aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2008-06-10 04:54:31 -0400
committerDavid S. Miller <davem@davemloft.net>2008-06-10 04:54:31 -0400
commit788c0a53164c05c5ccdb1472474372b72ba74644 (patch)
tree5f274102e3dc4bcca6cb3a695aa2c8228ad5fc4f /net/mac80211
parente64bda89b8fe81cce9b4a20885d2c204c2d52532 (diff)
parent78cf07472f0ede8394bacc4bc02354505080cfe1 (diff)
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/linville/wireless-next-2.6
Conflicts: drivers/net/ps3_gelic_wireless.c drivers/net/wireless/libertas/main.c
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/Kconfig14
-rw-r--r--net/mac80211/Makefile2
-rw-r--r--net/mac80211/cfg.c4
-rw-r--r--net/mac80211/debugfs_key.c8
-rw-r--r--net/mac80211/debugfs_netdev.c9
-rw-r--r--net/mac80211/debugfs_sta.c1
-rw-r--r--net/mac80211/ieee80211_i.h78
-rw-r--r--net/mac80211/iface.c2
-rw-r--r--net/mac80211/key.h17
-rw-r--r--net/mac80211/main.c291
-rw-r--r--net/mac80211/mesh.c38
-rw-r--r--net/mac80211/mesh.h2
-rw-r--r--net/mac80211/mesh_pathtbl.c53
-rw-r--r--net/mac80211/michael.c106
-rw-r--r--net/mac80211/michael.h8
-rw-r--r--net/mac80211/mlme.c88
-rw-r--r--net/mac80211/rate.c12
-rw-r--r--net/mac80211/rate.h33
-rw-r--r--net/mac80211/rc80211_pid.h4
-rw-r--r--net/mac80211/rc80211_pid_algo.c22
-rw-r--r--net/mac80211/rc80211_pid_debugfs.c8
-rw-r--r--net/mac80211/rx.c72
-rw-r--r--net/mac80211/sta_info.c8
-rw-r--r--net/mac80211/sta_info.h6
-rw-r--r--net/mac80211/tkip.c86
-rw-r--r--net/mac80211/tkip.h4
-rw-r--r--net/mac80211/tx.c841
-rw-r--r--net/mac80211/util.c59
-rw-r--r--net/mac80211/wep.c19
-rw-r--r--net/mac80211/wme.c28
-rw-r--r--net/mac80211/wme.h2
-rw-r--r--net/mac80211/wpa.c135
32 files changed, 971 insertions, 1089 deletions
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index a24b459dd45a..590e00b2766c 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -7,11 +7,23 @@ config MAC80211
7 select CRC32 7 select CRC32
8 select WIRELESS_EXT 8 select WIRELESS_EXT
9 select CFG80211 9 select CFG80211
10 select NET_SCH_FIFO
11 ---help--- 10 ---help---
12 This option enables the hardware independent IEEE 802.11 11 This option enables the hardware independent IEEE 802.11
13 networking stack. 12 networking stack.
14 13
14config MAC80211_QOS
15 def_bool y
16 depends on MAC80211
17 depends on NET_SCHED
18 depends on NETDEVICES_MULTIQUEUE
19
20comment "QoS/HT support disabled"
21 depends on MAC80211 && !MAC80211_QOS
22comment "QoS/HT support needs CONFIG_NET_SCHED"
23 depends on MAC80211 && !NET_SCHED
24comment "QoS/HT support needs CONFIG_NETDEVICES_MULTIQUEUE"
25 depends on MAC80211 && !NETDEVICES_MULTIQUEUE
26
15menu "Rate control algorithm selection" 27menu "Rate control algorithm selection"
16 depends on MAC80211 != n 28 depends on MAC80211 != n
17 29
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 4e5847fd316c..1d2a4e010e5c 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -29,7 +29,7 @@ mac80211-y := \
29 event.o 29 event.o
30 30
31mac80211-$(CONFIG_MAC80211_LEDS) += led.o 31mac80211-$(CONFIG_MAC80211_LEDS) += led.o
32mac80211-$(CONFIG_NET_SCHED) += wme.o 32mac80211-$(CONFIG_MAC80211_QOS) += wme.o
33mac80211-$(CONFIG_MAC80211_DEBUGFS) += \ 33mac80211-$(CONFIG_MAC80211_DEBUGFS) += \
34 debugfs.o \ 34 debugfs.o \
35 debugfs_sta.o \ 35 debugfs_sta.o \
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 3cef80dcd0e5..dbf0563c397d 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -256,8 +256,8 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
256 case ALG_TKIP: 256 case ALG_TKIP:
257 params.cipher = WLAN_CIPHER_SUITE_TKIP; 257 params.cipher = WLAN_CIPHER_SUITE_TKIP;
258 258
259 iv32 = key->u.tkip.iv32; 259 iv32 = key->u.tkip.tx.iv32;
260 iv16 = key->u.tkip.iv16; 260 iv16 = key->u.tkip.tx.iv16;
261 261
262 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 262 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
263 sdata->local->ops->get_tkip_seq) 263 sdata->local->ops->get_tkip_seq)
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
index 19efc3a6a932..7439b63df5d0 100644
--- a/net/mac80211/debugfs_key.c
+++ b/net/mac80211/debugfs_key.c
@@ -97,8 +97,8 @@ static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
97 break; 97 break;
98 case ALG_TKIP: 98 case ALG_TKIP:
99 len = scnprintf(buf, sizeof(buf), "%08x %04x\n", 99 len = scnprintf(buf, sizeof(buf), "%08x %04x\n",
100 key->u.tkip.iv32, 100 key->u.tkip.tx.iv32,
101 key->u.tkip.iv16); 101 key->u.tkip.tx.iv16);
102 break; 102 break;
103 case ALG_CCMP: 103 case ALG_CCMP:
104 tpn = key->u.ccmp.tx_pn; 104 tpn = key->u.ccmp.tx_pn;
@@ -128,8 +128,8 @@ static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
128 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) 128 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
129 p += scnprintf(p, sizeof(buf)+buf-p, 129 p += scnprintf(p, sizeof(buf)+buf-p,
130 "%08x %04x\n", 130 "%08x %04x\n",
131 key->u.tkip.iv32_rx[i], 131 key->u.tkip.rx[i].iv32,
132 key->u.tkip.iv16_rx[i]); 132 key->u.tkip.rx[i].iv16);
133 len = p - buf; 133 len = p - buf;
134 break; 134 break;
135 case ALG_CCMP: 135 case ALG_CCMP:
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index 3ae5493d728b..b2089b2da48a 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -155,7 +155,6 @@ static const struct file_operations name##_ops = { \
155 __IEEE80211_IF_WFILE(name) 155 __IEEE80211_IF_WFILE(name)
156 156
157/* common attributes */ 157/* common attributes */
158IEEE80211_IF_FILE(channel_use, channel_use, DEC);
159IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC); 158IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
160 159
161/* STA/IBSS attributes */ 160/* STA/IBSS attributes */
@@ -248,7 +247,6 @@ IEEE80211_IF_WFILE(min_discovery_timeout,
248 247
249static void add_sta_files(struct ieee80211_sub_if_data *sdata) 248static void add_sta_files(struct ieee80211_sub_if_data *sdata)
250{ 249{
251 DEBUGFS_ADD(channel_use, sta);
252 DEBUGFS_ADD(drop_unencrypted, sta); 250 DEBUGFS_ADD(drop_unencrypted, sta);
253 DEBUGFS_ADD(state, sta); 251 DEBUGFS_ADD(state, sta);
254 DEBUGFS_ADD(bssid, sta); 252 DEBUGFS_ADD(bssid, sta);
@@ -269,7 +267,6 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
269 267
270static void add_ap_files(struct ieee80211_sub_if_data *sdata) 268static void add_ap_files(struct ieee80211_sub_if_data *sdata)
271{ 269{
272 DEBUGFS_ADD(channel_use, ap);
273 DEBUGFS_ADD(drop_unencrypted, ap); 270 DEBUGFS_ADD(drop_unencrypted, ap);
274 DEBUGFS_ADD(num_sta_ps, ap); 271 DEBUGFS_ADD(num_sta_ps, ap);
275 DEBUGFS_ADD(dtim_count, ap); 272 DEBUGFS_ADD(dtim_count, ap);
@@ -281,14 +278,12 @@ static void add_ap_files(struct ieee80211_sub_if_data *sdata)
281 278
282static void add_wds_files(struct ieee80211_sub_if_data *sdata) 279static void add_wds_files(struct ieee80211_sub_if_data *sdata)
283{ 280{
284 DEBUGFS_ADD(channel_use, wds);
285 DEBUGFS_ADD(drop_unencrypted, wds); 281 DEBUGFS_ADD(drop_unencrypted, wds);
286 DEBUGFS_ADD(peer, wds); 282 DEBUGFS_ADD(peer, wds);
287} 283}
288 284
289static void add_vlan_files(struct ieee80211_sub_if_data *sdata) 285static void add_vlan_files(struct ieee80211_sub_if_data *sdata)
290{ 286{
291 DEBUGFS_ADD(channel_use, vlan);
292 DEBUGFS_ADD(drop_unencrypted, vlan); 287 DEBUGFS_ADD(drop_unencrypted, vlan);
293} 288}
294 289
@@ -376,7 +371,6 @@ static void add_files(struct ieee80211_sub_if_data *sdata)
376 371
377static void del_sta_files(struct ieee80211_sub_if_data *sdata) 372static void del_sta_files(struct ieee80211_sub_if_data *sdata)
378{ 373{
379 DEBUGFS_DEL(channel_use, sta);
380 DEBUGFS_DEL(drop_unencrypted, sta); 374 DEBUGFS_DEL(drop_unencrypted, sta);
381 DEBUGFS_DEL(state, sta); 375 DEBUGFS_DEL(state, sta);
382 DEBUGFS_DEL(bssid, sta); 376 DEBUGFS_DEL(bssid, sta);
@@ -397,7 +391,6 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
397 391
398static void del_ap_files(struct ieee80211_sub_if_data *sdata) 392static void del_ap_files(struct ieee80211_sub_if_data *sdata)
399{ 393{
400 DEBUGFS_DEL(channel_use, ap);
401 DEBUGFS_DEL(drop_unencrypted, ap); 394 DEBUGFS_DEL(drop_unencrypted, ap);
402 DEBUGFS_DEL(num_sta_ps, ap); 395 DEBUGFS_DEL(num_sta_ps, ap);
403 DEBUGFS_DEL(dtim_count, ap); 396 DEBUGFS_DEL(dtim_count, ap);
@@ -409,14 +402,12 @@ static void del_ap_files(struct ieee80211_sub_if_data *sdata)
409 402
410static void del_wds_files(struct ieee80211_sub_if_data *sdata) 403static void del_wds_files(struct ieee80211_sub_if_data *sdata)
411{ 404{
412 DEBUGFS_DEL(channel_use, wds);
413 DEBUGFS_DEL(drop_unencrypted, wds); 405 DEBUGFS_DEL(drop_unencrypted, wds);
414 DEBUGFS_DEL(peer, wds); 406 DEBUGFS_DEL(peer, wds);
415} 407}
416 408
417static void del_vlan_files(struct ieee80211_sub_if_data *sdata) 409static void del_vlan_files(struct ieee80211_sub_if_data *sdata)
418{ 410{
419 DEBUGFS_DEL(channel_use, vlan);
420 DEBUGFS_DEL(drop_unencrypted, vlan); 411 DEBUGFS_DEL(drop_unencrypted, vlan);
421} 412}
422 413
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index a2cc0284c9d0..79a062782d52 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -66,7 +66,6 @@ STA_FILE(tx_retry_count, tx_retry_count, LU);
66STA_FILE(last_signal, last_signal, D); 66STA_FILE(last_signal, last_signal, D);
67STA_FILE(last_qual, last_qual, D); 67STA_FILE(last_qual, last_qual, D);
68STA_FILE(last_noise, last_noise, D); 68STA_FILE(last_noise, last_noise, D);
69STA_FILE(channel_use, channel_use, D);
70STA_FILE(wep_weak_iv_count, wep_weak_iv_count, LU); 69STA_FILE(wep_weak_iv_count, wep_weak_iv_count, LU);
71 70
72static ssize_t sta_flags_read(struct file *file, char __user *userbuf, 71static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index ed0d9b35ae6f..432011cd3647 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -2,6 +2,7 @@
2 * Copyright 2002-2005, Instant802 Networks, Inc. 2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc. 3 * Copyright 2005, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
5 * 6 *
6 * This program is free software; you can redistribute it and/or modify 7 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as 8 * it under the terms of the GNU General Public License version 2 as
@@ -91,6 +92,8 @@ struct ieee80211_sta_bss {
91 size_t wmm_ie_len; 92 size_t wmm_ie_len;
92 u8 *ht_ie; 93 u8 *ht_ie;
93 size_t ht_ie_len; 94 size_t ht_ie_len;
95 u8 *ht_add_ie;
96 size_t ht_add_ie_len;
94#ifdef CONFIG_MAC80211_MESH 97#ifdef CONFIG_MAC80211_MESH
95 u8 *mesh_id; 98 u8 *mesh_id;
96 size_t mesh_id_len; 99 size_t mesh_id_len;
@@ -147,7 +150,6 @@ typedef unsigned __bitwise__ ieee80211_tx_result;
147#define IEEE80211_TX_UNICAST BIT(1) 150#define IEEE80211_TX_UNICAST BIT(1)
148#define IEEE80211_TX_PS_BUFFERED BIT(2) 151#define IEEE80211_TX_PS_BUFFERED BIT(2)
149#define IEEE80211_TX_PROBE_LAST_FRAG BIT(3) 152#define IEEE80211_TX_PROBE_LAST_FRAG BIT(3)
150#define IEEE80211_TX_INJECTED BIT(4)
151 153
152struct ieee80211_tx_data { 154struct ieee80211_tx_data {
153 struct sk_buff *skb; 155 struct sk_buff *skb;
@@ -157,13 +159,12 @@ struct ieee80211_tx_data {
157 struct sta_info *sta; 159 struct sta_info *sta;
158 struct ieee80211_key *key; 160 struct ieee80211_key *key;
159 161
160 struct ieee80211_tx_control *control;
161 struct ieee80211_channel *channel; 162 struct ieee80211_channel *channel;
162 struct ieee80211_rate *rate; 163 s8 rate_idx;
163 /* use this rate (if set) for last fragment; rate can 164 /* use this rate (if set) for last fragment; rate can
164 * be set to lower rate for the first fragments, e.g., 165 * be set to lower rate for the first fragments, e.g.,
165 * when using CTS protection with IEEE 802.11g. */ 166 * when using CTS protection with IEEE 802.11g. */
166 struct ieee80211_rate *last_frag_rate; 167 s8 last_frag_rate_idx;
167 168
168 /* Extra fragments (in addition to the first fragment 169 /* Extra fragments (in addition to the first fragment
169 * in skb) */ 170 * in skb) */
@@ -202,32 +203,16 @@ struct ieee80211_rx_data {
202 unsigned int flags; 203 unsigned int flags;
203 int sent_ps_buffered; 204 int sent_ps_buffered;
204 int queue; 205 int queue;
205 int load;
206 u32 tkip_iv32; 206 u32 tkip_iv32;
207 u16 tkip_iv16; 207 u16 tkip_iv16;
208}; 208};
209 209
210/* flags used in struct ieee80211_tx_packet_data.flags */
211#define IEEE80211_TXPD_REQ_TX_STATUS BIT(0)
212#define IEEE80211_TXPD_DO_NOT_ENCRYPT BIT(1)
213#define IEEE80211_TXPD_REQUEUE BIT(2)
214#define IEEE80211_TXPD_EAPOL_FRAME BIT(3)
215#define IEEE80211_TXPD_AMPDU BIT(4)
216/* Stored in sk_buff->cb */
217struct ieee80211_tx_packet_data {
218 int ifindex;
219 unsigned long jiffies;
220 unsigned int flags;
221 u8 queue;
222};
223
224struct ieee80211_tx_stored_packet { 210struct ieee80211_tx_stored_packet {
225 struct ieee80211_tx_control control;
226 struct sk_buff *skb; 211 struct sk_buff *skb;
227 struct sk_buff **extra_frag; 212 struct sk_buff **extra_frag;
228 struct ieee80211_rate *last_frag_rate; 213 s8 last_frag_rate_idx;
229 int num_extra_frag; 214 int num_extra_frag;
230 unsigned int last_frag_rate_ctrl_probe; 215 bool last_frag_rate_ctrl_probe;
231}; 216};
232 217
233struct beacon_data { 218struct beacon_data {
@@ -464,14 +449,11 @@ struct ieee80211_sub_if_data {
464 struct ieee80211_if_sta sta; 449 struct ieee80211_if_sta sta;
465 u32 mntr_flags; 450 u32 mntr_flags;
466 } u; 451 } u;
467 int channel_use;
468 int channel_use_raw;
469 452
470#ifdef CONFIG_MAC80211_DEBUGFS 453#ifdef CONFIG_MAC80211_DEBUGFS
471 struct dentry *debugfsdir; 454 struct dentry *debugfsdir;
472 union { 455 union {
473 struct { 456 struct {
474 struct dentry *channel_use;
475 struct dentry *drop_unencrypted; 457 struct dentry *drop_unencrypted;
476 struct dentry *state; 458 struct dentry *state;
477 struct dentry *bssid; 459 struct dentry *bssid;
@@ -490,7 +472,6 @@ struct ieee80211_sub_if_data {
490 struct dentry *num_beacons_sta; 472 struct dentry *num_beacons_sta;
491 } sta; 473 } sta;
492 struct { 474 struct {
493 struct dentry *channel_use;
494 struct dentry *drop_unencrypted; 475 struct dentry *drop_unencrypted;
495 struct dentry *num_sta_ps; 476 struct dentry *num_sta_ps;
496 struct dentry *dtim_count; 477 struct dentry *dtim_count;
@@ -500,12 +481,10 @@ struct ieee80211_sub_if_data {
500 struct dentry *num_buffered_multicast; 481 struct dentry *num_buffered_multicast;
501 } ap; 482 } ap;
502 struct { 483 struct {
503 struct dentry *channel_use;
504 struct dentry *drop_unencrypted; 484 struct dentry *drop_unencrypted;
505 struct dentry *peer; 485 struct dentry *peer;
506 } wds; 486 } wds;
507 struct { 487 struct {
508 struct dentry *channel_use;
509 struct dentry *drop_unencrypted; 488 struct dentry *drop_unencrypted;
510 } vlan; 489 } vlan;
511 struct { 490 struct {
@@ -610,8 +589,8 @@ struct ieee80211_local {
610 struct sta_info *sta_hash[STA_HASH_SIZE]; 589 struct sta_info *sta_hash[STA_HASH_SIZE];
611 struct timer_list sta_cleanup; 590 struct timer_list sta_cleanup;
612 591
613 unsigned long state[IEEE80211_MAX_QUEUES + IEEE80211_MAX_AMPDU_QUEUES]; 592 unsigned long queues_pending[BITS_TO_LONGS(IEEE80211_MAX_QUEUES)];
614 struct ieee80211_tx_stored_packet pending_packet[IEEE80211_MAX_QUEUES + IEEE80211_MAX_AMPDU_QUEUES]; 593 struct ieee80211_tx_stored_packet pending_packet[IEEE80211_MAX_QUEUES];
615 struct tasklet_struct tx_pending_tasklet; 594 struct tasklet_struct tx_pending_tasklet;
616 595
617 /* number of interfaces with corresponding IFF_ flags */ 596 /* number of interfaces with corresponding IFF_ flags */
@@ -677,9 +656,6 @@ struct ieee80211_local {
677 assoc_led_name[32], radio_led_name[32]; 656 assoc_led_name[32], radio_led_name[32];
678#endif 657#endif
679 658
680 u32 channel_use;
681 u32 channel_use_raw;
682
683#ifdef CONFIG_MAC80211_DEBUGFS 659#ifdef CONFIG_MAC80211_DEBUGFS
684 struct work_struct sta_debugfs_add; 660 struct work_struct sta_debugfs_add;
685#endif 661#endif
@@ -774,6 +750,15 @@ struct ieee80211_local {
774#endif 750#endif
775}; 751};
776 752
753static inline int ieee80211_is_multiqueue(struct ieee80211_local *local)
754{
755#ifdef CONFIG_MAC80211_QOS
756 return netif_is_multiqueue(local->mdev);
757#else
758 return 0;
759#endif
760}
761
777/* this struct represents 802.11n's RA/TID combination */ 762/* this struct represents 802.11n's RA/TID combination */
778struct ieee80211_ra_tid { 763struct ieee80211_ra_tid {
779 u8 ra[ETH_ALEN]; 764 u8 ra[ETH_ALEN];
@@ -843,11 +828,6 @@ static inline struct ieee80211_hw *local_to_hw(
843 return &local->hw; 828 return &local->hw;
844} 829}
845 830
846enum ieee80211_link_state_t {
847 IEEE80211_LINK_STATE_XOFF = 0,
848 IEEE80211_LINK_STATE_PENDING,
849};
850
851struct sta_attribute { 831struct sta_attribute {
852 struct attribute attr; 832 struct attribute attr;
853 ssize_t (*show)(const struct sta_info *, char *buf); 833 ssize_t (*show)(const struct sta_info *, char *buf);
@@ -873,28 +853,6 @@ u32 ieee80211_handle_ht(struct ieee80211_local *local, int enable_ht,
873 853
874/* ieee80211_ioctl.c */ 854/* ieee80211_ioctl.c */
875extern const struct iw_handler_def ieee80211_iw_handler_def; 855extern const struct iw_handler_def ieee80211_iw_handler_def;
876
877
878/* Least common multiple of the used rates (in 100 kbps). This is used to
879 * calculate rate_inv values for each rate so that only integers are needed. */
880#define CHAN_UTIL_RATE_LCM 95040
881/* 1 usec is 1/8 * (95040/10) = 1188 */
882#define CHAN_UTIL_PER_USEC 1188
883/* Amount of bits to shift the result right to scale the total utilization
884 * to values that will not wrap around 32-bit integers. */
885#define CHAN_UTIL_SHIFT 9
886/* Theoretical maximum of channel utilization counter in 10 ms (stat_time=1):
887 * (CHAN_UTIL_PER_USEC * 10000) >> CHAN_UTIL_SHIFT = 23203. So dividing the
888 * raw value with about 23 should give utilization in 10th of a percentage
889 * (1/1000). However, utilization is only estimated and not all intervals
890 * between frames etc. are calculated. 18 seems to give numbers that are closer
891 * to the real maximum. */
892#define CHAN_UTIL_PER_10MS 18
893#define CHAN_UTIL_HDR_LONG (202 * CHAN_UTIL_PER_USEC)
894#define CHAN_UTIL_HDR_SHORT (40 * CHAN_UTIL_PER_USEC)
895
896
897/* ieee80211_ioctl.c */
898int ieee80211_set_freq(struct ieee80211_local *local, int freq); 856int ieee80211_set_freq(struct ieee80211_local *local, int freq);
899/* ieee80211_sta.c */ 857/* ieee80211_sta.c */
900void ieee80211_sta_timer(unsigned long data); 858void ieee80211_sta_timer(unsigned long data);
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 3c64e42eb12e..984472702381 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -168,7 +168,7 @@ void ieee80211_if_set_type(struct net_device *dev, int type)
168 ifsta->flags |= IEEE80211_STA_CREATE_IBSS | 168 ifsta->flags |= IEEE80211_STA_CREATE_IBSS |
169 IEEE80211_STA_AUTO_BSSID_SEL | 169 IEEE80211_STA_AUTO_BSSID_SEL |
170 IEEE80211_STA_AUTO_CHANNEL_SEL; 170 IEEE80211_STA_AUTO_CHANNEL_SEL;
171 if (sdata->local->hw.queues >= 4) 171 if (ieee80211_num_regular_queues(&sdata->local->hw) >= 4)
172 ifsta->flags |= IEEE80211_STA_WMM_ENABLED; 172 ifsta->flags |= IEEE80211_STA_WMM_ENABLED;
173 173
174 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev); 174 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev);
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index f52c3df1fe9a..a0f774aafa45 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -69,6 +69,13 @@ enum ieee80211_internal_key_flags {
69 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5), 69 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5),
70}; 70};
71 71
72struct tkip_ctx {
73 u32 iv32;
74 u16 iv16;
75 u16 p1k[5];
76 int initialized;
77};
78
72struct ieee80211_key { 79struct ieee80211_key {
73 struct ieee80211_local *local; 80 struct ieee80211_local *local;
74 struct ieee80211_sub_if_data *sdata; 81 struct ieee80211_sub_if_data *sdata;
@@ -85,16 +92,10 @@ struct ieee80211_key {
85 union { 92 union {
86 struct { 93 struct {
87 /* last used TSC */ 94 /* last used TSC */
88 u32 iv32; 95 struct tkip_ctx tx;
89 u16 iv16;
90 u16 p1k[5];
91 int tx_initialized;
92 96
93 /* last received RSC */ 97 /* last received RSC */
94 u32 iv32_rx[NUM_RX_DATA_QUEUES]; 98 struct tkip_ctx rx[NUM_RX_DATA_QUEUES];
95 u16 iv16_rx[NUM_RX_DATA_QUEUES];
96 u16 p1k_rx[NUM_RX_DATA_QUEUES][5];
97 int rx_initialized[NUM_RX_DATA_QUEUES];
98 } tkip; 99 } tkip;
99 struct { 100 struct {
100 u8 tx_pn[6]; 101 u8 tx_pn[6];
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 36016363d225..f79f6b9938a6 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -35,8 +35,6 @@
35#include "debugfs.h" 35#include "debugfs.h"
36#include "debugfs_netdev.h" 36#include "debugfs_netdev.h"
37 37
38#define SUPP_MCS_SET_LEN 16
39
40/* 38/*
41 * For seeing transmitted packets on monitor interfaces 39 * For seeing transmitted packets on monitor interfaces
42 * we have a radiotap header too. 40 * we have a radiotap header too.
