aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2008-03-11 22:17:18 -0400
committerDavid S. Miller <davem@davemloft.net>2008-03-11 22:17:18 -0400
commitba73d4c84a7344f1b5635c2b4e96796e8c13a126 (patch)
treed4a3e2cfc5f3a046a2b9baa898f0c201c75ba898 /net
parentb8ad0cbc58f703972e9e37c4e2a8081dd7e6a551 (diff)
parentdeedf504302ff747985db081352e045ff7087a11 (diff)
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/linville/wireless-2.6.26
Diffstat (limited to 'net')
-rw-r--r--net/mac80211/Kconfig16
-rw-r--r--net/mac80211/Makefile6
-rw-r--r--net/mac80211/cfg.c360
-rw-r--r--net/mac80211/debugfs_netdev.c197
-rw-r--r--net/mac80211/debugfs_sta.c6
-rw-r--r--net/mac80211/debugfs_sta.h2
-rw-r--r--net/mac80211/ieee80211.c157
-rw-r--r--net/mac80211/ieee80211_i.h312
-rw-r--r--net/mac80211/ieee80211_iface.c36
-rw-r--r--net/mac80211/ieee80211_ioctl.c61
-rw-r--r--net/mac80211/ieee80211_rate.c8
-rw-r--r--net/mac80211/ieee80211_rate.h1
-rw-r--r--net/mac80211/ieee80211_sta.c579
-rw-r--r--net/mac80211/key.c18
-rw-r--r--net/mac80211/mesh.c449
-rw-r--r--net/mac80211/mesh.h290
-rw-r--r--net/mac80211/mesh_hwmp.c857
-rw-r--r--net/mac80211/mesh_pathtbl.c516
-rw-r--r--net/mac80211/mesh_plink.c761
-rw-r--r--net/mac80211/rc80211_pid_algo.c36
-rw-r--r--net/mac80211/rc80211_simple.c18
-rw-r--r--net/mac80211/rx.c309
-rw-r--r--net/mac80211/sta_info.c464
-rw-r--r--net/mac80211/sta_info.h232
-rw-r--r--net/mac80211/tx.c432
-rw-r--r--net/mac80211/util.c28
-rw-r--r--net/mac80211/wep.c24
-rw-r--r--net/mac80211/wep.h4
-rw-r--r--net/mac80211/wme.c8
-rw-r--r--net/mac80211/wpa.c80
-rw-r--r--net/mac80211/wpa.h12
-rw-r--r--net/wireless/nl80211.c438
32 files changed, 5773 insertions, 944 deletions
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index 45c7c0c3875e..3c3f62faae1e 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -81,6 +81,15 @@ config MAC80211_RC_SIMPLE
81 Say N unless you know what you are doing. 81 Say N unless you know what you are doing.
82endmenu 82endmenu
83 83
84config MAC80211_MESH
85 bool "Enable mac80211 mesh networking (pre-802.11s) support"
86 depends on MAC80211 && EXPERIMENTAL
87 ---help---
88 This options enables support of Draft 802.11s mesh networking.
89 The implementation is based on Draft 1.08 of the Mesh Networking
90 amendment. For more information visit http://o11s.org/.
91
92
84config MAC80211_LEDS 93config MAC80211_LEDS
85 bool "Enable LED triggers" 94 bool "Enable LED triggers"
86 depends on MAC80211 && LEDS_TRIGGERS 95 depends on MAC80211 && LEDS_TRIGGERS
@@ -166,3 +175,10 @@ config MAC80211_VERBOSE_PS_DEBUG
166 ---help--- 175 ---help---
167 Say Y here to print out verbose powersave 176 Say Y here to print out verbose powersave
168 mode debug messages. 177 mode debug messages.
178
179config MAC80211_VERBOSE_MPL_DEBUG
180 bool "Verbose mesh peer link debugging"
181 depends on MAC80211_DEBUG && MAC80211_MESH
182 ---help---
183 Say Y here to print out verbose mesh peer link
184 debug messages.
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 9d7a19581a29..829ce4256b76 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -36,6 +36,12 @@ mac80211-$(CONFIG_MAC80211_DEBUGFS) += \
36 debugfs_netdev.o \ 36 debugfs_netdev.o \
37 debugfs_key.o 37 debugfs_key.o
38 38
39mac80211-$(CONFIG_MAC80211_MESH) += \
40 mesh.o \
41 mesh_pathtbl.o \
42 mesh_plink.o \
43 mesh_hwmp.o
44
39 45
40# Build rate control algorithm(s) 46# Build rate control algorithm(s)
41CFLAGS_rc80211_simple.o += -DRC80211_SIMPLE_COMPILE 47CFLAGS_rc80211_simple.o += -DRC80211_SIMPLE_COMPILE
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index e7535ffc8e1c..6b183a3526b0 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -15,6 +15,7 @@
15#include "ieee80211_i.h" 15#include "ieee80211_i.h"
16#include "cfg.h" 16#include "cfg.h"
17#include "ieee80211_rate.h" 17#include "ieee80211_rate.h"
18#include "mesh.h"
18 19
19static enum ieee80211_if_types 20static enum ieee80211_if_types
20nl80211_type_to_mac80211_type(enum nl80211_iftype type) 21nl80211_type_to_mac80211_type(enum nl80211_iftype type)
@@ -28,13 +29,18 @@ nl80211_type_to_mac80211_type(enum nl80211_iftype type)
28 return IEEE80211_IF_TYPE_STA; 29 return IEEE80211_IF_TYPE_STA;
29 case NL80211_IFTYPE_MONITOR: 30 case NL80211_IFTYPE_MONITOR:
30 return IEEE80211_IF_TYPE_MNTR; 31 return IEEE80211_IF_TYPE_MNTR;
32#ifdef CONFIG_MAC80211_MESH
33 case NL80211_IFTYPE_MESH_POINT:
34 return IEEE80211_IF_TYPE_MESH_POINT;
35#endif
31 default: 36 default:
32 return IEEE80211_IF_TYPE_INVALID; 37 return IEEE80211_IF_TYPE_INVALID;
33 } 38 }
34} 39}
35 40
36static int ieee80211_add_iface(struct wiphy *wiphy, char *name, 41static int ieee80211_add_iface(struct wiphy *wiphy, char *name,
37 enum nl80211_iftype type, u32 *flags) 42 enum nl80211_iftype type, u32 *flags,
43 struct vif_params *params)
38{ 44{
39 struct ieee80211_local *local = wiphy_priv(wiphy); 45 struct ieee80211_local *local = wiphy_priv(wiphy);
40 enum ieee80211_if_types itype; 46 enum ieee80211_if_types itype;
@@ -49,7 +55,7 @@ static int ieee80211_add_iface(struct wiphy *wiphy, char *name,
49 if (itype == IEEE80211_IF_TYPE_INVALID) 55 if (itype == IEEE80211_IF_TYPE_INVALID)
50 return -EINVAL; 56 return -EINVAL;
51 57
52 err = ieee80211_if_add(local->mdev, name, &dev, itype); 58 err = ieee80211_if_add(local->mdev, name, &dev, itype, params);
53 if (err || itype != IEEE80211_IF_TYPE_MNTR || !flags) 59 if (err || itype != IEEE80211_IF_TYPE_MNTR || !flags)
54 return err; 60 return err;
55 61
@@ -78,7 +84,8 @@ static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex)
78} 84}
79 85
80static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex, 86static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex,
81 enum nl80211_iftype type, u32 *flags) 87 enum nl80211_iftype type, u32 *flags,
88 struct vif_params *params)
82{ 89{
83 struct ieee80211_local *local = wiphy_priv(wiphy); 90 struct ieee80211_local *local = wiphy_priv(wiphy);
84 struct net_device *dev; 91 struct net_device *dev;
@@ -108,6 +115,11 @@ static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex,
108 ieee80211_if_reinit(dev); 115 ieee80211_if_reinit(dev);
109 ieee80211_if_set_type(dev, itype); 116 ieee80211_if_set_type(dev, itype);
110 117
118 if (ieee80211_vif_is_mesh(&sdata->vif) && params->mesh_id_len)
119 ieee80211_if_sta_set_mesh_id(&sdata->u.sta,
120 params->mesh_id_len,
121 params->mesh_id);
122
111 if (sdata->vif.type != IEEE80211_IF_TYPE_MNTR || !flags) 123 if (sdata->vif.type != IEEE80211_IF_TYPE_MNTR || !flags)
112 return 0; 124 return 0;
113 125
@@ -122,7 +134,6 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
122 struct ieee80211_sub_if_data *sdata; 134 struct ieee80211_sub_if_data *sdata;
123 struct sta_info *sta = NULL; 135 struct sta_info *sta = NULL;
124 enum ieee80211_key_alg alg; 136 enum ieee80211_key_alg alg;
125 int ret;
126 struct ieee80211_key *key; 137 struct ieee80211_key *key;
127 138
128 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 139 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
@@ -156,12 +167,7 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
156 167
157 ieee80211_key_link(key, sdata, sta); 168 ieee80211_key_link(key, sdata, sta);
158 169
159 ret = 0; 170 return 0;
160
161 if (sta)
162 sta_info_put(sta);
163
164 return ret;
165} 171}
166 172
167static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev, 173static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
@@ -170,7 +176,6 @@ static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
170 struct ieee80211_sub_if_data *sdata; 176 struct ieee80211_sub_if_data *sdata;
171 struct sta_info *sta; 177 struct sta_info *sta;
172 int ret; 178 int ret;
173 struct ieee80211_key *key;
174 179
175 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 180 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
176 181
@@ -181,21 +186,18 @@ static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
181 186
182 ret = 0; 187 ret = 0;
183 if (sta->key) { 188 if (sta->key) {
184 key = sta->key; 189 ieee80211_key_free(sta->key);
185 ieee80211_key_free(key);
186 WARN_ON(sta->key); 190 WARN_ON(sta->key);
187 } else 191 } else
188 ret = -ENOENT; 192 ret = -ENOENT;
189 193
190 sta_info_put(sta);
191 return ret; 194 return ret;
192 } 195 }
193 196
194 if (!sdata->keys[key_idx]) 197 if (!sdata->keys[key_idx])
195 return -ENOENT; 198 return -ENOENT;
196 199
197 key = sdata->keys[key_idx]; 200 ieee80211_key_free(sdata->keys[key_idx]);
198 ieee80211_key_free(key);
199 WARN_ON(sdata->keys[key_idx]); 201 WARN_ON(sdata->keys[key_idx]);
200 202
201 return 0; 203 return 0;
@@ -278,8 +280,6 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
278 err = 0; 280 err = 0;
279 281
280 out: 282 out:
281 if (sta)
282 sta_info_put(sta);
283 return err; 283 return err;
284} 284}
285 285
@@ -295,29 +295,73 @@ static int ieee80211_config_default_key(struct wiphy *wiphy,
295 return 0; 295 return 0;
296} 296}
297 297
298static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
299{
300 struct ieee80211_sub_if_data *sdata = sta->sdata;
301
302 sinfo->filled = STATION_INFO_INACTIVE_TIME |
303 STATION_INFO_RX_BYTES |
304 STATION_INFO_TX_BYTES;
305
306 sinfo->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx);
307 sinfo->rx_bytes = sta->rx_bytes;
308 sinfo->tx_bytes = sta->tx_bytes;
309
310 if (ieee80211_vif_is_mesh(&sdata->vif)) {
311#ifdef CONFIG_MAC80211_MESH
312 sinfo->filled |= STATION_INFO_LLID |
313 STATION_INFO_PLID |
314 STATION_INFO_PLINK_STATE;
315
316 sinfo->llid = le16_to_cpu(sta->llid);
317 sinfo->plid = le16_to_cpu(sta->plid);
318 sinfo->plink_state = sta->plink_state;
319#endif
320 }
321}
322
323
324static int ieee80211_dump_station(struct wiphy *wiphy, struct net_device *dev,
325 int idx, u8 *mac, struct station_info *sinfo)
326{
327 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
328 struct sta_info *sta;
329 int ret = -ENOENT;
330
331 rcu_read_lock();
332
333 sta = sta_info_get_by_idx(local, idx, dev);
334 if (sta) {
335 ret = 0;
336 memcpy(mac, sta->addr, ETH_ALEN);
337 sta_set_sinfo(sta, sinfo);
338 }
339
340 rcu_read_unlock();
341
342 return ret;
343}
344
298static int ieee80211_get_station(struct wiphy *wiphy, struct net_device *dev, 345static int ieee80211_get_station(struct wiphy *wiphy, struct net_device *dev,
299 u8 *mac, struct station_stats *stats) 346 u8 *mac, struct station_info *sinfo)
300{ 347{
301 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 348 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
302 struct sta_info *sta; 349 struct sta_info *sta;
350 int ret = -ENOENT;
303 351
304 sta = sta_info_get(local, mac); 352 rcu_read_lock();
305 if (!sta)
306 return -ENOENT;
307 353
308 /* XXX: verify sta->dev == dev */ 354 /* XXX: verify sta->dev == dev */
309 355
310 stats->filled = STATION_STAT_INACTIVE_TIME | 356 sta = sta_info_get(local, mac);
311 STATION_STAT_RX_BYTES | 357 if (sta) {
312 STATION_STAT_TX_BYTES; 358 ret = 0;
313 359 sta_set_sinfo(sta, sinfo);
314 stats->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx); 360 }
315 stats->rx_bytes = sta->rx_bytes;
316 stats->tx_bytes = sta->tx_bytes;
317 361
318 sta_info_put(sta); 362 rcu_read_unlock();
319 363
320 return 0; 364 return ret;
321} 365}
322 366
323/* 367/*
@@ -510,8 +554,8 @@ static void ieee80211_send_layer2_update(struct sta_info *sta)
510 msg->xid_info[1] = 1; /* LLC types/classes: Type 1 LLC */ 554 msg->xid_info[1] = 1; /* LLC types/classes: Type 1 LLC */
511 msg->xid_info[2] = 0; /* XID sender's receive window size (RW) */ 555 msg->xid_info[2] = 0; /* XID sender's receive window size (RW) */
512 556
513 skb->dev = sta->dev; 557 skb->dev = sta->sdata->dev;
514 skb->protocol = eth_type_trans(skb, sta->dev); 558 skb->protocol = eth_type_trans(skb, sta->sdata->dev);
515 memset(skb->cb, 0, sizeof(skb->cb)); 559 memset(skb->cb, 0, sizeof(skb->cb));
516 netif_rx(skb); 560 netif_rx(skb);
517} 561}
@@ -523,6 +567,13 @@ static void sta_apply_parameters(struct ieee80211_local *local,
523 u32 rates; 567 u32 rates;
524 int i, j; 568 int i, j;
525 struct ieee80211_supported_band *sband; 569 struct ieee80211_supported_band *sband;
570 struct ieee80211_sub_if_data *sdata = sta->sdata;
571
572 /*
573 * FIXME: updating the flags is racy when this function is
574 * called from ieee80211_change_station(), this will
575 * be resolved in a future patch.
576 */
526 577
527 if (params->station_flags & STATION_FLAG_CHANGED) { 578 if (params->station_flags & STATION_FLAG_CHANGED) {
528 sta->flags &= ~WLAN_STA_AUTHORIZED; 579 sta->flags &= ~WLAN_STA_AUTHORIZED;
@@ -538,6 +589,13 @@ static void sta_apply_parameters(struct ieee80211_local *local,
538 sta->flags |= WLAN_STA_WME; 589 sta->flags |= WLAN_STA_WME;
539 } 590 }
540 591
592 /*
593 * FIXME: updating the following information is racy when this
594 * function is called from ieee80211_change_station().
595 * However, all this information should be static so
596 * maybe we should just reject attemps to change it.
597 */
598
541 if (params->aid) { 599 if (params->aid) {
542 sta->aid = params->aid; 600 sta->aid = params->aid;
543 if (sta->aid > IEEE80211_MAX_AID) 601 if (sta->aid > IEEE80211_MAX_AID)
@@ -560,6 +618,17 @@ static void sta_apply_parameters(struct ieee80211_local *local,
560 } 618 }
561 sta->supp_rates[local->oper_channel->band] = rates; 619 sta->supp_rates[local->oper_channel->band] = rates;
562 } 620 }
621
622 if (ieee80211_vif_is_mesh(&sdata->vif) && params->plink_action) {
623 switch (params->plink_action) {
624 case PLINK_ACTION_OPEN:
625 mesh_plink_open(sta);
626 break;
627 case PLINK_ACTION_BLOCK:
628 mesh_plink_block(sta);
629 break;
630 }
631 }
563} 632}
564 633
565static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev, 634static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
@@ -568,6 +637,7 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
568 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 637 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
569 struct sta_info *sta; 638 struct sta_info *sta;
570 struct ieee80211_sub_if_data *sdata; 639 struct ieee80211_sub_if_data *sdata;
640 int err;
571 641
572 /* Prevent a race with changing the rate control algorithm */ 642 /* Prevent a race with changing the rate control algorithm */
573 if (!netif_running(dev)) 643 if (!netif_running(dev))
@@ -582,14 +652,15 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
582 } else 652 } else
583 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 653 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
584 654
585 sta = sta_info_add(local, dev, mac, GFP_KERNEL); 655 if (compare_ether_addr(mac, dev->dev_addr) == 0)
586 if (IS_ERR(sta)) 656 return -EINVAL;
587 return PTR_ERR(sta);
588 657
589 sta->dev = sdata->dev; 658 if (is_multicast_ether_addr(mac))
590 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN || 659 return -EINVAL;
591 sdata->vif.type == IEEE80211_IF_TYPE_AP) 660
592 ieee80211_send_layer2_update(sta); 661 sta = sta_info_alloc(sdata, mac, GFP_KERNEL);
662 if (!sta)
663 return -ENOMEM;
593 664
594 sta->flags = WLAN_STA_AUTH | WLAN_STA_ASSOC; 665 sta->flags = WLAN_STA_AUTH | WLAN_STA_ASSOC;
595 666
@@ -597,7 +668,20 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
597 668
598 rate_control_rate_init(sta, local); 669 rate_control_rate_init(sta, local);
599 670
600 sta_info_put(sta); 671 rcu_read_lock();
672
673 err = sta_info_insert(sta);
674 if (err) {
675 sta_info_destroy(sta);
676 rcu_read_unlock();
677 return err;
678 }
679
680 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN ||
681 sdata->vif.type == IEEE80211_IF_TYPE_AP)
682 ieee80211_send_layer2_update(sta);
683
684 rcu_read_unlock();
601 685
602 return 0; 686 return 0;
603} 687}
@@ -605,7 +689,8 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
605static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev, 689static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
606 u8 *mac) 690 u8 *mac)
607{ 691{
608 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 692 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
693 struct ieee80211_local *local = sdata->local;
609 struct sta_info *sta; 694 struct sta_info *sta;
610 695
611 if (mac) { 696 if (mac) {
@@ -614,10 +699,14 @@ static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
614 if (!sta) 699 if (!sta)
615 return -ENOENT; 700 return -ENOENT;
616 701
617 sta_info_free(sta); 702 sta_info_unlink(&sta);
618 sta_info_put(sta); 703
704 if (sta) {
705 synchronize_rcu();
706 sta_info_destroy(sta);
707 }
619 } else 708 } else
620 sta_info_flush(local, dev); 709 sta_info_flush(local, sdata);
621 710
622 return 0; 711 return 0;
623} 712}
@@ -636,23 +725,190 @@ static int ieee80211_change_station(struct wiphy *wiphy,
636 if (!sta) 725 if (!sta)
637 return -ENOENT; 726 return -ENOENT;
638 727
639 if (params->vlan && params->vlan != sta->dev) { 728 if (params->vlan && params->vlan != sta->sdata->dev) {
640 vlansdata = IEEE80211_DEV_TO_SUB_IF(params->vlan); 729 vlansdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
641 730
642 if (vlansdata->vif.type != IEEE80211_IF_TYPE_VLAN || 731 if (vlansdata->vif.type != IEEE80211_IF_TYPE_VLAN ||
643 vlansdata->vif.type != IEEE80211_IF_TYPE_AP) 732 vlansdata->vif.type != IEEE80211_IF_TYPE_AP)
644 return -EINVAL; 733 return -EINVAL;
645 734
646 sta->dev = params->vlan; 735 sta->sdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
647 ieee80211_send_layer2_update(sta); 736 ieee80211_send_layer2_update(sta);
648 } 737 }
649 738
650 sta_apply_parameters(local, sta, params); 739 sta_apply_parameters(local, sta, params);
651 740
652 sta_info_put(sta); 741 return 0;
742}
653 743
744#ifdef CONFIG_MAC80211_MESH
745static int ieee80211_add_mpath(struct wiphy *wiphy, struct net_device *dev,
746 u8 *dst, u8 *next_hop)
747{
748 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
749 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
750 struct mesh_path *mpath;
751 struct sta_info *sta;
752 int err;
753
754 if (!netif_running(dev))
755 return -ENETDOWN;
756
757 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
758 return -ENOTSUPP;
759
760 rcu_read_lock();
761 sta = sta_info_get(local, next_hop);
762 if (!sta) {
763 rcu_read_unlock();
764 return -ENOENT;
765 }
766
767 err = mesh_path_add(dst, dev);
768 if (err) {
769 rcu_read_unlock();
770 return err;
771 }
772
773 mpath = mesh_path_lookup(dst, dev);
774 if (!mpath) {
775 rcu_read_unlock();
776 return -ENXIO;
777 }
778 mesh_path_fix_nexthop(mpath, sta);
779
780 rcu_read_unlock();
781 return 0;
782}
783
784static int ieee80211_del_mpath(struct wiphy *wiphy, struct net_device *dev,
785 u8 *dst)
786{
787 if (dst)
788 return mesh_path_del(dst, dev);
789
790 mesh_path_flush(dev);
791 return 0;
792}
793
794static int ieee80211_change_mpath(struct wiphy *wiphy,
795 struct net_device *dev,
796 u8 *dst, u8 *next_hop)
797{
798 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
799 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
800 struct mesh_path *mpath;
801 struct sta_info *sta;
802
803 if (!netif_running(dev))
804 return -ENETDOWN;
805
806 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
807 return -ENOTSUPP;
808
809 rcu_read_lock();
810
811 sta = sta_info_get(local, next_hop);
812 if (!sta) {
813 rcu_read_unlock();
814 return -ENOENT;
815 }
816
817 mpath = mesh_path_lookup(dst, dev);
818 if (!mpath) {
819 rcu_read_unlock();
820 return -ENOENT;
821 }
822
823 mesh_path_fix_nexthop(mpath, sta);
824
825 rcu_read_unlock();
826 return 0;
827}
828
829static void mpath_set_pinfo(struct mesh_path *mpath, u8 *next_hop,
830 struct mpath_info *pinfo)
831{
832 if (mpath->next_hop)
833 memcpy(next_hop, mpath->next_hop->addr, ETH_ALEN);
834 else
835 memset(next_hop, 0, ETH_ALEN);
836
837 pinfo->filled = MPATH_INFO_FRAME_QLEN |
838 MPATH_INFO_DSN |
839 MPATH_INFO_METRIC |
840 MPATH_INFO_EXPTIME |
841 MPATH_INFO_DISCOVERY_TIMEOUT |
842 MPATH_INFO_DISCOVERY_RETRIES |
843 MPATH_INFO_FLAGS;
844
845 pinfo->frame_qlen = mpath->frame_queue.qlen;
846 pinfo->dsn = mpath->dsn;
847 pinfo->metric = mpath->metric;
848 if (time_before(jiffies, mpath->exp_time))
849 pinfo->exptime = jiffies_to_msecs(mpath->exp_time - jiffies);
850 pinfo->discovery_timeout =
851 jiffies_to_msecs(mpath->discovery_timeout);
852 pinfo->discovery_retries = mpath->discovery_retries;
853 pinfo->flags = 0;
854 if (mpath->flags & MESH_PATH_ACTIVE)
855 pinfo->flags |= NL80211_MPATH_FLAG_ACTIVE;
856 if (mpath->flags & MESH_PATH_RESOLVING)
857 pinfo->flags |= NL80211_MPATH_FLAG_RESOLVING;
858 if (mpath->flags & MESH_PATH_DSN_VALID)
859 pinfo->flags |= NL80211_MPATH_FLAG_DSN_VALID;
860 if (mpath->flags & MESH_PATH_FIXED)
861 pinfo->flags |= NL80211_MPATH_FLAG_FIXED;
862 if (mpath->flags & MESH_PATH_RESOLVING)
863 pinfo->flags |= NL80211_MPATH_FLAG_RESOLVING;
864
865 pinfo->flags = mpath->flags;
866}
867
868static int ieee80211_get_mpath(struct wiphy *wiphy, struct net_device *dev,
869 u8 *dst, u8 *next_hop, struct mpath_info *pinfo)
870
871{
872 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
873 struct mesh_path *mpath;
874
875 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
876 return -ENOTSUPP;
877
878 rcu_read_lock();
879 mpath = mesh_path_lookup(dst, dev);
880 if (!mpath) {
881 rcu_read_unlock();
882 return -ENOENT;
883 }
884 memcpy(dst, mpath->dst, ETH_ALEN);
885 mpath_set_pinfo(mpath, next_hop, pinfo);
886 rcu_read_unlock();
887 return 0;
888}
889
890static int ieee80211_dump_mpath(struct wiphy *wiphy, struct net_device *dev,
891 int idx, u8 *dst, u8 *next_hop,
892 struct mpath_info *pinfo)
893{
894 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
895 struct mesh_path *mpath;
896
897 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
898 return -ENOTSUPP;
899
900 rcu_read_lock();
901 mpath = mesh_path_lookup_by_idx(idx, dev);
902 if (!mpath) {
903 rcu_read_unlock();
904 return -ENOENT;
905 }
906 memcpy(dst, mpath->dst, ETH_ALEN);
907 mpath_set_pinfo(mpath, next_hop, pinfo);
908 rcu_read_unlock();
654 return 0; 909 return 0;
655} 910}
911#endif
656 912
657struct cfg80211_ops mac80211_config_ops = { 913struct cfg80211_ops mac80211_config_ops = {
658 .add_virtual_intf = ieee80211_add_iface, 914 .add_virtual_intf = ieee80211_add_iface,
@@ -669,4 +925,12 @@ struct cfg80211_ops mac80211_config_ops = {
669 .del_station = ieee80211_del_station, 925 .del_station = ieee80211_del_station,
670 .change_station = ieee80211_change_station, 926 .change_station = ieee80211_change_station,
671 .get_station = ieee80211_get_station, 927 .get_station = ieee80211_get_station,
928 .dump_station = ieee80211_dump_station,
929#ifdef CONFIG_MAC80211_MESH
930 .add_mpath = ieee80211_add_mpath,
931 .del_mpath = ieee80211_del_mpath,
932 .change_mpath = ieee80211_change_mpath,
933 .get_mpath = ieee80211_get_mpath,
934 .dump_mpath = ieee80211_dump_mpath,
935#endif
672}; 936};
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index 29f7b98ba1fb..107b0fe778d6 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -39,6 +39,29 @@ static ssize_t ieee80211_if_read(
39 return ret; 39 return ret;
40} 40}
41 41
42#ifdef CONFIG_MAC80211_MESH
43static ssize_t ieee80211_if_write(
44 struct ieee80211_sub_if_data *sdata,
45 char const __user *userbuf,
46 size_t count, loff_t *ppos,
47 int (*format)(struct ieee80211_sub_if_data *, char *))
48{
49 char buf[10];
50 int buf_size;
51
52 memset(buf, 0x00, sizeof(buf));
53 buf_size = min(count, (sizeof(buf)-1));
54 read_lock(&dev_base_lock);
55 if (copy_from_user(buf, userbuf, buf_size))
56 goto endwrite;
57 if (sdata->dev->reg_state == NETREG_REGISTERED)
58 (*format)(sdata, buf);
59endwrite:
60 read_unlock(&dev_base_lock);
61 return count;
62}
63#endif
64
42#define IEEE80211_IF_FMT(name, field, format_string) \ 65#define IEEE80211_IF_FMT(name, field, format_string) \
43static ssize_t ieee80211_if_fmt_##name( \ 66static ssize_t ieee80211_if_fmt_##name( \
44 const struct ieee80211_sub_if_data *sdata, char *buf, \ 67 const struct ieee80211_sub_if_data *sdata, char *buf, \
@@ -46,6 +69,19 @@ static ssize_t ieee80211_if_fmt_##name( \
46{ \ 69{ \
47 return scnprintf(buf, buflen, format_string, sdata->field); \ 70 return scnprintf(buf, buflen, format_string, sdata->field); \
48} 71}
72#define IEEE80211_IF_WFMT(name, field, type) \
73static int ieee80211_if_wfmt_##name( \
74 struct ieee80211_sub_if_data *sdata, char *buf) \
75{ \
76 unsigned long tmp; \
77 char *endp; \
78 \
79 tmp = simple_strtoul(buf, &endp, 0); \
80 if ((endp == buf) || ((type)tmp != tmp)) \
81 return -EINVAL; \
82 sdata->field = tmp; \
83 return 0; \
84}
49#define IEEE80211_IF_FMT_DEC(name, field) \ 85#define IEEE80211_IF_FMT_DEC(name, field) \
50 IEEE80211_IF_FMT(name, field, "%d\n") 86 IEEE80211_IF_FMT(name, field, "%d\n")
51#define IEEE80211_IF_FMT_HEX(name, field) \ 87#define IEEE80211_IF_FMT_HEX(name, field) \
@@ -88,6 +124,34 @@ static const struct file_operations name##_ops = { \
88 IEEE80211_IF_FMT_##format(name, field) \ 124 IEEE80211_IF_FMT_##format(name, field) \
89 __IEEE80211_IF_FILE(name) 125 __IEEE80211_IF_FILE(name)
90 126
127#define __IEEE80211_IF_WFILE(name) \
128static ssize_t ieee80211_if_read_##name(struct file *file, \
129 char __user *userbuf, \
130 size_t count, loff_t *ppos) \
131{ \
132 return ieee80211_if_read(file->private_data, \
133 userbuf, count, ppos, \
134 ieee80211_if_fmt_##name); \
135} \
136static ssize_t ieee80211_if_write_##name(struct file *file, \
137 const char __user *userbuf, \
138 size_t count, loff_t *ppos) \
139{ \
140 return ieee80211_if_write(file->private_data, \
141 userbuf, count, ppos, \
142 ieee80211_if_wfmt_##name); \
143} \
144static const struct file_operations name##_ops = { \
145 .read = ieee80211_if_read_##name, \
146 .write = ieee80211_if_write_##name, \
147 .open = mac80211_open_file_generic, \
148}
149
150#define IEEE80211_IF_WFILE(name, field, format, type) \
151 IEEE80211_IF_FMT_##format(name, field) \
152 IEEE80211_IF_WFMT(name, field, type) \
153 __IEEE80211_IF_WFILE(name)
154
91/* common attributes */ 155/* common attributes */
92IEEE80211_IF_FILE(channel_use, channel_use, DEC); 156IEEE80211_IF_FILE(channel_use, channel_use, DEC);
93IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC); 157IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
@@ -106,6 +170,7 @@ IEEE80211_IF_FILE(assoc_tries, u.sta.assoc_tries, DEC);
106IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX); 170IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX);
107IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC); 171IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC);
108IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC); 172IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC);
173IEEE80211_IF_FILE(num_beacons_sta, u.sta.num_beacons, DEC);
109 174
110static ssize_t ieee80211_if_fmt_flags( 175static ssize_t ieee80211_if_fmt_flags(
111 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen) 176 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
@@ -139,6 +204,42 @@ __IEEE80211_IF_FILE(num_buffered_multicast);
139/* WDS attributes */ 204/* WDS attributes */
140IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC); 205IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC);
141 206
207#ifdef CONFIG_MAC80211_MESH
208/* Mesh stats attributes */
209IEEE80211_IF_FILE(fwded_frames, u.sta.mshstats.fwded_frames, DEC);
210IEEE80211_IF_FILE(dropped_frames_ttl, u.sta.mshstats.dropped_frames_ttl, DEC);
211IEEE80211_IF_FILE(dropped_frames_no_route,
212 u.sta.mshstats.dropped_frames_no_route, DEC);
213IEEE80211_IF_FILE(estab_plinks, u.sta.mshstats.estab_plinks, ATOMIC);
214
215/* Mesh parameters */
216IEEE80211_IF_WFILE(dot11MeshMaxRetries,
217 u.sta.mshcfg.dot11MeshMaxRetries, DEC, u8);
218IEEE80211_IF_WFILE(dot11MeshRetryTimeout,
219 u.sta.mshcfg.dot11MeshRetryTimeout, DEC, u16);
220IEEE80211_IF_WFILE(dot11MeshConfirmTimeout,
221 u.sta.mshcfg.dot11MeshConfirmTimeout, DEC, u16);
222IEEE80211_IF_WFILE(dot11MeshHoldingTimeout,
223 u.sta.mshcfg.dot11MeshHoldingTimeout, DEC, u16);
224IEEE80211_IF_WFILE(dot11MeshTTL, u.sta.mshcfg.dot11MeshTTL, DEC, u8);
225IEEE80211_IF_WFILE(auto_open_plinks, u.sta.mshcfg.auto_open_plinks, DEC, bool);
226IEEE80211_IF_WFILE(dot11MeshMaxPeerLinks,
227 u.sta.mshcfg.dot11MeshMaxPeerLinks, DEC, u16);
228IEEE80211_IF_WFILE(dot11MeshHWMPactivePathTimeout,
229 u.sta.mshcfg.dot11MeshHWMPactivePathTimeout, DEC, u32);
230IEEE80211_IF_WFILE(dot11MeshHWMPpreqMinInterval,
231 u.sta.mshcfg.dot11MeshHWMPpreqMinInterval, DEC, u16);
232IEEE80211_IF_WFILE(dot11MeshHWMPnetDiameterTraversalTime,
233 u.sta.mshcfg.dot11MeshHWMPnetDiameterTraversalTime, DEC, u16);
234IEEE80211_IF_WFILE(dot11MeshHWMPmaxPREQretries,
235 u.sta.mshcfg.dot11MeshHWMPmaxPREQretries, DEC, u8);
236IEEE80211_IF_WFILE(path_refresh_time,
237 u.sta.mshcfg.path_refresh_time, DEC, u32);
238IEEE80211_IF_WFILE(min_discovery_timeout,
239 u.sta.mshcfg.min_discovery_timeout, DEC, u16);
240#endif
241
242
142#define DEBUGFS_ADD(name, type)\ 243#define DEBUGFS_ADD(name, type)\
143 sdata->debugfs.type.name = debugfs_create_file(#name, 0444,\ 244 sdata->debugfs.type.name = debugfs_create_file(#name, 0444,\
144 sdata->debugfsdir, sdata, &name##_ops); 245 sdata->debugfsdir, sdata, &name##_ops);
@@ -161,6 +262,7 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
161 DEBUGFS_ADD(auth_alg, sta); 262 DEBUGFS_ADD(auth_alg, sta);
162 DEBUGFS_ADD(auth_transaction, sta); 263 DEBUGFS_ADD(auth_transaction, sta);
163 DEBUGFS_ADD(flags, sta); 264 DEBUGFS_ADD(flags, sta);
265 DEBUGFS_ADD(num_beacons_sta, sta);
164} 266}
165 267
166static void add_ap_files(struct ieee80211_sub_if_data *sdata) 268static void add_ap_files(struct ieee80211_sub_if_data *sdata)
@@ -192,12 +294,57 @@ static void add_monitor_files(struct ieee80211_sub_if_data *sdata)
192{ 294{
193} 295}
194 296
297#ifdef CONFIG_MAC80211_MESH
298#define MESHSTATS_ADD(name)\
299 sdata->mesh_stats.name = debugfs_create_file(#name, 0444,\
300 sdata->mesh_stats_dir, sdata, &name##_ops);
301
302static void add_mesh_stats(struct ieee80211_sub_if_data *sdata)
303{
304 sdata->mesh_stats_dir = debugfs_create_dir("mesh_stats",
305 sdata->debugfsdir);
306 MESHSTATS_ADD(fwded_frames);
307 MESHSTATS_ADD(dropped_frames_ttl);
308 MESHSTATS_ADD(dropped_frames_no_route);
309 MESHSTATS_ADD(estab_plinks);
310}
311
312#define MESHPARAMS_ADD(name)\
313 sdata->mesh_config.name = debugfs_create_file(#name, 0644,\
314 sdata->mesh_config_dir, sdata, &name##_ops);
315
316static void add_mesh_config(struct ieee80211_sub_if_data *sdata)
317{
318 sdata->mesh_config_dir = debugfs_create_dir("mesh_config",
319 sdata->debugfsdir);
320 MESHPARAMS_ADD(dot11MeshMaxRetries);
321 MESHPARAMS_ADD(dot11MeshRetryTimeout);
322 MESHPARAMS_ADD(dot11MeshConfirmTimeout);
323 MESHPARAMS_ADD(dot11MeshHoldingTimeout);
324 MESHPARAMS_ADD(dot11MeshTTL);
325 MESHPARAMS_ADD(auto_open_plinks);
326 MESHPARAMS_ADD(dot11MeshMaxPeerLinks);
327 MESHPARAMS_ADD(dot11MeshHWMPactivePathTimeout);
328 MESHPARAMS_ADD(dot11MeshHWMPpreqMinInterval);
329 MESHPARAMS_ADD(dot11MeshHWMPnetDiameterTraversalTime);
330 MESHPARAMS_ADD(dot11MeshHWMPmaxPREQretries);
331 MESHPARAMS_ADD(path_refresh_time);
332 MESHPARAMS_ADD(min_discovery_timeout);
333}
334#endif
335
195static void add_files(struct ieee80211_sub_if_data *sdata) 336static void add_files(struct ieee80211_sub_if_data *sdata)
196{ 337{
197 if (!sdata->debugfsdir) 338 if (!sdata->debugfsdir)
198 return; 339 return;
199 340
200 switch (sdata->vif.type) { 341 switch (sdata->vif.type) {
342 case IEEE80211_IF_TYPE_MESH_POINT:
343#ifdef CONFIG_MAC80211_MESH
344 add_mesh_stats(sdata);
345 add_mesh_config(sdata);
346#endif
347 /* fall through */
201 case IEEE80211_IF_TYPE_STA: 348 case IEEE80211_IF_TYPE_STA:
202 case IEEE80211_IF_TYPE_IBSS: 349 case IEEE80211_IF_TYPE_IBSS:
203 add_sta_files(sdata); 350 add_sta_files(sdata);
@@ -243,6 +390,7 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
243 DEBUGFS_DEL(auth_alg, sta); 390 DEBUGFS_DEL(auth_alg, sta);
244 DEBUGFS_DEL(auth_transaction, sta); 391 DEBUGFS_DEL(auth_transaction, sta);
245 DEBUGFS_DEL(flags, sta); 392 DEBUGFS_DEL(flags, sta);
393 DEBUGFS_DEL(num_beacons_sta, sta);
246} 394}
247 395
248static void del_ap_files(struct ieee80211_sub_if_data *sdata) 396static void del_ap_files(struct ieee80211_sub_if_data *sdata)
@@ -274,12 +422,61 @@ static void del_monitor_files(struct ieee80211_sub_if_data *sdata)
274{ 422{
275} 423}
276 424
425#ifdef CONFIG_MAC80211_MESH
426#define MESHSTATS_DEL(name) \
427 do { \
428 debugfs_remove(sdata->mesh_stats.name); \
429 sdata->mesh_stats.name = NULL; \
430 } while (0)
431
432static void del_mesh_stats(struct ieee80211_sub_if_data *sdata)
433{
434 MESHSTATS_DEL(fwded_frames);
435 MESHSTATS_DEL(dropped_frames_ttl);
436 MESHSTATS_DEL(dropped_frames_no_route);
437 MESHSTATS_DEL(estab_plinks);
438 debugfs_remove(sdata->mesh_stats_dir);
439 sdata->mesh_stats_dir = NULL;
440}
441
442#define MESHPARAMS_DEL(name) \
443 do { \
444 debugfs_remove(sdata->mesh_config.name); \
445 sdata->mesh_config.name = NULL; \
446 } while (0)
447
448static void del_mesh_config(struct ieee80211_sub_if_data *sdata)
449{
450 MESHPARAMS_DEL(dot11MeshMaxRetries);
451 MESHPARAMS_DEL(dot11MeshRetryTimeout);
452 MESHPARAMS_DEL(dot11MeshConfirmTimeout);
453 MESHPARAMS_DEL(dot11MeshHoldingTimeout);
454 MESHPARAMS_DEL(dot11MeshTTL);
455 MESHPARAMS_DEL(auto_open_plinks);
456 MESHPARAMS_DEL(dot11MeshMaxPeerLinks);
457 MESHPARAMS_DEL(dot11MeshHWMPactivePathTimeout);
458 MESHPARAMS_DEL(dot11MeshHWMPpreqMinInterval);
459 MESHPARAMS_DEL(dot11MeshHWMPnetDiameterTraversalTime);
460 MESHPARAMS_DEL(dot11MeshHWMPmaxPREQretries);
461 MESHPARAMS_DEL(path_refresh_time);
462 MESHPARAMS_DEL(min_discovery_timeout);
463 debugfs_remove(sdata->mesh_config_dir);
464 sdata->mesh_config_dir = NULL;
465}
466#endif
467
277static void del_files(struct ieee80211_sub_if_data *sdata, int type) 468static void del_files(struct ieee80211_sub_if_data *sdata, int type)
278{ 469{
279 if (!sdata->debugfsdir) 470 if (!sdata->debugfsdir)
280 return; 471 return;
281 472
282 switch (type) { 473 switch (type) {
474 case IEEE80211_IF_TYPE_MESH_POINT:
475#ifdef CONFIG_MAC80211_MESH
476 del_mesh_stats(sdata);
477 del_mesh_config(sdata);
478#endif
479 /* fall through */
283 case IEEE80211_IF_TYPE_STA: 480 case IEEE80211_IF_TYPE_STA:
284 case IEEE80211_IF_TYPE_IBSS: 481 case IEEE80211_IF_TYPE_IBSS:
285 del_sta_files(sdata); 482 del_sta_files(sdata);
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index ed7c9f3b4602..fc2c1a192ed2 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -51,7 +51,7 @@ static const struct file_operations sta_ ##name## _ops = { \
51 STA_OPS(name) 51 STA_OPS(name)
52 52
53STA_FILE(aid, aid, D); 53STA_FILE(aid, aid, D);
54STA_FILE(dev, dev->name, S); 54STA_FILE(dev, sdata->dev->name, S);
55STA_FILE(rx_packets, rx_packets, LU); 55STA_FILE(rx_packets, rx_packets, LU);
56STA_FILE(tx_packets, tx_packets, LU); 56STA_FILE(tx_packets, tx_packets, LU);
57STA_FILE(rx_bytes, rx_bytes, LU); 57STA_FILE(rx_bytes, rx_bytes, LU);
@@ -67,7 +67,7 @@ STA_FILE(last_rssi, last_rssi, D);
67STA_FILE(last_signal, last_signal, D); 67STA_FILE(last_signal, last_signal, D);
68STA_FILE(last_noise, last_noise, D); 68STA_FILE(last_noise, last_noise, D);
69STA_FILE(channel_use, channel_use, D); 69STA_FILE(channel_use, channel_use, D);
70STA_FILE(wep_weak_iv_count, wep_weak_iv_count, D); 70STA_FILE(wep_weak_iv_count, wep_weak_iv_count, LU);
71 71
72static ssize_t sta_flags_read(struct file *file, char __user *userbuf, 72static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
73 size_t count, loff_t *ppos) 73 size_t count, loff_t *ppos)
@@ -200,7 +200,7 @@ static ssize_t sta_agg_status_write(struct file *file,
200 const char __user *user_buf, size_t count, loff_t *ppos) 200 const char __user *user_buf, size_t count, loff_t *ppos)
201{ 201{
202 struct sta_info *sta = file->private_data; 202 struct sta_info *sta = file->private_data;
203 struct net_device *dev = sta->dev; 203 struct net_device *dev = sta->sdata->dev;
204 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 204 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
205 struct ieee80211_hw *hw = &local->hw; 205 struct ieee80211_hw *hw = &local->hw;
206 u8 *da = sta->addr; 206 u8 *da = sta->addr;
diff --git a/net/mac80211/debugfs_sta.h b/net/mac80211/debugfs_sta.h
index 574a1cd54b96..8b608903259f 100644
--- a/net/mac80211/debugfs_sta.h
+++ b/net/mac80211/debugfs_sta.h
@@ -1,6 +1,8 @@
1#ifndef __MAC80211_DEBUGFS_STA_H 1#ifndef __MAC80211_DEBUGFS_STA_H
2#define __MAC80211_DEBUGFS_STA_H 2#define __MAC80211_DEBUGFS_STA_H
3 3
4#include "sta_info.h"
5
4#ifdef CONFIG_MAC80211_DEBUGFS 6#ifdef CONFIG_MAC80211_DEBUGFS
5void ieee80211_sta_debugfs_add(struct sta_info *sta); 7void ieee80211_sta_debugfs_add(struct sta_info *sta);
6void ieee80211_sta_debugfs_remove(struct sta_info *sta); 8void ieee80211_sta_debugfs_remove(struct sta_info *sta);
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c
index 2133c9fd27a4..484b063a3538 100644
--- a/net/mac80211/ieee80211.c
+++ b/net/mac80211/ieee80211.c
@@ -26,6 +26,7 @@
26 26
27#include "ieee80211_i.h" 27#include "ieee80211_i.h"
28#include "ieee80211_rate.h" 28#include "ieee80211_rate.h"
29#include "mesh.h"
29#include "wep.h" 30#include "wep.h"
30#include "wme.h" 31#include "wme.h"
31#include "aes_ccm.h" 32#include "aes_ccm.h"
@@ -138,9 +139,15 @@ static void ieee80211_master_set_multicast_list(struct net_device *dev)
138 139
139static int ieee80211_change_mtu(struct net_device *dev, int new_mtu) 140static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
140{ 141{
142 int meshhdrlen;
143 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
144
145 meshhdrlen = (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT) ? 5 : 0;
146
141 /* FIX: what would be proper limits for MTU? 147 /* FIX: what would be proper limits for MTU?
142 * This interface uses 802.3 frames. */ 148 * This interface uses 802.3 frames. */
143 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6) { 149 if (new_mtu < 256 ||
150 new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6 - meshhdrlen) {
144 printk(KERN_WARNING "%s: invalid MTU %d\n", 151 printk(KERN_WARNING "%s: invalid MTU %d\n",
145 dev->name, new_mtu); 152 dev->name, new_mtu);
146 return -EINVAL; 153 return -EINVAL;
@@ -176,6 +183,7 @@ static int ieee80211_open(struct net_device *dev)
176 struct ieee80211_if_init_conf conf; 183 struct ieee80211_if_init_conf conf;
177 int res; 184 int res;
178 bool need_hw_reconfig = 0; 185 bool need_hw_reconfig = 0;
186 struct sta_info *sta;
179 187
180 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 188 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
181 189
@@ -249,6 +257,20 @@ static int ieee80211_open(struct net_device *dev)
249 case IEEE80211_IF_TYPE_WDS: 257 case IEEE80211_IF_TYPE_WDS:
250 if (is_zero_ether_addr(sdata->u.wds.remote_addr)) 258 if (is_zero_ether_addr(sdata->u.wds.remote_addr))
251 return -ENOLINK; 259 return -ENOLINK;
260
261 /* Create STA entry for the WDS peer */
262 sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
263 GFP_KERNEL);
264 if (!sta)
265 return -ENOMEM;
266
267 sta->flags |= WLAN_STA_AUTHORIZED;
268
269 res = sta_info_insert(sta);
270 if (res) {
271 sta_info_destroy(sta);
272 return res;
273 }
252 break; 274 break;
253 case IEEE80211_IF_TYPE_VLAN: 275 case IEEE80211_IF_TYPE_VLAN:
254 if (!sdata->u.vlan.ap) 276 if (!sdata->u.vlan.ap)
@@ -258,6 +280,7 @@ static int ieee80211_open(struct net_device *dev)
258 case IEEE80211_IF_TYPE_STA: 280 case IEEE80211_IF_TYPE_STA:
259 case IEEE80211_IF_TYPE_MNTR: 281 case IEEE80211_IF_TYPE_MNTR:
260 case IEEE80211_IF_TYPE_IBSS: 282 case IEEE80211_IF_TYPE_IBSS:
283 case IEEE80211_IF_TYPE_MESH_POINT:
261 /* no special treatment */ 284 /* no special treatment */
262 break; 285 break;
263 case IEEE80211_IF_TYPE_INVALID: 286 case IEEE80211_IF_TYPE_INVALID:
@@ -359,24 +382,51 @@ static int ieee80211_open(struct net_device *dev)
359 382
360static int ieee80211_stop(struct net_device *dev) 383static int ieee80211_stop(struct net_device *dev)
361{ 384{
362 struct ieee80211_sub_if_data *sdata; 385 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
363 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 386 struct ieee80211_local *local = sdata->local;
364 struct ieee80211_if_init_conf conf; 387 struct ieee80211_if_init_conf conf;
365 struct sta_info *sta; 388 struct sta_info *sta;
366 int i; 389 int i;
367 390
368 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 391 /*
392 * Stop TX on this interface first.
393 */
394 netif_stop_queue(dev);
369 395
370 list_for_each_entry(sta, &local->sta_list, list) { 396 /*
371 if (sta->dev == dev) 397 * Now delete all active aggregation sessions.
398 */
399 rcu_read_lock();
400
401 list_for_each_entry_rcu(sta, &local->sta_list, list) {
402 if (sta->sdata == sdata)
372 for (i = 0; i < STA_TID_NUM; i++) 403 for (i = 0; i < STA_TID_NUM; i++)
373 ieee80211_sta_stop_rx_ba_session(sta->dev, 404 ieee80211_sta_stop_rx_ba_session(sdata->dev,
374 sta->addr, i, 405 sta->addr, i,
375 WLAN_BACK_RECIPIENT, 406 WLAN_BACK_RECIPIENT,
376 WLAN_REASON_QSTA_LEAVE_QBSS); 407 WLAN_REASON_QSTA_LEAVE_QBSS);
377 } 408 }
378 409
379 netif_stop_queue(dev); 410 rcu_read_unlock();
411
412 /*
413 * Remove all stations associated with this interface.
414 *
415 * This must be done before calling ops->remove_interface()
416 * because otherwise we can later invoke ops->sta_notify()
417 * whenever the STAs are removed, and that invalidates driver
418 * assumptions about always getting a vif pointer that is valid
419 * (because if we remove a STA after ops->remove_interface()
420 * the driver will have removed the vif info already!)
421 *
422 * We could relax this and only unlink the stations from the
423 * hash table and list but keep them on a per-sdata list that
424 * will be inserted back again when the interface is brought
425 * up again, but I don't currently see a use case for that,
426 * except with WDS which gets a STA entry created when it is
427 * brought up.
