aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/Kconfig33
-rw-r--r--net/mac80211/Makefile9
-rw-r--r--net/mac80211/cfg.c400
-rw-r--r--net/mac80211/debugfs.c47
-rw-r--r--net/mac80211/debugfs_netdev.c206
-rw-r--r--net/mac80211/debugfs_sta.c179
-rw-r--r--net/mac80211/debugfs_sta.h2
-rw-r--r--net/mac80211/ieee80211.c984
-rw-r--r--net/mac80211/ieee80211_i.h502
-rw-r--r--net/mac80211/ieee80211_iface.c48
-rw-r--r--net/mac80211/ieee80211_ioctl.c232
-rw-r--r--net/mac80211/ieee80211_key.h26
-rw-r--r--net/mac80211/ieee80211_rate.c23
-rw-r--r--net/mac80211/ieee80211_rate.h44
-rw-r--r--net/mac80211/ieee80211_sta.c1674
-rw-r--r--net/mac80211/key.c183
-rw-r--r--net/mac80211/mesh.c449
-rw-r--r--net/mac80211/mesh.h290
-rw-r--r--net/mac80211/mesh_hwmp.c857
-rw-r--r--net/mac80211/mesh_pathtbl.c516
-rw-r--r--net/mac80211/mesh_plink.c761
-rw-r--r--net/mac80211/rc80211_pid_algo.c122
-rw-r--r--net/mac80211/rc80211_simple.c400
-rw-r--r--net/mac80211/regdomain.c152
-rw-r--r--net/mac80211/rx.c867
-rw-r--r--net/mac80211/sta_info.c564
-rw-r--r--net/mac80211/sta_info.h351
-rw-r--r--net/mac80211/tkip.c68
-rw-r--r--net/mac80211/tkip.h2
-rw-r--r--net/mac80211/tx.c727
-rw-r--r--net/mac80211/util.c170
-rw-r--r--net/mac80211/wep.c40
-rw-r--r--net/mac80211/wep.h8
-rw-r--r--net/mac80211/wme.c139
-rw-r--r--net/mac80211/wme.h23
-rw-r--r--net/mac80211/wpa.c152
-rw-r--r--net/mac80211/wpa.h24
37 files changed, 8131 insertions, 3143 deletions
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index 45c7c0c3875e..520a5180a4f6 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -32,15 +32,6 @@ config MAC80211_RC_DEFAULT_PID
32 default rate control algorithm. You should choose 32 default rate control algorithm. You should choose
33 this unless you know what you are doing. 33 this unless you know what you are doing.
34 34
35config MAC80211_RC_DEFAULT_SIMPLE
36 bool "Simple rate control algorithm"
37 select MAC80211_RC_SIMPLE
38 ---help---
39 Select the simple rate control as the default rate
40 control algorithm. Note that this is a non-responsive,
41 dumb algorithm. You should choose the PID rate control
42 instead.
43
44config MAC80211_RC_DEFAULT_NONE 35config MAC80211_RC_DEFAULT_NONE
45 bool "No default algorithm" 36 bool "No default algorithm"
46 depends on EMBEDDED 37 depends on EMBEDDED
@@ -57,7 +48,6 @@ comment "build the algorithm into mac80211."
57config MAC80211_RC_DEFAULT 48config MAC80211_RC_DEFAULT
58 string 49 string
59 default "pid" if MAC80211_RC_DEFAULT_PID 50 default "pid" if MAC80211_RC_DEFAULT_PID
60 default "simple" if MAC80211_RC_DEFAULT_SIMPLE
61 default "" 51 default ""
62 52
63config MAC80211_RC_PID 53config MAC80211_RC_PID
@@ -70,16 +60,16 @@ config MAC80211_RC_PID
70 Say Y or M unless you're sure you want to use a 60 Say Y or M unless you're sure you want to use a
71 different rate control algorithm. 61 different rate control algorithm.
72 62
73config MAC80211_RC_SIMPLE 63endmenu
74 tristate "Simple rate control algorithm (DEPRECATED)" 64
65config MAC80211_MESH
66 bool "Enable mac80211 mesh networking (pre-802.11s) support"
67 depends on MAC80211 && EXPERIMENTAL
75 ---help--- 68 ---help---
76 This option enables a very simple, non-responsive TX 69 This options enables support of Draft 802.11s mesh networking.
77 rate control algorithm. This algorithm is deprecated 70 The implementation is based on Draft 1.08 of the Mesh Networking
78 and will be removed from the kernel in the near future. 71 amendment. For more information visit http://o11s.org/.
79 It has been replaced by the PID algorithm.
80 72
81 Say N unless you know what you are doing.
82endmenu
83 73
84config MAC80211_LEDS 74config MAC80211_LEDS
85 bool "Enable LED triggers" 75 bool "Enable LED triggers"
@@ -166,3 +156,10 @@ config MAC80211_VERBOSE_PS_DEBUG
166 ---help--- 156 ---help---
167 Say Y here to print out verbose powersave 157 Say Y here to print out verbose powersave
168 mode debug messages. 158 mode debug messages.
159
160config MAC80211_VERBOSE_MPL_DEBUG
161 bool "Verbose mesh peer link debugging"
162 depends on MAC80211_DEBUG && MAC80211_MESH
163 ---help---
164 Say Y here to print out verbose mesh peer link
165 debug messages.
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 54f46bc80cfe..70f4b26c2d87 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -19,7 +19,6 @@ mac80211-y := \
19 ieee80211_iface.o \ 19 ieee80211_iface.o \
20 ieee80211_rate.o \ 20 ieee80211_rate.o \
21 michael.o \ 21 michael.o \
22 regdomain.o \
23 tkip.o \ 22 tkip.o \
24 aes_ccm.o \ 23 aes_ccm.o \
25 cfg.o \ 24 cfg.o \
@@ -37,11 +36,15 @@ mac80211-$(CONFIG_MAC80211_DEBUGFS) += \
37 debugfs_netdev.o \ 36 debugfs_netdev.o \
38 debugfs_key.o 37 debugfs_key.o
39 38
39mac80211-$(CONFIG_MAC80211_MESH) += \
40 mesh.o \
41 mesh_pathtbl.o \
42 mesh_plink.o \
43 mesh_hwmp.o
44
40 45
41# Build rate control algorithm(s) 46# Build rate control algorithm(s)
42CFLAGS_rc80211_simple.o += -DRC80211_SIMPLE_COMPILE
43CFLAGS_rc80211_pid_algo.o += -DRC80211_PID_COMPILE 47CFLAGS_rc80211_pid_algo.o += -DRC80211_PID_COMPILE
44mac80211-$(CONFIG_MAC80211_RC_SIMPLE) += rc80211_simple.o
45mac80211-$(CONFIG_MAC80211_RC_PID) += $(rc-pid-$(CONFIG_MAC80211_RC_PID)) 48mac80211-$(CONFIG_MAC80211_RC_PID) += $(rc-pid-$(CONFIG_MAC80211_RC_PID))
46 49
47# Modular rate algorithms are assigned to mac80211-m - make separate modules 50# Modular rate algorithms are assigned to mac80211-m - make separate modules
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 22c9619ba776..6b183a3526b0 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -15,6 +15,7 @@
15#include "ieee80211_i.h" 15#include "ieee80211_i.h"
16#include "cfg.h" 16#include "cfg.h"
17#include "ieee80211_rate.h" 17#include "ieee80211_rate.h"
18#include "mesh.h"
18 19
19static enum ieee80211_if_types 20static enum ieee80211_if_types
20nl80211_type_to_mac80211_type(enum nl80211_iftype type) 21nl80211_type_to_mac80211_type(enum nl80211_iftype type)
@@ -28,16 +29,24 @@ nl80211_type_to_mac80211_type(enum nl80211_iftype type)
28 return IEEE80211_IF_TYPE_STA; 29 return IEEE80211_IF_TYPE_STA;
29 case NL80211_IFTYPE_MONITOR: 30 case NL80211_IFTYPE_MONITOR:
30 return IEEE80211_IF_TYPE_MNTR; 31 return IEEE80211_IF_TYPE_MNTR;
32#ifdef CONFIG_MAC80211_MESH
33 case NL80211_IFTYPE_MESH_POINT:
34 return IEEE80211_IF_TYPE_MESH_POINT;
35#endif
31 default: 36 default:
32 return IEEE80211_IF_TYPE_INVALID; 37 return IEEE80211_IF_TYPE_INVALID;
33 } 38 }
34} 39}
35 40
36static int ieee80211_add_iface(struct wiphy *wiphy, char *name, 41static int ieee80211_add_iface(struct wiphy *wiphy, char *name,
37 enum nl80211_iftype type) 42 enum nl80211_iftype type, u32 *flags,
43 struct vif_params *params)
38{ 44{
39 struct ieee80211_local *local = wiphy_priv(wiphy); 45 struct ieee80211_local *local = wiphy_priv(wiphy);
40 enum ieee80211_if_types itype; 46 enum ieee80211_if_types itype;
47 struct net_device *dev;
48 struct ieee80211_sub_if_data *sdata;
49 int err;
41 50
42 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED)) 51 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED))
43 return -ENODEV; 52 return -ENODEV;
@@ -46,7 +55,13 @@ static int ieee80211_add_iface(struct wiphy *wiphy, char *name,
46 if (itype == IEEE80211_IF_TYPE_INVALID) 55 if (itype == IEEE80211_IF_TYPE_INVALID)
47 return -EINVAL; 56 return -EINVAL;
48 57
49 return ieee80211_if_add(local->mdev, name, NULL, itype); 58 err = ieee80211_if_add(local->mdev, name, &dev, itype, params);
59 if (err || itype != IEEE80211_IF_TYPE_MNTR || !flags)
60 return err;
61
62 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
63 sdata->u.mntr_flags = *flags;
64 return 0;
50} 65}
51 66
52static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex) 67static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex)
@@ -69,7 +84,8 @@ static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex)
69} 84}
70 85
71static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex, 86static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex,
72 enum nl80211_iftype type) 87 enum nl80211_iftype type, u32 *flags,
88 struct vif_params *params)
73{ 89{
74 struct ieee80211_local *local = wiphy_priv(wiphy); 90 struct ieee80211_local *local = wiphy_priv(wiphy);
75 struct net_device *dev; 91 struct net_device *dev;
@@ -99,6 +115,15 @@ static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex,
99 ieee80211_if_reinit(dev); 115 ieee80211_if_reinit(dev);
100 ieee80211_if_set_type(dev, itype); 116 ieee80211_if_set_type(dev, itype);
101 117
118 if (ieee80211_vif_is_mesh(&sdata->vif) && params->mesh_id_len)
119 ieee80211_if_sta_set_mesh_id(&sdata->u.sta,
120 params->mesh_id_len,
121 params->mesh_id);
122
123 if (sdata->vif.type != IEEE80211_IF_TYPE_MNTR || !flags)
124 return 0;
125
126 sdata->u.mntr_flags = *flags;
102 return 0; 127 return 0;
103} 128}
104 129
@@ -109,7 +134,7 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
109 struct ieee80211_sub_if_data *sdata; 134 struct ieee80211_sub_if_data *sdata;
110 struct sta_info *sta = NULL; 135 struct sta_info *sta = NULL;
111 enum ieee80211_key_alg alg; 136 enum ieee80211_key_alg alg;
112 int ret; 137 struct ieee80211_key *key;
113 138
114 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 139 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
115 140
@@ -128,21 +153,21 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
128 return -EINVAL; 153 return -EINVAL;
129 } 154 }
130 155
156 key = ieee80211_key_alloc(alg, key_idx, params->key_len, params->key);
157 if (!key)
158 return -ENOMEM;
159
131 if (mac_addr) { 160 if (mac_addr) {
132 sta = sta_info_get(sdata->local, mac_addr); 161 sta = sta_info_get(sdata->local, mac_addr);
133 if (!sta) 162 if (!sta) {
163 ieee80211_key_free(key);
134 return -ENOENT; 164 return -ENOENT;
165 }
135 } 166 }
136 167
137 ret = 0; 168 ieee80211_key_link(key, sdata, sta);
138 if (!ieee80211_key_alloc(sdata, sta, alg, key_idx,
139 params->key_len, params->key))
140 ret = -ENOMEM;
141
142 if (sta)
143 sta_info_put(sta);
144 169
145 return ret; 170 return 0;
146} 171}
147 172
148static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev, 173static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
@@ -160,12 +185,12 @@ static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
160 return -ENOENT; 185 return -ENOENT;
161 186
162 ret = 0; 187 ret = 0;
163 if (sta->key) 188 if (sta->key) {
164 ieee80211_key_free(sta->key); 189 ieee80211_key_free(sta->key);
165 else 190 WARN_ON(sta->key);
191 } else
166 ret = -ENOENT; 192 ret = -ENOENT;
167 193
168 sta_info_put(sta);
169 return ret; 194 return ret;
170 } 195 }
171 196
@@ -173,6 +198,7 @@ static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
173 return -ENOENT; 198 return -ENOENT;
174 199
175 ieee80211_key_free(sdata->keys[key_idx]); 200 ieee80211_key_free(sdata->keys[key_idx]);
201 WARN_ON(sdata->keys[key_idx]);
176 202
177 return 0; 203 return 0;
178} 204}
@@ -254,8 +280,6 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
254 err = 0; 280 err = 0;
255 281
256 out: 282 out:
257 if (sta)
258 sta_info_put(sta);
259 return err; 283 return err;
260} 284}
261 285
@@ -271,29 +295,73 @@ static int ieee80211_config_default_key(struct wiphy *wiphy,
271 return 0; 295 return 0;
272} 296}
273 297
298static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
299{
300 struct ieee80211_sub_if_data *sdata = sta->sdata;
301
302 sinfo->filled = STATION_INFO_INACTIVE_TIME |
303 STATION_INFO_RX_BYTES |
304 STATION_INFO_TX_BYTES;
305
306 sinfo->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx);
307 sinfo->rx_bytes = sta->rx_bytes;
308 sinfo->tx_bytes = sta->tx_bytes;
309
310 if (ieee80211_vif_is_mesh(&sdata->vif)) {
311#ifdef CONFIG_MAC80211_MESH
312 sinfo->filled |= STATION_INFO_LLID |
313 STATION_INFO_PLID |
314 STATION_INFO_PLINK_STATE;
315
316 sinfo->llid = le16_to_cpu(sta->llid);
317 sinfo->plid = le16_to_cpu(sta->plid);
318 sinfo->plink_state = sta->plink_state;
319#endif
320 }
321}
322
323
324static int ieee80211_dump_station(struct wiphy *wiphy, struct net_device *dev,
325 int idx, u8 *mac, struct station_info *sinfo)
326{
327 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
328 struct sta_info *sta;
329 int ret = -ENOENT;
330
331 rcu_read_lock();
332
333 sta = sta_info_get_by_idx(local, idx, dev);
334 if (sta) {
335 ret = 0;
336 memcpy(mac, sta->addr, ETH_ALEN);
337 sta_set_sinfo(sta, sinfo);
338 }
339
340 rcu_read_unlock();
341
342 return ret;
343}
344
274static int ieee80211_get_station(struct wiphy *wiphy, struct net_device *dev, 345static int ieee80211_get_station(struct wiphy *wiphy, struct net_device *dev,
275 u8 *mac, struct station_stats *stats) 346 u8 *mac, struct station_info *sinfo)
276{ 347{
277 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 348 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
278 struct sta_info *sta; 349 struct sta_info *sta;
350 int ret = -ENOENT;
279 351
280 sta = sta_info_get(local, mac); 352 rcu_read_lock();
281 if (!sta)
282 return -ENOENT;
283 353
284 /* XXX: verify sta->dev == dev */ 354 /* XXX: verify sta->dev == dev */
285 355
286 stats->filled = STATION_STAT_INACTIVE_TIME | 356 sta = sta_info_get(local, mac);
287 STATION_STAT_RX_BYTES | 357 if (sta) {
288 STATION_STAT_TX_BYTES; 358 ret = 0;
289 359 sta_set_sinfo(sta, sinfo);
290 stats->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx); 360 }
291 stats->rx_bytes = sta->rx_bytes;
292 stats->tx_bytes = sta->tx_bytes;
293 361
294 sta_info_put(sta); 362 rcu_read_unlock();
295 363
296 return 0; 364 return ret;
297} 365}
298 366
299/* 367/*
@@ -486,8 +554,8 @@ static void ieee80211_send_layer2_update(struct sta_info *sta)
486 msg->xid_info[1] = 1; /* LLC types/classes: Type 1 LLC */ 554 msg->xid_info[1] = 1; /* LLC types/classes: Type 1 LLC */
487 msg->xid_info[2] = 0; /* XID sender's receive window size (RW) */ 555 msg->xid_info[2] = 0; /* XID sender's receive window size (RW) */
488 556
489 skb->dev = sta->dev; 557 skb->dev = sta->sdata->dev;
490 skb->protocol = eth_type_trans(skb, sta->dev); 558 skb->protocol = eth_type_trans(skb, sta->sdata->dev);
491 memset(skb->cb, 0, sizeof(skb->cb)); 559 memset(skb->cb, 0, sizeof(skb->cb));
492 netif_rx(skb); 560 netif_rx(skb);
493} 561}
@@ -498,7 +566,14 @@ static void sta_apply_parameters(struct ieee80211_local *local,
498{ 566{
499 u32 rates; 567 u32 rates;
500 int i, j; 568 int i, j;
501 struct ieee80211_hw_mode *mode; 569 struct ieee80211_supported_band *sband;
570 struct ieee80211_sub_if_data *sdata = sta->sdata;
571
572 /*
573 * FIXME: updating the flags is racy when this function is
574 * called from ieee80211_change_station(), this will
575 * be resolved in a future patch.
576 */
502 577
503 if (params->station_flags & STATION_FLAG_CHANGED) { 578 if (params->station_flags & STATION_FLAG_CHANGED) {
504 sta->flags &= ~WLAN_STA_AUTHORIZED; 579 sta->flags &= ~WLAN_STA_AUTHORIZED;
@@ -514,6 +589,13 @@ static void sta_apply_parameters(struct ieee80211_local *local,
514 sta->flags |= WLAN_STA_WME; 589 sta->flags |= WLAN_STA_WME;
515 } 590 }
516 591
592 /*
593 * FIXME: updating the following information is racy when this
594 * function is called from ieee80211_change_station().
595 * However, all this information should be static so
596 * maybe we should just reject attemps to change it.
597 */
598
517 if (params->aid) { 599 if (params->aid) {
518 sta->aid = params->aid; 600 sta->aid = params->aid;
519 if (sta->aid > IEEE80211_MAX_AID) 601 if (sta->aid > IEEE80211_MAX_AID)
@@ -525,15 +607,27 @@ static void sta_apply_parameters(struct ieee80211_local *local,
525 607
526 if (params->supported_rates) { 608 if (params->supported_rates) {
527 rates = 0; 609 rates = 0;
528 mode = local->oper_hw_mode; 610 sband = local->hw.wiphy->bands[local->oper_channel->band];
611
529 for (i = 0; i < params->supported_rates_len; i++) { 612 for (i = 0; i < params->supported_rates_len; i++) {
530 int rate = (params->supported_rates[i] & 0x7f) * 5; 613 int rate = (params->supported_rates[i] & 0x7f) * 5;
531 for (j = 0; j < mode->num_rates; j++) { 614 for (j = 0; j < sband->n_bitrates; j++) {
532 if (mode->rates[j].rate == rate) 615 if (sband->bitrates[j].bitrate == rate)
533 rates |= BIT(j); 616 rates |= BIT(j);
534 } 617 }
535 } 618 }
536 sta->supp_rates = rates; 619 sta->supp_rates[local->oper_channel->band] = rates;
620 }
621
622 if (ieee80211_vif_is_mesh(&sdata->vif) && params->plink_action) {
623 switch (params->plink_action) {
624 case PLINK_ACTION_OPEN:
625 mesh_plink_open(sta);
626 break;
627 case PLINK_ACTION_BLOCK:
628 mesh_plink_block(sta);
629 break;
630 }
537 } 631 }
538} 632}
539 633
@@ -543,18 +637,12 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
543 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 637 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
544 struct sta_info *sta; 638 struct sta_info *sta;
545 struct ieee80211_sub_if_data *sdata; 639 struct ieee80211_sub_if_data *sdata;
640 int err;
546 641
547 /* Prevent a race with changing the rate control algorithm */ 642 /* Prevent a race with changing the rate control algorithm */
548 if (!netif_running(dev)) 643 if (!netif_running(dev))
549 return -ENETDOWN; 644 return -ENETDOWN;
550 645
551 /* XXX: get sta belonging to dev */
552 sta = sta_info_get(local, mac);
553 if (sta) {
554 sta_info_put(sta);
555 return -EEXIST;
556 }
557
558 if (params->vlan) { 646 if (params->vlan) {
559 sdata = IEEE80211_DEV_TO_SUB_IF(params->vlan); 647 sdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
560 648
@@ -564,22 +652,36 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
564 } else 652 } else
565 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 653 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
566 654
567 sta = sta_info_add(local, dev, mac, GFP_KERNEL); 655 if (compare_ether_addr(mac, dev->dev_addr) == 0)
656 return -EINVAL;
657
658 if (is_multicast_ether_addr(mac))
659 return -EINVAL;
660
661 sta = sta_info_alloc(sdata, mac, GFP_KERNEL);
568 if (!sta) 662 if (!sta)
569 return -ENOMEM; 663 return -ENOMEM;
570 664
571 sta->dev = sdata->dev;
572 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN ||
573 sdata->vif.type == IEEE80211_IF_TYPE_AP)
574 ieee80211_send_layer2_update(sta);
575
576 sta->flags = WLAN_STA_AUTH | WLAN_STA_ASSOC; 665 sta->flags = WLAN_STA_AUTH | WLAN_STA_ASSOC;
577 666
578 sta_apply_parameters(local, sta, params); 667 sta_apply_parameters(local, sta, params);
579 668
580 rate_control_rate_init(sta, local); 669 rate_control_rate_init(sta, local);
581 670
582 sta_info_put(sta); 671 rcu_read_lock();
672
673 err = sta_info_insert(sta);
674 if (err) {
675 sta_info_destroy(sta);
676 rcu_read_unlock();
677 return err;
678 }
679
680 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN ||
681 sdata->vif.type == IEEE80211_IF_TYPE_AP)
682 ieee80211_send_layer2_update(sta);
683
684 rcu_read_unlock();
583 685
584 return 0; 686 return 0;
585} 687}
@@ -587,7 +689,8 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
587static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev, 689static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
588 u8 *mac) 690 u8 *mac)
589{ 691{
590 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 692 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
693 struct ieee80211_local *local = sdata->local;
591 struct sta_info *sta; 694 struct sta_info *sta;
592 695
593 if (mac) { 696 if (mac) {
@@ -596,10 +699,14 @@ static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
596 if (!sta) 699 if (!sta)
597 return -ENOENT; 700 return -ENOENT;
598 701
599 sta_info_free(sta); 702 sta_info_unlink(&sta);
600 sta_info_put(sta); 703
704 if (sta) {
705 synchronize_rcu();
706 sta_info_destroy(sta);
707 }
601 } else 708 } else
602 sta_info_flush(local, dev); 709 sta_info_flush(local, sdata);
603 710
604 return 0; 711 return 0;
605} 712}
@@ -618,23 +725,190 @@ static int ieee80211_change_station(struct wiphy *wiphy,
618 if (!sta) 725 if (!sta)
619 return -ENOENT; 726 return -ENOENT;
620 727
621 if (params->vlan && params->vlan != sta->dev) { 728 if (params->vlan && params->vlan != sta->sdata->dev) {
622 vlansdata = IEEE80211_DEV_TO_SUB_IF(params->vlan); 729 vlansdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
623 730
624 if (vlansdata->vif.type != IEEE80211_IF_TYPE_VLAN || 731 if (vlansdata->vif.type != IEEE80211_IF_TYPE_VLAN ||
625 vlansdata->vif.type != IEEE80211_IF_TYPE_AP) 732 vlansdata->vif.type != IEEE80211_IF_TYPE_AP)
626 return -EINVAL; 733 return -EINVAL;
627 734
628 sta->dev = params->vlan; 735 sta->sdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
629 ieee80211_send_layer2_update(sta); 736 ieee80211_send_layer2_update(sta);
630 } 737 }
631 738
632 sta_apply_parameters(local, sta, params); 739 sta_apply_parameters(local, sta, params);
633 740
634 sta_info_put(sta); 741 return 0;
742}
743
744#ifdef CONFIG_MAC80211_MESH
745static int ieee80211_add_mpath(struct wiphy *wiphy, struct net_device *dev,
746 u8 *dst, u8 *next_hop)
747{
748 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
749 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
750 struct mesh_path *mpath;
751 struct sta_info *sta;
752 int err;
753
754 if (!netif_running(dev))
755 return -ENETDOWN;
756
757 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
758 return -ENOTSUPP;
759
760 rcu_read_lock();
761 sta = sta_info_get(local, next_hop);
762 if (!sta) {
763 rcu_read_unlock();
764 return -ENOENT;
765 }
766
767 err = mesh_path_add(dst, dev);
768 if (err) {
769 rcu_read_unlock();
770 return err;
771 }
772
773 mpath = mesh_path_lookup(dst, dev);
774 if (!mpath) {
775 rcu_read_unlock();
776 return -ENXIO;
777 }
778 mesh_path_fix_nexthop(mpath, sta);
779
780 rcu_read_unlock();
781 return 0;
782}
635 783
784static int ieee80211_del_mpath(struct wiphy *wiphy, struct net_device *dev,
785 u8 *dst)
786{
787 if (dst)
788 return mesh_path_del(dst, dev);
789
790 mesh_path_flush(dev);
791 return 0;
792}
793
794static int ieee80211_change_mpath(struct wiphy *wiphy,
795 struct net_device *dev,
796 u8 *dst, u8 *next_hop)
797{
798 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
799 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
800 struct mesh_path *mpath;
801 struct sta_info *sta;
802
803 if (!netif_running(dev))
804 return -ENETDOWN;
805
806 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
807 return -ENOTSUPP;
808
809 rcu_read_lock();
810
811 sta = sta_info_get(local, next_hop);
812 if (!sta) {
813 rcu_read_unlock();
814 return -ENOENT;
815 }
816
817 mpath = mesh_path_lookup(dst, dev);
818 if (!mpath) {
819 rcu_read_unlock();
820 return -ENOENT;
821 }
822
823 mesh_path_fix_nexthop(mpath, sta);
824
825 rcu_read_unlock();
826 return 0;
827}
828
829static void mpath_set_pinfo(struct mesh_path *mpath, u8 *next_hop,
830 struct mpath_info *pinfo)
831{
832 if (mpath->next_hop)
833 memcpy(next_hop, mpath->next_hop->addr, ETH_ALEN);
834 else
835 memset(next_hop, 0, ETH_ALEN);
836
837 pinfo->filled = MPATH_INFO_FRAME_QLEN |
838 MPATH_INFO_DSN |
839 MPATH_INFO_METRIC |
840 MPATH_INFO_EXPTIME |
841 MPATH_INFO_DISCOVERY_TIMEOUT |
842 MPATH_INFO_DISCOVERY_RETRIES |
843 MPATH_INFO_FLAGS;
844
845 pinfo->frame_qlen = mpath->frame_queue.qlen;
846 pinfo->dsn = mpath->dsn;
847 pinfo->metric = mpath->metric;
848 if (time_before(jiffies, mpath->exp_time))
849 pinfo->exptime = jiffies_to_msecs(mpath->exp_time - jiffies);
850 pinfo->discovery_timeout =
851 jiffies_to_msecs(mpath->discovery_timeout);
852 pinfo->discovery_retries = mpath->discovery_retries;
853 pinfo->flags = 0;
854 if (mpath->flags & MESH_PATH_ACTIVE)
855 pinfo->flags |= NL80211_MPATH_FLAG_ACTIVE;
856 if (mpath->flags & MESH_PATH_RESOLVING)
857 pinfo->flags |= NL80211_MPATH_FLAG_RESOLVING;
858 if (mpath->flags & MESH_PATH_DSN_VALID)
859 pinfo->flags |= NL80211_MPATH_FLAG_DSN_VALID;
860 if (mpath->flags & MESH_PATH_FIXED)
861 pinfo->flags |= NL80211_MPATH_FLAG_FIXED;
862 if (mpath->flags & MESH_PATH_RESOLVING)
863 pinfo->flags |= NL80211_MPATH_FLAG_RESOLVING;
864
865 pinfo->flags = mpath->flags;
866}
867
868static int ieee80211_get_mpath(struct wiphy *wiphy, struct net_device *dev,
869 u8 *dst, u8 *next_hop, struct mpath_info *pinfo)
870
871{
872 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
873 struct mesh_path *mpath;
874
875 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
876 return -ENOTSUPP;
877
878 rcu_read_lock();
879 mpath = mesh_path_lookup(dst, dev);
880 if (!mpath) {
881 rcu_read_unlock();
882 return -ENOENT;
883 }
884 memcpy(dst, mpath->dst, ETH_ALEN);
885 mpath_set_pinfo(mpath, next_hop, pinfo);
886 rcu_read_unlock();
887 return 0;
888}
889
890static int ieee80211_dump_mpath(struct wiphy *wiphy, struct net_device *dev,
891 int idx, u8 *dst, u8 *next_hop,
892 struct mpath_info *pinfo)
893{
894 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
895 struct mesh_path *mpath;
896
897 if (sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)
898 return -ENOTSUPP;
899
900 rcu_read_lock();
901 mpath = mesh_path_lookup_by_idx(idx, dev);
902 if (!mpath) {
903 rcu_read_unlock();
904 return -ENOENT;
905 }
906 memcpy(dst, mpath->dst, ETH_ALEN);
907 mpath_set_pinfo(mpath, next_hop, pinfo);
908 rcu_read_unlock();
636 return 0; 909 return 0;
637} 910}
911#endif
638 912
639struct cfg80211_ops mac80211_config_ops = { 913struct cfg80211_ops mac80211_config_ops = {
640 .add_virtual_intf = ieee80211_add_iface, 914 .add_virtual_intf = ieee80211_add_iface,
@@ -651,4 +925,12 @@ struct cfg80211_ops mac80211_config_ops = {
651 .del_station = ieee80211_del_station, 925 .del_station = ieee80211_del_station,
652 .change_station = ieee80211_change_station, 926 .change_station = ieee80211_change_station,
653 .get_station = ieee80211_get_station, 927 .get_station = ieee80211_get_station,
928 .dump_station = ieee80211_dump_station,
929#ifdef CONFIG_MAC80211_MESH
930 .add_mpath = ieee80211_add_mpath,
931 .del_mpath = ieee80211_del_mpath,
932 .change_mpath = ieee80211_change_mpath,
933 .get_mpath = ieee80211_get_mpath,
934 .dump_mpath = ieee80211_dump_mpath,
935#endif
654}; 936};
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index 60514b2c97b9..4736c64937b4 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -19,41 +19,6 @@ int mac80211_open_file_generic(struct inode *inode, struct file *file)
19 return 0; 19 return 0;
20} 20}
21 21
22static const char *ieee80211_mode_str(int mode)
23{
24 switch (mode) {
25 case MODE_IEEE80211A:
26 return "IEEE 802.11a";
27 case MODE_IEEE80211B:
28 return "IEEE 802.11b";
29 case MODE_IEEE80211G:
30 return "IEEE 802.11g";
31 default:
32 return "UNKNOWN";
33 }
34}
35
36static ssize_t modes_read(struct file *file, char __user *userbuf,
37 size_t count, loff_t *ppos)
38{
39 struct ieee80211_local *local = file->private_data;
40 struct ieee80211_hw_mode *mode;
41 char buf[150], *p = buf;
42
43 /* FIXME: locking! */
44 list_for_each_entry(mode, &local->modes_list, list) {
45 p += scnprintf(p, sizeof(buf)+buf-p,
46 "%s\n", ieee80211_mode_str(mode->mode));
47 }
48
49 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
50}
51
52static const struct file_operations modes_ops = {
53 .read = modes_read,
54 .open = mac80211_open_file_generic,
55};
56
57#define DEBUGFS_READONLY_FILE(name, buflen, fmt, value...) \ 22#define DEBUGFS_READONLY_FILE(name, buflen, fmt, value...) \
58static ssize_t name## _read(struct file *file, char __user *userbuf, \ 23static ssize_t name## _read(struct file *file, char __user *userbuf, \
59 size_t count, loff_t *ppos) \ 24 size_t count, loff_t *ppos) \
@@ -80,10 +45,8 @@ static const struct file_operations name## _ops = { \
80 local->debugfs.name = NULL; 45 local->debugfs.name = NULL;
81 46
82 47
83DEBUGFS_READONLY_FILE(channel, 20, "%d",
84 local->hw.conf.channel);
85DEBUGFS_READONLY_FILE(frequency, 20, "%d", 48DEBUGFS_READONLY_FILE(frequency, 20, "%d",
86 local->hw.conf.freq); 49 local->hw.conf.channel->center_freq);
87DEBUGFS_READONLY_FILE(antenna_sel_tx, 20, "%d", 50DEBUGFS_READONLY_FILE(antenna_sel_tx, 20, "%d",
88 local->hw.conf.antenna_sel_tx); 51 local->hw.conf.antenna_sel_tx);
89DEBUGFS_READONLY_FILE(antenna_sel_rx, 20, "%d", 52DEBUGFS_READONLY_FILE(antenna_sel_rx, 20, "%d",
@@ -100,8 +63,6 @@ DEBUGFS_READONLY_FILE(long_retry_limit, 20, "%d",
100 local->long_retry_limit); 63 local->long_retry_limit);
101DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d", 64DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d",
102 local->total_ps_buffered); 65 local->total_ps_buffered);
103DEBUGFS_READONLY_FILE(mode, 20, "%s",
104 ieee80211_mode_str(local->hw.conf.phymode));
105DEBUGFS_READONLY_FILE(wep_iv, 20, "%#06x", 66DEBUGFS_READONLY_FILE(wep_iv, 20, "%#06x",
106 local->wep_iv & 0xffffff); 67 local->wep_iv & 0xffffff);
107DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s", 68DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s",
@@ -294,7 +255,6 @@ void debugfs_hw_add(struct ieee80211_local *local)
294 local->debugfs.stations = debugfs_create_dir("stations", phyd); 255 local->debugfs.stations = debugfs_create_dir("stations", phyd);
295 local->debugfs.keys = debugfs_create_dir("keys", phyd); 256 local->debugfs.keys = debugfs_create_dir("keys", phyd);
296 257
297 DEBUGFS_ADD(channel);
298 DEBUGFS_ADD(frequency); 258 DEBUGFS_ADD(frequency);
299 DEBUGFS_ADD(antenna_sel_tx); 259 DEBUGFS_ADD(antenna_sel_tx);
300 DEBUGFS_ADD(antenna_sel_rx); 260 DEBUGFS_ADD(antenna_sel_rx);
@@ -304,9 +264,7 @@ void debugfs_hw_add(struct ieee80211_local *local)
304 DEBUGFS_ADD(short_retry_limit); 264 DEBUGFS_ADD(short_retry_limit);
305 DEBUGFS_ADD(long_retry_limit); 265 DEBUGFS_ADD(long_retry_limit);
306 DEBUGFS_ADD(total_ps_buffered); 266 DEBUGFS_ADD(total_ps_buffered);
307 DEBUGFS_ADD(mode);
308 DEBUGFS_ADD(wep_iv); 267 DEBUGFS_ADD(wep_iv);
309 DEBUGFS_ADD(modes);
310 268
311 statsd = debugfs_create_dir("statistics", phyd); 269 statsd = debugfs_create_dir("statistics", phyd);
312 local->debugfs.statistics = statsd; 270 local->debugfs.statistics = statsd;
@@ -356,7 +314,6 @@ void debugfs_hw_add(struct ieee80211_local *local)
356 314
357void debugfs_hw_del(struct ieee80211_local *local) 315void debugfs_hw_del(struct ieee80211_local *local)
358{ 316{
359 DEBUGFS_DEL(channel);
360 DEBUGFS_DEL(frequency); 317 DEBUGFS_DEL(frequency);
361 DEBUGFS_DEL(antenna_sel_tx); 318 DEBUGFS_DEL(antenna_sel_tx);
362 DEBUGFS_DEL(antenna_sel_rx); 319 DEBUGFS_DEL(antenna_sel_rx);
@@ -366,9 +323,7 @@ void debugfs_hw_del(struct ieee80211_local *local)
366 DEBUGFS_DEL(short_retry_limit); 323 DEBUGFS_DEL(short_retry_limit);
367 DEBUGFS_DEL(long_retry_limit); 324 DEBUGFS_DEL(long_retry_limit);
368 DEBUGFS_DEL(total_ps_buffered); 325 DEBUGFS_DEL(total_ps_buffered);
369 DEBUGFS_DEL(mode);
370 DEBUGFS_DEL(wep_iv); 326 DEBUGFS_DEL(wep_iv);
371 DEBUGFS_DEL(modes);
372 327
373 DEBUGFS_STATS_DEL(transmitted_fragment_count); 328 DEBUGFS_STATS_DEL(transmitted_fragment_count);
374 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count); 329 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count);
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index 829872a3ae81..107b0fe778d6 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -39,6 +39,29 @@ static ssize_t ieee80211_if_read(
39 return ret; 39 return ret;
40} 40}
41 41
42#ifdef CONFIG_MAC80211_MESH
43static ssize_t ieee80211_if_write(
44 struct ieee80211_sub_if_data *sdata,
45 char const __user *userbuf,
46 size_t count, loff_t *ppos,
47 int (*format)(struct ieee80211_sub_if_data *, char *))
48{
49 char buf[10];
50 int buf_size;
51
52 memset(buf, 0x00, sizeof(buf));
53 buf_size = min(count, (sizeof(buf)-1));
54 read_lock(&dev_base_lock);
55 if (copy_from_user(buf, userbuf, buf_size))
56 goto endwrite;
57 if (sdata->dev->reg_state == NETREG_REGISTERED)
58 (*format)(sdata, buf);
59endwrite:
60 read_unlock(&dev_base_lock);
61 return count;
62}
63#endif
64
42#define IEEE80211_IF_FMT(name, field, format_string) \ 65#define IEEE80211_IF_FMT(name, field, format_string) \
43static ssize_t ieee80211_if_fmt_##name( \ 66static ssize_t ieee80211_if_fmt_##name( \
44 const struct ieee80211_sub_if_data *sdata, char *buf, \ 67 const struct ieee80211_sub_if_data *sdata, char *buf, \
@@ -46,6 +69,19 @@ static ssize_t ieee80211_if_fmt_##name( \
46{ \ 69{ \
47 return scnprintf(buf, buflen, format_string, sdata->field); \ 70 return scnprintf(buf, buflen, format_string, sdata->field); \
48} 71}
72#define IEEE80211_IF_WFMT(name, field, type) \
73static int ieee80211_if_wfmt_##name( \
74 struct ieee80211_sub_if_data *sdata, char *buf) \
75{ \
76 unsigned long tmp; \
77 char *endp; \
78 \
79 tmp = simple_strtoul(buf, &endp, 0); \
80 if ((endp == buf) || ((type)tmp != tmp)) \
81 return -EINVAL; \
82 sdata->field = tmp; \
83 return 0; \
84}
49#define IEEE80211_IF_FMT_DEC(name, field) \ 85#define IEEE80211_IF_FMT_DEC(name, field) \
50 IEEE80211_IF_FMT(name, field, "%d\n") 86 IEEE80211_IF_FMT(name, field, "%d\n")
51#define IEEE80211_IF_FMT_HEX(name, field) \ 87#define IEEE80211_IF_FMT_HEX(name, field) \
@@ -88,10 +124,37 @@ static const struct file_operations name##_ops = { \
88 IEEE80211_IF_FMT_##format(name, field) \ 124 IEEE80211_IF_FMT_##format(name, field) \
89 __IEEE80211_IF_FILE(name) 125 __IEEE80211_IF_FILE(name)
90 126
127#define __IEEE80211_IF_WFILE(name) \
128static ssize_t ieee80211_if_read_##name(struct file *file, \
129 char __user *userbuf, \
130 size_t count, loff_t *ppos) \
131{ \
132 return ieee80211_if_read(file->private_data, \
133 userbuf, count, ppos, \
134 ieee80211_if_fmt_##name); \
135} \
136static ssize_t ieee80211_if_write_##name(struct file *file, \
137 const char __user *userbuf, \
138 size_t count, loff_t *ppos) \
139{ \
140 return ieee80211_if_write(file->private_data, \
141 userbuf, count, ppos, \
142 ieee80211_if_wfmt_##name); \
143} \
144static const struct file_operations name##_ops = { \
145 .read = ieee80211_if_read_##name, \
146 .write = ieee80211_if_write_##name, \
147 .open = mac80211_open_file_generic, \
148}
149
150#define IEEE80211_IF_WFILE(name, field, format, type) \
151 IEEE80211_IF_FMT_##format(name, field) \
152 IEEE80211_IF_WFMT(name, field, type) \
153 __IEEE80211_IF_WFILE(name)
154
91/* common attributes */ 155/* common attributes */
92IEEE80211_IF_FILE(channel_use, channel_use, DEC); 156IEEE80211_IF_FILE(channel_use, channel_use, DEC);
93IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC); 157IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
94IEEE80211_IF_FILE(ieee802_1x_pac, ieee802_1x_pac, DEC);
95 158
96/* STA/IBSS attributes */ 159/* STA/IBSS attributes */
97IEEE80211_IF_FILE(state, u.sta.state, DEC); 160IEEE80211_IF_FILE(state, u.sta.state, DEC);
@@ -107,6 +170,7 @@ IEEE80211_IF_FILE(assoc_tries, u.sta.assoc_tries, DEC);
107IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX); 170IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX);
108IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC); 171IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC);
109IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC); 172IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC);
173IEEE80211_IF_FILE(num_beacons_sta, u.sta.num_beacons, DEC);
110 174
111static ssize_t ieee80211_if_fmt_flags( 175static ssize_t ieee80211_if_fmt_flags(
112 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen) 176 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
@@ -140,6 +204,42 @@ __IEEE80211_IF_FILE(num_buffered_multicast);
140/* WDS attributes */ 204/* WDS attributes */
141IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC); 205IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC);
142 206
207#ifdef CONFIG_MAC80211_MESH
208/* Mesh stats attributes */
209IEEE80211_IF_FILE(fwded_frames, u.sta.mshstats.fwded_frames, DEC);
210IEEE80211_IF_FILE(dropped_frames_ttl, u.sta.mshstats.dropped_frames_ttl, DEC);
211IEEE80211_IF_FILE(dropped_frames_no_route,
212 u.sta.mshstats.dropped_frames_no_route, DEC);
213IEEE80211_IF_FILE(estab_plinks, u.sta.mshstats.estab_plinks, ATOMIC);
214
215/* Mesh parameters */
216IEEE80211_IF_WFILE(dot11MeshMaxRetries,
217 u.sta.mshcfg.dot11MeshMaxRetries, DEC, u8);
218IEEE80211_IF_WFILE(dot11MeshRetryTimeout,
219 u.sta.mshcfg.dot11MeshRetryTimeout, DEC, u16);
220IEEE80211_IF_WFILE(dot11MeshConfirmTimeout,
221 u.sta.mshcfg.dot11MeshConfirmTimeout, DEC, u16);
222IEEE80211_IF_WFILE(dot11MeshHoldingTimeout,
223 u.sta.mshcfg.dot11MeshHoldingTimeout, DEC, u16);
224IEEE80211_IF_WFILE(dot11MeshTTL, u.sta.mshcfg.dot11MeshTTL, DEC, u8);
225IEEE80211_IF_WFILE(auto_open_plinks, u.sta.mshcfg.auto_open_plinks, DEC, bool);
226IEEE80211_IF_WFILE(dot11MeshMaxPeerLinks,
227 u.sta.mshcfg.dot11MeshMaxPeerLinks, DEC, u16);
228IEEE80211_IF_WFILE(dot11MeshHWMPactivePathTimeout,
229 u.sta.mshcfg.dot11MeshHWMPactivePathTimeout, DEC, u32);
230IEEE80211_IF_WFILE(dot11MeshHWMPpreqMinInterval,
231 u.sta.mshcfg.dot11MeshHWMPpreqMinInterval, DEC, u16);
232IEEE80211_IF_WFILE(dot11MeshHWMPnetDiameterTraversalTime,
233 u.sta.mshcfg.dot11MeshHWMPnetDiameterTraversalTime, DEC, u16);
234IEEE80211_IF_WFILE(dot11MeshHWMPmaxPREQretries,
235 u.sta.mshcfg.dot11MeshHWMPmaxPREQretries, DEC, u8);
236IEEE80211_IF_WFILE(path_refresh_time,
237 u.sta.mshcfg.path_refresh_time, DEC, u32);
238IEEE80211_IF_WFILE(min_discovery_timeout,
239 u.sta.mshcfg.min_discovery_timeout, DEC, u16);
240#endif
241
242
143#define DEBUGFS_ADD(name, type)\ 243#define DEBUGFS_ADD(name, type)\
144 sdata->debugfs.type.name = debugfs_create_file(#name, 0444,\ 244 sdata->debugfs.type.name = debugfs_create_file(#name, 0444,\
145 sdata->debugfsdir, sdata, &name##_ops); 245 sdata->debugfsdir, sdata, &name##_ops);
@@ -148,7 +248,6 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
148{ 248{
149 DEBUGFS_ADD(channel_use, sta); 249 DEBUGFS_ADD(channel_use, sta);
150 DEBUGFS_ADD(drop_unencrypted, sta); 250 DEBUGFS_ADD(drop_unencrypted, sta);
151 DEBUGFS_ADD(ieee802_1x_pac, sta);
152 DEBUGFS_ADD(state, sta); 251 DEBUGFS_ADD(state, sta);
153 DEBUGFS_ADD(bssid, sta); 252 DEBUGFS_ADD(bssid, sta);
154 DEBUGFS_ADD(prev_bssid, sta); 253 DEBUGFS_ADD(prev_bssid, sta);
@@ -163,13 +262,13 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
163 DEBUGFS_ADD(auth_alg, sta); 262 DEBUGFS_ADD(auth_alg, sta);
164 DEBUGFS_ADD(auth_transaction, sta); 263 DEBUGFS_ADD(auth_transaction, sta);
165 DEBUGFS_ADD(flags, sta); 264 DEBUGFS_ADD(flags, sta);
265 DEBUGFS_ADD(num_beacons_sta, sta);
166} 266}
167 267
168static void add_ap_files(struct ieee80211_sub_if_data *sdata) 268static void add_ap_files(struct ieee80211_sub_if_data *sdata)
169{ 269{
170 DEBUGFS_ADD(channel_use, ap); 270 DEBUGFS_ADD(channel_use, ap);
171 DEBUGFS_ADD(drop_unencrypted, ap); 271 DEBUGFS_ADD(drop_unencrypted, ap);
172 DEBUGFS_ADD(ieee802_1x_pac, ap);
173 DEBUGFS_ADD(num_sta_ps, ap); 272 DEBUGFS_ADD(num_sta_ps, ap);
174 DEBUGFS_ADD(dtim_count, ap); 273 DEBUGFS_ADD(dtim_count, ap);
175 DEBUGFS_ADD(num_beacons, ap); 274 DEBUGFS_ADD(num_beacons, ap);
@@ -182,7 +281,6 @@ static void add_wds_files(struct ieee80211_sub_if_data *sdata)
182{ 281{
183 DEBUGFS_ADD(channel_use, wds); 282 DEBUGFS_ADD(channel_use, wds);
184 DEBUGFS_ADD(drop_unencrypted, wds); 283 DEBUGFS_ADD(drop_unencrypted, wds);
185 DEBUGFS_ADD(ieee802_1x_pac, wds);
186 DEBUGFS_ADD(peer, wds); 284 DEBUGFS_ADD(peer, wds);
187} 285}
188 286
@@ -190,19 +288,63 @@ static void add_vlan_files(struct ieee80211_sub_if_data *sdata)
190{ 288{
191 DEBUGFS_ADD(channel_use, vlan); 289 DEBUGFS_ADD(channel_use, vlan);
192 DEBUGFS_ADD(drop_unencrypted, vlan); 290 DEBUGFS_ADD(drop_unencrypted, vlan);
193 DEBUGFS_ADD(ieee802_1x_pac, vlan);
194} 291}
195 292
196static void add_monitor_files(struct ieee80211_sub_if_data *sdata) 293static void add_monitor_files(struct ieee80211_sub_if_data *sdata)
197{ 294{
198} 295}
199 296
297#ifdef CONFIG_MAC80211_MESH
298#define MESHSTATS_ADD(name)\
299 sdata->mesh_stats.name = debugfs_create_file(#name, 0444,\
300 sdata->mesh_stats_dir, sdata, &name##_ops);
301
302static void add_mesh_stats(struct ieee80211_sub_if_data *sdata)
303{
304 sdata->mesh_stats_dir = debugfs_create_dir("mesh_stats",
305 sdata->debugfsdir);
306 MESHSTATS_ADD(fwded_frames);
307 MESHSTATS_ADD(dropped_frames_ttl);
308 MESHSTATS_ADD(dropped_frames_no_route);
309 MESHSTATS_ADD(estab_plinks);
310}
311
312#define MESHPARAMS_ADD(name)\
313 sdata->mesh_config.name = debugfs_create_file(#name, 0644,\
314 sdata->mesh_config_dir, sdata, &name##_ops);
315
316static void add_mesh_config(struct ieee80211_sub_if_data *sdata)
317{
318 sdata->mesh_config_dir = debugfs_create_dir("mesh_config",
319 sdata->debugfsdir);
320 MESHPARAMS_ADD(dot11MeshMaxRetries);
321 MESHPARAMS_ADD(dot11MeshRetryTimeout);
322 MESHPARAMS_ADD(dot11MeshConfirmTimeout);
323 MESHPARAMS_ADD(dot11MeshHoldingTimeout);
324 MESHPARAMS_ADD(dot11MeshTTL);
325 MESHPARAMS_ADD(auto_open_plinks);
326 MESHPARAMS_ADD(dot11MeshMaxPeerLinks);
327 MESHPARAMS_ADD(dot11MeshHWMPactivePathTimeout);
328 MESHPARAMS_ADD(dot11MeshHWMPpreqMinInterval);
329 MESHPARAMS_ADD(dot11MeshHWMPnetDiameterTraversalTime);
330 MESHPARAMS_ADD(dot11MeshHWMPmaxPREQretries);
331 MESHPARAMS_ADD(path_refresh_time);
332 MESHPARAMS_ADD(min_discovery_timeout);
333}
334#endif
335
200static void add_files(struct ieee80211_sub_if_data *sdata) 336static void add_files(struct ieee80211_sub_if_data *sdata)
201{ 337{
202 if (!sdata->debugfsdir) 338 if (!sdata->debugfsdir)
203 return; 339 return;
204 340
205 switch (sdata->vif.type) { 341 switch (sdata->vif.type) {
342 case IEEE80211_IF_TYPE_MESH_POINT:
343#ifdef CONFIG_MAC80211_MESH
344 add_mesh_stats(sdata);
345 add_mesh_config(sdata);
346#endif
347 /* fall through */
206 case IEEE80211_IF_TYPE_STA: 348 case IEEE80211_IF_TYPE_STA:
207 case IEEE80211_IF_TYPE_IBSS: 349 case IEEE80211_IF_TYPE_IBSS:
208 add_sta_files(sdata); 350 add_sta_files(sdata);
@@ -234,7 +376,6 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
234{ 376{
235 DEBUGFS_DEL(channel_use, sta); 377 DEBUGFS_DEL(channel_use, sta);
236 DEBUGFS_DEL(drop_unencrypted, sta); 378 DEBUGFS_DEL(drop_unencrypted, sta);
237 DEBUGFS_DEL(ieee802_1x_pac, sta);
238 DEBUGFS_DEL(state, sta); 379 DEBUGFS_DEL(state, sta);
239 DEBUGFS_DEL(bssid, sta); 380 DEBUGFS_DEL(bssid, sta);
240 DEBUGFS_DEL(prev_bssid, sta); 381 DEBUGFS_DEL(prev_bssid, sta);
@@ -249,13 +390,13 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
249 DEBUGFS_DEL(auth_alg, sta); 390 DEBUGFS_DEL(auth_alg, sta);
250 DEBUGFS_DEL(auth_transaction, sta); 391 DEBUGFS_DEL(auth_transaction, sta);
251 DEBUGFS_DEL(flags, sta); 392 DEBUGFS_DEL(flags, sta);
393 DEBUGFS_DEL(num_beacons_sta, sta);
252} 394}
253 395
254static void del_ap_files(struct ieee80211_sub_if_data *sdata) 396static void del_ap_files(struct ieee80211_sub_if_data *sdata)
255{ 397{
256 DEBUGFS_DEL(channel_use, ap); 398 DEBUGFS_DEL(channel_use, ap);
257 DEBUGFS_DEL(drop_unencrypted, ap); 399 DEBUGFS_DEL(drop_unencrypted, ap);
258 DEBUGFS_DEL(ieee802_1x_pac, ap);
259 DEBUGFS_DEL(num_sta_ps, ap); 400 DEBUGFS_DEL(num_sta_ps, ap);
260 DEBUGFS_DEL(dtim_count, ap); 401 DEBUGFS_DEL(dtim_count, ap);
261 DEBUGFS_DEL(num_beacons, ap); 402 DEBUGFS_DEL(num_beacons, ap);
@@ -268,7 +409,6 @@ static void del_wds_files(struct ieee80211_sub_if_data *sdata)
268{ 409{
269 DEBUGFS_DEL(channel_use, wds); 410 DEBUGFS_DEL(channel_use, wds);
270 DEBUGFS_DEL(drop_unencrypted, wds); 411 DEBUGFS_DEL(drop_unencrypted, wds);
271 DEBUGFS_DEL(ieee802_1x_pac, wds);
272 DEBUGFS_DEL(peer, wds); 412 DEBUGFS_DEL(peer, wds);
273} 413}
274 414
@@ -276,19 +416,67 @@ static void del_vlan_files(struct ieee80211_sub_if_data *sdata)
276{ 416{
277 DEBUGFS_DEL(channel_use, vlan); 417 DEBUGFS_DEL(channel_use, vlan);
278 DEBUGFS_DEL(drop_unencrypted, vlan); 418 DEBUGFS_DEL(drop_unencrypted, vlan);
279 DEBUGFS_DEL(ieee802_1x_pac, vlan);
280} 419}
281 420
282static void del_monitor_files(struct ieee80211_sub_if_data *sdata) 421static void del_monitor_files(struct ieee80211_sub_if_data *sdata)
283{ 422{
284} 423}
285 424
425#ifdef CONFIG_MAC80211_MESH
426#define MESHSTATS_DEL(name) \
427 do { \
428 debugfs_remove(sdata->mesh_stats.name); \
429 sdata->mesh_stats.name = NULL; \
430 } while (0)
431
432static void del_mesh_stats(struct ieee80211_sub_if_data *sdata)
433{
434 MESHSTATS_DEL(fwded_frames);
435 MESHSTATS_DEL(dropped_frames_ttl);
436 MESHSTATS_DEL(dropped_frames_no_route);
437 MESHSTATS_DEL(estab_plinks);
438 debugfs_remove(sdata->mesh_stats_dir);
439 sdata->mesh_stats_dir = NULL;
440}
441
442#define MESHPARAMS_DEL(name) \
443 do { \
444 debugfs_remove(sdata->mesh_config.name); \
445 sdata->mesh_config.name = NULL; \
446 } while (0)
447
448static void del_mesh_config(struct ieee80211_sub_if_data *sdata)
449{
450 MESHPARAMS_DEL(dot11MeshMaxRetries);
451 MESHPARAMS_DEL(dot11MeshRetryTimeout);
452 MESHPARAMS_DEL(dot11MeshConfirmTimeout);
453 MESHPARAMS_DEL(dot11MeshHoldingTimeout);
454 MESHPARAMS_DEL(dot11MeshTTL);
455 MESHPARAMS_DEL(auto_open_plinks);
456 MESHPARAMS_DEL(dot11MeshMaxPeerLinks);
457 MESHPARAMS_DEL(dot11MeshHWMPactivePathTimeout);
458 MESHPARAMS_DEL(dot11MeshHWMPpreqMinInterval);
459 MESHPARAMS_DEL(dot11MeshHWMPnetDiameterTraversalTime);
460 MESHPARAMS_DEL(dot11MeshHWMPmaxPREQretries);
461 MESHPARAMS_DEL(path_refresh_time);
462 MESHPARAMS_DEL(min_discovery_timeout);
463 debugfs_remove(sdata->mesh_config_dir);
464 sdata->mesh_config_dir = NULL;
465}
466#endif
467
286static void del_files(struct ieee80211_sub_if_data *sdata, int type) 468static void del_files(struct ieee80211_sub_if_data *sdata, int type)
287{ 469{
288 if (!sdata->debugfsdir) 470 if (!sdata->debugfsdir)
289 return; 471 return;
290 472
291 switch (type) { 473 switch (type) {
474 case IEEE80211_IF_TYPE_MESH_POINT:
475#ifdef CONFIG_MAC80211_MESH
476 del_mesh_stats(sdata);
477 del_mesh_config(sdata);
478#endif
479 /* fall through */
292 case IEEE80211_IF_TYPE_STA: 480 case IEEE80211_IF_TYPE_STA:
293 case IEEE80211_IF_TYPE_IBSS: 481 case IEEE80211_IF_TYPE_IBSS:
294 del_sta_files(sdata); 482 del_sta_files(sdata);
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index 8f5944c53d4e..256ea880d28b 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -33,25 +33,16 @@ static ssize_t sta_ ##name## _read(struct file *file, \
33#define STA_READ_LU(name, field) STA_READ(name, 20, field, "%lu\n") 33#define STA_READ_LU(name, field) STA_READ(name, 20, field, "%lu\n")
34#define STA_READ_S(name, field) STA_READ(name, 20, field, "%s\n") 34#define STA_READ_S(name, field) STA_READ(name, 20, field, "%s\n")
35 35
36#define STA_READ_RATE(name, field) \ 36#define STA_OPS(name) \
37static ssize_t sta_##name##_read(struct file *file, \ 37static const struct file_operations sta_ ##name## _ops = { \
38 char __user *userbuf, \ 38 .read = sta_##name##_read, \
39 size_t count, loff_t *ppos) \ 39 .open = mac80211_open_file_generic, \
40{ \
41 struct sta_info *sta = file->private_data; \
42 struct ieee80211_local *local = wdev_priv(sta->dev->ieee80211_ptr);\
43 struct ieee80211_hw_mode *mode = local->oper_hw_mode; \
44 char buf[20]; \
45 int res = scnprintf(buf, sizeof(buf), "%d\n", \
46 (sta->field >= 0 && \
47 sta->field < mode->num_rates) ? \
48 mode->rates[sta->field].rate : -1); \
49 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
50} 40}
51 41
52#define STA_OPS(name) \ 42#define STA_OPS_WR(name) \
53static const struct file_operations sta_ ##name## _ops = { \ 43static const struct file_operations sta_ ##name## _ops = { \
54 .read = sta_##name##_read, \ 44 .read = sta_##name##_read, \
45 .write = sta_##name##_write, \
55 .open = mac80211_open_file_generic, \ 46 .open = mac80211_open_file_generic, \
56} 47}
57 48
@@ -60,7 +51,7 @@ static const struct file_operations sta_ ##name## _ops = { \
60 STA_OPS(name) 51 STA_OPS(name)
61 52
62STA_FILE(aid, aid, D); 53STA_FILE(aid, aid, D);
63STA_FILE(dev, dev->name, S); 54STA_FILE(dev, sdata->dev->name, S);
64STA_FILE(rx_packets, rx_packets, LU); 55STA_FILE(rx_packets, rx_packets, LU);
65STA_FILE(tx_packets, tx_packets, LU); 56STA_FILE(tx_packets, tx_packets, LU);
66STA_FILE(rx_bytes, rx_bytes, LU); 57STA_FILE(rx_bytes, rx_bytes, LU);
@@ -70,27 +61,23 @@ STA_FILE(rx_fragments, rx_fragments, LU);
70STA_FILE(rx_dropped, rx_dropped, LU); 61STA_FILE(rx_dropped, rx_dropped, LU);
71STA_FILE(tx_fragments, tx_fragments, LU); 62STA_FILE(tx_fragments, tx_fragments, LU);
72STA_FILE(tx_filtered, tx_filtered_count, LU); 63STA_FILE(tx_filtered, tx_filtered_count, LU);
73STA_FILE(txrate, txrate, RATE);
74STA_FILE(last_txrate, last_txrate, RATE);
75STA_FILE(tx_retry_failed, tx_retry_failed, LU); 64STA_FILE(tx_retry_failed, tx_retry_failed, LU);
76STA_FILE(tx_retry_count, tx_retry_count, LU); 65STA_FILE(tx_retry_count, tx_retry_count, LU);
77STA_FILE(last_rssi, last_rssi, D); 66STA_FILE(last_rssi, last_rssi, D);
78STA_FILE(last_signal, last_signal, D); 67STA_FILE(last_signal, last_signal, D);
79STA_FILE(last_noise, last_noise, D); 68STA_FILE(last_noise, last_noise, D);
80STA_FILE(channel_use, channel_use, D); 69STA_FILE(channel_use, channel_use, D);
81STA_FILE(wep_weak_iv_count, wep_weak_iv_count, D); 70STA_FILE(wep_weak_iv_count, wep_weak_iv_count, LU);
82 71
83static ssize_t sta_flags_read(struct file *file, char __user *userbuf, 72static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
84 size_t count, loff_t *ppos) 73 size_t count, loff_t *ppos)
85{ 74{
86 char buf[100]; 75 char buf[100];
87 struct sta_info *sta = file->private_data; 76 struct sta_info *sta = file->private_data;
88 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s%s", 77 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s",
89 sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "", 78 sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "",
90 sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "", 79 sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "",
91 sta->flags & WLAN_STA_PS ? "PS\n" : "", 80 sta->flags & WLAN_STA_PS ? "PS\n" : "",
92 sta->flags & WLAN_STA_TIM ? "TIM\n" : "",
93 sta->flags & WLAN_STA_PERM ? "PERM\n" : "",
94 sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "", 81 sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "",
95 sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "", 82 sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "",
96 sta->flags & WLAN_STA_WME ? "WME\n" : "", 83 sta->flags & WLAN_STA_WME ? "WME\n" : "",
@@ -111,31 +98,6 @@ static ssize_t sta_num_ps_buf_frames_read(struct file *file,
111} 98}
112STA_OPS(num_ps_buf_frames); 99STA_OPS(num_ps_buf_frames);
113 100
114static ssize_t sta_last_ack_rssi_read(struct file *file, char __user *userbuf,
115 size_t count, loff_t *ppos)
116{
117 char buf[100];
118 struct sta_info *sta = file->private_data;
119 int res = scnprintf(buf, sizeof(buf), "%d %d %d\n",
120 sta->last_ack_rssi[0],
121 sta->last_ack_rssi[1],
122 sta->last_ack_rssi[2]);
123 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
124}
125STA_OPS(last_ack_rssi);
126
127static ssize_t sta_last_ack_ms_read(struct file *file, char __user *userbuf,
128 size_t count, loff_t *ppos)
129{
130 char buf[20];
131 struct sta_info *sta = file->private_data;
132 int res = scnprintf(buf, sizeof(buf), "%d\n",
133 sta->last_ack ?
134 jiffies_to_msecs(jiffies - sta->last_ack) : -1);
135 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
136}
137STA_OPS(last_ack_ms);
138
139static ssize_t sta_inactive_ms_read(struct file *file, char __user *userbuf, 101static ssize_t sta_inactive_ms_read(struct file *file, char __user *userbuf,
140 size_t count, loff_t *ppos) 102 size_t count, loff_t *ppos)
141{ 103{
@@ -191,6 +153,118 @@ static ssize_t sta_wme_tx_queue_read(struct file *file, char __user *userbuf,
191STA_OPS(wme_tx_queue); 153STA_OPS(wme_tx_queue);
192#endif 154#endif
193 155
156static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf,
157 size_t count, loff_t *ppos)
158{
159 char buf[768], *p = buf;
160 int i;
161 struct sta_info *sta = file->private_data;
162 p += scnprintf(p, sizeof(buf)+buf-p, "Agg state for STA is:\n");
163 p += scnprintf(p, sizeof(buf)+buf-p, " STA next dialog_token is %d \n "
164 "TIDs info is: \n TID :",
165 (sta->ampdu_mlme.dialog_token_allocator + 1));
166 for (i = 0; i < STA_TID_NUM; i++)
167 p += scnprintf(p, sizeof(buf)+buf-p, "%5d", i);
168
169 p += scnprintf(p, sizeof(buf)+buf-p, "\n RX :");
170 for (i = 0; i < STA_TID_NUM; i++)
171 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
172 sta->ampdu_mlme.tid_state_rx[i]);
173
174 p += scnprintf(p, sizeof(buf)+buf-p, "\n DTKN:");
175 for (i = 0; i < STA_TID_NUM; i++)
176 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
177 sta->ampdu_mlme.tid_state_rx[i]?
178 sta->ampdu_mlme.tid_rx[i]->dialog_token : 0);
179
180 p += scnprintf(p, sizeof(buf)+buf-p, "\n TX :");
181 for (i = 0; i < STA_TID_NUM; i++)
182 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
183 sta->ampdu_mlme.tid_state_tx[i]);
184
185 p += scnprintf(p, sizeof(buf)+buf-p, "\n DTKN:");
186 for (i = 0; i < STA_TID_NUM; i++)
187 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
188 sta->ampdu_mlme.tid_state_tx[i]?
189 sta->ampdu_mlme.tid_tx[i]->dialog_token : 0);
190
191 p += scnprintf(p, sizeof(buf)+buf-p, "\n SSN :");
192 for (i = 0; i < STA_TID_NUM; i++)
193 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
194 sta->ampdu_mlme.tid_state_tx[i]?
195 sta->ampdu_mlme.tid_tx[i]->ssn : 0);
196
197 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
198
199 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
200}
201
202static ssize_t sta_agg_status_write(struct file *file,
203 const char __user *user_buf, size_t count, loff_t *ppos)
204{
205 struct sta_info *sta = file->private_data;
206 struct net_device *dev = sta->sdata->dev;
207 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
208 struct ieee80211_hw *hw = &local->hw;
209 u8 *da = sta->addr;
210 static int tid_static_tx[16] = {0, 0, 0, 0, 0, 0, 0, 0,
211 0, 0, 0, 0, 0, 0, 0, 0};
212 static int tid_static_rx[16] = {1, 1, 1, 1, 1, 1, 1, 1,
213 1, 1, 1, 1, 1, 1, 1, 1};
214 char *endp;
215 char buf[32];
216 int buf_size, rs;
217 unsigned int tid_num;
218 char state[4];
219
220 memset(buf, 0x00, sizeof(buf));
221 buf_size = min(count, (sizeof(buf)-1));
222 if (copy_from_user(buf, user_buf, buf_size))
223 return -EFAULT;
224
225 tid_num = simple_strtoul(buf, &endp, 0);
226 if (endp == buf)
227 return -EINVAL;
228
229 if ((tid_num >= 100) && (tid_num <= 115)) {
230 /* toggle Rx aggregation command */
231 tid_num = tid_num - 100;
232 if (tid_static_rx[tid_num] == 1) {
233 strcpy(state, "off ");
234 ieee80211_sta_stop_rx_ba_session(dev, da, tid_num, 0,
235 WLAN_REASON_QSTA_REQUIRE_SETUP);
236 sta->ampdu_mlme.tid_state_rx[tid_num] |=
237 HT_AGG_STATE_DEBUGFS_CTL;
238 tid_static_rx[tid_num] = 0;
239 } else {
240 strcpy(state, "on ");
241 sta->ampdu_mlme.tid_state_rx[tid_num] &=
242 ~HT_AGG_STATE_DEBUGFS_CTL;
243 tid_static_rx[tid_num] = 1;
244 }
245 printk(KERN_DEBUG "debugfs - try switching tid %u %s\n",
246 tid_num, state);
247 } else if ((tid_num >= 0) && (tid_num <= 15)) {
248 /* toggle Tx aggregation command */
249 if (tid_static_tx[tid_num] == 0) {
250 strcpy(state, "on ");
251 rs = ieee80211_start_tx_ba_session(hw, da, tid_num);
252 if (rs == 0)
253 tid_static_tx[tid_num] = 1;
254 } else {
255 strcpy(state, "off");
256 rs = ieee80211_stop_tx_ba_session(hw, da, tid_num, 1);
257 if (rs == 0)
258 tid_static_tx[tid_num] = 0;
259 }
260 printk(KERN_DEBUG "debugfs - switching tid %u %s, return=%d\n",
261 tid_num, state, rs);
262 }
263
264 return count;
265}
266STA_OPS_WR(agg_status);
267
194#define DEBUGFS_ADD(name) \ 268#define DEBUGFS_ADD(name) \
195 sta->debugfs.name = debugfs_create_file(#name, 0444, \ 269 sta->debugfs.name = debugfs_create_file(#name, 0444, \
196 sta->debugfs.dir, sta, &sta_ ##name## _ops); 270 sta->debugfs.dir, sta, &sta_ ##name## _ops);
@@ -203,12 +277,13 @@ STA_OPS(wme_tx_queue);
203void ieee80211_sta_debugfs_add(struct sta_info *sta) 277void ieee80211_sta_debugfs_add(struct sta_info *sta)
204{ 278{
205 struct dentry *stations_dir = sta->local->debugfs.stations; 279 struct dentry *stations_dir = sta->local->debugfs.stations;
206 DECLARE_MAC_BUF(mac); 280 DECLARE_MAC_BUF(mbuf);
281 u8 *mac;
207 282
208 if (!stations_dir) 283 if (!stations_dir)
209 return; 284 return;
210 285
211 print_mac(mac, sta->addr); 286 mac = print_mac(mbuf, sta->addr);
212 287
213 sta->debugfs.dir = debugfs_create_dir(mac, stations_dir); 288 sta->debugfs.dir = debugfs_create_dir(mac, stations_dir);
214 if (!sta->debugfs.dir) 289 if (!sta->debugfs.dir)
@@ -216,28 +291,26 @@ void ieee80211_sta_debugfs_add(struct sta_info *sta)
216 291
217 DEBUGFS_ADD(flags); 292 DEBUGFS_ADD(flags);
218 DEBUGFS_ADD(num_ps_buf_frames); 293 DEBUGFS_ADD(num_ps_buf_frames);
219 DEBUGFS_ADD(last_ack_rssi);
220 DEBUGFS_ADD(last_ack_ms);
221 DEBUGFS_ADD(inactive_ms); 294 DEBUGFS_ADD(inactive_ms);
222 DEBUGFS_ADD(last_seq_ctrl); 295 DEBUGFS_ADD(last_seq_ctrl);
223#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 296#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
224 DEBUGFS_ADD(wme_rx_queue); 297 DEBUGFS_ADD(wme_rx_queue);
225 DEBUGFS_ADD(wme_tx_queue); 298 DEBUGFS_ADD(wme_tx_queue);
226#endif 299#endif
300 DEBUGFS_ADD(agg_status);
227} 301}
228 302
229void ieee80211_sta_debugfs_remove(struct sta_info *sta) 303void ieee80211_sta_debugfs_remove(struct sta_info *sta)
230{ 304{
231 DEBUGFS_DEL(flags); 305 DEBUGFS_DEL(flags);
232 DEBUGFS_DEL(num_ps_buf_frames); 306 DEBUGFS_DEL(num_ps_buf_frames);
233 DEBUGFS_DEL(last_ack_rssi);
234 DEBUGFS_DEL(last_ack_ms);
235 DEBUGFS_DEL(inactive_ms); 307 DEBUGFS_DEL(inactive_ms);
236 DEBUGFS_DEL(last_seq_ctrl); 308 DEBUGFS_DEL(last_seq_ctrl);
237#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 309#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
238 DEBUGFS_DEL(wme_rx_queue); 310 DEBUGFS_DEL(wme_rx_queue);
239 DEBUGFS_DEL(wme_tx_queue); 311 DEBUGFS_DEL(wme_tx_queue);
240#endif 312#endif
313 DEBUGFS_DEL(agg_status);
241 314
242 debugfs_remove(sta->debugfs.dir); 315 debugfs_remove(sta->debugfs.dir);
243 sta->debugfs.dir = NULL; 316 sta->debugfs.dir = NULL;
diff --git a/net/mac80211/debugfs_sta.h b/net/mac80211/debugfs_sta.h
index 574a1cd54b96..8b608903259f 100644
--- a/net/mac80211/debugfs_sta.h
+++ b/net/mac80211/debugfs_sta.h
@@ -1,6 +1,8 @@
1#ifndef __MAC80211_DEBUGFS_STA_H 1#ifndef __MAC80211_DEBUGFS_STA_H
2#define __MAC80211_DEBUGFS_STA_H 2#define __MAC80211_DEBUGFS_STA_H
3 3
4#include "sta_info.h"
5
4#ifdef CONFIG_MAC80211_DEBUGFS 6#ifdef CONFIG_MAC80211_DEBUGFS
5void ieee80211_sta_debugfs_add(struct sta_info *sta); 7void ieee80211_sta_debugfs_add(struct sta_info *sta);
6void ieee80211_sta_debugfs_remove(struct sta_info *sta); 8void ieee80211_sta_debugfs_remove(struct sta_info *sta);
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c
index 28bcdf9fc3df..8c0f782d21e3 100644
--- a/net/mac80211/ieee80211.c
+++ b/net/mac80211/ieee80211.c
@@ -26,6 +26,7 @@
26 26
27#include "ieee80211_i.h" 27#include "ieee80211_i.h"
28#include "ieee80211_rate.h" 28#include "ieee80211_rate.h"
29#include "mesh.h"
29#include "wep.h" 30#include "wep.h"
30#include "wme.h" 31#include "wme.h"
31#include "aes_ccm.h" 32#include "aes_ccm.h"
@@ -67,9 +68,19 @@ static void ieee80211_configure_filter(struct ieee80211_local *local)
67 new_flags |= FIF_ALLMULTI; 68 new_flags |= FIF_ALLMULTI;
68 69
69 if (local->monitors) 70 if (local->monitors)
70 new_flags |= FIF_CONTROL | 71 new_flags |= FIF_BCN_PRBRESP_PROMISC;
71 FIF_OTHER_BSS | 72
72 FIF_BCN_PRBRESP_PROMISC; 73 if (local->fif_fcsfail)
74 new_flags |= FIF_FCSFAIL;
75
76 if (local->fif_plcpfail)
77 new_flags |= FIF_PLCPFAIL;
78
79 if (local->fif_control)
80 new_flags |= FIF_CONTROL;
81
82 if (local->fif_other_bss)
83 new_flags |= FIF_OTHER_BSS;
73 84
74 changed_flags = local->filter_flags ^ new_flags; 85 changed_flags = local->filter_flags ^ new_flags;
75 86
@@ -128,9 +139,15 @@ static void ieee80211_master_set_multicast_list(struct net_device *dev)
128 139
129static int ieee80211_change_mtu(struct net_device *dev, int new_mtu) 140static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
130{ 141{
142 int meshhdrlen;
143 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
144
145 meshhdrlen = (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT) ? 5 : 0;
146
131 /* FIX: what would be proper limits for MTU? 147 /* FIX: what would be proper limits for MTU?
