aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211/sta_info.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211/sta_info.c')
-rw-r--r--net/mac80211/sta_info.c550
1 files changed, 386 insertions, 164 deletions
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 1f74bd296357..3b84c16cf054 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -15,21 +15,52 @@
15#include <linux/skbuff.h> 15#include <linux/skbuff.h>
16#include <linux/if_arp.h> 16#include <linux/if_arp.h>
17#include <linux/timer.h> 17#include <linux/timer.h>
18#include <linux/rtnetlink.h>
18 19
19#include <net/mac80211.h> 20#include <net/mac80211.h>
20#include "ieee80211_i.h" 21#include "ieee80211_i.h"
21#include "ieee80211_rate.h" 22#include "ieee80211_rate.h"
22#include "sta_info.h" 23#include "sta_info.h"
23#include "debugfs_sta.h" 24#include "debugfs_sta.h"
25#include "mesh.h"
24 26
25/* Caller must hold local->sta_lock */ 27/**
26static void sta_info_hash_add(struct ieee80211_local *local, 28 * DOC: STA information lifetime rules
27 struct sta_info *sta) 29 *
28{ 30 * STA info structures (&struct sta_info) are managed in a hash table
29 sta->hnext = local->sta_hash[STA_HASH(sta->addr)]; 31 * for faster lookup and a list for iteration. They are managed using
30 local->sta_hash[STA_HASH(sta->addr)] = sta; 32 * RCU, i.e. access to the list and hash table is protected by RCU.
31} 33 *
32 34 * Upon allocating a STA info structure with sta_info_alloc(), the caller owns
35 * that structure. It must then either destroy it using sta_info_destroy()
36 * (which is pretty useless) or insert it into the hash table using
37 * sta_info_insert() which demotes the reference from ownership to a regular
38 * RCU-protected reference; if the function is called without protection by an
39 * RCU critical section the reference is instantly invalidated.
40 *
41 * Because there are debugfs entries for each station, and adding those
42 * must be able to sleep, it is also possible to "pin" a station entry,
43 * that means it can be removed from the hash table but not be freed.
44 * See the comment in __sta_info_unlink() for more information.
45 *
46 * In order to remove a STA info structure, the caller needs to first
47 * unlink it (sta_info_unlink()) from the list and hash tables and
48 * then wait for an RCU synchronisation before it can be freed. Due to
49 * the pinning and the possibility of multiple callers trying to remove
50 * the same STA info at the same time, sta_info_unlink() can clear the
51 * STA info pointer it is passed to indicate that the STA info is owned
52 * by somebody else now.
53 *
54 * If sta_info_unlink() did not clear the pointer then the caller owns
55 * the STA info structure now and is responsible of destroying it with
56 * a call to sta_info_destroy(), not before RCU synchronisation, of
57 * course. Note that sta_info_destroy() must be protected by the RTNL.
58 *
59 * In all other cases, there is no concept of ownership on a STA entry,
60 * each structure is owned by the global hash table/list until it is
61 * removed. All users of the structure need to be RCU protected so that
62 * the structure won't be freed before they are done using it.
