drivers/net/wireless/ath/carl9170/main.c

   1 /*
   2  * Atheros CARL9170 driver
   3  *
   4  * mac80211 interaction code
   5  *
   6  * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
   7  * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com>
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License
  20  * along with this program; see the file COPYING.  If not, see
  21  * http://www.gnu.org/licenses/.
  22  *
  23  * This file incorporates work covered by the following copyright and
  24  * permission notice:
  25  *    Copyright (c) 2007-2008 Atheros Communications, Inc.
  26  *
  27  *    Permission to use, copy, modify, and/or distribute this software for any
  28  *    purpose with or without fee is hereby granted, provided that the above
  29  *    copyright notice and this permission notice appear in all copies.
  30  *
  31  *    THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  32  *    WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  33  *    MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  34  *    ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  35  *    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  36  *    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  37  *    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  38  */
  39
  40 #include <linux/init.h>
  41 #include <linux/slab.h>
  42 #include <linux/module.h>
  43 #include <linux/etherdevice.h>
  44 #include <linux/random.h>
  45 #include <net/mac80211.h>
  46 #include <net/cfg80211.h>
  47 #include "hw.h"
  48 #include "carl9170.h"
  49 #include "cmd.h"
  50
  51 static int modparam_nohwcrypt;
  52 module_param_named(nohwcrypt, modparam_nohwcrypt, bool, S_IRUGO);
  53 MODULE_PARM_DESC(nohwcrypt, "Disable hardware crypto offload.");
  54
  55 int modparam_noht;
  56 module_param_named(noht, modparam_noht, int, S_IRUGO);
  57 MODULE_PARM_DESC(noht, "Disable MPDU aggregation.");
  58
  59 #define RATE(_bitrate, _hw_rate, _txpidx, _flags) {     \
  60         .bitrate        = (_bitrate),                   \
  61         .flags          = (_flags),                     \
  62         .hw_value       = (_hw_rate) | (_txpidx) << 4,  \
  63 }
  64
  65 struct ieee80211_rate __carl9170_ratetable[] = {
  66         RATE(10, 0, 0, 0),
  67         RATE(20, 1, 1, IEEE80211_RATE_SHORT_PREAMBLE),
  68         RATE(55, 2, 2, IEEE80211_RATE_SHORT_PREAMBLE),
  69         RATE(110, 3, 3, IEEE80211_RATE_SHORT_PREAMBLE),
  70         RATE(60, 0xb, 0, 0),
  71         RATE(90, 0xf, 0, 0),
  72         RATE(120, 0xa, 0, 0),
  73         RATE(180, 0xe, 0, 0),
  74         RATE(240, 0x9, 0, 0),
  75         RATE(360, 0xd, 1, 0),
  76         RATE(480, 0x8, 2, 0),
  77         RATE(540, 0xc, 3, 0),
  78 };
  79 #undef RATE
  80
  81 #define carl9170_g_ratetable    (__carl9170_ratetable + 0)
  82 #define carl9170_g_ratetable_size       12
  83 #define carl9170_a_ratetable    (__carl9170_ratetable + 4)
  84 #define carl9170_a_ratetable_size       8
  85
  86 /*
  87  * NB: The hw_value is used as an index into the carl9170_phy_freq_params
  88  *     array in phy.c so that we don't have to do frequency lookups!
  89  */
  90 #define CHAN(_freq, _idx) {             \
  91         .center_freq    = (_freq),      \
  92         .hw_value       = (_idx),       \
  93         .max_power      = 18, /* XXX */ \
  94 }
  95
  96 static struct ieee80211_channel carl9170_2ghz_chantable[] = {
  97         CHAN(2412,  0),
  98         CHAN(2417,  1),
  99         CHAN(2422,  2),
 100         CHAN(2427,  3),
 101         CHAN(2432,  4),
 102         CHAN(2437,  5),
 103         CHAN(2442,  6),
 104         CHAN(2447,  7),
 105         CHAN(2452,  8),
 106         CHAN(2457,  9),
 107         CHAN(2462, 10),
 108         CHAN(2467, 11),
 109         CHAN(2472, 12),
 110         CHAN(2484, 13),
 111 };
 112
 113 static struct ieee80211_channel carl9170_5ghz_chantable[] = {
 114         CHAN(4920, 14),
 115         CHAN(4940, 15),
 116         CHAN(4960, 16),
 117         CHAN(4980, 17),
 118         CHAN(5040, 18),
 119         CHAN(5060, 19),
 120         CHAN(5080, 20),
 121         CHAN(5180, 21),
 122         CHAN(5200, 22),
 123         CHAN(5220, 23),
 124         CHAN(5240, 24),
 125         CHAN(5260, 25),
 126         CHAN(5280, 26),
 127         CHAN(5300, 27),
 128         CHAN(5320, 28),
 129         CHAN(5500, 29),
 130         CHAN(5520, 30),
 131         CHAN(5540, 31),
 132         CHAN(5560, 32),
 133         CHAN(5580, 33),
 134         CHAN(5600, 34),
 135         CHAN(5620, 35),
 136         CHAN(5640, 36),
 137         CHAN(5660, 37),
 138         CHAN(5680, 38),
 139         CHAN(5700, 39),
 140         CHAN(5745, 40),
 141         CHAN(5765, 41),
 142         CHAN(5785, 42),
 143         CHAN(5805, 43),
 144         CHAN(5825, 44),
 145         CHAN(5170, 45),
 146         CHAN(5190, 46),
 147         CHAN(5210, 47),
 148         CHAN(5230, 48),
 149 };
 150 #undef CHAN
 151
 152 #define CARL9170_HT_CAP                                                 \
 153 {                                                                       \
 154         .ht_supported   = true,                                         \
 155         .cap            = IEEE80211_HT_CAP_MAX_AMSDU |                  \
 156                           IEEE80211_HT_CAP_SUP_WIDTH_20_40 |            \
 157                           IEEE80211_HT_CAP_SGI_40 |                     \
 158                           IEEE80211_HT_CAP_DSSSCCK40 |                  \
 159                           IEEE80211_HT_CAP_SM_PS,                       \
 160         .ampdu_factor   = IEEE80211_HT_MAX_AMPDU_64K,                   \
 161         .ampdu_density  = IEEE80211_HT_MPDU_DENSITY_8,                  \
 162         .mcs            = {                                             \
 163                 .rx_mask = { 0xff, 0xff, 0, 0, 0x1, 0, 0, 0, 0, 0, },   \
 164                 .rx_highest = cpu_to_le16(300),                         \
 165                 .tx_params = IEEE80211_HT_MCS_TX_DEFINED,               \
 166         },                                                              \
 167 }
 168
 169 static struct ieee80211_supported_band carl9170_band_2GHz = {
 170         .channels       = carl9170_2ghz_chantable,
 171         .n_channels     = ARRAY_SIZE(carl9170_2ghz_chantable),
 172         .bitrates       = carl9170_g_ratetable,
 173         .n_bitrates     = carl9170_g_ratetable_size,
 174         .ht_cap         = CARL9170_HT_CAP,
 175 };
 176
 177 static struct ieee80211_supported_band carl9170_band_5GHz = {
 178         .channels       = carl9170_5ghz_chantable,
 179         .n_channels     = ARRAY_SIZE(carl9170_5ghz_chantable),
 180         .bitrates       = carl9170_a_ratetable,
 181         .n_bitrates     = carl9170_a_ratetable_size,
 182         .ht_cap         = CARL9170_HT_CAP,
 183 };
 184
 185 static void carl9170_ampdu_gc(struct ar9170 *ar)
 186 {
 187         struct carl9170_sta_tid *tid_info;
 188         LIST_HEAD(tid_gc);
 189
 190         rcu_read_lock();
 191         list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
 192                 spin_lock_bh(&ar->tx_ampdu_list_lock);
 193                 if (tid_info->state == CARL9170_TID_STATE_SHUTDOWN) {
 194                         tid_info->state = CARL9170_TID_STATE_KILLED;
 195                         list_del_rcu(&tid_info->list);
 196                         ar->tx_ampdu_list_len--;
 197                         list_add_tail(&tid_info->tmp_list, &tid_gc);
 198                 }
 199                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
 200
 201         }
 202         rcu_assign_pointer(ar->tx_ampdu_iter, tid_info);
 203         rcu_read_unlock();
 204
 205         synchronize_rcu();
 206
 207         while (!list_empty(&tid_gc)) {
 208                 struct sk_buff *skb;
 209                 tid_info = list_first_entry(&tid_gc, struct carl9170_sta_tid,
 210                                             tmp_list);
 211
 212                 while ((skb = __skb_dequeue(&tid_info->queue)))
 213                         carl9170_tx_status(ar, skb, false);
 214
 215                 list_del_init(&tid_info->tmp_list);
 216                 kfree(tid_info);
 217         }
 218 }
 219
 220 static void carl9170_flush(struct ar9170 *ar, bool drop_queued)
 221 {
 222         if (drop_queued) {
 223                 int i;
 224
 225                 /*
 226                  * We can only drop frames which have not been uploaded
 227                  * to the device yet.
