aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2011-05-05 17:09:28 -0400
committerDavid S. Miller <davem@davemloft.net>2011-05-05 17:09:28 -0400
commit90864fbc7639d7a2300c67a18c9fb9fbcf7d51d2 (patch)
tree6951c8d0e529dbfc7c4cec75d4cec63350e39b7c /net/mac80211
parent228e548e602061b08ee8e8966f567c12aa079682 (diff)
parenta70171dce9cd44cb06c7d299eba9fa87a8933045 (diff)
Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/aes_ccm.c6
-rw-r--r--net/mac80211/cfg.c15
-rw-r--r--net/mac80211/driver-ops.h18
-rw-r--r--net/mac80211/driver-trace.h27
-rw-r--r--net/mac80211/ibss.c7
-rw-r--r--net/mac80211/ieee80211_i.h3
-rw-r--r--net/mac80211/key.c21
-rw-r--r--net/mac80211/main.c18
-rw-r--r--net/mac80211/mesh.c3
-rw-r--r--net/mac80211/mesh_hwmp.c4
-rw-r--r--net/mac80211/pm.c16
-rw-r--r--net/mac80211/rx.c49
-rw-r--r--net/mac80211/sta_info.c2
-rw-r--r--net/mac80211/status.c8
-rw-r--r--net/mac80211/tx.c15
-rw-r--r--net/mac80211/work.c6
-rw-r--r--net/mac80211/wpa.c62
17 files changed, 147 insertions, 133 deletions
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c
index 4bd6ef0be380..b9b595c08112 100644
--- a/net/mac80211/aes_ccm.c
+++ b/net/mac80211/aes_ccm.c
@@ -54,13 +54,12 @@ void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
54 u8 *cdata, u8 *mic) 54 u8 *cdata, u8 *mic)
55{ 55{
56 int i, j, last_len, num_blocks; 56 int i, j, last_len, num_blocks;
57 u8 *pos, *cpos, *b, *s_0, *e, *b_0, *aad; 57 u8 *pos, *cpos, *b, *s_0, *e, *b_0;
58 58
59 b = scratch; 59 b = scratch;
60 s_0 = scratch + AES_BLOCK_LEN; 60 s_0 = scratch + AES_BLOCK_LEN;
61 e = scratch + 2 * AES_BLOCK_LEN; 61 e = scratch + 2 * AES_BLOCK_LEN;
62 b_0 = scratch + 3 * AES_BLOCK_LEN; 62 b_0 = scratch + 3 * AES_BLOCK_LEN;
63 aad = scratch + 4 * AES_BLOCK_LEN;
64 63
65 num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN); 64 num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN);
66 last_len = data_len % AES_BLOCK_LEN; 65 last_len = data_len % AES_BLOCK_LEN;
@@ -94,13 +93,12 @@ int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
94 u8 *cdata, size_t data_len, u8 *mic, u8 *data) 93 u8 *cdata, size_t data_len, u8 *mic, u8 *data)
95{ 94{
96 int i, j, last_len, num_blocks; 95 int i, j, last_len, num_blocks;
97 u8 *pos, *cpos, *b, *s_0, *a, *b_0, *aad; 96 u8 *pos, *cpos, *b, *s_0, *a, *b_0;
98 97
99 b = scratch; 98 b = scratch;
100 s_0 = scratch + AES_BLOCK_LEN; 99 s_0 = scratch + AES_BLOCK_LEN;
101 a = scratch + 2 * AES_BLOCK_LEN; 100 a = scratch + 2 * AES_BLOCK_LEN;
102 b_0 = scratch + 3 * AES_BLOCK_LEN; 101 b_0 = scratch + 3 * AES_BLOCK_LEN;
103 aad = scratch + 4 * AES_BLOCK_LEN;
104 102
105 num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN); 103 num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_LEN);
106 last_len = data_len % AES_BLOCK_LEN; 104 last_len = data_len % AES_BLOCK_LEN;
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index a9ddaf63ee14..12d52cec9515 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -1633,16 +1633,13 @@ static int ieee80211_set_bitrate_mask(struct wiphy *wiphy,
1633{ 1633{
1634 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1634 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1635 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1635 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1636 int i; 1636 int i, ret;
1637
1638 /*
1639 * This _could_ be supported by providing a hook for
1640 * drivers for this function, but at this point it
1641 * doesn't seem worth bothering.