132 * This interface uses 802.3 frames. */ 148 * This interface uses 802.3 frames. */
133 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6) { 149 if (new_mtu < 256 ||
150 new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6 - meshhdrlen) {
134 printk(KERN_WARNING "%s: invalid MTU %d\n", 151 printk(KERN_WARNING "%s: invalid MTU %d\n",
135 dev->name, new_mtu); 152 dev->name, new_mtu);
136 return -EINVAL; 153 return -EINVAL;
@@ -166,6 +183,7 @@ static int ieee80211_open(struct net_device *dev)
166 struct ieee80211_if_init_conf conf; 183 struct ieee80211_if_init_conf conf;
167 int res; 184 int res;
168 bool need_hw_reconfig = 0; 185 bool need_hw_reconfig = 0;
186 struct sta_info *sta;
169 187
170 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 188 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
171 189
@@ -173,8 +191,52 @@ static int ieee80211_open(struct net_device *dev)
173 list_for_each_entry(nsdata, &local->interfaces, list) { 191 list_for_each_entry(nsdata, &local->interfaces, list) {
174 struct net_device *ndev = nsdata->dev; 192 struct net_device *ndev = nsdata->dev;
175 193
176 if (ndev != dev && ndev != local->mdev && netif_running(ndev) && 194 if (ndev != dev && ndev != local->mdev && netif_running(ndev)) {
177 compare_ether_addr(dev->dev_addr, ndev->dev_addr) == 0) { 195 /*
196 * Allow only a single IBSS interface to be up at any
197 * time. This is restricted because beacon distribution
198 * cannot work properly if both are in the same IBSS.
199 *
200 * To remove this restriction we'd have to disallow them
201 * from setting the same SSID on different IBSS interfaces
202 * belonging to the same hardware. Then, however, we're
203 * faced with having to adopt two different TSF timers...
204 */
205 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
206 nsdata->vif.type == IEEE80211_IF_TYPE_IBSS)
207 return -EBUSY;
208
209 /*
210 * Disallow multiple IBSS/STA mode interfaces.
211 *
212 * This is a technical restriction, it is possible although
213 * most likely not IEEE 802.11 compliant to have multiple
214 * STAs with just a single hardware (the TSF timer will not
215 * be adjusted properly.)
216 *
217 * However, because mac80211 uses the master device's BSS
218 * information for each STA/IBSS interface, doing this will
219 * currently corrupt that BSS information completely, unless,
220 * a not very useful case, both STAs are associated to the
221 * same BSS.
222 *
223 * To remove this restriction, the BSS information needs to
224 * be embedded in the STA/IBSS mode sdata instead of using
225 * the master device's BSS structure.
226 */
227 if ((sdata->vif.type == IEEE80211_IF_TYPE_STA ||
228 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) &&
229 (nsdata->vif.type == IEEE80211_IF_TYPE_STA ||
230 nsdata->vif.type == IEEE80211_IF_TYPE_IBSS))
231 return -EBUSY;
232
233 /*
234 * The remaining checks are only performed for interfaces
235 * with the same MAC address.
236 */
237 if (compare_ether_addr(dev->dev_addr, ndev->dev_addr))
238 continue;
239
178 /* 240 /*
179 * check whether it may have the same address 241 * check whether it may have the same address
180 */ 242 */
@@ -186,8 +248,7 @@ static int ieee80211_open(struct net_device *dev)
186 * can only add VLANs to enabled APs 248 * can only add VLANs to enabled APs
187 */ 249 */
188 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN && 250 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN &&
189 nsdata->vif.type == IEEE80211_IF_TYPE_AP && 251 nsdata->vif.type == IEEE80211_IF_TYPE_AP)
190 netif_running(nsdata->dev))
191 sdata->u.vlan.ap = nsdata; 252 sdata->u.vlan.ap = nsdata;
192 } 253 }
193 } 254 }
@@ -196,6 +257,20 @@ static int ieee80211_open(struct net_device *dev)
196 case IEEE80211_IF_TYPE_WDS: 257 case IEEE80211_IF_TYPE_WDS:
197 if (is_zero_ether_addr(sdata->u.wds.remote_addr)) 258 if (is_zero_ether_addr(sdata->u.wds.remote_addr))
198 return -ENOLINK; 259 return -ENOLINK;
260
261 /* Create STA entry for the WDS peer */
262 sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
263 GFP_KERNEL);
264 if (!sta)
265 return -ENOMEM;
266
267 sta->flags |= WLAN_STA_AUTHORIZED;
268
269 res = sta_info_insert(sta);
270 if (res) {
271 sta_info_destroy(sta);
272 return res;
273 }
199 break; 274 break;
200 case IEEE80211_IF_TYPE_VLAN: 275 case IEEE80211_IF_TYPE_VLAN:
201 if (!sdata->u.vlan.ap) 276 if (!sdata->u.vlan.ap)
@@ -205,6 +280,7 @@ static int ieee80211_open(struct net_device *dev)
205 case IEEE80211_IF_TYPE_STA: 280 case IEEE80211_IF_TYPE_STA:
206 case IEEE80211_IF_TYPE_MNTR: 281 case IEEE80211_IF_TYPE_MNTR:
207 case IEEE80211_IF_TYPE_IBSS: 282 case IEEE80211_IF_TYPE_IBSS:
283 case IEEE80211_IF_TYPE_MESH_POINT:
208 /* no special treatment */ 284 /* no special treatment */
209 break; 285 break;
210 case IEEE80211_IF_TYPE_INVALID: 286 case IEEE80211_IF_TYPE_INVALID:
@@ -229,15 +305,28 @@ static int ieee80211_open(struct net_device *dev)
229 /* no need to tell driver */ 305 /* no need to tell driver */
230 break; 306 break;
231 case IEEE80211_IF_TYPE_MNTR: 307 case IEEE80211_IF_TYPE_MNTR:
308 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) {
309 local->cooked_mntrs++;
310 break;
311 }
312
232 /* must be before the call to ieee80211_configure_filter */ 313 /* must be before the call to ieee80211_configure_filter */
233 local->monitors++; 314 local->monitors++;
234 if (local->monitors == 1) { 315 if (local->monitors == 1)
235 netif_tx_lock_bh(local->mdev);
236 ieee80211_configure_filter(local);
237 netif_tx_unlock_bh(local->mdev);
238
239 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP; 316 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
240 } 317
318 if (sdata->u.mntr_flags & MONITOR_FLAG_FCSFAIL)
319 local->fif_fcsfail++;
320 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL)
321 local->fif_plcpfail++;
322 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL)
323 local->fif_control++;
324 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
325 local->fif_other_bss++;
326
327 netif_tx_lock_bh(local->mdev);
328 ieee80211_configure_filter(local);
329 netif_tx_unlock_bh(local->mdev);
241 break; 330 break;
242 case IEEE80211_IF_TYPE_STA: 331 case IEEE80211_IF_TYPE_STA:
243 case IEEE80211_IF_TYPE_IBSS: 332 case IEEE80211_IF_TYPE_IBSS:
@@ -293,24 +382,46 @@ static int ieee80211_open(struct net_device *dev)
293 382
294static int ieee80211_stop(struct net_device *dev) 383static int ieee80211_stop(struct net_device *dev)
295{ 384{
296 struct ieee80211_sub_if_data *sdata; 385 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
297 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 386 struct ieee80211_local *local = sdata->local;
298 struct ieee80211_if_init_conf conf; 387 struct ieee80211_if_init_conf conf;
299 struct sta_info *sta; 388 struct sta_info *sta;
300 int i;
301 389
302 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 390 /*
391 * Stop TX on this interface first.
392 */
393 netif_stop_queue(dev);
303 394
304 list_for_each_entry(sta, &local->sta_list, list) { 395 /*
305 if (sta->dev == dev) 396 * Now delete all active aggregation sessions.
306 for (i = 0; i < STA_TID_NUM; i++) 397 */
307 ieee80211_sta_stop_rx_ba_session(sta->dev, 398 rcu_read_lock();
308 sta->addr, i, 399
309 WLAN_BACK_RECIPIENT, 400 list_for_each_entry_rcu(sta, &local->sta_list, list) {
310 WLAN_REASON_QSTA_LEAVE_QBSS); 401 if (sta->sdata == sdata)
402 ieee80211_sta_tear_down_BA_sessions(dev, sta->addr);
311 } 403 }
312 404
313 netif_stop_queue(dev); 405 rcu_read_unlock();
406
407 /*
408 * Remove all stations associated with this interface.
409 *
410 * This must be done before calling ops->remove_interface()
411 * because otherwise we can later invoke ops->sta_notify()
412 * whenever the STAs are removed, and that invalidates driver
413 * assumptions about always getting a vif pointer that is valid
414 * (because if we remove a STA after ops->remove_interface()
415 * the driver will have removed the vif info already!)
416 *
417 * We could relax this and only unlink the stations from the
418 * hash table and list but keep them on a per-sdata list that
419 * will be inserted back again when the interface is brought
420 * up again, but I don't currently see a use case for that,
421 * except with WDS which gets a STA entry created when it is
422 * brought up.
423 */
424 sta_info_flush(local, sdata);
314 425
315 /* 426 /*
316 * Don't count this interface for promisc/allmulti while it 427 * Don't count this interface for promisc/allmulti while it
@@ -352,15 +463,29 @@ static int ieee80211_stop(struct net_device *dev)
352 /* no need to tell driver */ 463 /* no need to tell driver */
353 break; 464 break;
354 case IEEE80211_IF_TYPE_MNTR: 465 case IEEE80211_IF_TYPE_MNTR:
355 local->monitors--; 466 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) {
356 if (local->monitors == 0) { 467 local->cooked_mntrs--;
357 netif_tx_lock_bh(local->mdev); 468 break;
358 ieee80211_configure_filter(local); 469 }
359 netif_tx_unlock_bh(local->mdev);
360 470
471 local->monitors--;
472 if (local->monitors == 0)
361 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP; 473 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
362 } 474
475 if (sdata->u.mntr_flags & MONITOR_FLAG_FCSFAIL)
476 local->fif_fcsfail--;
477 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL)
478 local->fif_plcpfail--;
479 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL)
480 local->fif_control--;
481 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
482 local->fif_other_bss--;
483
484 netif_tx_lock_bh(local->mdev);
485 ieee80211_configure_filter(local);
486 netif_tx_unlock_bh(local->mdev);
363 break; 487 break;
488 case IEEE80211_IF_TYPE_MESH_POINT:
364 case IEEE80211_IF_TYPE_STA: 489 case IEEE80211_IF_TYPE_STA:
365 case IEEE80211_IF_TYPE_IBSS: 490 case IEEE80211_IF_TYPE_IBSS:
366 sdata->u.sta.state = IEEE80211_DISABLED; 491 sdata->u.sta.state = IEEE80211_DISABLED;
@@ -414,6 +539,359 @@ static int ieee80211_stop(struct net_device *dev)
414 return 0; 539 return 0;
415} 540}
416 541
542int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
543{
544 struct ieee80211_local *local = hw_to_local(hw);
545 struct sta_info *sta;
546 struct ieee80211_sub_if_data *sdata;
547 u16 start_seq_num = 0;
548 u8 *state;
549 int ret;
550 DECLARE_MAC_BUF(mac);
551
552 if (tid >= STA_TID_NUM)
553 return -EINVAL;
554
555#ifdef CONFIG_MAC80211_HT_DEBUG
556 printk(KERN_DEBUG "Open BA session requested for %s tid %u\n",
557 print_mac(mac, ra), tid);
558#endif /* CONFIG_MAC80211_HT_DEBUG */
559
560 rcu_read_lock();
561
562 sta = sta_info_get(local, ra);
563 if (!sta) {
564 printk(KERN_DEBUG "Could not find the station\n");
565 rcu_read_unlock();
566 return -ENOENT;
567 }
568
569 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
570
571 /* we have tried too many times, receiver does not want A-MPDU */
572 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
573 ret = -EBUSY;
574 goto start_ba_exit;
575 }
576
577 state = &sta->ampdu_mlme.tid_state_tx[tid];
578 /* check if the TID is not in aggregation flow already */
579 if (*state != HT_AGG_STATE_IDLE) {
580#ifdef CONFIG_MAC80211_HT_DEBUG
581 printk(KERN_DEBUG "BA request denied - session is not "
582 "idle on tid %u\n", tid);
583#endif /* CONFIG_MAC80211_HT_DEBUG */
584 ret = -EAGAIN;
585 goto start_ba_exit;
586 }
587
588 /* prepare A-MPDU MLME for Tx aggregation */
589 sta->ampdu_mlme.tid_tx[tid] =
590 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
591 if (!sta->ampdu_mlme.tid_tx[tid]) {
592 if (net_ratelimit())
593 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
594 tid);
595 ret = -ENOMEM;
596 goto start_ba_exit;
597 }
598 /* Tx timer */
599 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
600 sta_addba_resp_timer_expired;
601 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
602 (unsigned long)&sta->timer_to_tid[tid];
603 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
604
605 /* ensure that TX flow won't interrupt us
606 * until the end of the call to requeue function */
607 spin_lock_bh(&local->mdev->queue_lock);
608
609 /* create a new queue for this aggregation */
610 ret = ieee80211_ht_agg_queue_add(local, sta, tid);
611
612 /* case no queue is available to aggregation
613 * don't switch to aggregation */
614 if (ret) {
615#ifdef CONFIG_MAC80211_HT_DEBUG
616 printk(KERN_DEBUG "BA request denied - queue unavailable for"
617 " tid %d\n", tid);
618#endif /* CONFIG_MAC80211_HT_DEBUG */
619 goto start_ba_err;
620 }
621 sdata = sta->sdata;
622
623 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
624 * call back right away, it must see that the flow has begun */
625 *state |= HT_ADDBA_REQUESTED_MSK;
626
627 if (local->ops->ampdu_action)
628 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
629 ra, tid, &start_seq_num);
630
631 if (ret) {
632 /* No need to requeue the packets in the agg queue, since we
633 * held the tx lock: no packet could be enqueued to the newly
634 * allocated queue */
635 ieee80211_ht_agg_queue_remove(local, sta, tid, 0);
636#ifdef CONFIG_MAC80211_HT_DEBUG
637 printk(KERN_DEBUG "BA request denied - HW unavailable for"
638 " tid %d\n", tid);
639#endif /* CONFIG_MAC80211_HT_DEBUG */
640 *state = HT_AGG_STATE_IDLE;
641 goto start_ba_err;
642 }
643
644 /* Will put all the packets in the new SW queue */
645 ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
646 spin_unlock_bh(&local->mdev->queue_lock);
647
648 /* send an addBA request */
649 sta->ampdu_mlme.dialog_token_allocator++;
650 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
651 sta->ampdu_mlme.dialog_token_allocator;
652 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
653
654 ieee80211_send_addba_request(sta->sdata->dev, ra, tid,
655 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
656 sta->ampdu_mlme.tid_tx[tid]->ssn,
657 0x40, 5000);
658
659 /* activate the timer for the recipient's addBA response */
660 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
661 jiffies + ADDBA_RESP_INTERVAL;
662 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
663 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
664 goto start_ba_exit;
665
666start_ba_err:
667 kfree(sta->ampdu_mlme.tid_tx[tid]);
668 sta->ampdu_mlme.tid_tx[tid] = NULL;
669 spin_unlock_bh(&local->mdev->queue_lock);
670 ret = -EBUSY;
671start_ba_exit:
672 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
673 rcu_read_unlock();
674 return ret;
675}
676EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
677
678int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
679 u8 *ra, u16 tid,
680 enum ieee80211_back_parties initiator)
681{
682 struct ieee80211_local *local = hw_to_local(hw);
683 struct sta_info *sta;
684 u8 *state;
685 int ret = 0;
686 DECLARE_MAC_BUF(mac);
687
688 if (tid >= STA_TID_NUM)
689 return -EINVAL;
690
691#ifdef CONFIG_MAC80211_HT_DEBUG
692 printk(KERN_DEBUG "Stop a BA session requested for %s tid %u\n",
693 print_mac(mac, ra), tid);
694#endif /* CONFIG_MAC80211_HT_DEBUG */
695
696 rcu_read_lock();
697 sta = sta_info_get(local, ra);
698 if (!sta) {
699 rcu_read_unlock();
700 return -ENOENT;
701 }
702
703 /* check if the TID is in aggregation */
704 state = &sta->ampdu_mlme.tid_state_tx[tid];
705 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
706
707 if (*state != HT_AGG_STATE_OPERATIONAL) {
708#ifdef CONFIG_MAC80211_HT_DEBUG
709 printk(KERN_DEBUG "Try to stop Tx aggregation on"
710 " non active TID\n");
711#endif /* CONFIG_MAC80211_HT_DEBUG */
712 ret = -ENOENT;
713 goto stop_BA_exit;
714 }
715
716 ieee80211_stop_queue(hw, sta->tid_to_tx_q[tid]);
717
718 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
719 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
720
721 if (local->ops->ampdu_action)
722 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_STOP,
723 ra, tid, NULL);
724
725 /* case HW denied going back to legacy */
726 if (ret) {
727 WARN_ON(ret != -EBUSY);
728 *state = HT_AGG_STATE_OPERATIONAL;
729 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
730 goto stop_BA_exit;
731 }
732
733stop_BA_exit:
734 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
735 rcu_read_unlock();
736 return ret;
737}
738EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
739
740void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
741{
742 struct ieee80211_local *local = hw_to_local(hw);
743 struct sta_info *sta;
744 u8 *state;
745 DECLARE_MAC_BUF(mac);
746
747 if (tid >= STA_TID_NUM) {
748 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
749 tid, STA_TID_NUM);
750 return;
751 }
752
753 rcu_read_lock();
754 sta = sta_info_get(local, ra);
755 if (!sta) {
756 rcu_read_unlock();
757 printk(KERN_DEBUG "Could not find station: %s\n",
758 print_mac(mac, ra));
759 return;
760 }
761
762 state = &sta->ampdu_mlme.tid_state_tx[tid];
763 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
764
765 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
766 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
767 *state);
768 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
769 rcu_read_unlock();
770 return;
771 }
772
773 WARN_ON_ONCE(*state & HT_ADDBA_DRV_READY_MSK);
774
775 *state |= HT_ADDBA_DRV_READY_MSK;
776
777 if (*state == HT_AGG_STATE_OPERATIONAL) {
778 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
779 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
780 }
781 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
782 rcu_read_unlock();
783}
784EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
785
786void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
787{
788 struct ieee80211_local *local = hw_to_local(hw);
789 struct sta_info *sta;
790 u8 *state;
791 int agg_queue;
792 DECLARE_MAC_BUF(mac);
793
794 if (tid >= STA_TID_NUM) {
795 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
796 tid, STA_TID_NUM);
797 return;
798 }
799
800 printk(KERN_DEBUG "Stop a BA session requested on DA %s tid %d\n",
801 print_mac(mac, ra), tid);
802
803 rcu_read_lock();
804 sta = sta_info_get(local, ra);
805 if (!sta) {
806 printk(KERN_DEBUG "Could not find station: %s\n",
807 print_mac(mac, ra));
808 rcu_read_unlock();
809 return;
810 }
811 state = &sta->ampdu_mlme.tid_state_tx[tid];
812
813 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
814 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
815 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
816 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
817 rcu_read_unlock();
818 return;
819 }
820
821 if (*state & HT_AGG_STATE_INITIATOR_MSK)
822 ieee80211_send_delba(sta->sdata->dev, ra, tid,
823 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
824
825 agg_queue = sta->tid_to_tx_q[tid];
826
827 /* avoid ordering issues: we are the only one that can modify
828 * the content of the qdiscs */
829 spin_lock_bh(&local->mdev->queue_lock);
830 /* remove the queue for this aggregation */
831 ieee80211_ht_agg_queue_remove(local, sta, tid, 1);
832 spin_unlock_bh(&local->mdev->queue_lock);
833
834 /* we just requeued the all the frames that were in the removed
835 * queue, and since we might miss a softirq we do netif_schedule.
836 * ieee80211_wake_queue is not used here as this queue is not
837 * necessarily stopped */
838 netif_schedule(local->mdev);
839 *state = HT_AGG_STATE_IDLE;
840 sta->ampdu_mlme.addba_req_num[tid] = 0;
841 kfree(sta->ampdu_mlme.tid_tx[tid]);
842 sta->ampdu_mlme.tid_tx[tid] = NULL;
843 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
844
845 rcu_read_unlock();
846}
847EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
848
849void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
850 const u8 *ra, u16 tid)
851{
852 struct ieee80211_local *local = hw_to_local(hw);
853 struct ieee80211_ra_tid *ra_tid;
854 struct sk_buff *skb = dev_alloc_skb(0);
855
856 if (unlikely(!skb)) {
857 if (net_ratelimit())
858 printk(KERN_WARNING "%s: Not enough memory, "
859 "dropping start BA session", skb->dev->name);
860 return;
861 }
862 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
863 memcpy(&ra_tid->ra, ra, ETH_ALEN);
864 ra_tid->tid = tid;
865
866 skb->pkt_type = IEEE80211_ADDBA_MSG;
867 skb_queue_tail(&local->skb_queue, skb);
868 tasklet_schedule(&local->tasklet);
869}
870EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
871
872void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
873 const u8 *ra, u16 tid)
874{
875 struct ieee80211_local *local = hw_to_local(hw);
876 struct ieee80211_ra_tid *ra_tid;
877 struct sk_buff *skb = dev_alloc_skb(0);
878
879 if (unlikely(!skb)) {
880 if (net_ratelimit())
881 printk(KERN_WARNING "%s: Not enough memory, "
882 "dropping stop BA session", skb->dev->name);
883 return;
884 }
885 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
886 memcpy(&ra_tid->ra, ra, ETH_ALEN);
887 ra_tid->tid = tid;
888
889 skb->pkt_type = IEEE80211_DELBA_MSG;
890 skb_queue_tail(&local->skb_queue, skb);
891 tasklet_schedule(&local->tasklet);
892}
893EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
894
417static void ieee80211_set_multicast_list(struct net_device *dev) 895static void ieee80211_set_multicast_list(struct net_device *dev)
418{ 896{
419 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 897 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
@@ -465,41 +943,6 @@ void ieee80211_if_setup(struct net_device *dev)
465 dev->destructor = ieee80211_if_free; 943 dev->destructor = ieee80211_if_free;
466} 944}
467 945
468/* WDS specialties */
469
470int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr)
471{
472 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
473 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
474 struct sta_info *sta;
475 DECLARE_MAC_BUF(mac);
476
477 if (compare_ether_addr(remote_addr, sdata->u.wds.remote_addr) == 0)
478 return 0;
479
480 /* Create STA entry for the new peer */
481 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL);
482 if (!sta)
483 return -ENOMEM;
484 sta_info_put(sta);
485
486 /* Remove STA entry for the old peer */
487 sta = sta_info_get(local, sdata->u.wds.remote_addr);
488 if (sta) {
489 sta_info_free(sta);
490 sta_info_put(sta);
491 } else {
492 printk(KERN_DEBUG "%s: could not find STA entry for WDS link "
493 "peer %s\n",
494 dev->name, print_mac(mac, sdata->u.wds.remote_addr));
495 }
496
497 /* Update WDS link data */
498 memcpy(&sdata->u.wds.remote_addr, remote_addr, ETH_ALEN);
499
500 return 0;
501}
502
503/* everything else */ 946/* everything else */
504 947
505static int __ieee80211_if_config(struct net_device *dev, 948static int __ieee80211_if_config(struct net_device *dev,
@@ -520,6 +963,9 @@ static int __ieee80211_if_config(struct net_device *dev,
520 conf.bssid = sdata->u.sta.bssid; 963 conf.bssid = sdata->u.sta.bssid;
521 conf.ssid = sdata->u.sta.ssid; 964 conf.ssid = sdata->u.sta.ssid;
522 conf.ssid_len = sdata->u.sta.ssid_len; 965 conf.ssid_len = sdata->u.sta.ssid_len;
966 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
967 conf.beacon = beacon;
968 ieee80211_start_mesh(dev);
523 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) { 969 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
524 conf.ssid = sdata->u.ap.ssid; 970 conf.ssid = sdata->u.ap.ssid;
525 conf.ssid_len = sdata->u.ap.ssid_len; 971 conf.ssid_len = sdata->u.ap.ssid_len;
@@ -532,6 +978,11 @@ static int __ieee80211_if_config(struct net_device *dev,
532 978
533int ieee80211_if_config(struct net_device *dev) 979int ieee80211_if_config(struct net_device *dev)
534{ 980{
981 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
982 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
983 if (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT &&
984 (local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
985 return ieee80211_if_config_beacon(dev);
535 return __ieee80211_if_config(dev, NULL, NULL); 986 return __ieee80211_if_config(dev, NULL, NULL);
536} 987}
537 988
@@ -553,37 +1004,28 @@ int ieee80211_if_config_beacon(struct net_device *dev)
553 1004
554int ieee80211_hw_config(struct ieee80211_local *local) 1005int ieee80211_hw_config(struct ieee80211_local *local)
555{ 1006{
556 struct ieee80211_hw_mode *mode;
557 struct ieee80211_channel *chan; 1007 struct ieee80211_channel *chan;
558 int ret = 0; 1008 int ret = 0;
559 1009
560 if (local->sta_sw_scanning) { 1010 if (local->sta_sw_scanning)
561 chan = local->scan_channel; 1011 chan = local->scan_channel;
562 mode = local->scan_hw_mode; 1012 else
563 } else {
564 chan = local->oper_channel; 1013 chan = local->oper_channel;
565 mode = local->oper_hw_mode;
566 }
567 1014
568 local->hw.conf.channel = chan->chan; 1015 local->hw.conf.channel = chan;
569 local->hw.conf.channel_val = chan->val; 1016
570 if (!local->hw.conf.power_level) { 1017 if (!local->hw.conf.power_level)
571 local->hw.conf.power_level = chan->power_level; 1018 local->hw.conf.power_level = chan->max_power;
572 } else { 1019 else
573 local->hw.conf.power_level = min(chan->power_level, 1020 local->hw.conf.power_level = min(chan->max_power,
574 local->hw.conf.power_level); 1021 local->hw.conf.power_level);
575 } 1022
576 local->hw.conf.freq = chan->freq; 1023 local->hw.conf.max_antenna_gain = chan->max_antenna_gain;
577 local->hw.conf.phymode = mode->mode;
578 local->hw.conf.antenna_max = chan->antenna_max;
579 local->hw.conf.chan = chan;
580 local->hw.conf.mode = mode;
581 1024
582#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1025#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
583 printk(KERN_DEBUG "HW CONFIG: channel=%d freq=%d " 1026 printk(KERN_DEBUG "%s: HW CONFIG: freq=%d\n",
584 "phymode=%d\n", local->hw.conf.channel, local->hw.conf.freq, 1027 wiphy_name(local->hw.wiphy), chan->center_freq);
585 local->hw.conf.phymode); 1028#endif
586#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
587 1029
588 if (local->open_count) 1030 if (local->open_count)
589 ret = local->ops->config(local_to_hw(local), &local->hw.conf); 1031 ret = local->ops->config(local_to_hw(local), &local->hw.conf);
@@ -601,11 +1043,13 @@ int ieee80211_hw_config_ht(struct ieee80211_local *local, int enable_ht,
601 struct ieee80211_ht_bss_info *req_bss_cap) 1043 struct ieee80211_ht_bss_info *req_bss_cap)
602{ 1044{
603 struct ieee80211_conf *conf = &local->hw.conf; 1045 struct ieee80211_conf *conf = &local->hw.conf;
604 struct ieee80211_hw_mode *mode = conf->mode; 1046 struct ieee80211_supported_band *sband;
605 int i; 1047 int i;
606 1048
1049 sband = local->hw.wiphy->bands[conf->channel->band];
1050
607 /* HT is not supported */ 1051 /* HT is not supported */
608 if (!mode->ht_info.ht_supported) { 1052 if (!sband->ht_info.ht_supported) {
609 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE; 1053 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE;
610 return -EOPNOTSUPP; 1054 return -EOPNOTSUPP;
611 } 1055 }
@@ -615,17 +1059,17 @@ int ieee80211_hw_config_ht(struct ieee80211_local *local, int enable_ht,
615 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE; 1059 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE;
616 } else { 1060 } else {
617 conf->flags |= IEEE80211_CONF_SUPPORT_HT_MODE; 1061 conf->flags |= IEEE80211_CONF_SUPPORT_HT_MODE;
618 conf->ht_conf.cap = req_ht_cap->cap & mode->ht_info.cap; 1062 conf->ht_conf.cap = req_ht_cap->cap & sband->ht_info.cap;
619 conf->ht_conf.cap &= ~(IEEE80211_HT_CAP_MIMO_PS); 1063 conf->ht_conf.cap &= ~(IEEE80211_HT_CAP_MIMO_PS);
620 conf->ht_conf.cap |= 1064 conf->ht_conf.cap |=
621 mode->ht_info.cap & IEEE80211_HT_CAP_MIMO_PS; 1065 sband->ht_info.cap & IEEE80211_HT_CAP_MIMO_PS;
622 conf->ht_bss_conf.primary_channel = 1066 conf->ht_bss_conf.primary_channel =
623 req_bss_cap->primary_channel; 1067 req_bss_cap->primary_channel;
624 conf->ht_bss_conf.bss_cap = req_bss_cap->bss_cap; 1068 conf->ht_bss_conf.bss_cap = req_bss_cap->bss_cap;
625 conf->ht_bss_conf.bss_op_mode = req_bss_cap->bss_op_mode; 1069 conf->ht_bss_conf.bss_op_mode = req_bss_cap->bss_op_mode;
626 for (i = 0; i < SUPP_MCS_SET_LEN; i++) 1070 for (i = 0; i < SUPP_MCS_SET_LEN; i++)
627 conf->ht_conf.supp_mcs_set[i] = 1071 conf->ht_conf.supp_mcs_set[i] =
628 mode->ht_info.supp_mcs_set[i] & 1072 sband->ht_info.supp_mcs_set[i] &
629 req_ht_cap->supp_mcs_set[i]; 1073 req_ht_cap->supp_mcs_set[i];
630 1074
631 /* In STA mode, this gives us indication 1075 /* In STA mode, this gives us indication
@@ -713,6 +1157,7 @@ static void ieee80211_tasklet_handler(unsigned long data)
713 struct sk_buff *skb; 1157 struct sk_buff *skb;
714 struct ieee80211_rx_status rx_status; 1158 struct ieee80211_rx_status rx_status;
715 struct ieee80211_tx_status *tx_status; 1159 struct ieee80211_tx_status *tx_status;
1160 struct ieee80211_ra_tid *ra_tid;
716 1161
717 while ((skb = skb_dequeue(&local->skb_queue)) || 1162 while ((skb = skb_dequeue(&local->skb_queue)) ||
718 (skb = skb_dequeue(&local->skb_queue_unreliable))) { 1163 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
@@ -733,6 +1178,18 @@ static void ieee80211_tasklet_handler(unsigned long data)
733 skb, tx_status); 1178 skb, tx_status);
734 kfree(tx_status); 1179 kfree(tx_status);
735 break; 1180 break;
1181 case IEEE80211_DELBA_MSG:
1182 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
1183 ieee80211_stop_tx_ba_cb(local_to_hw(local),
1184 ra_tid->ra, ra_tid->tid);
1185 dev_kfree_skb(skb);
1186 break;
1187 case IEEE80211_ADDBA_MSG:
1188 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
1189 ieee80211_start_tx_ba_cb(local_to_hw(local),
1190 ra_tid->ra, ra_tid->tid);
1191 dev_kfree_skb(skb);
1192 break ;
736 default: /* should never get here! */ 1193 default: /* should never get here! */
737 printk(KERN_ERR "%s: Unknown message type (%d)\n", 1194 printk(KERN_ERR "%s: Unknown message type (%d)\n",
738 wiphy_name(local->hw.wiphy), skb->pkt_type); 1195 wiphy_name(local->hw.wiphy), skb->pkt_type);
@@ -810,6 +1267,77 @@ no_key:
810 } 1267 }
811} 1268}
812 1269
1270static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
1271 struct sta_info *sta,
1272 struct sk_buff *skb,
1273 struct ieee80211_tx_status *status)
1274{
1275 sta->tx_filtered_count++;
1276
1277 /*
1278 * Clear the TX filter mask for this STA when sending the next
1279 * packet. If the STA went to power save mode, this will happen
1280 * happen when it wakes up for the next time.
1281 */
1282 sta->flags |= WLAN_STA_CLEAR_PS_FILT;
1283
1284 /*
1285 * This code races in the following way:
1286 *
1287 * (1) STA sends frame indicating it will go to sleep and does so
1288 * (2) hardware/firmware adds STA to filter list, passes frame up
1289 * (3) hardware/firmware processes TX fifo and suppresses a frame
1290 * (4) we get TX status before having processed the frame and
1291 * knowing that the STA has gone to sleep.
1292 *
1293 * This is actually quite unlikely even when both those events are
1294 * processed from interrupts coming in quickly after one another or
1295 * even at the same time because we queue both TX status events and
1296 * RX frames to be processed by a tasklet and process them in the
1297 * same order that they were received or TX status last. Hence, there
1298 * is no race as long as the frame RX is processed before the next TX
1299 * status, which drivers can ensure, see below.
1300 *
1301 * Note that this can only happen if the hardware or firmware can
1302 * actually add STAs to the filter list, if this is done by the
1303 * driver in response to set_tim() (which will only reduce the race
1304 * this whole filtering tries to solve, not completely solve it)
1305 * this situation cannot happen.
1306 *
1307 * To completely solve this race drivers need to make sure that they
1308 * (a) don't mix the irq-safe/not irq-safe TX status/RX processing
1309 * functions and
1310 * (b) always process RX events before TX status events if ordering
1311 * can be unknown, for example with different interrupt status
1312 * bits.
1313 */
1314 if (sta->flags & WLAN_STA_PS &&
1315 skb_queue_len(&sta->tx_filtered) < STA_MAX_TX_BUFFER) {
1316 ieee80211_remove_tx_extra(local, sta->key, skb,
1317 &status->control);
1318 skb_queue_tail(&sta->tx_filtered, skb);
1319 return;
1320 }
1321
1322 if (!(sta->flags & WLAN_STA_PS) &&
1323 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) {
1324 /* Software retry the packet once */
1325 status->control.flags |= IEEE80211_TXCTL_REQUEUE;
1326 ieee80211_remove_tx_extra(local, sta->key, skb,
1327 &status->control);
1328 dev_queue_xmit(skb);
1329 return;
1330 }
1331
1332 if (net_ratelimit())
1333 printk(KERN_DEBUG "%s: dropped TX filtered frame, "
1334 "queue_len=%d PS=%d @%lu\n",
1335 wiphy_name(local->hw.wiphy),
1336 skb_queue_len(&sta->tx_filtered),
1337 !!(sta->flags & WLAN_STA_PS), jiffies);
1338 dev_kfree_skb(skb);
1339}
1340
813void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb, 1341void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
814 struct ieee80211_tx_status *status) 1342 struct ieee80211_tx_status *status)
815{ 1343{
@@ -819,7 +1347,7 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
819 u16 frag, type; 1347 u16 frag, type;
820 struct ieee80211_tx_status_rtap_hdr *rthdr; 1348 struct ieee80211_tx_status_rtap_hdr *rthdr;
821 struct ieee80211_sub_if_data *sdata; 1349 struct ieee80211_sub_if_data *sdata;
822 int monitors; 1350 struct net_device *prev_dev = NULL;
823 1351
824 if (!status) { 1352 if (!status) {
825 printk(KERN_ERR 1353 printk(KERN_ERR
@@ -829,18 +1357,24 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
829 return; 1357 return;
830 } 1358 }
831 1359
1360 rcu_read_lock();
1361
832 if (status->excessive_retries) { 1362 if (status->excessive_retries) {
833 struct sta_info *sta; 1363 struct sta_info *sta;
834 sta = sta_info_get(local, hdr->addr1); 1364 sta = sta_info_get(local, hdr->addr1);
835 if (sta) { 1365 if (sta) {
836 if (sta->flags & WLAN_STA_PS) { 1366 if (sta->flags & WLAN_STA_PS) {
837 /* The STA is in power save mode, so assume 1367 /*
1368 * The STA is in power save mode, so assume
838 * that this TX packet failed because of that. 1369 * that this TX packet failed because of that.
839 */ 1370 */
840 status->excessive_retries = 0; 1371 status->excessive_retries = 0;
841 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED; 1372 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
1373 ieee80211_handle_filtered_frame(local, sta,
1374 skb, status);
1375 rcu_read_unlock();
1376 return;
842 } 1377 }
843 sta_info_put(sta);
844 } 1378 }
845 } 1379 }
846 1380
@@ -848,53 +1382,16 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
848 struct sta_info *sta; 1382 struct sta_info *sta;
849 sta = sta_info_get(local, hdr->addr1); 1383 sta = sta_info_get(local, hdr->addr1);
850 if (sta) { 1384 if (sta) {
851 sta->tx_filtered_count++; 1385 ieee80211_handle_filtered_frame(local, sta, skb,
852 1386 status);
853 /* Clear the TX filter mask for this STA when sending 1387 rcu_read_unlock();
854 * the next packet. If the STA went to power save mode,
855 * this will happen when it is waking up for the next
856 * time. */
857 sta->clear_dst_mask = 1;
858
859 /* TODO: Is the WLAN_STA_PS flag always set here or is
860 * the race between RX and TX status causing some
861 * packets to be filtered out before 80211.o gets an
862 * update for PS status? This seems to be the case, so
863 * no changes are likely to be needed. */
864 if (sta->flags & WLAN_STA_PS &&
865 skb_queue_len(&sta->tx_filtered) <
866 STA_MAX_TX_BUFFER) {
867 ieee80211_remove_tx_extra(local, sta->key,
868 skb,
869 &status->control);
870 skb_queue_tail(&sta->tx_filtered, skb);
871 } else if (!(sta->flags & WLAN_STA_PS) &&
872 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) {
873 /* Software retry the packet once */
874 status->control.flags |= IEEE80211_TXCTL_REQUEUE;
875 ieee80211_remove_tx_extra(local, sta->key,
876 skb,
877 &status->control);
878 dev_queue_xmit(skb);
879 } else {
880 if (net_ratelimit()) {
881 printk(KERN_DEBUG "%s: dropped TX "
882 "filtered frame queue_len=%d "
883 "PS=%d @%lu\n",
884 wiphy_name(local->hw.wiphy),
885 skb_queue_len(
886 &sta->tx_filtered),
887 !!(sta->flags & WLAN_STA_PS),
888 jiffies);
889 }
890 dev_kfree_skb(skb);
891 }
892 sta_info_put(sta);
893 return; 1388 return;
894 } 1389 }
895 } else 1390 } else
896 rate_control_tx_status(local->mdev, skb, status); 1391 rate_control_tx_status(local->mdev, skb, status);
897 1392
1393 rcu_read_unlock();
1394
898 ieee80211_led_tx(local, 0); 1395 ieee80211_led_tx(local, 0);
899 1396
900 /* SNMP counters 1397 /* SNMP counters
@@ -932,7 +1429,11 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
932 /* this was a transmitted frame, but now we want to reuse it */ 1429 /* this was a transmitted frame, but now we want to reuse it */
933 skb_orphan(skb); 1430 skb_orphan(skb);
934 1431
935 if (!local->monitors) { 1432 /*
1433 * This is a bit racy but we can avoid a lot of work
1434 * with this test...
1435 */
1436 if (!local->monitors && !local->cooked_mntrs) {
936 dev_kfree_skb(skb); 1437 dev_kfree_skb(skb);
937 return; 1438 return;
938 } 1439 }
@@ -966,51 +1467,44 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
966 1467
967 rthdr->data_retries = status->retry_count; 1468 rthdr->data_retries = status->retry_count;
968 1469
1470 /* XXX: is this sufficient for BPF? */
1471 skb_set_mac_header(skb, 0);
1472 skb->ip_summed = CHECKSUM_UNNECESSARY;
1473 skb->pkt_type = PACKET_OTHERHOST;
1474 skb->protocol = htons(ETH_P_802_2);
1475 memset(skb->cb, 0, sizeof(skb->cb));
1476
969 rcu_read_lock(); 1477 rcu_read_lock();
970 monitors = local->monitors;
971 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 1478 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
972 /*
973 * Using the monitors counter is possibly racy, but
974 * if the value is wrong we simply either clone the skb
975 * once too much or forget sending it to one monitor iface
976 * The latter case isn't nice but fixing the race is much
977 * more complicated.
978 */
979 if (!monitors || !skb)
980 goto out;
981
982 if (sdata->vif.type == IEEE80211_IF_TYPE_MNTR) { 1479 if (sdata->vif.type == IEEE80211_IF_TYPE_MNTR) {
983 if (!netif_running(sdata->dev)) 1480 if (!netif_running(sdata->dev))
984 continue; 1481 continue;
985 monitors--; 1482
986 if (monitors) 1483 if (prev_dev) {
987 skb2 = skb_clone(skb, GFP_ATOMIC); 1484 skb2 = skb_clone(skb, GFP_ATOMIC);
988 else 1485 if (skb2) {
989 skb2 = NULL; 1486 skb2->dev = prev_dev;
990 skb->dev = sdata->dev; 1487 netif_rx(skb2);
991 /* XXX: is this sufficient for BPF? */ 1488 }
992 skb_set_mac_header(skb, 0); 1489 }
993 skb->ip_summed = CHECKSUM_UNNECESSARY; 1490
994 skb->pkt_type = PACKET_OTHERHOST; 1491 prev_dev = sdata->dev;
995 skb->protocol = htons(ETH_P_802_2);
996 memset(skb->cb, 0, sizeof(skb->cb));
997 netif_rx(skb);
998 skb = skb2;
999 } 1492 }
1000 } 1493 }
1001 out: 1494 if (prev_dev) {
1495 skb->dev = prev_dev;
1496 netif_rx(skb);
1497 skb = NULL;
1498 }
1002 rcu_read_unlock(); 1499 rcu_read_unlock();
1003 if (skb) 1500 dev_kfree_skb(skb);
1004 dev_kfree_skb(skb);
1005} 1501}
1006EXPORT_SYMBOL(ieee80211_tx_status); 1502EXPORT_SYMBOL(ieee80211_tx_status);
1007 1503
1008struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len, 1504struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
1009 const struct ieee80211_ops *ops) 1505 const struct ieee80211_ops *ops)
1010{ 1506{
1011 struct net_device *mdev;
1012 struct ieee80211_local *local; 1507 struct ieee80211_local *local;
1013 struct ieee80211_sub_if_data *sdata;
1014 int priv_size; 1508 int priv_size;
1015 struct wiphy *wiphy; 1509 struct wiphy *wiphy;
1016 1510
@@ -1056,25 +1550,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
1056 BUG_ON(!ops->configure_filter); 1550 BUG_ON(!ops->configure_filter);
1057 local->ops = ops; 1551 local->ops = ops;
1058 1552
1059 /* for now, mdev needs sub_if_data :/ */
1060 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
1061 "wmaster%d", ether_setup);
1062 if (!mdev) {
1063 wiphy_free(wiphy);
1064 return NULL;
1065 }
1066
1067 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
1068 mdev->ieee80211_ptr = &sdata->wdev;
1069 sdata->wdev.wiphy = wiphy;
1070
1071 local->hw.queues = 1; /* default */ 1553 local->hw.queues = 1; /* default */
1072 1554
1073 local->mdev = mdev;
1074 local->rx_pre_handlers = ieee80211_rx_pre_handlers;
1075 local->rx_handlers = ieee80211_rx_handlers;
1076 local->tx_handlers = ieee80211_tx_handlers;
1077
1078 local->bridge_packets = 1; 1555 local->bridge_packets = 1;
1079 1556
1080 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD; 1557 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
@@ -1083,33 +1560,12 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
1083 local->long_retry_limit = 4; 1560 local->long_retry_limit = 4;
1084 local->hw.conf.radio_enabled = 1; 1561 local->hw.conf.radio_enabled = 1;
1085 1562
1086 local->enabled_modes = ~0;
1087
1088 INIT_LIST_HEAD(&local->modes_list);
1089
1090 INIT_LIST_HEAD(&local->interfaces); 1563 INIT_LIST_HEAD(&local->interfaces);
1091 1564
1092 INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work); 1565 INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work);
1093 ieee80211_rx_bss_list_init(mdev);
1094 1566
1095 sta_info_init(local); 1567 sta_info_init(local);
1096 1568
1097 mdev->hard_start_xmit = ieee80211_master_start_xmit;
1098 mdev->open = ieee80211_master_open;
1099 mdev->stop = ieee80211_master_stop;
1100 mdev->type = ARPHRD_IEEE80211;
1101 mdev->header_ops = &ieee80211_header_ops;
1102 mdev->set_multicast_list = ieee80211_master_set_multicast_list;
1103
1104 sdata->vif.type = IEEE80211_IF_TYPE_AP;
1105 sdata->dev = mdev;
1106 sdata->local = local;
1107 sdata->u.ap.force_unicast_rateidx = -1;
1108 sdata->u.ap.max_ratectrl_rateidx = -1;
1109 ieee80211_if_sdata_init(sdata);
1110 /* no RCU needed since we're still during init phase */
1111 list_add_tail(&sdata->list, &local->interfaces);
1112
1113 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending, 1569 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
1114 (unsigned long)local); 1570 (unsigned long)local);
1115 tasklet_disable(&local->tx_pending_tasklet); 1571 tasklet_disable(&local->tx_pending_tasklet);
@@ -1131,11 +1587,63 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1131 struct ieee80211_local *local = hw_to_local(hw); 1587 struct ieee80211_local *local = hw_to_local(hw);
1132 const char *name; 1588 const char *name;
1133 int result; 1589 int result;
1590 enum ieee80211_band band;
1591 struct net_device *mdev;
1592 struct ieee80211_sub_if_data *sdata;
1593
1594 /*
1595 * generic code guarantees at least one band,
1596 * set this very early because much code assumes
1597 * that hw.conf.channel is assigned
1598 */
1599 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1600 struct ieee80211_supported_band *sband;
1601
1602 sband = local->hw.wiphy->bands[band];
1603 if (sband) {
1604 /* init channel we're on */
1605 local->hw.conf.channel =
1606 local->oper_channel =
1607 local->scan_channel = &sband->channels[0];
1608 break;
1609 }
1610 }
1134 1611
1135 result = wiphy_register(local->hw.wiphy); 1612 result = wiphy_register(local->hw.wiphy);
1136 if (result < 0) 1613 if (result < 0)
1137 return result; 1614 return result;
1138 1615
1616 /* for now, mdev needs sub_if_data :/ */
1617 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
1618 "wmaster%d", ether_setup);
1619 if (!mdev)
1620 goto fail_mdev_alloc;
1621
1622 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
1623 mdev->ieee80211_ptr = &sdata->wdev;
1624 sdata->wdev.wiphy = local->hw.wiphy;
1625
1626 local->mdev = mdev;
1627
1628 ieee80211_rx_bss_list_init(mdev);
1629
1630 mdev->hard_start_xmit = ieee80211_master_start_xmit;
1631 mdev->open = ieee80211_master_open;
1632 mdev->stop = ieee80211_master_stop;
1633 mdev->type = ARPHRD_IEEE80211;
1634 mdev->header_ops = &ieee80211_header_ops;
1635 mdev->set_multicast_list = ieee80211_master_set_multicast_list;
1636
1637 sdata->vif.type = IEEE80211_IF_TYPE_AP;
1638 sdata->dev = mdev;
1639 sdata->local = local;
1640 sdata->u.ap.force_unicast_rateidx = -1;
1641 sdata->u.ap.max_ratectrl_rateidx = -1;
1642 ieee80211_if_sdata_init(sdata);
1643
1644 /* no RCU needed since we're still during init phase */
1645 list_add_tail(&sdata->list, &local->interfaces);
1646
1139 name = wiphy_dev(local->hw.wiphy)->driver->name; 1647 name = wiphy_dev(local->hw.wiphy)->driver->name;
1140 local->hw.workqueue = create_singlethread_workqueue(name); 1648 local->hw.workqueue = create_singlethread_workqueue(name);
1141 if (!local->hw.workqueue) { 1649 if (!local->hw.workqueue) {
@@ -1203,7 +1711,7 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1203 1711
1204 /* add one default STA interface */ 1712 /* add one default STA interface */
1205 result = ieee80211_if_add(local->mdev, "wlan%d", NULL, 1713 result = ieee80211_if_add(local->mdev, "wlan%d", NULL,
1206 IEEE80211_IF_TYPE_STA); 1714 IEEE80211_IF_TYPE_STA, NULL);
1207 if (result) 1715 if (result)
1208 printk(KERN_WARNING "%s: Failed to add default virtual iface\n", 1716 printk(KERN_WARNING "%s: Failed to add default virtual iface\n",
1209 wiphy_name(local->hw.wiphy)); 1717 wiphy_name(local->hw.wiphy));
@@ -1227,49 +1735,18 @@ fail_sta_info:
1227 debugfs_hw_del(local); 1735 debugfs_hw_del(local);
1228 destroy_workqueue(local->hw.workqueue); 1736 destroy_workqueue(local->hw.workqueue);
1229fail_workqueue: 1737fail_workqueue:
1738 ieee80211_if_free(local->mdev);
1739 local->mdev = NULL;
1740fail_mdev_alloc:
1230 wiphy_unregister(local->hw.wiphy); 1741 wiphy_unregister(local->hw.wiphy);
1231 return result; 1742 return result;
1232} 1743}
1233EXPORT_SYMBOL(ieee80211_register_hw); 1744EXPORT_SYMBOL(ieee80211_register_hw);
1234 1745
1235int ieee80211_register_hwmode(struct ieee80211_hw *hw,
1236 struct ieee80211_hw_mode *mode)
1237{
1238 struct ieee80211_local *local = hw_to_local(hw);
1239 struct ieee80211_rate *rate;
1240 int i;
1241
1242 INIT_LIST_HEAD(&mode->list);
1243 list_add_tail(&mode->list, &local->modes_list);
1244
1245 local->hw_modes |= (1 << mode->mode);
1246 for (i = 0; i < mode->num_rates; i++) {
1247 rate = &(mode->rates[i]);
1248 rate->rate_inv = CHAN_UTIL_RATE_LCM / rate->rate;
1249 }
1250 ieee80211_prepare_rates(local, mode);
1251
1252 if (!local->oper_hw_mode) {
1253 /* Default to this mode */
1254 local->hw.conf.phymode = mode->mode;
1255 local->oper_hw_mode = local->scan_hw_mode = mode;
1256 local->oper_channel = local->scan_channel = &mode->channels[0];
1257 local->hw.conf.mode = local->oper_hw_mode;
1258 local->hw.conf.chan = local->oper_channel;
1259 }
1260
1261 if (!(hw->flags & IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED))
1262 ieee80211_set_default_regdomain(mode);
1263
1264 return 0;
1265}
1266EXPORT_SYMBOL(ieee80211_register_hwmode);
1267
1268void ieee80211_unregister_hw(struct ieee80211_hw *hw) 1746void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1269{ 1747{
1270 struct ieee80211_local *local = hw_to_local(hw); 1748 struct ieee80211_local *local = hw_to_local(hw);
1271 struct ieee80211_sub_if_data *sdata, *tmp; 1749 struct ieee80211_sub_if_data *sdata, *tmp;
1272 int i;
1273 1750
1274 tasklet_kill(&local->tx_pending_tasklet); 1751 tasklet_kill(&local->tx_pending_tasklet);
1275 tasklet_kill(&local->tasklet); 1752 tasklet_kill(&local->tasklet);
@@ -1310,11 +1787,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1310 rate_control_deinitialize(local); 1787 rate_control_deinitialize(local);
1311 debugfs_hw_del(local); 1788 debugfs_hw_del(local);
1312 1789
1313 for (i = 0; i < NUM_IEEE80211_MODES; i++) {
1314 kfree(local->supp_rates[i]);
1315 kfree(local->basic_rates[i]);
1316 }
1317
1318 if (skb_queue_len(&local->skb_queue) 1790 if (skb_queue_len(&local->skb_queue)
1319 || skb_queue_len(&local->skb_queue_unreliable)) 1791 || skb_queue_len(&local->skb_queue_unreliable))
1320 printk(KERN_WARNING "%s: skb_queue not empty\n", 1792 printk(KERN_WARNING "%s: skb_queue not empty\n",
@@ -1326,6 +1798,8 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1326 wiphy_unregister(local->hw.wiphy); 1798 wiphy_unregister(local->hw.wiphy);
1327 ieee80211_wep_free(local); 1799 ieee80211_wep_free(local);
1328 ieee80211_led_exit(local); 1800 ieee80211_led_exit(local);
1801 ieee80211_if_free(local->mdev);
1802 local->mdev = NULL;
1329} 1803}
1330EXPORT_SYMBOL(ieee80211_unregister_hw); 1804EXPORT_SYMBOL(ieee80211_unregister_hw);
1331 1805
@@ -1333,7 +1807,6 @@ void ieee80211_free_hw(struct ieee80211_hw *hw)
1333{ 1807{
1334 struct ieee80211_local *local = hw_to_local(hw); 1808 struct ieee80211_local *local = hw_to_local(hw);
1335 1809
1336 ieee80211_if_free(local->mdev);
1337 wiphy_free(local->hw.wiphy); 1810 wiphy_free(local->hw.wiphy);
1338} 1811}
1339EXPORT_SYMBOL(ieee80211_free_hw); 1812EXPORT_SYMBOL(ieee80211_free_hw);
@@ -1345,13 +1818,9 @@ static int __init ieee80211_init(void)
1345 1818
1346 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb)); 1819 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb));
1347 1820
1348 ret = rc80211_simple_init();
1349 if (ret)
1350 goto out;
1351
1352 ret = rc80211_pid_init(); 1821 ret = rc80211_pid_init();
1353 if (ret) 1822 if (ret)
1354 goto out_cleanup_simple; 1823 goto out;
1355 1824
1356 ret = ieee80211_wme_register(); 1825 ret = ieee80211_wme_register();
1357 if (ret) { 1826 if (ret) {
@@ -1361,23 +1830,22 @@ static int __init ieee80211_init(void)
1361 } 1830 }
1362 1831
1363 ieee80211_debugfs_netdev_init(); 1832 ieee80211_debugfs_netdev_init();
1364 ieee80211_regdomain_init();
1365 1833
1366 return 0; 1834 return 0;
1367 1835
1368 out_cleanup_pid: 1836 out_cleanup_pid:
1369 rc80211_pid_exit(); 1837 rc80211_pid_exit();
1370 out_cleanup_simple:
1371 rc80211_simple_exit();
1372 out: 1838 out:
1373 return ret; 1839 return ret;
1374} 1840}
1375 1841
1376static void __exit ieee80211_exit(void) 1842static void __exit ieee80211_exit(void)
1377{ 1843{
1378 rc80211_simple_exit();
1379 rc80211_pid_exit(); 1844 rc80211_pid_exit();
1380 1845
1846 if (mesh_allocated)
1847 ieee80211s_stop();
1848
1381 ieee80211_wme_unregister(); 1849 ieee80211_wme_unregister();
1382 ieee80211_debugfs_netdev_exit(); 1850 ieee80211_debugfs_netdev_exit();
1383} 1851}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 72ecbf7bf962..7ab806602183 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -73,14 +73,14 @@ struct ieee80211_fragment_entry {
73struct ieee80211_sta_bss { 73struct ieee80211_sta_bss {
74 struct list_head list; 74 struct list_head list;
75 struct ieee80211_sta_bss *hnext; 75 struct ieee80211_sta_bss *hnext;
76 size_t ssid_len;
77
76 atomic_t users; 78 atomic_t users;
77 79
78 u8 bssid[ETH_ALEN]; 80 u8 bssid[ETH_ALEN];
79 u8 ssid[IEEE80211_MAX_SSID_LEN]; 81 u8 ssid[IEEE80211_MAX_SSID_LEN];
80 size_t ssid_len;
81 u16 capability; /* host byte order */ 82 u16 capability; /* host byte order */
82 int hw_mode; 83 enum ieee80211_band band;
83 int channel;
84 int freq; 84 int freq;
85 int rssi, signal, noise; 85 int rssi, signal, noise;
86 u8 *wpa_ie; 86 u8 *wpa_ie;
@@ -91,11 +91,16 @@ struct ieee80211_sta_bss {
91 size_t wmm_ie_len; 91 size_t wmm_ie_len;
92 u8 *ht_ie; 92 u8 *ht_ie;
93 size_t ht_ie_len; 93 size_t ht_ie_len;
94#ifdef CONFIG_MAC80211_MESH
95 u8 *mesh_id;
96 size_t mesh_id_len;
97 u8 *mesh_cfg;
98#endif
94#define IEEE80211_MAX_SUPP_RATES 32 99#define IEEE80211_MAX_SUPP_RATES 32
95 u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; 100 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
96 size_t supp_rates_len; 101 size_t supp_rates_len;
97 int beacon_int;
98 u64 timestamp; 102 u64 timestamp;
103 int beacon_int;
99 104
100 int probe_resp; 105 int probe_resp;
101 unsigned long last_update; 106 unsigned long last_update;
@@ -108,56 +113,98 @@ struct ieee80211_sta_bss {
108 u8 erp_value; 113 u8 erp_value;
109}; 114};
110 115
116static inline u8 *bss_mesh_cfg(struct ieee80211_sta_bss *bss)
117{
118#ifdef CONFIG_MAC80211_MESH
119 return bss->mesh_cfg;
120#endif
121 return NULL;
122}
111 123
112typedef enum { 124static inline u8 *bss_mesh_id(struct ieee80211_sta_bss *bss)
113 TXRX_CONTINUE, TXRX_DROP, TXRX_QUEUED 125{
114} ieee80211_txrx_result; 126#ifdef CONFIG_MAC80211_MESH
127 return bss->mesh_id;
128#endif
129 return NULL;
130}
115 131
116/* flags used in struct ieee80211_txrx_data.flags */ 132static inline u8 bss_mesh_id_len(struct ieee80211_sta_bss *bss)
117/* whether the MSDU was fragmented */ 133{
118#define IEEE80211_TXRXD_FRAGMENTED BIT(0) 134#ifdef CONFIG_MAC80211_MESH
119#define IEEE80211_TXRXD_TXUNICAST BIT(1) 135 return bss->mesh_id_len;
120#define IEEE80211_TXRXD_TXPS_BUFFERED BIT(2) 136#endif
121#define IEEE80211_TXRXD_TXPROBE_LAST_FRAG BIT(3) 137 return 0;
122#define IEEE80211_TXRXD_RXIN_SCAN BIT(4) 138}
123/* frame is destined to interface currently processed (incl. multicast frames) */ 139
124#define IEEE80211_TXRXD_RXRA_MATCH BIT(5) 140
125#define IEEE80211_TXRXD_TX_INJECTED BIT(6) 141typedef unsigned __bitwise__ ieee80211_tx_result;
126#define IEEE80211_TXRXD_RX_AMSDU BIT(7) 142#define TX_CONTINUE ((__force ieee80211_tx_result) 0u)
127struct ieee80211_txrx_data { 143#define TX_DROP ((__force ieee80211_tx_result) 1u)
144#define TX_QUEUED ((__force ieee80211_tx_result) 2u)
145
146#define IEEE80211_TX_FRAGMENTED BIT(0)
147#define IEEE80211_TX_UNICAST BIT(1)
148#define IEEE80211_TX_PS_BUFFERED BIT(2)
149#define IEEE80211_TX_PROBE_LAST_FRAG BIT(3)
150#define IEEE80211_TX_INJECTED BIT(4)
151
152struct ieee80211_tx_data {
128 struct sk_buff *skb; 153 struct sk_buff *skb;
129 struct net_device *dev; 154 struct net_device *dev;
130 struct ieee80211_local *local; 155 struct ieee80211_local *local;
131 struct ieee80211_sub_if_data *sdata; 156 struct ieee80211_sub_if_data *sdata;
132 struct sta_info *sta; 157 struct sta_info *sta;
158 struct ieee80211_key *key;
159
160 struct ieee80211_tx_control *control;
161 struct ieee80211_channel *channel;
162 struct ieee80211_rate *rate;
163 /* use this rate (if set) for last fragment; rate can
164 * be set to lower rate for the first fragments, e.g.,
165 * when using CTS protection with IEEE 802.11g. */
166 struct ieee80211_rate *last_frag_rate;
167
168 /* Extra fragments (in addition to the first fragment
169 * in skb) */
170 struct sk_buff **extra_frag;
171 int num_extra_frag;
172
133 u16 fc, ethertype; 173 u16 fc, ethertype;
174 unsigned int flags;
175};
176
177
178typedef unsigned __bitwise__ ieee80211_rx_result;
179#define RX_CONTINUE ((__force ieee80211_rx_result) 0u)
180#define RX_DROP_UNUSABLE ((__force ieee80211_rx_result) 1u)
181#define RX_DROP_MONITOR ((__force ieee80211_rx_result) 2u)
182#define RX_QUEUED ((__force ieee80211_rx_result) 3u)
183
184#define IEEE80211_RX_IN_SCAN BIT(0)
185/* frame is destined to interface currently processed (incl. multicast frames) */
186#define IEEE80211_RX_RA_MATCH BIT(1)
187#define IEEE80211_RX_AMSDU BIT(2)
188#define IEEE80211_RX_CMNTR_REPORTED BIT(3)
189#define IEEE80211_RX_FRAGMENTED BIT(4)
190
191struct ieee80211_rx_data {
192 struct sk_buff *skb;
193 struct net_device *dev;
194 struct ieee80211_local *local;
195 struct ieee80211_sub_if_data *sdata;
196 struct sta_info *sta;
134 struct ieee80211_key *key; 197 struct ieee80211_key *key;
198 struct ieee80211_rx_status *status;
199 struct ieee80211_rate *rate;
200
201 u16 fc, ethertype;
135 unsigned int flags; 202 unsigned int flags;
136 union { 203 int sent_ps_buffered;
137 struct { 204 int queue;
138 struct ieee80211_tx_control *control; 205 int load;
139 struct ieee80211_hw_mode *mode; 206 u32 tkip_iv32;
140 struct ieee80211_rate *rate; 207 u16 tkip_iv16;
141 /* use this rate (if set) for last fragment; rate can
142 * be set to lower rate for the first fragments, e.g.,
143 * when using CTS protection with IEEE 802.11g. */
144 struct ieee80211_rate *last_frag_rate;
145 int last_frag_hwrate;
146
147 /* Extra fragments (in addition to the first fragment
148 * in skb) */
149 int num_extra_frag;
150 struct sk_buff **extra_frag;
151 } tx;
152 struct {
153 struct ieee80211_rx_status *status;
154 int sent_ps_buffered;
155 int queue;
156 int load;
157 u32 tkip_iv32;
158 u16 tkip_iv16;
159 } rx;
160 } u;
161}; 208};
162 209
163/* flags used in struct ieee80211_tx_packet_data.flags */ 210/* flags used in struct ieee80211_tx_packet_data.flags */
@@ -165,6 +212,7 @@ struct ieee80211_txrx_data {
165#define IEEE80211_TXPD_DO_NOT_ENCRYPT BIT(1) 212#define IEEE80211_TXPD_DO_NOT_ENCRYPT BIT(1)
166#define IEEE80211_TXPD_REQUEUE BIT(2) 213#define IEEE80211_TXPD_REQUEUE BIT(2)
167#define IEEE80211_TXPD_EAPOL_FRAME BIT(3) 214#define IEEE80211_TXPD_EAPOL_FRAME BIT(3)
215#define IEEE80211_TXPD_AMPDU BIT(4)
168/* Stored in sk_buff->cb */ 216/* Stored in sk_buff->cb */
169struct ieee80211_tx_packet_data { 217struct ieee80211_tx_packet_data {
170 int ifindex; 218 int ifindex;
@@ -176,20 +224,12 @@ struct ieee80211_tx_packet_data {
176struct ieee80211_tx_stored_packet { 224struct ieee80211_tx_stored_packet {
177 struct ieee80211_tx_control control; 225 struct ieee80211_tx_control control;
178 struct sk_buff *skb; 226 struct sk_buff *skb;
179 int num_extra_frag;
180 struct sk_buff **extra_frag; 227 struct sk_buff **extra_frag;
181 int last_frag_rateidx;
182 int last_frag_hwrate;
183 struct ieee80211_rate *last_frag_rate; 228 struct ieee80211_rate *last_frag_rate;
229 int num_extra_frag;
184 unsigned int last_frag_rate_ctrl_probe; 230 unsigned int last_frag_rate_ctrl_probe;
185}; 231};
186 232
187typedef ieee80211_txrx_result (*ieee80211_tx_handler)
188(struct ieee80211_txrx_data *tx);
189
190typedef ieee80211_txrx_result (*ieee80211_rx_handler)
191(struct ieee80211_txrx_data *rx);
192
193struct beacon_data { 233struct beacon_data {
194 u8 *head, *tail; 234 u8 *head, *tail;
195 int head_len, tail_len; 235 int head_len, tail_len;
@@ -206,10 +246,10 @@ struct ieee80211_if_ap {
206 246
207 /* yes, this looks ugly, but guarantees that we can later use 247 /* yes, this looks ugly, but guarantees that we can later use
208 * bitmap_empty :) 248 * bitmap_empty :)
209 * NB: don't ever use set_bit, use bss_tim_set/bss_tim_clear! */ 249 * NB: don't touch this bitmap, use sta_info_{set,clear}_tim_bit */
210 u8 tim[sizeof(unsigned long) * BITS_TO_LONGS(IEEE80211_MAX_AID + 1)]; 250 u8 tim[sizeof(unsigned long) * BITS_TO_LONGS(IEEE80211_MAX_AID + 1)];
211 atomic_t num_sta_ps; /* number of stations in PS mode */
212 struct sk_buff_head ps_bc_buf; 251 struct sk_buff_head ps_bc_buf;
252 atomic_t num_sta_ps; /* number of stations in PS mode */
213 int dtim_count; 253 int dtim_count;
214 int force_unicast_rateidx; /* forced TX rateidx for unicast frames */ 254 int force_unicast_rateidx; /* forced TX rateidx for unicast frames */
215 int max_ratectrl_rateidx; /* max TX rateidx for rate control */ 255 int max_ratectrl_rateidx; /* max TX rateidx for rate control */
@@ -217,8 +257,8 @@ struct ieee80211_if_ap {
217}; 257};
218 258
219struct ieee80211_if_wds { 259struct ieee80211_if_wds {
220 u8 remote_addr[ETH_ALEN];
221 struct sta_info *sta; 260 struct sta_info *sta;
261 u8 remote_addr[ETH_ALEN];
222}; 262};
223 263
224struct ieee80211_if_vlan { 264struct ieee80211_if_vlan {
@@ -226,6 +266,41 @@ struct ieee80211_if_vlan {
226 struct list_head list; 266 struct list_head list;
227}; 267};
228 268
269struct mesh_stats {
270 __u32 fwded_frames; /* Mesh forwarded frames */
271 __u32 dropped_frames_ttl; /* Not transmitted since mesh_ttl == 0*/
272 __u32 dropped_frames_no_route; /* Not transmitted, no route found */
273 atomic_t estab_plinks;
274};
275
276#define PREQ_Q_F_START 0x1
277#define PREQ_Q_F_REFRESH 0x2
278struct mesh_preq_queue {
279 struct list_head list;
280 u8 dst[ETH_ALEN];
281 u8 flags;
282};
283
284struct mesh_config {
285 /* Timeouts in ms */
286 /* Mesh plink management parameters */
287 u16 dot11MeshRetryTimeout;
288 u16 dot11MeshConfirmTimeout;
289 u16 dot11MeshHoldingTimeout;
290 u16 dot11MeshMaxPeerLinks;
291 u8 dot11MeshMaxRetries;
292 u8 dot11MeshTTL;
293 bool auto_open_plinks;
294 /* HWMP parameters */
295 u8 dot11MeshHWMPmaxPREQretries;
296 u32 path_refresh_time;
297 u16 min_discovery_timeout;
298 u32 dot11MeshHWMPactivePathTimeout;
299 u16 dot11MeshHWMPpreqMinInterval;
300 u16 dot11MeshHWMPnetDiameterTraversalTime;
301};
302
303
229/* flags used in struct ieee80211_if_sta.flags */ 304/* flags used in struct ieee80211_if_sta.flags */
230#define IEEE80211_STA_SSID_SET BIT(0) 305#define IEEE80211_STA_SSID_SET BIT(0)
231#define IEEE80211_STA_BSSID_SET BIT(1) 306#define IEEE80211_STA_BSSID_SET BIT(1)
@@ -241,18 +316,47 @@ struct ieee80211_if_vlan {
241#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12) 316#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12)
242#define IEEE80211_STA_PRIVACY_INVOKED BIT(13) 317#define IEEE80211_STA_PRIVACY_INVOKED BIT(13)
243struct ieee80211_if_sta { 318struct ieee80211_if_sta {
244 enum {
245 IEEE80211_DISABLED, IEEE80211_AUTHENTICATE,
246 IEEE80211_ASSOCIATE, IEEE80211_ASSOCIATED,
247 IEEE80211_IBSS_SEARCH, IEEE80211_IBSS_JOINED
248 } state;
249 struct timer_list timer; 319 struct timer_list timer;
250 struct work_struct work; 320 struct work_struct work;
251 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN]; 321 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
252 u8 ssid[IEEE80211_MAX_SSID_LEN]; 322 u8 ssid[IEEE80211_MAX_SSID_LEN];
323 enum {
324 IEEE80211_DISABLED, IEEE80211_AUTHENTICATE,
325 IEEE80211_ASSOCIATE, IEEE80211_ASSOCIATED,
326 IEEE80211_IBSS_SEARCH, IEEE80211_IBSS_JOINED,
327 IEEE80211_MESH_UP
328 } state;
253 size_t ssid_len; 329 size_t ssid_len;
254 u8 scan_ssid[IEEE80211_MAX_SSID_LEN]; 330 u8 scan_ssid[IEEE80211_MAX_SSID_LEN];
255 size_t scan_ssid_len; 331 size_t scan_ssid_len;
332#ifdef CONFIG_MAC80211_MESH
333 struct timer_list mesh_path_timer;
334 u8 mesh_id[IEEE80211_MAX_MESH_ID_LEN];
335 size_t mesh_id_len;
336 /* Active Path Selection Protocol Identifier */
337 u8 mesh_pp_id[4];
338 /* Active Path Selection Metric Identifier */
339 u8 mesh_pm_id[4];
340 /* Congestion Control Mode Identifier */
341 u8 mesh_cc_id[4];
342 /* Local mesh Destination Sequence Number */
343 u32 dsn;
344 /* Last used PREQ ID */
345 u32 preq_id;
346 atomic_t mpaths;
347 /* Timestamp of last DSN update */
348 unsigned long last_dsn_update;
349 /* Timestamp of last DSN sent */
350 unsigned long last_preq;
351 struct mesh_rmc *rmc;
352 spinlock_t mesh_preq_queue_lock;
353 struct mesh_preq_queue preq_queue;
354 int preq_queue_len;
355 struct mesh_stats mshstats;
356 struct mesh_config mshcfg;
357 u8 mesh_seqnum[3];
358 bool accepting_plinks;
359#endif
256 u16 aid; 360 u16 aid;
257 u16 ap_capab, capab; 361 u16 ap_capab, capab;
258 u8 *extra_ie; /* to be added to the end of AssocReq */ 362 u8 *extra_ie; /* to be added to the end of AssocReq */
@@ -262,16 +366,18 @@ struct ieee80211_if_sta {
262 u8 *assocreq_ies, *assocresp_ies; 366 u8 *assocreq_ies, *assocresp_ies;
263 size_t assocreq_ies_len, assocresp_ies_len; 367 size_t assocreq_ies_len, assocresp_ies_len;
264 368
369 struct sk_buff_head skb_queue;
370
265 int auth_tries, assoc_tries; 371 int auth_tries, assoc_tries;
266 372
373 unsigned long request;
374
375 unsigned long last_probe;
376
267 unsigned int flags; 377 unsigned int flags;
268#define IEEE80211_STA_REQ_SCAN 0 378#define IEEE80211_STA_REQ_SCAN 0
269#define IEEE80211_STA_REQ_AUTH 1 379#define IEEE80211_STA_REQ_AUTH 1
270#define IEEE80211_STA_REQ_RUN 2 380#define IEEE80211_STA_REQ_RUN 2
271 unsigned long request;
272 struct sk_buff_head skb_queue;
273
274 unsigned long last_probe;
275 381
276#define IEEE80211_AUTH_ALG_OPEN BIT(0) 382#define IEEE80211_AUTH_ALG_OPEN BIT(0)
277#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1) 383#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1)
@@ -282,16 +388,34 @@ struct ieee80211_if_sta {
282 388
283 unsigned long ibss_join_req; 389 unsigned long ibss_join_req;
284 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */ 390 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */
285 u32 supp_rates_bits; 391 u32 supp_rates_bits[IEEE80211_NUM_BANDS];
286 392
287 int wmm_last_param_set; 393 int wmm_last_param_set;
394 int num_beacons; /* number of TXed beacon frames by this STA */
288}; 395};
289 396
397static inline void ieee80211_if_sta_set_mesh_id(struct ieee80211_if_sta *ifsta,
398 u8 mesh_id_len, u8 *mesh_id)
399{
400#ifdef CONFIG_MAC80211_MESH
401 ifsta->mesh_id_len = mesh_id_len;
402 memcpy(ifsta->mesh_id, mesh_id, mesh_id_len);
403#endif
404}
405
406#ifdef CONFIG_MAC80211_MESH
407#define IEEE80211_IFSTA_MESH_CTR_INC(sta, name) \
408 do { (sta)->mshstats.name++; } while (0)
409#else
410#define IEEE80211_IFSTA_MESH_CTR_INC(sta, name) \
411 do { } while (0)
412#endif
290 413
291/* flags used in struct ieee80211_sub_if_data.flags */ 414/* flags used in struct ieee80211_sub_if_data.flags */
292#define IEEE80211_SDATA_ALLMULTI BIT(0) 415#define IEEE80211_SDATA_ALLMULTI BIT(0)
293#define IEEE80211_SDATA_PROMISC BIT(1) 416#define IEEE80211_SDATA_PROMISC BIT(1)
294#define IEEE80211_SDATA_USERSPACE_MLME BIT(2) 417#define IEEE80211_SDATA_USERSPACE_MLME BIT(2)
418#define IEEE80211_SDATA_OPERATING_GMODE BIT(3)
295struct ieee80211_sub_if_data { 419struct ieee80211_sub_if_data {
296 struct list_head list; 420 struct list_head list;
297 421
@@ -306,11 +430,11 @@ struct ieee80211_sub_if_data {
306 unsigned int flags; 430 unsigned int flags;
307 431
308 int drop_unencrypted; 432 int drop_unencrypted;
433
309 /* 434 /*
310 * IEEE 802.1X Port access control in effect, 435 * basic rates of this AP or the AP we're associated to
311 * drop packets to/from unauthorized port
312 */ 436 */
313 int ieee802_1x_pac; 437 u64 basic_rates;
314 438
315 u16 sequence; 439 u16 sequence;
316 440
@@ -338,6 +462,7 @@ struct ieee80211_sub_if_data {
338 struct ieee80211_if_wds wds; 462 struct ieee80211_if_wds wds;
339 struct ieee80211_if_vlan vlan; 463 struct ieee80211_if_vlan vlan;
340 struct ieee80211_if_sta sta; 464 struct ieee80211_if_sta sta;
465 u32 mntr_flags;
341 } u; 466 } u;
342 int channel_use; 467 int channel_use;
343 int channel_use_raw; 468 int channel_use_raw;
@@ -348,7 +473,6 @@ struct ieee80211_sub_if_data {
348 struct { 473 struct {
349 struct dentry *channel_use; 474 struct dentry *channel_use;
350 struct dentry *drop_unencrypted; 475 struct dentry *drop_unencrypted;
351 struct dentry *ieee802_1x_pac;
352 struct dentry *state; 476 struct dentry *state;
353 struct dentry *bssid; 477 struct dentry *bssid;
354 struct dentry *prev_bssid; 478 struct dentry *prev_bssid;
@@ -363,11 +487,11 @@ struct ieee80211_sub_if_data {
363 struct dentry *auth_alg; 487 struct dentry *auth_alg;
364 struct dentry *auth_transaction; 488 struct dentry *auth_transaction;
365 struct dentry *flags; 489 struct dentry *flags;
490 struct dentry *num_beacons_sta;
366 } sta; 491 } sta;
367 struct { 492 struct {
368 struct dentry *channel_use; 493 struct dentry *channel_use;
369 struct dentry *drop_unencrypted; 494 struct dentry *drop_unencrypted;
370 struct dentry *ieee802_1x_pac;
371 struct dentry *num_sta_ps; 495 struct dentry *num_sta_ps;
372 struct dentry *dtim_count; 496 struct dentry *dtim_count;
373 struct dentry *num_beacons; 497 struct dentry *num_beacons;
@@ -378,19 +502,46 @@ struct ieee80211_sub_if_data {
378 struct { 502 struct {
379 struct dentry *channel_use; 503 struct dentry *channel_use;
380 struct dentry *drop_unencrypted; 504 struct dentry *drop_unencrypted;
381 struct dentry *ieee802_1x_pac;
382 struct dentry *peer; 505 struct dentry *peer;
383 } wds; 506 } wds;
384 struct { 507 struct {
385 struct dentry *channel_use; 508 struct dentry *channel_use;
386 struct dentry *drop_unencrypted; 509 struct dentry *drop_unencrypted;
387 struct dentry *ieee802_1x_pac;
388 } vlan; 510 } vlan;
389 struct { 511 struct {
390 struct dentry *mode; 512 struct dentry *mode;
391 } monitor; 513 } monitor;
392 struct dentry *default_key; 514 struct dentry *default_key;
393 } debugfs; 515 } debugfs;
516
517#ifdef CONFIG_MAC80211_MESH
518 struct dentry *mesh_stats_dir;
519 struct {
520 struct dentry *fwded_frames;
521 struct dentry *dropped_frames_ttl;
522 struct dentry *dropped_frames_no_route;
523 struct dentry *estab_plinks;
524 struct timer_list mesh_path_timer;
525 } mesh_stats;
526
527 struct dentry *mesh_config_dir;
528 struct {
529 struct dentry *dot11MeshRetryTimeout;
530 struct dentry *dot11MeshConfirmTimeout;
531 struct dentry *dot11MeshHoldingTimeout;
532 struct dentry *dot11MeshMaxRetries;
533 struct dentry *dot11MeshTTL;
534 struct dentry *auto_open_plinks;
535 struct dentry *dot11MeshMaxPeerLinks;
536 struct dentry *dot11MeshHWMPactivePathTimeout;
537 struct dentry *dot11MeshHWMPpreqMinInterval;
538 struct dentry *dot11MeshHWMPnetDiameterTraversalTime;
539 struct dentry *dot11MeshHWMPmaxPREQretries;
540 struct dentry *path_refresh_time;
541 struct dentry *min_discovery_timeout;
542 } mesh_config;
543#endif
544
394#endif 545#endif
395 /* must be last, dynamically sized area in this! */ 546 /* must be last, dynamically sized area in this! */
396 struct ieee80211_vif vif; 547 struct ieee80211_vif vif;
@@ -407,6 +558,8 @@ struct ieee80211_sub_if_data *vif_to_sdata(struct ieee80211_vif *p)
407enum { 558enum {
408 IEEE80211_RX_MSG = 1, 559 IEEE80211_RX_MSG = 1,
409 IEEE80211_TX_STATUS_MSG = 2, 560 IEEE80211_TX_STATUS_MSG = 2,
561 IEEE80211_DELBA_MSG = 3,
562 IEEE80211_ADDBA_MSG = 4,
410}; 563};
411 564
412struct ieee80211_local { 565struct ieee80211_local {
@@ -417,15 +570,15 @@ struct ieee80211_local {
417 570
418 const struct ieee80211_ops *ops; 571 const struct ieee80211_ops *ops;
419 572
420 /* List of registered struct ieee80211_hw_mode */
421 struct list_head modes_list;
422
423 struct net_device *mdev; /* wmaster# - "master" 802.11 device */ 573 struct net_device *mdev; /* wmaster# - "master" 802.11 device */
424 int open_count; 574 int open_count;
425 int monitors; 575 int monitors, cooked_mntrs;
576 /* number of interfaces with corresponding FIF_ flags */
577 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss;
426 unsigned int filter_flags; /* FIF_* */ 578 unsigned int filter_flags; /* FIF_* */
427 struct iw_statistics wstats; 579 struct iw_statistics wstats;
428 u8 wstats_flags; 580 u8 wstats_flags;
581 bool tim_in_locked_section; /* see ieee80211_beacon_get() */
429 int tx_headroom; /* required headroom for hardware/radiotap */ 582 int tx_headroom; /* required headroom for hardware/radiotap */
430 583
431 enum { 584 enum {
@@ -443,15 +596,21 @@ struct ieee80211_local {
443 struct sk_buff_head skb_queue; 596 struct sk_buff_head skb_queue;
444 struct sk_buff_head skb_queue_unreliable; 597 struct sk_buff_head skb_queue_unreliable;
445 598
446 /* Station data structures */ 599 /* Station data */
447 rwlock_t sta_lock; /* protects STA data structures */ 600 /*
448 int num_sta; /* number of stations in sta_list */ 601 * The lock only protects the list, hash, timer and counter
602 * against manipulation, reads are done in RCU. Additionally,
603 * the lock protects each BSS's TIM bitmap and a few items
604 * in a STA info structure.
