TEST(MFP), TEST(BLOCK_BA), TEST(PSPOLL),
TEST(UAPSD), TEST(SP), TEST(TDLS_PEER),
TEST(TDLS_PEER_AUTH), TEST(4ADDR_EVENT),
---- a/net/mac80211/ht.c
-+++ b/net/mac80211/ht.c
-@@ -281,13 +281,14 @@ void ieee80211_ba_session_work(struct wo
- sta, tid, WLAN_BACK_RECIPIENT,
- WLAN_REASON_UNSPECIFIED, true);
-
-+ spin_lock_bh(&sta->lock);
-+
- tid_tx = sta->ampdu_mlme.tid_start_tx[tid];
- if (tid_tx) {
- /*
- * Assign it over to the normal tid_tx array
- * where it "goes live".
- */
-- spin_lock_bh(&sta->lock);
-
- sta->ampdu_mlme.tid_start_tx[tid] = NULL;
- /* could there be a race? */
-@@ -300,6 +301,7 @@ void ieee80211_ba_session_work(struct wo
- ieee80211_tx_ba_session_handle_start(sta, tid);
- continue;
- }
-+ spin_unlock_bh(&sta->lock);
-
- tid_tx = rcu_dereference_protected_tid_tx(sta, tid);
- if (tid_tx && test_and_clear_bit(HT_AGG_STATE_WANT_STOP,
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -463,7 +463,6 @@ int ieee80211_do_open(struct wireless_de
default:
WARN(1, "frame for unexpected interface type");
break;
+--- a/net/mac80211/rc80211_minstrel_ht.c
++++ b/net/mac80211/rc80211_minstrel_ht.c
+@@ -804,10 +804,18 @@ minstrel_ht_get_rate(void *priv, struct
+
+ sample_group = &minstrel_mcs_groups[sample_idx / MCS_GROUP_RATES];
+ info->flags |= IEEE80211_TX_CTL_RATE_CTRL_PROBE;
++ rate->count = 1;
++
++ if (sample_idx / MCS_GROUP_RATES == MINSTREL_CCK_GROUP) {
++ int idx = sample_idx % ARRAY_SIZE(mp->cck_rates);
++ rate->idx = mp->cck_rates[idx];
++ rate->flags = 0;
++ return;
++ }
++
+ rate->idx = sample_idx % MCS_GROUP_RATES +
+ (sample_group->streams - 1) * MCS_GROUP_RATES;
+ rate->flags = IEEE80211_TX_RC_MCS | sample_group->flags;
+- rate->count = 1;
+ }
+
+ static void
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
-@@ -2369,6 +2369,7 @@ ieee80211_rx_h_action(struct ieee80211_r
+@@ -936,8 +936,14 @@ ieee80211_rx_h_check(struct ieee80211_rx
+ struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
+ struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb);
+
+- /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
+- if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
++ /*
++ * Drop duplicate 802.11 retransmissions
++ * (IEEE 802.11-2012: 9.3.2.10 "Duplicate detection and recovery")
++ */
++ if (rx->skb->len >= 24 && rx->sta &&
++ !ieee80211_is_ctl(hdr->frame_control) &&
++ !ieee80211_is_qos_nullfunc(hdr->frame_control) &&
++ !is_multicast_ether_addr(hdr->addr1)) {
+ if (unlikely(ieee80211_has_retry(hdr->frame_control) &&
+ rx->sta->last_seq_ctrl[rx->seqno_idx] ==
+ hdr->seq_ctrl)) {
+@@ -2369,6 +2375,7 @@ ieee80211_rx_h_action(struct ieee80211_r
sdata->vif.type != NL80211_IFTYPE_MESH_POINT &&
sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
sdata->vif.type != NL80211_IFTYPE_AP &&
sdata->vif.type != NL80211_IFTYPE_ADHOC)
break;
-@@ -2720,14 +2721,15 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_
+@@ -2720,14 +2727,15 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_
if (!ieee80211_vif_is_mesh(&sdata->vif) &&
sdata->vif.type != NL80211_IFTYPE_ADHOC &&
break;
case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP):
case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP):
-@@ -3059,10 +3061,16 @@ static int prepare_for_handlers(struct i
+@@ -3059,10 +3067,16 @@ static int prepare_for_handlers(struct i
}
break;
case NL80211_IFTYPE_WDS:
break;
case NL80211_IFTYPE_P2P_DEVICE:
if (!ieee80211_is_public_action(hdr, skb->len) &&
---- a/net/mac80211/sta_info.c
-+++ b/net/mac80211/sta_info.c
-@@ -149,6 +149,7 @@ static void cleanup_single_sta(struct st
- * directly by station destruction.
- */
- for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
-+ kfree(sta->ampdu_mlme.tid_start_tx[i]);
- tid_tx = rcu_dereference_raw(sta->ampdu_mlme.tid_tx[i]);
- if (!tid_tx)
- continue;
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -32,7 +32,6 @@
WLAN_STA_CLEAR_PS_FILT,
WLAN_STA_MFP,
WLAN_STA_BLOCK_BA,
-@@ -203,6 +201,7 @@ struct tid_ampdu_rx {
- * driver requested to close until the work for it runs
- * @mtx: mutex to protect all TX data (except non-NULL assignments
- * to tid_tx[idx], which are protected by the sta spinlock)
-+ * tid_start_tx is also protected by sta->lock.
- */
- struct sta_ampdu_mlme {
- struct mutex mtx;
--- a/drivers/net/wireless/ath/ath9k/xmit.c
+++ b/drivers/net/wireless/ath/ath9k/xmit.c
-@@ -1673,6 +1673,8 @@ void ath_txq_schedule(struct ath_softc *
- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
- return;
+@@ -135,6 +135,9 @@ static struct ath_frame_info *get_frame_
-+ rcu_read_lock();
+ static void ath_send_bar(struct ath_atx_tid *tid, u16 seqno)
+ {
++ if (!tid->an->sta)
++ return;
+
- ac = list_first_entry(&txq->axq_acq, struct ath_atx_ac, list);
- last_ac = list_entry(txq->axq_acq.prev, struct ath_atx_ac, list);
+ ieee80211_send_bar(tid->an->vif, tid->an->sta->addr, tid->tidno,
+ seqno << IEEE80211_SEQ_SEQ_SHIFT);
+ }
+@@ -146,6 +149,93 @@ static void ath_set_rates(struct ieee802
+ ARRAY_SIZE(bf->rates));
+ }
+
++static void ath_txq_skb_done(struct ath_softc *sc, struct ath_txq *txq,
++ struct sk_buff *skb)
++{
++ int q;
++
++ q = skb_get_queue_mapping(skb);
++ if (txq == sc->tx.uapsdq)
++ txq = sc->tx.txq_map[q];
++
++ if (txq != sc->tx.txq_map[q])
++ return;
++
++ if (WARN_ON(--txq->pending_frames < 0))
++ txq->pending_frames = 0;
++
++ if (txq->stopped &&
++ txq->pending_frames < sc->tx.txq_max_pending[q]) {
++ ieee80211_wake_queue(sc->hw, q);
++ txq->stopped = false;
++ }
++}
++
++static struct ath_atx_tid *
++ath_get_skb_tid(struct ath_softc *sc, struct ath_node *an, struct sk_buff *skb)
++{
++ struct ieee80211_hdr *hdr;
++ u8 tidno = 0;
++
++ hdr = (struct ieee80211_hdr *) skb->data;
++ if (ieee80211_is_data_qos(hdr->frame_control))
++ tidno = ieee80211_get_qos_ctl(hdr)[0];
++
++ tidno &= IEEE80211_QOS_CTL_TID_MASK;
++ return ATH_AN_2_TID(an, tidno);
++}
++
++static bool ath_tid_has_buffered(struct ath_atx_tid *tid)
++{
++ return !skb_queue_empty(&tid->buf_q) || !skb_queue_empty(&tid->retry_q);
++}
++
++static struct sk_buff *ath_tid_dequeue(struct ath_atx_tid *tid)
++{
++ struct sk_buff *skb;
++
++ skb = __skb_dequeue(&tid->retry_q);
++ if (!skb)
++ skb = __skb_dequeue(&tid->buf_q);
++
++ return skb;
++}
++
++/*
++ * ath_tx_tid_change_state:
++ * - clears a-mpdu flag of previous session
++ * - force sequence number allocation to fix next BlockAck Window
++ */
++static void
++ath_tx_tid_change_state(struct ath_softc *sc, struct ath_atx_tid *tid)
++{
++ struct ath_txq *txq = tid->ac->txq;
++ struct ieee80211_tx_info *tx_info;
++ struct sk_buff *skb, *tskb;
++ struct ath_buf *bf;
++ struct ath_frame_info *fi;
++
++ skb_queue_walk_safe(&tid->buf_q, skb, tskb) {
++ fi = get_frame_info(skb);
++ bf = fi->bf;
++
++ tx_info = IEEE80211_SKB_CB(skb);
++ tx_info->flags &= ~IEEE80211_TX_CTL_AMPDU;
++
++ if (bf)
++ continue;
++
++ bf = ath_tx_setup_buffer(sc, txq, tid, skb);
++ if (!bf) {
++ __skb_unlink(skb, &tid->buf_q);
++ ath_txq_skb_done(sc, txq, skb);
++ ieee80211_free_txskb(sc->hw, skb);
++ continue;
++ }
++ }
++
++}
++
+ static void ath_tx_flush_tid(struct ath_softc *sc, struct ath_atx_tid *tid)
+ {
+ struct ath_txq *txq = tid->ac->txq;
+@@ -160,27 +250,22 @@ static void ath_tx_flush_tid(struct ath_
-@@ -1711,8 +1713,10 @@ void ath_txq_schedule(struct ath_softc *
+ memset(&ts, 0, sizeof(ts));
- if (ac == last_ac ||
- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
-- return;
-+ break;
- }
+- while ((skb = __skb_dequeue(&tid->buf_q))) {
++ while ((skb = __skb_dequeue(&tid->retry_q))) {
+ fi = get_frame_info(skb);
+ bf = fi->bf;
+-
+ if (!bf) {
+- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
+- if (!bf) {
+- ieee80211_free_txskb(sc->hw, skb);
+- continue;
+- }
++ ath_txq_skb_done(sc, txq, skb);
++ ieee80211_free_txskb(sc->hw, skb);
++ continue;
+ }
+
+- if (fi->retries) {
+- list_add_tail(&bf->list, &bf_head);
++ if (fi->baw_tracked) {
+ ath_tx_update_baw(sc, tid, bf->bf_state.seqno);
+- ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ sendbar = true;
+- } else {
+- ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- ath_tx_send_normal(sc, txq, NULL, skb);
+ }
+
-+ rcu_read_unlock();
++ list_add_tail(&bf->list, &bf_head);
++ ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ }
+
+ if (sendbar) {
+@@ -209,13 +294,16 @@ static void ath_tx_update_baw(struct ath
+ }
+
+ static void ath_tx_addto_baw(struct ath_softc *sc, struct ath_atx_tid *tid,
+- u16 seqno)
++ struct ath_buf *bf)
+ {
++ struct ath_frame_info *fi = get_frame_info(bf->bf_mpdu);
++ u16 seqno = bf->bf_state.seqno;
+ int index, cindex;
+
+ index = ATH_BA_INDEX(tid->seq_start, seqno);
+ cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
+ __set_bit(cindex, tid->tx_buf);
++ fi->baw_tracked = 1;
+
+ if (index >= ((tid->baw_tail - tid->baw_head) &
+ (ATH_TID_MAX_BUFS - 1))) {
+@@ -224,12 +312,6 @@ static void ath_tx_addto_baw(struct ath_
+ }
+ }
+
+-/*
+- * TODO: For frame(s) that are in the retry state, we will reuse the
+- * sequence number(s) without setting the retry bit. The
+- * alternative is to give up on these and BAR the receiver's window
+- * forward.
