2 * Atheros AR9170 driver
4 * mac80211 interaction code
6 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright 2009, Christian Lamparter <chunkeey@web.de>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; see the file COPYING. If not, see
21 * http://www.gnu.org/licenses/.
23 * This file incorporates work covered by the following copyright and
25 * Copyright (c) 2007-2008 Atheros Communications, Inc.
27 * Permission to use, copy, modify, and/or distribute this software for any
28 * purpose with or without fee is hereby granted, provided that the above
29 * copyright notice and this permission notice appear in all copies.
31 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
32 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
33 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
34 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
35 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
36 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
37 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
40 #include <linux/init.h>
41 #include <linux/module.h>
42 #include <linux/etherdevice.h>
43 #include <net/mac80211.h>
48 static int modparam_nohwcrypt;
49 module_param_named(nohwcrypt, modparam_nohwcrypt, bool, S_IRUGO);
50 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
52 #define RATE(_bitrate, _hw_rate, _txpidx, _flags) { \
53 .bitrate = (_bitrate), \
55 .hw_value = (_hw_rate) | (_txpidx) << 4, \
58 static struct ieee80211_rate __ar9170_ratetable[] = {
60 RATE(20, 1, 1, IEEE80211_RATE_SHORT_PREAMBLE),
61 RATE(55, 2, 2, IEEE80211_RATE_SHORT_PREAMBLE),
62 RATE(110, 3, 3, IEEE80211_RATE_SHORT_PREAMBLE),
74 #define ar9170_g_ratetable (__ar9170_ratetable + 0)
75 #define ar9170_g_ratetable_size 12
76 #define ar9170_a_ratetable (__ar9170_ratetable + 4)
77 #define ar9170_a_ratetable_size 8
80 * NB: The hw_value is used as an index into the ar9170_phy_freq_params
81 * array in phy.c so that we don't have to do frequency lookups!
83 #define CHAN(_freq, _idx) { \
84 .center_freq = (_freq), \
86 .max_power = 18, /* XXX */ \
89 static struct ieee80211_channel ar9170_2ghz_chantable[] = {
106 static struct ieee80211_channel ar9170_5ghz_chantable[] = {
145 #define AR9170_HT_CAP \
147 .ht_supported = true, \
148 .cap = IEEE80211_HT_CAP_MAX_AMSDU | \
149 IEEE80211_HT_CAP_SM_PS | \
150 IEEE80211_HT_CAP_SUP_WIDTH_20_40 | \
151 IEEE80211_HT_CAP_SGI_40 | \
152 IEEE80211_HT_CAP_DSSSCCK40 | \
153 IEEE80211_HT_CAP_SM_PS, \
154 .ampdu_factor = 3, /* ?? */ \
155 .ampdu_density = 7, /* ?? */ \
157 .rx_mask = { 0xFF, 0xFF, 0, 0, 0, 0, 0, 0, 0, 0, }, \
161 static struct ieee80211_supported_band ar9170_band_2GHz = {
162 .channels = ar9170_2ghz_chantable,
163 .n_channels = ARRAY_SIZE(ar9170_2ghz_chantable),
164 .bitrates = ar9170_g_ratetable,
165 .n_bitrates = ar9170_g_ratetable_size,
166 .ht_cap = AR9170_HT_CAP,
169 static struct ieee80211_supported_band ar9170_band_5GHz = {
170 .channels = ar9170_5ghz_chantable,
171 .n_channels = ARRAY_SIZE(ar9170_5ghz_chantable),
172 .bitrates = ar9170_a_ratetable,
173 .n_bitrates = ar9170_a_ratetable_size,
174 .ht_cap = AR9170_HT_CAP,
177 #ifdef AR9170_QUEUE_DEBUG
179 * In case some wants works with AR9170's crazy tx_status queueing techniques.
180 * He might need this rather useful probing function.
182 * NOTE: caller must hold the queue's spinlock!
185 static void ar9170_print_txheader(struct ar9170 *ar, struct sk_buff *skb)
187 struct ar9170_tx_control *txc = (void *) skb->data;
188 struct ieee80211_hdr *hdr = (void *)txc->frame_data;
190 printk(KERN_DEBUG "%s: => FRAME [skb:%p, queue:%d, DA:[%pM] "
191 "mac_control:%04x, phy_control:%08x]\n",
192 wiphy_name(ar->hw->wiphy), skb, skb_get_queue_mapping(skb),
193 ieee80211_get_DA(hdr), le16_to_cpu(txc->mac_control),
194 le32_to_cpu(txc->phy_control));
197 static void ar9170_dump_station_tx_status_queue(struct ar9170 *ar,
198 struct sk_buff_head *queue)
203 printk(KERN_DEBUG "---[ cut here ]---\n");
204 printk(KERN_DEBUG "%s: %d entries in tx_status queue.\n",
205 wiphy_name(ar->hw->wiphy), skb_queue_len(queue));
207 skb_queue_walk(queue, skb) {
208 struct ar9170_tx_control *txc = (void *) skb->data;
209 struct ieee80211_hdr *hdr = (void *)txc->frame_data;
211 printk(KERN_DEBUG "index:%d => \n", i);
212 ar9170_print_txheader(ar, skb);
214 printk(KERN_DEBUG "---[ end ]---\n");
216 #endif /* AR9170_QUEUE_DEBUG */
218 void ar9170_handle_tx_status(struct ar9170 *ar, struct sk_buff *skb,
219 bool valid_status, u16 tx_status)
221 struct ieee80211_tx_info *txinfo;
222 unsigned int retries = 0, queue = skb_get_queue_mapping(skb);
225 spin_lock_irqsave(&ar->tx_stats_lock, flags);
226 ar->tx_stats[queue].len--;
227 if (ieee80211_queue_stopped(ar->hw, queue))
228 ieee80211_wake_queue(ar->hw, queue);
229 spin_unlock_irqrestore(&ar->tx_stats_lock, flags);
231 txinfo = IEEE80211_SKB_CB(skb);
232 ieee80211_tx_info_clear_status(txinfo);
235 case AR9170_TX_STATUS_RETRY:
237 case AR9170_TX_STATUS_COMPLETE:
238 txinfo->flags |= IEEE80211_TX_STAT_ACK;
241 case AR9170_TX_STATUS_FAILED:
242 retries = ar->hw->conf.long_frame_max_tx_count;
246 printk(KERN_ERR "%s: invalid tx_status response (%x).\n",
247 wiphy_name(ar->hw->wiphy), tx_status);
252 txinfo->status.rates[0].count = retries + 1;
254 skb_pull(skb, sizeof(struct ar9170_tx_control));
255 ieee80211_tx_status_irqsafe(ar->hw, skb);
258 static struct sk_buff *ar9170_find_skb_in_queue(struct ar9170 *ar,
261 struct sk_buff_head *q)
266 spin_lock_irqsave(&q->lock, flags);
267 skb_queue_walk(q, skb) {
268 struct ar9170_tx_control *txc = (void *) skb->data;
269 struct ieee80211_hdr *hdr = (void *) txc->frame_data;
270 u32 txc_queue = (le32_to_cpu(txc->phy_control) &
271 AR9170_TX_PHY_QOS_MASK) >>
272 AR9170_TX_PHY_QOS_SHIFT;
274 if ((queue != txc_queue) ||
275 (compare_ether_addr(ieee80211_get_DA(hdr), mac)))
278 __skb_unlink(skb, q);
279 spin_unlock_irqrestore(&q->lock, flags);
282 spin_unlock_irqrestore(&q->lock, flags);
286 static struct sk_buff *ar9170_find_queued_skb(struct ar9170 *ar, const u8 *mac,
289 struct ieee80211_sta *sta;
293 * Unfortunately, the firmware does not tell to which (queued) frame
294 * this transmission status report belongs to.
