_fill_desc(sc, bf, txq, fi->framelen);
+- ath_tx_txqaddbuf(sc, txq, &bf_head, false);
+-}
+-
+ static void ath_tx_send_normal(struct ath_softc *sc, struct ath_txq *txq,
+ struct ath_atx_tid *tid, struct sk_buff *skb)
+ {
++ struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
+ struct ath_frame_info *fi = get_frame_info(skb);
+ struct list_head bf_head;
+- struct ath_buf *bf;
+-
+- bf = fi->bf;
++ struct ath_buf *bf = fi->bf;
+
+ INIT_LIST_HEAD(&bf_head);
+ list_add_tail(&bf->list, &bf_head);
+ bf->bf_state.bf_type = 0;
++ if (tid && (tx_info->flags & IEEE80211_TX_CTL_AMPDU)) {
++ bf->bf_state.bf_type = BUF_AMPDU;
++ ath_tx_addto_baw(sc, tid, bf);
++ }
+
+ bf->bf_next = NULL;
+ bf->bf_lastbf = bf;
+@@ -1911,8 +2030,7 @@ u8 ath_txchainmask_reduction(struct ath_
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath9k_channel *curchan = ah->curchan;
+
+- if ((ah->caps.hw_caps & ATH9K_HW_CAP_APM) &&
+- (curchan->channelFlags & CHANNEL_5GHZ) &&
++ if ((ah->caps.hw_caps & ATH9K_HW_CAP_APM) && IS_CHAN_5GHZ(curchan) &&
+ (chainmask == 0x7) && (rate < 0x90))
+ return 0x3;
+ else if (AR_SREV_9462(ah) && ath9k_hw_btcoex_is_enabled(ah) &&
+@@ -1985,6 +2103,7 @@ static int ath_tx_prepare(struct ieee802
+ struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
+ struct ieee80211_sta *sta = txctl->sta;
+ struct ieee80211_vif *vif = info->control.vif;
++ struct ath_vif *avp;
+ struct ath_softc *sc = hw->priv;
+ int frmlen = skb->len + FCS_LEN;
+ int padpos, padsize;
+@@ -1992,6 +2111,10 @@ static int ath_tx_prepare(struct ieee802
+ /* NOTE: sta can be NULL according to net/mac80211.h */
+ if (sta)
+ txctl->an = (struct ath_node *)sta->drv_priv;
++ else if (vif && ieee80211_is_data(hdr->frame_control)) {
++ avp = (void *)vif->drv_priv;
++ txctl->an = &avp->mcast_node;
++ }
+
+ if (info->control.hw_key)
+ frmlen += info->control.hw_key->icv_len;
+@@ -2041,7 +2164,6 @@ int ath_tx_start(struct ieee80211_hw *hw
+ struct ath_txq *txq = txctl->txq;
+ struct ath_atx_tid *tid = NULL;
+ struct ath_buf *bf;
+- u8 tidno;
+ int q;
+ int ret;
+
+@@ -2069,27 +2191,31 @@ int ath_tx_start(struct ieee80211_hw *hw
+ ath_txq_unlock(sc, txq);
+ txq = sc->tx.uapsdq;
+ ath_txq_lock(sc, txq);
+- }
+-
+- if (txctl->an && ieee80211_is_data_qos(hdr->frame_control)) {
+- tidno = ieee80211_get_qos_ctl(hdr)[0] &
+- IEEE80211_QOS_CTL_TID_MASK;
+- tid = ATH_AN_2_TID(txctl->an, tidno);
++ } else if (txctl->an &&
++ ieee80211_is_data_present(hdr->frame_control)) {
++ tid = ath_get_skb_tid(sc, txctl->an, skb);
+
+ WARN_ON(tid->ac->txq != txctl->txq);
+- }
+
+- if ((info->flags & IEEE80211_TX_CTL_AMPDU) && tid) {
++ if (info->flags & IEEE80211_TX_CTL_CLEAR_PS_FILT)
++ tid->ac->clear_ps_filter = true;
++
+ /*
+- * Try aggregation if it's a unicast data frame
+- * and the destination is HT capable.
++ * Add this frame to software queue for scheduling later
++ * for aggregation.
+ */
+- ath_tx_send_ampdu(sc, txq, tid, skb, txctl);
++ TX_STAT_INC(txq->axq_qnum, a_queued_sw);
++ __skb_queue_tail(&tid->buf_q, skb);
++ if (!txctl->an->sleeping)
++ ath_tx_queue_tid(txq, tid);
++
++ ath_txq_schedule(sc, txq);
+ goto out;
+ }
+
+ bf = ath_tx_setup_buffer(sc, txq, tid, skb);
+ if (!bf) {
++ ath_txq_skb_done(sc, txq, skb);
+ if (txctl->paprd)
+ dev_kfree_skb_any(skb);
+ else
+@@ -2142,7 +2268,7 @@ void ath_tx_cabq(struct ieee80211_hw *hw
+
+ bf->bf_lastbf = bf;
+ ath_set_rates(vif, NULL, bf);
+- ath_buf_set_rate(sc, bf, &info, fi->framelen);
++ ath_buf_set_rate(sc, bf, &info, fi->framelen, false);
+ duration += info.rates[0].PktDuration;
+ if (bf_tail)
+ bf_tail->bf_next = bf;
+@@ -2189,7 +2315,7 @@ static void ath_tx_complete(struct ath_s
+ struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
+ struct ieee80211_hdr * hdr = (struct ieee80211_hdr *)skb->data;
+- int q, padpos, padsize;
++ int padpos, padsize;
+ unsigned long flags;
+
+ ath_dbg(common, XMIT, "TX complete: skb: %p\n", skb);
+@@ -2225,21 +2351,7 @@ static void ath_tx_complete(struct ath_s
+ spin_unlock_irqrestore(&sc->sc_pm_lock, flags);
+
+ __skb_queue_tail(&txq->complete_q, skb);
+-
+- q = skb_get_queue_mapping(skb);
+- if (txq == sc->tx.uapsdq)
+- txq = sc->tx.txq_map[q];
+-
+- if (txq == sc->tx.txq_map[q]) {
+- if (WARN_ON(--txq->pending_frames < 0))
+- txq->pending_frames = 0;
+-
+- if (txq->stopped &&
+- txq->pending_frames < sc->tx.txq_max_pending[q]) {
+- ieee80211_wake_queue(sc->hw, q);
+- txq->stopped = false;
+- }
+- }
++ ath_txq_skb_done(sc, txq, skb);
+ }
+
+ static void ath_tx_complete_buf(struct ath_softc *sc, struct ath_buf *bf,
+@@ -2360,8 +2472,7 @@ static void ath_tx_processq(struct ath_s
+
+ if (list_empty(&txq->axq_q)) {
+ txq->axq_link = NULL;
+- if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT)
+- ath_txq_schedule(sc, txq);
++ ath_txq_schedule(sc, txq);
+ break;
+ }
+ bf = list_first_entry(&txq->axq_q, struct ath_buf, list);
+@@ -2375,7 +2486,7 @@ static void ath_tx_processq(struct ath_s
+ * it with the STALE flag.
+ */
+ bf_held = NULL;
+- if (bf->bf_stale) {
++ if (bf->bf_state.stale) {
+ bf_held = bf;
+ if (list_is_last(&bf_held->list, &txq->axq_q))
+ break;
+@@ -2399,7 +2510,7 @@ static void ath_tx_processq(struct ath_s
+ * however leave the last descriptor back as the holding
+ * descriptor for hw.
+ */
+- lastbf->bf_stale = true;
++ lastbf->bf_state.stale = true;
+ INIT_LIST_HEAD(&bf_head);
+ if (!list_is_singular(&lastbf->list))
+ list_cut_position(&bf_head,
+@@ -2470,7 +2581,7 @@ void ath_tx_edma_tasklet(struct ath_soft
+ }
+
+ bf = list_first_entry(fifo_list, struct ath_buf, list);
+- if (bf->bf_stale) {
++ if (bf->bf_state.stale) {
+ list_del(&bf->list);
+ ath_tx_return_buffer(sc, bf);
+ bf = list_first_entry(fifo_list, struct ath_buf, list);
+@@ -2492,7 +2603,7 @@ void ath_tx_edma_tasklet(struct ath_soft
+ ath_tx_txqaddbuf(sc, txq, &bf_q, true);
+ }
+ } else {
+- lastbf->bf_stale = true;
++ lastbf->bf_state.stale = true;
+ if (bf != lastbf)
+ list_cut_position(&bf_head, fifo_list,
+ lastbf->list.prev);
+@@ -2583,6 +2694,7 @@ void ath_tx_node_init(struct ath_softc *
+ tid->paused = false;
+ tid->active = false;
+ __skb_queue_head_init(&tid->buf_q);
++ __skb_queue_head_init(&tid->retry_q);
+ acno = TID_TO_WME_AC(tidno);
+ tid->ac = &an->ac[acno];
+ }
+@@ -2590,6 +2702,7 @@ void ath_tx_node_init(struct ath_softc *
+ for (acno = 0, ac = &an->ac[acno];
+ acno < IEEE80211_NUM_ACS; acno++, ac++) {
+ ac->sched = false;
++ ac->clear_ps_filter = true;
+ ac->txq = sc->tx.txq_map[acno];
+ INIT_LIST_HEAD(&ac->tid_q);
+ }
+--- a/drivers/net/wireless/ath/ath9k/main.c
++++ b/drivers/net/wireless/ath/ath9k/main.c
+@@ -173,8 +173,7 @@ static void ath_restart_work(struct ath_
+ {
+ ieee80211_queue_delayed_work(sc->hw, &sc->tx_complete_work, 0);
+
+- if (AR_SREV_9340(sc->sc_ah) || AR_SREV_9485(sc->sc_ah) ||
+- AR_SREV_9550(sc->sc_ah))
++ if (AR_SREV_9340(sc->sc_ah) || AR_SREV_9330(sc->sc_ah))
+ ieee80211_queue_delayed_work(sc->hw, &sc->hw_pll_work,
+ msecs_to_jiffies(ATH_PLL_WORK_INTERVAL));
+
+@@ -209,6 +208,7 @@ static bool ath_complete_reset(struct at
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
+ unsigned long flags;
++ int i;
+
+ if (ath_startrecv(sc) != 0) {
+ ath_err(common, "Unable to restart recv logic\n");
+@@ -236,10 +236,16 @@ static bool ath_complete_reset(struct at
+ }
+ work:
+ ath_restart_work(sc);
+- }
+
+- if ((ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) && sc->ant_rx != 3)
+- ath_ant_comb_update(sc);
++ for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++) {
++ if (!ATH_TXQ_SETUP(sc, i))
++ continue;
++
++ spin_lock_bh(&sc->tx.txq[i].axq_lock);
++ ath_txq_schedule(sc, &sc->tx.txq[i]);
++ spin_unlock_bh(&sc->tx.txq[i].axq_lock);
++ }
++ }
+
+ ieee80211_wake_queues(sc->hw);
+
+@@ -306,17 +312,91 @@ out:
+ * by reseting the chip. To accomplish this we must first cleanup any pending
+ * DMA, then restart stuff.
+ */
+-static int ath_set_channel(struct ath_softc *sc, struct ieee80211_hw *hw,
+- struct ath9k_channel *hchan)
++static int ath_set_channel(struct ath_softc *sc, struct cfg80211_chan_def *chandef)
+ {
++ struct ath_hw *ah = sc->sc_ah;
++ struct ath_common *common = ath9k_hw_common(ah);
++ struct ieee80211_hw *hw = sc->hw;
++ struct ath9k_channel *hchan;
++ struct ieee80211_channel *chan = chandef->chan;
++ unsigned long flags;
++ bool offchannel;
++ int pos = chan->hw_value;
++ int old_pos = -1;
+ int r;
+
+ if (test_bit(SC_OP_INVALID, &sc->sc_flags))
+ return -EIO;
+
++ offchannel = !!(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL);
++
++ if (ah->curchan)
++ old_pos = ah->curchan - &ah->channels[0];
++
++ ath_dbg(common, CONFIG, "Set channel: %d MHz width: %d\n",
++ chan->center_freq, chandef->width);
++
++ /* update survey stats for the old channel before switching */
++ spin_lock_irqsave(&common->cc_lock, flags);
++ ath_update_survey_stats(sc);
++ spin_unlock_irqrestore(&common->cc_lock, flags);
++
++ ath9k_cmn_get_channel(hw, ah, chandef);
++
++ /*
++ * If the operating channel changes, change the survey in-use flags
++ * along with it.
++ * Reset the survey data for the new channel, unless we're switching
++ * back to the operating channel from an off-channel operation.
++ */
++ if (!offchannel && sc->cur_survey != &sc->survey[pos]) {
++ if (sc->cur_survey)
++ sc->cur_survey->filled &= ~SURVEY_INFO_IN_USE;
++
++ sc->cur_survey = &sc->survey[pos];
++
++ memset(sc->cur_survey, 0, sizeof(struct survey_info));
++ sc->cur_survey->filled |= SURVEY_INFO_IN_USE;
++ } else if (!(sc->survey[pos].filled & SURVEY_INFO_IN_USE)) {
++ memset(&sc->survey[pos], 0, sizeof(struct survey_info));
++ }
++
++ hchan = &sc->sc_ah->channels[pos];
+ r = ath_reset_internal(sc, hchan);
++ if (r)
++ return r;
+
+- return r;
++ /*
++ * The most recent snapshot of channel->noisefloor for the old
++ * channel is only available after the hardware reset. Copy it to
++ * the survey stats now.
++ */
++ if (old_pos >= 0)
++ ath_update_survey_nf(sc, old_pos);
++
++ /*
++ * Enable radar pulse detection if on a DFS channel. Spectral
++ * scanning and radar detection can not be used concurrently.
++ */
++ if (hw->conf.radar_enabled) {
++ u32 rxfilter;
++
++ /* set HW specific DFS configuration */
++ ath9k_hw_set_radar_params(ah);
++ rxfilter = ath9k_hw_getrxfilter(ah);
++ rxfilter |= ATH9K_RX_FILTER_PHYRADAR |
++ ATH9K_RX_FILTER_PHYERR;
++ ath9k_hw_setrxfilter(ah, rxfilter);
++ ath_dbg(common, DFS, "DFS enabled at freq %d\n",
++ chan->center_freq);
++ } else {
++ /* perform spectral scan if requested. */
++ if (test_bit(SC_OP_SCANNING, &sc->sc_flags) &&
++ sc->spectral_mode == SPECTRAL_CHANSCAN)
++ ath9k_spectral_scan_trigger(hw);
++ }
++
++ return 0;
+ }
+
+ static void ath_node_attach(struct ath_softc *sc, struct ieee80211_sta *sta,
+@@ -543,21 +623,10 @@ chip_reset:
+
+ static int ath_reset(struct ath_softc *sc)
+ {
+- int i, r;
++ int r;
+
+ ath9k_ps_wakeup(sc);
+-
+ r = ath_reset_internal(sc, NULL);
+-
+- for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++) {
+- if (!ATH_TXQ_SETUP(sc, i))
+- continue;
+-
+- spin_lock_bh(&sc->tx.txq[i].axq_lock);
+- ath_txq_schedule(sc, &sc->tx.txq[i]);
+- spin_unlock_bh(&sc->tx.txq[i].axq_lock);
+- }
+-
+ ath9k_ps_restore(sc);
+
+ return r;
+@@ -599,7 +668,7 @@ static int ath9k_start(struct ieee80211_
+ ath9k_ps_wakeup(sc);
+ mutex_lock(&sc->mutex);
+
+- init_channel = ath9k_cmn_get_curchannel(hw, ah);
++ init_channel = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
+
+ /* Reset SERDES registers */
+ ath9k_hw_configpcipowersave(ah, false);
+@@ -802,7 +871,7 @@ static void ath9k_stop(struct ieee80211_
+ }
+
+ if (!ah->curchan)
+- ah->curchan = ath9k_cmn_get_curchannel(hw, ah);
++ ah->curchan = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
+
+ ath9k_hw_reset(ah, ah->curchan, ah->caldata, false);
+ ath9k_hw_phy_disable(ah);
+@@ -821,7 +890,7 @@ static void ath9k_stop(struct ieee80211_
+ ath_dbg(common, CONFIG, "Driver halt\n");
+ }
+
+-bool ath9k_uses_beacons(int type)
++static bool ath9k_uses_beacons(int type)
+ {
+ switch (type) {
+ case NL80211_IFTYPE_AP:
+@@ -966,6 +1035,8 @@ static int ath9k_add_interface(struct ie
+ struct ath_softc *sc = hw->priv;
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
++ struct ath_vif *avp = (void *)vif->drv_priv;
++ struct ath_node *an = &avp->mcast_node;
+
+ mutex_lock(&sc->mutex);
+
+@@ -979,6 +1050,12 @@ static int ath9k_add_interface(struct ie
+ if (ath9k_uses_beacons(vif->type))
+ ath9k_beacon_assign_slot(sc, vif);
+
++ an->sc = sc;
++ an->sta = NULL;
++ an->vif = vif;
++ an->no_ps_filter = true;
++ ath_tx_node_init(sc, an);
++
+ mutex_unlock(&sc->mutex);
+ return 0;
+ }
+@@ -1016,6 +1093,7 @@ static void ath9k_remove_interface(struc
+ {
+ struct ath_softc *sc = hw->priv;
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
++ struct ath_vif *avp = (void *)vif->drv_priv;
+
+ ath_dbg(common, CONFIG, "Detach Interface\n");
+
+@@ -1030,6 +1108,8 @@ static void ath9k_remove_interface(struc
+ ath9k_calculate_summary_state(hw, NULL);
+ ath9k_ps_restore(sc);
+
++ ath_tx_node_cleanup(sc, &avp->mcast_node);
++
+ mutex_unlock(&sc->mutex);
+ }
+
+@@ -1192,83 +1272,12 @@ static int ath9k_config(struct ieee80211
+ }
+
+ if ((changed & IEEE80211_CONF_CHANGE_CHANNEL) || reset_channel) {
+- struct ieee80211_channel *curchan = hw->conf.chandef.chan;
+- enum nl80211_channel_type channel_type =
+- cfg80211_get_chandef_type(&conf->chandef);
+- int pos = curchan->hw_value;
+- int old_pos = -1;
+- unsigned long flags;
+-
+- if (ah->curchan)
+- old_pos = ah->curchan - &ah->channels[0];
+-
+- ath_dbg(common, CONFIG, "Set channel: %d MHz type: %d\n",
+- curchan->center_freq, channel_type);
+-
+- /* update survey stats for the old channel before switching */
+- spin_lock_irqsave(&common->cc_lock, flags);
+- ath_update_survey_stats(sc);
+- spin_unlock_irqrestore(&common->cc_lock, flags);
+-
+- ath9k_cmn_update_ichannel(&sc->sc_ah->channels[pos],
+- curchan, channel_type);
+-
+- /*
+- * If the operating channel changes, change the survey in-use flags
+- * along with it.
+- * Reset the survey data for the new channel, unless we're switching
+- * back to the operating channel from an off-channel operation.
+- */
+- if (!(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL) &&
+- sc->cur_survey != &sc->survey[pos]) {
+-
+- if (sc->cur_survey)
+- sc->cur_survey->filled &= ~SURVEY_INFO_IN_USE;
+-
+- sc->cur_survey = &sc->survey[pos];
+-
+- memset(sc->cur_survey, 0, sizeof(struct survey_info));
+- sc->cur_survey->filled |= SURVEY_INFO_IN_USE;
+- } else if (!(sc->survey[pos].filled & SURVEY_INFO_IN_USE)) {
+- memset(&sc->survey[pos], 0, sizeof(struct survey_info));
+- }
+-
+- if (ath_set_channel(sc, hw, &sc->sc_ah->channels[pos]) < 0) {
++ if (ath_set_channel(sc, &hw->conf.chandef) < 0) {
+ ath_err(common, "Unable to set channel\n");
+ mutex_unlock(&sc->mutex);
+ ath9k_ps_restore(sc);
+ return -EINVAL;
+ }
+-
+- /*
+- * The most recent snapshot of channel->noisefloor for the old
+- * channel is only available after the hardware reset. Copy it to
+- * the survey stats now.
+- */
+- if (old_pos >= 0)
+- ath_update_survey_nf(sc, old_pos);
+-
+- /*
+- * Enable radar pulse detection if on a DFS channel. Spectral
+- * scanning and radar detection can not be used concurrently.
+- */
+- if (hw->conf.radar_enabled) {
+- u32 rxfilter;
+-
+- /* set HW specific DFS configuration */
+- ath9k_hw_set_radar_params(ah);
+- rxfilter = ath9k_hw_getrxfilter(ah);
+- rxfilter |= ATH9K_RX_FILTER_PHYRADAR |
+- ATH9K_RX_FILTER_PHYERR;
+- ath9k_hw_setrxfilter(ah, rxfilter);
+- ath_dbg(common, DFS, "DFS enabled at freq %d\n",
+- curchan->center_freq);
+- } else {
+- /* perform spectral scan if requested. */
+- if (test_bit(SC_OP_SCANNING, &sc->sc_flags) &&
+- sc->spectral_mode == SPECTRAL_CHANSCAN)
+- ath9k_spectral_scan_trigger(hw);
+- }
+ }
+
+ if (changed & IEEE80211_CONF_CHANGE_POWER) {
+@@ -1374,9 +1383,6 @@ static void ath9k_sta_notify(struct ieee
+ struct ath_softc *sc = hw->priv;
+ struct ath_node *an = (struct ath_node *) sta->drv_priv;
+
+- if (!sta->ht_cap.ht_supported)
+- return;
+-
+ switch (cmd) {
+ case STA_NOTIFY_SLEEP:
+ an->sleeping = true;
+@@ -2094,7 +2100,7 @@ static void ath9k_wow_add_pattern(struct
+ {
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath9k_wow_pattern *wow_pattern = NULL;
+- struct cfg80211_wowlan_trig_pkt_pattern *patterns = wowlan->patterns;
++ struct cfg80211_pkt_pattern *patterns = wowlan->patterns;
+ int mask_len;
+ s8 i = 0;
+
+--- a/drivers/net/wireless/mwifiex/cfg80211.c
++++ b/drivers/net/wireless/mwifiex/cfg80211.c
+@@ -2298,8 +2298,7 @@ EXPORT_SYMBOL_GPL(mwifiex_del_virtual_in
+
+ #ifdef CONFIG_PM
+ static bool
+-mwifiex_is_pattern_supported(struct cfg80211_wowlan_trig_pkt_pattern *pat,
+- s8 *byte_seq)
++mwifiex_is_pattern_supported(struct cfg80211_pkt_pattern *pat, s8 *byte_seq)
+ {
+ int j, k, valid_byte_cnt = 0;
+ bool dont_care_byte = false;
+--- a/drivers/net/wireless/ti/wlcore/main.c
++++ b/drivers/net/wireless/ti/wlcore/main.c
+@@ -1315,7 +1315,7 @@ static struct sk_buff *wl12xx_alloc_dumm
+
+ #ifdef CONFIG_PM
+ static int
+-wl1271_validate_wowlan_pattern(struct cfg80211_wowlan_trig_pkt_pattern *p)
++wl1271_validate_wowlan_pattern(struct cfg80211_pkt_pattern *p)
+ {
+ int num_fields = 0, in_field = 0, fields_size = 0;
+ int i, pattern_len = 0;
+@@ -1458,9 +1458,9 @@ void wl1271_rx_filter_flatten_fields(str
+ * Allocates an RX filter returned through f
+ * which needs to be freed using rx_filter_free()
+ */
+-static int wl1271_convert_wowlan_pattern_to_rx_filter(
+- struct cfg80211_wowlan_trig_pkt_pattern *p,
+- struct wl12xx_rx_filter **f)
++static int
++wl1271_convert_wowlan_pattern_to_rx_filter(struct cfg80211_pkt_pattern *p,
++ struct wl12xx_rx_filter **f)
+ {
+ int i, j, ret = 0;
+ struct wl12xx_rx_filter *filter;
+@@ -1562,7 +1562,7 @@ static int wl1271_configure_wowlan(struc
+
+ /* Translate WoWLAN patterns into filters */
+ for (i = 0; i < wow->n_patterns; i++) {
+- struct cfg80211_wowlan_trig_pkt_pattern *p;
++ struct cfg80211_pkt_pattern *p;
+ struct wl12xx_rx_filter *filter = NULL;
+
+ p = &wow->patterns[i];
+--- a/include/net/cfg80211.h
++++ b/include/net/cfg80211.h
+@@ -639,6 +639,30 @@ struct cfg80211_ap_settings {
+ };
+
+ /**
++ * struct cfg80211_csa_settings - channel switch settings
++ *
++ * Used for channel switch
++ *
++ * @chandef: defines the channel to use after the switch
++ * @beacon_csa: beacon data while performing the switch
++ * @counter_offset_beacon: offset for the counter within the beacon (tail)
++ * @counter_offset_presp: offset for the counter within the probe response
++ * @beacon_after: beacon data to be used on the new channel
++ * @radar_required: whether radar detection is required on the new channel
++ * @block_tx: whether transmissions should be blocked while changing
++ * @count: number of beacons until switch
++ */
++struct cfg80211_csa_settings {
++ struct cfg80211_chan_def chandef;
++ struct cfg80211_beacon_data beacon_csa;
++ u16 counter_offset_beacon, counter_offset_presp;
++ struct cfg80211_beacon_data beacon_after;
++ bool radar_required;
++ bool block_tx;
++ u8 count;
++};
++
++/**
+ * enum station_parameters_apply_mask - station parameter values to apply
+ * @STATION_PARAM_APPLY_UAPSD: apply new uAPSD parameters (uapsd_queues, max_sp)
+ * @STATION_PARAM_APPLY_CAPABILITY: apply new capability
+@@ -1698,7 +1722,7 @@ struct cfg80211_pmksa {
+ };
+
+ /**
+- * struct cfg80211_wowlan_trig_pkt_pattern - packet pattern
++ * struct cfg80211_pkt_pattern - packet pattern
+ * @mask: bitmask where to match pattern and where to ignore bytes,
+ * one bit per byte, in same format as nl80211
+ * @pattern: bytes to match where bitmask is 1
+@@ -1708,7 +1732,7 @@ struct cfg80211_pmksa {
+ * Internal note: @mask and @pattern are allocated in one chunk of
+ * memory, free @mask only!
+ */
+-struct cfg80211_wowlan_trig_pkt_pattern {
++struct cfg80211_pkt_pattern {
+ u8 *mask, *pattern;
+ int pattern_len;
+ int pkt_offset;
+@@ -1770,7 +1794,7 @@ struct cfg80211_wowlan {
+ bool any, disconnect, magic_pkt, gtk_rekey_failure,
+ eap_identity_req, four_way_handshake,
+ rfkill_release;
+- struct cfg80211_wowlan_trig_pkt_pattern *patterns;
++ struct cfg80211_pkt_pattern *patterns;
+ struct cfg80211_wowlan_tcp *tcp;
+ int n_patterns;
+ };
+@@ -2071,6 +2095,8 @@ struct cfg80211_update_ft_ies_params {
+ * driver can take the most appropriate actions.
+ * @crit_proto_stop: Indicates critical protocol no longer needs increased link
+ * reliability. This operation can not fail.
++ *
++ * @channel_switch: initiate channel-switch procedure (with CSA)
+ */
+ struct cfg80211_ops {
+ int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow);
+@@ -2306,6 +2332,10 @@ struct cfg80211_ops {
+ u16 duration);
+ void (*crit_proto_stop)(struct wiphy *wiphy,
+ struct wireless_dev *wdev);
++
++ int (*channel_switch)(struct wiphy *wiphy,
++ struct net_device *dev,
++ struct cfg80211_csa_settings *params);
+ };
+
+ /*
+@@ -2371,6 +2401,8 @@ struct cfg80211_ops {
+ * @WIPHY_FLAG_OFFCHAN_TX: Device supports direct off-channel TX.
+ * @WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL: Device supports remain-on-channel call.
+ * @WIPHY_FLAG_SUPPORTS_5_10_MHZ: Device supports 5 MHz and 10 MHz channels.
++ * @WIPHY_FLAG_HAS_CHANNEL_SWITCH: Device supports channel switch in
++ * beaconing mode (AP, IBSS, Mesh, ...).
+ */
+ enum wiphy_flags {
+ WIPHY_FLAG_CUSTOM_REGULATORY = BIT(0),
+@@ -2395,6 +2427,7 @@ enum wiphy_flags {
+ WIPHY_FLAG_OFFCHAN_TX = BIT(20),
+ WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL = BIT(21),
+ WIPHY_FLAG_SUPPORTS_5_10_MHZ = BIT(22),
++ WIPHY_FLAG_HAS_CHANNEL_SWITCH = BIT(23),
+ };
+
+ /**
--- a/include/uapi/linux/nl80211.h
+++ b/include/uapi/linux/nl80211.h
-@@ -3060,11 +3060,11 @@ enum nl80211_tx_power_setting {
+@@ -648,6 +648,16 @@
+ * @NL80211_CMD_CRIT_PROTOCOL_STOP: Indicates the connection reliability can
+ * return back to normal.
+ *
++ * @NL80211_CMD_CHANNEL_SWITCH: Perform a channel switch by announcing the
++ * the new channel information (Channel Switch Announcement - CSA)
++ * in the beacon for some time (as defined in the
++ * %NL80211_ATTR_CH_SWITCH_COUNT parameter) and then change to the
++ * new channel. Userspace provides the new channel information (using
++ * %NL80211_ATTR_WIPHY_FREQ and the attributes determining channel
++ * width). %NL80211_ATTR_CH_SWITCH_BLOCK_TX may be supplied to inform
++ * other station that transmission must be blocked until the channel
++ * switch is complete.
++ *
+ * @NL80211_CMD_MAX: highest used command number
+ * @__NL80211_CMD_AFTER_LAST: internal use
+ */
+@@ -810,6 +820,8 @@ enum nl80211_commands {
+ NL80211_CMD_CRIT_PROTOCOL_START,
+ NL80211_CMD_CRIT_PROTOCOL_STOP,
+
++ NL80211_CMD_CHANNEL_SWITCH,
++
+ /* add new commands above here */
+
+ /* used to define NL80211_CMD_MAX below */
+@@ -1436,6 +1448,18 @@ enum nl80211_commands {
+ * allowed to be used with the first @NL80211_CMD_SET_STATION command to
+ * update a TDLS peer STA entry.
+ *
++ * @NL80211_ATTR_CH_SWITCH_COUNT: u32 attribute specifying the number of TBTT's
++ * until the channel switch event.
++ * @NL80211_ATTR_CH_SWITCH_BLOCK_TX: flag attribute specifying that transmission
++ * must be blocked on the current channel (before the channel switch
++ * operation).
++ * @NL80211_ATTR_CSA_IES: Nested set of attributes containing the IE information
++ * for the time while performing a channel switch.
++ * @NL80211_ATTR_CSA_C_OFF_BEACON: Offset of the channel switch counter
++ * field in the beacons tail (%NL80211_ATTR_BEACON_TAIL).
++ * @NL80211_ATTR_CSA_C_OFF_PRESP: Offset of the channel switch counter
++ * field in the probe response (%NL80211_ATTR_PROBE_RESP).
++ *
+ * @NL80211_ATTR_MAX: highest attribute number currently defined
+ * @__NL80211_ATTR_AFTER_LAST: internal use
+ */
+@@ -1736,6 +1760,12 @@ enum nl80211_attrs {
+
+ NL80211_ATTR_PEER_AID,
+
++ NL80211_ATTR_CH_SWITCH_COUNT,
++ NL80211_ATTR_CH_SWITCH_BLOCK_TX,
++ NL80211_ATTR_CSA_IES,
++ NL80211_ATTR_CSA_C_OFF_BEACON,
++ NL80211_ATTR_CSA_C_OFF_PRESP,
++
+ /* add attributes here, update the policy in nl80211.c */
+
+ __NL80211_ATTR_AFTER_LAST,
+@@ -3060,11 +3090,11 @@ enum nl80211_tx_power_setting {
+ };
+
+ /**
+- * enum nl80211_wowlan_packet_pattern_attr - WoWLAN packet pattern attribute
+- * @__NL80211_WOWLAN_PKTPAT_INVALID: invalid number for nested attribute
+- * @NL80211_WOWLAN_PKTPAT_PATTERN: the pattern, values where the mask has
++ * enum nl80211_packet_pattern_attr - packet pattern attribute
++ * @__NL80211_PKTPAT_INVALID: invalid number for nested attribute
++ * @NL80211_PKTPAT_PATTERN: the pattern, values where the mask has
+ * a zero bit are ignored
+- * @NL80211_WOWLAN_PKTPAT_MASK: pattern mask, must be long enough to have
++ * @NL80211_PKTPAT_MASK: pattern mask, must be long enough to have
+ * a bit for each byte in the pattern. The lowest-order bit corresponds
+ * to the first byte of the pattern, but the bytes of the pattern are
+ * in a little-endian-like format, i.e. the 9th byte of the pattern
+@@ -3075,23 +3105,23 @@ enum nl80211_tx_power_setting {
+ * Note that the pattern matching is done as though frames were not
+ * 802.11 frames but 802.3 frames, i.e. the frame is fully unpacked
+ * first (including SNAP header unpacking) and then matched.
+- * @NL80211_WOWLAN_PKTPAT_OFFSET: packet offset, pattern is matched after
++ * @NL80211_PKTPAT_OFFSET: packet offset, pattern is matched after
+ * these fixed number of bytes of received packet
+- * @NUM_NL80211_WOWLAN_PKTPAT: number of attributes
+- * @MAX_NL80211_WOWLAN_PKTPAT: max attribute number
++ * @NUM_NL80211_PKTPAT: number of attributes
++ * @MAX_NL80211_PKTPAT: max attribute number
+ */
+-enum nl80211_wowlan_packet_pattern_attr {
+- __NL80211_WOWLAN_PKTPAT_INVALID,
+- NL80211_WOWLAN_PKTPAT_MASK,
+- NL80211_WOWLAN_PKTPAT_PATTERN,
+- NL80211_WOWLAN_PKTPAT_OFFSET,
++enum nl80211_packet_pattern_attr {
++ __NL80211_PKTPAT_INVALID,
++ NL80211_PKTPAT_MASK,
++ NL80211_PKTPAT_PATTERN,
++ NL80211_PKTPAT_OFFSET,
+
+- NUM_NL80211_WOWLAN_PKTPAT,
+- MAX_NL80211_WOWLAN_PKTPAT = NUM_NL80211_WOWLAN_PKTPAT - 1,
++ NUM_NL80211_PKTPAT,
++ MAX_NL80211_PKTPAT = NUM_NL80211_PKTPAT - 1,
+ };
+
+ /**
+- * struct nl80211_wowlan_pattern_support - pattern support information
++ * struct nl80211_pattern_support - packet pattern support information
+ * @max_patterns: maximum number of patterns supported
+ * @min_pattern_len: minimum length of each pattern
+ * @max_pattern_len: maximum length of each pattern
+@@ -3101,13 +3131,22 @@ enum nl80211_wowlan_packet_pattern_attr
+ * that is part of %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED in the
+ * capability information given by the kernel to userspace.
+ */
+-struct nl80211_wowlan_pattern_support {
++struct nl80211_pattern_support {
+ __u32 max_patterns;
+ __u32 min_pattern_len;
+ __u32 max_pattern_len;
+ __u32 max_pkt_offset;
+ } __attribute__((packed));
+
++/* only for backward compatibility */
++#define __NL80211_WOWLAN_PKTPAT_INVALID __NL80211_PKTPAT_INVALID
++#define NL80211_WOWLAN_PKTPAT_MASK NL80211_PKTPAT_MASK
++#define NL80211_WOWLAN_PKTPAT_PATTERN NL80211_PKTPAT_PATTERN
++#define NL80211_WOWLAN_PKTPAT_OFFSET NL80211_PKTPAT_OFFSET
++#define NUM_NL80211_WOWLAN_PKTPAT NUM_NL80211_PKTPAT
++#define MAX_NL80211_WOWLAN_PKTPAT MAX_NL80211_PKTPAT
++#define nl80211_wowlan_pattern_support nl80211_pattern_support
++
+ /**
+ * enum nl80211_wowlan_triggers - WoWLAN trigger definitions
+ * @__NL80211_WOWLAN_TRIG_INVALID: invalid number for nested attributes
+@@ -3127,7 +3166,7 @@ struct nl80211_wowlan_pattern_support {
+ * pattern matching is done after the packet is converted to the MSDU.
+ *
+ * In %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED, it is a binary attribute
+- * carrying a &struct nl80211_wowlan_pattern_support.
++ * carrying a &struct nl80211_pattern_support.
+ *
+ * When reporting wakeup. it is a u32 attribute containing the 0-based
+ * index of the pattern that caused the wakeup, in the patterns passed
+@@ -3284,7 +3323,7 @@ struct nl80211_wowlan_tcp_data_token_fea
+ * @NL80211_WOWLAN_TCP_WAKE_PAYLOAD: wake packet payload, for advertising a
+ * u32 attribute holding the maximum length
+ * @NL80211_WOWLAN_TCP_WAKE_MASK: Wake packet payload mask, not used for
+- * feature advertising. The mask works like @NL80211_WOWLAN_PKTPAT_MASK
++ * feature advertising. The mask works like @NL80211_PKTPAT_MASK
+ * but on the TCP payload only.
+ * @NUM_NL80211_WOWLAN_TCP: number of TCP attributes
+ * @MAX_NL80211_WOWLAN_TCP: highest attribute number
+--- a/net/mac80211/mesh_ps.c
++++ b/net/mac80211/mesh_ps.c
+@@ -229,6 +229,10 @@ void ieee80211_mps_sta_status_update(str
+ enum nl80211_mesh_power_mode pm;
+ bool do_buffer;
+
++ /* For non-assoc STA, prevent buffering or frame transmission */
++ if (sta->sta_state < IEEE80211_STA_ASSOC)
++ return;
++
+ /*
+ * use peer-specific power mode if peering is established and the
+ * peer's power mode is known
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -349,6 +349,11 @@ static const struct nla_policy nl80211_p
+ [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
+ .len = IEEE80211_MAX_DATA_LEN },
+ [NL80211_ATTR_PEER_AID] = { .type = NLA_U16 },
++ [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
++ [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
++ [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
++ [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_U16 },
++ [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_U16 },
+ };
+
+ /* policy for the key attributes */
+@@ -441,10 +446,12 @@ static int nl80211_prepare_wdev_dump(str
+ goto out_unlock;
+ }
+ *rdev = wiphy_to_dev((*wdev)->wiphy);
+- cb->args[0] = (*rdev)->wiphy_idx;
++ /* 0 is the first index - add 1 to parse only once */
++ cb->args[0] = (*rdev)->wiphy_idx + 1;
+ cb->args[1] = (*wdev)->identifier;
+ } else {
+- struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0]);
++ /* subtract the 1 again here */
++ struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
+ struct wireless_dev *tmp;
+
+ if (!wiphy) {
+@@ -974,7 +981,7 @@ static int nl80211_send_wowlan(struct sk
+ return -ENOBUFS;
+
+ if (dev->wiphy.wowlan->n_patterns) {
+- struct nl80211_wowlan_pattern_support pat = {
++ struct nl80211_pattern_support pat = {
+ .max_patterns = dev->wiphy.wowlan->n_patterns,
+ .min_pattern_len = dev->wiphy.wowlan->pattern_min_len,
+ .max_pattern_len = dev->wiphy.wowlan->pattern_max_len,
+@@ -1393,6 +1400,8 @@ static int nl80211_send_wiphy(struct cfg
+ if (state->split) {
+ CMD(crit_proto_start, CRIT_PROTOCOL_START);
+ CMD(crit_proto_stop, CRIT_PROTOCOL_STOP);
++ if (dev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)
++ CMD(channel_switch, CHANNEL_SWITCH);
+ }
+
+ #ifdef CPTCFG_NL80211_TESTMODE
+@@ -1568,8 +1577,10 @@ static int nl80211_dump_wiphy(struct sk_
+ rtnl_lock();
+ if (!state) {
+ state = kzalloc(sizeof(*state), GFP_KERNEL);
+- if (!state)
++ if (!state) {
++ rtnl_unlock();
+ return -ENOMEM;
++ }
+ state->filter_wiphy = -1;
+ ret = nl80211_dump_wiphy_parse(skb, cb, state);
+ if (ret) {
+@@ -2620,8 +2631,8 @@ static int nl80211_get_key(struct sk_buf
+
+ hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
+ NL80211_CMD_NEW_KEY);
+- if (IS_ERR(hdr))
+- return PTR_ERR(hdr);
++ if (!hdr)
++ return -ENOBUFS;
+
+ cookie.msg = msg;
+ cookie.idx = key_idx;
+@@ -4770,9 +4781,9 @@ do { \
+ FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 0, 1,
+ mask, NL80211_MESHCONF_FORWARDING,
+ nla_get_u8);
+- FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, 1, 255,
++ FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, -255, 0,
+ mask, NL80211_MESHCONF_RSSI_THRESHOLD,
+- nla_get_u32);
++ nla_get_s32);
+ FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode, 0, 16,
+ mask, NL80211_MESHCONF_HT_OPMODE,
+ nla_get_u16);
+@@ -5578,6 +5589,111 @@ static int nl80211_start_radar_detection
+ return err;
+ }
+
++static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info)
++{
++ struct cfg80211_registered_device *rdev = info->user_ptr[0];
++ struct net_device *dev = info->user_ptr[1];
++ struct wireless_dev *wdev = dev->ieee80211_ptr;
++ struct cfg80211_csa_settings params;
++ /* csa_attrs is defined static to avoid waste of stack size - this
++ * function is called under RTNL lock, so this should not be a problem.
