aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/net/ieee80211.h117
-rw-r--r--net/ieee80211/ieee80211_crypt_ccmp.c10
-rw-r--r--net/ieee80211/ieee80211_crypt_tkip.c27
-rw-r--r--net/ieee80211/ieee80211_rx.c32
-rw-r--r--net/ieee80211/ieee80211_tx.c7
5 files changed, 129 insertions, 64 deletions
diff --git a/include/net/ieee80211.h b/include/net/ieee80211.h
index dfc5d65cc6c..ebe7e41e5ea 100644
--- a/include/net/ieee80211.h
+++ b/include/net/ieee80211.h
@@ -33,33 +33,13 @@
33 represents the 2304 bytes of real data, plus a possible 8 bytes of 33 represents the 2304 bytes of real data, plus a possible 8 bytes of
34 WEP IV and ICV. (this interpretation suggested by Ramiro Barreiro) */ 34 WEP IV and ICV. (this interpretation suggested by Ramiro Barreiro) */
35 35
36#define IEEE80211_HLEN 30
37#define IEEE80211_FRAME_LEN (IEEE80211_DATA_LEN + IEEE80211_HLEN)
38
39struct ieee80211_hdr {
40 __le16 frame_ctl;
41 __le16 duration_id;
42 u8 addr1[ETH_ALEN];
43 u8 addr2[ETH_ALEN];
44 u8 addr3[ETH_ALEN];
45 __le16 seq_ctl;
46 u8 addr4[ETH_ALEN];
47} __attribute__ ((packed));
48
49struct ieee80211_hdr_3addr {
50 __le16 frame_ctl;
51 __le16 duration_id;
52 u8 addr1[ETH_ALEN];
53 u8 addr2[ETH_ALEN];
54 u8 addr3[ETH_ALEN];
55 __le16 seq_ctl;
56} __attribute__ ((packed));
57
58#define IEEE80211_1ADDR_LEN 10 36#define IEEE80211_1ADDR_LEN 10
59#define IEEE80211_2ADDR_LEN 16 37#define IEEE80211_2ADDR_LEN 16
60#define IEEE80211_3ADDR_LEN 24 38#define IEEE80211_3ADDR_LEN 24
61#define IEEE80211_4ADDR_LEN 30 39#define IEEE80211_4ADDR_LEN 30
62#define IEEE80211_FCS_LEN 4 40#define IEEE80211_FCS_LEN 4
41#define IEEE80211_HLEN (IEEE80211_4ADDR_LEN)
42#define IEEE80211_FRAME_LEN (IEEE80211_DATA_LEN + IEEE80211_HLEN)
63 43
64#define MIN_FRAG_THRESHOLD 256U 44#define MIN_FRAG_THRESHOLD 256U
65#define MAX_FRAG_THRESHOLD 2346U 45#define MAX_FRAG_THRESHOLD 2346U
@@ -515,6 +495,51 @@ enum ieee80211_mfie {
515 MFIE_TYPE_GENERIC = 221, 495 MFIE_TYPE_GENERIC = 221,
516}; 496};
517 497
498/* Minimal header; can be used for passing 802.11 frames with sufficient
499 * information to determine what type of underlying data type is actually
500 * stored in the data. */
501struct ieee80211_hdr {
502 u16 frame_ctl;
503 u16 duration_id;
504 u8 payload[0];
505} __attribute__ ((packed));
506
507struct ieee80211_hdr_1addr {
508 u16 frame_ctl;
509 u16 duration_id;
510 u8 addr1[ETH_ALEN];
511 u8 payload[0];
512} __attribute__ ((packed));
513
514struct ieee80211_hdr_2addr {
515 u16 frame_ctl;
516 u16 duration_id;
517 u8 addr1[ETH_ALEN];
518 u8 addr2[ETH_ALEN];
519 u8 payload[0];
520} __attribute__ ((packed));
521
522struct ieee80211_hdr_3addr {
523 u16 frame_ctl;
524 u16 duration_id;
525 u8 addr1[ETH_ALEN];
526 u8 addr2[ETH_ALEN];
527 u8 addr3[ETH_ALEN];
528 u16 seq_ctl;
529 u8 payload[0];
530} __attribute__ ((packed));
531
532struct ieee80211_hdr_4addr {
533 u16 frame_ctl;
534 u16 duration_id;
535 u8 addr1[ETH_ALEN];
536 u8 addr2[ETH_ALEN];
537 u8 addr3[ETH_ALEN];
538 u16 seq_ctl;
539 u8 addr4[ETH_ALEN];
540 u8 payload[0];
541} __attribute__ ((packed));
542
518struct ieee80211_info_element { 543struct ieee80211_info_element {
519 u8 id; 544 u8 id;
520 u8 len; 545 u8 len;
@@ -538,7 +563,7 @@ struct ieee80211_info_element {
538 u16 status; 563 u16 status;
539*/ 564*/
540 565
541struct ieee80211_authentication { 566struct ieee80211_auth {
542 struct ieee80211_hdr_3addr header; 567 struct ieee80211_hdr_3addr header;
