aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211/rx.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211/rx.c')
-rw-r--r--net/mac80211/rx.c473
1 files changed, 248 insertions, 225 deletions
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 82a30c1bf3ab..b5c48de81d8b 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2,7 +2,7 @@
2 * Copyright 2002-2005, Instant802 Networks, Inc. 2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net> 5 * Copyright 2007-2010 Johannes Berg <johannes@sipsolutions.net>
6 * 6 *
7 * This program is free software; you can redistribute it and/or modify 7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as 8 * it under the terms of the GNU General Public License version 2 as
@@ -283,15 +283,15 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
283 skb->protocol = htons(ETH_P_802_2); 283 skb->protocol = htons(ETH_P_802_2);
284 284
285 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 285 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
286 if (!netif_running(sdata->dev))
287 continue;
288
289 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) 286 if (sdata->vif.type != NL80211_IFTYPE_MONITOR)
290 continue; 287 continue;
291 288
292 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) 289 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES)
293 continue; 290 continue;
294 291
292 if (!ieee80211_sdata_running(sdata))
293 continue;
294
295 if (prev_dev) { 295 if (prev_dev) {
296 skb2 = skb_clone(skb, GFP_ATOMIC); 296 skb2 = skb_clone(skb, GFP_ATOMIC);
297 if (skb2) { 297 if (skb2) {
@@ -361,7 +361,9 @@ static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
361 * boundary. In the case of regular frames, this simply means aligning the 361 * boundary. In the case of regular frames, this simply means aligning the
362 * payload to a four-byte boundary (because either the IP header is directly 362 * payload to a four-byte boundary (because either the IP header is directly
363 * contained, or IV/RFC1042 headers that have a length divisible by four are 363 * contained, or IV/RFC1042 headers that have a length divisible by four are
364 * in front of it). 364 * in front of it). If the payload data is not properly aligned and the
365 * architecture doesn't support efficient unaligned operations, mac80211
366 * will align the data.
365 * 367 *
366 * With A-MSDU frames, however, the payload data address must yield two modulo 368 * With A-MSDU frames, however, the payload data address must yield two modulo
367 * four because there are 14-byte 802.3 headers within the A-MSDU frames that 369 * four because there are 14-byte 802.3 headers within the A-MSDU frames that
@@ -375,25 +377,10 @@ static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
375 */ 377 */
376static void ieee80211_verify_alignment(struct ieee80211_rx_data *rx) 378static void ieee80211_verify_alignment(struct ieee80211_rx_data *rx)
377{ 379{
378 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 380#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
379 int hdrlen; 381 WARN_ONCE((unsigned long)rx->skb->data & 1,
380 382 "unaligned packet at 0x%p\n", rx->skb->data);
381#ifndef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT
382 return;
383#endif 383#endif
384
385 if (WARN_ONCE((unsigned long)rx->skb->data & 1,
386 "unaligned packet at 0x%p\n", rx->skb->data))
387 return;
388
389 if (!ieee80211_is_data_present(hdr->frame_control))
390 return;
391
392 hdrlen = ieee80211_hdrlen(hdr->frame_control);
393 if (rx->flags & IEEE80211_RX_AMSDU)
394 hdrlen += ETH_HLEN;
395 WARN_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3,
396 "unaligned IP payload at 0x%p\n", rx->skb->data + hdrlen);
397} 384}
398 385
399 386
@@ -476,7 +463,7 @@ ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx)
476{ 463{
477 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 464 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
478 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control); 465 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control);
479 char *dev_addr = rx->sdata->dev->dev_addr; 466 char *dev_addr = rx->sdata->vif.addr;
480 467
481 if (ieee80211_is_data(hdr->frame_control)) { 468 if (ieee80211_is_data(hdr->frame_control)) {
482 if (is_multicast_ether_addr(hdr->addr1)) { 469 if (is_multicast_ether_addr(hdr->addr1)) {
@@ -1021,10 +1008,10 @@ static void ap_sta_ps_start(struct sta_info *sta)
1021 1008
1022 atomic_inc(&sdata->bss->num_sta_ps); 1009 atomic_inc(&sdata->bss->num_sta_ps);
1023 set_sta_flags(sta, WLAN_STA_PS_STA); 1010 set_sta_flags(sta, WLAN_STA_PS_STA);
1024 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_SLEEP, &sta->sta); 1011 drv_sta_notify(local, sdata, STA_NOTIFY_SLEEP, &sta->sta);
1025#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 1012#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1026 printk(KERN_DEBUG "%s: STA %pM aid %d enters power save mode\n", 1013 printk(KERN_DEBUG "%s: STA %pM aid %d enters power save mode\n",
1027 sdata->dev->name, sta->sta.addr, sta->sta.aid); 1014 sdata->name, sta->sta.addr, sta->sta.aid);
1028#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 1015#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1029} 1016}
1030 1017
@@ -1038,13 +1025,13 @@ static void ap_sta_ps_end(struct sta_info *sta)
1038 1025
1039#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 1026#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1040 printk(KERN_DEBUG "%s: STA %pM aid %d exits power save mode\n", 1027 printk(KERN_DEBUG "%s: STA %pM aid %d exits power save mode\n",
1041 sdata->dev->name, sta->sta.addr, sta->sta.aid); 1028 sdata->name, sta->sta.addr, sta->sta.aid);
1042#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 1029#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1043 1030
1044 if (test_sta_flags(sta, WLAN_STA_PS_DRIVER)) { 1031 if (test_sta_flags(sta, WLAN_STA_PS_DRIVER)) {
1045#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 1032#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1046 printk(KERN_DEBUG "%s: STA %pM aid %d driver-ps-blocked\n", 1033 printk(KERN_DEBUG "%s: STA %pM aid %d driver-ps-blocked\n",
1047 sdata->dev->name, sta->sta.addr, sta->sta.aid); 1034 sdata->name, sta->sta.addr, sta->sta.aid);
1048#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 1035#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1049 return; 1036 return;
1050 } 1037 }
@@ -1124,6 +1111,18 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
1124 if (ieee80211_is_nullfunc(hdr->frame_control) || 1111 if (ieee80211_is_nullfunc(hdr->frame_control) ||
1125 ieee80211_is_qos_nullfunc(hdr->frame_control)) { 1112 ieee80211_is_qos_nullfunc(hdr->frame_control)) {
1126 I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc); 1113 I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc);
1114
1115 /*
1116 * If we receive a 4-addr nullfunc frame from a STA
1117 * that was not moved to a 4-addr STA vlan yet, drop
1118 * the frame to the monitor interface, to make sure
1119 * that hostapd sees it
1120 */
1121 if (ieee80211_has_a4(hdr->frame_control) &&
1122 (rx->sdata->vif.type == NL80211_IFTYPE_AP ||
1123 (rx->sdata->vif.type == NL80211_IFTYPE_AP_VLAN &&
1124 !rx->sdata->u.vlan.sta)))
1125 return RX_DROP_MONITOR;
1127 /* 1126 /*
1128 * Update counter and free packet here to avoid 1127 * Update counter and free packet here to avoid
1129 * counting this as a dropped packed. 1128 * counting this as a dropped packed.