++ */
++ static struct nlattr *csa_attrs[NL80211_ATTR_MAX+1];
++ u8 radar_detect_width = 0;
++ int err;
++
++ if (!rdev->ops->channel_switch ||
++ !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
++ return -EOPNOTSUPP;
++
++ /* may add IBSS support later */
++ if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
++ dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
++ return -EOPNOTSUPP;
++
++ memset(¶ms, 0, sizeof(params));
++
++ if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
++ !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT])
++ return -EINVAL;
++
++ /* only important for AP, IBSS and mesh create IEs internally */
++ if (!info->attrs[NL80211_ATTR_CSA_IES])
++ return -EINVAL;
++
++ /* useless if AP is not running */
++ if (!wdev->beacon_interval)
++ return -EINVAL;
++
++ params.count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]);
++
++ err = nl80211_parse_beacon(info->attrs, ¶ms.beacon_after);
++ if (err)
++ return err;
++
++ err = nla_parse_nested(csa_attrs, NL80211_ATTR_MAX,
++ info->attrs[NL80211_ATTR_CSA_IES],
++ nl80211_policy);
++ if (err)
++ return err;
++
++ err = nl80211_parse_beacon(csa_attrs, ¶ms.beacon_csa);
++ if (err)
++ return err;
++
++ if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON])
++ return -EINVAL;
++
++ params.counter_offset_beacon =
++ nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
++ if (params.counter_offset_beacon >= params.beacon_csa.tail_len)
++ return -EINVAL;
++
++ /* sanity check - counters should be the same */
++ if (params.beacon_csa.tail[params.counter_offset_beacon] !=
++ params.count)
++ return -EINVAL;
++
++ if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) {
++ params.counter_offset_presp =
++ nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
++ if (params.counter_offset_presp >=
++ params.beacon_csa.probe_resp_len)
++ return -EINVAL;
++
++ if (params.beacon_csa.probe_resp[params.counter_offset_presp] !=
++ params.count)
++ return -EINVAL;
++ }
++
++ err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
++ if (err)
++ return err;
++
++ if (!cfg80211_reg_can_beacon(&rdev->wiphy, ¶ms.chandef))
++ return -EINVAL;
++
++ err = cfg80211_chandef_dfs_required(wdev->wiphy, ¶ms.chandef);
++ if (err < 0) {
++ return err;
++ } else if (err) {
++ radar_detect_width = BIT(params.chandef.width);
++ params.radar_required = true;
++ }
++
++ err = cfg80211_can_use_iftype_chan(rdev, wdev, wdev->iftype,
++ params.chandef.chan,
++ CHAN_MODE_SHARED,
++ radar_detect_width);
++ if (err)
++ return err;
++
++ if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX])
++ params.block_tx = true;
++
++ return rdev_channel_switch(rdev, dev, ¶ms);
++}
++
+ static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
+ u32 seq, int flags,
+ struct cfg80211_registered_device *rdev,
+@@ -6507,6 +6623,9 @@ static int nl80211_testmode_dump(struct
+ NL80211_CMD_TESTMODE);
+ struct nlattr *tmdata;
+
++ if (!hdr)
++ break;
++
+ if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
+ genlmsg_cancel(skb, hdr);
+ break;
+@@ -6615,12 +6734,14 @@ EXPORT_SYMBOL(cfg80211_testmode_alloc_ev
+
+ void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
+ {
++ struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
+ void *hdr = ((void **)skb->cb)[1];
+ struct nlattr *data = ((void **)skb->cb)[2];
+
+ nla_nest_end(skb, data);
+ genlmsg_end(skb, hdr);
+- genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
++ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), skb, 0,
++ nl80211_testmode_mcgrp.id, gfp);
+ }
+ EXPORT_SYMBOL(cfg80211_testmode_event);
+ #endif
+@@ -6949,9 +7070,8 @@ static int nl80211_remain_on_channel(str
+
+ hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
+ NL80211_CMD_REMAIN_ON_CHANNEL);
+-
+- if (IS_ERR(hdr)) {
+- err = PTR_ERR(hdr);
++ if (!hdr) {
++ err = -ENOBUFS;
+ goto free_msg;
+ }
+
+@@ -7249,9 +7369,8 @@ static int nl80211_tx_mgmt(struct sk_buf
+
+ hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
+ NL80211_CMD_FRAME);
+-
+- if (IS_ERR(hdr)) {
+- err = PTR_ERR(hdr);
++ if (!hdr) {
++ err = -ENOBUFS;
+ goto free_msg;
+ }
+ }
+@@ -7593,12 +7712,11 @@ static int nl80211_send_wowlan_patterns(
+ if (!nl_pat)
+ return -ENOBUFS;
+ pat_len = wowlan->patterns[i].pattern_len;
+- if (nla_put(msg, NL80211_WOWLAN_PKTPAT_MASK,
+- DIV_ROUND_UP(pat_len, 8),
++ if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
+ wowlan->patterns[i].mask) ||
+- nla_put(msg, NL80211_WOWLAN_PKTPAT_PATTERN,
+- pat_len, wowlan->patterns[i].pattern) ||
+- nla_put_u32(msg, NL80211_WOWLAN_PKTPAT_OFFSET,
++ nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
++ wowlan->patterns[i].pattern) ||
++ nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
+ wowlan->patterns[i].pkt_offset))
+ return -ENOBUFS;
+ nla_nest_end(msg, nl_pat);
+@@ -7939,7 +8057,7 @@ static int nl80211_set_wowlan(struct sk_
+ struct nlattr *pat;
+ int n_patterns = 0;
+ int rem, pat_len, mask_len, pkt_offset;
+- struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT];
++ struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
+
+ nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
+ rem)
+@@ -7958,26 +8076,25 @@ static int nl80211_set_wowlan(struct sk_
+
+ nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
+ rem) {
+- nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT,
+- nla_data(pat), nla_len(pat), NULL);
++ nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
++ nla_len(pat), NULL);
+ err = -EINVAL;
+- if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] ||
+- !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN])
++ if (!pat_tb[NL80211_PKTPAT_MASK] ||
++ !pat_tb[NL80211_PKTPAT_PATTERN])
+ goto error;
+- pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]);
++ pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
+ mask_len = DIV_ROUND_UP(pat_len, 8);
+- if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) !=
+- mask_len)
++ if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
+ goto error;
+ if (pat_len > wowlan->pattern_max_len ||
+ pat_len < wowlan->pattern_min_len)
+ goto error;
+
+- if (!pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET])
++ if (!pat_tb[NL80211_PKTPAT_OFFSET])
+ pkt_offset = 0;
+ else
+ pkt_offset = nla_get_u32(
+- pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET]);
++ pat_tb[NL80211_PKTPAT_OFFSET]);
+ if (pkt_offset > wowlan->max_pkt_offset)
+ goto error;
+ new_triggers.patterns[i].pkt_offset = pkt_offset;
+@@ -7991,11 +8108,11 @@ static int nl80211_set_wowlan(struct sk_
+ new_triggers.patterns[i].pattern =
+ new_triggers.patterns[i].mask + mask_len;
+ memcpy(new_triggers.patterns[i].mask,
+- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]),
++ nla_data(pat_tb[NL80211_PKTPAT_MASK]),
+ mask_len);
+ new_triggers.patterns[i].pattern_len = pat_len;
+ memcpy(new_triggers.patterns[i].pattern,
+- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]),
++ nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
+ pat_len);
+ i++;
+ }
+@@ -8130,9 +8247,8 @@ static int nl80211_probe_client(struct s
+
+ hdr = nl80211hdr_put(msg, genl_info_snd_portid(info), info->snd_seq, 0,
+ NL80211_CMD_PROBE_CLIENT);
+-
+- if (IS_ERR(hdr)) {
+- err = PTR_ERR(hdr);
++ if (!hdr) {
++ err = -ENOBUFS;
+ goto free_msg;
+ }
+
+@@ -9041,7 +9157,15 @@ static struct genl_ops nl80211_ops[] = {
+ .flags = GENL_ADMIN_PERM,
+ .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_NEED_RTNL,
+- }
++ },
++ {
++ .cmd = NL80211_CMD_CHANNEL_SWITCH,
++ .doit = nl80211_channel_switch,
++ .policy = nl80211_policy,
++ .flags = GENL_ADMIN_PERM,
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
++ NL80211_FLAG_NEED_RTNL,
++ },
+ };
+
+ static struct genl_multicast_group nl80211_mlme_mcgrp = {
+@@ -10066,7 +10190,8 @@ void cfg80211_mgmt_tx_status(struct wire
+
+ genlmsg_end(msg, hdr);
+
+- genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
++ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
++ nl80211_mlme_mcgrp.id, gfp);
+ return;
+
+ nla_put_failure:
+--- a/net/wireless/reg.c
++++ b/net/wireless/reg.c
+@@ -2247,10 +2247,13 @@ int reg_device_uevent(struct device *dev
+
+ void wiphy_regulatory_register(struct wiphy *wiphy)
+ {
++ struct regulatory_request *lr;
++
+ if (!reg_dev_ignore_cell_hint(wiphy))
+ reg_num_devs_support_basehint++;
+
+- wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE);
++ lr = get_last_request();
++ wiphy_update_regulatory(wiphy, lr->initiator);
+ }
+
+ void wiphy_regulatory_deregister(struct wiphy *wiphy)
+@@ -2279,7 +2282,9 @@ void wiphy_regulatory_deregister(struct
+ static void reg_timeout_work(struct work_struct *work)
+ {
+ REG_DBG_PRINT("Timeout while waiting for CRDA to reply, restoring regulatory settings\n");
++ rtnl_lock();
+ restore_regulatory_settings(true);
++ rtnl_unlock();
+ }
+
+ int __init regulatory_init(void)
+--- a/net/wireless/sme.c
++++ b/net/wireless/sme.c
+@@ -34,8 +34,10 @@ struct cfg80211_conn {
+ CFG80211_CONN_SCAN_AGAIN,
+ CFG80211_CONN_AUTHENTICATE_NEXT,
+ CFG80211_CONN_AUTHENTICATING,
++ CFG80211_CONN_AUTH_FAILED,
+ CFG80211_CONN_ASSOCIATE_NEXT,
+ CFG80211_CONN_ASSOCIATING,
++ CFG80211_CONN_ASSOC_FAILED,
+ CFG80211_CONN_DEAUTH,
+ CFG80211_CONN_CONNECTED,
+ } state;
+@@ -164,6 +166,8 @@ static int cfg80211_conn_do_work(struct
+ NULL, 0,
+ params->key, params->key_len,
+ params->key_idx, NULL, 0);
++ case CFG80211_CONN_AUTH_FAILED:
++ return -ENOTCONN;
+ case CFG80211_CONN_ASSOCIATE_NEXT:
+ BUG_ON(!rdev->ops->assoc);
+ wdev->conn->state = CFG80211_CONN_ASSOCIATING;
+@@ -188,10 +192,17 @@ static int cfg80211_conn_do_work(struct
+ WLAN_REASON_DEAUTH_LEAVING,
+ false);
+ return err;
++ case CFG80211_CONN_ASSOC_FAILED:
++ cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
++ NULL, 0,
++ WLAN_REASON_DEAUTH_LEAVING, false);
++ return -ENOTCONN;
+ case CFG80211_CONN_DEAUTH:
+ cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
+ NULL, 0,
+ WLAN_REASON_DEAUTH_LEAVING, false);
++ /* free directly, disconnected event already sent */
++ cfg80211_sme_free(wdev);
+ return 0;
+ default:
+ return 0;
+@@ -371,7 +382,7 @@ bool cfg80211_sme_rx_assoc_resp(struct w
+ return true;
+ }
+
+- wdev->conn->state = CFG80211_CONN_DEAUTH;
++ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
+ schedule_work(&rdev->conn_work);
+ return false;
+ }
+@@ -383,7 +394,13 @@ void cfg80211_sme_deauth(struct wireless
+
+ void cfg80211_sme_auth_timeout(struct wireless_dev *wdev)
+ {
+- cfg80211_sme_free(wdev);
++ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
++
++ if (!wdev->conn)
++ return;
++
++ wdev->conn->state = CFG80211_CONN_AUTH_FAILED;
++ schedule_work(&rdev->conn_work);
+ }
+
+ void cfg80211_sme_disassoc(struct wireless_dev *wdev)
+@@ -399,7 +416,13 @@ void cfg80211_sme_disassoc(struct wirele
+
+ void cfg80211_sme_assoc_timeout(struct wireless_dev *wdev)
+ {
+- cfg80211_sme_disassoc(wdev);
++ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
++
++ if (!wdev->conn)
++ return;
++
++ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
++ schedule_work(&rdev->conn_work);
+ }
+
+ static int cfg80211_sme_connect(struct wireless_dev *wdev,
+@@ -953,21 +976,19 @@ int cfg80211_disconnect(struct cfg80211_
+ struct net_device *dev, u16 reason, bool wextev)
+ {
+ struct wireless_dev *wdev = dev->ieee80211_ptr;
+- int err;
++ int err = 0;
+
+ ASSERT_WDEV_LOCK(wdev);
+
+ kfree(wdev->connect_keys);
+ wdev->connect_keys = NULL;
+
+- if (wdev->conn) {
++ if (wdev->conn)
+ err = cfg80211_sme_disconnect(wdev, reason);
+- } else if (!rdev->ops->disconnect) {
++ else if (!rdev->ops->disconnect)
+ cfg80211_mlme_down(rdev, dev);
+- err = 0;
+- } else {
++ else if (wdev->current_bss)
+ err = rdev_disconnect(rdev, dev, reason);
+- }
+
+ return err;
+ }
+--- a/net/mac80211/rc80211_minstrel.c
++++ b/net/mac80211/rc80211_minstrel.c
+@@ -203,6 +203,15 @@ minstrel_update_stats(struct minstrel_pr
+ memcpy(mi->max_tp_rate, tmp_tp_rate, sizeof(mi->max_tp_rate));
+ mi->max_prob_rate = tmp_prob_rate;
+
++#ifdef CPTCFG_MAC80211_DEBUGFS
++ /* use fixed index if set */
++ if (mp->fixed_rate_idx != -1) {
++ mi->max_tp_rate[0] = mp->fixed_rate_idx;
++ mi->max_tp_rate[1] = mp->fixed_rate_idx;
++ mi->max_prob_rate = mp->fixed_rate_idx;
++ }
++#endif
++
+ /* Reset update timer */
+ mi->stats_update = jiffies;
+
+@@ -290,7 +299,7 @@ minstrel_get_rate(void *priv, struct iee
+ struct minstrel_rate *msr, *mr;
+ unsigned int ndx;
+ bool mrr_capable;
+- bool prev_sample = mi->prev_sample;
++ bool prev_sample;
+ int delta;
+ int sampling_ratio;
+
+@@ -310,10 +319,16 @@ minstrel_get_rate(void *priv, struct iee
+ /* increase sum packet counter */
+ mi->packet_count++;
+
++#ifdef CPTCFG_MAC80211_DEBUGFS
++ if (mp->fixed_rate_idx != -1)
++ return;
++#endif
++
+ delta = (mi->packet_count * sampling_ratio / 100) -
+ (mi->sample_count + mi->sample_deferred / 2);
+
+ /* delta < 0: no sampling required */
++ prev_sample = mi->prev_sample;
+ mi->prev_sample = false;
+ if (delta < 0 || (!mrr_capable && prev_sample))
+ return;
+--- a/drivers/net/wireless/rt2x00/rt2x00queue.c
++++ b/drivers/net/wireless/rt2x00/rt2x00queue.c
+@@ -936,13 +936,8 @@ void rt2x00queue_index_inc(struct queue_
+ spin_unlock_irqrestore(&queue->index_lock, irqflags);
+ }
+
+-void rt2x00queue_pause_queue(struct data_queue *queue)
++void rt2x00queue_pause_queue_nocheck(struct data_queue *queue)
+ {
+- if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
+- !test_bit(QUEUE_STARTED, &queue->flags) ||
+- test_and_set_bit(QUEUE_PAUSED, &queue->flags))
+- return;
+-
+ switch (queue->qid) {
+ case QID_AC_VO:
+ case QID_AC_VI:
+@@ -958,6 +953,15 @@ void rt2x00queue_pause_queue(struct data
+ break;
+ }
+ }
++void rt2x00queue_pause_queue(struct data_queue *queue)
++{
++ if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
++ !test_bit(QUEUE_STARTED, &queue->flags) ||
++ test_and_set_bit(QUEUE_PAUSED, &queue->flags))
++ return;
++
++ rt2x00queue_pause_queue_nocheck(queue);
++}
+ EXPORT_SYMBOL_GPL(rt2x00queue_pause_queue);
+
+ void rt2x00queue_unpause_queue(struct data_queue *queue)
+@@ -1019,7 +1023,7 @@ void rt2x00queue_stop_queue(struct data_
+ return;
+ }
+
+- rt2x00queue_pause_queue(queue);
++ rt2x00queue_pause_queue_nocheck(queue);
+
+ queue->rt2x00dev->ops->lib->stop_queue(queue);
+
+--- a/net/mac80211/mlme.c
++++ b/net/mac80211/mlme.c
+@@ -31,10 +31,12 @@
+ #include "led.h"
+
+ #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
++#define IEEE80211_AUTH_TIMEOUT_LONG (HZ / 2)
+ #define IEEE80211_AUTH_TIMEOUT_SHORT (HZ / 10)
+ #define IEEE80211_AUTH_MAX_TRIES 3
+ #define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5)
+ #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
++#define IEEE80211_ASSOC_TIMEOUT_LONG (HZ / 2)
+ #define IEEE80211_ASSOC_TIMEOUT_SHORT (HZ / 10)
+ #define IEEE80211_ASSOC_MAX_TRIES 3
+
+@@ -209,8 +211,9 @@ ieee80211_determine_chantype(struct ieee
+ struct ieee80211_channel *channel,
+ const struct ieee80211_ht_operation *ht_oper,
+ const struct ieee80211_vht_operation *vht_oper,
+- struct cfg80211_chan_def *chandef, bool verbose)
++ struct cfg80211_chan_def *chandef, bool tracking)
+ {
++ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ struct cfg80211_chan_def vht_chandef;
+ u32 ht_cfreq, ret;
+
+@@ -229,7 +232,7 @@ ieee80211_determine_chantype(struct ieee
+ ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan,
+ channel->band);
+ /* check that channel matches the right operating channel */
+- if (channel->center_freq != ht_cfreq) {
++ if (!tracking && channel->center_freq != ht_cfreq) {
+ /*
+ * It's possible that some APs are confused here;
+ * Netgear WNDR3700 sometimes reports 4 higher than
+@@ -237,11 +240,10 @@ ieee80211_determine_chantype(struct ieee
+ * since we look at probe response/beacon data here
+ * it should be OK.
+ */
+- if (verbose)
+- sdata_info(sdata,
+- "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
+- channel->center_freq, ht_cfreq,
+- ht_oper->primary_chan, channel->band);
++ sdata_info(sdata,
++ "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
++ channel->center_freq, ht_cfreq,
++ ht_oper->primary_chan, channel->band);
+ ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
+ goto out;
+ }
+@@ -295,7 +297,7 @@ ieee80211_determine_chantype(struct ieee
+ channel->band);
+ break;
+ default:
+- if (verbose)
++ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
+ sdata_info(sdata,
+ "AP VHT operation IE has invalid channel width (%d), disable VHT\n",
+ vht_oper->chan_width);
+@@ -304,7 +306,7 @@ ieee80211_determine_chantype(struct ieee
+ }
+
+ if (!cfg80211_chandef_valid(&vht_chandef)) {
+- if (verbose)
++ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
+ sdata_info(sdata,
+ "AP VHT information is invalid, disable VHT\n");
+ ret = IEEE80211_STA_DISABLE_VHT;
+@@ -317,7 +319,7 @@ ieee80211_determine_chantype(struct ieee
+ }
+
+ if (!cfg80211_chandef_compatible(chandef, &vht_chandef)) {
+- if (verbose)
++ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
+ sdata_info(sdata,
+ "AP VHT information doesn't match HT, disable VHT\n");
+ ret = IEEE80211_STA_DISABLE_VHT;
+@@ -333,18 +335,27 @@ out:
+ if (ret & IEEE80211_STA_DISABLE_VHT)
+ vht_chandef = *chandef;
+
++ /*
++ * Ignore the DISABLED flag when we're already connected and only
++ * tracking the APs beacon for bandwidth changes - otherwise we
++ * might get disconnected here if we connect to an AP, update our
++ * regulatory information based on the AP's country IE and the
++ * information we have is wrong/outdated and disables the channel
++ * that we're actually using for the connection to the AP.
++ */
+ while (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
+- IEEE80211_CHAN_DISABLED)) {
++ tracking ? 0 :
++ IEEE80211_CHAN_DISABLED)) {
+ if (WARN_ON(chandef->width == NL80211_CHAN_WIDTH_20_NOHT)) {
+ ret = IEEE80211_STA_DISABLE_HT |
+ IEEE80211_STA_DISABLE_VHT;
+- goto out;
++ break;
+ }
+
+ ret |= chandef_downgrade(chandef);
+ }
+
+- if (chandef->width != vht_chandef.width && verbose)
++ if (chandef->width != vht_chandef.width && !tracking)
+ sdata_info(sdata,
+ "capabilities/regulatory prevented using AP HT/VHT configuration, downgraded\n");
+
+@@ -384,7 +395,7 @@ static int ieee80211_config_bw(struct ie
+
+ /* calculate new channel (type) based on HT/VHT operation IEs */
+ flags = ieee80211_determine_chantype(sdata, sband, chan, ht_oper,
+- vht_oper, &chandef, false);
++ vht_oper, &chandef, true);
+
+ /*
+ * Downgrade the new channel if we associated with restricted
+@@ -1043,6 +1054,13 @@ ieee80211_sta_process_chanswitch(struct
+ if (!ieee80211_operating_class_to_band(
+ elems->ext_chansw_ie->new_operating_class,
+ &new_band)) {
++ /*
++ * Some APs send invalid ECSA IEs in probe response
++ * frames, so check for these and ignore them.
++ */
++ if (beacon && elems->ext_chansw_ie->new_ch_num == 0 &&
++ elems->ext_chansw_ie->new_operating_class == 0)
++ return;
+ sdata_info(sdata,
+ "cannot understand ECSA IE operating class %d, disconnecting\n",
+ elems->ext_chansw_ie->new_operating_class);
+@@ -1110,6 +1128,15 @@ ieee80211_sta_process_chanswitch(struct
+ case -1:
+ cfg80211_chandef_create(&new_chandef, new_chan,
+ NL80211_CHAN_NO_HT);
++ /* keep width for 5/10 MHz channels */
++ switch (sdata->vif.bss_conf.chandef.width) {
++ case NL80211_CHAN_WIDTH_5:
++ case NL80211_CHAN_WIDTH_10:
++ new_chandef.width = sdata->vif.bss_conf.chandef.width;
++ break;
++ default:
++ break;
++ }
+ break;
+ }
+
+@@ -3394,10 +3421,13 @@ static int ieee80211_probe_auth(struct i
+
+ if (tx_flags == 0) {
+ auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
+- ifmgd->auth_data->timeout_started = true;
++ auth_data->timeout_started = true;
+ run_again(sdata, auth_data->timeout);
+ } else {
+- auth_data->timeout_started = false;
++ auth_data->timeout =
++ round_jiffies_up(jiffies + IEEE80211_AUTH_TIMEOUT_LONG);
++ auth_data->timeout_started = true;
++ run_again(sdata, auth_data->timeout);
+ }
+
+ return 0;
+@@ -3434,7 +3464,11 @@ static int ieee80211_do_assoc(struct iee
+ assoc_data->timeout_started = true;
+ run_again(sdata, assoc_data->timeout);
+ } else {
+- assoc_data->timeout_started = false;
++ assoc_data->timeout =
++ round_jiffies_up(jiffies +
++ IEEE80211_ASSOC_TIMEOUT_LONG);
++ assoc_data->timeout_started = true;
++ run_again(sdata, assoc_data->timeout);
+ }
+
+ return 0;
+@@ -3829,7 +3863,7 @@ static int ieee80211_prep_channel(struct
+ ifmgd->flags |= ieee80211_determine_chantype(sdata, sband,
+ cbss->channel,
+ ht_oper, vht_oper,
+- &chandef, true);
++ &chandef, false);
+
+ sdata->needed_rx_chains = min(ieee80211_ht_vht_rx_chains(sdata, cbss),
+ local->rx_chains);
+--- a/net/wireless/core.c
++++ b/net/wireless/core.c
+@@ -772,6 +772,7 @@ void cfg80211_leave(struct cfg80211_regi
+ cfg80211_leave_mesh(rdev, dev);
+ break;
+ case NL80211_IFTYPE_AP:
++ case NL80211_IFTYPE_P2P_GO:
+ cfg80211_stop_ap(rdev, dev);
+ break;
+ default:
+--- a/drivers/net/wireless/rtlwifi/Kconfig
++++ b/drivers/net/wireless/rtlwifi/Kconfig
+@@ -1,29 +1,22 @@
+-config RTLWIFI
+- tristate "Realtek wireless card support"
++menuconfig RTL_CARDS
++ tristate "Realtek rtlwifi family of devices"
+ depends on m
+- depends on MAC80211
+- select BACKPORT_FW_LOADER
+- ---help---
+- This is common code for RTL8192CE/RTL8192CU/RTL8192SE/RTL8723AE
+- drivers. This module does nothing by itself - the various front-end
+- drivers need to be enabled to support any desired devices.
+-
+- If you choose to build as a module, it'll be called rtlwifi.
+-
+-config RTLWIFI_DEBUG
+- bool "Debugging output for rtlwifi driver family"
+- depends on RTLWIFI
++ depends on MAC80211 && (PCI || USB)
+ default y
+ ---help---
+- To use the module option that sets the dynamic-debugging level for,
+- the front-end driver, this parameter must be "Y". For memory-limited
+- systems, choose "N". If in doubt, choose "Y".
++ This option will enable support for the Realtek mac80211-based
++ wireless drivers. Drivers rtl8192ce, rtl8192cu, rtl8192se, rtl8192de,
++ rtl8723eu, and rtl8188eu share some common code.
++
++if RTL_CARDS
+
+ config RTL8192CE
+ tristate "Realtek RTL8192CE/RTL8188CE Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
+ select RTL8192C_COMMON
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8192CE/RTL8188CE 802.11n PCIe
+ wireless network adapters.
+@@ -33,7 +26,9 @@ config RTL8192CE
+ config RTL8192SE
+ tristate "Realtek RTL8192SE/RTL8191SE PCIe Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8192SE/RTL8191SE 802.11n PCIe
+ wireless network adapters.
+@@ -43,7 +38,9 @@ config RTL8192SE
+ config RTL8192DE
+ tristate "Realtek RTL8192DE/RTL8188DE PCIe Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8192DE/RTL8188DE 802.11n PCIe
+ wireless network adapters.
+@@ -53,7 +50,9 @@ config RTL8192DE
+ config RTL8723AE
+ tristate "Realtek RTL8723AE PCIe Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8723AE 802.11n PCIe
+ wireless network adapters.
+@@ -63,7 +62,9 @@ config RTL8723AE
+ config RTL8188EE
+ tristate "Realtek RTL8188EE Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8188EE 802.11n PCIe
+ wireless network adapters.
+@@ -73,7 +74,9 @@ config RTL8188EE
+ config RTL8192CU
+ tristate "Realtek RTL8192CU/RTL8188CU USB Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && USB
++ depends on USB
++ select RTLWIFI
++ select RTLWIFI_USB
+ select RTL8192C_COMMON
+ ---help---
+ This is the driver for Realtek RTL8192CU/RTL8188CU 802.11n USB
+@@ -81,8 +84,32 @@ config RTL8192CU
+
+ If you choose to build it as a module, it will be called rtl8192cu
+
++config RTLWIFI
++ tristate
++ depends on m
++ select BACKPORT_FW_LOADER
++
++config RTLWIFI_PCI
++ tristate
++ depends on m
++
++config RTLWIFI_USB
++ tristate
++ depends on m
++
++config RTLWIFI_DEBUG
++ bool "Debugging output for rtlwifi driver family"
++ depends on RTLWIFI
++ default y
++ ---help---
++ To use the module option that sets the dynamic-debugging level for,
++ the front-end driver, this parameter must be "Y". For memory-limited
++ systems, choose "N". If in doubt, choose "Y".
++
+ config RTL8192C_COMMON
+ tristate
+ depends on m
+ depends on RTL8192CE || RTL8192CU
+- default m
++ default y
++
++endif
+--- a/drivers/net/wireless/rtlwifi/Makefile
++++ b/drivers/net/wireless/rtlwifi/Makefile
+@@ -12,13 +12,11 @@ rtlwifi-objs := \
+
+ rtl8192c_common-objs += \
+
+-ifneq ($(CONFIG_PCI),)
+-rtlwifi-objs += pci.o
+-endif
++obj-$(CPTCFG_RTLWIFI_PCI) += rtl_pci.o
++rtl_pci-objs := pci.o
+
+-ifneq ($(CONFIG_USB),)
+-rtlwifi-objs += usb.o
+-endif
++obj-$(CPTCFG_RTLWIFI_USB) += rtl_usb.o
++rtl_usb-objs := usb.o
+
+ obj-$(CPTCFG_RTL8192C_COMMON) += rtl8192c/
+ obj-$(CPTCFG_RTL8192CE) += rtl8192ce/
+--- a/drivers/net/wireless/rtlwifi/ps.h
++++ b/drivers/net/wireless/rtlwifi/ps.h
+@@ -49,5 +49,6 @@ void rtl_swlps_rf_awake(struct ieee80211
+ void rtl_swlps_rf_sleep(struct ieee80211_hw *hw);
+ void rtl_p2p_ps_cmd(struct ieee80211_hw *hw, u8 p2p_ps_state);
+ void rtl_p2p_info(struct ieee80211_hw *hw, void *data, unsigned int len);
++void rtl_lps_change_work_callback(struct work_struct *work);
+
+ #endif
+--- a/drivers/net/wireless/rtlwifi/base.c
++++ b/drivers/net/wireless/rtlwifi/base.c
+@@ -173,6 +173,7 @@ u8 rtl_tid_to_ac(u8 tid)
+ {
+ return tid_to_ac[tid];
+ }
++EXPORT_SYMBOL_GPL(rtl_tid_to_ac);
+
+ static void _rtl_init_hw_ht_capab(struct ieee80211_hw *hw,
+ struct ieee80211_sta_ht_cap *ht_cap)
+@@ -407,6 +408,7 @@ void rtl_deinit_deferred_work(struct iee
+ cancel_delayed_work(&rtlpriv->works.ps_rfon_wq);
+ cancel_delayed_work(&rtlpriv->works.fwevt_wq);
+ }
++EXPORT_SYMBOL_GPL(rtl_deinit_deferred_work);
+
+ void rtl_init_rfkill(struct ieee80211_hw *hw)
+ {
+@@ -440,6 +442,7 @@ void rtl_deinit_rfkill(struct ieee80211_
+ {
+ wiphy_rfkill_stop_polling(hw->wiphy);
+ }
++EXPORT_SYMBOL_GPL(rtl_deinit_rfkill);
+
+ int rtl_init_core(struct ieee80211_hw *hw)
+ {
+@@ -490,10 +493,12 @@ int rtl_init_core(struct ieee80211_hw *h
+
+ return 0;
+ }
++EXPORT_SYMBOL_GPL(rtl_init_core);
+
+ void rtl_deinit_core(struct ieee80211_hw *hw)
+ {
+ }
++EXPORT_SYMBOL_GPL(rtl_deinit_core);
+
+ void rtl_init_rx_config(struct ieee80211_hw *hw)
+ {
+@@ -502,6 +507,7 @@ void rtl_init_rx_config(struct ieee80211
+
+ rtlpriv->cfg->ops->get_hw_reg(hw, HW_VAR_RCR, (u8 *) (&mac->rx_conf));
+ }
++EXPORT_SYMBOL_GPL(rtl_init_rx_config);
+
+ /*********************************************************
+ *
+@@ -880,6 +886,7 @@ bool rtl_tx_mgmt_proc(struct ieee80211_h
+
+ return true;
+ }
++EXPORT_SYMBOL_GPL(rtl_tx_mgmt_proc);
+
+ void rtl_get_tcb_desc(struct ieee80211_hw *hw,
+ struct ieee80211_tx_info *info,
+@@ -1053,6 +1060,7 @@ bool rtl_action_proc(struct ieee80211_hw
+
+ return true;
+ }
++EXPORT_SYMBOL_GPL(rtl_action_proc);
+
+ /*should call before software enc*/
+ u8 rtl_is_special_data(struct ieee80211_hw *hw, struct sk_buff *skb, u8 is_tx)
+@@ -1126,6 +1134,7 @@ u8 rtl_is_special_data(struct ieee80211_
+
+ return false;
+ }
++EXPORT_SYMBOL_GPL(rtl_is_special_data);
+
+ /*********************************************************
+ *
+@@ -1301,6 +1310,7 @@ void rtl_beacon_statistic(struct ieee802
+
+ rtlpriv->link_info.bcn_rx_inperiod++;
+ }
++EXPORT_SYMBOL_GPL(rtl_beacon_statistic);
+
+ void rtl_watchdog_wq_callback(void *data)
+ {
+@@ -1794,6 +1804,7 @@ void rtl_recognize_peer(struct ieee80211
+
+ mac->vendor = vendor;
+ }
++EXPORT_SYMBOL_GPL(rtl_recognize_peer);
+
+ /*********************************************************
+ *
+@@ -1850,6 +1861,7 @@ struct attribute_group rtl_attribute_gro
+ .name = "rtlsysfs",
+ .attrs = rtl_sysfs_entries,
+ };
++EXPORT_SYMBOL_GPL(rtl_attribute_group);
+
+ MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
+ MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
+@@ -1857,7 +1869,8 @@ MODULE_AUTHOR("Larry Finger <Larry.FInge
+ MODULE_LICENSE("GPL");
+ MODULE_DESCRIPTION("Realtek 802.11n PCI wireless core");
+
+-struct rtl_global_var global_var = {};
++struct rtl_global_var rtl_global_var = {};
++EXPORT_SYMBOL_GPL(rtl_global_var);
+
+ static int __init rtl_core_module_init(void)
+ {
+@@ -1865,8 +1878,8 @@ static int __init rtl_core_module_init(v
+ pr_err("Unable to register rtl_rc, use default RC !!\n");
+
+ /* init some global vars */
+- INIT_LIST_HEAD(&global_var.glb_priv_list);
+- spin_lock_init(&global_var.glb_list_lock);
++ INIT_LIST_HEAD(&rtl_global_var.glb_priv_list);
++ spin_lock_init(&rtl_global_var.glb_list_lock);
+
+ return 0;
+ }
+--- a/drivers/net/wireless/rtlwifi/base.h
++++ b/drivers/net/wireless/rtlwifi/base.h
+@@ -147,7 +147,7 @@ void rtl_recognize_peer(struct ieee80211
+ u8 rtl_tid_to_ac(u8 tid);
+ extern struct attribute_group rtl_attribute_group;
+ void rtl_easy_concurrent_retrytimer_callback(unsigned long data);
+-extern struct rtl_global_var global_var;
++extern struct rtl_global_var rtl_global_var;
+ int rtlwifi_rate_mapping(struct ieee80211_hw *hw,
+ bool isht, u8 desc_rate, bool first_ampdu);
+ bool rtl_tx_mgmt_proc(struct ieee80211_hw *hw, struct sk_buff *skb);
+--- a/drivers/net/wireless/rtlwifi/core.c
++++ b/drivers/net/wireless/rtlwifi/core.c
+@@ -1330,3 +1330,4 @@ const struct ieee80211_ops rtl_ops = {
+ .rfkill_poll = rtl_op_rfkill_poll,
+ .flush = rtl_op_flush,
+ };
++EXPORT_SYMBOL_GPL(rtl_ops);
+--- a/drivers/net/wireless/rtlwifi/debug.c
++++ b/drivers/net/wireless/rtlwifi/debug.c
+@@ -51,3 +51,4 @@ void rtl_dbgp_flag_init(struct ieee80211
+
+ /*Init Debug flag enable condition */
+ }
++EXPORT_SYMBOL_GPL(rtl_dbgp_flag_init);
+--- a/drivers/net/wireless/rtlwifi/efuse.c
++++ b/drivers/net/wireless/rtlwifi/efuse.c
+@@ -229,6 +229,7 @@ void read_efuse_byte(struct ieee80211_hw
+
+ *pbuf = (u8) (value32 & 0xff);
+ }
++EXPORT_SYMBOL_GPL(read_efuse_byte);
+
+ void read_efuse(struct ieee80211_hw *hw, u16 _offset, u16 _size_byte, u8 *pbuf)
+ {
+--- a/drivers/net/wireless/rtlwifi/pci.c
++++ b/drivers/net/wireless/rtlwifi/pci.c
+@@ -35,6 +35,13 @@
+ #include "efuse.h"
+ #include <linux/export.h>
+ #include <linux/kmemleak.h>
++#include <linux/module.h>
++
++MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
++MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
++MODULE_AUTHOR("Larry Finger <Larry.FInger@lwfinger.net>");
++MODULE_LICENSE("GPL");
++MODULE_DESCRIPTION("PCI basic driver for rtlwifi");
+
+ static const u16 pcibridge_vendors[PCI_BRIDGE_VENDOR_MAX] = {
+ PCI_VENDOR_ID_INTEL,
+@@ -1008,19 +1015,6 @@ static void _rtl_pci_prepare_bcn_tasklet
+ return;
+ }
+
+-static void rtl_lps_change_work_callback(struct work_struct *work)
+-{
+- struct rtl_works *rtlworks =
+- container_of(work, struct rtl_works, lps_change_work);
+- struct ieee80211_hw *hw = rtlworks->hw;
+- struct rtl_priv *rtlpriv = rtl_priv(hw);
+-
+- if (rtlpriv->enter_ps)
+- rtl_lps_enter(hw);
+- else
+- rtl_lps_leave(hw);
+-}
+-
+ static void _rtl_pci_init_trx_var(struct ieee80211_hw *hw)
+ {
+ struct rtl_pci *rtlpci = rtl_pcidev(rtl_pcipriv(hw));
+@@ -1899,7 +1893,7 @@ int rtl_pci_probe(struct pci_dev *pdev,
+ rtlpriv->rtlhal.interface = INTF_PCI;
+ rtlpriv->cfg = (struct rtl_hal_cfg *)(id->driver_data);
+ rtlpriv->intf_ops = &rtl_pci_ops;
+- rtlpriv->glb_var = &global_var;
++ rtlpriv->glb_var = &rtl_global_var;
+
+ /*
+ *init dbgp flags before all
+--- a/drivers/net/wireless/rtlwifi/ps.c
++++ b/drivers/net/wireless/rtlwifi/ps.c
+@@ -269,6 +269,7 @@ void rtl_ips_nic_on(struct ieee80211_hw
+
+ spin_unlock_irqrestore(&rtlpriv->locks.ips_lock, flags);
+ }
++EXPORT_SYMBOL_GPL(rtl_ips_nic_on);
+
+ /*for FW LPS*/
+
+@@ -518,6 +519,7 @@ void rtl_swlps_beacon(struct ieee80211_h
+ "u_bufferd: %x, m_buffered: %x\n", u_buffed, m_buffed);
+ }
+ }
++EXPORT_SYMBOL_GPL(rtl_swlps_beacon);
+
+ void rtl_swlps_rf_awake(struct ieee80211_hw *hw)
+ {
+@@ -611,6 +613,19 @@ void rtl_swlps_rf_sleep(struct ieee80211
+ MSECS(sleep_intv * mac->vif->bss_conf.beacon_int - 40));
+ }
+
++void rtl_lps_change_work_callback(struct work_struct *work)
++{
++ struct rtl_works *rtlworks =
++ container_of(work, struct rtl_works, lps_change_work);
++ struct ieee80211_hw *hw = rtlworks->hw;
++ struct rtl_priv *rtlpriv = rtl_priv(hw);
++
++ if (rtlpriv->enter_ps)
++ rtl_lps_enter(hw);
++ else
++ rtl_lps_leave(hw);
++}
++EXPORT_SYMBOL_GPL(rtl_lps_change_work_callback);
+
+ void rtl_swlps_wq_callback(void *data)
+ {
+@@ -922,3 +937,4 @@ void rtl_p2p_info(struct ieee80211_hw *h
+ else
+ rtl_p2p_noa_ie(hw, data, len - FCS_LEN);
+ }
++EXPORT_SYMBOL_GPL(rtl_p2p_info);
+--- a/drivers/net/wireless/rtlwifi/usb.c
++++ b/drivers/net/wireless/rtlwifi/usb.c
+@@ -32,6 +32,13 @@
+ #include "ps.h"
+ #include "rtl8192c/fw_common.h"
+ #include <linux/export.h>
++#include <linux/module.h>
++
++MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
++MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
++MODULE_AUTHOR("Larry Finger <Larry.FInger@lwfinger.net>");
++MODULE_LICENSE("GPL");
++MODULE_DESCRIPTION("USB basic driver for rtlwifi");
+
+ #define REALTEK_USB_VENQT_READ 0xC0
+ #define REALTEK_USB_VENQT_WRITE 0x40
+@@ -1070,6 +1077,8 @@ int rtl_usb_probe(struct usb_interface *
+ spin_lock_init(&rtlpriv->locks.usb_lock);
+ INIT_WORK(&rtlpriv->works.fill_h2c_cmd,
+ rtl_fill_h2c_cmd_work_callback);
++ INIT_WORK(&rtlpriv->works.lps_change_work,
++ rtl_lps_change_work_callback);
+
+ rtlpriv->usb_data_index = 0;
+ init_completion(&rtlpriv->firmware_loading_complete);
+--- a/drivers/net/wireless/ath/ath9k/ath9k.h
++++ b/drivers/net/wireless/ath/ath9k/ath9k.h
+@@ -64,7 +64,6 @@ struct ath_node;
+
+ struct ath_config {
+ u16 txpowlimit;
+- u8 cabqReadytime;
+ };
+
+ /*************************/
+@@ -72,17 +71,12 @@ struct ath_config {
+ /*************************/
+
+ #define ATH_TXBUF_RESET(_bf) do { \
+- (_bf)->bf_stale = false; \
+ (_bf)->bf_lastbf = NULL; \
+ (_bf)->bf_next = NULL; \
+ memset(&((_bf)->bf_state), 0, \
+ sizeof(struct ath_buf_state)); \
+ } while (0)
+
+-#define ATH_RXBUF_RESET(_bf) do { \
+- (_bf)->bf_stale = false; \
+- } while (0)
+-
+ /**
+ * enum buffer_type - Buffer type flags
+ *
+@@ -137,7 +131,8 @@ int ath_descdma_setup(struct ath_softc *
+ #define ATH_AGGR_ENCRYPTDELIM 10
+ /* minimum h/w qdepth to be sustained to maximize aggregation */
+ #define ATH_AGGR_MIN_QDEPTH 2
+-#define ATH_AMPDU_SUBFRAME_DEFAULT 32
++/* minimum h/w qdepth for non-aggregated traffic */
++#define ATH_NON_AGGR_MIN_QDEPTH 8
+
+ #define IEEE80211_SEQ_SEQ_SHIFT 4
+ #define IEEE80211_SEQ_MAX 4096
+@@ -174,12 +169,6 @@ int ath_descdma_setup(struct ath_softc *
+
+ #define ATH_TX_COMPLETE_POLL_INT 1000
+
+-enum ATH_AGGR_STATUS {
+- ATH_AGGR_DONE,
+- ATH_AGGR_BAW_CLOSED,
+- ATH_AGGR_LIMITED,
+-};
+-
+ #define ATH_TXFIFO_DEPTH 8
+ struct ath_txq {
+ int mac80211_qnum; /* mac80211 queue number, -1 means not mac80211 Q */
+@@ -201,10 +190,10 @@ struct ath_txq {
+
+ struct ath_atx_ac {
+ struct ath_txq *txq;
+- int sched;
+ struct list_head list;
+ struct list_head tid_q;
+ bool clear_ps_filter;
++ bool sched;
+ };
+
+ struct ath_frame_info {
+@@ -212,14 +201,24 @@ struct ath_frame_info {
+ int framelen;
+ enum ath9k_key_type keytype;
+ u8 keyix;
+- u8 retries;
+ u8 rtscts_rate;
++ u8 retries : 7;
++ u8 baw_tracked : 1;
++};
++
++struct ath_rxbuf {
++ struct list_head list;
++ struct sk_buff *bf_mpdu;
++ void *bf_desc;
++ dma_addr_t bf_daddr;
++ dma_addr_t bf_buf_addr;
+ };
+
+ struct ath_buf_state {
+ u8 bf_type;
+ u8 bfs_paprd;
+ u8 ndelim;
++ bool stale;
+ u16 seqno;
+ unsigned long bfs_paprd_timestamp;
+ };
+@@ -233,7 +232,6 @@ struct ath_buf {
+ void *bf_desc; /* virtual addr of desc */
+ dma_addr_t bf_daddr; /* physical addr of desc */
+ dma_addr_t bf_buf_addr; /* physical addr of data buffer, for DMA */
+- bool bf_stale;
+ struct ieee80211_tx_rate rates[4];
+ struct ath_buf_state bf_state;
+ };
+@@ -241,16 +239,18 @@ struct ath_buf {
+ struct ath_atx_tid {
+ struct list_head list;
+ struct sk_buff_head buf_q;
++ struct sk_buff_head retry_q;
+ struct ath_node *an;
+ struct ath_atx_ac *ac;
+ unsigned long tx_buf[BITS_TO_LONGS(ATH_TID_MAX_BUFS)];
+- int bar_index;
+ u16 seq_start;
+ u16 seq_next;
+ u16 baw_size;
+- int tidno;
++ u8 tidno;
+ int baw_head; /* first un-acked tx buffer */
+ int baw_tail; /* next unused tx buffer slot */
++
++ s8 bar_index;
+ bool sched;
+ bool paused;
+ bool active;
+@@ -262,12 +262,13 @@ struct ath_node {
+ struct ieee80211_vif *vif; /* interface with which we're associated */
+ struct ath_atx_tid tid[IEEE80211_NUM_TIDS];
+ struct ath_atx_ac ac[IEEE80211_NUM_ACS];
+- int ps_key;
+
+ u16 maxampdu;
+ u8 mpdudensity;
++ s8 ps_key;
+
+ bool sleeping;
++ bool no_ps_filter;
+
+ #if defined(CPTCFG_MAC80211_DEBUGFS) && defined(CPTCFG_ATH9K_DEBUGFS)
+ struct dentry *node_stat;
+@@ -317,6 +318,7 @@ struct ath_rx {
+ struct ath_descdma rxdma;
+ struct ath_rx_edma rx_edma[ATH9K_RX_QUEUE_MAX];
+
++ struct ath_rxbuf *buf_hold;
+ struct sk_buff *frag;
+
+ u32 ampdu_ref;
+@@ -367,6 +369,7 @@ void ath9k_release_buffered_frames(struc
+ /********/
+
+ struct ath_vif {
++ struct ath_node mcast_node;
+ int av_bslot;
+ bool primary_sta_vif;
+ __le64 tsf_adjust; /* TSF adjustment for staggered beacons */
+@@ -585,19 +588,14 @@ static inline void ath_fill_led_pin(stru
+ #define ATH_ANT_DIV_COMB_MAX_COUNT 100
+ #define ATH_ANT_DIV_COMB_ALT_ANT_RATIO 30
+ #define ATH_ANT_DIV_COMB_ALT_ANT_RATIO2 20
++#define ATH_ANT_DIV_COMB_ALT_ANT_RATIO_LOW_RSSI 50
++#define ATH_ANT_DIV_COMB_ALT_ANT_RATIO2_LOW_RSSI 50
+
+ #define ATH_ANT_DIV_COMB_LNA1_LNA2_SWITCH_DELTA -1
+ #define ATH_ANT_DIV_COMB_LNA1_DELTA_HI -4
+ #define ATH_ANT_DIV_COMB_LNA1_DELTA_MID -2
+ #define ATH_ANT_DIV_COMB_LNA1_DELTA_LOW 2
+
+-enum ath9k_ant_div_comb_lna_conf {
+- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2,
+- ATH_ANT_DIV_COMB_LNA2,
+- ATH_ANT_DIV_COMB_LNA1,
+- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2,
+-};
+-
+ struct ath_ant_comb {
+ u16 count;
+ u16 total_pkt_count;
+@@ -614,27 +612,36 @@ struct ath_ant_comb {
+ int rssi_first;
+ int rssi_second;
+ int rssi_third;
++ int ant_ratio;
++ int ant_ratio2;
+ bool alt_good;
+ int quick_scan_cnt;
+- int main_conf;
++ enum ath9k_ant_div_comb_lna_conf main_conf;
+ enum ath9k_ant_div_comb_lna_conf first_quick_scan_conf;
+ enum ath9k_ant_div_comb_lna_conf second_quick_scan_conf;
+ bool first_ratio;
+ bool second_ratio;
+ unsigned long scan_start_time;
++
++ /*
++ * Card-specific config values.
