aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-07-09 21:24:39 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2013-07-09 21:24:39 -0400
commit496322bc91e35007ed754184dcd447a02b6dd685 (patch)
treef5298d0a74c0a6e65c0e98050b594b8d020904c1 /net/mac80211
parent2e17c5a97e231f3cb426f4b7895eab5be5c5442e (diff)
parent56e0ef527b184b3de2d7f88c6190812b2b2ac6bf (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller: "This is a re-do of the net-next pull request for the current merge window. The only difference from the one I made the other day is that this has Eliezer's interface renames and the timeout handling changes made based upon your feedback, as well as a few bug fixes that have trickeled in. Highlights: 1) Low latency device polling, eliminating the cost of interrupt handling and context switches. Allows direct polling of a network device from socket operations, such as recvmsg() and poll(). Currently ixgbe, mlx4, and bnx2x support this feature. Full high level description, performance numbers, and design in commit 0a4db187a999 ("Merge branch 'll_poll'") From Eliezer Tamir. 2) With the routing cache removed, ip_check_mc_rcu() gets exercised more than ever before in the case where we have lots of multicast addresses. Use a hash table instead of a simple linked list, from Eric Dumazet. 3) Add driver for Atheros CQA98xx 802.11ac wireless devices, from Bartosz Markowski, Janusz Dziedzic, Kalle Valo, Marek Kwaczynski, Marek Puzyniak, Michal Kazior, and Sujith Manoharan. 4) Support reporting the TUN device persist flag to userspace, from Pavel Emelyanov. 5) Allow controlling network device VF link state using netlink, from Rony Efraim. 6) Support GRE tunneling in openvswitch, from Pravin B Shelar. 7) Adjust SOCK_MIN_RCVBUF and SOCK_MIN_SNDBUF for modern times, from Daniel Borkmann and Eric Dumazet. 8) Allow controlling of TCP quickack behavior on a per-route basis, from Cong Wang. 9) Several bug fixes and improvements to vxlan from Stephen Hemminger, Pravin B Shelar, and Mike Rapoport. In particular, support receiving on multiple UDP ports. 10) Major cleanups, particular in the area of debugging and cookie lifetime handline, to the SCTP protocol code. From Daniel Borkmann. 11) Allow packets to cross network namespaces when traversing tunnel devices. From Nicolas Dichtel. 12) Allow monitoring netlink traffic via AF_PACKET sockets, in a manner akin to how we monitor real network traffic via ptype_all. From Daniel Borkmann. 13) Several bug fixes and improvements for the new alx device driver, from Johannes Berg. 14) Fix scalability issues in the netem packet scheduler's time queue, by using an rbtree. From Eric Dumazet. 15) Several bug fixes in TCP loss recovery handling, from Yuchung Cheng. 16) Add support for GSO segmentation of MPLS packets, from Simon Horman. 17) Make network notifiers have a real data type for the opaque pointer that's passed into them. Use this to properly handle network device flag changes in arp_netdev_event(). From Jiri Pirko and Timo Teräs. 18) Convert several drivers over to module_pci_driver(), from Peter Huewe. 19) tcp_fixup_rcvbuf() can loop 500 times over loopback, just use a O(1) calculation instead. From Eric Dumazet. 20) Support setting of explicit tunnel peer addresses in ipv6, just like ipv4. From Nicolas Dichtel. 21) Protect x86 BPF JIT against spraying attacks, from Eric Dumazet. 22) Prevent a single high rate flow from overruning an individual cpu during RX packet processing via selective flow shedding. From Willem de Bruijn. 23) Don't use spinlocks in TCP md5 signing fast paths, from Eric Dumazet. 24) Don't just drop GSO packets which are above the TBF scheduler's burst limit, chop them up so they are in-bounds instead. Also from Eric Dumazet. 25) VLAN offloads are missed when configured on top of a bridge, fix from Vlad Yasevich. 26) Support IPV6 in ping sockets. From Lorenzo Colitti. 27) Receive flow steering targets should be updated at poll() time too, from David Majnemer. 28) Fix several corner case regressions in PMTU/redirect handling due to the routing cache removal, from Timo Teräs. 29) We have to be mindful of ipv4 mapped ipv6 sockets in upd_v6_push_pending_frames(). From Hannes Frederic Sowa. 30) Fix L2TP sequence number handling bugs, from James Chapman." * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1214 commits) drivers/net: caif: fix wrong rtnl_is_locked() usage drivers/net: enic: release rtnl_lock on error-path vhost-net: fix use-after-free in vhost_net_flush net: mv643xx_eth: do not use port number as platform device id net: sctp: confirm route during forward progress virtio_net: fix race in RX VQ processing virtio: support unlocked queue poll net/cadence/macb: fix bug/typo in extracting gem_irq_read_clear bit Documentation: Fix references to defunct linux-net@vger.kernel.org net/fs: change busy poll time accounting net: rename low latency sockets functions to busy poll bridge: fix some kernel warning in multicast timer sfc: Fix memory leak when discarding scattered packets sit: fix tunnel update via netlink dt:net:stmmac: Add dt specific phy reset callback support. dt:net:stmmac: Add support to dwmac version 3.610 and 3.710 dt:net:stmmac: Allocate platform data only if its NULL. net:stmmac: fix memleak in the open method ipv6: rt6_check_neigh should successfully verify neigh if no NUD information are available net: ipv6: fix wrong ping_v6_sendmsg return value ...
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/aes_ccm.c6
-rw-r--r--net/mac80211/cfg.c67
-rw-r--r--net/mac80211/debugfs_netdev.c15
-rw-r--r--net/mac80211/driver-ops.h3
-rw-r--r--net/mac80211/ht.c8
-rw-r--r--net/mac80211/ibss.c114
-rw-r--r--net/mac80211/ieee80211_i.h37
-rw-r--r--net/mac80211/iface.c34
-rw-r--r--net/mac80211/key.c24
-rw-r--r--net/mac80211/key.h15
-rw-r--r--net/mac80211/main.c7
-rw-r--r--net/mac80211/mesh.c107
-rw-r--r--net/mac80211/mesh.h7
-rw-r--r--net/mac80211/mesh_plink.c8
-rw-r--r--net/mac80211/mlme.c436
-rw-r--r--net/mac80211/rate.c8
-rw-r--r--net/mac80211/rx.c56
-rw-r--r--net/mac80211/scan.c9
-rw-r--r--net/mac80211/sta_info.c8
-rw-r--r--net/mac80211/sta_info.h9
-rw-r--r--net/mac80211/tx.c11
-rw-r--r--net/mac80211/util.c41
-rw-r--r--net/mac80211/vht.c2
-rw-r--r--net/mac80211/wep.c48
-rw-r--r--net/mac80211/wpa.c68
25 files changed, 566 insertions, 582 deletions
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c
index 0785e95c9924..be7614b9ed27 100644
--- a/net/mac80211/aes_ccm.c
+++ b/net/mac80211/aes_ccm.c
@@ -85,7 +85,7 @@ void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
85 *cpos++ = *pos++ ^ e[i]; 85 *cpos++ = *pos++ ^ e[i];
86 } 86 }
87 87
88 for (i = 0; i < CCMP_MIC_LEN; i++) 88 for (i = 0; i < IEEE80211_CCMP_MIC_LEN; i++)
89 mic[i] = b[i] ^ s_0[i]; 89 mic[i] = b[i] ^ s_0[i];
90} 90}
91 91
@@ -123,7 +123,7 @@ int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
123 crypto_cipher_encrypt_one(tfm, a, a); 123 crypto_cipher_encrypt_one(tfm, a, a);
124 } 124 }
125 125
126 for (i = 0; i < CCMP_MIC_LEN; i++) { 126 for (i = 0; i < IEEE80211_CCMP_MIC_LEN; i++) {
127 if ((mic[i] ^ s_0[i]) != a[i]) 127 if ((mic[i] ^ s_0[i]) != a[i])
128 return -1; 128 return -1;
129 } 129 }
@@ -138,7 +138,7 @@ struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[])
138 138
139 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC); 139 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
140 if (!IS_ERR(tfm)) 140 if (!IS_ERR(tfm))
141 crypto_cipher_setkey(tfm, key, ALG_CCMP_KEY_LEN); 141 crypto_cipher_setkey(tfm, key, WLAN_KEY_LEN_CCMP);
142 142
143 return tfm; 143 return tfm;
144} 144}
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 4fdb306e42e0..8184d121ff09 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -73,16 +73,19 @@ static int ieee80211_change_iface(struct wiphy *wiphy,
73 struct ieee80211_local *local = sdata->local; 73 struct ieee80211_local *local = sdata->local;
74 74
75 if (ieee80211_sdata_running(sdata)) { 75 if (ieee80211_sdata_running(sdata)) {
76 u32 mask = MONITOR_FLAG_COOK_FRAMES |
77 MONITOR_FLAG_ACTIVE;
78
76 /* 79 /*
77 * Prohibit MONITOR_FLAG_COOK_FRAMES to be 80 * Prohibit MONITOR_FLAG_COOK_FRAMES and
78 * changed while the interface is up. 81 * MONITOR_FLAG_ACTIVE to be changed while the
82 * interface is up.
79 * Else we would need to add a lot of cruft 83 * Else we would need to add a lot of cruft
80 * to update everything: 84 * to update everything:
81 * cooked_mntrs, monitor and all fif_* counters 85 * cooked_mntrs, monitor and all fif_* counters
82 * reconfigure hardware 86 * reconfigure hardware
83 */ 87 */
84 if ((*flags & MONITOR_FLAG_COOK_FRAMES) != 88 if ((*flags & mask) != (sdata->u.mntr_flags & mask))
85 (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES))
86 return -EBUSY; 89 return -EBUSY;
87 90
88 ieee80211_adjust_monitor_flags(sdata, -1); 91 ieee80211_adjust_monitor_flags(sdata, -1);
@@ -444,7 +447,7 @@ static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
444 struct ieee80211_local *local = sdata->local; 447 struct ieee80211_local *local = sdata->local;
445 struct timespec uptime; 448 struct timespec uptime;
446 u64 packets = 0; 449 u64 packets = 0;
447 int ac; 450 int i, ac;
448 451
449 sinfo->generation = sdata->local->sta_generation; 452 sinfo->generation = sdata->local->sta_generation;
450 453
@@ -488,6 +491,17 @@ static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
488 sinfo->signal = (s8)sta->last_signal; 491 sinfo->signal = (s8)sta->last_signal;
489 sinfo->signal_avg = (s8) -ewma_read(&sta->avg_signal); 492 sinfo->signal_avg = (s8) -ewma_read(&sta->avg_signal);
490 } 493 }
494 if (sta->chains) {
495 sinfo->filled |= STATION_INFO_CHAIN_SIGNAL |
496 STATION_INFO_CHAIN_SIGNAL_AVG;
497
498 sinfo->chains = sta->chains;
499 for (i = 0; i < ARRAY_SIZE(sinfo->chain_signal); i++) {
500 sinfo->chain_signal[i] = sta->chain_signal_last[i];
501 sinfo->chain_signal_avg[i] =
502 (s8) -ewma_read(&sta->chain_signal_avg[i]);
503 }
504 }
491 505
492 sta_set_rate_info_tx(sta, &sta->last_tx_rate, &sinfo->txrate); 506 sta_set_rate_info_tx(sta, &sta->last_tx_rate, &sinfo->txrate);
493 sta_set_rate_info_rx(sta, &sinfo->rxrate); 507 sta_set_rate_info_rx(sta, &sinfo->rxrate);
@@ -728,7 +742,7 @@ static void ieee80211_get_et_strings(struct wiphy *wiphy,
728 742
729 if (sset == ETH_SS_STATS) { 743 if (sset == ETH_SS_STATS) {
730 sz_sta_stats = sizeof(ieee80211_gstrings_sta_stats); 744 sz_sta_stats = sizeof(ieee80211_gstrings_sta_stats);
731 memcpy(data, *ieee80211_gstrings_sta_stats, sz_sta_stats); 745 memcpy(data, ieee80211_gstrings_sta_stats, sz_sta_stats);
732 } 746 }
733 drv_get_et_strings(sdata, sset, &(data[sz_sta_stats])); 747 drv_get_et_strings(sdata, sset, &(data[sz_sta_stats]));
734} 748}
@@ -1741,6 +1755,7 @@ static int copy_mesh_setup(struct ieee80211_if_mesh *ifmsh,
1741 ifmsh->mesh_pp_id = setup->path_sel_proto; 1755 ifmsh->mesh_pp_id = setup->path_sel_proto;
1742 ifmsh->mesh_pm_id = setup->path_metric; 1756 ifmsh->mesh_pm_id = setup->path_metric;
1743 ifmsh->user_mpm = setup->user_mpm; 1757 ifmsh->user_mpm = setup->user_mpm;
1758 ifmsh->mesh_auth_id = setup->auth_id;
1744 ifmsh->security = IEEE80211_MESH_SEC_NONE; 1759 ifmsh->security = IEEE80211_MESH_SEC_NONE;
1745 if (setup->is_authenticated) 1760 if (setup->is_authenticated)
1746 ifmsh->security |= IEEE80211_MESH_SEC_AUTHED; 1761 ifmsh->security |= IEEE80211_MESH_SEC_AUTHED;
@@ -1750,6 +1765,7 @@ static int copy_mesh_setup(struct ieee80211_if_mesh *ifmsh,
1750 /* mcast rate setting in Mesh Node */ 1765 /* mcast rate setting in Mesh Node */
1751 memcpy(sdata->vif.bss_conf.mcast_rate, setup->mcast_rate, 1766 memcpy(sdata->vif.bss_conf.mcast_rate, setup->mcast_rate,
1752 sizeof(setup->mcast_rate)); 1767 sizeof(setup->mcast_rate));
1768 sdata->vif.bss_conf.basic_rates = setup->basic_rates;
1753 1769
1754 sdata->vif.bss_conf.beacon_int = setup->beacon_interval; 1770 sdata->vif.bss_conf.beacon_int = setup->beacon_interval;
1755 sdata->vif.bss_conf.dtim_period = setup->dtim_period; 1771 sdata->vif.bss_conf.dtim_period = setup->dtim_period;
@@ -1862,6 +1878,8 @@ static int ieee80211_update_mesh_config(struct wiphy *wiphy,
1862 if (_chg_mesh_attr(NL80211_MESHCONF_AWAKE_WINDOW, mask)) 1878 if (_chg_mesh_attr(NL80211_MESHCONF_AWAKE_WINDOW, mask))
1863 conf->dot11MeshAwakeWindowDuration = 1879 conf->dot11MeshAwakeWindowDuration =
1864 nconf->dot11MeshAwakeWindowDuration; 1880 nconf->dot11MeshAwakeWindowDuration;
1881 if (_chg_mesh_attr(NL80211_MESHCONF_PLINK_TIMEOUT, mask))
1882 conf->plink_timeout = nconf->plink_timeout;
1865 ieee80211_mbss_info_change_notify(sdata, BSS_CHANGED_BEACON); 1883 ieee80211_mbss_info_change_notify(sdata, BSS_CHANGED_BEACON);
1866 return 0; 1884 return 0;
1867} 1885}
@@ -2312,7 +2330,7 @@ int __ieee80211_request_smps(struct ieee80211_sub_if_data *sdata,
2312 enum ieee80211_smps_mode old_req; 2330 enum ieee80211_smps_mode old_req;
2313 int err; 2331 int err;
2314 2332
2315 lockdep_assert_held(&sdata->u.mgd.mtx); 2333 lockdep_assert_held(&sdata->wdev.mtx);
2316 2334
2317 old_req = sdata->u.mgd.req_smps; 2335 old_req = sdata->u.mgd.req_smps;
2318 sdata->u.mgd.req_smps = smps_mode; 2336 sdata->u.mgd.req_smps = smps_mode;
@@ -2369,9 +2387,9 @@ static int ieee80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
2369 local->dynamic_ps_forced_timeout = timeout; 2387 local->dynamic_ps_forced_timeout = timeout;
2370 2388
2371 /* no change, but if automatic follow powersave */ 2389 /* no change, but if automatic follow powersave */
2372 mutex_lock(&sdata->u.mgd.mtx); 2390 sdata_lock(sdata);
2373 __ieee80211_request_smps(sdata, sdata->u.mgd.req_smps); 2391 __ieee80211_request_smps(sdata, sdata->u.mgd.req_smps);
2374 mutex_unlock(&sdata->u.mgd.mtx); 2392 sdata_unlock(sdata);
2375 2393
2376 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS) 2394 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
2377 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 2395 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
@@ -2809,7 +2827,8 @@ static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
2809 !rcu_access_pointer(sdata->bss->beacon)) 2827 !rcu_access_pointer(sdata->bss->beacon))
2810 need_offchan = true; 2828 need_offchan = true;
2811 if (!ieee80211_is_action(mgmt->frame_control) || 2829 if (!ieee80211_is_action(mgmt->frame_control) ||
2812 mgmt->u.action.category == WLAN_CATEGORY_PUBLIC) 2830 mgmt->u.action.category == WLAN_CATEGORY_PUBLIC ||
2831 mgmt->u.action.category == WLAN_CATEGORY_SELF_PROTECTED)
2813 break; 2832 break;
2814 rcu_read_lock(); 2833 rcu_read_lock();
2815 sta = sta_info_get(sdata, mgmt->da); 2834 sta = sta_info_get(sdata, mgmt->da);
@@ -2829,6 +2848,12 @@ static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
2829 return -EOPNOTSUPP; 2848 return -EOPNOTSUPP;
2830 } 2849 }
2831 2850
2851 /* configurations requiring offchan cannot work if no channel has been
2852 * specified
2853 */
2854 if (need_offchan && !chan)
2855 return -EINVAL;
2856
2832 mutex_lock(&local->mtx); 2857 mutex_lock(&local->mtx);
2833 2858
2834 /* Check if the operating channel is the requested channel */ 2859 /* Check if the operating channel is the requested channel */
@@ -2838,10 +2863,15 @@ static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
2838 rcu_read_lock(); 2863 rcu_read_lock();
2839 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 2864 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2840 2865
2841 if (chanctx_conf) 2866 if (chanctx_conf) {
2842 need_offchan = chan != chanctx_conf->def.chan; 2867 need_offchan = chan && (chan != chanctx_conf->def.chan);
2843 else 2868 } else if (!chan) {
2869 ret = -EINVAL;
2870 rcu_read_unlock();
2871 goto out_unlock;
2872 } else {
2844 need_offchan = true; 2873 need_offchan = true;
2874 }
2845 rcu_read_unlock(); 2875 rcu_read_unlock();
2846 } 2876 }
2847 2877
@@ -2901,19 +2931,8 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy,
2901 u16 frame_type, bool reg) 2931 u16 frame_type, bool reg)
2902{ 2932{
2903 struct ieee80211_local *local = wiphy_priv(wiphy); 2933 struct ieee80211_local *local = wiphy_priv(wiphy);
2904 struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
2905 2934
2906 switch (frame_type) { 2935 switch (frame_type) {
2907 case IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH:
2908 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
2909 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
2910
2911 if (reg)
2912 ifibss->auth_frame_registrations++;
2913 else
2914 ifibss->auth_frame_registrations--;
2915 }
2916 break;
2917 case IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_PROBE_REQ: 2936 case IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_PROBE_REQ:
2918 if (reg) 2937 if (reg)
2919 local->probe_req_reg++; 2938 local->probe_req_reg++;
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index 14abcf44f974..cafe614ef93d 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -228,9 +228,9 @@ static int ieee80211_set_smps(struct ieee80211_sub_if_data *sdata,
228 if (sdata->vif.type != NL80211_IFTYPE_STATION) 228 if (sdata->vif.type != NL80211_IFTYPE_STATION)
229 return -EOPNOTSUPP; 229 return -EOPNOTSUPP;
230 230
231 mutex_lock(&sdata->u.mgd.mtx); 231 sdata_lock(sdata);
232 err = __ieee80211_request_smps(sdata, smps_mode); 232 err = __ieee80211_request_smps(sdata, smps_mode);
233 mutex_unlock(&sdata->u.mgd.mtx); 233 sdata_unlock(sdata);
234 234
235 return err; 235 return err;
236} 236}
@@ -313,16 +313,16 @@ static ssize_t ieee80211_if_parse_tkip_mic_test(
313 case NL80211_IFTYPE_STATION: 313 case NL80211_IFTYPE_STATION:
314 fc |= cpu_to_le16(IEEE80211_FCTL_TODS); 314 fc |= cpu_to_le16(IEEE80211_FCTL_TODS);
315 /* BSSID SA DA */ 315 /* BSSID SA DA */
316 mutex_lock(&sdata->u.mgd.mtx); 316 sdata_lock(sdata);
317 if (!sdata->u.mgd.associated) { 317 if (!sdata->u.mgd.associated) {
318 mutex_unlock(&sdata->u.mgd.mtx); 318 sdata_unlock(sdata);
319 dev_kfree_skb(skb); 319 dev_kfree_skb(skb);
320 return -ENOTCONN; 320 return -ENOTCONN;
321 } 321 }
322 memcpy(hdr->addr1, sdata->u.mgd.associated->bssid, ETH_ALEN); 322 memcpy(hdr->addr1, sdata->u.mgd.associated->bssid, ETH_ALEN);
323 memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN); 323 memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
324 memcpy(hdr->addr3, addr, ETH_ALEN); 324 memcpy(hdr->addr3, addr, ETH_ALEN);
325 mutex_unlock(&sdata->u.mgd.mtx); 325 sdata_unlock(sdata);
326 break; 326 break;
327 default: 327 default:
328 dev_kfree_skb(skb); 328 dev_kfree_skb(skb);
@@ -471,6 +471,8 @@ __IEEE80211_IF_FILE_W(tsf);
471IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC); 471IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC);
472 472
473#ifdef CONFIG_MAC80211_MESH 473#ifdef CONFIG_MAC80211_MESH
474IEEE80211_IF_FILE(estab_plinks, u.mesh.estab_plinks, ATOMIC);
475
474/* Mesh stats attributes */ 476/* Mesh stats attributes */
475IEEE80211_IF_FILE(fwded_mcast, u.mesh.mshstats.fwded_mcast, DEC); 477IEEE80211_IF_FILE(fwded_mcast, u.mesh.mshstats.fwded_mcast, DEC);
476IEEE80211_IF_FILE(fwded_unicast, u.mesh.mshstats.fwded_unicast, DEC); 478IEEE80211_IF_FILE(fwded_unicast, u.mesh.mshstats.fwded_unicast, DEC);
@@ -480,7 +482,6 @@ IEEE80211_IF_FILE(dropped_frames_congestion,
480 u.mesh.mshstats.dropped_frames_congestion, DEC); 482 u.mesh.mshstats.dropped_frames_congestion, DEC);
481IEEE80211_IF_FILE(dropped_frames_no_route, 483IEEE80211_IF_FILE(dropped_frames_no_route,
482 u.mesh.mshstats.dropped_frames_no_route, DEC); 484 u.mesh.mshstats.dropped_frames_no_route, DEC);
483IEEE80211_IF_FILE(estab_plinks, u.mesh.estab_plinks, ATOMIC);
484 485
485/* Mesh parameters */ 486/* Mesh parameters */
486IEEE80211_IF_FILE(dot11MeshMaxRetries, 487IEEE80211_IF_FILE(dot11MeshMaxRetries,
@@ -583,6 +584,7 @@ static void add_wds_files(struct ieee80211_sub_if_data *sdata)
583static void add_mesh_files(struct ieee80211_sub_if_data *sdata) 584static void add_mesh_files(struct ieee80211_sub_if_data *sdata)
584{ 585{
585 DEBUGFS_ADD_MODE(tsf, 0600); 586 DEBUGFS_ADD_MODE(tsf, 0600);
587 DEBUGFS_ADD_MODE(estab_plinks, 0400);
586} 588}
587 589
588static void add_mesh_stats(struct ieee80211_sub_if_data *sdata) 590static void add_mesh_stats(struct ieee80211_sub_if_data *sdata)
@@ -598,7 +600,6 @@ static void add_mesh_stats(struct ieee80211_sub_if_data *sdata)
598 MESHSTATS_ADD(dropped_frames_ttl); 600 MESHSTATS_ADD(dropped_frames_ttl);
599 MESHSTATS_ADD(dropped_frames_no_route); 601 MESHSTATS_ADD(dropped_frames_no_route);
600 MESHSTATS_ADD(dropped_frames_congestion); 602 MESHSTATS_ADD(dropped_frames_congestion);
601 MESHSTATS_ADD(estab_plinks);
602#undef MESHSTATS_ADD 603#undef MESHSTATS_ADD
603} 604}
604 605
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index 169664c122e2..b931c96a596f 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -146,7 +146,8 @@ static inline int drv_add_interface(struct ieee80211_local *local,
146 146
147 if (WARN_ON(sdata->vif.type == NL80211_IFTYPE_AP_VLAN || 147 if (WARN_ON(sdata->vif.type == NL80211_IFTYPE_AP_VLAN ||
148 (sdata->vif.type == NL80211_IFTYPE_MONITOR && 148 (sdata->vif.type == NL80211_IFTYPE_MONITOR &&
149 !(local->hw.flags & IEEE80211_HW_WANT_MONITOR_VIF)))) 149 !(local->hw.flags & IEEE80211_HW_WANT_MONITOR_VIF) &&
150 !(sdata->u.mntr_flags & MONITOR_FLAG_ACTIVE))))
150 return -EINVAL; 151 return -EINVAL;
151 152
152 trace_drv_add_interface(local, sdata); 153 trace_drv_add_interface(local, sdata);
diff --git a/net/mac80211/ht.c b/net/mac80211/ht.c
index af8cee06e4f3..f83534f6a2ee 100644
--- a/net/mac80211/ht.c
+++ b/net/mac80211/ht.c
@@ -281,13 +281,14 @@ void ieee80211_ba_session_work(struct work_struct *work)
281 sta, tid, WLAN_BACK_RECIPIENT, 281 sta, tid, WLAN_BACK_RECIPIENT,
282 WLAN_REASON_UNSPECIFIED, true); 282 WLAN_REASON_UNSPECIFIED, true);
283 283
284 spin_lock_bh(&sta->lock);
285
284 tid_tx = sta->ampdu_mlme.tid_start_tx[tid]; 286 tid_tx = sta->ampdu_mlme.tid_start_tx[tid];
285 if (tid_tx) { 287 if (tid_tx) {
286 /* 288 /*
287 * Assign it over to the normal tid_tx array 289 * Assign it over to the normal tid_tx array
288 * where it "goes live". 290 * where it "goes live".