 228                  */
 229
 230                 for (i = 0; i < ar->hw->queues; i++) {
 231                         struct sk_buff *skb;
 232
 233                         while ((skb = skb_dequeue(&ar->tx_pending[i]))) {
 234                                 struct ieee80211_tx_info *info;
 235
 236                                 info = IEEE80211_SKB_CB(skb);
 237                                 if (info->flags & IEEE80211_TX_CTL_AMPDU)
 238                                         atomic_dec(&ar->tx_ampdu_upload);
 239
 240                                 carl9170_tx_status(ar, skb, false);
 241                         }
 242                 }
 243         }
 244
 245         /* Wait for all other outstanding frames to timeout. */
 246         if (atomic_read(&ar->tx_total_queued))
 247                 WARN_ON(wait_for_completion_timeout(&ar->tx_flush, HZ) == 0);
 248 }
 249
 250 static void carl9170_flush_ba(struct ar9170 *ar)
 251 {
 252         struct sk_buff_head free;
 253         struct carl9170_sta_tid *tid_info;
 254         struct sk_buff *skb;
 255
 256         __skb_queue_head_init(&free);
 257
 258         rcu_read_lock();
 259         spin_lock_bh(&ar->tx_ampdu_list_lock);
 260         list_for_each_entry_rcu(tid_info, &ar->tx_ampdu_list, list) {
 261                 if (tid_info->state > CARL9170_TID_STATE_SUSPEND) {
 262                         tid_info->state = CARL9170_TID_STATE_SUSPEND;
 263
 264                         spin_lock(&tid_info->lock);
 265                         while ((skb = __skb_dequeue(&tid_info->queue)))
 266                                 __skb_queue_tail(&free, skb);
 267                         spin_unlock(&tid_info->lock);
 268                 }
 269         }
 270         spin_unlock_bh(&ar->tx_ampdu_list_lock);
 271         rcu_read_unlock();
 272
 273         while ((skb = __skb_dequeue(&free)))
 274                 carl9170_tx_status(ar, skb, false);
 275 }
 276
 277 static void carl9170_zap_queues(struct ar9170 *ar)
 278 {
 279         struct carl9170_vif_info *cvif;
 280         unsigned int i;
 281
 282         carl9170_ampdu_gc(ar);
 283
 284         carl9170_flush_ba(ar);
 285         carl9170_flush(ar, true);
 286
 287         for (i = 0; i < ar->hw->queues; i++) {
 288                 spin_lock_bh(&ar->tx_status[i].lock);
 289                 while (!skb_queue_empty(&ar->tx_status[i])) {
 290                         struct sk_buff *skb;
 291
 292                         skb = skb_peek(&ar->tx_status[i]);
 293                         carl9170_tx_get_skb(skb);
 294                         spin_unlock_bh(&ar->tx_status[i].lock);
 295                         carl9170_tx_drop(ar, skb);
 296                         spin_lock_bh(&ar->tx_status[i].lock);
 297                         carl9170_tx_put_skb(skb);
 298                 }
 299                 spin_unlock_bh(&ar->tx_status[i].lock);
 300         }
 301
 302         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_SOFT < 1);
 303         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD < CARL9170_NUM_TX_LIMIT_SOFT);
 304         BUILD_BUG_ON(CARL9170_NUM_TX_LIMIT_HARD >= CARL9170_BAW_BITS);
 305
 306         /* reinitialize queues statistics */
 307         memset(&ar->tx_stats, 0, sizeof(ar->tx_stats));
 308         for (i = 0; i < ar->hw->queues; i++)
 309                 ar->tx_stats[i].limit = CARL9170_NUM_TX_LIMIT_HARD;
 310
 311         for (i = 0; i < DIV_ROUND_UP(ar->fw.mem_blocks, BITS_PER_LONG); i++)
 312                 ar->mem_bitmap[i] = 0;
 313
 314         rcu_read_lock();
 315         list_for_each_entry_rcu(cvif, &ar->vif_list, list) {
 316                 spin_lock_bh(&ar->beacon_lock);
 317                 dev_kfree_skb_any(cvif->beacon);
 318                 cvif->beacon = NULL;
 319                 spin_unlock_bh(&ar->beacon_lock);
 320         }
 321         rcu_read_unlock();
 322
 323         atomic_set(&ar->tx_ampdu_upload, 0);
 324         atomic_set(&ar->tx_ampdu_scheduler, 0);
 325         atomic_set(&ar->tx_total_pending, 0);
 326         atomic_set(&ar->tx_total_queued, 0);
 327         atomic_set(&ar->mem_free_blocks, ar->fw.mem_blocks);
 328 }
 329
 330 #define CARL9170_FILL_QUEUE(queue, ai_fs, cwmin, cwmax, _txop)          \
 331 do {                                                                    \
 332         queue.aifs = ai_fs;                                             \
 333         queue.cw_min = cwmin;                                           \
 334         queue.cw_max = cwmax;                                           \
 335         queue.txop = _txop;                                             \
 336 } while (0)
 337
 338 static int carl9170_op_start(struct ieee80211_hw *hw)
 339 {
 340         struct ar9170 *ar = hw->priv;
 341         int err, i;
 342
 343         mutex_lock(&ar->mutex);
 344
 345         carl9170_zap_queues(ar);
 346
 347         /* reset QoS defaults */
 348         CARL9170_FILL_QUEUE(ar->edcf[0], 3, 15, 1023,  0); /* BEST EFFORT */
 349         CARL9170_FILL_QUEUE(ar->edcf[1], 2, 7,    15, 94); /* VIDEO */
 350         CARL9170_FILL_QUEUE(ar->edcf[2], 2, 3,     7, 47); /* VOICE */
 351         CARL9170_FILL_QUEUE(ar->edcf[3], 7, 15, 1023,  0); /* BACKGROUND */
 352         CARL9170_FILL_QUEUE(ar->edcf[4], 2, 3,     7,  0); /* SPECIAL */
 353
 354         ar->current_factor = ar->current_density = -1;
 355         /* "The first key is unique." */
 356         ar->usedkeys = 1;
 357         ar->filter_state = 0;
 358         ar->ps.last_action = jiffies;
 359         ar->ps.last_slept = jiffies;
 360         ar->erp_mode = CARL9170_ERP_AUTO;
 361         ar->rx_software_decryption = false;
 362         ar->disable_offload = false;
 363
 364         for (i = 0; i < ar->hw->queues; i++) {
 365                 ar->queue_stop_timeout[i] = jiffies;
 366                 ar->max_queue_stop_timeout[i] = 0;
 367         }
 368
 369         atomic_set(&ar->mem_allocs, 0);
 370
 371         err = carl9170_usb_open(ar);
 372         if (err)
 373                 goto out;
 374
 375         err = carl9170_init_mac(ar);
 376         if (err)
 377                 goto out;
 378
 379         err = carl9170_set_qos(ar);
 380         if (err)
 381                 goto out;
 382
 383         if (ar->fw.rx_filter) {
 384                 err = carl9170_rx_filter(ar, CARL9170_RX_FILTER_OTHER_RA |
 385                         CARL9170_RX_FILTER_CTL_OTHER | CARL9170_RX_FILTER_BAD);
 386                 if (err)
 387                         goto out;
 388         }
 389
 390         err = carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER,
 391                                  AR9170_DMA_TRIGGER_RXQ);
 392         if (err)
 393                 goto out;
 394
 395         /* Clear key-cache */
 396         for (i = 0; i < AR9170_CAM_MAX_USER + 4; i++) {
 397                 err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
 398                                           0, NULL, 0);
 399                 if (err)
 400                         goto out;
 401
 402                 err = carl9170_upload_key(ar, i, NULL, AR9170_ENC_ALG_NONE,
 403                                           1, NULL, 0);
 404                 if (err)
 405                         goto out;
 406
 407                 if (i < AR9170_CAM_MAX_USER) {
 408                         err = carl9170_disable_key(ar, i);
 409                         if (err)
 410                                 goto out;
 411                 }
 412         }
 413
 414         carl9170_set_state_when(ar, CARL9170_IDLE, CARL9170_STARTED);
 415
 416         ieee80211_wake_queues(ar->hw);
 417         err = 0;
 418
 419 out:
 420         mutex_unlock(&ar->mutex);
 421         return err;
 422 }
 423
 424 static void carl9170_cancel_worker(struct ar9170 *ar)
 425 {
 426         cancel_delayed_work_sync(&ar->tx_janitor);
 427 #ifdef CONFIG_CARL9170_LEDS
 428         cancel_delayed_work_sync(&ar->led_work);
 429 #endif /* CONFIG_CARL9170_LEDS */
 430         cancel_work_sync(&ar->ps_work);
 431         cancel_work_sync(&ar->ping_work);
 432         cancel_work_sync(&ar->ampdu_work);
 433 }
 434
 435 static void carl9170_op_stop(struct ieee80211_hw *hw)
 436 {
 437         struct ar9170 *ar = hw->priv;
 438
 439         carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
 440
 441         ieee80211_stop_queues(ar->hw);
 442
 443         mutex_lock(&ar->mutex);
 444         if (IS_ACCEPTING_CMD(ar)) {
 445                 rcu_assign_pointer(ar->beacon_iter, NULL);
 446
 447                 carl9170_led_set_state(ar, 0);
 448
 449                 /* stop DMA */
 450                 carl9170_write_reg(ar, AR9170_MAC_REG_DMA_TRIGGER, 0);
 451                 carl9170_usb_stop(ar);
 452         }
 453
 454         carl9170_zap_queues(ar);
 455         mutex_unlock(&ar->mutex);
 456
 457         carl9170_cancel_worker(ar);
 458 }
 459
 460 static void carl9170_restart_work(struct work_struct *work)
 461 {
 462         struct ar9170 *ar = container_of(work, struct ar9170,
 463                                          restart_work);
 464         int err;
 465
 466         ar->usedkeys = 0;
 467         ar->filter_state = 0;
 468         carl9170_cancel_worker(ar);
 469
 470         mutex_lock(&ar->mutex);
 471         err = carl9170_usb_restart(ar);
 472         if (net_ratelimit()) {
 473                 if (err) {
 474                         dev_err(&ar->udev->dev, "Failed to restart device "
 475                                 " (%d).\n", err);
 476                  } else {
 477                         dev_info(&ar->udev->dev, "device restarted "
 478                                  "successfully.\n");
 479                 }
 480         }
 481
 482         carl9170_zap_queues(ar);
 483         mutex_unlock(&ar->mutex);
 484         if (!err) {
 485                 ar->restart_counter++;
 486                 atomic_set(&ar->pending_restarts, 0);
 487
 488                 ieee80211_restart_hw(ar->hw);
 489         } else {
 490                 /*
 491                  * The reset was unsuccessful and the device seems to
 492                  * be dead. But there's still one option: a low-level
 493                  * usb subsystem reset...
