rt2x00: Implement set_tim callback for all drivers

[safe/jmp/linux-2.6] / drivers / net / wireless / rt2x00 / rt61pci.c
diff --git a/drivers/net/wireless/rt2x00/rt61pci.c b/drivers/net/wireless/rt2x00/rt61pci.c

index 62d4937..b435c14 100644 (file)
--- a/drivers/net/wireless/rt2x00/rt61pci.c
+++ b/drivers/net/wireless/rt2x00/rt61pci.c
@@ -1,5 +1,5 @@
  /*
-       Copyright (C) 2004 - 2008 rt2x00 SourceForge Project
+       Copyright (C) 2004 - 2009 rt2x00 SourceForge Project
         <http://rt2x00.serialmonkey.com>
  
         This program is free software; you can redistribute it and/or modify
@@ -24,6 +24,7 @@
         Supported chipsets: RT2561, RT2561s, RT2661.
   */
  
+#include <linux/crc-itu-t.h>
  #include <linux/delay.h>
  #include <linux/etherdevice.h>
  #include <linux/init.h>
@@ -37,6 +38,13 @@
  #include "rt61pci.h"
  
  /*
+ * Allow hardware encryption to be disabled.
+ */
+static int modparam_nohwcrypt = 0;
+module_param_named(nohwcrypt, modparam_nohwcrypt, bool, S_IRUGO);
+MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
+
+/*
   * Register access.
   * BBP and RF register require indirect register access,
   * and use the CSR registers PHY_CSR3 and PHY_CSR4 to achieve this.
@@ -47,45 +55,36 @@
   * the access attempt is considered to have failed,
   * and we will print an error.
   */
-static u32 rt61pci_bbp_check(struct rt2x00_dev *rt2x00dev)
-{
-       u32 reg;
-       unsigned int i;
-
-       for (i = 0; i < REGISTER_BUSY_COUNT; i++) {
-               rt2x00pci_register_read(rt2x00dev, PHY_CSR3, &reg);
-               if (!rt2x00_get_field32(reg, PHY_CSR3_BUSY))
-                       break;
-               udelay(REGISTER_BUSY_DELAY);
-       }
-
-       return reg;
-}
+#define WAIT_FOR_BBP(__dev, __reg) \
+       rt2x00pci_regbusy_read((__dev), PHY_CSR3, PHY_CSR3_BUSY, (__reg))
+#define WAIT_FOR_RF(__dev, __reg) \
+       rt2x00pci_regbusy_read((__dev), PHY_CSR4, PHY_CSR4_BUSY, (__reg))
+#define WAIT_FOR_MCU(__dev, __reg) \
+       rt2x00pci_regbusy_read((__dev), H2M_MAILBOX_CSR, \
+                              H2M_MAILBOX_CSR_OWNER, (__reg))
  
  static void rt61pci_bbp_write(struct rt2x00_dev *rt2x00dev,
                               const unsigned int word, const u8 value)
  {
         u32 reg;
  
-       /*
-        * Wait until the BBP becomes ready.
-        */
-       reg = rt61pci_bbp_check(rt2x00dev);
-       if (rt2x00_get_field32(reg, PHY_CSR3_BUSY)) {
-               ERROR(rt2x00dev, "PHY_CSR3 register busy. Write failed.\n");
-               return;
-       }
+       mutex_lock(&rt2x00dev->csr_mutex);
  
         /*
-        * Write the data into the BBP.
+        * Wait until the BBP becomes available, afterwards we
+        * can safely write the new data into the register.
          */
-       reg = 0;
-       rt2x00_set_field32(&reg, PHY_CSR3_VALUE, value);
-       rt2x00_set_field32(&reg, PHY_CSR3_REGNUM, word);
-       rt2x00_set_field32(&reg, PHY_CSR3_BUSY, 1);
-       rt2x00_set_field32(&reg, PHY_CSR3_READ_CONTROL, 0);
+       if (WAIT_FOR_BBP(rt2x00dev, &reg)) {
+               reg = 0;
+               rt2x00_set_field32(&reg, PHY_CSR3_VALUE, value);
+               rt2x00_set_field32(&reg, PHY_CSR3_REGNUM, word);
+               rt2x00_set_field32(&reg, PHY_CSR3_BUSY, 1);
+               rt2x00_set_field32(&reg, PHY_CSR3_READ_CONTROL, 0);
+
+               rt2x00pci_register_write(rt2x00dev, PHY_CSR3, reg);
+       }
  
-       rt2x00pci_register_write(rt2x00dev, PHY_CSR3, reg);
+       mutex_unlock(&rt2x00dev->csr_mutex);
  }
  
  static void rt61pci_bbp_read(struct rt2x00_dev *rt2x00dev,
@@ -93,101 +92,85 @@ static void rt61pci_bbp_read(struct rt2x00_dev *rt2x00dev,
  {
         u32 reg;
  
-       /*
-        * Wait until the BBP becomes ready.
-        */
-       reg = rt61pci_bbp_check(rt2x00dev);
-       if (rt2x00_get_field32(reg, PHY_CSR3_BUSY)) {
-               ERROR(rt2x00dev, "PHY_CSR3 register busy. Read failed.\n");
-               return;
-       }
+       mutex_lock(&rt2x00dev->csr_mutex);
  
         /*
-        * Write the request into the BBP.
+        * Wait until the BBP becomes available, afterwards we
+        * can safely write the read request into the register.
+        * After the data has been written, we wait until hardware
+        * returns the correct value, if at any time the register
+        * doesn't become available in time, reg will be 0xffffffff
+        * which means we return 0xff to the caller.
          */
-       reg = 0;
-       rt2x00_set_field32(&reg, PHY_CSR3_REGNUM, word);
-       rt2x00_set_field32(&reg, PHY_CSR3_BUSY, 1);
-       rt2x00_set_field32(&reg, PHY_CSR3_READ_CONTROL, 1);
+       if (WAIT_FOR_BBP(rt2x00dev, &reg)) {
+               reg = 0;
+               rt2x00_set_field32(&reg, PHY_CSR3_REGNUM, word);
+               rt2x00_set_field32(&reg, PHY_CSR3_BUSY, 1);
+               rt2x00_set_field32(&reg, PHY_CSR3_READ_CONTROL, 1);
  
-       rt2x00pci_register_write(rt2x00dev, PHY_CSR3, reg);
+               rt2x00pci_register_write(rt2x00dev, PHY_CSR3, reg);
  
-       /*
-        * Wait until the BBP becomes ready.
-        */
-       reg = rt61pci_bbp_check(rt2x00dev);
-       if (rt2x00_get_field32(reg, PHY_CSR3_BUSY)) {
-               ERROR(rt2x00dev, "PHY_CSR3 register busy. Read failed.\n");
-               *value = 0xff;
-               return;
+               WAIT_FOR_BBP(rt2x00dev, &reg);
         }
  
         *value = rt2x00_get_field32(reg, PHY_CSR3_VALUE);
+
+       mutex_unlock(&rt2x00dev->csr_mutex);
  }
  
  static void rt61pci_rf_write(struct rt2x00_dev *rt2x00dev,
                              const unsigned int word, const u32 value)
  {
         u32 reg;
-       unsigned int i;
  
-       if (!word)
-               return;
-
-       for (i = 0; i < REGISTER_BUSY_COUNT; i++) {
-               rt2x00pci_register_read(rt2x00dev, PHY_CSR4, &reg);
-               if (!rt2x00_get_field32(reg, PHY_CSR4_BUSY))
-                       goto rf_write;
-               udelay(REGISTER_BUSY_DELAY);
-       }
+       mutex_lock(&rt2x00dev->csr_mutex);
  
-       ERROR(rt2x00dev, "PHY_CSR4 register busy. Write failed.\n");
-       return;
+       /*
+        * Wait until the RF becomes available, afterwards we
+        * can safely write the new data into the register.
+        */
+       if (WAIT_FOR_RF(rt2x00dev, &reg)) {
+               reg = 0;
+               rt2x00_set_field32(&reg, PHY_CSR4_VALUE, value);
+               rt2x00_set_field32(&reg, PHY_CSR4_NUMBER_OF_BITS, 21);
+               rt2x00_set_field32(&reg, PHY_CSR4_IF_SELECT, 0);
+               rt2x00_set_field32(&reg, PHY_CSR4_BUSY, 1);
  
-rf_write:
-       reg = 0;
-       rt2x00_set_field32(&reg, PHY_CSR4_VALUE, value);
-       rt2x00_set_field32(&reg, PHY_CSR4_NUMBER_OF_BITS, 21);
-       rt2x00_set_field32(&reg, PHY_CSR4_IF_SELECT, 0);
-       rt2x00_set_field32(&reg, PHY_CSR4_BUSY, 1);
+               rt2x00pci_register_write(rt2x00dev, PHY_CSR4, reg);
+               rt2x00_rf_write(rt2x00dev, word, value);
+       }
  
-       rt2x00pci_register_write(rt2x00dev, PHY_CSR4, reg);
-       rt2x00_rf_write(rt2x00dev, word, value);
+       mutex_unlock(&rt2x00dev->csr_mutex);
  }
  
-#ifdef CONFIG_RT61PCI_LEDS
-/*
- * This function is only called from rt61pci_led_brightness()
- * make gcc happy by placing this function inside the
- * same ifdef statement as the caller.
- */
  static void rt61pci_mcu_request(struct rt2x00_dev *rt2x00dev,
                                 const u8 command, const u8 token,
                                 const u8 arg0, const u8 arg1)
  {
         u32 reg;
  
-       rt2x00pci_register_read(rt2x00dev, H2M_MAILBOX_CSR, &reg);
+       mutex_lock(&rt2x00dev->csr_mutex);
  
-       if (rt2x00_get_field32(reg, H2M_MAILBOX_CSR_OWNER)) {
-               ERROR(rt2x00dev, "mcu request error. "
-                     "Request 0x%02x failed for token 0x%02x.\n",
-                     command, token);
-               return;
+       /*
+        * Wait until the MCU becomes available, afterwards we
+        * can safely write the new data into the register.
+        */
+       if (WAIT_FOR_MCU(rt2x00dev, &reg)) {
+               rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_OWNER, 1);
+               rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_CMD_TOKEN, token);
+               rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_ARG0, arg0);
+               rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_ARG1, arg1);
+               rt2x00pci_register_write(rt2x00dev, H2M_MAILBOX_CSR, reg);
+
+               rt2x00pci_register_read(rt2x00dev, HOST_CMD_CSR, &reg);
+               rt2x00_set_field32(&reg, HOST_CMD_CSR_HOST_COMMAND, command);
+               rt2x00_set_field32(&reg, HOST_CMD_CSR_INTERRUPT_MCU, 1);
+               rt2x00pci_register_write(rt2x00dev, HOST_CMD_CSR, reg);
         }
  
-       rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_OWNER, 1);
-       rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_CMD_TOKEN, token);
-       rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_ARG0, arg0);
-       rt2x00_set_field32(&reg, H2M_MAILBOX_CSR_ARG1, arg1);
-       rt2x00pci_register_write(rt2x00dev, H2M_MAILBOX_CSR, reg);
+       mutex_unlock(&rt2x00dev->csr_mutex);
  
-       rt2x00pci_register_read(rt2x00dev, HOST_CMD_CSR, &reg);
-       rt2x00_set_field32(&reg, HOST_CMD_CSR_HOST_COMMAND, command);
-       rt2x00_set_field32(&reg, HOST_CMD_CSR_INTERRUPT_MCU, 1);
-       rt2x00pci_register_write(rt2x00dev, HOST_CMD_CSR, reg);
  }
-#endif /* CONFIG_RT61PCI_LEDS */
  
  static void rt61pci_eepromregister_read(struct eeprom_93cx6 *eeprom)
  {
@@ -220,50 +203,40 @@ static void rt61pci_eepromregister_write(struct eeprom_93cx6 *eeprom)
  }
  
  #ifdef CONFIG_RT2X00_LIB_DEBUGFS
-#define CSR_OFFSET(__word)     ( CSR_REG_BASE + ((__word) * sizeof(u32)) )
-
-static void rt61pci_read_csr(struct rt2x00_dev *rt2x00dev,
-                            const unsigned int word, u32 *data)
-{
-       rt2x00pci_register_read(rt2x00dev, CSR_OFFSET(word), data);
-}
-
-static void rt61pci_write_csr(struct rt2x00_dev *rt2x00dev,
-                             const unsigned int word, u32 data)
-{
-       rt2x00pci_register_write(rt2x00dev, CSR_OFFSET(word), data);
-}
-
  static const struct rt2x00debug rt61pci_rt2x00debug = {
         .owner  = THIS_MODULE,
         .csr    = {
-               .read           = rt61pci_read_csr,
-               .write          = rt61pci_write_csr,
+               .read           = rt2x00pci_register_read,
+               .write          = rt2x00pci_register_write,
+               .flags          = RT2X00DEBUGFS_OFFSET,
+               .word_base      = CSR_REG_BASE,
                 .word_size      = sizeof(u32),
                 .word_count     = CSR_REG_SIZE / sizeof(u32),
         },
         .eeprom = {
                 .read           = rt2x00_eeprom_read,
                 .write          = rt2x00_eeprom_write,
+               .word_base      = EEPROM_BASE,
                 .word_size      = sizeof(u16),
                 .word_count     = EEPROM_SIZE / sizeof(u16),
         },
         .bbp    = {
                 .read           = rt61pci_bbp_read,
                 .write          = rt61pci_bbp_write,
+               .word_base      = BBP_BASE,
                 .word_size      = sizeof(u8),
                 .word_count     = BBP_SIZE / sizeof(u8),
         },
         .rf     = {
                 .read           = rt2x00_rf_read,
                 .write          = rt61pci_rf_write,
+               .word_base      = RF_BASE,
                 .word_size      = sizeof(u32),
                 .word_count     = RF_SIZE / sizeof(u32),
         },
  };
  #endif /* CONFIG_RT2X00_LIB_DEBUGFS */
  
-#ifdef CONFIG_RT61PCI_RFKILL
  static int rt61pci_rfkill_poll(struct rt2x00_dev *rt2x00dev)
  {
         u32 reg;
@@ -271,12 +244,9 @@ static int rt61pci_rfkill_poll(struct rt2x00_dev *rt2x00dev)
         rt2x00pci_register_read(rt2x00dev, MAC_CSR13, &reg);
         return rt2x00_get_field32(reg, MAC_CSR13_BIT5);
  }
-#else
-#define rt61pci_rfkill_poll    NULL
-#endif /* CONFIG_RT61PCI_RFKILL */
  
