aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/Kconfig14
-rw-r--r--net/mac80211/Makefile2
-rw-r--r--net/mac80211/aes_ccm.c2
-rw-r--r--net/mac80211/aes_ccm.h2
-rw-r--r--net/mac80211/cfg.c6
-rw-r--r--net/mac80211/debugfs.c43
-rw-r--r--net/mac80211/debugfs_key.c8
-rw-r--r--net/mac80211/debugfs_netdev.c11
-rw-r--r--net/mac80211/debugfs_sta.c56
-rw-r--r--net/mac80211/ieee80211_i.h71
-rw-r--r--net/mac80211/iface.c6
-rw-r--r--net/mac80211/key.c11
-rw-r--r--net/mac80211/key.h17
-rw-r--r--net/mac80211/main.c329
-rw-r--r--net/mac80211/mesh.c38
-rw-r--r--net/mac80211/mesh.h2
-rw-r--r--net/mac80211/mesh_hwmp.c2
-rw-r--r--net/mac80211/mesh_pathtbl.c53
-rw-r--r--net/mac80211/mesh_plink.c88
-rw-r--r--net/mac80211/michael.c106
-rw-r--r--net/mac80211/michael.h8
-rw-r--r--net/mac80211/mlme.c225
-rw-r--r--net/mac80211/rate.c12
-rw-r--r--net/mac80211/rate.h33
-rw-r--r--net/mac80211/rc80211_pid.h4
-rw-r--r--net/mac80211/rc80211_pid_algo.c22
-rw-r--r--net/mac80211/rc80211_pid_debugfs.c8
-rw-r--r--net/mac80211/rx.c291
-rw-r--r--net/mac80211/sta_info.c22
-rw-r--r--net/mac80211/sta_info.h80
-rw-r--r--net/mac80211/tkip.c229
-rw-r--r--net/mac80211/tkip.h8
-rw-r--r--net/mac80211/tx.c863
-rw-r--r--net/mac80211/util.c59
-rw-r--r--net/mac80211/wep.c19
-rw-r--r--net/mac80211/wep.h2
-rw-r--r--net/mac80211/wext.c28
-rw-r--r--net/mac80211/wme.c147
-rw-r--r--net/mac80211/wme.h2
-rw-r--r--net/mac80211/wpa.c135
40 files changed, 1475 insertions, 1589 deletions
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index a24b459dd45a..590e00b2766c 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -7,11 +7,23 @@ config MAC80211
7 select CRC32 7 select CRC32
8 select WIRELESS_EXT 8 select WIRELESS_EXT
9 select CFG80211 9 select CFG80211
10 select NET_SCH_FIFO
11 ---help--- 10 ---help---
12 This option enables the hardware independent IEEE 802.11 11 This option enables the hardware independent IEEE 802.11
13 networking stack. 12 networking stack.
14 13
14config MAC80211_QOS
15 def_bool y
16 depends on MAC80211
17 depends on NET_SCHED
18 depends on NETDEVICES_MULTIQUEUE
19
20comment "QoS/HT support disabled"
21 depends on MAC80211 && !MAC80211_QOS
22comment "QoS/HT support needs CONFIG_NET_SCHED"
23 depends on MAC80211 && !NET_SCHED
24comment "QoS/HT support needs CONFIG_NETDEVICES_MULTIQUEUE"
25 depends on MAC80211 && !NETDEVICES_MULTIQUEUE
26
15menu "Rate control algorithm selection" 27menu "Rate control algorithm selection"
16 depends on MAC80211 != n 28 depends on MAC80211 != n
17 29
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 4e5847fd316c..1d2a4e010e5c 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -29,7 +29,7 @@ mac80211-y := \
29 event.o 29 event.o
30 30
31mac80211-$(CONFIG_MAC80211_LEDS) += led.o 31mac80211-$(CONFIG_MAC80211_LEDS) += led.o
32mac80211-$(CONFIG_NET_SCHED) += wme.o 32mac80211-$(CONFIG_MAC80211_QOS) += wme.o
33mac80211-$(CONFIG_MAC80211_DEBUGFS) += \ 33mac80211-$(CONFIG_MAC80211_DEBUGFS) += \
34 debugfs.o \ 34 debugfs.o \
35 debugfs_sta.o \ 35 debugfs_sta.o \
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c
index 59f1691f62c8..4d4c2dfcf9a0 100644
--- a/net/mac80211/aes_ccm.c
+++ b/net/mac80211/aes_ccm.c
@@ -134,7 +134,7 @@ int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
134} 134}
135 135
136 136
137struct crypto_cipher * ieee80211_aes_key_setup_encrypt(const u8 key[]) 137struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[])
138{ 138{
139 struct crypto_cipher *tfm; 139 struct crypto_cipher *tfm;
140 140
diff --git a/net/mac80211/aes_ccm.h b/net/mac80211/aes_ccm.h
index 885f19030b29..8cd0f14aab4d 100644
--- a/net/mac80211/aes_ccm.h
+++ b/net/mac80211/aes_ccm.h
@@ -14,7 +14,7 @@
14 14
15#define AES_BLOCK_LEN 16 15#define AES_BLOCK_LEN 16
16 16
17struct crypto_cipher * ieee80211_aes_key_setup_encrypt(const u8 key[]); 17struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[]);
18void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch, 18void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
19 u8 *b_0, u8 *aad, u8 *data, size_t data_len, 19 u8 *b_0, u8 *aad, u8 *data, size_t data_len,
20 u8 *cdata, u8 *mic); 20 u8 *cdata, u8 *mic);
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index a9fce4afdf21..81087281b031 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -256,8 +256,8 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
256 case ALG_TKIP: 256 case ALG_TKIP:
257 params.cipher = WLAN_CIPHER_SUITE_TKIP; 257 params.cipher = WLAN_CIPHER_SUITE_TKIP;
258 258
259 iv32 = key->u.tkip.iv32; 259 iv32 = key->u.tkip.tx.iv32;
260 iv16 = key->u.tkip.iv16; 260 iv16 = key->u.tkip.tx.iv16;
261 261
262 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 262 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
263 sdata->local->ops->get_tkip_seq) 263 sdata->local->ops->get_tkip_seq)
@@ -602,6 +602,7 @@ static void sta_apply_parameters(struct ieee80211_local *local,
602 */ 602 */
603 603
604 if (params->station_flags & STATION_FLAG_CHANGED) { 604 if (params->station_flags & STATION_FLAG_CHANGED) {
605 spin_lock_bh(&sta->lock);
605 sta->flags &= ~WLAN_STA_AUTHORIZED; 606 sta->flags &= ~WLAN_STA_AUTHORIZED;
606 if (params->station_flags & STATION_FLAG_AUTHORIZED) 607 if (params->station_flags & STATION_FLAG_AUTHORIZED)
607 sta->flags |= WLAN_STA_AUTHORIZED; 608 sta->flags |= WLAN_STA_AUTHORIZED;
@@ -613,6 +614,7 @@ static void sta_apply_parameters(struct ieee80211_local *local,
613 sta->flags &= ~WLAN_STA_WME; 614 sta->flags &= ~WLAN_STA_WME;
614 if (params->station_flags & STATION_FLAG_WME) 615 if (params->station_flags & STATION_FLAG_WME)
615 sta->flags |= WLAN_STA_WME; 616 sta->flags |= WLAN_STA_WME;
617 spin_unlock_bh(&sta->lock);
616 } 618 }
617 619
618 /* 620 /*
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index 1cccbfd781f6..d20d90eead1f 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -197,45 +197,6 @@ DEBUGFS_STATS_FILE(rx_handlers_fragments, 20, "%u",
197DEBUGFS_STATS_FILE(tx_status_drop, 20, "%u", 197DEBUGFS_STATS_FILE(tx_status_drop, 20, "%u",
198 local->tx_status_drop); 198 local->tx_status_drop);
199 199
200static ssize_t stats_wme_rx_queue_read(struct file *file,
201 char __user *userbuf,
202 size_t count, loff_t *ppos)
203{
204 struct ieee80211_local *local = file->private_data;
205 char buf[NUM_RX_DATA_QUEUES*15], *p = buf;
206 int i;
207
208 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
209 p += scnprintf(p, sizeof(buf)+buf-p,
210 "%u\n", local->wme_rx_queue[i]);
211
212 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
213}
214
215static const struct file_operations stats_wme_rx_queue_ops = {
216 .read = stats_wme_rx_queue_read,
217 .open = mac80211_open_file_generic,
218};
219
220static ssize_t stats_wme_tx_queue_read(struct file *file,
221 char __user *userbuf,
222 size_t count, loff_t *ppos)
223{
224 struct ieee80211_local *local = file->private_data;
225 char buf[NUM_TX_DATA_QUEUES*15], *p = buf;
226 int i;
227
228 for (i = 0; i < NUM_TX_DATA_QUEUES; i++)
229 p += scnprintf(p, sizeof(buf)+buf-p,
230 "%u\n", local->wme_tx_queue[i]);
231
232 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
233}
234
235static const struct file_operations stats_wme_tx_queue_ops = {
236 .read = stats_wme_tx_queue_read,
237 .open = mac80211_open_file_generic,
238};
239#endif 200#endif
240 201
241DEBUGFS_DEVSTATS_FILE(dot11ACKFailureCount); 202DEBUGFS_DEVSTATS_FILE(dot11ACKFailureCount);
@@ -303,8 +264,6 @@ void debugfs_hw_add(struct ieee80211_local *local)
303 DEBUGFS_STATS_ADD(rx_expand_skb_head2); 264 DEBUGFS_STATS_ADD(rx_expand_skb_head2);
304 DEBUGFS_STATS_ADD(rx_handlers_fragments); 265 DEBUGFS_STATS_ADD(rx_handlers_fragments);
305 DEBUGFS_STATS_ADD(tx_status_drop); 266 DEBUGFS_STATS_ADD(tx_status_drop);
306 DEBUGFS_STATS_ADD(wme_tx_queue);
307 DEBUGFS_STATS_ADD(wme_rx_queue);
308#endif 267#endif
309 DEBUGFS_STATS_ADD(dot11ACKFailureCount); 268 DEBUGFS_STATS_ADD(dot11ACKFailureCount);
310 DEBUGFS_STATS_ADD(dot11RTSFailureCount); 269 DEBUGFS_STATS_ADD(dot11RTSFailureCount);
@@ -356,8 +315,6 @@ void debugfs_hw_del(struct ieee80211_local *local)
356 DEBUGFS_STATS_DEL(rx_expand_skb_head2); 315 DEBUGFS_STATS_DEL(rx_expand_skb_head2);
357 DEBUGFS_STATS_DEL(rx_handlers_fragments); 316 DEBUGFS_STATS_DEL(rx_handlers_fragments);
358 DEBUGFS_STATS_DEL(tx_status_drop); 317 DEBUGFS_STATS_DEL(tx_status_drop);
359 DEBUGFS_STATS_DEL(wme_tx_queue);
360 DEBUGFS_STATS_DEL(wme_rx_queue);
361#endif 318#endif
362 DEBUGFS_STATS_DEL(dot11ACKFailureCount); 319 DEBUGFS_STATS_DEL(dot11ACKFailureCount);
363 DEBUGFS_STATS_DEL(dot11RTSFailureCount); 320 DEBUGFS_STATS_DEL(dot11RTSFailureCount);
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
index 19efc3a6a932..7439b63df5d0 100644
--- a/net/mac80211/debugfs_key.c
+++ b/net/mac80211/debugfs_key.c
@@ -97,8 +97,8 @@ static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
97 break; 97 break;
98 case ALG_TKIP: 98 case ALG_TKIP:
99 len = scnprintf(buf, sizeof(buf), "%08x %04x\n", 99 len = scnprintf(buf, sizeof(buf), "%08x %04x\n",
100 key->u.tkip.iv32, 100 key->u.tkip.tx.iv32,
101 key->u.tkip.iv16); 101 key->u.tkip.tx.iv16);
102 break; 102 break;
103 case ALG_CCMP: 103 case ALG_CCMP:
104 tpn = key->u.ccmp.tx_pn; 104 tpn = key->u.ccmp.tx_pn;
@@ -128,8 +128,8 @@ static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
128 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) 128 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
129 p += scnprintf(p, sizeof(buf)+buf-p, 129 p += scnprintf(p, sizeof(buf)+buf-p,
130 "%08x %04x\n", 130 "%08x %04x\n",
131 key->u.tkip.iv32_rx[i], 131 key->u.tkip.rx[i].iv32,
132 key->u.tkip.iv16_rx[i]); 132 key->u.tkip.rx[i].iv16);
133 len = p - buf; 133 len = p - buf;
134 break; 134 break;
135 case ALG_CCMP: 135 case ALG_CCMP:
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index e3326d046944..b2089b2da48a 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -155,7 +155,6 @@ static const struct file_operations name##_ops = { \
155 __IEEE80211_IF_WFILE(name) 155 __IEEE80211_IF_WFILE(name)
156 156
157/* common attributes */ 157/* common attributes */
158IEEE80211_IF_FILE(channel_use, channel_use, DEC);
159IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC); 158IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
160 159
161/* STA/IBSS attributes */ 160/* STA/IBSS attributes */
@@ -248,7 +247,6 @@ IEEE80211_IF_WFILE(min_discovery_timeout,
248 247
249static void add_sta_files(struct ieee80211_sub_if_data *sdata) 248static void add_sta_files(struct ieee80211_sub_if_data *sdata)
250{ 249{
251 DEBUGFS_ADD(channel_use, sta);
252 DEBUGFS_ADD(drop_unencrypted, sta); 250 DEBUGFS_ADD(drop_unencrypted, sta);
253 DEBUGFS_ADD(state, sta); 251 DEBUGFS_ADD(state, sta);
254 DEBUGFS_ADD(bssid, sta); 252 DEBUGFS_ADD(bssid, sta);
@@ -269,7 +267,6 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
269 267
270static void add_ap_files(struct ieee80211_sub_if_data *sdata) 268static void add_ap_files(struct ieee80211_sub_if_data *sdata)
271{ 269{
272 DEBUGFS_ADD(channel_use, ap);
273 DEBUGFS_ADD(drop_unencrypted, ap); 270 DEBUGFS_ADD(drop_unencrypted, ap);
274 DEBUGFS_ADD(num_sta_ps, ap); 271 DEBUGFS_ADD(num_sta_ps, ap);
275 DEBUGFS_ADD(dtim_count, ap); 272 DEBUGFS_ADD(dtim_count, ap);
@@ -281,14 +278,12 @@ static void add_ap_files(struct ieee80211_sub_if_data *sdata)
281 278
282static void add_wds_files(struct ieee80211_sub_if_data *sdata) 279static void add_wds_files(struct ieee80211_sub_if_data *sdata)
283{ 280{
284 DEBUGFS_ADD(channel_use, wds);
285 DEBUGFS_ADD(drop_unencrypted, wds); 281 DEBUGFS_ADD(drop_unencrypted, wds);
286 DEBUGFS_ADD(peer, wds); 282 DEBUGFS_ADD(peer, wds);
287} 283}
288 284
289static void add_vlan_files(struct ieee80211_sub_if_data *sdata) 285static void add_vlan_files(struct ieee80211_sub_if_data *sdata)
290{ 286{
291 DEBUGFS_ADD(channel_use, vlan);
292 DEBUGFS_ADD(drop_unencrypted, vlan); 287 DEBUGFS_ADD(drop_unencrypted, vlan);
293} 288}
294 289
@@ -376,7 +371,6 @@ static void add_files(struct ieee80211_sub_if_data *sdata)
376 371
377static void del_sta_files(struct ieee80211_sub_if_data *sdata) 372static void del_sta_files(struct ieee80211_sub_if_data *sdata)
378{ 373{
379 DEBUGFS_DEL(channel_use, sta);
380 DEBUGFS_DEL(drop_unencrypted, sta); 374 DEBUGFS_DEL(drop_unencrypted, sta);
381 DEBUGFS_DEL(state, sta); 375 DEBUGFS_DEL(state, sta);
382 DEBUGFS_DEL(bssid, sta); 376 DEBUGFS_DEL(bssid, sta);
@@ -397,7 +391,6 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
397 391
398static void del_ap_files(struct ieee80211_sub_if_data *sdata) 392static void del_ap_files(struct ieee80211_sub_if_data *sdata)
399{ 393{
400 DEBUGFS_DEL(channel_use, ap);
401 DEBUGFS_DEL(drop_unencrypted, ap); 394 DEBUGFS_DEL(drop_unencrypted, ap);
402 DEBUGFS_DEL(num_sta_ps, ap); 395 DEBUGFS_DEL(num_sta_ps, ap);
403 DEBUGFS_DEL(dtim_count, ap); 396 DEBUGFS_DEL(dtim_count, ap);
@@ -409,14 +402,12 @@ static void del_ap_files(struct ieee80211_sub_if_data *sdata)
409 402
410static void del_wds_files(struct ieee80211_sub_if_data *sdata) 403static void del_wds_files(struct ieee80211_sub_if_data *sdata)
411{ 404{
412 DEBUGFS_DEL(channel_use, wds);
413 DEBUGFS_DEL(drop_unencrypted, wds); 405 DEBUGFS_DEL(drop_unencrypted, wds);
414 DEBUGFS_DEL(peer, wds); 406 DEBUGFS_DEL(peer, wds);
415} 407}
416 408
417static void del_vlan_files(struct ieee80211_sub_if_data *sdata) 409static void del_vlan_files(struct ieee80211_sub_if_data *sdata)
418{ 410{
419 DEBUGFS_DEL(channel_use, vlan);
420 DEBUGFS_DEL(drop_unencrypted, vlan); 411 DEBUGFS_DEL(drop_unencrypted, vlan);
421} 412}
422 413
@@ -528,7 +519,7 @@ void ieee80211_debugfs_change_if_type(struct ieee80211_sub_if_data *sdata,
528 add_files(sdata); 519 add_files(sdata);
529} 520}
530 521
531static int netdev_notify(struct notifier_block * nb, 522static int netdev_notify(struct notifier_block *nb,
532 unsigned long state, 523 unsigned long state,
533 void *ndev) 524 void *ndev)
534{ 525{
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index 6d47a1d31b37..79a062782d52 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -63,10 +63,9 @@ STA_FILE(tx_fragments, tx_fragments, LU);
63STA_FILE(tx_filtered, tx_filtered_count, LU); 63STA_FILE(tx_filtered, tx_filtered_count, LU);
64STA_FILE(tx_retry_failed, tx_retry_failed, LU); 64STA_FILE(tx_retry_failed, tx_retry_failed, LU);
65STA_FILE(tx_retry_count, tx_retry_count, LU); 65STA_FILE(tx_retry_count, tx_retry_count, LU);
66STA_FILE(last_rssi, last_rssi, D);
67STA_FILE(last_signal, last_signal, D); 66STA_FILE(last_signal, last_signal, D);
67STA_FILE(last_qual, last_qual, D);
68STA_FILE(last_noise, last_noise, D); 68STA_FILE(last_noise, last_noise, D);
69STA_FILE(channel_use, channel_use, D);
70STA_FILE(wep_weak_iv_count, wep_weak_iv_count, LU); 69STA_FILE(wep_weak_iv_count, wep_weak_iv_count, LU);
71 70
72static ssize_t sta_flags_read(struct file *file, char __user *userbuf, 71static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
@@ -74,14 +73,15 @@ static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
74{ 73{
75 char buf[100]; 74 char buf[100];
76 struct sta_info *sta = file->private_data; 75 struct sta_info *sta = file->private_data;
76 u32 staflags = get_sta_flags(sta);
77 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s", 77 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s",
78 sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "", 78 staflags & WLAN_STA_AUTH ? "AUTH\n" : "",
79 sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "", 79 staflags & WLAN_STA_ASSOC ? "ASSOC\n" : "",
80 sta->flags & WLAN_STA_PS ? "PS\n" : "", 80 staflags & WLAN_STA_PS ? "PS\n" : "",
81 sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "", 81 staflags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "",
82 sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "", 82 staflags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "",
83 sta->flags & WLAN_STA_WME ? "WME\n" : "", 83 staflags & WLAN_STA_WME ? "WME\n" : "",
84 sta->flags & WLAN_STA_WDS ? "WDS\n" : ""); 84 staflags & WLAN_STA_WDS ? "WDS\n" : "");
85 return simple_read_from_buffer(userbuf, count, ppos, buf, res); 85 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
86} 86}
87STA_OPS(flags); 87STA_OPS(flags);
@@ -123,36 +123,6 @@ static ssize_t sta_last_seq_ctrl_read(struct file *file, char __user *userbuf,
123} 123}
124STA_OPS(last_seq_ctrl); 124STA_OPS(last_seq_ctrl);
125 125
126#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
127static ssize_t sta_wme_rx_queue_read(struct file *file, char __user *userbuf,
128 size_t count, loff_t *ppos)
129{
130 char buf[15*NUM_RX_DATA_QUEUES], *p = buf;
131 int i;
132 struct sta_info *sta = file->private_data;
133 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
134 p += scnprintf(p, sizeof(buf)+buf-p, "%u ",
135 sta->wme_rx_queue[i]);
136 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
137 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
138}
139STA_OPS(wme_rx_queue);
140
141static ssize_t sta_wme_tx_queue_read(struct file *file, char __user *userbuf,
142 size_t count, loff_t *ppos)
143{
144 char buf[15*NUM_TX_DATA_QUEUES], *p = buf;
145 int i;
146 struct sta_info *sta = file->private_data;
147 for (i = 0; i < NUM_TX_DATA_QUEUES; i++)
148 p += scnprintf(p, sizeof(buf)+buf-p, "%u ",
149 sta->wme_tx_queue[i]);
150 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
151 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
152}
153STA_OPS(wme_tx_queue);
154#endif
155
156static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf, 126static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf,
157 size_t count, loff_t *ppos) 127 size_t count, loff_t *ppos)
158{ 128{
@@ -293,10 +263,6 @@ void ieee80211_sta_debugfs_add(struct sta_info *sta)
293 DEBUGFS_ADD(num_ps_buf_frames); 263 DEBUGFS_ADD(num_ps_buf_frames);
294 DEBUGFS_ADD(inactive_ms); 264 DEBUGFS_ADD(inactive_ms);
295 DEBUGFS_ADD(last_seq_ctrl); 265 DEBUGFS_ADD(last_seq_ctrl);
296#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
297 DEBUGFS_ADD(wme_rx_queue);
298 DEBUGFS_ADD(wme_tx_queue);
299#endif
300 DEBUGFS_ADD(agg_status); 266 DEBUGFS_ADD(agg_status);
301} 267}
302 268
@@ -306,10 +272,6 @@ void ieee80211_sta_debugfs_remove(struct sta_info *sta)
306 DEBUGFS_DEL(num_ps_buf_frames); 272 DEBUGFS_DEL(num_ps_buf_frames);
307 DEBUGFS_DEL(inactive_ms); 273 DEBUGFS_DEL(inactive_ms);
308 DEBUGFS_DEL(last_seq_ctrl); 274 DEBUGFS_DEL(last_seq_ctrl);
309#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
310 DEBUGFS_DEL(wme_rx_queue);
311 DEBUGFS_DEL(wme_tx_queue);
312#endif
313 DEBUGFS_DEL(agg_status); 275 DEBUGFS_DEL(agg_status);
314 276
315 debugfs_remove(sta->debugfs.dir); 277 debugfs_remove(sta->debugfs.dir);
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 006486b26726..884be4d100f1 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -2,6 +2,7 @@
2 * Copyright 2002-2005, Instant802 Networks, Inc. 2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc. 3 * Copyright 2005, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
5 * 6 *
6 * This program is free software; you can redistribute it and/or modify 7 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as 8 * it under the terms of the GNU General Public License version 2 as
@@ -82,7 +83,7 @@ struct ieee80211_sta_bss {
82 u16 capability; /* host byte order */ 83 u16 capability; /* host byte order */
83 enum ieee80211_band band; 84 enum ieee80211_band band;
84 int freq; 85 int freq;
85 int rssi, signal, noise; 86 int signal, noise, qual;
86 u8 *wpa_ie; 87 u8 *wpa_ie;
87 size_t wpa_ie_len; 88 size_t wpa_ie_len;
88 u8 *rsn_ie; 89 u8 *rsn_ie;
@@ -91,6 +92,8 @@ struct ieee80211_sta_bss {
91 size_t wmm_ie_len; 92 size_t wmm_ie_len;
92 u8 *ht_ie; 93 u8 *ht_ie;
93 size_t ht_ie_len; 94 size_t ht_ie_len;
95 u8 *ht_add_ie;
96 size_t ht_add_ie_len;
94#ifdef CONFIG_MAC80211_MESH 97#ifdef CONFIG_MAC80211_MESH
95 u8 *mesh_id; 98 u8 *mesh_id;
96 size_t mesh_id_len; 99 size_t mesh_id_len;
@@ -147,7 +150,6 @@ typedef unsigned __bitwise__ ieee80211_tx_result;
147#define IEEE80211_TX_UNICAST BIT(1) 150#define IEEE80211_TX_UNICAST BIT(1)
148#define IEEE80211_TX_PS_BUFFERED BIT(2) 151#define IEEE80211_TX_PS_BUFFERED BIT(2)
149#define IEEE80211_TX_PROBE_LAST_FRAG BIT(3) 152#define IEEE80211_TX_PROBE_LAST_FRAG BIT(3)
150#define IEEE80211_TX_INJECTED BIT(4)
151 153
152struct ieee80211_tx_data { 154struct ieee80211_tx_data {
153 struct sk_buff *skb; 155 struct sk_buff *skb;
@@ -157,13 +159,12 @@ struct ieee80211_tx_data {
157 struct sta_info *sta; 159 struct sta_info *sta;
158 struct ieee80211_key *key; 160 struct ieee80211_key *key;
159 161
160 struct ieee80211_tx_control *control;
161 struct ieee80211_channel *channel; 162 struct ieee80211_channel *channel;
162 struct ieee80211_rate *rate; 163 s8 rate_idx;
163 /* use this rate (if set) for last fragment; rate can 164 /* use this rate (if set) for last fragment; rate can
164 * be set to lower rate for the first fragments, e.g., 165 * be set to lower rate for the first fragments, e.g.,
165 * when using CTS protection with IEEE 802.11g. */ 166 * when using CTS protection with IEEE 802.11g. */
166 struct ieee80211_rate *last_frag_rate; 167 s8 last_frag_rate_idx;
167 168
168 /* Extra fragments (in addition to the first fragment 169 /* Extra fragments (in addition to the first fragment
169 * in skb) */ 170 * in skb) */
@@ -202,32 +203,16 @@ struct ieee80211_rx_data {
202 unsigned int flags; 203 unsigned int flags;
203 int sent_ps_buffered; 204 int sent_ps_buffered;
204 int queue; 205 int queue;
205 int load;
206 u32 tkip_iv32; 206 u32 tkip_iv32;
207 u16 tkip_iv16; 207 u16 tkip_iv16;
208}; 208};
209 209
210/* flags used in struct ieee80211_tx_packet_data.flags */
211#define IEEE80211_TXPD_REQ_TX_STATUS BIT(0)
212#define IEEE80211_TXPD_DO_NOT_ENCRYPT BIT(1)
213#define IEEE80211_TXPD_REQUEUE BIT(2)
214#define IEEE80211_TXPD_EAPOL_FRAME BIT(3)
215#define IEEE80211_TXPD_AMPDU BIT(4)
216/* Stored in sk_buff->cb */
217struct ieee80211_tx_packet_data {
218 int ifindex;
219 unsigned long jiffies;
220 unsigned int flags;
221 u8 queue;
222};
223
224struct ieee80211_tx_stored_packet { 210struct ieee80211_tx_stored_packet {
225 struct ieee80211_tx_control control;
226 struct sk_buff *skb; 211 struct sk_buff *skb;
227 struct sk_buff **extra_frag; 212 struct sk_buff **extra_frag;
228 struct ieee80211_rate *last_frag_rate; 213 s8 last_frag_rate_idx;
229 int num_extra_frag; 214 int num_extra_frag;
230 unsigned int last_frag_rate_ctrl_probe; 215 bool last_frag_rate_ctrl_probe;
231}; 216};
232 217
233struct beacon_data { 218struct beacon_data {
@@ -464,14 +449,11 @@ struct ieee80211_sub_if_data {
464 struct ieee80211_if_sta sta; 449 struct ieee80211_if_sta sta;
465 u32 mntr_flags; 450 u32 mntr_flags;
466 } u; 451 } u;
467 int channel_use;
468 int channel_use_raw;
469 452
470#ifdef CONFIG_MAC80211_DEBUGFS 453#ifdef CONFIG_MAC80211_DEBUGFS
471 struct dentry *debugfsdir; 454 struct dentry *debugfsdir;
472 union { 455 union {
473 struct { 456 struct {
474 struct dentry *channel_use;
475 struct dentry *drop_unencrypted; 457 struct dentry *drop_unencrypted;
476 struct dentry *state; 458 struct dentry *state;
477 struct dentry *bssid; 459 struct dentry *bssid;
@@ -490,7 +472,6 @@ struct ieee80211_sub_if_data {
490 struct dentry *num_beacons_sta; 472 struct dentry *num_beacons_sta;
491 } sta; 473 } sta;
492 struct { 474 struct {
493 struct dentry *channel_use;
494 struct dentry *drop_unencrypted; 475 struct dentry *drop_unencrypted;
495 struct dentry *num_sta_ps; 476 struct dentry *num_sta_ps;
496 struct dentry *dtim_count; 477 struct dentry *dtim_count;
@@ -500,12 +481,10 @@ struct ieee80211_sub_if_data {
500 struct dentry *num_buffered_multicast; 481 struct dentry *num_buffered_multicast;
501 } ap; 482 } ap;
502 struct { 483 struct {
503 struct dentry *channel_use;
504 struct dentry *drop_unencrypted; 484 struct dentry *drop_unencrypted;
505 struct dentry *peer; 485 struct dentry *peer;
506 } wds; 486 } wds;
507 struct { 487 struct {
508 struct dentry *channel_use;
509 struct dentry *drop_unencrypted; 488 struct dentry *drop_unencrypted;
510 } vlan; 489 } vlan;
511 struct { 490 struct {
@@ -610,8 +589,8 @@ struct ieee80211_local {
610 struct sta_info *sta_hash[STA_HASH_SIZE]; 589 struct sta_info *sta_hash[STA_HASH_SIZE];
611 struct timer_list sta_cleanup; 590 struct timer_list sta_cleanup;
612 591
613 unsigned long state[NUM_TX_DATA_QUEUES_AMPDU]; 592 unsigned long queues_pending[BITS_TO_LONGS(IEEE80211_MAX_QUEUES)];
614 struct ieee80211_tx_stored_packet pending_packet[NUM_TX_DATA_QUEUES_AMPDU]; 593 struct ieee80211_tx_stored_packet pending_packet[IEEE80211_MAX_QUEUES];
615 struct tasklet_struct tx_pending_tasklet; 594 struct tasklet_struct tx_pending_tasklet;
616 595
617 /* number of interfaces with corresponding IFF_ flags */ 596 /* number of interfaces with corresponding IFF_ flags */
@@ -677,9 +656,6 @@ struct ieee80211_local {
677 assoc_led_name[32], radio_led_name[32]; 656 assoc_led_name[32], radio_led_name[32];
678#endif 657#endif
679 658
680 u32 channel_use;
681 u32 channel_use_raw;
682
683#ifdef CONFIG_MAC80211_DEBUGFS 659#ifdef CONFIG_MAC80211_DEBUGFS
684 struct work_struct sta_debugfs_add; 660 struct work_struct sta_debugfs_add;
685#endif 661#endif
@@ -705,8 +681,6 @@ struct ieee80211_local {
705 unsigned int rx_expand_skb_head2; 681 unsigned int rx_expand_skb_head2;
706 unsigned int rx_handlers_fragments; 682 unsigned int rx_handlers_fragments;
707 unsigned int tx_status_drop; 683 unsigned int tx_status_drop;
708 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES];
709 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
710#define I802_DEBUG_INC(c) (c)++ 684#define I802_DEBUG_INC(c) (c)++
711#else /* CONFIG_MAC80211_DEBUG_COUNTERS */ 685#else /* CONFIG_MAC80211_DEBUG_COUNTERS */
712#define I802_DEBUG_INC(c) do { } while (0) 686#define I802_DEBUG_INC(c) do { } while (0)
@@ -764,8 +738,6 @@ struct ieee80211_local {
764 struct dentry *rx_expand_skb_head2; 738 struct dentry *rx_expand_skb_head2;
765 struct dentry *rx_handlers_fragments; 739 struct dentry *rx_handlers_fragments;
766 struct dentry *tx_status_drop; 740 struct dentry *tx_status_drop;
767 struct dentry *wme_tx_queue;
768 struct dentry *wme_rx_queue;
769#endif 741#endif
770 struct dentry *dot11ACKFailureCount; 742 struct dentry *dot11ACKFailureCount;
771 struct dentry *dot11RTSFailureCount; 743 struct dentry *dot11RTSFailureCount;
@@ -778,6 +750,15 @@ struct ieee80211_local {
778#endif 750#endif
779}; 751};
780 752
753static inline int ieee80211_is_multiqueue(struct ieee80211_local *local)
754{
755#ifdef CONFIG_MAC80211_QOS
756 return netif_is_multiqueue(local->mdev);
757#else
758 return 0;
759#endif
760}
761
781/* this struct represents 802.11n's RA/TID combination */ 762/* this struct represents 802.11n's RA/TID combination */
782struct ieee80211_ra_tid { 763struct ieee80211_ra_tid {
783 u8 ra[ETH_ALEN]; 764 u8 ra[ETH_ALEN];
@@ -847,11 +828,6 @@ static inline struct ieee80211_hw *local_to_hw(
847 return &local->hw; 828 return &local->hw;
848} 829}
849 830
850enum ieee80211_link_state_t {
851 IEEE80211_LINK_STATE_XOFF = 0,
852 IEEE80211_LINK_STATE_PENDING,
853};
854
855struct sta_attribute { 831struct sta_attribute {
856 struct attribute attr; 832 struct attribute attr;
857 ssize_t (*show)(const struct sta_info *, char *buf); 833 ssize_t (*show)(const struct sta_info *, char *buf);
@@ -878,7 +854,6 @@ u32 ieee80211_handle_ht(struct ieee80211_local *local, int enable_ht,
878/* ieee80211_ioctl.c */ 854/* ieee80211_ioctl.c */
879extern const struct iw_handler_def ieee80211_iw_handler_def; 855extern const struct iw_handler_def ieee80211_iw_handler_def;
880 856
881
882/* Least common multiple of the used rates (in 100 kbps). This is used to 857/* Least common multiple of the used rates (in 100 kbps). This is used to
883 * calculate rate_inv values for each rate so that only integers are needed. */ 858 * calculate rate_inv values for each rate so that only integers are needed. */
884#define CHAN_UTIL_RATE_LCM 95040 859#define CHAN_UTIL_RATE_LCM 95040
@@ -900,6 +875,7 @@ extern const struct iw_handler_def ieee80211_iw_handler_def;
900 875
901/* ieee80211_ioctl.c */ 876/* ieee80211_ioctl.c */
902int ieee80211_set_freq(struct net_device *dev, int freq); 877int ieee80211_set_freq(struct net_device *dev, int freq);
878
903/* ieee80211_sta.c */ 879/* ieee80211_sta.c */
904void ieee80211_sta_timer(unsigned long data); 880void ieee80211_sta_timer(unsigned long data);
905void ieee80211_sta_work(struct work_struct *work); 881void ieee80211_sta_work(struct work_struct *work);
@@ -919,9 +895,9 @@ ieee80211_rx_result ieee80211_sta_rx_scan(
919void ieee80211_rx_bss_list_init(struct net_device *dev); 895void ieee80211_rx_bss_list_init(struct net_device *dev);
920void ieee80211_rx_bss_list_deinit(struct net_device *dev); 896void ieee80211_rx_bss_list_deinit(struct net_device *dev);
921int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len); 897int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len);
922struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev, 898struct sta_info *ieee80211_ibss_add_sta(struct net_device *dev,
923 struct sk_buff *skb, u8 *bssid, 899 struct sk_buff *skb, u8 *bssid,
924 u8 *addr); 900 u8 *addr);
925int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason); 901int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason);
926int ieee80211_sta_disassociate(struct net_device *dev, u16 reason); 902int ieee80211_sta_disassociate(struct net_device *dev, u16 reason);
927void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata, 903void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
@@ -940,7 +916,6 @@ void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
940 916
941void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *da, 917void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *da,
942 u16 tid, u16 initiator, u16 reason); 918 u16 tid, u16 initiator, u16 reason);
943void sta_rx_agg_session_timer_expired(unsigned long data);
944void sta_addba_resp_timer_expired(unsigned long data); 919void sta_addba_resp_timer_expired(unsigned long data);
945void ieee80211_sta_tear_down_BA_sessions(struct net_device *dev, u8 *addr); 920void ieee80211_sta_tear_down_BA_sessions(struct net_device *dev, u8 *addr);
946u64 ieee80211_sta_get_rates(struct ieee80211_local *local, 921u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 06e88a5a036d..984472702381 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -33,9 +33,8 @@ static void ieee80211_if_sdata_deinit(struct ieee80211_sub_if_data *sdata)
33{ 33{
34 int i; 34 int i;
35 35
36 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) { 36 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++)
37 __skb_queue_purge(&sdata->fragments[i].skb_list); 37 __skb_queue_purge(&sdata->fragments[i].skb_list);
38 }
39} 38}
40 39
41/* Must be called with rtnl lock held. */ 40/* Must be called with rtnl lock held. */
@@ -167,9 +166,10 @@ void ieee80211_if_set_type(struct net_device *dev, int type)
167 ifsta->auth_algs = IEEE80211_AUTH_ALG_OPEN | 166 ifsta->auth_algs = IEEE80211_AUTH_ALG_OPEN |
168 IEEE80211_AUTH_ALG_SHARED_KEY; 167 IEEE80211_AUTH_ALG_SHARED_KEY;
169 ifsta->flags |= IEEE80211_STA_CREATE_IBSS | 168 ifsta->flags |= IEEE80211_STA_CREATE_IBSS |
170 IEEE80211_STA_WMM_ENABLED |
171 IEEE80211_STA_AUTO_BSSID_SEL | 169 IEEE80211_STA_AUTO_BSSID_SEL |
172 IEEE80211_STA_AUTO_CHANNEL_SEL; 170 IEEE80211_STA_AUTO_CHANNEL_SEL;
171 if (ieee80211_num_regular_queues(&sdata->local->hw) >= 4)
172 ifsta->flags |= IEEE80211_STA_WMM_ENABLED;
173 173
174 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev); 174 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev);
175 sdata->bss = &msdata->u.ap; 175 sdata->bss = &msdata->u.ap;
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 150d66dbda9d..d4893bd17754 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -321,8 +321,15 @@ void ieee80211_key_link(struct ieee80211_key *key,
321 * some hardware cannot handle TKIP with QoS, so 321 * some hardware cannot handle TKIP with QoS, so
322 * we indicate whether QoS could be in use. 322 * we indicate whether QoS could be in use.
323 */ 323 */
324 if (sta->flags & WLAN_STA_WME) 324 if (test_sta_flags(sta, WLAN_STA_WME))
325 key->conf.flags |= IEEE80211_KEY_FLAG_WMM_STA; 325 key->conf.flags |= IEEE80211_KEY_FLAG_WMM_STA;
326
327 /*
328 * This key is for a specific sta interface,
329 * inform the driver that it should try to store
330 * this key as pairwise key.
331 */
332 key->conf.flags |= IEEE80211_KEY_FLAG_PAIRWISE;
326 } else { 333 } else {
327 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) { 334 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
328 struct sta_info *ap; 335 struct sta_info *ap;
@@ -335,7 +342,7 @@ void ieee80211_key_link(struct ieee80211_key *key,
335 /* same here, the AP could be using QoS */ 342 /* same here, the AP could be using QoS */
336 ap = sta_info_get(key->local, key->sdata->u.sta.bssid); 343 ap = sta_info_get(key->local, key->sdata->u.sta.bssid);
337 if (ap) { 344 if (ap) {
338 if (ap->flags & WLAN_STA_WME) 345 if (test_sta_flags(ap, WLAN_STA_WME))
339 key->conf.flags |= 346 key->conf.flags |=
340 IEEE80211_KEY_FLAG_WMM_STA; 347 IEEE80211_KEY_FLAG_WMM_STA;
341 } 348 }
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index f52c3df1fe9a..a0f774aafa45 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -69,6 +69,13 @@ enum ieee80211_internal_key_flags {
69 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5), 69 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5),
70}; 70};
71 71
72struct tkip_ctx {
73 u32 iv32;
74 u16 iv16;
75 u16 p1k[5];
76 int initialized;
77};
78
72struct ieee80211_key { 79struct ieee80211_key {
73 struct ieee80211_local *local; 80 struct ieee80211_local *local;
74 struct ieee80211_sub_if_data *sdata; 81 struct ieee80211_sub_if_data *sdata;
@@ -85,16 +92,10 @@ struct ieee80211_key {
85 union { 92 union {
86 struct { 93 struct {
87 /* last used TSC */ 94 /* last used TSC */
88 u32 iv32; 95 struct tkip_ctx tx;
89 u16 iv16;
90 u16 p1k[5];
91 int tx_initialized;
92 96
93 /* last received RSC */ 97 /* last received RSC */
94 u32 iv32_rx[NUM_RX_DATA_QUEUES]; 98 struct tkip_ctx rx[NUM_RX_DATA_QUEUES];
95 u16 iv16_rx[NUM_RX_DATA_QUEUES];
96 u16 p1k_rx[NUM_RX_DATA_QUEUES][5];
97 int rx_initialized[NUM_RX_DATA_QUEUES];
98 } tkip; 99 } tkip;
99 struct { 100 struct {
100 u8 tx_pn[6]; 101 u8 tx_pn[6];
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 98c0b5e56ecc..b182f018a187 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -35,8 +35,6 @@
35#include "debugfs.h" 35#include "debugfs.h"
36#include "debugfs_netdev.h" 36#include "debugfs_netdev.h"
37 37
38#define SUPP_MCS_SET_LEN 16
39
40/* 38/*
41 * For seeing transmitted packets on monitor interfaces 39 * For seeing transmitted packets on monitor interfaces
42 * we have a radiotap header too. 40 * we have a radiotap header too.