@@ -112,7 +110,13 @@ static int ieee80211_master_open(struct net_device *dev)
112 break; 110 break;
113 } 111 }
114 } 112 }
115 return res; 113
114 if (res)
115 return res;
116
117 netif_start_queue(local->mdev);
118
119 return 0;
116} 120}
117 121
118static int ieee80211_master_stop(struct net_device *dev) 122static int ieee80211_master_stop(struct net_device *dev)
@@ -585,8 +589,8 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
585 sta = sta_info_get(local, ra); 589 sta = sta_info_get(local, ra);
586 if (!sta) { 590 if (!sta) {
587 printk(KERN_DEBUG "Could not find the station\n"); 591 printk(KERN_DEBUG "Could not find the station\n");
588 rcu_read_unlock(); 592 ret = -ENOENT;
589 return -ENOENT; 593 goto exit;
590 } 594 }
591 595
592 spin_lock_bh(&sta->lock); 596 spin_lock_bh(&sta->lock);
@@ -594,7 +598,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
594 /* we have tried too many times, receiver does not want A-MPDU */ 598 /* we have tried too many times, receiver does not want A-MPDU */
595 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) { 599 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
596 ret = -EBUSY; 600 ret = -EBUSY;
597 goto start_ba_exit; 601 goto err_unlock_sta;
598 } 602 }
599 603
600 state = &sta->ampdu_mlme.tid_state_tx[tid]; 604 state = &sta->ampdu_mlme.tid_state_tx[tid];
@@ -605,7 +609,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
605 "idle on tid %u\n", tid); 609 "idle on tid %u\n", tid);
606#endif /* CONFIG_MAC80211_HT_DEBUG */ 610#endif /* CONFIG_MAC80211_HT_DEBUG */
607 ret = -EAGAIN; 611 ret = -EAGAIN;
608 goto start_ba_exit; 612 goto err_unlock_sta;
609 } 613 }
610 614
611 /* prepare A-MPDU MLME for Tx aggregation */ 615 /* prepare A-MPDU MLME for Tx aggregation */
@@ -616,7 +620,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
616 printk(KERN_ERR "allocate tx mlme to tid %d failed\n", 620 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
617 tid); 621 tid);
618 ret = -ENOMEM; 622 ret = -ENOMEM;
619 goto start_ba_exit; 623 goto err_unlock_sta;
620 } 624 }
621 /* Tx timer */ 625 /* Tx timer */
622 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function = 626 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
@@ -639,7 +643,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
639 printk(KERN_DEBUG "BA request denied - queue unavailable for" 643 printk(KERN_DEBUG "BA request denied - queue unavailable for"
640 " tid %d\n", tid); 644 " tid %d\n", tid);
641#endif /* CONFIG_MAC80211_HT_DEBUG */ 645#endif /* CONFIG_MAC80211_HT_DEBUG */
642 goto start_ba_err; 646 goto err_unlock_queue;
643 } 647 }
644 sdata = sta->sdata; 648 sdata = sta->sdata;
645 649
@@ -661,12 +665,13 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
661 " tid %d\n", tid); 665 " tid %d\n", tid);
662#endif /* CONFIG_MAC80211_HT_DEBUG */ 666#endif /* CONFIG_MAC80211_HT_DEBUG */
663 *state = HT_AGG_STATE_IDLE; 667 *state = HT_AGG_STATE_IDLE;
664 goto start_ba_err; 668 goto err_unlock_queue;
665 } 669 }
666 670
667 /* Will put all the packets in the new SW queue */ 671 /* Will put all the packets in the new SW queue */
668 ieee80211_requeue(local, ieee802_1d_to_ac[tid]); 672 ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
669 spin_unlock_bh(&local->mdev->queue_lock); 673 spin_unlock_bh(&local->mdev->queue_lock);
674 spin_unlock_bh(&sta->lock);
670 675
671 /* send an addBA request */ 676 /* send an addBA request */
672 sta->ampdu_mlme.dialog_token_allocator++; 677 sta->ampdu_mlme.dialog_token_allocator++;
@@ -674,25 +679,26 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
674 sta->ampdu_mlme.dialog_token_allocator; 679 sta->ampdu_mlme.dialog_token_allocator;
675 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num; 680 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
676 681
682
677 ieee80211_send_addba_request(sta->sdata->dev, ra, tid, 683 ieee80211_send_addba_request(sta->sdata->dev, ra, tid,
678 sta->ampdu_mlme.tid_tx[tid]->dialog_token, 684 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
679 sta->ampdu_mlme.tid_tx[tid]->ssn, 685 sta->ampdu_mlme.tid_tx[tid]->ssn,
680 0x40, 5000); 686 0x40, 5000);
681
682 /* activate the timer for the recipient's addBA response */ 687 /* activate the timer for the recipient's addBA response */
683 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires = 688 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
684 jiffies + ADDBA_RESP_INTERVAL; 689 jiffies + ADDBA_RESP_INTERVAL;
685 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer); 690 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
686 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid); 691 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
687 goto start_ba_exit; 692 goto exit;
688 693
689start_ba_err: 694err_unlock_queue:
690 kfree(sta->ampdu_mlme.tid_tx[tid]); 695 kfree(sta->ampdu_mlme.tid_tx[tid]);
691 sta->ampdu_mlme.tid_tx[tid] = NULL; 696 sta->ampdu_mlme.tid_tx[tid] = NULL;
692 spin_unlock_bh(&local->mdev->queue_lock); 697 spin_unlock_bh(&local->mdev->queue_lock);
693 ret = -EBUSY; 698 ret = -EBUSY;
694start_ba_exit: 699err_unlock_sta:
695 spin_unlock_bh(&sta->lock); 700 spin_unlock_bh(&sta->lock);
701exit:
696 rcu_read_unlock(); 702 rcu_read_unlock();
697 return ret; 703 return ret;
698} 704}
@@ -831,10 +837,11 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
831 } 837 }
832 state = &sta->ampdu_mlme.tid_state_tx[tid]; 838 state = &sta->ampdu_mlme.tid_state_tx[tid];
833 839
834 spin_lock_bh(&sta->lock); 840 /* NOTE: no need to use sta->lock in this state check, as
841 * ieee80211_stop_tx_ba_session will let only
842 * one stop call to pass through per sta/tid */
835 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) { 843 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
836 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n"); 844 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
837 spin_unlock_bh(&sta->lock);
838 rcu_read_unlock(); 845 rcu_read_unlock();
839 return; 846 return;
840 } 847 }
@@ -857,6 +864,7 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
857 * ieee80211_wake_queue is not used here as this queue is not 864 * ieee80211_wake_queue is not used here as this queue is not
858 * necessarily stopped */ 865 * necessarily stopped */
859 netif_schedule(local->mdev); 866 netif_schedule(local->mdev);
867 spin_lock_bh(&sta->lock);
860 *state = HT_AGG_STATE_IDLE; 868 *state = HT_AGG_STATE_IDLE;
861 sta->ampdu_mlme.addba_req_num[tid] = 0; 869 sta->ampdu_mlme.addba_req_num[tid] = 0;
862 kfree(sta->ampdu_mlme.tid_tx[tid]); 870 kfree(sta->ampdu_mlme.tid_tx[tid]);
@@ -967,8 +975,7 @@ void ieee80211_if_setup(struct net_device *dev)
967/* everything else */ 975/* everything else */
968 976
969static int __ieee80211_if_config(struct net_device *dev, 977static int __ieee80211_if_config(struct net_device *dev,
970 struct sk_buff *beacon, 978 struct sk_buff *beacon)
971 struct ieee80211_tx_control *control)
972{ 979{
973 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 980 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
974 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 981 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
@@ -986,13 +993,11 @@ static int __ieee80211_if_config(struct net_device *dev,
986 conf.ssid_len = sdata->u.sta.ssid_len; 993 conf.ssid_len = sdata->u.sta.ssid_len;
987 } else if (ieee80211_vif_is_mesh(&sdata->vif)) { 994 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
988 conf.beacon = beacon; 995 conf.beacon = beacon;
989 conf.beacon_control = control;
990 ieee80211_start_mesh(dev); 996 ieee80211_start_mesh(dev);
991 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) { 997 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
992 conf.ssid = sdata->u.ap.ssid; 998 conf.ssid = sdata->u.ap.ssid;
993 conf.ssid_len = sdata->u.ap.ssid_len; 999 conf.ssid_len = sdata->u.ap.ssid_len;
994 conf.beacon = beacon; 1000 conf.beacon = beacon;
995 conf.beacon_control = control;
996 } 1001 }
997 return local->ops->config_interface(local_to_hw(local), 1002 return local->ops->config_interface(local_to_hw(local),
998 &sdata->vif, &conf); 1003 &sdata->vif, &conf);
@@ -1005,23 +1010,21 @@ int ieee80211_if_config(struct net_device *dev)
1005 if (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT && 1010 if (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT &&
1006 (local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE)) 1011 (local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
1007 return ieee80211_if_config_beacon(dev); 1012 return ieee80211_if_config_beacon(dev);
1008 return __ieee80211_if_config(dev, NULL, NULL); 1013 return __ieee80211_if_config(dev, NULL);
1009} 1014}
1010 1015
1011int ieee80211_if_config_beacon(struct net_device *dev) 1016int ieee80211_if_config_beacon(struct net_device *dev)
1012{ 1017{
1013 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1018 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1014 struct ieee80211_tx_control control;
1015 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1019 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1016 struct sk_buff *skb; 1020 struct sk_buff *skb;
1017 1021
1018 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE)) 1022 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
1019 return 0; 1023 return 0;
1020 skb = ieee80211_beacon_get(local_to_hw(local), &sdata->vif, 1024 skb = ieee80211_beacon_get(local_to_hw(local), &sdata->vif);
1021 &control);
1022 if (!skb) 1025 if (!skb)
1023 return -ENOMEM; 1026 return -ENOMEM;
1024 return __ieee80211_if_config(dev, skb, &control); 1027 return __ieee80211_if_config(dev, skb);
1025} 1028}
1026 1029
1027int ieee80211_hw_config(struct ieee80211_local *local) 1030int ieee80211_hw_config(struct ieee80211_local *local)
@@ -1068,56 +1071,84 @@ u32 ieee80211_handle_ht(struct ieee80211_local *local, int enable_ht,
1068 struct ieee80211_supported_band *sband; 1071 struct ieee80211_supported_band *sband;
1069 struct ieee80211_ht_info ht_conf; 1072 struct ieee80211_ht_info ht_conf;
1070 struct ieee80211_ht_bss_info ht_bss_conf; 1073 struct ieee80211_ht_bss_info ht_bss_conf;
1071 int i;
1072 u32 changed = 0; 1074 u32 changed = 0;
1075 int i;
1076 u8 max_tx_streams = IEEE80211_HT_CAP_MAX_STREAMS;
1077 u8 tx_mcs_set_cap;
1073 1078
1074 sband = local->hw.wiphy->bands[conf->channel->band]; 1079 sband = local->hw.wiphy->bands[conf->channel->band];
1075 1080
1081 memset(&ht_conf, 0, sizeof(struct ieee80211_ht_info));
1082 memset(&ht_bss_conf, 0, sizeof(struct ieee80211_ht_bss_info));
1083
1076 /* HT is not supported */ 1084 /* HT is not supported */
1077 if (!sband->ht_info.ht_supported) { 1085 if (!sband->ht_info.ht_supported) {
1078 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE; 1086 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE;
1079 return 0; 1087 goto out;
1080 } 1088 }
1081 1089
1082 memset(&ht_conf, 0, sizeof(struct ieee80211_ht_info)); 1090 /* disable HT */
1083 memset(&ht_bss_conf, 0, sizeof(struct ieee80211_ht_bss_info)); 1091 if (!enable_ht) {
1084 1092 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE)
1085 if (enable_ht) {
1086 if (!(conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE))
1087 changed |= BSS_CHANGED_HT; 1093 changed |= BSS_CHANGED_HT;
1094 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE;
1095 conf->ht_conf.ht_supported = 0;
1096 goto out;
1097 }
1088 1098
1089 conf->flags |= IEEE80211_CONF_SUPPORT_HT_MODE;
1090 ht_conf.ht_supported = 1;
1091 1099
1092 ht_conf.cap = req_ht_cap->cap & sband->ht_info.cap; 1100 if (!(conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE))
1093 ht_conf.cap &= ~(IEEE80211_HT_CAP_MIMO_PS); 1101 changed |= BSS_CHANGED_HT;
1094 ht_conf.cap |= sband->ht_info.cap & IEEE80211_HT_CAP_MIMO_PS;
1095 1102
1096 for (i = 0; i < SUPP_MCS_SET_LEN; i++) 1103 conf->flags |= IEEE80211_CONF_SUPPORT_HT_MODE;
1097 ht_conf.supp_mcs_set[i] = 1104 ht_conf.ht_supported = 1;
1098 sband->ht_info.supp_mcs_set[i] &
1099 req_ht_cap->supp_mcs_set[i];
1100 1105
1101 ht_bss_conf.primary_channel = req_bss_cap->primary_channel; 1106 ht_conf.cap = req_ht_cap->cap & sband->ht_info.cap;
1102 ht_bss_conf.bss_cap = req_bss_cap->bss_cap; 1107 ht_conf.cap &= ~(IEEE80211_HT_CAP_MIMO_PS);
1103 ht_bss_conf.bss_op_mode = req_bss_cap->bss_op_mode; 1108 ht_conf.cap |= sband->ht_info.cap & IEEE80211_HT_CAP_MIMO_PS;
1109 ht_bss_conf.primary_channel = req_bss_cap->primary_channel;
1110 ht_bss_conf.bss_cap = req_bss_cap->bss_cap;
1111 ht_bss_conf.bss_op_mode = req_bss_cap->bss_op_mode;
1104 1112
1105 ht_conf.ampdu_factor = req_ht_cap->ampdu_factor; 1113 ht_conf.ampdu_factor = req_ht_cap->ampdu_factor;
1106 ht_conf.ampdu_density = req_ht_cap->ampdu_density; 1114 ht_conf.ampdu_density = req_ht_cap->ampdu_density;
1107 1115
1108 /* if bss configuration changed store the new one */ 1116 /* Bits 96-100 */
1109 if (memcmp(&conf->ht_conf, &ht_conf, sizeof(ht_conf)) || 1117 tx_mcs_set_cap = sband->ht_info.supp_mcs_set[12];
1110 memcmp(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf))) { 1118
1111 changed |= BSS_CHANGED_HT; 1119 /* configure suppoerted Tx MCS according to requested MCS
1112 memcpy(&conf->ht_conf, &ht_conf, sizeof(ht_conf)); 1120 * (based in most cases on Rx capabilities of peer) and self
1113 memcpy(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf)); 1121 * Tx MCS capabilities (as defined by low level driver HW
1114 } 1122 * Tx capabilities) */
1115 } else { 1123 if (!(tx_mcs_set_cap & IEEE80211_HT_CAP_MCS_TX_DEFINED))
1116 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) 1124 goto check_changed;
1117 changed |= BSS_CHANGED_HT; 1125
1118 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE; 1126 /* Counting from 0 therfore + 1 */
1119 } 1127 if (tx_mcs_set_cap & IEEE80211_HT_CAP_MCS_TX_RX_DIFF)
1128 max_tx_streams = ((tx_mcs_set_cap &
1129 IEEE80211_HT_CAP_MCS_TX_STREAMS) >> 2) + 1;
1130
1131 for (i = 0; i < max_tx_streams; i++)
1132 ht_conf.supp_mcs_set[i] =
1133 sband->ht_info.supp_mcs_set[i] &
1134 req_ht_cap->supp_mcs_set[i];
1135
1136 if (tx_mcs_set_cap & IEEE80211_HT_CAP_MCS_TX_UEQM)
1137 for (i = IEEE80211_SUPP_MCS_SET_UEQM;
1138 i < IEEE80211_SUPP_MCS_SET_LEN; i++)
1139 ht_conf.supp_mcs_set[i] =
1140 sband->ht_info.supp_mcs_set[i] &
1141 req_ht_cap->supp_mcs_set[i];
1120 1142
1143check_changed:
1144 /* if bss configuration changed store the new one */
1145 if (memcmp(&conf->ht_conf, &ht_conf, sizeof(ht_conf)) ||
1146 memcmp(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf))) {
1147 changed |= BSS_CHANGED_HT;
1148 memcpy(&conf->ht_conf, &ht_conf, sizeof(ht_conf));
1149 memcpy(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf));
1150 }
1151out:
1121 return changed; 1152 return changed;
1122} 1153}
1123 1154
@@ -1148,38 +1179,20 @@ void ieee80211_reset_erp_info(struct net_device *dev)
1148} 1179}
1149 1180
1150void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw, 1181void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
1151 struct sk_buff *skb, 1182 struct sk_buff *skb)
1152 struct ieee80211_tx_status *status)
1153{ 1183{
1154 struct ieee80211_local *local = hw_to_local(hw); 1184 struct ieee80211_local *local = hw_to_local(hw);
1155 struct ieee80211_tx_status *saved; 1185 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1156 int tmp; 1186 int tmp;
1157 1187
1158 skb->dev = local->mdev; 1188 skb->dev = local->mdev;
1159 saved = kmalloc(sizeof(struct ieee80211_tx_status), GFP_ATOMIC);
1160 if (unlikely(!saved)) {
1161 if (net_ratelimit())
1162 printk(KERN_WARNING "%s: Not enough memory, "
1163 "dropping tx status", skb->dev->name);
1164 /* should be dev_kfree_skb_irq, but due to this function being
1165 * named _irqsafe instead of just _irq we can't be sure that
1166 * people won't call it from non-irq contexts */
1167 dev_kfree_skb_any(skb);
1168 return;
1169 }
1170 memcpy(saved, status, sizeof(struct ieee80211_tx_status));
1171 /* copy pointer to saved status into skb->cb for use by tasklet */
1172 memcpy(skb->cb, &saved, sizeof(saved));
1173
1174 skb->pkt_type = IEEE80211_TX_STATUS_MSG; 1189 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
1175 skb_queue_tail(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS ? 1190 skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ?
1176 &local->skb_queue : &local->skb_queue_unreliable, skb); 1191 &local->skb_queue : &local->skb_queue_unreliable, skb);
1177 tmp = skb_queue_len(&local->skb_queue) + 1192 tmp = skb_queue_len(&local->skb_queue) +
1178 skb_queue_len(&local->skb_queue_unreliable); 1193 skb_queue_len(&local->skb_queue_unreliable);
1179 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT && 1194 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
1180 (skb = skb_dequeue(&local->skb_queue_unreliable))) { 1195 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
1181 memcpy(&saved, skb->cb, sizeof(saved));
1182 kfree(saved);
1183 dev_kfree_skb_irq(skb); 1196 dev_kfree_skb_irq(skb);
1184 tmp--; 1197 tmp--;
1185 I802_DEBUG_INC(local->tx_status_drop); 1198 I802_DEBUG_INC(local->tx_status_drop);
@@ -1193,7 +1206,6 @@ static void ieee80211_tasklet_handler(unsigned long data)
1193 struct ieee80211_local *local = (struct ieee80211_local *) data; 1206 struct ieee80211_local *local = (struct ieee80211_local *) data;
1194 struct sk_buff *skb; 1207 struct sk_buff *skb;
1195 struct ieee80211_rx_status rx_status; 1208 struct ieee80211_rx_status rx_status;
1196 struct ieee80211_tx_status *tx_status;
1197 struct ieee80211_ra_tid *ra_tid; 1209 struct ieee80211_ra_tid *ra_tid;
1198 1210
1199 while ((skb = skb_dequeue(&local->skb_queue)) || 1211 while ((skb = skb_dequeue(&local->skb_queue)) ||
@@ -1208,12 +1220,8 @@ static void ieee80211_tasklet_handler(unsigned long data)
1208 __ieee80211_rx(local_to_hw(local), skb, &rx_status); 1220 __ieee80211_rx(local_to_hw(local), skb, &rx_status);
1209 break; 1221 break;
1210 case IEEE80211_TX_STATUS_MSG: 1222 case IEEE80211_TX_STATUS_MSG:
1211 /* get pointer to saved status out of skb->cb */
1212 memcpy(&tx_status, skb->cb, sizeof(tx_status));
1213 skb->pkt_type = 0; 1223 skb->pkt_type = 0;
1214 ieee80211_tx_status(local_to_hw(local), 1224 ieee80211_tx_status(local_to_hw(local), skb);
1215 skb, tx_status);
1216 kfree(tx_status);
1217 break; 1225 break;
1218 case IEEE80211_DELBA_MSG: 1226 case IEEE80211_DELBA_MSG:
1219 ra_tid = (struct ieee80211_ra_tid *) &skb->cb; 1227 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
@@ -1242,24 +1250,15 @@ static void ieee80211_tasklet_handler(unsigned long data)
1242 * Also, tx_packet_data in cb is restored from tx_control. */ 1250 * Also, tx_packet_data in cb is restored from tx_control. */
1243static void ieee80211_remove_tx_extra(struct ieee80211_local *local, 1251static void ieee80211_remove_tx_extra(struct ieee80211_local *local,
1244 struct ieee80211_key *key, 1252 struct ieee80211_key *key,
1245 struct sk_buff *skb, 1253 struct sk_buff *skb)
1246 struct ieee80211_tx_control *control)
1247{ 1254{
1248 int hdrlen, iv_len, mic_len; 1255 int hdrlen, iv_len, mic_len;
1249 struct ieee80211_tx_packet_data *pkt_data; 1256 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1250 1257
1251 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; 1258 info->flags &= IEEE80211_TX_CTL_REQ_TX_STATUS |
1252 pkt_data->ifindex = vif_to_sdata(control->vif)->dev->ifindex; 1259 IEEE80211_TX_CTL_DO_NOT_ENCRYPT |
1253 pkt_data->flags = 0; 1260 IEEE80211_TX_CTL_REQUEUE |
1254 if (control->flags & IEEE80211_TXCTL_REQ_TX_STATUS) 1261 IEEE80211_TX_CTL_EAPOL_FRAME;
1255 pkt_data->flags |= IEEE80211_TXPD_REQ_TX_STATUS;
1256 if (control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT)
1257 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT;
1258 if (control->flags & IEEE80211_TXCTL_REQUEUE)
1259 pkt_data->flags |= IEEE80211_TXPD_REQUEUE;
1260 if (control->flags & IEEE80211_TXCTL_EAPOL_FRAME)
1261 pkt_data->flags |= IEEE80211_TXPD_EAPOL_FRAME;
1262 pkt_data->queue = control->queue;
1263 1262
1264 hdrlen = ieee80211_get_hdrlen_from_skb(skb); 1263 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
1265 1264
@@ -1306,9 +1305,10 @@ no_key:
1306 1305
1307static void ieee80211_handle_filtered_frame(struct ieee80211_local *local, 1306static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1308 struct sta_info *sta, 1307 struct sta_info *sta,
1309 struct sk_buff *skb, 1308 struct sk_buff *skb)
1310 struct ieee80211_tx_status *status)
1311{ 1309{
1310 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1311
1312 sta->tx_filtered_count++; 1312 sta->tx_filtered_count++;
1313 1313
1314 /* 1314 /*
@@ -1350,18 +1350,16 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1350 */ 1350 */
1351 if (test_sta_flags(sta, WLAN_STA_PS) && 1351 if (test_sta_flags(sta, WLAN_STA_PS) &&
1352 skb_queue_len(&sta->tx_filtered) < STA_MAX_TX_BUFFER) { 1352 skb_queue_len(&sta->tx_filtered) < STA_MAX_TX_BUFFER) {
1353 ieee80211_remove_tx_extra(local, sta->key, skb, 1353 ieee80211_remove_tx_extra(local, sta->key, skb);
1354 &status->control);
1355 skb_queue_tail(&sta->tx_filtered, skb); 1354 skb_queue_tail(&sta->tx_filtered, skb);
1356 return; 1355 return;
1357 } 1356 }
1358 1357
1359 if (!test_sta_flags(sta, WLAN_STA_PS) && 1358 if (!test_sta_flags(sta, WLAN_STA_PS) &&
1360 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) { 1359 !(info->flags & IEEE80211_TX_CTL_REQUEUE)) {
1361 /* Software retry the packet once */ 1360 /* Software retry the packet once */
1362 status->control.flags |= IEEE80211_TXCTL_REQUEUE; 1361 info->flags |= IEEE80211_TX_CTL_REQUEUE;
1363 ieee80211_remove_tx_extra(local, sta->key, skb, 1362 ieee80211_remove_tx_extra(local, sta->key, skb);
1364 &status->control);
1365 dev_queue_xmit(skb); 1363 dev_queue_xmit(skb);
1366 return; 1364 return;
1367 } 1365 }
@@ -1375,28 +1373,20 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1375 dev_kfree_skb(skb); 1373 dev_kfree_skb(skb);
1376} 1374}
1377 1375
1378void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb, 1376void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
1379 struct ieee80211_tx_status *status)
1380{ 1377{
1381 struct sk_buff *skb2; 1378 struct sk_buff *skb2;
1382 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1379 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1383 struct ieee80211_local *local = hw_to_local(hw); 1380 struct ieee80211_local *local = hw_to_local(hw);
1381 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1384 u16 frag, type; 1382 u16 frag, type;
1385 struct ieee80211_tx_status_rtap_hdr *rthdr; 1383 struct ieee80211_tx_status_rtap_hdr *rthdr;
1386 struct ieee80211_sub_if_data *sdata; 1384 struct ieee80211_sub_if_data *sdata;
1387 struct net_device *prev_dev = NULL; 1385 struct net_device *prev_dev = NULL;
1388 1386
1389 if (!status) {
1390 printk(KERN_ERR
1391 "%s: ieee80211_tx_status called with NULL status\n",
1392 wiphy_name(local->hw.wiphy));
1393 dev_kfree_skb(skb);
1394 return;
1395 }
1396
1397 rcu_read_lock(); 1387 rcu_read_lock();
1398 1388
1399 if (status->excessive_retries) { 1389 if (info->status.excessive_retries) {
1400 struct sta_info *sta; 1390 struct sta_info *sta;
1401 sta = sta_info_get(local, hdr->addr1); 1391 sta = sta_info_get(local, hdr->addr1);
1402 if (sta) { 1392 if (sta) {
@@ -1405,27 +1395,23 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1405 * The STA is in power save mode, so assume 1395 * The STA is in power save mode, so assume
1406 * that this TX packet failed because of that. 1396 * that this TX packet failed because of that.