428 */
429 sta_info_flush(local, sdata);
380 430
381 /* 431 /*
382 * Don't count this interface for promisc/allmulti while it 432 * Don't count this interface for promisc/allmulti while it
@@ -440,6 +490,7 @@ static int ieee80211_stop(struct net_device *dev)
440 ieee80211_configure_filter(local); 490 ieee80211_configure_filter(local);
441 netif_tx_unlock_bh(local->mdev); 491 netif_tx_unlock_bh(local->mdev);
442 break; 492 break;
493 case IEEE80211_IF_TYPE_MESH_POINT:
443 case IEEE80211_IF_TYPE_STA: 494 case IEEE80211_IF_TYPE_STA:
444 case IEEE80211_IF_TYPE_IBSS: 495 case IEEE80211_IF_TYPE_IBSS:
445 sdata->u.sta.state = IEEE80211_DISABLED; 496 sdata->u.sta.state = IEEE80211_DISABLED;
@@ -511,9 +562,12 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
511 print_mac(mac, ra), tid); 562 print_mac(mac, ra), tid);
512#endif /* CONFIG_MAC80211_HT_DEBUG */ 563#endif /* CONFIG_MAC80211_HT_DEBUG */
513 564
565 rcu_read_lock();
566
514 sta = sta_info_get(local, ra); 567 sta = sta_info_get(local, ra);
515 if (!sta) { 568 if (!sta) {
516 printk(KERN_DEBUG "Could not find the station\n"); 569 printk(KERN_DEBUG "Could not find the station\n");
570 rcu_read_unlock();
517 return -ENOENT; 571 return -ENOENT;
518 } 572 }
519 573
@@ -553,7 +607,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
553 spin_unlock_bh(&local->mdev->queue_lock); 607 spin_unlock_bh(&local->mdev->queue_lock);
554 goto start_ba_exit; 608 goto start_ba_exit;
555 } 609 }
556 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 610 sdata = sta->sdata;
557 611
558 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the 612 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
559 * call back right away, it must see that the flow has begun */ 613 * call back right away, it must see that the flow has begun */
@@ -590,7 +644,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
590 sta->ampdu_mlme.dialog_token_allocator; 644 sta->ampdu_mlme.dialog_token_allocator;
591 sta->ampdu_mlme.tid_tx[tid].ssn = start_seq_num; 645 sta->ampdu_mlme.tid_tx[tid].ssn = start_seq_num;
592 646
593 ieee80211_send_addba_request(sta->dev, ra, tid, 647 ieee80211_send_addba_request(sta->sdata->dev, ra, tid,
594 sta->ampdu_mlme.tid_tx[tid].dialog_token, 648 sta->ampdu_mlme.tid_tx[tid].dialog_token,
595 sta->ampdu_mlme.tid_tx[tid].ssn, 649 sta->ampdu_mlme.tid_tx[tid].ssn,
596 0x40, 5000); 650 0x40, 5000);
@@ -603,7 +657,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
603 657
604start_ba_exit: 658start_ba_exit:
605 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 659 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
606 sta_info_put(sta); 660 rcu_read_unlock();
607 return ret; 661 return ret;
608} 662}
609EXPORT_SYMBOL(ieee80211_start_tx_ba_session); 663EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
@@ -626,9 +680,12 @@ int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
626 print_mac(mac, ra), tid); 680 print_mac(mac, ra), tid);
627#endif /* CONFIG_MAC80211_HT_DEBUG */ 681#endif /* CONFIG_MAC80211_HT_DEBUG */
628 682
683 rcu_read_lock();
629 sta = sta_info_get(local, ra); 684 sta = sta_info_get(local, ra);
630 if (!sta) 685 if (!sta) {
686 rcu_read_unlock();
631 return -ENOENT; 687 return -ENOENT;
688 }
632 689
633 /* check if the TID is in aggregation */ 690 /* check if the TID is in aggregation */
634 state = &sta->ampdu_mlme.tid_tx[tid].state; 691 state = &sta->ampdu_mlme.tid_tx[tid].state;
@@ -662,7 +719,7 @@ int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
662 719
663stop_BA_exit: 720stop_BA_exit:
664 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 721 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
665 sta_info_put(sta); 722 rcu_read_unlock();
666 return ret; 723 return ret;
667} 724}
668EXPORT_SYMBOL(ieee80211_stop_tx_ba_session); 725EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
@@ -680,8 +737,10 @@ void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
680 return; 737 return;
681 } 738 }
682 739
740 rcu_read_lock();
683 sta = sta_info_get(local, ra); 741 sta = sta_info_get(local, ra);
684 if (!sta) { 742 if (!sta) {
743 rcu_read_unlock();
685 printk(KERN_DEBUG "Could not find station: %s\n", 744 printk(KERN_DEBUG "Could not find station: %s\n",
686 print_mac(mac, ra)); 745 print_mac(mac, ra));
687 return; 746 return;
@@ -694,7 +753,7 @@ void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
694 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n", 753 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
695 *state); 754 *state);
696 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 755 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
697 sta_info_put(sta); 756 rcu_read_unlock();
698 return; 757 return;
699 } 758 }
700 759
@@ -707,7 +766,7 @@ void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
707 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]); 766 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
708 } 767 }
709 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 768 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
710 sta_info_put(sta); 769 rcu_read_unlock();
711} 770}
712EXPORT_SYMBOL(ieee80211_start_tx_ba_cb); 771EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
713 772
@@ -728,10 +787,12 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
728 printk(KERN_DEBUG "Stop a BA session requested on DA %s tid %d\n", 787 printk(KERN_DEBUG "Stop a BA session requested on DA %s tid %d\n",
729 print_mac(mac, ra), tid); 788 print_mac(mac, ra), tid);
730 789
790 rcu_read_lock();
731 sta = sta_info_get(local, ra); 791 sta = sta_info_get(local, ra);
732 if (!sta) { 792 if (!sta) {
733 printk(KERN_DEBUG "Could not find station: %s\n", 793 printk(KERN_DEBUG "Could not find station: %s\n",
734 print_mac(mac, ra)); 794 print_mac(mac, ra));
795 rcu_read_unlock();
735 return; 796 return;
736 } 797 }
737 state = &sta->ampdu_mlme.tid_tx[tid].state; 798 state = &sta->ampdu_mlme.tid_tx[tid].state;
@@ -739,13 +800,13 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
739 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 800 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
740 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) { 801 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
741 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n"); 802 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
742 sta_info_put(sta);
743 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 803 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
804 rcu_read_unlock();
744 return; 805 return;
745 } 806 }
746 807
747 if (*state & HT_AGG_STATE_INITIATOR_MSK) 808 if (*state & HT_AGG_STATE_INITIATOR_MSK)
748 ieee80211_send_delba(sta->dev, ra, tid, 809 ieee80211_send_delba(sta->sdata->dev, ra, tid,
749 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE); 810 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
750 811
751 agg_queue = sta->tid_to_tx_q[tid]; 812 agg_queue = sta->tid_to_tx_q[tid];
@@ -766,7 +827,7 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
766 sta->ampdu_mlme.tid_tx[tid].addba_req_num = 0; 827 sta->ampdu_mlme.tid_tx[tid].addba_req_num = 0;
767 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 828 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
768 829
769 sta_info_put(sta); 830 rcu_read_unlock();
770} 831}
771EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb); 832EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
772 833
@@ -867,44 +928,6 @@ void ieee80211_if_setup(struct net_device *dev)
867 dev->destructor = ieee80211_if_free; 928 dev->destructor = ieee80211_if_free;
868} 929}
869 930
870/* WDS specialties */
871
872int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr)
873{
874 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
875 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
876 struct sta_info *sta;
877 DECLARE_MAC_BUF(mac);
878
879 if (compare_ether_addr(remote_addr, sdata->u.wds.remote_addr) == 0)
880 return 0;
881
882 /* Create STA entry for the new peer */
883 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL);
884 if (IS_ERR(sta))
885 return PTR_ERR(sta);
886
887 sta->flags |= WLAN_STA_AUTHORIZED;
888
889 sta_info_put(sta);
890
891 /* Remove STA entry for the old peer */
892 sta = sta_info_get(local, sdata->u.wds.remote_addr);
893 if (sta) {
894 sta_info_free(sta);
895 sta_info_put(sta);
896 } else {
897 printk(KERN_DEBUG "%s: could not find STA entry for WDS link "
898 "peer %s\n",
899 dev->name, print_mac(mac, sdata->u.wds.remote_addr));
900 }
901
902 /* Update WDS link data */
903 memcpy(&sdata->u.wds.remote_addr, remote_addr, ETH_ALEN);
904
905 return 0;
906}
907
908/* everything else */ 931/* everything else */
909 932
910static int __ieee80211_if_config(struct net_device *dev, 933static int __ieee80211_if_config(struct net_device *dev,
@@ -925,6 +948,9 @@ static int __ieee80211_if_config(struct net_device *dev,
925 conf.bssid = sdata->u.sta.bssid; 948 conf.bssid = sdata->u.sta.bssid;
926 conf.ssid = sdata->u.sta.ssid; 949 conf.ssid = sdata->u.sta.ssid;
927 conf.ssid_len = sdata->u.sta.ssid_len; 950 conf.ssid_len = sdata->u.sta.ssid_len;
951 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
952 conf.beacon = beacon;
953 ieee80211_start_mesh(dev);
928 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) { 954 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
929 conf.ssid = sdata->u.ap.ssid; 955 conf.ssid = sdata->u.ap.ssid;
930 conf.ssid_len = sdata->u.ap.ssid_len; 956 conf.ssid_len = sdata->u.ap.ssid_len;
@@ -937,6 +963,11 @@ static int __ieee80211_if_config(struct net_device *dev,
937 963
938int ieee80211_if_config(struct net_device *dev) 964int ieee80211_if_config(struct net_device *dev)
939{ 965{
966 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
967 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
968 if (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT &&
969 (local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
970 return ieee80211_if_config_beacon(dev);
940 return __ieee80211_if_config(dev, NULL, NULL); 971 return __ieee80211_if_config(dev, NULL, NULL);
941} 972}
942 973
@@ -1311,6 +1342,8 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1311 return; 1342 return;
1312 } 1343 }
1313 1344
1345 rcu_read_lock();
1346
1314 if (status->excessive_retries) { 1347 if (status->excessive_retries) {
1315 struct sta_info *sta; 1348 struct sta_info *sta;
1316 sta = sta_info_get(local, hdr->addr1); 1349 sta = sta_info_get(local, hdr->addr1);
@@ -1324,10 +1357,9 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1324 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED; 1357 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
1325 ieee80211_handle_filtered_frame(local, sta, 1358 ieee80211_handle_filtered_frame(local, sta,
1326 skb, status); 1359 skb, status);
1327 sta_info_put(sta); 1360 rcu_read_unlock();
1328 return; 1361 return;
1329 } 1362 }
1330 sta_info_put(sta);
1331 } 1363 }
1332 } 1364 }
1333 1365
@@ -1337,12 +1369,14 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1337 if (sta) { 1369 if (sta) {
1338 ieee80211_handle_filtered_frame(local, sta, skb, 1370 ieee80211_handle_filtered_frame(local, sta, skb,
1339 status); 1371 status);
1340 sta_info_put(sta); 1372 rcu_read_unlock();
1341 return; 1373 return;
1342 } 1374 }
1343 } else 1375 } else
1344 rate_control_tx_status(local->mdev, skb, status); 1376 rate_control_tx_status(local->mdev, skb, status);
1345 1377
1378 rcu_read_unlock();
1379
1346 ieee80211_led_tx(local, 0); 1380 ieee80211_led_tx(local, 0);
1347 1381
1348 /* SNMP counters 1382 /* SNMP counters
@@ -1662,7 +1696,7 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1662 1696
1663 /* add one default STA interface */ 1697 /* add one default STA interface */
1664 result = ieee80211_if_add(local->mdev, "wlan%d", NULL, 1698 result = ieee80211_if_add(local->mdev, "wlan%d", NULL,
1665 IEEE80211_IF_TYPE_STA); 1699 IEEE80211_IF_TYPE_STA, NULL);
1666 if (result) 1700 if (result)
1667 printk(KERN_WARNING "%s: Failed to add default virtual iface\n", 1701 printk(KERN_WARNING "%s: Failed to add default virtual iface\n",
1668 wiphy_name(local->hw.wiphy)); 1702 wiphy_name(local->hw.wiphy));
@@ -1801,6 +1835,9 @@ static void __exit ieee80211_exit(void)
1801 rc80211_simple_exit(); 1835 rc80211_simple_exit();
1802 rc80211_pid_exit(); 1836 rc80211_pid_exit();
1803 1837
1838 if (mesh_allocated)
1839 ieee80211s_stop();
1840
1804 ieee80211_wme_unregister(); 1841 ieee80211_wme_unregister();
1805 ieee80211_debugfs_netdev_exit(); 1842 ieee80211_debugfs_netdev_exit();
1806} 1843}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index b07b3cbfd039..7f10ff5d4a0b 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -90,6 +90,11 @@ struct ieee80211_sta_bss {
90 size_t wmm_ie_len; 90 size_t wmm_ie_len;
91 u8 *ht_ie; 91 u8 *ht_ie;
92 size_t ht_ie_len; 92 size_t ht_ie_len;
93#ifdef CONFIG_MAC80211_MESH
94 u8 *mesh_id;
95 size_t mesh_id_len;
96 u8 *mesh_cfg;
97#endif
93#define IEEE80211_MAX_SUPP_RATES 32 98#define IEEE80211_MAX_SUPP_RATES 32
94 u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; 99 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
95 size_t supp_rates_len; 100 size_t supp_rates_len;
@@ -107,32 +112,81 @@ struct ieee80211_sta_bss {
107 u8 erp_value; 112 u8 erp_value;
108}; 113};
109 114
115static inline u8 *bss_mesh_cfg(struct ieee80211_sta_bss *bss)
116{
117#ifdef CONFIG_MAC80211_MESH
118 return bss->mesh_cfg;
119#endif
120 return NULL;
121}
122
123static inline u8 *bss_mesh_id(struct ieee80211_sta_bss *bss)
124{
125#ifdef CONFIG_MAC80211_MESH
126 return bss->mesh_id;
127#endif
128 return NULL;
129}
130
131static inline u8 bss_mesh_id_len(struct ieee80211_sta_bss *bss)
132{
133#ifdef CONFIG_MAC80211_MESH
134 return bss->mesh_id_len;
135#endif
136 return 0;
137}
138
110 139
111typedef unsigned __bitwise__ ieee80211_tx_result; 140typedef unsigned __bitwise__ ieee80211_tx_result;
112#define TX_CONTINUE ((__force ieee80211_tx_result) 0u) 141#define TX_CONTINUE ((__force ieee80211_tx_result) 0u)
113#define TX_DROP ((__force ieee80211_tx_result) 1u) 142#define TX_DROP ((__force ieee80211_tx_result) 1u)
114#define TX_QUEUED ((__force ieee80211_tx_result) 2u) 143#define TX_QUEUED ((__force ieee80211_tx_result) 2u)
115 144
145#define IEEE80211_TX_FRAGMENTED BIT(0)
146#define IEEE80211_TX_UNICAST BIT(1)
147#define IEEE80211_TX_PS_BUFFERED BIT(2)
148#define IEEE80211_TX_PROBE_LAST_FRAG BIT(3)
149#define IEEE80211_TX_INJECTED BIT(4)
150
151struct ieee80211_tx_data {
152 struct sk_buff *skb;
153 struct net_device *dev;
154 struct ieee80211_local *local;
155 struct ieee80211_sub_if_data *sdata;
156 struct sta_info *sta;
157 u16 fc, ethertype;
158 struct ieee80211_key *key;
159 unsigned int flags;
160
161 struct ieee80211_tx_control *control;
162 struct ieee80211_channel *channel;
163 struct ieee80211_rate *rate;
164 /* use this rate (if set) for last fragment; rate can
165 * be set to lower rate for the first fragments, e.g.,
166 * when using CTS protection with IEEE 802.11g. */
167 struct ieee80211_rate *last_frag_rate;
168
169 /* Extra fragments (in addition to the first fragment
170 * in skb) */
171 int num_extra_frag;
172 struct sk_buff **extra_frag;
173};
174
175
116typedef unsigned __bitwise__ ieee80211_rx_result; 176typedef unsigned __bitwise__ ieee80211_rx_result;
117#define RX_CONTINUE ((__force ieee80211_rx_result) 0u) 177#define RX_CONTINUE ((__force ieee80211_rx_result) 0u)
118#define RX_DROP_UNUSABLE ((__force ieee80211_rx_result) 1u) 178#define RX_DROP_UNUSABLE ((__force ieee80211_rx_result) 1u)
119#define RX_DROP_MONITOR ((__force ieee80211_rx_result) 2u) 179#define RX_DROP_MONITOR ((__force ieee80211_rx_result) 2u)
120#define RX_QUEUED ((__force ieee80211_rx_result) 3u) 180#define RX_QUEUED ((__force ieee80211_rx_result) 3u)
121 181
122 182#define IEEE80211_RX_IN_SCAN BIT(0)
123/* flags used in struct ieee80211_txrx_data.flags */
124/* whether the MSDU was fragmented */
125#define IEEE80211_TXRXD_FRAGMENTED BIT(0)
126#define IEEE80211_TXRXD_TXUNICAST BIT(1)
127#define IEEE80211_TXRXD_TXPS_BUFFERED BIT(2)
128#define IEEE80211_TXRXD_TXPROBE_LAST_FRAG BIT(3)
129#define IEEE80211_TXRXD_RXIN_SCAN BIT(4)
130/* frame is destined to interface currently processed (incl. multicast frames) */ 183/* frame is destined to interface currently processed (incl. multicast frames) */
131#define IEEE80211_TXRXD_RXRA_MATCH BIT(5) 184#define IEEE80211_RX_RA_MATCH BIT(1)
132#define IEEE80211_TXRXD_TX_INJECTED BIT(6) 185#define IEEE80211_RX_AMSDU BIT(2)
133#define IEEE80211_TXRXD_RX_AMSDU BIT(7) 186#define IEEE80211_RX_CMNTR_REPORTED BIT(3)
134#define IEEE80211_TXRXD_RX_CMNTR_REPORTED BIT(8) 187#define IEEE80211_RX_FRAGMENTED BIT(4)
135struct ieee80211_txrx_data { 188
189struct ieee80211_rx_data {
136 struct sk_buff *skb; 190 struct sk_buff *skb;
137 struct net_device *dev; 191 struct net_device *dev;
138 struct ieee80211_local *local; 192 struct ieee80211_local *local;
@@ -141,31 +195,14 @@ struct ieee80211_txrx_data {
141 u16 fc, ethertype; 195 u16 fc, ethertype;
142 struct ieee80211_key *key; 196 struct ieee80211_key *key;
143 unsigned int flags; 197 unsigned int flags;
144 union { 198
145 struct { 199 struct ieee80211_rx_status *status;
146 struct ieee80211_tx_control *control; 200 struct ieee80211_rate *rate;
147 struct ieee80211_channel *channel; 201 int sent_ps_buffered;
148 struct ieee80211_rate *rate; 202 int queue;
149 /* use this rate (if set) for last fragment; rate can 203 int load;
150 * be set to lower rate for the first fragments, e.g., 204 u32 tkip_iv32;
151 * when using CTS protection with IEEE 802.11g. */ 205 u16 tkip_iv16;
152 struct ieee80211_rate *last_frag_rate;
153
154 /* Extra fragments (in addition to the first fragment
155 * in skb) */
156 int num_extra_frag;
157 struct sk_buff **extra_frag;
158 } tx;
159 struct {
160 struct ieee80211_rx_status *status;
161 struct ieee80211_rate *rate;
162 int sent_ps_buffered;
163 int queue;
164 int load;
165 u32 tkip_iv32;
166 u16 tkip_iv16;
167 } rx;
168 } u;
169}; 206};
170 207
171/* flags used in struct ieee80211_tx_packet_data.flags */ 208/* flags used in struct ieee80211_tx_packet_data.flags */
@@ -227,6 +264,41 @@ struct ieee80211_if_vlan {
227 struct list_head list; 264 struct list_head list;
228}; 265};
229 266
267struct mesh_stats {
268 __u32 fwded_frames; /* Mesh forwarded frames */
269 __u32 dropped_frames_ttl; /* Not transmitted since mesh_ttl == 0*/
270 __u32 dropped_frames_no_route; /* Not transmitted, no route found */
271 atomic_t estab_plinks;
272};
273
274#define PREQ_Q_F_START 0x1
275#define PREQ_Q_F_REFRESH 0x2
276struct mesh_preq_queue {
277 struct list_head list;
278 u8 dst[ETH_ALEN];
279 u8 flags;
280};
281
282struct mesh_config {
283 /* Timeouts in ms */
284 /* Mesh plink management parameters */
285 u16 dot11MeshRetryTimeout;
286 u16 dot11MeshConfirmTimeout;
287 u16 dot11MeshHoldingTimeout;
288 u16 dot11MeshMaxPeerLinks;
289 u8 dot11MeshMaxRetries;
290 u8 dot11MeshTTL;
291 bool auto_open_plinks;
292 /* HWMP parameters */
293 u32 dot11MeshHWMPactivePathTimeout;
294 u16 dot11MeshHWMPpreqMinInterval;
295 u16 dot11MeshHWMPnetDiameterTraversalTime;
296 u8 dot11MeshHWMPmaxPREQretries;
297 u32 path_refresh_time;
298 u16 min_discovery_timeout;
299};
300
301
230/* flags used in struct ieee80211_if_sta.flags */ 302/* flags used in struct ieee80211_if_sta.flags */
231#define IEEE80211_STA_SSID_SET BIT(0) 303#define IEEE80211_STA_SSID_SET BIT(0)
232#define IEEE80211_STA_BSSID_SET BIT(1) 304#define IEEE80211_STA_BSSID_SET BIT(1)
@@ -245,7 +317,8 @@ struct ieee80211_if_sta {
245 enum { 317 enum {
246 IEEE80211_DISABLED, IEEE80211_AUTHENTICATE, 318 IEEE80211_DISABLED, IEEE80211_AUTHENTICATE,
247 IEEE80211_ASSOCIATE, IEEE80211_ASSOCIATED, 319 IEEE80211_ASSOCIATE, IEEE80211_ASSOCIATED,
248 IEEE80211_IBSS_SEARCH, IEEE80211_IBSS_JOINED 320 IEEE80211_IBSS_SEARCH, IEEE80211_IBSS_JOINED,
321 IEEE80211_MESH_UP
249 } state; 322 } state;
250 struct timer_list timer; 323 struct timer_list timer;
251 struct work_struct work; 324 struct work_struct work;
@@ -254,6 +327,34 @@ struct ieee80211_if_sta {
254 size_t ssid_len; 327 size_t ssid_len;
255 u8 scan_ssid[IEEE80211_MAX_SSID_LEN]; 328 u8 scan_ssid[IEEE80211_MAX_SSID_LEN];
256 size_t scan_ssid_len; 329 size_t scan_ssid_len;
330#ifdef CONFIG_MAC80211_MESH
331 struct timer_list mesh_path_timer;
332 u8 mesh_id[IEEE80211_MAX_MESH_ID_LEN];
333 bool accepting_plinks;
334 size_t mesh_id_len;
335 /* Active Path Selection Protocol Identifier */
336 u8 mesh_pp_id[4];
337 /* Active Path Selection Metric Identifier */
338 u8 mesh_pm_id[4];
339 /* Congestion Control Mode Identifier */
340 u8 mesh_cc_id[4];
341 /* Local mesh Destination Sequence Number */
342 u32 dsn;
343 /* Last used PREQ ID */
344 u32 preq_id;
345 atomic_t mpaths;
346 /* Timestamp of last DSN update */
347 unsigned long last_dsn_update;
348 /* Timestamp of last DSN sent */
349 unsigned long last_preq;
350 struct mesh_rmc *rmc;
351 spinlock_t mesh_preq_queue_lock;
352 struct mesh_preq_queue preq_queue;
353 int preq_queue_len;
354 struct mesh_stats mshstats;
355 struct mesh_config mshcfg;
356 u8 mesh_seqnum[3];
357#endif
257 u16 aid; 358 u16 aid;
258 u16 ap_capab, capab; 359 u16 ap_capab, capab;
259 u8 *extra_ie; /* to be added to the end of AssocReq */ 360 u8 *extra_ie; /* to be added to the end of AssocReq */
@@ -286,8 +387,25 @@ struct ieee80211_if_sta {
286 u32 supp_rates_bits[IEEE80211_NUM_BANDS]; 387 u32 supp_rates_bits[IEEE80211_NUM_BANDS];
287 388
288 int wmm_last_param_set; 389 int wmm_last_param_set;
390 int num_beacons; /* number of TXed beacon frames by this STA */
289}; 391};
290 392
393static inline void ieee80211_if_sta_set_mesh_id(struct ieee80211_if_sta *ifsta,
394 u8 mesh_id_len, u8 *mesh_id)
395{
396#ifdef CONFIG_MAC80211_MESH
397 ifsta->mesh_id_len = mesh_id_len;
398 memcpy(ifsta->mesh_id, mesh_id, mesh_id_len);
399#endif
400}
401
402#ifdef CONFIG_MAC80211_MESH
403#define IEEE80211_IFSTA_MESH_CTR_INC(sta, name) \
404 do { (sta)->mshstats.name++; } while (0)
405#else
406#define IEEE80211_IFSTA_MESH_CTR_INC(sta, name) \
407 do { } while (0)
408#endif
291 409
292/* flags used in struct ieee80211_sub_if_data.flags */ 410/* flags used in struct ieee80211_sub_if_data.flags */
293#define IEEE80211_SDATA_ALLMULTI BIT(0) 411#define IEEE80211_SDATA_ALLMULTI BIT(0)
@@ -365,6 +483,7 @@ struct ieee80211_sub_if_data {
365 struct dentry *auth_alg; 483 struct dentry *auth_alg;
366 struct dentry *auth_transaction; 484 struct dentry *auth_transaction;
367 struct dentry *flags; 485 struct dentry *flags;
486 struct dentry *num_beacons_sta;
368 } sta; 487 } sta;
369 struct { 488 struct {
370 struct dentry *channel_use; 489 struct dentry *channel_use;
@@ -390,6 +509,35 @@ struct ieee80211_sub_if_data {
390 } monitor; 509 } monitor;
391 struct dentry *default_key; 510 struct dentry *default_key;
392 } debugfs; 511 } debugfs;
512
513#ifdef CONFIG_MAC80211_MESH
514 struct dentry *mesh_stats_dir;
515 struct {
516 struct dentry *fwded_frames;
517 struct dentry *dropped_frames_ttl;
518 struct dentry *dropped_frames_no_route;
519 struct dentry *estab_plinks;
520 struct timer_list mesh_path_timer;
521 } mesh_stats;
522
523 struct dentry *mesh_config_dir;
524 struct {
525 struct dentry *dot11MeshRetryTimeout;
526 struct dentry *dot11MeshConfirmTimeout;
527 struct dentry *dot11MeshHoldingTimeout;
528 struct dentry *dot11MeshMaxRetries;
529 struct dentry *dot11MeshTTL;
530 struct dentry *auto_open_plinks;
531 struct dentry *dot11MeshMaxPeerLinks;
532 struct dentry *dot11MeshHWMPactivePathTimeout;
533 struct dentry *dot11MeshHWMPpreqMinInterval;
534 struct dentry *dot11MeshHWMPnetDiameterTraversalTime;
535 struct dentry *dot11MeshHWMPmaxPREQretries;
536 struct dentry *path_refresh_time;
537 struct dentry *min_discovery_timeout;
538 } mesh_config;
539#endif
540
393#endif 541#endif
394 /* must be last, dynamically sized area in this! */ 542 /* must be last, dynamically sized area in this! */
395 struct ieee80211_vif vif; 543 struct ieee80211_vif vif;
@@ -426,6 +574,7 @@ struct ieee80211_local {
426 unsigned int filter_flags; /* FIF_* */ 574 unsigned int filter_flags; /* FIF_* */
427 struct iw_statistics wstats; 575 struct iw_statistics wstats;
428 u8 wstats_flags; 576 u8 wstats_flags;
577 bool tim_in_locked_section; /* see ieee80211_beacon_get() */
429 int tx_headroom; /* required headroom for hardware/radiotap */ 578 int tx_headroom; /* required headroom for hardware/radiotap */
430 579
431 enum { 580 enum {
@@ -443,9 +592,15 @@ struct ieee80211_local {
443 struct sk_buff_head skb_queue; 592 struct sk_buff_head skb_queue;
444 struct sk_buff_head skb_queue_unreliable; 593 struct sk_buff_head skb_queue_unreliable;
445 594
446 /* Station data structures */ 595 /* Station data */
447 rwlock_t sta_lock; /* protects STA data structures */ 596 /*
448 int num_sta; /* number of stations in sta_list */ 597 * The lock only protects the list, hash, timer and counter
598 * against manipulation, reads are done in RCU. Additionally,
599 * the lock protects each BSS's TIM bitmap and a few items
600 * in a STA info structure.
601 */
602 spinlock_t sta_lock;
603 unsigned long num_sta;
449 struct list_head sta_list; 604 struct list_head sta_list;
450 struct sta_info *sta_hash[STA_HASH_SIZE]; 605 struct sta_info *sta_hash[STA_HASH_SIZE];
451 struct timer_list sta_cleanup; 606 struct timer_list sta_cleanup;
@@ -617,6 +772,57 @@ struct ieee80211_ra_tid {
617 u16 tid; 772 u16 tid;
618}; 773};
619 774
775/* Parsed Information Elements */
776struct ieee802_11_elems {
777 /* pointers to IEs */
778 u8 *ssid;
779 u8 *supp_rates;
780 u8 *fh_params;
781 u8 *ds_params;
782 u8 *cf_params;
783 u8 *tim;
784 u8 *ibss_params;
785 u8 *challenge;
786 u8 *wpa;
787 u8 *rsn;
788 u8 *erp_info;
789 u8 *ext_supp_rates;
790 u8 *wmm_info;
791 u8 *wmm_param;
792 u8 *ht_cap_elem;
793 u8 *ht_info_elem;
794 u8 *mesh_config;
795 u8 *mesh_id;
796 u8 *peer_link;
797 u8 *preq;
798 u8 *prep;
799 u8 *perr;
800
801 /* length of them, respectively */
802 u8 ssid_len;
803 u8 supp_rates_len;
804 u8 fh_params_len;
805 u8 ds_params_len;
806 u8 cf_params_len;
807 u8 tim_len;
808 u8 ibss_params_len;
809 u8 challenge_len;
810 u8 wpa_len;
811 u8 rsn_len;
812 u8 erp_info_len;
813 u8 ext_supp_rates_len;
814 u8 wmm_info_len;
815 u8 wmm_param_len;
816 u8 ht_cap_elem_len;
817 u8 ht_info_elem_len;
818 u8 mesh_config_len;
819 u8 mesh_id_len;
820 u8 peer_link_len;
821 u8 preq_len;
822 u8 prep_len;
823 u8 perr_len;
824};
825
620static inline struct ieee80211_local *hw_to_local( 826static inline struct ieee80211_local *hw_to_local(
621 struct ieee80211_hw *hw) 827 struct ieee80211_hw *hw)
622{ 828{
@@ -651,8 +857,7 @@ static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
651int ieee80211_hw_config(struct ieee80211_local *local); 857int ieee80211_hw_config(struct ieee80211_local *local);
652int ieee80211_if_config(struct net_device *dev); 858int ieee80211_if_config(struct net_device *dev);
653int ieee80211_if_config_beacon(struct net_device *dev); 859int ieee80211_if_config_beacon(struct net_device *dev);
654void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx); 860void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx);
655int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr);
656void ieee80211_if_setup(struct net_device *dev); 861void ieee80211_if_setup(struct net_device *dev);
657int ieee80211_hw_config_ht(struct ieee80211_local *local, int enable_ht, 862int ieee80211_hw_config_ht(struct ieee80211_local *local, int enable_ht,
658 struct ieee80211_ht_info *req_ht_cap, 863 struct ieee80211_ht_info *req_ht_cap,
@@ -686,6 +891,7 @@ int ieee80211_set_compression(struct ieee80211_local *local,
686 struct net_device *dev, struct sta_info *sta); 891 struct net_device *dev, struct sta_info *sta);
687int ieee80211_set_freq(struct ieee80211_local *local, int freq); 892int ieee80211_set_freq(struct ieee80211_local *local, int freq);
688/* ieee80211_sta.c */ 893/* ieee80211_sta.c */
894#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
689void ieee80211_sta_timer(unsigned long data); 895void ieee80211_sta_timer(unsigned long data);
690void ieee80211_sta_work(struct work_struct *work); 896void ieee80211_sta_work(struct work_struct *work);
691void ieee80211_sta_scan_work(struct work_struct *work); 897void ieee80211_sta_scan_work(struct work_struct *work);
@@ -726,9 +932,25 @@ void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *da,
726 u16 tid, u16 initiator, u16 reason); 932 u16 tid, u16 initiator, u16 reason);
727void sta_rx_agg_session_timer_expired(unsigned long data); 933void sta_rx_agg_session_timer_expired(unsigned long data);
728void sta_addba_resp_timer_expired(unsigned long data); 934void sta_addba_resp_timer_expired(unsigned long data);
935u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
936 struct ieee802_11_elems *elems,
937 enum ieee80211_band band);
938void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
939 int encrypt);
940void ieee802_11_parse_elems(u8 *start, size_t len,
941 struct ieee802_11_elems *elems);
942
943#ifdef CONFIG_MAC80211_MESH
944void ieee80211_start_mesh(struct net_device *dev);
945#else
946static inline void ieee80211_start_mesh(struct net_device *dev)
947{}
948#endif
949
729/* ieee80211_iface.c */ 950/* ieee80211_iface.c */
730int ieee80211_if_add(struct net_device *dev, const char *name, 951int ieee80211_if_add(struct net_device *dev, const char *name,
731 struct net_device **new_dev, int type); 952 struct net_device **new_dev, int type,
953 struct vif_params *params);
732void ieee80211_if_set_type(struct net_device *dev, int type); 954void ieee80211_if_set_type(struct net_device *dev, int type);
733void ieee80211_if_reinit(struct net_device *dev); 955void ieee80211_if_reinit(struct net_device *dev);
734void __ieee80211_if_del(struct ieee80211_local *local, 956void __ieee80211_if_del(struct ieee80211_local *local,
diff --git a/net/mac80211/ieee80211_iface.c b/net/mac80211/ieee80211_iface.c
index 677705046c6d..80954a512185 100644
--- a/net/mac80211/ieee80211_iface.c
+++ b/net/mac80211/ieee80211_iface.c
@@ -15,6 +15,7 @@
15#include "ieee80211_i.h" 15#include "ieee80211_i.h"
16#include "sta_info.h" 16#include "sta_info.h"
17#include "debugfs_netdev.h" 17#include "debugfs_netdev.h"
18#include "mesh.h"
18 19
19void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata) 20void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata)
20{ 21{
@@ -39,7 +40,8 @@ static void ieee80211_if_sdata_deinit(struct ieee80211_sub_if_data *sdata)
39 40
40/* Must be called with rtnl lock held. */ 41/* Must be called with rtnl lock held. */
41int ieee80211_if_add(struct net_device *dev, const char *name, 42int ieee80211_if_add(struct net_device *dev, const char *name,
42 struct net_device **new_dev, int type) 43 struct net_device **new_dev, int type,
44 struct vif_params *params)
43{ 45{
44 struct net_device *ndev; 46 struct net_device *ndev;
45 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 47 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
@@ -78,6 +80,12 @@ int ieee80211_if_add(struct net_device *dev, const char *name,
78 ieee80211_debugfs_add_netdev(sdata); 80 ieee80211_debugfs_add_netdev(sdata);
79 ieee80211_if_set_type(ndev, type); 81 ieee80211_if_set_type(ndev, type);
80 82
83 if (ieee80211_vif_is_mesh(&sdata->vif) &&
84 params && params->mesh_id_len)
85 ieee80211_if_sta_set_mesh_id(&sdata->u.sta,
86 params->mesh_id_len,
87 params->mesh_id);
88
81 /* we're under RTNL so all this is fine */ 89 /* we're under RTNL so all this is fine */
82 if (unlikely(local->reg_state == IEEE80211_DEV_UNREGISTERED)) { 90 if (unlikely(local->reg_state == IEEE80211_DEV_UNREGISTERED)) {
83 __ieee80211_if_del(local, sdata); 91 __ieee80211_if_del(local, sdata);
@@ -134,6 +142,7 @@ void ieee80211_if_set_type(struct net_device *dev, int type)
134 sdata->bss = &sdata->u.ap; 142 sdata->bss = &sdata->u.ap;
135 INIT_LIST_HEAD(&sdata->u.ap.vlans); 143 INIT_LIST_HEAD(&sdata->u.ap.vlans);
136 break; 144 break;
145 case IEEE80211_IF_TYPE_MESH_POINT:
137 case IEEE80211_IF_TYPE_STA: 146 case IEEE80211_IF_TYPE_STA:
138 case IEEE80211_IF_TYPE_IBSS: { 147 case IEEE80211_IF_TYPE_IBSS: {
139 struct ieee80211_sub_if_data *msdata; 148 struct ieee80211_sub_if_data *msdata;
@@ -155,6 +164,9 @@ void ieee80211_if_set_type(struct net_device *dev, int type)
155 164
156 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev); 165 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev);
157 sdata->bss = &msdata->u.ap; 166 sdata->bss = &msdata->u.ap;
167
168 if (ieee80211_vif_is_mesh(&sdata->vif))
169 ieee80211_mesh_init_sdata(sdata);
158 break; 170 break;
159 } 171 }
160 case IEEE80211_IF_TYPE_MNTR: 172 case IEEE80211_IF_TYPE_MNTR:
@@ -175,8 +187,8 @@ void ieee80211_if_reinit(struct net_device *dev)
175{ 187{
176 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 188 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
177 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 189 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
178 struct sta_info *sta;
179 struct sk_buff *skb; 190 struct sk_buff *skb;
191 int flushed;
180 192
181 ASSERT_RTNL(); 193 ASSERT_RTNL();
182 194
@@ -184,6 +196,10 @@ void ieee80211_if_reinit(struct net_device *dev)
184 196
185 ieee80211_if_sdata_deinit(sdata); 197 ieee80211_if_sdata_deinit(sdata);
186 198
199 /* Need to handle mesh specially to allow eliding the function call */
200 if (ieee80211_vif_is_mesh(&sdata->vif))
201 mesh_rmc_free(dev);
202
187 switch (sdata->vif.type) { 203 switch (sdata->vif.type) {
188 case IEEE80211_IF_TYPE_INVALID: 204 case IEEE80211_IF_TYPE_INVALID:
189 /* cannot happen */ 205 /* cannot happen */
@@ -224,17 +240,9 @@ void ieee80211_if_reinit(struct net_device *dev)
224 break; 240 break;
225 } 241 }
226 case IEEE80211_IF_TYPE_WDS: 242 case IEEE80211_IF_TYPE_WDS:
227 sta = sta_info_get(local, sdata->u.wds.remote_addr); 243 /* nothing to do */
228 if (sta) {
229 sta_info_free(sta);
230 sta_info_put(sta);
231 } else {
232#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
233 printk(KERN_DEBUG "%s: Someone had deleted my STA "
234 "entry for the WDS link\n", dev->name);
235#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
236 }
237 break; 244 break;
245 case IEEE80211_IF_TYPE_MESH_POINT:
238 case IEEE80211_IF_TYPE_STA: 246 case IEEE80211_IF_TYPE_STA:
239 case IEEE80211_IF_TYPE_IBSS: 247 case IEEE80211_IF_TYPE_IBSS:
240 kfree(sdata->u.sta.extra_ie); 248 kfree(sdata->u.sta.extra_ie);
@@ -257,8 +265,8 @@ void ieee80211_if_reinit(struct net_device *dev)
257 break; 265 break;
258 } 266 }
259 267
260 /* remove all STAs that are bound to this virtual interface */ 268 flushed = sta_info_flush(local, sdata);
261 sta_info_flush(local, dev); 269 WARN_ON(flushed);
262 270
263 memset(&sdata->u, 0, sizeof(sdata->u)); 271 memset(&sdata->u, 0, sizeof(sdata->u));
264 ieee80211_if_sdata_init(sdata); 272 ieee80211_if_sdata_init(sdata);
diff --git a/net/mac80211/ieee80211_ioctl.c b/net/mac80211/ieee80211_ioctl.c
index 7551db3f3abc..1d91575a0fe9 100644
--- a/net/mac80211/ieee80211_ioctl.c
+++ b/net/mac80211/ieee80211_ioctl.c
@@ -33,8 +33,7 @@ static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
33 size_t key_len) 33 size_t key_len)
34{ 34{
35 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 35 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
36 int ret; 36 struct sta_info *sta;
37 struct sta_info *sta = NULL;
38 struct ieee80211_key *key; 37 struct ieee80211_key *key;
39 struct ieee80211_sub_if_data *sdata; 38 struct ieee80211_sub_if_data *sdata;
40 39
@@ -51,24 +50,23 @@ static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
51 key = sdata->keys[idx]; 50 key = sdata->keys[idx];
52 } else { 51 } else {
53 sta = sta_info_get(local, sta_addr); 52 sta = sta_info_get(local, sta_addr);
54 if (!sta) { 53 if (!sta)
55 ret = -ENOENT; 54 return -ENOENT;
56 key = NULL;
57 goto err_out;
58 }
59
60 key = sta->key; 55 key = sta->key;
61 } 56 }
62 57
63 if (!key) 58 if (!key)
64 ret = -ENOENT; 59 return -ENOENT;
65 else 60
66 ret = 0; 61 ieee80211_key_free(key);
62 return 0;
67 } else { 63 } else {
68 key = ieee80211_key_alloc(alg, idx, key_len, _key); 64 key = ieee80211_key_alloc(alg, idx, key_len, _key);
69 if (!key) 65 if (!key)
70 return -ENOMEM; 66 return -ENOMEM;
71 67
68 sta = NULL;
69
72 if (!is_broadcast_ether_addr(sta_addr)) { 70 if (!is_broadcast_ether_addr(sta_addr)) {
73 set_tx_key = 0; 71 set_tx_key = 0;
74 /* 72 /*
@@ -78,14 +76,14 @@ static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
78 * work around this. 76 * work around this.
79 */ 77 */
80 if (idx != 0 && alg != ALG_WEP) { 78 if (idx != 0 && alg != ALG_WEP) {
81 ret = -EINVAL; 79 ieee80211_key_free(key);
82 goto err_out; 80 return -EINVAL;
83 } 81 }
84 82
85 sta = sta_info_get(local, sta_addr); 83 sta = sta_info_get(local, sta_addr);
86 if (!sta) { 84 if (!sta) {
87 ret = -ENOENT; 85 ieee80211_key_free(key);
88 goto err_out; 86 return -ENOENT;
89 } 87 }
90 } 88 }
91 89
@@ -93,18 +91,9 @@ static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
93 91
94 if (set_tx_key || (!sta && !sdata->default_key && key)) 92 if (set_tx_key || (!sta && !sdata->default_key && key))
95 ieee80211_set_default_key(sdata, idx); 93 ieee80211_set_default_key(sdata, idx);
96
97 /* don't free key later */
98 key = NULL;
99
100 ret = 0;
101 } 94 }
102 95
103 err_out: 96 return 0;
104 if (sta)
105 sta_info_put(sta);
106 ieee80211_key_free(key);
107 return ret;
108} 97}
109 98
110static int ieee80211_ioctl_siwgenie(struct net_device *dev, 99static int ieee80211_ioctl_siwgenie(struct net_device *dev,
@@ -479,10 +468,20 @@ static int ieee80211_ioctl_siwap(struct net_device *dev,
479 ieee80211_sta_req_auth(dev, &sdata->u.sta); 468 ieee80211_sta_req_auth(dev, &sdata->u.sta);
480 return 0; 469 return 0;
481 } else if (sdata->vif.type == IEEE80211_IF_TYPE_WDS) { 470 } else if (sdata->vif.type == IEEE80211_IF_TYPE_WDS) {
482 if (memcmp(sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data, 471 /*
483 ETH_ALEN) == 0) 472 * If it is necessary to update the WDS peer address
484 return 0; 473 * while the interface is running, then we need to do
485 return ieee80211_if_update_wds(dev, (u8 *) &ap_addr->sa_data); 474 * more work here, namely if it is running we need to
475 * add a new and remove the old STA entry, this is
476 * normally handled by _open() and _stop().
477 */
478 if (netif_running(dev))
479 return -EBUSY;
480
481 memcpy(&sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data,
482 ETH_ALEN);
483
484 return 0;
486 } 485 }
487 486
488 return -EOPNOTSUPP; 487 return -EOPNOTSUPP;
@@ -525,6 +524,7 @@ static int ieee80211_ioctl_siwscan(struct net_device *dev,
525 524
526 if (sdata->vif.type != IEEE80211_IF_TYPE_STA && 525 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
527 sdata->vif.type != IEEE80211_IF_TYPE_IBSS && 526 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
527 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT &&
528 sdata->vif.type != IEEE80211_IF_TYPE_AP) 528 sdata->vif.type != IEEE80211_IF_TYPE_AP)
529 return -EOPNOTSUPP; 529 return -EOPNOTSUPP;
530 530
@@ -624,7 +624,7 @@ static int ieee80211_ioctl_giwrate(struct net_device *dev,
624 else 624 else
625 rate->value = 0; 625 rate->value = 0;
626 rate->value *= 100000; 626 rate->value *= 100000;
627 sta_info_put(sta); 627
628 return 0; 628 return 0;
629} 629}
630 630
@@ -999,7 +999,6 @@ static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev
999 wstats->qual.qual = sta->last_signal; 999 wstats->qual.qual = sta->last_signal;
1000 wstats->qual.noise = sta->last_noise; 1000 wstats->qual.noise = sta->last_noise;
1001 wstats->qual.updated = local->wstats_flags; 1001 wstats->qual.updated = local->wstats_flags;
1002 sta_info_put(sta);
1003 } 1002 }
1004 return wstats; 1003 return wstats;
1005} 1004}
diff --git a/net/mac80211/ieee80211_rate.c b/net/mac80211/ieee80211_rate.c
index ebe29b716b27..4de06f128d90 100644
--- a/net/mac80211/ieee80211_rate.c
+++ b/net/mac80211/ieee80211_rate.c
@@ -170,9 +170,12 @@ void rate_control_get_rate(struct net_device *dev,
170 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 170 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
171 struct rate_control_ref *ref = local->rate_ctrl; 171 struct rate_control_ref *ref = local->rate_ctrl;
172 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 172 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
173 struct sta_info *sta = sta_info_get(local, hdr->addr1); 173 struct sta_info *sta;
174 int i; 174 int i;
175 175
176 rcu_read_lock();
177 sta = sta_info_get(local, hdr->addr1);
178
176 memset(sel, 0, sizeof(struct rate_selection)); 179 memset(sel, 0, sizeof(struct rate_selection));
177 180
178 ref->ops->get_rate(ref->priv, dev, sband, skb, sel); 181 ref->ops->get_rate(ref->priv, dev, sband, skb, sel);
@@ -190,8 +193,7 @@ void rate_control_get_rate(struct net_device *dev,
190 } 193 }
191 } 194 }
192 195
193 if (sta) 196 rcu_read_unlock();
194 sta_info_put(sta);
195} 197}
196 198
197struct rate_control_ref *rate_control_get(struct rate_control_ref *ref) 199struct rate_control_ref *rate_control_get(struct rate_control_ref *ref)
diff --git a/net/mac80211/ieee80211_rate.h b/net/mac80211/ieee80211_rate.h
index 5f9a2ca49a57..bfd0a1982e4a 100644
--- a/net/mac80211/ieee80211_rate.h
+++ b/net/mac80211/ieee80211_rate.h
@@ -14,6 +14,7 @@
14#include <linux/netdevice.h> 14#include <linux/netdevice.h>
15#include <linux/skbuff.h> 15#include <linux/skbuff.h>
16#include <linux/types.h> 16#include <linux/types.h>
17#include <linux/kref.h>
17#include <net/mac80211.h> 18#include <net/mac80211.h>
18#include "ieee80211_i.h" 19#include "ieee80211_i.h"
19#include "sta_info.h" 20#include "sta_info.h"
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c
index ddb5832f37cb..8b991ebcbb4e 100644
--- a/net/mac80211/ieee80211_sta.c
+++ b/net/mac80211/ieee80211_sta.c
@@ -24,6 +24,7 @@
24#include <linux/wireless.h> 24#include <linux/wireless.h>
25#include <linux/random.h> 25#include <linux/random.h>
26#include <linux/etherdevice.h> 26#include <linux/etherdevice.h>
27#include <linux/rtnetlink.h>
27#include <net/iw_handler.h> 28#include <net/iw_handler.h>
28#include <asm/types.h> 29#include <asm/types.h>
29 30
@@ -31,12 +32,14 @@
31#include "ieee80211_i.h" 32#include "ieee80211_i.h"
32#include "ieee80211_rate.h" 33#include "ieee80211_rate.h"
33#include "ieee80211_led.h" 34#include "ieee80211_led.h"
35#include "mesh.h"
34 36
35#define IEEE80211_AUTH_TIMEOUT (HZ / 5) 37#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
36#define IEEE80211_AUTH_MAX_TRIES 3 38#define IEEE80211_AUTH_MAX_TRIES 3
37#define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 39#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
38#define IEEE80211_ASSOC_MAX_TRIES 3 40#define IEEE80211_ASSOC_MAX_TRIES 3
39#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 41#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
40#define IEEE80211_PROBE_INTERVAL (60 * HZ) 43#define IEEE80211_PROBE_INTERVAL (60 * HZ)
41#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 44#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
42#define IEEE80211_SCAN_INTERVAL (2 * HZ) 45#define IEEE80211_SCAN_INTERVAL (2 * HZ)
@@ -49,6 +52,7 @@
49#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ) 52#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
50#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ) 53#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
51#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ) 54#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
55#define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
52 56
53#define IEEE80211_IBSS_MAX_STA_ENTRIES 128 57#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
54 58
@@ -87,46 +91,8 @@ static int ieee80211_sta_config_auth(struct net_device *dev,
87 struct ieee80211_if_sta *ifsta); 91 struct ieee80211_if_sta *ifsta);
88 92
89 93
90/* Parsed Information Elements */ 94void ieee802_11_parse_elems(u8 *start, size_t len,
91struct ieee802_11_elems { 95 struct ieee802_11_elems *elems)
92 /* pointers to IEs */
93 u8 *ssid;
94 u8 *supp_rates;
95 u8 *fh_params;
96 u8 *ds_params;
97 u8 *cf_params;
98 u8 *tim;
99 u8 *ibss_params;
100 u8 *challenge;
101 u8 *wpa;
102 u8 *rsn;
103 u8 *erp_info;
104 u8 *ext_supp_rates;
105 u8 *wmm_info;
106 u8 *wmm_param;
107 u8 *ht_cap_elem;
108 u8 *ht_info_elem;
109 /* length of them, respectively */
110 u8 ssid_len;
111 u8 supp_rates_len;
112 u8 fh_params_len;
113 u8 ds_params_len;
114 u8 cf_params_len;
115 u8 tim_len;
116 u8 ibss_params_len;
117 u8 challenge_len;
118 u8 wpa_len;
119 u8 rsn_len;
120 u8 erp_info_len;
121 u8 ext_supp_rates_len;
122 u8 wmm_info_len;
123 u8 wmm_param_len;
124 u8 ht_cap_elem_len;
125 u8 ht_info_elem_len;
126};
127
128static void ieee802_11_parse_elems(u8 *start, size_t len,
129 struct ieee802_11_elems *elems)
130{ 96{
131 size_t left = len; 97 size_t left = len;
132 u8 *pos = start; 98 u8 *pos = start;
@@ -215,6 +181,30 @@ static void ieee802_11_parse_elems(u8 *start, size_t len,
215 elems->ht_info_elem = pos; 181 elems->ht_info_elem = pos;
216 elems->ht_info_elem_len = elen; 182 elems->ht_info_elem_len = elen;
217 break; 183 break;
184 case WLAN_EID_MESH_ID:
185 elems->mesh_id = pos;
186 elems->mesh_id_len = elen;
187 break;
188 case WLAN_EID_MESH_CONFIG:
189 elems->mesh_config = pos;
190 elems->mesh_config_len = elen;
191 break;
192 case WLAN_EID_PEER_LINK:
193 elems->peer_link = pos;
194 elems->peer_link_len = elen;
195 break;
196 case WLAN_EID_PREQ:
197 elems->preq = pos;
198 elems->preq_len = elen;
199 break;
200 case WLAN_EID_PREP:
201 elems->prep = pos;
202 elems->prep_len = elen;
203 break;
204 case WLAN_EID_PERR:
205 elems->perr = pos;
206 elems->perr_len = elen;
207 break;
218 default: 208 default:
219 break; 209 break;
220 } 210 }
@@ -501,8 +491,8 @@ static void ieee80211_set_disassoc(struct net_device *dev,
501 ieee80211_set_associated(dev, ifsta, 0); 491 ieee80211_set_associated(dev, ifsta, 0);
502} 492}
503 493
504static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb, 494void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
505 int encrypt) 495 int encrypt)
506{ 496{
507 struct ieee80211_sub_if_data *sdata; 497 struct ieee80211_sub_if_data *sdata;
508 struct ieee80211_tx_packet_data *pkt_data; 498 struct ieee80211_tx_packet_data *pkt_data;
@@ -856,6 +846,8 @@ static void ieee80211_associated(struct net_device *dev,
856 846
857 ifsta->state = IEEE80211_ASSOCIATED; 847 ifsta->state = IEEE80211_ASSOCIATED;
858 848
849 rcu_read_lock();
850
859 sta = sta_info_get(local, ifsta->bssid); 851 sta = sta_info_get(local, ifsta->bssid);
860 if (!sta) { 852 if (!sta) {
861 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n", 853 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
@@ -871,7 +863,7 @@ static void ieee80211_associated(struct net_device *dev,
871 "range\n", 863 "range\n",
872 dev->name, print_mac(mac, ifsta->bssid)); 864 dev->name, print_mac(mac, ifsta->bssid));
873 disassoc = 1; 865 disassoc = 1;
874 sta_info_free(sta); 866 sta_info_unlink(&sta);
875 } else 867 } else
876 ieee80211_send_probe_req(dev, ifsta->bssid, 868 ieee80211_send_probe_req(dev, ifsta->bssid,
877 local->scan_ssid, 869 local->scan_ssid,
@@ -887,8 +879,17 @@ static void ieee80211_associated(struct net_device *dev,
887 ifsta->ssid_len); 879 ifsta->ssid_len);
888 } 880 }
889 } 881 }
890 sta_info_put(sta);
891 } 882 }
883
884 rcu_read_unlock();
885
886 if (disassoc && sta) {
887 synchronize_rcu();
888 rtnl_lock();
889 sta_info_destroy(sta);
890 rtnl_unlock();
891 }
892
892 if (disassoc) { 893 if (disassoc) {
893 ifsta->state = IEEE80211_DISABLED; 894 ifsta->state = IEEE80211_DISABLED;
894 ieee80211_set_associated(dev, ifsta, 0); 895 ieee80211_set_associated(dev, ifsta, 0);
@@ -1114,9 +1115,13 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1114 int ret = -EOPNOTSUPP; 1115 int ret = -EOPNOTSUPP;
1115 DECLARE_MAC_BUF(mac); 1116 DECLARE_MAC_BUF(mac);
1116 1117
1118 rcu_read_lock();
1119
1117 sta = sta_info_get(local, mgmt->sa); 1120 sta = sta_info_get(local, mgmt->sa);
1118 if (!sta) 1121 if (!sta) {
1122 rcu_read_unlock();
1119 return; 1123 return;
1124 }
1120 1125
1121 /* extract session parameters from addba request frame */ 1126 /* extract session parameters from addba request frame */
1122 dialog_token = mgmt->u.action.u.addba_req.dialog_token; 1127 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
@@ -1208,9 +1213,9 @@ end:
1208 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1213 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1209 1214
1210end_no_lock: 1215end_no_lock:
1211 ieee80211_send_addba_resp(sta->dev, sta->addr, tid, dialog_token, 1216 ieee80211_send_addba_resp(sta->sdata->dev, sta->addr, tid,
1212 status, 1, buf_size, timeout); 1217 dialog_token, status, 1, buf_size, timeout);
1213 sta_info_put(sta); 1218 rcu_read_unlock();
1214} 1219}
1215 1220
1216static void ieee80211_sta_process_addba_resp(struct net_device *dev, 1221static void ieee80211_sta_process_addba_resp(struct net_device *dev,
@@ -1224,9 +1229,13 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1224 u16 tid; 1229 u16 tid;
1225 u8 *state; 1230 u8 *state;
1226 1231
1232 rcu_read_lock();
1233
1227 sta = sta_info_get(local, mgmt->sa); 1234 sta = sta_info_get(local, mgmt->sa);
1228 if (!sta) 1235 if (!sta) {
1236 rcu_read_unlock();
1229 return; 1237 return;
1238 }
1230 1239
1231 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab); 1240 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1232 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2; 1241 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
@@ -1241,7 +1250,7 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1241#ifdef CONFIG_MAC80211_HT_DEBUG 1250#ifdef CONFIG_MAC80211_HT_DEBUG
1242 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid); 1251 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1243#endif /* CONFIG_MAC80211_HT_DEBUG */ 1252#endif /* CONFIG_MAC80211_HT_DEBUG */
1244 sta_info_put(sta); 1253 rcu_read_unlock();
1245 return; 1254 return;
1246 } 1255 }
1247 1256
@@ -1255,7 +1264,7 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1255 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1264 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1256 printk(KERN_DEBUG "state not HT_ADDBA_REQUESTED_MSK:" 1265 printk(KERN_DEBUG "state not HT_ADDBA_REQUESTED_MSK:"
1257 "%d\n", *state); 1266 "%d\n", *state);
1258 sta_info_put(sta); 1267 rcu_read_unlock();
1259 return; 1268 return;
1260 } 1269 }
1261 1270
@@ -1282,7 +1291,7 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1282 ieee80211_stop_tx_ba_session(hw, sta->addr, tid, 1291 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1283 WLAN_BACK_INITIATOR); 1292 WLAN_BACK_INITIATOR);
1284 } 1293 }
1285 sta_info_put(sta); 1294 rcu_read_unlock();
1286} 1295}
1287 1296
1288void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid, 1297void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
@@ -1337,16 +1346,20 @@ void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1337 struct sta_info *sta; 1346 struct sta_info *sta;
1338 int ret, i; 1347 int ret, i;
1339 1348
1349 rcu_read_lock();
1350
1340 sta = sta_info_get(local, ra); 1351 sta = sta_info_get(local, ra);
1341 if (!sta) 1352 if (!sta) {
1353 rcu_read_unlock();
1342 return; 1354 return;
1355 }
1343 1356
1344 /* check if TID is in operational state */ 1357 /* check if TID is in operational state */
1345 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx); 1358 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
1346 if (sta->ampdu_mlme.tid_rx[tid].state 1359 if (sta->ampdu_mlme.tid_rx[tid].state
1347 != HT_AGG_STATE_OPERATIONAL) { 1360 != HT_AGG_STATE_OPERATIONAL) {
1348 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1361 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1349 sta_info_put(sta); 1362 rcu_read_unlock();
1350 return; 1363 return;
1351 } 1364 }
1352 sta->ampdu_mlme.tid_rx[tid].state = 1365 sta->ampdu_mlme.tid_rx[tid].state =
@@ -1385,7 +1398,7 @@ void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1385 kfree(sta->ampdu_mlme.tid_rx[tid].reorder_buf); 1398 kfree(sta->ampdu_mlme.tid_rx[tid].reorder_buf);
1386 1399
1387 sta->ampdu_mlme.tid_rx[tid].state = HT_AGG_STATE_IDLE; 1400 sta->ampdu_mlme.tid_rx[tid].state = HT_AGG_STATE_IDLE;
1388 sta_info_put(sta); 1401 rcu_read_unlock();
1389} 1402}
1390 1403
1391 1404
@@ -1398,9 +1411,13 @@ static void ieee80211_sta_process_delba(struct net_device *dev,
1398 u16 initiator; 1411 u16 initiator;
1399 DECLARE_MAC_BUF(mac); 1412 DECLARE_MAC_BUF(mac);
1400 1413
1414 rcu_read_lock();
1415
1401 sta = sta_info_get(local, mgmt->sa); 1416 sta = sta_info_get(local, mgmt->sa);
1402 if (!sta) 1417 if (!sta) {
1418 rcu_read_unlock();
1403 return; 1419 return;
1420 }
1404 1421
1405 params = le16_to_cpu(mgmt->u.action.u.delba.params); 1422 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1406 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12; 1423 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
@@ -1425,7 +1442,7 @@ static void ieee80211_sta_process_delba(struct net_device *dev,
1425 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid, 1442 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1426 WLAN_BACK_RECIPIENT); 1443 WLAN_BACK_RECIPIENT);
1427 } 1444 }
1428 sta_info_put(sta); 1445 rcu_read_unlock();
1429} 1446}
1430 1447
1431/* 1448/*
@@ -1437,7 +1454,7 @@ void sta_addba_resp_timer_expired(unsigned long data)
1437{ 1454{
1438 /* not an elegant detour, but there is no choice as the timer passes 1455 /* not an elegant detour, but there is no choice as the timer passes
1439 * only one argument, and both sta_info and TID are needed, so init 1456 * only one argument, and both sta_info and TID are needed, so init
1440 * flow in sta_info_add gives the TID as data, while the timer_to_id 1457 * flow in sta_info_create gives the TID as data, while the timer_to_id
1441 * array gives the sta through container_of */ 1458 * array gives the sta through container_of */
1442 u16 tid = *(int *)data; 1459 u16 tid = *(int *)data;
1443 struct sta_info *temp_sta = container_of((void *)data, 1460 struct sta_info *temp_sta = container_of((void *)data,
@@ -1448,9 +1465,13 @@ void sta_addba_resp_timer_expired(unsigned long data)
1448 struct sta_info *sta; 1465 struct sta_info *sta;
1449 u8 *state; 1466 u8 *state;
1450 1467
1468 rcu_read_lock();
1469
1451 sta = sta_info_get(local, temp_sta->addr); 1470 sta = sta_info_get(local, temp_sta->addr);
1452 if (!sta) 1471 if (!sta) {
1472 rcu_read_unlock();
1453 return; 1473 return;
1474 }
1454 1475
1455 state = &sta->ampdu_mlme.tid_tx[tid].state; 1476 state = &sta->ampdu_mlme.tid_tx[tid].state;
1456 /* check if the TID waits for addBA response */ 1477 /* check if the TID waits for addBA response */
@@ -1472,7 +1493,7 @@ void sta_addba_resp_timer_expired(unsigned long data)
1472 WLAN_BACK_INITIATOR); 1493 WLAN_BACK_INITIATOR);
1473 1494
1474timer_expired_exit: 1495timer_expired_exit:
1475 sta_info_put(sta); 1496 rcu_read_unlock();
1476} 1497}
1477 1498
1478/* 1499/*
@@ -1484,7 +1505,7 @@ void sta_rx_agg_session_timer_expired(unsigned long data)
1484{ 1505{
1485 /* not an elegant detour, but there is no choice as the timer passes 1506 /* not an elegant detour, but there is no choice as the timer passes
1486 * only one argument, and verious sta_info are needed here, so init 1507 * only one argument, and verious sta_info are needed here, so init
1487 * flow in sta_info_add gives the TID as data, while the timer_to_id 1508 * flow in sta_info_create gives the TID as data, while the timer_to_id
1488 * array gives the sta through container_of */ 1509 * array gives the sta through container_of */
1489 u8 *ptid = (u8 *)data; 1510 u8 *ptid = (u8 *)data;
1490 u8 *timer_to_id = ptid - *ptid; 1511 u8 *timer_to_id = ptid - *ptid;
@@ -1492,8 +1513,8 @@ void sta_rx_agg_session_timer_expired(unsigned long data)
1492 timer_to_tid[0]); 1513 timer_to_tid[0]);
1493 1514
1494 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid); 1515 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1495 ieee80211_sta_stop_rx_ba_session(sta->dev, sta->addr, (u16)*ptid, 1516 ieee80211_sta_stop_rx_ba_session(sta->sdata->dev, sta->addr,
1496 WLAN_BACK_TIMER, 1517 (u16)*ptid, WLAN_BACK_TIMER,
1497 WLAN_REASON_QSTA_TIMEOUT); 1518 WLAN_REASON_QSTA_TIMEOUT);
1498} 1519}
1499 1520
@@ -1802,14 +1823,19 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1802 if (ifsta->assocresp_ies) 1823 if (ifsta->assocresp_ies)
1803 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len); 1824 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1804 1825
1826 rcu_read_lock();
1827
1805 /* Add STA entry for the AP */ 1828 /* Add STA entry for the AP */
1806 sta = sta_info_get(local, ifsta->bssid); 1829 sta = sta_info_get(local, ifsta->bssid);
1807 if (!sta) { 1830 if (!sta) {
1808 struct ieee80211_sta_bss *bss; 1831 struct ieee80211_sta_bss *bss;
1809 sta = sta_info_add(local, dev, ifsta->bssid, GFP_KERNEL); 1832 int err;
1810 if (IS_ERR(sta)) { 1833
1811 printk(KERN_DEBUG "%s: failed to add STA entry for the" 1834 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
1812 " AP (error %ld)\n", dev->name, PTR_ERR(sta)); 1835 if (!sta) {
1836 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1837 " the AP\n", dev->name);
1838 rcu_read_unlock();
1813 return; 1839 return;
1814 } 1840 }
1815 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, 1841 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
@@ -1821,9 +1847,27 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1821 sta->last_noise = bss->noise; 1847 sta->last_noise = bss->noise;
1822 ieee80211_rx_bss_put(dev, bss); 1848 ieee80211_rx_bss_put(dev, bss);
1823 } 1849 }
1850
1851 err = sta_info_insert(sta);
1852 if (err) {
1853 printk(KERN_DEBUG "%s: failed to insert STA entry for"
1854 " the AP (error %d)\n", dev->name, err);
1855 sta_info_destroy(sta);
1856 rcu_read_unlock();
1857 return;
1858 }
1824 } 1859 }
1825 1860
1826 sta->dev = dev; 1861 /*
1862 * FIXME: Do we really need to update the sta_info's information here?