@@ -112,7 +110,13 @@ static int ieee80211_master_open(struct net_device *dev)
112 break; 110 break;
113 } 111 }
114 } 112 }
115 return res; 113
114 if (res)
115 return res;
116
117 netif_start_queue(local->mdev);
118
119 return 0;
116} 120}
117 121
118static int ieee80211_master_stop(struct net_device *dev) 122static int ieee80211_master_stop(struct net_device *dev)
@@ -346,6 +350,7 @@ static int ieee80211_open(struct net_device *dev)
346 goto err_del_interface; 350 goto err_del_interface;
347 } 351 }
348 352
353 /* no locking required since STA is not live yet */
349 sta->flags |= WLAN_STA_AUTHORIZED; 354 sta->flags |= WLAN_STA_AUTHORIZED;
350 355
351 res = sta_info_insert(sta); 356 res = sta_info_insert(sta);
@@ -385,8 +390,8 @@ static int ieee80211_open(struct net_device *dev)
385 * yet be effective. Trigger execution of ieee80211_sta_work 390 * yet be effective. Trigger execution of ieee80211_sta_work
386 * to fix this. 391 * to fix this.
387 */ 392 */
388 if(sdata->vif.type == IEEE80211_IF_TYPE_STA || 393 if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
389 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) { 394 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
390 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 395 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
391 queue_work(local->hw.workqueue, &ifsta->work); 396 queue_work(local->hw.workqueue, &ifsta->work);
392 } 397 }
@@ -585,16 +590,16 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
585 sta = sta_info_get(local, ra); 590 sta = sta_info_get(local, ra);
586 if (!sta) { 591 if (!sta) {
587 printk(KERN_DEBUG "Could not find the station\n"); 592 printk(KERN_DEBUG "Could not find the station\n");
588 rcu_read_unlock(); 593 ret = -ENOENT;
589 return -ENOENT; 594 goto exit;
590 } 595 }
591 596
592 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 597 spin_lock_bh(&sta->lock);
593 598
594 /* we have tried too many times, receiver does not want A-MPDU */ 599 /* we have tried too many times, receiver does not want A-MPDU */
595 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) { 600 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
596 ret = -EBUSY; 601 ret = -EBUSY;
597 goto start_ba_exit; 602 goto err_unlock_sta;
598 } 603 }
599 604
600 state = &sta->ampdu_mlme.tid_state_tx[tid]; 605 state = &sta->ampdu_mlme.tid_state_tx[tid];
@@ -605,7 +610,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
605 "idle on tid %u\n", tid); 610 "idle on tid %u\n", tid);
606#endif /* CONFIG_MAC80211_HT_DEBUG */ 611#endif /* CONFIG_MAC80211_HT_DEBUG */
607 ret = -EAGAIN; 612 ret = -EAGAIN;
608 goto start_ba_exit; 613 goto err_unlock_sta;
609 } 614 }
610 615
611 /* prepare A-MPDU MLME for Tx aggregation */ 616 /* prepare A-MPDU MLME for Tx aggregation */
@@ -616,7 +621,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
616 printk(KERN_ERR "allocate tx mlme to tid %d failed\n", 621 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
617 tid); 622 tid);
618 ret = -ENOMEM; 623 ret = -ENOMEM;
619 goto start_ba_exit; 624 goto err_unlock_sta;
620 } 625 }
621 /* Tx timer */ 626 /* Tx timer */
622 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function = 627 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
@@ -639,7 +644,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
639 printk(KERN_DEBUG "BA request denied - queue unavailable for" 644 printk(KERN_DEBUG "BA request denied - queue unavailable for"
640 " tid %d\n", tid); 645 " tid %d\n", tid);
641#endif /* CONFIG_MAC80211_HT_DEBUG */ 646#endif /* CONFIG_MAC80211_HT_DEBUG */
642 goto start_ba_err; 647 goto err_unlock_queue;
643 } 648 }
644 sdata = sta->sdata; 649 sdata = sta->sdata;
645 650
@@ -661,12 +666,13 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
661 " tid %d\n", tid); 666 " tid %d\n", tid);
662#endif /* CONFIG_MAC80211_HT_DEBUG */ 667#endif /* CONFIG_MAC80211_HT_DEBUG */
663 *state = HT_AGG_STATE_IDLE; 668 *state = HT_AGG_STATE_IDLE;
664 goto start_ba_err; 669 goto err_unlock_queue;
665 } 670 }
666 671
667 /* Will put all the packets in the new SW queue */ 672 /* Will put all the packets in the new SW queue */
668 ieee80211_requeue(local, ieee802_1d_to_ac[tid]); 673 ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
669 spin_unlock_bh(&local->mdev->queue_lock); 674 spin_unlock_bh(&local->mdev->queue_lock);
675 spin_unlock_bh(&sta->lock);
670 676
671 /* send an addBA request */ 677 /* send an addBA request */
672 sta->ampdu_mlme.dialog_token_allocator++; 678 sta->ampdu_mlme.dialog_token_allocator++;
@@ -674,25 +680,26 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
674 sta->ampdu_mlme.dialog_token_allocator; 680 sta->ampdu_mlme.dialog_token_allocator;
675 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num; 681 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
676 682
683
677 ieee80211_send_addba_request(sta->sdata->dev, ra, tid, 684 ieee80211_send_addba_request(sta->sdata->dev, ra, tid,
678 sta->ampdu_mlme.tid_tx[tid]->dialog_token, 685 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
679 sta->ampdu_mlme.tid_tx[tid]->ssn, 686 sta->ampdu_mlme.tid_tx[tid]->ssn,
680 0x40, 5000); 687 0x40, 5000);
681
682 /* activate the timer for the recipient's addBA response */ 688 /* activate the timer for the recipient's addBA response */
683 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires = 689 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
684 jiffies + ADDBA_RESP_INTERVAL; 690 jiffies + ADDBA_RESP_INTERVAL;
685 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer); 691 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
686 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid); 692 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
687 goto start_ba_exit; 693 goto exit;
688 694
689start_ba_err: 695err_unlock_queue:
690 kfree(sta->ampdu_mlme.tid_tx[tid]); 696 kfree(sta->ampdu_mlme.tid_tx[tid]);
691 sta->ampdu_mlme.tid_tx[tid] = NULL; 697 sta->ampdu_mlme.tid_tx[tid] = NULL;
692 spin_unlock_bh(&local->mdev->queue_lock); 698 spin_unlock_bh(&local->mdev->queue_lock);
693 ret = -EBUSY; 699 ret = -EBUSY;
694start_ba_exit: 700err_unlock_sta:
695 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 701 spin_unlock_bh(&sta->lock);
702exit:
696 rcu_read_unlock(); 703 rcu_read_unlock();
697 return ret; 704 return ret;
698} 705}
@@ -720,7 +727,7 @@ int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
720 727
721 /* check if the TID is in aggregation */ 728 /* check if the TID is in aggregation */
722 state = &sta->ampdu_mlme.tid_state_tx[tid]; 729 state = &sta->ampdu_mlme.tid_state_tx[tid];
723 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 730 spin_lock_bh(&sta->lock);
724 731
725 if (*state != HT_AGG_STATE_OPERATIONAL) { 732 if (*state != HT_AGG_STATE_OPERATIONAL) {
726 ret = -ENOENT; 733 ret = -ENOENT;
@@ -750,7 +757,7 @@ int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
750 } 757 }
751 758
752stop_BA_exit: 759stop_BA_exit:
753 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 760 spin_unlock_bh(&sta->lock);
754 rcu_read_unlock(); 761 rcu_read_unlock();
755 return ret; 762 return ret;
756} 763}
@@ -779,12 +786,12 @@ void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
779 } 786 }
780 787
781 state = &sta->ampdu_mlme.tid_state_tx[tid]; 788 state = &sta->ampdu_mlme.tid_state_tx[tid];
782 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 789 spin_lock_bh(&sta->lock);
783 790
784 if (!(*state & HT_ADDBA_REQUESTED_MSK)) { 791 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
785 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n", 792 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
786 *state); 793 *state);
787 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 794 spin_unlock_bh(&sta->lock);
788 rcu_read_unlock(); 795 rcu_read_unlock();
789 return; 796 return;
790 } 797 }
@@ -797,7 +804,7 @@ void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
797 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid); 804 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
798 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]); 805 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
799 } 806 }
800 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 807 spin_unlock_bh(&sta->lock);
801 rcu_read_unlock(); 808 rcu_read_unlock();
802} 809}
803EXPORT_SYMBOL(ieee80211_start_tx_ba_cb); 810EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
@@ -831,10 +838,11 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
831 } 838 }
832 state = &sta->ampdu_mlme.tid_state_tx[tid]; 839 state = &sta->ampdu_mlme.tid_state_tx[tid];
833 840
834 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 841 /* NOTE: no need to use sta->lock in this state check, as
842 * ieee80211_stop_tx_ba_session will let only
843 * one stop call to pass through per sta/tid */
835 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) { 844 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
836 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n"); 845 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
837 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
838 rcu_read_unlock(); 846 rcu_read_unlock();
839 return; 847 return;
840 } 848 }
@@ -857,11 +865,12 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
857 * ieee80211_wake_queue is not used here as this queue is not 865 * ieee80211_wake_queue is not used here as this queue is not
858 * necessarily stopped */ 866 * necessarily stopped */
859 netif_schedule(local->mdev); 867 netif_schedule(local->mdev);
868 spin_lock_bh(&sta->lock);
860 *state = HT_AGG_STATE_IDLE; 869 *state = HT_AGG_STATE_IDLE;
861 sta->ampdu_mlme.addba_req_num[tid] = 0; 870 sta->ampdu_mlme.addba_req_num[tid] = 0;
862 kfree(sta->ampdu_mlme.tid_tx[tid]); 871 kfree(sta->ampdu_mlme.tid_tx[tid]);
863 sta->ampdu_mlme.tid_tx[tid] = NULL; 872 sta->ampdu_mlme.tid_tx[tid] = NULL;
864 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 873 spin_unlock_bh(&sta->lock);
865 874
866 rcu_read_unlock(); 875 rcu_read_unlock();
867} 876}
@@ -967,8 +976,7 @@ void ieee80211_if_setup(struct net_device *dev)
967/* everything else */ 976/* everything else */
968 977
969static int __ieee80211_if_config(struct net_device *dev, 978static int __ieee80211_if_config(struct net_device *dev,
970 struct sk_buff *beacon, 979 struct sk_buff *beacon)
971 struct ieee80211_tx_control *control)
972{ 980{
973 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 981 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
974 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 982 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
@@ -986,13 +994,11 @@ static int __ieee80211_if_config(struct net_device *dev,
986 conf.ssid_len = sdata->u.sta.ssid_len; 994 conf.ssid_len = sdata->u.sta.ssid_len;
987 } else if (ieee80211_vif_is_mesh(&sdata->vif)) { 995 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
988 conf.beacon = beacon; 996 conf.beacon = beacon;
989 conf.beacon_control = control;
990 ieee80211_start_mesh(dev); 997 ieee80211_start_mesh(dev);
991 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) { 998 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
992 conf.ssid = sdata->u.ap.ssid; 999 conf.ssid = sdata->u.ap.ssid;
993 conf.ssid_len = sdata->u.ap.ssid_len; 1000 conf.ssid_len = sdata->u.ap.ssid_len;
994 conf.beacon = beacon; 1001 conf.beacon = beacon;
995 conf.beacon_control = control;
996 } 1002 }
997 return local->ops->config_interface(local_to_hw(local), 1003 return local->ops->config_interface(local_to_hw(local),
998 &sdata->vif, &conf); 1004 &sdata->vif, &conf);
@@ -1005,23 +1011,21 @@ int ieee80211_if_config(struct net_device *dev)
1005 if (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT && 1011 if (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT &&
1006 (local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE)) 1012 (local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
1007 return ieee80211_if_config_beacon(dev); 1013 return ieee80211_if_config_beacon(dev);
1008 return __ieee80211_if_config(dev, NULL, NULL); 1014 return __ieee80211_if_config(dev, NULL);
1009} 1015}
1010 1016
1011int ieee80211_if_config_beacon(struct net_device *dev) 1017int ieee80211_if_config_beacon(struct net_device *dev)
1012{ 1018{
1013 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1019 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1014 struct ieee80211_tx_control control;
1015 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1020 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1016 struct sk_buff *skb; 1021 struct sk_buff *skb;
1017 1022
1018 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE)) 1023 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
1019 return 0; 1024 return 0;
1020 skb = ieee80211_beacon_get(local_to_hw(local), &sdata->vif, 1025 skb = ieee80211_beacon_get(local_to_hw(local), &sdata->vif);
1021 &control);
1022 if (!skb) 1026 if (!skb)
1023 return -ENOMEM; 1027 return -ENOMEM;
1024 return __ieee80211_if_config(dev, skb, &control); 1028 return __ieee80211_if_config(dev, skb);
1025} 1029}
1026 1030
1027int ieee80211_hw_config(struct ieee80211_local *local) 1031int ieee80211_hw_config(struct ieee80211_local *local)
@@ -1068,56 +1072,84 @@ u32 ieee80211_handle_ht(struct ieee80211_local *local, int enable_ht,
1068 struct ieee80211_supported_band *sband; 1072 struct ieee80211_supported_band *sband;
1069 struct ieee80211_ht_info ht_conf; 1073 struct ieee80211_ht_info ht_conf;
1070 struct ieee80211_ht_bss_info ht_bss_conf; 1074 struct ieee80211_ht_bss_info ht_bss_conf;
1071 int i;
1072 u32 changed = 0; 1075 u32 changed = 0;
1076 int i;
1077 u8 max_tx_streams = IEEE80211_HT_CAP_MAX_STREAMS;
1078 u8 tx_mcs_set_cap;
1073 1079
1074 sband = local->hw.wiphy->bands[conf->channel->band]; 1080 sband = local->hw.wiphy->bands[conf->channel->band];
1075 1081
1082 memset(&ht_conf, 0, sizeof(struct ieee80211_ht_info));
1083 memset(&ht_bss_conf, 0, sizeof(struct ieee80211_ht_bss_info));
1084
1076 /* HT is not supported */ 1085 /* HT is not supported */
1077 if (!sband->ht_info.ht_supported) { 1086 if (!sband->ht_info.ht_supported) {
1078 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE; 1087 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE;
1079 return 0; 1088 goto out;
1080 } 1089 }
1081 1090
1082 memset(&ht_conf, 0, sizeof(struct ieee80211_ht_info)); 1091 /* disable HT */
1083 memset(&ht_bss_conf, 0, sizeof(struct ieee80211_ht_bss_info)); 1092 if (!enable_ht) {
1084 1093 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE)
1085 if (enable_ht) {
1086 if (!(conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE))
1087 changed |= BSS_CHANGED_HT; 1094 changed |= BSS_CHANGED_HT;
1095 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE;
1096 conf->ht_conf.ht_supported = 0;
1097 goto out;
1098 }
1088 1099
1089 conf->flags |= IEEE80211_CONF_SUPPORT_HT_MODE;
1090 ht_conf.ht_supported = 1;
1091 1100
1092 ht_conf.cap = req_ht_cap->cap & sband->ht_info.cap; 1101 if (!(conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE))
1093 ht_conf.cap &= ~(IEEE80211_HT_CAP_MIMO_PS); 1102 changed |= BSS_CHANGED_HT;
1094 ht_conf.cap |= sband->ht_info.cap & IEEE80211_HT_CAP_MIMO_PS;
1095 1103
1096 for (i = 0; i < SUPP_MCS_SET_LEN; i++) 1104 conf->flags |= IEEE80211_CONF_SUPPORT_HT_MODE;
1097 ht_conf.supp_mcs_set[i] = 1105 ht_conf.ht_supported = 1;
1098 sband->ht_info.supp_mcs_set[i] &
1099 req_ht_cap->supp_mcs_set[i];
1100 1106
1101 ht_bss_conf.primary_channel = req_bss_cap->primary_channel; 1107 ht_conf.cap = req_ht_cap->cap & sband->ht_info.cap;
1102 ht_bss_conf.bss_cap = req_bss_cap->bss_cap; 1108 ht_conf.cap &= ~(IEEE80211_HT_CAP_MIMO_PS);
1103 ht_bss_conf.bss_op_mode = req_bss_cap->bss_op_mode; 1109 ht_conf.cap |= sband->ht_info.cap & IEEE80211_HT_CAP_MIMO_PS;
1110 ht_bss_conf.primary_channel = req_bss_cap->primary_channel;
1111 ht_bss_conf.bss_cap = req_bss_cap->bss_cap;
1112 ht_bss_conf.bss_op_mode = req_bss_cap->bss_op_mode;
1104 1113
1105 ht_conf.ampdu_factor = req_ht_cap->ampdu_factor; 1114 ht_conf.ampdu_factor = req_ht_cap->ampdu_factor;
1106 ht_conf.ampdu_density = req_ht_cap->ampdu_density; 1115 ht_conf.ampdu_density = req_ht_cap->ampdu_density;
1107 1116
1108 /* if bss configuration changed store the new one */ 1117 /* Bits 96-100 */
1109 if (memcmp(&conf->ht_conf, &ht_conf, sizeof(ht_conf)) || 1118 tx_mcs_set_cap = sband->ht_info.supp_mcs_set[12];
1110 memcmp(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf))) { 1119
1111 changed |= BSS_CHANGED_HT; 1120 /* configure suppoerted Tx MCS according to requested MCS
1112 memcpy(&conf->ht_conf, &ht_conf, sizeof(ht_conf)); 1121 * (based in most cases on Rx capabilities of peer) and self
1113 memcpy(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf)); 1122 * Tx MCS capabilities (as defined by low level driver HW
1114 } 1123 * Tx capabilities) */
1115 } else { 1124 if (!(tx_mcs_set_cap & IEEE80211_HT_CAP_MCS_TX_DEFINED))
1116 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) 1125 goto check_changed;
1117 changed |= BSS_CHANGED_HT;
1118 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE;
1119 }
1120 1126
1127 /* Counting from 0 therfore + 1 */
1128 if (tx_mcs_set_cap & IEEE80211_HT_CAP_MCS_TX_RX_DIFF)
1129 max_tx_streams = ((tx_mcs_set_cap &
1130 IEEE80211_HT_CAP_MCS_TX_STREAMS) >> 2) + 1;
1131
1132 for (i = 0; i < max_tx_streams; i++)
1133 ht_conf.supp_mcs_set[i] =
1134 sband->ht_info.supp_mcs_set[i] &
1135 req_ht_cap->supp_mcs_set[i];
1136
1137 if (tx_mcs_set_cap & IEEE80211_HT_CAP_MCS_TX_UEQM)
1138 for (i = IEEE80211_SUPP_MCS_SET_UEQM;
1139 i < IEEE80211_SUPP_MCS_SET_LEN; i++)
1140 ht_conf.supp_mcs_set[i] =
1141 sband->ht_info.supp_mcs_set[i] &
1142 req_ht_cap->supp_mcs_set[i];
1143
1144check_changed:
1145 /* if bss configuration changed store the new one */
1146 if (memcmp(&conf->ht_conf, &ht_conf, sizeof(ht_conf)) ||
1147 memcmp(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf))) {
1148 changed |= BSS_CHANGED_HT;
1149 memcpy(&conf->ht_conf, &ht_conf, sizeof(ht_conf));
1150 memcpy(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf));
1151 }
1152out:
1121 return changed; 1153 return changed;
1122} 1154}
1123 1155
@@ -1148,38 +1180,20 @@ void ieee80211_reset_erp_info(struct net_device *dev)
1148} 1180}
1149 1181
1150void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw, 1182void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
1151 struct sk_buff *skb, 1183 struct sk_buff *skb)
1152 struct ieee80211_tx_status *status)
1153{ 1184{
1154 struct ieee80211_local *local = hw_to_local(hw); 1185 struct ieee80211_local *local = hw_to_local(hw);
1155 struct ieee80211_tx_status *saved; 1186 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1156 int tmp; 1187 int tmp;
1157 1188
1158 skb->dev = local->mdev; 1189 skb->dev = local->mdev;
1159 saved = kmalloc(sizeof(struct ieee80211_tx_status), GFP_ATOMIC);
1160 if (unlikely(!saved)) {
1161 if (net_ratelimit())
1162 printk(KERN_WARNING "%s: Not enough memory, "
1163 "dropping tx status", skb->dev->name);
1164 /* should be dev_kfree_skb_irq, but due to this function being
1165 * named _irqsafe instead of just _irq we can't be sure that
1166 * people won't call it from non-irq contexts */
1167 dev_kfree_skb_any(skb);
1168 return;
1169 }
1170 memcpy(saved, status, sizeof(struct ieee80211_tx_status));
1171 /* copy pointer to saved status into skb->cb for use by tasklet */
1172 memcpy(skb->cb, &saved, sizeof(saved));
1173
1174 skb->pkt_type = IEEE80211_TX_STATUS_MSG; 1190 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
1175 skb_queue_tail(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS ? 1191 skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ?
1176 &local->skb_queue : &local->skb_queue_unreliable, skb); 1192 &local->skb_queue : &local->skb_queue_unreliable, skb);
1177 tmp = skb_queue_len(&local->skb_queue) + 1193 tmp = skb_queue_len(&local->skb_queue) +
1178 skb_queue_len(&local->skb_queue_unreliable); 1194 skb_queue_len(&local->skb_queue_unreliable);
1179 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT && 1195 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
1180 (skb = skb_dequeue(&local->skb_queue_unreliable))) { 1196 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
1181 memcpy(&saved, skb->cb, sizeof(saved));
1182 kfree(saved);
1183 dev_kfree_skb_irq(skb); 1197 dev_kfree_skb_irq(skb);
1184 tmp--; 1198 tmp--;
1185 I802_DEBUG_INC(local->tx_status_drop); 1199 I802_DEBUG_INC(local->tx_status_drop);
@@ -1193,7 +1207,6 @@ static void ieee80211_tasklet_handler(unsigned long data)
1193 struct ieee80211_local *local = (struct ieee80211_local *) data; 1207 struct ieee80211_local *local = (struct ieee80211_local *) data;
1194 struct sk_buff *skb; 1208 struct sk_buff *skb;
1195 struct ieee80211_rx_status rx_status; 1209 struct ieee80211_rx_status rx_status;
1196 struct ieee80211_tx_status *tx_status;
1197 struct ieee80211_ra_tid *ra_tid; 1210 struct ieee80211_ra_tid *ra_tid;
1198 1211
1199 while ((skb = skb_dequeue(&local->skb_queue)) || 1212 while ((skb = skb_dequeue(&local->skb_queue)) ||
@@ -1208,12 +1221,8 @@ static void ieee80211_tasklet_handler(unsigned long data)
1208 __ieee80211_rx(local_to_hw(local), skb, &rx_status); 1221 __ieee80211_rx(local_to_hw(local), skb, &rx_status);
1209 break; 1222 break;
1210 case IEEE80211_TX_STATUS_MSG: 1223 case IEEE80211_TX_STATUS_MSG:
1211 /* get pointer to saved status out of skb->cb */
1212 memcpy(&tx_status, skb->cb, sizeof(tx_status));
1213 skb->pkt_type = 0; 1224 skb->pkt_type = 0;
1214 ieee80211_tx_status(local_to_hw(local), 1225 ieee80211_tx_status(local_to_hw(local), skb);
1215 skb, tx_status);
1216 kfree(tx_status);
1217 break; 1226 break;
1218 case IEEE80211_DELBA_MSG: 1227 case IEEE80211_DELBA_MSG:
1219 ra_tid = (struct ieee80211_ra_tid *) &skb->cb; 1228 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
@@ -1242,24 +1251,15 @@ static void ieee80211_tasklet_handler(unsigned long data)
1242 * Also, tx_packet_data in cb is restored from tx_control. */ 1251 * Also, tx_packet_data in cb is restored from tx_control. */
1243static void ieee80211_remove_tx_extra(struct ieee80211_local *local, 1252static void ieee80211_remove_tx_extra(struct ieee80211_local *local,
1244 struct ieee80211_key *key, 1253 struct ieee80211_key *key,
1245 struct sk_buff *skb, 1254 struct sk_buff *skb)
1246 struct ieee80211_tx_control *control)
1247{ 1255{
1248 int hdrlen, iv_len, mic_len; 1256 int hdrlen, iv_len, mic_len;
1249 struct ieee80211_tx_packet_data *pkt_data; 1257 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1250 1258
1251 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; 1259 info->flags &= IEEE80211_TX_CTL_REQ_TX_STATUS |
1252 pkt_data->ifindex = vif_to_sdata(control->vif)->dev->ifindex; 1260 IEEE80211_TX_CTL_DO_NOT_ENCRYPT |
1253 pkt_data->flags = 0; 1261 IEEE80211_TX_CTL_REQUEUE |
1254 if (control->flags & IEEE80211_TXCTL_REQ_TX_STATUS) 1262 IEEE80211_TX_CTL_EAPOL_FRAME;
1255 pkt_data->flags |= IEEE80211_TXPD_REQ_TX_STATUS;
1256 if (control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT)
1257 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT;
1258 if (control->flags & IEEE80211_TXCTL_REQUEUE)
1259 pkt_data->flags |= IEEE80211_TXPD_REQUEUE;
1260 if (control->flags & IEEE80211_TXCTL_EAPOL_FRAME)
1261 pkt_data->flags |= IEEE80211_TXPD_EAPOL_FRAME;
1262 pkt_data->queue = control->queue;
1263 1263
1264 hdrlen = ieee80211_get_hdrlen_from_skb(skb); 1264 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
1265 1265
@@ -1306,9 +1306,10 @@ no_key:
1306 1306
1307static void ieee80211_handle_filtered_frame(struct ieee80211_local *local, 1307static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1308 struct sta_info *sta, 1308 struct sta_info *sta,
1309 struct sk_buff *skb, 1309 struct sk_buff *skb)
1310 struct ieee80211_tx_status *status)
1311{ 1310{
1311 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1312
1312 sta->tx_filtered_count++; 1313 sta->tx_filtered_count++;
1313 1314
1314 /* 1315 /*
@@ -1316,7 +1317,7 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1316 * packet. If the STA went to power save mode, this will happen 1317 * packet. If the STA went to power save mode, this will happen
1317 * when it wakes up for the next time. 1318 * when it wakes up for the next time.
1318 */ 1319 */
1319 sta->flags |= WLAN_STA_CLEAR_PS_FILT; 1320 set_sta_flags(sta, WLAN_STA_CLEAR_PS_FILT);
1320 1321
1321 /* 1322 /*
1322 * This code races in the following way: 1323 * This code races in the following way:
@@ -1348,20 +1349,18 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1348 * can be unknown, for example with different interrupt status 1349 * can be unknown, for example with different interrupt status
1349 * bits. 1350 * bits.
1350 */ 1351 */
1351 if (sta->flags & WLAN_STA_PS && 1352 if (test_sta_flags(sta, WLAN_STA_PS) &&
1352 skb_queue_len(&sta->tx_filtered) < STA_MAX_TX_BUFFER) { 1353 skb_queue_len(&sta->tx_filtered) < STA_MAX_TX_BUFFER) {
1353 ieee80211_remove_tx_extra(local, sta->key, skb, 1354 ieee80211_remove_tx_extra(local, sta->key, skb);
1354 &status->control);
1355 skb_queue_tail(&sta->tx_filtered, skb); 1355 skb_queue_tail(&sta->tx_filtered, skb);
1356 return; 1356 return;
1357 } 1357 }
1358 1358
1359 if (!(sta->flags & WLAN_STA_PS) && 1359 if (!test_sta_flags(sta, WLAN_STA_PS) &&
1360 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) { 1360 !(info->flags & IEEE80211_TX_CTL_REQUEUE)) {
1361 /* Software retry the packet once */ 1361 /* Software retry the packet once */
1362 status->control.flags |= IEEE80211_TXCTL_REQUEUE; 1362 info->flags |= IEEE80211_TX_CTL_REQUEUE;
1363 ieee80211_remove_tx_extra(local, sta->key, skb, 1363 ieee80211_remove_tx_extra(local, sta->key, skb);
1364 &status->control);
1365 dev_queue_xmit(skb); 1364 dev_queue_xmit(skb);
1366 return; 1365 return;
1367 } 1366 }
@@ -1371,61 +1370,49 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1371 "queue_len=%d PS=%d @%lu\n", 1370 "queue_len=%d PS=%d @%lu\n",
1372 wiphy_name(local->hw.wiphy), 1371 wiphy_name(local->hw.wiphy),
1373 skb_queue_len(&sta->tx_filtered), 1372 skb_queue_len(&sta->tx_filtered),
1374 !!(sta->flags & WLAN_STA_PS), jiffies); 1373 !!test_sta_flags(sta, WLAN_STA_PS), jiffies);
1375 dev_kfree_skb(skb); 1374 dev_kfree_skb(skb);
1376} 1375}
1377 1376
1378void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb, 1377void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
1379 struct ieee80211_tx_status *status)
1380{ 1378{
1381 struct sk_buff *skb2; 1379 struct sk_buff *skb2;
1382 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1380 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1383 struct ieee80211_local *local = hw_to_local(hw); 1381 struct ieee80211_local *local = hw_to_local(hw);
1382 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1384 u16 frag, type; 1383 u16 frag, type;
1385 struct ieee80211_tx_status_rtap_hdr *rthdr; 1384 struct ieee80211_tx_status_rtap_hdr *rthdr;
1386 struct ieee80211_sub_if_data *sdata; 1385 struct ieee80211_sub_if_data *sdata;
1387 struct net_device *prev_dev = NULL; 1386 struct net_device *prev_dev = NULL;
1388 1387
1389 if (!status) {
1390 printk(KERN_ERR
1391 "%s: ieee80211_tx_status called with NULL status\n",
1392 wiphy_name(local->hw.wiphy));
1393 dev_kfree_skb(skb);
1394 return;
1395 }
1396
1397 rcu_read_lock(); 1388 rcu_read_lock();
1398 1389
1399 if (status->excessive_retries) { 1390 if (info->status.excessive_retries) {
1400 struct sta_info *sta; 1391 struct sta_info *sta;
1401 sta = sta_info_get(local, hdr->addr1); 1392 sta = sta_info_get(local, hdr->addr1);
1402 if (sta) { 1393 if (sta) {
1403 if (sta->flags & WLAN_STA_PS) { 1394 if (test_sta_flags(sta, WLAN_STA_PS)) {
1404 /* 1395 /*
1405 * The STA is in power save mode, so assume 1396 * The STA is in power save mode, so assume
1406 * that this TX packet failed because of that. 1397 * that this TX packet failed because of that.
1407 */ 1398 */
1408 status->excessive_retries = 0; 1399 ieee80211_handle_filtered_frame(local, sta, skb);
1409 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
1410 ieee80211_handle_filtered_frame(local, sta,
1411 skb, status);
1412 rcu_read_unlock(); 1400 rcu_read_unlock();
1413 return; 1401 return;
1414 } 1402 }
1415 } 1403 }
1416 } 1404 }
1417 1405
1418 if (status->flags & IEEE80211_TX_STATUS_TX_FILTERED) { 1406 if (info->flags & IEEE80211_TX_STAT_TX_FILTERED) {
1419 struct sta_info *sta; 1407 struct sta_info *sta;
1420 sta = sta_info_get(local, hdr->addr1); 1408 sta = sta_info_get(local, hdr->addr1);
1421 if (sta) { 1409 if (sta) {
1422 ieee80211_handle_filtered_frame(local, sta, skb, 1410 ieee80211_handle_filtered_frame(local, sta, skb);
1423 status);
1424 rcu_read_unlock(); 1411 rcu_read_unlock();
1425 return; 1412 return;
1426 } 1413 }
1427 } else 1414 } else
1428 rate_control_tx_status(local->mdev, skb, status); 1415 rate_control_tx_status(local->mdev, skb);
1429 1416
1430 rcu_read_unlock(); 1417 rcu_read_unlock();
1431 1418
@@ -1439,14 +1426,14 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1439 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG; 1426 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
1440 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE; 1427 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
1441 1428
1442 if (status->flags & IEEE80211_TX_STATUS_ACK) { 1429 if (info->flags & IEEE80211_TX_STAT_ACK) {
1443 if (frag == 0) { 1430 if (frag == 0) {
1444 local->dot11TransmittedFrameCount++; 1431 local->dot11TransmittedFrameCount++;
1445 if (is_multicast_ether_addr(hdr->addr1)) 1432 if (is_multicast_ether_addr(hdr->addr1))
1446 local->dot11MulticastTransmittedFrameCount++; 1433 local->dot11MulticastTransmittedFrameCount++;
1447 if (status->retry_count > 0) 1434 if (info->status.retry_count > 0)
1448 local->dot11RetryCount++; 1435 local->dot11RetryCount++;
1449 if (status->retry_count > 1) 1436 if (info->status.retry_count > 1)
1450 local->dot11MultipleRetryCount++; 1437 local->dot11MultipleRetryCount++;
1451 } 1438 }
1452 1439
@@ -1483,7 +1470,7 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1483 return; 1470 return;
1484 } 1471 }
1485 1472
1486 rthdr = (struct ieee80211_tx_status_rtap_hdr*) 1473 rthdr = (struct ieee80211_tx_status_rtap_hdr *)
1487 skb_push(skb, sizeof(*rthdr)); 1474 skb_push(skb, sizeof(*rthdr));
1488 1475
1489 memset(rthdr, 0, sizeof(*rthdr)); 1476 memset(rthdr, 0, sizeof(*rthdr));
@@ -1492,17 +1479,17 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
1492 cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) | 1479 cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) |
1493 (1 << IEEE80211_RADIOTAP_DATA_RETRIES)); 1480 (1 << IEEE80211_RADIOTAP_DATA_RETRIES));
1494 1481
1495 if (!(status->flags & IEEE80211_TX_STATUS_ACK) && 1482 if (!(info->flags & IEEE80211_TX_STAT_ACK) &&
1496 !is_multicast_ether_addr(hdr->addr1)) 1483 !is_multicast_ether_addr(hdr->addr1))
1497 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_FAIL); 1484 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_FAIL);
1498 1485
1499 if ((status->control.flags & IEEE80211_TXCTL_USE_RTS_CTS) && 1486 if ((info->flags & IEEE80211_TX_CTL_USE_RTS_CTS) &&
1500 (status->control.flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) 1487 (info->flags & IEEE80211_TX_CTL_USE_CTS_PROTECT))
1501 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_CTS); 1488 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_CTS);
1502 else if (status->control.flags & IEEE80211_TXCTL_USE_RTS_CTS) 1489 else if (info->flags & IEEE80211_TX_CTL_USE_RTS_CTS)
1503 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_RTS); 1490 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_RTS);
1504 1491
1505 rthdr->data_retries = status->retry_count; 1492 rthdr->data_retries = info->status.retry_count;
1506 1493
1507 /* XXX: is this sufficient for BPF? */ 1494 /* XXX: is this sufficient for BPF? */
1508 skb_set_mac_header(skb, 0); 1495 skb_set_mac_header(skb, 0);
@@ -1652,12 +1639,32 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1652 if (result < 0) 1639 if (result < 0)
1653 return result; 1640 return result;
1654 1641
1642 /*
1643 * We use the number of queues for feature tests (QoS, HT) internally
1644 * so restrict them appropriately.
1645 */
1646#ifdef CONFIG_MAC80211_QOS
1647 if (hw->queues > IEEE80211_MAX_QUEUES)
1648 hw->queues = IEEE80211_MAX_QUEUES;
1649 if (hw->ampdu_queues > IEEE80211_MAX_AMPDU_QUEUES)
1650 hw->ampdu_queues = IEEE80211_MAX_AMPDU_QUEUES;
1651 if (hw->queues < 4)
1652 hw->ampdu_queues = 0;
1653#else
1654 hw->queues = 1;
1655 hw->ampdu_queues = 0;
1656#endif
1657
1655 /* for now, mdev needs sub_if_data :/ */ 1658 /* for now, mdev needs sub_if_data :/ */
1656 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data), 1659 mdev = alloc_netdev_mq(sizeof(struct ieee80211_sub_if_data),
1657 "wmaster%d", ether_setup); 1660 "wmaster%d", ether_setup,
1661 ieee80211_num_queues(hw));
1658 if (!mdev) 1662 if (!mdev)
1659 goto fail_mdev_alloc; 1663 goto fail_mdev_alloc;
1660 1664
1665 if (ieee80211_num_queues(hw) > 1)
1666 mdev->features |= NETIF_F_MULTI_QUEUE;
1667
1661 sdata = IEEE80211_DEV_TO_SUB_IF(mdev); 1668 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
1662 mdev->ieee80211_ptr = &sdata->wdev; 1669 mdev->ieee80211_ptr = &sdata->wdev;
1663 sdata->wdev.wiphy = local->hw.wiphy; 1670 sdata->wdev.wiphy = local->hw.wiphy;
@@ -1702,13 +1709,13 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1702 1709
1703 local->hw.conf.beacon_int = 1000; 1710 local->hw.conf.beacon_int = 1000;
1704 1711
1705 local->wstats_flags |= local->hw.max_rssi ? 1712 local->wstats_flags |= local->hw.flags & (IEEE80211_HW_SIGNAL_UNSPEC |
1706 IW_QUAL_LEVEL_UPDATED : IW_QUAL_LEVEL_INVALID; 1713 IEEE80211_HW_SIGNAL_DB |
1707 local->wstats_flags |= local->hw.max_signal ? 1714 IEEE80211_HW_SIGNAL_DBM) ?
1708 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID; 1715 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID;
1709 local->wstats_flags |= local->hw.max_noise ? 1716 local->wstats_flags |= local->hw.flags & IEEE80211_HW_NOISE_DBM ?