@@ -1156,7 +1155,7 @@ ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
1156 printk(KERN_DEBUG "%s: RX reassembly removed oldest " 1155 printk(KERN_DEBUG "%s: RX reassembly removed oldest "
1157 "fragment entry (idx=%d age=%lu seq=%d last_frag=%d " 1156 "fragment entry (idx=%d age=%lu seq=%d last_frag=%d "
1158 "addr1=%pM addr2=%pM\n", 1157 "addr1=%pM addr2=%pM\n",
1159 sdata->dev->name, idx, 1158 sdata->name, idx,
1160 jiffies - entry->first_frag_time, entry->seq, 1159 jiffies - entry->first_frag_time, entry->seq,
1161 entry->last_frag, hdr->addr1, hdr->addr2); 1160 entry->last_frag, hdr->addr1, hdr->addr2);
1162#endif 1161#endif
@@ -1398,6 +1397,21 @@ ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx, __le16 fc)
1398 ieee80211_is_data(fc) && 1397 ieee80211_is_data(fc) &&
1399 (rx->key || rx->sdata->drop_unencrypted))) 1398 (rx->key || rx->sdata->drop_unencrypted)))
1400 return -EACCES; 1399 return -EACCES;
1400
1401 return 0;
1402}
1403
1404static int
1405ieee80211_drop_unencrypted_mgmt(struct ieee80211_rx_data *rx)
1406{
1407 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
1408 __le16 fc = hdr->frame_control;
1409 int res;
1410
1411 res = ieee80211_drop_unencrypted(rx, fc);
1412 if (unlikely(res))
1413 return res;
1414
1401 if (rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP)) { 1415 if (rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP)) {
1402 if (unlikely(ieee80211_is_unicast_robust_mgmt_frame(rx->skb) && 1416 if (unlikely(ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1403 rx->key)) 1417 rx->key))
@@ -1424,7 +1438,6 @@ static int
1424__ieee80211_data_to_8023(struct ieee80211_rx_data *rx) 1438__ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1425{ 1439{
1426 struct ieee80211_sub_if_data *sdata = rx->sdata; 1440 struct ieee80211_sub_if_data *sdata = rx->sdata;
1427 struct net_device *dev = sdata->dev;
1428 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 1441 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
1429 1442
1430 if (ieee80211_has_a4(hdr->frame_control) && 1443 if (ieee80211_has_a4(hdr->frame_control) &&
@@ -1436,7 +1449,7 @@ __ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1436 (sdata->vif.type == NL80211_IFTYPE_STATION && sdata->u.mgd.use_4addr))) 1449 (sdata->vif.type == NL80211_IFTYPE_STATION && sdata->u.mgd.use_4addr)))
1437 return -1; 1450 return -1;
1438 1451
1439 return ieee80211_data_to_8023(rx->skb, dev->dev_addr, sdata->vif.type); 1452 return ieee80211_data_to_8023(rx->skb, sdata->vif.addr, sdata->vif.type);
1440} 1453}
1441 1454
1442/* 1455/*
@@ -1453,7 +1466,7 @@ static bool ieee80211_frame_allowed(struct ieee80211_rx_data *rx, __le16 fc)
1453 * of whether the frame was encrypted or not. 1466 * of whether the frame was encrypted or not.