+- */
+ static void ath_tid_drain(struct ath_softc *sc, struct ath_txq *txq,
+ struct ath_atx_tid *tid)
+
+@@ -243,7 +325,7 @@ static void ath_tid_drain(struct ath_sof
+ memset(&ts, 0, sizeof(ts));
+ INIT_LIST_HEAD(&bf_head);
+
+- while ((skb = __skb_dequeue(&tid->buf_q))) {
++ while ((skb = ath_tid_dequeue(tid))) {
+ fi = get_frame_info(skb);
+ bf = fi->bf;
+
+@@ -253,14 +335,8 @@ static void ath_tid_drain(struct ath_sof
+ }
+
+ list_add_tail(&bf->list, &bf_head);
+-
+- ath_tx_update_baw(sc, tid, bf->bf_state.seqno);
+ ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ }
+-
+- tid->seq_next = tid->seq_start;
+- tid->baw_tail = tid->baw_head;
+- tid->bar_index = -1;
}
- /***********/
-@@ -1778,9 +1782,13 @@ static void ath_tx_txqaddbuf(struct ath_
+ static void ath_tx_set_retry(struct ath_softc *sc, struct ath_txq *txq,
+@@ -380,7 +456,6 @@ static void ath_tx_complete_aggr(struct
+ struct ieee80211_tx_rate rates[4];
+ struct ath_frame_info *fi;
+ int nframes;
+- u8 tidno;
+ bool flush = !!(ts->ts_status & ATH9K_TX_FLUSH);
+ int i, retries;
+ int bar_index = -1;
+@@ -406,7 +481,7 @@ static void ath_tx_complete_aggr(struct
+ while (bf) {
+ bf_next = bf->bf_next;
+
+- if (!bf->bf_stale || bf_next != NULL)
++ if (!bf->bf_state.stale || bf_next != NULL)
+ list_move_tail(&bf->list, &bf_head);
+
+ ath_tx_complete_buf(sc, bf, txq, &bf_head, ts, 0);
+@@ -417,8 +492,7 @@ static void ath_tx_complete_aggr(struct
}
- if (!internal) {
-- txq->axq_depth++;
-- if (bf_is_ampdu_not_probing(bf))
-- txq->axq_ampdu_depth++;
-+ while (bf) {
-+ txq->axq_depth++;
-+ if (bf_is_ampdu_not_probing(bf))
-+ txq->axq_ampdu_depth++;
+ an = (struct ath_node *)sta->drv_priv;
+- tidno = ieee80211_get_qos_ctl(hdr)[0] & IEEE80211_QOS_CTL_TID_MASK;
+- tid = ATH_AN_2_TID(an, tidno);
++ tid = ath_get_skb_tid(sc, an, skb);
+ seq_first = tid->seq_start;
+ isba = ts->ts_flags & ATH9K_TX_BA;
+
+@@ -430,7 +504,7 @@ static void ath_tx_complete_aggr(struct
+ * Only BlockAcks have a TID and therefore normal Acks cannot be
+ * checked
+ */
+- if (isba && tidno != ts->tid)
++ if (isba && tid->tidno != ts->tid)
+ txok = false;
+
+ isaggr = bf_isaggr(bf);
+@@ -466,7 +540,8 @@ static void ath_tx_complete_aggr(struct
+ tx_info = IEEE80211_SKB_CB(skb);
+ fi = get_frame_info(skb);
+
+- if (!BAW_WITHIN(tid->seq_start, tid->baw_size, seqno)) {
++ if (!BAW_WITHIN(tid->seq_start, tid->baw_size, seqno) ||
++ !tid->active) {
+ /*
+ * Outside of the current BlockAck window,
+ * maybe part of a previous session
+@@ -499,7 +574,7 @@ static void ath_tx_complete_aggr(struct
+ * not a holding desc.
+ */
+ INIT_LIST_HEAD(&bf_head);
+- if (bf_next != NULL || !bf_last->bf_stale)
++ if (bf_next != NULL || !bf_last->bf_state.stale)
+ list_move_tail(&bf->list, &bf_head);
+
+ if (!txpending) {
+@@ -523,7 +598,7 @@ static void ath_tx_complete_aggr(struct
+ ieee80211_sta_eosp(sta);
+ }
+ /* retry the un-acked ones */
+- if (bf->bf_next == NULL && bf_last->bf_stale) {
++ if (bf->bf_next == NULL && bf_last->bf_state.stale) {
+ struct ath_buf *tbf;
+
+ tbf = ath_clone_txbuf(sc, bf_last);
+@@ -560,7 +635,7 @@ static void ath_tx_complete_aggr(struct
+ if (an->sleeping)
+ ieee80211_sta_set_buffered(sta, tid->tidno, true);
+
+- skb_queue_splice(&bf_pending, &tid->buf_q);
++ skb_queue_splice_tail(&bf_pending, &tid->retry_q);
+ if (!an->sleeping) {
+ ath_tx_queue_tid(txq, tid);
+
+@@ -618,7 +693,7 @@ static void ath_tx_process_buffer(struct
+ } else
+ ath_tx_complete_aggr(sc, txq, bf, bf_head, ts, txok);
+
+- if ((sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT) && !flush)
++ if (!flush)
+ ath_txq_schedule(sc, txq);
+ }
+
+@@ -792,15 +867,20 @@ static int ath_compute_num_delims(struct
+
+ static struct ath_buf *
+ ath_tx_get_tid_subframe(struct ath_softc *sc, struct ath_txq *txq,
+- struct ath_atx_tid *tid)
++ struct ath_atx_tid *tid, struct sk_buff_head **q)
+ {
++ struct ieee80211_tx_info *tx_info;
+ struct ath_frame_info *fi;
+ struct sk_buff *skb;
+ struct ath_buf *bf;
+ u16 seqno;
+
+ while (1) {
+- skb = skb_peek(&tid->buf_q);
++ *q = &tid->retry_q;
++ if (skb_queue_empty(*q))
++ *q = &tid->buf_q;
++
++ skb = skb_peek(*q);
+ if (!skb)
+ break;
+
+@@ -808,13 +888,26 @@ ath_tx_get_tid_subframe(struct ath_softc
+ bf = fi->bf;
+ if (!fi->bf)
+ bf = ath_tx_setup_buffer(sc, txq, tid, skb);
++ else
++ bf->bf_state.stale = false;
+
+ if (!bf) {
+- __skb_unlink(skb, &tid->buf_q);
++ __skb_unlink(skb, *q);
++ ath_txq_skb_done(sc, txq, skb);
+ ieee80211_free_txskb(sc->hw, skb);
+ continue;
+ }
+
++ bf->bf_next = NULL;
++ bf->bf_lastbf = bf;
++
++ tx_info = IEEE80211_SKB_CB(skb);
++ tx_info->flags &= ~IEEE80211_TX_CTL_CLEAR_PS_FILT;
++ if (!(tx_info->flags & IEEE80211_TX_CTL_AMPDU)) {
++ bf->bf_state.bf_type = 0;
++ return bf;
++ }
+
-+ bf = bf->bf_lastbf->bf_next;
+ bf->bf_state.bf_type = BUF_AMPDU | BUF_AGGR;
+ seqno = bf->bf_state.seqno;
+
+@@ -828,73 +921,52 @@ ath_tx_get_tid_subframe(struct ath_softc
+
+ INIT_LIST_HEAD(&bf_head);
+ list_add(&bf->list, &bf_head);
+- __skb_unlink(skb, &tid->buf_q);
++ __skb_unlink(skb, *q);
+ ath_tx_update_baw(sc, tid, seqno);
+ ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);
+ continue;
+ }
+
+- bf->bf_next = NULL;
+- bf->bf_lastbf = bf;
+ return bf;
+ }
+
+ return NULL;
+ }
+
+-static enum ATH_AGGR_STATUS ath_tx_form_aggr(struct ath_softc *sc,
+- struct ath_txq *txq,
+- struct ath_atx_tid *tid,
+- struct list_head *bf_q,
+- int *aggr_len)
++static bool
++ath_tx_form_aggr(struct ath_softc *sc, struct ath_txq *txq,
++ struct ath_atx_tid *tid, struct list_head *bf_q,
++ struct ath_buf *bf_first, struct sk_buff_head *tid_q,
++ int *aggr_len)
+ {
+ #define PADBYTES(_len) ((4 - ((_len) % 4)) % 4)
+- struct ath_buf *bf, *bf_first = NULL, *bf_prev = NULL;
+- int rl = 0, nframes = 0, ndelim, prev_al = 0;
++ struct ath_buf *bf = bf_first, *bf_prev = NULL;
++ int nframes = 0, ndelim;
+ u16 aggr_limit = 0, al = 0, bpad = 0,
+- al_delta, h_baw = tid->baw_size / 2;
+- enum ATH_AGGR_STATUS status = ATH_AGGR_DONE;
++ al_delta, h_baw = tid->baw_size / 2;
+ struct ieee80211_tx_info *tx_info;
+ struct ath_frame_info *fi;
+ struct sk_buff *skb;
++ bool closed = false;
+
+- do {
+- bf = ath_tx_get_tid_subframe(sc, txq, tid);
+- if (!bf) {
+- status = ATH_AGGR_BAW_CLOSED;
+- break;
+- }
++ bf = bf_first;
++ aggr_limit = ath_lookup_rate(sc, bf, tid);
+
++ do {
+ skb = bf->bf_mpdu;
+ fi = get_frame_info(skb);
+
+- if (!bf_first)
+- bf_first = bf;
+-
+- if (!rl) {
+- ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- aggr_limit = ath_lookup_rate(sc, bf, tid);
+- rl = 1;
+- }
+-
+ /* do not exceed aggregation limit */
+ al_delta = ATH_AGGR_DELIM_SZ + fi->framelen;
++ if (nframes) {
++ if (aggr_limit < al + bpad + al_delta ||
++ ath_lookup_legacy(bf) || nframes >= h_baw)
++ break;
+
+- if (nframes &&
+- ((aggr_limit < (al + bpad + al_delta + prev_al)) ||
+- ath_lookup_legacy(bf))) {
+- status = ATH_AGGR_LIMITED;
+- break;
+- }
+-
+- tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
+- if (nframes && (tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE))
+- break;
+-
+- /* do not exceed subframe limit */
+- if (nframes >= min((int)h_baw, ATH_AMPDU_SUBFRAME_DEFAULT)) {
+- status = ATH_AGGR_LIMITED;
+- break;
++ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
++ if ((tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) ||
++ !(tx_info->flags & IEEE80211_TX_CTL_AMPDU))
++ break;
+ }
+
+ /* add padding for previous frame to aggregation length */
+@@ -912,22 +984,37 @@ static enum ATH_AGGR_STATUS ath_tx_form_
+ bf->bf_next = NULL;
+
+ /* link buffers of this frame to the aggregate */
+- if (!fi->retries)
+- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
++ if (!fi->baw_tracked)
++ ath_tx_addto_baw(sc, tid, bf);
+ bf->bf_state.ndelim = ndelim;
+
+- __skb_unlink(skb, &tid->buf_q);
++ __skb_unlink(skb, tid_q);
+ list_add_tail(&bf->list, bf_q);
+ if (bf_prev)
+ bf_prev->bf_next = bf;
+
+ bf_prev = bf;
+
+- } while (!skb_queue_empty(&tid->buf_q));
++ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
++ if (!bf) {
++ closed = true;
++ break;
+ }
++ } while (ath_tid_has_buffered(tid));
++
++ bf = bf_first;
++ bf->bf_lastbf = bf_prev;
++
++ if (bf == bf_prev) {
++ al = get_frame_info(bf->bf_mpdu)->framelen;
++ bf->bf_state.bf_type = BUF_AMPDU;
++ } else {
++ TX_STAT_INC(txq->axq_qnum, a_aggr);
++ }
+
+ *aggr_len = al;
+
+- return status;
++ return closed;
+ #undef PADBYTES
+ }
+
+@@ -1188,53 +1275,86 @@ static void ath_tx_fill_desc(struct ath_
}
}
---- a/drivers/net/wireless/ath/ath9k/htc_drv_main.c
-+++ b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
-@@ -1183,7 +1183,7 @@ static int ath9k_htc_config(struct ieee8
- mutex_lock(&priv->htc_pm_lock);
+-static void ath_tx_sched_aggr(struct ath_softc *sc, struct ath_txq *txq,
+- struct ath_atx_tid *tid)
++static void
++ath_tx_form_burst(struct ath_softc *sc, struct ath_txq *txq,
++ struct ath_atx_tid *tid, struct list_head *bf_q,
++ struct ath_buf *bf_first, struct sk_buff_head *tid_q)
+ {
+- struct ath_buf *bf;
+- enum ATH_AGGR_STATUS status;
+- struct ieee80211_tx_info *tx_info;
+- struct list_head bf_q;
+- int aggr_len;
++ struct ath_buf *bf = bf_first, *bf_prev = NULL;
++ struct sk_buff *skb;
++ int nframes = 0;
- priv->ps_idle = !!(conf->flags & IEEE80211_CONF_IDLE);
-- if (priv->ps_idle)
-+ if (!priv->ps_idle)
- chip_reset = true;
+ do {
+- if (skb_queue_empty(&tid->buf_q))
+- return;
++ struct ieee80211_tx_info *tx_info;
++ skb = bf->bf_mpdu;
- mutex_unlock(&priv->htc_pm_lock);
---- a/net/mac80211/rc80211_minstrel_ht.c
-+++ b/net/mac80211/rc80211_minstrel_ht.c
-@@ -804,10 +804,18 @@ minstrel_ht_get_rate(void *priv, struct
+- INIT_LIST_HEAD(&bf_q);
++ nframes++;
++ __skb_unlink(skb, tid_q);
++ list_add_tail(&bf->list, bf_q);
++ if (bf_prev)
++ bf_prev->bf_next = bf;
++ bf_prev = bf;
- sample_group = &minstrel_mcs_groups[sample_idx / MCS_GROUP_RATES];
- info->flags |= IEEE80211_TX_CTL_RATE_CTRL_PROBE;
-+ rate->count = 1;
+- status = ath_tx_form_aggr(sc, txq, tid, &bf_q, &aggr_len);
++ if (nframes >= 2)
++ break;
+
+- /*
+- * no frames picked up to be aggregated;
+- * block-ack window is not open.