++ */
++ int low_rssi_thresh;
++ int fast_div_bias;
+ };
+
+ void ath_ant_comb_scan(struct ath_softc *sc, struct ath_rx_status *rs);
+-void ath_ant_comb_update(struct ath_softc *sc);
+
+ /********************/
+ /* Main driver core */
+ /********************/
+
+-#define ATH9K_PCI_CUS198 0x0001
+-#define ATH9K_PCI_CUS230 0x0002
+-#define ATH9K_PCI_CUS217 0x0004
+-#define ATH9K_PCI_WOW 0x0008
++#define ATH9K_PCI_CUS198 0x0001
++#define ATH9K_PCI_CUS230 0x0002
++#define ATH9K_PCI_CUS217 0x0004
++#define ATH9K_PCI_WOW 0x0008
++#define ATH9K_PCI_BT_ANT_DIV 0x0010
++#define ATH9K_PCI_D3_L1_WAR 0x0020
+
+ /*
+ * Default cache line size, in bytes.
+@@ -926,7 +933,6 @@ void ath9k_deinit_device(struct ath_soft
+ void ath9k_set_hw_capab(struct ath_softc *sc, struct ieee80211_hw *hw);
+ void ath9k_reload_chainmask_settings(struct ath_softc *sc);
+
+-bool ath9k_uses_beacons(int type);
+ void ath9k_spectral_scan_trigger(struct ieee80211_hw *hw);
+ int ath9k_spectral_scan_config(struct ieee80211_hw *hw,
+ enum spectral_mode spectral_mode);
+--- a/drivers/net/wireless/ath/ath9k/debug.c
++++ b/drivers/net/wireless/ath/ath9k/debug.c
+@@ -270,25 +270,29 @@ static const struct file_operations fops
+ .llseek = default_llseek,
+ };
+
+-static ssize_t read_file_ant_diversity(struct file *file, char __user *user_buf,
+- size_t count, loff_t *ppos)
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++
++static ssize_t read_file_bt_ant_diversity(struct file *file,
++ char __user *user_buf,
++ size_t count, loff_t *ppos)
+ {
+ struct ath_softc *sc = file->private_data;
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
+ char buf[32];
+ unsigned int len;
+
+- len = sprintf(buf, "%d\n", common->antenna_diversity);
++ len = sprintf(buf, "%d\n", common->bt_ant_diversity);
+ return simple_read_from_buffer(user_buf, count, ppos, buf, len);
+ }
+
+-static ssize_t write_file_ant_diversity(struct file *file,
+- const char __user *user_buf,
+- size_t count, loff_t *ppos)
++static ssize_t write_file_bt_ant_diversity(struct file *file,
++ const char __user *user_buf,
++ size_t count, loff_t *ppos)
+ {
+ struct ath_softc *sc = file->private_data;
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
+- unsigned long antenna_diversity;
++ struct ath9k_hw_capabilities *pCap = &sc->sc_ah->caps;
++ unsigned long bt_ant_diversity;
+ char buf[32];
+ ssize_t len;
+
+@@ -296,26 +300,147 @@ static ssize_t write_file_ant_diversity(
+ if (copy_from_user(buf, user_buf, len))
+ return -EFAULT;
+
+- if (!AR_SREV_9565(sc->sc_ah))
++ if (!(pCap->hw_caps & ATH9K_HW_CAP_BT_ANT_DIV))
+ goto exit;
+
+ buf[len] = '\0';
+- if (strict_strtoul(buf, 0, &antenna_diversity))
++ if (kstrtoul(buf, 0, &bt_ant_diversity))
+ return -EINVAL;
+
+- common->antenna_diversity = !!antenna_diversity;
++ common->bt_ant_diversity = !!bt_ant_diversity;
+ ath9k_ps_wakeup(sc);
+- ath_ant_comb_update(sc);
+- ath_dbg(common, CONFIG, "Antenna diversity: %d\n",
+- common->antenna_diversity);
++ ath9k_hw_set_bt_ant_diversity(sc->sc_ah, common->bt_ant_diversity);
++ ath_dbg(common, CONFIG, "Enable WLAN/BT RX Antenna diversity: %d\n",
++ common->bt_ant_diversity);
+ ath9k_ps_restore(sc);
+ exit:
+ return count;
+ }
+
+-static const struct file_operations fops_ant_diversity = {
+- .read = read_file_ant_diversity,
+- .write = write_file_ant_diversity,
++static const struct file_operations fops_bt_ant_diversity = {
++ .read = read_file_bt_ant_diversity,
++ .write = write_file_bt_ant_diversity,
++ .open = simple_open,
++ .owner = THIS_MODULE,
++ .llseek = default_llseek,
++};
++
++#endif
++
++void ath9k_debug_stat_ant(struct ath_softc *sc,
++ struct ath_hw_antcomb_conf *div_ant_conf,
++ int main_rssi_avg, int alt_rssi_avg)
++{
++ struct ath_antenna_stats *as_main = &sc->debug.stats.ant_stats[ANT_MAIN];
++ struct ath_antenna_stats *as_alt = &sc->debug.stats.ant_stats[ANT_ALT];
++
++ as_main->lna_attempt_cnt[div_ant_conf->main_lna_conf]++;
++ as_alt->lna_attempt_cnt[div_ant_conf->alt_lna_conf]++;
++
++ as_main->rssi_avg = main_rssi_avg;
++ as_alt->rssi_avg = alt_rssi_avg;
++}
++
++static ssize_t read_file_antenna_diversity(struct file *file,
++ char __user *user_buf,
++ size_t count, loff_t *ppos)
++{
++ struct ath_softc *sc = file->private_data;
++ struct ath_hw *ah = sc->sc_ah;
++ struct ath9k_hw_capabilities *pCap = &ah->caps;
++ struct ath_antenna_stats *as_main = &sc->debug.stats.ant_stats[ANT_MAIN];
++ struct ath_antenna_stats *as_alt = &sc->debug.stats.ant_stats[ANT_ALT];
++ struct ath_hw_antcomb_conf div_ant_conf;
++ unsigned int len = 0, size = 1024;
++ ssize_t retval = 0;
++ char *buf;
++ char *lna_conf_str[4] = {"LNA1_MINUS_LNA2",
++ "LNA2",
++ "LNA1",
++ "LNA1_PLUS_LNA2"};
++
++ buf = kzalloc(size, GFP_KERNEL);
++ if (buf == NULL)
++ return -ENOMEM;
++
++ if (!(pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB)) {
++ len += snprintf(buf + len, size - len, "%s\n",
++ "Antenna Diversity Combining is disabled");
++ goto exit;
++ }
++
++ ath9k_ps_wakeup(sc);
++ ath9k_hw_antdiv_comb_conf_get(ah, &div_ant_conf);
++ len += snprintf(buf + len, size - len, "Current MAIN config : %s\n",
++ lna_conf_str[div_ant_conf.main_lna_conf]);
++ len += snprintf(buf + len, size - len, "Current ALT config : %s\n",
++ lna_conf_str[div_ant_conf.alt_lna_conf]);
++ len += snprintf(buf + len, size - len, "Average MAIN RSSI : %d\n",
++ as_main->rssi_avg);
++ len += snprintf(buf + len, size - len, "Average ALT RSSI : %d\n\n",
++ as_alt->rssi_avg);
++ ath9k_ps_restore(sc);
++
++ len += snprintf(buf + len, size - len, "Packet Receive Cnt:\n");
++ len += snprintf(buf + len, size - len, "-------------------\n");
++
++ len += snprintf(buf + len, size - len, "%30s%15s\n",
++ "MAIN", "ALT");
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "TOTAL COUNT",
++ as_main->recv_cnt,
++ as_alt->recv_cnt);
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA1",
++ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1],
++ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1]);
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA2",
++ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA2],
++ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA2]);
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA1 + LNA2",
++ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2],
++ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2]);
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA1 - LNA2",
++ as_main->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2],
++ as_alt->lna_recv_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2]);
++
++ len += snprintf(buf + len, size - len, "\nLNA Config Attempts:\n");
++ len += snprintf(buf + len, size - len, "--------------------\n");
++
++ len += snprintf(buf + len, size - len, "%30s%15s\n",
++ "MAIN", "ALT");
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA1",
++ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1],
++ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1]);
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA2",
++ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA2],
++ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA2]);
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA1 + LNA2",
++ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2],
++ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2]);
++ len += snprintf(buf + len, size - len, "%-14s:%15d%15d\n",
++ "LNA1 - LNA2",
++ as_main->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2],
++ as_alt->lna_attempt_cnt[ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2]);
++
++exit:
++ if (len > size)
++ len = size;
++
++ retval = simple_read_from_buffer(user_buf, count, ppos, buf, len);
++ kfree(buf);
++
++ return retval;
++}
++
++static const struct file_operations fops_antenna_diversity = {
++ .read = read_file_antenna_diversity,
+ .open = simple_open,
+ .owner = THIS_MODULE,
+ .llseek = default_llseek,
+@@ -607,6 +732,28 @@ static ssize_t read_file_xmit(struct fil
+ return retval;
+ }
+
++static ssize_t print_queue(struct ath_softc *sc, struct ath_txq *txq,
++ char *buf, ssize_t size)
++{
++ ssize_t len = 0;
++
++ ath_txq_lock(sc, txq);
++
++ len += snprintf(buf + len, size - len, "%s: %d ",
++ "qnum", txq->axq_qnum);
++ len += snprintf(buf + len, size - len, "%s: %2d ",
++ "qdepth", txq->axq_depth);
++ len += snprintf(buf + len, size - len, "%s: %2d ",
++ "ampdu-depth", txq->axq_ampdu_depth);
++ len += snprintf(buf + len, size - len, "%s: %3d ",
++ "pending", txq->pending_frames);
++ len += snprintf(buf + len, size - len, "%s: %d\n",
++ "stopped", txq->stopped);
++
++ ath_txq_unlock(sc, txq);
++ return len;
++}
++
+ static ssize_t read_file_queues(struct file *file, char __user *user_buf,
+ size_t count, loff_t *ppos)
+ {
+@@ -624,24 +771,13 @@ static ssize_t read_file_queues(struct f
+
+ for (i = 0; i < IEEE80211_NUM_ACS; i++) {
+ txq = sc->tx.txq_map[i];
+- len += snprintf(buf + len, size - len, "(%s): ", qname[i]);
+-
+- ath_txq_lock(sc, txq);
+-
+- len += snprintf(buf + len, size - len, "%s: %d ",
+- "qnum", txq->axq_qnum);
+- len += snprintf(buf + len, size - len, "%s: %2d ",
+- "qdepth", txq->axq_depth);
+- len += snprintf(buf + len, size - len, "%s: %2d ",
+- "ampdu-depth", txq->axq_ampdu_depth);
+- len += snprintf(buf + len, size - len, "%s: %3d ",
+- "pending", txq->pending_frames);
+- len += snprintf(buf + len, size - len, "%s: %d\n",
+- "stopped", txq->stopped);
+-
+- ath_txq_unlock(sc, txq);
++ len += snprintf(buf + len, size - len, "(%s): ", qname[i]);
++ len += print_queue(sc, txq, buf + len, size - len);
+ }
+
++ len += snprintf(buf + len, size - len, "(CAB): ");
++ len += print_queue(sc, sc->beacon.cabq, buf + len, size - len);
++
+ if (len > size)
+ len = size;
+
+@@ -1818,9 +1954,11 @@ int ath9k_init_debug(struct ath_hw *ah)
+ sc->debug.debugfs_phy, &sc->sc_ah->gpio_mask);
+ debugfs_create_u32("gpio_val", S_IRUSR | S_IWUSR,
+ sc->debug.debugfs_phy, &sc->sc_ah->gpio_val);
+- debugfs_create_file("diversity", S_IRUSR | S_IWUSR,
+- sc->debug.debugfs_phy, sc, &fops_ant_diversity);
++ debugfs_create_file("antenna_diversity", S_IRUSR,
++ sc->debug.debugfs_phy, sc, &fops_antenna_diversity);
+ #ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++ debugfs_create_file("bt_ant_diversity", S_IRUSR | S_IWUSR,
++ sc->debug.debugfs_phy, sc, &fops_bt_ant_diversity);
+ debugfs_create_file("btcoex", S_IRUSR, sc->debug.debugfs_phy, sc,
+ &fops_btcoex);
+ #endif
+--- a/net/mac80211/ibss.c
++++ b/net/mac80211/ibss.c
+@@ -30,13 +30,14 @@
+
+ #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
+ #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
++#define IEEE80211_IBSS_RSN_INACTIVITY_LIMIT (10 * HZ)
+
+ #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
+
+
+ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
+ const u8 *bssid, const int beacon_int,
+- struct ieee80211_channel *chan,
++ struct cfg80211_chan_def *req_chandef,
+ const u32 basic_rates,
+ const u16 capability, u64 tsf,
+ bool creator)
+@@ -51,6 +52,7 @@ static void __ieee80211_sta_join_ibss(st
+ u32 bss_change;
+ u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
+ struct cfg80211_chan_def chandef;
++ struct ieee80211_channel *chan;
+ struct beacon_data *presp;
+ int frame_len;
+
+@@ -81,7 +83,9 @@ static void __ieee80211_sta_join_ibss(st
+
+ sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
+
+- chandef = ifibss->chandef;
++ /* make a copy of the chandef, it could be modified below. */
++ chandef = *req_chandef;
++ chan = chandef.chan;
+ if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
+ chandef.width = NL80211_CHAN_WIDTH_20;
+ chandef.center_freq1 = chan->center_freq;
+@@ -259,10 +263,12 @@ static void ieee80211_sta_join_ibss(stru
+ struct cfg80211_bss *cbss =
+ container_of((void *)bss, struct cfg80211_bss, priv);
+ struct ieee80211_supported_band *sband;
++ struct cfg80211_chan_def chandef;
+ u32 basic_rates;
+ int i, j;
+ u16 beacon_int = cbss->beacon_interval;
+ const struct cfg80211_bss_ies *ies;
++ enum nl80211_channel_type chan_type;
+ u64 tsf;
+
+ sdata_assert_lock(sdata);
+@@ -270,6 +276,26 @@ static void ieee80211_sta_join_ibss(stru
+ if (beacon_int < 10)
+ beacon_int = 10;
+
++ switch (sdata->u.ibss.chandef.width) {
++ case NL80211_CHAN_WIDTH_20_NOHT:
++ case NL80211_CHAN_WIDTH_20:
++ case NL80211_CHAN_WIDTH_40:
++ chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef);
++ cfg80211_chandef_create(&chandef, cbss->channel, chan_type);
++ break;
++ case NL80211_CHAN_WIDTH_5:
++ case NL80211_CHAN_WIDTH_10:
++ cfg80211_chandef_create(&chandef, cbss->channel,
++ NL80211_CHAN_WIDTH_20_NOHT);
++ chandef.width = sdata->u.ibss.chandef.width;
++ break;
++ default:
++ /* fall back to 20 MHz for unsupported modes */
++ cfg80211_chandef_create(&chandef, cbss->channel,
++ NL80211_CHAN_WIDTH_20_NOHT);
++ break;
++ }
++
+ sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
+
+ basic_rates = 0;
+@@ -294,7 +320,7 @@ static void ieee80211_sta_join_ibss(stru
+
+ __ieee80211_sta_join_ibss(sdata, cbss->bssid,
+ beacon_int,
+- cbss->channel,
++ &chandef,
+ basic_rates,
+ cbss->capability,
+ tsf, false);
+@@ -672,6 +698,33 @@ static int ieee80211_sta_active_ibss(str
+ return active;
+ }
+
++static void ieee80211_ibss_sta_expire(struct ieee80211_sub_if_data *sdata)
++{
++ struct ieee80211_local *local = sdata->local;
++ struct sta_info *sta, *tmp;
++ unsigned long exp_time = IEEE80211_IBSS_INACTIVITY_LIMIT;
++ unsigned long exp_rsn_time = IEEE80211_IBSS_RSN_INACTIVITY_LIMIT;
++
++ mutex_lock(&local->sta_mtx);
++
++ list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
++ if (sdata != sta->sdata)
++ continue;
++
++ if (time_after(jiffies, sta->last_rx + exp_time) ||
++ (time_after(jiffies, sta->last_rx + exp_rsn_time) &&
++ sta->sta_state != IEEE80211_STA_AUTHORIZED)) {
++ sta_dbg(sta->sdata, "expiring inactive %sSTA %pM\n",
++ sta->sta_state != IEEE80211_STA_AUTHORIZED ?
++ "not authorized " : "", sta->sta.addr);
++
++ WARN_ON(__sta_info_destroy(sta));
++ }
++ }
++
++ mutex_unlock(&local->sta_mtx);
++}
++
+ /*
+ * This function is called with state == IEEE80211_IBSS_MLME_JOINED
+ */
+@@ -685,7 +738,7 @@ static void ieee80211_sta_merge_ibss(str
+ mod_timer(&ifibss->timer,
+ round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
+
+- ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
++ ieee80211_ibss_sta_expire(sdata);
+
+ if (time_before(jiffies, ifibss->last_scan_completed +
+ IEEE80211_IBSS_MERGE_INTERVAL))
+@@ -736,7 +789,7 @@ static void ieee80211_sta_create_ibss(st
+ sdata->drop_unencrypted = 0;
+
+ __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
+- ifibss->chandef.chan, ifibss->basic_rates,
++ &ifibss->chandef, ifibss->basic_rates,
+ capability, 0, true);
+ }
+
+@@ -792,6 +845,17 @@ static void ieee80211_sta_find_ibss(stru
+ return;
+ }
+
++ /* if a fixed bssid and a fixed freq have been provided create the IBSS
++ * directly and do not waste time scanning
++ */
++ if (ifibss->fixed_bssid && ifibss->fixed_channel) {
++ sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n",
++ bssid);
++ ieee80211_sta_create_ibss(sdata);
++ return;
++ }
++
++
+ ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
+
+ /* Selected IBSS not found in current scan results - try to scan */
+@@ -1138,6 +1202,7 @@ int ieee80211_ibss_leave(struct ieee8021
+ clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
+ ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
+ BSS_CHANGED_IBSS);
++ ieee80211_vif_release_channel(sdata);
+ synchronize_rcu();
+ kfree(presp);
+
+--- a/drivers/net/wireless/ath/ath9k/ar9003_phy.c
++++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.c
+@@ -551,8 +551,7 @@ static void ar9003_hw_set_channel_regs(s
+ if (IS_CHAN_HT40(chan)) {
+ phymode |= AR_PHY_GC_DYN2040_EN;
+ /* Configure control (primary) channel at +-10MHz */
+- if ((chan->chanmode == CHANNEL_A_HT40PLUS) ||
+- (chan->chanmode == CHANNEL_G_HT40PLUS))
++ if (IS_CHAN_HT40PLUS(chan))
+ phymode |= AR_PHY_GC_DYN2040_PRI_CH;
+
+ }
+@@ -565,7 +564,7 @@ static void ar9003_hw_set_channel_regs(s
+ REG_WRITE(ah, AR_PHY_GEN_CTRL, phymode);
+
+ /* Configure MAC for 20/40 operation */
+- ath9k_hw_set11nmac2040(ah);
++ ath9k_hw_set11nmac2040(ah, chan);
+
+ /* global transmit timeout (25 TUs default)*/
+ REG_WRITE(ah, AR_GTXTO, 25 << AR_GTXTO_TIMEOUT_LIMIT_S);
+@@ -632,6 +631,22 @@ static void ar9003_hw_override_ini(struc
+
+ REG_SET_BIT(ah, AR_PHY_CCK_DETECT,
+ AR_PHY_CCK_DETECT_BB_ENABLE_ANT_FAST_DIV);
++
++ if (AR_SREV_9462(ah) || AR_SREV_9565(ah)) {
++ REG_WRITE(ah, AR_GLB_SWREG_DISCONT_MODE,
++ AR_GLB_SWREG_DISCONT_EN_BT_WLAN);
++
++ if (REG_READ_FIELD(ah, AR_PHY_TX_IQCAL_CONTROL_0,
++ AR_PHY_TX_IQCAL_CONTROL_0_ENABLE_TXIQ_CAL))
++ ah->enabled_cals |= TX_IQ_CAL;
++ else
++ ah->enabled_cals &= ~TX_IQ_CAL;
++
++ if (REG_READ(ah, AR_PHY_CL_CAL_CTL) & AR_PHY_CL_CAL_ENABLE)
++ ah->enabled_cals |= TX_CL_CAL;
++ else
++ ah->enabled_cals &= ~TX_CL_CAL;
++ }
+ }
+
+ static void ar9003_hw_prog_ini(struct ath_hw *ah,
+@@ -667,41 +682,22 @@ static int ar9550_hw_get_modes_txgain_in
+ {
+ int ret;
+
+- switch (chan->chanmode) {
+- case CHANNEL_A:
+- case CHANNEL_A_HT20:
+- if (chan->channel <= 5350)
+- ret = 1;
+- else if ((chan->channel > 5350) && (chan->channel <= 5600))
+- ret = 3;
++ if (IS_CHAN_2GHZ(chan)) {
++ if (IS_CHAN_HT40(chan))
++ return 7;
+ else
+- ret = 5;
+- break;
+-
+- case CHANNEL_A_HT40PLUS:
+- case CHANNEL_A_HT40MINUS:
+- if (chan->channel <= 5350)
+- ret = 2;
+- else if ((chan->channel > 5350) && (chan->channel <= 5600))
+- ret = 4;
+- else
+- ret = 6;
+- break;
++ return 8;
++ }
+
+- case CHANNEL_G:
+- case CHANNEL_G_HT20:
+- case CHANNEL_B:
+- ret = 8;
+- break;
++ if (chan->channel <= 5350)
++ ret = 1;
++ else if ((chan->channel > 5350) && (chan->channel <= 5600))
++ ret = 3;
++ else
++ ret = 5;
+
+- case CHANNEL_G_HT40PLUS:
+- case CHANNEL_G_HT40MINUS:
+- ret = 7;
+- break;
+-
+- default:
+- ret = -EINVAL;
+- }
++ if (IS_CHAN_HT40(chan))
++ ret++;
+
+ return ret;
+ }
+@@ -712,28 +708,10 @@ static int ar9003_hw_process_ini(struct
+ unsigned int regWrites = 0, i;
+ u32 modesIndex;
+
+- switch (chan->chanmode) {
+- case CHANNEL_A:
+- case CHANNEL_A_HT20:
+- modesIndex = 1;
+- break;
+- case CHANNEL_A_HT40PLUS:
+- case CHANNEL_A_HT40MINUS:
+- modesIndex = 2;
+- break;
+- case CHANNEL_G:
+- case CHANNEL_G_HT20:
+- case CHANNEL_B:
+- modesIndex = 4;
+- break;
+- case CHANNEL_G_HT40PLUS:
+- case CHANNEL_G_HT40MINUS:
+- modesIndex = 3;
+- break;
+-
+- default:
+- return -EINVAL;
+- }
++ if (IS_CHAN_5GHZ(chan))
++ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
++ else
++ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
+
+ /*
+ * SOC, MAC, BB, RADIO initvals.
+@@ -814,29 +792,12 @@ static int ar9003_hw_process_ini(struct
+ if (chan->channel == 2484)
+ ar9003_hw_prog_ini(ah, &ah->iniCckfirJapan2484, 1);
+
+- if (AR_SREV_9462(ah) || AR_SREV_9565(ah))
+- REG_WRITE(ah, AR_GLB_SWREG_DISCONT_MODE,
+- AR_GLB_SWREG_DISCONT_EN_BT_WLAN);
+-
+ ah->modes_index = modesIndex;
+ ar9003_hw_override_ini(ah);
+ ar9003_hw_set_channel_regs(ah, chan);
+ ar9003_hw_set_chain_masks(ah, ah->rxchainmask, ah->txchainmask);
+ ath9k_hw_apply_txpower(ah, chan, false);
+
+- if (AR_SREV_9462(ah) || AR_SREV_9565(ah)) {
+- if (REG_READ_FIELD(ah, AR_PHY_TX_IQCAL_CONTROL_0,
+- AR_PHY_TX_IQCAL_CONTROL_0_ENABLE_TXIQ_CAL))
+- ah->enabled_cals |= TX_IQ_CAL;
+- else
+- ah->enabled_cals &= ~TX_IQ_CAL;
+-
+- if (REG_READ(ah, AR_PHY_CL_CAL_CTL) & AR_PHY_CL_CAL_ENABLE)
+- ah->enabled_cals |= TX_CL_CAL;
+- else
+- ah->enabled_cals &= ~TX_CL_CAL;
+- }
+-
+ return 0;
+ }
+
+@@ -848,8 +809,10 @@ static void ar9003_hw_set_rfmode(struct
+ if (chan == NULL)
+ return;
+
+- rfMode |= (IS_CHAN_B(chan) || IS_CHAN_G(chan))
+- ? AR_PHY_MODE_DYNAMIC : AR_PHY_MODE_OFDM;
++ if (IS_CHAN_2GHZ(chan))
++ rfMode |= AR_PHY_MODE_DYNAMIC;
++ else
++ rfMode |= AR_PHY_MODE_OFDM;
+
+ if (IS_CHAN_A_FAST_CLOCK(ah, chan))
+ rfMode |= (AR_PHY_MODE_DYNAMIC | AR_PHY_MODE_DYN_CCK_DISABLE);
+@@ -1173,6 +1136,10 @@ skip_ws_det:
+ * is_on == 0 means MRC CCK is OFF (more noise imm)
+ */
+ bool is_on = param ? 1 : 0;
++
++ if (ah->caps.rx_chainmask == 1)
++ break;
++
+ REG_RMW_FIELD(ah, AR_PHY_MRC_CCK_CTRL,
+ AR_PHY_MRC_CCK_ENABLE, is_on);
+ REG_RMW_FIELD(ah, AR_PHY_MRC_CCK_CTRL,
+@@ -1273,12 +1240,11 @@ static void ar9003_hw_ani_cache_ini_regs
+ aniState = &ah->ani;
+ iniDef = &aniState->iniDef;
+
+- ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz/0x%x\n",
++ ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz\n",
+ ah->hw_version.macVersion,
+ ah->hw_version.macRev,
+ ah->opmode,
+- chan->channel,
+- chan->channelFlags);
++ chan->channel);
+
+ val = REG_READ(ah, AR_PHY_SFCORR);
+ iniDef->m1Thresh = MS(val, AR_PHY_SFCORR_M1_THRESH);
+@@ -1413,65 +1379,111 @@ static void ar9003_hw_antdiv_comb_conf_s
+ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
+ }
+
+-static void ar9003_hw_antctrl_shared_chain_lnadiv(struct ath_hw *ah,
+- bool enable)
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++
++static void ar9003_hw_set_bt_ant_diversity(struct ath_hw *ah, bool enable)
+ {
++ struct ath9k_hw_capabilities *pCap = &ah->caps;
+ u8 ant_div_ctl1;
+ u32 regval;
+
+- if (!AR_SREV_9565(ah))
++ if (!AR_SREV_9485(ah) && !AR_SREV_9565(ah))
+ return;
+
+- ah->shared_chain_lnadiv = enable;
++ if (AR_SREV_9485(ah)) {
++ regval = ar9003_hw_ant_ctrl_common_2_get(ah,
++ IS_CHAN_2GHZ(ah->curchan));
++ if (enable) {
++ regval &= ~AR_SWITCH_TABLE_COM2_ALL;
++ regval |= ah->config.ant_ctrl_comm2g_switch_enable;
++ }
++ REG_RMW_FIELD(ah, AR_PHY_SWITCH_COM_2,
++ AR_SWITCH_TABLE_COM2_ALL, regval);
++ }
++
+ ant_div_ctl1 = ah->eep_ops->get_eeprom(ah, EEP_ANT_DIV_CTL1);
+
++ /*
++ * Set MAIN/ALT LNA conf.
++ * Set MAIN/ALT gain_tb.
++ */
+ regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
+ regval &= (~AR_ANT_DIV_CTRL_ALL);
+ regval |= (ant_div_ctl1 & 0x3f) << AR_ANT_DIV_CTRL_ALL_S;
+- regval &= ~AR_PHY_ANT_DIV_LNADIV;
+- regval |= ((ant_div_ctl1 >> 6) & 0x1) << AR_PHY_ANT_DIV_LNADIV_S;
+-
+- if (enable)
+- regval |= AR_ANT_DIV_ENABLE;
+-
+ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
+
+- regval = REG_READ(ah, AR_PHY_CCK_DETECT);
+- regval &= ~AR_FAST_DIV_ENABLE;
+- regval |= ((ant_div_ctl1 >> 7) & 0x1) << AR_FAST_DIV_ENABLE_S;
+-
+- if (enable)
+- regval |= AR_FAST_DIV_ENABLE;
+-
+- REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
+-
+- if (enable) {
+- REG_SET_BIT(ah, AR_PHY_MC_GAIN_CTRL,
+- (1 << AR_PHY_ANT_SW_RX_PROT_S));
+- if (ah->curchan && IS_CHAN_2GHZ(ah->curchan))
+- REG_SET_BIT(ah, AR_PHY_RESTART,
+- AR_PHY_RESTART_ENABLE_DIV_M2FLAG);
+- REG_SET_BIT(ah, AR_BTCOEX_WL_LNADIV,
+- AR_BTCOEX_WL_LNADIV_FORCE_ON);
+- } else {
+- REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL, AR_ANT_DIV_ENABLE);
+- REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL,
+- (1 << AR_PHY_ANT_SW_RX_PROT_S));
+- REG_CLR_BIT(ah, AR_PHY_CCK_DETECT, AR_FAST_DIV_ENABLE);
+- REG_CLR_BIT(ah, AR_BTCOEX_WL_LNADIV,
+- AR_BTCOEX_WL_LNADIV_FORCE_ON);
+-
++ if (AR_SREV_9485_11_OR_LATER(ah)) {
++ /*
++ * Enable LNA diversity.
++ */
+ regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
+- regval &= ~(AR_PHY_ANT_DIV_MAIN_LNACONF |
+- AR_PHY_ANT_DIV_ALT_LNACONF |
+- AR_PHY_ANT_DIV_MAIN_GAINTB |
+- AR_PHY_ANT_DIV_ALT_GAINTB);
+- regval |= (AR_PHY_ANT_DIV_LNA1 << AR_PHY_ANT_DIV_MAIN_LNACONF_S);
+- regval |= (AR_PHY_ANT_DIV_LNA2 << AR_PHY_ANT_DIV_ALT_LNACONF_S);
++ regval &= ~AR_PHY_ANT_DIV_LNADIV;
++ regval |= ((ant_div_ctl1 >> 6) & 0x1) << AR_PHY_ANT_DIV_LNADIV_S;
++ if (enable)
++ regval |= AR_ANT_DIV_ENABLE;
++
+ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
++
++ /*
++ * Enable fast antenna diversity.
++ */
++ regval = REG_READ(ah, AR_PHY_CCK_DETECT);
++ regval &= ~AR_FAST_DIV_ENABLE;
++ regval |= ((ant_div_ctl1 >> 7) & 0x1) << AR_FAST_DIV_ENABLE_S;
++ if (enable)
++ regval |= AR_FAST_DIV_ENABLE;
++
++ REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
++
++ if (pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
++ regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
++ regval &= (~(AR_PHY_ANT_DIV_MAIN_LNACONF |
++ AR_PHY_ANT_DIV_ALT_LNACONF |
++ AR_PHY_ANT_DIV_ALT_GAINTB |
++ AR_PHY_ANT_DIV_MAIN_GAINTB));
++ /*
++ * Set MAIN to LNA1 and ALT to LNA2 at the
++ * beginning.
++ */
++ regval |= (ATH_ANT_DIV_COMB_LNA1 <<
++ AR_PHY_ANT_DIV_MAIN_LNACONF_S);
++ regval |= (ATH_ANT_DIV_COMB_LNA2 <<
++ AR_PHY_ANT_DIV_ALT_LNACONF_S);
++ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
++ }
++ } else if (AR_SREV_9565(ah)) {
++ if (enable) {
++ REG_SET_BIT(ah, AR_PHY_MC_GAIN_CTRL,
++ (1 << AR_PHY_ANT_SW_RX_PROT_S));
++ if (ah->curchan && IS_CHAN_2GHZ(ah->curchan))
++ REG_SET_BIT(ah, AR_PHY_RESTART,
++ AR_PHY_RESTART_ENABLE_DIV_M2FLAG);
++ REG_SET_BIT(ah, AR_BTCOEX_WL_LNADIV,
++ AR_BTCOEX_WL_LNADIV_FORCE_ON);
++ } else {
++ REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL, AR_ANT_DIV_ENABLE);
++ REG_CLR_BIT(ah, AR_PHY_MC_GAIN_CTRL,
++ (1 << AR_PHY_ANT_SW_RX_PROT_S));
++ REG_CLR_BIT(ah, AR_PHY_CCK_DETECT, AR_FAST_DIV_ENABLE);
++ REG_CLR_BIT(ah, AR_BTCOEX_WL_LNADIV,
++ AR_BTCOEX_WL_LNADIV_FORCE_ON);
++
++ regval = REG_READ(ah, AR_PHY_MC_GAIN_CTRL);
++ regval &= ~(AR_PHY_ANT_DIV_MAIN_LNACONF |
++ AR_PHY_ANT_DIV_ALT_LNACONF |
++ AR_PHY_ANT_DIV_MAIN_GAINTB |
++ AR_PHY_ANT_DIV_ALT_GAINTB);
++ regval |= (ATH_ANT_DIV_COMB_LNA1 <<
++ AR_PHY_ANT_DIV_MAIN_LNACONF_S);
++ regval |= (ATH_ANT_DIV_COMB_LNA2 <<
++ AR_PHY_ANT_DIV_ALT_LNACONF_S);
++ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
++ }
+ }
+ }
+
++#endif
++
+ static int ar9003_hw_fast_chan_change(struct ath_hw *ah,
+ struct ath9k_channel *chan,
+ u8 *ini_reloaded)
+@@ -1479,28 +1491,10 @@ static int ar9003_hw_fast_chan_change(st
+ unsigned int regWrites = 0;
+ u32 modesIndex;
+
+- switch (chan->chanmode) {
+- case CHANNEL_A:
+- case CHANNEL_A_HT20:
+- modesIndex = 1;
+- break;
+- case CHANNEL_A_HT40PLUS:
+- case CHANNEL_A_HT40MINUS:
+- modesIndex = 2;
+- break;
+- case CHANNEL_G:
+- case CHANNEL_G_HT20:
+- case CHANNEL_B:
+- modesIndex = 4;
+- break;
+- case CHANNEL_G_HT40PLUS:
+- case CHANNEL_G_HT40MINUS:
+- modesIndex = 3;
+- break;
+-
+- default:
+- return -EINVAL;
+- }
++ if (IS_CHAN_5GHZ(chan))
++ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
++ else
++ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
+
+ if (modesIndex == ah->modes_index) {
+ *ini_reloaded = false;
+@@ -1518,6 +1512,18 @@ static int ar9003_hw_fast_chan_change(st
+
+ REG_WRITE_ARRAY(&ah->iniModesTxGain, modesIndex, regWrites);
+
++ if (AR_SREV_9462_20_OR_LATER(ah)) {
++ /*
++ * CUS217 mix LNA mode.
++ */
++ if (ar9003_hw_get_rx_gain_idx(ah) == 2) {
++ REG_WRITE_ARRAY(&ah->ini_modes_rxgain_bb_core,
++ 1, regWrites);
++ REG_WRITE_ARRAY(&ah->ini_modes_rxgain_bb_postamble,
++ modesIndex, regWrites);
++ }
++ }
++
+ /*
+ * For 5GHz channels requiring Fast Clock, apply
+ * different modal values.
+@@ -1528,7 +1534,11 @@ static int ar9003_hw_fast_chan_change(st
+ if (AR_SREV_9565(ah))
+ REG_WRITE_ARRAY(&ah->iniModesFastClock, 1, regWrites);
+
+- REG_WRITE_ARRAY(&ah->iniAdditional, 1, regWrites);
++ /*
++ * JAPAN regulatory.