289 */ 291 */
290 spin_lock_bh(&sta->lock);
291 292
292 sta->ampdu_mlme.tid_start_tx[tid] = NULL; 293 sta->ampdu_mlme.tid_start_tx[tid] = NULL;
293 /* could there be a race? */ 294 /* could there be a race? */
@@ -300,6 +301,7 @@ void ieee80211_ba_session_work(struct work_struct *work)
300 ieee80211_tx_ba_session_handle_start(sta, tid); 301 ieee80211_tx_ba_session_handle_start(sta, tid);
301 continue; 302 continue;
302 } 303 }
304 spin_unlock_bh(&sta->lock);
303 305
304 tid_tx = rcu_dereference_protected_tid_tx(sta, tid); 306 tid_tx = rcu_dereference_protected_tid_tx(sta, tid);
305 if (tid_tx && test_and_clear_bit(HT_AGG_STATE_WANT_STOP, 307 if (tid_tx && test_and_clear_bit(HT_AGG_STATE_WANT_STOP,
@@ -429,9 +431,9 @@ void ieee80211_request_smps_work(struct work_struct *work)
429 container_of(work, struct ieee80211_sub_if_data, 431 container_of(work, struct ieee80211_sub_if_data,
430 u.mgd.request_smps_work); 432 u.mgd.request_smps_work);
431 433
432 mutex_lock(&sdata->u.mgd.mtx); 434 sdata_lock(sdata);
433 __ieee80211_request_smps(sdata, sdata->u.mgd.driver_smps_mode); 435 __ieee80211_request_smps(sdata, sdata->u.mgd.driver_smps_mode);
434 mutex_unlock(&sdata->u.mgd.mtx); 436 sdata_unlock(sdata);
435} 437}
436 438
437void ieee80211_request_smps(struct ieee80211_vif *vif, 439void ieee80211_request_smps(struct ieee80211_vif *vif,
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 170f9a7fa319..ea7b9c2c7e66 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -54,7 +54,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
54 struct beacon_data *presp; 54 struct beacon_data *presp;
55 int frame_len; 55 int frame_len;
56 56
57 lockdep_assert_held(&ifibss->mtx); 57 sdata_assert_lock(sdata);
58 58
59 /* Reset own TSF to allow time synchronization work. */ 59 /* Reset own TSF to allow time synchronization work. */
60 drv_reset_tsf(local, sdata); 60 drv_reset_tsf(local, sdata);
@@ -74,14 +74,14 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
74 } 74 }
75 75
76 presp = rcu_dereference_protected(ifibss->presp, 76 presp = rcu_dereference_protected(ifibss->presp,
77 lockdep_is_held(&ifibss->mtx)); 77 lockdep_is_held(&sdata->wdev.mtx));
78 rcu_assign_pointer(ifibss->presp, NULL); 78 rcu_assign_pointer(ifibss->presp, NULL);
79 if (presp) 79 if (presp)
80 kfree_rcu(presp, rcu_head); 80 kfree_rcu(presp, rcu_head);
81 81
82 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0; 82 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
83 83
84 cfg80211_chandef_create(&chandef, chan, ifibss->channel_type); 84 chandef = ifibss->chandef;
85 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) { 85 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
86 chandef.width = NL80211_CHAN_WIDTH_20; 86 chandef.width = NL80211_CHAN_WIDTH_20;
87 chandef.center_freq1 = chan->center_freq; 87 chandef.center_freq1 = chan->center_freq;
@@ -176,6 +176,8 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
176 176
177 /* add HT capability and information IEs */ 177 /* add HT capability and information IEs */
178 if (chandef.width != NL80211_CHAN_WIDTH_20_NOHT && 178 if (chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
179 chandef.width != NL80211_CHAN_WIDTH_5 &&
180 chandef.width != NL80211_CHAN_WIDTH_10 &&
179 sband->ht_cap.ht_supported) { 181 sband->ht_cap.ht_supported) {
180 pos = ieee80211_ie_build_ht_cap(pos, &sband->ht_cap, 182 pos = ieee80211_ie_build_ht_cap(pos, &sband->ht_cap,
181 sband->ht_cap.cap); 183 sband->ht_cap.cap);
@@ -263,7 +265,7 @@ static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
263 const struct cfg80211_bss_ies *ies; 265 const struct cfg80211_bss_ies *ies;
264 u64 tsf; 266 u64 tsf;
265 267
266 lockdep_assert_held(&sdata->u.ibss.mtx); 268 sdata_assert_lock(sdata);
267 269
268 if (beacon_int < 10) 270 if (beacon_int < 10)
269 beacon_int = 10; 271 beacon_int = 10;
@@ -298,8 +300,7 @@ static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
298 tsf, false); 300 tsf, false);
299} 301}
300 302
301static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta, 303static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta)
302 bool auth)
303 __acquires(RCU) 304 __acquires(RCU)
304{ 305{
305 struct ieee80211_sub_if_data *sdata = sta->sdata; 306 struct ieee80211_sub_if_data *sdata = sta->sdata;
@@ -321,26 +322,19 @@ static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta,
321 /* If it fails, maybe we raced another insertion? */ 322 /* If it fails, maybe we raced another insertion? */
322 if (sta_info_insert_rcu(sta)) 323 if (sta_info_insert_rcu(sta))
323 return sta_info_get(sdata, addr); 324 return sta_info_get(sdata, addr);
324 if (auth && !sdata->u.ibss.auth_frame_registrations) {
325 ibss_dbg(sdata,
326 "TX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=1)\n",
327 sdata->vif.addr, addr, sdata->u.ibss.bssid);
328 ieee80211_send_auth(sdata, 1, WLAN_AUTH_OPEN, 0, NULL, 0,
329 addr, sdata->u.ibss.bssid, NULL, 0, 0, 0);
330 }
331 return sta; 325 return sta;
332} 326}
333 327
334static struct sta_info * 328static struct sta_info *
335ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, 329ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, const u8 *bssid,
336 const u8 *bssid, const u8 *addr, 330 const u8 *addr, u32 supp_rates)
337 u32 supp_rates, bool auth)
338 __acquires(RCU) 331 __acquires(RCU)
339{ 332{
340 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 333 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
341 struct ieee80211_local *local = sdata->local; 334 struct ieee80211_local *local = sdata->local;
342 struct sta_info *sta; 335 struct sta_info *sta;
343 struct ieee80211_chanctx_conf *chanctx_conf; 336 struct ieee80211_chanctx_conf *chanctx_conf;
337 struct ieee80211_supported_band *sband;
344 int band; 338 int band;
345 339
346 /* 340 /*
@@ -380,10 +374,11 @@ ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
380 sta->last_rx = jiffies; 374 sta->last_rx = jiffies;
381 375
382 /* make sure mandatory rates are always added */ 376 /* make sure mandatory rates are always added */
377 sband = local->hw.wiphy->bands[band];
383 sta->sta.supp_rates[band] = supp_rates | 378 sta->sta.supp_rates[band] = supp_rates |
384 ieee80211_mandatory_rates(local, band); 379 ieee80211_mandatory_rates(sband);
385 380
386 return ieee80211_ibss_finish_sta(sta, auth); 381 return ieee80211_ibss_finish_sta(sta);
387} 382}
388 383
389static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata, 384static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata,
@@ -405,10 +400,8 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
405 size_t len) 400 size_t len)
406{ 401{
407 u16 auth_alg, auth_transaction; 402 u16 auth_alg, auth_transaction;
408 struct sta_info *sta;
409 u8 deauth_frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
410 403
411 lockdep_assert_held(&sdata->u.ibss.mtx); 404 sdata_assert_lock(sdata);
412 405
413 if (len < 24 + 6) 406 if (len < 24 + 6)
414 return; 407 return;
@@ -423,22 +416,6 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
423 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) 416 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
424 return; 417 return;
425 418
426 sta_info_destroy_addr(sdata, mgmt->sa);
427 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 0, false);
428 rcu_read_unlock();
429
430 /*
431 * if we have any problem in allocating the new station, we reply with a
432 * DEAUTH frame to tell the other end that we had a problem
433 */
434 if (!sta) {
435 ieee80211_send_deauth_disassoc(sdata, sdata->u.ibss.bssid,
436 IEEE80211_STYPE_DEAUTH,
437 WLAN_REASON_UNSPECIFIED, true,
438 deauth_frame_buf);
439 return;
440 }
441
442 /* 419 /*
443 * IEEE 802.11 standard does not require authentication in IBSS 420 * IEEE 802.11 standard does not require authentication in IBSS
444 * networks and most implementations do not seem to use it. 421 * networks and most implementations do not seem to use it.
@@ -492,7 +469,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
492 prev_rates = sta->sta.supp_rates[band]; 469 prev_rates = sta->sta.supp_rates[band];
493 /* make sure mandatory rates are always added */ 470 /* make sure mandatory rates are always added */
494 sta->sta.supp_rates[band] = supp_rates | 471 sta->sta.supp_rates[band] = supp_rates |
495 ieee80211_mandatory_rates(local, band); 472 ieee80211_mandatory_rates(sband);
496 473
497 if (sta->sta.supp_rates[band] != prev_rates) { 474 if (sta->sta.supp_rates[band] != prev_rates) {
498 ibss_dbg(sdata, 475 ibss_dbg(sdata,
@@ -504,7 +481,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
504 } else { 481 } else {
505 rcu_read_unlock(); 482 rcu_read_unlock();
506 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid, 483 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid,
507 mgmt->sa, supp_rates, true); 484 mgmt->sa, supp_rates);
508 } 485 }
509 } 486 }
510 487
@@ -512,7 +489,9 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
512 set_sta_flag(sta, WLAN_STA_WME); 489 set_sta_flag(sta, WLAN_STA_WME);
513 490
514 if (sta && elems->ht_operation && elems->ht_cap_elem && 491 if (sta && elems->ht_operation && elems->ht_cap_elem &&
515 sdata->u.ibss.channel_type != NL80211_CHAN_NO_HT) { 492 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
493 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_5 &&
494 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_10) {
516 /* we both use HT */ 495 /* we both use HT */
517 struct ieee80211_ht_cap htcap_ie; 496 struct ieee80211_ht_cap htcap_ie;
518 struct cfg80211_chan_def chandef; 497 struct cfg80211_chan_def chandef;
@@ -527,8 +506,8 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
527 * fall back to HT20 if we don't use or use 506 * fall back to HT20 if we don't use or use
528 * the other extension channel 507 * the other extension channel
529 */ 508 */
530 if (cfg80211_get_chandef_type(&chandef) != 509 if (chandef.center_freq1 !=
531 sdata->u.ibss.channel_type) 510 sdata->u.ibss.chandef.center_freq1)
532 htcap_ie.cap_info &= 511 htcap_ie.cap_info &=
533 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40); 512 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40);
534 513
@@ -567,7 +546,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
567 546
568 /* different channel */ 547 /* different channel */
569 if (sdata->u.ibss.fixed_channel && 548 if (sdata->u.ibss.fixed_channel &&
570 sdata->u.ibss.channel != cbss->channel) 549 sdata->u.ibss.chandef.chan != cbss->channel)
571 goto put_bss; 550 goto put_bss;
572 551
573 /* different SSID */ 552 /* different SSID */
@@ -608,7 +587,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
608 ieee80211_sta_join_ibss(sdata, bss); 587 ieee80211_sta_join_ibss(sdata, bss);
609 supp_rates = ieee80211_sta_get_rates(local, elems, band, NULL); 588 supp_rates = ieee80211_sta_get_rates(local, elems, band, NULL);
610 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 589 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa,
611 supp_rates, true); 590 supp_rates);
612 rcu_read_unlock(); 591 rcu_read_unlock();
613 } 592 }
614 593
@@ -624,6 +603,7 @@ void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
624 struct ieee80211_local *local = sdata->local; 603 struct ieee80211_local *local = sdata->local;
625 struct sta_info *sta; 604 struct sta_info *sta;
626 struct ieee80211_chanctx_conf *chanctx_conf; 605 struct ieee80211_chanctx_conf *chanctx_conf;
606 struct ieee80211_supported_band *sband;
627 int band; 607 int band;
628 608
629 /* 609 /*
@@ -658,8 +638,9 @@ void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
658 sta->last_rx = jiffies; 638 sta->last_rx = jiffies;
659 639
660 /* make sure mandatory rates are always added */ 640 /* make sure mandatory rates are always added */
641 sband = local->hw.wiphy->bands[band];
661 sta->sta.supp_rates[band] = supp_rates | 642 sta->sta.supp_rates[band] = supp_rates |
662 ieee80211_mandatory_rates(local, band); 643 ieee80211_mandatory_rates(sband);
663 644
664 spin_lock(&ifibss->incomplete_lock); 645 spin_lock(&ifibss->incomplete_lock);
665 list_add(&sta->list, &ifibss->incomplete_stations); 646 list_add(&sta->list, &ifibss->incomplete_stations);
@@ -673,7 +654,7 @@ static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
673 int active = 0; 654 int active = 0;
674 struct sta_info *sta; 655 struct sta_info *sta;
675 656
676 lockdep_assert_held(&sdata->u.ibss.mtx); 657 sdata_assert_lock(sdata);
677 658
678 rcu_read_lock(); 659 rcu_read_lock();
679 660
@@ -699,7 +680,7 @@ static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
699{ 680{
700 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 681 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
701 682
702 lockdep_assert_held(&ifibss->mtx); 683 sdata_assert_lock(sdata);
703 684
704 mod_timer(&ifibss->timer, 685 mod_timer(&ifibss->timer,
705 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 686 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
@@ -730,7 +711,7 @@ static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
730 u16 capability; 711 u16 capability;
731 int i; 712 int i;
732 713
733 lockdep_assert_held(&ifibss->mtx); 714 sdata_assert_lock(sdata);
734 715
735 if (ifibss->fixed_bssid) { 716 if (ifibss->fixed_bssid) {
736 memcpy(bssid, ifibss->bssid, ETH_ALEN); 717 memcpy(bssid, ifibss->bssid, ETH_ALEN);
@@ -755,7 +736,7 @@ static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
755 sdata->drop_unencrypted = 0; 736 sdata->drop_unencrypted = 0;
756 737
757 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int, 738 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
758 ifibss->channel, ifibss->basic_rates, 739 ifibss->chandef.chan, ifibss->basic_rates,
759 capability, 0, true); 740 capability, 0, true);
760} 741}
761 742
@@ -773,7 +754,7 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
773 int active_ibss; 754 int active_ibss;
774 u16 capability; 755 u16 capability;
775 756
776 lockdep_assert_held(&ifibss->mtx); 757 sdata_assert_lock(sdata);
777 758
778 active_ibss = ieee80211_sta_active_ibss(sdata); 759 active_ibss = ieee80211_sta_active_ibss(sdata);
779 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss); 760 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss);
@@ -787,7 +768,7 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
787 if (ifibss->fixed_bssid) 768 if (ifibss->fixed_bssid)
788 bssid = ifibss->bssid; 769 bssid = ifibss->bssid;
789 if (ifibss->fixed_channel) 770 if (ifibss->fixed_channel)
790 chan = ifibss->channel; 771 chan = ifibss->chandef.chan;
791 if (!is_zero_ether_addr(ifibss->bssid)) 772 if (!is_zero_ether_addr(ifibss->bssid))
792 bssid = ifibss->bssid; 773 bssid = ifibss->bssid;
793 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid, 774 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid,
@@ -843,10 +824,10 @@ static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
843 struct beacon_data *presp; 824 struct beacon_data *presp;
844 u8 *pos, *end; 825 u8 *pos, *end;
845 826
846 lockdep_assert_held(&ifibss->mtx); 827 sdata_assert_lock(sdata);
847 828
848 presp = rcu_dereference_protected(ifibss->presp, 829 presp = rcu_dereference_protected(ifibss->presp,
849 lockdep_is_held(&ifibss->mtx)); 830 lockdep_is_held(&sdata->wdev.mtx));
850 831
851 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED || 832 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
852 len < 24 + 2 || !presp) 833 len < 24 + 2 || !presp)
@@ -930,7 +911,7 @@ void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
930 mgmt = (struct ieee80211_mgmt *) skb->data; 911 mgmt = (struct ieee80211_mgmt *) skb->data;
931 fc = le16_to_cpu(mgmt->frame_control); 912 fc = le16_to_cpu(mgmt->frame_control);
932 913
933 mutex_lock(&sdata->u.ibss.mtx); 914 sdata_lock(sdata);
934 915
935 if (!sdata->u.ibss.ssid_len) 916 if (!sdata->u.ibss.ssid_len)
936 goto mgmt_out; /* not ready to merge yet */ 917 goto mgmt_out; /* not ready to merge yet */
@@ -953,7 +934,7 @@ void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
953 } 934 }
954 935
955 mgmt_out: 936 mgmt_out:
956 mutex_unlock(&sdata->u.ibss.mtx); 937 sdata_unlock(sdata);
957} 938}
958 939
959void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata) 940void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
@@ -961,7 +942,7 @@ void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
961 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 942 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
962 struct sta_info *sta; 943 struct sta_info *sta;
963 944
964 mutex_lock(&ifibss->mtx); 945 sdata_lock(sdata);
965 946
966 /* 947 /*
967 * Work could be scheduled after scan or similar 948 * Work could be scheduled after scan or similar
@@ -978,7 +959,7 @@ void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
978 list_del(&sta->list); 959 list_del(&sta->list);
979 spin_unlock_bh(&ifibss->incomplete_lock); 960 spin_unlock_bh(&ifibss->incomplete_lock);
980 961
981 ieee80211_ibss_finish_sta(sta, true); 962 ieee80211_ibss_finish_sta(sta);
982 rcu_read_unlock(); 963 rcu_read_unlock();
983 spin_lock_bh(&ifibss->incomplete_lock); 964 spin_lock_bh(&ifibss->incomplete_lock);
984 } 965 }
@@ -997,7 +978,7 @@ void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
997 } 978 }
998 979
999 out: 980 out:
1000 mutex_unlock(&ifibss->mtx); 981 sdata_unlock(sdata);
1001} 982}
1002 983
1003static void ieee80211_ibss_timer(unsigned long data) 984static void ieee80211_ibss_timer(unsigned long data)
@@ -1014,7 +995,6 @@ void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
1014 995
1015 setup_timer(&ifibss->timer, ieee80211_ibss_timer, 996 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
1016 (unsigned long) sdata); 997 (unsigned long) sdata);
1017 mutex_init(&ifibss->mtx);
1018 INIT_LIST_HEAD(&ifibss->incomplete_stations); 998 INIT_LIST_HEAD(&ifibss->incomplete_stations);
1019 spin_lock_init(&ifibss->incomplete_lock); 999 spin_lock_init(&ifibss->incomplete_lock);
1020} 1000}
@@ -1041,8 +1021,6 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1041{ 1021{