605 */
606 spinlock_t sta_lock;
607 unsigned long num_sta;
449 struct list_head sta_list; 608 struct list_head sta_list;
450 struct sta_info *sta_hash[STA_HASH_SIZE]; 609 struct sta_info *sta_hash[STA_HASH_SIZE];
451 struct timer_list sta_cleanup; 610 struct timer_list sta_cleanup;
452 611
453 unsigned long state[NUM_TX_DATA_QUEUES]; 612 unsigned long state[NUM_TX_DATA_QUEUES_AMPDU];
454 struct ieee80211_tx_stored_packet pending_packet[NUM_TX_DATA_QUEUES]; 613 struct ieee80211_tx_stored_packet pending_packet[NUM_TX_DATA_QUEUES_AMPDU];
455 struct tasklet_struct tx_pending_tasklet; 614 struct tasklet_struct tx_pending_tasklet;
456 615
457 /* number of interfaces with corresponding IFF_ flags */ 616 /* number of interfaces with corresponding IFF_ flags */
@@ -459,11 +618,6 @@ struct ieee80211_local {
459 618
460 struct rate_control_ref *rate_ctrl; 619 struct rate_control_ref *rate_ctrl;
461 620
462 /* Supported and basic rate filters for different modes. These are
463 * pointers to -1 terminated lists and rates in 100 kbps units. */
464 int *supp_rates[NUM_IEEE80211_MODES];
465 int *basic_rates[NUM_IEEE80211_MODES];
466
467 int rts_threshold; 621 int rts_threshold;
468 int fragmentation_threshold; 622 int fragmentation_threshold;
469 int short_retry_limit; /* dot11ShortRetryLimit */ 623 int short_retry_limit; /* dot11ShortRetryLimit */
@@ -477,21 +631,18 @@ struct ieee80211_local {
477 * deliver multicast frames both back to wireless 631 * deliver multicast frames both back to wireless
478 * media and to the local net stack */ 632 * media and to the local net stack */
479 633
480 ieee80211_rx_handler *rx_pre_handlers;
481 ieee80211_rx_handler *rx_handlers;
482 ieee80211_tx_handler *tx_handlers;
483
484 struct list_head interfaces; 634 struct list_head interfaces;
485 635
486 bool sta_sw_scanning; 636 bool sta_sw_scanning;
487 bool sta_hw_scanning; 637 bool sta_hw_scanning;
488 int scan_channel_idx; 638 int scan_channel_idx;
639 enum ieee80211_band scan_band;
640
489 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state; 641 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state;
490 unsigned long last_scan_completed; 642 unsigned long last_scan_completed;
491 struct delayed_work scan_work; 643 struct delayed_work scan_work;
492 struct net_device *scan_dev; 644 struct net_device *scan_dev;
493 struct ieee80211_channel *oper_channel, *scan_channel; 645 struct ieee80211_channel *oper_channel, *scan_channel;
494 struct ieee80211_hw_mode *oper_hw_mode, *scan_hw_mode;
495 u8 scan_ssid[IEEE80211_MAX_SSID_LEN]; 646 u8 scan_ssid[IEEE80211_MAX_SSID_LEN];
496 size_t scan_ssid_len; 647 size_t scan_ssid_len;
497 struct list_head sta_bss_list; 648 struct list_head sta_bss_list;
@@ -560,14 +711,8 @@ struct ieee80211_local {
560 int wifi_wme_noack_test; 711 int wifi_wme_noack_test;
561 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */ 712 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */
562 713
563 unsigned int enabled_modes; /* bitfield of allowed modes;
564 * (1 << MODE_*) */
565 unsigned int hw_modes; /* bitfield of supported hardware modes;
566 * (1 << MODE_*) */
567
568#ifdef CONFIG_MAC80211_DEBUGFS 714#ifdef CONFIG_MAC80211_DEBUGFS
569 struct local_debugfsdentries { 715 struct local_debugfsdentries {
570 struct dentry *channel;
571 struct dentry *frequency; 716 struct dentry *frequency;
572 struct dentry *antenna_sel_tx; 717 struct dentry *antenna_sel_tx;
573 struct dentry *antenna_sel_rx; 718 struct dentry *antenna_sel_rx;
@@ -577,9 +722,7 @@ struct ieee80211_local {
577 struct dentry *short_retry_limit; 722 struct dentry *short_retry_limit;
578 struct dentry *long_retry_limit; 723 struct dentry *long_retry_limit;
579 struct dentry *total_ps_buffered; 724 struct dentry *total_ps_buffered;
580 struct dentry *mode;
581 struct dentry *wep_iv; 725 struct dentry *wep_iv;
582 struct dentry *modes;
583 struct dentry *statistics; 726 struct dentry *statistics;
584 struct local_debugfsdentries_statsdentries { 727 struct local_debugfsdentries_statsdentries {
585 struct dentry *transmitted_fragment_count; 728 struct dentry *transmitted_fragment_count;
@@ -627,6 +770,63 @@ struct ieee80211_local {
627#endif 770#endif
628}; 771};
629 772
773/* this struct represents 802.11n's RA/TID combination */
774struct ieee80211_ra_tid {
775 u8 ra[ETH_ALEN];
776 u16 tid;
777};
778
779/* Parsed Information Elements */
780struct ieee802_11_elems {
781 /* pointers to IEs */
782 u8 *ssid;
783 u8 *supp_rates;
784 u8 *fh_params;
785 u8 *ds_params;
786 u8 *cf_params;
787 u8 *tim;
788 u8 *ibss_params;
789 u8 *challenge;
790 u8 *wpa;
791 u8 *rsn;
792 u8 *erp_info;
793 u8 *ext_supp_rates;
794 u8 *wmm_info;
795 u8 *wmm_param;
796 u8 *ht_cap_elem;
797 u8 *ht_info_elem;
798 u8 *mesh_config;
799 u8 *mesh_id;
800 u8 *peer_link;
801 u8 *preq;
802 u8 *prep;
803 u8 *perr;
804
805 /* length of them, respectively */
806 u8 ssid_len;
807 u8 supp_rates_len;
808 u8 fh_params_len;
809 u8 ds_params_len;
810 u8 cf_params_len;
811 u8 tim_len;
812 u8 ibss_params_len;
813 u8 challenge_len;
814 u8 wpa_len;
815 u8 rsn_len;
816 u8 erp_info_len;
817 u8 ext_supp_rates_len;
818 u8 wmm_info_len;
819 u8 wmm_param_len;
820 u8 ht_cap_elem_len;
821 u8 ht_info_elem_len;
822 u8 mesh_config_len;
823 u8 mesh_id_len;
824 u8 peer_link_len;
825 u8 preq_len;
826 u8 prep_len;
827 u8 perr_len;
828};
829
630static inline struct ieee80211_local *hw_to_local( 830static inline struct ieee80211_local *hw_to_local(
631 struct ieee80211_hw *hw) 831 struct ieee80211_hw *hw)
632{ 832{
@@ -650,57 +850,6 @@ struct sta_attribute {
650 ssize_t (*store)(struct sta_info *, const char *buf, size_t count); 850 ssize_t (*store)(struct sta_info *, const char *buf, size_t count);
651}; 851};
652 852
653static inline void __bss_tim_set(struct ieee80211_if_ap *bss, u16 aid)
654{
655 /*
656 * This format has been mandated by the IEEE specifications,
657 * so this line may not be changed to use the __set_bit() format.
658 */
659 bss->tim[aid / 8] |= (1 << (aid % 8));
660}
661
662static inline void bss_tim_set(struct ieee80211_local *local,
663 struct ieee80211_if_ap *bss, u16 aid)
664{
665 read_lock_bh(&local->sta_lock);
666 __bss_tim_set(bss, aid);
667 read_unlock_bh(&local->sta_lock);
668}
669
670static inline void __bss_tim_clear(struct ieee80211_if_ap *bss, u16 aid)
671{
672 /*
673 * This format has been mandated by the IEEE specifications,
674 * so this line may not be changed to use the __clear_bit() format.
675 */
676 bss->tim[aid / 8] &= ~(1 << (aid % 8));
677}
678
679static inline void bss_tim_clear(struct ieee80211_local *local,
680 struct ieee80211_if_ap *bss, u16 aid)
681{
682 read_lock_bh(&local->sta_lock);
683 __bss_tim_clear(bss, aid);
684 read_unlock_bh(&local->sta_lock);
685}
686
687/**
688 * ieee80211_is_erp_rate - Check if a rate is an ERP rate
689 * @phymode: The PHY-mode for this rate (MODE_IEEE80211...)
690 * @rate: Transmission rate to check, in 100 kbps
691 *
692 * Check if a given rate is an Extended Rate PHY (ERP) rate.
693 */
694static inline int ieee80211_is_erp_rate(int phymode, int rate)
695{
696 if (phymode == MODE_IEEE80211G) {
697 if (rate != 10 && rate != 20 &&
698 rate != 55 && rate != 110)
699 return 1;
700 }
701 return 0;
702}
703
704static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr) 853static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
705{ 854{
706 return compare_ether_addr(raddr, addr) == 0 || 855 return compare_ether_addr(raddr, addr) == 0 ||
@@ -712,13 +861,8 @@ static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
712int ieee80211_hw_config(struct ieee80211_local *local); 861int ieee80211_hw_config(struct ieee80211_local *local);
713int ieee80211_if_config(struct net_device *dev); 862int ieee80211_if_config(struct net_device *dev);
714int ieee80211_if_config_beacon(struct net_device *dev); 863int ieee80211_if_config_beacon(struct net_device *dev);
715void ieee80211_prepare_rates(struct ieee80211_local *local, 864void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx);
716 struct ieee80211_hw_mode *mode);
717void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx);
718int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr);
719void ieee80211_if_setup(struct net_device *dev); 865void ieee80211_if_setup(struct net_device *dev);
720struct ieee80211_rate *ieee80211_get_rate(struct ieee80211_local *local,
721 int phymode, int hwrate);
722int ieee80211_hw_config_ht(struct ieee80211_local *local, int enable_ht, 866int ieee80211_hw_config_ht(struct ieee80211_local *local, int enable_ht,
723 struct ieee80211_ht_info *req_ht_cap, 867 struct ieee80211_ht_info *req_ht_cap,
724 struct ieee80211_ht_bss_info *req_bss_cap); 868 struct ieee80211_ht_bss_info *req_bss_cap);
@@ -749,8 +893,9 @@ extern const struct iw_handler_def ieee80211_iw_handler_def;
749/* ieee80211_ioctl.c */ 893/* ieee80211_ioctl.c */
750int ieee80211_set_compression(struct ieee80211_local *local, 894int ieee80211_set_compression(struct ieee80211_local *local,
751 struct net_device *dev, struct sta_info *sta); 895 struct net_device *dev, struct sta_info *sta);
752int ieee80211_set_channel(struct ieee80211_local *local, int channel, int freq); 896int ieee80211_set_freq(struct ieee80211_local *local, int freq);
753/* ieee80211_sta.c */ 897/* ieee80211_sta.c */
898#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
754void ieee80211_sta_timer(unsigned long data); 899void ieee80211_sta_timer(unsigned long data);
755void ieee80211_sta_work(struct work_struct *work); 900void ieee80211_sta_work(struct work_struct *work);
756void ieee80211_sta_scan_work(struct work_struct *work); 901void ieee80211_sta_scan_work(struct work_struct *work);
@@ -763,9 +908,9 @@ int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len);
763void ieee80211_sta_req_auth(struct net_device *dev, 908void ieee80211_sta_req_auth(struct net_device *dev,
764 struct ieee80211_if_sta *ifsta); 909 struct ieee80211_if_sta *ifsta);
765int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len); 910int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len);
766ieee80211_txrx_result ieee80211_sta_rx_scan(struct net_device *dev, 911ieee80211_rx_result ieee80211_sta_rx_scan(
767 struct sk_buff *skb, 912 struct net_device *dev, struct sk_buff *skb,
768 struct ieee80211_rx_status *rx_status); 913 struct ieee80211_rx_status *rx_status);
769void ieee80211_rx_bss_list_init(struct net_device *dev); 914void ieee80211_rx_bss_list_init(struct net_device *dev);
770void ieee80211_rx_bss_list_deinit(struct net_device *dev); 915void ieee80211_rx_bss_list_deinit(struct net_device *dev);
771int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len); 916int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len);
@@ -782,12 +927,36 @@ int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
782int ieee80211_ht_addt_info_ie_to_ht_bss_info( 927int ieee80211_ht_addt_info_ie_to_ht_bss_info(
783 struct ieee80211_ht_addt_info *ht_add_info_ie, 928 struct ieee80211_ht_addt_info *ht_add_info_ie,
784 struct ieee80211_ht_bss_info *bss_info); 929 struct ieee80211_ht_bss_info *bss_info);
930void ieee80211_send_addba_request(struct net_device *dev, const u8 *da,
931 u16 tid, u8 dialog_token, u16 start_seq_num,
932 u16 agg_size, u16 timeout);
933void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
934 u16 initiator, u16 reason_code);
935
785void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *da, 936void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *da,
786 u16 tid, u16 initiator, u16 reason); 937 u16 tid, u16 initiator, u16 reason);
787void sta_rx_agg_session_timer_expired(unsigned long data); 938void sta_rx_agg_session_timer_expired(unsigned long data);
939void sta_addba_resp_timer_expired(unsigned long data);
940void ieee80211_sta_tear_down_BA_sessions(struct net_device *dev, u8 *addr);
941u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
942 struct ieee802_11_elems *elems,
943 enum ieee80211_band band);
944void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
945 int encrypt);
946void ieee802_11_parse_elems(u8 *start, size_t len,
947 struct ieee802_11_elems *elems);
948
949#ifdef CONFIG_MAC80211_MESH
950void ieee80211_start_mesh(struct net_device *dev);
951#else
952static inline void ieee80211_start_mesh(struct net_device *dev)
953{}
954#endif
955
788/* ieee80211_iface.c */ 956/* ieee80211_iface.c */
789int ieee80211_if_add(struct net_device *dev, const char *name, 957int ieee80211_if_add(struct net_device *dev, const char *name,
790 struct net_device **new_dev, int type); 958 struct net_device **new_dev, int type,
959 struct vif_params *params);
791void ieee80211_if_set_type(struct net_device *dev, int type); 960void ieee80211_if_set_type(struct net_device *dev, int type);
792void ieee80211_if_reinit(struct net_device *dev); 961void ieee80211_if_reinit(struct net_device *dev);
793void __ieee80211_if_del(struct ieee80211_local *local, 962void __ieee80211_if_del(struct ieee80211_local *local,
@@ -796,16 +965,7 @@ int ieee80211_if_remove(struct net_device *dev, const char *name, int id);
796void ieee80211_if_free(struct net_device *dev); 965void ieee80211_if_free(struct net_device *dev);
797void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata); 966void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata);
798 967
799/* regdomain.c */
800void ieee80211_regdomain_init(void);
801void ieee80211_set_default_regdomain(struct ieee80211_hw_mode *mode);
802
803/* rx handling */
804extern ieee80211_rx_handler ieee80211_rx_pre_handlers[];
805extern ieee80211_rx_handler ieee80211_rx_handlers[];
806
807/* tx handling */ 968/* tx handling */
808extern ieee80211_tx_handler ieee80211_tx_handlers[];
809void ieee80211_clear_tx_pending(struct ieee80211_local *local); 969void ieee80211_clear_tx_pending(struct ieee80211_local *local);
810void ieee80211_tx_pending(unsigned long data); 970void ieee80211_tx_pending(unsigned long data);
811int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev); 971int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev);
diff --git a/net/mac80211/ieee80211_iface.c b/net/mac80211/ieee80211_iface.c
index 92f1eb2da311..80954a512185 100644
--- a/net/mac80211/ieee80211_iface.c
+++ b/net/mac80211/ieee80211_iface.c
@@ -15,6 +15,7 @@
15#include "ieee80211_i.h" 15#include "ieee80211_i.h"
16#include "sta_info.h" 16#include "sta_info.h"
17#include "debugfs_netdev.h" 17#include "debugfs_netdev.h"
18#include "mesh.h"
18 19
19void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata) 20void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata)
20{ 21{
@@ -39,7 +40,8 @@ static void ieee80211_if_sdata_deinit(struct ieee80211_sub_if_data *sdata)
39 40
40/* Must be called with rtnl lock held. */ 41/* Must be called with rtnl lock held. */
41int ieee80211_if_add(struct net_device *dev, const char *name, 42int ieee80211_if_add(struct net_device *dev, const char *name,
42 struct net_device **new_dev, int type) 43 struct net_device **new_dev, int type,
44 struct vif_params *params)
43{ 45{
44 struct net_device *ndev; 46 struct net_device *ndev;
45 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 47 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
@@ -78,6 +80,12 @@ int ieee80211_if_add(struct net_device *dev, const char *name,
78 ieee80211_debugfs_add_netdev(sdata); 80 ieee80211_debugfs_add_netdev(sdata);
79 ieee80211_if_set_type(ndev, type); 81 ieee80211_if_set_type(ndev, type);
80 82
83 if (ieee80211_vif_is_mesh(&sdata->vif) &&
84 params && params->mesh_id_len)
85 ieee80211_if_sta_set_mesh_id(&sdata->u.sta,
86 params->mesh_id_len,
87 params->mesh_id);
88
81 /* we're under RTNL so all this is fine */ 89 /* we're under RTNL so all this is fine */
82 if (unlikely(local->reg_state == IEEE80211_DEV_UNREGISTERED)) { 90 if (unlikely(local->reg_state == IEEE80211_DEV_UNREGISTERED)) {
83 __ieee80211_if_del(local, sdata); 91 __ieee80211_if_del(local, sdata);
@@ -118,6 +126,8 @@ void ieee80211_if_set_type(struct net_device *dev, int type)
118 sdata->bss = NULL; 126 sdata->bss = NULL;
119 sdata->vif.type = type; 127 sdata->vif.type = type;
120 128
129 sdata->basic_rates = 0;
130
121 switch (type) { 131 switch (type) {
122 case IEEE80211_IF_TYPE_WDS: 132 case IEEE80211_IF_TYPE_WDS:
123 /* nothing special */ 133 /* nothing special */
@@ -132,6 +142,7 @@ void ieee80211_if_set_type(struct net_device *dev, int type)
132 sdata->bss = &sdata->u.ap; 142 sdata->bss = &sdata->u.ap;
133 INIT_LIST_HEAD(&sdata->u.ap.vlans); 143 INIT_LIST_HEAD(&sdata->u.ap.vlans);
134 break; 144 break;
145 case IEEE80211_IF_TYPE_MESH_POINT:
135 case IEEE80211_IF_TYPE_STA: 146 case IEEE80211_IF_TYPE_STA:
136 case IEEE80211_IF_TYPE_IBSS: { 147 case IEEE80211_IF_TYPE_IBSS: {
137 struct ieee80211_sub_if_data *msdata; 148 struct ieee80211_sub_if_data *msdata;
@@ -153,15 +164,20 @@ void ieee80211_if_set_type(struct net_device *dev, int type)
153 164
154 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev); 165 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev);
155 sdata->bss = &msdata->u.ap; 166 sdata->bss = &msdata->u.ap;
167
168 if (ieee80211_vif_is_mesh(&sdata->vif))
169 ieee80211_mesh_init_sdata(sdata);
156 break; 170 break;
157 } 171 }
158 case IEEE80211_IF_TYPE_MNTR: 172 case IEEE80211_IF_TYPE_MNTR:
159 dev->type = ARPHRD_IEEE80211_RADIOTAP; 173 dev->type = ARPHRD_IEEE80211_RADIOTAP;
160 dev->hard_start_xmit = ieee80211_monitor_start_xmit; 174 dev->hard_start_xmit = ieee80211_monitor_start_xmit;
175 sdata->u.mntr_flags = MONITOR_FLAG_CONTROL |
176 MONITOR_FLAG_OTHER_BSS;
161 break; 177 break;
162 default: 178 default:
163 printk(KERN_WARNING "%s: %s: Unknown interface type 0x%x", 179 printk(KERN_WARNING "%s: %s: Unknown interface type 0x%x",
164 dev->name, __FUNCTION__, type); 180 dev->name, __func__, type);
165 } 181 }
166 ieee80211_debugfs_change_if_type(sdata, oldtype); 182 ieee80211_debugfs_change_if_type(sdata, oldtype);
167} 183}
@@ -171,8 +187,8 @@ void ieee80211_if_reinit(struct net_device *dev)
171{ 187{
172 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 188 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
173 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 189 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
174 struct sta_info *sta;
175 struct sk_buff *skb; 190 struct sk_buff *skb;
191 int flushed;
176 192
177 ASSERT_RTNL(); 193 ASSERT_RTNL();
178 194
@@ -180,6 +196,10 @@ void ieee80211_if_reinit(struct net_device *dev)
180 196
181 ieee80211_if_sdata_deinit(sdata); 197 ieee80211_if_sdata_deinit(sdata);
182 198
199 /* Need to handle mesh specially to allow eliding the function call */
200 if (ieee80211_vif_is_mesh(&sdata->vif))
201 mesh_rmc_free(dev);
202
183 switch (sdata->vif.type) { 203 switch (sdata->vif.type) {
184 case IEEE80211_IF_TYPE_INVALID: 204 case IEEE80211_IF_TYPE_INVALID:
185 /* cannot happen */ 205 /* cannot happen */
@@ -189,6 +209,7 @@ void ieee80211_if_reinit(struct net_device *dev)
189 /* Remove all virtual interfaces that use this BSS 209 /* Remove all virtual interfaces that use this BSS
190 * as their sdata->bss */ 210 * as their sdata->bss */
191 struct ieee80211_sub_if_data *tsdata, *n; 211 struct ieee80211_sub_if_data *tsdata, *n;
212 struct beacon_data *beacon;
192 213
193 list_for_each_entry_safe(tsdata, n, &local->interfaces, list) { 214 list_for_each_entry_safe(tsdata, n, &local->interfaces, list) {
194 if (tsdata != sdata && tsdata->bss == &sdata->u.ap) { 215 if (tsdata != sdata && tsdata->bss == &sdata->u.ap) {
@@ -206,7 +227,10 @@ void ieee80211_if_reinit(struct net_device *dev)
206 } 227 }
207 } 228 }
208 229
209 kfree(sdata->u.ap.beacon); 230 beacon = sdata->u.ap.beacon;
231 rcu_assign_pointer(sdata->u.ap.beacon, NULL);
232 synchronize_rcu();
233 kfree(beacon);
210 234
211 while ((skb = skb_dequeue(&sdata->u.ap.ps_bc_buf))) { 235 while ((skb = skb_dequeue(&sdata->u.ap.ps_bc_buf))) {
212 local->total_ps_buffered--; 236 local->total_ps_buffered--;
@@ -216,17 +240,9 @@ void ieee80211_if_reinit(struct net_device *dev)
216 break; 240 break;
217 } 241 }
218 case IEEE80211_IF_TYPE_WDS: 242 case IEEE80211_IF_TYPE_WDS:
219 sta = sta_info_get(local, sdata->u.wds.remote_addr); 243 /* nothing to do */
220 if (sta) {
221 sta_info_free(sta);
222 sta_info_put(sta);
223 } else {
224#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
225 printk(KERN_DEBUG "%s: Someone had deleted my STA "
226 "entry for the WDS link\n", dev->name);
227#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
228 }
229 break; 244 break;
245 case IEEE80211_IF_TYPE_MESH_POINT:
230 case IEEE80211_IF_TYPE_STA: 246 case IEEE80211_IF_TYPE_STA:
231 case IEEE80211_IF_TYPE_IBSS: 247 case IEEE80211_IF_TYPE_IBSS:
232 kfree(sdata->u.sta.extra_ie); 248 kfree(sdata->u.sta.extra_ie);
@@ -249,8 +265,8 @@ void ieee80211_if_reinit(struct net_device *dev)
249 break; 265 break;
250 } 266 }
251 267
252 /* remove all STAs that are bound to this virtual interface */ 268 flushed = sta_info_flush(local, sdata);
253 sta_info_flush(local, dev); 269 WARN_ON(flushed);
254 270
255 memset(&sdata->u, 0, sizeof(sdata->u)); 271 memset(&sdata->u, 0, sizeof(sdata->u));
256 ieee80211_if_sdata_init(sdata); 272 ieee80211_if_sdata_init(sdata);
diff --git a/net/mac80211/ieee80211_ioctl.c b/net/mac80211/ieee80211_ioctl.c
index 5024d3733834..b047eebb6330 100644
--- a/net/mac80211/ieee80211_ioctl.c
+++ b/net/mac80211/ieee80211_ioctl.c
@@ -33,7 +33,6 @@ static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
33 size_t key_len) 33 size_t key_len)
34{ 34{
35 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 35 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
36 int ret = 0;
37 struct sta_info *sta; 36 struct sta_info *sta;
38 struct ieee80211_key *key; 37 struct ieee80211_key *key;
39 struct ieee80211_sub_if_data *sdata; 38 struct ieee80211_sub_if_data *sdata;
@@ -46,59 +45,52 @@ static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
46 return -EINVAL; 45 return -EINVAL;
47 } 46 }
48 47
49 if (is_broadcast_ether_addr(sta_addr)) { 48 if (remove) {
50 sta = NULL; 49 if (is_broadcast_ether_addr(sta_addr)) {
51 key = sdata->keys[idx]; 50 key = sdata->keys[idx];
52 } else { 51 } else {
53 set_tx_key = 0; 52 sta = sta_info_get(local, sta_addr);
54 /* 53 if (!sta)
55 * According to the standard, the key index of a pairwise 54 return -ENOENT;
56 * key must be zero. However, some AP are broken when it 55 key = sta->key;
57 * comes to WEP key indices, so we work around this.
58 */
59 if (idx != 0 && alg != ALG_WEP) {
60 printk(KERN_DEBUG "%s: set_encrypt - non-zero idx for "
61 "individual key\n", dev->name);
62 return -EINVAL;
63 } 56 }
64 57
65 sta = sta_info_get(local, sta_addr); 58 ieee80211_key_free(key);
66 if (!sta) { 59 return 0;
67#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 60 } else {
68 DECLARE_MAC_BUF(mac); 61 key = ieee80211_key_alloc(alg, idx, key_len, _key);
69 printk(KERN_DEBUG "%s: set_encrypt - unknown addr " 62 if (!key)
70 "%s\n", 63 return -ENOMEM;
71 dev->name, print_mac(mac, sta_addr));
72#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
73 64
74 return -ENOENT; 65 sta = NULL;
75 }
76 66
77 key = sta->key; 67 if (!is_broadcast_ether_addr(sta_addr)) {
78 } 68 set_tx_key = 0;
69 /*
70 * According to the standard, the key index of a
71 * pairwise key must be zero. However, some AP are
72 * broken when it comes to WEP key indices, so we
73 * work around this.
74 */
75 if (idx != 0 && alg != ALG_WEP) {
76 ieee80211_key_free(key);
77 return -EINVAL;
78 }
79 79
80 if (remove) { 80 sta = sta_info_get(local, sta_addr);
81 ieee80211_key_free(key); 81 if (!sta) {
82 key = NULL; 82 ieee80211_key_free(key);
83 } else { 83 return -ENOENT;
84 /* 84 }
85 * Automatically frees any old key if present.
86 */
87 key = ieee80211_key_alloc(sdata, sta, alg, idx, key_len, _key);
88 if (!key) {
89 ret = -ENOMEM;
90 goto err_out;
91 } 85 }
92 }
93 86
94 if (set_tx_key || (!sta && !sdata->default_key && key)) 87 ieee80211_key_link(key, sdata, sta);
95 ieee80211_set_default_key(sdata, idx);
96 88
97 ret = 0; 89 if (set_tx_key || (!sta && !sdata->default_key && key))
98 err_out: 90 ieee80211_set_default_key(sdata, idx);
99 if (sta) 91 }
100 sta_info_put(sta); 92
101 return ret; 93 return 0;
102} 94}
103 95
104static int ieee80211_ioctl_siwgenie(struct net_device *dev, 96static int ieee80211_ioctl_siwgenie(struct net_device *dev,
@@ -129,22 +121,7 @@ static int ieee80211_ioctl_giwname(struct net_device *dev,
129 struct iw_request_info *info, 121 struct iw_request_info *info,
130 char *name, char *extra) 122 char *name, char *extra)
131{ 123{
132 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 124 strcpy(name, "IEEE 802.11");
133
134 switch (local->hw.conf.phymode) {
135 case MODE_IEEE80211A:
136 strcpy(name, "IEEE 802.11a");
137 break;
138 case MODE_IEEE80211B:
139 strcpy(name, "IEEE 802.11b");
140 break;
141 case MODE_IEEE80211G:
142 strcpy(name, "IEEE 802.11g");
143 break;
144 default:
145 strcpy(name, "IEEE 802.11");
146 break;
147 }
148 125
149 return 0; 126 return 0;
150} 127}
@@ -156,7 +133,7 @@ static int ieee80211_ioctl_giwrange(struct net_device *dev,
156{ 133{
157 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 134 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
158 struct iw_range *range = (struct iw_range *) extra; 135 struct iw_range *range = (struct iw_range *) extra;
159 struct ieee80211_hw_mode *mode = NULL; 136 enum ieee80211_band band;
160 int c = 0; 137 int c = 0;
161 138
162 data->length = sizeof(struct iw_range); 139 data->length = sizeof(struct iw_range);
@@ -191,24 +168,27 @@ static int ieee80211_ioctl_giwrange(struct net_device *dev,
191 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 | 168 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
192 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP; 169 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;
193 170
194 list_for_each_entry(mode, &local->modes_list, list) {
195 int i = 0;
196 171
197 if (!(local->enabled_modes & (1 << mode->mode)) || 172 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) {
198 (local->hw_modes & local->enabled_modes & 173 int i;
199 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B)) 174 struct ieee80211_supported_band *sband;
175
176 sband = local->hw.wiphy->bands[band];
177
178 if (!sband)
200 continue; 179 continue;
201 180
202 while (i < mode->num_channels && c < IW_MAX_FREQUENCIES) { 181 for (i = 0; i < sband->n_channels && c < IW_MAX_FREQUENCIES; i++) {
203 struct ieee80211_channel *chan = &mode->channels[i]; 182 struct ieee80211_channel *chan = &sband->channels[i];
204 183
205 if (chan->flag & IEEE80211_CHAN_W_SCAN) { 184 if (!(chan->flags & IEEE80211_CHAN_DISABLED)) {
206 range->freq[c].i = chan->chan; 185 range->freq[c].i =
207 range->freq[c].m = chan->freq * 100000; 186 ieee80211_frequency_to_channel(
208 range->freq[c].e = 1; 187 chan->center_freq);
188 range->freq[c].m = chan->center_freq;
189 range->freq[c].e = 6;
209 c++; 190 c++;
210 } 191 }
211 i++;
212 } 192 }
213 } 193 }
214 range->num_channels = c; 194 range->num_channels = c;
@@ -294,31 +274,17 @@ static int ieee80211_ioctl_giwmode(struct net_device *dev,
294 return 0; 274 return 0;
295} 275}
296 276
297int ieee80211_set_channel(struct ieee80211_local *local, int channel, int freq) 277int ieee80211_set_freq(struct ieee80211_local *local, int freqMHz)
298{ 278{
299 struct ieee80211_hw_mode *mode;
300 int c, set = 0;
301 int ret = -EINVAL; 279 int ret = -EINVAL;
280 struct ieee80211_channel *chan;
302 281
303 list_for_each_entry(mode, &local->modes_list, list) { 282 chan = ieee80211_get_channel(local->hw.wiphy, freqMHz);
304 if (!(local->enabled_modes & (1 << mode->mode))) 283
305 continue; 284 if (chan && !(chan->flags & IEEE80211_CHAN_DISABLED)) {
306 for (c = 0; c < mode->num_channels; c++) { 285 local->oper_channel = chan;
307 struct ieee80211_channel *chan = &mode->channels[c];
308 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
309 ((chan->chan == channel) || (chan->freq == freq))) {
310 local->oper_channel = chan;
311 local->oper_hw_mode = mode;
312 set = 1;
313 break;
314 }
315 }
316 if (set)
317 break;
318 }
319 286
320 if (set) { 287 if (local->sta_sw_scanning || local->sta_hw_scanning)
321 if (local->sta_sw_scanning)
322 ret = 0; 288 ret = 0;
323 else 289 else
324 ret = ieee80211_hw_config(local); 290 ret = ieee80211_hw_config(local);
@@ -347,13 +313,14 @@ static int ieee80211_ioctl_siwfreq(struct net_device *dev,
347 IEEE80211_STA_AUTO_CHANNEL_SEL; 313 IEEE80211_STA_AUTO_CHANNEL_SEL;
348 return 0; 314 return 0;
349 } else 315 } else
350 return ieee80211_set_channel(local, freq->m, -1); 316 return ieee80211_set_freq(local,
317 ieee80211_channel_to_frequency(freq->m));
351 } else { 318 } else {
352 int i, div = 1000000; 319 int i, div = 1000000;
353 for (i = 0; i < freq->e; i++) 320 for (i = 0; i < freq->e; i++)
354 div /= 10; 321 div /= 10;
355 if (div > 0) 322 if (div > 0)
356 return ieee80211_set_channel(local, -1, freq->m / div); 323 return ieee80211_set_freq(local, freq->m / div);
357 else 324 else
358 return -EINVAL; 325 return -EINVAL;
359 } 326 }
@@ -366,10 +333,7 @@ static int ieee80211_ioctl_giwfreq(struct net_device *dev,
366{ 333{
367 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 334 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
368 335
369 /* TODO: in station mode (Managed/Ad-hoc) might need to poll low-level 336 freq->m = local->hw.conf.channel->center_freq;
370 * driver for the current channel with firmware-based management */
371
372 freq->m = local->hw.conf.freq;
373 freq->e = 6; 337 freq->e = 6;
374 338
375 return 0; 339 return 0;
@@ -480,10 +444,20 @@ static int ieee80211_ioctl_siwap(struct net_device *dev,
480 ieee80211_sta_req_auth(dev, &sdata->u.sta); 444 ieee80211_sta_req_auth(dev, &sdata->u.sta);
481 return 0; 445 return 0;
482 } else if (sdata->vif.type == IEEE80211_IF_TYPE_WDS) { 446 } else if (sdata->vif.type == IEEE80211_IF_TYPE_WDS) {
483 if (memcmp(sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data, 447 /*
484 ETH_ALEN) == 0) 448 * If it is necessary to update the WDS peer address
485 return 0; 449 * while the interface is running, then we need to do
486 return ieee80211_if_update_wds(dev, (u8 *) &ap_addr->sa_data); 450 * more work here, namely if it is running we need to
451 * add a new and remove the old STA entry, this is
452 * normally handled by _open() and _stop().
453 */
454 if (netif_running(dev))
455 return -EBUSY;
456
457 memcpy(&sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data,
458 ETH_ALEN);
459
460 return 0;
487 } 461 }
488 462
489 return -EOPNOTSUPP; 463 return -EOPNOTSUPP;
@@ -526,6 +500,7 @@ static int ieee80211_ioctl_siwscan(struct net_device *dev,
526 500
527 if (sdata->vif.type != IEEE80211_IF_TYPE_STA && 501 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
528 sdata->vif.type != IEEE80211_IF_TYPE_IBSS && 502 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
503 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT &&
529 sdata->vif.type != IEEE80211_IF_TYPE_AP) 504 sdata->vif.type != IEEE80211_IF_TYPE_AP)
530 return -EOPNOTSUPP; 505 return -EOPNOTSUPP;
531 506
@@ -566,15 +541,17 @@ static int ieee80211_ioctl_siwrate(struct net_device *dev,
566 struct iw_param *rate, char *extra) 541 struct iw_param *rate, char *extra)
567{ 542{
568 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 543 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
569 struct ieee80211_hw_mode *mode; 544 int i, err = -EINVAL;
570 int i;
571 u32 target_rate = rate->value / 100000; 545 u32 target_rate = rate->value / 100000;
572 struct ieee80211_sub_if_data *sdata; 546 struct ieee80211_sub_if_data *sdata;
547 struct ieee80211_supported_band *sband;
573 548
574 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 549 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
575 if (!sdata->bss) 550 if (!sdata->bss)
576 return -ENODEV; 551 return -ENODEV;
577 mode = local->oper_hw_mode; 552
553 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
554
578 /* target_rate = -1, rate->fixed = 0 means auto only, so use all rates 555 /* target_rate = -1, rate->fixed = 0 means auto only, so use all rates
579 * target_rate = X, rate->fixed = 1 means only rate X 556 * target_rate = X, rate->fixed = 1 means only rate X
580 * target_rate = X, rate->fixed = 0 means all rates <= X */ 557 * target_rate = X, rate->fixed = 0 means all rates <= X */
@@ -582,18 +559,20 @@ static int ieee80211_ioctl_siwrate(struct net_device *dev,
582 sdata->bss->force_unicast_rateidx = -1; 559 sdata->bss->force_unicast_rateidx = -1;
583 if (rate->value < 0) 560 if (rate->value < 0)
584 return 0; 561 return 0;
585 for (i=0; i < mode->num_rates; i++) { 562
586 struct ieee80211_rate *rates = &mode->rates[i]; 563 for (i=0; i< sband->n_bitrates; i++) {
587 int this_rate = rates->rate; 564 struct ieee80211_rate *brate = &sband->bitrates[i];
565 int this_rate = brate->bitrate;
588 566
589 if (target_rate == this_rate) { 567 if (target_rate == this_rate) {
590 sdata->bss->max_ratectrl_rateidx = i; 568 sdata->bss->max_ratectrl_rateidx = i;
591 if (rate->fixed) 569 if (rate->fixed)
592 sdata->bss->force_unicast_rateidx = i; 570 sdata->bss->force_unicast_rateidx = i;
593 return 0; 571 err = 0;
572 break;
594 } 573 }
595 } 574 }
596 return -EINVAL; 575 return err;
597} 576}
598 577
599static int ieee80211_ioctl_giwrate(struct net_device *dev, 578static int ieee80211_ioctl_giwrate(struct net_device *dev,
@@ -603,19 +582,25 @@ static int ieee80211_ioctl_giwrate(struct net_device *dev,
603 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 582 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
604 struct sta_info *sta; 583 struct sta_info *sta;
605 struct ieee80211_sub_if_data *sdata; 584 struct ieee80211_sub_if_data *sdata;
585 struct ieee80211_supported_band *sband;
606 586
607 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 587 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
588
608 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) 589 if (sdata->vif.type == IEEE80211_IF_TYPE_STA)
609 sta = sta_info_get(local, sdata->u.sta.bssid); 590 sta = sta_info_get(local, sdata->u.sta.bssid);
610 else 591 else
611 return -EOPNOTSUPP; 592 return -EOPNOTSUPP;
612 if (!sta) 593 if (!sta)
613 return -ENODEV; 594 return -ENODEV;
614 if (sta->txrate < local->oper_hw_mode->num_rates) 595
615 rate->value = local->oper_hw_mode->rates[sta->txrate].rate * 100000; 596 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
597
598 if (sta->txrate_idx < sband->n_bitrates)
599 rate->value = sband->bitrates[sta->txrate_idx].bitrate;
616 else 600 else
617 rate->value = 0; 601 rate->value = 0;
618 sta_info_put(sta); 602 rate->value *= 100000;
603
619 return 0; 604 return 0;
620} 605}
621 606
@@ -625,7 +610,7 @@ static int ieee80211_ioctl_siwtxpower(struct net_device *dev,
625{ 610{
626 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 611 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
627 bool need_reconfig = 0; 612 bool need_reconfig = 0;
628 u8 new_power_level; 613 int new_power_level;
629 614
630 if ((data->txpower.flags & IW_TXPOW_TYPE) != IW_TXPOW_DBM) 615 if ((data->txpower.flags & IW_TXPOW_TYPE) != IW_TXPOW_DBM)
631 return -EINVAL; 616 return -EINVAL;
@@ -635,13 +620,15 @@ static int ieee80211_ioctl_siwtxpower(struct net_device *dev,
635 if (data->txpower.fixed) { 620 if (data->txpower.fixed) {
636 new_power_level = data->txpower.value; 621 new_power_level = data->txpower.value;
637 } else { 622 } else {
638 /* Automatic power level. Get the px power from the current 623 /*
639 * channel. */ 624 * Automatic power level. Use maximum power for the current
640 struct ieee80211_channel* chan = local->oper_channel; 625 * channel. Should be part of rate control.
626 */
627 struct ieee80211_channel* chan = local->hw.conf.channel;
641 if (!chan) 628 if (!chan)
642 return -EINVAL; 629 return -EINVAL;
643 630
644 new_power_level = chan->power_level; 631 new_power_level = chan->max_power;
645 } 632 }
646 633
647 if (local->hw.conf.power_level != new_power_level) { 634 if (local->hw.conf.power_level != new_power_level) {
@@ -988,7 +975,6 @@ static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev
988 wstats->qual.qual = sta->last_signal; 975 wstats->qual.qual = sta->last_signal;
989 wstats->qual.noise = sta->last_noise; 976 wstats->qual.noise = sta->last_noise;
990 wstats->qual.updated = local->wstats_flags; 977 wstats->qual.updated = local->wstats_flags;
991 sta_info_put(sta);
992 } 978 }
993 return wstats; 979 return wstats;
994} 980}
diff --git a/net/mac80211/ieee80211_key.h b/net/mac80211/ieee80211_key.h
index fc770e98d47b..d670e6dbfa39 100644
--- a/net/mac80211/ieee80211_key.h
+++ b/net/mac80211/ieee80211_key.h
@@ -13,6 +13,7 @@
13#include <linux/types.h> 13#include <linux/types.h>
14#include <linux/list.h> 14#include <linux/list.h>
15#include <linux/crypto.h> 15#include <linux/crypto.h>
16#include <linux/rcupdate.h>
16#include <net/mac80211.h> 17#include <net/mac80211.h>
17 18
18/* ALG_TKIP 19/* ALG_TKIP
@@ -45,7 +46,19 @@ struct ieee80211_local;
45struct ieee80211_sub_if_data; 46struct ieee80211_sub_if_data;
46struct sta_info; 47struct sta_info;
47 48
48#define KEY_FLAG_UPLOADED_TO_HARDWARE (1<<0) 49/**
50 * enum ieee80211_internal_key_flags - internal key flags
51 *
52 * @KEY_FLAG_UPLOADED_TO_HARDWARE: Indicates that this key is present
53 * in the hardware for TX crypto hardware acceleration.
54 * @KEY_FLAG_REMOVE_FROM_HARDWARE: Indicates to the key code that this
55 * key is present in the hardware (but it cannot be used for
56 * hardware acceleration any more!)
57 */
58enum ieee80211_internal_key_flags {
59 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0),
60 KEY_FLAG_REMOVE_FROM_HARDWARE = BIT(1),
61};
49 62
50struct ieee80211_key { 63struct ieee80211_key {
51 struct ieee80211_local *local; 64 struct ieee80211_local *local;
@@ -112,12 +125,17 @@ struct ieee80211_key {
112 struct ieee80211_key_conf conf; 125 struct ieee80211_key_conf conf;
113}; 126};
114 127
115struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata, 128struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
116 struct sta_info *sta,
117 enum ieee80211_key_alg alg,
118 int idx, 129 int idx,
119 size_t key_len, 130 size_t key_len,
120 const u8 *key_data); 131 const u8 *key_data);
132/*
133 * Insert a key into data structures (sdata, sta if necessary)
134 * to make it used, free old key.