1863 * We already know about the AP (we found it in our list) so it
1864 * should already be filled with the right info, no?
1865 * As is stands, all this is racy because typically we assume
1866 * the information that is filled in here (except flags) doesn't
1867 * change while a STA structure is alive. As such, it should move
1868 * to between the sta_info_alloc() and sta_info_insert() above.
1869 */
1870
1827 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP | 1871 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
1828 WLAN_STA_AUTHORIZED; 1872 WLAN_STA_AUTHORIZED;
1829 1873
@@ -1886,16 +1930,16 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1886 1930
1887 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) { 1931 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
1888 sta->flags |= WLAN_STA_WME; 1932 sta->flags |= WLAN_STA_WME;
1933 rcu_read_unlock();
1889 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param, 1934 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1890 elems.wmm_param_len); 1935 elems.wmm_param_len);
1891 } 1936 } else
1937 rcu_read_unlock();
1892 1938
1893 /* set AID, ieee80211_set_associated() will tell the driver */ 1939 /* set AID, ieee80211_set_associated() will tell the driver */
1894 bss_conf->aid = aid; 1940 bss_conf->aid = aid;
1895 ieee80211_set_associated(dev, ifsta, 1); 1941 ieee80211_set_associated(dev, ifsta, 1);
1896 1942
1897 sta_info_put(sta);
1898
1899 ieee80211_associated(dev, ifsta); 1943 ieee80211_associated(dev, ifsta);
1900} 1944}
1901 1945
@@ -1905,8 +1949,16 @@ static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1905 struct ieee80211_sta_bss *bss) 1949 struct ieee80211_sta_bss *bss)
1906{ 1950{
1907 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1951 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1908 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)]; 1952 u8 hash_idx;
1909 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss; 1953
1954 if (bss_mesh_cfg(bss))
1955 hash_idx = mesh_id_hash(bss_mesh_id(bss),
1956 bss_mesh_id_len(bss));
1957 else
1958 hash_idx = STA_HASH(bss->bssid);
1959
1960 bss->hnext = local->sta_bss_hash[hash_idx];
1961 local->sta_bss_hash[hash_idx] = bss;
1910} 1962}
1911 1963
1912 1964
@@ -1959,7 +2011,6 @@ ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int freq,
1959 return bss; 2011 return bss;
1960} 2012}
1961 2013
1962
1963static struct ieee80211_sta_bss * 2014static struct ieee80211_sta_bss *
1964ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq, 2015ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
1965 u8 *ssid, u8 ssid_len) 2016 u8 *ssid, u8 ssid_len)
@@ -1970,7 +2021,8 @@ ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
1970 spin_lock_bh(&local->sta_bss_lock); 2021 spin_lock_bh(&local->sta_bss_lock);
1971 bss = local->sta_bss_hash[STA_HASH(bssid)]; 2022 bss = local->sta_bss_hash[STA_HASH(bssid)];
1972 while (bss) { 2023 while (bss) {
1973 if (!memcmp(bss->bssid, bssid, ETH_ALEN) && 2024 if (!bss_mesh_cfg(bss) &&
2025 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
1974 bss->freq == freq && 2026 bss->freq == freq &&
1975 bss->ssid_len == ssid_len && 2027 bss->ssid_len == ssid_len &&
1976 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) { 2028 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
@@ -1983,6 +2035,72 @@ ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
1983 return bss; 2035 return bss;
1984} 2036}
1985 2037
2038#ifdef CONFIG_MAC80211_MESH
2039static struct ieee80211_sta_bss *
2040ieee80211_rx_mesh_bss_get(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2041 u8 *mesh_cfg, int freq)
2042{
2043 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2044 struct ieee80211_sta_bss *bss;
2045
2046 spin_lock_bh(&local->sta_bss_lock);
2047 bss = local->sta_bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
2048 while (bss) {
2049 if (bss_mesh_cfg(bss) &&
2050 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
2051 bss->freq == freq &&
2052 mesh_id_len == bss->mesh_id_len &&
2053 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
2054 mesh_id_len))) {
2055 atomic_inc(&bss->users);
2056 break;
2057 }
2058 bss = bss->hnext;
2059 }
2060 spin_unlock_bh(&local->sta_bss_lock);
2061 return bss;
2062}
2063
2064static struct ieee80211_sta_bss *
2065ieee80211_rx_mesh_bss_add(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2066 u8 *mesh_cfg, int freq)
2067{
2068 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2069 struct ieee80211_sta_bss *bss;
2070
2071 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2072 if (!bss)
2073 return NULL;
2074
2075 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
2076 if (!bss->mesh_cfg) {
2077 kfree(bss);
2078 return NULL;
2079 }
2080
2081 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
2082 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
2083 if (!bss->mesh_id) {
2084 kfree(bss->mesh_cfg);
2085 kfree(bss);
2086 return NULL;
2087 }
2088 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
2089 }
2090
2091 atomic_inc(&bss->users);
2092 atomic_inc(&bss->users);
2093 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
2094 bss->mesh_id_len = mesh_id_len;
2095 bss->freq = freq;
2096 spin_lock_bh(&local->sta_bss_lock);
2097 /* TODO: order by RSSI? */
2098 list_add_tail(&bss->list, &local->sta_bss_list);
2099 __ieee80211_rx_bss_hash_add(dev, bss);
2100 spin_unlock_bh(&local->sta_bss_lock);
2101 return bss;
2102}
2103#endif
1986 2104
1987static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss) 2105static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1988{ 2106{
@@ -1990,6 +2108,8 @@ static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1990 kfree(bss->rsn_ie); 2108 kfree(bss->rsn_ie);
1991 kfree(bss->wmm_ie); 2109 kfree(bss->wmm_ie);
1992 kfree(bss->ht_ie); 2110 kfree(bss->ht_ie);
2111 kfree(bss_mesh_id(bss));
2112 kfree(bss_mesh_cfg(bss));
1993 kfree(bss); 2113 kfree(bss);
1994} 2114}
1995 2115
@@ -2185,6 +2305,42 @@ static int ieee80211_sta_join_ibss(struct net_device *dev,
2185 return res; 2305 return res;
2186} 2306}
2187 2307
2308u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
2309 struct ieee802_11_elems *elems,
2310 enum ieee80211_band band)
2311{
2312 struct ieee80211_supported_band *sband;
2313 struct ieee80211_rate *bitrates;
2314 size_t num_rates;
2315 u64 supp_rates;
2316 int i, j;
2317 sband = local->hw.wiphy->bands[band];
2318
2319 if (!sband) {
2320 WARN_ON(1);
2321 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2322 }
2323
2324 bitrates = sband->bitrates;
2325 num_rates = sband->n_bitrates;
2326 supp_rates = 0;
2327 for (i = 0; i < elems->supp_rates_len +
2328 elems->ext_supp_rates_len; i++) {
2329 u8 rate = 0;
2330 int own_rate;
2331 if (i < elems->supp_rates_len)
2332 rate = elems->supp_rates[i];
2333 else if (elems->ext_supp_rates)
2334 rate = elems->ext_supp_rates
2335 [i - elems->supp_rates_len];
2336 own_rate = 5 * (rate & 0x7f);
2337 for (j = 0; j < num_rates; j++)
2338 if (bitrates[j].bitrate == own_rate)
2339 supp_rates |= BIT(j);
2340 }
2341 return supp_rates;
2342}
2343
2188 2344
2189static void ieee80211_rx_bss_info(struct net_device *dev, 2345static void ieee80211_rx_bss_info(struct net_device *dev,
2190 struct ieee80211_mgmt *mgmt, 2346 struct ieee80211_mgmt *mgmt,
@@ -2219,41 +2375,23 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
2219 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp); 2375 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
2220 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); 2376 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2221 2377
2222 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates && 2378 if (ieee80211_vif_is_mesh(&sdata->vif) && elems.mesh_id &&
2223 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 && 2379 elems.mesh_config && mesh_matches_local(&elems, dev)) {
2224 (sta = sta_info_get(local, mgmt->sa))) { 2380 u64 rates = ieee80211_sta_get_rates(local, &elems,
2225 struct ieee80211_supported_band *sband; 2381 rx_status->band);
2226 struct ieee80211_rate *bitrates;
2227 size_t num_rates;
2228 u64 supp_rates, prev_rates;
2229 int i, j;
2230 2382
2231 sband = local->hw.wiphy->bands[rx_status->band]; 2383 mesh_neighbour_update(mgmt->sa, rates, dev,
2384 mesh_peer_accepts_plinks(&elems, dev));
2385 }
2232 2386
2233 if (!sband) { 2387 rcu_read_lock();
2234 WARN_ON(1);
2235 sband = local->hw.wiphy->bands[
2236 local->hw.conf.channel->band];
2237 }
2238 2388
2239 bitrates = sband->bitrates; 2389 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
2240 num_rates = sband->n_bitrates; 2390 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
2241 2391 (sta = sta_info_get(local, mgmt->sa))) {
2242 supp_rates = 0; 2392 u64 prev_rates;
2243 for (i = 0; i < elems.supp_rates_len + 2393 u64 supp_rates = ieee80211_sta_get_rates(local, &elems,
2244 elems.ext_supp_rates_len; i++) { 2394 rx_status->band);
2245 u8 rate = 0;
2246 int own_rate;
2247 if (i < elems.supp_rates_len)
2248 rate = elems.supp_rates[i];
2249 else if (elems.ext_supp_rates)
2250 rate = elems.ext_supp_rates
2251 [i - elems.supp_rates_len];
2252 own_rate = 5 * (rate & 0x7f);
2253 for (j = 0; j < num_rates; j++)
2254 if (bitrates[j].bitrate == own_rate)
2255 supp_rates |= BIT(j);
2256 }
2257 2395
2258 prev_rates = sta->supp_rates[rx_status->band]; 2396 prev_rates = sta->supp_rates[rx_status->band];
2259 sta->supp_rates[rx_status->band] &= supp_rates; 2397 sta->supp_rates[rx_status->band] &= supp_rates;
@@ -2273,22 +2411,32 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
2273 (unsigned long long) supp_rates, 2411 (unsigned long long) supp_rates,
2274 (unsigned long long) sta->supp_rates[rx_status->band]); 2412 (unsigned long long) sta->supp_rates[rx_status->band]);
2275 } 2413 }
2276 sta_info_put(sta);
2277 } 2414 }
2278 2415
2279 if (!elems.ssid) 2416 rcu_read_unlock();
2280 return;
2281 2417
2282 if (elems.ds_params && elems.ds_params_len == 1) 2418 if (elems.ds_params && elems.ds_params_len == 1)
2283 freq = ieee80211_channel_to_frequency(elems.ds_params[0]); 2419 freq = ieee80211_channel_to_frequency(elems.ds_params[0]);
2284 else 2420 else
2285 freq = rx_status->freq; 2421 freq = rx_status->freq;
2286 2422
2287 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, freq, 2423#ifdef CONFIG_MAC80211_MESH
2288 elems.ssid, elems.ssid_len); 2424 if (elems.mesh_config)
2289 if (!bss) { 2425 bss = ieee80211_rx_mesh_bss_get(dev, elems.mesh_id,
2290 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, freq, 2426 elems.mesh_id_len, elems.mesh_config, freq);
2427 else
2428#endif
2429 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, freq,
2291 elems.ssid, elems.ssid_len); 2430 elems.ssid, elems.ssid_len);
2431 if (!bss) {
2432#ifdef CONFIG_MAC80211_MESH
2433 if (elems.mesh_config)
2434 bss = ieee80211_rx_mesh_bss_add(dev, elems.mesh_id,
2435 elems.mesh_id_len, elems.mesh_config, freq);
2436 else
2437#endif
2438 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, freq,
2439 elems.ssid, elems.ssid_len);
2292 if (!bss) 2440 if (!bss)
2293 return; 2441 return;
2294 } else { 2442 } else {
@@ -2615,8 +2763,11 @@ static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
2615static void ieee80211_rx_mgmt_action(struct net_device *dev, 2763static void ieee80211_rx_mgmt_action(struct net_device *dev,
2616 struct ieee80211_if_sta *ifsta, 2764 struct ieee80211_if_sta *ifsta,
2617 struct ieee80211_mgmt *mgmt, 2765 struct ieee80211_mgmt *mgmt,
2618 size_t len) 2766 size_t len,
2767 struct ieee80211_rx_status *rx_status)
2619{ 2768{
2769 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2770
2620 if (len < IEEE80211_MIN_ACTION_SIZE) 2771 if (len < IEEE80211_MIN_ACTION_SIZE)
2621 return; 2772 return;
2622 2773
@@ -2648,7 +2799,18 @@ static void ieee80211_rx_mgmt_action(struct net_device *dev,
2648 break; 2799 break;
2649 } 2800 }
2650 break; 2801 break;
2802 case PLINK_CATEGORY:
2803 if (ieee80211_vif_is_mesh(&sdata->vif))
2804 mesh_rx_plink_frame(dev, mgmt, len, rx_status);
2805 break;
2806 case MESH_PATH_SEL_CATEGORY:
2807 if (ieee80211_vif_is_mesh(&sdata->vif))
2808 mesh_rx_path_sel_frame(dev, mgmt, len);
2809 break;
2651 default: 2810 default:
2811 if (net_ratelimit())
2812 printk(KERN_DEBUG "%s: Rx unknown action frame - "
2813 "category=%d\n", dev->name, mgmt->u.action.category);
2652 break; 2814 break;
2653 } 2815 }
2654} 2816}
@@ -2675,13 +2837,13 @@ void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
2675 case IEEE80211_STYPE_PROBE_REQ: 2837 case IEEE80211_STYPE_PROBE_REQ:
2676 case IEEE80211_STYPE_PROBE_RESP: 2838 case IEEE80211_STYPE_PROBE_RESP:
2677 case IEEE80211_STYPE_BEACON: 2839 case IEEE80211_STYPE_BEACON:
2840 case IEEE80211_STYPE_ACTION:
2678 memcpy(skb->cb, rx_status, sizeof(*rx_status)); 2841 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2679 case IEEE80211_STYPE_AUTH: 2842 case IEEE80211_STYPE_AUTH:
2680 case IEEE80211_STYPE_ASSOC_RESP: 2843 case IEEE80211_STYPE_ASSOC_RESP:
2681 case IEEE80211_STYPE_REASSOC_RESP: 2844 case IEEE80211_STYPE_REASSOC_RESP:
2682 case IEEE80211_STYPE_DEAUTH: 2845 case IEEE80211_STYPE_DEAUTH:
2683 case IEEE80211_STYPE_DISASSOC: 2846 case IEEE80211_STYPE_DISASSOC:
2684 case IEEE80211_STYPE_ACTION:
2685 skb_queue_tail(&ifsta->skb_queue, skb); 2847 skb_queue_tail(&ifsta->skb_queue, skb);
2686 queue_work(local->hw.workqueue, &ifsta->work); 2848 queue_work(local->hw.workqueue, &ifsta->work);
2687 return; 2849 return;
@@ -2740,7 +2902,7 @@ static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
2740 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len); 2902 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
2741 break; 2903 break;
2742 case IEEE80211_STYPE_ACTION: 2904 case IEEE80211_STYPE_ACTION:
2743 ieee80211_rx_mgmt_action(dev, ifsta, mgmt, skb->len); 2905 ieee80211_rx_mgmt_action(dev, ifsta, mgmt, skb->len, rx_status);
2744 break; 2906 break;
2745 } 2907 }
2746 2908
@@ -2789,45 +2951,50 @@ static int ieee80211_sta_active_ibss(struct net_device *dev)
2789 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2951 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2790 int active = 0; 2952 int active = 0;
2791 struct sta_info *sta; 2953 struct sta_info *sta;
2954 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2955
2956 rcu_read_lock();
2792 2957
2793 read_lock_bh(&local->sta_lock); 2958 list_for_each_entry_rcu(sta, &local->sta_list, list) {
2794 list_for_each_entry(sta, &local->sta_list, list) { 2959 if (sta->sdata == sdata &&
2795 if (sta->dev == dev &&
2796 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL, 2960 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
2797 jiffies)) { 2961 jiffies)) {
2798 active++; 2962 active++;
2799 break; 2963 break;
2800 } 2964 }
2801 } 2965 }
2802 read_unlock_bh(&local->sta_lock); 2966
2967 rcu_read_unlock();
2803 2968
2804 return active; 2969 return active;
2805} 2970}
2806 2971
2807 2972
2808static void ieee80211_sta_expire(struct net_device *dev) 2973static void ieee80211_sta_expire(struct net_device *dev, unsigned long exp_time)
2809{ 2974{
2810 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2975 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2811 struct sta_info *sta, *tmp; 2976 struct sta_info *sta, *tmp;
2812 LIST_HEAD(tmp_list); 2977 LIST_HEAD(tmp_list);
2813 DECLARE_MAC_BUF(mac); 2978 DECLARE_MAC_BUF(mac);
2979 unsigned long flags;
2814 2980
2815 write_lock_bh(&local->sta_lock); 2981 spin_lock_irqsave(&local->sta_lock, flags);
2816 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) 2982 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
2817 if (time_after(jiffies, sta->last_rx + 2983 if (time_after(jiffies, sta->last_rx + exp_time)) {
2818 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
2819 printk(KERN_DEBUG "%s: expiring inactive STA %s\n", 2984 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
2820 dev->name, print_mac(mac, sta->addr)); 2985 dev->name, print_mac(mac, sta->addr));
2821 __sta_info_get(sta); 2986 sta_info_unlink(&sta);
2822 sta_info_remove(sta); 2987 if (sta)
2823 list_add(&sta->list, &tmp_list); 2988 list_add(&sta->list, &tmp_list);
2824 } 2989 }
2825 write_unlock_bh(&local->sta_lock); 2990 spin_unlock_irqrestore(&local->sta_lock, flags);
2826 2991
2827 list_for_each_entry_safe(sta, tmp, &tmp_list, list) { 2992 synchronize_rcu();
2828 sta_info_free(sta); 2993
2829 sta_info_put(sta); 2994 rtnl_lock();
2830 } 2995 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
2996 sta_info_destroy(sta);
2997 rtnl_unlock();
2831} 2998}
2832 2999
2833 3000
@@ -2836,7 +3003,7 @@ static void ieee80211_sta_merge_ibss(struct net_device *dev,
2836{ 3003{
2837 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL); 3004 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2838 3005
2839 ieee80211_sta_expire(dev); 3006 ieee80211_sta_expire(dev, IEEE80211_IBSS_INACTIVITY_LIMIT);
2840 if (ieee80211_sta_active_ibss(dev)) 3007 if (ieee80211_sta_active_ibss(dev))
2841 return; 3008 return;
2842 3009
@@ -2846,6 +3013,36 @@ static void ieee80211_sta_merge_ibss(struct net_device *dev,
2846} 3013}
2847 3014
2848 3015
3016#ifdef CONFIG_MAC80211_MESH
3017static void ieee80211_mesh_housekeeping(struct net_device *dev,
3018 struct ieee80211_if_sta *ifsta)
3019{
3020 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3021 bool free_plinks;
3022
3023 ieee80211_sta_expire(dev, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
3024 mesh_path_expire(dev);
3025
3026 free_plinks = mesh_plink_availables(sdata);
3027 if (free_plinks != sdata->u.sta.accepting_plinks)
3028 ieee80211_if_config_beacon(dev);
3029
3030 mod_timer(&ifsta->timer, jiffies +
3031 IEEE80211_MESH_HOUSEKEEPING_INTERVAL);
3032}
3033
3034
3035void ieee80211_start_mesh(struct net_device *dev)
3036{
3037 struct ieee80211_if_sta *ifsta;
3038 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3039 ifsta = &sdata->u.sta;
3040 ifsta->state = IEEE80211_MESH_UP;
3041 ieee80211_sta_timer((unsigned long)sdata);
3042}
3043#endif
3044
3045
2849void ieee80211_sta_timer(unsigned long data) 3046void ieee80211_sta_timer(unsigned long data)
2850{ 3047{
2851 struct ieee80211_sub_if_data *sdata = 3048 struct ieee80211_sub_if_data *sdata =
@@ -2857,7 +3054,6 @@ void ieee80211_sta_timer(unsigned long data)
2857 queue_work(local->hw.workqueue, &ifsta->work); 3054 queue_work(local->hw.workqueue, &ifsta->work);
2858} 3055}
2859 3056
2860
2861void ieee80211_sta_work(struct work_struct *work) 3057void ieee80211_sta_work(struct work_struct *work)
2862{ 3058{
2863 struct ieee80211_sub_if_data *sdata = 3059 struct ieee80211_sub_if_data *sdata =
@@ -2874,7 +3070,8 @@ void ieee80211_sta_work(struct work_struct *work)
2874 return; 3070 return;
2875 3071
2876 if (sdata->vif.type != IEEE80211_IF_TYPE_STA && 3072 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
2877 sdata->vif.type != IEEE80211_IF_TYPE_IBSS) { 3073 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
3074 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT) {
2878 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface " 3075 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
2879 "(type=%d)\n", dev->name, sdata->vif.type); 3076 "(type=%d)\n", dev->name, sdata->vif.type);
2880 return; 3077 return;
@@ -2884,6 +3081,13 @@ void ieee80211_sta_work(struct work_struct *work)
2884 while ((skb = skb_dequeue(&ifsta->skb_queue))) 3081 while ((skb = skb_dequeue(&ifsta->skb_queue)))
2885 ieee80211_sta_rx_queued_mgmt(dev, skb); 3082 ieee80211_sta_rx_queued_mgmt(dev, skb);
2886 3083
3084#ifdef CONFIG_MAC80211_MESH
3085 if (ifsta->preq_queue_len &&
3086 time_after(jiffies,
3087 ifsta->last_preq + msecs_to_jiffies(ifsta->mshcfg.dot11MeshHWMPpreqMinInterval)))
3088 mesh_path_start_discovery(dev);
3089#endif
3090
2887 if (ifsta->state != IEEE80211_AUTHENTICATE && 3091 if (ifsta->state != IEEE80211_AUTHENTICATE &&
2888 ifsta->state != IEEE80211_ASSOCIATE && 3092 ifsta->state != IEEE80211_ASSOCIATE &&
2889 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) { 3093 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
@@ -2919,6 +3123,11 @@ void ieee80211_sta_work(struct work_struct *work)
2919 case IEEE80211_IBSS_JOINED: 3123 case IEEE80211_IBSS_JOINED:
2920 ieee80211_sta_merge_ibss(dev, ifsta); 3124 ieee80211_sta_merge_ibss(dev, ifsta);
2921 break; 3125 break;
3126#ifdef CONFIG_MAC80211_MESH
3127 case IEEE80211_MESH_UP:
3128 ieee80211_mesh_housekeeping(dev, ifsta);
3129 break;
3130#endif
2922 default: 3131 default:
2923 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n", 3132 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
2924 ifsta->state); 3133 ifsta->state);
@@ -3123,7 +3332,7 @@ static int ieee80211_sta_create_ibss(struct net_device *dev,
3123 sband = local->hw.wiphy->bands[bss->band]; 3332 sband = local->hw.wiphy->bands[bss->band];
3124 3333
3125 if (local->hw.conf.beacon_int == 0) 3334 if (local->hw.conf.beacon_int == 0)
3126 local->hw.conf.beacon_int = 100; 3335 local->hw.conf.beacon_int = 10000;
3127 bss->beacon_int = local->hw.conf.beacon_int; 3336 bss->beacon_int = local->hw.conf.beacon_int;
3128 bss->last_update = jiffies; 3337 bss->last_update = jiffies;
3129 bss->capability = WLAN_CAPABILITY_IBSS; 3338 bss->capability = WLAN_CAPABILITY_IBSS;
@@ -3367,6 +3576,13 @@ static void ieee80211_send_nullfunc(struct ieee80211_local *local,
3367} 3576}
3368 3577
3369 3578
3579static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
3580{
3581 if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
3582 ieee80211_vif_is_mesh(&sdata->vif))
3583 ieee80211_sta_timer((unsigned long)sdata);
3584}
3585
3370void ieee80211_scan_completed(struct ieee80211_hw *hw) 3586void ieee80211_scan_completed(struct ieee80211_hw *hw)
3371{ 3587{
3372 struct ieee80211_local *local = hw_to_local(hw); 3588 struct ieee80211_local *local = hw_to_local(hw);
@@ -3380,6 +3596,12 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw)
3380 3596
3381 if (local->sta_hw_scanning) { 3597 if (local->sta_hw_scanning) {
3382 local->sta_hw_scanning = 0; 3598 local->sta_hw_scanning = 0;
3599 /* Restart STA timer for HW scan case */
3600 rcu_read_lock();
3601 list_for_each_entry_rcu(sdata, &local->interfaces, list)
3602 ieee80211_restart_sta_timer(sdata);
3603 rcu_read_unlock();
3604
3383 goto done; 3605 goto done;
3384 } 3606 }
3385 3607
@@ -3406,11 +3628,12 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw)
3406 if (sdata->dev == local->mdev) 3628 if (sdata->dev == local->mdev)
3407 continue; 3629 continue;
3408 3630
3409 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) { 3631 /* Tell AP we're back */
3410 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) 3632 if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
3411 ieee80211_send_nullfunc(local, sdata, 0); 3633 sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED)
3412 ieee80211_sta_timer((unsigned long)sdata); 3634 ieee80211_send_nullfunc(local, sdata, 0);
3413 } 3635
3636 ieee80211_restart_sta_timer(sdata);
3414 3637
3415 netif_wake_queue(sdata->dev); 3638 netif_wake_queue(sdata->dev);
3416 } 3639 }
@@ -3654,15 +3877,25 @@ ieee80211_sta_scan_result(struct net_device *dev,
3654 3877
3655 memset(&iwe, 0, sizeof(iwe)); 3878 memset(&iwe, 0, sizeof(iwe));
3656 iwe.cmd = SIOCGIWESSID; 3879 iwe.cmd = SIOCGIWESSID;
3657 iwe.u.data.length = bss->ssid_len; 3880 if (bss_mesh_cfg(bss)) {
3658 iwe.u.data.flags = 1; 3881 iwe.u.data.length = bss_mesh_id_len(bss);
3659 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, 3882 iwe.u.data.flags = 1;
3660 bss->ssid); 3883 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3884 bss_mesh_id(bss));
3885 } else {
3886 iwe.u.data.length = bss->ssid_len;
3887 iwe.u.data.flags = 1;
3888 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3889 bss->ssid);
3890 }
3661 3891
3662 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) { 3892 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
3893 || bss_mesh_cfg(bss)) {
3663 memset(&iwe, 0, sizeof(iwe)); 3894 memset(&iwe, 0, sizeof(iwe));
3664 iwe.cmd = SIOCGIWMODE; 3895 iwe.cmd = SIOCGIWMODE;
3665 if (bss->capability & WLAN_CAPABILITY_ESS) 3896 if (bss_mesh_cfg(bss))
3897 iwe.u.mode = IW_MODE_MESH;
3898 else if (bss->capability & WLAN_CAPABILITY_ESS)
3666 iwe.u.mode = IW_MODE_MASTER; 3899 iwe.u.mode = IW_MODE_MASTER;
3667 else 3900 else
3668 iwe.u.mode = IW_MODE_ADHOC; 3901 iwe.u.mode = IW_MODE_ADHOC;
@@ -3751,6 +3984,45 @@ ieee80211_sta_scan_result(struct net_device *dev,
3751 } 3984 }
3752 } 3985 }
3753 3986
3987 if (bss_mesh_cfg(bss)) {
3988 char *buf;
3989 u8 *cfg = bss_mesh_cfg(bss);
3990 buf = kmalloc(50, GFP_ATOMIC);
3991 if (buf) {
3992 memset(&iwe, 0, sizeof(iwe));
3993 iwe.cmd = IWEVCUSTOM;
3994 sprintf(buf, "Mesh network (version %d)", cfg[0]);
3995 iwe.u.data.length = strlen(buf);
3996 current_ev = iwe_stream_add_point(current_ev, end_buf,
3997 &iwe, buf);
3998 sprintf(buf, "Path Selection Protocol ID: "
3999 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
4000 cfg[4]);
4001 iwe.u.data.length = strlen(buf);
4002 current_ev = iwe_stream_add_point(current_ev, end_buf,
4003 &iwe, buf);
4004 sprintf(buf, "Path Selection Metric ID: "
4005 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
4006 cfg[8]);
4007 iwe.u.data.length = strlen(buf);
4008 current_ev = iwe_stream_add_point(current_ev, end_buf,
4009 &iwe, buf);
4010 sprintf(buf, "Congestion Control Mode ID: "
4011 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
4012 cfg[11], cfg[12]);
4013 iwe.u.data.length = strlen(buf);
4014 current_ev = iwe_stream_add_point(current_ev, end_buf,
4015 &iwe, buf);
4016 sprintf(buf, "Channel Precedence: "
4017 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
4018 cfg[15], cfg[16]);
4019 iwe.u.data.length = strlen(buf);
4020 current_ev = iwe_stream_add_point(current_ev, end_buf,
4021 &iwe, buf);
4022 kfree(buf);
4023 }
4024 }
4025
3754 return current_ev; 4026 return current_ev;
3755} 4027}
3756 4028
@@ -3819,8 +4091,8 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
3819 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n", 4091 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
3820 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name); 4092 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name);
3821 4093
3822 sta = sta_info_add(local, dev, addr, GFP_ATOMIC); 4094 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
3823 if (IS_ERR(sta)) 4095 if (!sta)
3824 return NULL; 4096 return NULL;
3825 4097
3826 sta->flags |= WLAN_STA_AUTHORIZED; 4098 sta->flags |= WLAN_STA_AUTHORIZED;
@@ -3830,7 +4102,12 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
3830 4102
3831 rate_control_rate_init(sta, local); 4103 rate_control_rate_init(sta, local);
3832 4104
3833 return sta; /* caller will call sta_info_put() */ 4105 if (sta_info_insert(sta)) {
4106 sta_info_destroy(sta);
4107 return NULL;
4108 }
4109
4110 return sta;
3834} 4111}
3835 4112
3836 4113
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index eac9c59dbc4d..f91fb4092652 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -20,8 +20,8 @@
20#include "aes_ccm.h" 20#include "aes_ccm.h"
21 21
22 22
23/* 23/**
24 * Key handling basics 24 * DOC: Key handling basics
25 * 25 *
26 * Key handling in mac80211 is done based on per-interface (sub_if_data) 26 * Key handling in mac80211 is done based on per-interface (sub_if_data)
27 * keys and per-station keys. Since each station belongs to an interface, 27 * keys and per-station keys. Since each station belongs to an interface,
@@ -174,6 +174,9 @@ static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
174{ 174{
175 int idx, defkey; 175 int idx, defkey;
176 176
177 if (new)
178 list_add(&new->list, &sdata->key_list);
179
177 if (sta) { 180 if (sta) {
178 rcu_assign_pointer(sta->key, new); 181 rcu_assign_pointer(sta->key, new);
179 } else { 182 } else {
@@ -190,9 +193,6 @@ static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
190 ieee80211_set_default_key(sdata, -1); 193 ieee80211_set_default_key(sdata, -1);
191 194
192 rcu_assign_pointer(sdata->keys[idx], new); 195 rcu_assign_pointer(sdata->keys[idx], new);
193 if (new)
194 list_add(&new->list, &sdata->key_list);
195
196 if (defkey && new) 196 if (defkey && new)
197 ieee80211_set_default_key(sdata, new->conf.keyidx); 197 ieee80211_set_default_key(sdata, new->conf.keyidx);
198 } 198 }
@@ -240,14 +240,17 @@ void ieee80211_key_link(struct ieee80211_key *key,
240 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) { 240 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
241 struct sta_info *ap; 241 struct sta_info *ap;
242 242
243 rcu_read_lock();
244
243 /* same here, the AP could be using QoS */ 245 /* same here, the AP could be using QoS */
244 ap = sta_info_get(key->local, key->sdata->u.sta.bssid); 246 ap = sta_info_get(key->local, key->sdata->u.sta.bssid);
245 if (ap) { 247 if (ap) {
246 if (ap->flags & WLAN_STA_WME) 248 if (ap->flags & WLAN_STA_WME)
247 key->conf.flags |= 249 key->conf.flags |=
248 IEEE80211_KEY_FLAG_WMM_STA; 250 IEEE80211_KEY_FLAG_WMM_STA;
249 sta_info_put(ap);
250 } 251 }
252
253 rcu_read_unlock();
251 } 254 }
252 } 255 }
253 256
@@ -290,6 +293,9 @@ void ieee80211_key_free(struct ieee80211_key *key)
290 __ieee80211_key_replace(key->sdata, key->sta, 293 __ieee80211_key_replace(key->sdata, key->sta,
291 key, NULL); 294 key, NULL);
292 295
296 /*
297 * Do NOT remove this without looking at sta_info_destroy()
298 */
293 synchronize_rcu(); 299 synchronize_rcu();
294 300
295 /* 301 /*
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
new file mode 100644
index 000000000000..594a3356a508
--- /dev/null
+++ b/net/mac80211/mesh.c
@@ -0,0 +1,449 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Authors: Luis Carlos Cobo <luisca@cozybit.com>
4 * Javier Cardona <javier@cozybit.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include "ieee80211_i.h"
12#include "mesh.h"
13
14#define PP_OFFSET 1 /* Path Selection Protocol */
15#define PM_OFFSET 5 /* Path Selection Metric */
16#define CC_OFFSET 9 /* Congestion Control Mode */
17#define CAPAB_OFFSET 17
18#define ACCEPT_PLINKS 0x80
19
20int mesh_allocated;
21static struct kmem_cache *rm_cache;
22
23void ieee80211s_init(void)
24{
25 mesh_pathtbl_init();
26 mesh_allocated = 1;
27 rm_cache = kmem_cache_create("mesh_rmc", sizeof(struct rmc_entry),
28 0, 0, NULL);
29}
30
31void ieee80211s_stop(void)
32{
33 mesh_pathtbl_unregister();
34 kmem_cache_destroy(rm_cache);
35}
36
37/**
38 * mesh_matches_local - check if the config of a mesh point matches ours
39 *
40 * @ie: information elements of a management frame from the mesh peer
41 * @dev: local mesh interface
42 *
43 * This function checks if the mesh configuration of a mesh point matches the
44 * local mesh configuration, i.e. if both nodes belong to the same mesh network.
45 */
46bool mesh_matches_local(struct ieee802_11_elems *ie, struct net_device *dev)
47{
48 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
49 struct ieee80211_if_sta *sta = &sdata->u.sta;
50
51 /*
52 * As support for each feature is added, check for matching
53 * - On mesh config capabilities
54 * - Power Save Support En
55 * - Sync support enabled
56 * - Sync support active
57 * - Sync support required from peer
58 * - MDA enabled
59 * - Power management control on fc
60 */
61 if (sta->mesh_id_len == ie->mesh_id_len &&
62 memcmp(sta->mesh_id, ie->mesh_id, ie->mesh_id_len) == 0 &&
63 memcmp(sta->mesh_pp_id, ie->mesh_config + PP_OFFSET, 4) == 0 &&
64 memcmp(sta->mesh_pm_id, ie->mesh_config + PM_OFFSET, 4) == 0 &&
65 memcmp(sta->mesh_cc_id, ie->mesh_config + CC_OFFSET, 4) == 0)
66 return true;
67
68 return false;
69}
70
71/**
72 * mesh_peer_accepts_plinks - check if an mp is willing to establish peer links
73 *
74 * @ie: information elements of a management frame from the mesh peer
75 * @dev: local mesh interface
76 */
77bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie,
78 struct net_device *dev)
79{
80 return (*(ie->mesh_config + CAPAB_OFFSET) & ACCEPT_PLINKS) != 0;
81}
82
83/**
84 * mesh_accept_plinks_update: update accepting_plink in local mesh beacons
85 *
86 * @sdata: mesh interface in which mesh beacons are going to be updated
87 */
88void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata)
89{
90 bool free_plinks;
91
92 /* In case mesh_plink_free_count > 0 and mesh_plinktbl_capacity == 0,
93 * the mesh interface might be able to establish plinks with peers that
94 * are already on the table but are not on PLINK_ESTAB state. However,
95 * in general the mesh interface is not accepting peer link requests
96 * from new peers, and that must be reflected in the beacon
97 */
98 free_plinks = mesh_plink_availables(sdata);
99
100 if (free_plinks != sdata->u.sta.accepting_plinks)
101 ieee80211_sta_timer((unsigned long) sdata);
102}
103
104void mesh_ids_set_default(struct ieee80211_if_sta *sta)
105{
106 u8 def_id[4] = {0x00, 0x0F, 0xAC, 0xff};
107
108 memcpy(sta->mesh_pp_id, def_id, 4);
109 memcpy(sta->mesh_pm_id, def_id, 4);
110 memcpy(sta->mesh_cc_id, def_id, 4);
111}
112
113int mesh_rmc_init(struct net_device *dev)
114{
115 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
116 int i;
117
118 sdata->u.sta.rmc = kmalloc(sizeof(struct mesh_rmc), GFP_KERNEL);
119 if (!sdata->u.sta.rmc)
120 return -ENOMEM;
121 sdata->u.sta.rmc->idx_mask = RMC_BUCKETS - 1;
122 for (i = 0; i < RMC_BUCKETS; i++)
123 INIT_LIST_HEAD(&sdata->u.sta.rmc->bucket[i].list);
124 return 0;
125}
126
127void mesh_rmc_free(struct net_device *dev)
128{
129 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
130 struct mesh_rmc *rmc = sdata->u.sta.rmc;
131 struct rmc_entry *p, *n;
132 int i;
133
134 if (!sdata->u.sta.rmc)
135 return;
136
137 for (i = 0; i < RMC_BUCKETS; i++)
138 list_for_each_entry_safe(p, n, &rmc->bucket[i].list, list) {
139 list_del(&p->list);
140 kmem_cache_free(rm_cache, p);
141 }
142
143 kfree(rmc);
144 sdata->u.sta.rmc = NULL;
145}
146
147/**
148 * mesh_rmc_check - Check frame in recent multicast cache and add if absent.
149 *
150 * @sa: source address
151 * @mesh_hdr: mesh_header
152 *
153 * Returns: 0 if the frame is not in the cache, nonzero otherwise.
154 *
155 * Checks using the source address and the mesh sequence number if we have
156 * received this frame lately. If the frame is not in the cache, it is added to
157 * it.
158 */
159int mesh_rmc_check(u8 *sa, struct ieee80211s_hdr *mesh_hdr,
160 struct net_device *dev)
161{
162 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
163 struct mesh_rmc *rmc = sdata->u.sta.rmc;
164 u32 seqnum = 0;
165 int entries = 0;
166 u8 idx;
167 struct rmc_entry *p, *n;
168
169 /* Don't care about endianness since only match matters */
170 memcpy(&seqnum, mesh_hdr->seqnum, sizeof(mesh_hdr->seqnum));
171 idx = mesh_hdr->seqnum[0] & rmc->idx_mask;
172 list_for_each_entry_safe(p, n, &rmc->bucket[idx].list, list) {
173 ++entries;
174 if (time_after(jiffies, p->exp_time) ||
175 (entries == RMC_QUEUE_MAX_LEN)) {
176 list_del(&p->list);
177 kmem_cache_free(rm_cache, p);
178 --entries;
179 } else if ((seqnum == p->seqnum)
180 && (memcmp(sa, p->sa, ETH_ALEN) == 0))
181 return -1;
182 }
183
184 p = kmem_cache_alloc(rm_cache, GFP_ATOMIC);
185 if (!p) {
186 printk(KERN_DEBUG "o11s: could not allocate RMC entry\n");
187 return 0;
188 }
189 p->seqnum = seqnum;
190 p->exp_time = jiffies + RMC_TIMEOUT;
191 memcpy(p->sa, sa, ETH_ALEN);
192 list_add(&p->list, &rmc->bucket[idx].list);
193 return 0;
194}
195
196void mesh_mgmt_ies_add(struct sk_buff *skb, struct net_device *dev)
197{
198 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
199 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
200 struct ieee80211_supported_band *sband;
201 u8 *pos;
202 int len, i, rate;
203
204 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
205 len = sband->n_bitrates;
206 if (len > 8)
207 len = 8;
208 pos = skb_put(skb, len + 2);
209 *pos++ = WLAN_EID_SUPP_RATES;
210 *pos++ = len;
211 for (i = 0; i < len; i++) {
212 rate = sband->bitrates[i].bitrate;
213 *pos++ = (u8) (rate / 5);
214 }
215
216 if (sband->n_bitrates > len) {
217 pos = skb_put(skb, sband->n_bitrates - len + 2);
218 *pos++ = WLAN_EID_EXT_SUPP_RATES;
219 *pos++ = sband->n_bitrates - len;
220 for (i = len; i < sband->n_bitrates; i++) {
221 rate = sband->bitrates[i].bitrate;
222 *pos++ = (u8) (rate / 5);
223 }
224 }
225
226 pos = skb_put(skb, 2 + sdata->u.sta.mesh_id_len);
227 *pos++ = WLAN_EID_MESH_ID;
228 *pos++ = sdata->u.sta.mesh_id_len;
229 if (sdata->u.sta.mesh_id_len)
230 memcpy(pos, sdata->u.sta.mesh_id, sdata->u.sta.mesh_id_len);
231
232 pos = skb_put(skb, 21);
233 *pos++ = WLAN_EID_MESH_CONFIG;
234 *pos++ = MESH_CFG_LEN;
235 /* Version */
236 *pos++ = 1;
237
238 /* Active path selection protocol ID */
239 memcpy(pos, sdata->u.sta.mesh_pp_id, 4);
240 pos += 4;
241
242 /* Active path selection metric ID */
243 memcpy(pos, sdata->u.sta.mesh_pm_id, 4);
244 pos += 4;
245
246 /* Congestion control mode identifier */
247 memcpy(pos, sdata->u.sta.mesh_cc_id, 4);
248 pos += 4;
249
250 /* Channel precedence:
251 * Not running simple channel unification protocol
252 */
253 memset(pos, 0x00, 4);
254 pos += 4;
255
256 /* Mesh capability */
257 sdata->u.sta.accepting_plinks = mesh_plink_availables(sdata);
258 *pos++ = sdata->u.sta.accepting_plinks ? ACCEPT_PLINKS : 0x00;
259 *pos++ = 0x00;
260
261 return;
262}
263
264u32 mesh_table_hash(u8 *addr, struct net_device *dev, struct mesh_table *tbl)
265{
266 /* Use last four bytes of hw addr and interface index as hash index */
267 return jhash_2words(*(u32 *)(addr+2), dev->ifindex, tbl->hash_rnd)
268 & tbl->hash_mask;
269}
270
271u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len)
272{
273 if (!mesh_id_len)
274 return 1;
275 else if (mesh_id_len == 1)
276 return (u8) mesh_id[0];
277 else
278 return (u8) (mesh_id[0] + 2 * mesh_id[1]);
279}
280
281struct mesh_table *mesh_table_alloc(int size_order)
282{
283 int i;
284 struct mesh_table *newtbl;
285
286 newtbl = kmalloc(sizeof(struct mesh_table), GFP_KERNEL);
287 if (!newtbl)
288 return NULL;
289
290 newtbl->hash_buckets = kzalloc(sizeof(struct hlist_head) *
291 (1 << size_order), GFP_KERNEL);
292
293 if (!newtbl->hash_buckets) {
294 kfree(newtbl);
295 return NULL;
296 }
297
298 newtbl->hashwlock = kmalloc(sizeof(spinlock_t) *
299 (1 << size_order), GFP_KERNEL);
300 if (!newtbl->hashwlock) {
301 kfree(newtbl->hash_buckets);
302 kfree(newtbl);
303 return NULL;
304 }
305
306 newtbl->size_order = size_order;
307 newtbl->hash_mask = (1 << size_order) - 1;
308 atomic_set(&newtbl->entries, 0);
309 get_random_bytes(&newtbl->hash_rnd,
310 sizeof(newtbl->hash_rnd));
311 for (i = 0; i <= newtbl->hash_mask; i++)
312 spin_lock_init(&newtbl->hashwlock[i]);
313
314 return newtbl;
315}
316
317void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
318{
319 struct hlist_head *mesh_hash;
320 struct hlist_node *p, *q;
321 int i;
322
323 mesh_hash = tbl->hash_buckets;
324 for (i = 0; i <= tbl->hash_mask; i++) {
325 spin_lock(&tbl->hashwlock[i]);
326 hlist_for_each_safe(p, q, &mesh_hash[i]) {
327 tbl->free_node(p, free_leafs);
328 atomic_dec(&tbl->entries);
329 }
330 spin_unlock(&tbl->hashwlock[i]);
331 }
332 kfree(tbl->hash_buckets);
333 kfree(tbl->hashwlock);
334 kfree(tbl);
335}
336
337static void ieee80211_mesh_path_timer(unsigned long data)
338{
339 struct ieee80211_sub_if_data *sdata =
340 (struct ieee80211_sub_if_data *) data;
341 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
342 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
343
344 queue_work(local->hw.workqueue, &ifsta->work);
345}
346
347struct mesh_table *mesh_table_grow(struct mesh_table *tbl)
348{
349 struct mesh_table *newtbl;
350 struct hlist_head *oldhash;
351 struct hlist_node *p;
352 int err = 0;
353 int i;
354
355 if (atomic_read(&tbl->entries)
356 < tbl->mean_chain_len * (tbl->hash_mask + 1)) {
357 err = -EPERM;
358 goto endgrow;
359 }
360
361 newtbl = mesh_table_alloc(tbl->size_order + 1);
362 if (!newtbl) {
363 err = -ENOMEM;
364 goto endgrow;
365 }
366
367 newtbl->free_node = tbl->free_node;
368 newtbl->mean_chain_len = tbl->mean_chain_len;
369 newtbl->copy_node = tbl->copy_node;
370 atomic_set(&newtbl->entries, atomic_read(&tbl->entries));
371
372 oldhash = tbl->hash_buckets;
373 for (i = 0; i <= tbl->hash_mask; i++)
374 hlist_for_each(p, &oldhash[i])
375 tbl->copy_node(p, newtbl);
376
377endgrow:
378 if (err)
379 return NULL;
380 else
381 return newtbl;
382}
383
384/**
385 * ieee80211_new_mesh_header - create a new mesh header
386 * @meshhdr: uninitialized mesh header
387 * @sdata: mesh interface to be used
388 *
389 * Return the header length.
390 */
391int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
392 struct ieee80211_sub_if_data *sdata)
393{
394 meshhdr->flags = 0;
395 meshhdr->ttl = sdata->u.sta.mshcfg.dot11MeshTTL;
396
397 meshhdr->seqnum[0] = sdata->u.sta.mesh_seqnum[0]++;
398 meshhdr->seqnum[1] = sdata->u.sta.mesh_seqnum[1];
399 meshhdr->seqnum[2] = sdata->u.sta.mesh_seqnum[2];
400
401 if (sdata->u.sta.mesh_seqnum[0] == 0) {
402 sdata->u.sta.mesh_seqnum[1]++;
403 if (sdata->u.sta.mesh_seqnum[1] == 0)
404 sdata->u.sta.mesh_seqnum[2]++;
405 }
406
407 return 5;
408}
409
410void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
411{
412 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
413
414 ifsta->mshcfg.dot11MeshRetryTimeout = MESH_RET_T;
415 ifsta->mshcfg.dot11MeshConfirmTimeout = MESH_CONF_T;
416 ifsta->mshcfg.dot11MeshHoldingTimeout = MESH_HOLD_T;
417 ifsta->mshcfg.dot11MeshMaxRetries = MESH_MAX_RETR;
418 ifsta->mshcfg.dot11MeshTTL = MESH_TTL;
419 ifsta->mshcfg.auto_open_plinks = true;
420 ifsta->mshcfg.dot11MeshMaxPeerLinks =
421 MESH_MAX_ESTAB_PLINKS;
422 ifsta->mshcfg.dot11MeshHWMPactivePathTimeout =
423 MESH_PATH_TIMEOUT;
424 ifsta->mshcfg.dot11MeshHWMPpreqMinInterval =
425 MESH_PREQ_MIN_INT;
426 ifsta->mshcfg.dot11MeshHWMPnetDiameterTraversalTime =
427 MESH_DIAM_TRAVERSAL_TIME;
428 ifsta->mshcfg.dot11MeshHWMPmaxPREQretries =
429 MESH_MAX_PREQ_RETRIES;
430 ifsta->mshcfg.path_refresh_time =
431 MESH_PATH_REFRESH_TIME;
432 ifsta->mshcfg.min_discovery_timeout =
433 MESH_MIN_DISCOVERY_TIMEOUT;
434 ifsta->accepting_plinks = true;
435 ifsta->preq_id = 0;
436 ifsta->dsn = 0;
437 atomic_set(&ifsta->mpaths, 0);
438 mesh_rmc_init(sdata->dev);
439 ifsta->last_preq = jiffies;
440 /* Allocate all mesh structures when creating the first mesh interface. */
441 if (!mesh_allocated)
442 ieee80211s_init();
443 mesh_ids_set_default(ifsta);
444 setup_timer(&ifsta->mesh_path_timer,
445 ieee80211_mesh_path_timer,
446 (unsigned long) sdata);
447 INIT_LIST_HEAD(&ifsta->preq_queue.list);
448 spin_lock_init(&ifsta->mesh_preq_queue_lock);
449}
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
new file mode 100644
index 000000000000..742003d3a841
--- /dev/null
+++ b/net/mac80211/mesh.h
@@ -0,0 +1,290 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Authors: Luis Carlos Cobo <luisca@cozybit.com>
4 * Javier Cardona <javier@cozybit.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef IEEE80211S_H
12#define IEEE80211S_H
13
14#include <linux/types.h>
15#include <linux/jhash.h>
16#include "ieee80211_i.h"
17
18
19/* Data structures */
20
21/**
22 * enum mesh_path_flags - mac80211 mesh path flags
23 *
24 *
25 *
26 * @MESH_PATH_ACTIVE: the mesh path is can be used for forwarding
27 * @MESH_PATH_RESOLVED: the discovery process is running for this mesh path
28 * @MESH_PATH_DSN_VALID: the mesh path contains a valid destination sequence
29 * number
30 * @MESH_PATH_FIXED: the mesh path has been manually set and should not be
31 * modified
32 * @MESH_PATH_RESOLVED: the mesh path can has been resolved
33 *
34 * MESH_PATH_RESOLVED and MESH_PATH_DELETE are used by the mesh path timer to
35 * decide when to stop or cancel the mesh path discovery.