1042 u32 changed = 0; 1022 u32 changed = 0;
1043 1023
1044 mutex_lock(&sdata->u.ibss.mtx);
1045
1046 if (params->bssid) { 1024 if (params->bssid) {
1047 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN); 1025 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN);
1048 sdata->u.ibss.fixed_bssid = true; 1026 sdata->u.ibss.fixed_bssid = true;
@@ -1057,9 +1035,7 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1057 1035
1058 sdata->vif.bss_conf.beacon_int = params->beacon_interval; 1036 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
1059 1037
1060 sdata->u.ibss.channel = params->chandef.chan; 1038 sdata->u.ibss.chandef = params->chandef;
1061 sdata->u.ibss.channel_type =
1062 cfg80211_get_chandef_type(&params->chandef);
1063 sdata->u.ibss.fixed_channel = params->channel_fixed; 1039 sdata->u.ibss.fixed_channel = params->channel_fixed;
1064 1040
1065 if (params->ie) { 1041 if (params->ie) {
@@ -1075,8 +1051,6 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1075 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len); 1051 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len);
1076 sdata->u.ibss.ssid_len = params->ssid_len; 1052 sdata->u.ibss.ssid_len = params->ssid_len;
1077 1053
1078 mutex_unlock(&sdata->u.ibss.mtx);
1079
1080 /* 1054 /*
1081 * 802.11n-2009 9.13.3.1: In an IBSS, the HT Protection field is 1055 * 802.11n-2009 9.13.3.1: In an IBSS, the HT Protection field is
1082 * reserved, but an HT STA shall protect HT transmissions as though 1056 * reserved, but an HT STA shall protect HT transmissions as though
@@ -1112,8 +1086,6 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1112 struct sta_info *sta; 1086 struct sta_info *sta;
1113 struct beacon_data *presp; 1087 struct beacon_data *presp;
1114 1088
1115 mutex_lock(&sdata->u.ibss.mtx);
1116
1117 active_ibss = ieee80211_sta_active_ibss(sdata); 1089 active_ibss = ieee80211_sta_active_ibss(sdata);
1118 1090
1119 if (!active_ibss && !is_zero_ether_addr(ifibss->bssid)) { 1091 if (!active_ibss && !is_zero_ether_addr(ifibss->bssid)) {
@@ -1122,7 +1094,7 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1122 if (ifibss->privacy) 1094 if (ifibss->privacy)
1123 capability |= WLAN_CAPABILITY_PRIVACY; 1095 capability |= WLAN_CAPABILITY_PRIVACY;
1124 1096
1125 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->channel, 1097 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->chandef.chan,
1126 ifibss->bssid, ifibss->ssid, 1098 ifibss->bssid, ifibss->ssid,
1127 ifibss->ssid_len, WLAN_CAPABILITY_IBSS | 1099 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
1128 WLAN_CAPABILITY_PRIVACY, 1100 WLAN_CAPABILITY_PRIVACY,
@@ -1157,7 +1129,7 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1157 /* remove beacon */ 1129 /* remove beacon */
1158 kfree(sdata->u.ibss.ie); 1130 kfree(sdata->u.ibss.ie);
1159 presp = rcu_dereference_protected(ifibss->presp, 1131 presp = rcu_dereference_protected(ifibss->presp,
1160 lockdep_is_held(&sdata->u.ibss.mtx)); 1132 lockdep_is_held(&sdata->wdev.mtx));
1161 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL); 1133 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL);
1162 sdata->vif.bss_conf.ibss_joined = false; 1134 sdata->vif.bss_conf.ibss_joined = false;
1163 sdata->vif.bss_conf.ibss_creator = false; 1135 sdata->vif.bss_conf.ibss_creator = false;
@@ -1173,7 +1145,5 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1173 1145
1174 del_timer_sync(&sdata->u.ibss.timer); 1146 del_timer_sync(&sdata->u.ibss.timer);
1175 1147
1176 mutex_unlock(&sdata->u.ibss.mtx);
1177
1178 return 0; 1148 return 0;
1179} 1149}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 9ca8e3278cc0..8412a303993a 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -94,6 +94,7 @@ struct ieee80211_bss {
94#define IEEE80211_MAX_SUPP_RATES 32 94#define IEEE80211_MAX_SUPP_RATES 32
95 u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; 95 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
96 size_t supp_rates_len; 96 size_t supp_rates_len;
97 struct ieee80211_rate *beacon_rate;
97 98
98 /* 99 /*
99 * During association, we save an ERP value from a probe response so 100 * During association, we save an ERP value from a probe response so
@@ -366,7 +367,7 @@ struct ieee80211_mgd_assoc_data {
366 u8 ssid_len; 367 u8 ssid_len;
367 u8 supp_rates_len; 368 u8 supp_rates_len;
368 bool wmm, uapsd; 369 bool wmm, uapsd;
369 bool have_beacon, need_beacon; 370 bool need_beacon;
370 bool synced; 371 bool synced;
371 bool timeout_started; 372 bool timeout_started;
372 373
@@ -394,7 +395,6 @@ struct ieee80211_if_managed {
394 bool nullfunc_failed; 395 bool nullfunc_failed;
395 bool connection_loss; 396 bool connection_loss;
396 397
397 struct mutex mtx;
398 struct cfg80211_bss *associated; 398 struct cfg80211_bss *associated;
399 struct ieee80211_mgd_auth_data *auth_data; 399 struct ieee80211_mgd_auth_data *auth_data;
400 struct ieee80211_mgd_assoc_data *assoc_data; 400 struct ieee80211_mgd_assoc_data *assoc_data;
@@ -405,6 +405,7 @@ struct ieee80211_if_managed {
405 405
406 bool powersave; /* powersave requested for this iface */ 406 bool powersave; /* powersave requested for this iface */
407 bool broken_ap; /* AP is broken -- turn off powersave */ 407 bool broken_ap; /* AP is broken -- turn off powersave */
408 bool have_beacon;
408 u8 dtim_period; 409 u8 dtim_period;
409 enum ieee80211_smps_mode req_smps, /* requested smps mode */ 410 enum ieee80211_smps_mode req_smps, /* requested smps mode */
410 driver_smps_mode; /* smps mode request */ 411 driver_smps_mode; /* smps mode request */
@@ -488,8 +489,6 @@ struct ieee80211_if_managed {
488struct ieee80211_if_ibss { 489struct ieee80211_if_ibss {
489 struct timer_list timer; 490 struct timer_list timer;
490 491
491 struct mutex mtx;
492
493 unsigned long last_scan_completed; 492 unsigned long last_scan_completed;
494 493
495 u32 basic_rates; 494 u32 basic_rates;
@@ -499,14 +498,12 @@ struct ieee80211_if_ibss {
499 bool privacy; 498 bool privacy;
500 499
501 bool control_port; 500 bool control_port;
502 unsigned int auth_frame_registrations;
503 501
504 u8 bssid[ETH_ALEN] __aligned(2); 502 u8 bssid[ETH_ALEN] __aligned(2);
505 u8 ssid[IEEE80211_MAX_SSID_LEN]; 503 u8 ssid[IEEE80211_MAX_SSID_LEN];
506 u8 ssid_len, ie_len; 504 u8 ssid_len, ie_len;
507 u8 *ie; 505 u8 *ie;
508 struct ieee80211_channel *channel; 506 struct cfg80211_chan_def chandef;
509 enum nl80211_channel_type channel_type;
510 507
511 unsigned long ibss_join_req; 508 unsigned long ibss_join_req;
512 /* probe response/beacon for IBSS */ 509 /* probe response/beacon for IBSS */
@@ -545,6 +542,7 @@ struct ieee80211_if_mesh {
545 struct timer_list mesh_path_root_timer; 542 struct timer_list mesh_path_root_timer;
546 543
547 unsigned long wrkq_flags; 544 unsigned long wrkq_flags;
545 unsigned long mbss_changed;
548 546
549 u8 mesh_id[IEEE80211_MAX_MESH_ID_LEN]; 547 u8 mesh_id[IEEE80211_MAX_MESH_ID_LEN];
550 size_t mesh_id_len; 548 size_t mesh_id_len;
@@ -580,8 +578,6 @@ struct ieee80211_if_mesh {
580 bool accepting_plinks; 578 bool accepting_plinks;
581 int num_gates; 579 int num_gates;
582 struct beacon_data __rcu *beacon; 580 struct beacon_data __rcu *beacon;
583 /* just protects beacon updates for now */
584 struct mutex mtx;
585 const u8 *ie; 581 const u8 *ie;
586 u8 ie_len; 582 u8 ie_len;
587 enum { 583 enum {
@@ -778,6 +774,26 @@ struct ieee80211_sub_if_data *vif_to_sdata(struct ieee80211_vif *p)
778 return container_of(p, struct ieee80211_sub_if_data, vif); 774 return container_of(p, struct ieee80211_sub_if_data, vif);
779} 775}
780 776
777static inline void sdata_lock(struct ieee80211_sub_if_data *sdata)
778 __acquires(&sdata->wdev.mtx)
779{
780 mutex_lock(&sdata->wdev.mtx);
781 __acquire(&sdata->wdev.mtx);
782}
783
784static inline void sdata_unlock(struct ieee80211_sub_if_data *sdata)
785 __releases(&sdata->wdev.mtx)
786{
787 mutex_unlock(&sdata->wdev.mtx);
788 __release(&sdata->wdev.mtx);
789}
790
791static inline void
792sdata_assert_lock(struct ieee80211_sub_if_data *sdata)
793{
794 lockdep_assert_held(&sdata->wdev.mtx);
795}
796
781static inline enum ieee80211_band 797static inline enum ieee80211_band
782ieee80211_get_sdata_band(struct ieee80211_sub_if_data *sdata) 798ieee80211_get_sdata_band(struct ieee80211_sub_if_data *sdata)
783{ 799{
@@ -1507,9 +1523,6 @@ static inline void ieee802_11_parse_elems(const u8 *start, size_t len,
1507 ieee802_11_parse_elems_crc(start, len, action, elems, 0, 0); 1523 ieee802_11_parse_elems_crc(start, len, action, elems, 0, 0);
1508} 1524}
1509 1525
1510u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
1511 enum ieee80211_band band);
1512
1513void ieee80211_dynamic_ps_enable_work(struct work_struct *work); 1526void ieee80211_dynamic_ps_enable_work(struct work_struct *work);
1514void ieee80211_dynamic_ps_disable_work(struct work_struct *work); 1527void ieee80211_dynamic_ps_disable_work(struct work_struct *work);
1515void ieee80211_dynamic_ps_timer(unsigned long data); 1528void ieee80211_dynamic_ps_timer(unsigned long data);
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 98d20c0f6fed..cc117591f678 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -159,7 +159,8 @@ static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
159 return 0; 159 return 0;
160} 160}
161 161
162static int ieee80211_verify_mac(struct ieee80211_sub_if_data *sdata, u8 *addr) 162static int ieee80211_verify_mac(struct ieee80211_sub_if_data *sdata, u8 *addr,
163 bool check_dup)
163{ 164{
164 struct ieee80211_local *local = sdata->local; 165 struct ieee80211_local *local = sdata->local;
165 struct ieee80211_sub_if_data *iter; 166 struct ieee80211_sub_if_data *iter;
@@ -180,13 +181,16 @@ static int ieee80211_verify_mac(struct ieee80211_sub_if_data *sdata, u8 *addr)
180 ((u64)m[2] << 3*8) | ((u64)m[3] << 2*8) | 181 ((u64)m[2] << 3*8) | ((u64)m[3] << 2*8) |
181 ((u64)m[4] << 1*8) | ((u64)m[5] << 0*8); 182 ((u64)m[4] << 1*8) | ((u64)m[5] << 0*8);
182 183
184 if (!check_dup)
185 return ret;
183 186
184 mutex_lock(&local->iflist_mtx); 187 mutex_lock(&local->iflist_mtx);
185 list_for_each_entry(iter, &local->interfaces, list) { 188 list_for_each_entry(iter, &local->interfaces, list) {
186 if (iter == sdata) 189 if (iter == sdata)
187 continue; 190 continue;
188 191
189 if (iter->vif.type == NL80211_IFTYPE_MONITOR) 192 if (iter->vif.type == NL80211_IFTYPE_MONITOR &&
193 !(iter->u.mntr_flags & MONITOR_FLAG_ACTIVE))
190 continue; 194 continue;
191 195
192 m = iter->vif.addr; 196 m = iter->vif.addr;
@@ -208,12 +212,17 @@ static int ieee80211_change_mac(struct net_device *dev, void *addr)
208{ 212{
209 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 213 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
210 struct sockaddr *sa = addr; 214 struct sockaddr *sa = addr;
215 bool check_dup = true;
211 int ret; 216 int ret;
212 217
213 if (ieee80211_sdata_running(sdata)) 218 if (ieee80211_sdata_running(sdata))
214 return -EBUSY; 219 return -EBUSY;
215 220
216 ret = ieee80211_verify_mac(sdata, sa->sa_data); 221 if (sdata->vif.type == NL80211_IFTYPE_MONITOR &&
222 !(sdata->u.mntr_flags & MONITOR_FLAG_ACTIVE))
223 check_dup = false;
224
225 ret = ieee80211_verify_mac(sdata, sa->sa_data, check_dup);
217 if (ret) 226 if (ret)
218 return ret; 227 return ret;
219 228
@@ -545,7 +554,11 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up)
545 break; 554 break;
546 } 555 }
547 556
548 if (local->monitors == 0 && local->open_count == 0) { 557 if (sdata->u.mntr_flags & MONITOR_FLAG_ACTIVE) {
558 res = drv_add_interface(local, sdata);
559 if (res)
560 goto err_stop;
561 } else if (local->monitors == 0 && local->open_count == 0) {
549 res = ieee80211_add_virtual_monitor(local); 562 res = ieee80211_add_virtual_monitor(local);
550 if (res) 563 if (res)
551 goto err_stop; 564 goto err_stop;
@@ -923,7 +936,11 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
923 mutex_lock(&local->mtx); 936 mutex_lock(&local->mtx);
924 ieee80211_recalc_idle(local); 937 ieee80211_recalc_idle(local);
925 mutex_unlock(&local->mtx); 938 mutex_unlock(&local->mtx);
926 break; 939
940 if (!(sdata->u.mntr_flags & MONITOR_FLAG_ACTIVE))
941 break;
942
943 /* fall through */
927 default: 944 default:
928 if (going_down) 945 if (going_down)
929 drv_remove_interface(local, sdata); 946 drv_remove_interface(local, sdata);
@@ -1072,7 +1089,7 @@ static const struct net_device_ops ieee80211_monitorif_ops = {
1072 .ndo_start_xmit = ieee80211_monitor_start_xmit, 1089 .ndo_start_xmit = ieee80211_monitor_start_xmit,
1073 .ndo_set_rx_mode = ieee80211_set_multicast_list, 1090 .ndo_set_rx_mode = ieee80211_set_multicast_list,
1074 .ndo_change_mtu = ieee80211_change_mtu, 1091 .ndo_change_mtu = ieee80211_change_mtu,
1075 .ndo_set_mac_address = eth_mac_addr, 1092 .ndo_set_mac_address = ieee80211_change_mac,
1076 .ndo_select_queue = ieee80211_monitor_select_queue, 1093 .ndo_select_queue = ieee80211_monitor_select_queue,
1077}; 1094};
1078 1095
@@ -1747,10 +1764,9 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local)
1747} 1764}
1748 1765
1749static int netdev_notify(struct notifier_block *nb, 1766static int netdev_notify(struct notifier_block *nb,
1750 unsigned long state, 1767 unsigned long state, void *ptr)
1751 void *ndev)
1752{ 1768{
1753 struct net_device *dev = ndev; 1769 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1754 struct ieee80211_sub_if_data *sdata; 1770 struct ieee80211_sub_if_data *sdata;
1755 1771
1756 if (state != NETDEV_CHANGENAME) 1772 if (state != NETDEV_CHANGENAME)
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 67059b88fea5..e39cc91d0cf1 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -335,12 +335,12 @@ struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
335 switch (cipher) { 335 switch (cipher) {
336 case WLAN_CIPHER_SUITE_WEP40: 336 case WLAN_CIPHER_SUITE_WEP40:
337 case WLAN_CIPHER_SUITE_WEP104: 337 case WLAN_CIPHER_SUITE_WEP104:
338 key->conf.iv_len = WEP_IV_LEN; 338 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
339 key->conf.icv_len = WEP_ICV_LEN; 339 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
340 break; 340 break;
341 case WLAN_CIPHER_SUITE_TKIP: 341 case WLAN_CIPHER_SUITE_TKIP:
342 key->conf.iv_len = TKIP_IV_LEN; 342 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
343 key->conf.icv_len = TKIP_ICV_LEN; 343 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
344 if (seq) { 344 if (seq) {
345 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 345 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
346 key->u.tkip.rx[i].iv32 = 346 key->u.tkip.rx[i].iv32 =
@@ -352,13 +352,13 @@ struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
352 spin_lock_init(&key->u.tkip.txlock); 352 spin_lock_init(&key->u.tkip.txlock);
353 break; 353 break;
354 case WLAN_CIPHER_SUITE_CCMP: 354 case WLAN_CIPHER_SUITE_CCMP:
355 key->conf.iv_len = CCMP_HDR_LEN; 355 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
356 key->conf.icv_len = CCMP_MIC_LEN; 356 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
357 if (seq) { 357 if (seq) {
358 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 358 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
359 for (j = 0; j < CCMP_PN_LEN; j++) 359 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
360 key->u.ccmp.rx_pn[i][j] = 360 key->u.ccmp.rx_pn[i][j] =
361 seq[CCMP_PN_LEN - j - 1]; 361 seq[IEEE80211_CCMP_PN_LEN - j - 1];
362 } 362 }
363 /* 363 /*
364 * Initialize AES key state here as an optimization so that 364 * Initialize AES key state here as an optimization so that
@@ -375,9 +375,9 @@ struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
375 key->conf.iv_len = 0; 375 key->conf.iv_len = 0;
376 key->conf.icv_len = sizeof(struct ieee80211_mmie); 376 key->conf.icv_len = sizeof(struct ieee80211_mmie);
377 if (seq) 377 if (seq)
378 for (j = 0; j < CMAC_PN_LEN; j++) 378 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
379 key->u.aes_cmac.rx_pn[j] = 379 key->u.aes_cmac.rx_pn[j] =
380 seq[CMAC_PN_LEN - j - 1]; 380 seq[IEEE80211_CMAC_PN_LEN - j - 1];
381 /* 381 /*
382 * Initialize AES key state here as an optimization so that 382 * Initialize AES key state here as an optimization so that
383 * it does not need to be initialized for every packet. 383 * it does not need to be initialized for every packet.
@@ -740,13 +740,13 @@ void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
740 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 740 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
741 else 741 else
742 pn = key->u.ccmp.rx_pn[tid]; 742 pn = key->u.ccmp.rx_pn[tid];
743 memcpy(seq->ccmp.pn, pn, CCMP_PN_LEN); 743 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
744 break; 744 break;
745 case WLAN_CIPHER_SUITE_AES_CMAC: 745 case WLAN_CIPHER_SUITE_AES_CMAC:
746 if (WARN_ON(tid != 0)) 746 if (WARN_ON(tid != 0))
747 return; 747 return;
748 pn = key->u.aes_cmac.rx_pn; 748 pn = key->u.aes_cmac.rx_pn;
749 memcpy(seq->aes_cmac.pn, pn, CMAC_PN_LEN); 749 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
750 break; 750 break;
751 } 751 }
752} 752}
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index e8de3e6d7804..036d57e76a5e 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -19,17 +19,6 @@
19#define NUM_DEFAULT_KEYS 4 19#define NUM_DEFAULT_KEYS 4
20#define NUM_DEFAULT_MGMT_KEYS 2 20#define NUM_DEFAULT_MGMT_KEYS 2
21 21
22#define WEP_IV_LEN 4
23#define WEP_ICV_LEN 4
24#define ALG_CCMP_KEY_LEN 16
25#define CCMP_HDR_LEN 8
26#define CCMP_MIC_LEN 8
27#define CCMP_TK_LEN 16
28#define CCMP_PN_LEN 6
29#define TKIP_IV_LEN 8
30#define TKIP_ICV_LEN 4
31#define CMAC_PN_LEN 6
32
33struct ieee80211_local; 22struct ieee80211_local;
34struct ieee80211_sub_if_data; 23struct ieee80211_sub_if_data;
35struct sta_info; 24struct sta_info;
@@ -93,13 +82,13 @@ struct ieee80211_key {
93 * frames and the last counter is used with Robust 82 * frames and the last counter is used with Robust
94 * Management frames. 83 * Management frames.