++ */
++ if (chan->channel == 2484)
++ ar9003_hw_prog_ini(ah, &ah->iniCckfirJapan2484, 1);
+
+ ah->modes_index = modesIndex;
+ *ini_reloaded = true;
+@@ -1631,11 +1641,14 @@ void ar9003_hw_attach_phy_ops(struct ath
+
+ ops->antdiv_comb_conf_get = ar9003_hw_antdiv_comb_conf_get;
+ ops->antdiv_comb_conf_set = ar9003_hw_antdiv_comb_conf_set;
+- ops->antctrl_shared_chain_lnadiv = ar9003_hw_antctrl_shared_chain_lnadiv;
+ ops->spectral_scan_config = ar9003_hw_spectral_scan_config;
+ ops->spectral_scan_trigger = ar9003_hw_spectral_scan_trigger;
+ ops->spectral_scan_wait = ar9003_hw_spectral_scan_wait;
+
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++ ops->set_bt_ant_diversity = ar9003_hw_set_bt_ant_diversity;
++#endif
++
+ ar9003_hw_set_nf_limits(ah);
+ ar9003_hw_set_radar_conf(ah);
+ memcpy(ah->nf_regs, ar9300_cca_regs, sizeof(ah->nf_regs));
+--- a/drivers/net/wireless/ath/ath9k/recv.c
++++ b/drivers/net/wireless/ath/ath9k/recv.c
+@@ -19,7 +19,7 @@
+ #include "ath9k.h"
+ #include "ar9003_mac.h"
+
+-#define SKB_CB_ATHBUF(__skb) (*((struct ath_buf **)__skb->cb))
++#define SKB_CB_ATHBUF(__skb) (*((struct ath_rxbuf **)__skb->cb))
+
+ static inline bool ath9k_check_auto_sleep(struct ath_softc *sc)
+ {
+@@ -35,15 +35,13 @@ static inline bool ath9k_check_auto_slee
+ * buffer (or rx fifo). This can incorrectly acknowledge packets
+ * to a sender if last desc is self-linked.
+ */
+-static void ath_rx_buf_link(struct ath_softc *sc, struct ath_buf *bf)
++static void ath_rx_buf_link(struct ath_softc *sc, struct ath_rxbuf *bf)
+ {
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
+ struct ath_desc *ds;
+ struct sk_buff *skb;
+
+- ATH_RXBUF_RESET(bf);
+-
+ ds = bf->bf_desc;
+ ds->ds_link = 0; /* link to null */
+ ds->ds_data = bf->bf_buf_addr;
+@@ -70,6 +68,14 @@ static void ath_rx_buf_link(struct ath_s
+ sc->rx.rxlink = &ds->ds_link;
+ }
+
++static void ath_rx_buf_relink(struct ath_softc *sc, struct ath_rxbuf *bf)
++{
++ if (sc->rx.buf_hold)
++ ath_rx_buf_link(sc, sc->rx.buf_hold);
++
++ sc->rx.buf_hold = bf;
++}
++
+ static void ath_setdefantenna(struct ath_softc *sc, u32 antenna)
+ {
+ /* XXX block beacon interrupts */
+@@ -106,18 +112,17 @@ static bool ath_rx_edma_buf_link(struct
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_rx_edma *rx_edma;
+ struct sk_buff *skb;
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+
+ rx_edma = &sc->rx.rx_edma[qtype];
+ if (skb_queue_len(&rx_edma->rx_fifo) >= rx_edma->rx_fifo_hwsize)
+ return false;
+
+- bf = list_first_entry(&sc->rx.rxbuf, struct ath_buf, list);
++ bf = list_first_entry(&sc->rx.rxbuf, struct ath_rxbuf, list);
+ list_del_init(&bf->list);
+
+ skb = bf->bf_mpdu;
+
+- ATH_RXBUF_RESET(bf);
+ memset(skb->data, 0, ah->caps.rx_status_len);
+ dma_sync_single_for_device(sc->dev, bf->bf_buf_addr,
+ ah->caps.rx_status_len, DMA_TO_DEVICE);
+@@ -133,7 +138,7 @@ static void ath_rx_addbuffer_edma(struct
+ enum ath9k_rx_qtype qtype)
+ {
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
+- struct ath_buf *bf, *tbf;
++ struct ath_rxbuf *bf, *tbf;
+
+ if (list_empty(&sc->rx.rxbuf)) {
+ ath_dbg(common, QUEUE, "No free rx buf available\n");
+@@ -149,7 +154,7 @@ static void ath_rx_addbuffer_edma(struct
+ static void ath_rx_remove_buffer(struct ath_softc *sc,
+ enum ath9k_rx_qtype qtype)
+ {
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+ struct ath_rx_edma *rx_edma;
+ struct sk_buff *skb;
+
+@@ -166,7 +171,7 @@ static void ath_rx_edma_cleanup(struct a
+ {
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+
+ ath_rx_remove_buffer(sc, ATH9K_RX_QUEUE_LP);
+ ath_rx_remove_buffer(sc, ATH9K_RX_QUEUE_HP);
+@@ -185,7 +190,7 @@ static void ath_rx_edma_cleanup(struct a
+
+ static void ath_rx_edma_init_queue(struct ath_rx_edma *rx_edma, int size)
+ {
+- skb_queue_head_init(&rx_edma->rx_fifo);
++ __skb_queue_head_init(&rx_edma->rx_fifo);
+ rx_edma->rx_fifo_hwsize = size;
+ }
+
+@@ -194,7 +199,7 @@ static int ath_rx_edma_init(struct ath_s
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
+ struct ath_hw *ah = sc->sc_ah;
+ struct sk_buff *skb;
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+ int error = 0, i;
+ u32 size;
+
+@@ -206,7 +211,7 @@ static int ath_rx_edma_init(struct ath_s
+ ath_rx_edma_init_queue(&sc->rx.rx_edma[ATH9K_RX_QUEUE_HP],
+ ah->caps.rx_hp_qdepth);
+
+- size = sizeof(struct ath_buf) * nbufs;
++ size = sizeof(struct ath_rxbuf) * nbufs;
+ bf = devm_kzalloc(sc->dev, size, GFP_KERNEL);
+ if (!bf)
+ return -ENOMEM;
+@@ -266,7 +271,7 @@ int ath_rx_init(struct ath_softc *sc, in
+ {
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
+ struct sk_buff *skb;
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+ int error = 0;
+
+ spin_lock_init(&sc->sc_pcu_lock);
+@@ -327,7 +332,7 @@ void ath_rx_cleanup(struct ath_softc *sc
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
+ struct sk_buff *skb;
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+
+ if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) {
+ ath_rx_edma_cleanup(sc);
+@@ -422,7 +427,7 @@ u32 ath_calcrxfilter(struct ath_softc *s
+ int ath_startrecv(struct ath_softc *sc)
+ {
+ struct ath_hw *ah = sc->sc_ah;
+- struct ath_buf *bf, *tbf;
++ struct ath_rxbuf *bf, *tbf;
+
+ if (ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) {
+ ath_edma_start_recv(sc);
+@@ -432,6 +437,7 @@ int ath_startrecv(struct ath_softc *sc)
+ if (list_empty(&sc->rx.rxbuf))
+ goto start_recv;
+
++ sc->rx.buf_hold = NULL;
+ sc->rx.rxlink = NULL;
+ list_for_each_entry_safe(bf, tbf, &sc->rx.rxbuf, list) {
+ ath_rx_buf_link(sc, bf);
+@@ -441,7 +447,7 @@ int ath_startrecv(struct ath_softc *sc)
+ if (list_empty(&sc->rx.rxbuf))
+ goto start_recv;
+
+- bf = list_first_entry(&sc->rx.rxbuf, struct ath_buf, list);
++ bf = list_first_entry(&sc->rx.rxbuf, struct ath_rxbuf, list);
+ ath9k_hw_putrxbuf(ah, bf->bf_daddr);
+ ath9k_hw_rxena(ah);
+
+@@ -597,13 +603,13 @@ static void ath_rx_ps(struct ath_softc *
+ static bool ath_edma_get_buffers(struct ath_softc *sc,
+ enum ath9k_rx_qtype qtype,
+ struct ath_rx_status *rs,
+- struct ath_buf **dest)
++ struct ath_rxbuf **dest)
+ {
+ struct ath_rx_edma *rx_edma = &sc->rx.rx_edma[qtype];
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
+ struct sk_buff *skb;
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+ int ret;
+
+ skb = skb_peek(&rx_edma->rx_fifo);
+@@ -647,11 +653,11 @@ static bool ath_edma_get_buffers(struct
+ return true;
+ }
+
+-static struct ath_buf *ath_edma_get_next_rx_buf(struct ath_softc *sc,
++static struct ath_rxbuf *ath_edma_get_next_rx_buf(struct ath_softc *sc,
+ struct ath_rx_status *rs,
+ enum ath9k_rx_qtype qtype)
+ {
+- struct ath_buf *bf = NULL;
++ struct ath_rxbuf *bf = NULL;
+
+ while (ath_edma_get_buffers(sc, qtype, rs, &bf)) {
+ if (!bf)
+@@ -662,13 +668,13 @@ static struct ath_buf *ath_edma_get_next
+ return NULL;
+ }
+
+-static struct ath_buf *ath_get_next_rx_buf(struct ath_softc *sc,
++static struct ath_rxbuf *ath_get_next_rx_buf(struct ath_softc *sc,
+ struct ath_rx_status *rs)
+ {
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
+ struct ath_desc *ds;
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+ int ret;
+
+ if (list_empty(&sc->rx.rxbuf)) {
+@@ -676,7 +682,10 @@ static struct ath_buf *ath_get_next_rx_b
+ return NULL;
+ }
+
+- bf = list_first_entry(&sc->rx.rxbuf, struct ath_buf, list);
++ bf = list_first_entry(&sc->rx.rxbuf, struct ath_rxbuf, list);
++ if (bf == sc->rx.buf_hold)
++ return NULL;
++
+ ds = bf->bf_desc;
+
+ /*
+@@ -693,7 +702,7 @@ static struct ath_buf *ath_get_next_rx_b
+ ret = ath9k_hw_rxprocdesc(ah, ds, rs);
+ if (ret == -EINPROGRESS) {
+ struct ath_rx_status trs;
+- struct ath_buf *tbf;
++ struct ath_rxbuf *tbf;
+ struct ath_desc *tds;
+
+ memset(&trs, 0, sizeof(trs));
+@@ -702,7 +711,7 @@ static struct ath_buf *ath_get_next_rx_b
+ return NULL;
+ }
+
+- tbf = list_entry(bf->list.next, struct ath_buf, list);
++ tbf = list_entry(bf->list.next, struct ath_rxbuf, list);
+
+ /*
+ * On some hardware the descriptor status words could
+@@ -755,7 +764,6 @@ static bool ath9k_rx_accept(struct ath_c
+ bool is_mc, is_valid_tkip, strip_mic, mic_error;
+ struct ath_hw *ah = common->ah;
+ __le16 fc;
+- u8 rx_status_len = ah->caps.rx_status_len;
+
+ fc = hdr->frame_control;
+
+@@ -777,25 +785,6 @@ static bool ath9k_rx_accept(struct ath_c
+ !test_bit(rx_stats->rs_keyix, common->ccmp_keymap))
+ rx_stats->rs_status &= ~ATH9K_RXERR_KEYMISS;
+
+- if (!rx_stats->rs_datalen) {
+- RX_STAT_INC(rx_len_err);
+- return false;
+- }
+-
+- /*
+- * rs_status follows rs_datalen so if rs_datalen is too large
+- * we can take a hint that hardware corrupted it, so ignore
+- * those frames.
+- */
+- if (rx_stats->rs_datalen > (common->rx_bufsize - rx_status_len)) {
+- RX_STAT_INC(rx_len_err);
+- return false;
+- }
+-
+- /* Only use error bits from the last fragment */
+- if (rx_stats->rs_more)
+- return true;
+-
+ mic_error = is_valid_tkip && !ieee80211_is_ctl(fc) &&
+ !ieee80211_has_morefrags(fc) &&
+ !(le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG) &&
+@@ -814,8 +803,6 @@ static bool ath9k_rx_accept(struct ath_c
+ rxs->flag |= RX_FLAG_FAILED_FCS_CRC;
+ mic_error = false;
+ }
+- if (rx_stats->rs_status & ATH9K_RXERR_PHY)
+- return false;
+
+ if ((rx_stats->rs_status & ATH9K_RXERR_DECRYPT) ||
+ (!is_mc && (rx_stats->rs_status & ATH9K_RXERR_KEYMISS))) {
+@@ -898,129 +885,65 @@ static int ath9k_process_rate(struct ath
+
+ static void ath9k_process_rssi(struct ath_common *common,
+ struct ieee80211_hw *hw,
+- struct ieee80211_hdr *hdr,
+- struct ath_rx_status *rx_stats)
++ struct ath_rx_status *rx_stats,
++ struct ieee80211_rx_status *rxs)
+ {
+ struct ath_softc *sc = hw->priv;
+ struct ath_hw *ah = common->ah;
+ int last_rssi;
+ int rssi = rx_stats->rs_rssi;
+
+- if (!rx_stats->is_mybeacon ||
+- ((ah->opmode != NL80211_IFTYPE_STATION) &&
+- (ah->opmode != NL80211_IFTYPE_ADHOC)))
++ /*
++ * RSSI is not available for subframes in an A-MPDU.
++ */
++ if (rx_stats->rs_moreaggr) {
++ rxs->flag |= RX_FLAG_NO_SIGNAL_VAL;
+ return;
+-
+- if (rx_stats->rs_rssi != ATH9K_RSSI_BAD && !rx_stats->rs_moreaggr)
+- ATH_RSSI_LPF(sc->last_rssi, rx_stats->rs_rssi);
+-
+- last_rssi = sc->last_rssi;
+- if (likely(last_rssi != ATH_RSSI_DUMMY_MARKER))
+- rssi = ATH_EP_RND(last_rssi, ATH_RSSI_EP_MULTIPLIER);
+- if (rssi < 0)
+- rssi = 0;
+-
+- /* Update Beacon RSSI, this is used by ANI. */
+- ah->stats.avgbrssi = rssi;
+-}
+-
+-/*
+- * For Decrypt or Demic errors, we only mark packet status here and always push
+- * up the frame up to let mac80211 handle the actual error case, be it no
+- * decryption key or real decryption error. This let us keep statistics there.
+- */
+-static int ath9k_rx_skb_preprocess(struct ath_softc *sc,
+- struct ieee80211_hdr *hdr,
+- struct ath_rx_status *rx_stats,
+- struct ieee80211_rx_status *rx_status,
+- bool *decrypt_error)
+-{
+- struct ieee80211_hw *hw = sc->hw;
+- struct ath_hw *ah = sc->sc_ah;
+- struct ath_common *common = ath9k_hw_common(ah);
+- bool discard_current = sc->rx.discard_next;
+-
+- sc->rx.discard_next = rx_stats->rs_more;
+- if (discard_current)
+- return -EINVAL;
++ }
+
+ /*
+- * everything but the rate is checked here, the rate check is done
+- * separately to avoid doing two lookups for a rate for each frame.
++ * Check if the RSSI for the last subframe in an A-MPDU
++ * or an unaggregated frame is valid.
+ */
+- if (!ath9k_rx_accept(common, hdr, rx_status, rx_stats, decrypt_error))
+- return -EINVAL;
+-
+- /* Only use status info from the last fragment */
+- if (rx_stats->rs_more)
+- return 0;
++ if (rx_stats->rs_rssi == ATH9K_RSSI_BAD) {
++ rxs->flag |= RX_FLAG_NO_SIGNAL_VAL;
++ return;
++ }
+
+- if (ath9k_process_rate(common, hw, rx_stats, rx_status))
+- return -EINVAL;
++ /*
++ * Update Beacon RSSI, this is used by ANI.
++ */
++ if (rx_stats->is_mybeacon &&
++ ((ah->opmode == NL80211_IFTYPE_STATION) ||
++ (ah->opmode == NL80211_IFTYPE_ADHOC))) {
++ ATH_RSSI_LPF(sc->last_rssi, rx_stats->rs_rssi);
++ last_rssi = sc->last_rssi;
+
+- ath9k_process_rssi(common, hw, hdr, rx_stats);
++ if (likely(last_rssi != ATH_RSSI_DUMMY_MARKER))
++ rssi = ATH_EP_RND(last_rssi, ATH_RSSI_EP_MULTIPLIER);
++ if (rssi < 0)
++ rssi = 0;
+
+- rx_status->band = hw->conf.chandef.chan->band;
+- rx_status->freq = hw->conf.chandef.chan->center_freq;
+- rx_status->signal = ah->noise + rx_stats->rs_rssi;
+- rx_status->antenna = rx_stats->rs_antenna;
+- rx_status->flag |= RX_FLAG_MACTIME_END;
+- if (rx_stats->rs_moreaggr)
+- rx_status->flag |= RX_FLAG_NO_SIGNAL_VAL;
++ ah->stats.avgbrssi = rssi;
++ }
+
+- sc->rx.discard_next = false;
+- return 0;
++ rxs->signal = ah->noise + rx_stats->rs_rssi;
+ }
+
+-static void ath9k_rx_skb_postprocess(struct ath_common *common,
+- struct sk_buff *skb,
+- struct ath_rx_status *rx_stats,
+- struct ieee80211_rx_status *rxs,
+- bool decrypt_error)
++static void ath9k_process_tsf(struct ath_rx_status *rs,
++ struct ieee80211_rx_status *rxs,
++ u64 tsf)
+ {
+- struct ath_hw *ah = common->ah;
+- struct ieee80211_hdr *hdr;
+- int hdrlen, padpos, padsize;
+- u8 keyix;
+- __le16 fc;
++ u32 tsf_lower = tsf & 0xffffffff;
+
+- /* see if any padding is done by the hw and remove it */
+- hdr = (struct ieee80211_hdr *) skb->data;
+- hdrlen = ieee80211_get_hdrlen_from_skb(skb);
+- fc = hdr->frame_control;
+- padpos = ieee80211_hdrlen(fc);
++ rxs->mactime = (tsf & ~0xffffffffULL) | rs->rs_tstamp;
++ if (rs->rs_tstamp > tsf_lower &&
++ unlikely(rs->rs_tstamp - tsf_lower > 0x10000000))
++ rxs->mactime -= 0x100000000ULL;
+
+- /* The MAC header is padded to have 32-bit boundary if the
+- * packet payload is non-zero. The general calculation for
+- * padsize would take into account odd header lengths:
+- * padsize = (4 - padpos % 4) % 4; However, since only
+- * even-length headers are used, padding can only be 0 or 2
+- * bytes and we can optimize this a bit. In addition, we must
+- * not try to remove padding from short control frames that do
+- * not have payload. */
+- padsize = padpos & 3;
+- if (padsize && skb->len>=padpos+padsize+FCS_LEN) {
+- memmove(skb->data + padsize, skb->data, padpos);
+- skb_pull(skb, padsize);
+- }
+-
+- keyix = rx_stats->rs_keyix;
+-
+- if (!(keyix == ATH9K_RXKEYIX_INVALID) && !decrypt_error &&
+- ieee80211_has_protected(fc)) {
+- rxs->flag |= RX_FLAG_DECRYPTED;
+- } else if (ieee80211_has_protected(fc)
+- && !decrypt_error && skb->len >= hdrlen + 4) {
+- keyix = skb->data[hdrlen + 3] >> 6;
+-
+- if (test_bit(keyix, common->keymap))
+- rxs->flag |= RX_FLAG_DECRYPTED;
+- }
+- if (ah->sw_mgmt_crypto &&
+- (rxs->flag & RX_FLAG_DECRYPTED) &&
+- ieee80211_is_mgmt(fc))
+- /* Use software decrypt for management frames. */
+- rxs->flag &= ~RX_FLAG_DECRYPTED;
++ if (rs->rs_tstamp < tsf_lower &&
++ unlikely(tsf_lower - rs->rs_tstamp > 0x10000000))
++ rxs->mactime += 0x100000000ULL;
+ }
+
+ #ifdef CPTCFG_ATH9K_DEBUGFS
+@@ -1133,6 +1056,234 @@ static int ath_process_fft(struct ath_so
+ #endif
+ }
+
++static bool ath9k_is_mybeacon(struct ath_softc *sc, struct ieee80211_hdr *hdr)
++{
++ struct ath_hw *ah = sc->sc_ah;
++ struct ath_common *common = ath9k_hw_common(ah);
++
++ if (ieee80211_is_beacon(hdr->frame_control)) {
++ RX_STAT_INC(rx_beacons);
++ if (!is_zero_ether_addr(common->curbssid) &&
++ ether_addr_equal(hdr->addr3, common->curbssid))
++ return true;
++ }
++
++ return false;
++}
++
++/*
++ * For Decrypt or Demic errors, we only mark packet status here and always push
++ * up the frame up to let mac80211 handle the actual error case, be it no
++ * decryption key or real decryption error. This let us keep statistics there.
++ */
++static int ath9k_rx_skb_preprocess(struct ath_softc *sc,
++ struct sk_buff *skb,
++ struct ath_rx_status *rx_stats,
++ struct ieee80211_rx_status *rx_status,
++ bool *decrypt_error, u64 tsf)
++{
++ struct ieee80211_hw *hw = sc->hw;
++ struct ath_hw *ah = sc->sc_ah;
++ struct ath_common *common = ath9k_hw_common(ah);
++ struct ieee80211_hdr *hdr;
++ bool discard_current = sc->rx.discard_next;
++ int ret = 0;
++
++ /*
++ * Discard corrupt descriptors which are marked in
++ * ath_get_next_rx_buf().
++ */
++ sc->rx.discard_next = rx_stats->rs_more;
++ if (discard_current)
++ return -EINVAL;
++
++ /*
++ * Discard zero-length packets.
++ */
++ if (!rx_stats->rs_datalen) {
++ RX_STAT_INC(rx_len_err);
++ return -EINVAL;
++ }
++
++ /*
++ * rs_status follows rs_datalen so if rs_datalen is too large
++ * we can take a hint that hardware corrupted it, so ignore
++ * those frames.
++ */
++ if (rx_stats->rs_datalen > (common->rx_bufsize - ah->caps.rx_status_len)) {
++ RX_STAT_INC(rx_len_err);
++ return -EINVAL;
++ }
++
++ /* Only use status info from the last fragment */
++ if (rx_stats->rs_more)
++ return 0;
++
++ /*
++ * Return immediately if the RX descriptor has been marked
++ * as corrupt based on the various error bits.
++ *
++ * This is different from the other corrupt descriptor
++ * condition handled above.
++ */
++ if (rx_stats->rs_status & ATH9K_RXERR_CORRUPT_DESC) {
++ ret = -EINVAL;
++ goto exit;
++ }
++
++ hdr = (struct ieee80211_hdr *) (skb->data + ah->caps.rx_status_len);
++
++ ath9k_process_tsf(rx_stats, rx_status, tsf);
++ ath_debug_stat_rx(sc, rx_stats);
++
++ /*
++ * Process PHY errors and return so that the packet
++ * can be dropped.
++ */
++ if (rx_stats->rs_status & ATH9K_RXERR_PHY) {
++ ath9k_dfs_process_phyerr(sc, hdr, rx_stats, rx_status->mactime);
++ if (ath_process_fft(sc, hdr, rx_stats, rx_status->mactime))
++ RX_STAT_INC(rx_spectral);
++
++ ret = -EINVAL;
++ goto exit;
++ }
++
++ /*
++ * everything but the rate is checked here, the rate check is done
++ * separately to avoid doing two lookups for a rate for each frame.
++ */
++ if (!ath9k_rx_accept(common, hdr, rx_status, rx_stats, decrypt_error)) {
++ ret = -EINVAL;
++ goto exit;
++ }
++
++ rx_stats->is_mybeacon = ath9k_is_mybeacon(sc, hdr);
++ if (rx_stats->is_mybeacon) {
++ sc->hw_busy_count = 0;
++ ath_start_rx_poll(sc, 3);
++ }
++
++ if (ath9k_process_rate(common, hw, rx_stats, rx_status)) {
++ ret =-EINVAL;
++ goto exit;
++ }
++
++ ath9k_process_rssi(common, hw, rx_stats, rx_status);
++
++ rx_status->band = hw->conf.chandef.chan->band;
++ rx_status->freq = hw->conf.chandef.chan->center_freq;
++ rx_status->antenna = rx_stats->rs_antenna;
++ rx_status->flag |= RX_FLAG_MACTIME_END;
++
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++ if (ieee80211_is_data_present(hdr->frame_control) &&
++ !ieee80211_is_qos_nullfunc(hdr->frame_control))
++ sc->rx.num_pkts++;
++#endif
++
++exit:
++ sc->rx.discard_next = false;
++ return ret;
++}
++
++static void ath9k_rx_skb_postprocess(struct ath_common *common,
++ struct sk_buff *skb,
++ struct ath_rx_status *rx_stats,
++ struct ieee80211_rx_status *rxs,
++ bool decrypt_error)
++{
++ struct ath_hw *ah = common->ah;
++ struct ieee80211_hdr *hdr;
++ int hdrlen, padpos, padsize;
++ u8 keyix;
++ __le16 fc;
++
++ /* see if any padding is done by the hw and remove it */
++ hdr = (struct ieee80211_hdr *) skb->data;
++ hdrlen = ieee80211_get_hdrlen_from_skb(skb);
++ fc = hdr->frame_control;
++ padpos = ieee80211_hdrlen(fc);
++
++ /* The MAC header is padded to have 32-bit boundary if the
++ * packet payload is non-zero. The general calculation for
++ * padsize would take into account odd header lengths:
++ * padsize = (4 - padpos % 4) % 4; However, since only
++ * even-length headers are used, padding can only be 0 or 2
++ * bytes and we can optimize this a bit. In addition, we must
++ * not try to remove padding from short control frames that do
++ * not have payload. */
++ padsize = padpos & 3;
++ if (padsize && skb->len>=padpos+padsize+FCS_LEN) {
++ memmove(skb->data + padsize, skb->data, padpos);
++ skb_pull(skb, padsize);
++ }
++
++ keyix = rx_stats->rs_keyix;
++
++ if (!(keyix == ATH9K_RXKEYIX_INVALID) && !decrypt_error &&
++ ieee80211_has_protected(fc)) {
++ rxs->flag |= RX_FLAG_DECRYPTED;
++ } else if (ieee80211_has_protected(fc)
++ && !decrypt_error && skb->len >= hdrlen + 4) {
++ keyix = skb->data[hdrlen + 3] >> 6;
++
++ if (test_bit(keyix, common->keymap))
++ rxs->flag |= RX_FLAG_DECRYPTED;
++ }
++ if (ah->sw_mgmt_crypto &&
++ (rxs->flag & RX_FLAG_DECRYPTED) &&
++ ieee80211_is_mgmt(fc))
++ /* Use software decrypt for management frames. */
++ rxs->flag &= ~RX_FLAG_DECRYPTED;
++}
++
++/*
++ * Run the LNA combining algorithm only in these cases:
++ *
++ * Standalone WLAN cards with both LNA/Antenna diversity
++ * enabled in the EEPROM.
++ *
++ * WLAN+BT cards which are in the supported card list
++ * in ath_pci_id_table and the user has loaded the
++ * driver with "bt_ant_diversity" set to true.
++ */
++static void ath9k_antenna_check(struct ath_softc *sc,
++ struct ath_rx_status *rs)
++{
++ struct ath_hw *ah = sc->sc_ah;
++ struct ath9k_hw_capabilities *pCap = &ah->caps;
++ struct ath_common *common = ath9k_hw_common(ah);
++
++ if (!(ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB))
++ return;
++
++ /*
++ * All MPDUs in an aggregate will use the same LNA
++ * as the first MPDU.
++ */
++ if (rs->rs_isaggr && !rs->rs_firstaggr)
++ return;
++
++ /*
++ * Change the default rx antenna if rx diversity
++ * chooses the other antenna 3 times in a row.
++ */
++ if (sc->rx.defant != rs->rs_antenna) {
++ if (++sc->rx.rxotherant >= 3)
++ ath_setdefantenna(sc, rs->rs_antenna);
++ } else {
++ sc->rx.rxotherant = 0;
++ }
++
++ if (pCap->hw_caps & ATH9K_HW_CAP_BT_ANT_DIV) {
++ if (common->bt_ant_diversity)
++ ath_ant_comb_scan(sc, rs);
++ } else {
++ ath_ant_comb_scan(sc, rs);
++ }
++}
++
+ static void ath9k_apply_ampdu_details(struct ath_softc *sc,
+ struct ath_rx_status *rs, struct ieee80211_rx_status *rxs)
+ {
+@@ -1153,21 +1304,18 @@ static void ath9k_apply_ampdu_details(st
+
+ int ath_rx_tasklet(struct ath_softc *sc, int flush, bool hp)
+ {
+- struct ath_buf *bf;
++ struct ath_rxbuf *bf;
+ struct sk_buff *skb = NULL, *requeue_skb, *hdr_skb;
+ struct ieee80211_rx_status *rxs;
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
+ struct ieee80211_hw *hw = sc->hw;
+- struct ieee80211_hdr *hdr;
+ int retval;
+ struct ath_rx_status rs;
+ enum ath9k_rx_qtype qtype;
+ bool edma = !!(ah->caps.hw_caps & ATH9K_HW_CAP_EDMA);
+ int dma_type;
+- u8 rx_status_len = ah->caps.rx_status_len;
+ u64 tsf = 0;
+- u32 tsf_lower = 0;
+ unsigned long flags;
+ dma_addr_t new_buf_addr;
+
+@@ -1179,7 +1327,6 @@ int ath_rx_tasklet(struct ath_softc *sc,
+ qtype = hp ? ATH9K_RX_QUEUE_HP : ATH9K_RX_QUEUE_LP;
+
+ tsf = ath9k_hw_gettsf64(ah);
+- tsf_lower = tsf & 0xffffffff;
+
+ do {
+ bool decrypt_error = false;
+@@ -1206,55 +1353,14 @@ int ath_rx_tasklet(struct ath_softc *sc,
+ else
+ hdr_skb = skb;
+
+- hdr = (struct ieee80211_hdr *) (hdr_skb->data + rx_status_len);
+ rxs = IEEE80211_SKB_RXCB(hdr_skb);
+- if (ieee80211_is_beacon(hdr->frame_control)) {
+- RX_STAT_INC(rx_beacons);
+- if (!is_zero_ether_addr(common->curbssid) &&
+- ether_addr_equal(hdr->addr3, common->curbssid))
+- rs.is_mybeacon = true;
+- else
+- rs.is_mybeacon = false;
+- }
+- else
+- rs.is_mybeacon = false;
+-
+- if (ieee80211_is_data_present(hdr->frame_control) &&
+- !ieee80211_is_qos_nullfunc(hdr->frame_control))
+- sc->rx.num_pkts++;
+-
+- ath_debug_stat_rx(sc, &rs);
+-
+ memset(rxs, 0, sizeof(struct ieee80211_rx_status));
+
+- rxs->mactime = (tsf & ~0xffffffffULL) | rs.rs_tstamp;
+- if (rs.rs_tstamp > tsf_lower &&
+- unlikely(rs.rs_tstamp - tsf_lower > 0x10000000))
+- rxs->mactime -= 0x100000000ULL;
+-
+- if (rs.rs_tstamp < tsf_lower &&
+- unlikely(tsf_lower - rs.rs_tstamp > 0x10000000))
+- rxs->mactime += 0x100000000ULL;
+-
+- if (rs.rs_phyerr == ATH9K_PHYERR_RADAR)
+- ath9k_dfs_process_phyerr(sc, hdr, &rs, rxs->mactime);
+-
+- if (rs.rs_status & ATH9K_RXERR_PHY) {
+- if (ath_process_fft(sc, hdr, &rs, rxs->mactime)) {
+- RX_STAT_INC(rx_spectral);
+- goto requeue_drop_frag;
+- }
+- }
+-
+- retval = ath9k_rx_skb_preprocess(sc, hdr, &rs, rxs,
+- &decrypt_error);
++ retval = ath9k_rx_skb_preprocess(sc, hdr_skb, &rs, rxs,
++ &decrypt_error, tsf);
+ if (retval)
+ goto requeue_drop_frag;
+
+- if (rs.is_mybeacon) {
+- sc->hw_busy_count = 0;
+- ath_start_rx_poll(sc, 3);
+- }
+ /* Ensure we always have an skb to requeue once we are done
+ * processing the current buffer's skb */
+ requeue_skb = ath_rxbuf_alloc(common, common->rx_bufsize, GFP_ATOMIC);
+@@ -1308,8 +1414,6 @@ int ath_rx_tasklet(struct ath_softc *sc,
+ sc->rx.frag = skb;
+ goto requeue;
+ }
+- if (rs.rs_status & ATH9K_RXERR_CORRUPT_DESC)
+- goto requeue_drop_frag;
+
+ if (sc->rx.frag) {
+ int space = skb->len - skb_tailroom(hdr_skb);
+@@ -1328,22 +1432,6 @@ int ath_rx_tasklet(struct ath_softc *sc,
+ skb = hdr_skb;
+ }
+
+-
+- if (ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
+-
+- /*
+- * change the default rx antenna if rx diversity
+- * chooses the other antenna 3 times in a row.
+- */
+- if (sc->rx.defant != rs.rs_antenna) {
+- if (++sc->rx.rxotherant >= 3)
+- ath_setdefantenna(sc, rs.rs_antenna);
+- } else {
+- sc->rx.rxotherant = 0;
+- }
+-
+- }
+-
+ if (rxs->flag & RX_FLAG_MMIC_STRIPPED)
+ skb_trim(skb, skb->len - 8);
+
+@@ -1355,8 +1443,7 @@ int ath_rx_tasklet(struct ath_softc *sc,
+ ath_rx_ps(sc, skb, rs.is_mybeacon);
+ spin_unlock_irqrestore(&sc->sc_pm_lock, flags);
+
+- if ((ah->caps.hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) && sc->ant_rx == 3)
+- ath_ant_comb_scan(sc, &rs);
++ ath9k_antenna_check(sc, &rs);
+
+ ath9k_apply_ampdu_details(sc, &rs, rxs);
+
+@@ -1375,7 +1462,7 @@ requeue:
+ if (edma) {
+ ath_rx_edma_buf_link(sc, qtype);
+ } else {
+- ath_rx_buf_link(sc, bf);
++ ath_rx_buf_relink(sc, bf);
+ ath9k_hw_rxena(ah);
+ }
+ } while (1);
+--- a/drivers/net/wireless/ath/ath9k/init.c
++++ b/drivers/net/wireless/ath/ath9k/init.c
+@@ -53,9 +53,9 @@ static int ath9k_btcoex_enable;
+ module_param_named(btcoex_enable, ath9k_btcoex_enable, int, 0444);
+ MODULE_PARM_DESC(btcoex_enable, "Enable wifi-BT coexistence");
+
+-static int ath9k_enable_diversity;
+-module_param_named(enable_diversity, ath9k_enable_diversity, int, 0444);
+-MODULE_PARM_DESC(enable_diversity, "Enable Antenna diversity for AR9565");
++static int ath9k_bt_ant_diversity;
++module_param_named(bt_ant_diversity, ath9k_bt_ant_diversity, int, 0444);
++MODULE_PARM_DESC(bt_ant_diversity, "Enable WLAN/BT RX antenna diversity");
+
+ bool is_ath9k_unloaded;
+ /* We use the hw_value as an index into our private channel structure */
+@@ -429,7 +429,6 @@ static int ath9k_init_queues(struct ath_
+ sc->beacon.beaconq = ath9k_hw_beaconq_setup(sc->sc_ah);
+ sc->beacon.cabq = ath_txq_setup(sc, ATH9K_TX_QUEUE_CAB, 0);
+
+- sc->config.cabqReadytime = ATH_CABQ_READY_TIME;
+ ath_cabq_update(sc);
+
+ sc->tx.uapsdq = ath_txq_setup(sc, ATH9K_TX_QUEUE_UAPSD, 0);
+@@ -516,6 +515,7 @@ static void ath9k_init_misc(struct ath_s
+ static void ath9k_init_platform(struct ath_softc *sc)
+ {
+ struct ath_hw *ah = sc->sc_ah;
++ struct ath9k_hw_capabilities *pCap = &ah->caps;
+ struct ath_common *common = ath9k_hw_common(ah);
+
+ if (common->bus_ops->ath_bus_type != ATH_PCI)
+@@ -525,12 +525,27 @@ static void ath9k_init_platform(struct a
+ ATH9K_PCI_CUS230)) {
+ ah->config.xlna_gpio = 9;
+ ah->config.xatten_margin_cfg = true;
++ ah->config.alt_mingainidx = true;
++ ah->config.ant_ctrl_comm2g_switch_enable = 0x000BBB88;
++ sc->ant_comb.low_rssi_thresh = 20;
++ sc->ant_comb.fast_div_bias = 3;
+
+ ath_info(common, "Set parameters for %s\n",
+ (sc->driver_data & ATH9K_PCI_CUS198) ?
+ "CUS198" : "CUS230");
+- } else if (sc->driver_data & ATH9K_PCI_CUS217) {
++ }
++
++ if (sc->driver_data & ATH9K_PCI_CUS217)
+ ath_info(common, "CUS217 card detected\n");
++
++ if (sc->driver_data & ATH9K_PCI_BT_ANT_DIV) {
++ pCap->hw_caps |= ATH9K_HW_CAP_BT_ANT_DIV;
++ ath_info(common, "Set BT/WLAN RX diversity capability\n");
++ }
++
++ if (sc->driver_data & ATH9K_PCI_D3_L1_WAR) {
++ ah->config.pcie_waen = 0x0040473b;
++ ath_info(common, "Enable WAR for ASPM D3/L1\n");
+ }
+ }
+
+@@ -584,6 +599,7 @@ static int ath9k_init_softc(u16 devid, s
+ {
+ struct ath9k_platform_data *pdata = sc->dev->platform_data;
+ struct ath_hw *ah = NULL;
++ struct ath9k_hw_capabilities *pCap;
+ struct ath_common *common;
+ int ret = 0, i;
+ int csz = 0;
+@@ -600,6 +616,7 @@ static int ath9k_init_softc(u16 devid, s
+ ah->reg_ops.rmw = ath9k_reg_rmw;
+ atomic_set(&ah->intr_ref_cnt, -1);
+ sc->sc_ah = ah;
++ pCap = &ah->caps;
+
+ sc->dfs_detector = dfs_pattern_detector_init(ah, NL80211_DFS_UNSET);
+
+@@ -631,11 +648,15 @@ static int ath9k_init_softc(u16 devid, s
+ ath9k_init_platform(sc);
+
+ /*
+- * Enable Antenna diversity only when BTCOEX is disabled
+- * and the user manually requests the feature.
++ * Enable WLAN/BT RX Antenna diversity only when:
++ *
++ * - BTCOEX is disabled.
++ * - the user manually requests the feature.
++ * - the HW cap is set using the platform data.
+ */
+- if (!common->btcoex_enabled && ath9k_enable_diversity)
+- common->antenna_diversity = 1;
++ if (!common->btcoex_enabled && ath9k_bt_ant_diversity &&
++ (pCap->hw_caps & ATH9K_HW_CAP_BT_ANT_DIV))
++ common->bt_ant_diversity = 1;
+
+ spin_lock_init(&common->cc_lock);
+
+@@ -710,13 +731,15 @@ static void ath9k_init_band_txpower(stru
+ struct ieee80211_supported_band *sband;
+ struct ieee80211_channel *chan;
+ struct ath_hw *ah = sc->sc_ah;
++ struct cfg80211_chan_def chandef;
+ int i;
+
+ sband = &sc->sbands[band];
+ for (i = 0; i < sband->n_channels; i++) {
+ chan = &sband->channels[i];
+ ah->curchan = &ah->channels[chan->hw_value];
+- ath9k_cmn_update_ichannel(ah->curchan, chan, NL80211_CHAN_HT20);
++ cfg80211_chandef_create(&chandef, chan, NL80211_CHAN_HT20);
++ ath9k_cmn_get_channel(sc->hw, ah, &chandef);
+ ath9k_hw_set_txpowerlimit(ah, MAX_RATE_POWER, true);
+ }
+ }
+@@ -802,7 +825,8 @@ void ath9k_set_hw_capab(struct ath_softc
+ IEEE80211_HW_PS_NULLFUNC_STACK |
+ IEEE80211_HW_SPECTRUM_MGMT |
+ IEEE80211_HW_REPORTS_TX_ACK_STATUS |
+- IEEE80211_HW_SUPPORTS_RC_TABLE;
++ IEEE80211_HW_SUPPORTS_RC_TABLE |
++ IEEE80211_HW_SUPPORTS_HT_CCK_RATES;
+
+ if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT) {
+ hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
+--- a/drivers/net/wireless/ath/carl9170/main.c
++++ b/drivers/net/wireless/ath/carl9170/main.c
+@@ -1878,7 +1878,8 @@ void *carl9170_alloc(size_t priv_size)
+ IEEE80211_HW_PS_NULLFUNC_STACK |
+ IEEE80211_HW_NEED_DTIM_BEFORE_ASSOC |
+ IEEE80211_HW_SUPPORTS_RC_TABLE |
+- IEEE80211_HW_SIGNAL_DBM;
++ IEEE80211_HW_SIGNAL_DBM |
++ IEEE80211_HW_SUPPORTS_HT_CCK_RATES;
+
+ if (!modparam_noht) {
+ /*
+--- a/drivers/net/wireless/rt2x00/rt2800lib.c
++++ b/drivers/net/wireless/rt2x00/rt2800lib.c
+@@ -6133,7 +6133,8 @@ static int rt2800_probe_hw_mode(struct r
+ IEEE80211_HW_SUPPORTS_PS |
+ IEEE80211_HW_PS_NULLFUNC_STACK |
+ IEEE80211_HW_AMPDU_AGGREGATION |
+- IEEE80211_HW_REPORTS_TX_ACK_STATUS;
++ IEEE80211_HW_REPORTS_TX_ACK_STATUS |
++ IEEE80211_HW_SUPPORTS_HT_CCK_RATES;
+
+ /*
+ * Don't set IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING for USB devices
+--- a/include/net/mac80211.h
++++ b/include/net/mac80211.h
+@@ -152,11 +152,14 @@ struct ieee80211_low_level_stats {
+ * @IEEE80211_CHANCTX_CHANGE_WIDTH: The channel width changed
+ * @IEEE80211_CHANCTX_CHANGE_RX_CHAINS: The number of RX chains changed
+ * @IEEE80211_CHANCTX_CHANGE_RADAR: radar detection flag changed
++ * @IEEE80211_CHANCTX_CHANGE_CHANNEL: switched to another operating channel,
++ * this is used only with channel switching with CSA
+ */
+ enum ieee80211_chanctx_change {
+ IEEE80211_CHANCTX_CHANGE_WIDTH = BIT(0),
+ IEEE80211_CHANCTX_CHANGE_RX_CHAINS = BIT(1),
+ IEEE80211_CHANCTX_CHANGE_RADAR = BIT(2),
++ IEEE80211_CHANCTX_CHANGE_CHANNEL = BIT(3),
+ };
+
+ /**
+@@ -1080,6 +1083,7 @@ enum ieee80211_vif_flags {
+ * @addr: address of this interface
+ * @p2p: indicates whether this AP or STA interface is a p2p
+ * interface, i.e. a GO or p2p-sta respectively
++ * @csa_active: marks whether a channel switch is going on
+ * @driver_flags: flags/capabilities the driver has for this interface,
+ * these need to be set (or cleared) when the interface is added
+ * or, if supported by the driver, the interface type is changed
+@@ -1102,6 +1106,7 @@ struct ieee80211_vif {
+ struct ieee80211_bss_conf bss_conf;
+ u8 addr[ETH_ALEN];
+ bool p2p;
++ bool csa_active;
+
+ u8 cab_queue;
+ u8 hw_queue[IEEE80211_NUM_ACS];
+@@ -1499,6 +1504,7 @@ enum ieee80211_hw_flags {
+ IEEE80211_HW_SUPPORTS_RC_TABLE = 1<<24,
+ IEEE80211_HW_P2P_DEV_ADDR_FOR_INTF = 1<<25,
+ IEEE80211_HW_TIMING_BEACON_ONLY = 1<<26,
++ IEEE80211_HW_SUPPORTS_HT_CCK_RATES = 1<<27,
+ };
+
+ /**
+@@ -2633,6 +2639,16 @@ enum ieee80211_roc_type {
+ * @ipv6_addr_change: IPv6 address assignment on the given interface changed.