1407 */ 1397 */
1408 status->excessive_retries = 0; 1398 ieee80211_handle_filtered_frame(local, sta, skb);
1409 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
1410 ieee80211_handle_filtered_frame(local, sta,
1411 skb, status);
1412 rcu_read_unlock(); 1399 rcu_read_unlock();
1413 return; 1400 return;
1414 } 1401 }
1415 } 1402 }
1416 } 1403 }
1417 1404
1418 if (status->flags & IEEE80211_TX_STATUS_TX_FILTERED) { 1405 if (info->flags & IEEE80211_TX_STAT_TX_FILTERED) {
1419 struct sta_info *sta; 1406 struct sta_info *sta;
1420 sta = sta_info_get(local, hdr->addr1); 1407 sta = sta_info_get(local, hdr->addr1);
1421 if (sta) { 1408 if (sta) {
1422 ieee80211_handle_filtered_frame(local, sta, skb, 1409 ieee80211_handle_filtered_frame(local, sta, skb);
1423 status);
1424 rcu_read_unlock(); 1410 rcu_read_unlock();
1425 return; 1411 return;
1426 } 1412 }
1427 } else 1413 } else
1428 rate_control_tx_status(local->mdev, skb, status); 1414 rate_control_tx_status(local->mdev, skb);
1429 1415
1430 rcu_read_unlock(); 1416 rcu_read_unlock();
1431 1417
@@ -1439,14 +1425,14 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1439 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG; 1425 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
1440 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE; 1426 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
1441 1427
1442 if (status->flags & IEEE80211_TX_STATUS_ACK) { 1428 if (info->flags & IEEE80211_TX_STAT_ACK) {
1443 if (frag == 0) { 1429 if (frag == 0) {
1444 local->dot11TransmittedFrameCount++; 1430 local->dot11TransmittedFrameCount++;
1445 if (is_multicast_ether_addr(hdr->addr1)) 1431 if (is_multicast_ether_addr(hdr->addr1))
1446 local->dot11MulticastTransmittedFrameCount++; 1432 local->dot11MulticastTransmittedFrameCount++;
1447 if (status->retry_count > 0) 1433 if (info->status.retry_count > 0)
1448 local->dot11RetryCount++; 1434 local->dot11RetryCount++;
1449 if (status->retry_count > 1) 1435 if (info->status.retry_count > 1)
1450 local->dot11MultipleRetryCount++; 1436 local->dot11MultipleRetryCount++;
1451 } 1437 }
1452 1438
@@ -1492,17 +1478,17 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1492 cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) | 1478 cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) |
1493 (1 << IEEE80211_RADIOTAP_DATA_RETRIES)); 1479 (1 << IEEE80211_RADIOTAP_DATA_RETRIES));
1494 1480
1495 if (!(status->flags & IEEE80211_TX_STATUS_ACK) && 1481 if (!(info->flags & IEEE80211_TX_STAT_ACK) &&
1496 !is_multicast_ether_addr(hdr->addr1)) 1482 !is_multicast_ether_addr(hdr->addr1))
1497 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_FAIL); 1483 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_FAIL);
1498 1484
1499 if ((status->control.flags & IEEE80211_TXCTL_USE_RTS_CTS) && 1485 if ((info->flags & IEEE80211_TX_CTL_USE_RTS_CTS) &&
1500 (status->control.flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) 1486 (info->flags & IEEE80211_TX_CTL_USE_CTS_PROTECT))
1501 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_CTS); 1487 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_CTS);
1502 else if (status->control.flags & IEEE80211_TXCTL_USE_RTS_CTS) 1488 else if (info->flags & IEEE80211_TX_CTL_USE_RTS_CTS)
1503 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_RTS); 1489 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_RTS);
1504 1490
1505 rthdr->data_retries = status->retry_count; 1491 rthdr->data_retries = info->status.retry_count;
1506 1492
1507 /* XXX: is this sufficient for BPF? */ 1493 /* XXX: is this sufficient for BPF? */
1508 skb_set_mac_header(skb, 0); 1494 skb_set_mac_header(skb, 0);
@@ -1652,12 +1638,32 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1652 if (result < 0) 1638 if (result < 0)
1653 return result; 1639 return result;
1654 1640
1641 /*
1642 * We use the number of queues for feature tests (QoS, HT) internally
1643 * so restrict them appropriately.
1644 */
1645#ifdef CONFIG_MAC80211_QOS
1646 if (hw->queues > IEEE80211_MAX_QUEUES)
1647 hw->queues = IEEE80211_MAX_QUEUES;
1648 if (hw->ampdu_queues > IEEE80211_MAX_AMPDU_QUEUES)
1649 hw->ampdu_queues = IEEE80211_MAX_AMPDU_QUEUES;
1650 if (hw->queues < 4)
1651 hw->ampdu_queues = 0;
1652#else
1653 hw->queues = 1;
1654 hw->ampdu_queues = 0;
1655#endif
1656
1655 /* for now, mdev needs sub_if_data :/ */ 1657 /* for now, mdev needs sub_if_data :/ */
1656 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data), 1658 mdev = alloc_netdev_mq(sizeof(struct ieee80211_sub_if_data),
1657 "wmaster%d", ether_setup); 1659 "wmaster%d", ether_setup,
1660 ieee80211_num_queues(hw));
1658 if (!mdev) 1661 if (!mdev)
1659 goto fail_mdev_alloc; 1662 goto fail_mdev_alloc;
1660 1663
1664 if (ieee80211_num_queues(hw) > 1)
1665 mdev->features |= NETIF_F_MULTI_QUEUE;
1666
1661 sdata = IEEE80211_DEV_TO_SUB_IF(mdev); 1667 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
1662 mdev->ieee80211_ptr = &sdata->wdev; 1668 mdev->ieee80211_ptr = &sdata->wdev;
1663 sdata->wdev.wiphy = local->hw.wiphy; 1669 sdata->wdev.wiphy = local->hw.wiphy;
@@ -1746,11 +1752,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1746 goto fail_wep; 1752 goto fail_wep;
1747 } 1753 }
1748 1754
1749 if (hw->queues > IEEE80211_MAX_QUEUES)
1750 hw->queues = IEEE80211_MAX_QUEUES;
1751 if (hw->ampdu_queues > IEEE80211_MAX_AMPDU_QUEUES)
1752 hw->ampdu_queues = IEEE80211_MAX_AMPDU_QUEUES;
1753
1754 ieee80211_install_qdisc(local->mdev); 1755 ieee80211_install_qdisc(local->mdev);
1755 1756
1756 /* add one default STA interface */ 1757 /* add one default STA interface */
@@ -1863,7 +1864,9 @@ static int __init ieee80211_init(void)
1863 struct sk_buff *skb; 1864 struct sk_buff *skb;
1864 int ret; 1865 int ret;
1865 1866
1866 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb)); 1867 BUILD_BUG_ON(sizeof(struct ieee80211_tx_info) > sizeof(skb->cb));
1868 BUILD_BUG_ON(offsetof(struct ieee80211_tx_info, driver_data) +
1869 IEEE80211_TX_INFO_DRIVER_DATA_SIZE > sizeof(skb->cb));
1867 1870
1868 ret = rc80211_pid_init(); 1871 ret = rc80211_pid_init();
1869 if (ret) 1872 if (ret)
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 697ef67f96b6..b5933b271491 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -315,6 +315,13 @@ struct mesh_table *mesh_table_alloc(int size_order)
315 return newtbl; 315 return newtbl;
316} 316}
317 317
318static void __mesh_table_free(struct mesh_table *tbl)
319{
320 kfree(tbl->hash_buckets);
321 kfree(tbl->hashwlock);
322 kfree(tbl);
323}
324
318void mesh_table_free(struct mesh_table *tbl, bool free_leafs) 325void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
319{ 326{
320 struct hlist_head *mesh_hash; 327 struct hlist_head *mesh_hash;
@@ -330,9 +337,7 @@ void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
330 } 337 }
331 spin_unlock(&tbl->hashwlock[i]); 338 spin_unlock(&tbl->hashwlock[i]);
332 } 339 }
333 kfree(tbl->hash_buckets); 340 __mesh_table_free(tbl);
334 kfree(tbl->hashwlock);
335 kfree(tbl);
336} 341}
337 342
338static void ieee80211_mesh_path_timer(unsigned long data) 343static void ieee80211_mesh_path_timer(unsigned long data)
@@ -349,21 +354,16 @@ struct mesh_table *mesh_table_grow(struct mesh_table *tbl)
349{ 354{
350 struct mesh_table *newtbl; 355 struct mesh_table *newtbl;
351 struct hlist_head *oldhash; 356 struct hlist_head *oldhash;
352 struct hlist_node *p; 357 struct hlist_node *p, *q;
353 int err = 0;
354 int i; 358 int i;
355 359
356 if (atomic_read(&tbl->entries) 360 if (atomic_read(&tbl->entries)
357 < tbl->mean_chain_len * (tbl->hash_mask + 1)) { 361 < tbl->mean_chain_len * (tbl->hash_mask + 1))
358 err = -EPERM;
359 goto endgrow; 362 goto endgrow;
360 }
361 363
362 newtbl = mesh_table_alloc(tbl->size_order + 1); 364 newtbl = mesh_table_alloc(tbl->size_order + 1);
363 if (!newtbl) { 365 if (!newtbl)
364 err = -ENOMEM;
365 goto endgrow; 366 goto endgrow;
366 }
367 367
368 newtbl->free_node = tbl->free_node; 368 newtbl->free_node = tbl->free_node;
369 newtbl->mean_chain_len = tbl->mean_chain_len; 369 newtbl->mean_chain_len = tbl->mean_chain_len;
@@ -373,13 +373,19 @@ struct mesh_table *mesh_table_grow(struct mesh_table *tbl)
373 oldhash = tbl->hash_buckets; 373 oldhash = tbl->hash_buckets;
374 for (i = 0; i <= tbl->hash_mask; i++) 374 for (i = 0; i <= tbl->hash_mask; i++)
375 hlist_for_each(p, &oldhash[i]) 375 hlist_for_each(p, &oldhash[i])
376 tbl->copy_node(p, newtbl); 376 if (tbl->copy_node(p, newtbl) < 0)
377 goto errcopy;
377 378
379 return newtbl;
380
381errcopy:
382 for (i = 0; i <= newtbl->hash_mask; i++) {
383 hlist_for_each_safe(p, q, &newtbl->hash_buckets[i])
384 tbl->free_node(p, 0);
385 }
386 __mesh_table_free(tbl);
378endgrow: 387endgrow:
379 if (err) 388 return NULL;
380 return NULL;
381 else
382 return newtbl;
383} 389}
384 390
385/** 391/**
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index 2e161f6d8288..669eafafe497 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -109,7 +109,7 @@ struct mesh_table {
109 __u32 hash_rnd; /* Used for hash generation */ 109 __u32 hash_rnd; /* Used for hash generation */
110 atomic_t entries; /* Up to MAX_MESH_NEIGHBOURS */ 110 atomic_t entries; /* Up to MAX_MESH_NEIGHBOURS */
111 void (*free_node) (struct hlist_node *p, bool free_leafs); 111 void (*free_node) (struct hlist_node *p, bool free_leafs);
112 void (*copy_node) (struct hlist_node *p, struct mesh_table *newtbl); 112 int (*copy_node) (struct hlist_node *p, struct mesh_table *newtbl);
113 int size_order; 113 int size_order;
114 int mean_chain_len; 114 int mean_chain_len;
115}; 115};
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
index 99c2d360888e..947b13b40726 100644
--- a/net/mac80211/mesh_pathtbl.c
+++ b/net/mac80211/mesh_pathtbl.c
@@ -158,19 +158,14 @@ int mesh_path_add(u8 *dst, struct net_device *dev)
158 if (atomic_add_unless(&sdata->u.sta.mpaths, 1, MESH_MAX_MPATHS) == 0) 158 if (atomic_add_unless(&sdata->u.sta.mpaths, 1, MESH_MAX_MPATHS) == 0)
159 return -ENOSPC; 159 return -ENOSPC;
160 160
161 err = -ENOMEM;
161 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL); 162 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL);
162 if (!new_mpath) { 163 if (!new_mpath)
163 atomic_dec(&sdata->u.sta.mpaths); 164 goto err_path_alloc;
164 err = -ENOMEM; 165
165 goto endadd2;
166 }
167 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL); 166 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
168 if (!new_node) { 167 if (!new_node)
169 kfree(new_mpath); 168 goto err_node_alloc;
170 atomic_dec(&sdata->u.sta.mpaths);
171 err = -ENOMEM;
172 goto endadd2;
173 }
174 169
175 read_lock(&pathtbl_resize_lock); 170 read_lock(&pathtbl_resize_lock);
176 memcpy(new_mpath->dst, dst, ETH_ALEN); 171 memcpy(new_mpath->dst, dst, ETH_ALEN);
@@ -189,16 +184,11 @@ int mesh_path_add(u8 *dst, struct net_device *dev)
189 184
190 spin_lock(&mesh_paths->hashwlock[hash_idx]); 185 spin_lock(&mesh_paths->hashwlock[hash_idx]);
191 186
187 err = -EEXIST;
192 hlist_for_each_entry(node, n, bucket, list) { 188 hlist_for_each_entry(node, n, bucket, list) {
193 mpath = node->mpath; 189 mpath = node->mpath;
194 if (mpath->dev == dev && memcmp(dst, mpath->dst, ETH_ALEN) 190 if (mpath->dev == dev && memcmp(dst, mpath->dst, ETH_ALEN) == 0)
195 == 0) { 191 goto err_exists;
196 err = -EEXIST;
197 atomic_dec(&sdata->u.sta.mpaths);
198 kfree(new_node);
199 kfree(new_mpath);
200 goto endadd;
201 }
202 } 192 }
203 193
204 hlist_add_head_rcu(&new_node->list, bucket); 194 hlist_add_head_rcu(&new_node->list, bucket);
@@ -206,10 +196,9 @@ int mesh_path_add(u8 *dst, struct net_device *dev)
206 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1)) 196 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1))
207 grow = 1; 197 grow = 1;
208 198
209endadd:
210 spin_unlock(&mesh_paths->hashwlock[hash_idx]); 199 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
211 read_unlock(&pathtbl_resize_lock); 200 read_unlock(&pathtbl_resize_lock);
212 if (!err && grow) { 201 if (grow) {
213 struct mesh_table *oldtbl, *newtbl; 202 struct mesh_table *oldtbl, *newtbl;
214 203
215 write_lock(&pathtbl_resize_lock); 204 write_lock(&pathtbl_resize_lock);
@@ -217,7 +206,7 @@ endadd:
217 newtbl = mesh_table_grow(mesh_paths); 206 newtbl = mesh_table_grow(mesh_paths);
218 if (!newtbl) { 207 if (!newtbl) {
219 write_unlock(&pathtbl_resize_lock); 208 write_unlock(&pathtbl_resize_lock);
220 return -ENOMEM; 209 return 0;
221 } 210 }
222 rcu_assign_pointer(mesh_paths, newtbl); 211 rcu_assign_pointer(mesh_paths, newtbl);
223 write_unlock(&pathtbl_resize_lock); 212 write_unlock(&pathtbl_resize_lock);
@@ -225,7 +214,16 @@ endadd:
225 synchronize_rcu(); 214 synchronize_rcu();
226 mesh_table_free(oldtbl, false); 215 mesh_table_free(oldtbl, false);
227 } 216 }
228endadd2: 217 return 0;
218
219err_exists:
220 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
221 read_unlock(&pathtbl_resize_lock);
222 kfree(new_node);
223err_node_alloc:
224 kfree(new_mpath);
225err_path_alloc:
226 atomic_dec(&sdata->u.sta.mpaths);
229 return err; 227 return err;
230} 228}
231 229
@@ -460,25 +458,28 @@ static void mesh_path_node_free(struct hlist_node *p, bool free_leafs)
460 struct mpath_node *node = hlist_entry(p, struct mpath_node, list); 458 struct mpath_node *node = hlist_entry(p, struct mpath_node, list);
461 mpath = node->mpath; 459 mpath = node->mpath;
462 hlist_del_rcu(p); 460 hlist_del_rcu(p);
463 synchronize_rcu();
464 if (free_leafs) 461 if (free_leafs)
465 kfree(mpath); 462 kfree(mpath);
466 kfree(node); 463 kfree(node);
467} 464}
468 465
469static void mesh_path_node_copy(struct hlist_node *p, struct mesh_table *newtbl) 466static int mesh_path_node_copy(struct hlist_node *p, struct mesh_table *newtbl)
470{ 467{
471 struct mesh_path *mpath; 468 struct mesh_path *mpath;
472 struct mpath_node *node, *new_node; 469 struct mpath_node *node, *new_node;
473 u32 hash_idx; 470 u32 hash_idx;
474 471
472 new_node = kmalloc(sizeof(struct mpath_node), GFP_ATOMIC);
473 if (new_node == NULL)
474 return -ENOMEM;
475
475 node = hlist_entry(p, struct mpath_node, list); 476 node = hlist_entry(p, struct mpath_node, list);
476 mpath = node->mpath; 477 mpath = node->mpath;
477 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
478 new_node->mpath = mpath; 478 new_node->mpath = mpath;
479 hash_idx = mesh_table_hash(mpath->dst, mpath->dev, newtbl); 479 hash_idx = mesh_table_hash(mpath->dst, mpath->dev, newtbl);
480 hlist_add_head(&new_node->list, 480 hlist_add_head(&new_node->list,
481 &newtbl->hash_buckets[hash_idx]); 481 &newtbl->hash_buckets[hash_idx]);
482 return 0;
482} 483}
483 484
484int mesh_pathtbl_init(void) 485int mesh_pathtbl_init(void)
diff --git a/net/mac80211/michael.c b/net/mac80211/michael.c
index 0f844f7895f1..1fcdf38cf60c 100644
--- a/net/mac80211/michael.c
+++ b/net/mac80211/michael.c
@@ -6,85 +6,58 @@
6 * it under the terms of the GNU General Public License version 2 as 6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 */ 8 */
9
10#include <linux/types.h> 9#include <linux/types.h>
10#include <linux/bitops.h>
11#include <asm/unaligned.h>
11 12
12#include "michael.h" 13#include "michael.h"
13 14
14static inline u32 rotr(u32 val, int bits) 15static void michael_block(struct michael_mic_ctx *mctx, u32 val)
15{
16 return (val >> bits) | (val << (32 - bits));
17}
18
19
20static inline u32 rotl(u32 val, int bits)
21{
22 return (val << bits) | (val >> (32 - bits));
23}
24
25
26static inline u32 xswap(u32 val)
27{
28 return ((val & 0xff00ff00) >> 8) | ((val & 0x00ff00ff) << 8);
29}
30
31
32#define michael_block(l, r) \
33do { \
34 r ^= rotl(l, 17); \
35 l += r; \
36 r ^= xswap(l); \
37 l += r; \
38 r ^= rotl(l, 3); \
39 l += r; \
40 r ^= rotr(l, 2); \
41 l += r; \
42} while (0)
43
44
45static inline u32 michael_get32(u8 *data)
46{ 16{
47 return data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24); 17 mctx->l ^= val;
18 mctx->r ^= rol32(mctx->l, 17);
19 mctx->l += mctx->r;
20 mctx->r ^= ((mctx->l & 0xff00ff00) >> 8) |
21 ((mctx->l & 0x00ff00ff) << 8);
22 mctx->l += mctx->r;
23 mctx->r ^= rol32(mctx->l, 3);
24 mctx->l += mctx->r;
25 mctx->r ^= ror32(mctx->l, 2);
26 mctx->l += mctx->r;
48} 27}
49 28
50 29static void michael_mic_hdr(struct michael_mic_ctx *mctx,
51static inline void michael_put32(u32 val, u8 *data) 30 const u8 *key, const u8 *da, const u8 *sa, u8 priority)
52{ 31{
53 data[0] = val & 0xff; 32 mctx->l = get_unaligned_le32(key);
54 data[1] = (val >> 8) & 0xff; 33 mctx->r = get_unaligned_le32(key + 4);
55 data[2] = (val >> 16) & 0xff; 34
56 data[3] = (val >> 24) & 0xff; 35 /*
36 * A pseudo header (DA, SA, Priority, 0, 0, 0) is used in Michael MIC
37 * calculation, but it is _not_ transmitted
38 */
39 michael_block(mctx, get_unaligned_le32(da));
40 michael_block(mctx, get_unaligned_le16(&da[4]) |
41 (get_unaligned_le16(sa) << 16));
42 michael_block(mctx, get_unaligned_le32(&sa[2]));
43 michael_block(mctx, priority);
57} 44}
58 45
59 46void michael_mic(const u8 *key, const u8 *da, const u8 *sa, u8 priority,
60void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority, 47 const u8 *data, size_t data_len, u8 *mic)
61 u8 *data, size_t data_len, u8 *mic)
62{ 48{
63 u32 l, r, val; 49 u32 val;
64 size_t block, blocks, left; 50 size_t block, blocks, left;
51 struct michael_mic_ctx mctx;
65 52
66 l = michael_get32(key); 53 michael_mic_hdr(&mctx, key, da, sa, priority);
67 r = michael_get32(key + 4);
68
69 /* A pseudo header (DA, SA, Priority, 0, 0, 0) is used in Michael MIC
70 * calculation, but it is _not_ transmitted */
71 l ^= michael_get32(da);
72 michael_block(l, r);
73 l ^= da[4] | (da[5] << 8) | (sa[0] << 16) | (sa[1] << 24);
74 michael_block(l, r);
75 l ^= michael_get32(&sa[2]);
76 michael_block(l, r);
77 l ^= priority;
78 michael_block(l, r);
79 54
80 /* Real data */ 55 /* Real data */
81 blocks = data_len / 4; 56 blocks = data_len / 4;
82 left = data_len % 4; 57 left = data_len % 4;
83 58
84 for (block = 0; block < blocks; block++) { 59 for (block = 0; block < blocks; block++)
85 l ^= michael_get32(&data[block * 4]); 60 michael_block(&mctx, get_unaligned_le32(&data[block * 4]));
86 michael_block(l, r);
87 }
88 61
89 /* Partial block of 0..3 bytes and padding: 0x5a + 4..7 zeros to make 62 /* Partial block of 0..3 bytes and padding: 0x5a + 4..7 zeros to make
90 * total length a multiple of 4. */ 63 * total length a multiple of 4. */
@@ -94,11 +67,10 @@ void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority,
94 left--; 67 left--;
95 val |= data[blocks * 4 + left]; 68 val |= data[blocks * 4 + left];
96 } 69 }
97 l ^= val;
98 michael_block(l, r);
99 /* last block is zero, so l ^ 0 = l */
100 michael_block(l, r);
101 70
102 michael_put32(l, mic); 71 michael_block(&mctx, val);
103 michael_put32(r, mic + 4); 72 michael_block(&mctx, 0);
73
74 put_unaligned_le32(mctx.l, mic);
75 put_unaligned_le32(mctx.r, mic + 4);
104} 76}
diff --git a/net/mac80211/michael.h b/net/mac80211/michael.h
index 2e6aebabeea1..69b4501f13ba 100644
--- a/net/mac80211/michael.h
+++ b/net/mac80211/michael.h
@@ -14,7 +14,11 @@
14 14
15#define MICHAEL_MIC_LEN 8 15#define MICHAEL_MIC_LEN 8
16 16
17void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority, 17struct michael_mic_ctx {
18 u8 *data, size_t data_len, u8 *mic); 18 u32 l, r;
19};
20
21void michael_mic(const u8 *key, const u8 *da, const u8 *sa, u8 priority,
22 const u8 *data, size_t data_len, u8 *mic);
19 23
20#endif /* MICHAEL_H */ 24#endif /* MICHAEL_H */
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 3f7f92a2f227..adbc1c804dd3 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -578,7 +578,7 @@ void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
578 int encrypt) 578 int encrypt)
579{ 579{
580 struct ieee80211_sub_if_data *sdata; 580 struct ieee80211_sub_if_data *sdata;
581 struct ieee80211_tx_packet_data *pkt_data; 581 struct ieee80211_tx_info *info;
582 582
583 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 583 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
584 skb->dev = sdata->local->mdev; 584 skb->dev = sdata->local->mdev;
@@ -586,11 +586,11 @@ void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
586 skb_set_network_header(skb, 0); 586 skb_set_network_header(skb, 0);
587 skb_set_transport_header(skb, 0); 587 skb_set_transport_header(skb, 0);
588 588
589 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 589 info = IEEE80211_SKB_CB(skb);
590 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data)); 590 memset(info, 0, sizeof(struct ieee80211_tx_info));
591 pkt_data->ifindex = sdata->dev->ifindex; 591 info->control.ifindex = sdata->dev->ifindex;
592 if (!encrypt) 592 if (!encrypt)
593 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT; 593 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
594 594
595 dev_queue_xmit(skb); 595 dev_queue_xmit(skb);
596} 596}
@@ -815,8 +815,29 @@ static void ieee80211_send_assoc(struct net_device *dev,
815 815
816 /* wmm support is a must to HT */ 816 /* wmm support is a must to HT */
817 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) && 817 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
818 sband->ht_info.ht_supported) { 818 sband->ht_info.ht_supported && bss->ht_add_ie) {
819 __le16 tmp = cpu_to_le16(sband->ht_info.cap); 819 struct ieee80211_ht_addt_info *ht_add_info =
820 (struct ieee80211_ht_addt_info *)bss->ht_add_ie;
821 u16 cap = sband->ht_info.cap;
822 __le16 tmp;
823 u32 flags = local->hw.conf.channel->flags;
824
825 switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
826 case IEEE80211_HT_IE_CHA_SEC_ABOVE:
827 if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
828 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
829 cap &= ~IEEE80211_HT_CAP_SGI_40;
830 }
831 break;
832 case IEEE80211_HT_IE_CHA_SEC_BELOW:
833 if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
834 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
835 cap &= ~IEEE80211_HT_CAP_SGI_40;
836 }
837 break;
838 }
839
840 tmp = cpu_to_le16(cap);
820 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2); 841 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
821 *pos++ = WLAN_EID_HT_CAPABILITY; 842 *pos++ = WLAN_EID_HT_CAPABILITY;
822 *pos++ = sizeof(struct ieee80211_ht_cap); 843 *pos++ = sizeof(struct ieee80211_ht_cap);
@@ -2271,6 +2292,7 @@ static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
2271 kfree(bss->rsn_ie); 2292 kfree(bss->rsn_ie);
2272 kfree(bss->wmm_ie); 2293 kfree(bss->wmm_ie);
2273 kfree(bss->ht_ie); 2294 kfree(bss->ht_ie);
2295 kfree(bss->ht_add_ie);
2274 kfree(bss_mesh_id(bss)); 2296 kfree(bss_mesh_id(bss));
2275 kfree(bss_mesh_cfg(bss)); 2297 kfree(bss_mesh_cfg(bss));
2276 kfree(bss); 2298 kfree(bss);
@@ -2321,7 +2343,7 @@ static int ieee80211_sta_join_ibss(struct net_device *dev,
2321 int res, rates, i, j; 2343 int res, rates, i, j;
2322 struct sk_buff *skb; 2344 struct sk_buff *skb;
2323 struct ieee80211_mgmt *mgmt; 2345 struct ieee80211_mgmt *mgmt;
2324 struct ieee80211_tx_control control; 2346 struct ieee80211_tx_info *control;
2325 struct rate_selection ratesel; 2347 struct rate_selection ratesel;
2326 u8 *pos; 2348 u8 *pos;
2327 struct ieee80211_sub_if_data *sdata; 2349 struct ieee80211_sub_if_data *sdata;
@@ -2411,21 +2433,22 @@ static int ieee80211_sta_join_ibss(struct net_device *dev,
2411 memcpy(pos, &bss->supp_rates[8], rates); 2433 memcpy(pos, &bss->supp_rates[8], rates);
2412 } 2434 }
2413 2435
2414 memset(&control, 0, sizeof(control)); 2436 control = IEEE80211_SKB_CB(skb);
2437
2415 rate_control_get_rate(dev, sband, skb, &ratesel); 2438 rate_control_get_rate(dev, sband, skb, &ratesel);
2416 if (!ratesel.rate) { 2439 if (ratesel.rate_idx < 0) {
2417 printk(KERN_DEBUG "%s: Failed to determine TX rate " 2440 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2418 "for IBSS beacon\n", dev->name); 2441 "for IBSS beacon\n", dev->name);
2419 break; 2442 break;
2420 } 2443 }
2421 control.vif = &sdata->vif; 2444 control->control.vif = &sdata->vif;
2422 control.tx_rate = ratesel.rate; 2445 control->tx_rate_idx = ratesel.rate_idx;
2423 if (sdata->bss_conf.use_short_preamble && 2446 if (sdata->bss_conf.use_short_preamble &&
2424 ratesel.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 2447 sband->bitrates[ratesel.rate_idx].flags & IEEE80211_RATE_SHORT_PREAMBLE)
2425 control.flags |= IEEE80211_TXCTL_SHORT_PREAMBLE; 2448 control->flags |= IEEE80211_TX_CTL_SHORT_PREAMBLE;
2426 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx; 2449 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2427 control.flags |= IEEE80211_TXCTL_NO_ACK; 2450 control->flags |= IEEE80211_TX_CTL_NO_ACK;
2428 control.retry_limit = 1; 2451 control->control.retry_limit = 1;
2429 2452
2430 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC); 2453 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2431 if (ifsta->probe_resp) { 2454 if (ifsta->probe_resp) {
