1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 	Copyright (C) 2010 Willow Garage <http://www.willowgarage.com>
4 	Copyright (C) 2004 - 2010 Ivo van Doorn <IvDoorn@gmail.com>
5 	<http://rt2x00.serialmonkey.com>
6 
7  */
8 
9 /*
10 	Module: rt2x00lib
11 	Abstract: rt2x00 generic device routines.
12  */
13 
14 #include <linux/kernel.h>
15 #include <linux/module.h>
16 #include <linux/slab.h>
17 #include <linux/log2.h>
18 #include <linux/of.h>
19 #include <linux/of_net.h>
20 
21 #include "rt2x00.h"
22 #include "rt2x00lib.h"
23 
24 /*
25  * Utility functions.
26  */
27 u32 rt2x00lib_get_bssidx(struct rt2x00_dev *rt2x00dev,
28 			 struct ieee80211_vif *vif)
29 {
30 	/*
31 	 * When in STA mode, bssidx is always 0 otherwise local_address[5]
32 	 * contains the bss number, see BSS_ID_MASK comments for details.
33 	 */
34 	if (rt2x00dev->intf_sta_count)
35 		return 0;
36 	return vif->addr[5] & (rt2x00dev->ops->max_ap_intf - 1);
37 }
38 EXPORT_SYMBOL_GPL(rt2x00lib_get_bssidx);
39 
40 /*
41  * Radio control handlers.
42  */
43 int rt2x00lib_enable_radio(struct rt2x00_dev *rt2x00dev)
44 {
45 	int status;
46 
47 	/*
48 	 * Don't enable the radio twice.
49 	 * And check if the hardware button has been disabled.
50 	 */
51 	if (test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
52 		return 0;
53 
54 	/*
55 	 * Initialize all data queues.
56 	 */
57 	rt2x00queue_init_queues(rt2x00dev);
58 
59 	/*
60 	 * Enable radio.
61 	 */
62 	status =
63 	    rt2x00dev->ops->lib->set_device_state(rt2x00dev, STATE_RADIO_ON);
64 	if (status)
65 		return status;
66 
67 	rt2x00dev->ops->lib->set_device_state(rt2x00dev, STATE_RADIO_IRQ_ON);
68 
69 	rt2x00leds_led_radio(rt2x00dev, true);
70 	rt2x00led_led_activity(rt2x00dev, true);
71 
72 	set_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags);
73 
74 	/*
75 	 * Enable queues.
76 	 */
77 	rt2x00queue_start_queues(rt2x00dev);
78 	rt2x00link_start_tuner(rt2x00dev);
79 
80 	/*
81 	 * Start watchdog monitoring.
82 	 */
83 	rt2x00link_start_watchdog(rt2x00dev);
84 
85 	return 0;
86 }
87 
88 void rt2x00lib_disable_radio(struct rt2x00_dev *rt2x00dev)
89 {
90 	if (!test_and_clear_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
91 		return;
92 
93 	/*
94 	 * Stop watchdog monitoring.
95 	 */
96 	rt2x00link_stop_watchdog(rt2x00dev);
97 
98 	/*
99 	 * Stop all queues
100 	 */
101 	rt2x00link_stop_tuner(rt2x00dev);
102 	rt2x00queue_stop_queues(rt2x00dev);
103 	rt2x00queue_flush_queues(rt2x00dev, true);
104 
105 	/*
106 	 * Disable radio.
107 	 */
108 	rt2x00dev->ops->lib->set_device_state(rt2x00dev, STATE_RADIO_OFF);
109 	rt2x00dev->ops->lib->set_device_state(rt2x00dev, STATE_RADIO_IRQ_OFF);
110 	rt2x00led_led_activity(rt2x00dev, false);
111 	rt2x00leds_led_radio(rt2x00dev, false);
112 }
113 
114 static void rt2x00lib_intf_scheduled_iter(void *data, u8 *mac,
115 					  struct ieee80211_vif *vif)
116 {
117 	struct rt2x00_dev *rt2x00dev = data;
118 	struct rt2x00_intf *intf = vif_to_intf(vif);
119 
120 	/*
121 	 * It is possible the radio was disabled while the work had been
122 	 * scheduled. If that happens we should return here immediately,
123 	 * note that in the spinlock protected area above the delayed_flags
124 	 * have been cleared correctly.
125 	 */
126 	if (!test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
127 		return;
128 
129 	if (test_and_clear_bit(DELAYED_UPDATE_BEACON, &intf->delayed_flags)) {
130 		mutex_lock(&intf->beacon_skb_mutex);
131 		rt2x00queue_update_beacon(rt2x00dev, vif);
132 		mutex_unlock(&intf->beacon_skb_mutex);
133 	}
134 }
135 
136 static void rt2x00lib_intf_scheduled(struct work_struct *work)
137 {
138 	struct rt2x00_dev *rt2x00dev =
139 	    container_of(work, struct rt2x00_dev, intf_work);
140 
141 	/*
142 	 * Iterate over each interface and perform the
143 	 * requested configurations.
144 	 */
145 	ieee80211_iterate_active_interfaces(rt2x00dev->hw,
146 					    IEEE80211_IFACE_ITER_RESUME_ALL,
147 					    rt2x00lib_intf_scheduled_iter,
148 					    rt2x00dev);
149 }
150 
151 static void rt2x00lib_autowakeup(struct work_struct *work)
152 {
153 	struct rt2x00_dev *rt2x00dev =
154 	    container_of(work, struct rt2x00_dev, autowakeup_work.work);
155 
156 	if (!test_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags))
157 		return;
158 
159 	if (rt2x00dev->ops->lib->set_device_state(rt2x00dev, STATE_AWAKE))
160 		rt2x00_err(rt2x00dev, "Device failed to wakeup\n");
161 	clear_bit(CONFIG_POWERSAVING, &rt2x00dev->flags);
162 }
163 
164 /*
165  * Interrupt context handlers.
166  */
167 static void rt2x00lib_bc_buffer_iter(void *data, u8 *mac,
168 				     struct ieee80211_vif *vif)
169 {
170 	struct ieee80211_tx_control control = {};
171 	struct rt2x00_dev *rt2x00dev = data;
172 	struct sk_buff *skb;
173 
174 	/*
175 	 * Only AP mode interfaces do broad- and multicast buffering
176 	 */
177 	if (vif->type != NL80211_IFTYPE_AP)
178 		return;
179 
180 	/*
181 	 * Send out buffered broad- and multicast frames
182 	 */
183 	skb = ieee80211_get_buffered_bc(rt2x00dev->hw, vif);
184 	while (skb) {
185 		rt2x00mac_tx(rt2x00dev->hw, &control, skb);
186 		skb = ieee80211_get_buffered_bc(rt2x00dev->hw, vif);
187 	}
188 }
189 
190 static void rt2x00lib_beaconupdate_iter(void *data, u8 *mac,
191 					struct ieee80211_vif *vif)
192 {
193 	struct rt2x00_dev *rt2x00dev = data;
194 
195 	if (vif->type != NL80211_IFTYPE_AP &&
196 	    vif->type != NL80211_IFTYPE_ADHOC &&
197 	    vif->type != NL80211_IFTYPE_MESH_POINT &&
198 	    vif->type != NL80211_IFTYPE_WDS)
199 		return;
200 
201 	/*
202 	 * Update the beacon without locking. This is safe on PCI devices
203 	 * as they only update the beacon periodically here. This should
204 	 * never be called for USB devices.
205 	 */
206 	WARN_ON(rt2x00_is_usb(rt2x00dev));
207 	rt2x00queue_update_beacon(rt2x00dev, vif);
208 }
209 
210 void rt2x00lib_beacondone(struct rt2x00_dev *rt2x00dev)
211 {
212 	if (!test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
213 		return;
214 
215 	/* send buffered bc/mc frames out for every bssid */
216 	ieee80211_iterate_active_interfaces_atomic(
217 		rt2x00dev->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
218 		rt2x00lib_bc_buffer_iter, rt2x00dev);
219 	/*
220 	 * Devices with pre tbtt interrupt don't need to update the beacon
221 	 * here as they will fetch the next beacon directly prior to
222 	 * transmission.