543 __le16 algorithm; 568 __le16 algorithm;
544 __le16 transaction; 569 __le16 transaction;
@@ -546,6 +571,17 @@ struct ieee80211_authentication {
546 struct ieee80211_info_element info_element[0]; 571 struct ieee80211_info_element info_element[0];
547} __attribute__ ((packed)); 572} __attribute__ ((packed));
548 573
574struct ieee80211_disassoc {
575 struct ieee80211_hdr_3addr header;
576 u16 reason_code;
577 struct ieee80211_info_element info_element[0];
578} __attribute__ ((packed));
579
580struct ieee80211_probe_request {
581 struct ieee80211_hdr_3addr header;
582 struct ieee80211_info_element info_element[0];
583} __attribute__ ((packed));
584
549struct ieee80211_probe_response { 585struct ieee80211_probe_response {
550 struct ieee80211_hdr_3addr header; 586 struct ieee80211_hdr_3addr header;
551 u32 time_stamp[2]; 587 u32 time_stamp[2];
@@ -554,14 +590,25 @@ struct ieee80211_probe_response {
554 struct ieee80211_info_element info_element[0]; 590 struct ieee80211_info_element info_element[0];
555} __attribute__ ((packed)); 591} __attribute__ ((packed));
556 592
557struct ieee80211_assoc_request_frame { 593/* Alias beacon for probe_response */
594#define ieee80211_beacon ieee80211_probe_response
595
596struct ieee80211_assoc_request {
597 struct ieee80211_hdr_3addr header;
598 u16 capability;
599 u16 listen_interval;
600 struct ieee80211_info_element info_element[0];
601} __attribute__ ((packed));
602
603struct ieee80211_reassoc_request {
604 struct ieee80211_hdr_3addr header;
558 __le16 capability; 605 __le16 capability;
559 __le16 listen_interval; 606 __le16 listen_interval;
560 u8 current_ap[ETH_ALEN]; 607 u8 current_ap[ETH_ALEN];
561 struct ieee80211_info_element info_element[0]; 608 struct ieee80211_info_element info_element[0];
562} __attribute__ ((packed)); 609} __attribute__ ((packed));
563 610
564struct ieee80211_assoc_response_frame { 611struct ieee80211_assoc_response {
565 struct ieee80211_hdr_3addr header; 612 struct ieee80211_hdr_3addr header;
566 __le16 capability; 613 __le16 capability;
567 __le16 status; 614 __le16 status;
@@ -572,7 +619,8 @@ struct ieee80211_assoc_response_frame {
572struct ieee80211_txb { 619struct ieee80211_txb {
573 u8 nr_frags; 620 u8 nr_frags;
574 u8 encrypted; 621 u8 encrypted;
575 u16 reserved; 622 u8 rts_included;
623 u8 reserved;
576 u16 frag_size; 624 u16 frag_size;
577 u16 payload_size; 625 u16 payload_size;
578 struct sk_buff *fragments[0]; 626 struct sk_buff *fragments[0];
@@ -803,6 +851,21 @@ extern inline int ieee80211_get_hdrlen(u16 fc)
803 return hdrlen; 851 return hdrlen;
804} 852}
805 853
854extern inline u8 *ieee80211_get_payload(struct ieee80211_hdr *hdr)
855{
856 switch (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl))) {
857 case IEEE80211_1ADDR_LEN:
858 return ((struct ieee80211_hdr_1addr *)hdr)->payload;
859 case IEEE80211_2ADDR_LEN:
860 return ((struct ieee80211_hdr_2addr *)hdr)->payload;
861 case IEEE80211_3ADDR_LEN:
862 return ((struct ieee80211_hdr_3addr *)hdr)->payload;
863 case IEEE80211_4ADDR_LEN:
864 return ((struct ieee80211_hdr_4addr *)hdr)->payload;
865 }
866
867}
868
806/* ieee80211.c */ 869/* ieee80211.c */
807extern void free_ieee80211(struct net_device *dev); 870extern void free_ieee80211(struct net_device *dev);
808extern struct net_device *alloc_ieee80211(int sizeof_priv); 871extern struct net_device *alloc_ieee80211(int sizeof_priv);
@@ -817,7 +880,7 @@ extern void ieee80211_txb_free(struct ieee80211_txb *);