1454 */ 1467 */
1455 if (ehdr->h_proto == htons(ETH_P_PAE) && 1468 if (ehdr->h_proto == htons(ETH_P_PAE) &&
1456 (compare_ether_addr(ehdr->h_dest, rx->sdata->dev->dev_addr) == 0 || 1469 (compare_ether_addr(ehdr->h_dest, rx->sdata->vif.addr) == 0 ||
1457 compare_ether_addr(ehdr->h_dest, pae_group_addr) == 0)) 1470 compare_ether_addr(ehdr->h_dest, pae_group_addr) == 0))
1458 return true; 1471 return true;
1459 1472
@@ -1472,7 +1485,6 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1472{ 1485{
1473 struct ieee80211_sub_if_data *sdata = rx->sdata; 1486 struct ieee80211_sub_if_data *sdata = rx->sdata;
1474 struct net_device *dev = sdata->dev; 1487 struct net_device *dev = sdata->dev;
1475 struct ieee80211_local *local = rx->local;
1476 struct sk_buff *skb, *xmit_skb; 1488 struct sk_buff *skb, *xmit_skb;
1477 struct ethhdr *ehdr = (struct ethhdr *) rx->skb->data; 1489 struct ethhdr *ehdr = (struct ethhdr *) rx->skb->data;
1478 struct sta_info *dsta; 1490 struct sta_info *dsta;
@@ -1495,8 +1507,8 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1495 printk(KERN_DEBUG "%s: failed to clone " 1507 printk(KERN_DEBUG "%s: failed to clone "
1496 "multicast frame\n", dev->name); 1508 "multicast frame\n", dev->name);
1497 } else { 1509 } else {
1498 dsta = sta_info_get(local, skb->data); 1510 dsta = sta_info_get(sdata, skb->data);
1499 if (dsta && dsta->sdata->dev == dev) { 1511 if (dsta) {
1500 /* 1512 /*
1501 * The destination station is associated to 1513 * The destination station is associated to
1502 * this AP (in this VLAN), so send the frame 1514 * this AP (in this VLAN), so send the frame
@@ -1512,7 +1524,7 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1512 if (skb) { 1524 if (skb) {
1513 int align __maybe_unused; 1525 int align __maybe_unused;
1514 1526
1515#if defined(CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT) || !defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) 1527#ifndef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
1516 /* 1528 /*
1517 * 'align' will only take the values 0 or 2 here 1529 * 'align' will only take the values 0 or 2 here
1518 * since all frames are required to be aligned 1530 * since all frames are required to be aligned
@@ -1556,16 +1568,10 @@ static ieee80211_rx_result debug_noinline
1556ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx) 1568ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1557{ 1569{
1558 struct net_device *dev = rx->sdata->dev; 1570 struct net_device *dev = rx->sdata->dev;
1559 struct ieee80211_local *local = rx->local; 1571 struct sk_buff *skb = rx->skb;
1560 u16 ethertype;
1561 u8 *payload;
1562 struct sk_buff *skb = rx->skb, *frame = NULL;
1563 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 1572 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1564 __le16 fc = hdr->frame_control; 1573 __le16 fc = hdr->frame_control;
1565 const struct ethhdr *eth; 1574 struct sk_buff_head frame_list;
1566 int remaining, err;
1567 u8 dst[ETH_ALEN];
1568 u8 src[ETH_ALEN];
1569 1575
1570 if (unlikely(!ieee80211_is_data(fc))) 1576 if (unlikely(!ieee80211_is_data(fc)))
1571 return RX_CONTINUE; 1577 return RX_CONTINUE;
@@ -1576,94 +1582,34 @@ ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1576 if (!(rx->flags & IEEE80211_RX_AMSDU)) 1582 if (!(rx->flags & IEEE80211_RX_AMSDU))
1577 return RX_CONTINUE; 1583 return RX_CONTINUE;
1578 1584
1579 err = __ieee80211_data_to_8023(rx); 1585 if (ieee80211_has_a4(hdr->frame_control) &&
1580 if (unlikely(err)) 1586 rx->sdata->vif.type == NL80211_IFTYPE_AP_VLAN &&
1587 !rx->sdata->u.vlan.sta)
1581 return RX_DROP_UNUSABLE; 1588 return RX_DROP_UNUSABLE;
1582 1589
1583 skb->dev = dev; 1590 if (is_multicast_ether_addr(hdr->addr1) &&
1584 1591 ((rx->sdata->vif.type == NL80211_IFTYPE_AP_VLAN &&
1585 dev->stats.rx_packets++; 1592 rx->sdata->u.vlan.sta) ||
1586 dev->stats.rx_bytes += skb->len; 1593 (rx->sdata->vif.type == NL80211_IFTYPE_STATION &&
1587 1594 rx->sdata->u.mgd.use_4addr)))
1588 /* skip the wrapping header */
1589 eth = (struct ethhdr *) skb_pull(skb, sizeof(struct ethhdr));
1590 if (!eth)
1591 return RX_DROP_UNUSABLE; 1595 return RX_DROP_UNUSABLE;
1592 1596
1593 while (skb != frame) { 1597 skb->dev = dev;
1594 u8 padding; 1598 __skb_queue_head_init(&frame_list);
1595 __be16 len = eth->h_proto;
1596 unsigned int subframe_len = sizeof(struct ethhdr) + ntohs(len);
1597
1598 remaining = skb->len;
1599 memcpy(dst, eth->h_dest, ETH_ALEN);
1600 memcpy(src, eth->h_source, ETH_ALEN);
1601
1602 padding = ((4 - subframe_len) & 0x3);
1603 /* the last MSDU has no padding */
1604 if (subframe_len > remaining)
1605 return RX_DROP_UNUSABLE;
1606 1599
1607 skb_pull(skb, sizeof(struct ethhdr)); 1600 ieee80211_amsdu_to_8023s(skb, &frame_list, dev->dev_addr,
1608 /* if last subframe reuse skb */ 1601 rx->sdata->vif.type,
1609 if (remaining <= subframe_len + padding) 1602 rx->local->hw.extra_tx_headroom);
1610 frame = skb;
1611 else {
1612 /*
1613 * Allocate and reserve two bytes more for payload
1614 * alignment since sizeof(struct ethhdr) is 14.