+- */
+- if (list_empty(&bf_q))
++ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
++ if (!bf)
+ break;
+
+- bf = list_first_entry(&bf_q, struct ath_buf, list);
+- bf->bf_lastbf = list_entry(bf_q.prev, struct ath_buf, list);
+ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
++ if (tx_info->flags & IEEE80211_TX_CTL_AMPDU)
++ break;
+
+- if (tid->ac->clear_ps_filter) {
+- tid->ac->clear_ps_filter = false;
+- tx_info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
+- } else {
+- tx_info->flags &= ~IEEE80211_TX_CTL_CLEAR_PS_FILT;
+- }
++ ath_set_rates(tid->an->vif, tid->an->sta, bf);
++ } while (1);
++}
+
+- /* if only one frame, send as non-aggregate */
+- if (bf == bf->bf_lastbf) {
+- aggr_len = get_frame_info(bf->bf_mpdu)->framelen;
+- bf->bf_state.bf_type = BUF_AMPDU;
+- } else {
+- TX_STAT_INC(txq->axq_qnum, a_aggr);
+- }
++static bool ath_tx_sched_aggr(struct ath_softc *sc, struct ath_txq *txq,
++ struct ath_atx_tid *tid, bool *stop)
++{
++ struct ath_buf *bf;
++ struct ieee80211_tx_info *tx_info;
++ struct sk_buff_head *tid_q;
++ struct list_head bf_q;
++ int aggr_len = 0;
++ bool aggr, last = true;
+
-+ if (sample_idx / MCS_GROUP_RATES == MINSTREL_CCK_GROUP) {
-+ int idx = sample_idx % ARRAY_SIZE(mp->cck_rates);
-+ rate->idx = mp->cck_rates[idx];
-+ rate->flags = 0;
-+ return;
++ if (!ath_tid_has_buffered(tid))
++ return false;
++
++ INIT_LIST_HEAD(&bf_q);
++
++ bf = ath_tx_get_tid_subframe(sc, txq, tid, &tid_q);
++ if (!bf)
++ return false;
++
++ tx_info = IEEE80211_SKB_CB(bf->bf_mpdu);
++ aggr = !!(tx_info->flags & IEEE80211_TX_CTL_AMPDU);
++ if ((aggr && txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH) ||
++ (!aggr && txq->axq_depth >= ATH_NON_AGGR_MIN_QDEPTH)) {
++ *stop = true;
++ return false;
+ }
+
- rate->idx = sample_idx % MCS_GROUP_RATES +
- (sample_group->streams - 1) * MCS_GROUP_RATES;
- rate->flags = IEEE80211_TX_RC_MCS | sample_group->flags;
-- rate->count = 1;
++ ath_set_rates(tid->an->vif, tid->an->sta, bf);
++ if (aggr)
++ last = ath_tx_form_aggr(sc, txq, tid, &bf_q, bf,
++ tid_q, &aggr_len);
++ else
++ ath_tx_form_burst(sc, txq, tid, &bf_q, bf, tid_q);
+
+- ath_tx_fill_desc(sc, bf, txq, aggr_len);
+- ath_tx_txqaddbuf(sc, txq, &bf_q, false);
+- } while (txq->axq_ampdu_depth < ATH_AGGR_MIN_QDEPTH &&
+- status != ATH_AGGR_BAW_CLOSED);
++ if (list_empty(&bf_q))
++ return false;
++
++ if (tid->ac->clear_ps_filter || tid->an->no_ps_filter) {
++ tid->ac->clear_ps_filter = false;
++ tx_info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
++ }
++
++ ath_tx_fill_desc(sc, bf, txq, aggr_len);
++ ath_tx_txqaddbuf(sc, txq, &bf_q, false);
++ return true;
}
- static void
+ int ath_tx_aggr_start(struct ath_softc *sc, struct ieee80211_sta *sta,
+@@ -1258,6 +1378,9 @@ int ath_tx_aggr_start(struct ath_softc *
+ an->mpdudensity = density;
+ }
+
++ /* force sequence number allocation for pending frames */
++ ath_tx_tid_change_state(sc, txtid);
++
+ txtid->active = true;
+ txtid->paused = true;
+ *ssn = txtid->seq_start = txtid->seq_next;
+@@ -1277,8 +1400,9 @@ void ath_tx_aggr_stop(struct ath_softc *
+
+ ath_txq_lock(sc, txq);
+ txtid->active = false;
+- txtid->paused = true;
++ txtid->paused = false;
+ ath_tx_flush_tid(sc, txtid);
++ ath_tx_tid_change_state(sc, txtid);
+ ath_txq_unlock_complete(sc, txq);
+ }
+
+@@ -1302,7 +1426,7 @@ void ath_tx_aggr_sleep(struct ieee80211_
+
+ ath_txq_lock(sc, txq);
+
+- buffered = !skb_queue_empty(&tid->buf_q);
++ buffered = ath_tid_has_buffered(tid);
+
+ tid->sched = false;
+ list_del(&tid->list);
+@@ -1334,7 +1458,7 @@ void ath_tx_aggr_wakeup(struct ath_softc
+ ath_txq_lock(sc, txq);
+ ac->clear_ps_filter = true;
+
+- if (!skb_queue_empty(&tid->buf_q) && !tid->paused) {
++ if (!tid->paused && ath_tid_has_buffered(tid)) {
+ ath_tx_queue_tid(txq, tid);
+ ath_txq_schedule(sc, txq);
+ }
+@@ -1359,7 +1483,7 @@ void ath_tx_aggr_resume(struct ath_softc
+ tid->baw_size = IEEE80211_MIN_AMPDU_BUF << sta->ht_cap.ampdu_factor;
+ tid->paused = false;
+
+- if (!skb_queue_empty(&tid->buf_q)) {
++ if (ath_tid_has_buffered(tid)) {
+ ath_tx_queue_tid(txq, tid);
+ ath_txq_schedule(sc, txq);
+ }
+@@ -1379,6 +1503,7 @@ void ath9k_release_buffered_frames(struc
+ struct ieee80211_tx_info *info;
+ struct list_head bf_q;
+ struct ath_buf *bf_tail = NULL, *bf;
++ struct sk_buff_head *tid_q;
+ int sent = 0;
+ int i;
+
+@@ -1394,15 +1519,15 @@ void ath9k_release_buffered_frames(struc
+ continue;
+
+ ath_txq_lock(sc, tid->ac->txq);
+- while (!skb_queue_empty(&tid->buf_q) && nframes > 0) {
+- bf = ath_tx_get_tid_subframe(sc, sc->tx.uapsdq, tid);
++ while (nframes > 0) {
++ bf = ath_tx_get_tid_subframe(sc, sc->tx.uapsdq, tid, &tid_q);
+ if (!bf)
+ break;
+
+- __skb_unlink(bf->bf_mpdu, &tid->buf_q);
++ __skb_unlink(bf->bf_mpdu, tid_q);
+ list_add_tail(&bf->list, &bf_q);
+ ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
++ ath_tx_addto_baw(sc, tid, bf);
+ bf->bf_state.bf_type &= ~BUF_AGGR;
+ if (bf_tail)
+ bf_tail->bf_next = bf;
+@@ -1412,7 +1537,7 @@ void ath9k_release_buffered_frames(struc
+ sent++;
+ TX_STAT_INC(txq->axq_qnum, a_queued_hw);
+
+- if (skb_queue_empty(&tid->buf_q))
++ if (an->sta && !ath_tid_has_buffered(tid))
+ ieee80211_sta_set_buffered(an->sta, i, false);
+ }
+ ath_txq_unlock_complete(sc, tid->ac->txq);
+@@ -1571,7 +1696,7 @@ static void ath_drain_txq_list(struct at
+ while (!list_empty(list)) {
+ bf = list_first_entry(list, struct ath_buf, list);
+
+- if (bf->bf_stale) {
++ if (bf->bf_state.stale) {
+ list_del(&bf->list);
+
+ ath_tx_return_buffer(sc, bf);
+@@ -1665,25 +1790,27 @@ void ath_tx_cleanupq(struct ath_softc *s
+ */
+ void ath_txq_schedule(struct ath_softc *sc, struct ath_txq *txq)
+ {
+- struct ath_atx_ac *ac, *ac_tmp, *last_ac;
++ struct ath_atx_ac *ac, *last_ac;
+ struct ath_atx_tid *tid, *last_tid;
++ bool sent = false;
+
+ if (test_bit(SC_OP_HW_RESET, &sc->sc_flags) ||
+- list_empty(&txq->axq_acq) ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
++ list_empty(&txq->axq_acq))
+ return;
+
+ rcu_read_lock();
+
+- ac = list_first_entry(&txq->axq_acq, struct ath_atx_ac, list);
+ last_ac = list_entry(txq->axq_acq.prev, struct ath_atx_ac, list);
++ while (!list_empty(&txq->axq_acq)) {
++ bool stop = false;
+
+- list_for_each_entry_safe(ac, ac_tmp, &txq->axq_acq, list) {
++ ac = list_first_entry(&txq->axq_acq, struct ath_atx_ac, list);
+ last_tid = list_entry(ac->tid_q.prev, struct ath_atx_tid, list);
+ list_del(&ac->list);
+ ac->sched = false;
+
+ while (!list_empty(&ac->tid_q)) {
++
+ tid = list_first_entry(&ac->tid_q, struct ath_atx_tid,
+ list);
+ list_del(&tid->list);
+@@ -1692,17 +1819,17 @@ void ath_txq_schedule(struct ath_softc *
+ if (tid->paused)
+ continue;
+
+- ath_tx_sched_aggr(sc, txq, tid);
++ if (ath_tx_sched_aggr(sc, txq, tid, &stop))
++ sent = true;
+
+ /*
+ * add tid to round-robin queue if more frames
+ * are pending for the tid
+ */
+- if (!skb_queue_empty(&tid->buf_q))
++ if (ath_tid_has_buffered(tid))
+ ath_tx_queue_tid(txq, tid);
+
+- if (tid == last_tid ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
++ if (stop || tid == last_tid)
+ break;
+ }
+
+@@ -1711,9 +1838,17 @@ void ath_txq_schedule(struct ath_softc *
+ list_add_tail(&ac->list, &txq->axq_acq);
+ }
+
+- if (ac == last_ac ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH)
++ if (stop)
+ break;
++
++ if (ac == last_ac) {
++ if (!sent)
++ break;
++
++ sent = false;
++ last_ac = list_entry(txq->axq_acq.prev,
++ struct ath_atx_ac, list);
++ }
+ }
+
+ rcu_read_unlock();
+@@ -1792,57 +1927,6 @@ static void ath_tx_txqaddbuf(struct ath_
+ }
+ }
+
+-static void ath_tx_send_ampdu(struct ath_softc *sc, struct ath_txq *txq,
+- struct ath_atx_tid *tid, struct sk_buff *skb,
+- struct ath_tx_control *txctl)
+-{
+- struct ath_frame_info *fi = get_frame_info(skb);
+- struct list_head bf_head;
+- struct ath_buf *bf;
+-
+- /*
+- * Do not queue to h/w when any of the following conditions is true:
+- * - there are pending frames in software queue
+- * - the TID is currently paused for ADDBA/BAR request
+- * - seqno is not within block-ack window
+- * - h/w queue depth exceeds low water mark
+- */
+- if ((!skb_queue_empty(&tid->buf_q) || tid->paused ||
+- !BAW_WITHIN(tid->seq_start, tid->baw_size, tid->seq_next) ||
+- txq->axq_ampdu_depth >= ATH_AGGR_MIN_QDEPTH) &&
+- txq != sc->tx.uapsdq) {
+- /*
+- * Add this frame to software queue for scheduling later
+- * for aggregation.