63 */
33 64
34/* Caller must hold local->sta_lock */ 65/* Caller must hold local->sta_lock */
35static int sta_info_hash_del(struct ieee80211_local *local, 66static int sta_info_hash_del(struct ieee80211_local *local,
@@ -41,159 +72,238 @@ static int sta_info_hash_del(struct ieee80211_local *local,
41 if (!s) 72 if (!s)
42 return -ENOENT; 73 return -ENOENT;
43 if (s == sta) { 74 if (s == sta) {
44 local->sta_hash[STA_HASH(sta->addr)] = s->hnext; 75 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)],
76 s->hnext);
45 return 0; 77 return 0;
46 } 78 }
47 79
48 while (s->hnext && s->hnext != sta) 80 while (s->hnext && s->hnext != sta)
49 s = s->hnext; 81 s = s->hnext;
50 if (s->hnext) { 82 if (s->hnext) {
51 s->hnext = sta->hnext; 83 rcu_assign_pointer(s->hnext, sta->hnext);
52 return 0; 84 return 0;
53 } 85 }
54 86
55 return -ENOENT; 87 return -ENOENT;
56} 88}
57 89
58struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr) 90/* protected by RCU */
91static struct sta_info *__sta_info_find(struct ieee80211_local *local,
92 u8 *addr)
59{ 93{
60 struct sta_info *sta; 94 struct sta_info *sta;
61 95
62 read_lock_bh(&local->sta_lock); 96 sta = rcu_dereference(local->sta_hash[STA_HASH(addr)]);
63 sta = local->sta_hash[STA_HASH(addr)];
64 while (sta) { 97 while (sta) {
65 if (memcmp(sta->addr, addr, ETH_ALEN) == 0) { 98 if (compare_ether_addr(sta->addr, addr) == 0)
66 __sta_info_get(sta);
67 break; 99 break;
68 } 100 sta = rcu_dereference(sta->hnext);
69 sta = sta->hnext;
70 } 101 }
71 read_unlock_bh(&local->sta_lock);
72
73 return sta; 102 return sta;
74} 103}
104
105struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr)
106{
107 return __sta_info_find(local, addr);
108}
75EXPORT_SYMBOL(sta_info_get); 109EXPORT_SYMBOL(sta_info_get);
76 110
77int sta_info_min_txrate_get(struct ieee80211_local *local) 111struct sta_info *sta_info_get_by_idx(struct ieee80211_local *local, int idx,
112 struct net_device *dev)
78{ 113{
79 struct sta_info *sta; 114 struct sta_info *sta;
80 struct ieee80211_hw_mode *mode; 115 int i = 0;
81 int min_txrate = 9999999; 116
82 int i; 117 list_for_each_entry_rcu(sta, &local->sta_list, list) {
83 118 if (dev && dev != sta->sdata->dev)
84 read_lock_bh(&local->sta_lock); 119 continue;
85 mode = local->oper_hw_mode; 120 if (i < idx) {
86 for (i = 0; i < STA_HASH_SIZE; i++) { 121 ++i;
87 sta = local->sta_hash[i]; 122 continue;
88 while (sta) {
89 if (sta->txrate < min_txrate)
90 min_txrate = sta->txrate;
91 sta = sta->hnext;
92 } 123 }
124 return sta;
93 } 125 }
94 read_unlock_bh(&local->sta_lock);
95 if (min_txrate == 9999999)
96 min_txrate = 0;
97 126
98 return mode->rates[min_txrate].rate; 127 return NULL;
99} 128}
100 129
101 130void sta_info_destroy(struct sta_info *sta)
102static void sta_info_release(struct kref *kref)
103{ 131{
104 struct sta_info *sta = container_of(kref, struct sta_info, kref);
105 struct ieee80211_local *local = sta->local; 132 struct ieee80211_local *local = sta->local;
106 struct sk_buff *skb; 133 struct sk_buff *skb;
107 int i; 134 int i;
135 DECLARE_MAC_BUF(mbuf);
136
137 if (!sta)
138 return;
139
140 ASSERT_RTNL();
141 might_sleep();
142
143 rate_control_remove_sta_debugfs(sta);
144 ieee80211_sta_debugfs_remove(sta);
145
146#ifdef CONFIG_MAC80211_MESH
147 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
148 mesh_plink_deactivate(sta);
149#endif
150
151 /*
152 * NOTE: This will call synchronize_rcu() internally to
153 * make sure no key references can be in use. We rely on
154 * that here for the mesh code!