+ * Currently, this is only called for managed or P2P client interfaces.
+ * This callback is optional; it must not sleep.
++ *
++ * @channel_switch_beacon: Starts a channel switch to a new channel.
++ * Beacons are modified to include CSA or ECSA IEs before calling this
++ * function. The corresponding count fields in these IEs must be
++ * decremented, and when they reach zero the driver must call
++ * ieee80211_csa_finish(). Drivers which use ieee80211_beacon_get()
++ * get the csa counter decremented by mac80211, but must check if it is
++ * zero using ieee80211_csa_is_complete() after the beacon has been
++ * transmitted and then call ieee80211_csa_finish().
++ *
+ */
+ struct ieee80211_ops {
+ void (*tx)(struct ieee80211_hw *hw,
+@@ -2830,6 +2846,9 @@ struct ieee80211_ops {
+ struct ieee80211_vif *vif,
+ struct inet6_dev *idev);
+ #endif
++ void (*channel_switch_beacon)(struct ieee80211_hw *hw,
++ struct ieee80211_vif *vif,
++ struct cfg80211_chan_def *chandef);
+ };
+
+ /**
+@@ -3325,6 +3344,25 @@ static inline struct sk_buff *ieee80211_
+ }
+
+ /**
++ * ieee80211_csa_finish - notify mac80211 about channel switch
++ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
++ *
++ * After a channel switch announcement was scheduled and the counter in this
++ * announcement hit zero, this function must be called by the driver to
++ * notify mac80211 that the channel can be changed.
++ */
++void ieee80211_csa_finish(struct ieee80211_vif *vif);
++
++/**
++ * ieee80211_csa_is_complete - find out if counters reached zero
++ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
++ *
++ * This function returns whether the channel switch counters reached zero.
++ */
++bool ieee80211_csa_is_complete(struct ieee80211_vif *vif);
++
++
++/**
+ * ieee80211_proberesp_get - retrieve a Probe Response template
+ * @hw: pointer obtained from ieee80211_alloc_hw().
+ * @vif: &struct ieee80211_vif pointer from the add_interface callback.
+--- a/net/mac80211/cfg.c
++++ b/net/mac80211/cfg.c
+@@ -854,8 +854,8 @@ static int ieee80211_set_probe_resp(stru
+ return 0;
+ }
+
+-static int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
+- struct cfg80211_beacon_data *params)
++int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
++ struct cfg80211_beacon_data *params)
+ {
+ struct beacon_data *new, *old;
+ int new_head_len, new_tail_len;
+@@ -1018,6 +1018,12 @@ static int ieee80211_change_beacon(struc
+
+ sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+
++ /* don't allow changing the beacon while CSA is in place - offset
++ * of channel switch counter may change
++ */
++ if (sdata->vif.csa_active)
++ return -EBUSY;
++
+ old = rtnl_dereference(sdata->u.ap.beacon);
+ if (!old)
+ return -ENOENT;
+@@ -1042,6 +1048,10 @@ static int ieee80211_stop_ap(struct wiph
+ return -ENOENT;
+ old_probe_resp = rtnl_dereference(sdata->u.ap.probe_resp);
+
++ /* abort any running channel switch */
++ sdata->vif.csa_active = false;
++ cancel_work_sync(&sdata->csa_finalize_work);
++
+ /* turn off carrier for this interface and dependent VLANs */
+ list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
+ netif_carrier_off(vlan->dev);
+@@ -2784,6 +2794,178 @@ static int ieee80211_start_radar_detecti
+ return 0;
+ }
+
++static struct cfg80211_beacon_data *
++cfg80211_beacon_dup(struct cfg80211_beacon_data *beacon)
++{
++ struct cfg80211_beacon_data *new_beacon;
++ u8 *pos;
++ int len;
++
++ len = beacon->head_len + beacon->tail_len + beacon->beacon_ies_len +
++ beacon->proberesp_ies_len + beacon->assocresp_ies_len +
++ beacon->probe_resp_len;
++
++ new_beacon = kzalloc(sizeof(*new_beacon) + len, GFP_KERNEL);
++ if (!new_beacon)
++ return NULL;
++
++ pos = (u8 *)(new_beacon + 1);
++ if (beacon->head_len) {
++ new_beacon->head_len = beacon->head_len;
++ new_beacon->head = pos;
++ memcpy(pos, beacon->head, beacon->head_len);
++ pos += beacon->head_len;
++ }
++ if (beacon->tail_len) {
++ new_beacon->tail_len = beacon->tail_len;
++ new_beacon->tail = pos;
++ memcpy(pos, beacon->tail, beacon->tail_len);
++ pos += beacon->tail_len;
++ }
++ if (beacon->beacon_ies_len) {
++ new_beacon->beacon_ies_len = beacon->beacon_ies_len;
++ new_beacon->beacon_ies = pos;
++ memcpy(pos, beacon->beacon_ies, beacon->beacon_ies_len);
++ pos += beacon->beacon_ies_len;
++ }
++ if (beacon->proberesp_ies_len) {
++ new_beacon->proberesp_ies_len = beacon->proberesp_ies_len;
++ new_beacon->proberesp_ies = pos;
++ memcpy(pos, beacon->proberesp_ies, beacon->proberesp_ies_len);
++ pos += beacon->proberesp_ies_len;
++ }
++ if (beacon->assocresp_ies_len) {
++ new_beacon->assocresp_ies_len = beacon->assocresp_ies_len;
++ new_beacon->assocresp_ies = pos;
++ memcpy(pos, beacon->assocresp_ies, beacon->assocresp_ies_len);
++ pos += beacon->assocresp_ies_len;
++ }
++ if (beacon->probe_resp_len) {
++ new_beacon->probe_resp_len = beacon->probe_resp_len;
++ beacon->probe_resp = pos;
++ memcpy(pos, beacon->probe_resp, beacon->probe_resp_len);
++ pos += beacon->probe_resp_len;
++ }
++
++ return new_beacon;
++}
++
++void ieee80211_csa_finalize_work(struct work_struct *work)
++{
++ struct ieee80211_sub_if_data *sdata =
++ container_of(work, struct ieee80211_sub_if_data,
++ csa_finalize_work);
++ struct ieee80211_local *local = sdata->local;
++ int err, changed;
++
++ if (!ieee80211_sdata_running(sdata))
++ return;
++
++ if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP))
++ return;
++
++ sdata->radar_required = sdata->csa_radar_required;
++ err = ieee80211_vif_change_channel(sdata, &local->csa_chandef,
++ &changed);
++ if (WARN_ON(err < 0))
++ return;
++
++ err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon);
++ if (err < 0)
++ return;
++
++ changed |= err;
++ kfree(sdata->u.ap.next_beacon);
++ sdata->u.ap.next_beacon = NULL;
++ sdata->vif.csa_active = false;
++
++ ieee80211_wake_queues_by_reason(&sdata->local->hw,
++ IEEE80211_MAX_QUEUE_MAP,
++ IEEE80211_QUEUE_STOP_REASON_CSA);
++
++ ieee80211_bss_info_change_notify(sdata, changed);
++
++ cfg80211_ch_switch_notify(sdata->dev, &local->csa_chandef);
++}
++
++static int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
++ struct cfg80211_csa_settings *params)
++{
++ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
++ struct ieee80211_local *local = sdata->local;
++ struct ieee80211_chanctx_conf *chanctx_conf;
++ struct ieee80211_chanctx *chanctx;
++ int err, num_chanctx;
++
++ if (!list_empty(&local->roc_list) || local->scanning)
++ return -EBUSY;
++
++ if (sdata->wdev.cac_started)
++ return -EBUSY;
++
++ if (cfg80211_chandef_identical(¶ms->chandef,
++ &sdata->vif.bss_conf.chandef))
++ return -EINVAL;
++
++ rcu_read_lock();
++ chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
++ if (!chanctx_conf) {
++ rcu_read_unlock();
++ return -EBUSY;
++ }
++
++ /* don't handle for multi-VIF cases */
++ chanctx = container_of(chanctx_conf, struct ieee80211_chanctx, conf);
++ if (chanctx->refcount > 1) {
++ rcu_read_unlock();
++ return -EBUSY;
++ }
++ num_chanctx = 0;
++ list_for_each_entry_rcu(chanctx, &local->chanctx_list, list)
++ num_chanctx++;
++ rcu_read_unlock();
++
++ if (num_chanctx > 1)
++ return -EBUSY;
++
++ /* don't allow another channel switch if one is already active. */
++ if (sdata->vif.csa_active)
++ return -EBUSY;
++
++ /* only handle AP for now. */
++ switch (sdata->vif.type) {
++ case NL80211_IFTYPE_AP:
++ break;
++ default:
++ return -EOPNOTSUPP;
++ }
++
++ sdata->u.ap.next_beacon = cfg80211_beacon_dup(¶ms->beacon_after);
++ if (!sdata->u.ap.next_beacon)
++ return -ENOMEM;
++
++ sdata->csa_counter_offset_beacon = params->counter_offset_beacon;
++ sdata->csa_counter_offset_presp = params->counter_offset_presp;
++ sdata->csa_radar_required = params->radar_required;
++
++ if (params->block_tx)
++ ieee80211_stop_queues_by_reason(&local->hw,
++ IEEE80211_MAX_QUEUE_MAP,
++ IEEE80211_QUEUE_STOP_REASON_CSA);
++
++ err = ieee80211_assign_beacon(sdata, ¶ms->beacon_csa);
++ if (err < 0)
++ return err;
++
++ local->csa_chandef = params->chandef;
++ sdata->vif.csa_active = true;
++
++ ieee80211_bss_info_change_notify(sdata, err);
++ drv_channel_switch_beacon(sdata, ¶ms->chandef);
++
++ return 0;
++}
++
+ static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
+ struct ieee80211_channel *chan, bool offchan,
+ unsigned int wait, const u8 *buf, size_t len,
+@@ -3332,7 +3514,7 @@ static int ieee80211_probe_client(struct
+ return -EINVAL;
+ }
+ band = chanctx_conf->def.chan->band;
+- sta = sta_info_get(sdata, peer);
++ sta = sta_info_get_bss(sdata, peer);
+ if (sta) {
+ qos = test_sta_flag(sta, WLAN_STA_WME);
+ } else {
+@@ -3501,4 +3683,5 @@ struct cfg80211_ops mac80211_config_ops
+ .get_et_strings = ieee80211_get_et_strings,
+ .get_channel = ieee80211_cfg_get_channel,
+ .start_radar_detection = ieee80211_start_radar_detection,
++ .channel_switch = ieee80211_channel_switch,
+ };
+--- a/net/mac80211/chan.c
++++ b/net/mac80211/chan.c
+@@ -410,6 +410,64 @@ int ieee80211_vif_use_channel(struct iee
+ return ret;
+ }
+
++int ieee80211_vif_change_channel(struct ieee80211_sub_if_data *sdata,
++ const struct cfg80211_chan_def *chandef,
++ u32 *changed)
++{
++ struct ieee80211_local *local = sdata->local;
++ struct ieee80211_chanctx_conf *conf;
++ struct ieee80211_chanctx *ctx;
++ int ret;
++ u32 chanctx_changed = 0;
++
++ /* should never be called if not performing a channel switch. */
++ if (WARN_ON(!sdata->vif.csa_active))
++ return -EINVAL;
++
++ if (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
++ IEEE80211_CHAN_DISABLED))
++ return -EINVAL;
++
++ mutex_lock(&local->chanctx_mtx);
++ conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
++ lockdep_is_held(&local->chanctx_mtx));
++ if (!conf) {
++ ret = -EINVAL;
++ goto out;
++ }
++
++ ctx = container_of(conf, struct ieee80211_chanctx, conf);
++ if (ctx->refcount != 1) {
++ ret = -EINVAL;
++ goto out;
++ }
++
++ if (sdata->vif.bss_conf.chandef.width != chandef->width) {
++ chanctx_changed = IEEE80211_CHANCTX_CHANGE_WIDTH;
++ *changed |= BSS_CHANGED_BANDWIDTH;
++ }
++
++ sdata->vif.bss_conf.chandef = *chandef;
++ ctx->conf.def = *chandef;
++
++ chanctx_changed |= IEEE80211_CHANCTX_CHANGE_CHANNEL;
++ drv_change_chanctx(local, ctx, chanctx_changed);
++
++ if (!local->use_chanctx) {
++ local->_oper_chandef = *chandef;
++ ieee80211_hw_config(local, 0);
++ }
++
++ ieee80211_recalc_chanctx_chantype(local, ctx);
++ ieee80211_recalc_smps_chanctx(local, ctx);
++ ieee80211_recalc_radar_chanctx(local, ctx);
++
++ ret = 0;
++ out:
++ mutex_unlock(&local->chanctx_mtx);
++ return ret;
++}
++
+ int ieee80211_vif_change_bandwidth(struct ieee80211_sub_if_data *sdata,
+ const struct cfg80211_chan_def *chandef,
+ u32 *changed)
+--- a/net/mac80211/driver-ops.h
++++ b/net/mac80211/driver-ops.h
+@@ -1104,4 +1104,17 @@ static inline void drv_ipv6_addr_change(
+ }
+ #endif
+
++static inline void
++drv_channel_switch_beacon(struct ieee80211_sub_if_data *sdata,
++ struct cfg80211_chan_def *chandef)
++{
++ struct ieee80211_local *local = sdata->local;
++
++ if (local->ops->channel_switch_beacon) {
++ trace_drv_channel_switch_beacon(local, sdata, chandef);
++ local->ops->channel_switch_beacon(&local->hw, &sdata->vif,
++ chandef);
++ }
++}
++
+ #endif /* __MAC80211_DRIVER_OPS */
+--- a/net/mac80211/ieee80211_i.h
++++ b/net/mac80211/ieee80211_i.h
+@@ -53,9 +53,6 @@ struct ieee80211_local;
+ * increased memory use (about 2 kB of RAM per entry). */
+ #define IEEE80211_FRAGMENT_MAX 4
+
+-#define TU_TO_JIFFIES(x) (usecs_to_jiffies((x) * 1024))
+-#define TU_TO_EXP_TIME(x) (jiffies + TU_TO_JIFFIES(x))
+-
+ /* power level hasn't been configured (or set to automatic) */
+ #define IEEE80211_UNSET_POWER_LEVEL INT_MIN
+
+@@ -259,6 +256,8 @@ struct ieee80211_if_ap {
+ struct beacon_data __rcu *beacon;
+ struct probe_resp __rcu *probe_resp;
+
++ /* to be used after channel switch. */
++ struct cfg80211_beacon_data *next_beacon;
+ struct list_head vlans;
+
+ struct ps_data ps;
+@@ -713,6 +712,11 @@ struct ieee80211_sub_if_data {
+
+ struct ieee80211_tx_queue_params tx_conf[IEEE80211_NUM_ACS];
+
++ struct work_struct csa_finalize_work;
++ int csa_counter_offset_beacon;
++ int csa_counter_offset_presp;
++ bool csa_radar_required;
++
+ /* used to reconfigure hardware SM PS */
+ struct work_struct recalc_smps;
+
+@@ -1346,6 +1350,9 @@ void ieee80211_roc_notify_destroy(struct
+ void ieee80211_sw_roc_work(struct work_struct *work);
+ void ieee80211_handle_roc_started(struct ieee80211_roc_work *roc);
+
++/* channel switch handling */
++void ieee80211_csa_finalize_work(struct work_struct *work);
++
+ /* interface handling */
+ int ieee80211_iface_init(void);
+ void ieee80211_iface_exit(void);
+@@ -1367,6 +1374,8 @@ void ieee80211_del_virtual_monitor(struc
+
+ bool __ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata);
+ void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata);
++int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
++ struct cfg80211_beacon_data *params);
+
+ static inline bool ieee80211_sdata_running(struct ieee80211_sub_if_data *sdata)
+ {
+@@ -1627,6 +1636,11 @@ int __must_check
+ ieee80211_vif_change_bandwidth(struct ieee80211_sub_if_data *sdata,
+ const struct cfg80211_chan_def *chandef,
+ u32 *changed);
++/* NOTE: only use ieee80211_vif_change_channel() for channel switch */
++int __must_check
++ieee80211_vif_change_channel(struct ieee80211_sub_if_data *sdata,
++ const struct cfg80211_chan_def *chandef,
++ u32 *changed);
+ void ieee80211_vif_release_channel(struct ieee80211_sub_if_data *sdata);
+ void ieee80211_vif_vlan_copy_chanctx(struct ieee80211_sub_if_data *sdata);
+ void ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
+--- a/net/mac80211/trace.h
++++ b/net/mac80211/trace.h
+@@ -1906,6 +1906,32 @@ TRACE_EVENT(api_radar_detected,
+ )
+ );
+
++TRACE_EVENT(drv_channel_switch_beacon,
++ TP_PROTO(struct ieee80211_local *local,
++ struct ieee80211_sub_if_data *sdata,
++ struct cfg80211_chan_def *chandef),
++
++ TP_ARGS(local, sdata, chandef),
++
++ TP_STRUCT__entry(
++ LOCAL_ENTRY
++ VIF_ENTRY
++ CHANDEF_ENTRY
++ ),
++
++ TP_fast_assign(
++ LOCAL_ASSIGN;
++ VIF_ASSIGN;
++ CHANDEF_ASSIGN(chandef);
++ ),
++
++ TP_printk(
++ LOCAL_PR_FMT VIF_PR_FMT " channel switch to " CHANDEF_PR_FMT,
++ LOCAL_PR_ARG, VIF_PR_ARG, CHANDEF_PR_ARG
++ )
++);
++
++
+ #ifdef CPTCFG_MAC80211_MESSAGE_TRACING
+ #undef TRACE_SYSTEM
+ #define TRACE_SYSTEM mac80211_msg
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -1101,7 +1101,8 @@ ieee80211_tx_prepare(struct ieee80211_su
+ tx->sta = rcu_dereference(sdata->u.vlan.sta);
+ if (!tx->sta && sdata->dev->ieee80211_ptr->use_4addr)
+ return TX_DROP;
+- } else if (info->flags & IEEE80211_TX_CTL_INJECTED ||
++ } else if (info->flags & (IEEE80211_TX_CTL_INJECTED |
++ IEEE80211_TX_INTFL_NL80211_FRAME_TX) ||
+ tx->sdata->control_port_protocol == tx->skb->protocol) {
+ tx->sta = sta_info_get_bss(sdata, hdr->addr1);
+ }
+@@ -2326,6 +2327,81 @@ static int ieee80211_beacon_add_tim(stru
+ return 0;
+ }
+
++void ieee80211_csa_finish(struct ieee80211_vif *vif)
++{
++ struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
++
++ ieee80211_queue_work(&sdata->local->hw,
++ &sdata->csa_finalize_work);
++}
++EXPORT_SYMBOL(ieee80211_csa_finish);
++
++static void ieee80211_update_csa(struct ieee80211_sub_if_data *sdata,
++ struct beacon_data *beacon)
++{
++ struct probe_resp *resp;
++ int counter_offset_beacon = sdata->csa_counter_offset_beacon;
++ int counter_offset_presp = sdata->csa_counter_offset_presp;
++
++ /* warn if the driver did not check for/react to csa completeness */
++ if (WARN_ON(((u8 *)beacon->tail)[counter_offset_beacon] == 0))
++ return;
++
++ ((u8 *)beacon->tail)[counter_offset_beacon]--;
++
++ if (sdata->vif.type == NL80211_IFTYPE_AP &&
++ counter_offset_presp) {
++ rcu_read_lock();
++ resp = rcu_dereference(sdata->u.ap.probe_resp);
++
++ /* if nl80211 accepted the offset, this should not happen. */
++ if (WARN_ON(!resp)) {
++ rcu_read_unlock();
++ return;
++ }
++ resp->data[counter_offset_presp]--;
++ rcu_read_unlock();
++ }
++}
++
++bool ieee80211_csa_is_complete(struct ieee80211_vif *vif)
++{
++ struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
++ struct beacon_data *beacon = NULL;
++ u8 *beacon_data;
++ size_t beacon_data_len;
++ int counter_beacon = sdata->csa_counter_offset_beacon;
++ int ret = false;
++
++ if (!ieee80211_sdata_running(sdata))
++ return false;
++
++ rcu_read_lock();
++ if (vif->type == NL80211_IFTYPE_AP) {
++ struct ieee80211_if_ap *ap = &sdata->u.ap;
++
++ beacon = rcu_dereference(ap->beacon);
++ if (WARN_ON(!beacon || !beacon->tail))
++ goto out;
++ beacon_data = beacon->tail;
++ beacon_data_len = beacon->tail_len;
++ } else {
++ WARN_ON(1);
++ goto out;
++ }
++
++ if (WARN_ON(counter_beacon > beacon_data_len))
++ goto out;
++
++ if (beacon_data[counter_beacon] == 0)
++ ret = true;
++ out:
++ rcu_read_unlock();
++
++ return ret;
++}
++EXPORT_SYMBOL(ieee80211_csa_is_complete);
++
+ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
+ struct ieee80211_vif *vif,
+ u16 *tim_offset, u16 *tim_length)
+@@ -2356,6 +2432,9 @@ struct sk_buff *ieee80211_beacon_get_tim
+ struct beacon_data *beacon = rcu_dereference(ap->beacon);
+
+ if (beacon) {
++ if (sdata->vif.csa_active)
++ ieee80211_update_csa(sdata, beacon);
++
+ /*
+ * headroom, head length,
+ * tail length and maximum TIM length
+--- a/net/wireless/rdev-ops.h
++++ b/net/wireless/rdev-ops.h
+@@ -923,4 +923,16 @@ static inline void rdev_crit_proto_stop(
+ trace_rdev_return_void(&rdev->wiphy);
+ }
+
++static inline int rdev_channel_switch(struct cfg80211_registered_device *rdev,
++ struct net_device *dev,
++ struct cfg80211_csa_settings *params)
++{
++ int ret;
++
++ trace_rdev_channel_switch(&rdev->wiphy, dev, params);
++ ret = rdev->ops->channel_switch(&rdev->wiphy, dev, params);
++ trace_rdev_return_int(&rdev->wiphy, ret);
++ return ret;
++}
++
+ #endif /* __CFG80211_RDEV_OPS */
+--- a/net/wireless/trace.h
++++ b/net/wireless/trace.h
+@@ -1841,6 +1841,39 @@ TRACE_EVENT(rdev_crit_proto_stop,
+ WIPHY_PR_ARG, WDEV_PR_ARG)
+ );
+
++TRACE_EVENT(rdev_channel_switch,
++ TP_PROTO(struct wiphy *wiphy, struct net_device *netdev,
++ struct cfg80211_csa_settings *params),
++ TP_ARGS(wiphy, netdev, params),
++ TP_STRUCT__entry(
++ WIPHY_ENTRY
++ NETDEV_ENTRY
++ CHAN_DEF_ENTRY
++ __field(u16, counter_offset_beacon)
++ __field(u16, counter_offset_presp)
++ __field(bool, radar_required)
++ __field(bool, block_tx)
++ __field(u8, count)
++ ),
++ TP_fast_assign(
++ WIPHY_ASSIGN;
++ NETDEV_ASSIGN;
++ CHAN_DEF_ASSIGN(¶ms->chandef);
++ __entry->counter_offset_beacon = params->counter_offset_beacon;
++ __entry->counter_offset_presp = params->counter_offset_presp;
++ __entry->radar_required = params->radar_required;
++ __entry->block_tx = params->block_tx;
++ __entry->count = params->count;
++ ),
++ TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", " CHAN_DEF_PR_FMT
++ ", block_tx: %d, count: %u, radar_required: %d"
++ ", counter offsets (beacon/presp): %u/%u",
++ WIPHY_PR_ARG, NETDEV_PR_ARG, CHAN_DEF_PR_ARG,
++ __entry->block_tx, __entry->count, __entry->radar_required,
++ __entry->counter_offset_beacon,
++ __entry->counter_offset_presp)
++);
++
+ /*************************************************************
+ * cfg80211 exported functions traces *
+ *************************************************************/
+--- a/drivers/net/wireless/ath/ath.h
++++ b/drivers/net/wireless/ath/ath.h
+@@ -159,7 +159,7 @@ struct ath_common {
+
+ bool btcoex_enabled;
+ bool disable_ani;
+- bool antenna_diversity;
++ bool bt_ant_diversity;
+ };
+
+ struct sk_buff *ath_rxbuf_alloc(struct ath_common *common,
+--- a/drivers/net/wireless/ath/ath9k/antenna.c
++++ b/drivers/net/wireless/ath/ath9k/antenna.c
+@@ -16,37 +16,119 @@
+
+ #include "ath9k.h"
+
+-static inline bool ath_is_alt_ant_ratio_better(int alt_ratio, int maxdelta,
++/*
++ * AR9285
++ * ======
++ *
++ * EEPROM has 2 4-bit fields containing the card configuration.
++ *
++ * antdiv_ctl1:
++ * ------------
++ * bb_enable_ant_div_lnadiv : 1
++ * bb_ant_div_alt_gaintb : 1
++ * bb_ant_div_main_gaintb : 1
++ * bb_enable_ant_fast_div : 1
++ *
++ * antdiv_ctl2:
++ * -----------
++ * bb_ant_div_alt_lnaconf : 2
++ * bb_ant_div_main_lnaconf : 2
++ *
++ * The EEPROM bits are used as follows:
++ * ------------------------------------
++ *
++ * bb_enable_ant_div_lnadiv - Enable LNA path rx antenna diversity/combining.
++ * Set in AR_PHY_MULTICHAIN_GAIN_CTL.
++ *
++ * bb_ant_div_[alt/main]_gaintb - 0 -> Antenna config Alt/Main uses gaintable 0
++ * 1 -> Antenna config Alt/Main uses gaintable 1
++ * Set in AR_PHY_MULTICHAIN_GAIN_CTL.
++ *
++ * bb_enable_ant_fast_div - Enable fast antenna diversity.
++ * Set in AR_PHY_CCK_DETECT.
++ *
++ * bb_ant_div_[alt/main]_lnaconf - Alt/Main LNA diversity/combining input config.
++ * Set in AR_PHY_MULTICHAIN_GAIN_CTL.
++ * 10=LNA1
++ * 01=LNA2
++ * 11=LNA1+LNA2
++ * 00=LNA1-LNA2
++ *
++ * AR9485 / AR9565 / AR9331
++ * ========================
++ *
++ * The same bits are present in the EEPROM, but the location in the
++ * EEPROM is different (ant_div_control in ar9300_BaseExtension_1).
++ *
++ * ant_div_alt_lnaconf ==> bit 0~1
++ * ant_div_main_lnaconf ==> bit 2~3
++ * ant_div_alt_gaintb ==> bit 4
++ * ant_div_main_gaintb ==> bit 5
++ * enable_ant_div_lnadiv ==> bit 6
++ * enable_ant_fast_div ==> bit 7
++ */
++
++static inline bool ath_is_alt_ant_ratio_better(struct ath_ant_comb *antcomb,
++ int alt_ratio, int maxdelta,
+ int mindelta, int main_rssi_avg,
+ int alt_rssi_avg, int pkt_count)
+ {
+- return (((alt_ratio >= ATH_ANT_DIV_COMB_ALT_ANT_RATIO2) &&
+- (alt_rssi_avg > main_rssi_avg + maxdelta)) ||
+- (alt_rssi_avg > main_rssi_avg + mindelta)) && (pkt_count > 50);
++ if (pkt_count <= 50)
++ return false;
++
++ if (alt_rssi_avg > main_rssi_avg + mindelta)
++ return true;
++
++ if (alt_ratio >= antcomb->ant_ratio2 &&
++ alt_rssi_avg >= antcomb->low_rssi_thresh &&
++ (alt_rssi_avg > main_rssi_avg + maxdelta))
++ return true;
++
++ return false;
+ }
+
+-static inline bool ath_ant_div_comb_alt_check(u8 div_group, int alt_ratio,
+- int curr_main_set, int curr_alt_set,
+- int alt_rssi_avg, int main_rssi_avg)
++static inline bool ath_ant_div_comb_alt_check(struct ath_hw_antcomb_conf *conf,
++ struct ath_ant_comb *antcomb,
++ int alt_ratio, int alt_rssi_avg,
++ int main_rssi_avg)
+ {
+- bool result = false;
+- switch (div_group) {
++ bool result, set1, set2;
++
++ result = set1 = set2 = false;
++
++ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2 &&
++ conf->alt_lna_conf == ATH_ANT_DIV_COMB_LNA1)
++ set1 = true;
++
++ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA1 &&
++ conf->alt_lna_conf == ATH_ANT_DIV_COMB_LNA2)
++ set2 = true;
++
++ switch (conf->div_group) {
+ case 0:
+ if (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO)
+ result = true;
+ break;
+ case 1:
+ case 2:
+- if ((((curr_main_set == ATH_ANT_DIV_COMB_LNA2) &&
+- (curr_alt_set == ATH_ANT_DIV_COMB_LNA1) &&
+- (alt_rssi_avg >= (main_rssi_avg - 5))) ||
+- ((curr_main_set == ATH_ANT_DIV_COMB_LNA1) &&
+- (curr_alt_set == ATH_ANT_DIV_COMB_LNA2) &&
+- (alt_rssi_avg >= (main_rssi_avg - 2)))) &&
+- (alt_rssi_avg >= 4))
++ if (alt_rssi_avg < 4 || alt_rssi_avg < antcomb->low_rssi_thresh)
++ break;
++
++ if ((set1 && (alt_rssi_avg >= (main_rssi_avg - 5))) ||
++ (set2 && (alt_rssi_avg >= (main_rssi_avg - 2))) ||
++ (alt_ratio > antcomb->ant_ratio))
+ result = true;
+- else
+- result = false;
++
++ break;
++ case 3:
++ if (alt_rssi_avg < 4 || alt_rssi_avg < antcomb->low_rssi_thresh)
++ break;
++
++ if ((set1 && (alt_rssi_avg >= (main_rssi_avg - 3))) ||
++ (set2 && (alt_rssi_avg >= (main_rssi_avg + 3))) ||
++ (alt_ratio > antcomb->ant_ratio))
++ result = true;
++
+ break;
+ }
+
+@@ -108,6 +190,74 @@ static void ath_lnaconf_alt_good_scan(st
+ }
+ }
+
++static void ath_ant_set_alt_ratio(struct ath_ant_comb *antcomb,
++ struct ath_hw_antcomb_conf *conf)
++{
++ /* set alt to the conf with maximun ratio */
++ if (antcomb->first_ratio && antcomb->second_ratio) {
++ if (antcomb->rssi_second > antcomb->rssi_third) {
++ /* first alt*/
++ if ((antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
++ (antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2))
++ /* Set alt LNA1 or LNA2*/
++ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ else
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ else
++ /* Set alt to A+B or A-B */
++ conf->alt_lna_conf =
++ antcomb->first_quick_scan_conf;
++ } else if ((antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
++ (antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2)) {
++ /* Set alt LNA1 or LNA2 */
++ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ else
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ } else {
++ /* Set alt to A+B or A-B */
++ conf->alt_lna_conf = antcomb->second_quick_scan_conf;
++ }
++ } else if (antcomb->first_ratio) {
++ /* first alt */
++ if ((antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
++ (antcomb->first_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2))
++ /* Set alt LNA1 or LNA2 */
++ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ else
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ else
++ /* Set alt to A+B or A-B */
++ conf->alt_lna_conf = antcomb->first_quick_scan_conf;
++ } else if (antcomb->second_ratio) {
++ /* second alt */
++ if ((antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1) ||
++ (antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA2))
++ /* Set alt LNA1 or LNA2 */
++ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ else
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ else
++ /* Set alt to A+B or A-B */
++ conf->alt_lna_conf = antcomb->second_quick_scan_conf;
++ } else {
++ /* main is largest */
++ if ((antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) ||
++ (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2))
++ /* Set alt LNA1 or LNA2 */
++ if (conf->main_lna_conf == ATH_ANT_DIV_COMB_LNA2)
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ else
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ else
++ /* Set alt to A+B or A-B */
++ conf->alt_lna_conf = antcomb->main_conf;
++ }
++}
++
+ static void ath_select_ant_div_from_quick_scan(struct ath_ant_comb *antcomb,
+ struct ath_hw_antcomb_conf *div_ant_conf,
+ int main_rssi_avg, int alt_rssi_avg,
+@@ -129,7 +279,7 @@ static void ath_select_ant_div_from_quic
+
+ if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) {
+ /* main is LNA1 */
+- if (ath_is_alt_ant_ratio_better(alt_ratio,
++ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
+ main_rssi_avg, alt_rssi_avg,
+@@ -138,7 +288,7 @@ static void ath_select_ant_div_from_quic
+ else
+ antcomb->first_ratio = false;
+ } else if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2) {
+- if (ath_is_alt_ant_ratio_better(alt_ratio,
++ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_MID,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
+ main_rssi_avg, alt_rssi_avg,
+@@ -147,11 +297,11 @@ static void ath_select_ant_div_from_quic
+ else
+ antcomb->first_ratio = false;
+ } else {
+- if ((((alt_ratio >= ATH_ANT_DIV_COMB_ALT_ANT_RATIO2) &&
+- (alt_rssi_avg > main_rssi_avg +
+- ATH_ANT_DIV_COMB_LNA1_DELTA_HI)) ||
+- (alt_rssi_avg > main_rssi_avg)) &&
+- (antcomb->total_pkt_count > 50))
++ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
++ ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
++ 0,
++ main_rssi_avg, alt_rssi_avg,
++ antcomb->total_pkt_count))
+ antcomb->first_ratio = true;
+ else
+ antcomb->first_ratio = false;
+@@ -164,17 +314,21 @@ static void ath_select_ant_div_from_quic
+ antcomb->rssi_first = main_rssi_avg;
+ antcomb->rssi_third = alt_rssi_avg;
+
+- if (antcomb->second_quick_scan_conf == ATH_ANT_DIV_COMB_LNA1)
++ switch(antcomb->second_quick_scan_conf) {
++ case ATH_ANT_DIV_COMB_LNA1:
+ antcomb->rssi_lna1 = alt_rssi_avg;
+- else if (antcomb->second_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA2)
++ break;
++ case ATH_ANT_DIV_COMB_LNA2:
+ antcomb->rssi_lna2 = alt_rssi_avg;
+- else if (antcomb->second_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2) {
++ break;
++ case ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2:
+ if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2)
+ antcomb->rssi_lna2 = main_rssi_avg;
+ else if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1)
+ antcomb->rssi_lna1 = main_rssi_avg;
++ break;
++ default:
++ break;
+ }
+
+ if (antcomb->rssi_lna2 > antcomb->rssi_lna1 +
+@@ -184,7 +338,7 @@ static void ath_select_ant_div_from_quic
+ div_ant_conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
+
+ if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) {
+- if (ath_is_alt_ant_ratio_better(alt_ratio,
++ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
+ main_rssi_avg, alt_rssi_avg,
+@@ -193,7 +347,7 @@ static void ath_select_ant_div_from_quic
+ else
+ antcomb->second_ratio = false;
+ } else if (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2) {
+- if (ath_is_alt_ant_ratio_better(alt_ratio,
++ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_MID,
+ ATH_ANT_DIV_COMB_LNA1_DELTA_LOW,
+ main_rssi_avg, alt_rssi_avg,
+@@ -202,105 +356,18 @@ static void ath_select_ant_div_from_quic
+ else
+ antcomb->second_ratio = false;
+ } else {
+- if ((((alt_ratio >= ATH_ANT_DIV_COMB_ALT_ANT_RATIO2) &&
+- (alt_rssi_avg > main_rssi_avg +
+- ATH_ANT_DIV_COMB_LNA1_DELTA_HI)) ||
+- (alt_rssi_avg > main_rssi_avg)) &&
+- (antcomb->total_pkt_count > 50))
++ if (ath_is_alt_ant_ratio_better(antcomb, alt_ratio,
++ ATH_ANT_DIV_COMB_LNA1_DELTA_HI,
++ 0,
++ main_rssi_avg, alt_rssi_avg,
++ antcomb->total_pkt_count))
+ antcomb->second_ratio = true;
+ else
+ antcomb->second_ratio = false;
+ }
+
+- /* set alt to the conf with maximun ratio */
+- if (antcomb->first_ratio && antcomb->second_ratio) {
+- if (antcomb->rssi_second > antcomb->rssi_third) {
+- /* first alt*/
+- if ((antcomb->first_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA1) ||
+- (antcomb->first_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA2))
+- /* Set alt LNA1 or LNA2*/
+- if (div_ant_conf->main_lna_conf ==
+- ATH_ANT_DIV_COMB_LNA2)
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- else
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- else
+- /* Set alt to A+B or A-B */
+- div_ant_conf->alt_lna_conf =
+- antcomb->first_quick_scan_conf;
+- } else if ((antcomb->second_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA1) ||
+- (antcomb->second_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA2)) {
+- /* Set alt LNA1 or LNA2 */
+- if (div_ant_conf->main_lna_conf ==
+- ATH_ANT_DIV_COMB_LNA2)
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- else
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- } else {
+- /* Set alt to A+B or A-B */
+- div_ant_conf->alt_lna_conf =
+- antcomb->second_quick_scan_conf;
+- }
+- } else if (antcomb->first_ratio) {
+- /* first alt */
+- if ((antcomb->first_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA1) ||
+- (antcomb->first_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA2))
+- /* Set alt LNA1 or LNA2 */
+- if (div_ant_conf->main_lna_conf ==
+- ATH_ANT_DIV_COMB_LNA2)
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- else
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- else
+- /* Set alt to A+B or A-B */
+- div_ant_conf->alt_lna_conf =
+- antcomb->first_quick_scan_conf;
+- } else if (antcomb->second_ratio) {
+- /* second alt */
+- if ((antcomb->second_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA1) ||
+- (antcomb->second_quick_scan_conf ==
+- ATH_ANT_DIV_COMB_LNA2))
+- /* Set alt LNA1 or LNA2 */
+- if (div_ant_conf->main_lna_conf ==
+- ATH_ANT_DIV_COMB_LNA2)
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- else
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- else
+- /* Set alt to A+B or A-B */
+- div_ant_conf->alt_lna_conf =
+- antcomb->second_quick_scan_conf;
+- } else {
+- /* main is largest */
+- if ((antcomb->main_conf == ATH_ANT_DIV_COMB_LNA1) ||
+- (antcomb->main_conf == ATH_ANT_DIV_COMB_LNA2))
+- /* Set alt LNA1 or LNA2 */
+- if (div_ant_conf->main_lna_conf ==
+- ATH_ANT_DIV_COMB_LNA2)
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- else
+- div_ant_conf->alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- else
+- /* Set alt to A+B or A-B */
+- div_ant_conf->alt_lna_conf = antcomb->main_conf;
+- }
++ ath_ant_set_alt_ratio(antcomb, div_ant_conf);
++
+ break;
+ default:
+ break;
+@@ -430,8 +497,7 @@ static void ath_ant_div_conf_fast_divbia
+ ant_conf->fast_div_bias = 0x1;
+ break;
+ case 0x10: /* LNA2 A-B */
+- if (!(antcomb->scan) &&
+- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
++ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
+ ant_conf->fast_div_bias = 0x1;
+ else
+ ant_conf->fast_div_bias = 0x2;
+@@ -440,15 +506,13 @@ static void ath_ant_div_conf_fast_divbia
+ ant_conf->fast_div_bias = 0x1;
+ break;
+ case 0x13: /* LNA2 A+B */
+- if (!(antcomb->scan) &&
+- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
++ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
+ ant_conf->fast_div_bias = 0x1;
+ else
+ ant_conf->fast_div_bias = 0x2;
+ break;
+ case 0x20: /* LNA1 A-B */
+- if (!(antcomb->scan) &&
+- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
++ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
+ ant_conf->fast_div_bias = 0x1;
+ else
+ ant_conf->fast_div_bias = 0x2;
+@@ -457,8 +521,7 @@ static void ath_ant_div_conf_fast_divbia
+ ant_conf->fast_div_bias = 0x1;
+ break;
+ case 0x23: /* LNA1 A+B */
+- if (!(antcomb->scan) &&
+- (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO))
++ if (!antcomb->scan && (alt_ratio > antcomb->ant_ratio))
+ ant_conf->fast_div_bias = 0x1;
+ else
+ ant_conf->fast_div_bias = 0x2;
+@@ -475,6 +538,9 @@ static void ath_ant_div_conf_fast_divbia
+ default:
+ break;
+ }
++
++ if (antcomb->fast_div_bias)
++ ant_conf->fast_div_bias = antcomb->fast_div_bias;
+ } else if (ant_conf->div_group == 3) {
+ switch ((ant_conf->main_lna_conf << 4) |
+ ant_conf->alt_lna_conf) {
+@@ -540,6 +606,138 @@ static void ath_ant_div_conf_fast_divbia
+ }
+ }
+
++static void ath_ant_try_scan(struct ath_ant_comb *antcomb,
++ struct ath_hw_antcomb_conf *conf,
++ int curr_alt_set, int alt_rssi_avg,
++ int main_rssi_avg)
++{
++ switch (curr_alt_set) {
++ case ATH_ANT_DIV_COMB_LNA2:
++ antcomb->rssi_lna2 = alt_rssi_avg;
++ antcomb->rssi_lna1 = main_rssi_avg;
++ antcomb->scan = true;
++ /* set to A+B */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
++ break;
++ case ATH_ANT_DIV_COMB_LNA1:
++ antcomb->rssi_lna1 = alt_rssi_avg;
++ antcomb->rssi_lna2 = main_rssi_avg;
++ antcomb->scan = true;
++ /* set to A+B */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
++ break;
++ case ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2:
++ antcomb->rssi_add = alt_rssi_avg;
++ antcomb->scan = true;
++ /* set to A-B */
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
++ break;
++ case ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2:
++ antcomb->rssi_sub = alt_rssi_avg;
++ antcomb->scan = false;
++ if (antcomb->rssi_lna2 >
++ (antcomb->rssi_lna1 + ATH_ANT_DIV_COMB_LNA1_LNA2_SWITCH_DELTA)) {
++ /* use LNA2 as main LNA */
++ if ((antcomb->rssi_add > antcomb->rssi_lna1) &&
++ (antcomb->rssi_add > antcomb->rssi_sub)) {
++ /* set to A+B */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
++ } else if (antcomb->rssi_sub >
++ antcomb->rssi_lna1) {
++ /* set to A-B */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
++ } else {
++ /* set to LNA1 */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ }
++ } else {
++ /* use LNA1 as main LNA */
++ if ((antcomb->rssi_add > antcomb->rssi_lna2) &&
++ (antcomb->rssi_add > antcomb->rssi_sub)) {
++ /* set to A+B */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
++ } else if (antcomb->rssi_sub >
++ antcomb->rssi_lna1) {
++ /* set to A-B */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
++ } else {
++ /* set to LNA2 */
++ conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ }
++ }
++ break;
++ default:
++ break;
++ }
++}
++
++static bool ath_ant_try_switch(struct ath_hw_antcomb_conf *div_ant_conf,
++ struct ath_ant_comb *antcomb,
++ int alt_ratio, int alt_rssi_avg,
++ int main_rssi_avg, int curr_main_set,
++ int curr_alt_set)
++{
++ bool ret = false;
++
++ if (ath_ant_div_comb_alt_check(div_ant_conf, antcomb, alt_ratio,
++ alt_rssi_avg, main_rssi_avg)) {
++ if (curr_alt_set == ATH_ANT_DIV_COMB_LNA2) {
++ /*
++ * Switch main and alt LNA.