@@ -2440,8 +2463,7 @@ static int ieee80211_sta_join_ibss(struct net_device *dev,
2440 } 2463 }
2441 2464
2442 if (local->ops->beacon_update && 2465 if (local->ops->beacon_update &&
2443 local->ops->beacon_update(local_to_hw(local), 2466 local->ops->beacon_update(local_to_hw(local), skb) == 0) {
2444 skb, &control) == 0) {
2445 printk(KERN_DEBUG "%s: Configured IBSS beacon " 2467 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2446 "template\n", dev->name); 2468 "template\n", dev->name);
2447 skb = NULL; 2469 skb = NULL;
@@ -2647,6 +2669,26 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
2647 bss->ht_ie_len = 0; 2669 bss->ht_ie_len = 0;
2648 } 2670 }
2649 2671
2672 if (elems.ht_info_elem &&
2673 (!bss->ht_add_ie ||
2674 bss->ht_add_ie_len != elems.ht_info_elem_len ||
2675 memcmp(bss->ht_add_ie, elems.ht_info_elem,
2676 elems.ht_info_elem_len))) {
2677 kfree(bss->ht_add_ie);
2678 bss->ht_add_ie =
2679 kmalloc(elems.ht_info_elem_len + 2, GFP_ATOMIC);
2680 if (bss->ht_add_ie) {
2681 memcpy(bss->ht_add_ie, elems.ht_info_elem - 2,
2682 elems.ht_info_elem_len + 2);
2683 bss->ht_add_ie_len = elems.ht_info_elem_len + 2;
2684 } else
2685 bss->ht_add_ie_len = 0;
2686 } else if (!elems.ht_info_elem && bss->ht_add_ie) {
2687 kfree(bss->ht_add_ie);
2688 bss->ht_add_ie = NULL;
2689 bss->ht_add_ie_len = 0;
2690 }
2691
2650 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int); 2692 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
2651 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info); 2693 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
2652 2694
@@ -4131,6 +4173,14 @@ ieee80211_sta_scan_result(struct net_device *dev,
4131 bss->rsn_ie); 4173 bss->rsn_ie);
4132 } 4174 }
4133 4175
4176 if (bss && bss->ht_ie) {
4177 memset(&iwe, 0, sizeof(iwe));
4178 iwe.cmd = IWEVGENIE;
4179 iwe.u.data.length = bss->ht_ie_len;
4180 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4181 bss->ht_ie);
4182 }
4183
4134 if (bss && bss->supp_rates_len > 0) { 4184 if (bss && bss->supp_rates_len > 0) {
4135 /* display all supported rates in readable format */ 4185 /* display all supported rates in readable format */
4136 char *p = current_ev + IW_EV_LCP_LEN; 4186 char *p = current_ev + IW_EV_LCP_LEN;
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index 841df93807fc..0388c090dfe9 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -176,20 +176,24 @@ void rate_control_get_rate(struct net_device *dev,
176 rcu_read_lock(); 176 rcu_read_lock();
177 sta = sta_info_get(local, hdr->addr1); 177 sta = sta_info_get(local, hdr->addr1);
178 178
179 memset(sel, 0, sizeof(struct rate_selection)); 179 sel->rate_idx = -1;
180 sel->nonerp_idx = -1;
181 sel->probe_idx = -1;
180 182
181 ref->ops->get_rate(ref->priv, dev, sband, skb, sel); 183 ref->ops->get_rate(ref->priv, dev, sband, skb, sel);
182 184
185 BUG_ON(sel->rate_idx < 0);
186
183 /* Select a non-ERP backup rate. */ 187 /* Select a non-ERP backup rate. */
184 if (!sel->nonerp) { 188 if (sel->nonerp_idx < 0) {
185 for (i = 0; i < sband->n_bitrates; i++) { 189 for (i = 0; i < sband->n_bitrates; i++) {
186 struct ieee80211_rate *rate = &sband->bitrates[i]; 190 struct ieee80211_rate *rate = &sband->bitrates[i];
187 if (sel->rate->bitrate < rate->bitrate) 191 if (sband->bitrates[sel->rate_idx].bitrate < rate->bitrate)
188 break; 192 break;
189 193
190 if (rate_supported(sta, sband->band, i) && 194 if (rate_supported(sta, sband->band, i) &&
191 !(rate->flags & IEEE80211_RATE_ERP_G)) 195 !(rate->flags & IEEE80211_RATE_ERP_G))
192 sel->nonerp = rate; 196 sel->nonerp_idx = i;
193 } 197 }
194 } 198 }
195 199
diff --git a/net/mac80211/rate.h b/net/mac80211/rate.h
index 5b45f33cb766..0ed9c8a2f56f 100644
--- a/net/mac80211/rate.h
+++ b/net/mac80211/rate.h
@@ -19,22 +19,22 @@
19#include "ieee80211_i.h" 19#include "ieee80211_i.h"
20#include "sta_info.h" 20#include "sta_info.h"
21 21
22/* TODO: kdoc */ 22/**
23 * struct rate_selection - rate selection for rate control algos
24 * @rate: selected transmission rate index
25 * @nonerp: Non-ERP rate to use instead if ERP cannot be used
26 * @probe: rate for probing (or -1)
27 *
28 */
23struct rate_selection { 29struct rate_selection {
24 /* Selected transmission rate */ 30 s8 rate_idx, nonerp_idx, probe_idx;
25 struct ieee80211_rate *rate;
26 /* Non-ERP rate to use if mac80211 decides it cannot use an ERP rate */
27 struct ieee80211_rate *nonerp;
28 /* probe with this rate, or NULL for no probing */
29 struct ieee80211_rate *probe;
30}; 31};
31 32
32struct rate_control_ops { 33struct rate_control_ops {
33 struct module *module; 34 struct module *module;
34 const char *name; 35 const char *name;
35 void (*tx_status)(void *priv, struct net_device *dev, 36 void (*tx_status)(void *priv, struct net_device *dev,
36 struct sk_buff *skb, 37 struct sk_buff *skb);
37 struct ieee80211_tx_status *status);
38 void (*get_rate)(void *priv, struct net_device *dev, 38 void (*get_rate)(void *priv, struct net_device *dev,
39 struct ieee80211_supported_band *band, 39 struct ieee80211_supported_band *band,
40 struct sk_buff *skb, 40 struct sk_buff *skb,
@@ -76,13 +76,12 @@ struct rate_control_ref *rate_control_get(struct rate_control_ref *ref);
76void rate_control_put(struct rate_control_ref *ref); 76void rate_control_put(struct rate_control_ref *ref);
77 77
78static inline void rate_control_tx_status(struct net_device *dev, 78static inline void rate_control_tx_status(struct net_device *dev,
79 struct sk_buff *skb, 79 struct sk_buff *skb)
80 struct ieee80211_tx_status *status)
81{ 80{
82 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 81 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
83 struct rate_control_ref *ref = local->rate_ctrl; 82 struct rate_control_ref *ref = local->rate_ctrl;
84 83
85 ref->ops->tx_status(ref->priv, dev, skb, status); 84 ref->ops->tx_status(ref->priv, dev, skb);
86} 85}
87 86
88 87
@@ -138,7 +137,7 @@ static inline int rate_supported(struct sta_info *sta,
138 return (sta == NULL || sta->supp_rates[band] & BIT(index)); 137 return (sta == NULL || sta->supp_rates[band] & BIT(index));
139} 138}
140 139
141static inline int 140static inline s8
142rate_lowest_index(struct ieee80211_local *local, 141rate_lowest_index(struct ieee80211_local *local,
143 struct ieee80211_supported_band *sband, 142 struct ieee80211_supported_band *sband,
144 struct sta_info *sta) 143 struct sta_info *sta)
@@ -155,14 +154,6 @@ rate_lowest_index(struct ieee80211_local *local,
155 return 0; 154 return 0;
156} 155}
157 156
158static inline struct ieee80211_rate *
159rate_lowest(struct ieee80211_local *local,
160 struct ieee80211_supported_band *sband,
161 struct sta_info *sta)
162{
163 return &sband->bitrates[rate_lowest_index(local, sband, sta)];
164}
165
166 157
167/* functions for rate control related to a device */ 158/* functions for rate control related to a device */
168int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local, 159int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
diff --git a/net/mac80211/rc80211_pid.h b/net/mac80211/rc80211_pid.h
index 04afc13ed825..2078803d3581 100644
--- a/net/mac80211/rc80211_pid.h
+++ b/net/mac80211/rc80211_pid.h
@@ -61,7 +61,7 @@ enum rc_pid_event_type {
61union rc_pid_event_data { 61union rc_pid_event_data {
62 /* RC_PID_EVENT_TX_STATUS */ 62 /* RC_PID_EVENT_TX_STATUS */
63 struct { 63 struct {
64 struct ieee80211_tx_status tx_status; 64 struct ieee80211_tx_info tx_status;
65 }; 65 };
66 /* RC_PID_EVENT_TYPE_RATE_CHANGE */ 66 /* RC_PID_EVENT_TYPE_RATE_CHANGE */
67 /* RC_PID_EVENT_TYPE_TX_RATE */ 67 /* RC_PID_EVENT_TYPE_TX_RATE */
@@ -158,7 +158,7 @@ struct rc_pid_debugfs_entries {
158}; 158};
159 159
160void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf, 160void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf,
161 struct ieee80211_tx_status *stat); 161 struct ieee80211_tx_info *stat);
162 162
163void rate_control_pid_event_rate_change(struct rc_pid_event_buffer *buf, 163void rate_control_pid_event_rate_change(struct rc_pid_event_buffer *buf,
164 int index, int rate); 164 int index, int rate);
diff --git a/net/mac80211/rc80211_pid_algo.c b/net/mac80211/rc80211_pid_algo.c
index a849b745bdb5..e8945413e4a2 100644
--- a/net/mac80211/rc80211_pid_algo.c
+++ b/net/mac80211/rc80211_pid_algo.c
@@ -237,8 +237,7 @@ static void rate_control_pid_sample(struct rc_pid_info *pinfo,
237} 237}
238 238
239static void rate_control_pid_tx_status(void *priv, struct net_device *dev, 239static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
240 struct sk_buff *skb, 240 struct sk_buff *skb)
241 struct ieee80211_tx_status *status)
242{ 241{
243 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 242 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
244 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 243 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -248,6 +247,7 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
248 struct rc_pid_sta_info *spinfo; 247 struct rc_pid_sta_info *spinfo;
249 unsigned long period; 248 unsigned long period;
250 struct ieee80211_supported_band *sband; 249 struct ieee80211_supported_band *sband;
250 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
251 251
252 rcu_read_lock(); 252 rcu_read_lock();
253 253
@@ -266,28 +266,28 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
266 266
267 /* Ignore all frames that were sent with a different rate than the rate 267 /* Ignore all frames that were sent with a different rate than the rate
268 * we currently advise mac80211 to use. */ 268 * we currently advise mac80211 to use. */
269 if (status->control.tx_rate != &sband->bitrates[sta->txrate_idx]) 269 if (info->tx_rate_idx != sta->txrate_idx)
270 goto unlock; 270 goto unlock;
271 271
272 spinfo = sta->rate_ctrl_priv; 272 spinfo = sta->rate_ctrl_priv;
273 spinfo->tx_num_xmit++; 273 spinfo->tx_num_xmit++;
274 274
275#ifdef CONFIG_MAC80211_DEBUGFS 275#ifdef CONFIG_MAC80211_DEBUGFS
276 rate_control_pid_event_tx_status(&spinfo->events, status); 276 rate_control_pid_event_tx_status(&spinfo->events, info);
277#endif 277#endif
278 278
279 /* We count frames that totally failed to be transmitted as two bad 279 /* We count frames that totally failed to be transmitted as two bad
280 * frames, those that made it out but had some retries as one good and 280 * frames, those that made it out but had some retries as one good and
281 * one bad frame. */ 281 * one bad frame. */
282 if (status->excessive_retries) { 282 if (info->status.excessive_retries) {
283 spinfo->tx_num_failed += 2; 283 spinfo->tx_num_failed += 2;
284 spinfo->tx_num_xmit++; 284 spinfo->tx_num_xmit++;
285 } else if (status->retry_count) { 285 } else if (info->status.retry_count) {
286 spinfo->tx_num_failed++; 286 spinfo->tx_num_failed++;
287 spinfo->tx_num_xmit++; 287 spinfo->tx_num_xmit++;
288 } 288 }
289 289
290 if (status->excessive_retries) { 290 if (info->status.excessive_retries) {
291 sta->tx_retry_failed++; 291 sta->tx_retry_failed++;
292 sta->tx_num_consecutive_failures++; 292 sta->tx_num_consecutive_failures++;
293 sta->tx_num_mpdu_fail++; 293 sta->tx_num_mpdu_fail++;
@@ -295,8 +295,8 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
295 sta->tx_num_consecutive_failures = 0; 295 sta->tx_num_consecutive_failures = 0;
296 sta->tx_num_mpdu_ok++; 296 sta->tx_num_mpdu_ok++;
297 } 297 }
298 sta->tx_retry_count += status->retry_count; 298 sta->tx_retry_count += info->status.retry_count;
299 sta->tx_num_mpdu_fail += status->retry_count; 299 sta->tx_num_mpdu_fail += info->status.retry_count;
300 300
301 /* Update PID controller state. */ 301 /* Update PID controller state. */
302 period = (HZ * pinfo->sampling_period + 500) / 1000; 302 period = (HZ * pinfo->sampling_period + 500) / 1000;
@@ -330,7 +330,7 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
330 fc = le16_to_cpu(hdr->frame_control); 330 fc = le16_to_cpu(hdr->frame_control);
331 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || 331 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
332 is_multicast_ether_addr(hdr->addr1) || !sta) { 332 is_multicast_ether_addr(hdr->addr1) || !sta) {
333 sel->rate = rate_lowest(local, sband, sta); 333 sel->rate_idx = rate_lowest_index(local, sband, sta);
334 rcu_read_unlock(); 334 rcu_read_unlock();
335 return; 335 return;
336 } 336 }
@@ -349,7 +349,7 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
349 349
350 rcu_read_unlock(); 350 rcu_read_unlock();
351 351
352 sel->rate = &sband->bitrates[rateidx]; 352 sel->rate_idx = rateidx;
353 353
354#ifdef CONFIG_MAC80211_DEBUGFS 354#ifdef CONFIG_MAC80211_DEBUGFS
355 rate_control_pid_event_tx_rate( 355 rate_control_pid_event_tx_rate(
diff --git a/net/mac80211/rc80211_pid_debugfs.c b/net/mac80211/rc80211_pid_debugfs.c
index ff5c380f3c13..8121d3bc6835 100644
--- a/net/mac80211/rc80211_pid_debugfs.c
+++ b/net/mac80211/rc80211_pid_debugfs.c
@@ -39,11 +39,11 @@ static void rate_control_pid_event(struct rc_pid_event_buffer *buf,
39} 39}
40 40
41void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf, 41void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf,
42 struct ieee80211_tx_status *stat) 42 struct ieee80211_tx_info *stat)
43{ 43{
44 union rc_pid_event_data evd; 44 union rc_pid_event_data evd;
45 45
46 memcpy(&evd.tx_status, stat, sizeof(struct ieee80211_tx_status)); 46 memcpy(&evd.tx_status, stat, sizeof(struct ieee80211_tx_info));
47 rate_control_pid_event(buf, RC_PID_EVENT_TYPE_TX_STATUS, &evd); 47 rate_control_pid_event(buf, RC_PID_EVENT_TYPE_TX_STATUS, &evd);
48} 48}
49 49
@@ -167,8 +167,8 @@ static ssize_t rate_control_pid_events_read(struct file *file, char __user *buf,
167 switch (ev->type) { 167 switch (ev->type) {
168 case RC_PID_EVENT_TYPE_TX_STATUS: 168 case RC_PID_EVENT_TYPE_TX_STATUS:
169 p += snprintf(pb + p, length - p, "tx_status %u %u", 169 p += snprintf(pb + p, length - p, "tx_status %u %u",
170 ev->data.tx_status.excessive_retries, 170 ev->data.tx_status.status.excessive_retries,
171 ev->data.tx_status.retry_count); 171 ev->data.tx_status.status.retry_count);
172 break; 172 break;
173 case RC_PID_EVENT_TYPE_RATE_CHANGE: 173 case RC_PID_EVENT_TYPE_RATE_CHANGE:
174 p += snprintf(pb + p, length - p, "rate_change %d %d", 174 p += snprintf(pb + p, length - p, "rate_change %d %d",
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index fa68305fd59e..9400a9766a77 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -387,51 +387,9 @@ static void ieee80211_verify_ip_alignment(struct ieee80211_rx_data *rx)
387} 387}
388 388
389 389
390static u32 ieee80211_rx_load_stats(struct ieee80211_local *local,
391 struct sk_buff *skb,
392 struct ieee80211_rx_status *status,
393 struct ieee80211_rate *rate)
394{
395 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
396 u32 load = 0, hdrtime;
397
398 /* Estimate total channel use caused by this frame */
399
400 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
401 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
402
403 if (status->band == IEEE80211_BAND_5GHZ ||
404 (status->band == IEEE80211_BAND_5GHZ &&
405 rate->flags & IEEE80211_RATE_ERP_G))
406 hdrtime = CHAN_UTIL_HDR_SHORT;
407 else
408 hdrtime = CHAN_UTIL_HDR_LONG;
409
410 load = hdrtime;
411 if (!is_multicast_ether_addr(hdr->addr1))
412 load += hdrtime;
413
414 /* TODO: optimise again */
415 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate;
416
417 /* Divide channel_use by 8 to avoid wrapping around the counter */
418 load >>= CHAN_UTIL_SHIFT;
419
420 return load;
421}
422
423/* rx handlers */ 390/* rx handlers */
424 391
425static ieee80211_rx_result 392static ieee80211_rx_result
426ieee80211_rx_h_if_stats(struct ieee80211_rx_data *rx)
427{
428 if (rx->sta)
429 rx->sta->channel_use_raw += rx->load;
430 rx->sdata->channel_use_raw += rx->load;
431 return RX_CONTINUE;
432}
433
434static ieee80211_rx_result
435ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx) 393ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
436{ 394{
437 struct ieee80211_local *local = rx->local; 395 struct ieee80211_local *local = rx->local;
@@ -714,7 +672,7 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
714 struct sk_buff *skb; 672 struct sk_buff *skb;
715 int sent = 0; 673 int sent = 0;
716 struct ieee80211_sub_if_data *sdata; 674 struct ieee80211_sub_if_data *sdata;
717 struct ieee80211_tx_packet_data *pkt_data; 675 struct ieee80211_tx_info *info;
718 DECLARE_MAC_BUF(mac); 676 DECLARE_MAC_BUF(mac);
719 677
720 sdata = sta->sdata; 678 sdata = sta->sdata;
@@ -734,13 +692,13 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
734 692
735 /* Send all buffered frames to the station */ 693 /* Send all buffered frames to the station */
736 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 694 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
737 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 695 info = IEEE80211_SKB_CB(skb);
738 sent++; 696 sent++;
739 pkt_data->flags |= IEEE80211_TXPD_REQUEUE; 697 info->flags |= IEEE80211_TX_CTL_REQUEUE;
740 dev_queue_xmit(skb); 698 dev_queue_xmit(skb);
741 } 699 }
742 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 700 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
743 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 701 info = IEEE80211_SKB_CB(skb);
744 local->total_ps_buffered--; 702 local->total_ps_buffered--;
745 sent++; 703 sent++;
746#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 704#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
@@ -748,7 +706,7 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
748 "since STA not sleeping anymore\n", dev->name, 706 "since STA not sleeping anymore\n", dev->name,
749 print_mac(mac, sta->addr), sta->aid); 707 print_mac(mac, sta->addr), sta->aid);
750#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 708#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
751 pkt_data->flags |= IEEE80211_TXPD_REQUEUE; 709 info->flags |= IEEE80211_TX_CTL_REQUEUE;
752 dev_queue_xmit(skb); 710 dev_queue_xmit(skb);
753 } 711 }
754 712
@@ -1780,7 +1738,6 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx)
1780typedef ieee80211_rx_result (*ieee80211_rx_handler)(struct ieee80211_rx_data *); 1738typedef ieee80211_rx_result (*ieee80211_rx_handler)(struct ieee80211_rx_data *);
1781static ieee80211_rx_handler ieee80211_rx_handlers[] = 1739static ieee80211_rx_handler ieee80211_rx_handlers[] =
1782{ 1740{
1783 ieee80211_rx_h_if_stats,
1784 ieee80211_rx_h_passive_scan, 1741 ieee80211_rx_h_passive_scan,
1785 ieee80211_rx_h_check, 1742 ieee80211_rx_h_check,
1786 ieee80211_rx_h_decrypt, 1743 ieee80211_rx_h_decrypt,
@@ -1939,7 +1896,6 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1939static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, 1896static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1940 struct sk_buff *skb, 1897 struct sk_buff *skb,
1941 struct ieee80211_rx_status *status, 1898 struct ieee80211_rx_status *status,
1942 u32 load,
1943 struct ieee80211_rate *rate) 1899 struct ieee80211_rate *rate)
1944{ 1900{
1945 struct ieee80211_local *local = hw_to_local(hw); 1901 struct ieee80211_local *local = hw_to_local(hw);
@@ -1958,7 +1914,6 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1958 rx.local = local; 1914 rx.local = local;
1959 1915
1960 rx.status = status; 1916 rx.status = status;
1961 rx.load = load;
1962 rx.rate = rate; 1917 rx.rate = rate;
1963 rx.fc = le16_to_cpu(hdr->frame_control); 1918 rx.fc = le16_to_cpu(hdr->frame_control);
1964 type = rx.fc & IEEE80211_FCTL_FTYPE; 1919 type = rx.fc & IEEE80211_FCTL_FTYPE;
@@ -2067,7 +2022,6 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2067 struct ieee80211_rx_status status; 2022 struct ieee80211_rx_status status;
2068 u16 head_seq_num, buf_size; 2023 u16 head_seq_num, buf_size;
2069 int index; 2024 int index;
2070 u32 pkt_load;
2071 struct ieee80211_supported_band *sband; 2025 struct ieee80211_supported_band *sband;
2072 struct ieee80211_rate *rate; 2026 struct ieee80211_rate *rate;
2073 2027
@@ -2102,12 +2056,9 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2102 sizeof(status)); 2056 sizeof(status));
2103 sband = local->hw.wiphy->bands[status.band]; 2057 sband = local->hw.wiphy->bands[status.band];
2104 rate = &sband->bitrates[status.rate_idx]; 2058 rate = &sband->bitrates[status.rate_idx];
2105 pkt_load = ieee80211_rx_load_stats(local,
2106 tid_agg_rx->reorder_buf[index],
2107 &status, rate);
2108 __ieee80211_rx_handle_packet(hw, 2059 __ieee80211_rx_handle_packet(hw,
2109 tid_agg_rx->reorder_buf[index], 2060 tid_agg_rx->reorder_buf[index],
2110 &status, pkt_load, rate); 2061 &status, rate);
2111 tid_agg_rx->stored_mpdu_num--; 2062 tid_agg_rx->stored_mpdu_num--;
2112 tid_agg_rx->reorder_buf[index] = NULL; 2063 tid_agg_rx->reorder_buf[index] = NULL;
2113 } 2064 }
@@ -2149,11 +2100,8 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2149 sizeof(status)); 2100 sizeof(status));
2150 sband = local->hw.wiphy->bands[status.band]; 2101 sband = local->hw.wiphy->bands[status.band];
2151 rate = &sband->bitrates[status.rate_idx]; 2102 rate = &sband->bitrates[status.rate_idx];
2152 pkt_load = ieee80211_rx_load_stats(local,
2153 tid_agg_rx->reorder_buf[index],
2154 &status, rate);
2155 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index], 2103 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index],
2156 &status, pkt_load, rate); 2104 &status, rate);
2157 tid_agg_rx->stored_mpdu_num--; 2105 tid_agg_rx->stored_mpdu_num--;
2158 tid_agg_rx->reorder_buf[index] = NULL; 2106 tid_agg_rx->reorder_buf[index] = NULL;
2159 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num); 2107 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num);
@@ -2232,7 +2180,6 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2232 struct ieee80211_rx_status *status) 2180 struct ieee80211_rx_status *status)
2233{ 2181{
2234 struct ieee80211_local *local = hw_to_local(hw); 2182 struct ieee80211_local *local = hw_to_local(hw);
2235 u32 pkt_load;
2236 struct ieee80211_rate *rate = NULL; 2183 struct ieee80211_rate *rate = NULL;
2237 struct ieee80211_supported_band *sband; 2184 struct ieee80211_supported_band *sband;
2238 2185
@@ -2272,11 +2219,8 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2272 return; 2219 return;
2273 } 2220 }
2274 2221
2275 pkt_load = ieee80211_rx_load_stats(local, skb, status, rate);
2276 local->channel_use_raw += pkt_load;
2277
2278 if (!ieee80211_rx_reorder_ampdu(local, skb)) 2222 if (!ieee80211_rx_reorder_ampdu(local, skb))
2279 __ieee80211_rx_handle_packet(hw, skb, status, pkt_load, rate); 2223 __ieee80211_rx_handle_packet(hw, skb, status, rate);
2280 2224
2281 rcu_read_unlock(); 2225 rcu_read_unlock();
2282} 2226}
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index baf5e4746884..c24770cb02c5 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -255,7 +255,7 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
255 * sta_rx_agg_session_timer_expired for useage */ 255 * sta_rx_agg_session_timer_expired for useage */
256 sta->timer_to_tid[i] = i; 256 sta->timer_to_tid[i] = i;
257 /* tid to tx queue: initialize according to HW (0 is valid) */ 257 /* tid to tx queue: initialize according to HW (0 is valid) */
258 sta->tid_to_tx_q[i] = local->hw.queues + local->hw.ampdu_queues; 258 sta->tid_to_tx_q[i] = ieee80211_num_queues(&local->hw);
259 /* rx */ 259 /* rx */
260 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE; 260 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE;
261 sta->ampdu_mlme.tid_rx[i] = NULL; 261 sta->ampdu_mlme.tid_rx[i] = NULL;
@@ -511,20 +511,20 @@ static inline int sta_info_buffer_expired(struct ieee80211_local *local,
511 struct sta_info *sta, 511 struct sta_info *sta,
512 struct sk_buff *skb) 512 struct sk_buff *skb)
513{ 513{
514 struct ieee80211_tx_packet_data *pkt_data; 514 struct ieee80211_tx_info *info;
515 int timeout; 515 int timeout;
516 516
517 if (!skb) 517 if (!skb)
518 return 0; 518 return 0;
519 519
520 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 520 info = IEEE80211_SKB_CB(skb);
521 521
522 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */ 522 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */
523 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 / 523 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 /
524 15625) * HZ; 524 15625) * HZ;
525 if (timeout < STA_TX_BUFFER_EXPIRE) 525 if (timeout < STA_TX_BUFFER_EXPIRE)
526 timeout = STA_TX_BUFFER_EXPIRE; 526 timeout = STA_TX_BUFFER_EXPIRE;
527 return time_after(jiffies, pkt_data->jiffies + timeout); 527 return time_after(jiffies, info->control.jiffies + timeout);
528} 528}
529 529
530 530
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index e89cc1655547..95753f860acf 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -32,7 +32,7 @@
32 * @WLAN_STA_WDS: Station is one of our WDS peers. 32 * @WLAN_STA_WDS: Station is one of our WDS peers.