155 */
156 ieee80211_key_free(sta->key);
157 WARN_ON(sta->key);
158
159#ifdef CONFIG_MAC80211_MESH
160 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
161 del_timer_sync(&sta->plink_timer);
162#endif
108 163
109 /* free sta structure; it has already been removed from
110 * hash table etc. external structures. Make sure that all
111 * buffered frames are release (one might have been added
112 * after sta_info_free() was called). */
113 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 164 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
114 local->total_ps_buffered--; 165 local->total_ps_buffered--;
115 dev_kfree_skb_any(skb); 166 dev_kfree_skb_any(skb);
116 } 167 }
117 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 168
169 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL)
118 dev_kfree_skb_any(skb); 170 dev_kfree_skb_any(skb);
119 } 171
120 for (i = 0; i < STA_TID_NUM; i++) 172 for (i = 0; i < STA_TID_NUM; i++) {
121 del_timer_sync(&sta->ampdu_mlme.tid_rx[i].session_timer); 173 del_timer_sync(&sta->ampdu_mlme.tid_rx[i].session_timer);
174 del_timer_sync(&sta->ampdu_mlme.tid_tx[i].addba_resp_timer);
175 }
122 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv); 176 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv);
123 rate_control_put(sta->rate_ctrl); 177 rate_control_put(sta->rate_ctrl);
178
179#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
180 printk(KERN_DEBUG "%s: Destroyed STA %s\n",
181 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr));
182#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
183
124 kfree(sta); 184 kfree(sta);
125} 185}
126 186
127 187
128void sta_info_put(struct sta_info *sta) 188/* Caller must hold local->sta_lock */
189static void sta_info_hash_add(struct ieee80211_local *local,
190 struct sta_info *sta)
129{ 191{
130 kref_put(&sta->kref, sta_info_release); 192 sta->hnext = local->sta_hash[STA_HASH(sta->addr)];
193 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)], sta);
131} 194}
132EXPORT_SYMBOL(sta_info_put);
133 195
134 196struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
135struct sta_info * sta_info_add(struct ieee80211_local *local, 197 u8 *addr, gfp_t gfp)
136 struct net_device *dev, u8 *addr, gfp_t gfp)
137{ 198{
199 struct ieee80211_local *local = sdata->local;
138 struct sta_info *sta; 200 struct sta_info *sta;
139 int i; 201 int i;
140 DECLARE_MAC_BUF(mac); 202 DECLARE_MAC_BUF(mbuf);
141 203
142 sta = kzalloc(sizeof(*sta), gfp); 204 sta = kzalloc(sizeof(*sta), gfp);
143 if (!sta) 205 if (!sta)
144 return NULL; 206 return NULL;
145 207
146 kref_init(&sta->kref); 208 memcpy(sta->addr, addr, ETH_ALEN);
209 sta->local = local;
210 sta->sdata = sdata;
147 211
148 sta->rate_ctrl = rate_control_get(local->rate_ctrl); 212 sta->rate_ctrl = rate_control_get(local->rate_ctrl);
149 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl, gfp); 213 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl,
214 gfp);
150 if (!sta->rate_ctrl_priv) { 215 if (!sta->rate_ctrl_priv) {
151 rate_control_put(sta->rate_ctrl); 216 rate_control_put(sta->rate_ctrl);
152 kfree(sta); 217 kfree(sta);
153 return NULL; 218 return NULL;
154 } 219 }
155 220
156 memcpy(sta->addr, addr, ETH_ALEN);
157 sta->local = local;
158 sta->dev = dev;
159 spin_lock_init(&sta->ampdu_mlme.ampdu_rx); 221 spin_lock_init(&sta->ampdu_mlme.ampdu_rx);
222 spin_lock_init(&sta->ampdu_mlme.ampdu_tx);
160 for (i = 0; i < STA_TID_NUM; i++) { 223 for (i = 0; i < STA_TID_NUM; i++) {
161 /* timer_to_tid must be initialized with identity mapping to 224 /* timer_to_tid must be initialized with identity mapping to
162 * enable session_timer's data differentiation. refer to 225 * enable session_timer's data differentiation. refer to
163 * sta_rx_agg_session_timer_expired for useage */ 226 * sta_rx_agg_session_timer_expired for useage */
164 sta->timer_to_tid[i] = i; 227 sta->timer_to_tid[i] = i;
228 /* tid to tx queue: initialize according to HW (0 is valid) */
229 sta->tid_to_tx_q[i] = local->hw.queues;
165 /* rx timers */ 230 /* rx timers */
166 sta->ampdu_mlme.tid_rx[i].session_timer.function = 231 sta->ampdu_mlme.tid_rx[i].session_timer.function =
167 sta_rx_agg_session_timer_expired; 232 sta_rx_agg_session_timer_expired;
168 sta->ampdu_mlme.tid_rx[i].session_timer.data = 233 sta->ampdu_mlme.tid_rx[i].session_timer.data =
169 (unsigned long)&sta->timer_to_tid[i]; 234 (unsigned long)&sta->timer_to_tid[i];
