Update 2.6.36 to 2.6.36.4wip-dissipation2-jerickso

author: Jeremy Erickson <jerickso@cs.unc.edu> 2014-04-18 17:06:00 -0400
committer: Jeremy Erickson <jerickso@cs.unc.edu> 2014-04-18 17:06:00 -0400
commit: a215aa7b9ab3759c047201199fba64d3042d7f13 (patch)
tree: bca37493d9b2233450e6d3ffced1261d0e4f71fe /net/mac80211
parent: d31199a77ef606f1d06894385f1852181ba6136b (diff)
14 files changed, 104 insertions, 37 deletions
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
index 965b272499fd..2f6903e48dd9 100644
--- a/net/mac80211/agg-rx.c
+++ b/net/mac80211/agg-rx.c
@@ -172,8 +172,6 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
                                     struct ieee80211_mgmt *mgmt,
                                     size_t len)
 {
-        struct ieee80211_hw *hw = &local->hw;
-        struct ieee80211_conf *conf = &hw->conf;
        struct tid_ampdu_rx *tid_agg_rx;
        u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
        u8 dialog_token;
@@ -218,13 +216,8 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
                goto end_no_lock;
        }
        /* determine default buffer size */
-        if (buf_size == 0) {
+        if (buf_size == 0)
-                struct ieee80211_supported_band *sband;
+                buf_size = IEEE80211_MAX_AMPDU_BUF;
-                sband = local->hw.wiphy->bands[conf->channel->band];
-                buf_size = IEEE80211_MIN_AMPDU_BUF;
-                buf_size = buf_size << sband->ht_cap.ampdu_factor;
-        }
        /* examine state machine */
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 29ac8e1a509e..2095602dcc3a 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -634,6 +634,7 @@ static void sta_apply_parameters(struct ieee80211_local *local,
                                 struct sta_info *sta,
                                 struct station_parameters *params)
 {
+        unsigned long flags;
        u32 rates;
        int i, j;
        struct ieee80211_supported_band *sband;
@@ -642,7 +643,7 @@ static void sta_apply_parameters(struct ieee80211_local *local,
        sband = local->hw.wiphy->bands[local->oper_channel->band];
-        spin_lock_bh(&sta->lock);
+        spin_lock_irqsave(&sta->flaglock, flags);
        mask = params->sta_flags_mask;
        set = params->sta_flags_set;
@@ -669,7 +670,7 @@ static void sta_apply_parameters(struct ieee80211_local *local,
                if (set & BIT(NL80211_STA_FLAG_MFP))
                        sta->flags |= WLAN_STA_MFP;
        }
-        spin_unlock_bh(&sta->lock);
+        spin_unlock_irqrestore(&sta->flaglock, flags);
        /*
         * cfg80211 validates this (1-2007) and allows setting the AID
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index c691780725a7..45c99f096c7b 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -435,6 +435,7 @@ struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
        if (!sta)
                return NULL;
+        sta->last_rx = jiffies;
        set_sta_flags(sta, WLAN_STA_AUTHORIZED);
        /* make sure mandatory rates are always added */
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 65e0ed6c2975..3546054505ab 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -1003,6 +1003,8 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata);
 void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata);
 void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
                                  struct sk_buff *skb);
+void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata);
+void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata);
 /* IBSS code */
 void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local);
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 1b9d87ed143a..3f76484221a2 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -323,6 +323,12 @@ static void __ieee80211_key_destroy(struct ieee80211_key *key)
        if (!key)
                return;
+        /*
+         * Synchronize so the TX path can no longer be using
+         * this key before we free/remove it.