1642 */
1643 if (local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL)
1644 return -EOPNOTSUPP;
1645 1637
1638 if (local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) {
1639 ret = drv_set_bitrate_mask(local, sdata, mask);
1640 if (ret)
1641 return ret;
1642 }
1646 1643
1647 for (i = 0; i < IEEE80211_NUM_BANDS; i++) 1644 for (i = 0; i < IEEE80211_NUM_BANDS; i++)
1648 sdata->rc_rateidx_mask[i] = mask->control[i].legacy; 1645 sdata->rc_rateidx_mask[i] = mask->control[i].legacy;
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index 00a0685f2403..2ddb56e5b51f 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -565,4 +565,22 @@ static inline bool drv_tx_frames_pending(struct ieee80211_local *local)
565 565
566 return ret; 566 return ret;
567} 567}
568
569static inline int drv_set_bitrate_mask(struct ieee80211_local *local,
570 struct ieee80211_sub_if_data *sdata,
571 const struct cfg80211_bitrate_mask *mask)
572{
573 int ret = -EOPNOTSUPP;
574
575 might_sleep();
576
577 trace_drv_set_bitrate_mask(local, sdata, mask);
578 if (local->ops->set_bitrate_mask)
579 ret = local->ops->set_bitrate_mask(&local->hw,
580 &sdata->vif, mask);
581 trace_drv_return_int(local, ret);
582
583 return ret;
584}
585
568#endif /* __MAC80211_DRIVER_OPS */ 586#endif /* __MAC80211_DRIVER_OPS */
diff --git a/net/mac80211/driver-trace.h b/net/mac80211/driver-trace.h
index c8c934d48b7a..191e834ec46b 100644
--- a/net/mac80211/driver-trace.h
+++ b/net/mac80211/driver-trace.h
@@ -989,6 +989,33 @@ DEFINE_EVENT(local_only_evt, drv_offchannel_tx_cancel_wait,
989 TP_ARGS(local) 989 TP_ARGS(local)
990); 990);
991 991
992TRACE_EVENT(drv_set_bitrate_mask,
993 TP_PROTO(struct ieee80211_local *local,
994 struct ieee80211_sub_if_data *sdata,
995 const struct cfg80211_bitrate_mask *mask),
996
997 TP_ARGS(local, sdata, mask),
998
999 TP_STRUCT__entry(
1000 LOCAL_ENTRY
1001 VIF_ENTRY
1002 __field(u32, legacy_2g)
1003 __field(u32, legacy_5g)
1004 ),
1005
1006 TP_fast_assign(
1007 LOCAL_ASSIGN;
1008 VIF_ASSIGN;
1009 __entry->legacy_2g = mask->control[IEEE80211_BAND_2GHZ].legacy;
1010 __entry->legacy_5g = mask->control[IEEE80211_BAND_5GHZ].legacy;
1011 ),
1012
1013 TP_printk(
1014 LOCAL_PR_FMT VIF_PR_FMT " 2G Mask:0x%x 5G Mask:0x%x",
1015 LOCAL_PR_ARG, VIF_PR_ARG, __entry->legacy_2g, __entry->legacy_5g
1016 )
1017);
1018
992/* 1019/*
993 * Tracing for API calls that drivers call. 1020 * Tracing for API calls that drivers call.