95 */ 84 */
96 u8 rx_pn[IEEE80211_NUM_TIDS + 1][CCMP_PN_LEN]; 85 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_CCMP_PN_LEN];
97 struct crypto_cipher *tfm; 86 struct crypto_cipher *tfm;
98 u32 replays; /* dot11RSNAStatsCCMPReplays */ 87 u32 replays; /* dot11RSNAStatsCCMPReplays */
99 } ccmp; 88 } ccmp;
100 struct { 89 struct {
101 atomic64_t tx_pn; 90 atomic64_t tx_pn;
102 u8 rx_pn[CMAC_PN_LEN]; 91 u8 rx_pn[IEEE80211_CMAC_PN_LEN];
103 struct crypto_cipher *tfm; 92 struct crypto_cipher *tfm;
104 u32 replays; /* dot11RSNAStatsCMACReplays */ 93 u32 replays; /* dot11RSNAStatsCMACReplays */
105 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */ 94 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 8eae74ac4e1e..091088ac7890 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -331,7 +331,7 @@ static int ieee80211_ifa_changed(struct notifier_block *nb,
331 return NOTIFY_DONE; 331 return NOTIFY_DONE;
332 332
333 ifmgd = &sdata->u.mgd; 333 ifmgd = &sdata->u.mgd;
334 mutex_lock(&ifmgd->mtx); 334 sdata_lock(sdata);
335 335
336 /* Copy the addresses to the bss_conf list */ 336 /* Copy the addresses to the bss_conf list */
337 ifa = idev->ifa_list; 337 ifa = idev->ifa_list;
@@ -349,7 +349,7 @@ static int ieee80211_ifa_changed(struct notifier_block *nb,
349 ieee80211_bss_info_change_notify(sdata, 349 ieee80211_bss_info_change_notify(sdata,
350 BSS_CHANGED_ARP_FILTER); 350 BSS_CHANGED_ARP_FILTER);
351 351
352 mutex_unlock(&ifmgd->mtx); 352 sdata_unlock(sdata);
353 353
354 return NOTIFY_DONE; 354 return NOTIFY_DONE;
355} 355}
@@ -686,8 +686,7 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
686 return -EINVAL; 686 return -EINVAL;
687 687
688#ifdef CONFIG_PM 688#ifdef CONFIG_PM
689 if ((hw->wiphy->wowlan.flags || hw->wiphy->wowlan.n_patterns) && 689 if (hw->wiphy->wowlan && (!local->ops->suspend || !local->ops->resume))
690 (!local->ops->suspend || !local->ops->resume))
691 return -EINVAL; 690 return -EINVAL;
692#endif 691#endif
693 692
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 6952760881c8..447f41bbe744 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -271,8 +271,7 @@ int mesh_add_meshconf_ie(struct ieee80211_sub_if_data *sdata,
271 *pos++ = ifmsh->mesh_auth_id; 271 *pos++ = ifmsh->mesh_auth_id;
272 /* Mesh Formation Info - number of neighbors */ 272 /* Mesh Formation Info - number of neighbors */
273 neighbors = atomic_read(&ifmsh->estab_plinks); 273 neighbors = atomic_read(&ifmsh->estab_plinks);
274 /* Number of neighbor mesh STAs or 15 whichever is smaller */ 274 neighbors = min_t(int, neighbors, IEEE80211_MAX_MESH_PEERINGS);
275 neighbors = (neighbors > 15) ? 15 : neighbors;
276 *pos++ = neighbors << 1; 275 *pos++ = neighbors << 1;
277 /* Mesh capability */ 276 /* Mesh capability */
278 *pos = IEEE80211_MESHCONF_CAPAB_FORWARDING; 277 *pos = IEEE80211_MESHCONF_CAPAB_FORWARDING;
@@ -417,7 +416,9 @@ int mesh_add_ht_cap_ie(struct ieee80211_sub_if_data *sdata,
417 416
418 sband = local->hw.wiphy->bands[band]; 417 sband = local->hw.wiphy->bands[band];
419 if (!sband->ht_cap.ht_supported || 418 if (!sband->ht_cap.ht_supported ||
420 sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT) 419 sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT ||
420 sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 ||
421 sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
421 return 0; 422 return 0;
422 423
423 if (skb_tailroom(skb) < 2 + sizeof(struct ieee80211_ht_cap)) 424 if (skb_tailroom(skb) < 2 + sizeof(struct ieee80211_ht_cap))
@@ -573,7 +574,7 @@ static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata)
573 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 574 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
574 u32 changed; 575 u32 changed;
575 576
576 ieee80211_sta_expire(sdata, IEEE80211_MESH_PEER_INACTIVITY_LIMIT); 577 ieee80211_sta_expire(sdata, ifmsh->mshcfg.plink_timeout * HZ);
577 mesh_path_expire(sdata); 578 mesh_path_expire(sdata);
578 579
579 changed = mesh_accept_plinks_update(sdata); 580 changed = mesh_accept_plinks_update(sdata);
@@ -697,38 +698,38 @@ out_free:
697} 698}
698 699
699static int 700static int
700ieee80211_mesh_rebuild_beacon(struct ieee80211_if_mesh *ifmsh) 701ieee80211_mesh_rebuild_beacon(struct ieee80211_sub_if_data *sdata)
701{ 702{
702 struct beacon_data *old_bcn; 703 struct beacon_data *old_bcn;
703 int ret; 704 int ret;
704 705
705 mutex_lock(&ifmsh->mtx); 706 old_bcn = rcu_dereference_protected(sdata->u.mesh.beacon,
706 707 lockdep_is_held(&sdata->wdev.mtx));
707 old_bcn = rcu_dereference_protected(ifmsh->beacon, 708 ret = ieee80211_mesh_build_beacon(&sdata->u.mesh);
708 lockdep_is_held(&ifmsh->mtx));
709 ret = ieee80211_mesh_build_beacon(ifmsh);
710 if (ret) 709 if (ret)
711 /* just reuse old beacon */ 710 /* just reuse old beacon */
712 goto out; 711 return ret;
713 712
714 if (old_bcn) 713 if (old_bcn)
715 kfree_rcu(old_bcn, rcu_head); 714 kfree_rcu(old_bcn, rcu_head);
716out: 715 return 0;
717 mutex_unlock(&ifmsh->mtx);
718 return ret;
719} 716}
720 717
721void ieee80211_mbss_info_change_notify(struct ieee80211_sub_if_data *sdata, 718void ieee80211_mbss_info_change_notify(struct ieee80211_sub_if_data *sdata,
722 u32 changed) 719 u32 changed)
723{ 720{
724 if (sdata->vif.bss_conf.enable_beacon && 721 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
725 (changed & (BSS_CHANGED_BEACON | 722 unsigned long bits = changed;
726 BSS_CHANGED_HT | 723 u32 bit;
727 BSS_CHANGED_BASIC_RATES | 724
728 BSS_CHANGED_BEACON_INT))) 725 if (!bits)
729 if (ieee80211_mesh_rebuild_beacon(&sdata->u.mesh)) 726 return;
730 return; 727
731 ieee80211_bss_info_change_notify(sdata, changed); 728 /* if we race with running work, worst case this work becomes a noop */
729 for_each_set_bit(bit, &bits, sizeof(changed) * BITS_PER_BYTE)
730 set_bit(bit, &ifmsh->mbss_changed);
731 set_bit(MESH_WORK_MBSS_CHANGED, &ifmsh->wrkq_flags);
732 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
732} 733}
733 734
734int ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata) 735int ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
@@ -740,7 +741,6 @@ int ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
740 BSS_CHANGED_HT | 741 BSS_CHANGED_HT |
741 BSS_CHANGED_BASIC_RATES | 742 BSS_CHANGED_BASIC_RATES |
742 BSS_CHANGED_BEACON_INT; 743 BSS_CHANGED_BEACON_INT;
743 enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
744 744
745 local->fif_other_bss++; 745 local->fif_other_bss++;
746 /* mesh ifaces must set allmulti to forward mcast traffic */ 746 /* mesh ifaces must set allmulti to forward mcast traffic */
@@ -748,7 +748,6 @@ int ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
748 ieee80211_configure_filter(local); 748 ieee80211_configure_filter(local);
749 749
750 ifmsh->mesh_cc_id = 0; /* Disabled */ 750 ifmsh->mesh_cc_id = 0; /* Disabled */
751 ifmsh->mesh_auth_id = 0; /* Disabled */
752 /* register sync ops from extensible synchronization framework */ 751 /* register sync ops from extensible synchronization framework */
753 ifmsh->sync_ops = ieee80211_mesh_sync_ops_get(ifmsh->mesh_sp_id); 752 ifmsh->sync_ops = ieee80211_mesh_sync_ops_get(ifmsh->mesh_sp_id);
754 ifmsh->adjusting_tbtt = false; 753 ifmsh->adjusting_tbtt = false;
@@ -759,8 +758,6 @@ int ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
759 sdata->vif.bss_conf.ht_operation_mode = 758 sdata->vif.bss_conf.ht_operation_mode =
760 ifmsh->mshcfg.ht_opmode; 759 ifmsh->mshcfg.ht_opmode;
761 sdata->vif.bss_conf.enable_beacon = true; 760 sdata->vif.bss_conf.enable_beacon = true;
762 sdata->vif.bss_conf.basic_rates =
763 ieee80211_mandatory_rates(local, band);
764 761
765 changed |= ieee80211_mps_local_status_update(sdata); 762 changed |= ieee80211_mps_local_status_update(sdata);
766 763
@@ -788,12 +785,10 @@ void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
788 sdata->vif.bss_conf.enable_beacon = false; 785 sdata->vif.bss_conf.enable_beacon = false;
789 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state); 786 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
790 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED); 787 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
791 mutex_lock(&ifmsh->mtx);
792 bcn = rcu_dereference_protected(ifmsh->beacon, 788 bcn = rcu_dereference_protected(ifmsh->beacon,
793 lockdep_is_held(&ifmsh->mtx)); 789 lockdep_is_held(&sdata->wdev.mtx));
794 rcu_assign_pointer(ifmsh->beacon, NULL); 790 rcu_assign_pointer(ifmsh->beacon, NULL);
795 kfree_rcu(bcn, rcu_head); 791 kfree_rcu(bcn, rcu_head);
796 mutex_unlock(&ifmsh->mtx);
797 792
798 /* flush STAs and mpaths on this iface */ 793 /* flush STAs and mpaths on this iface */
799 sta_info_flush(sdata); 794 sta_info_flush(sdata);
@@ -806,14 +801,10 @@ void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
806 del_timer_sync(&sdata->u.mesh.housekeeping_timer); 801 del_timer_sync(&sdata->u.mesh.housekeeping_timer);
807 del_timer_sync(&sdata->u.mesh.mesh_path_root_timer); 802 del_timer_sync(&sdata->u.mesh.mesh_path_root_timer);
808 del_timer_sync(&sdata->u.mesh.mesh_path_timer); 803 del_timer_sync(&sdata->u.mesh.mesh_path_timer);
809 /* 804
810 * If the timer fired while we waited for it, it will have 805 /* clear any mesh work (for next join) we may have accrued */
811 * requeued the work. Now the work will be running again 806 ifmsh->wrkq_flags = 0;
812 * but will not rearm the timer again because it checks 807 ifmsh->mbss_changed = 0;
813 * whether the interface is running, which, at this point,
814 * it no longer is.
815 */
816 cancel_work_sync(&sdata->work);
817 808
818 local->fif_other_bss--; 809 local->fif_other_bss--;
819 atomic_dec(&local->iff_allmultis); 810 atomic_dec(&local->iff_allmultis);
@@ -954,6 +945,12 @@ void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
954 struct ieee80211_mgmt *mgmt; 945 struct ieee80211_mgmt *mgmt;
955 u16 stype; 946 u16 stype;
956 947
948 sdata_lock(sdata);
949
950 /* mesh already went down */
951 if (!sdata->wdev.mesh_id_len)
952 goto out;
953
957 rx_status = IEEE80211_SKB_RXCB(skb); 954 rx_status = IEEE80211_SKB_RXCB(skb);
958 mgmt = (struct ieee80211_mgmt *) skb->data; 955 mgmt = (struct ieee80211_mgmt *) skb->data;
959 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; 956 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
@@ -971,12 +968,42 @@ void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
971 ieee80211_mesh_rx_mgmt_action(sdata, mgmt, skb->len, rx_status); 968 ieee80211_mesh_rx_mgmt_action(sdata, mgmt, skb->len, rx_status);
972 break; 969 break;
973 } 970 }
971out:
972 sdata_unlock(sdata);
973}
974
975static void mesh_bss_info_changed(struct ieee80211_sub_if_data *sdata)
976{
977 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
978 u32 bit, changed = 0;
979
980 for_each_set_bit(bit, &ifmsh->mbss_changed,
981 sizeof(changed) * BITS_PER_BYTE) {
982 clear_bit(bit, &ifmsh->mbss_changed);
983 changed |= BIT(bit);
984 }
985
986 if (sdata->vif.bss_conf.enable_beacon &&
987 (changed & (BSS_CHANGED_BEACON |
988 BSS_CHANGED_HT |
989 BSS_CHANGED_BASIC_RATES |
990 BSS_CHANGED_BEACON_INT)))
991 if (ieee80211_mesh_rebuild_beacon(sdata))
992 return;
993
994 ieee80211_bss_info_change_notify(sdata, changed);
974} 995}
975 996
976void ieee80211_mesh_work(struct ieee80211_sub_if_data *sdata) 997void ieee80211_mesh_work(struct ieee80211_sub_if_data *sdata)
977{ 998{
978 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 999 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
979 1000
1001 sdata_lock(sdata);
1002
1003 /* mesh already went down */
1004 if (!sdata->wdev.mesh_id_len)
1005 goto out;
1006
980 if (ifmsh->preq_queue_len && 1007 if (ifmsh->preq_queue_len &&
981 time_after(jiffies, 1008 time_after(jiffies,
982 ifmsh->last_preq + msecs_to_jiffies(ifmsh->mshcfg.dot11MeshHWMPpreqMinInterval))) 1009 ifmsh->last_preq + msecs_to_jiffies(ifmsh->mshcfg.dot11MeshHWMPpreqMinInterval)))
@@ -996,6 +1023,11 @@ void ieee80211_mesh_work(struct ieee80211_sub_if_data *sdata)
996 1023
997 if (test_and_clear_bit(MESH_WORK_DRIFT_ADJUST, &ifmsh->wrkq_flags)) 1024 if (test_and_clear_bit(MESH_WORK_DRIFT_ADJUST, &ifmsh->wrkq_flags))
998 mesh_sync_adjust_tbtt(sdata); 1025 mesh_sync_adjust_tbtt(sdata);
1026
1027 if (test_and_clear_bit(MESH_WORK_MBSS_CHANGED, &ifmsh->wrkq_flags))
1028 mesh_bss_info_changed(sdata);
1029out:
1030 sdata_unlock(sdata);
999} 1031}
1000 1032
1001void ieee80211_mesh_notify_scan_completed(struct ieee80211_local *local) 1033void ieee80211_mesh_notify_scan_completed(struct ieee80211_local *local)
@@ -1041,7 +1073,6 @@ void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
1041 spin_lock_init(&ifmsh->mesh_preq_queue_lock); 1073 spin_lock_init(&ifmsh->mesh_preq_queue_lock);
1042 spin_lock_init(&ifmsh->sync_offset_lock); 1074 spin_lock_init(&ifmsh->sync_offset_lock);
1043 RCU_INIT_POINTER(ifmsh->beacon, NULL); 1075 RCU_INIT_POINTER(ifmsh->beacon, NULL);
1044 mutex_init(&ifmsh->mtx);
1045 1076
1046 sdata->vif.bss_conf.bssid = zero_addr; 1077 sdata->vif.bss_conf.bssid = zero_addr;
1047} 1078}
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index da158774eebb..2bc7fd2f787d 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -58,6 +58,7 @@ enum mesh_path_flags {
58 * @MESH_WORK_ROOT: the mesh root station needs to send a frame 58 * @MESH_WORK_ROOT: the mesh root station needs to send a frame
59 * @MESH_WORK_DRIFT_ADJUST: time to compensate for clock drift relative to other 59 * @MESH_WORK_DRIFT_ADJUST: time to compensate for clock drift relative to other
60 * mesh nodes 60 * mesh nodes
61 * @MESH_WORK_MBSS_CHANGED: rebuild beacon and notify driver of BSS changes
61 */ 62 */
62enum mesh_deferred_task_flags { 63enum mesh_deferred_task_flags {
63 MESH_WORK_HOUSEKEEPING, 64 MESH_WORK_HOUSEKEEPING,
@@ -65,6 +66,7 @@ enum mesh_deferred_task_flags {
65 MESH_WORK_GROW_MPP_TABLE, 66 MESH_WORK_GROW_MPP_TABLE,
66 MESH_WORK_ROOT, 67 MESH_WORK_ROOT,
67 MESH_WORK_DRIFT_ADJUST, 68 MESH_WORK_DRIFT_ADJUST,
69 MESH_WORK_MBSS_CHANGED,
68}; 70};
69 71
70/** 72/**
@@ -188,7 +190,6 @@ struct mesh_rmc {
188 u32 idx_mask; 190 u32 idx_mask;
189}; 191};
190 192
191#define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
192#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ) 193#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
193 194
194#define MESH_PATH_EXPIRE (600 * HZ) 195#define MESH_PATH_EXPIRE (600 * HZ)
@@ -324,14 +325,14 @@ static inline
324u32 mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata) 325u32 mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata)
325{ 326{
326 atomic_inc(&sdata->u.mesh.estab_plinks); 327 atomic_inc(&sdata->u.mesh.estab_plinks);
327 return mesh_accept_plinks_update(sdata); 328 return mesh_accept_plinks_update(sdata) | BSS_CHANGED_BEACON;
328} 329}
329 330
330static inline 331static inline
331u32 mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata) 332u32 mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
332{ 333{
333 atomic_dec(&sdata->u.mesh.estab_plinks); 334 atomic_dec(&sdata->u.mesh.estab_plinks);
334 return mesh_accept_plinks_update(sdata); 335 return mesh_accept_plinks_update(sdata) | BSS_CHANGED_BEACON;
335} 336}
336 337
337static inline int mesh_plink_free_count(struct ieee80211_sub_if_data *sdata) 338static inline int mesh_plink_free_count(struct ieee80211_sub_if_data *sdata)
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 09bebed99416..02c05fa15c20 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -154,8 +154,14 @@ static u32 mesh_set_ht_prot_mode(struct ieee80211_sub_if_data *sdata)
154 u16 ht_opmode; 154 u16 ht_opmode;
155 bool non_ht_sta = false, ht20_sta = false; 155 bool non_ht_sta = false, ht20_sta = false;
156 156
157 if (sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT) 157 switch (sdata->vif.bss_conf.chandef.width) {
158 case NL80211_CHAN_WIDTH_20_NOHT:
159 case NL80211_CHAN_WIDTH_5:
160 case NL80211_CHAN_WIDTH_10:
158 return 0; 161 return 0;
162 default:
163 break;
164 }
159 165
160 rcu_read_lock(); 166 rcu_read_lock();
161 list_for_each_entry_rcu(sta, &local->sta_list, list) { 167 list_for_each_entry_rcu(sta, &local->sta_list, list) {
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 741448b30825..ae31968d42d3 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -91,41 +91,6 @@ MODULE_PARM_DESC(probe_wait_ms,
91#define IEEE80211_SIGNAL_AVE_MIN_COUNT 4 91#define IEEE80211_SIGNAL_AVE_MIN_COUNT 4
92 92
93/* 93/*
94 * All cfg80211 functions have to be called outside a locked
95 * section so that they can acquire a lock themselves... This
96 * is much simpler than queuing up things in cfg80211, but we
97 * do need some indirection for that here.
98 */
99enum rx_mgmt_action {
100 /* no action required */
101 RX_MGMT_NONE,
102
103 /* caller must call cfg80211_send_deauth() */
104 RX_MGMT_CFG80211_DEAUTH,
105
106 /* caller must call cfg80211_send_disassoc() */
107 RX_MGMT_CFG80211_DISASSOC,
108
109 /* caller must call cfg80211_send_rx_auth() */
110 RX_MGMT_CFG80211_RX_AUTH,
111
112 /* caller must call cfg80211_send_rx_assoc() */
113 RX_MGMT_CFG80211_RX_ASSOC,
114
115 /* caller must call cfg80211_send_assoc_timeout() */
116 RX_MGMT_CFG80211_ASSOC_TIMEOUT,
117
118 /* used when a processed beacon causes a deauth */
119 RX_MGMT_CFG80211_TX_DEAUTH,
120};
121
122/* utils */
123static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd)
124{
125 lockdep_assert_held(&ifmgd->mtx);
126}
127
128/*
129 * We can have multiple work items (and connection probing) 94 * We can have multiple work items (and connection probing)
130 * scheduling this timer, but we need to take care to only 95 * scheduling this timer, but we need to take care to only
131 * reschedule it when it should fire _earlier_ than it was 96 * reschedule it when it should fire _earlier_ than it was
@@ -135,13 +100,14 @@ static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd)
135 * has happened -- the work that runs from this timer will 100 * has happened -- the work that runs from this timer will
136 * do that. 101 * do that.
137 */ 102 */
138static void run_again(struct ieee80211_if_managed *ifmgd, unsigned long timeout) 103static void run_again(struct ieee80211_sub_if_data *sdata,
104 unsigned long timeout)
139{ 105{
140 ASSERT_MGD_MTX(ifmgd); 106 sdata_assert_lock(sdata);
141 107
142 if (!timer_pending(&ifmgd->timer) || 108 if (!timer_pending(&sdata->u.mgd.timer) ||
143 time_before(timeout, ifmgd->timer.expires)) 109 time_before(timeout, sdata->u.mgd.timer.expires))
144 mod_timer(&ifmgd->timer, timeout); 110 mod_timer(&sdata->u.mgd.timer, timeout);
145} 111}
146 112
147void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata) 113void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata)
@@ -224,6 +190,12 @@ static u32 chandef_downgrade(struct cfg80211_chan_def *c)
224 c->width = NL80211_CHAN_WIDTH_20_NOHT; 190 c->width = NL80211_CHAN_WIDTH_20_NOHT;
225 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT; 191 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
226 break; 192 break;
193 case NL80211_CHAN_WIDTH_5:
194 case NL80211_CHAN_WIDTH_10:
195 WARN_ON_ONCE(1);
196 /* keep c->width */
197 ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT;
198 break;
227 } 199 }
228 200
229 WARN_ON_ONCE(!cfg80211_chandef_valid(c)); 201 WARN_ON_ONCE(!cfg80211_chandef_valid(c));
@@ -652,7 +624,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
652 struct ieee80211_channel *chan; 624 struct ieee80211_channel *chan;
653 u32 rates = 0; 625 u32 rates = 0;
654 626
655 lockdep_assert_held(&ifmgd->mtx); 627 sdata_assert_lock(sdata);
656 628
657 rcu_read_lock(); 629 rcu_read_lock();
658 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 630 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
@@ -914,6 +886,10 @@ void ieee80211_send_nullfunc(struct ieee80211_local *local,
914 886
915 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT | 887 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
916 IEEE80211_TX_INTFL_OFFCHAN_TX_OK; 888 IEEE80211_TX_INTFL_OFFCHAN_TX_OK;
889
890 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
891 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
892
917 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 893 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
918 IEEE80211_STA_CONNECTION_POLL)) 894 IEEE80211_STA_CONNECTION_POLL))
919 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE; 895 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_USE_MINRATE;
@@ -962,7 +938,7 @@ static void ieee80211_chswitch_work(struct work_struct *work)
962 if (!ieee80211_sdata_running(sdata)) 938 if (!ieee80211_sdata_running(sdata))
963 return; 939 return;
964 940
965 mutex_lock(&ifmgd->mtx); 941 sdata_lock(sdata);
966 if (!ifmgd->associated) 942 if (!ifmgd->associated)
967 goto out; 943 goto out;
968 944
@@ -985,7 +961,7 @@ static void ieee80211_chswitch_work(struct work_struct *work)
985 IEEE80211_QUEUE_STOP_REASON_CSA); 961 IEEE80211_QUEUE_STOP_REASON_CSA);
986 out: 962 out:
987 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED; 963 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
988 mutex_unlock(&ifmgd->mtx); 964 sdata_unlock(sdata);
989} 965}
990 966
991void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success) 967void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success)
@@ -1036,7 +1012,7 @@ ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
1036 const struct ieee80211_ht_operation *ht_oper; 1012 const struct ieee80211_ht_operation *ht_oper;
1037 int secondary_channel_offset = -1; 1013 int secondary_channel_offset = -1;
1038 1014
1039 ASSERT_MGD_MTX(ifmgd); 1015 sdata_assert_lock(sdata);
1040 1016
1041 if (!cbss) 1017 if (!cbss)
1042 return; 1018 return;
@@ -1390,6 +1366,9 @@ static bool ieee80211_powersave_allowed(struct ieee80211_sub_if_data *sdata)
1390 IEEE80211_STA_CONNECTION_POLL)) 1366 IEEE80211_STA_CONNECTION_POLL))
1391 return false; 1367 return false;
1392 1368
1369 if (!mgd->have_beacon)
1370 return false;
1371
1393 rcu_read_lock(); 1372 rcu_read_lock();
1394 sta = sta_info_get(sdata, mgd->bssid); 1373 sta = sta_info_get(sdata, mgd->bssid);
1395 if (sta) 1374 if (sta)
@@ -1798,7 +1777,7 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
1798 1777
1799 ieee80211_led_assoc(local, 1); 1778 ieee80211_led_assoc(local, 1);
1800 1779
1801 if (sdata->u.mgd.assoc_data->have_beacon) { 1780 if (sdata->u.mgd.have_beacon) {
1802 /* 1781 /*
1803 * If the AP is buggy we may get here with no DTIM period 1782 * If the AP is buggy we may get here with no DTIM period
1804 * known, so assume it's 1 which is the only safe assumption 1783 * known, so assume it's 1 which is the only safe assumption
@@ -1806,8 +1785,10 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
1806 * probably just won't work at all. 1785 * probably just won't work at all.