170 init_timer(&sta->ampdu_mlme.tid_rx[i].session_timer); 235 init_timer(&sta->ampdu_mlme.tid_rx[i].session_timer);
236 /* tx timers */
237 sta->ampdu_mlme.tid_tx[i].addba_resp_timer.function =
238 sta_addba_resp_timer_expired;
239 sta->ampdu_mlme.tid_tx[i].addba_resp_timer.data =
240 (unsigned long)&sta->timer_to_tid[i];
241 init_timer(&sta->ampdu_mlme.tid_tx[i].addba_resp_timer);
171 } 242 }
172 skb_queue_head_init(&sta->ps_tx_buf); 243 skb_queue_head_init(&sta->ps_tx_buf);
173 skb_queue_head_init(&sta->tx_filtered); 244 skb_queue_head_init(&sta->tx_filtered);
174 __sta_info_get(sta); /* sta used by caller, decremented by 245
175 * sta_info_put() */ 246#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
176 write_lock_bh(&local->sta_lock); 247 printk(KERN_DEBUG "%s: Allocated STA %s\n",
248 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr));
249#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
250
251#ifdef CONFIG_MAC80211_MESH
252 sta->plink_state = PLINK_LISTEN;
253 spin_lock_init(&sta->plink_lock);
254 init_timer(&sta->plink_timer);
255#endif
256
257 return sta;
258}
259
260int sta_info_insert(struct sta_info *sta)
261{
262 struct ieee80211_local *local = sta->local;
263 struct ieee80211_sub_if_data *sdata = sta->sdata;
264 unsigned long flags;
265 DECLARE_MAC_BUF(mac);
266
267 /*
268 * Can't be a WARN_ON because it can be triggered through a race:
269 * something inserts a STA (on one CPU) without holding the RTNL
270 * and another CPU turns off the net device.
271 */
272 if (unlikely(!netif_running(sdata->dev)))
273 return -ENETDOWN;
274
275 if (WARN_ON(compare_ether_addr(sta->addr, sdata->dev->dev_addr) == 0))
276 return -EINVAL;
277
278 if (WARN_ON(is_multicast_ether_addr(sta->addr)))
279 return -EINVAL;
280
281 spin_lock_irqsave(&local->sta_lock, flags);
282 /* check if STA exists already */
283 if (__sta_info_find(local, sta->addr)) {
284 spin_unlock_irqrestore(&local->sta_lock, flags);
285 return -EEXIST;
286 }
177 list_add(&sta->list, &local->sta_list); 287 list_add(&sta->list, &local->sta_list);
178 local->num_sta++; 288 local->num_sta++;
179 sta_info_hash_add(local, sta); 289 sta_info_hash_add(local, sta);
180 if (local->ops->sta_notify) {
181 struct ieee80211_sub_if_data *sdata;
182 290
183 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 291 /* notify driver */
292 if (local->ops->sta_notify) {
184 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 293 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN)
185 sdata = sdata->u.vlan.ap; 294 sdata = sdata->u.vlan.ap;
186 295
187 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 296 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
188 STA_NOTIFY_ADD, addr); 297 STA_NOTIFY_ADD, sta->addr);
189 } 298 }
190 write_unlock_bh(&local->sta_lock);
191 299
192#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 300#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
193 printk(KERN_DEBUG "%s: Added STA %s\n", 301 printk(KERN_DEBUG "%s: Inserted STA %s\n",
194 wiphy_name(local->hw.wiphy), print_mac(mac, addr)); 302 wiphy_name(local->hw.wiphy), print_mac(mac, sta->addr));
195#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 303#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
196 304
305 spin_unlock_irqrestore(&local->sta_lock, flags);
306
197#ifdef CONFIG_MAC80211_DEBUGFS 307#ifdef CONFIG_MAC80211_DEBUGFS
198 /* debugfs entry adding might sleep, so schedule process 308 /* debugfs entry adding might sleep, so schedule process
199 * context task for adding entry for STAs that do not yet 309 * context task for adding entry for STAs that do not yet
@@ -201,77 +311,185 @@ struct sta_info * sta_info_add(struct ieee80211_local *local,
201 queue_work(local->hw.workqueue, &local->sta_debugfs_add); 311 queue_work(local->hw.workqueue, &local->sta_debugfs_add);
202#endif 312#endif
203 313
204 return sta; 314 if (ieee80211_vif_is_mesh(&sdata->vif))
315 mesh_accept_plinks_update(sdata);
316
317 return 0;
205} 318}
206 319
207/* Caller must hold local->sta_lock */ 320static inline void __bss_tim_set(struct ieee80211_if_ap *bss, u16 aid)
208void sta_info_remove(struct sta_info *sta)
209{ 321{
210 struct ieee80211_local *local = sta->local; 322 /*
211 struct ieee80211_sub_if_data *sdata; 323 * This format has been mandated by the IEEE specifications,
324 * so this line may not be changed to use the __set_bit() format.