++ */
++ div_ant_conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ } else if (curr_alt_set == ATH_ANT_DIV_COMB_LNA1) {
++ div_ant_conf->main_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++ }
++
++ ret = true;
++ } else if ((curr_alt_set != ATH_ANT_DIV_COMB_LNA1) &&
++ (curr_alt_set != ATH_ANT_DIV_COMB_LNA2)) {
++ /*
++ Set alt to another LNA.
++ */
++ if (curr_main_set == ATH_ANT_DIV_COMB_LNA2)
++ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA1;
++ else if (curr_main_set == ATH_ANT_DIV_COMB_LNA1)
++ div_ant_conf->alt_lna_conf = ATH_ANT_DIV_COMB_LNA2;
++
++ ret = true;
++ }
++
++ return ret;
++}
++
++static bool ath_ant_short_scan_check(struct ath_ant_comb *antcomb)
++{
++ int alt_ratio;
++
++ if (!antcomb->scan || !antcomb->alt_good)
++ return false;
++
++ if (time_after(jiffies, antcomb->scan_start_time +
++ msecs_to_jiffies(ATH_ANT_DIV_COMB_SHORT_SCAN_INTR)))
++ return true;
++
++ if (antcomb->total_pkt_count == ATH_ANT_DIV_COMB_SHORT_SCAN_PKTCOUNT) {
++ alt_ratio = ((antcomb->alt_recv_cnt * 100) /
++ antcomb->total_pkt_count);
++ if (alt_ratio < antcomb->ant_ratio)
++ return true;
++ }
++
++ return false;
++}
++
+ void ath_ant_comb_scan(struct ath_softc *sc, struct ath_rx_status *rs)
+ {
+ struct ath_hw_antcomb_conf div_ant_conf;
+@@ -549,41 +747,46 @@ void ath_ant_comb_scan(struct ath_softc
+ int main_rssi = rs->rs_rssi_ctl0;
+ int alt_rssi = rs->rs_rssi_ctl1;
+ int rx_ant_conf, main_ant_conf;
+- bool short_scan = false;
++ bool short_scan = false, ret;
+
+ rx_ant_conf = (rs->rs_rssi_ctl2 >> ATH_ANT_RX_CURRENT_SHIFT) &
+ ATH_ANT_RX_MASK;
+ main_ant_conf = (rs->rs_rssi_ctl2 >> ATH_ANT_RX_MAIN_SHIFT) &
+ ATH_ANT_RX_MASK;
+
++ if (alt_rssi >= antcomb->low_rssi_thresh) {
++ antcomb->ant_ratio = ATH_ANT_DIV_COMB_ALT_ANT_RATIO;
++ antcomb->ant_ratio2 = ATH_ANT_DIV_COMB_ALT_ANT_RATIO2;
++ } else {
++ antcomb->ant_ratio = ATH_ANT_DIV_COMB_ALT_ANT_RATIO_LOW_RSSI;
++ antcomb->ant_ratio2 = ATH_ANT_DIV_COMB_ALT_ANT_RATIO2_LOW_RSSI;
++ }
++
+ /* Record packet only when both main_rssi and alt_rssi is positive */
+ if (main_rssi > 0 && alt_rssi > 0) {
+ antcomb->total_pkt_count++;
+ antcomb->main_total_rssi += main_rssi;
+ antcomb->alt_total_rssi += alt_rssi;
++
+ if (main_ant_conf == rx_ant_conf)
+ antcomb->main_recv_cnt++;
+ else
+ antcomb->alt_recv_cnt++;
+ }
+
+- /* Short scan check */
+- if (antcomb->scan && antcomb->alt_good) {
+- if (time_after(jiffies, antcomb->scan_start_time +
+- msecs_to_jiffies(ATH_ANT_DIV_COMB_SHORT_SCAN_INTR)))
+- short_scan = true;
+- else
+- if (antcomb->total_pkt_count ==
+- ATH_ANT_DIV_COMB_SHORT_SCAN_PKTCOUNT) {
+- alt_ratio = ((antcomb->alt_recv_cnt * 100) /
+- antcomb->total_pkt_count);
+- if (alt_ratio < ATH_ANT_DIV_COMB_ALT_ANT_RATIO)
+- short_scan = true;
+- }
++ if (main_ant_conf == rx_ant_conf) {
++ ANT_STAT_INC(ANT_MAIN, recv_cnt);
++ ANT_LNA_INC(ANT_MAIN, rx_ant_conf);
++ } else {
++ ANT_STAT_INC(ANT_ALT, recv_cnt);
++ ANT_LNA_INC(ANT_ALT, rx_ant_conf);
+ }
+
++ /* Short scan check */
++ short_scan = ath_ant_short_scan_check(antcomb);
++
+ if (((antcomb->total_pkt_count < ATH_ANT_DIV_COMB_MAX_PKTCOUNT) ||
+- rs->rs_moreaggr) && !short_scan)
++ rs->rs_moreaggr) && !short_scan)
+ return;
+
+ if (antcomb->total_pkt_count) {
+@@ -595,15 +798,13 @@ void ath_ant_comb_scan(struct ath_softc
+ antcomb->total_pkt_count);
+ }
+
+-
+ ath9k_hw_antdiv_comb_conf_get(sc->sc_ah, &div_ant_conf);
+ curr_alt_set = div_ant_conf.alt_lna_conf;
+ curr_main_set = div_ant_conf.main_lna_conf;
+-
+ antcomb->count++;
+
+ if (antcomb->count == ATH_ANT_DIV_COMB_MAX_COUNT) {
+- if (alt_ratio > ATH_ANT_DIV_COMB_ALT_ANT_RATIO) {
++ if (alt_ratio > antcomb->ant_ratio) {
+ ath_lnaconf_alt_good_scan(antcomb, div_ant_conf,
+ main_rssi_avg);
+ antcomb->alt_good = true;
+@@ -617,153 +818,47 @@ void ath_ant_comb_scan(struct ath_softc
+ }
+
+ if (!antcomb->scan) {
+- if (ath_ant_div_comb_alt_check(div_ant_conf.div_group,
+- alt_ratio, curr_main_set, curr_alt_set,
+- alt_rssi_avg, main_rssi_avg)) {
+- if (curr_alt_set == ATH_ANT_DIV_COMB_LNA2) {
+- /* Switch main and alt LNA */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- } else if (curr_alt_set == ATH_ANT_DIV_COMB_LNA1) {
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- }
+-
+- goto div_comb_done;
+- } else if ((curr_alt_set != ATH_ANT_DIV_COMB_LNA1) &&
+- (curr_alt_set != ATH_ANT_DIV_COMB_LNA2)) {
+- /* Set alt to another LNA */
+- if (curr_main_set == ATH_ANT_DIV_COMB_LNA2)
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- else if (curr_main_set == ATH_ANT_DIV_COMB_LNA1)
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+-
+- goto div_comb_done;
+- }
+-
+- if ((alt_rssi_avg < (main_rssi_avg +
+- div_ant_conf.lna1_lna2_delta)))
++ ret = ath_ant_try_switch(&div_ant_conf, antcomb, alt_ratio,
++ alt_rssi_avg, main_rssi_avg,
++ curr_main_set, curr_alt_set);
++ if (ret)
+ goto div_comb_done;
+ }
+
++ if (!antcomb->scan &&
++ (alt_rssi_avg < (main_rssi_avg + div_ant_conf.lna1_lna2_delta)))
++ goto div_comb_done;
++
+ if (!antcomb->scan_not_start) {
+- switch (curr_alt_set) {
+- case ATH_ANT_DIV_COMB_LNA2:
+- antcomb->rssi_lna2 = alt_rssi_avg;
+- antcomb->rssi_lna1 = main_rssi_avg;
+- antcomb->scan = true;
+- /* set to A+B */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
+- break;
+- case ATH_ANT_DIV_COMB_LNA1:
+- antcomb->rssi_lna1 = alt_rssi_avg;
+- antcomb->rssi_lna2 = main_rssi_avg;
+- antcomb->scan = true;
+- /* set to A+B */
+- div_ant_conf.main_lna_conf = ATH_ANT_DIV_COMB_LNA2;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
+- break;
+- case ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2:
+- antcomb->rssi_add = alt_rssi_avg;
+- antcomb->scan = true;
+- /* set to A-B */
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
+- break;
+- case ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2:
+- antcomb->rssi_sub = alt_rssi_avg;
+- antcomb->scan = false;
+- if (antcomb->rssi_lna2 >
+- (antcomb->rssi_lna1 +
+- ATH_ANT_DIV_COMB_LNA1_LNA2_SWITCH_DELTA)) {
+- /* use LNA2 as main LNA */
+- if ((antcomb->rssi_add > antcomb->rssi_lna1) &&
+- (antcomb->rssi_add > antcomb->rssi_sub)) {
+- /* set to A+B */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
+- } else if (antcomb->rssi_sub >
+- antcomb->rssi_lna1) {
+- /* set to A-B */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
+- } else {
+- /* set to LNA1 */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- }
+- } else {
+- /* use LNA1 as main LNA */
+- if ((antcomb->rssi_add > antcomb->rssi_lna2) &&
+- (antcomb->rssi_add > antcomb->rssi_sub)) {
+- /* set to A+B */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2;
+- } else if (antcomb->rssi_sub >
+- antcomb->rssi_lna1) {
+- /* set to A-B */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2;
+- } else {
+- /* set to LNA2 */
+- div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
+- div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
+- }
+- }
+- break;
+- default:
+- break;
+- }
++ ath_ant_try_scan(antcomb, &div_ant_conf, curr_alt_set,
++ alt_rssi_avg, main_rssi_avg);
+ } else {
+ if (!antcomb->alt_good) {
+ antcomb->scan_not_start = false;
+ /* Set alt to another LNA */
+ if (curr_main_set == ATH_ANT_DIV_COMB_LNA2) {
+ div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
++ ATH_ANT_DIV_COMB_LNA2;
+ div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
++ ATH_ANT_DIV_COMB_LNA1;
+ } else if (curr_main_set == ATH_ANT_DIV_COMB_LNA1) {
+ div_ant_conf.main_lna_conf =
+- ATH_ANT_DIV_COMB_LNA1;
++ ATH_ANT_DIV_COMB_LNA1;
+ div_ant_conf.alt_lna_conf =
+- ATH_ANT_DIV_COMB_LNA2;
++ ATH_ANT_DIV_COMB_LNA2;
+ }
+ goto div_comb_done;
+ }
++ ath_select_ant_div_from_quick_scan(antcomb, &div_ant_conf,
++ main_rssi_avg, alt_rssi_avg,
++ alt_ratio);
++ antcomb->quick_scan_cnt++;
+ }
+
+- ath_select_ant_div_from_quick_scan(antcomb, &div_ant_conf,
+- main_rssi_avg, alt_rssi_avg,
+- alt_ratio);
+-
+- antcomb->quick_scan_cnt++;
+-
+ div_comb_done:
+ ath_ant_div_conf_fast_divbias(&div_ant_conf, antcomb, alt_ratio);
+ ath9k_hw_antdiv_comb_conf_set(sc->sc_ah, &div_ant_conf);
++ ath9k_debug_stat_ant(sc, &div_ant_conf, main_rssi_avg, alt_rssi_avg);
+
+ antcomb->scan_start_time = jiffies;
+ antcomb->total_pkt_count = 0;
+@@ -772,26 +867,3 @@ div_comb_done:
+ antcomb->main_recv_cnt = 0;
+ antcomb->alt_recv_cnt = 0;
+ }
+-
+-void ath_ant_comb_update(struct ath_softc *sc)
+-{
+- struct ath_hw *ah = sc->sc_ah;
+- struct ath_common *common = ath9k_hw_common(ah);
+- struct ath_hw_antcomb_conf div_ant_conf;
+- u8 lna_conf;
+-
+- ath9k_hw_antdiv_comb_conf_get(ah, &div_ant_conf);
+-
+- if (sc->ant_rx == 1)
+- lna_conf = ATH_ANT_DIV_COMB_LNA1;
+- else
+- lna_conf = ATH_ANT_DIV_COMB_LNA2;
+-
+- div_ant_conf.main_lna_conf = lna_conf;
+- div_ant_conf.alt_lna_conf = lna_conf;
+-
+- ath9k_hw_antdiv_comb_conf_set(ah, &div_ant_conf);
+-
+- if (common->antenna_diversity)
+- ath9k_hw_antctrl_shared_chain_lnadiv(ah, true);
+-}
+--- a/drivers/net/wireless/ath/ath9k/ar5008_phy.c
++++ b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
+@@ -610,7 +610,15 @@ static void ar5008_hw_override_ini(struc
+ REG_SET_BIT(ah, AR_DIAG_SW, (AR_DIAG_RX_DIS | AR_DIAG_RX_ABORT));
+
+ if (AR_SREV_9280_20_OR_LATER(ah)) {
+- val = REG_READ(ah, AR_PCU_MISC_MODE2);
++ /*
++ * For AR9280 and above, there is a new feature that allows
++ * Multicast search based on both MAC Address and Key ID.
++ * By default, this feature is enabled. But since the driver
++ * is not using this feature, we switch it off; otherwise
++ * multicast search based on MAC addr only will fail.
++ */
++ val = REG_READ(ah, AR_PCU_MISC_MODE2) &
++ (~AR_ADHOC_MCAST_KEYID_ENABLE);
+
+ if (!AR_SREV_9271(ah))
+ val &= ~AR_PCU_MISC_MODE2_HWWAR1;
+@@ -659,14 +667,13 @@ static void ar5008_hw_set_channel_regs(s
+ if (IS_CHAN_HT40(chan)) {
+ phymode |= AR_PHY_FC_DYN2040_EN;
+
+- if ((chan->chanmode == CHANNEL_A_HT40PLUS) ||
+- (chan->chanmode == CHANNEL_G_HT40PLUS))
++ if (IS_CHAN_HT40PLUS(chan))
+ phymode |= AR_PHY_FC_DYN2040_PRI_CH;
+
+ }
+ REG_WRITE(ah, AR_PHY_TURBO, phymode);
+
+- ath9k_hw_set11nmac2040(ah);
++ ath9k_hw_set11nmac2040(ah, chan);
+
+ ENABLE_REGWRITE_BUFFER(ah);
+
+@@ -684,31 +691,12 @@ static int ar5008_hw_process_ini(struct
+ int i, regWrites = 0;
+ u32 modesIndex, freqIndex;
+
+- switch (chan->chanmode) {
+- case CHANNEL_A:
+- case CHANNEL_A_HT20:
+- modesIndex = 1;
+- freqIndex = 1;
+- break;
+- case CHANNEL_A_HT40PLUS:
+- case CHANNEL_A_HT40MINUS:
+- modesIndex = 2;
++ if (IS_CHAN_5GHZ(chan)) {
+ freqIndex = 1;
+- break;
+- case CHANNEL_G:
+- case CHANNEL_G_HT20:
+- case CHANNEL_B:
+- modesIndex = 4;
++ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
++ } else {
+ freqIndex = 2;
+- break;
+- case CHANNEL_G_HT40PLUS:
+- case CHANNEL_G_HT40MINUS:
+- modesIndex = 3;
+- freqIndex = 2;
+- break;
+-
+- default:
+- return -EINVAL;
++ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
+ }
+
+ /*
+@@ -807,8 +795,10 @@ static void ar5008_hw_set_rfmode(struct
+ if (chan == NULL)
+ return;
+
+- rfMode |= (IS_CHAN_B(chan) || IS_CHAN_G(chan))
+- ? AR_PHY_MODE_DYNAMIC : AR_PHY_MODE_OFDM;
++ if (IS_CHAN_2GHZ(chan))
++ rfMode |= AR_PHY_MODE_DYNAMIC;
++ else
++ rfMode |= AR_PHY_MODE_OFDM;
+
+ if (!AR_SREV_9280_20_OR_LATER(ah))
+ rfMode |= (IS_CHAN_5GHZ(chan)) ?
+@@ -1213,12 +1203,11 @@ static void ar5008_hw_ani_cache_ini_regs
+
+ iniDef = &aniState->iniDef;
+
+- ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz/0x%x\n",
++ ath_dbg(common, ANI, "ver %d.%d opmode %u chan %d Mhz\n",
+ ah->hw_version.macVersion,
+ ah->hw_version.macRev,
+ ah->opmode,
+- chan->channel,
+- chan->channelFlags);
++ chan->channel);
+
+ val = REG_READ(ah, AR_PHY_SFCORR);
+ iniDef->m1Thresh = MS(val, AR_PHY_SFCORR_M1_THRESH);
+--- a/drivers/net/wireless/ath/ath9k/ar9002_phy.c
++++ b/drivers/net/wireless/ath/ath9k/ar9002_phy.c
+@@ -555,6 +555,69 @@ static void ar9002_hw_antdiv_comb_conf_s
+ REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regval);
+ }
+
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++
++static void ar9002_hw_set_bt_ant_diversity(struct ath_hw *ah, bool enable)
++{
++ struct ath_btcoex_hw *btcoex = &ah->btcoex_hw;
++ u8 antdiv_ctrl1, antdiv_ctrl2;
++ u32 regval;
++
++ if (enable) {
++ antdiv_ctrl1 = ATH_BT_COEX_ANTDIV_CONTROL1_ENABLE;
++ antdiv_ctrl2 = ATH_BT_COEX_ANTDIV_CONTROL2_ENABLE;
++
++ /*
++ * Don't disable BT ant to allow BB to control SWCOM.
++ */
++ btcoex->bt_coex_mode2 &= (~(AR_BT_DISABLE_BT_ANT));
++ REG_WRITE(ah, AR_BT_COEX_MODE2, btcoex->bt_coex_mode2);
++
++ REG_WRITE(ah, AR_PHY_SWITCH_COM, ATH_BT_COEX_ANT_DIV_SWITCH_COM);
++ REG_RMW(ah, AR_PHY_SWITCH_CHAIN_0, 0, 0xf0000000);
++ } else {
++ /*
++ * Disable antenna diversity, use LNA1 only.
++ */
++ antdiv_ctrl1 = ATH_BT_COEX_ANTDIV_CONTROL1_FIXED_A;
++ antdiv_ctrl2 = ATH_BT_COEX_ANTDIV_CONTROL2_FIXED_A;
++
++ /*
++ * Disable BT Ant. to allow concurrent BT and WLAN receive.
++ */
++ btcoex->bt_coex_mode2 |= AR_BT_DISABLE_BT_ANT;
++ REG_WRITE(ah, AR_BT_COEX_MODE2, btcoex->bt_coex_mode2);
++
++ /*
++ * Program SWCOM table to make sure RF switch always parks
++ * at BT side.
++ */
++ REG_WRITE(ah, AR_PHY_SWITCH_COM, 0);
++ REG_RMW(ah, AR_PHY_SWITCH_CHAIN_0, 0, 0xf0000000);
++ }
++
++ regval = REG_READ(ah, AR_PHY_MULTICHAIN_GAIN_CTL);
++ regval &= (~(AR_PHY_9285_ANT_DIV_CTL_ALL));
++ /*
++ * Clear ant_fast_div_bias [14:9] since for WB195,
++ * the main LNA is always LNA1.
++ */
++ regval &= (~(AR_PHY_9285_FAST_DIV_BIAS));
++ regval |= SM(antdiv_ctrl1, AR_PHY_9285_ANT_DIV_CTL);
++ regval |= SM(antdiv_ctrl2, AR_PHY_9285_ANT_DIV_ALT_LNACONF);
++ regval |= SM((antdiv_ctrl2 >> 2), AR_PHY_9285_ANT_DIV_MAIN_LNACONF);
++ regval |= SM((antdiv_ctrl1 >> 1), AR_PHY_9285_ANT_DIV_ALT_GAINTB);
++ regval |= SM((antdiv_ctrl1 >> 2), AR_PHY_9285_ANT_DIV_MAIN_GAINTB);
++ REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regval);
++
++ regval = REG_READ(ah, AR_PHY_CCK_DETECT);
++ regval &= (~AR_PHY_CCK_DETECT_BB_ENABLE_ANT_FAST_DIV);
++ regval |= SM((antdiv_ctrl1 >> 3), AR_PHY_CCK_DETECT_BB_ENABLE_ANT_FAST_DIV);
++ REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
++}
++
++#endif
++
+ static void ar9002_hw_spectral_scan_config(struct ath_hw *ah,
+ struct ath_spec_scan *param)
+ {
+@@ -634,5 +697,9 @@ void ar9002_hw_attach_phy_ops(struct ath
+ ops->spectral_scan_trigger = ar9002_hw_spectral_scan_trigger;
+ ops->spectral_scan_wait = ar9002_hw_spectral_scan_wait;
+
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++ ops->set_bt_ant_diversity = ar9002_hw_set_bt_ant_diversity;
++#endif
++
+ ar9002_hw_set_nf_limits(ah);
+ }
+--- a/drivers/net/wireless/ath/ath9k/ar9002_phy.h
++++ b/drivers/net/wireless/ath/ath9k/ar9002_phy.h
+@@ -317,13 +317,15 @@
+ #define AR_PHY_9285_ANT_DIV_ALT_GAINTB_S 29
+ #define AR_PHY_9285_ANT_DIV_MAIN_GAINTB 0x40000000
+ #define AR_PHY_9285_ANT_DIV_MAIN_GAINTB_S 30
+-#define AR_PHY_9285_ANT_DIV_LNA1 2
+-#define AR_PHY_9285_ANT_DIV_LNA2 1
+-#define AR_PHY_9285_ANT_DIV_LNA1_PLUS_LNA2 3
+-#define AR_PHY_9285_ANT_DIV_LNA1_MINUS_LNA2 0
+ #define AR_PHY_9285_ANT_DIV_GAINTB_0 0
+ #define AR_PHY_9285_ANT_DIV_GAINTB_1 1
+
++#define ATH_BT_COEX_ANTDIV_CONTROL1_ENABLE 0x0b
++#define ATH_BT_COEX_ANTDIV_CONTROL2_ENABLE 0x09
++#define ATH_BT_COEX_ANTDIV_CONTROL1_FIXED_A 0x04
++#define ATH_BT_COEX_ANTDIV_CONTROL2_FIXED_A 0x09
++#define ATH_BT_COEX_ANT_DIV_SWITCH_COM 0x66666666
++
+ #define AR_PHY_EXT_CCA0 0x99b8
+ #define AR_PHY_EXT_CCA0_THRESH62 0x000000FF
+ #define AR_PHY_EXT_CCA0_THRESH62_S 0
+--- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
++++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
+@@ -3541,13 +3541,12 @@ static u16 ar9003_switch_com_spdt_get(st
+ return le16_to_cpu(ar9003_modal_header(ah, is2ghz)->switchcomspdt);
+ }
+
+-
+-static u32 ar9003_hw_ant_ctrl_common_get(struct ath_hw *ah, bool is2ghz)
++u32 ar9003_hw_ant_ctrl_common_get(struct ath_hw *ah, bool is2ghz)
+ {
+ return le32_to_cpu(ar9003_modal_header(ah, is2ghz)->antCtrlCommon);
+ }
+
+-static u32 ar9003_hw_ant_ctrl_common_2_get(struct ath_hw *ah, bool is2ghz)
++u32 ar9003_hw_ant_ctrl_common_2_get(struct ath_hw *ah, bool is2ghz)
+ {
+ return le32_to_cpu(ar9003_modal_header(ah, is2ghz)->antCtrlCommon2);
+ }
+@@ -3561,6 +3560,7 @@ static u16 ar9003_hw_ant_ctrl_chain_get(
+
+ static void ar9003_hw_ant_ctrl_apply(struct ath_hw *ah, bool is2ghz)
+ {
++ struct ath_common *common = ath9k_hw_common(ah);
+ struct ath9k_hw_capabilities *pCap = &ah->caps;
+ int chain;
+ u32 regval, value, gpio;
+@@ -3614,6 +3614,11 @@ static void ar9003_hw_ant_ctrl_apply(str
+ }
+
+ value = ar9003_hw_ant_ctrl_common_2_get(ah, is2ghz);
++ if (AR_SREV_9485(ah) && common->bt_ant_diversity) {
++ regval &= ~AR_SWITCH_TABLE_COM2_ALL;
++ regval |= ah->config.ant_ctrl_comm2g_switch_enable;
++
++ }
+ REG_RMW_FIELD(ah, AR_PHY_SWITCH_COM_2, AR_SWITCH_TABLE_COM2_ALL, value);
+
+ if ((AR_SREV_9462(ah)) && (ah->rxchainmask == 0x2)) {
+@@ -3645,8 +3650,11 @@ static void ar9003_hw_ant_ctrl_apply(str
+ regval &= (~AR_PHY_ANT_DIV_LNADIV);
+ regval |= ((value >> 6) & 0x1) << AR_PHY_ANT_DIV_LNADIV_S;
+
++ if (AR_SREV_9485(ah) && common->bt_ant_diversity)
++ regval |= AR_ANT_DIV_ENABLE;
++
+ if (AR_SREV_9565(ah)) {
+- if (ah->shared_chain_lnadiv) {
++ if (common->bt_ant_diversity) {
+ regval |= (1 << AR_PHY_ANT_SW_RX_PROT_S);
+ } else {
+ regval &= ~(1 << AR_PHY_ANT_DIV_LNADIV_S);
+@@ -3656,10 +3664,14 @@ static void ar9003_hw_ant_ctrl_apply(str
+
+ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
+
+- /*enable fast_div */
++ /* enable fast_div */
+ regval = REG_READ(ah, AR_PHY_CCK_DETECT);
+ regval &= (~AR_FAST_DIV_ENABLE);
+ regval |= ((value >> 7) & 0x1) << AR_FAST_DIV_ENABLE_S;
++
++ if (AR_SREV_9485(ah) && common->bt_ant_diversity)
++ regval |= AR_FAST_DIV_ENABLE;
++
+ REG_WRITE(ah, AR_PHY_CCK_DETECT, regval);
+
+ if (pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
+@@ -3673,9 +3685,9 @@ static void ar9003_hw_ant_ctrl_apply(str
+ AR_PHY_ANT_DIV_ALT_GAINTB |
+ AR_PHY_ANT_DIV_MAIN_GAINTB));
+ /* by default use LNA1 for the main antenna */
+- regval |= (AR_PHY_ANT_DIV_LNA1 <<
++ regval |= (ATH_ANT_DIV_COMB_LNA1 <<
+ AR_PHY_ANT_DIV_MAIN_LNACONF_S);
+- regval |= (AR_PHY_ANT_DIV_LNA2 <<
++ regval |= (ATH_ANT_DIV_COMB_LNA2 <<
+ AR_PHY_ANT_DIV_ALT_LNACONF_S);
+ REG_WRITE(ah, AR_PHY_MC_GAIN_CTRL, regval);
+ }
+@@ -3813,6 +3825,11 @@ static void ar9003_hw_atten_apply(struct
+ else
+ value = ar9003_hw_atten_chain_get_margin(ah, i, chan);
+
++ if (ah->config.alt_mingainidx)
++ REG_RMW_FIELD(ah, AR_PHY_EXT_ATTEN_CTL_0,
++ AR_PHY_EXT_ATTEN_CTL_XATTEN1_MARGIN,
++ value);
++
+ REG_RMW_FIELD(ah, ext_atten_reg[i],
+ AR_PHY_EXT_ATTEN_CTL_XATTEN1_MARGIN,
+ value);
+--- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h
++++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h
+@@ -334,6 +334,8 @@ struct ar9300_eeprom {
+
+ s32 ar9003_hw_get_tx_gain_idx(struct ath_hw *ah);
+ s32 ar9003_hw_get_rx_gain_idx(struct ath_hw *ah);
++u32 ar9003_hw_ant_ctrl_common_get(struct ath_hw *ah, bool is2ghz);
++u32 ar9003_hw_ant_ctrl_common_2_get(struct ath_hw *ah, bool is2ghz);
+
+ u8 *ar9003_get_spur_chan_ptr(struct ath_hw *ah, bool is_2ghz);
+
+--- a/drivers/net/wireless/ath/ath9k/ar9003_phy.h
++++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.h
+@@ -148,6 +148,8 @@
+ #define AR_PHY_SFCORR_SPUR_SUBCHNL_SD_S 28
+ #define AR_PHY_EXT_CCA_THRESH62 0x007F0000
+ #define AR_PHY_EXT_CCA_THRESH62_S 16
++#define AR_PHY_EXTCHN_PWRTHR1_ANT_DIV_ALT_ANT_MINGAINIDX 0x0000FF00
++#define AR_PHY_EXTCHN_PWRTHR1_ANT_DIV_ALT_ANT_MINGAINIDX_S 8
+ #define AR_PHY_EXT_MINCCA_PWR 0x01FF0000
+ #define AR_PHY_EXT_MINCCA_PWR_S 16
+ #define AR_PHY_EXT_CYCPWR_THR1 0x0000FE00L
+@@ -296,11 +298,6 @@
+ #define AR_PHY_ANT_DIV_MAIN_GAINTB 0x40000000
+ #define AR_PHY_ANT_DIV_MAIN_GAINTB_S 30
+
+-#define AR_PHY_ANT_DIV_LNA1_MINUS_LNA2 0x0
+-#define AR_PHY_ANT_DIV_LNA2 0x1
+-#define AR_PHY_ANT_DIV_LNA1 0x2
+-#define AR_PHY_ANT_DIV_LNA1_PLUS_LNA2 0x3
+-
+ #define AR_PHY_EXTCHN_PWRTHR1 (AR_AGC_BASE + 0x2c)
+ #define AR_PHY_EXT_CHN_WIN (AR_AGC_BASE + 0x30)
+ #define AR_PHY_20_40_DET_THR (AR_AGC_BASE + 0x34)
+--- a/drivers/net/wireless/ath/ath9k/debug.h
++++ b/drivers/net/wireless/ath/ath9k/debug.h
+@@ -28,9 +28,13 @@ struct fft_sample_tlv;
+ #ifdef CPTCFG_ATH9K_DEBUGFS
+ #define TX_STAT_INC(q, c) sc->debug.stats.txstats[q].c++
+ #define RESET_STAT_INC(sc, type) sc->debug.stats.reset[type]++
++#define ANT_STAT_INC(i, c) sc->debug.stats.ant_stats[i].c++
++#define ANT_LNA_INC(i, c) sc->debug.stats.ant_stats[i].lna_recv_cnt[c]++;
+ #else
+ #define TX_STAT_INC(q, c) do { } while (0)
+ #define RESET_STAT_INC(sc, type) do { } while (0)
++#define ANT_STAT_INC(i, c) do { } while (0)
++#define ANT_LNA_INC(i, c) do { } while (0)
+ #endif
+
+ enum ath_reset_type {
+@@ -243,11 +247,22 @@ struct ath_rx_stats {
+ u32 rx_spectral;
+ };
+
++#define ANT_MAIN 0
++#define ANT_ALT 1
++
++struct ath_antenna_stats {
++ u32 recv_cnt;
++ u32 rssi_avg;
++ u32 lna_recv_cnt[4];
++ u32 lna_attempt_cnt[4];
++};
++
+ struct ath_stats {
+ struct ath_interrupt_stats istats;
+ struct ath_tx_stats txstats[ATH9K_NUM_TX_QUEUES];
+ struct ath_rx_stats rxstats;
+ struct ath_dfs_stats dfs_stats;
++ struct ath_antenna_stats ant_stats[2];
+ u32 reset[__RESET_TYPE_MAX];
};
- /**
-- * enum nl80211_wowlan_packet_pattern_attr - WoWLAN packet pattern attribute
-- * @__NL80211_WOWLAN_PKTPAT_INVALID: invalid number for nested attribute
-- * @NL80211_WOWLAN_PKTPAT_PATTERN: the pattern, values where the mask has
-+ * enum nl80211_packet_pattern_attr - packet pattern attribute
-+ * @__NL80211_PKTPAT_INVALID: invalid number for nested attribute
-+ * @NL80211_PKTPAT_PATTERN: the pattern, values where the mask has
- * a zero bit are ignored
-- * @NL80211_WOWLAN_PKTPAT_MASK: pattern mask, must be long enough to have
-+ * @NL80211_PKTPAT_MASK: pattern mask, must be long enough to have
- * a bit for each byte in the pattern. The lowest-order bit corresponds
- * to the first byte of the pattern, but the bytes of the pattern are
- * in a little-endian-like format, i.e. the 9th byte of the pattern
-@@ -3075,23 +3075,23 @@ enum nl80211_tx_power_setting {
- * Note that the pattern matching is done as though frames were not
- * 802.11 frames but 802.3 frames, i.e. the frame is fully unpacked
- * first (including SNAP header unpacking) and then matched.
-- * @NL80211_WOWLAN_PKTPAT_OFFSET: packet offset, pattern is matched after
-+ * @NL80211_PKTPAT_OFFSET: packet offset, pattern is matched after
- * these fixed number of bytes of received packet
-- * @NUM_NL80211_WOWLAN_PKTPAT: number of attributes
-- * @MAX_NL80211_WOWLAN_PKTPAT: max attribute number
-+ * @NUM_NL80211_PKTPAT: number of attributes
-+ * @MAX_NL80211_PKTPAT: max attribute number
- */
--enum nl80211_wowlan_packet_pattern_attr {
-- __NL80211_WOWLAN_PKTPAT_INVALID,
-- NL80211_WOWLAN_PKTPAT_MASK,
-- NL80211_WOWLAN_PKTPAT_PATTERN,
-- NL80211_WOWLAN_PKTPAT_OFFSET,
-+enum nl80211_packet_pattern_attr {
-+ __NL80211_PKTPAT_INVALID,
-+ NL80211_PKTPAT_MASK,
-+ NL80211_PKTPAT_PATTERN,
-+ NL80211_PKTPAT_OFFSET,
+@@ -281,10 +296,11 @@ void ath9k_sta_remove_debugfs(struct iee
+ struct ieee80211_vif *vif,
+ struct ieee80211_sta *sta,
+ struct dentry *dir);
+-
+ void ath_debug_send_fft_sample(struct ath_softc *sc,
+ struct fft_sample_tlv *fft_sample);
+-
++void ath9k_debug_stat_ant(struct ath_softc *sc,
++ struct ath_hw_antcomb_conf *div_ant_conf,
++ int main_rssi_avg, int alt_rssi_avg);
+ #else
+
+ #define RX_STAT_INC(c) /* NOP */
+@@ -297,12 +313,10 @@ static inline int ath9k_init_debug(struc
+ static inline void ath9k_deinit_debug(struct ath_softc *sc)
+ {
+ }
+-
+ static inline void ath_debug_stat_interrupt(struct ath_softc *sc,
+ enum ath9k_int status)
+ {
+ }
+-
+ static inline void ath_debug_stat_tx(struct ath_softc *sc,
+ struct ath_buf *bf,
+ struct ath_tx_status *ts,
+@@ -310,11 +324,16 @@ static inline void ath_debug_stat_tx(str
+ unsigned int flags)
+ {
+ }
+-
+ static inline void ath_debug_stat_rx(struct ath_softc *sc,
+ struct ath_rx_status *rs)
+ {
+ }
++static inline void ath9k_debug_stat_ant(struct ath_softc *sc,
++ struct ath_hw_antcomb_conf *div_ant_conf,
++ int main_rssi_avg, int alt_rssi_avg)
++{
++
++}
+
+ #endif /* CPTCFG_ATH9K_DEBUGFS */
+
+--- a/drivers/net/wireless/ath/ath9k/eeprom_4k.c
++++ b/drivers/net/wireless/ath/ath9k/eeprom_4k.c
+@@ -812,6 +812,7 @@ static void ath9k_hw_4k_set_gain(struct
+ static void ath9k_hw_4k_set_board_values(struct ath_hw *ah,
+ struct ath9k_channel *chan)
+ {
++ struct ath9k_hw_capabilities *pCap = &ah->caps;
+ struct modal_eep_4k_header *pModal;
+ struct ar5416_eeprom_4k *eep = &ah->eeprom.map4k;
+ struct base_eep_header_4k *pBase = &eep->baseEepHeader;
+@@ -858,6 +859,24 @@ static void ath9k_hw_4k_set_board_values
+
+ REG_WRITE(ah, AR_PHY_CCK_DETECT, regVal);
+ regVal = REG_READ(ah, AR_PHY_CCK_DETECT);
++
++ if (pCap->hw_caps & ATH9K_HW_CAP_ANT_DIV_COMB) {
++ /*
++ * If diversity combining is enabled,
++ * set MAIN to LNA1 and ALT to LNA2 initially.
++ */
++ regVal = REG_READ(ah, AR_PHY_MULTICHAIN_GAIN_CTL);
++ regVal &= (~(AR_PHY_9285_ANT_DIV_MAIN_LNACONF |
++ AR_PHY_9285_ANT_DIV_ALT_LNACONF));
++
++ regVal |= (ATH_ANT_DIV_COMB_LNA1 <<
++ AR_PHY_9285_ANT_DIV_MAIN_LNACONF_S);
++ regVal |= (ATH_ANT_DIV_COMB_LNA2 <<
++ AR_PHY_9285_ANT_DIV_ALT_LNACONF_S);
++ regVal &= (~(AR_PHY_9285_FAST_DIV_BIAS));
++ regVal |= (0 << AR_PHY_9285_FAST_DIV_BIAS_S);
++ REG_WRITE(ah, AR_PHY_MULTICHAIN_GAIN_CTL, regVal);
++ }
+ }
+
+ if (pModal->version >= 2) {
+--- a/drivers/net/wireless/ath/ath9k/hw-ops.h
++++ b/drivers/net/wireless/ath/ath9k/hw-ops.h
+@@ -78,13 +78,16 @@ static inline void ath9k_hw_antdiv_comb_
+ ath9k_hw_ops(ah)->antdiv_comb_conf_set(ah, antconf);
+ }
+
+-static inline void ath9k_hw_antctrl_shared_chain_lnadiv(struct ath_hw *ah,
+- bool enable)
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++
++static inline void ath9k_hw_set_bt_ant_diversity(struct ath_hw *ah, bool enable)
+ {
+- if (ath9k_hw_ops(ah)->antctrl_shared_chain_lnadiv)
+- ath9k_hw_ops(ah)->antctrl_shared_chain_lnadiv(ah, enable);
++ if (ath9k_hw_ops(ah)->set_bt_ant_diversity)
++ ath9k_hw_ops(ah)->set_bt_ant_diversity(ah, enable);
+ }
+
++#endif
++
+ /* Private hardware call ops */
+
+ /* PHY ops */
+--- a/drivers/net/wireless/ath/ath9k/hw.c
++++ b/drivers/net/wireless/ath/ath9k/hw.c
+@@ -130,29 +130,29 @@ void ath9k_debug_sync_cause(struct ath_c
+
+ static void ath9k_hw_set_clockrate(struct ath_hw *ah)
+ {
+- struct ieee80211_conf *conf = &ath9k_hw_common(ah)->hw->conf;
+ struct ath_common *common = ath9k_hw_common(ah);
++ struct ath9k_channel *chan = ah->curchan;
+ unsigned int clockrate;
+
+ /* AR9287 v1.3+ uses async FIFO and runs the MAC at 117 MHz */
+ if (AR_SREV_9287(ah) && AR_SREV_9287_13_OR_LATER(ah))
+ clockrate = 117;
+- else if (!ah->curchan) /* should really check for CCK instead */
++ else if (!chan) /* should really check for CCK instead */
+ clockrate = ATH9K_CLOCK_RATE_CCK;
+- else if (conf->chandef.chan->band == IEEE80211_BAND_2GHZ)
++ else if (IS_CHAN_2GHZ(chan))
+ clockrate = ATH9K_CLOCK_RATE_2GHZ_OFDM;
+ else if (ah->caps.hw_caps & ATH9K_HW_CAP_FASTCLOCK)
+ clockrate = ATH9K_CLOCK_FAST_RATE_5GHZ_OFDM;
+ else
+ clockrate = ATH9K_CLOCK_RATE_5GHZ_OFDM;
+
+- if (conf_is_ht40(conf))
++ if (IS_CHAN_HT40(chan))
+ clockrate *= 2;
+
+ if (ah->curchan) {
+- if (IS_CHAN_HALF_RATE(ah->curchan))
++ if (IS_CHAN_HALF_RATE(chan))
+ clockrate /= 2;
+- if (IS_CHAN_QUARTER_RATE(ah->curchan))
++ if (IS_CHAN_QUARTER_RATE(chan))
+ clockrate /= 4;
+ }
+
+@@ -190,10 +190,7 @@ EXPORT_SYMBOL(ath9k_hw_wait);
+ void ath9k_hw_synth_delay(struct ath_hw *ah, struct ath9k_channel *chan,
+ int hw_delay)
+ {
+- if (IS_CHAN_B(chan))
+- hw_delay = (4 * hw_delay) / 22;
+- else
+- hw_delay /= 10;
++ hw_delay /= 10;
+
+ if (IS_CHAN_HALF_RATE(chan))
+ hw_delay *= 2;
+@@ -294,8 +291,7 @@ void ath9k_hw_get_channel_centers(struct
+ return;
+ }
+
+- if ((chan->chanmode == CHANNEL_A_HT40PLUS) ||
+- (chan->chanmode == CHANNEL_G_HT40PLUS)) {
++ if (IS_CHAN_HT40PLUS(chan)) {
+ centers->synth_center =
+ chan->channel + HT40_CHANNEL_CENTER_SHIFT;
+ extoff = 1;
+@@ -450,7 +446,6 @@ static void ath9k_hw_init_config(struct
+ ah->config.ack_6mb = 0x0;
+ ah->config.cwm_ignore_extcca = 0;
+ ah->config.pcie_clock_req = 0;
+- ah->config.pcie_waen = 0;
+ ah->config.analog_shiftreg = 1;
+
+ for (i = 0; i < AR_EEPROM_MODAL_SPURS; i++) {
+@@ -1034,7 +1029,6 @@ static bool ath9k_hw_set_global_txtimeou
+ void ath9k_hw_init_global_settings(struct ath_hw *ah)
+ {
+ struct ath_common *common = ath9k_hw_common(ah);
+- struct ieee80211_conf *conf = &common->hw->conf;
+ const struct ath9k_channel *chan = ah->curchan;
+ int acktimeout, ctstimeout, ack_offset = 0;
+ int slottime;
+@@ -1069,7 +1063,7 @@ void ath9k_hw_init_global_settings(struc
+ if (IS_CHAN_A_FAST_CLOCK(ah, chan))
+ tx_lat += 11;
+
+- sifstime *= 2;
++ sifstime = 32;
+ ack_offset = 16;
+ slottime = 13;
+ } else if (IS_CHAN_QUARTER_RATE(chan)) {
+@@ -1079,7 +1073,7 @@ void ath9k_hw_init_global_settings(struc
+ if (IS_CHAN_A_FAST_CLOCK(ah, chan))
+ tx_lat += 22;
+
+- sifstime *= 4;
++ sifstime = 64;
+ ack_offset = 32;
+ slottime = 21;
+ } else {
+@@ -1109,14 +1103,12 @@ void ath9k_hw_init_global_settings(struc
+ * BA frames in some implementations, but it has been found to fix ACK
+ * timeout issues in other cases as well.