223 	 */
224 	if (rt2x00_has_cap_pre_tbtt_interrupt(rt2x00dev))
225 		return;
226 
227 	/* fetch next beacon */
228 	ieee80211_iterate_active_interfaces_atomic(
229 		rt2x00dev->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
230 		rt2x00lib_beaconupdate_iter, rt2x00dev);
231 }
232 EXPORT_SYMBOL_GPL(rt2x00lib_beacondone);
233 
234 void rt2x00lib_pretbtt(struct rt2x00_dev *rt2x00dev)
235 {
236 	if (!test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
237 		return;
238 
239 	/* fetch next beacon */
240 	ieee80211_iterate_active_interfaces_atomic(
241 		rt2x00dev->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
242 		rt2x00lib_beaconupdate_iter, rt2x00dev);
243 }
244 EXPORT_SYMBOL_GPL(rt2x00lib_pretbtt);
245 
246 void rt2x00lib_dmastart(struct queue_entry *entry)
247 {
248 	set_bit(ENTRY_OWNER_DEVICE_DATA, &entry->flags);
249 	rt2x00queue_index_inc(entry, Q_INDEX);
250 }
251 EXPORT_SYMBOL_GPL(rt2x00lib_dmastart);
252 
253 void rt2x00lib_dmadone(struct queue_entry *entry)
254 {
255 	set_bit(ENTRY_DATA_STATUS_PENDING, &entry->flags);
256 	clear_bit(ENTRY_OWNER_DEVICE_DATA, &entry->flags);
257 	rt2x00queue_index_inc(entry, Q_INDEX_DMA_DONE);
258 }
259 EXPORT_SYMBOL_GPL(rt2x00lib_dmadone);
260 
261 static inline int rt2x00lib_txdone_bar_status(struct queue_entry *entry)
262 {
263 	struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
264 	struct ieee80211_bar *bar = (void *) entry->skb->data;
265 	struct rt2x00_bar_list_entry *bar_entry;
266 	int ret;
267 
268 	if (likely(!ieee80211_is_back_req(bar->frame_control)))
269 		return 0;
270 
271 	/*
272 	 * Unlike all other frames, the status report for BARs does
273 	 * not directly come from the hardware as it is incapable of
274 	 * matching a BA to a previously send BAR. The hardware will
275 	 * report all BARs as if they weren't acked at all.
276 	 *
277 	 * Instead the RX-path will scan for incoming BAs and set the
278 	 * block_acked flag if it sees one that was likely caused by
279 	 * a BAR from us.
280 	 *
281 	 * Remove remaining BARs here and return their status for
282 	 * TX done processing.
283 	 */
284 	ret = 0;
285 	rcu_read_lock();
286 	list_for_each_entry_rcu(bar_entry, &rt2x00dev->bar_list, list) {
287 		if (bar_entry->entry != entry)
288 			continue;
289 
290 		spin_lock_bh(&rt2x00dev->bar_list_lock);
291 		/* Return whether this BAR was blockacked or not */
292 		ret = bar_entry->block_acked;
293 		/* Remove the BAR from our checklist */
294 		list_del_rcu(&bar_entry->list);
295 		spin_unlock_bh(&rt2x00dev->bar_list_lock);
296 		kfree_rcu(bar_entry, head);
297 
298 		break;
299 	}
300 	rcu_read_unlock();
301 
302 	return ret;
303 }
304 
305 static void rt2x00lib_fill_tx_status(struct rt2x00_dev *rt2x00dev,
306 				     struct ieee80211_tx_info *tx_info,
307 				     struct skb_frame_desc *skbdesc,
308 				     struct txdone_entry_desc *txdesc,
309 				     bool success)
310 {
311 	u8 rate_idx, rate_flags, retry_rates;
312 	int i;
313 
314 	rate_idx = skbdesc->tx_rate_idx;
315 	rate_flags = skbdesc->tx_rate_flags;
316 	retry_rates = test_bit(TXDONE_FALLBACK, &txdesc->flags) ?
317 	    (txdesc->retry + 1) : 1;
318 
319 	/*
320 	 * Initialize TX status
321 	 */
322 	memset(&tx_info->status, 0, sizeof(tx_info->status));
323 	tx_info->status.ack_signal = 0;
324 
325 	/*
326 	 * Frame was send with retries, hardware tried
327 	 * different rates to send out the frame, at each
328 	 * retry it lowered the rate 1 step except when the
329 	 * lowest rate was used.
330 	 */
331 	for (i = 0; i < retry_rates && i < IEEE80211_TX_MAX_RATES; i++) {
332 		tx_info->status.rates[i].idx = rate_idx - i;
333 		tx_info->status.rates[i].flags = rate_flags;
334 
335 		if (rate_idx - i == 0) {
336 			/*
337 			 * The lowest rate (index 0) was used until the
338 			 * number of max retries was reached.
339 			 */
340 			tx_info->status.rates[i].count = retry_rates - i;
341 			i++;
342 			break;
343 		}
344 		tx_info->status.rates[i].count = 1;
345 	}
346 	if (i < (IEEE80211_TX_MAX_RATES - 1))
347 		tx_info->status.rates[i].idx = -1; /* terminate */
348 
349 	if (test_bit(TXDONE_NO_ACK_REQ, &txdesc->flags))
350 		tx_info->flags |= IEEE80211_TX_CTL_NO_ACK;
351 
352 	if (!(tx_info->flags & IEEE80211_TX_CTL_NO_ACK)) {
353 		if (success)
354 			tx_info->flags |= IEEE80211_TX_STAT_ACK;
355 		else
356 			rt2x00dev->low_level_stats.dot11ACKFailureCount++;
357 	}
358 
359 	/*
360 	 * Every single frame has it's own tx status, hence report
361 	 * every frame as ampdu of size 1.
362 	 *
363 	 * TODO: if we can find out how many frames were aggregated
364 	 * by the hw we could provide the real ampdu_len to mac80211
365 	 * which would allow the rc algorithm to better decide on
366 	 * which rates are suitable.
367 	 */
368 	if (test_bit(TXDONE_AMPDU, &txdesc->flags) ||
369 	    tx_info->flags & IEEE80211_TX_CTL_AMPDU) {
370 		tx_info->flags |= IEEE80211_TX_STAT_AMPDU |
371 				  IEEE80211_TX_CTL_AMPDU;
372 		tx_info->status.ampdu_len = 1;
373 		tx_info->status.ampdu_ack_len = success ? 1 : 0;
374 
375 		if (!success)
376 			tx_info->flags |= IEEE80211_TX_STAT_AMPDU_NO_BACK;
377 	}
378 
379 	if (rate_flags & IEEE80211_TX_RC_USE_RTS_CTS) {
380 		if (success)
381 			rt2x00dev->low_level_stats.dot11RTSSuccessCount++;
382 		else
383 			rt2x00dev->low_level_stats.dot11RTSFailureCount++;
384 	}
385 }
386 
387 static void rt2x00lib_clear_entry(struct rt2x00_dev *rt2x00dev,
388 				  struct queue_entry *entry)
389 {
390 	/*
391 	 * Make this entry available for reuse.
392 	 */
393 	entry->skb = NULL;
394 	entry->flags = 0;
395 
396 	rt2x00dev->ops->lib->clear_entry(entry);
397 
398 	rt2x00queue_index_inc(entry, Q_INDEX_DONE);
399 
400 	/*
401 	 * If the data queue was below the threshold before the txdone
402 	 * handler we must make sure the packet queue in the mac80211 stack
403 	 * is reenabled when the txdone handler has finished. This has to be
404 	 * serialized with rt2x00mac_tx(), otherwise we can wake up queue
405 	 * before it was stopped.
406 	 */
407 	spin_lock_bh(&entry->queue->tx_lock);
408 	if (!rt2x00queue_threshold(entry->queue))
409 		rt2x00queue_unpause_queue(entry->queue);
410 	spin_unlock_bh(&entry->queue->tx_lock);
411 }
412 
413 void rt2x00lib_txdone_nomatch(struct queue_entry *entry,
414 			      struct txdone_entry_desc *txdesc)
415 {
416 	struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
417 	struct skb_frame_desc *skbdesc = get_skb_frame_desc(entry->skb);
418 	struct ieee80211_tx_info txinfo = {};
419 	bool success;
420 
421 	/*
422 	 * Unmap the skb.
423 	 */
424 	rt2x00queue_unmap_skb(entry);
425 
426 	/*
427 	 * Signal that the TX descriptor is no longer in the skb.