994 */ 1021 */
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 14883966374e..b81860c94698 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -40,7 +40,7 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
40 struct ieee80211_mgmt *mgmt, 40 struct ieee80211_mgmt *mgmt,
41 size_t len) 41 size_t len)
42{ 42{
43 u16 auth_alg, auth_transaction, status_code; 43 u16 auth_alg, auth_transaction;
44 44
45 lockdep_assert_held(&sdata->u.ibss.mtx); 45 lockdep_assert_held(&sdata->u.ibss.mtx);
46 46
@@ -49,7 +49,6 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
49 49
50 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 50 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
51 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 51 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
52 status_code = le16_to_cpu(mgmt->u.auth.status_code);
53 52
54 /* 53 /*
55 * IEEE 802.11 standard does not require authentication in IBSS 54 * IEEE 802.11 standard does not require authentication in IBSS
@@ -527,8 +526,6 @@ static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
527static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) 526static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
528{ 527{
529 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 528 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
530 struct ieee80211_local *local = sdata->local;
531 struct ieee80211_supported_band *sband;
532 u8 bssid[ETH_ALEN]; 529 u8 bssid[ETH_ALEN];
533 u16 capability; 530 u16 capability;
534 int i; 531 int i;
@@ -551,8 +548,6 @@ static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
551 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n", 548 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n",
552 sdata->name, bssid); 549 sdata->name, bssid);
553 550
554 sband = local->hw.wiphy->bands[ifibss->channel->band];
555
556 capability = WLAN_CAPABILITY_IBSS; 551 capability = WLAN_CAPABILITY_IBSS;
557 552
558 if (ifibss->privacy) 553 if (ifibss->privacy)
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index a77849970914..027c0467d7a3 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -766,6 +766,9 @@ struct ieee80211_local {
766 766
767 int tx_headroom; /* required headroom for hardware/radiotap */ 767 int tx_headroom; /* required headroom for hardware/radiotap */
768 768
769 /* count for keys needing tailroom space allocation */
770 int crypto_tx_tailroom_needed_cnt;
771
769 /* Tasklet and skb queue to process calls from IRQ mode. All frames 772 /* Tasklet and skb queue to process calls from IRQ mode. All frames
770 * added to skb_queue will be processed, but frames in 773 * added to skb_queue will be processed, but frames in
771 * skb_queue_unreliable may be dropped if the total length of these 774 * skb_queue_unreliable may be dropped if the total length of these
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index af3c56482c80..b510721e3b3d 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -101,6 +101,11 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
101 101
102 if (!ret) { 102 if (!ret) {
103 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 103 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
104
105 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
106 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
107 key->local->crypto_tx_tailroom_needed_cnt--;
108
104 return 0; 109 return 0;
105 } 110 }
106 111
@@ -156,6 +161,10 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
156 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret); 161 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
157 162
158 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 163 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
164
165 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
166 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
167 key->local->crypto_tx_tailroom_needed_cnt++;
159} 168}
160 169
161void ieee80211_key_removed(struct ieee80211_key_conf *key_conf) 170void ieee80211_key_removed(struct ieee80211_key_conf *key_conf)
@@ -388,8 +397,10 @@ static void __ieee80211_key_destroy(struct ieee80211_key *key)
388 ieee80211_aes_key_free(key->u.ccmp.tfm); 397 ieee80211_aes_key_free(key->u.ccmp.tfm);
389 if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC) 398 if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC)
390 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 399 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
391 if (key->local) 400 if (key->local) {
392 ieee80211_debugfs_key_remove(key); 401 ieee80211_debugfs_key_remove(key);
402 key->local->crypto_tx_tailroom_needed_cnt--;
403 }
393 404
394 kfree(key); 405 kfree(key);
395} 406}
@@ -451,6 +462,8 @@ int ieee80211_key_link(struct ieee80211_key *key,
451 462
452 ieee80211_debugfs_key_add(key); 463 ieee80211_debugfs_key_add(key);
453 464
465 key->local->crypto_tx_tailroom_needed_cnt++;
466
454 ret = ieee80211_key_enable_hw_accel(key); 467 ret = ieee80211_key_enable_hw_accel(key);
455 468
456 mutex_unlock(&sdata->local->key_mtx); 469 mutex_unlock(&sdata->local->key_mtx);
@@ -492,8 +505,12 @@ void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
492 505
493 mutex_lock(&sdata->local->key_mtx); 506 mutex_lock(&sdata->local->key_mtx);
494 507
495 list_for_each_entry(key, &sdata->key_list, list) 508 sdata->local->crypto_tx_tailroom_needed_cnt = 0;
509
510 list_for_each_entry(key, &sdata->key_list, list) {
511 sdata->local->crypto_tx_tailroom_needed_cnt++;
496 ieee80211_key_enable_hw_accel(key); 512 ieee80211_key_enable_hw_accel(key);
513 }
497 514
498 mutex_unlock(&sdata->local->key_mtx); 515 mutex_unlock(&sdata->local->key_mtx);
499} 516}
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 0ab2a8df312d..61877662e8f8 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -33,12 +33,6 @@
33#include "cfg.h" 33#include "cfg.h"
34#include "debugfs.h" 34#include "debugfs.h"
35 35
36
37static bool ieee80211_disable_40mhz_24ghz;
38module_param(ieee80211_disable_40mhz_24ghz, bool, 0644);
39MODULE_PARM_DESC(ieee80211_disable_40mhz_24ghz,
40 "Disable 40MHz support in the 2.4GHz band");
41
42static struct lock_class_key ieee80211_rx_skb_queue_class; 36static struct lock_class_key ieee80211_rx_skb_queue_class;
43 37
44void ieee80211_configure_filter(struct ieee80211_local *local) 38void ieee80211_configure_filter(struct ieee80211_local *local)
@@ -728,18 +722,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
728 } 722 }
729 channels += sband->n_channels; 723 channels += sband->n_channels;
730 724
731 /*
732 * Since ieee80211_disable_40mhz_24ghz is global, we can
733 * modify the sband's ht data even if the driver uses a
734 * global structure for that.