1710 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID; 1717 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID;
1711 if (local->hw.max_rssi < 0 || local->hw.max_noise < 0) 1718 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
1712 local->wstats_flags |= IW_QUAL_DBM; 1719 local->wstats_flags |= IW_QUAL_DBM;
1713 1720
1714 result = sta_info_start(local); 1721 result = sta_info_start(local);
@@ -1858,7 +1865,9 @@ static int __init ieee80211_init(void)
1858 struct sk_buff *skb; 1865 struct sk_buff *skb;
1859 int ret; 1866 int ret;
1860 1867
1861 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb)); 1868 BUILD_BUG_ON(sizeof(struct ieee80211_tx_info) > sizeof(skb->cb));
1869 BUILD_BUG_ON(offsetof(struct ieee80211_tx_info, driver_data) +
1870 IEEE80211_TX_INFO_DRIVER_DATA_SIZE > sizeof(skb->cb));
1862 1871
1863 ret = rc80211_pid_init(); 1872 ret = rc80211_pid_init();
1864 if (ret) 1873 if (ret)
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 697ef67f96b6..b5933b271491 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -315,6 +315,13 @@ struct mesh_table *mesh_table_alloc(int size_order)
315 return newtbl; 315 return newtbl;
316} 316}
317 317
318static void __mesh_table_free(struct mesh_table *tbl)
319{
320 kfree(tbl->hash_buckets);
321 kfree(tbl->hashwlock);
322 kfree(tbl);
323}
324
318void mesh_table_free(struct mesh_table *tbl, bool free_leafs) 325void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
319{ 326{
320 struct hlist_head *mesh_hash; 327 struct hlist_head *mesh_hash;
@@ -330,9 +337,7 @@ void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
330 } 337 }
331 spin_unlock(&tbl->hashwlock[i]); 338 spin_unlock(&tbl->hashwlock[i]);
332 } 339 }
333 kfree(tbl->hash_buckets); 340 __mesh_table_free(tbl);
334 kfree(tbl->hashwlock);
335 kfree(tbl);
336} 341}
337 342
338static void ieee80211_mesh_path_timer(unsigned long data) 343static void ieee80211_mesh_path_timer(unsigned long data)
@@ -349,21 +354,16 @@ struct mesh_table *mesh_table_grow(struct mesh_table *tbl)
349{ 354{
350 struct mesh_table *newtbl; 355 struct mesh_table *newtbl;
351 struct hlist_head *oldhash; 356 struct hlist_head *oldhash;
352 struct hlist_node *p; 357 struct hlist_node *p, *q;
353 int err = 0;
354 int i; 358 int i;
355 359
356 if (atomic_read(&tbl->entries) 360 if (atomic_read(&tbl->entries)
357 < tbl->mean_chain_len * (tbl->hash_mask + 1)) { 361 < tbl->mean_chain_len * (tbl->hash_mask + 1))
358 err = -EPERM;
359 goto endgrow; 362 goto endgrow;
360 }
361 363
362 newtbl = mesh_table_alloc(tbl->size_order + 1); 364 newtbl = mesh_table_alloc(tbl->size_order + 1);
363 if (!newtbl) { 365 if (!newtbl)
364 err = -ENOMEM;
365 goto endgrow; 366 goto endgrow;
366 }
367 367
368 newtbl->free_node = tbl->free_node; 368 newtbl->free_node = tbl->free_node;
369 newtbl->mean_chain_len = tbl->mean_chain_len; 369 newtbl->mean_chain_len = tbl->mean_chain_len;
@@ -373,13 +373,19 @@ struct mesh_table *mesh_table_grow(struct mesh_table *tbl)
373 oldhash = tbl->hash_buckets; 373 oldhash = tbl->hash_buckets;
374 for (i = 0; i <= tbl->hash_mask; i++) 374 for (i = 0; i <= tbl->hash_mask; i++)
375 hlist_for_each(p, &oldhash[i]) 375 hlist_for_each(p, &oldhash[i])
376 tbl->copy_node(p, newtbl); 376 if (tbl->copy_node(p, newtbl) < 0)
377 goto errcopy;
377 378
379 return newtbl;
380
381errcopy:
382 for (i = 0; i <= newtbl->hash_mask; i++) {
383 hlist_for_each_safe(p, q, &newtbl->hash_buckets[i])
384 tbl->free_node(p, 0);
385 }
386 __mesh_table_free(tbl);
378endgrow: 387endgrow:
379 if (err) 388 return NULL;
380 return NULL;
381 else
382 return newtbl;
383} 389}
384 390
385/** 391/**
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index 2e161f6d8288..669eafafe497 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -109,7 +109,7 @@ struct mesh_table {
109 __u32 hash_rnd; /* Used for hash generation */ 109 __u32 hash_rnd; /* Used for hash generation */
110 atomic_t entries; /* Up to MAX_MESH_NEIGHBOURS */ 110 atomic_t entries; /* Up to MAX_MESH_NEIGHBOURS */
111 void (*free_node) (struct hlist_node *p, bool free_leafs); 111 void (*free_node) (struct hlist_node *p, bool free_leafs);
112 void (*copy_node) (struct hlist_node *p, struct mesh_table *newtbl); 112 int (*copy_node) (struct hlist_node *p, struct mesh_table *newtbl);
113 int size_order; 113 int size_order;
114 int mean_chain_len; 114 int mean_chain_len;
115}; 115};
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index af0cd1e3e213..7fa149e230e6 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -26,7 +26,7 @@ static inline u32 u32_field_get(u8 *preq_elem, int offset, bool ae)
26{ 26{
27 if (ae) 27 if (ae)
28 offset += 6; 28 offset += 6;
29 return le32_to_cpu(get_unaligned((__le32 *) (preq_elem + offset))); 29 return get_unaligned_le32(preq_elem + offset);
30} 30}
31 31
32/* HWMP IE processing macros */ 32/* HWMP IE processing macros */
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
index 99c2d360888e..947b13b40726 100644
--- a/net/mac80211/mesh_pathtbl.c
+++ b/net/mac80211/mesh_pathtbl.c
@@ -158,19 +158,14 @@ int mesh_path_add(u8 *dst, struct net_device *dev)
158 if (atomic_add_unless(&sdata->u.sta.mpaths, 1, MESH_MAX_MPATHS) == 0) 158 if (atomic_add_unless(&sdata->u.sta.mpaths, 1, MESH_MAX_MPATHS) == 0)
159 return -ENOSPC; 159 return -ENOSPC;
160 160
161 err = -ENOMEM;
161 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL); 162 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL);
162 if (!new_mpath) { 163 if (!new_mpath)
163 atomic_dec(&sdata->u.sta.mpaths); 164 goto err_path_alloc;
164 err = -ENOMEM; 165
165 goto endadd2;
166 }
167 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL); 166 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
168 if (!new_node) { 167 if (!new_node)
169 kfree(new_mpath); 168 goto err_node_alloc;
170 atomic_dec(&sdata->u.sta.mpaths);
171 err = -ENOMEM;
172 goto endadd2;
173 }
174 169
175 read_lock(&pathtbl_resize_lock); 170 read_lock(&pathtbl_resize_lock);
176 memcpy(new_mpath->dst, dst, ETH_ALEN); 171 memcpy(new_mpath->dst, dst, ETH_ALEN);
@@ -189,16 +184,11 @@ int mesh_path_add(u8 *dst, struct net_device *dev)
189 184
190 spin_lock(&mesh_paths->hashwlock[hash_idx]); 185 spin_lock(&mesh_paths->hashwlock[hash_idx]);
191 186
187 err = -EEXIST;
192 hlist_for_each_entry(node, n, bucket, list) { 188 hlist_for_each_entry(node, n, bucket, list) {
193 mpath = node->mpath; 189 mpath = node->mpath;
194 if (mpath->dev == dev && memcmp(dst, mpath->dst, ETH_ALEN) 190 if (mpath->dev == dev && memcmp(dst, mpath->dst, ETH_ALEN) == 0)
195 == 0) { 191 goto err_exists;
196 err = -EEXIST;
197 atomic_dec(&sdata->u.sta.mpaths);
198 kfree(new_node);
199 kfree(new_mpath);
200 goto endadd;
201 }
202 } 192 }
203 193
204 hlist_add_head_rcu(&new_node->list, bucket); 194 hlist_add_head_rcu(&new_node->list, bucket);
@@ -206,10 +196,9 @@ int mesh_path_add(u8 *dst, struct net_device *dev)
206 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1)) 196 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1))
207 grow = 1; 197 grow = 1;
208 198
209endadd:
210 spin_unlock(&mesh_paths->hashwlock[hash_idx]); 199 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
211 read_unlock(&pathtbl_resize_lock); 200 read_unlock(&pathtbl_resize_lock);
212 if (!err && grow) { 201 if (grow) {
213 struct mesh_table *oldtbl, *newtbl; 202 struct mesh_table *oldtbl, *newtbl;
214 203
215 write_lock(&pathtbl_resize_lock); 204 write_lock(&pathtbl_resize_lock);
@@ -217,7 +206,7 @@ endadd:
217 newtbl = mesh_table_grow(mesh_paths); 206 newtbl = mesh_table_grow(mesh_paths);
218 if (!newtbl) { 207 if (!newtbl) {
219 write_unlock(&pathtbl_resize_lock); 208 write_unlock(&pathtbl_resize_lock);
220 return -ENOMEM; 209 return 0;
221 } 210 }
222 rcu_assign_pointer(mesh_paths, newtbl); 211 rcu_assign_pointer(mesh_paths, newtbl);
223 write_unlock(&pathtbl_resize_lock); 212 write_unlock(&pathtbl_resize_lock);
@@ -225,7 +214,16 @@ endadd:
225 synchronize_rcu(); 214 synchronize_rcu();
226 mesh_table_free(oldtbl, false); 215 mesh_table_free(oldtbl, false);
227 } 216 }
228endadd2: 217 return 0;
218
219err_exists:
220 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
221 read_unlock(&pathtbl_resize_lock);
222 kfree(new_node);
223err_node_alloc:
224 kfree(new_mpath);
225err_path_alloc:
226 atomic_dec(&sdata->u.sta.mpaths);
229 return err; 227 return err;
230} 228}
231 229
@@ -460,25 +458,28 @@ static void mesh_path_node_free(struct hlist_node *p, bool free_leafs)
460 struct mpath_node *node = hlist_entry(p, struct mpath_node, list); 458 struct mpath_node *node = hlist_entry(p, struct mpath_node, list);
461 mpath = node->mpath; 459 mpath = node->mpath;
462 hlist_del_rcu(p); 460 hlist_del_rcu(p);
463 synchronize_rcu();
464 if (free_leafs) 461 if (free_leafs)
465 kfree(mpath); 462 kfree(mpath);
466 kfree(node); 463 kfree(node);
467} 464}
468 465
469static void mesh_path_node_copy(struct hlist_node *p, struct mesh_table *newtbl) 466static int mesh_path_node_copy(struct hlist_node *p, struct mesh_table *newtbl)
470{ 467{
471 struct mesh_path *mpath; 468 struct mesh_path *mpath;
472 struct mpath_node *node, *new_node; 469 struct mpath_node *node, *new_node;
473 u32 hash_idx; 470 u32 hash_idx;
474 471
472 new_node = kmalloc(sizeof(struct mpath_node), GFP_ATOMIC);
473 if (new_node == NULL)
474 return -ENOMEM;
475
475 node = hlist_entry(p, struct mpath_node, list); 476 node = hlist_entry(p, struct mpath_node, list);
476 mpath = node->mpath; 477 mpath = node->mpath;
477 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
478 new_node->mpath = mpath; 478 new_node->mpath = mpath;
479 hash_idx = mesh_table_hash(mpath->dst, mpath->dev, newtbl); 479 hash_idx = mesh_table_hash(mpath->dst, mpath->dev, newtbl);
480 hlist_add_head(&new_node->list, 480 hlist_add_head(&new_node->list,
481 &newtbl->hash_buckets[hash_idx]); 481 &newtbl->hash_buckets[hash_idx]);
482 return 0;
482} 483}
483 484
484int mesh_pathtbl_init(void) 485int mesh_pathtbl_init(void)
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 37f0c2b94ae7..9efeb1f07025 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -79,7 +79,7 @@ void mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
79 * 79 *
80 * @sta: mes peer link to restart 80 * @sta: mes peer link to restart
81 * 81 *
82 * Locking: this function must be called holding sta->plink_lock 82 * Locking: this function must be called holding sta->lock
83 */ 83 */
84static inline void mesh_plink_fsm_restart(struct sta_info *sta) 84static inline void mesh_plink_fsm_restart(struct sta_info *sta)
85{ 85{
@@ -105,7 +105,7 @@ static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
105 if (!sta) 105 if (!sta)
106 return NULL; 106 return NULL;
107 107
108 sta->flags |= WLAN_STA_AUTHORIZED; 108 sta->flags = WLAN_STA_AUTHORIZED;
109 sta->supp_rates[local->hw.conf.channel->band] = rates; 109 sta->supp_rates[local->hw.conf.channel->band] = rates;
110 110
111 return sta; 111 return sta;
@@ -118,7 +118,7 @@ static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
118 * 118 *
119 * All mesh paths with this peer as next hop will be flushed 119 * All mesh paths with this peer as next hop will be flushed
120 * 120 *
121 * Locking: the caller must hold sta->plink_lock 121 * Locking: the caller must hold sta->lock
122 */ 122 */
123static void __mesh_plink_deactivate(struct sta_info *sta) 123static void __mesh_plink_deactivate(struct sta_info *sta)
124{ 124{
@@ -139,9 +139,9 @@ static void __mesh_plink_deactivate(struct sta_info *sta)
139 */ 139 */
140void mesh_plink_deactivate(struct sta_info *sta) 140void mesh_plink_deactivate(struct sta_info *sta)
141{ 141{
142 spin_lock_bh(&sta->plink_lock); 142 spin_lock_bh(&sta->lock);
143 __mesh_plink_deactivate(sta); 143 __mesh_plink_deactivate(sta);
144 spin_unlock_bh(&sta->plink_lock); 144 spin_unlock_bh(&sta->lock);
145} 145}
146 146
147static int mesh_plink_frame_tx(struct net_device *dev, 147static int mesh_plink_frame_tx(struct net_device *dev,
@@ -270,10 +270,10 @@ static void mesh_plink_timer(unsigned long data)
270 */ 270 */
271 sta = (struct sta_info *) data; 271 sta = (struct sta_info *) data;
272 272
273 spin_lock_bh(&sta->plink_lock); 273 spin_lock_bh(&sta->lock);
274 if (sta->ignore_plink_timer) { 274 if (sta->ignore_plink_timer) {
275 sta->ignore_plink_timer = false; 275 sta->ignore_plink_timer = false;
276 spin_unlock_bh(&sta->plink_lock); 276 spin_unlock_bh(&sta->lock);
277 return; 277 return;
278 } 278 }
279 mpl_dbg("Mesh plink timer for %s fired on state %d\n", 279 mpl_dbg("Mesh plink timer for %s fired on state %d\n",
@@ -298,7 +298,7 @@ static void mesh_plink_timer(unsigned long data)
298 rand % sta->plink_timeout; 298 rand % sta->plink_timeout;
299 ++sta->plink_retries; 299 ++sta->plink_retries;
300 mod_plink_timer(sta, sta->plink_timeout); 300 mod_plink_timer(sta, sta->plink_timeout);
301 spin_unlock_bh(&sta->plink_lock); 301 spin_unlock_bh(&sta->lock);
302 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid, 302 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid,
303 0, 0); 303 0, 0);
304 break; 304 break;
@@ -311,7 +311,7 @@ static void mesh_plink_timer(unsigned long data)
311 reason = cpu_to_le16(MESH_CONFIRM_TIMEOUT); 311 reason = cpu_to_le16(MESH_CONFIRM_TIMEOUT);
312 sta->plink_state = PLINK_HOLDING; 312 sta->plink_state = PLINK_HOLDING;
313 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)); 313 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
314 spin_unlock_bh(&sta->plink_lock); 314 spin_unlock_bh(&sta->lock);
315 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, plid, 315 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, plid,
316 reason); 316 reason);
317 break; 317 break;
@@ -319,10 +319,10 @@ static void mesh_plink_timer(unsigned long data)
319 /* holding timer */ 319 /* holding timer */
320 del_timer(&sta->plink_timer); 320 del_timer(&sta->plink_timer);
321 mesh_plink_fsm_restart(sta); 321 mesh_plink_fsm_restart(sta);
322 spin_unlock_bh(&sta->plink_lock); 322 spin_unlock_bh(&sta->lock);
323 break; 323 break;
324 default: 324 default:
325 spin_unlock_bh(&sta->plink_lock); 325 spin_unlock_bh(&sta->lock);
326 break; 326 break;
327 } 327 }
328} 328}
@@ -344,16 +344,16 @@ int mesh_plink_open(struct sta_info *sta)
344 DECLARE_MAC_BUF(mac); 344 DECLARE_MAC_BUF(mac);
345#endif 345#endif
346 346
347 spin_lock_bh(&sta->plink_lock); 347 spin_lock_bh(&sta->lock);
348 get_random_bytes(&llid, 2); 348 get_random_bytes(&llid, 2);
349 sta->llid = llid; 349 sta->llid = llid;
350 if (sta->plink_state != PLINK_LISTEN) { 350 if (sta->plink_state != PLINK_LISTEN) {
351 spin_unlock_bh(&sta->plink_lock); 351 spin_unlock_bh(&sta->lock);
352 return -EBUSY; 352 return -EBUSY;
353 } 353 }
354 sta->plink_state = PLINK_OPN_SNT; 354 sta->plink_state = PLINK_OPN_SNT;
355 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata)); 355 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
356 spin_unlock_bh(&sta->plink_lock); 356 spin_unlock_bh(&sta->lock);
357 mpl_dbg("Mesh plink: starting establishment with %s\n", 357 mpl_dbg("Mesh plink: starting establishment with %s\n",
358 print_mac(mac, sta->addr)); 358 print_mac(mac, sta->addr));
359 359
@@ -367,10 +367,10 @@ void mesh_plink_block(struct sta_info *sta)
367 DECLARE_MAC_BUF(mac); 367 DECLARE_MAC_BUF(mac);
368#endif 368#endif
369 369
370 spin_lock_bh(&sta->plink_lock); 370 spin_lock_bh(&sta->lock);
371 __mesh_plink_deactivate(sta); 371 __mesh_plink_deactivate(sta);
372 sta->plink_state = PLINK_BLOCKED; 372 sta->plink_state = PLINK_BLOCKED;
373 spin_unlock_bh(&sta->plink_lock); 373 spin_unlock_bh(&sta->lock);
374} 374}
375 375
376int mesh_plink_close(struct sta_info *sta) 376int mesh_plink_close(struct sta_info *sta)
@@ -383,14 +383,14 @@ int mesh_plink_close(struct sta_info *sta)
383 383
384 mpl_dbg("Mesh plink: closing link with %s\n", 384 mpl_dbg("Mesh plink: closing link with %s\n",
385 print_mac(mac, sta->addr)); 385 print_mac(mac, sta->addr));
386 spin_lock_bh(&sta->plink_lock); 386 spin_lock_bh(&sta->lock);
387 sta->reason = cpu_to_le16(MESH_LINK_CANCELLED); 387 sta->reason = cpu_to_le16(MESH_LINK_CANCELLED);
388 reason = sta->reason; 388 reason = sta->reason;
389 389
390 if (sta->plink_state == PLINK_LISTEN || 390 if (sta->plink_state == PLINK_LISTEN ||
391 sta->plink_state == PLINK_BLOCKED) { 391 sta->plink_state == PLINK_BLOCKED) {
392 mesh_plink_fsm_restart(sta); 392 mesh_plink_fsm_restart(sta);
393 spin_unlock_bh(&sta->plink_lock); 393 spin_unlock_bh(&sta->lock);
394 return 0; 394 return 0;
395 } else if (sta->plink_state == PLINK_ESTAB) { 395 } else if (sta->plink_state == PLINK_ESTAB) {
396 __mesh_plink_deactivate(sta); 396 __mesh_plink_deactivate(sta);
@@ -402,7 +402,7 @@ int mesh_plink_close(struct sta_info *sta)
402 sta->plink_state = PLINK_HOLDING; 402 sta->plink_state = PLINK_HOLDING;
403 llid = sta->llid; 403 llid = sta->llid;
404 plid = sta->plid; 404 plid = sta->plid;
405 spin_unlock_bh(&sta->plink_lock); 405 spin_unlock_bh(&sta->lock);
406 mesh_plink_frame_tx(sta->sdata->dev, PLINK_CLOSE, sta->addr, llid, 406 mesh_plink_frame_tx(sta->sdata->dev, PLINK_CLOSE, sta->addr, llid,
407 plid, reason); 407 plid, reason);
408 return 0; 408 return 0;
@@ -490,7 +490,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
490 /* avoid warning */ 490 /* avoid warning */
491 break; 491 break;
492 } 492 }
493 spin_lock_bh(&sta->plink_lock); 493 spin_lock_bh(&sta->lock);
494 } else if (!sta) { 494 } else if (!sta) {
495 /* ftype == PLINK_OPEN */ 495 /* ftype == PLINK_OPEN */
496 u64 rates; 496 u64 rates;
@@ -512,9 +512,9 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
512 return; 512 return;
513 } 513 }
514 event = OPN_ACPT; 514 event = OPN_ACPT;
515 spin_lock_bh(&sta->plink_lock); 515 spin_lock_bh(&sta->lock);
516 } else { 516 } else {
517 spin_lock_bh(&sta->plink_lock); 517 spin_lock_bh(&sta->lock);
518 switch (ftype) { 518 switch (ftype) {
519 case PLINK_OPEN: 519 case PLINK_OPEN:
520 if (!mesh_plink_free_count(sdata) || 520 if (!mesh_plink_free_count(sdata) ||
@@ -551,7 +551,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
551 break; 551 break;
552 default: 552 default:
553 mpl_dbg("Mesh plink: unknown frame subtype\n"); 553 mpl_dbg("Mesh plink: unknown frame subtype\n");
554 spin_unlock_bh(&sta->plink_lock); 554 spin_unlock_bh(&sta->lock);
555 rcu_read_unlock(); 555 rcu_read_unlock();
556 return; 556 return;
557 } 557 }
@@ -568,7 +568,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
568 switch (event) { 568 switch (event) {
569 case CLS_ACPT: 569 case CLS_ACPT:
570 mesh_plink_fsm_restart(sta); 570 mesh_plink_fsm_restart(sta);
571 spin_unlock_bh(&sta->plink_lock); 571 spin_unlock_bh(&sta->lock);
572 break; 572 break;
573 case OPN_ACPT: 573 case OPN_ACPT:
574 sta->plink_state = PLINK_OPN_RCVD; 574 sta->plink_state = PLINK_OPN_RCVD;
@@ -576,14 +576,14 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
576 get_random_bytes(&llid, 2); 576 get_random_bytes(&llid, 2);
577 sta->llid = llid; 577 sta->llid = llid;
578 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata)); 578 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
579 spin_unlock_bh(&sta->plink_lock); 579 spin_unlock_bh(&sta->lock);
580 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid, 580 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid,
581 0, 0); 581 0, 0);
582 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, 582 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr,
583 llid, plid, 0); 583 llid, plid, 0);
584 break; 584 break;
585 default: 585 default:
586 spin_unlock_bh(&sta->plink_lock); 586 spin_unlock_bh(&sta->lock);
587 break; 587 break;
588 } 588 }
589 break; 589 break;
@@ -603,7 +603,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
603 sta->ignore_plink_timer = true; 603 sta->ignore_plink_timer = true;
604 604
605 llid = sta->llid; 605 llid = sta->llid;
606 spin_unlock_bh(&sta->plink_lock); 606 spin_unlock_bh(&sta->lock);
607 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, 607 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
608 plid, reason); 608 plid, reason);
609 break; 609 break;
@@ -612,7 +612,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
612 sta->plink_state = PLINK_OPN_RCVD; 612 sta->plink_state = PLINK_OPN_RCVD;
613 sta->plid = plid; 613 sta->plid = plid;
614 llid = sta->llid; 614 llid = sta->llid;
615 spin_unlock_bh(&sta->plink_lock); 615 spin_unlock_bh(&sta->lock);
616 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid, 616 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
617 plid, 0); 617 plid, 0);
618 break; 618 break;
@@ -622,10 +622,10 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
622 dot11MeshConfirmTimeout(sdata))) 622 dot11MeshConfirmTimeout(sdata)))
623 sta->ignore_plink_timer = true; 623 sta->ignore_plink_timer = true;
624 624
625 spin_unlock_bh(&sta->plink_lock); 625 spin_unlock_bh(&sta->lock);
626 break; 626 break;
627 default: 627 default:
628 spin_unlock_bh(&sta->plink_lock); 628 spin_unlock_bh(&sta->lock);
629 break; 629 break;
630 } 630 }
631 break; 631 break;
@@ -645,13 +645,13 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
645 sta->ignore_plink_timer = true; 645 sta->ignore_plink_timer = true;
646 646
647 llid = sta->llid; 647 llid = sta->llid;
648 spin_unlock_bh(&sta->plink_lock); 648 spin_unlock_bh(&sta->lock);
649 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, 649 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
650 plid, reason); 650 plid, reason);
651 break; 651 break;
652 case OPN_ACPT: 652 case OPN_ACPT:
653 llid = sta->llid; 653 llid = sta->llid;
654 spin_unlock_bh(&sta->plink_lock); 654 spin_unlock_bh(&sta->lock);
655 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid, 655 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
656 plid, 0); 656 plid, 0);
657 break; 657 break;
@@ -659,12 +659,12 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
659 del_timer(&sta->plink_timer); 659 del_timer(&sta->plink_timer);
660 sta->plink_state = PLINK_ESTAB; 660 sta->plink_state = PLINK_ESTAB;
661 mesh_plink_inc_estab_count(sdata); 661 mesh_plink_inc_estab_count(sdata);
662 spin_unlock_bh(&sta->plink_lock); 662 spin_unlock_bh(&sta->lock);
663 mpl_dbg("Mesh plink with %s ESTABLISHED\n", 663 mpl_dbg("Mesh plink with %s ESTABLISHED\n",
664 print_mac(mac, sta->addr)); 664 print_mac(mac, sta->addr));
665 break; 665 break;
666 default: 666 default:
667 spin_unlock_bh(&sta->plink_lock); 667 spin_unlock_bh(&sta->lock);
668 break; 668 break;
669 } 669 }
670 break; 670 break;
@@ -684,7 +684,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
684 sta->ignore_plink_timer = true; 684 sta->ignore_plink_timer = true;
685 685
686 llid = sta->llid; 686 llid = sta->llid;
687 spin_unlock_bh(&sta->plink_lock); 687 spin_unlock_bh(&sta->lock);
688 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, 688 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
689 plid, reason); 689 plid, reason);
690 break; 690 break;
@@ -692,14 +692,14 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
692 del_timer(&sta->plink_timer); 692 del_timer(&sta->plink_timer);
693 sta->plink_state = PLINK_ESTAB; 693 sta->plink_state = PLINK_ESTAB;
694 mesh_plink_inc_estab_count(sdata); 694 mesh_plink_inc_estab_count(sdata);
695 spin_unlock_bh(&sta->plink_lock); 695 spin_unlock_bh(&sta->lock);
696 mpl_dbg("Mesh plink with %s ESTABLISHED\n", 696 mpl_dbg("Mesh plink with %s ESTABLISHED\n",
697 print_mac(mac, sta->addr)); 697 print_mac(mac, sta->addr));
698 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid, 698 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
699 plid, 0); 699 plid, 0);
700 break; 700 break;
701 default: 701 default:
702 spin_unlock_bh(&sta->plink_lock); 702 spin_unlock_bh(&sta->lock);
703 break; 703 break;
704 } 704 }
705 break; 705 break;
@@ -713,18 +713,18 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
713 sta->plink_state = PLINK_HOLDING; 713 sta->plink_state = PLINK_HOLDING;
714 llid = sta->llid; 714 llid = sta->llid;
715 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)); 715 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
716 spin_unlock_bh(&sta->plink_lock); 716 spin_unlock_bh(&sta->lock);
717 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, 717 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
718 plid, reason); 718 plid, reason);
719 break; 719 break;
720 case OPN_ACPT: 720 case OPN_ACPT:
721 llid = sta->llid; 721 llid = sta->llid;
722 spin_unlock_bh(&sta->plink_lock); 722 spin_unlock_bh(&sta->lock);
723 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid, 723 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
724 plid, 0); 724 plid, 0);
725 break; 725 break;
726 default: 726 default:
727 spin_unlock_bh(&sta->plink_lock); 727 spin_unlock_bh(&sta->lock);
728 break; 728 break;
729 } 729 }
730 break; 730 break;
@@ -734,7 +734,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
734 if (del_timer(&sta->plink_timer)) 734 if (del_timer(&sta->plink_timer))
735 sta->ignore_plink_timer = 1; 735 sta->ignore_plink_timer = 1;
736 mesh_plink_fsm_restart(sta); 736 mesh_plink_fsm_restart(sta);
737 spin_unlock_bh(&sta->plink_lock); 737 spin_unlock_bh(&sta->lock);
738 break; 738 break;
739 case OPN_ACPT: 739 case OPN_ACPT:
740 case CNF_ACPT: 740 case CNF_ACPT:
@@ -742,19 +742,19 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
742 case CNF_RJCT: 742 case CNF_RJCT:
743 llid = sta->llid; 743 llid = sta->llid;
744 reason = sta->reason; 744 reason = sta->reason;
745 spin_unlock_bh(&sta->plink_lock); 745 spin_unlock_bh(&sta->lock);
746 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, 746 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
747 plid, reason); 747 plid, reason);
748 break; 748 break;
749 default: 749 default:
750 spin_unlock_bh(&sta->plink_lock); 750 spin_unlock_bh(&sta->lock);
751 } 751 }
752 break; 752 break;
753 default: 753 default:
754 /* should not get here, PLINK_BLOCKED is dealt with at the 754 /* should not get here, PLINK_BLOCKED is dealt with at the
755 * beggining of the function 755 * beggining of the function
756 */ 756 */
757 spin_unlock_bh(&sta->plink_lock); 757 spin_unlock_bh(&sta->lock);
758 break; 758 break;
759 } 759 }
760 760
diff --git a/net/mac80211/michael.c b/net/mac80211/michael.c
index 0f844f7895f1..1fcdf38cf60c 100644
--- a/net/mac80211/michael.c
+++ b/net/mac80211/michael.c
@@ -6,85 +6,58 @@
6 * it under the terms of the GNU General Public License version 2 as 6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 */ 8 */
9
10#include <linux/types.h> 9#include <linux/types.h>
10#include <linux/bitops.h>
11#include <asm/unaligned.h>
11 12
12#include "michael.h" 13#include "michael.h"
13 14
14static inline u32 rotr(u32 val, int bits) 15static void michael_block(struct michael_mic_ctx *mctx, u32 val)
15{
16 return (val >> bits) | (val << (32 - bits));
17}
18
19
20static inline u32 rotl(u32 val, int bits)
21{
22 return (val << bits) | (val >> (32 - bits));
23}
24
25
26static inline u32 xswap(u32 val)
27{
28 return ((val & 0xff00ff00) >> 8) | ((val & 0x00ff00ff) << 8);
29}
30
31
32#define michael_block(l, r) \
33do { \
34 r ^= rotl(l, 17); \
35 l += r; \
36 r ^= xswap(l); \
37 l += r; \
38 r ^= rotl(l, 3); \
39 l += r; \
40 r ^= rotr(l, 2); \
41 l += r; \
42} while (0)
43
44
45static inline u32 michael_get32(u8 *data)
46{ 16{
47 return data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24); 17 mctx->l ^= val;
18 mctx->r ^= rol32(mctx->l, 17);
19 mctx->l += mctx->r;
20 mctx->r ^= ((mctx->l & 0xff00ff00) >> 8) |
21 ((mctx->l & 0x00ff00ff) << 8);
22 mctx->l += mctx->r;
23 mctx->r ^= rol32(mctx->l, 3);
24 mctx->l += mctx->r;
25 mctx->r ^= ror32(mctx->l, 2);
26 mctx->l += mctx->r;
48} 27}
49 28
50 29static void michael_mic_hdr(struct michael_mic_ctx *mctx,
51static inline void michael_put32(u32 val, u8 *data) 30 const u8 *key, const u8 *da, const u8 *sa, u8 priority)
52{ 31{
53 data[0] = val & 0xff; 32 mctx->l = get_unaligned_le32(key);
54 data[1] = (val >> 8) & 0xff; 33 mctx->r = get_unaligned_le32(key + 4);
55 data[2] = (val >> 16) & 0xff; 34
56 data[3] = (val >> 24) & 0xff; 35 /*
36 * A pseudo header (DA, SA, Priority, 0, 0, 0) is used in Michael MIC
37 * calculation, but it is _not_ transmitted
38 */
39 michael_block(mctx, get_unaligned_le32(da));
40 michael_block(mctx, get_unaligned_le16(&da[4]) |
41 (get_unaligned_le16(sa) << 16));
42 michael_block(mctx, get_unaligned_le32(&sa[2]));
43 michael_block(mctx, priority);
57} 44}
58 45
59 46void michael_mic(const u8 *key, const u8 *da, const u8 *sa, u8 priority,
60void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority, 47 const u8 *data, size_t data_len, u8 *mic)
61 u8 *data, size_t data_len, u8 *mic)
62{ 48{
63 u32 l, r, val; 49 u32 val;
64 size_t block, blocks, left; 50 size_t block, blocks, left;
51 struct michael_mic_ctx mctx;
65 52
66 l = michael_get32(key); 53 michael_mic_hdr(&mctx, key, da, sa, priority);
67 r = michael_get32(key + 4);
68
69 /* A pseudo header (DA, SA, Priority, 0, 0, 0) is used in Michael MIC
70 * calculation, but it is _not_ transmitted */
71 l ^= michael_get32(da);
72 michael_block(l, r);
73 l ^= da[4] | (da[5] << 8) | (sa[0] << 16) | (sa[1] << 24);
74 michael_block(l, r);
75 l ^= michael_get32(&sa[2]);
76 michael_block(l, r);
77 l ^= priority;
78 michael_block(l, r);
79 54
80 /* Real data */ 55 /* Real data */
81 blocks = data_len / 4; 56 blocks = data_len / 4;
82 left = data_len % 4; 57 left = data_len % 4;
83 58
84 for (block = 0; block < blocks; block++) { 59 for (block = 0; block < blocks; block++)
85 l ^= michael_get32(&data[block * 4]); 60 michael_block(&mctx, get_unaligned_le32(&data[block * 4]));
86 michael_block(l, r);
87 }
88 61
89 /* Partial block of 0..3 bytes and padding: 0x5a + 4..7 zeros to make 62 /* Partial block of 0..3 bytes and padding: 0x5a + 4..7 zeros to make
90 * total length a multiple of 4. */ 63 * total length a multiple of 4. */
@@ -94,11 +67,10 @@ void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority,
94 left--; 67 left--;
95 val |= data[blocks * 4 + left]; 68 val |= data[blocks * 4 + left];
96 } 69 }
97 l ^= val;
98 michael_block(l, r);
99 /* last block is zero, so l ^ 0 = l */
100 michael_block(l, r);
101 70
102 michael_put32(l, mic); 71 michael_block(&mctx, val);
103 michael_put32(r, mic + 4); 72 michael_block(&mctx, 0);
73
74 put_unaligned_le32(mctx.l, mic);
75 put_unaligned_le32(mctx.r, mic + 4);
104} 76}
diff --git a/net/mac80211/michael.h b/net/mac80211/michael.h
index 2e6aebabeea1..69b4501f13ba 100644
--- a/net/mac80211/michael.h
+++ b/net/mac80211/michael.h
@@ -14,7 +14,11 @@
14 14
15#define MICHAEL_MIC_LEN 8 15#define MICHAEL_MIC_LEN 8
16 16
17void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority, 17struct michael_mic_ctx {
18 u8 *data, size_t data_len, u8 *mic); 18 u32 l, r;
19};
20
21void michael_mic(const u8 *key, const u8 *da, const u8 *sa, u8 priority,
22 const u8 *data, size_t data_len, u8 *mic);
19 23
20#endif /* MICHAEL_H */ 24#endif /* MICHAEL_H */
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 4d2b582dd055..7f05820dc629 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -87,6 +87,7 @@ static int ieee80211_sta_start_scan(struct net_device *dev,
87 u8 *ssid, size_t ssid_len); 87 u8 *ssid, size_t ssid_len);
88static int ieee80211_sta_config_auth(struct net_device *dev, 88static int ieee80211_sta_config_auth(struct net_device *dev,
89 struct ieee80211_if_sta *ifsta); 89 struct ieee80211_if_sta *ifsta);
90static void sta_rx_agg_session_timer_expired(unsigned long data);
90 91
91 92
92void ieee802_11_parse_elems(u8 *start, size_t len, 93void ieee802_11_parse_elems(u8 *start, size_t len,
@@ -256,19 +257,8 @@ static void ieee80211_sta_def_wmm_params(struct net_device *dev,
256 qparam.cw_max = 1023; 257 qparam.cw_max = 1023;
257 qparam.txop = 0; 258 qparam.txop = 0;
258 259
259 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++) 260 for (i = 0; i < local_to_hw(local)->queues; i++)
260 local->ops->conf_tx(local_to_hw(local), 261 local->ops->conf_tx(local_to_hw(local), i, &qparam);
261 i + IEEE80211_TX_QUEUE_DATA0,
262 &qparam);
263
264 if (ibss) {
265 /* IBSS uses different parameters for Beacon sending */
266 qparam.cw_min++;
267 qparam.cw_min *= 2;
268 qparam.cw_min--;
269 local->ops->conf_tx(local_to_hw(local),
270 IEEE80211_TX_QUEUE_BEACON, &qparam);
271 }
272 } 262 }
273} 263}
274 264
@@ -282,6 +272,12 @@ static void ieee80211_sta_wmm_params(struct net_device *dev,
282 int count; 272 int count;
283 u8 *pos; 273 u8 *pos;
284 274
275 if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
276 return;
277
278 if (!wmm_param)
279 return;
280
285 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 281 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
286 return; 282 return;
287 count = wmm_param[6] & 0x0f; 283 count = wmm_param[6] & 0x0f;
@@ -305,29 +301,25 @@ static void ieee80211_sta_wmm_params(struct net_device *dev,
305 301
306 switch (aci) { 302 switch (aci) {
307 case 1: 303 case 1:
308 queue = IEEE80211_TX_QUEUE_DATA3; 304 queue = 3;
309 if (acm) { 305 if (acm)
310 local->wmm_acm |= BIT(0) | BIT(3); 306 local->wmm_acm |= BIT(0) | BIT(3);
311 }
312 break; 307 break;
313 case 2: 308 case 2:
314 queue = IEEE80211_TX_QUEUE_DATA1; 309 queue = 1;
315 if (acm) { 310 if (acm)
316 local->wmm_acm |= BIT(4) | BIT(5); 311 local->wmm_acm |= BIT(4) | BIT(5);
317 }
318 break; 312 break;
319 case 3: 313 case 3:
320 queue = IEEE80211_TX_QUEUE_DATA0; 314 queue = 0;
321 if (acm) { 315 if (acm)
322 local->wmm_acm |= BIT(6) | BIT(7); 316 local->wmm_acm |= BIT(6) | BIT(7);
323 }
324 break; 317 break;
325 case 0: 318 case 0:
326 default: 319 default:
327 queue = IEEE80211_TX_QUEUE_DATA2; 320 queue = 2;
328 if (acm) { 321 if (acm)
329 local->wmm_acm |= BIT(1) | BIT(2); 322 local->wmm_acm |= BIT(1) | BIT(2);
330 }
331 break; 323 break;
332 } 324 }
333 325
@@ -586,7 +578,7 @@ void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
586 int encrypt) 578 int encrypt)
587{ 579{
588 struct ieee80211_sub_if_data *sdata; 580 struct ieee80211_sub_if_data *sdata;
589 struct ieee80211_tx_packet_data *pkt_data; 581 struct ieee80211_tx_info *info;
590 582
591 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 583 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
592 skb->dev = sdata->local->mdev; 584 skb->dev = sdata->local->mdev;
@@ -594,11 +586,11 @@ void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
594 skb_set_network_header(skb, 0); 586 skb_set_network_header(skb, 0);
595 skb_set_transport_header(skb, 0); 587 skb_set_transport_header(skb, 0);
596 588
597 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 589 info = IEEE80211_SKB_CB(skb);
598 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data)); 590 memset(info, 0, sizeof(struct ieee80211_tx_info));
599 pkt_data->ifindex = sdata->dev->ifindex; 591 info->control.ifindex = sdata->dev->ifindex;
600 if (!encrypt) 592 if (!encrypt)
601 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT; 593 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
602 594
603 dev_queue_xmit(skb); 595 dev_queue_xmit(skb);
604} 596}
@@ -727,9 +719,8 @@ static void ieee80211_send_assoc(struct net_device *dev,
727 if (bss) { 719 if (bss) {
728 if (bss->capability & WLAN_CAPABILITY_PRIVACY) 720 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
729 capab |= WLAN_CAPABILITY_PRIVACY; 721 capab |= WLAN_CAPABILITY_PRIVACY;
730 if (bss->wmm_ie) { 722 if (bss->wmm_ie)
731 wmm = 1; 723 wmm = 1;
732 }
733 724
734 /* get all rates supported by the device and the AP as 725 /* get all rates supported by the device and the AP as
735 * some APs don't like getting a superset of their rates 726 * some APs don't like getting a superset of their rates
@@ -821,9 +812,32 @@ static void ieee80211_send_assoc(struct net_device *dev,
821 *pos++ = 1; /* WME ver */ 812 *pos++ = 1; /* WME ver */
822 *pos++ = 0; 813 *pos++ = 0;
823 } 814 }
815
824 /* wmm support is a must to HT */ 816 /* wmm support is a must to HT */
825 if (wmm && sband->ht_info.ht_supported) { 817 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
826 __le16 tmp = cpu_to_le16(sband->ht_info.cap); 818 sband->ht_info.ht_supported && bss->ht_add_ie) {
819 struct ieee80211_ht_addt_info *ht_add_info =
820 (struct ieee80211_ht_addt_info *)bss->ht_add_ie;
821 u16 cap = sband->ht_info.cap;
822 __le16 tmp;
823 u32 flags = local->hw.conf.channel->flags;
824
825 switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
826 case IEEE80211_HT_IE_CHA_SEC_ABOVE:
827 if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
828 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
829 cap &= ~IEEE80211_HT_CAP_SGI_40;
830 }
831 break;
832 case IEEE80211_HT_IE_CHA_SEC_BELOW:
833 if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
834 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
835 cap &= ~IEEE80211_HT_CAP_SGI_40;
836 }
837 break;
838 }
839
840 tmp = cpu_to_le16(cap);
827 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2); 841 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
828 *pos++ = WLAN_EID_HT_CAPABILITY; 842 *pos++ = WLAN_EID_HT_CAPABILITY;
829 *pos++ = sizeof(struct ieee80211_ht_cap); 843 *pos++ = sizeof(struct ieee80211_ht_cap);
@@ -1141,8 +1155,8 @@ static void ieee80211_send_addba_resp(struct net_device *dev, u8 *da, u16 tid,
1141 struct ieee80211_mgmt *mgmt; 1155 struct ieee80211_mgmt *mgmt;
1142 u16 capab; 1156 u16 capab;
1143 1157
1144 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 + 1158 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1145 sizeof(mgmt->u.action.u.addba_resp)); 1159
1146 if (!skb) { 1160 if (!skb) {
1147 printk(KERN_DEBUG "%s: failed to allocate buffer " 1161 printk(KERN_DEBUG "%s: failed to allocate buffer "
1148 "for addba resp frame\n", dev->name); 1162 "for addba resp frame\n", dev->name);
@@ -1190,9 +1204,7 @@ void ieee80211_send_addba_request(struct net_device *dev, const u8 *da,
1190 struct ieee80211_mgmt *mgmt; 1204 struct ieee80211_mgmt *mgmt;
1191 u16 capab; 1205 u16 capab;
1192 1206
1193 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 + 1207 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1194 sizeof(mgmt->u.action.u.addba_req));
1195
1196 1208
1197 if (!skb) { 1209 if (!skb) {
1198 printk(KERN_ERR "%s: failed to allocate buffer " 1210 printk(KERN_ERR "%s: failed to allocate buffer "
@@ -1293,7 +1305,7 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1293 1305
1294 1306
1295 /* examine state machine */ 1307 /* examine state machine */
1296 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx); 1308 spin_lock_bh(&sta->lock);
1297 1309
1298 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) { 1310 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
1299#ifdef CONFIG_MAC80211_HT_DEBUG 1311#ifdef CONFIG_MAC80211_HT_DEBUG
@@ -1360,7 +1372,7 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1360 tid_agg_rx->stored_mpdu_num = 0; 1372 tid_agg_rx->stored_mpdu_num = 0;
1361 status = WLAN_STATUS_SUCCESS; 1373 status = WLAN_STATUS_SUCCESS;
1362end: 1374end:
1363 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1375 spin_unlock_bh(&sta->lock);
1364 1376
1365end_no_lock: 1377end_no_lock:
1366 ieee80211_send_addba_resp(sta->sdata->dev, sta->addr, tid, 1378 ieee80211_send_addba_resp(sta->sdata->dev, sta->addr, tid,
@@ -1392,10 +1404,10 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1392 1404
1393 state = &sta->ampdu_mlme.tid_state_tx[tid]; 1405 state = &sta->ampdu_mlme.tid_state_tx[tid];
1394 1406
1395 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 1407 spin_lock_bh(&sta->lock);
1396 1408
1397 if (!(*state & HT_ADDBA_REQUESTED_MSK)) { 1409 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1398 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1410 spin_unlock_bh(&sta->lock);
1399 printk(KERN_DEBUG "state not HT_ADDBA_REQUESTED_MSK:" 1411 printk(KERN_DEBUG "state not HT_ADDBA_REQUESTED_MSK:"
1400 "%d\n", *state); 1412 "%d\n", *state);
1401 goto addba_resp_exit; 1413 goto addba_resp_exit;
@@ -1403,7 +1415,7 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1403 1415
1404 if (mgmt->u.action.u.addba_resp.dialog_token != 1416 if (mgmt->u.action.u.addba_resp.dialog_token !=
1405 sta->ampdu_mlme.tid_tx[tid]->dialog_token) { 1417 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1406 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1418 spin_unlock_bh(&sta->lock);
1407#ifdef CONFIG_MAC80211_HT_DEBUG 1419#ifdef CONFIG_MAC80211_HT_DEBUG
1408 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid); 1420 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1409#endif /* CONFIG_MAC80211_HT_DEBUG */ 1421#endif /* CONFIG_MAC80211_HT_DEBUG */
@@ -1427,7 +1439,7 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1427 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]); 1439 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1428 } 1440 }
1429 1441
1430 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1442 spin_unlock_bh(&sta->lock);
1431 printk(KERN_DEBUG "recipient accepted agg: tid %d \n", tid); 1443 printk(KERN_DEBUG "recipient accepted agg: tid %d \n", tid);
1432 } else { 1444 } else {
1433 printk(KERN_DEBUG "recipient rejected agg: tid %d \n", tid); 1445 printk(KERN_DEBUG "recipient rejected agg: tid %d \n", tid);
@@ -1435,7 +1447,7 @@ static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1435 sta->ampdu_mlme.addba_req_num[tid]++; 1447 sta->ampdu_mlme.addba_req_num[tid]++;
1436 /* this will allow the state check in stop_BA_session */ 1448 /* this will allow the state check in stop_BA_session */
1437 *state = HT_AGG_STATE_OPERATIONAL; 1449 *state = HT_AGG_STATE_OPERATIONAL;
1438 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1450 spin_unlock_bh(&sta->lock);
1439 ieee80211_stop_tx_ba_session(hw, sta->addr, tid, 1451 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1440 WLAN_BACK_INITIATOR); 1452 WLAN_BACK_INITIATOR);
1441 } 1453 }
@@ -1454,8 +1466,7 @@ void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
1454 struct ieee80211_mgmt *mgmt; 1466 struct ieee80211_mgmt *mgmt;
1455 u16 params; 1467 u16 params;
1456 1468
1457 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 + 1469 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1458 sizeof(mgmt->u.action.u.delba));
1459 1470
1460 if (!skb) { 1471 if (!skb) {
1461 printk(KERN_ERR "%s: failed to allocate buffer " 1472 printk(KERN_ERR "%s: failed to allocate buffer "
@@ -1506,17 +1517,17 @@ void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1506 } 1517 }
1507 1518
1508 /* check if TID is in operational state */ 1519 /* check if TID is in operational state */
1509 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx); 1520 spin_lock_bh(&sta->lock);
1510 if (sta->ampdu_mlme.tid_state_rx[tid] 1521 if (sta->ampdu_mlme.tid_state_rx[tid]
1511 != HT_AGG_STATE_OPERATIONAL) { 1522 != HT_AGG_STATE_OPERATIONAL) {
1512 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1523 spin_unlock_bh(&sta->lock);
1513 rcu_read_unlock(); 1524 rcu_read_unlock();
1514 return; 1525 return;
1515 } 1526 }
1516 sta->ampdu_mlme.tid_state_rx[tid] = 1527 sta->ampdu_mlme.tid_state_rx[tid] =
1517 HT_AGG_STATE_REQ_STOP_BA_MSK | 1528 HT_AGG_STATE_REQ_STOP_BA_MSK |
1518 (initiator << HT_AGG_STATE_INITIATOR_SHIFT); 1529 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1519 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1530 spin_unlock_bh(&sta->lock);
1520 1531
1521 /* stop HW Rx aggregation. ampdu_action existence 1532 /* stop HW Rx aggregation. ampdu_action existence
1522 * already verified in session init so we add the BUG_ON */ 1533 * already verified in session init so we add the BUG_ON */
@@ -1593,10 +1604,10 @@ static void ieee80211_sta_process_delba(struct net_device *dev,
1593 ieee80211_sta_stop_rx_ba_session(dev, sta->addr, tid, 1604 ieee80211_sta_stop_rx_ba_session(dev, sta->addr, tid,
1594 WLAN_BACK_INITIATOR, 0); 1605 WLAN_BACK_INITIATOR, 0);
1595 else { /* WLAN_BACK_RECIPIENT */ 1606 else { /* WLAN_BACK_RECIPIENT */
1596 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 1607 spin_lock_bh(&sta->lock);
1597 sta->ampdu_mlme.tid_state_tx[tid] = 1608 sta->ampdu_mlme.tid_state_tx[tid] =
1598 HT_AGG_STATE_OPERATIONAL; 1609 HT_AGG_STATE_OPERATIONAL;
1599 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1610 spin_unlock_bh(&sta->lock);
1600 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid, 1611 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1601 WLAN_BACK_RECIPIENT); 1612 WLAN_BACK_RECIPIENT);
1602 } 1613 }
@@ -1633,9 +1644,9 @@ void sta_addba_resp_timer_expired(unsigned long data)
1633 1644
1634 state = &sta->ampdu_mlme.tid_state_tx[tid]; 1645 state = &sta->ampdu_mlme.tid_state_tx[tid];
1635 /* check if the TID waits for addBA response */ 1646 /* check if the TID waits for addBA response */
1636 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 1647 spin_lock_bh(&sta->lock);
1637 if (!(*state & HT_ADDBA_REQUESTED_MSK)) { 1648 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1638 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1649 spin_unlock_bh(&sta->lock);
1639 *state = HT_AGG_STATE_IDLE; 1650 *state = HT_AGG_STATE_IDLE;
1640 printk(KERN_DEBUG "timer expired on tid %d but we are not " 1651 printk(KERN_DEBUG "timer expired on tid %d but we are not "
1641 "expecting addBA response there", tid); 1652 "expecting addBA response there", tid);
@@ -1646,7 +1657,7 @@ void sta_addba_resp_timer_expired(unsigned long data)
1646 1657
1647 /* go through the state check in stop_BA_session */ 1658 /* go through the state check in stop_BA_session */
1648 *state = HT_AGG_STATE_OPERATIONAL; 1659 *state = HT_AGG_STATE_OPERATIONAL;
1649 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 1660 spin_unlock_bh(&sta->lock);
1650 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid, 1661 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid,
1651 WLAN_BACK_INITIATOR); 1662 WLAN_BACK_INITIATOR);
1652 1663
@@ -1659,7 +1670,7 @@ timer_expired_exit:
1659 * resetting it after each frame that arrives from the originator. 1670 * resetting it after each frame that arrives from the originator.