 494                  */
 495
 496                 carl9170_usb_reset(ar);
 497         }
 498 }
 499
 500 void carl9170_restart(struct ar9170 *ar, const enum carl9170_restart_reasons r)
 501 {
 502         carl9170_set_state_when(ar, CARL9170_STARTED, CARL9170_IDLE);
 503
 504         /*
 505          * Sometimes, an error can trigger several different reset events.
 506          * By ignoring these *surplus* reset events, the device won't be
 507          * killed again, right after it has recovered.
 508          */
 509         if (atomic_inc_return(&ar->pending_restarts) > 1) {
 510                 dev_dbg(&ar->udev->dev, "ignoring restart (%d)\n", r);
 511                 return;
 512         }
 513
 514         ieee80211_stop_queues(ar->hw);
 515
 516         dev_err(&ar->udev->dev, "restart device (%d)\n", r);
 517
 518         if (!WARN_ON(r == CARL9170_RR_NO_REASON) ||
 519             !WARN_ON(r >= __CARL9170_RR_LAST))
 520                 ar->last_reason = r;
 521
 522         if (!ar->registered)
 523                 return;
 524
 525         if (IS_ACCEPTING_CMD(ar) && !ar->needs_full_reset)
 526                 ieee80211_queue_work(ar->hw, &ar->restart_work);
 527         else
 528                 carl9170_usb_reset(ar);
 529
 530         /*
 531          * At this point, the device instance might have vanished/disabled.
 532          * So, don't put any code which access the ar9170 struct
 533          * without proper protection.
 534          */
 535 }
 536
 537 static void carl9170_ping_work(struct work_struct *work)
 538 {
 539         struct ar9170 *ar = container_of(work, struct ar9170, ping_work);
 540         int err;
 541
 542         if (!IS_STARTED(ar))
 543                 return;
 544
 545         mutex_lock(&ar->mutex);
 546         err = carl9170_echo_test(ar, 0xdeadbeef);
 547         if (err)
 548                 carl9170_restart(ar, CARL9170_RR_UNRESPONSIVE_DEVICE);
 549         mutex_unlock(&ar->mutex);
 550 }
 551
 552 static int carl9170_init_interface(struct ar9170 *ar,
 553                                    struct ieee80211_vif *vif)
 554 {
 555         struct ath_common *common = &ar->common;
 556         int err;
 557
 558         if (!vif) {
 559                 WARN_ON_ONCE(IS_STARTED(ar));
 560                 return 0;
 561         }
 562
 563         memcpy(common->macaddr, vif->addr, ETH_ALEN);
 564
 565         if (modparam_nohwcrypt ||
 566             ((vif->type != NL80211_IFTYPE_STATION) &&
 567              (vif->type != NL80211_IFTYPE_AP))) {
 568                 ar->rx_software_decryption = true;
 569                 ar->disable_offload = true;
 570         }
 571
 572         err = carl9170_set_operating_mode(ar);
 573         return err;
 574 }
 575
 576 static int carl9170_op_add_interface(struct ieee80211_hw *hw,
 577                                      struct ieee80211_vif *vif)
 578 {
 579         struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
 580         struct ieee80211_vif *main_vif;
 581         struct ar9170 *ar = hw->priv;
 582         int vif_id = -1, err = 0;
 583
 584         mutex_lock(&ar->mutex);
 585         rcu_read_lock();
 586         if (vif_priv->active) {
 587                 /*
 588                  * Skip the interface structure initialization,
 589                  * if the vif survived the _restart call.
 590                  */
 591                 vif_id = vif_priv->id;
 592                 vif_priv->enable_beacon = false;
 593
 594                 spin_lock_bh(&ar->beacon_lock);
 595                 dev_kfree_skb_any(vif_priv->beacon);
 596                 vif_priv->beacon = NULL;
 597                 spin_unlock_bh(&ar->beacon_lock);
 598
 599                 goto init;
 600         }
 601
 602         main_vif = carl9170_get_main_vif(ar);
 603
 604         if (main_vif) {
 605                 switch (main_vif->type) {
 606                 case NL80211_IFTYPE_STATION:
 607                         if (vif->type == NL80211_IFTYPE_STATION)
 608                                 break;
 609
 610                         err = -EBUSY;
 611                         rcu_read_unlock();
 612
 613                         goto unlock;
 614
 615                 case NL80211_IFTYPE_AP:
 616                         if ((vif->type == NL80211_IFTYPE_STATION) ||
 617                             (vif->type == NL80211_IFTYPE_WDS) ||
 618                             (vif->type == NL80211_IFTYPE_AP))
 619                                 break;
 620
 621                         err = -EBUSY;
 622                         rcu_read_unlock();
 623                         goto unlock;
 624
 625                 default:
 626                         rcu_read_unlock();
 627                         goto unlock;
 628                 }
 629         }
 630
 631         vif_id = bitmap_find_free_region(&ar->vif_bitmap, ar->fw.vif_num, 0);
 632
 633         if (vif_id < 0) {
 634                 rcu_read_unlock();
 635
 636                 err = -ENOSPC;
 637                 goto unlock;
 638         }
 639
 640         BUG_ON(ar->vif_priv[vif_id].id != vif_id);
 641
 642         vif_priv->active = true;
 643         vif_priv->id = vif_id;
 644         vif_priv->enable_beacon = false;
 645         ar->vifs++;
 646         list_add_tail_rcu(&vif_priv->list, &ar->vif_list);
 647         rcu_assign_pointer(ar->vif_priv[vif_id].vif, vif);
 648
 649 init:
 650         if (carl9170_get_main_vif(ar) == vif) {
 651                 rcu_assign_pointer(ar->beacon_iter, vif_priv);
 652                 rcu_read_unlock();
 653
 654                 err = carl9170_init_interface(ar, vif);
 655                 if (err)
 656                         goto unlock;
 657         } else {
 658                 rcu_read_unlock();
 659                 err = carl9170_mod_virtual_mac(ar, vif_id, vif->addr);
 660
 661                 if (err)
 662                         goto unlock;
 663         }
 664
 665         if (ar->fw.tx_seq_table) {
 666                 err = carl9170_write_reg(ar, ar->fw.tx_seq_table + vif_id * 4,
 667                                          0);
 668                 if (err)
 669                         goto unlock;
 670         }
 671
 672 unlock:
 673         if (err && (vif_id >= 0)) {
 674                 vif_priv->active = false;
 675                 bitmap_release_region(&ar->vif_bitmap, vif_id, 0);
 676                 ar->vifs--;
 677                 rcu_assign_pointer(ar->vif_priv[vif_id].vif, NULL);
 678                 list_del_rcu(&vif_priv->list);
 679                 mutex_unlock(&ar->mutex);
 680                 synchronize_rcu();
 681         } else {
 682                 if (ar->vifs > 1)
 683                         ar->ps.off_override |= PS_OFF_VIF;
 684
 685                 mutex_unlock(&ar->mutex);
 686         }
 687
 688         return err;
 689 }
 690
 691 static void carl9170_op_remove_interface(struct ieee80211_hw *hw,
 692                                          struct ieee80211_vif *vif)
 693 {
 694         struct carl9170_vif_info *vif_priv = (void *) vif->drv_priv;
 695         struct ieee80211_vif *main_vif;
 696         struct ar9170 *ar = hw->priv;
 697         unsigned int id;
 698
 699         mutex_lock(&ar->mutex);
 700
 701         if (WARN_ON_ONCE(!vif_priv->active))
 702                 goto unlock;
 703
 704         ar->vifs--;
 705
 706         rcu_read_lock();
 707         main_vif = carl9170_get_main_vif(ar);
 708
 709         id = vif_priv->id;
 710
 711         vif_priv->active = false;
 712         WARN_ON(vif_priv->enable_beacon);
 713         vif_priv->enable_beacon = false;
 714         list_del_rcu(&vif_priv->list);
 715         rcu_assign_pointer(ar->vif_priv[id].vif, NULL);
 716
 717         if (vif == main_vif) {
 718                 rcu_read_unlock();
 719
 720                 if (ar->vifs) {
 721                         WARN_ON(carl9170_init_interface(ar,
 722                                         carl9170_get_main_vif(ar)));
 723                 } else {
 724                         carl9170_set_operating_mode(ar);
 725                 }
 726         } else {
 727                 rcu_read_unlock();
 728
 729                 WARN_ON(carl9170_mod_virtual_mac(ar, id, NULL));
 730         }
 731
 732         carl9170_update_beacon(ar, false);