-#ifdef CONFIG_RT61PCI_LEDS
-static void rt61pci_led_brightness(struct led_classdev *led_cdev,
+#ifdef CONFIG_RT2X00_LIB_LEDS
+static void rt61pci_brightness_set(struct led_classdev *led_cdev,
                                    enum led_brightness brightness)
  {
         struct rt2x00_led *led =
@@ -313,13 +283,268 @@ static void rt61pci_led_brightness(struct led_classdev *led_cdev,
                                     brightness / (LED_FULL / 6), 0);
         }
  }
-#else
-#define rt61pci_led_brightness NULL
-#endif /* CONFIG_RT61PCI_LEDS */
+
+static int rt61pci_blink_set(struct led_classdev *led_cdev,
+                            unsigned long *delay_on,
+                            unsigned long *delay_off)
+{
+       struct rt2x00_led *led =
+           container_of(led_cdev, struct rt2x00_led, led_dev);
+       u32 reg;
+
+       rt2x00pci_register_read(led->rt2x00dev, MAC_CSR14, &reg);
+       rt2x00_set_field32(&reg, MAC_CSR14_ON_PERIOD, *delay_on);
+       rt2x00_set_field32(&reg, MAC_CSR14_OFF_PERIOD, *delay_off);
+       rt2x00pci_register_write(led->rt2x00dev, MAC_CSR14, reg);
+
+       return 0;
+}
+
+static void rt61pci_init_led(struct rt2x00_dev *rt2x00dev,
+                            struct rt2x00_led *led,
+                            enum led_type type)
+{
+       led->rt2x00dev = rt2x00dev;
+       led->type = type;
+       led->led_dev.brightness_set = rt61pci_brightness_set;
+       led->led_dev.blink_set = rt61pci_blink_set;
+       led->flags = LED_INITIALIZED;
+}
+#endif /* CONFIG_RT2X00_LIB_LEDS */
  
  /*
   * Configuration handlers.
   */
+static int rt61pci_config_shared_key(struct rt2x00_dev *rt2x00dev,
+                                    struct rt2x00lib_crypto *crypto,
+                                    struct ieee80211_key_conf *key)
+{
+       struct hw_key_entry key_entry;
+       struct rt2x00_field32 field;
+       u32 mask;
+       u32 reg;
+
+       if (crypto->cmd == SET_KEY) {
+               /*
+                * rt2x00lib can't determine the correct free
+                * key_idx for shared keys. We have 1 register
+                * with key valid bits. The goal is simple, read
+                * the register, if that is full we have no slots
+                * left.
+                * Note that each BSS is allowed to have up to 4
+                * shared keys, so put a mask over the allowed
+                * entries.
+                */
+               mask = (0xf << crypto->bssidx);
+
+               rt2x00pci_register_read(rt2x00dev, SEC_CSR0, &reg);
+               reg &= mask;
+
+               if (reg && reg == mask)
+                       return -ENOSPC;
+
+               key->hw_key_idx += reg ? ffz(reg) : 0;
+
+               /*
+                * Upload key to hardware
+                */
+               memcpy(key_entry.key, crypto->key,
+                      sizeof(key_entry.key));
+               memcpy(key_entry.tx_mic, crypto->tx_mic,
+                      sizeof(key_entry.tx_mic));
+               memcpy(key_entry.rx_mic, crypto->rx_mic,
+                      sizeof(key_entry.rx_mic));
+
+               reg = SHARED_KEY_ENTRY(key->hw_key_idx);
+               rt2x00pci_register_multiwrite(rt2x00dev, reg,
+                                             &key_entry, sizeof(key_entry));
+
+               /*
+                * The cipher types are stored over 2 registers.
+                * bssidx 0 and 1 keys are stored in SEC_CSR1 and
+                * bssidx 1 and 2 keys are stored in SEC_CSR5.
+                * Using the correct defines correctly will cause overhead,
+                * so just calculate the correct offset.
+                */
+               if (key->hw_key_idx < 8) {
+                       field.bit_offset = (3 * key->hw_key_idx);
+                       field.bit_mask = 0x7 << field.bit_offset;
+
+                       rt2x00pci_register_read(rt2x00dev, SEC_CSR1, &reg);
+                       rt2x00_set_field32(&reg, field, crypto->cipher);
+                       rt2x00pci_register_write(rt2x00dev, SEC_CSR1, reg);
+               } else {
+                       field.bit_offset = (3 * (key->hw_key_idx - 8));
+                       field.bit_mask = 0x7 << field.bit_offset;
+
+                       rt2x00pci_register_read(rt2x00dev, SEC_CSR5, &reg);
+                       rt2x00_set_field32(&reg, field, crypto->cipher);
+                       rt2x00pci_register_write(rt2x00dev, SEC_CSR5, reg);
+               }
+
+               /*
+                * The driver does not support the IV/EIV generation
+                * in hardware. However it doesn't support the IV/EIV
+                * inside the ieee80211 frame either, but requires it
+                * to be provided seperately for the descriptor.
+                * rt2x00lib will cut the IV/EIV data out of all frames
+                * given to us by mac80211, but we must tell mac80211
+                * to generate the IV/EIV data.
+                */
+               key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
+       }
+
+       /*
+        * SEC_CSR0 contains only single-bit fields to indicate
+        * a particular key is valid. Because using the FIELD32()
+        * defines directly will cause a lot of overhead we use
+        * a calculation to determine the correct bit directly.
+        */
+       mask = 1 << key->hw_key_idx;
+
+       rt2x00pci_register_read(rt2x00dev, SEC_CSR0, &reg);
+       if (crypto->cmd == SET_KEY)
+               reg |= mask;
+       else if (crypto->cmd == DISABLE_KEY)
+               reg &= ~mask;
+       rt2x00pci_register_write(rt2x00dev, SEC_CSR0, reg);
+
+       return 0;
+}
+
+static int rt61pci_config_pairwise_key(struct rt2x00_dev *rt2x00dev,
+                                      struct rt2x00lib_crypto *crypto,
+                                      struct ieee80211_key_conf *key)
+{
+       struct hw_pairwise_ta_entry addr_entry;
+       struct hw_key_entry key_entry;
+       u32 mask;
+       u32 reg;
+
+       if (crypto->cmd == SET_KEY) {
+               /*
+                * rt2x00lib can't determine the correct free
+                * key_idx for pairwise keys. We have 2 registers
+                * with key valid bits. The goal is simple, read
+                * the first register, if that is full move to
+                * the next register.
+                * When both registers are full, we drop the key,
+                * otherwise we use the first invalid entry.
+                */
+               rt2x00pci_register_read(rt2x00dev, SEC_CSR2, &reg);
+               if (reg && reg == ~0) {
+                       key->hw_key_idx = 32;
+                       rt2x00pci_register_read(rt2x00dev, SEC_CSR3, &reg);
+                       if (reg && reg == ~0)
+                               return -ENOSPC;
+               }
+
+               key->hw_key_idx += reg ? ffz(reg) : 0;
+
+               /*
+                * Upload key to hardware
+                */
+               memcpy(key_entry.key, crypto->key,
+                      sizeof(key_entry.key));
+               memcpy(key_entry.tx_mic, crypto->tx_mic,
+                      sizeof(key_entry.tx_mic));
+               memcpy(key_entry.rx_mic, crypto->rx_mic,
+                      sizeof(key_entry.rx_mic));
+
+               memset(&addr_entry, 0, sizeof(addr_entry));
+               memcpy(&addr_entry, crypto->address, ETH_ALEN);
+               addr_entry.cipher = crypto->cipher;
+
+               reg = PAIRWISE_KEY_ENTRY(key->hw_key_idx);
+               rt2x00pci_register_multiwrite(rt2x00dev, reg,
+                                             &key_entry, sizeof(key_entry));
+
+               reg = PAIRWISE_TA_ENTRY(key->hw_key_idx);
+               rt2x00pci_register_multiwrite(rt2x00dev, reg,
+                                             &addr_entry, sizeof(addr_entry));
+
+               /*
+                * Enable pairwise lookup table for given BSS idx,
+                * without this received frames will not be decrypted
+                * by the hardware.
+                */
+               rt2x00pci_register_read(rt2x00dev, SEC_CSR4, &reg);
+               reg |= (1 << crypto->bssidx);
+               rt2x00pci_register_write(rt2x00dev, SEC_CSR4, reg);
+
+               /*
+                * The driver does not support the IV/EIV generation
+                * in hardware. However it doesn't support the IV/EIV
+                * inside the ieee80211 frame either, but requires it
+                * to be provided seperately for the descriptor.
+                * rt2x00lib will cut the IV/EIV data out of all frames
+                * given to us by mac80211, but we must tell mac80211
+                * to generate the IV/EIV data.
+                */
+               key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
+       }
+
+       /*
+        * SEC_CSR2 and SEC_CSR3 contain only single-bit fields to indicate
+        * a particular key is valid. Because using the FIELD32()
+        * defines directly will cause a lot of overhead we use
+        * a calculation to determine the correct bit directly.
+        */
+       if (key->hw_key_idx < 32) {
+               mask = 1 << key->hw_key_idx;
+
+               rt2x00pci_register_read(rt2x00dev, SEC_CSR2, &reg);
+               if (crypto->cmd == SET_KEY)
+                       reg |= mask;
+               else if (crypto->cmd == DISABLE_KEY)
+                       reg &= ~mask;
+               rt2x00pci_register_write(rt2x00dev, SEC_CSR2, reg);
+       } else {
+               mask = 1 << (key->hw_key_idx - 32);
+
+               rt2x00pci_register_read(rt2x00dev, SEC_CSR3, &reg);
+               if (crypto->cmd == SET_KEY)
+                       reg |= mask;
+               else if (crypto->cmd == DISABLE_KEY)
+                       reg &= ~mask;
+               rt2x00pci_register_write(rt2x00dev, SEC_CSR3, reg);
+       }
+
+       return 0;
+}
+
+static void rt61pci_config_filter(struct rt2x00_dev *rt2x00dev,
+                                 const unsigned int filter_flags)
+{
+       u32 reg;
+
+       /*
+        * Start configuration steps.
+        * Note that the version error will always be dropped
+        * and broadcast frames will always be accepted since
+        * there is no filter for it at this time.
+        */
+       rt2x00pci_register_read(rt2x00dev, TXRX_CSR0, &reg);
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_CRC,
+                          !(filter_flags & FIF_FCSFAIL));
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_PHYSICAL,
+                          !(filter_flags & FIF_PLCPFAIL));
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_CONTROL,
+                          !(filter_flags & FIF_CONTROL));
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_NOT_TO_ME,
+                          !(filter_flags & FIF_PROMISC_IN_BSS));
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_TO_DS,
+                          !(filter_flags & FIF_PROMISC_IN_BSS) &&
+                          !rt2x00dev->intf_ap_count);
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_VERSION_ERROR, 1);
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_MULTICAST,
+                          !(filter_flags & FIF_ALLMULTI));
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_BROADCAST, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_ACK_CTS,
+                          !(filter_flags & FIF_CONTROL));
+       rt2x00pci_register_write(rt2x00dev, TXRX_CSR0, reg);
+}
+
  static void rt61pci_config_intf(struct rt2x00_dev *rt2x00dev,
                                 struct rt2x00_intf *intf,
                                 struct rt2x00intf_conf *conf,
@@ -336,7 +561,6 @@ static void rt61pci_config_intf(struct rt2x00_dev *rt2x00dev,
                  * bits which (when set to 0) will invalidate the entire beacon.
                  */
                 beacon_base = HW_BEACON_OFFSET(intf->beacon->entry_idx);
-               rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, 0);
                 rt2x00pci_register_write(rt2x00dev, beacon_base, 0);
  
                 /*
@@ -344,10 +568,8 @@ static void rt61pci_config_intf(struct rt2x00_dev *rt2x00dev,
                  */
                 rt2x00pci_register_read(rt2x00dev, TXRX_CSR9, &reg);
                 rt2x00_set_field32(&reg, TXRX_CSR9_TSF_TICKING, 1);
-               rt2x00_set_field32(&reg, TXRX_CSR9_TBTT_ENABLE,
-                                 (conf->sync == TSF_SYNC_BEACON));
-               rt2x00_set_field32(&reg, TXRX_CSR9_BEACON_GEN, 0);
                 rt2x00_set_field32(&reg, TXRX_CSR9_TSF_SYNC, conf->sync);
+               rt2x00_set_field32(&reg, TXRX_CSR9_TBTT_ENABLE, 1);
                 rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, reg);
         }
  
@@ -370,88 +592,38 @@ static void rt61pci_config_intf(struct rt2x00_dev *rt2x00dev,
         }
  }
  
-static int rt61pci_config_preamble(struct rt2x00_dev *rt2x00dev,
-                                  const int short_preamble,
-                                  const int ack_timeout,
-                                  const int ack_consume_time)
+static void rt61pci_config_erp(struct rt2x00_dev *rt2x00dev,
+                              struct rt2x00lib_erp *erp)
  {
         u32 reg;
  
         rt2x00pci_register_read(rt2x00dev, TXRX_CSR0, &reg);
-       rt2x00_set_field32(&reg, TXRX_CSR0_RX_ACK_TIMEOUT, ack_timeout);
+       rt2x00_set_field32(&reg, TXRX_CSR0_RX_ACK_TIMEOUT, erp->ack_timeout);
+       rt2x00_set_field32(&reg, TXRX_CSR0_TSF_OFFSET, IEEE80211_HEADER);
         rt2x00pci_register_write(rt2x00dev, TXRX_CSR0, reg);
  
         rt2x00pci_register_read(rt2x00dev, TXRX_CSR4, &reg);
+       rt2x00_set_field32(&reg, TXRX_CSR4_AUTORESPOND_ENABLE, 1);
         rt2x00_set_field32(&reg, TXRX_CSR4_AUTORESPOND_PREAMBLE,
-                          !!short_preamble);
+                          !!erp->short_preamble);
         rt2x00pci_register_write(rt2x00dev, TXRX_CSR4, reg);
  
-       return 0;
-}
+       rt2x00pci_register_write(rt2x00dev, TXRX_CSR5, erp->basic_rates);
  