428 	 */
429 	skbdesc->flags &= ~SKBDESC_DESC_IN_SKB;
430 
431 	/*
432 	 * Send frame to debugfs immediately, after this call is completed
433 	 * we are going to overwrite the skb->cb array.
434 	 */
435 	rt2x00debug_dump_frame(rt2x00dev, DUMP_FRAME_TXDONE, entry);
436 
437 	/*
438 	 * Determine if the frame has been successfully transmitted and
439 	 * remove BARs from our check list while checking for their
440 	 * TX status.
441 	 */
442 	success =
443 	    rt2x00lib_txdone_bar_status(entry) ||
444 	    test_bit(TXDONE_SUCCESS, &txdesc->flags);
445 
446 	if (!test_bit(TXDONE_UNKNOWN, &txdesc->flags)) {
447 		/*
448 		 * Update TX statistics.
449 		 */
450 		rt2x00dev->link.qual.tx_success += success;
451 		rt2x00dev->link.qual.tx_failed += !success;
452 
453 		rt2x00lib_fill_tx_status(rt2x00dev, &txinfo, skbdesc, txdesc,
454 					 success);
455 		ieee80211_tx_status_noskb(rt2x00dev->hw, skbdesc->sta, &txinfo);
456 	}
457 
458 	dev_kfree_skb_any(entry->skb);
459 	rt2x00lib_clear_entry(rt2x00dev, entry);
460 }
461 EXPORT_SYMBOL_GPL(rt2x00lib_txdone_nomatch);
462 
463 void rt2x00lib_txdone(struct queue_entry *entry,
464 		      struct txdone_entry_desc *txdesc)
465 {
466 	struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
467 	struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(entry->skb);
468 	struct skb_frame_desc *skbdesc = get_skb_frame_desc(entry->skb);
469 	u8 skbdesc_flags = skbdesc->flags;
470 	unsigned int header_length;
471 	bool success;
472 
473 	/*
474 	 * Unmap the skb.
475 	 */
476 	rt2x00queue_unmap_skb(entry);
477 
478 	/*
479 	 * Remove the extra tx headroom from the skb.
480 	 */
481 	skb_pull(entry->skb, rt2x00dev->extra_tx_headroom);
482 
483 	/*
484 	 * Signal that the TX descriptor is no longer in the skb.
485 	 */
486 	skbdesc->flags &= ~SKBDESC_DESC_IN_SKB;
487 
488 	/*
489 	 * Determine the length of 802.11 header.
490 	 */
491 	header_length = ieee80211_get_hdrlen_from_skb(entry->skb);
492 
493 	/*
494 	 * Remove L2 padding which was added during
495 	 */
496 	if (rt2x00_has_cap_flag(rt2x00dev, REQUIRE_L2PAD))
497 		rt2x00queue_remove_l2pad(entry->skb, header_length);
498 
499 	/*
500 	 * If the IV/EIV data was stripped from the frame before it was
501 	 * passed to the hardware, we should now reinsert it again because
502 	 * mac80211 will expect the same data to be present it the
503 	 * frame as it was passed to us.
504 	 */
505 	if (rt2x00_has_cap_hw_crypto(rt2x00dev))
506 		rt2x00crypto_tx_insert_iv(entry->skb, header_length);
507 
508 	/*
509 	 * Send frame to debugfs immediately, after this call is completed
510 	 * we are going to overwrite the skb->cb array.
511 	 */
512 	rt2x00debug_dump_frame(rt2x00dev, DUMP_FRAME_TXDONE, entry);
513 
514 	/*
515 	 * Determine if the frame has been successfully transmitted and
516 	 * remove BARs from our check list while checking for their
517 	 * TX status.
518 	 */
519 	success =
520 	    rt2x00lib_txdone_bar_status(entry) ||
521 	    test_bit(TXDONE_SUCCESS, &txdesc->flags) ||
522 	    test_bit(TXDONE_UNKNOWN, &txdesc->flags);
523 
524 	/*
525 	 * Update TX statistics.
526 	 */
527 	rt2x00dev->link.qual.tx_success += success;
528 	rt2x00dev->link.qual.tx_failed += !success;
529 
530 	rt2x00lib_fill_tx_status(rt2x00dev, tx_info, skbdesc, txdesc, success);
531 
532 	/*
533 	 * Only send the status report to mac80211 when it's a frame
534 	 * that originated in mac80211. If this was a extra frame coming
535 	 * through a mac80211 library call (RTS/CTS) then we should not
536 	 * send the status report back.
537 	 */
538 	if (!(skbdesc_flags & SKBDESC_NOT_MAC80211)) {
539 		if (rt2x00_has_cap_flag(rt2x00dev, REQUIRE_TASKLET_CONTEXT))
540 			ieee80211_tx_status(rt2x00dev->hw, entry->skb);
541 		else
542 			ieee80211_tx_status_ni(rt2x00dev->hw, entry->skb);
543 	} else {
544 		dev_kfree_skb_any(entry->skb);
545 	}
546 
547 	rt2x00lib_clear_entry(rt2x00dev, entry);
548 }
549 EXPORT_SYMBOL_GPL(rt2x00lib_txdone);
550 
551 void rt2x00lib_txdone_noinfo(struct queue_entry *entry, u32 status)
552 {
553 	struct txdone_entry_desc txdesc;
554 
555 	txdesc.flags = 0;
556 	__set_bit(status, &txdesc.flags);
557 	txdesc.retry = 0;
558 
559 	rt2x00lib_txdone(entry, &txdesc);
560 }
561 EXPORT_SYMBOL_GPL(rt2x00lib_txdone_noinfo);
562 
563 static u8 *rt2x00lib_find_ie(u8 *data, unsigned int len, u8 ie)
564 {
565 	struct ieee80211_mgmt *mgmt = (void *)data;
566 	u8 *pos, *end;
567 
568 	pos = (u8 *)mgmt->u.beacon.variable;
569 	end = data + len;
570 	while (pos < end) {
571 		if (pos + 2 + pos[1] > end)
572 			return NULL;
573 
574 		if (pos[0] == ie)
575 			return pos;
576 
577 		pos += 2 + pos[1];
578 	}
579 
580 	return NULL;
581 }
582 
583 static void rt2x00lib_sleep(struct work_struct *work)
584 {
585 	struct rt2x00_dev *rt2x00dev =
586 	    container_of(work, struct rt2x00_dev, sleep_work);
587 
588 	if (!test_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags))
589 		return;
590 
591 	/*
592 	 * Check again is powersaving is enabled, to prevent races from delayed
593 	 * work execution.