817extern int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, 880extern int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
818 struct ieee80211_rx_stats *rx_stats); 881 struct ieee80211_rx_stats *rx_stats);
819extern void ieee80211_rx_mgt(struct ieee80211_device *ieee, 882extern void ieee80211_rx_mgt(struct ieee80211_device *ieee,
820 struct ieee80211_hdr *header, 883 struct ieee80211_hdr_4addr *header,
821 struct ieee80211_rx_stats *stats); 884 struct ieee80211_rx_stats *stats);
822 885
823/* ieee80211_wx.c */ 886/* ieee80211_wx.c */
diff --git a/net/ieee80211/ieee80211_crypt_ccmp.c b/net/ieee80211/ieee80211_crypt_ccmp.c
index 1e6644b133d..d3b5cdee69e 100644
--- a/net/ieee80211/ieee80211_crypt_ccmp.c
+++ b/net/ieee80211/ieee80211_crypt_ccmp.c
@@ -119,7 +119,7 @@ static inline void xor_block(u8 * b, u8 * a, size_t len)
119} 119}
120 120
121static void ccmp_init_blocks(struct crypto_tfm *tfm, 121static void ccmp_init_blocks(struct crypto_tfm *tfm,
122 struct ieee80211_hdr *hdr, 122 struct ieee80211_hdr_4addr *hdr,
123 u8 * pn, size_t dlen, u8 * b0, u8 * auth, u8 * s0) 123 u8 * pn, size_t dlen, u8 * b0, u8 * auth, u8 * s0)
124{ 124{
125 u8 *pos, qc = 0; 125 u8 *pos, qc = 0;
@@ -196,7 +196,7 @@ static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
196 struct ieee80211_ccmp_data *key = priv; 196 struct ieee80211_ccmp_data *key = priv;
197 int data_len, i, blocks, last, len; 197 int data_len, i, blocks, last, len;
198 u8 *pos, *mic; 198 u8 *pos, *mic;
199 struct ieee80211_hdr *hdr; 199 struct ieee80211_hdr_4addr *hdr;
200 u8 *b0 = key->tx_b0; 200 u8 *b0 = key->tx_b0;
201 u8 *b = key->tx_b; 201 u8 *b = key->tx_b;
202 u8 *e = key->tx_e; 202 u8 *e = key->tx_e;
@@ -229,7 +229,7 @@ static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
229 *pos++ = key->tx_pn[1]; 229 *pos++ = key->tx_pn[1];
230 *pos++ = key->tx_pn[0]; 230 *pos++ = key->tx_pn[0];
231 231
232 hdr = (struct ieee80211_hdr *)skb->data; 232 hdr = (struct ieee80211_hdr_4addr *)skb->data;
233 ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0); 233 ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0);
234 234
235 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN; 235 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
@@ -258,7 +258,7 @@ static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
258{ 258{
259 struct ieee80211_ccmp_data *key = priv; 259 struct ieee80211_ccmp_data *key = priv;
260 u8 keyidx, *pos; 260 u8 keyidx, *pos;
261 struct ieee80211_hdr *hdr; 261 struct ieee80211_hdr_4addr *hdr;
262 u8 *b0 = key->rx_b0; 262 u8 *b0 = key->rx_b0;
263 u8 *b = key->rx_b; 263 u8 *b = key->rx_b;
264 u8 *a = key->rx_a; 264 u8 *a = key->rx_a;
@@ -272,7 +272,7 @@ static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
272 return -1; 272 return -1;
273 } 273 }
274 274
275 hdr = (struct ieee80211_hdr *)skb->data; 275 hdr = (struct ieee80211_hdr_4addr *)skb->data;
276 pos = skb->data + hdr_len; 276 pos = skb->data + hdr_len;
277 keyidx = pos[3]; 277 keyidx = pos[3];
278 if (!(keyidx & (1 << 5))) { 278 if (!(keyidx & (1 << 5))) {
diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c
index 0c495f07e71..f091aacd429 100644
--- a/net/ieee80211/ieee80211_crypt_tkip.c
+++ b/net/ieee80211/ieee80211_crypt_tkip.c
@@ -265,11 +265,11 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
265 struct ieee80211_tkip_data *tkey = priv; 265 struct ieee80211_tkip_data *tkey = priv;