1660 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed. 1671 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1661 */ 1672 */
1662void sta_rx_agg_session_timer_expired(unsigned long data) 1673static void sta_rx_agg_session_timer_expired(unsigned long data)
1663{ 1674{
1664 /* not an elegant detour, but there is no choice as the timer passes 1675 /* not an elegant detour, but there is no choice as the timer passes
1665 * only one argument, and various sta_info are needed here, so init 1676 * only one argument, and various sta_info are needed here, so init
@@ -1848,9 +1859,8 @@ static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
1848 " (reason=%d)\n", 1859 " (reason=%d)\n",
1849 dev->name, print_mac(mac, mgmt->sa), reason_code); 1860 dev->name, print_mac(mac, mgmt->sa), reason_code);
1850 1861
1851 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED) { 1862 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED)
1852 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name); 1863 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1853 }
1854 1864
1855 if (ifsta->state == IEEE80211_AUTHENTICATE || 1865 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1856 ifsta->state == IEEE80211_ASSOCIATE || 1866 ifsta->state == IEEE80211_ASSOCIATE ||
@@ -2013,8 +2023,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2013 local->hw.conf.channel->center_freq, 2023 local->hw.conf.channel->center_freq,
2014 ifsta->ssid, ifsta->ssid_len); 2024 ifsta->ssid, ifsta->ssid_len);
2015 if (bss) { 2025 if (bss) {
2016 sta->last_rssi = bss->rssi;
2017 sta->last_signal = bss->signal; 2026 sta->last_signal = bss->signal;
2027 sta->last_qual = bss->qual;
2018 sta->last_noise = bss->noise; 2028 sta->last_noise = bss->noise;
2019 ieee80211_rx_bss_put(dev, bss); 2029 ieee80211_rx_bss_put(dev, bss);
2020 } 2030 }
@@ -2038,8 +2048,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2038 * to between the sta_info_alloc() and sta_info_insert() above. 2048 * to between the sta_info_alloc() and sta_info_insert() above.
2039 */ 2049 */
2040 2050
2041 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP | 2051 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
2042 WLAN_STA_AUTHORIZED; 2052 WLAN_STA_AUTHORIZED);
2043 2053
2044 rates = 0; 2054 rates = 0;
2045 basic_rates = 0; 2055 basic_rates = 0;
@@ -2083,7 +2093,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2083 else 2093 else
2084 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 2094 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
2085 2095
2086 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param) { 2096 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
2097 (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2087 struct ieee80211_ht_bss_info bss_info; 2098 struct ieee80211_ht_bss_info bss_info;
2088 ieee80211_ht_cap_ie_to_ht_info( 2099 ieee80211_ht_cap_ie_to_ht_info(
2089 (struct ieee80211_ht_cap *) 2100 (struct ieee80211_ht_cap *)
@@ -2096,8 +2107,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2096 2107
2097 rate_control_rate_init(sta, local); 2108 rate_control_rate_init(sta, local);
2098 2109
2099 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) { 2110 if (elems.wmm_param) {
2100 sta->flags |= WLAN_STA_WME; 2111 set_sta_flags(sta, WLAN_STA_WME);
2101 rcu_read_unlock(); 2112 rcu_read_unlock();
2102 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param, 2113 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
2103 elems.wmm_param_len); 2114 elems.wmm_param_len);
@@ -2281,6 +2292,7 @@ static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
2281 kfree(bss->rsn_ie); 2292 kfree(bss->rsn_ie);
2282 kfree(bss->wmm_ie); 2293 kfree(bss->wmm_ie);
2283 kfree(bss->ht_ie); 2294 kfree(bss->ht_ie);
2295 kfree(bss->ht_add_ie);
2284 kfree(bss_mesh_id(bss)); 2296 kfree(bss_mesh_id(bss));
2285 kfree(bss_mesh_cfg(bss)); 2297 kfree(bss_mesh_cfg(bss));
2286 kfree(bss); 2298 kfree(bss);
@@ -2331,7 +2343,7 @@ static int ieee80211_sta_join_ibss(struct net_device *dev,
2331 int res, rates, i, j; 2343 int res, rates, i, j;
2332 struct sk_buff *skb; 2344 struct sk_buff *skb;
2333 struct ieee80211_mgmt *mgmt; 2345 struct ieee80211_mgmt *mgmt;
2334 struct ieee80211_tx_control control; 2346 struct ieee80211_tx_info *control;
2335 struct rate_selection ratesel; 2347 struct rate_selection ratesel;
2336 u8 *pos; 2348 u8 *pos;
2337 struct ieee80211_sub_if_data *sdata; 2349 struct ieee80211_sub_if_data *sdata;
@@ -2419,21 +2431,22 @@ static int ieee80211_sta_join_ibss(struct net_device *dev,
2419 memcpy(pos, &bss->supp_rates[8], rates); 2431 memcpy(pos, &bss->supp_rates[8], rates);
2420 } 2432 }
2421 2433
2422 memset(&control, 0, sizeof(control)); 2434 control = IEEE80211_SKB_CB(skb);
2435
2423 rate_control_get_rate(dev, sband, skb, &ratesel); 2436 rate_control_get_rate(dev, sband, skb, &ratesel);
2424 if (!ratesel.rate) { 2437 if (ratesel.rate_idx < 0) {
2425 printk(KERN_DEBUG "%s: Failed to determine TX rate " 2438 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2426 "for IBSS beacon\n", dev->name); 2439 "for IBSS beacon\n", dev->name);
2427 break; 2440 break;
2428 } 2441 }
2429 control.vif = &sdata->vif; 2442 control->control.vif = &sdata->vif;
2430 control.tx_rate = ratesel.rate; 2443 control->tx_rate_idx = ratesel.rate_idx;
2431 if (sdata->bss_conf.use_short_preamble && 2444 if (sdata->bss_conf.use_short_preamble &&
2432 ratesel.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 2445 sband->bitrates[ratesel.rate_idx].flags & IEEE80211_RATE_SHORT_PREAMBLE)
2433 control.flags |= IEEE80211_TXCTL_SHORT_PREAMBLE; 2446 control->flags |= IEEE80211_TX_CTL_SHORT_PREAMBLE;
2434 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx; 2447 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2435 control.flags |= IEEE80211_TXCTL_NO_ACK; 2448 control->flags |= IEEE80211_TX_CTL_NO_ACK;
2436 control.retry_limit = 1; 2449 control->control.retry_limit = 1;
2437 2450
2438 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC); 2451 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2439 if (ifsta->probe_resp) { 2452 if (ifsta->probe_resp) {
@@ -2448,8 +2461,7 @@ static int ieee80211_sta_join_ibss(struct net_device *dev,
2448 } 2461 }
2449 2462
2450 if (local->ops->beacon_update && 2463 if (local->ops->beacon_update &&
2451 local->ops->beacon_update(local_to_hw(local), 2464 local->ops->beacon_update(local_to_hw(local), skb) == 0) {
2452 skb, &control) == 0) {
2453 printk(KERN_DEBUG "%s: Configured IBSS beacon " 2465 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2454 "template\n", dev->name); 2466 "template\n", dev->name);
2455 skb = NULL; 2467 skb = NULL;
@@ -2657,6 +2669,26 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
2657 bss->ht_ie_len = 0; 2669 bss->ht_ie_len = 0;
2658 } 2670 }
2659 2671
2672 if (elems.ht_info_elem &&
2673 (!bss->ht_add_ie ||
2674 bss->ht_add_ie_len != elems.ht_info_elem_len ||
2675 memcmp(bss->ht_add_ie, elems.ht_info_elem,
2676 elems.ht_info_elem_len))) {
2677 kfree(bss->ht_add_ie);
2678 bss->ht_add_ie =
2679 kmalloc(elems.ht_info_elem_len + 2, GFP_ATOMIC);
2680 if (bss->ht_add_ie) {
2681 memcpy(bss->ht_add_ie, elems.ht_info_elem - 2,
2682 elems.ht_info_elem_len + 2);
2683 bss->ht_add_ie_len = elems.ht_info_elem_len + 2;
2684 } else
2685 bss->ht_add_ie_len = 0;
2686 } else if (!elems.ht_info_elem && bss->ht_add_ie) {
2687 kfree(bss->ht_add_ie);
2688 bss->ht_add_ie = NULL;
2689 bss->ht_add_ie_len = 0;
2690 }
2691
2660 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int); 2692 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
2661 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info); 2693 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
2662 2694
@@ -2682,9 +2714,9 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
2682 2714
2683 bss->timestamp = beacon_timestamp; 2715 bss->timestamp = beacon_timestamp;
2684 bss->last_update = jiffies; 2716 bss->last_update = jiffies;
2685 bss->rssi = rx_status->ssi;
2686 bss->signal = rx_status->signal; 2717 bss->signal = rx_status->signal;
2687 bss->noise = rx_status->noise; 2718 bss->noise = rx_status->noise;
2719 bss->qual = rx_status->qual;
2688 if (!beacon && !bss->probe_resp) 2720 if (!beacon && !bss->probe_resp)
2689 bss->probe_resp = true; 2721 bss->probe_resp = true;
2690 2722
@@ -2879,10 +2911,8 @@ static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
2879 2911
2880 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); 2912 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2881 2913
2882 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) { 2914 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
2883 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param, 2915 elems.wmm_param_len);
2884 elems.wmm_param_len);
2885 }
2886 2916
2887 /* Do not send changes to driver if we are scanning. This removes 2917 /* Do not send changes to driver if we are scanning. This removes
2888 * requirement that driver's bss_info_changed function needs to be 2918 * requirement that driver's bss_info_changed function needs to be
@@ -3478,9 +3508,9 @@ static int ieee80211_sta_config_auth(struct net_device *dev,
3478 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len)) 3508 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
3479 continue; 3509 continue;
3480 3510
3481 if (!selected || top_rssi < bss->rssi) { 3511 if (!selected || top_rssi < bss->signal) {
3482 selected = bss; 3512 selected = bss;
3483 top_rssi = bss->rssi; 3513 top_rssi = bss->signal;
3484 } 3514 }
3485 } 3515 }
3486 if (selected) 3516 if (selected)
@@ -3557,10 +3587,12 @@ static int ieee80211_sta_create_ibss(struct net_device *dev,
3557 bss->beacon_int = local->hw.conf.beacon_int; 3587 bss->beacon_int = local->hw.conf.beacon_int;
3558 bss->last_update = jiffies; 3588 bss->last_update = jiffies;
3559 bss->capability = WLAN_CAPABILITY_IBSS; 3589 bss->capability = WLAN_CAPABILITY_IBSS;
3560 if (sdata->default_key) { 3590
3591 if (sdata->default_key)
3561 bss->capability |= WLAN_CAPABILITY_PRIVACY; 3592 bss->capability |= WLAN_CAPABILITY_PRIVACY;
3562 } else 3593 else
3563 sdata->drop_unencrypted = 0; 3594 sdata->drop_unencrypted = 0;
3595
3564 bss->supp_rates_len = sband->n_bitrates; 3596 bss->supp_rates_len = sband->n_bitrates;
3565 pos = bss->supp_rates; 3597 pos = bss->supp_rates;
3566 for (i = 0; i < sband->n_bitrates; i++) { 3598 for (i = 0; i < sband->n_bitrates; i++) {
@@ -4114,8 +4146,8 @@ ieee80211_sta_scan_result(struct net_device *dev,
4114 IW_EV_FREQ_LEN); 4146 IW_EV_FREQ_LEN);
4115 memset(&iwe, 0, sizeof(iwe)); 4147 memset(&iwe, 0, sizeof(iwe));
4116 iwe.cmd = IWEVQUAL; 4148 iwe.cmd = IWEVQUAL;
4117 iwe.u.qual.qual = bss->signal; 4149 iwe.u.qual.qual = bss->qual;
4118 iwe.u.qual.level = bss->rssi; 4150 iwe.u.qual.level = bss->signal;
4119 iwe.u.qual.noise = bss->noise; 4151 iwe.u.qual.noise = bss->noise;
4120 iwe.u.qual.updated = local->wstats_flags; 4152 iwe.u.qual.updated = local->wstats_flags;
4121 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 4153 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
@@ -4146,6 +4178,14 @@ ieee80211_sta_scan_result(struct net_device *dev,
4146 bss->rsn_ie); 4178 bss->rsn_ie);
4147 } 4179 }
4148 4180
4181 if (bss && bss->ht_ie) {
4182 memset(&iwe, 0, sizeof(iwe));
4183 iwe.cmd = IWEVGENIE;
4184 iwe.u.data.length = bss->ht_ie_len;
4185 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4186 bss->ht_ie);
4187 }
4188
4149 if (bss && bss->supp_rates_len > 0) { 4189 if (bss && bss->supp_rates_len > 0) {
4150 /* display all supported rates in readable format */ 4190 /* display all supported rates in readable format */
4151 char *p = current_ev + IW_EV_LCP_LEN; 4191 char *p = current_ev + IW_EV_LCP_LEN;
@@ -4247,6 +4287,7 @@ int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
4247{ 4287{
4248 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 4288 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4249 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 4289 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4290
4250 kfree(ifsta->extra_ie); 4291 kfree(ifsta->extra_ie);
4251 if (len == 0) { 4292 if (len == 0) {
4252 ifsta->extra_ie = NULL; 4293 ifsta->extra_ie = NULL;
@@ -4264,9 +4305,9 @@ int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
4264} 4305}
4265 4306
4266 4307
4267struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev, 4308struct sta_info *ieee80211_ibss_add_sta(struct net_device *dev,
4268 struct sk_buff *skb, u8 *bssid, 4309 struct sk_buff *skb, u8 *bssid,
4269 u8 *addr) 4310 u8 *addr)
4270{ 4311{
4271 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 4312 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4272 struct sta_info *sta; 4313 struct sta_info *sta;
@@ -4290,7 +4331,7 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
4290 if (!sta) 4331 if (!sta)
4291 return NULL; 4332 return NULL;
4292 4333
4293 sta->flags |= WLAN_STA_AUTHORIZED; 4334 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
4294 4335
4295 sta->supp_rates[local->hw.conf.channel->band] = 4336 sta->supp_rates[local->hw.conf.channel->band] =
4296 sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band]; 4337 sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band];
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index 841df93807fc..0388c090dfe9 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -176,20 +176,24 @@ void rate_control_get_rate(struct net_device *dev,
176 rcu_read_lock(); 176 rcu_read_lock();
177 sta = sta_info_get(local, hdr->addr1); 177 sta = sta_info_get(local, hdr->addr1);
178 178
179 memset(sel, 0, sizeof(struct rate_selection)); 179 sel->rate_idx = -1;
180 sel->nonerp_idx = -1;
181 sel->probe_idx = -1;
180 182
181 ref->ops->get_rate(ref->priv, dev, sband, skb, sel); 183 ref->ops->get_rate(ref->priv, dev, sband, skb, sel);
182 184
185 BUG_ON(sel->rate_idx < 0);
186
183 /* Select a non-ERP backup rate. */ 187 /* Select a non-ERP backup rate. */
184 if (!sel->nonerp) { 188 if (sel->nonerp_idx < 0) {
185 for (i = 0; i < sband->n_bitrates; i++) { 189 for (i = 0; i < sband->n_bitrates; i++) {
186 struct ieee80211_rate *rate = &sband->bitrates[i]; 190 struct ieee80211_rate *rate = &sband->bitrates[i];
187 if (sel->rate->bitrate < rate->bitrate) 191 if (sband->bitrates[sel->rate_idx].bitrate < rate->bitrate)
188 break; 192 break;
189 193
190 if (rate_supported(sta, sband->band, i) && 194 if (rate_supported(sta, sband->band, i) &&
191 !(rate->flags & IEEE80211_RATE_ERP_G)) 195 !(rate->flags & IEEE80211_RATE_ERP_G))
192 sel->nonerp = rate; 196 sel->nonerp_idx = i;
193 } 197 }
194 } 198 }
195 199
diff --git a/net/mac80211/rate.h b/net/mac80211/rate.h
index 5b45f33cb766..0ed9c8a2f56f 100644
--- a/net/mac80211/rate.h
+++ b/net/mac80211/rate.h
@@ -19,22 +19,22 @@
19#include "ieee80211_i.h" 19#include "ieee80211_i.h"
20#include "sta_info.h" 20#include "sta_info.h"
21 21
22/* TODO: kdoc */ 22/**
23 * struct rate_selection - rate selection for rate control algos
24 * @rate: selected transmission rate index
25 * @nonerp: Non-ERP rate to use instead if ERP cannot be used
26 * @probe: rate for probing (or -1)
27 *
28 */
23struct rate_selection { 29struct rate_selection {
24 /* Selected transmission rate */ 30 s8 rate_idx, nonerp_idx, probe_idx;
25 struct ieee80211_rate *rate;
26 /* Non-ERP rate to use if mac80211 decides it cannot use an ERP rate */
27 struct ieee80211_rate *nonerp;
28 /* probe with this rate, or NULL for no probing */
29 struct ieee80211_rate *probe;
30}; 31};
31 32
32struct rate_control_ops { 33struct rate_control_ops {
33 struct module *module; 34 struct module *module;
34 const char *name; 35 const char *name;
35 void (*tx_status)(void *priv, struct net_device *dev, 36 void (*tx_status)(void *priv, struct net_device *dev,
36 struct sk_buff *skb, 37 struct sk_buff *skb);
37 struct ieee80211_tx_status *status);
38 void (*get_rate)(void *priv, struct net_device *dev, 38 void (*get_rate)(void *priv, struct net_device *dev,
39 struct ieee80211_supported_band *band, 39 struct ieee80211_supported_band *band,
40 struct sk_buff *skb, 40 struct sk_buff *skb,
@@ -76,13 +76,12 @@ struct rate_control_ref *rate_control_get(struct rate_control_ref *ref);
76void rate_control_put(struct rate_control_ref *ref); 76void rate_control_put(struct rate_control_ref *ref);
77 77
78static inline void rate_control_tx_status(struct net_device *dev, 78static inline void rate_control_tx_status(struct net_device *dev,
79 struct sk_buff *skb, 79 struct sk_buff *skb)
80 struct ieee80211_tx_status *status)
81{ 80{
82 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 81 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
83 struct rate_control_ref *ref = local->rate_ctrl; 82 struct rate_control_ref *ref = local->rate_ctrl;
84 83
85 ref->ops->tx_status(ref->priv, dev, skb, status); 84 ref->ops->tx_status(ref->priv, dev, skb);
86} 85}
87 86
88 87
@@ -138,7 +137,7 @@ static inline int rate_supported(struct sta_info *sta,
138 return (sta == NULL || sta->supp_rates[band] & BIT(index)); 137 return (sta == NULL || sta->supp_rates[band] & BIT(index));
139} 138}
140 139
141static inline int 140static inline s8
142rate_lowest_index(struct ieee80211_local *local, 141rate_lowest_index(struct ieee80211_local *local,
143 struct ieee80211_supported_band *sband, 142 struct ieee80211_supported_band *sband,
144 struct sta_info *sta) 143 struct sta_info *sta)
@@ -155,14 +154,6 @@ rate_lowest_index(struct ieee80211_local *local,
155 return 0; 154 return 0;
156} 155}
157 156
158static inline struct ieee80211_rate *
159rate_lowest(struct ieee80211_local *local,
160 struct ieee80211_supported_band *sband,
161 struct sta_info *sta)
162{
163 return &sband->bitrates[rate_lowest_index(local, sband, sta)];
164}
165
166 157
167/* functions for rate control related to a device */ 158/* functions for rate control related to a device */
168int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local, 159int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
diff --git a/net/mac80211/rc80211_pid.h b/net/mac80211/rc80211_pid.h
index 04afc13ed825..2078803d3581 100644
--- a/net/mac80211/rc80211_pid.h
+++ b/net/mac80211/rc80211_pid.h
@@ -61,7 +61,7 @@ enum rc_pid_event_type {
61union rc_pid_event_data { 61union rc_pid_event_data {
62 /* RC_PID_EVENT_TX_STATUS */ 62 /* RC_PID_EVENT_TX_STATUS */
63 struct { 63 struct {
64 struct ieee80211_tx_status tx_status; 64 struct ieee80211_tx_info tx_status;
65 }; 65 };
66 /* RC_PID_EVENT_TYPE_RATE_CHANGE */ 66 /* RC_PID_EVENT_TYPE_RATE_CHANGE */
67 /* RC_PID_EVENT_TYPE_TX_RATE */ 67 /* RC_PID_EVENT_TYPE_TX_RATE */
@@ -158,7 +158,7 @@ struct rc_pid_debugfs_entries {
158}; 158};
159 159
160void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf, 160void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf,
161 struct ieee80211_tx_status *stat); 161 struct ieee80211_tx_info *stat);
162 162
163void rate_control_pid_event_rate_change(struct rc_pid_event_buffer *buf, 163void rate_control_pid_event_rate_change(struct rc_pid_event_buffer *buf,
164 int index, int rate); 164 int index, int rate);
diff --git a/net/mac80211/rc80211_pid_algo.c b/net/mac80211/rc80211_pid_algo.c
index a849b745bdb5..e8945413e4a2 100644
--- a/net/mac80211/rc80211_pid_algo.c
+++ b/net/mac80211/rc80211_pid_algo.c
@@ -237,8 +237,7 @@ static void rate_control_pid_sample(struct rc_pid_info *pinfo,
237} 237}
238 238
239static void rate_control_pid_tx_status(void *priv, struct net_device *dev, 239static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
240 struct sk_buff *skb, 240 struct sk_buff *skb)
241 struct ieee80211_tx_status *status)
242{ 241{
243 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 242 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
244 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 243 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -248,6 +247,7 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
248 struct rc_pid_sta_info *spinfo; 247 struct rc_pid_sta_info *spinfo;
249 unsigned long period; 248 unsigned long period;
250 struct ieee80211_supported_band *sband; 249 struct ieee80211_supported_band *sband;
250 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
251 251
252 rcu_read_lock(); 252 rcu_read_lock();
253 253
@@ -266,28 +266,28 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
266 266
267 /* Ignore all frames that were sent with a different rate than the rate 267 /* Ignore all frames that were sent with a different rate than the rate
268 * we currently advise mac80211 to use. */ 268 * we currently advise mac80211 to use. */
269 if (status->control.tx_rate != &sband->bitrates[sta->txrate_idx]) 269 if (info->tx_rate_idx != sta->txrate_idx)
270 goto unlock; 270 goto unlock;
271 271
272 spinfo = sta->rate_ctrl_priv; 272 spinfo = sta->rate_ctrl_priv;
273 spinfo->tx_num_xmit++; 273 spinfo->tx_num_xmit++;
274 274
275#ifdef CONFIG_MAC80211_DEBUGFS 275#ifdef CONFIG_MAC80211_DEBUGFS
276 rate_control_pid_event_tx_status(&spinfo->events, status); 276 rate_control_pid_event_tx_status(&spinfo->events, info);
277#endif 277#endif
278 278
279 /* We count frames that totally failed to be transmitted as two bad 279 /* We count frames that totally failed to be transmitted as two bad
280 * frames, those that made it out but had some retries as one good and 280 * frames, those that made it out but had some retries as one good and
281 * one bad frame. */ 281 * one bad frame. */
282 if (status->excessive_retries) { 282 if (info->status.excessive_retries) {
283 spinfo->tx_num_failed += 2; 283 spinfo->tx_num_failed += 2;
284 spinfo->tx_num_xmit++; 284 spinfo->tx_num_xmit++;
285 } else if (status->retry_count) { 285 } else if (info->status.retry_count) {
286 spinfo->tx_num_failed++; 286 spinfo->tx_num_failed++;
287 spinfo->tx_num_xmit++; 287 spinfo->tx_num_xmit++;
288 } 288 }
289 289
290 if (status->excessive_retries) { 290 if (info->status.excessive_retries) {
291 sta->tx_retry_failed++; 291 sta->tx_retry_failed++;
292 sta->tx_num_consecutive_failures++; 292 sta->tx_num_consecutive_failures++;
293 sta->tx_num_mpdu_fail++; 293 sta->tx_num_mpdu_fail++;
@@ -295,8 +295,8 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
295 sta->tx_num_consecutive_failures = 0; 295 sta->tx_num_consecutive_failures = 0;
296 sta->tx_num_mpdu_ok++; 296 sta->tx_num_mpdu_ok++;
297 } 297 }
298 sta->tx_retry_count += status->retry_count; 298 sta->tx_retry_count += info->status.retry_count;
299 sta->tx_num_mpdu_fail += status->retry_count; 299 sta->tx_num_mpdu_fail += info->status.retry_count;
300 300
301 /* Update PID controller state. */ 301 /* Update PID controller state. */
302 period = (HZ * pinfo->sampling_period + 500) / 1000; 302 period = (HZ * pinfo->sampling_period + 500) / 1000;
@@ -330,7 +330,7 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
330 fc = le16_to_cpu(hdr->frame_control); 330 fc = le16_to_cpu(hdr->frame_control);
331 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || 331 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
332 is_multicast_ether_addr(hdr->addr1) || !sta) { 332 is_multicast_ether_addr(hdr->addr1) || !sta) {
333 sel->rate = rate_lowest(local, sband, sta); 333 sel->rate_idx = rate_lowest_index(local, sband, sta);
334 rcu_read_unlock(); 334 rcu_read_unlock();
335 return; 335 return;
336 } 336 }
@@ -349,7 +349,7 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
349 349
350 rcu_read_unlock(); 350 rcu_read_unlock();
351 351
352 sel->rate = &sband->bitrates[rateidx]; 352 sel->rate_idx = rateidx;
353 353
354#ifdef CONFIG_MAC80211_DEBUGFS 354#ifdef CONFIG_MAC80211_DEBUGFS
355 rate_control_pid_event_tx_rate( 355 rate_control_pid_event_tx_rate(
diff --git a/net/mac80211/rc80211_pid_debugfs.c b/net/mac80211/rc80211_pid_debugfs.c
index ff5c380f3c13..8121d3bc6835 100644
--- a/net/mac80211/rc80211_pid_debugfs.c
+++ b/net/mac80211/rc80211_pid_debugfs.c
@@ -39,11 +39,11 @@ static void rate_control_pid_event(struct rc_pid_event_buffer *buf,
39} 39}
40 40
41void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf, 41void rate_control_pid_event_tx_status(struct rc_pid_event_buffer *buf,
42 struct ieee80211_tx_status *stat) 42 struct ieee80211_tx_info *stat)
43{ 43{
44 union rc_pid_event_data evd; 44 union rc_pid_event_data evd;
45 45
46 memcpy(&evd.tx_status, stat, sizeof(struct ieee80211_tx_status)); 46 memcpy(&evd.tx_status, stat, sizeof(struct ieee80211_tx_info));
47 rate_control_pid_event(buf, RC_PID_EVENT_TYPE_TX_STATUS, &evd); 47 rate_control_pid_event(buf, RC_PID_EVENT_TYPE_TX_STATUS, &evd);
48} 48}
49 49
@@ -167,8 +167,8 @@ static ssize_t rate_control_pid_events_read(struct file *file, char __user *buf,
167 switch (ev->type) { 167 switch (ev->type) {
168 case RC_PID_EVENT_TYPE_TX_STATUS: 168 case RC_PID_EVENT_TYPE_TX_STATUS:
169 p += snprintf(pb + p, length - p, "tx_status %u %u", 169 p += snprintf(pb + p, length - p, "tx_status %u %u",
170 ev->data.tx_status.excessive_retries, 170 ev->data.tx_status.status.excessive_retries,
171 ev->data.tx_status.retry_count); 171 ev->data.tx_status.status.retry_count);
172 break; 172 break;
173 case RC_PID_EVENT_TYPE_RATE_CHANGE: 173 case RC_PID_EVENT_TYPE_RATE_CHANGE:
174 p += snprintf(pb + p, length - p, "rate_change %d %d", 174 p += snprintf(pb + p, length - p, "rate_change %d %d",
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 0941e5d6a522..a3643fd86af9 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -77,6 +77,134 @@ static inline int should_drop_frame(struct ieee80211_rx_status *status,
77 return 0; 77 return 0;
78} 78}
79 79
80static int
81ieee80211_rx_radiotap_len(struct ieee80211_local *local,
82 struct ieee80211_rx_status *status)
83{
84 int len;
85
86 /* always present fields */
87 len = sizeof(struct ieee80211_radiotap_header) + 9;
88
89 if (status->flag & RX_FLAG_TSFT)
90 len += 8;
91 if (local->hw.flags & IEEE80211_HW_SIGNAL_DB ||
92 local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
93 len += 1;
94 if (local->hw.flags & IEEE80211_HW_NOISE_DBM)
95 len += 1;
96
97 if (len & 1) /* padding for RX_FLAGS if necessary */
98 len++;
99
100 /* make sure radiotap starts at a naturally aligned address */
101 if (len % 8)
102 len = roundup(len, 8);
103
104 return len;
105}
106
107/**
108 * ieee80211_add_rx_radiotap_header - add radiotap header
109 *
110 * add a radiotap header containing all the fields which the hardware provided.