594 	 */
595 	if (!test_bit(CONFIG_POWERSAVING, &rt2x00dev->flags))
596 		rt2x00lib_config(rt2x00dev, &rt2x00dev->hw->conf,
597 				 IEEE80211_CONF_CHANGE_PS);
598 }
599 
600 static void rt2x00lib_rxdone_check_ba(struct rt2x00_dev *rt2x00dev,
601 				      struct sk_buff *skb,
602 				      struct rxdone_entry_desc *rxdesc)
603 {
604 	struct rt2x00_bar_list_entry *entry;
605 	struct ieee80211_bar *ba = (void *)skb->data;
606 
607 	if (likely(!ieee80211_is_back(ba->frame_control)))
608 		return;
609 
610 	if (rxdesc->size < sizeof(*ba) + FCS_LEN)
611 		return;
612 
613 	rcu_read_lock();
614 	list_for_each_entry_rcu(entry, &rt2x00dev->bar_list, list) {
615 
616 		if (ba->start_seq_num != entry->start_seq_num)
617 			continue;
618 
619 #define TID_CHECK(a, b) (						\
620 	((a) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK)) ==	\
621 	((b) & cpu_to_le16(IEEE80211_BAR_CTRL_TID_INFO_MASK)))		\
622 
623 		if (!TID_CHECK(ba->control, entry->control))
624 			continue;
625 
626 #undef TID_CHECK
627 
628 		if (!ether_addr_equal_64bits(ba->ra, entry->ta))
629 			continue;
630 
631 		if (!ether_addr_equal_64bits(ba->ta, entry->ra))
632 			continue;
633 
634 		/* Mark BAR since we received the according BA */
635 		spin_lock_bh(&rt2x00dev->bar_list_lock);
636 		entry->block_acked = 1;
637 		spin_unlock_bh(&rt2x00dev->bar_list_lock);
638 		break;
639 	}
640 	rcu_read_unlock();
641 
642 }
643 
644 static void rt2x00lib_rxdone_check_ps(struct rt2x00_dev *rt2x00dev,
645 				      struct sk_buff *skb,
646 				      struct rxdone_entry_desc *rxdesc)
647 {
648 	struct ieee80211_hdr *hdr = (void *) skb->data;
649 	struct ieee80211_tim_ie *tim_ie;
650 	u8 *tim;
651 	u8 tim_len;
652 	bool cam;
653 
654 	/* If this is not a beacon, or if mac80211 has no powersaving
655 	 * configured, or if the device is already in powersaving mode
656 	 * we can exit now. */
657 	if (likely(!ieee80211_is_beacon(hdr->frame_control) ||
658 		   !(rt2x00dev->hw->conf.flags & IEEE80211_CONF_PS)))
659 		return;
660 
661 	/* min. beacon length + FCS_LEN */
662 	if (skb->len <= 40 + FCS_LEN)
663 		return;
664 
665 	/* and only beacons from the associated BSSID, please */
666 	if (!(rxdesc->dev_flags & RXDONE_MY_BSS) ||
667 	    !rt2x00dev->aid)
668 		return;
669 
670 	rt2x00dev->last_beacon = jiffies;
671 
672 	tim = rt2x00lib_find_ie(skb->data, skb->len - FCS_LEN, WLAN_EID_TIM);
673 	if (!tim)
674 		return;
675 
676 	if (tim[1] < sizeof(*tim_ie))
677 		return;
678 
679 	tim_len = tim[1];
680 	tim_ie = (struct ieee80211_tim_ie *) &tim[2];
681 
682 	/* Check whenever the PHY can be turned off again. */
683 
684 	/* 1. What about buffered unicast traffic for our AID? */
685 	cam = ieee80211_check_tim(tim_ie, tim_len, rt2x00dev->aid);
686 
687 	/* 2. Maybe the AP wants to send multicast/broadcast data? */
688 	cam |= (tim_ie->bitmap_ctrl & 0x01);
689 
690 	if (!cam && !test_bit(CONFIG_POWERSAVING, &rt2x00dev->flags))
691 		queue_work(rt2x00dev->workqueue, &rt2x00dev->sleep_work);
692 }
693 
694 static int rt2x00lib_rxdone_read_signal(struct rt2x00_dev *rt2x00dev,
695 					struct rxdone_entry_desc *rxdesc)
696 {
697 	struct ieee80211_supported_band *sband;
698 	const struct rt2x00_rate *rate;
699 	unsigned int i;
700 	int signal = rxdesc->signal;
701 	int type = (rxdesc->dev_flags & RXDONE_SIGNAL_MASK);
702 
703 	switch (rxdesc->rate_mode) {
704 	case RATE_MODE_CCK:
705 	case RATE_MODE_OFDM:
706 		/*
707 		 * For non-HT rates the MCS value needs to contain the
708 		 * actually used rate modulation (CCK or OFDM).
709 		 */
710 		if (rxdesc->dev_flags & RXDONE_SIGNAL_MCS)
711 			signal = RATE_MCS(rxdesc->rate_mode, signal);
712 
713 		sband = &rt2x00dev->bands[rt2x00dev->curr_band];
714 		for (i = 0; i < sband->n_bitrates; i++) {
715 			rate = rt2x00_get_rate(sband->bitrates[i].hw_value);
716 			if (((type == RXDONE_SIGNAL_PLCP) &&
717 			     (rate->plcp == signal)) ||
718 			    ((type == RXDONE_SIGNAL_BITRATE) &&
719 			      (rate->bitrate == signal)) ||
720 			    ((type == RXDONE_SIGNAL_MCS) &&
721 			      (rate->mcs == signal))) {
722 				return i;
723 			}
724 		}
725 		break;
726 	case RATE_MODE_HT_MIX:
727 	case RATE_MODE_HT_GREENFIELD:
728 		if (signal >= 0 && signal <= 76)
729 			return signal;
730 		break;
731 	default:
732 		break;
733 	}
734 
735 	rt2x00_warn(rt2x00dev, "Frame received with unrecognized signal, mode=0x%.4x, signal=0x%.4x, type=%d\n",
736 		    rxdesc->rate_mode, signal, type);
737 	return 0;
738 }
739 
740 void rt2x00lib_rxdone(struct queue_entry *entry, gfp_t gfp)
741 {
742 	struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
743 	struct rxdone_entry_desc rxdesc;
744 	struct sk_buff *skb;
745 	struct ieee80211_rx_status *rx_status;
746 	unsigned int header_length;
747 	int rate_idx;
748 
749 	if (!test_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags) ||
750 	    !test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
751 		goto submit_entry;
752 
753 	if (test_bit(ENTRY_DATA_IO_FAILED, &entry->flags))
754 		goto submit_entry;
755 
756 	/*
757 	 * Allocate a new sk_buffer. If no new buffer available, drop the
758 	 * received frame and reuse the existing buffer.
759 	 */
760 	skb = rt2x00queue_alloc_rxskb(entry, gfp);
761 	if (!skb)
762 		goto submit_entry;
763 
764 	/*
765 	 * Unmap the skb.
766 	 */
767 	rt2x00queue_unmap_skb(entry);
768 
769 	/*
770 	 * Extract the RXD details.
771 	 */
772 	memset(&rxdesc, 0, sizeof(rxdesc));
773 	rt2x00dev->ops->lib->fill_rxdone(entry, &rxdesc);
774 
775 	/*
776 	 * Check for valid size in case we get corrupted descriptor from
777 	 * hardware.
778 	 */
779 	if (unlikely(rxdesc.size == 0 ||
780 		     rxdesc.size > entry->queue->data_size)) {
781 		rt2x00_err(rt2x00dev, "Wrong frame size %d max %d\n",
782 			   rxdesc.size, entry->queue->data_size);
783 		dev_kfree_skb(entry->skb);
784 		goto renew_skb;
785 	}
786 
787 	/*
788 	 * The data behind the ieee80211 header must be
789 	 * aligned on a 4 byte boundary.
790 	 */
791 	header_length = ieee80211_get_hdrlen_from_skb(entry->skb);
792 
793 	/*
794 	 * Hardware might have stripped the IV/EIV/ICV data,
795 	 * in that case it is possible that the data was
796 	 * provided separately (through hardware descriptor)
797 	 * in which case we should reinsert the data into the frame.
798 	 */
799 	if ((rxdesc.dev_flags & RXDONE_CRYPTO_IV) &&
800 	    (rxdesc.flags & RX_FLAG_IV_STRIPPED))
801 		rt2x00crypto_rx_insert_iv(entry->skb, header_length,
802 					  &rxdesc);
803 	else if (header_length &&
804 		 (rxdesc.size > header_length) &&
805 		 (rxdesc.dev_flags & RXDONE_L2PAD))
806 		rt2x00queue_remove_l2pad(entry->skb, header_length);
807 
808 	/* Trim buffer to correct size */
809 	skb_trim(entry->skb, rxdesc.size);
810 
811 	/*
812 	 * Translate the signal to the correct bitrate index.
813 	 */
814 	rate_idx = rt2x00lib_rxdone_read_signal(rt2x00dev, &rxdesc);
815 	if (rxdesc.rate_mode == RATE_MODE_HT_MIX ||
816 	    rxdesc.rate_mode == RATE_MODE_HT_GREENFIELD)
817 		rxdesc.encoding = RX_ENC_HT;
818 
819 	/*
820 	 * Check if this is a beacon, and more frames have been
821 	 * buffered while we were in powersaving mode.
822 	 */
823 	rt2x00lib_rxdone_check_ps(rt2x00dev, entry->skb, &rxdesc);
824 
825 	/*
826 	 * Check for incoming BlockAcks to match to the BlockAckReqs
827 	 * we've send out.
828 	 */
829 	rt2x00lib_rxdone_check_ba(rt2x00dev, entry->skb, &rxdesc);
830 
831 	/*
832 	 * Update extra components
833 	 */
834 	rt2x00link_update_stats(rt2x00dev, entry->skb, &rxdesc);
835 	rt2x00debug_update_crypto(rt2x00dev, &rxdesc);
836 	rt2x00debug_dump_frame(rt2x00dev, DUMP_FRAME_RXDONE, entry);
837 
838 	/*
839 	 * Initialize RX status information, and send frame
840 	 * to mac80211.