135 */
136void ieee80211_key_link(struct ieee80211_key *key,
137 struct ieee80211_sub_if_data *sdata,
138 struct sta_info *sta);
121void ieee80211_key_free(struct ieee80211_key *key); 139void ieee80211_key_free(struct ieee80211_key *key);
122void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx); 140void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx);
123void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata); 141void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata);
diff --git a/net/mac80211/ieee80211_rate.c b/net/mac80211/ieee80211_rate.c
index b957e67c5fba..4de06f128d90 100644
--- a/net/mac80211/ieee80211_rate.c
+++ b/net/mac80211/ieee80211_rate.c
@@ -163,34 +163,37 @@ static void rate_control_release(struct kref *kref)
163} 163}
164 164
165void rate_control_get_rate(struct net_device *dev, 165void rate_control_get_rate(struct net_device *dev,
166 struct ieee80211_hw_mode *mode, struct sk_buff *skb, 166 struct ieee80211_supported_band *sband,
167 struct sk_buff *skb,
167 struct rate_selection *sel) 168 struct rate_selection *sel)
168{ 169{
169 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 170 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
170 struct rate_control_ref *ref = local->rate_ctrl; 171 struct rate_control_ref *ref = local->rate_ctrl;
171 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 172 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
172 struct sta_info *sta = sta_info_get(local, hdr->addr1); 173 struct sta_info *sta;
173 int i; 174 int i;
174 175
176 rcu_read_lock();
177 sta = sta_info_get(local, hdr->addr1);
178
175 memset(sel, 0, sizeof(struct rate_selection)); 179 memset(sel, 0, sizeof(struct rate_selection));
176 180
177 ref->ops->get_rate(ref->priv, dev, mode, skb, sel); 181 ref->ops->get_rate(ref->priv, dev, sband, skb, sel);
178 182
179 /* Select a non-ERP backup rate. */ 183 /* Select a non-ERP backup rate. */
180 if (!sel->nonerp) { 184 if (!sel->nonerp) {
181 for (i = 0; i < mode->num_rates - 1; i++) { 185 for (i = 0; i < sband->n_bitrates; i++) {
182 struct ieee80211_rate *rate = &mode->rates[i]; 186 struct ieee80211_rate *rate = &sband->bitrates[i];
183 if (sel->rate->rate < rate->rate) 187 if (sel->rate->bitrate < rate->bitrate)
184 break; 188 break;
185 189
186 if (rate_supported(sta, mode, i) && 190 if (rate_supported(sta, sband->band, i) &&
187 !(rate->flags & IEEE80211_RATE_ERP)) 191 !(rate->flags & IEEE80211_RATE_ERP_G))
188 sel->nonerp = rate; 192 sel->nonerp = rate;
189 } 193 }
190 } 194 }
191 195
192 if (sta) 196 rcu_read_unlock();
193 sta_info_put(sta);
194} 197}
195 198
196struct rate_control_ref *rate_control_get(struct rate_control_ref *ref) 199struct rate_control_ref *rate_control_get(struct rate_control_ref *ref)
diff --git a/net/mac80211/ieee80211_rate.h b/net/mac80211/ieee80211_rate.h
index 73f19e8aa51c..5b45f33cb766 100644
--- a/net/mac80211/ieee80211_rate.h
+++ b/net/mac80211/ieee80211_rate.h
@@ -14,10 +14,12 @@
14#include <linux/netdevice.h> 14#include <linux/netdevice.h>
15#include <linux/skbuff.h> 15#include <linux/skbuff.h>
16#include <linux/types.h> 16#include <linux/types.h>
17#include <linux/kref.h>
17#include <net/mac80211.h> 18#include <net/mac80211.h>
18#include "ieee80211_i.h" 19#include "ieee80211_i.h"
19#include "sta_info.h" 20#include "sta_info.h"
20 21
22/* TODO: kdoc */
21struct rate_selection { 23struct rate_selection {
22 /* Selected transmission rate */ 24 /* Selected transmission rate */
23 struct ieee80211_rate *rate; 25 struct ieee80211_rate *rate;
@@ -34,7 +36,8 @@ struct rate_control_ops {
34 struct sk_buff *skb, 36 struct sk_buff *skb,
35 struct ieee80211_tx_status *status); 37 struct ieee80211_tx_status *status);
36 void (*get_rate)(void *priv, struct net_device *dev, 38 void (*get_rate)(void *priv, struct net_device *dev,
37 struct ieee80211_hw_mode *mode, struct sk_buff *skb, 39 struct ieee80211_supported_band *band,
40 struct sk_buff *skb,
38 struct rate_selection *sel); 41 struct rate_selection *sel);
39 void (*rate_init)(void *priv, void *priv_sta, 42 void (*rate_init)(void *priv, void *priv_sta,
40 struct ieee80211_local *local, struct sta_info *sta); 43 struct ieee80211_local *local, struct sta_info *sta);
@@ -66,7 +69,8 @@ void ieee80211_rate_control_unregister(struct rate_control_ops *ops);
66struct rate_control_ref *rate_control_alloc(const char *name, 69struct rate_control_ref *rate_control_alloc(const char *name,
67 struct ieee80211_local *local); 70 struct ieee80211_local *local);
68void rate_control_get_rate(struct net_device *dev, 71void rate_control_get_rate(struct net_device *dev,
69 struct ieee80211_hw_mode *mode, struct sk_buff *skb, 72 struct ieee80211_supported_band *sband,
73 struct sk_buff *skb,
70 struct rate_selection *sel); 74 struct rate_selection *sel);
71struct rate_control_ref *rate_control_get(struct rate_control_ref *ref); 75struct rate_control_ref *rate_control_get(struct rate_control_ref *ref);
72void rate_control_put(struct rate_control_ref *ref); 76void rate_control_put(struct rate_control_ref *ref);
@@ -127,23 +131,23 @@ static inline void rate_control_remove_sta_debugfs(struct sta_info *sta)
127#endif 131#endif
128} 132}
129 133
130static inline int 134static inline int rate_supported(struct sta_info *sta,
131rate_supported(struct sta_info *sta, struct ieee80211_hw_mode *mode, int index) 135 enum ieee80211_band band,
136 int index)
132{ 137{
133 return (sta == NULL || sta->supp_rates & BIT(index)) && 138 return (sta == NULL || sta->supp_rates[band] & BIT(index));
134 (mode->rates[index].flags & IEEE80211_RATE_SUPPORTED);
135} 139}
136 140
137static inline int 141static inline int
138rate_lowest_index(struct ieee80211_local *local, struct ieee80211_hw_mode *mode, 142rate_lowest_index(struct ieee80211_local *local,
143 struct ieee80211_supported_band *sband,
139 struct sta_info *sta) 144 struct sta_info *sta)
140{ 145{
141 int i; 146 int i;
142 147
143 for (i = 0; i < mode->num_rates; i++) { 148 for (i = 0; i < sband->n_bitrates; i++)
144 if (rate_supported(sta, mode, i)) 149 if (rate_supported(sta, sband->band, i))
145 return i; 150 return i;
146 }
147 151
148 /* warn when we cannot find a rate. */ 152 /* warn when we cannot find a rate. */
149 WARN_ON(1); 153 WARN_ON(1);
@@ -152,10 +156,11 @@ rate_lowest_index(struct ieee80211_local *local, struct ieee80211_hw_mode *mode,
152} 156}
153 157
154static inline struct ieee80211_rate * 158static inline struct ieee80211_rate *
155rate_lowest(struct ieee80211_local *local, struct ieee80211_hw_mode *mode, 159rate_lowest(struct ieee80211_local *local,
160 struct ieee80211_supported_band *sband,
156 struct sta_info *sta) 161 struct sta_info *sta)
157{ 162{
158 return &mode->rates[rate_lowest_index(local, mode, sta)]; 163 return &sband->bitrates[rate_lowest_index(local, sband, sta)];
159} 164}
160 165
161 166
@@ -166,21 +171,6 @@ void rate_control_deinitialize(struct ieee80211_local *local);
166 171
167 172
168/* Rate control algorithms */ 173/* Rate control algorithms */
169#if defined(RC80211_SIMPLE_COMPILE) || \
170 (defined(CONFIG_MAC80211_RC_SIMPLE) && \
171 !defined(CONFIG_MAC80211_RC_SIMPLE_MODULE))
172extern int rc80211_simple_init(void);
173extern void rc80211_simple_exit(void);
174#else
175static inline int rc80211_simple_init(void)
176{
177 return 0;
178}
179static inline void rc80211_simple_exit(void)
180{
181}
182#endif
183
184#if defined(RC80211_PID_COMPILE) || \ 174#if defined(RC80211_PID_COMPILE) || \
185 (defined(CONFIG_MAC80211_RC_PID) && \ 175 (defined(CONFIG_MAC80211_RC_PID) && \
186 !defined(CONFIG_MAC80211_RC_PID_MODULE)) 176 !defined(CONFIG_MAC80211_RC_PID_MODULE))
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c
index 9aeed5320228..f9cf2f187893 100644
--- a/net/mac80211/ieee80211_sta.c
+++ b/net/mac80211/ieee80211_sta.c
@@ -24,6 +24,7 @@
24#include <linux/wireless.h> 24#include <linux/wireless.h>
25#include <linux/random.h> 25#include <linux/random.h>
26#include <linux/etherdevice.h> 26#include <linux/etherdevice.h>
27#include <linux/rtnetlink.h>
27#include <net/iw_handler.h> 28#include <net/iw_handler.h>
28#include <asm/types.h> 29#include <asm/types.h>
29 30
@@ -31,12 +32,14 @@
31#include "ieee80211_i.h" 32#include "ieee80211_i.h"
32#include "ieee80211_rate.h" 33#include "ieee80211_rate.h"
33#include "ieee80211_led.h" 34#include "ieee80211_led.h"
35#include "mesh.h"
34 36
35#define IEEE80211_AUTH_TIMEOUT (HZ / 5) 37#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
36#define IEEE80211_AUTH_MAX_TRIES 3 38#define IEEE80211_AUTH_MAX_TRIES 3
37#define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 39#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
38#define IEEE80211_ASSOC_MAX_TRIES 3 40#define IEEE80211_ASSOC_MAX_TRIES 3
39#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 41#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42#define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
40#define IEEE80211_PROBE_INTERVAL (60 * HZ) 43#define IEEE80211_PROBE_INTERVAL (60 * HZ)
41#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 44#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
42#define IEEE80211_SCAN_INTERVAL (2 * HZ) 45#define IEEE80211_SCAN_INTERVAL (2 * HZ)
@@ -49,6 +52,7 @@
49#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ) 52#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
50#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ) 53#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
51#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ) 54#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
55#define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
52 56
53#define IEEE80211_IBSS_MAX_STA_ENTRIES 128 57#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
54 58
@@ -74,7 +78,7 @@
74static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst, 78static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
75 u8 *ssid, size_t ssid_len); 79 u8 *ssid, size_t ssid_len);
76static struct ieee80211_sta_bss * 80static struct ieee80211_sta_bss *
77ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel, 81ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
78 u8 *ssid, u8 ssid_len); 82 u8 *ssid, u8 ssid_len);
79static void ieee80211_rx_bss_put(struct net_device *dev, 83static void ieee80211_rx_bss_put(struct net_device *dev,
80 struct ieee80211_sta_bss *bss); 84 struct ieee80211_sta_bss *bss);
@@ -87,46 +91,8 @@ static int ieee80211_sta_config_auth(struct net_device *dev,
87 struct ieee80211_if_sta *ifsta); 91 struct ieee80211_if_sta *ifsta);
88 92
89 93
90/* Parsed Information Elements */ 94void ieee802_11_parse_elems(u8 *start, size_t len,
91struct ieee802_11_elems { 95 struct ieee802_11_elems *elems)
92 /* pointers to IEs */
93 u8 *ssid;
94 u8 *supp_rates;
95 u8 *fh_params;
96 u8 *ds_params;
97 u8 *cf_params;
98 u8 *tim;
99 u8 *ibss_params;
100 u8 *challenge;
101 u8 *wpa;
102 u8 *rsn;
103 u8 *erp_info;
104 u8 *ext_supp_rates;
105 u8 *wmm_info;
106 u8 *wmm_param;
107 u8 *ht_cap_elem;
108 u8 *ht_info_elem;
109 /* length of them, respectively */
110 u8 ssid_len;
111 u8 supp_rates_len;
112 u8 fh_params_len;
113 u8 ds_params_len;
114 u8 cf_params_len;
115 u8 tim_len;
116 u8 ibss_params_len;
117 u8 challenge_len;
118 u8 wpa_len;
119 u8 rsn_len;
120 u8 erp_info_len;
121 u8 ext_supp_rates_len;
122 u8 wmm_info_len;
123 u8 wmm_param_len;
124 u8 ht_cap_elem_len;
125 u8 ht_info_elem_len;
126};
127
128static void ieee802_11_parse_elems(u8 *start, size_t len,
129 struct ieee802_11_elems *elems)
130{ 96{
131 size_t left = len; 97 size_t left = len;
132 u8 *pos = start; 98 u8 *pos = start;
@@ -215,6 +181,30 @@ static void ieee802_11_parse_elems(u8 *start, size_t len,
215 elems->ht_info_elem = pos; 181 elems->ht_info_elem = pos;
216 elems->ht_info_elem_len = elen; 182 elems->ht_info_elem_len = elen;
217 break; 183 break;
184 case WLAN_EID_MESH_ID:
185 elems->mesh_id = pos;
186 elems->mesh_id_len = elen;
187 break;
188 case WLAN_EID_MESH_CONFIG:
189 elems->mesh_config = pos;
190 elems->mesh_config_len = elen;
191 break;
192 case WLAN_EID_PEER_LINK:
193 elems->peer_link = pos;
194 elems->peer_link_len = elen;
195 break;
196 case WLAN_EID_PREQ:
197 elems->preq = pos;
198 elems->preq_len = elen;
199 break;
200 case WLAN_EID_PREP:
201 elems->prep = pos;
202 elems->prep_len = elen;
203 break;
204 case WLAN_EID_PERR:
205 elems->perr = pos;
206 elems->perr_len = elen;
207 break;
218 default: 208 default:
219 break; 209 break;
220 } 210 }
@@ -227,12 +217,62 @@ static void ieee802_11_parse_elems(u8 *start, size_t len,
227 217
228static int ecw2cw(int ecw) 218static int ecw2cw(int ecw)
229{ 219{
230 int cw = 1; 220 return (1 << ecw) - 1;
231 while (ecw > 0) { 221}
232 cw <<= 1; 222
233 ecw--; 223
224static void ieee80211_sta_def_wmm_params(struct net_device *dev,
225 struct ieee80211_sta_bss *bss,
226 int ibss)
227{
228 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
229 struct ieee80211_local *local = sdata->local;
230 int i, have_higher_than_11mbit = 0;
231
232
233 /* cf. IEEE 802.11 9.2.12 */
234 for (i = 0; i < bss->supp_rates_len; i++)
235 if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
236 have_higher_than_11mbit = 1;
237
238 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
239 have_higher_than_11mbit)
240 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
241 else
242 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
243
244
245 if (local->ops->conf_tx) {
246 struct ieee80211_tx_queue_params qparam;
247 int i;
248
249 memset(&qparam, 0, sizeof(qparam));
250
251 qparam.aifs = 2;
252
253 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
254 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
255 qparam.cw_min = 31;
256 else
257 qparam.cw_min = 15;
258
259 qparam.cw_max = 1023;
260 qparam.txop = 0;
261
262 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
263 local->ops->conf_tx(local_to_hw(local),
264 i + IEEE80211_TX_QUEUE_DATA0,
265 &qparam);
266
267 if (ibss) {
268 /* IBSS uses different parameters for Beacon sending */
269 qparam.cw_min++;
270 qparam.cw_min *= 2;
271 qparam.cw_min--;
272 local->ops->conf_tx(local_to_hw(local),
273 IEEE80211_TX_QUEUE_BEACON, &qparam);
274 }
234 } 275 }
235 return cw - 1;
236} 276}
237 277
238static void ieee80211_sta_wmm_params(struct net_device *dev, 278static void ieee80211_sta_wmm_params(struct net_device *dev,
@@ -297,12 +337,13 @@ static void ieee80211_sta_wmm_params(struct net_device *dev,
297 params.aifs = pos[0] & 0x0f; 337 params.aifs = pos[0] & 0x0f;
298 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4); 338 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
299 params.cw_min = ecw2cw(pos[1] & 0x0f); 339 params.cw_min = ecw2cw(pos[1] & 0x0f);
300 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */ 340 params.txop = pos[2] | (pos[3] << 8);
301 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100; 341#ifdef CONFIG_MAC80211_DEBUG
302 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d " 342 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
303 "cWmin=%d cWmax=%d burst=%d\n", 343 "cWmin=%d cWmax=%d txop=%d\n",
304 dev->name, queue, aci, acm, params.aifs, params.cw_min, 344 dev->name, queue, aci, acm, params.aifs, params.cw_min,
305 params.cw_max, params.burst_time); 345 params.cw_max, params.txop);
346#endif
306 /* TODO: handle ACM (block TX, fallback to next lowest allowed 347 /* TODO: handle ACM (block TX, fallback to next lowest allowed
307 * AC for now) */ 348 * AC for now) */
308 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) { 349 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
@@ -466,7 +507,7 @@ static void ieee80211_set_associated(struct net_device *dev,
466 return; 507 return;
467 508
468 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, 509 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
469 local->hw.conf.channel, 510 local->hw.conf.channel->center_freq,
470 ifsta->ssid, ifsta->ssid_len); 511 ifsta->ssid, ifsta->ssid_len);
471 if (bss) { 512 if (bss) {
472 if (bss->has_erp_value) 513 if (bss->has_erp_value)
@@ -481,8 +522,8 @@ static void ieee80211_set_associated(struct net_device *dev,
481 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN); 522 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
482 ieee80211_sta_send_associnfo(dev, ifsta); 523 ieee80211_sta_send_associnfo(dev, ifsta);
483 } else { 524 } else {
525 ieee80211_sta_tear_down_BA_sessions(dev, ifsta->bssid);
484 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED; 526 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
485
486 netif_carrier_off(dev); 527 netif_carrier_off(dev);
487 ieee80211_reset_erp_info(dev); 528 ieee80211_reset_erp_info(dev);
488 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN); 529 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
@@ -492,6 +533,7 @@ static void ieee80211_set_associated(struct net_device *dev,
492 ifsta->last_probe = jiffies; 533 ifsta->last_probe = jiffies;
493 ieee80211_led_assoc(local, assoc); 534 ieee80211_led_assoc(local, assoc);
494 535
536 sdata->bss_conf.assoc = assoc;
495 ieee80211_bss_info_change_notify(sdata, changed); 537 ieee80211_bss_info_change_notify(sdata, changed);
496} 538}
497 539
@@ -504,8 +546,8 @@ static void ieee80211_set_disassoc(struct net_device *dev,
504 ieee80211_set_associated(dev, ifsta, 0); 546 ieee80211_set_associated(dev, ifsta, 0);
505} 547}
506 548
507static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb, 549void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
508 int encrypt) 550 int encrypt)
509{ 551{
510 struct ieee80211_sub_if_data *sdata; 552 struct ieee80211_sub_if_data *sdata;
511 struct ieee80211_tx_packet_data *pkt_data; 553 struct ieee80211_tx_packet_data *pkt_data;
@@ -592,7 +634,6 @@ static void ieee80211_send_assoc(struct net_device *dev,
592 struct ieee80211_if_sta *ifsta) 634 struct ieee80211_if_sta *ifsta)
593{ 635{
594 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 636 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
595 struct ieee80211_hw_mode *mode;
596 struct sk_buff *skb; 637 struct sk_buff *skb;
597 struct ieee80211_mgmt *mgmt; 638 struct ieee80211_mgmt *mgmt;
598 u8 *pos, *ies; 639 u8 *pos, *ies;
@@ -600,6 +641,7 @@ static void ieee80211_send_assoc(struct net_device *dev,
600 u16 capab; 641 u16 capab;
601 struct ieee80211_sta_bss *bss; 642 struct ieee80211_sta_bss *bss;
602 int wmm = 0; 643 int wmm = 0;
644 struct ieee80211_supported_band *sband;
603 645
604 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 646 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
605 sizeof(*mgmt) + 200 + ifsta->extra_ie_len + 647 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
@@ -611,13 +653,19 @@ static void ieee80211_send_assoc(struct net_device *dev,
611 } 653 }
612 skb_reserve(skb, local->hw.extra_tx_headroom); 654 skb_reserve(skb, local->hw.extra_tx_headroom);
613 655
614 mode = local->oper_hw_mode; 656 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
657
615 capab = ifsta->capab; 658 capab = ifsta->capab;
616 if (mode->mode == MODE_IEEE80211G) { 659
617 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME | 660 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
618 WLAN_CAPABILITY_SHORT_PREAMBLE; 661 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
662 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
663 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
664 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
619 } 665 }
620 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel, 666
667 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
668 local->hw.conf.channel->center_freq,
621 ifsta->ssid, ifsta->ssid_len); 669 ifsta->ssid, ifsta->ssid_len);
622 if (bss) { 670 if (bss) {
623 if (bss->capability & WLAN_CAPABILITY_PRIVACY) 671 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
@@ -656,23 +704,23 @@ static void ieee80211_send_assoc(struct net_device *dev,
656 *pos++ = ifsta->ssid_len; 704 *pos++ = ifsta->ssid_len;
657 memcpy(pos, ifsta->ssid, ifsta->ssid_len); 705 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
658 706
659 len = mode->num_rates; 707 len = sband->n_bitrates;
660 if (len > 8) 708 if (len > 8)
661 len = 8; 709 len = 8;
662 pos = skb_put(skb, len + 2); 710 pos = skb_put(skb, len + 2);
663 *pos++ = WLAN_EID_SUPP_RATES; 711 *pos++ = WLAN_EID_SUPP_RATES;
664 *pos++ = len; 712 *pos++ = len;
665 for (i = 0; i < len; i++) { 713 for (i = 0; i < len; i++) {
666 int rate = mode->rates[i].rate; 714 int rate = sband->bitrates[i].bitrate;
667 *pos++ = (u8) (rate / 5); 715 *pos++ = (u8) (rate / 5);
668 } 716 }
669 717
670 if (mode->num_rates > len) { 718 if (sband->n_bitrates > len) {
671 pos = skb_put(skb, mode->num_rates - len + 2); 719 pos = skb_put(skb, sband->n_bitrates - len + 2);
672 *pos++ = WLAN_EID_EXT_SUPP_RATES; 720 *pos++ = WLAN_EID_EXT_SUPP_RATES;
673 *pos++ = mode->num_rates - len; 721 *pos++ = sband->n_bitrates - len;
674 for (i = len; i < mode->num_rates; i++) { 722 for (i = len; i < sband->n_bitrates; i++) {
675 int rate = mode->rates[i].rate; 723 int rate = sband->bitrates[i].bitrate;
676 *pos++ = (u8) (rate / 5); 724 *pos++ = (u8) (rate / 5);
677 } 725 }
678 } 726 }
@@ -695,17 +743,18 @@ static void ieee80211_send_assoc(struct net_device *dev,
695 *pos++ = 0; 743 *pos++ = 0;
696 } 744 }
697 /* wmm support is a must to HT */ 745 /* wmm support is a must to HT */
698 if (wmm && mode->ht_info.ht_supported) { 746 if (wmm && sband->ht_info.ht_supported) {
699 __le16 tmp = cpu_to_le16(mode->ht_info.cap); 747 __le16 tmp = cpu_to_le16(sband->ht_info.cap);
700 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2); 748 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
701 *pos++ = WLAN_EID_HT_CAPABILITY; 749 *pos++ = WLAN_EID_HT_CAPABILITY;
702 *pos++ = sizeof(struct ieee80211_ht_cap); 750 *pos++ = sizeof(struct ieee80211_ht_cap);
703 memset(pos, 0, sizeof(struct ieee80211_ht_cap)); 751 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
704 memcpy(pos, &tmp, sizeof(u16)); 752 memcpy(pos, &tmp, sizeof(u16));
705 pos += sizeof(u16); 753 pos += sizeof(u16);
706 *pos++ = (mode->ht_info.ampdu_factor | 754 /* TODO: needs a define here for << 2 */
707 (mode->ht_info.ampdu_density << 2)); 755 *pos++ = sband->ht_info.ampdu_factor |
708 memcpy(pos, mode->ht_info.supp_mcs_set, 16); 756 (sband->ht_info.ampdu_density << 2);
757 memcpy(pos, sband->ht_info.supp_mcs_set, 16);
709 } 758 }
710 759
711 kfree(ifsta->assocreq_ies); 760 kfree(ifsta->assocreq_ies);
@@ -788,7 +837,8 @@ static int ieee80211_privacy_mismatch(struct net_device *dev,
788 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL)) 837 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
789 return 0; 838 return 0;
790 839
791 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel, 840 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
841 local->hw.conf.channel->center_freq,
792 ifsta->ssid, ifsta->ssid_len); 842 ifsta->ssid, ifsta->ssid_len);
793 if (!bss) 843 if (!bss)
794 return 0; 844 return 0;
@@ -851,6 +901,8 @@ static void ieee80211_associated(struct net_device *dev,
851 901
852 ifsta->state = IEEE80211_ASSOCIATED; 902 ifsta->state = IEEE80211_ASSOCIATED;
853 903
904 rcu_read_lock();
905
854 sta = sta_info_get(local, ifsta->bssid); 906 sta = sta_info_get(local, ifsta->bssid);
855 if (!sta) { 907 if (!sta) {
856 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n", 908 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
@@ -866,7 +918,7 @@ static void ieee80211_associated(struct net_device *dev,
866 "range\n", 918 "range\n",
867 dev->name, print_mac(mac, ifsta->bssid)); 919 dev->name, print_mac(mac, ifsta->bssid));
868 disassoc = 1; 920 disassoc = 1;
869 sta_info_free(sta); 921 sta_info_unlink(&sta);
870 } else 922 } else
871 ieee80211_send_probe_req(dev, ifsta->bssid, 923 ieee80211_send_probe_req(dev, ifsta->bssid,
872 local->scan_ssid, 924 local->scan_ssid,
@@ -882,8 +934,17 @@ static void ieee80211_associated(struct net_device *dev,
882 ifsta->ssid_len); 934 ifsta->ssid_len);
883 } 935 }
884 } 936 }
885 sta_info_put(sta);
886 } 937 }
938
939 rcu_read_unlock();
940
941 if (disassoc && sta) {
942 synchronize_rcu();
943 rtnl_lock();
944 sta_info_destroy(sta);
945 rtnl_unlock();
946 }
947
887 if (disassoc) { 948 if (disassoc) {
888 ifsta->state = IEEE80211_DISABLED; 949 ifsta->state = IEEE80211_DISABLED;
889 ieee80211_set_associated(dev, ifsta, 0); 950 ieee80211_set_associated(dev, ifsta, 0);
@@ -898,7 +959,7 @@ static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
898 u8 *ssid, size_t ssid_len) 959 u8 *ssid, size_t ssid_len)
899{ 960{
900 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 961 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
901 struct ieee80211_hw_mode *mode; 962 struct ieee80211_supported_band *sband;
902 struct sk_buff *skb; 963 struct sk_buff *skb;
903 struct ieee80211_mgmt *mgmt; 964 struct ieee80211_mgmt *mgmt;
904 u8 *pos, *supp_rates, *esupp_rates = NULL; 965 u8 *pos, *supp_rates, *esupp_rates = NULL;
@@ -932,11 +993,10 @@ static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
932 supp_rates = skb_put(skb, 2); 993 supp_rates = skb_put(skb, 2);
933 supp_rates[0] = WLAN_EID_SUPP_RATES; 994 supp_rates[0] = WLAN_EID_SUPP_RATES;
934 supp_rates[1] = 0; 995 supp_rates[1] = 0;
935 mode = local->oper_hw_mode; 996 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
936 for (i = 0; i < mode->num_rates; i++) { 997
937 struct ieee80211_rate *rate = &mode->rates[i]; 998 for (i = 0; i < sband->n_bitrates; i++) {
938 if (!(rate->flags & IEEE80211_RATE_SUPPORTED)) 999 struct ieee80211_rate *rate = &sband->bitrates[i];
939 continue;
940 if (esupp_rates) { 1000 if (esupp_rates) {
941 pos = skb_put(skb, 1); 1001 pos = skb_put(skb, 1);
942 esupp_rates[1]++; 1002 esupp_rates[1]++;
@@ -949,7 +1009,7 @@ static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
949 pos = skb_put(skb, 1); 1009 pos = skb_put(skb, 1);
950 supp_rates[1]++; 1010 supp_rates[1]++;
951 } 1011 }
952 *pos = rate->rate / 5; 1012 *pos = rate->bitrate / 5;
953 } 1013 }
954 1014
955 ieee80211_sta_tx(dev, skb, 0); 1015 ieee80211_sta_tx(dev, skb, 0);
@@ -1044,6 +1104,58 @@ static void ieee80211_send_addba_resp(struct net_device *dev, u8 *da, u16 tid,
1044 return; 1104 return;
1045} 1105}
1046 1106
1107void ieee80211_send_addba_request(struct net_device *dev, const u8 *da,
1108 u16 tid, u8 dialog_token, u16 start_seq_num,
1109 u16 agg_size, u16 timeout)
1110{
1111 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1112 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1113 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1114 struct sk_buff *skb;
1115 struct ieee80211_mgmt *mgmt;
1116 u16 capab;
1117
1118 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 +
1119 sizeof(mgmt->u.action.u.addba_req));
1120
1121
1122 if (!skb) {
1123 printk(KERN_ERR "%s: failed to allocate buffer "
1124 "for addba request frame\n", dev->name);
1125 return;
1126 }
1127 skb_reserve(skb, local->hw.extra_tx_headroom);
1128 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1129 memset(mgmt, 0, 24);
1130 memcpy(mgmt->da, da, ETH_ALEN);
1131 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1132 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1133 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1134 else
1135 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1136
1137 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1138 IEEE80211_STYPE_ACTION);
1139
1140 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
1141
1142 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1143 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
1144
1145 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
1146 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
1147 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1148 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
1149
1150 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
1151
1152 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
1153 mgmt->u.action.u.addba_req.start_seq_num =
1154 cpu_to_le16(start_seq_num << 4);
1155
1156 ieee80211_sta_tx(dev, skb, 0);
1157}
1158
1047static void ieee80211_sta_process_addba_request(struct net_device *dev, 1159static void ieee80211_sta_process_addba_request(struct net_device *dev,
1048 struct ieee80211_mgmt *mgmt, 1160 struct ieee80211_mgmt *mgmt,
1049 size_t len) 1161 size_t len)
@@ -1058,9 +1170,13 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1058 int ret = -EOPNOTSUPP; 1170 int ret = -EOPNOTSUPP;
1059 DECLARE_MAC_BUF(mac); 1171 DECLARE_MAC_BUF(mac);
1060 1172
1173 rcu_read_lock();
1174
1061 sta = sta_info_get(local, mgmt->sa); 1175 sta = sta_info_get(local, mgmt->sa);
1062 if (!sta) 1176 if (!sta) {
1177 rcu_read_unlock();
1063 return; 1178 return;
1179 }
1064 1180
1065 /* extract session parameters from addba request frame */ 1181 /* extract session parameters from addba request frame */
1066 dialog_token = mgmt->u.action.u.addba_req.dialog_token; 1182 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
@@ -1084,7 +1200,7 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1084 status = WLAN_STATUS_INVALID_QOS_PARAM; 1200 status = WLAN_STATUS_INVALID_QOS_PARAM;
1085#ifdef CONFIG_MAC80211_HT_DEBUG 1201#ifdef CONFIG_MAC80211_HT_DEBUG
1086 if (net_ratelimit()) 1202 if (net_ratelimit())
1087 printk(KERN_DEBUG "Block Ack Req with bad params from " 1203 printk(KERN_DEBUG "AddBA Req with bad params from "
1088 "%s on tid %u. policy %d, buffer size %d\n", 1204 "%s on tid %u. policy %d, buffer size %d\n",
1089 print_mac(mac, mgmt->sa), tid, ba_policy, 1205 print_mac(mac, mgmt->sa), tid, ba_policy,
1090 buf_size); 1206 buf_size);
@@ -1093,26 +1209,45 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1093 } 1209 }
1094 /* determine default buffer size */ 1210 /* determine default buffer size */
1095 if (buf_size == 0) { 1211 if (buf_size == 0) {
1096 struct ieee80211_hw_mode *mode = conf->mode; 1212 struct ieee80211_supported_band *sband;
1213
1214 sband = local->hw.wiphy->bands[conf->channel->band];
1097 buf_size = IEEE80211_MIN_AMPDU_BUF; 1215 buf_size = IEEE80211_MIN_AMPDU_BUF;
1098 buf_size = buf_size << mode->ht_info.ampdu_factor; 1216 buf_size = buf_size << sband->ht_info.ampdu_factor;
1099 } 1217 }
1100 1218
1101 tid_agg_rx = &sta->ampdu_mlme.tid_rx[tid];
1102 1219
1103 /* examine state machine */ 1220 /* examine state machine */
1104 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx); 1221 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
1105 1222
1106 if (tid_agg_rx->state != HT_AGG_STATE_IDLE) { 1223 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
1107#ifdef CONFIG_MAC80211_HT_DEBUG 1224#ifdef CONFIG_MAC80211_HT_DEBUG
1108 if (net_ratelimit()) 1225 if (net_ratelimit())
1109 printk(KERN_DEBUG "unexpected Block Ack Req from " 1226 printk(KERN_DEBUG "unexpected AddBA Req from "
1110 "%s on tid %u\n", 1227 "%s on tid %u\n",
1111 print_mac(mac, mgmt->sa), tid); 1228 print_mac(mac, mgmt->sa), tid);
1112#endif /* CONFIG_MAC80211_HT_DEBUG */ 1229#endif /* CONFIG_MAC80211_HT_DEBUG */
1113 goto end; 1230 goto end;
1114 } 1231 }
1115 1232
1233 /* prepare A-MPDU MLME for Rx aggregation */
1234 sta->ampdu_mlme.tid_rx[tid] =
1235 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
1236 if (!sta->ampdu_mlme.tid_rx[tid]) {
1237 if (net_ratelimit())
1238 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
1239 tid);
1240 goto end;
1241 }
1242 /* rx timer */
1243 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
1244 sta_rx_agg_session_timer_expired;
1245 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
1246 (unsigned long)&sta->timer_to_tid[tid];
1247 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1248
1249 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
1250
1116 /* prepare reordering buffer */ 1251 /* prepare reordering buffer */
1117 tid_agg_rx->reorder_buf = 1252 tid_agg_rx->reorder_buf =
1118 kmalloc(buf_size * sizeof(struct sk_buf *), GFP_ATOMIC); 1253 kmalloc(buf_size * sizeof(struct sk_buf *), GFP_ATOMIC);
@@ -1120,6 +1255,7 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1120 if (net_ratelimit()) 1255 if (net_ratelimit())
1121 printk(KERN_ERR "can not allocate reordering buffer " 1256 printk(KERN_ERR "can not allocate reordering buffer "
1122 "to tid %d\n", tid); 1257 "to tid %d\n", tid);
1258 kfree(sta->ampdu_mlme.tid_rx[tid]);
1123 goto end; 1259 goto end;
1124 } 1260 }
1125 memset(tid_agg_rx->reorder_buf, 0, 1261 memset(tid_agg_rx->reorder_buf, 0,
@@ -1127,18 +1263,20 @@ static void ieee80211_sta_process_addba_request(struct net_device *dev,
1127 1263
1128 if (local->ops->ampdu_action) 1264 if (local->ops->ampdu_action)
1129 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START, 1265 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
1130 sta->addr, tid, start_seq_num); 1266 sta->addr, tid, &start_seq_num);
1131#ifdef CONFIG_MAC80211_HT_DEBUG 1267#ifdef CONFIG_MAC80211_HT_DEBUG
1132 printk(KERN_DEBUG "Rx A-MPDU on tid %d result %d", tid, ret); 1268 printk(KERN_DEBUG "Rx A-MPDU on tid %d result %d", tid, ret);
1133#endif /* CONFIG_MAC80211_HT_DEBUG */ 1269#endif /* CONFIG_MAC80211_HT_DEBUG */
1134 1270
1135 if (ret) { 1271 if (ret) {
1136 kfree(tid_agg_rx->reorder_buf); 1272 kfree(tid_agg_rx->reorder_buf);
1273 kfree(tid_agg_rx);
1274 sta->ampdu_mlme.tid_rx[tid] = NULL;
1137 goto end; 1275 goto end;
1138 } 1276 }
1139 1277
1140 /* change state and send addba resp */ 1278 /* change state and send addba resp */
1141 tid_agg_rx->state = HT_AGG_STATE_OPERATIONAL; 1279 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
1142 tid_agg_rx->dialog_token = dialog_token; 1280 tid_agg_rx->dialog_token = dialog_token;
1143 tid_agg_rx->ssn = start_seq_num; 1281 tid_agg_rx->ssn = start_seq_num;
1144 tid_agg_rx->head_seq_num = start_seq_num; 1282 tid_agg_rx->head_seq_num = start_seq_num;
@@ -1150,13 +1288,89 @@ end:
1150 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1288 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1151 1289
1152end_no_lock: 1290end_no_lock:
1153 ieee80211_send_addba_resp(sta->dev, sta->addr, tid, dialog_token, 1291 ieee80211_send_addba_resp(sta->sdata->dev, sta->addr, tid,
1154 status, 1, buf_size, timeout); 1292 dialog_token, status, 1, buf_size, timeout);
1155 sta_info_put(sta); 1293 rcu_read_unlock();
1156} 1294}
1157 1295
1158static void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid, 1296static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1159 u16 initiator, u16 reason_code) 1297 struct ieee80211_mgmt *mgmt,
1298 size_t len)
1299{
1300 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1301 struct ieee80211_hw *hw = &local->hw;
1302 struct sta_info *sta;
1303 u16 capab;
1304 u16 tid;
1305 u8 *state;
1306
1307 rcu_read_lock();
1308
1309 sta = sta_info_get(local, mgmt->sa);
1310 if (!sta) {
1311 rcu_read_unlock();
1312 return;
1313 }
1314
1315 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1316 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1317
1318 state = &sta->ampdu_mlme.tid_state_tx[tid];
1319
1320 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
1321
1322 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1323 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1324 printk(KERN_DEBUG "state not HT_ADDBA_REQUESTED_MSK:"
1325 "%d\n", *state);
1326 goto addba_resp_exit;
1327 }
1328
1329 if (mgmt->u.action.u.addba_resp.dialog_token !=
1330 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1331 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1332#ifdef CONFIG_MAC80211_HT_DEBUG
1333 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1334#endif /* CONFIG_MAC80211_HT_DEBUG */
1335 goto addba_resp_exit;
1336 }
1337
1338 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1339#ifdef CONFIG_MAC80211_HT_DEBUG
1340 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1341#endif /* CONFIG_MAC80211_HT_DEBUG */
1342 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1343 == WLAN_STATUS_SUCCESS) {
1344 if (*state & HT_ADDBA_RECEIVED_MSK)
1345 printk(KERN_DEBUG "double addBA response\n");
1346
1347 *state |= HT_ADDBA_RECEIVED_MSK;
1348 sta->ampdu_mlme.addba_req_num[tid] = 0;
1349
1350 if (*state == HT_AGG_STATE_OPERATIONAL) {
1351 printk(KERN_DEBUG "Aggregation on for tid %d \n", tid);
1352 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1353 }
1354
1355 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1356 printk(KERN_DEBUG "recipient accepted agg: tid %d \n", tid);
1357 } else {
1358 printk(KERN_DEBUG "recipient rejected agg: tid %d \n", tid);
1359
1360 sta->ampdu_mlme.addba_req_num[tid]++;
1361 /* this will allow the state check in stop_BA_session */
1362 *state = HT_AGG_STATE_OPERATIONAL;
1363 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1364 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1365 WLAN_BACK_INITIATOR);
1366 }
1367
1368addba_resp_exit:
1369 rcu_read_unlock();
1370}
1371
1372void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
1373 u16 initiator, u16 reason_code)
1160{ 1374{
1161 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1375 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1162 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1376 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
@@ -1207,19 +1421,23 @@ void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1207 struct sta_info *sta; 1421 struct sta_info *sta;
1208 int ret, i; 1422 int ret, i;
1209 1423
1424 rcu_read_lock();
1425
1210 sta = sta_info_get(local, ra); 1426 sta = sta_info_get(local, ra);
1211 if (!sta) 1427 if (!sta) {
1428 rcu_read_unlock();
1212 return; 1429 return;
1430 }
1213 1431
1214 /* check if TID is in operational state */ 1432 /* check if TID is in operational state */
1215 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx); 1433 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
1216 if (sta->ampdu_mlme.tid_rx[tid].state 1434 if (sta->ampdu_mlme.tid_state_rx[tid]
1217 != HT_AGG_STATE_OPERATIONAL) { 1435 != HT_AGG_STATE_OPERATIONAL) {
1218 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1436 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1219 sta_info_put(sta); 1437 rcu_read_unlock();
1220 return; 1438 return;
1221 } 1439 }
1222 sta->ampdu_mlme.tid_rx[tid].state = 1440 sta->ampdu_mlme.tid_state_rx[tid] =
1223 HT_AGG_STATE_REQ_STOP_BA_MSK | 1441 HT_AGG_STATE_REQ_STOP_BA_MSK |
1224 (initiator << HT_AGG_STATE_INITIATOR_SHIFT); 1442 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1225 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 1443 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
@@ -1229,35 +1447,38 @@ void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1229 BUG_ON(!local->ops->ampdu_action); 1447 BUG_ON(!local->ops->ampdu_action);
1230 1448
1231 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP, 1449 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
1232 ra, tid, EINVAL); 1450 ra, tid, NULL);
1233 if (ret) 1451 if (ret)
1234 printk(KERN_DEBUG "HW problem - can not stop rx " 1452 printk(KERN_DEBUG "HW problem - can not stop rx "
1235 "aggergation for tid %d\n", tid); 1453 "aggergation for tid %d\n", tid);
1236 1454
1237 /* shutdown timer has not expired */ 1455 /* shutdown timer has not expired */
1238 if (initiator != WLAN_BACK_TIMER) 1456 if (initiator != WLAN_BACK_TIMER)
1239 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]. 1457 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1240 session_timer);
1241 1458
1242 /* check if this is a self generated aggregation halt */ 1459 /* check if this is a self generated aggregation halt */
1243 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER) 1460 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
1244 ieee80211_send_delba(dev, ra, tid, 0, reason); 1461 ieee80211_send_delba(dev, ra, tid, 0, reason);
1245 1462
1246 /* free the reordering buffer */ 1463 /* free the reordering buffer */
1247 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid].buf_size; i++) { 1464 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
1248 if (sta->ampdu_mlme.tid_rx[tid].reorder_buf[i]) { 1465 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
1249 /* release the reordered frames */ 1466 /* release the reordered frames */
1250 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid].reorder_buf[i]); 1467 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
1251 sta->ampdu_mlme.tid_rx[tid].stored_mpdu_num--; 1468 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
1252 sta->ampdu_mlme.tid_rx[tid].reorder_buf[i] = NULL; 1469 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
1253 } 1470 }
1254 } 1471 }
1255 kfree(sta->ampdu_mlme.tid_rx[tid].reorder_buf); 1472 /* free resources */
1473 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
1474 kfree(sta->ampdu_mlme.tid_rx[tid]);
1475 sta->ampdu_mlme.tid_rx[tid] = NULL;
1476 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
1256 1477
1257 sta->ampdu_mlme.tid_rx[tid].state = HT_AGG_STATE_IDLE; 1478 rcu_read_unlock();
1258 sta_info_put(sta);
1259} 1479}
1260 1480
1481
1261static void ieee80211_sta_process_delba(struct net_device *dev, 1482static void ieee80211_sta_process_delba(struct net_device *dev,
1262 struct ieee80211_mgmt *mgmt, size_t len) 1483 struct ieee80211_mgmt *mgmt, size_t len)
1263{ 1484{
@@ -1267,9 +1488,13 @@ static void ieee80211_sta_process_delba(struct net_device *dev,
1267 u16 initiator; 1488 u16 initiator;
1268 DECLARE_MAC_BUF(mac); 1489 DECLARE_MAC_BUF(mac);
1269 1490
1491 rcu_read_lock();
1492
1270 sta = sta_info_get(local, mgmt->sa); 1493 sta = sta_info_get(local, mgmt->sa);
1271 if (!sta) 1494 if (!sta) {
1495 rcu_read_unlock();
1272 return; 1496 return;
1497 }
1273 1498
1274 params = le16_to_cpu(mgmt->u.action.u.delba.params); 1499 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1275 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12; 1500 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
@@ -1277,27 +1502,87 @@ static void ieee80211_sta_process_delba(struct net_device *dev,
1277 1502
1278#ifdef CONFIG_MAC80211_HT_DEBUG 1503#ifdef CONFIG_MAC80211_HT_DEBUG
1279 if (net_ratelimit()) 1504 if (net_ratelimit())
1280 printk(KERN_DEBUG "delba from %s on tid %d reason code %d\n", 1505 printk(KERN_DEBUG "delba from %s (%s) tid %d reason code %d\n",
1281 print_mac(mac, mgmt->sa), tid, 1506 print_mac(mac, mgmt->sa),
1507 initiator ? "initiator" : "recipient", tid,
1282 mgmt->u.action.u.delba.reason_code); 1508 mgmt->u.action.u.delba.reason_code);
1283#endif /* CONFIG_MAC80211_HT_DEBUG */ 1509#endif /* CONFIG_MAC80211_HT_DEBUG */
1284 1510
1285 if (initiator == WLAN_BACK_INITIATOR) 1511 if (initiator == WLAN_BACK_INITIATOR)
1286 ieee80211_sta_stop_rx_ba_session(dev, sta->addr, tid, 1512 ieee80211_sta_stop_rx_ba_session(dev, sta->addr, tid,
1287 WLAN_BACK_INITIATOR, 0); 1513 WLAN_BACK_INITIATOR, 0);
1288 sta_info_put(sta); 1514 else { /* WLAN_BACK_RECIPIENT */
1515 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
1516 sta->ampdu_mlme.tid_state_tx[tid] =
1517 HT_AGG_STATE_OPERATIONAL;
1518 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1519 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1520 WLAN_BACK_RECIPIENT);
1521 }
1522 rcu_read_unlock();
1289} 1523}
1290 1524
1291/* 1525/*
1292 * After receiving Block Ack Request (BAR) we activated a 1526 * After sending add Block Ack request we activated a timer until
1293 * timer after each frame arrives from the originator. 1527 * add Block Ack response will arrive from the recipient.
1528 * If this timer expires sta_addba_resp_timer_expired will be executed.
1529 */
1530void sta_addba_resp_timer_expired(unsigned long data)
1531{
1532 /* not an elegant detour, but there is no choice as the timer passes
1533 * only one argument, and both sta_info and TID are needed, so init
1534 * flow in sta_info_create gives the TID as data, while the timer_to_id
1535 * array gives the sta through container_of */
1536 u16 tid = *(int *)data;
1537 struct sta_info *temp_sta = container_of((void *)data,
1538 struct sta_info, timer_to_tid[tid]);
1539
1540 struct ieee80211_local *local = temp_sta->local;
1541 struct ieee80211_hw *hw = &local->hw;
1542 struct sta_info *sta;
1543 u8 *state;
1544
1545 rcu_read_lock();
1546
1547 sta = sta_info_get(local, temp_sta->addr);
1548 if (!sta) {
1549 rcu_read_unlock();
1550 return;
1551 }
1552
1553 state = &sta->ampdu_mlme.tid_state_tx[tid];
1554 /* check if the TID waits for addBA response */
1555 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
1556 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1557 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1558 *state = HT_AGG_STATE_IDLE;
1559 printk(KERN_DEBUG "timer expired on tid %d but we are not "
1560 "expecting addBA response there", tid);
1561 goto timer_expired_exit;
1562 }
1563
1564 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
1565
1566 /* go through the state check in stop_BA_session */
1567 *state = HT_AGG_STATE_OPERATIONAL;
1568 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1569 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid,
1570 WLAN_BACK_INITIATOR);
1571
1572timer_expired_exit:
1573 rcu_read_unlock();
1574}
1575
1576/*
1577 * After accepting the AddBA Request we activated a timer,
1578 * resetting it after each frame that arrives from the originator.
1294 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed. 1579 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1295 */ 1580 */
1296void sta_rx_agg_session_timer_expired(unsigned long data) 1581void sta_rx_agg_session_timer_expired(unsigned long data)
1297{ 1582{
1298 /* not an elegant detour, but there is no choice as the timer passes 1583 /* not an elegant detour, but there is no choice as the timer passes
1299 * only one argument, and verious sta_info are needed here, so init 1584 * only one argument, and verious sta_info are needed here, so init
1300 * flow in sta_info_add gives the TID as data, while the timer_to_id 1585 * flow in sta_info_create gives the TID as data, while the timer_to_id
1301 * array gives the sta through container_of */ 1586 * array gives the sta through container_of */
1302 u8 *ptid = (u8 *)data; 1587 u8 *ptid = (u8 *)data;
1303 u8 *timer_to_id = ptid - *ptid; 1588 u8 *timer_to_id = ptid - *ptid;
@@ -1305,11 +1590,24 @@ void sta_rx_agg_session_timer_expired(unsigned long data)
1305 timer_to_tid[0]); 1590 timer_to_tid[0]);
1306 1591
1307 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid); 1592 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1308 ieee80211_sta_stop_rx_ba_session(sta->dev, sta->addr, (u16)*ptid, 1593 ieee80211_sta_stop_rx_ba_session(sta->sdata->dev, sta->addr,
1309 WLAN_BACK_TIMER, 1594 (u16)*ptid, WLAN_BACK_TIMER,
1310 WLAN_REASON_QSTA_TIMEOUT); 1595 WLAN_REASON_QSTA_TIMEOUT);
1311} 1596}
1312 1597
1598void ieee80211_sta_tear_down_BA_sessions(struct net_device *dev, u8 *addr)
1599{
1600 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1601 int i;
1602
1603 for (i = 0; i < STA_TID_NUM; i++) {
1604 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
1605 WLAN_BACK_INITIATOR);
1606 ieee80211_sta_stop_rx_ba_session(dev, addr, i,
1607 WLAN_BACK_RECIPIENT,
1608 WLAN_REASON_QSTA_LEAVE_QBSS);
1609 }
1610}
1313 1611
1314static void ieee80211_rx_mgmt_auth(struct net_device *dev, 1612static void ieee80211_rx_mgmt_auth(struct net_device *dev,
1315 struct ieee80211_if_sta *ifsta, 1613 struct ieee80211_if_sta *ifsta,
@@ -1536,15 +1834,16 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1536{ 1834{
1537 struct ieee80211_local *local = sdata->local; 1835 struct ieee80211_local *local = sdata->local;
1538 struct net_device *dev = sdata->dev; 1836 struct net_device *dev = sdata->dev;
1539 struct ieee80211_hw_mode *mode; 1837 struct ieee80211_supported_band *sband;
1540 struct sta_info *sta; 1838 struct sta_info *sta;
1541 u32 rates; 1839 u64 rates, basic_rates;
1542 u16 capab_info, status_code, aid; 1840 u16 capab_info, status_code, aid;
1543 struct ieee802_11_elems elems; 1841 struct ieee802_11_elems elems;
1544 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf; 1842 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
1545 u8 *pos; 1843 u8 *pos;
1546 int i, j; 1844 int i, j;
1547 DECLARE_MAC_BUF(mac); 1845 DECLARE_MAC_BUF(mac);
1846 bool have_higher_than_11mbit = false;
1548 1847
1549 /* AssocResp and ReassocResp have identical structure, so process both 1848 /* AssocResp and ReassocResp have identical structure, so process both
1550 * of them in this function. */ 1849 * of them in this function. */
@@ -1614,22 +1913,23 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1614 if (ifsta->assocresp_ies) 1913 if (ifsta->assocresp_ies)
1615 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len); 1914 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1616 1915
1617 /* set AID, ieee80211_set_associated() will tell the driver */ 1916 rcu_read_lock();
1618 bss_conf->aid = aid;
1619 ieee80211_set_associated(dev, ifsta, 1);
1620 1917
1621 /* Add STA entry for the AP */ 1918 /* Add STA entry for the AP */
1622 sta = sta_info_get(local, ifsta->bssid); 1919 sta = sta_info_get(local, ifsta->bssid);
1623 if (!sta) { 1920 if (!sta) {
1624 struct ieee80211_sta_bss *bss; 1921 struct ieee80211_sta_bss *bss;
1625 sta = sta_info_add(local, dev, ifsta->bssid, GFP_KERNEL); 1922 int err;
1923
1924 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
1626 if (!sta) { 1925 if (!sta) {
1627 printk(KERN_DEBUG "%s: failed to add STA entry for the" 1926 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1628 " AP\n", dev->name); 1927 " the AP\n", dev->name);
1928 rcu_read_unlock();
1629 return; 1929 return;
1630 } 1930 }
1631 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, 1931 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
1632 local->hw.conf.channel, 1932 local->hw.conf.channel->center_freq,
1633 ifsta->ssid, ifsta->ssid_len); 1933 ifsta->ssid, ifsta->ssid_len);
1634 if (bss) { 1934 if (bss) {
1635 sta->last_rssi = bss->rssi; 1935 sta->last_rssi = bss->rssi;
@@ -1637,26 +1937,71 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1637 sta->last_noise = bss->noise; 1937 sta->last_noise = bss->noise;
1638 ieee80211_rx_bss_put(dev, bss); 1938 ieee80211_rx_bss_put(dev, bss);
1639 } 1939 }
1940
1941 err = sta_info_insert(sta);
1942 if (err) {
1943 printk(KERN_DEBUG "%s: failed to insert STA entry for"
1944 " the AP (error %d)\n", dev->name, err);
1945 sta_info_destroy(sta);
1946 rcu_read_unlock();
1947 return;
1948 }
1640 } 1949 }
1641 1950
1642 sta->dev = dev; 1951 /*
1643 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP; 1952 * FIXME: Do we really need to update the sta_info's information here?
1953 * We already know about the AP (we found it in our list) so it
1954 * should already be filled with the right info, no?
1955 * As is stands, all this is racy because typically we assume
1956 * the information that is filled in here (except flags) doesn't
1957 * change while a STA structure is alive. As such, it should move
1958 * to between the sta_info_alloc() and sta_info_insert() above.
1959 */
1960
1961 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
1962 WLAN_STA_AUTHORIZED;
1644 1963
1645 rates = 0; 1964 rates = 0;
1646 mode = local->oper_hw_mode; 1965 basic_rates = 0;
1966 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1967
1647 for (i = 0; i < elems.supp_rates_len; i++) { 1968 for (i = 0; i < elems.supp_rates_len; i++) {
1648 int rate = (elems.supp_rates[i] & 0x7f) * 5; 1969 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1649 for (j = 0; j < mode->num_rates; j++) 1970
1650 if (mode->rates[j].rate == rate) 1971 if (rate > 110)
1972 have_higher_than_11mbit = true;
1973
1974 for (j = 0; j < sband->n_bitrates; j++) {
1975 if (sband->bitrates[j].bitrate == rate)
1651 rates |= BIT(j); 1976 rates |= BIT(j);
1977 if (elems.supp_rates[i] & 0x80)
1978 basic_rates |= BIT(j);
1979 }
1652 } 1980 }
1981
1653 for (i = 0; i < elems.ext_supp_rates_len; i++) { 1982 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1654 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5; 1983 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1655 for (j = 0; j < mode->num_rates; j++) 1984
1656 if (mode->rates[j].rate == rate) 1985 if (rate > 110)
1986 have_higher_than_11mbit = true;
1987
1988 for (j = 0; j < sband->n_bitrates; j++) {
1989 if (sband->bitrates[j].bitrate == rate)
1657 rates |= BIT(j); 1990 rates |= BIT(j);
1991 if (elems.ext_supp_rates[i] & 0x80)
1992 basic_rates |= BIT(j);
1993 }
1658 } 1994 }
1659 sta->supp_rates = rates; 1995
1996 sta->supp_rates[local->hw.conf.channel->band] = rates;
1997 sdata->basic_rates = basic_rates;
1998
1999 /* cf. IEEE 802.11 9.2.12 */
2000 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
2001 have_higher_than_11mbit)
2002 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
2003 else
2004 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
1660 2005
1661 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param && 2006 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
1662 local->ops->conf_ht) { 2007 local->ops->conf_ht) {
@@ -1675,12 +2020,15 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1675 2020
1676 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) { 2021 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
1677 sta->flags |= WLAN_STA_WME; 2022 sta->flags |= WLAN_STA_WME;
2023 rcu_read_unlock();
1678 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param, 2024 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1679 elems.wmm_param_len); 2025 elems.wmm_param_len);
1680 } 2026 } else
1681 2027 rcu_read_unlock();
1682 2028
1683 sta_info_put(sta); 2029 /* set AID, ieee80211_set_associated() will tell the driver */
2030 bss_conf->aid = aid;
2031 ieee80211_set_associated(dev, ifsta, 1);
1684 2032
1685 ieee80211_associated(dev, ifsta); 2033 ieee80211_associated(dev, ifsta);
1686} 2034}
@@ -1691,8 +2039,16 @@ static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1691 struct ieee80211_sta_bss *bss) 2039 struct ieee80211_sta_bss *bss)
1692{ 2040{
1693 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2041 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1694 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)]; 2042 u8 hash_idx;
1695 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss; 2043
2044 if (bss_mesh_cfg(bss))
2045 hash_idx = mesh_id_hash(bss_mesh_id(bss),
2046 bss_mesh_id_len(bss));
2047 else
2048 hash_idx = STA_HASH(bss->bssid);
2049
2050 bss->hnext = local->sta_bss_hash[hash_idx];
2051 local->sta_bss_hash[hash_idx] = bss;
1696} 2052}
1697 2053
1698 2054
@@ -1719,7 +2075,7 @@ static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
1719 2075
1720 2076
1721static struct ieee80211_sta_bss * 2077static struct ieee80211_sta_bss *
1722ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int channel, 2078ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int freq,
1723 u8 *ssid, u8 ssid_len) 2079 u8 *ssid, u8 ssid_len)
1724{ 2080{
1725 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2081 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
@@ -1731,7 +2087,7 @@ ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int channel,
1731 atomic_inc(&bss->users); 2087 atomic_inc(&bss->users);
1732 atomic_inc(&bss->users); 2088 atomic_inc(&bss->users);
1733 memcpy(bss->bssid, bssid, ETH_ALEN); 2089 memcpy(bss->bssid, bssid, ETH_ALEN);
1734 bss->channel = channel; 2090 bss->freq = freq;
1735 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) { 2091 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
1736 memcpy(bss->ssid, ssid, ssid_len); 2092 memcpy(bss->ssid, ssid, ssid_len);
1737 bss->ssid_len = ssid_len; 2093 bss->ssid_len = ssid_len;
@@ -1745,9 +2101,8 @@ ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int channel,
1745 return bss; 2101 return bss;
1746} 2102}
1747 2103
1748
1749static struct ieee80211_sta_bss * 2104static struct ieee80211_sta_bss *
1750ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel, 2105ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
1751 u8 *ssid, u8 ssid_len) 2106 u8 *ssid, u8 ssid_len)
1752{ 2107{
1753 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2108 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
@@ -1756,8 +2111,9 @@ ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel,
1756 spin_lock_bh(&local->sta_bss_lock); 2111 spin_lock_bh(&local->sta_bss_lock);
1757 bss = local->sta_bss_hash[STA_HASH(bssid)]; 2112 bss = local->sta_bss_hash[STA_HASH(bssid)];
1758 while (bss) { 2113 while (bss) {
1759 if (!memcmp(bss->bssid, bssid, ETH_ALEN) && 2114 if (!bss_mesh_cfg(bss) &&
1760 bss->channel == channel && 2115 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
2116 bss->freq == freq &&
1761 bss->ssid_len == ssid_len && 2117 bss->ssid_len == ssid_len &&
1762 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) { 2118 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
1763 atomic_inc(&bss->users); 2119 atomic_inc(&bss->users);
@@ -1769,6 +2125,72 @@ ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel,
1769 return bss; 2125 return bss;
1770} 2126}
1771 2127
2128#ifdef CONFIG_MAC80211_MESH
2129static struct ieee80211_sta_bss *
2130ieee80211_rx_mesh_bss_get(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2131 u8 *mesh_cfg, int freq)
2132{
2133 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2134 struct ieee80211_sta_bss *bss;
2135
2136 spin_lock_bh(&local->sta_bss_lock);
2137 bss = local->sta_bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
2138 while (bss) {
2139 if (bss_mesh_cfg(bss) &&
2140 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
2141 bss->freq == freq &&
2142 mesh_id_len == bss->mesh_id_len &&
2143 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
2144 mesh_id_len))) {
2145 atomic_inc(&bss->users);
2146 break;
2147 }
2148 bss = bss->hnext;
2149 }
2150 spin_unlock_bh(&local->sta_bss_lock);
2151 return bss;
2152}
2153
2154static struct ieee80211_sta_bss *
2155ieee80211_rx_mesh_bss_add(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2156 u8 *mesh_cfg, int freq)
2157{
2158 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2159 struct ieee80211_sta_bss *bss;
2160
2161 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2162 if (!bss)
2163 return NULL;
2164
2165 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
2166 if (!bss->mesh_cfg) {
2167 kfree(bss);
2168 return NULL;
2169 }
2170
2171 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
2172 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
2173 if (!bss->mesh_id) {
2174 kfree(bss->mesh_cfg);
2175 kfree(bss);
2176 return NULL;
2177 }
2178 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
2179 }
2180
2181 atomic_inc(&bss->users);
2182 atomic_inc(&bss->users);
2183 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
2184 bss->mesh_id_len = mesh_id_len;
2185 bss->freq = freq;
2186 spin_lock_bh(&local->sta_bss_lock);
2187 /* TODO: order by RSSI? */
2188 list_add_tail(&bss->list, &local->sta_bss_list);
2189 __ieee80211_rx_bss_hash_add(dev, bss);
2190 spin_unlock_bh(&local->sta_bss_lock);
2191 return bss;
2192}
2193#endif
1772 2194
1773static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss) 2195static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1774{ 2196{
@@ -1776,6 +2198,8 @@ static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1776 kfree(bss->rsn_ie); 2198 kfree(bss->rsn_ie);
1777 kfree(bss->wmm_ie); 2199 kfree(bss->wmm_ie);
1778 kfree(bss->ht_ie); 2200 kfree(bss->ht_ie);
2201 kfree(bss_mesh_id(bss));
2202 kfree(bss_mesh_cfg(bss));
1779 kfree(bss); 2203 kfree(bss);
1780} 2204}
1781 2205
@@ -1813,6 +2237,203 @@ void ieee80211_rx_bss_list_deinit(struct net_device *dev)
1813} 2237}
1814 2238
1815 2239
2240static int ieee80211_sta_join_ibss(struct net_device *dev,
2241 struct ieee80211_if_sta *ifsta,
2242 struct ieee80211_sta_bss *bss)
2243{
2244 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2245 int res, rates, i, j;
2246 struct sk_buff *skb;
2247 struct ieee80211_mgmt *mgmt;
2248 struct ieee80211_tx_control control;
2249 struct rate_selection ratesel;
2250 u8 *pos;
2251 struct ieee80211_sub_if_data *sdata;
2252 struct ieee80211_supported_band *sband;
2253
2254 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2255
2256 /* Remove possible STA entries from other IBSS networks. */
2257 sta_info_flush(local, NULL);
2258
2259 if (local->ops->reset_tsf) {
2260 /* Reset own TSF to allow time synchronization work. */
2261 local->ops->reset_tsf(local_to_hw(local));
2262 }
2263 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2264 res = ieee80211_if_config(dev);
2265 if (res)
2266 return res;
2267
2268 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2269
2270 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2271 sdata->drop_unencrypted = bss->capability &
2272 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2273
2274 res = ieee80211_set_freq(local, bss->freq);
2275
2276 if (local->oper_channel->flags & IEEE80211_CHAN_NO_IBSS) {
2277 printk(KERN_DEBUG "%s: IBSS not allowed on frequency "
2278 "%d MHz\n", dev->name, local->oper_channel->center_freq);
2279 return -1;
2280 }
2281
2282 /* Set beacon template */
2283 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2284 do {
2285 if (!skb)
2286 break;
2287
2288 skb_reserve(skb, local->hw.extra_tx_headroom);
2289
2290 mgmt = (struct ieee80211_mgmt *)
2291 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2292 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2293 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2294 IEEE80211_STYPE_BEACON);
2295 memset(mgmt->da, 0xff, ETH_ALEN);
2296 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2297 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2298 mgmt->u.beacon.beacon_int =
2299 cpu_to_le16(local->hw.conf.beacon_int);
2300 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2301
2302 pos = skb_put(skb, 2 + ifsta->ssid_len);
2303 *pos++ = WLAN_EID_SSID;
2304 *pos++ = ifsta->ssid_len;
2305 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2306
2307 rates = bss->supp_rates_len;
2308 if (rates > 8)
2309 rates = 8;
2310 pos = skb_put(skb, 2 + rates);
2311 *pos++ = WLAN_EID_SUPP_RATES;
2312 *pos++ = rates;
2313 memcpy(pos, bss->supp_rates, rates);
2314
2315 if (bss->band == IEEE80211_BAND_2GHZ) {
2316 pos = skb_put(skb, 2 + 1);
2317 *pos++ = WLAN_EID_DS_PARAMS;
2318 *pos++ = 1;
2319 *pos++ = ieee80211_frequency_to_channel(bss->freq);
2320 }
2321
2322 pos = skb_put(skb, 2 + 2);
2323 *pos++ = WLAN_EID_IBSS_PARAMS;
2324 *pos++ = 2;
2325 /* FIX: set ATIM window based on scan results */
2326 *pos++ = 0;
2327 *pos++ = 0;
2328
2329 if (bss->supp_rates_len > 8) {
2330 rates = bss->supp_rates_len - 8;
2331 pos = skb_put(skb, 2 + rates);
2332 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2333 *pos++ = rates;
2334 memcpy(pos, &bss->supp_rates[8], rates);
2335 }
2336
2337 memset(&control, 0, sizeof(control));
2338 rate_control_get_rate(dev, sband, skb, &ratesel);
2339 if (!ratesel.rate) {
2340 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2341 "for IBSS beacon\n", dev->name);
2342 break;
2343 }
2344 control.vif = &sdata->vif;
2345 control.tx_rate = ratesel.rate;
2346 if (sdata->bss_conf.use_short_preamble &&
2347 ratesel.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE)
2348 control.flags |= IEEE80211_TXCTL_SHORT_PREAMBLE;
2349 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2350 control.flags |= IEEE80211_TXCTL_NO_ACK;
2351 control.retry_limit = 1;
2352
2353 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2354 if (ifsta->probe_resp) {
2355 mgmt = (struct ieee80211_mgmt *)
2356 ifsta->probe_resp->data;
2357 mgmt->frame_control =
2358 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2359 IEEE80211_STYPE_PROBE_RESP);
2360 } else {
2361 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2362 "template for IBSS\n", dev->name);
2363 }
2364
2365 if (local->ops->beacon_update &&
2366 local->ops->beacon_update(local_to_hw(local),
2367 skb, &control) == 0) {
2368 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2369 "template\n", dev->name);
2370 skb = NULL;
2371 }
2372
2373 rates = 0;
2374 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2375 for (i = 0; i < bss->supp_rates_len; i++) {
2376 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2377 for (j = 0; j < sband->n_bitrates; j++)
2378 if (sband->bitrates[j].bitrate == bitrate)
2379 rates |= BIT(j);
2380 }
2381 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
2382
2383 ieee80211_sta_def_wmm_params(dev, bss, 1);
2384 } while (0);
2385
2386 if (skb) {
2387 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2388 "template\n", dev->name);
2389 dev_kfree_skb(skb);
2390 }
2391
2392 ifsta->state = IEEE80211_IBSS_JOINED;
2393 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2394
2395 ieee80211_rx_bss_put(dev, bss);
2396
2397 return res;
2398}
2399
2400u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
2401 struct ieee802_11_elems *elems,
2402 enum ieee80211_band band)
2403{
2404 struct ieee80211_supported_band *sband;
2405 struct ieee80211_rate *bitrates;
2406 size_t num_rates;
2407 u64 supp_rates;
2408 int i, j;
2409 sband = local->hw.wiphy->bands[band];
2410
2411 if (!sband) {
2412 WARN_ON(1);
2413 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2414 }
2415
2416 bitrates = sband->bitrates;
2417 num_rates = sband->n_bitrates;
2418 supp_rates = 0;
2419 for (i = 0; i < elems->supp_rates_len +
2420 elems->ext_supp_rates_len; i++) {
2421 u8 rate = 0;
2422 int own_rate;
2423 if (i < elems->supp_rates_len)
2424 rate = elems->supp_rates[i];
2425 else if (elems->ext_supp_rates)
2426 rate = elems->ext_supp_rates
2427 [i - elems->supp_rates_len];
2428 own_rate = 5 * (rate & 0x7f);
2429 for (j = 0; j < num_rates; j++)
2430 if (bitrates[j].bitrate == own_rate)
2431 supp_rates |= BIT(j);
2432 }
2433 return supp_rates;
2434}
2435
2436
1816static void ieee80211_rx_bss_info(struct net_device *dev, 2437static void ieee80211_rx_bss_info(struct net_device *dev,
1817 struct ieee80211_mgmt *mgmt, 2438 struct ieee80211_mgmt *mgmt,
1818 size_t len, 2439 size_t len,
@@ -1822,11 +2443,12 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
1822 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2443 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1823 struct ieee802_11_elems elems; 2444 struct ieee802_11_elems elems;
1824 size_t baselen; 2445 size_t baselen;
1825 int channel, clen; 2446 int freq, clen;
1826 struct ieee80211_sta_bss *bss; 2447 struct ieee80211_sta_bss *bss;
1827 struct sta_info *sta; 2448 struct sta_info *sta;
1828 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2449 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1829 u64 timestamp; 2450 u64 beacon_timestamp, rx_timestamp;
2451 struct ieee80211_channel *channel;
1830 DECLARE_MAC_BUF(mac); 2452 DECLARE_MAC_BUF(mac);
1831 DECLARE_MAC_BUF(mac2); 2453 DECLARE_MAC_BUF(mac2);
1832 2454
@@ -1843,104 +2465,76 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
1843 if (baselen > len) 2465 if (baselen > len)
1844 return; 2466 return;
1845 2467
1846 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp); 2468 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
2469 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
1847 2470
1848 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon && 2471 if (ieee80211_vif_is_mesh(&sdata->vif) && elems.mesh_id &&
1849 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) { 2472 elems.mesh_config && mesh_matches_local(&elems, dev)) {
1850#ifdef CONFIG_MAC80211_IBSS_DEBUG 2473 u64 rates = ieee80211_sta_get_rates(local, &elems,
1851 static unsigned long last_tsf_debug = 0; 2474 rx_status->band);
1852 u64 tsf; 2475
1853 if (local->ops->get_tsf) 2476 mesh_neighbour_update(mgmt->sa, rates, dev,
1854 tsf = local->ops->get_tsf(local_to_hw(local)); 2477 mesh_peer_accepts_plinks(&elems, dev));
1855 else
1856 tsf = -1LLU;
1857 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1858 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
1859 "%s TSF=0x%llx BCN=0x%llx diff=%lld "
1860 "@%lu\n",
1861 print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->bssid),
1862 (unsigned long long)tsf,
1863 (unsigned long long)timestamp,
1864 (unsigned long long)(tsf - timestamp),
1865 jiffies);
1866 last_tsf_debug = jiffies;
1867 }
1868#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1869 } 2478 }
1870 2479
1871 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); 2480 rcu_read_lock();
1872 2481
1873 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates && 2482 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
1874 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 && 2483 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
1875 (sta = sta_info_get(local, mgmt->sa))) { 2484 (sta = sta_info_get(local, mgmt->sa))) {
1876 struct ieee80211_hw_mode *mode; 2485 u64 prev_rates;
1877 struct ieee80211_rate *rates; 2486 u64 supp_rates = ieee80211_sta_get_rates(local, &elems,
1878 size_t num_rates; 2487 rx_status->band);
1879 u32 supp_rates, prev_rates;
1880 int i, j;
1881
1882 mode = local->sta_sw_scanning ?
1883 local->scan_hw_mode : local->oper_hw_mode;
1884
1885 if (local->sta_hw_scanning) {
1886 /* search for the correct mode matches the beacon */
1887 list_for_each_entry(mode, &local->modes_list, list)
1888 if (mode->mode == rx_status->phymode)
1889 break;
1890
1891 if (mode == NULL)
1892 mode = local->oper_hw_mode;
1893 }
1894 rates = mode->rates;
1895 num_rates = mode->num_rates;
1896
1897 supp_rates = 0;
1898 for (i = 0; i < elems.supp_rates_len +
1899 elems.ext_supp_rates_len; i++) {
1900 u8 rate = 0;
1901 int own_rate;
1902 if (i < elems.supp_rates_len)
1903 rate = elems.supp_rates[i];
1904 else if (elems.ext_supp_rates)
1905 rate = elems.ext_supp_rates
1906 [i - elems.supp_rates_len];
1907 own_rate = 5 * (rate & 0x7f);
1908 for (j = 0; j < num_rates; j++)
1909 if (rates[j].rate == own_rate)
1910 supp_rates |= BIT(j);
1911 }
1912 2488
1913 prev_rates = sta->supp_rates; 2489 prev_rates = sta->supp_rates[rx_status->band];
1914 sta->supp_rates &= supp_rates; 2490 sta->supp_rates[rx_status->band] &= supp_rates;
1915 if (sta->supp_rates == 0) { 2491 if (sta->supp_rates[rx_status->band] == 0) {
1916 /* No matching rates - this should not really happen. 2492 /* No matching rates - this should not really happen.
1917 * Make sure that at least one rate is marked 2493 * Make sure that at least one rate is marked
1918 * supported to avoid issues with TX rate ctrl. */ 2494 * supported to avoid issues with TX rate ctrl. */
1919 sta->supp_rates = sdata->u.sta.supp_rates_bits; 2495 sta->supp_rates[rx_status->band] =
2496 sdata->u.sta.supp_rates_bits[rx_status->band];
1920 } 2497 }
1921 if (sta->supp_rates != prev_rates) { 2498 if (sta->supp_rates[rx_status->band] != prev_rates) {
1922 printk(KERN_DEBUG "%s: updated supp_rates set for " 2499 printk(KERN_DEBUG "%s: updated supp_rates set for "
1923 "%s based on beacon info (0x%x & 0x%x -> " 2500 "%s based on beacon info (0x%llx & 0x%llx -> "
1924 "0x%x)\n", 2501 "0x%llx)\n",
1925 dev->name, print_mac(mac, sta->addr), prev_rates, 2502 dev->name, print_mac(mac, sta->addr),
1926 supp_rates, sta->supp_rates); 2503 (unsigned long long) prev_rates,
2504 (unsigned long long) supp_rates,
2505 (unsigned long long) sta->supp_rates[rx_status->band]);
1927 } 2506 }
1928 sta_info_put(sta);
1929 } 2507 }
1930 2508
1931 if (!elems.ssid) 2509 rcu_read_unlock();
1932 return;
1933 2510
1934 if (elems.ds_params && elems.ds_params_len == 1) 2511 if (elems.ds_params && elems.ds_params_len == 1)
1935 channel = elems.ds_params[0]; 2512 freq = ieee80211_channel_to_frequency(elems.ds_params[0]);
1936 else 2513 else
1937 channel = rx_status->channel; 2514 freq = rx_status->freq;
1938 2515
1939 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, channel, 2516 channel = ieee80211_get_channel(local->hw.wiphy, freq);
1940 elems.ssid, elems.ssid_len); 2517
1941 if (!bss) { 2518 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
1942 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, channel, 2519 return;
2520
2521#ifdef CONFIG_MAC80211_MESH
2522 if (elems.mesh_config)
2523 bss = ieee80211_rx_mesh_bss_get(dev, elems.mesh_id,
2524 elems.mesh_id_len, elems.mesh_config, freq);
2525 else
2526#endif
2527 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, freq,
1943 elems.ssid, elems.ssid_len); 2528 elems.ssid, elems.ssid_len);
2529 if (!bss) {
2530#ifdef CONFIG_MAC80211_MESH
2531 if (elems.mesh_config)
2532 bss = ieee80211_rx_mesh_bss_add(dev, elems.mesh_id,
2533 elems.mesh_id_len, elems.mesh_config, freq);
2534 else
2535#endif
2536 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, freq,
2537 elems.ssid, elems.ssid_len);
1944 if (!bss) 2538 if (!bss)
1945 return; 2539 return;
1946 } else { 2540 } else {
@@ -1952,8 +2546,12 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
1952#endif 2546#endif
1953 } 2547 }
1954 2548
1955 if (bss->probe_resp && beacon) { 2549 bss->band = rx_status->band;
1956 /* Do not allow beacon to override data from Probe Response. */ 2550
2551 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
2552 bss->probe_resp && beacon) {
2553 /* STA mode:
2554 * Do not allow beacon to override data from Probe Response. */
1957 ieee80211_rx_bss_put(dev, bss); 2555 ieee80211_rx_bss_put(dev, bss);
1958 return; 2556 return;
1959 } 2557 }
@@ -2050,27 +2648,69 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
2050 bss->ht_ie_len = 0; 2648 bss->ht_ie_len = 0;
2051 } 2649 }
2052 2650
2053 bss->hw_mode = rx_status->phymode; 2651 bss->timestamp = beacon_timestamp;
2054 bss->freq = rx_status->freq;
2055 if (channel != rx_status->channel &&
2056 (bss->hw_mode == MODE_IEEE80211G ||
2057 bss->hw_mode == MODE_IEEE80211B) &&
2058 channel >= 1 && channel <= 14) {
2059 static const int freq_list[] = {
2060 2412, 2417, 2422, 2427, 2432, 2437, 2442,
2061 2447, 2452, 2457, 2462, 2467, 2472, 2484
2062 };
2063 /* IEEE 802.11g/b mode can receive packets from neighboring
2064 * channels, so map the channel into frequency. */
2065 bss->freq = freq_list[channel - 1];
2066 }
2067 bss->timestamp = timestamp;
2068 bss->last_update = jiffies; 2652 bss->last_update = jiffies;
2069 bss->rssi = rx_status->ssi; 2653 bss->rssi = rx_status->ssi;
2070 bss->signal = rx_status->signal; 2654 bss->signal = rx_status->signal;
2071 bss->noise = rx_status->noise; 2655 bss->noise = rx_status->noise;
2072 if (!beacon) 2656 if (!beacon)
2073 bss->probe_resp++; 2657 bss->probe_resp++;
2658
2659 /* check if we need to merge IBSS */
2660 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
2661 !local->sta_sw_scanning && !local->sta_hw_scanning &&
2662 bss->capability & WLAN_CAPABILITY_IBSS &&
2663 bss->freq == local->oper_channel->center_freq &&
2664 elems.ssid_len == sdata->u.sta.ssid_len &&
2665 memcmp(elems.ssid, sdata->u.sta.ssid, sdata->u.sta.ssid_len) == 0) {
2666 if (rx_status->flag & RX_FLAG_TSFT) {
2667 /* in order for correct IBSS merging we need mactime
2668 *
2669 * since mactime is defined as the time the first data
2670 * symbol of the frame hits the PHY, and the timestamp
2671 * of the beacon is defined as "the time that the data
2672 * symbol containing the first bit of the timestamp is
2673 * transmitted to the PHY plus the transmitting STA’s
2674 * delays through its local PHY from the MAC-PHY
2675 * interface to its interface with the WM"
2676 * (802.11 11.1.2) - equals the time this bit arrives at
2677 * the receiver - we have to take into account the
2678 * offset between the two.