325 */
326 bss->tim[aid / 8] |= (1 << (aid % 8));
327}
212 328
213 /* don't do anything if we've been removed already */ 329static inline void __bss_tim_clear(struct ieee80211_if_ap *bss, u16 aid)
214 if (sta_info_hash_del(local, sta)) 330{
215 return; 331 /*
332 * This format has been mandated by the IEEE specifications,
333 * so this line may not be changed to use the __clear_bit() format.
334 */
335 bss->tim[aid / 8] &= ~(1 << (aid % 8));
336}
216 337
217 list_del(&sta->list); 338static void __sta_info_set_tim_bit(struct ieee80211_if_ap *bss,
218 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 339 struct sta_info *sta)
219 if (sta->flags & WLAN_STA_PS) { 340{
220 sta->flags &= ~WLAN_STA_PS; 341 if (bss)
221 if (sdata->bss) 342 __bss_tim_set(bss, sta->aid);
222 atomic_dec(&sdata->bss->num_sta_ps); 343 if (sta->local->ops->set_tim) {
344 sta->local->tim_in_locked_section = true;
345 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 1);
346 sta->local->tim_in_locked_section = false;
223 } 347 }
224 local->num_sta--; 348}
225 sta_info_remove_aid_ptr(sta); 349
350void sta_info_set_tim_bit(struct sta_info *sta)
351{
352 unsigned long flags;
226 353
354 spin_lock_irqsave(&sta->local->sta_lock, flags);
355 __sta_info_set_tim_bit(sta->sdata->bss, sta);
356 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
227} 357}
228 358
229void sta_info_free(struct sta_info *sta) 359static void __sta_info_clear_tim_bit(struct ieee80211_if_ap *bss,
360 struct sta_info *sta)
230{ 361{
231 struct sk_buff *skb; 362 if (bss)
232 struct ieee80211_local *local = sta->local; 363 __bss_tim_clear(bss, sta->aid);
233 DECLARE_MAC_BUF(mac); 364 if (sta->local->ops->set_tim) {
365 sta->local->tim_in_locked_section = true;
366 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 0);
367 sta->local->tim_in_locked_section = false;
368 }
369}
234 370
235 might_sleep(); 371void sta_info_clear_tim_bit(struct sta_info *sta)
372{
373 unsigned long flags;
236 374
237 write_lock_bh(&local->sta_lock); 375 spin_lock_irqsave(&sta->local->sta_lock, flags);
238 sta_info_remove(sta); 376 __sta_info_clear_tim_bit(sta->sdata->bss, sta);
239 write_unlock_bh(&local->sta_lock); 377 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
378}
240 379
241 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 380/*
242 local->total_ps_buffered--; 381 * See comment in __sta_info_unlink,
243 dev_kfree_skb(skb); 382 * caller must hold local->sta_lock.
244 } 383 */
245 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 384static void __sta_info_pin(struct sta_info *sta)
246 dev_kfree_skb(skb); 385{
247 } 386 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_NORMAL);
387 sta->pin_status = STA_INFO_PIN_STAT_PINNED;
388}
389
390/*
391 * See comment in __sta_info_unlink, returns sta if it
392 * needs to be destroyed.