1807 */ 1786 */
1808 bss_conf->dtim_period = sdata->u.mgd.dtim_period ?: 1; 1787 bss_conf->dtim_period = sdata->u.mgd.dtim_period ?: 1;
1809 bss_info_changed |= BSS_CHANGED_DTIM_PERIOD; 1788 bss_conf->beacon_rate = bss->beacon_rate;
1789 bss_info_changed |= BSS_CHANGED_BEACON_INFO;
1810 } else { 1790 } else {
1791 bss_conf->beacon_rate = NULL;
1811 bss_conf->dtim_period = 0; 1792 bss_conf->dtim_period = 0;
1812 } 1793 }
1813 1794
@@ -1842,7 +1823,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1842 struct ieee80211_local *local = sdata->local; 1823 struct ieee80211_local *local = sdata->local;
1843 u32 changed = 0; 1824 u32 changed = 0;
1844 1825
1845 ASSERT_MGD_MTX(ifmgd); 1826 sdata_assert_lock(sdata);
1846 1827
1847 if (WARN_ON_ONCE(tx && !frame_buf)) 1828 if (WARN_ON_ONCE(tx && !frame_buf))
1848 return; 1829 return;
@@ -1930,6 +1911,9 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1930 del_timer_sync(&sdata->u.mgd.chswitch_timer); 1911 del_timer_sync(&sdata->u.mgd.chswitch_timer);
1931 1912
1932 sdata->vif.bss_conf.dtim_period = 0; 1913 sdata->vif.bss_conf.dtim_period = 0;
1914 sdata->vif.bss_conf.beacon_rate = NULL;
1915
1916 ifmgd->have_beacon = false;
1933 1917
1934 ifmgd->flags = 0; 1918 ifmgd->flags = 0;
1935 ieee80211_vif_release_channel(sdata); 1919 ieee80211_vif_release_channel(sdata);
@@ -2051,7 +2035,7 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
2051 } 2035 }
2052 2036
2053 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms); 2037 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
2054 run_again(ifmgd, ifmgd->probe_timeout); 2038 run_again(sdata, ifmgd->probe_timeout);
2055 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) 2039 if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
2056 ieee80211_flush_queues(sdata->local, sdata); 2040 ieee80211_flush_queues(sdata->local, sdata);
2057} 2041}
@@ -2065,7 +2049,7 @@ static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata,
2065 if (!ieee80211_sdata_running(sdata)) 2049 if (!ieee80211_sdata_running(sdata))
2066 return; 2050 return;
2067 2051
2068 mutex_lock(&ifmgd->mtx); 2052 sdata_lock(sdata);
2069 2053
2070 if (!ifmgd->associated) 2054 if (!ifmgd->associated)
2071 goto out; 2055 goto out;
@@ -2119,7 +2103,7 @@ static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata,
2119 ifmgd->probe_send_count = 0; 2103 ifmgd->probe_send_count = 0;
2120 ieee80211_mgd_probe_ap_send(sdata); 2104 ieee80211_mgd_probe_ap_send(sdata);
2121 out: 2105 out:
2122 mutex_unlock(&ifmgd->mtx); 2106 sdata_unlock(sdata);
2123} 2107}
2124 2108
2125struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw, 2109struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw,
@@ -2135,7 +2119,7 @@ struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw,
2135 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 2119 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2136 return NULL; 2120 return NULL;
2137 2121
2138 ASSERT_MGD_MTX(ifmgd); 2122 sdata_assert_lock(sdata);
2139 2123
2140 if (ifmgd->associated) 2124 if (ifmgd->associated)
2141 cbss = ifmgd->associated; 2125 cbss = ifmgd->associated;
@@ -2168,9 +2152,9 @@ static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata)
2168 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2152 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2169 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 2153 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
2170 2154
2171 mutex_lock(&ifmgd->mtx); 2155 sdata_lock(sdata);
2172 if (!ifmgd->associated) { 2156 if (!ifmgd->associated) {
2173 mutex_unlock(&ifmgd->mtx); 2157 sdata_unlock(sdata);
2174 return; 2158 return;
2175 } 2159 }
2176 2160
@@ -2181,13 +2165,10 @@ static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata)
2181 ieee80211_wake_queues_by_reason(&sdata->local->hw, 2165 ieee80211_wake_queues_by_reason(&sdata->local->hw,
2182 IEEE80211_MAX_QUEUE_MAP, 2166 IEEE80211_MAX_QUEUE_MAP,
2183 IEEE80211_QUEUE_STOP_REASON_CSA); 2167 IEEE80211_QUEUE_STOP_REASON_CSA);
2184 mutex_unlock(&ifmgd->mtx);
2185 2168
2186 /* 2169 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
2187 * must be outside lock due to cfg80211, 2170 IEEE80211_DEAUTH_FRAME_LEN);
2188 * but that's not a problem. 2171 sdata_unlock(sdata);
2189 */
2190 cfg80211_send_deauth(sdata->dev, frame_buf, IEEE80211_DEAUTH_FRAME_LEN);
2191} 2172}
2192 2173
2193static void ieee80211_beacon_connection_loss_work(struct work_struct *work) 2174static void ieee80211_beacon_connection_loss_work(struct work_struct *work)
@@ -2254,7 +2235,7 @@ static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata,
2254{ 2235{
2255 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; 2236 struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
2256 2237
2257 lockdep_assert_held(&sdata->u.mgd.mtx); 2238 sdata_assert_lock(sdata);
2258 2239
2259 if (!assoc) { 2240 if (!assoc) {
2260 sta_info_destroy_addr(sdata, auth_data->bss->bssid); 2241 sta_info_destroy_addr(sdata, auth_data->bss->bssid);
@@ -2295,27 +2276,26 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
2295 auth_data->key_idx, tx_flags); 2276 auth_data->key_idx, tx_flags);
2296} 2277}
2297 2278
2298static enum rx_mgmt_action __must_check 2279static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
2299ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 2280 struct ieee80211_mgmt *mgmt, size_t len)
2300 struct ieee80211_mgmt *mgmt, size_t len)
2301{ 2281{
2302 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2282 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2303 u8 bssid[ETH_ALEN]; 2283 u8 bssid[ETH_ALEN];
2304 u16 auth_alg, auth_transaction, status_code; 2284 u16 auth_alg, auth_transaction, status_code;
2305 struct sta_info *sta; 2285 struct sta_info *sta;
2306 2286
2307 lockdep_assert_held(&ifmgd->mtx); 2287 sdata_assert_lock(sdata);
2308 2288
2309 if (len < 24 + 6) 2289 if (len < 24 + 6)
2310 return RX_MGMT_NONE; 2290 return;
2311 2291
2312 if (!ifmgd->auth_data || ifmgd->auth_data->done) 2292 if (!ifmgd->auth_data || ifmgd->auth_data->done)
2313 return RX_MGMT_NONE; 2293 return;
2314 2294
2315 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN); 2295 memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN);
2316 2296
2317 if (!ether_addr_equal(bssid, mgmt->bssid)) 2297 if (!ether_addr_equal(bssid, mgmt->bssid))
2318 return RX_MGMT_NONE; 2298 return;
2319 2299
2320 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 2300 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
2321 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 2301 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
@@ -2327,14 +2307,15 @@ ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
2327 mgmt->sa, auth_alg, ifmgd->auth_data->algorithm, 2307 mgmt->sa, auth_alg, ifmgd->auth_data->algorithm,
2328 auth_transaction, 2308 auth_transaction,
2329 ifmgd->auth_data->expected_transaction); 2309 ifmgd->auth_data->expected_transaction);
2330 return RX_MGMT_NONE; 2310 return;
2331 } 2311 }
2332 2312
2333 if (status_code != WLAN_STATUS_SUCCESS) { 2313 if (status_code != WLAN_STATUS_SUCCESS) {
2334 sdata_info(sdata, "%pM denied authentication (status %d)\n", 2314 sdata_info(sdata, "%pM denied authentication (status %d)\n",
2335 mgmt->sa, status_code); 2315 mgmt->sa, status_code);
2336 ieee80211_destroy_auth_data(sdata, false); 2316 ieee80211_destroy_auth_data(sdata, false);
2337 return RX_MGMT_CFG80211_RX_AUTH; 2317 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2318 return;
2338 } 2319 }
2339 2320
2340 switch (ifmgd->auth_data->algorithm) { 2321 switch (ifmgd->auth_data->algorithm) {
@@ -2347,20 +2328,20 @@ ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
2347 if (ifmgd->auth_data->expected_transaction != 4) { 2328 if (ifmgd->auth_data->expected_transaction != 4) {
2348 ieee80211_auth_challenge(sdata, mgmt, len); 2329 ieee80211_auth_challenge(sdata, mgmt, len);
2349 /* need another frame */ 2330 /* need another frame */
2350 return RX_MGMT_NONE; 2331 return;
2351 } 2332 }
2352 break; 2333 break;
2353 default: 2334 default:
2354 WARN_ONCE(1, "invalid auth alg %d", 2335 WARN_ONCE(1, "invalid auth alg %d",
2355 ifmgd->auth_data->algorithm); 2336 ifmgd->auth_data->algorithm);
2356 return RX_MGMT_NONE; 2337 return;
2357 } 2338 }
2358 2339
2359 sdata_info(sdata, "authenticated\n"); 2340 sdata_info(sdata, "authenticated\n");
2360 ifmgd->auth_data->done = true; 2341 ifmgd->auth_data->done = true;
2361 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC; 2342 ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC;
2362 ifmgd->auth_data->timeout_started = true; 2343 ifmgd->auth_data->timeout_started = true;
2363 run_again(ifmgd, ifmgd->auth_data->timeout); 2344 run_again(sdata, ifmgd->auth_data->timeout);
2364 2345
2365 if (ifmgd->auth_data->algorithm == WLAN_AUTH_SAE && 2346 if (ifmgd->auth_data->algorithm == WLAN_AUTH_SAE &&
2366 ifmgd->auth_data->expected_transaction != 2) { 2347 ifmgd->auth_data->expected_transaction != 2) {
@@ -2368,7 +2349,8 @@ ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
2368 * Report auth frame to user space for processing since another 2349 * Report auth frame to user space for processing since another
2369 * round of Authentication frames is still needed. 2350 * round of Authentication frames is still needed.
2370 */ 2351 */
2371 return RX_MGMT_CFG80211_RX_AUTH; 2352 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2353 return;
2372 } 2354 }
2373 2355
2374 /* move station state to auth */ 2356 /* move station state to auth */
@@ -2384,30 +2366,29 @@ ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
2384 } 2366 }
2385 mutex_unlock(&sdata->local->sta_mtx); 2367 mutex_unlock(&sdata->local->sta_mtx);
2386 2368
2387 return RX_MGMT_CFG80211_RX_AUTH; 2369 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2370 return;
2388 out_err: 2371 out_err:
2389 mutex_unlock(&sdata->local->sta_mtx); 2372 mutex_unlock(&sdata->local->sta_mtx);
2390 /* ignore frame -- wait for timeout */ 2373 /* ignore frame -- wait for timeout */
2391 return RX_MGMT_NONE;
2392} 2374}
2393 2375
2394 2376
2395static enum rx_mgmt_action __must_check 2377static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
2396ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 2378 struct ieee80211_mgmt *mgmt, size_t len)
2397 struct ieee80211_mgmt *mgmt, size_t len)
2398{ 2379{
2399 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2380 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2400 const u8 *bssid = NULL; 2381 const u8 *bssid = NULL;
2401 u16 reason_code; 2382 u16 reason_code;
2402 2383
2403 lockdep_assert_held(&ifmgd->mtx); 2384 sdata_assert_lock(sdata);
2404 2385
2405 if (len < 24 + 2) 2386 if (len < 24 + 2)
2406 return RX_MGMT_NONE; 2387 return;
2407 2388
2408 if (!ifmgd->associated || 2389 if (!ifmgd->associated ||
2409 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2390 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
2410 return RX_MGMT_NONE; 2391 return;
2411 2392
2412 bssid = ifmgd->associated->bssid; 2393 bssid = ifmgd->associated->bssid;
2413 2394
@@ -2418,25 +2399,24 @@ ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
2418 2399
2419 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 2400 ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
2420 2401
2421 return RX_MGMT_CFG80211_DEAUTH; 2402 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2422} 2403}
2423 2404
2424 2405
2425static enum rx_mgmt_action __must_check 2406static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
2426ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 2407 struct ieee80211_mgmt *mgmt, size_t len)
2427 struct ieee80211_mgmt *mgmt, size_t len)
2428{ 2408{
2429 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2409 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2430 u16 reason_code; 2410 u16 reason_code;
2431 2411
2432 lockdep_assert_held(&ifmgd->mtx); 2412 sdata_assert_lock(sdata);
2433 2413
2434 if (len < 24 + 2) 2414 if (len < 24 + 2)
2435 return RX_MGMT_NONE; 2415 return;
2436 2416
2437 if (!ifmgd->associated || 2417 if (!ifmgd->associated ||
2438 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2418 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
2439 return RX_MGMT_NONE; 2419 return;
2440 2420
2441 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 2421 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
2442 2422
@@ -2445,7 +2425,7 @@ ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
2445 2425
2446 ieee80211_set_disassoc(sdata, 0, 0, false, NULL); 2426 ieee80211_set_disassoc(sdata, 0, 0, false, NULL);
2447 2427
2448 return RX_MGMT_CFG80211_DISASSOC; 2428 cfg80211_rx_mlme_mgmt(sdata->dev, (u8 *)mgmt, len);
2449} 2429}
2450 2430
2451static void ieee80211_get_rates(struct ieee80211_supported_band *sband, 2431static void ieee80211_get_rates(struct ieee80211_supported_band *sband,
@@ -2495,7 +2475,7 @@ static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata,
2495{ 2475{
2496 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 2476 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
2497 2477
2498 lockdep_assert_held(&sdata->u.mgd.mtx); 2478 sdata_assert_lock(sdata);
2499 2479
2500 if (!assoc) { 2480 if (!assoc) {
2501 sta_info_destroy_addr(sdata, assoc_data->bss->bssid); 2481 sta_info_destroy_addr(sdata, assoc_data->bss->bssid);
@@ -2749,10 +2729,9 @@ static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata,
2749 return ret; 2729 return ret;
2750} 2730}
2751 2731
2752static enum rx_mgmt_action __must_check 2732static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2753ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 2733 struct ieee80211_mgmt *mgmt,
2754 struct ieee80211_mgmt *mgmt, size_t len, 2734 size_t len)
2755 struct cfg80211_bss **bss)
2756{ 2735{
2757 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2736 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2758 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; 2737 struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
@@ -2760,13 +2739,14 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2760 struct ieee802_11_elems elems; 2739 struct ieee802_11_elems elems;
2761 u8 *pos; 2740 u8 *pos;
2762 bool reassoc; 2741 bool reassoc;
2742 struct cfg80211_bss *bss;
2763 2743
2764 lockdep_assert_held(&ifmgd->mtx); 2744 sdata_assert_lock(sdata);
2765 2745
2766 if (!assoc_data) 2746 if (!assoc_data)
2767 return RX_MGMT_NONE; 2747 return;
2768 if (!ether_addr_equal(assoc_data->bss->bssid, mgmt->bssid)) 2748 if (!ether_addr_equal(assoc_data->bss->bssid, mgmt->bssid))
2769 return RX_MGMT_NONE; 2749 return;
2770 2750
2771 /* 2751 /*
2772 * AssocResp and ReassocResp have identical structure, so process both 2752 * AssocResp and ReassocResp have identical structure, so process both
@@ -2774,7 +2754,7 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2774 */ 2754 */
2775 2755
2776 if (len < 24 + 6) 2756 if (len < 24 + 6)
2777 return RX_MGMT_NONE; 2757 return;
2778 2758
2779 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control); 2759 reassoc = ieee80211_is_reassoc_req(mgmt->frame_control);
2780 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 2760 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
@@ -2801,22 +2781,22 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2801 assoc_data->timeout = jiffies + msecs_to_jiffies(ms); 2781 assoc_data->timeout = jiffies + msecs_to_jiffies(ms);
2802 assoc_data->timeout_started = true; 2782 assoc_data->timeout_started = true;
2803 if (ms > IEEE80211_ASSOC_TIMEOUT) 2783 if (ms > IEEE80211_ASSOC_TIMEOUT)
2804 run_again(ifmgd, assoc_data->timeout); 2784 run_again(sdata, assoc_data->timeout);
2805 return RX_MGMT_NONE; 2785 return;
2806 } 2786 }
2807 2787
2808 *bss = assoc_data->bss; 2788 bss = assoc_data->bss;
2809 2789
2810 if (status_code != WLAN_STATUS_SUCCESS) { 2790 if (status_code != WLAN_STATUS_SUCCESS) {
2811 sdata_info(sdata, "%pM denied association (code=%d)\n", 2791 sdata_info(sdata, "%pM denied association (code=%d)\n",
2812 mgmt->sa, status_code); 2792 mgmt->sa, status_code);
2813 ieee80211_destroy_assoc_data(sdata, false); 2793 ieee80211_destroy_assoc_data(sdata, false);
2814 } else { 2794 } else {
2815 if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) { 2795 if (!ieee80211_assoc_success(sdata, bss, mgmt, len)) {
2816 /* oops -- internal error -- send timeout for now */ 2796 /* oops -- internal error -- send timeout for now */
2817 ieee80211_destroy_assoc_data(sdata, false); 2797 ieee80211_destroy_assoc_data(sdata, false);
2818 cfg80211_put_bss(sdata->local->hw.wiphy, *bss); 2798 cfg80211_assoc_timeout(sdata->dev, bss);
2819 return RX_MGMT_CFG80211_ASSOC_TIMEOUT; 2799 return;
2820 } 2800 }
2821 sdata_info(sdata, "associated\n"); 2801 sdata_info(sdata, "associated\n");
2822 2802
@@ -2828,7 +2808,7 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2828 ieee80211_destroy_assoc_data(sdata, true); 2808 ieee80211_destroy_assoc_data(sdata, true);
2829 } 2809 }
2830 2810
2831 return RX_MGMT_CFG80211_RX_ASSOC; 2811 cfg80211_rx_assoc_resp(sdata->dev, bss, (u8 *)mgmt, len);
2832} 2812}
2833 2813
2834static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 2814static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
@@ -2840,23 +2820,8 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2840 int freq; 2820 int freq;
2841 struct ieee80211_bss *bss; 2821 struct ieee80211_bss *bss;
2842 struct ieee80211_channel *channel; 2822 struct ieee80211_channel *channel;
2843 bool need_ps = false;
2844
2845 lockdep_assert_held(&sdata->u.mgd.mtx);
2846 2823
2847 if ((sdata->u.mgd.associated && 2824 sdata_assert_lock(sdata);
2848 ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid)) ||
2849 (sdata->u.mgd.assoc_data &&
2850 ether_addr_equal(mgmt->bssid,
2851 sdata->u.mgd.assoc_data->bss->bssid))) {
2852 /* not previously set so we may need to recalc */
2853 need_ps = sdata->u.mgd.associated && !sdata->u.mgd.dtim_period;
2854
2855 if (elems->tim && !elems->parse_error) {
2856 const struct ieee80211_tim_ie *tim_ie = elems->tim;
2857 sdata->u.mgd.dtim_period = tim_ie->dtim_period;
2858 }
2859 }
2860 2825
2861 if (elems->ds_params) 2826 if (elems->ds_params)
2862 freq = ieee80211_channel_to_frequency(elems->ds_params[0], 2827 freq = ieee80211_channel_to_frequency(elems->ds_params[0],
@@ -2871,19 +2836,15 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2871 2836
2872 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 2837 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
2873 channel); 2838 channel);
2874 if (bss) 2839 if (bss) {
2875 ieee80211_rx_bss_put(local, bss); 2840 ieee80211_rx_bss_put(local, bss);
2841 sdata->vif.bss_conf.beacon_rate = bss->beacon_rate;
2842 }
2876 2843
2877 if (!sdata->u.mgd.associated || 2844 if (!sdata->u.mgd.associated ||
2878 !ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid)) 2845 !ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid))
2879 return; 2846 return;
2880 2847
2881 if (need_ps) {
2882 mutex_lock(&local->iflist_mtx);
2883 ieee80211_recalc_ps(local, -1);
2884 mutex_unlock(&local->iflist_mtx);
2885 }
2886
2887 ieee80211_sta_process_chanswitch(sdata, rx_status->mactime, 2848 ieee80211_sta_process_chanswitch(sdata, rx_status->mactime,
2888 elems, true); 2849 elems, true);
2889 2850
@@ -2901,7 +2862,7 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
2901 2862
2902 ifmgd = &sdata->u.mgd; 2863 ifmgd = &sdata->u.mgd;
2903 2864
2904 ASSERT_MGD_MTX(ifmgd); 2865 sdata_assert_lock(sdata);
2905 2866
2906 if (!ether_addr_equal(mgmt->da, sdata->vif.addr)) 2867 if (!ether_addr_equal(mgmt->da, sdata->vif.addr))
2907 return; /* ignore ProbeResp to foreign address */ 2868 return; /* ignore ProbeResp to foreign address */
@@ -2926,7 +2887,7 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
2926 ifmgd->auth_data->tries = 0; 2887 ifmgd->auth_data->tries = 0;
2927 ifmgd->auth_data->timeout = jiffies; 2888 ifmgd->auth_data->timeout = jiffies;
2928 ifmgd->auth_data->timeout_started = true; 2889 ifmgd->auth_data->timeout_started = true;
2929 run_again(ifmgd, ifmgd->auth_data->timeout); 2890 run_again(sdata, ifmgd->auth_data->timeout);
2930 } 2891 }
2931} 2892}
2932 2893
@@ -2951,10 +2912,9 @@ static const u64 care_about_ies =
2951 (1ULL << WLAN_EID_HT_CAPABILITY) | 2912 (1ULL << WLAN_EID_HT_CAPABILITY) |
2952 (1ULL << WLAN_EID_HT_OPERATION); 2913 (1ULL << WLAN_EID_HT_OPERATION);
2953 2914
2954static enum rx_mgmt_action 2915static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2955ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 2916 struct ieee80211_mgmt *mgmt, size_t len,
2956 struct ieee80211_mgmt *mgmt, size_t len, 2917 struct ieee80211_rx_status *rx_status)
2957 u8 *deauth_buf, struct ieee80211_rx_status *rx_status)
2958{ 2918{
2959 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2919 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2960 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 2920 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
@@ -2969,24 +2929,25 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2969 u8 erp_value = 0; 2929 u8 erp_value = 0;
2970 u32 ncrc; 2930 u32 ncrc;
2971 u8 *bssid; 2931 u8 *bssid;
2932 u8 deauth_buf[IEEE80211_DEAUTH_FRAME_LEN];
2972 2933
2973 lockdep_assert_held(&ifmgd->mtx); 2934 sdata_assert_lock(sdata);
2974 2935
2975 /* Process beacon from the current BSS */ 2936 /* Process beacon from the current BSS */
2976 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 2937 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2977 if (baselen > len) 2938 if (baselen > len)
2978 return RX_MGMT_NONE; 2939 return;
2979 2940
2980 rcu_read_lock(); 2941 rcu_read_lock();
2981 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 2942 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2982 if (!chanctx_conf) { 2943 if (!chanctx_conf) {
2983 rcu_read_unlock(); 2944 rcu_read_unlock();
2984 return RX_MGMT_NONE; 2945 return;
2985 } 2946 }
2986 2947
2987 if (rx_status->freq != chanctx_conf->def.chan->center_freq) { 2948 if (rx_status->freq != chanctx_conf->def.chan->center_freq) {
2988 rcu_read_unlock(); 2949 rcu_read_unlock();
2989 return RX_MGMT_NONE; 2950 return;
2990 } 2951 }
2991 chan = chanctx_conf->def.chan; 2952 chan = chanctx_conf->def.chan;
2992 rcu_read_unlock(); 2953 rcu_read_unlock();
@@ -2997,7 +2958,11 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2997 len - baselen, false, &elems); 2958 len - baselen, false, &elems);
2998 2959
2999 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems); 2960 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
3000 ifmgd->assoc_data->have_beacon = true; 2961 if (elems.tim && !elems.parse_error) {
2962 const struct ieee80211_tim_ie *tim_ie = elems.tim;
2963 ifmgd->dtim_period = tim_ie->dtim_period;
2964 }
2965 ifmgd->have_beacon = true;
3001 ifmgd->assoc_data->need_beacon = false; 2966 ifmgd->assoc_data->need_beacon = false;
3002 if (local->hw.flags & IEEE80211_HW_TIMING_BEACON_ONLY) { 2967 if (local->hw.flags & IEEE80211_HW_TIMING_BEACON_ONLY) {
3003 sdata->vif.bss_conf.sync_tsf = 2968 sdata->vif.bss_conf.sync_tsf =
@@ -3013,13 +2978,13 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3013 /* continue assoc process */ 2978 /* continue assoc process */
3014 ifmgd->assoc_data->timeout = jiffies; 2979 ifmgd->assoc_data->timeout = jiffies;
3015 ifmgd->assoc_data->timeout_started = true; 2980 ifmgd->assoc_data->timeout_started = true;
3016 run_again(ifmgd, ifmgd->assoc_data->timeout); 2981 run_again(sdata, ifmgd->assoc_data->timeout);
3017 return RX_MGMT_NONE; 2982 return;
3018 } 2983 }
3019 2984
3020 if (!ifmgd->associated || 2985 if (!ifmgd->associated ||
3021 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) 2986 !ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid))
3022 return RX_MGMT_NONE; 2987 return;
3023 bssid = ifmgd->associated->bssid; 2988 bssid = ifmgd->associated->bssid;
3024 2989
3025 /* Track average RSSI from the Beacon frames of the current AP */ 2990 /* Track average RSSI from the Beacon frames of the current AP */
@@ -3165,7 +3130,7 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3165 } 3130 }
3166 3131
3167 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid) 3132 if (ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid)
3168 return RX_MGMT_NONE; 3133 return;
3169 ifmgd->beacon_crc = ncrc; 3134 ifmgd->beacon_crc = ncrc;
3170 ifmgd->beacon_crc_valid = true; 3135 ifmgd->beacon_crc_valid = true;
3171 3136
@@ -3179,7 +3144,7 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3179 * If we haven't had a beacon before, tell the driver about the 3144 * If we haven't had a beacon before, tell the driver about the
3180 * DTIM period (and beacon timing if desired) now. 3145 * DTIM period (and beacon timing if desired) now.
