diff options
Diffstat (limited to 'net/mac80211')
-rw-r--r-- | net/mac80211/agg-tx.c | 6 | ||||
-rw-r--r-- | net/mac80211/driver-ops.h | 2 | ||||
-rw-r--r-- | net/mac80211/mlme.c | 52 | ||||
-rw-r--r-- | net/mac80211/rx.c | 16 |
4 files changed, 64 insertions, 12 deletions
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c index feb15c4a1fad..d1b6664a2532 100644 --- a/net/mac80211/agg-tx.c +++ b/net/mac80211/agg-tx.c | |||
@@ -332,14 +332,16 @@ int ieee80211_start_tx_ba_session(struct ieee80211_sta *pubsta, u16 tid) | |||
332 | IEEE80211_QUEUE_STOP_REASON_AGGREGATION); | 332 | IEEE80211_QUEUE_STOP_REASON_AGGREGATION); |
333 | 333 | ||
334 | spin_unlock(&local->ampdu_lock); | 334 | spin_unlock(&local->ampdu_lock); |
335 | spin_unlock_bh(&sta->lock); | ||
336 | 335 | ||
337 | /* send an addBA request */ | 336 | /* prepare tid data */ |
338 | sta->ampdu_mlme.dialog_token_allocator++; | 337 | sta->ampdu_mlme.dialog_token_allocator++; |
339 | sta->ampdu_mlme.tid_tx[tid]->dialog_token = | 338 | sta->ampdu_mlme.tid_tx[tid]->dialog_token = |
340 | sta->ampdu_mlme.dialog_token_allocator; | 339 | sta->ampdu_mlme.dialog_token_allocator; |
341 | sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num; | 340 | sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num; |
342 | 341 | ||
342 | spin_unlock_bh(&sta->lock); | ||
343 | |||
344 | /* send AddBA request */ | ||
343 | ieee80211_send_addba_request(sdata, pubsta->addr, tid, | 345 | ieee80211_send_addba_request(sdata, pubsta->addr, tid, |
344 | sta->ampdu_mlme.tid_tx[tid]->dialog_token, | 346 | sta->ampdu_mlme.tid_tx[tid]->dialog_token, |
345 | sta->ampdu_mlme.tid_tx[tid]->ssn, | 347 | sta->ampdu_mlme.tid_tx[tid]->ssn, |
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h index d1139e4f88a9..7d18a3245e3d 100644 --- a/net/mac80211/driver-ops.h +++ b/net/mac80211/driver-ops.h | |||
@@ -360,7 +360,7 @@ static inline int drv_get_survey(struct ieee80211_local *local, int idx, | |||
360 | struct survey_info *survey) | 360 | struct survey_info *survey) |
361 | { | 361 | { |
362 | int ret = -EOPNOTSUPP; | 362 | int ret = -EOPNOTSUPP; |
363 | if (local->ops->conf_tx) | 363 | if (local->ops->get_survey) |
364 | ret = local->ops->get_survey(&local->hw, idx, survey); | 364 | ret = local->ops->get_survey(&local->hw, idx, survey); |
365 | /* trace_drv_get_survey(local, idx, survey, ret); */ | 365 | /* trace_drv_get_survey(local, idx, survey, ret); */ |
366 | return ret; | 366 | return ret; |
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index 9420cf14fae4..2ab4e86d9929 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c | |||
@@ -1692,14 +1692,52 @@ static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, | |||
1692 | rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); | 1692 | rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); |
1693 | break; | 1693 | break; |
1694 | case IEEE80211_STYPE_ACTION: | 1694 | case IEEE80211_STYPE_ACTION: |
1695 | if (mgmt->u.action.category != WLAN_CATEGORY_SPECTRUM_MGMT) | 1695 | switch (mgmt->u.action.category) { |
1696 | case WLAN_CATEGORY_BACK: { | ||
1697 | struct ieee80211_local *local = sdata->local; | ||
1698 | int len = skb->len; | ||
1699 | struct sta_info *sta; | ||
1700 | |||
1701 | rcu_read_lock(); | ||
1702 | sta = sta_info_get(sdata, mgmt->sa); | ||
1703 | if (!sta) { | ||
1704 | rcu_read_unlock(); | ||
1705 | break; | ||
1706 | } | ||
1707 | |||
1708 | local_bh_disable(); | ||
1709 | |||
1710 | switch (mgmt->u.action.u.addba_req.action_code) { | ||
1711 | case WLAN_ACTION_ADDBA_REQ: | ||
1712 | if (len < (IEEE80211_MIN_ACTION_SIZE + | ||