+- */
+- TX_STAT_INC(txq->axq_qnum, a_queued_sw);
+- __skb_queue_tail(&tid->buf_q, skb);
+- if (!txctl->an || !txctl->an->sleeping)
+- ath_tx_queue_tid(txq, tid);
+- return;
+- }
+-
+- bf = ath_tx_setup_buffer(sc, txq, tid, skb);
+- if (!bf) {
+- ieee80211_free_txskb(sc->hw, skb);
+- return;
+- }
+-
+- ath_set_rates(tid->an->vif, tid->an->sta, bf);
+- bf->bf_state.bf_type = BUF_AMPDU;
+- INIT_LIST_HEAD(&bf_head);
+- list_add(&bf->list, &bf_head);
+-
+- /* Add sub-frame to BAW */
+- ath_tx_addto_baw(sc, tid, bf->bf_state.seqno);
+-
+- /* Queue to h/w without aggregation */
+- TX_STAT_INC(txq->axq_qnum, a_queued_hw);
+- bf->bf_lastbf = bf;
+- ath_tx_fill_desc(sc, bf, txq, fi->framelen);
+- ath_tx_txqaddbuf(sc, txq, &bf_head, false);
+-}
+-
+ static void ath_tx_send_normal(struct ath_softc *sc, struct ath_txq *txq,
+ struct ath_atx_tid *tid, struct sk_buff *skb)
+ {
+@@ -1985,6 +2069,7 @@ static int ath_tx_prepare(struct ieee802
+ struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
+ struct ieee80211_sta *sta = txctl->sta;
+ struct ieee80211_vif *vif = info->control.vif;
++ struct ath_vif *avp;
+ struct ath_softc *sc = hw->priv;
+ int frmlen = skb->len + FCS_LEN;
+ int padpos, padsize;
+@@ -1992,6 +2077,10 @@ static int ath_tx_prepare(struct ieee802
+ /* NOTE: sta can be NULL according to net/mac80211.h */
+ if (sta)
+ txctl->an = (struct ath_node *)sta->drv_priv;
++ else if (vif && ieee80211_is_data(hdr->frame_control)) {
++ avp = (void *)vif->drv_priv;
++ txctl->an = &avp->mcast_node;
++ }
+
+ if (info->control.hw_key)
+ frmlen += info->control.hw_key->icv_len;
+@@ -2041,7 +2130,6 @@ int ath_tx_start(struct ieee80211_hw *hw
+ struct ath_txq *txq = txctl->txq;
+ struct ath_atx_tid *tid = NULL;
+ struct ath_buf *bf;
+- u8 tidno;
+ int q;
+ int ret;
+
+@@ -2069,27 +2157,31 @@ int ath_tx_start(struct ieee80211_hw *hw
+ ath_txq_unlock(sc, txq);
+ txq = sc->tx.uapsdq;
+ ath_txq_lock(sc, txq);
+- }
+-
+- if (txctl->an && ieee80211_is_data_qos(hdr->frame_control)) {
+- tidno = ieee80211_get_qos_ctl(hdr)[0] &
+- IEEE80211_QOS_CTL_TID_MASK;
+- tid = ATH_AN_2_TID(txctl->an, tidno);
++ } else if (txctl->an &&
++ ieee80211_is_data_present(hdr->frame_control)) {
++ tid = ath_get_skb_tid(sc, txctl->an, skb);
+
+ WARN_ON(tid->ac->txq != txctl->txq);
+- }
+
+- if ((info->flags & IEEE80211_TX_CTL_AMPDU) && tid) {
++ if (info->flags & IEEE80211_TX_CTL_CLEAR_PS_FILT)
++ tid->ac->clear_ps_filter = true;
++
+ /*
+- * Try aggregation if it's a unicast data frame
+- * and the destination is HT capable.
++ * Add this frame to software queue for scheduling later
++ * for aggregation.
+ */
+- ath_tx_send_ampdu(sc, txq, tid, skb, txctl);
++ TX_STAT_INC(txq->axq_qnum, a_queued_sw);
++ __skb_queue_tail(&tid->buf_q, skb);
++ if (!txctl->an->sleeping)
++ ath_tx_queue_tid(txq, tid);
++
++ ath_txq_schedule(sc, txq);
+ goto out;
+ }
+
+ bf = ath_tx_setup_buffer(sc, txq, tid, skb);
+ if (!bf) {
++ ath_txq_skb_done(sc, txq, skb);
+ if (txctl->paprd)
+ dev_kfree_skb_any(skb);
+ else
+@@ -2189,7 +2281,7 @@ static void ath_tx_complete(struct ath_s
+ struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
+ struct ieee80211_hdr * hdr = (struct ieee80211_hdr *)skb->data;
+- int q, padpos, padsize;
++ int padpos, padsize;
+ unsigned long flags;
+
+ ath_dbg(common, XMIT, "TX complete: skb: %p\n", skb);
+@@ -2225,21 +2317,7 @@ static void ath_tx_complete(struct ath_s
+ spin_unlock_irqrestore(&sc->sc_pm_lock, flags);
+
+ __skb_queue_tail(&txq->complete_q, skb);
+-
+- q = skb_get_queue_mapping(skb);
+- if (txq == sc->tx.uapsdq)
+- txq = sc->tx.txq_map[q];
+-
+- if (txq == sc->tx.txq_map[q]) {
+- if (WARN_ON(--txq->pending_frames < 0))
+- txq->pending_frames = 0;
+-
+- if (txq->stopped &&
+- txq->pending_frames < sc->tx.txq_max_pending[q]) {
+- ieee80211_wake_queue(sc->hw, q);
+- txq->stopped = false;
+- }
+- }
++ ath_txq_skb_done(sc, txq, skb);
+ }
+
+ static void ath_tx_complete_buf(struct ath_softc *sc, struct ath_buf *bf,
+@@ -2360,8 +2438,7 @@ static void ath_tx_processq(struct ath_s
+
+ if (list_empty(&txq->axq_q)) {
+ txq->axq_link = NULL;
+- if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_HT)
+- ath_txq_schedule(sc, txq);
++ ath_txq_schedule(sc, txq);
+ break;
+ }
+ bf = list_first_entry(&txq->axq_q, struct ath_buf, list);
+@@ -2375,7 +2452,7 @@ static void ath_tx_processq(struct ath_s
+ * it with the STALE flag.
+ */
+ bf_held = NULL;
+- if (bf->bf_stale) {
++ if (bf->bf_state.stale) {
+ bf_held = bf;
+ if (list_is_last(&bf_held->list, &txq->axq_q))
+ break;
+@@ -2399,7 +2476,7 @@ static void ath_tx_processq(struct ath_s
+ * however leave the last descriptor back as the holding
+ * descriptor for hw.
+ */
+- lastbf->bf_stale = true;
++ lastbf->bf_state.stale = true;
+ INIT_LIST_HEAD(&bf_head);
+ if (!list_is_singular(&lastbf->list))
+ list_cut_position(&bf_head,
+@@ -2470,7 +2547,7 @@ void ath_tx_edma_tasklet(struct ath_soft
+ }
+
+ bf = list_first_entry(fifo_list, struct ath_buf, list);
+- if (bf->bf_stale) {
++ if (bf->bf_state.stale) {
+ list_del(&bf->list);
+ ath_tx_return_buffer(sc, bf);
+ bf = list_first_entry(fifo_list, struct ath_buf, list);
+@@ -2492,7 +2569,7 @@ void ath_tx_edma_tasklet(struct ath_soft
+ ath_tx_txqaddbuf(sc, txq, &bf_q, true);
+ }
+ } else {
+- lastbf->bf_stale = true;
++ lastbf->bf_state.stale = true;
+ if (bf != lastbf)
+ list_cut_position(&bf_head, fifo_list,
+ lastbf->list.prev);
+@@ -2583,6 +2660,7 @@ void ath_tx_node_init(struct ath_softc *
+ tid->paused = false;
+ tid->active = false;
+ __skb_queue_head_init(&tid->buf_q);
++ __skb_queue_head_init(&tid->retry_q);
+ acno = TID_TO_WME_AC(tidno);
+ tid->ac = &an->ac[acno];
+ }
+@@ -2590,6 +2668,7 @@ void ath_tx_node_init(struct ath_softc *
+ for (acno = 0, ac = &an->ac[acno];
+ acno < IEEE80211_NUM_ACS; acno++, ac++) {
+ ac->sched = false;
++ ac->clear_ps_filter = true;
+ ac->txq = sc->tx.txq_map[acno];
+ INIT_LIST_HEAD(&ac->tid_q);
+ }
+--- a/drivers/net/wireless/ath/ath9k/main.c
++++ b/drivers/net/wireless/ath/ath9k/main.c
+@@ -966,6 +966,8 @@ static int ath9k_add_interface(struct ie
+ struct ath_softc *sc = hw->priv;
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath_common *common = ath9k_hw_common(ah);
++ struct ath_vif *avp = (void *)vif->drv_priv;
++ struct ath_node *an = &avp->mcast_node;
+
+ mutex_lock(&sc->mutex);
+
+@@ -979,6 +981,12 @@ static int ath9k_add_interface(struct ie
+ if (ath9k_uses_beacons(vif->type))
+ ath9k_beacon_assign_slot(sc, vif);
+
++ an->sc = sc;
++ an->sta = NULL;
++ an->vif = vif;
++ an->no_ps_filter = true;
++ ath_tx_node_init(sc, an);
++
+ mutex_unlock(&sc->mutex);
+ return 0;
+ }
+@@ -1016,6 +1024,7 @@ static void ath9k_remove_interface(struc
+ {
+ struct ath_softc *sc = hw->priv;
+ struct ath_common *common = ath9k_hw_common(sc->sc_ah);
++ struct ath_vif *avp = (void *)vif->drv_priv;
+
+ ath_dbg(common, CONFIG, "Detach Interface\n");
+
+@@ -1030,6 +1039,8 @@ static void ath9k_remove_interface(struc
+ ath9k_calculate_summary_state(hw, NULL);
+ ath9k_ps_restore(sc);
+
++ ath_tx_node_cleanup(sc, &avp->mcast_node);
++
+ mutex_unlock(&sc->mutex);
+ }
+
+@@ -1374,9 +1385,6 @@ static void ath9k_sta_notify(struct ieee
+ struct ath_softc *sc = hw->priv;
+ struct ath_node *an = (struct ath_node *) sta->drv_priv;
+
+- if (!sta->ht_cap.ht_supported)
+- return;
+-
+ switch (cmd) {
+ case STA_NOTIFY_SLEEP:
+ an->sleeping = true;
+@@ -2094,7 +2102,7 @@ static void ath9k_wow_add_pattern(struct
+ {
+ struct ath_hw *ah = sc->sc_ah;
+ struct ath9k_wow_pattern *wow_pattern = NULL;
+- struct cfg80211_wowlan_trig_pkt_pattern *patterns = wowlan->patterns;
++ struct cfg80211_pkt_pattern *patterns = wowlan->patterns;
+ int mask_len;
+ s8 i = 0;
+
+--- a/drivers/net/wireless/mwifiex/cfg80211.c
++++ b/drivers/net/wireless/mwifiex/cfg80211.c
+@@ -2298,8 +2298,7 @@ EXPORT_SYMBOL_GPL(mwifiex_del_virtual_in
+
+ #ifdef CONFIG_PM
+ static bool
+-mwifiex_is_pattern_supported(struct cfg80211_wowlan_trig_pkt_pattern *pat,
+- s8 *byte_seq)
++mwifiex_is_pattern_supported(struct cfg80211_pkt_pattern *pat, s8 *byte_seq)
+ {
+ int j, k, valid_byte_cnt = 0;
+ bool dont_care_byte = false;
+--- a/drivers/net/wireless/ti/wlcore/main.c
++++ b/drivers/net/wireless/ti/wlcore/main.c
+@@ -1315,7 +1315,7 @@ static struct sk_buff *wl12xx_alloc_dumm
+
+ #ifdef CONFIG_PM
+ static int
+-wl1271_validate_wowlan_pattern(struct cfg80211_wowlan_trig_pkt_pattern *p)
++wl1271_validate_wowlan_pattern(struct cfg80211_pkt_pattern *p)
+ {
+ int num_fields = 0, in_field = 0, fields_size = 0;
+ int i, pattern_len = 0;
+@@ -1458,9 +1458,9 @@ void wl1271_rx_filter_flatten_fields(str
+ * Allocates an RX filter returned through f
+ * which needs to be freed using rx_filter_free()
+ */
+-static int wl1271_convert_wowlan_pattern_to_rx_filter(
+- struct cfg80211_wowlan_trig_pkt_pattern *p,
+- struct wl12xx_rx_filter **f)
++static int
++wl1271_convert_wowlan_pattern_to_rx_filter(struct cfg80211_pkt_pattern *p,
++ struct wl12xx_rx_filter **f)
+ {
+ int i, j, ret = 0;
+ struct wl12xx_rx_filter *filter;
+@@ -1562,7 +1562,7 @@ static int wl1271_configure_wowlan(struc
+
+ /* Translate WoWLAN patterns into filters */
+ for (i = 0; i < wow->n_patterns; i++) {
+- struct cfg80211_wowlan_trig_pkt_pattern *p;
++ struct cfg80211_pkt_pattern *p;
+ struct wl12xx_rx_filter *filter = NULL;
+
+ p = &wow->patterns[i];
+--- a/include/net/cfg80211.h
++++ b/include/net/cfg80211.h
+@@ -1698,7 +1698,7 @@ struct cfg80211_pmksa {
+ };
+
+ /**
+- * struct cfg80211_wowlan_trig_pkt_pattern - packet pattern
++ * struct cfg80211_pkt_pattern - packet pattern
+ * @mask: bitmask where to match pattern and where to ignore bytes,
+ * one bit per byte, in same format as nl80211
+ * @pattern: bytes to match where bitmask is 1
+@@ -1708,7 +1708,7 @@ struct cfg80211_pmksa {
+ * Internal note: @mask and @pattern are allocated in one chunk of
+ * memory, free @mask only!