 733         carl9170_flush_cab(ar, id);
 734
 735         spin_lock_bh(&ar->beacon_lock);
 736         dev_kfree_skb_any(vif_priv->beacon);
 737         vif_priv->beacon = NULL;
 738         spin_unlock_bh(&ar->beacon_lock);
 739
 740         bitmap_release_region(&ar->vif_bitmap, id, 0);
 741
 742         carl9170_set_beacon_timers(ar);
 743
 744         if (ar->vifs == 1)
 745                 ar->ps.off_override &= ~PS_OFF_VIF;
 746
 747 unlock:
 748         mutex_unlock(&ar->mutex);
 749
 750         synchronize_rcu();
 751 }
 752
 753 void carl9170_ps_check(struct ar9170 *ar)
 754 {
 755         ieee80211_queue_work(ar->hw, &ar->ps_work);
 756 }
 757
 758 /* caller must hold ar->mutex */
 759 static int carl9170_ps_update(struct ar9170 *ar)
 760 {
 761         bool ps = false;
 762         int err = 0;
 763
 764         if (!ar->ps.off_override)
 765                 ps = (ar->hw->conf.flags & IEEE80211_CONF_PS);
 766
 767         if (ps != ar->ps.state) {
 768                 err = carl9170_powersave(ar, ps);
 769                 if (err)
 770                         return err;
 771
 772                 if (ar->ps.state && !ps) {
 773                         ar->ps.sleep_ms = jiffies_to_msecs(jiffies -
 774                                 ar->ps.last_action);
 775                 }
 776
 777                 if (ps)
 778                         ar->ps.last_slept = jiffies;
 779
 780                 ar->ps.last_action = jiffies;
 781                 ar->ps.state = ps;
 782         }
 783
 784         return 0;
 785 }
 786
 787 static void carl9170_ps_work(struct work_struct *work)
 788 {
 789         struct ar9170 *ar = container_of(work, struct ar9170,
 790                                          ps_work);
 791         mutex_lock(&ar->mutex);
 792         if (IS_STARTED(ar))
 793                 WARN_ON_ONCE(carl9170_ps_update(ar) != 0);
 794         mutex_unlock(&ar->mutex);
 795 }
 796
 797
 798 static int carl9170_op_config(struct ieee80211_hw *hw, u32 changed)
 799 {
 800         struct ar9170 *ar = hw->priv;
 801         int err = 0;
 802
 803         mutex_lock(&ar->mutex);
 804         if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
 805                 /* TODO */
 806                 err = 0;
 807         }
 808
 809         if (changed & IEEE80211_CONF_CHANGE_PS) {
 810                 err = carl9170_ps_update(ar);
 811                 if (err)
 812                         goto out;
 813         }
 814
 815         if (changed & IEEE80211_CONF_CHANGE_POWER) {
 816                 /* TODO */
 817                 err = 0;
 818         }
 819
 820         if (changed & IEEE80211_CONF_CHANGE_SMPS) {
 821                 /* TODO */
 822                 err = 0;
 823         }
 824
 825         if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
 826                 /* adjust slot time for 5 GHz */
 827                 err = carl9170_set_slot_time(ar);
 828                 if (err)
 829                         goto out;
 830
 831                 err = carl9170_set_channel(ar, hw->conf.channel,
 832                         hw->conf.channel_type, CARL9170_RFI_NONE);
 833                 if (err)
 834                         goto out;
 835
 836                 err = carl9170_set_dyn_sifs_ack(ar);
 837                 if (err)
 838                         goto out;
 839
 840                 err = carl9170_set_rts_cts_rate(ar);
 841                 if (err)
 842                         goto out;
 843         }
 844
 845 out:
 846         mutex_unlock(&ar->mutex);
 847         return err;
 848 }
 849
 850 static u64 carl9170_op_prepare_multicast(struct ieee80211_hw *hw,
 851                                          struct netdev_hw_addr_list *mc_list)
 852 {
 853         struct netdev_hw_addr *ha;
 854         u64 mchash;
 855
 856         /* always get broadcast frames */
 857         mchash = 1ULL << (0xff >> 2);
 858
 859         netdev_hw_addr_list_for_each(ha, mc_list)
 860                 mchash |= 1ULL << (ha->addr[5] >> 2);
 861
 862         return mchash;
 863 }
 864
 865 static void carl9170_op_configure_filter(struct ieee80211_hw *hw,
 866                                          unsigned int changed_flags,
 867                                          unsigned int *new_flags,
 868                                          u64 multicast)
 869 {
 870         struct ar9170 *ar = hw->priv;
 871
 872         /* mask supported flags */
 873         *new_flags &= FIF_ALLMULTI | ar->rx_filter_caps;
 874
 875         if (!IS_ACCEPTING_CMD(ar))
 876                 return;
 877
 878         mutex_lock(&ar->mutex);
 879
 880         ar->filter_state = *new_flags;
 881         /*
 882          * We can support more by setting the sniffer bit and
 883          * then checking the error flags, later.
 884          */
 885
 886         if (changed_flags & FIF_ALLMULTI && *new_flags & FIF_ALLMULTI)
 887                 multicast = ~0ULL;
 888
 889         if (multicast != ar->cur_mc_hash)
 890                 WARN_ON(carl9170_update_multicast(ar, multicast));
 891
 892         if (changed_flags & (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS)) {
 893                 ar->sniffer_enabled = !!(*new_flags &
 894                         (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS));
 895
 896                 WARN_ON(carl9170_set_operating_mode(ar));
 897         }
 898
 899         if (ar->fw.rx_filter && changed_flags & ar->rx_filter_caps) {
 900                 u32 rx_filter = 0;
 901
 902                 if (!(*new_flags & (FIF_FCSFAIL | FIF_PLCPFAIL)))
 903                         rx_filter |= CARL9170_RX_FILTER_BAD;
 904
 905                 if (!(*new_flags & FIF_CONTROL))
 906                         rx_filter |= CARL9170_RX_FILTER_CTL_OTHER;
 907
 908                 if (!(*new_flags & FIF_PSPOLL))
 909                         rx_filter |= CARL9170_RX_FILTER_CTL_PSPOLL;
 910
 911                 if (!(*new_flags & (FIF_OTHER_BSS | FIF_PROMISC_IN_BSS))) {
 912                         rx_filter |= CARL9170_RX_FILTER_OTHER_RA;
 913                         rx_filter |= CARL9170_RX_FILTER_DECRY_FAIL;
 914                 }
 915
 916                 WARN_ON(carl9170_rx_filter(ar, rx_filter));
 917         }
 918
 919         mutex_unlock(&ar->mutex);
 920 }
 921
 922
 923 static void carl9170_op_bss_info_changed(struct ieee80211_hw *hw,
 924                                          struct ieee80211_vif *vif,
 925                                          struct ieee80211_bss_conf *bss_conf,
 926                                          u32 changed)
 927 {
 928         struct ar9170 *ar = hw->priv;
 929         struct ath_common *common = &ar->common;
 930         int err = 0;
 931         struct carl9170_vif_info *vif_priv;
 932         struct ieee80211_vif *main_vif;
 933
 934         mutex_lock(&ar->mutex);
 935         vif_priv = (void *) vif->drv_priv;
 936         main_vif = carl9170_get_main_vif(ar);
 937         if (WARN_ON(!main_vif))
 938                 goto out;
 939
 940         if (changed & BSS_CHANGED_BEACON_ENABLED) {
 941                 struct carl9170_vif_info *iter;
 942                 int i = 0;
 943
 944                 vif_priv->enable_beacon = bss_conf->enable_beacon;
 945                 rcu_read_lock();
 946                 list_for_each_entry_rcu(iter, &ar->vif_list, list) {
 947                         if (iter->active && iter->enable_beacon)
 948                                 i++;
 949
 950                 }
 951                 rcu_read_unlock();
 952
 953                 ar->beacon_enabled = i;
 954         }
 955
 956         if (changed & BSS_CHANGED_BEACON) {
 957                 err = carl9170_update_beacon(ar, false);
 958                 if (err)
 959                         goto out;
 960         }
 961
 962         if (changed & (BSS_CHANGED_BEACON_ENABLED | BSS_CHANGED_BEACON |
 963                        BSS_CHANGED_BEACON_INT)) {
 964
 965                 if (main_vif != vif) {
 966                         bss_conf->beacon_int = main_vif->bss_conf.beacon_int;
 967                         bss_conf->dtim_period = main_vif->bss_conf.dtim_period;
 968                 }
 969
 970                 /*
 971                  * Therefore a hard limit for the broadcast traffic should
 972                  * prevent false alarms.