2679 * e.g: at 1 MBit that means mactime is 192 usec earlier
2680 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
2681 */
2682 int rate = local->hw.wiphy->bands[rx_status->band]->
2683 bitrates[rx_status->rate_idx].bitrate;
2684 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
2685 } else if (local && local->ops && local->ops->get_tsf)
2686 /* second best option: get current TSF */
2687 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
2688 else
2689 /* can't merge without knowing the TSF */
2690 rx_timestamp = -1LLU;
2691#ifdef CONFIG_MAC80211_IBSS_DEBUG
2692 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
2693 "%s TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
2694 print_mac(mac, mgmt->sa),
2695 print_mac(mac2, mgmt->bssid),
2696 (unsigned long long)rx_timestamp,
2697 (unsigned long long)beacon_timestamp,
2698 (unsigned long long)(rx_timestamp - beacon_timestamp),
2699 jiffies);
2700#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2701 if (beacon_timestamp > rx_timestamp) {
2702#ifndef CONFIG_MAC80211_IBSS_DEBUG
2703 if (net_ratelimit())
2704#endif
2705 printk(KERN_DEBUG "%s: beacon TSF higher than "
2706 "local TSF - IBSS merge with BSSID %s\n",
2707 dev->name, print_mac(mac, mgmt->bssid));
2708 ieee80211_sta_join_ibss(dev, &sdata->u.sta, bss);
2709 ieee80211_ibss_add_sta(dev, NULL,
2710 mgmt->bssid, mgmt->sa);
2711 }
2712 }
2713
2074 ieee80211_rx_bss_put(dev, bss); 2714 ieee80211_rx_bss_put(dev, bss);
2075} 2715}
2076 2716
@@ -2221,8 +2861,11 @@ static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
2221static void ieee80211_rx_mgmt_action(struct net_device *dev, 2861static void ieee80211_rx_mgmt_action(struct net_device *dev,
2222 struct ieee80211_if_sta *ifsta, 2862 struct ieee80211_if_sta *ifsta,
2223 struct ieee80211_mgmt *mgmt, 2863 struct ieee80211_mgmt *mgmt,
2224 size_t len) 2864 size_t len,
2865 struct ieee80211_rx_status *rx_status)
2225{ 2866{
2867 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2868
2226 if (len < IEEE80211_MIN_ACTION_SIZE) 2869 if (len < IEEE80211_MIN_ACTION_SIZE)
2227 return; 2870 return;
2228 2871
@@ -2235,6 +2878,12 @@ static void ieee80211_rx_mgmt_action(struct net_device *dev,
2235 break; 2878 break;
2236 ieee80211_sta_process_addba_request(dev, mgmt, len); 2879 ieee80211_sta_process_addba_request(dev, mgmt, len);
2237 break; 2880 break;
2881 case WLAN_ACTION_ADDBA_RESP:
2882 if (len < (IEEE80211_MIN_ACTION_SIZE +
2883 sizeof(mgmt->u.action.u.addba_resp)))
2884 break;
2885 ieee80211_sta_process_addba_resp(dev, mgmt, len);
2886 break;
2238 case WLAN_ACTION_DELBA: 2887 case WLAN_ACTION_DELBA:
2239 if (len < (IEEE80211_MIN_ACTION_SIZE + 2888 if (len < (IEEE80211_MIN_ACTION_SIZE +
2240 sizeof(mgmt->u.action.u.delba))) 2889 sizeof(mgmt->u.action.u.delba)))
@@ -2248,7 +2897,18 @@ static void ieee80211_rx_mgmt_action(struct net_device *dev,
2248 break; 2897 break;
2249 } 2898 }
2250 break; 2899 break;
2900 case PLINK_CATEGORY:
2901 if (ieee80211_vif_is_mesh(&sdata->vif))
2902 mesh_rx_plink_frame(dev, mgmt, len, rx_status);
2903 break;
2904 case MESH_PATH_SEL_CATEGORY:
2905 if (ieee80211_vif_is_mesh(&sdata->vif))
2906 mesh_rx_path_sel_frame(dev, mgmt, len);
2907 break;
2251 default: 2908 default:
2909 if (net_ratelimit())
2910 printk(KERN_DEBUG "%s: Rx unknown action frame - "
2911 "category=%d\n", dev->name, mgmt->u.action.category);
2252 break; 2912 break;
2253 } 2913 }
2254} 2914}
@@ -2275,13 +2935,13 @@ void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
2275 case IEEE80211_STYPE_PROBE_REQ: 2935 case IEEE80211_STYPE_PROBE_REQ:
2276 case IEEE80211_STYPE_PROBE_RESP: 2936 case IEEE80211_STYPE_PROBE_RESP:
2277 case IEEE80211_STYPE_BEACON: 2937 case IEEE80211_STYPE_BEACON:
2938 case IEEE80211_STYPE_ACTION:
2278 memcpy(skb->cb, rx_status, sizeof(*rx_status)); 2939 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2279 case IEEE80211_STYPE_AUTH: 2940 case IEEE80211_STYPE_AUTH:
2280 case IEEE80211_STYPE_ASSOC_RESP: 2941 case IEEE80211_STYPE_ASSOC_RESP:
2281 case IEEE80211_STYPE_REASSOC_RESP: 2942 case IEEE80211_STYPE_REASSOC_RESP:
2282 case IEEE80211_STYPE_DEAUTH: 2943 case IEEE80211_STYPE_DEAUTH:
2283 case IEEE80211_STYPE_DISASSOC: 2944 case IEEE80211_STYPE_DISASSOC:
2284 case IEEE80211_STYPE_ACTION:
2285 skb_queue_tail(&ifsta->skb_queue, skb); 2945 skb_queue_tail(&ifsta->skb_queue, skb);
2286 queue_work(local->hw.workqueue, &ifsta->work); 2946 queue_work(local->hw.workqueue, &ifsta->work);
2287 return; 2947 return;
@@ -2340,7 +3000,7 @@ static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
2340 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len); 3000 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
2341 break; 3001 break;
2342 case IEEE80211_STYPE_ACTION: 3002 case IEEE80211_STYPE_ACTION:
2343 ieee80211_rx_mgmt_action(dev, ifsta, mgmt, skb->len); 3003 ieee80211_rx_mgmt_action(dev, ifsta, mgmt, skb->len, rx_status);
2344 break; 3004 break;
2345 } 3005 }
2346 3006
@@ -2348,7 +3008,7 @@ static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
2348} 3008}
2349 3009
2350 3010
2351ieee80211_txrx_result 3011ieee80211_rx_result
2352ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb, 3012ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
2353 struct ieee80211_rx_status *rx_status) 3013 struct ieee80211_rx_status *rx_status)
2354{ 3014{
@@ -2356,31 +3016,31 @@ ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
2356 u16 fc; 3016 u16 fc;
2357 3017
2358 if (skb->len < 2) 3018 if (skb->len < 2)
2359 return TXRX_DROP; 3019 return RX_DROP_UNUSABLE;
2360 3020
2361 mgmt = (struct ieee80211_mgmt *) skb->data; 3021 mgmt = (struct ieee80211_mgmt *) skb->data;
2362 fc = le16_to_cpu(mgmt->frame_control); 3022 fc = le16_to_cpu(mgmt->frame_control);
2363 3023
2364 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL) 3024 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL)
2365 return TXRX_CONTINUE; 3025 return RX_CONTINUE;
2366 3026
2367 if (skb->len < 24) 3027 if (skb->len < 24)
2368 return TXRX_DROP; 3028 return RX_DROP_MONITOR;
2369 3029
2370 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) { 3030 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
2371 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) { 3031 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
2372 ieee80211_rx_mgmt_probe_resp(dev, mgmt, 3032 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
2373 skb->len, rx_status); 3033 skb->len, rx_status);
2374 dev_kfree_skb(skb); 3034 dev_kfree_skb(skb);
2375 return TXRX_QUEUED; 3035 return RX_QUEUED;
2376 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) { 3036 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
2377 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, 3037 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
2378 rx_status); 3038 rx_status);
2379 dev_kfree_skb(skb); 3039 dev_kfree_skb(skb);
2380 return TXRX_QUEUED; 3040 return RX_QUEUED;
2381 } 3041 }
2382 } 3042 }
2383 return TXRX_CONTINUE; 3043 return RX_CONTINUE;
2384} 3044}
2385 3045
2386 3046
@@ -2389,45 +3049,50 @@ static int ieee80211_sta_active_ibss(struct net_device *dev)
2389 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 3049 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2390 int active = 0; 3050 int active = 0;
2391 struct sta_info *sta; 3051 struct sta_info *sta;
3052 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3053
3054 rcu_read_lock();
2392 3055
2393 read_lock_bh(&local->sta_lock); 3056 list_for_each_entry_rcu(sta, &local->sta_list, list) {
2394 list_for_each_entry(sta, &local->sta_list, list) { 3057 if (sta->sdata == sdata &&
2395 if (sta->dev == dev &&
2396 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL, 3058 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
2397 jiffies)) { 3059 jiffies)) {
2398 active++; 3060 active++;
2399 break; 3061 break;
2400 } 3062 }
2401 } 3063 }
2402 read_unlock_bh(&local->sta_lock); 3064
3065 rcu_read_unlock();
2403 3066
2404 return active; 3067 return active;
2405} 3068}
2406 3069
2407 3070
2408static void ieee80211_sta_expire(struct net_device *dev) 3071static void ieee80211_sta_expire(struct net_device *dev, unsigned long exp_time)
2409{ 3072{
2410 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 3073 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2411 struct sta_info *sta, *tmp; 3074 struct sta_info *sta, *tmp;
2412 LIST_HEAD(tmp_list); 3075 LIST_HEAD(tmp_list);
2413 DECLARE_MAC_BUF(mac); 3076 DECLARE_MAC_BUF(mac);
3077 unsigned long flags;
2414 3078
2415 write_lock_bh(&local->sta_lock); 3079 spin_lock_irqsave(&local->sta_lock, flags);
2416 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) 3080 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
2417 if (time_after(jiffies, sta->last_rx + 3081 if (time_after(jiffies, sta->last_rx + exp_time)) {
2418 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
2419 printk(KERN_DEBUG "%s: expiring inactive STA %s\n", 3082 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
2420 dev->name, print_mac(mac, sta->addr)); 3083 dev->name, print_mac(mac, sta->addr));
2421 __sta_info_get(sta); 3084 sta_info_unlink(&sta);
2422 sta_info_remove(sta); 3085 if (sta)
2423 list_add(&sta->list, &tmp_list); 3086 list_add(&sta->list, &tmp_list);
2424 } 3087 }
2425 write_unlock_bh(&local->sta_lock); 3088 spin_unlock_irqrestore(&local->sta_lock, flags);
2426 3089
2427 list_for_each_entry_safe(sta, tmp, &tmp_list, list) { 3090 synchronize_rcu();
2428 sta_info_free(sta); 3091
2429 sta_info_put(sta); 3092 rtnl_lock();
2430 } 3093 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
3094 sta_info_destroy(sta);
3095 rtnl_unlock();
2431} 3096}
2432 3097
2433 3098
@@ -2436,7 +3101,7 @@ static void ieee80211_sta_merge_ibss(struct net_device *dev,
2436{ 3101{
2437 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL); 3102 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2438 3103
2439 ieee80211_sta_expire(dev); 3104 ieee80211_sta_expire(dev, IEEE80211_IBSS_INACTIVITY_LIMIT);
2440 if (ieee80211_sta_active_ibss(dev)) 3105 if (ieee80211_sta_active_ibss(dev))
2441 return; 3106 return;
2442 3107
@@ -2446,6 +3111,36 @@ static void ieee80211_sta_merge_ibss(struct net_device *dev,
2446} 3111}
2447 3112
2448 3113
3114#ifdef CONFIG_MAC80211_MESH
3115static void ieee80211_mesh_housekeeping(struct net_device *dev,
3116 struct ieee80211_if_sta *ifsta)
3117{
3118 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3119 bool free_plinks;
3120
3121 ieee80211_sta_expire(dev, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
3122 mesh_path_expire(dev);
3123
3124 free_plinks = mesh_plink_availables(sdata);
3125 if (free_plinks != sdata->u.sta.accepting_plinks)
3126 ieee80211_if_config_beacon(dev);
3127
3128 mod_timer(&ifsta->timer, jiffies +
3129 IEEE80211_MESH_HOUSEKEEPING_INTERVAL);
3130}
3131
3132
3133void ieee80211_start_mesh(struct net_device *dev)
3134{
3135 struct ieee80211_if_sta *ifsta;
3136 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3137 ifsta = &sdata->u.sta;
3138 ifsta->state = IEEE80211_MESH_UP;
3139 ieee80211_sta_timer((unsigned long)sdata);
3140}
3141#endif
3142
3143
2449void ieee80211_sta_timer(unsigned long data) 3144void ieee80211_sta_timer(unsigned long data)
2450{ 3145{
2451 struct ieee80211_sub_if_data *sdata = 3146 struct ieee80211_sub_if_data *sdata =
@@ -2457,7 +3152,6 @@ void ieee80211_sta_timer(unsigned long data)
2457 queue_work(local->hw.workqueue, &ifsta->work); 3152 queue_work(local->hw.workqueue, &ifsta->work);
2458} 3153}
2459 3154
2460
2461void ieee80211_sta_work(struct work_struct *work) 3155void ieee80211_sta_work(struct work_struct *work)
2462{ 3156{
2463 struct ieee80211_sub_if_data *sdata = 3157 struct ieee80211_sub_if_data *sdata =
@@ -2474,7 +3168,8 @@ void ieee80211_sta_work(struct work_struct *work)
2474 return; 3168 return;
2475 3169
2476 if (sdata->vif.type != IEEE80211_IF_TYPE_STA && 3170 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
2477 sdata->vif.type != IEEE80211_IF_TYPE_IBSS) { 3171 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
3172 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT) {
2478 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface " 3173 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
2479 "(type=%d)\n", dev->name, sdata->vif.type); 3174 "(type=%d)\n", dev->name, sdata->vif.type);
2480 return; 3175 return;
@@ -2484,6 +3179,13 @@ void ieee80211_sta_work(struct work_struct *work)
2484 while ((skb = skb_dequeue(&ifsta->skb_queue))) 3179 while ((skb = skb_dequeue(&ifsta->skb_queue)))
2485 ieee80211_sta_rx_queued_mgmt(dev, skb); 3180 ieee80211_sta_rx_queued_mgmt(dev, skb);
2486 3181
3182#ifdef CONFIG_MAC80211_MESH
3183 if (ifsta->preq_queue_len &&
3184 time_after(jiffies,
3185 ifsta->last_preq + msecs_to_jiffies(ifsta->mshcfg.dot11MeshHWMPpreqMinInterval)))
3186 mesh_path_start_discovery(dev);
3187#endif
3188
2487 if (ifsta->state != IEEE80211_AUTHENTICATE && 3189 if (ifsta->state != IEEE80211_AUTHENTICATE &&
2488 ifsta->state != IEEE80211_ASSOCIATE && 3190 ifsta->state != IEEE80211_ASSOCIATE &&
2489 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) { 3191 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
@@ -2519,6 +3221,11 @@ void ieee80211_sta_work(struct work_struct *work)
2519 case IEEE80211_IBSS_JOINED: 3221 case IEEE80211_IBSS_JOINED:
2520 ieee80211_sta_merge_ibss(dev, ifsta); 3222 ieee80211_sta_merge_ibss(dev, ifsta);
2521 break; 3223 break;
3224#ifdef CONFIG_MAC80211_MESH
3225 case IEEE80211_MESH_UP:
3226 ieee80211_mesh_housekeeping(dev, ifsta);
3227 break;
3228#endif
2522 default: 3229 default:
2523 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n", 3230 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
2524 ifsta->state); 3231 ifsta->state);
@@ -2629,7 +3336,7 @@ static int ieee80211_sta_config_auth(struct net_device *dev,
2629 } 3336 }
2630 3337
2631 spin_lock_bh(&local->sta_bss_lock); 3338 spin_lock_bh(&local->sta_bss_lock);
2632 freq = local->oper_channel->freq; 3339 freq = local->oper_channel->center_freq;
2633 list_for_each_entry(bss, &local->sta_bss_list, list) { 3340 list_for_each_entry(bss, &local->sta_bss_list, list) {
2634 if (!(bss->capability & WLAN_CAPABILITY_ESS)) 3341 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2635 continue; 3342 continue;
@@ -2660,11 +3367,12 @@ static int ieee80211_sta_config_auth(struct net_device *dev,
2660 spin_unlock_bh(&local->sta_bss_lock); 3367 spin_unlock_bh(&local->sta_bss_lock);
2661 3368
2662 if (selected) { 3369 if (selected) {
2663 ieee80211_set_channel(local, -1, selected->freq); 3370 ieee80211_set_freq(local, selected->freq);
2664 if (!(ifsta->flags & IEEE80211_STA_SSID_SET)) 3371 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
2665 ieee80211_sta_set_ssid(dev, selected->ssid, 3372 ieee80211_sta_set_ssid(dev, selected->ssid,
2666 selected->ssid_len); 3373 selected->ssid_len);
2667 ieee80211_sta_set_bssid(dev, selected->bssid); 3374 ieee80211_sta_set_bssid(dev, selected->bssid);
3375 ieee80211_sta_def_wmm_params(dev, selected, 0);
2668 ieee80211_rx_bss_put(dev, selected); 3376 ieee80211_rx_bss_put(dev, selected);
2669 ifsta->state = IEEE80211_AUTHENTICATE; 3377 ifsta->state = IEEE80211_AUTHENTICATE;
2670 ieee80211_sta_reset_auth(dev, ifsta); 3378 ieee80211_sta_reset_auth(dev, ifsta);
@@ -2684,162 +3392,6 @@ static int ieee80211_sta_config_auth(struct net_device *dev,
2684 return -1; 3392 return -1;
2685} 3393}
2686 3394
2687static int ieee80211_sta_join_ibss(struct net_device *dev,
2688 struct ieee80211_if_sta *ifsta,
2689 struct ieee80211_sta_bss *bss)
2690{
2691 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2692 int res, rates, i, j;
2693 struct sk_buff *skb;
2694 struct ieee80211_mgmt *mgmt;
2695 struct ieee80211_tx_control control;
2696 struct ieee80211_hw_mode *mode;
2697 struct rate_selection ratesel;
2698 u8 *pos;
2699 struct ieee80211_sub_if_data *sdata;
2700
2701 /* Remove possible STA entries from other IBSS networks. */
2702 sta_info_flush(local, NULL);
2703
2704 if (local->ops->reset_tsf) {
2705 /* Reset own TSF to allow time synchronization work. */
2706 local->ops->reset_tsf(local_to_hw(local));
2707 }
2708 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2709 res = ieee80211_if_config(dev);
2710 if (res)
2711 return res;
2712
2713 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2714
2715 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2716 sdata->drop_unencrypted = bss->capability &
2717 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2718
2719 res = ieee80211_set_channel(local, -1, bss->freq);
2720
2721 if (!(local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)) {
2722 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d "
2723 "(%d MHz)\n", dev->name, local->hw.conf.channel,
2724 local->hw.conf.freq);
2725 return -1;
2726 }
2727
2728 /* Set beacon template based on scan results */
2729 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2730 do {
2731 if (!skb)
2732 break;
2733
2734 skb_reserve(skb, local->hw.extra_tx_headroom);
2735
2736 mgmt = (struct ieee80211_mgmt *)
2737 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2738 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2739 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2740 IEEE80211_STYPE_BEACON);
2741 memset(mgmt->da, 0xff, ETH_ALEN);
2742 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2743 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2744 mgmt->u.beacon.beacon_int =
2745 cpu_to_le16(local->hw.conf.beacon_int);
2746 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2747
2748 pos = skb_put(skb, 2 + ifsta->ssid_len);
2749 *pos++ = WLAN_EID_SSID;
2750 *pos++ = ifsta->ssid_len;
2751 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2752
2753 rates = bss->supp_rates_len;
2754 if (rates > 8)
2755 rates = 8;
2756 pos = skb_put(skb, 2 + rates);
2757 *pos++ = WLAN_EID_SUPP_RATES;
2758 *pos++ = rates;
2759 memcpy(pos, bss->supp_rates, rates);
2760
2761 pos = skb_put(skb, 2 + 1);
2762 *pos++ = WLAN_EID_DS_PARAMS;
2763 *pos++ = 1;
2764 *pos++ = bss->channel;
2765
2766 pos = skb_put(skb, 2 + 2);
2767 *pos++ = WLAN_EID_IBSS_PARAMS;
2768 *pos++ = 2;
2769 /* FIX: set ATIM window based on scan results */
2770 *pos++ = 0;
2771 *pos++ = 0;
2772
2773 if (bss->supp_rates_len > 8) {
2774 rates = bss->supp_rates_len - 8;
2775 pos = skb_put(skb, 2 + rates);
2776 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2777 *pos++ = rates;
2778 memcpy(pos, &bss->supp_rates[8], rates);
2779 }
2780
2781 memset(&control, 0, sizeof(control));
2782 rate_control_get_rate(dev, local->oper_hw_mode, skb, &ratesel);
2783 if (!ratesel.rate) {
2784 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2785 "for IBSS beacon\n", dev->name);
2786 break;
2787 }
2788 control.vif = &sdata->vif;
2789 control.tx_rate =
2790 (sdata->bss_conf.use_short_preamble &&
2791 (ratesel.rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2792 ratesel.rate->val2 : ratesel.rate->val;
2793 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2794 control.power_level = local->hw.conf.power_level;
2795 control.flags |= IEEE80211_TXCTL_NO_ACK;
2796 control.retry_limit = 1;
2797
2798 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2799 if (ifsta->probe_resp) {
2800 mgmt = (struct ieee80211_mgmt *)
2801 ifsta->probe_resp->data;
2802 mgmt->frame_control =
2803 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2804 IEEE80211_STYPE_PROBE_RESP);
2805 } else {
2806 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2807 "template for IBSS\n", dev->name);
2808 }
2809
2810 if (local->ops->beacon_update &&
2811 local->ops->beacon_update(local_to_hw(local),
2812 skb, &control) == 0) {
2813 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2814 "template based on scan results\n", dev->name);
2815 skb = NULL;
2816 }
2817
2818 rates = 0;
2819 mode = local->oper_hw_mode;
2820 for (i = 0; i < bss->supp_rates_len; i++) {
2821 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2822 for (j = 0; j < mode->num_rates; j++)
2823 if (mode->rates[j].rate == bitrate)
2824 rates |= BIT(j);
2825 }
2826 ifsta->supp_rates_bits = rates;
2827 } while (0);
2828
2829 if (skb) {
2830 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2831 "template\n", dev->name);
2832 dev_kfree_skb(skb);
2833 }
2834
2835 ifsta->state = IEEE80211_IBSS_JOINED;
2836 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2837
2838 ieee80211_rx_bss_put(dev, bss);
2839
2840 return res;
2841}
2842
2843 3395
2844static int ieee80211_sta_create_ibss(struct net_device *dev, 3396static int ieee80211_sta_create_ibss(struct net_device *dev,
2845 struct ieee80211_if_sta *ifsta) 3397 struct ieee80211_if_sta *ifsta)
@@ -2847,7 +3399,7 @@ static int ieee80211_sta_create_ibss(struct net_device *dev,
2847 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 3399 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2848 struct ieee80211_sta_bss *bss; 3400 struct ieee80211_sta_bss *bss;
2849 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 3401 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2850 struct ieee80211_hw_mode *mode; 3402 struct ieee80211_supported_band *sband;
2851 u8 bssid[ETH_ALEN], *pos; 3403 u8 bssid[ETH_ALEN], *pos;
2852 int i; 3404 int i;
2853 DECLARE_MAC_BUF(mac); 3405 DECLARE_MAC_BUF(mac);
@@ -2869,28 +3421,28 @@ static int ieee80211_sta_create_ibss(struct net_device *dev,
2869 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n", 3421 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
2870 dev->name, print_mac(mac, bssid)); 3422 dev->name, print_mac(mac, bssid));
2871 3423
2872 bss = ieee80211_rx_bss_add(dev, bssid, local->hw.conf.channel, 3424 bss = ieee80211_rx_bss_add(dev, bssid,
3425 local->hw.conf.channel->center_freq,
2873 sdata->u.sta.ssid, sdata->u.sta.ssid_len); 3426 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
2874 if (!bss) 3427 if (!bss)
2875 return -ENOMEM; 3428 return -ENOMEM;
2876 3429
2877 mode = local->oper_hw_mode; 3430 bss->band = local->hw.conf.channel->band;
3431 sband = local->hw.wiphy->bands[bss->band];
2878 3432
2879 if (local->hw.conf.beacon_int == 0) 3433 if (local->hw.conf.beacon_int == 0)
2880 local->hw.conf.beacon_int = 100; 3434 local->hw.conf.beacon_int = 10000;
2881 bss->beacon_int = local->hw.conf.beacon_int; 3435 bss->beacon_int = local->hw.conf.beacon_int;
2882 bss->hw_mode = local->hw.conf.phymode;
2883 bss->freq = local->hw.conf.freq;
2884 bss->last_update = jiffies; 3436 bss->last_update = jiffies;
2885 bss->capability = WLAN_CAPABILITY_IBSS; 3437 bss->capability = WLAN_CAPABILITY_IBSS;
2886 if (sdata->default_key) { 3438 if (sdata->default_key) {
2887 bss->capability |= WLAN_CAPABILITY_PRIVACY; 3439 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2888 } else 3440 } else
2889 sdata->drop_unencrypted = 0; 3441 sdata->drop_unencrypted = 0;
2890 bss->supp_rates_len = mode->num_rates; 3442 bss->supp_rates_len = sband->n_bitrates;
2891 pos = bss->supp_rates; 3443 pos = bss->supp_rates;
2892 for (i = 0; i < mode->num_rates; i++) { 3444 for (i = 0; i < sband->n_bitrates; i++) {
2893 int rate = mode->rates[i].rate; 3445 int rate = sband->bitrates[i].bitrate;
2894 *pos++ = (u8) (rate / 5); 3446 *pos++ = (u8) (rate / 5);
2895 } 3447 }
2896 3448
@@ -2939,7 +3491,8 @@ static int ieee80211_sta_find_ibss(struct net_device *dev,
2939 "%s\n", print_mac(mac, bssid), print_mac(mac2, ifsta->bssid)); 3491 "%s\n", print_mac(mac, bssid), print_mac(mac2, ifsta->bssid));
2940#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 3492#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2941 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 && 3493 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
2942 (bss = ieee80211_rx_bss_get(dev, bssid, local->hw.conf.channel, 3494 (bss = ieee80211_rx_bss_get(dev, bssid,
3495 local->hw.conf.channel->center_freq,
2943 ifsta->ssid, ifsta->ssid_len))) { 3496 ifsta->ssid, ifsta->ssid_len))) {
2944 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s" 3497 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
2945 " based on configured SSID\n", 3498 " based on configured SSID\n",
@@ -2967,13 +3520,13 @@ static int ieee80211_sta_find_ibss(struct net_device *dev,
2967 if (time_after(jiffies, ifsta->ibss_join_req + 3520 if (time_after(jiffies, ifsta->ibss_join_req +
2968 IEEE80211_IBSS_JOIN_TIMEOUT)) { 3521 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2969 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) && 3522 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
2970 local->oper_channel->flag & IEEE80211_CHAN_W_IBSS) 3523 (!(local->oper_channel->flags &
3524 IEEE80211_CHAN_NO_IBSS)))
2971 return ieee80211_sta_create_ibss(dev, ifsta); 3525 return ieee80211_sta_create_ibss(dev, ifsta);
2972 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) { 3526 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
2973 printk(KERN_DEBUG "%s: IBSS not allowed on the" 3527 printk(KERN_DEBUG "%s: IBSS not allowed on"
2974 " configured channel %d (%d MHz)\n", 3528 " %d MHz\n", dev->name,
2975 dev->name, local->hw.conf.channel, 3529 local->hw.conf.channel->center_freq);
2976 local->hw.conf.freq);
2977 } 3530 }
2978 3531
2979 /* No IBSS found - decrease scan interval and continue 3532 /* No IBSS found - decrease scan interval and continue
@@ -2992,41 +3545,12 @@ static int ieee80211_sta_find_ibss(struct net_device *dev,
2992 3545
2993int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len) 3546int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
2994{ 3547{
2995 struct ieee80211_sub_if_data *sdata; 3548 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2996 struct ieee80211_if_sta *ifsta; 3549 struct ieee80211_if_sta *ifsta;
2997 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2998 3550
2999 if (len > IEEE80211_MAX_SSID_LEN) 3551 if (len > IEEE80211_MAX_SSID_LEN)
3000 return -EINVAL; 3552 return -EINVAL;
3001 3553
3002 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is
3003 * not defined. */
3004 if (local->ops->conf_tx) {
3005 struct ieee80211_tx_queue_params qparam;
3006 int i;
3007
3008 memset(&qparam, 0, sizeof(qparam));
3009 /* TODO: are these ok defaults for all hw_modes? */
3010 qparam.aifs = 2;
3011 qparam.cw_min =
3012 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15;
3013 qparam.cw_max = 1023;
3014 qparam.burst_time = 0;
3015 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
3016 {
3017 local->ops->conf_tx(local_to_hw(local),
3018 i + IEEE80211_TX_QUEUE_DATA0,
3019 &qparam);
3020 }
3021 /* IBSS uses different parameters for Beacon sending */
3022 qparam.cw_min++;
3023 qparam.cw_min *= 2;
3024 qparam.cw_min--;
3025 local->ops->conf_tx(local_to_hw(local),
3026 IEEE80211_TX_QUEUE_BEACON, &qparam);
3027 }
3028
3029 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3030 ifsta = &sdata->u.sta; 3554 ifsta = &sdata->u.sta;
3031 3555
3032 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) 3556 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
@@ -3118,6 +3642,13 @@ static void ieee80211_send_nullfunc(struct ieee80211_local *local,
3118} 3642}
3119 3643
3120 3644
3645static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
3646{
3647 if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
3648 ieee80211_vif_is_mesh(&sdata->vif))
3649 ieee80211_sta_timer((unsigned long)sdata);
3650}
3651
3121void ieee80211_scan_completed(struct ieee80211_hw *hw) 3652void ieee80211_scan_completed(struct ieee80211_hw *hw)
3122{ 3653{
3123 struct ieee80211_local *local = hw_to_local(hw); 3654 struct ieee80211_local *local = hw_to_local(hw);
@@ -3131,6 +3662,15 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw)
3131 3662
3132 if (local->sta_hw_scanning) { 3663 if (local->sta_hw_scanning) {
3133 local->sta_hw_scanning = 0; 3664 local->sta_hw_scanning = 0;
3665 if (ieee80211_hw_config(local))
3666 printk(KERN_DEBUG "%s: failed to restore operational "
3667 "channel after scan\n", dev->name);
3668 /* Restart STA timer for HW scan case */
3669 rcu_read_lock();
3670 list_for_each_entry_rcu(sdata, &local->interfaces, list)
3671 ieee80211_restart_sta_timer(sdata);
3672 rcu_read_unlock();
3673
3134 goto done; 3674 goto done;
3135 } 3675 }
3136 3676
@@ -3157,11 +3697,12 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw)
3157 if (sdata->dev == local->mdev) 3697 if (sdata->dev == local->mdev)
3158 continue; 3698 continue;
3159 3699
3160 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) { 3700 /* Tell AP we're back */
3161 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) 3701 if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
3162 ieee80211_send_nullfunc(local, sdata, 0); 3702 sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED)
3163 ieee80211_sta_timer((unsigned long)sdata); 3703 ieee80211_send_nullfunc(local, sdata, 0);
3164 } 3704
3705 ieee80211_restart_sta_timer(sdata);
3165 3706
3166 netif_wake_queue(sdata->dev); 3707 netif_wake_queue(sdata->dev);
3167 } 3708 }
@@ -3185,7 +3726,7 @@ void ieee80211_sta_scan_work(struct work_struct *work)
3185 container_of(work, struct ieee80211_local, scan_work.work); 3726 container_of(work, struct ieee80211_local, scan_work.work);
3186 struct net_device *dev = local->scan_dev; 3727 struct net_device *dev = local->scan_dev;
3187 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 3728 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3188 struct ieee80211_hw_mode *mode; 3729 struct ieee80211_supported_band *sband;
3189 struct ieee80211_channel *chan; 3730 struct ieee80211_channel *chan;
3190 int skip; 3731 int skip;
3191 unsigned long next_delay = 0; 3732 unsigned long next_delay = 0;
@@ -3195,44 +3736,59 @@ void ieee80211_sta_scan_work(struct work_struct *work)
3195 3736
3196 switch (local->scan_state) { 3737 switch (local->scan_state) {
3197 case SCAN_SET_CHANNEL: 3738 case SCAN_SET_CHANNEL:
3198 mode = local->scan_hw_mode; 3739 /*
3199 if (local->scan_hw_mode->list.next == &local->modes_list && 3740 * Get current scan band. scan_band may be IEEE80211_NUM_BANDS
3200 local->scan_channel_idx >= mode->num_channels) { 3741 * after we successfully scanned the last channel of the last
3742 * band (and the last band is supported by the hw)
3743 */
3744 if (local->scan_band < IEEE80211_NUM_BANDS)
3745 sband = local->hw.wiphy->bands[local->scan_band];
3746 else
3747 sband = NULL;
3748
3749 /*
3750 * If we are at an unsupported band and have more bands
3751 * left to scan, advance to the next supported one.
3752 */
3753 while (!sband && local->scan_band < IEEE80211_NUM_BANDS - 1) {
3754 local->scan_band++;
3755 sband = local->hw.wiphy->bands[local->scan_band];
3756 local->scan_channel_idx = 0;
3757 }
3758
3759 /* if no more bands/channels left, complete scan */
3760 if (!sband || local->scan_channel_idx >= sband->n_channels) {
3201 ieee80211_scan_completed(local_to_hw(local)); 3761 ieee80211_scan_completed(local_to_hw(local));
3202 return; 3762 return;
3203 } 3763 }
3204 skip = !(local->enabled_modes & (1 << mode->mode)); 3764 skip = 0;
3205 chan = &mode->channels[local->scan_channel_idx]; 3765 chan = &sband->channels[local->scan_channel_idx];
3206 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) || 3766
3767 if (chan->flags & IEEE80211_CHAN_DISABLED ||
3207 (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && 3768 (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3208 !(chan->flag & IEEE80211_CHAN_W_IBSS)) || 3769 chan->flags & IEEE80211_CHAN_NO_IBSS))
3209 (local->hw_modes & local->enabled_modes &
3210 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B))
3211 skip = 1; 3770 skip = 1;
3212 3771
3213 if (!skip) { 3772 if (!skip) {
3214#if 0
3215 printk(KERN_DEBUG "%s: scan channel %d (%d MHz)\n",
3216 dev->name, chan->chan, chan->freq);
3217#endif
3218
3219 local->scan_channel = chan; 3773 local->scan_channel = chan;
3220 if (ieee80211_hw_config(local)) { 3774 if (ieee80211_hw_config(local)) {
3221 printk(KERN_DEBUG "%s: failed to set channel " 3775 printk(KERN_DEBUG "%s: failed to set freq to "
3222 "%d (%d MHz) for scan\n", dev->name, 3776 "%d MHz for scan\n", dev->name,
3223 chan->chan, chan->freq); 3777 chan->center_freq);
3224 skip = 1; 3778 skip = 1;
3225 } 3779 }
3226 } 3780 }
3227 3781
3782 /* advance state machine to next channel/band */
3228 local->scan_channel_idx++; 3783 local->scan_channel_idx++;
3229 if (local->scan_channel_idx >= local->scan_hw_mode->num_channels) { 3784 if (local->scan_channel_idx >= sband->n_channels) {
3230 if (local->scan_hw_mode->list.next != &local->modes_list) { 3785 /*
3231 local->scan_hw_mode = list_entry(local->scan_hw_mode->list.next, 3786 * scan_band may end up == IEEE80211_NUM_BANDS, but
3232 struct ieee80211_hw_mode, 3787 * we'll catch that case above and complete the scan
3233 list); 3788 * if that is the case.
3234 local->scan_channel_idx = 0; 3789 */
3235 } 3790 local->scan_band++;
3791 local->scan_channel_idx = 0;
3236 } 3792 }
3237 3793
3238 if (skip) 3794 if (skip)
@@ -3243,13 +3799,14 @@ void ieee80211_sta_scan_work(struct work_struct *work)
3243 local->scan_state = SCAN_SEND_PROBE; 3799 local->scan_state = SCAN_SEND_PROBE;
3244 break; 3800 break;
3245 case SCAN_SEND_PROBE: 3801 case SCAN_SEND_PROBE:
3246 if (local->scan_channel->flag & IEEE80211_CHAN_W_ACTIVE_SCAN) { 3802 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
3247 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
3248 local->scan_ssid_len);
3249 next_delay = IEEE80211_CHANNEL_TIME;
3250 } else
3251 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
3252 local->scan_state = SCAN_SET_CHANNEL; 3803 local->scan_state = SCAN_SET_CHANNEL;
3804
3805 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN)
3806 break;
3807 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
3808 local->scan_ssid_len);
3809 next_delay = IEEE80211_CHANNEL_TIME;
3253 break; 3810 break;
3254 } 3811 }
3255 3812
@@ -3324,10 +3881,8 @@ static int ieee80211_sta_start_scan(struct net_device *dev,
3324 } else 3881 } else
3325 local->scan_ssid_len = 0; 3882 local->scan_ssid_len = 0;
3326 local->scan_state = SCAN_SET_CHANNEL; 3883 local->scan_state = SCAN_SET_CHANNEL;
3327 local->scan_hw_mode = list_entry(local->modes_list.next,
3328 struct ieee80211_hw_mode,
3329 list);
3330 local->scan_channel_idx = 0; 3884 local->scan_channel_idx = 0;
3885 local->scan_band = IEEE80211_BAND_2GHZ;
3331 local->scan_dev = dev; 3886 local->scan_dev = dev;
3332 3887
3333 netif_tx_lock_bh(local->mdev); 3888 netif_tx_lock_bh(local->mdev);
@@ -3382,9 +3937,6 @@ ieee80211_sta_scan_result(struct net_device *dev,
3382 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE)) 3937 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
3383 return current_ev; 3938 return current_ev;
3384 3939
3385 if (!(local->enabled_modes & (1 << bss->hw_mode)))
3386 return current_ev;
3387
3388 memset(&iwe, 0, sizeof(iwe)); 3940 memset(&iwe, 0, sizeof(iwe));
3389 iwe.cmd = SIOCGIWAP; 3941 iwe.cmd = SIOCGIWAP;
3390 iwe.u.ap_addr.sa_family = ARPHRD_ETHER; 3942 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
@@ -3394,15 +3946,25 @@ ieee80211_sta_scan_result(struct net_device *dev,
3394 3946
3395 memset(&iwe, 0, sizeof(iwe)); 3947 memset(&iwe, 0, sizeof(iwe));
3396 iwe.cmd = SIOCGIWESSID; 3948 iwe.cmd = SIOCGIWESSID;
3397 iwe.u.data.length = bss->ssid_len; 3949 if (bss_mesh_cfg(bss)) {
3398 iwe.u.data.flags = 1; 3950 iwe.u.data.length = bss_mesh_id_len(bss);
3399 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, 3951 iwe.u.data.flags = 1;
3400 bss->ssid); 3952 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3953 bss_mesh_id(bss));
3954 } else {
3955 iwe.u.data.length = bss->ssid_len;
3956 iwe.u.data.flags = 1;
3957 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3958 bss->ssid);
3959 }
3401 3960
3402 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) { 3961 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
3962 || bss_mesh_cfg(bss)) {
3403 memset(&iwe, 0, sizeof(iwe)); 3963 memset(&iwe, 0, sizeof(iwe));
3404 iwe.cmd = SIOCGIWMODE; 3964 iwe.cmd = SIOCGIWMODE;
3405 if (bss->capability & WLAN_CAPABILITY_ESS) 3965 if (bss_mesh_cfg(bss))
3966 iwe.u.mode = IW_MODE_MESH;
3967 else if (bss->capability & WLAN_CAPABILITY_ESS)
3406 iwe.u.mode = IW_MODE_MASTER; 3968 iwe.u.mode = IW_MODE_MASTER;
3407 else 3969 else
3408 iwe.u.mode = IW_MODE_ADHOC; 3970 iwe.u.mode = IW_MODE_ADHOC;
@@ -3412,12 +3974,15 @@ ieee80211_sta_scan_result(struct net_device *dev,
3412 3974
3413 memset(&iwe, 0, sizeof(iwe)); 3975 memset(&iwe, 0, sizeof(iwe));
3414 iwe.cmd = SIOCGIWFREQ; 3976 iwe.cmd = SIOCGIWFREQ;
3415 iwe.u.freq.m = bss->channel; 3977 iwe.u.freq.m = bss->freq;
3416 iwe.u.freq.e = 0; 3978 iwe.u.freq.e = 6;
3417 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 3979 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3418 IW_EV_FREQ_LEN); 3980 IW_EV_FREQ_LEN);
3419 iwe.u.freq.m = bss->freq * 100000; 3981
3420 iwe.u.freq.e = 1; 3982 memset(&iwe, 0, sizeof(iwe));
3983 iwe.cmd = SIOCGIWFREQ;
3984 iwe.u.freq.m = ieee80211_frequency_to_channel(bss->freq);
3985 iwe.u.freq.e = 0;
3421 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 3986 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3422 IW_EV_FREQ_LEN); 3987 IW_EV_FREQ_LEN);
3423 3988
@@ -3488,6 +4053,45 @@ ieee80211_sta_scan_result(struct net_device *dev,
3488 } 4053 }
3489 } 4054 }
3490 4055
4056 if (bss_mesh_cfg(bss)) {
4057 char *buf;
4058 u8 *cfg = bss_mesh_cfg(bss);
4059 buf = kmalloc(50, GFP_ATOMIC);
4060 if (buf) {
4061 memset(&iwe, 0, sizeof(iwe));
4062 iwe.cmd = IWEVCUSTOM;
4063 sprintf(buf, "Mesh network (version %d)", cfg[0]);
4064 iwe.u.data.length = strlen(buf);
4065 current_ev = iwe_stream_add_point(current_ev, end_buf,
4066 &iwe, buf);
4067 sprintf(buf, "Path Selection Protocol ID: "
4068 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
4069 cfg[4]);
4070 iwe.u.data.length = strlen(buf);
4071 current_ev = iwe_stream_add_point(current_ev, end_buf,
4072 &iwe, buf);
4073 sprintf(buf, "Path Selection Metric ID: "
4074 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
4075 cfg[8]);
4076 iwe.u.data.length = strlen(buf);
4077 current_ev = iwe_stream_add_point(current_ev, end_buf,
4078 &iwe, buf);
4079 sprintf(buf, "Congestion Control Mode ID: "
4080 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
4081 cfg[11], cfg[12]);
4082 iwe.u.data.length = strlen(buf);
4083 current_ev = iwe_stream_add_point(current_ev, end_buf,
4084 &iwe, buf);
4085 sprintf(buf, "Channel Precedence: "
4086 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
4087 cfg[15], cfg[16]);
4088 iwe.u.data.length = strlen(buf);
4089 current_ev = iwe_stream_add_point(current_ev, end_buf,
4090 &iwe, buf);
4091 kfree(buf);
4092 }
4093 }
4094
3491 return current_ev; 4095 return current_ev;
3492} 4096}
3493 4097
@@ -3556,15 +4160,23 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
3556 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n", 4160 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
3557 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name); 4161 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name);
3558 4162
3559 sta = sta_info_add(local, dev, addr, GFP_ATOMIC); 4163 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
3560 if (!sta) 4164 if (!sta)
3561 return NULL; 4165 return NULL;
3562 4166
3563 sta->supp_rates = sdata->u.sta.supp_rates_bits; 4167 sta->flags |= WLAN_STA_AUTHORIZED;
4168
4169 sta->supp_rates[local->hw.conf.channel->band] =
4170 sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band];
3564 4171
3565 rate_control_rate_init(sta, local); 4172 rate_control_rate_init(sta, local);
3566 4173
3567 return sta; /* caller will call sta_info_put() */ 4174 if (sta_info_insert(sta)) {
4175 sta_info_destroy(sta);
4176 return NULL;
4177 }
4178
4179 return sta;
3568} 4180}
3569 4181
3570 4182
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index ed57fb8e82fc..f91fb4092652 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -13,14 +13,15 @@
13#include <linux/etherdevice.h> 13#include <linux/etherdevice.h>
14#include <linux/list.h> 14#include <linux/list.h>
15#include <linux/rcupdate.h> 15#include <linux/rcupdate.h>
16#include <linux/rtnetlink.h>
16#include <net/mac80211.h> 17#include <net/mac80211.h>
17#include "ieee80211_i.h" 18#include "ieee80211_i.h"
18#include "debugfs_key.h" 19#include "debugfs_key.h"
19#include "aes_ccm.h" 20#include "aes_ccm.h"
20 21
21 22
22/* 23/**
23 * Key handling basics 24 * DOC: Key handling basics
24 * 25 *
25 * Key handling in mac80211 is done based on per-interface (sub_if_data) 26 * Key handling in mac80211 is done based on per-interface (sub_if_data)
26 * keys and per-station keys. Since each station belongs to an interface, 27 * keys and per-station keys. Since each station belongs to an interface,
@@ -34,6 +35,10 @@
34 * 35 *
35 * All operations here are called under RTNL so no extra locking is 36 * All operations here are called under RTNL so no extra locking is
36 * required. 37 * required.
38 *
39 * NOTE: This code requires that sta info *destruction* is done under
40 * RTNL, otherwise it can try to access already freed STA structs
41 * when a STA key is being freed.
37 */ 42 */
38 43
39static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 44static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
@@ -84,16 +89,25 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
84 key->conf.keyidx, print_mac(mac, addr), ret); 89 key->conf.keyidx, print_mac(mac, addr), ret);
85} 90}
86 91
92static void ieee80211_key_mark_hw_accel_off(struct ieee80211_key *key)
93{
94 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
95 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
96 key->flags |= KEY_FLAG_REMOVE_FROM_HARDWARE;
97 }
98}
99
87static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 100static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
88{ 101{
89 const u8 *addr; 102 const u8 *addr;
90 int ret; 103 int ret;
91 DECLARE_MAC_BUF(mac); 104 DECLARE_MAC_BUF(mac);
92 105
93 if (!key->local->ops->set_key) 106 if (!key || !key->local->ops->set_key)
94 return; 107 return;
95 108
96 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 109 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
110 !(key->flags & KEY_FLAG_REMOVE_FROM_HARDWARE))
97 return; 111 return;
98 112
99 addr = get_mac_for_key(key); 113 addr = get_mac_for_key(key);
@@ -108,12 +122,11 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
108 wiphy_name(key->local->hw.wiphy), 122 wiphy_name(key->local->hw.wiphy),
109 key->conf.keyidx, print_mac(mac, addr), ret); 123 key->conf.keyidx, print_mac(mac, addr), ret);
110 124
111 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 125 key->flags &= ~(KEY_FLAG_UPLOADED_TO_HARDWARE |
126 KEY_FLAG_REMOVE_FROM_HARDWARE);
112} 127}
113 128
114struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata, 129struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
115 struct sta_info *sta,
116 enum ieee80211_key_alg alg,
117 int idx, 130 int idx,
118 size_t key_len, 131 size_t key_len,
119 const u8 *key_data) 132 const u8 *key_data)
@@ -137,10 +150,7 @@ struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
137 key->conf.keyidx = idx; 150 key->conf.keyidx = idx;
138 key->conf.keylen = key_len; 151 key->conf.keylen = key_len;
139 memcpy(key->conf.key, key_data, key_len); 152 memcpy(key->conf.key, key_data, key_len);
140 153 INIT_LIST_HEAD(&key->list);
141 key->local = sdata->local;
142 key->sdata = sdata;
143 key->sta = sta;
144 154
145 if (alg == ALG_CCMP) { 155 if (alg == ALG_CCMP) {
146 /* 156 /*
@@ -154,13 +164,68 @@ struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
154 } 164 }
155 } 165 }
156 166
157 ieee80211_debugfs_key_add(key->local, key); 167 return key;
168}
158 169
159 /* remove key first */ 170static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
160 if (sta) 171 struct sta_info *sta,
161 ieee80211_key_free(sta->key); 172 struct ieee80211_key *key,
162 else 173 struct ieee80211_key *new)
163 ieee80211_key_free(sdata->keys[idx]); 174{
175 int idx, defkey;
176
177 if (new)
178 list_add(&new->list, &sdata->key_list);
179
180 if (sta) {
181 rcu_assign_pointer(sta->key, new);
182 } else {
183 WARN_ON(new && key && new->conf.keyidx != key->conf.keyidx);
184
185 if (key)
186 idx = key->conf.keyidx;
187 else
188 idx = new->conf.keyidx;
189
190 defkey = key && sdata->default_key == key;
191
192 if (defkey && !new)
193 ieee80211_set_default_key(sdata, -1);
194
195 rcu_assign_pointer(sdata->keys[idx], new);
196 if (defkey && new)
197 ieee80211_set_default_key(sdata, new->conf.keyidx);
198 }
199
200 if (key) {
201 ieee80211_key_mark_hw_accel_off(key);
202 /*
203 * We'll use an empty list to indicate that the key
204 * has already been removed.
205 */
206 list_del_init(&key->list);
207 }
208}
209
210void ieee80211_key_link(struct ieee80211_key *key,
211 struct ieee80211_sub_if_data *sdata,
212 struct sta_info *sta)
213{
214 struct ieee80211_key *old_key;
215 int idx;
216
217 ASSERT_RTNL();
218 might_sleep();
219
220 BUG_ON(!sdata);
221 BUG_ON(!key);
222
223 idx = key->conf.keyidx;
224 key->local = sdata->local;
225 key->sdata = sdata;
226 key->sta = sta;
227
228 ieee80211_debugfs_key_add(key->local, key);
164 229
165 if (sta) { 230 if (sta) {
166 ieee80211_debugfs_key_sta_link(key, sta); 231 ieee80211_debugfs_key_sta_link(key, sta);
@@ -175,61 +240,76 @@ struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
175 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) { 240 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
176 struct sta_info *ap; 241 struct sta_info *ap;
177 242
243 rcu_read_lock();
244
178 /* same here, the AP could be using QoS */ 245 /* same here, the AP could be using QoS */
179 ap = sta_info_get(key->local, key->sdata->u.sta.bssid); 246 ap = sta_info_get(key->local, key->sdata->u.sta.bssid);
180 if (ap) { 247 if (ap) {
181 if (ap->flags & WLAN_STA_WME) 248 if (ap->flags & WLAN_STA_WME)
182 key->conf.flags |= 249 key->conf.flags |=
183 IEEE80211_KEY_FLAG_WMM_STA; 250 IEEE80211_KEY_FLAG_WMM_STA;
184 sta_info_put(ap);
185 } 251 }
252
253 rcu_read_unlock();
186 } 254 }
187 } 255 }
188 256
189 /* enable hwaccel if appropriate */
190 if (netif_running(key->sdata->dev))
191 ieee80211_key_enable_hw_accel(key);
192
193 if (sta) 257 if (sta)
194 rcu_assign_pointer(sta->key, key); 258 old_key = sta->key;
195 else 259 else
196 rcu_assign_pointer(sdata->keys[idx], key); 260 old_key = sdata->keys[idx];
197 261
198 list_add(&key->list, &sdata->key_list); 262 __ieee80211_key_replace(sdata, sta, old_key, key);
199 263
200 return key; 264 if (old_key) {
265 synchronize_rcu();
266 ieee80211_key_free(old_key);
267 }
268
269 if (netif_running(sdata->dev))
270 ieee80211_key_enable_hw_accel(key);
201} 271}
202 272
203void ieee80211_key_free(struct ieee80211_key *key) 273void ieee80211_key_free(struct ieee80211_key *key)
204{ 274{
275 ASSERT_RTNL();
276 might_sleep();
277
205 if (!key) 278 if (!key)
206 return; 279 return;
207 280
208 if (key->sta) { 281 if (key->sdata) {
209 rcu_assign_pointer(key->sta->key, NULL); 282 /*
210 } else { 283 * Replace key with nothingness.
211 if (key->sdata->default_key == key) 284 *
212 ieee80211_set_default_key(key->sdata, -1); 285 * Because other code may have key reference (RCU protected)
213 if (key->conf.keyidx >= 0 && 286 * right now, we then wait for a grace period before freeing
214 key->conf.keyidx < NUM_DEFAULT_KEYS) 287 * it.
215 rcu_assign_pointer(key->sdata->keys[key->conf.keyidx], 288 * An empty list indicates it was never added to the key list
216 NULL); 289 * or has been removed already. It may, however, still be in
217 else 290 * hardware for acceleration.
218 WARN_ON(1); 291 */
219 } 292 if (!list_empty(&key->list))
293 __ieee80211_key_replace(key->sdata, key->sta,
294 key, NULL);
220 295
221 /* wait for all key users to complete */ 296 /*
222 synchronize_rcu(); 297 * Do NOT remove this without looking at sta_info_destroy()
298 */
299 synchronize_rcu();
223 300
224 /* remove from hwaccel if appropriate */ 301 /*
225 ieee80211_key_disable_hw_accel(key); 302 * Remove from hwaccel if appropriate, this will
303 * only happen when the key is actually unlinked,
304 * it will already be done when the key was replaced.
305 */
306 ieee80211_key_disable_hw_accel(key);
307 }
226 308
227 if (key->conf.alg == ALG_CCMP) 309 if (key->conf.alg == ALG_CCMP)
228 ieee80211_aes_key_free(key->u.ccmp.tfm); 310 ieee80211_aes_key_free(key->u.ccmp.tfm);
229 ieee80211_debugfs_key_remove(key); 311 ieee80211_debugfs_key_remove(key);
230 312
231 list_del(&key->list);
232
233 kfree(key); 313 kfree(key);
234} 314}
235 315
@@ -253,6 +333,10 @@ void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx)
253void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata) 333void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
254{ 334{
255 struct ieee80211_key *key, *tmp; 335 struct ieee80211_key *key, *tmp;
336 LIST_HEAD(tmp_list);
337
338 ASSERT_RTNL();
339 might_sleep();
256 340
257 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 341 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
258 ieee80211_key_free(key); 342 ieee80211_key_free(key);
@@ -262,8 +346,10 @@ void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
262{ 346{
263 struct ieee80211_key *key; 347 struct ieee80211_key *key;
264 348
265 WARN_ON(!netif_running(sdata->dev)); 349 ASSERT_RTNL();
266 if (!netif_running(sdata->dev)) 350 might_sleep();
351
352 if (WARN_ON(!netif_running(sdata->dev)))
267 return; 353 return;
268 354
269 list_for_each_entry(key, &sdata->key_list, list) 355 list_for_each_entry(key, &sdata->key_list, list)
@@ -274,6 +360,9 @@ void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata)
274{ 360{
275 struct ieee80211_key *key; 361 struct ieee80211_key *key;
276 362
363 ASSERT_RTNL();
364 might_sleep();
365
277 list_for_each_entry(key, &sdata->key_list, list) 366 list_for_each_entry(key, &sdata->key_list, list)
278 ieee80211_key_disable_hw_accel(key); 367 ieee80211_key_disable_hw_accel(key);
279} 368}
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
new file mode 100644
index 000000000000..594a3356a508
--- /dev/null
+++ b/net/mac80211/mesh.c
@@ -0,0 +1,449 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Authors: Luis Carlos Cobo <luisca@cozybit.com>
4 * Javier Cardona <javier@cozybit.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include "ieee80211_i.h"
12#include "mesh.h"
13
14#define PP_OFFSET 1 /* Path Selection Protocol */
15#define PM_OFFSET 5 /* Path Selection Metric */
16#define CC_OFFSET 9 /* Congestion Control Mode */
17#define CAPAB_OFFSET 17
18#define ACCEPT_PLINKS 0x80
19
20int mesh_allocated;
21static struct kmem_cache *rm_cache;
22
23void ieee80211s_init(void)
24{
25 mesh_pathtbl_init();
26 mesh_allocated = 1;
27 rm_cache = kmem_cache_create("mesh_rmc", sizeof(struct rmc_entry),
28 0, 0, NULL);
29}
30
31void ieee80211s_stop(void)
32{
33 mesh_pathtbl_unregister();
34 kmem_cache_destroy(rm_cache);
35}
36
37/**
38 * mesh_matches_local - check if the config of a mesh point matches ours
39 *
40 * @ie: information elements of a management frame from the mesh peer
41 * @dev: local mesh interface
42 *
43 * This function checks if the mesh configuration of a mesh point matches the
44 * local mesh configuration, i.e. if both nodes belong to the same mesh network.
45 */
46bool mesh_matches_local(struct ieee802_11_elems *ie, struct net_device *dev)
47{
48 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
49 struct ieee80211_if_sta *sta = &sdata->u.sta;
50
51 /*
52 * As support for each feature is added, check for matching
53 * - On mesh config capabilities
54 * - Power Save Support En
55 * - Sync support enabled
56 * - Sync support active
57 * - Sync support required from peer
58 * - MDA enabled
59 * - Power management control on fc
60 */
61 if (sta->mesh_id_len == ie->mesh_id_len &&
62 memcmp(sta->mesh_id, ie->mesh_id, ie->mesh_id_len) == 0 &&
63 memcmp(sta->mesh_pp_id, ie->mesh_config + PP_OFFSET, 4) == 0 &&
64 memcmp(sta->mesh_pm_id, ie->mesh_config + PM_OFFSET, 4) == 0 &&
65 memcmp(sta->mesh_cc_id, ie->mesh_config + CC_OFFSET, 4) == 0)
66 return true;
67
68 return false;
69}
70
71/**
72 * mesh_peer_accepts_plinks - check if an mp is willing to establish peer links
73 *
74 * @ie: information elements of a management frame from the mesh peer
75 * @dev: local mesh interface
76 */
77bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie,
78 struct net_device *dev)
79{
80 return (*(ie->mesh_config + CAPAB_OFFSET) & ACCEPT_PLINKS) != 0;
81}
82
83/**
84 * mesh_accept_plinks_update: update accepting_plink in local mesh beacons
85 *
86 * @sdata: mesh interface in which mesh beacons are going to be updated
87 */
88void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata)
89{
90 bool free_plinks;
91
92 /* In case mesh_plink_free_count > 0 and mesh_plinktbl_capacity == 0,
93 * the mesh interface might be able to establish plinks with peers that
94 * are already on the table but are not on PLINK_ESTAB state. However,
95 * in general the mesh interface is not accepting peer link requests
96 * from new peers, and that must be reflected in the beacon
97 */
98 free_plinks = mesh_plink_availables(sdata);
99
100 if (free_plinks != sdata->u.sta.accepting_plinks)
101 ieee80211_sta_timer((unsigned long) sdata);
102}
103
104void mesh_ids_set_default(struct ieee80211_if_sta *sta)
105{
106 u8 def_id[4] = {0x00, 0x0F, 0xAC, 0xff};
107
108 memcpy(sta->mesh_pp_id, def_id, 4);
109 memcpy(sta->mesh_pm_id, def_id, 4);
110 memcpy(sta->mesh_cc_id, def_id, 4);
111}
112
113int mesh_rmc_init(struct net_device *dev)
114{
115 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
116 int i;
117
118 sdata->u.sta.rmc = kmalloc(sizeof(struct mesh_rmc), GFP_KERNEL);
119 if (!sdata->u.sta.rmc)
120 return -ENOMEM;
121 sdata->u.sta.rmc->idx_mask = RMC_BUCKETS - 1;
122 for (i = 0; i < RMC_BUCKETS; i++)
123 INIT_LIST_HEAD(&sdata->u.sta.rmc->bucket[i].list);
124 return 0;
125}
126
127void mesh_rmc_free(struct net_device *dev)
128{
129 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
130 struct mesh_rmc *rmc = sdata->u.sta.rmc;
131 struct rmc_entry *p, *n;
132 int i;
133
134 if (!sdata->u.sta.rmc)
135 return;
136
137 for (i = 0; i < RMC_BUCKETS; i++)
138 list_for_each_entry_safe(p, n, &rmc->bucket[i].list, list) {
139 list_del(&p->list);
140 kmem_cache_free(rm_cache, p);
141 }
142
143 kfree(rmc);
144 sdata->u.sta.rmc = NULL;
145}
146
147/**
148 * mesh_rmc_check - Check frame in recent multicast cache and add if absent.
149 *
150 * @sa: source address
151 * @mesh_hdr: mesh_header
152 *
153 * Returns: 0 if the frame is not in the cache, nonzero otherwise.
154 *
155 * Checks using the source address and the mesh sequence number if we have
156 * received this frame lately. If the frame is not in the cache, it is added to
157 * it.
158 */
159int mesh_rmc_check(u8 *sa, struct ieee80211s_hdr *mesh_hdr,
160 struct net_device *dev)
161{
162 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
163 struct mesh_rmc *rmc = sdata->u.sta.rmc;
164 u32 seqnum = 0;
165 int entries = 0;
166 u8 idx;
167 struct rmc_entry *p, *n;
168
169 /* Don't care about endianness since only match matters */
170 memcpy(&seqnum, mesh_hdr->seqnum, sizeof(mesh_hdr->seqnum));
171 idx = mesh_hdr->seqnum[0] & rmc->idx_mask;
172 list_for_each_entry_safe(p, n, &rmc->bucket[idx].list, list) {
173 ++entries;
174 if (time_after(jiffies, p->exp_time) ||
175 (entries == RMC_QUEUE_MAX_LEN)) {
176 list_del(&p->list);
177 kmem_cache_free(rm_cache, p);
178 --entries;
179 } else if ((seqnum == p->seqnum)
180 && (memcmp(sa, p->sa, ETH_ALEN) == 0))
181 return -1;
182 }
183
184 p = kmem_cache_alloc(rm_cache, GFP_ATOMIC);
185 if (!p) {
186 printk(KERN_DEBUG "o11s: could not allocate RMC entry\n");
187 return 0;
188 }
189 p->seqnum = seqnum;
190 p->exp_time = jiffies + RMC_TIMEOUT;
191 memcpy(p->sa, sa, ETH_ALEN);
192 list_add(&p->list, &rmc->bucket[idx].list);
193 return 0;
194}
195
196void mesh_mgmt_ies_add(struct sk_buff *skb, struct net_device *dev)
197{
198 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
199 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
200 struct ieee80211_supported_band *sband;
201 u8 *pos;
202 int len, i, rate;
203
204 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
205 len = sband->n_bitrates;
206 if (len > 8)
207 len = 8;
208 pos = skb_put(skb, len + 2);
209 *pos++ = WLAN_EID_SUPP_RATES;
210 *pos++ = len;
211 for (i = 0; i < len; i++) {
212 rate = sband->bitrates[i].bitrate;
213 *pos++ = (u8) (rate / 5);
214 }
215
216 if (sband->n_bitrates > len) {
217 pos = skb_put(skb, sband->n_bitrates - len + 2);
218 *pos++ = WLAN_EID_EXT_SUPP_RATES;
219 *pos++ = sband->n_bitrates - len;
220 for (i = len; i < sband->n_bitrates; i++) {
221 rate = sband->bitrates[i].bitrate;
222 *pos++ = (u8) (rate / 5);
223 }
224 }
225
226 pos = skb_put(skb, 2 + sdata->u.sta.mesh_id_len);
227 *pos++ = WLAN_EID_MESH_ID;
228 *pos++ = sdata->u.sta.mesh_id_len;
229 if (sdata->u.sta.mesh_id_len)
230 memcpy(pos, sdata->u.sta.mesh_id, sdata->u.sta.mesh_id_len);
231
232 pos = skb_put(skb, 21);
233 *pos++ = WLAN_EID_MESH_CONFIG;
234 *pos++ = MESH_CFG_LEN;
235 /* Version */
236 *pos++ = 1;
237
238 /* Active path selection protocol ID */
239 memcpy(pos, sdata->u.sta.mesh_pp_id, 4);
240 pos += 4;
241
242 /* Active path selection metric ID */
243 memcpy(pos, sdata->u.sta.mesh_pm_id, 4);
244 pos += 4;
245
246 /* Congestion control mode identifier */
247 memcpy(pos, sdata->u.sta.mesh_cc_id, 4);
248 pos += 4;
249
250 /* Channel precedence:
251 * Not running simple channel unification protocol
252 */
253 memset(pos, 0x00, 4);
254 pos += 4;
255
256 /* Mesh capability */
257 sdata->u.sta.accepting_plinks = mesh_plink_availables(sdata);
258 *pos++ = sdata->u.sta.accepting_plinks ? ACCEPT_PLINKS : 0x00;
259 *pos++ = 0x00;
260
261 return;
262}
263
264u32 mesh_table_hash(u8 *addr, struct net_device *dev, struct mesh_table *tbl)
265{
266 /* Use last four bytes of hw addr and interface index as hash index */
267 return jhash_2words(*(u32 *)(addr+2), dev->ifindex, tbl->hash_rnd)
268 & tbl->hash_mask;
269}
270
271u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len)
272{
273 if (!mesh_id_len)
274 return 1;
275 else if (mesh_id_len == 1)
276 return (u8) mesh_id[0];
277 else
278 return (u8) (mesh_id[0] + 2 * mesh_id[1]);
279}
280
281struct mesh_table *mesh_table_alloc(int size_order)
282{
283 int i;
284 struct mesh_table *newtbl;
285
286 newtbl = kmalloc(sizeof(struct mesh_table), GFP_KERNEL);
287 if (!newtbl)
288 return NULL;
289
290 newtbl->hash_buckets = kzalloc(sizeof(struct hlist_head) *
291 (1 << size_order), GFP_KERNEL);
292
293 if (!newtbl->hash_buckets) {
294 kfree(newtbl);
295 return NULL;
296 }
297
298 newtbl->hashwlock = kmalloc(sizeof(spinlock_t) *
299 (1 << size_order), GFP_KERNEL);
300 if (!newtbl->hashwlock) {
301 kfree(newtbl->hash_buckets);
302 kfree(newtbl);
303 return NULL;
304 }
305
306 newtbl->size_order = size_order;
307 newtbl->hash_mask = (1 << size_order) - 1;
308 atomic_set(&newtbl->entries, 0);
309 get_random_bytes(&newtbl->hash_rnd,
310 sizeof(newtbl->hash_rnd));
311 for (i = 0; i <= newtbl->hash_mask; i++)
312 spin_lock_init(&newtbl->hashwlock[i]);
313
314 return newtbl;
315}
316
317void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
318{
319 struct hlist_head *mesh_hash;
320 struct hlist_node *p, *q;
321 int i;
322
323 mesh_hash = tbl->hash_buckets;
324 for (i = 0; i <= tbl->hash_mask; i++) {
325 spin_lock(&tbl->hashwlock[i]);
326 hlist_for_each_safe(p, q, &mesh_hash[i]) {
327 tbl->free_node(p, free_leafs);
328 atomic_dec(&tbl->entries);
329 }
330 spin_unlock(&tbl->hashwlock[i]);
331 }
332 kfree(tbl->hash_buckets);
333 kfree(tbl->hashwlock);
334 kfree(tbl);
335}
336
337static void ieee80211_mesh_path_timer(unsigned long data)
338{
339 struct ieee80211_sub_if_data *sdata =
340 (struct ieee80211_sub_if_data *) data;
341 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
342 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
343
344 queue_work(local->hw.workqueue, &ifsta->work);
345}
346
347struct mesh_table *mesh_table_grow(struct mesh_table *tbl)
348{
349 struct mesh_table *newtbl;
350 struct hlist_head *oldhash;
351 struct hlist_node *p;
352 int err = 0;
353 int i;
354
355 if (atomic_read(&tbl->entries)
356 < tbl->mean_chain_len * (tbl->hash_mask + 1)) {
357 err = -EPERM;
358 goto endgrow;
359 }
360
361 newtbl = mesh_table_alloc(tbl->size_order + 1);
362 if (!newtbl) {
363 err = -ENOMEM;
364 goto endgrow;
365 }
366
367 newtbl->free_node = tbl->free_node;
368 newtbl->mean_chain_len = tbl->mean_chain_len;
369 newtbl->copy_node = tbl->copy_node;
370 atomic_set(&newtbl->entries, atomic_read(&tbl->entries));
371
372 oldhash = tbl->hash_buckets;
373 for (i = 0; i <= tbl->hash_mask; i++)
374 hlist_for_each(p, &oldhash[i])
375 tbl->copy_node(p, newtbl);
376
377endgrow:
378 if (err)
379 return NULL;
380 else
381 return newtbl;
382}
383
384/**
385 * ieee80211_new_mesh_header - create a new mesh header
386 * @meshhdr: uninitialized mesh header
387 * @sdata: mesh interface to be used
388 *
389 * Return the header length.
390 */
391int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
392 struct ieee80211_sub_if_data *sdata)
393{
394 meshhdr->flags = 0;
395 meshhdr->ttl = sdata->u.sta.mshcfg.dot11MeshTTL;
396
397 meshhdr->seqnum[0] = sdata->u.sta.mesh_seqnum[0]++;
398 meshhdr->seqnum[1] = sdata->u.sta.mesh_seqnum[1];
399 meshhdr->seqnum[2] = sdata->u.sta.mesh_seqnum[2];
400
401 if (sdata->u.sta.mesh_seqnum[0] == 0) {
402 sdata->u.sta.mesh_seqnum[1]++;
403 if (sdata->u.sta.mesh_seqnum[1] == 0)
404 sdata->u.sta.mesh_seqnum[2]++;
405 }
406
407 return 5;
408}
409
410void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
411{
412 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
413
414 ifsta->mshcfg.dot11MeshRetryTimeout = MESH_RET_T;
415 ifsta->mshcfg.dot11MeshConfirmTimeout = MESH_CONF_T;
416 ifsta->mshcfg.dot11MeshHoldingTimeout = MESH_HOLD_T;
417 ifsta->mshcfg.dot11MeshMaxRetries = MESH_MAX_RETR;
418 ifsta->mshcfg.dot11MeshTTL = MESH_TTL;
419 ifsta->mshcfg.auto_open_plinks = true;
420 ifsta->mshcfg.dot11MeshMaxPeerLinks =
421 MESH_MAX_ESTAB_PLINKS;
422 ifsta->mshcfg.dot11MeshHWMPactivePathTimeout =
423 MESH_PATH_TIMEOUT;
424 ifsta->mshcfg.dot11MeshHWMPpreqMinInterval =
425 MESH_PREQ_MIN_INT;
426 ifsta->mshcfg.dot11MeshHWMPnetDiameterTraversalTime =
427 MESH_DIAM_TRAVERSAL_TIME;
428 ifsta->mshcfg.dot11MeshHWMPmaxPREQretries =
429 MESH_MAX_PREQ_RETRIES;
430 ifsta->mshcfg.path_refresh_time =
431 MESH_PATH_REFRESH_TIME;
432 ifsta->mshcfg.min_discovery_timeout =
433 MESH_MIN_DISCOVERY_TIMEOUT;
434 ifsta->accepting_plinks = true;
435 ifsta->preq_id = 0;
436 ifsta->dsn = 0;
437 atomic_set(&ifsta->mpaths, 0);
438 mesh_rmc_init(sdata->dev);
439 ifsta->last_preq = jiffies;
440 /* Allocate all mesh structures when creating the first mesh interface. */
441 if (!mesh_allocated)
442 ieee80211s_init();
443 mesh_ids_set_default(ifsta);
444 setup_timer(&ifsta->mesh_path_timer,
445 ieee80211_mesh_path_timer,
446 (unsigned long) sdata);
447 INIT_LIST_HEAD(&ifsta->preq_queue.list);
448 spin_lock_init(&ifsta->mesh_preq_queue_lock);
449}
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
new file mode 100644
index 000000000000..742003d3a841
--- /dev/null
+++ b/net/mac80211/mesh.h
@@ -0,0 +1,290 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Authors: Luis Carlos Cobo <luisca@cozybit.com>
4 * Javier Cardona <javier@cozybit.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef IEEE80211S_H
12#define IEEE80211S_H
13
14#include <linux/types.h>
15#include <linux/jhash.h>
16#include "ieee80211_i.h"
17
18
19/* Data structures */
20
21/**
22 * enum mesh_path_flags - mac80211 mesh path flags
23 *
24 *
25 *
26 * @MESH_PATH_ACTIVE: the mesh path is can be used for forwarding
27 * @MESH_PATH_RESOLVED: the discovery process is running for this mesh path
28 * @MESH_PATH_DSN_VALID: the mesh path contains a valid destination sequence
29 * number
30 * @MESH_PATH_FIXED: the mesh path has been manually set and should not be
31 * modified
32 * @MESH_PATH_RESOLVED: the mesh path can has been resolved
33 *
34 * MESH_PATH_RESOLVED and MESH_PATH_DELETE are used by the mesh path timer to
35 * decide when to stop or cancel the mesh path discovery.
36 */
37enum mesh_path_flags {
38 MESH_PATH_ACTIVE = BIT(0),
39 MESH_PATH_RESOLVING = BIT(1),
40 MESH_PATH_DSN_VALID = BIT(2),
41 MESH_PATH_FIXED = BIT(3),
42 MESH_PATH_RESOLVED = BIT(4),
43};
44
45/**
46 * struct mesh_path - mac80211 mesh path structure
47 *
48 * @dst: mesh path destination mac address
49 * @dev: mesh path device
50 * @next_hop: mesh neighbor to which frames for this destination will be
51 * forwarded
52 * @timer: mesh path discovery timer
53 * @frame_queue: pending queue for frames sent to this destination while the
54 * path is unresolved
55 * @dsn: destination sequence number of the destination
56 * @metric: current metric to this destination
57 * @hop_count: hops to destination
58 * @exp_time: in jiffies, when the path will expire or when it expired
59 * @discovery_timeout: timeout (lapse in jiffies) used for the last discovery
60 * retry
61 * @discovery_retries: number of discovery retries
62 * @flags: mesh path flags, as specified on &enum mesh_path_flags
63 * @state_lock: mesh pat state lock
64 *
65 *
66 * The combination of dst and dev is unique in the mesh path table. Since the
67 * next_hop STA is only protected by RCU as well, deleting the STA must also
68 * remove/substitute the mesh_path structure and wait until that is no longer
69 * reachable before destroying the STA completely.
70 */
71struct mesh_path {
72 u8 dst[ETH_ALEN];
73 struct net_device *dev;
74 struct sta_info *next_hop;
75 struct timer_list timer;
76 struct sk_buff_head frame_queue;
77 struct rcu_head rcu;
78 u32 dsn;
79 u32 metric;
80 u8 hop_count;
81 unsigned long exp_time;
82 u32 discovery_timeout;
83 u8 discovery_retries;
84 enum mesh_path_flags flags;
85 spinlock_t state_lock;
86};
87
88/**
89 * struct mesh_table
90 *
91 * @hash_buckets: array of hash buckets of the table
92 * @hashwlock: array of locks to protect write operations, one per bucket
93 * @hash_mask: 2^size_order - 1, used to compute hash idx
94 * @hash_rnd: random value used for hash computations
95 * @entries: number of entries in the table
96 * @free_node: function to free nodes of the table
97 * @copy_node: fuction to copy nodes of the table
98 * @size_order: determines size of the table, there will be 2^size_order hash
99 * buckets
100 * @mean_chain_len: maximum average length for the hash buckets' list, if it is
101 * reached, the table will grow
102 */
103struct mesh_table {
104 /* Number of buckets will be 2^N */
105 struct hlist_head *hash_buckets;
106 spinlock_t *hashwlock; /* One per bucket, for add/del */
107 unsigned int hash_mask; /* (2^size_order) - 1 */
108 __u32 hash_rnd; /* Used for hash generation */
109 atomic_t entries; /* Up to MAX_MESH_NEIGHBOURS */
110 void (*free_node) (struct hlist_node *p, bool free_leafs);
111 void (*copy_node) (struct hlist_node *p, struct mesh_table *newtbl);
112 int size_order;
113 int mean_chain_len;
114};
115
116/* Recent multicast cache */
117/* RMC_BUCKETS must be a power of 2, maximum 256 */
118#define RMC_BUCKETS 256
119#define RMC_QUEUE_MAX_LEN 4
120#define RMC_TIMEOUT (3 * HZ)
121
122/**
123 * struct rmc_entry - entry in the Recent Multicast Cache
124 *
125 * @seqnum: mesh sequence number of the frame
126 * @exp_time: expiration time of the entry, in jiffies
127 * @sa: source address of the frame
128 *
129 * The Recent Multicast Cache keeps track of the latest multicast frames that
130 * have been received by a mesh interface and discards received multicast frames
131 * that are found in the cache.
132 */
133struct rmc_entry {
134 struct list_head list;
135 u32 seqnum;
136 unsigned long exp_time;
137 u8 sa[ETH_ALEN];
138};
139
140struct mesh_rmc {
141 struct rmc_entry bucket[RMC_BUCKETS];
142 u8 idx_mask;
143};
144
145
146/* Mesh IEs constants */
147#define MESH_CFG_LEN 19
148
149/*
150 * MESH_CFG_COMP_LEN Includes:
151 * - Active path selection protocol ID.
152 * - Active path selection metric ID.
153 * - Congestion control mode identifier.
154 * - Channel precedence.