36 */
37enum mesh_path_flags {
38 MESH_PATH_ACTIVE = BIT(0),
39 MESH_PATH_RESOLVING = BIT(1),
40 MESH_PATH_DSN_VALID = BIT(2),
41 MESH_PATH_FIXED = BIT(3),
42 MESH_PATH_RESOLVED = BIT(4),
43};
44
45/**
46 * struct mesh_path - mac80211 mesh path structure
47 *
48 * @dst: mesh path destination mac address
49 * @dev: mesh path device
50 * @next_hop: mesh neighbor to which frames for this destination will be
51 * forwarded
52 * @timer: mesh path discovery timer
53 * @frame_queue: pending queue for frames sent to this destination while the
54 * path is unresolved
55 * @dsn: destination sequence number of the destination
56 * @metric: current metric to this destination
57 * @hop_count: hops to destination
58 * @exp_time: in jiffies, when the path will expire or when it expired
59 * @discovery_timeout: timeout (lapse in jiffies) used for the last discovery
60 * retry
61 * @discovery_retries: number of discovery retries
62 * @flags: mesh path flags, as specified on &enum mesh_path_flags
63 * @state_lock: mesh pat state lock
64 *
65 *
66 * The combination of dst and dev is unique in the mesh path table. Since the
67 * next_hop STA is only protected by RCU as well, deleting the STA must also
68 * remove/substitute the mesh_path structure and wait until that is no longer
69 * reachable before destroying the STA completely.
70 */
71struct mesh_path {
72 u8 dst[ETH_ALEN];
73 struct net_device *dev;
74 struct sta_info *next_hop;
75 struct timer_list timer;
76 struct sk_buff_head frame_queue;
77 struct rcu_head rcu;
78 u32 dsn;
79 u32 metric;
80 u8 hop_count;
81 unsigned long exp_time;
82 u32 discovery_timeout;
83 u8 discovery_retries;
84 enum mesh_path_flags flags;
85 spinlock_t state_lock;
86};
87
88/**
89 * struct mesh_table
90 *
91 * @hash_buckets: array of hash buckets of the table
92 * @hashwlock: array of locks to protect write operations, one per bucket
93 * @hash_mask: 2^size_order - 1, used to compute hash idx
94 * @hash_rnd: random value used for hash computations
95 * @entries: number of entries in the table
96 * @free_node: function to free nodes of the table
97 * @copy_node: fuction to copy nodes of the table
98 * @size_order: determines size of the table, there will be 2^size_order hash
99 * buckets
100 * @mean_chain_len: maximum average length for the hash buckets' list, if it is
101 * reached, the table will grow
102 */
103struct mesh_table {
104 /* Number of buckets will be 2^N */
105 struct hlist_head *hash_buckets;
106 spinlock_t *hashwlock; /* One per bucket, for add/del */
107 unsigned int hash_mask; /* (2^size_order) - 1 */
108 __u32 hash_rnd; /* Used for hash generation */
109 atomic_t entries; /* Up to MAX_MESH_NEIGHBOURS */
110 void (*free_node) (struct hlist_node *p, bool free_leafs);
111 void (*copy_node) (struct hlist_node *p, struct mesh_table *newtbl);
112 int size_order;
113 int mean_chain_len;
114};
115
116/* Recent multicast cache */
117/* RMC_BUCKETS must be a power of 2, maximum 256 */
118#define RMC_BUCKETS 256
119#define RMC_QUEUE_MAX_LEN 4
120#define RMC_TIMEOUT (3 * HZ)
121
122/**
123 * struct rmc_entry - entry in the Recent Multicast Cache
124 *
125 * @seqnum: mesh sequence number of the frame
126 * @exp_time: expiration time of the entry, in jiffies
127 * @sa: source address of the frame
128 *
129 * The Recent Multicast Cache keeps track of the latest multicast frames that
130 * have been received by a mesh interface and discards received multicast frames
131 * that are found in the cache.
132 */
133struct rmc_entry {
134 struct list_head list;
135 u32 seqnum;
136 unsigned long exp_time;
137 u8 sa[ETH_ALEN];
138};
139
140struct mesh_rmc {
141 struct rmc_entry bucket[RMC_BUCKETS];
142 u8 idx_mask;
143};
144
145
146/* Mesh IEs constants */
147#define MESH_CFG_LEN 19
148
149/*
150 * MESH_CFG_COMP_LEN Includes:
151 * - Active path selection protocol ID.
152 * - Active path selection metric ID.
153 * - Congestion control mode identifier.
154 * - Channel precedence.
155 * Does not include mesh capabilities, which may vary across nodes in the same
156 * mesh
157 */
158#define MESH_CFG_CMP_LEN 17
159
160/* Default values, timeouts in ms */
161#define MESH_TTL 5
162#define MESH_MAX_RETR 3
163#define MESH_RET_T 100
164#define MESH_CONF_T 100
165#define MESH_HOLD_T 100
166
167#define MESH_PATH_TIMEOUT 5000
168/* Minimum interval between two consecutive PREQs originated by the same
169 * interface
170 */
171#define MESH_PREQ_MIN_INT 10
172#define MESH_DIAM_TRAVERSAL_TIME 50
173/* Paths will be refreshed if they are closer than PATH_REFRESH_TIME to their
174 * expiration
175 */
176#define MESH_PATH_REFRESH_TIME 1000
177#define MESH_MIN_DISCOVERY_TIMEOUT (2 * MESH_DIAM_TRAVERSAL_TIME)
178
179#define MESH_MAX_PREQ_RETRIES 4
180#define MESH_PATH_EXPIRE (600 * HZ)
181
182/* Default maximum number of established plinks per interface */
183#define MESH_MAX_ESTAB_PLINKS 32
184
185/* Default maximum number of plinks per interface */
186#define MESH_MAX_PLINKS 256
187
188/* Maximum number of paths per interface */
189#define MESH_MAX_MPATHS 1024
190
191/* Pending ANA approval */
192#define PLINK_CATEGORY 30
193#define MESH_PATH_SEL_CATEGORY 32
194
195/* Mesh Header Flags */
196#define IEEE80211S_FLAGS_AE 0x3
197
198/* Public interfaces */
199/* Various */
200u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len);
201int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr);
202int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
203 struct ieee80211_sub_if_data *sdata);
204int mesh_rmc_check(u8 *addr, struct ieee80211s_hdr *mesh_hdr,
205 struct net_device *dev);
206bool mesh_matches_local(struct ieee802_11_elems *ie, struct net_device *dev);
207void mesh_ids_set_default(struct ieee80211_if_sta *sta);
208void mesh_mgmt_ies_add(struct sk_buff *skb, struct net_device *dev);
209void mesh_rmc_free(struct net_device *dev);
210int mesh_rmc_init(struct net_device *dev);
211void ieee80211s_init(void);
212void ieee80211s_stop(void);
213void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata);
214
215/* Mesh paths */
216int mesh_nexthop_lookup(u8 *next_hop, struct sk_buff *skb,
217 struct net_device *dev);
218void mesh_path_start_discovery(struct net_device *dev);
219struct mesh_path *mesh_path_lookup(u8 *dst, struct net_device *dev);
220struct mesh_path *mesh_path_lookup_by_idx(int idx, struct net_device *dev);
221void mesh_path_fix_nexthop(struct mesh_path *mpath, struct sta_info *next_hop);
222void mesh_path_expire(struct net_device *dev);
223void mesh_path_flush(struct net_device *dev);
224void mesh_rx_path_sel_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
225 size_t len);
226int mesh_path_add(u8 *dst, struct net_device *dev);
227/* Mesh plinks */
228void mesh_neighbour_update(u8 *hw_addr, u64 rates, struct net_device *dev,
229 bool add);
230bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie,
231 struct net_device *dev);
232void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata);
233void mesh_plink_broken(struct sta_info *sta);
234void mesh_plink_deactivate(struct sta_info *sta);
235int mesh_plink_open(struct sta_info *sta);
236int mesh_plink_close(struct sta_info *sta);
237void mesh_plink_block(struct sta_info *sta);
238void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
239 size_t len, struct ieee80211_rx_status *rx_status);
240
241/* Private interfaces */
242/* Mesh tables */
243struct mesh_table *mesh_table_alloc(int size_order);
244void mesh_table_free(struct mesh_table *tbl, bool free_leafs);
245struct mesh_table *mesh_table_grow(struct mesh_table *tbl);
246u32 mesh_table_hash(u8 *addr, struct net_device *dev, struct mesh_table *tbl);
247/* Mesh paths */
248int mesh_path_error_tx(u8 *dest, __le32 dest_dsn, u8 *ra,
249 struct net_device *dev);
250void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta);
251void mesh_path_flush_pending(struct mesh_path *mpath);
252void mesh_path_tx_pending(struct mesh_path *mpath);
253int mesh_pathtbl_init(void);
254void mesh_pathtbl_unregister(void);
255int mesh_path_del(u8 *addr, struct net_device *dev);
256void mesh_path_timer(unsigned long data);
257void mesh_path_flush_by_nexthop(struct sta_info *sta);
258void mesh_path_discard_frame(struct sk_buff *skb, struct net_device *dev);
259
260#ifdef CONFIG_MAC80211_MESH
261extern int mesh_allocated;
262
263static inline int mesh_plink_free_count(struct ieee80211_sub_if_data *sdata)
264{
265 return sdata->u.sta.mshcfg.dot11MeshMaxPeerLinks -
266 atomic_read(&sdata->u.sta.mshstats.estab_plinks);
267}
268
269static inline bool mesh_plink_availables(struct ieee80211_sub_if_data *sdata)
270{
271 return (min_t(long, mesh_plink_free_count(sdata),
272 MESH_MAX_PLINKS - sdata->local->num_sta)) > 0;
273}
274
275static inline void mesh_path_activate(struct mesh_path *mpath)
276{
277 mpath->flags |= MESH_PATH_ACTIVE | MESH_PATH_RESOLVED;
278}
279
280#define for_each_mesh_entry(x, p, node, i) \
281 for (i = 0; i <= x->hash_mask; i++) \
282 hlist_for_each_entry_rcu(node, p, &x->hash_buckets[i], list)
283
284#else
285#define mesh_allocated 0
286#endif
287
288#define MESH_PREQ(skb) (skb->cb + 30)
289
290#endif /* IEEE80211S_H */
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
new file mode 100644
index 000000000000..576a6e55323e
--- /dev/null
+++ b/net/mac80211/mesh_hwmp.c
@@ -0,0 +1,857 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Author: Luis Carlos Cobo <luisca@cozybit.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <asm/unaligned.h>
11#include "mesh.h"
12
13#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
14
15#define TEST_FRAME_LEN 8192
16#define MAX_METRIC 0xffffffff
17#define ARITH_SHIFT 8
18
19/* Number of frames buffered per destination for unresolved destinations */
20#define MESH_FRAME_QUEUE_LEN 10
21#define MAX_PREQ_QUEUE_LEN 64
22
23/* Destination only */
24#define MP_F_DO 0x1
25/* Reply and forward */
26#define MP_F_RF 0x2
27
28static inline u32 u32_field_get(u8 *preq_elem, int offset, bool ae)
29{
30 if (ae)
31 offset += 6;
32 return le32_to_cpu(get_unaligned((__le32 *) (preq_elem + offset)));
33}
34
35/* HWMP IE processing macros */
36#define AE_F (1<<6)
37#define AE_F_SET(x) (*x & AE_F)
38#define PREQ_IE_FLAGS(x) (*(x))
39#define PREQ_IE_HOPCOUNT(x) (*(x + 1))
40#define PREQ_IE_TTL(x) (*(x + 2))
41#define PREQ_IE_PREQ_ID(x) u32_field_get(x, 3, 0)
42#define PREQ_IE_ORIG_ADDR(x) (x + 7)
43#define PREQ_IE_ORIG_DSN(x) u32_field_get(x, 13, 0);
44#define PREQ_IE_LIFETIME(x) u32_field_get(x, 17, AE_F_SET(x));
45#define PREQ_IE_METRIC(x) u32_field_get(x, 21, AE_F_SET(x));
46#define PREQ_IE_DST_F(x) (*(AE_F_SET(x) ? x + 32 : x + 26))
47#define PREQ_IE_DST_ADDR(x) (AE_F_SET(x) ? x + 33 : x + 27)
48#define PREQ_IE_DST_DSN(x) u32_field_get(x, 33, AE_F_SET(x));
49
50
51#define PREP_IE_FLAGS(x) PREQ_IE_FLAGS(x)
52#define PREP_IE_HOPCOUNT(x) PREQ_IE_HOPCOUNT(x)
53#define PREP_IE_TTL(x) PREQ_IE_TTL(x)
54#define PREP_IE_ORIG_ADDR(x) (x + 3)
55#define PREP_IE_ORIG_DSN(x) u32_field_get(x, 9, 0);
56#define PREP_IE_LIFETIME(x) u32_field_get(x, 13, AE_F_SET(x));
57#define PREP_IE_METRIC(x) u32_field_get(x, 17, AE_F_SET(x));
58#define PREP_IE_DST_ADDR(x) (AE_F_SET(x) ? x + 27 : x + 21)
59#define PREP_IE_DST_DSN(x) u32_field_get(x, 27, AE_F_SET(x));
60
61#define PERR_IE_DST_ADDR(x) (x + 2)
62#define PERR_IE_DST_DSN(x) u32_field_get(x, 8, 0);
63
64#define TU_TO_EXP_TIME(x) (jiffies + msecs_to_jiffies(x * 1024 / 1000))
65#define MSEC_TO_TU(x) (x*1000/1024)
66#define DSN_GT(x, y) ((long) (y) - (long) (x) < 0)
67#define DSN_LT(x, y) ((long) (x) - (long) (y) < 0)
68
69#define net_traversal_jiffies(s) \
70 msecs_to_jiffies(s->u.sta.mshcfg.dot11MeshHWMPnetDiameterTraversalTime)
71#define default_lifetime(s) \
72 MSEC_TO_TU(s->u.sta.mshcfg.dot11MeshHWMPactivePathTimeout)
73#define min_preq_int_jiff(s) \
74 (msecs_to_jiffies(s->u.sta.mshcfg.dot11MeshHWMPpreqMinInterval))
75#define max_preq_retries(s) (s->u.sta.mshcfg.dot11MeshHWMPmaxPREQretries)
76#define disc_timeout_jiff(s) \
77 msecs_to_jiffies(sdata->u.sta.mshcfg.min_discovery_timeout)
78
79enum mpath_frame_type {
80 MPATH_PREQ = 0,
81 MPATH_PREP,
82 MPATH_PERR
83};
84
85static int mesh_path_sel_frame_tx(enum mpath_frame_type action, u8 flags,
86 u8 *orig_addr, __le32 orig_dsn, u8 dst_flags, u8 *dst,
87 __le32 dst_dsn, u8 *da, u8 hop_count, u8 ttl, __le32 lifetime,
88 __le32 metric, __le32 preq_id, struct net_device *dev)
89{
90 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
91 struct sk_buff *skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
92 struct ieee80211_mgmt *mgmt;
93 u8 *pos;
94 int ie_len;
95
96 if (!skb)
97 return -1;
98 skb_reserve(skb, local->hw.extra_tx_headroom);
99 /* 25 is the size of the common mgmt part (24) plus the size of the
100 * common action part (1)
101 */
102 mgmt = (struct ieee80211_mgmt *)
103 skb_put(skb, 25 + sizeof(mgmt->u.action.u.mesh_action));
104 memset(mgmt, 0, 25 + sizeof(mgmt->u.action.u.mesh_action));
105 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
106 IEEE80211_STYPE_ACTION);
107
108 memcpy(mgmt->da, da, ETH_ALEN);
109 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
110 /* BSSID is left zeroed, wildcard value */
111 mgmt->u.action.category = MESH_PATH_SEL_CATEGORY;
112 mgmt->u.action.u.mesh_action.action_code = action;
113
114 switch (action) {
115 case MPATH_PREQ:
116 ie_len = 37;
117 pos = skb_put(skb, 2 + ie_len);
118 *pos++ = WLAN_EID_PREQ;
119 break;
120 case MPATH_PREP:
121 ie_len = 31;
122 pos = skb_put(skb, 2 + ie_len);
123 *pos++ = WLAN_EID_PREP;
124 break;
125 default:
126 kfree(skb);
127 return -ENOTSUPP;
128 break;
129 }
130 *pos++ = ie_len;
131 *pos++ = flags;
132 *pos++ = hop_count;
133 *pos++ = ttl;
134 if (action == MPATH_PREQ) {
135 memcpy(pos, &preq_id, 4);
136 pos += 4;
137 }
138 memcpy(pos, orig_addr, ETH_ALEN);
139 pos += ETH_ALEN;
140 memcpy(pos, &orig_dsn, 4);
141 pos += 4;
142 memcpy(pos, &lifetime, 4);
143 pos += 4;
144 memcpy(pos, &metric, 4);
145 pos += 4;
146 if (action == MPATH_PREQ) {
147 /* destination count */
148 *pos++ = 1;
149 *pos++ = dst_flags;
150 }
151 memcpy(pos, dst, ETH_ALEN);
152 pos += ETH_ALEN;
153 memcpy(pos, &dst_dsn, 4);
154
155 ieee80211_sta_tx(dev, skb, 0);
156 return 0;
157}
158
159/**
160 * mesh_send_path error - Sends a PERR mesh management frame
161 *
162 * @dst: broken destination
163 * @dst_dsn: dsn of the broken destination
164 * @ra: node this frame is addressed to
165 */
166int mesh_path_error_tx(u8 *dst, __le32 dst_dsn, u8 *ra,
167 struct net_device *dev)
168{
169 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
170 struct sk_buff *skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
171 struct ieee80211_mgmt *mgmt;
172 u8 *pos;
173 int ie_len;
174
175 if (!skb)
176 return -1;
177 skb_reserve(skb, local->hw.extra_tx_headroom);
178 /* 25 is the size of the common mgmt part (24) plus the size of the
179 * common action part (1)
180 */
181 mgmt = (struct ieee80211_mgmt *)
182 skb_put(skb, 25 + sizeof(mgmt->u.action.u.mesh_action));
183 memset(mgmt, 0, 25 + sizeof(mgmt->u.action.u.mesh_action));
184 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
185 IEEE80211_STYPE_ACTION);
186
187 memcpy(mgmt->da, ra, ETH_ALEN);
188 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
189 /* BSSID is left zeroed, wildcard value */
190 mgmt->u.action.category = MESH_PATH_SEL_CATEGORY;
191 mgmt->u.action.u.mesh_action.action_code = MPATH_PERR;
192 ie_len = 12;
193 pos = skb_put(skb, 2 + ie_len);
194 *pos++ = WLAN_EID_PERR;
195 *pos++ = ie_len;
196 /* mode flags, reserved */
197 *pos++ = 0;
198 /* number of destinations */
199 *pos++ = 1;
200 memcpy(pos, dst, ETH_ALEN);
201 pos += ETH_ALEN;
202 memcpy(pos, &dst_dsn, 4);
203
204 ieee80211_sta_tx(dev, skb, 0);
205 return 0;
206}
207
208static u32 airtime_link_metric_get(struct ieee80211_local *local,
209 struct sta_info *sta)
210{
211 struct ieee80211_supported_band *sband;
212 /* This should be adjusted for each device */
213 int device_constant = 1 << ARITH_SHIFT;
214 int test_frame_len = TEST_FRAME_LEN << ARITH_SHIFT;
215 int s_unit = 1 << ARITH_SHIFT;
216 int rate, err;
217 u32 tx_time, estimated_retx;
218 u64 result;
219
220 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
221
222 if (sta->fail_avg >= 100)
223 return MAX_METRIC;
224 err = (sta->fail_avg << ARITH_SHIFT) / 100;
225
226 /* bitrate is in units of 100 Kbps, while we need rate in units of
227 * 1Mbps. This will be corrected on tx_time computation.
228 */
229 rate = sband->bitrates[sta->txrate_idx].bitrate;
230 tx_time = (device_constant + 10 * test_frame_len / rate);
231 estimated_retx = ((1 << (2 * ARITH_SHIFT)) / (s_unit - err));
232 result = (tx_time * estimated_retx) >> (2 * ARITH_SHIFT) ;
233 return (u32)result;
234}
235
236/**
237 * hwmp_route_info_get - Update routing info to originator and transmitter
238 *
239 * @dev: local mesh interface
240 * @mgmt: mesh management frame
241 * @hwmp_ie: hwmp information element (PREP or PREQ)
242 *
243 * This function updates the path routing information to the originator and the
244 * transmitter of a HWMP PREQ or PREP fram.
245 *
246 * Returns: metric to frame originator or 0 if the frame should not be further
247 * processed
248 *
249 * Notes: this function is the only place (besides user-provided info) where
250 * path routing information is updated.
251 */
252static u32 hwmp_route_info_get(struct net_device *dev,
253 struct ieee80211_mgmt *mgmt,
254 u8 *hwmp_ie)
255{
256 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
257 struct mesh_path *mpath;
258 struct sta_info *sta;
259 bool fresh_info;
260 u8 *orig_addr, *ta;
261 u32 orig_dsn, orig_metric;
262 unsigned long orig_lifetime, exp_time;
263 u32 last_hop_metric, new_metric;
264 bool process = true;
265 u8 action = mgmt->u.action.u.mesh_action.action_code;
266
267 rcu_read_lock();
268 sta = sta_info_get(local, mgmt->sa);
269 if (!sta) {
270 rcu_read_unlock();
271 return 0;
272 }
273
274 last_hop_metric = airtime_link_metric_get(local, sta);
275 /* Update and check originator routing info */
276 fresh_info = true;
277
278 switch (action) {
279 case MPATH_PREQ:
280 orig_addr = PREQ_IE_ORIG_ADDR(hwmp_ie);
281 orig_dsn = PREQ_IE_ORIG_DSN(hwmp_ie);
282 orig_lifetime = PREQ_IE_LIFETIME(hwmp_ie);
283 orig_metric = PREQ_IE_METRIC(hwmp_ie);
284 break;
285 case MPATH_PREP:
286 /* Originator here refers to the MP that was the destination in
287 * the Path Request. The draft refers to that MP as the
288 * destination address, even though usually it is the origin of
289 * the PREP frame. We divert from the nomenclature in the draft
290 * so that we can easily use a single function to gather path
291 * information from both PREQ and PREP frames.
292 */
293 orig_addr = PREP_IE_ORIG_ADDR(hwmp_ie);
294 orig_dsn = PREP_IE_ORIG_DSN(hwmp_ie);
295 orig_lifetime = PREP_IE_LIFETIME(hwmp_ie);
296 orig_metric = PREP_IE_METRIC(hwmp_ie);
297 break;
298 default:
299 rcu_read_unlock();
300 return 0;
301 }
302 new_metric = orig_metric + last_hop_metric;
303 if (new_metric < orig_metric)
304 new_metric = MAX_METRIC;
305 exp_time = TU_TO_EXP_TIME(orig_lifetime);
306
307 if (memcmp(orig_addr, dev->dev_addr, ETH_ALEN) == 0) {
308 /* This MP is the originator, we are not interested in this
309 * frame, except for updating transmitter's path info.
310 */
311 process = false;
312 fresh_info = false;
313 } else {
314 mpath = mesh_path_lookup(orig_addr, dev);
315 if (mpath) {
316 spin_lock_bh(&mpath->state_lock);
317 if (mpath->flags & MESH_PATH_FIXED)
318 fresh_info = false;
319 else if ((mpath->flags & MESH_PATH_ACTIVE) &&
320 (mpath->flags & MESH_PATH_DSN_VALID)) {
321 if (DSN_GT(mpath->dsn, orig_dsn) ||
322 (mpath->dsn == orig_dsn &&
323 action == MPATH_PREQ &&
324 new_metric > mpath->metric)) {
325 process = false;
326 fresh_info = false;
327 }
328 }
329 } else {
330 mesh_path_add(orig_addr, dev);
331 mpath = mesh_path_lookup(orig_addr, dev);
332 if (!mpath) {
333 rcu_read_unlock();
334 return 0;
335 }
336 spin_lock_bh(&mpath->state_lock);
337 }
338
339 if (fresh_info) {
340 mesh_path_assign_nexthop(mpath, sta);
341 mpath->flags |= MESH_PATH_DSN_VALID;
342 mpath->metric = new_metric;
343 mpath->dsn = orig_dsn;
344 mpath->exp_time = time_after(mpath->exp_time, exp_time)
345 ? mpath->exp_time : exp_time;
346 mesh_path_activate(mpath);
347 spin_unlock_bh(&mpath->state_lock);
348 mesh_path_tx_pending(mpath);
349 /* draft says preq_id should be saved to, but there does
350 * not seem to be any use for it, skipping by now
351 */
352 } else
353 spin_unlock_bh(&mpath->state_lock);
354 }
355
356 /* Update and check transmitter routing info */
357 ta = mgmt->sa;
358 if (memcmp(orig_addr, ta, ETH_ALEN) == 0)
359 fresh_info = false;
360 else {
361 fresh_info = true;
362
363 mpath = mesh_path_lookup(ta, dev);
364 if (mpath) {
365 spin_lock_bh(&mpath->state_lock);
366 if ((mpath->flags & MESH_PATH_FIXED) ||
367 ((mpath->flags & MESH_PATH_ACTIVE) &&
368 (last_hop_metric > mpath->metric)))
369 fresh_info = false;
370 } else {
371 mesh_path_add(ta, dev);
372 mpath = mesh_path_lookup(ta, dev);
373 if (!mpath) {
374 rcu_read_unlock();
375 return 0;
376 }
377 spin_lock_bh(&mpath->state_lock);
378 }
379
380 if (fresh_info) {
381 mesh_path_assign_nexthop(mpath, sta);
382 mpath->flags &= ~MESH_PATH_DSN_VALID;
383 mpath->metric = last_hop_metric;
384 mpath->exp_time = time_after(mpath->exp_time, exp_time)
385 ? mpath->exp_time : exp_time;
386 mesh_path_activate(mpath);
387 spin_unlock_bh(&mpath->state_lock);
388 mesh_path_tx_pending(mpath);
389 } else
390 spin_unlock_bh(&mpath->state_lock);
391 }
392
393 rcu_read_unlock();
394
395 return process ? new_metric : 0;
396}
397
398static void hwmp_preq_frame_process(struct net_device *dev,
399 struct ieee80211_mgmt *mgmt,
400 u8 *preq_elem, u32 metric) {
401 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
402 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
403 struct mesh_path *mpath;
404 u8 *dst_addr, *orig_addr;
405 u8 dst_flags, ttl;
406 u32 orig_dsn, dst_dsn, lifetime;
407 bool reply = false;
408 bool forward = true;
409
410 /* Update destination DSN, if present */
411 dst_addr = PREQ_IE_DST_ADDR(preq_elem);
412 orig_addr = PREQ_IE_ORIG_ADDR(preq_elem);
413 dst_dsn = PREQ_IE_DST_DSN(preq_elem);
414 orig_dsn = PREQ_IE_ORIG_DSN(preq_elem);
415 dst_flags = PREQ_IE_DST_F(preq_elem);
416
417 if (memcmp(dst_addr, dev->dev_addr, ETH_ALEN) == 0) {
418 forward = false;
419 reply = true;
420 metric = 0;
421 if (time_after(jiffies, ifsta->last_dsn_update +
422 net_traversal_jiffies(sdata)) ||
423 time_before(jiffies, ifsta->last_dsn_update)) {
424 dst_dsn = ++ifsta->dsn;
425 ifsta->last_dsn_update = jiffies;
426 }
427 } else {
428 rcu_read_lock();
429 mpath = mesh_path_lookup(dst_addr, dev);
430 if (mpath) {
431 if ((!(mpath->flags & MESH_PATH_DSN_VALID)) ||
432 DSN_LT(mpath->dsn, dst_dsn)) {
433 mpath->dsn = dst_dsn;
434 mpath->flags &= MESH_PATH_DSN_VALID;
435 } else if ((!(dst_flags & MP_F_DO)) &&
436 (mpath->flags & MESH_PATH_ACTIVE)) {
437 reply = true;
438 metric = mpath->metric;
439 dst_dsn = mpath->dsn;
440 if (dst_flags & MP_F_RF)
441 dst_flags |= MP_F_DO;
442 else
443 forward = false;
444 }
445 }
446 rcu_read_unlock();
447 }
448
449 if (reply) {
450 lifetime = PREQ_IE_LIFETIME(preq_elem);
451 ttl = ifsta->mshcfg.dot11MeshTTL;
452 if (ttl != 0)
453 mesh_path_sel_frame_tx(MPATH_PREP, 0, dst_addr,
454 cpu_to_le32(dst_dsn), 0, orig_addr,
455 cpu_to_le32(orig_dsn), mgmt->sa, 0, ttl,
456 cpu_to_le32(lifetime), cpu_to_le32(metric),
457 0, dev);
458 else
459 ifsta->mshstats.dropped_frames_ttl++;
460 }
461
462 if (forward) {
463 u32 preq_id;
464 u8 hopcount, flags;
465
466 ttl = PREQ_IE_TTL(preq_elem);
467 lifetime = PREQ_IE_LIFETIME(preq_elem);
468 if (ttl <= 1) {
469 ifsta->mshstats.dropped_frames_ttl++;
470 return;
471 }
472 --ttl;
473 flags = PREQ_IE_FLAGS(preq_elem);
474 preq_id = PREQ_IE_PREQ_ID(preq_elem);
475 hopcount = PREQ_IE_HOPCOUNT(preq_elem) + 1;
476 mesh_path_sel_frame_tx(MPATH_PREQ, flags, orig_addr,
477 cpu_to_le32(orig_dsn), dst_flags, dst_addr,
478 cpu_to_le32(dst_dsn), dev->broadcast,
479 hopcount, ttl, cpu_to_le32(lifetime),
480 cpu_to_le32(metric), cpu_to_le32(preq_id),
481 dev);
482 ifsta->mshstats.fwded_frames++;
483 }
484}
485
486
487static void hwmp_prep_frame_process(struct net_device *dev,
488 struct ieee80211_mgmt *mgmt,
489 u8 *prep_elem, u32 metric)
490{
491 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
492 struct mesh_path *mpath;
493 u8 *dst_addr, *orig_addr;
494 u8 ttl, hopcount, flags;
495 u8 next_hop[ETH_ALEN];
496 u32 dst_dsn, orig_dsn, lifetime;
497
498 /* Note that we divert from the draft nomenclature and denominate
499 * destination to what the draft refers to as origininator. So in this
500 * function destnation refers to the final destination of the PREP,
501 * which corresponds with the originator of the PREQ which this PREP
502 * replies
503 */
504 dst_addr = PREP_IE_DST_ADDR(prep_elem);
505 if (memcmp(dst_addr, dev->dev_addr, ETH_ALEN) == 0)
506 /* destination, no forwarding required */
507 return;
508
509 ttl = PREP_IE_TTL(prep_elem);
510 if (ttl <= 1) {
511 sdata->u.sta.mshstats.dropped_frames_ttl++;
512 return;
513 }
514
515 rcu_read_lock();
516 mpath = mesh_path_lookup(dst_addr, dev);
517 if (mpath)
518 spin_lock_bh(&mpath->state_lock);
519 else
520 goto fail;
521 if (!(mpath->flags & MESH_PATH_ACTIVE)) {
522 spin_unlock_bh(&mpath->state_lock);
523 goto fail;
524 }
525 memcpy(next_hop, mpath->next_hop->addr, ETH_ALEN);
526 spin_unlock_bh(&mpath->state_lock);
527 --ttl;
528 flags = PREP_IE_FLAGS(prep_elem);
529 lifetime = PREP_IE_LIFETIME(prep_elem);
530 hopcount = PREP_IE_HOPCOUNT(prep_elem) + 1;
531 orig_addr = PREP_IE_ORIG_ADDR(prep_elem);
532 dst_dsn = PREP_IE_DST_DSN(prep_elem);
533 orig_dsn = PREP_IE_ORIG_DSN(prep_elem);
534
535 mesh_path_sel_frame_tx(MPATH_PREP, flags, orig_addr,
536 cpu_to_le32(orig_dsn), 0, dst_addr,
537 cpu_to_le32(dst_dsn), mpath->next_hop->addr, hopcount, ttl,
538 cpu_to_le32(lifetime), cpu_to_le32(metric),
539 0, dev);
540 rcu_read_unlock();
541 sdata->u.sta.mshstats.fwded_frames++;
542 return;
543
544fail:
545 rcu_read_unlock();
546 sdata->u.sta.mshstats.dropped_frames_no_route++;
547 return;
548}
549
550static void hwmp_perr_frame_process(struct net_device *dev,
551 struct ieee80211_mgmt *mgmt, u8 *perr_elem)
552{
553 struct mesh_path *mpath;
554 u8 *ta, *dst_addr;
555 u32 dst_dsn;
556
557 ta = mgmt->sa;
558 dst_addr = PERR_IE_DST_ADDR(perr_elem);
559 dst_dsn = PERR_IE_DST_DSN(perr_elem);
560 rcu_read_lock();
561 mpath = mesh_path_lookup(dst_addr, dev);
562 if (mpath) {
563 spin_lock_bh(&mpath->state_lock);
564 if (mpath->flags & MESH_PATH_ACTIVE &&
565 memcmp(ta, mpath->next_hop->addr, ETH_ALEN) == 0 &&
566 (!(mpath->flags & MESH_PATH_DSN_VALID) ||
567 DSN_GT(dst_dsn, mpath->dsn))) {
568 mpath->flags &= ~MESH_PATH_ACTIVE;
569 mpath->dsn = dst_dsn;
570 spin_unlock_bh(&mpath->state_lock);
571 mesh_path_error_tx(dst_addr, cpu_to_le32(dst_dsn),
572 dev->broadcast, dev);
573 } else
574 spin_unlock_bh(&mpath->state_lock);
575 }
576 rcu_read_unlock();
577}
578
579
580
581void mesh_rx_path_sel_frame(struct net_device *dev,
582 struct ieee80211_mgmt *mgmt,
583 size_t len)
584{
585 struct ieee802_11_elems elems;
586 size_t baselen;
587 u32 last_hop_metric;
588
589 baselen = (u8 *) mgmt->u.action.u.mesh_action.variable - (u8 *) mgmt;
590 ieee802_11_parse_elems(mgmt->u.action.u.mesh_action.variable,
591 len - baselen, &elems);
592
593 switch (mgmt->u.action.u.mesh_action.action_code) {
594 case MPATH_PREQ:
595 if (!elems.preq || elems.preq_len != 37)
596 /* Right now we support just 1 destination and no AE */
597 return;
598 last_hop_metric = hwmp_route_info_get(dev, mgmt, elems.preq);
599 if (!last_hop_metric)
600 return;
601 hwmp_preq_frame_process(dev, mgmt, elems.preq, last_hop_metric);
602 break;
603 case MPATH_PREP:
604 if (!elems.prep || elems.prep_len != 31)
605 /* Right now we support no AE */
606 return;
607 last_hop_metric = hwmp_route_info_get(dev, mgmt, elems.prep);
608 if (!last_hop_metric)
609 return;
610 hwmp_prep_frame_process(dev, mgmt, elems.prep, last_hop_metric);
611 break;
612 case MPATH_PERR:
613 if (!elems.perr || elems.perr_len != 12)
614 /* Right now we support only one destination per PERR */
615 return;
616 hwmp_perr_frame_process(dev, mgmt, elems.perr);
617 default:
618 return;
619 }
620
621}
622
623/**
624 * mesh_queue_preq - queue a PREQ to a given destination
625 *
626 * @mpath: mesh path to discover
627 * @flags: special attributes of the PREQ to be sent
628 *
629 * Locking: the function must be called from within a rcu read lock block.
630 *
631 */
632static void mesh_queue_preq(struct mesh_path *mpath, u8 flags)
633{
634 struct ieee80211_sub_if_data *sdata =
635 IEEE80211_DEV_TO_SUB_IF(mpath->dev);
636 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
637 struct mesh_preq_queue *preq_node;
638
639 preq_node = kmalloc(sizeof(struct mesh_preq_queue), GFP_KERNEL);
640 if (!preq_node) {
641 printk(KERN_DEBUG "Mesh HWMP: could not allocate PREQ node\n");
642 return;
643 }
644
645 spin_lock(&ifsta->mesh_preq_queue_lock);
646 if (ifsta->preq_queue_len == MAX_PREQ_QUEUE_LEN) {
647 spin_unlock(&ifsta->mesh_preq_queue_lock);
648 kfree(preq_node);
649 if (printk_ratelimit())
650 printk(KERN_DEBUG "Mesh HWMP: PREQ node queue full\n");
651 return;
652 }
653
654 memcpy(preq_node->dst, mpath->dst, ETH_ALEN);
655 preq_node->flags = flags;
656
657 list_add_tail(&preq_node->list, &ifsta->preq_queue.list);
658 ++ifsta->preq_queue_len;
659 spin_unlock(&ifsta->mesh_preq_queue_lock);
660
661 if (time_after(jiffies, ifsta->last_preq + min_preq_int_jiff(sdata)))
662 queue_work(sdata->local->hw.workqueue, &ifsta->work);
663
664 else if (time_before(jiffies, ifsta->last_preq)) {
665 /* avoid long wait if did not send preqs for a long time
666 * and jiffies wrapped around
667 */
668 ifsta->last_preq = jiffies - min_preq_int_jiff(sdata) - 1;
669 queue_work(sdata->local->hw.workqueue, &ifsta->work);
670 } else
671 mod_timer(&ifsta->mesh_path_timer, ifsta->last_preq +
672 min_preq_int_jiff(sdata));
673}
674
675/**
676 * mesh_path_start_discovery - launch a path discovery from the PREQ queue
677 *
678 * @dev: local mesh interface
679 */
680void mesh_path_start_discovery(struct net_device *dev)
681{
682 struct ieee80211_sub_if_data *sdata =
683 IEEE80211_DEV_TO_SUB_IF(dev);
684 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
685 struct mesh_preq_queue *preq_node;
686 struct mesh_path *mpath;
687 u8 ttl, dst_flags;
688 u32 lifetime;
689
690 spin_lock(&ifsta->mesh_preq_queue_lock);
691 if (!ifsta->preq_queue_len ||
692 time_before(jiffies, ifsta->last_preq +
693 min_preq_int_jiff(sdata))) {
694 spin_unlock(&ifsta->mesh_preq_queue_lock);
695 return;
696 }
697
698 preq_node = list_first_entry(&ifsta->preq_queue.list,
699 struct mesh_preq_queue, list);
700 list_del(&preq_node->list);
701 --ifsta->preq_queue_len;
702 spin_unlock(&ifsta->mesh_preq_queue_lock);
703
704 rcu_read_lock();
705 mpath = mesh_path_lookup(preq_node->dst, dev);
706 if (!mpath)
707 goto enddiscovery;
708
709 spin_lock_bh(&mpath->state_lock);
710 if (preq_node->flags & PREQ_Q_F_START) {
711 if (mpath->flags & MESH_PATH_RESOLVING) {
712 spin_unlock_bh(&mpath->state_lock);
713 goto enddiscovery;
714 } else {
715 mpath->flags &= ~MESH_PATH_RESOLVED;
716 mpath->flags |= MESH_PATH_RESOLVING;
717 mpath->discovery_retries = 0;
718 mpath->discovery_timeout = disc_timeout_jiff(sdata);
719 }
720 } else if (!(mpath->flags & MESH_PATH_RESOLVING) ||
721 mpath->flags & MESH_PATH_RESOLVED) {
722 mpath->flags &= ~MESH_PATH_RESOLVING;
723 spin_unlock_bh(&mpath->state_lock);
724 goto enddiscovery;
725 }
726
727 ifsta->last_preq = jiffies;
728
729 if (time_after(jiffies, ifsta->last_dsn_update +
730 net_traversal_jiffies(sdata)) ||
731 time_before(jiffies, ifsta->last_dsn_update)) {
732 ++ifsta->dsn;
733 sdata->u.sta.last_dsn_update = jiffies;
734 }
735 lifetime = default_lifetime(sdata);
736 ttl = sdata->u.sta.mshcfg.dot11MeshTTL;
737 if (ttl == 0) {
738 sdata->u.sta.mshstats.dropped_frames_ttl++;
739 spin_unlock_bh(&mpath->state_lock);
740 goto enddiscovery;
741 }
742
743 if (preq_node->flags & PREQ_Q_F_REFRESH)
744 dst_flags = MP_F_DO;
745 else
746 dst_flags = MP_F_RF;
747
748 spin_unlock_bh(&mpath->state_lock);
749 mesh_path_sel_frame_tx(MPATH_PREQ, 0, dev->dev_addr,
750 cpu_to_le32(ifsta->dsn), dst_flags, mpath->dst,
751 cpu_to_le32(mpath->dsn), dev->broadcast, 0,
752 ttl, cpu_to_le32(lifetime), 0,
753 cpu_to_le32(ifsta->preq_id++), dev);
754 mod_timer(&mpath->timer, jiffies + mpath->discovery_timeout);
755
756enddiscovery:
757 rcu_read_unlock();
758 kfree(preq_node);
759}
760
761/**
762 * ieee80211s_lookup_nexthop - put the appropriate next hop on a mesh frame
763 *
764 * @next_hop: output argument for next hop address
765 * @skb: frame to be sent
766 * @dev: network device the frame will be sent through
767 *
768 * Returns: 0 if the next hop was found. Nonzero otherwise. If no next hop is
769 * found, the function will start a path discovery and queue the frame so it is
770 * sent when the path is resolved. This means the caller must not free the skb
771 * in this case.
772 */
773int mesh_nexthop_lookup(u8 *next_hop, struct sk_buff *skb,
774 struct net_device *dev)
775{
776 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
777 struct sk_buff *skb_to_free = NULL;
778 struct mesh_path *mpath;
779 int err = 0;
780
781 rcu_read_lock();
782 mpath = mesh_path_lookup(skb->data, dev);
783
784 if (!mpath) {
785 mesh_path_add(skb->data, dev);
786 mpath = mesh_path_lookup(skb->data, dev);
787 if (!mpath) {
788 dev_kfree_skb(skb);
789 sdata->u.sta.mshstats.dropped_frames_no_route++;
790 err = -ENOSPC;
791 goto endlookup;
792 }
793 }
794
795 if (mpath->flags & MESH_PATH_ACTIVE) {
796 if (time_after(jiffies, mpath->exp_time -
797 msecs_to_jiffies(sdata->u.sta.mshcfg.path_refresh_time))
798 && skb->pkt_type != PACKET_OTHERHOST
799 && !(mpath->flags & MESH_PATH_RESOLVING)
800 && !(mpath->flags & MESH_PATH_FIXED)) {
801 mesh_queue_preq(mpath,
802 PREQ_Q_F_START | PREQ_Q_F_REFRESH);
803 }
804 memcpy(next_hop, mpath->next_hop->addr,
805 ETH_ALEN);
806 } else {
807 if (!(mpath->flags & MESH_PATH_RESOLVING)) {
808 /* Start discovery only if it is not running yet */
809 mesh_queue_preq(mpath, PREQ_Q_F_START);
810 }
811
812 if (skb_queue_len(&mpath->frame_queue) >=
813 MESH_FRAME_QUEUE_LEN) {
814 skb_to_free = mpath->frame_queue.next;
815 skb_unlink(skb_to_free, &mpath->frame_queue);
816 }
817
818 skb_queue_tail(&mpath->frame_queue, skb);
819 if (skb_to_free)
820 mesh_path_discard_frame(skb_to_free, dev);
821 err = -ENOENT;
822 }
823
824endlookup:
825 rcu_read_unlock();
826 return err;
827}
828
829void mesh_path_timer(unsigned long data)
830{
831 struct ieee80211_sub_if_data *sdata;
832 struct mesh_path *mpath;
833
834 rcu_read_lock();
835 mpath = (struct mesh_path *) data;
836 mpath = rcu_dereference(mpath);
837 if (!mpath)
838 goto endmpathtimer;
839 spin_lock_bh(&mpath->state_lock);
840 sdata = IEEE80211_DEV_TO_SUB_IF(mpath->dev);
841 if (mpath->flags & MESH_PATH_RESOLVED ||
842 (!(mpath->flags & MESH_PATH_RESOLVING)))
843 mpath->flags &= ~(MESH_PATH_RESOLVING | MESH_PATH_RESOLVED);
844 else if (mpath->discovery_retries < max_preq_retries(sdata)) {
845 ++mpath->discovery_retries;
846 mpath->discovery_timeout *= 2;
847 mesh_queue_preq(mpath, 0);
848 } else {
849 mpath->flags = 0;
850 mpath->exp_time = jiffies;
851 mesh_path_flush_pending(mpath);
852 }
853
854 spin_unlock_bh(&mpath->state_lock);
855endmpathtimer:
856 rcu_read_unlock();
857}
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
new file mode 100644
index 000000000000..5845dc21ce85
--- /dev/null
+++ b/net/mac80211/mesh_pathtbl.c
@@ -0,0 +1,516 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Author: Luis Carlos Cobo <luisca@cozybit.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/etherdevice.h>
11#include <linux/list.h>
12#include <linux/netdevice.h>
13#include <linux/random.h>
14#include <linux/spinlock.h>
15#include <linux/string.h>
16#include <net/mac80211.h>
17#include "ieee80211_i.h"
18#include "mesh.h"
19
20/* There will be initially 2^INIT_PATHS_SIZE_ORDER buckets */
21#define INIT_PATHS_SIZE_ORDER 2
22
23/* Keep the mean chain length below this constant */
24#define MEAN_CHAIN_LEN 2
25
26#define MPATH_EXPIRED(mpath) ((mpath->flags & MESH_PATH_ACTIVE) && \
27 time_after(jiffies, mpath->exp_time) && \
28 !(mpath->flags & MESH_PATH_FIXED))
29
30struct mpath_node {
31 struct hlist_node list;
32 struct rcu_head rcu;
33 /* This indirection allows two different tables to point to the same
34 * mesh_path structure, useful when resizing
35 */
36 struct mesh_path *mpath;
37};
38
39static struct mesh_table *mesh_paths;
40
41/* This lock will have the grow table function as writer and add / delete nodes
42 * as readers. When reading the table (i.e. doing lookups) we are well protected
43 * by RCU
44 */
45static DEFINE_RWLOCK(pathtbl_resize_lock);
46
47/**
48 *
49 * mesh_path_assign_nexthop - update mesh path next hop
50 *
51 * @mpath: mesh path to update
52 * @sta: next hop to assign
53 *
54 * Locking: mpath->state_lock must be held when calling this function
55 */
56void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta)
57{
58 rcu_assign_pointer(mpath->next_hop, sta);
59}
60
61
62/**
63 * mesh_path_lookup - look up a path in the mesh path table
64 * @dst: hardware address (ETH_ALEN length) of destination
65 * @dev: local interface
66 *
67 * Returns: pointer to the mesh path structure, or NULL if not found
68 *
69 * Locking: must be called within a read rcu section.
70 */
71struct mesh_path *mesh_path_lookup(u8 *dst, struct net_device *dev)
72{
73 struct mesh_path *mpath;
74 struct hlist_node *n;
75 struct hlist_head *bucket;
76 struct mesh_table *tbl;
77 struct mpath_node *node;
78
79 tbl = rcu_dereference(mesh_paths);
80
81 bucket = &tbl->hash_buckets[mesh_table_hash(dst, dev, tbl)];
82 hlist_for_each_entry_rcu(node, n, bucket, list) {
83 mpath = node->mpath;
84 if (mpath->dev == dev &&
85 memcmp(dst, mpath->dst, ETH_ALEN) == 0) {
86 if (MPATH_EXPIRED(mpath)) {
87 spin_lock_bh(&mpath->state_lock);
88 if (MPATH_EXPIRED(mpath))
89 mpath->flags &= ~MESH_PATH_ACTIVE;
90 spin_unlock_bh(&mpath->state_lock);
91 }
92 return mpath;
93 }
94 }
95 return NULL;
96}
97
98/**
99 * mesh_path_lookup_by_idx - look up a path in the mesh path table by its index
100 * @idx: index
101 * @dev: local interface, or NULL for all entries
102 *
103 * Returns: pointer to the mesh path structure, or NULL if not found.
104 *
105 * Locking: must be called within a read rcu section.
106 */
107struct mesh_path *mesh_path_lookup_by_idx(int idx, struct net_device *dev)
108{
109 struct mpath_node *node;
110 struct hlist_node *p;
111 int i;
112 int j = 0;
113
114 for_each_mesh_entry(mesh_paths, p, node, i) {
115 if (dev && node->mpath->dev != dev)
116 continue;
117 if (j++ == idx) {
118 if (MPATH_EXPIRED(node->mpath)) {
119 spin_lock_bh(&node->mpath->state_lock);
120 if (MPATH_EXPIRED(node->mpath))
121 node->mpath->flags &= ~MESH_PATH_ACTIVE;
122 spin_unlock_bh(&node->mpath->state_lock);
123 }
124 return node->mpath;
125 }
126 }
127
128 return NULL;
129}
130
131/**
132 * mesh_path_add - allocate and add a new path to the mesh path table
133 * @addr: destination address of the path (ETH_ALEN length)
134 * @dev: local interface
135 *
136 * Returns: 0 on sucess
137 *
138 * State: the initial state of the new path is set to 0
139 */
140int mesh_path_add(u8 *dst, struct net_device *dev)
141{
142 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
143 struct mesh_path *mpath, *new_mpath;
144 struct mpath_node *node, *new_node;
145 struct hlist_head *bucket;
146 struct hlist_node *n;
147 int grow = 0;
148 int err = 0;
149 u32 hash_idx;
150
151 if (memcmp(dst, dev->dev_addr, ETH_ALEN) == 0)
152 /* never add ourselves as neighbours */
153 return -ENOTSUPP;
154
155 if (is_multicast_ether_addr(dst))
156 return -ENOTSUPP;
157
158 if (atomic_add_unless(&sdata->u.sta.mpaths, 1, MESH_MAX_MPATHS) == 0)
159 return -ENOSPC;
160
161 read_lock(&pathtbl_resize_lock);
162
163 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL);
164 if (!new_mpath) {
165 atomic_dec(&sdata->u.sta.mpaths);
166 err = -ENOMEM;
167 goto endadd2;
168 }
169 memcpy(new_mpath->dst, dst, ETH_ALEN);
170 new_mpath->dev = dev;
171 new_mpath->flags = 0;
172 skb_queue_head_init(&new_mpath->frame_queue);
173 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
174 new_node->mpath = new_mpath;
175 new_mpath->timer.data = (unsigned long) new_mpath;
176 new_mpath->timer.function = mesh_path_timer;
177 new_mpath->exp_time = jiffies;
178 spin_lock_init(&new_mpath->state_lock);
179 init_timer(&new_mpath->timer);
180
181 hash_idx = mesh_table_hash(dst, dev, mesh_paths);
182 bucket = &mesh_paths->hash_buckets[hash_idx];
183
184 spin_lock(&mesh_paths->hashwlock[hash_idx]);
185
186 hlist_for_each_entry(node, n, bucket, list) {
187 mpath = node->mpath;
188 if (mpath->dev == dev && memcmp(dst, mpath->dst, ETH_ALEN)
189 == 0) {
190 err = -EEXIST;
191 atomic_dec(&sdata->u.sta.mpaths);
192 kfree(new_node);
193 kfree(new_mpath);
194 goto endadd;
195 }
196 }
197
198 hlist_add_head_rcu(&new_node->list, bucket);
199 if (atomic_inc_return(&mesh_paths->entries) >=
200 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1))
201 grow = 1;
202
203endadd:
204 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
205endadd2:
206 read_unlock(&pathtbl_resize_lock);
207 if (!err && grow) {
208 struct mesh_table *oldtbl, *newtbl;
209
210 write_lock(&pathtbl_resize_lock);
211 oldtbl = mesh_paths;
212 newtbl = mesh_table_grow(mesh_paths);
213 if (!newtbl) {
214 write_unlock(&pathtbl_resize_lock);
215 return -ENOMEM;
216 }
217 rcu_assign_pointer(mesh_paths, newtbl);
218 synchronize_rcu();
219 mesh_table_free(oldtbl, false);
220 write_unlock(&pathtbl_resize_lock);
221 }
222 return err;
223}
224
225
226/**
227 * mesh_plink_broken - deactivates paths and sends perr when a link breaks
228 *
229 * @sta: broken peer link
230 *
231 * This function must be called from the rate control algorithm if enough
232 * delivery errors suggest that a peer link is no longer usable.
233 */
234void mesh_plink_broken(struct sta_info *sta)
235{
236 struct mesh_path *mpath;
237 struct mpath_node *node;
238 struct hlist_node *p;
239 struct net_device *dev = sta->sdata->dev;
240 int i;
241
242 rcu_read_lock();
243 for_each_mesh_entry(mesh_paths, p, node, i) {
244 mpath = node->mpath;
245 spin_lock_bh(&mpath->state_lock);
246 if (mpath->next_hop == sta &&
247 mpath->flags & MESH_PATH_ACTIVE &&
248 !(mpath->flags & MESH_PATH_FIXED)) {
249 mpath->flags &= ~MESH_PATH_ACTIVE;
250 ++mpath->dsn;
251 spin_unlock_bh(&mpath->state_lock);
252 mesh_path_error_tx(mpath->dst,
253 cpu_to_le32(mpath->dsn),
254 dev->broadcast, dev);
255 } else
256 spin_unlock_bh(&mpath->state_lock);
257 }
258 rcu_read_unlock();
259}
260EXPORT_SYMBOL(mesh_plink_broken);
261
262/**
263 * mesh_path_flush_by_nexthop - Deletes mesh paths if their next hop matches
264 *
265 * @sta - mesh peer to match
266 *
267 * RCU notes: this function is called when a mesh plink transitions from
268 * PLINK_ESTAB to any other state, since PLINK_ESTAB state is the only one that
269 * allows path creation. This will happen before the sta can be freed (because
270 * sta_info_destroy() calls this) so any reader in a rcu read block will be
271 * protected against the plink disappearing.
272 */
273void mesh_path_flush_by_nexthop(struct sta_info *sta)
274{
275 struct mesh_path *mpath;
276 struct mpath_node *node;
277 struct hlist_node *p;
278 int i;
279
280 for_each_mesh_entry(mesh_paths, p, node, i) {
281 mpath = node->mpath;
282 if (mpath->next_hop == sta)
283 mesh_path_del(mpath->dst, mpath->dev);
284 }
285}
286
287void mesh_path_flush(struct net_device *dev)
288{
289 struct mesh_path *mpath;
290 struct mpath_node *node;
291 struct hlist_node *p;
292 int i;
293
294 for_each_mesh_entry(mesh_paths, p, node, i) {
295 mpath = node->mpath;
296 if (mpath->dev == dev)
297 mesh_path_del(mpath->dst, mpath->dev);
298 }
299}
300
301static void mesh_path_node_reclaim(struct rcu_head *rp)
302{
303 struct mpath_node *node = container_of(rp, struct mpath_node, rcu);
304 struct ieee80211_sub_if_data *sdata =
305 IEEE80211_DEV_TO_SUB_IF(node->mpath->dev);
306
307 del_timer_sync(&node->mpath->timer);
308 atomic_dec(&sdata->u.sta.mpaths);
309 kfree(node->mpath);
310 kfree(node);
311}
312
313/**
314 * mesh_path_del - delete a mesh path from the table
315 *
316 * @addr: dst address (ETH_ALEN length)
317 * @dev: local interface
318 *
319 * Returns: 0 if succesful
320 */
321int mesh_path_del(u8 *addr, struct net_device *dev)
322{
323 struct mesh_path *mpath;
324 struct mpath_node *node;
325 struct hlist_head *bucket;
326 struct hlist_node *n;
327 int hash_idx;
328 int err = 0;
329
330 read_lock(&pathtbl_resize_lock);
331 hash_idx = mesh_table_hash(addr, dev, mesh_paths);
332 bucket = &mesh_paths->hash_buckets[hash_idx];
333
334 spin_lock(&mesh_paths->hashwlock[hash_idx]);
335 hlist_for_each_entry(node, n, bucket, list) {
336 mpath = node->mpath;
337 if (mpath->dev == dev &&
338 memcmp(addr, mpath->dst, ETH_ALEN) == 0) {
339 spin_lock_bh(&mpath->state_lock);
340 mpath->flags |= MESH_PATH_RESOLVING;
341 hlist_del_rcu(&node->list);
342 call_rcu(&node->rcu, mesh_path_node_reclaim);
343 atomic_dec(&mesh_paths->entries);
344 spin_unlock_bh(&mpath->state_lock);
345 goto enddel;
346 }
347 }
348
349 err = -ENXIO;
350enddel:
351 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
352 read_unlock(&pathtbl_resize_lock);
353 return err;
354}
355
356/**
357 * mesh_path_tx_pending - sends pending frames in a mesh path queue
358 *
359 * @mpath: mesh path to activate
360 *
361 * Locking: the state_lock of the mpath structure must NOT be held when calling
362 * this function.