33 * @WLAN_STA_PSPOLL: Station has just PS-polled us. 33 * @WLAN_STA_PSPOLL: Station has just PS-polled us.
34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the 34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
35 * IEEE80211_TXCTL_CLEAR_PS_FILT control flag) when the next 35 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next
36 * frame to this station is transmitted. 36 * frame to this station is transmitted.
37 */ 37 */
38enum ieee80211_sta_info_flags { 38enum ieee80211_sta_info_flags {
@@ -245,10 +245,6 @@ struct sta_info {
245 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES]; 245 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
246#endif 246#endif
247 247
248 /* Debug counters, no locking doesn't matter */
249 int channel_use;
250 int channel_use_raw;
251
252 /* 248 /*
253 * Aggregation information, locked with lock. 249 * Aggregation information, locked with lock.
254 */ 250 */
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index a7c3febc5a45..a00cf1ea7719 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -6,7 +6,6 @@
6 * it under the terms of the GNU General Public License version 2 as 6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 */ 8 */
9
10#include <linux/kernel.h> 9#include <linux/kernel.h>
11#include <linux/bitops.h> 10#include <linux/bitops.h>
12#include <linux/types.h> 11#include <linux/types.h>
@@ -72,10 +71,12 @@ static u16 tkipS(u16 val)
72 * TSC = TKIP sequence counter (48 bits, only 32 msb bits used) 71 * TSC = TKIP sequence counter (48 bits, only 32 msb bits used)
73 * P1K: 80 bits 72 * P1K: 80 bits
74 */ 73 */
75static void tkip_mixing_phase1(const u8 *ta, const u8 *tk, u32 tsc_IV32, 74static void tkip_mixing_phase1(struct ieee80211_key *key, const u8 *ta,
76 u16 *p1k) 75 struct tkip_ctx *ctx, u32 tsc_IV32)
77{ 76{
78 int i, j; 77 int i, j;
78 const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
79 u16 *p1k = ctx->p1k;
79 80
80 p1k[0] = tsc_IV32 & 0xFFFF; 81 p1k[0] = tsc_IV32 & 0xFFFF;
81 p1k[1] = tsc_IV32 >> 16; 82 p1k[1] = tsc_IV32 >> 16;
@@ -91,12 +92,15 @@ static void tkip_mixing_phase1(const u8 *ta, const u8 *tk, u32 tsc_IV32,
91 p1k[3] += tkipS(p1k[2] ^ get_unaligned_le16(tk + 12 + j)); 92 p1k[3] += tkipS(p1k[2] ^ get_unaligned_le16(tk + 12 + j));
92 p1k[4] += tkipS(p1k[3] ^ get_unaligned_le16(tk + 0 + j)) + i; 93 p1k[4] += tkipS(p1k[3] ^ get_unaligned_le16(tk + 0 + j)) + i;
93 } 94 }
95 ctx->initialized = 1;
94} 96}
95 97
96static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16, 98static void tkip_mixing_phase2(struct ieee80211_key *key, struct tkip_ctx *ctx,
97 u8 *rc4key) 99 u16 tsc_IV16, u8 *rc4key)
98{ 100{
99 u16 ppk[6]; 101 u16 ppk[6];
102 const u16 *p1k = ctx->p1k;
103 const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
100 int i; 104 int i;
101 105
102 ppk[0] = p1k[0]; 106 ppk[0] = p1k[0];
@@ -132,38 +136,25 @@ static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16,
132/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets 136/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets
133 * of the IV. Returns pointer to the octet following IVs (i.e., beginning of 137 * of the IV. Returns pointer to the octet following IVs (i.e., beginning of
134 * the packet payload). */ 138 * the packet payload). */
135u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key, 139u8 *ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
136 u8 iv0, u8 iv1, u8 iv2) 140 u8 iv0, u8 iv1, u8 iv2)
137{ 141{
138 *pos++ = iv0; 142 *pos++ = iv0;
139 *pos++ = iv1; 143 *pos++ = iv1;
140 *pos++ = iv2; 144 *pos++ = iv2;
141 *pos++ = (key->conf.keyidx << 6) | (1 << 5) /* Ext IV */; 145 *pos++ = (key->conf.keyidx << 6) | (1 << 5) /* Ext IV */;
142 put_unaligned_le32(key->u.tkip.iv32, pos); 146 put_unaligned_le32(key->u.tkip.tx.iv32, pos);
143 return pos + 4; 147 return pos + 4;
144} 148}
145 149
146void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta, 150static void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
147 u16 *phase1key)
148{
149 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
150 key->u.tkip.iv32, phase1key);
151}
152
153void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
154 u8 *rc4key) 151 u8 *rc4key)
155{ 152{
156 /* Calculate per-packet key */ 153 /* Calculate per-packet key */
157 if (key->u.tkip.iv16 == 0 || !key->u.tkip.tx_initialized) { 154 if (key->u.tkip.tx.iv16 == 0 || !key->u.tkip.tx.initialized)
158 /* IV16 wrapped around - perform TKIP phase 1 */ 155 tkip_mixing_phase1(key, ta, &key->u.tkip.tx, key->u.tkip.tx.iv32);
159 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
160 key->u.tkip.iv32, key->u.tkip.p1k);
161 key->u.tkip.tx_initialized = 1;
162 }
163 156
164 tkip_mixing_phase2(key->u.tkip.p1k, 157 tkip_mixing_phase2(key, &key->u.tkip.tx, key->u.tkip.tx.iv16, rc4key);
165 &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
166 key->u.tkip.iv16, rc4key);
167} 158}
168 159
169void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf, 160void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
@@ -187,9 +178,9 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
187 printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n", 178 printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
188 iv16, iv32); 179 iv16, iv32);
189 180
190 if (iv32 != key->u.tkip.iv32) { 181 if (iv32 != key->u.tkip.tx.iv32) {
191 printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n", 182 printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n",
192 iv32, key->u.tkip.iv32); 183 iv32, key->u.tkip.tx.iv32);
193 printk(KERN_DEBUG "Wrap around of iv16 in the middle of a " 184 printk(KERN_DEBUG "Wrap around of iv16 in the middle of a "
194 "fragmented packet\n"); 185 "fragmented packet\n");
195 } 186 }
@@ -198,20 +189,15 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
198 /* Update the p1k only when the iv16 in the packet wraps around, this 189 /* Update the p1k only when the iv16 in the packet wraps around, this
199 * might occur after the wrap around of iv16 in the key in case of 190 * might occur after the wrap around of iv16 in the key in case of
200 * fragmented packets. */ 191 * fragmented packets. */
201 if (iv16 == 0 || !key->u.tkip.tx_initialized) { 192 if (iv16 == 0 || !key->u.tkip.tx.initialized)
202 /* IV16 wrapped around - perform TKIP phase 1 */ 193 tkip_mixing_phase1(key, ta, &key->u.tkip.tx, iv32);
203 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
204 iv32, key->u.tkip.p1k);
205 key->u.tkip.tx_initialized = 1;
206 }
207 194
208 if (type == IEEE80211_TKIP_P1_KEY) { 195 if (type == IEEE80211_TKIP_P1_KEY) {
209 memcpy(outkey, key->u.tkip.p1k, sizeof(u16) * 5); 196 memcpy(outkey, key->u.tkip.tx.p1k, sizeof(u16) * 5);
210 return; 197 return;
211 } 198 }
212 199
213 tkip_mixing_phase2(key->u.tkip.p1k, 200 tkip_mixing_phase2(key, &key->u.tkip.tx, iv16, outkey);
214 &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], iv16, outkey);
215} 201}
216EXPORT_SYMBOL(ieee80211_get_tkip_key); 202EXPORT_SYMBOL(ieee80211_get_tkip_key);
217 203
@@ -271,33 +257,31 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
271 if ((keyid >> 6) != key->conf.keyidx) 257 if ((keyid >> 6) != key->conf.keyidx)
272 return TKIP_DECRYPT_INVALID_KEYIDX; 258 return TKIP_DECRYPT_INVALID_KEYIDX;
273 259
274 if (key->u.tkip.rx_initialized[queue] && 260 if (key->u.tkip.rx[queue].initialized &&
275 (iv32 < key->u.tkip.iv32_rx[queue] || 261 (iv32 < key->u.tkip.rx[queue].iv32 ||
276 (iv32 == key->u.tkip.iv32_rx[queue] && 262 (iv32 == key->u.tkip.rx[queue].iv32 &&
277 iv16 <= key->u.tkip.iv16_rx[queue]))) { 263 iv16 <= key->u.tkip.rx[queue].iv16))) {
278#ifdef CONFIG_TKIP_DEBUG 264#ifdef CONFIG_TKIP_DEBUG
279 DECLARE_MAC_BUF(mac); 265 DECLARE_MAC_BUF(mac);
280 printk(KERN_DEBUG "TKIP replay detected for RX frame from " 266 printk(KERN_DEBUG "TKIP replay detected for RX frame from "
281 "%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n", 267 "%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
282 print_mac(mac, ta), 268 print_mac(mac, ta),
283 iv32, iv16, key->u.tkip.iv32_rx[queue], 269 iv32, iv16, key->u.tkip.rx[queue].iv32,
284 key->u.tkip.iv16_rx[queue]); 270 key->u.tkip.rx[queue].iv16);
285#endif /* CONFIG_TKIP_DEBUG */ 271#endif /* CONFIG_TKIP_DEBUG */
286 return TKIP_DECRYPT_REPLAY; 272 return TKIP_DECRYPT_REPLAY;
287 } 273 }
288 274
289 if (only_iv) { 275 if (only_iv) {
290 res = TKIP_DECRYPT_OK; 276 res = TKIP_DECRYPT_OK;
291 key->u.tkip.rx_initialized[queue] = 1; 277 key->u.tkip.rx[queue].initialized = 1;
292 goto done; 278 goto done;
293 } 279 }
294 280
295 if (!key->u.tkip.rx_initialized[queue] || 281 if (!key->u.tkip.rx[queue].initialized ||
296 key->u.tkip.iv32_rx[queue] != iv32) { 282 key->u.tkip.rx[queue].iv32 != iv32) {
297 key->u.tkip.rx_initialized[queue] = 1;
298 /* IV16 wrapped around - perform TKIP phase 1 */ 283 /* IV16 wrapped around - perform TKIP phase 1 */
299 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], 284 tkip_mixing_phase1(key, ta, &key->u.tkip.rx[queue], iv32);
300 iv32, key->u.tkip.p1k_rx[queue]);
301#ifdef CONFIG_TKIP_DEBUG 285#ifdef CONFIG_TKIP_DEBUG
302 { 286 {
303 int i; 287 int i;
@@ -311,7 +295,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
311 printk("\n"); 295 printk("\n");
312 printk(KERN_DEBUG "TKIP decrypt: P1K="); 296 printk(KERN_DEBUG "TKIP decrypt: P1K=");
313 for (i = 0; i < 5; i++) 297 for (i = 0; i < 5; i++)
314 printk("%04x ", key->u.tkip.p1k_rx[queue][i]); 298 printk("%04x ", key->u.tkip.rx[queue].p1k[i]);
315 printk("\n"); 299 printk("\n");
316 } 300 }
317#endif /* CONFIG_TKIP_DEBUG */ 301#endif /* CONFIG_TKIP_DEBUG */
@@ -326,13 +310,11 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
326 310
327 key->local->ops->update_tkip_key( 311 key->local->ops->update_tkip_key(
328 local_to_hw(key->local), &key->conf, 312 local_to_hw(key->local), &key->conf,
329 sta_addr, iv32, key->u.tkip.p1k_rx[queue]); 313 sta_addr, iv32, key->u.tkip.rx[queue].p1k);
330 } 314 }
331 } 315 }
332 316
333 tkip_mixing_phase2(key->u.tkip.p1k_rx[queue], 317 tkip_mixing_phase2(key, &key->u.tkip.rx[queue], iv16, rc4key);
334 &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
335 iv16, rc4key);
336#ifdef CONFIG_TKIP_DEBUG 318#ifdef CONFIG_TKIP_DEBUG
337 { 319 {
338 int i; 320 int i;
diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h
index 1fa0bb4dba3c..b890427fc959 100644
--- a/net/mac80211/tkip.h
+++ b/net/mac80211/tkip.h
@@ -15,10 +15,6 @@
15 15
16u8 *ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key, 16u8 *ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
17 u8 iv0, u8 iv1, u8 iv2); 17 u8 iv0, u8 iv1, u8 iv2);
18void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
19 u16 *phase1key);
20void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
21 u8 *rc4key);
22void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm, 18void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
23 struct ieee80211_key *key, 19 struct ieee80211_key *key,
24 u8 *pos, size_t payload_len, u8 *ta); 20 u8 *pos, size_t payload_len, u8 *ta);
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index aecec2a72b08..1ad9e664f287 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -91,11 +91,12 @@ static u16 ieee80211_duration(struct ieee80211_tx_data *tx, int group_addr,
91 int next_frag_len) 91 int next_frag_len)
92{ 92{
93 int rate, mrate, erp, dur, i; 93 int rate, mrate, erp, dur, i;
94 struct ieee80211_rate *txrate = tx->rate; 94 struct ieee80211_rate *txrate;
95 struct ieee80211_local *local = tx->local; 95 struct ieee80211_local *local = tx->local;
96 struct ieee80211_supported_band *sband; 96 struct ieee80211_supported_band *sband;
97 97
98 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 98 sband = local->hw.wiphy->bands[tx->channel->band];
99 txrate = &sband->bitrates[tx->rate_idx];
99 100
100 erp = 0; 101 erp = 0;
101 if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) 102 if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
@@ -212,18 +213,6 @@ static u16 ieee80211_duration(struct ieee80211_tx_data *tx, int group_addr,
212 return dur; 213 return dur;
213} 214}
214 215
215static inline int __ieee80211_queue_stopped(const struct ieee80211_local *local,
216 int queue)
217{
218 return test_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
219}
220
221static inline int __ieee80211_queue_pending(const struct ieee80211_local *local,
222 int queue)
223{
224 return test_bit(IEEE80211_LINK_STATE_PENDING, &local->state[queue]);
225}
226
227static int inline is_ieee80211_device(struct net_device *dev, 216static int inline is_ieee80211_device(struct net_device *dev,
228 struct net_device *master) 217 struct net_device *master)
229{ 218{
@@ -237,12 +226,12 @@ static ieee80211_tx_result
237ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx) 226ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
238{ 227{
239#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 228#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
240 struct sk_buff *skb = tx->skb; 229 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
241 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
242#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 230#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
231 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
243 u32 sta_flags; 232 u32 sta_flags;
244 233
245 if (unlikely(tx->flags & IEEE80211_TX_INJECTED)) 234 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED))
246 return TX_CONTINUE; 235 return TX_CONTINUE;
247 236
248 if (unlikely(tx->local->sta_sw_scanning) && 237 if (unlikely(tx->local->sta_sw_scanning) &&
@@ -347,6 +336,8 @@ static void purge_old_ps_buffers(struct ieee80211_local *local)
347static ieee80211_tx_result 336static ieee80211_tx_result
348ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx) 337ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
349{ 338{
339 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
340
350 /* 341 /*
351 * broadcast/multicast frame 342 * broadcast/multicast frame
352 * 343 *
@@ -382,7 +373,7 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
382 } 373 }
383 374
384 /* buffered in hardware */ 375 /* buffered in hardware */
385 tx->control->flags |= IEEE80211_TXCTL_SEND_AFTER_DTIM; 376 info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM;
386 377
387 return TX_CONTINUE; 378 return TX_CONTINUE;
388} 379}
@@ -391,6 +382,7 @@ static ieee80211_tx_result
391ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx) 382ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
392{ 383{
393 struct sta_info *sta = tx->sta; 384 struct sta_info *sta = tx->sta;
385 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
394 u32 staflags; 386 u32 staflags;
395 DECLARE_MAC_BUF(mac); 387 DECLARE_MAC_BUF(mac);
396 388
@@ -403,7 +395,6 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
403 395
404 if (unlikely((staflags & WLAN_STA_PS) && 396 if (unlikely((staflags & WLAN_STA_PS) &&
405 !(staflags & WLAN_STA_PSPOLL))) { 397 !(staflags & WLAN_STA_PSPOLL))) {
406 struct ieee80211_tx_packet_data *pkt_data;
407#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 398#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
408 printk(KERN_DEBUG "STA %s aid %d: PS buffer (entries " 399 printk(KERN_DEBUG "STA %s aid %d: PS buffer (entries "
409 "before %d)\n", 400 "before %d)\n",
@@ -427,8 +418,7 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
427 if (skb_queue_empty(&sta->ps_tx_buf)) 418 if (skb_queue_empty(&sta->ps_tx_buf))
428 sta_info_set_tim_bit(sta); 419 sta_info_set_tim_bit(sta);
429 420
430 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb; 421 info->control.jiffies = jiffies;
431 pkt_data->jiffies = jiffies;
432 skb_queue_tail(&sta->ps_tx_buf, tx->skb); 422 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
433 return TX_QUEUED; 423 return TX_QUEUED;
434 } 424 }
@@ -460,17 +450,18 @@ static ieee80211_tx_result
460ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx) 450ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
461{ 451{
462 struct ieee80211_key *key; 452 struct ieee80211_key *key;
453 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
463 u16 fc = tx->fc; 454 u16 fc = tx->fc;
464 455
465 if (unlikely(tx->control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT)) 456 if (unlikely(info->flags & IEEE80211_TX_CTL_DO_NOT_ENCRYPT))
466 tx->key = NULL; 457 tx->key = NULL;
467 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 458 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
468 tx->key = key; 459 tx->key = key;
469 else if ((key = rcu_dereference(tx->sdata->default_key))) 460 else if ((key = rcu_dereference(tx->sdata->default_key)))
470 tx->key = key; 461 tx->key = key;
471 else if (tx->sdata->drop_unencrypted && 462 else if (tx->sdata->drop_unencrypted &&
472 !(tx->control->flags & IEEE80211_TXCTL_EAPOL_FRAME) && 463 !(info->flags & IEEE80211_TX_CTL_EAPOL_FRAME) &&
473 !(tx->flags & IEEE80211_TX_INJECTED)) { 464 !(info->flags & IEEE80211_TX_CTL_INJECTED)) {
474 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted); 465 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
475 return TX_DROP; 466 return TX_DROP;
476 } else 467 } else
@@ -499,7 +490,156 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
499 } 490 }
500 491
501 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 492 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
502 tx->control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 493 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
494
495 return TX_CONTINUE;
496}
497
498static ieee80211_tx_result
499ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
500{
501 struct rate_selection rsel;
502 struct ieee80211_supported_band *sband;
503 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
504
505 sband = tx->local->hw.wiphy->bands[tx->channel->band];
506
507 if (likely(tx->rate_idx < 0)) {
508 rate_control_get_rate(tx->dev, sband, tx->skb, &rsel);
509 tx->rate_idx = rsel.rate_idx;
510 if (unlikely(rsel.probe_idx >= 0)) {
511 info->flags |= IEEE80211_TX_CTL_RATE_CTRL_PROBE;
512 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
513 info->control.alt_retry_rate_idx = tx->rate_idx;
514 tx->rate_idx = rsel.probe_idx;
515 } else
516 info->control.alt_retry_rate_idx = -1;
517
518 if (unlikely(tx->rate_idx < 0))
519 return TX_DROP;
520 } else
521 info->control.alt_retry_rate_idx = -1;
522
523 if (tx->sdata->bss_conf.use_cts_prot &&
524 (tx->flags & IEEE80211_TX_FRAGMENTED) && (rsel.nonerp_idx >= 0)) {
525 tx->last_frag_rate_idx = tx->rate_idx;
526 if (rsel.probe_idx >= 0)
527 tx->flags &= ~IEEE80211_TX_PROBE_LAST_FRAG;
528 else
529 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
530 tx->rate_idx = rsel.nonerp_idx;
531 info->tx_rate_idx = rsel.nonerp_idx;
532 info->flags &= ~IEEE80211_TX_CTL_RATE_CTRL_PROBE;
533 } else {
534 tx->last_frag_rate_idx = tx->rate_idx;
535 info->tx_rate_idx = tx->rate_idx;
536 }
537 info->tx_rate_idx = tx->rate_idx;
538
539 return TX_CONTINUE;
540}
541
542static ieee80211_tx_result
543ieee80211_tx_h_misc(struct ieee80211_tx_data *tx)
544{
545 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
546 u16 fc = le16_to_cpu(hdr->frame_control);
547 u16 dur;
548 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
549 struct ieee80211_supported_band *sband;
550
551 sband = tx->local->hw.wiphy->bands[tx->channel->band];
552
553 if (tx->sta)
554 info->control.aid = tx->sta->aid;
555
556 if (!info->control.retry_limit) {
557 if (!is_multicast_ether_addr(hdr->addr1)) {
558 int len = min_t(int, tx->skb->len + FCS_LEN,
559 tx->local->fragmentation_threshold);
560 if (len > tx->local->rts_threshold
561 && tx->local->rts_threshold <
562 IEEE80211_MAX_RTS_THRESHOLD) {
563 info->flags |= IEEE80211_TX_CTL_USE_RTS_CTS;
564 info->flags |=
565 IEEE80211_TX_CTL_LONG_RETRY_LIMIT;
566 info->control.retry_limit =
567 tx->local->long_retry_limit;
568 } else {
569 info->control.retry_limit =
570 tx->local->short_retry_limit;
571 }
572 } else {
573 info->control.retry_limit = 1;
574 }
575 }
576
577 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
578 /* Do not use multiple retry rates when sending fragmented
579 * frames.
580 * TODO: The last fragment could still use multiple retry
581 * rates. */
582 info->control.alt_retry_rate_idx = -1;
583 }
584
585 /* Use CTS protection for unicast frames sent using extended rates if
586 * there are associated non-ERP stations and RTS/CTS is not configured
587 * for the frame. */
588 if ((tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) &&
589 (sband->bitrates[tx->rate_idx].flags & IEEE80211_RATE_ERP_G) &&
590 (tx->flags & IEEE80211_TX_UNICAST) &&
591 tx->sdata->bss_conf.use_cts_prot &&
592 !(info->flags & IEEE80211_TX_CTL_USE_RTS_CTS))
593 info->flags |= IEEE80211_TX_CTL_USE_CTS_PROTECT;
594
595 /* Transmit data frames using short preambles if the driver supports
596 * short preambles at the selected rate and short preambles are
597 * available on the network at the current point in time. */
598 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
599 (sband->bitrates[tx->rate_idx].flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
600 tx->sdata->bss_conf.use_short_preamble &&
601 (!tx->sta || test_sta_flags(tx->sta, WLAN_STA_SHORT_PREAMBLE))) {
602 info->flags |= IEEE80211_TX_CTL_SHORT_PREAMBLE;
603 }
604
605 /* Setup duration field for the first fragment of the frame. Duration
606 * for remaining fragments will be updated when they are being sent
607 * to low-level driver in ieee80211_tx(). */
608 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
609 (tx->flags & IEEE80211_TX_FRAGMENTED) ?
610 tx->extra_frag[0]->len : 0);
611 hdr->duration_id = cpu_to_le16(dur);
612
613 if ((info->flags & IEEE80211_TX_CTL_USE_RTS_CTS) ||
614 (info->flags & IEEE80211_TX_CTL_USE_CTS_PROTECT)) {
615 struct ieee80211_rate *rate;
616 s8 baserate = -1;
617 int idx;
618
619 /* Do not use multiple retry rates when using RTS/CTS */
620 info->control.alt_retry_rate_idx = -1;
621
622 /* Use min(data rate, max base rate) as CTS/RTS rate */
623 rate = &sband->bitrates[tx->rate_idx];
624
625 for (idx = 0; idx < sband->n_bitrates; idx++) {
626 if (sband->bitrates[idx].bitrate > rate->bitrate)
627 continue;
628 if (tx->sdata->basic_rates & BIT(idx) &&
629 (baserate < 0 ||
630 (sband->bitrates[baserate].bitrate
631 < sband->bitrates[idx].bitrate)))
632 baserate = idx;
633 }
634
635 if (baserate >= 0)
636 info->control.rts_cts_rate_idx = baserate;
637 else
638 info->control.rts_cts_rate_idx = 0;
639 }
640
641 if (tx->sta)
642 info->control.aid = tx->sta->aid;
503 643
504 return TX_CONTINUE; 644 return TX_CONTINUE;
505} 645}
@@ -518,6 +658,17 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
518 if (!(tx->flags & IEEE80211_TX_FRAGMENTED)) 658 if (!(tx->flags & IEEE80211_TX_FRAGMENTED))
519 return TX_CONTINUE; 659 return TX_CONTINUE;
520 660
661 /*
662 * Warn when submitting a fragmented A-MPDU frame and drop it.