1615 */
1616 frame = dev_alloc_skb(
1617 ALIGN(local->hw.extra_tx_headroom, 4) +
1618 subframe_len + 2);
1619
1620 if (frame == NULL)
1621 return RX_DROP_UNUSABLE;
1622
1623 skb_reserve(frame,
1624 ALIGN(local->hw.extra_tx_headroom, 4) +
1625 sizeof(struct ethhdr) + 2);
1626 memcpy(skb_put(frame, ntohs(len)), skb->data,
1627 ntohs(len));
1628
1629 eth = (struct ethhdr *) skb_pull(skb, ntohs(len) +
1630 padding);
1631 if (!eth) {
1632 dev_kfree_skb(frame);
1633 return RX_DROP_UNUSABLE;
1634 }
1635 }
1636 1603
1637 skb_reset_network_header(frame); 1604 while (!skb_queue_empty(&frame_list)) {
1638 frame->dev = dev; 1605 rx->skb = __skb_dequeue(&frame_list);
1639 frame->priority = skb->priority;
1640 rx->skb = frame;
1641
1642 payload = frame->data;
1643 ethertype = (payload[6] << 8) | payload[7];
1644
1645 if (likely((compare_ether_addr(payload, rfc1042_header) == 0 &&
1646 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
1647 compare_ether_addr(payload,
1648 bridge_tunnel_header) == 0)) {
1649 /* remove RFC1042 or Bridge-Tunnel
1650 * encapsulation and replace EtherType */
1651 skb_pull(frame, 6);
1652 memcpy(skb_push(frame, ETH_ALEN), src, ETH_ALEN);
1653 memcpy(skb_push(frame, ETH_ALEN), dst, ETH_ALEN);
1654 } else {
1655 memcpy(skb_push(frame, sizeof(__be16)),
1656 &len, sizeof(__be16));
1657 memcpy(skb_push(frame, ETH_ALEN), src, ETH_ALEN);
1658 memcpy(skb_push(frame, ETH_ALEN), dst, ETH_ALEN);
1659 }
1660 1606
1661 if (!ieee80211_frame_allowed(rx, fc)) { 1607 if (!ieee80211_frame_allowed(rx, fc)) {
1662 if (skb == frame) /* last frame */ 1608 dev_kfree_skb(rx->skb);
1663 return RX_DROP_UNUSABLE;
1664 dev_kfree_skb(frame);
1665 continue; 1609 continue;
1666 } 1610 }
1611 dev->stats.rx_packets++;
1612 dev->stats.rx_bytes += rx->skb->len;
1667 1613
1668 ieee80211_deliver_skb(rx); 1614 ieee80211_deliver_skb(rx);
1669 } 1615 }
@@ -1721,7 +1667,7 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1721 1667
1722 /* Frame has reached destination. Don't forward */ 1668 /* Frame has reached destination. Don't forward */
1723 if (!is_multicast_ether_addr(hdr->addr1) && 1669 if (!is_multicast_ether_addr(hdr->addr1) &&
1724 compare_ether_addr(sdata->dev->dev_addr, hdr->addr3) == 0) 1670 compare_ether_addr(sdata->vif.addr, hdr->addr3) == 0)
1725 return RX_CONTINUE; 1671 return RX_CONTINUE;
1726 1672
1727 mesh_hdr->ttl--; 1673 mesh_hdr->ttl--;
@@ -1738,10 +1684,10 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1738 1684
1739 if (!fwd_skb && net_ratelimit()) 1685 if (!fwd_skb && net_ratelimit())
1740 printk(KERN_DEBUG "%s: failed to clone mesh frame\n", 1686 printk(KERN_DEBUG "%s: failed to clone mesh frame\n",
1741 sdata->dev->name); 1687 sdata->name);
1742 1688
1743 fwd_hdr = (struct ieee80211_hdr *) fwd_skb->data; 1689 fwd_hdr = (struct ieee80211_hdr *) fwd_skb->data;
1744 memcpy(fwd_hdr->addr2, sdata->dev->dev_addr, ETH_ALEN); 1690 memcpy(fwd_hdr->addr2, sdata->vif.addr, ETH_ALEN);
1745 info = IEEE80211_SKB_CB(fwd_skb); 1691 info = IEEE80211_SKB_CB(fwd_skb);
1746 memset(info, 0, sizeof(*info)); 1692 memset(info, 0, sizeof(*info));
1747 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING; 1693 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
@@ -1788,6 +1734,7 @@ static ieee80211_rx_result debug_noinline
1788ieee80211_rx_h_data(struct ieee80211_rx_data *rx) 1734ieee80211_rx_h_data(struct ieee80211_rx_data *rx)
1789{ 1735{
1790 struct ieee80211_sub_if_data *sdata = rx->sdata; 1736 struct ieee80211_sub_if_data *sdata = rx->sdata;
1737 struct ieee80211_local *local = rx->local;
1791 struct net_device *dev = sdata->dev; 1738 struct net_device *dev = sdata->dev;
1792 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 1739 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
1793 __le16 fc = hdr->frame_control; 1740 __le16 fc = hdr->frame_control;
@@ -1819,6 +1766,13 @@ ieee80211_rx_h_data(struct ieee80211_rx_data *rx)
1819 dev->stats.rx_packets++; 1766 dev->stats.rx_packets++;
1820 dev->stats.rx_bytes += rx->skb->len; 1767 dev->stats.rx_bytes += rx->skb->len;
1821 1768
1769 if (ieee80211_is_data(hdr->frame_control) &&
1770 !is_multicast_ether_addr(hdr->addr1) &&
1771 local->hw.conf.dynamic_ps_timeout > 0 && local->ps_sdata) {
1772 mod_timer(&local->dynamic_ps_timer, jiffies +
1773 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
1774 }
1775