+ */
+- if (conf->chandef.chan &&
+- conf->chandef.chan->band == IEEE80211_BAND_2GHZ &&
++ if (IS_CHAN_2GHZ(chan) &&
+ !IS_CHAN_HALF_RATE(chan) && !IS_CHAN_QUARTER_RATE(chan)) {
+ acktimeout += 64 - sifstime - ah->slottime;
+ ctstimeout += 48 - sifstime - ah->slottime;
+ }
+
+-
+ ath9k_hw_set_sifs_time(ah, sifstime);
+ ath9k_hw_setslottime(ah, slottime);
+ ath9k_hw_set_ack_timeout(ah, acktimeout);
+@@ -1153,9 +1145,7 @@ u32 ath9k_regd_get_ctl(struct ath_regula
+ {
+ u32 ctl = ath_regd_get_band_ctl(reg, chan->chan->band);
+
+- if (IS_CHAN_B(chan))
+- ctl |= CTL_11B;
+- else if (IS_CHAN_G(chan))
++ if (IS_CHAN_2GHZ(chan))
+ ctl |= CTL_11G;
+ else
+ ctl |= CTL_11A;
+@@ -1496,16 +1486,16 @@ static bool ath9k_hw_channel_change(stru
+ struct ath9k_channel *chan)
+ {
+ struct ath_common *common = ath9k_hw_common(ah);
++ struct ath9k_hw_capabilities *pCap = &ah->caps;
++ bool band_switch = false, mode_diff = false;
++ u8 ini_reloaded = 0;
+ u32 qnum;
+ int r;
+- bool edma = !!(ah->caps.hw_caps & ATH9K_HW_CAP_EDMA);
+- bool band_switch, mode_diff;
+- u8 ini_reloaded;
+-
+- band_switch = (chan->channelFlags & (CHANNEL_2GHZ | CHANNEL_5GHZ)) !=
+- (ah->curchan->channelFlags & (CHANNEL_2GHZ |
+- CHANNEL_5GHZ));
+- mode_diff = (chan->chanmode != ah->curchan->chanmode);
++
++ if (pCap->hw_caps & ATH9K_HW_CAP_FCC_BAND_SWITCH) {
++ band_switch = IS_CHAN_5GHZ(ah->curchan) != IS_CHAN_5GHZ(chan);
++ mode_diff = (chan->channelFlags != ah->curchan->channelFlags);
++ }
+
+ for (qnum = 0; qnum < AR_NUM_QCU; qnum++) {
+ if (ath9k_hw_numtxpending(ah, qnum)) {
+@@ -1520,11 +1510,12 @@ static bool ath9k_hw_channel_change(stru
+ return false;
+ }
+
+- if (edma && (band_switch || mode_diff)) {
++ if (band_switch || mode_diff) {
+ ath9k_hw_mark_phy_inactive(ah);
+ udelay(5);
+
+- ath9k_hw_init_pll(ah, NULL);
++ if (band_switch)
++ ath9k_hw_init_pll(ah, chan);
+
+ if (ath9k_hw_fast_chan_change(ah, chan, &ini_reloaded)) {
+ ath_err(common, "Failed to do fast channel change\n");
+@@ -1541,22 +1532,19 @@ static bool ath9k_hw_channel_change(stru
+ }
+ ath9k_hw_set_clockrate(ah);
+ ath9k_hw_apply_txpower(ah, chan, false);
+- ath9k_hw_rfbus_done(ah);
+-
+- if (IS_CHAN_OFDM(chan) || IS_CHAN_HT(chan))
+- ath9k_hw_set_delta_slope(ah, chan);
+
++ ath9k_hw_set_delta_slope(ah, chan);
+ ath9k_hw_spur_mitigate_freq(ah, chan);
-- NUM_NL80211_WOWLAN_PKTPAT,
-- MAX_NL80211_WOWLAN_PKTPAT = NUM_NL80211_WOWLAN_PKTPAT - 1,
-+ NUM_NL80211_PKTPAT,
-+ MAX_NL80211_PKTPAT = NUM_NL80211_PKTPAT - 1,
- };
+- if (edma && (band_switch || mode_diff)) {
+- ah->ah_flags |= AH_FASTCC;
+- if (band_switch || ini_reloaded)
+- ah->eep_ops->set_board_values(ah, chan);
++ if (band_switch || ini_reloaded)
++ ah->eep_ops->set_board_values(ah, chan);
- /**
-- * struct nl80211_wowlan_pattern_support - pattern support information
-+ * struct nl80211_pattern_support - packet pattern support information
- * @max_patterns: maximum number of patterns supported
- * @min_pattern_len: minimum length of each pattern
- * @max_pattern_len: maximum length of each pattern
-@@ -3101,13 +3101,22 @@ enum nl80211_wowlan_packet_pattern_attr
- * that is part of %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED in the
- * capability information given by the kernel to userspace.
+- ath9k_hw_init_bb(ah, chan);
++ ath9k_hw_init_bb(ah, chan);
++ ath9k_hw_rfbus_done(ah);
+
+- if (band_switch || ini_reloaded)
+- ath9k_hw_init_cal(ah, chan);
++ if (band_switch || ini_reloaded) {
++ ah->ah_flags |= AH_FASTCC;
++ ath9k_hw_init_cal(ah, chan);
+ ah->ah_flags &= ~AH_FASTCC;
+ }
+
+@@ -1778,16 +1766,11 @@ static void ath9k_hw_init_desc(struct at
+ /*
+ * Fast channel change:
+ * (Change synthesizer based on channel freq without resetting chip)
+- *
+- * Don't do FCC when
+- * - Flag is not set
+- * - Chip is just coming out of full sleep
+- * - Channel to be set is same as current channel
+- * - Channel flags are different, (eg.,moving from 2GHz to 5GHz channel)
*/
--struct nl80211_wowlan_pattern_support {
-+struct nl80211_pattern_support {
- __u32 max_patterns;
- __u32 min_pattern_len;
- __u32 max_pattern_len;
- __u32 max_pkt_offset;
- } __attribute__((packed));
+ static int ath9k_hw_do_fastcc(struct ath_hw *ah, struct ath9k_channel *chan)
+ {
+ struct ath_common *common = ath9k_hw_common(ah);
++ struct ath9k_hw_capabilities *pCap = &ah->caps;
+ int ret;
-+/* only for backward compatibility */
-+#define __NL80211_WOWLAN_PKTPAT_INVALID __NL80211_PKTPAT_INVALID
-+#define NL80211_WOWLAN_PKTPAT_MASK NL80211_PKTPAT_MASK
-+#define NL80211_WOWLAN_PKTPAT_PATTERN NL80211_PKTPAT_PATTERN
-+#define NL80211_WOWLAN_PKTPAT_OFFSET NL80211_PKTPAT_OFFSET
-+#define NUM_NL80211_WOWLAN_PKTPAT NUM_NL80211_PKTPAT
-+#define MAX_NL80211_WOWLAN_PKTPAT MAX_NL80211_PKTPAT
-+#define nl80211_wowlan_pattern_support nl80211_pattern_support
-+
- /**
- * enum nl80211_wowlan_triggers - WoWLAN trigger definitions
- * @__NL80211_WOWLAN_TRIG_INVALID: invalid number for nested attributes
-@@ -3127,7 +3136,7 @@ struct nl80211_wowlan_pattern_support {
- * pattern matching is done after the packet is converted to the MSDU.
- *
- * In %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED, it is a binary attribute
-- * carrying a &struct nl80211_wowlan_pattern_support.
-+ * carrying a &struct nl80211_pattern_support.
- *
- * When reporting wakeup. it is a u32 attribute containing the 0-based
- * index of the pattern that caused the wakeup, in the patterns passed
-@@ -3284,7 +3293,7 @@ struct nl80211_wowlan_tcp_data_token_fea
- * @NL80211_WOWLAN_TCP_WAKE_PAYLOAD: wake packet payload, for advertising a
- * u32 attribute holding the maximum length
- * @NL80211_WOWLAN_TCP_WAKE_MASK: Wake packet payload mask, not used for
-- * feature advertising. The mask works like @NL80211_WOWLAN_PKTPAT_MASK
-+ * feature advertising. The mask works like @NL80211_PKTPAT_MASK
- * but on the TCP payload only.
- * @NUM_NL80211_WOWLAN_TCP: number of TCP attributes
- * @MAX_NL80211_WOWLAN_TCP: highest attribute number
---- a/net/mac80211/mesh_ps.c
-+++ b/net/mac80211/mesh_ps.c
-@@ -229,6 +229,10 @@ void ieee80211_mps_sta_status_update(str
- enum nl80211_mesh_power_mode pm;
- bool do_buffer;
+ if (AR_SREV_9280(ah) && common->bus_ops->ath_bus_type == ATH_PCI)
+@@ -1806,8 +1789,11 @@ static int ath9k_hw_do_fastcc(struct ath
+ (CHANNEL_HALF | CHANNEL_QUARTER))
+ goto fail;
-+ /* For non-assoc STA, prevent buffering or frame transmission */
-+ if (sta->sta_state < IEEE80211_STA_ASSOC)
-+ return;
+- if ((chan->channelFlags & CHANNEL_ALL) !=
+- (ah->curchan->channelFlags & CHANNEL_ALL))
++ /*
++ * If cross-band fcc is not supoprted, bail out if channelFlags differ.
++ */
++ if (!(pCap->hw_caps & ATH9K_HW_CAP_FCC_BAND_SWITCH) &&
++ chan->channelFlags != ah->curchan->channelFlags)
+ goto fail;
+
+ if (!ath9k_hw_check_alive(ah))
+@@ -1870,8 +1856,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
+
+ ah->caldata = caldata;
+ if (caldata && (chan->channel != caldata->channel ||
+- chan->channelFlags != caldata->channelFlags ||
+- chan->chanmode != caldata->chanmode)) {
++ chan->channelFlags != caldata->channelFlags)) {
+ /* Operating channel changed, reset channel calibration data */
+ memset(caldata, 0, sizeof(*caldata));
+ ath9k_init_nfcal_hist_buffer(ah, chan);
+@@ -1960,9 +1945,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
+
+ ath9k_hw_init_mfp(ah);
+
+- if (IS_CHAN_OFDM(chan) || IS_CHAN_HT(chan))
+- ath9k_hw_set_delta_slope(ah, chan);
+-
++ ath9k_hw_set_delta_slope(ah, chan);
+ ath9k_hw_spur_mitigate_freq(ah, chan);
+ ah->eep_ops->set_board_values(ah, chan);
+
+@@ -2047,7 +2030,7 @@ int ath9k_hw_reset(struct ath_hw *ah, st
+
+ ath9k_hw_apply_gpio_override(ah);
+
+- if (AR_SREV_9565(ah) && ah->shared_chain_lnadiv)
++ if (AR_SREV_9565(ah) && common->bt_ant_diversity)
+ REG_SET_BIT(ah, AR_BTCOEX_WL_LNADIV, AR_BTCOEX_WL_LNADIV_FORCE_ON);
+
+ return 0;
+@@ -2550,34 +2533,28 @@ int ath9k_hw_fill_cap_info(struct ath_hw
+ if (AR_SREV_9287_11_OR_LATER(ah) || AR_SREV_9271(ah))
+ pCap->hw_caps |= ATH9K_HW_CAP_SGI_20;
+
+- if (AR_SREV_9285(ah))
++ if (AR_SREV_9285(ah)) {
+ if (ah->eep_ops->get_eeprom(ah, EEP_MODAL_VER) >= 3) {
+ ant_div_ctl1 =
+ ah->eep_ops->get_eeprom(ah, EEP_ANT_DIV_CTL1);
+- if ((ant_div_ctl1 & 0x1) && ((ant_div_ctl1 >> 3) & 0x1))
++ if ((ant_div_ctl1 & 0x1) && ((ant_div_ctl1 >> 3) & 0x1)) {
+ pCap->hw_caps |= ATH9K_HW_CAP_ANT_DIV_COMB;
++ ath_info(common, "Enable LNA combining\n");
++ }
+ }
++ }
+
- /*
- * use peer-specific power mode if peering is established and the
- * peer's power mode is known
---- a/net/wireless/nl80211.c
-+++ b/net/wireless/nl80211.c
-@@ -974,7 +974,7 @@ static int nl80211_send_wowlan(struct sk
- return -ENOBUFS;
+ if (AR_SREV_9300_20_OR_LATER(ah)) {
+ if (ah->eep_ops->get_eeprom(ah, EEP_CHAIN_MASK_REDUCE))
+ pCap->hw_caps |= ATH9K_HW_CAP_APM;
+ }
- if (dev->wiphy.wowlan->n_patterns) {
-- struct nl80211_wowlan_pattern_support pat = {
-+ struct nl80211_pattern_support pat = {
- .max_patterns = dev->wiphy.wowlan->n_patterns,
- .min_pattern_len = dev->wiphy.wowlan->pattern_min_len,
- .max_pattern_len = dev->wiphy.wowlan->pattern_max_len,
-@@ -1568,8 +1568,10 @@ static int nl80211_dump_wiphy(struct sk_
- rtnl_lock();
- if (!state) {
- state = kzalloc(sizeof(*state), GFP_KERNEL);
-- if (!state)
-+ if (!state) {
-+ rtnl_unlock();
- return -ENOMEM;
+-
+ if (AR_SREV_9330(ah) || AR_SREV_9485(ah) || AR_SREV_9565(ah)) {
+ ant_div_ctl1 = ah->eep_ops->get_eeprom(ah, EEP_ANT_DIV_CTL1);
+- /*
+- * enable the diversity-combining algorithm only when
+- * both enable_lna_div and enable_fast_div are set
+- * Table for Diversity
+- * ant_div_alt_lnaconf bit 0-1
+- * ant_div_main_lnaconf bit 2-3
+- * ant_div_alt_gaintb bit 4
+- * ant_div_main_gaintb bit 5
+- * enable_ant_div_lnadiv bit 6
+- * enable_ant_fast_div bit 7
+- */
+- if ((ant_div_ctl1 >> 0x6) == 0x3)
++ if ((ant_div_ctl1 >> 0x6) == 0x3) {
+ pCap->hw_caps |= ATH9K_HW_CAP_ANT_DIV_COMB;
++ ath_info(common, "Enable LNA combining\n");
+ }
- state->filter_wiphy = -1;
- ret = nl80211_dump_wiphy_parse(skb, cb, state);
- if (ret) {
-@@ -6615,12 +6617,14 @@ EXPORT_SYMBOL(cfg80211_testmode_alloc_ev
+ }
- void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
- {
-+ struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
- void *hdr = ((void **)skb->cb)[1];
- struct nlattr *data = ((void **)skb->cb)[2];
+ if (ath9k_hw_dfs_tested(ah))
+@@ -2610,6 +2587,13 @@ int ath9k_hw_fill_cap_info(struct ath_hw
+ ah->eep_ops->get_eeprom(ah, EEP_PAPRD))
+ pCap->hw_caps |= ATH9K_HW_CAP_PAPRD;
- nla_nest_end(skb, data);
- genlmsg_end(skb, hdr);
-- genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
-+ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), skb, 0,
-+ nl80211_testmode_mcgrp.id, gfp);
++ /*
++ * Fast channel change across bands is available
++ * only for AR9462 and AR9565.
++ */
++ if (AR_SREV_9462(ah) || AR_SREV_9565(ah))
++ pCap->hw_caps |= ATH9K_HW_CAP_FCC_BAND_SWITCH;
++
+ return 0;
}
- EXPORT_SYMBOL(cfg80211_testmode_event);
- #endif
-@@ -7593,12 +7597,11 @@ static int nl80211_send_wowlan_patterns(
- if (!nl_pat)
- return -ENOBUFS;
- pat_len = wowlan->patterns[i].pattern_len;
-- if (nla_put(msg, NL80211_WOWLAN_PKTPAT_MASK,
-- DIV_ROUND_UP(pat_len, 8),
-+ if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
- wowlan->patterns[i].mask) ||
-- nla_put(msg, NL80211_WOWLAN_PKTPAT_PATTERN,
-- pat_len, wowlan->patterns[i].pattern) ||
-- nla_put_u32(msg, NL80211_WOWLAN_PKTPAT_OFFSET,
-+ nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
-+ wowlan->patterns[i].pattern) ||
-+ nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
- wowlan->patterns[i].pkt_offset))
- return -ENOBUFS;
- nla_nest_end(msg, nl_pat);
-@@ -7939,7 +7942,7 @@ static int nl80211_set_wowlan(struct sk_
- struct nlattr *pat;
- int n_patterns = 0;
- int rem, pat_len, mask_len, pkt_offset;
-- struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT];
-+ struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
- nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
- rem)
-@@ -7958,26 +7961,25 @@ static int nl80211_set_wowlan(struct sk_
+@@ -2938,12 +2922,11 @@ void ath9k_hw_set_tsfadjust(struct ath_h
+ }
+ EXPORT_SYMBOL(ath9k_hw_set_tsfadjust);
- nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
- rem) {
-- nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT,
-- nla_data(pat), nla_len(pat), NULL);
-+ nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
-+ nla_len(pat), NULL);
- err = -EINVAL;
-- if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] ||
-- !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN])
-+ if (!pat_tb[NL80211_PKTPAT_MASK] ||
-+ !pat_tb[NL80211_PKTPAT_PATTERN])
- goto error;
-- pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]);
-+ pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
- mask_len = DIV_ROUND_UP(pat_len, 8);
-- if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) !=
-- mask_len)
-+ if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
- goto error;
- if (pat_len > wowlan->pattern_max_len ||
- pat_len < wowlan->pattern_min_len)
- goto error;
+-void ath9k_hw_set11nmac2040(struct ath_hw *ah)
++void ath9k_hw_set11nmac2040(struct ath_hw *ah, struct ath9k_channel *chan)
+ {
+- struct ieee80211_conf *conf = &ath9k_hw_common(ah)->hw->conf;
+ u32 macmode;
-- if (!pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET])
-+ if (!pat_tb[NL80211_PKTPAT_OFFSET])
- pkt_offset = 0;
- else
- pkt_offset = nla_get_u32(
-- pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET]);
-+ pat_tb[NL80211_PKTPAT_OFFSET]);
- if (pkt_offset > wowlan->max_pkt_offset)
- goto error;
- new_triggers.patterns[i].pkt_offset = pkt_offset;
-@@ -7991,11 +7993,11 @@ static int nl80211_set_wowlan(struct sk_
- new_triggers.patterns[i].pattern =
- new_triggers.patterns[i].mask + mask_len;
- memcpy(new_triggers.patterns[i].mask,
-- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]),
-+ nla_data(pat_tb[NL80211_PKTPAT_MASK]),
- mask_len);
- new_triggers.patterns[i].pattern_len = pat_len;
- memcpy(new_triggers.patterns[i].pattern,
-- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]),
-+ nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
- pat_len);
- i++;
- }
-@@ -10066,7 +10068,8 @@ void cfg80211_mgmt_tx_status(struct wire
+- if (conf_is_ht40(conf) && !ah->config.cwm_ignore_extcca)
++ if (IS_CHAN_HT40(chan) && !ah->config.cwm_ignore_extcca)
+ macmode = AR_2040_JOINED_RX_CLEAR;
+ else
+ macmode = 0;
+--- a/drivers/net/wireless/ath/ath9k/hw.h
++++ b/drivers/net/wireless/ath/ath9k/hw.h
+@@ -247,6 +247,8 @@ enum ath9k_hw_caps {
+ ATH9K_HW_CAP_DFS = BIT(16),
+ ATH9K_HW_WOW_DEVICE_CAPABLE = BIT(17),
+ ATH9K_HW_CAP_PAPRD = BIT(18),
++ ATH9K_HW_CAP_FCC_BAND_SWITCH = BIT(19),
++ ATH9K_HW_CAP_BT_ANT_DIV = BIT(20),
+ };
+
+ /*
+@@ -309,8 +311,11 @@ struct ath9k_ops_config {
+ u16 ani_poll_interval; /* ANI poll interval in ms */
+
+ /* Platform specific config */
++ u32 aspm_l1_fix;
+ u32 xlna_gpio;
++ u32 ant_ctrl_comm2g_switch_enable;
+ bool xatten_margin_cfg;
++ bool alt_mingainidx;
+ };
+
+ enum ath9k_int {
+@@ -364,36 +369,6 @@ enum ath9k_int {
+ ATH9K_INT_NOCARD = 0xffffffff
+ };
+
+-#define CHANNEL_CCK 0x00020
+-#define CHANNEL_OFDM 0x00040
+-#define CHANNEL_2GHZ 0x00080
+-#define CHANNEL_5GHZ 0x00100
+-#define CHANNEL_PASSIVE 0x00200
+-#define CHANNEL_DYN 0x00400
+-#define CHANNEL_HALF 0x04000
+-#define CHANNEL_QUARTER 0x08000
+-#define CHANNEL_HT20 0x10000
+-#define CHANNEL_HT40PLUS 0x20000
+-#define CHANNEL_HT40MINUS 0x40000
+-
+-#define CHANNEL_A (CHANNEL_5GHZ|CHANNEL_OFDM)
+-#define CHANNEL_B (CHANNEL_2GHZ|CHANNEL_CCK)
+-#define CHANNEL_G (CHANNEL_2GHZ|CHANNEL_OFDM)
+-#define CHANNEL_G_HT20 (CHANNEL_2GHZ|CHANNEL_HT20)
+-#define CHANNEL_A_HT20 (CHANNEL_5GHZ|CHANNEL_HT20)
+-#define CHANNEL_G_HT40PLUS (CHANNEL_2GHZ|CHANNEL_HT40PLUS)
+-#define CHANNEL_G_HT40MINUS (CHANNEL_2GHZ|CHANNEL_HT40MINUS)
+-#define CHANNEL_A_HT40PLUS (CHANNEL_5GHZ|CHANNEL_HT40PLUS)
+-#define CHANNEL_A_HT40MINUS (CHANNEL_5GHZ|CHANNEL_HT40MINUS)
+-#define CHANNEL_ALL \
+- (CHANNEL_OFDM| \
+- CHANNEL_CCK| \
+- CHANNEL_2GHZ | \
+- CHANNEL_5GHZ | \
+- CHANNEL_HT20 | \
+- CHANNEL_HT40PLUS | \
+- CHANNEL_HT40MINUS)
+-
+ #define MAX_RTT_TABLE_ENTRY 6
+ #define MAX_IQCAL_MEASUREMENT 8
+ #define MAX_CL_TAB_ENTRY 16
+@@ -401,8 +376,7 @@ enum ath9k_int {
+
+ struct ath9k_hw_cal_data {
+ u16 channel;
+- u32 channelFlags;
+- u32 chanmode;
++ u16 channelFlags;
+ int32_t CalValid;
+ int8_t iCoff;
+ int8_t qCoff;
+@@ -425,33 +399,34 @@ struct ath9k_hw_cal_data {
+ struct ath9k_channel {
+ struct ieee80211_channel *chan;
+ u16 channel;
+- u32 channelFlags;
+- u32 chanmode;
++ u16 channelFlags;
+ s16 noisefloor;
+ };
+
+-#define IS_CHAN_G(_c) ((((_c)->channelFlags & (CHANNEL_G)) == CHANNEL_G) || \
+- (((_c)->channelFlags & CHANNEL_G_HT20) == CHANNEL_G_HT20) || \
+- (((_c)->channelFlags & CHANNEL_G_HT40PLUS) == CHANNEL_G_HT40PLUS) || \
+- (((_c)->channelFlags & CHANNEL_G_HT40MINUS) == CHANNEL_G_HT40MINUS))
+-#define IS_CHAN_OFDM(_c) (((_c)->channelFlags & CHANNEL_OFDM) != 0)
+-#define IS_CHAN_5GHZ(_c) (((_c)->channelFlags & CHANNEL_5GHZ) != 0)
+-#define IS_CHAN_2GHZ(_c) (((_c)->channelFlags & CHANNEL_2GHZ) != 0)
+-#define IS_CHAN_HALF_RATE(_c) (((_c)->channelFlags & CHANNEL_HALF) != 0)
+-#define IS_CHAN_QUARTER_RATE(_c) (((_c)->channelFlags & CHANNEL_QUARTER) != 0)
++#define CHANNEL_5GHZ BIT(0)
++#define CHANNEL_HALF BIT(1)
++#define CHANNEL_QUARTER BIT(2)
++#define CHANNEL_HT BIT(3)
++#define CHANNEL_HT40PLUS BIT(4)
++#define CHANNEL_HT40MINUS BIT(5)
++
++#define IS_CHAN_5GHZ(_c) (!!((_c)->channelFlags & CHANNEL_5GHZ))
++#define IS_CHAN_2GHZ(_c) (!IS_CHAN_5GHZ(_c))
++
++#define IS_CHAN_HALF_RATE(_c) (!!((_c)->channelFlags & CHANNEL_HALF))
++#define IS_CHAN_QUARTER_RATE(_c) (!!((_c)->channelFlags & CHANNEL_QUARTER))
+ #define IS_CHAN_A_FAST_CLOCK(_ah, _c) \
+- ((((_c)->channelFlags & CHANNEL_5GHZ) != 0) && \
+- ((_ah)->caps.hw_caps & ATH9K_HW_CAP_FASTCLOCK))
++ (IS_CHAN_5GHZ(_c) && ((_ah)->caps.hw_caps & ATH9K_HW_CAP_FASTCLOCK))
++
++#define IS_CHAN_HT(_c) ((_c)->channelFlags & CHANNEL_HT)
++
++#define IS_CHAN_HT20(_c) (IS_CHAN_HT(_c) && !IS_CHAN_HT40(_c))
+
+-/* These macros check chanmode and not channelFlags */
+-#define IS_CHAN_B(_c) ((_c)->chanmode == CHANNEL_B)
+-#define IS_CHAN_HT20(_c) (((_c)->chanmode == CHANNEL_A_HT20) || \
+- ((_c)->chanmode == CHANNEL_G_HT20))
+-#define IS_CHAN_HT40(_c) (((_c)->chanmode == CHANNEL_A_HT40PLUS) || \
+- ((_c)->chanmode == CHANNEL_A_HT40MINUS) || \
+- ((_c)->chanmode == CHANNEL_G_HT40PLUS) || \
+- ((_c)->chanmode == CHANNEL_G_HT40MINUS))
+-#define IS_CHAN_HT(_c) (IS_CHAN_HT20((_c)) || IS_CHAN_HT40((_c)))
++#define IS_CHAN_HT40(_c) \
++ (!!((_c)->channelFlags & (CHANNEL_HT40PLUS | CHANNEL_HT40MINUS)))
++
++#define IS_CHAN_HT40PLUS(_c) ((_c)->channelFlags & CHANNEL_HT40PLUS)
++#define IS_CHAN_HT40MINUS(_c) ((_c)->channelFlags & CHANNEL_HT40MINUS)
+
+ enum ath9k_power_mode {
+ ATH9K_PM_AWAKE = 0,
+@@ -716,11 +691,14 @@ struct ath_hw_ops {
+ struct ath_hw_antcomb_conf *antconf);
+ void (*antdiv_comb_conf_set)(struct ath_hw *ah,
+ struct ath_hw_antcomb_conf *antconf);
+- void (*antctrl_shared_chain_lnadiv)(struct ath_hw *hw, bool enable);
+ void (*spectral_scan_config)(struct ath_hw *ah,
+ struct ath_spec_scan *param);
+ void (*spectral_scan_trigger)(struct ath_hw *ah);
+ void (*spectral_scan_wait)(struct ath_hw *ah);
++
++#ifdef CPTCFG_ATH9K_BTCOEX_SUPPORT
++ void (*set_bt_ant_diversity)(struct ath_hw *hw, bool enable);
++#endif
+ };
+
+ struct ath_nf_limits {
+@@ -765,7 +743,6 @@ struct ath_hw {
+ bool aspm_enabled;
+ bool is_monitoring;
+ bool need_an_top2_fixup;
+- bool shared_chain_lnadiv;
+ u16 tx_trig_level;
+
+ u32 nf_regs[6];
+@@ -1019,7 +996,7 @@ void ath9k_hw_reset_tsf(struct ath_hw *a
+ void ath9k_hw_set_tsfadjust(struct ath_hw *ah, bool set);
+ void ath9k_hw_init_global_settings(struct ath_hw *ah);
+ u32 ar9003_get_pll_sqsum_dvc(struct ath_hw *ah);
+-void ath9k_hw_set11nmac2040(struct ath_hw *ah);
++void ath9k_hw_set11nmac2040(struct ath_hw *ah, struct ath9k_channel *chan);
+ void ath9k_hw_beaconinit(struct ath_hw *ah, u32 next_beacon, u32 beacon_period);
+ void ath9k_hw_set_sta_beacon_timers(struct ath_hw *ah,
+ const struct ath9k_beacon_state *bs);
+--- a/drivers/net/wireless/ath/ath9k/pci.c
++++ b/drivers/net/wireless/ath/ath9k/pci.c
+@@ -29,6 +29,60 @@ static DEFINE_PCI_DEVICE_TABLE(ath_pci_i
+ { PCI_VDEVICE(ATHEROS, 0x0027) }, /* PCI */
+ { PCI_VDEVICE(ATHEROS, 0x0029) }, /* PCI */
+ { PCI_VDEVICE(ATHEROS, 0x002A) }, /* PCI-E */
++
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ PCI_VENDOR_ID_AZWAVE,
++ 0x1C71),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ PCI_VENDOR_ID_FOXCONN,
++ 0xE01F),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ 0x11AD, /* LITEON */
++ 0x6632),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ 0x11AD, /* LITEON */
++ 0x6642),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ PCI_VENDOR_ID_QMI,
++ 0x0306),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ 0x185F, /* WNC */
++ 0x309D),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ 0x10CF, /* Fujitsu */
++ 0x147C),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ 0x10CF, /* Fujitsu */
++ 0x147D),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002A,
++ 0x10CF, /* Fujitsu */
++ 0x1536),
++ .driver_data = ATH9K_PCI_D3_L1_WAR },
++
++ /* AR9285 card for Asus */
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x002B,
++ PCI_VENDOR_ID_AZWAVE,
++ 0x2C37),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++
+ { PCI_VDEVICE(ATHEROS, 0x002B) }, /* PCI-E */
+ { PCI_VDEVICE(ATHEROS, 0x002C) }, /* PCI-E 802.11n bonded out */
+ { PCI_VDEVICE(ATHEROS, 0x002D) }, /* PCI */
+@@ -40,29 +94,106 @@ static DEFINE_PCI_DEVICE_TABLE(ath_pci_i
+ 0x0032,
+ PCI_VENDOR_ID_AZWAVE,
+ 0x2086),
+- .driver_data = ATH9K_PCI_CUS198 },
++ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
+ 0x0032,
+ PCI_VENDOR_ID_AZWAVE,
+ 0x1237),
+- .driver_data = ATH9K_PCI_CUS198 },
++ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
+ 0x0032,
+ PCI_VENDOR_ID_AZWAVE,
+ 0x2126),
+- .driver_data = ATH9K_PCI_CUS198 },
++ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_AZWAVE,
++ 0x126A),
++ .driver_data = ATH9K_PCI_CUS198 | ATH9K_PCI_BT_ANT_DIV },
+
+ /* PCI-E CUS230 */
+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
+ 0x0032,
+ PCI_VENDOR_ID_AZWAVE,
+ 0x2152),
+- .driver_data = ATH9K_PCI_CUS230 },
++ .driver_data = ATH9K_PCI_CUS230 | ATH9K_PCI_BT_ANT_DIV },
+ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
+ 0x0032,
+ PCI_VENDOR_ID_FOXCONN,
+ 0xE075),
+- .driver_data = ATH9K_PCI_CUS230 },
++ .driver_data = ATH9K_PCI_CUS230 | ATH9K_PCI_BT_ANT_DIV },
++
++ /* WB225 */
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_ATHEROS,
++ 0x3119),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_ATHEROS,
++ 0x3122),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ 0x185F, /* WNC */
++ 0x3119),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ 0x185F, /* WNC */
++ 0x3027),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0x4105),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0x4106),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0x410D),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0x410E),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0x410F),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0xC706),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0xC680),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_SAMSUNG,
++ 0xC708),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_LENOVO,
++ 0x3218),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
++ { PCI_DEVICE_SUB(PCI_VENDOR_ID_ATHEROS,
++ 0x0032,
++ PCI_VENDOR_ID_LENOVO,
++ 0x3219),
++ .driver_data = ATH9K_PCI_BT_ANT_DIV },
+
+ { PCI_VDEVICE(ATHEROS, 0x0032) }, /* PCI-E AR9485 */
+ { PCI_VDEVICE(ATHEROS, 0x0033) }, /* PCI-E AR9580 */
+@@ -229,6 +360,22 @@ static void ath_pci_aspm_init(struct ath
+ return;
+ }
+
++ /*
++ * 0x70c - Ack Frequency Register.
++ *
++ * Bits 27:29 - DEFAULT_L1_ENTRANCE_LATENCY.
++ *
++ * 000 : 1 us
++ * 001 : 2 us
++ * 010 : 4 us
++ * 011 : 8 us
++ * 100 : 16 us
++ * 101 : 32 us
++ * 110/111 : 64 us
++ */
++ if (AR_SREV_9462(ah))
++ pci_read_config_dword(pdev, 0x70c, &ah->config.aspm_l1_fix);
++
+ pcie_capability_read_word(parent, PCI_EXP_LNKCTL, &aspm);
+ if (aspm & (PCI_EXP_LNKCTL_ASPM_L0S | PCI_EXP_LNKCTL_ASPM_L1)) {
+ ah->aspm_enabled = true;
+--- a/drivers/net/wireless/ath/ath9k/phy.h
++++ b/drivers/net/wireless/ath/ath9k/phy.h
+@@ -48,4 +48,11 @@
+ #define AR_PHY_PLL_CONTROL 0x16180
+ #define AR_PHY_PLL_MODE 0x16184
+
++enum ath9k_ant_div_comb_lna_conf {
++ ATH_ANT_DIV_COMB_LNA1_MINUS_LNA2,
++ ATH_ANT_DIV_COMB_LNA2,
++ ATH_ANT_DIV_COMB_LNA1,
++ ATH_ANT_DIV_COMB_LNA1_PLUS_LNA2,
++};
++
+ #endif
+--- a/drivers/net/wireless/iwlwifi/mvm/time-event.c
++++ b/drivers/net/wireless/iwlwifi/mvm/time-event.c
+@@ -73,7 +73,6 @@
+ #include "iwl-prph.h"
- genlmsg_end(msg, hdr);
+ /* A TimeUnit is 1024 microsecond */
+-#define TU_TO_JIFFIES(_tu) (usecs_to_jiffies((_tu) * 1024))
+ #define MSEC_TO_TU(_msec) (_msec*1000/1024)
-- genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
-+ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
-+ nl80211_mlme_mcgrp.id, gfp);
- return;
+ /*
+@@ -191,8 +190,7 @@ static void iwl_mvm_te_handle_notif(stru
+ iwl_mvm_te_clear_data(mvm, te_data);
+ } else if (le32_to_cpu(notif->action) & TE_NOTIF_HOST_EVENT_START) {
+ te_data->running = true;
+- te_data->end_jiffies = jiffies +
+- TU_TO_JIFFIES(te_data->duration);
++ te_data->end_jiffies = TU_TO_EXP_TIME(te_data->duration);
- nla_put_failure:
---- a/net/wireless/reg.c
-+++ b/net/wireless/reg.c
-@@ -2279,7 +2279,9 @@ void wiphy_regulatory_deregister(struct
- static void reg_timeout_work(struct work_struct *work)
+ if (te_data->vif->type == NL80211_IFTYPE_P2P_DEVICE) {
+ set_bit(IWL_MVM_STATUS_ROC_RUNNING, &mvm->status);
+@@ -329,8 +327,7 @@ void iwl_mvm_protect_session(struct iwl_
+ lockdep_assert_held(&mvm->mutex);
+
+ if (te_data->running &&
+- time_after(te_data->end_jiffies,
+- jiffies + TU_TO_JIFFIES(min_duration))) {
++ time_after(te_data->end_jiffies, TU_TO_EXP_TIME(min_duration))) {
+ IWL_DEBUG_TE(mvm, "We have enough time in the current TE: %u\n",
+ jiffies_to_msecs(te_data->end_jiffies - jiffies));
+ return;
+--- a/include/linux/ieee80211.h
++++ b/include/linux/ieee80211.h
+@@ -2279,4 +2279,8 @@ static inline bool ieee80211_check_tim(c
+ return !!(tim->virtual_map[index] & mask);
+ }
+
++/* convert time units */
++#define TU_TO_JIFFIES(x) (usecs_to_jiffies((x) * 1024))
++#define TU_TO_EXP_TIME(x) (jiffies + TU_TO_JIFFIES(x))
++
+ #endif /* LINUX_IEEE80211_H */
+--- a/net/mac80211/rate.c
++++ b/net/mac80211/rate.c
+@@ -210,7 +210,7 @@ static bool rc_no_data_or_no_ack_use_min
+ !ieee80211_is_data(fc);
+ }
+
+-static void rc_send_low_broadcast(s8 *idx, u32 basic_rates,
++static void rc_send_low_basicrate(s8 *idx, u32 basic_rates,
+ struct ieee80211_supported_band *sband)
{
- REG_DBG_PRINT("Timeout while waiting for CRDA to reply, restoring regulatory settings\n");
-+ rtnl_lock();
- restore_regulatory_settings(true);
-+ rtnl_unlock();
+ u8 i;
+@@ -272,28 +272,37 @@ static void __rate_control_send_low(stru
}
- int __init regulatory_init(void)
---- a/net/wireless/sme.c
-+++ b/net/wireless/sme.c
-@@ -34,8 +34,10 @@ struct cfg80211_conn {
- CFG80211_CONN_SCAN_AGAIN,
- CFG80211_CONN_AUTHENTICATE_NEXT,
- CFG80211_CONN_AUTHENTICATING,
-+ CFG80211_CONN_AUTH_FAILED,
- CFG80211_CONN_ASSOCIATE_NEXT,
- CFG80211_CONN_ASSOCIATING,
-+ CFG80211_CONN_ASSOC_FAILED,
- CFG80211_CONN_DEAUTH,
- CFG80211_CONN_CONNECTED,
- } state;
-@@ -164,6 +166,8 @@ static int cfg80211_conn_do_work(struct
- NULL, 0,
- params->key, params->key_len,
- params->key_idx, NULL, 0);
-+ case CFG80211_CONN_AUTH_FAILED:
-+ return -ENOTCONN;
- case CFG80211_CONN_ASSOCIATE_NEXT:
- BUG_ON(!rdev->ops->assoc);
- wdev->conn->state = CFG80211_CONN_ASSOCIATING;
-@@ -188,10 +192,17 @@ static int cfg80211_conn_do_work(struct
- WLAN_REASON_DEAUTH_LEAVING,
- false);
- return err;
-+ case CFG80211_CONN_ASSOC_FAILED:
-+ cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
-+ NULL, 0,
-+ WLAN_REASON_DEAUTH_LEAVING, false);
-+ return -ENOTCONN;
- case CFG80211_CONN_DEAUTH:
- cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
- NULL, 0,
- WLAN_REASON_DEAUTH_LEAVING, false);
-+ /* free directly, disconnected event already sent */
-+ cfg80211_sme_free(wdev);
- return 0;
- default:
- return 0;
-@@ -371,7 +382,7 @@ bool cfg80211_sme_rx_assoc_resp(struct w
+
+-bool rate_control_send_low(struct ieee80211_sta *sta,
++bool rate_control_send_low(struct ieee80211_sta *pubsta,
+ void *priv_sta,
+ struct ieee80211_tx_rate_control *txrc)
+ {
+ struct ieee80211_tx_info *info = IEEE80211_SKB_CB(txrc->skb);
+ struct ieee80211_supported_band *sband = txrc->sband;
++ struct sta_info *sta;
+ int mcast_rate;
++ bool use_basicrate = false;
+
+- if (!sta || !priv_sta || rc_no_data_or_no_ack_use_min(txrc)) {
+- __rate_control_send_low(txrc->hw, sband, sta, info);
++ if (!pubsta || !priv_sta || rc_no_data_or_no_ack_use_min(txrc)) {
++ __rate_control_send_low(txrc->hw, sband, pubsta, info);
+
+- if (!sta && txrc->bss) {
++ if (!pubsta && txrc->bss) {
+ mcast_rate = txrc->bss_conf->mcast_rate[sband->band];
+ if (mcast_rate > 0) {
+ info->control.rates[0].idx = mcast_rate - 1;
+ return true;
+ }
++ use_basicrate = true;
++ } else if (pubsta) {
++ sta = container_of(pubsta, struct sta_info, sta);
++ if (ieee80211_vif_is_mesh(&sta->sdata->vif))
++ use_basicrate = true;
++ }
+
+- rc_send_low_broadcast(&info->control.rates[0].idx,
++ if (use_basicrate)
++ rc_send_low_basicrate(&info->control.rates[0].idx,
+ txrc->bss_conf->basic_rates,
+ sband);
+- }
++
return true;
}
-
-- wdev->conn->state = CFG80211_CONN_DEAUTH;
-+ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
- schedule_work(&rdev->conn_work);
return false;
+--- a/drivers/net/wireless/ath/ath9k/Kconfig
++++ b/drivers/net/wireless/ath/ath9k/Kconfig
+@@ -60,7 +60,7 @@ config ATH9K_AHB
+
+ config ATH9K_DEBUGFS
+ bool "Atheros ath9k debugging"
+- depends on ATH9K
++ depends on ATH9K && DEBUG_FS
+ select MAC80211_DEBUGFS
+ depends on RELAY
+ ---help---
+--- a/drivers/net/wireless/ath/ath9k/ar9002_hw.c
++++ b/drivers/net/wireless/ath/ath9k/ar9002_hw.c
+@@ -269,13 +269,12 @@ static void ar9002_hw_configpcipowersave
+ if (ah->config.pcie_waen & AR_WA_D3_L1_DISABLE)
+ val |= AR_WA_D3_L1_DISABLE;
+ } else {
+- if (((AR_SREV_9285(ah) ||
+- AR_SREV_9271(ah) ||
+- AR_SREV_9287(ah)) &&
+- (AR9285_WA_DEFAULT & AR_WA_D3_L1_DISABLE)) ||
+- (AR_SREV_9280(ah) &&
+- (AR9280_WA_DEFAULT & AR_WA_D3_L1_DISABLE))) {
+- val |= AR_WA_D3_L1_DISABLE;
++ if (AR_SREV_9285(ah) || AR_SREV_9271(ah) || AR_SREV_9287(ah)) {
++ if (AR9285_WA_DEFAULT & AR_WA_D3_L1_DISABLE)
++ val |= AR_WA_D3_L1_DISABLE;
++ } else if (AR_SREV_9280(ah)) {
++ if (AR9280_WA_DEFAULT & AR_WA_D3_L1_DISABLE)
++ val |= AR_WA_D3_L1_DISABLE;
+ }
+ }
+
+@@ -297,24 +296,18 @@ static void ar9002_hw_configpcipowersave
+ } else {
+ if (ah->config.pcie_waen) {
+ val = ah->config.pcie_waen;
+- if (!power_off)
+- val &= (~AR_WA_D3_L1_DISABLE);
++ val &= (~AR_WA_D3_L1_DISABLE);
+ } else {
+- if (AR_SREV_9285(ah) ||
+- AR_SREV_9271(ah) ||
+- AR_SREV_9287(ah)) {
++ if (AR_SREV_9285(ah) || AR_SREV_9271(ah) || AR_SREV_9287(ah)) {
+ val = AR9285_WA_DEFAULT;
+- if (!power_off)
+- val &= (~AR_WA_D3_L1_DISABLE);
+- }
+- else if (AR_SREV_9280(ah)) {
++ val &= (~AR_WA_D3_L1_DISABLE);
++ } else if (AR_SREV_9280(ah)) {
+ /*
+ * For AR9280 chips, bit 22 of 0x4004
+ * needs to be set.