111 */
112static void
113ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
114 struct sk_buff *skb,
115 struct ieee80211_rx_status *status,
116 struct ieee80211_rate *rate,
117 int rtap_len)
118{
119 struct ieee80211_radiotap_header *rthdr;
120 unsigned char *pos;
121
122 rthdr = (struct ieee80211_radiotap_header *)skb_push(skb, rtap_len);
123 memset(rthdr, 0, rtap_len);
124
125 /* radiotap header, set always present flags */
126 rthdr->it_present =
127 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
128 (1 << IEEE80211_RADIOTAP_RATE) |
129 (1 << IEEE80211_RADIOTAP_CHANNEL) |
130 (1 << IEEE80211_RADIOTAP_ANTENNA) |
131 (1 << IEEE80211_RADIOTAP_RX_FLAGS));
132 rthdr->it_len = cpu_to_le16(rtap_len);
133
134 pos = (unsigned char *)(rthdr+1);
135
136 /* the order of the following fields is important */
137
138 /* IEEE80211_RADIOTAP_TSFT */
139 if (status->flag & RX_FLAG_TSFT) {
140 *(__le64 *)pos = cpu_to_le64(status->mactime);
141 rthdr->it_present |=
142 cpu_to_le32(1 << IEEE80211_RADIOTAP_TSFT);
143 pos += 8;
144 }
145
146 /* IEEE80211_RADIOTAP_FLAGS */
147 if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS)
148 *pos |= IEEE80211_RADIOTAP_F_FCS;
149 pos++;
150
151 /* IEEE80211_RADIOTAP_RATE */
152 *pos = rate->bitrate / 5;
153 pos++;
154
155 /* IEEE80211_RADIOTAP_CHANNEL */
156 *(__le16 *)pos = cpu_to_le16(status->freq);
157 pos += 2;
158 if (status->band == IEEE80211_BAND_5GHZ)
159 *(__le16 *)pos = cpu_to_le16(IEEE80211_CHAN_OFDM |
160 IEEE80211_CHAN_5GHZ);
161 else
162 *(__le16 *)pos = cpu_to_le16(IEEE80211_CHAN_DYN |
163 IEEE80211_CHAN_2GHZ);
164 pos += 2;
165
166 /* IEEE80211_RADIOTAP_DBM_ANTSIGNAL */
167 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {
168 *pos = status->signal;
169 rthdr->it_present |=
170 cpu_to_le32(1 << IEEE80211_RADIOTAP_DBM_ANTSIGNAL);
171 pos++;
172 }
173
174 /* IEEE80211_RADIOTAP_DBM_ANTNOISE */
175 if (local->hw.flags & IEEE80211_HW_NOISE_DBM) {
176 *pos = status->noise;
177 rthdr->it_present |=
178 cpu_to_le32(1 << IEEE80211_RADIOTAP_DBM_ANTNOISE);
179 pos++;
180 }
181
182 /* IEEE80211_RADIOTAP_LOCK_QUALITY is missing */
183
184 /* IEEE80211_RADIOTAP_ANTENNA */
185 *pos = status->antenna;
186 pos++;
187
188 /* IEEE80211_RADIOTAP_DB_ANTSIGNAL */
189 if (local->hw.flags & IEEE80211_HW_SIGNAL_DB) {
190 *pos = status->signal;
191 rthdr->it_present |=
192 cpu_to_le32(1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL);
193 pos++;
194 }
195
196 /* IEEE80211_RADIOTAP_DB_ANTNOISE is not used */
197
198 /* IEEE80211_RADIOTAP_RX_FLAGS */
199 /* ensure 2 byte alignment for the 2 byte field as required */
200 if ((pos - (unsigned char *)rthdr) & 1)
201 pos++;
202 /* FIXME: when radiotap gets a 'bad PLCP' flag use it here */
203 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC))
204 *(__le16 *)pos |= cpu_to_le16(IEEE80211_RADIOTAP_F_RX_BADFCS);
205 pos += 2;
206}
207
80/* 208/*
81 * This function copies a received frame to all monitor interfaces and 209 * This function copies a received frame to all monitor interfaces and
82 * returns a cleaned-up SKB that no longer includes the FCS nor the 210 * returns a cleaned-up SKB that no longer includes the FCS nor the
@@ -89,17 +217,6 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
89{ 217{
90 struct ieee80211_sub_if_data *sdata; 218 struct ieee80211_sub_if_data *sdata;
91 int needed_headroom = 0; 219 int needed_headroom = 0;
92 struct ieee80211_radiotap_header *rthdr;
93 __le64 *rttsft = NULL;
94 struct ieee80211_rtap_fixed_data {
95 u8 flags;
96 u8 rate;
97 __le16 chan_freq;
98 __le16 chan_flags;
99 u8 antsignal;
100 u8 padding_for_rxflags;
101 __le16 rx_flags;
102 } __attribute__ ((packed)) *rtfixed;
103 struct sk_buff *skb, *skb2; 220 struct sk_buff *skb, *skb2;
104 struct net_device *prev_dev = NULL; 221 struct net_device *prev_dev = NULL;
105 int present_fcs_len = 0; 222 int present_fcs_len = 0;
@@ -116,8 +233,8 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
116 if (status->flag & RX_FLAG_RADIOTAP) 233 if (status->flag & RX_FLAG_RADIOTAP)
117 rtap_len = ieee80211_get_radiotap_len(origskb->data); 234 rtap_len = ieee80211_get_radiotap_len(origskb->data);
118 else 235 else
119 /* room for radiotap header, always present fields and TSFT */ 236 /* room for the radiotap header based on driver features */
120 needed_headroom = sizeof(*rthdr) + sizeof(*rtfixed) + 8; 237 needed_headroom = ieee80211_rx_radiotap_len(local, status);
121 238
122 if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) 239 if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS)
123 present_fcs_len = FCS_LEN; 240 present_fcs_len = FCS_LEN;
@@ -163,55 +280,9 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
163 } 280 }
164 281
165 /* if necessary, prepend radiotap information */ 282 /* if necessary, prepend radiotap information */
166 if (!(status->flag & RX_FLAG_RADIOTAP)) { 283 if (!(status->flag & RX_FLAG_RADIOTAP))
167 rtfixed = (void *) skb_push(skb, sizeof(*rtfixed)); 284 ieee80211_add_rx_radiotap_header(local, skb, status, rate,
168 rtap_len = sizeof(*rthdr) + sizeof(*rtfixed); 285 needed_headroom);
169 if (status->flag & RX_FLAG_TSFT) {
170 rttsft = (void *) skb_push(skb, sizeof(*rttsft));
171 rtap_len += 8;
172 }
173 rthdr = (void *) skb_push(skb, sizeof(*rthdr));
174 memset(rthdr, 0, sizeof(*rthdr));
175 memset(rtfixed, 0, sizeof(*rtfixed));
176 rthdr->it_present =
177 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
178 (1 << IEEE80211_RADIOTAP_RATE) |
179 (1 << IEEE80211_RADIOTAP_CHANNEL) |
180 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL) |
181 (1 << IEEE80211_RADIOTAP_RX_FLAGS));
182 rtfixed->flags = 0;
183 if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS)
184 rtfixed->flags |= IEEE80211_RADIOTAP_F_FCS;
185
186 if (rttsft) {
187 *rttsft = cpu_to_le64(status->mactime);
188 rthdr->it_present |=
189 cpu_to_le32(1 << IEEE80211_RADIOTAP_TSFT);
190 }
191
192 /* FIXME: when radiotap gets a 'bad PLCP' flag use it here */
193 rtfixed->rx_flags = 0;
194 if (status->flag &
195 (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC))
196 rtfixed->rx_flags |=
197 cpu_to_le16(IEEE80211_RADIOTAP_F_RX_BADFCS);
198
199 rtfixed->rate = rate->bitrate / 5;
200
201 rtfixed->chan_freq = cpu_to_le16(status->freq);
202
203 if (status->band == IEEE80211_BAND_5GHZ)
204 rtfixed->chan_flags =
205 cpu_to_le16(IEEE80211_CHAN_OFDM |
206 IEEE80211_CHAN_5GHZ);
207 else
208 rtfixed->chan_flags =
209 cpu_to_le16(IEEE80211_CHAN_DYN |
210 IEEE80211_CHAN_2GHZ);
211
212 rtfixed->antsignal = status->ssi;
213 rthdr->it_len = cpu_to_le16(rtap_len);
214 }
215 286
216 skb_reset_mac_header(skb); 287 skb_reset_mac_header(skb);
217 skb->ip_summed = CHECKSUM_UNNECESSARY; 288 skb->ip_summed = CHECKSUM_UNNECESSARY;
@@ -275,11 +346,6 @@ static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
275 } 346 }
276 } 347 }
277 348
278 I802_DEBUG_INC(rx->local->wme_rx_queue[tid]);
279 /* only a debug counter, sta might not be assigned properly yet */
280 if (rx->sta)
281 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]);
282
283 rx->queue = tid; 349 rx->queue = tid;
284 /* Set skb->priority to 1d tag if highest order bit of TID is not set. 350 /* Set skb->priority to 1d tag if highest order bit of TID is not set.
285 * For now, set skb->priority to 0 for other cases. */ 351 * For now, set skb->priority to 0 for other cases. */
@@ -321,51 +387,9 @@ static void ieee80211_verify_ip_alignment(struct ieee80211_rx_data *rx)
321} 387}
322 388
323 389
324static u32 ieee80211_rx_load_stats(struct ieee80211_local *local,
325 struct sk_buff *skb,
326 struct ieee80211_rx_status *status,
327 struct ieee80211_rate *rate)
328{
329 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
330 u32 load = 0, hdrtime;
331
332 /* Estimate total channel use caused by this frame */
333
334 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
335 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
336
337 if (status->band == IEEE80211_BAND_5GHZ ||
338 (status->band == IEEE80211_BAND_5GHZ &&
339 rate->flags & IEEE80211_RATE_ERP_G))
340 hdrtime = CHAN_UTIL_HDR_SHORT;
341 else
342 hdrtime = CHAN_UTIL_HDR_LONG;
343
344 load = hdrtime;
345 if (!is_multicast_ether_addr(hdr->addr1))
346 load += hdrtime;
347
348 /* TODO: optimise again */
349 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate;
350
351 /* Divide channel_use by 8 to avoid wrapping around the counter */
352 load >>= CHAN_UTIL_SHIFT;
353
354 return load;
355}
356
357/* rx handlers */ 390/* rx handlers */
358 391
359static ieee80211_rx_result 392static ieee80211_rx_result
360ieee80211_rx_h_if_stats(struct ieee80211_rx_data *rx)
361{
362 if (rx->sta)
363 rx->sta->channel_use_raw += rx->load;
364 rx->sdata->channel_use_raw += rx->load;
365 return RX_CONTINUE;
366}
367
368static ieee80211_rx_result
369ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx) 393ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
370{ 394{
371 struct ieee80211_local *local = rx->local; 395 struct ieee80211_local *local = rx->local;
@@ -484,7 +508,7 @@ ieee80211_rx_h_check(struct ieee80211_rx_data *rx)
484 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL && 508 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
485 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) && 509 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
486 rx->sdata->vif.type != IEEE80211_IF_TYPE_IBSS && 510 rx->sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
487 (!rx->sta || !(rx->sta->flags & WLAN_STA_ASSOC)))) { 511 (!rx->sta || !test_sta_flags(rx->sta, WLAN_STA_ASSOC)))) {
488 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) && 512 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
489 !(rx->fc & IEEE80211_FCTL_TODS) && 513 !(rx->fc & IEEE80211_FCTL_TODS) &&
490 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) 514 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
@@ -635,8 +659,7 @@ static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
635 659
636 if (sdata->bss) 660 if (sdata->bss)
637 atomic_inc(&sdata->bss->num_sta_ps); 661 atomic_inc(&sdata->bss->num_sta_ps);
638 sta->flags |= WLAN_STA_PS; 662 set_and_clear_sta_flags(sta, WLAN_STA_PS, WLAN_STA_PSPOLL);
639 sta->flags &= ~WLAN_STA_PSPOLL;
640#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 663#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
641 printk(KERN_DEBUG "%s: STA %s aid %d enters power save mode\n", 664 printk(KERN_DEBUG "%s: STA %s aid %d enters power save mode\n",
642 dev->name, print_mac(mac, sta->addr), sta->aid); 665 dev->name, print_mac(mac, sta->addr), sta->aid);
@@ -649,7 +672,7 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
649 struct sk_buff *skb; 672 struct sk_buff *skb;
650 int sent = 0; 673 int sent = 0;
651 struct ieee80211_sub_if_data *sdata; 674 struct ieee80211_sub_if_data *sdata;
652 struct ieee80211_tx_packet_data *pkt_data; 675 struct ieee80211_tx_info *info;
653 DECLARE_MAC_BUF(mac); 676 DECLARE_MAC_BUF(mac);
654 677
655 sdata = sta->sdata; 678 sdata = sta->sdata;
@@ -657,7 +680,7 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
657 if (sdata->bss) 680 if (sdata->bss)
658 atomic_dec(&sdata->bss->num_sta_ps); 681 atomic_dec(&sdata->bss->num_sta_ps);
659 682
660 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_PSPOLL); 683 clear_sta_flags(sta, WLAN_STA_PS | WLAN_STA_PSPOLL);
661 684
662 if (!skb_queue_empty(&sta->ps_tx_buf)) 685 if (!skb_queue_empty(&sta->ps_tx_buf))
663 sta_info_clear_tim_bit(sta); 686 sta_info_clear_tim_bit(sta);
@@ -669,13 +692,13 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
669 692
670 /* Send all buffered frames to the station */ 693 /* Send all buffered frames to the station */
671 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 694 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
672 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 695 info = IEEE80211_SKB_CB(skb);
673 sent++; 696 sent++;
674 pkt_data->flags |= IEEE80211_TXPD_REQUEUE; 697 info->flags |= IEEE80211_TX_CTL_REQUEUE;
675 dev_queue_xmit(skb); 698 dev_queue_xmit(skb);
676 } 699 }
677 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 700 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
678 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 701 info = IEEE80211_SKB_CB(skb);
679 local->total_ps_buffered--; 702 local->total_ps_buffered--;
680 sent++; 703 sent++;
681#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 704#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
@@ -683,7 +706,7 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
683 "since STA not sleeping anymore\n", dev->name, 706 "since STA not sleeping anymore\n", dev->name,
684 print_mac(mac, sta->addr), sta->aid); 707 print_mac(mac, sta->addr), sta->aid);
685#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 708#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
686 pkt_data->flags |= IEEE80211_TXPD_REQUEUE; 709 info->flags |= IEEE80211_TX_CTL_REQUEUE;
687 dev_queue_xmit(skb); 710 dev_queue_xmit(skb);
688 } 711 }
689 712
@@ -725,16 +748,17 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
725 748
726 sta->rx_fragments++; 749 sta->rx_fragments++;
727 sta->rx_bytes += rx->skb->len; 750 sta->rx_bytes += rx->skb->len;
728 sta->last_rssi = rx->status->ssi;
729 sta->last_signal = rx->status->signal; 751 sta->last_signal = rx->status->signal;
752 sta->last_qual = rx->status->qual;
730 sta->last_noise = rx->status->noise; 753 sta->last_noise = rx->status->noise;
731 754
732 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) { 755 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
733 /* Change STA power saving mode only in the end of a frame 756 /* Change STA power saving mode only in the end of a frame
734 * exchange sequence */ 757 * exchange sequence */
735 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM)) 758 if (test_sta_flags(sta, WLAN_STA_PS) &&
759 !(rx->fc & IEEE80211_FCTL_PM))
736 rx->sent_ps_buffered += ap_sta_ps_end(dev, sta); 760 rx->sent_ps_buffered += ap_sta_ps_end(dev, sta);
737 else if (!(sta->flags & WLAN_STA_PS) && 761 else if (!test_sta_flags(sta, WLAN_STA_PS) &&
738 (rx->fc & IEEE80211_FCTL_PM)) 762 (rx->fc & IEEE80211_FCTL_PM))
739 ap_sta_ps_start(dev, sta); 763 ap_sta_ps_start(dev, sta);
740 } 764 }
@@ -988,7 +1012,7 @@ ieee80211_rx_h_ps_poll(struct ieee80211_rx_data *rx)
988 * Tell TX path to send one frame even though the STA may 1012 * Tell TX path to send one frame even though the STA may
989 * still remain is PS mode after this frame exchange. 1013 * still remain is PS mode after this frame exchange.
990 */ 1014 */
991 rx->sta->flags |= WLAN_STA_PSPOLL; 1015 set_sta_flags(rx->sta, WLAN_STA_PSPOLL);
992 1016
993#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 1017#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
994 printk(KERN_DEBUG "STA %s aid %d: PS Poll (entries after %d)\n", 1018 printk(KERN_DEBUG "STA %s aid %d: PS Poll (entries after %d)\n",
@@ -1051,7 +1075,8 @@ ieee80211_rx_h_remove_qos_control(struct ieee80211_rx_data *rx)
1051static int 1075static int
1052ieee80211_802_1x_port_control(struct ieee80211_rx_data *rx) 1076ieee80211_802_1x_port_control(struct ieee80211_rx_data *rx)
1053{ 1077{
1054 if (unlikely(!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED))) { 1078 if (unlikely(!rx->sta ||
1079 !test_sta_flags(rx->sta, WLAN_STA_AUTHORIZED))) {
1055#ifdef CONFIG_MAC80211_DEBUG 1080#ifdef CONFIG_MAC80211_DEBUG
1056 if (net_ratelimit()) 1081 if (net_ratelimit())
1057 printk(KERN_DEBUG "%s: dropped frame " 1082 printk(KERN_DEBUG "%s: dropped frame "
@@ -1713,7 +1738,6 @@ static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx)
1713typedef ieee80211_rx_result (*ieee80211_rx_handler)(struct ieee80211_rx_data *); 1738typedef ieee80211_rx_result (*ieee80211_rx_handler)(struct ieee80211_rx_data *);
1714static ieee80211_rx_handler ieee80211_rx_handlers[] = 1739static ieee80211_rx_handler ieee80211_rx_handlers[] =
1715{ 1740{
1716 ieee80211_rx_h_if_stats,
1717 ieee80211_rx_h_passive_scan, 1741 ieee80211_rx_h_passive_scan,
1718 ieee80211_rx_h_check, 1742 ieee80211_rx_h_check,
1719 ieee80211_rx_h_decrypt, 1743 ieee80211_rx_h_decrypt,
@@ -1872,7 +1896,6 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1872static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, 1896static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1873 struct sk_buff *skb, 1897 struct sk_buff *skb,
1874 struct ieee80211_rx_status *status, 1898 struct ieee80211_rx_status *status,
1875 u32 load,
1876 struct ieee80211_rate *rate) 1899 struct ieee80211_rate *rate)
1877{ 1900{
1878 struct ieee80211_local *local = hw_to_local(hw); 1901 struct ieee80211_local *local = hw_to_local(hw);
@@ -1891,7 +1914,6 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1891 rx.local = local; 1914 rx.local = local;
1892 1915
1893 rx.status = status; 1916 rx.status = status;
1894 rx.load = load;
1895 rx.rate = rate; 1917 rx.rate = rate;
1896 rx.fc = le16_to_cpu(hdr->frame_control); 1918 rx.fc = le16_to_cpu(hdr->frame_control);
1897 type = rx.fc & IEEE80211_FCTL_FTYPE; 1919 type = rx.fc & IEEE80211_FCTL_FTYPE;
@@ -2000,7 +2022,6 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2000 struct ieee80211_rx_status status; 2022 struct ieee80211_rx_status status;
2001 u16 head_seq_num, buf_size; 2023 u16 head_seq_num, buf_size;
2002 int index; 2024 int index;
2003 u32 pkt_load;
2004 struct ieee80211_supported_band *sband; 2025 struct ieee80211_supported_band *sband;
2005 struct ieee80211_rate *rate; 2026 struct ieee80211_rate *rate;
2006 2027
@@ -2035,12 +2056,9 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2035 sizeof(status)); 2056 sizeof(status));
2036 sband = local->hw.wiphy->bands[status.band]; 2057 sband = local->hw.wiphy->bands[status.band];
2037 rate = &sband->bitrates[status.rate_idx]; 2058 rate = &sband->bitrates[status.rate_idx];
2038 pkt_load = ieee80211_rx_load_stats(local,
2039 tid_agg_rx->reorder_buf[index],
2040 &status, rate);
2041 __ieee80211_rx_handle_packet(hw, 2059 __ieee80211_rx_handle_packet(hw,
2042 tid_agg_rx->reorder_buf[index], 2060 tid_agg_rx->reorder_buf[index],
2043 &status, pkt_load, rate); 2061 &status, rate);
2044 tid_agg_rx->stored_mpdu_num--; 2062 tid_agg_rx->stored_mpdu_num--;
2045 tid_agg_rx->reorder_buf[index] = NULL; 2063 tid_agg_rx->reorder_buf[index] = NULL;
2046 } 2064 }
@@ -2082,11 +2100,8 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2082 sizeof(status)); 2100 sizeof(status));
2083 sband = local->hw.wiphy->bands[status.band]; 2101 sband = local->hw.wiphy->bands[status.band];
2084 rate = &sband->bitrates[status.rate_idx]; 2102 rate = &sband->bitrates[status.rate_idx];
2085 pkt_load = ieee80211_rx_load_stats(local,
2086 tid_agg_rx->reorder_buf[index],
2087 &status, rate);
2088 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index], 2103 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index],
2089 &status, pkt_load, rate); 2104 &status, rate);
2090 tid_agg_rx->stored_mpdu_num--; 2105 tid_agg_rx->stored_mpdu_num--;
2091 tid_agg_rx->reorder_buf[index] = NULL; 2106 tid_agg_rx->reorder_buf[index] = NULL;
2092 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num); 2107 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num);
@@ -2165,7 +2180,6 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2165 struct ieee80211_rx_status *status) 2180 struct ieee80211_rx_status *status)
2166{ 2181{
2167 struct ieee80211_local *local = hw_to_local(hw); 2182 struct ieee80211_local *local = hw_to_local(hw);
2168 u32 pkt_load;
2169 struct ieee80211_rate *rate = NULL; 2183 struct ieee80211_rate *rate = NULL;
2170 struct ieee80211_supported_band *sband; 2184 struct ieee80211_supported_band *sband;
2171 2185
@@ -2205,11 +2219,8 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2205 return; 2219 return;
2206 } 2220 }
2207 2221
2208 pkt_load = ieee80211_rx_load_stats(local, skb, status, rate);
2209 local->channel_use_raw += pkt_load;
2210
2211 if (!ieee80211_rx_reorder_ampdu(local, skb)) 2222 if (!ieee80211_rx_reorder_ampdu(local, skb))
2212 __ieee80211_rx_handle_packet(hw, skb, status, pkt_load, rate); 2223 __ieee80211_rx_handle_packet(hw, skb, status, rate);
2213 2224
2214 rcu_read_unlock(); 2225 rcu_read_unlock();
2215} 2226}
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 7d4fe4a52929..c24770cb02c5 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -202,14 +202,12 @@ void sta_info_destroy(struct sta_info *sta)
202 dev_kfree_skb_any(skb); 202 dev_kfree_skb_any(skb);
203 203
204 for (i = 0; i < STA_TID_NUM; i++) { 204 for (i = 0; i < STA_TID_NUM; i++) {
205 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx); 205 spin_lock_bh(&sta->lock);
206 if (sta->ampdu_mlme.tid_rx[i]) 206 if (sta->ampdu_mlme.tid_rx[i])
207 del_timer_sync(&sta->ampdu_mlme.tid_rx[i]->session_timer); 207 del_timer_sync(&sta->ampdu_mlme.tid_rx[i]->session_timer);
208 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
209 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
210 if (sta->ampdu_mlme.tid_tx[i]) 208 if (sta->ampdu_mlme.tid_tx[i])
211 del_timer_sync(&sta->ampdu_mlme.tid_tx[i]->addba_resp_timer); 209 del_timer_sync(&sta->ampdu_mlme.tid_tx[i]->addba_resp_timer);
212 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 210 spin_unlock_bh(&sta->lock);
213 } 211 }
214 212
215 __sta_info_free(local, sta); 213 __sta_info_free(local, sta);
@@ -236,6 +234,8 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
236 if (!sta) 234 if (!sta)
237 return NULL; 235 return NULL;
238 236
237 spin_lock_init(&sta->lock);
238
239 memcpy(sta->addr, addr, ETH_ALEN); 239 memcpy(sta->addr, addr, ETH_ALEN);
240 sta->local = local; 240 sta->local = local;
241 sta->sdata = sdata; 241 sta->sdata = sdata;
@@ -249,15 +249,13 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
249 return NULL; 249 return NULL;
250 } 250 }
251 251
252 spin_lock_init(&sta->ampdu_mlme.ampdu_rx);
253 spin_lock_init(&sta->ampdu_mlme.ampdu_tx);
254 for (i = 0; i < STA_TID_NUM; i++) { 252 for (i = 0; i < STA_TID_NUM; i++) {
255 /* timer_to_tid must be initialized with identity mapping to 253 /* timer_to_tid must be initialized with identity mapping to
256 * enable session_timer's data differentiation. refer to 254 * enable session_timer's data differentiation. refer to
257 * sta_rx_agg_session_timer_expired for useage */ 255 * sta_rx_agg_session_timer_expired for useage */
258 sta->timer_to_tid[i] = i; 256 sta->timer_to_tid[i] = i;
259 /* tid to tx queue: initialize according to HW (0 is valid) */ 257 /* tid to tx queue: initialize according to HW (0 is valid) */
260 sta->tid_to_tx_q[i] = local->hw.queues; 258 sta->tid_to_tx_q[i] = ieee80211_num_queues(&local->hw);
261 /* rx */ 259 /* rx */
262 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE; 260 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE;
263 sta->ampdu_mlme.tid_rx[i] = NULL; 261 sta->ampdu_mlme.tid_rx[i] = NULL;
@@ -276,7 +274,6 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
276 274
277#ifdef CONFIG_MAC80211_MESH 275#ifdef CONFIG_MAC80211_MESH
278 sta->plink_state = PLINK_LISTEN; 276 sta->plink_state = PLINK_LISTEN;
279 spin_lock_init(&sta->plink_lock);
280 init_timer(&sta->plink_timer); 277 init_timer(&sta->plink_timer);
281#endif 278#endif
282 279
@@ -437,8 +434,7 @@ void __sta_info_unlink(struct sta_info **sta)
437 434
438 list_del(&(*sta)->list); 435 list_del(&(*sta)->list);
439 436
440 if ((*sta)->flags & WLAN_STA_PS) { 437 if (test_and_clear_sta_flags(*sta, WLAN_STA_PS)) {
441 (*sta)->flags &= ~WLAN_STA_PS;
442 if (sdata->bss) 438 if (sdata->bss)
443 atomic_dec(&sdata->bss->num_sta_ps); 439 atomic_dec(&sdata->bss->num_sta_ps);
444 __sta_info_clear_tim_bit(sdata->bss, *sta); 440 __sta_info_clear_tim_bit(sdata->bss, *sta);
@@ -515,20 +511,20 @@ static inline int sta_info_buffer_expired(struct ieee80211_local *local,
515 struct sta_info *sta, 511 struct sta_info *sta,
516 struct sk_buff *skb) 512 struct sk_buff *skb)
517{ 513{
518 struct ieee80211_tx_packet_data *pkt_data; 514 struct ieee80211_tx_info *info;
519 int timeout; 515 int timeout;
520 516
521 if (!skb) 517 if (!skb)
522 return 0; 518 return 0;
523 519
524 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 520 info = IEEE80211_SKB_CB(skb);
525 521
526 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */ 522 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */
527 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 / 523 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 /
528 15625) * HZ; 524 15625) * HZ;
529 if (timeout < STA_TX_BUFFER_EXPIRE) 525 if (timeout < STA_TX_BUFFER_EXPIRE)
530 timeout = STA_TX_BUFFER_EXPIRE; 526 timeout = STA_TX_BUFFER_EXPIRE;
531 return time_after(jiffies, pkt_data->jiffies + timeout); 527 return time_after(jiffies, info->control.jiffies + timeout);
532} 528}
533 529
534 530
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index f8c95bc9659c..95753f860acf 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -32,7 +32,7 @@
32 * @WLAN_STA_WDS: Station is one of our WDS peers. 32 * @WLAN_STA_WDS: Station is one of our WDS peers.
33 * @WLAN_STA_PSPOLL: Station has just PS-polled us. 33 * @WLAN_STA_PSPOLL: Station has just PS-polled us.
34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the 34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
35 * IEEE80211_TXCTL_CLEAR_PS_FILT control flag) when the next 35 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next
36 * frame to this station is transmitted. 36 * frame to this station is transmitted.
37 */ 37 */
38enum ieee80211_sta_info_flags { 38enum ieee80211_sta_info_flags {
@@ -129,23 +129,19 @@ enum plink_state {
129 * 129 *
130 * @tid_state_rx: TID's state in Rx session state machine. 130 * @tid_state_rx: TID's state in Rx session state machine.
131 * @tid_rx: aggregation info for Rx per TID 131 * @tid_rx: aggregation info for Rx per TID
132 * @ampdu_rx: for locking sections in aggregation Rx flow
133 * @tid_state_tx: TID's state in Tx session state machine. 132 * @tid_state_tx: TID's state in Tx session state machine.
134 * @tid_tx: aggregation info for Tx per TID 133 * @tid_tx: aggregation info for Tx per TID
135 * @addba_req_num: number of times addBA request has been sent. 134 * @addba_req_num: number of times addBA request has been sent.
136 * @ampdu_tx: for locking sectionsi in aggregation Tx flow
137 * @dialog_token_allocator: dialog token enumerator for each new session; 135 * @dialog_token_allocator: dialog token enumerator for each new session;
138 */ 136 */
139struct sta_ampdu_mlme { 137struct sta_ampdu_mlme {
140 /* rx */ 138 /* rx */
141 u8 tid_state_rx[STA_TID_NUM]; 139 u8 tid_state_rx[STA_TID_NUM];
142 struct tid_ampdu_rx *tid_rx[STA_TID_NUM]; 140 struct tid_ampdu_rx *tid_rx[STA_TID_NUM];
143 spinlock_t ampdu_rx;
144 /* tx */ 141 /* tx */
145 u8 tid_state_tx[STA_TID_NUM]; 142 u8 tid_state_tx[STA_TID_NUM];
146 struct tid_ampdu_tx *tid_tx[STA_TID_NUM]; 143 struct tid_ampdu_tx *tid_tx[STA_TID_NUM];
147 u8 addba_req_num[STA_TID_NUM]; 144 u8 addba_req_num[STA_TID_NUM];
148 spinlock_t ampdu_tx;
149 u8 dialog_token_allocator; 145 u8 dialog_token_allocator;
150}; 146};
151 147
@@ -177,6 +173,8 @@ struct sta_ampdu_mlme {
177 * @rx_bytes: Number of bytes received from this STA 173 * @rx_bytes: Number of bytes received from this STA
178 * @supp_rates: Bitmap of supported rates (per band) 174 * @supp_rates: Bitmap of supported rates (per band)
179 * @ht_info: HT capabilities of this STA 175 * @ht_info: HT capabilities of this STA
176 * @lock: used for locking all fields that require locking, see comments
177 * in the header file.
180 */ 178 */
181struct sta_info { 179struct sta_info {
182 /* General information, mostly static */ 180 /* General information, mostly static */
@@ -187,6 +185,7 @@ struct sta_info {
187 struct ieee80211_key *key; 185 struct ieee80211_key *key;
188 struct rate_control_ref *rate_ctrl; 186 struct rate_control_ref *rate_ctrl;
189 void *rate_ctrl_priv; 187 void *rate_ctrl_priv;
188 spinlock_t lock;
190 struct ieee80211_ht_info ht_info; 189 struct ieee80211_ht_info ht_info;
191 u64 supp_rates[IEEE80211_NUM_BANDS]; 190 u64 supp_rates[IEEE80211_NUM_BANDS];
192 u8 addr[ETH_ALEN]; 191 u8 addr[ETH_ALEN];
@@ -199,7 +198,7 @@ struct sta_info {
199 */ 198 */
200 u8 pin_status; 199 u8 pin_status;
201 200
202 /* frequently updated information, needs locking? */ 201 /* frequently updated information, locked with lock spinlock */
203 u32 flags; 202 u32 flags;
204 203
205 /* 204 /*
@@ -217,8 +216,8 @@ struct sta_info {
217 * from this STA */ 216 * from this STA */
218 unsigned long rx_fragments; /* number of received MPDUs */ 217 unsigned long rx_fragments; /* number of received MPDUs */
219 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */ 218 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */
220 int last_rssi; /* RSSI of last received frame from this STA */
221 int last_signal; /* signal of last received frame from this STA */ 219 int last_signal; /* signal of last received frame from this STA */
220 int last_qual; /* qual of last received frame from this STA */
222 int last_noise; /* noise of last received frame from this STA */ 221 int last_noise; /* noise of last received frame from this STA */
223 /* last received seq/frag number from this STA (per RX queue) */ 222 /* last received seq/frag number from this STA (per RX queue) */
224 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES]; 223 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES];
@@ -246,12 +245,8 @@ struct sta_info {
246 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES]; 245 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
247#endif 246#endif
248 247
249 /* Debug counters, no locking doesn't matter */
250 int channel_use;
251 int channel_use_raw;
252
253 /* 248 /*
254 * Aggregation information, comes with own locking. 249 * Aggregation information, locked with lock.