3181 */ 3146 */
3182 if (!bss_conf->dtim_period) { 3147 if (!ifmgd->have_beacon) {
3183 /* a few bogus AP send dtim_period = 0 or no TIM IE */ 3148 /* a few bogus AP send dtim_period = 0 or no TIM IE */
3184 if (elems.tim) 3149 if (elems.tim)
3185 bss_conf->dtim_period = elems.tim->dtim_period ?: 1; 3150 bss_conf->dtim_period = elems.tim->dtim_period ?: 1;
@@ -3198,7 +3163,14 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3198 sdata->vif.bss_conf.sync_dtim_count = 0; 3163 sdata->vif.bss_conf.sync_dtim_count = 0;
3199 } 3164 }
3200 3165
3201 changed |= BSS_CHANGED_DTIM_PERIOD; 3166 changed |= BSS_CHANGED_BEACON_INFO;
3167 ifmgd->have_beacon = true;
3168
3169 mutex_lock(&local->iflist_mtx);
3170 ieee80211_recalc_ps(local, -1);
3171 mutex_unlock(&local->iflist_mtx);
3172
3173 ieee80211_recalc_ps_vif(sdata);
3202 } 3174 }
3203 3175
3204 if (elems.erp_info) { 3176 if (elems.erp_info) {
@@ -3220,7 +3192,9 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3220 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 3192 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
3221 WLAN_REASON_DEAUTH_LEAVING, 3193 WLAN_REASON_DEAUTH_LEAVING,
3222 true, deauth_buf); 3194 true, deauth_buf);
3223 return RX_MGMT_CFG80211_TX_DEAUTH; 3195 cfg80211_tx_mlme_mgmt(sdata->dev, deauth_buf,
3196 sizeof(deauth_buf));
3197 return;
3224 } 3198 }
3225 3199
3226 if (sta && elems.opmode_notif) 3200 if (sta && elems.opmode_notif)
@@ -3237,19 +3211,13 @@ ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3237 elems.pwr_constr_elem); 3211 elems.pwr_constr_elem);
3238 3212
3239 ieee80211_bss_info_change_notify(sdata, changed); 3213 ieee80211_bss_info_change_notify(sdata, changed);
3240
3241 return RX_MGMT_NONE;
3242} 3214}
3243 3215
3244void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 3216void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
3245 struct sk_buff *skb) 3217 struct sk_buff *skb)
3246{ 3218{
3247 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3248 struct ieee80211_rx_status *rx_status; 3219 struct ieee80211_rx_status *rx_status;
3249 struct ieee80211_mgmt *mgmt; 3220 struct ieee80211_mgmt *mgmt;
3250 struct cfg80211_bss *bss = NULL;
3251 enum rx_mgmt_action rma = RX_MGMT_NONE;
3252 u8 deauth_buf[IEEE80211_DEAUTH_FRAME_LEN];
3253 u16 fc; 3221 u16 fc;
3254 struct ieee802_11_elems elems; 3222 struct ieee802_11_elems elems;
3255 int ies_len; 3223 int ies_len;
@@ -3258,28 +3226,27 @@ void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
3258 mgmt = (struct ieee80211_mgmt *) skb->data; 3226 mgmt = (struct ieee80211_mgmt *) skb->data;
3259 fc = le16_to_cpu(mgmt->frame_control); 3227 fc = le16_to_cpu(mgmt->frame_control);
3260 3228
3261 mutex_lock(&ifmgd->mtx); 3229 sdata_lock(sdata);
3262 3230
3263 switch (fc & IEEE80211_FCTL_STYPE) { 3231 switch (fc & IEEE80211_FCTL_STYPE) {
3264 case IEEE80211_STYPE_BEACON: 3232 case IEEE80211_STYPE_BEACON:
3265 rma = ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, 3233 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
3266 deauth_buf, rx_status);
3267 break; 3234 break;
3268 case IEEE80211_STYPE_PROBE_RESP: 3235 case IEEE80211_STYPE_PROBE_RESP:
3269 ieee80211_rx_mgmt_probe_resp(sdata, skb); 3236 ieee80211_rx_mgmt_probe_resp(sdata, skb);
3270 break; 3237 break;
3271 case IEEE80211_STYPE_AUTH: 3238 case IEEE80211_STYPE_AUTH:
3272 rma = ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 3239 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len);
3273 break; 3240 break;
3274 case IEEE80211_STYPE_DEAUTH: 3241 case IEEE80211_STYPE_DEAUTH:
3275 rma = ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 3242 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len);
3276 break; 3243 break;
3277 case IEEE80211_STYPE_DISASSOC: 3244 case IEEE80211_STYPE_DISASSOC:
3278 rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 3245 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
3279 break; 3246 break;
3280 case IEEE80211_STYPE_ASSOC_RESP: 3247 case IEEE80211_STYPE_ASSOC_RESP:
3281 case IEEE80211_STYPE_REASSOC_RESP: 3248 case IEEE80211_STYPE_REASSOC_RESP:
3282 rma = ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, &bss); 3249 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len);
3283 break; 3250 break;
3284 case IEEE80211_STYPE_ACTION: 3251 case IEEE80211_STYPE_ACTION:
3285 if (mgmt->u.action.category == WLAN_CATEGORY_SPECTRUM_MGMT) { 3252 if (mgmt->u.action.category == WLAN_CATEGORY_SPECTRUM_MGMT) {
@@ -3325,34 +3292,7 @@ void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
3325 } 3292 }
3326 break; 3293 break;
3327 } 3294 }
3328 mutex_unlock(&ifmgd->mtx); 3295 sdata_unlock(sdata);
3329
3330 switch (rma) {
3331 case RX_MGMT_NONE:
3332 /* no action */
3333 break;
3334 case RX_MGMT_CFG80211_DEAUTH:
3335 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len);
3336 break;
3337 case RX_MGMT_CFG80211_DISASSOC:
3338 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len);
3339 break;
3340 case RX_MGMT_CFG80211_RX_AUTH:
3341 cfg80211_send_rx_auth(sdata->dev, (u8 *)mgmt, skb->len);
3342 break;
3343 case RX_MGMT_CFG80211_RX_ASSOC:
3344 cfg80211_send_rx_assoc(sdata->dev, bss, (u8 *)mgmt, skb->len);
3345 break;
3346 case RX_MGMT_CFG80211_ASSOC_TIMEOUT:
3347 cfg80211_send_assoc_timeout(sdata->dev, mgmt->bssid);
3348 break;
3349 case RX_MGMT_CFG80211_TX_DEAUTH:
3350 cfg80211_send_deauth(sdata->dev, deauth_buf,
3351 sizeof(deauth_buf));
3352 break;
3353 default:
3354 WARN(1, "unexpected: %d", rma);
3355 }
3356} 3296}
3357 3297
3358static void ieee80211_sta_timer(unsigned long data) 3298static void ieee80211_sta_timer(unsigned long data)
@@ -3366,20 +3306,13 @@ static void ieee80211_sta_timer(unsigned long data)
3366static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata, 3306static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata,
3367 u8 *bssid, u8 reason, bool tx) 3307 u8 *bssid, u8 reason, bool tx)
3368{ 3308{
3369 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3370 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 3309 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
3371 3310
3372 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason, 3311 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason,
3373 tx, frame_buf); 3312 tx, frame_buf);
3374 mutex_unlock(&ifmgd->mtx);
3375 3313
3376 /* 3314 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
3377 * must be outside lock due to cfg80211, 3315 IEEE80211_DEAUTH_FRAME_LEN);
3378 * but that's not a problem.
3379 */
3380 cfg80211_send_deauth(sdata->dev, frame_buf, IEEE80211_DEAUTH_FRAME_LEN);
3381
3382 mutex_lock(&ifmgd->mtx);
3383} 3316}
3384 3317
3385static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) 3318static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata)
@@ -3389,7 +3322,7 @@ static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata)
3389 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data; 3322 struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data;
3390 u32 tx_flags = 0; 3323 u32 tx_flags = 0;
3391 3324
3392 lockdep_assert_held(&ifmgd->mtx); 3325 sdata_assert_lock(sdata);
3393 3326
3394 if (WARN_ON_ONCE(!auth_data)) 3327 if (WARN_ON_ONCE(!auth_data))
3395 return -EINVAL; 3328 return -EINVAL;
@@ -3462,7 +3395,7 @@ static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata)
3462 if (tx_flags == 0) { 3395 if (tx_flags == 0) {
3463 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT; 3396 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
3464 ifmgd->auth_data->timeout_started = true; 3397 ifmgd->auth_data->timeout_started = true;
3465 run_again(ifmgd, auth_data->timeout); 3398 run_again(sdata, auth_data->timeout);
3466 } else { 3399 } else {
3467 auth_data->timeout_started = false; 3400 auth_data->timeout_started = false;
3468 } 3401 }
@@ -3475,7 +3408,7 @@ static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata)
3475 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data; 3408 struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
3476 struct ieee80211_local *local = sdata->local; 3409 struct ieee80211_local *local = sdata->local;
3477 3410
3478 lockdep_assert_held(&sdata->u.mgd.mtx); 3411 sdata_assert_lock(sdata);
3479 3412
3480 assoc_data->tries++; 3413 assoc_data->tries++;
3481 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) { 3414 if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) {
@@ -3499,7 +3432,7 @@ static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata)
3499 if (!(local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) { 3432 if (!(local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) {
3500 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT; 3433 assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT;
3501 assoc_data->timeout_started = true; 3434 assoc_data->timeout_started = true;
3502 run_again(&sdata->u.mgd, assoc_data->timeout); 3435 run_again(sdata, assoc_data->timeout);
3503 } else { 3436 } else {
3504 assoc_data->timeout_started = false; 3437 assoc_data->timeout_started = false;
3505 } 3438 }
@@ -3524,7 +3457,7 @@ void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3524 struct ieee80211_local *local = sdata->local; 3457 struct ieee80211_local *local = sdata->local;
3525 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3458 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3526 3459
3527 mutex_lock(&ifmgd->mtx); 3460 sdata_lock(sdata);
3528 3461
3529 if (ifmgd->status_received) { 3462 if (ifmgd->status_received) {
3530 __le16 fc = ifmgd->status_fc; 3463 __le16 fc = ifmgd->status_fc;
@@ -3536,7 +3469,7 @@ void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3536 if (status_acked) { 3469 if (status_acked) {
3537 ifmgd->auth_data->timeout = 3470 ifmgd->auth_data->timeout =
3538 jiffies + IEEE80211_AUTH_TIMEOUT_SHORT; 3471 jiffies + IEEE80211_AUTH_TIMEOUT_SHORT;
3539 run_again(ifmgd, ifmgd->auth_data->timeout); 3472 run_again(sdata, ifmgd->auth_data->timeout);
3540 } else { 3473 } else {
3541 ifmgd->auth_data->timeout = jiffies - 1; 3474 ifmgd->auth_data->timeout = jiffies - 1;
3542 } 3475 }
@@ -3547,7 +3480,7 @@ void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3547 if (status_acked) { 3480 if (status_acked) {
3548 ifmgd->assoc_data->timeout = 3481 ifmgd->assoc_data->timeout =
3549 jiffies + IEEE80211_ASSOC_TIMEOUT_SHORT; 3482 jiffies + IEEE80211_ASSOC_TIMEOUT_SHORT;
3550 run_again(ifmgd, ifmgd->assoc_data->timeout); 3483 run_again(sdata, ifmgd->assoc_data->timeout);
3551 } else { 3484 } else {
3552 ifmgd->assoc_data->timeout = jiffies - 1; 3485 ifmgd->assoc_data->timeout = jiffies - 1;
3553 } 3486 }
@@ -3570,30 +3503,22 @@ void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3570 3503
3571 ieee80211_destroy_auth_data(sdata, false); 3504 ieee80211_destroy_auth_data(sdata, false);
3572 3505
3573 mutex_unlock(&ifmgd->mtx); 3506 cfg80211_auth_timeout(sdata->dev, bssid);
3574 cfg80211_send_auth_timeout(sdata->dev, bssid);
3575 mutex_lock(&ifmgd->mtx);
3576 } 3507 }
3577 } else if (ifmgd->auth_data && ifmgd->auth_data->timeout_started) 3508 } else if (ifmgd->auth_data && ifmgd->auth_data->timeout_started)
3578 run_again(ifmgd, ifmgd->auth_data->timeout); 3509 run_again(sdata, ifmgd->auth_data->timeout);
3579 3510
3580 if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started && 3511 if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started &&
3581 time_after(jiffies, ifmgd->assoc_data->timeout)) { 3512 time_after(jiffies, ifmgd->assoc_data->timeout)) {
3582 if ((ifmgd->assoc_data->need_beacon && 3513 if ((ifmgd->assoc_data->need_beacon && !ifmgd->have_beacon) ||
3583 !ifmgd->assoc_data->have_beacon) ||
3584 ieee80211_do_assoc(sdata)) { 3514 ieee80211_do_assoc(sdata)) {
3585 u8 bssid[ETH_ALEN]; 3515 struct cfg80211_bss *bss = ifmgd->assoc_data->bss;
3586
3587 memcpy(bssid, ifmgd->assoc_data->bss->bssid, ETH_ALEN);
3588 3516
3589 ieee80211_destroy_assoc_data(sdata, false); 3517 ieee80211_destroy_assoc_data(sdata, false);
3590 3518 cfg80211_assoc_timeout(sdata->dev, bss);
3591 mutex_unlock(&ifmgd->mtx);
3592 cfg80211_send_assoc_timeout(sdata->dev, bssid);
3593 mutex_lock(&ifmgd->mtx);
3594 } 3519 }
3595 } else if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started) 3520 } else if (ifmgd->assoc_data && ifmgd->assoc_data->timeout_started)
3596 run_again(ifmgd, ifmgd->assoc_data->timeout); 3521 run_again(sdata, ifmgd->assoc_data->timeout);
3597 3522
3598 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL | 3523 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
3599 IEEE80211_STA_CONNECTION_POLL) && 3524 IEEE80211_STA_CONNECTION_POLL) &&
@@ -3627,7 +3552,7 @@ void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3627 false); 3552 false);
3628 } 3553 }
3629 } else if (time_is_after_jiffies(ifmgd->probe_timeout)) 3554 } else if (time_is_after_jiffies(ifmgd->probe_timeout))
3630 run_again(ifmgd, ifmgd->probe_timeout); 3555 run_again(sdata, ifmgd->probe_timeout);
3631 else if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) { 3556 else if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
3632 mlme_dbg(sdata, 3557 mlme_dbg(sdata,
3633 "Failed to send nullfunc to AP %pM after %dms, disconnecting\n", 3558 "Failed to send nullfunc to AP %pM after %dms, disconnecting\n",
@@ -3656,7 +3581,7 @@ void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
3656 } 3581 }
3657 } 3582 }
3658 3583
3659 mutex_unlock(&ifmgd->mtx); 3584 sdata_unlock(sdata);
3660} 3585}
3661 3586
3662static void ieee80211_sta_bcn_mon_timer(unsigned long data) 3587static void ieee80211_sta_bcn_mon_timer(unsigned long data)
@@ -3717,9 +3642,9 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
3717{ 3642{
3718 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3643 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3719 3644
3720 mutex_lock(&ifmgd->mtx); 3645 sdata_lock(sdata);
3721 if (!ifmgd->associated) { 3646 if (!ifmgd->associated) {
3722 mutex_unlock(&ifmgd->mtx); 3647 sdata_unlock(sdata);
3723 return; 3648 return;
3724 } 3649 }
3725 3650
@@ -3730,10 +3655,10 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
3730 ifmgd->associated->bssid, 3655 ifmgd->associated->bssid,
3731 WLAN_REASON_UNSPECIFIED, 3656 WLAN_REASON_UNSPECIFIED,
3732 true); 3657 true);
3733 mutex_unlock(&ifmgd->mtx); 3658 sdata_unlock(sdata);
3734 return; 3659 return;
3735 } 3660 }
3736 mutex_unlock(&ifmgd->mtx); 3661 sdata_unlock(sdata);
3737} 3662}
3738#endif 3663#endif
3739 3664
@@ -3765,8 +3690,6 @@ void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
3765 ifmgd->uapsd_max_sp_len = sdata->local->hw.uapsd_max_sp_len; 3690 ifmgd->uapsd_max_sp_len = sdata->local->hw.uapsd_max_sp_len;
3766 ifmgd->p2p_noa_index = -1; 3691 ifmgd->p2p_noa_index = -1;
3767 3692
3768 mutex_init(&ifmgd->mtx);
3769
3770 if (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS) 3693 if (sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS)
3771 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC; 3694 ifmgd->req_smps = IEEE80211_SMPS_AUTOMATIC;
3772 else 3695 else
@@ -3923,6 +3846,12 @@ static int ieee80211_prep_channel(struct ieee80211_sub_if_data *sdata,
3923 */ 3846 */
3924 ret = ieee80211_vif_use_channel(sdata, &chandef, 3847 ret = ieee80211_vif_use_channel(sdata, &chandef,
3925 IEEE80211_CHANCTX_SHARED); 3848 IEEE80211_CHANCTX_SHARED);
3849
3850 /* don't downgrade for 5 and 10 MHz channels, though. */
3851 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
3852 chandef.width == NL80211_CHAN_WIDTH_10)
3853 return ret;
3854
3926 while (ret && chandef.width != NL80211_CHAN_WIDTH_20_NOHT) { 3855 while (ret && chandef.width != NL80211_CHAN_WIDTH_20_NOHT) {
3927 ifmgd->flags |= chandef_downgrade(&chandef); 3856 ifmgd->flags |= chandef_downgrade(&chandef);
3928 ret = ieee80211_vif_use_channel(sdata, &chandef, 3857 ret = ieee80211_vif_use_channel(sdata, &chandef,
@@ -4122,8 +4051,6 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
4122 4051
4123 /* try to authenticate/probe */ 4052 /* try to authenticate/probe */
4124 4053
4125 mutex_lock(&ifmgd->mtx);
4126
4127 if ((ifmgd->auth_data && !ifmgd->auth_data->done) || 4054 if ((ifmgd->auth_data && !ifmgd->auth_data->done) ||
4128 ifmgd->assoc_data) { 4055 ifmgd->assoc_data) {
4129 err = -EBUSY; 4056 err = -EBUSY;
@@ -4143,8 +4070,8 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
4143 WLAN_REASON_UNSPECIFIED, 4070 WLAN_REASON_UNSPECIFIED,
4144 false, frame_buf); 4071 false, frame_buf);
4145 4072
4146 __cfg80211_send_deauth(sdata->dev, frame_buf, 4073 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4147 sizeof(frame_buf)); 4074 sizeof(frame_buf));
4148 } 4075 }
4149 4076
4150 sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid); 4077 sdata_info(sdata, "authenticate with %pM\n", req->bss->bssid);
@@ -4161,8 +4088,7 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
4161 4088
4162 /* hold our own reference */ 4089 /* hold our own reference */
4163 cfg80211_ref_bss(local->hw.wiphy, auth_data->bss); 4090 cfg80211_ref_bss(local->hw.wiphy, auth_data->bss);
4164 err = 0; 4091 return 0;
4165 goto out_unlock;
4166 4092
4167 err_clear: 4093 err_clear:
4168 memset(ifmgd->bssid, 0, ETH_ALEN); 4094 memset(ifmgd->bssid, 0, ETH_ALEN);
@@ -4170,9 +4096,6 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
4170 ifmgd->auth_data = NULL; 4096 ifmgd->auth_data = NULL;
4171 err_free: 4097 err_free:
4172 kfree(auth_data); 4098 kfree(auth_data);
4173 out_unlock:
4174 mutex_unlock(&ifmgd->mtx);
4175
4176 return err; 4099 return err;
4177} 4100}
4178 4101
@@ -4203,8 +4126,6 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4203 assoc_data->ssid_len = ssidie[1]; 4126 assoc_data->ssid_len = ssidie[1];
4204 rcu_read_unlock(); 4127 rcu_read_unlock();
4205 4128
4206 mutex_lock(&ifmgd->mtx);
4207
4208 if (ifmgd->associated) { 4129 if (ifmgd->associated) {
4209 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 4130 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4210 4131
@@ -4212,8 +4133,8 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4212 WLAN_REASON_UNSPECIFIED, 4133 WLAN_REASON_UNSPECIFIED,
4213 false, frame_buf); 4134 false, frame_buf);
4214 4135
4215 __cfg80211_send_deauth(sdata->dev, frame_buf, 4136 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4216 sizeof(frame_buf)); 4137 sizeof(frame_buf));
4217 } 4138 }
4218 4139
4219 if (ifmgd->auth_data && !ifmgd->auth_data->done) { 4140 if (ifmgd->auth_data && !ifmgd->auth_data->done) {
@@ -4360,6 +4281,7 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4360 4281
4361 ifmgd->assoc_data = assoc_data; 4282 ifmgd->assoc_data = assoc_data;
4362 ifmgd->dtim_period = 0; 4283 ifmgd->dtim_period = 0;
4284 ifmgd->have_beacon = false;
4363 4285
4364 err = ieee80211_prep_connection(sdata, req->bss, true); 4286 err = ieee80211_prep_connection(sdata, req->bss, true);
4365 if (err) 4287 if (err)
@@ -4391,7 +4313,7 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4391 ifmgd->dtim_period = tim->dtim_period; 4313 ifmgd->dtim_period = tim->dtim_period;
4392 dtim_count = tim->dtim_count; 4314 dtim_count = tim->dtim_count;
4393 } 4315 }
4394 assoc_data->have_beacon = true; 4316 ifmgd->have_beacon = true;
4395 assoc_data->timeout = jiffies; 4317 assoc_data->timeout = jiffies;
4396 assoc_data->timeout_started = true; 4318 assoc_data->timeout_started = true;
4397 4319
@@ -4407,7 +4329,7 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4407 } 4329 }
4408 rcu_read_unlock(); 4330 rcu_read_unlock();
4409 4331
4410 run_again(ifmgd, assoc_data->timeout); 4332 run_again(sdata, assoc_data->timeout);
4411 4333
4412 if (bss->corrupt_data) { 4334 if (bss->corrupt_data) {
4413 char *corrupt_type = "data"; 4335 char *corrupt_type = "data";
@@ -4423,17 +4345,13 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
4423 corrupt_type); 4345 corrupt_type);
4424 } 4346 }
4425 4347
4426 err = 0; 4348 return 0;
4427 goto out;
4428 err_clear: 4349 err_clear:
4429 memset(ifmgd->bssid, 0, ETH_ALEN); 4350 memset(ifmgd->bssid, 0, ETH_ALEN);
4430 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID); 4351 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
4431 ifmgd->assoc_data = NULL; 4352 ifmgd->assoc_data = NULL;
4432 err_free: 4353 err_free:
4433 kfree(assoc_data); 4354 kfree(assoc_data);
4434 out:
4435 mutex_unlock(&ifmgd->mtx);
4436
4437 return err; 4355 return err;
4438} 4356}
4439 4357
@@ -4445,8 +4363,6 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
4445 bool tx = !req->local_state_change; 4363 bool tx = !req->local_state_change;
4446 bool report_frame = false; 4364 bool report_frame = false;
4447 4365
4448 mutex_lock(&ifmgd->mtx);
4449
4450 sdata_info(sdata, 4366 sdata_info(sdata,
4451 "deauthenticating from %pM by local choice (reason=%d)\n", 4367 "deauthenticating from %pM by local choice (reason=%d)\n",
4452 req->bssid, req->reason_code); 4368 req->bssid, req->reason_code);
@@ -4458,7 +4374,6 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
4458 req->reason_code, tx, 4374 req->reason_code, tx,
4459 frame_buf); 4375 frame_buf);
4460 ieee80211_destroy_auth_data(sdata, false); 4376 ieee80211_destroy_auth_data(sdata, false);
4461 mutex_unlock(&ifmgd->mtx);
4462 4377
4463 report_frame = true; 4378 report_frame = true;
4464 goto out; 4379 goto out;
@@ -4470,12 +4385,11 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
4470 req->reason_code, tx, frame_buf); 4385 req->reason_code, tx, frame_buf);
4471 report_frame = true; 4386 report_frame = true;
4472 } 4387 }
4473 mutex_unlock(&ifmgd->mtx);
4474 4388
4475 out: 4389 out:
4476 if (report_frame) 4390 if (report_frame)
4477 __cfg80211_send_deauth(sdata->dev, frame_buf, 4391 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4478 IEEE80211_DEAUTH_FRAME_LEN); 4392 IEEE80211_DEAUTH_FRAME_LEN);
4479 4393
4480 return 0; 4394 return 0;
4481} 4395}
@@ -4487,18 +4401,14 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
4487 u8 bssid[ETH_ALEN]; 4401 u8 bssid[ETH_ALEN];
4488 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN]; 4402 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
4489 4403
4490 mutex_lock(&ifmgd->mtx);
4491
4492 /* 4404 /*
4493 * cfg80211 should catch this ... but it's racy since 4405 * cfg80211 should catch this ... but it's racy since
4494 * we can receive a disassoc frame, process it, hand it 4406 * we can receive a disassoc frame, process it, hand it
4495 * to cfg80211 while that's in a locked section already 4407 * to cfg80211 while that's in a locked section already
4496 * trying to tell us that the user wants to disconnect. 4408 * trying to tell us that the user wants to disconnect.