735 */
736 if (ieee80211_disable_40mhz_24ghz &&
737 band == IEEE80211_BAND_2GHZ &&
738 sband->ht_cap.ht_supported) {
739 sband->ht_cap.cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
740 sband->ht_cap.cap &= ~IEEE80211_HT_CAP_SGI_40;
741 }
742
743 if (max_bitrates < sband->n_bitrates) 725 if (max_bitrates < sband->n_bitrates)
744 max_bitrates = sband->n_bitrates; 726 max_bitrates = sband->n_bitrates;
745 supp_ht = supp_ht || sband->ht_cap.ht_supported; 727 supp_ht = supp_ht || sband->ht_cap.ht_supported;
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 11207979e2e2..c1299e249541 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -613,12 +613,9 @@ void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
613 struct sk_buff *skb) 613 struct sk_buff *skb)
614{ 614{
615 struct ieee80211_rx_status *rx_status; 615 struct ieee80211_rx_status *rx_status;
616 struct ieee80211_if_mesh *ifmsh;
617 struct ieee80211_mgmt *mgmt; 616 struct ieee80211_mgmt *mgmt;
618 u16 stype; 617 u16 stype;
619 618
620 ifmsh = &sdata->u.mesh;
621
622 rx_status = IEEE80211_SKB_RXCB(skb); 619 rx_status = IEEE80211_SKB_RXCB(skb);
623 mgmt = (struct ieee80211_mgmt *) skb->data; 620 mgmt = (struct ieee80211_mgmt *) skb->data;
624 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; 621 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index 5bf64d7112b3..e57f2e728cfe 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -633,7 +633,6 @@ static void hwmp_perr_frame_process(struct ieee80211_sub_if_data *sdata,
633 struct mesh_path *mpath; 633 struct mesh_path *mpath;
634 u8 ttl; 634 u8 ttl;
635 u8 *ta, *target_addr; 635 u8 *ta, *target_addr;
636 u8 target_flags;
637 u32 target_sn; 636 u32 target_sn;
638 u16 target_rcode; 637 u16 target_rcode;
639 638
@@ -644,7 +643,6 @@ static void hwmp_perr_frame_process(struct ieee80211_sub_if_data *sdata,
644 return; 643 return;
645 } 644 }
646 ttl--; 645 ttl--;
647 target_flags = PERR_IE_TARGET_FLAGS(perr_elem);
648 target_addr = PERR_IE_TARGET_ADDR(perr_elem); 646 target_addr = PERR_IE_TARGET_ADDR(perr_elem);
649 target_sn = PERR_IE_TARGET_SN(perr_elem); 647 target_sn = PERR_IE_TARGET_SN(perr_elem);
650 target_rcode = PERR_IE_TARGET_RCODE(perr_elem); 648 target_rcode = PERR_IE_TARGET_RCODE(perr_elem);
@@ -675,12 +673,10 @@ static void hwmp_rann_frame_process(struct ieee80211_sub_if_data *sdata,
675{ 673{
676 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 674 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
677 struct mesh_path *mpath; 675 struct mesh_path *mpath;
678 u8 *ta;
679 u8 ttl, flags, hopcount; 676 u8 ttl, flags, hopcount;
680 u8 *orig_addr; 677 u8 *orig_addr;
681 u32 orig_sn, metric; 678 u32 orig_sn, metric;
682 679
683 ta = mgmt->sa;
684 ttl = rann->rann_ttl; 680 ttl = rann->rann_ttl;
685 if (ttl <= 1) { 681 if (ttl <= 1) {
686 ifmsh->mshstats.dropped_frames_ttl++; 682 ifmsh->mshstats.dropped_frames_ttl++;
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
index e37355193ed1..042461710880 100644
--- a/net/mac80211/pm.c
+++ b/net/mac80211/pm.c
@@ -14,12 +14,23 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
14 14