663 * This is an error and needs to be fixed elsewhere, but when
664 * done needs to take care of monitor interfaces (injection)
665 * etc.
666 */
667 if (WARN_ON(tx->flags & IEEE80211_TX_CTL_AMPDU ||
668 skb_get_queue_mapping(tx->skb) >=
669 ieee80211_num_regular_queues(&tx->local->hw)))
670 return TX_DROP;
671
521 first = tx->skb; 672 first = tx->skb;
522 673
523 hdrlen = ieee80211_get_hdrlen(tx->fc); 674 hdrlen = ieee80211_get_hdrlen(tx->fc);
@@ -605,215 +756,22 @@ ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
605} 756}
606 757
607static ieee80211_tx_result 758static ieee80211_tx_result
608ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx) 759ieee80211_tx_h_stats(struct ieee80211_tx_data *tx)
609{
610 struct rate_selection rsel;
611 struct ieee80211_supported_band *sband;
612
613 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band];
614
615 if (likely(!tx->rate)) {
616 rate_control_get_rate(tx->dev, sband, tx->skb, &rsel);
617 tx->rate = rsel.rate;
618 if (unlikely(rsel.probe)) {
619 tx->control->flags |=
620 IEEE80211_TXCTL_RATE_CTRL_PROBE;
621 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
622 tx->control->alt_retry_rate = tx->rate;
623 tx->rate = rsel.probe;
624 } else
625 tx->control->alt_retry_rate = NULL;
626
627 if (!tx->rate)
628 return TX_DROP;
629 } else
630 tx->control->alt_retry_rate = NULL;
631
632 if (tx->sdata->bss_conf.use_cts_prot &&
633 (tx->flags & IEEE80211_TX_FRAGMENTED) && rsel.nonerp) {
634 tx->last_frag_rate = tx->rate;
635 if (rsel.probe)
636 tx->flags &= ~IEEE80211_TX_PROBE_LAST_FRAG;
637 else
638 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
639 tx->rate = rsel.nonerp;
640 tx->control->tx_rate = rsel.nonerp;
641 tx->control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
642 } else {
643 tx->last_frag_rate = tx->rate;
644 tx->control->tx_rate = tx->rate;
645 }
646 tx->control->tx_rate = tx->rate;
647
648 return TX_CONTINUE;
649}
650
651static ieee80211_tx_result
652ieee80211_tx_h_misc(struct ieee80211_tx_data *tx)
653{
654 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
655 u16 fc = le16_to_cpu(hdr->frame_control);
656 u16 dur;
657 struct ieee80211_tx_control *control = tx->control;
658
659 if (!control->retry_limit) {
660 if (!is_multicast_ether_addr(hdr->addr1)) {
661 if (tx->skb->len + FCS_LEN > tx->local->rts_threshold
662 && tx->local->rts_threshold <
663 IEEE80211_MAX_RTS_THRESHOLD) {
664 control->flags |=
665 IEEE80211_TXCTL_USE_RTS_CTS;
666 control->flags |=
667 IEEE80211_TXCTL_LONG_RETRY_LIMIT;
668 control->retry_limit =
669 tx->local->long_retry_limit;
670 } else {
671 control->retry_limit =
672 tx->local->short_retry_limit;
673 }
674 } else {
675 control->retry_limit = 1;
676 }
677 }
678
679 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
680 /* Do not use multiple retry rates when sending fragmented
681 * frames.
682 * TODO: The last fragment could still use multiple retry
683 * rates. */
684 control->alt_retry_rate = NULL;
685 }
686
687 /* Use CTS protection for unicast frames sent using extended rates if
688 * there are associated non-ERP stations and RTS/CTS is not configured
689 * for the frame. */
690 if ((tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) &&
691 (tx->rate->flags & IEEE80211_RATE_ERP_G) &&
692 (tx->flags & IEEE80211_TX_UNICAST) &&
693 tx->sdata->bss_conf.use_cts_prot &&
694 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
695 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
696
697 /* Transmit data frames using short preambles if the driver supports
698 * short preambles at the selected rate and short preambles are
699 * available on the network at the current point in time. */
700 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
701 (tx->rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
702 tx->sdata->bss_conf.use_short_preamble &&
703 (!tx->sta || test_sta_flags(tx->sta, WLAN_STA_SHORT_PREAMBLE))) {
704 tx->control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE;
705 }
706
707 /* Setup duration field for the first fragment of the frame. Duration
708 * for remaining fragments will be updated when they are being sent
709 * to low-level driver in ieee80211_tx(). */
710 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
711 (tx->flags & IEEE80211_TX_FRAGMENTED) ?
712 tx->extra_frag[0]->len : 0);
713 hdr->duration_id = cpu_to_le16(dur);
714
715 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
716 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) {
717 struct ieee80211_supported_band *sband;
718 struct ieee80211_rate *rate, *baserate;
719 int idx;
720
721 sband = tx->local->hw.wiphy->bands[
722 tx->local->hw.conf.channel->band];
723
724 /* Do not use multiple retry rates when using RTS/CTS */
725 control->alt_retry_rate = NULL;
726
727 /* Use min(data rate, max base rate) as CTS/RTS rate */
728 rate = tx->rate;
729 baserate = NULL;
730
731 for (idx = 0; idx < sband->n_bitrates; idx++) {
732 if (sband->bitrates[idx].bitrate > rate->bitrate)
733 continue;
734 if (tx->sdata->basic_rates & BIT(idx) &&
735 (!baserate ||
736 (baserate->bitrate < sband->bitrates[idx].bitrate)))
737 baserate = &sband->bitrates[idx];
738 }
739
740 if (baserate)
741 control->rts_cts_rate = baserate;
742 else
743 control->rts_cts_rate = &sband->bitrates[0];
744 }
745
746 if (tx->sta) {
747 control->aid = tx->sta->aid;
748 tx->sta->tx_packets++;
749 tx->sta->tx_fragments++;
750 tx->sta->tx_bytes += tx->skb->len;
751 if (tx->extra_frag) {
752 int i;
753 tx->sta->tx_fragments += tx->num_extra_frag;
754 for (i = 0; i < tx->num_extra_frag; i++) {
755 tx->sta->tx_bytes +=
756 tx->extra_frag[i]->len;
757 }
758 }
759 }
760
761 return TX_CONTINUE;
762}
763
764static ieee80211_tx_result
765ieee80211_tx_h_load_stats(struct ieee80211_tx_data *tx)
766{ 760{
767 struct ieee80211_local *local = tx->local; 761 int i;
768 struct sk_buff *skb = tx->skb;
769 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
770 u32 load = 0, hdrtime;
771 struct ieee80211_rate *rate = tx->rate;
772
773 /* TODO: this could be part of tx_status handling, so that the number
774 * of retries would be known; TX rate should in that case be stored
775 * somewhere with the packet */
776
777 /* Estimate total channel use caused by this frame */
778
779 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
780 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
781
782 if (tx->channel->band == IEEE80211_BAND_5GHZ ||
783 (tx->channel->band == IEEE80211_BAND_2GHZ &&
784 rate->flags & IEEE80211_RATE_ERP_G))
785 hdrtime = CHAN_UTIL_HDR_SHORT;
786 else
787 hdrtime = CHAN_UTIL_HDR_LONG;
788
789 load = hdrtime;
790 if (!is_multicast_ether_addr(hdr->addr1))
791 load += hdrtime;
792
793 if (tx->control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
794 load += 2 * hdrtime;
795 else if (tx->control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
796 load += hdrtime;
797 762
798 /* TODO: optimise again */ 763 if (!tx->sta)
799 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate; 764 return TX_CONTINUE;
800 765
766 tx->sta->tx_packets++;
767 tx->sta->tx_fragments++;
768 tx->sta->tx_bytes += tx->skb->len;
801 if (tx->extra_frag) { 769 if (tx->extra_frag) {
802 int i; 770 tx->sta->tx_fragments += tx->num_extra_frag;
803 for (i = 0; i < tx->num_extra_frag; i++) { 771 for (i = 0; i < tx->num_extra_frag; i++)
804 load += 2 * hdrtime; 772 tx->sta->tx_bytes += tx->extra_frag[i]->len;
805 load += tx->extra_frag[i]->len *
806 tx->rate->bitrate;
807 }
808 } 773 }
809 774
810 /* Divide channel_use by 8 to avoid wrapping around the counter */
811 load >>= CHAN_UTIL_SHIFT;
812 local->channel_use_raw += load;
813 if (tx->sta)
814 tx->sta->channel_use_raw += load;
815 tx->sdata->channel_use_raw += load;
816
817 return TX_CONTINUE; 775 return TX_CONTINUE;
818} 776}
819 777
@@ -826,11 +784,12 @@ static ieee80211_tx_handler ieee80211_tx_handlers[] =
826 ieee80211_tx_h_ps_buf, 784 ieee80211_tx_h_ps_buf,
827 ieee80211_tx_h_select_key, 785 ieee80211_tx_h_select_key,
828 ieee80211_tx_h_michael_mic_add, 786 ieee80211_tx_h_michael_mic_add,
829 ieee80211_tx_h_fragment,
830 ieee80211_tx_h_encrypt,
831 ieee80211_tx_h_rate_ctrl, 787 ieee80211_tx_h_rate_ctrl,
832 ieee80211_tx_h_misc, 788 ieee80211_tx_h_misc,
833 ieee80211_tx_h_load_stats, 789 ieee80211_tx_h_fragment,
790 /* handlers after fragment must be aware of tx info fragmentation! */
791 ieee80211_tx_h_encrypt,
792 ieee80211_tx_h_stats,
834 NULL 793 NULL
835}; 794};
836 795
@@ -857,12 +816,12 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
857 (struct ieee80211_radiotap_header *) skb->data; 816 (struct ieee80211_radiotap_header *) skb->data;
858 struct ieee80211_supported_band *sband; 817 struct ieee80211_supported_band *sband;
859 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len); 818 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len);
860 struct ieee80211_tx_control *control = tx->control; 819 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
861 820
862 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band]; 821 sband = tx->local->hw.wiphy->bands[tx->channel->band];
863 822
864 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 823 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
865 tx->flags |= IEEE80211_TX_INJECTED; 824 info->flags |= IEEE80211_TX_CTL_INJECTED;
866 tx->flags &= ~IEEE80211_TX_FRAGMENTED; 825 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
867 826
868 /* 827 /*
@@ -899,7 +858,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
899 r = &sband->bitrates[i]; 858 r = &sband->bitrates[i];
900 859
901 if (r->bitrate == target_rate) { 860 if (r->bitrate == target_rate) {
902 tx->rate = r; 861 tx->rate_idx = i;
903 break; 862 break;
904 } 863 }
905 } 864 }
@@ -910,7 +869,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
910 * radiotap uses 0 for 1st ant, mac80211 is 1 for 869 * radiotap uses 0 for 1st ant, mac80211 is 1 for
911 * 1st ant 870 * 1st ant
912 */ 871 */
913 control->antenna_sel_tx = (*iterator.this_arg) + 1; 872 info->antenna_sel_tx = (*iterator.this_arg) + 1;
914 break; 873 break;
915 874
916#if 0 875#if 0
@@ -934,8 +893,8 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
934 skb_trim(skb, skb->len - FCS_LEN); 893 skb_trim(skb, skb->len - FCS_LEN);
935 } 894 }
936 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP) 895 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP)
937 control->flags &= 896 info->flags &=
938 ~IEEE80211_TXCTL_DO_NOT_ENCRYPT; 897 ~IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
939 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG) 898 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG)
940 tx->flags |= IEEE80211_TX_FRAGMENTED; 899 tx->flags |= IEEE80211_TX_FRAGMENTED;
941 break; 900 break;
@@ -970,12 +929,12 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
970static ieee80211_tx_result 929static ieee80211_tx_result
971__ieee80211_tx_prepare(struct ieee80211_tx_data *tx, 930__ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
972 struct sk_buff *skb, 931 struct sk_buff *skb,
973 struct net_device *dev, 932 struct net_device *dev)
974 struct ieee80211_tx_control *control)
975{ 933{
976 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 934 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
977 struct ieee80211_hdr *hdr; 935 struct ieee80211_hdr *hdr;
978 struct ieee80211_sub_if_data *sdata; 936 struct ieee80211_sub_if_data *sdata;
937 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
979 938
980 int hdrlen; 939 int hdrlen;
981 940
@@ -984,7 +943,9 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
984 tx->dev = dev; /* use original interface */ 943 tx->dev = dev; /* use original interface */
985 tx->local = local; 944 tx->local = local;
986 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev); 945 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
987 tx->control = control; 946 tx->channel = local->hw.conf.channel;
947 tx->rate_idx = -1;
948 tx->last_frag_rate_idx = -1;
988 /* 949 /*
989 * Set this flag (used below to indicate "automatic fragmentation"), 950 * Set this flag (used below to indicate "automatic fragmentation"),
990 * it will be cleared/left by radiotap as desired. 951 * it will be cleared/left by radiotap as desired.
@@ -1011,10 +972,10 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1011 972
1012 if (is_multicast_ether_addr(hdr->addr1)) { 973 if (is_multicast_ether_addr(hdr->addr1)) {
1013 tx->flags &= ~IEEE80211_TX_UNICAST; 974 tx->flags &= ~IEEE80211_TX_UNICAST;
1014 control->flags |= IEEE80211_TXCTL_NO_ACK; 975 info->flags |= IEEE80211_TX_CTL_NO_ACK;
1015 } else { 976 } else {
1016 tx->flags |= IEEE80211_TX_UNICAST; 977 tx->flags |= IEEE80211_TX_UNICAST;
1017 control->flags &= ~IEEE80211_TXCTL_NO_ACK; 978 info->flags &= ~IEEE80211_TX_CTL_NO_ACK;
1018 } 979 }
1019 980
1020 if (tx->flags & IEEE80211_TX_FRAGMENTED) { 981 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
@@ -1027,16 +988,16 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1027 } 988 }
1028 989
1029 if (!tx->sta) 990 if (!tx->sta)
1030 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT; 991 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1031 else if (test_and_clear_sta_flags(tx->sta, WLAN_STA_CLEAR_PS_FILT)) 992 else if (test_and_clear_sta_flags(tx->sta, WLAN_STA_CLEAR_PS_FILT))
1032 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT; 993 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1033 994
1034 hdrlen = ieee80211_get_hdrlen(tx->fc); 995 hdrlen = ieee80211_get_hdrlen(tx->fc);
1035 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) { 996 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) {
1036 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)]; 997 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)];
1037 tx->ethertype = (pos[0] << 8) | pos[1]; 998 tx->ethertype = (pos[0] << 8) | pos[1];
1038 } 999 }
1039 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT; 1000 info->flags |= IEEE80211_TX_CTL_FIRST_FRAGMENT;
1040 1001
1041 return TX_CONTINUE; 1002 return TX_CONTINUE;
1042} 1003}
@@ -1046,14 +1007,12 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1046 */ 1007 */
1047static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx, 1008static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1048 struct sk_buff *skb, 1009 struct sk_buff *skb,
1049 struct net_device *mdev, 1010 struct net_device *mdev)
1050 struct ieee80211_tx_control *control)
1051{ 1011{
1052 struct ieee80211_tx_packet_data *pkt_data; 1012 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1053 struct net_device *dev; 1013 struct net_device *dev;
1054 1014
1055 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; 1015 dev = dev_get_by_index(&init_net, info->control.ifindex);
1056 dev = dev_get_by_index(&init_net, pkt_data->ifindex);
1057 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) { 1016 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) {
1058 dev_put(dev); 1017 dev_put(dev);
1059 dev = NULL; 1018 dev = NULL;
@@ -1061,7 +1020,7 @@ static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1061 if (unlikely(!dev)) 1020 if (unlikely(!dev))
1062 return -ENODEV; 1021 return -ENODEV;
1063 /* initialises tx with control */ 1022 /* initialises tx with control */
1064 __ieee80211_tx_prepare(tx, skb, dev, control); 1023 __ieee80211_tx_prepare(tx, skb, dev);
1065 dev_put(dev); 1024 dev_put(dev);
1066 return 0; 1025 return 0;
1067} 1026}
@@ -1069,50 +1028,49 @@ static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1069static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb, 1028static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1070 struct ieee80211_tx_data *tx) 1029 struct ieee80211_tx_data *tx)
1071{ 1030{
1072 struct ieee80211_tx_control *control = tx->control; 1031 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1073 int ret, i; 1032 int ret, i;
1074 1033
1075 if (!ieee80211_qdisc_installed(local->mdev) && 1034 if (netif_subqueue_stopped(local->mdev, skb))
1076 __ieee80211_queue_stopped(local, 0)) {
1077 netif_stop_queue(local->mdev);
1078 return IEEE80211_TX_AGAIN; 1035 return IEEE80211_TX_AGAIN;
1079 } 1036
1080 if (skb) { 1037 if (skb) {
1081 ieee80211_dump_frame(wiphy_name(local->hw.wiphy), 1038 ieee80211_dump_frame(wiphy_name(local->hw.wiphy),
1082 "TX to low-level driver", skb); 1039 "TX to low-level driver", skb);
1083 ret = local->ops->tx(local_to_hw(local), skb, control); 1040 ret = local->ops->tx(local_to_hw(local), skb);
1084 if (ret) 1041 if (ret)
1085 return IEEE80211_TX_AGAIN; 1042 return IEEE80211_TX_AGAIN;
1086 local->mdev->trans_start = jiffies; 1043 local->mdev->trans_start = jiffies;
1087 ieee80211_led_tx(local, 1); 1044 ieee80211_led_tx(local, 1);
1088 } 1045 }
1089 if (tx->extra_frag) { 1046 if (tx->extra_frag) {
1090 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1091 IEEE80211_TXCTL_USE_CTS_PROTECT |
1092 IEEE80211_TXCTL_CLEAR_PS_FILT |
1093 IEEE80211_TXCTL_FIRST_FRAGMENT);
1094 for (i = 0; i < tx->num_extra_frag; i++) { 1047 for (i = 0; i < tx->num_extra_frag; i++) {
1095 if (!tx->extra_frag[i]) 1048 if (!tx->extra_frag[i])
1096 continue; 1049 continue;
1097 if (__ieee80211_queue_stopped(local, control->queue)) 1050 info = IEEE80211_SKB_CB(tx->extra_frag[i]);
1051 info->flags &= ~(IEEE80211_TX_CTL_USE_RTS_CTS |
1052 IEEE80211_TX_CTL_USE_CTS_PROTECT |
1053 IEEE80211_TX_CTL_CLEAR_PS_FILT |
1054 IEEE80211_TX_CTL_FIRST_FRAGMENT);
1055 if (netif_subqueue_stopped(local->mdev,
1056 tx->extra_frag[i]))
1098 return IEEE80211_TX_FRAG_AGAIN; 1057 return IEEE80211_TX_FRAG_AGAIN;
1099 if (i == tx->num_extra_frag) { 1058 if (i == tx->num_extra_frag) {
1100 control->tx_rate = tx->last_frag_rate; 1059 info->tx_rate_idx = tx->last_frag_rate_idx;
1101 1060
1102 if (tx->flags & IEEE80211_TX_PROBE_LAST_FRAG) 1061 if (tx->flags & IEEE80211_TX_PROBE_LAST_FRAG)
1103 control->flags |= 1062 info->flags |=
1104 IEEE80211_TXCTL_RATE_CTRL_PROBE; 1063 IEEE80211_TX_CTL_RATE_CTRL_PROBE;
1105 else 1064 else
1106 control->flags &= 1065 info->flags &=
1107 ~IEEE80211_TXCTL_RATE_CTRL_PROBE; 1066 ~IEEE80211_TX_CTL_RATE_CTRL_PROBE;
1108 } 1067 }
1109 1068
1110 ieee80211_dump_frame(wiphy_name(local->hw.wiphy), 1069 ieee80211_dump_frame(wiphy_name(local->hw.wiphy),
1111 "TX to low-level driver", 1070 "TX to low-level driver",
1112 tx->extra_frag[i]); 1071 tx->extra_frag[i]);
1113 ret = local->ops->tx(local_to_hw(local), 1072 ret = local->ops->tx(local_to_hw(local),
1114 tx->extra_frag[i], 1073 tx->extra_frag[i]);
1115 control);
1116 if (ret) 1074 if (ret)
1117 return IEEE80211_TX_FRAG_AGAIN; 1075 return IEEE80211_TX_FRAG_AGAIN;
1118 local->mdev->trans_start = jiffies; 1076 local->mdev->trans_start = jiffies;
@@ -1125,17 +1083,20 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1125 return IEEE80211_TX_OK; 1083 return IEEE80211_TX_OK;
1126} 1084}
1127 1085
1128static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb, 1086static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb)
1129 struct ieee80211_tx_control *control)
1130{ 1087{
1131 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1088 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1132 struct sta_info *sta; 1089 struct sta_info *sta;
1133 ieee80211_tx_handler *handler; 1090 ieee80211_tx_handler *handler;
1134 struct ieee80211_tx_data tx; 1091 struct ieee80211_tx_data tx;
1135 ieee80211_tx_result res = TX_DROP, res_prepare; 1092 ieee80211_tx_result res = TX_DROP, res_prepare;
1093 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1136 int ret, i; 1094 int ret, i;
1095 u16 queue;
1137 1096
1138 WARN_ON(__ieee80211_queue_pending(local, control->queue)); 1097 queue = skb_get_queue_mapping(skb);
1098
1099 WARN_ON(test_bit(queue, local->queues_pending));
1139 1100
1140 if (unlikely(skb->len < 10)) { 1101 if (unlikely(skb->len < 10)) {
1141 dev_kfree_skb(skb); 1102 dev_kfree_skb(skb);
@@ -1145,7 +1106,7 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1145 rcu_read_lock(); 1106 rcu_read_lock();
1146 1107
1147 /* initialises tx */ 1108 /* initialises tx */
1148 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev, control); 1109 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev);
1149 1110
1150 if (res_prepare == TX_DROP) { 1111 if (res_prepare == TX_DROP) {
1151 dev_kfree_skb(skb); 1112 dev_kfree_skb(skb);
@@ -1155,6 +1116,7 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1155 1116
1156 sta = tx.sta; 1117 sta = tx.sta;
1157 tx.channel = local->hw.conf.channel; 1118 tx.channel = local->hw.conf.channel;
1119 info->band = tx.channel->band;
1158 1120
1159 for (handler = ieee80211_tx_handlers; *handler != NULL; 1121 for (handler = ieee80211_tx_handlers; *handler != NULL;
1160 handler++) { 1122 handler++) {
@@ -1163,7 +1125,8 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1163 break; 1125 break;
1164 } 1126 }
1165 1127
1166 skb = tx.skb; /* handlers are allowed to change skb */ 1128 if (WARN_ON(tx.skb != skb))
1129 goto drop;
1167 1130
1168 if (unlikely(res == TX_DROP)) { 1131 if (unlikely(res == TX_DROP)) {
1169 I802_DEBUG_INC(local->tx_handlers_drop); 1132 I802_DEBUG_INC(local->tx_handlers_drop);
@@ -1187,7 +1150,7 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1187 next_len = tx.extra_frag[i + 1]->len; 1150 next_len = tx.extra_frag[i + 1]->len;
1188 } else { 1151 } else {
1189 next_len = 0; 1152 next_len = 0;
1190 tx.rate = tx.last_frag_rate; 1153 tx.rate_idx = tx.last_frag_rate_idx;
1191 } 1154 }
1192 dur = ieee80211_duration(&tx, 0, next_len); 1155 dur = ieee80211_duration(&tx, 0, next_len);
1193 hdr->duration_id = cpu_to_le16(dur); 1156 hdr->duration_id = cpu_to_le16(dur);
@@ -1197,34 +1160,41 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1197retry: 1160retry:
1198 ret = __ieee80211_tx(local, skb, &tx); 1161 ret = __ieee80211_tx(local, skb, &tx);
1199 if (ret) { 1162 if (ret) {
1200 struct ieee80211_tx_stored_packet *store = 1163 struct ieee80211_tx_stored_packet *store;
1201 &local->pending_packet[control->queue]; 1164
1165 /*
1166 * Since there are no fragmented frames on A-MPDU
1167 * queues, there's no reason for a driver to reject
1168 * a frame there, warn and drop it.
1169 */
1170 if (WARN_ON(queue >= ieee80211_num_regular_queues(&local->hw)))
1171 goto drop;
1172
1173 store = &local->pending_packet[queue];
1202 1174
1203 if (ret == IEEE80211_TX_FRAG_AGAIN) 1175 if (ret == IEEE80211_TX_FRAG_AGAIN)
1204 skb = NULL; 1176 skb = NULL;
1205 set_bit(IEEE80211_LINK_STATE_PENDING, 1177 set_bit(queue, local->queues_pending);
1206 &local->state[control->queue]);
1207 smp_mb(); 1178 smp_mb();
1208 /* When the driver gets out of buffers during sending of 1179 /*
1209 * fragments and calls ieee80211_stop_queue, there is 1180 * When the driver gets out of buffers during sending of
1210 * a small window between IEEE80211_LINK_STATE_XOFF and 1181 * fragments and calls ieee80211_stop_queue, the netif
1211 * IEEE80211_LINK_STATE_PENDING flags are set. If a buffer 1182 * subqueue is stopped. There is, however, a small window
1183 * in which the PENDING bit is not yet set. If a buffer
1212 * gets available in that window (i.e. driver calls 1184 * gets available in that window (i.e. driver calls
1213 * ieee80211_wake_queue), we would end up with ieee80211_tx 1185 * ieee80211_wake_queue), we would end up with ieee80211_tx
1214 * called with IEEE80211_LINK_STATE_PENDING. Prevent this by 1186 * called with the PENDING bit still set. Prevent this by
1215 * continuing transmitting here when that situation is 1187 * continuing transmitting here when that situation is
1216 * possible to have happened. */ 1188 * possible to have happened.