4497 */ 4409 */
4498 if (ifmgd->associated != req->bss) { 4410 if (ifmgd->associated != req->bss)
4499 mutex_unlock(&ifmgd->mtx);
4500 return -ENOLINK; 4411 return -ENOLINK;
4501 }
4502 4412
4503 sdata_info(sdata, 4413 sdata_info(sdata,
4504 "disassociating from %pM by local choice (reason=%d)\n", 4414 "disassociating from %pM by local choice (reason=%d)\n",
@@ -4508,10 +4418,9 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
4508 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC, 4418 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC,
4509 req->reason_code, !req->local_state_change, 4419 req->reason_code, !req->local_state_change,
4510 frame_buf); 4420 frame_buf);
4511 mutex_unlock(&ifmgd->mtx);
4512 4421
4513 __cfg80211_send_disassoc(sdata->dev, frame_buf, 4422 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
4514 IEEE80211_DEAUTH_FRAME_LEN); 4423 IEEE80211_DEAUTH_FRAME_LEN);
4515 4424
4516 return 0; 4425 return 0;
4517} 4426}
@@ -4531,13 +4440,16 @@ void ieee80211_mgd_stop(struct ieee80211_sub_if_data *sdata)
4531 cancel_work_sync(&ifmgd->csa_connection_drop_work); 4440 cancel_work_sync(&ifmgd->csa_connection_drop_work);
4532 cancel_work_sync(&ifmgd->chswitch_work); 4441 cancel_work_sync(&ifmgd->chswitch_work);
4533 4442
4534 mutex_lock(&ifmgd->mtx); 4443 sdata_lock(sdata);
4535 if (ifmgd->assoc_data) 4444 if (ifmgd->assoc_data) {
4445 struct cfg80211_bss *bss = ifmgd->assoc_data->bss;
4536 ieee80211_destroy_assoc_data(sdata, false); 4446 ieee80211_destroy_assoc_data(sdata, false);
4447 cfg80211_assoc_timeout(sdata->dev, bss);
4448 }
4537 if (ifmgd->auth_data) 4449 if (ifmgd->auth_data)
4538 ieee80211_destroy_auth_data(sdata, false); 4450 ieee80211_destroy_auth_data(sdata, false);
4539 del_timer_sync(&ifmgd->timer); 4451 del_timer_sync(&ifmgd->timer);
4540 mutex_unlock(&ifmgd->mtx); 4452 sdata_unlock(sdata);
4541} 4453}
4542 4454
4543void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif, 4455void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif,
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index a02bef35b134..30d58d2d13e2 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -397,8 +397,14 @@ static void rate_idx_match_mask(struct ieee80211_tx_rate *rate,
397 return; 397 return;
398 398
399 /* if HT BSS, and we handle a data frame, also try HT rates */ 399 /* if HT BSS, and we handle a data frame, also try HT rates */
400 if (chan_width == NL80211_CHAN_WIDTH_20_NOHT) 400 switch (chan_width) {
401 case NL80211_CHAN_WIDTH_20_NOHT:
402 case NL80211_CHAN_WIDTH_5:
403 case NL80211_CHAN_WIDTH_10:
401 return; 404 return;
405 default:
406 break;
407 }
402 408
403 alt_rate.idx = 0; 409 alt_rate.idx = 0;
404 /* keep protection flags */ 410 /* keep protection flags */
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 8e2952620256..23dbcfc69b3b 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -258,6 +258,8 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
258 pos += 2; 258 pos += 2;
259 259
260 if (status->flag & RX_FLAG_HT) { 260 if (status->flag & RX_FLAG_HT) {
261 unsigned int stbc;
262
261 rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_MCS); 263 rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_MCS);
262 *pos++ = local->hw.radiotap_mcs_details; 264 *pos++ = local->hw.radiotap_mcs_details;
263 *pos = 0; 265 *pos = 0;
@@ -267,6 +269,8 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
267 *pos |= IEEE80211_RADIOTAP_MCS_BW_40; 269 *pos |= IEEE80211_RADIOTAP_MCS_BW_40;
268 if (status->flag & RX_FLAG_HT_GF) 270 if (status->flag & RX_FLAG_HT_GF)
269 *pos |= IEEE80211_RADIOTAP_MCS_FMT_GF; 271 *pos |= IEEE80211_RADIOTAP_MCS_FMT_GF;
272 stbc = (status->flag & RX_FLAG_STBC_MASK) >> RX_FLAG_STBC_SHIFT;
273 *pos |= stbc << IEEE80211_RADIOTAP_MCS_STBC_SHIFT;
270 pos++; 274 pos++;
271 *pos++ = status->rate_idx; 275 *pos++ = status->rate_idx;
272 } 276 }
@@ -1372,6 +1376,7 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
1372 struct sk_buff *skb = rx->skb; 1376 struct sk_buff *skb = rx->skb;
1373 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); 1377 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1374 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 1378 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1379 int i;
1375 1380
1376 if (!sta) 1381 if (!sta)
1377 return RX_CONTINUE; 1382 return RX_CONTINUE;
@@ -1422,6 +1427,19 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
1422 ewma_add(&sta->avg_signal, -status->signal); 1427 ewma_add(&sta->avg_signal, -status->signal);
1423 } 1428 }
1424 1429
1430 if (status->chains) {
1431 sta->chains = status->chains;
1432 for (i = 0; i < ARRAY_SIZE(status->chain_signal); i++) {
1433 int signal = status->chain_signal[i];
1434
1435 if (!(status->chains & BIT(i)))
1436 continue;
1437
1438 sta->chain_signal_last[i] = signal;
1439 ewma_add(&sta->chain_signal_avg[i], -signal);
1440 }
1441 }
1442
1425 /* 1443 /*
1426 * Change STA power saving mode only at the end of a frame 1444 * Change STA power saving mode only at the end of a frame
1427 * exchange sequence. 1445 * exchange sequence.
@@ -1608,7 +1626,7 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
1608 entry->ccmp = 1; 1626 entry->ccmp = 1;
1609 memcpy(entry->last_pn, 1627 memcpy(entry->last_pn,
1610 rx->key->u.ccmp.rx_pn[queue], 1628 rx->key->u.ccmp.rx_pn[queue],
1611 CCMP_PN_LEN); 1629 IEEE80211_CCMP_PN_LEN);
1612 } 1630 }
1613 return RX_QUEUED; 1631 return RX_QUEUED;
1614 } 1632 }
@@ -1627,21 +1645,21 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
1627 * (IEEE 802.11i, 8.3.3.4.5) */ 1645 * (IEEE 802.11i, 8.3.3.4.5) */
1628 if (entry->ccmp) { 1646 if (entry->ccmp) {
1629 int i; 1647 int i;
1630 u8 pn[CCMP_PN_LEN], *rpn; 1648 u8 pn[IEEE80211_CCMP_PN_LEN], *rpn;
1631 int queue; 1649 int queue;
1632 if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP) 1650 if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP)
1633 return RX_DROP_UNUSABLE; 1651 return RX_DROP_UNUSABLE;
1634 memcpy(pn, entry->last_pn, CCMP_PN_LEN); 1652 memcpy(pn, entry->last_pn, IEEE80211_CCMP_PN_LEN);
1635 for (i = CCMP_PN_LEN - 1; i >= 0; i--) { 1653 for (i = IEEE80211_CCMP_PN_LEN - 1; i >= 0; i--) {
1636 pn[i]++; 1654 pn[i]++;
1637 if (pn[i]) 1655 if (pn[i])
1638 break; 1656 break;
1639 } 1657 }
1640 queue = rx->security_idx; 1658 queue = rx->security_idx;
1641 rpn = rx->key->u.ccmp.rx_pn[queue]; 1659 rpn = rx->key->u.ccmp.rx_pn[queue];
1642 if (memcmp(pn, rpn, CCMP_PN_LEN)) 1660 if (memcmp(pn, rpn, IEEE80211_CCMP_PN_LEN))
1643 return RX_DROP_UNUSABLE; 1661 return RX_DROP_UNUSABLE;
1644 memcpy(entry->last_pn, pn, CCMP_PN_LEN); 1662 memcpy(entry->last_pn, pn, IEEE80211_CCMP_PN_LEN);
1645 } 1663 }
1646 1664
1647 skb_pull(rx->skb, ieee80211_hdrlen(fc)); 1665 skb_pull(rx->skb, ieee80211_hdrlen(fc));
@@ -1729,27 +1747,21 @@ static int ieee80211_drop_unencrypted_mgmt(struct ieee80211_rx_data *rx)
1729 if (unlikely(!ieee80211_has_protected(fc) && 1747 if (unlikely(!ieee80211_has_protected(fc) &&
1730 ieee80211_is_unicast_robust_mgmt_frame(rx->skb) && 1748 ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1731 rx->key)) { 1749 rx->key)) {
1732 if (ieee80211_is_deauth(fc)) 1750 if (ieee80211_is_deauth(fc) ||
1733 cfg80211_send_unprot_deauth(rx->sdata->dev, 1751 ieee80211_is_disassoc(fc))
1734 rx->skb->data, 1752 cfg80211_rx_unprot_mlme_mgmt(rx->sdata->dev,
1735 rx->skb->len); 1753 rx->skb->data,
1736 else if (ieee80211_is_disassoc(fc)) 1754 rx->skb->len);
1737 cfg80211_send_unprot_disassoc(rx->sdata->dev,
1738 rx->skb->data,
1739 rx->skb->len);
1740 return -EACCES; 1755 return -EACCES;
1741 } 1756 }
1742 /* BIP does not use Protected field, so need to check MMIE */ 1757 /* BIP does not use Protected field, so need to check MMIE */
1743 if (unlikely(ieee80211_is_multicast_robust_mgmt_frame(rx->skb) && 1758 if (unlikely(ieee80211_is_multicast_robust_mgmt_frame(rx->skb) &&
1744 ieee80211_get_mmie_keyidx(rx->skb) < 0)) { 1759 ieee80211_get_mmie_keyidx(rx->skb) < 0)) {
1745 if (ieee80211_is_deauth(fc)) 1760 if (ieee80211_is_deauth(fc) ||
1746 cfg80211_send_unprot_deauth(rx->sdata->dev, 1761 ieee80211_is_disassoc(fc))
1747 rx->skb->data, 1762 cfg80211_rx_unprot_mlme_mgmt(rx->sdata->dev,
1748 rx->skb->len); 1763 rx->skb->data,
1749 else if (ieee80211_is_disassoc(fc)) 1764 rx->skb->len);
1750 cfg80211_send_unprot_disassoc(rx->sdata->dev,
1751 rx->skb->data,
1752 rx->skb->len);
1753 return -EACCES; 1765 return -EACCES;
1754 } 1766 }
1755 /* 1767 /*
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 99b103921a4b..1b122a79b0d8 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -140,6 +140,15 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
140 bss->valid_data |= IEEE80211_BSS_VALID_WMM; 140 bss->valid_data |= IEEE80211_BSS_VALID_WMM;
141 } 141 }
142 142
143 if (beacon) {
144 struct ieee80211_supported_band *sband =
145 local->hw.wiphy->bands[rx_status->band];
146 if (!(rx_status->flag & RX_FLAG_HT) &&
147 !(rx_status->flag & RX_FLAG_VHT))
148 bss->beacon_rate =
149 &sband->bitrates[rx_status->rate_idx];
150 }
151
143 return bss; 152 return bss;
144} 153}
145 154
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 11216bc13b27..aeb967a0aeed 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -149,6 +149,7 @@ static void cleanup_single_sta(struct sta_info *sta)
149 * directly by station destruction. 149 * directly by station destruction.
150 */ 150 */
151 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 151 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
152 kfree(sta->ampdu_mlme.tid_start_tx[i]);
152 tid_tx = rcu_dereference_raw(sta->ampdu_mlme.tid_tx[i]); 153 tid_tx = rcu_dereference_raw(sta->ampdu_mlme.tid_tx[i]);
153 if (!tid_tx) 154 if (!tid_tx)
154 continue; 155 continue;
@@ -346,6 +347,7 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
346 if (ieee80211_vif_is_mesh(&sdata->vif) && 347 if (ieee80211_vif_is_mesh(&sdata->vif) &&
347 !sdata->u.mesh.user_mpm) 348 !sdata->u.mesh.user_mpm)
348 init_timer(&sta->plink_timer); 349 init_timer(&sta->plink_timer);
350 sta->nonpeer_pm = NL80211_MESH_POWER_ACTIVE;
349#endif 351#endif
350 352
351 memcpy(sta->sta.addr, addr, ETH_ALEN); 353 memcpy(sta->sta.addr, addr, ETH_ALEN);
@@ -358,6 +360,8 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
358 do_posix_clock_monotonic_gettime(&uptime); 360 do_posix_clock_monotonic_gettime(&uptime);
359 sta->last_connected = uptime.tv_sec; 361 sta->last_connected = uptime.tv_sec;
360 ewma_init(&sta->avg_signal, 1024, 8); 362 ewma_init(&sta->avg_signal, 1024, 8);
363 for (i = 0; i < ARRAY_SIZE(sta->chain_signal_avg); i++)
364 ewma_init(&sta->chain_signal_avg[i], 1024, 8);
361 365
362 if (sta_prepare_rate_control(local, sta, gfp)) { 366 if (sta_prepare_rate_control(local, sta, gfp)) {
363 kfree(sta); 367 kfree(sta);
@@ -1130,6 +1134,7 @@ static void ieee80211_send_null_response(struct ieee80211_sub_if_data *sdata,
1130 * ends the poll/service period. 1134 * ends the poll/service period.
1131 */ 1135 */
1132 info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER | 1136 info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER |
1137 IEEE80211_TX_CTL_PS_RESPONSE |
1133 IEEE80211_TX_STATUS_EOSP | 1138 IEEE80211_TX_STATUS_EOSP |
1134 IEEE80211_TX_CTL_REQ_TX_STATUS; 1139 IEEE80211_TX_CTL_REQ_TX_STATUS;
1135 1140
@@ -1267,7 +1272,8 @@ ieee80211_sta_ps_deliver_response(struct sta_info *sta,
1267 * STA may still remain is PS mode after this frame 1272 * STA may still remain is PS mode after this frame
1268 * exchange. 1273 * exchange.
1269 */ 1274 */
1270 info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER; 1275 info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER |
1276 IEEE80211_TX_CTL_PS_RESPONSE;
1271 1277
1272 /* 1278 /*
1273 * Use MoreData flag to indicate whether there are 1279 * Use MoreData flag to indicate whether there are
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index adc30045f99e..4208dbd5861f 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -203,6 +203,7 @@ struct tid_ampdu_rx {
203 * driver requested to close until the work for it runs 203 * driver requested to close until the work for it runs
204 * @mtx: mutex to protect all TX data (except non-NULL assignments 204 * @mtx: mutex to protect all TX data (except non-NULL assignments
205 * to tid_tx[idx], which are protected by the sta spinlock) 205 * to tid_tx[idx], which are protected by the sta spinlock)
206 * tid_start_tx is also protected by sta->lock.