15 ieee80211_scan_cancel(local); 15 ieee80211_scan_cancel(local);
16 16
17 if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) {
18 mutex_lock(&local->sta_mtx);
19 list_for_each_entry(sta, &local->sta_list, list) {
20 set_sta_flags(sta, WLAN_STA_BLOCK_BA);
21 ieee80211_sta_tear_down_BA_sessions(sta, true);
22 }
23 mutex_unlock(&local->sta_mtx);
24 }
25
17 ieee80211_stop_queues_by_reason(hw, 26 ieee80211_stop_queues_by_reason(hw,
18 IEEE80211_QUEUE_STOP_REASON_SUSPEND); 27 IEEE80211_QUEUE_STOP_REASON_SUSPEND);
19 28
20 /* flush out all packets */ 29 /* flush out all packets */
21 synchronize_net(); 30 synchronize_net();
22 31
32 drv_flush(local, false);
33
23 local->quiescing = true; 34 local->quiescing = true;
24 /* make quiescing visible to timers everywhere */ 35 /* make quiescing visible to timers everywhere */
25 mb(); 36 mb();
@@ -43,11 +54,6 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
43 /* tear down aggregation sessions and remove STAs */ 54 /* tear down aggregation sessions and remove STAs */
44 mutex_lock(&local->sta_mtx); 55 mutex_lock(&local->sta_mtx);
45 list_for_each_entry(sta, &local->sta_list, list) { 56 list_for_each_entry(sta, &local->sta_list, list) {
46 if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) {
47 set_sta_flags(sta, WLAN_STA_BLOCK_BA);
48 ieee80211_sta_tear_down_BA_sessions(sta, true);
49 }
50
51 if (sta->uploaded) { 57 if (sta->uploaded) {
52 sdata = sta->sdata; 58 sdata = sta->sdata;
53 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 59 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index a864890e4d03..13a6697651ad 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -652,7 +652,7 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw,
652 set_release_timer: 652 set_release_timer:
653 653
654 mod_timer(&tid_agg_rx->reorder_timer, 654 mod_timer(&tid_agg_rx->reorder_timer,
655 tid_agg_rx->reorder_time[j] + 655 tid_agg_rx->reorder_time[j] + 1 +
656 HT_RX_REORDER_BUF_TIMEOUT); 656 HT_RX_REORDER_BUF_TIMEOUT);
657 } else { 657 } else {
658 del_timer(&tid_agg_rx->reorder_timer); 658 del_timer(&tid_agg_rx->reorder_timer);
@@ -2368,47 +2368,6 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
2368 return RX_QUEUED; 2368 return RX_QUEUED;
2369} 2369}
2370 2370
2371static void ieee80211_rx_michael_mic_report(struct ieee80211_hdr *hdr,
2372 struct ieee80211_rx_data *rx)
2373{
2374 int keyidx;
2375 unsigned int hdrlen;
2376
2377 hdrlen = ieee80211_hdrlen(hdr->frame_control);
2378 if (rx->skb->len >= hdrlen + 4)
2379 keyidx = rx->skb->data[hdrlen + 3] >> 6;
2380 else
2381 keyidx = -1;
2382
2383 if (!rx->sta) {
2384 /*
2385 * Some hardware seem to generate incorrect Michael MIC
2386 * reports; ignore them to avoid triggering countermeasures.
2387 */
2388 return;
2389 }
2390
2391 if (!ieee80211_has_protected(hdr->frame_control))
2392 return;
2393
2394 if (rx->sdata->vif.type == NL80211_IFTYPE_AP && keyidx) {
2395 /*
2396 * APs with pairwise keys should never receive Michael MIC
2397 * errors for non-zero keyidx because these are reserved for
2398 * group keys and only the AP is sending real multicast
2399 * frames in the BSS.