 973                  */
 974                 if (vif->type != NL80211_IFTYPE_STATION &&
 975                     (bss_conf->beacon_int * bss_conf->dtim_period >=
 976                      (CARL9170_QUEUE_STUCK_TIMEOUT / 2))) {
 977                         err = -EINVAL;
 978                         goto out;
 979                 }
 980
 981                 err = carl9170_set_beacon_timers(ar);
 982                 if (err)
 983                         goto out;
 984         }
 985
 986         if (changed & BSS_CHANGED_HT) {
 987                 /* TODO */
 988                 err = 0;
 989                 if (err)
 990                         goto out;
 991         }
 992
 993         if (main_vif != vif)
 994                 goto out;
 995
 996         /*
 997          * The following settings can only be changed by the
 998          * master interface.
 999          */
1000
1001         if (changed & BSS_CHANGED_BSSID) {
1002                 memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
1003                 err = carl9170_set_operating_mode(ar);
1004                 if (err)
1005                         goto out;
1006         }
1007
1008         if (changed & BSS_CHANGED_ASSOC) {
1009                 ar->common.curaid = bss_conf->aid;
1010                 err = carl9170_set_beacon_timers(ar);
1011                 if (err)
1012                         goto out;
1013         }
1014
1015         if (changed & BSS_CHANGED_ERP_SLOT) {
1016                 err = carl9170_set_slot_time(ar);
1017                 if (err)
1018                         goto out;
1019         }
1020
1021         if (changed & BSS_CHANGED_BASIC_RATES) {
1022                 err = carl9170_set_mac_rates(ar);
1023                 if (err)
1024                         goto out;
1025         }
1026
1027 out:
1028         WARN_ON_ONCE(err && IS_STARTED(ar));
1029         mutex_unlock(&ar->mutex);
1030 }
1031
1032 static u64 carl9170_op_get_tsf(struct ieee80211_hw *hw)
1033 {
1034         struct ar9170 *ar = hw->priv;
1035         struct carl9170_tsf_rsp tsf;
1036         int err;
1037
1038         mutex_lock(&ar->mutex);
1039         err = carl9170_exec_cmd(ar, CARL9170_CMD_READ_TSF,
1040                                 0, NULL, sizeof(tsf), &tsf);
1041         mutex_unlock(&ar->mutex);
1042         if (WARN_ON(err))
1043                 return 0;
1044
1045         return le64_to_cpu(tsf.tsf_64);
1046 }
1047
1048 static int carl9170_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
1049                                struct ieee80211_vif *vif,
1050                                struct ieee80211_sta *sta,
1051                                struct ieee80211_key_conf *key)
1052 {
1053         struct ar9170 *ar = hw->priv;
1054         int err = 0, i;
1055         u8 ktype;
1056
1057         if (ar->disable_offload || !vif)
1058                 return -EOPNOTSUPP;
1059
1060         /*
1061          * We have to fall back to software encryption, whenever
1062          * the user choose to participates in an IBSS or is connected
1063          * to more than one network.
1064          *
1065          * This is very unfortunate, because some machines cannot handle
1066          * the high througput speed in 802.11n networks.
1067          */
1068
1069         if (!is_main_vif(ar, vif))
1070                 goto err_softw;
1071
1072         /*
1073          * While the hardware supports *catch-all* key, for offloading
1074          * group-key en-/de-cryption. The way of how the hardware
1075          * decides which keyId maps to which key, remains a mystery...
1076          */
1077         if ((vif->type != NL80211_IFTYPE_STATION &&
1078              vif->type != NL80211_IFTYPE_ADHOC) &&
1079             !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
1080                 return -EOPNOTSUPP;
1081
1082         switch (key->cipher) {
1083         case WLAN_CIPHER_SUITE_WEP40:
1084                 ktype = AR9170_ENC_ALG_WEP64;
1085                 break;
1086         case WLAN_CIPHER_SUITE_WEP104:
1087                 ktype = AR9170_ENC_ALG_WEP128;
1088                 break;
1089         case WLAN_CIPHER_SUITE_TKIP:
1090                 ktype = AR9170_ENC_ALG_TKIP;
1091                 break;
1092         case WLAN_CIPHER_SUITE_CCMP:
1093                 ktype = AR9170_ENC_ALG_AESCCMP;
1094                 break;
1095         default:
1096                 return -EOPNOTSUPP;
1097         }
1098
1099         mutex_lock(&ar->mutex);
1100         if (cmd == SET_KEY) {
1101                 if (!IS_STARTED(ar)) {
1102                         err = -EOPNOTSUPP;
1103                         goto out;
1104                 }
1105
1106                 if (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
1107                         sta = NULL;
1108
1109                         i = 64 + key->keyidx;
1110                 } else {
1111                         for (i = 0; i < 64; i++)
1112                                 if (!(ar->usedkeys & BIT(i)))
1113                                         break;
1114                         if (i == 64)
1115                                 goto err_softw;
1116                 }
1117
1118                 key->hw_key_idx = i;
1119
1120                 err = carl9170_upload_key(ar, i, sta ? sta->addr : NULL,
1121                                           ktype, 0, key->key,
1122                                           min_t(u8, 16, key->keylen));
1123                 if (err)
1124                         goto out;
1125
1126                 if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
1127                         err = carl9170_upload_key(ar, i, sta ? sta->addr :
1128                                                   NULL, ktype, 1,
1129                                                   key->key + 16, 16);
1130                         if (err)
1131                                 goto out;
1132
1133                         /*
1134                          * hardware is not capable generating MMIC
1135                          * of fragmented frames!
1136                          */
1137                         key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
1138                 }
1139
1140                 if (i < 64)
1141                         ar->usedkeys |= BIT(i);
1142
1143                 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
1144         } else {
1145                 if (!IS_STARTED(ar)) {
1146                         /* The device is gone... together with the key ;-) */
1147                         err = 0;
1148                         goto out;
1149                 }
1150
1151                 if (key->hw_key_idx < 64) {
1152                         ar->usedkeys &= ~BIT(key->hw_key_idx);
1153                 } else {
1154                         err = carl9170_upload_key(ar, key->hw_key_idx, NULL,
1155                                                   AR9170_ENC_ALG_NONE, 0,
1156                                                   NULL, 0);
1157                         if (err)
1158                                 goto out;
1159
1160                         if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
1161                                 err = carl9170_upload_key(ar, key->hw_key_idx,
1162                                                           NULL,
1163                                                           AR9170_ENC_ALG_NONE,
1164                                                           1, NULL, 0);
1165                                 if (err)
1166                                         goto out;
1167                         }
1168
1169                 }
1170
1171                 err = carl9170_disable_key(ar, key->hw_key_idx);
1172                 if (err)
1173                         goto out;
1174         }
1175
1176 out:
1177         mutex_unlock(&ar->mutex);
1178         return err;
1179
1180 err_softw:
1181         if (!ar->rx_software_decryption) {
1182                 ar->rx_software_decryption = true;
1183                 carl9170_set_operating_mode(ar);
1184         }
1185         mutex_unlock(&ar->mutex);
1186         return -ENOSPC;
1187 }
1188
1189 static int carl9170_op_sta_add(struct ieee80211_hw *hw,
1190                                struct ieee80211_vif *vif,
1191                                struct ieee80211_sta *sta)
1192 {
1193         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1194         unsigned int i;
1195
1196         if (sta->ht_cap.ht_supported) {
1197                 if (sta->ht_cap.ampdu_density > 6) {
1198                         /*
1199                          * HW does support 16us AMPDU density.
1200                          * No HT-Xmit for station.