155 * Does not include mesh capabilities, which may vary across nodes in the same
156 * mesh
157 */
158#define MESH_CFG_CMP_LEN 17
159
160/* Default values, timeouts in ms */
161#define MESH_TTL 5
162#define MESH_MAX_RETR 3
163#define MESH_RET_T 100
164#define MESH_CONF_T 100
165#define MESH_HOLD_T 100
166
167#define MESH_PATH_TIMEOUT 5000
168/* Minimum interval between two consecutive PREQs originated by the same
169 * interface
170 */
171#define MESH_PREQ_MIN_INT 10
172#define MESH_DIAM_TRAVERSAL_TIME 50
173/* Paths will be refreshed if they are closer than PATH_REFRESH_TIME to their
174 * expiration
175 */
176#define MESH_PATH_REFRESH_TIME 1000
177#define MESH_MIN_DISCOVERY_TIMEOUT (2 * MESH_DIAM_TRAVERSAL_TIME)
178
179#define MESH_MAX_PREQ_RETRIES 4
180#define MESH_PATH_EXPIRE (600 * HZ)
181
182/* Default maximum number of established plinks per interface */
183#define MESH_MAX_ESTAB_PLINKS 32
184
185/* Default maximum number of plinks per interface */
186#define MESH_MAX_PLINKS 256
187
188/* Maximum number of paths per interface */
189#define MESH_MAX_MPATHS 1024
190
191/* Pending ANA approval */
192#define PLINK_CATEGORY 30
193#define MESH_PATH_SEL_CATEGORY 32
194
195/* Mesh Header Flags */
196#define IEEE80211S_FLAGS_AE 0x3
197
198/* Public interfaces */
199/* Various */
200u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len);
201int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr);
202int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
203 struct ieee80211_sub_if_data *sdata);
204int mesh_rmc_check(u8 *addr, struct ieee80211s_hdr *mesh_hdr,
205 struct net_device *dev);
206bool mesh_matches_local(struct ieee802_11_elems *ie, struct net_device *dev);
207void mesh_ids_set_default(struct ieee80211_if_sta *sta);
208void mesh_mgmt_ies_add(struct sk_buff *skb, struct net_device *dev);
209void mesh_rmc_free(struct net_device *dev);
210int mesh_rmc_init(struct net_device *dev);
211void ieee80211s_init(void);
212void ieee80211s_stop(void);
213void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata);
214
215/* Mesh paths */
216int mesh_nexthop_lookup(u8 *next_hop, struct sk_buff *skb,
217 struct net_device *dev);
218void mesh_path_start_discovery(struct net_device *dev);
219struct mesh_path *mesh_path_lookup(u8 *dst, struct net_device *dev);
220struct mesh_path *mesh_path_lookup_by_idx(int idx, struct net_device *dev);
221void mesh_path_fix_nexthop(struct mesh_path *mpath, struct sta_info *next_hop);
222void mesh_path_expire(struct net_device *dev);
223void mesh_path_flush(struct net_device *dev);
224void mesh_rx_path_sel_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
225 size_t len);
226int mesh_path_add(u8 *dst, struct net_device *dev);
227/* Mesh plinks */
228void mesh_neighbour_update(u8 *hw_addr, u64 rates, struct net_device *dev,
229 bool add);
230bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie,
231 struct net_device *dev);
232void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata);
233void mesh_plink_broken(struct sta_info *sta);
234void mesh_plink_deactivate(struct sta_info *sta);
235int mesh_plink_open(struct sta_info *sta);
236int mesh_plink_close(struct sta_info *sta);
237void mesh_plink_block(struct sta_info *sta);
238void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
239 size_t len, struct ieee80211_rx_status *rx_status);
240
241/* Private interfaces */
242/* Mesh tables */
243struct mesh_table *mesh_table_alloc(int size_order);
244void mesh_table_free(struct mesh_table *tbl, bool free_leafs);
245struct mesh_table *mesh_table_grow(struct mesh_table *tbl);
246u32 mesh_table_hash(u8 *addr, struct net_device *dev, struct mesh_table *tbl);
247/* Mesh paths */
248int mesh_path_error_tx(u8 *dest, __le32 dest_dsn, u8 *ra,
249 struct net_device *dev);
250void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta);
251void mesh_path_flush_pending(struct mesh_path *mpath);
252void mesh_path_tx_pending(struct mesh_path *mpath);
253int mesh_pathtbl_init(void);
254void mesh_pathtbl_unregister(void);
255int mesh_path_del(u8 *addr, struct net_device *dev);
256void mesh_path_timer(unsigned long data);
257void mesh_path_flush_by_nexthop(struct sta_info *sta);
258void mesh_path_discard_frame(struct sk_buff *skb, struct net_device *dev);
259
260#ifdef CONFIG_MAC80211_MESH
261extern int mesh_allocated;
262
263static inline int mesh_plink_free_count(struct ieee80211_sub_if_data *sdata)
264{
265 return sdata->u.sta.mshcfg.dot11MeshMaxPeerLinks -
266 atomic_read(&sdata->u.sta.mshstats.estab_plinks);
267}
268
269static inline bool mesh_plink_availables(struct ieee80211_sub_if_data *sdata)
270{
271 return (min_t(long, mesh_plink_free_count(sdata),
272 MESH_MAX_PLINKS - sdata->local->num_sta)) > 0;
273}
274
275static inline void mesh_path_activate(struct mesh_path *mpath)
276{
277 mpath->flags |= MESH_PATH_ACTIVE | MESH_PATH_RESOLVED;
278}
279
280#define for_each_mesh_entry(x, p, node, i) \
281 for (i = 0; i <= x->hash_mask; i++) \
282 hlist_for_each_entry_rcu(node, p, &x->hash_buckets[i], list)
283
284#else
285#define mesh_allocated 0
286#endif
287
288#define MESH_PREQ(skb) (skb->cb + 30)
289
290#endif /* IEEE80211S_H */
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
new file mode 100644
index 000000000000..576a6e55323e
--- /dev/null
+++ b/net/mac80211/mesh_hwmp.c
@@ -0,0 +1,857 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Author: Luis Carlos Cobo <luisca@cozybit.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <asm/unaligned.h>
11#include "mesh.h"
12
13#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
14
15#define TEST_FRAME_LEN 8192
16#define MAX_METRIC 0xffffffff
17#define ARITH_SHIFT 8
18
19/* Number of frames buffered per destination for unresolved destinations */
20#define MESH_FRAME_QUEUE_LEN 10
21#define MAX_PREQ_QUEUE_LEN 64
22
23/* Destination only */
24#define MP_F_DO 0x1
25/* Reply and forward */
26#define MP_F_RF 0x2
27
28static inline u32 u32_field_get(u8 *preq_elem, int offset, bool ae)
29{
30 if (ae)
31 offset += 6;
32 return le32_to_cpu(get_unaligned((__le32 *) (preq_elem + offset)));
33}
34
35/* HWMP IE processing macros */
36#define AE_F (1<<6)
37#define AE_F_SET(x) (*x & AE_F)
38#define PREQ_IE_FLAGS(x) (*(x))
39#define PREQ_IE_HOPCOUNT(x) (*(x + 1))
40#define PREQ_IE_TTL(x) (*(x + 2))
41#define PREQ_IE_PREQ_ID(x) u32_field_get(x, 3, 0)
42#define PREQ_IE_ORIG_ADDR(x) (x + 7)
43#define PREQ_IE_ORIG_DSN(x) u32_field_get(x, 13, 0);
44#define PREQ_IE_LIFETIME(x) u32_field_get(x, 17, AE_F_SET(x));
45#define PREQ_IE_METRIC(x) u32_field_get(x, 21, AE_F_SET(x));
46#define PREQ_IE_DST_F(x) (*(AE_F_SET(x) ? x + 32 : x + 26))
47#define PREQ_IE_DST_ADDR(x) (AE_F_SET(x) ? x + 33 : x + 27)
48#define PREQ_IE_DST_DSN(x) u32_field_get(x, 33, AE_F_SET(x));
49
50
51#define PREP_IE_FLAGS(x) PREQ_IE_FLAGS(x)
52#define PREP_IE_HOPCOUNT(x) PREQ_IE_HOPCOUNT(x)
53#define PREP_IE_TTL(x) PREQ_IE_TTL(x)
54#define PREP_IE_ORIG_ADDR(x) (x + 3)
55#define PREP_IE_ORIG_DSN(x) u32_field_get(x, 9, 0);
56#define PREP_IE_LIFETIME(x) u32_field_get(x, 13, AE_F_SET(x));
57#define PREP_IE_METRIC(x) u32_field_get(x, 17, AE_F_SET(x));
58#define PREP_IE_DST_ADDR(x) (AE_F_SET(x) ? x + 27 : x + 21)
59#define PREP_IE_DST_DSN(x) u32_field_get(x, 27, AE_F_SET(x));
60
61#define PERR_IE_DST_ADDR(x) (x + 2)
62#define PERR_IE_DST_DSN(x) u32_field_get(x, 8, 0);
63
64#define TU_TO_EXP_TIME(x) (jiffies + msecs_to_jiffies(x * 1024 / 1000))
65#define MSEC_TO_TU(x) (x*1000/1024)
66#define DSN_GT(x, y) ((long) (y) - (long) (x) < 0)
67#define DSN_LT(x, y) ((long) (x) - (long) (y) < 0)
68
69#define net_traversal_jiffies(s) \
70 msecs_to_jiffies(s->u.sta.mshcfg.dot11MeshHWMPnetDiameterTraversalTime)
71#define default_lifetime(s) \
72 MSEC_TO_TU(s->u.sta.mshcfg.dot11MeshHWMPactivePathTimeout)
73#define min_preq_int_jiff(s) \
74 (msecs_to_jiffies(s->u.sta.mshcfg.dot11MeshHWMPpreqMinInterval))
75#define max_preq_retries(s) (s->u.sta.mshcfg.dot11MeshHWMPmaxPREQretries)
76#define disc_timeout_jiff(s) \
77 msecs_to_jiffies(sdata->u.sta.mshcfg.min_discovery_timeout)
78
79enum mpath_frame_type {
80 MPATH_PREQ = 0,
81 MPATH_PREP,
82 MPATH_PERR
83};
84
85static int mesh_path_sel_frame_tx(enum mpath_frame_type action, u8 flags,
86 u8 *orig_addr, __le32 orig_dsn, u8 dst_flags, u8 *dst,
87 __le32 dst_dsn, u8 *da, u8 hop_count, u8 ttl, __le32 lifetime,
88 __le32 metric, __le32 preq_id, struct net_device *dev)
89{
90 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
91 struct sk_buff *skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
92 struct ieee80211_mgmt *mgmt;
93 u8 *pos;
94 int ie_len;
95
96 if (!skb)
97 return -1;
98 skb_reserve(skb, local->hw.extra_tx_headroom);
99 /* 25 is the size of the common mgmt part (24) plus the size of the
100 * common action part (1)
101 */
102 mgmt = (struct ieee80211_mgmt *)
103 skb_put(skb, 25 + sizeof(mgmt->u.action.u.mesh_action));
104 memset(mgmt, 0, 25 + sizeof(mgmt->u.action.u.mesh_action));
105 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
106 IEEE80211_STYPE_ACTION);
107
108 memcpy(mgmt->da, da, ETH_ALEN);
109 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
110 /* BSSID is left zeroed, wildcard value */
111 mgmt->u.action.category = MESH_PATH_SEL_CATEGORY;
112 mgmt->u.action.u.mesh_action.action_code = action;
113
114 switch (action) {
115 case MPATH_PREQ:
116 ie_len = 37;
117 pos = skb_put(skb, 2 + ie_len);
118 *pos++ = WLAN_EID_PREQ;
119 break;
120 case MPATH_PREP:
121 ie_len = 31;
122 pos = skb_put(skb, 2 + ie_len);
123 *pos++ = WLAN_EID_PREP;
124 break;
125 default:
126 kfree(skb);
127 return -ENOTSUPP;
128 break;
129 }
130 *pos++ = ie_len;
131 *pos++ = flags;
132 *pos++ = hop_count;
133 *pos++ = ttl;
134 if (action == MPATH_PREQ) {
135 memcpy(pos, &preq_id, 4);
136 pos += 4;
137 }
138 memcpy(pos, orig_addr, ETH_ALEN);
139 pos += ETH_ALEN;
140 memcpy(pos, &orig_dsn, 4);
141 pos += 4;
142 memcpy(pos, &lifetime, 4);
143 pos += 4;
144 memcpy(pos, &metric, 4);
145 pos += 4;
146 if (action == MPATH_PREQ) {
147 /* destination count */
148 *pos++ = 1;
149 *pos++ = dst_flags;
150 }
151 memcpy(pos, dst, ETH_ALEN);
152 pos += ETH_ALEN;
153 memcpy(pos, &dst_dsn, 4);
154
155 ieee80211_sta_tx(dev, skb, 0);
156 return 0;
157}
158
159/**
160 * mesh_send_path error - Sends a PERR mesh management frame
161 *
162 * @dst: broken destination
163 * @dst_dsn: dsn of the broken destination
164 * @ra: node this frame is addressed to
165 */
166int mesh_path_error_tx(u8 *dst, __le32 dst_dsn, u8 *ra,
167 struct net_device *dev)
168{
169 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
170 struct sk_buff *skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
171 struct ieee80211_mgmt *mgmt;
172 u8 *pos;
173 int ie_len;
174
175 if (!skb)
176 return -1;
177 skb_reserve(skb, local->hw.extra_tx_headroom);
178 /* 25 is the size of the common mgmt part (24) plus the size of the
179 * common action part (1)
180 */
181 mgmt = (struct ieee80211_mgmt *)
182 skb_put(skb, 25 + sizeof(mgmt->u.action.u.mesh_action));
183 memset(mgmt, 0, 25 + sizeof(mgmt->u.action.u.mesh_action));
184 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
185 IEEE80211_STYPE_ACTION);
186
187 memcpy(mgmt->da, ra, ETH_ALEN);
188 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
189 /* BSSID is left zeroed, wildcard value */
190 mgmt->u.action.category = MESH_PATH_SEL_CATEGORY;
191 mgmt->u.action.u.mesh_action.action_code = MPATH_PERR;
192 ie_len = 12;
193 pos = skb_put(skb, 2 + ie_len);
194 *pos++ = WLAN_EID_PERR;
195 *pos++ = ie_len;
196 /* mode flags, reserved */
197 *pos++ = 0;
198 /* number of destinations */
199 *pos++ = 1;
200 memcpy(pos, dst, ETH_ALEN);
201 pos += ETH_ALEN;
202 memcpy(pos, &dst_dsn, 4);
203
204 ieee80211_sta_tx(dev, skb, 0);
205 return 0;
206}
207
208static u32 airtime_link_metric_get(struct ieee80211_local *local,
209 struct sta_info *sta)
210{
211 struct ieee80211_supported_band *sband;
212 /* This should be adjusted for each device */
213 int device_constant = 1 << ARITH_SHIFT;
214 int test_frame_len = TEST_FRAME_LEN << ARITH_SHIFT;
215 int s_unit = 1 << ARITH_SHIFT;
216 int rate, err;
217 u32 tx_time, estimated_retx;
218 u64 result;
219
220 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
221
222 if (sta->fail_avg >= 100)
223 return MAX_METRIC;
224 err = (sta->fail_avg << ARITH_SHIFT) / 100;
225
226 /* bitrate is in units of 100 Kbps, while we need rate in units of
227 * 1Mbps. This will be corrected on tx_time computation.
228 */
229 rate = sband->bitrates[sta->txrate_idx].bitrate;
230 tx_time = (device_constant + 10 * test_frame_len / rate);
231 estimated_retx = ((1 << (2 * ARITH_SHIFT)) / (s_unit - err));
232 result = (tx_time * estimated_retx) >> (2 * ARITH_SHIFT) ;
233 return (u32)result;
234}
235
236/**
237 * hwmp_route_info_get - Update routing info to originator and transmitter
238 *
239 * @dev: local mesh interface
240 * @mgmt: mesh management frame
241 * @hwmp_ie: hwmp information element (PREP or PREQ)
242 *
243 * This function updates the path routing information to the originator and the
244 * transmitter of a HWMP PREQ or PREP fram.
245 *
246 * Returns: metric to frame originator or 0 if the frame should not be further
247 * processed
248 *
249 * Notes: this function is the only place (besides user-provided info) where
250 * path routing information is updated.
251 */
252static u32 hwmp_route_info_get(struct net_device *dev,
253 struct ieee80211_mgmt *mgmt,
254 u8 *hwmp_ie)
255{
256 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
257 struct mesh_path *mpath;
258 struct sta_info *sta;
259 bool fresh_info;
260 u8 *orig_addr, *ta;
261 u32 orig_dsn, orig_metric;
262 unsigned long orig_lifetime, exp_time;
263 u32 last_hop_metric, new_metric;
264 bool process = true;
265 u8 action = mgmt->u.action.u.mesh_action.action_code;
266
267 rcu_read_lock();
268 sta = sta_info_get(local, mgmt->sa);
269 if (!sta) {
270 rcu_read_unlock();
271 return 0;
272 }
273
274 last_hop_metric = airtime_link_metric_get(local, sta);
275 /* Update and check originator routing info */
276 fresh_info = true;
277
278 switch (action) {
279 case MPATH_PREQ:
280 orig_addr = PREQ_IE_ORIG_ADDR(hwmp_ie);
281 orig_dsn = PREQ_IE_ORIG_DSN(hwmp_ie);
282 orig_lifetime = PREQ_IE_LIFETIME(hwmp_ie);
283 orig_metric = PREQ_IE_METRIC(hwmp_ie);
284 break;
285 case MPATH_PREP:
286 /* Originator here refers to the MP that was the destination in
287 * the Path Request. The draft refers to that MP as the
288 * destination address, even though usually it is the origin of
289 * the PREP frame. We divert from the nomenclature in the draft
290 * so that we can easily use a single function to gather path
291 * information from both PREQ and PREP frames.
292 */
293 orig_addr = PREP_IE_ORIG_ADDR(hwmp_ie);
294 orig_dsn = PREP_IE_ORIG_DSN(hwmp_ie);
295 orig_lifetime = PREP_IE_LIFETIME(hwmp_ie);
296 orig_metric = PREP_IE_METRIC(hwmp_ie);
297 break;
298 default:
299 rcu_read_unlock();
300 return 0;
301 }
302 new_metric = orig_metric + last_hop_metric;
303 if (new_metric < orig_metric)
304 new_metric = MAX_METRIC;
305 exp_time = TU_TO_EXP_TIME(orig_lifetime);
306
307 if (memcmp(orig_addr, dev->dev_addr, ETH_ALEN) == 0) {
308 /* This MP is the originator, we are not interested in this
309 * frame, except for updating transmitter's path info.
310 */
311 process = false;
312 fresh_info = false;
313 } else {
314 mpath = mesh_path_lookup(orig_addr, dev);
315 if (mpath) {
316 spin_lock_bh(&mpath->state_lock);
317 if (mpath->flags & MESH_PATH_FIXED)
318 fresh_info = false;
319 else if ((mpath->flags & MESH_PATH_ACTIVE) &&
320 (mpath->flags & MESH_PATH_DSN_VALID)) {
321 if (DSN_GT(mpath->dsn, orig_dsn) ||
322 (mpath->dsn == orig_dsn &&
323 action == MPATH_PREQ &&
324 new_metric > mpath->metric)) {
325 process = false;
326 fresh_info = false;
327 }
328 }
329 } else {
330 mesh_path_add(orig_addr, dev);
331 mpath = mesh_path_lookup(orig_addr, dev);
332 if (!mpath) {
333 rcu_read_unlock();
334 return 0;
335 }
336 spin_lock_bh(&mpath->state_lock);
337 }
338
339 if (fresh_info) {
340 mesh_path_assign_nexthop(mpath, sta);
341 mpath->flags |= MESH_PATH_DSN_VALID;
342 mpath->metric = new_metric;
343 mpath->dsn = orig_dsn;
344 mpath->exp_time = time_after(mpath->exp_time, exp_time)
345 ? mpath->exp_time : exp_time;
346 mesh_path_activate(mpath);
347 spin_unlock_bh(&mpath->state_lock);
348 mesh_path_tx_pending(mpath);
349 /* draft says preq_id should be saved to, but there does
350 * not seem to be any use for it, skipping by now
351 */
352 } else
353 spin_unlock_bh(&mpath->state_lock);
354 }
355
356 /* Update and check transmitter routing info */
357 ta = mgmt->sa;
358 if (memcmp(orig_addr, ta, ETH_ALEN) == 0)
359 fresh_info = false;
360 else {
361 fresh_info = true;
362
363 mpath = mesh_path_lookup(ta, dev);
364 if (mpath) {
365 spin_lock_bh(&mpath->state_lock);
366 if ((mpath->flags & MESH_PATH_FIXED) ||
367 ((mpath->flags & MESH_PATH_ACTIVE) &&
368 (last_hop_metric > mpath->metric)))
369 fresh_info = false;
370 } else {
371 mesh_path_add(ta, dev);
372 mpath = mesh_path_lookup(ta, dev);
373 if (!mpath) {
374 rcu_read_unlock();
375 return 0;
376 }
377 spin_lock_bh(&mpath->state_lock);
378 }
379
380 if (fresh_info) {
381 mesh_path_assign_nexthop(mpath, sta);
382 mpath->flags &= ~MESH_PATH_DSN_VALID;
383 mpath->metric = last_hop_metric;
384 mpath->exp_time = time_after(mpath->exp_time, exp_time)
385 ? mpath->exp_time : exp_time;
386 mesh_path_activate(mpath);
387 spin_unlock_bh(&mpath->state_lock);
388 mesh_path_tx_pending(mpath);
389 } else
390 spin_unlock_bh(&mpath->state_lock);
391 }
392
393 rcu_read_unlock();
394
395 return process ? new_metric : 0;
396}
397
398static void hwmp_preq_frame_process(struct net_device *dev,
399 struct ieee80211_mgmt *mgmt,
400 u8 *preq_elem, u32 metric) {
401 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
402 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
403 struct mesh_path *mpath;
404 u8 *dst_addr, *orig_addr;
405 u8 dst_flags, ttl;
406 u32 orig_dsn, dst_dsn, lifetime;
407 bool reply = false;
408 bool forward = true;
409
410 /* Update destination DSN, if present */
411 dst_addr = PREQ_IE_DST_ADDR(preq_elem);
412 orig_addr = PREQ_IE_ORIG_ADDR(preq_elem);
413 dst_dsn = PREQ_IE_DST_DSN(preq_elem);
414 orig_dsn = PREQ_IE_ORIG_DSN(preq_elem);
415 dst_flags = PREQ_IE_DST_F(preq_elem);
416
417 if (memcmp(dst_addr, dev->dev_addr, ETH_ALEN) == 0) {
418 forward = false;
419 reply = true;
420 metric = 0;
421 if (time_after(jiffies, ifsta->last_dsn_update +
422 net_traversal_jiffies(sdata)) ||
423 time_before(jiffies, ifsta->last_dsn_update)) {
424 dst_dsn = ++ifsta->dsn;
425 ifsta->last_dsn_update = jiffies;
426 }
427 } else {
428 rcu_read_lock();
429 mpath = mesh_path_lookup(dst_addr, dev);
430 if (mpath) {
431 if ((!(mpath->flags & MESH_PATH_DSN_VALID)) ||
432 DSN_LT(mpath->dsn, dst_dsn)) {
433 mpath->dsn = dst_dsn;
434 mpath->flags &= MESH_PATH_DSN_VALID;
435 } else if ((!(dst_flags & MP_F_DO)) &&
436 (mpath->flags & MESH_PATH_ACTIVE)) {
437 reply = true;
438 metric = mpath->metric;
439 dst_dsn = mpath->dsn;
440 if (dst_flags & MP_F_RF)
441 dst_flags |= MP_F_DO;
442 else
443 forward = false;
444 }
445 }
446 rcu_read_unlock();
447 }
448
449 if (reply) {
450 lifetime = PREQ_IE_LIFETIME(preq_elem);
451 ttl = ifsta->mshcfg.dot11MeshTTL;
452 if (ttl != 0)
453 mesh_path_sel_frame_tx(MPATH_PREP, 0, dst_addr,
454 cpu_to_le32(dst_dsn), 0, orig_addr,
455 cpu_to_le32(orig_dsn), mgmt->sa, 0, ttl,
456 cpu_to_le32(lifetime), cpu_to_le32(metric),
457 0, dev);
458 else
459 ifsta->mshstats.dropped_frames_ttl++;
460 }
461
462 if (forward) {
463 u32 preq_id;
464 u8 hopcount, flags;
465
466 ttl = PREQ_IE_TTL(preq_elem);
467 lifetime = PREQ_IE_LIFETIME(preq_elem);
468 if (ttl <= 1) {
469 ifsta->mshstats.dropped_frames_ttl++;
470 return;
471 }
472 --ttl;
473 flags = PREQ_IE_FLAGS(preq_elem);
474 preq_id = PREQ_IE_PREQ_ID(preq_elem);
475 hopcount = PREQ_IE_HOPCOUNT(preq_elem) + 1;
476 mesh_path_sel_frame_tx(MPATH_PREQ, flags, orig_addr,
477 cpu_to_le32(orig_dsn), dst_flags, dst_addr,
478 cpu_to_le32(dst_dsn), dev->broadcast,
479 hopcount, ttl, cpu_to_le32(lifetime),
480 cpu_to_le32(metric), cpu_to_le32(preq_id),
481 dev);
482 ifsta->mshstats.fwded_frames++;
483 }
484}
485
486
487static void hwmp_prep_frame_process(struct net_device *dev,
488 struct ieee80211_mgmt *mgmt,
489 u8 *prep_elem, u32 metric)
490{
491 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
492 struct mesh_path *mpath;
493 u8 *dst_addr, *orig_addr;
494 u8 ttl, hopcount, flags;
495 u8 next_hop[ETH_ALEN];
496 u32 dst_dsn, orig_dsn, lifetime;
497
498 /* Note that we divert from the draft nomenclature and denominate
499 * destination to what the draft refers to as origininator. So in this
500 * function destnation refers to the final destination of the PREP,
501 * which corresponds with the originator of the PREQ which this PREP
502 * replies
503 */
504 dst_addr = PREP_IE_DST_ADDR(prep_elem);
505 if (memcmp(dst_addr, dev->dev_addr, ETH_ALEN) == 0)
506 /* destination, no forwarding required */
507 return;
508
509 ttl = PREP_IE_TTL(prep_elem);
510 if (ttl <= 1) {
511 sdata->u.sta.mshstats.dropped_frames_ttl++;
512 return;
513 }
514
515 rcu_read_lock();
516 mpath = mesh_path_lookup(dst_addr, dev);
517 if (mpath)
518 spin_lock_bh(&mpath->state_lock);
519 else
520 goto fail;
521 if (!(mpath->flags & MESH_PATH_ACTIVE)) {
522 spin_unlock_bh(&mpath->state_lock);
523 goto fail;
524 }
525 memcpy(next_hop, mpath->next_hop->addr, ETH_ALEN);
526 spin_unlock_bh(&mpath->state_lock);
527 --ttl;
528 flags = PREP_IE_FLAGS(prep_elem);
529 lifetime = PREP_IE_LIFETIME(prep_elem);
530 hopcount = PREP_IE_HOPCOUNT(prep_elem) + 1;
531 orig_addr = PREP_IE_ORIG_ADDR(prep_elem);
532 dst_dsn = PREP_IE_DST_DSN(prep_elem);
533 orig_dsn = PREP_IE_ORIG_DSN(prep_elem);
534
535 mesh_path_sel_frame_tx(MPATH_PREP, flags, orig_addr,
536 cpu_to_le32(orig_dsn), 0, dst_addr,
537 cpu_to_le32(dst_dsn), mpath->next_hop->addr, hopcount, ttl,
538 cpu_to_le32(lifetime), cpu_to_le32(metric),
539 0, dev);
540 rcu_read_unlock();
541 sdata->u.sta.mshstats.fwded_frames++;
542 return;
543
544fail:
545 rcu_read_unlock();
546 sdata->u.sta.mshstats.dropped_frames_no_route++;
547 return;
548}
549
550static void hwmp_perr_frame_process(struct net_device *dev,
551 struct ieee80211_mgmt *mgmt, u8 *perr_elem)
552{
553 struct mesh_path *mpath;
554 u8 *ta, *dst_addr;
555 u32 dst_dsn;
556
557 ta = mgmt->sa;
558 dst_addr = PERR_IE_DST_ADDR(perr_elem);
559 dst_dsn = PERR_IE_DST_DSN(perr_elem);
560 rcu_read_lock();
561 mpath = mesh_path_lookup(dst_addr, dev);
562 if (mpath) {
563 spin_lock_bh(&mpath->state_lock);
564 if (mpath->flags & MESH_PATH_ACTIVE &&
565 memcmp(ta, mpath->next_hop->addr, ETH_ALEN) == 0 &&
566 (!(mpath->flags & MESH_PATH_DSN_VALID) ||
567 DSN_GT(dst_dsn, mpath->dsn))) {
568 mpath->flags &= ~MESH_PATH_ACTIVE;
569 mpath->dsn = dst_dsn;
570 spin_unlock_bh(&mpath->state_lock);
571 mesh_path_error_tx(dst_addr, cpu_to_le32(dst_dsn),
572 dev->broadcast, dev);
573 } else
574 spin_unlock_bh(&mpath->state_lock);
575 }
576 rcu_read_unlock();
577}
578
579
580
581void mesh_rx_path_sel_frame(struct net_device *dev,
582 struct ieee80211_mgmt *mgmt,
583 size_t len)
584{
585 struct ieee802_11_elems elems;
586 size_t baselen;
587 u32 last_hop_metric;
588
589 baselen = (u8 *) mgmt->u.action.u.mesh_action.variable - (u8 *) mgmt;
590 ieee802_11_parse_elems(mgmt->u.action.u.mesh_action.variable,
591 len - baselen, &elems);
592
593 switch (mgmt->u.action.u.mesh_action.action_code) {
594 case MPATH_PREQ:
595 if (!elems.preq || elems.preq_len != 37)
596 /* Right now we support just 1 destination and no AE */
597 return;
598 last_hop_metric = hwmp_route_info_get(dev, mgmt, elems.preq);
599 if (!last_hop_metric)
600 return;
601 hwmp_preq_frame_process(dev, mgmt, elems.preq, last_hop_metric);
602 break;
603 case MPATH_PREP:
604 if (!elems.prep || elems.prep_len != 31)
605 /* Right now we support no AE */
606 return;
607 last_hop_metric = hwmp_route_info_get(dev, mgmt, elems.prep);
608 if (!last_hop_metric)
609 return;
610 hwmp_prep_frame_process(dev, mgmt, elems.prep, last_hop_metric);
611 break;
612 case MPATH_PERR:
613 if (!elems.perr || elems.perr_len != 12)
614 /* Right now we support only one destination per PERR */
615 return;
616 hwmp_perr_frame_process(dev, mgmt, elems.perr);
617 default:
618 return;
619 }
620
621}
622
623/**
624 * mesh_queue_preq - queue a PREQ to a given destination
625 *
626 * @mpath: mesh path to discover
627 * @flags: special attributes of the PREQ to be sent
628 *
629 * Locking: the function must be called from within a rcu read lock block.
630 *
631 */
632static void mesh_queue_preq(struct mesh_path *mpath, u8 flags)
633{
634 struct ieee80211_sub_if_data *sdata =
635 IEEE80211_DEV_TO_SUB_IF(mpath->dev);
636 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
637 struct mesh_preq_queue *preq_node;
638
639 preq_node = kmalloc(sizeof(struct mesh_preq_queue), GFP_KERNEL);
640 if (!preq_node) {
641 printk(KERN_DEBUG "Mesh HWMP: could not allocate PREQ node\n");
642 return;
643 }
644
645 spin_lock(&ifsta->mesh_preq_queue_lock);
646 if (ifsta->preq_queue_len == MAX_PREQ_QUEUE_LEN) {
647 spin_unlock(&ifsta->mesh_preq_queue_lock);
648 kfree(preq_node);
649 if (printk_ratelimit())
650 printk(KERN_DEBUG "Mesh HWMP: PREQ node queue full\n");
651 return;
652 }
653
654 memcpy(preq_node->dst, mpath->dst, ETH_ALEN);
655 preq_node->flags = flags;
656
657 list_add_tail(&preq_node->list, &ifsta->preq_queue.list);
658 ++ifsta->preq_queue_len;
659 spin_unlock(&ifsta->mesh_preq_queue_lock);
660
661 if (time_after(jiffies, ifsta->last_preq + min_preq_int_jiff(sdata)))
662 queue_work(sdata->local->hw.workqueue, &ifsta->work);
663
664 else if (time_before(jiffies, ifsta->last_preq)) {
665 /* avoid long wait if did not send preqs for a long time
666 * and jiffies wrapped around
667 */
668 ifsta->last_preq = jiffies - min_preq_int_jiff(sdata) - 1;
669 queue_work(sdata->local->hw.workqueue, &ifsta->work);
670 } else
671 mod_timer(&ifsta->mesh_path_timer, ifsta->last_preq +
672 min_preq_int_jiff(sdata));
673}
674
675/**
676 * mesh_path_start_discovery - launch a path discovery from the PREQ queue
677 *
678 * @dev: local mesh interface
679 */
680void mesh_path_start_discovery(struct net_device *dev)
681{
682 struct ieee80211_sub_if_data *sdata =
683 IEEE80211_DEV_TO_SUB_IF(dev);
684 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
685 struct mesh_preq_queue *preq_node;
686 struct mesh_path *mpath;
687 u8 ttl, dst_flags;
688 u32 lifetime;
689
690 spin_lock(&ifsta->mesh_preq_queue_lock);
691 if (!ifsta->preq_queue_len ||
692 time_before(jiffies, ifsta->last_preq +
693 min_preq_int_jiff(sdata))) {
694 spin_unlock(&ifsta->mesh_preq_queue_lock);
695 return;
696 }
697
698 preq_node = list_first_entry(&ifsta->preq_queue.list,
699 struct mesh_preq_queue, list);
700 list_del(&preq_node->list);
701 --ifsta->preq_queue_len;
702 spin_unlock(&ifsta->mesh_preq_queue_lock);
703
704 rcu_read_lock();
705 mpath = mesh_path_lookup(preq_node->dst, dev);
706 if (!mpath)
707 goto enddiscovery;
708
709 spin_lock_bh(&mpath->state_lock);
710 if (preq_node->flags & PREQ_Q_F_START) {
711 if (mpath->flags & MESH_PATH_RESOLVING) {
712 spin_unlock_bh(&mpath->state_lock);
713 goto enddiscovery;
714 } else {
715 mpath->flags &= ~MESH_PATH_RESOLVED;
716 mpath->flags |= MESH_PATH_RESOLVING;
717 mpath->discovery_retries = 0;
718 mpath->discovery_timeout = disc_timeout_jiff(sdata);
719 }
720 } else if (!(mpath->flags & MESH_PATH_RESOLVING) ||
721 mpath->flags & MESH_PATH_RESOLVED) {
722 mpath->flags &= ~MESH_PATH_RESOLVING;
723 spin_unlock_bh(&mpath->state_lock);
724 goto enddiscovery;
725 }
726
727 ifsta->last_preq = jiffies;
728
729 if (time_after(jiffies, ifsta->last_dsn_update +
730 net_traversal_jiffies(sdata)) ||
731 time_before(jiffies, ifsta->last_dsn_update)) {
732 ++ifsta->dsn;
733 sdata->u.sta.last_dsn_update = jiffies;
734 }
735 lifetime = default_lifetime(sdata);
736 ttl = sdata->u.sta.mshcfg.dot11MeshTTL;
737 if (ttl == 0) {
738 sdata->u.sta.mshstats.dropped_frames_ttl++;
739 spin_unlock_bh(&mpath->state_lock);
740 goto enddiscovery;
741 }
742
743 if (preq_node->flags & PREQ_Q_F_REFRESH)
744 dst_flags = MP_F_DO;
745 else
746 dst_flags = MP_F_RF;
747
748 spin_unlock_bh(&mpath->state_lock);
749 mesh_path_sel_frame_tx(MPATH_PREQ, 0, dev->dev_addr,
750 cpu_to_le32(ifsta->dsn), dst_flags, mpath->dst,
751 cpu_to_le32(mpath->dsn), dev->broadcast, 0,
752 ttl, cpu_to_le32(lifetime), 0,
753 cpu_to_le32(ifsta->preq_id++), dev);
754 mod_timer(&mpath->timer, jiffies + mpath->discovery_timeout);
755
756enddiscovery:
757 rcu_read_unlock();
758 kfree(preq_node);
759}
760
761/**
762 * ieee80211s_lookup_nexthop - put the appropriate next hop on a mesh frame
763 *
764 * @next_hop: output argument for next hop address
765 * @skb: frame to be sent
766 * @dev: network device the frame will be sent through
767 *
768 * Returns: 0 if the next hop was found. Nonzero otherwise. If no next hop is
769 * found, the function will start a path discovery and queue the frame so it is
770 * sent when the path is resolved. This means the caller must not free the skb
771 * in this case.
772 */
773int mesh_nexthop_lookup(u8 *next_hop, struct sk_buff *skb,
774 struct net_device *dev)
775{
776 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
777 struct sk_buff *skb_to_free = NULL;
778 struct mesh_path *mpath;
779 int err = 0;
780
781 rcu_read_lock();
782 mpath = mesh_path_lookup(skb->data, dev);
783
784 if (!mpath) {
785 mesh_path_add(skb->data, dev);
786 mpath = mesh_path_lookup(skb->data, dev);
787 if (!mpath) {
788 dev_kfree_skb(skb);
789 sdata->u.sta.mshstats.dropped_frames_no_route++;
790 err = -ENOSPC;
791 goto endlookup;
792 }
793 }
794
795 if (mpath->flags & MESH_PATH_ACTIVE) {
796 if (time_after(jiffies, mpath->exp_time -
797 msecs_to_jiffies(sdata->u.sta.mshcfg.path_refresh_time))
798 && skb->pkt_type != PACKET_OTHERHOST
799 && !(mpath->flags & MESH_PATH_RESOLVING)
800 && !(mpath->flags & MESH_PATH_FIXED)) {
801 mesh_queue_preq(mpath,
802 PREQ_Q_F_START | PREQ_Q_F_REFRESH);
803 }
804 memcpy(next_hop, mpath->next_hop->addr,
805 ETH_ALEN);
806 } else {
807 if (!(mpath->flags & MESH_PATH_RESOLVING)) {
808 /* Start discovery only if it is not running yet */
809 mesh_queue_preq(mpath, PREQ_Q_F_START);
810 }
811
812 if (skb_queue_len(&mpath->frame_queue) >=
813 MESH_FRAME_QUEUE_LEN) {
814 skb_to_free = mpath->frame_queue.next;
815 skb_unlink(skb_to_free, &mpath->frame_queue);
816 }
817
818 skb_queue_tail(&mpath->frame_queue, skb);
819 if (skb_to_free)
820 mesh_path_discard_frame(skb_to_free, dev);
821 err = -ENOENT;
822 }
823
824endlookup:
825 rcu_read_unlock();
826 return err;
827}
828
829void mesh_path_timer(unsigned long data)
830{
831 struct ieee80211_sub_if_data *sdata;
832 struct mesh_path *mpath;
833
834 rcu_read_lock();
835 mpath = (struct mesh_path *) data;
836 mpath = rcu_dereference(mpath);
837 if (!mpath)
838 goto endmpathtimer;
839 spin_lock_bh(&mpath->state_lock);
840 sdata = IEEE80211_DEV_TO_SUB_IF(mpath->dev);
841 if (mpath->flags & MESH_PATH_RESOLVED ||
842 (!(mpath->flags & MESH_PATH_RESOLVING)))
843 mpath->flags &= ~(MESH_PATH_RESOLVING | MESH_PATH_RESOLVED);
844 else if (mpath->discovery_retries < max_preq_retries(sdata)) {
845 ++mpath->discovery_retries;
846 mpath->discovery_timeout *= 2;
847 mesh_queue_preq(mpath, 0);
848 } else {
849 mpath->flags = 0;
850 mpath->exp_time = jiffies;
851 mesh_path_flush_pending(mpath);
852 }
853
854 spin_unlock_bh(&mpath->state_lock);
855endmpathtimer:
856 rcu_read_unlock();
857}
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
new file mode 100644
index 000000000000..5845dc21ce85
--- /dev/null
+++ b/net/mac80211/mesh_pathtbl.c
@@ -0,0 +1,516 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Author: Luis Carlos Cobo <luisca@cozybit.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/etherdevice.h>
11#include <linux/list.h>
12#include <linux/netdevice.h>
13#include <linux/random.h>
14#include <linux/spinlock.h>
15#include <linux/string.h>
16#include <net/mac80211.h>
17#include "ieee80211_i.h"
18#include "mesh.h"
19
20/* There will be initially 2^INIT_PATHS_SIZE_ORDER buckets */
21#define INIT_PATHS_SIZE_ORDER 2
22
23/* Keep the mean chain length below this constant */
24#define MEAN_CHAIN_LEN 2
25
26#define MPATH_EXPIRED(mpath) ((mpath->flags & MESH_PATH_ACTIVE) && \
27 time_after(jiffies, mpath->exp_time) && \
28 !(mpath->flags & MESH_PATH_FIXED))
29
30struct mpath_node {
31 struct hlist_node list;
32 struct rcu_head rcu;
33 /* This indirection allows two different tables to point to the same
34 * mesh_path structure, useful when resizing
35 */
36 struct mesh_path *mpath;
37};
38
39static struct mesh_table *mesh_paths;
40
41/* This lock will have the grow table function as writer and add / delete nodes
42 * as readers. When reading the table (i.e. doing lookups) we are well protected
43 * by RCU
44 */
45static DEFINE_RWLOCK(pathtbl_resize_lock);
46
47/**
48 *
49 * mesh_path_assign_nexthop - update mesh path next hop
50 *
51 * @mpath: mesh path to update
52 * @sta: next hop to assign
53 *
54 * Locking: mpath->state_lock must be held when calling this function
55 */
56void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta)
57{
58 rcu_assign_pointer(mpath->next_hop, sta);
59}
60
61
62/**
63 * mesh_path_lookup - look up a path in the mesh path table
64 * @dst: hardware address (ETH_ALEN length) of destination
65 * @dev: local interface
66 *
67 * Returns: pointer to the mesh path structure, or NULL if not found
68 *
69 * Locking: must be called within a read rcu section.
70 */
71struct mesh_path *mesh_path_lookup(u8 *dst, struct net_device *dev)
72{
73 struct mesh_path *mpath;
74 struct hlist_node *n;
75 struct hlist_head *bucket;
76 struct mesh_table *tbl;
77 struct mpath_node *node;
78
79 tbl = rcu_dereference(mesh_paths);
80
81 bucket = &tbl->hash_buckets[mesh_table_hash(dst, dev, tbl)];
82 hlist_for_each_entry_rcu(node, n, bucket, list) {
83 mpath = node->mpath;
84 if (mpath->dev == dev &&
85 memcmp(dst, mpath->dst, ETH_ALEN) == 0) {
86 if (MPATH_EXPIRED(mpath)) {
87 spin_lock_bh(&mpath->state_lock);
88 if (MPATH_EXPIRED(mpath))
89 mpath->flags &= ~MESH_PATH_ACTIVE;
90 spin_unlock_bh(&mpath->state_lock);
91 }
92 return mpath;
93 }
94 }
95 return NULL;
96}
97
98/**
99 * mesh_path_lookup_by_idx - look up a path in the mesh path table by its index
100 * @idx: index
101 * @dev: local interface, or NULL for all entries
102 *
103 * Returns: pointer to the mesh path structure, or NULL if not found.
104 *
105 * Locking: must be called within a read rcu section.
106 */
107struct mesh_path *mesh_path_lookup_by_idx(int idx, struct net_device *dev)
108{
109 struct mpath_node *node;
110 struct hlist_node *p;
111 int i;
112 int j = 0;
113
114 for_each_mesh_entry(mesh_paths, p, node, i) {
115 if (dev && node->mpath->dev != dev)
116 continue;
117 if (j++ == idx) {
118 if (MPATH_EXPIRED(node->mpath)) {
119 spin_lock_bh(&node->mpath->state_lock);
120 if (MPATH_EXPIRED(node->mpath))
121 node->mpath->flags &= ~MESH_PATH_ACTIVE;
122 spin_unlock_bh(&node->mpath->state_lock);
123 }
124 return node->mpath;
125 }
126 }
127
128 return NULL;
129}
130
131/**
132 * mesh_path_add - allocate and add a new path to the mesh path table
133 * @addr: destination address of the path (ETH_ALEN length)
134 * @dev: local interface
135 *
136 * Returns: 0 on sucess
137 *
138 * State: the initial state of the new path is set to 0
139 */
140int mesh_path_add(u8 *dst, struct net_device *dev)
141{
142 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
143 struct mesh_path *mpath, *new_mpath;
144 struct mpath_node *node, *new_node;
145 struct hlist_head *bucket;
146 struct hlist_node *n;
147 int grow = 0;
148 int err = 0;
149 u32 hash_idx;
150
151 if (memcmp(dst, dev->dev_addr, ETH_ALEN) == 0)
152 /* never add ourselves as neighbours */
153 return -ENOTSUPP;
154
155 if (is_multicast_ether_addr(dst))
156 return -ENOTSUPP;
157
158 if (atomic_add_unless(&sdata->u.sta.mpaths, 1, MESH_MAX_MPATHS) == 0)
159 return -ENOSPC;
160
161 read_lock(&pathtbl_resize_lock);
162
163 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL);
164 if (!new_mpath) {
165 atomic_dec(&sdata->u.sta.mpaths);
166 err = -ENOMEM;
167 goto endadd2;
168 }
169 memcpy(new_mpath->dst, dst, ETH_ALEN);
170 new_mpath->dev = dev;
171 new_mpath->flags = 0;
172 skb_queue_head_init(&new_mpath->frame_queue);
173 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
174 new_node->mpath = new_mpath;
175 new_mpath->timer.data = (unsigned long) new_mpath;
176 new_mpath->timer.function = mesh_path_timer;
177 new_mpath->exp_time = jiffies;
178 spin_lock_init(&new_mpath->state_lock);
179 init_timer(&new_mpath->timer);
180
181 hash_idx = mesh_table_hash(dst, dev, mesh_paths);
182 bucket = &mesh_paths->hash_buckets[hash_idx];
183
184 spin_lock(&mesh_paths->hashwlock[hash_idx]);
185
186 hlist_for_each_entry(node, n, bucket, list) {
187 mpath = node->mpath;
188 if (mpath->dev == dev && memcmp(dst, mpath->dst, ETH_ALEN)
189 == 0) {
190 err = -EEXIST;
191 atomic_dec(&sdata->u.sta.mpaths);
192 kfree(new_node);
193 kfree(new_mpath);
194 goto endadd;
195 }
196 }
197
198 hlist_add_head_rcu(&new_node->list, bucket);
199 if (atomic_inc_return(&mesh_paths->entries) >=
200 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1))
201 grow = 1;
202
203endadd:
204 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
205endadd2:
206 read_unlock(&pathtbl_resize_lock);
207 if (!err && grow) {
208 struct mesh_table *oldtbl, *newtbl;
209
210 write_lock(&pathtbl_resize_lock);
211 oldtbl = mesh_paths;
212 newtbl = mesh_table_grow(mesh_paths);
213 if (!newtbl) {
214 write_unlock(&pathtbl_resize_lock);
215 return -ENOMEM;
216 }
217 rcu_assign_pointer(mesh_paths, newtbl);
218 synchronize_rcu();
219 mesh_table_free(oldtbl, false);
220 write_unlock(&pathtbl_resize_lock);
221 }
222 return err;
223}
224
225
226/**
227 * mesh_plink_broken - deactivates paths and sends perr when a link breaks
228 *
229 * @sta: broken peer link
230 *
231 * This function must be called from the rate control algorithm if enough
232 * delivery errors suggest that a peer link is no longer usable.
233 */
234void mesh_plink_broken(struct sta_info *sta)
235{
236 struct mesh_path *mpath;
237 struct mpath_node *node;
238 struct hlist_node *p;
239 struct net_device *dev = sta->sdata->dev;
240 int i;
241
242 rcu_read_lock();
243 for_each_mesh_entry(mesh_paths, p, node, i) {
244 mpath = node->mpath;
245 spin_lock_bh(&mpath->state_lock);
246 if (mpath->next_hop == sta &&
247 mpath->flags & MESH_PATH_ACTIVE &&
248 !(mpath->flags & MESH_PATH_FIXED)) {
249 mpath->flags &= ~MESH_PATH_ACTIVE;
250 ++mpath->dsn;
251 spin_unlock_bh(&mpath->state_lock);
252 mesh_path_error_tx(mpath->dst,
253 cpu_to_le32(mpath->dsn),
254 dev->broadcast, dev);
255 } else
256 spin_unlock_bh(&mpath->state_lock);
257 }
258 rcu_read_unlock();
259}
260EXPORT_SYMBOL(mesh_plink_broken);
261
262/**
263 * mesh_path_flush_by_nexthop - Deletes mesh paths if their next hop matches
264 *
265 * @sta - mesh peer to match
266 *
267 * RCU notes: this function is called when a mesh plink transitions from
268 * PLINK_ESTAB to any other state, since PLINK_ESTAB state is the only one that
269 * allows path creation. This will happen before the sta can be freed (because
270 * sta_info_destroy() calls this) so any reader in a rcu read block will be
271 * protected against the plink disappearing.
272 */
273void mesh_path_flush_by_nexthop(struct sta_info *sta)
274{
275 struct mesh_path *mpath;
276 struct mpath_node *node;
277 struct hlist_node *p;
278 int i;
279
280 for_each_mesh_entry(mesh_paths, p, node, i) {
281 mpath = node->mpath;
282 if (mpath->next_hop == sta)
283 mesh_path_del(mpath->dst, mpath->dev);
284 }
285}
286
287void mesh_path_flush(struct net_device *dev)
288{
289 struct mesh_path *mpath;
290 struct mpath_node *node;
291 struct hlist_node *p;
292 int i;
293
294 for_each_mesh_entry(mesh_paths, p, node, i) {
295 mpath = node->mpath;
296 if (mpath->dev == dev)
297 mesh_path_del(mpath->dst, mpath->dev);
298 }
299}
300
301static void mesh_path_node_reclaim(struct rcu_head *rp)
302{
303 struct mpath_node *node = container_of(rp, struct mpath_node, rcu);
304 struct ieee80211_sub_if_data *sdata =
305 IEEE80211_DEV_TO_SUB_IF(node->mpath->dev);
306
307 del_timer_sync(&node->mpath->timer);
308 atomic_dec(&sdata->u.sta.mpaths);
309 kfree(node->mpath);
310 kfree(node);
311}
312
313/**
314 * mesh_path_del - delete a mesh path from the table
315 *
316 * @addr: dst address (ETH_ALEN length)
317 * @dev: local interface
318 *
319 * Returns: 0 if succesful
320 */
321int mesh_path_del(u8 *addr, struct net_device *dev)
322{
323 struct mesh_path *mpath;
324 struct mpath_node *node;
325 struct hlist_head *bucket;
326 struct hlist_node *n;
327 int hash_idx;
328 int err = 0;
329
330 read_lock(&pathtbl_resize_lock);
331 hash_idx = mesh_table_hash(addr, dev, mesh_paths);
332 bucket = &mesh_paths->hash_buckets[hash_idx];
333
334 spin_lock(&mesh_paths->hashwlock[hash_idx]);
335 hlist_for_each_entry(node, n, bucket, list) {
336 mpath = node->mpath;
337 if (mpath->dev == dev &&
338 memcmp(addr, mpath->dst, ETH_ALEN) == 0) {
339 spin_lock_bh(&mpath->state_lock);
340 mpath->flags |= MESH_PATH_RESOLVING;
341 hlist_del_rcu(&node->list);
342 call_rcu(&node->rcu, mesh_path_node_reclaim);
343 atomic_dec(&mesh_paths->entries);
344 spin_unlock_bh(&mpath->state_lock);
345 goto enddel;
346 }
347 }
348
349 err = -ENXIO;
350enddel:
351 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
352 read_unlock(&pathtbl_resize_lock);
353 return err;
354}
355
356/**
357 * mesh_path_tx_pending - sends pending frames in a mesh path queue
358 *
359 * @mpath: mesh path to activate
360 *
361 * Locking: the state_lock of the mpath structure must NOT be held when calling
362 * this function.
363 */
364void mesh_path_tx_pending(struct mesh_path *mpath)
365{
366 struct sk_buff *skb;
367
368 while ((skb = skb_dequeue(&mpath->frame_queue)) &&
369 (mpath->flags & MESH_PATH_ACTIVE))
370 dev_queue_xmit(skb);
371}
372
373/**
374 * mesh_path_discard_frame - discard a frame whose path could not be resolved
375 *
376 * @skb: frame to discard
377 * @dev: network device the frame was to be sent through
378 *
379 * If the frame was beign forwarded from another MP, a PERR frame will be sent
380 * to the precursor.
381 *
382 * Locking: the function must me called within a rcu_read_lock region
383 */
384void mesh_path_discard_frame(struct sk_buff *skb, struct net_device *dev)
385{
386 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
387 struct mesh_path *mpath;
388 u32 dsn = 0;
389
390 if (skb->pkt_type == PACKET_OTHERHOST) {
391 struct ieee80211s_hdr *prev_meshhdr;
392 int mshhdrlen;
393 u8 *ra, *da;
394
395 prev_meshhdr = ((struct ieee80211s_hdr *)skb->cb);
396 mshhdrlen = ieee80211_get_mesh_hdrlen(prev_meshhdr);
397 da = skb->data;
398 ra = MESH_PREQ(skb);
399 mpath = mesh_path_lookup(da, dev);
400 if (mpath)
401 dsn = ++mpath->dsn;
402 mesh_path_error_tx(skb->data, cpu_to_le32(dsn), ra, dev);
403 }
404
405 kfree_skb(skb);
406 sdata->u.sta.mshstats.dropped_frames_no_route++;
407}
408
409/**
410 * mesh_path_flush_pending - free the pending queue of a mesh path
411 *
412 * @mpath: mesh path whose queue has to be freed
413 *
414 * Locking: the function must me called withing a rcu_read_lock region
415 */
416void mesh_path_flush_pending(struct mesh_path *mpath)
417{
418 struct ieee80211_sub_if_data *sdata;
419 struct sk_buff *skb;
420
421 sdata = IEEE80211_DEV_TO_SUB_IF(mpath->dev);
422
423 while ((skb = skb_dequeue(&mpath->frame_queue)) &&
424 (mpath->flags & MESH_PATH_ACTIVE))
425 mesh_path_discard_frame(skb, mpath->dev);
426}
427
428/**
429 * mesh_path_fix_nexthop - force a specific next hop for a mesh path
430 *
431 * @mpath: the mesh path to modify
432 * @next_hop: the next hop to force
433 *
434 * Locking: this function must be called holding mpath->state_lock
435 */
436void mesh_path_fix_nexthop(struct mesh_path *mpath, struct sta_info *next_hop)
437{
438 spin_lock_bh(&mpath->state_lock);
439 mesh_path_assign_nexthop(mpath, next_hop);
440 mpath->dsn = 0xffff;
441 mpath->metric = 0;
442 mpath->hop_count = 0;
443 mpath->exp_time = 0;
444 mpath->flags |= MESH_PATH_FIXED;
445 mesh_path_activate(mpath);
446 spin_unlock_bh(&mpath->state_lock);
447 mesh_path_tx_pending(mpath);
448}
449
450static void mesh_path_node_free(struct hlist_node *p, bool free_leafs)
451{
452 struct mesh_path *mpath;
453 struct mpath_node *node = hlist_entry(p, struct mpath_node, list);
454 mpath = node->mpath;
455 hlist_del_rcu(p);
456 synchronize_rcu();
457 if (free_leafs)
458 kfree(mpath);
459 kfree(node);
460}
461
462static void mesh_path_node_copy(struct hlist_node *p, struct mesh_table *newtbl)
463{
464 struct mesh_path *mpath;
465 struct mpath_node *node, *new_node;
466 u32 hash_idx;
467
468 node = hlist_entry(p, struct mpath_node, list);
469 mpath = node->mpath;
470 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL);
471 new_node->mpath = mpath;
472 hash_idx = mesh_table_hash(mpath->dst, mpath->dev, newtbl);
473 hlist_add_head(&new_node->list,
474 &newtbl->hash_buckets[hash_idx]);
475}
476
477int mesh_pathtbl_init(void)
478{
479 mesh_paths = mesh_table_alloc(INIT_PATHS_SIZE_ORDER);
480 mesh_paths->free_node = &mesh_path_node_free;
481 mesh_paths->copy_node = &mesh_path_node_copy;
482 mesh_paths->mean_chain_len = MEAN_CHAIN_LEN;
483 if (!mesh_paths)
484 return -ENOMEM;
485 return 0;
486}
487
488void mesh_path_expire(struct net_device *dev)
489{
490 struct mesh_path *mpath;
491 struct mpath_node *node;
492 struct hlist_node *p;
493 int i;
494
495 read_lock(&pathtbl_resize_lock);
496 for_each_mesh_entry(mesh_paths, p, node, i) {
497 if (node->mpath->dev != dev)
498 continue;
499 mpath = node->mpath;
500 spin_lock_bh(&mpath->state_lock);
501 if ((!(mpath->flags & MESH_PATH_RESOLVING)) &&
502 (!(mpath->flags & MESH_PATH_FIXED)) &&
503 time_after(jiffies,
504 mpath->exp_time + MESH_PATH_EXPIRE)) {
505 spin_unlock_bh(&mpath->state_lock);
506 mesh_path_del(mpath->dst, mpath->dev);
507 } else
508 spin_unlock_bh(&mpath->state_lock);
509 }
510 read_unlock(&pathtbl_resize_lock);
511}
512
513void mesh_pathtbl_unregister(void)
514{
515 mesh_table_free(mesh_paths, true);
516}
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
new file mode 100644
index 000000000000..18fe52436c47
--- /dev/null
+++ b/net/mac80211/mesh_plink.c
@@ -0,0 +1,761 @@
1/*
2 * Copyright (c) 2008 open80211s Ltd.
3 * Author: Luis Carlos Cobo <luisca@cozybit.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9#include <linux/kernel.h>
10#include <linux/random.h>
11#include "ieee80211_i.h"
12#include "ieee80211_rate.h"
13#include "mesh.h"
14
15#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
16#define mpl_dbg(fmt, args...) printk(KERN_DEBUG fmt, ##args)
17#else
18#define mpl_dbg(fmt, args...) do { (void)(0); } while (0)
19#endif
20
21#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
22#define PLINK_GET_FRAME_SUBTYPE(p) (p)
23#define PLINK_GET_LLID(p) (p + 1)
24#define PLINK_GET_PLID(p) (p + 3)
25
26#define mod_plink_timer(s, t) (mod_timer(&s->plink_timer, \
27 jiffies + HZ * t / 1000))
28
29/* Peer link cancel reasons, all subject to ANA approval */
30#define MESH_LINK_CANCELLED 2
31#define MESH_MAX_NEIGHBORS 3
32#define MESH_CAPABILITY_POLICY_VIOLATION 4
33#define MESH_CLOSE_RCVD 5
34#define MESH_MAX_RETRIES 6
35#define MESH_CONFIRM_TIMEOUT 7
36#define MESH_SECURITY_ROLE_NEGOTIATION_DIFFERS 8
37#define MESH_SECURITY_AUTHENTICATION_IMPOSSIBLE 9
38#define MESH_SECURITY_FAILED_VERIFICATION 10
39
40#define dot11MeshMaxRetries(s) (s->u.sta.mshcfg.dot11MeshMaxRetries)
41#define dot11MeshRetryTimeout(s) (s->u.sta.mshcfg.dot11MeshRetryTimeout)
42#define dot11MeshConfirmTimeout(s) (s->u.sta.mshcfg.dot11MeshConfirmTimeout)
43#define dot11MeshHoldingTimeout(s) (s->u.sta.mshcfg.dot11MeshHoldingTimeout)
44#define dot11MeshMaxPeerLinks(s) (s->u.sta.mshcfg.dot11MeshMaxPeerLinks)
45
46enum plink_frame_type {
47 PLINK_OPEN = 0,
48 PLINK_CONFIRM,
49 PLINK_CLOSE
50};
51
52enum plink_event {
53 PLINK_UNDEFINED,
54 OPN_ACPT,
55 OPN_RJCT,
56 OPN_IGNR,
57 CNF_ACPT,
58 CNF_RJCT,
59 CNF_IGNR,
60 CLS_ACPT,
61 CLS_IGNR
62};
63
64static inline
65void mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata)
66{
67 atomic_inc(&sdata->u.sta.mshstats.estab_plinks);
68 mesh_accept_plinks_update(sdata);
69}
70
71static inline
72void mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
73{
74 atomic_dec(&sdata->u.sta.mshstats.estab_plinks);
75 mesh_accept_plinks_update(sdata);
76}
77
78/**
79 * mesh_plink_fsm_restart - restart a mesh peer link finite state machine
80 *
81 * @sta: mes peer link to restart
82 *
83 * Locking: this function must be called holding sta->plink_lock
84 */
85static inline void mesh_plink_fsm_restart(struct sta_info *sta)
86{
87 sta->plink_state = PLINK_LISTEN;
88 sta->llid = sta->plid = sta->reason = 0;
89 sta->plink_retries = 0;
90}
91
92static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
93 u8 *hw_addr, u64 rates)
94{
95 struct ieee80211_local *local = sdata->local;
96 struct sta_info *sta;
97
98 if (local->num_sta >= MESH_MAX_PLINKS)
99 return NULL;
100
101 sta = sta_info_alloc(sdata, hw_addr, GFP_ATOMIC);
102 if (!sta)
103 return NULL;
104
105 sta->flags |= WLAN_STA_AUTHORIZED;
106 sta->supp_rates[local->hw.conf.channel->band] = rates;
107
108 return sta;
109}
110
111/**
112 * mesh_plink_deactivate - deactivate mesh peer link
113 *
114 * @sta: mesh peer link to deactivate
115 *
116 * All mesh paths with this peer as next hop will be flushed
117 *
118 * Locking: the caller must hold sta->plink_lock
119 */
120static void __mesh_plink_deactivate(struct sta_info *sta)
121{
122 struct ieee80211_sub_if_data *sdata = sta->sdata;
123
124 if (sta->plink_state == PLINK_ESTAB)
125 mesh_plink_dec_estab_count(sdata);
126 sta->plink_state = PLINK_BLOCKED;
127 mesh_path_flush_by_nexthop(sta);
128}
129
130/**
131 * __mesh_plink_deactivate - deactivate mesh peer link
132 *
133 * @sta: mesh peer link to deactivate
134 *
135 * All mesh paths with this peer as next hop will be flushed
136 */
137void mesh_plink_deactivate(struct sta_info *sta)
138{
139 spin_lock_bh(&sta->plink_lock);
140 __mesh_plink_deactivate(sta);
141 spin_unlock_bh(&sta->plink_lock);
142}
143
144static int mesh_plink_frame_tx(struct net_device *dev,
145 enum plink_frame_type action, u8 *da, __le16 llid, __le16 plid,
146 __le16 reason) {
147 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
148 struct sk_buff *skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
149 struct ieee80211_mgmt *mgmt;
150 bool include_plid = false;
151 u8 *pos;
152 int ie_len;
153
154 if (!skb)
155 return -1;
156 skb_reserve(skb, local->hw.extra_tx_headroom);
157 /* 25 is the size of the common mgmt part (24) plus the size of the
158 * common action part (1)
159 */
160 mgmt = (struct ieee80211_mgmt *)
161 skb_put(skb, 25 + sizeof(mgmt->u.action.u.plink_action));
162 memset(mgmt, 0, 25 + sizeof(mgmt->u.action.u.plink_action));
163 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
164 IEEE80211_STYPE_ACTION);
165 memcpy(mgmt->da, da, ETH_ALEN);
166 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
167 /* BSSID is left zeroed, wildcard value */
168 mgmt->u.action.category = PLINK_CATEGORY;
169 mgmt->u.action.u.plink_action.action_code = action;
170
171 if (action == PLINK_CLOSE)
172 mgmt->u.action.u.plink_action.aux = reason;
173 else {
174 mgmt->u.action.u.plink_action.aux = cpu_to_le16(0x0);
175 if (action == PLINK_CONFIRM) {
176 pos = skb_put(skb, 4);
177 /* two-byte status code followed by two-byte AID */
178 memset(pos, 0, 4);
179 }
180 mesh_mgmt_ies_add(skb, dev);
181 }
182
183 /* Add Peer Link Management element */
184 switch (action) {
185 case PLINK_OPEN:
186 ie_len = 3;
187 break;
188 case PLINK_CONFIRM:
189 ie_len = 5;
190 include_plid = true;
191 break;
192 case PLINK_CLOSE:
193 default:
194 if (!plid)
195 ie_len = 5;
196 else {
197 ie_len = 7;
198 include_plid = true;
199 }
200 break;
201 }
202
203 pos = skb_put(skb, 2 + ie_len);
204 *pos++ = WLAN_EID_PEER_LINK;
205 *pos++ = ie_len;
206 *pos++ = action;
207 memcpy(pos, &llid, 2);
208 if (include_plid) {
209 pos += 2;
210 memcpy(pos, &plid, 2);
211 }
212 if (action == PLINK_CLOSE) {
213 pos += 2;
214 memcpy(pos, &reason, 2);
215 }
216
217 ieee80211_sta_tx(dev, skb, 0);
218 return 0;
219}
220
221void mesh_neighbour_update(u8 *hw_addr, u64 rates, struct net_device *dev,
222 bool peer_accepting_plinks)
223{
224 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
225 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
226 struct sta_info *sta;
227
228 rcu_read_lock();
229
230 sta = sta_info_get(local, hw_addr);
231 if (!sta) {
232 sta = mesh_plink_alloc(sdata, hw_addr, rates);
233 if (!sta) {
234 rcu_read_unlock();
235 return;
236 }
237 if (sta_info_insert(sta)) {
238 sta_info_destroy(sta);
239 rcu_read_unlock();
240 return;
241 }
242 }
243
244 sta->last_rx = jiffies;
245 sta->supp_rates[local->hw.conf.channel->band] = rates;
246 if (peer_accepting_plinks && sta->plink_state == PLINK_LISTEN &&
247 sdata->u.sta.accepting_plinks &&
248 sdata->u.sta.mshcfg.auto_open_plinks)
249 mesh_plink_open(sta);
250
251 rcu_read_unlock();
252}
253
254static void mesh_plink_timer(unsigned long data)
255{
256 struct sta_info *sta;
257 __le16 llid, plid, reason;
258 struct net_device *dev = NULL;
259 struct ieee80211_sub_if_data *sdata;
260#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
261 DECLARE_MAC_BUF(mac);
262#endif
263
264 /*
265 * This STA is valid because sta_info_destroy() will
266 * del_timer_sync() this timer after having made sure
267 * it cannot be readded (by deleting the plink.)
268 */
269 sta = (struct sta_info *) data;
270
271 spin_lock_bh(&sta->plink_lock);
272 if (sta->ignore_plink_timer) {
273 sta->ignore_plink_timer = false;
274 spin_unlock_bh(&sta->plink_lock);
275 return;
276 }
277 mpl_dbg("Mesh plink timer for %s fired on state %d\n",
278 print_mac(mac, sta->addr), sta->plink_state);
279 reason = 0;
280 llid = sta->llid;
281 plid = sta->plid;
282 sdata = sta->sdata;
283 dev = sdata->dev;
284
285 switch (sta->plink_state) {
286 case PLINK_OPN_RCVD:
287 case PLINK_OPN_SNT:
288 /* retry timer */
289 if (sta->plink_retries < dot11MeshMaxRetries(sdata)) {
290 u32 rand;
291 mpl_dbg("Mesh plink for %s (retry, timeout): %d %d\n",
292 print_mac(mac, sta->addr),
293 sta->plink_retries, sta->plink_timeout);
294 get_random_bytes(&rand, sizeof(u32));
295 sta->plink_timeout = sta->plink_timeout +
296 rand % sta->plink_timeout;
297 ++sta->plink_retries;
298 mod_plink_timer(sta, sta->plink_timeout);
299 spin_unlock_bh(&sta->plink_lock);
300 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid,
301 0, 0);
302 break;
303 }
304 reason = cpu_to_le16(MESH_MAX_RETRIES);
305 /* fall through on else */
306 case PLINK_CNF_RCVD:
307 /* confirm timer */
308 if (!reason)
309 reason = cpu_to_le16(MESH_CONFIRM_TIMEOUT);
310 sta->plink_state = PLINK_HOLDING;
311 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
312 spin_unlock_bh(&sta->plink_lock);
313 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid, plid,
314 reason);
315 break;
316 case PLINK_HOLDING:
317 /* holding timer */
318 del_timer(&sta->plink_timer);
319 mesh_plink_fsm_restart(sta);
320 spin_unlock_bh(&sta->plink_lock);
321 break;
322 default:
323 spin_unlock_bh(&sta->plink_lock);
324 break;
325 }
326}
327
328static inline void mesh_plink_timer_set(struct sta_info *sta, int timeout)
329{
330 sta->plink_timer.expires = jiffies + (HZ * timeout / 1000);
331 sta->plink_timer.data = (unsigned long) sta;
332 sta->plink_timer.function = mesh_plink_timer;
333 sta->plink_timeout = timeout;
334 add_timer(&sta->plink_timer);
335}
336
337int mesh_plink_open(struct sta_info *sta)
338{
339 __le16 llid;
340 struct ieee80211_sub_if_data *sdata = sta->sdata;
341#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
342 DECLARE_MAC_BUF(mac);
343#endif
344
345 spin_lock_bh(&sta->plink_lock);
346 get_random_bytes(&llid, 2);
347 sta->llid = llid;
348 if (sta->plink_state != PLINK_LISTEN) {
349 spin_unlock_bh(&sta->plink_lock);
350 return -EBUSY;
351 }
352 sta->plink_state = PLINK_OPN_SNT;
353 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
354 spin_unlock_bh(&sta->plink_lock);
355 mpl_dbg("Mesh plink: starting establishment with %s\n",
356 print_mac(mac, sta->addr));
357
358 return mesh_plink_frame_tx(sdata->dev, PLINK_OPEN,
359 sta->addr, llid, 0, 0);
360}
361
362void mesh_plink_block(struct sta_info *sta)
363{
364#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
365 DECLARE_MAC_BUF(mac);
366#endif
367
368 spin_lock_bh(&sta->plink_lock);
369 __mesh_plink_deactivate(sta);
370 sta->plink_state = PLINK_BLOCKED;
371 spin_unlock_bh(&sta->plink_lock);
372}
373
374int mesh_plink_close(struct sta_info *sta)
375{
376 struct ieee80211_sub_if_data *sdata = sta->sdata;
377 __le16 llid, plid, reason;
378#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
379 DECLARE_MAC_BUF(mac);
380#endif
381
382 mpl_dbg("Mesh plink: closing link with %s\n",
383 print_mac(mac, sta->addr));
384 spin_lock_bh(&sta->plink_lock);
385 sta->reason = cpu_to_le16(MESH_LINK_CANCELLED);
386 reason = sta->reason;
387
388 if (sta->plink_state == PLINK_LISTEN ||
389 sta->plink_state == PLINK_BLOCKED) {
390 mesh_plink_fsm_restart(sta);
391 spin_unlock_bh(&sta->plink_lock);
392 return 0;
393 } else if (sta->plink_state == PLINK_ESTAB) {
394 __mesh_plink_deactivate(sta);
395 /* The timer should not be running */
396 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
397 } else if (!mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)))
398 sta->ignore_plink_timer = true;
399
400 sta->plink_state = PLINK_HOLDING;
401 llid = sta->llid;
402 plid = sta->plid;
403 spin_unlock_bh(&sta->plink_lock);
404 mesh_plink_frame_tx(sta->sdata->dev, PLINK_CLOSE, sta->addr, llid,
405 plid, reason);
406 return 0;
407}
408
409void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt,
410 size_t len, struct ieee80211_rx_status *rx_status)
411{
412 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
413 struct ieee80211_local *local = sdata->local;
414 struct ieee802_11_elems elems;
415 struct sta_info *sta;
416 enum plink_event event;
417 enum plink_frame_type ftype;
418 size_t baselen;
419 u8 ie_len;
420 u8 *baseaddr;
421 __le16 plid, llid, reason;
422#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
423 DECLARE_MAC_BUF(mac);
424#endif
425
426 if (is_multicast_ether_addr(mgmt->da)) {
427 mpl_dbg("Mesh plink: ignore frame from multicast address");
428 return;
429 }
430
431 baseaddr = mgmt->u.action.u.plink_action.variable;
432 baselen = (u8 *) mgmt->u.action.u.plink_action.variable - (u8 *) mgmt;
433 if (mgmt->u.action.u.plink_action.action_code == PLINK_CONFIRM) {
434 baseaddr += 4;
435 baselen -= 4;
436 }
437 ieee802_11_parse_elems(baseaddr, len - baselen, &elems);
438 if (!elems.peer_link) {
439 mpl_dbg("Mesh plink: missing necessary peer link ie\n");
440 return;
441 }
442
443 ftype = *((u8 *)PLINK_GET_FRAME_SUBTYPE(elems.peer_link));
444 ie_len = elems.peer_link_len;
445 if ((ftype == PLINK_OPEN && ie_len != 3) ||
446 (ftype == PLINK_CONFIRM && ie_len != 5) ||
447 (ftype == PLINK_CLOSE && ie_len != 5 && ie_len != 7)) {
448 mpl_dbg("Mesh plink: incorrect plink ie length\n");
449 return;
450 }
451
452 if (ftype != PLINK_CLOSE && (!elems.mesh_id || !elems.mesh_config)) {
453 mpl_dbg("Mesh plink: missing necessary ie\n");
454 return;
455 }
456 /* Note the lines below are correct, the llid in the frame is the plid
457 * from the point of view of this host.