363 */
364void mesh_path_tx_pending(struct mesh_path *mpath)
365{
366 struct sk_buff *skb;
367
368 while ((skb = skb_dequeue(&mpath->frame_queue)) &&
369 (mpath->flags & MESH_PATH_ACTIVE))
370 dev_queue_xmit(skb);
371}
372
373/**
374 * mesh_path_discard_frame - discard a frame whose path could not be resolved
375 *
376 * @skb: frame to discard
377 * @dev: network device the frame was to be sent through
378 *
379 * If the frame was beign forwarded from another MP, a PERR frame will be sent
380 * to the precursor.
381 *
382 * Locking: the function must me called within a rcu_read_lock region
383 */
384void mesh_path_discard_frame(struct sk_buff *skb, struct net_device *dev)
385{
386 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
387 struct mesh_path *mpath;
388 u32 dsn = 0;
389
390 if (skb->pkt_type == PACKET_OTHERHOST) {
391 struct ieee80211s_hdr *prev_meshhdr;
392 int mshhdrlen;
393 u8 *ra, *da;
394
395 prev_meshhdr = ((struct ieee80211s_hdr *)skb->cb);
396 mshhdrlen = ieee80211_get_mesh_hdrlen(prev_meshhdr);
397 da = skb->data;
398 ra = MESH_PREQ(skb);
399 mpath = mesh_path_lookup(da, dev);
400 if (mpath)
401 dsn = ++mpath->dsn;
402 mesh_path_error_tx(skb->data, cpu_to_le32(dsn), ra, dev);
403 }
404
405 kfree_skb(skb);
406 sdata->u.sta.mshstats.dropped_frames_no_route++;
407}
408
409/**
410 * mesh_path_flush_pending - free the pending queue of a mesh path
411 *
412 * @mpath: mesh path whose queue has to be freed
413 *
414 * Locking: the function must me called withing a rcu_read_lock region
415 */
416void mesh_path_flush_pending(struct mesh_path *mpath)
417{
418 struct ieee80211_sub_if_data *sdata;
419 struct sk_buff *skb;
420
421 sdata = IEEE80211_DEV_TO_SUB_IF(mpath->dev);
422
423 while ((skb = skb_dequeue(&mpath->frame_queue)) &&
424 (mpath->flags & MESH_PATH_ACTIVE))
425 mesh_path_discard_frame(skb, mpath->dev);
426}
427
428/**
429 * mesh_path_fix_nexthop - force a specific next hop for a mesh path
430 *
431 * @mpath: the mesh path to modify
432 * @next_hop: the next hop to force
433 *
434 * Locking: this function must be called holding mpath->state_lock
435 */
436void mesh_path_fix_nexthop(struct mesh_path *mpath, struct sta_info *next_hop)
437{
438 spin_lock_bh(&mpath->state_lock);
439 mesh_path_assign_nexthop(mpath, next_hop);
440 mpath->dsn = 0xffff;
441 mpath->metric = 0;
442 mpath->hop_count = 0;
443 mpath->exp_time = 0;
444 mpath->flags |= MESH_PATH_FIXED;
445 mesh_path_activate(mpath);
446 spin_unlock_bh(&mpath->state_lock);
447 mesh_path_tx_pending(mpath);
448}
449
450static void mesh_path_node_free(struct hlist_node *p, bool free_leafs)
451{
452 struct mesh_path *mpath;
453 struct mpath_node *node = hlist_entry(p, struct mpath_node, list);
454 mpath = node->mpath;
455 hlist_del_rcu(p);
456 synchronize_rcu();
457 if (free_leafs)
458 kfree(mpath);
459 kfree(node);
460}
461
462static void mesh_path_node_copy(struct hlist_node *p, struct mesh_table *newtbl)
463{
464 struct mesh_path *mpath;
465 struct mpath_node *node, *new_node;
466 u32 hash_idx;
467
468 node = hlist_entry(p, struct mpath_node, list);
469 mpath = node->mpath;
470 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
471 new_node->mpath = mpath;
472 hash_idx = mesh_table_hash(mpath->dst, mpath->dev, newtbl);
473 hlist_add_head(&new_node->list,
474 &newtbl->hash_buckets[hash_idx]);
475}
476
477int mesh_pathtbl_init(void)
478{
479 mesh_paths = mesh_table_alloc(INIT_PATHS_SIZE_ORDER);
480 mesh_paths->free_node = &mesh_path_node_free;
481 mesh_paths->copy_node = &mesh_path_node_copy;
482 mesh_paths->mean_chain_len = MEAN_CHAIN_LEN;
483 if (!mesh_paths)
484 return -ENOMEM;
485 return 0;
486}
487
488void mesh_path_expire(struct net_device *dev)
489{
490 struct mesh_path *mpath;
491 struct mpath_node *node;
492 struct hlist_node *p;
493 int i;
494
495 read_lock(&pathtbl_resize_lock);
496 for_each_mesh_entry(mesh_paths, p, node, i) {
497 if (node->mpath->dev != dev)
498 continue;
499 mpath = node->mpath;
500 spin_lock_bh(&mpath->state_lock);
501 if ((!(mpath->flags & MESH_PATH_RESOLVING)) &&
502 (!(mpath->flags & MESH_PATH_FIXED)) &&
503 time_after(jiffies,
504 mpath->exp_time + MESH_PATH_EXPIRE)) {
505 spin_unlock_bh(&mpath->state_lock);
506 mesh_path_del(mpath->dst, mpath->dev);
507 } else
508 spin_unlock_bh(&mpath->state_lock);
509 }
510 read_unlock(&pathtbl_resize_lock);
511}
512
513void mesh_pathtbl_unregister(void)
514{
515 mesh_table_free(mesh_paths, true);
516}
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
new file mode 100644
index 000000000000..18fe52436c47
--- /dev/null
+++ b/net/mac80211/mesh_plink.c
@@ -0,0 +1,761 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Author: Luis Carlos Cobo <luisca@cozybit.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9#include <linux/kernel.h>
10#include <linux/random.h>
11#include "ieee80211_i.h"
12#include "ieee80211_rate.h"
13#include "mesh.h"
14
15#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
16#define mpl_dbg(fmt, args...) printk(KERN_DEBUG fmt, ##args)
17#else
18#define mpl_dbg(fmt, args...) do { (void)(0); } while (0)
19#endif
20
21#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
22#define PLINK_GET_FRAME_SUBTYPE(p) (p)
23#define PLINK_GET_LLID(p) (p + 1)
24#define PLINK_GET_PLID(p) (p + 3)
25
26#define mod_plink_timer(s, t) (mod_timer(&s->plink_timer, \
27 jiffies + HZ * t / 1000))
28
29/* Peer link cancel reasons, all subject to ANA approval */
30#define MESH_LINK_CANCELLED 2
31#define MESH_MAX_NEIGHBORS 3
32#define MESH_CAPABILITY_POLICY_VIOLATION 4
33#define MESH_CLOSE_RCVD 5
34#define MESH_MAX_RETRIES 6
35#define MESH_CONFIRM_TIMEOUT 7
36#define MESH_SECURITY_ROLE_NEGOTIATION_DIFFERS 8
37#define MESH_SECURITY_AUTHENTICATION_IMPOSSIBLE 9
38#define MESH_SECURITY_FAILED_VERIFICATION 10
39
40#define dot11MeshMaxRetries(s) (s->u.sta.mshcfg.dot11MeshMaxRetries)
41#define dot11MeshRetryTimeout(s) (s->u.sta.mshcfg.dot11MeshRetryTimeout)
42#define dot11MeshConfirmTimeout(s) (s->u.sta.mshcfg.dot11MeshConfirmTimeout)
43#define dot11MeshHoldingTimeout(s) (s->u.sta.mshcfg.dot11MeshHoldingTimeout)
44#define dot11MeshMaxPeerLinks(s) (s->u.sta.mshcfg.dot11MeshMaxPeerLinks)
45
46enum plink_frame_type {
47 PLINK_OPEN = 0,
48 PLINK_CONFIRM,
49 PLINK_CLOSE
50};
51
52enum plink_event {
53 PLINK_UNDEFINED,
54 OPN_ACPT,
55 OPN_RJCT,
56 OPN_IGNR,
57 CNF_ACPT,
58 CNF_RJCT,
59 CNF_IGNR,
60 CLS_ACPT,
61 CLS_IGNR
62};
63
64static inline
65void mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata)
66{
67 atomic_inc(&sdata->u.sta.mshstats.estab_plinks);
68 mesh_accept_plinks_update(sdata);
69}
70
71static inline
72void mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
73{
74 atomic_dec(&sdata->u.sta.mshstats.estab_plinks);
75 mesh_accept_plinks_update(sdata);
76}
77
78/**
79 * mesh_plink_fsm_restart - restart a mesh peer link finite state machine
80 *
81 * @sta: mes peer link to restart
82 *
83 * Locking: this function must be called holding sta->plink_lock
84 */
85static inline void mesh_plink_fsm_restart(struct sta_info *sta)
86{
87 sta->plink_state = PLINK_LISTEN;
88 sta->llid = sta->plid = sta->reason = 0;
89 sta->plink_retries = 0;
90}
91
92static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
93 u8 *hw_addr, u64 rates)
94{
95 struct ieee80211_local *local = sdata->local;
96 struct sta_info *sta;
97
98 if (local->num_sta >= MESH_MAX_PLINKS)
99 return NULL;
100
101 sta = sta_info_alloc(sdata, hw_addr, GFP_ATOMIC);
102 if (!sta)
103 return NULL;
104
105 sta->flags |= WLAN_STA_AUTHORIZED;
106 sta->supp_rates[local->hw.conf.channel->band] = rates;
107
108 return sta;
109}
110
111/**
112 * mesh_plink_deactivate - deactivate mesh peer link
113 *
114 * @sta: mesh peer link to deactivate
115 *
116 * All mesh paths with this peer as next hop will be flushed
117 *
118 * Locking: the caller must hold sta->plink_lock
119 */
120static void __mesh_plink_deactivate(struct sta_info *sta)
121{
122 struct ieee80211_sub_if_data *sdata = sta->sdata;
123
124 if (sta->plink_state == PLINK_ESTAB)
125 mesh_plink_dec_estab_count(sdata);
126 sta->plink_state = PLINK_BLOCKED;
127 mesh_path_flush_by_nexthop(sta);
128}
129
130/**
131 * __mesh_plink_deactivate - deactivate mesh peer link
132 *
133 * @sta: mesh peer link to deactivate
134 *
135 * All mesh paths with this peer as next hop will be flushed
136 */
137void mesh_plink_deactivate(struct sta_info *sta)
138{
139 spin_lock_bh(&sta->plink_lock);
140 __mesh_plink_deactivate(sta);
141 spin_unlock_bh(&sta->plink_lock);
142}
143
144static int mesh_plink_frame_tx(struct net_device *dev,
145 enum plink_frame_type action, u8 *da, __le16 llid, __le16 plid,
146 __le16 reason) {
147 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
148 struct sk_buff *skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
149 struct ieee80211_mgmt *mgmt;
150 bool include_plid = false;
151 u8 *pos;
152 int ie_len;
153
154 if (!skb)
155 return -1;
156 skb_reserve(skb, local->hw.extra_tx_headroom);
157 /* 25 is the size of the common mgmt part (24) plus the size of the
158 * common action part (1)
159 */
160 mgmt = (struct ieee80211_mgmt *)
161 skb_put(skb, 25 + sizeof(mgmt->u.action.u.plink_action));
162 memset(mgmt, 0, 25 + sizeof(mgmt->u.action.u.plink_action));
163 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
164 IEEE80211_STYPE_ACTION);
165 memcpy(mgmt->da, da, ETH_ALEN);
166 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
167 /* BSSID is left zeroed, wildcard value */
168 mgmt->u.action.category = PLINK_CATEGORY;
169 mgmt->u.action.u.plink_action.action_code = action;
170
171 if (action == PLINK_CLOSE)
172 mgmt->u.action.u.plink_action.aux = reason;
173 else {
174 mgmt->u.action.u.plink_action.aux = cpu_to_le16(0x0);
175 if (action == PLINK_CONFIRM) {
176 pos = skb_put(skb, 4);
177 /* two-byte status code followed by two-byte AID */
178 memset(pos, 0, 4);
179 }
180 mesh_mgmt_ies_add(skb, dev);
181 }
182
183 /* Add Peer Link Management element */
184 switch (action) {
185 case PLINK_OPEN:
186 ie_len = 3;
187 break;
188 case PLINK_CONFIRM:
189 ie_len = 5;
190 include_plid = true;
191 break;
192 case PLINK_CLOSE:
193 default:
194 if (!plid)
195 ie_len = 5;
196 else {
197 ie_len = 7;
198 include_plid = true;
199 }
200 break;
201 }
202
203 pos = skb_put(skb, 2 + ie_len);
204 *pos++ = WLAN_EID_PEER_LINK;
205 *pos++ = ie_len;
206 *pos++ = action;
207 memcpy(pos, &llid, 2);
208 if (include_plid) {
209 pos += 2;
210 memcpy(pos, &plid, 2);
211 }
212 if (action == PLINK_CLOSE) {
213 pos += 2;
214 memcpy(pos, &reason, 2);
215 }
216
217 ieee80211_sta_tx(dev, skb, 0);
218 return 0;
219}
220
221void mesh_neighbour_update(u8 *hw_addr, u64 rates, struct net_device *dev,
222 bool peer_accepting_plinks)
223{
224 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
225 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
226 struct sta_info *sta;
227
228 rcu_read_lock();
229
230 sta = sta_info_get(local, hw_addr);
231 if (!sta) {
232 sta = mesh_plink_alloc(sdata, hw_addr, rates);
233 if (!sta) {
234 rcu_read_unlock();
235 return;
236 }
237 if (sta_info_insert(sta)) {
238 sta_info_destroy(sta);
239 rcu_read_unlock();
240 return;
241 }
242 }
243
244 sta->last_rx = jiffies;
245 sta->supp_rates[local->hw.conf.channel->band] = rates;
246 if (peer_accepting_plinks && sta->plink_state == PLINK_LISTEN &&
247 sdata->u.sta.accepting_plinks &&
248 sdata->u.sta.mshcfg.auto_open_plinks)
249 mesh_plink_open(sta);
250
251 rcu_read_unlock();
252}
253
254static void mesh_plink_timer(unsigned long data)
255{
256 struct sta_info *sta;
257 __le16 llid, plid, reason;
258 struct net_device *dev = NULL;
259 struct ieee80211_sub_if_data *sdata;
260#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
261 DECLARE_MAC_BUF(mac);
262#endif
263
264 /*
265 * This STA is valid because sta_info_destroy() will
266 * del_timer_sync() this timer after having made sure
267 * it cannot be readded (by deleting the plink.)
268 */
269 sta = (struct sta_info *) data;
270
271 spin_lock_bh(&sta->plink_lock);
272 if (sta->ignore_plink_timer) {
273 sta->ignore_plink_timer = false;
274 spin_unlock_bh(&sta->plink_lock);
275 return;
276 }
277 mpl_dbg("Mesh plink timer for %s fired on state %d\n",
278 print_mac(mac, sta->addr), sta->plink_state);
279 reason = 0;
280 llid = sta->llid;
281 plid = sta->plid;
282 sdata = sta->sdata;
283 dev = sdata->dev;
284
285 switch (sta->plink_state) {
286 case PLINK_OPN_RCVD:
287 case PLINK_OPN_SNT:
288 /* retry timer */
289 if (sta->plink_retries < dot11MeshMaxRetries(sdata)) {
290 u32 rand;
291 mpl_dbg("Mesh plink for %s (retry, timeout): %d %d\n",
292 print_mac(mac, sta->addr),
293 sta->plink_retries, sta->plink_timeout);
294 get_random_bytes(&rand, sizeof(u32));
295 sta->plink_timeout = sta->plink_timeout +
296 rand % sta->plink_timeout;
297 ++sta->plink_retries;
298 mod_plink_timer(sta, sta->plink_timeout);
299 spin_unlock_bh(&sta->plink_lock);
300 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid,
301 0, 0);
302 break;
303 }
304 reason = cpu_to_le16(MESH_MAX_RETRIES);
305 /* fall through on else */
306 case PLINK_CNF_RCVD:
307 /* confirm timer */
308 if (!reason)
309 reason = cpu_to_le16(MESH_CONFIRM_TIMEOUT);
310 sta->plink_state = PLINK_HOLDING;
311 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
312 spin_unlock_bh(&sta->plink_lock);
313 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, plid,
314 reason);
315 break;
316 case PLINK_HOLDING:
317 /* holding timer */
318 del_timer(&sta->plink_timer);
319 mesh_plink_fsm_restart(sta);
320 spin_unlock_bh(&sta->plink_lock);
321 break;
322 default:
323 spin_unlock_bh(&sta->plink_lock);
324 break;
325 }
326}
327
328static inline void mesh_plink_timer_set(struct sta_info *sta, int timeout)
329{
330 sta->plink_timer.expires = jiffies + (HZ * timeout / 1000);
331 sta->plink_timer.data = (unsigned long) sta;
332 sta->plink_timer.function = mesh_plink_timer;
333 sta->plink_timeout = timeout;
334 add_timer(&sta->plink_timer);
335}
336
337int mesh_plink_open(struct sta_info *sta)
338{
339 __le16 llid;
340 struct ieee80211_sub_if_data *sdata = sta->sdata;
341#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
342 DECLARE_MAC_BUF(mac);
343#endif
344
345 spin_lock_bh(&sta->plink_lock);
346 get_random_bytes(&llid, 2);
347 sta->llid = llid;
348 if (sta->plink_state != PLINK_LISTEN) {
349 spin_unlock_bh(&sta->plink_lock);
350 return -EBUSY;
351 }
352 sta->plink_state = PLINK_OPN_SNT;
353 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
354 spin_unlock_bh(&sta->plink_lock);
355 mpl_dbg("Mesh plink: starting establishment with %s\n",
356 print_mac(mac, sta->addr));
357
358 return mesh_plink_frame_tx(sdata->dev, PLINK_OPEN,
359 sta->addr, llid, 0, 0);
360}
361
362void mesh_plink_block(struct sta_info *sta)
363{
364#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
365 DECLARE_MAC_BUF(mac);
366#endif
367
368 spin_lock_bh(&sta->plink_lock);
369 __mesh_plink_deactivate(sta);
370 sta->plink_state = PLINK_BLOCKED;
371 spin_unlock_bh(&sta->plink_lock);
372}
373
374int mesh_plink_close(struct sta_info *sta)
375{
376 struct ieee80211_sub_if_data *sdata = sta->sdata;
377 __le16 llid, plid, reason;
378#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
379 DECLARE_MAC_BUF(mac);
380#endif
381
382 mpl_dbg("Mesh plink: closing link with %s\n",
383 print_mac(mac, sta->addr));
384 spin_lock_bh(&sta->plink_lock);
385 sta->reason = cpu_to_le16(MESH_LINK_CANCELLED);
386 reason = sta->reason;
387
388 if (sta->plink_state == PLINK_LISTEN ||
389 sta->plink_state == PLINK_BLOCKED) {
390 mesh_plink_fsm_restart(sta);
391 spin_unlock_bh(&sta->plink_lock);
392 return 0;
393 } else if (sta->plink_state == PLINK_ESTAB) {
394 __mesh_plink_deactivate(sta);
395 /* The timer should not be running */
396 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
397 } else if (!mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)))
398 sta->ignore_plink_timer = true;
399
400 sta->plink_state = PLINK_HOLDING;
401 llid = sta->llid;
402 plid = sta->plid;
403 spin_unlock_bh(&sta->plink_lock);
404 mesh_plink_frame_tx(sta->sdata->dev, PLINK_CLOSE, sta->addr, llid,
405 plid, reason);
406 return 0;
407}
408
409void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
410 size_t len, struct ieee80211_rx_status *rx_status)
411{
412 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
413 struct ieee80211_local *local = sdata->local;
414 struct ieee802_11_elems elems;
415 struct sta_info *sta;
416 enum plink_event event;
417 enum plink_frame_type ftype;
418 size_t baselen;
419 u8 ie_len;
420 u8 *baseaddr;
421 __le16 plid, llid, reason;
422#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
423 DECLARE_MAC_BUF(mac);
424#endif
425
426 if (is_multicast_ether_addr(mgmt->da)) {
427 mpl_dbg("Mesh plink: ignore frame from multicast address");
428 return;
429 }
430
431 baseaddr = mgmt->u.action.u.plink_action.variable;
432 baselen = (u8 *) mgmt->u.action.u.plink_action.variable - (u8 *) mgmt;
433 if (mgmt->u.action.u.plink_action.action_code == PLINK_CONFIRM) {
434 baseaddr += 4;
435 baselen -= 4;
436 }
437 ieee802_11_parse_elems(baseaddr, len - baselen, &elems);
438 if (!elems.peer_link) {
439 mpl_dbg("Mesh plink: missing necessary peer link ie\n");
440 return;
441 }
442
443 ftype = *((u8 *)PLINK_GET_FRAME_SUBTYPE(elems.peer_link));
444 ie_len = elems.peer_link_len;
445 if ((ftype == PLINK_OPEN && ie_len != 3) ||
446 (ftype == PLINK_CONFIRM && ie_len != 5) ||
447 (ftype == PLINK_CLOSE && ie_len != 5 && ie_len != 7)) {
448 mpl_dbg("Mesh plink: incorrect plink ie length\n");
449 return;
450 }
451
452 if (ftype != PLINK_CLOSE && (!elems.mesh_id || !elems.mesh_config)) {
453 mpl_dbg("Mesh plink: missing necessary ie\n");
454 return;
455 }
456 /* Note the lines below are correct, the llid in the frame is the plid
457 * from the point of view of this host.
458 */
459 memcpy(&plid, PLINK_GET_LLID(elems.peer_link), 2);
460 if (ftype == PLINK_CONFIRM || (ftype == PLINK_CLOSE && ie_len == 7))
461 memcpy(&llid, PLINK_GET_PLID(elems.peer_link), 2);
462
463 rcu_read_lock();
464
465 sta = sta_info_get(local, mgmt->sa);
466 if (!sta && ftype != PLINK_OPEN) {
467 mpl_dbg("Mesh plink: cls or cnf from unknown peer\n");
468 rcu_read_unlock();
469 return;
470 }
471
472 if (sta && sta->plink_state == PLINK_BLOCKED) {
473 rcu_read_unlock();
474 return;
475 }
476
477 /* Now we will figure out the appropriate event... */
478 event = PLINK_UNDEFINED;
479 if (ftype != PLINK_CLOSE && (!mesh_matches_local(&elems, dev))) {
480 switch (ftype) {
481 case PLINK_OPEN:
482 event = OPN_RJCT;
483 break;
484 case PLINK_CONFIRM:
485 event = CNF_RJCT;
486 break;
487 case PLINK_CLOSE:
488 /* avoid warning */
489 break;
490 }
491 spin_lock_bh(&sta->plink_lock);
492 } else if (!sta) {
493 /* ftype == PLINK_OPEN */
494 u64 rates;
495 if (!mesh_plink_free_count(sdata)) {
496 mpl_dbg("Mesh plink error: no more free plinks\n");
497 rcu_read_unlock();
498 return;
499 }
500
501 rates = ieee80211_sta_get_rates(local, &elems, rx_status->band);
502 sta = mesh_plink_alloc(sdata, mgmt->sa, rates);
503 if (!sta) {
504 mpl_dbg("Mesh plink error: plink table full\n");
505 rcu_read_unlock();
506 return;
507 }
508 if (sta_info_insert(sta)) {
509 sta_info_destroy(sta);
510 rcu_read_unlock();
511 return;
512 }
513 event = OPN_ACPT;
514 spin_lock_bh(&sta->plink_lock);
515 } else {
516 spin_lock_bh(&sta->plink_lock);
517 switch (ftype) {
518 case PLINK_OPEN:
519 if (!mesh_plink_free_count(sdata) ||
520 (sta->plid && sta->plid != plid))
521 event = OPN_IGNR;
522 else
523 event = OPN_ACPT;
524 break;
525 case PLINK_CONFIRM:
526 if (!mesh_plink_free_count(sdata) ||
527 (sta->llid != llid || sta->plid != plid))
528 event = CNF_IGNR;
529 else
530 event = CNF_ACPT;
531 break;
532 case PLINK_CLOSE:
533 if (sta->plink_state == PLINK_ESTAB)
534 /* Do not check for llid or plid. This does not
535 * follow the standard but since multiple plinks
536 * per sta are not supported, it is necessary in
537 * order to avoid a livelock when MP A sees an
538 * establish peer link to MP B but MP B does not
539 * see it. This can be caused by a timeout in
540 * B's peer link establishment or B beign
541 * restarted.
542 */
543 event = CLS_ACPT;
544 else if (sta->plid != plid)
545 event = CLS_IGNR;
546 else if (ie_len == 7 && sta->llid != llid)
547 event = CLS_IGNR;
548 else
549 event = CLS_ACPT;
550 break;
551 default:
552 mpl_dbg("Mesh plink: unknown frame subtype\n");
553 spin_unlock_bh(&sta->plink_lock);
554 rcu_read_unlock();
555 return;
556 }
557 }
558
559 mpl_dbg("Mesh plink (peer, state, llid, plid, event): %s %d %d %d %d\n",
560 print_mac(mac, mgmt->sa), sta->plink_state,
561 le16_to_cpu(sta->llid), le16_to_cpu(sta->plid),
562 event);
563 reason = 0;
564 switch (sta->plink_state) {
565 /* spin_unlock as soon as state is updated at each case */
566 case PLINK_LISTEN:
567 switch (event) {
568 case CLS_ACPT:
569 mesh_plink_fsm_restart(sta);
570 spin_unlock_bh(&sta->plink_lock);
571 break;
572 case OPN_ACPT:
573 sta->plink_state = PLINK_OPN_RCVD;
574 sta->plid = plid;
575 get_random_bytes(&llid, 2);
576 sta->llid = llid;
577 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
578 spin_unlock_bh(&sta->plink_lock);
579 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid,
580 0, 0);
581 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr,
582 llid, plid, 0);
583 break;
584 default:
585 spin_unlock_bh(&sta->plink_lock);
586 break;
587 }
588 break;
589
590 case PLINK_OPN_SNT:
591 switch (event) {
592 case OPN_RJCT:
593 case CNF_RJCT:
594 reason = cpu_to_le16(MESH_CAPABILITY_POLICY_VIOLATION);
595 case CLS_ACPT:
596 if (!reason)
597 reason = cpu_to_le16(MESH_CLOSE_RCVD);
598 sta->reason = reason;
599 sta->plink_state = PLINK_HOLDING;
600 if (!mod_plink_timer(sta,
601 dot11MeshHoldingTimeout(sdata)))
602 sta->ignore_plink_timer = true;
603
604 llid = sta->llid;
605 spin_unlock_bh(&sta->plink_lock);
606 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
607 plid, reason);
608 break;
609 case OPN_ACPT:
610 /* retry timer is left untouched */
611 sta->plink_state = PLINK_OPN_RCVD;
612 sta->plid = plid;
613 llid = sta->llid;
614 spin_unlock_bh(&sta->plink_lock);
615 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
616 plid, 0);
617 break;
618 case CNF_ACPT:
619 sta->plink_state = PLINK_CNF_RCVD;
620 if (!mod_plink_timer(sta,
621 dot11MeshConfirmTimeout(sdata)))
622 sta->ignore_plink_timer = true;
623
624 spin_unlock_bh(&sta->plink_lock);
625 break;
626 default:
627 spin_unlock_bh(&sta->plink_lock);
628 break;
629 }
630 break;
631
632 case PLINK_OPN_RCVD:
633 switch (event) {
634 case OPN_RJCT:
635 case CNF_RJCT:
636 reason = cpu_to_le16(MESH_CAPABILITY_POLICY_VIOLATION);
637 case CLS_ACPT:
638 if (!reason)
639 reason = cpu_to_le16(MESH_CLOSE_RCVD);
640 sta->reason = reason;
641 sta->plink_state = PLINK_HOLDING;
642 if (!mod_plink_timer(sta,
643 dot11MeshHoldingTimeout(sdata)))
644 sta->ignore_plink_timer = true;
645
646 llid = sta->llid;
647 spin_unlock_bh(&sta->plink_lock);
648 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
649 plid, reason);
650 break;
651 case OPN_ACPT:
652 llid = sta->llid;
653 spin_unlock_bh(&sta->plink_lock);
654 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
655 plid, 0);
656 break;
657 case CNF_ACPT:
658 del_timer(&sta->plink_timer);
659 sta->plink_state = PLINK_ESTAB;
660 mesh_plink_inc_estab_count(sdata);
661 spin_unlock_bh(&sta->plink_lock);
662 mpl_dbg("Mesh plink with %s ESTABLISHED\n",
663 print_mac(mac, sta->addr));
664 break;
665 default:
666 spin_unlock_bh(&sta->plink_lock);
667 break;
668 }
669 break;
670
671 case PLINK_CNF_RCVD:
672 switch (event) {
673 case OPN_RJCT:
674 case CNF_RJCT:
675 reason = cpu_to_le16(MESH_CAPABILITY_POLICY_VIOLATION);
676 case CLS_ACPT:
677 if (!reason)
678 reason = cpu_to_le16(MESH_CLOSE_RCVD);
679 sta->reason = reason;
680 sta->plink_state = PLINK_HOLDING;
681 if (!mod_plink_timer(sta,
682 dot11MeshHoldingTimeout(sdata)))
683 sta->ignore_plink_timer = true;
684
685 llid = sta->llid;
686 spin_unlock_bh(&sta->plink_lock);
687 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
688 plid, reason);
689 break;
690 case OPN_ACPT:
691 del_timer(&sta->plink_timer);
692 sta->plink_state = PLINK_ESTAB;
693 mesh_plink_inc_estab_count(sdata);
694 spin_unlock_bh(&sta->plink_lock);
695 mpl_dbg("Mesh plink with %s ESTABLISHED\n",
696 print_mac(mac, sta->addr));
697 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
698 plid, 0);
699 break;
700 default:
701 spin_unlock_bh(&sta->plink_lock);
702 break;
703 }
704 break;
705
706 case PLINK_ESTAB:
707 switch (event) {
708 case CLS_ACPT:
709 reason = cpu_to_le16(MESH_CLOSE_RCVD);
710 sta->reason = reason;
711 __mesh_plink_deactivate(sta);
712 sta->plink_state = PLINK_HOLDING;
713 llid = sta->llid;
714 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
715 spin_unlock_bh(&sta->plink_lock);
716 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
717 plid, reason);
718 break;
719 case OPN_ACPT:
720 llid = sta->llid;
721 spin_unlock_bh(&sta->plink_lock);
722 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
723 plid, 0);
724 break;
725 default:
726 spin_unlock_bh(&sta->plink_lock);
727 break;
728 }
729 break;
730 case PLINK_HOLDING:
731 switch (event) {
732 case CLS_ACPT:
733 if (del_timer(&sta->plink_timer))
734 sta->ignore_plink_timer = 1;
735 mesh_plink_fsm_restart(sta);
736 spin_unlock_bh(&sta->plink_lock);
737 break;
738 case OPN_ACPT:
739 case CNF_ACPT:
740 case OPN_RJCT:
741 case CNF_RJCT:
742 llid = sta->llid;
743 reason = sta->reason;
744 spin_unlock_bh(&sta->plink_lock);
745 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
746 plid, reason);
747 break;
748 default:
749 spin_unlock_bh(&sta->plink_lock);
750 }
751 break;
752 default:
753 /* should not get here, PLINK_BLOCKED is dealt with at the
754 * beggining of the function
755 */
756 spin_unlock_bh(&sta->plink_lock);
757 break;
758 }
759
760 rcu_read_unlock();
761}
diff --git a/net/mac80211/rc80211_pid_algo.c b/net/mac80211/rc80211_pid_algo.c
index 9762803e4876..a1993161de99 100644
--- a/net/mac80211/rc80211_pid_algo.c
+++ b/net/mac80211/rc80211_pid_algo.c
@@ -15,7 +15,7 @@
15#include <linux/debugfs.h> 15#include <linux/debugfs.h>
16#include <net/mac80211.h> 16#include <net/mac80211.h>
17#include "ieee80211_rate.h" 17#include "ieee80211_rate.h"
18 18#include "mesh.h"
19#include "rc80211_pid.h" 19#include "rc80211_pid.h"
20 20
21 21
@@ -77,7 +77,7 @@ static void rate_control_pid_adjust_rate(struct ieee80211_local *local,
77 int cur_sorted, new_sorted, probe, tmp, n_bitrates, band; 77 int cur_sorted, new_sorted, probe, tmp, n_bitrates, band;
78 int cur = sta->txrate_idx; 78 int cur = sta->txrate_idx;
79 79
80 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 80 sdata = sta->sdata;
81 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 81 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
82 band = sband->band; 82 band = sband->band;
83 n_bitrates = sband->n_bitrates; 83 n_bitrates = sband->n_bitrates;
@@ -148,6 +148,9 @@ static void rate_control_pid_sample(struct rc_pid_info *pinfo,
148 struct ieee80211_local *local, 148 struct ieee80211_local *local,
149 struct sta_info *sta) 149 struct sta_info *sta)
150{ 150{
151#ifdef CONFIG_MAC80211_MESH
152 struct ieee80211_sub_if_data *sdata = sta->sdata;
153#endif
151 struct rc_pid_sta_info *spinfo = sta->rate_ctrl_priv; 154 struct rc_pid_sta_info *spinfo = sta->rate_ctrl_priv;
152 struct rc_pid_rateinfo *rinfo = pinfo->rinfo; 155 struct rc_pid_rateinfo *rinfo = pinfo->rinfo;
153 struct ieee80211_supported_band *sband; 156 struct ieee80211_supported_band *sband;
@@ -178,7 +181,14 @@ static void rate_control_pid_sample(struct rc_pid_info *pinfo,
178 pf = spinfo->last_pf; 181 pf = spinfo->last_pf;
179 else { 182 else {
180 pf = spinfo->tx_num_failed * 100 / spinfo->tx_num_xmit; 183 pf = spinfo->tx_num_failed * 100 / spinfo->tx_num_xmit;
184#ifdef CONFIG_MAC80211_MESH
185 if (pf == 100 &&
186 sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT)
187 mesh_plink_broken(sta);
188#endif
181 pf <<= RC_PID_ARITH_SHIFT; 189 pf <<= RC_PID_ARITH_SHIFT;
190 sta->fail_avg = ((pf + (spinfo->last_pf << 3)) / 9)
191 >> RC_PID_ARITH_SHIFT;
182 } 192 }
183 193
184 spinfo->tx_num_xmit = 0; 194 spinfo->tx_num_xmit = 0;
@@ -239,23 +249,25 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
239 unsigned long period; 249 unsigned long period;
240 struct ieee80211_supported_band *sband; 250 struct ieee80211_supported_band *sband;
241 251
252 rcu_read_lock();
253
242 sta = sta_info_get(local, hdr->addr1); 254 sta = sta_info_get(local, hdr->addr1);
243 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 255 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
244 256
245 if (!sta) 257 if (!sta)
246 return; 258 goto unlock;
247 259
248 /* Don't update the state if we're not controlling the rate. */ 260 /* Don't update the state if we're not controlling the rate. */
249 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 261 sdata = sta->sdata;
250 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) { 262 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
251 sta->txrate_idx = sdata->bss->max_ratectrl_rateidx; 263 sta->txrate_idx = sdata->bss->max_ratectrl_rateidx;
252 return; 264 goto unlock;
253 } 265 }
254 266
255 /* Ignore all frames that were sent with a different rate than the rate 267 /* Ignore all frames that were sent with a different rate than the rate
256 * we currently advise mac80211 to use. */ 268 * we currently advise mac80211 to use. */
257 if (status->control.tx_rate != &sband->bitrates[sta->txrate_idx]) 269 if (status->control.tx_rate != &sband->bitrates[sta->txrate_idx])
258 goto ignore; 270 goto unlock;
259 271
260 spinfo = sta->rate_ctrl_priv; 272 spinfo = sta->rate_ctrl_priv;
261 spinfo->tx_num_xmit++; 273 spinfo->tx_num_xmit++;
@@ -293,8 +305,8 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
293 if (time_after(jiffies, spinfo->last_sample + period)) 305 if (time_after(jiffies, spinfo->last_sample + period))
294 rate_control_pid_sample(pinfo, local, sta); 306 rate_control_pid_sample(pinfo, local, sta);
295 307
296ignore: 308 unlock:
297 sta_info_put(sta); 309 rcu_read_unlock();
298} 310}
299 311
300static void rate_control_pid_get_rate(void *priv, struct net_device *dev, 312static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
@@ -309,6 +321,8 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
309 int rateidx; 321 int rateidx;
310 u16 fc; 322 u16 fc;
311 323
324 rcu_read_lock();
325
312 sta = sta_info_get(local, hdr->addr1); 326 sta = sta_info_get(local, hdr->addr1);
313 327
314 /* Send management frames and broadcast/multicast data using lowest 328 /* Send management frames and broadcast/multicast data using lowest
@@ -317,8 +331,7 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
317 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || 331 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
318 is_multicast_ether_addr(hdr->addr1) || !sta) { 332 is_multicast_ether_addr(hdr->addr1) || !sta) {
319 sel->rate = rate_lowest(local, sband, sta); 333 sel->rate = rate_lowest(local, sband, sta);
320 if (sta) 334 rcu_read_unlock();
321 sta_info_put(sta);
322 return; 335 return;
323 } 336 }
324 337
@@ -334,7 +347,7 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
334 347
335 sta->last_txrate_idx = rateidx; 348 sta->last_txrate_idx = rateidx;
336 349
337 sta_info_put(sta); 350 rcu_read_unlock();
338 351
339 sel->rate = &sband->bitrates[rateidx]; 352 sel->rate = &sband->bitrates[rateidx];
340 353
@@ -357,6 +370,7 @@ static void rate_control_pid_rate_init(void *priv, void *priv_sta,
357 370
358 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 371 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
359 sta->txrate_idx = rate_lowest_index(local, sband, sta); 372 sta->txrate_idx = rate_lowest_index(local, sband, sta);
373 sta->fail_avg = 0;
360} 374}
361 375
362static void *rate_control_pid_alloc(struct ieee80211_local *local) 376static void *rate_control_pid_alloc(struct ieee80211_local *local)
diff --git a/net/mac80211/rc80211_simple.c b/net/mac80211/rc80211_simple.c
index bcc541d4b95c..4f72fdca7f12 100644
--- a/net/mac80211/rc80211_simple.c
+++ b/net/mac80211/rc80211_simple.c
@@ -40,7 +40,7 @@ static void rate_control_rate_inc(struct ieee80211_local *local,
40 int i = sta->txrate_idx; 40 int i = sta->txrate_idx;
41 int maxrate; 41 int maxrate;
42 42
43 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 43 sdata = sta->sdata;
44 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) { 44 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
45 /* forced unicast rate - do not change STA rate */ 45 /* forced unicast rate - do not change STA rate */
46 return; 46 return;
@@ -70,7 +70,7 @@ static void rate_control_rate_dec(struct ieee80211_local *local,
70 struct ieee80211_supported_band *sband; 70 struct ieee80211_supported_band *sband;
71 int i = sta->txrate_idx; 71 int i = sta->txrate_idx;
72 72
73 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 73 sdata = sta->sdata;
74 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) { 74 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
75 /* forced unicast rate - do not change STA rate */ 75 /* forced unicast rate - do not change STA rate */
76 return; 76 return;
@@ -118,10 +118,12 @@ static void rate_control_simple_tx_status(void *priv, struct net_device *dev,
118 struct sta_info *sta; 118 struct sta_info *sta;
119 struct sta_rate_control *srctrl; 119 struct sta_rate_control *srctrl;
120 120
121 rcu_read_lock();
122
121 sta = sta_info_get(local, hdr->addr1); 123 sta = sta_info_get(local, hdr->addr1);
122 124
123 if (!sta) 125 if (!sta)
124 return; 126 goto unlock;
125 127
126 srctrl = sta->rate_ctrl_priv; 128 srctrl = sta->rate_ctrl_priv;
127 srctrl->tx_num_xmit++; 129 srctrl->tx_num_xmit++;
@@ -191,7 +193,8 @@ static void rate_control_simple_tx_status(void *priv, struct net_device *dev,
191 } 193 }
192 } 194 }
193 195
194 sta_info_put(sta); 196 unlock:
197 rcu_read_unlock();
195} 198}
196 199
197 200
@@ -208,6 +211,8 @@ rate_control_simple_get_rate(void *priv, struct net_device *dev,
208 int rateidx; 211 int rateidx;
209 u16 fc; 212 u16 fc;
210 213
214 rcu_read_lock();
215
211 sta = sta_info_get(local, hdr->addr1); 216 sta = sta_info_get(local, hdr->addr1);
212 217
213 /* Send management frames and broadcast/multicast data using lowest 218 /* Send management frames and broadcast/multicast data using lowest
@@ -216,8 +221,7 @@ rate_control_simple_get_rate(void *priv, struct net_device *dev,
216 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || 221 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
217 is_multicast_ether_addr(hdr->addr1) || !sta) { 222 is_multicast_ether_addr(hdr->addr1) || !sta) {
218 sel->rate = rate_lowest(local, sband, sta); 223 sel->rate = rate_lowest(local, sband, sta);
219 if (sta) 224 rcu_read_unlock();
220 sta_info_put(sta);
221 return; 225 return;
222 } 226 }
223 227
@@ -233,7 +237,7 @@ rate_control_simple_get_rate(void *priv, struct net_device *dev,
233 237
234 sta->last_txrate_idx = rateidx; 238 sta->last_txrate_idx = rateidx;
235 239
236 sta_info_put(sta); 240 rcu_read_unlock();
237 241
238 sel->rate = &sband->bitrates[rateidx]; 242 sel->rate = &sband->bitrates[rateidx];
239} 243}
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 48574f6c0e74..644d2774469d 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -20,6 +20,7 @@
20 20
21#include "ieee80211_i.h" 21#include "ieee80211_i.h"
22#include "ieee80211_led.h" 22#include "ieee80211_led.h"
23#include "mesh.h"
23#include "wep.h" 24#include "wep.h"
24#include "wpa.h" 25#include "wpa.h"
25#include "tkip.h" 26#include "tkip.h"
@@ -250,7 +251,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
250} 251}
251 252
252 253
253static void ieee80211_parse_qos(struct ieee80211_txrx_data *rx) 254static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
254{ 255{
255 u8 *data = rx->skb->data; 256 u8 *data = rx->skb->data;
256 int tid; 257 int tid;
@@ -261,9 +262,9 @@ static void ieee80211_parse_qos(struct ieee80211_txrx_data *rx)
261 /* frame has qos control */ 262 /* frame has qos control */
262 tid = qc[0] & QOS_CONTROL_TID_MASK; 263 tid = qc[0] & QOS_CONTROL_TID_MASK;
263 if (qc[0] & IEEE80211_QOS_CONTROL_A_MSDU_PRESENT) 264 if (qc[0] & IEEE80211_QOS_CONTROL_A_MSDU_PRESENT)
264 rx->flags |= IEEE80211_TXRXD_RX_AMSDU; 265 rx->flags |= IEEE80211_RX_AMSDU;
265 else 266 else
266 rx->flags &= ~IEEE80211_TXRXD_RX_AMSDU; 267 rx->flags &= ~IEEE80211_RX_AMSDU;
267 } else { 268 } else {
268 if (unlikely((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)) { 269 if (unlikely((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)) {
269 /* Separate TID for management frames */ 270 /* Separate TID for management frames */
@@ -279,13 +280,13 @@ static void ieee80211_parse_qos(struct ieee80211_txrx_data *rx)
279 if (rx->sta) 280 if (rx->sta)
280 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]); 281 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]);
281 282
282 rx->u.rx.queue = tid; 283 rx->queue = tid;
283 /* Set skb->priority to 1d tag if highest order bit of TID is not set. 284 /* Set skb->priority to 1d tag if highest order bit of TID is not set.
284 * For now, set skb->priority to 0 for other cases. */ 285 * For now, set skb->priority to 0 for other cases. */
285 rx->skb->priority = (tid > 7) ? 0 : tid; 286 rx->skb->priority = (tid > 7) ? 0 : tid;
286} 287}
287 288
288static void ieee80211_verify_ip_alignment(struct ieee80211_txrx_data *rx) 289static void ieee80211_verify_ip_alignment(struct ieee80211_rx_data *rx)
289{ 290{
290#ifdef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT 291#ifdef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT
291 int hdrlen; 292 int hdrlen;
@@ -313,7 +314,7 @@ static void ieee80211_verify_ip_alignment(struct ieee80211_txrx_data *rx)
313 * to move the 802.11 header further back in that case. 314 * to move the 802.11 header further back in that case.
314 */ 315 */
315 hdrlen = ieee80211_get_hdrlen(rx->fc); 316 hdrlen = ieee80211_get_hdrlen(rx->fc);
316 if (rx->flags & IEEE80211_TXRXD_RX_AMSDU) 317 if (rx->flags & IEEE80211_RX_AMSDU)
317 hdrlen += ETH_HLEN; 318 hdrlen += ETH_HLEN;
318 WARN_ON_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3); 319 WARN_ON_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3);
319#endif 320#endif
@@ -356,32 +357,32 @@ static u32 ieee80211_rx_load_stats(struct ieee80211_local *local,
356/* rx handlers */ 357/* rx handlers */
357 358
358static ieee80211_rx_result 359static ieee80211_rx_result
359ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx) 360ieee80211_rx_h_if_stats(struct ieee80211_rx_data *rx)
360{ 361{
361 if (rx->sta) 362 if (rx->sta)
362 rx->sta->channel_use_raw += rx->u.rx.load; 363 rx->sta->channel_use_raw += rx->load;
363 rx->sdata->channel_use_raw += rx->u.rx.load; 364 rx->sdata->channel_use_raw += rx->load;
364 return RX_CONTINUE; 365 return RX_CONTINUE;
365} 366}
366 367
367static ieee80211_rx_result 368static ieee80211_rx_result
368ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx) 369ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
369{ 370{
370 struct ieee80211_local *local = rx->local; 371 struct ieee80211_local *local = rx->local;
371 struct sk_buff *skb = rx->skb; 372 struct sk_buff *skb = rx->skb;
372 373
373 if (unlikely(local->sta_hw_scanning)) 374 if (unlikely(local->sta_hw_scanning))
374 return ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status); 375 return ieee80211_sta_rx_scan(rx->dev, skb, rx->status);
375 376
376 if (unlikely(local->sta_sw_scanning)) { 377 if (unlikely(local->sta_sw_scanning)) {
377 /* drop all the other packets during a software scan anyway */ 378 /* drop all the other packets during a software scan anyway */
378 if (ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status) 379 if (ieee80211_sta_rx_scan(rx->dev, skb, rx->status)
379 != RX_QUEUED) 380 != RX_QUEUED)
380 dev_kfree_skb(skb); 381 dev_kfree_skb(skb);
381 return RX_QUEUED; 382 return RX_QUEUED;
382 } 383 }
383 384
384 if (unlikely(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) { 385 if (unlikely(rx->flags & IEEE80211_RX_IN_SCAN)) {
385 /* scanning finished during invoking of handlers */ 386 /* scanning finished during invoking of handlers */
386 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan); 387 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
387 return RX_DROP_UNUSABLE; 388 return RX_DROP_UNUSABLE;
@@ -391,23 +392,75 @@ ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx)
391} 392}
392 393
393static ieee80211_rx_result 394static ieee80211_rx_result
394ieee80211_rx_h_check(struct ieee80211_txrx_data *rx) 395ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx)
396{
397 int hdrlen = ieee80211_get_hdrlen(rx->fc);
398 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
399
400#define msh_h_get(h, l) ((struct ieee80211s_hdr *) ((u8 *)h + l))
401
402 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) {
403 if (!((rx->fc & IEEE80211_FCTL_FROMDS) &&
404 (rx->fc & IEEE80211_FCTL_TODS)))
405 return RX_DROP_MONITOR;
406 if (memcmp(hdr->addr4, rx->dev->dev_addr, ETH_ALEN) == 0)
407 return RX_DROP_MONITOR;
408 }
409
410 /* If there is not an established peer link and this is not a peer link
411 * establisment frame, beacon or probe, drop the frame.
412 */
413
414 if (!rx->sta || sta_plink_state(rx->sta) != PLINK_ESTAB) {
415 struct ieee80211_mgmt *mgmt;
416
417 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT)
418 return RX_DROP_MONITOR;
419
420 switch (rx->fc & IEEE80211_FCTL_STYPE) {
421 case IEEE80211_STYPE_ACTION:
422 mgmt = (struct ieee80211_mgmt *)hdr;
423 if (mgmt->u.action.category != PLINK_CATEGORY)
424 return RX_DROP_MONITOR;
425 /* fall through on else */
426 case IEEE80211_STYPE_PROBE_REQ:
427 case IEEE80211_STYPE_PROBE_RESP:
428 case IEEE80211_STYPE_BEACON:
429 return RX_CONTINUE;
430 break;
431 default:
432 return RX_DROP_MONITOR;
433 }
434
435 } else if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
436 is_broadcast_ether_addr(hdr->addr1) &&
437 mesh_rmc_check(hdr->addr4, msh_h_get(hdr, hdrlen), rx->dev))
438 return RX_DROP_MONITOR;
439#undef msh_h_get
440
441 return RX_CONTINUE;
442}
443
444
445static ieee80211_rx_result
446ieee80211_rx_h_check(struct ieee80211_rx_data *rx)
395{ 447{
396 struct ieee80211_hdr *hdr; 448 struct ieee80211_hdr *hdr;
449
397 hdr = (struct ieee80211_hdr *) rx->skb->data; 450 hdr = (struct ieee80211_hdr *) rx->skb->data;
398 451
399 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */ 452 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
400 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) { 453 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
401 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY && 454 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY &&
402 rx->sta->last_seq_ctrl[rx->u.rx.queue] == 455 rx->sta->last_seq_ctrl[rx->queue] ==
403 hdr->seq_ctrl)) { 456 hdr->seq_ctrl)) {
404 if (rx->flags & IEEE80211_TXRXD_RXRA_MATCH) { 457 if (rx->flags & IEEE80211_RX_RA_MATCH) {
405 rx->local->dot11FrameDuplicateCount++; 458 rx->local->dot11FrameDuplicateCount++;
406 rx->sta->num_duplicates++; 459 rx->sta->num_duplicates++;
407 } 460 }
408 return RX_DROP_MONITOR; 461 return RX_DROP_MONITOR;
409 } else 462 } else
410 rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl; 463 rx->sta->last_seq_ctrl[rx->queue] = hdr->seq_ctrl;
411 } 464 }
412 465
413 if (unlikely(rx->skb->len < 16)) { 466 if (unlikely(rx->skb->len < 16)) {
@@ -423,6 +476,10 @@ ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
423 * deauth/disassoc frames when needed. In addition, hostapd is 476 * deauth/disassoc frames when needed. In addition, hostapd is
424 * responsible for filtering on both auth and assoc states. 477 * responsible for filtering on both auth and assoc states.
425 */ 478 */
479
480 if (ieee80211_vif_is_mesh(&rx->sdata->vif))
481 return ieee80211_rx_mesh_check(rx);
482
426 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA || 483 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA ||
427 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL && 484 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
428 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) && 485 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
@@ -431,7 +488,7 @@ ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
431 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) && 488 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
432 !(rx->fc & IEEE80211_FCTL_TODS) && 489 !(rx->fc & IEEE80211_FCTL_TODS) &&
433 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) 490 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
434 || !(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) { 491 || !(rx->flags & IEEE80211_RX_RA_MATCH)) {
435 /* Drop IBSS frames and frames for other hosts 492 /* Drop IBSS frames and frames for other hosts
436 * silently. */ 493 * silently. */
437 return RX_DROP_MONITOR; 494 return RX_DROP_MONITOR;
@@ -445,7 +502,7 @@ ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
445 502
446 503
447static ieee80211_rx_result 504static ieee80211_rx_result
448ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx) 505ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
449{ 506{
450 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 507 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
451 int keyidx; 508 int keyidx;
@@ -486,7 +543,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
486 * No point in finding a key and decrypting if the frame is neither 543 * No point in finding a key and decrypting if the frame is neither
487 * addressed to us nor a multicast frame. 544 * addressed to us nor a multicast frame.
488 */ 545 */
489 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 546 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
490 return RX_CONTINUE; 547 return RX_CONTINUE;
491 548
492 if (rx->sta) 549 if (rx->sta)
@@ -504,8 +561,8 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
504 * we somehow allow the driver to tell us which key 561 * we somehow allow the driver to tell us which key
505 * the hardware used if this flag is set? 562 * the hardware used if this flag is set?
506 */ 563 */
507 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) && 564 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
508 (rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) 565 (rx->status->flag & RX_FLAG_IV_STRIPPED))
509 return RX_CONTINUE; 566 return RX_CONTINUE;
510 567
511 hdrlen = ieee80211_get_hdrlen(rx->fc); 568 hdrlen = ieee80211_get_hdrlen(rx->fc);
@@ -546,8 +603,8 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
546 /* Check for weak IVs if possible */ 603 /* Check for weak IVs if possible */
547 if (rx->sta && rx->key->conf.alg == ALG_WEP && 604 if (rx->sta && rx->key->conf.alg == ALG_WEP &&
548 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) && 605 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
549 (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED) || 606 (!(rx->status->flag & RX_FLAG_IV_STRIPPED) ||
550 !(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) && 607 !(rx->status->flag & RX_FLAG_DECRYPTED)) &&
551 ieee80211_wep_is_weak_iv(rx->skb, rx->key)) 608 ieee80211_wep_is_weak_iv(rx->skb, rx->key))
552 rx->sta->wep_weak_iv_count++; 609 rx->sta->wep_weak_iv_count++;
553 610
@@ -564,7 +621,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
564 } 621 }
565 622
566 /* either the frame has been decrypted or will be dropped */ 623 /* either the frame has been decrypted or will be dropped */
567 rx->u.rx.status->flag |= RX_FLAG_DECRYPTED; 624 rx->status->flag |= RX_FLAG_DECRYPTED;
568 625
569 return result; 626 return result;
570} 627}
@@ -574,7 +631,7 @@ static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
574 struct ieee80211_sub_if_data *sdata; 631 struct ieee80211_sub_if_data *sdata;
575 DECLARE_MAC_BUF(mac); 632 DECLARE_MAC_BUF(mac);
576 633
577 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 634 sdata = sta->sdata;
578 635
579 if (sdata->bss) 636 if (sdata->bss)
580 atomic_inc(&sdata->bss->num_sta_ps); 637 atomic_inc(&sdata->bss->num_sta_ps);
@@ -595,7 +652,7 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
595 struct ieee80211_tx_packet_data *pkt_data; 652 struct ieee80211_tx_packet_data *pkt_data;
596 DECLARE_MAC_BUF(mac); 653 DECLARE_MAC_BUF(mac);
597 654
598 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 655 sdata = sta->sdata;
599 656
600 if (sdata->bss) 657 if (sdata->bss)
601 atomic_dec(&sdata->bss->num_sta_ps); 658 atomic_dec(&sdata->bss->num_sta_ps);
@@ -634,7 +691,7 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
634} 691}
635 692
636static ieee80211_rx_result 693static ieee80211_rx_result
637ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx) 694ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
638{ 695{
639 struct sta_info *sta = rx->sta; 696 struct sta_info *sta = rx->sta;
640 struct net_device *dev = rx->dev; 697 struct net_device *dev = rx->dev;
@@ -657,24 +714,26 @@ ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
657 /* Update last_rx only for unicast frames in order to prevent 714 /* Update last_rx only for unicast frames in order to prevent
658 * the Probe Request frames (the only broadcast frames from a 715 * the Probe Request frames (the only broadcast frames from a
659 * STA in infrastructure mode) from keeping a connection alive. 716 * STA in infrastructure mode) from keeping a connection alive.