841 	 */
842 	rx_status = IEEE80211_SKB_RXCB(entry->skb);
843 
844 	/* Ensure that all fields of rx_status are initialized
845 	 * properly. The skb->cb array was used for driver
846 	 * specific informations, so rx_status might contain
847 	 * garbage.
848 	 */
849 	memset(rx_status, 0, sizeof(*rx_status));
850 
851 	rx_status->mactime = rxdesc.timestamp;
852 	rx_status->band = rt2x00dev->curr_band;
853 	rx_status->freq = rt2x00dev->curr_freq;
854 	rx_status->rate_idx = rate_idx;
855 	rx_status->signal = rxdesc.rssi;
856 	rx_status->flag = rxdesc.flags;
857 	rx_status->enc_flags = rxdesc.enc_flags;
858 	rx_status->encoding = rxdesc.encoding;
859 	rx_status->bw = rxdesc.bw;
860 	rx_status->antenna = rt2x00dev->link.ant.active.rx;
861 
862 	ieee80211_rx_ni(rt2x00dev->hw, entry->skb);
863 
864 renew_skb:
865 	/*
866 	 * Replace the skb with the freshly allocated one.
867 	 */
868 	entry->skb = skb;
869 
870 submit_entry:
871 	entry->flags = 0;
872 	rt2x00queue_index_inc(entry, Q_INDEX_DONE);
873 	if (test_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags) &&
874 	    test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
875 		rt2x00dev->ops->lib->clear_entry(entry);
876 }
877 EXPORT_SYMBOL_GPL(rt2x00lib_rxdone);
878 
879 /*
880  * Driver initialization handlers.
881  */
882 const struct rt2x00_rate rt2x00_supported_rates[12] = {
883 	{
884 		.flags = DEV_RATE_CCK,
885 		.bitrate = 10,
886 		.ratemask = BIT(0),
887 		.plcp = 0x00,
888 		.mcs = RATE_MCS(RATE_MODE_CCK, 0),
889 	},
890 	{
891 		.flags = DEV_RATE_CCK | DEV_RATE_SHORT_PREAMBLE,
892 		.bitrate = 20,
893 		.ratemask = BIT(1),
894 		.plcp = 0x01,
895 		.mcs = RATE_MCS(RATE_MODE_CCK, 1),
896 	},
897 	{
898 		.flags = DEV_RATE_CCK | DEV_RATE_SHORT_PREAMBLE,
899 		.bitrate = 55,
900 		.ratemask = BIT(2),
901 		.plcp = 0x02,
902 		.mcs = RATE_MCS(RATE_MODE_CCK, 2),
903 	},
904 	{
905 		.flags = DEV_RATE_CCK | DEV_RATE_SHORT_PREAMBLE,
906 		.bitrate = 110,
907 		.ratemask = BIT(3),
908 		.plcp = 0x03,
909 		.mcs = RATE_MCS(RATE_MODE_CCK, 3),
910 	},
911 	{
912 		.flags = DEV_RATE_OFDM,
913 		.bitrate = 60,
914 		.ratemask = BIT(4),
915 		.plcp = 0x0b,
916 		.mcs = RATE_MCS(RATE_MODE_OFDM, 0),
917 	},
918 	{
919 		.flags = DEV_RATE_OFDM,
920 		.bitrate = 90,
921 		.ratemask = BIT(5),
922 		.plcp = 0x0f,
923 		.mcs = RATE_MCS(RATE_MODE_OFDM, 1),
924 	},
925 	{
926 		.flags = DEV_RATE_OFDM,
927 		.bitrate = 120,
928 		.ratemask = BIT(6),
929 		.plcp = 0x0a,
930 		.mcs = RATE_MCS(RATE_MODE_OFDM, 2),
931 	},
932 	{
933 		.flags = DEV_RATE_OFDM,
934 		.bitrate = 180,
935 		.ratemask = BIT(7),
936 		.plcp = 0x0e,
937 		.mcs = RATE_MCS(RATE_MODE_OFDM, 3),
938 	},
939 	{
940 		.flags = DEV_RATE_OFDM,
941 		.bitrate = 240,
942 		.ratemask = BIT(8),
943 		.plcp = 0x09,
944 		.mcs = RATE_MCS(RATE_MODE_OFDM, 4),
945 	},
946 	{
947 		.flags = DEV_RATE_OFDM,
948 		.bitrate = 360,
949 		.ratemask = BIT(9),
950 		.plcp = 0x0d,
951 		.mcs = RATE_MCS(RATE_MODE_OFDM, 5),
952 	},
953 	{
954 		.flags = DEV_RATE_OFDM,
955 		.bitrate = 480,
956 		.ratemask = BIT(10),
957 		.plcp = 0x08,
958 		.mcs = RATE_MCS(RATE_MODE_OFDM, 6),
959 	},
960 	{
961 		.flags = DEV_RATE_OFDM,
962 		.bitrate = 540,
963 		.ratemask = BIT(11),
964 		.plcp = 0x0c,
965 		.mcs = RATE_MCS(RATE_MODE_OFDM, 7),
966 	},
967 };
968 
969 static void rt2x00lib_channel(struct ieee80211_channel *entry,
970 			      const int channel, const int tx_power,
971 			      const int value)
972 {
973 	/* XXX: this assumption about the band is wrong for 802.11j */
974 	entry->band = channel <= 14 ? NL80211_BAND_2GHZ : NL80211_BAND_5GHZ;
975 	entry->center_freq = ieee80211_channel_to_frequency(channel,
976 							    entry->band);
977 	entry->hw_value = value;
978 	entry->max_power = tx_power;
979 	entry->max_antenna_gain = 0xff;
980 }
981 
982 static void rt2x00lib_rate(struct ieee80211_rate *entry,
983 			   const u16 index, const struct rt2x00_rate *rate)
984 {
985 	entry->flags = 0;
986 	entry->bitrate = rate->bitrate;
987 	entry->hw_value = index;
988 	entry->hw_value_short = index;
989 
990 	if (rate->flags & DEV_RATE_SHORT_PREAMBLE)
991 		entry->flags |= IEEE80211_RATE_SHORT_PREAMBLE;
992 }
993 
994 void rt2x00lib_set_mac_address(struct rt2x00_dev *rt2x00dev, u8 *eeprom_mac_addr)
995 {
996 	const char *mac_addr;
997 
998 	mac_addr = of_get_mac_address(rt2x00dev->dev->of_node);
999 	if (!IS_ERR(mac_addr))
1000 		ether_addr_copy(eeprom_mac_addr, mac_addr);
1001 
1002 	if (!is_valid_ether_addr(eeprom_mac_addr)) {
1003 		eth_random_addr(eeprom_mac_addr);
1004 		rt2x00_eeprom_dbg(rt2x00dev, "MAC: %pM\n", eeprom_mac_addr);
1005 	}
1006 }
1007 EXPORT_SYMBOL_GPL(rt2x00lib_set_mac_address);
1008 
1009 static int rt2x00lib_probe_hw_modes(struct rt2x00_dev *rt2x00dev,
1010 				    struct hw_mode_spec *spec)
1011 {
1012 	struct ieee80211_hw *hw = rt2x00dev->hw;
1013 	struct ieee80211_channel *channels;
1014 	struct ieee80211_rate *rates;
1015 	unsigned int num_rates;
1016 	unsigned int i;
1017 
1018 	num_rates = 0;
1019 	if (spec->supported_rates & SUPPORT_RATE_CCK)
1020 		num_rates += 4;
1021 	if (spec->supported_rates & SUPPORT_RATE_OFDM)
1022 		num_rates += 8;
1023 
1024 	channels = kcalloc(spec->num_channels, sizeof(*channels), GFP_KERNEL);
1025 	if (!channels)
1026 		return -ENOMEM;
1027 
1028 	rates = kcalloc(num_rates, sizeof(*rates), GFP_KERNEL);
1029 	if (!rates)
1030 		goto exit_free_channels;
1031 
1032 	/*
1033 	 * Initialize Rate list.
1034 	 */
1035 	for (i = 0; i < num_rates; i++)
1036 		rt2x00lib_rate(&rates[i], i, rt2x00_get_rate(i));
1037 
1038 	/*
1039 	 * Initialize Channel list.