393 */
394static struct sta_info *__sta_info_unpin(struct sta_info *sta)
395{
396 struct sta_info *ret = NULL;
397 unsigned long flags;
248 398
399 spin_lock_irqsave(&sta->local->sta_lock, flags);
400 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_DESTROY &&
401 sta->pin_status != STA_INFO_PIN_STAT_PINNED);
402 if (sta->pin_status == STA_INFO_PIN_STAT_DESTROY)
403 ret = sta;
404 sta->pin_status = STA_INFO_PIN_STAT_NORMAL;
405 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
406
407 return ret;
408}
409
410static void __sta_info_unlink(struct sta_info **sta)
411{
412 struct ieee80211_local *local = (*sta)->local;
413 struct ieee80211_sub_if_data *sdata = (*sta)->sdata;
249#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 414#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
250 printk(KERN_DEBUG "%s: Removed STA %s\n", 415 DECLARE_MAC_BUF(mbuf);
251 wiphy_name(local->hw.wiphy), print_mac(mac, sta->addr)); 416#endif
252#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 417 /*
418 * pull caller's reference if we're already gone.
419 */
420 if (sta_info_hash_del(local, *sta)) {
421 *sta = NULL;
422 return;
423 }
253 424
254 ieee80211_key_free(sta->key); 425 /*
255 sta->key = NULL; 426 * Also pull caller's reference if the STA is pinned by the
427 * task that is adding the debugfs entries. In that case, we
428 * leave the STA "to be freed".
429 *
430 * The rules are not trivial, but not too complex either:
431 * (1) pin_status is only modified under the sta_lock
432 * (2) sta_info_debugfs_add_work() will set the status
433 * to PINNED when it found an item that needs a new
434 * debugfs directory created. In that case, that item
435 * must not be freed although all *RCU* users are done
436 * with it. Hence, we tell the caller of _unlink()
437 * that the item is already gone (as can happen when
438 * two tasks try to unlink/destroy at the same time)
439 * (3) We set the pin_status to DESTROY here when we
440 * find such an item.
441 * (4) sta_info_debugfs_add_work() will reset the pin_status
442 * from PINNED to NORMAL when it is done with the item,
443 * but will check for DESTROY before resetting it in
444 * which case it will free the item.
445 */
446 if ((*sta)->pin_status == STA_INFO_PIN_STAT_PINNED) {
447 (*sta)->pin_status = STA_INFO_PIN_STAT_DESTROY;
448 *sta = NULL;
449 return;
450 }
256 451
257 if (local->ops->sta_notify) { 452 list_del(&(*sta)->list);
258 struct ieee80211_sub_if_data *sdata; 453
454 if ((*sta)->flags & WLAN_STA_PS) {
455 (*sta)->flags &= ~WLAN_STA_PS;
456 if (sdata->bss)
457 atomic_dec(&sdata->bss->num_sta_ps);
458 __sta_info_clear_tim_bit(sdata->bss, *sta);
459 }
259 460
260 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 461 local->num_sta--;
261 462
463 if (local->ops->sta_notify) {
262 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 464 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN)
263 sdata = sdata->u.vlan.ap; 465 sdata = sdata->u.vlan.ap;
264 466
265 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 467 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
266 STA_NOTIFY_REMOVE, sta->addr); 468 STA_NOTIFY_REMOVE, (*sta)->addr);
267 } 469 }
268 470
269 rate_control_remove_sta_debugfs(sta); 471 if (ieee80211_vif_is_mesh(&sdata->vif)) {
270 ieee80211_sta_debugfs_remove(sta); 472 mesh_accept_plinks_update(sdata);
473#ifdef CONFIG_MAC80211_MESH
474 del_timer(&(*sta)->plink_timer);
475#endif
476 }
271 477
272 sta_info_put(sta); 478#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
479 printk(KERN_DEBUG "%s: Removed STA %s\n",
480 wiphy_name(local->hw.wiphy), print_mac(mbuf, (*sta)->addr));
481#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
273} 482}
274 483
484void sta_info_unlink(struct sta_info **sta)
485{