1822 ieee80211_deliver_skb(rx); 1776 ieee80211_deliver_skb(rx);
1823 1777
1824 return RX_QUEUED; 1778 return RX_QUEUED;
@@ -1872,7 +1826,7 @@ static void ieee80211_process_sa_query_req(struct ieee80211_sub_if_data *sdata,
1872 struct sk_buff *skb; 1826 struct sk_buff *skb;
1873 struct ieee80211_mgmt *resp; 1827 struct ieee80211_mgmt *resp;
1874 1828
1875 if (compare_ether_addr(mgmt->da, sdata->dev->dev_addr) != 0) { 1829 if (compare_ether_addr(mgmt->da, sdata->vif.addr) != 0) {
1876 /* Not to own unicast address */ 1830 /* Not to own unicast address */
1877 return; 1831 return;
1878 } 1832 }
@@ -1896,7 +1850,7 @@ static void ieee80211_process_sa_query_req(struct ieee80211_sub_if_data *sdata,
1896 resp = (struct ieee80211_mgmt *) skb_put(skb, 24); 1850 resp = (struct ieee80211_mgmt *) skb_put(skb, 24);
1897 memset(resp, 0, 24); 1851 memset(resp, 0, 24);
1898 memcpy(resp->da, mgmt->sa, ETH_ALEN); 1852 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1899 memcpy(resp->sa, sdata->dev->dev_addr, ETH_ALEN); 1853 memcpy(resp->sa, sdata->vif.addr, ETH_ALEN);
1900 memcpy(resp->bssid, sdata->u.mgd.bssid, ETH_ALEN); 1854 memcpy(resp->bssid, sdata->u.mgd.bssid, ETH_ALEN);
1901 resp->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 1855 resp->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1902 IEEE80211_STYPE_ACTION); 1856 IEEE80211_STYPE_ACTION);
@@ -1916,23 +1870,25 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1916 struct ieee80211_local *local = rx->local; 1870 struct ieee80211_local *local = rx->local;
1917 struct ieee80211_sub_if_data *sdata = rx->sdata; 1871 struct ieee80211_sub_if_data *sdata = rx->sdata;
1918 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 1872 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1873 struct sk_buff *nskb;
1874 struct ieee80211_rx_status *status;
1919 int len = rx->skb->len; 1875 int len = rx->skb->len;
1920 1876
1921 if (!ieee80211_is_action(mgmt->frame_control)) 1877 if (!ieee80211_is_action(mgmt->frame_control))
1922 return RX_CONTINUE; 1878 return RX_CONTINUE;
1923 1879
1924 if (!rx->sta) 1880 /* drop too small frames */
1925 return RX_DROP_MONITOR; 1881 if (len < IEEE80211_MIN_ACTION_SIZE)
1882 return RX_DROP_UNUSABLE;
1926 1883
1927 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1884 if (!rx->sta && mgmt->u.action.category != WLAN_CATEGORY_PUBLIC)
1928 return RX_DROP_MONITOR; 1885 return RX_DROP_UNUSABLE;
1929 1886
1930 if (ieee80211_drop_unencrypted(rx, mgmt->frame_control)) 1887 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
1931 return RX_DROP_MONITOR; 1888 return RX_DROP_UNUSABLE;
1932 1889
1933 /* all categories we currently handle have action_code */ 1890 if (ieee80211_drop_unencrypted_mgmt(rx))
1934 if (len < IEEE80211_MIN_ACTION_SIZE + 1) 1891 return RX_DROP_UNUSABLE;
1935 return RX_DROP_MONITOR;
1936 1892
1937 switch (mgmt->u.action.category) { 1893 switch (mgmt->u.action.category) {
1938 case WLAN_CATEGORY_BACK: 1894 case WLAN_CATEGORY_BACK:
@@ -1945,7 +1901,11 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1945 if (sdata->vif.type != NL80211_IFTYPE_STATION && 1901 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
1946 sdata->vif.type != NL80211_IFTYPE_AP_VLAN && 1902 sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
1947 sdata->vif.type != NL80211_IFTYPE_AP) 1903 sdata->vif.type != NL80211_IFTYPE_AP)
1948 return RX_DROP_MONITOR; 1904 break;
1905
1906 /* verify action_code is present */
1907 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
1908 break;
1949 1909
1950 switch (mgmt->u.action.u.addba_req.action_code) { 1910 switch (mgmt->u.action.u.addba_req.action_code) {
1951 case WLAN_ACTION_ADDBA_REQ: 1911 case WLAN_ACTION_ADDBA_REQ:
@@ -1953,45 +1913,49 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1953 sizeof(mgmt->u.action.u.addba_req))) 1913 sizeof(mgmt->u.action.u.addba_req)))
1954 return RX_DROP_MONITOR; 1914 return RX_DROP_MONITOR;
1955 ieee80211_process_addba_request(local, rx->sta, mgmt, len); 1915 ieee80211_process_addba_request(local, rx->sta, mgmt, len);
1956 break; 1916 goto handled;
1957 case WLAN_ACTION_ADDBA_RESP: 1917 case WLAN_ACTION_ADDBA_RESP:
1958 if (len < (IEEE80211_MIN_ACTION_SIZE + 1918 if (len < (IEEE80211_MIN_ACTION_SIZE +
1959 sizeof(mgmt->u.action.u.addba_resp))) 1919 sizeof(mgmt->u.action.u.addba_resp)))
1960 return RX_DROP_MONITOR; 1920 break;