2400 */
2401 return;
2402 }
2403
2404 if (!ieee80211_is_data(hdr->frame_control) &&
2405 !ieee80211_is_auth(hdr->frame_control))
2406 return;
2407
2408 mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr, NULL,
2409 GFP_ATOMIC);
2410}
2411
2412/* TODO: use IEEE80211_RX_FRAGMENTED */ 2371/* TODO: use IEEE80211_RX_FRAGMENTED */
2413static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx, 2372static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx,
2414 struct ieee80211_rate *rate) 2373 struct ieee80211_rate *rate)
@@ -2752,12 +2711,6 @@ static bool ieee80211_prepare_and_rx_handle(struct ieee80211_rx_data *rx,
2752 if (!prepares) 2711 if (!prepares)
2753 return false; 2712 return false;
2754 2713
2755 if (status->flag & RX_FLAG_MMIC_ERROR) {
2756 if (status->rx_flags & IEEE80211_RX_RA_MATCH)
2757 ieee80211_rx_michael_mic_report(hdr, rx);
2758 return false;
2759 }
2760
2761 if (!consume) { 2714 if (!consume) {
2762 skb = skb_copy(skb, GFP_ATOMIC); 2715 skb = skb_copy(skb, GFP_ATOMIC);
2763 if (!skb) { 2716 if (!skb) {
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index a03d8a312875..d9e6e81ff6b2 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -587,7 +587,6 @@ static bool sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
587{ 587{
588 unsigned long flags; 588 unsigned long flags;
589 struct sk_buff *skb; 589 struct sk_buff *skb;
590 struct ieee80211_sub_if_data *sdata;
591 590
592 if (skb_queue_empty(&sta->ps_tx_buf)) 591 if (skb_queue_empty(&sta->ps_tx_buf))
593 return false; 592 return false;
@@ -604,7 +603,6 @@ static bool sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
604 if (!skb) 603 if (!skb)
605 break; 604 break;
606 605
607 sdata = sta->sdata;
608 local->total_ps_buffered--; 606 local->total_ps_buffered--;
609#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 607#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
610 printk(KERN_DEBUG "Buffered frame expired (STA %pM)\n", 608 printk(KERN_DEBUG "Buffered frame expired (STA %pM)\n",
diff --git a/net/mac80211/status.c b/net/mac80211/status.c
index 3ed3c835fbbf..1658efaa2e8e 100644
--- a/net/mac80211/status.c
+++ b/net/mac80211/status.c
@@ -446,3 +446,11 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
446 dev_kfree_skb(skb); 446 dev_kfree_skb(skb);
447} 447}
448EXPORT_SYMBOL(ieee80211_tx_status); 448EXPORT_SYMBOL(ieee80211_tx_status);
449
450void ieee80211_report_low_ack(struct ieee80211_sta *pubsta, u32 num_packets)
451{
452 struct sta_info *sta = container_of(pubsta, struct sta_info, sta);
453 cfg80211_cqm_pktloss_notify(sta->sdata->dev, sta->sta.addr,
454 num_packets, GFP_ATOMIC);
455}
456EXPORT_SYMBOL(ieee80211_report_low_ack);
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 17b10be31f55..e3e3aa173af0 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -1036,14 +1036,11 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
1036 struct ieee80211_radiotap_iterator iterator; 1036 struct ieee80211_radiotap_iterator iterator;
1037 struct ieee80211_radiotap_header *rthdr = 1037 struct ieee80211_radiotap_header *rthdr =
1038 (struct ieee80211_radiotap_header *) skb->data; 1038 (struct ieee80211_radiotap_header *) skb->data;
1039 struct ieee80211_supported_band *sband;
1040 bool hw_frag; 1039 bool hw_frag;
1041 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1040 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1042 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len, 1041 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len,
1043 NULL); 1042 NULL);
1044 1043
1045 sband = tx->local->hw.wiphy->bands[tx->channel->band];
1046
1047 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 1044 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
1048 tx->flags &= ~IEEE80211_TX_FRAGMENTED; 1045 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
1049 1046
@@ -1442,11 +1439,8 @@ static bool ieee80211_tx(struct ieee80211_sub_if_data *sdata,
1442 struct ieee80211_tx_data tx; 1439 struct ieee80211_tx_data tx;
1443 ieee80211_tx_result res_prepare; 1440 ieee80211_tx_result res_prepare;
1444 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1441 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1445 u16 queue;
1446 bool result = true; 1442 bool result = true;
1447 1443
1448 queue = skb_get_queue_mapping(skb);
1449
1450 if (unlikely(skb->len < 10)) { 1444 if (unlikely(skb->len < 10)) {
1451 dev_kfree_skb(skb); 1445 dev_kfree_skb(skb);
1452 return true; 1446 return true;
@@ -1482,12 +1476,7 @@ static int ieee80211_skb_resize(struct ieee80211_local *local,
1482{ 1476{
1483 int tail_need = 0; 1477 int tail_need = 0;
1484 1478
1485 /* 1479 if (may_encrypt && local->crypto_tx_tailroom_needed_cnt) {
1486 * This could be optimised, devices that do full hardware
1487 * crypto (including TKIP MMIC) need no tailroom... But we
1488 * have no drivers for such devices currently.