486 struct ieee80211_local *local = (*sta)->local;
487 unsigned long flags;
488
489 spin_lock_irqsave(&local->sta_lock, flags);
490 __sta_info_unlink(sta);
491 spin_unlock_irqrestore(&local->sta_lock, flags);
492}
275 493
276static inline int sta_info_buffer_expired(struct ieee80211_local *local, 494static inline int sta_info_buffer_expired(struct ieee80211_local *local,
277 struct sta_info *sta, 495 struct sta_info *sta,
@@ -299,6 +517,7 @@ static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
299{ 517{
300 unsigned long flags; 518 unsigned long flags;
301 struct sk_buff *skb; 519 struct sk_buff *skb;
520 struct ieee80211_sub_if_data *sdata;
302 DECLARE_MAC_BUF(mac); 521 DECLARE_MAC_BUF(mac);
303 522
304 if (skb_queue_empty(&sta->ps_tx_buf)) 523 if (skb_queue_empty(&sta->ps_tx_buf))
@@ -307,21 +526,23 @@ static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
307 for (;;) { 526 for (;;) {
308 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags); 527 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags);
309 skb = skb_peek(&sta->ps_tx_buf); 528 skb = skb_peek(&sta->ps_tx_buf);
310 if (sta_info_buffer_expired(local, sta, skb)) { 529 if (sta_info_buffer_expired(local, sta, skb))
311 skb = __skb_dequeue(&sta->ps_tx_buf); 530 skb = __skb_dequeue(&sta->ps_tx_buf);
312 if (skb_queue_empty(&sta->ps_tx_buf)) 531 else
313 sta->flags &= ~WLAN_STA_TIM;
314 } else
315 skb = NULL; 532 skb = NULL;
316 spin_unlock_irqrestore(&sta->ps_tx_buf.lock, flags); 533 spin_unlock_irqrestore(&sta->ps_tx_buf.lock, flags);
317 534
318 if (skb) { 535 if (!skb)
319 local->total_ps_buffered--;
320 printk(KERN_DEBUG "Buffered frame expired (STA "
321 "%s)\n", print_mac(mac, sta->addr));
322 dev_kfree_skb(skb);
323 } else
324 break; 536 break;
537
538 sdata = sta->sdata;
539 local->total_ps_buffered--;
540 printk(KERN_DEBUG "Buffered frame expired (STA "
541 "%s)\n", print_mac(mac, sta->addr));
542 dev_kfree_skb(skb);
543
544 if (skb_queue_empty(&sta->ps_tx_buf))
545 sta_info_clear_tim_bit(sta);
325 } 546 }
326} 547}
327 548
@@ -331,13 +552,10 @@ static void sta_info_cleanup(unsigned long data)
331 struct ieee80211_local *local = (struct ieee80211_local *) data; 552 struct ieee80211_local *local = (struct ieee80211_local *) data;
332 struct sta_info *sta; 553 struct sta_info *sta;
333 554
334 read_lock_bh(&local->sta_lock); 555 rcu_read_lock();
335 list_for_each_entry(sta, &local->sta_list, list) { 556 list_for_each_entry_rcu(sta, &local->sta_list, list)
336 __sta_info_get(sta);
337 sta_info_cleanup_expire_buffered(local, sta); 557 sta_info_cleanup_expire_buffered(local, sta);
338 sta_info_put(sta); 558 rcu_read_unlock();
339 }
340 read_unlock_bh(&local->sta_lock);
341 559
342 local->sta_cleanup.expires = 560 local->sta_cleanup.expires =
343 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 561 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL);
@@ -345,37 +563,45 @@ static void sta_info_cleanup(unsigned long data)
345} 563}
346 564
347#ifdef CONFIG_MAC80211_DEBUGFS 565#ifdef CONFIG_MAC80211_DEBUGFS
348static void sta_info_debugfs_add_task(struct work_struct *work) 566static void sta_info_debugfs_add_work(struct work_struct *work)
349{ 567{
350 struct ieee80211_local *local = 568 struct ieee80211_local *local =
351 container_of(work, struct ieee80211_local, sta_debugfs_add); 569 container_of(work, struct ieee80211_local, sta_debugfs_add);
352 struct sta_info *sta, *tmp; 570 struct sta_info *sta, *tmp;
571 unsigned long flags;
353 572
354 while (1) { 573 while (1) {
355 sta = NULL; 574 sta = NULL;
356 read_lock_bh(&local->sta_lock); 575
576 spin_lock_irqsave(&local->sta_lock, flags);
357 list_for_each_entry(tmp, &local->sta_list, list) { 577 list_for_each_entry(tmp, &local->sta_list, list) {