1217 if (!__ieee80211_queue_stopped(local, control->queue)) { 1189 */
1218 clear_bit(IEEE80211_LINK_STATE_PENDING, 1190 if (!__netif_subqueue_stopped(local->mdev, queue)) {
1219 &local->state[control->queue]); 1191 clear_bit(queue, local->queues_pending);
1220 goto retry; 1192 goto retry;
1221 } 1193 }
1222 memcpy(&store->control, control,
1223 sizeof(struct ieee80211_tx_control));
1224 store->skb = skb; 1194 store->skb = skb;
1225 store->extra_frag = tx.extra_frag; 1195 store->extra_frag = tx.extra_frag;
1226 store->num_extra_frag = tx.num_extra_frag; 1196 store->num_extra_frag = tx.num_extra_frag;
1227 store->last_frag_rate = tx.last_frag_rate; 1197 store->last_frag_rate_idx = tx.last_frag_rate_idx;
1228 store->last_frag_rate_ctrl_probe = 1198 store->last_frag_rate_ctrl_probe =
1229 !!(tx.flags & IEEE80211_TX_PROBE_LAST_FRAG); 1199 !!(tx.flags & IEEE80211_TX_PROBE_LAST_FRAG);
1230 } 1200 }
@@ -1244,24 +1214,57 @@ retry:
1244 1214
1245/* device xmit handlers */ 1215/* device xmit handlers */
1246 1216
1217static int ieee80211_skb_resize(struct ieee80211_local *local,
1218 struct sk_buff *skb,
1219 int head_need, bool may_encrypt)
1220{
1221 int tail_need = 0;
1222
1223 /*
1224 * This could be optimised, devices that do full hardware
1225 * crypto (including TKIP MMIC) need no tailroom... But we
1226 * have no drivers for such devices currently.
1227 */
1228 if (may_encrypt) {
1229 tail_need = IEEE80211_ENCRYPT_TAILROOM;
1230 tail_need -= skb_tailroom(skb);
1231 tail_need = max_t(int, tail_need, 0);
1232 }
1233
1234 if (head_need || tail_need) {
1235 /* Sorry. Can't account for this any more */
1236 skb_orphan(skb);
1237 }
1238
1239 if (skb_header_cloned(skb))
1240 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1241 else
1242 I802_DEBUG_INC(local->tx_expand_skb_head);
1243
1244 if (pskb_expand_head(skb, head_need, tail_need, GFP_ATOMIC)) {
1245 printk(KERN_DEBUG "%s: failed to reallocate TX buffer\n",
1246 wiphy_name(local->hw.wiphy));
1247 return -ENOMEM;
1248 }
1249
1250 /* update truesize too */
1251 skb->truesize += head_need + tail_need;
1252
1253 return 0;
1254}
1255
1247int ieee80211_master_start_xmit(struct sk_buff *skb, 1256int ieee80211_master_start_xmit(struct sk_buff *skb,
1248 struct net_device *dev) 1257 struct net_device *dev)
1249{ 1258{
1250 struct ieee80211_tx_control control; 1259 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1251 struct ieee80211_tx_packet_data *pkt_data;
1252 struct net_device *odev = NULL; 1260 struct net_device *odev = NULL;
1253 struct ieee80211_sub_if_data *osdata; 1261 struct ieee80211_sub_if_data *osdata;
1254 int headroom; 1262 int headroom;
1263 bool may_encrypt;
1255 int ret; 1264 int ret;
1256 1265
1257 /* 1266 if (info->control.ifindex)
1258 * copy control out of the skb so other people can use skb->cb 1267 odev = dev_get_by_index(&init_net, info->control.ifindex);
1259 */
1260 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1261 memset(&control, 0, sizeof(struct ieee80211_tx_control));
1262
1263 if (pkt_data->ifindex)
1264 odev = dev_get_by_index(&init_net, pkt_data->ifindex);
1265 if (unlikely(odev && !is_ieee80211_device(odev, dev))) { 1268 if (unlikely(odev && !is_ieee80211_device(odev, dev))) {
1266 dev_put(odev); 1269 dev_put(odev);
1267 odev = NULL; 1270 odev = NULL;
@@ -1274,32 +1277,25 @@ int ieee80211_master_start_xmit(struct sk_buff *skb,
1274 dev_kfree_skb(skb); 1277 dev_kfree_skb(skb);
1275 return 0; 1278 return 0;
1276 } 1279 }
1280
1277 osdata = IEEE80211_DEV_TO_SUB_IF(odev); 1281 osdata = IEEE80211_DEV_TO_SUB_IF(odev);
1278 1282
1279 headroom = osdata->local->tx_headroom + IEEE80211_ENCRYPT_HEADROOM; 1283 may_encrypt = !(info->flags & IEEE80211_TX_CTL_DO_NOT_ENCRYPT);
1280 if (skb_headroom(skb) < headroom) { 1284
1281 if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) { 1285 headroom = osdata->local->tx_headroom;
1282 dev_kfree_skb(skb); 1286 if (may_encrypt)
1283 dev_put(odev); 1287 headroom += IEEE80211_ENCRYPT_HEADROOM;
1284 return 0; 1288 headroom -= skb_headroom(skb);
1285 } 1289 headroom = max_t(int, 0, headroom);
1290
1291 if (ieee80211_skb_resize(osdata->local, skb, headroom, may_encrypt)) {
1292 dev_kfree_skb(skb);
1293 dev_put(odev);
1294 return 0;
1286 } 1295 }
1287 1296
1288 control.vif = &osdata->vif; 1297 info->control.vif = &osdata->vif;
1289 control.type = osdata->vif.type; 1298 ret = ieee80211_tx(odev, skb);
1290 if (pkt_data->flags & IEEE80211_TXPD_REQ_TX_STATUS)
1291 control.flags |= IEEE80211_TXCTL_REQ_TX_STATUS;
1292 if (pkt_data->flags & IEEE80211_TXPD_DO_NOT_ENCRYPT)
1293 control.flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
1294 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE)
1295 control.flags |= IEEE80211_TXCTL_REQUEUE;
1296 if (pkt_data->flags & IEEE80211_TXPD_EAPOL_FRAME)
1297 control.flags |= IEEE80211_TXCTL_EAPOL_FRAME;
1298 if (pkt_data->flags & IEEE80211_TXPD_AMPDU)
1299 control.flags |= IEEE80211_TXCTL_AMPDU;
1300 control.queue = pkt_data->queue;
1301
1302 ret = ieee80211_tx(odev, skb, &control);
1303 dev_put(odev); 1299 dev_put(odev);
1304 1300
1305 return ret; 1301 return ret;
@@ -1309,7 +1305,7 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1309 struct net_device *dev) 1305 struct net_device *dev)
1310{ 1306{
1311 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1307 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1312 struct ieee80211_tx_packet_data *pkt_data; 1308 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1313 struct ieee80211_radiotap_header *prthdr = 1309 struct ieee80211_radiotap_header *prthdr =
1314 (struct ieee80211_radiotap_header *)skb->data; 1310 (struct ieee80211_radiotap_header *)skb->data;
1315 u16 len_rthdr; 1311 u16 len_rthdr;
@@ -1331,14 +1327,12 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1331 1327
1332 skb->dev = local->mdev; 1328 skb->dev = local->mdev;
1333 1329
1334 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1335 memset(pkt_data, 0, sizeof(*pkt_data));
1336 /* needed because we set skb device to master */ 1330 /* needed because we set skb device to master */
1337 pkt_data->ifindex = dev->ifindex; 1331 info->control.ifindex = dev->ifindex;
1338 1332
1339 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT; 1333 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
1340 /* Interfaces should always request a status report */ 1334 /* Interfaces should always request a status report */
1341 pkt_data->flags |= IEEE80211_TXPD_REQ_TX_STATUS; 1335 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
1342 1336
1343 /* 1337 /*
1344 * fix up the pointers accounting for the radiotap 1338 * fix up the pointers accounting for the radiotap
@@ -1382,7 +1376,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1382 struct net_device *dev) 1376 struct net_device *dev)
1383{ 1377{
1384 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1378 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1385 struct ieee80211_tx_packet_data *pkt_data; 1379 struct ieee80211_tx_info *info;
1386 struct ieee80211_sub_if_data *sdata; 1380 struct ieee80211_sub_if_data *sdata;
1387 int ret = 1, head_need; 1381 int ret = 1, head_need;
1388 u16 ethertype, hdrlen, meshhdrlen = 0, fc; 1382 u16 ethertype, hdrlen, meshhdrlen = 0, fc;
@@ -1494,7 +1488,8 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1494 } 1488 }
1495 1489
1496 /* receiver and we are QoS enabled, use a QoS type frame */ 1490 /* receiver and we are QoS enabled, use a QoS type frame */
1497 if (sta_flags & WLAN_STA_WME && local->hw.queues >= 4) { 1491 if (sta_flags & WLAN_STA_WME &&
1492 ieee80211_num_regular_queues(&local->hw) >= 4) {
1498 fc |= IEEE80211_STYPE_QOS_DATA; 1493 fc |= IEEE80211_STYPE_QOS_DATA;
1499 hdrlen += 2; 1494 hdrlen += 2;
1500 } 1495 }
@@ -1558,32 +1553,26 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1558 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and 1553 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1559 * alloc_skb() (net/core/skbuff.c) 1554 * alloc_skb() (net/core/skbuff.c)
1560 */ 1555 */
1561 head_need = hdrlen + encaps_len + meshhdrlen + local->tx_headroom; 1556 head_need = hdrlen + encaps_len + meshhdrlen - skb_headroom(skb);
1562 head_need -= skb_headroom(skb);
1563 1557
1564 /* We are going to modify skb data, so make a copy of it if happens to 1558 /*
1565 * be cloned. This could happen, e.g., with Linux bridge code passing 1559 * So we need to modify the skb header and hence need a copy of
1566 * us broadcast frames. */ 1560 * that. The head_need variable above doesn't, so far, include
1561 * the needed header space that we don't need right away. If we
1562 * can, then we don't reallocate right now but only after the
1563 * frame arrives at the master device (if it does...)
1564 *
1565 * If we cannot, however, then we will reallocate to include all
1566 * the ever needed space. Also, if we need to reallocate it anyway,
1567 * make it big enough for everything we may ever need.
1568 */
1567 1569
1568 if (head_need > 0 || skb_header_cloned(skb)) { 1570 if (head_need > 0 || skb_header_cloned(skb)) {
1569#if 0 1571 head_need += IEEE80211_ENCRYPT_HEADROOM;
1570 printk(KERN_DEBUG "%s: need to reallocate buffer for %d bytes " 1572 head_need += local->tx_headroom;
1571 "of headroom\n", dev->name, head_need); 1573 head_need = max_t(int, 0, head_need);
1572#endif 1574 if (ieee80211_skb_resize(local, skb, head_need, true))
1573
1574 if (skb_header_cloned(skb))
1575 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1576 else
1577 I802_DEBUG_INC(local->tx_expand_skb_head);
1578 /* Since we have to reallocate the buffer, make sure that there
1579 * is enough room for possible WEP IV/ICV and TKIP (8 bytes
1580 * before payload and 12 after). */
1581 if (pskb_expand_head(skb, (head_need > 0 ? head_need + 8 : 8),
1582 12, GFP_ATOMIC)) {
1583 printk(KERN_DEBUG "%s: failed to reallocate TX buffer"
1584 "\n", dev->name);
1585 goto fail; 1575 goto fail;
1586 }
1587 } 1576 }
1588 1577
1589 if (encaps_data) { 1578 if (encaps_data) {
@@ -1614,14 +1603,14 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1614 nh_pos += hdrlen; 1603 nh_pos += hdrlen;
1615 h_pos += hdrlen; 1604 h_pos += hdrlen;
1616 1605
1617 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; 1606 info = IEEE80211_SKB_CB(skb);
1618 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data)); 1607 memset(info, 0, sizeof(*info));
1619 pkt_data->ifindex = dev->ifindex; 1608 info->control.ifindex = dev->ifindex;
1620 if (ethertype == ETH_P_PAE) 1609 if (ethertype == ETH_P_PAE)
1621 pkt_data->flags |= IEEE80211_TXPD_EAPOL_FRAME; 1610 info->flags |= IEEE80211_TX_CTL_EAPOL_FRAME;
1622 1611
1623 /* Interfaces should always request a status report */ 1612 /* Interfaces should always request a status report */
1624 pkt_data->flags |= IEEE80211_TXPD_REQ_TX_STATUS; 1613 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
1625 1614
1626 skb->dev = local->mdev; 1615 skb->dev = local->mdev;
1627 dev->stats.tx_packets++; 1616 dev->stats.tx_packets++;
@@ -1646,46 +1635,55 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1646 return ret; 1635 return ret;
1647} 1636}
1648 1637
1649/* helper functions for pending packets for when queues are stopped */
1650 1638
1639/*
1640 * ieee80211_clear_tx_pending may not be called in a context where
1641 * it is possible that it packets could come in again.
1642 */
1651void ieee80211_clear_tx_pending(struct ieee80211_local *local) 1643void ieee80211_clear_tx_pending(struct ieee80211_local *local)
1652{ 1644{
1653 int i, j; 1645 int i, j;
1654 struct ieee80211_tx_stored_packet *store; 1646 struct ieee80211_tx_stored_packet *store;
1655 1647
1656 for (i = 0; i < local->hw.queues; i++) { 1648 for (i = 0; i < ieee80211_num_regular_queues(&local->hw); i++) {
1657 if (!__ieee80211_queue_pending(local, i)) 1649 if (!test_bit(i, local->queues_pending))
1658 continue; 1650 continue;
1659 store = &local->pending_packet[i]; 1651 store = &local->pending_packet[i];
1660 kfree_skb(store->skb); 1652 kfree_skb(store->skb);
1661 for (j = 0; j < store->num_extra_frag; j++) 1653 for (j = 0; j < store->num_extra_frag; j++)
1662 kfree_skb(store->extra_frag[j]); 1654 kfree_skb(store->extra_frag[j]);
1663 kfree(store->extra_frag); 1655 kfree(store->extra_frag);
1664 clear_bit(IEEE80211_LINK_STATE_PENDING, &local->state[i]); 1656 clear_bit(i, local->queues_pending);
1665 } 1657 }
1666} 1658}
1667 1659
1660/*
1661 * Transmit all pending packets. Called from tasklet, locks master device
1662 * TX lock so that no new packets can come in.
1663 */
1668void ieee80211_tx_pending(unsigned long data) 1664void ieee80211_tx_pending(unsigned long data)
1669{ 1665{
1670 struct ieee80211_local *local = (struct ieee80211_local *)data; 1666 struct ieee80211_local *local = (struct ieee80211_local *)data;
1671 struct net_device *dev = local->mdev; 1667 struct net_device *dev = local->mdev;
1672 struct ieee80211_tx_stored_packet *store; 1668 struct ieee80211_tx_stored_packet *store;
1673 struct ieee80211_tx_data tx; 1669 struct ieee80211_tx_data tx;
1674 int i, ret, reschedule = 0; 1670 int i, ret;
1675 1671
1676 netif_tx_lock_bh(dev); 1672 netif_tx_lock_bh(dev);
1677 for (i = 0; i < local->hw.queues; i++) { 1673 for (i = 0; i < ieee80211_num_regular_queues(&local->hw); i++) {
1678 if (__ieee80211_queue_stopped(local, i)) 1674 /* Check that this queue is ok */
1675 if (__netif_subqueue_stopped(local->mdev, i))
1679 continue; 1676 continue;
1680 if (!__ieee80211_queue_pending(local, i)) { 1677
1681 reschedule = 1; 1678 if (!test_bit(i, local->queues_pending)) {
1679 ieee80211_wake_queue(&local->hw, i);
1682 continue; 1680 continue;
1683 } 1681 }
1682
1684 store = &local->pending_packet[i]; 1683 store = &local->pending_packet[i];
1685 tx.control = &store->control;
1686 tx.extra_frag = store->extra_frag; 1684 tx.extra_frag = store->extra_frag;
1687 tx.num_extra_frag = store->num_extra_frag; 1685 tx.num_extra_frag = store->num_extra_frag;
1688 tx.last_frag_rate = store->last_frag_rate; 1686 tx.last_frag_rate_idx = store->last_frag_rate_idx;
1689 tx.flags = 0; 1687 tx.flags = 0;
1690 if (store->last_frag_rate_ctrl_probe) 1688 if (store->last_frag_rate_ctrl_probe)
1691 tx.flags |= IEEE80211_TX_PROBE_LAST_FRAG; 1689 tx.flags |= IEEE80211_TX_PROBE_LAST_FRAG;
@@ -1694,19 +1692,11 @@ void ieee80211_tx_pending(unsigned long data)
1694 if (ret == IEEE80211_TX_FRAG_AGAIN) 1692 if (ret == IEEE80211_TX_FRAG_AGAIN)
1695 store->skb = NULL; 1693 store->skb = NULL;
1696 } else { 1694 } else {
1697 clear_bit(IEEE80211_LINK_STATE_PENDING, 1695 clear_bit(i, local->queues_pending);
1698 &local->state[i]); 1696 ieee80211_wake_queue(&local->hw, i);
1699 reschedule = 1;
1700 } 1697 }
1701 } 1698 }
1702 netif_tx_unlock_bh(dev); 1699 netif_tx_unlock_bh(dev);
1703 if (reschedule) {
1704 if (!ieee80211_qdisc_installed(dev)) {
1705 if (!__ieee80211_queue_stopped(local, 0))
1706 netif_wake_queue(dev);
1707 } else
1708 netif_schedule(dev);
1709 }
1710} 1700}
1711 1701
1712/* functions for drivers to get certain frames */ 1702/* functions for drivers to get certain frames */
@@ -1775,11 +1765,11 @@ static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1775} 1765}
1776 1766
1777struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, 1767struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1778 struct ieee80211_vif *vif, 1768 struct ieee80211_vif *vif)
1779 struct ieee80211_tx_control *control)
1780{ 1769{
1781 struct ieee80211_local *local = hw_to_local(hw); 1770 struct ieee80211_local *local = hw_to_local(hw);
1782 struct sk_buff *skb; 1771 struct sk_buff *skb;
1772 struct ieee80211_tx_info *info;
1783 struct net_device *bdev; 1773 struct net_device *bdev;
1784 struct ieee80211_sub_if_data *sdata = NULL; 1774 struct ieee80211_sub_if_data *sdata = NULL;
1785 struct ieee80211_if_ap *ap = NULL; 1775 struct ieee80211_if_ap *ap = NULL;
@@ -1789,9 +1779,10 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1789 struct ieee80211_mgmt *mgmt; 1779 struct ieee80211_mgmt *mgmt;
1790 int *num_beacons; 1780 int *num_beacons;
1791 bool err = true; 1781 bool err = true;
1782 enum ieee80211_band band = local->hw.conf.channel->band;
1792 u8 *pos; 1783 u8 *pos;
1793 1784
1794 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 1785 sband = local->hw.wiphy->bands[band];
1795 1786
1796 rcu_read_lock(); 1787 rcu_read_lock();
1797 1788
@@ -1884,30 +1875,32 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1884 goto out; 1875 goto out;
1885 } 1876 }
1886 1877
1887 if (control) { 1878 info = IEEE80211_SKB_CB(skb);
1888 rate_control_get_rate(local->mdev, sband, skb, &rsel);
1889 if (!rsel.rate) {
1890 if (net_ratelimit()) {
1891 printk(KERN_DEBUG "%s: ieee80211_beacon_get: "
1892 "no rate found\n",
1893 wiphy_name(local->hw.wiphy));
1894 }
1895 dev_kfree_skb(skb);
1896 skb = NULL;
1897 goto out;
1898 }
1899 1879
1900 control->vif = vif; 1880 info->band = band;
1901 control->tx_rate = rsel.rate; 1881 rate_control_get_rate(local->mdev, sband, skb, &rsel);
1902 if (sdata->bss_conf.use_short_preamble && 1882
1903 rsel.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 1883 if (unlikely(rsel.rate_idx < 0)) {
1904 control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE; 1884 if (net_ratelimit()) {
1905 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx; 1885 printk(KERN_DEBUG "%s: ieee80211_beacon_get: "
1906 control->flags |= IEEE80211_TXCTL_NO_ACK; 1886 "no rate found\n",
1907 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 1887 wiphy_name(local->hw.wiphy));
1908 control->retry_limit = 1; 1888 }
1909 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT; 1889 dev_kfree_skb(skb);
1890 skb = NULL;
1891 goto out;
1910 } 1892 }
1893
1894 info->control.vif = vif;
1895 info->tx_rate_idx = rsel.rate_idx;
1896 if (sdata->bss_conf.use_short_preamble &&
1897 sband->bitrates[rsel.rate_idx].flags & IEEE80211_RATE_SHORT_PREAMBLE)
1898 info->flags |= IEEE80211_TX_CTL_SHORT_PREAMBLE;
1899 info->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1900 info->flags |= IEEE80211_TX_CTL_NO_ACK;
1901 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
1902 info->control.retry_limit = 1;
1903 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1911 (*num_beacons)++; 1904 (*num_beacons)++;
1912out: 1905out:
1913 rcu_read_unlock(); 1906 rcu_read_unlock();
@@ -1917,7 +1910,7 @@ EXPORT_SYMBOL(ieee80211_beacon_get);
1917 1910
1918void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 1911void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1919 const void *frame, size_t frame_len, 1912 const void *frame, size_t frame_len,
1920 const struct ieee80211_tx_control *frame_txctl, 1913 const struct ieee80211_tx_info *frame_txctl,
1921 struct ieee80211_rts *rts) 1914 struct ieee80211_rts *rts)
1922{ 1915{
1923 const struct ieee80211_hdr *hdr = frame; 1916 const struct ieee80211_hdr *hdr = frame;
@@ -1934,7 +1927,7 @@ EXPORT_SYMBOL(ieee80211_rts_get);
1934 1927
1935void ieee80211_ctstoself_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 1928void ieee80211_ctstoself_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1936 const void *frame, size_t frame_len, 1929 const void *frame, size_t frame_len,
1937 const struct ieee80211_tx_control *frame_txctl, 1930 const struct ieee80211_tx_info *frame_txctl,
1938 struct ieee80211_cts *cts) 1931 struct ieee80211_cts *cts)
1939{ 1932{
1940 const struct ieee80211_hdr *hdr = frame; 1933 const struct ieee80211_hdr *hdr = frame;
@@ -1950,11 +1943,10 @@ EXPORT_SYMBOL(ieee80211_ctstoself_get);
1950 1943
1951struct sk_buff * 1944struct sk_buff *
1952ieee80211_get_buffered_bc(struct ieee80211_hw *hw, 1945ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1953 struct ieee80211_vif *vif, 1946 struct ieee80211_vif *vif)
1954 struct ieee80211_tx_control *control)
1955{ 1947{
1956 struct ieee80211_local *local = hw_to_local(hw); 1948 struct ieee80211_local *local = hw_to_local(hw);
1957 struct sk_buff *skb; 1949 struct sk_buff *skb = NULL;
1958 struct sta_info *sta; 1950 struct sta_info *sta;
1959 ieee80211_tx_handler *handler; 1951 ieee80211_tx_handler *handler;
1960 struct ieee80211_tx_data tx; 1952 struct ieee80211_tx_data tx;
@@ -1963,10 +1955,11 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1963 struct ieee80211_sub_if_data *sdata; 1955 struct ieee80211_sub_if_data *sdata;
1964 struct ieee80211_if_ap *bss = NULL; 1956 struct ieee80211_if_ap *bss = NULL;
1965 struct beacon_data *beacon; 1957 struct beacon_data *beacon;
1958 struct ieee80211_tx_info *info;
1966 1959
1967 sdata = vif_to_sdata(vif); 1960 sdata = vif_to_sdata(vif);
1968 bdev = sdata->dev; 1961 bdev = sdata->dev;
1969 1962 bss = &sdata->u.ap;
1970 1963
1971 if (!bss) 1964 if (!bss)
1972 return NULL; 1965 return NULL;
@@ -1974,19 +1967,16 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1974 rcu_read_lock(); 1967 rcu_read_lock();
1975 beacon = rcu_dereference(bss->beacon); 1968 beacon = rcu_dereference(bss->beacon);
1976 1969
1977 if (sdata->vif.type != IEEE80211_IF_TYPE_AP || !beacon || 1970 if (sdata->vif.type != IEEE80211_IF_TYPE_AP || !beacon || !beacon->head)
1978 !beacon->head) { 1971 goto out;
1979 rcu_read_unlock();
1980 return NULL;
1981 }
1982 1972
1983 if (bss->dtim_count != 0) 1973 if (bss->dtim_count != 0)
1984 return NULL; /* send buffered bc/mc only after DTIM beacon */ 1974 goto out; /* send buffered bc/mc only after DTIM beacon */
1985 memset(control, 0, sizeof(*control)); 1975
1986 while (1) { 1976 while (1) {
1987 skb = skb_dequeue(&bss->ps_bc_buf); 1977 skb = skb_dequeue(&bss->ps_bc_buf);
1988 if (!skb) 1978 if (!skb)
1989 return NULL; 1979 goto out;
1990 local->total_ps_buffered--; 1980 local->total_ps_buffered--;
1991 1981
1992 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) { 1982 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) {
@@ -1999,20 +1989,26 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1999 cpu_to_le16(IEEE80211_FCTL_MOREDATA); 1989 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
2000 } 1990 }
2001 1991
2002 if (!ieee80211_tx_prepare(&tx, skb, local->mdev, control)) 1992 if (!ieee80211_tx_prepare(&tx, skb, local->mdev))
2003 break; 1993 break;
2004 dev_kfree_skb_any(skb); 1994 dev_kfree_skb_any(skb);
2005 } 1995 }
1996
1997 info = IEEE80211_SKB_CB(skb);
1998
2006 sta = tx.sta; 1999 sta = tx.sta;
2007 tx.flags |= IEEE80211_TX_PS_BUFFERED; 2000 tx.flags |= IEEE80211_TX_PS_BUFFERED;
2008 tx.channel = local->hw.conf.channel; 2001 tx.channel = local->hw.conf.channel;
2002 info->band = tx.channel->band;
2009 2003
2010 for (handler = ieee80211_tx_handlers; *handler != NULL; handler++) { 2004 for (handler = ieee80211_tx_handlers; *handler != NULL; handler++) {
2011 res = (*handler)(&tx); 2005 res = (*handler)(&tx);
2012 if (res == TX_DROP || res == TX_QUEUED) 2006 if (res == TX_DROP || res == TX_QUEUED)
2013 break; 2007 break;
2014 } 2008 }
2015 skb = tx.skb; /* handlers are allowed to change skb */ 2009
2010 if (WARN_ON(tx.skb != skb))
2011 res = TX_DROP;
2016 2012
2017 if (res == TX_DROP) { 2013 if (res == TX_DROP) {
2018 I802_DEBUG_INC(local->tx_handlers_drop); 2014 I802_DEBUG_INC(local->tx_handlers_drop);
@@ -2023,6 +2019,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2023 skb = NULL; 2019 skb = NULL;
2024 } 2020 }
2025 2021
2022out:
2026 rcu_read_unlock(); 2023 rcu_read_unlock();
2027 2024
2028 return skb; 2025 return skb;
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 131e9e6c8a32..5a77e2c01f49 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -258,7 +258,7 @@ EXPORT_SYMBOL(ieee80211_generic_frame_duration);
258 258