296 * So we have to make risky guesses - with the scarce information
297 * the firmware provided (-> destination MAC, and phy_control) -
298 * and hope that we picked the right one...
301 sta = ieee80211_find_sta(ar->hw, mac);
304 struct ar9170_sta_info *sta_priv = (void *) sta->drv_priv;
305 skb = skb_dequeue(&sta_priv->tx_status[queue]);
312 /* scan the waste queue for candidates */
313 skb = ar9170_find_skb_in_queue(ar, mac, queue,
314 &ar->global_tx_status_waste);
316 /* so it still _must_ be in the global list. */
317 skb = ar9170_find_skb_in_queue(ar, mac, queue,
318 &ar->global_tx_status);
321 #ifdef AR9170_QUEUE_DEBUG
322 if (unlikely((!skb) && net_ratelimit())) {
323 printk(KERN_ERR "%s: ESS:[%pM] does not have any "
324 "outstanding frames in this queue (%d).\n",
325 wiphy_name(ar->hw->wiphy), mac, queue);
327 #endif /* AR9170_QUEUE_DEBUG */
332 * This worker tries to keep the global tx_status queue empty.
333 * So we can guarantee that incoming tx_status reports for
334 * unregistered stations are always synced with the actual
335 * frame - which we think - belongs to.
338 static void ar9170_tx_status_janitor(struct work_struct *work)
340 struct ar9170 *ar = container_of(work, struct ar9170,
341 tx_status_janitor.work);
344 if (unlikely(!IS_STARTED(ar)))
347 mutex_lock(&ar->mutex);
348 /* recycle the garbage back to mac80211... one by one. */
349 while ((skb = skb_dequeue(&ar->global_tx_status_waste))) {
350 #ifdef AR9170_QUEUE_DEBUG
351 printk(KERN_DEBUG "%s: dispose queued frame =>\n",
352 wiphy_name(ar->hw->wiphy));
353 ar9170_print_txheader(ar, skb);
354 #endif /* AR9170_QUEUE_DEBUG */
355 ar9170_handle_tx_status(ar, skb, false,
356 AR9170_TX_STATUS_FAILED);
359 while ((skb = skb_dequeue(&ar->global_tx_status))) {
360 #ifdef AR9170_QUEUE_DEBUG
361 printk(KERN_DEBUG "%s: moving frame into waste queue =>\n",
362 wiphy_name(ar->hw->wiphy));
364 ar9170_print_txheader(ar, skb);
365 #endif /* AR9170_QUEUE_DEBUG */
366 skb_queue_tail(&ar->global_tx_status_waste, skb);
369 /* recall the janitor in 100ms - if there's garbage in the can. */
370 if (skb_queue_len(&ar->global_tx_status_waste) > 0)
371 queue_delayed_work(ar->hw->workqueue, &ar->tx_status_janitor,
372 msecs_to_jiffies(100));
374 mutex_unlock(&ar->mutex);
377 static void ar9170_handle_command_response(struct ar9170 *ar,
380 struct ar9170_cmd_response *cmd = (void *) buf;
382 if ((cmd->type & 0xc0) != 0xc0) {
383 ar->callback_cmd(ar, len, buf);
387 /* hardware event handlers */
391 * TX status notification:
392 * bytes: 0c c1 XX YY M1 M2 M3 M4 M5 M6 R4 R3 R2 R1 S2 S1
396 * M1-M6 is the MAC address
397 * R1-R4 is the transmit rate
398 * S1-S2 is the transmit status
402 u32 queue = (le32_to_cpu(cmd->tx_status.rate) &
403 AR9170_TX_PHY_QOS_MASK) >> AR9170_TX_PHY_QOS_SHIFT;
405 skb = ar9170_find_queued_skb(ar, cmd->tx_status.dst, queue);
409 ar9170_handle_tx_status(ar, skb, true,
410 le16_to_cpu(cmd->tx_status.status));
418 if (ar->vif && ar->vif->type == NL80211_IFTYPE_AP)
419 queue_work(ar->hw->workqueue, &ar->beacon_work);
424 * (IBSS) beacon send notification
425 * bytes: 04 c2 XX YY B4 B3 B2 B1
429 * B1-B4 "should" be the number of send out beacons.
434 /* End of Atim Window */
439 /* BlockACK events */
443 /* Watchdog Interrupt */
447 /* retransmission issue / SIFS/EIFS collision ?! */
451 printk(KERN_INFO "received unhandled event %x\n", cmd->type);
452 print_hex_dump_bytes("dump:", DUMP_PREFIX_NONE, buf, len);
457 static void ar9170_rx_reset_rx_mpdu(struct ar9170 *ar)
459 memset(&ar->rx_mpdu.plcp, 0, sizeof(struct ar9170_rx_head));
460 ar->rx_mpdu.has_plcp = false;
463 static int ar9170_nag_limiter(struct ar9170 *ar)
468 * we expect all sorts of errors in promiscuous mode.
469 * don't bother with it, it's OK!
471 if (ar->sniffer_enabled)
475 * only go for frequent errors! The hardware tends to
476 * do some stupid thing once in a while under load, in
477 * noisy environments or just for fun!
479 if (time_before(jiffies, ar->bad_hw_nagger) && net_ratelimit())
480 print_message = true;
482 print_message = false;
484 /* reset threshold for "once in a while" */
485 ar->bad_hw_nagger = jiffies + HZ / 4;
486 return print_message;
489 static int ar9170_rx_mac_status(struct ar9170 *ar,
490 struct ar9170_rx_head *head,
491 struct ar9170_rx_macstatus *mac,
492 struct ieee80211_rx_status *status)
496 BUILD_BUG_ON(sizeof(struct ar9170_rx_head) != 12);
497 BUILD_BUG_ON(sizeof(struct ar9170_rx_macstatus) != 4);
500 if (error & AR9170_RX_ERROR_MMIC) {
501 status->flag |= RX_FLAG_MMIC_ERROR;
502 error &= ~AR9170_RX_ERROR_MMIC;
505 if (error & AR9170_RX_ERROR_PLCP) {
506 status->flag |= RX_FLAG_FAILED_PLCP_CRC;
507 error &= ~AR9170_RX_ERROR_PLCP;
509 if (!(ar->filter_state & FIF_PLCPFAIL))
513 if (error & AR9170_RX_ERROR_FCS) {
514 status->flag |= RX_FLAG_FAILED_FCS_CRC;
515 error &= ~AR9170_RX_ERROR_FCS;
517 if (!(ar->filter_state & FIF_FCSFAIL))
521 decrypt = ar9170_get_decrypt_type(mac);
522 if (!(decrypt & AR9170_RX_ENC_SOFTWARE) &&
523 decrypt != AR9170_ENC_ALG_NONE)
524 status->flag |= RX_FLAG_DECRYPTED;
526 /* ignore wrong RA errors */
527 error &= ~AR9170_RX_ERROR_WRONG_RA;
529 if (error & AR9170_RX_ERROR_DECRYPT) {
530 error &= ~AR9170_RX_ERROR_DECRYPT;
532 * Rx decryption is done in place,
533 * the original data is lost anyway.