-static void rt61pci_config_phymode(struct rt2x00_dev *rt2x00dev,
-                                  const int basic_rate_mask)
-{
-       rt2x00pci_register_write(rt2x00dev, TXRX_CSR5, basic_rate_mask);
-}
-
-static void rt61pci_config_channel(struct rt2x00_dev *rt2x00dev,
-                                  struct rf_channel *rf, const int txpower)
-{
-       u8 r3;
-       u8 r94;
-       u8 smart;
-
-       rt2x00_set_field32(&rf->rf3, RF3_TXPOWER, TXPOWER_TO_DEV(txpower));
-       rt2x00_set_field32(&rf->rf4, RF4_FREQ_OFFSET, rt2x00dev->freq_offset);
-
-       smart = !(rt2x00_rf(&rt2x00dev->chip, RF5225) ||
-                 rt2x00_rf(&rt2x00dev->chip, RF2527));
-
-       rt61pci_bbp_read(rt2x00dev, 3, &r3);
-       rt2x00_set_field8(&r3, BBP_R3_SMART_MODE, smart);
-       rt61pci_bbp_write(rt2x00dev, 3, r3);
-
-       r94 = 6;
-       if (txpower > MAX_TXPOWER && txpower <= (MAX_TXPOWER + r94))
-               r94 += txpower - MAX_TXPOWER;
-       else if (txpower < MIN_TXPOWER && txpower >= (MIN_TXPOWER - r94))
-               r94 += txpower;
-       rt61pci_bbp_write(rt2x00dev, 94, r94);
-
-       rt61pci_rf_write(rt2x00dev, 1, rf->rf1);
-       rt61pci_rf_write(rt2x00dev, 2, rf->rf2);
-       rt61pci_rf_write(rt2x00dev, 3, rf->rf3 & ~0x00000004);
-       rt61pci_rf_write(rt2x00dev, 4, rf->rf4);
-
-       udelay(200);
-
-       rt61pci_rf_write(rt2x00dev, 1, rf->rf1);
-       rt61pci_rf_write(rt2x00dev, 2, rf->rf2);
-       rt61pci_rf_write(rt2x00dev, 3, rf->rf3 | 0x00000004);
-       rt61pci_rf_write(rt2x00dev, 4, rf->rf4);
-
-       udelay(200);
-
-       rt61pci_rf_write(rt2x00dev, 1, rf->rf1);
-       rt61pci_rf_write(rt2x00dev, 2, rf->rf2);
-       rt61pci_rf_write(rt2x00dev, 3, rf->rf3 & ~0x00000004);
-       rt61pci_rf_write(rt2x00dev, 4, rf->rf4);
-
-       msleep(1);
-}
-
-static void rt61pci_config_txpower(struct rt2x00_dev *rt2x00dev,
-                                  const int txpower)
-{
-       struct rf_channel rf;
+       rt2x00pci_register_read(rt2x00dev, TXRX_CSR9, &reg);
+       rt2x00_set_field32(&reg, TXRX_CSR9_BEACON_INTERVAL,
+                          erp->beacon_int * 16);
+       rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, reg);
  
-       rt2x00_rf_read(rt2x00dev, 1, &rf.rf1);
-       rt2x00_rf_read(rt2x00dev, 2, &rf.rf2);
-       rt2x00_rf_read(rt2x00dev, 3, &rf.rf3);
-       rt2x00_rf_read(rt2x00dev, 4, &rf.rf4);
+       rt2x00pci_register_read(rt2x00dev, MAC_CSR9, &reg);
+       rt2x00_set_field32(&reg, MAC_CSR9_SLOT_TIME, erp->slot_time);
+       rt2x00pci_register_write(rt2x00dev, MAC_CSR9, reg);
  
-       rt61pci_config_channel(rt2x00dev, &rf, txpower);
+       rt2x00pci_register_read(rt2x00dev, MAC_CSR8, &reg);
+       rt2x00_set_field32(&reg, MAC_CSR8_SIFS, erp->sifs);
+       rt2x00_set_field32(&reg, MAC_CSR8_SIFS_AFTER_RX_OFDM, 3);
+       rt2x00_set_field32(&reg, MAC_CSR8_EIFS, erp->eifs);
+       rt2x00pci_register_write(rt2x00dev, MAC_CSR8, reg);
  }
  
  static void rt61pci_config_antenna_5x(struct rt2x00_dev *rt2x00dev,
@@ -485,14 +657,8 @@ static void rt61pci_config_antenna_5x(struct rt2x00_dev *rt2x00dev,
                 else
                         rt2x00_set_field8(&r77, BBP_R77_RX_ANTENNA, 3);
                 break;
-       case ANTENNA_SW_DIVERSITY:
-               /*
-                * NOTE: We should never come here because rt2x00lib is
-                * supposed to catch this and send us the correct antenna
-                * explicitely. However we are nog going to bug about this.
-                * Instead, just default to antenna B.
-                */
         case ANTENNA_B:
+       default:
                 rt2x00_set_field8(&r4, BBP_R4_RX_ANTENNA_CONTROL, 1);
                 rt2x00_set_field8(&r4, BBP_R4_RX_FRAME_END, 0);
                 if (rt2x00dev->curr_band == IEEE80211_BAND_5GHZ)
@@ -534,14 +700,8 @@ static void rt61pci_config_antenna_2x(struct rt2x00_dev *rt2x00dev,
                 rt2x00_set_field8(&r4, BBP_R4_RX_ANTENNA_CONTROL, 1);
                 rt2x00_set_field8(&r77, BBP_R77_RX_ANTENNA, 3);
                 break;
-       case ANTENNA_SW_DIVERSITY:
-               /*
-                * NOTE: We should never come here because rt2x00lib is
-                * supposed to catch this and send us the correct antenna
-                * explicitely. However we are nog going to bug about this.
-                * Instead, just default to antenna B.
-                */
         case ANTENNA_B:
+       default:
                 rt2x00_set_field8(&r4, BBP_R4_RX_ANTENNA_CONTROL, 1);
                 rt2x00_set_field8(&r77, BBP_R77_RX_ANTENNA, 0);
                 break;
@@ -579,10 +739,6 @@ static void rt61pci_config_antenna_2529(struct rt2x00_dev *rt2x00dev,
         rt61pci_bbp_read(rt2x00dev, 4, &r4);
         rt61pci_bbp_read(rt2x00dev, 77, &r77);
  
-       /* FIXME: Antenna selection for the rf 2529 is very confusing in the
-        * legacy driver. The code below should be ok for non-diversity setups.
-        */
-
         /*
          * Configure the RX antenna.
          */
@@ -592,15 +748,14 @@ static void rt61pci_config_antenna_2529(struct rt2x00_dev *rt2x00dev,
                 rt2x00_set_field8(&r77, BBP_R77_RX_ANTENNA, 0);
                 rt61pci_config_antenna_2529_rx(rt2x00dev, 0, 0);
                 break;
-       case ANTENNA_SW_DIVERSITY:
         case ANTENNA_HW_DIVERSITY:
                 /*
-                * NOTE: We should never come here because rt2x00lib is
-                * supposed to catch this and send us the correct antenna
-                * explicitely. However we are nog going to bug about this.
-                * Instead, just default to antenna B.
+                * FIXME: Antenna selection for the rf 2529 is very confusing
+                * in the legacy driver. Just default to antenna B until the
+                * legacy code can be properly translated into rt2x00 code.
                  */
         case ANTENNA_B:
+       default:
                 rt2x00_set_field8(&r4, BBP_R4_RX_ANTENNA_CONTROL, 1);
                 rt2x00_set_field8(&r77, BBP_R77_RX_ANTENNA, 3);
                 rt61pci_config_antenna_2529_rx(rt2x00dev, 1, 1);
@@ -643,14 +798,21 @@ static const struct antenna_sel antenna_sel_bg[] = {
         { 98,  { 0x48, 0x48 } },
  };
  
-static void rt61pci_config_antenna(struct rt2x00_dev *rt2x00dev,
-                                  struct antenna_setup *ant)
+static void rt61pci_config_ant(struct rt2x00_dev *rt2x00dev,
+                              struct antenna_setup *ant)
  {
         const struct antenna_sel *sel;
         unsigned int lna;
         unsigned int i;
         u32 reg;
  
+       /*
+        * We should never come here because rt2x00lib is supposed
+        * to catch this and send us the correct antenna explicitely.
+        */
+       BUG_ON(ant->rx == ANTENNA_SW_DIVERSITY ||
+              ant->tx == ANTENNA_SW_DIVERSITY);
+
         if (rt2x00dev->curr_band == IEEE80211_BAND_5GHZ) {
                 sel = antenna_sel_a;
                 lna = test_bit(CONFIG_EXTERNAL_LNA_A, &rt2x00dev->flags);
@@ -671,63 +833,175 @@ static void rt61pci_config_antenna(struct rt2x00_dev *rt2x00dev,
  
         rt2x00pci_register_write(rt2x00dev, PHY_CSR0, reg);
  
-       if (rt2x00_rf(&rt2x00dev->chip, RF5225) ||
-           rt2x00_rf(&rt2x00dev->chip, RF5325))
-               rt61pci_config_antenna_5x(rt2x00dev, ant);
-       else if (rt2x00_rf(&rt2x00dev->chip, RF2527))
-               rt61pci_config_antenna_2x(rt2x00dev, ant);
-       else if (rt2x00_rf(&rt2x00dev->chip, RF2529)) {
-               if (test_bit(CONFIG_DOUBLE_ANTENNA, &rt2x00dev->flags))
-                       rt61pci_config_antenna_2x(rt2x00dev, ant);
-               else
-                       rt61pci_config_antenna_2529(rt2x00dev, ant);
-       }
+       if (rt2x00_rf(&rt2x00dev->chip, RF5225) ||
+           rt2x00_rf(&rt2x00dev->chip, RF5325))
+               rt61pci_config_antenna_5x(rt2x00dev, ant);
+       else if (rt2x00_rf(&rt2x00dev->chip, RF2527))
+               rt61pci_config_antenna_2x(rt2x00dev, ant);
+       else if (rt2x00_rf(&rt2x00dev->chip, RF2529)) {
+               if (test_bit(CONFIG_DOUBLE_ANTENNA, &rt2x00dev->flags))
+                       rt61pci_config_antenna_2x(rt2x00dev, ant);
+               else
+                       rt61pci_config_antenna_2529(rt2x00dev, ant);
+       }
+}
+
+static void rt61pci_config_lna_gain(struct rt2x00_dev *rt2x00dev,
+                                   struct rt2x00lib_conf *libconf)
+{
+       u16 eeprom;
+       short lna_gain = 0;
+
+       if (libconf->conf->channel->band == IEEE80211_BAND_2GHZ) {
+               if (test_bit(CONFIG_EXTERNAL_LNA_BG, &rt2x00dev->flags))
+                       lna_gain += 14;
+
+               rt2x00_eeprom_read(rt2x00dev, EEPROM_RSSI_OFFSET_BG, &eeprom);
+               lna_gain -= rt2x00_get_field16(eeprom, EEPROM_RSSI_OFFSET_BG_1);
+       } else {
+               if (test_bit(CONFIG_EXTERNAL_LNA_A, &rt2x00dev->flags))
+                       lna_gain += 14;
+
+               rt2x00_eeprom_read(rt2x00dev, EEPROM_RSSI_OFFSET_A, &eeprom);
+               lna_gain -= rt2x00_get_field16(eeprom, EEPROM_RSSI_OFFSET_A_1);
+       }
+
+       rt2x00dev->lna_gain = lna_gain;
+}
+
+static void rt61pci_config_channel(struct rt2x00_dev *rt2x00dev,
+                                  struct rf_channel *rf, const int txpower)
+{
+       u8 r3;
+       u8 r94;
+       u8 smart;
+
+       rt2x00_set_field32(&rf->rf3, RF3_TXPOWER, TXPOWER_TO_DEV(txpower));
+       rt2x00_set_field32(&rf->rf4, RF4_FREQ_OFFSET, rt2x00dev->freq_offset);
+
+       smart = !(rt2x00_rf(&rt2x00dev->chip, RF5225) ||
+                 rt2x00_rf(&rt2x00dev->chip, RF2527));
+
+       rt61pci_bbp_read(rt2x00dev, 3, &r3);
+       rt2x00_set_field8(&r3, BBP_R3_SMART_MODE, smart);
+       rt61pci_bbp_write(rt2x00dev, 3, r3);
+
+       r94 = 6;
+       if (txpower > MAX_TXPOWER && txpower <= (MAX_TXPOWER + r94))
+               r94 += txpower - MAX_TXPOWER;
+       else if (txpower < MIN_TXPOWER && txpower >= (MIN_TXPOWER - r94))
+               r94 += txpower;
+       rt61pci_bbp_write(rt2x00dev, 94, r94);
+
+       rt61pci_rf_write(rt2x00dev, 1, rf->rf1);
+       rt61pci_rf_write(rt2x00dev, 2, rf->rf2);
+       rt61pci_rf_write(rt2x00dev, 3, rf->rf3 & ~0x00000004);
+       rt61pci_rf_write(rt2x00dev, 4, rf->rf4);
+
+       udelay(200);
+
+       rt61pci_rf_write(rt2x00dev, 1, rf->rf1);
+       rt61pci_rf_write(rt2x00dev, 2, rf->rf2);
+       rt61pci_rf_write(rt2x00dev, 3, rf->rf3 | 0x00000004);
+       rt61pci_rf_write(rt2x00dev, 4, rf->rf4);
+
+       udelay(200);
+
+       rt61pci_rf_write(rt2x00dev, 1, rf->rf1);
+       rt61pci_rf_write(rt2x00dev, 2, rf->rf2);
+       rt61pci_rf_write(rt2x00dev, 3, rf->rf3 & ~0x00000004);
+       rt61pci_rf_write(rt2x00dev, 4, rf->rf4);
+
+       msleep(1);
+}
+
+static void rt61pci_config_txpower(struct rt2x00_dev *rt2x00dev,
+                                  const int txpower)
+{
+       struct rf_channel rf;
+
+       rt2x00_rf_read(rt2x00dev, 1, &rf.rf1);
+       rt2x00_rf_read(rt2x00dev, 2, &rf.rf2);
+       rt2x00_rf_read(rt2x00dev, 3, &rf.rf3);
+       rt2x00_rf_read(rt2x00dev, 4, &rf.rf4);
+
+       rt61pci_config_channel(rt2x00dev, &rf, txpower);
  }
  
-static void rt61pci_config_duration(struct rt2x00_dev *rt2x00dev,
+static void rt61pci_config_retry_limit(struct rt2x00_dev *rt2x00dev,
                                     struct rt2x00lib_conf *libconf)
  {
         u32 reg;
  
-       rt2x00pci_register_read(rt2x00dev, MAC_CSR9, &reg);
-       rt2x00_set_field32(&reg, MAC_CSR9_SLOT_TIME, libconf->slot_time);
-       rt2x00pci_register_write(rt2x00dev, MAC_CSR9, reg);
+       rt2x00pci_register_read(rt2x00dev, TXRX_CSR4, &reg);
+       rt2x00_set_field32(&reg, TXRX_CSR4_LONG_RETRY_LIMIT,
+                          libconf->conf->long_frame_max_tx_count);
+       rt2x00_set_field32(&reg, TXRX_CSR4_SHORT_RETRY_LIMIT,
+                          libconf->conf->short_frame_max_tx_count);
+       rt2x00pci_register_write(rt2x00dev, TXRX_CSR4, reg);
+}
  