+         */
+        synchronize_rcu();
        if (key->local)
                ieee80211_key_disable_hw_accel(key);
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index ded5c3843e06..e8acdb2fb2ca 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -108,7 +108,8 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
                chan = scan_chan;
                channel_type = NL80211_CHAN_NO_HT;
                local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL;
-        } else if (local->tmp_channel) {
+        } else if (local->tmp_channel &&
+                   local->oper_channel != local->tmp_channel) {
                chan = scan_chan = local->tmp_channel;
                channel_type = local->tmp_channel_type;
                local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL;
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index ea13a80a476c..1c91f0f3c307 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -412,7 +412,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
        enum plink_event event;
        enum plink_frame_type ftype;
        size_t baselen;
-        bool deactivated;
+        bool deactivated, matches_local = true;
        u8 ie_len;
        u8 *baseaddr;
        __le16 plid, llid, reason;
@@ -487,6 +487,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
        /* Now we will figure out the appropriate event... */
        event = PLINK_UNDEFINED;
        if (ftype != PLINK_CLOSE && (!mesh_matches_local(&elems, sdata))) {
+                matches_local = false;
                switch (ftype) {
                case PLINK_OPEN:
                        event = OPN_RJCT;
@@ -498,7 +499,15 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
                        /* avoid warning */
                        break;
                }
-                spin_lock_bh(&sta->lock);
+        }
+        if (!sta && !matches_local) {
+                rcu_read_unlock();
+                reason = cpu_to_le16(MESH_CAPABILITY_POLICY_VIOLATION);
+                llid = 0;
+                mesh_plink_frame_tx(sdata, PLINK_CLOSE, mgmt->sa, llid,
+                                    plid, reason);
+                return;
        } else if (!sta) {
                /* ftype == PLINK_OPEN */
                u32 rates;
@@ -522,7 +531,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
                }
                event = OPN_ACPT;
                spin_lock_bh(&sta->lock);
-        } else {
+        } else if (matches_local) {
                spin_lock_bh(&sta->lock);
                switch (ftype) {
                case PLINK_OPEN:
@@ -564,6 +573,8 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
                        rcu_read_unlock();
                        return;
                }
+        } else {
+                spin_lock_bh(&sta->lock);
        }
        mpl_dbg("Mesh plink (peer, state, llid, plid, event): %pM %s %d %d %d\n",
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index b6c163ac22da..4c5eed9446f4 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -109,7 +109,7 @@ static void run_again(struct ieee80211_if_managed *ifmgd,
                mod_timer(&ifmgd->timer, timeout);
 }
-static void mod_beacon_timer(struct ieee80211_sub_if_data *sdata)
+void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata)
 {
        if (sdata->local->hw.flags & IEEE80211_HW_BEACON_FILTER)
                return;
@@ -118,6 +118,19 @@ static void mod_beacon_timer(struct ieee80211_sub_if_data *sdata)
                  round_jiffies_up(jiffies + IEEE80211_BEACON_LOSS_TIME));
 }
+void ieee80211_sta_reset_conn_monitor(struct ieee80211_sub_if_data *sdata)
+{
+        struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+        if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
+                return;
+        mod_timer(&sdata->u.mgd.conn_mon_timer,
+                  round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME));
+        ifmgd->probe_send_count = 0;
+}
 static int ecw2cw(int ecw)
 {
        return (1 << ecw) - 1;
@@ -1006,21 +1019,26 @@ void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
        if (is_multicast_ether_addr(hdr->addr1))
                return;
-        if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
+        ieee80211_sta_reset_conn_monitor(sdata);
-                return;
-        mod_timer(&sdata->u.mgd.conn_mon_timer,
-                  round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME));
 }
 static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
 {
        struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
        const u8 *ssid;
+        u8 *dst = ifmgd->associated->bssid;
+        u8 unicast_limit = max(1, IEEE80211_MAX_PROBE_TRIES - 3);
+        /*
+         * Try sending broadcast probe requests for the last three
+         * probe requests after the first ones failed since some
+         * buggy APs only support broadcast probe requests.
+         */
+        if (ifmgd->probe_send_count >= unicast_limit)
+                dst = NULL;
        ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID);
-        ieee80211_send_probe_req(sdata, ifmgd->associated->bssid,
+        ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid[1], NULL, 0);
-                                 ssid + 2, ssid[1], NULL, 0);
        ifmgd->probe_send_count++;
        ifmgd->probe_timeout = jiffies + IEEE80211_PROBE_WAIT;
@@ -1262,7 +1280,7 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
        rates = 0;
        basic_rates = 0;
-        sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
+        sband = local->hw.wiphy->bands[wk->chan->band];
        for (i = 0; i < elems.supp_rates_len; i++) {
                int rate = (elems.supp_rates[i] & 0x7f) * 5;
@@ -1298,11 +1316,11 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
                }
        }
-        sta->sta.supp_rates[local->hw.conf.channel->band] = rates;
+        sta->sta.supp_rates[wk->chan->band] = rates;
        sdata->vif.bss_conf.basic_rates = basic_rates;
        /* cf. IEEE 802.11 9.2.12 */
-        if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
+        if (wk->chan->band == IEEE80211_BAND_2GHZ &&
            have_higher_than_11mbit)
                sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
        else
@@ -1362,7 +1380,7 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
         * Also start the timer that will detect beacon loss.