539 /* drop any other error frames */
540 if (unlikely(error)) {
541 /* TODO: update netdevice's RX dropped/errors statistics */
543 if (ar9170_nag_limiter(ar))
544 printk(KERN_DEBUG "%s: received frame with "
545 "suspicious error code (%#x).\n",
546 wiphy_name(ar->hw->wiphy), error);
551 status->band = ar->channel->band;
552 status->freq = ar->channel->center_freq;
554 switch (mac->status & AR9170_RX_STATUS_MODULATION_MASK) {
555 case AR9170_RX_STATUS_MODULATION_CCK:
556 if (mac->status & AR9170_RX_STATUS_SHORT_PREAMBLE)
557 status->flag |= RX_FLAG_SHORTPRE;
558 switch (head->plcp[0]) {
560 status->rate_idx = 0;
563 status->rate_idx = 1;
566 status->rate_idx = 2;
569 status->rate_idx = 3;
572 if (ar9170_nag_limiter(ar))
573 printk(KERN_ERR "%s: invalid plcp cck rate "
574 "(%x).\n", wiphy_name(ar->hw->wiphy),
580 case AR9170_RX_STATUS_MODULATION_OFDM:
581 switch (head->plcp[0] & 0xf) {
583 status->rate_idx = 0;
586 status->rate_idx = 1;
589 status->rate_idx = 2;
592 status->rate_idx = 3;
595 status->rate_idx = 4;
598 status->rate_idx = 5;
601 status->rate_idx = 6;
604 status->rate_idx = 7;
607 if (ar9170_nag_limiter(ar))
608 printk(KERN_ERR "%s: invalid plcp ofdm rate "
609 "(%x).\n", wiphy_name(ar->hw->wiphy),
613 if (status->band == IEEE80211_BAND_2GHZ)
614 status->rate_idx += 4;
617 case AR9170_RX_STATUS_MODULATION_HT:
618 if (head->plcp[3] & 0x80)
619 status->flag |= RX_FLAG_40MHZ;
620 if (head->plcp[6] & 0x80)
621 status->flag |= RX_FLAG_SHORT_GI;
623 status->rate_idx = clamp(0, 75, head->plcp[6] & 0x7f);
624 status->flag |= RX_FLAG_HT;
627 case AR9170_RX_STATUS_MODULATION_DUPOFDM:
629 if (ar9170_nag_limiter(ar))
630 printk(KERN_ERR "%s: invalid modulation\n",
631 wiphy_name(ar->hw->wiphy));
638 static void ar9170_rx_phy_status(struct ar9170 *ar,
639 struct ar9170_rx_phystatus *phy,
640 struct ieee80211_rx_status *status)
644 BUILD_BUG_ON(sizeof(struct ar9170_rx_phystatus) != 20);
646 for (i = 0; i < 3; i++)
647 if (phy->rssi[i] != 0x80)
648 status->antenna |= BIT(i);
650 /* post-process RSSI */
651 for (i = 0; i < 7; i++)
652 if (phy->rssi[i] & 0x80)
653 phy->rssi[i] = ((phy->rssi[i] & 0x7f) + 1) & 0x7f;
655 /* TODO: we could do something with phy_errors */
656 status->signal = ar->noise[0] + phy->rssi_combined;
657 status->noise = ar->noise[0];
660 static struct sk_buff *ar9170_rx_copy_data(u8 *buf, int len)
664 struct ieee80211_hdr *hdr = (void *) buf;
666 if (ieee80211_is_data_qos(hdr->frame_control)) {
667 u8 *qc = ieee80211_get_qos_ctl(hdr);
668 reserved += NET_IP_ALIGN;
670 if (*qc & IEEE80211_QOS_CONTROL_A_MSDU_PRESENT)
671 reserved += NET_IP_ALIGN;
674 if (ieee80211_has_a4(hdr->frame_control))
675 reserved += NET_IP_ALIGN;
677 reserved = 32 + (reserved & NET_IP_ALIGN);
679 skb = dev_alloc_skb(len + reserved);
681 skb_reserve(skb, reserved);
682 memcpy(skb_put(skb, len), buf, len);
689 * If the frame alignment is right (or the kernel has
690 * CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS), and there
691 * is only a single MPDU in the USB frame, then we could
692 * submit to mac80211 the SKB directly. However, since
693 * there may be multiple packets in one SKB in stream
694 * mode, and we need to observe the proper ordering,
695 * this is non-trivial.
698 static void ar9170_handle_mpdu(struct ar9170 *ar, u8 *buf, int len)
700 struct ar9170_rx_head *head;
701 struct ar9170_rx_macstatus *mac;
702 struct ar9170_rx_phystatus *phy = NULL;
703 struct ieee80211_rx_status status;
707 if (unlikely(!IS_STARTED(ar) || len < (sizeof(*mac))))
711 mpdu_len = len - sizeof(*mac);
713 mac = (void *)(buf + mpdu_len);
714 if (unlikely(mac->error & AR9170_RX_ERROR_FATAL)) {
715 /* this frame is too damaged and can't be used - drop it */
720 switch (mac->status & AR9170_RX_STATUS_MPDU_MASK) {
721 case AR9170_RX_STATUS_MPDU_FIRST:
722 /* first mpdu packet has the plcp header */
723 if (likely(mpdu_len >= sizeof(struct ar9170_rx_head))) {
725 memcpy(&ar->rx_mpdu.plcp, (void *) buf,
726 sizeof(struct ar9170_rx_head));
728 mpdu_len -= sizeof(struct ar9170_rx_head);
729 buf += sizeof(struct ar9170_rx_head);
730 ar->rx_mpdu.has_plcp = true;
732 if (ar9170_nag_limiter(ar))
733 printk(KERN_ERR "%s: plcp info is clipped.\n",
734 wiphy_name(ar->hw->wiphy));
739 case AR9170_RX_STATUS_MPDU_LAST:
740 /* last mpdu has a extra tail with phy status information */
742 if (likely(mpdu_len >= sizeof(struct ar9170_rx_phystatus))) {
743 mpdu_len -= sizeof(struct ar9170_rx_phystatus);
744 phy = (void *)(buf + mpdu_len);
746 if (ar9170_nag_limiter(ar))
747 printk(KERN_ERR "%s: frame tail is clipped.\n",
748 wiphy_name(ar->hw->wiphy));
752 case AR9170_RX_STATUS_MPDU_MIDDLE:
753 /* middle mpdus are just data */
754 if (unlikely(!ar->rx_mpdu.has_plcp)) {
755 if (!ar9170_nag_limiter(ar))
758 printk(KERN_ERR "%s: rx stream did not start "
759 "with a first_mpdu frame tag.\n",
760 wiphy_name(ar->hw->wiphy));
765 head = &ar->rx_mpdu.plcp;
768 case AR9170_RX_STATUS_MPDU_SINGLE:
769 /* single mpdu - has plcp (head) and phy status (tail) */
772 mpdu_len -= sizeof(struct ar9170_rx_head);
773 mpdu_len -= sizeof(struct ar9170_rx_phystatus);
775 buf += sizeof(struct ar9170_rx_head);
776 phy = (void *)(buf + mpdu_len);
784 if (unlikely(mpdu_len < FCS_LEN))
787 memset(&status, 0, sizeof(status));
788 if (unlikely(ar9170_rx_mac_status(ar, head, mac, &status)))
792 ar9170_rx_phy_status(ar, phy, &status);
794 skb = ar9170_rx_copy_data(buf, mpdu_len);
796 ieee80211_rx_irqsafe(ar->hw, skb, &status);
799 void ar9170_rx(struct ar9170 *ar, struct sk_buff *skb)
801 unsigned int i, tlen, resplen, wlen = 0, clen = 0;
808 clen = tbuf[1] << 8 | tbuf[0];
809 wlen = ALIGN(clen, 4);
811 /* check if this is stream has a valid tag.*/
812 if (tbuf[2] != 0 || tbuf[3] != 0x4e) {
814 * TODO: handle the highly unlikely event that the
815 * corrupted stream has the TAG at the right position.