255 */ 250 */
256 struct sta_ampdu_mlme ampdu_mlme; 251 struct sta_ampdu_mlme ampdu_mlme;
257 u8 timer_to_tid[STA_TID_NUM]; /* identity mapping to ID timers */ 252 u8 timer_to_tid[STA_TID_NUM]; /* identity mapping to ID timers */
@@ -270,9 +265,6 @@ struct sta_info {
270 enum plink_state plink_state; 265 enum plink_state plink_state;
271 u32 plink_timeout; 266 u32 plink_timeout;
272 struct timer_list plink_timer; 267 struct timer_list plink_timer;
273 spinlock_t plink_lock; /* For peer_state reads / updates and other
274 updates in the structure. Ensures robust
275 transitions for the peerlink FSM */
276#endif 268#endif
277 269
278#ifdef CONFIG_MAC80211_DEBUGFS 270#ifdef CONFIG_MAC80211_DEBUGFS
@@ -299,6 +291,64 @@ static inline enum plink_state sta_plink_state(struct sta_info *sta)
299 return PLINK_LISTEN; 291 return PLINK_LISTEN;
300} 292}
301 293
294static inline void set_sta_flags(struct sta_info *sta, const u32 flags)
295{
296 spin_lock_bh(&sta->lock);
297 sta->flags |= flags;
298 spin_unlock_bh(&sta->lock);
299}
300
301static inline void clear_sta_flags(struct sta_info *sta, const u32 flags)
302{
303 spin_lock_bh(&sta->lock);
304 sta->flags &= ~flags;
305 spin_unlock_bh(&sta->lock);
306}
307
308static inline void set_and_clear_sta_flags(struct sta_info *sta,
309 const u32 set, const u32 clear)
310{
311 spin_lock_bh(&sta->lock);
312 sta->flags |= set;
313 sta->flags &= ~clear;
314 spin_unlock_bh(&sta->lock);
315}
316
317static inline u32 test_sta_flags(struct sta_info *sta, const u32 flags)
318{
319 u32 ret;
320
321 spin_lock_bh(&sta->lock);
322 ret = sta->flags & flags;
323 spin_unlock_bh(&sta->lock);
324
325 return ret;
326}
327
328static inline u32 test_and_clear_sta_flags(struct sta_info *sta,
329 const u32 flags)
330{
331 u32 ret;
332
333 spin_lock_bh(&sta->lock);
334 ret = sta->flags & flags;
335 sta->flags &= ~flags;
336 spin_unlock_bh(&sta->lock);
337
338 return ret;
339}
340
341static inline u32 get_sta_flags(struct sta_info *sta)
342{
343 u32 ret;
344
345 spin_lock_bh(&sta->lock);
346 ret = sta->flags;
347 spin_unlock_bh(&sta->lock);
348
349 return ret;
350}
351
302 352
303/* Maximum number of concurrently registered stations */ 353/* Maximum number of concurrently registered stations */
304#define MAX_STA_COUNT 2007 354#define MAX_STA_COUNT 2007
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index 09093da24af6..a00cf1ea7719 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -6,25 +6,23 @@
6 * it under the terms of the GNU General Public License version 2 as 6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 */ 8 */
9
10#include <linux/kernel.h> 9#include <linux/kernel.h>
10#include <linux/bitops.h>
11#include <linux/types.h> 11#include <linux/types.h>
12#include <linux/netdevice.h> 12#include <linux/netdevice.h>
13#include <asm/unaligned.h>
13 14
14#include <net/mac80211.h> 15#include <net/mac80211.h>
15#include "key.h" 16#include "key.h"
16#include "tkip.h" 17#include "tkip.h"
17#include "wep.h" 18#include "wep.h"
18 19
19
20/* TKIP key mixing functions */
21
22
23#define PHASE1_LOOP_COUNT 8 20#define PHASE1_LOOP_COUNT 8
24 21
25 22/*
26/* 2-byte by 2-byte subset of the full AES S-box table; second part of this 23 * 2-byte by 2-byte subset of the full AES S-box table; second part of this
27 * table is identical to first part but byte-swapped */ 24 * table is identical to first part but byte-swapped
25 */
28static const u16 tkip_sbox[256] = 26static const u16 tkip_sbox[256] =
29{ 27{
30 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154, 28 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
@@ -61,84 +59,48 @@ static const u16 tkip_sbox[256] =
61 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A, 59 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
62}; 60};
63 61
64 62static u16 tkipS(u16 val)
65static inline u16 Mk16(u8 x, u8 y)
66{
67 return ((u16) x << 8) | (u16) y;
68}
69
70
71static inline u8 Hi8(u16 v)
72{
73 return v >> 8;
74}
75
76
77static inline u8 Lo8(u16 v)
78{
79 return v & 0xff;
80}
81
82
83static inline u16 Hi16(u32 v)
84{ 63{
85 return v >> 16; 64 return tkip_sbox[val & 0xff] ^ swab16(tkip_sbox[val >> 8]);
86} 65}
87 66
88 67/*
89static inline u16 Lo16(u32 v) 68 * P1K := Phase1(TA, TK, TSC)
90{
91 return v & 0xffff;
92}
93
94
95static inline u16 RotR1(u16 v)
96{
97 return (v >> 1) | ((v & 0x0001) << 15);
98}
99
100
101static inline u16 tkip_S(u16 val)
102{
103 u16 a = tkip_sbox[Hi8(val)];
104
105 return tkip_sbox[Lo8(val)] ^ Hi8(a) ^ (Lo8(a) << 8);
106}
107
108
109
110/* P1K := Phase1(TA, TK, TSC)
111 * TA = transmitter address (48 bits) 69 * TA = transmitter address (48 bits)
112 * TK = dot11DefaultKeyValue or dot11KeyMappingValue (128 bits) 70 * TK = dot11DefaultKeyValue or dot11KeyMappingValue (128 bits)
113 * TSC = TKIP sequence counter (48 bits, only 32 msb bits used) 71 * TSC = TKIP sequence counter (48 bits, only 32 msb bits used)
114 * P1K: 80 bits 72 * P1K: 80 bits
115 */ 73 */
116static void tkip_mixing_phase1(const u8 *ta, const u8 *tk, u32 tsc_IV32, 74static void tkip_mixing_phase1(struct ieee80211_key *key, const u8 *ta,
117 u16 *p1k) 75 struct tkip_ctx *ctx, u32 tsc_IV32)
118{ 76{
119 int i, j; 77 int i, j;
78 const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
79 u16 *p1k = ctx->p1k;
120 80
121 p1k[0] = Lo16(tsc_IV32); 81 p1k[0] = tsc_IV32 & 0xFFFF;
122 p1k[1] = Hi16(tsc_IV32); 82 p1k[1] = tsc_IV32 >> 16;
123 p1k[2] = Mk16(ta[1], ta[0]); 83 p1k[2] = get_unaligned_le16(ta + 0);
124 p1k[3] = Mk16(ta[3], ta[2]); 84 p1k[3] = get_unaligned_le16(ta + 2);
125 p1k[4] = Mk16(ta[5], ta[4]); 85 p1k[4] = get_unaligned_le16(ta + 4);
126 86
127 for (i = 0; i < PHASE1_LOOP_COUNT; i++) { 87 for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
128 j = 2 * (i & 1); 88 j = 2 * (i & 1);
129 p1k[0] += tkip_S(p1k[4] ^ Mk16(tk[ 1 + j], tk[ 0 + j])); 89 p1k[0] += tkipS(p1k[4] ^ get_unaligned_le16(tk + 0 + j));
130 p1k[1] += tkip_S(p1k[0] ^ Mk16(tk[ 5 + j], tk[ 4 + j])); 90 p1k[1] += tkipS(p1k[0] ^ get_unaligned_le16(tk + 4 + j));
131 p1k[2] += tkip_S(p1k[1] ^ Mk16(tk[ 9 + j], tk[ 8 + j])); 91 p1k[2] += tkipS(p1k[1] ^ get_unaligned_le16(tk + 8 + j));
132 p1k[3] += tkip_S(p1k[2] ^ Mk16(tk[13 + j], tk[12 + j])); 92 p1k[3] += tkipS(p1k[2] ^ get_unaligned_le16(tk + 12 + j));
133 p1k[4] += tkip_S(p1k[3] ^ Mk16(tk[ 1 + j], tk[ 0 + j])) + i; 93 p1k[4] += tkipS(p1k[3] ^ get_unaligned_le16(tk + 0 + j)) + i;
134 } 94 }
95 ctx->initialized = 1;
135} 96}
136 97
137 98static void tkip_mixing_phase2(struct ieee80211_key *key, struct tkip_ctx *ctx,
138static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16, 99 u16 tsc_IV16, u8 *rc4key)
139 u8 *rc4key)
140{ 100{
141 u16 ppk[6]; 101 u16 ppk[6];
102 const u16 *p1k = ctx->p1k;
103 const u8 *tk = &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY];
142 int i; 104 int i;
143 105
144 ppk[0] = p1k[0]; 106 ppk[0] = p1k[0];
@@ -148,70 +110,51 @@ static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16,
148 ppk[4] = p1k[4]; 110 ppk[4] = p1k[4];
149 ppk[5] = p1k[4] + tsc_IV16; 111 ppk[5] = p1k[4] + tsc_IV16;
150 112
151 ppk[0] += tkip_S(ppk[5] ^ Mk16(tk[ 1], tk[ 0])); 113 ppk[0] += tkipS(ppk[5] ^ get_unaligned_le16(tk + 0));
152 ppk[1] += tkip_S(ppk[0] ^ Mk16(tk[ 3], tk[ 2])); 114 ppk[1] += tkipS(ppk[0] ^ get_unaligned_le16(tk + 2));
153 ppk[2] += tkip_S(ppk[1] ^ Mk16(tk[ 5], tk[ 4])); 115 ppk[2] += tkipS(ppk[1] ^ get_unaligned_le16(tk + 4));
154 ppk[3] += tkip_S(ppk[2] ^ Mk16(tk[ 7], tk[ 6])); 116 ppk[3] += tkipS(ppk[2] ^ get_unaligned_le16(tk + 6));
155 ppk[4] += tkip_S(ppk[3] ^ Mk16(tk[ 9], tk[ 8])); 117 ppk[4] += tkipS(ppk[3] ^ get_unaligned_le16(tk + 8));
156 ppk[5] += tkip_S(ppk[4] ^ Mk16(tk[11], tk[10])); 118 ppk[5] += tkipS(ppk[4] ^ get_unaligned_le16(tk + 10));
157 ppk[0] += RotR1(ppk[5] ^ Mk16(tk[13], tk[12])); 119 ppk[0] += ror16(ppk[5] ^ get_unaligned_le16(tk + 12), 1);
158 ppk[1] += RotR1(ppk[0] ^ Mk16(tk[15], tk[14])); 120 ppk[1] += ror16(ppk[0] ^ get_unaligned_le16(tk + 14), 1);
159 ppk[2] += RotR1(ppk[1]); 121 ppk[2] += ror16(ppk[1], 1);
160 ppk[3] += RotR1(ppk[2]); 122 ppk[3] += ror16(ppk[2], 1);
161 ppk[4] += RotR1(ppk[3]); 123 ppk[4] += ror16(ppk[3], 1);
162 ppk[5] += RotR1(ppk[4]); 124 ppk[5] += ror16(ppk[4], 1);
163 125
164 rc4key[0] = Hi8(tsc_IV16); 126 rc4key[0] = tsc_IV16 >> 8;
165 rc4key[1] = (Hi8(tsc_IV16) | 0x20) & 0x7f; 127 rc4key[1] = ((tsc_IV16 >> 8) | 0x20) & 0x7f;
166 rc4key[2] = Lo8(tsc_IV16); 128 rc4key[2] = tsc_IV16 & 0xFF;
167 rc4key[3] = Lo8((ppk[5] ^ Mk16(tk[1], tk[0])) >> 1); 129 rc4key[3] = ((ppk[5] ^ get_unaligned_le16(tk)) >> 1) & 0xFF;
168 130
169 for (i = 0; i < 6; i++) { 131 rc4key += 4;
170 rc4key[4 + 2 * i] = Lo8(ppk[i]); 132 for (i = 0; i < 6; i++)
171 rc4key[5 + 2 * i] = Hi8(ppk[i]); 133 put_unaligned_le16(ppk[i], rc4key + 2 * i);
172 }
173} 134}
174 135
175
176/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets 136/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets
177 * of the IV. Returns pointer to the octet following IVs (i.e., beginning of 137 * of the IV. Returns pointer to the octet following IVs (i.e., beginning of
178 * the packet payload). */ 138 * the packet payload). */
179u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key, 139u8 *ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
180 u8 iv0, u8 iv1, u8 iv2) 140 u8 iv0, u8 iv1, u8 iv2)
181{ 141{
182 *pos++ = iv0; 142 *pos++ = iv0;
183 *pos++ = iv1; 143 *pos++ = iv1;
184 *pos++ = iv2; 144 *pos++ = iv2;
185 *pos++ = (key->conf.keyidx << 6) | (1 << 5) /* Ext IV */; 145 *pos++ = (key->conf.keyidx << 6) | (1 << 5) /* Ext IV */;
186 *pos++ = key->u.tkip.iv32 & 0xff; 146 put_unaligned_le32(key->u.tkip.tx.iv32, pos);
187 *pos++ = (key->u.tkip.iv32 >> 8) & 0xff; 147 return pos + 4;
188 *pos++ = (key->u.tkip.iv32 >> 16) & 0xff;
189 *pos++ = (key->u.tkip.iv32 >> 24) & 0xff;
190 return pos;
191}
192
193
194void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
195 u16 *phase1key)
196{
197 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
198 key->u.tkip.iv32, phase1key);
199} 148}
200 149
201void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta, 150static void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
202 u8 *rc4key) 151 u8 *rc4key)
203{ 152{
204 /* Calculate per-packet key */ 153 /* Calculate per-packet key */
205 if (key->u.tkip.iv16 == 0 || !key->u.tkip.tx_initialized) { 154 if (key->u.tkip.tx.iv16 == 0 || !key->u.tkip.tx.initialized)
206 /* IV16 wrapped around - perform TKIP phase 1 */ 155 tkip_mixing_phase1(key, ta, &key->u.tkip.tx, key->u.tkip.tx.iv32);
207 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
208 key->u.tkip.iv32, key->u.tkip.p1k);
209 key->u.tkip.tx_initialized = 1;
210 }
211 156
212 tkip_mixing_phase2(key->u.tkip.p1k, 157 tkip_mixing_phase2(key, &key->u.tkip.tx, key->u.tkip.tx.iv16, rc4key);
213 &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
214 key->u.tkip.iv16, rc4key);
215} 158}
216 159
217void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf, 160void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
@@ -228,18 +171,16 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
228 u16 iv16; 171 u16 iv16;
229 u32 iv32; 172 u32 iv32;
230 173
231 iv16 = data[hdr_len] << 8; 174 iv16 = data[hdr_len + 2] | (data[hdr_len] << 8);
232 iv16 += data[hdr_len + 2]; 175 iv32 = get_unaligned_le32(data + hdr_len + 4);
233 iv32 = data[hdr_len + 4] | (data[hdr_len + 5] << 8) |
234 (data[hdr_len + 6] << 16) | (data[hdr_len + 7] << 24);
235 176
236#ifdef CONFIG_TKIP_DEBUG 177#ifdef CONFIG_TKIP_DEBUG
237 printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n", 178 printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
238 iv16, iv32); 179 iv16, iv32);
239 180
240 if (iv32 != key->u.tkip.iv32) { 181 if (iv32 != key->u.tkip.tx.iv32) {
241 printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n", 182 printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n",
242 iv32, key->u.tkip.iv32); 183 iv32, key->u.tkip.tx.iv32);
243 printk(KERN_DEBUG "Wrap around of iv16 in the middle of a " 184 printk(KERN_DEBUG "Wrap around of iv16 in the middle of a "
244 "fragmented packet\n"); 185 "fragmented packet\n");
245 } 186 }
@@ -248,20 +189,15 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
248 /* Update the p1k only when the iv16 in the packet wraps around, this 189 /* Update the p1k only when the iv16 in the packet wraps around, this
249 * might occur after the wrap around of iv16 in the key in case of 190 * might occur after the wrap around of iv16 in the key in case of
250 * fragmented packets. */ 191 * fragmented packets. */
251 if (iv16 == 0 || !key->u.tkip.tx_initialized) { 192 if (iv16 == 0 || !key->u.tkip.tx.initialized)
252 /* IV16 wrapped around - perform TKIP phase 1 */ 193 tkip_mixing_phase1(key, ta, &key->u.tkip.tx, iv32);
253 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
254 iv32, key->u.tkip.p1k);
255 key->u.tkip.tx_initialized = 1;
256 }
257 194
258 if (type == IEEE80211_TKIP_P1_KEY) { 195 if (type == IEEE80211_TKIP_P1_KEY) {
259 memcpy(outkey, key->u.tkip.p1k, sizeof(u16) * 5); 196 memcpy(outkey, key->u.tkip.tx.p1k, sizeof(u16) * 5);
260 return; 197 return;
261 } 198 }
262 199
263 tkip_mixing_phase2(key->u.tkip.p1k, 200 tkip_mixing_phase2(key, &key->u.tkip.tx, iv16, outkey);
264 &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], iv16, outkey);
265} 201}
266EXPORT_SYMBOL(ieee80211_get_tkip_key); 202EXPORT_SYMBOL(ieee80211_get_tkip_key);
267 203
@@ -281,7 +217,6 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
281 ieee80211_wep_encrypt_data(tfm, rc4key, 16, pos, payload_len); 217 ieee80211_wep_encrypt_data(tfm, rc4key, 16, pos, payload_len);
282} 218}
283 219
284
285/* Decrypt packet payload with TKIP using @key. @pos is a pointer to the 220/* Decrypt packet payload with TKIP using @key. @pos is a pointer to the
286 * beginning of the buffer containing IEEE 802.11 header payload, i.e., 221 * beginning of the buffer containing IEEE 802.11 header payload, i.e.,
287 * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the 222 * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the
@@ -302,7 +237,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
302 237
303 iv16 = (pos[0] << 8) | pos[2]; 238 iv16 = (pos[0] << 8) | pos[2];
304 keyid = pos[3]; 239 keyid = pos[3];
305 iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24); 240 iv32 = get_unaligned_le32(pos + 4);
306 pos += 8; 241 pos += 8;
307#ifdef CONFIG_TKIP_DEBUG 242#ifdef CONFIG_TKIP_DEBUG
308 { 243 {
@@ -322,33 +257,31 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
322 if ((keyid >> 6) != key->conf.keyidx) 257 if ((keyid >> 6) != key->conf.keyidx)
323 return TKIP_DECRYPT_INVALID_KEYIDX; 258 return TKIP_DECRYPT_INVALID_KEYIDX;
324 259
325 if (key->u.tkip.rx_initialized[queue] && 260 if (key->u.tkip.rx[queue].initialized &&
326 (iv32 < key->u.tkip.iv32_rx[queue] || 261 (iv32 < key->u.tkip.rx[queue].iv32 ||
327 (iv32 == key->u.tkip.iv32_rx[queue] && 262 (iv32 == key->u.tkip.rx[queue].iv32 &&
328 iv16 <= key->u.tkip.iv16_rx[queue]))) { 263 iv16 <= key->u.tkip.rx[queue].iv16))) {
329#ifdef CONFIG_TKIP_DEBUG 264#ifdef CONFIG_TKIP_DEBUG
330 DECLARE_MAC_BUF(mac); 265 DECLARE_MAC_BUF(mac);
331 printk(KERN_DEBUG "TKIP replay detected for RX frame from " 266 printk(KERN_DEBUG "TKIP replay detected for RX frame from "
332 "%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n", 267 "%s (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
333 print_mac(mac, ta), 268 print_mac(mac, ta),
334 iv32, iv16, key->u.tkip.iv32_rx[queue], 269 iv32, iv16, key->u.tkip.rx[queue].iv32,
335 key->u.tkip.iv16_rx[queue]); 270 key->u.tkip.rx[queue].iv16);
336#endif /* CONFIG_TKIP_DEBUG */ 271#endif /* CONFIG_TKIP_DEBUG */
337 return TKIP_DECRYPT_REPLAY; 272 return TKIP_DECRYPT_REPLAY;
338 } 273 }
339 274
340 if (only_iv) { 275 if (only_iv) {
341 res = TKIP_DECRYPT_OK; 276 res = TKIP_DECRYPT_OK;
342 key->u.tkip.rx_initialized[queue] = 1; 277 key->u.tkip.rx[queue].initialized = 1;
343 goto done; 278 goto done;
344 } 279 }
345 280
346 if (!key->u.tkip.rx_initialized[queue] || 281 if (!key->u.tkip.rx[queue].initialized ||
347 key->u.tkip.iv32_rx[queue] != iv32) { 282 key->u.tkip.rx[queue].iv32 != iv32) {
348 key->u.tkip.rx_initialized[queue] = 1;
349 /* IV16 wrapped around - perform TKIP phase 1 */ 283 /* IV16 wrapped around - perform TKIP phase 1 */
350 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], 284 tkip_mixing_phase1(key, ta, &key->u.tkip.rx[queue], iv32);
351 iv32, key->u.tkip.p1k_rx[queue]);
352#ifdef CONFIG_TKIP_DEBUG 285#ifdef CONFIG_TKIP_DEBUG
353 { 286 {
354 int i; 287 int i;
@@ -362,7 +295,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
362 printk("\n"); 295 printk("\n");
363 printk(KERN_DEBUG "TKIP decrypt: P1K="); 296 printk(KERN_DEBUG "TKIP decrypt: P1K=");
364 for (i = 0; i < 5; i++) 297 for (i = 0; i < 5; i++)
365 printk("%04x ", key->u.tkip.p1k_rx[queue][i]); 298 printk("%04x ", key->u.tkip.rx[queue].p1k[i]);
366 printk("\n"); 299 printk("\n");
367 } 300 }
368#endif /* CONFIG_TKIP_DEBUG */ 301#endif /* CONFIG_TKIP_DEBUG */
@@ -377,13 +310,11 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
377 310
378 key->local->ops->update_tkip_key( 311 key->local->ops->update_tkip_key(
379 local_to_hw(key->local), &key->conf, 312 local_to_hw(key->local), &key->conf,
380 sta_addr, iv32, key->u.tkip.p1k_rx[queue]); 313 sta_addr, iv32, key->u.tkip.rx[queue].p1k);
381 } 314 }
382 } 315 }
383 316
384 tkip_mixing_phase2(key->u.tkip.p1k_rx[queue], 317 tkip_mixing_phase2(key, &key->u.tkip.rx[queue], iv16, rc4key);
385 &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
386 iv16, rc4key);
387#ifdef CONFIG_TKIP_DEBUG 318#ifdef CONFIG_TKIP_DEBUG
388 { 319 {
389 int i; 320 int i;
@@ -409,5 +340,3 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
409 340
410 return res; 341 return res;
411} 342}
412
413
diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h
index b7c2ee763d9d..b890427fc959 100644
--- a/net/mac80211/tkip.h
+++ b/net/mac80211/tkip.h
@@ -13,12 +13,8 @@
13#include <linux/crypto.h> 13#include <linux/crypto.h>
14#include "key.h" 14#include "key.h"
15 15
16u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key, 16u8 *ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
17 u8 iv0, u8 iv1, u8 iv2); 17 u8 iv0, u8 iv1, u8 iv2);
18void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
19 u16 *phase1key);
20void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
21 u8 *rc4key);
22void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm, 18void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
23 struct ieee80211_key *key, 19 struct ieee80211_key *key,
24 u8 *pos, size_t payload_len, u8 *ta); 20 u8 *pos, size_t payload_len, u8 *ta);
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 1d7dd54aacef..1ad9e664f287 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -91,11 +91,12 @@ static u16 ieee80211_duration(struct ieee80211_tx_data *tx, int group_addr,
91 int next_frag_len) 91 int next_frag_len)
92{ 92{
93 int rate, mrate, erp, dur, i; 93 int rate, mrate, erp, dur, i;
94 struct ieee80211_rate *txrate = tx->rate; 94 struct ieee80211_rate *txrate;
95 struct ieee80211_local *local = tx->local; 95 struct ieee80211_local *local = tx->local;
96 struct ieee80211_supported_band *sband; 96 struct ieee80211_supported_band *sband;
97 97
98 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 98 sband = local->hw.wiphy->bands[tx->channel->band];
99 txrate = &sband->bitrates[tx->rate_idx];
99 100
100 erp = 0; 101 erp = 0;
101 if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) 102 if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
@@ -212,18 +213,6 @@ static u16 ieee80211_duration(struct ieee80211_tx_data *tx, int group_addr,
212 return dur; 213 return dur;
213} 214}
214 215
215static inline int __ieee80211_queue_stopped(const struct ieee80211_local *local,
216 int queue)
217{
218 return test_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
219}
220
221static inline int __ieee80211_queue_pending(const struct ieee80211_local *local,
222 int queue)
223{
224 return test_bit(IEEE80211_LINK_STATE_PENDING, &local->state[queue]);
225}
226
227static int inline is_ieee80211_device(struct net_device *dev, 216static int inline is_ieee80211_device(struct net_device *dev,
228 struct net_device *master) 217 struct net_device *master)
229{ 218{
@@ -237,12 +226,12 @@ static ieee80211_tx_result
237ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx) 226ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
238{ 227{
239#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 228#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
240 struct sk_buff *skb = tx->skb; 229 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
241 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
242#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 230#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
231 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
243 u32 sta_flags; 232 u32 sta_flags;
244 233
245 if (unlikely(tx->flags & IEEE80211_TX_INJECTED)) 234 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED))
246 return TX_CONTINUE; 235 return TX_CONTINUE;
247 236
248 if (unlikely(tx->local->sta_sw_scanning) && 237 if (unlikely(tx->local->sta_sw_scanning) &&
@@ -256,7 +245,7 @@ ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
256 if (tx->flags & IEEE80211_TX_PS_BUFFERED) 245 if (tx->flags & IEEE80211_TX_PS_BUFFERED)
257 return TX_CONTINUE; 246 return TX_CONTINUE;
258 247
259 sta_flags = tx->sta ? tx->sta->flags : 0; 248 sta_flags = tx->sta ? get_sta_flags(tx->sta) : 0;
260 249
261 if (likely(tx->flags & IEEE80211_TX_UNICAST)) { 250 if (likely(tx->flags & IEEE80211_TX_UNICAST)) {
262 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) && 251 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) &&
@@ -347,6 +336,8 @@ static void purge_old_ps_buffers(struct ieee80211_local *local)
347static ieee80211_tx_result 336static ieee80211_tx_result
348ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx) 337ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
349{ 338{
339 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
340
350 /* 341 /*
351 * broadcast/multicast frame 342 * broadcast/multicast frame
352 * 343 *
@@ -382,7 +373,7 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
382 } 373 }
383 374
384 /* buffered in hardware */ 375 /* buffered in hardware */
385 tx->control->flags |= IEEE80211_TXCTL_SEND_AFTER_DTIM; 376 info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM;
386 377
387 return TX_CONTINUE; 378 return TX_CONTINUE;
388} 379}
@@ -391,6 +382,8 @@ static ieee80211_tx_result
391ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx) 382ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
392{ 383{
393 struct sta_info *sta = tx->sta; 384 struct sta_info *sta = tx->sta;
385 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
386 u32 staflags;
394 DECLARE_MAC_BUF(mac); 387 DECLARE_MAC_BUF(mac);
395 388
396 if (unlikely(!sta || 389 if (unlikely(!sta ||
@@ -398,9 +391,10 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
398 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP))) 391 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP)))
399 return TX_CONTINUE; 392 return TX_CONTINUE;
400 393
401 if (unlikely((sta->flags & WLAN_STA_PS) && 394 staflags = get_sta_flags(sta);
402 !(sta->flags & WLAN_STA_PSPOLL))) { 395
403 struct ieee80211_tx_packet_data *pkt_data; 396 if (unlikely((staflags & WLAN_STA_PS) &&
397 !(staflags & WLAN_STA_PSPOLL))) {
404#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 398#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
405 printk(KERN_DEBUG "STA %s aid %d: PS buffer (entries " 399 printk(KERN_DEBUG "STA %s aid %d: PS buffer (entries "
406 "before %d)\n", 400 "before %d)\n",
@@ -424,19 +418,18 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
424 if (skb_queue_empty(&sta->ps_tx_buf)) 418 if (skb_queue_empty(&sta->ps_tx_buf))
425 sta_info_set_tim_bit(sta); 419 sta_info_set_tim_bit(sta);
426 420
427 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb; 421 info->control.jiffies = jiffies;
428 pkt_data->jiffies = jiffies;
429 skb_queue_tail(&sta->ps_tx_buf, tx->skb); 422 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
430 return TX_QUEUED; 423 return TX_QUEUED;
431 } 424 }
432#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 425#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
433 else if (unlikely(sta->flags & WLAN_STA_PS)) { 426 else if (unlikely(test_sta_flags(sta, WLAN_STA_PS))) {
434 printk(KERN_DEBUG "%s: STA %s in PS mode, but pspoll " 427 printk(KERN_DEBUG "%s: STA %s in PS mode, but pspoll "
435 "set -> send frame\n", tx->dev->name, 428 "set -> send frame\n", tx->dev->name,
436 print_mac(mac, sta->addr)); 429 print_mac(mac, sta->addr));
437 } 430 }
438#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 431#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
439 sta->flags &= ~WLAN_STA_PSPOLL; 432 clear_sta_flags(sta, WLAN_STA_PSPOLL);
440 433
441 return TX_CONTINUE; 434 return TX_CONTINUE;
442} 435}
@@ -457,17 +450,18 @@ static ieee80211_tx_result
457ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx) 450ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
458{ 451{
459 struct ieee80211_key *key; 452 struct ieee80211_key *key;
453 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
460 u16 fc = tx->fc; 454 u16 fc = tx->fc;
461 455
462 if (unlikely(tx->control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT)) 456 if (unlikely(info->flags & IEEE80211_TX_CTL_DO_NOT_ENCRYPT))
463 tx->key = NULL; 457 tx->key = NULL;
464 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 458 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
465 tx->key = key; 459 tx->key = key;
466 else if ((key = rcu_dereference(tx->sdata->default_key))) 460 else if ((key = rcu_dereference(tx->sdata->default_key)))
467 tx->key = key; 461 tx->key = key;
468 else if (tx->sdata->drop_unencrypted && 462 else if (tx->sdata->drop_unencrypted &&
469 !(tx->control->flags & IEEE80211_TXCTL_EAPOL_FRAME) && 463 !(info->flags & IEEE80211_TX_CTL_EAPOL_FRAME) &&
470 !(tx->flags & IEEE80211_TX_INJECTED)) { 464 !(info->flags & IEEE80211_TX_CTL_INJECTED)) {
471 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted); 465 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
472 return TX_DROP; 466 return TX_DROP;
473 } else 467 } else
@@ -496,7 +490,156 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
496 } 490 }
497 491
498 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 492 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
499 tx->control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 493 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
494
495 return TX_CONTINUE;
496}
497
498static ieee80211_tx_result
499ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
500{
501 struct rate_selection rsel;
502 struct ieee80211_supported_band *sband;
503 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
504
505 sband = tx->local->hw.wiphy->bands[tx->channel->band];
506
507 if (likely(tx->rate_idx < 0)) {
508 rate_control_get_rate(tx->dev, sband, tx->skb, &rsel);
509 tx->rate_idx = rsel.rate_idx;
510 if (unlikely(rsel.probe_idx >= 0)) {
511 info->flags |= IEEE80211_TX_CTL_RATE_CTRL_PROBE;
512 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
513 info->control.alt_retry_rate_idx = tx->rate_idx;
514 tx->rate_idx = rsel.probe_idx;
515 } else
516 info->control.alt_retry_rate_idx = -1;
517
518 if (unlikely(tx->rate_idx < 0))
519 return TX_DROP;
520 } else
521 info->control.alt_retry_rate_idx = -1;
522
523 if (tx->sdata->bss_conf.use_cts_prot &&
524 (tx->flags & IEEE80211_TX_FRAGMENTED) && (rsel.nonerp_idx >= 0)) {
525 tx->last_frag_rate_idx = tx->rate_idx;
526 if (rsel.probe_idx >= 0)
527 tx->flags &= ~IEEE80211_TX_PROBE_LAST_FRAG;
528 else
529 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
530 tx->rate_idx = rsel.nonerp_idx;
531 info->tx_rate_idx = rsel.nonerp_idx;
532 info->flags &= ~IEEE80211_TX_CTL_RATE_CTRL_PROBE;
533 } else {
534 tx->last_frag_rate_idx = tx->rate_idx;
535 info->tx_rate_idx = tx->rate_idx;
536 }
537 info->tx_rate_idx = tx->rate_idx;
538
539 return TX_CONTINUE;
540}
541
542static ieee80211_tx_result
543ieee80211_tx_h_misc(struct ieee80211_tx_data *tx)
544{
545 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
546 u16 fc = le16_to_cpu(hdr->frame_control);
547 u16 dur;
548 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
549 struct ieee80211_supported_band *sband;
550
551 sband = tx->local->hw.wiphy->bands[tx->channel->band];
552
553 if (tx->sta)
554 info->control.aid = tx->sta->aid;
555
556 if (!info->control.retry_limit) {
557 if (!is_multicast_ether_addr(hdr->addr1)) {
558 int len = min_t(int, tx->skb->len + FCS_LEN,
559 tx->local->fragmentation_threshold);
560 if (len > tx->local->rts_threshold
561 && tx->local->rts_threshold <
562 IEEE80211_MAX_RTS_THRESHOLD) {
563 info->flags |= IEEE80211_TX_CTL_USE_RTS_CTS;
564 info->flags |=
565 IEEE80211_TX_CTL_LONG_RETRY_LIMIT;
566 info->control.retry_limit =
567 tx->local->long_retry_limit;
568 } else {
569 info->control.retry_limit =
570 tx->local->short_retry_limit;
571 }
572 } else {
573 info->control.retry_limit = 1;
574 }
575 }
576
577 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
578 /* Do not use multiple retry rates when sending fragmented
579 * frames.
580 * TODO: The last fragment could still use multiple retry
581 * rates. */
582 info->control.alt_retry_rate_idx = -1;
583 }
584
585 /* Use CTS protection for unicast frames sent using extended rates if
586 * there are associated non-ERP stations and RTS/CTS is not configured
587 * for the frame. */
588 if ((tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) &&
589 (sband->bitrates[tx->rate_idx].flags & IEEE80211_RATE_ERP_G) &&
590 (tx->flags & IEEE80211_TX_UNICAST) &&
591 tx->sdata->bss_conf.use_cts_prot &&
592 !(info->flags & IEEE80211_TX_CTL_USE_RTS_CTS))
593 info->flags |= IEEE80211_TX_CTL_USE_CTS_PROTECT;
594
595 /* Transmit data frames using short preambles if the driver supports
596 * short preambles at the selected rate and short preambles are
597 * available on the network at the current point in time. */
598 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
599 (sband->bitrates[tx->rate_idx].flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
600 tx->sdata->bss_conf.use_short_preamble &&
601 (!tx->sta || test_sta_flags(tx->sta, WLAN_STA_SHORT_PREAMBLE))) {
602 info->flags |= IEEE80211_TX_CTL_SHORT_PREAMBLE;
603 }
604
605 /* Setup duration field for the first fragment of the frame. Duration
606 * for remaining fragments will be updated when they are being sent
607 * to low-level driver in ieee80211_tx(). */
608 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
609 (tx->flags & IEEE80211_TX_FRAGMENTED) ?
610 tx->extra_frag[0]->len : 0);
611 hdr->duration_id = cpu_to_le16(dur);
612
613 if ((info->flags & IEEE80211_TX_CTL_USE_RTS_CTS) ||
614 (info->flags & IEEE80211_TX_CTL_USE_CTS_PROTECT)) {
615 struct ieee80211_rate *rate;
616 s8 baserate = -1;
617 int idx;
618
619 /* Do not use multiple retry rates when using RTS/CTS */
620 info->control.alt_retry_rate_idx = -1;
621
622 /* Use min(data rate, max base rate) as CTS/RTS rate */
623 rate = &sband->bitrates[tx->rate_idx];
624
625 for (idx = 0; idx < sband->n_bitrates; idx++) {
626 if (sband->bitrates[idx].bitrate > rate->bitrate)
627 continue;
628 if (tx->sdata->basic_rates & BIT(idx) &&
629 (baserate < 0 ||
630 (sband->bitrates[baserate].bitrate
631 < sband->bitrates[idx].bitrate)))
632 baserate = idx;
633 }
634
635 if (baserate >= 0)
636 info->control.rts_cts_rate_idx = baserate;
637 else
638 info->control.rts_cts_rate_idx = 0;
639 }
640
641 if (tx->sta)
642 info->control.aid = tx->sta->aid;
500 643
501 return TX_CONTINUE; 644 return TX_CONTINUE;
502} 645}
@@ -515,6 +658,17 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
515 if (!(tx->flags & IEEE80211_TX_FRAGMENTED)) 658 if (!(tx->flags & IEEE80211_TX_FRAGMENTED))
516 return TX_CONTINUE; 659 return TX_CONTINUE;
517 660
661 /*
662 * Warn when submitting a fragmented A-MPDU frame and drop it.
663 * This is an error and needs to be fixed elsewhere, but when
664 * done needs to take care of monitor interfaces (injection)
665 * etc.
666 */
667 if (WARN_ON(tx->flags & IEEE80211_TX_CTL_AMPDU ||
668 skb_get_queue_mapping(tx->skb) >=
669 ieee80211_num_regular_queues(&tx->local->hw)))
670 return TX_DROP;
671
518 first = tx->skb; 672 first = tx->skb;
519 673
520 hdrlen = ieee80211_get_hdrlen(tx->fc); 674 hdrlen = ieee80211_get_hdrlen(tx->fc);
@@ -602,215 +756,22 @@ ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
602} 756}
603 757
604static ieee80211_tx_result 758static ieee80211_tx_result
605ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx) 759ieee80211_tx_h_stats(struct ieee80211_tx_data *tx)
606{ 760{
607 struct rate_selection rsel; 761 int i;
608 struct ieee80211_supported_band *sband;
609
610 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band];
611
612 if (likely(!tx->rate)) {
613 rate_control_get_rate(tx->dev, sband, tx->skb, &rsel);
614 tx->rate = rsel.rate;
615 if (unlikely(rsel.probe)) {
616 tx->control->flags |=
617 IEEE80211_TXCTL_RATE_CTRL_PROBE;
618 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
619 tx->control->alt_retry_rate = tx->rate;
620 tx->rate = rsel.probe;
621 } else
622 tx->control->alt_retry_rate = NULL;
623
624 if (!tx->rate)
625 return TX_DROP;
626 } else
627 tx->control->alt_retry_rate = NULL;
628
629 if (tx->sdata->bss_conf.use_cts_prot &&
630 (tx->flags & IEEE80211_TX_FRAGMENTED) && rsel.nonerp) {
631 tx->last_frag_rate = tx->rate;
632 if (rsel.probe)
633 tx->flags &= ~IEEE80211_TX_PROBE_LAST_FRAG;
634 else
635 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
636 tx->rate = rsel.nonerp;
637 tx->control->tx_rate = rsel.nonerp;
638 tx->control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
639 } else {
640 tx->last_frag_rate = tx->rate;
641 tx->control->tx_rate = tx->rate;
642 }
643 tx->control->tx_rate = tx->rate;
644
645 return TX_CONTINUE;
646}
647
648static ieee80211_tx_result
649ieee80211_tx_h_misc(struct ieee80211_tx_data *tx)
650{
651 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
652 u16 fc = le16_to_cpu(hdr->frame_control);
653 u16 dur;
654 struct ieee80211_tx_control *control = tx->control;
655
656 if (!control->retry_limit) {
657 if (!is_multicast_ether_addr(hdr->addr1)) {
658 if (tx->skb->len + FCS_LEN > tx->local->rts_threshold
659 && tx->local->rts_threshold <
660 IEEE80211_MAX_RTS_THRESHOLD) {
661 control->flags |=
662 IEEE80211_TXCTL_USE_RTS_CTS;
663 control->flags |=
664 IEEE80211_TXCTL_LONG_RETRY_LIMIT;
665 control->retry_limit =
666 tx->local->long_retry_limit;
667 } else {
668 control->retry_limit =
669 tx->local->short_retry_limit;
670 }
671 } else {
672 control->retry_limit = 1;
673 }
674 }
675
676 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
677 /* Do not use multiple retry rates when sending fragmented
678 * frames.
679 * TODO: The last fragment could still use multiple retry
680 * rates. */
681 control->alt_retry_rate = NULL;
682 }
683
684 /* Use CTS protection for unicast frames sent using extended rates if
685 * there are associated non-ERP stations and RTS/CTS is not configured
686 * for the frame. */
687 if ((tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) &&
688 (tx->rate->flags & IEEE80211_RATE_ERP_G) &&
689 (tx->flags & IEEE80211_TX_UNICAST) &&
690 tx->sdata->bss_conf.use_cts_prot &&
691 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
692 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
693
694 /* Transmit data frames using short preambles if the driver supports
695 * short preambles at the selected rate and short preambles are
696 * available on the network at the current point in time. */
697 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
698 (tx->rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
699 tx->sdata->bss_conf.use_short_preamble &&
700 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) {
701 tx->control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE;
702 }
703
704 /* Setup duration field for the first fragment of the frame. Duration
705 * for remaining fragments will be updated when they are being sent
706 * to low-level driver in ieee80211_tx(). */
707 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
708 (tx->flags & IEEE80211_TX_FRAGMENTED) ?
709 tx->extra_frag[0]->len : 0);
710 hdr->duration_id = cpu_to_le16(dur);
711
712 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
713 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) {
714 struct ieee80211_supported_band *sband;
715 struct ieee80211_rate *rate, *baserate;
716 int idx;
717
718 sband = tx->local->hw.wiphy->bands[
719 tx->local->hw.conf.channel->band];
720
721 /* Do not use multiple retry rates when using RTS/CTS */
722 control->alt_retry_rate = NULL;
723
724 /* Use min(data rate, max base rate) as CTS/RTS rate */
725 rate = tx->rate;
726 baserate = NULL;
727
728 for (idx = 0; idx < sband->n_bitrates; idx++) {
729 if (sband->bitrates[idx].bitrate > rate->bitrate)
730 continue;
731 if (tx->sdata->basic_rates & BIT(idx) &&
732 (!baserate ||
733 (baserate->bitrate < sband->bitrates[idx].bitrate)))
734 baserate = &sband->bitrates[idx];
735 }
736
737 if (baserate)
738 control->rts_cts_rate = baserate;
739 else
740 control->rts_cts_rate = &sband->bitrates[0];
741 }
742
743 if (tx->sta) {
744 control->aid = tx->sta->aid;
745 tx->sta->tx_packets++;
746 tx->sta->tx_fragments++;
747 tx->sta->tx_bytes += tx->skb->len;
748 if (tx->extra_frag) {
749 int i;
750 tx->sta->tx_fragments += tx->num_extra_frag;
751 for (i = 0; i < tx->num_extra_frag; i++) {
752 tx->sta->tx_bytes +=
753 tx->extra_frag[i]->len;
754 }
755 }
756 }
757
758 return TX_CONTINUE;
759}
760
761static ieee80211_tx_result
762ieee80211_tx_h_load_stats(struct ieee80211_tx_data *tx)
763{
764 struct ieee80211_local *local = tx->local;
765 struct sk_buff *skb = tx->skb;
766 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
767 u32 load = 0, hdrtime;
768 struct ieee80211_rate *rate = tx->rate;
769
770 /* TODO: this could be part of tx_status handling, so that the number
771 * of retries would be known; TX rate should in that case be stored
772 * somewhere with the packet */
773
774 /* Estimate total channel use caused by this frame */
775
776 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
777 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
778
779 if (tx->channel->band == IEEE80211_BAND_5GHZ ||
780 (tx->channel->band == IEEE80211_BAND_2GHZ &&
781 rate->flags & IEEE80211_RATE_ERP_G))
782 hdrtime = CHAN_UTIL_HDR_SHORT;
783 else
784 hdrtime = CHAN_UTIL_HDR_LONG;
785
786 load = hdrtime;
787 if (!is_multicast_ether_addr(hdr->addr1))
788 load += hdrtime;
789
790 if (tx->control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
791 load += 2 * hdrtime;
792 else if (tx->control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
793 load += hdrtime;
794 762
795 /* TODO: optimise again */ 763 if (!tx->sta)
796 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate; 764 return TX_CONTINUE;
797 765
766 tx->sta->tx_packets++;
767 tx->sta->tx_fragments++;
768 tx->sta->tx_bytes += tx->skb->len;
798 if (tx->extra_frag) { 769 if (tx->extra_frag) {
799 int i; 770 tx->sta->tx_fragments += tx->num_extra_frag;
800 for (i = 0; i < tx->num_extra_frag; i++) { 771 for (i = 0; i < tx->num_extra_frag; i++)
801 load += 2 * hdrtime; 772 tx->sta->tx_bytes += tx->extra_frag[i]->len;
802 load += tx->extra_frag[i]->len *
803 tx->rate->bitrate;
804 }
805 } 773 }
806 774
807 /* Divide channel_use by 8 to avoid wrapping around the counter */
808 load >>= CHAN_UTIL_SHIFT;
809 local->channel_use_raw += load;
810 if (tx->sta)
811 tx->sta->channel_use_raw += load;
812 tx->sdata->channel_use_raw += load;
813
814 return TX_CONTINUE; 775 return TX_CONTINUE;
815} 776}
816 777
@@ -823,11 +784,12 @@ static ieee80211_tx_handler ieee80211_tx_handlers[] =
823 ieee80211_tx_h_ps_buf, 784 ieee80211_tx_h_ps_buf,
824 ieee80211_tx_h_select_key, 785 ieee80211_tx_h_select_key,
825 ieee80211_tx_h_michael_mic_add, 786 ieee80211_tx_h_michael_mic_add,
826 ieee80211_tx_h_fragment,
827 ieee80211_tx_h_encrypt,
828 ieee80211_tx_h_rate_ctrl, 787 ieee80211_tx_h_rate_ctrl,
829 ieee80211_tx_h_misc, 788 ieee80211_tx_h_misc,
830 ieee80211_tx_h_load_stats, 789 ieee80211_tx_h_fragment,
790 /* handlers after fragment must be aware of tx info fragmentation! */
791 ieee80211_tx_h_encrypt,
792 ieee80211_tx_h_stats,
831 NULL 793 NULL
832}; 794};
833 795
@@ -854,12 +816,12 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
854 (struct ieee80211_radiotap_header *) skb->data; 816 (struct ieee80211_radiotap_header *) skb->data;
855 struct ieee80211_supported_band *sband; 817 struct ieee80211_supported_band *sband;
856 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len); 818 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len);
857 struct ieee80211_tx_control *control = tx->control; 819 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
858 820
859 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band]; 821 sband = tx->local->hw.wiphy->bands[tx->channel->band];
860 822
861 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 823 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
862 tx->flags |= IEEE80211_TX_INJECTED; 824 info->flags |= IEEE80211_TX_CTL_INJECTED;
863 tx->flags &= ~IEEE80211_TX_FRAGMENTED; 825 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
864 826
865 /* 827 /*
@@ -896,7 +858,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
896 r = &sband->bitrates[i]; 858 r = &sband->bitrates[i];
897 859
898 if (r->bitrate == target_rate) { 860 if (r->bitrate == target_rate) {
899 tx->rate = r; 861 tx->rate_idx = i;
900 break; 862 break;
901 } 863 }
902 } 864 }
@@ -907,7 +869,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
907 * radiotap uses 0 for 1st ant, mac80211 is 1 for 869 * radiotap uses 0 for 1st ant, mac80211 is 1 for
908 * 1st ant 870 * 1st ant
909 */ 871 */
910 control->antenna_sel_tx = (*iterator.this_arg) + 1; 872 info->antenna_sel_tx = (*iterator.this_arg) + 1;
911 break; 873 break;
912 874
913#if 0 875#if 0
@@ -931,8 +893,8 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
931 skb_trim(skb, skb->len - FCS_LEN); 893 skb_trim(skb, skb->len - FCS_LEN);
932 } 894 }
933 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP) 895 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP)
934 control->flags &= 896 info->flags &=
935 ~IEEE80211_TXCTL_DO_NOT_ENCRYPT; 897 ~IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
936 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG) 898 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG)
937 tx->flags |= IEEE80211_TX_FRAGMENTED; 899 tx->flags |= IEEE80211_TX_FRAGMENTED;
938 break; 900 break;
@@ -967,12 +929,12 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
967static ieee80211_tx_result 929static ieee80211_tx_result
968__ieee80211_tx_prepare(struct ieee80211_tx_data *tx, 930__ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
969 struct sk_buff *skb, 931 struct sk_buff *skb,
970 struct net_device *dev, 932 struct net_device *dev)
971 struct ieee80211_tx_control *control)
972{ 933{
973 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 934 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
974 struct ieee80211_hdr *hdr; 935 struct ieee80211_hdr *hdr;
975 struct ieee80211_sub_if_data *sdata; 936 struct ieee80211_sub_if_data *sdata;
937 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
976 938
977 int hdrlen; 939 int hdrlen;
978 940
@@ -981,7 +943,9 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
981 tx->dev = dev; /* use original interface */ 943 tx->dev = dev; /* use original interface */
982 tx->local = local; 944 tx->local = local;
983 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev); 945 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
984 tx->control = control; 946 tx->channel = local->hw.conf.channel;
947 tx->rate_idx = -1;
948 tx->last_frag_rate_idx = -1;
985 /* 949 /*
986 * Set this flag (used below to indicate "automatic fragmentation"), 950 * Set this flag (used below to indicate "automatic fragmentation"),
987 * it will be cleared/left by radiotap as desired. 951 * it will be cleared/left by radiotap as desired.