266 int len; 266 int len;
267 u8 rc4key[16], *pos, *icv; 267 u8 rc4key[16], *pos, *icv;
268 struct ieee80211_hdr *hdr; 268 struct ieee80211_hdr_4addr *hdr;
269 u32 crc; 269 u32 crc;
270 struct scatterlist sg; 270 struct scatterlist sg;
271 271
272 hdr = (struct ieee80211_hdr *)skb->data; 272 hdr = (struct ieee80211_hdr_4addr *)skb->data;
273 273
274 if (tkey->ieee->tkip_countermeasures) { 274 if (tkey->ieee->tkip_countermeasures) {
275 if (net_ratelimit()) { 275 if (net_ratelimit()) {
@@ -334,13 +334,13 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
334 u8 keyidx, *pos; 334 u8 keyidx, *pos;
335 u32 iv32; 335 u32 iv32;
336 u16 iv16; 336 u16 iv16;
337 struct ieee80211_hdr *hdr; 337 struct ieee80211_hdr_4addr *hdr;
338 u8 icv[4]; 338 u8 icv[4];
339 u32 crc; 339 u32 crc;
340 struct scatterlist sg; 340 struct scatterlist sg;
341 int plen; 341 int plen;
342 342
343 hdr = (struct ieee80211_hdr *)skb->data; 343 hdr = (struct ieee80211_hdr_4addr *)skb->data;
344 344
345 if (tkey->ieee->tkip_countermeasures) { 345 if (tkey->ieee->tkip_countermeasures) {
346 if (net_ratelimit()) { 346 if (net_ratelimit()) {
@@ -466,9 +466,9 @@ static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr,
466 466
467static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) 467static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr)
468{ 468{
469 struct ieee80211_hdr *hdr11; 469 struct ieee80211_hdr_4addr *hdr11;
470 470
471 hdr11 = (struct ieee80211_hdr *)skb->data; 471 hdr11 = (struct ieee80211_hdr_4addr *)skb->data;
472 switch (le16_to_cpu(hdr11->frame_ctl) & 472 switch (le16_to_cpu(hdr11->frame_ctl) &
473 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) { 473 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
474 case IEEE80211_FCTL_TODS: 474 case IEEE80211_FCTL_TODS:
@@ -517,7 +517,8 @@ static int ieee80211_michael_mic_add(struct sk_buff *skb, int hdr_len,
517 517
518#if WIRELESS_EXT >= 18 518#if WIRELESS_EXT >= 18
519static void ieee80211_michael_mic_failure(struct net_device *dev, 519static void ieee80211_michael_mic_failure(struct net_device *dev,
520 struct ieee80211_hdr *hdr, int keyidx) 520 struct ieee80211_hdr_4addr *hdr,
521 int keyidx)
521{ 522{
522 union iwreq_data wrqu; 523 union iwreq_data wrqu;
523 struct iw_michaelmicfailure ev; 524 struct iw_michaelmicfailure ev;
@@ -537,7 +538,8 @@ static void ieee80211_michael_mic_failure(struct net_device *dev,
537} 538}
538#elif WIRELESS_EXT >= 15 539#elif WIRELESS_EXT >= 15
539static void ieee80211_michael_mic_failure(struct net_device *dev, 540static void ieee80211_michael_mic_failure(struct net_device *dev,
540 struct ieee80211_hdr *hdr, int keyidx) 541 struct ieee80211_hdr_4addr *hdr,
542 int keyidx)
541{ 543{
542 union iwreq_data wrqu; 544 union iwreq_data wrqu;
543 char buf[128]; 545 char buf[128];
@@ -551,9 +553,8 @@ static void ieee80211_michael_mic_failure(struct net_device *dev,
551 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf); 553 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
552} 554}
553#else /* WIRELESS_EXT >= 15 */ 555#else /* WIRELESS_EXT >= 15 */
554static inline void ieee80211_michael_mic_failure(struct net_device *dev, 556static inline void ieee80211_michael_mic_failure(struct net_device *dev, struct ieee80211_hdr_4addr
555 struct ieee80211_hdr *hdr, 557 *hdr, int keyidx)
556 int keyidx)
557{ 558{
558} 559}
559#endif /* WIRELESS_EXT >= 15 */ 560#endif /* WIRELESS_EXT >= 15 */