458 */
459 memcpy(&plid, PLINK_GET_LLID(elems.peer_link), 2);
460 if (ftype == PLINK_CONFIRM || (ftype == PLINK_CLOSE && ie_len == 7))
461 memcpy(&llid, PLINK_GET_PLID(elems.peer_link), 2);
462
463 rcu_read_lock();
464
465 sta = sta_info_get(local, mgmt->sa);
466 if (!sta && ftype != PLINK_OPEN) {
467 mpl_dbg("Mesh plink: cls or cnf from unknown peer\n");
468 rcu_read_unlock();
469 return;
470 }
471
472 if (sta && sta->plink_state == PLINK_BLOCKED) {
473 rcu_read_unlock();
474 return;
475 }
476
477 /* Now we will figure out the appropriate event... */
478 event = PLINK_UNDEFINED;
479 if (ftype != PLINK_CLOSE && (!mesh_matches_local(&elems, dev))) {
480 switch (ftype) {
481 case PLINK_OPEN:
482 event = OPN_RJCT;
483 break;
484 case PLINK_CONFIRM:
485 event = CNF_RJCT;
486 break;
487 case PLINK_CLOSE:
488 /* avoid warning */
489 break;
490 }
491 spin_lock_bh(&sta->plink_lock);
492 } else if (!sta) {
493 /* ftype == PLINK_OPEN */
494 u64 rates;
495 if (!mesh_plink_free_count(sdata)) {
496 mpl_dbg("Mesh plink error: no more free plinks\n");
497 rcu_read_unlock();
498 return;
499 }
500
501 rates = ieee80211_sta_get_rates(local, &elems, rx_status->band);
502 sta = mesh_plink_alloc(sdata, mgmt->sa, rates);
503 if (!sta) {
504 mpl_dbg("Mesh plink error: plink table full\n");
505 rcu_read_unlock();
506 return;
507 }
508 if (sta_info_insert(sta)) {
509 sta_info_destroy(sta);
510 rcu_read_unlock();
511 return;
512 }
513 event = OPN_ACPT;
514 spin_lock_bh(&sta->plink_lock);
515 } else {
516 spin_lock_bh(&sta->plink_lock);
517 switch (ftype) {
518 case PLINK_OPEN:
519 if (!mesh_plink_free_count(sdata) ||
520 (sta->plid && sta->plid != plid))
521 event = OPN_IGNR;
522 else
523 event = OPN_ACPT;
524 break;
525 case PLINK_CONFIRM:
526 if (!mesh_plink_free_count(sdata) ||
527 (sta->llid != llid || sta->plid != plid))
528 event = CNF_IGNR;
529 else
530 event = CNF_ACPT;
531 break;
532 case PLINK_CLOSE:
533 if (sta->plink_state == PLINK_ESTAB)
534 /* Do not check for llid or plid. This does not
535 * follow the standard but since multiple plinks
536 * per sta are not supported, it is necessary in
537 * order to avoid a livelock when MP A sees an
538 * establish peer link to MP B but MP B does not
539 * see it. This can be caused by a timeout in
540 * B's peer link establishment or B beign
541 * restarted.
542 */
543 event = CLS_ACPT;
544 else if (sta->plid != plid)
545 event = CLS_IGNR;
546 else if (ie_len == 7 && sta->llid != llid)
547 event = CLS_IGNR;
548 else
549 event = CLS_ACPT;
550 break;
551 default:
552 mpl_dbg("Mesh plink: unknown frame subtype\n");
553 spin_unlock_bh(&sta->plink_lock);
554 rcu_read_unlock();
555 return;
556 }
557 }
558
559 mpl_dbg("Mesh plink (peer, state, llid, plid, event): %s %d %d %d %d\n",
560 print_mac(mac, mgmt->sa), sta->plink_state,
561 le16_to_cpu(sta->llid), le16_to_cpu(sta->plid),
562 event);
563 reason = 0;
564 switch (sta->plink_state) {
565 /* spin_unlock as soon as state is updated at each case */
566 case PLINK_LISTEN:
567 switch (event) {
568 case CLS_ACPT:
569 mesh_plink_fsm_restart(sta);
570 spin_unlock_bh(&sta->plink_lock);
571 break;
572 case OPN_ACPT:
573 sta->plink_state = PLINK_OPN_RCVD;
574 sta->plid = plid;
575 get_random_bytes(&llid, 2);
576 sta->llid = llid;
577 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
578 spin_unlock_bh(&sta->plink_lock);
579 mesh_plink_frame_tx(dev, PLINK_OPEN, sta->addr, llid,
580 0, 0);
581 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr,
582 llid, plid, 0);
583 break;
584 default:
585 spin_unlock_bh(&sta->plink_lock);
586 break;
587 }
588 break;
589
590 case PLINK_OPN_SNT:
591 switch (event) {
592 case OPN_RJCT:
593 case CNF_RJCT:
594 reason = cpu_to_le16(MESH_CAPABILITY_POLICY_VIOLATION);
595 case CLS_ACPT:
596 if (!reason)
597 reason = cpu_to_le16(MESH_CLOSE_RCVD);
598 sta->reason = reason;
599 sta->plink_state = PLINK_HOLDING;
600 if (!mod_plink_timer(sta,
601 dot11MeshHoldingTimeout(sdata)))
602 sta->ignore_plink_timer = true;
603
604 llid = sta->llid;
605 spin_unlock_bh(&sta->plink_lock);
606 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
607 plid, reason);
608 break;
609 case OPN_ACPT:
610 /* retry timer is left untouched */
611 sta->plink_state = PLINK_OPN_RCVD;
612 sta->plid = plid;
613 llid = sta->llid;
614 spin_unlock_bh(&sta->plink_lock);
615 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
616 plid, 0);
617 break;
618 case CNF_ACPT:
619 sta->plink_state = PLINK_CNF_RCVD;
620 if (!mod_plink_timer(sta,
621 dot11MeshConfirmTimeout(sdata)))
622 sta->ignore_plink_timer = true;
623
624 spin_unlock_bh(&sta->plink_lock);
625 break;
626 default:
627 spin_unlock_bh(&sta->plink_lock);
628 break;
629 }
630 break;
631
632 case PLINK_OPN_RCVD:
633 switch (event) {
634 case OPN_RJCT:
635 case CNF_RJCT:
636 reason = cpu_to_le16(MESH_CAPABILITY_POLICY_VIOLATION);
637 case CLS_ACPT:
638 if (!reason)
639 reason = cpu_to_le16(MESH_CLOSE_RCVD);
640 sta->reason = reason;
641 sta->plink_state = PLINK_HOLDING;
642 if (!mod_plink_timer(sta,
643 dot11MeshHoldingTimeout(sdata)))
644 sta->ignore_plink_timer = true;
645
646 llid = sta->llid;
647 spin_unlock_bh(&sta->plink_lock);
648 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
649 plid, reason);
650 break;
651 case OPN_ACPT:
652 llid = sta->llid;
653 spin_unlock_bh(&sta->plink_lock);
654 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
655 plid, 0);
656 break;
657 case CNF_ACPT:
658 del_timer(&sta->plink_timer);
659 sta->plink_state = PLINK_ESTAB;
660 mesh_plink_inc_estab_count(sdata);
661 spin_unlock_bh(&sta->plink_lock);
662 mpl_dbg("Mesh plink with %s ESTABLISHED\n",
663 print_mac(mac, sta->addr));
664 break;
665 default:
666 spin_unlock_bh(&sta->plink_lock);
667 break;
668 }
669 break;
670
671 case PLINK_CNF_RCVD:
672 switch (event) {
673 case OPN_RJCT:
674 case CNF_RJCT:
675 reason = cpu_to_le16(MESH_CAPABILITY_POLICY_VIOLATION);
676 case CLS_ACPT:
677 if (!reason)
678 reason = cpu_to_le16(MESH_CLOSE_RCVD);
679 sta->reason = reason;
680 sta->plink_state = PLINK_HOLDING;
681 if (!mod_plink_timer(sta,
682 dot11MeshHoldingTimeout(sdata)))
683 sta->ignore_plink_timer = true;
684
685 llid = sta->llid;
686 spin_unlock_bh(&sta->plink_lock);
687 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
688 plid, reason);
689 break;
690 case OPN_ACPT:
691 del_timer(&sta->plink_timer);
692 sta->plink_state = PLINK_ESTAB;
693 mesh_plink_inc_estab_count(sdata);
694 spin_unlock_bh(&sta->plink_lock);
695 mpl_dbg("Mesh plink with %s ESTABLISHED\n",
696 print_mac(mac, sta->addr));
697 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
698 plid, 0);
699 break;
700 default:
701 spin_unlock_bh(&sta->plink_lock);
702 break;
703 }
704 break;
705
706 case PLINK_ESTAB:
707 switch (event) {
708 case CLS_ACPT:
709 reason = cpu_to_le16(MESH_CLOSE_RCVD);
710 sta->reason = reason;
711 __mesh_plink_deactivate(sta);
712 sta->plink_state = PLINK_HOLDING;
713 llid = sta->llid;
714 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
715 spin_unlock_bh(&sta->plink_lock);
716 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
717 plid, reason);
718 break;
719 case OPN_ACPT:
720 llid = sta->llid;
721 spin_unlock_bh(&sta->plink_lock);
722 mesh_plink_frame_tx(dev, PLINK_CONFIRM, sta->addr, llid,
723 plid, 0);
724 break;
725 default:
726 spin_unlock_bh(&sta->plink_lock);
727 break;
728 }
729 break;
730 case PLINK_HOLDING:
731 switch (event) {
732 case CLS_ACPT:
733 if (del_timer(&sta->plink_timer))
734 sta->ignore_plink_timer = 1;
735 mesh_plink_fsm_restart(sta);
736 spin_unlock_bh(&sta->plink_lock);
737 break;
738 case OPN_ACPT:
739 case CNF_ACPT:
740 case OPN_RJCT:
741 case CNF_RJCT:
742 llid = sta->llid;
743 reason = sta->reason;
744 spin_unlock_bh(&sta->plink_lock);
745 mesh_plink_frame_tx(dev, PLINK_CLOSE, sta->addr, llid,
746 plid, reason);
747 break;
748 default:
749 spin_unlock_bh(&sta->plink_lock);
750 }
751 break;
752 default:
753 /* should not get here, PLINK_BLOCKED is dealt with at the
754 * beggining of the function
755 */
756 spin_unlock_bh(&sta->plink_lock);
757 break;
758 }
759
760 rcu_read_unlock();
761}
diff --git a/net/mac80211/rc80211_pid_algo.c b/net/mac80211/rc80211_pid_algo.c
index 3b77410588e7..a1993161de99 100644
--- a/net/mac80211/rc80211_pid_algo.c
+++ b/net/mac80211/rc80211_pid_algo.c
@@ -15,7 +15,7 @@
15#include <linux/debugfs.h> 15#include <linux/debugfs.h>
16#include <net/mac80211.h> 16#include <net/mac80211.h>
17#include "ieee80211_rate.h" 17#include "ieee80211_rate.h"
18 18#include "mesh.h"
19#include "rc80211_pid.h" 19#include "rc80211_pid.h"
20 20
21 21
@@ -63,6 +63,7 @@
63 * RC_PID_ARITH_SHIFT. 63 * RC_PID_ARITH_SHIFT.
64 */ 64 */
65 65
66
66/* Adjust the rate while ensuring that we won't switch to a lower rate if it 67/* Adjust the rate while ensuring that we won't switch to a lower rate if it
67 * exhibited a worse failed frames behaviour and we'll choose the highest rate 68 * exhibited a worse failed frames behaviour and we'll choose the highest rate
68 * whose failed frames behaviour is not worse than the one of the original rate 69 * whose failed frames behaviour is not worse than the one of the original rate
@@ -72,14 +73,14 @@ static void rate_control_pid_adjust_rate(struct ieee80211_local *local,
72 struct rc_pid_rateinfo *rinfo) 73 struct rc_pid_rateinfo *rinfo)
73{ 74{
74 struct ieee80211_sub_if_data *sdata; 75 struct ieee80211_sub_if_data *sdata;
75 struct ieee80211_hw_mode *mode; 76 struct ieee80211_supported_band *sband;
76 int cur_sorted, new_sorted, probe, tmp, n_bitrates; 77 int cur_sorted, new_sorted, probe, tmp, n_bitrates, band;
77 int cur = sta->txrate; 78 int cur = sta->txrate_idx;
78
79 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
80 79
81 mode = local->oper_hw_mode; 80 sdata = sta->sdata;
82 n_bitrates = mode->num_rates; 81 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
82 band = sband->band;
83 n_bitrates = sband->n_bitrates;
83 84
84 /* Map passed arguments to sorted values. */ 85 /* Map passed arguments to sorted values. */
85 cur_sorted = rinfo[cur].rev_index; 86 cur_sorted = rinfo[cur].rev_index;
@@ -97,20 +98,20 @@ static void rate_control_pid_adjust_rate(struct ieee80211_local *local,
97 /* Ensure that the rate decrease isn't disadvantageous. */ 98 /* Ensure that the rate decrease isn't disadvantageous. */
98 for (probe = cur_sorted; probe >= new_sorted; probe--) 99 for (probe = cur_sorted; probe >= new_sorted; probe--)
99 if (rinfo[probe].diff <= rinfo[cur_sorted].diff && 100 if (rinfo[probe].diff <= rinfo[cur_sorted].diff &&
100 rate_supported(sta, mode, rinfo[probe].index)) 101 rate_supported(sta, band, rinfo[probe].index))
101 tmp = probe; 102 tmp = probe;
102 } else { 103 } else {
103 /* Look for rate increase with zero (or below) cost. */ 104 /* Look for rate increase with zero (or below) cost. */
104 for (probe = new_sorted + 1; probe < n_bitrates; probe++) 105 for (probe = new_sorted + 1; probe < n_bitrates; probe++)
105 if (rinfo[probe].diff <= rinfo[new_sorted].diff && 106 if (rinfo[probe].diff <= rinfo[new_sorted].diff &&
106 rate_supported(sta, mode, rinfo[probe].index)) 107 rate_supported(sta, band, rinfo[probe].index))
107 tmp = probe; 108 tmp = probe;
108 } 109 }
109 110
110 /* Fit the rate found to the nearest supported rate. */ 111 /* Fit the rate found to the nearest supported rate. */
111 do { 112 do {
112 if (rate_supported(sta, mode, rinfo[tmp].index)) { 113 if (rate_supported(sta, band, rinfo[tmp].index)) {
113 sta->txrate = rinfo[tmp].index; 114 sta->txrate_idx = rinfo[tmp].index;
114 break; 115 break;
115 } 116 }
116 if (adj < 0) 117 if (adj < 0)
@@ -122,7 +123,7 @@ static void rate_control_pid_adjust_rate(struct ieee80211_local *local,
122#ifdef CONFIG_MAC80211_DEBUGFS 123#ifdef CONFIG_MAC80211_DEBUGFS
123 rate_control_pid_event_rate_change( 124 rate_control_pid_event_rate_change(
124 &((struct rc_pid_sta_info *)sta->rate_ctrl_priv)->events, 125 &((struct rc_pid_sta_info *)sta->rate_ctrl_priv)->events,
125 cur, mode->rates[cur].rate); 126 sta->txrate_idx, sband->bitrates[sta->txrate_idx].bitrate);
126#endif 127#endif
127} 128}
128 129
@@ -147,9 +148,12 @@ static void rate_control_pid_sample(struct rc_pid_info *pinfo,
147 struct ieee80211_local *local, 148 struct ieee80211_local *local,
148 struct sta_info *sta) 149 struct sta_info *sta)
149{ 150{
151#ifdef CONFIG_MAC80211_MESH
152 struct ieee80211_sub_if_data *sdata = sta->sdata;
153#endif
150 struct rc_pid_sta_info *spinfo = sta->rate_ctrl_priv; 154 struct rc_pid_sta_info *spinfo = sta->rate_ctrl_priv;
151 struct rc_pid_rateinfo *rinfo = pinfo->rinfo; 155 struct rc_pid_rateinfo *rinfo = pinfo->rinfo;
152 struct ieee80211_hw_mode *mode; 156 struct ieee80211_supported_band *sband;
153 u32 pf; 157 u32 pf;
154 s32 err_avg; 158 s32 err_avg;
155 u32 err_prop; 159 u32 err_prop;
@@ -158,7 +162,7 @@ static void rate_control_pid_sample(struct rc_pid_info *pinfo,
158 int adj, i, j, tmp; 162 int adj, i, j, tmp;
159 unsigned long period; 163 unsigned long period;
160 164
161 mode = local->oper_hw_mode; 165 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
162 spinfo = sta->rate_ctrl_priv; 166 spinfo = sta->rate_ctrl_priv;
163 167
164 /* In case nothing happened during the previous control interval, turn 168 /* In case nothing happened during the previous control interval, turn
@@ -177,25 +181,32 @@ static void rate_control_pid_sample(struct rc_pid_info *pinfo,
177 pf = spinfo->last_pf; 181 pf = spinfo->last_pf;
178 else { 182 else {
179 pf = spinfo->tx_num_failed * 100 / spinfo->tx_num_xmit; 183 pf = spinfo->tx_num_failed * 100 / spinfo->tx_num_xmit;
184#ifdef CONFIG_MAC80211_MESH
185 if (pf == 100 &&
186 sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT)
187 mesh_plink_broken(sta);
188#endif
180 pf <<= RC_PID_ARITH_SHIFT; 189 pf <<= RC_PID_ARITH_SHIFT;
190 sta->fail_avg = ((pf + (spinfo->last_pf << 3)) / 9)
191 >> RC_PID_ARITH_SHIFT;
181 } 192 }
182 193
183 spinfo->tx_num_xmit = 0; 194 spinfo->tx_num_xmit = 0;
184 spinfo->tx_num_failed = 0; 195 spinfo->tx_num_failed = 0;
185 196
186 /* If we just switched rate, update the rate behaviour info. */ 197 /* If we just switched rate, update the rate behaviour info. */
187 if (pinfo->oldrate != sta->txrate) { 198 if (pinfo->oldrate != sta->txrate_idx) {
188 199
189 i = rinfo[pinfo->oldrate].rev_index; 200 i = rinfo[pinfo->oldrate].rev_index;
190 j = rinfo[sta->txrate].rev_index; 201 j = rinfo[sta->txrate_idx].rev_index;
191 202
192 tmp = (pf - spinfo->last_pf); 203 tmp = (pf - spinfo->last_pf);
193 tmp = RC_PID_DO_ARITH_RIGHT_SHIFT(tmp, RC_PID_ARITH_SHIFT); 204 tmp = RC_PID_DO_ARITH_RIGHT_SHIFT(tmp, RC_PID_ARITH_SHIFT);
194 205
195 rinfo[j].diff = rinfo[i].diff + tmp; 206 rinfo[j].diff = rinfo[i].diff + tmp;
196 pinfo->oldrate = sta->txrate; 207 pinfo->oldrate = sta->txrate_idx;
197 } 208 }
198 rate_control_pid_normalize(pinfo, mode->num_rates); 209 rate_control_pid_normalize(pinfo, sband->n_bitrates);
199 210
200 /* Compute the proportional, integral and derivative errors. */ 211 /* Compute the proportional, integral and derivative errors. */
201 err_prop = (pinfo->target << RC_PID_ARITH_SHIFT) - pf; 212 err_prop = (pinfo->target << RC_PID_ARITH_SHIFT) - pf;
@@ -236,23 +247,27 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
236 struct sta_info *sta; 247 struct sta_info *sta;
237 struct rc_pid_sta_info *spinfo; 248 struct rc_pid_sta_info *spinfo;
238 unsigned long period; 249 unsigned long period;
250 struct ieee80211_supported_band *sband;
251
252 rcu_read_lock();
239 253
240 sta = sta_info_get(local, hdr->addr1); 254 sta = sta_info_get(local, hdr->addr1);
255 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
241 256
242 if (!sta) 257 if (!sta)
243 return; 258 goto unlock;
244 259
245 /* Don't update the state if we're not controlling the rate. */ 260 /* Don't update the state if we're not controlling the rate. */
246 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 261 sdata = sta->sdata;
247 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) { 262 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
248 sta->txrate = sdata->bss->max_ratectrl_rateidx; 263 sta->txrate_idx = sdata->bss->max_ratectrl_rateidx;
249 return; 264 goto unlock;
250 } 265 }
251 266
252 /* Ignore all frames that were sent with a different rate than the rate 267 /* Ignore all frames that were sent with a different rate than the rate
253 * we currently advise mac80211 to use. */ 268 * we currently advise mac80211 to use. */
254 if (status->control.rate != &local->oper_hw_mode->rates[sta->txrate]) 269 if (status->control.tx_rate != &sband->bitrates[sta->txrate_idx])
255 goto ignore; 270 goto unlock;
256 271
257 spinfo = sta->rate_ctrl_priv; 272 spinfo = sta->rate_ctrl_priv;
258 spinfo->tx_num_xmit++; 273 spinfo->tx_num_xmit++;
@@ -277,9 +292,6 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
277 sta->tx_num_consecutive_failures++; 292 sta->tx_num_consecutive_failures++;
278 sta->tx_num_mpdu_fail++; 293 sta->tx_num_mpdu_fail++;
279 } else { 294 } else {
280 sta->last_ack_rssi[0] = sta->last_ack_rssi[1];
281 sta->last_ack_rssi[1] = sta->last_ack_rssi[2];
282 sta->last_ack_rssi[2] = status->ack_signal;
283 sta->tx_num_consecutive_failures = 0; 295 sta->tx_num_consecutive_failures = 0;
284 sta->tx_num_mpdu_ok++; 296 sta->tx_num_mpdu_ok++;
285 } 297 }
@@ -293,12 +305,12 @@ static void rate_control_pid_tx_status(void *priv, struct net_device *dev,
293 if (time_after(jiffies, spinfo->last_sample + period)) 305 if (time_after(jiffies, spinfo->last_sample + period))
294 rate_control_pid_sample(pinfo, local, sta); 306 rate_control_pid_sample(pinfo, local, sta);
295 307
296ignore: 308 unlock:
297 sta_info_put(sta); 309 rcu_read_unlock();
298} 310}
299 311
300static void rate_control_pid_get_rate(void *priv, struct net_device *dev, 312static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
301 struct ieee80211_hw_mode *mode, 313 struct ieee80211_supported_band *sband,
302 struct sk_buff *skb, 314 struct sk_buff *skb,
303 struct rate_selection *sel) 315 struct rate_selection *sel)
304{ 316{
@@ -309,6 +321,8 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
309 int rateidx; 321 int rateidx;
310 u16 fc; 322 u16 fc;
311 323
324 rcu_read_lock();
325
312 sta = sta_info_get(local, hdr->addr1); 326 sta = sta_info_get(local, hdr->addr1);
313 327
314 /* Send management frames and broadcast/multicast data using lowest 328 /* Send management frames and broadcast/multicast data using lowest
@@ -316,32 +330,31 @@ static void rate_control_pid_get_rate(void *priv, struct net_device *dev,
316 fc = le16_to_cpu(hdr->frame_control); 330 fc = le16_to_cpu(hdr->frame_control);
317 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || 331 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
318 is_multicast_ether_addr(hdr->addr1) || !sta) { 332 is_multicast_ether_addr(hdr->addr1) || !sta) {
319 sel->rate = rate_lowest(local, mode, sta); 333 sel->rate = rate_lowest(local, sband, sta);
320 if (sta) 334 rcu_read_unlock();
321 sta_info_put(sta);
322 return; 335 return;
323 } 336 }
324 337
325 /* If a forced rate is in effect, select it. */ 338 /* If a forced rate is in effect, select it. */
326 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 339 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
327 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) 340 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1)
328 sta->txrate = sdata->bss->force_unicast_rateidx; 341 sta->txrate_idx = sdata->bss->force_unicast_rateidx;
329 342
330 rateidx = sta->txrate; 343 rateidx = sta->txrate_idx;
331 344
332 if (rateidx >= mode->num_rates) 345 if (rateidx >= sband->n_bitrates)
333 rateidx = mode->num_rates - 1; 346 rateidx = sband->n_bitrates - 1;
334 347
335 sta->last_txrate = rateidx; 348 sta->last_txrate_idx = rateidx;
336 349
337 sta_info_put(sta); 350 rcu_read_unlock();
338 351
339 sel->rate = &mode->rates[rateidx]; 352 sel->rate = &sband->bitrates[rateidx];
340 353
341#ifdef CONFIG_MAC80211_DEBUGFS 354#ifdef CONFIG_MAC80211_DEBUGFS
342 rate_control_pid_event_tx_rate( 355 rate_control_pid_event_tx_rate(
343 &((struct rc_pid_sta_info *) sta->rate_ctrl_priv)->events, 356 &((struct rc_pid_sta_info *) sta->rate_ctrl_priv)->events,
344 rateidx, mode->rates[rateidx].rate); 357 rateidx, sband->bitrates[rateidx].bitrate);
345#endif 358#endif
346} 359}
347 360
@@ -353,28 +366,33 @@ static void rate_control_pid_rate_init(void *priv, void *priv_sta,
353 * as we need to have IEEE 802.1X auth succeed immediately after assoc.. 366 * as we need to have IEEE 802.1X auth succeed immediately after assoc..
354 * Until that method is implemented, we will use the lowest supported 367 * Until that method is implemented, we will use the lowest supported
355 * rate as a workaround. */ 368 * rate as a workaround. */
356 sta->txrate = rate_lowest_index(local, local->oper_hw_mode, sta); 369 struct ieee80211_supported_band *sband;
370
371 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
372 sta->txrate_idx = rate_lowest_index(local, sband, sta);
373 sta->fail_avg = 0;
357} 374}
358 375
359static void *rate_control_pid_alloc(struct ieee80211_local *local) 376static void *rate_control_pid_alloc(struct ieee80211_local *local)
360{ 377{
361 struct rc_pid_info *pinfo; 378 struct rc_pid_info *pinfo;
362 struct rc_pid_rateinfo *rinfo; 379 struct rc_pid_rateinfo *rinfo;
363 struct ieee80211_hw_mode *mode; 380 struct ieee80211_supported_band *sband;
364 int i, j, tmp; 381 int i, j, tmp;
365 bool s; 382 bool s;
366#ifdef CONFIG_MAC80211_DEBUGFS 383#ifdef CONFIG_MAC80211_DEBUGFS
367 struct rc_pid_debugfs_entries *de; 384 struct rc_pid_debugfs_entries *de;
368#endif 385#endif
369 386
387 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
388
370 pinfo = kmalloc(sizeof(*pinfo), GFP_ATOMIC); 389 pinfo = kmalloc(sizeof(*pinfo), GFP_ATOMIC);
371 if (!pinfo) 390 if (!pinfo)
372 return NULL; 391 return NULL;
373 392
374 /* We can safely assume that oper_hw_mode won't change unless we get 393 /* We can safely assume that sband won't change unless we get
375 * reinitialized. */ 394 * reinitialized. */
376 mode = local->oper_hw_mode; 395 rinfo = kmalloc(sizeof(*rinfo) * sband->n_bitrates, GFP_ATOMIC);
377 rinfo = kmalloc(sizeof(*rinfo) * mode->num_rates, GFP_ATOMIC);
378 if (!rinfo) { 396 if (!rinfo) {
379 kfree(pinfo); 397 kfree(pinfo);
380 return NULL; 398 return NULL;
@@ -383,7 +401,7 @@ static void *rate_control_pid_alloc(struct ieee80211_local *local)
383 /* Sort the rates. This is optimized for the most common case (i.e. 401 /* Sort the rates. This is optimized for the most common case (i.e.
384 * almost-sorted CCK+OFDM rates). Kind of bubble-sort with reversed 402 * almost-sorted CCK+OFDM rates). Kind of bubble-sort with reversed
385 * mapping too. */ 403 * mapping too. */
386 for (i = 0; i < mode->num_rates; i++) { 404 for (i = 0; i < sband->n_bitrates; i++) {
387 rinfo[i].index = i; 405 rinfo[i].index = i;
388 rinfo[i].rev_index = i; 406 rinfo[i].rev_index = i;
389 if (pinfo->fast_start) 407 if (pinfo->fast_start)
@@ -391,11 +409,11 @@ static void *rate_control_pid_alloc(struct ieee80211_local *local)
391 else 409 else
392 rinfo[i].diff = i * pinfo->norm_offset; 410 rinfo[i].diff = i * pinfo->norm_offset;
393 } 411 }
394 for (i = 1; i < mode->num_rates; i++) { 412 for (i = 1; i < sband->n_bitrates; i++) {
395 s = 0; 413 s = 0;
396 for (j = 0; j < mode->num_rates - i; j++) 414 for (j = 0; j < sband->n_bitrates - i; j++)
397 if (unlikely(mode->rates[rinfo[j].index].rate > 415 if (unlikely(sband->bitrates[rinfo[j].index].bitrate >
398 mode->rates[rinfo[j + 1].index].rate)) { 416 sband->bitrates[rinfo[j + 1].index].bitrate)) {
399 tmp = rinfo[j].index; 417 tmp = rinfo[j].index;
400 rinfo[j].index = rinfo[j + 1].index; 418 rinfo[j].index = rinfo[j + 1].index;
401 rinfo[j + 1].index = tmp; 419 rinfo[j + 1].index = tmp;
diff --git a/net/mac80211/rc80211_simple.c b/net/mac80211/rc80211_simple.c
deleted file mode 100644
index 9a78b116acff..000000000000
--- a/net/mac80211/rc80211_simple.c
+++ /dev/null
@@ -1,400 +0,0 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/init.h>
11#include <linux/netdevice.h>
12#include <linux/types.h>
13#include <linux/slab.h>
14#include <linux/skbuff.h>
15#include <linux/compiler.h>
16#include <linux/module.h>
17
18#include <net/mac80211.h>
19#include "ieee80211_i.h"
20#include "ieee80211_rate.h"
21#include "debugfs.h"
22
23
24/* This is a minimal implementation of TX rate controlling that can be used
25 * as the default when no improved mechanisms are available. */
26
27#define RATE_CONTROL_NUM_DOWN 20
28#define RATE_CONTROL_NUM_UP 15
29
30#define RATE_CONTROL_EMERG_DEC 2
31#define RATE_CONTROL_INTERVAL (HZ / 20)
32#define RATE_CONTROL_MIN_TX 10
33
34static void rate_control_rate_inc(struct ieee80211_local *local,
35 struct sta_info *sta)
36{
37 struct ieee80211_sub_if_data *sdata;
38 struct ieee80211_hw_mode *mode;
39 int i = sta->txrate;
40 int maxrate;
41
42 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
43 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
44 /* forced unicast rate - do not change STA rate */
45 return;
46 }
47
48 mode = local->oper_hw_mode;
49 maxrate = sdata->bss ? sdata->bss->max_ratectrl_rateidx : -1;
50
51 if (i > mode->num_rates)
52 i = mode->num_rates - 2;
53
54 while (i + 1 < mode->num_rates) {
55 i++;
56 if (sta->supp_rates & BIT(i) &&
57 mode->rates[i].flags & IEEE80211_RATE_SUPPORTED &&
58 (maxrate < 0 || i <= maxrate)) {
59 sta->txrate = i;
60 break;
61 }
62 }
63}
64
65
66static void rate_control_rate_dec(struct ieee80211_local *local,
67 struct sta_info *sta)
68{
69 struct ieee80211_sub_if_data *sdata;
70 struct ieee80211_hw_mode *mode;
71 int i = sta->txrate;
72
73 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
74 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
75 /* forced unicast rate - do not change STA rate */
76 return;
77 }
78
79 mode = local->oper_hw_mode;
80 if (i > mode->num_rates)
81 i = mode->num_rates;
82
83 while (i > 0) {
84 i--;
85 if (sta->supp_rates & BIT(i) &&
86 mode->rates[i].flags & IEEE80211_RATE_SUPPORTED) {
87 sta->txrate = i;
88 break;
89 }
90 }
91}
92
93struct global_rate_control {
94 int dummy;
95};
96
97struct sta_rate_control {
98 unsigned long last_rate_change;
99 u32 tx_num_failures;
100 u32 tx_num_xmit;
101
102 unsigned long avg_rate_update;
103 u32 tx_avg_rate_sum;
104 u32 tx_avg_rate_num;
105
106#ifdef CONFIG_MAC80211_DEBUGFS
107 struct dentry *tx_avg_rate_sum_dentry;
108 struct dentry *tx_avg_rate_num_dentry;
109#endif
110};
111
112
113static void rate_control_simple_tx_status(void *priv, struct net_device *dev,
114 struct sk_buff *skb,
115 struct ieee80211_tx_status *status)
116{
117 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
118 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
119 struct sta_info *sta;
120 struct sta_rate_control *srctrl;
121
122 sta = sta_info_get(local, hdr->addr1);
123
124 if (!sta)
125 return;
126
127 srctrl = sta->rate_ctrl_priv;
128 srctrl->tx_num_xmit++;
129 if (status->excessive_retries) {
130 srctrl->tx_num_failures++;
131 sta->tx_retry_failed++;
132 sta->tx_num_consecutive_failures++;
133 sta->tx_num_mpdu_fail++;
134 } else {
135 sta->last_ack_rssi[0] = sta->last_ack_rssi[1];
136 sta->last_ack_rssi[1] = sta->last_ack_rssi[2];
137 sta->last_ack_rssi[2] = status->ack_signal;
138 sta->tx_num_consecutive_failures = 0;
139 sta->tx_num_mpdu_ok++;
140 }
141 sta->tx_retry_count += status->retry_count;
142 sta->tx_num_mpdu_fail += status->retry_count;
143
144 if (time_after(jiffies,
145 srctrl->last_rate_change + RATE_CONTROL_INTERVAL) &&
146 srctrl->tx_num_xmit > RATE_CONTROL_MIN_TX) {
147 u32 per_failed;
148 srctrl->last_rate_change = jiffies;
149
150 per_failed = (100 * sta->tx_num_mpdu_fail) /
151 (sta->tx_num_mpdu_fail + sta->tx_num_mpdu_ok);
152 /* TODO: calculate average per_failed to make adjusting
153 * parameters easier */
154#if 0
155 if (net_ratelimit()) {
156 printk(KERN_DEBUG "MPDU fail=%d ok=%d per_failed=%d\n",
157 sta->tx_num_mpdu_fail, sta->tx_num_mpdu_ok,
158 per_failed);
159 }
160#endif
161
162 /*
163 * XXX: Make these configurable once we have an
164 * interface to the rate control algorithms
165 */
166 if (per_failed > RATE_CONTROL_NUM_DOWN) {
167 rate_control_rate_dec(local, sta);
168 } else if (per_failed < RATE_CONTROL_NUM_UP) {
169 rate_control_rate_inc(local, sta);
170 }
171 srctrl->tx_avg_rate_sum += status->control.rate->rate;
172 srctrl->tx_avg_rate_num++;
173 srctrl->tx_num_failures = 0;
174 srctrl->tx_num_xmit = 0;
175 } else if (sta->tx_num_consecutive_failures >=
176 RATE_CONTROL_EMERG_DEC) {
177 rate_control_rate_dec(local, sta);
178 }
179
180 if (srctrl->avg_rate_update + 60 * HZ < jiffies) {
181 srctrl->avg_rate_update = jiffies;
182 if (srctrl->tx_avg_rate_num > 0) {
183#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
184 DECLARE_MAC_BUF(mac);
185 printk(KERN_DEBUG "%s: STA %s Average rate: "
186 "%d (%d/%d)\n",
187 dev->name, print_mac(mac, sta->addr),
188 srctrl->tx_avg_rate_sum /
189 srctrl->tx_avg_rate_num,
190 srctrl->tx_avg_rate_sum,
191 srctrl->tx_avg_rate_num);
192#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
193 srctrl->tx_avg_rate_sum = 0;
194 srctrl->tx_avg_rate_num = 0;
195 }
196 }
197
198 sta_info_put(sta);
199}
200
201
202static void
203rate_control_simple_get_rate(void *priv, struct net_device *dev,
204 struct ieee80211_hw_mode *mode,
205 struct sk_buff *skb,
206 struct rate_selection *sel)
207{
208 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
209 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
210 struct ieee80211_sub_if_data *sdata;
211 struct sta_info *sta;
212 int rateidx;
213 u16 fc;
214
215 sta = sta_info_get(local, hdr->addr1);
216
217 /* Send management frames and broadcast/multicast data using lowest
218 * rate. */
219 fc = le16_to_cpu(hdr->frame_control);
220 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
221 is_multicast_ether_addr(hdr->addr1) || !sta) {
222 sel->rate = rate_lowest(local, mode, sta);
223 if (sta)
224 sta_info_put(sta);
225 return;
226 }
227
228 /* If a forced rate is in effect, select it. */
229 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
230 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1)
231 sta->txrate = sdata->bss->force_unicast_rateidx;
232
233 rateidx = sta->txrate;
234
235 if (rateidx >= mode->num_rates)
236 rateidx = mode->num_rates - 1;
237
238 sta->last_txrate = rateidx;
239
240 sta_info_put(sta);
241
242 sel->rate = &mode->rates[rateidx];
243}
244
245
246static void rate_control_simple_rate_init(void *priv, void *priv_sta,
247 struct ieee80211_local *local,
248 struct sta_info *sta)
249{
250 struct ieee80211_hw_mode *mode;
251 int i;
252 sta->txrate = 0;
253 mode = local->oper_hw_mode;
254 /* TODO: This routine should consider using RSSI from previous packets
255 * as we need to have IEEE 802.1X auth succeed immediately after assoc..
256 * Until that method is implemented, we will use the lowest supported rate
257 * as a workaround, */
258 for (i = 0; i < mode->num_rates; i++) {
259 if ((sta->supp_rates & BIT(i)) &&
260 (mode->rates[i].flags & IEEE80211_RATE_SUPPORTED)) {
261 sta->txrate = i;
262 break;
263 }
264 }
265}
266
267
268static void * rate_control_simple_alloc(struct ieee80211_local *local)
269{
270 struct global_rate_control *rctrl;
271
272 rctrl = kzalloc(sizeof(*rctrl), GFP_ATOMIC);
273
274 return rctrl;
275}
276
277
278static void rate_control_simple_free(void *priv)
279{
280 struct global_rate_control *rctrl = priv;
281 kfree(rctrl);
282}
283
284
285static void rate_control_simple_clear(void *priv)
286{
287}
288
289
290static void * rate_control_simple_alloc_sta(void *priv, gfp_t gfp)
291{
292 struct sta_rate_control *rctrl;
293
294 rctrl = kzalloc(sizeof(*rctrl), gfp);
295
296 return rctrl;
297}
298
299
300static void rate_control_simple_free_sta(void *priv, void *priv_sta)
301{
302 struct sta_rate_control *rctrl = priv_sta;
303 kfree(rctrl);
304}
305
306#ifdef CONFIG_MAC80211_DEBUGFS
307
308static int open_file_generic(struct inode *inode, struct file *file)
309{
310 file->private_data = inode->i_private;
311 return 0;
312}
313
314static ssize_t sta_tx_avg_rate_sum_read(struct file *file,
315 char __user *userbuf,
316 size_t count, loff_t *ppos)
317{
318 struct sta_rate_control *srctrl = file->private_data;
319 char buf[20];
320
321 sprintf(buf, "%d\n", srctrl->tx_avg_rate_sum);
322 return simple_read_from_buffer(userbuf, count, ppos, buf, strlen(buf));
323}
324
325static const struct file_operations sta_tx_avg_rate_sum_ops = {
326 .read = sta_tx_avg_rate_sum_read,
327 .open = open_file_generic,
328};
329
330static ssize_t sta_tx_avg_rate_num_read(struct file *file,
331 char __user *userbuf,
332 size_t count, loff_t *ppos)
333{
334 struct sta_rate_control *srctrl = file->private_data;
335 char buf[20];
336
337 sprintf(buf, "%d\n", srctrl->tx_avg_rate_num);
338 return simple_read_from_buffer(userbuf, count, ppos, buf, strlen(buf));
339}
340
341static const struct file_operations sta_tx_avg_rate_num_ops = {
342 .read = sta_tx_avg_rate_num_read,
343 .open = open_file_generic,
344};
345
346static void rate_control_simple_add_sta_debugfs(void *priv, void *priv_sta,
347 struct dentry *dir)
348{
349 struct sta_rate_control *srctrl = priv_sta;
350
351 srctrl->tx_avg_rate_num_dentry =
352 debugfs_create_file("rc_simple_sta_tx_avg_rate_num", 0400,
353 dir, srctrl, &sta_tx_avg_rate_num_ops);
354 srctrl->tx_avg_rate_sum_dentry =
355 debugfs_create_file("rc_simple_sta_tx_avg_rate_sum", 0400,
356 dir, srctrl, &sta_tx_avg_rate_sum_ops);
357}
358
359static void rate_control_simple_remove_sta_debugfs(void *priv, void *priv_sta)
360{
361 struct sta_rate_control *srctrl = priv_sta;
362
363 debugfs_remove(srctrl->tx_avg_rate_sum_dentry);
364 debugfs_remove(srctrl->tx_avg_rate_num_dentry);
365}
366#endif
367
368static struct rate_control_ops mac80211_rcsimple = {
369 .name = "simple",
370 .tx_status = rate_control_simple_tx_status,
371 .get_rate = rate_control_simple_get_rate,
372 .rate_init = rate_control_simple_rate_init,
373 .clear = rate_control_simple_clear,
374 .alloc = rate_control_simple_alloc,
375 .free = rate_control_simple_free,
376 .alloc_sta = rate_control_simple_alloc_sta,
377 .free_sta = rate_control_simple_free_sta,
378#ifdef CONFIG_MAC80211_DEBUGFS
379 .add_sta_debugfs = rate_control_simple_add_sta_debugfs,
380 .remove_sta_debugfs = rate_control_simple_remove_sta_debugfs,
381#endif
382};
383
384MODULE_LICENSE("GPL");
385MODULE_DESCRIPTION("Simple rate control algorithm");
386
387int __init rc80211_simple_init(void)
388{
389 return ieee80211_rate_control_register(&mac80211_rcsimple);
390}
391
392void rc80211_simple_exit(void)
393{
394 ieee80211_rate_control_unregister(&mac80211_rcsimple);
395}
396
397#ifdef CONFIG_MAC80211_RC_SIMPLE_MODULE
398module_init(rc80211_simple_init);
399module_exit(rc80211_simple_exit);
400#endif
diff --git a/net/mac80211/regdomain.c b/net/mac80211/regdomain.c
deleted file mode 100644
index f42678fa62d1..000000000000
--- a/net/mac80211/regdomain.c
+++ /dev/null
@@ -1,152 +0,0 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10/*
11 * This regulatory domain control implementation is known to be incomplete
12 * and confusing. mac80211 regulatory domain control will be significantly
13 * reworked in the not-too-distant future.
14 *
15 * For now, drivers wishing to control which channels are and aren't available
16 * are advised as follows:
17 * - set the IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED flag
18 * - continue to include *ALL* possible channels in the modes registered
19 * through ieee80211_register_hwmode()
20 * - for each allowable ieee80211_channel structure registered in the above
21 * call, set the flag member to some meaningful value such as
22 * IEEE80211_CHAN_W_SCAN | IEEE80211_CHAN_W_ACTIVE_SCAN |
23 * IEEE80211_CHAN_W_IBSS.
24 * - leave flag as 0 for non-allowable channels
25 *
26 * The usual implementation is for a driver to read a device EEPROM to
27 * determine which regulatory domain it should be operating under, then
28 * looking up the allowable channels in a driver-local table, then performing
29 * the above.
30 */
31
32#include <linux/module.h>
33#include <linux/netdevice.h>
34#include <net/mac80211.h>
35#include "ieee80211_i.h"
36
37static int ieee80211_regdom = 0x10; /* FCC */
38module_param(ieee80211_regdom, int, 0444);
39MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain; 64=MKK");
40
41/*
42 * If firmware is upgraded by the vendor, additional channels can be used based
43 * on the new Japanese regulatory rules. This is indicated by setting
44 * ieee80211_japan_5ghz module parameter to one when loading the 80211 kernel
45 * module.
46 */
47static int ieee80211_japan_5ghz /* = 0 */;
48module_param(ieee80211_japan_5ghz, int, 0444);
49MODULE_PARM_DESC(ieee80211_japan_5ghz, "Vendor-updated firmware for 5 GHz");
50
51
52struct ieee80211_channel_range {
53 short start_freq;
54 short end_freq;
55 unsigned char power_level;
56 unsigned char antenna_max;
57};
58
59static const struct ieee80211_channel_range ieee80211_fcc_channels[] = {
60 { 2412, 2462, 27, 6 } /* IEEE 802.11b/g, channels 1..11 */,
61 { 5180, 5240, 17, 6 } /* IEEE 802.11a, channels 36..48 */,
62 { 5260, 5320, 23, 6 } /* IEEE 802.11a, channels 52..64 */,
63 { 5745, 5825, 30, 6 } /* IEEE 802.11a, channels 149..165, outdoor */,
64 { 0 }
65};
66
67static const struct ieee80211_channel_range ieee80211_mkk_channels[] = {
68 { 2412, 2472, 20, 6 } /* IEEE 802.11b/g, channels 1..13 */,
69 { 5170, 5240, 20, 6 } /* IEEE 802.11a, channels 34..48 */,
70 { 5260, 5320, 20, 6 } /* IEEE 802.11a, channels 52..64 */,
71 { 0 }
72};
73
74
75static const struct ieee80211_channel_range *channel_range =
76 ieee80211_fcc_channels;
77
78
79static void ieee80211_unmask_channel(int mode, struct ieee80211_channel *chan)
80{
81 int i;
82
83 chan->flag = 0;
84
85 for (i = 0; channel_range[i].start_freq; i++) {
86 const struct ieee80211_channel_range *r = &channel_range[i];
87 if (r->start_freq <= chan->freq && r->end_freq >= chan->freq) {
88 if (ieee80211_regdom == 64 && !ieee80211_japan_5ghz &&
89 chan->freq >= 5260 && chan->freq <= 5320) {
90 /*
91 * Skip new channels in Japan since the
92 * firmware was not marked having been upgraded
93 * by the vendor.
94 */
95 continue;
96 }
97
98 if (ieee80211_regdom == 0x10 &&
99 (chan->freq == 5190 || chan->freq == 5210 ||
100 chan->freq == 5230)) {
101 /* Skip MKK channels when in FCC domain. */
102 continue;
103 }
104
105 chan->flag |= IEEE80211_CHAN_W_SCAN |
106 IEEE80211_CHAN_W_ACTIVE_SCAN |
107 IEEE80211_CHAN_W_IBSS;
108 chan->power_level = r->power_level;
109 chan->antenna_max = r->antenna_max;
110
111 if (ieee80211_regdom == 64 &&
112 (chan->freq == 5170 || chan->freq == 5190 ||
113 chan->freq == 5210 || chan->freq == 5230)) {
114 /*
115 * New regulatory rules in Japan have backwards
116 * compatibility with old channels in 5.15-5.25
117 * GHz band, but the station is not allowed to
118 * use active scan on these old channels.
119 */
120 chan->flag &= ~IEEE80211_CHAN_W_ACTIVE_SCAN;
121 }
122
123 if (ieee80211_regdom == 64 &&
124 (chan->freq == 5260 || chan->freq == 5280 ||
125 chan->freq == 5300 || chan->freq == 5320)) {
126 /*
127 * IBSS is not allowed on 5.25-5.35 GHz band
128 * due to radar detection requirements.
129 */
130 chan->flag &= ~IEEE80211_CHAN_W_IBSS;
131 }
132
133 break;
134 }
135 }
136}
137
138
139void ieee80211_set_default_regdomain(struct ieee80211_hw_mode *mode)
140{
141 int c;
142 for (c = 0; c < mode->num_channels; c++)
143 ieee80211_unmask_channel(mode->mode, &mode->channels[c]);
144}
145
146
147void ieee80211_regdomain_init(void)
148{
149 if (ieee80211_regdom == 0x40)
150 channel_range = ieee80211_mkk_channels;
151}
152
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 535407d07fa4..d9c6ed5be4fc 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -9,6 +9,7 @@
9 * published by the Free Software Foundation. 9 * published by the Free Software Foundation.
10 */ 10 */
11 11
12#include <linux/jiffies.h>
12#include <linux/kernel.h> 13#include <linux/kernel.h>
13#include <linux/skbuff.h> 14#include <linux/skbuff.h>
14#include <linux/netdevice.h> 15#include <linux/netdevice.h>
@@ -19,6 +20,7 @@
19 20
20#include "ieee80211_i.h" 21#include "ieee80211_i.h"
21#include "ieee80211_led.h" 22#include "ieee80211_led.h"
23#include "mesh.h"
22#include "wep.h" 24#include "wep.h"
23#include "wpa.h" 25#include "wpa.h"
24#include "tkip.h" 26#include "tkip.h"
@@ -82,10 +84,10 @@ static inline int should_drop_frame(struct ieee80211_rx_status *status,
82 */ 84 */
83static struct sk_buff * 85static struct sk_buff *
84ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb, 86ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
85 struct ieee80211_rx_status *status) 87 struct ieee80211_rx_status *status,
88 struct ieee80211_rate *rate)
86{ 89{
87 struct ieee80211_sub_if_data *sdata; 90 struct ieee80211_sub_if_data *sdata;
88 struct ieee80211_rate *rate;
89 int needed_headroom = 0; 91 int needed_headroom = 0;
90 struct ieee80211_radiotap_header *rthdr; 92 struct ieee80211_radiotap_header *rthdr;
91 __le64 *rttsft = NULL; 93 __le64 *rttsft = NULL;
@@ -194,14 +196,11 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
194 rtfixed->rx_flags |= 196 rtfixed->rx_flags |=
195 cpu_to_le16(IEEE80211_RADIOTAP_F_RX_BADFCS); 197 cpu_to_le16(IEEE80211_RADIOTAP_F_RX_BADFCS);
196 198
197 rate = ieee80211_get_rate(local, status->phymode, 199 rtfixed->rate = rate->bitrate / 5;
198 status->rate);
199 if (rate)
200 rtfixed->rate = rate->rate / 5;
201 200
202 rtfixed->chan_freq = cpu_to_le16(status->freq); 201 rtfixed->chan_freq = cpu_to_le16(status->freq);
203 202
204 if (status->phymode == MODE_IEEE80211A) 203 if (status->band == IEEE80211_BAND_5GHZ)
205 rtfixed->chan_flags = 204 rtfixed->chan_flags =
206 cpu_to_le16(IEEE80211_CHAN_OFDM | 205 cpu_to_le16(IEEE80211_CHAN_OFDM |
207 IEEE80211_CHAN_5GHZ); 206 IEEE80211_CHAN_5GHZ);
@@ -226,6 +225,9 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
226 if (sdata->vif.type != IEEE80211_IF_TYPE_MNTR) 225 if (sdata->vif.type != IEEE80211_IF_TYPE_MNTR)
227 continue; 226 continue;
228 227
228 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES)
229 continue;
230
229 if (prev_dev) { 231 if (prev_dev) {
230 skb2 = skb_clone(skb, GFP_ATOMIC); 232 skb2 = skb_clone(skb, GFP_ATOMIC);
231 if (skb2) { 233 if (skb2) {
@@ -249,15 +251,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
249} 251}
250 252
251 253
252/* pre-rx handlers 254static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
253 *
254 * these don't have dev/sdata fields in the rx data
255 * The sta value should also not be used because it may
256 * be NULL even though a STA (in IBSS mode) will be added.
257 */
258
259static ieee80211_txrx_result
260ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx)
261{ 255{
262 u8 *data = rx->skb->data; 256 u8 *data = rx->skb->data;
263 int tid; 257 int tid;
@@ -268,9 +262,9 @@ ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx)
268 /* frame has qos control */ 262 /* frame has qos control */
269 tid = qc[0] & QOS_CONTROL_TID_MASK; 263 tid = qc[0] & QOS_CONTROL_TID_MASK;
270 if (qc[0] & IEEE80211_QOS_CONTROL_A_MSDU_PRESENT) 264 if (qc[0] & IEEE80211_QOS_CONTROL_A_MSDU_PRESENT)
271 rx->flags |= IEEE80211_TXRXD_RX_AMSDU; 265 rx->flags |= IEEE80211_RX_AMSDU;
272 else 266 else
273 rx->flags &= ~IEEE80211_TXRXD_RX_AMSDU; 267 rx->flags &= ~IEEE80211_RX_AMSDU;
274 } else { 268 } else {
275 if (unlikely((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)) { 269 if (unlikely((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)) {
276 /* Separate TID for management frames */ 270 /* Separate TID for management frames */
@@ -286,68 +280,19 @@ ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx)
286 if (rx->sta) 280 if (rx->sta)
287 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]); 281 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]);
288 282
289 rx->u.rx.queue = tid; 283 rx->queue = tid;
290 /* Set skb->priority to 1d tag if highest order bit of TID is not set. 284 /* Set skb->priority to 1d tag if highest order bit of TID is not set.
291 * For now, set skb->priority to 0 for other cases. */ 285 * For now, set skb->priority to 0 for other cases. */
292 rx->skb->priority = (tid > 7) ? 0 : tid; 286 rx->skb->priority = (tid > 7) ? 0 : tid;
293
294 return TXRX_CONTINUE;
295} 287}
296 288
297 289static void ieee80211_verify_ip_alignment(struct ieee80211_rx_data *rx)
298static u32 ieee80211_rx_load_stats(struct ieee80211_local *local,
299 struct sk_buff *skb,
300 struct ieee80211_rx_status *status)
301{ 290{
302 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
303 u32 load = 0, hdrtime;
304 struct ieee80211_rate *rate;
305 struct ieee80211_hw_mode *mode = local->hw.conf.mode;
306 int i;
307
308 /* Estimate total channel use caused by this frame */
309
310 if (unlikely(mode->num_rates < 0))
311 return TXRX_CONTINUE;
312
313 rate = &mode->rates[0];
314 for (i = 0; i < mode->num_rates; i++) {
315 if (mode->rates[i].val == status->rate) {
316 rate = &mode->rates[i];
317 break;
318 }
319 }
320
321 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
322 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
323
324 if (mode->mode == MODE_IEEE80211A ||
325 (mode->mode == MODE_IEEE80211G &&
326 rate->flags & IEEE80211_RATE_ERP))
327 hdrtime = CHAN_UTIL_HDR_SHORT;
328 else
329 hdrtime = CHAN_UTIL_HDR_LONG;
330
331 load = hdrtime;
332 if (!is_multicast_ether_addr(hdr->addr1))
333 load += hdrtime;
334
335 load += skb->len * rate->rate_inv;
336
337 /* Divide channel_use by 8 to avoid wrapping around the counter */
338 load >>= CHAN_UTIL_SHIFT;
339
340 return load;
341}
342
343#ifdef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT 291#ifdef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT
344static ieee80211_txrx_result
345ieee80211_rx_h_verify_ip_alignment(struct ieee80211_txrx_data *rx)
346{
347 int hdrlen; 292 int hdrlen;
348 293
349 if (!WLAN_FC_DATA_PRESENT(rx->fc)) 294 if (!WLAN_FC_DATA_PRESENT(rx->fc))
350 return TXRX_CONTINUE; 295 return;
351 296
352 /* 297 /*
353 * Drivers are required to align the payload data in a way that 298 * Drivers are required to align the payload data in a way that
@@ -369,83 +314,158 @@ ieee80211_rx_h_verify_ip_alignment(struct ieee80211_txrx_data *rx)
369 * to move the 802.11 header further back in that case. 314 * to move the 802.11 header further back in that case.
370 */ 315 */
371 hdrlen = ieee80211_get_hdrlen(rx->fc); 316 hdrlen = ieee80211_get_hdrlen(rx->fc);
372 if (rx->flags & IEEE80211_TXRXD_RX_AMSDU) 317 if (rx->flags & IEEE80211_RX_AMSDU)
373 hdrlen += ETH_HLEN; 318 hdrlen += ETH_HLEN;
374 WARN_ON_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3); 319 WARN_ON_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3);
375
376 return TXRX_CONTINUE;
377}
378#endif 320#endif
321}
379 322
380ieee80211_rx_handler ieee80211_rx_pre_handlers[] = 323
324static u32 ieee80211_rx_load_stats(struct ieee80211_local *local,
325 struct sk_buff *skb,
326 struct ieee80211_rx_status *status,
327 struct ieee80211_rate *rate)
381{ 328{
382 ieee80211_rx_h_parse_qos, 329 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
383#ifdef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT 330 u32 load = 0, hdrtime;
384 ieee80211_rx_h_verify_ip_alignment, 331
385#endif 332 /* Estimate total channel use caused by this frame */
386 NULL 333
387}; 334 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
335 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
336
337 if (status->band == IEEE80211_BAND_5GHZ ||
338 (status->band == IEEE80211_BAND_5GHZ &&
339 rate->flags & IEEE80211_RATE_ERP_G))
340 hdrtime = CHAN_UTIL_HDR_SHORT;
341 else
342 hdrtime = CHAN_UTIL_HDR_LONG;
343
344 load = hdrtime;
345 if (!is_multicast_ether_addr(hdr->addr1))
346 load += hdrtime;
347
348 /* TODO: optimise again */
349 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate;
350
351 /* Divide channel_use by 8 to avoid wrapping around the counter */
352 load >>= CHAN_UTIL_SHIFT;
353
354 return load;
355}
388 356
389/* rx handlers */ 357/* rx handlers */
390 358
391static ieee80211_txrx_result 359static ieee80211_rx_result
392ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx) 360ieee80211_rx_h_if_stats(struct ieee80211_rx_data *rx)
393{ 361{
394 if (rx->sta) 362 if (rx->sta)
395 rx->sta->channel_use_raw += rx->u.rx.load; 363 rx->sta->channel_use_raw += rx->load;
396 rx->sdata->channel_use_raw += rx->u.rx.load; 364 rx->sdata->channel_use_raw += rx->load;
397 return TXRX_CONTINUE; 365 return RX_CONTINUE;
398} 366}
399 367
400static ieee80211_txrx_result 368static ieee80211_rx_result
401ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx) 369ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
402{ 370{
403 struct ieee80211_local *local = rx->local; 371 struct ieee80211_local *local = rx->local;
404 struct sk_buff *skb = rx->skb; 372 struct sk_buff *skb = rx->skb;
405 373
406 if (unlikely(local->sta_hw_scanning)) 374 if (unlikely(local->sta_hw_scanning))
407 return ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status); 375 return ieee80211_sta_rx_scan(rx->dev, skb, rx->status);
408 376
409 if (unlikely(local->sta_sw_scanning)) { 377 if (unlikely(local->sta_sw_scanning)) {
410 /* drop all the other packets during a software scan anyway */ 378 /* drop all the other packets during a software scan anyway */
411 if (ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status) 379 if (ieee80211_sta_rx_scan(rx->dev, skb, rx->status)
412 != TXRX_QUEUED) 380 != RX_QUEUED)
413 dev_kfree_skb(skb); 381 dev_kfree_skb(skb);
414 return TXRX_QUEUED; 382 return RX_QUEUED;
415 } 383 }
416 384
417 if (unlikely(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) { 385 if (unlikely(rx->flags & IEEE80211_RX_IN_SCAN)) {
418 /* scanning finished during invoking of handlers */ 386 /* scanning finished during invoking of handlers */
419 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan); 387 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
420 return TXRX_DROP; 388 return RX_DROP_UNUSABLE;
421 } 389 }
422 390
423 return TXRX_CONTINUE; 391 return RX_CONTINUE;
392}
393
394static ieee80211_rx_result
395ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx)
396{
397 int hdrlen = ieee80211_get_hdrlen(rx->fc);
398 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
399
400#define msh_h_get(h, l) ((struct ieee80211s_hdr *) ((u8 *)h + l))
401
402 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) {
403 if (!((rx->fc & IEEE80211_FCTL_FROMDS) &&
404 (rx->fc & IEEE80211_FCTL_TODS)))
405 return RX_DROP_MONITOR;
406 if (memcmp(hdr->addr4, rx->dev->dev_addr, ETH_ALEN) == 0)
407 return RX_DROP_MONITOR;
408 }
409
410 /* If there is not an established peer link and this is not a peer link
411 * establisment frame, beacon or probe, drop the frame.
412 */
413
414 if (!rx->sta || sta_plink_state(rx->sta) != PLINK_ESTAB) {
415 struct ieee80211_mgmt *mgmt;
416
417 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT)
418 return RX_DROP_MONITOR;
419
420 switch (rx->fc & IEEE80211_FCTL_STYPE) {
421 case IEEE80211_STYPE_ACTION:
422 mgmt = (struct ieee80211_mgmt *)hdr;
423 if (mgmt->u.action.category != PLINK_CATEGORY)
424 return RX_DROP_MONITOR;
425 /* fall through on else */
426 case IEEE80211_STYPE_PROBE_REQ:
427 case IEEE80211_STYPE_PROBE_RESP:
428 case IEEE80211_STYPE_BEACON:
429 return RX_CONTINUE;
430 break;
431 default:
432 return RX_DROP_MONITOR;
433 }
434
435 } else if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
436 is_broadcast_ether_addr(hdr->addr1) &&
437 mesh_rmc_check(hdr->addr4, msh_h_get(hdr, hdrlen), rx->dev))
438 return RX_DROP_MONITOR;
439#undef msh_h_get
440
441 return RX_CONTINUE;
424} 442}
425 443
426static ieee80211_txrx_result 444
427ieee80211_rx_h_check(struct ieee80211_txrx_data *rx) 445static ieee80211_rx_result
446ieee80211_rx_h_check(struct ieee80211_rx_data *rx)
428{ 447{
429 struct ieee80211_hdr *hdr; 448 struct ieee80211_hdr *hdr;
449
430 hdr = (struct ieee80211_hdr *) rx->skb->data; 450 hdr = (struct ieee80211_hdr *) rx->skb->data;
431 451
432 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */ 452 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
433 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) { 453 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
434 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY && 454 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY &&
435 rx->sta->last_seq_ctrl[rx->u.rx.queue] == 455 rx->sta->last_seq_ctrl[rx->queue] ==
436 hdr->seq_ctrl)) { 456 hdr->seq_ctrl)) {
437 if (rx->flags & IEEE80211_TXRXD_RXRA_MATCH) { 457 if (rx->flags & IEEE80211_RX_RA_MATCH) {
438 rx->local->dot11FrameDuplicateCount++; 458 rx->local->dot11FrameDuplicateCount++;
439 rx->sta->num_duplicates++; 459 rx->sta->num_duplicates++;
440 } 460 }
441 return TXRX_DROP; 461 return RX_DROP_MONITOR;
442 } else 462 } else
443 rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl; 463 rx->sta->last_seq_ctrl[rx->queue] = hdr->seq_ctrl;
444 } 464 }
445 465
446 if (unlikely(rx->skb->len < 16)) { 466 if (unlikely(rx->skb->len < 16)) {
447 I802_DEBUG_INC(rx->local->rx_handlers_drop_short); 467 I802_DEBUG_INC(rx->local->rx_handlers_drop_short);
448 return TXRX_DROP; 468 return RX_DROP_MONITOR;
449 } 469 }
450 470
451 /* Drop disallowed frame classes based on STA auth/assoc state; 471 /* Drop disallowed frame classes based on STA auth/assoc state;
@@ -456,6 +476,10 @@ ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
456 * deauth/disassoc frames when needed. In addition, hostapd is 476 * deauth/disassoc frames when needed. In addition, hostapd is
457 * responsible for filtering on both auth and assoc states. 477 * responsible for filtering on both auth and assoc states.
458 */ 478 */
479
480 if (ieee80211_vif_is_mesh(&rx->sdata->vif))
481 return ieee80211_rx_mesh_check(rx);
482
459 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA || 483 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA ||
460 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL && 484 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
461 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) && 485 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
@@ -464,26 +488,26 @@ ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
464 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) && 488 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
465 !(rx->fc & IEEE80211_FCTL_TODS) && 489 !(rx->fc & IEEE80211_FCTL_TODS) &&
466 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) 490 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
467 || !(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) { 491 || !(rx->flags & IEEE80211_RX_RA_MATCH)) {
468 /* Drop IBSS frames and frames for other hosts 492 /* Drop IBSS frames and frames for other hosts
469 * silently. */ 493 * silently. */
470 return TXRX_DROP; 494 return RX_DROP_MONITOR;
471 } 495 }
472 496
473 return TXRX_DROP; 497 return RX_DROP_MONITOR;
474 } 498 }
475 499
476 return TXRX_CONTINUE; 500 return RX_CONTINUE;
477} 501}
478 502
479 503
480static ieee80211_txrx_result 504static ieee80211_rx_result
481ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx) 505ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
482{ 506{
483 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 507 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
484 int keyidx; 508 int keyidx;
485 int hdrlen; 509 int hdrlen;
486 ieee80211_txrx_result result = TXRX_DROP; 510 ieee80211_rx_result result = RX_DROP_UNUSABLE;
487 struct ieee80211_key *stakey = NULL; 511 struct ieee80211_key *stakey = NULL;
488 512
489 /* 513 /*
@@ -513,14 +537,14 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
513 */ 537 */
514 538
515 if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) 539 if (!(rx->fc & IEEE80211_FCTL_PROTECTED))
516 return TXRX_CONTINUE; 540 return RX_CONTINUE;
517 541
518 /* 542 /*
519 * No point in finding a key and decrypting if the frame is neither 543 * No point in finding a key and decrypting if the frame is neither
520 * addressed to us nor a multicast frame. 544 * addressed to us nor a multicast frame.
521 */ 545 */
522 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 546 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
523 return TXRX_CONTINUE; 547 return RX_CONTINUE;
524 548
525 if (rx->sta) 549 if (rx->sta)
526 stakey = rcu_dereference(rx->sta->key); 550 stakey = rcu_dereference(rx->sta->key);
@@ -537,14 +561,14 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
537 * we somehow allow the driver to tell us which key 561 * we somehow allow the driver to tell us which key
538 * the hardware used if this flag is set? 562 * the hardware used if this flag is set?
539 */ 563 */
540 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) && 564 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
541 (rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) 565 (rx->status->flag & RX_FLAG_IV_STRIPPED))
542 return TXRX_CONTINUE; 566 return RX_CONTINUE;
543 567
544 hdrlen = ieee80211_get_hdrlen(rx->fc); 568 hdrlen = ieee80211_get_hdrlen(rx->fc);
545 569
546 if (rx->skb->len < 8 + hdrlen) 570 if (rx->skb->len < 8 + hdrlen)
547 return TXRX_DROP; /* TODO: count this? */ 571 return RX_DROP_UNUSABLE; /* TODO: count this? */
548 572
549 /* 573 /*
550 * no need to call ieee80211_wep_get_keyidx, 574 * no need to call ieee80211_wep_get_keyidx,
@@ -573,14 +597,14 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
573 printk(KERN_DEBUG "%s: RX protected frame," 597 printk(KERN_DEBUG "%s: RX protected frame,"
574 " but have no key\n", rx->dev->name); 598 " but have no key\n", rx->dev->name);
575#endif /* CONFIG_MAC80211_DEBUG */ 599#endif /* CONFIG_MAC80211_DEBUG */
576 return TXRX_DROP; 600 return RX_DROP_MONITOR;
577 } 601 }
578 602
579 /* Check for weak IVs if possible */ 603 /* Check for weak IVs if possible */
580 if (rx->sta && rx->key->conf.alg == ALG_WEP && 604 if (rx->sta && rx->key->conf.alg == ALG_WEP &&
581 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) && 605 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
582 (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED) || 606 (!(rx->status->flag & RX_FLAG_IV_STRIPPED) ||
583 !(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) && 607 !(rx->status->flag & RX_FLAG_DECRYPTED)) &&
584 ieee80211_wep_is_weak_iv(rx->skb, rx->key)) 608 ieee80211_wep_is_weak_iv(rx->skb, rx->key))
585 rx->sta->wep_weak_iv_count++; 609 rx->sta->wep_weak_iv_count++;
586 610
@@ -597,7 +621,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_txrx_data *rx)
597 } 621 }
598 622
599 /* either the frame has been decrypted or will be dropped */ 623 /* either the frame has been decrypted or will be dropped */
600 rx->u.rx.status->flag |= RX_FLAG_DECRYPTED; 624 rx->status->flag |= RX_FLAG_DECRYPTED;
601 625
602 return result; 626 return result;
603} 627}
@@ -607,12 +631,12 @@ static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
607 struct ieee80211_sub_if_data *sdata; 631 struct ieee80211_sub_if_data *sdata;
608 DECLARE_MAC_BUF(mac); 632 DECLARE_MAC_BUF(mac);
609 633
610 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 634 sdata = sta->sdata;
611 635
612 if (sdata->bss) 636 if (sdata->bss)
613 atomic_inc(&sdata->bss->num_sta_ps); 637 atomic_inc(&sdata->bss->num_sta_ps);
614 sta->flags |= WLAN_STA_PS; 638 sta->flags |= WLAN_STA_PS;
615 sta->pspoll = 0; 639 sta->flags &= ~WLAN_STA_PSPOLL;
616#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 640#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
617 printk(KERN_DEBUG "%s: STA %s aid %d enters power save mode\n", 641 printk(KERN_DEBUG "%s: STA %s aid %d enters power save mode\n",
618 dev->name, print_mac(mac, sta->addr), sta->aid); 642 dev->name, print_mac(mac, sta->addr), sta->aid);
@@ -628,21 +652,21 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
628 struct ieee80211_tx_packet_data *pkt_data; 652 struct ieee80211_tx_packet_data *pkt_data;
629 DECLARE_MAC_BUF(mac); 653 DECLARE_MAC_BUF(mac);
630 654
631 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 655 sdata = sta->sdata;
656
632 if (sdata->bss) 657 if (sdata->bss)
633 atomic_dec(&sdata->bss->num_sta_ps); 658 atomic_dec(&sdata->bss->num_sta_ps);
634 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_TIM); 659
635 sta->pspoll = 0; 660 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_PSPOLL);
636 if (!skb_queue_empty(&sta->ps_tx_buf)) { 661
637 if (local->ops->set_tim) 662 if (!skb_queue_empty(&sta->ps_tx_buf))
638 local->ops->set_tim(local_to_hw(local), sta->aid, 0); 663 sta_info_clear_tim_bit(sta);
639 if (sdata->bss) 664
640 bss_tim_clear(local, sdata->bss, sta->aid);
641 }
642#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 665#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
643 printk(KERN_DEBUG "%s: STA %s aid %d exits power save mode\n", 666 printk(KERN_DEBUG "%s: STA %s aid %d exits power save mode\n",
644 dev->name, print_mac(mac, sta->addr), sta->aid); 667 dev->name, print_mac(mac, sta->addr), sta->aid);
645#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 668#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
669
646 /* Send all buffered frames to the station */ 670 /* Send all buffered frames to the station */
647 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 671 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
648 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 672 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
@@ -666,15 +690,15 @@ static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
666 return sent; 690 return sent;
667} 691}
668 692
669static ieee80211_txrx_result 693static ieee80211_rx_result
670ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx) 694ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
671{ 695{
672 struct sta_info *sta = rx->sta; 696 struct sta_info *sta = rx->sta;
673 struct net_device *dev = rx->dev; 697 struct net_device *dev = rx->dev;
674 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 698 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
675 699
676 if (!sta) 700 if (!sta)
677 return TXRX_CONTINUE; 701 return RX_CONTINUE;
678 702
679 /* Update last_rx only for IBSS packets which are for the current 703 /* Update last_rx only for IBSS packets which are for the current
680 * BSSID to avoid keeping the current IBSS network alive in cases where 704 * BSSID to avoid keeping the current IBSS network alive in cases where
@@ -690,24 +714,26 @@ ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
690 /* Update last_rx only for unicast frames in order to prevent 714 /* Update last_rx only for unicast frames in order to prevent
691 * the Probe Request frames (the only broadcast frames from a 715 * the Probe Request frames (the only broadcast frames from a
692 * STA in infrastructure mode) from keeping a connection alive. 716 * STA in infrastructure mode) from keeping a connection alive.