@@ -1008,10 +972,10 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1008 972
1009 if (is_multicast_ether_addr(hdr->addr1)) { 973 if (is_multicast_ether_addr(hdr->addr1)) {
1010 tx->flags &= ~IEEE80211_TX_UNICAST; 974 tx->flags &= ~IEEE80211_TX_UNICAST;
1011 control->flags |= IEEE80211_TXCTL_NO_ACK; 975 info->flags |= IEEE80211_TX_CTL_NO_ACK;
1012 } else { 976 } else {
1013 tx->flags |= IEEE80211_TX_UNICAST; 977 tx->flags |= IEEE80211_TX_UNICAST;
1014 control->flags &= ~IEEE80211_TXCTL_NO_ACK; 978 info->flags &= ~IEEE80211_TX_CTL_NO_ACK;
1015 } 979 }
1016 980
1017 if (tx->flags & IEEE80211_TX_FRAGMENTED) { 981 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
@@ -1024,18 +988,16 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1024 } 988 }
1025 989
1026 if (!tx->sta) 990 if (!tx->sta)
1027 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT; 991 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1028 else if (tx->sta->flags & WLAN_STA_CLEAR_PS_FILT) { 992 else if (test_and_clear_sta_flags(tx->sta, WLAN_STA_CLEAR_PS_FILT))
1029 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT; 993 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1030 tx->sta->flags &= ~WLAN_STA_CLEAR_PS_FILT;
1031 }
1032 994
1033 hdrlen = ieee80211_get_hdrlen(tx->fc); 995 hdrlen = ieee80211_get_hdrlen(tx->fc);
1034 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) { 996 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) {
1035 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)]; 997 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)];
1036 tx->ethertype = (pos[0] << 8) | pos[1]; 998 tx->ethertype = (pos[0] << 8) | pos[1];
1037 } 999 }
1038 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT; 1000 info->flags |= IEEE80211_TX_CTL_FIRST_FRAGMENT;
1039 1001
1040 return TX_CONTINUE; 1002 return TX_CONTINUE;
1041} 1003}
@@ -1045,14 +1007,12 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1045 */ 1007 */
1046static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx, 1008static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1047 struct sk_buff *skb, 1009 struct sk_buff *skb,
1048 struct net_device *mdev, 1010 struct net_device *mdev)
1049 struct ieee80211_tx_control *control)
1050{ 1011{
1051 struct ieee80211_tx_packet_data *pkt_data; 1012 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1052 struct net_device *dev; 1013 struct net_device *dev;
1053 1014
1054 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; 1015 dev = dev_get_by_index(&init_net, info->control.ifindex);
1055 dev = dev_get_by_index(&init_net, pkt_data->ifindex);
1056 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) { 1016 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) {
1057 dev_put(dev); 1017 dev_put(dev);
1058 dev = NULL; 1018 dev = NULL;
@@ -1060,7 +1020,7 @@ static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1060 if (unlikely(!dev)) 1020 if (unlikely(!dev))
1061 return -ENODEV; 1021 return -ENODEV;
1062 /* initialises tx with control */ 1022 /* initialises tx with control */
1063 __ieee80211_tx_prepare(tx, skb, dev, control); 1023 __ieee80211_tx_prepare(tx, skb, dev);
1064 dev_put(dev); 1024 dev_put(dev);
1065 return 0; 1025 return 0;
1066} 1026}
@@ -1068,50 +1028,49 @@ static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1068static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb, 1028static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1069 struct ieee80211_tx_data *tx) 1029 struct ieee80211_tx_data *tx)
1070{ 1030{
1071 struct ieee80211_tx_control *control = tx->control; 1031 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1072 int ret, i; 1032 int ret, i;
1073 1033
1074 if (!ieee80211_qdisc_installed(local->mdev) && 1034 if (netif_subqueue_stopped(local->mdev, skb))
1075 __ieee80211_queue_stopped(local, 0)) {
1076 netif_stop_queue(local->mdev);
1077 return IEEE80211_TX_AGAIN; 1035 return IEEE80211_TX_AGAIN;
1078 } 1036
1079 if (skb) { 1037 if (skb) {
1080 ieee80211_dump_frame(wiphy_name(local->hw.wiphy), 1038 ieee80211_dump_frame(wiphy_name(local->hw.wiphy),
1081 "TX to low-level driver", skb); 1039 "TX to low-level driver", skb);
1082 ret = local->ops->tx(local_to_hw(local), skb, control); 1040 ret = local->ops->tx(local_to_hw(local), skb);
1083 if (ret) 1041 if (ret)
1084 return IEEE80211_TX_AGAIN; 1042 return IEEE80211_TX_AGAIN;
1085 local->mdev->trans_start = jiffies; 1043 local->mdev->trans_start = jiffies;
1086 ieee80211_led_tx(local, 1); 1044 ieee80211_led_tx(local, 1);
1087 } 1045 }
1088 if (tx->extra_frag) { 1046 if (tx->extra_frag) {
1089 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1090 IEEE80211_TXCTL_USE_CTS_PROTECT |
1091 IEEE80211_TXCTL_CLEAR_PS_FILT |
1092 IEEE80211_TXCTL_FIRST_FRAGMENT);
1093 for (i = 0; i < tx->num_extra_frag; i++) { 1047 for (i = 0; i < tx->num_extra_frag; i++) {
1094 if (!tx->extra_frag[i]) 1048 if (!tx->extra_frag[i])
1095 continue; 1049 continue;
1096 if (__ieee80211_queue_stopped(local, control->queue)) 1050 info = IEEE80211_SKB_CB(tx->extra_frag[i]);
1051 info->flags &= ~(IEEE80211_TX_CTL_USE_RTS_CTS |
1052 IEEE80211_TX_CTL_USE_CTS_PROTECT |
1053 IEEE80211_TX_CTL_CLEAR_PS_FILT |
1054 IEEE80211_TX_CTL_FIRST_FRAGMENT);
1055 if (netif_subqueue_stopped(local->mdev,
1056 tx->extra_frag[i]))
1097 return IEEE80211_TX_FRAG_AGAIN; 1057 return IEEE80211_TX_FRAG_AGAIN;
1098 if (i == tx->num_extra_frag) { 1058 if (i == tx->num_extra_frag) {
1099 control->tx_rate = tx->last_frag_rate; 1059 info->tx_rate_idx = tx->last_frag_rate_idx;
1100 1060
1101 if (tx->flags & IEEE80211_TX_PROBE_LAST_FRAG) 1061 if (tx->flags & IEEE80211_TX_PROBE_LAST_FRAG)
1102 control->flags |= 1062 info->flags |=
1103 IEEE80211_TXCTL_RATE_CTRL_PROBE; 1063 IEEE80211_TX_CTL_RATE_CTRL_PROBE;
1104 else 1064 else
1105 control->flags &= 1065 info->flags &=
1106 ~IEEE80211_TXCTL_RATE_CTRL_PROBE; 1066 ~IEEE80211_TX_CTL_RATE_CTRL_PROBE;
1107 } 1067 }
1108 1068
1109 ieee80211_dump_frame(wiphy_name(local->hw.wiphy), 1069 ieee80211_dump_frame(wiphy_name(local->hw.wiphy),
1110 "TX to low-level driver", 1070 "TX to low-level driver",
1111 tx->extra_frag[i]); 1071 tx->extra_frag[i]);
1112 ret = local->ops->tx(local_to_hw(local), 1072 ret = local->ops->tx(local_to_hw(local),
1113 tx->extra_frag[i], 1073 tx->extra_frag[i]);
1114 control);
1115 if (ret) 1074 if (ret)
1116 return IEEE80211_TX_FRAG_AGAIN; 1075 return IEEE80211_TX_FRAG_AGAIN;
1117 local->mdev->trans_start = jiffies; 1076 local->mdev->trans_start = jiffies;
@@ -1124,17 +1083,20 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1124 return IEEE80211_TX_OK; 1083 return IEEE80211_TX_OK;
1125} 1084}
1126 1085
1127static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb, 1086static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb)
1128 struct ieee80211_tx_control *control)
1129{ 1087{
1130 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1088 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1131 struct sta_info *sta; 1089 struct sta_info *sta;
1132 ieee80211_tx_handler *handler; 1090 ieee80211_tx_handler *handler;
1133 struct ieee80211_tx_data tx; 1091 struct ieee80211_tx_data tx;
1134 ieee80211_tx_result res = TX_DROP, res_prepare; 1092 ieee80211_tx_result res = TX_DROP, res_prepare;
1093 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1135 int ret, i; 1094 int ret, i;
1095 u16 queue;
1096
1097 queue = skb_get_queue_mapping(skb);
1136 1098
1137 WARN_ON(__ieee80211_queue_pending(local, control->queue)); 1099 WARN_ON(test_bit(queue, local->queues_pending));
1138 1100
1139 if (unlikely(skb->len < 10)) { 1101 if (unlikely(skb->len < 10)) {
1140 dev_kfree_skb(skb); 1102 dev_kfree_skb(skb);
@@ -1144,7 +1106,7 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1144 rcu_read_lock(); 1106 rcu_read_lock();
1145 1107
1146 /* initialises tx */ 1108 /* initialises tx */
1147 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev, control); 1109 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev);
1148 1110
1149 if (res_prepare == TX_DROP) { 1111 if (res_prepare == TX_DROP) {
1150 dev_kfree_skb(skb); 1112 dev_kfree_skb(skb);
@@ -1154,6 +1116,7 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1154 1116
1155 sta = tx.sta; 1117 sta = tx.sta;
1156 tx.channel = local->hw.conf.channel; 1118 tx.channel = local->hw.conf.channel;
1119 info->band = tx.channel->band;
1157 1120
1158 for (handler = ieee80211_tx_handlers; *handler != NULL; 1121 for (handler = ieee80211_tx_handlers; *handler != NULL;
1159 handler++) { 1122 handler++) {
@@ -1162,7 +1125,8 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1162 break; 1125 break;
1163 } 1126 }
1164 1127
1165 skb = tx.skb; /* handlers are allowed to change skb */ 1128 if (WARN_ON(tx.skb != skb))
1129 goto drop;
1166 1130
1167 if (unlikely(res == TX_DROP)) { 1131 if (unlikely(res == TX_DROP)) {
1168 I802_DEBUG_INC(local->tx_handlers_drop); 1132 I802_DEBUG_INC(local->tx_handlers_drop);
@@ -1186,7 +1150,7 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1186 next_len = tx.extra_frag[i + 1]->len; 1150 next_len = tx.extra_frag[i + 1]->len;
1187 } else { 1151 } else {
1188 next_len = 0; 1152 next_len = 0;
1189 tx.rate = tx.last_frag_rate; 1153 tx.rate_idx = tx.last_frag_rate_idx;
1190 } 1154 }
1191 dur = ieee80211_duration(&tx, 0, next_len); 1155 dur = ieee80211_duration(&tx, 0, next_len);
1192 hdr->duration_id = cpu_to_le16(dur); 1156 hdr->duration_id = cpu_to_le16(dur);
@@ -1196,34 +1160,41 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1196retry: 1160retry:
1197 ret = __ieee80211_tx(local, skb, &tx); 1161 ret = __ieee80211_tx(local, skb, &tx);
1198 if (ret) { 1162 if (ret) {
1199 struct ieee80211_tx_stored_packet *store = 1163 struct ieee80211_tx_stored_packet *store;
1200 &local->pending_packet[control->queue]; 1164
1165 /*
1166 * Since there are no fragmented frames on A-MPDU
1167 * queues, there's no reason for a driver to reject
1168 * a frame there, warn and drop it.
1169 */
1170 if (WARN_ON(queue >= ieee80211_num_regular_queues(&local->hw)))
1171 goto drop;
1172
1173 store = &local->pending_packet[queue];
1201 1174
1202 if (ret == IEEE80211_TX_FRAG_AGAIN) 1175 if (ret == IEEE80211_TX_FRAG_AGAIN)
1203 skb = NULL; 1176 skb = NULL;
1204 set_bit(IEEE80211_LINK_STATE_PENDING, 1177 set_bit(queue, local->queues_pending);
1205 &local->state[control->queue]);
1206 smp_mb(); 1178 smp_mb();
1207 /* When the driver gets out of buffers during sending of 1179 /*
1208 * fragments and calls ieee80211_stop_queue, there is 1180 * When the driver gets out of buffers during sending of
1209 * a small window between IEEE80211_LINK_STATE_XOFF and 1181 * fragments and calls ieee80211_stop_queue, the netif
1210 * IEEE80211_LINK_STATE_PENDING flags are set. If a buffer 1182 * subqueue is stopped. There is, however, a small window
1183 * in which the PENDING bit is not yet set. If a buffer
1211 * gets available in that window (i.e. driver calls 1184 * gets available in that window (i.e. driver calls
1212 * ieee80211_wake_queue), we would end up with ieee80211_tx 1185 * ieee80211_wake_queue), we would end up with ieee80211_tx
1213 * called with IEEE80211_LINK_STATE_PENDING. Prevent this by 1186 * called with the PENDING bit still set. Prevent this by
1214 * continuing transmitting here when that situation is 1187 * continuing transmitting here when that situation is
1215 * possible to have happened. */ 1188 * possible to have happened.
1216 if (!__ieee80211_queue_stopped(local, control->queue)) { 1189 */
1217 clear_bit(IEEE80211_LINK_STATE_PENDING, 1190 if (!__netif_subqueue_stopped(local->mdev, queue)) {
1218 &local->state[control->queue]); 1191 clear_bit(queue, local->queues_pending);
1219 goto retry; 1192 goto retry;
1220 } 1193 }
1221 memcpy(&store->control, control,
1222 sizeof(struct ieee80211_tx_control));
1223 store->skb = skb; 1194 store->skb = skb;
1224 store->extra_frag = tx.extra_frag; 1195 store->extra_frag = tx.extra_frag;
1225 store->num_extra_frag = tx.num_extra_frag; 1196 store->num_extra_frag = tx.num_extra_frag;
1226 store->last_frag_rate = tx.last_frag_rate; 1197 store->last_frag_rate_idx = tx.last_frag_rate_idx;
1227 store->last_frag_rate_ctrl_probe = 1198 store->last_frag_rate_ctrl_probe =
1228 !!(tx.flags & IEEE80211_TX_PROBE_LAST_FRAG); 1199 !!(tx.flags & IEEE80211_TX_PROBE_LAST_FRAG);
1229 } 1200 }
@@ -1243,24 +1214,57 @@ retry:
1243 1214
1244/* device xmit handlers */ 1215/* device xmit handlers */
1245 1216
1217static int ieee80211_skb_resize(struct ieee80211_local *local,
1218 struct sk_buff *skb,
1219 int head_need, bool may_encrypt)
1220{
1221 int tail_need = 0;
1222
1223 /*
1224 * This could be optimised, devices that do full hardware
1225 * crypto (including TKIP MMIC) need no tailroom... But we
1226 * have no drivers for such devices currently.
1227 */
1228 if (may_encrypt) {
1229 tail_need = IEEE80211_ENCRYPT_TAILROOM;
1230 tail_need -= skb_tailroom(skb);
1231 tail_need = max_t(int, tail_need, 0);
1232 }
1233
1234 if (head_need || tail_need) {
1235 /* Sorry. Can't account for this any more */
1236 skb_orphan(skb);
1237 }
1238
1239 if (skb_header_cloned(skb))
1240 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1241 else
1242 I802_DEBUG_INC(local->tx_expand_skb_head);
1243
1244 if (pskb_expand_head(skb, head_need, tail_need, GFP_ATOMIC)) {
1245 printk(KERN_DEBUG "%s: failed to reallocate TX buffer\n",
1246 wiphy_name(local->hw.wiphy));
1247 return -ENOMEM;
1248 }
1249
1250 /* update truesize too */
1251 skb->truesize += head_need + tail_need;
1252
1253 return 0;
1254}
1255
1246int ieee80211_master_start_xmit(struct sk_buff *skb, 1256int ieee80211_master_start_xmit(struct sk_buff *skb,
1247 struct net_device *dev) 1257 struct net_device *dev)
1248{ 1258{
1249 struct ieee80211_tx_control control; 1259 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1250 struct ieee80211_tx_packet_data *pkt_data;
1251 struct net_device *odev = NULL; 1260 struct net_device *odev = NULL;
1252 struct ieee80211_sub_if_data *osdata; 1261 struct ieee80211_sub_if_data *osdata;
1253 int headroom; 1262 int headroom;
1263 bool may_encrypt;
1254 int ret; 1264 int ret;
1255 1265
1256 /* 1266 if (info->control.ifindex)
1257 * copy control out of the skb so other people can use skb->cb 1267 odev = dev_get_by_index(&init_net, info->control.ifindex);
1258 */
1259 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1260 memset(&control, 0, sizeof(struct ieee80211_tx_control));
1261
1262 if (pkt_data->ifindex)
1263 odev = dev_get_by_index(&init_net, pkt_data->ifindex);
1264 if (unlikely(odev && !is_ieee80211_device(odev, dev))) { 1268 if (unlikely(odev && !is_ieee80211_device(odev, dev))) {
1265 dev_put(odev); 1269 dev_put(odev);
1266 odev = NULL; 1270 odev = NULL;
@@ -1273,32 +1277,25 @@ int ieee80211_master_start_xmit(struct sk_buff *skb,
1273 dev_kfree_skb(skb); 1277 dev_kfree_skb(skb);
1274 return 0; 1278 return 0;
1275 } 1279 }
1280
1276 osdata = IEEE80211_DEV_TO_SUB_IF(odev); 1281 osdata = IEEE80211_DEV_TO_SUB_IF(odev);
1277 1282
1278 headroom = osdata->local->tx_headroom + IEEE80211_ENCRYPT_HEADROOM; 1283 may_encrypt = !(info->flags & IEEE80211_TX_CTL_DO_NOT_ENCRYPT);
1279 if (skb_headroom(skb) < headroom) { 1284
1280 if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) { 1285 headroom = osdata->local->tx_headroom;
1281 dev_kfree_skb(skb); 1286 if (may_encrypt)
1282 dev_put(odev); 1287 headroom += IEEE80211_ENCRYPT_HEADROOM;
1283 return 0; 1288 headroom -= skb_headroom(skb);
1284 } 1289 headroom = max_t(int, 0, headroom);
1290
1291 if (ieee80211_skb_resize(osdata->local, skb, headroom, may_encrypt)) {
1292 dev_kfree_skb(skb);
1293 dev_put(odev);
1294 return 0;
1285 } 1295 }
1286 1296
1287 control.vif = &osdata->vif; 1297 info->control.vif = &osdata->vif;
1288 control.type = osdata->vif.type; 1298 ret = ieee80211_tx(odev, skb);
1289 if (pkt_data->flags & IEEE80211_TXPD_REQ_TX_STATUS)
1290 control.flags |= IEEE80211_TXCTL_REQ_TX_STATUS;
1291 if (pkt_data->flags & IEEE80211_TXPD_DO_NOT_ENCRYPT)
1292 control.flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
1293 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE)
1294 control.flags |= IEEE80211_TXCTL_REQUEUE;
1295 if (pkt_data->flags & IEEE80211_TXPD_EAPOL_FRAME)
1296 control.flags |= IEEE80211_TXCTL_EAPOL_FRAME;
1297 if (pkt_data->flags & IEEE80211_TXPD_AMPDU)
1298 control.flags |= IEEE80211_TXCTL_AMPDU;
1299 control.queue = pkt_data->queue;
1300
1301 ret = ieee80211_tx(odev, skb, &control);
1302 dev_put(odev); 1299 dev_put(odev);
1303 1300
1304 return ret; 1301 return ret;
@@ -1308,7 +1305,7 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1308 struct net_device *dev) 1305 struct net_device *dev)
1309{ 1306{
1310 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1307 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1311 struct ieee80211_tx_packet_data *pkt_data; 1308 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1312 struct ieee80211_radiotap_header *prthdr = 1309 struct ieee80211_radiotap_header *prthdr =
1313 (struct ieee80211_radiotap_header *)skb->data; 1310 (struct ieee80211_radiotap_header *)skb->data;
1314 u16 len_rthdr; 1311 u16 len_rthdr;
@@ -1330,12 +1327,12 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1330 1327
1331 skb->dev = local->mdev; 1328 skb->dev = local->mdev;
1332 1329
1333 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1334 memset(pkt_data, 0, sizeof(*pkt_data));
1335 /* needed because we set skb device to master */ 1330 /* needed because we set skb device to master */
1336 pkt_data->ifindex = dev->ifindex; 1331 info->control.ifindex = dev->ifindex;
1337 1332
1338 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT; 1333 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
1334 /* Interfaces should always request a status report */
1335 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
1339 1336
1340 /* 1337 /*
1341 * fix up the pointers accounting for the radiotap 1338 * fix up the pointers accounting for the radiotap
@@ -1379,7 +1376,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1379 struct net_device *dev) 1376 struct net_device *dev)
1380{ 1377{
1381 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1378 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1382 struct ieee80211_tx_packet_data *pkt_data; 1379 struct ieee80211_tx_info *info;
1383 struct ieee80211_sub_if_data *sdata; 1380 struct ieee80211_sub_if_data *sdata;
1384 int ret = 1, head_need; 1381 int ret = 1, head_need;
1385 u16 ethertype, hdrlen, meshhdrlen = 0, fc; 1382 u16 ethertype, hdrlen, meshhdrlen = 0, fc;
@@ -1486,12 +1483,13 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1486 rcu_read_lock(); 1483 rcu_read_lock();
1487 sta = sta_info_get(local, hdr.addr1); 1484 sta = sta_info_get(local, hdr.addr1);
1488 if (sta) 1485 if (sta)
1489 sta_flags = sta->flags; 1486 sta_flags = get_sta_flags(sta);
1490 rcu_read_unlock(); 1487 rcu_read_unlock();
1491 } 1488 }
1492 1489
1493 /* receiver is QoS enabled, use a QoS type frame */ 1490 /* receiver and we are QoS enabled, use a QoS type frame */
1494 if (sta_flags & WLAN_STA_WME) { 1491 if (sta_flags & WLAN_STA_WME &&
1492 ieee80211_num_regular_queues(&local->hw) >= 4) {
1495 fc |= IEEE80211_STYPE_QOS_DATA; 1493 fc |= IEEE80211_STYPE_QOS_DATA;
1496 hdrlen += 2; 1494 hdrlen += 2;
1497 } 1495 }
@@ -1555,32 +1553,26 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1555 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and 1553 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1556 * alloc_skb() (net/core/skbuff.c) 1554 * alloc_skb() (net/core/skbuff.c)
1557 */ 1555 */
1558 head_need = hdrlen + encaps_len + meshhdrlen + local->tx_headroom; 1556 head_need = hdrlen + encaps_len + meshhdrlen - skb_headroom(skb);
1559 head_need -= skb_headroom(skb);
1560 1557
1561 /* We are going to modify skb data, so make a copy of it if happens to 1558 /*
1562 * be cloned. This could happen, e.g., with Linux bridge code passing 1559 * So we need to modify the skb header and hence need a copy of
1563 * us broadcast frames. */ 1560 * that. The head_need variable above doesn't, so far, include
1561 * the needed header space that we don't need right away. If we
1562 * can, then we don't reallocate right now but only after the
1563 * frame arrives at the master device (if it does...)
1564 *
1565 * If we cannot, however, then we will reallocate to include all
1566 * the ever needed space. Also, if we need to reallocate it anyway,
1567 * make it big enough for everything we may ever need.
1568 */
1564 1569
1565 if (head_need > 0 || skb_header_cloned(skb)) { 1570 if (head_need > 0 || skb_header_cloned(skb)) {
1566#if 0 1571 head_need += IEEE80211_ENCRYPT_HEADROOM;
1567 printk(KERN_DEBUG "%s: need to reallocate buffer for %d bytes " 1572 head_need += local->tx_headroom;
1568 "of headroom\n", dev->name, head_need); 1573 head_need = max_t(int, 0, head_need);
1569#endif 1574 if (ieee80211_skb_resize(local, skb, head_need, true))
1570
1571 if (skb_header_cloned(skb))
1572 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1573 else
1574 I802_DEBUG_INC(local->tx_expand_skb_head);
1575 /* Since we have to reallocate the buffer, make sure that there
1576 * is enough room for possible WEP IV/ICV and TKIP (8 bytes
1577 * before payload and 12 after). */
1578 if (pskb_expand_head(skb, (head_need > 0 ? head_need + 8 : 8),
1579 12, GFP_ATOMIC)) {
1580 printk(KERN_DEBUG "%s: failed to reallocate TX buffer"
1581 "\n", dev->name);
1582 goto fail; 1575 goto fail;
1583 }
1584 } 1576 }
1585 1577
1586 if (encaps_data) { 1578 if (encaps_data) {
@@ -1611,11 +1603,14 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1611 nh_pos += hdrlen; 1603 nh_pos += hdrlen;
1612 h_pos += hdrlen; 1604 h_pos += hdrlen;
1613 1605
1614 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; 1606 info = IEEE80211_SKB_CB(skb);
1615 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data)); 1607 memset(info, 0, sizeof(*info));
1616 pkt_data->ifindex = dev->ifindex; 1608 info->control.ifindex = dev->ifindex;
1617 if (ethertype == ETH_P_PAE) 1609 if (ethertype == ETH_P_PAE)
1618 pkt_data->flags |= IEEE80211_TXPD_EAPOL_FRAME; 1610 info->flags |= IEEE80211_TX_CTL_EAPOL_FRAME;
1611
1612 /* Interfaces should always request a status report */
1613 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
1619 1614
1620 skb->dev = local->mdev; 1615 skb->dev = local->mdev;
1621 dev->stats.tx_packets++; 1616 dev->stats.tx_packets++;
@@ -1640,46 +1635,55 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1640 return ret; 1635 return ret;
1641} 1636}
1642 1637
1643/* helper functions for pending packets for when queues are stopped */
1644 1638
1639/*
1640 * ieee80211_clear_tx_pending may not be called in a context where
1641 * it is possible that it packets could come in again.
1642 */
1645void ieee80211_clear_tx_pending(struct ieee80211_local *local) 1643void ieee80211_clear_tx_pending(struct ieee80211_local *local)
1646{ 1644{
1647 int i, j; 1645 int i, j;
1648 struct ieee80211_tx_stored_packet *store; 1646 struct ieee80211_tx_stored_packet *store;
1649 1647
1650 for (i = 0; i < local->hw.queues; i++) { 1648 for (i = 0; i < ieee80211_num_regular_queues(&local->hw); i++) {
1651 if (!__ieee80211_queue_pending(local, i)) 1649 if (!test_bit(i, local->queues_pending))
1652 continue; 1650 continue;
1653 store = &local->pending_packet[i]; 1651 store = &local->pending_packet[i];
1654 kfree_skb(store->skb); 1652 kfree_skb(store->skb);
1655 for (j = 0; j < store->num_extra_frag; j++) 1653 for (j = 0; j < store->num_extra_frag; j++)
1656 kfree_skb(store->extra_frag[j]); 1654 kfree_skb(store->extra_frag[j]);
1657 kfree(store->extra_frag); 1655 kfree(store->extra_frag);
1658 clear_bit(IEEE80211_LINK_STATE_PENDING, &local->state[i]); 1656 clear_bit(i, local->queues_pending);
1659 } 1657 }
1660} 1658}
1661 1659
1660/*
1661 * Transmit all pending packets. Called from tasklet, locks master device
1662 * TX lock so that no new packets can come in.
1663 */
1662void ieee80211_tx_pending(unsigned long data) 1664void ieee80211_tx_pending(unsigned long data)
1663{ 1665{
1664 struct ieee80211_local *local = (struct ieee80211_local *)data; 1666 struct ieee80211_local *local = (struct ieee80211_local *)data;
1665 struct net_device *dev = local->mdev; 1667 struct net_device *dev = local->mdev;
1666 struct ieee80211_tx_stored_packet *store; 1668 struct ieee80211_tx_stored_packet *store;
1667 struct ieee80211_tx_data tx; 1669 struct ieee80211_tx_data tx;
1668 int i, ret, reschedule = 0; 1670 int i, ret;
1669 1671
1670 netif_tx_lock_bh(dev); 1672 netif_tx_lock_bh(dev);
1671 for (i = 0; i < local->hw.queues; i++) { 1673 for (i = 0; i < ieee80211_num_regular_queues(&local->hw); i++) {
1672 if (__ieee80211_queue_stopped(local, i)) 1674 /* Check that this queue is ok */
1675 if (__netif_subqueue_stopped(local->mdev, i))
1673 continue; 1676 continue;
1674 if (!__ieee80211_queue_pending(local, i)) { 1677
1675 reschedule = 1; 1678 if (!test_bit(i, local->queues_pending)) {
1679 ieee80211_wake_queue(&local->hw, i);
1676 continue; 1680 continue;
1677 } 1681 }
1682
1678 store = &local->pending_packet[i]; 1683 store = &local->pending_packet[i];
1679 tx.control = &store->control;
1680 tx.extra_frag = store->extra_frag; 1684 tx.extra_frag = store->extra_frag;
1681 tx.num_extra_frag = store->num_extra_frag; 1685 tx.num_extra_frag = store->num_extra_frag;
1682 tx.last_frag_rate = store->last_frag_rate; 1686 tx.last_frag_rate_idx = store->last_frag_rate_idx;
1683 tx.flags = 0; 1687 tx.flags = 0;
1684 if (store->last_frag_rate_ctrl_probe) 1688 if (store->last_frag_rate_ctrl_probe)
1685 tx.flags |= IEEE80211_TX_PROBE_LAST_FRAG; 1689 tx.flags |= IEEE80211_TX_PROBE_LAST_FRAG;
@@ -1688,19 +1692,11 @@ void ieee80211_tx_pending(unsigned long data)
1688 if (ret == IEEE80211_TX_FRAG_AGAIN) 1692 if (ret == IEEE80211_TX_FRAG_AGAIN)
1689 store->skb = NULL; 1693 store->skb = NULL;
1690 } else { 1694 } else {
1691 clear_bit(IEEE80211_LINK_STATE_PENDING, 1695 clear_bit(i, local->queues_pending);
1692 &local->state[i]); 1696 ieee80211_wake_queue(&local->hw, i);
1693 reschedule = 1;
1694 } 1697 }
1695 } 1698 }
1696 netif_tx_unlock_bh(dev); 1699 netif_tx_unlock_bh(dev);
1697 if (reschedule) {
1698 if (!ieee80211_qdisc_installed(dev)) {
1699 if (!__ieee80211_queue_stopped(local, 0))
1700 netif_wake_queue(dev);
1701 } else
1702 netif_schedule(dev);
1703 }
1704} 1700}
1705 1701
1706/* functions for drivers to get certain frames */ 1702/* functions for drivers to get certain frames */
@@ -1769,11 +1765,11 @@ static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1769} 1765}
1770 1766
1771struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, 1767struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1772 struct ieee80211_vif *vif, 1768 struct ieee80211_vif *vif)
1773 struct ieee80211_tx_control *control)
1774{ 1769{
1775 struct ieee80211_local *local = hw_to_local(hw); 1770 struct ieee80211_local *local = hw_to_local(hw);
1776 struct sk_buff *skb; 1771 struct sk_buff *skb;
1772 struct ieee80211_tx_info *info;
1777 struct net_device *bdev; 1773 struct net_device *bdev;
1778 struct ieee80211_sub_if_data *sdata = NULL; 1774 struct ieee80211_sub_if_data *sdata = NULL;
1779 struct ieee80211_if_ap *ap = NULL; 1775 struct ieee80211_if_ap *ap = NULL;
@@ -1783,9 +1779,10 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1783 struct ieee80211_mgmt *mgmt; 1779 struct ieee80211_mgmt *mgmt;
1784 int *num_beacons; 1780 int *num_beacons;
1785 bool err = true; 1781 bool err = true;
1782 enum ieee80211_band band = local->hw.conf.channel->band;
1786 u8 *pos; 1783 u8 *pos;
1787 1784
1788 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 1785 sband = local->hw.wiphy->bands[band];
1789 1786
1790 rcu_read_lock(); 1787 rcu_read_lock();
1791 1788
@@ -1878,30 +1875,32 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1878 goto out; 1875 goto out;
1879 } 1876 }
1880 1877
1881 if (control) { 1878 info = IEEE80211_SKB_CB(skb);
1882 rate_control_get_rate(local->mdev, sband, skb, &rsel);
1883 if (!rsel.rate) {
1884 if (net_ratelimit()) {
1885 printk(KERN_DEBUG "%s: ieee80211_beacon_get: "
1886 "no rate found\n",
1887 wiphy_name(local->hw.wiphy));
1888 }
1889 dev_kfree_skb(skb);
1890 skb = NULL;
1891 goto out;
1892 }
1893 1879
1894 control->vif = vif; 1880 info->band = band;
1895 control->tx_rate = rsel.rate; 1881 rate_control_get_rate(local->mdev, sband, skb, &rsel);
1896 if (sdata->bss_conf.use_short_preamble && 1882
1897 rsel.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 1883 if (unlikely(rsel.rate_idx < 0)) {
1898 control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE; 1884 if (net_ratelimit()) {
1899 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx; 1885 printk(KERN_DEBUG "%s: ieee80211_beacon_get: "
1900 control->flags |= IEEE80211_TXCTL_NO_ACK; 1886 "no rate found\n",
1901 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 1887 wiphy_name(local->hw.wiphy));
1902 control->retry_limit = 1; 1888 }
1903 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT; 1889 dev_kfree_skb(skb);
1890 skb = NULL;
1891 goto out;
1904 } 1892 }
1893
1894 info->control.vif = vif;
1895 info->tx_rate_idx = rsel.rate_idx;
1896 if (sdata->bss_conf.use_short_preamble &&
1897 sband->bitrates[rsel.rate_idx].flags & IEEE80211_RATE_SHORT_PREAMBLE)
1898 info->flags |= IEEE80211_TX_CTL_SHORT_PREAMBLE;
1899 info->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1900 info->flags |= IEEE80211_TX_CTL_NO_ACK;
1901 info->flags |= IEEE80211_TX_CTL_DO_NOT_ENCRYPT;
1902 info->control.retry_limit = 1;
1903 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1905 (*num_beacons)++; 1904 (*num_beacons)++;
1906out: 1905out:
1907 rcu_read_unlock(); 1906 rcu_read_unlock();
@@ -1911,7 +1910,7 @@ EXPORT_SYMBOL(ieee80211_beacon_get);
1911 1910
1912void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 1911void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1913 const void *frame, size_t frame_len, 1912 const void *frame, size_t frame_len,
1914 const struct ieee80211_tx_control *frame_txctl, 1913 const struct ieee80211_tx_info *frame_txctl,
1915 struct ieee80211_rts *rts) 1914 struct ieee80211_rts *rts)
1916{ 1915{
1917 const struct ieee80211_hdr *hdr = frame; 1916 const struct ieee80211_hdr *hdr = frame;
@@ -1928,7 +1927,7 @@ EXPORT_SYMBOL(ieee80211_rts_get);
1928 1927
1929void ieee80211_ctstoself_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif, 1928void ieee80211_ctstoself_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
1930 const void *frame, size_t frame_len, 1929 const void *frame, size_t frame_len,
1931 const struct ieee80211_tx_control *frame_txctl, 1930 const struct ieee80211_tx_info *frame_txctl,
1932 struct ieee80211_cts *cts) 1931 struct ieee80211_cts *cts)
1933{ 1932{
1934 const struct ieee80211_hdr *hdr = frame; 1933 const struct ieee80211_hdr *hdr = frame;
@@ -1944,11 +1943,10 @@ EXPORT_SYMBOL(ieee80211_ctstoself_get);
1944 1943
1945struct sk_buff * 1944struct sk_buff *
1946ieee80211_get_buffered_bc(struct ieee80211_hw *hw, 1945ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1947 struct ieee80211_vif *vif, 1946 struct ieee80211_vif *vif)
1948 struct ieee80211_tx_control *control)
1949{ 1947{
1950 struct ieee80211_local *local = hw_to_local(hw); 1948 struct ieee80211_local *local = hw_to_local(hw);
1951 struct sk_buff *skb; 1949 struct sk_buff *skb = NULL;
1952 struct sta_info *sta; 1950 struct sta_info *sta;
1953 ieee80211_tx_handler *handler; 1951 ieee80211_tx_handler *handler;
1954 struct ieee80211_tx_data tx; 1952 struct ieee80211_tx_data tx;
@@ -1957,10 +1955,11 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1957 struct ieee80211_sub_if_data *sdata; 1955 struct ieee80211_sub_if_data *sdata;
1958 struct ieee80211_if_ap *bss = NULL; 1956 struct ieee80211_if_ap *bss = NULL;
1959 struct beacon_data *beacon; 1957 struct beacon_data *beacon;
1958 struct ieee80211_tx_info *info;
1960 1959
1961 sdata = vif_to_sdata(vif); 1960 sdata = vif_to_sdata(vif);
1962 bdev = sdata->dev; 1961 bdev = sdata->dev;
1963 1962 bss = &sdata->u.ap;
1964 1963
1965 if (!bss) 1964 if (!bss)
1966 return NULL; 1965 return NULL;
@@ -1968,19 +1967,16 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1968 rcu_read_lock(); 1967 rcu_read_lock();
1969 beacon = rcu_dereference(bss->beacon); 1968 beacon = rcu_dereference(bss->beacon);
1970 1969
1971 if (sdata->vif.type != IEEE80211_IF_TYPE_AP || !beacon || 1970 if (sdata->vif.type != IEEE80211_IF_TYPE_AP || !beacon || !beacon->head)
1972 !beacon->head) { 1971 goto out;
1973 rcu_read_unlock();
1974 return NULL;
1975 }
1976 1972
1977 if (bss->dtim_count != 0) 1973 if (bss->dtim_count != 0)
1978 return NULL; /* send buffered bc/mc only after DTIM beacon */ 1974 goto out; /* send buffered bc/mc only after DTIM beacon */
1979 memset(control, 0, sizeof(*control)); 1975
1980 while (1) { 1976 while (1) {
1981 skb = skb_dequeue(&bss->ps_bc_buf); 1977 skb = skb_dequeue(&bss->ps_bc_buf);
1982 if (!skb) 1978 if (!skb)
1983 return NULL; 1979 goto out;
1984 local->total_ps_buffered--; 1980 local->total_ps_buffered--;
1985 1981
1986 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) { 1982 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) {
@@ -1993,20 +1989,26 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1993 cpu_to_le16(IEEE80211_FCTL_MOREDATA); 1989 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
1994 } 1990 }
1995 1991
1996 if (!ieee80211_tx_prepare(&tx, skb, local->mdev, control)) 1992 if (!ieee80211_tx_prepare(&tx, skb, local->mdev))
1997 break; 1993 break;
1998 dev_kfree_skb_any(skb); 1994 dev_kfree_skb_any(skb);
1999 } 1995 }
1996
1997 info = IEEE80211_SKB_CB(skb);
1998
2000 sta = tx.sta; 1999 sta = tx.sta;
2001 tx.flags |= IEEE80211_TX_PS_BUFFERED; 2000 tx.flags |= IEEE80211_TX_PS_BUFFERED;
2002 tx.channel = local->hw.conf.channel; 2001 tx.channel = local->hw.conf.channel;
2002 info->band = tx.channel->band;
2003 2003
2004 for (handler = ieee80211_tx_handlers; *handler != NULL; handler++) { 2004 for (handler = ieee80211_tx_handlers; *handler != NULL; handler++) {
2005 res = (*handler)(&tx); 2005 res = (*handler)(&tx);
2006 if (res == TX_DROP || res == TX_QUEUED) 2006 if (res == TX_DROP || res == TX_QUEUED)
2007 break; 2007 break;
2008 } 2008 }
2009 skb = tx.skb; /* handlers are allowed to change skb */ 2009
2010 if (WARN_ON(tx.skb != skb))
2011 res = TX_DROP;
2010 2012
2011 if (res == TX_DROP) { 2013 if (res == TX_DROP) {
2012 I802_DEBUG_INC(local->tx_handlers_drop); 2014 I802_DEBUG_INC(local->tx_handlers_drop);
@@ -2017,6 +2019,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2017 skb = NULL; 2019 skb = NULL;
2018 } 2020 }
2019 2021
2022out:
2020 rcu_read_unlock(); 2023 rcu_read_unlock();
2021 2024
2022 return skb; 2025 return skb;
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 4e97b266f907..6513bc2d2707 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -258,7 +258,7 @@ EXPORT_SYMBOL(ieee80211_generic_frame_duration);
258 258
259__le16 ieee80211_rts_duration(struct ieee80211_hw *hw, 259__le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
260 struct ieee80211_vif *vif, size_t frame_len, 260 struct ieee80211_vif *vif, size_t frame_len,
261 const struct ieee80211_tx_control *frame_txctl) 261 const struct ieee80211_tx_info *frame_txctl)
262{ 262{
263 struct ieee80211_local *local = hw_to_local(hw); 263 struct ieee80211_local *local = hw_to_local(hw);
264 struct ieee80211_rate *rate; 264 struct ieee80211_rate *rate;
@@ -266,10 +266,13 @@ __le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
266 bool short_preamble; 266 bool short_preamble;
267 int erp; 267 int erp;
268 u16 dur; 268 u16 dur;
269 struct ieee80211_supported_band *sband;
270
271 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
269 272
270 short_preamble = sdata->bss_conf.use_short_preamble; 273 short_preamble = sdata->bss_conf.use_short_preamble;
271 274
272 rate = frame_txctl->rts_cts_rate; 275 rate = &sband->bitrates[frame_txctl->control.rts_cts_rate_idx];
273 276
274 erp = 0; 277 erp = 0;
275 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) 278 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
@@ -292,7 +295,7 @@ EXPORT_SYMBOL(ieee80211_rts_duration);
292__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw, 295__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
293 struct ieee80211_vif *vif, 296 struct ieee80211_vif *vif,
294 size_t frame_len, 297 size_t frame_len,
295 const struct ieee80211_tx_control *frame_txctl) 298 const struct ieee80211_tx_info *frame_txctl)
296{ 299{
297 struct ieee80211_local *local = hw_to_local(hw); 300 struct ieee80211_local *local = hw_to_local(hw);
298 struct ieee80211_rate *rate; 301 struct ieee80211_rate *rate;
@@ -300,10 +303,13 @@ __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
300 bool short_preamble; 303 bool short_preamble;
301 int erp; 304 int erp;
302 u16 dur; 305 u16 dur;
306 struct ieee80211_supported_band *sband;
307
308 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
303 309
304 short_preamble = sdata->bss_conf.use_short_preamble; 310 short_preamble = sdata->bss_conf.use_short_preamble;
305 311
306 rate = frame_txctl->rts_cts_rate; 312 rate = &sband->bitrates[frame_txctl->control.rts_cts_rate_idx];
307 erp = 0; 313 erp = 0;
308 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) 314 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
309 erp = rate->flags & IEEE80211_RATE_ERP_G; 315 erp = rate->flags & IEEE80211_RATE_ERP_G;
@@ -311,7 +317,7 @@ __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
311 /* Data frame duration */ 317 /* Data frame duration */
312 dur = ieee80211_frame_duration(local, frame_len, rate->bitrate, 318 dur = ieee80211_frame_duration(local, frame_len, rate->bitrate,
313 erp, short_preamble); 319 erp, short_preamble);
314 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) { 320 if (!(frame_txctl->flags & IEEE80211_TX_CTL_NO_ACK)) {
315 /* ACK duration */ 321 /* ACK duration */
316 dur += ieee80211_frame_duration(local, 10, rate->bitrate, 322 dur += ieee80211_frame_duration(local, 10, rate->bitrate,
317 erp, short_preamble); 323 erp, short_preamble);
@@ -325,17 +331,15 @@ void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue)
325{ 331{
326 struct ieee80211_local *local = hw_to_local(hw); 332 struct ieee80211_local *local = hw_to_local(hw);
327 333
328 if (test_and_clear_bit(IEEE80211_LINK_STATE_XOFF, 334 if (test_bit(queue, local->queues_pending)) {
329 &local->state[queue])) { 335 tasklet_schedule(&local->tx_pending_tasklet);
330 if (test_bit(IEEE80211_LINK_STATE_PENDING, 336 } else {
331 &local->state[queue])) 337 if (ieee80211_is_multiqueue(local)) {
332 tasklet_schedule(&local->tx_pending_tasklet); 338 netif_wake_subqueue(local->mdev, queue);
333 else 339 } else {
334 if (!ieee80211_qdisc_installed(local->mdev)) { 340 WARN_ON(queue != 0);
335 if (queue == 0) 341 netif_wake_queue(local->mdev);
336 netif_wake_queue(local->mdev); 342 }
337 } else
338 __netif_schedule(local->mdev);
339 } 343 }
340} 344}
341EXPORT_SYMBOL(ieee80211_wake_queue); 345EXPORT_SYMBOL(ieee80211_wake_queue);
@@ -344,29 +348,20 @@ void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue)
344{ 348{
345 struct ieee80211_local *local = hw_to_local(hw); 349 struct ieee80211_local *local = hw_to_local(hw);
346 350
347 if (!ieee80211_qdisc_installed(local->mdev) && queue == 0) 351 if (ieee80211_is_multiqueue(local)) {
352 netif_stop_subqueue(local->mdev, queue);
353 } else {
354 WARN_ON(queue != 0);
348 netif_stop_queue(local->mdev); 355 netif_stop_queue(local->mdev);
349 set_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]); 356 }
350} 357}
351EXPORT_SYMBOL(ieee80211_stop_queue); 358EXPORT_SYMBOL(ieee80211_stop_queue);
352 359
353void ieee80211_start_queues(struct ieee80211_hw *hw)
354{
355 struct ieee80211_local *local = hw_to_local(hw);
356 int i;
357
358 for (i = 0; i < local->hw.queues; i++)
359 clear_bit(IEEE80211_LINK_STATE_XOFF, &local->state[i]);
360 if (!ieee80211_qdisc_installed(local->mdev))
361 netif_start_queue(local->mdev);
362}
363EXPORT_SYMBOL(ieee80211_start_queues);
364
365void ieee80211_stop_queues(struct ieee80211_hw *hw) 360void ieee80211_stop_queues(struct ieee80211_hw *hw)
366{ 361{
367 int i; 362 int i;
368 363
369 for (i = 0; i < hw->queues; i++) 364 for (i = 0; i < ieee80211_num_queues(hw); i++)
370 ieee80211_stop_queue(hw, i); 365 ieee80211_stop_queue(hw, i);
371} 366}
372EXPORT_SYMBOL(ieee80211_stop_queues); 367EXPORT_SYMBOL(ieee80211_stop_queues);
@@ -375,7 +370,7 @@ void ieee80211_wake_queues(struct ieee80211_hw *hw)
375{ 370{
376 int i; 371 int i;
377 372
378 for (i = 0; i < hw->queues; i++) 373 for (i = 0; i < hw->queues + hw->ampdu_queues; i++)
379 ieee80211_wake_queue(hw, i); 374 ieee80211_wake_queue(hw, i);
380} 375}
381EXPORT_SYMBOL(ieee80211_wake_queues); 376EXPORT_SYMBOL(ieee80211_wake_queues);
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index affcecd78c10..e7b6344c900a 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -93,13 +93,9 @@ static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local,
93 fc |= IEEE80211_FCTL_PROTECTED; 93 fc |= IEEE80211_FCTL_PROTECTED;
94 hdr->frame_control = cpu_to_le16(fc); 94 hdr->frame_control = cpu_to_le16(fc);
95 95
96 if ((skb_headroom(skb) < WEP_IV_LEN || 96 if (WARN_ON(skb_tailroom(skb) < WEP_ICV_LEN ||
97 skb_tailroom(skb) < WEP_ICV_LEN)) { 97 skb_headroom(skb) < WEP_IV_LEN))
98 I802_DEBUG_INC(local->tx_expand_skb_head); 98 return NULL;
99 if (unlikely(pskb_expand_head(skb, WEP_IV_LEN, WEP_ICV_LEN,
100 GFP_ATOMIC)))
101 return NULL;
102 }
103 99
104 hdrlen = ieee80211_get_hdrlen(fc); 100 hdrlen = ieee80211_get_hdrlen(fc);
105 newhdr = skb_push(skb, WEP_IV_LEN); 101 newhdr = skb_push(skb, WEP_IV_LEN);
@@ -333,11 +329,16 @@ ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx)
333 329
334static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) 330static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
335{ 331{
332 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
333
334 info->control.iv_len = WEP_IV_LEN;
335 info->control.icv_len = WEP_ICV_LEN;
336
336 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 337 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
337 if (ieee80211_wep_encrypt(tx->local, skb, tx->key)) 338 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
338 return -1; 339 return -1;
339 } else { 340 } else {
340 tx->control->key_idx = tx->key->conf.hw_key_idx; 341 info->control.hw_key = &tx->key->conf;
341 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) { 342 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) {
342 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key)) 343 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key))
343 return -1; 344 return -1;
@@ -349,8 +350,6 @@ static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
349ieee80211_tx_result 350ieee80211_tx_result
350ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx) 351ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx)
351{ 352{
352 tx->control->iv_len = WEP_IV_LEN;
353 tx->control->icv_len = WEP_ICV_LEN;
354 ieee80211_tx_set_protected(tx); 353 ieee80211_tx_set_protected(tx);
355 354
356 if (wep_encrypt_skb(tx, tx->skb) < 0) { 355 if (wep_encrypt_skb(tx, tx->skb) < 0) {
diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h
index 363779c50658..e587172115b8 100644
--- a/net/mac80211/wep.h
+++ b/net/mac80211/wep.h
@@ -26,7 +26,7 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
26 struct ieee80211_key *key); 26 struct ieee80211_key *key);
27int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb, 27int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
28 struct ieee80211_key *key); 28 struct ieee80211_key *key);
29u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key); 29u8 *ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
30 30
31ieee80211_rx_result 31ieee80211_rx_result
32ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx); 32ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx);
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index a8bb8e31b1ec..4806d96b9877 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -169,14 +169,26 @@ static int ieee80211_ioctl_giwrange(struct net_device *dev,
169 range->num_encoding_sizes = 2; 169 range->num_encoding_sizes = 2;
170 range->max_encoding_tokens = NUM_DEFAULT_KEYS; 170 range->max_encoding_tokens = NUM_DEFAULT_KEYS;
171 171
172 range->max_qual.qual = local->hw.max_signal; 172 if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC ||
173 range->max_qual.level = local->hw.max_rssi; 173 local->hw.flags & IEEE80211_HW_SIGNAL_DB)
174 range->max_qual.noise = local->hw.max_noise; 174 range->max_qual.level = local->hw.max_signal;
175 else if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
176 range->max_qual.level = -110;
177 else
178 range->max_qual.level = 0;
179
180 if (local->hw.flags & IEEE80211_HW_NOISE_DBM)
181 range->max_qual.noise = -110;
182 else
183 range->max_qual.noise = 0;
184
185 range->max_qual.qual = 100;
175 range->max_qual.updated = local->wstats_flags; 186 range->max_qual.updated = local->wstats_flags;
176 187
177 range->avg_qual.qual = local->hw.max_signal/2; 188 range->avg_qual.qual = 50;
178 range->avg_qual.level = 0; 189 /* not always true but better than nothing */
179 range->avg_qual.noise = 0; 190 range->avg_qual.level = range->max_qual.level / 2;
191 range->avg_qual.noise = range->max_qual.noise / 2;
180 range->avg_qual.updated = local->wstats_flags; 192 range->avg_qual.updated = local->wstats_flags;
181 193
182 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 | 194 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
@@ -1007,8 +1019,8 @@ static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev
1007 wstats->qual.noise = 0; 1019 wstats->qual.noise = 0;
1008 wstats->qual.updated = IW_QUAL_ALL_INVALID; 1020 wstats->qual.updated = IW_QUAL_ALL_INVALID;
1009 } else { 1021 } else {
1010 wstats->qual.level = sta->last_rssi; 1022 wstats->qual.level = sta->last_signal;
1011 wstats->qual.qual = sta->last_signal; 1023 wstats->qual.qual = sta->last_qual;
1012 wstats->qual.noise = sta->last_noise; 1024 wstats->qual.noise = sta->last_noise;
1013 wstats->qual.updated = local->wstats_flags; 1025 wstats->qual.updated = local->wstats_flags;
1014 } 1026 }
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index dc1598b86004..14a9ff10a1e9 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -19,16 +19,22 @@
19#include "wme.h" 19#include "wme.h"
20 20
21/* maximum number of hardware queues we support. */ 21/* maximum number of hardware queues we support. */
22#define TC_80211_MAX_QUEUES 16 22#define QD_MAX_QUEUES (IEEE80211_MAX_AMPDU_QUEUES + IEEE80211_MAX_QUEUES)
23/* current number of hardware queues we support. */
24#define QD_NUM(hw) ((hw)->queues + (hw)->ampdu_queues)
23 25
26/*
27 * Default mapping in classifier to work with default
28 * queue setup.