818 /* check if the frame can be repaired. */
819 if (!ar->rx_failover_missing) {
820 /* this is no "short read". */
821 if (ar9170_nag_limiter(ar)) {
822 printk(KERN_ERR "%s: missing tag!\n",
823 wiphy_name(ar->hw->wiphy));
829 if (ar->rx_failover_missing > tlen) {
830 if (ar9170_nag_limiter(ar)) {
831 printk(KERN_ERR "%s: possible multi "
832 "stream corruption!\n",
833 wiphy_name(ar->hw->wiphy));
839 memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen);
840 ar->rx_failover_missing -= tlen;
842 if (ar->rx_failover_missing <= 0) {
844 * nested ar9170_rx call!
845 * termination is guranteed, even when the
846 * combined frame also have a element with
850 ar->rx_failover_missing = 0;
851 ar9170_rx(ar, ar->rx_failover);
853 skb_reset_tail_pointer(ar->rx_failover);
854 skb_trim(ar->rx_failover, 0);
860 /* check if stream is clipped */
861 if (wlen > tlen - 4) {
862 if (ar->rx_failover_missing) {
863 /* TODO: handle double stream corruption. */
864 if (ar9170_nag_limiter(ar)) {
865 printk(KERN_ERR "%s: double rx stream "
867 wiphy_name(ar->hw->wiphy));
874 * save incomplete data set.
875 * the firmware will resend the missing bits when
876 * the rx - descriptor comes round again.
879 memcpy(skb_put(ar->rx_failover, tlen), tbuf, tlen);
880 ar->rx_failover_missing = clen - tlen;
890 /* weird thing, but this is the same in the original driver */
891 while (resplen > 2 && i < 12 &&
892 respbuf[0] == 0xff && respbuf[1] == 0xff) {
901 /* found the 6 * 0xffff marker? */
903 ar9170_handle_command_response(ar, respbuf, resplen);
905 ar9170_handle_mpdu(ar, respbuf, clen);
910 printk(KERN_ERR "%s: %d bytes of unprocessed "
911 "data left in rx stream!\n",
912 wiphy_name(ar->hw->wiphy), tlen);
920 printk(KERN_ERR "%s: damaged RX stream data [want:%d, "
921 "data:%d, rx:%d, pending:%d ]\n",
922 wiphy_name(ar->hw->wiphy), clen, wlen, tlen,
923 ar->rx_failover_missing);
925 if (ar->rx_failover_missing)
926 print_hex_dump_bytes("rxbuf:", DUMP_PREFIX_OFFSET,
927 ar->rx_failover->data,
928 ar->rx_failover->len);
930 print_hex_dump_bytes("stream:", DUMP_PREFIX_OFFSET,
931 skb->data, skb->len);
933 printk(KERN_ERR "%s: please check your hardware and cables, if "
934 "you see this message frequently.\n",
935 wiphy_name(ar->hw->wiphy));
938 if (ar->rx_failover_missing) {
939 skb_reset_tail_pointer(ar->rx_failover);
940 skb_trim(ar->rx_failover, 0);
941 ar->rx_failover_missing = 0;
945 #define AR9170_FILL_QUEUE(queue, ai_fs, cwmin, cwmax, _txop) \
947 queue.aifs = ai_fs; \
948 queue.cw_min = cwmin; \
949 queue.cw_max = cwmax; \
950 queue.txop = _txop; \
953 static int ar9170_op_start(struct ieee80211_hw *hw)
955 struct ar9170 *ar = hw->priv;
958 mutex_lock(&ar->mutex);
960 /* reinitialize queues statistics */
961 memset(&ar->tx_stats, 0, sizeof(ar->tx_stats));
962 for (i = 0; i < ARRAY_SIZE(ar->tx_stats); i++)
963 ar->tx_stats[i].limit = 8;
965 /* reset QoS defaults */
966 AR9170_FILL_QUEUE(ar->edcf[0], 3, 15, 1023, 0); /* BEST EFFORT*/
967 AR9170_FILL_QUEUE(ar->edcf[1], 7, 15, 1023, 0); /* BACKGROUND */
968 AR9170_FILL_QUEUE(ar->edcf[2], 2, 7, 15, 94); /* VIDEO */
969 AR9170_FILL_QUEUE(ar->edcf[3], 2, 3, 7, 47); /* VOICE */
970 AR9170_FILL_QUEUE(ar->edcf[4], 2, 3, 7, 0); /* SPECIAL */
972 ar->bad_hw_nagger = jiffies;
978 err = ar9170_init_mac(ar);
982 err = ar9170_set_qos(ar);
986 err = ar9170_init_phy(ar, IEEE80211_BAND_2GHZ);
990 err = ar9170_init_rf(ar);
995 err = ar9170_write_reg(ar, 0x1c3d30, 0x100);
999 ar->state = AR9170_STARTED;
1002 mutex_unlock(&ar->mutex);
1006 static void ar9170_op_stop(struct ieee80211_hw *hw)
1008 struct ar9170 *ar = hw->priv;
1011 ar->state = AR9170_IDLE;
1013 flush_workqueue(ar->hw->workqueue);
1015 mutex_lock(&ar->mutex);
1016 cancel_delayed_work_sync(&ar->tx_status_janitor);
1017 cancel_work_sync(&ar->filter_config_work);
1018 cancel_work_sync(&ar->beacon_work);
1019 skb_queue_purge(&ar->global_tx_status_waste);
1020 skb_queue_purge(&ar->global_tx_status);
1022 if (IS_ACCEPTING_CMD(ar)) {
1023 ar9170_set_leds_state(ar, 0);
1026 ar9170_write_reg(ar, 0x1c3d30, 0);
1030 mutex_unlock(&ar->mutex);
1033 int ar9170_op_tx(struct ieee80211_hw *hw, struct sk_buff *skb)
1035 struct ar9170 *ar = hw->priv;
1036 struct ieee80211_hdr *hdr;
1037 struct ar9170_tx_control *txc;
1038 struct ieee80211_tx_info *info;
1039 struct ieee80211_rate *rate = NULL;
1040 struct ieee80211_tx_rate *txrate;
1041 unsigned int queue = skb_get_queue_mapping(skb);
1042 unsigned long flags = 0;