1713 | sizeof(mgmt->u.action.u.addba_req))) | ||
1714 | break; | ||
1715 | ieee80211_process_addba_request(local, sta, mgmt, len); | ||
1716 | break; | ||
1717 | case WLAN_ACTION_ADDBA_RESP: | ||
1718 | if (len < (IEEE80211_MIN_ACTION_SIZE + | ||
1719 | sizeof(mgmt->u.action.u.addba_resp))) | ||
1720 | break; | ||
1721 | ieee80211_process_addba_resp(local, sta, mgmt, len); | ||
1722 | break; | ||
1723 | case WLAN_ACTION_DELBA: | ||
1724 | if (len < (IEEE80211_MIN_ACTION_SIZE + | ||
1725 | sizeof(mgmt->u.action.u.delba))) | ||
1726 | break; | ||
1727 | ieee80211_process_delba(sdata, sta, mgmt, len); | ||
1728 | break; | ||
1729 | } | ||
1730 | local_bh_enable(); | ||
1731 | rcu_read_unlock(); | ||
1696 | break; | 1732 | break; |
1697 | 1733 | } | |
1698 | ieee80211_sta_process_chanswitch(sdata, | 1734 | case WLAN_CATEGORY_SPECTRUM_MGMT: |
1699 | &mgmt->u.action.u.chan_switch.sw_elem, | 1735 | ieee80211_sta_process_chanswitch(sdata, |
1700 | (void *)ifmgd->associated->priv, | 1736 | &mgmt->u.action.u.chan_switch.sw_elem, |
1701 | rx_status->mactime); | 1737 | (void *)ifmgd->associated->priv, |
1702 | break; | 1738 | rx_status->mactime); |
1739 | break; | ||
1740 | } | ||
1703 | } | 1741 | } |
1704 | mutex_unlock(&ifmgd->mtx); | 1742 | mutex_unlock(&ifmgd->mtx); |
1705 | 1743 | ||
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index 0b9898ac4d87..6e7d6d48fe1e 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c | |||
@@ -1819,17 +1819,26 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx, struct sk_buff_head *frames) | |||
1819 | return RX_CONTINUE; | 1819 | return RX_CONTINUE; |
1820 | 1820 | ||
1821 | if (ieee80211_is_back_req(bar->frame_control)) { | 1821 | if (ieee80211_is_back_req(bar->frame_control)) { |
1822 | struct { | ||
1823 | __le16 control, start_seq_num; | ||
1824 | } __packed bar_data; | ||
1825 | |||
1822 | if (!rx->sta) | 1826 | if (!rx->sta) |
1823 | return RX_DROP_MONITOR; | 1827 | return RX_DROP_MONITOR; |
1828 | |||
1829 | if (skb_copy_bits(skb, offsetof(struct ieee80211_bar, control), | ||
1830 | &bar_data, sizeof(bar_data))) | ||
1831 | return RX_DROP_MONITOR; | ||
1832 | |||
1824 | spin_lock(&rx->sta->lock); | 1833 | spin_lock(&rx->sta->lock); |
1825 | tid = le16_to_cpu(bar->control) >> 12; | 1834 | tid = le16_to_cpu(bar_data.control) >> 12; |
1826 | if (!rx->sta->ampdu_mlme.tid_active_rx[tid]) { | 1835 | if (!rx->sta->ampdu_mlme.tid_active_rx[tid]) { |
1827 | spin_unlock(&rx->sta->lock); | 1836 | spin_unlock(&rx->sta->lock); |
1828 | return RX_DROP_MONITOR; | 1837 | return RX_DROP_MONITOR; |
1829 | } | 1838 | } |
1830 | tid_agg_rx = rx->sta->ampdu_mlme.tid_rx[tid]; | 1839 | tid_agg_rx = rx->sta->ampdu_mlme.tid_rx[tid]; |
1831 | 1840 | ||
1832 | start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4; | 1841 | start_seq_num = le16_to_cpu(bar_data.start_seq_num) >> 4; |
1833 | 1842 | ||
1834 | /* reset session timer */ | 1843 | /* reset session timer */ |
1835 | if (tid_agg_rx->timeout) | 1844 | if (tid_agg_rx->timeout) |
@@ -1941,6 +1950,9 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx) | |||
1941 | if (len < IEEE80211_MIN_ACTION_SIZE + 1) | 1950 | if (len < IEEE80211_MIN_ACTION_SIZE + 1) |
1942 | break; | 1951 | break; |
1943 | 1952 | ||
1953 | if (sdata->vif.type == NL80211_IFTYPE_STATION) | ||
1954 | return ieee80211_sta_rx_mgmt(sdata, rx->skb); | ||
1955 | |||
1944 | switch (mgmt->u.action.u.addba_req.action_code) { | 1956 | switch (mgmt->u.action.u.addba_req.action_code) { |
1945 | case WLAN_ACTION_ADDBA_REQ: | 1957 | case WLAN_ACTION_ADDBA_REQ: |
1946 | if (len < (IEEE80211_MIN_ACTION_SIZE + | 1958 | if (len < (IEEE80211_MIN_ACTION_SIZE + |