-       rt2x00pci_register_read(rt2x00dev, MAC_CSR8, &reg);
-       rt2x00_set_field32(&reg, MAC_CSR8_SIFS, libconf->sifs);
-       rt2x00_set_field32(&reg, MAC_CSR8_SIFS_AFTER_RX_OFDM, 3);
-       rt2x00_set_field32(&reg, MAC_CSR8_EIFS, libconf->eifs);
-       rt2x00pci_register_write(rt2x00dev, MAC_CSR8, reg);
+static void rt61pci_config_ps(struct rt2x00_dev *rt2x00dev,
+                               struct rt2x00lib_conf *libconf)
+{
+       enum dev_state state =
+           (libconf->conf->flags & IEEE80211_CONF_PS) ?
+               STATE_SLEEP : STATE_AWAKE;
+       u32 reg;
  
-       rt2x00pci_register_read(rt2x00dev, TXRX_CSR0, &reg);
-       rt2x00_set_field32(&reg, TXRX_CSR0_TSF_OFFSET, IEEE80211_HEADER);
-       rt2x00pci_register_write(rt2x00dev, TXRX_CSR0, reg);
+       if (state == STATE_SLEEP) {
+               rt2x00pci_register_read(rt2x00dev, MAC_CSR11, &reg);
+               rt2x00_set_field32(&reg, MAC_CSR11_DELAY_AFTER_TBCN,
+                                  rt2x00dev->beacon_int - 10);
+               rt2x00_set_field32(&reg, MAC_CSR11_TBCN_BEFORE_WAKEUP,
+                                  libconf->conf->listen_interval - 1);
+               rt2x00_set_field32(&reg, MAC_CSR11_WAKEUP_LATENCY, 5);
  
-       rt2x00pci_register_read(rt2x00dev, TXRX_CSR4, &reg);
-       rt2x00_set_field32(&reg, TXRX_CSR4_AUTORESPOND_ENABLE, 1);
-       rt2x00pci_register_write(rt2x00dev, TXRX_CSR4, reg);
+               /* We must first disable autowake before it can be enabled */
+               rt2x00_set_field32(&reg, MAC_CSR11_AUTOWAKE, 0);
+               rt2x00pci_register_write(rt2x00dev, MAC_CSR11, reg);
  
-       rt2x00pci_register_read(rt2x00dev, TXRX_CSR9, &reg);
-       rt2x00_set_field32(&reg, TXRX_CSR9_BEACON_INTERVAL,
-                          libconf->conf->beacon_int * 16);
-       rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, reg);
+               rt2x00_set_field32(&reg, MAC_CSR11_AUTOWAKE, 1);
+               rt2x00pci_register_write(rt2x00dev, MAC_CSR11, reg);
+
+               rt2x00pci_register_write(rt2x00dev, SOFT_RESET_CSR, 0x00000005);
+               rt2x00pci_register_write(rt2x00dev, IO_CNTL_CSR, 0x0000001c);
+               rt2x00pci_register_write(rt2x00dev, PCI_USEC_CSR, 0x00000060);
+
+               rt61pci_mcu_request(rt2x00dev, MCU_SLEEP, 0xff, 0, 0);
+       } else {
+               rt2x00pci_register_read(rt2x00dev, MAC_CSR11, &reg);
+               rt2x00_set_field32(&reg, MAC_CSR11_DELAY_AFTER_TBCN, 0);
+               rt2x00_set_field32(&reg, MAC_CSR11_TBCN_BEFORE_WAKEUP, 0);
+               rt2x00_set_field32(&reg, MAC_CSR11_AUTOWAKE, 0);
+               rt2x00_set_field32(&reg, MAC_CSR11_WAKEUP_LATENCY, 0);
+               rt2x00pci_register_write(rt2x00dev, MAC_CSR11, reg);
+
+               rt2x00pci_register_write(rt2x00dev, SOFT_RESET_CSR, 0x00000007);
+               rt2x00pci_register_write(rt2x00dev, IO_CNTL_CSR, 0x00000018);
+               rt2x00pci_register_write(rt2x00dev, PCI_USEC_CSR, 0x00000020);
+
+               rt61pci_mcu_request(rt2x00dev, MCU_WAKEUP, 0xff, 0, 0);
+       }
  }
  
  static void rt61pci_config(struct rt2x00_dev *rt2x00dev,
                            struct rt2x00lib_conf *libconf,
                            const unsigned int flags)
  {
-       if (flags & CONFIG_UPDATE_PHYMODE)
-               rt61pci_config_phymode(rt2x00dev, libconf->basic_rates);
-       if (flags & CONFIG_UPDATE_CHANNEL)
+       /* Always recalculate LNA gain before changing configuration */
+       rt61pci_config_lna_gain(rt2x00dev, libconf);
+
+       if (flags & IEEE80211_CONF_CHANGE_CHANNEL)
                 rt61pci_config_channel(rt2x00dev, &libconf->rf,
                                        libconf->conf->power_level);
-       if ((flags & CONFIG_UPDATE_TXPOWER) && !(flags & CONFIG_UPDATE_CHANNEL))
+       if ((flags & IEEE80211_CONF_CHANGE_POWER) &&
+           !(flags & IEEE80211_CONF_CHANGE_CHANNEL))
                 rt61pci_config_txpower(rt2x00dev, libconf->conf->power_level);
-       if (flags & CONFIG_UPDATE_ANTENNA)
-               rt61pci_config_antenna(rt2x00dev, &libconf->ant);
-       if (flags & (CONFIG_UPDATE_SLOT_TIME | CONFIG_UPDATE_BEACON_INT))
-               rt61pci_config_duration(rt2x00dev, libconf);
+       if (flags & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
+               rt61pci_config_retry_limit(rt2x00dev, libconf);
+       if (flags & IEEE80211_CONF_CHANGE_PS)
+               rt61pci_config_ps(rt2x00dev, libconf);
  }
  
  /*
@@ -751,25 +1025,32 @@ static void rt61pci_link_stats(struct rt2x00_dev *rt2x00dev,
         qual->false_cca = rt2x00_get_field32(reg, STA_CSR1_FALSE_CCA_ERROR);
  }
  
-static void rt61pci_reset_tuner(struct rt2x00_dev *rt2x00dev)
+static inline void rt61pci_set_vgc(struct rt2x00_dev *rt2x00dev,
+                                  struct link_qual *qual, u8 vgc_level)
+{
+       if (qual->vgc_level != vgc_level) {
+               rt61pci_bbp_write(rt2x00dev, 17, vgc_level);
+               qual->vgc_level = vgc_level;
+               qual->vgc_level_reg = vgc_level;
+       }
+}
+
+static void rt61pci_reset_tuner(struct rt2x00_dev *rt2x00dev,
+                               struct link_qual *qual)
  {
-       rt61pci_bbp_write(rt2x00dev, 17, 0x20);
-       rt2x00dev->link.vgc_level = 0x20;
+       rt61pci_set_vgc(rt2x00dev, qual, 0x20);
  }
  
-static void rt61pci_link_tuner(struct rt2x00_dev *rt2x00dev)
+static void rt61pci_link_tuner(struct rt2x00_dev *rt2x00dev,
+                              struct link_qual *qual, const u32 count)
  {
-       int rssi = rt2x00_get_link_rssi(&rt2x00dev->link);
-       u8 r17;
         u8 up_bound;
         u8 low_bound;
  
-       rt61pci_bbp_read(rt2x00dev, 17, &r17);
-
         /*
          * Determine r17 bounds.
          */
-       if (rt2x00dev->rx_status.band == IEEE80211_BAND_2GHZ) {
+       if (rt2x00dev->rx_status.band == IEEE80211_BAND_5GHZ) {
                 low_bound = 0x28;
                 up_bound = 0x48;
                 if (test_bit(CONFIG_EXTERNAL_LNA_A, &rt2x00dev->flags)) {
@@ -795,38 +1076,32 @@ static void rt61pci_link_tuner(struct rt2x00_dev *rt2x00dev)
         /*
          * Special big-R17 for very short distance
          */
-       if (rssi >= -35) {
-               if (r17 != 0x60)
-                       rt61pci_bbp_write(rt2x00dev, 17, 0x60);
+       if (qual->rssi >= -35) {
+               rt61pci_set_vgc(rt2x00dev, qual, 0x60);
                 return;
         }
  
         /*
          * Special big-R17 for short distance
          */
-       if (rssi >= -58) {
-               if (r17 != up_bound)
-                       rt61pci_bbp_write(rt2x00dev, 17, up_bound);
+       if (qual->rssi >= -58) {
+               rt61pci_set_vgc(rt2x00dev, qual, up_bound);
                 return;
         }
  
         /*
          * Special big-R17 for middle-short distance
          */
-       if (rssi >= -66) {
-               low_bound += 0x10;
-               if (r17 != low_bound)
-                       rt61pci_bbp_write(rt2x00dev, 17, low_bound);
+       if (qual->rssi >= -66) {
+               rt61pci_set_vgc(rt2x00dev, qual, low_bound + 0x10);
                 return;
         }
  
         /*
          * Special mid-R17 for middle distance
          */
-       if (rssi >= -74) {
-               low_bound += 0x08;
-               if (r17 != low_bound)
-                       rt61pci_bbp_write(rt2x00dev, 17, low_bound);
+       if (qual->rssi >= -74) {
+               rt61pci_set_vgc(rt2x00dev, qual, low_bound + 0x08);
                 return;
         }
  
@@ -834,12 +1109,12 @@ static void rt61pci_link_tuner(struct rt2x00_dev *rt2x00dev)
          * Special case: Change up_bound based on the rssi.
          * Lower up_bound when rssi is weaker then -74 dBm.
          */
-       up_bound -= 2 * (-74 - rssi);
+       up_bound -= 2 * (-74 - qual->rssi);
         if (low_bound > up_bound)
                 up_bound = low_bound;
  
-       if (r17 > up_bound) {
-               rt61pci_bbp_write(rt2x00dev, 17, up_bound);
+       if (qual->vgc_level > up_bound) {
+               rt61pci_set_vgc(rt2x00dev, qual, up_bound);
                 return;
         }
  
@@ -849,19 +1124,14 @@ dynamic_cca_tune:
          * r17 does not yet exceed upper limit, continue and base
          * the r17 tuning on the false CCA count.
          */
-       if (rt2x00dev->link.qual.false_cca > 512 && r17 < up_bound) {
-               if (++r17 > up_bound)
-                       r17 = up_bound;
-               rt61pci_bbp_write(rt2x00dev, 17, r17);
-       } else if (rt2x00dev->link.qual.false_cca < 100 && r17 > low_bound) {
-               if (--r17 < low_bound)
-                       r17 = low_bound;
-               rt61pci_bbp_write(rt2x00dev, 17, r17);
-       }
+       if ((qual->false_cca > 512) && (qual->vgc_level < up_bound))
+               rt61pci_set_vgc(rt2x00dev, qual, ++qual->vgc_level);
+       else if ((qual->false_cca < 100) && (qual->vgc_level > low_bound))
+               rt61pci_set_vgc(rt2x00dev, qual, --qual->vgc_level);
  }
  
  /*
- * Firmware name function.
+ * Firmware functions
   */
  static char *rt61pci_get_firmware_name(struct rt2x00_dev *rt2x00dev)
  {
@@ -885,11 +1155,37 @@ static char *rt61pci_get_firmware_name(struct rt2x00_dev *rt2x00dev)
         return fw_name;
  }
  
-/*
- * Initialization functions.
- */
-static int rt61pci_load_firmware(struct rt2x00_dev *rt2x00dev, void *data,
-                                const size_t len)
+static int rt61pci_check_firmware(struct rt2x00_dev *rt2x00dev,
+                                 const u8 *data, const size_t len)
+{
+       u16 fw_crc;
+       u16 crc;
+
+       /*
+        * Only support 8kb firmware files.
+        */
+       if (len != 8192)
+               return FW_BAD_LENGTH;
+
+       /*
+        * The last 2 bytes in the firmware array are the crc checksum itself,
+        * this means that we should never pass those 2 bytes to the crc
+        * algorithm.
+        */
+       fw_crc = (data[len - 2] << 8 | data[len - 1]);
+
+       /*
+        * Use the crc itu-t algorithm.
+        */
+       crc = crc_itu_t(0, data, len - 2);
+       crc = crc_itu_t_byte(crc, 0);
+       crc = crc_itu_t_byte(crc, 0);
+
+       return (fw_crc == crc) ? FW_OK : FW_BAD_CRC;
+}
+
+static int rt61pci_load_firmware(struct rt2x00_dev *rt2x00dev,
+                                const u8 *data, const size_t len)
  {
         int i;
         u32 reg;
@@ -949,6 +1245,11 @@ static int rt61pci_load_firmware(struct rt2x00_dev *rt2x00dev, void *data,
         }
  
         /*
+        * Hardware needs another millisecond before it is ready.
+        */
+       msleep(1);
+
+       /*
          * Reset MAC and BBP registers.
          */
         reg = 0;
@@ -968,52 +1269,52 @@ static int rt61pci_load_firmware(struct rt2x00_dev *rt2x00dev, void *data,
         return 0;
  }
  
-static void rt61pci_init_rxentry(struct rt2x00_dev *rt2x00dev,
-                                struct queue_entry *entry)
+/*
+ * Initialization functions.
+ */
+static bool rt61pci_get_entry_state(struct queue_entry *entry)
  {
-       struct queue_entry_priv_pci_rx *priv_rx = entry->priv_data;
+       struct queue_entry_priv_pci *entry_priv = entry->priv_data;
         u32 word;
  
-       rt2x00_desc_read(priv_rx->desc, 5, &word);
-       rt2x00_set_field32(&word, RXD_W5_BUFFER_PHYSICAL_ADDRESS,
-                          priv_rx->data_dma);
-       rt2x00_desc_write(priv_rx->desc, 5, word);
+       if (entry->queue->qid == QID_RX) {
+               rt2x00_desc_read(entry_priv->desc, 0, &word);
  
-       rt2x00_desc_read(priv_rx->desc, 0, &word);
-       rt2x00_set_field32(&word, RXD_W0_OWNER_NIC, 1);
-       rt2x00_desc_write(priv_rx->desc, 0, word);
+               return rt2x00_get_field32(word, RXD_W0_OWNER_NIC);
+       } else {
+               rt2x00_desc_read(entry_priv->desc, 0, &word);
+
+               return (rt2x00_get_field32(word, TXD_W0_OWNER_NIC) ||
+                       rt2x00_get_field32(word, TXD_W0_VALID));
+       }
  }
  
-static void rt61pci_init_txentry(struct rt2x00_dev *rt2x00dev,
-                                struct queue_entry *entry)
+static void rt61pci_clear_entry(struct queue_entry *entry)
  {
-       struct queue_entry_priv_pci_tx *priv_tx = entry->priv_data;
+       struct queue_entry_priv_pci *entry_priv = entry->priv_data;
+       struct skb_frame_desc *skbdesc = get_skb_frame_desc(entry->skb);
         u32 word;
  