1040 	 */
1041 	for (i = 0; i < spec->num_channels; i++) {
1042 		rt2x00lib_channel(&channels[i],
1043 				  spec->channels[i].channel,
1044 				  spec->channels_info[i].max_power, i);
1045 	}
1046 
1047 	/*
1048 	 * Intitialize 802.11b, 802.11g
1049 	 * Rates: CCK, OFDM.
1050 	 * Channels: 2.4 GHz
1051 	 */
1052 	if (spec->supported_bands & SUPPORT_BAND_2GHZ) {
1053 		rt2x00dev->bands[NL80211_BAND_2GHZ].n_channels = 14;
1054 		rt2x00dev->bands[NL80211_BAND_2GHZ].n_bitrates = num_rates;
1055 		rt2x00dev->bands[NL80211_BAND_2GHZ].channels = channels;
1056 		rt2x00dev->bands[NL80211_BAND_2GHZ].bitrates = rates;
1057 		hw->wiphy->bands[NL80211_BAND_2GHZ] =
1058 		    &rt2x00dev->bands[NL80211_BAND_2GHZ];
1059 		memcpy(&rt2x00dev->bands[NL80211_BAND_2GHZ].ht_cap,
1060 		       &spec->ht, sizeof(spec->ht));
1061 	}
1062 
1063 	/*
1064 	 * Intitialize 802.11a
1065 	 * Rates: OFDM.
1066 	 * Channels: OFDM, UNII, HiperLAN2.
1067 	 */
1068 	if (spec->supported_bands & SUPPORT_BAND_5GHZ) {
1069 		rt2x00dev->bands[NL80211_BAND_5GHZ].n_channels =
1070 		    spec->num_channels - 14;
1071 		rt2x00dev->bands[NL80211_BAND_5GHZ].n_bitrates =
1072 		    num_rates - 4;
1073 		rt2x00dev->bands[NL80211_BAND_5GHZ].channels = &channels[14];
1074 		rt2x00dev->bands[NL80211_BAND_5GHZ].bitrates = &rates[4];
1075 		hw->wiphy->bands[NL80211_BAND_5GHZ] =
1076 		    &rt2x00dev->bands[NL80211_BAND_5GHZ];
1077 		memcpy(&rt2x00dev->bands[NL80211_BAND_5GHZ].ht_cap,
1078 		       &spec->ht, sizeof(spec->ht));
1079 	}
1080 
1081 	return 0;
1082 
1083  exit_free_channels:
1084 	kfree(channels);
1085 	rt2x00_err(rt2x00dev, "Allocation ieee80211 modes failed\n");
1086 	return -ENOMEM;
1087 }
1088 
1089 static void rt2x00lib_remove_hw(struct rt2x00_dev *rt2x00dev)
1090 {
1091 	if (test_bit(DEVICE_STATE_REGISTERED_HW, &rt2x00dev->flags))
1092 		ieee80211_unregister_hw(rt2x00dev->hw);
1093 
1094 	if (likely(rt2x00dev->hw->wiphy->bands[NL80211_BAND_2GHZ])) {
1095 		kfree(rt2x00dev->hw->wiphy->bands[NL80211_BAND_2GHZ]->channels);
1096 		kfree(rt2x00dev->hw->wiphy->bands[NL80211_BAND_2GHZ]->bitrates);
1097 		rt2x00dev->hw->wiphy->bands[NL80211_BAND_2GHZ] = NULL;
1098 		rt2x00dev->hw->wiphy->bands[NL80211_BAND_5GHZ] = NULL;
1099 	}
1100 
1101 	kfree(rt2x00dev->spec.channels_info);
1102 }
1103 
1104 static int rt2x00lib_probe_hw(struct rt2x00_dev *rt2x00dev)
1105 {
1106 	struct hw_mode_spec *spec = &rt2x00dev->spec;
1107 	int status;
1108 
1109 	if (test_bit(DEVICE_STATE_REGISTERED_HW, &rt2x00dev->flags))
1110 		return 0;
1111 
1112 	/*
1113 	 * Initialize HW modes.
1114 	 */
1115 	status = rt2x00lib_probe_hw_modes(rt2x00dev, spec);
1116 	if (status)
1117 		return status;
1118 
1119 	/*
1120 	 * Initialize HW fields.
1121 	 */
1122 	rt2x00dev->hw->queues = rt2x00dev->ops->tx_queues;
1123 
1124 	/*
1125 	 * Initialize extra TX headroom required.
1126 	 */
1127 	rt2x00dev->hw->extra_tx_headroom =
1128 		max_t(unsigned int, IEEE80211_TX_STATUS_HEADROOM,
1129 		      rt2x00dev->extra_tx_headroom);
1130 
1131 	/*
1132 	 * Take TX headroom required for alignment into account.
1133 	 */
1134 	if (rt2x00_has_cap_flag(rt2x00dev, REQUIRE_L2PAD))
1135 		rt2x00dev->hw->extra_tx_headroom += RT2X00_L2PAD_SIZE;
1136 	else if (rt2x00_has_cap_flag(rt2x00dev, REQUIRE_DMA))
1137 		rt2x00dev->hw->extra_tx_headroom += RT2X00_ALIGN_SIZE;
1138 
1139 	/*
1140 	 * Tell mac80211 about the size of our private STA structure.
1141 	 */
1142 	rt2x00dev->hw->sta_data_size = sizeof(struct rt2x00_sta);
1143 
1144 	/*
1145 	 * Allocate tx status FIFO for driver use.
1146 	 */
1147 	if (rt2x00_has_cap_flag(rt2x00dev, REQUIRE_TXSTATUS_FIFO)) {
1148 		/*
1149 		 * Allocate the txstatus fifo. In the worst case the tx
1150 		 * status fifo has to hold the tx status of all entries
1151 		 * in all tx queues. Hence, calculate the kfifo size as
1152 		 * tx_queues * entry_num and round up to the nearest
1153 		 * power of 2.
1154 		 */
1155 		int kfifo_size =
1156 			roundup_pow_of_two(rt2x00dev->ops->tx_queues *
1157 					   rt2x00dev->tx->limit *
1158 					   sizeof(u32));
1159 
1160 		status = kfifo_alloc(&rt2x00dev->txstatus_fifo, kfifo_size,
1161 				     GFP_KERNEL);
1162 		if (status)
1163 			return status;
1164 	}
1165 
1166 	/*
1167 	 * Initialize tasklets if used by the driver. Tasklets are
1168 	 * disabled until the interrupts are turned on. The driver
1169 	 * has to handle that.
1170 	 */
1171 #define RT2X00_TASKLET_INIT(taskletname) \
1172 	if (rt2x00dev->ops->lib->taskletname) { \
1173 		tasklet_init(&rt2x00dev->taskletname, \
1174 			     rt2x00dev->ops->lib->taskletname, \
1175 			     (unsigned long)rt2x00dev); \
1176 	}
1177 
1178 	RT2X00_TASKLET_INIT(txstatus_tasklet);
1179 	RT2X00_TASKLET_INIT(pretbtt_tasklet);
1180 	RT2X00_TASKLET_INIT(tbtt_tasklet);
1181 	RT2X00_TASKLET_INIT(rxdone_tasklet);
1182 	RT2X00_TASKLET_INIT(autowake_tasklet);
1183 
1184 #undef RT2X00_TASKLET_INIT
1185 
1186 	/*
1187 	 * Register HW.
1188 	 */
1189 	status = ieee80211_register_hw(rt2x00dev->hw);
1190 	if (status)
1191 		return status;
1192 
1193 	set_bit(DEVICE_STATE_REGISTERED_HW, &rt2x00dev->flags);
1194 
1195 	return 0;
1196 }
1197 
1198 /*
1199  * Initialization/uninitialization handlers.
1200  */
1201 static void rt2x00lib_uninitialize(struct rt2x00_dev *rt2x00dev)
1202 {
1203 	if (!test_and_clear_bit(DEVICE_STATE_INITIALIZED, &rt2x00dev->flags))
1204 		return;
1205 
1206 	/*
1207 	 * Stop rfkill polling.
1208 	 */
1209 	if (rt2x00_has_cap_flag(rt2x00dev, REQUIRE_DELAYED_RFKILL))
1210 		rt2x00rfkill_unregister(rt2x00dev);
1211 
1212 	/*
1213 	 * Allow the HW to uninitialize.