         */
        ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt);
-        mod_beacon_timer(sdata);
+        ieee80211_sta_reset_beacon_monitor(sdata);
        return true;
 }
@@ -1465,7 +1483,7 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
                 * we have or will be receiving any beacons or data, so let's
                 * schedule the timers again, just in case.
                 */
-                mod_beacon_timer(sdata);
+                ieee80211_sta_reset_beacon_monitor(sdata);
                mod_timer(&ifmgd->conn_mon_timer,
                          round_jiffies_up(jiffies +
@@ -1540,7 +1558,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
        ifmgd->last_beacon_signal = rx_status->signal;
        if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) {
                ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE;
-                ifmgd->ave_beacon_signal = rx_status->signal;
+                ifmgd->ave_beacon_signal = rx_status->signal * 16;
                ifmgd->last_cqm_event_signal = 0;
        } else {
                ifmgd->ave_beacon_signal =
@@ -1588,7 +1606,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
         * Push the beacon loss detection into the future since
         * we are processing a beacon from the AP just now.
         */
-        mod_beacon_timer(sdata);
+        ieee80211_sta_reset_beacon_monitor(sdata);
        ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4);
        ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable,
diff --git a/net/mac80211/offchannel.c b/net/mac80211/offchannel.c
index c36b1911987a..cf5ee305785b 100644
--- a/net/mac80211/offchannel.c
+++ b/net/mac80211/offchannel.c
@@ -22,12 +22,16 @@
 static void ieee80211_offchannel_ps_enable(struct ieee80211_sub_if_data *sdata)
 {
        struct ieee80211_local *local = sdata->local;
+        struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
        local->offchannel_ps_enabled = false;
        /* FIXME: what to do when local->pspolling is true? */
        del_timer_sync(&local->dynamic_ps_timer);
+        del_timer_sync(&ifmgd->bcn_mon_timer);
+        del_timer_sync(&ifmgd->conn_mon_timer);
        cancel_work_sync(&local->dynamic_ps_enable_work);
        if (local->hw.conf.flags & IEEE80211_CONF_PS) {
@@ -85,6 +89,9 @@ static void ieee80211_offchannel_ps_disable(struct ieee80211_sub_if_data *sdata)
                mod_timer(&local->dynamic_ps_timer, jiffies +
                          msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
        }
+        ieee80211_sta_reset_beacon_monitor(sdata);
+        ieee80211_sta_reset_conn_monitor(sdata);
 }
 void ieee80211_offchannel_stop_beaconing(struct ieee80211_local *local)
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index be04d46110fe..82d5750a110a 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -328,6 +328,9 @@ void rate_control_get_rate(struct ieee80211_sub_if_data *sdata,
                 * if needed.
                 */
                for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
+                        /* Skip invalid rates */
+                        if (info->control.rates[i].idx < 0)
+                                break;
                        /* Rate masking supports only legacy rates for now */
                        if (info->control.rates[i].flags & IEEE80211_TX_RC_MCS)
                                continue;
diff --git a/net/mac80211/rc80211_minstrel_ht.c b/net/mac80211/rc80211_minstrel_ht.c
index c5b465904e3b..2a18d6602d4a 100644
--- a/net/mac80211/rc80211_minstrel_ht.c
+++ b/net/mac80211/rc80211_minstrel_ht.c
@@ -397,8 +397,9 @@ minstrel_ht_tx_status(void *priv, struct ieee80211_supported_band *sband,
            !(info->flags & IEEE80211_TX_STAT_AMPDU))
                return;
-        if (!info->status.ampdu_len) {
+        if (!(info->flags & IEEE80211_TX_STAT_AMPDU)) {
-                info->status.ampdu_ack_len = 1;
+                info->status.ampdu_ack_len =
+                        (info->flags & IEEE80211_TX_STAT_ACK ? 1 : 0);
                info->status.ampdu_len = 1;
        }
@@ -426,7 +427,7 @@ minstrel_ht_tx_status(void *priv, struct ieee80211_supported_band *sband,
                group = minstrel_ht_get_group_idx(&ar[i]);
                rate = &mi->groups[group].rates[ar[i].idx % 8];
-                if (last && (info->flags & IEEE80211_TX_STAT_ACK))
+                if (last)