1961 ieee80211_process_addba_resp(local, rx->sta, mgmt, len); 1921 ieee80211_process_addba_resp(local, rx->sta, mgmt, len);
1962 break; 1922 goto handled;
1963 case WLAN_ACTION_DELBA: 1923 case WLAN_ACTION_DELBA:
1964 if (len < (IEEE80211_MIN_ACTION_SIZE + 1924 if (len < (IEEE80211_MIN_ACTION_SIZE +
1965 sizeof(mgmt->u.action.u.delba))) 1925 sizeof(mgmt->u.action.u.delba)))
1966 return RX_DROP_MONITOR; 1926 break;
1967 ieee80211_process_delba(sdata, rx->sta, mgmt, len); 1927 ieee80211_process_delba(sdata, rx->sta, mgmt, len);
1968 break; 1928 goto handled;
1969 } 1929 }
1970 break; 1930 break;
1971 case WLAN_CATEGORY_SPECTRUM_MGMT: 1931 case WLAN_CATEGORY_SPECTRUM_MGMT:
1972 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ) 1932 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ)
1973 return RX_DROP_MONITOR; 1933 break;
1974 1934
1975 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1935 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1976 return RX_DROP_MONITOR; 1936 break;
1937
1938 /* verify action_code is present */
1939 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
1940 break;
1977 1941
1978 switch (mgmt->u.action.u.measurement.action_code) { 1942 switch (mgmt->u.action.u.measurement.action_code) {
1979 case WLAN_ACTION_SPCT_MSR_REQ: 1943 case WLAN_ACTION_SPCT_MSR_REQ:
1980 if (len < (IEEE80211_MIN_ACTION_SIZE + 1944 if (len < (IEEE80211_MIN_ACTION_SIZE +
1981 sizeof(mgmt->u.action.u.measurement))) 1945 sizeof(mgmt->u.action.u.measurement)))
1982 return RX_DROP_MONITOR; 1946 break;
1983 ieee80211_process_measurement_req(sdata, mgmt, len); 1947 ieee80211_process_measurement_req(sdata, mgmt, len);
1984 break; 1948 goto handled;
1985 case WLAN_ACTION_SPCT_CHL_SWITCH: 1949 case WLAN_ACTION_SPCT_CHL_SWITCH:
1986 if (len < (IEEE80211_MIN_ACTION_SIZE + 1950 if (len < (IEEE80211_MIN_ACTION_SIZE +
1987 sizeof(mgmt->u.action.u.chan_switch))) 1951 sizeof(mgmt->u.action.u.chan_switch)))
1988 return RX_DROP_MONITOR; 1952 break;
1989 1953
1990 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1954 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1991 return RX_DROP_MONITOR; 1955 break;
1992 1956
1993 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN)) 1957 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN))
1994 return RX_DROP_MONITOR; 1958 break;
1995 1959
1996 return ieee80211_sta_rx_mgmt(sdata, rx->skb); 1960 return ieee80211_sta_rx_mgmt(sdata, rx->skb);
1997 } 1961 }
@@ -1999,30 +1963,64 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1999 case WLAN_CATEGORY_SA_QUERY: 1963 case WLAN_CATEGORY_SA_QUERY:
2000 if (len < (IEEE80211_MIN_ACTION_SIZE + 1964 if (len < (IEEE80211_MIN_ACTION_SIZE +
2001 sizeof(mgmt->u.action.u.sa_query))) 1965 sizeof(mgmt->u.action.u.sa_query)))
2002 return RX_DROP_MONITOR; 1966 break;
1967
2003 switch (mgmt->u.action.u.sa_query.action) { 1968 switch (mgmt->u.action.u.sa_query.action) {
2004 case WLAN_ACTION_SA_QUERY_REQUEST: 1969 case WLAN_ACTION_SA_QUERY_REQUEST:
2005 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1970 if (sdata->vif.type != NL80211_IFTYPE_STATION)
2006 return RX_DROP_MONITOR; 1971 break;
2007 ieee80211_process_sa_query_req(sdata, mgmt, len); 1972 ieee80211_process_sa_query_req(sdata, mgmt, len);
2008 break; 1973 goto handled;
2009 case WLAN_ACTION_SA_QUERY_RESPONSE:
2010 /*
2011 * SA Query response is currently only used in AP mode
2012 * and it is processed in user space.
2013 */
2014 return RX_CONTINUE;
2015 } 1974 }
2016 break; 1975 break;
2017 default: 1976 }
2018 /* do not process rejected action frames */
2019 if (mgmt->u.action.category & 0x80)
2020 return RX_DROP_MONITOR;
2021 1977
2022 return RX_CONTINUE; 1978 /*
1979 * For AP mode, hostapd is responsible for handling any action
1980 * frames that we didn't handle, including returning unknown
1981 * ones. For all other modes we will return them to the sender,
1982 * setting the 0x80 bit in the action category, as required by
1983 * 802.11-2007 7.3.1.11.
1984 */
1985 if (sdata->vif.type == NL80211_IFTYPE_AP ||
1986 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
1987 return RX_DROP_MONITOR;
1988
1989 /*
1990 * Getting here means the kernel doesn't know how to handle
1991 * it, but maybe userspace does ... include returned frames
1992 * so userspace can register for those to know whether ones
1993 * it transmitted were processed or returned.