-       rt2x00_desc_read(priv_tx->desc, 1, &word);
-       rt2x00_set_field32(&word, TXD_W1_BUFFER_COUNT, 1);
-       rt2x00_desc_write(priv_tx->desc, 1, word);
-
-       rt2x00_desc_read(priv_tx->desc, 5, &word);
-       rt2x00_set_field32(&word, TXD_W5_PID_TYPE, entry->queue->qid);
-       rt2x00_set_field32(&word, TXD_W5_PID_SUBTYPE, entry->entry_idx);
-       rt2x00_desc_write(priv_tx->desc, 5, word);
-
-       rt2x00_desc_read(priv_tx->desc, 6, &word);
-       rt2x00_set_field32(&word, TXD_W6_BUFFER_PHYSICAL_ADDRESS,
-                          priv_tx->data_dma);
-       rt2x00_desc_write(priv_tx->desc, 6, word);
+       if (entry->queue->qid == QID_RX) {
+               rt2x00_desc_read(entry_priv->desc, 5, &word);
+               rt2x00_set_field32(&word, RXD_W5_BUFFER_PHYSICAL_ADDRESS,
+                                  skbdesc->skb_dma);
+               rt2x00_desc_write(entry_priv->desc, 5, word);
  
-       rt2x00_desc_read(priv_tx->desc, 0, &word);
-       rt2x00_set_field32(&word, TXD_W0_VALID, 0);
-       rt2x00_set_field32(&word, TXD_W0_OWNER_NIC, 0);
-       rt2x00_desc_write(priv_tx->desc, 0, word);
+               rt2x00_desc_read(entry_priv->desc, 0, &word);
+               rt2x00_set_field32(&word, RXD_W0_OWNER_NIC, 1);
+               rt2x00_desc_write(entry_priv->desc, 0, word);
+       } else {
+               rt2x00_desc_read(entry_priv->desc, 0, &word);
+               rt2x00_set_field32(&word, TXD_W0_VALID, 0);
+               rt2x00_set_field32(&word, TXD_W0_OWNER_NIC, 0);
+               rt2x00_desc_write(entry_priv->desc, 0, word);
+       }
  }
  
  static int rt61pci_init_queues(struct rt2x00_dev *rt2x00dev)
  {
-       struct queue_entry_priv_pci_rx *priv_rx;
-       struct queue_entry_priv_pci_tx *priv_tx;
+       struct queue_entry_priv_pci *entry_priv;
         u32 reg;
  
         /*
@@ -1035,28 +1336,28 @@ static int rt61pci_init_queues(struct rt2x00_dev *rt2x00dev)
                            rt2x00dev->tx[0].desc_size / 4);
         rt2x00pci_register_write(rt2x00dev, TX_RING_CSR1, reg);
  
-       priv_tx = rt2x00dev->tx[0].entries[0].priv_data;
+       entry_priv = rt2x00dev->tx[0].entries[0].priv_data;
         rt2x00pci_register_read(rt2x00dev, AC0_BASE_CSR, &reg);
         rt2x00_set_field32(&reg, AC0_BASE_CSR_RING_REGISTER,
-                          priv_tx->desc_dma);
+                          entry_priv->desc_dma);
         rt2x00pci_register_write(rt2x00dev, AC0_BASE_CSR, reg);
  
-       priv_tx = rt2x00dev->tx[1].entries[0].priv_data;
+       entry_priv = rt2x00dev->tx[1].entries[0].priv_data;
         rt2x00pci_register_read(rt2x00dev, AC1_BASE_CSR, &reg);
         rt2x00_set_field32(&reg, AC1_BASE_CSR_RING_REGISTER,
-                          priv_tx->desc_dma);
+                          entry_priv->desc_dma);
         rt2x00pci_register_write(rt2x00dev, AC1_BASE_CSR, reg);
  
-       priv_tx = rt2x00dev->tx[2].entries[0].priv_data;
+       entry_priv = rt2x00dev->tx[2].entries[0].priv_data;
         rt2x00pci_register_read(rt2x00dev, AC2_BASE_CSR, &reg);
         rt2x00_set_field32(&reg, AC2_BASE_CSR_RING_REGISTER,
-                          priv_tx->desc_dma);
+                          entry_priv->desc_dma);
         rt2x00pci_register_write(rt2x00dev, AC2_BASE_CSR, reg);
  
-       priv_tx = rt2x00dev->tx[3].entries[0].priv_data;
+       entry_priv = rt2x00dev->tx[3].entries[0].priv_data;
         rt2x00pci_register_read(rt2x00dev, AC3_BASE_CSR, &reg);
         rt2x00_set_field32(&reg, AC3_BASE_CSR_RING_REGISTER,
-                          priv_tx->desc_dma);
+                          entry_priv->desc_dma);
         rt2x00pci_register_write(rt2x00dev, AC3_BASE_CSR, reg);
  
         rt2x00pci_register_read(rt2x00dev, RX_RING_CSR, &reg);
@@ -1066,10 +1367,10 @@ static int rt61pci_init_queues(struct rt2x00_dev *rt2x00dev)
         rt2x00_set_field32(&reg, RX_RING_CSR_RXD_WRITEBACK_SIZE, 4);
         rt2x00pci_register_write(rt2x00dev, RX_RING_CSR, reg);
  
-       priv_rx = rt2x00dev->rx->entries[0].priv_data;
+       entry_priv = rt2x00dev->rx->entries[0].priv_data;
         rt2x00pci_register_read(rt2x00dev, RX_BASE_CSR, &reg);
         rt2x00_set_field32(&reg, RX_BASE_CSR_RING_REGISTER,
-                          priv_rx->desc_dma);
+                          entry_priv->desc_dma);
         rt2x00pci_register_write(rt2x00dev, RX_BASE_CSR, reg);
  
         rt2x00pci_register_read(rt2x00dev, TX_DMA_DST_CSR, &reg);
@@ -1154,6 +1455,15 @@ static int rt61pci_init_registers(struct rt2x00_dev *rt2x00dev)
         rt2x00_set_field32(&reg, TXRX_CSR8_ACK_CTS_54MBS, 42);
         rt2x00pci_register_write(rt2x00dev, TXRX_CSR8, reg);
  
+       rt2x00pci_register_read(rt2x00dev, TXRX_CSR9, &reg);
+       rt2x00_set_field32(&reg, TXRX_CSR9_BEACON_INTERVAL, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR9_TSF_TICKING, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR9_TSF_SYNC, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR9_TBTT_ENABLE, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR9_BEACON_GEN, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR9_TIMESTAMP_COMPENSATE, 0);
+       rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, reg);
+
         rt2x00pci_register_write(rt2x00dev, TXRX_CSR15, 0x0000000f);
  
         rt2x00pci_register_write(rt2x00dev, MAC_CSR6, 0x00000fff);
@@ -1169,11 +1479,6 @@ static int rt61pci_init_registers(struct rt2x00_dev *rt2x00dev)
  
         rt2x00pci_register_write(rt2x00dev, MAC_CSR13, 0x0000e000);
  
-       rt2x00pci_register_read(rt2x00dev, MAC_CSR14, &reg);
-       rt2x00_set_field32(&reg, MAC_CSR14_ON_PERIOD, 70);
-       rt2x00_set_field32(&reg, MAC_CSR14_OFF_PERIOD, 30);
-       rt2x00pci_register_write(rt2x00dev, MAC_CSR14, reg);
-
         /*
          * Invalidate all Shared Keys (SEC_CSR0),
          * and clear the Shared key Cipher algorithms (SEC_CSR1 & SEC_CSR5)
@@ -1193,16 +1498,6 @@ static int rt61pci_init_registers(struct rt2x00_dev *rt2x00dev)
  
         rt2x00pci_register_write(rt2x00dev, M2H_CMD_DONE_CSR, 0xffffffff);
  
-       rt2x00pci_register_read(rt2x00dev, AC_TXOP_CSR0, &reg);
-       rt2x00_set_field32(&reg, AC_TXOP_CSR0_AC0_TX_OP, 0);
-       rt2x00_set_field32(&reg, AC_TXOP_CSR0_AC1_TX_OP, 0);
-       rt2x00pci_register_write(rt2x00dev, AC_TXOP_CSR0, reg);
-
-       rt2x00pci_register_read(rt2x00dev, AC_TXOP_CSR1, &reg);
-       rt2x00_set_field32(&reg, AC_TXOP_CSR1_AC2_TX_OP, 192);
-       rt2x00_set_field32(&reg, AC_TXOP_CSR1_AC3_TX_OP, 48);
-       rt2x00pci_register_write(rt2x00dev, AC_TXOP_CSR1, reg);
-
         /*
          * Clear all beacons
          * For the Beacon base registers we only need to clear
@@ -1243,25 +1538,32 @@ static int rt61pci_init_registers(struct rt2x00_dev *rt2x00dev)
         return 0;
  }
  
-static int rt61pci_init_bbp(struct rt2x00_dev *rt2x00dev)
+static int rt61pci_wait_bbp_ready(struct rt2x00_dev *rt2x00dev)
  {
         unsigned int i;
-       u16 eeprom;
-       u8 reg_id;
         u8 value;
  
         for (i = 0; i < REGISTER_BUSY_COUNT; i++) {
                 rt61pci_bbp_read(rt2x00dev, 0, &value);
                 if ((value != 0xff) && (value != 0x00))
-                       goto continue_csr_init;
-               NOTICE(rt2x00dev, "Waiting for BBP register.\n");
+                       return 0;
                 udelay(REGISTER_BUSY_DELAY);
         }
  
         ERROR(rt2x00dev, "BBP register access failed, aborting.\n");
         return -EACCES;
+}
+
+static int rt61pci_init_bbp(struct rt2x00_dev *rt2x00dev)
+{
+       unsigned int i;
+       u16 eeprom;
+       u8 reg_id;
+       u8 value;
+
+       if (unlikely(rt61pci_wait_bbp_ready(rt2x00dev)))
+               return -EACCES;
  
-continue_csr_init:
         rt61pci_bbp_write(rt2x00dev, 3, 0x00);
         rt61pci_bbp_write(rt2x00dev, 15, 0x30);
         rt61pci_bbp_write(rt2x00dev, 21, 0xc8);
@@ -1310,7 +1612,8 @@ static void rt61pci_toggle_rx(struct rt2x00_dev *rt2x00dev,
  
         rt2x00pci_register_read(rt2x00dev, TXRX_CSR0, &reg);
         rt2x00_set_field32(&reg, TXRX_CSR0_DISABLE_RX,
-                          state == STATE_RADIO_RX_OFF);
+                          (state == STATE_RADIO_RX_OFF) ||
+                          (state == STATE_RADIO_RX_OFF_LINK));
         rt2x00pci_register_write(rt2x00dev, TXRX_CSR0, reg);
  }
  
@@ -1362,17 +1665,10 @@ static int rt61pci_enable_radio(struct rt2x00_dev *rt2x00dev)
         /*
          * Initialize all registers.
          */
-       if (rt61pci_init_queues(rt2x00dev) ||
-           rt61pci_init_registers(rt2x00dev) ||
-           rt61pci_init_bbp(rt2x00dev)) {
-               ERROR(rt2x00dev, "Register initialization failed.\n");
+       if (unlikely(rt61pci_init_queues(rt2x00dev) ||
+                    rt61pci_init_registers(rt2x00dev) ||
+                    rt61pci_init_bbp(rt2x00dev)))
                 return -EIO;
-       }
-
-       /*
-        * Enable interrupts.
-        */
-       rt61pci_toggle_irq(rt2x00dev, STATE_RADIO_IRQ_ON);
  
         /*
          * Enable RX.
@@ -1386,29 +1682,10 @@ static int rt61pci_enable_radio(struct rt2x00_dev *rt2x00dev)
  
  static void rt61pci_disable_radio(struct rt2x00_dev *rt2x00dev)
  {
-       u32 reg;
-
-       rt2x00pci_register_write(rt2x00dev, MAC_CSR10, 0x00001818);
-
-       /*
-        * Disable synchronisation.
-        */
-       rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, 0);
-
-       /*
-        * Cancel RX and TX.
-        */
-       rt2x00pci_register_read(rt2x00dev, TX_CNTL_CSR, &reg);
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC0, 1);
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC1, 1);
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC2, 1);
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC3, 1);
-       rt2x00pci_register_write(rt2x00dev, TX_CNTL_CSR, reg);
-
         /*
-        * Disable interrupts.
+        * Disable power
          */
-       rt61pci_toggle_irq(rt2x00dev, STATE_RADIO_IRQ_OFF);
+       rt2x00pci_register_write(rt2x00dev, MAC_CSR10, 0x00001818);
  }
  
  static int rt61pci_set_state(struct rt2x00_dev *rt2x00dev, enum dev_state state)
@@ -1416,7 +1693,6 @@ static int rt61pci_set_state(struct rt2x00_dev *rt2x00dev, enum dev_state state)
         u32 reg;
         unsigned int i;
         char put_to_sleep;
-       char current_state;
  
         put_to_sleep = (state != STATE_AWAKE);
  
@@ -1432,16 +1708,12 @@ static int rt61pci_set_state(struct rt2x00_dev *rt2x00dev, enum dev_state state)
          */
         for (i = 0; i < REGISTER_BUSY_COUNT; i++) {
                 rt2x00pci_register_read(rt2x00dev, MAC_CSR12, &reg);
-               current_state =
-                   rt2x00_get_field32(reg, MAC_CSR12_BBP_CURRENT_STATE);
-               if (current_state == !put_to_sleep)
+               state = rt2x00_get_field32(reg, MAC_CSR12_BBP_CURRENT_STATE);
+               if (state == !put_to_sleep)
                         return 0;
                 msleep(10);
         }
  
-       NOTICE(rt2x00dev, "Device failed to enter state %d, "
-              "current device state %d.\n", !put_to_sleep, current_state);
-
         return -EBUSY;
  }
  
@@ -1459,11 +1731,13 @@ static int rt61pci_set_device_state(struct rt2x00_dev *rt2x00dev,
                 break;
         case STATE_RADIO_RX_ON:
         case STATE_RADIO_RX_ON_LINK:
-               rt61pci_toggle_rx(rt2x00dev, STATE_RADIO_RX_ON);
-               break;
         case STATE_RADIO_RX_OFF:
         case STATE_RADIO_RX_OFF_LINK:
-               rt61pci_toggle_rx(rt2x00dev, STATE_RADIO_RX_OFF);
+               rt61pci_toggle_rx(rt2x00dev, state);
+               break;
+       case STATE_RADIO_IRQ_ON:
+       case STATE_RADIO_IRQ_OFF:
+               rt61pci_toggle_irq(rt2x00dev, state);
                 break;
         case STATE_DEEP_SLEEP:
         case STATE_SLEEP:
@@ -1476,6 +1750,10 @@ static int rt61pci_set_device_state(struct rt2x00_dev *rt2x00dev,
                 break;
         }
  