717 * Mesh beacons will update last_rx when if they are found to
718 * match the current local configuration when processed.
660 */ 719 */
661 sta->last_rx = jiffies; 720 sta->last_rx = jiffies;
662 } 721 }
663 722
664 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 723 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
665 return RX_CONTINUE; 724 return RX_CONTINUE;
666 725
667 sta->rx_fragments++; 726 sta->rx_fragments++;
668 sta->rx_bytes += rx->skb->len; 727 sta->rx_bytes += rx->skb->len;
669 sta->last_rssi = rx->u.rx.status->ssi; 728 sta->last_rssi = rx->status->ssi;
670 sta->last_signal = rx->u.rx.status->signal; 729 sta->last_signal = rx->status->signal;
671 sta->last_noise = rx->u.rx.status->noise; 730 sta->last_noise = rx->status->noise;
672 731
673 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) { 732 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
674 /* Change STA power saving mode only in the end of a frame 733 /* Change STA power saving mode only in the end of a frame
675 * exchange sequence */ 734 * exchange sequence */
676 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM)) 735 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM))
677 rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta); 736 rx->sent_ps_buffered += ap_sta_ps_end(dev, sta);
678 else if (!(sta->flags & WLAN_STA_PS) && 737 else if (!(sta->flags & WLAN_STA_PS) &&
679 (rx->fc & IEEE80211_FCTL_PM)) 738 (rx->fc & IEEE80211_FCTL_PM))
680 ap_sta_ps_start(dev, sta); 739 ap_sta_ps_start(dev, sta);
@@ -779,7 +838,7 @@ ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
779} 838}
780 839
781static ieee80211_rx_result 840static ieee80211_rx_result
782ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx) 841ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
783{ 842{
784 struct ieee80211_hdr *hdr; 843 struct ieee80211_hdr *hdr;
785 u16 sc; 844 u16 sc;
@@ -805,14 +864,14 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
805 if (frag == 0) { 864 if (frag == 0) {
806 /* This is the first fragment of a new frame. */ 865 /* This is the first fragment of a new frame. */
807 entry = ieee80211_reassemble_add(rx->sdata, frag, seq, 866 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
808 rx->u.rx.queue, &(rx->skb)); 867 rx->queue, &(rx->skb));
809 if (rx->key && rx->key->conf.alg == ALG_CCMP && 868 if (rx->key && rx->key->conf.alg == ALG_CCMP &&
810 (rx->fc & IEEE80211_FCTL_PROTECTED)) { 869 (rx->fc & IEEE80211_FCTL_PROTECTED)) {
811 /* Store CCMP PN so that we can verify that the next 870 /* Store CCMP PN so that we can verify that the next
812 * fragment has a sequential PN value. */ 871 * fragment has a sequential PN value. */
813 entry->ccmp = 1; 872 entry->ccmp = 1;
814 memcpy(entry->last_pn, 873 memcpy(entry->last_pn,
815 rx->key->u.ccmp.rx_pn[rx->u.rx.queue], 874 rx->key->u.ccmp.rx_pn[rx->queue],
816 CCMP_PN_LEN); 875 CCMP_PN_LEN);
817 } 876 }
818 return RX_QUEUED; 877 return RX_QUEUED;
@@ -822,7 +881,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
822 * fragment cache. Add this fragment to the end of the pending entry. 881 * fragment cache. Add this fragment to the end of the pending entry.
823 */ 882 */
824 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq, 883 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq,
825 rx->u.rx.queue, hdr); 884 rx->queue, hdr);
826 if (!entry) { 885 if (!entry) {
827 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag); 886 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
828 return RX_DROP_MONITOR; 887 return RX_DROP_MONITOR;
@@ -841,7 +900,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
841 if (pn[i]) 900 if (pn[i])
842 break; 901 break;
843 } 902 }
844 rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue]; 903 rpn = rx->key->u.ccmp.rx_pn[rx->queue];
845 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) { 904 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
846 if (net_ratelimit()) 905 if (net_ratelimit())
847 printk(KERN_DEBUG "%s: defrag: CCMP PN not " 906 printk(KERN_DEBUG "%s: defrag: CCMP PN not "
@@ -882,7 +941,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
882 } 941 }
883 942
884 /* Complete frame has been reassembled - process it now */ 943 /* Complete frame has been reassembled - process it now */
885 rx->flags |= IEEE80211_TXRXD_FRAGMENTED; 944 rx->flags |= IEEE80211_RX_FRAGMENTED;
886 945
887 out: 946 out:
888 if (rx->sta) 947 if (rx->sta)
@@ -895,7 +954,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
895} 954}
896 955
897static ieee80211_rx_result 956static ieee80211_rx_result
898ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx) 957ieee80211_rx_h_ps_poll(struct ieee80211_rx_data *rx)
899{ 958{
900 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 959 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
901 struct sk_buff *skb; 960 struct sk_buff *skb;
@@ -905,7 +964,7 @@ ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
905 if (likely(!rx->sta || 964 if (likely(!rx->sta ||
906 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL || 965 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL ||
907 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL || 966 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL ||
908 !(rx->flags & IEEE80211_TXRXD_RXRA_MATCH))) 967 !(rx->flags & IEEE80211_RX_RA_MATCH)))
909 return RX_CONTINUE; 968 return RX_CONTINUE;
910 969
911 if ((sdata->vif.type != IEEE80211_IF_TYPE_AP) && 970 if ((sdata->vif.type != IEEE80211_IF_TYPE_AP) &&
@@ -949,7 +1008,7 @@ ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
949 if (no_pending_pkts) 1008 if (no_pending_pkts)
950 sta_info_clear_tim_bit(rx->sta); 1009 sta_info_clear_tim_bit(rx->sta);
951#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 1010#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
952 } else if (!rx->u.rx.sent_ps_buffered) { 1011 } else if (!rx->sent_ps_buffered) {
953 /* 1012 /*
954 * FIXME: This can be the result of a race condition between 1013 * FIXME: This can be the result of a race condition between
955 * us expiring a frame and the station polling for it. 1014 * us expiring a frame and the station polling for it.
@@ -970,7 +1029,7 @@ ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
970} 1029}
971 1030
972static ieee80211_rx_result 1031static ieee80211_rx_result
973ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx) 1032ieee80211_rx_h_remove_qos_control(struct ieee80211_rx_data *rx)
974{ 1033{
975 u16 fc = rx->fc; 1034 u16 fc = rx->fc;
976 u8 *data = rx->skb->data; 1035 u8 *data = rx->skb->data;
@@ -990,7 +1049,7 @@ ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx)
990} 1049}
991 1050
992static int 1051static int
993ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx) 1052ieee80211_802_1x_port_control(struct ieee80211_rx_data *rx)
994{ 1053{
995 if (unlikely(!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED))) { 1054 if (unlikely(!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED))) {
996#ifdef CONFIG_MAC80211_DEBUG 1055#ifdef CONFIG_MAC80211_DEBUG
@@ -1005,13 +1064,13 @@ ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx)
1005} 1064}
1006 1065
1007static int 1066static int
1008ieee80211_drop_unencrypted(struct ieee80211_txrx_data *rx) 1067ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx)
1009{ 1068{
1010 /* 1069 /*
1011 * Pass through unencrypted frames if the hardware has 1070 * Pass through unencrypted frames if the hardware has
1012 * decrypted them already. 1071 * decrypted them already.
1013 */ 1072 */
1014 if (rx->u.rx.status->flag & RX_FLAG_DECRYPTED) 1073 if (rx->status->flag & RX_FLAG_DECRYPTED)
1015 return 0; 1074 return 0;
1016 1075
1017 /* Drop unencrypted frames if key is set. */ 1076 /* Drop unencrypted frames if key is set. */
@@ -1028,7 +1087,7 @@ ieee80211_drop_unencrypted(struct ieee80211_txrx_data *rx)
1028} 1087}
1029 1088
1030static int 1089static int
1031ieee80211_data_to_8023(struct ieee80211_txrx_data *rx) 1090ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1032{ 1091{
1033 struct net_device *dev = rx->dev; 1092 struct net_device *dev = rx->dev;
1034 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 1093 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
@@ -1050,6 +1109,21 @@ ieee80211_data_to_8023(struct ieee80211_txrx_data *rx)
1050 1109
1051 hdrlen = ieee80211_get_hdrlen(fc); 1110 hdrlen = ieee80211_get_hdrlen(fc);
1052 1111
1112 if (ieee80211_vif_is_mesh(&sdata->vif)) {
1113 int meshhdrlen = ieee80211_get_mesh_hdrlen(
1114 (struct ieee80211s_hdr *) (skb->data + hdrlen));
1115 /* Copy on cb:
1116 * - mesh header: to be used for mesh forwarding
1117 * decision. It will also be used as mesh header template at
1118 * tx.c:ieee80211_subif_start_xmit() if interface
1119 * type is mesh and skb->pkt_type == PACKET_OTHERHOST
1120 * - ta: to be used if a RERR needs to be sent.
1121 */
1122 memcpy(skb->cb, skb->data + hdrlen, meshhdrlen);
1123 memcpy(MESH_PREQ(skb), hdr->addr2, ETH_ALEN);
1124 hdrlen += meshhdrlen;
1125 }
1126
1053 /* convert IEEE 802.11 header + possible LLC headers into Ethernet 1127 /* convert IEEE 802.11 header + possible LLC headers into Ethernet
1054 * header 1128 * header
1055 * IEEE 802.11 address fields: 1129 * IEEE 802.11 address fields:
@@ -1083,9 +1157,10 @@ ieee80211_data_to_8023(struct ieee80211_txrx_data *rx)
1083 memcpy(dst, hdr->addr3, ETH_ALEN); 1157 memcpy(dst, hdr->addr3, ETH_ALEN);
1084 memcpy(src, hdr->addr4, ETH_ALEN); 1158 memcpy(src, hdr->addr4, ETH_ALEN);
1085 1159
1086 if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_WDS)) { 1160 if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_WDS &&
1087 if (net_ratelimit()) 1161 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)) {
1088 printk(KERN_DEBUG "%s: dropped FromDS&ToDS " 1162 if (net_ratelimit())
1163 printk(KERN_DEBUG "%s: dropped FromDS&ToDS "
1089 "frame (RA=%s TA=%s DA=%s SA=%s)\n", 1164 "frame (RA=%s TA=%s DA=%s SA=%s)\n",
1090 rx->dev->name, 1165 rx->dev->name,
1091 print_mac(mac, hdr->addr1), 1166 print_mac(mac, hdr->addr1),
@@ -1160,7 +1235,7 @@ ieee80211_data_to_8023(struct ieee80211_txrx_data *rx)
1160/* 1235/*
1161 * requires that rx->skb is a frame with ethernet header 1236 * requires that rx->skb is a frame with ethernet header
1162 */ 1237 */
1163static bool ieee80211_frame_allowed(struct ieee80211_txrx_data *rx) 1238static bool ieee80211_frame_allowed(struct ieee80211_rx_data *rx)
1164{ 1239{
1165 static const u8 pae_group_addr[ETH_ALEN] 1240 static const u8 pae_group_addr[ETH_ALEN]
1166 = { 0x01, 0x80, 0xC2, 0x00, 0x00, 0x03 }; 1241 = { 0x01, 0x80, 0xC2, 0x00, 0x00, 0x03 };
@@ -1186,7 +1261,7 @@ static bool ieee80211_frame_allowed(struct ieee80211_txrx_data *rx)
1186 * requires that rx->skb is a frame with ethernet header 1261 * requires that rx->skb is a frame with ethernet header
1187 */ 1262 */
1188static void 1263static void
1189ieee80211_deliver_skb(struct ieee80211_txrx_data *rx) 1264ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1190{ 1265{
1191 struct net_device *dev = rx->dev; 1266 struct net_device *dev = rx->dev;
1192 struct ieee80211_local *local = rx->local; 1267 struct ieee80211_local *local = rx->local;
@@ -1200,7 +1275,7 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1200 1275
1201 if (local->bridge_packets && (sdata->vif.type == IEEE80211_IF_TYPE_AP || 1276 if (local->bridge_packets && (sdata->vif.type == IEEE80211_IF_TYPE_AP ||
1202 sdata->vif.type == IEEE80211_IF_TYPE_VLAN) && 1277 sdata->vif.type == IEEE80211_IF_TYPE_VLAN) &&
1203 (rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) { 1278 (rx->flags & IEEE80211_RX_RA_MATCH)) {
1204 if (is_multicast_ether_addr(ehdr->h_dest)) { 1279 if (is_multicast_ether_addr(ehdr->h_dest)) {
1205 /* 1280 /*
1206 * send multicast frames both to higher layers in 1281 * send multicast frames both to higher layers in
@@ -1212,7 +1287,7 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1212 "multicast frame\n", dev->name); 1287 "multicast frame\n", dev->name);
1213 } else { 1288 } else {
1214 dsta = sta_info_get(local, skb->data); 1289 dsta = sta_info_get(local, skb->data);
1215 if (dsta && dsta->dev == dev) { 1290 if (dsta && dsta->sdata->dev == dev) {
1216 /* 1291 /*
1217 * The destination station is associated to 1292 * The destination station is associated to
1218 * this AP (in this VLAN), so send the frame 1293 * this AP (in this VLAN), so send the frame
@@ -1222,8 +1297,38 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1222 xmit_skb = skb; 1297 xmit_skb = skb;
1223 skb = NULL; 1298 skb = NULL;
1224 } 1299 }
1225 if (dsta) 1300 }
1226 sta_info_put(dsta); 1301 }
1302
1303 /* Mesh forwarding */
1304 if (ieee80211_vif_is_mesh(&sdata->vif)) {
1305 u8 *mesh_ttl = &((struct ieee80211s_hdr *)skb->cb)->ttl;
1306 (*mesh_ttl)--;
1307
1308 if (is_multicast_ether_addr(skb->data)) {
1309 if (*mesh_ttl > 0) {
1310 xmit_skb = skb_copy(skb, GFP_ATOMIC);
1311 if (!xmit_skb && net_ratelimit())
1312 printk(KERN_DEBUG "%s: failed to clone "
1313 "multicast frame\n", dev->name);
1314 else
1315 xmit_skb->pkt_type = PACKET_OTHERHOST;
1316 } else
1317 IEEE80211_IFSTA_MESH_CTR_INC(&sdata->u.sta,
1318 dropped_frames_ttl);
1319 } else if (skb->pkt_type != PACKET_OTHERHOST &&
1320 compare_ether_addr(dev->dev_addr, skb->data) != 0) {
1321 if (*mesh_ttl == 0) {
1322 IEEE80211_IFSTA_MESH_CTR_INC(&sdata->u.sta,
1323 dropped_frames_ttl);
1324 dev_kfree_skb(skb);
1325 skb = NULL;
1326 } else {
1327 xmit_skb = skb;
1328 xmit_skb->pkt_type = PACKET_OTHERHOST;
1329 if (!(dev->flags & IFF_PROMISC))
1330 skb = NULL;
1331 }
1227 } 1332 }
1228 } 1333 }
1229 1334
@@ -1244,7 +1349,7 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1244} 1349}
1245 1350
1246static ieee80211_rx_result 1351static ieee80211_rx_result
1247ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx) 1352ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1248{ 1353{
1249 struct net_device *dev = rx->dev; 1354 struct net_device *dev = rx->dev;
1250 struct ieee80211_local *local = rx->local; 1355 struct ieee80211_local *local = rx->local;
@@ -1264,7 +1369,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1264 if (unlikely(!WLAN_FC_DATA_PRESENT(fc))) 1369 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
1265 return RX_DROP_MONITOR; 1370 return RX_DROP_MONITOR;
1266 1371
1267 if (!(rx->flags & IEEE80211_TXRXD_RX_AMSDU)) 1372 if (!(rx->flags & IEEE80211_RX_AMSDU))
1268 return RX_CONTINUE; 1373 return RX_CONTINUE;
1269 1374
1270 err = ieee80211_data_to_8023(rx); 1375 err = ieee80211_data_to_8023(rx);
@@ -1361,7 +1466,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1361} 1466}
1362 1467
1363static ieee80211_rx_result 1468static ieee80211_rx_result
1364ieee80211_rx_h_data(struct ieee80211_txrx_data *rx) 1469ieee80211_rx_h_data(struct ieee80211_rx_data *rx)
1365{ 1470{
1366 struct net_device *dev = rx->dev; 1471 struct net_device *dev = rx->dev;
1367 u16 fc; 1472 u16 fc;
@@ -1392,7 +1497,7 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
1392} 1497}
1393 1498
1394static ieee80211_rx_result 1499static ieee80211_rx_result
1395ieee80211_rx_h_ctrl(struct ieee80211_txrx_data *rx) 1500ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1396{ 1501{
1397 struct ieee80211_local *local = rx->local; 1502 struct ieee80211_local *local = rx->local;
1398 struct ieee80211_hw *hw = &local->hw; 1503 struct ieee80211_hw *hw = &local->hw;
@@ -1435,18 +1540,19 @@ ieee80211_rx_h_ctrl(struct ieee80211_txrx_data *rx)
1435} 1540}
1436 1541
1437static ieee80211_rx_result 1542static ieee80211_rx_result
1438ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx) 1543ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
1439{ 1544{
1440 struct ieee80211_sub_if_data *sdata; 1545 struct ieee80211_sub_if_data *sdata;
1441 1546
1442 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 1547 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
1443 return RX_DROP_MONITOR; 1548 return RX_DROP_MONITOR;
1444 1549
1445 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1550 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1446 if ((sdata->vif.type == IEEE80211_IF_TYPE_STA || 1551 if ((sdata->vif.type == IEEE80211_IF_TYPE_STA ||
1447 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) && 1552 sdata->vif.type == IEEE80211_IF_TYPE_IBSS ||
1553 sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT) &&
1448 !(sdata->flags & IEEE80211_SDATA_USERSPACE_MLME)) 1554 !(sdata->flags & IEEE80211_SDATA_USERSPACE_MLME))
1449 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status); 1555 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->status);
1450 else 1556 else
1451 return RX_DROP_MONITOR; 1557 return RX_DROP_MONITOR;
1452 1558
@@ -1455,7 +1561,7 @@ ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx)
1455 1561
1456static void ieee80211_rx_michael_mic_report(struct net_device *dev, 1562static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1457 struct ieee80211_hdr *hdr, 1563 struct ieee80211_hdr *hdr,
1458 struct ieee80211_txrx_data *rx) 1564 struct ieee80211_rx_data *rx)
1459{ 1565{
1460 int keyidx, hdrlen; 1566 int keyidx, hdrlen;
1461 DECLARE_MAC_BUF(mac); 1567 DECLARE_MAC_BUF(mac);
@@ -1525,7 +1631,8 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1525 rx->skb = NULL; 1631 rx->skb = NULL;
1526} 1632}
1527 1633
1528static void ieee80211_rx_cooked_monitor(struct ieee80211_txrx_data *rx) 1634/* TODO: use IEEE80211_RX_FRAGMENTED */
1635static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx)
1529{ 1636{
1530 struct ieee80211_sub_if_data *sdata; 1637 struct ieee80211_sub_if_data *sdata;
1531 struct ieee80211_local *local = rx->local; 1638 struct ieee80211_local *local = rx->local;
@@ -1538,9 +1645,9 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_txrx_data *rx)
1538 } __attribute__ ((packed)) *rthdr; 1645 } __attribute__ ((packed)) *rthdr;
1539 struct sk_buff *skb = rx->skb, *skb2; 1646 struct sk_buff *skb = rx->skb, *skb2;
1540 struct net_device *prev_dev = NULL; 1647 struct net_device *prev_dev = NULL;
1541 struct ieee80211_rx_status *status = rx->u.rx.status; 1648 struct ieee80211_rx_status *status = rx->status;
1542 1649
1543 if (rx->flags & IEEE80211_TXRXD_RX_CMNTR_REPORTED) 1650 if (rx->flags & IEEE80211_RX_CMNTR_REPORTED)
1544 goto out_free_skb; 1651 goto out_free_skb;
1545 1652
1546 if (skb_headroom(skb) < sizeof(*rthdr) && 1653 if (skb_headroom(skb) < sizeof(*rthdr) &&
@@ -1555,7 +1662,7 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_txrx_data *rx)
1555 (1 << IEEE80211_RADIOTAP_RATE) | 1662 (1 << IEEE80211_RADIOTAP_RATE) |
1556 (1 << IEEE80211_RADIOTAP_CHANNEL)); 1663 (1 << IEEE80211_RADIOTAP_CHANNEL));
1557 1664
1558 rthdr->rate = rx->u.rx.rate->bitrate / 5; 1665 rthdr->rate = rx->rate->bitrate / 5;
1559 rthdr->chan_freq = cpu_to_le16(status->freq); 1666 rthdr->chan_freq = cpu_to_le16(status->freq);
1560 1667
1561 if (status->band == IEEE80211_BAND_5GHZ) 1668 if (status->band == IEEE80211_BAND_5GHZ)
@@ -1598,14 +1705,14 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_txrx_data *rx)
1598 } else 1705 } else
1599 goto out_free_skb; 1706 goto out_free_skb;
1600 1707
1601 rx->flags |= IEEE80211_TXRXD_RX_CMNTR_REPORTED; 1708 rx->flags |= IEEE80211_RX_CMNTR_REPORTED;
1602 return; 1709 return;
1603 1710
1604 out_free_skb: 1711 out_free_skb:
1605 dev_kfree_skb(skb); 1712 dev_kfree_skb(skb);
1606} 1713}
1607 1714
1608typedef ieee80211_rx_result (*ieee80211_rx_handler)(struct ieee80211_txrx_data *); 1715typedef ieee80211_rx_result (*ieee80211_rx_handler)(struct ieee80211_rx_data *);
1609static ieee80211_rx_handler ieee80211_rx_handlers[] = 1716static ieee80211_rx_handler ieee80211_rx_handlers[] =
1610{ 1717{
1611 ieee80211_rx_h_if_stats, 1718 ieee80211_rx_h_if_stats,
@@ -1629,7 +1736,7 @@ static ieee80211_rx_handler ieee80211_rx_handlers[] =
1629}; 1736};
1630 1737
1631static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata, 1738static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
1632 struct ieee80211_txrx_data *rx, 1739 struct ieee80211_rx_data *rx,
1633 struct sk_buff *skb) 1740 struct sk_buff *skb)
1634{ 1741{
1635 ieee80211_rx_handler *handler; 1742 ieee80211_rx_handler *handler;
@@ -1672,7 +1779,7 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
1672/* main receive path */ 1779/* main receive path */
1673 1780
1674static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata, 1781static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1675 u8 *bssid, struct ieee80211_txrx_data *rx, 1782 u8 *bssid, struct ieee80211_rx_data *rx,
1676 struct ieee80211_hdr *hdr) 1783 struct ieee80211_hdr *hdr)
1677{ 1784{
1678 int multicast = is_multicast_ether_addr(hdr->addr1); 1785 int multicast = is_multicast_ether_addr(hdr->addr1);
@@ -1682,15 +1789,15 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1682 if (!bssid) 1789 if (!bssid)
1683 return 0; 1790 return 0;
1684 if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 1791 if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) {
1685 if (!(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1792 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1686 return 0; 1793 return 0;
1687 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1794 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1688 } else if (!multicast && 1795 } else if (!multicast &&
1689 compare_ether_addr(sdata->dev->dev_addr, 1796 compare_ether_addr(sdata->dev->dev_addr,
1690 hdr->addr1) != 0) { 1797 hdr->addr1) != 0) {
1691 if (!(sdata->dev->flags & IFF_PROMISC)) 1798 if (!(sdata->dev->flags & IFF_PROMISC))
1692 return 0; 1799 return 0;
1693 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1800 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1694 } 1801 }
1695 break; 1802 break;
1696 case IEEE80211_IF_TYPE_IBSS: 1803 case IEEE80211_IF_TYPE_IBSS:
@@ -1700,19 +1807,29 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1700 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) 1807 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON)
1701 return 1; 1808 return 1;
1702 else if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 1809 else if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) {
1703 if (!(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1810 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1704 return 0; 1811 return 0;
1705 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1812 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1706 } else if (!multicast && 1813 } else if (!multicast &&
1707 compare_ether_addr(sdata->dev->dev_addr, 1814 compare_ether_addr(sdata->dev->dev_addr,
1708 hdr->addr1) != 0) { 1815 hdr->addr1) != 0) {
1709 if (!(sdata->dev->flags & IFF_PROMISC)) 1816 if (!(sdata->dev->flags & IFF_PROMISC))
1710 return 0; 1817 return 0;
1711 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1818 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1712 } else if (!rx->sta) 1819 } else if (!rx->sta)
1713 rx->sta = ieee80211_ibss_add_sta(sdata->dev, rx->skb, 1820 rx->sta = ieee80211_ibss_add_sta(sdata->dev, rx->skb,
1714 bssid, hdr->addr2); 1821 bssid, hdr->addr2);
1715 break; 1822 break;
1823 case IEEE80211_IF_TYPE_MESH_POINT:
1824 if (!multicast &&
1825 compare_ether_addr(sdata->dev->dev_addr,
1826 hdr->addr1) != 0) {
1827 if (!(sdata->dev->flags & IFF_PROMISC))
1828 return 0;
1829
1830 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1831 }
1832 break;
1716 case IEEE80211_IF_TYPE_VLAN: 1833 case IEEE80211_IF_TYPE_VLAN:
1717 case IEEE80211_IF_TYPE_AP: 1834 case IEEE80211_IF_TYPE_AP:
1718 if (!bssid) { 1835 if (!bssid) {
@@ -1721,12 +1838,12 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1721 return 0; 1838 return 0;
1722 } else if (!ieee80211_bssid_match(bssid, 1839 } else if (!ieee80211_bssid_match(bssid,
1723 sdata->dev->dev_addr)) { 1840 sdata->dev->dev_addr)) {
1724 if (!(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1841 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1725 return 0; 1842 return 0;
1726 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1843 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1727 } 1844 }
1728 if (sdata->dev == sdata->local->mdev && 1845 if (sdata->dev == sdata->local->mdev &&
1729 !(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1846 !(rx->flags & IEEE80211_RX_IN_SCAN))
1730 /* do not receive anything via 1847 /* do not receive anything via
1731 * master device when not scanning */ 1848 * master device when not scanning */
1732 return 0; 1849 return 0;
@@ -1763,7 +1880,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1763 struct ieee80211_local *local = hw_to_local(hw); 1880 struct ieee80211_local *local = hw_to_local(hw);
1764 struct ieee80211_sub_if_data *sdata; 1881 struct ieee80211_sub_if_data *sdata;
1765 struct ieee80211_hdr *hdr; 1882 struct ieee80211_hdr *hdr;
1766 struct ieee80211_txrx_data rx; 1883 struct ieee80211_rx_data rx;
1767 u16 type; 1884 u16 type;
1768 int prepares; 1885 int prepares;
1769 struct ieee80211_sub_if_data *prev = NULL; 1886 struct ieee80211_sub_if_data *prev = NULL;
@@ -1775,9 +1892,9 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1775 rx.skb = skb; 1892 rx.skb = skb;
1776 rx.local = local; 1893 rx.local = local;
1777 1894
1778 rx.u.rx.status = status; 1895 rx.status = status;
1779 rx.u.rx.load = load; 1896 rx.load = load;
1780 rx.u.rx.rate = rate; 1897 rx.rate = rate;
1781 rx.fc = le16_to_cpu(hdr->frame_control); 1898 rx.fc = le16_to_cpu(hdr->frame_control);
1782 type = rx.fc & IEEE80211_FCTL_FTYPE; 1899 type = rx.fc & IEEE80211_FCTL_FTYPE;
1783 1900
@@ -1786,17 +1903,17 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1786 1903
1787 rx.sta = sta_info_get(local, hdr->addr2); 1904 rx.sta = sta_info_get(local, hdr->addr2);
1788 if (rx.sta) { 1905 if (rx.sta) {
1789 rx.dev = rx.sta->dev; 1906 rx.sdata = rx.sta->sdata;
1790 rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev); 1907 rx.dev = rx.sta->sdata->dev;
1791 } 1908 }
1792 1909
1793 if ((status->flag & RX_FLAG_MMIC_ERROR)) { 1910 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
1794 ieee80211_rx_michael_mic_report(local->mdev, hdr, &rx); 1911 ieee80211_rx_michael_mic_report(local->mdev, hdr, &rx);
1795 goto end; 1912 return;
1796 } 1913 }
1797 1914
1798 if (unlikely(local->sta_sw_scanning || local->sta_hw_scanning)) 1915 if (unlikely(local->sta_sw_scanning || local->sta_hw_scanning))
1799 rx.flags |= IEEE80211_TXRXD_RXIN_SCAN; 1916 rx.flags |= IEEE80211_RX_IN_SCAN;
1800 1917
1801 ieee80211_parse_qos(&rx); 1918 ieee80211_parse_qos(&rx);
1802 ieee80211_verify_ip_alignment(&rx); 1919 ieee80211_verify_ip_alignment(&rx);
@@ -1811,7 +1928,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1811 continue; 1928 continue;
1812 1929
1813 bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type); 1930 bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type);
1814 rx.flags |= IEEE80211_TXRXD_RXRA_MATCH; 1931 rx.flags |= IEEE80211_RX_RA_MATCH;
1815 prepares = prepare_for_handlers(sdata, bssid, &rx, hdr); 1932 prepares = prepare_for_handlers(sdata, bssid, &rx, hdr);
1816 1933
1817 if (!prepares) 1934 if (!prepares)
@@ -1851,10 +1968,6 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1851 ieee80211_invoke_rx_handlers(prev, &rx, skb); 1968 ieee80211_invoke_rx_handlers(prev, &rx, skb);
1852 } else 1969 } else
1853 dev_kfree_skb(skb); 1970 dev_kfree_skb(skb);
1854
1855 end:
1856 if (rx.sta)
1857 sta_info_put(rx.sta);
1858} 1971}
1859 1972
1860#define SEQ_MODULO 0x1000 1973#define SEQ_MODULO 0x1000
@@ -2031,7 +2144,7 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2031 /* if this mpdu is fragmented - terminate rx aggregation session */ 2144 /* if this mpdu is fragmented - terminate rx aggregation session */
2032 sc = le16_to_cpu(hdr->seq_ctrl); 2145 sc = le16_to_cpu(hdr->seq_ctrl);
2033 if (sc & IEEE80211_SCTL_FRAG) { 2146 if (sc & IEEE80211_SCTL_FRAG) {
2034 ieee80211_sta_stop_rx_ba_session(sta->dev, sta->addr, 2147 ieee80211_sta_stop_rx_ba_session(sta->sdata->dev, sta->addr,
2035 tid, 0, WLAN_REASON_QSTA_REQUIRE_SETUP); 2148 tid, 0, WLAN_REASON_QSTA_REQUIRE_SETUP);
2036 ret = 1; 2149 ret = 1;
2037 goto end_reorder; 2150 goto end_reorder;
@@ -2041,9 +2154,7 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2041 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4; 2154 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4;
2042 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb, 2155 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb,
2043 mpdu_seq_num, 0); 2156 mpdu_seq_num, 0);
2044end_reorder: 2157 end_reorder:
2045 if (sta)
2046 sta_info_put(sta);
2047 return ret; 2158 return ret;
2048} 2159}
2049 2160
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index e384e6632d97..3b84c16cf054 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -15,21 +15,52 @@
15#include <linux/skbuff.h> 15#include <linux/skbuff.h>
16#include <linux/if_arp.h> 16#include <linux/if_arp.h>
17#include <linux/timer.h> 17#include <linux/timer.h>
18#include <linux/rtnetlink.h>
18 19
19#include <net/mac80211.h> 20#include <net/mac80211.h>
20#include "ieee80211_i.h" 21#include "ieee80211_i.h"
21#include "ieee80211_rate.h" 22#include "ieee80211_rate.h"
22#include "sta_info.h" 23#include "sta_info.h"
23#include "debugfs_sta.h" 24#include "debugfs_sta.h"
25#include "mesh.h"
24 26
25/* Caller must hold local->sta_lock */ 27/**
26static void sta_info_hash_add(struct ieee80211_local *local, 28 * DOC: STA information lifetime rules
27 struct sta_info *sta) 29 *
28{ 30 * STA info structures (&struct sta_info) are managed in a hash table
29 sta->hnext = local->sta_hash[STA_HASH(sta->addr)]; 31 * for faster lookup and a list for iteration. They are managed using
30 local->sta_hash[STA_HASH(sta->addr)] = sta; 32 * RCU, i.e. access to the list and hash table is protected by RCU.
31} 33 *
32 34 * Upon allocating a STA info structure with sta_info_alloc(), the caller owns
35 * that structure. It must then either destroy it using sta_info_destroy()
36 * (which is pretty useless) or insert it into the hash table using
37 * sta_info_insert() which demotes the reference from ownership to a regular
38 * RCU-protected reference; if the function is called without protection by an
39 * RCU critical section the reference is instantly invalidated.
40 *
41 * Because there are debugfs entries for each station, and adding those
42 * must be able to sleep, it is also possible to "pin" a station entry,
43 * that means it can be removed from the hash table but not be freed.
44 * See the comment in __sta_info_unlink() for more information.
45 *
46 * In order to remove a STA info structure, the caller needs to first
47 * unlink it (sta_info_unlink()) from the list and hash tables and
48 * then wait for an RCU synchronisation before it can be freed. Due to
49 * the pinning and the possibility of multiple callers trying to remove
50 * the same STA info at the same time, sta_info_unlink() can clear the
51 * STA info pointer it is passed to indicate that the STA info is owned
52 * by somebody else now.
53 *
54 * If sta_info_unlink() did not clear the pointer then the caller owns
55 * the STA info structure now and is responsible of destroying it with
56 * a call to sta_info_destroy(), not before RCU synchronisation, of
57 * course. Note that sta_info_destroy() must be protected by the RTNL.
58 *
59 * In all other cases, there is no concept of ownership on a STA entry,
60 * each structure is owned by the global hash table/list until it is
61 * removed. All users of the structure need to be RCU protected so that
62 * the structure won't be freed before they are done using it.
63 */
33 64
34/* Caller must hold local->sta_lock */ 65/* Caller must hold local->sta_lock */
35static int sta_info_hash_del(struct ieee80211_local *local, 66static int sta_info_hash_del(struct ieee80211_local *local,
@@ -41,109 +72,152 @@ static int sta_info_hash_del(struct ieee80211_local *local,
41 if (!s) 72 if (!s)
42 return -ENOENT; 73 return -ENOENT;
43 if (s == sta) { 74 if (s == sta) {
44 local->sta_hash[STA_HASH(sta->addr)] = s->hnext; 75 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)],
76 s->hnext);
45 return 0; 77 return 0;
46 } 78 }
47 79
48 while (s->hnext && s->hnext != sta) 80 while (s->hnext && s->hnext != sta)
49 s = s->hnext; 81 s = s->hnext;
50 if (s->hnext) { 82 if (s->hnext) {
51 s->hnext = sta->hnext; 83 rcu_assign_pointer(s->hnext, sta->hnext);
52 return 0; 84 return 0;
53 } 85 }
54 86
55 return -ENOENT; 87 return -ENOENT;
56} 88}
57 89
58/* must hold local->sta_lock */ 90/* protected by RCU */
59static struct sta_info *__sta_info_find(struct ieee80211_local *local, 91static struct sta_info *__sta_info_find(struct ieee80211_local *local,
60 u8 *addr) 92 u8 *addr)
61{ 93{
62 struct sta_info *sta; 94 struct sta_info *sta;
63 95
64 sta = local->sta_hash[STA_HASH(addr)]; 96 sta = rcu_dereference(local->sta_hash[STA_HASH(addr)]);
65 while (sta) { 97 while (sta) {
66 if (compare_ether_addr(sta->addr, addr) == 0) 98 if (compare_ether_addr(sta->addr, addr) == 0)
67 break; 99 break;
68 sta = sta->hnext; 100 sta = rcu_dereference(sta->hnext);
69 } 101 }
70 return sta; 102 return sta;
71} 103}
72 104
73struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr) 105struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr)
74{ 106{
75 struct sta_info *sta; 107 return __sta_info_find(local, addr);
76
77 read_lock_bh(&local->sta_lock);
78 sta = __sta_info_find(local, addr);
79 if (sta)
80 __sta_info_get(sta);
81 read_unlock_bh(&local->sta_lock);
82
83 return sta;
84} 108}
85EXPORT_SYMBOL(sta_info_get); 109EXPORT_SYMBOL(sta_info_get);
86 110
111struct sta_info *sta_info_get_by_idx(struct ieee80211_local *local, int idx,
112 struct net_device *dev)
113{
114 struct sta_info *sta;
115 int i = 0;
116
117 list_for_each_entry_rcu(sta, &local->sta_list, list) {
118 if (dev && dev != sta->sdata->dev)
119 continue;
120 if (i < idx) {
121 ++i;
122 continue;
123 }
124 return sta;
125 }
126
127 return NULL;
128}
87 129
88static void sta_info_release(struct kref *kref) 130void sta_info_destroy(struct sta_info *sta)
89{ 131{
90 struct sta_info *sta = container_of(kref, struct sta_info, kref);
91 struct ieee80211_local *local = sta->local; 132 struct ieee80211_local *local = sta->local;
92 struct sk_buff *skb; 133 struct sk_buff *skb;
93 int i; 134 int i;
135 DECLARE_MAC_BUF(mbuf);
136
137 if (!sta)
138 return;
139
140 ASSERT_RTNL();
141 might_sleep();
142
143 rate_control_remove_sta_debugfs(sta);
144 ieee80211_sta_debugfs_remove(sta);
145
146#ifdef CONFIG_MAC80211_MESH
147 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
148 mesh_plink_deactivate(sta);
149#endif
150
151 /*
152 * NOTE: This will call synchronize_rcu() internally to
153 * make sure no key references can be in use. We rely on
154 * that here for the mesh code!
155 */
156 ieee80211_key_free(sta->key);
157 WARN_ON(sta->key);
158
159#ifdef CONFIG_MAC80211_MESH
160 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
161 del_timer_sync(&sta->plink_timer);
162#endif
94 163
95 /* free sta structure; it has already been removed from
96 * hash table etc. external structures. Make sure that all
97 * buffered frames are release (one might have been added
98 * after sta_info_free() was called). */
99 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 164 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
100 local->total_ps_buffered--; 165 local->total_ps_buffered--;
101 dev_kfree_skb_any(skb); 166 dev_kfree_skb_any(skb);
102 } 167 }
103 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 168
169 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL)
104 dev_kfree_skb_any(skb); 170 dev_kfree_skb_any(skb);
105 } 171
106 for (i = 0; i < STA_TID_NUM; i++) { 172 for (i = 0; i < STA_TID_NUM; i++) {
107 del_timer_sync(&sta->ampdu_mlme.tid_rx[i].session_timer); 173 del_timer_sync(&sta->ampdu_mlme.tid_rx[i].session_timer);
108 del_timer_sync(&sta->ampdu_mlme.tid_tx[i].addba_resp_timer); 174 del_timer_sync(&sta->ampdu_mlme.tid_tx[i].addba_resp_timer);
109 } 175 }
110 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv); 176 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv);
111 rate_control_put(sta->rate_ctrl); 177 rate_control_put(sta->rate_ctrl);
178
179#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
180 printk(KERN_DEBUG "%s: Destroyed STA %s\n",
181 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr));
182#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
183
112 kfree(sta); 184 kfree(sta);
113} 185}
114 186
115 187
116void sta_info_put(struct sta_info *sta) 188/* Caller must hold local->sta_lock */
189static void sta_info_hash_add(struct ieee80211_local *local,
190 struct sta_info *sta)
117{ 191{
118 kref_put(&sta->kref, sta_info_release); 192 sta->hnext = local->sta_hash[STA_HASH(sta->addr)];
193 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)], sta);
119} 194}
120EXPORT_SYMBOL(sta_info_put);
121 195
122 196struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
123struct sta_info *sta_info_add(struct ieee80211_local *local, 197 u8 *addr, gfp_t gfp)
124 struct net_device *dev, u8 *addr, gfp_t gfp)
125{ 198{
199 struct ieee80211_local *local = sdata->local;
126 struct sta_info *sta; 200 struct sta_info *sta;
127 int i; 201 int i;
128 DECLARE_MAC_BUF(mac); 202 DECLARE_MAC_BUF(mbuf);
129 203
130 sta = kzalloc(sizeof(*sta), gfp); 204 sta = kzalloc(sizeof(*sta), gfp);
131 if (!sta) 205 if (!sta)
132 return ERR_PTR(-ENOMEM); 206 return NULL;
133 207
134 kref_init(&sta->kref); 208 memcpy(sta->addr, addr, ETH_ALEN);
209 sta->local = local;
210 sta->sdata = sdata;
135 211
136 sta->rate_ctrl = rate_control_get(local->rate_ctrl); 212 sta->rate_ctrl = rate_control_get(local->rate_ctrl);
137 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl, gfp); 213 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl,
214 gfp);
138 if (!sta->rate_ctrl_priv) { 215 if (!sta->rate_ctrl_priv) {
139 rate_control_put(sta->rate_ctrl); 216 rate_control_put(sta->rate_ctrl);
140 kfree(sta); 217 kfree(sta);
141 return ERR_PTR(-ENOMEM); 218 return NULL;
142 } 219 }
143 220
144 memcpy(sta->addr, addr, ETH_ALEN);
145 sta->local = local;
146 sta->dev = dev;
147 spin_lock_init(&sta->ampdu_mlme.ampdu_rx); 221 spin_lock_init(&sta->ampdu_mlme.ampdu_rx);
148 spin_lock_init(&sta->ampdu_mlme.ampdu_tx); 222 spin_lock_init(&sta->ampdu_mlme.ampdu_tx);
149 for (i = 0; i < STA_TID_NUM; i++) { 223 for (i = 0; i < STA_TID_NUM; i++) {
@@ -168,35 +242,68 @@ struct sta_info *sta_info_add(struct ieee80211_local *local,
168 } 242 }
169 skb_queue_head_init(&sta->ps_tx_buf); 243 skb_queue_head_init(&sta->ps_tx_buf);
170 skb_queue_head_init(&sta->tx_filtered); 244 skb_queue_head_init(&sta->tx_filtered);
171 write_lock_bh(&local->sta_lock); 245
172 /* mark sta as used (by caller) */ 246#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
173 __sta_info_get(sta); 247 printk(KERN_DEBUG "%s: Allocated STA %s\n",
248 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr));
249#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
250
251#ifdef CONFIG_MAC80211_MESH
252 sta->plink_state = PLINK_LISTEN;
253 spin_lock_init(&sta->plink_lock);
254 init_timer(&sta->plink_timer);
255#endif
256
257 return sta;
258}
259
260int sta_info_insert(struct sta_info *sta)
261{
262 struct ieee80211_local *local = sta->local;
263 struct ieee80211_sub_if_data *sdata = sta->sdata;
264 unsigned long flags;
265 DECLARE_MAC_BUF(mac);
266
267 /*
268 * Can't be a WARN_ON because it can be triggered through a race:
269 * something inserts a STA (on one CPU) without holding the RTNL
270 * and another CPU turns off the net device.
271 */
272 if (unlikely(!netif_running(sdata->dev)))
273 return -ENETDOWN;
274
275 if (WARN_ON(compare_ether_addr(sta->addr, sdata->dev->dev_addr) == 0))
276 return -EINVAL;
277
278 if (WARN_ON(is_multicast_ether_addr(sta->addr)))
279 return -EINVAL;
280
281 spin_lock_irqsave(&local->sta_lock, flags);
174 /* check if STA exists already */ 282 /* check if STA exists already */
175 if (__sta_info_find(local, addr)) { 283 if (__sta_info_find(local, sta->addr)) {
176 write_unlock_bh(&local->sta_lock); 284 spin_unlock_irqrestore(&local->sta_lock, flags);
177 sta_info_put(sta); 285 return -EEXIST;
178 return ERR_PTR(-EEXIST);
179 } 286 }
180 list_add(&sta->list, &local->sta_list); 287 list_add(&sta->list, &local->sta_list);
181 local->num_sta++; 288 local->num_sta++;
182 sta_info_hash_add(local, sta); 289 sta_info_hash_add(local, sta);
183 if (local->ops->sta_notify) {
184 struct ieee80211_sub_if_data *sdata;
185 290
186 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 291 /* notify driver */
292 if (local->ops->sta_notify) {
187 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 293 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN)
188 sdata = sdata->u.vlan.ap; 294 sdata = sdata->u.vlan.ap;
189 295
190 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 296 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
191 STA_NOTIFY_ADD, addr); 297 STA_NOTIFY_ADD, sta->addr);
192 } 298 }
193 write_unlock_bh(&local->sta_lock);
194 299
195#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 300#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
196 printk(KERN_DEBUG "%s: Added STA %s\n", 301 printk(KERN_DEBUG "%s: Inserted STA %s\n",
197 wiphy_name(local->hw.wiphy), print_mac(mac, addr)); 302 wiphy_name(local->hw.wiphy), print_mac(mac, sta->addr));
198#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 303#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
199 304
305 spin_unlock_irqrestore(&local->sta_lock, flags);
306
200#ifdef CONFIG_MAC80211_DEBUGFS 307#ifdef CONFIG_MAC80211_DEBUGFS
201 /* debugfs entry adding might sleep, so schedule process 308 /* debugfs entry adding might sleep, so schedule process
202 * context task for adding entry for STAs that do not yet 309 * context task for adding entry for STAs that do not yet
@@ -204,7 +311,10 @@ struct sta_info *sta_info_add(struct ieee80211_local *local,
204 queue_work(local->hw.workqueue, &local->sta_debugfs_add); 311 queue_work(local->hw.workqueue, &local->sta_debugfs_add);
205#endif 312#endif
206 313
207 return sta; 314 if (ieee80211_vif_is_mesh(&sdata->vif))
315 mesh_accept_plinks_update(sdata);
316
317 return 0;
208} 318}
209 319
210static inline void __bss_tim_set(struct ieee80211_if_ap *bss, u16 aid) 320static inline void __bss_tim_set(struct ieee80211_if_ap *bss, u16 aid)
@@ -230,19 +340,20 @@ static void __sta_info_set_tim_bit(struct ieee80211_if_ap *bss,
230{ 340{
231 if (bss) 341 if (bss)
232 __bss_tim_set(bss, sta->aid); 342 __bss_tim_set(bss, sta->aid);
233 if (sta->local->ops->set_tim) 343 if (sta->local->ops->set_tim) {
344 sta->local->tim_in_locked_section = true;
234 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 1); 345 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 1);
346 sta->local->tim_in_locked_section = false;
347 }
235} 348}
236 349
237void sta_info_set_tim_bit(struct sta_info *sta) 350void sta_info_set_tim_bit(struct sta_info *sta)
238{ 351{
239 struct ieee80211_sub_if_data *sdata; 352 unsigned long flags;
240
241 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
242 353
243 read_lock_bh(&sta->local->sta_lock); 354 spin_lock_irqsave(&sta->local->sta_lock, flags);
244 __sta_info_set_tim_bit(sdata->bss, sta); 355 __sta_info_set_tim_bit(sta->sdata->bss, sta);
245 read_unlock_bh(&sta->local->sta_lock); 356 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
246} 357}
247 358
248static void __sta_info_clear_tim_bit(struct ieee80211_if_ap *bss, 359static void __sta_info_clear_tim_bit(struct ieee80211_if_ap *bss,
@@ -250,88 +361,135 @@ static void __sta_info_clear_tim_bit(struct ieee80211_if_ap *bss,
250{ 361{
251 if (bss) 362 if (bss)
252 __bss_tim_clear(bss, sta->aid); 363 __bss_tim_clear(bss, sta->aid);
253 if (sta->local->ops->set_tim) 364 if (sta->local->ops->set_tim) {
365 sta->local->tim_in_locked_section = true;
254 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 0); 366 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 0);
367 sta->local->tim_in_locked_section = false;
368 }
255} 369}
256 370
257void sta_info_clear_tim_bit(struct sta_info *sta) 371void sta_info_clear_tim_bit(struct sta_info *sta)
258{ 372{
259 struct ieee80211_sub_if_data *sdata; 373 unsigned long flags;
260 374
261 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 375 spin_lock_irqsave(&sta->local->sta_lock, flags);
376 __sta_info_clear_tim_bit(sta->sdata->bss, sta);
377 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
378}
262 379
263 read_lock_bh(&sta->local->sta_lock); 380/*
264 __sta_info_clear_tim_bit(sdata->bss, sta); 381 * See comment in __sta_info_unlink,
265 read_unlock_bh(&sta->local->sta_lock); 382 * caller must hold local->sta_lock.
383 */
384static void __sta_info_pin(struct sta_info *sta)
385{
386 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_NORMAL);
387 sta->pin_status = STA_INFO_PIN_STAT_PINNED;
266} 388}
267 389
268/* Caller must hold local->sta_lock */ 390/*
269void sta_info_remove(struct sta_info *sta) 391 * See comment in __sta_info_unlink, returns sta if it
392 * needs to be destroyed.
393 */
394static struct sta_info *__sta_info_unpin(struct sta_info *sta)
270{ 395{
271 struct ieee80211_local *local = sta->local; 396 struct sta_info *ret = NULL;
272 struct ieee80211_sub_if_data *sdata; 397 unsigned long flags;
273 398
274 /* don't do anything if we've been removed already */ 399 spin_lock_irqsave(&sta->local->sta_lock, flags);
275 if (sta_info_hash_del(local, sta)) 400 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_DESTROY &&
276 return; 401 sta->pin_status != STA_INFO_PIN_STAT_PINNED);
402 if (sta->pin_status == STA_INFO_PIN_STAT_DESTROY)
403 ret = sta;
404 sta->pin_status = STA_INFO_PIN_STAT_NORMAL;
405 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
277 406
278 list_del(&sta->list); 407 return ret;
279 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
280 if (sta->flags & WLAN_STA_PS) {
281 sta->flags &= ~WLAN_STA_PS;
282 if (sdata->bss)
283 atomic_dec(&sdata->bss->num_sta_ps);
284 __sta_info_clear_tim_bit(sdata->bss, sta);
285 }
286 local->num_sta--;
287} 408}
288 409
289void sta_info_free(struct sta_info *sta) 410static void __sta_info_unlink(struct sta_info **sta)
290{ 411{
291 struct sk_buff *skb; 412 struct ieee80211_local *local = (*sta)->local;
292 struct ieee80211_local *local = sta->local; 413 struct ieee80211_sub_if_data *sdata = (*sta)->sdata;
293 DECLARE_MAC_BUF(mac); 414#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
415 DECLARE_MAC_BUF(mbuf);
416#endif
417 /*
418 * pull caller's reference if we're already gone.
419 */
420 if (sta_info_hash_del(local, *sta)) {
421 *sta = NULL;
422 return;
423 }
294 424
295 might_sleep(); 425 /*
426 * Also pull caller's reference if the STA is pinned by the
427 * task that is adding the debugfs entries. In that case, we
428 * leave the STA "to be freed".
429 *
430 * The rules are not trivial, but not too complex either:
431 * (1) pin_status is only modified under the sta_lock
432 * (2) sta_info_debugfs_add_work() will set the status
433 * to PINNED when it found an item that needs a new
434 * debugfs directory created. In that case, that item
435 * must not be freed although all *RCU* users are done
436 * with it. Hence, we tell the caller of _unlink()
437 * that the item is already gone (as can happen when
438 * two tasks try to unlink/destroy at the same time)
439 * (3) We set the pin_status to DESTROY here when we
440 * find such an item.
441 * (4) sta_info_debugfs_add_work() will reset the pin_status
442 * from PINNED to NORMAL when it is done with the item,
443 * but will check for DESTROY before resetting it in
444 * which case it will free the item.