1043 struct ar9170_sta_info *sta_info = NULL;
1050 if (unlikely(!IS_STARTED(ar)))
1053 hdr = (void *)skb->data;
1054 info = IEEE80211_SKB_CB(skb);
1057 spin_lock_irqsave(&ar->tx_stats_lock, flags);
1058 if (ar->tx_stats[queue].limit < ar->tx_stats[queue].len) {
1059 spin_unlock_irqrestore(&ar->tx_stats_lock, flags);
1060 return NETDEV_TX_OK;
1063 ar->tx_stats[queue].len++;
1064 ar->tx_stats[queue].count++;
1065 if (ar->tx_stats[queue].limit == ar->tx_stats[queue].len)
1066 ieee80211_stop_queue(hw, queue);
1068 spin_unlock_irqrestore(&ar->tx_stats_lock, flags);
1070 txc = (void *)skb_push(skb, sizeof(*txc));
1072 tx_status = (((info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) != 0) ||
1073 ((info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS) != 0));
1075 if (info->control.hw_key) {
1076 icv = info->control.hw_key->icv_len;
1078 switch (info->control.hw_key->alg) {
1080 keytype = AR9170_TX_MAC_ENCR_RC4;
1083 keytype = AR9170_TX_MAC_ENCR_RC4;
1086 keytype = AR9170_TX_MAC_ENCR_AES;
1095 txc->length = cpu_to_le16(len + icv + 4);
1097 txc->mac_control = cpu_to_le16(AR9170_TX_MAC_HW_DURATION |
1098 AR9170_TX_MAC_BACKOFF);
1099 txc->mac_control |= cpu_to_le16(ar9170_qos_hwmap[queue] <<
1100 AR9170_TX_MAC_QOS_SHIFT);
1101 txc->mac_control |= cpu_to_le16(keytype);
1102 txc->phy_control = cpu_to_le32(0);
1104 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
1105 txc->mac_control |= cpu_to_le16(AR9170_TX_MAC_NO_ACK);
1107 if (info->flags & IEEE80211_TX_CTL_AMPDU)
1108 txc->mac_control |= cpu_to_le16(AR9170_TX_MAC_AGGR);
1110 txrate = &info->control.rates[0];
1112 if (txrate->flags & IEEE80211_TX_RC_USE_CTS_PROTECT)
1113 txc->mac_control |= cpu_to_le16(AR9170_TX_MAC_PROT_CTS);
1114 else if (txrate->flags & IEEE80211_TX_RC_USE_RTS_CTS)
1115 txc->mac_control |= cpu_to_le16(AR9170_TX_MAC_PROT_RTS);
1117 if (txrate->flags & IEEE80211_TX_RC_GREEN_FIELD)
1118 txc->phy_control |= cpu_to_le32(AR9170_TX_PHY_GREENFIELD);
1120 if (txrate->flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE)
1121 txc->phy_control |= cpu_to_le32(AR9170_TX_PHY_SHORT_PREAMBLE);
1123 if (txrate->flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
1124 txc->phy_control |= cpu_to_le32(AR9170_TX_PHY_BW_40MHZ);
1125 /* this works because 40 MHz is 2 and dup is 3 */
1126 if (txrate->flags & IEEE80211_TX_RC_DUP_DATA)
1127 txc->phy_control |= cpu_to_le32(AR9170_TX_PHY_BW_40MHZ_DUP);
1129 if (txrate->flags & IEEE80211_TX_RC_SHORT_GI)
1130 txc->phy_control |= cpu_to_le32(AR9170_TX_PHY_SHORT_GI);
1132 if (txrate->flags & IEEE80211_TX_RC_MCS) {
1133 u32 r = txrate->idx;
1136 r <<= AR9170_TX_PHY_MCS_SHIFT;
1137 if (WARN_ON(r & ~AR9170_TX_PHY_MCS_MASK))
1139 txc->phy_control |= cpu_to_le32(r & AR9170_TX_PHY_MCS_MASK);
1140 txc->phy_control |= cpu_to_le32(AR9170_TX_PHY_MOD_HT);
1142 if (txrate->flags & IEEE80211_TX_RC_40_MHZ_WIDTH) {
1143 if (info->band == IEEE80211_BAND_5GHZ)
1144 txpower = ar->power_5G_ht40;
1146 txpower = ar->power_2G_ht40;
1148 if (info->band == IEEE80211_BAND_5GHZ)
1149 txpower = ar->power_5G_ht20;
1151 txpower = ar->power_2G_ht20;
1154 power = txpower[(txrate->idx) & 7];
1159 u8 idx = txrate->idx;
1161 if (info->band != IEEE80211_BAND_2GHZ) {
1163 txpower = ar->power_5G_leg;
1164 mod = AR9170_TX_PHY_MOD_OFDM;
1167 txpower = ar->power_2G_cck;
1168 mod = AR9170_TX_PHY_MOD_CCK;
1170 mod = AR9170_TX_PHY_MOD_OFDM;
1171 txpower = ar->power_2G_ofdm;
1175 rate = &__ar9170_ratetable[idx];
1177 phyrate = rate->hw_value & 0xF;
1178 power = txpower[(rate->hw_value & 0x30) >> 4];
1179 phyrate <<= AR9170_TX_PHY_MCS_SHIFT;
1181 txc->phy_control |= cpu_to_le32(mod);
1182 txc->phy_control |= cpu_to_le32(phyrate);
1185 power <<= AR9170_TX_PHY_TX_PWR_SHIFT;
1186 power &= AR9170_TX_PHY_TX_PWR_MASK;
1187 txc->phy_control |= cpu_to_le32(power);
1190 if (ar->eeprom.tx_mask == 1) {
1191 chains = AR9170_TX_PHY_TXCHAIN_1;
1193 chains = AR9170_TX_PHY_TXCHAIN_2;
1195 /* >= 36M legacy OFDM - use only one chain */
1196 if (rate && rate->bitrate >= 360)
1197 chains = AR9170_TX_PHY_TXCHAIN_1;
1199 txc->phy_control |= cpu_to_le32(chains << AR9170_TX_PHY_TXCHAIN_SHIFT);
1202 txc->mac_control |= cpu_to_le16(AR9170_TX_MAC_RATE_PROBE);
1205 * Putting the QoS queue bits into an unexplored territory is
1206 * certainly not elegant.
1208 * In my defense: This idea provides a reasonable way to
1209 * smuggle valuable information to the tx_status callback.
1210 * Also, the idea behind this bit-abuse came straight from
1211 * the original driver code.