1489 */
1490 if (may_encrypt) {
1491 tail_need = IEEE80211_ENCRYPT_TAILROOM; 1480 tail_need = IEEE80211_ENCRYPT_TAILROOM;
1492 tail_need -= skb_tailroom(skb); 1481 tail_need -= skb_tailroom(skb);
1493 tail_need = max_t(int, tail_need, 0); 1482 tail_need = max_t(int, tail_need, 0);
@@ -2485,7 +2474,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2485{ 2474{
2486 struct ieee80211_local *local = hw_to_local(hw); 2475 struct ieee80211_local *local = hw_to_local(hw);
2487 struct sk_buff *skb = NULL; 2476 struct sk_buff *skb = NULL;
2488 struct sta_info *sta;
2489 struct ieee80211_tx_data tx; 2477 struct ieee80211_tx_data tx;
2490 struct ieee80211_sub_if_data *sdata; 2478 struct ieee80211_sub_if_data *sdata;
2491 struct ieee80211_if_ap *bss = NULL; 2479 struct ieee80211_if_ap *bss = NULL;
@@ -2527,7 +2515,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2527 2515
2528 info = IEEE80211_SKB_CB(skb); 2516 info = IEEE80211_SKB_CB(skb);
2529 2517
2530 sta = tx.sta;
2531 tx.flags |= IEEE80211_TX_PS_BUFFERED; 2518 tx.flags |= IEEE80211_TX_PS_BUFFERED;
2532 tx.channel = local->hw.conf.channel; 2519 tx.channel = local->hw.conf.channel;
2533 info->band = tx.channel->band; 2520 info->band = tx.channel->band;
diff --git a/net/mac80211/work.c b/net/mac80211/work.c
index e73c8cae036b..a94b312dbfac 100644
--- a/net/mac80211/work.c
+++ b/net/mac80211/work.c
@@ -198,9 +198,8 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
198 struct sk_buff *skb; 198 struct sk_buff *skb;
199 struct ieee80211_mgmt *mgmt; 199 struct ieee80211_mgmt *mgmt;
200 u8 *pos, qos_info; 200 u8 *pos, qos_info;
201 const u8 *ies;
202 size_t offset = 0, noffset; 201 size_t offset = 0, noffset;
203 int i, len, count, rates_len, supp_rates_len; 202 int i, count, rates_len, supp_rates_len;
204 u16 capab; 203 u16 capab;
205 struct ieee80211_supported_band *sband; 204 struct ieee80211_supported_band *sband;
206 u32 rates = 0; 205 u32 rates = 0;
@@ -285,7 +284,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
285 } 284 }
286 285
287 /* SSID */ 286 /* SSID */
288 ies = pos = skb_put(skb, 2 + wk->assoc.ssid_len); 287 pos = skb_put(skb, 2 + wk->assoc.ssid_len);
289 *pos++ = WLAN_EID_SSID; 288 *pos++ = WLAN_EID_SSID;
290 *pos++ = wk->assoc.ssid_len; 289 *pos++ = wk->assoc.ssid_len;
291 memcpy(pos, wk->assoc.ssid, wk->assoc.ssid_len); 290 memcpy(pos, wk->assoc.ssid, wk->assoc.ssid_len);
@@ -295,7 +294,6 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
295 if (supp_rates_len > 8) 294 if (supp_rates_len > 8)
296 supp_rates_len = 8; 295 supp_rates_len = 8;
297 296
298 len = sband->n_bitrates;
299 pos = skb_put(skb, supp_rates_len + 2); 297 pos = skb_put(skb, supp_rates_len + 2);
300 *pos++ = WLAN_EID_SUPP_RATES; 298 *pos++ = WLAN_EID_SUPP_RATES;
301 *pos++ = supp_rates_len; 299 *pos++ = supp_rates_len;
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index f1765de2f4bf..9dc3b5f26e80 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -87,42 +87,76 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
87 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); 87 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
88 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 88 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
89 89
90 /* No way to verify the MIC if the hardware stripped it */ 90 /*
91 if (status->flag & RX_FLAG_MMIC_STRIPPED) 91 * it makes no sense to check for MIC errors on anything other
92 * than data frames.