@@ -572,8 +573,8 @@ static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
572 skb->data + hdr_len, skb->len - 8 - hdr_len, mic)) 573 skb->data + hdr_len, skb->len - 8 - hdr_len, mic))
573 return -1; 574 return -1;
574 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) { 575 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
575 struct ieee80211_hdr *hdr; 576 struct ieee80211_hdr_4addr *hdr;
576 hdr = (struct ieee80211_hdr *)skb->data; 577 hdr = (struct ieee80211_hdr_4addr *)skb->data;
577 printk(KERN_DEBUG "%s: Michael MIC verification failed for " 578 printk(KERN_DEBUG "%s: Michael MIC verification failed for "
578 "MSDU from " MAC_FMT " keyidx=%d\n", 579 "MSDU from " MAC_FMT " keyidx=%d\n",
579 skb->dev ? skb->dev->name : "N/A", MAC_ARG(hdr->addr2), 580 skb->dev ? skb->dev->name : "N/A", MAC_ARG(hdr->addr2),
diff --git a/net/ieee80211/ieee80211_rx.c b/net/ieee80211/ieee80211_rx.c
index 9a125d45289..71d14c7d915 100644
--- a/net/ieee80211/ieee80211_rx.c
+++ b/net/ieee80211/ieee80211_rx.c
@@ -87,7 +87,7 @@ static struct ieee80211_frag_entry *ieee80211_frag_cache_find(struct
87 87
88/* Called only as a tasklet (software IRQ) */ 88/* Called only as a tasklet (software IRQ) */
89static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee, 89static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee,
90 struct ieee80211_hdr *hdr) 90 struct ieee80211_hdr_4addr *hdr)
91{ 91{
92 struct sk_buff *skb = NULL; 92 struct sk_buff *skb = NULL;
93 u16 sc; 93 u16 sc;
@@ -101,7 +101,7 @@ static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee,
101 if (frag == 0) { 101 if (frag == 0) {
102 /* Reserve enough space to fit maximum frame length */ 102 /* Reserve enough space to fit maximum frame length */
103 skb = dev_alloc_skb(ieee->dev->mtu + 103 skb = dev_alloc_skb(ieee->dev->mtu +
104 sizeof(struct ieee80211_hdr) + 104 sizeof(struct ieee80211_hdr_4addr) +
105 8 /* LLC */ + 105 8 /* LLC */ +
106 2 /* alignment */ + 106 2 /* alignment */ +
107 8 /* WEP */ + ETH_ALEN /* WDS */ ); 107 8 /* WEP */ + ETH_ALEN /* WDS */ );
@@ -138,7 +138,7 @@ static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee,
138 138
139/* Called only as a tasklet (software IRQ) */ 139/* Called only as a tasklet (software IRQ) */
140static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee, 140static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee,
141 struct ieee80211_hdr *hdr) 141 struct ieee80211_hdr_4addr *hdr)
142{ 142{
143 u16 sc; 143 u16 sc;
144 unsigned int seq; 144 unsigned int seq;
@@ -176,7 +176,7 @@ ieee80211_rx_frame_mgmt(struct ieee80211_device *ieee, struct sk_buff *skb,
176 ieee->dev->name); 176 ieee->dev->name);
177 return 0; 177 return 0;
178/* 178/*
179 hostap_update_sta_ps(ieee, (struct hostap_ieee80211_hdr *) 179 hostap_update_sta_ps(ieee, (struct hostap_ieee80211_hdr_4addr *)
180 skb->data);*/ 180 skb->data);*/
181 } 181 }
182 182
@@ -232,13 +232,13 @@ static int ieee80211_is_eapol_frame(struct ieee80211_device *ieee,
232{ 232{
233 struct net_device *dev = ieee->dev; 233 struct net_device *dev = ieee->dev;
234 u16 fc, ethertype; 234 u16 fc, ethertype;
235 struct ieee80211_hdr *hdr; 235 struct ieee80211_hdr_3addr *hdr;
236 u8 *pos; 236 u8 *pos;
237 237
238 if (skb->len < 24) 238 if (skb->len < 24)
239 return 0; 239 return 0;
240 240
241 hdr = (struct ieee80211_hdr *)skb->data; 241 hdr = (struct ieee80211_hdr_3addr *)skb->data;
242 fc = le16_to_cpu(hdr->frame_ctl); 242 fc = le16_to_cpu(hdr->frame_ctl);