1994 */
1995 status = IEEE80211_SKB_RXCB(rx->skb);
1996
1997 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
1998 cfg80211_rx_action(rx->sdata->dev, status->freq,
1999 rx->skb->data, rx->skb->len,
2000 GFP_ATOMIC))
2001 goto handled;
2002
2003 /* do not return rejected action frames */
2004 if (mgmt->u.action.category & 0x80)
2005 return RX_DROP_UNUSABLE;
2006
2007 nskb = skb_copy_expand(rx->skb, local->hw.extra_tx_headroom, 0,
2008 GFP_ATOMIC);
2009 if (nskb) {
2010 struct ieee80211_mgmt *mgmt = (void *)nskb->data;
2011
2012 mgmt->u.action.category |= 0x80;
2013 memcpy(mgmt->da, mgmt->sa, ETH_ALEN);
2014 memcpy(mgmt->sa, rx->sdata->vif.addr, ETH_ALEN);
2015
2016 memset(nskb->cb, 0, sizeof(nskb->cb));
2017
2018 ieee80211_tx_skb(rx->sdata, nskb);
2023 } 2019 }
2024 2020
2025 rx->sta->rx_packets++; 2021 handled:
2022 if (rx->sta)
2023 rx->sta->rx_packets++;
2026 dev_kfree_skb(rx->skb); 2024 dev_kfree_skb(rx->skb);
2027 return RX_QUEUED; 2025 return RX_QUEUED;
2028} 2026}
@@ -2031,13 +2029,17 @@ static ieee80211_rx_result debug_noinline
2031ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx) 2029ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
2032{ 2030{
2033 struct ieee80211_sub_if_data *sdata = rx->sdata; 2031 struct ieee80211_sub_if_data *sdata = rx->sdata;
2034 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 2032 ieee80211_rx_result rxs;
2035 2033
2036 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 2034 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
2037 return RX_DROP_MONITOR; 2035 return RX_DROP_MONITOR;
2038 2036
2039 if (ieee80211_drop_unencrypted(rx, mgmt->frame_control)) 2037 if (ieee80211_drop_unencrypted_mgmt(rx))
2040 return RX_DROP_MONITOR; 2038 return RX_DROP_UNUSABLE;
2039
2040 rxs = ieee80211_work_rx_mgmt(rx->sdata, rx->skb);
2041 if (rxs != RX_CONTINUE)
2042 return rxs;
2041 2043
2042 if (ieee80211_vif_is_mesh(&sdata->vif)) 2044 if (ieee80211_vif_is_mesh(&sdata->vif))
2043 return ieee80211_mesh_rx_mgmt(sdata, rx->skb); 2045 return ieee80211_mesh_rx_mgmt(sdata, rx->skb);
@@ -2143,7 +2145,7 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx,
2143 skb->protocol = htons(ETH_P_802_2); 2145 skb->protocol = htons(ETH_P_802_2);
2144 2146
2145 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 2147 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
2146 if (!netif_running(sdata->dev)) 2148 if (!ieee80211_sdata_running(sdata))
2147 continue; 2149 continue;
2148 2150
2149 if (sdata->vif.type != NL80211_IFTYPE_MONITOR || 2151 if (sdata->vif.type != NL80211_IFTYPE_MONITOR ||
@@ -2280,7 +2282,7 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2280 if (!bssid && !sdata->u.mgd.use_4addr) 2282 if (!bssid && !sdata->u.mgd.use_4addr)
2281 return 0; 2283 return 0;
2282 if (!multicast && 2284 if (!multicast &&
2283 compare_ether_addr(sdata->dev->dev_addr, hdr->addr1) != 0) { 2285 compare_ether_addr(sdata->vif.addr, hdr->addr1) != 0) {
2284 if (!(sdata->dev->flags & IFF_PROMISC)) 2286 if (!(sdata->dev->flags & IFF_PROMISC))
2285 return 0; 2287 return 0;
2286 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2288 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -2297,7 +2299,7 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2297 return 0; 2299 return 0;
2298 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2300 rx->flags &= ~IEEE80211_RX_RA_MATCH;
2299 } else if (!multicast && 2301 } else if (!multicast &&
2300 compare_ether_addr(sdata->dev->dev_addr, 2302 compare_ether_addr(sdata->vif.addr,
2301 hdr->addr1) != 0) { 2303 hdr->addr1) != 0) {
2302 if (!(sdata->dev->flags & IFF_PROMISC)) 2304 if (!(sdata->dev->flags & IFF_PROMISC))
2303 return 0; 2305 return 0;
@@ -2308,13 +2310,13 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2308 rate_idx = 0; /* TODO: HT rates */ 2310 rate_idx = 0; /* TODO: HT rates */
2309 else 2311 else
2310 rate_idx = status->rate_idx; 2312 rate_idx = status->rate_idx;
2311 rx->sta = ieee80211_ibss_add_sta(sdata, bssid, hdr->addr2, 2313 rx->sta = ieee80211_ibss_add_sta(sdata, bssid,
2312 BIT(rate_idx)); 2314 hdr->addr2, BIT(rate_idx), GFP_ATOMIC);
2313 } 2315 }
2314 break; 2316 break;
2315 case NL80211_IFTYPE_MESH_POINT: 2317 case NL80211_IFTYPE_MESH_POINT:
2316 if (!multicast && 2318 if (!multicast &&
2317 compare_ether_addr(sdata->dev->dev_addr, 2319 compare_ether_addr(sdata->vif.addr,
2318 hdr->addr1) != 0) { 2320 hdr->addr1) != 0) {
2319 if (!(sdata->dev->flags & IFF_PROMISC)) 2321 if (!(sdata->dev->flags & IFF_PROMISC))
2320 return 0; 2322 return 0;
@@ -2325,11 +2327,11 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2325 case NL80211_IFTYPE_AP_VLAN: 2327 case NL80211_IFTYPE_AP_VLAN:
2326 case NL80211_IFTYPE_AP: 2328 case NL80211_IFTYPE_AP:
2327 if (!bssid) { 2329 if (!bssid) {
2328 if (compare_ether_addr(sdata->dev->dev_addr, 2330 if (compare_ether_addr(sdata->vif.addr,
2329 hdr->addr1)) 2331 hdr->addr1))
2330 return 0; 2332 return 0;
2331 } else if (!ieee80211_bssid_match(bssid, 2333 } else if (!ieee80211_bssid_match(bssid,
2332 sdata->dev->dev_addr)) { 2334 sdata->vif.addr)) {