+       if (unlikely(retval))
+               ERROR(rt2x00dev, "Device failed to enter state %d (%d).\n",
+                     state, retval);
+
         return retval;
  }
  
@@ -1483,9 +1761,8 @@ static int rt61pci_set_device_state(struct rt2x00_dev *rt2x00dev,
   * TX descriptor initialization
   */
  static void rt61pci_write_tx_desc(struct rt2x00_dev *rt2x00dev,
-                                   struct sk_buff *skb,
-                                   struct txentry_desc *txdesc,
-                                   struct ieee80211_tx_control *control)
+                                 struct sk_buff *skb,
+                                 struct txentry_desc *txdesc)
  {
         struct skb_frame_desc *skbdesc = get_skb_frame_desc(skb);
         __le32 *txd = skbdesc->desc;
@@ -1499,8 +1776,10 @@ static void rt61pci_write_tx_desc(struct rt2x00_dev *rt2x00dev,
         rt2x00_set_field32(&word, TXD_W1_AIFSN, txdesc->aifs);
         rt2x00_set_field32(&word, TXD_W1_CWMIN, txdesc->cw_min);
         rt2x00_set_field32(&word, TXD_W1_CWMAX, txdesc->cw_max);
-       rt2x00_set_field32(&word, TXD_W1_IV_OFFSET, IEEE80211_HEADER);
-       rt2x00_set_field32(&word, TXD_W1_HW_SEQUENCE, 1);
+       rt2x00_set_field32(&word, TXD_W1_IV_OFFSET, txdesc->iv_offset);
+       rt2x00_set_field32(&word, TXD_W1_HW_SEQUENCE,
+                          test_bit(ENTRY_TXD_GENERATE_SEQ, &txdesc->flags));
+       rt2x00_set_field32(&word, TXD_W1_BUFFER_COUNT, 1);
         rt2x00_desc_write(txd, 1, word);
  
         rt2x00_desc_read(txd, 2, &word);
@@ -1510,15 +1789,28 @@ static void rt61pci_write_tx_desc(struct rt2x00_dev *rt2x00dev,
         rt2x00_set_field32(&word, TXD_W2_PLCP_LENGTH_HIGH, txdesc->length_high);
         rt2x00_desc_write(txd, 2, word);
  
+       if (test_bit(ENTRY_TXD_ENCRYPT, &txdesc->flags)) {
+               _rt2x00_desc_write(txd, 3, skbdesc->iv[0]);
+               _rt2x00_desc_write(txd, 4, skbdesc->iv[1]);
+       }
+
         rt2x00_desc_read(txd, 5, &word);
+       rt2x00_set_field32(&word, TXD_W5_PID_TYPE, skbdesc->entry->queue->qid);
+       rt2x00_set_field32(&word, TXD_W5_PID_SUBTYPE,
+                          skbdesc->entry->entry_idx);
         rt2x00_set_field32(&word, TXD_W5_TX_POWER,
                            TXPOWER_TO_DEV(rt2x00dev->tx_power));
         rt2x00_set_field32(&word, TXD_W5_WAITING_DMA_DONE_INT, 1);
         rt2x00_desc_write(txd, 5, word);
  
+       rt2x00_desc_read(txd, 6, &word);
+       rt2x00_set_field32(&word, TXD_W6_BUFFER_PHYSICAL_ADDRESS,
+                          skbdesc->skb_dma);
+       rt2x00_desc_write(txd, 6, word);
+
         if (skbdesc->desc_len > TXINFO_SIZE) {
                 rt2x00_desc_read(txd, 11, &word);
-               rt2x00_set_field32(&word, TXD_W11_BUFFER_LENGTH0, skbdesc->data_len);
+               rt2x00_set_field32(&word, TXD_W11_BUFFER_LENGTH0, skb->len);
                 rt2x00_desc_write(txd, 11, word);
         }
  
@@ -1532,28 +1824,66 @@ static void rt61pci_write_tx_desc(struct rt2x00_dev *rt2x00dev,
         rt2x00_set_field32(&word, TXD_W0_TIMESTAMP,
                            test_bit(ENTRY_TXD_REQ_TIMESTAMP, &txdesc->flags));
         rt2x00_set_field32(&word, TXD_W0_OFDM,
-                          test_bit(ENTRY_TXD_OFDM_RATE, &txdesc->flags));
+                          (txdesc->rate_mode == RATE_MODE_OFDM));
         rt2x00_set_field32(&word, TXD_W0_IFS, txdesc->ifs);
         rt2x00_set_field32(&word, TXD_W0_RETRY_MODE,
-                          !!(control->flags &
-                             IEEE80211_TXCTL_LONG_RETRY_LIMIT));
-       rt2x00_set_field32(&word, TXD_W0_TKIP_MIC, 0);
-       rt2x00_set_field32(&word, TXD_W0_DATABYTE_COUNT, skbdesc->data_len);
+                          test_bit(ENTRY_TXD_RETRY_MODE, &txdesc->flags));
+       rt2x00_set_field32(&word, TXD_W0_TKIP_MIC,
+                          test_bit(ENTRY_TXD_ENCRYPT_MMIC, &txdesc->flags));
+       rt2x00_set_field32(&word, TXD_W0_KEY_TABLE,
+                          test_bit(ENTRY_TXD_ENCRYPT_PAIRWISE, &txdesc->flags));
+       rt2x00_set_field32(&word, TXD_W0_KEY_INDEX, txdesc->key_idx);
+       rt2x00_set_field32(&word, TXD_W0_DATABYTE_COUNT, skb->len);
         rt2x00_set_field32(&word, TXD_W0_BURST,
                            test_bit(ENTRY_TXD_BURST, &txdesc->flags));
-       rt2x00_set_field32(&word, TXD_W0_CIPHER_ALG, CIPHER_NONE);
+       rt2x00_set_field32(&word, TXD_W0_CIPHER_ALG, txdesc->cipher);
         rt2x00_desc_write(txd, 0, word);
  }
  
  /*
   * TX data initialization
   */
+static void rt61pci_write_beacon(struct queue_entry *entry)
+{
+       struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
+       struct skb_frame_desc *skbdesc = get_skb_frame_desc(entry->skb);
+       unsigned int beacon_base;
+       u32 reg;
+
+       /*
+        * Disable beaconing while we are reloading the beacon data,
+        * otherwise we might be sending out invalid data.
+        */
+       rt2x00pci_register_read(rt2x00dev, TXRX_CSR9, &reg);
+       rt2x00_set_field32(&reg, TXRX_CSR9_TSF_TICKING, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR9_TBTT_ENABLE, 0);
+       rt2x00_set_field32(&reg, TXRX_CSR9_BEACON_GEN, 0);
+       rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, reg);
+
+       /*
+        * Write entire beacon with descriptor to register.
+        */
+       beacon_base = HW_BEACON_OFFSET(entry->entry_idx);
+       rt2x00pci_register_multiwrite(rt2x00dev,
+                                     beacon_base,
+                                     skbdesc->desc, skbdesc->desc_len);
+       rt2x00pci_register_multiwrite(rt2x00dev,
+                                     beacon_base + skbdesc->desc_len,
+                                     entry->skb->data, entry->skb->len);
+
+       /*
+        * Clean up beacon skb.
+        */
+       dev_kfree_skb_any(entry->skb);
+       entry->skb = NULL;
+}
+
  static void rt61pci_kick_tx_queue(struct rt2x00_dev *rt2x00dev,
-                                 const unsigned int queue)
+                                 const enum data_queue_qid queue)
  {
         u32 reg;
  
-       if (queue == RT2X00_BCN_QUEUE_BEACON) {
+       if (queue == QID_BEACON) {
                 /*
                  * For Wi-Fi faily generated beacons between participating
                  * stations. Set TBTT phase adaptive adjustment step to 8us.
@@ -1562,6 +1892,8 @@ static void rt61pci_kick_tx_queue(struct rt2x00_dev *rt2x00dev,
  
                 rt2x00pci_register_read(rt2x00dev, TXRX_CSR9, &reg);
                 if (!rt2x00_get_field32(reg, TXRX_CSR9_BEACON_GEN)) {
+                       rt2x00_set_field32(&reg, TXRX_CSR9_TSF_TICKING, 1);
+                       rt2x00_set_field32(&reg, TXRX_CSR9_TBTT_ENABLE, 1);
                         rt2x00_set_field32(&reg, TXRX_CSR9_BEACON_GEN, 1);
                         rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, reg);
                 }
@@ -1569,14 +1901,28 @@ static void rt61pci_kick_tx_queue(struct rt2x00_dev *rt2x00dev,
         }
  
         rt2x00pci_register_read(rt2x00dev, TX_CNTL_CSR, &reg);
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC0,
-                          (queue == IEEE80211_TX_QUEUE_DATA0));
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC1,
-                          (queue == IEEE80211_TX_QUEUE_DATA1));
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC2,
-                          (queue == IEEE80211_TX_QUEUE_DATA2));
-       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC3,
-                          (queue == IEEE80211_TX_QUEUE_DATA3));
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC0, (queue == QID_AC_BE));
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC1, (queue == QID_AC_BK));
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC2, (queue == QID_AC_VI));
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_KICK_TX_AC3, (queue == QID_AC_VO));
+       rt2x00pci_register_write(rt2x00dev, TX_CNTL_CSR, reg);
+}
+
+static void rt61pci_kill_tx_queue(struct rt2x00_dev *rt2x00dev,
+                                 const enum data_queue_qid qid)
+{
+       u32 reg;
+
+       if (qid == QID_BEACON) {
+               rt2x00pci_register_write(rt2x00dev, TXRX_CSR9, 0);
+               return;
+       }
+
+       rt2x00pci_register_read(rt2x00dev, TX_CNTL_CSR, &reg);
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC0, (qid == QID_AC_BE));
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC1, (qid == QID_AC_BK));
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC2, (qid == QID_AC_VI));
+       rt2x00_set_field32(&reg, TX_CNTL_CSR_ABORT_TX_AC3, (qid == QID_AC_VO));
         rt2x00pci_register_write(rt2x00dev, TX_CNTL_CSR, reg);
  }
  
@@ -1585,67 +1931,97 @@ static void rt61pci_kick_tx_queue(struct rt2x00_dev *rt2x00dev,
   */
  static int rt61pci_agc_to_rssi(struct rt2x00_dev *rt2x00dev, int rxd_w1)
  {
-       u16 eeprom;
-       u8 offset;
+       u8 offset = rt2x00dev->lna_gain;
         u8 lna;
  
         lna = rt2x00_get_field32(rxd_w1, RXD_W1_RSSI_LNA);
         switch (lna) {
         case 3:
-               offset = 90;
+               offset += 90;
                 break;
         case 2:
-               offset = 74;
+               offset += 74;
                 break;
         case 1:
-               offset = 64;
+               offset += 64;
                 break;
         default:
                 return 0;
         }
  
         if (rt2x00dev->rx_status.band == IEEE80211_BAND_5GHZ) {
-               if (test_bit(CONFIG_EXTERNAL_LNA_A, &rt2x00dev->flags))
-                       offset += 14;
-
                 if (lna == 3 || lna == 2)
                         offset += 10;
-
-               rt2x00_eeprom_read(rt2x00dev, EEPROM_RSSI_OFFSET_A, &eeprom);
-               offset -= rt2x00_get_field16(eeprom, EEPROM_RSSI_OFFSET_A_1);
-       } else {
-               if (test_bit(CONFIG_EXTERNAL_LNA_BG, &rt2x00dev->flags))
-                       offset += 14;
-
-               rt2x00_eeprom_read(rt2x00dev, EEPROM_RSSI_OFFSET_BG, &eeprom);
-               offset -= rt2x00_get_field16(eeprom, EEPROM_RSSI_OFFSET_BG_1);
         }
  
         return rt2x00_get_field32(rxd_w1, RXD_W1_RSSI_AGC) * 2 - offset;
  }
  
  static void rt61pci_fill_rxdone(struct queue_entry *entry,
-                               struct rxdone_entry_desc *rxdesc)
+                               struct rxdone_entry_desc *rxdesc)
  {
-       struct queue_entry_priv_pci_rx *priv_rx = entry->priv_data;
+       struct rt2x00_dev *rt2x00dev = entry->queue->rt2x00dev;
+       struct queue_entry_priv_pci *entry_priv = entry->priv_data;
         u32 word0;
         u32 word1;
  
-       rt2x00_desc_read(priv_rx->desc, 0, &word0);
-       rt2x00_desc_read(priv_rx->desc, 1, &word1);
+       rt2x00_desc_read(entry_priv->desc, 0, &word0);
+       rt2x00_desc_read(entry_priv->desc, 1, &word1);
  
-       rxdesc->flags = 0;
         if (rt2x00_get_field32(word0, RXD_W0_CRC_ERROR))
                 rxdesc->flags |= RX_FLAG_FAILED_FCS_CRC;
  
+       if (test_bit(CONFIG_SUPPORT_HW_CRYPTO, &rt2x00dev->flags)) {
+               rxdesc->cipher =
+                   rt2x00_get_field32(word0, RXD_W0_CIPHER_ALG);
+               rxdesc->cipher_status =
+                   rt2x00_get_field32(word0, RXD_W0_CIPHER_ERROR);
+       }
+
+       if (rxdesc->cipher != CIPHER_NONE) {
+               _rt2x00_desc_read(entry_priv->desc, 2, &rxdesc->iv[0]);
+               _rt2x00_desc_read(entry_priv->desc, 3, &rxdesc->iv[1]);
+               rxdesc->dev_flags |= RXDONE_CRYPTO_IV;
+
+               _rt2x00_desc_read(entry_priv->desc, 4, &rxdesc->icv);
+               rxdesc->dev_flags |= RXDONE_CRYPTO_ICV;
+
+               /*
+                * Hardware has stripped IV/EIV data from 802.11 frame during
+                * decryption. It has provided the data seperately but rt2x00lib
+                * should decide if it should be reinserted.
+                */
+               rxdesc->flags |= RX_FLAG_IV_STRIPPED;
+
+               /*
+                * FIXME: Legacy driver indicates that the frame does
+                * contain the Michael Mic. Unfortunately, in rt2x00
+                * the MIC seems to be missing completely...
+                */
+               rxdesc->flags |= RX_FLAG_MMIC_STRIPPED;
+
+               if (rxdesc->cipher_status == RX_CRYPTO_SUCCESS)
+                       rxdesc->flags |= RX_FLAG_DECRYPTED;
+               else if (rxdesc->cipher_status == RX_CRYPTO_FAIL_MIC)
+                       rxdesc->flags |= RX_FLAG_MMIC_ERROR;
+       }
+
         /*
          * Obtain the status about this packet.
+        * When frame was received with an OFDM bitrate,
+        * the signal is the PLCP value. If it was received with
+        * a CCK bitrate the signal is the rate in 100kbit/s.
          */
         rxdesc->signal = rt2x00_get_field32(word1, RXD_W1_SIGNAL);
-       rxdesc->rssi = rt61pci_agc_to_rssi(entry->queue->rt2x00dev, word1);
-       rxdesc->ofdm = rt2x00_get_field32(word0, RXD_W0_OFDM);
+       rxdesc->rssi = rt61pci_agc_to_rssi(rt2x00dev, word1);
         rxdesc->size = rt2x00_get_field32(word0, RXD_W0_DATABYTE_COUNT);
-       rxdesc->my_bss = !!rt2x00_get_field32(word0, RXD_W0_MY_BSS);
+
+       if (rt2x00_get_field32(word0, RXD_W0_OFDM))
+               rxdesc->dev_flags |= RXDONE_SIGNAL_PLCP;
+       else
+               rxdesc->dev_flags |= RXDONE_SIGNAL_BITRATE;
+       if (rt2x00_get_field32(word0, RXD_W0_MY_BSS))
+               rxdesc->dev_flags |= RXDONE_MY_BSS;
  }
  