358 if (!tmp->debugfs.dir) { 578 if (!tmp->debugfs.dir) {
359 sta = tmp; 579 sta = tmp;
360 __sta_info_get(sta); 580 __sta_info_pin(sta);
361 break; 581 break;
362 } 582 }
363 } 583 }
364 read_unlock_bh(&local->sta_lock); 584 spin_unlock_irqrestore(&local->sta_lock, flags);
365 585
366 if (!sta) 586 if (!sta)
367 break; 587 break;
368 588
369 ieee80211_sta_debugfs_add(sta); 589 ieee80211_sta_debugfs_add(sta);
370 rate_control_add_sta_debugfs(sta); 590 rate_control_add_sta_debugfs(sta);
371 sta_info_put(sta); 591
592 sta = __sta_info_unpin(sta);
593
594 if (sta) {
595 synchronize_rcu();
596 sta_info_destroy(sta);
597 }
372 } 598 }
373} 599}
374#endif 600#endif
375 601
376void sta_info_init(struct ieee80211_local *local) 602void sta_info_init(struct ieee80211_local *local)
377{ 603{
378 rwlock_init(&local->sta_lock); 604 spin_lock_init(&local->sta_lock);
379 INIT_LIST_HEAD(&local->sta_list); 605 INIT_LIST_HEAD(&local->sta_list);
380 606
381 setup_timer(&local->sta_cleanup, sta_info_cleanup, 607 setup_timer(&local->sta_cleanup, sta_info_cleanup,
@@ -384,7 +610,7 @@ void sta_info_init(struct ieee80211_local *local)
384 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 610 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL);
385 611
386#ifdef CONFIG_MAC80211_DEBUGFS 612#ifdef CONFIG_MAC80211_DEBUGFS
387 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_task); 613 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_work);
388#endif 614#endif
389} 615}
390 616
@@ -400,44 +626,40 @@ void sta_info_stop(struct ieee80211_local *local)
400 sta_info_flush(local, NULL); 626 sta_info_flush(local, NULL);
401} 627}
402 628
403void sta_info_remove_aid_ptr(struct sta_info *sta)
404{
405 struct ieee80211_sub_if_data *sdata;
406
407 if (sta->aid <= 0)
408 return;
409
410 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
411
412 if (sdata->local->ops->set_tim)
413 sdata->local->ops->set_tim(local_to_hw(sdata->local),
414 sta->aid, 0);
415 if (sdata->bss)
416 __bss_tim_clear(sdata->bss, sta->aid);
417}
418
419
420/** 629/**
421 * sta_info_flush - flush matching STA entries from the STA table 630 * sta_info_flush - flush matching STA entries from the STA table
631 *
632 * Returns the number of removed STA entries.
633 *
422 * @local: local interface data 634 * @local: local interface data
423 * @dev: matching rule for the net device (sta->dev) or %NULL to match all STAs 635 * @sdata: matching rule for the net device (sta->dev) or %NULL to match all STAs
424 */ 636 */
425void sta_info_flush(struct ieee80211_local *local, struct net_device *dev) 637int sta_info_flush(struct ieee80211_local *local,
638 struct ieee80211_sub_if_data *sdata)
426{ 639{
427 struct sta_info *sta, *tmp; 640 struct sta_info *sta, *tmp;
428 LIST_HEAD(tmp_list); 641 LIST_HEAD(tmp_list);
642 int ret = 0;
643 unsigned long flags;
429 644
430 write_lock_bh(&local->sta_lock); 645 might_sleep();
431 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
432 if (!dev || dev == sta->dev) {
433 __sta_info_get(sta);
434 sta_info_remove(sta);
435 list_add_tail(&sta->list, &tmp_list);
436 }
437 write_unlock_bh(&local->sta_lock);
438 646
439 list_for_each_entry_safe(sta, tmp, &tmp_list, list) { 647 spin_lock_irqsave(&local->sta_lock, flags);
440 sta_info_free(sta); 648 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
441 sta_info_put(sta); 649 if (!sdata || sdata == sta->sdata) {
650 __sta_info_unlink(&sta);
651 if (sta) {
652 list_add_tail(&sta->list, &tmp_list);
653 ret++;
654 }
655 }
442 } 656 }
657 spin_unlock_irqrestore(&local->sta_lock, flags);
658
659 synchronize_rcu();
660
661 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
662 sta_info_destroy(sta);
663
664 return ret;
443} 665}
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-25 22:00:31 -0500