2333 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2335 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
2334 return 0; 2336 return 0;
2335 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2337 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -2368,6 +2370,8 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2368 int prepares; 2370 int prepares;
2369 struct ieee80211_sub_if_data *prev = NULL; 2371 struct ieee80211_sub_if_data *prev = NULL;
2370 struct sk_buff *skb_new; 2372 struct sk_buff *skb_new;
2373 struct sta_info *sta, *tmp;
2374 bool found_sta = false;
2371 2375
2372 hdr = (struct ieee80211_hdr *)skb->data; 2376 hdr = (struct ieee80211_hdr *)skb->data;
2373 memset(&rx, 0, sizeof(rx)); 2377 memset(&rx, 0, sizeof(rx));
@@ -2384,68 +2388,87 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2384 ieee80211_parse_qos(&rx); 2388 ieee80211_parse_qos(&rx);
2385 ieee80211_verify_alignment(&rx); 2389 ieee80211_verify_alignment(&rx);
2386 2390
2387 rx.sta = sta_info_get(local, hdr->addr2); 2391 if (ieee80211_is_data(hdr->frame_control)) {
2388 if (rx.sta) 2392 for_each_sta_info(local, hdr->addr2, sta, tmp) {
2389 rx.sdata = rx.sta->sdata; 2393 rx.sta = sta;
2390 2394 found_sta = true;
2391 if (rx.sdata && ieee80211_is_data(hdr->frame_control)) { 2395 rx.sdata = sta->sdata;
2392 rx.flags |= IEEE80211_RX_RA_MATCH; 2396
2393 prepares = prepare_for_handlers(rx.sdata, &rx, hdr); 2397 rx.flags |= IEEE80211_RX_RA_MATCH;
2394 if (prepares) { 2398 prepares = prepare_for_handlers(rx.sdata, &rx, hdr);
2395 if (status->flag & RX_FLAG_MMIC_ERROR) { 2399 if (prepares) {
2396 if (rx.flags & IEEE80211_RX_RA_MATCH) 2400 if (status->flag & RX_FLAG_MMIC_ERROR) {
2397 ieee80211_rx_michael_mic_report(hdr, &rx); 2401 if (rx.flags & IEEE80211_RX_RA_MATCH)
2398 } else 2402 ieee80211_rx_michael_mic_report(hdr, &rx);
2399 prev = rx.sdata; 2403 } else
2404 prev = rx.sdata;
2405 }
2400 } 2406 }
2401 } else list_for_each_entry_rcu(sdata, &local->interfaces, list) { 2407 }
2402 if (!netif_running(sdata->dev)) 2408 if (!found_sta) {
2403 continue; 2409 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
2410 if (!ieee80211_sdata_running(sdata))
2411 continue;
2404 2412
2405 if (sdata->vif.type == NL80211_IFTYPE_MONITOR || 2413 if (sdata->vif.type == NL80211_IFTYPE_MONITOR ||
2406 sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 2414 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
2407 continue; 2415 continue;
2408 2416
2409 rx.flags |= IEEE80211_RX_RA_MATCH; 2417 /*
2410 prepares = prepare_for_handlers(sdata, &rx, hdr); 2418 * frame is destined for this interface, but if it's
2419 * not also for the previous one we handle that after
2420 * the loop to avoid copying the SKB once too much
2421 */
2411 2422
2412 if (!prepares) 2423 if (!prev) {
2413 continue; 2424 prev = sdata;
2425 continue;
2426 }
2414 2427
2415 if (status->flag & RX_FLAG_MMIC_ERROR) { 2428 rx.sta = sta_info_get_bss(prev, hdr->addr2);
2416 rx.sdata = sdata;
2417 if (rx.flags & IEEE80211_RX_RA_MATCH)
2418 ieee80211_rx_michael_mic_report(hdr, &rx);
2419 continue;
2420 }
2421 2429
2422 /* 2430 rx.flags |= IEEE80211_RX_RA_MATCH;
2423 * frame is destined for this interface, but if it's not 2431 prepares = prepare_for_handlers(prev, &rx, hdr);
2424 * also for the previous one we handle that after the 2432
2425 * loop to avoid copying the SKB once too much 2433 if (!prepares)
2426 */ 2434 goto next;
2427 2435
2428 if (!prev) { 2436 if (status->flag & RX_FLAG_MMIC_ERROR) {
2437 rx.sdata = prev;
2438 if (rx.flags & IEEE80211_RX_RA_MATCH)
2439 ieee80211_rx_michael_mic_report(hdr,
2440 &rx);
2441 goto next;
2442 }
2443
2444 /*
2445 * frame was destined for the previous interface
2446 * so invoke RX handlers for it
2447 */
2448
2449 skb_new = skb_copy(skb, GFP_ATOMIC);
2450 if (!skb_new) {
2451 if (net_ratelimit())
2452 printk(KERN_DEBUG "%s: failed to copy "
2453 "multicast frame for %s\n",
2454 wiphy_name(local->hw.wiphy),
2455 prev->name);
2456 goto next;
2457 }
2458 ieee80211_invoke_rx_handlers(prev, &rx, skb_new, rate);
2459next:
2429 prev = sdata; 2460 prev = sdata;
2430 continue;
2431 } 2461 }
2432 2462
2433 /* 2463 if (prev) {
2434 * frame was destined for the previous interface 2464 rx.sta = sta_info_get_bss(prev, hdr->addr2);
2435 * so invoke RX handlers for it
2436 */
2437 2465
2438 skb_new = skb_copy(skb, GFP_ATOMIC); 2466 rx.flags |= IEEE80211_RX_RA_MATCH;
2439 if (!skb_new) { 2467 prepares = prepare_for_handlers(prev, &rx, hdr);
2440 if (net_ratelimit()) 2468
2441 printk(KERN_DEBUG "%s: failed to copy " 2469 if (!prepares)
2442 "multicast frame for %s\n", 2470 prev = NULL;
2443 wiphy_name(local->hw.wiphy),
2444 prev->dev->name);
2445 continue;
2446 } 2471 }
2447 ieee80211_invoke_rx_handlers(prev, &rx, skb_new, rate);
2448 prev = sdata;
2449 } 2472 }
2450 if (prev) 2473 if (prev)
2451 ieee80211_invoke_rx_handlers(prev, &rx, skb, rate); 2474 ieee80211_invoke_rx_handlers(prev, &rx, skb, rate);
generated by cgit v1.2.2 (git 2.25.0) at 2025-12-09 09:04:44 -0500