243 243
244 /* check that the frame is unicast frame to us */ 244 /* check that the frame is unicast frame to us */
@@ -271,13 +271,13 @@ static inline int
271ieee80211_rx_frame_decrypt(struct ieee80211_device *ieee, struct sk_buff *skb, 271ieee80211_rx_frame_decrypt(struct ieee80211_device *ieee, struct sk_buff *skb,
272 struct ieee80211_crypt_data *crypt) 272 struct ieee80211_crypt_data *crypt)
273{ 273{
274 struct ieee80211_hdr *hdr; 274 struct ieee80211_hdr_3addr *hdr;
275 int res, hdrlen; 275 int res, hdrlen;
276 276
277 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL) 277 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL)
278 return 0; 278 return 0;
279 279
280 hdr = (struct ieee80211_hdr *)skb->data; 280 hdr = (struct ieee80211_hdr_3addr *)skb->data;
281 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl)); 281 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
282 282
283 atomic_inc(&crypt->refcnt); 283 atomic_inc(&crypt->refcnt);
@@ -303,13 +303,13 @@ ieee80211_rx_frame_decrypt_msdu(struct ieee80211_device *ieee,
303 struct sk_buff *skb, int keyidx, 303 struct sk_buff *skb, int keyidx,
304 struct ieee80211_crypt_data *crypt) 304 struct ieee80211_crypt_data *crypt)
305{ 305{
306 struct ieee80211_hdr *hdr; 306 struct ieee80211_hdr_3addr *hdr;
307 int res, hdrlen; 307 int res, hdrlen;
308 308
309 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL) 309 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL)
310 return 0; 310 return 0;
311 311
312 hdr = (struct ieee80211_hdr *)skb->data; 312 hdr = (struct ieee80211_hdr_3addr *)skb->data;
313 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl)); 313 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
314 314
315 atomic_inc(&crypt->refcnt); 315 atomic_inc(&crypt->refcnt);
@@ -332,7 +332,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
332 struct ieee80211_rx_stats *rx_stats) 332 struct ieee80211_rx_stats *rx_stats)
333{ 333{
334 struct net_device *dev = ieee->dev; 334 struct net_device *dev = ieee->dev;
335 struct ieee80211_hdr *hdr; 335 struct ieee80211_hdr_4addr *hdr;
336 size_t hdrlen; 336 size_t hdrlen;
337 u16 fc, type, stype, sc; 337 u16 fc, type, stype, sc;
338 struct net_device_stats *stats; 338 struct net_device_stats *stats;
@@ -352,7 +352,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
352 struct ieee80211_crypt_data *crypt = NULL; 352 struct ieee80211_crypt_data *crypt = NULL;
353 int keyidx = 0; 353 int keyidx = 0;
354 354
355 hdr = (struct ieee80211_hdr *)skb->data; 355 hdr = (struct ieee80211_hdr_4addr *)skb->data;
356 stats = &ieee->stats; 356 stats = &ieee->stats;
357 357
358 if (skb->len < 10) { 358 if (skb->len < 10) {
@@ -552,7 +552,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
552 (keyidx = ieee80211_rx_frame_decrypt(ieee, skb, crypt)) < 0) 552 (keyidx = ieee80211_rx_frame_decrypt(ieee, skb, crypt)) < 0)
553 goto rx_dropped; 553 goto rx_dropped;
554 554
555 hdr = (struct ieee80211_hdr *)skb->data; 555 hdr = (struct ieee80211_hdr_4addr *)skb->data;
556 556
557 /* skb: hdr + (possibly fragmented) plaintext payload */ 557 /* skb: hdr + (possibly fragmented) plaintext payload */
558 // PR: FIXME: hostap has additional conditions in the "if" below: 558 // PR: FIXME: hostap has additional conditions in the "if" below:
@@ -606,7 +606,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
606 /* this was the last fragment and the frame will be 606 /* this was the last fragment and the frame will be