+ */
+-struct cfg80211_wowlan_trig_pkt_pattern {
++struct cfg80211_pkt_pattern {
+ u8 *mask, *pattern;
+ int pattern_len;
+ int pkt_offset;
+@@ -1770,7 +1770,7 @@ struct cfg80211_wowlan {
+ bool any, disconnect, magic_pkt, gtk_rekey_failure,
+ eap_identity_req, four_way_handshake,
+ rfkill_release;
+- struct cfg80211_wowlan_trig_pkt_pattern *patterns;
++ struct cfg80211_pkt_pattern *patterns;
+ struct cfg80211_wowlan_tcp *tcp;
+ int n_patterns;
+ };
+--- a/include/uapi/linux/nl80211.h
++++ b/include/uapi/linux/nl80211.h
+@@ -3060,11 +3060,11 @@ enum nl80211_tx_power_setting {
+ };
+
+ /**
+- * enum nl80211_wowlan_packet_pattern_attr - WoWLAN packet pattern attribute
+- * @__NL80211_WOWLAN_PKTPAT_INVALID: invalid number for nested attribute
+- * @NL80211_WOWLAN_PKTPAT_PATTERN: the pattern, values where the mask has
++ * enum nl80211_packet_pattern_attr - packet pattern attribute
++ * @__NL80211_PKTPAT_INVALID: invalid number for nested attribute
++ * @NL80211_PKTPAT_PATTERN: the pattern, values where the mask has
+ * a zero bit are ignored
+- * @NL80211_WOWLAN_PKTPAT_MASK: pattern mask, must be long enough to have
++ * @NL80211_PKTPAT_MASK: pattern mask, must be long enough to have
+ * a bit for each byte in the pattern. The lowest-order bit corresponds
+ * to the first byte of the pattern, but the bytes of the pattern are
+ * in a little-endian-like format, i.e. the 9th byte of the pattern
+@@ -3075,23 +3075,23 @@ enum nl80211_tx_power_setting {
+ * Note that the pattern matching is done as though frames were not
+ * 802.11 frames but 802.3 frames, i.e. the frame is fully unpacked
+ * first (including SNAP header unpacking) and then matched.
+- * @NL80211_WOWLAN_PKTPAT_OFFSET: packet offset, pattern is matched after
++ * @NL80211_PKTPAT_OFFSET: packet offset, pattern is matched after
+ * these fixed number of bytes of received packet
+- * @NUM_NL80211_WOWLAN_PKTPAT: number of attributes
+- * @MAX_NL80211_WOWLAN_PKTPAT: max attribute number
++ * @NUM_NL80211_PKTPAT: number of attributes
++ * @MAX_NL80211_PKTPAT: max attribute number
+ */
+-enum nl80211_wowlan_packet_pattern_attr {
+- __NL80211_WOWLAN_PKTPAT_INVALID,
+- NL80211_WOWLAN_PKTPAT_MASK,
+- NL80211_WOWLAN_PKTPAT_PATTERN,
+- NL80211_WOWLAN_PKTPAT_OFFSET,
++enum nl80211_packet_pattern_attr {
++ __NL80211_PKTPAT_INVALID,
++ NL80211_PKTPAT_MASK,
++ NL80211_PKTPAT_PATTERN,
++ NL80211_PKTPAT_OFFSET,
+
+- NUM_NL80211_WOWLAN_PKTPAT,
+- MAX_NL80211_WOWLAN_PKTPAT = NUM_NL80211_WOWLAN_PKTPAT - 1,
++ NUM_NL80211_PKTPAT,
++ MAX_NL80211_PKTPAT = NUM_NL80211_PKTPAT - 1,
+ };
+
+ /**
+- * struct nl80211_wowlan_pattern_support - pattern support information
++ * struct nl80211_pattern_support - packet pattern support information
+ * @max_patterns: maximum number of patterns supported
+ * @min_pattern_len: minimum length of each pattern
+ * @max_pattern_len: maximum length of each pattern
+@@ -3101,13 +3101,22 @@ enum nl80211_wowlan_packet_pattern_attr
+ * that is part of %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED in the
+ * capability information given by the kernel to userspace.
+ */
+-struct nl80211_wowlan_pattern_support {
++struct nl80211_pattern_support {
+ __u32 max_patterns;
+ __u32 min_pattern_len;
+ __u32 max_pattern_len;
+ __u32 max_pkt_offset;
+ } __attribute__((packed));
+
++/* only for backward compatibility */
++#define __NL80211_WOWLAN_PKTPAT_INVALID __NL80211_PKTPAT_INVALID
++#define NL80211_WOWLAN_PKTPAT_MASK NL80211_PKTPAT_MASK
++#define NL80211_WOWLAN_PKTPAT_PATTERN NL80211_PKTPAT_PATTERN
++#define NL80211_WOWLAN_PKTPAT_OFFSET NL80211_PKTPAT_OFFSET
++#define NUM_NL80211_WOWLAN_PKTPAT NUM_NL80211_PKTPAT
++#define MAX_NL80211_WOWLAN_PKTPAT MAX_NL80211_PKTPAT
++#define nl80211_wowlan_pattern_support nl80211_pattern_support
++
+ /**
+ * enum nl80211_wowlan_triggers - WoWLAN trigger definitions
+ * @__NL80211_WOWLAN_TRIG_INVALID: invalid number for nested attributes
+@@ -3127,7 +3136,7 @@ struct nl80211_wowlan_pattern_support {
+ * pattern matching is done after the packet is converted to the MSDU.
+ *
+ * In %NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED, it is a binary attribute
+- * carrying a &struct nl80211_wowlan_pattern_support.
++ * carrying a &struct nl80211_pattern_support.
+ *
+ * When reporting wakeup. it is a u32 attribute containing the 0-based
+ * index of the pattern that caused the wakeup, in the patterns passed
+@@ -3284,7 +3293,7 @@ struct nl80211_wowlan_tcp_data_token_fea
+ * @NL80211_WOWLAN_TCP_WAKE_PAYLOAD: wake packet payload, for advertising a
+ * u32 attribute holding the maximum length
+ * @NL80211_WOWLAN_TCP_WAKE_MASK: Wake packet payload mask, not used for
+- * feature advertising. The mask works like @NL80211_WOWLAN_PKTPAT_MASK
++ * feature advertising. The mask works like @NL80211_PKTPAT_MASK
+ * but on the TCP payload only.
+ * @NUM_NL80211_WOWLAN_TCP: number of TCP attributes
+ * @MAX_NL80211_WOWLAN_TCP: highest attribute number
+--- a/net/mac80211/mesh_ps.c
++++ b/net/mac80211/mesh_ps.c
+@@ -229,6 +229,10 @@ void ieee80211_mps_sta_status_update(str
+ enum nl80211_mesh_power_mode pm;
+ bool do_buffer;
+
++ /* For non-assoc STA, prevent buffering or frame transmission */
++ if (sta->sta_state < IEEE80211_STA_ASSOC)
++ return;
++
+ /*
+ * use peer-specific power mode if peering is established and the
+ * peer's power mode is known
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -441,10 +441,12 @@ static int nl80211_prepare_wdev_dump(str
+ goto out_unlock;
+ }
+ *rdev = wiphy_to_dev((*wdev)->wiphy);
+- cb->args[0] = (*rdev)->wiphy_idx;
++ /* 0 is the first index - add 1 to parse only once */
++ cb->args[0] = (*rdev)->wiphy_idx + 1;
+ cb->args[1] = (*wdev)->identifier;
+ } else {
+- struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0]);
++ /* subtract the 1 again here */
++ struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
+ struct wireless_dev *tmp;
+
+ if (!wiphy) {
+@@ -974,7 +976,7 @@ static int nl80211_send_wowlan(struct sk
+ return -ENOBUFS;
+
+ if (dev->wiphy.wowlan->n_patterns) {
+- struct nl80211_wowlan_pattern_support pat = {
++ struct nl80211_pattern_support pat = {
+ .max_patterns = dev->wiphy.wowlan->n_patterns,
+ .min_pattern_len = dev->wiphy.wowlan->pattern_min_len,
+ .max_pattern_len = dev->wiphy.wowlan->pattern_max_len,
+@@ -1568,8 +1570,10 @@ static int nl80211_dump_wiphy(struct sk_
+ rtnl_lock();
+ if (!state) {
+ state = kzalloc(sizeof(*state), GFP_KERNEL);
+- if (!state)
++ if (!state) {
++ rtnl_unlock();
+ return -ENOMEM;
++ }
+ state->filter_wiphy = -1;
+ ret = nl80211_dump_wiphy_parse(skb, cb, state);
+ if (ret) {
+@@ -4770,9 +4774,9 @@ do { \
+ FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 0, 1,
+ mask, NL80211_MESHCONF_FORWARDING,
+ nla_get_u8);
+- FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, 1, 255,
++ FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, -255, 0,
+ mask, NL80211_MESHCONF_RSSI_THRESHOLD,
+- nla_get_u32);
++ nla_get_s32);
+ FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode, 0, 16,
+ mask, NL80211_MESHCONF_HT_OPMODE,
+ nla_get_u16);
+@@ -6615,12 +6619,14 @@ EXPORT_SYMBOL(cfg80211_testmode_alloc_ev
+
+ void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
+ {
++ struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
+ void *hdr = ((void **)skb->cb)[1];
+ struct nlattr *data = ((void **)skb->cb)[2];
+
+ nla_nest_end(skb, data);
+ genlmsg_end(skb, hdr);
+- genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
++ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), skb, 0,
++ nl80211_testmode_mcgrp.id, gfp);
+ }
+ EXPORT_SYMBOL(cfg80211_testmode_event);
+ #endif
+@@ -7593,12 +7599,11 @@ static int nl80211_send_wowlan_patterns(
+ if (!nl_pat)
+ return -ENOBUFS;
+ pat_len = wowlan->patterns[i].pattern_len;
+- if (nla_put(msg, NL80211_WOWLAN_PKTPAT_MASK,
+- DIV_ROUND_UP(pat_len, 8),
++ if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
+ wowlan->patterns[i].mask) ||
+- nla_put(msg, NL80211_WOWLAN_PKTPAT_PATTERN,
+- pat_len, wowlan->patterns[i].pattern) ||
+- nla_put_u32(msg, NL80211_WOWLAN_PKTPAT_OFFSET,
++ nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
++ wowlan->patterns[i].pattern) ||
++ nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
+ wowlan->patterns[i].pkt_offset))
+ return -ENOBUFS;
+ nla_nest_end(msg, nl_pat);
+@@ -7939,7 +7944,7 @@ static int nl80211_set_wowlan(struct sk_
+ struct nlattr *pat;
+ int n_patterns = 0;
+ int rem, pat_len, mask_len, pkt_offset;
+- struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT];
++ struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
+
+ nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
+ rem)
+@@ -7958,26 +7963,25 @@ static int nl80211_set_wowlan(struct sk_
+
+ nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
+ rem) {
+- nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT,
+- nla_data(pat), nla_len(pat), NULL);
++ nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
++ nla_len(pat), NULL);
+ err = -EINVAL;
+- if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] ||
+- !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN])
++ if (!pat_tb[NL80211_PKTPAT_MASK] ||
++ !pat_tb[NL80211_PKTPAT_PATTERN])
+ goto error;
+- pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]);
++ pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
+ mask_len = DIV_ROUND_UP(pat_len, 8);
+- if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) !=
+- mask_len)
++ if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
+ goto error;
+ if (pat_len > wowlan->pattern_max_len ||
+ pat_len < wowlan->pattern_min_len)
+ goto error;
+
+- if (!pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET])
++ if (!pat_tb[NL80211_PKTPAT_OFFSET])
+ pkt_offset = 0;
+ else
+ pkt_offset = nla_get_u32(
+- pat_tb[NL80211_WOWLAN_PKTPAT_OFFSET]);
++ pat_tb[NL80211_PKTPAT_OFFSET]);
+ if (pkt_offset > wowlan->max_pkt_offset)
+ goto error;
+ new_triggers.patterns[i].pkt_offset = pkt_offset;
+@@ -7991,11 +7995,11 @@ static int nl80211_set_wowlan(struct sk_
+ new_triggers.patterns[i].pattern =
+ new_triggers.patterns[i].mask + mask_len;
+ memcpy(new_triggers.patterns[i].mask,
+- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]),
++ nla_data(pat_tb[NL80211_PKTPAT_MASK]),
+ mask_len);
+ new_triggers.patterns[i].pattern_len = pat_len;
+ memcpy(new_triggers.patterns[i].pattern,
+- nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]),
++ nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
+ pat_len);
+ i++;
+ }
+@@ -10066,7 +10070,8 @@ void cfg80211_mgmt_tx_status(struct wire
+
+ genlmsg_end(msg, hdr);
+
+- genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
++ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
++ nl80211_mlme_mcgrp.id, gfp);
+ return;
+
+ nla_put_failure:
+--- a/net/wireless/reg.c
++++ b/net/wireless/reg.c
+@@ -2247,10 +2247,13 @@ int reg_device_uevent(struct device *dev
+
+ void wiphy_regulatory_register(struct wiphy *wiphy)
+ {
++ struct regulatory_request *lr;
++