  /*
@@ -1656,7 +2032,7 @@ static void rt61pci_txdone(struct rt2x00_dev *rt2x00dev)
         struct data_queue *queue;
         struct queue_entry *entry;
         struct queue_entry *entry_done;
-       struct queue_entry_priv_pci_tx *priv_tx;
+       struct queue_entry_priv_pci *entry_priv;
         struct txdone_entry_desc txdesc;
         u32 word;
         u32 reg;
@@ -1701,8 +2077,8 @@ static void rt61pci_txdone(struct rt2x00_dev *rt2x00dev)
                         continue;
  
                 entry = &queue->entries[index];
-               priv_tx = entry->priv_data;
-               rt2x00_desc_read(priv_tx->desc, 0, &word);
+               entry_priv = entry->priv_data;
+               rt2x00_desc_read(entry_priv->desc, 0, &word);
  
                 if (rt2x00_get_field32(word, TXD_W0_OWNER_NIC) ||
                     !rt2x00_get_field32(word, TXD_W0_VALID))
@@ -1717,20 +2093,31 @@ static void rt61pci_txdone(struct rt2x00_dev *rt2x00dev)
                                 "TX status report missed for entry %d\n",
                                 entry_done->entry_idx);
  
-                       txdesc.status = TX_FAIL_OTHER;
+                       txdesc.flags = 0;
+                       __set_bit(TXDONE_UNKNOWN, &txdesc.flags);
                         txdesc.retry = 0;
  
-                       rt2x00pci_txdone(rt2x00dev, entry_done, &txdesc);
+                       rt2x00lib_txdone(entry_done, &txdesc);
                         entry_done = rt2x00queue_get_entry(queue, Q_INDEX_DONE);
                 }
  
                 /*
                  * Obtain the status about this packet.
                  */
-               txdesc.status = rt2x00_get_field32(reg, STA_CSR4_TX_RESULT);
+               txdesc.flags = 0;
+               switch (rt2x00_get_field32(reg, STA_CSR4_TX_RESULT)) {
+               case 0: /* Success, maybe with retry */
+                       __set_bit(TXDONE_SUCCESS, &txdesc.flags);
+                       break;
+               case 6: /* Failure, excessive retries */
+                       __set_bit(TXDONE_EXCESSIVE_RETRY, &txdesc.flags);
+                       /* Don't break, this is a failed frame! */
+               default: /* Failure */
+                       __set_bit(TXDONE_FAILURE, &txdesc.flags);
+               }
                 txdesc.retry = rt2x00_get_field32(reg, STA_CSR4_RETRY_COUNT);
  
-               rt2x00pci_txdone(rt2x00dev, entry, &txdesc);
+               rt2x00lib_txdone(entry, &txdesc);
         }
  }
  
@@ -1753,7 +2140,7 @@ static irqreturn_t rt61pci_interrupt(int irq, void *dev_instance)
         if (!reg && !reg_mcu)
                 return IRQ_NONE;
  
-       if (!test_bit(DEVICE_ENABLED_RADIO, &rt2x00dev->flags))
+       if (!test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags))
                 return IRQ_HANDLED;
  
         /*
@@ -1815,10 +2202,8 @@ static int rt61pci_validate_eeprom(struct rt2x00_dev *rt2x00dev)
          */
         mac = rt2x00_eeprom_addr(rt2x00dev, EEPROM_MAC_ADDR_0);
         if (!is_valid_ether_addr(mac)) {
-               DECLARE_MAC_BUF(macbuf);
-
                 random_ether_addr(mac);
-               EEPROM(rt2x00dev, "MAC: %s\n", print_mac(macbuf, mac));
+               EEPROM(rt2x00dev, "MAC: %pM\n", mac);
         }
  
         rt2x00_eeprom_read(rt2x00dev, EEPROM_ANTENNA, &word);
@@ -1840,7 +2225,8 @@ static int rt61pci_validate_eeprom(struct rt2x00_dev *rt2x00dev)
         if (word == 0xffff) {
                 rt2x00_set_field16(&word, EEPROM_NIC_ENABLE_DIVERSITY, 0);
                 rt2x00_set_field16(&word, EEPROM_NIC_TX_DIVERSITY, 0);
-               rt2x00_set_field16(&word, EEPROM_NIC_TX_RX_FIXED, 0);
+               rt2x00_set_field16(&word, EEPROM_NIC_RX_FIXED, 0);
+               rt2x00_set_field16(&word, EEPROM_NIC_TX_FIXED, 0);
                 rt2x00_set_field16(&word, EEPROM_NIC_EXTERNAL_LNA_BG, 0);
                 rt2x00_set_field16(&word, EEPROM_NIC_CARDBUS_ACCEL, 0);
                 rt2x00_set_field16(&word, EEPROM_NIC_EXTERNAL_LNA_A, 0);
@@ -1904,7 +2290,6 @@ static int rt61pci_init_eeprom(struct rt2x00_dev *rt2x00dev)
         u32 reg;
         u16 value;
         u16 eeprom;
-       u16 device;
  
         /*
          * Read EEPROM word for configuration.
@@ -1913,14 +2298,10 @@ static int rt61pci_init_eeprom(struct rt2x00_dev *rt2x00dev)
  
         /*
          * Identify RF chipset.
-        * To determine the RT chip we have to read the
-        * PCI header of the device.
          */
-       pci_read_config_word(rt2x00dev_pci(rt2x00dev),
-                            PCI_CONFIG_HEADER_DEVICE, &device);
         value = rt2x00_get_field16(eeprom, EEPROM_ANTENNA_RF_TYPE);
         rt2x00pci_register_read(rt2x00dev, MAC_CSR0, &reg);
-       rt2x00_set_chip(rt2x00dev, device, value, reg);
+       rt2x00_set_chip_rf(rt2x00dev, value, reg);
  
         if (!rt2x00_rf(&rt2x00dev->chip, RF5225) &&
             !rt2x00_rf(&rt2x00dev->chip, RF5325) &&
@@ -1953,10 +2334,8 @@ static int rt61pci_init_eeprom(struct rt2x00_dev *rt2x00dev)
         /*
          * Detect if this device has an hardware controlled radio.
          */
-#ifdef CONFIG_RT61PCI_RFKILL
         if (rt2x00_get_field16(eeprom, EEPROM_ANTENNA_HARDWARE_RADIO))
                 __set_bit(CONFIG_SUPPORT_HW_BUTTON, &rt2x00dev->flags);
-#endif /* CONFIG_RT61PCI_RFKILL */
  
         /*
          * Read frequency offset and RF programming sequence.
@@ -1984,24 +2363,10 @@ static int rt61pci_init_eeprom(struct rt2x00_dev *rt2x00dev)
          */
         if (rt2x00_rf(&rt2x00dev->chip, RF2529) &&
             !test_bit(CONFIG_DOUBLE_ANTENNA, &rt2x00dev->flags)) {
-               switch (rt2x00_get_field16(eeprom, EEPROM_NIC_TX_RX_FIXED)) {
-               case 0:
-                       rt2x00dev->default_ant.tx = ANTENNA_B;
-                       rt2x00dev->default_ant.rx = ANTENNA_A;
-                       break;
-               case 1:
-                       rt2x00dev->default_ant.tx = ANTENNA_B;
-                       rt2x00dev->default_ant.rx = ANTENNA_B;
-                       break;
-               case 2:
-                       rt2x00dev->default_ant.tx = ANTENNA_A;
-                       rt2x00dev->default_ant.rx = ANTENNA_A;
-                       break;
-               case 3:
-                       rt2x00dev->default_ant.tx = ANTENNA_A;
-                       rt2x00dev->default_ant.rx = ANTENNA_B;
-                       break;
-               }
+               rt2x00dev->default_ant.rx =
+                   ANTENNA_A + rt2x00_get_field16(eeprom, EEPROM_NIC_RX_FIXED);
+               rt2x00dev->default_ant.tx =
+                   ANTENNA_B - rt2x00_get_field16(eeprom, EEPROM_NIC_TX_FIXED);
  
                 if (rt2x00_get_field16(eeprom, EEPROM_NIC_TX_DIVERSITY))
                         rt2x00dev->default_ant.tx = ANTENNA_SW_DIVERSITY;
@@ -2014,25 +2379,15 @@ static int rt61pci_init_eeprom(struct rt2x00_dev *rt2x00dev)
          * If the eeprom value is invalid,
          * switch to default led mode.
          */
-#ifdef CONFIG_RT61PCI_LEDS
+#ifdef CONFIG_RT2X00_LIB_LEDS
         rt2x00_eeprom_read(rt2x00dev, EEPROM_LED, &eeprom);
-
         value = rt2x00_get_field16(eeprom, EEPROM_LED_LED_MODE);
  
-       switch (value) {
-       case LED_MODE_TXRX_ACTIVITY:
-       case LED_MODE_ASUS:
-       case LED_MODE_ALPHA:
-       case LED_MODE_DEFAULT:
-               rt2x00dev->led_flags =
-                   LED_SUPPORT_RADIO | LED_SUPPORT_ASSOC;
-               break;
-       case LED_MODE_SIGNAL_STRENGTH:
-               rt2x00dev->led_flags =
-                   LED_SUPPORT_RADIO | LED_SUPPORT_ASSOC |
-                   LED_SUPPORT_QUALITY;
-               break;
-       }
+       rt61pci_init_led(rt2x00dev, &rt2x00dev->led_radio, LED_TYPE_RADIO);
+       rt61pci_init_led(rt2x00dev, &rt2x00dev->led_assoc, LED_TYPE_ASSOC);
+       if (value == LED_MODE_SIGNAL_STRENGTH)
+               rt61pci_init_led(rt2x00dev, &rt2x00dev->led_qual,
+                                LED_TYPE_QUALITY);
  
         rt2x00_set_field16(&rt2x00dev->led_mcu_reg, MCU_LEDCS_LED_MODE, value);
         rt2x00_set_field16(&rt2x00dev->led_mcu_reg, MCU_LEDCS_POLARITY_GPIO_0,
@@ -2058,7 +2413,7 @@ static int rt61pci_init_eeprom(struct rt2x00_dev *rt2x00dev)
         rt2x00_set_field16(&rt2x00dev->led_mcu_reg, MCU_LEDCS_POLARITY_READY_A,
                            rt2x00_get_field16(eeprom,
                                               EEPROM_LED_POLARITY_RDY_A));
-#endif /* CONFIG_RT61PCI_LEDS */
+#endif /* CONFIG_RT2X00_LIB_LEDS */
  
         return 0;
  }
@@ -2177,43 +2532,33 @@ static const struct rf_channel rf_vals_seq[] = {
         { 46, 0x00002ccc, 0x000049a6, 0x0009be55, 0x000c0a23 },
  };
  
-static void rt61pci_probe_hw_mode(struct rt2x00_dev *rt2x00dev)
+static int rt61pci_probe_hw_mode(struct rt2x00_dev *rt2x00dev)
  {
         struct hw_mode_spec *spec = &rt2x00dev->spec;
-       u8 *txpower;
+       struct channel_info *info;
+       char *tx_power;
         unsigned int i;
  
         /*
          * Initialize all hw fields.
          */
         rt2x00dev->hw->flags =
-           IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE |
-           IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING;
+           IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING |
+           IEEE80211_HW_SIGNAL_DBM |
+           IEEE80211_HW_SUPPORTS_PS |
+           IEEE80211_HW_PS_NULLFUNC_STACK;
         rt2x00dev->hw->extra_tx_headroom = 0;
-       rt2x00dev->hw->max_signal = MAX_SIGNAL;
-       rt2x00dev->hw->max_rssi = MAX_RX_SSI;
-       rt2x00dev->hw->queues = 4;
  
-       SET_IEEE80211_DEV(rt2x00dev->hw, &rt2x00dev_pci(rt2x00dev)->dev);
+       SET_IEEE80211_DEV(rt2x00dev->hw, rt2x00dev->dev);
         SET_IEEE80211_PERM_ADDR(rt2x00dev->hw,
                                 rt2x00_eeprom_addr(rt2x00dev,
                                                    EEPROM_MAC_ADDR_0));
  
         /*
-        * Convert tx_power array in eeprom.
-        */
-       txpower = rt2x00_eeprom_addr(rt2x00dev, EEPROM_TXPOWER_G_START);
-       for (i = 0; i < 14; i++)
-               txpower[i] = TXPOWER_FROM_DEV(txpower[i]);
-
-       /*
          * Initialize hw_mode information.
          */
-       spec->num_modes = 2;
-       spec->num_rates = 12;
-       spec->tx_power_a = NULL;
-       spec->tx_power_bg = txpower;
-       spec->tx_power_default = DEFAULT_TXPOWER;
+       spec->supported_bands = SUPPORT_BAND_2GHZ;
+       spec->supported_rates = SUPPORT_RATE_CCK | SUPPORT_RATE_OFDM;
  
         if (!test_bit(CONFIG_RF_SEQUENCE, &rt2x00dev->flags)) {
                 spec->num_channels = 14;
@@ -2225,15 +2570,30 @@ static void rt61pci_probe_hw_mode(struct rt2x00_dev *rt2x00dev)
  
         if (rt2x00_rf(&rt2x00dev->chip, RF5225) ||
             rt2x00_rf(&rt2x00dev->chip, RF5325)) {
-               spec->num_modes = 3;
+               spec->supported_bands |= SUPPORT_BAND_5GHZ;
                 spec->num_channels = ARRAY_SIZE(rf_vals_seq);
+       }
+
+       /*
+        * Create channel information array
+        */
+       info = kzalloc(spec->num_channels * sizeof(*info), GFP_KERNEL);
+       if (!info)
+               return -ENOMEM;
+
+       spec->channels_info = info;
  