1214 	 */
1215 	rt2x00dev->ops->lib->uninitialize(rt2x00dev);
1216 
1217 	/*
1218 	 * Free allocated queue entries.
1219 	 */
1220 	rt2x00queue_uninitialize(rt2x00dev);
1221 }
1222 
1223 static int rt2x00lib_initialize(struct rt2x00_dev *rt2x00dev)
1224 {
1225 	int status;
1226 
1227 	if (test_bit(DEVICE_STATE_INITIALIZED, &rt2x00dev->flags))
1228 		return 0;
1229 
1230 	/*
1231 	 * Allocate all queue entries.
1232 	 */
1233 	status = rt2x00queue_initialize(rt2x00dev);
1234 	if (status)
1235 		return status;
1236 
1237 	/*
1238 	 * Initialize the device.
1239 	 */
1240 	status = rt2x00dev->ops->lib->initialize(rt2x00dev);
1241 	if (status) {
1242 		rt2x00queue_uninitialize(rt2x00dev);
1243 		return status;
1244 	}
1245 
1246 	set_bit(DEVICE_STATE_INITIALIZED, &rt2x00dev->flags);
1247 
1248 	/*
1249 	 * Start rfkill polling.
1250 	 */
1251 	if (rt2x00_has_cap_flag(rt2x00dev, REQUIRE_DELAYED_RFKILL))
1252 		rt2x00rfkill_register(rt2x00dev);
1253 
1254 	return 0;
1255 }
1256 
1257 int rt2x00lib_start(struct rt2x00_dev *rt2x00dev)
1258 {
1259 	int retval;
1260 
1261 	if (test_bit(DEVICE_STATE_STARTED, &rt2x00dev->flags)) {
1262 		/*
1263 		 * This is special case for ieee80211_restart_hw(), otherwise
1264 		 * mac80211 never call start() two times in row without stop();
1265 		 */
1266 		rt2x00dev->ops->lib->pre_reset_hw(rt2x00dev);
1267 		rt2x00lib_stop(rt2x00dev);
1268 	}
1269 
1270 	/*
1271 	 * If this is the first interface which is added,
1272 	 * we should load the firmware now.
1273 	 */
1274 	retval = rt2x00lib_load_firmware(rt2x00dev);
1275 	if (retval)
1276 		return retval;
1277 
1278 	/*
1279 	 * Initialize the device.
1280 	 */
1281 	retval = rt2x00lib_initialize(rt2x00dev);
1282 	if (retval)
1283 		return retval;
1284 
1285 	rt2x00dev->intf_ap_count = 0;
1286 	rt2x00dev->intf_sta_count = 0;
1287 	rt2x00dev->intf_associated = 0;
1288 
1289 	/* Enable the radio */
1290 	retval = rt2x00lib_enable_radio(rt2x00dev);
1291 	if (retval)
1292 		return retval;
1293 
1294 	set_bit(DEVICE_STATE_STARTED, &rt2x00dev->flags);
1295 
1296 	return 0;
1297 }
1298 
1299 void rt2x00lib_stop(struct rt2x00_dev *rt2x00dev)
1300 {
1301 	if (!test_and_clear_bit(DEVICE_STATE_STARTED, &rt2x00dev->flags))
1302 		return;
1303 
1304 	/*
1305 	 * Perhaps we can add something smarter here,
1306 	 * but for now just disabling the radio should do.
1307 	 */
1308 	rt2x00lib_disable_radio(rt2x00dev);
1309 
1310 	rt2x00dev->intf_ap_count = 0;
1311 	rt2x00dev->intf_sta_count = 0;
1312 	rt2x00dev->intf_associated = 0;
1313 }
1314 
1315 static inline void rt2x00lib_set_if_combinations(struct rt2x00_dev *rt2x00dev)
1316 {
1317 	struct ieee80211_iface_limit *if_limit;
1318 	struct ieee80211_iface_combination *if_combination;
1319 
1320 	if (rt2x00dev->ops->max_ap_intf < 2)
1321 		return;
1322 
1323 	/*
1324 	 * Build up AP interface limits structure.
1325 	 */
1326 	if_limit = &rt2x00dev->if_limits_ap;
1327 	if_limit->max = rt2x00dev->ops->max_ap_intf;
1328 	if_limit->types = BIT(NL80211_IFTYPE_AP);
1329 #ifdef CONFIG_MAC80211_MESH
1330 	if_limit->types |= BIT(NL80211_IFTYPE_MESH_POINT);
1331 #endif
1332 
1333 	/*
1334 	 * Build up AP interface combinations structure.
1335 	 */
1336 	if_combination = &rt2x00dev->if_combinations[IF_COMB_AP];
1337 	if_combination->limits = if_limit;
1338 	if_combination->n_limits = 1;
1339 	if_combination->max_interfaces = if_limit->max;
1340 	if_combination->num_different_channels = 1;
1341 
1342 	/*
1343 	 * Finally, specify the possible combinations to mac80211.
1344 	 */
1345 	rt2x00dev->hw->wiphy->iface_combinations = rt2x00dev->if_combinations;
1346 	rt2x00dev->hw->wiphy->n_iface_combinations = 1;
1347 }
1348 
1349 static unsigned int rt2x00dev_extra_tx_headroom(struct rt2x00_dev *rt2x00dev)
1350 {
1351 	if (WARN_ON(!rt2x00dev->tx))
1352 		return 0;
1353 
1354 	if (rt2x00_is_usb(rt2x00dev))
1355 		return rt2x00dev->tx[0].winfo_size + rt2x00dev->tx[0].desc_size;
1356 
1357 	return rt2x00dev->tx[0].winfo_size;
1358 }
1359 
1360 /*
1361  * driver allocation handlers.
1362  */
1363 int rt2x00lib_probe_dev(struct rt2x00_dev *rt2x00dev)
1364 {
1365 	int retval = -ENOMEM;
1366 
1367 	/*
1368 	 * Set possible interface combinations.
1369 	 */
1370 	rt2x00lib_set_if_combinations(rt2x00dev);
1371 
1372 	/*
1373 	 * Allocate the driver data memory, if necessary.
1374 	 */
1375 	if (rt2x00dev->ops->drv_data_size > 0) {
1376 		rt2x00dev->drv_data = kzalloc(rt2x00dev->ops->drv_data_size,
1377 			                      GFP_KERNEL);
1378 		if (!rt2x00dev->drv_data) {
1379 			retval = -ENOMEM;
1380 			goto exit;
1381 		}
1382 	}
1383 
1384 	spin_lock_init(&rt2x00dev->irqmask_lock);
1385 	mutex_init(&rt2x00dev->csr_mutex);
1386 	mutex_init(&rt2x00dev->conf_mutex);
1387 	INIT_LIST_HEAD(&rt2x00dev->bar_list);
1388 	spin_lock_init(&rt2x00dev->bar_list_lock);
1389 	hrtimer_init(&rt2x00dev->txstatus_timer, CLOCK_MONOTONIC,
1390 		     HRTIMER_MODE_REL);
1391 
1392 	set_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags);
1393 
1394 	/*
1395 	 * Make room for rt2x00_intf inside the per-interface
1396 	 * structure ieee80211_vif.
1397 	 */
1398 	rt2x00dev->hw->vif_data_size = sizeof(struct rt2x00_intf);
1399 
1400 	/*
1401 	 * rt2x00 devices can only use the last n bits of the MAC address
1402 	 * for virtual interfaces.
1403 	 */
1404 	rt2x00dev->hw->wiphy->addr_mask[ETH_ALEN - 1] =
1405 		(rt2x00dev->ops->max_ap_intf - 1);
1406 
1407 	/*
1408 	 * Initialize work.
1409 	 */
1410 	rt2x00dev->workqueue =
1411 	    alloc_ordered_workqueue("%s", 0, wiphy_name(rt2x00dev->hw->wiphy));
1412 	if (!rt2x00dev->workqueue) {
1413 		retval = -ENOMEM;
1414 		goto exit;
1415 	}
1416 
1417 	INIT_WORK(&rt2x00dev->intf_work, rt2x00lib_intf_scheduled);
1418 	INIT_DELAYED_WORK(&rt2x00dev->autowakeup_work, rt2x00lib_autowakeup);
1419 	INIT_WORK(&rt2x00dev->sleep_work, rt2x00lib_sleep);
1420 
1421 	/*
1422 	 * Let the driver probe the device to detect the capabilities.