+ if (!reg_dev_ignore_cell_hint(wiphy))
+ reg_num_devs_support_basehint++;
+
+- wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE);
++ lr = get_last_request();
++ wiphy_update_regulatory(wiphy, lr->initiator);
+ }
+
+ void wiphy_regulatory_deregister(struct wiphy *wiphy)
+@@ -2279,7 +2282,9 @@ void wiphy_regulatory_deregister(struct
+ static void reg_timeout_work(struct work_struct *work)
+ {
+ REG_DBG_PRINT("Timeout while waiting for CRDA to reply, restoring regulatory settings\n");
++ rtnl_lock();
+ restore_regulatory_settings(true);
++ rtnl_unlock();
+ }
+
+ int __init regulatory_init(void)
+--- a/net/wireless/sme.c
++++ b/net/wireless/sme.c
+@@ -34,8 +34,10 @@ struct cfg80211_conn {
+ CFG80211_CONN_SCAN_AGAIN,
+ CFG80211_CONN_AUTHENTICATE_NEXT,
+ CFG80211_CONN_AUTHENTICATING,
++ CFG80211_CONN_AUTH_FAILED,
+ CFG80211_CONN_ASSOCIATE_NEXT,
+ CFG80211_CONN_ASSOCIATING,
++ CFG80211_CONN_ASSOC_FAILED,
+ CFG80211_CONN_DEAUTH,
+ CFG80211_CONN_CONNECTED,
+ } state;
+@@ -164,6 +166,8 @@ static int cfg80211_conn_do_work(struct
+ NULL, 0,
+ params->key, params->key_len,
+ params->key_idx, NULL, 0);
++ case CFG80211_CONN_AUTH_FAILED:
++ return -ENOTCONN;
+ case CFG80211_CONN_ASSOCIATE_NEXT:
+ BUG_ON(!rdev->ops->assoc);
+ wdev->conn->state = CFG80211_CONN_ASSOCIATING;
+@@ -188,10 +192,17 @@ static int cfg80211_conn_do_work(struct
+ WLAN_REASON_DEAUTH_LEAVING,
+ false);
+ return err;
++ case CFG80211_CONN_ASSOC_FAILED:
++ cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
++ NULL, 0,
++ WLAN_REASON_DEAUTH_LEAVING, false);
++ return -ENOTCONN;
+ case CFG80211_CONN_DEAUTH:
+ cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
+ NULL, 0,
+ WLAN_REASON_DEAUTH_LEAVING, false);
++ /* free directly, disconnected event already sent */
++ cfg80211_sme_free(wdev);
+ return 0;
+ default:
+ return 0;
+@@ -371,7 +382,7 @@ bool cfg80211_sme_rx_assoc_resp(struct w
+ return true;
+ }
+
+- wdev->conn->state = CFG80211_CONN_DEAUTH;
++ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
+ schedule_work(&rdev->conn_work);
+ return false;
+ }
+@@ -383,7 +394,13 @@ void cfg80211_sme_deauth(struct wireless
+
+ void cfg80211_sme_auth_timeout(struct wireless_dev *wdev)
+ {
+- cfg80211_sme_free(wdev);
++ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
++
++ if (!wdev->conn)
++ return;
++
++ wdev->conn->state = CFG80211_CONN_AUTH_FAILED;
++ schedule_work(&rdev->conn_work);
+ }
+
+ void cfg80211_sme_disassoc(struct wireless_dev *wdev)
+@@ -399,7 +416,13 @@ void cfg80211_sme_disassoc(struct wirele
+
+ void cfg80211_sme_assoc_timeout(struct wireless_dev *wdev)
+ {
+- cfg80211_sme_disassoc(wdev);
++ struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
++
++ if (!wdev->conn)
++ return;
++
++ wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
++ schedule_work(&rdev->conn_work);
+ }
+
+ static int cfg80211_sme_connect(struct wireless_dev *wdev,
+--- a/net/mac80211/rc80211_minstrel.c
++++ b/net/mac80211/rc80211_minstrel.c
+@@ -290,7 +290,7 @@ minstrel_get_rate(void *priv, struct iee
+ struct minstrel_rate *msr, *mr;
+ unsigned int ndx;
+ bool mrr_capable;
+- bool prev_sample = mi->prev_sample;
++ bool prev_sample;
+ int delta;
+ int sampling_ratio;
+
+@@ -314,6 +314,7 @@ minstrel_get_rate(void *priv, struct iee
+ (mi->sample_count + mi->sample_deferred / 2);
+
+ /* delta < 0: no sampling required */
++ prev_sample = mi->prev_sample;
+ mi->prev_sample = false;
+ if (delta < 0 || (!mrr_capable && prev_sample))
+ return;
+--- a/drivers/net/wireless/rt2x00/rt2x00queue.c
++++ b/drivers/net/wireless/rt2x00/rt2x00queue.c
+@@ -936,13 +936,8 @@ void rt2x00queue_index_inc(struct queue_
+ spin_unlock_irqrestore(&queue->index_lock, irqflags);
+ }
+
+-void rt2x00queue_pause_queue(struct data_queue *queue)
++void rt2x00queue_pause_queue_nocheck(struct data_queue *queue)
+ {
+- if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
+- !test_bit(QUEUE_STARTED, &queue->flags) ||
+- test_and_set_bit(QUEUE_PAUSED, &queue->flags))
+- return;
+-
+ switch (queue->qid) {
+ case QID_AC_VO:
+ case QID_AC_VI:
+@@ -958,6 +953,15 @@ void rt2x00queue_pause_queue(struct data
+ break;
+ }
+ }
++void rt2x00queue_pause_queue(struct data_queue *queue)
++{
++ if (!test_bit(DEVICE_STATE_PRESENT, &queue->rt2x00dev->flags) ||
++ !test_bit(QUEUE_STARTED, &queue->flags) ||
++ test_and_set_bit(QUEUE_PAUSED, &queue->flags))
++ return;
++
++ rt2x00queue_pause_queue_nocheck(queue);
++}
+ EXPORT_SYMBOL_GPL(rt2x00queue_pause_queue);
+
+ void rt2x00queue_unpause_queue(struct data_queue *queue)
+@@ -1019,7 +1023,7 @@ void rt2x00queue_stop_queue(struct data_
+ return;
+ }
+
+- rt2x00queue_pause_queue(queue);
++ rt2x00queue_pause_queue_nocheck(queue);
+
+ queue->rt2x00dev->ops->lib->stop_queue(queue);
+
+--- a/net/mac80211/mlme.c
++++ b/net/mac80211/mlme.c
+@@ -31,10 +31,12 @@
+ #include "led.h"
+
+ #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
++#define IEEE80211_AUTH_TIMEOUT_LONG (HZ / 2)
+ #define IEEE80211_AUTH_TIMEOUT_SHORT (HZ / 10)
+ #define IEEE80211_AUTH_MAX_TRIES 3
+ #define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5)
+ #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
++#define IEEE80211_ASSOC_TIMEOUT_LONG (HZ / 2)
+ #define IEEE80211_ASSOC_TIMEOUT_SHORT (HZ / 10)
+ #define IEEE80211_ASSOC_MAX_TRIES 3
+
+@@ -209,8 +211,9 @@ ieee80211_determine_chantype(struct ieee
+ struct ieee80211_channel *channel,
+ const struct ieee80211_ht_operation *ht_oper,
+ const struct ieee80211_vht_operation *vht_oper,
+- struct cfg80211_chan_def *chandef, bool verbose)
++ struct cfg80211_chan_def *chandef, bool tracking)
+ {
++ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ struct cfg80211_chan_def vht_chandef;
+ u32 ht_cfreq, ret;
+
+@@ -229,7 +232,7 @@ ieee80211_determine_chantype(struct ieee
+ ht_cfreq = ieee80211_channel_to_frequency(ht_oper->primary_chan,
+ channel->band);
+ /* check that channel matches the right operating channel */
+- if (channel->center_freq != ht_cfreq) {
++ if (!tracking && channel->center_freq != ht_cfreq) {
+ /*
+ * It's possible that some APs are confused here;
+ * Netgear WNDR3700 sometimes reports 4 higher than
+@@ -237,11 +240,10 @@ ieee80211_determine_chantype(struct ieee
+ * since we look at probe response/beacon data here
+ * it should be OK.
+ */
+- if (verbose)
+- sdata_info(sdata,
+- "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
+- channel->center_freq, ht_cfreq,
+- ht_oper->primary_chan, channel->band);
++ sdata_info(sdata,
++ "Wrong control channel: center-freq: %d ht-cfreq: %d ht->primary_chan: %d band: %d - Disabling HT\n",
++ channel->center_freq, ht_cfreq,
++ ht_oper->primary_chan, channel->band);
+ ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
+ goto out;
+ }
+@@ -295,7 +297,7 @@ ieee80211_determine_chantype(struct ieee
+ channel->band);
+ break;
+ default:
+- if (verbose)
++ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
+ sdata_info(sdata,
+ "AP VHT operation IE has invalid channel width (%d), disable VHT\n",
+ vht_oper->chan_width);
+@@ -304,7 +306,7 @@ ieee80211_determine_chantype(struct ieee
+ }
+
+ if (!cfg80211_chandef_valid(&vht_chandef)) {
+- if (verbose)
++ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
+ sdata_info(sdata,
+ "AP VHT information is invalid, disable VHT\n");
+ ret = IEEE80211_STA_DISABLE_VHT;
+@@ -317,7 +319,7 @@ ieee80211_determine_chantype(struct ieee
+ }
+
+ if (!cfg80211_chandef_compatible(chandef, &vht_chandef)) {
+- if (verbose)
++ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
+ sdata_info(sdata,
+ "AP VHT information doesn't match HT, disable VHT\n");
+ ret = IEEE80211_STA_DISABLE_VHT;
+@@ -333,18 +335,27 @@ out:
+ if (ret & IEEE80211_STA_DISABLE_VHT)
+ vht_chandef = *chandef;
+
++ /*
++ * Ignore the DISABLED flag when we're already connected and only
++ * tracking the APs beacon for bandwidth changes - otherwise we
++ * might get disconnected here if we connect to an AP, update our
++ * regulatory information based on the AP's country IE and the
++ * information we have is wrong/outdated and disables the channel
++ * that we're actually using for the connection to the AP.
++ */
+ while (!cfg80211_chandef_usable(sdata->local->hw.wiphy, chandef,
+- IEEE80211_CHAN_DISABLED)) {
++ tracking ? 0 :
++ IEEE80211_CHAN_DISABLED)) {
+ if (WARN_ON(chandef->width == NL80211_CHAN_WIDTH_20_NOHT)) {
+ ret = IEEE80211_STA_DISABLE_HT |
+ IEEE80211_STA_DISABLE_VHT;
+- goto out;
++ break;
+ }
+
+ ret |= chandef_downgrade(chandef);
+ }
+
+- if (chandef->width != vht_chandef.width && verbose)
++ if (chandef->width != vht_chandef.width && !tracking)
+ sdata_info(sdata,
+ "capabilities/regulatory prevented using AP HT/VHT configuration, downgraded\n");
+
+@@ -384,7 +395,7 @@ static int ieee80211_config_bw(struct ie
+
+ /* calculate new channel (type) based on HT/VHT operation IEs */
+ flags = ieee80211_determine_chantype(sdata, sband, chan, ht_oper,
+- vht_oper, &chandef, false);
++ vht_oper, &chandef, true);
+
+ /*
+ * Downgrade the new channel if we associated with restricted
+@@ -3394,10 +3405,13 @@ static int ieee80211_probe_auth(struct i
+
+ if (tx_flags == 0) {
+ auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
+- ifmgd->auth_data->timeout_started = true;
++ auth_data->timeout_started = true;
+ run_again(sdata, auth_data->timeout);
+ } else {
+- auth_data->timeout_started = false;
++ auth_data->timeout =
++ round_jiffies_up(jiffies + IEEE80211_AUTH_TIMEOUT_LONG);
++ auth_data->timeout_started = true;
++ run_again(sdata, auth_data->timeout);
+ }
+
+ return 0;
+@@ -3434,7 +3448,11 @@ static int ieee80211_do_assoc(struct iee
+ assoc_data->timeout_started = true;
+ run_again(sdata, assoc_data->timeout);
+ } else {
+- assoc_data->timeout_started = false;
++ assoc_data->timeout =
++ round_jiffies_up(jiffies +
++ IEEE80211_ASSOC_TIMEOUT_LONG);
++ assoc_data->timeout_started = true;
++ run_again(sdata, assoc_data->timeout);
+ }
+
+ return 0;
+@@ -3829,7 +3847,7 @@ static int ieee80211_prep_channel(struct
+ ifmgd->flags |= ieee80211_determine_chantype(sdata, sband,
+ cbss->channel,
+ ht_oper, vht_oper,
+- &chandef, true);
++ &chandef, false);
+
+ sdata->needed_rx_chains = min(ieee80211_ht_vht_rx_chains(sdata, cbss),
+ local->rx_chains);
+--- a/net/wireless/core.c
++++ b/net/wireless/core.c
+@@ -772,6 +772,7 @@ void cfg80211_leave(struct cfg80211_regi
+ cfg80211_leave_mesh(rdev, dev);
+ break;
+ case NL80211_IFTYPE_AP:
++ case NL80211_IFTYPE_P2P_GO:
+ cfg80211_stop_ap(rdev, dev);
+ break;
+ default:
+--- a/drivers/net/wireless/rtlwifi/Kconfig
++++ b/drivers/net/wireless/rtlwifi/Kconfig
+@@ -1,29 +1,22 @@
+-config RTLWIFI
+- tristate "Realtek wireless card support"
++menuconfig RTL_CARDS
++ tristate "Realtek rtlwifi family of devices"
+ depends on m
+- depends on MAC80211
+- select BACKPORT_FW_LOADER
+- ---help---
+- This is common code for RTL8192CE/RTL8192CU/RTL8192SE/RTL8723AE
+- drivers. This module does nothing by itself - the various front-end
+- drivers need to be enabled to support any desired devices.