206 */ 207 */
207struct sta_ampdu_mlme { 208struct sta_ampdu_mlme {
208 struct mutex mtx; 209 struct mutex mtx;
@@ -297,6 +298,9 @@ struct sta_ampdu_mlme {
297 * @rcu_head: RCU head used for freeing this station struct 298 * @rcu_head: RCU head used for freeing this station struct
298 * @cur_max_bandwidth: maximum bandwidth to use for TX to the station, 299 * @cur_max_bandwidth: maximum bandwidth to use for TX to the station,
299 * taken from HT/VHT capabilities or VHT operating mode notification 300 * taken from HT/VHT capabilities or VHT operating mode notification
301 * @chains: chains ever used for RX from this station
302 * @chain_signal_last: last signal (per chain)
303 * @chain_signal_avg: signal average (per chain)
300 */ 304 */
301struct sta_info { 305struct sta_info {
302 /* General information, mostly static */ 306 /* General information, mostly static */
@@ -344,6 +348,11 @@ struct sta_info {
344 int last_signal; 348 int last_signal;
345 struct ewma avg_signal; 349 struct ewma avg_signal;
346 int last_ack_signal; 350 int last_ack_signal;
351
352 u8 chains;
353 s8 chain_signal_last[IEEE80211_MAX_CHAINS];
354 struct ewma chain_signal_avg[IEEE80211_MAX_CHAINS];
355
347 /* Plus 1 for non-QoS frames */ 356 /* Plus 1 for non-QoS frames */
348 __le16 last_seq_ctrl[IEEE80211_NUM_TIDS + 1]; 357 __le16 last_seq_ctrl[IEEE80211_NUM_TIDS + 1];
349 358
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 9972e07a2f96..4105d0ca963e 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -398,13 +398,14 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
398 if (ieee80211_has_order(hdr->frame_control)) 398 if (ieee80211_has_order(hdr->frame_control))
399 return TX_CONTINUE; 399 return TX_CONTINUE;
400 400
401 if (tx->local->hw.flags & IEEE80211_HW_QUEUE_CONTROL)
402 info->hw_queue = tx->sdata->vif.cab_queue;
403
401 /* no stations in PS mode */ 404 /* no stations in PS mode */
402 if (!atomic_read(&ps->num_sta_ps)) 405 if (!atomic_read(&ps->num_sta_ps))
403 return TX_CONTINUE; 406 return TX_CONTINUE;
404 407
405 info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM; 408 info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM;
406 if (tx->local->hw.flags & IEEE80211_HW_QUEUE_CONTROL)
407 info->hw_queue = tx->sdata->vif.cab_queue;
408 409
409 /* device releases frame after DTIM beacon */ 410 /* device releases frame after DTIM beacon */
410 if (!(tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING)) 411 if (!(tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING))
@@ -1789,12 +1790,6 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1789 break; 1790 break;
1790#ifdef CONFIG_MAC80211_MESH 1791#ifdef CONFIG_MAC80211_MESH
1791 case NL80211_IFTYPE_MESH_POINT: 1792 case NL80211_IFTYPE_MESH_POINT:
1792 if (!sdata->u.mesh.mshcfg.dot11MeshTTL) {
1793 /* Do not send frames with mesh_ttl == 0 */
1794 sdata->u.mesh.mshstats.dropped_frames_ttl++;
1795 goto fail_rcu;
1796 }
1797
1798 if (!is_multicast_ether_addr(skb->data)) { 1793 if (!is_multicast_ether_addr(skb->data)) {
1799 struct sta_info *next_hop; 1794 struct sta_info *next_hop;
1800 bool mpp_lookup = true; 1795 bool mpp_lookup = true;
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 72e6292955bb..22654452a561 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -560,6 +560,9 @@ void ieee80211_iterate_active_interfaces(
560 list_for_each_entry(sdata, &local->interfaces, list) { 560 list_for_each_entry(sdata, &local->interfaces, list) {
561 switch (sdata->vif.type) { 561 switch (sdata->vif.type) {
562 case NL80211_IFTYPE_MONITOR: 562 case NL80211_IFTYPE_MONITOR:
563 if (!(sdata->u.mntr_flags & MONITOR_FLAG_ACTIVE))
564 continue;
565 break;
563 case NL80211_IFTYPE_AP_VLAN: 566 case NL80211_IFTYPE_AP_VLAN:
564 continue; 567 continue;
565 default: 568 default:
@@ -598,6 +601,9 @@ void ieee80211_iterate_active_interfaces_atomic(
598 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 601 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
599 switch (sdata->vif.type) { 602 switch (sdata->vif.type) {
600 case NL80211_IFTYPE_MONITOR: 603 case NL80211_IFTYPE_MONITOR:
604 if (!(sdata->u.mntr_flags & MONITOR_FLAG_ACTIVE))
605 continue;
606 break;
601 case NL80211_IFTYPE_AP_VLAN: 607 case NL80211_IFTYPE_AP_VLAN:
602 continue; 608 continue;
603 default: 609 default:
@@ -1072,32 +1078,6 @@ void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
1072 ieee80211_set_wmm_default(sdata, true); 1078 ieee80211_set_wmm_default(sdata, true);
1073} 1079}
1074 1080
1075u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
1076 enum ieee80211_band band)
1077{
1078 struct ieee80211_supported_band *sband;
1079 struct ieee80211_rate *bitrates;
1080 u32 mandatory_rates;
1081 enum ieee80211_rate_flags mandatory_flag;
1082 int i;
1083
1084 sband = local->hw.wiphy->bands[band];
1085 if (WARN_ON(!sband))
1086 return 1;
1087
1088 if (band == IEEE80211_BAND_2GHZ)
1089 mandatory_flag = IEEE80211_RATE_MANDATORY_B;
1090 else
1091 mandatory_flag = IEEE80211_RATE_MANDATORY_A;
1092
1093 bitrates = sband->bitrates;
1094 mandatory_rates = 0;
1095 for (i = 0; i < sband->n_bitrates; i++)
1096 if (bitrates[i].flags & mandatory_flag)
1097 mandatory_rates |= BIT(i);
1098 return mandatory_rates;
1099}
1100
1101void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, 1081void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1102 u16 transaction, u16 auth_alg, u16 status, 1082 u16 transaction, u16 auth_alg, u16 status,
1103 const u8 *extra, size_t extra_len, const u8 *da, 1083 const u8 *extra, size_t extra_len, const u8 *da,
@@ -1604,12 +1584,13 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1604 BSS_CHANGED_ARP_FILTER | 1584 BSS_CHANGED_ARP_FILTER |
1605 BSS_CHANGED_PS; 1585 BSS_CHANGED_PS;
1606 1586
1607 if (sdata->u.mgd.dtim_period) 1587 /* Re-send beacon info report to the driver */
1608 changed |= BSS_CHANGED_DTIM_PERIOD; 1588 if (sdata->u.mgd.have_beacon)
1589 changed |= BSS_CHANGED_BEACON_INFO;
1609 1590
1610 mutex_lock(&sdata->u.mgd.mtx); 1591 sdata_lock(sdata);
1611 ieee80211_bss_info_change_notify(sdata, changed); 1592 ieee80211_bss_info_change_notify(sdata, changed);
1612 mutex_unlock(&sdata->u.mgd.mtx); 1593 sdata_unlock(sdata);
1613 break; 1594 break;
1614 case NL80211_IFTYPE_ADHOC: 1595 case NL80211_IFTYPE_ADHOC:
1615 changed |= BSS_CHANGED_IBSS; 1596 changed |= BSS_CHANGED_IBSS;
diff --git a/net/mac80211/vht.c b/net/mac80211/vht.c
index 171344d4eb7c..97c289414e32 100644
--- a/net/mac80211/vht.c
+++ b/net/mac80211/vht.c
@@ -396,7 +396,7 @@ void ieee80211_vht_handle_opmode(struct ieee80211_sub_if_data *sdata,
396 new_bw = ieee80211_sta_cur_vht_bw(sta); 396 new_bw = ieee80211_sta_cur_vht_bw(sta);
397 if (new_bw != sta->sta.bandwidth) { 397 if (new_bw != sta->sta.bandwidth) {
398 sta->sta.bandwidth = new_bw; 398 sta->sta.bandwidth = new_bw;
399 changed |= IEEE80211_RC_NSS_CHANGED; 399 changed |= IEEE80211_RC_BW_CHANGED;
400 } 400 }
401 401
402 change: 402 change:
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index c04d401dae92..6ee2b5863572 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -28,7 +28,7 @@
28int ieee80211_wep_init(struct ieee80211_local *local) 28int ieee80211_wep_init(struct ieee80211_local *local)
29{ 29{
30 /* start WEP IV from a random value */ 30 /* start WEP IV from a random value */
31 get_random_bytes(&local->wep_iv, WEP_IV_LEN); 31 get_random_bytes(&local->wep_iv, IEEE80211_WEP_IV_LEN);
32 32
33 local->wep_tx_tfm = crypto_alloc_cipher("arc4", 0, CRYPTO_ALG_ASYNC); 33 local->wep_tx_tfm = crypto_alloc_cipher("arc4", 0, CRYPTO_ALG_ASYNC);
34 if (IS_ERR(local->wep_tx_tfm)) { 34 if (IS_ERR(local->wep_tx_tfm)) {
@@ -98,20 +98,21 @@ static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local,
98 98
99 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 99 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
100 100
101 if (WARN_ON(skb_tailroom(skb) < WEP_ICV_LEN || 101 if (WARN_ON(skb_tailroom(skb) < IEEE80211_WEP_ICV_LEN ||
102 skb_headroom(skb) < WEP_IV_LEN)) 102 skb_headroom(skb) < IEEE80211_WEP_IV_LEN))
103 return NULL; 103 return NULL;
104 104
105 hdrlen = ieee80211_hdrlen(hdr->frame_control); 105 hdrlen = ieee80211_hdrlen(hdr->frame_control);
106 newhdr = skb_push(skb, WEP_IV_LEN); 106 newhdr = skb_push(skb, IEEE80211_WEP_IV_LEN);
107 memmove(newhdr, newhdr + WEP_IV_LEN, hdrlen); 107 memmove(newhdr, newhdr + IEEE80211_WEP_IV_LEN, hdrlen);
108 108
109 /* the HW only needs room for the IV, but not the actual IV */ 109 /* the HW only needs room for the IV, but not the actual IV */
110 if (info->control.hw_key && 110 if (info->control.hw_key &&
111 (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) 111 (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))
112 return newhdr + hdrlen; 112 return newhdr + hdrlen;
113 113
114 skb_set_network_header(skb, skb_network_offset(skb) + WEP_IV_LEN); 114 skb_set_network_header(skb, skb_network_offset(skb) +
115 IEEE80211_WEP_IV_LEN);
115 ieee80211_wep_get_iv(local, keylen, keyidx, newhdr + hdrlen); 116 ieee80211_wep_get_iv(local, keylen, keyidx, newhdr + hdrlen);
116 return newhdr + hdrlen; 117 return newhdr + hdrlen;
117} 118}
@@ -125,8 +126,8 @@ static void ieee80211_wep_remove_iv(struct ieee80211_local *local,
125 unsigned int hdrlen; 126 unsigned int hdrlen;
126 127
127 hdrlen = ieee80211_hdrlen(hdr->frame_control); 128 hdrlen = ieee80211_hdrlen(hdr->frame_control);
128 memmove(skb->data + WEP_IV_LEN, skb->data, hdrlen); 129 memmove(skb->data + IEEE80211_WEP_IV_LEN, skb->data, hdrlen);
129 skb_pull(skb, WEP_IV_LEN); 130 skb_pull(skb, IEEE80211_WEP_IV_LEN);
130} 131}
131 132
132 133
@@ -146,7 +147,7 @@ int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key,
146 put_unaligned(icv, (__le32 *)(data + data_len)); 147 put_unaligned(icv, (__le32 *)(data + data_len));
147 148
148 crypto_cipher_setkey(tfm, rc4key, klen); 149 crypto_cipher_setkey(tfm, rc4key, klen);
149 for (i = 0; i < data_len + WEP_ICV_LEN; i++) 150 for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++)
150 crypto_cipher_encrypt_one(tfm, data + i, data + i); 151 crypto_cipher_encrypt_one(tfm, data + i, data + i);
151 152
152 return 0; 153 return 0;
@@ -172,7 +173,7 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local,
172 if (!iv) 173 if (!iv)
173 return -1; 174 return -1;
174 175
175 len = skb->len - (iv + WEP_IV_LEN - skb->data); 176 len = skb->len - (iv + IEEE80211_WEP_IV_LEN - skb->data);
176 177
177 /* Prepend 24-bit IV to RC4 key */ 178 /* Prepend 24-bit IV to RC4 key */
178 memcpy(rc4key, iv, 3); 179 memcpy(rc4key, iv, 3);
@@ -181,10 +182,10 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local,
181 memcpy(rc4key + 3, key, keylen); 182 memcpy(rc4key + 3, key, keylen);
182 183
183 /* Add room for ICV */ 184 /* Add room for ICV */
184 skb_put(skb, WEP_ICV_LEN); 185 skb_put(skb, IEEE80211_WEP_ICV_LEN);
185 186
186 return ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3, 187 return ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3,
187 iv + WEP_IV_LEN, len); 188 iv + IEEE80211_WEP_IV_LEN, len);
188} 189}
189 190
190 191
@@ -201,11 +202,11 @@ int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key,
201 return -1; 202 return -1;
202 203
203 crypto_cipher_setkey(tfm, rc4key, klen); 204 crypto_cipher_setkey(tfm, rc4key, klen);
204 for (i = 0; i < data_len + WEP_ICV_LEN; i++) 205 for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++)
205 crypto_cipher_decrypt_one(tfm, data + i, data + i); 206 crypto_cipher_decrypt_one(tfm, data + i, data + i);
206 207
207 crc = cpu_to_le32(~crc32_le(~0, data, data_len)); 208 crc = cpu_to_le32(~crc32_le(~0, data, data_len));
208 if (memcmp(&crc, data + data_len, WEP_ICV_LEN) != 0) 209 if (memcmp(&crc, data + data_len, IEEE80211_WEP_ICV_LEN) != 0)
209 /* ICV mismatch */ 210 /* ICV mismatch */
210 return -1; 211 return -1;
211 212
@@ -237,10 +238,10 @@ static int ieee80211_wep_decrypt(struct ieee80211_local *local,
237 return -1; 238 return -1;
238 239
239 hdrlen = ieee80211_hdrlen(hdr->frame_control); 240 hdrlen = ieee80211_hdrlen(hdr->frame_control);
240 if (skb->len < hdrlen + WEP_IV_LEN + WEP_ICV_LEN) 241 if (skb->len < hdrlen + IEEE80211_WEP_IV_LEN + IEEE80211_WEP_ICV_LEN)
241 return -1; 242 return -1;
242 243
243 len = skb->len - hdrlen - WEP_IV_LEN - WEP_ICV_LEN; 244 len = skb->len - hdrlen - IEEE80211_WEP_IV_LEN - IEEE80211_WEP_ICV_LEN;
244 245
245 keyidx = skb->data[hdrlen + 3] >> 6; 246 keyidx = skb->data[hdrlen + 3] >> 6;
246 247
@@ -256,16 +257,16 @@ static int ieee80211_wep_decrypt(struct ieee80211_local *local,
256 memcpy(rc4key + 3, key->conf.key, key->conf.keylen); 257 memcpy(rc4key + 3, key->conf.key, key->conf.keylen);
257 258
258 if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen, 259 if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen,
259 skb->data + hdrlen + WEP_IV_LEN, 260 skb->data + hdrlen +
260 len)) 261 IEEE80211_WEP_IV_LEN, len))
261 ret = -1; 262 ret = -1;
262 263
263 /* Trim ICV */ 264 /* Trim ICV */
264 skb_trim(skb, skb->len - WEP_ICV_LEN); 265 skb_trim(skb, skb->len - IEEE80211_WEP_ICV_LEN);
265 266
266 /* Remove IV */ 267 /* Remove IV */
267 memmove(skb->data + WEP_IV_LEN, skb->data, hdrlen); 268 memmove(skb->data + IEEE80211_WEP_IV_LEN, skb->data, hdrlen);
268 skb_pull(skb, WEP_IV_LEN); 269 skb_pull(skb, IEEE80211_WEP_IV_LEN);
269 270
270 return ret; 271 return ret;
271} 272}
@@ -305,13 +306,14 @@ ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx)
305 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) 306 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key))
306 return RX_DROP_UNUSABLE; 307 return RX_DROP_UNUSABLE;
307 } else if (!(status->flag & RX_FLAG_IV_STRIPPED)) { 308 } else if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
308 if (!pskb_may_pull(rx->skb, ieee80211_hdrlen(fc) + WEP_IV_LEN)) 309 if (!pskb_may_pull(rx->skb, ieee80211_hdrlen(fc) +
310 IEEE80211_WEP_IV_LEN))
309 return RX_DROP_UNUSABLE; 311 return RX_DROP_UNUSABLE;
310 if (rx->sta && ieee80211_wep_is_weak_iv(rx->skb, rx->key)) 312 if (rx->sta && ieee80211_wep_is_weak_iv(rx->skb, rx->key))
311 rx->sta->wep_weak_iv_count++; 313 rx->sta->wep_weak_iv_count++;
312 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key); 314 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
313 /* remove ICV */ 315 /* remove ICV */
314 if (pskb_trim(rx->skb, rx->skb->len - WEP_ICV_LEN)) 316 if (pskb_trim(rx->skb, rx->skb->len - IEEE80211_WEP_ICV_LEN))
315 return RX_DROP_UNUSABLE; 317 return RX_DROP_UNUSABLE;
316 } 318 }
317 319
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index c7c6d644486f..c9edfcb7a13b 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -62,10 +62,10 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
62 62
63 tail = MICHAEL_MIC_LEN; 63 tail = MICHAEL_MIC_LEN;
64 if (!info->control.hw_key) 64 if (!info->control.hw_key)
65 tail += TKIP_ICV_LEN; 65 tail += IEEE80211_TKIP_ICV_LEN;
66 66
67 if (WARN_ON(skb_tailroom(skb) < tail || 67 if (WARN_ON(skb_tailroom(skb) < tail ||
68 skb_headroom(skb) < TKIP_IV_LEN)) 68 skb_headroom(skb) < IEEE80211_TKIP_IV_LEN))
69 return TX_DROP; 69 return TX_DROP;
70 70
71 key = &tx->key->conf.key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY]; 71 key = &tx->key->conf.key[NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY];
@@ -198,15 +198,16 @@ static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
198 if (info->control.hw_key) 198 if (info->control.hw_key)
199 tail = 0; 199 tail = 0;
200 else 200 else
201 tail = TKIP_ICV_LEN; 201 tail = IEEE80211_TKIP_ICV_LEN;
202 202
203 if (WARN_ON(skb_tailroom(skb) < tail || 203 if (WARN_ON(skb_tailroom(skb) < tail ||
204 skb_headroom(skb) < TKIP_IV_LEN)) 204 skb_headroom(skb) < IEEE80211_TKIP_IV_LEN))
205 return -1; 205 return -1;
206 206
207 pos = skb_push(skb, TKIP_IV_LEN); 207 pos = skb_push(skb, IEEE80211_TKIP_IV_LEN);
208 memmove(pos, pos + TKIP_IV_LEN, hdrlen); 208 memmove(pos, pos + IEEE80211_TKIP_IV_LEN, hdrlen);
209 skb_set_network_header(skb, skb_network_offset(skb) + TKIP_IV_LEN); 209 skb_set_network_header(skb, skb_network_offset(skb) +
210 IEEE80211_TKIP_IV_LEN);
210 pos += hdrlen; 211 pos += hdrlen;
211 212
212 /* the HW only needs room for the IV, but not the actual IV */ 213 /* the HW only needs room for the IV, but not the actual IV */
@@ -227,7 +228,7 @@ static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
227 return 0; 228 return 0;
228 229
229 /* Add room for ICV */ 230 /* Add room for ICV */
230 skb_put(skb, TKIP_ICV_LEN); 231 skb_put(skb, IEEE80211_TKIP_ICV_LEN);
231 232
232 return ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm, 233 return ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm,
233 key, skb, pos, len); 234 key, skb, pos, len);
@@ -290,11 +291,11 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx)
290 return RX_DROP_UNUSABLE; 291 return RX_DROP_UNUSABLE;
291 292
292 /* Trim ICV */ 293 /* Trim ICV */
293 skb_trim(skb, skb->len - TKIP_ICV_LEN); 294 skb_trim(skb, skb->len - IEEE80211_TKIP_ICV_LEN);
294 295
295 /* Remove IV */ 296 /* Remove IV */
296 memmove(skb->data + TKIP_IV_LEN, skb->data, hdrlen); 297 memmove(skb->data + IEEE80211_TKIP_IV_LEN, skb->data, hdrlen);
297 skb_pull(skb, TKIP_IV_LEN); 298 skb_pull(skb, IEEE80211_TKIP_IV_LEN);
298 299
299 return RX_CONTINUE; 300 return RX_CONTINUE;
300} 301}
@@ -337,9 +338,9 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
337 else 338 else
338 qos_tid = 0; 339 qos_tid = 0;
339 340
340 data_len = skb->len - hdrlen - CCMP_HDR_LEN; 341 data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN;
341 if (encrypted) 342 if (encrypted)
342 data_len -= CCMP_MIC_LEN; 343 data_len -= IEEE80211_CCMP_MIC_LEN;
343 344
344 /* First block, b_0 */ 345 /* First block, b_0 */
345 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */ 346 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
@@ -348,7 +349,7 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
348 */ 349 */
349 b_0[1] = qos_tid | (mgmt << 4); 350 b_0[1] = qos_tid | (mgmt << 4);
350 memcpy(&b_0[2], hdr->addr2, ETH_ALEN); 351 memcpy(&b_0[2], hdr->addr2, ETH_ALEN);
351 memcpy(&b_0[8], pn, CCMP_PN_LEN); 352 memcpy(&b_0[8], pn, IEEE80211_CCMP_PN_LEN);
352 /* l(m) */ 353 /* l(m) */
353 put_unaligned_be16(data_len, &b_0[14]); 354 put_unaligned_be16(data_len, &b_0[14]);
354 355
@@ -424,15 +425,16 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
424 if (info->control.hw_key) 425 if (info->control.hw_key)
425 tail = 0; 426 tail = 0;
426 else 427 else
427 tail = CCMP_MIC_LEN; 428 tail = IEEE80211_CCMP_MIC_LEN;
428 429
429 if (WARN_ON(skb_tailroom(skb) < tail || 430 if (WARN_ON(skb_tailroom(skb) < tail ||
430 skb_headroom(skb) < CCMP_HDR_LEN)) 431 skb_headroom(skb) < IEEE80211_CCMP_HDR_LEN))
431 return -1; 432 return -1;
432 433
433 pos = skb_push(skb, CCMP_HDR_LEN); 434 pos = skb_push(skb, IEEE80211_CCMP_HDR_LEN);
434 memmove(pos, pos + CCMP_HDR_LEN, hdrlen); 435 memmove(pos, pos + IEEE80211_CCMP_HDR_LEN, hdrlen);
435 skb_set_network_header(skb, skb_network_offset(skb) + CCMP_HDR_LEN); 436 skb_set_network_header(skb, skb_network_offset(skb) +
437 IEEE80211_CCMP_HDR_LEN);
436 438
437 /* the HW only needs room for the IV, but not the actual IV */ 439 /* the HW only needs room for the IV, but not the actual IV */
438 if (info->control.hw_key && 440 if (info->control.hw_key &&
@@ -457,10 +459,10 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
457 if (info->control.hw_key) 459 if (info->control.hw_key)
458 return 0; 460 return 0;
459 461
460 pos += CCMP_HDR_LEN; 462 pos += IEEE80211_CCMP_HDR_LEN;
461 ccmp_special_blocks(skb, pn, scratch, 0); 463 ccmp_special_blocks(skb, pn, scratch, 0);
462 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, scratch, pos, len, 464 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, scratch, pos, len,
463 pos, skb_put(skb, CCMP_MIC_LEN)); 465 pos, skb_put(skb, IEEE80211_CCMP_MIC_LEN));
464 466
465 return 0; 467 return 0;
466} 468}
@@ -490,7 +492,7 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
490 struct ieee80211_key *key = rx->key; 492 struct ieee80211_key *key = rx->key;
491 struct sk_buff *skb = rx->skb; 493 struct sk_buff *skb = rx->skb;
492 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); 494 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
493 u8 pn[CCMP_PN_LEN]; 495 u8 pn[IEEE80211_CCMP_PN_LEN];
494 int data_len; 496 int data_len;
495 int queue; 497 int queue;
496 498
@@ -500,12 +502,13 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
500 !ieee80211_is_robust_mgmt_frame(hdr)) 502 !ieee80211_is_robust_mgmt_frame(hdr))
501 return RX_CONTINUE; 503 return RX_CONTINUE;
502 504
503 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN; 505 data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN -
506 IEEE80211_CCMP_MIC_LEN;
504 if (!rx->sta || data_len < 0) 507 if (!rx->sta || data_len < 0)
505 return RX_DROP_UNUSABLE; 508 return RX_DROP_UNUSABLE;
506 509
507 if (status->flag & RX_FLAG_DECRYPTED) { 510 if (status->flag & RX_FLAG_DECRYPTED) {
508 if (!pskb_may_pull(rx->skb, hdrlen + CCMP_HDR_LEN)) 511 if (!pskb_may_pull(rx->skb, hdrlen + IEEE80211_CCMP_HDR_LEN))
509 return RX_DROP_UNUSABLE; 512 return RX_DROP_UNUSABLE;
510 } else { 513 } else {
511 if (skb_linearize(rx->skb)) 514 if (skb_linearize(rx->skb))
@@ -516,7 +519,7 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
516 519
517 queue = rx->security_idx; 520 queue = rx->security_idx;
518 521
519 if (memcmp(pn, key->u.ccmp.rx_pn[queue], CCMP_PN_LEN) <= 0) { 522 if (memcmp(pn, key->u.ccmp.rx_pn[queue], IEEE80211_CCMP_PN_LEN) <= 0) {
520 key->u.ccmp.replays++; 523 key->u.ccmp.replays++;
521 return RX_DROP_UNUSABLE; 524 return RX_DROP_UNUSABLE;
522 } 525 }
@@ -528,19 +531,20 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
528 531
529 if (ieee80211_aes_ccm_decrypt( 532 if (ieee80211_aes_ccm_decrypt(
530 key->u.ccmp.tfm, scratch, 533 key->u.ccmp.tfm, scratch,
531 skb->data + hdrlen + CCMP_HDR_LEN, data_len, 534 skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN,
532 skb->data + skb->len - CCMP_MIC_LEN, 535 data_len,
533 skb->data + hdrlen + CCMP_HDR_LEN)) 536 skb->data + skb->len - IEEE80211_CCMP_MIC_LEN,
537 skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN))
534 return RX_DROP_UNUSABLE; 538 return RX_DROP_UNUSABLE;
535 } 539 }
536 540
537 memcpy(key->u.ccmp.rx_pn[queue], pn, CCMP_PN_LEN); 541 memcpy(key->u.ccmp.rx_pn[queue], pn, IEEE80211_CCMP_PN_LEN);
538 542
539 /* Remove CCMP header and MIC */ 543 /* Remove CCMP header and MIC */
540 if (pskb_trim(skb, skb->len - CCMP_MIC_LEN)) 544 if (pskb_trim(skb, skb->len - IEEE80211_CCMP_MIC_LEN))
541 return RX_DROP_UNUSABLE; 545 return RX_DROP_UNUSABLE;
542 memmove(skb->data + CCMP_HDR_LEN, skb->data, hdrlen); 546 memmove(skb->data + IEEE80211_CCMP_HDR_LEN, skb->data, hdrlen);
543 skb_pull(skb, CCMP_HDR_LEN); 547 skb_pull(skb, IEEE80211_CCMP_HDR_LEN);
544 548
545 return RX_CONTINUE; 549 return RX_CONTINUE;
546} 550}
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-14 14:00:07 -0400