1201                          */
1202
1203                         return 0;
1204                 }
1205
1206                 for (i = 0; i < CARL9170_NUM_TID; i++)
1207                         rcu_assign_pointer(sta_info->agg[i], NULL);
1208
1209                 sta_info->ampdu_max_len = 1 << (3 + sta->ht_cap.ampdu_factor);
1210                 sta_info->ht_sta = true;
1211         }
1212
1213         return 0;
1214 }
1215
1216 static int carl9170_op_sta_remove(struct ieee80211_hw *hw,
1217                                 struct ieee80211_vif *vif,
1218                                 struct ieee80211_sta *sta)
1219 {
1220         struct ar9170 *ar = hw->priv;
1221         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1222         unsigned int i;
1223         bool cleanup = false;
1224
1225         if (sta->ht_cap.ht_supported) {
1226
1227                 sta_info->ht_sta = false;
1228
1229                 rcu_read_lock();
1230                 for (i = 0; i < CARL9170_NUM_TID; i++) {
1231                         struct carl9170_sta_tid *tid_info;
1232
1233                         tid_info = rcu_dereference(sta_info->agg[i]);
1234                         rcu_assign_pointer(sta_info->agg[i], NULL);
1235
1236                         if (!tid_info)
1237                                 continue;
1238
1239                         spin_lock_bh(&ar->tx_ampdu_list_lock);
1240                         if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
1241                                 tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
1242                         spin_unlock_bh(&ar->tx_ampdu_list_lock);
1243                         cleanup = true;
1244                 }
1245                 rcu_read_unlock();
1246
1247                 if (cleanup)
1248                         carl9170_ampdu_gc(ar);
1249         }
1250
1251         return 0;
1252 }
1253
1254 static int carl9170_op_conf_tx(struct ieee80211_hw *hw, u16 queue,
1255                                const struct ieee80211_tx_queue_params *param)
1256 {
1257         struct ar9170 *ar = hw->priv;
1258         int ret;
1259
1260         mutex_lock(&ar->mutex);
1261         if (queue < ar->hw->queues) {
1262                 memcpy(&ar->edcf[ar9170_qmap[queue]], param, sizeof(*param));
1263                 ret = carl9170_set_qos(ar);
1264         } else {
1265                 ret = -EINVAL;
1266         }
1267
1268         mutex_unlock(&ar->mutex);
1269         return ret;
1270 }
1271
1272 static void carl9170_ampdu_work(struct work_struct *work)
1273 {
1274         struct ar9170 *ar = container_of(work, struct ar9170,
1275                                          ampdu_work);
1276
1277         if (!IS_STARTED(ar))
1278                 return;
1279
1280         mutex_lock(&ar->mutex);
1281         carl9170_ampdu_gc(ar);
1282         mutex_unlock(&ar->mutex);
1283 }
1284
1285 static int carl9170_op_ampdu_action(struct ieee80211_hw *hw,
1286                                     struct ieee80211_vif *vif,
1287                                     enum ieee80211_ampdu_mlme_action action,
1288                                     struct ieee80211_sta *sta,
1289                                     u16 tid, u16 *ssn, u8 buf_size)
1290 {
1291         struct ar9170 *ar = hw->priv;
1292         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1293         struct carl9170_sta_tid *tid_info;
1294
1295         if (modparam_noht)
1296                 return -EOPNOTSUPP;
1297
1298         switch (action) {
1299         case IEEE80211_AMPDU_TX_START:
1300                 if (!sta_info->ht_sta)
1301                         return -EOPNOTSUPP;
1302
1303                 rcu_read_lock();
1304                 if (rcu_dereference(sta_info->agg[tid])) {
1305                         rcu_read_unlock();
1306                         return -EBUSY;
1307                 }
1308
1309                 tid_info = kzalloc(sizeof(struct carl9170_sta_tid),
1310                                    GFP_ATOMIC);
1311                 if (!tid_info) {
1312                         rcu_read_unlock();
1313                         return -ENOMEM;
1314                 }
1315
1316                 tid_info->hsn = tid_info->bsn = tid_info->snx = (*ssn);
1317                 tid_info->state = CARL9170_TID_STATE_PROGRESS;
1318                 tid_info->tid = tid;
1319                 tid_info->max = sta_info->ampdu_max_len;
1320
1321                 INIT_LIST_HEAD(&tid_info->list);
1322                 INIT_LIST_HEAD(&tid_info->tmp_list);
1323                 skb_queue_head_init(&tid_info->queue);
1324                 spin_lock_init(&tid_info->lock);
1325
1326                 spin_lock_bh(&ar->tx_ampdu_list_lock);
1327                 ar->tx_ampdu_list_len++;
1328                 list_add_tail_rcu(&tid_info->list, &ar->tx_ampdu_list);
1329                 rcu_assign_pointer(sta_info->agg[tid], tid_info);
1330                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
1331                 rcu_read_unlock();
1332
1333                 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1334                 break;
1335
1336         case IEEE80211_AMPDU_TX_STOP:
1337                 rcu_read_lock();
1338                 tid_info = rcu_dereference(sta_info->agg[tid]);
1339                 if (tid_info) {
1340                         spin_lock_bh(&ar->tx_ampdu_list_lock);
1341                         if (tid_info->state > CARL9170_TID_STATE_SHUTDOWN)
1342                                 tid_info->state = CARL9170_TID_STATE_SHUTDOWN;
1343                         spin_unlock_bh(&ar->tx_ampdu_list_lock);
1344                 }
1345
1346                 rcu_assign_pointer(sta_info->agg[tid], NULL);
1347                 rcu_read_unlock();
1348
1349                 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1350                 ieee80211_queue_work(ar->hw, &ar->ampdu_work);
1351                 break;
1352
1353         case IEEE80211_AMPDU_TX_OPERATIONAL:
1354                 rcu_read_lock();
1355                 tid_info = rcu_dereference(sta_info->agg[tid]);
1356
1357                 sta_info->stats[tid].clear = true;
1358                 sta_info->stats[tid].req = false;
1359
1360                 if (tid_info) {
1361                         bitmap_zero(tid_info->bitmap, CARL9170_BAW_SIZE);
1362                         tid_info->state = CARL9170_TID_STATE_IDLE;
1363                 }
1364                 rcu_read_unlock();
1365
1366                 if (WARN_ON_ONCE(!tid_info))
1367                         return -EFAULT;
1368
1369                 break;
1370
1371         case IEEE80211_AMPDU_RX_START:
1372         case IEEE80211_AMPDU_RX_STOP:
1373                 /* Handled by hardware */
1374                 break;
1375
1376         default:
1377                 return -EOPNOTSUPP;
1378         }
1379
1380         return 0;
1381 }
1382
1383 #ifdef CONFIG_CARL9170_WPC
1384 static int carl9170_register_wps_button(struct ar9170 *ar)
1385 {
1386         struct input_dev *input;
1387         int err;
1388
1389         if (!(ar->features & CARL9170_WPS_BUTTON))
1390                 return 0;
1391
1392         input = input_allocate_device();
1393         if (!input)
1394                 return -ENOMEM;
1395
1396         snprintf(ar->wps.name, sizeof(ar->wps.name), "%s WPS Button",
1397                  wiphy_name(ar->hw->wiphy));
1398
1399         snprintf(ar->wps.phys, sizeof(ar->wps.phys),
1400                  "ieee80211/%s/input0", wiphy_name(ar->hw->wiphy));
1401
1402         input->name = ar->wps.name;
1403         input->phys = ar->wps.phys;
1404         input->id.bustype = BUS_USB;
1405         input->dev.parent = &ar->hw->wiphy->dev;
1406
1407         input_set_capability(input, EV_KEY, KEY_WPS_BUTTON);
1408
1409         err = input_register_device(input);
1410         if (err) {
1411                 input_free_device(input);
1412                 return err;
1413         }
1414
1415         ar->wps.pbc = input;
1416         return 0;
1417 }
1418 #endif /* CONFIG_CARL9170_WPC */
1419
1420 static int carl9170_op_get_survey(struct ieee80211_hw *hw, int idx,
1421                                 struct survey_info *survey)
1422 {
1423         struct ar9170 *ar = hw->priv;
1424         int err;
1425
1426         if (idx != 0)
1427                 return -ENOENT;
1428
1429         mutex_lock(&ar->mutex);
1430         err = carl9170_get_noisefloor(ar);
1431         mutex_unlock(&ar->mutex);
1432         if (err)
1433                 return err;
1434
1435         survey->channel = ar->channel;
1436         survey->filled = SURVEY_INFO_NOISE_DBM;
1437         survey->noise = ar->noise[0];
1438         return 0;
1439 }
1440
1441 static void carl9170_op_flush(struct ieee80211_hw *hw, bool drop)
1442 {
1443         struct ar9170 *ar = hw->priv;
1444         unsigned int vid;
1445
1446         mutex_lock(&ar->mutex);
1447         for_each_set_bit(vid, &ar->vif_bitmap, ar->fw.vif_num)
1448                 carl9170_flush_cab(ar, vid);
1449
1450         carl9170_flush(ar, drop);
1451         mutex_unlock(&ar->mutex);
1452 }
1453
1454 static int carl9170_op_get_stats(struct ieee80211_hw *hw,
1455                                  struct ieee80211_low_level_stats *stats)
1456 {
1457         struct ar9170 *ar = hw->priv;
1458
1459         memset(stats, 0, sizeof(*stats));
1460         stats->dot11ACKFailureCount = ar->tx_ack_failures;
1461         stats->dot11FCSErrorCount = ar->tx_fcs_errors;
1462         return 0;
1463 }
1464
1465 static void carl9170_op_sta_notify(struct ieee80211_hw *hw,
1466                                    struct ieee80211_vif *vif,
1467                                    enum sta_notify_cmd cmd,
1468                                    struct ieee80211_sta *sta)
1469 {
1470         struct ar9170 *ar = hw->priv;
1471         struct carl9170_sta_info *sta_info = (void *) sta->drv_priv;
1472         struct sk_buff *skb, *tmp;
1473         struct sk_buff_head free;
1474         int i;
1475
1476         switch (cmd) {
1477         case STA_NOTIFY_SLEEP:
1478                 /*
1479                  * Since the peer is no longer listening, we have to return
1480                  * as many SKBs as possible back to the mac80211 stack.