+-
+- If you choose to build as a module, it'll be called rtlwifi.
+-
+-config RTLWIFI_DEBUG
+- bool "Debugging output for rtlwifi driver family"
+- depends on RTLWIFI
++ depends on MAC80211 && (PCI || USB)
+ default y
+ ---help---
+- To use the module option that sets the dynamic-debugging level for,
+- the front-end driver, this parameter must be "Y". For memory-limited
+- systems, choose "N". If in doubt, choose "Y".
++ This option will enable support for the Realtek mac80211-based
++ wireless drivers. Drivers rtl8192ce, rtl8192cu, rtl8192se, rtl8192de,
++ rtl8723eu, and rtl8188eu share some common code.
++
++if RTL_CARDS
+
+ config RTL8192CE
+ tristate "Realtek RTL8192CE/RTL8188CE Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
+ select RTL8192C_COMMON
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8192CE/RTL8188CE 802.11n PCIe
+ wireless network adapters.
+@@ -33,7 +26,9 @@ config RTL8192CE
+ config RTL8192SE
+ tristate "Realtek RTL8192SE/RTL8191SE PCIe Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8192SE/RTL8191SE 802.11n PCIe
+ wireless network adapters.
+@@ -43,7 +38,9 @@ config RTL8192SE
+ config RTL8192DE
+ tristate "Realtek RTL8192DE/RTL8188DE PCIe Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8192DE/RTL8188DE 802.11n PCIe
+ wireless network adapters.
+@@ -53,7 +50,9 @@ config RTL8192DE
+ config RTL8723AE
+ tristate "Realtek RTL8723AE PCIe Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8723AE 802.11n PCIe
+ wireless network adapters.
+@@ -63,7 +62,9 @@ config RTL8723AE
+ config RTL8188EE
+ tristate "Realtek RTL8188EE Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && PCI
++ depends on PCI
++ select RTLWIFI
++ select RTLWIFI_PCI
+ ---help---
+ This is the driver for Realtek RTL8188EE 802.11n PCIe
+ wireless network adapters.
+@@ -73,7 +74,9 @@ config RTL8188EE
+ config RTL8192CU
+ tristate "Realtek RTL8192CU/RTL8188CU USB Wireless Network Adapter"
+ depends on m
+- depends on RTLWIFI && USB
++ depends on USB
++ select RTLWIFI
++ select RTLWIFI_USB
+ select RTL8192C_COMMON
+ ---help---
+ This is the driver for Realtek RTL8192CU/RTL8188CU 802.11n USB
+@@ -81,8 +84,32 @@ config RTL8192CU
+
+ If you choose to build it as a module, it will be called rtl8192cu
+
++config RTLWIFI
++ tristate "Realtek common driver part"
++ depends on m
++ select BACKPORT_FW_LOADER
++
++config RTLWIFI_PCI
++ depends on m
++ tristate
++
++config RTLWIFI_USB
++ depends on m
++ tristate
++
++config RTLWIFI_DEBUG
++ bool "Debugging output for rtlwifi driver family"
++ depends on RTLWIFI
++ default y
++ ---help---
++ To use the module option that sets the dynamic-debugging level for,
++ the front-end driver, this parameter must be "Y". For memory-limited
++ systems, choose "N". If in doubt, choose "Y".
++
+ config RTL8192C_COMMON
+ tristate
+ depends on m
+ depends on RTL8192CE || RTL8192CU
+ default m
++
++endif
+--- a/drivers/net/wireless/rtlwifi/Makefile
++++ b/drivers/net/wireless/rtlwifi/Makefile
+@@ -12,13 +12,11 @@ rtlwifi-objs := \
+
+ rtl8192c_common-objs += \
+
+-ifneq ($(CONFIG_PCI),)
+-rtlwifi-objs += pci.o
+-endif
++obj-$(CPTCFG_RTLWIFI_PCI) += rtl_pci.o
++rtl_pci-objs := pci.o
+
+-ifneq ($(CONFIG_USB),)
+-rtlwifi-objs += usb.o
+-endif
++obj-$(CPTCFG_RTLWIFI_USB) += rtl_usb.o
++rtl_usb-objs := usb.o
+
+ obj-$(CPTCFG_RTL8192C_COMMON) += rtl8192c/
+ obj-$(CPTCFG_RTL8192CE) += rtl8192ce/
+--- a/drivers/net/wireless/rtlwifi/base.c
++++ b/drivers/net/wireless/rtlwifi/base.c
+@@ -173,6 +173,7 @@ u8 rtl_tid_to_ac(u8 tid)
+ {
+ return tid_to_ac[tid];
+ }
++EXPORT_SYMBOL_GPL(rtl_tid_to_ac);
+
+ static void _rtl_init_hw_ht_capab(struct ieee80211_hw *hw,
+ struct ieee80211_sta_ht_cap *ht_cap)
+@@ -407,6 +408,7 @@ void rtl_deinit_deferred_work(struct iee
+ cancel_delayed_work(&rtlpriv->works.ps_rfon_wq);
+ cancel_delayed_work(&rtlpriv->works.fwevt_wq);
+ }
++EXPORT_SYMBOL_GPL(rtl_deinit_deferred_work);
+
+ void rtl_init_rfkill(struct ieee80211_hw *hw)
+ {
+@@ -440,6 +442,7 @@ void rtl_deinit_rfkill(struct ieee80211_
+ {
+ wiphy_rfkill_stop_polling(hw->wiphy);
+ }
++EXPORT_SYMBOL_GPL(rtl_deinit_rfkill);
+
+ int rtl_init_core(struct ieee80211_hw *hw)
+ {
+@@ -490,10 +493,12 @@ int rtl_init_core(struct ieee80211_hw *h
+
+ return 0;
+ }
++EXPORT_SYMBOL_GPL(rtl_init_core);
+
+ void rtl_deinit_core(struct ieee80211_hw *hw)
+ {
+ }
++EXPORT_SYMBOL_GPL(rtl_deinit_core);
+
+ void rtl_init_rx_config(struct ieee80211_hw *hw)
+ {
+@@ -502,6 +507,7 @@ void rtl_init_rx_config(struct ieee80211
+
+ rtlpriv->cfg->ops->get_hw_reg(hw, HW_VAR_RCR, (u8 *) (&mac->rx_conf));
+ }
++EXPORT_SYMBOL_GPL(rtl_init_rx_config);
+
+ /*********************************************************
+ *
+@@ -880,6 +886,7 @@ bool rtl_tx_mgmt_proc(struct ieee80211_h
+
+ return true;
+ }
++EXPORT_SYMBOL_GPL(rtl_tx_mgmt_proc);
+
+ void rtl_get_tcb_desc(struct ieee80211_hw *hw,
+ struct ieee80211_tx_info *info,
+@@ -1053,6 +1060,7 @@ bool rtl_action_proc(struct ieee80211_hw
+
+ return true;
+ }
++EXPORT_SYMBOL_GPL(rtl_action_proc);
+
+ /*should call before software enc*/
+ u8 rtl_is_special_data(struct ieee80211_hw *hw, struct sk_buff *skb, u8 is_tx)
+@@ -1126,6 +1134,7 @@ u8 rtl_is_special_data(struct ieee80211_
+
+ return false;
+ }
++EXPORT_SYMBOL_GPL(rtl_is_special_data);
+
+ /*********************************************************
+ *
+@@ -1301,6 +1310,7 @@ void rtl_beacon_statistic(struct ieee802
+
+ rtlpriv->link_info.bcn_rx_inperiod++;
+ }
++EXPORT_SYMBOL_GPL(rtl_beacon_statistic);
+
+ void rtl_watchdog_wq_callback(void *data)
+ {
+@@ -1794,6 +1804,7 @@ void rtl_recognize_peer(struct ieee80211
+
+ mac->vendor = vendor;
+ }
++EXPORT_SYMBOL_GPL(rtl_recognize_peer);
+
+ /*********************************************************
+ *
+@@ -1850,6 +1861,7 @@ struct attribute_group rtl_attribute_gro
+ .name = "rtlsysfs",
+ .attrs = rtl_sysfs_entries,
+ };
++EXPORT_SYMBOL_GPL(rtl_attribute_group);
+
+ MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
+ MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
+@@ -1857,7 +1869,8 @@ MODULE_AUTHOR("Larry Finger <Larry.FInge
+ MODULE_LICENSE("GPL");
+ MODULE_DESCRIPTION("Realtek 802.11n PCI wireless core");
+
+-struct rtl_global_var global_var = {};
++struct rtl_global_var rtl_global_var = {};
++EXPORT_SYMBOL_GPL(rtl_global_var);
+
+ static int __init rtl_core_module_init(void)
+ {
+@@ -1865,8 +1878,8 @@ static int __init rtl_core_module_init(v
+ pr_err("Unable to register rtl_rc, use default RC !!\n");
+
+ /* init some global vars */
+- INIT_LIST_HEAD(&global_var.glb_priv_list);
+- spin_lock_init(&global_var.glb_list_lock);
++ INIT_LIST_HEAD(&rtl_global_var.glb_priv_list);
++ spin_lock_init(&rtl_global_var.glb_list_lock);
+
+ return 0;
+ }
+--- a/drivers/net/wireless/rtlwifi/base.h
++++ b/drivers/net/wireless/rtlwifi/base.h
+@@ -147,7 +147,7 @@ void rtl_recognize_peer(struct ieee80211
+ u8 rtl_tid_to_ac(u8 tid);
+ extern struct attribute_group rtl_attribute_group;
+ void rtl_easy_concurrent_retrytimer_callback(unsigned long data);
+-extern struct rtl_global_var global_var;
++extern struct rtl_global_var rtl_global_var;
+ int rtlwifi_rate_mapping(struct ieee80211_hw *hw,
+ bool isht, u8 desc_rate, bool first_ampdu);
+ bool rtl_tx_mgmt_proc(struct ieee80211_hw *hw, struct sk_buff *skb);
+--- a/drivers/net/wireless/rtlwifi/core.c
++++ b/drivers/net/wireless/rtlwifi/core.c
+@@ -1330,3 +1330,4 @@ const struct ieee80211_ops rtl_ops = {
+ .rfkill_poll = rtl_op_rfkill_poll,
+ .flush = rtl_op_flush,
+ };
++EXPORT_SYMBOL_GPL(rtl_ops);
+--- a/drivers/net/wireless/rtlwifi/debug.c
++++ b/drivers/net/wireless/rtlwifi/debug.c
+@@ -51,3 +51,4 @@ void rtl_dbgp_flag_init(struct ieee80211
+
+ /*Init Debug flag enable condition */
+ }
++EXPORT_SYMBOL_GPL(rtl_dbgp_flag_init);
+--- a/drivers/net/wireless/rtlwifi/efuse.c
++++ b/drivers/net/wireless/rtlwifi/efuse.c
+@@ -229,6 +229,7 @@ void read_efuse_byte(struct ieee80211_hw
+
+ *pbuf = (u8) (value32 & 0xff);
+ }
++EXPORT_SYMBOL_GPL(read_efuse_byte);
+
+ void read_efuse(struct ieee80211_hw *hw, u16 _offset, u16 _size_byte, u8 *pbuf)
+ {
+--- a/drivers/net/wireless/rtlwifi/pci.c
++++ b/drivers/net/wireless/rtlwifi/pci.c
+@@ -35,6 +35,13 @@
+ #include "efuse.h"
+ #include <linux/export.h>
+ #include <linux/kmemleak.h>
++#include <linux/module.h>
++
++MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
++MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
++MODULE_AUTHOR("Larry Finger <Larry.FInger@lwfinger.net>");
++MODULE_LICENSE("GPL");
++MODULE_DESCRIPTION("PCI basic driver for rtlwifi");
+
+ static const u16 pcibridge_vendors[PCI_BRIDGE_VENDOR_MAX] = {
+ PCI_VENDOR_ID_INTEL,
+@@ -1899,7 +1906,7 @@ int rtl_pci_probe(struct pci_dev *pdev,
+ rtlpriv->rtlhal.interface = INTF_PCI;
+ rtlpriv->cfg = (struct rtl_hal_cfg *)(id->driver_data);
+ rtlpriv->intf_ops = &rtl_pci_ops;
+- rtlpriv->glb_var = &global_var;
++ rtlpriv->glb_var = &rtl_global_var;
+
+ /*
+ *init dbgp flags before all
+--- a/drivers/net/wireless/rtlwifi/ps.c
++++ b/drivers/net/wireless/rtlwifi/ps.c