1215 cpu_to_le32(queue << AR9170_TX_PHY_QOS_SHIFT);
1217 if (info->control.sta) {
1218 sta_info = (void *) info->control.sta->drv_priv;
1219 skb_queue_tail(&sta_info->tx_status[queue], skb);
1221 skb_queue_tail(&ar->global_tx_status, skb);
1223 queue_delayed_work(ar->hw->workqueue,
1224 &ar->tx_status_janitor,
1225 msecs_to_jiffies(100));
1229 err = ar->tx(ar, skb, tx_status, 0);
1230 if (unlikely(tx_status && err)) {
1231 if (info->control.sta)
1232 skb_unlink(skb, &sta_info->tx_status[queue]);
1234 skb_unlink(skb, &ar->global_tx_status);
1237 return NETDEV_TX_OK;
1240 spin_lock_irqsave(&ar->tx_stats_lock, flags);
1241 ar->tx_stats[queue].len--;
1242 ar->tx_stats[queue].count--;
1243 spin_unlock_irqrestore(&ar->tx_stats_lock, flags);
1247 return NETDEV_TX_OK;
1250 static int ar9170_op_add_interface(struct ieee80211_hw *hw,
1251 struct ieee80211_if_init_conf *conf)
1253 struct ar9170 *ar = hw->priv;
1256 mutex_lock(&ar->mutex);
1263 ar->vif = conf->vif;
1264 memcpy(ar->mac_addr, conf->mac_addr, ETH_ALEN);
1266 if (modparam_nohwcrypt || (ar->vif->type != NL80211_IFTYPE_STATION)) {
1267 ar->rx_software_decryption = true;
1268 ar->disable_offload = true;
1272 ar->want_filter = AR9170_MAC_REG_FTF_DEFAULTS;
1273 err = ar9170_update_frame_filter(ar);
1277 err = ar9170_set_operating_mode(ar);
1280 mutex_unlock(&ar->mutex);
1284 static void ar9170_op_remove_interface(struct ieee80211_hw *hw,
1285 struct ieee80211_if_init_conf *conf)
1287 struct ar9170 *ar = hw->priv;
1289 mutex_lock(&ar->mutex);
1291 ar->want_filter = 0;
1292 ar9170_update_frame_filter(ar);
1293 ar9170_set_beacon_timers(ar);
1294 dev_kfree_skb(ar->beacon);
1296 ar->sniffer_enabled = false;
1297 ar->rx_software_decryption = false;
1298 ar9170_set_operating_mode(ar);
1299 mutex_unlock(&ar->mutex);
1302 static int ar9170_op_config(struct ieee80211_hw *hw, u32 changed)
1304 struct ar9170 *ar = hw->priv;
1307 mutex_lock(&ar->mutex);
1309 if (changed & IEEE80211_CONF_CHANGE_RADIO_ENABLED) {
1314 if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
1319 if (changed & IEEE80211_CONF_CHANGE_PS) {
1324 if (changed & IEEE80211_CONF_CHANGE_POWER) {
1329 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) {
1331 * is it long_frame_max_tx_count or short_frame_max_tx_count?
1334 err = ar9170_set_hwretry_limit(ar,
1335 ar->hw->conf.long_frame_max_tx_count);
1340 if (changed & BSS_CHANGED_BEACON_INT) {
1341 err = ar9170_set_beacon_timers(ar);
1346 if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
1347 err = ar9170_set_channel(ar, hw->conf.channel,
1349 nl80211_to_ar9170(hw->conf.channel_type));
1352 /* adjust slot time for 5 GHz */
1353 if (hw->conf.channel->band == IEEE80211_BAND_5GHZ)
1354 err = ar9170_write_reg(ar, AR9170_MAC_REG_SLOT_TIME,
1359 mutex_unlock(&ar->mutex);
1363 static int ar9170_op_config_interface(struct ieee80211_hw *hw,
1364 struct ieee80211_vif *vif,
1365 struct ieee80211_if_conf *conf)
1367 struct ar9170 *ar = hw->priv;
1370 mutex_lock(&ar->mutex);
1372 if (conf->changed & IEEE80211_IFCC_BSSID) {
1373 memcpy(ar->bssid, conf->bssid, ETH_ALEN);
1374 err = ar9170_set_operating_mode(ar);
1377 if (conf->changed & IEEE80211_IFCC_BEACON) {
1378 err = ar9170_update_beacon(ar);
1382 err = ar9170_set_beacon_timers(ar);
1386 mutex_unlock(&ar->mutex);
1390 static void ar9170_set_filters(struct work_struct *work)
1392 struct ar9170 *ar = container_of(work, struct ar9170,
1393 filter_config_work);
1396 if (unlikely(!IS_STARTED(ar)))
1399 mutex_lock(&ar->mutex);
1400 if (ar->filter_changed & AR9170_FILTER_CHANGED_PROMISC) {
1401 err = ar9170_set_operating_mode(ar);
1406 if (ar->filter_changed & AR9170_FILTER_CHANGED_MULTICAST) {
1407 err = ar9170_update_multicast(ar);
1412 if (ar->filter_changed & AR9170_FILTER_CHANGED_FRAMEFILTER)
1413 err = ar9170_update_frame_filter(ar);
1416 mutex_unlock(&ar->mutex);
1419 static void ar9170_op_configure_filter(struct ieee80211_hw *hw,
1420 unsigned int changed_flags,
1421 unsigned int *new_flags,
1422 int mc_count, struct dev_mc_list *mclist)
1424 struct ar9170 *ar = hw->priv;
1426 /* mask supported flags */
1427 *new_flags &= FIF_ALLMULTI | FIF_CONTROL | FIF_BCN_PRBRESP_PROMISC |
1428 FIF_PROMISC_IN_BSS | FIF_FCSFAIL | FIF_PLCPFAIL;
1429 ar->filter_state = *new_flags;
1431 * We can support more by setting the sniffer bit and
1432 * then checking the error flags, later.
1435 if (changed_flags & FIF_ALLMULTI) {
1436 if (*new_flags & FIF_ALLMULTI) {
1437 ar->want_mc_hash = ~0ULL;
1442 /* always get broadcast frames */
1443 mchash = 1ULL << (0xff>>2);
1445 for (i = 0; i < mc_count; i++) {
1446 if (WARN_ON(!mclist))
1448 mchash |= 1ULL << (mclist->dmi_addr[5] >> 2);
1449 mclist = mclist->next;
1451 ar->want_mc_hash = mchash;
1453 ar->filter_changed |= AR9170_FILTER_CHANGED_MULTICAST;
1456 if (changed_flags & FIF_CONTROL) {
1457 u32 filter = AR9170_MAC_REG_FTF_PSPOLL |
1458 AR9170_MAC_REG_FTF_RTS |
1459 AR9170_MAC_REG_FTF_CTS |
1460 AR9170_MAC_REG_FTF_ACK |
1461 AR9170_MAC_REG_FTF_CFE |
1462 AR9170_MAC_REG_FTF_CFE_ACK;
1464 if (*new_flags & FIF_CONTROL)
1465 ar->want_filter = ar->cur_filter | filter;
1467 ar->want_filter = ar->cur_filter & ~filter;
1469 ar->filter_changed |= AR9170_FILTER_CHANGED_FRAMEFILTER;
1472 if (changed_flags & FIF_PROMISC_IN_BSS) {
1473 ar->sniffer_enabled = ((*new_flags) & FIF_PROMISC_IN_BSS) != 0;
1474 ar->filter_changed |= AR9170_FILTER_CHANGED_PROMISC;
1477 if (likely(IS_STARTED(ar)))
1478 queue_work(ar->hw->workqueue, &ar->filter_config_work);
1481 static void ar9170_op_bss_info_changed(struct ieee80211_hw *hw,
1482 struct ieee80211_vif *vif,
1483 struct ieee80211_bss_conf *bss_conf,
1486 struct ar9170 *ar = hw->priv;
1489 mutex_lock(&ar->mutex);