+ */
+ val = AR9280_WA_DEFAULT;
+- if (!power_off)
+- val &= (~AR_WA_D3_L1_DISABLE);
++ val &= (~AR_WA_D3_L1_DISABLE);
+ } else {
+ val = AR_WA_DEFAULT;
+ }
+@@ -426,28 +419,10 @@ void ar9002_hw_load_ani_reg(struct ath_h
+ u32 modesIndex;
+ int i;
+
+- switch (chan->chanmode) {
+- case CHANNEL_A:
+- case CHANNEL_A_HT20:
+- modesIndex = 1;
+- break;
+- case CHANNEL_A_HT40PLUS:
+- case CHANNEL_A_HT40MINUS:
+- modesIndex = 2;
+- break;
+- case CHANNEL_G:
+- case CHANNEL_G_HT20:
+- case CHANNEL_B:
+- modesIndex = 4;
+- break;
+- case CHANNEL_G_HT40PLUS:
+- case CHANNEL_G_HT40MINUS:
+- modesIndex = 3;
+- break;
+-
+- default:
+- return;
+- }
++ if (IS_CHAN_5GHZ(chan))
++ modesIndex = IS_CHAN_HT40(chan) ? 2 : 1;
++ else
++ modesIndex = IS_CHAN_HT40(chan) ? 3 : 4;
+
+ ENABLE_REGWRITE_BUFFER(ah);
+
+--- a/drivers/net/wireless/ath/ath9k/ar9003_hw.c
++++ b/drivers/net/wireless/ath/ath9k/ar9003_hw.c
+@@ -153,7 +153,7 @@ static void ar9003_hw_init_mode_regs(str
+ if (!ah->is_clk_25mhz)
+ INIT_INI_ARRAY(&ah->iniAdditional,
+ ar9340_1p0_radio_core_40M);
+- } else if (AR_SREV_9485_11(ah)) {
++ } else if (AR_SREV_9485_11_OR_LATER(ah)) {
+ /* mac */
+ INIT_INI_ARRAY(&ah->iniMac[ATH_INI_CORE],
+ ar9485_1_1_mac_core);
+@@ -424,7 +424,7 @@ static void ar9003_tx_gain_table_mode0(s
+ else if (AR_SREV_9340(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9340Modes_lowest_ob_db_tx_gain_table_1p0);
+- else if (AR_SREV_9485_11(ah))
++ else if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9485_modes_lowest_ob_db_tx_gain_1_1);
+ else if (AR_SREV_9550(ah))
+@@ -458,7 +458,7 @@ static void ar9003_tx_gain_table_mode1(s
+ else if (AR_SREV_9340(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9340Modes_high_ob_db_tx_gain_table_1p0);
+- else if (AR_SREV_9485_11(ah))
++ else if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9485Modes_high_ob_db_tx_gain_1_1);
+ else if (AR_SREV_9580(ah))
+@@ -492,7 +492,7 @@ static void ar9003_tx_gain_table_mode2(s
+ else if (AR_SREV_9340(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9340Modes_low_ob_db_tx_gain_table_1p0);
+- else if (AR_SREV_9485_11(ah))
++ else if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9485Modes_low_ob_db_tx_gain_1_1);
+ else if (AR_SREV_9580(ah))
+@@ -517,7 +517,7 @@ static void ar9003_tx_gain_table_mode3(s
+ else if (AR_SREV_9340(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9340Modes_high_power_tx_gain_table_1p0);
+- else if (AR_SREV_9485_11(ah))
++ else if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9485Modes_high_power_tx_gain_1_1);
+ else if (AR_SREV_9580(ah))
+@@ -552,7 +552,7 @@ static void ar9003_tx_gain_table_mode4(s
+
+ static void ar9003_tx_gain_table_mode5(struct ath_hw *ah)
+ {
+- if (AR_SREV_9485_11(ah))
++ if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9485Modes_green_ob_db_tx_gain_1_1);
+ else if (AR_SREV_9340(ah))
+@@ -571,7 +571,7 @@ static void ar9003_tx_gain_table_mode6(s
+ if (AR_SREV_9340(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9340Modes_low_ob_db_and_spur_tx_gain_table_1p0);
+- else if (AR_SREV_9485_11(ah))
++ else if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesTxGain,
+ ar9485Modes_green_spur_ob_db_tx_gain_1_1);
+ else if (AR_SREV_9580(ah))
+@@ -611,7 +611,7 @@ static void ar9003_rx_gain_table_mode0(s
+ else if (AR_SREV_9340(ah))
+ INIT_INI_ARRAY(&ah->iniModesRxGain,
+ ar9340Common_rx_gain_table_1p0);
+- else if (AR_SREV_9485_11(ah))
++ else if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesRxGain,
+ ar9485_common_rx_gain_1_1);
+ else if (AR_SREV_9550(ah)) {
+@@ -644,7 +644,7 @@ static void ar9003_rx_gain_table_mode1(s
+ else if (AR_SREV_9340(ah))
+ INIT_INI_ARRAY(&ah->iniModesRxGain,
+ ar9340Common_wo_xlna_rx_gain_table_1p0);
+- else if (AR_SREV_9485_11(ah))
++ else if (AR_SREV_9485_11_OR_LATER(ah))
+ INIT_INI_ARRAY(&ah->iniModesRxGain,
+ ar9485Common_wo_xlna_rx_gain_1_1);
+ else if (AR_SREV_9462_21(ah))
+@@ -745,16 +745,25 @@ static void ar9003_hw_init_mode_gain_reg
+ static void ar9003_hw_configpcipowersave(struct ath_hw *ah,
+ bool power_off)
+ {
++ /*
++ * Increase L1 Entry Latency. Some WB222 boards don't have
++ * this change in eeprom/OTP.
++ *
++ */
++ if (AR_SREV_9462(ah)) {
++ u32 val = ah->config.aspm_l1_fix;
++ if ((val & 0xff000000) == 0x17000000) {
++ val &= 0x00ffffff;
++ val |= 0x27000000;
++ REG_WRITE(ah, 0x570c, val);
++ }
++ }
++
+ /* Nothing to do on restore for 11N */
+ if (!power_off /* !restore */) {
+ /* set bit 19 to allow forcing of pcie core into L1 state */
+ REG_SET_BIT(ah, AR_PCIE_PM_CTRL, AR_PCIE_PM_CTRL_ENA);
+-
+- /* Several PCIe massages to ensure proper behaviour */
+- if (ah->config.pcie_waen)
+- REG_WRITE(ah, AR_WA, ah->config.pcie_waen);
+- else
+- REG_WRITE(ah, AR_WA, ah->WARegVal);
++ REG_WRITE(ah, AR_WA, ah->WARegVal);
+ }
+
+ /*
+--- a/drivers/net/wireless/ath/ath9k/ar9003_mac.c
++++ b/drivers/net/wireless/ath/ath9k/ar9003_mac.c
+@@ -491,6 +491,7 @@ int ath9k_hw_process_rxdesc_edma(struct
+ rxs->rs_rate = MS(rxsp->status1, AR_RxRate);
+ rxs->rs_more = (rxsp->status2 & AR_RxMore) ? 1 : 0;
+
++ rxs->rs_firstaggr = (rxsp->status11 & AR_RxFirstAggr) ? 1 : 0;
+ rxs->rs_isaggr = (rxsp->status11 & AR_RxAggr) ? 1 : 0;
+ rxs->rs_moreaggr = (rxsp->status11 & AR_RxMoreAggr) ? 1 : 0;
+ rxs->rs_antenna = (MS(rxsp->status4, AR_RxAntenna) & 0x7);
+--- a/drivers/net/wireless/ath/ath9k/common.c
++++ b/drivers/net/wireless/ath/ath9k/common.c
+@@ -49,88 +49,64 @@ int ath9k_cmn_get_hw_crypto_keytype(stru
}
-@@ -383,7 +394,13 @@ void cfg80211_sme_deauth(struct wireless
+ EXPORT_SYMBOL(ath9k_cmn_get_hw_crypto_keytype);
- void cfg80211_sme_auth_timeout(struct wireless_dev *wdev)
+-static u32 ath9k_get_extchanmode(struct ieee80211_channel *chan,
+- enum nl80211_channel_type channel_type)
+-{
+- u32 chanmode = 0;
+-
+- switch (chan->band) {
+- case IEEE80211_BAND_2GHZ:
+- switch (channel_type) {
+- case NL80211_CHAN_NO_HT:
+- case NL80211_CHAN_HT20:
+- chanmode = CHANNEL_G_HT20;
+- break;
+- case NL80211_CHAN_HT40PLUS:
+- chanmode = CHANNEL_G_HT40PLUS;
+- break;
+- case NL80211_CHAN_HT40MINUS:
+- chanmode = CHANNEL_G_HT40MINUS;
+- break;
+- }
+- break;
+- case IEEE80211_BAND_5GHZ:
+- switch (channel_type) {
+- case NL80211_CHAN_NO_HT:
+- case NL80211_CHAN_HT20:
+- chanmode = CHANNEL_A_HT20;
+- break;
+- case NL80211_CHAN_HT40PLUS:
+- chanmode = CHANNEL_A_HT40PLUS;
+- break;
+- case NL80211_CHAN_HT40MINUS:
+- chanmode = CHANNEL_A_HT40MINUS;
+- break;
+- }
+- break;
+- default:
+- break;
+- }
+-
+- return chanmode;
+-}
+-
+ /*
+ * Update internal channel flags.
+ */
+-void ath9k_cmn_update_ichannel(struct ath9k_channel *ichan,
+- struct ieee80211_channel *chan,
+- enum nl80211_channel_type channel_type)
++static void ath9k_cmn_update_ichannel(struct ath9k_channel *ichan,
++ struct cfg80211_chan_def *chandef)
{
-- cfg80211_sme_free(wdev);
-+ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
++ struct ieee80211_channel *chan = chandef->chan;
++ u16 flags = 0;
+
-+ if (!wdev->conn)
-+ return;
+ ichan->channel = chan->center_freq;
+ ichan->chan = chan;
+
+- if (chan->band == IEEE80211_BAND_2GHZ) {
+- ichan->chanmode = CHANNEL_G;
+- ichan->channelFlags = CHANNEL_2GHZ | CHANNEL_OFDM;
+- } else {
+- ichan->chanmode = CHANNEL_A;
+- ichan->channelFlags = CHANNEL_5GHZ | CHANNEL_OFDM;
++ if (chan->band == IEEE80211_BAND_5GHZ)
++ flags |= CHANNEL_5GHZ;
+
-+ wdev->conn->state = CFG80211_CONN_AUTH_FAILED;
-+ schedule_work(&rdev->conn_work);
++ switch (chandef->width) {
++ case NL80211_CHAN_WIDTH_5:
++ flags |= CHANNEL_QUARTER;
++ break;
++ case NL80211_CHAN_WIDTH_10:
++ flags |= CHANNEL_HALF;
++ break;
++ case NL80211_CHAN_WIDTH_20_NOHT:
++ break;
++ case NL80211_CHAN_WIDTH_20:
++ flags |= CHANNEL_HT;
++ break;
++ case NL80211_CHAN_WIDTH_40:
++ if (chandef->center_freq1 > chandef->chan->center_freq)
++ flags |= CHANNEL_HT40PLUS | CHANNEL_HT;
++ else
++ flags |= CHANNEL_HT40MINUS | CHANNEL_HT;
++ break;
++ default:
++ WARN_ON(1);
+ }
+
+- if (channel_type != NL80211_CHAN_NO_HT)
+- ichan->chanmode = ath9k_get_extchanmode(chan, channel_type);
++ ichan->channelFlags = flags;
}
+-EXPORT_SYMBOL(ath9k_cmn_update_ichannel);
- void cfg80211_sme_disassoc(struct wireless_dev *wdev)
-@@ -399,7 +416,13 @@ void cfg80211_sme_disassoc(struct wirele
+ /*
+ * Get the internal channel reference.
+ */
+-struct ath9k_channel *ath9k_cmn_get_curchannel(struct ieee80211_hw *hw,
+- struct ath_hw *ah)
++struct ath9k_channel *ath9k_cmn_get_channel(struct ieee80211_hw *hw,
++ struct ath_hw *ah,
++ struct cfg80211_chan_def *chandef)
+ {
+- struct ieee80211_channel *curchan = hw->conf.chandef.chan;
++ struct ieee80211_channel *curchan = chandef->chan;
+ struct ath9k_channel *channel;
+ u8 chan_idx;
- void cfg80211_sme_assoc_timeout(struct wireless_dev *wdev)
+ chan_idx = curchan->hw_value;
+ channel = &ah->channels[chan_idx];
+- ath9k_cmn_update_ichannel(channel, curchan,
+- cfg80211_get_chandef_type(&hw->conf.chandef));
++ ath9k_cmn_update_ichannel(channel, chandef);
+
+ return channel;
+ }
+-EXPORT_SYMBOL(ath9k_cmn_get_curchannel);
++EXPORT_SYMBOL(ath9k_cmn_get_channel);
+
+ int ath9k_cmn_count_streams(unsigned int chainmask, int max)
{
-- cfg80211_sme_disassoc(wdev);
-+ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
+--- a/drivers/net/wireless/ath/ath9k/common.h
++++ b/drivers/net/wireless/ath/ath9k/common.h
+@@ -43,11 +43,9 @@
+ (((x) + ((mul)/2)) / (mul))
+
+ int ath9k_cmn_get_hw_crypto_keytype(struct sk_buff *skb);
+-void ath9k_cmn_update_ichannel(struct ath9k_channel *ichan,
+- struct ieee80211_channel *chan,
+- enum nl80211_channel_type channel_type);
+-struct ath9k_channel *ath9k_cmn_get_curchannel(struct ieee80211_hw *hw,
+- struct ath_hw *ah);
++struct ath9k_channel *ath9k_cmn_get_channel(struct ieee80211_hw *hw,
++ struct ath_hw *ah,
++ struct cfg80211_chan_def *chandef);
+ int ath9k_cmn_count_streams(unsigned int chainmask, int max);
+ void ath9k_cmn_btcoex_bt_stomp(struct ath_common *common,
+ enum ath_stomp_type stomp_type);
+--- a/drivers/net/wireless/ath/ath9k/hif_usb.c
++++ b/drivers/net/wireless/ath/ath9k/hif_usb.c
+@@ -115,10 +115,10 @@ static int hif_usb_send_regout(struct hi
+ cmd->skb = skb;
+ cmd->hif_dev = hif_dev;
+
+- usb_fill_bulk_urb(urb, hif_dev->udev,
+- usb_sndbulkpipe(hif_dev->udev, USB_REG_OUT_PIPE),
++ usb_fill_int_urb(urb, hif_dev->udev,
++ usb_sndintpipe(hif_dev->udev, USB_REG_OUT_PIPE),
+ skb->data, skb->len,
+- hif_usb_regout_cb, cmd);
++ hif_usb_regout_cb, cmd, 1);
+
+ usb_anchor_urb(urb, &hif_dev->regout_submitted);
+ ret = usb_submit_urb(urb, GFP_KERNEL);
+@@ -723,11 +723,11 @@ static void ath9k_hif_usb_reg_in_cb(stru
+ return;
+ }
+
+- usb_fill_bulk_urb(urb, hif_dev->udev,
+- usb_rcvbulkpipe(hif_dev->udev,
++ usb_fill_int_urb(urb, hif_dev->udev,
++ usb_rcvintpipe(hif_dev->udev,
+ USB_REG_IN_PIPE),
+ nskb->data, MAX_REG_IN_BUF_SIZE,
+- ath9k_hif_usb_reg_in_cb, nskb);
++ ath9k_hif_usb_reg_in_cb, nskb, 1);
+ }
+
+ resubmit:
+@@ -909,11 +909,11 @@ static int ath9k_hif_usb_alloc_reg_in_ur
+ goto err_skb;
+ }
+
+- usb_fill_bulk_urb(urb, hif_dev->udev,
+- usb_rcvbulkpipe(hif_dev->udev,
++ usb_fill_int_urb(urb, hif_dev->udev,
++ usb_rcvintpipe(hif_dev->udev,
+ USB_REG_IN_PIPE),
+ skb->data, MAX_REG_IN_BUF_SIZE,
+- ath9k_hif_usb_reg_in_cb, skb);
++ ath9k_hif_usb_reg_in_cb, skb, 1);
+
+ /* Anchor URB */
+ usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
+@@ -1031,9 +1031,7 @@ static int ath9k_hif_usb_download_fw(str
+
+ static int ath9k_hif_usb_dev_init(struct hif_device_usb *hif_dev)
+ {
+- struct usb_host_interface *alt = &hif_dev->interface->altsetting[0];
+- struct usb_endpoint_descriptor *endp;
+- int ret, idx;
++ int ret;
+
+ ret = ath9k_hif_usb_download_fw(hif_dev);
+ if (ret) {
+@@ -1043,20 +1041,6 @@ static int ath9k_hif_usb_dev_init(struct
+ return ret;
+ }
+
+- /* On downloading the firmware to the target, the USB descriptor of EP4
+- * is 'patched' to change the type of the endpoint to Bulk. This will
+- * bring down CPU usage during the scan period.
+- */
+- for (idx = 0; idx < alt->desc.bNumEndpoints; idx++) {
+- endp = &alt->endpoint[idx].desc;
+- if ((endp->bmAttributes & USB_ENDPOINT_XFERTYPE_MASK)
+- == USB_ENDPOINT_XFER_INT) {
+- endp->bmAttributes &= ~USB_ENDPOINT_XFERTYPE_MASK;
+- endp->bmAttributes |= USB_ENDPOINT_XFER_BULK;
+- endp->bInterval = 0;
+- }
+- }
+-
+ /* Alloc URBs */
+ ret = ath9k_hif_usb_alloc_urbs(hif_dev);
+ if (ret) {
+@@ -1268,7 +1252,7 @@ static void ath9k_hif_usb_reboot(struct
+ if (!buf)
+ return;
+
+- ret = usb_bulk_msg(udev, usb_sndbulkpipe(udev, USB_REG_OUT_PIPE),
++ ret = usb_interrupt_msg(udev, usb_sndintpipe(udev, USB_REG_OUT_PIPE),
+ buf, 4, NULL, HZ);
+ if (ret)
+ dev_err(&udev->dev, "ath9k_htc: USB reboot failed\n");
+--- a/drivers/net/wireless/ath/ath9k/htc_drv_main.c
++++ b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
+@@ -24,30 +24,10 @@
+ static enum htc_phymode ath9k_htc_get_curmode(struct ath9k_htc_priv *priv,
+ struct ath9k_channel *ichan)
+ {
+- enum htc_phymode mode;
+-
+- mode = -EINVAL;
+-
+- switch (ichan->chanmode) {
+- case CHANNEL_G:
+- case CHANNEL_G_HT20:
+- case CHANNEL_G_HT40PLUS:
+- case CHANNEL_G_HT40MINUS:
+- mode = HTC_MODE_11NG;
+- break;
+- case CHANNEL_A:
+- case CHANNEL_A_HT20:
+- case CHANNEL_A_HT40PLUS:
+- case CHANNEL_A_HT40MINUS:
+- mode = HTC_MODE_11NA;
+- break;
+- default:
+- break;
+- }
++ if (IS_CHAN_5GHZ(ichan))
++ return HTC_MODE_11NA;
+
+- WARN_ON(mode < 0);
+-
+- return mode;
++ return HTC_MODE_11NG;
+ }
+
+ bool ath9k_htc_setpower(struct ath9k_htc_priv *priv,
+@@ -926,7 +906,7 @@ static int ath9k_htc_start(struct ieee80
+ WMI_CMD(WMI_FLUSH_RECV_CMDID);
+
+ /* setup initial channel */
+- init_channel = ath9k_cmn_get_curchannel(hw, ah);
++ init_channel = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
+
+ ret = ath9k_hw_reset(ah, init_channel, ah->caldata, false);
+ if (ret) {
+@@ -1203,17 +1183,12 @@ static int ath9k_htc_config(struct ieee8
+
+ if ((changed & IEEE80211_CONF_CHANGE_CHANNEL) || chip_reset) {
+ struct ieee80211_channel *curchan = hw->conf.chandef.chan;
+- enum nl80211_channel_type channel_type =
+- cfg80211_get_chandef_type(&hw->conf.chandef);
+ int pos = curchan->hw_value;
+
+ ath_dbg(common, CONFIG, "Set channel: %d MHz\n",
+ curchan->center_freq);
+
+- ath9k_cmn_update_ichannel(&priv->ah->channels[pos],
+- hw->conf.chandef.chan,
+- channel_type);
+-
++ ath9k_cmn_get_channel(hw, priv->ah, &hw->conf.chandef);
+ if (ath9k_htc_set_channel(priv, hw, &priv->ah->channels[pos]) < 0) {
+ ath_err(common, "Unable to set channel\n");
+ ret = -EINVAL;
+--- a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
++++ b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
+@@ -448,6 +448,7 @@ static void ath9k_htc_tx_process(struct
+ struct ieee80211_conf *cur_conf = &priv->hw->conf;
+ bool txok;
+ int slot;
++ int hdrlen, padsize;
+
+ slot = strip_drv_header(priv, skb);
+ if (slot < 0) {
+@@ -504,6 +505,15 @@ send_mac80211:
+
+ ath9k_htc_tx_clear_slot(priv, slot);
+
++ /* Remove padding before handing frame back to mac80211 */
++ hdrlen = ieee80211_get_hdrlen_from_skb(skb);
+
-+ if (!wdev->conn)
-+ return;
++ padsize = hdrlen & 3;
++ if (padsize && skb->len > hdrlen + padsize) {
++ memmove(skb->data + padsize, skb->data, hdrlen);
++ skb_pull(skb, padsize);
++ }
+
-+ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
-+ schedule_work(&rdev->conn_work);
+ /* Send status to mac80211 */
+ ieee80211_tx_status(priv->hw, skb);
}
+--- a/drivers/net/wireless/ath/ath9k/link.c
++++ b/drivers/net/wireless/ath/ath9k/link.c
+@@ -41,7 +41,7 @@ void ath_tx_complete_poll_work(struct wo
+ txq->axq_tx_inprogress = true;
+ }
+ }
+- ath_txq_unlock_complete(sc, txq);
++ ath_txq_unlock(sc, txq);
+ }
- static int cfg80211_sme_connect(struct wireless_dev *wdev,
---- a/net/mac80211/rc80211_minstrel.c
-+++ b/net/mac80211/rc80211_minstrel.c
-@@ -290,7 +290,7 @@ minstrel_get_rate(void *priv, struct iee
- struct minstrel_rate *msr, *mr;
- unsigned int ndx;
- bool mrr_capable;
-- bool prev_sample = mi->prev_sample;
-+ bool prev_sample;
- int delta;
- int sampling_ratio;
+ if (needreset) {
+--- a/drivers/net/wireless/ath/ath9k/mac.c
++++ b/drivers/net/wireless/ath/ath9k/mac.c
+@@ -374,7 +374,6 @@ EXPORT_SYMBOL(ath9k_hw_releasetxqueue);
+ bool ath9k_hw_resettxqueue(struct ath_hw *ah, u32 q)
+ {
+ struct ath_common *common = ath9k_hw_common(ah);
+- struct ath9k_channel *chan = ah->curchan;
+ struct ath9k_tx_queue_info *qi;
+ u32 cwMin, chanCwMin, value;
-@@ -314,6 +314,7 @@ minstrel_get_rate(void *priv, struct iee
- (mi->sample_count + mi->sample_deferred / 2);
+@@ -387,10 +386,7 @@ bool ath9k_hw_resettxqueue(struct ath_hw
+ ath_dbg(common, QUEUE, "Reset TX queue: %u\n", q);
- /* delta < 0: no sampling required */
-+ prev_sample = mi->prev_sample;
- mi->prev_sample = false;
- if (delta < 0 || (!mrr_capable && prev_sample))
- return;
---- a/drivers/net/wireless/rt2x00/rt2x00queue.c
-+++ b/drivers/net/wireless/rt2x00/rt2x00queue.c
-@@ -936,13 +936,8 @@ void rt2x00queue_index_inc(struct queue_
- spin_unlock_irqrestore(&queue->index_lock, irqflags);
+ if (qi->tqi_cwmin == ATH9K_TXQ_USEDEFAULT) {
+- if (chan && IS_CHAN_B(chan))
+- chanCwMin = INIT_CWMIN_11B;
+- else
+- chanCwMin = INIT_CWMIN;
++ chanCwMin = INIT_CWMIN;
+
+ for (cwMin = 1; cwMin < chanCwMin; cwMin = (cwMin << 1) | 1);
+ } else
+@@ -583,9 +579,9 @@ int ath9k_hw_rxprocdesc(struct ath_hw *a
+ rs->rs_rate = MS(ads.ds_rxstatus0, AR_RxRate);
+ rs->rs_more = (ads.ds_rxstatus1 & AR_RxMore) ? 1 : 0;
+
++ rs->rs_firstaggr = (ads.ds_rxstatus8 & AR_RxFirstAggr) ? 1 : 0;
+ rs->rs_isaggr = (ads.ds_rxstatus8 & AR_RxAggr) ? 1 : 0;
+- rs->rs_moreaggr =
+- (ads.ds_rxstatus8 & AR_RxMoreAggr) ? 1 : 0;
++ rs->rs_moreaggr = (ads.ds_rxstatus8 & AR_RxMoreAggr) ? 1 : 0;
+ rs->rs_antenna = MS(ads.ds_rxstatus3, AR_RxAntenna);
+
+ /* directly mapped flags for ieee80211_rx_status */
+--- a/drivers/net/wireless/ath/ath9k/mac.h
++++ b/drivers/net/wireless/ath/ath9k/mac.h
+@@ -140,6 +140,7 @@ struct ath_rx_status {
+ int8_t rs_rssi_ext1;
+ int8_t rs_rssi_ext2;
+ u8 rs_isaggr;
++ u8 rs_firstaggr;
+ u8 rs_moreaggr;
+ u8 rs_num_delims;
+ u8 rs_flags;
+@@ -569,6 +570,7 @@ struct ar5416_desc {
+ #define AR_RxAggr 0x00020000
+ #define AR_PostDelimCRCErr 0x00040000
+ #define AR_RxStatusRsvd71 0x3ff80000
++#define AR_RxFirstAggr 0x20000000
+ #define AR_DecryptBusyErr 0x40000000
+ #define AR_KeyMiss 0x80000000
+
+@@ -601,8 +603,6 @@ enum ath9k_tx_queue_flags {
+ #define ATH9K_TXQ_USE_LOCKOUT_BKOFF_DIS 0x00000001
+
+ #define ATH9K_DECOMP_MASK_SIZE 128
+-#define ATH9K_READY_TIME_LO_BOUND 50
+-#define ATH9K_READY_TIME_HI_BOUND 96
+
+ enum ath9k_pkt_type {
+ ATH9K_PKT_TYPE_NORMAL = 0,
+--- a/drivers/net/wireless/ath/ath9k/rc.c
++++ b/drivers/net/wireless/ath/ath9k/rc.c
+@@ -1324,8 +1324,8 @@ static void ath_rate_update(void *priv,
+ ath_rc_init(sc, priv_sta);
+
+ ath_dbg(ath9k_hw_common(sc->sc_ah), CONFIG,
+- "Operating HT Bandwidth changed to: %d\n",
+- cfg80211_get_chandef_type(&sc->hw->conf.chandef));
++ "Operating Bandwidth changed to: %d\n",
++ sc->hw->conf.chandef.width);
+ }
}
--void rt2x00queue_pause_queue(struct data_queue *queue)
-+void rt2x00queue_pause_queue_nocheck(struct data_queue *queue)
- {
-- if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
-- !test_bit(QUEUE_STARTED, &queue->flags) ||
-- test_and_set_bit(QUEUE_PAUSED, &queue->flags))
-- return;
+--- a/drivers/net/wireless/ath/ath9k/reg.h
++++ b/drivers/net/wireless/ath/ath9k/reg.h
+@@ -893,9 +893,9 @@
+
+ #define AR_SREV_9485(_ah) \
+ (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9485))
+-#define AR_SREV_9485_11(_ah) \
+- (AR_SREV_9485(_ah) && \
+- ((_ah)->hw_version.macRev == AR_SREV_REVISION_9485_11))
++#define AR_SREV_9485_11_OR_LATER(_ah) \
++ (((_ah)->hw_version.macVersion == AR_SREV_VERSION_9485) && \
++ ((_ah)->hw_version.macRev >= AR_SREV_REVISION_9485_11))
+ #define AR_SREV_9485_OR_LATER(_ah) \
+ (((_ah)->hw_version.macVersion >= AR_SREV_VERSION_9485))
+
+--- a/net/mac80211/main.c
++++ b/net/mac80211/main.c
+@@ -101,7 +101,7 @@ static u32 ieee80211_hw_conf_chan(struct
+ struct ieee80211_sub_if_data *sdata;
+ struct cfg80211_chan_def chandef = {};
+ u32 changed = 0;
+- int power;
++ int power = 0;
+ u32 offchannel_flag;
+
+ offchannel_flag = local->hw.conf.flags & IEEE80211_CONF_OFFCHANNEL;
+@@ -155,16 +155,16 @@ static u32 ieee80211_hw_conf_chan(struct
+ changed |= IEEE80211_CONF_CHANGE_SMPS;
+ }
+
+- power = chandef.chan->max_power;
-
- switch (queue->qid) {
- case QID_AC_VO:
- case QID_AC_VI:
-@@ -958,6 +953,15 @@ void rt2x00queue_pause_queue(struct data
- break;
+ rcu_read_lock();
+ list_for_each_entry_rcu(sdata, &local->interfaces, list) {
+ if (!rcu_access_pointer(sdata->vif.chanctx_conf))
+ continue;
+- power = min(power, sdata->vif.bss_conf.txpower);
++ power = max(power, sdata->vif.bss_conf.txpower);
}
- }
-+void rt2x00queue_pause_queue(struct data_queue *queue)
-+{
-+ if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
-+ !test_bit(QUEUE_STARTED, &queue->flags) ||
-+ test_and_set_bit(QUEUE_PAUSED, &queue->flags))
-+ return;
+ rcu_read_unlock();
+
++ power = min(power, chandef.chan->max_power);
+
-+ rt2x00queue_pause_queue_nocheck(queue);
-+}
- EXPORT_SYMBOL_GPL(rt2x00queue_pause_queue);
+ if (local->hw.conf.power_level != power) {
+ changed |= IEEE80211_CONF_CHANGE_POWER;
+ local->hw.conf.power_level = power;
+--- a/net/mac80211/status.c
++++ b/net/mac80211/status.c
+@@ -180,6 +180,9 @@ static void ieee80211_frame_acked(struct
+ struct ieee80211_local *local = sta->local;
+ struct ieee80211_sub_if_data *sdata = sta->sdata;
- void rt2x00queue_unpause_queue(struct data_queue *queue)
-@@ -1019,7 +1023,7 @@ void rt2x00queue_stop_queue(struct data_
- return;
- }
++ if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
++ sta->last_rx = jiffies;
++
+ if (ieee80211_is_data_qos(mgmt->frame_control)) {
+ struct ieee80211_hdr *hdr = (void *) skb->data;
+ u8 *qc = ieee80211_get_qos_ctl(hdr);
+--- a/drivers/net/wireless/ath/ath9k/ani.c
++++ b/drivers/net/wireless/ath/ath9k/ani.c
+@@ -341,10 +341,9 @@ void ath9k_ani_reset(struct ath_hw *ah,
+ aniState->cckNoiseImmunityLevel !=
+ ATH9K_ANI_CCK_DEF_LEVEL) {
+ ath_dbg(common, ANI,
+- "Restore defaults: opmode %u chan %d Mhz/0x%x is_scanning=%d ofdm:%d cck:%d\n",
++ "Restore defaults: opmode %u chan %d Mhz is_scanning=%d ofdm:%d cck:%d\n",
+ ah->opmode,
+ chan->channel,
+- chan->channelFlags,
+ is_scanning,
+ aniState->ofdmNoiseImmunityLevel,
+ aniState->cckNoiseImmunityLevel);
+@@ -357,10 +356,9 @@ void ath9k_ani_reset(struct ath_hw *ah,
+ * restore historical levels for this channel
+ */
+ ath_dbg(common, ANI,
+- "Restore history: opmode %u chan %d Mhz/0x%x is_scanning=%d ofdm:%d cck:%d\n",
++ "Restore history: opmode %u chan %d Mhz is_scanning=%d ofdm:%d cck:%d\n",
+ ah->opmode,
+ chan->channel,
+- chan->channelFlags,
+ is_scanning,
+ aniState->ofdmNoiseImmunityLevel,
+ aniState->cckNoiseImmunityLevel);
+--- a/drivers/net/wireless/ath/ath9k/ar9002_calib.c
++++ b/drivers/net/wireless/ath/ath9k/ar9002_calib.c
+@@ -33,15 +33,12 @@ static bool ar9002_hw_is_cal_supported(s
+ bool supported = false;
+ switch (ah->supp_cals & cal_type) {
+ case IQ_MISMATCH_CAL:
+- /* Run IQ Mismatch for non-CCK only */
+- if (!IS_CHAN_B(chan))
+- supported = true;
++ supported = true;
+ break;
+ case ADC_GAIN_CAL:
+ case ADC_DC_CAL:
+ /* Run ADC Gain Cal for non-CCK & non 2GHz-HT20 only */
+- if (!IS_CHAN_B(chan) &&
+- !((IS_CHAN_2GHZ(chan) || IS_CHAN_A_FAST_CLOCK(ah, chan)) &&
++ if (!((IS_CHAN_2GHZ(chan) || IS_CHAN_A_FAST_CLOCK(ah, chan)) &&
+ IS_CHAN_HT20(chan)))
+ supported = true;
+ break;
+--- a/drivers/net/wireless/ath/ath9k/calib.c
++++ b/drivers/net/wireless/ath/ath9k/calib.c
+@@ -186,7 +186,6 @@ void ath9k_hw_reset_calibration(struct a
+ bool ath9k_hw_reset_calvalid(struct ath_hw *ah)
+ {
+ struct ath_common *common = ath9k_hw_common(ah);
+- struct ieee80211_conf *conf = &common->hw->conf;
+ struct ath9k_cal_list *currCal = ah->cal_list_curr;
-- rt2x00queue_pause_queue(queue);
-+ rt2x00queue_pause_queue_nocheck(queue);
+ if (!ah->caldata)
+@@ -208,7 +207,7 @@ bool ath9k_hw_reset_calvalid(struct ath_
+ return true;
- queue->rt2x00dev->ops->lib->stop_queue(queue);
+ ath_dbg(common, CALIBRATE, "Resetting Cal %d state for channel %u\n",
+- currCal->calData->calType, conf->chandef.chan->center_freq);
++ currCal->calData->calType, ah->curchan->chan->center_freq);
+
+ ah->caldata->CalValid &= ~currCal->calData->calType;
+ currCal->calState = CAL_WAITING;
+@@ -242,7 +241,6 @@ void ath9k_hw_loadnf(struct ath_hw *ah,
+ int32_t val;
+ u8 chainmask = (ah->rxchainmask << 3) | ah->rxchainmask;
+ struct ath_common *common = ath9k_hw_common(ah);
+- struct ieee80211_conf *conf = &common->hw->conf;
+ s16 default_nf = ath9k_hw_get_default_nf(ah, chan);
+
+ if (ah->caldata)
+@@ -252,7 +250,7 @@ void ath9k_hw_loadnf(struct ath_hw *ah,
+ if (chainmask & (1 << i)) {
+ s16 nfval;
+
+- if ((i >= AR5416_MAX_CHAINS) && !conf_is_ht40(conf))
++ if ((i >= AR5416_MAX_CHAINS) && !IS_CHAN_HT40(chan))
+ continue;
+
+ if (h)
+@@ -314,7 +312,7 @@ void ath9k_hw_loadnf(struct ath_hw *ah,
+ ENABLE_REGWRITE_BUFFER(ah);
+ for (i = 0; i < NUM_NF_READINGS; i++) {
+ if (chainmask & (1 << i)) {
+- if ((i >= AR5416_MAX_CHAINS) && !conf_is_ht40(conf))
++ if ((i >= AR5416_MAX_CHAINS) && !IS_CHAN_HT40(chan))
+ continue;
+
+ val = REG_READ(ah, ah->nf_regs[i]);
+@@ -408,7 +406,6 @@ void ath9k_init_nfcal_hist_buffer(struct
+
+ ah->caldata->channel = chan->channel;
+ ah->caldata->channelFlags = chan->channelFlags;
+- ah->caldata->chanmode = chan->chanmode;
+ h = ah->caldata->nfCalHist;
+ default_nf = ath9k_hw_get_default_nf(ah, chan);
+ for (i = 0; i < NUM_NF_READINGS; i++) {
+--- a/drivers/net/wireless/ath/ath9k/mci.c
++++ b/drivers/net/wireless/ath/ath9k/mci.c
+@@ -661,9 +661,9 @@ void ath9k_mci_update_wlan_channels(stru
+ chan_start = wlan_chan - 10;
+ chan_end = wlan_chan + 10;
+
+- if (chan->chanmode == CHANNEL_G_HT40PLUS)
++ if (IS_CHAN_HT40PLUS(chan))
+ chan_end += 20;
+- else if (chan->chanmode == CHANNEL_G_HT40MINUS)
++ else if (IS_CHAN_HT40MINUS(chan))
+ chan_start -= 20;
+
+ /* adjust side band */
+@@ -707,11 +707,11 @@ void ath9k_mci_set_txpower(struct ath_so
+ if (setchannel) {
+ struct ath9k_hw_cal_data *caldata = &sc->caldata;
+- if ((caldata->chanmode == CHANNEL_G_HT40PLUS) &&
++ if (IS_CHAN_HT40PLUS(ah->curchan) &&
+ (ah->curchan->channel > caldata->channel) &&
+ (ah->curchan->channel <= caldata->channel + 20))
+ return;
+- if ((caldata->chanmode == CHANNEL_G_HT40MINUS) &&
++ if (IS_CHAN_HT40MINUS(ah->curchan) &&
+ (ah->curchan->channel < caldata->channel) &&
+ (ah->curchan->channel >= caldata->channel - 20))
+ return;
projects / openwrt / svn-archive / archive.git / blobdiff