445 */
446 if ((*sta)->pin_status == STA_INFO_PIN_STAT_PINNED) {
447 (*sta)->pin_status = STA_INFO_PIN_STAT_DESTROY;
448 *sta = NULL;
449 return;
450 }
296 451
297 write_lock_bh(&local->sta_lock); 452 list_del(&(*sta)->list);
298 sta_info_remove(sta);
299 write_unlock_bh(&local->sta_lock);
300 453
301 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 454 if ((*sta)->flags & WLAN_STA_PS) {
302 local->total_ps_buffered--; 455 (*sta)->flags &= ~WLAN_STA_PS;
303 dev_kfree_skb(skb); 456 if (sdata->bss)
304 } 457 atomic_dec(&sdata->bss->num_sta_ps);
305 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 458 __sta_info_clear_tim_bit(sdata->bss, *sta);
306 dev_kfree_skb(skb);
307 } 459 }
308 460
309#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 461 local->num_sta--;
310 printk(KERN_DEBUG "%s: Removed STA %s\n",
311 wiphy_name(local->hw.wiphy), print_mac(mac, sta->addr));
312#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
313
314 ieee80211_key_free(sta->key);
315 WARN_ON(sta->key);
316 462
317 if (local->ops->sta_notify) { 463 if (local->ops->sta_notify) {
318 struct ieee80211_sub_if_data *sdata;
319
320 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
321
322 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 464 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN)
323 sdata = sdata->u.vlan.ap; 465 sdata = sdata->u.vlan.ap;
324 466
325 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 467 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
326 STA_NOTIFY_REMOVE, sta->addr); 468 STA_NOTIFY_REMOVE, (*sta)->addr);
327 } 469 }
328 470
329 rate_control_remove_sta_debugfs(sta); 471 if (ieee80211_vif_is_mesh(&sdata->vif)) {
330 ieee80211_sta_debugfs_remove(sta); 472 mesh_accept_plinks_update(sdata);
473#ifdef CONFIG_MAC80211_MESH
474 del_timer(&(*sta)->plink_timer);
475#endif
476 }
331 477
332 sta_info_put(sta); 478#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
479 printk(KERN_DEBUG "%s: Removed STA %s\n",
480 wiphy_name(local->hw.wiphy), print_mac(mbuf, (*sta)->addr));
481#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
333} 482}
334 483
484void sta_info_unlink(struct sta_info **sta)
485{
486 struct ieee80211_local *local = (*sta)->local;
487 unsigned long flags;
488
489 spin_lock_irqsave(&local->sta_lock, flags);
490 __sta_info_unlink(sta);
491 spin_unlock_irqrestore(&local->sta_lock, flags);
492}
335 493
336static inline int sta_info_buffer_expired(struct ieee80211_local *local, 494static inline int sta_info_buffer_expired(struct ieee80211_local *local,
337 struct sta_info *sta, 495 struct sta_info *sta,
@@ -377,7 +535,7 @@ static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
377 if (!skb) 535 if (!skb)
378 break; 536 break;
379 537
380 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 538 sdata = sta->sdata;
381 local->total_ps_buffered--; 539 local->total_ps_buffered--;
382 printk(KERN_DEBUG "Buffered frame expired (STA " 540 printk(KERN_DEBUG "Buffered frame expired (STA "
383 "%s)\n", print_mac(mac, sta->addr)); 541 "%s)\n", print_mac(mac, sta->addr));
@@ -394,13 +552,10 @@ static void sta_info_cleanup(unsigned long data)
394 struct ieee80211_local *local = (struct ieee80211_local *) data; 552 struct ieee80211_local *local = (struct ieee80211_local *) data;
395 struct sta_info *sta; 553 struct sta_info *sta;
396 554
397 read_lock_bh(&local->sta_lock); 555 rcu_read_lock();
398 list_for_each_entry(sta, &local->sta_list, list) { 556 list_for_each_entry_rcu(sta, &local->sta_list, list)
399 __sta_info_get(sta);
400 sta_info_cleanup_expire_buffered(local, sta); 557 sta_info_cleanup_expire_buffered(local, sta);
401 sta_info_put(sta); 558 rcu_read_unlock();
402 }
403 read_unlock_bh(&local->sta_lock);
404 559
405 local->sta_cleanup.expires = 560 local->sta_cleanup.expires =
406 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 561 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL);
@@ -408,37 +563,45 @@ static void sta_info_cleanup(unsigned long data)
408} 563}
409 564
410#ifdef CONFIG_MAC80211_DEBUGFS 565#ifdef CONFIG_MAC80211_DEBUGFS
411static void sta_info_debugfs_add_task(struct work_struct *work) 566static void sta_info_debugfs_add_work(struct work_struct *work)
412{ 567{
413 struct ieee80211_local *local = 568 struct ieee80211_local *local =
414 container_of(work, struct ieee80211_local, sta_debugfs_add); 569 container_of(work, struct ieee80211_local, sta_debugfs_add);
415 struct sta_info *sta, *tmp; 570 struct sta_info *sta, *tmp;
571 unsigned long flags;
416 572
417 while (1) { 573 while (1) {
418 sta = NULL; 574 sta = NULL;
419 read_lock_bh(&local->sta_lock); 575
576 spin_lock_irqsave(&local->sta_lock, flags);
420 list_for_each_entry(tmp, &local->sta_list, list) { 577 list_for_each_entry(tmp, &local->sta_list, list) {
421 if (!tmp->debugfs.dir) { 578 if (!tmp->debugfs.dir) {
422 sta = tmp; 579 sta = tmp;
423 __sta_info_get(sta); 580 __sta_info_pin(sta);
424 break; 581 break;
425 } 582 }
426 } 583 }
427 read_unlock_bh(&local->sta_lock); 584 spin_unlock_irqrestore(&local->sta_lock, flags);
428 585
429 if (!sta) 586 if (!sta)
430 break; 587 break;
431 588
432 ieee80211_sta_debugfs_add(sta); 589 ieee80211_sta_debugfs_add(sta);
433 rate_control_add_sta_debugfs(sta); 590 rate_control_add_sta_debugfs(sta);
434 sta_info_put(sta); 591
592 sta = __sta_info_unpin(sta);
593
594 if (sta) {
595 synchronize_rcu();
596 sta_info_destroy(sta);
597 }
435 } 598 }
436} 599}
437#endif 600#endif
438 601
439void sta_info_init(struct ieee80211_local *local) 602void sta_info_init(struct ieee80211_local *local)
440{ 603{
441 rwlock_init(&local->sta_lock); 604 spin_lock_init(&local->sta_lock);
442 INIT_LIST_HEAD(&local->sta_list); 605 INIT_LIST_HEAD(&local->sta_list);
443 606
444 setup_timer(&local->sta_cleanup, sta_info_cleanup, 607 setup_timer(&local->sta_cleanup, sta_info_cleanup,
@@ -447,7 +610,7 @@ void sta_info_init(struct ieee80211_local *local)
447 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 610 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL);
448 611
449#ifdef CONFIG_MAC80211_DEBUGFS 612#ifdef CONFIG_MAC80211_DEBUGFS
450 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_task); 613 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_work);
451#endif 614#endif
452} 615}
453 616
@@ -465,25 +628,38 @@ void sta_info_stop(struct ieee80211_local *local)
465 628
466/** 629/**
467 * sta_info_flush - flush matching STA entries from the STA table 630 * sta_info_flush - flush matching STA entries from the STA table
631 *
632 * Returns the number of removed STA entries.
633 *
468 * @local: local interface data 634 * @local: local interface data
469 * @dev: matching rule for the net device (sta->dev) or %NULL to match all STAs 635 * @sdata: matching rule for the net device (sta->dev) or %NULL to match all STAs
470 */ 636 */
471void sta_info_flush(struct ieee80211_local *local, struct net_device *dev) 637int sta_info_flush(struct ieee80211_local *local,
638 struct ieee80211_sub_if_data *sdata)
472{ 639{
473 struct sta_info *sta, *tmp; 640 struct sta_info *sta, *tmp;
474 LIST_HEAD(tmp_list); 641 LIST_HEAD(tmp_list);
642 int ret = 0;
643 unsigned long flags;
475 644
476 write_lock_bh(&local->sta_lock); 645 might_sleep();
477 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
478 if (!dev || dev == sta->dev) {
479 __sta_info_get(sta);
480 sta_info_remove(sta);
481 list_add_tail(&sta->list, &tmp_list);
482 }
483 write_unlock_bh(&local->sta_lock);
484 646
485 list_for_each_entry_safe(sta, tmp, &tmp_list, list) { 647 spin_lock_irqsave(&local->sta_lock, flags);
486 sta_info_free(sta); 648 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
487 sta_info_put(sta); 649 if (!sdata || sdata == sta->sdata) {
650 __sta_info_unlink(&sta);
651 if (sta) {
652 list_add_tail(&sta->list, &tmp_list);
653 ret++;
654 }
655 }
488 } 656 }
657 spin_unlock_irqrestore(&local->sta_lock, flags);
658
659 synchronize_rcu();
660
661 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
662 sta_info_destroy(sta);
663
664 return ret;
489} 665}
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 86eed40ada78..f166c8039f2b 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -12,7 +12,6 @@
12#include <linux/list.h> 12#include <linux/list.h>
13#include <linux/types.h> 13#include <linux/types.h>
14#include <linux/if_ether.h> 14#include <linux/if_ether.h>
15#include <linux/kref.h>
16#include "ieee80211_key.h" 15#include "ieee80211_key.h"
17 16
18/** 17/**
@@ -108,6 +107,29 @@ struct tid_ampdu_rx {
108}; 107};
109 108
110/** 109/**
110 * enum plink_state - state of a mesh peer link finite state machine
111 *
112 * @PLINK_LISTEN: initial state, considered the implicit state of non existant
113 * mesh peer links
114 * @PLINK_OPN_SNT: mesh plink open frame has been sent to this mesh peer
115 * @PLINK_OPN_RCVD: mesh plink open frame has been received from this mesh peer
116 * @PLINK_CNF_RCVD: mesh plink confirm frame has been received from this mesh
117 * peer
118 * @PLINK_ESTAB: mesh peer link is established
119 * @PLINK_HOLDING: mesh peer link is being closed or cancelled
120 * @PLINK_BLOCKED: all frames transmitted from this mesh plink are discarded
121 */
122enum plink_state {
123 PLINK_LISTEN,
124 PLINK_OPN_SNT,
125 PLINK_OPN_RCVD,
126 PLINK_CNF_RCVD,
127 PLINK_ESTAB,
128 PLINK_HOLDING,
129 PLINK_BLOCKED
130};
131
132/**
111 * struct sta_ampdu_mlme - STA aggregation information. 133 * struct sta_ampdu_mlme - STA aggregation information.
112 * 134 *
113 * @tid_rx: aggregation info for Rx per TID 135 * @tid_rx: aggregation info for Rx per TID
@@ -124,75 +146,132 @@ struct sta_ampdu_mlme {
124 u8 dialog_token_allocator; 146 u8 dialog_token_allocator;
125}; 147};
126 148
149
150/* see __sta_info_unlink */
151#define STA_INFO_PIN_STAT_NORMAL 0
152#define STA_INFO_PIN_STAT_PINNED 1
153#define STA_INFO_PIN_STAT_DESTROY 2
154
155/**
156 * struct sta_info - STA information
157 *
158 * This structure collects information about a station that
159 * mac80211 is communicating with.
160 *
161 * @list: global linked list entry
162 * @hnext: hash table linked list pointer
163 * @local: pointer to the global information
164 * @addr: MAC address of this STA
165 * @aid: STA's unique AID (1..2007, 0 = not assigned yet),
166 * only used in AP (and IBSS?) mode
167 * @flags: STA flags, see &enum ieee80211_sta_info_flags
168 * @ps_tx_buf: buffer of frames to transmit to this station
169 * when it leaves power saving state
170 * @tx_filtered: buffer of frames we already tried to transmit
171 * but were filtered by hardware due to STA having entered
172 * power saving state
173 * @rx_packets: Number of MSDUs received from this STA
174 * @rx_bytes: Number of bytes received from this STA
175 * @supp_rates: Bitmap of supported rates (per band)
176 * @ht_info: HT capabilities of this STA
177 */
127struct sta_info { 178struct sta_info {
128 struct kref kref; 179 /* General information, mostly static */
129 struct list_head list; 180 struct list_head list;
130 struct sta_info *hnext; /* next entry in hash table list */ 181 struct sta_info *hnext;
131
132 struct ieee80211_local *local; 182 struct ieee80211_local *local;
133 183 struct ieee80211_sub_if_data *sdata;
134 u8 addr[ETH_ALEN];
135 u16 aid; /* STA's unique AID (1..2007), 0 = not yet assigned */
136 u32 flags; /* WLAN_STA_ */
137
138 struct sk_buff_head ps_tx_buf; /* buffer of TX frames for station in
139 * power saving state */
140 struct sk_buff_head tx_filtered; /* buffer of TX frames that were
141 * already given to low-level driver,
142 * but were filtered */
143 unsigned long rx_packets, tx_packets; /* number of RX/TX MSDUs */
144 unsigned long rx_bytes, tx_bytes;
145 unsigned long tx_retry_failed, tx_retry_count;
146 unsigned long tx_filtered_count;
147
148 unsigned int wep_weak_iv_count; /* number of RX frames with weak IV */
149
150 unsigned long last_rx;
151 /* bitmap of supported rates per band */
152 u64 supp_rates[IEEE80211_NUM_BANDS];
153 int txrate_idx;
154 /* last rates used to send a frame to this STA */
155 int last_txrate_idx, last_nonerp_txrate_idx;
156
157 struct net_device *dev; /* which net device is this station associated
158 * to */
159
160 struct ieee80211_key *key; 184 struct ieee80211_key *key;
161
162 u32 tx_num_consecutive_failures;
163 u32 tx_num_mpdu_ok;
164 u32 tx_num_mpdu_fail;
165
166 struct rate_control_ref *rate_ctrl; 185 struct rate_control_ref *rate_ctrl;
167 void *rate_ctrl_priv; 186 void *rate_ctrl_priv;
187 struct ieee80211_ht_info ht_info;
188 u64 supp_rates[IEEE80211_NUM_BANDS];
189 u8 addr[ETH_ALEN];
190 u16 aid;
191 u16 listen_interval;
168 192
169 /* last received seq/frag number from this STA (per RX queue) */ 193 /*
170 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES]; 194 * for use by the internal lifetime management,
195 * see __sta_info_unlink
196 */
197 u8 pin_status;
198
199 /* frequently updated information, needs locking? */
200 u32 flags;
201
202 /*
203 * STA powersave frame queues, no more than the internal
204 * locking required.
205 */
206 struct sk_buff_head ps_tx_buf;
207 struct sk_buff_head tx_filtered;
208
209 /* Updated from RX path only, no locking requirements */
210 unsigned long rx_packets, rx_bytes;
211 unsigned long wep_weak_iv_count;
212 unsigned long last_rx;
171 unsigned long num_duplicates; /* number of duplicate frames received 213 unsigned long num_duplicates; /* number of duplicate frames received
172 * from this STA */ 214 * from this STA */
173 unsigned long tx_fragments; /* number of transmitted MPDUs */
174 unsigned long rx_fragments; /* number of received MPDUs */ 215 unsigned long rx_fragments; /* number of received MPDUs */
175 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */ 216 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */
176
177 int last_rssi; /* RSSI of last received frame from this STA */ 217 int last_rssi; /* RSSI of last received frame from this STA */
178 int last_signal; /* signal of last received frame from this STA */ 218 int last_signal; /* signal of last received frame from this STA */
179 int last_noise; /* noise of last received frame from this STA */ 219 int last_noise; /* noise of last received frame from this STA */
180 int channel_use; 220 /* last received seq/frag number from this STA (per RX queue) */
181 int channel_use_raw; 221 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES];
182
183#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 222#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
184 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES]; 223 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES];
224#endif
225
226 /* Updated from TX status path only, no locking requirements */
227 unsigned long tx_filtered_count;
228 unsigned long tx_retry_failed, tx_retry_count;
229 /* TODO: update in generic code not rate control? */
230 u32 tx_num_consecutive_failures;
231 u32 tx_num_mpdu_ok;
232 u32 tx_num_mpdu_fail;
233 /* moving percentage of failed MSDUs */
234 unsigned int fail_avg;
235
236 /* Updated from TX path only, no locking requirements */
237 unsigned long tx_packets; /* number of RX/TX MSDUs */
238 unsigned long tx_bytes;
239 unsigned long tx_fragments; /* number of transmitted MPDUs */
240 int txrate_idx;
241 int last_txrate_idx;
242#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
185 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES]; 243 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
186#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */ 244#endif
187 245
188 u16 listen_interval; 246 /* Debug counters, no locking doesn't matter */
247 int channel_use;
248 int channel_use_raw;
189 249
190 struct ieee80211_ht_info ht_info; /* 802.11n HT capabilities 250 /*
191 of this STA */ 251 * Aggregation information, comes with own locking.
252 */
192 struct sta_ampdu_mlme ampdu_mlme; 253 struct sta_ampdu_mlme ampdu_mlme;
193 u8 timer_to_tid[STA_TID_NUM]; /* convert timer id to tid */ 254 u8 timer_to_tid[STA_TID_NUM]; /* identity mapping to ID timers */
194 u8 tid_to_tx_q[STA_TID_NUM]; /* map tid to tx queue */ 255 u8 tid_to_tx_q[STA_TID_NUM]; /* map tid to tx queue */
195 256
257#ifdef CONFIG_MAC80211_MESH
258 /*
259 * Mesh peer link attributes
260 * TODO: move to a sub-structure that is referenced with pointer?
261 */
262 __le16 llid; /* Local link ID */
263 __le16 plid; /* Peer link ID */
264 __le16 reason; /* Cancel reason on PLINK_HOLDING state */
265 u8 plink_retries; /* Retries in establishment */
266 bool ignore_plink_timer;
267 enum plink_state plink_state;
268 u32 plink_timeout;
269 struct timer_list plink_timer;
270 spinlock_t plink_lock; /* For peer_state reads / updates and other
271 updates in the structure. Ensures robust
272 transitions for the peerlink FSM */
273#endif
274
196#ifdef CONFIG_MAC80211_DEBUGFS 275#ifdef CONFIG_MAC80211_DEBUGFS
197 struct sta_info_debugfsdentries { 276 struct sta_info_debugfsdentries {
198 struct dentry *dir; 277 struct dentry *dir;
@@ -209,6 +288,14 @@ struct sta_info {
209#endif 288#endif
210}; 289};
211 290
291static inline enum plink_state sta_plink_state(struct sta_info *sta)
292{
293#ifdef CONFIG_MAC80211_MESH
294 return sta->plink_state;
295#endif
296 return PLINK_LISTEN;
297}
298
212 299
213/* Maximum number of concurrently registered stations */ 300/* Maximum number of concurrently registered stations */
214#define MAX_STA_COUNT 2007 301#define MAX_STA_COUNT 2007
@@ -228,23 +315,44 @@ struct sta_info {
228 */ 315 */
229#define STA_INFO_CLEANUP_INTERVAL (10 * HZ) 316#define STA_INFO_CLEANUP_INTERVAL (10 * HZ)
230 317
231static inline void __sta_info_get(struct sta_info *sta) 318/*
232{ 319 * Get a STA info, must have be under RCU read lock.
233 kref_get(&sta->kref); 320 */
234} 321struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr);
322/*
323 * Get STA info by index, BROKEN!
324 */
325struct sta_info *sta_info_get_by_idx(struct ieee80211_local *local, int idx,
326 struct net_device *dev);
327/*
328 * Create a new STA info, caller owns returned structure
329 * until sta_info_insert().
330 */
331struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
332 u8 *addr, gfp_t gfp);
333/*
334 * Insert STA info into hash table/list, returns zero or a
335 * -EEXIST if (if the same MAC address is already present).
336 *
337 * Calling this without RCU protection makes the caller
338 * relinquish its reference to @sta.
339 */
340int sta_info_insert(struct sta_info *sta);
341/*
342 * Unlink a STA info from the hash table/list.
343 * This can NULL the STA pointer if somebody else
344 * has already unlinked it.
345 */
346void sta_info_unlink(struct sta_info **sta);
347
348void sta_info_destroy(struct sta_info *sta);
349void sta_info_set_tim_bit(struct sta_info *sta);
350void sta_info_clear_tim_bit(struct sta_info *sta);
235 351
236struct sta_info * sta_info_get(struct ieee80211_local *local, u8 *addr);
237void sta_info_put(struct sta_info *sta);
238struct sta_info *sta_info_add(struct ieee80211_local *local,
239 struct net_device *dev, u8 *addr, gfp_t gfp);
240void sta_info_remove(struct sta_info *sta);
241void sta_info_free(struct sta_info *sta);
242void sta_info_init(struct ieee80211_local *local); 352void sta_info_init(struct ieee80211_local *local);
243int sta_info_start(struct ieee80211_local *local); 353int sta_info_start(struct ieee80211_local *local);
244void sta_info_stop(struct ieee80211_local *local); 354void sta_info_stop(struct ieee80211_local *local);
245void sta_info_flush(struct ieee80211_local *local, struct net_device *dev); 355int sta_info_flush(struct ieee80211_local *local,
246 356 struct ieee80211_sub_if_data *sdata);
247void sta_info_set_tim_bit(struct sta_info *sta);
248void sta_info_clear_tim_bit(struct sta_info *sta);
249 357
250#endif /* STA_INFO_H */ 358#endif /* STA_INFO_H */
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 1cd58e01f1ee..80f4343a3007 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -26,6 +26,7 @@
26 26
27#include "ieee80211_i.h" 27#include "ieee80211_i.h"
28#include "ieee80211_led.h" 28#include "ieee80211_led.h"
29#include "mesh.h"
29#include "wep.h" 30#include "wep.h"
30#include "wpa.h" 31#include "wpa.h"
31#include "wme.h" 32#include "wme.h"
@@ -86,11 +87,11 @@ static inline void ieee80211_dump_frame(const char *ifname, const char *title,
86} 87}
87#endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */ 88#endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
88 89
89static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr, 90static u16 ieee80211_duration(struct ieee80211_tx_data *tx, int group_addr,
90 int next_frag_len) 91 int next_frag_len)
91{ 92{
92 int rate, mrate, erp, dur, i; 93 int rate, mrate, erp, dur, i;
93 struct ieee80211_rate *txrate = tx->u.tx.rate; 94 struct ieee80211_rate *txrate = tx->rate;
94 struct ieee80211_local *local = tx->local; 95 struct ieee80211_local *local = tx->local;
95 struct ieee80211_supported_band *sband; 96 struct ieee80211_supported_band *sband;
96 97
@@ -233,7 +234,7 @@ static int inline is_ieee80211_device(struct net_device *dev,
233/* tx handlers */ 234/* tx handlers */
234 235
235static ieee80211_tx_result 236static ieee80211_tx_result
236ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx) 237ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
237{ 238{
238#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 239#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
239 struct sk_buff *skb = tx->skb; 240 struct sk_buff *skb = tx->skb;
@@ -241,7 +242,7 @@ ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
241#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 242#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
242 u32 sta_flags; 243 u32 sta_flags;
243 244
244 if (unlikely(tx->flags & IEEE80211_TXRXD_TX_INJECTED)) 245 if (unlikely(tx->flags & IEEE80211_TX_INJECTED))
245 return TX_CONTINUE; 246 return TX_CONTINUE;
246 247
247 if (unlikely(tx->local->sta_sw_scanning) && 248 if (unlikely(tx->local->sta_sw_scanning) &&
@@ -249,12 +250,15 @@ ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
249 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ)) 250 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ))
250 return TX_DROP; 251 return TX_DROP;
251 252
252 if (tx->flags & IEEE80211_TXRXD_TXPS_BUFFERED) 253 if (tx->sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT)
254 return TX_CONTINUE;
255
256 if (tx->flags & IEEE80211_TX_PS_BUFFERED)
253 return TX_CONTINUE; 257 return TX_CONTINUE;
254 258
255 sta_flags = tx->sta ? tx->sta->flags : 0; 259 sta_flags = tx->sta ? tx->sta->flags : 0;
256 260
257 if (likely(tx->flags & IEEE80211_TXRXD_TXUNICAST)) { 261 if (likely(tx->flags & IEEE80211_TX_UNICAST)) {
258 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) && 262 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) &&
259 tx->sdata->vif.type != IEEE80211_IF_TYPE_IBSS && 263 tx->sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
260 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) { 264 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
@@ -284,7 +288,7 @@ ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
284} 288}
285 289
286static ieee80211_tx_result 290static ieee80211_tx_result
287ieee80211_tx_h_sequence(struct ieee80211_txrx_data *tx) 291ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx)
288{ 292{
289 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; 293 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
290 294
@@ -323,10 +327,8 @@ static void purge_old_ps_buffers(struct ieee80211_local *local)
323 } 327 }
324 total += skb_queue_len(&ap->ps_bc_buf); 328 total += skb_queue_len(&ap->ps_bc_buf);
325 } 329 }
326 rcu_read_unlock();
327 330
328 read_lock_bh(&local->sta_lock); 331 list_for_each_entry_rcu(sta, &local->sta_list, list) {
329 list_for_each_entry(sta, &local->sta_list, list) {
330 skb = skb_dequeue(&sta->ps_tx_buf); 332 skb = skb_dequeue(&sta->ps_tx_buf);
331 if (skb) { 333 if (skb) {
332 purged++; 334 purged++;
@@ -334,7 +336,8 @@ static void purge_old_ps_buffers(struct ieee80211_local *local)
334 } 336 }
335 total += skb_queue_len(&sta->ps_tx_buf); 337 total += skb_queue_len(&sta->ps_tx_buf);
336 } 338 }
337 read_unlock_bh(&local->sta_lock); 339
340 rcu_read_unlock();
338 341
339 local->total_ps_buffered = total; 342 local->total_ps_buffered = total;
340 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n", 343 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n",
@@ -342,7 +345,7 @@ static void purge_old_ps_buffers(struct ieee80211_local *local)
342} 345}
343 346
344static ieee80211_tx_result 347static ieee80211_tx_result
345ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx) 348ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
346{ 349{
347 /* 350 /*
348 * broadcast/multicast frame 351 * broadcast/multicast frame
@@ -379,13 +382,13 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx)
379 } 382 }
380 383
381 /* buffered in hardware */ 384 /* buffered in hardware */
382 tx->u.tx.control->flags |= IEEE80211_TXCTL_SEND_AFTER_DTIM; 385 tx->control->flags |= IEEE80211_TXCTL_SEND_AFTER_DTIM;
383 386
384 return TX_CONTINUE; 387 return TX_CONTINUE;
385} 388}
386 389
387static ieee80211_tx_result 390static ieee80211_tx_result
388ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx) 391ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
389{ 392{
390 struct sta_info *sta = tx->sta; 393 struct sta_info *sta = tx->sta;
391 DECLARE_MAC_BUF(mac); 394 DECLARE_MAC_BUF(mac);
@@ -439,32 +442,32 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
439} 442}
440 443
441static ieee80211_tx_result 444static ieee80211_tx_result
442ieee80211_tx_h_ps_buf(struct ieee80211_txrx_data *tx) 445ieee80211_tx_h_ps_buf(struct ieee80211_tx_data *tx)
443{ 446{
444 if (unlikely(tx->flags & IEEE80211_TXRXD_TXPS_BUFFERED)) 447 if (unlikely(tx->flags & IEEE80211_TX_PS_BUFFERED))
445 return TX_CONTINUE; 448 return TX_CONTINUE;
446 449
447 if (tx->flags & IEEE80211_TXRXD_TXUNICAST) 450 if (tx->flags & IEEE80211_TX_UNICAST)
448 return ieee80211_tx_h_unicast_ps_buf(tx); 451 return ieee80211_tx_h_unicast_ps_buf(tx);
449 else 452 else
450 return ieee80211_tx_h_multicast_ps_buf(tx); 453 return ieee80211_tx_h_multicast_ps_buf(tx);
451} 454}
452 455
453static ieee80211_tx_result 456static ieee80211_tx_result
454ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx) 457ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
455{ 458{
456 struct ieee80211_key *key; 459 struct ieee80211_key *key;
457 u16 fc = tx->fc; 460 u16 fc = tx->fc;
458 461
459 if (unlikely(tx->u.tx.control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT)) 462 if (unlikely(tx->control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
460 tx->key = NULL; 463 tx->key = NULL;
461 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 464 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
462 tx->key = key; 465 tx->key = key;
463 else if ((key = rcu_dereference(tx->sdata->default_key))) 466 else if ((key = rcu_dereference(tx->sdata->default_key)))
464 tx->key = key; 467 tx->key = key;
465 else if (tx->sdata->drop_unencrypted && 468 else if (tx->sdata->drop_unencrypted &&
466 !(tx->u.tx.control->flags & IEEE80211_TXCTL_EAPOL_FRAME) && 469 !(tx->control->flags & IEEE80211_TXCTL_EAPOL_FRAME) &&
467 !(tx->flags & IEEE80211_TXRXD_TX_INJECTED)) { 470 !(tx->flags & IEEE80211_TX_INJECTED)) {
468 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted); 471 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
469 return TX_DROP; 472 return TX_DROP;
470 } else 473 } else
@@ -493,13 +496,13 @@ ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx)
493 } 496 }
494 497
495 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 498 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
496 tx->u.tx.control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 499 tx->control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
497 500
498 return TX_CONTINUE; 501 return TX_CONTINUE;
499} 502}
500 503
501static ieee80211_tx_result 504static ieee80211_tx_result
502ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx) 505ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
503{ 506{
504 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data; 507 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
505 size_t hdrlen, per_fragm, num_fragm, payload_len, left; 508 size_t hdrlen, per_fragm, num_fragm, payload_len, left;
@@ -509,7 +512,7 @@ ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
509 u8 *pos; 512 u8 *pos;
510 int frag_threshold = tx->local->fragmentation_threshold; 513 int frag_threshold = tx->local->fragmentation_threshold;
511 514
512 if (!(tx->flags & IEEE80211_TXRXD_FRAGMENTED)) 515 if (!(tx->flags & IEEE80211_TX_FRAGMENTED))
513 return TX_CONTINUE; 516 return TX_CONTINUE;
514 517
515 first = tx->skb; 518 first = tx->skb;
@@ -561,8 +564,8 @@ ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
561 } 564 }
562 skb_trim(first, hdrlen + per_fragm); 565 skb_trim(first, hdrlen + per_fragm);
563 566
564 tx->u.tx.num_extra_frag = num_fragm - 1; 567 tx->num_extra_frag = num_fragm - 1;
565 tx->u.tx.extra_frag = frags; 568 tx->extra_frag = frags;
566 569
567 return TX_CONTINUE; 570 return TX_CONTINUE;
568 571
@@ -579,7 +582,7 @@ ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
579} 582}
580 583
581static ieee80211_tx_result 584static ieee80211_tx_result
582ieee80211_tx_h_encrypt(struct ieee80211_txrx_data *tx) 585ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
583{ 586{
584 if (!tx->key) 587 if (!tx->key)
585 return TX_CONTINUE; 588 return TX_CONTINUE;
@@ -599,56 +602,56 @@ ieee80211_tx_h_encrypt(struct ieee80211_txrx_data *tx)
599} 602}
600 603
601static ieee80211_tx_result 604static ieee80211_tx_result
602ieee80211_tx_h_rate_ctrl(struct ieee80211_txrx_data *tx) 605ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
603{ 606{
604 struct rate_selection rsel; 607 struct rate_selection rsel;
605 struct ieee80211_supported_band *sband; 608 struct ieee80211_supported_band *sband;
606 609
607 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band]; 610 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band];
608 611
609 if (likely(!tx->u.tx.rate)) { 612 if (likely(!tx->rate)) {
610 rate_control_get_rate(tx->dev, sband, tx->skb, &rsel); 613 rate_control_get_rate(tx->dev, sband, tx->skb, &rsel);
611 tx->u.tx.rate = rsel.rate; 614 tx->rate = rsel.rate;
612 if (unlikely(rsel.probe)) { 615 if (unlikely(rsel.probe)) {
613 tx->u.tx.control->flags |= 616 tx->control->flags |=
614 IEEE80211_TXCTL_RATE_CTRL_PROBE; 617 IEEE80211_TXCTL_RATE_CTRL_PROBE;
615 tx->flags |= IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 618 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
616 tx->u.tx.control->alt_retry_rate = tx->u.tx.rate; 619 tx->control->alt_retry_rate = tx->rate;
617 tx->u.tx.rate = rsel.probe; 620 tx->rate = rsel.probe;
618 } else 621 } else
619 tx->u.tx.control->alt_retry_rate = NULL; 622 tx->control->alt_retry_rate = NULL;
620 623
621 if (!tx->u.tx.rate) 624 if (!tx->rate)
622 return TX_DROP; 625 return TX_DROP;
623 } else 626 } else
624 tx->u.tx.control->alt_retry_rate = NULL; 627 tx->control->alt_retry_rate = NULL;
625 628
626 if (tx->sdata->bss_conf.use_cts_prot && 629 if (tx->sdata->bss_conf.use_cts_prot &&
627 (tx->flags & IEEE80211_TXRXD_FRAGMENTED) && rsel.nonerp) { 630 (tx->flags & IEEE80211_TX_FRAGMENTED) && rsel.nonerp) {
628 tx->u.tx.last_frag_rate = tx->u.tx.rate; 631 tx->last_frag_rate = tx->rate;
629 if (rsel.probe) 632 if (rsel.probe)
630 tx->flags &= ~IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 633 tx->flags &= ~IEEE80211_TX_PROBE_LAST_FRAG;
631 else 634 else
632 tx->flags |= IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 635 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
633 tx->u.tx.rate = rsel.nonerp; 636 tx->rate = rsel.nonerp;
634 tx->u.tx.control->tx_rate = rsel.nonerp; 637 tx->control->tx_rate = rsel.nonerp;
635 tx->u.tx.control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE; 638 tx->control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
636 } else { 639 } else {
637 tx->u.tx.last_frag_rate = tx->u.tx.rate; 640 tx->last_frag_rate = tx->rate;
638 tx->u.tx.control->tx_rate = tx->u.tx.rate; 641 tx->control->tx_rate = tx->rate;
639 } 642 }
640 tx->u.tx.control->tx_rate = tx->u.tx.rate; 643 tx->control->tx_rate = tx->rate;
641 644
642 return TX_CONTINUE; 645 return TX_CONTINUE;
643} 646}
644 647
645static ieee80211_tx_result 648static ieee80211_tx_result
646ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx) 649ieee80211_tx_h_misc(struct ieee80211_tx_data *tx)
647{ 650{
648 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data; 651 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
649 u16 fc = le16_to_cpu(hdr->frame_control); 652 u16 fc = le16_to_cpu(hdr->frame_control);
650 u16 dur; 653 u16 dur;
651 struct ieee80211_tx_control *control = tx->u.tx.control; 654 struct ieee80211_tx_control *control = tx->control;
652 655
653 if (!control->retry_limit) { 656 if (!control->retry_limit) {
654 if (!is_multicast_ether_addr(hdr->addr1)) { 657 if (!is_multicast_ether_addr(hdr->addr1)) {
@@ -670,7 +673,7 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
670 } 673 }
671 } 674 }
672 675
673 if (tx->flags & IEEE80211_TXRXD_FRAGMENTED) { 676 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
674 /* Do not use multiple retry rates when sending fragmented 677 /* Do not use multiple retry rates when sending fragmented
675 * frames. 678 * frames.
676 * TODO: The last fragment could still use multiple retry 679 * TODO: The last fragment could still use multiple retry
@@ -682,8 +685,8 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
682 * there are associated non-ERP stations and RTS/CTS is not configured 685 * there are associated non-ERP stations and RTS/CTS is not configured
683 * for the frame. */ 686 * for the frame. */
684 if ((tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) && 687 if ((tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) &&
685 (tx->u.tx.rate->flags & IEEE80211_RATE_ERP_G) && 688 (tx->rate->flags & IEEE80211_RATE_ERP_G) &&
686 (tx->flags & IEEE80211_TXRXD_TXUNICAST) && 689 (tx->flags & IEEE80211_TX_UNICAST) &&
687 tx->sdata->bss_conf.use_cts_prot && 690 tx->sdata->bss_conf.use_cts_prot &&
688 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS)) 691 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
689 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT; 692 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
@@ -692,18 +695,18 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
692 * short preambles at the selected rate and short preambles are 695 * short preambles at the selected rate and short preambles are
693 * available on the network at the current point in time. */ 696 * available on the network at the current point in time. */
694 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) && 697 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
695 (tx->u.tx.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) && 698 (tx->rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
696 tx->sdata->bss_conf.use_short_preamble && 699 tx->sdata->bss_conf.use_short_preamble &&
697 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) { 700 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) {
698 tx->u.tx.control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE; 701 tx->control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE;
699 } 702 }
700 703
701 /* Setup duration field for the first fragment of the frame. Duration 704 /* Setup duration field for the first fragment of the frame. Duration
702 * for remaining fragments will be updated when they are being sent 705 * for remaining fragments will be updated when they are being sent
703 * to low-level driver in ieee80211_tx(). */ 706 * to low-level driver in ieee80211_tx(). */
704 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1), 707 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
705 (tx->flags & IEEE80211_TXRXD_FRAGMENTED) ? 708 (tx->flags & IEEE80211_TX_FRAGMENTED) ?
706 tx->u.tx.extra_frag[0]->len : 0); 709 tx->extra_frag[0]->len : 0);
707 hdr->duration_id = cpu_to_le16(dur); 710 hdr->duration_id = cpu_to_le16(dur);
708 711
709 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) || 712 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
@@ -719,7 +722,7 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
719 control->alt_retry_rate = NULL; 722 control->alt_retry_rate = NULL;
720 723
721 /* Use min(data rate, max base rate) as CTS/RTS rate */ 724 /* Use min(data rate, max base rate) as CTS/RTS rate */
722 rate = tx->u.tx.rate; 725 rate = tx->rate;
723 baserate = NULL; 726 baserate = NULL;
724 727
725 for (idx = 0; idx < sband->n_bitrates; idx++) { 728 for (idx = 0; idx < sband->n_bitrates; idx++) {
@@ -741,12 +744,12 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
741 tx->sta->tx_packets++; 744 tx->sta->tx_packets++;
742 tx->sta->tx_fragments++; 745 tx->sta->tx_fragments++;
743 tx->sta->tx_bytes += tx->skb->len; 746 tx->sta->tx_bytes += tx->skb->len;
744 if (tx->u.tx.extra_frag) { 747 if (tx->extra_frag) {
745 int i; 748 int i;
746 tx->sta->tx_fragments += tx->u.tx.num_extra_frag; 749 tx->sta->tx_fragments += tx->num_extra_frag;
747 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 750 for (i = 0; i < tx->num_extra_frag; i++) {
748 tx->sta->tx_bytes += 751 tx->sta->tx_bytes +=
749 tx->u.tx.extra_frag[i]->len; 752 tx->extra_frag[i]->len;
750 } 753 }
751 } 754 }
752 } 755 }
@@ -755,13 +758,13 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
755} 758}
756 759
757static ieee80211_tx_result 760static ieee80211_tx_result
758ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx) 761ieee80211_tx_h_load_stats(struct ieee80211_tx_data *tx)
759{ 762{
760 struct ieee80211_local *local = tx->local; 763 struct ieee80211_local *local = tx->local;
761 struct sk_buff *skb = tx->skb; 764 struct sk_buff *skb = tx->skb;
762 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 765 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
763 u32 load = 0, hdrtime; 766 u32 load = 0, hdrtime;
764 struct ieee80211_rate *rate = tx->u.tx.rate; 767 struct ieee80211_rate *rate = tx->rate;
765 768
766 /* TODO: this could be part of tx_status handling, so that the number 769 /* TODO: this could be part of tx_status handling, so that the number
767 * of retries would be known; TX rate should in that case be stored 770 * of retries would be known; TX rate should in that case be stored
@@ -772,8 +775,8 @@ ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
772 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values, 775 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
773 * 1 usec = 1/8 * (1080 / 10) = 13.5 */ 776 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
774 777
775 if (tx->u.tx.channel->band == IEEE80211_BAND_5GHZ || 778 if (tx->channel->band == IEEE80211_BAND_5GHZ ||
776 (tx->u.tx.channel->band == IEEE80211_BAND_2GHZ && 779 (tx->channel->band == IEEE80211_BAND_2GHZ &&
777 rate->flags & IEEE80211_RATE_ERP_G)) 780 rate->flags & IEEE80211_RATE_ERP_G))
778 hdrtime = CHAN_UTIL_HDR_SHORT; 781 hdrtime = CHAN_UTIL_HDR_SHORT;
779 else 782 else
@@ -783,20 +786,20 @@ ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
783 if (!is_multicast_ether_addr(hdr->addr1)) 786 if (!is_multicast_ether_addr(hdr->addr1))
784 load += hdrtime; 787 load += hdrtime;
785 788
786 if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_RTS_CTS) 789 if (tx->control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
787 load += 2 * hdrtime; 790 load += 2 * hdrtime;
788 else if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT) 791 else if (tx->control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
789 load += hdrtime; 792 load += hdrtime;
790 793
791 /* TODO: optimise again */ 794 /* TODO: optimise again */
792 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate; 795 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate;
793 796
794 if (tx->u.tx.extra_frag) { 797 if (tx->extra_frag) {
795 int i; 798 int i;
796 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 799 for (i = 0; i < tx->num_extra_frag; i++) {
797 load += 2 * hdrtime; 800 load += 2 * hdrtime;
798 load += tx->u.tx.extra_frag[i]->len * 801 load += tx->extra_frag[i]->len *
799 tx->u.tx.rate->bitrate; 802 tx->rate->bitrate;
800 } 803 }
801 } 804 }
802 805
@@ -811,7 +814,7 @@ ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
811} 814}
812 815
813 816
814typedef ieee80211_tx_result (*ieee80211_tx_handler)(struct ieee80211_txrx_data *); 817typedef ieee80211_tx_result (*ieee80211_tx_handler)(struct ieee80211_tx_data *);
815static ieee80211_tx_handler ieee80211_tx_handlers[] = 818static ieee80211_tx_handler ieee80211_tx_handlers[] =
816{ 819{
817 ieee80211_tx_h_check_assoc, 820 ieee80211_tx_h_check_assoc,
@@ -834,7 +837,7 @@ static ieee80211_tx_handler ieee80211_tx_handlers[] =
834 * with Radiotap Header -- only called for monitor mode interface 837 * with Radiotap Header -- only called for monitor mode interface
835 */ 838 */
836static ieee80211_tx_result 839static ieee80211_tx_result
837__ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx, 840__ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
838 struct sk_buff *skb) 841 struct sk_buff *skb)
839{ 842{
840 /* 843 /*
@@ -850,13 +853,13 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
850 (struct ieee80211_radiotap_header *) skb->data; 853 (struct ieee80211_radiotap_header *) skb->data;
851 struct ieee80211_supported_band *sband; 854 struct ieee80211_supported_band *sband;
852 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len); 855 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len);
853 struct ieee80211_tx_control *control = tx->u.tx.control; 856 struct ieee80211_tx_control *control = tx->control;
854 857
855 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band]; 858 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band];
856 859
857 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 860 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
858 tx->flags |= IEEE80211_TXRXD_TX_INJECTED; 861 tx->flags |= IEEE80211_TX_INJECTED;
859 tx->flags &= ~IEEE80211_TXRXD_FRAGMENTED; 862 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
860 863
861 /* 864 /*
862 * for every radiotap entry that is present 865 * for every radiotap entry that is present
@@ -892,7 +895,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
892 r = &sband->bitrates[i]; 895 r = &sband->bitrates[i];
893 896
894 if (r->bitrate == target_rate) { 897 if (r->bitrate == target_rate) {
895 tx->u.tx.rate = r; 898 tx->rate = r;
896 break; 899 break;
897 } 900 }
898 } 901 }
@@ -930,7 +933,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
930 control->flags &= 933 control->flags &=
931 ~IEEE80211_TXCTL_DO_NOT_ENCRYPT; 934 ~IEEE80211_TXCTL_DO_NOT_ENCRYPT;
932 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG) 935 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG)
933 tx->flags |= IEEE80211_TXRXD_FRAGMENTED; 936 tx->flags |= IEEE80211_TX_FRAGMENTED;
934 break; 937 break;
935 938
936 /* 939 /*
@@ -961,7 +964,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
961 * initialises @tx 964 * initialises @tx
962 */ 965 */
963static ieee80211_tx_result 966static ieee80211_tx_result
964__ieee80211_tx_prepare(struct ieee80211_txrx_data *tx, 967__ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
965 struct sk_buff *skb, 968 struct sk_buff *skb,
966 struct net_device *dev, 969 struct net_device *dev,
967 struct ieee80211_tx_control *control) 970 struct ieee80211_tx_control *control)
@@ -977,12 +980,12 @@ __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
977 tx->dev = dev; /* use original interface */ 980 tx->dev = dev; /* use original interface */
978 tx->local = local; 981 tx->local = local;
979 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev); 982 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
980 tx->u.tx.control = control; 983 tx->control = control;
981 /* 984 /*
982 * Set this flag (used below to indicate "automatic fragmentation"), 985 * Set this flag (used below to indicate "automatic fragmentation"),
983 * it will be cleared/left by radiotap as desired. 986 * it will be cleared/left by radiotap as desired.
984 */ 987 */
985 tx->flags |= IEEE80211_TXRXD_FRAGMENTED; 988 tx->flags |= IEEE80211_TX_FRAGMENTED;
986 989
987 /* process and remove the injection radiotap header */ 990 /* process and remove the injection radiotap header */
988 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 991 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
@@ -1003,20 +1006,20 @@ __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1003 tx->fc = le16_to_cpu(hdr->frame_control); 1006 tx->fc = le16_to_cpu(hdr->frame_control);
1004 1007
1005 if (is_multicast_ether_addr(hdr->addr1)) { 1008 if (is_multicast_ether_addr(hdr->addr1)) {
1006 tx->flags &= ~IEEE80211_TXRXD_TXUNICAST; 1009 tx->flags &= ~IEEE80211_TX_UNICAST;
1007 control->flags |= IEEE80211_TXCTL_NO_ACK; 1010 control->flags |= IEEE80211_TXCTL_NO_ACK;
1008 } else { 1011 } else {
1009 tx->flags |= IEEE80211_TXRXD_TXUNICAST; 1012 tx->flags |= IEEE80211_TX_UNICAST;
1010 control->flags &= ~IEEE80211_TXCTL_NO_ACK; 1013 control->flags &= ~IEEE80211_TXCTL_NO_ACK;
1011 } 1014 }
1012 1015
1013 if (tx->flags & IEEE80211_TXRXD_FRAGMENTED) { 1016 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
1014 if ((tx->flags & IEEE80211_TXRXD_TXUNICAST) && 1017 if ((tx->flags & IEEE80211_TX_UNICAST) &&
1015 skb->len + FCS_LEN > local->fragmentation_threshold && 1018 skb->len + FCS_LEN > local->fragmentation_threshold &&
1016 !local->ops->set_frag_threshold) 1019 !local->ops->set_frag_threshold)
1017 tx->flags |= IEEE80211_TXRXD_FRAGMENTED; 1020 tx->flags |= IEEE80211_TX_FRAGMENTED;
1018 else 1021 else
1019 tx->flags &= ~IEEE80211_TXRXD_FRAGMENTED; 1022 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
1020 } 1023 }
1021 1024
1022 if (!tx->sta) 1025 if (!tx->sta)
@@ -1039,7 +1042,7 @@ __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1039/* 1042/*
1040 * NB: @tx is uninitialised when passed in here 1043 * NB: @tx is uninitialised when passed in here
1041 */ 1044 */
1042static int ieee80211_tx_prepare(struct ieee80211_txrx_data *tx, 1045static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1043 struct sk_buff *skb, 1046 struct sk_buff *skb,
1044 struct net_device *mdev, 1047 struct net_device *mdev,
1045 struct ieee80211_tx_control *control) 1048 struct ieee80211_tx_control *control)
@@ -1062,9 +1065,9 @@ static int ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1062} 1065}
1063 1066
1064static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb, 1067static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1065 struct ieee80211_txrx_data *tx) 1068 struct ieee80211_tx_data *tx)
1066{ 1069{
1067 struct ieee80211_tx_control *control = tx->u.tx.control; 1070 struct ieee80211_tx_control *control = tx->control;
1068 int ret, i; 1071 int ret, i;
1069 1072
1070 if (!ieee80211_qdisc_installed(local->mdev) && 1073 if (!ieee80211_qdisc_installed(local->mdev) &&
@@ -1081,20 +1084,20 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1081 local->mdev->trans_start = jiffies; 1084 local->mdev->trans_start = jiffies;
1082 ieee80211_led_tx(local, 1); 1085 ieee80211_led_tx(local, 1);
1083 } 1086 }
1084 if (tx->u.tx.extra_frag) { 1087 if (tx->extra_frag) {
1085 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS | 1088 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1086 IEEE80211_TXCTL_USE_CTS_PROTECT | 1089 IEEE80211_TXCTL_USE_CTS_PROTECT |
1087 IEEE80211_TXCTL_CLEAR_PS_FILT | 1090 IEEE80211_TXCTL_CLEAR_PS_FILT |
1088 IEEE80211_TXCTL_FIRST_FRAGMENT); 1091 IEEE80211_TXCTL_FIRST_FRAGMENT);
1089 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 1092 for (i = 0; i < tx->num_extra_frag; i++) {
1090 if (!tx->u.tx.extra_frag[i]) 1093 if (!tx->extra_frag[i])
1091 continue; 1094 continue;
1092 if (__ieee80211_queue_stopped(local, control->queue)) 1095 if (__ieee80211_queue_stopped(local, control->queue))
1093 return IEEE80211_TX_FRAG_AGAIN; 1096 return IEEE80211_TX_FRAG_AGAIN;
1094 if (i == tx->u.tx.num_extra_frag) { 1097 if (i == tx->num_extra_frag) {
1095 control->tx_rate = tx->u.tx.last_frag_rate; 1098 control->tx_rate = tx->last_frag_rate;
1096 1099
1097 if (tx->flags & IEEE80211_TXRXD_TXPROBE_LAST_FRAG) 1100 if (tx->flags & IEEE80211_TX_PROBE_LAST_FRAG)
1098 control->flags |= 1101 control->flags |=
1099 IEEE80211_TXCTL_RATE_CTRL_PROBE; 1102 IEEE80211_TXCTL_RATE_CTRL_PROBE;
1100 else 1103 else
@@ -1104,18 +1107,18 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1104 1107
1105 ieee80211_dump_frame(wiphy_name(local->hw.wiphy), 1108 ieee80211_dump_frame(wiphy_name(local->hw.wiphy),
1106 "TX to low-level driver", 1109 "TX to low-level driver",
1107 tx->u.tx.extra_frag[i]); 1110 tx->extra_frag[i]);
1108 ret = local->ops->tx(local_to_hw(local), 1111 ret = local->ops->tx(local_to_hw(local),
1109 tx->u.tx.extra_frag[i], 1112 tx->extra_frag[i],
1110 control); 1113 control);
1111 if (ret) 1114 if (ret)
1112 return IEEE80211_TX_FRAG_AGAIN; 1115 return IEEE80211_TX_FRAG_AGAIN;
1113 local->mdev->trans_start = jiffies; 1116 local->mdev->trans_start = jiffies;
1114 ieee80211_led_tx(local, 1); 1117 ieee80211_led_tx(local, 1);
1115 tx->u.tx.extra_frag[i] = NULL; 1118 tx->extra_frag[i] = NULL;
1116 } 1119 }
1117 kfree(tx->u.tx.extra_frag); 1120 kfree(tx->extra_frag);
1118 tx->u.tx.extra_frag = NULL; 1121 tx->extra_frag = NULL;
1119 } 1122 }
1120 return IEEE80211_TX_OK; 1123 return IEEE80211_TX_OK;
1121} 1124}
@@ -1126,7 +1129,7 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1126 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1129 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1127 struct sta_info *sta; 1130 struct sta_info *sta;
1128 ieee80211_tx_handler *handler; 1131 ieee80211_tx_handler *handler;
1129 struct ieee80211_txrx_data tx; 1132 struct ieee80211_tx_data tx;
1130 ieee80211_tx_result res = TX_DROP, res_prepare; 1133 ieee80211_tx_result res = TX_DROP, res_prepare;
1131 int ret, i; 1134 int ret, i;
1132 1135
@@ -1137,22 +1140,19 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1137 return 0; 1140 return 0;
1138 } 1141 }
1139 1142
1143 rcu_read_lock();
1144
1140 /* initialises tx */ 1145 /* initialises tx */
1141 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev, control); 1146 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev, control);
1142 1147
1143 if (res_prepare == TX_DROP) { 1148 if (res_prepare == TX_DROP) {
1144 dev_kfree_skb(skb); 1149 dev_kfree_skb(skb);
1150 rcu_read_unlock();
1145 return 0; 1151 return 0;
1146 } 1152 }
1147 1153
1148 /*
1149 * key references are protected using RCU and this requires that
1150 * we are in a read-site RCU section during receive processing
1151 */
1152 rcu_read_lock();
1153
1154 sta = tx.sta; 1154 sta = tx.sta;
1155 tx.u.tx.channel = local->hw.conf.channel; 1155 tx.channel = local->hw.conf.channel;
1156 1156
1157 for (handler = ieee80211_tx_handlers; *handler != NULL; 1157 for (handler = ieee80211_tx_handlers; *handler != NULL;
1158 handler++) { 1158 handler++) {
@@ -1163,9 +1163,6 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1163 1163
1164 skb = tx.skb; /* handlers are allowed to change skb */ 1164 skb = tx.skb; /* handlers are allowed to change skb */
1165 1165
1166 if (sta)
1167 sta_info_put(sta);
1168
1169 if (unlikely(res == TX_DROP)) { 1166 if (unlikely(res == TX_DROP)) {
1170 I802_DEBUG_INC(local->tx_handlers_drop); 1167 I802_DEBUG_INC(local->tx_handlers_drop);
1171 goto drop; 1168 goto drop;
@@ -1177,18 +1174,18 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1177 return 0; 1174 return 0;
1178 } 1175 }
1179 1176
1180 if (tx.u.tx.extra_frag) { 1177 if (tx.extra_frag) {
1181 for (i = 0; i < tx.u.tx.num_extra_frag; i++) { 1178 for (i = 0; i < tx.num_extra_frag; i++) {
1182 int next_len, dur; 1179 int next_len, dur;
1183 struct ieee80211_hdr *hdr = 1180 struct ieee80211_hdr *hdr =
1184 (struct ieee80211_hdr *) 1181 (struct ieee80211_hdr *)
1185 tx.u.tx.extra_frag[i]->data; 1182 tx.extra_frag[i]->data;
1186 1183
1187 if (i + 1 < tx.u.tx.num_extra_frag) { 1184 if (i + 1 < tx.num_extra_frag) {
1188 next_len = tx.u.tx.extra_frag[i + 1]->len; 1185 next_len = tx.extra_frag[i + 1]->len;
1189 } else { 1186 } else {
1190 next_len = 0; 1187 next_len = 0;
1191 tx.u.tx.rate = tx.u.tx.last_frag_rate; 1188 tx.rate = tx.last_frag_rate;
1192 } 1189 }
1193 dur = ieee80211_duration(&tx, 0, next_len); 1190 dur = ieee80211_duration(&tx, 0, next_len);
1194 hdr->duration_id = cpu_to_le16(dur); 1191 hdr->duration_id = cpu_to_le16(dur);
@@ -1223,11 +1220,11 @@ retry:
1223 memcpy(&store->control, control, 1220 memcpy(&store->control, control,
1224 sizeof(struct ieee80211_tx_control)); 1221 sizeof(struct ieee80211_tx_control));
1225 store->skb = skb; 1222 store->skb = skb;
1226 store->extra_frag = tx.u.tx.extra_frag; 1223 store->extra_frag = tx.extra_frag;
1227 store->num_extra_frag = tx.u.tx.num_extra_frag; 1224 store->num_extra_frag = tx.num_extra_frag;
1228 store->last_frag_rate = tx.u.tx.last_frag_rate; 1225 store->last_frag_rate = tx.last_frag_rate;
1229 store->last_frag_rate_ctrl_probe = 1226 store->last_frag_rate_ctrl_probe =
1230 !!(tx.flags & IEEE80211_TXRXD_TXPROBE_LAST_FRAG); 1227 !!(tx.flags & IEEE80211_TX_PROBE_LAST_FRAG);
1231 } 1228 }
1232 rcu_read_unlock(); 1229 rcu_read_unlock();
1233 return 0; 1230 return 0;
@@ -1235,10 +1232,10 @@ retry:
1235 drop: 1232 drop:
1236 if (skb) 1233 if (skb)
1237 dev_kfree_skb(skb); 1234 dev_kfree_skb(skb);
1238 for (i = 0; i < tx.u.tx.num_extra_frag; i++) 1235 for (i = 0; i < tx.num_extra_frag; i++)
1239 if (tx.u.tx.extra_frag[i]) 1236 if (tx.extra_frag[i])
1240 dev_kfree_skb(tx.u.tx.extra_frag[i]); 1237 dev_kfree_skb(tx.extra_frag[i]);
1241 kfree(tx.u.tx.extra_frag); 1238 kfree(tx.extra_frag);
1242 rcu_read_unlock(); 1239 rcu_read_unlock();
1243 return 0; 1240 return 0;
1244} 1241}
@@ -1384,8 +1381,9 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1384 struct ieee80211_tx_packet_data *pkt_data; 1381 struct ieee80211_tx_packet_data *pkt_data;
1385 struct ieee80211_sub_if_data *sdata; 1382 struct ieee80211_sub_if_data *sdata;
1386 int ret = 1, head_need; 1383 int ret = 1, head_need;
1387 u16 ethertype, hdrlen, fc; 1384 u16 ethertype, hdrlen, meshhdrlen = 0, fc;
1388 struct ieee80211_hdr hdr; 1385 struct ieee80211_hdr hdr;
1386 struct ieee80211s_hdr mesh_hdr;
1389 const u8 *encaps_data; 1387 const u8 *encaps_data;
1390 int encaps_len, skip_header_bytes; 1388 int encaps_len, skip_header_bytes;
1391 int nh_pos, h_pos; 1389 int nh_pos, h_pos;
@@ -1427,6 +1425,37 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1427 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN); 1425 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1428 hdrlen = 30; 1426 hdrlen = 30;
1429 break; 1427 break;
1428#ifdef CONFIG_MAC80211_MESH
1429 case IEEE80211_IF_TYPE_MESH_POINT:
1430 fc |= IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS;
1431 /* RA TA DA SA */
1432 if (is_multicast_ether_addr(skb->data))
1433 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1434 else if (mesh_nexthop_lookup(hdr.addr1, skb, dev))
1435 return 0;
1436 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1437 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1438 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1439 if (skb->pkt_type == PACKET_OTHERHOST) {
1440 /* Forwarded frame, keep mesh ttl and seqnum */
1441 struct ieee80211s_hdr *prev_meshhdr;
1442 prev_meshhdr = ((struct ieee80211s_hdr *)skb->cb);
1443 meshhdrlen = ieee80211_get_mesh_hdrlen(prev_meshhdr);
1444 memcpy(&mesh_hdr, prev_meshhdr, meshhdrlen);
1445 sdata->u.sta.mshstats.fwded_frames++;
1446 } else {
1447 if (!sdata->u.sta.mshcfg.dot11MeshTTL) {
1448 /* Do not send frames with mesh_ttl == 0 */
1449 sdata->u.sta.mshstats.dropped_frames_ttl++;
1450 ret = 0;
1451 goto fail;
1452 }
1453 meshhdrlen = ieee80211_new_mesh_header(&mesh_hdr,
1454 sdata);
1455 }
1456 hdrlen = 30;
1457 break;
1458#endif
1430 case IEEE80211_IF_TYPE_STA: 1459 case IEEE80211_IF_TYPE_STA:
1431 fc |= IEEE80211_FCTL_TODS; 1460 fc |= IEEE80211_FCTL_TODS;
1432 /* BSSID SA DA */ 1461 /* BSSID SA DA */
@@ -1453,11 +1482,11 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1453 * in AP mode) 1482 * in AP mode)
1454 */ 1483 */
1455 if (!is_multicast_ether_addr(hdr.addr1)) { 1484 if (!is_multicast_ether_addr(hdr.addr1)) {
1485 rcu_read_lock();
1456 sta = sta_info_get(local, hdr.addr1); 1486 sta = sta_info_get(local, hdr.addr1);
1457 if (sta) { 1487 if (sta)
1458 sta_flags = sta->flags; 1488 sta_flags = sta->flags;
1459 sta_info_put(sta); 1489 rcu_read_unlock();
1460 }
1461 } 1490 }
1462 1491
1463 /* receiver is QoS enabled, use a QoS type frame */ 1492 /* receiver is QoS enabled, use a QoS type frame */
@@ -1471,8 +1500,8 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1471 * EAPOL frames from the local station. 1500 * EAPOL frames from the local station.