1423 	 */
1424 	retval = rt2x00dev->ops->lib->probe_hw(rt2x00dev);
1425 	if (retval) {
1426 		rt2x00_err(rt2x00dev, "Failed to allocate device\n");
1427 		goto exit;
1428 	}
1429 
1430 	/*
1431 	 * Allocate queue array.
1432 	 */
1433 	retval = rt2x00queue_allocate(rt2x00dev);
1434 	if (retval)
1435 		goto exit;
1436 
1437 	/* Cache TX headroom value */
1438 	rt2x00dev->extra_tx_headroom = rt2x00dev_extra_tx_headroom(rt2x00dev);
1439 
1440 	/*
1441 	 * Determine which operating modes are supported, all modes
1442 	 * which require beaconing, depend on the availability of
1443 	 * beacon entries.
1444 	 */
1445 	rt2x00dev->hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION);
1446 	if (rt2x00dev->bcn->limit > 0)
1447 		rt2x00dev->hw->wiphy->interface_modes |=
1448 		    BIT(NL80211_IFTYPE_ADHOC) |
1449 #ifdef CONFIG_MAC80211_MESH
1450 		    BIT(NL80211_IFTYPE_MESH_POINT) |
1451 #endif
1452 #ifdef CONFIG_WIRELESS_WDS
1453 		    BIT(NL80211_IFTYPE_WDS) |
1454 #endif
1455 		    BIT(NL80211_IFTYPE_AP);
1456 
1457 	rt2x00dev->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
1458 
1459 	wiphy_ext_feature_set(rt2x00dev->hw->wiphy,
1460 			      NL80211_EXT_FEATURE_CQM_RSSI_LIST);
1461 
1462 	/*
1463 	 * Initialize ieee80211 structure.
1464 	 */
1465 	retval = rt2x00lib_probe_hw(rt2x00dev);
1466 	if (retval) {
1467 		rt2x00_err(rt2x00dev, "Failed to initialize hw\n");
1468 		goto exit;
1469 	}
1470 
1471 	/*
1472 	 * Register extra components.
1473 	 */
1474 	rt2x00link_register(rt2x00dev);
1475 	rt2x00leds_register(rt2x00dev);
1476 	rt2x00debug_register(rt2x00dev);
1477 
1478 	/*
1479 	 * Start rfkill polling.
1480 	 */
1481 	if (!rt2x00_has_cap_flag(rt2x00dev, REQUIRE_DELAYED_RFKILL))
1482 		rt2x00rfkill_register(rt2x00dev);
1483 
1484 	return 0;
1485 
1486 exit:
1487 	rt2x00lib_remove_dev(rt2x00dev);
1488 
1489 	return retval;
1490 }
1491 EXPORT_SYMBOL_GPL(rt2x00lib_probe_dev);
1492 
1493 void rt2x00lib_remove_dev(struct rt2x00_dev *rt2x00dev)
1494 {
1495 	clear_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags);
1496 
1497 	/*
1498 	 * Stop rfkill polling.
1499 	 */
1500 	if (!rt2x00_has_cap_flag(rt2x00dev, REQUIRE_DELAYED_RFKILL))
1501 		rt2x00rfkill_unregister(rt2x00dev);
1502 
1503 	/*
1504 	 * Disable radio.
1505 	 */
1506 	rt2x00lib_disable_radio(rt2x00dev);
1507 
1508 	/*
1509 	 * Stop all work.
1510 	 */
1511 	cancel_work_sync(&rt2x00dev->intf_work);
1512 	cancel_delayed_work_sync(&rt2x00dev->autowakeup_work);
1513 	cancel_work_sync(&rt2x00dev->sleep_work);
1514 
1515 	hrtimer_cancel(&rt2x00dev->txstatus_timer);
1516 
1517 	/*
1518 	 * Kill the tx status tasklet.
1519 	 */
1520 	tasklet_kill(&rt2x00dev->txstatus_tasklet);
1521 	tasklet_kill(&rt2x00dev->pretbtt_tasklet);
1522 	tasklet_kill(&rt2x00dev->tbtt_tasklet);
1523 	tasklet_kill(&rt2x00dev->rxdone_tasklet);
1524 	tasklet_kill(&rt2x00dev->autowake_tasklet);
1525 
1526 	/*
1527 	 * Uninitialize device.
1528 	 */
1529 	rt2x00lib_uninitialize(rt2x00dev);
1530 
1531 	if (rt2x00dev->workqueue)
1532 		destroy_workqueue(rt2x00dev->workqueue);
1533 
1534 	/*
1535 	 * Free the tx status fifo.
1536 	 */
1537 	kfifo_free(&rt2x00dev->txstatus_fifo);
1538 
1539 	/*
1540 	 * Free extra components
1541 	 */
1542 	rt2x00debug_deregister(rt2x00dev);
1543 	rt2x00leds_unregister(rt2x00dev);
1544 
1545 	/*
1546 	 * Free ieee80211_hw memory.
1547 	 */
1548 	rt2x00lib_remove_hw(rt2x00dev);
1549 
1550 	/*
1551 	 * Free firmware image.
1552 	 */
1553 	rt2x00lib_free_firmware(rt2x00dev);
1554 
1555 	/*
1556 	 * Free queue structures.
1557 	 */
1558 	rt2x00queue_free(rt2x00dev);
1559 
1560 	/*
1561 	 * Free the driver data.
1562 	 */
1563 	kfree(rt2x00dev->drv_data);
1564 }
1565 EXPORT_SYMBOL_GPL(rt2x00lib_remove_dev);
1566 
1567 /*
1568  * Device state handlers
1569  */
1570 #ifdef CONFIG_PM
1571 int rt2x00lib_suspend(struct rt2x00_dev *rt2x00dev, pm_message_t state)
1572 {
1573 	rt2x00_dbg(rt2x00dev, "Going to sleep\n");
1574 
1575 	/*
1576 	 * Prevent mac80211 from accessing driver while suspended.
1577 	 */
1578 	if (!test_and_clear_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags))
1579 		return 0;
1580 
1581 	/*
1582 	 * Cleanup as much as possible.
1583 	 */
1584 	rt2x00lib_uninitialize(rt2x00dev);
1585 
1586 	/*
1587 	 * Suspend/disable extra components.
1588 	 */
1589 	rt2x00leds_suspend(rt2x00dev);
1590 	rt2x00debug_deregister(rt2x00dev);
1591 
1592 	/*
1593 	 * Set device mode to sleep for power management,
1594 	 * on some hardware this call seems to consistently fail.
1595 	 * From the specifications it is hard to tell why it fails,
1596 	 * and if this is a "bad thing".
1597 	 * Overall it is safe to just ignore the failure and
1598 	 * continue suspending. The only downside is that the
1599 	 * device will not be in optimal power save mode, but with
1600 	 * the radio and the other components already disabled the
1601 	 * device is as good as disabled.
1602 	 */
1603 	if (rt2x00dev->ops->lib->set_device_state(rt2x00dev, STATE_SLEEP))
1604 		rt2x00_warn(rt2x00dev, "Device failed to enter sleep state, continue suspending\n");
1605 
1606 	return 0;
1607 }
1608 EXPORT_SYMBOL_GPL(rt2x00lib_suspend);
1609 
1610 int rt2x00lib_resume(struct rt2x00_dev *rt2x00dev)
1611 {
1612 	rt2x00_dbg(rt2x00dev, "Waking up\n");
1613 
1614 	/*
1615 	 * Restore/enable extra components.
1616 	 */
1617 	rt2x00debug_register(rt2x00dev);
1618 	rt2x00leds_resume(rt2x00dev);
1619 
1620 	/*
1621 	 * We are ready again to receive requests from mac80211.
1622 	 */
1623 	set_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags);
1624 
1625 	return 0;
1626 }
1627 EXPORT_SYMBOL_GPL(rt2x00lib_resume);
1628 #endif /* CONFIG_PM */
1629 
1630 /*
1631  * rt2x00lib module information.
1632  */
1633 MODULE_AUTHOR(DRV_PROJECT);
1634 MODULE_VERSION(DRV_VERSION);
1635 MODULE_DESCRIPTION("rt2x00 library");
1636 MODULE_LICENSE("GPL");
1637