                        rate->success += info->status.ampdu_ack_len;
                rate->attempts += ar[i].count * info->status.ampdu_len;
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 28624282c5f3..2bec9b9dba09 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -1715,6 +1715,8 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
                        if (!fwd_skb && net_ratelimit())
                                printk(KERN_DEBUG "%s: failed to clone mesh frame\n",
                                                   sdata->name);
+                        if (!fwd_skb)
+                                goto out;
                        fwd_hdr =  (struct ieee80211_hdr *) fwd_skb->data;
                        memcpy(fwd_hdr->addr2, sdata->vif.addr, ETH_ALEN);
@@ -1752,6 +1754,7 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
                }
        }
+ out:
        if (is_multicast_ether_addr(hdr->addr1) ||
            sdata->dev->flags & IFF_PROMISC)
                return RX_CONTINUE;
diff --git a/net/mac80211/status.c b/net/mac80211/status.c
index 34da67995d94..6ffa26a9de39 100644
--- a/net/mac80211/status.c
+++ b/net/mac80211/status.c
@@ -58,6 +58,7 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
        info->control.vif = &sta->sdata->vif;
        info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING |
                       IEEE80211_TX_INTFL_RETRANSMISSION;
+        info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS;
        sta->tx_filtered_count++;
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index c54db966926b..9d5af5dd0d98 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -1694,7 +1694,7 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
 {
        struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
        struct ieee80211_local *local = sdata->local;
-        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
+        struct ieee80211_tx_info *info;
        int ret = NETDEV_TX_BUSY, head_need;
        u16 ethertype, hdrlen,  meshhdrlen = 0;
        __le16 fc;
@@ -1705,15 +1705,13 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
        int nh_pos, h_pos;
        struct sta_info *sta = NULL;
        u32 sta_flags = 0;
+        struct sk_buff *tmp_skb;
        if (unlikely(skb->len < ETH_HLEN)) {
                ret = NETDEV_TX_OK;
                goto fail;
        }
-        nh_pos = skb_network_header(skb) - skb->data;
-        h_pos = skb_transport_header(skb) - skb->data;
        /* convert Ethernet header to proper 802.11 header (based on
         * operation mode) */
        ethertype = (skb->data[12] << 8) | skb->data[13];
@@ -1885,6 +1883,20 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
                goto fail;
        }
+        /*
+         * If the skb is shared we need to obtain our own copy.
+         */
+        if (skb_shared(skb)) {
+                tmp_skb = skb;
+                skb = skb_copy(skb, GFP_ATOMIC);
+                kfree_skb(tmp_skb);
+                if (!skb) {
+                        ret = NETDEV_TX_OK;
+                        goto fail;
+                }
+        }
        hdr.frame_control = fc;
        hdr.duration_id = 0;
        hdr.seq_ctrl = 0;
@@ -1903,6 +1915,9 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
                encaps_len = 0;
        }
+        nh_pos = skb_network_header(skb) - skb->data;
+        h_pos = skb_transport_header(skb) - skb->data;
        skb_pull(skb, skip_header_bytes);
        nh_pos -= skip_header_bytes;
        h_pos -= skip_header_bytes;
@@ -1969,6 +1984,7 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
        skb_set_network_header(skb, nh_pos);
        skb_set_transport_header(skb, h_pos);
+        info = IEEE80211_SKB_CB(skb);
        memset(info, 0, sizeof(*info));
        dev->trans_start = jiffies;
@@ -2160,6 +2176,9 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
        sdata = vif_to_sdata(vif);
+        if (!ieee80211_sdata_running(sdata))
+                goto out;
        if (tim_offset)
                *tim_offset = 0;
        if (tim_length)
author	Jeremy Erickson <jerickso@cs.unc.edu>	2014-04-18 17:06:00 -0400
committer	Jeremy Erickson <jerickso@cs.unc.edu>	2014-04-18 17:06:00 -0400
commit	a215aa7b9ab3759c047201199fba64d3042d7f13 (patch)
tree	bca37493d9b2233450e6d3ffced1261d0e4f71fe /net/mac80211
parent	d31199a77ef606f1d06894385f1852181ba6136b (diff)