-               txpower = rt2x00_eeprom_addr(rt2x00dev, EEPROM_TXPOWER_A_START);
-               for (i = 0; i < 14; i++)
-                       txpower[i] = TXPOWER_FROM_DEV(txpower[i]);
+       tx_power = rt2x00_eeprom_addr(rt2x00dev, EEPROM_TXPOWER_G_START);
+       for (i = 0; i < 14; i++)
+               info[i].tx_power1 = TXPOWER_FROM_DEV(tx_power[i]);
  
-               spec->tx_power_a = txpower;
+       if (spec->num_channels > 14) {
+               tx_power = rt2x00_eeprom_addr(rt2x00dev, EEPROM_TXPOWER_A_START);
+               for (i = 14; i < spec->num_channels; i++)
+                       info[i].tx_power1 = TXPOWER_FROM_DEV(tx_power[i]);
         }
+
+       return 0;
  }
  
  static int rt61pci_probe_hw(struct rt2x00_dev *rt2x00dev)
@@ -2254,13 +2614,17 @@ static int rt61pci_probe_hw(struct rt2x00_dev *rt2x00dev)
         /*
          * Initialize hw specifications.
          */
-       rt61pci_probe_hw_mode(rt2x00dev);
+       retval = rt61pci_probe_hw_mode(rt2x00dev);
+       if (retval)
+               return retval;
  
         /*
-        * This device requires firmware.
+        * This device requires firmware and DMA mapped skbs.
          */
         __set_bit(DRIVER_REQUIRE_FIRMWARE, &rt2x00dev->flags);
-       __set_bit(DRIVER_REQUIRE_FIRMWARE_CRC_ITU_T, &rt2x00dev->flags);
+       __set_bit(DRIVER_REQUIRE_DMA, &rt2x00dev->flags);
+       if (!modparam_nohwcrypt)
+               __set_bit(CONFIG_SUPPORT_HW_CRYPTO, &rt2x00dev->flags);
  
         /*
          * Set the rssi offset.
@@ -2273,81 +2637,59 @@ static int rt61pci_probe_hw(struct rt2x00_dev *rt2x00dev)
  /*
   * IEEE80211 stack callback functions.
   */
-static void rt61pci_configure_filter(struct ieee80211_hw *hw,
-                                    unsigned int changed_flags,
-                                    unsigned int *total_flags,
-                                    int mc_count,
-                                    struct dev_addr_list *mc_list)
+static int rt61pci_conf_tx(struct ieee80211_hw *hw, u16 queue_idx,
+                          const struct ieee80211_tx_queue_params *params)
  {
         struct rt2x00_dev *rt2x00dev = hw->priv;
+       struct data_queue *queue;
+       struct rt2x00_field32 field;
+       int retval;
         u32 reg;
+       u32 offset;
  
         /*
-        * Mask off any flags we are going to ignore from
-        * the total_flags field.
+        * First pass the configuration through rt2x00lib, that will
+        * update the queue settings and validate the input. After that
+        * we are free to update the registers based on the value
+        * in the queue parameter.
          */
-       *total_flags &=
-           FIF_ALLMULTI |
-           FIF_FCSFAIL |
-           FIF_PLCPFAIL |
-           FIF_CONTROL |
-           FIF_OTHER_BSS |
-           FIF_PROMISC_IN_BSS;
+       retval = rt2x00mac_conf_tx(hw, queue_idx, params);
+       if (retval)
+               return retval;
  
         /*
-        * Apply some rules to the filters:
-        * - Some filters imply different filters to be set.
-        * - Some things we can't filter out at all.
+        * We only need to perform additional register initialization
+        * for WMM queues/
          */
-       if (mc_count)
-               *total_flags |= FIF_ALLMULTI;
-       if (*total_flags & FIF_OTHER_BSS ||
-           *total_flags & FIF_PROMISC_IN_BSS)
-               *total_flags |= FIF_PROMISC_IN_BSS | FIF_OTHER_BSS;
+       if (queue_idx >= 4)
+               return 0;
  
-       /*
-        * Check if there is any work left for us.
-        */
-       if (rt2x00dev->packet_filter == *total_flags)
-               return;
-       rt2x00dev->packet_filter = *total_flags;
+       queue = rt2x00queue_get_queue(rt2x00dev, queue_idx);
  
-       /*
-        * Start configuration steps.
-        * Note that the version error will always be dropped
-        * and broadcast frames will always be accepted since
-        * there is no filter for it at this time.
-        */
-       rt2x00pci_register_read(rt2x00dev, TXRX_CSR0, &reg);
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_CRC,
-                          !(*total_flags & FIF_FCSFAIL));
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_PHYSICAL,
-                          !(*total_flags & FIF_PLCPFAIL));
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_CONTROL,
-                          !(*total_flags & FIF_CONTROL));
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_NOT_TO_ME,
-                          !(*total_flags & FIF_PROMISC_IN_BSS));
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_TO_DS,
-                          !(*total_flags & FIF_PROMISC_IN_BSS));
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_VERSION_ERROR, 1);
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_MULTICAST,
-                          !(*total_flags & FIF_ALLMULTI));
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_BROADCAST, 0);
-       rt2x00_set_field32(&reg, TXRX_CSR0_DROP_ACK_CTS,
-                          !(*total_flags & FIF_CONTROL));
-       rt2x00pci_register_write(rt2x00dev, TXRX_CSR0, reg);
-}
+       /* Update WMM TXOP register */
+       offset = AC_TXOP_CSR0 + (sizeof(u32) * (!!(queue_idx & 2)));
+       field.bit_offset = (queue_idx & 1) * 16;
+       field.bit_mask = 0xffff << field.bit_offset;
  
-static int rt61pci_set_retry_limit(struct ieee80211_hw *hw,
-                                  u32 short_retry, u32 long_retry)
-{
-       struct rt2x00_dev *rt2x00dev = hw->priv;
-       u32 reg;
+       rt2x00pci_register_read(rt2x00dev, offset, &reg);
+       rt2x00_set_field32(&reg, field, queue->txop);
+       rt2x00pci_register_write(rt2x00dev, offset, reg);
  
-       rt2x00pci_register_read(rt2x00dev, TXRX_CSR4, &reg);
-       rt2x00_set_field32(&reg, TXRX_CSR4_LONG_RETRY_LIMIT, long_retry);
-       rt2x00_set_field32(&reg, TXRX_CSR4_SHORT_RETRY_LIMIT, short_retry);
-       rt2x00pci_register_write(rt2x00dev, TXRX_CSR4, reg);
+       /* Update WMM registers */
+       field.bit_offset = queue_idx * 4;
+       field.bit_mask = 0xf << field.bit_offset;
+
+       rt2x00pci_register_read(rt2x00dev, AIFSN_CSR, &reg);
+       rt2x00_set_field32(&reg, field, queue->aifs);
+       rt2x00pci_register_write(rt2x00dev, AIFSN_CSR, reg);
+
+       rt2x00pci_register_read(rt2x00dev, CWMIN_CSR, &reg);
+       rt2x00_set_field32(&reg, field, queue->cw_min);
+       rt2x00pci_register_write(rt2x00dev, CWMIN_CSR, reg);
+
+       rt2x00pci_register_read(rt2x00dev, CWMAX_CSR, &reg);
+       rt2x00_set_field32(&reg, field, queue->cw_max);
+       rt2x00pci_register_write(rt2x00dev, CWMAX_CSR, reg);
  
         return 0;
  }
@@ -2366,67 +2708,6 @@ static u64 rt61pci_get_tsf(struct ieee80211_hw *hw)
         return tsf;
  }
  
-static int rt61pci_beacon_update(struct ieee80211_hw *hw, struct sk_buff *skb,
-                         struct ieee80211_tx_control *control)
-{
-       struct rt2x00_dev *rt2x00dev = hw->priv;
-       struct rt2x00_intf *intf = vif_to_intf(control->vif);
-       struct skb_frame_desc *skbdesc;
-       unsigned int beacon_base;
-
-       if (unlikely(!intf->beacon))
-               return -ENOBUFS;
-
-       /*
-        * We need to append the descriptor in front of the
-        * beacon frame.
-        */
-       if (skb_headroom(skb) < intf->beacon->queue->desc_size) {
-               if (pskb_expand_head(skb, intf->beacon->queue->desc_size,
-                                    0, GFP_ATOMIC)) {
-                       dev_kfree_skb(skb);
-                       return -ENOMEM;
-               }
-       }
-
-       /*
-        * Add the descriptor in front of the skb.
-        */
-       skb_push(skb, intf->beacon->queue->desc_size);
-       memset(skb->data, 0, intf->beacon->queue->desc_size);
-
-       /*
-        * Fill in skb descriptor
-        */
-       skbdesc = get_skb_frame_desc(skb);
-       memset(skbdesc, 0, sizeof(*skbdesc));
-       skbdesc->flags |= FRAME_DESC_DRIVER_GENERATED;
-       skbdesc->data = skb->data + intf->beacon->queue->desc_size;
-       skbdesc->data_len = skb->len - intf->beacon->queue->desc_size;
-       skbdesc->desc = skb->data;
-       skbdesc->desc_len = intf->beacon->queue->desc_size;
-       skbdesc->entry = intf->beacon;
-
-       /*
-        * mac80211 doesn't provide the control->queue variable
-        * for beacons. Set our own queue identification so
-        * it can be used during descriptor initialization.
-        */
-       control->queue = RT2X00_BCN_QUEUE_BEACON;
-       rt2x00lib_write_tx_desc(rt2x00dev, skb, control);
-
-       /*
-        * Write entire beacon with descriptor to register,
-        * and kick the beacon generator.
-        */
-       beacon_base = HW_BEACON_OFFSET(intf->beacon->entry_idx);
-       rt2x00pci_register_multiwrite(rt2x00dev, beacon_base,
-                                     skb->data, skb->len);
-       rt61pci_kick_tx_queue(rt2x00dev, control->queue);
-
-       return 0;
-}
-
  static const struct ieee80211_ops rt61pci_mac80211_ops = {
         .tx                     = rt2x00mac_tx,
         .start                  = rt2x00mac_start,
@@ -2434,38 +2715,44 @@ static const struct ieee80211_ops rt61pci_mac80211_ops = {
         .add_interface          = rt2x00mac_add_interface,
         .remove_interface       = rt2x00mac_remove_interface,
         .config                 = rt2x00mac_config,
-       .config_interface       = rt2x00mac_config_interface,
-       .configure_filter       = rt61pci_configure_filter,
+       .configure_filter       = rt2x00mac_configure_filter,
+       .set_tim                = rt2x00mac_set_tim,
+       .set_key                = rt2x00mac_set_key,
         .get_stats              = rt2x00mac_get_stats,
-       .set_retry_limit        = rt61pci_set_retry_limit,
         .bss_info_changed       = rt2x00mac_bss_info_changed,
-       .conf_tx                = rt2x00mac_conf_tx,
+       .conf_tx                = rt61pci_conf_tx,
         .get_tx_stats           = rt2x00mac_get_tx_stats,
         .get_tsf                = rt61pci_get_tsf,
-       .beacon_update          = rt61pci_beacon_update,
+       .rfkill_poll            = rt2x00mac_rfkill_poll,
  };
  
  static const struct rt2x00lib_ops rt61pci_rt2x00_ops = {
         .irq_handler            = rt61pci_interrupt,
         .probe_hw               = rt61pci_probe_hw,
         .get_firmware_name      = rt61pci_get_firmware_name,
+       .check_firmware         = rt61pci_check_firmware,
         .load_firmware          = rt61pci_load_firmware,
         .initialize             = rt2x00pci_initialize,
         .uninitialize           = rt2x00pci_uninitialize,
-       .init_rxentry           = rt61pci_init_rxentry,
-       .init_txentry           = rt61pci_init_txentry,
+       .get_entry_state        = rt61pci_get_entry_state,
+       .clear_entry            = rt61pci_clear_entry,
         .set_device_state       = rt61pci_set_device_state,
         .rfkill_poll            = rt61pci_rfkill_poll,
         .link_stats             = rt61pci_link_stats,
         .reset_tuner            = rt61pci_reset_tuner,
         .link_tuner             = rt61pci_link_tuner,
-       .led_brightness         = rt61pci_led_brightness,
         .write_tx_desc          = rt61pci_write_tx_desc,
         .write_tx_data          = rt2x00pci_write_tx_data,
+       .write_beacon           = rt61pci_write_beacon,
         .kick_tx_queue          = rt61pci_kick_tx_queue,
+       .kill_tx_queue          = rt61pci_kill_tx_queue,
         .fill_rxdone            = rt61pci_fill_rxdone,
+       .config_shared_key      = rt61pci_config_shared_key,
+       .config_pairwise_key    = rt61pci_config_pairwise_key,
+       .config_filter          = rt61pci_config_filter,
         .config_intf            = rt61pci_config_intf,
-       .config_preamble        = rt61pci_config_preamble,
+       .config_erp             = rt61pci_config_erp,
+       .config_ant             = rt61pci_config_ant,
         .config                 = rt61pci_config,
  };
  
@@ -2473,21 +2760,21 @@ static const struct data_queue_desc rt61pci_queue_rx = {
         .entry_num              = RX_ENTRIES,
         .data_size              = DATA_FRAME_SIZE,
         .desc_size              = RXD_DESC_SIZE,
-       .priv_size              = sizeof(struct queue_entry_priv_pci_rx),
+       .priv_size              = sizeof(struct queue_entry_priv_pci),
  };
  
  static const struct data_queue_desc rt61pci_queue_tx = {
         .entry_num              = TX_ENTRIES,
         .data_size              = DATA_FRAME_SIZE,
         .desc_size              = TXD_DESC_SIZE,
-       .priv_size              = sizeof(struct queue_entry_priv_pci_tx),
+       .priv_size              = sizeof(struct queue_entry_priv_pci),
  };
  
  static const struct data_queue_desc rt61pci_queue_bcn = {
         .entry_num              = 4 * BEACON_ENTRIES,
-       .data_size              = MGMT_FRAME_SIZE,
+       .data_size              = 0, /* No DMA required for beacons */
         .desc_size              = TXINFO_SIZE,
-       .priv_size              = sizeof(struct queue_entry_priv_pci_tx),
+       .priv_size              = sizeof(struct queue_entry_priv_pci),
  };
  
  static const struct rt2x00_ops rt61pci_ops = {
@@ -2496,6 +2783,7 @@ static const struct rt2x00_ops rt61pci_ops = {
         .max_ap_intf    = 4,
         .eeprom_size    = EEPROM_SIZE,
         .rf_size        = RF_SIZE,
+       .tx_queues      = NUM_TX_QUEUES,
         .rx             = &rt61pci_queue_rx,
         .tx             = &rt61pci_queue_tx,
         .bcn            = &rt61pci_queue_bcn,