1472 */ 1501 */
1473 if (unlikely(!is_multicast_ether_addr(hdr.addr1) && 1502 if (unlikely(!is_multicast_ether_addr(hdr.addr1) &&
1474 !(sta_flags & WLAN_STA_AUTHORIZED) && 1503 !(sta_flags & WLAN_STA_AUTHORIZED) &&
1475 !(ethertype == ETH_P_PAE && 1504 !(ethertype == ETH_P_PAE &&
1476 compare_ether_addr(dev->dev_addr, 1505 compare_ether_addr(dev->dev_addr,
1477 skb->data + ETH_ALEN) == 0))) { 1506 skb->data + ETH_ALEN) == 0))) {
1478#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1507#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
@@ -1525,7 +1554,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1525 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and 1554 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1526 * alloc_skb() (net/core/skbuff.c) 1555 * alloc_skb() (net/core/skbuff.c)
1527 */ 1556 */
1528 head_need = hdrlen + encaps_len + local->tx_headroom; 1557 head_need = hdrlen + encaps_len + meshhdrlen + local->tx_headroom;
1529 head_need -= skb_headroom(skb); 1558 head_need -= skb_headroom(skb);
1530 1559
1531 /* We are going to modify skb data, so make a copy of it if happens to 1560 /* We are going to modify skb data, so make a copy of it if happens to
@@ -1559,6 +1588,12 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1559 h_pos += encaps_len; 1588 h_pos += encaps_len;
1560 } 1589 }
1561 1590
1591 if (meshhdrlen > 0) {
1592 memcpy(skb_push(skb, meshhdrlen), &mesh_hdr, meshhdrlen);
1593 nh_pos += meshhdrlen;
1594 h_pos += meshhdrlen;
1595 }
1596
1562 if (fc & IEEE80211_STYPE_QOS_DATA) { 1597 if (fc & IEEE80211_STYPE_QOS_DATA) {
1563 __le16 *qos_control; 1598 __le16 *qos_control;
1564 1599
@@ -1628,7 +1663,7 @@ void ieee80211_tx_pending(unsigned long data)
1628 struct ieee80211_local *local = (struct ieee80211_local *)data; 1663 struct ieee80211_local *local = (struct ieee80211_local *)data;
1629 struct net_device *dev = local->mdev; 1664 struct net_device *dev = local->mdev;
1630 struct ieee80211_tx_stored_packet *store; 1665 struct ieee80211_tx_stored_packet *store;
1631 struct ieee80211_txrx_data tx; 1666 struct ieee80211_tx_data tx;
1632 int i, ret, reschedule = 0; 1667 int i, ret, reschedule = 0;
1633 1668
1634 netif_tx_lock_bh(dev); 1669 netif_tx_lock_bh(dev);
@@ -1640,13 +1675,13 @@ void ieee80211_tx_pending(unsigned long data)
1640 continue; 1675 continue;
1641 } 1676 }
1642 store = &local->pending_packet[i]; 1677 store = &local->pending_packet[i];
1643 tx.u.tx.control = &store->control; 1678 tx.control = &store->control;
1644 tx.u.tx.extra_frag = store->extra_frag; 1679 tx.extra_frag = store->extra_frag;
1645 tx.u.tx.num_extra_frag = store->num_extra_frag; 1680 tx.num_extra_frag = store->num_extra_frag;
1646 tx.u.tx.last_frag_rate = store->last_frag_rate; 1681 tx.last_frag_rate = store->last_frag_rate;
1647 tx.flags = 0; 1682 tx.flags = 0;
1648 if (store->last_frag_rate_ctrl_probe) 1683 if (store->last_frag_rate_ctrl_probe)
1649 tx.flags |= IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 1684 tx.flags |= IEEE80211_TX_PROBE_LAST_FRAG;
1650 ret = __ieee80211_tx(local, store->skb, &tx); 1685 ret = __ieee80211_tx(local, store->skb, &tx);
1651 if (ret) { 1686 if (ret) {
1652 if (ret == IEEE80211_TX_FRAG_AGAIN) 1687 if (ret == IEEE80211_TX_FRAG_AGAIN)
@@ -1680,7 +1715,6 @@ static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1680 1715
1681 /* Generate bitmap for TIM only if there are any STAs in power save 1716 /* Generate bitmap for TIM only if there are any STAs in power save
1682 * mode. */ 1717 * mode. */
1683 read_lock_bh(&local->sta_lock);
1684 if (atomic_read(&bss->num_sta_ps) > 0) 1718 if (atomic_read(&bss->num_sta_ps) > 0)
1685 /* in the hope that this is faster than 1719 /* in the hope that this is faster than
1686 * checking byte-for-byte */ 1720 * checking byte-for-byte */
@@ -1731,7 +1765,6 @@ static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1731 *pos++ = aid0; /* Bitmap control */ 1765 *pos++ = aid0; /* Bitmap control */
1732 *pos++ = 0; /* Part Virt Bitmap */ 1766 *pos++ = 0; /* Part Virt Bitmap */
1733 } 1767 }
1734 read_unlock_bh(&local->sta_lock);
1735} 1768}
1736 1769
1737struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, 1770struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
@@ -1746,6 +1779,10 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1746 struct rate_selection rsel; 1779 struct rate_selection rsel;
1747 struct beacon_data *beacon; 1780 struct beacon_data *beacon;
1748 struct ieee80211_supported_band *sband; 1781 struct ieee80211_supported_band *sband;
1782 struct ieee80211_mgmt *mgmt;
1783 int *num_beacons;
1784 bool err = true;
1785 u8 *pos;
1749 1786
1750 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 1787 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1751 1788
@@ -1753,11 +1790,84 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1753 1790
1754 sdata = vif_to_sdata(vif); 1791 sdata = vif_to_sdata(vif);
1755 bdev = sdata->dev; 1792 bdev = sdata->dev;
1756 ap = &sdata->u.ap;
1757 1793
1758 beacon = rcu_dereference(ap->beacon); 1794 if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
1795 ap = &sdata->u.ap;
1796 beacon = rcu_dereference(ap->beacon);
1797 if (ap && beacon) {
1798 /*
1799 * headroom, head length,
1800 * tail length and maximum TIM length
1801 */
1802 skb = dev_alloc_skb(local->tx_headroom +
1803 beacon->head_len +
1804 beacon->tail_len + 256);
1805 if (!skb)
1806 goto out;
1807
1808 skb_reserve(skb, local->tx_headroom);
1809 memcpy(skb_put(skb, beacon->head_len), beacon->head,
1810 beacon->head_len);
1811
1812 ieee80211_include_sequence(sdata,
1813 (struct ieee80211_hdr *)skb->data);
1814
1815 /*
1816 * Not very nice, but we want to allow the driver to call
1817 * ieee80211_beacon_get() as a response to the set_tim()
1818 * callback. That, however, is already invoked under the
1819 * sta_lock to guarantee consistent and race-free update
1820 * of the tim bitmap in mac80211 and the driver.
1821 */
1822 if (local->tim_in_locked_section) {
1823 ieee80211_beacon_add_tim(local, ap, skb, beacon);
1824 } else {
1825 unsigned long flags;
1826
1827 spin_lock_irqsave(&local->sta_lock, flags);
1828 ieee80211_beacon_add_tim(local, ap, skb, beacon);
1829 spin_unlock_irqrestore(&local->sta_lock, flags);
1830 }
1831
1832 if (beacon->tail)
1833 memcpy(skb_put(skb, beacon->tail_len),
1834 beacon->tail, beacon->tail_len);
1835
1836 num_beacons = &ap->num_beacons;
1837
1838 err = false;
1839 }
1840 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
1841 /* headroom, head length, tail length and maximum TIM length */
1842 skb = dev_alloc_skb(local->tx_headroom + 400);
1843 if (!skb)
1844 goto out;
1845
1846 skb_reserve(skb, local->hw.extra_tx_headroom);
1847 mgmt = (struct ieee80211_mgmt *)
1848 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
1849 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
1850 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1851 IEEE80211_STYPE_BEACON);
1852 memset(mgmt->da, 0xff, ETH_ALEN);
1853 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1854 /* BSSID is left zeroed, wildcard value */
1855 mgmt->u.beacon.beacon_int =
1856 cpu_to_le16(local->hw.conf.beacon_int);
1857 mgmt->u.beacon.capab_info = 0x0; /* 0x0 for MPs */
1759 1858
1760 if (!ap || sdata->vif.type != IEEE80211_IF_TYPE_AP || !beacon) { 1859 pos = skb_put(skb, 2);
1860 *pos++ = WLAN_EID_SSID;
1861 *pos++ = 0x0;
1862
1863 mesh_mgmt_ies_add(skb, sdata->dev);
1864
1865 num_beacons = &sdata->u.sta.num_beacons;
1866
1867 err = false;
1868 }
1869
1870 if (err) {
1761#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1871#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1762 if (net_ratelimit()) 1872 if (net_ratelimit())
1763 printk(KERN_DEBUG "no beacon data avail for %s\n", 1873 printk(KERN_DEBUG "no beacon data avail for %s\n",
@@ -1767,24 +1877,6 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1767 goto out; 1877 goto out;
1768 } 1878 }
1769 1879
1770 /* headroom, head length, tail length and maximum TIM length */
1771 skb = dev_alloc_skb(local->tx_headroom + beacon->head_len +
1772 beacon->tail_len + 256);
1773 if (!skb)
1774 goto out;
1775
1776 skb_reserve(skb, local->tx_headroom);
1777 memcpy(skb_put(skb, beacon->head_len), beacon->head,
1778 beacon->head_len);
1779
1780 ieee80211_include_sequence(sdata, (struct ieee80211_hdr *)skb->data);
1781
1782 ieee80211_beacon_add_tim(local, ap, skb, beacon);
1783
1784 if (beacon->tail)
1785 memcpy(skb_put(skb, beacon->tail_len), beacon->tail,
1786 beacon->tail_len);
1787
1788 if (control) { 1880 if (control) {
1789 rate_control_get_rate(local->mdev, sband, skb, &rsel); 1881 rate_control_get_rate(local->mdev, sband, skb, &rsel);
1790 if (!rsel.rate) { 1882 if (!rsel.rate) {
@@ -1808,10 +1900,8 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1808 control->retry_limit = 1; 1900 control->retry_limit = 1;
1809 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT; 1901 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT;
1810 } 1902 }
1811 1903 (*num_beacons)++;
1812 ap->num_beacons++; 1904out:
1813
1814 out:
1815 rcu_read_unlock(); 1905 rcu_read_unlock();
1816 return skb; 1906 return skb;
1817} 1907}
@@ -1859,7 +1949,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1859 struct sk_buff *skb; 1949 struct sk_buff *skb;
1860 struct sta_info *sta; 1950 struct sta_info *sta;
1861 ieee80211_tx_handler *handler; 1951 ieee80211_tx_handler *handler;
1862 struct ieee80211_txrx_data tx; 1952 struct ieee80211_tx_data tx;
1863 ieee80211_tx_result res = TX_DROP; 1953 ieee80211_tx_result res = TX_DROP;
1864 struct net_device *bdev; 1954 struct net_device *bdev;
1865 struct ieee80211_sub_if_data *sdata; 1955 struct ieee80211_sub_if_data *sdata;
@@ -1881,7 +1971,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1881 rcu_read_unlock(); 1971 rcu_read_unlock();
1882 return NULL; 1972 return NULL;
1883 } 1973 }
1884 rcu_read_unlock();
1885 1974
1886 if (bss->dtim_count != 0) 1975 if (bss->dtim_count != 0)
1887 return NULL; /* send buffered bc/mc only after DTIM beacon */ 1976 return NULL; /* send buffered bc/mc only after DTIM beacon */
@@ -1907,8 +1996,8 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1907 dev_kfree_skb_any(skb); 1996 dev_kfree_skb_any(skb);
1908 } 1997 }
1909 sta = tx.sta; 1998 sta = tx.sta;
1910 tx.flags |= IEEE80211_TXRXD_TXPS_BUFFERED; 1999 tx.flags |= IEEE80211_TX_PS_BUFFERED;
1911 tx.u.tx.channel = local->hw.conf.channel; 2000 tx.channel = local->hw.conf.channel;
1912 2001
1913 for (handler = ieee80211_tx_handlers; *handler != NULL; handler++) { 2002 for (handler = ieee80211_tx_handlers; *handler != NULL; handler++) {
1914 res = (*handler)(&tx); 2003 res = (*handler)(&tx);
@@ -1926,8 +2015,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1926 skb = NULL; 2015 skb = NULL;
1927 } 2016 }
1928 2017
1929 if (sta) 2018 rcu_read_unlock();
1930 sta_info_put(sta);
1931 2019
1932 return skb; 2020 return skb;
1933} 2021}
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index f64804fed0a9..57c404f3f6d0 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -26,6 +26,7 @@
26 26
27#include "ieee80211_i.h" 27#include "ieee80211_i.h"
28#include "ieee80211_rate.h" 28#include "ieee80211_rate.h"
29#include "mesh.h"
29#include "wme.h" 30#include "wme.h"
30 31
31/* privid for wiphys to determine whether they belong to us or not */ 32/* privid for wiphys to determine whether they belong to us or not */
@@ -146,17 +147,35 @@ int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb)
146} 147}
147EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb); 148EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb);
148 149
149void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx) 150int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr)
151{
152 int ae = meshhdr->flags & IEEE80211S_FLAGS_AE;
153 /* 7.1.3.5a.2 */
154 switch (ae) {
155 case 0:
156 return 5;
157 case 1:
158 return 11;
159 case 2:
160 return 17;
161 case 3:
162 return 23;
163 default:
164 return 5;
165 }
166}
167
168void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx)
150{ 169{
151 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data; 170 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
152 171
153 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 172 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
154 if (tx->u.tx.extra_frag) { 173 if (tx->extra_frag) {
155 struct ieee80211_hdr *fhdr; 174 struct ieee80211_hdr *fhdr;
156 int i; 175 int i;
157 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 176 for (i = 0; i < tx->num_extra_frag; i++) {
158 fhdr = (struct ieee80211_hdr *) 177 fhdr = (struct ieee80211_hdr *)
159 tx->u.tx.extra_frag[i]->data; 178 tx->extra_frag[i]->data;
160 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 179 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
161 } 180 }
162 } 181 }
@@ -382,6 +401,7 @@ void ieee80211_iterate_active_interfaces(
382 case IEEE80211_IF_TYPE_STA: 401 case IEEE80211_IF_TYPE_STA:
383 case IEEE80211_IF_TYPE_IBSS: 402 case IEEE80211_IF_TYPE_IBSS:
384 case IEEE80211_IF_TYPE_WDS: 403 case IEEE80211_IF_TYPE_WDS:
404 case IEEE80211_IF_TYPE_MESH_POINT:
385 break; 405 break;
386 } 406 }
387 if (sdata->dev == local->mdev) 407 if (sdata->dev == local->mdev)
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index a33ef5cfa9ad..affcecd78c10 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -306,14 +306,14 @@ u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key)
306} 306}
307 307
308ieee80211_rx_result 308ieee80211_rx_result
309ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx) 309ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx)
310{ 310{
311 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA && 311 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
312 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT || 312 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
313 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) 313 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH))
314 return RX_CONTINUE; 314 return RX_CONTINUE;
315 315
316 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) { 316 if (!(rx->status->flag & RX_FLAG_DECRYPTED)) {
317 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) { 317 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
318#ifdef CONFIG_MAC80211_DEBUG 318#ifdef CONFIG_MAC80211_DEBUG
319 if (net_ratelimit()) 319 if (net_ratelimit())
@@ -322,7 +322,7 @@ ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx)
322#endif /* CONFIG_MAC80211_DEBUG */ 322#endif /* CONFIG_MAC80211_DEBUG */
323 return RX_DROP_UNUSABLE; 323 return RX_DROP_UNUSABLE;
324 } 324 }
325 } else if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) { 325 } else if (!(rx->status->flag & RX_FLAG_IV_STRIPPED)) {
326 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key); 326 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
327 /* remove ICV */ 327 /* remove ICV */
328 skb_trim(rx->skb, rx->skb->len - 4); 328 skb_trim(rx->skb, rx->skb->len - 4);
@@ -331,13 +331,13 @@ ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx)
331 return RX_CONTINUE; 331 return RX_CONTINUE;
332} 332}
333 333
334static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb) 334static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
335{ 335{
336 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 336 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
337 if (ieee80211_wep_encrypt(tx->local, skb, tx->key)) 337 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
338 return -1; 338 return -1;
339 } else { 339 } else {
340 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 340 tx->control->key_idx = tx->key->conf.hw_key_idx;
341 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) { 341 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) {
342 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key)) 342 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key))
343 return -1; 343 return -1;
@@ -347,21 +347,21 @@ static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb)
347} 347}
348 348
349ieee80211_tx_result 349ieee80211_tx_result
350ieee80211_crypto_wep_encrypt(struct ieee80211_txrx_data *tx) 350ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx)
351{ 351{
352 tx->u.tx.control->iv_len = WEP_IV_LEN; 352 tx->control->iv_len = WEP_IV_LEN;
353 tx->u.tx.control->icv_len = WEP_ICV_LEN; 353 tx->control->icv_len = WEP_ICV_LEN;
354 ieee80211_tx_set_iswep(tx); 354 ieee80211_tx_set_protected(tx);
355 355
356 if (wep_encrypt_skb(tx, tx->skb) < 0) { 356 if (wep_encrypt_skb(tx, tx->skb) < 0) {
357 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep); 357 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep);
358 return TX_DROP; 358 return TX_DROP;
359 } 359 }
360 360
361 if (tx->u.tx.extra_frag) { 361 if (tx->extra_frag) {
362 int i; 362 int i;
363 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 363 for (i = 0; i < tx->num_extra_frag; i++) {
364 if (wep_encrypt_skb(tx, tx->u.tx.extra_frag[i]) < 0) { 364 if (wep_encrypt_skb(tx, tx->extra_frag[i]) < 0) {
365 I802_DEBUG_INC(tx->local-> 365 I802_DEBUG_INC(tx->local->
366 tx_handlers_drop_wep); 366 tx_handlers_drop_wep);
367 return TX_DROP; 367 return TX_DROP;
diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h
index 43aef50cd0d6..9f723938b63f 100644
--- a/net/mac80211/wep.h
+++ b/net/mac80211/wep.h
@@ -29,8 +29,8 @@ int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
29u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key); 29u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
30 30
31ieee80211_rx_result 31ieee80211_rx_result
32ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx); 32ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx);
33ieee80211_tx_result 33ieee80211_tx_result
34ieee80211_crypto_wep_encrypt(struct ieee80211_txrx_data *tx); 34ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx);
35 35
36#endif /* WEP_H */ 36#endif /* WEP_H */
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index 8cc036decc82..4e94e4026e78 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -153,6 +153,7 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
153 153
154 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE) { 154 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE) {
155 queue = pkt_data->queue; 155 queue = pkt_data->queue;
156 rcu_read_lock();
156 sta = sta_info_get(local, hdr->addr1); 157 sta = sta_info_get(local, hdr->addr1);
157 tid = skb->priority & QOS_CONTROL_TAG1D_MASK; 158 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
158 if (sta) { 159 if (sta) {
@@ -164,8 +165,8 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
164 } else { 165 } else {
165 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU; 166 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU;
166 } 167 }
167 sta_info_put(sta);
168 } 168 }
169 rcu_read_unlock();
169 skb_queue_tail(&q->requeued[queue], skb); 170 skb_queue_tail(&q->requeued[queue], skb);
170 qd->q.qlen++; 171 qd->q.qlen++;
171 return 0; 172 return 0;
@@ -187,6 +188,8 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
187 p++; 188 p++;
188 *p = 0; 189 *p = 0;
189 190
191 rcu_read_lock();
192
190 sta = sta_info_get(local, hdr->addr1); 193 sta = sta_info_get(local, hdr->addr1);
191 if (sta) { 194 if (sta) {
192 int ampdu_queue = sta->tid_to_tx_q[tid]; 195 int ampdu_queue = sta->tid_to_tx_q[tid];
@@ -197,8 +200,9 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
197 } else { 200 } else {
198 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU; 201 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU;
199 } 202 }
200 sta_info_put(sta);
201 } 203 }
204
205 rcu_read_unlock();
202 } 206 }
203 207
204 if (unlikely(queue >= local->hw.queues)) { 208 if (unlikely(queue >= local->hw.queues)) {
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index b35e51c6ce0c..df0b7341efc8 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -71,7 +71,7 @@ static int ieee80211_get_hdr_info(const struct sk_buff *skb, u8 **sa, u8 **da,
71 71
72 72
73ieee80211_tx_result 73ieee80211_tx_result
74ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx) 74ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
75{ 75{
76 u8 *data, *sa, *da, *key, *mic, qos_tid; 76 u8 *data, *sa, *da, *key, *mic, qos_tid;
77 size_t data_len; 77 size_t data_len;
@@ -90,7 +90,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx)
90 return TX_DROP; 90 return TX_DROP;
91 91
92 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 92 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
93 !(tx->flags & IEEE80211_TXRXD_FRAGMENTED) && 93 !(tx->flags & IEEE80211_TX_FRAGMENTED) &&
94 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) && 94 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) &&
95 !wpa_test) { 95 !wpa_test) {
96 /* hwaccel - with no need for preallocated room for Michael MIC 96 /* hwaccel - with no need for preallocated room for Michael MIC
@@ -124,7 +124,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx)
124 124
125 125
126ieee80211_rx_result 126ieee80211_rx_result
127ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx) 127ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
128{ 128{
129 u8 *data, *sa, *da, *key = NULL, qos_tid; 129 u8 *data, *sa, *da, *key = NULL, qos_tid;
130 size_t data_len; 130 size_t data_len;
@@ -139,7 +139,7 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
139 /* 139 /*
140 * No way to verify the MIC if the hardware stripped it 140 * No way to verify the MIC if the hardware stripped it
141 */ 141 */
142 if (rx->u.rx.status->flag & RX_FLAG_MMIC_STRIPPED) 142 if (rx->status->flag & RX_FLAG_MMIC_STRIPPED)
143 return RX_CONTINUE; 143 return RX_CONTINUE;
144 144
145 if (!rx->key || rx->key->conf.alg != ALG_TKIP || 145 if (!rx->key || rx->key->conf.alg != ALG_TKIP ||
@@ -161,7 +161,7 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
161 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY]; 161 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];
162 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic); 162 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
163 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) { 163 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) {
164 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 164 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
165 return RX_DROP_UNUSABLE; 165 return RX_DROP_UNUSABLE;
166 166
167 printk(KERN_DEBUG "%s: invalid Michael MIC in data frame from " 167 printk(KERN_DEBUG "%s: invalid Michael MIC in data frame from "
@@ -176,14 +176,14 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
176 skb_trim(skb, skb->len - MICHAEL_MIC_LEN); 176 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
177 177
178 /* update IV in key information to be able to detect replays */ 178 /* update IV in key information to be able to detect replays */
179 rx->key->u.tkip.iv32_rx[rx->u.rx.queue] = rx->u.rx.tkip_iv32; 179 rx->key->u.tkip.iv32_rx[rx->queue] = rx->tkip_iv32;
180 rx->key->u.tkip.iv16_rx[rx->u.rx.queue] = rx->u.rx.tkip_iv16; 180 rx->key->u.tkip.iv16_rx[rx->queue] = rx->tkip_iv16;
181 181
182 return RX_CONTINUE; 182 return RX_CONTINUE;
183} 183}
184 184
185 185
186static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx, 186static int tkip_encrypt_skb(struct ieee80211_tx_data *tx,
187 struct sk_buff *skb, int test) 187 struct sk_buff *skb, int test)
188{ 188{
189 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 189 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -228,7 +228,7 @@ static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx,
228 0x7f), 228 0x7f),
229 (u8) key->u.tkip.iv16); 229 (u8) key->u.tkip.iv16);
230 230
231 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 231 tx->control->key_idx = tx->key->conf.hw_key_idx;
232 return 0; 232 return 0;
233 } 233 }
234 234
@@ -243,30 +243,30 @@ static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx,
243 243
244 244
245ieee80211_tx_result 245ieee80211_tx_result
246ieee80211_crypto_tkip_encrypt(struct ieee80211_txrx_data *tx) 246ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx)
247{ 247{
248 struct sk_buff *skb = tx->skb; 248 struct sk_buff *skb = tx->skb;
249 int wpa_test = 0, test = 0; 249 int wpa_test = 0, test = 0;
250 250
251 tx->u.tx.control->icv_len = TKIP_ICV_LEN; 251 tx->control->icv_len = TKIP_ICV_LEN;
252 tx->u.tx.control->iv_len = TKIP_IV_LEN; 252 tx->control->iv_len = TKIP_IV_LEN;
253 ieee80211_tx_set_iswep(tx); 253 ieee80211_tx_set_protected(tx);
254 254
255 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 255 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
256 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) && 256 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
257 !wpa_test) { 257 !wpa_test) {
258 /* hwaccel - with no need for preallocated room for IV/ICV */ 258 /* hwaccel - with no need for preallocated room for IV/ICV */
259 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 259 tx->control->key_idx = tx->key->conf.hw_key_idx;
260 return TX_CONTINUE; 260 return TX_CONTINUE;
261 } 261 }
262 262
263 if (tkip_encrypt_skb(tx, skb, test) < 0) 263 if (tkip_encrypt_skb(tx, skb, test) < 0)
264 return TX_DROP; 264 return TX_DROP;
265 265
266 if (tx->u.tx.extra_frag) { 266 if (tx->extra_frag) {
267 int i; 267 int i;
268 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 268 for (i = 0; i < tx->num_extra_frag; i++) {
269 if (tkip_encrypt_skb(tx, tx->u.tx.extra_frag[i], test) 269 if (tkip_encrypt_skb(tx, tx->extra_frag[i], test)
270 < 0) 270 < 0)
271 return TX_DROP; 271 return TX_DROP;
272 } 272 }
@@ -277,7 +277,7 @@ ieee80211_crypto_tkip_encrypt(struct ieee80211_txrx_data *tx)
277 277
278 278
279ieee80211_rx_result 279ieee80211_rx_result
280ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx) 280ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx)
281{ 281{
282 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 282 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
283 u16 fc; 283 u16 fc;
@@ -295,8 +295,8 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx)
295 if (!rx->sta || skb->len - hdrlen < 12) 295 if (!rx->sta || skb->len - hdrlen < 12)
296 return RX_DROP_UNUSABLE; 296 return RX_DROP_UNUSABLE;
297 297
298 if (rx->u.rx.status->flag & RX_FLAG_DECRYPTED) { 298 if (rx->status->flag & RX_FLAG_DECRYPTED) {
299 if (rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED) { 299 if (rx->status->flag & RX_FLAG_IV_STRIPPED) {
300 /* 300 /*
301 * Hardware took care of all processing, including 301 * Hardware took care of all processing, including
302 * replay protection, and stripped the ICV/IV so 302 * replay protection, and stripped the ICV/IV so
@@ -312,9 +312,9 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx)
312 res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm, 312 res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm,
313 key, skb->data + hdrlen, 313 key, skb->data + hdrlen,
314 skb->len - hdrlen, rx->sta->addr, 314 skb->len - hdrlen, rx->sta->addr,
315 hwaccel, rx->u.rx.queue, 315 hwaccel, rx->queue,
316 &rx->u.rx.tkip_iv32, 316 &rx->tkip_iv32,
317 &rx->u.rx.tkip_iv16); 317 &rx->tkip_iv16);
318 if (res != TKIP_DECRYPT_OK || wpa_test) { 318 if (res != TKIP_DECRYPT_OK || wpa_test) {
319#ifdef CONFIG_MAC80211_DEBUG 319#ifdef CONFIG_MAC80211_DEBUG
320 if (net_ratelimit()) 320 if (net_ratelimit())
@@ -429,7 +429,7 @@ static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr)
429} 429}
430 430
431 431
432static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx, 432static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx,
433 struct sk_buff *skb, int test) 433 struct sk_buff *skb, int test)
434{ 434{
435 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 435 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -478,7 +478,7 @@ static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx,
478 478
479 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 479 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
480 /* hwaccel - with preallocated room for CCMP header */ 480 /* hwaccel - with preallocated room for CCMP header */
481 tx->u.tx.control->key_idx = key->conf.hw_key_idx; 481 tx->control->key_idx = key->conf.hw_key_idx;
482 return 0; 482 return 0;
483 } 483 }
484 484
@@ -492,30 +492,30 @@ static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx,
492 492
493 493
494ieee80211_tx_result 494ieee80211_tx_result
495ieee80211_crypto_ccmp_encrypt(struct ieee80211_txrx_data *tx) 495ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
496{ 496{
497 struct sk_buff *skb = tx->skb; 497 struct sk_buff *skb = tx->skb;
498 int test = 0; 498 int test = 0;
499 499
500 tx->u.tx.control->icv_len = CCMP_MIC_LEN; 500 tx->control->icv_len = CCMP_MIC_LEN;
501 tx->u.tx.control->iv_len = CCMP_HDR_LEN; 501 tx->control->iv_len = CCMP_HDR_LEN;
502 ieee80211_tx_set_iswep(tx); 502 ieee80211_tx_set_protected(tx);
503 503
504 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 504 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
505 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) { 505 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
506 /* hwaccel - with no need for preallocated room for CCMP " 506 /* hwaccel - with no need for preallocated room for CCMP "
507 * header or MIC fields */ 507 * header or MIC fields */
508 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 508 tx->control->key_idx = tx->key->conf.hw_key_idx;
509 return TX_CONTINUE; 509 return TX_CONTINUE;
510 } 510 }
511 511
512 if (ccmp_encrypt_skb(tx, skb, test) < 0) 512 if (ccmp_encrypt_skb(tx, skb, test) < 0)
513 return TX_DROP; 513 return TX_DROP;
514 514
515 if (tx->u.tx.extra_frag) { 515 if (tx->extra_frag) {
516 int i; 516 int i;
517 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 517 for (i = 0; i < tx->num_extra_frag; i++) {
518 if (ccmp_encrypt_skb(tx, tx->u.tx.extra_frag[i], test) 518 if (ccmp_encrypt_skb(tx, tx->extra_frag[i], test)
519 < 0) 519 < 0)
520 return TX_DROP; 520 return TX_DROP;
521 } 521 }
@@ -526,7 +526,7 @@ ieee80211_crypto_ccmp_encrypt(struct ieee80211_txrx_data *tx)
526 526
527 527
528ieee80211_rx_result 528ieee80211_rx_result
529ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx) 529ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
530{ 530{
531 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 531 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
532 u16 fc; 532 u16 fc;
@@ -547,15 +547,15 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx)
547 if (!rx->sta || data_len < 0) 547 if (!rx->sta || data_len < 0)
548 return RX_DROP_UNUSABLE; 548 return RX_DROP_UNUSABLE;
549 549
550 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) && 550 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
551 (rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) 551 (rx->status->flag & RX_FLAG_IV_STRIPPED))
552 return RX_CONTINUE; 552 return RX_CONTINUE;
553 553
554 (void) ccmp_hdr2pn(pn, skb->data + hdrlen); 554 (void) ccmp_hdr2pn(pn, skb->data + hdrlen);
555 555
556 if (memcmp(pn, key->u.ccmp.rx_pn[rx->u.rx.queue], CCMP_PN_LEN) <= 0) { 556 if (memcmp(pn, key->u.ccmp.rx_pn[rx->queue], CCMP_PN_LEN) <= 0) {
557#ifdef CONFIG_MAC80211_DEBUG 557#ifdef CONFIG_MAC80211_DEBUG
558 u8 *ppn = key->u.ccmp.rx_pn[rx->u.rx.queue]; 558 u8 *ppn = key->u.ccmp.rx_pn[rx->queue];
559 559
560 printk(KERN_DEBUG "%s: CCMP replay detected for RX frame from " 560 printk(KERN_DEBUG "%s: CCMP replay detected for RX frame from "
561 "%s (RX PN %02x%02x%02x%02x%02x%02x <= prev. PN " 561 "%s (RX PN %02x%02x%02x%02x%02x%02x <= prev. PN "
@@ -568,7 +568,7 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx)
568 return RX_DROP_UNUSABLE; 568 return RX_DROP_UNUSABLE;
569 } 569 }
570 570
571 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) { 571 if (!(rx->status->flag & RX_FLAG_DECRYPTED)) {
572 /* hardware didn't decrypt/verify MIC */ 572 /* hardware didn't decrypt/verify MIC */
573 u8 *scratch, *b_0, *aad; 573 u8 *scratch, *b_0, *aad;
574 574
@@ -593,7 +593,7 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx)
593 } 593 }
594 } 594 }
595 595
596 memcpy(key->u.ccmp.rx_pn[rx->u.rx.queue], pn, CCMP_PN_LEN); 596 memcpy(key->u.ccmp.rx_pn[rx->queue], pn, CCMP_PN_LEN);
597 597
598 /* Remove CCMP header and MIC */ 598 /* Remove CCMP header and MIC */
599 skb_trim(skb, skb->len - CCMP_MIC_LEN); 599 skb_trim(skb, skb->len - CCMP_MIC_LEN);
diff --git a/net/mac80211/wpa.h b/net/mac80211/wpa.h
index 16e4dba4aa70..d42d221d8a1d 100644
--- a/net/mac80211/wpa.h
+++ b/net/mac80211/wpa.h
@@ -14,18 +14,18 @@
14#include "ieee80211_i.h" 14#include "ieee80211_i.h"
15 15
16ieee80211_tx_result 16ieee80211_tx_result
17ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx); 17ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx);
18ieee80211_rx_result 18ieee80211_rx_result
19ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx); 19ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx);
20 20
21ieee80211_tx_result 21ieee80211_tx_result
22ieee80211_crypto_tkip_encrypt(struct ieee80211_txrx_data *tx); 22ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx);
23ieee80211_rx_result 23ieee80211_rx_result
24ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx); 24ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx);
25 25
26ieee80211_tx_result 26ieee80211_tx_result
27ieee80211_crypto_ccmp_encrypt(struct ieee80211_txrx_data *tx); 27ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx);
28ieee80211_rx_result 28ieee80211_rx_result
29ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx); 29ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx);
30 30
31#endif /* WPA_H */ 31#endif /* WPA_H */
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 5b3474798b8d..64a7460af734 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -81,8 +81,12 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
81 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 81 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
82 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 82 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
83 .len = NL80211_MAX_SUPP_RATES }, 83 .len = NL80211_MAX_SUPP_RATES },
84 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
84 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 85 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
85 [NL80211_ATTR_MNTR_FLAGS] = { .type = NLA_NESTED }, 86 [NL80211_ATTR_MNTR_FLAGS] = { .type = NLA_NESTED },
87 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
88 .len = IEEE80211_MAX_MESH_ID_LEN },
89 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
86}; 90};
87 91
88/* message building helper */ 92/* message building helper */
@@ -369,11 +373,14 @@ static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
369static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 373static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
370{ 374{
371 struct cfg80211_registered_device *drv; 375 struct cfg80211_registered_device *drv;
376 struct vif_params params;
372 int err, ifindex; 377 int err, ifindex;
373 enum nl80211_iftype type; 378 enum nl80211_iftype type;
374 struct net_device *dev; 379 struct net_device *dev;
375 u32 flags; 380 u32 flags;
376 381
382 memset(&params, 0, sizeof(params));
383
377 if (info->attrs[NL80211_ATTR_IFTYPE]) { 384 if (info->attrs[NL80211_ATTR_IFTYPE]) {
378 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 385 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
379 if (type > NL80211_IFTYPE_MAX) 386 if (type > NL80211_IFTYPE_MAX)
@@ -392,12 +399,18 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
392 goto unlock; 399 goto unlock;
393 } 400 }
394 401
402 if (type == NL80211_IFTYPE_MESH_POINT &&
403 info->attrs[NL80211_ATTR_MESH_ID]) {
404 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
405 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
406 }
407
395 rtnl_lock(); 408 rtnl_lock();
396 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 409 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
397 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 410 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
398 &flags); 411 &flags);
399 err = drv->ops->change_virtual_intf(&drv->wiphy, ifindex, 412 err = drv->ops->change_virtual_intf(&drv->wiphy, ifindex,
400 type, err ? NULL : &flags); 413 type, err ? NULL : &flags, &params);
401 rtnl_unlock(); 414 rtnl_unlock();
402 415
403 unlock: 416 unlock:
@@ -408,10 +421,13 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
408static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 421static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
409{ 422{
410 struct cfg80211_registered_device *drv; 423 struct cfg80211_registered_device *drv;
424 struct vif_params params;
411 int err; 425 int err;
412 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 426 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
413 u32 flags; 427 u32 flags;
414 428
429 memset(&params, 0, sizeof(params));
430
415 if (!info->attrs[NL80211_ATTR_IFNAME]) 431 if (!info->attrs[NL80211_ATTR_IFNAME])
416 return -EINVAL; 432 return -EINVAL;
417 433
@@ -430,15 +446,22 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
430 goto unlock; 446 goto unlock;
431 } 447 }
432 448
449 if (type == NL80211_IFTYPE_MESH_POINT &&
450 info->attrs[NL80211_ATTR_MESH_ID]) {
451 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
452 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
453 }
454
433 rtnl_lock(); 455 rtnl_lock();
434 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 456 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
435 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 457 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
436 &flags); 458 &flags);
437 err = drv->ops->add_virtual_intf(&drv->wiphy, 459 err = drv->ops->add_virtual_intf(&drv->wiphy,
438 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 460 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
439 type, err ? NULL : &flags); 461 type, err ? NULL : &flags, &params);
440 rtnl_unlock(); 462 rtnl_unlock();
441 463
464
442 unlock: 465 unlock:
443 cfg80211_put_dev(drv); 466 cfg80211_put_dev(drv);
444 return err; 467 return err;
@@ -866,10 +889,10 @@ static int parse_station_flags(struct nlattr *nla, u32 *staflags)
866 889
867static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 890static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
868 int flags, struct net_device *dev, 891 int flags, struct net_device *dev,
869 u8 *mac_addr, struct station_stats *stats) 892 u8 *mac_addr, struct station_info *sinfo)
870{ 893{
871 void *hdr; 894 void *hdr;
872 struct nlattr *statsattr; 895 struct nlattr *sinfoattr;
873 896
874 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 897 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
875 if (!hdr) 898 if (!hdr)
@@ -878,20 +901,29 @@ static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
878 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 901 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
879 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 902 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
880 903
881 statsattr = nla_nest_start(msg, NL80211_ATTR_STA_STATS); 904 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
882 if (!statsattr) 905 if (!sinfoattr)
883 goto nla_put_failure; 906 goto nla_put_failure;
884 if (stats->filled & STATION_STAT_INACTIVE_TIME) 907 if (sinfo->filled & STATION_INFO_INACTIVE_TIME)
885 NLA_PUT_U32(msg, NL80211_STA_STAT_INACTIVE_TIME, 908 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME,
886 stats->inactive_time); 909 sinfo->inactive_time);
887 if (stats->filled & STATION_STAT_RX_BYTES) 910 if (sinfo->filled & STATION_INFO_RX_BYTES)
888 NLA_PUT_U32(msg, NL80211_STA_STAT_RX_BYTES, 911 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES,
889 stats->rx_bytes); 912 sinfo->rx_bytes);
890 if (stats->filled & STATION_STAT_TX_BYTES) 913 if (sinfo->filled & STATION_INFO_TX_BYTES)
891 NLA_PUT_U32(msg, NL80211_STA_STAT_TX_BYTES, 914 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES,
892 stats->tx_bytes); 915 sinfo->tx_bytes);
893 916 if (sinfo->filled & STATION_INFO_LLID)
894 nla_nest_end(msg, statsattr); 917 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID,
918 sinfo->llid);
919 if (sinfo->filled & STATION_INFO_PLID)
920 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID,
921 sinfo->plid);
922 if (sinfo->filled & STATION_INFO_PLINK_STATE)
923 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE,
924 sinfo->plink_state);
925
926 nla_nest_end(msg, sinfoattr);
895 927
896 return genlmsg_end(msg, hdr); 928 return genlmsg_end(msg, hdr);
897 929
@@ -899,17 +931,80 @@ static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
899 return genlmsg_cancel(msg, hdr); 931 return genlmsg_cancel(msg, hdr);
900} 932}
901 933
934static int nl80211_dump_station(struct sk_buff *skb,
935 struct netlink_callback *cb)
936{
937 int wp_idx = 0;
938 int if_idx = 0;
939 int sta_idx = cb->args[2];
940 int wp_start = cb->args[0];
941 int if_start = cb->args[1];
942 struct station_info sinfo;
943 struct cfg80211_registered_device *dev;
944 struct wireless_dev *wdev;
945 u8 mac_addr[ETH_ALEN];
946 int err;
947 int exit = 0;
948
949 /* TODO: filter by device */
950 mutex_lock(&cfg80211_drv_mutex);
951 list_for_each_entry(dev, &cfg80211_drv_list, list) {
952 if (exit)
953 break;
954 if (++wp_idx < wp_start)
955 continue;
956 if_idx = 0;
957
958 mutex_lock(&dev->devlist_mtx);
959 list_for_each_entry(wdev, &dev->netdev_list, list) {
960 if (exit)
961 break;
962 if (++if_idx < if_start)
963 continue;
964 if (!dev->ops->dump_station)
965 continue;
966
967 for (;; ++sta_idx) {
968 rtnl_lock();
969 err = dev->ops->dump_station(&dev->wiphy,
970 wdev->netdev, sta_idx, mac_addr,
971 &sinfo);
972 rtnl_unlock();
973 if (err) {
974 sta_idx = 0;
975 break;
976 }
977 if (nl80211_send_station(skb,
978 NETLINK_CB(cb->skb).pid,
979 cb->nlh->nlmsg_seq, NLM_F_MULTI,
980 wdev->netdev, mac_addr,
981 &sinfo) < 0) {
982 exit = 1;
983 break;
984 }
985 }
986 }
987 mutex_unlock(&dev->devlist_mtx);
988 }
989 mutex_unlock(&cfg80211_drv_mutex);
990
991 cb->args[0] = wp_idx;
992 cb->args[1] = if_idx;
993 cb->args[2] = sta_idx;
994
995 return skb->len;
996}
902 997
903static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 998static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
904{ 999{
905 struct cfg80211_registered_device *drv; 1000 struct cfg80211_registered_device *drv;
906 int err; 1001 int err;
907 struct net_device *dev; 1002 struct net_device *dev;
908 struct station_stats stats; 1003 struct station_info sinfo;
909 struct sk_buff *msg; 1004 struct sk_buff *msg;
910 u8 *mac_addr = NULL; 1005 u8 *mac_addr = NULL;
911 1006
912 memset(&stats, 0, sizeof(stats)); 1007 memset(&sinfo, 0, sizeof(sinfo));
913 1008
914 if (!info->attrs[NL80211_ATTR_MAC]) 1009 if (!info->attrs[NL80211_ATTR_MAC])
915 return -EINVAL; 1010 return -EINVAL;
@@ -926,15 +1021,18 @@ static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
926 } 1021 }
927 1022
928 rtnl_lock(); 1023 rtnl_lock();
929 err = drv->ops->get_station(&drv->wiphy, dev, mac_addr, &stats); 1024 err = drv->ops->get_station(&drv->wiphy, dev, mac_addr, &sinfo);
930 rtnl_unlock(); 1025 rtnl_unlock();
931 1026
1027 if (err)
1028 goto out;
1029
932 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 1030 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
933 if (!msg) 1031 if (!msg)
934 goto out; 1032 goto out;
935 1033
936 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 1034 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0,
937 dev, mac_addr, &stats) < 0) 1035 dev, mac_addr, &sinfo) < 0)
938 goto out_free; 1036 goto out_free;
939 1037
940 err = genlmsg_unicast(msg, info->snd_pid); 1038 err = genlmsg_unicast(msg, info->snd_pid);
@@ -1005,6 +1103,10 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1005 &params.station_flags)) 1103 &params.station_flags))
1006 return -EINVAL; 1104 return -EINVAL;
1007 1105
1106 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
1107 params.plink_action =
1108 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
1109
1008 err = get_drv_dev_by_info_ifindex(info, &drv, &dev); 1110 err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
1009 if (err) 1111 if (err)
1010 return err; 1112 return err;
@@ -1119,6 +1221,273 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1119 return err; 1221 return err;
1120} 1222}
1121 1223
1224static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq,
1225 int flags, struct net_device *dev,
1226 u8 *dst, u8 *next_hop,
1227 struct mpath_info *pinfo)
1228{
1229 void *hdr;
1230 struct nlattr *pinfoattr;
1231
1232 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
1233 if (!hdr)
1234 return -1;
1235
1236 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1237 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
1238 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop);
1239
1240 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
1241 if (!pinfoattr)
1242 goto nla_put_failure;
1243 if (pinfo->filled & MPATH_INFO_FRAME_QLEN)
1244 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
1245 pinfo->frame_qlen);
1246 if (pinfo->filled & MPATH_INFO_DSN)
1247 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DSN,
1248 pinfo->dsn);
1249 if (pinfo->filled & MPATH_INFO_METRIC)
1250 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC,
1251 pinfo->metric);
1252 if (pinfo->filled & MPATH_INFO_EXPTIME)
1253 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME,
1254 pinfo->exptime);
1255 if (pinfo->filled & MPATH_INFO_FLAGS)
1256 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS,
1257 pinfo->flags);
1258 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT)
1259 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
1260 pinfo->discovery_timeout);
1261 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES)
1262 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
1263 pinfo->discovery_retries);
1264
1265 nla_nest_end(msg, pinfoattr);
1266
1267 return genlmsg_end(msg, hdr);
1268
1269 nla_put_failure:
1270 return genlmsg_cancel(msg, hdr);
1271}
1272
1273static int nl80211_dump_mpath(struct sk_buff *skb,
1274 struct netlink_callback *cb)
1275{
1276 int wp_idx = 0;
1277 int if_idx = 0;
1278 int sta_idx = cb->args[2];
1279 int wp_start = cb->args[0];
1280 int if_start = cb->args[1];
1281 struct mpath_info pinfo;
1282 struct cfg80211_registered_device *dev;
1283 struct wireless_dev *wdev;
1284 u8 dst[ETH_ALEN];
1285 u8 next_hop[ETH_ALEN];
1286 int err;
1287 int exit = 0;
1288
1289 /* TODO: filter by device */
1290 mutex_lock(&cfg80211_drv_mutex);
1291 list_for_each_entry(dev, &cfg80211_drv_list, list) {
1292 if (exit)
1293 break;
1294 if (++wp_idx < wp_start)
1295 continue;
1296 if_idx = 0;
1297
1298 mutex_lock(&dev->devlist_mtx);
1299 list_for_each_entry(wdev, &dev->netdev_list, list) {
1300 if (exit)
1301 break;
1302 if (++if_idx < if_start)
1303 continue;
1304 if (!dev->ops->dump_mpath)
1305 continue;
1306
1307 for (;; ++sta_idx) {
1308 rtnl_lock();
1309 err = dev->ops->dump_mpath(&dev->wiphy,
1310 wdev->netdev, sta_idx, dst,
1311 next_hop, &pinfo);
1312 rtnl_unlock();
1313 if (err) {
1314 sta_idx = 0;
1315 break;
1316 }
1317 if (nl80211_send_mpath(skb,
1318 NETLINK_CB(cb->skb).pid,
1319 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1320 wdev->netdev, dst, next_hop,
1321 &pinfo) < 0) {
1322 exit = 1;
1323 break;
1324 }
1325 }
1326 }
1327 mutex_unlock(&dev->devlist_mtx);
1328 }
1329 mutex_unlock(&cfg80211_drv_mutex);
1330
1331 cb->args[0] = wp_idx;
1332 cb->args[1] = if_idx;
1333 cb->args[2] = sta_idx;
1334
1335 return skb->len;
1336}
1337
1338static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
1339{
1340 struct cfg80211_registered_device *drv;
1341 int err;
1342 struct net_device *dev;
1343 struct mpath_info pinfo;
1344 struct sk_buff *msg;
1345 u8 *dst = NULL;
1346 u8 next_hop[ETH_ALEN];
1347
1348 memset(&pinfo, 0, sizeof(pinfo));
1349
1350 if (!info->attrs[NL80211_ATTR_MAC])
1351 return -EINVAL;
1352
1353 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
1354
1355 err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
1356 if (err)
1357 return err;
1358
1359 if (!drv->ops->get_mpath) {
1360 err = -EOPNOTSUPP;
1361 goto out;
1362 }
1363
1364 rtnl_lock();
1365 err = drv->ops->get_mpath(&drv->wiphy, dev, dst, next_hop, &pinfo);
1366 rtnl_unlock();
1367
1368 if (err)
1369 goto out;
1370
1371 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
1372 if (!msg)
1373 goto out;
1374
1375 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0,
1376 dev, dst, next_hop, &pinfo) < 0)
1377 goto out_free;
1378
1379 err = genlmsg_unicast(msg, info->snd_pid);
1380 goto out;
1381
1382 out_free:
1383 nlmsg_free(msg);
1384
1385 out:
1386 cfg80211_put_dev(drv);
1387 dev_put(dev);
1388 return err;
1389}
1390
1391static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
1392{
1393 struct cfg80211_registered_device *drv;
1394 int err;
1395 struct net_device *dev;
1396 u8 *dst = NULL;
1397 u8 *next_hop = NULL;
1398
1399 if (!info->attrs[NL80211_ATTR_MAC])
1400 return -EINVAL;
1401
1402 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
1403 return -EINVAL;
1404
1405 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
1406 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
1407
1408 err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
1409 if (err)
1410 return err;
1411
1412 if (!drv->ops->change_mpath) {
1413 err = -EOPNOTSUPP;
1414 goto out;
1415 }
1416
1417 rtnl_lock();
1418 err = drv->ops->change_mpath(&drv->wiphy, dev, dst, next_hop);
1419 rtnl_unlock();
1420
1421 out:
1422 cfg80211_put_dev(drv);
1423 dev_put(dev);
1424 return err;
1425}
1426static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
1427{
1428 struct cfg80211_registered_device *drv;
1429 int err;
1430 struct net_device *dev;
1431 u8 *dst = NULL;
1432 u8 *next_hop = NULL;
1433
1434 if (!info->attrs[NL80211_ATTR_MAC])
1435 return -EINVAL;
1436
1437 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
1438 return -EINVAL;
1439
1440 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
1441 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
1442
1443 err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
1444 if (err)
1445 return err;
1446
1447 if (!drv->ops->add_mpath) {
1448 err = -EOPNOTSUPP;
1449 goto out;
1450 }
1451
1452 rtnl_lock();
1453 err = drv->ops->add_mpath(&drv->wiphy, dev, dst, next_hop);
1454 rtnl_unlock();
1455
1456 out:
1457 cfg80211_put_dev(drv);
1458 dev_put(dev);
1459 return err;
1460}
1461
1462static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
1463{
1464 struct cfg80211_registered_device *drv;
1465 int err;
1466 struct net_device *dev;
1467 u8 *dst = NULL;
1468
1469 if (info->attrs[NL80211_ATTR_MAC])
1470 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
1471
1472 err = get_drv_dev_by_info_ifindex(info, &drv, &dev);
1473 if (err)
1474 return err;
1475
1476 if (!drv->ops->del_mpath) {
1477 err = -EOPNOTSUPP;
1478 goto out;
1479 }
1480
1481 rtnl_lock();
1482 err = drv->ops->del_mpath(&drv->wiphy, dev, dst);
1483 rtnl_unlock();
1484
1485 out:
1486 cfg80211_put_dev(drv);
1487 dev_put(dev);
1488 return err;
1489}
1490
1122static struct genl_ops nl80211_ops[] = { 1491static struct genl_ops nl80211_ops[] = {
1123 { 1492 {
1124 .cmd = NL80211_CMD_GET_WIPHY, 1493 .cmd = NL80211_CMD_GET_WIPHY,
@@ -1203,7 +1572,7 @@ static struct genl_ops nl80211_ops[] = {
1203 { 1572 {
1204 .cmd = NL80211_CMD_GET_STATION, 1573 .cmd = NL80211_CMD_GET_STATION,
1205 .doit = nl80211_get_station, 1574 .doit = nl80211_get_station,
1206 /* TODO: implement dumpit */ 1575 .dumpit = nl80211_dump_station,
1207 .policy = nl80211_policy, 1576 .policy = nl80211_policy,
1208 .flags = GENL_ADMIN_PERM, 1577 .flags = GENL_ADMIN_PERM,
1209 }, 1578 },
@@ -1225,6 +1594,31 @@ static struct genl_ops nl80211_ops[] = {
1225 .policy = nl80211_policy, 1594 .policy = nl80211_policy,
1226 .flags = GENL_ADMIN_PERM, 1595 .flags = GENL_ADMIN_PERM,
1227 }, 1596 },
1597 {
1598 .cmd = NL80211_CMD_GET_MPATH,
1599 .doit = nl80211_get_mpath,
1600 .dumpit = nl80211_dump_mpath,
1601 .policy = nl80211_policy,
1602 .flags = GENL_ADMIN_PERM,
1603 },
1604 {
1605 .cmd = NL80211_CMD_SET_MPATH,
1606 .doit = nl80211_set_mpath,
1607 .policy = nl80211_policy,
1608 .flags = GENL_ADMIN_PERM,
1609 },
1610 {
1611 .cmd = NL80211_CMD_NEW_MPATH,
1612 .doit = nl80211_new_mpath,
1613 .policy = nl80211_policy,
1614 .flags = GENL_ADMIN_PERM,
1615 },
1616 {
1617 .cmd = NL80211_CMD_DEL_MPATH,
1618 .doit = nl80211_del_mpath,
1619 .policy = nl80211_policy,
1620 .flags = GENL_ADMIN_PERM,
1621 },
1228}; 1622};
1229 1623
1230/* multicast groups */ 1624/* multicast groups */
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-28 12:37:19 -0500