29 */
24const int ieee802_1d_to_ac[8] = { 2, 3, 3, 2, 1, 1, 0, 0 }; 30const int ieee802_1d_to_ac[8] = { 2, 3, 3, 2, 1, 1, 0, 0 };
25 31
26struct ieee80211_sched_data 32struct ieee80211_sched_data
27{ 33{
28 unsigned long qdisc_pool[BITS_TO_LONGS(TC_80211_MAX_QUEUES)]; 34 unsigned long qdisc_pool[BITS_TO_LONGS(QD_MAX_QUEUES)];
29 struct tcf_proto *filter_list; 35 struct tcf_proto *filter_list;
30 struct Qdisc *queues[TC_80211_MAX_QUEUES]; 36 struct Qdisc *queues[QD_MAX_QUEUES];
31 struct sk_buff_head requeued[TC_80211_MAX_QUEUES]; 37 struct sk_buff_head requeued[QD_MAX_QUEUES];
32}; 38};
33 39
34static const char llc_ip_hdr[8] = {0xAA, 0xAA, 0x3, 0, 0, 0, 0x08, 0}; 40static const char llc_ip_hdr[8] = {0xAA, 0xAA, 0x3, 0, 0, 0, 0x08, 0};
@@ -95,7 +101,7 @@ static inline int wme_downgrade_ac(struct sk_buff *skb)
95 101
96/* positive return value indicates which queue to use 102/* positive return value indicates which queue to use
97 * negative return value indicates to drop the frame */ 103 * negative return value indicates to drop the frame */
98static inline int classify80211(struct sk_buff *skb, struct Qdisc *qd) 104static int classify80211(struct sk_buff *skb, struct Qdisc *qd)
99{ 105{
100 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr); 106 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
101 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 107 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -106,7 +112,7 @@ static inline int classify80211(struct sk_buff *skb, struct Qdisc *qd)
106 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) { 112 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) {
107 /* management frames go on AC_VO queue, but are sent 113 /* management frames go on AC_VO queue, but are sent
108 * without QoS control fields */ 114 * without QoS control fields */
109 return IEEE80211_TX_QUEUE_DATA0; 115 return 0;
110 } 116 }
111 117
112 if (0 /* injected */) { 118 if (0 /* injected */) {
@@ -141,29 +147,29 @@ static inline int classify80211(struct sk_buff *skb, struct Qdisc *qd)
141static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd) 147static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
142{ 148{
143 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr); 149 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
150 struct ieee80211_hw *hw = &local->hw;
144 struct ieee80211_sched_data *q = qdisc_priv(qd); 151 struct ieee80211_sched_data *q = qdisc_priv(qd);
145 struct ieee80211_tx_packet_data *pkt_data = 152 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
146 (struct ieee80211_tx_packet_data *) skb->cb;
147 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 153 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
148 unsigned short fc = le16_to_cpu(hdr->frame_control); 154 unsigned short fc = le16_to_cpu(hdr->frame_control);
149 struct Qdisc *qdisc; 155 struct Qdisc *qdisc;
150 int err, queue;
151 struct sta_info *sta; 156 struct sta_info *sta;
157 int err, queue;
152 u8 tid; 158 u8 tid;
153 159
154 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE) { 160 if (info->flags & IEEE80211_TX_CTL_REQUEUE) {
155 queue = pkt_data->queue; 161 queue = skb_get_queue_mapping(skb);
156 rcu_read_lock(); 162 rcu_read_lock();
157 sta = sta_info_get(local, hdr->addr1); 163 sta = sta_info_get(local, hdr->addr1);
158 tid = skb->priority & QOS_CONTROL_TAG1D_MASK; 164 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
159 if (sta) { 165 if (sta) {
160 int ampdu_queue = sta->tid_to_tx_q[tid]; 166 int ampdu_queue = sta->tid_to_tx_q[tid];
161 if ((ampdu_queue < local->hw.queues) && 167 if ((ampdu_queue < QD_NUM(hw)) &&
162 test_bit(ampdu_queue, q->qdisc_pool)) { 168 test_bit(ampdu_queue, q->qdisc_pool)) {
163 queue = ampdu_queue; 169 queue = ampdu_queue;
164 pkt_data->flags |= IEEE80211_TXPD_AMPDU; 170 info->flags |= IEEE80211_TX_CTL_AMPDU;
165 } else { 171 } else {
166 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU; 172 info->flags &= ~IEEE80211_TX_CTL_AMPDU;
167 } 173 }
168 } 174 }
169 rcu_read_unlock(); 175 rcu_read_unlock();
@@ -174,6 +180,9 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
174 180
175 queue = classify80211(skb, qd); 181 queue = classify80211(skb, qd);
176 182
183 if (unlikely(queue >= local->hw.queues))
184 queue = local->hw.queues - 1;
185
177 /* now we know the 1d priority, fill in the QoS header if there is one 186 /* now we know the 1d priority, fill in the QoS header if there is one
178 */ 187 */
179 if (WLAN_FC_IS_QOS_DATA(fc)) { 188 if (WLAN_FC_IS_QOS_DATA(fc)) {
@@ -193,35 +202,24 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
193 sta = sta_info_get(local, hdr->addr1); 202 sta = sta_info_get(local, hdr->addr1);
194 if (sta) { 203 if (sta) {
195 int ampdu_queue = sta->tid_to_tx_q[tid]; 204 int ampdu_queue = sta->tid_to_tx_q[tid];
196 if ((ampdu_queue < local->hw.queues) && 205 if ((ampdu_queue < QD_NUM(hw)) &&
197 test_bit(ampdu_queue, q->qdisc_pool)) { 206 test_bit(ampdu_queue, q->qdisc_pool)) {
198 queue = ampdu_queue; 207 queue = ampdu_queue;
199 pkt_data->flags |= IEEE80211_TXPD_AMPDU; 208 info->flags |= IEEE80211_TX_CTL_AMPDU;
200 } else { 209 } else {
201 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU; 210 info->flags &= ~IEEE80211_TX_CTL_AMPDU;
202 } 211 }
203 } 212 }
204 213
205 rcu_read_unlock(); 214 rcu_read_unlock();
206 } 215 }
207 216
208 if (unlikely(queue >= local->hw.queues)) {
209#if 0
210 if (net_ratelimit()) {
211 printk(KERN_DEBUG "%s - queue=%d (hw does not "
212 "support) -> %d\n",
213 __func__, queue, local->hw.queues - 1);
214 }
215#endif
216 queue = local->hw.queues - 1;
217 }
218
219 if (unlikely(queue < 0)) { 217 if (unlikely(queue < 0)) {
220 kfree_skb(skb); 218 kfree_skb(skb);
221 err = NET_XMIT_DROP; 219 err = NET_XMIT_DROP;
222 } else { 220 } else {
223 tid = skb->priority & QOS_CONTROL_TAG1D_MASK; 221 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
224 pkt_data->queue = (unsigned int) queue; 222 skb_set_queue_mapping(skb, queue);
225 qdisc = q->queues[queue]; 223 qdisc = q->queues[queue];
226 err = qdisc->enqueue(skb, qdisc); 224 err = qdisc->enqueue(skb, qdisc);
227 if (err == NET_XMIT_SUCCESS) { 225 if (err == NET_XMIT_SUCCESS) {
@@ -242,13 +240,11 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
242static int wme_qdiscop_requeue(struct sk_buff *skb, struct Qdisc* qd) 240static int wme_qdiscop_requeue(struct sk_buff *skb, struct Qdisc* qd)
243{ 241{
244 struct ieee80211_sched_data *q = qdisc_priv(qd); 242 struct ieee80211_sched_data *q = qdisc_priv(qd);
245 struct ieee80211_tx_packet_data *pkt_data =
246 (struct ieee80211_tx_packet_data *) skb->cb;
247 struct Qdisc *qdisc; 243 struct Qdisc *qdisc;
248 int err; 244 int err;
249 245
250 /* we recorded which queue to use earlier! */ 246 /* we recorded which queue to use earlier! */
251 qdisc = q->queues[pkt_data->queue]; 247 qdisc = q->queues[skb_get_queue_mapping(skb)];
252 248
253 if ((err = qdisc->ops->requeue(skb, qdisc)) == 0) { 249 if ((err = qdisc->ops->requeue(skb, qdisc)) == 0) {
254 qd->q.qlen++; 250 qd->q.qlen++;
@@ -270,13 +266,10 @@ static struct sk_buff *wme_qdiscop_dequeue(struct Qdisc* qd)
270 int queue; 266 int queue;
271 267
272 /* check all the h/w queues in numeric/priority order */ 268 /* check all the h/w queues in numeric/priority order */
273 for (queue = 0; queue < hw->queues; queue++) { 269 for (queue = 0; queue < QD_NUM(hw); queue++) {
274 /* see if there is room in this hardware queue */ 270 /* see if there is room in this hardware queue */
275 if ((test_bit(IEEE80211_LINK_STATE_XOFF, 271 if (__netif_subqueue_stopped(local->mdev, queue) ||
276 &local->state[queue])) || 272 !test_bit(queue, q->qdisc_pool))
277 (test_bit(IEEE80211_LINK_STATE_PENDING,
278 &local->state[queue])) ||
279 (!test_bit(queue, q->qdisc_pool)))
280 continue; 273 continue;
281 274
282 /* there is space - try and get a frame */ 275 /* there is space - try and get a frame */
@@ -308,7 +301,7 @@ static void wme_qdiscop_reset(struct Qdisc* qd)
308 301
309 /* QUESTION: should we have some hardware flush functionality here? */ 302 /* QUESTION: should we have some hardware flush functionality here? */
310 303
311 for (queue = 0; queue < hw->queues; queue++) { 304 for (queue = 0; queue < QD_NUM(hw); queue++) {
312 skb_queue_purge(&q->requeued[queue]); 305 skb_queue_purge(&q->requeued[queue]);
313 qdisc_reset(q->queues[queue]); 306 qdisc_reset(q->queues[queue]);
314 } 307 }
@@ -326,7 +319,7 @@ static void wme_qdiscop_destroy(struct Qdisc* qd)
326 tcf_destroy_chain(q->filter_list); 319 tcf_destroy_chain(q->filter_list);
327 q->filter_list = NULL; 320 q->filter_list = NULL;
328 321
329 for (queue=0; queue < hw->queues; queue++) { 322 for (queue = 0; queue < QD_NUM(hw); queue++) {
330 skb_queue_purge(&q->requeued[queue]); 323 skb_queue_purge(&q->requeued[queue]);
331 qdisc_destroy(q->queues[queue]); 324 qdisc_destroy(q->queues[queue]);
332 q->queues[queue] = &noop_qdisc; 325 q->queues[queue] = &noop_qdisc;
@@ -337,17 +330,6 @@ static void wme_qdiscop_destroy(struct Qdisc* qd)
337/* called whenever parameters are updated on existing qdisc */ 330/* called whenever parameters are updated on existing qdisc */
338static int wme_qdiscop_tune(struct Qdisc *qd, struct nlattr *opt) 331static int wme_qdiscop_tune(struct Qdisc *qd, struct nlattr *opt)
339{ 332{
340/* struct ieee80211_sched_data *q = qdisc_priv(qd);
341*/
342 /* check our options block is the right size */
343 /* copy any options to our local structure */
344/* Ignore options block for now - always use static mapping
345 struct tc_ieee80211_qopt *qopt = nla_data(opt);
346
347 if (opt->nla_len < nla_attr_size(sizeof(*qopt)))
348 return -EINVAL;
349 memcpy(q->tag2queue, qopt->tag2queue, sizeof(qopt->tag2queue));
350*/
351 return 0; 333 return 0;
352} 334}
353 335
@@ -358,7 +340,7 @@ static int wme_qdiscop_init(struct Qdisc *qd, struct nlattr *opt)
358 struct ieee80211_sched_data *q = qdisc_priv(qd); 340 struct ieee80211_sched_data *q = qdisc_priv(qd);
359 struct net_device *dev = qd->dev; 341 struct net_device *dev = qd->dev;
360 struct ieee80211_local *local; 342 struct ieee80211_local *local;
361 int queues; 343 struct ieee80211_hw *hw;
362 int err = 0, i; 344 int err = 0, i;
363 345
364 /* check that device is a mac80211 device */ 346 /* check that device is a mac80211 device */
@@ -366,29 +348,26 @@ static int wme_qdiscop_init(struct Qdisc *qd, struct nlattr *opt)
366 dev->ieee80211_ptr->wiphy->privid != mac80211_wiphy_privid) 348 dev->ieee80211_ptr->wiphy->privid != mac80211_wiphy_privid)
367 return -EINVAL; 349 return -EINVAL;
368 350
369 /* check this device is an ieee80211 master type device */ 351 local = wdev_priv(dev->ieee80211_ptr);
370 if (dev->type != ARPHRD_IEEE80211) 352 hw = &local->hw;
353
354 /* only allow on master dev */
355 if (dev != local->mdev)
371 return -EINVAL; 356 return -EINVAL;
372 357
373 /* check that there is no qdisc currently attached to device 358 /* ensure that we are root qdisc */
374 * this ensures that we will be the root qdisc. (I can't find a better 359 if (qd->parent != TC_H_ROOT)
375 * way to test this explicitly) */
376 if (dev->qdisc_sleeping != &noop_qdisc)
377 return -EINVAL; 360 return -EINVAL;
378 361
379 if (qd->flags & TCQ_F_INGRESS) 362 if (qd->flags & TCQ_F_INGRESS)
380 return -EINVAL; 363 return -EINVAL;
381 364
382 local = wdev_priv(dev->ieee80211_ptr);
383 queues = local->hw.queues;
384
385 /* if options were passed in, set them */ 365 /* if options were passed in, set them */
386 if (opt) { 366 if (opt)
387 err = wme_qdiscop_tune(qd, opt); 367 err = wme_qdiscop_tune(qd, opt);
388 }
389 368
390 /* create child queues */ 369 /* create child queues */
391 for (i = 0; i < queues; i++) { 370 for (i = 0; i < QD_NUM(hw); i++) {
392 skb_queue_head_init(&q->requeued[i]); 371 skb_queue_head_init(&q->requeued[i]);
393 q->queues[i] = qdisc_create_dflt(qd->dev, &pfifo_qdisc_ops, 372 q->queues[i] = qdisc_create_dflt(qd->dev, &pfifo_qdisc_ops,
394 qd->handle); 373 qd->handle);
@@ -399,8 +378,8 @@ static int wme_qdiscop_init(struct Qdisc *qd, struct nlattr *opt)
399 } 378 }
400 } 379 }
401 380
402 /* reserve all legacy QoS queues */ 381 /* non-aggregation queues: reserve/mark as used */
403 for (i = 0; i < min(IEEE80211_TX_QUEUE_DATA4, queues); i++) 382 for (i = 0; i < local->hw.queues; i++)
404 set_bit(i, q->qdisc_pool); 383 set_bit(i, q->qdisc_pool);
405 384
406 return err; 385 return err;
@@ -408,16 +387,6 @@ static int wme_qdiscop_init(struct Qdisc *qd, struct nlattr *opt)
408 387
409static int wme_qdiscop_dump(struct Qdisc *qd, struct sk_buff *skb) 388static int wme_qdiscop_dump(struct Qdisc *qd, struct sk_buff *skb)
410{ 389{
411/* struct ieee80211_sched_data *q = qdisc_priv(qd);
412 unsigned char *p = skb->tail;
413 struct tc_ieee80211_qopt opt;
414
415 memcpy(&opt.tag2queue, q->tag2queue, TC_80211_MAX_TAG + 1);
416 NLA_PUT(skb, TCA_OPTIONS, sizeof(opt), &opt);
417*/ return skb->len;
418/*
419nla_put_failure:
420 skb_trim(skb, p - skb->data);*/
421 return -1; 390 return -1;
422} 391}
423 392
@@ -430,7 +399,7 @@ static int wme_classop_graft(struct Qdisc *qd, unsigned long arg,
430 struct ieee80211_hw *hw = &local->hw; 399 struct ieee80211_hw *hw = &local->hw;
431 unsigned long queue = arg - 1; 400 unsigned long queue = arg - 1;
432 401
433 if (queue >= hw->queues) 402 if (queue >= QD_NUM(hw))
434 return -EINVAL; 403 return -EINVAL;
435 404
436 if (!new) 405 if (!new)
@@ -454,7 +423,7 @@ wme_classop_leaf(struct Qdisc *qd, unsigned long arg)
454 struct ieee80211_hw *hw = &local->hw; 423 struct ieee80211_hw *hw = &local->hw;
455 unsigned long queue = arg - 1; 424 unsigned long queue = arg - 1;
456 425
457 if (queue >= hw->queues) 426 if (queue >= QD_NUM(hw))
458 return NULL; 427 return NULL;
459 428
460 return q->queues[queue]; 429 return q->queues[queue];
@@ -467,7 +436,7 @@ static unsigned long wme_classop_get(struct Qdisc *qd, u32 classid)
467 struct ieee80211_hw *hw = &local->hw; 436 struct ieee80211_hw *hw = &local->hw;
468 unsigned long queue = TC_H_MIN(classid); 437 unsigned long queue = TC_H_MIN(classid);
469 438
470 if (queue - 1 >= hw->queues) 439 if (queue - 1 >= QD_NUM(hw))
471 return 0; 440 return 0;
472 441
473 return queue; 442 return queue;
@@ -493,7 +462,7 @@ static int wme_classop_change(struct Qdisc *qd, u32 handle, u32 parent,
493 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr); 462 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
494 struct ieee80211_hw *hw = &local->hw; 463 struct ieee80211_hw *hw = &local->hw;
495 464
496 if (cl - 1 > hw->queues) 465 if (cl - 1 > QD_NUM(hw))
497 return -ENOENT; 466 return -ENOENT;
498 467
499 /* TODO: put code to program hardware queue parameters here, 468 /* TODO: put code to program hardware queue parameters here,
@@ -510,7 +479,7 @@ static int wme_classop_delete(struct Qdisc *qd, unsigned long cl)
510 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr); 479 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
511 struct ieee80211_hw *hw = &local->hw; 480 struct ieee80211_hw *hw = &local->hw;
512 481
513 if (cl - 1 > hw->queues) 482 if (cl - 1 > QD_NUM(hw))
514 return -ENOENT; 483 return -ENOENT;
515 return 0; 484 return 0;
516} 485}
@@ -523,7 +492,7 @@ static int wme_classop_dump_class(struct Qdisc *qd, unsigned long cl,
523 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr); 492 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
524 struct ieee80211_hw *hw = &local->hw; 493 struct ieee80211_hw *hw = &local->hw;
525 494
526 if (cl - 1 > hw->queues) 495 if (cl - 1 > QD_NUM(hw))
527 return -ENOENT; 496 return -ENOENT;
528 tcm->tcm_handle = TC_H_MIN(cl); 497 tcm->tcm_handle = TC_H_MIN(cl);
529 tcm->tcm_parent = qd->handle; 498 tcm->tcm_parent = qd->handle;
@@ -541,7 +510,7 @@ static void wme_classop_walk(struct Qdisc *qd, struct qdisc_walker *arg)
541 if (arg->stop) 510 if (arg->stop)
542 return; 511 return;
543 512
544 for (queue = 0; queue < hw->queues; queue++) { 513 for (queue = 0; queue < QD_NUM(hw); queue++) {
545 if (arg->count < arg->skip) { 514 if (arg->count < arg->skip) {
546 arg->count++; 515 arg->count++;
547 continue; 516 continue;
@@ -658,10 +627,13 @@ int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
658 DECLARE_MAC_BUF(mac); 627 DECLARE_MAC_BUF(mac);
659 628
660 /* prepare the filter and save it for the SW queue 629 /* prepare the filter and save it for the SW queue
661 * matching the recieved HW queue */ 630 * matching the received HW queue */
631
632 if (!local->hw.ampdu_queues)
633 return -EPERM;
662 634
663 /* try to get a Qdisc from the pool */ 635 /* try to get a Qdisc from the pool */
664 for (i = IEEE80211_TX_QUEUE_BEACON; i < local->hw.queues; i++) 636 for (i = local->hw.queues; i < QD_NUM(&local->hw); i++)
665 if (!test_and_set_bit(i, q->qdisc_pool)) { 637 if (!test_and_set_bit(i, q->qdisc_pool)) {
666 ieee80211_stop_queue(local_to_hw(local), i); 638 ieee80211_stop_queue(local_to_hw(local), i);
667 sta->tid_to_tx_q[tid] = i; 639 sta->tid_to_tx_q[tid] = i;
@@ -690,13 +662,14 @@ void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
690 struct sta_info *sta, u16 tid, 662 struct sta_info *sta, u16 tid,
691 u8 requeue) 663 u8 requeue)
692{ 664{
665 struct ieee80211_hw *hw = &local->hw;
693 struct ieee80211_sched_data *q = 666 struct ieee80211_sched_data *q =
694 qdisc_priv(local->mdev->qdisc_sleeping); 667 qdisc_priv(local->mdev->qdisc_sleeping);
695 int agg_queue = sta->tid_to_tx_q[tid]; 668 int agg_queue = sta->tid_to_tx_q[tid];
696 669
697 /* return the qdisc to the pool */ 670 /* return the qdisc to the pool */
698 clear_bit(agg_queue, q->qdisc_pool); 671 clear_bit(agg_queue, q->qdisc_pool);
699 sta->tid_to_tx_q[tid] = local->hw.queues; 672 sta->tid_to_tx_q[tid] = QD_NUM(hw);
700 673
701 if (requeue) 674 if (requeue)
702 ieee80211_requeue(local, agg_queue); 675 ieee80211_requeue(local, agg_queue);
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
index fcc6b05508cc..bbdb53344817 100644
--- a/net/mac80211/wme.h
+++ b/net/mac80211/wme.h
@@ -31,7 +31,7 @@ static inline int WLAN_FC_IS_QOS_DATA(u16 fc)
31 return (fc & 0x8C) == 0x88; 31 return (fc & 0x8C) == 0x88;
32} 32}
33 33
34#ifdef CONFIG_NET_SCHED 34#ifdef CONFIG_MAC80211_QOS
35void ieee80211_install_qdisc(struct net_device *dev); 35void ieee80211_install_qdisc(struct net_device *dev);
36int ieee80211_qdisc_installed(struct net_device *dev); 36int ieee80211_qdisc_installed(struct net_device *dev);
37int ieee80211_ht_agg_queue_add(struct ieee80211_local *local, 37int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 45709ada8fee..9f6fd20374e1 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -79,6 +79,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
79 struct sk_buff *skb = tx->skb; 79 struct sk_buff *skb = tx->skb;
80 int authenticator; 80 int authenticator;
81 int wpa_test = 0; 81 int wpa_test = 0;
82 int tail;
82 83
83 fc = tx->fc; 84 fc = tx->fc;
84 85
@@ -98,16 +99,13 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
98 return TX_CONTINUE; 99 return TX_CONTINUE;
99 } 100 }
100 101
101 if (skb_tailroom(skb) < MICHAEL_MIC_LEN) { 102 tail = MICHAEL_MIC_LEN;
102 I802_DEBUG_INC(tx->local->tx_expand_skb_head); 103 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
103 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN, 104 tail += TKIP_ICV_LEN;
104 MICHAEL_MIC_LEN + TKIP_ICV_LEN, 105
105 GFP_ATOMIC))) { 106 if (WARN_ON(skb_tailroom(skb) < tail ||
106 printk(KERN_DEBUG "%s: failed to allocate more memory " 107 skb_headroom(skb) < TKIP_IV_LEN))
107 "for Michael MIC\n", tx->dev->name); 108 return TX_DROP;
108 return TX_DROP;
109 }
110 }
111 109
112#if 0 110#if 0
113 authenticator = fc & IEEE80211_FCTL_FROMDS; /* FIX */ 111 authenticator = fc & IEEE80211_FCTL_FROMDS; /* FIX */
@@ -176,59 +174,65 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
176 skb_trim(skb, skb->len - MICHAEL_MIC_LEN); 174 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
177 175
178 /* update IV in key information to be able to detect replays */ 176 /* update IV in key information to be able to detect replays */
179 rx->key->u.tkip.iv32_rx[rx->queue] = rx->tkip_iv32; 177 rx->key->u.tkip.rx[rx->queue].iv32 = rx->tkip_iv32;
180 rx->key->u.tkip.iv16_rx[rx->queue] = rx->tkip_iv16; 178 rx->key->u.tkip.rx[rx->queue].iv16 = rx->tkip_iv16;
181 179
182 return RX_CONTINUE; 180 return RX_CONTINUE;
183} 181}
184 182
185 183
186static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, 184static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
187 struct sk_buff *skb, int test)
188{ 185{
189 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 186 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
190 struct ieee80211_key *key = tx->key; 187 struct ieee80211_key *key = tx->key;
191 int hdrlen, len, tailneed; 188 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
189 int hdrlen, len, tail;
192 u16 fc; 190 u16 fc;
193 u8 *pos; 191 u8 *pos;
194 192
193 info->control.icv_len = TKIP_ICV_LEN;
194 info->control.iv_len = TKIP_IV_LEN;
195
196 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
197 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
198 /* hwaccel - with no need for preallocated room for IV/ICV */
199 info->control.hw_key = &tx->key->conf;
200 return 0;
201 }
202
195 fc = le16_to_cpu(hdr->frame_control); 203 fc = le16_to_cpu(hdr->frame_control);
196 hdrlen = ieee80211_get_hdrlen(fc); 204 hdrlen = ieee80211_get_hdrlen(fc);
197 len = skb->len - hdrlen; 205 len = skb->len - hdrlen;
198 206
199 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) 207 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)
200 tailneed = 0; 208 tail = 0;
201 else 209 else
202 tailneed = TKIP_ICV_LEN; 210 tail = TKIP_ICV_LEN;
203 211
204 if ((skb_headroom(skb) < TKIP_IV_LEN || 212 if (WARN_ON(skb_tailroom(skb) < tail ||
205 skb_tailroom(skb) < tailneed)) { 213 skb_headroom(skb) < TKIP_IV_LEN))
206 I802_DEBUG_INC(tx->local->tx_expand_skb_head); 214 return -1;
207 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN, tailneed,
208 GFP_ATOMIC)))
209 return -1;
210 }
211 215
212 pos = skb_push(skb, TKIP_IV_LEN); 216 pos = skb_push(skb, TKIP_IV_LEN);
213 memmove(pos, pos + TKIP_IV_LEN, hdrlen); 217 memmove(pos, pos + TKIP_IV_LEN, hdrlen);
214 pos += hdrlen; 218 pos += hdrlen;
215 219
216 /* Increase IV for the frame */ 220 /* Increase IV for the frame */
217 key->u.tkip.iv16++; 221 key->u.tkip.tx.iv16++;
218 if (key->u.tkip.iv16 == 0) 222 if (key->u.tkip.tx.iv16 == 0)
219 key->u.tkip.iv32++; 223 key->u.tkip.tx.iv32++;
220 224
221 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 225 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
222 hdr = (struct ieee80211_hdr *)skb->data; 226 hdr = (struct ieee80211_hdr *)skb->data;
223 227
224 /* hwaccel - with preallocated room for IV */ 228 /* hwaccel - with preallocated room for IV */
225 ieee80211_tkip_add_iv(pos, key, 229 ieee80211_tkip_add_iv(pos, key,
226 (u8) (key->u.tkip.iv16 >> 8), 230 (u8) (key->u.tkip.tx.iv16 >> 8),
227 (u8) (((key->u.tkip.iv16 >> 8) | 0x20) & 231 (u8) (((key->u.tkip.tx.iv16 >> 8) | 0x20) &
228 0x7f), 232 0x7f),
229 (u8) key->u.tkip.iv16); 233 (u8) key->u.tkip.tx.iv16);
230 234
231 tx->control->key_idx = tx->key->conf.hw_key_idx; 235 info->control.hw_key = &tx->key->conf;
232 return 0; 236 return 0;
233 } 237 }
234 238
@@ -246,28 +250,16 @@ ieee80211_tx_result
246ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx) 250ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx)
247{ 251{
248 struct sk_buff *skb = tx->skb; 252 struct sk_buff *skb = tx->skb;
249 int wpa_test = 0, test = 0;
250 253
251 tx->control->icv_len = TKIP_ICV_LEN;
252 tx->control->iv_len = TKIP_IV_LEN;
253 ieee80211_tx_set_protected(tx); 254 ieee80211_tx_set_protected(tx);
254 255
255 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 256 if (tkip_encrypt_skb(tx, skb) < 0)
256 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
257 !wpa_test) {
258 /* hwaccel - with no need for preallocated room for IV/ICV */
259 tx->control->key_idx = tx->key->conf.hw_key_idx;
260 return TX_CONTINUE;
261 }
262
263 if (tkip_encrypt_skb(tx, skb, test) < 0)
264 return TX_DROP; 257 return TX_DROP;
265 258
266 if (tx->extra_frag) { 259 if (tx->extra_frag) {
267 int i; 260 int i;
268 for (i = 0; i < tx->num_extra_frag; i++) { 261 for (i = 0; i < tx->num_extra_frag; i++) {
269 if (tkip_encrypt_skb(tx, tx->extra_frag[i], test) 262 if (tkip_encrypt_skb(tx, tx->extra_frag[i]) < 0)
270 < 0)
271 return TX_DROP; 263 return TX_DROP;
272 } 264 }
273 } 265 }
@@ -429,16 +421,27 @@ static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr)
429} 421}
430 422
431 423
432static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, 424static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
433 struct sk_buff *skb, int test)
434{ 425{
435 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 426 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
436 struct ieee80211_key *key = tx->key; 427 struct ieee80211_key *key = tx->key;
437 int hdrlen, len, tailneed; 428 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
429 int hdrlen, len, tail;
438 u16 fc; 430 u16 fc;
439 u8 *pos, *pn, *b_0, *aad, *scratch; 431 u8 *pos, *pn, *b_0, *aad, *scratch;
440 int i; 432 int i;
441 433
434 info->control.icv_len = CCMP_MIC_LEN;
435 info->control.iv_len = CCMP_HDR_LEN;
436
437 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
438 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
439 /* hwaccel - with no need for preallocated room for CCMP "
440 * header or MIC fields */
441 info->control.hw_key = &tx->key->conf;
442 return 0;
443 }
444
442 scratch = key->u.ccmp.tx_crypto_buf; 445 scratch = key->u.ccmp.tx_crypto_buf;
443 b_0 = scratch + 3 * AES_BLOCK_LEN; 446 b_0 = scratch + 3 * AES_BLOCK_LEN;
444 aad = scratch + 4 * AES_BLOCK_LEN; 447 aad = scratch + 4 * AES_BLOCK_LEN;
@@ -448,17 +451,13 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx,
448 len = skb->len - hdrlen; 451 len = skb->len - hdrlen;
449 452
450 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) 453 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)
451 tailneed = 0; 454 tail = 0;
452 else 455 else
453 tailneed = CCMP_MIC_LEN; 456 tail = CCMP_MIC_LEN;
454 457
455 if ((skb_headroom(skb) < CCMP_HDR_LEN || 458 if (WARN_ON(skb_tailroom(skb) < tail ||
456 skb_tailroom(skb) < tailneed)) { 459 skb_headroom(skb) < CCMP_HDR_LEN))
457 I802_DEBUG_INC(tx->local->tx_expand_skb_head); 460 return -1;
458 if (unlikely(pskb_expand_head(skb, CCMP_HDR_LEN, tailneed,
459 GFP_ATOMIC)))
460 return -1;
461 }
462 461
463 pos = skb_push(skb, CCMP_HDR_LEN); 462 pos = skb_push(skb, CCMP_HDR_LEN);
464 memmove(pos, pos + CCMP_HDR_LEN, hdrlen); 463 memmove(pos, pos + CCMP_HDR_LEN, hdrlen);
@@ -478,7 +477,7 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx,
478 477
479 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 478 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
480 /* hwaccel - with preallocated room for CCMP header */ 479 /* hwaccel - with preallocated room for CCMP header */
481 tx->control->key_idx = key->conf.hw_key_idx; 480 info->control.hw_key = &tx->key->conf;
482 return 0; 481 return 0;
483 } 482 }
484 483
@@ -495,28 +494,16 @@ ieee80211_tx_result
495ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx) 494ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
496{ 495{
497 struct sk_buff *skb = tx->skb; 496 struct sk_buff *skb = tx->skb;
498 int test = 0;
499 497
500 tx->control->icv_len = CCMP_MIC_LEN;
501 tx->control->iv_len = CCMP_HDR_LEN;
502 ieee80211_tx_set_protected(tx); 498 ieee80211_tx_set_protected(tx);
503 499
504 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 500 if (ccmp_encrypt_skb(tx, skb) < 0)
505 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
506 /* hwaccel - with no need for preallocated room for CCMP "
507 * header or MIC fields */
508 tx->control->key_idx = tx->key->conf.hw_key_idx;
509 return TX_CONTINUE;
510 }
511
512 if (ccmp_encrypt_skb(tx, skb, test) < 0)
513 return TX_DROP; 501 return TX_DROP;
514 502
515 if (tx->extra_frag) { 503 if (tx->extra_frag) {
516 int i; 504 int i;
517 for (i = 0; i < tx->num_extra_frag; i++) { 505 for (i = 0; i < tx->num_extra_frag; i++) {
518 if (ccmp_encrypt_skb(tx, tx->extra_frag[i], test) 506 if (ccmp_encrypt_skb(tx, tx->extra_frag[i]) < 0)
519 < 0)
520 return TX_DROP; 507 return TX_DROP;
521 } 508 }
522 } 509 }
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-27 05:47:17 -0500