1491 ar9170_regwrite_begin(ar);
1493 if (changed & BSS_CHANGED_ASSOC) {
1494 ar->state = bss_conf->assoc ? AR9170_ASSOCIATED : ar->state;
1496 #ifndef CONFIG_AR9170_LEDS
1497 /* enable assoc LED. */
1498 err = ar9170_set_leds_state(ar, bss_conf->assoc ? 2 : 0);
1499 #endif /* CONFIG_AR9170_LEDS */
1502 if (changed & BSS_CHANGED_BEACON_INT)
1503 err = ar9170_set_beacon_timers(ar);
1505 if (changed & BSS_CHANGED_HT) {
1510 if (changed & BSS_CHANGED_ERP_SLOT) {
1513 if (bss_conf->use_short_slot)
1516 ar9170_regwrite(AR9170_MAC_REG_SLOT_TIME, slottime << 10);
1519 if (changed & BSS_CHANGED_BASIC_RATES) {
1522 if (hw->conf.channel->band == IEEE80211_BAND_5GHZ) {
1523 ofdm = bss_conf->basic_rates;
1526 /* four cck rates */
1527 cck = bss_conf->basic_rates & 0xf;
1528 ofdm = bss_conf->basic_rates >> 4;
1530 ar9170_regwrite(AR9170_MAC_REG_BASIC_RATE,
1534 ar9170_regwrite_finish();
1535 err = ar9170_regwrite_result();
1536 mutex_unlock(&ar->mutex);
1539 static u64 ar9170_op_get_tsf(struct ieee80211_hw *hw)
1541 struct ar9170 *ar = hw->priv;
1547 mutex_lock(&ar->mutex);
1548 err = ar9170_read_reg(ar, AR9170_MAC_REG_TSF_L, &tsf_low);
1550 err = ar9170_read_reg(ar, AR9170_MAC_REG_TSF_H, &tsf_high);
1551 mutex_unlock(&ar->mutex);
1557 tsf = (tsf << 32) | tsf_low;
1561 static int ar9170_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
1562 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
1563 struct ieee80211_key_conf *key)
1565 struct ar9170 *ar = hw->priv;
1569 if ((!ar->vif) || (ar->disable_offload))
1574 if (key->keylen == LEN_WEP40)
1575 ktype = AR9170_ENC_ALG_WEP64;
1577 ktype = AR9170_ENC_ALG_WEP128;
1580 ktype = AR9170_ENC_ALG_TKIP;
1583 ktype = AR9170_ENC_ALG_AESCCMP;
1589 mutex_lock(&ar->mutex);
1590 if (cmd == SET_KEY) {
1591 if (unlikely(!IS_STARTED(ar))) {
1596 /* group keys need all-zeroes address */
1597 if (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE))
1600 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
1601 for (i = 0; i < 64; i++)
1602 if (!(ar->usedkeys & BIT(i)))
1605 ar->rx_software_decryption = true;
1606 ar9170_set_operating_mode(ar);
1611 i = 64 + key->keyidx;
1614 key->hw_key_idx = i;
1616 err = ar9170_upload_key(ar, i, sta ? sta->addr : NULL, ktype, 0,
1617 key->key, min_t(u8, 16, key->keylen));
1621 if (key->alg == ALG_TKIP) {
1622 err = ar9170_upload_key(ar, i, sta ? sta->addr : NULL,
1623 ktype, 1, key->key + 16, 16);
1628 * hardware is not capable generating the MMIC
1629 * for fragmented frames!
1631 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
1635 ar->usedkeys |= BIT(i);
1637 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
1639 if (unlikely(!IS_STARTED(ar))) {
1640 /* The device is gone... together with the key ;-) */
1645 err = ar9170_disable_key(ar, key->hw_key_idx);
1649 if (key->hw_key_idx < 64) {
1650 ar->usedkeys &= ~BIT(key->hw_key_idx);
1652 err = ar9170_upload_key(ar, key->hw_key_idx, NULL,
1653 AR9170_ENC_ALG_NONE, 0,
1658 if (key->alg == ALG_TKIP) {
1659 err = ar9170_upload_key(ar, key->hw_key_idx,
1661 AR9170_ENC_ALG_NONE, 1,
1670 ar9170_regwrite_begin(ar);
1671 ar9170_regwrite(AR9170_MAC_REG_ROLL_CALL_TBL_L, ar->usedkeys);
1672 ar9170_regwrite(AR9170_MAC_REG_ROLL_CALL_TBL_H, ar->usedkeys >> 32);
1673 ar9170_regwrite_finish();
1674 err = ar9170_regwrite_result();
1677 mutex_unlock(&ar->mutex);
1682 static void ar9170_sta_notify(struct ieee80211_hw *hw,
1683 struct ieee80211_vif *vif,
1684 enum sta_notify_cmd cmd,
1685 struct ieee80211_sta *sta)
1687 struct ar9170 *ar = hw->priv;
1688 struct ar9170_sta_info *info = (void *) sta->drv_priv;
1689 struct sk_buff *skb;
1693 case STA_NOTIFY_ADD:
1694 for (i = 0; i < ar->hw->queues; i++)
1695 skb_queue_head_init(&info->tx_status[i]);
1698 case STA_NOTIFY_REMOVE:
1701 * transfer all outstanding frames that need a tx_status
1702 * reports to the global tx_status queue
1705 for (i = 0; i < ar->hw->queues; i++) {
1706 while ((skb = skb_dequeue(&info->tx_status[i]))) {
1707 #ifdef AR9170_QUEUE_DEBUG
1708 printk(KERN_DEBUG "%s: queueing frame in "
1709 "global tx_status queue =>\n",
1710 wiphy_name(ar->hw->wiphy));
1712 ar9170_print_txheader(ar, skb);
1713 #endif /* AR9170_QUEUE_DEBUG */
1714 skb_queue_tail(&ar->global_tx_status, skb);
1717 queue_delayed_work(ar->hw->workqueue, &ar->tx_status_janitor,
1718 msecs_to_jiffies(100));
1726 static int ar9170_get_stats(struct ieee80211_hw *hw,
1727 struct ieee80211_low_level_stats *stats)
1729 struct ar9170 *ar = hw->priv;
1733 mutex_lock(&ar->mutex);
1734 err = ar9170_read_reg(ar, AR9170_MAC_REG_TX_RETRY, &val);
1735 ar->stats.dot11ACKFailureCount += val;
1737 memcpy(stats, &ar->stats, sizeof(*stats));
1738 mutex_unlock(&ar->mutex);
1743 static int ar9170_get_tx_stats(struct ieee80211_hw *hw,
1744 struct ieee80211_tx_queue_stats *tx_stats)
1746 struct ar9170 *ar = hw->priv;
1748 spin_lock_bh(&ar->tx_stats_lock);
1749 memcpy(tx_stats, ar->tx_stats, sizeof(tx_stats[0]) * hw->queues);
1750 spin_unlock_bh(&ar->tx_stats_lock);
1755 static int ar9170_conf_tx(struct ieee80211_hw *hw, u16 queue,
1756 const struct ieee80211_tx_queue_params *param)
1758 struct ar9170 *ar = hw->priv;
1761 mutex_lock(&ar->mutex);
1762 if ((param) && !(queue > ar->hw->queues)) {
1763 memcpy(&ar->edcf[ar9170_qos_hwmap[queue]],
1764 param, sizeof(*param));
1766 ret = ar9170_set_qos(ar);
1770 mutex_unlock(&ar->mutex);
1774 static int ar9170_ampdu_action(struct ieee80211_hw *hw,
1775 enum ieee80211_ampdu_mlme_action action,
1776 struct ieee80211_sta *sta, u16 tid, u16 *ssn)
1779 case IEEE80211_AMPDU_RX_START:
1780 case IEEE80211_AMPDU_RX_STOP:
1782 * Something goes wrong -- RX locks up
1783 * after a while of receiving aggregated
1784 * frames -- not enabling for now.