93 */
94 if (!ieee80211_is_data_present(hdr->frame_control))
95 return RX_CONTINUE;
96
97 /*
98 * No way to verify the MIC if the hardware stripped it or
99 * the IV with the key index. In this case we have solely rely
100 * on the driver to set RX_FLAG_MMIC_ERROR in the event of a
101 * MIC failure report.
102 */
103 if (status->flag & (RX_FLAG_MMIC_STRIPPED | RX_FLAG_IV_STRIPPED)) {
104 if (status->flag & RX_FLAG_MMIC_ERROR)
105 goto mic_fail;
106
107 if (!(status->flag & RX_FLAG_IV_STRIPPED))
108 goto update_iv;
109
92 return RX_CONTINUE; 110 return RX_CONTINUE;
111 }
93 112
113 /*
114 * Some hardware seems to generate Michael MIC failure reports; even
115 * though, the frame was not encrypted with TKIP and therefore has no
116 * MIC. Ignore the flag them to avoid triggering countermeasures.
117 */
94 if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP || 118 if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP ||
95 !ieee80211_has_protected(hdr->frame_control) || 119 !(status->flag & RX_FLAG_DECRYPTED))
96 !ieee80211_is_data_present(hdr->frame_control))
97 return RX_CONTINUE; 120 return RX_CONTINUE;
98 121
122 if (rx->sdata->vif.type == NL80211_IFTYPE_AP && rx->key->conf.keyidx) {
123 /*
124 * APs with pairwise keys should never receive Michael MIC
125 * errors for non-zero keyidx because these are reserved for
126 * group keys and only the AP is sending real multicast
127 * frames in the BSS. (
128 */
129 return RX_DROP_UNUSABLE;
130 }
131
132 if (status->flag & RX_FLAG_MMIC_ERROR)
133 goto mic_fail;
134
99 hdrlen = ieee80211_hdrlen(hdr->frame_control); 135 hdrlen = ieee80211_hdrlen(hdr->frame_control);
100 if (skb->len < hdrlen + MICHAEL_MIC_LEN) 136 if (skb->len < hdrlen + MICHAEL_MIC_LEN)
101 return RX_DROP_UNUSABLE; 137 return RX_DROP_UNUSABLE;
102 138
103 data = skb->data + hdrlen; 139 data = skb->data + hdrlen;
104 data_len = skb->len - hdrlen - MICHAEL_MIC_LEN; 140 data_len = skb->len - hdrlen - MICHAEL_MIC_LEN;
105
106 key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY]; 141 key = &rx->key->conf.key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY];
107 michael_mic(key, hdr, data, data_len, mic); 142 michael_mic(key, hdr, data, data_len, mic);
108 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0) { 143 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0)
109 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH)) 144 goto mic_fail;
110 return RX_DROP_UNUSABLE;
111
112 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx,
113 (void *) skb->data, NULL,
114 GFP_ATOMIC);
115 return RX_DROP_UNUSABLE;
116 }
117 145
118 /* remove Michael MIC from payload */ 146 /* remove Michael MIC from payload */
119 skb_trim(skb, skb->len - MICHAEL_MIC_LEN); 147 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
120 148
149update_iv:
121 /* update IV in key information to be able to detect replays */ 150 /* update IV in key information to be able to detect replays */
122 rx->key->u.tkip.rx[rx->queue].iv32 = rx->tkip_iv32; 151 rx->key->u.tkip.rx[rx->queue].iv32 = rx->tkip_iv32;
123 rx->key->u.tkip.rx[rx->queue].iv16 = rx->tkip_iv16; 152 rx->key->u.tkip.rx[rx->queue].iv16 = rx->tkip_iv16;
124 153
125 return RX_CONTINUE; 154 return RX_CONTINUE;
155
156mic_fail:
157 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx,
158 (void *) skb->data, NULL, GFP_ATOMIC);
159 return RX_DROP_UNUSABLE;
126} 160}
127 161
128 162