1481                  * It will deal with the retry procedure, once the peer
1482                  * has become available again.
1483                  *
1484                  * NB: Ideally, the driver should return the all frames in
1485                  * the correct, ascending order. However, I think that this
1486                  * functionality should be implemented in the stack and not
1487                  * here...
1488                  */
1489
1490                 __skb_queue_head_init(&free);
1491
1492                 if (sta->ht_cap.ht_supported) {
1493                         rcu_read_lock();
1494                         for (i = 0; i < CARL9170_NUM_TID; i++) {
1495                                 struct carl9170_sta_tid *tid_info;
1496
1497                                 tid_info = rcu_dereference(sta_info->agg[i]);
1498
1499                                 if (!tid_info)
1500                                         continue;
1501
1502                                 spin_lock_bh(&ar->tx_ampdu_list_lock);
1503                                 if (tid_info->state >
1504                                     CARL9170_TID_STATE_SUSPEND)
1505                                         tid_info->state =
1506                                                 CARL9170_TID_STATE_SUSPEND;
1507                                 spin_unlock_bh(&ar->tx_ampdu_list_lock);
1508
1509                                 spin_lock_bh(&tid_info->lock);
1510                                 while ((skb = __skb_dequeue(&tid_info->queue)))
1511                                         __skb_queue_tail(&free, skb);
1512                                 spin_unlock_bh(&tid_info->lock);
1513                         }
1514                         rcu_read_unlock();
1515                 }
1516
1517                 for (i = 0; i < ar->hw->queues; i++) {
1518                         spin_lock_bh(&ar->tx_pending[i].lock);
1519                         skb_queue_walk_safe(&ar->tx_pending[i], skb, tmp) {
1520                                 struct _carl9170_tx_superframe *super;
1521                                 struct ieee80211_hdr *hdr;
1522                                 struct ieee80211_tx_info *info;
1523
1524                                 super = (void *) skb->data;
1525                                 hdr = (void *) super->frame_data;
1526
1527                                 if (compare_ether_addr(hdr->addr1, sta->addr))
1528                                         continue;
1529
1530                                 __skb_unlink(skb, &ar->tx_pending[i]);
1531
1532                                 info = IEEE80211_SKB_CB(skb);
1533                                 if (info->flags & IEEE80211_TX_CTL_AMPDU)
1534                                         atomic_dec(&ar->tx_ampdu_upload);
1535
1536                                 carl9170_tx_status(ar, skb, false);
1537                         }
1538                         spin_unlock_bh(&ar->tx_pending[i].lock);
1539                 }
1540
1541                 while ((skb = __skb_dequeue(&free)))
1542                         carl9170_tx_status(ar, skb, false);
1543
1544                 break;
1545
1546         case STA_NOTIFY_AWAKE:
1547                 if (!sta->ht_cap.ht_supported)
1548                         return;
1549
1550                 rcu_read_lock();
1551                 for (i = 0; i < CARL9170_NUM_TID; i++) {
1552                         struct carl9170_sta_tid *tid_info;
1553
1554                         tid_info = rcu_dereference(sta_info->agg[i]);
1555
1556                         if (!tid_info)
1557                                 continue;
1558
1559                         if ((tid_info->state == CARL9170_TID_STATE_SUSPEND))
1560                                 tid_info->state = CARL9170_TID_STATE_IDLE;
1561                 }
1562                 rcu_read_unlock();
1563                 break;
1564         }
1565 }
1566
1567 static const struct ieee80211_ops carl9170_ops = {
1568         .start                  = carl9170_op_start,
1569         .stop                   = carl9170_op_stop,
1570         .tx                     = carl9170_op_tx,
1571         .flush                  = carl9170_op_flush,
1572         .add_interface          = carl9170_op_add_interface,
1573         .remove_interface       = carl9170_op_remove_interface,
1574         .config                 = carl9170_op_config,
1575         .prepare_multicast      = carl9170_op_prepare_multicast,
1576         .configure_filter       = carl9170_op_configure_filter,
1577         .conf_tx                = carl9170_op_conf_tx,
1578         .bss_info_changed       = carl9170_op_bss_info_changed,
1579         .get_tsf                = carl9170_op_get_tsf,
1580         .set_key                = carl9170_op_set_key,
1581         .sta_add                = carl9170_op_sta_add,
1582         .sta_remove             = carl9170_op_sta_remove,
1583         .sta_notify             = carl9170_op_sta_notify,
1584         .get_survey             = carl9170_op_get_survey,
1585         .get_stats              = carl9170_op_get_stats,
1586         .ampdu_action           = carl9170_op_ampdu_action,
1587 };
1588
1589 void *carl9170_alloc(size_t priv_size)
1590 {
1591         struct ieee80211_hw *hw;
1592         struct ar9170 *ar;
1593         struct sk_buff *skb;
1594         int i;
1595
1596         /*
1597          * this buffer is used for rx stream reconstruction.
1598          * Under heavy load this device (or the transport layer?)
1599          * tends to split the streams into separate rx descriptors.
1600          */
1601
1602         skb = __dev_alloc_skb(AR9170_RX_STREAM_MAX_SIZE, GFP_KERNEL);
1603         if (!skb)
1604                 goto err_nomem;
1605
1606         hw = ieee80211_alloc_hw(priv_size, &carl9170_ops);
1607         if (!hw)
1608                 goto err_nomem;
1609
1610         ar = hw->priv;
1611         ar->hw = hw;
1612         ar->rx_failover = skb;
1613
1614         memset(&ar->rx_plcp, 0, sizeof(struct ar9170_rx_head));
1615         ar->rx_has_plcp = false;
1616
1617         /*
1618          * Here's a hidden pitfall!
1619          *
1620          * All 4 AC queues work perfectly well under _legacy_ operation.
1621          * However as soon as aggregation is enabled, the traffic flow
1622          * gets very bumpy. Therefore we have to _switch_ to a
1623          * software AC with a single HW queue.
1624          */
1625         hw->queues = __AR9170_NUM_TXQ;
1626
1627         mutex_init(&ar->mutex);
1628         spin_lock_init(&ar->beacon_lock);
1629         spin_lock_init(&ar->cmd_lock);
1630         spin_lock_init(&ar->tx_stats_lock);
1631         spin_lock_init(&ar->tx_ampdu_list_lock);
1632         spin_lock_init(&ar->mem_lock);
1633         spin_lock_init(&ar->state_lock);
1634         atomic_set(&ar->pending_restarts, 0);
1635         ar->vifs = 0;
1636         for (i = 0; i < ar->hw->queues; i++) {
1637                 skb_queue_head_init(&ar->tx_status[i]);
1638                 skb_queue_head_init(&ar->tx_pending[i]);
1639         }
1640         INIT_WORK(&ar->ps_work, carl9170_ps_work);
1641         INIT_WORK(&ar->ping_work, carl9170_ping_work);
1642         INIT_WORK(&ar->restart_work, carl9170_restart_work);
1643         INIT_WORK(&ar->ampdu_work, carl9170_ampdu_work);
1644         INIT_DELAYED_WORK(&ar->tx_janitor, carl9170_tx_janitor);
1645         INIT_LIST_HEAD(&ar->tx_ampdu_list);
1646         rcu_assign_pointer(ar->tx_ampdu_iter,
1647                            (struct carl9170_sta_tid *) &ar->tx_ampdu_list);
1648
1649         bitmap_zero(&ar->vif_bitmap, ar->fw.vif_num);
1650         INIT_LIST_HEAD(&ar->vif_list);
1651         init_completion(&ar->tx_flush);
1652
1653         /*
1654          * Note:
1655          * IBSS/ADHOC and AP mode are only enabled, if the firmware
1656          * supports these modes. The code which will add the
1657          * additional interface_modes is in fw.c.
1658          */
1659         hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
1660                                      BIT(NL80211_IFTYPE_P2P_CLIENT);
1661
1662         hw->flags |= IEEE80211_HW_RX_INCLUDES_FCS |
1663                      IEEE80211_HW_REPORTS_TX_ACK_STATUS |
1664                      IEEE80211_HW_SUPPORTS_PS |
1665                      IEEE80211_HW_PS_NULLFUNC_STACK |
1666                      IEEE80211_HW_SIGNAL_DBM;
1667
1668         if (!modparam_noht) {
1669                 /*
1670                  * see the comment above, why we allow the user
1671                  * to disable HT by a module parameter.