1792 static const struct ieee80211_ops ar9170_ops = {
1793 .start = ar9170_op_start,
1794 .stop = ar9170_op_stop,
1796 .add_interface = ar9170_op_add_interface,
1797 .remove_interface = ar9170_op_remove_interface,
1798 .config = ar9170_op_config,
1799 .config_interface = ar9170_op_config_interface,
1800 .configure_filter = ar9170_op_configure_filter,
1801 .conf_tx = ar9170_conf_tx,
1802 .bss_info_changed = ar9170_op_bss_info_changed,
1803 .get_tsf = ar9170_op_get_tsf,
1804 .set_key = ar9170_set_key,
1805 .sta_notify = ar9170_sta_notify,
1806 .get_stats = ar9170_get_stats,
1807 .get_tx_stats = ar9170_get_tx_stats,
1808 .ampdu_action = ar9170_ampdu_action,
1811 void *ar9170_alloc(size_t priv_size)
1813 struct ieee80211_hw *hw;
1815 struct sk_buff *skb;
1819 * this buffer is used for rx stream reconstruction.
1820 * Under heavy load this device (or the transport layer?)
1821 * tends to split the streams into seperate rx descriptors.
1824 skb = __dev_alloc_skb(AR9170_MAX_RX_BUFFER_SIZE, GFP_KERNEL);
1828 hw = ieee80211_alloc_hw(priv_size, &ar9170_ops);
1834 ar->rx_failover = skb;
1836 mutex_init(&ar->mutex);
1837 spin_lock_init(&ar->cmdlock);
1838 spin_lock_init(&ar->tx_stats_lock);
1839 skb_queue_head_init(&ar->global_tx_status);
1840 skb_queue_head_init(&ar->global_tx_status_waste);
1841 ar9170_rx_reset_rx_mpdu(ar);
1842 INIT_WORK(&ar->filter_config_work, ar9170_set_filters);
1843 INIT_WORK(&ar->beacon_work, ar9170_new_beacon);
1844 INIT_DELAYED_WORK(&ar->tx_status_janitor, ar9170_tx_status_janitor);
1846 /* all hw supports 2.4 GHz, so set channel to 1 by default */
1847 ar->channel = &ar9170_2ghz_chantable[0];
1849 /* first part of wiphy init */
1850 ar->hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
1851 BIT(NL80211_IFTYPE_WDS) |
1852 BIT(NL80211_IFTYPE_ADHOC);
1853 ar->hw->flags |= IEEE80211_HW_RX_INCLUDES_FCS |
1854 IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING |
1855 IEEE80211_HW_SIGNAL_DBM |
1856 IEEE80211_HW_NOISE_DBM;
1858 ar->hw->queues = __AR9170_NUM_TXQ;
1859 ar->hw->extra_tx_headroom = 8;
1860 ar->hw->sta_data_size = sizeof(struct ar9170_sta_info);
1862 ar->hw->max_rates = 1;
1863 ar->hw->max_rate_tries = 3;
1865 for (i = 0; i < ARRAY_SIZE(ar->noise); i++)
1866 ar->noise[i] = -95; /* ATH_DEFAULT_NOISE_FLOOR */
1872 return ERR_PTR(-ENOMEM);
1875 static int ar9170_read_eeprom(struct ar9170 *ar)
1877 #define RW 8 /* number of words to read at once */
1878 #define RB (sizeof(u32) * RW)
1879 DECLARE_MAC_BUF(mbuf);
1880 u8 *eeprom = (void *)&ar->eeprom;
1881 u8 *addr = ar->eeprom.mac_address;
1883 int i, j, err, bands = 0;
1885 BUILD_BUG_ON(sizeof(ar->eeprom) & 3);
1887 BUILD_BUG_ON(RB > AR9170_MAX_CMD_LEN - 4);
1889 /* don't want to handle trailing remains */
1890 BUILD_BUG_ON(sizeof(ar->eeprom) % RB);
1893 for (i = 0; i < sizeof(ar->eeprom)/RB; i++) {
1894 for (j = 0; j < RW; j++)
1895 offsets[j] = cpu_to_le32(AR9170_EEPROM_START +
1898 err = ar->exec_cmd(ar, AR9170_CMD_RREG,
1899 RB, (u8 *) &offsets,
1900 RB, eeprom + RB * i);
1908 if (ar->eeprom.length == cpu_to_le16(0xFFFF))
1911 if (ar->eeprom.operating_flags & AR9170_OPFLAG_2GHZ) {
1912 ar->hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &ar9170_band_2GHz;
1915 if (ar->eeprom.operating_flags & AR9170_OPFLAG_5GHZ) {
1916 ar->hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &ar9170_band_5GHz;
1920 * I measured this, a bandswitch takes roughly
1921 * 135 ms and a frequency switch about 80.
1923 * FIXME: measure these values again once EEPROM settings
1924 * are used, that will influence them!
1927 ar->hw->channel_change_time = 135 * 1000;
1929 ar->hw->channel_change_time = 80 * 1000;
1931 ar->regulatory.current_rd = le16_to_cpu(ar->eeprom.reg_domain[0]);
1932 ar->regulatory.current_rd_ext = le16_to_cpu(ar->eeprom.reg_domain[1]);
1934 /* second part of wiphy init */
1935 SET_IEEE80211_PERM_ADDR(ar->hw, addr);
1937 return bands ? 0 : -EINVAL;
1940 static int ar9170_reg_notifier(struct wiphy *wiphy,
1941 struct regulatory_request *request)
1943 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
1944 struct ar9170 *ar = hw->priv;
1946 return ath_reg_notifier_apply(wiphy, request, &ar->regulatory);
1949 int ar9170_register(struct ar9170 *ar, struct device *pdev)
1953 /* try to read EEPROM, init MAC addr */
1954 err = ar9170_read_eeprom(ar);
1958 err = ath_regd_init(&ar->regulatory, ar->hw->wiphy,
1959 ar9170_reg_notifier);
1963 err = ieee80211_register_hw(ar->hw);
1967 if (!ath_is_world_regd(&ar->regulatory))
1968 regulatory_hint(ar->hw->wiphy, ar->regulatory.alpha2);
1970 err = ar9170_init_leds(ar);
1974 #ifdef CONFIG_AR9170_LEDS
1975 err = ar9170_register_leds(ar);
1978 #endif /* CONFIG_AR9170_LEDS */
1980 dev_info(pdev, "Atheros AR9170 is registered as '%s'\n",
1981 wiphy_name(ar->hw->wiphy));
1986 ieee80211_unregister_hw(ar->hw);
1992 void ar9170_unregister(struct ar9170 *ar)
1994 #ifdef CONFIG_AR9170_LEDS
1995 ar9170_unregister_leds(ar);
1996 #endif /* CONFIG_AR9170_LEDS */
1998 kfree_skb(ar->rx_failover);
1999 ieee80211_unregister_hw(ar->hw);
2000 mutex_destroy(&ar->mutex);