259__le16 ieee80211_rts_duration(struct ieee80211_hw *hw, 259__le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
260 struct ieee80211_vif *vif, size_t frame_len, 260 struct ieee80211_vif *vif, size_t frame_len,
261 const struct ieee80211_tx_control *frame_txctl) 261 const struct ieee80211_tx_info *frame_txctl)
262{ 262{
263 struct ieee80211_local *local = hw_to_local(hw); 263 struct ieee80211_local *local = hw_to_local(hw);
264 struct ieee80211_rate *rate; 264 struct ieee80211_rate *rate;
@@ -266,10 +266,13 @@ __le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
266 bool short_preamble; 266 bool short_preamble;
267 int erp; 267 int erp;
268 u16 dur; 268 u16 dur;
269 struct ieee80211_supported_band *sband;
270
271 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
269 272
270 short_preamble = sdata->bss_conf.use_short_preamble; 273 short_preamble = sdata->bss_conf.use_short_preamble;
271 274
272 rate = frame_txctl->rts_cts_rate; 275 rate = &sband->bitrates[frame_txctl->control.rts_cts_rate_idx];
273 276
274 erp = 0; 277 erp = 0;
275 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) 278 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
@@ -292,7 +295,7 @@ EXPORT_SYMBOL(ieee80211_rts_duration);
292__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw, 295__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
293 struct ieee80211_vif *vif, 296 struct ieee80211_vif *vif,
294 size_t frame_len, 297 size_t frame_len,
295 const struct ieee80211_tx_control *frame_txctl) 298 const struct ieee80211_tx_info *frame_txctl)
296{ 299{
297 struct ieee80211_local *local = hw_to_local(hw); 300 struct ieee80211_local *local = hw_to_local(hw);
298 struct ieee80211_rate *rate; 301 struct ieee80211_rate *rate;
@@ -300,10 +303,13 @@ __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
300 bool short_preamble; 303 bool short_preamble;
301 int erp; 304 int erp;
302 u16 dur; 305 u16 dur;
306 struct ieee80211_supported_band *sband;
307
308 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
303 309
304 short_preamble = sdata->bss_conf.use_short_preamble; 310 short_preamble = sdata->bss_conf.use_short_preamble;
305 311
306 rate = frame_txctl->rts_cts_rate; 312 rate = &sband->bitrates[frame_txctl->control.rts_cts_rate_idx];
307 erp = 0; 313 erp = 0;
308 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) 314 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
309 erp = rate->flags & IEEE80211_RATE_ERP_G; 315 erp = rate->flags & IEEE80211_RATE_ERP_G;
@@ -311,7 +317,7 @@ __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
311 /* Data frame duration */ 317 /* Data frame duration */
312 dur = ieee80211_frame_duration(local, frame_len, rate->bitrate, 318 dur = ieee80211_frame_duration(local, frame_len, rate->bitrate,
313 erp, short_preamble); 319 erp, short_preamble);
314 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) { 320 if (!(frame_txctl->flags & IEEE80211_TX_CTL_NO_ACK)) {
315 /* ACK duration */ 321 /* ACK duration */
316 dur += ieee80211_frame_duration(local, 10, rate->bitrate, 322 dur += ieee80211_frame_duration(local, 10, rate->bitrate,
317 erp, short_preamble); 323 erp, short_preamble);
@@ -325,17 +331,15 @@ void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue)
325{ 331{
326 struct ieee80211_local *local = hw_to_local(hw); 332 struct ieee80211_local *local = hw_to_local(hw);
327 333
328 if (test_and_clear_bit(IEEE80211_LINK_STATE_XOFF, 334 if (test_bit(queue, local->queues_pending)) {
329 &local->state[queue])) { 335 tasklet_schedule(&local->tx_pending_tasklet);
330 if (test_bit(IEEE80211_LINK_STATE_PENDING, 336 } else {
331 &local->state[queue])) 337 if (ieee80211_is_multiqueue(local)) {
332 tasklet_schedule(&local->tx_pending_tasklet); 338 netif_wake_subqueue(local->mdev, queue);
333 else 339 } else {
334 if (!ieee80211_qdisc_installed(local->mdev)) { 340 WARN_ON(queue != 0);
335 if (queue == 0) 341 netif_wake_queue(local->mdev);
336 netif_wake_queue(local->mdev); 342 }
337 } else
338 __netif_schedule(local->mdev);
339 } 343 }
340} 344}
341EXPORT_SYMBOL(ieee80211_wake_queue); 345EXPORT_SYMBOL(ieee80211_wake_queue);
@@ -344,29 +348,20 @@ void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue)
344{ 348{
345 struct ieee80211_local *local = hw_to_local(hw); 349 struct ieee80211_local *local = hw_to_local(hw);
346 350
347 if (!ieee80211_qdisc_installed(local->mdev) && queue == 0) 351 if (ieee80211_is_multiqueue(local)) {
352 netif_stop_subqueue(local->mdev, queue);
353 } else {
354 WARN_ON(queue != 0);
348 netif_stop_queue(local->mdev); 355 netif_stop_queue(local->mdev);
349 set_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]); 356 }
350} 357}
351EXPORT_SYMBOL(ieee80211_stop_queue); 358EXPORT_SYMBOL(ieee80211_stop_queue);
352 359
353void ieee80211_start_queues(struct ieee80211_hw *hw)
354{
355 struct ieee80211_local *local = hw_to_local(hw);
356 int i;
357
358 for (i = 0; i < local->hw.queues; i++)
359 clear_bit(IEEE80211_LINK_STATE_XOFF, &local->state[i]);
360 if (!ieee80211_qdisc_installed(local->mdev))
361 netif_start_queue(local->mdev);
362}
363EXPORT_SYMBOL(ieee80211_start_queues);
364
365void ieee80211_stop_queues(struct ieee80211_hw *hw) 360void ieee80211_stop_queues(struct ieee80211_hw *hw)
366{ 361{
367 int i; 362 int i;
368 363
369 for (i = 0; i < hw->queues; i++) 364 for (i = 0; i < ieee80211_num_queues(hw); i++)
370 ieee80211_stop_queue(hw, i); 365 ieee80211_stop_queue(hw, i);
371} 366}
372EXPORT_SYMBOL(ieee80211_stop_queues); 367EXPORT_SYMBOL(ieee80211_stop_queues);
@@ -375,7 +370,7 @@ void ieee80211_wake_queues(struct ieee80211_hw *hw)
375{ 370{
376 int i; 371 int i;
377 372
378 for (i = 0; i < hw->queues; i++) 373 for (i = 0; i < hw->queues + hw->ampdu_queues; i++)
379 ieee80211_wake_queue(hw, i); 374 ieee80211_wake_queue(hw, i);
380} 375}
381EXPORT_SYMBOL(ieee80211_wake_queues); 376EXPORT_SYMBOL(ieee80211_wake_queues);
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index 3cbae42ec504..e7b6344c900a 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -93,13 +93,9 @@ static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local,
93 fc |= IEEE80211_FCTL_PROTECTED; 93 fc |= IEEE80211_FCTL_PROTECTED;
94 hdr->frame_control = cpu_to_le16(fc); 94 hdr->frame_control = cpu_to_le16(fc);
95 95
96 if ((skb_headroom(skb) < WEP_IV_LEN || 96 if (WARN_ON(skb_tailroom(skb) < WEP_ICV_LEN ||
97 skb_tailroom(skb) < WEP_ICV_LEN)) { 97 skb_headroom(skb) < WEP_IV_LEN))
98 I802_DEBUG_INC(local->tx_expand_skb_head); 98 return NULL;
99 if (unlikely(pskb_expand_head(skb, WEP_IV_LEN, WEP_ICV_LEN,
100 GFP_ATOMIC)))
101 return NULL;
102 }
103 99
104 hdrlen = ieee80211_get_hdrlen(fc); 100 hdrlen = ieee80211_get_hdrlen(fc);
105 newhdr = skb_push(skb, WEP_IV_LEN); 101 newhdr = skb_push(skb, WEP_IV_LEN);
@@ -333,11 +329,16 @@ ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx)
333 329
334static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) 330static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
335{ 331{
332 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
333
334 info->control.iv_len = WEP_IV_LEN;
335 info->control.icv_len = WEP_ICV_LEN;
336
336 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 337 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
337 if (ieee80211_wep_encrypt(tx->local, skb, tx->key)) 338 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
338 return -1; 339 return -1;
339 } else { 340 } else {
340 tx->control->hw_key = &tx->key->conf; 341 info->control.hw_key = &tx->key->conf;
341 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) { 342 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) {
342 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key)) 343 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key))
343 return -1; 344 return -1;
@@ -349,8 +350,6 @@ static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
349ieee80211_tx_result 350ieee80211_tx_result
350ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx) 351ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx)
351{ 352{
352 tx->control->iv_len = WEP_IV_LEN;
353 tx->control->icv_len = WEP_ICV_LEN;
354 ieee80211_tx_set_protected(tx); 353 ieee80211_tx_set_protected(tx);
355 354
356 if (wep_encrypt_skb(tx, tx->skb) < 0) { 355 if (wep_encrypt_skb(tx, tx->skb) < 0) {
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index c87baf4ce979..14a9ff10a1e9 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -149,8 +149,7 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
149 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr); 149 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
150 struct ieee80211_hw *hw = &local->hw; 150 struct ieee80211_hw *hw = &local->hw;
151 struct ieee80211_sched_data *q = qdisc_priv(qd); 151 struct ieee80211_sched_data *q = qdisc_priv(qd);
152 struct ieee80211_tx_packet_data *pkt_data = 152 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
153 (struct ieee80211_tx_packet_data *) skb->cb;
154 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 153 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
155 unsigned short fc = le16_to_cpu(hdr->frame_control); 154 unsigned short fc = le16_to_cpu(hdr->frame_control);
156 struct Qdisc *qdisc; 155 struct Qdisc *qdisc;
@@ -158,8 +157,8 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
158 int err, queue; 157 int err, queue;
159 u8 tid; 158 u8 tid;
160 159
161 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE) { 160 if (info->flags & IEEE80211_TX_CTL_REQUEUE) {
162 queue = pkt_data->queue; 161 queue = skb_get_queue_mapping(skb);
163 rcu_read_lock(); 162 rcu_read_lock();
164 sta = sta_info_get(local, hdr->addr1); 163 sta = sta_info_get(local, hdr->addr1);
165 tid = skb->priority & QOS_CONTROL_TAG1D_MASK; 164 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
@@ -168,9 +167,9 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
168 if ((ampdu_queue < QD_NUM(hw)) && 167 if ((ampdu_queue < QD_NUM(hw)) &&
169 test_bit(ampdu_queue, q->qdisc_pool)) { 168 test_bit(ampdu_queue, q->qdisc_pool)) {
170 queue = ampdu_queue; 169 queue = ampdu_queue;
171 pkt_data->flags |= IEEE80211_TXPD_AMPDU; 170 info->flags |= IEEE80211_TX_CTL_AMPDU;
172 } else { 171 } else {
173 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU; 172 info->flags &= ~IEEE80211_TX_CTL_AMPDU;
174 } 173 }
175 } 174 }
176 rcu_read_unlock(); 175 rcu_read_unlock();
@@ -206,9 +205,9 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
206 if ((ampdu_queue < QD_NUM(hw)) && 205 if ((ampdu_queue < QD_NUM(hw)) &&
207 test_bit(ampdu_queue, q->qdisc_pool)) { 206 test_bit(ampdu_queue, q->qdisc_pool)) {
208 queue = ampdu_queue; 207 queue = ampdu_queue;
209 pkt_data->flags |= IEEE80211_TXPD_AMPDU; 208 info->flags |= IEEE80211_TX_CTL_AMPDU;
210 } else { 209 } else {
211 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU; 210 info->flags &= ~IEEE80211_TX_CTL_AMPDU;
212 } 211 }
213 } 212 }
214 213
@@ -220,7 +219,7 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
220 err = NET_XMIT_DROP; 219 err = NET_XMIT_DROP;
221 } else { 220 } else {
222 tid = skb->priority & QOS_CONTROL_TAG1D_MASK; 221 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
223 pkt_data->queue = (unsigned int) queue; 222 skb_set_queue_mapping(skb, queue);
224 qdisc = q->queues[queue]; 223 qdisc = q->queues[queue];
225 err = qdisc->enqueue(skb, qdisc); 224 err = qdisc->enqueue(skb, qdisc);
226 if (err == NET_XMIT_SUCCESS) { 225 if (err == NET_XMIT_SUCCESS) {
@@ -241,13 +240,11 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
241static int wme_qdiscop_requeue(struct sk_buff *skb, struct Qdisc* qd) 240static int wme_qdiscop_requeue(struct sk_buff *skb, struct Qdisc* qd)
242{ 241{
243 struct ieee80211_sched_data *q = qdisc_priv(qd); 242 struct ieee80211_sched_data *q = qdisc_priv(qd);
244 struct ieee80211_tx_packet_data *pkt_data =
245 (struct ieee80211_tx_packet_data *) skb->cb;
246 struct Qdisc *qdisc; 243 struct Qdisc *qdisc;
247 int err; 244 int err;
248 245
249 /* we recorded which queue to use earlier! */ 246 /* we recorded which queue to use earlier! */
250 qdisc = q->queues[pkt_data->queue]; 247 qdisc = q->queues[skb_get_queue_mapping(skb)];
251 248
252 if ((err = qdisc->ops->requeue(skb, qdisc)) == 0) { 249 if ((err = qdisc->ops->requeue(skb, qdisc)) == 0) {
253 qd->q.qlen++; 250 qd->q.qlen++;
@@ -271,11 +268,8 @@ static struct sk_buff *wme_qdiscop_dequeue(struct Qdisc* qd)
271 /* check all the h/w queues in numeric/priority order */ 268 /* check all the h/w queues in numeric/priority order */
272 for (queue = 0; queue < QD_NUM(hw); queue++) { 269 for (queue = 0; queue < QD_NUM(hw); queue++) {
273 /* see if there is room in this hardware queue */ 270 /* see if there is room in this hardware queue */
274 if ((test_bit(IEEE80211_LINK_STATE_XOFF, 271 if (__netif_subqueue_stopped(local->mdev, queue) ||
275 &local->state[queue])) || 272 !test_bit(queue, q->qdisc_pool))
276 (test_bit(IEEE80211_LINK_STATE_PENDING,
277 &local->state[queue])) ||
278 (!test_bit(queue, q->qdisc_pool)))
279 continue; 273 continue;
280 274
281 /* there is space - try and get a frame */ 275 /* there is space - try and get a frame */
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
index fcc6b05508cc..bbdb53344817 100644
--- a/net/mac80211/wme.h
+++ b/net/mac80211/wme.h
@@ -31,7 +31,7 @@ static inline int WLAN_FC_IS_QOS_DATA(u16 fc)
31 return (fc & 0x8C) == 0x88; 31 return (fc & 0x8C) == 0x88;
32} 32}
33 33
34#ifdef CONFIG_NET_SCHED 34#ifdef CONFIG_MAC80211_QOS
35void ieee80211_install_qdisc(struct net_device *dev); 35void ieee80211_install_qdisc(struct net_device *dev);
36int ieee80211_qdisc_installed(struct net_device *dev); 36int ieee80211_qdisc_installed(struct net_device *dev);
37int ieee80211_ht_agg_queue_add(struct ieee80211_local *local, 37int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 42f3654e1c5e..9f6fd20374e1 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -79,6 +79,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
79 struct sk_buff *skb = tx->skb; 79 struct sk_buff *skb = tx->skb;
80 int authenticator; 80 int authenticator;
81 int wpa_test = 0; 81 int wpa_test = 0;
82 int tail;
82 83
83 fc = tx->fc; 84 fc = tx->fc;
84 85
@@ -98,16 +99,13 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
98 return TX_CONTINUE; 99 return TX_CONTINUE;
99 } 100 }
100 101
101 if (skb_tailroom(skb) < MICHAEL_MIC_LEN) { 102 tail = MICHAEL_MIC_LEN;
102 I802_DEBUG_INC(tx->local->tx_expand_skb_head); 103 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
103 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN, 104 tail += TKIP_ICV_LEN;
104 MICHAEL_MIC_LEN + TKIP_ICV_LEN, 105
105 GFP_ATOMIC))) { 106 if (WARN_ON(skb_tailroom(skb) < tail ||
106 printk(KERN_DEBUG "%s: failed to allocate more memory " 107 skb_headroom(skb) < TKIP_IV_LEN))
107 "for Michael MIC\n", tx->dev->name); 108 return TX_DROP;
108 return TX_DROP;
109 }
110 }
111 109
112#if 0 110#if 0
113 authenticator = fc & IEEE80211_FCTL_FROMDS; /* FIX */ 111 authenticator = fc & IEEE80211_FCTL_FROMDS; /* FIX */
@@ -176,59 +174,65 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
176 skb_trim(skb, skb->len - MICHAEL_MIC_LEN); 174 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
177 175
178 /* update IV in key information to be able to detect replays */ 176 /* update IV in key information to be able to detect replays */
179 rx->key->u.tkip.iv32_rx[rx->queue] = rx->tkip_iv32; 177 rx->key->u.tkip.rx[rx->queue].iv32 = rx->tkip_iv32;
180 rx->key->u.tkip.iv16_rx[rx->queue] = rx->tkip_iv16; 178 rx->key->u.tkip.rx[rx->queue].iv16 = rx->tkip_iv16;
181 179
182 return RX_CONTINUE; 180 return RX_CONTINUE;
183} 181}
184 182
185 183
186static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, 184static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
187 struct sk_buff *skb, int test)
188{ 185{
189 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 186 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
190 struct ieee80211_key *key = tx->key; 187 struct ieee80211_key *key = tx->key;
191 int hdrlen, len, tailneed; 188 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
189 int hdrlen, len, tail;
192 u16 fc; 190 u16 fc;
193 u8 *pos; 191 u8 *pos;
194 192
193 info->control.icv_len = TKIP_ICV_LEN;
194 info->control.iv_len = TKIP_IV_LEN;
195
196 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
197 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
198 /* hwaccel - with no need for preallocated room for IV/ICV */
199 info->control.hw_key = &tx->key->conf;
200 return 0;
201 }
202
195 fc = le16_to_cpu(hdr->frame_control); 203 fc = le16_to_cpu(hdr->frame_control);
196 hdrlen = ieee80211_get_hdrlen(fc); 204 hdrlen = ieee80211_get_hdrlen(fc);
197 len = skb->len - hdrlen; 205 len = skb->len - hdrlen;
198 206
199 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) 207 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)
200 tailneed = 0; 208 tail = 0;
201 else 209 else
202 tailneed = TKIP_ICV_LEN; 210 tail = TKIP_ICV_LEN;
203 211
204 if ((skb_headroom(skb) < TKIP_IV_LEN || 212 if (WARN_ON(skb_tailroom(skb) < tail ||
205 skb_tailroom(skb) < tailneed)) { 213 skb_headroom(skb) < TKIP_IV_LEN))
206 I802_DEBUG_INC(tx->local->tx_expand_skb_head); 214 return -1;
207 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN, tailneed,
208 GFP_ATOMIC)))
209 return -1;
210 }
211 215
212 pos = skb_push(skb, TKIP_IV_LEN); 216 pos = skb_push(skb, TKIP_IV_LEN);
213 memmove(pos, pos + TKIP_IV_LEN, hdrlen); 217 memmove(pos, pos + TKIP_IV_LEN, hdrlen);
214 pos += hdrlen; 218 pos += hdrlen;
215 219
216 /* Increase IV for the frame */ 220 /* Increase IV for the frame */
217 key->u.tkip.iv16++; 221 key->u.tkip.tx.iv16++;
218 if (key->u.tkip.iv16 == 0) 222 if (key->u.tkip.tx.iv16 == 0)
219 key->u.tkip.iv32++; 223 key->u.tkip.tx.iv32++;
220 224
221 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 225 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
222 hdr = (struct ieee80211_hdr *)skb->data; 226 hdr = (struct ieee80211_hdr *)skb->data;
223 227
224 /* hwaccel - with preallocated room for IV */ 228 /* hwaccel - with preallocated room for IV */
225 ieee80211_tkip_add_iv(pos, key, 229 ieee80211_tkip_add_iv(pos, key,
226 (u8) (key->u.tkip.iv16 >> 8), 230 (u8) (key->u.tkip.tx.iv16 >> 8),
227 (u8) (((key->u.tkip.iv16 >> 8) | 0x20) & 231 (u8) (((key->u.tkip.tx.iv16 >> 8) | 0x20) &
228 0x7f), 232 0x7f),
229 (u8) key->u.tkip.iv16); 233 (u8) key->u.tkip.tx.iv16);
230 234
231 tx->control->hw_key = &tx->key->conf; 235 info->control.hw_key = &tx->key->conf;
232 return 0; 236 return 0;
233 } 237 }
234 238
@@ -246,28 +250,16 @@ ieee80211_tx_result
246ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx) 250ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx)
247{ 251{
248 struct sk_buff *skb = tx->skb; 252 struct sk_buff *skb = tx->skb;
249 int wpa_test = 0, test = 0;
250 253
251 tx->control->icv_len = TKIP_ICV_LEN;
252 tx->control->iv_len = TKIP_IV_LEN;
253 ieee80211_tx_set_protected(tx); 254 ieee80211_tx_set_protected(tx);
254 255
255 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 256 if (tkip_encrypt_skb(tx, skb) < 0)
256 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
257 !wpa_test) {
258 /* hwaccel - with no need for preallocated room for IV/ICV */
259 tx->control->hw_key = &tx->key->conf;
260 return TX_CONTINUE;
261 }
262
263 if (tkip_encrypt_skb(tx, skb, test) < 0)
264 return TX_DROP; 257 return TX_DROP;
265 258
266 if (tx->extra_frag) { 259 if (tx->extra_frag) {
267 int i; 260 int i;
268 for (i = 0; i < tx->num_extra_frag; i++) { 261 for (i = 0; i < tx->num_extra_frag; i++) {
269 if (tkip_encrypt_skb(tx, tx->extra_frag[i], test) 262 if (tkip_encrypt_skb(tx, tx->extra_frag[i]) < 0)
270 < 0)
271 return TX_DROP; 263 return TX_DROP;
272 } 264 }
273 } 265 }
@@ -429,16 +421,27 @@ static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr)
429} 421}
430 422
431 423
432static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, 424static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
433 struct sk_buff *skb, int test)
434{ 425{
435 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 426 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
436 struct ieee80211_key *key = tx->key; 427 struct ieee80211_key *key = tx->key;
437 int hdrlen, len, tailneed; 428 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
429 int hdrlen, len, tail;
438 u16 fc; 430 u16 fc;
439 u8 *pos, *pn, *b_0, *aad, *scratch; 431 u8 *pos, *pn, *b_0, *aad, *scratch;
440 int i; 432 int i;
441 433
434 info->control.icv_len = CCMP_MIC_LEN;
435 info->control.iv_len = CCMP_HDR_LEN;
436
437 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
438 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
439 /* hwaccel - with no need for preallocated room for CCMP "
440 * header or MIC fields */
441 info->control.hw_key = &tx->key->conf;
442 return 0;
443 }
444
442 scratch = key->u.ccmp.tx_crypto_buf; 445 scratch = key->u.ccmp.tx_crypto_buf;
443 b_0 = scratch + 3 * AES_BLOCK_LEN; 446 b_0 = scratch + 3 * AES_BLOCK_LEN;
444 aad = scratch + 4 * AES_BLOCK_LEN; 447 aad = scratch + 4 * AES_BLOCK_LEN;
@@ -448,17 +451,13 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx,
448 len = skb->len - hdrlen; 451 len = skb->len - hdrlen;
449 452
450 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) 453 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)
451 tailneed = 0; 454 tail = 0;
452 else 455 else
453 tailneed = CCMP_MIC_LEN; 456 tail = CCMP_MIC_LEN;
454 457
455 if ((skb_headroom(skb) < CCMP_HDR_LEN || 458 if (WARN_ON(skb_tailroom(skb) < tail ||
456 skb_tailroom(skb) < tailneed)) { 459 skb_headroom(skb) < CCMP_HDR_LEN))
457 I802_DEBUG_INC(tx->local->tx_expand_skb_head); 460 return -1;
458 if (unlikely(pskb_expand_head(skb, CCMP_HDR_LEN, tailneed,
459 GFP_ATOMIC)))
460 return -1;
461 }
462 461
463 pos = skb_push(skb, CCMP_HDR_LEN); 462 pos = skb_push(skb, CCMP_HDR_LEN);
464 memmove(pos, pos + CCMP_HDR_LEN, hdrlen); 463 memmove(pos, pos + CCMP_HDR_LEN, hdrlen);
@@ -478,7 +477,7 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx,
478 477
479 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 478 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
480 /* hwaccel - with preallocated room for CCMP header */ 479 /* hwaccel - with preallocated room for CCMP header */
481 tx->control->hw_key = &tx->key->conf; 480 info->control.hw_key = &tx->key->conf;
482 return 0; 481 return 0;
483 } 482 }
484 483
@@ -495,28 +494,16 @@ ieee80211_tx_result
495ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx) 494ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
496{ 495{
497 struct sk_buff *skb = tx->skb; 496 struct sk_buff *skb = tx->skb;
498 int test = 0;
499 497
500 tx->control->icv_len = CCMP_MIC_LEN;
501 tx->control->iv_len = CCMP_HDR_LEN;
502 ieee80211_tx_set_protected(tx); 498 ieee80211_tx_set_protected(tx);
503 499
504 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 500 if (ccmp_encrypt_skb(tx, skb) < 0)
505 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
506 /* hwaccel - with no need for preallocated room for CCMP "
507 * header or MIC fields */
508 tx->control->hw_key = &tx->key->conf;
509 return TX_CONTINUE;
510 }
511
512 if (ccmp_encrypt_skb(tx, skb, test) < 0)
513 return TX_DROP; 501 return TX_DROP;
514 502
515 if (tx->extra_frag) { 503 if (tx->extra_frag) {
516 int i; 504 int i;
517 for (i = 0; i < tx->num_extra_frag; i++) { 505 for (i = 0; i < tx->num_extra_frag; i++) {
518 if (ccmp_encrypt_skb(tx, tx->extra_frag[i], test) 506 if (ccmp_encrypt_skb(tx, tx->extra_frag[i]) < 0)
519 < 0)
520 return TX_DROP; 507 return TX_DROP;
521 } 508 }
522 } 509 }