1672                  */
1673                 hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
1674         }
1675
1676         hw->extra_tx_headroom = sizeof(struct _carl9170_tx_superframe);
1677         hw->sta_data_size = sizeof(struct carl9170_sta_info);
1678         hw->vif_data_size = sizeof(struct carl9170_vif_info);
1679
1680         hw->max_rates = CARL9170_TX_MAX_RATES;
1681         hw->max_rate_tries = CARL9170_TX_USER_RATE_TRIES;
1682
1683         for (i = 0; i < ARRAY_SIZE(ar->noise); i++)
1684                 ar->noise[i] = -95; /* ATH_DEFAULT_NOISE_FLOOR */
1685
1686         hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
1687         return ar;
1688
1689 err_nomem:
1690         kfree_skb(skb);
1691         return ERR_PTR(-ENOMEM);
1692 }
1693
1694 static int carl9170_read_eeprom(struct ar9170 *ar)
1695 {
1696 #define RW      8       /* number of words to read at once */
1697 #define RB      (sizeof(u32) * RW)
1698         u8 *eeprom = (void *)&ar->eeprom;
1699         __le32 offsets[RW];
1700         int i, j, err;
1701
1702         BUILD_BUG_ON(sizeof(ar->eeprom) & 3);
1703
1704         BUILD_BUG_ON(RB > CARL9170_MAX_CMD_LEN - 4);
1705 #ifndef __CHECKER__
1706         /* don't want to handle trailing remains */
1707         BUILD_BUG_ON(sizeof(ar->eeprom) % RB);
1708 #endif
1709
1710         for (i = 0; i < sizeof(ar->eeprom)/RB; i++) {
1711                 for (j = 0; j < RW; j++)
1712                         offsets[j] = cpu_to_le32(AR9170_EEPROM_START +
1713                                                  RB * i + 4 * j);
1714
1715                 err = carl9170_exec_cmd(ar, CARL9170_CMD_RREG,
1716                                         RB, (u8 *) &offsets,
1717                                         RB, eeprom + RB * i);
1718                 if (err)
1719                         return err;
1720         }
1721
1722 #undef RW
1723 #undef RB
1724         return 0;
1725 }
1726
1727 static int carl9170_parse_eeprom(struct ar9170 *ar)
1728 {
1729         struct ath_regulatory *regulatory = &ar->common.regulatory;
1730         unsigned int rx_streams, tx_streams, tx_params = 0;
1731         int bands = 0;
1732
1733         if (ar->eeprom.length == cpu_to_le16(0xffff))
1734                 return -ENODATA;
1735
1736         rx_streams = hweight8(ar->eeprom.rx_mask);
1737         tx_streams = hweight8(ar->eeprom.tx_mask);
1738
1739         if (rx_streams != tx_streams) {
1740                 tx_params = IEEE80211_HT_MCS_TX_RX_DIFF;
1741
1742                 WARN_ON(!(tx_streams >= 1 && tx_streams <=
1743                         IEEE80211_HT_MCS_TX_MAX_STREAMS));
1744
1745                 tx_params = (tx_streams - 1) <<
1746                             IEEE80211_HT_MCS_TX_MAX_STREAMS_SHIFT;
1747
1748                 carl9170_band_2GHz.ht_cap.mcs.tx_params |= tx_params;
1749                 carl9170_band_5GHz.ht_cap.mcs.tx_params |= tx_params;
1750         }
1751
1752         if (ar->eeprom.operating_flags & AR9170_OPFLAG_2GHZ) {
1753                 ar->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
1754                         &carl9170_band_2GHz;
1755                 bands++;
1756         }
1757         if (ar->eeprom.operating_flags & AR9170_OPFLAG_5GHZ) {
1758                 ar->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
1759                         &carl9170_band_5GHz;
1760                 bands++;
1761         }
1762
1763         /*
1764          * I measured this, a bandswitch takes roughly
1765          * 135 ms and a frequency switch about 80.
1766          *
1767          * FIXME: measure these values again once EEPROM settings
1768          *        are used, that will influence them!
1769          */
1770         if (bands == 2)
1771                 ar->hw->channel_change_time = 135 * 1000;
1772         else
1773                 ar->hw->channel_change_time = 80 * 1000;
1774
1775         regulatory->current_rd = le16_to_cpu(ar->eeprom.reg_domain[0]);
1776         regulatory->current_rd_ext = le16_to_cpu(ar->eeprom.reg_domain[1]);
1777
1778         /* second part of wiphy init */
1779         SET_IEEE80211_PERM_ADDR(ar->hw, ar->eeprom.mac_address);
1780
1781         return bands ? 0 : -EINVAL;
1782 }
1783
1784 static int carl9170_reg_notifier(struct wiphy *wiphy,
1785                                  struct regulatory_request *request)
1786 {
1787         struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
1788         struct ar9170 *ar = hw->priv;
1789
1790         return ath_reg_notifier_apply(wiphy, request, &ar->common.regulatory);
1791 }
1792
1793 int carl9170_register(struct ar9170 *ar)
1794 {
1795         struct ath_regulatory *regulatory = &ar->common.regulatory;
1796         int err = 0, i;
1797
1798         if (WARN_ON(ar->mem_bitmap))
1799                 return -EINVAL;
1800
1801         ar->mem_bitmap = kzalloc(roundup(ar->fw.mem_blocks, BITS_PER_LONG) *
1802                                  sizeof(unsigned long), GFP_KERNEL);
1803
1804         if (!ar->mem_bitmap)
1805                 return -ENOMEM;
1806
1807         /* try to read EEPROM, init MAC addr */
1808         err = carl9170_read_eeprom(ar);
1809         if (err)
1810                 return err;
1811
1812         err = carl9170_fw_fix_eeprom(ar);
1813         if (err)
1814                 return err;
1815
1816         err = carl9170_parse_eeprom(ar);
1817         if (err)
1818                 return err;
1819
1820         err = ath_regd_init(regulatory, ar->hw->wiphy,
1821                             carl9170_reg_notifier);
1822         if (err)
1823                 return err;
1824
1825         if (modparam_noht) {
1826                 carl9170_band_2GHz.ht_cap.ht_supported = false;
1827                 carl9170_band_5GHz.ht_cap.ht_supported = false;
1828         }
1829
1830         for (i = 0; i < ar->fw.vif_num; i++) {
1831                 ar->vif_priv[i].id = i;
1832                 ar->vif_priv[i].vif = NULL;
1833         }
1834
1835         err = ieee80211_register_hw(ar->hw);
1836         if (err)
1837                 return err;
1838
1839         /* mac80211 interface is now registered */
1840         ar->registered = true;
1841
1842         if (!ath_is_world_regd(regulatory))
1843                 regulatory_hint(ar->hw->wiphy, regulatory->alpha2);
1844
1845 #ifdef CONFIG_CARL9170_DEBUGFS
1846         carl9170_debugfs_register(ar);
1847 #endif /* CONFIG_CARL9170_DEBUGFS */
1848
1849         err = carl9170_led_init(ar);
1850         if (err)
1851                 goto err_unreg;
1852
1853 #ifdef CONFIG_CARL9170_LEDS
1854         err = carl9170_led_register(ar);
1855         if (err)
1856                 goto err_unreg;
1857 #endif /* CONFIG_CARL9170_LEDS */
1858
1859 #ifdef CONFIG_CARL9170_WPC
1860         err = carl9170_register_wps_button(ar);
1861         if (err)
1862                 goto err_unreg;
1863 #endif /* CONFIG_CARL9170_WPC */
1864
1865         dev_info(&ar->udev->dev, "Atheros AR9170 is registered as '%s'\n",
1866                  wiphy_name(ar->hw->wiphy));
1867
1868         return 0;
1869
1870 err_unreg:
1871         carl9170_unregister(ar);
1872         return err;
1873 }
1874
1875 void carl9170_unregister(struct ar9170 *ar)
1876 {
1877         if (!ar->registered)
1878                 return;
1879
1880         ar->registered = false;
1881
1882 #ifdef CONFIG_CARL9170_LEDS
1883         carl9170_led_unregister(ar);
1884 #endif /* CONFIG_CARL9170_LEDS */
1885
1886 #ifdef CONFIG_CARL9170_DEBUGFS
1887         carl9170_debugfs_unregister(ar);
1888 #endif /* CONFIG_CARL9170_DEBUGFS */
1889
1890 #ifdef CONFIG_CARL9170_WPC
1891         if (ar->wps.pbc) {
1892                 input_unregister_device(ar->wps.pbc);
1893                 ar->wps.pbc = NULL;
1894         }
1895 #endif /* CONFIG_CARL9170_WPC */
1896
1897         carl9170_cancel_worker(ar);
1898         cancel_work_sync(&ar->restart_work);
1899
1900         ieee80211_unregister_hw(ar->hw);
1901 }
1902
1903 void carl9170_free(struct ar9170 *ar)
1904 {
1905         WARN_ON(ar->registered);
1906         WARN_ON(IS_INITIALIZED(ar));
1907
1908         kfree_skb(ar->rx_failover);
1909         ar->rx_failover = NULL;
1910
1911         kfree(ar->mem_bitmap);
1912         ar->mem_bitmap = NULL;
1913
1914         mutex_destroy(&ar->mutex);
1915
1916         ieee80211_free_hw(ar->hw);
1917 }