+@@ -269,6 +269,7 @@ void rtl_ips_nic_on(struct ieee80211_hw
+
+ spin_unlock_irqrestore(&rtlpriv->locks.ips_lock, flags);
+ }
++EXPORT_SYMBOL_GPL(rtl_ips_nic_on);
+
+ /*for FW LPS*/
+
+@@ -518,6 +519,7 @@ void rtl_swlps_beacon(struct ieee80211_h
+ "u_bufferd: %x, m_buffered: %x\n", u_buffed, m_buffed);
+ }
+ }
++EXPORT_SYMBOL_GPL(rtl_swlps_beacon);
+
+ void rtl_swlps_rf_awake(struct ieee80211_hw *hw)
+ {
+@@ -922,3 +924,4 @@ void rtl_p2p_info(struct ieee80211_hw *h
+ else
+ rtl_p2p_noa_ie(hw, data, len - FCS_LEN);
+ }
++EXPORT_SYMBOL_GPL(rtl_p2p_info);
+--- a/drivers/net/wireless/rtlwifi/usb.c
++++ b/drivers/net/wireless/rtlwifi/usb.c
+@@ -32,6 +32,13 @@
+ #include "ps.h"
+ #include "rtl8192c/fw_common.h"
+ #include <linux/export.h>
++#include <linux/module.h>
++
++MODULE_AUTHOR("lizhaoming <chaoming_li@realsil.com.cn>");
++MODULE_AUTHOR("Realtek WlanFAE <wlanfae@realtek.com>");
++MODULE_AUTHOR("Larry Finger <Larry.FInger@lwfinger.net>");
++MODULE_LICENSE("GPL");
++MODULE_DESCRIPTION("USB basic driver for rtlwifi");
+
+ #define REALTEK_USB_VENQT_READ 0xC0
+ #define REALTEK_USB_VENQT_WRITE 0x40
+--- a/drivers/net/wireless/ath/ath9k/ath9k.h
++++ b/drivers/net/wireless/ath/ath9k/ath9k.h
+@@ -72,17 +72,12 @@ struct ath_config {
+ /*************************/
+
+ #define ATH_TXBUF_RESET(_bf) do { \
+- (_bf)->bf_stale = false; \
+ (_bf)->bf_lastbf = NULL; \
+ (_bf)->bf_next = NULL; \
+ memset(&((_bf)->bf_state), 0, \
+ sizeof(struct ath_buf_state)); \
+ } while (0)
+
+-#define ATH_RXBUF_RESET(_bf) do { \
+- (_bf)->bf_stale = false; \
+- } while (0)
+-
+ /**
+ * enum buffer_type - Buffer type flags
+ *
+@@ -137,7 +132,8 @@ int ath_descdma_setup(struct ath_softc *
+ #define ATH_AGGR_ENCRYPTDELIM 10
+ /* minimum h/w qdepth to be sustained to maximize aggregation */
+ #define ATH_AGGR_MIN_QDEPTH 2
+-#define ATH_AMPDU_SUBFRAME_DEFAULT 32
++/* minimum h/w qdepth for non-aggregated traffic */
++#define ATH_NON_AGGR_MIN_QDEPTH 8
+
+ #define IEEE80211_SEQ_SEQ_SHIFT 4
+ #define IEEE80211_SEQ_MAX 4096
+@@ -174,12 +170,6 @@ int ath_descdma_setup(struct ath_softc *
+
+ #define ATH_TX_COMPLETE_POLL_INT 1000
+
+-enum ATH_AGGR_STATUS {
+- ATH_AGGR_DONE,
+- ATH_AGGR_BAW_CLOSED,
+- ATH_AGGR_LIMITED,
+-};
+-
+ #define ATH_TXFIFO_DEPTH 8
+ struct ath_txq {
+ int mac80211_qnum; /* mac80211 queue number, -1 means not mac80211 Q */
+@@ -201,10 +191,10 @@ struct ath_txq {
+
+ struct ath_atx_ac {
+ struct ath_txq *txq;
+- int sched;
+ struct list_head list;
+ struct list_head tid_q;
+ bool clear_ps_filter;
++ bool sched;
+ };
+
+ struct ath_frame_info {
+@@ -212,14 +202,16 @@ struct ath_frame_info {
+ int framelen;
+ enum ath9k_key_type keytype;
+ u8 keyix;
+- u8 retries;
+ u8 rtscts_rate;
++ u8 retries : 7;
++ u8 baw_tracked : 1;
+ };
+
+ struct ath_buf_state {
+ u8 bf_type;
+ u8 bfs_paprd;
+ u8 ndelim;
++ bool stale;
+ u16 seqno;
+ unsigned long bfs_paprd_timestamp;
+ };
+@@ -233,7 +225,6 @@ struct ath_buf {
+ void *bf_desc; /* virtual addr of desc */
+ dma_addr_t bf_daddr; /* physical addr of desc */
+ dma_addr_t bf_buf_addr; /* physical addr of data buffer, for DMA */
+- bool bf_stale;
+ struct ieee80211_tx_rate rates[4];
+ struct ath_buf_state bf_state;
+ };
+@@ -241,16 +232,18 @@ struct ath_buf {
+ struct ath_atx_tid {
+ struct list_head list;
+ struct sk_buff_head buf_q;
++ struct sk_buff_head retry_q;
+ struct ath_node *an;
+ struct ath_atx_ac *ac;
+ unsigned long tx_buf[BITS_TO_LONGS(ATH_TID_MAX_BUFS)];
+- int bar_index;
+ u16 seq_start;
+ u16 seq_next;
+ u16 baw_size;
+- int tidno;
++ u8 tidno;
+ int baw_head; /* first un-acked tx buffer */
+ int baw_tail; /* next unused tx buffer slot */
++
++ s8 bar_index;
+ bool sched;
+ bool paused;
+ bool active;
+@@ -262,12 +255,13 @@ struct ath_node {
+ struct ieee80211_vif *vif; /* interface with which we're associated */
+ struct ath_atx_tid tid[IEEE80211_NUM_TIDS];
+ struct ath_atx_ac ac[IEEE80211_NUM_ACS];
+- int ps_key;
+
+ u16 maxampdu;
+ u8 mpdudensity;
++ s8 ps_key;
+
+ bool sleeping;
++ bool no_ps_filter;
+
+ #if defined(CPTCFG_MAC80211_DEBUGFS) && defined(CPTCFG_ATH9K_DEBUGFS)
+ struct dentry *node_stat;
+@@ -317,6 +311,7 @@ struct ath_rx {
+ struct ath_descdma rxdma;
+ struct ath_rx_edma rx_edma[ATH9K_RX_QUEUE_MAX];
+
++ struct ath_buf *buf_hold;
+ struct sk_buff *frag;
+
+ u32 ampdu_ref;
+@@ -367,6 +362,7 @@ void ath9k_release_buffered_frames(struc
+ /********/
+
+ struct ath_vif {
++ struct ath_node mcast_node;
+ int av_bslot;
+ bool primary_sta_vif;
+ __le64 tsf_adjust; /* TSF adjustment for staggered beacons */
+--- a/drivers/net/wireless/ath/ath9k/debug.c
++++ b/drivers/net/wireless/ath/ath9k/debug.c
+@@ -607,6 +607,28 @@ static ssize_t read_file_xmit(struct fil
+ return retval;
+ }
+
++static ssize_t print_queue(struct ath_softc *sc, struct ath_txq *txq,
++ char *buf, ssize_t size)
++{
++ ssize_t len = 0;
++
++ ath_txq_lock(sc, txq);
++
++ len += snprintf(buf + len, size - len, "%s: %d ",
++ "qnum", txq->axq_qnum);
++ len += snprintf(buf + len, size - len, "%s: %2d ",
++ "qdepth", txq->axq_depth);
++ len += snprintf(buf + len, size - len, "%s: %2d ",
++ "ampdu-depth", txq->axq_ampdu_depth);
++ len += snprintf(buf + len, size - len, "%s: %3d ",
++ "pending", txq->pending_frames);
++ len += snprintf(buf + len, size - len, "%s: %d\n",
++ "stopped", txq->stopped);
++
++ ath_txq_unlock(sc, txq);
++ return len;
++}
++
+ static ssize_t read_file_queues(struct file *file, char __user *user_buf,
+ size_t count, loff_t *ppos)
+ {
+@@ -624,24 +646,13 @@ static ssize_t read_file_queues(struct f
+
+ for (i = 0; i < IEEE80211_NUM_ACS; i++) {
+ txq = sc->tx.txq_map[i];
+- len += snprintf(buf + len, size - len, "(%s): ", qname[i]);
+-
+- ath_txq_lock(sc, txq);
+-
+- len += snprintf(buf + len, size - len, "%s: %d ",
+- "qnum", txq->axq_qnum);
+- len += snprintf(buf + len, size - len, "%s: %2d ",
+- "qdepth", txq->axq_depth);
+- len += snprintf(buf + len, size - len, "%s: %2d ",
+- "ampdu-depth", txq->axq_ampdu_depth);
+- len += snprintf(buf + len, size - len, "%s: %3d ",
+- "pending", txq->pending_frames);
+- len += snprintf(buf + len, size - len, "%s: %d\n",
+- "stopped", txq->stopped);
+-
+- ath_txq_unlock(sc, txq);
++ len += snprintf(buf + len, size - len, "(%s): ", qname[i]);
++ len += print_queue(sc, txq, buf + len, size - len);
+ }
+
++ len += snprintf(buf + len, size - len, "(CAB): ");
++ len += print_queue(sc, sc->beacon.cabq, buf + len, size - len);
++
+ if (len > size)
+ len = size;
+
+--- a/net/mac80211/ibss.c
++++ b/net/mac80211/ibss.c
+@@ -792,6 +792,17 @@ static void ieee80211_sta_find_ibss(stru
+ return;
+ }
+
++ /* if a fixed bssid and a fixed freq have been provided create the IBSS
++ * directly and do not waste time scanning
++ */
++ if (ifibss->fixed_bssid && ifibss->fixed_channel) {
++ sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n",
++ bssid);
++ ieee80211_sta_create_ibss(sdata);
++ return;
++ }
++
++
+ ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
+
+ /* Selected IBSS not found in current scan results - try to scan */
+--- a/drivers/net/wireless/ath/ath9k/ar9003_phy.c
++++ b/drivers/net/wireless/ath/ath9k/ar9003_phy.c
+@@ -1173,6 +1173,10 @@ skip_ws_det:
+ * is_on == 0 means MRC CCK is OFF (more noise imm)
+ */
+ bool is_on = param ? 1 : 0;
++
++ if (ah->caps.rx_chainmask == 1)
++ break;
++
+ REG_RMW_FIELD(ah, AR_PHY_MRC_CCK_CTRL,
+ AR_PHY_MRC_CCK_ENABLE, is_on);
+ REG_RMW_FIELD(ah, AR_PHY_MRC_CCK_CTRL,
+--- a/drivers/net/wireless/ath/ath9k/recv.c
++++ b/drivers/net/wireless/ath/ath9k/recv.c
+@@ -42,8 +42,6 @@ static void ath_rx_buf_link(struct ath_s
+ struct ath_desc *ds;
+ struct sk_buff *skb;
+
+- ATH_RXBUF_RESET(bf);
+-
+ ds = bf->bf_desc;
+ ds->ds_link = 0; /* link to null */
+ ds->ds_data = bf->bf_buf_addr;
+@@ -70,6 +68,14 @@ static void ath_rx_buf_link(struct ath_s
+ sc->rx.rxlink = &ds->ds_link;
+ }
+
++static void ath_rx_buf_relink(struct ath_softc *sc, struct ath_buf *bf)
++{
++ if (sc->rx.buf_hold)
++ ath_rx_buf_link(sc, sc->rx.buf_hold);
++
++ sc->rx.buf_hold = bf;
++}
++
+ static void ath_setdefantenna(struct ath_softc *sc, u32 antenna)
+ {
+ /* XXX block beacon interrupts */
+@@ -117,7 +123,6 @@ static bool ath_rx_edma_buf_link(struct
+
+ skb = bf->bf_mpdu;
+
+- ATH_RXBUF_RESET(bf);
+ memset(skb->data, 0, ah->caps.rx_status_len);
+ dma_sync_single_for_device(sc->dev, bf->bf_buf_addr,
+ ah->caps.rx_status_len, DMA_TO_DEVICE);
+@@ -432,6 +437,7 @@ int ath_startrecv(struct ath_softc *sc)
+ if (list_empty(&sc->rx.rxbuf))
+ goto start_recv;
+
++ sc->rx.buf_hold = NULL;
+ sc->rx.rxlink = NULL;
+ list_for_each_entry_safe(bf, tbf, &sc->rx.rxbuf, list) {
+ ath_rx_buf_link(sc, bf);
+@@ -677,6 +683,9 @@ static struct ath_buf *ath_get_next_rx_b
+ }
+
+ bf = list_first_entry(&sc->rx.rxbuf, struct ath_buf, list);
++ if (bf == sc->rx.buf_hold)
++ return NULL;
++
+ ds = bf->bf_desc;
+
+ /*
+@@ -1375,7 +1384,7 @@ requeue:
+ if (edma) {
+ ath_rx_edma_buf_link(sc, qtype);
+ } else {
+- ath_rx_buf_link(sc, bf);
++ ath_rx_buf_relink(sc, bf);
+ ath9k_hw_rxena(ah);
+ }
+ } while (1);
projects / openwrt.git / blobdiff