607 * delivered, so remove skb from fragment cache */ 607 * delivered, so remove skb from fragment cache */
608 skb = frag_skb; 608 skb = frag_skb;
609 hdr = (struct ieee80211_hdr *)skb->data; 609 hdr = (struct ieee80211_hdr_4addr *)skb->data;
610 ieee80211_frag_cache_invalidate(ieee, hdr); 610 ieee80211_frag_cache_invalidate(ieee, hdr);
611 } 611 }
612 612
@@ -616,7 +616,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
616 ieee80211_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt)) 616 ieee80211_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt))
617 goto rx_dropped; 617 goto rx_dropped;
618 618
619 hdr = (struct ieee80211_hdr *)skb->data; 619 hdr = (struct ieee80211_hdr_4addr *)skb->data;
620 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep) { 620 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep) {
621 if ( /*ieee->ieee802_1x && */ 621 if ( /*ieee->ieee802_1x && */
622 ieee80211_is_eapol_frame(ieee, skb)) { 622 ieee80211_is_eapol_frame(ieee, skb)) {
@@ -1148,7 +1148,7 @@ static inline void ieee80211_process_probe_response(struct ieee80211_device
1148} 1148}
1149 1149
1150void ieee80211_rx_mgt(struct ieee80211_device *ieee, 1150void ieee80211_rx_mgt(struct ieee80211_device *ieee,
1151 struct ieee80211_hdr *header, 1151 struct ieee80211_hdr_4addr *header,
1152 struct ieee80211_rx_stats *stats) 1152 struct ieee80211_rx_stats *stats)
1153{ 1153{
1154 switch (WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl))) { 1154 switch (WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl))) {
diff --git a/net/ieee80211/ieee80211_tx.c b/net/ieee80211/ieee80211_tx.c
index 785e76f7e4e..29770cfefc3 100644
--- a/net/ieee80211/ieee80211_tx.c
+++ b/net/ieee80211/ieee80211_tx.c
@@ -227,14 +227,14 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
227{ 227{
228 struct ieee80211_device *ieee = netdev_priv(dev); 228 struct ieee80211_device *ieee = netdev_priv(dev);
229 struct ieee80211_txb *txb = NULL; 229 struct ieee80211_txb *txb = NULL;
230 struct ieee80211_hdr *frag_hdr; 230 struct ieee80211_hdr_3addr *frag_hdr;
231 int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size; 231 int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size;
232 unsigned long flags; 232 unsigned long flags;
233 struct net_device_stats *stats = &ieee->stats; 233 struct net_device_stats *stats = &ieee->stats;
234 int ether_type, encrypt, host_encrypt; 234 int ether_type, encrypt, host_encrypt;
235 int bytes, fc, hdr_len; 235 int bytes, fc, hdr_len;
236 struct sk_buff *skb_frag; 236 struct sk_buff *skb_frag;
237 struct ieee80211_hdr header = { /* Ensure zero initialized */ 237 struct ieee80211_hdr_3addr header = { /* Ensure zero initialized */
238 .duration_id = 0, 238 .duration_id = 0,
239 .seq_ctl = 0 239 .seq_ctl = 0
240 }; 240 };
@@ -352,7 +352,8 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
352 if (host_encrypt) 352 if (host_encrypt)
353 skb_reserve(skb_frag, crypt->ops->extra_prefix_len); 353 skb_reserve(skb_frag, crypt->ops->extra_prefix_len);
354 354
355 frag_hdr = (struct ieee80211_hdr *)skb_put(skb_frag, hdr_len); 355 frag_hdr =
356 (struct ieee80211_hdr_3addr *)skb_put(skb_frag, hdr_len);
356 memcpy(frag_hdr, &header, hdr_len); 357 memcpy(frag_hdr, &header, hdr_len);
357 358
358 /* If this is not the last fragment, then add the MOREFRAGS 359 /* If this is not the last fragment, then add the MOREFRAGS