717 * Mesh beacons will update last_rx when if they are found to
718 * match the current local configuration when processed.
693 */ 719 */
694 sta->last_rx = jiffies; 720 sta->last_rx = jiffies;
695 } 721 }
696 722
697 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 723 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
698 return TXRX_CONTINUE; 724 return RX_CONTINUE;
699 725
700 sta->rx_fragments++; 726 sta->rx_fragments++;
701 sta->rx_bytes += rx->skb->len; 727 sta->rx_bytes += rx->skb->len;
702 sta->last_rssi = rx->u.rx.status->ssi; 728 sta->last_rssi = rx->status->ssi;
703 sta->last_signal = rx->u.rx.status->signal; 729 sta->last_signal = rx->status->signal;
704 sta->last_noise = rx->u.rx.status->noise; 730 sta->last_noise = rx->status->noise;
705 731
706 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) { 732 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
707 /* Change STA power saving mode only in the end of a frame 733 /* Change STA power saving mode only in the end of a frame
708 * exchange sequence */ 734 * exchange sequence */
709 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM)) 735 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM))
710 rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta); 736 rx->sent_ps_buffered += ap_sta_ps_end(dev, sta);
711 else if (!(sta->flags & WLAN_STA_PS) && 737 else if (!(sta->flags & WLAN_STA_PS) &&
712 (rx->fc & IEEE80211_FCTL_PM)) 738 (rx->fc & IEEE80211_FCTL_PM))
713 ap_sta_ps_start(dev, sta); 739 ap_sta_ps_start(dev, sta);
@@ -722,10 +748,10 @@ ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
722 * as a dropped packed. */ 748 * as a dropped packed. */
723 sta->rx_packets++; 749 sta->rx_packets++;
724 dev_kfree_skb(rx->skb); 750 dev_kfree_skb(rx->skb);
725 return TXRX_QUEUED; 751 return RX_QUEUED;
726 } 752 }
727 753
728 return TXRX_CONTINUE; 754 return RX_CONTINUE;
729} /* ieee80211_rx_h_sta_process */ 755} /* ieee80211_rx_h_sta_process */
730 756
731static inline struct ieee80211_fragment_entry * 757static inline struct ieee80211_fragment_entry *
@@ -801,7 +827,7 @@ ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
801 compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0) 827 compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0)
802 continue; 828 continue;
803 829
804 if (entry->first_frag_time + 2 * HZ < jiffies) { 830 if (time_after(jiffies, entry->first_frag_time + 2 * HZ)) {
805 __skb_queue_purge(&entry->skb_list); 831 __skb_queue_purge(&entry->skb_list);
806 continue; 832 continue;
807 } 833 }
@@ -811,8 +837,8 @@ ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
811 return NULL; 837 return NULL;
812} 838}
813 839
814static ieee80211_txrx_result 840static ieee80211_rx_result
815ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx) 841ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
816{ 842{
817 struct ieee80211_hdr *hdr; 843 struct ieee80211_hdr *hdr;
818 u16 sc; 844 u16 sc;
@@ -838,27 +864,27 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
838 if (frag == 0) { 864 if (frag == 0) {
839 /* This is the first fragment of a new frame. */ 865 /* This is the first fragment of a new frame. */
840 entry = ieee80211_reassemble_add(rx->sdata, frag, seq, 866 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
841 rx->u.rx.queue, &(rx->skb)); 867 rx->queue, &(rx->skb));
842 if (rx->key && rx->key->conf.alg == ALG_CCMP && 868 if (rx->key && rx->key->conf.alg == ALG_CCMP &&
843 (rx->fc & IEEE80211_FCTL_PROTECTED)) { 869 (rx->fc & IEEE80211_FCTL_PROTECTED)) {
844 /* Store CCMP PN so that we can verify that the next 870 /* Store CCMP PN so that we can verify that the next
845 * fragment has a sequential PN value. */ 871 * fragment has a sequential PN value. */
846 entry->ccmp = 1; 872 entry->ccmp = 1;
847 memcpy(entry->last_pn, 873 memcpy(entry->last_pn,
848 rx->key->u.ccmp.rx_pn[rx->u.rx.queue], 874 rx->key->u.ccmp.rx_pn[rx->queue],
849 CCMP_PN_LEN); 875 CCMP_PN_LEN);
850 } 876 }
851 return TXRX_QUEUED; 877 return RX_QUEUED;
852 } 878 }
853 879
854 /* This is a fragment for a frame that should already be pending in 880 /* This is a fragment for a frame that should already be pending in
855 * fragment cache. Add this fragment to the end of the pending entry. 881 * fragment cache. Add this fragment to the end of the pending entry.
856 */ 882 */
857 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq, 883 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq,
858 rx->u.rx.queue, hdr); 884 rx->queue, hdr);
859 if (!entry) { 885 if (!entry) {
860 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag); 886 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
861 return TXRX_DROP; 887 return RX_DROP_MONITOR;
862 } 888 }
863 889
864 /* Verify that MPDUs within one MSDU have sequential PN values. 890 /* Verify that MPDUs within one MSDU have sequential PN values.
@@ -867,14 +893,14 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
867 int i; 893 int i;
868 u8 pn[CCMP_PN_LEN], *rpn; 894 u8 pn[CCMP_PN_LEN], *rpn;
869 if (!rx->key || rx->key->conf.alg != ALG_CCMP) 895 if (!rx->key || rx->key->conf.alg != ALG_CCMP)
870 return TXRX_DROP; 896 return RX_DROP_UNUSABLE;
871 memcpy(pn, entry->last_pn, CCMP_PN_LEN); 897 memcpy(pn, entry->last_pn, CCMP_PN_LEN);
872 for (i = CCMP_PN_LEN - 1; i >= 0; i--) { 898 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
873 pn[i]++; 899 pn[i]++;
874 if (pn[i]) 900 if (pn[i])
875 break; 901 break;
876 } 902 }
877 rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue]; 903 rpn = rx->key->u.ccmp.rx_pn[rx->queue];
878 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) { 904 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
879 if (net_ratelimit()) 905 if (net_ratelimit())
880 printk(KERN_DEBUG "%s: defrag: CCMP PN not " 906 printk(KERN_DEBUG "%s: defrag: CCMP PN not "
@@ -885,7 +911,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
885 rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], 911 rpn[0], rpn[1], rpn[2], rpn[3], rpn[4],
886 rpn[5], pn[0], pn[1], pn[2], pn[3], 912 rpn[5], pn[0], pn[1], pn[2], pn[3],
887 pn[4], pn[5]); 913 pn[4], pn[5]);
888 return TXRX_DROP; 914 return RX_DROP_UNUSABLE;
889 } 915 }
890 memcpy(entry->last_pn, pn, CCMP_PN_LEN); 916 memcpy(entry->last_pn, pn, CCMP_PN_LEN);
891 } 917 }
@@ -896,7 +922,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
896 entry->extra_len += rx->skb->len; 922 entry->extra_len += rx->skb->len;
897 if (rx->fc & IEEE80211_FCTL_MOREFRAGS) { 923 if (rx->fc & IEEE80211_FCTL_MOREFRAGS) {
898 rx->skb = NULL; 924 rx->skb = NULL;
899 return TXRX_QUEUED; 925 return RX_QUEUED;
900 } 926 }
901 927
902 rx->skb = __skb_dequeue(&entry->skb_list); 928 rx->skb = __skb_dequeue(&entry->skb_list);
@@ -906,7 +932,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
906 GFP_ATOMIC))) { 932 GFP_ATOMIC))) {
907 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag); 933 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
908 __skb_queue_purge(&entry->skb_list); 934 __skb_queue_purge(&entry->skb_list);
909 return TXRX_DROP; 935 return RX_DROP_UNUSABLE;
910 } 936 }
911 } 937 }
912 while ((skb = __skb_dequeue(&entry->skb_list))) { 938 while ((skb = __skb_dequeue(&entry->skb_list))) {
@@ -915,7 +941,7 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
915 } 941 }
916 942
917 /* Complete frame has been reassembled - process it now */ 943 /* Complete frame has been reassembled - process it now */
918 rx->flags |= IEEE80211_TXRXD_FRAGMENTED; 944 rx->flags |= IEEE80211_RX_FRAGMENTED;
919 945
920 out: 946 out:
921 if (rx->sta) 947 if (rx->sta)
@@ -924,11 +950,11 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
924 rx->local->dot11MulticastReceivedFrameCount++; 950 rx->local->dot11MulticastReceivedFrameCount++;
925 else 951 else
926 ieee80211_led_rx(rx->local); 952 ieee80211_led_rx(rx->local);
927 return TXRX_CONTINUE; 953 return RX_CONTINUE;
928} 954}
929 955
930static ieee80211_txrx_result 956static ieee80211_rx_result
931ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx) 957ieee80211_rx_h_ps_poll(struct ieee80211_rx_data *rx)
932{ 958{
933 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 959 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
934 struct sk_buff *skb; 960 struct sk_buff *skb;
@@ -938,12 +964,12 @@ ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
938 if (likely(!rx->sta || 964 if (likely(!rx->sta ||
939 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL || 965 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL ||
940 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL || 966 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL ||
941 !(rx->flags & IEEE80211_TXRXD_RXRA_MATCH))) 967 !(rx->flags & IEEE80211_RX_RA_MATCH)))
942 return TXRX_CONTINUE; 968 return RX_CONTINUE;
943 969
944 if ((sdata->vif.type != IEEE80211_IF_TYPE_AP) && 970 if ((sdata->vif.type != IEEE80211_IF_TYPE_AP) &&
945 (sdata->vif.type != IEEE80211_IF_TYPE_VLAN)) 971 (sdata->vif.type != IEEE80211_IF_TYPE_VLAN))
946 return TXRX_DROP; 972 return RX_DROP_UNUSABLE;
947 973
948 skb = skb_dequeue(&rx->sta->tx_filtered); 974 skb = skb_dequeue(&rx->sta->tx_filtered);
949 if (!skb) { 975 if (!skb) {
@@ -958,9 +984,11 @@ ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
958 struct ieee80211_hdr *hdr = 984 struct ieee80211_hdr *hdr =
959 (struct ieee80211_hdr *) skb->data; 985 (struct ieee80211_hdr *) skb->data;
960 986
961 /* tell TX path to send one frame even though the STA may 987 /*
962 * still remain is PS mode after this frame exchange */ 988 * Tell TX path to send one frame even though the STA may
963 rx->sta->pspoll = 1; 989 * still remain is PS mode after this frame exchange.
990 */
991 rx->sta->flags |= WLAN_STA_PSPOLL;
964 992
965#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 993#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
966 printk(KERN_DEBUG "STA %s aid %d: PS Poll (entries after %d)\n", 994 printk(KERN_DEBUG "STA %s aid %d: PS Poll (entries after %d)\n",
@@ -970,46 +998,45 @@ ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
970 998
971 /* Use MoreData flag to indicate whether there are more 999 /* Use MoreData flag to indicate whether there are more
972 * buffered frames for this STA */ 1000 * buffered frames for this STA */
973 if (no_pending_pkts) { 1001 if (no_pending_pkts)
974 hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA); 1002 hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA);
975 rx->sta->flags &= ~WLAN_STA_TIM; 1003 else
976 } else
977 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA); 1004 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA);
978 1005
979 dev_queue_xmit(skb); 1006 dev_queue_xmit(skb);
980 1007
981 if (no_pending_pkts) { 1008 if (no_pending_pkts)
982 if (rx->local->ops->set_tim) 1009 sta_info_clear_tim_bit(rx->sta);
983 rx->local->ops->set_tim(local_to_hw(rx->local),
984 rx->sta->aid, 0);
985 if (rx->sdata->bss)
986 bss_tim_clear(rx->local, rx->sdata->bss, rx->sta->aid);
987 }
988#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 1010#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
989 } else if (!rx->u.rx.sent_ps_buffered) { 1011 } else if (!rx->sent_ps_buffered) {
1012 /*
1013 * FIXME: This can be the result of a race condition between
1014 * us expiring a frame and the station polling for it.
1015 * Should we send it a null-func frame indicating we
1016 * have nothing buffered for it?
1017 */
990 printk(KERN_DEBUG "%s: STA %s sent PS Poll even " 1018 printk(KERN_DEBUG "%s: STA %s sent PS Poll even "
991 "though there is no buffered frames for it\n", 1019 "though there is no buffered frames for it\n",
992 rx->dev->name, print_mac(mac, rx->sta->addr)); 1020 rx->dev->name, print_mac(mac, rx->sta->addr));
993#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 1021#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
994
995 } 1022 }
996 1023
997 /* Free PS Poll skb here instead of returning TXRX_DROP that would 1024 /* Free PS Poll skb here instead of returning RX_DROP that would
998 * count as an dropped frame. */ 1025 * count as an dropped frame. */
999 dev_kfree_skb(rx->skb); 1026 dev_kfree_skb(rx->skb);
1000 1027
1001 return TXRX_QUEUED; 1028 return RX_QUEUED;
1002} 1029}
1003 1030
1004static ieee80211_txrx_result 1031static ieee80211_rx_result
1005ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx) 1032ieee80211_rx_h_remove_qos_control(struct ieee80211_rx_data *rx)
1006{ 1033{
1007 u16 fc = rx->fc; 1034 u16 fc = rx->fc;
1008 u8 *data = rx->skb->data; 1035 u8 *data = rx->skb->data;
1009 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) data; 1036 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) data;
1010 1037
1011 if (!WLAN_FC_IS_QOS_DATA(fc)) 1038 if (!WLAN_FC_IS_QOS_DATA(fc))
1012 return TXRX_CONTINUE; 1039 return RX_CONTINUE;
1013 1040
1014 /* remove the qos control field, update frame type and meta-data */ 1041 /* remove the qos control field, update frame type and meta-data */
1015 memmove(data + 2, data, ieee80211_get_hdrlen(fc) - 2); 1042 memmove(data + 2, data, ieee80211_get_hdrlen(fc) - 2);
@@ -1018,17 +1045,17 @@ ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx)
1018 rx->fc = fc &= ~IEEE80211_STYPE_QOS_DATA; 1045 rx->fc = fc &= ~IEEE80211_STYPE_QOS_DATA;
1019 hdr->frame_control = cpu_to_le16(fc); 1046 hdr->frame_control = cpu_to_le16(fc);
1020 1047
1021 return TXRX_CONTINUE; 1048 return RX_CONTINUE;
1022} 1049}
1023 1050
1024static int 1051static int
1025ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx) 1052ieee80211_802_1x_port_control(struct ieee80211_rx_data *rx)
1026{ 1053{
1027 if (unlikely(rx->sdata->ieee802_1x_pac && 1054 if (unlikely(!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED))) {
1028 (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)))) {
1029#ifdef CONFIG_MAC80211_DEBUG 1055#ifdef CONFIG_MAC80211_DEBUG
1030 printk(KERN_DEBUG "%s: dropped frame " 1056 if (net_ratelimit())
1031 "(unauthorized port)\n", rx->dev->name); 1057 printk(KERN_DEBUG "%s: dropped frame "
1058 "(unauthorized port)\n", rx->dev->name);
1032#endif /* CONFIG_MAC80211_DEBUG */ 1059#endif /* CONFIG_MAC80211_DEBUG */
1033 return -EACCES; 1060 return -EACCES;
1034 } 1061 }
@@ -1037,13 +1064,13 @@ ieee80211_802_1x_port_control(struct ieee80211_txrx_data *rx)
1037} 1064}
1038 1065
1039static int 1066static int
1040ieee80211_drop_unencrypted(struct ieee80211_txrx_data *rx) 1067ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx)
1041{ 1068{
1042 /* 1069 /*
1043 * Pass through unencrypted frames if the hardware has 1070 * Pass through unencrypted frames if the hardware has
1044 * decrypted them already. 1071 * decrypted them already.
1045 */ 1072 */
1046 if (rx->u.rx.status->flag & RX_FLAG_DECRYPTED) 1073 if (rx->status->flag & RX_FLAG_DECRYPTED)
1047 return 0; 1074 return 0;
1048 1075
1049 /* Drop unencrypted frames if key is set. */ 1076 /* Drop unencrypted frames if key is set. */
@@ -1060,7 +1087,7 @@ ieee80211_drop_unencrypted(struct ieee80211_txrx_data *rx)
1060} 1087}
1061 1088
1062static int 1089static int
1063ieee80211_data_to_8023(struct ieee80211_txrx_data *rx) 1090ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1064{ 1091{
1065 struct net_device *dev = rx->dev; 1092 struct net_device *dev = rx->dev;
1066 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 1093 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
@@ -1082,6 +1109,21 @@ ieee80211_data_to_8023(struct ieee80211_txrx_data *rx)
1082 1109
1083 hdrlen = ieee80211_get_hdrlen(fc); 1110 hdrlen = ieee80211_get_hdrlen(fc);
1084 1111
1112 if (ieee80211_vif_is_mesh(&sdata->vif)) {
1113 int meshhdrlen = ieee80211_get_mesh_hdrlen(
1114 (struct ieee80211s_hdr *) (skb->data + hdrlen));
1115 /* Copy on cb:
1116 * - mesh header: to be used for mesh forwarding
1117 * decision. It will also be used as mesh header template at
1118 * tx.c:ieee80211_subif_start_xmit() if interface
1119 * type is mesh and skb->pkt_type == PACKET_OTHERHOST
1120 * - ta: to be used if a RERR needs to be sent.
1121 */
1122 memcpy(skb->cb, skb->data + hdrlen, meshhdrlen);
1123 memcpy(MESH_PREQ(skb), hdr->addr2, ETH_ALEN);
1124 hdrlen += meshhdrlen;
1125 }
1126
1085 /* convert IEEE 802.11 header + possible LLC headers into Ethernet 1127 /* convert IEEE 802.11 header + possible LLC headers into Ethernet
1086 * header 1128 * header
1087 * IEEE 802.11 address fields: 1129 * IEEE 802.11 address fields:
@@ -1115,9 +1157,10 @@ ieee80211_data_to_8023(struct ieee80211_txrx_data *rx)
1115 memcpy(dst, hdr->addr3, ETH_ALEN); 1157 memcpy(dst, hdr->addr3, ETH_ALEN);
1116 memcpy(src, hdr->addr4, ETH_ALEN); 1158 memcpy(src, hdr->addr4, ETH_ALEN);
1117 1159
1118 if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_WDS)) { 1160 if (unlikely(sdata->vif.type != IEEE80211_IF_TYPE_WDS &&
1119 if (net_ratelimit()) 1161 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT)) {
1120 printk(KERN_DEBUG "%s: dropped FromDS&ToDS " 1162 if (net_ratelimit())
1163 printk(KERN_DEBUG "%s: dropped FromDS&ToDS "
1121 "frame (RA=%s TA=%s DA=%s SA=%s)\n", 1164 "frame (RA=%s TA=%s DA=%s SA=%s)\n",
1122 rx->dev->name, 1165 rx->dev->name,
1123 print_mac(mac, hdr->addr1), 1166 print_mac(mac, hdr->addr1),
@@ -1192,7 +1235,7 @@ ieee80211_data_to_8023(struct ieee80211_txrx_data *rx)
1192/* 1235/*
1193 * requires that rx->skb is a frame with ethernet header 1236 * requires that rx->skb is a frame with ethernet header
1194 */ 1237 */
1195static bool ieee80211_frame_allowed(struct ieee80211_txrx_data *rx) 1238static bool ieee80211_frame_allowed(struct ieee80211_rx_data *rx)
1196{ 1239{
1197 static const u8 pae_group_addr[ETH_ALEN] 1240 static const u8 pae_group_addr[ETH_ALEN]
1198 = { 0x01, 0x80, 0xC2, 0x00, 0x00, 0x03 }; 1241 = { 0x01, 0x80, 0xC2, 0x00, 0x00, 0x03 };
@@ -1218,7 +1261,7 @@ static bool ieee80211_frame_allowed(struct ieee80211_txrx_data *rx)
1218 * requires that rx->skb is a frame with ethernet header 1261 * requires that rx->skb is a frame with ethernet header
1219 */ 1262 */
1220static void 1263static void
1221ieee80211_deliver_skb(struct ieee80211_txrx_data *rx) 1264ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1222{ 1265{
1223 struct net_device *dev = rx->dev; 1266 struct net_device *dev = rx->dev;
1224 struct ieee80211_local *local = rx->local; 1267 struct ieee80211_local *local = rx->local;
@@ -1232,7 +1275,7 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1232 1275
1233 if (local->bridge_packets && (sdata->vif.type == IEEE80211_IF_TYPE_AP || 1276 if (local->bridge_packets && (sdata->vif.type == IEEE80211_IF_TYPE_AP ||
1234 sdata->vif.type == IEEE80211_IF_TYPE_VLAN) && 1277 sdata->vif.type == IEEE80211_IF_TYPE_VLAN) &&
1235 (rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) { 1278 (rx->flags & IEEE80211_RX_RA_MATCH)) {
1236 if (is_multicast_ether_addr(ehdr->h_dest)) { 1279 if (is_multicast_ether_addr(ehdr->h_dest)) {
1237 /* 1280 /*
1238 * send multicast frames both to higher layers in 1281 * send multicast frames both to higher layers in
@@ -1244,7 +1287,7 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1244 "multicast frame\n", dev->name); 1287 "multicast frame\n", dev->name);
1245 } else { 1288 } else {
1246 dsta = sta_info_get(local, skb->data); 1289 dsta = sta_info_get(local, skb->data);
1247 if (dsta && dsta->dev == dev) { 1290 if (dsta && dsta->sdata->dev == dev) {
1248 /* 1291 /*
1249 * The destination station is associated to 1292 * The destination station is associated to
1250 * this AP (in this VLAN), so send the frame 1293 * this AP (in this VLAN), so send the frame
@@ -1254,8 +1297,38 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1254 xmit_skb = skb; 1297 xmit_skb = skb;
1255 skb = NULL; 1298 skb = NULL;
1256 } 1299 }
1257 if (dsta) 1300 }
1258 sta_info_put(dsta); 1301 }
1302
1303 /* Mesh forwarding */
1304 if (ieee80211_vif_is_mesh(&sdata->vif)) {
1305 u8 *mesh_ttl = &((struct ieee80211s_hdr *)skb->cb)->ttl;
1306 (*mesh_ttl)--;
1307
1308 if (is_multicast_ether_addr(skb->data)) {
1309 if (*mesh_ttl > 0) {
1310 xmit_skb = skb_copy(skb, GFP_ATOMIC);
1311 if (!xmit_skb && net_ratelimit())
1312 printk(KERN_DEBUG "%s: failed to clone "
1313 "multicast frame\n", dev->name);
1314 else
1315 xmit_skb->pkt_type = PACKET_OTHERHOST;
1316 } else
1317 IEEE80211_IFSTA_MESH_CTR_INC(&sdata->u.sta,
1318 dropped_frames_ttl);
1319 } else if (skb->pkt_type != PACKET_OTHERHOST &&
1320 compare_ether_addr(dev->dev_addr, skb->data) != 0) {
1321 if (*mesh_ttl == 0) {
1322 IEEE80211_IFSTA_MESH_CTR_INC(&sdata->u.sta,
1323 dropped_frames_ttl);
1324 dev_kfree_skb(skb);
1325 skb = NULL;
1326 } else {
1327 xmit_skb = skb;
1328 xmit_skb->pkt_type = PACKET_OTHERHOST;
1329 if (!(dev->flags & IFF_PROMISC))
1330 skb = NULL;
1331 }
1259 } 1332 }
1260 } 1333 }
1261 1334
@@ -1275,8 +1348,8 @@ ieee80211_deliver_skb(struct ieee80211_txrx_data *rx)
1275 } 1348 }
1276} 1349}
1277 1350
1278static ieee80211_txrx_result 1351static ieee80211_rx_result
1279ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx) 1352ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1280{ 1353{
1281 struct net_device *dev = rx->dev; 1354 struct net_device *dev = rx->dev;
1282 struct ieee80211_local *local = rx->local; 1355 struct ieee80211_local *local = rx->local;
@@ -1291,17 +1364,17 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1291 1364
1292 fc = rx->fc; 1365 fc = rx->fc;
1293 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) 1366 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
1294 return TXRX_CONTINUE; 1367 return RX_CONTINUE;
1295 1368
1296 if (unlikely(!WLAN_FC_DATA_PRESENT(fc))) 1369 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
1297 return TXRX_DROP; 1370 return RX_DROP_MONITOR;
1298 1371
1299 if (!(rx->flags & IEEE80211_TXRXD_RX_AMSDU)) 1372 if (!(rx->flags & IEEE80211_RX_AMSDU))
1300 return TXRX_CONTINUE; 1373 return RX_CONTINUE;
1301 1374
1302 err = ieee80211_data_to_8023(rx); 1375 err = ieee80211_data_to_8023(rx);
1303 if (unlikely(err)) 1376 if (unlikely(err))
1304 return TXRX_DROP; 1377 return RX_DROP_UNUSABLE;
1305 1378
1306 skb->dev = dev; 1379 skb->dev = dev;
1307 1380
@@ -1311,7 +1384,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1311 /* skip the wrapping header */ 1384 /* skip the wrapping header */
1312 eth = (struct ethhdr *) skb_pull(skb, sizeof(struct ethhdr)); 1385 eth = (struct ethhdr *) skb_pull(skb, sizeof(struct ethhdr));
1313 if (!eth) 1386 if (!eth)
1314 return TXRX_DROP; 1387 return RX_DROP_UNUSABLE;
1315 1388
1316 while (skb != frame) { 1389 while (skb != frame) {
1317 u8 padding; 1390 u8 padding;
@@ -1326,7 +1399,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1326 /* the last MSDU has no padding */ 1399 /* the last MSDU has no padding */
1327 if (subframe_len > remaining) { 1400 if (subframe_len > remaining) {
1328 printk(KERN_DEBUG "%s: wrong buffer size", dev->name); 1401 printk(KERN_DEBUG "%s: wrong buffer size", dev->name);
1329 return TXRX_DROP; 1402 return RX_DROP_UNUSABLE;
1330 } 1403 }
1331 1404
1332 skb_pull(skb, sizeof(struct ethhdr)); 1405 skb_pull(skb, sizeof(struct ethhdr));
@@ -1338,7 +1411,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1338 subframe_len); 1411 subframe_len);
1339 1412
1340 if (frame == NULL) 1413 if (frame == NULL)
1341 return TXRX_DROP; 1414 return RX_DROP_UNUSABLE;
1342 1415
1343 skb_reserve(frame, local->hw.extra_tx_headroom + 1416 skb_reserve(frame, local->hw.extra_tx_headroom +
1344 sizeof(struct ethhdr)); 1417 sizeof(struct ethhdr));
@@ -1351,7 +1424,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1351 printk(KERN_DEBUG "%s: wrong buffer size ", 1424 printk(KERN_DEBUG "%s: wrong buffer size ",
1352 dev->name); 1425 dev->name);
1353 dev_kfree_skb(frame); 1426 dev_kfree_skb(frame);
1354 return TXRX_DROP; 1427 return RX_DROP_UNUSABLE;
1355 } 1428 }
1356 } 1429 }
1357 1430
@@ -1381,7 +1454,7 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1381 1454
1382 if (!ieee80211_frame_allowed(rx)) { 1455 if (!ieee80211_frame_allowed(rx)) {
1383 if (skb == frame) /* last frame */ 1456 if (skb == frame) /* last frame */
1384 return TXRX_DROP; 1457 return RX_DROP_UNUSABLE;
1385 dev_kfree_skb(frame); 1458 dev_kfree_skb(frame);
1386 continue; 1459 continue;
1387 } 1460 }
@@ -1389,11 +1462,11 @@ ieee80211_rx_h_amsdu(struct ieee80211_txrx_data *rx)
1389 ieee80211_deliver_skb(rx); 1462 ieee80211_deliver_skb(rx);
1390 } 1463 }
1391 1464
1392 return TXRX_QUEUED; 1465 return RX_QUEUED;
1393} 1466}
1394 1467
1395static ieee80211_txrx_result 1468static ieee80211_rx_result
1396ieee80211_rx_h_data(struct ieee80211_txrx_data *rx) 1469ieee80211_rx_h_data(struct ieee80211_rx_data *rx)
1397{ 1470{
1398 struct net_device *dev = rx->dev; 1471 struct net_device *dev = rx->dev;
1399 u16 fc; 1472 u16 fc;
@@ -1401,17 +1474,17 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
1401 1474
1402 fc = rx->fc; 1475 fc = rx->fc;
1403 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) 1476 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
1404 return TXRX_CONTINUE; 1477 return RX_CONTINUE;
1405 1478
1406 if (unlikely(!WLAN_FC_DATA_PRESENT(fc))) 1479 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
1407 return TXRX_DROP; 1480 return RX_DROP_MONITOR;
1408 1481
1409 err = ieee80211_data_to_8023(rx); 1482 err = ieee80211_data_to_8023(rx);
1410 if (unlikely(err)) 1483 if (unlikely(err))
1411 return TXRX_DROP; 1484 return RX_DROP_UNUSABLE;
1412 1485
1413 if (!ieee80211_frame_allowed(rx)) 1486 if (!ieee80211_frame_allowed(rx))
1414 return TXRX_DROP; 1487 return RX_DROP_MONITOR;
1415 1488
1416 rx->skb->dev = dev; 1489 rx->skb->dev = dev;
1417 1490
@@ -1420,11 +1493,11 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
1420 1493
1421 ieee80211_deliver_skb(rx); 1494 ieee80211_deliver_skb(rx);
1422 1495
1423 return TXRX_QUEUED; 1496 return RX_QUEUED;
1424} 1497}
1425 1498
1426static ieee80211_txrx_result 1499static ieee80211_rx_result
1427ieee80211_rx_h_ctrl(struct ieee80211_txrx_data *rx) 1500ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1428{ 1501{
1429 struct ieee80211_local *local = rx->local; 1502 struct ieee80211_local *local = rx->local;
1430 struct ieee80211_hw *hw = &local->hw; 1503 struct ieee80211_hw *hw = &local->hw;
@@ -1435,15 +1508,16 @@ ieee80211_rx_h_ctrl(struct ieee80211_txrx_data *rx)
1435 u16 tid; 1508 u16 tid;
1436 1509
1437 if (likely((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL)) 1510 if (likely((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL))
1438 return TXRX_CONTINUE; 1511 return RX_CONTINUE;
1439 1512
1440 if ((rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BACK_REQ) { 1513 if ((rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BACK_REQ) {
1441 if (!rx->sta) 1514 if (!rx->sta)
1442 return TXRX_CONTINUE; 1515 return RX_CONTINUE;
1443 tid = le16_to_cpu(bar->control) >> 12; 1516 tid = le16_to_cpu(bar->control) >> 12;
1444 tid_agg_rx = &(rx->sta->ampdu_mlme.tid_rx[tid]); 1517 if (rx->sta->ampdu_mlme.tid_state_rx[tid]
1445 if (tid_agg_rx->state != HT_AGG_STATE_OPERATIONAL) 1518 != HT_AGG_STATE_OPERATIONAL)
1446 return TXRX_CONTINUE; 1519 return RX_CONTINUE;
1520 tid_agg_rx = rx->sta->ampdu_mlme.tid_rx[tid];
1447 1521
1448 start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4; 1522 start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4;
1449 1523
@@ -1460,77 +1534,35 @@ ieee80211_rx_h_ctrl(struct ieee80211_txrx_data *rx)
1460 ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, NULL, 1534 ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, NULL,
1461 start_seq_num, 1); 1535 start_seq_num, 1);
1462 rcu_read_unlock(); 1536 rcu_read_unlock();
1463 return TXRX_DROP; 1537 return RX_DROP_UNUSABLE;
1464 } 1538 }
1465 1539
1466 return TXRX_CONTINUE; 1540 return RX_CONTINUE;
1467} 1541}
1468 1542
1469static ieee80211_txrx_result 1543static ieee80211_rx_result
1470ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx) 1544ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
1471{ 1545{
1472 struct ieee80211_sub_if_data *sdata; 1546 struct ieee80211_sub_if_data *sdata;
1473 1547
1474 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 1548 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
1475 return TXRX_DROP; 1549 return RX_DROP_MONITOR;
1476 1550
1477 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1551 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1478 if ((sdata->vif.type == IEEE80211_IF_TYPE_STA || 1552 if ((sdata->vif.type == IEEE80211_IF_TYPE_STA ||
1479 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) && 1553 sdata->vif.type == IEEE80211_IF_TYPE_IBSS ||
1554 sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT) &&
1480 !(sdata->flags & IEEE80211_SDATA_USERSPACE_MLME)) 1555 !(sdata->flags & IEEE80211_SDATA_USERSPACE_MLME))
1481 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status); 1556 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->status);
1482 else 1557 else
1483 return TXRX_DROP; 1558 return RX_DROP_MONITOR;
1484 1559
1485 return TXRX_QUEUED; 1560 return RX_QUEUED;
1486}
1487
1488static inline ieee80211_txrx_result __ieee80211_invoke_rx_handlers(
1489 struct ieee80211_local *local,
1490 ieee80211_rx_handler *handlers,
1491 struct ieee80211_txrx_data *rx,
1492 struct sta_info *sta)
1493{
1494 ieee80211_rx_handler *handler;
1495 ieee80211_txrx_result res = TXRX_DROP;
1496
1497 for (handler = handlers; *handler != NULL; handler++) {
1498 res = (*handler)(rx);
1499
1500 switch (res) {
1501 case TXRX_CONTINUE:
1502 continue;
1503 case TXRX_DROP:
1504 I802_DEBUG_INC(local->rx_handlers_drop);
1505 if (sta)
1506 sta->rx_dropped++;
1507 break;
1508 case TXRX_QUEUED:
1509 I802_DEBUG_INC(local->rx_handlers_queued);
1510 break;
1511 }
1512 break;
1513 }
1514
1515 if (res == TXRX_DROP)
1516 dev_kfree_skb(rx->skb);
1517 return res;
1518}
1519
1520static inline void ieee80211_invoke_rx_handlers(struct ieee80211_local *local,
1521 ieee80211_rx_handler *handlers,
1522 struct ieee80211_txrx_data *rx,
1523 struct sta_info *sta)
1524{
1525 if (__ieee80211_invoke_rx_handlers(local, handlers, rx, sta) ==
1526 TXRX_CONTINUE)
1527 dev_kfree_skb(rx->skb);
1528} 1561}
1529 1562
1530static void ieee80211_rx_michael_mic_report(struct net_device *dev, 1563static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1531 struct ieee80211_hdr *hdr, 1564 struct ieee80211_hdr *hdr,
1532 struct sta_info *sta, 1565 struct ieee80211_rx_data *rx)
1533 struct ieee80211_txrx_data *rx)
1534{ 1566{
1535 int keyidx, hdrlen; 1567 int keyidx, hdrlen;
1536 DECLARE_MAC_BUF(mac); 1568 DECLARE_MAC_BUF(mac);
@@ -1548,7 +1580,7 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1548 dev->name, print_mac(mac, hdr->addr2), 1580 dev->name, print_mac(mac, hdr->addr2),
1549 print_mac(mac2, hdr->addr1), keyidx); 1581 print_mac(mac2, hdr->addr1), keyidx);
1550 1582
1551 if (!sta) { 1583 if (!rx->sta) {
1552 /* 1584 /*
1553 * Some hardware seem to generate incorrect Michael MIC 1585 * Some hardware seem to generate incorrect Michael MIC
1554 * reports; ignore them to avoid triggering countermeasures. 1586 * reports; ignore them to avoid triggering countermeasures.
@@ -1600,7 +1632,89 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1600 rx->skb = NULL; 1632 rx->skb = NULL;
1601} 1633}
1602 1634
1603ieee80211_rx_handler ieee80211_rx_handlers[] = 1635/* TODO: use IEEE80211_RX_FRAGMENTED */
1636static void ieee80211_rx_cooked_monitor(struct ieee80211_rx_data *rx)
1637{
1638 struct ieee80211_sub_if_data *sdata;
1639 struct ieee80211_local *local = rx->local;
1640 struct ieee80211_rtap_hdr {
1641 struct ieee80211_radiotap_header hdr;
1642 u8 flags;
1643 u8 rate;
1644 __le16 chan_freq;
1645 __le16 chan_flags;
1646 } __attribute__ ((packed)) *rthdr;
1647 struct sk_buff *skb = rx->skb, *skb2;
1648 struct net_device *prev_dev = NULL;
1649 struct ieee80211_rx_status *status = rx->status;
1650
1651 if (rx->flags & IEEE80211_RX_CMNTR_REPORTED)
1652 goto out_free_skb;
1653
1654 if (skb_headroom(skb) < sizeof(*rthdr) &&
1655 pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC))
1656 goto out_free_skb;
1657
1658 rthdr = (void *)skb_push(skb, sizeof(*rthdr));
1659 memset(rthdr, 0, sizeof(*rthdr));
1660 rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr));
1661 rthdr->hdr.it_present =
1662 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
1663 (1 << IEEE80211_RADIOTAP_RATE) |
1664 (1 << IEEE80211_RADIOTAP_CHANNEL));
1665
1666 rthdr->rate = rx->rate->bitrate / 5;
1667 rthdr->chan_freq = cpu_to_le16(status->freq);
1668
1669 if (status->band == IEEE80211_BAND_5GHZ)
1670 rthdr->chan_flags = cpu_to_le16(IEEE80211_CHAN_OFDM |
1671 IEEE80211_CHAN_5GHZ);
1672 else
1673 rthdr->chan_flags = cpu_to_le16(IEEE80211_CHAN_DYN |
1674 IEEE80211_CHAN_2GHZ);
1675
1676 skb_set_mac_header(skb, 0);
1677 skb->ip_summed = CHECKSUM_UNNECESSARY;
1678 skb->pkt_type = PACKET_OTHERHOST;
1679 skb->protocol = htons(ETH_P_802_2);
1680
1681 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
1682 if (!netif_running(sdata->dev))
1683 continue;
1684
1685 if (sdata->vif.type != IEEE80211_IF_TYPE_MNTR ||
1686 !(sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES))
1687 continue;
1688
1689 if (prev_dev) {
1690 skb2 = skb_clone(skb, GFP_ATOMIC);
1691 if (skb2) {
1692 skb2->dev = prev_dev;
1693 netif_rx(skb2);
1694 }
1695 }
1696
1697 prev_dev = sdata->dev;
1698 sdata->dev->stats.rx_packets++;
1699 sdata->dev->stats.rx_bytes += skb->len;
1700 }
1701
1702 if (prev_dev) {
1703 skb->dev = prev_dev;
1704 netif_rx(skb);
1705 skb = NULL;
1706 } else
1707 goto out_free_skb;
1708
1709 rx->flags |= IEEE80211_RX_CMNTR_REPORTED;
1710 return;
1711
1712 out_free_skb:
1713 dev_kfree_skb(skb);
1714}
1715
1716typedef ieee80211_rx_result (*ieee80211_rx_handler)(struct ieee80211_rx_data *);
1717static ieee80211_rx_handler ieee80211_rx_handlers[] =
1604{ 1718{
1605 ieee80211_rx_h_if_stats, 1719 ieee80211_rx_h_if_stats,
1606 ieee80211_rx_h_passive_scan, 1720 ieee80211_rx_h_passive_scan,
@@ -1622,10 +1736,51 @@ ieee80211_rx_handler ieee80211_rx_handlers[] =
1622 NULL 1736 NULL
1623}; 1737};
1624 1738
1739static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
1740 struct ieee80211_rx_data *rx,
1741 struct sk_buff *skb)
1742{
1743 ieee80211_rx_handler *handler;
1744 ieee80211_rx_result res = RX_DROP_MONITOR;
1745
1746 rx->skb = skb;
1747 rx->sdata = sdata;
1748 rx->dev = sdata->dev;
1749
1750 for (handler = ieee80211_rx_handlers; *handler != NULL; handler++) {
1751 res = (*handler)(rx);
1752
1753 switch (res) {
1754 case RX_CONTINUE:
1755 continue;
1756 case RX_DROP_UNUSABLE:
1757 case RX_DROP_MONITOR:
1758 I802_DEBUG_INC(sdata->local->rx_handlers_drop);
1759 if (rx->sta)
1760 rx->sta->rx_dropped++;
1761 break;
1762 case RX_QUEUED:
1763 I802_DEBUG_INC(sdata->local->rx_handlers_queued);
1764 break;
1765 }
1766 break;
1767 }
1768
1769 switch (res) {
1770 case RX_CONTINUE:
1771 case RX_DROP_MONITOR:
1772 ieee80211_rx_cooked_monitor(rx);
1773 break;
1774 case RX_DROP_UNUSABLE:
1775 dev_kfree_skb(rx->skb);
1776 break;
1777 }
1778}
1779
1625/* main receive path */ 1780/* main receive path */
1626 1781
1627static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata, 1782static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1628 u8 *bssid, struct ieee80211_txrx_data *rx, 1783 u8 *bssid, struct ieee80211_rx_data *rx,
1629 struct ieee80211_hdr *hdr) 1784 struct ieee80211_hdr *hdr)
1630{ 1785{
1631 int multicast = is_multicast_ether_addr(hdr->addr1); 1786 int multicast = is_multicast_ether_addr(hdr->addr1);
@@ -1635,34 +1790,47 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1635 if (!bssid) 1790 if (!bssid)
1636 return 0; 1791 return 0;
1637 if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 1792 if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) {
1638 if (!(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1793 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1639 return 0; 1794 return 0;
1640 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1795 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1641 } else if (!multicast && 1796 } else if (!multicast &&
1642 compare_ether_addr(sdata->dev->dev_addr, 1797 compare_ether_addr(sdata->dev->dev_addr,
1643 hdr->addr1) != 0) { 1798 hdr->addr1) != 0) {
1644 if (!(sdata->dev->flags & IFF_PROMISC)) 1799 if (!(sdata->dev->flags & IFF_PROMISC))
1645 return 0; 1800 return 0;
1646 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1801 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1647 } 1802 }
1648 break; 1803 break;
1649 case IEEE80211_IF_TYPE_IBSS: 1804 case IEEE80211_IF_TYPE_IBSS:
1650 if (!bssid) 1805 if (!bssid)
1651 return 0; 1806 return 0;
1652 if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 1807 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT &&
1653 if (!(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1808 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON)
1809 return 1;
1810 else if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) {
1811 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1654 return 0; 1812 return 0;
1655 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1813 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1656 } else if (!multicast && 1814 } else if (!multicast &&
1657 compare_ether_addr(sdata->dev->dev_addr, 1815 compare_ether_addr(sdata->dev->dev_addr,
1658 hdr->addr1) != 0) { 1816 hdr->addr1) != 0) {
1659 if (!(sdata->dev->flags & IFF_PROMISC)) 1817 if (!(sdata->dev->flags & IFF_PROMISC))
1660 return 0; 1818 return 0;
1661 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1819 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1662 } else if (!rx->sta) 1820 } else if (!rx->sta)
1663 rx->sta = ieee80211_ibss_add_sta(sdata->dev, rx->skb, 1821 rx->sta = ieee80211_ibss_add_sta(sdata->dev, rx->skb,
1664 bssid, hdr->addr2); 1822 bssid, hdr->addr2);
1665 break; 1823 break;
1824 case IEEE80211_IF_TYPE_MESH_POINT:
1825 if (!multicast &&
1826 compare_ether_addr(sdata->dev->dev_addr,
1827 hdr->addr1) != 0) {
1828 if (!(sdata->dev->flags & IFF_PROMISC))
1829 return 0;
1830
1831 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1832 }
1833 break;
1666 case IEEE80211_IF_TYPE_VLAN: 1834 case IEEE80211_IF_TYPE_VLAN:
1667 case IEEE80211_IF_TYPE_AP: 1835 case IEEE80211_IF_TYPE_AP:
1668 if (!bssid) { 1836 if (!bssid) {
@@ -1671,12 +1839,12 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1671 return 0; 1839 return 0;
1672 } else if (!ieee80211_bssid_match(bssid, 1840 } else if (!ieee80211_bssid_match(bssid,
1673 sdata->dev->dev_addr)) { 1841 sdata->dev->dev_addr)) {
1674 if (!(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1842 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1675 return 0; 1843 return 0;
1676 rx->flags &= ~IEEE80211_TXRXD_RXRA_MATCH; 1844 rx->flags &= ~IEEE80211_RX_RA_MATCH;
1677 } 1845 }
1678 if (sdata->dev == sdata->local->mdev && 1846 if (sdata->dev == sdata->local->mdev &&
1679 !(rx->flags & IEEE80211_TXRXD_RXIN_SCAN)) 1847 !(rx->flags & IEEE80211_RX_IN_SCAN))
1680 /* do not receive anything via 1848 /* do not receive anything via
1681 * master device when not scanning */ 1849 * master device when not scanning */
1682 return 0; 1850 return 0;
@@ -1707,13 +1875,13 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1707static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, 1875static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1708 struct sk_buff *skb, 1876 struct sk_buff *skb,
1709 struct ieee80211_rx_status *status, 1877 struct ieee80211_rx_status *status,
1710 u32 load) 1878 u32 load,
1879 struct ieee80211_rate *rate)
1711{ 1880{
1712 struct ieee80211_local *local = hw_to_local(hw); 1881 struct ieee80211_local *local = hw_to_local(hw);
1713 struct ieee80211_sub_if_data *sdata; 1882 struct ieee80211_sub_if_data *sdata;
1714 struct sta_info *sta;
1715 struct ieee80211_hdr *hdr; 1883 struct ieee80211_hdr *hdr;
1716 struct ieee80211_txrx_data rx; 1884 struct ieee80211_rx_data rx;
1717 u16 type; 1885 u16 type;
1718 int prepares; 1886 int prepares;
1719 struct ieee80211_sub_if_data *prev = NULL; 1887 struct ieee80211_sub_if_data *prev = NULL;
@@ -1725,42 +1893,33 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1725 rx.skb = skb; 1893 rx.skb = skb;
1726 rx.local = local; 1894 rx.local = local;
1727 1895
1728 rx.u.rx.status = status; 1896 rx.status = status;
1729 rx.u.rx.load = load; 1897 rx.load = load;
1898 rx.rate = rate;
1730 rx.fc = le16_to_cpu(hdr->frame_control); 1899 rx.fc = le16_to_cpu(hdr->frame_control);
1731 type = rx.fc & IEEE80211_FCTL_FTYPE; 1900 type = rx.fc & IEEE80211_FCTL_FTYPE;
1732 1901
1733 if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT) 1902 if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT)
1734 local->dot11ReceivedFragmentCount++; 1903 local->dot11ReceivedFragmentCount++;
1735 1904
1736 sta = rx.sta = sta_info_get(local, hdr->addr2); 1905 rx.sta = sta_info_get(local, hdr->addr2);
1737 if (sta) { 1906 if (rx.sta) {
1738 rx.dev = rx.sta->dev; 1907 rx.sdata = rx.sta->sdata;
1739 rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev); 1908 rx.dev = rx.sta->sdata->dev;
1740 } 1909 }
1741 1910
1742 if ((status->flag & RX_FLAG_MMIC_ERROR)) { 1911 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
1743 ieee80211_rx_michael_mic_report(local->mdev, hdr, sta, &rx); 1912 ieee80211_rx_michael_mic_report(local->mdev, hdr, &rx);
1744 goto end; 1913 return;
1745 } 1914 }
1746 1915
1747 if (unlikely(local->sta_sw_scanning || local->sta_hw_scanning)) 1916 if (unlikely(local->sta_sw_scanning || local->sta_hw_scanning))
1748 rx.flags |= IEEE80211_TXRXD_RXIN_SCAN; 1917 rx.flags |= IEEE80211_RX_IN_SCAN;
1749 1918
1750 if (__ieee80211_invoke_rx_handlers(local, local->rx_pre_handlers, &rx, 1919 ieee80211_parse_qos(&rx);
1751 sta) != TXRX_CONTINUE) 1920 ieee80211_verify_ip_alignment(&rx);
1752 goto end;
1753 skb = rx.skb;
1754 1921
1755 if (sta && !(sta->flags & (WLAN_STA_WDS | WLAN_STA_ASSOC_AP)) && 1922 skb = rx.skb;
1756 !atomic_read(&local->iff_promiscs) &&
1757 !is_multicast_ether_addr(hdr->addr1)) {
1758 rx.flags |= IEEE80211_TXRXD_RXRA_MATCH;
1759 ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx,
1760 rx.sta);
1761 sta_info_put(sta);
1762 return;
1763 }
1764 1923
1765 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 1924 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
1766 if (!netif_running(sdata->dev)) 1925 if (!netif_running(sdata->dev))
@@ -1770,10 +1929,8 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1770 continue; 1929 continue;
1771 1930
1772 bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type); 1931 bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type);
1773 rx.flags |= IEEE80211_TXRXD_RXRA_MATCH; 1932 rx.flags |= IEEE80211_RX_RA_MATCH;
1774 prepares = prepare_for_handlers(sdata, bssid, &rx, hdr); 1933 prepares = prepare_for_handlers(sdata, bssid, &rx, hdr);
1775 /* prepare_for_handlers can change sta */
1776 sta = rx.sta;
1777 1934
1778 if (!prepares) 1935 if (!prepares)
1779 continue; 1936 continue;
@@ -1804,26 +1961,14 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1804 continue; 1961 continue;
1805 } 1962 }
1806 rx.fc = le16_to_cpu(hdr->frame_control); 1963 rx.fc = le16_to_cpu(hdr->frame_control);
1807 rx.skb = skb_new; 1964 ieee80211_invoke_rx_handlers(prev, &rx, skb_new);
1808 rx.dev = prev->dev;
1809 rx.sdata = prev;
1810 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
1811 &rx, sta);
1812 prev = sdata; 1965 prev = sdata;
1813 } 1966 }
1814 if (prev) { 1967 if (prev) {
1815 rx.fc = le16_to_cpu(hdr->frame_control); 1968 rx.fc = le16_to_cpu(hdr->frame_control);
1816 rx.skb = skb; 1969 ieee80211_invoke_rx_handlers(prev, &rx, skb);
1817 rx.dev = prev->dev;
1818 rx.sdata = prev;
1819 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
1820 &rx, sta);
1821 } else 1970 } else
1822 dev_kfree_skb(skb); 1971 dev_kfree_skb(skb);
1823
1824 end:
1825 if (sta)
1826 sta_info_put(sta);
1827} 1972}
1828 1973
1829#define SEQ_MODULO 0x1000 1974#define SEQ_MODULO 0x1000
@@ -1859,6 +2004,8 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
1859 u16 head_seq_num, buf_size; 2004 u16 head_seq_num, buf_size;
1860 int index; 2005 int index;
1861 u32 pkt_load; 2006 u32 pkt_load;
2007 struct ieee80211_supported_band *sband;
2008 struct ieee80211_rate *rate;
1862 2009
1863 buf_size = tid_agg_rx->buf_size; 2010 buf_size = tid_agg_rx->buf_size;
1864 head_seq_num = tid_agg_rx->head_seq_num; 2011 head_seq_num = tid_agg_rx->head_seq_num;
@@ -1889,12 +2036,14 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
1889 memcpy(&status, 2036 memcpy(&status,
1890 tid_agg_rx->reorder_buf[index]->cb, 2037 tid_agg_rx->reorder_buf[index]->cb,
1891 sizeof(status)); 2038 sizeof(status));
2039 sband = local->hw.wiphy->bands[status.band];
2040 rate = &sband->bitrates[status.rate_idx];
1892 pkt_load = ieee80211_rx_load_stats(local, 2041 pkt_load = ieee80211_rx_load_stats(local,
1893 tid_agg_rx->reorder_buf[index], 2042 tid_agg_rx->reorder_buf[index],
1894 &status); 2043 &status, rate);
1895 __ieee80211_rx_handle_packet(hw, 2044 __ieee80211_rx_handle_packet(hw,
1896 tid_agg_rx->reorder_buf[index], 2045 tid_agg_rx->reorder_buf[index],
1897 &status, pkt_load); 2046 &status, pkt_load, rate);
1898 tid_agg_rx->stored_mpdu_num--; 2047 tid_agg_rx->stored_mpdu_num--;
1899 tid_agg_rx->reorder_buf[index] = NULL; 2048 tid_agg_rx->reorder_buf[index] = NULL;
1900 } 2049 }
@@ -1934,11 +2083,13 @@ u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
1934 /* release the reordered frame back to stack */ 2083 /* release the reordered frame back to stack */
1935 memcpy(&status, tid_agg_rx->reorder_buf[index]->cb, 2084 memcpy(&status, tid_agg_rx->reorder_buf[index]->cb,
1936 sizeof(status)); 2085 sizeof(status));
2086 sband = local->hw.wiphy->bands[status.band];
2087 rate = &sband->bitrates[status.rate_idx];
1937 pkt_load = ieee80211_rx_load_stats(local, 2088 pkt_load = ieee80211_rx_load_stats(local,
1938 tid_agg_rx->reorder_buf[index], 2089 tid_agg_rx->reorder_buf[index],
1939 &status); 2090 &status, rate);
1940 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index], 2091 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index],
1941 &status, pkt_load); 2092 &status, pkt_load, rate);
1942 tid_agg_rx->stored_mpdu_num--; 2093 tid_agg_rx->stored_mpdu_num--;
1943 tid_agg_rx->reorder_buf[index] = NULL; 2094 tid_agg_rx->reorder_buf[index] = NULL;
1944 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num); 2095 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num);
@@ -1973,11 +2124,12 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
1973 2124
1974 qc = skb->data + ieee80211_get_hdrlen(fc) - QOS_CONTROL_LEN; 2125 qc = skb->data + ieee80211_get_hdrlen(fc) - QOS_CONTROL_LEN;
1975 tid = qc[0] & QOS_CONTROL_TID_MASK; 2126 tid = qc[0] & QOS_CONTROL_TID_MASK;
1976 tid_agg_rx = &(sta->ampdu_mlme.tid_rx[tid]);
1977 2127
1978 if (tid_agg_rx->state != HT_AGG_STATE_OPERATIONAL) 2128 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_OPERATIONAL)
1979 goto end_reorder; 2129 goto end_reorder;
1980 2130
2131 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
2132
1981 /* null data frames are excluded */ 2133 /* null data frames are excluded */
1982 if (unlikely(fc & IEEE80211_STYPE_NULLFUNC)) 2134 if (unlikely(fc & IEEE80211_STYPE_NULLFUNC))
1983 goto end_reorder; 2135 goto end_reorder;
@@ -1994,7 +2146,7 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
1994 /* if this mpdu is fragmented - terminate rx aggregation session */ 2146 /* if this mpdu is fragmented - terminate rx aggregation session */
1995 sc = le16_to_cpu(hdr->seq_ctrl); 2147 sc = le16_to_cpu(hdr->seq_ctrl);
1996 if (sc & IEEE80211_SCTL_FRAG) { 2148 if (sc & IEEE80211_SCTL_FRAG) {
1997 ieee80211_sta_stop_rx_ba_session(sta->dev, sta->addr, 2149 ieee80211_sta_stop_rx_ba_session(sta->sdata->dev, sta->addr,
1998 tid, 0, WLAN_REASON_QSTA_REQUIRE_SETUP); 2150 tid, 0, WLAN_REASON_QSTA_REQUIRE_SETUP);
1999 ret = 1; 2151 ret = 1;
2000 goto end_reorder; 2152 goto end_reorder;
@@ -2004,9 +2156,7 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2004 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4; 2156 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4;
2005 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb, 2157 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb,
2006 mpdu_seq_num, 0); 2158 mpdu_seq_num, 0);
2007end_reorder: 2159 end_reorder:
2008 if (sta)
2009 sta_info_put(sta);
2010 return ret; 2160 return ret;
2011} 2161}
2012 2162
@@ -2019,6 +2169,25 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2019{ 2169{
2020 struct ieee80211_local *local = hw_to_local(hw); 2170 struct ieee80211_local *local = hw_to_local(hw);
2021 u32 pkt_load; 2171 u32 pkt_load;
2172 struct ieee80211_rate *rate = NULL;
2173 struct ieee80211_supported_band *sband;
2174
2175 if (status->band < 0 ||
2176 status->band > IEEE80211_NUM_BANDS) {
2177 WARN_ON(1);
2178 return;
2179 }
2180
2181 sband = local->hw.wiphy->bands[status->band];
2182
2183 if (!sband ||
2184 status->rate_idx < 0 ||
2185 status->rate_idx >= sband->n_bitrates) {
2186 WARN_ON(1);
2187 return;
2188 }
2189
2190 rate = &sband->bitrates[status->rate_idx];
2022 2191
2023 /* 2192 /*
2024 * key references and virtual interfaces are protected using RCU 2193 * key references and virtual interfaces are protected using RCU
@@ -2033,17 +2202,17 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2033 * if it was previously present. 2202 * if it was previously present.
2034 * Also, frames with less than 16 bytes are dropped. 2203 * Also, frames with less than 16 bytes are dropped.
2035 */ 2204 */
2036 skb = ieee80211_rx_monitor(local, skb, status); 2205 skb = ieee80211_rx_monitor(local, skb, status, rate);
2037 if (!skb) { 2206 if (!skb) {
2038 rcu_read_unlock(); 2207 rcu_read_unlock();
2039 return; 2208 return;
2040 } 2209 }
2041 2210
2042 pkt_load = ieee80211_rx_load_stats(local, skb, status); 2211 pkt_load = ieee80211_rx_load_stats(local, skb, status, rate);
2043 local->channel_use_raw += pkt_load; 2212 local->channel_use_raw += pkt_load;
2044 2213
2045 if (!ieee80211_rx_reorder_ampdu(local, skb)) 2214 if (!ieee80211_rx_reorder_ampdu(local, skb))
2046 __ieee80211_rx_handle_packet(hw, skb, status, pkt_load); 2215 __ieee80211_rx_handle_packet(hw, skb, status, pkt_load, rate);
2047 2216
2048 rcu_read_unlock(); 2217 rcu_read_unlock();
2049} 2218}
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 1f74bd296357..f708367092d1 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -15,21 +15,52 @@
15#include <linux/skbuff.h> 15#include <linux/skbuff.h>
16#include <linux/if_arp.h> 16#include <linux/if_arp.h>
17#include <linux/timer.h> 17#include <linux/timer.h>
18#include <linux/rtnetlink.h>
18 19
19#include <net/mac80211.h> 20#include <net/mac80211.h>
20#include "ieee80211_i.h" 21#include "ieee80211_i.h"
21#include "ieee80211_rate.h" 22#include "ieee80211_rate.h"
22#include "sta_info.h" 23#include "sta_info.h"
23#include "debugfs_sta.h" 24#include "debugfs_sta.h"
25#include "mesh.h"
24 26
25/* Caller must hold local->sta_lock */ 27/**
26static void sta_info_hash_add(struct ieee80211_local *local, 28 * DOC: STA information lifetime rules
27 struct sta_info *sta) 29 *
28{ 30 * STA info structures (&struct sta_info) are managed in a hash table
29 sta->hnext = local->sta_hash[STA_HASH(sta->addr)]; 31 * for faster lookup and a list for iteration. They are managed using
30 local->sta_hash[STA_HASH(sta->addr)] = sta; 32 * RCU, i.e. access to the list and hash table is protected by RCU.
31} 33 *
32 34 * Upon allocating a STA info structure with sta_info_alloc(), the caller owns
35 * that structure. It must then either destroy it using sta_info_destroy()
36 * (which is pretty useless) or insert it into the hash table using
37 * sta_info_insert() which demotes the reference from ownership to a regular
38 * RCU-protected reference; if the function is called without protection by an
39 * RCU critical section the reference is instantly invalidated.
40 *
41 * Because there are debugfs entries for each station, and adding those
42 * must be able to sleep, it is also possible to "pin" a station entry,
43 * that means it can be removed from the hash table but not be freed.
44 * See the comment in __sta_info_unlink() for more information.
45 *
46 * In order to remove a STA info structure, the caller needs to first
47 * unlink it (sta_info_unlink()) from the list and hash tables and
48 * then wait for an RCU synchronisation before it can be freed. Due to
49 * the pinning and the possibility of multiple callers trying to remove
50 * the same STA info at the same time, sta_info_unlink() can clear the
51 * STA info pointer it is passed to indicate that the STA info is owned
52 * by somebody else now.
53 *
54 * If sta_info_unlink() did not clear the pointer then the caller owns
55 * the STA info structure now and is responsible of destroying it with
56 * a call to sta_info_destroy(), not before RCU synchronisation, of
57 * course. Note that sta_info_destroy() must be protected by the RTNL.
58 *
59 * In all other cases, there is no concept of ownership on a STA entry,
60 * each structure is owned by the global hash table/list until it is
61 * removed. All users of the structure need to be RCU protected so that
62 * the structure won't be freed before they are done using it.
63 */
33 64
34/* Caller must hold local->sta_lock */ 65/* Caller must hold local->sta_lock */
35static int sta_info_hash_del(struct ieee80211_local *local, 66static int sta_info_hash_del(struct ieee80211_local *local,
@@ -41,159 +72,240 @@ static int sta_info_hash_del(struct ieee80211_local *local,
41 if (!s) 72 if (!s)
42 return -ENOENT; 73 return -ENOENT;
43 if (s == sta) { 74 if (s == sta) {
44 local->sta_hash[STA_HASH(sta->addr)] = s->hnext; 75 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)],
76 s->hnext);
45 return 0; 77 return 0;
46 } 78 }
47 79
48 while (s->hnext && s->hnext != sta) 80 while (s->hnext && s->hnext != sta)
49 s = s->hnext; 81 s = s->hnext;
50 if (s->hnext) { 82 if (s->hnext) {
51 s->hnext = sta->hnext; 83 rcu_assign_pointer(s->hnext, sta->hnext);
52 return 0; 84 return 0;
53 } 85 }
54 86
55 return -ENOENT; 87 return -ENOENT;
56} 88}
57 89
58struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr) 90/* protected by RCU */
91static struct sta_info *__sta_info_find(struct ieee80211_local *local,
92 u8 *addr)
59{ 93{
60 struct sta_info *sta; 94 struct sta_info *sta;
61 95
62 read_lock_bh(&local->sta_lock); 96 sta = rcu_dereference(local->sta_hash[STA_HASH(addr)]);
63 sta = local->sta_hash[STA_HASH(addr)];
64 while (sta) { 97 while (sta) {
65 if (memcmp(sta->addr, addr, ETH_ALEN) == 0) { 98 if (compare_ether_addr(sta->addr, addr) == 0)
66 __sta_info_get(sta);
67 break; 99 break;
68 } 100 sta = rcu_dereference(sta->hnext);
69 sta = sta->hnext;
70 } 101 }
71 read_unlock_bh(&local->sta_lock);
72
73 return sta; 102 return sta;
74} 103}
104
105struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr)
106{
107 return __sta_info_find(local, addr);
108}
75EXPORT_SYMBOL(sta_info_get); 109EXPORT_SYMBOL(sta_info_get);
76 110
77int sta_info_min_txrate_get(struct ieee80211_local *local) 111struct sta_info *sta_info_get_by_idx(struct ieee80211_local *local, int idx,
112 struct net_device *dev)
78{ 113{
79 struct sta_info *sta; 114 struct sta_info *sta;
80 struct ieee80211_hw_mode *mode; 115 int i = 0;
81 int min_txrate = 9999999; 116
82 int i; 117 list_for_each_entry_rcu(sta, &local->sta_list, list) {
83 118 if (dev && dev != sta->sdata->dev)
84 read_lock_bh(&local->sta_lock); 119 continue;
85 mode = local->oper_hw_mode; 120 if (i < idx) {
86 for (i = 0; i < STA_HASH_SIZE; i++) { 121 ++i;
87 sta = local->sta_hash[i]; 122 continue;
88 while (sta) {
89 if (sta->txrate < min_txrate)
90 min_txrate = sta->txrate;
91 sta = sta->hnext;
92 } 123 }
124 return sta;
93 } 125 }
94 read_unlock_bh(&local->sta_lock);
95 if (min_txrate == 9999999)
96 min_txrate = 0;
97 126
98 return mode->rates[min_txrate].rate; 127 return NULL;
99} 128}
100 129
101 130void sta_info_destroy(struct sta_info *sta)
102static void sta_info_release(struct kref *kref)
103{ 131{
104 struct sta_info *sta = container_of(kref, struct sta_info, kref);
105 struct ieee80211_local *local = sta->local; 132 struct ieee80211_local *local = sta->local;
106 struct sk_buff *skb; 133 struct sk_buff *skb;
107 int i; 134 int i;
135 DECLARE_MAC_BUF(mbuf);
136
137 if (!sta)
138 return;
139
140 ASSERT_RTNL();
141 might_sleep();
142
143 rate_control_remove_sta_debugfs(sta);
144 ieee80211_sta_debugfs_remove(sta);
145
146#ifdef CONFIG_MAC80211_MESH
147 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
148 mesh_plink_deactivate(sta);
149#endif
150
151 /*
152 * NOTE: This will call synchronize_rcu() internally to
153 * make sure no key references can be in use. We rely on
154 * that here for the mesh code!
155 */
156 ieee80211_key_free(sta->key);
157 WARN_ON(sta->key);
158
159#ifdef CONFIG_MAC80211_MESH
160 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
161 del_timer_sync(&sta->plink_timer);
162#endif
108 163
109 /* free sta structure; it has already been removed from
110 * hash table etc. external structures. Make sure that all
111 * buffered frames are release (one might have been added
112 * after sta_info_free() was called). */
113 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 164 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
114 local->total_ps_buffered--; 165 local->total_ps_buffered--;
115 dev_kfree_skb_any(skb); 166 dev_kfree_skb_any(skb);
116 } 167 }
117 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 168
169 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL)
118 dev_kfree_skb_any(skb); 170 dev_kfree_skb_any(skb);
171
172 for (i = 0; i < STA_TID_NUM; i++) {
173 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
174 if (sta->ampdu_mlme.tid_rx[i])
175 del_timer_sync(&sta->ampdu_mlme.tid_rx[i]->session_timer);
176 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
177 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
178 if (sta->ampdu_mlme.tid_tx[i])
179 del_timer_sync(&sta->ampdu_mlme.tid_tx[i]->addba_resp_timer);
180 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
119 } 181 }
120 for (i = 0; i < STA_TID_NUM; i++) 182
121 del_timer_sync(&sta->ampdu_mlme.tid_rx[i].session_timer);
122 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv); 183 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv);
123 rate_control_put(sta->rate_ctrl); 184 rate_control_put(sta->rate_ctrl);
185
186#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
187 printk(KERN_DEBUG "%s: Destroyed STA %s\n",
188 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr));
189#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
190
124 kfree(sta); 191 kfree(sta);
125} 192}
126 193
127 194
128void sta_info_put(struct sta_info *sta) 195/* Caller must hold local->sta_lock */
196static void sta_info_hash_add(struct ieee80211_local *local,
197 struct sta_info *sta)
129{ 198{
130 kref_put(&sta->kref, sta_info_release); 199 sta->hnext = local->sta_hash[STA_HASH(sta->addr)];
200 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)], sta);
131} 201}
132EXPORT_SYMBOL(sta_info_put);
133
134 202
135struct sta_info * sta_info_add(struct ieee80211_local *local, 203struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
136 struct net_device *dev, u8 *addr, gfp_t gfp) 204 u8 *addr, gfp_t gfp)
137{ 205{
206 struct ieee80211_local *local = sdata->local;
138 struct sta_info *sta; 207 struct sta_info *sta;
139 int i; 208 int i;
140 DECLARE_MAC_BUF(mac); 209 DECLARE_MAC_BUF(mbuf);
141 210
142 sta = kzalloc(sizeof(*sta), gfp); 211 sta = kzalloc(sizeof(*sta), gfp);
143 if (!sta) 212 if (!sta)
144 return NULL; 213 return NULL;
145 214
146 kref_init(&sta->kref); 215 memcpy(sta->addr, addr, ETH_ALEN);
216 sta->local = local;
217 sta->sdata = sdata;
147 218
148 sta->rate_ctrl = rate_control_get(local->rate_ctrl); 219 sta->rate_ctrl = rate_control_get(local->rate_ctrl);
149 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl, gfp); 220 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl,
221 gfp);
150 if (!sta->rate_ctrl_priv) { 222 if (!sta->rate_ctrl_priv) {
151 rate_control_put(sta->rate_ctrl); 223 rate_control_put(sta->rate_ctrl);
152 kfree(sta); 224 kfree(sta);
153 return NULL; 225 return NULL;
154 } 226 }
155 227
156 memcpy(sta->addr, addr, ETH_ALEN);
157 sta->local = local;
158 sta->dev = dev;
159 spin_lock_init(&sta->ampdu_mlme.ampdu_rx); 228 spin_lock_init(&sta->ampdu_mlme.ampdu_rx);
229 spin_lock_init(&sta->ampdu_mlme.ampdu_tx);
160 for (i = 0; i < STA_TID_NUM; i++) { 230 for (i = 0; i < STA_TID_NUM; i++) {
161 /* timer_to_tid must be initialized with identity mapping to 231 /* timer_to_tid must be initialized with identity mapping to
162 * enable session_timer's data differentiation. refer to 232 * enable session_timer's data differentiation. refer to
163 * sta_rx_agg_session_timer_expired for useage */ 233 * sta_rx_agg_session_timer_expired for useage */
164 sta->timer_to_tid[i] = i; 234 sta->timer_to_tid[i] = i;
165 /* rx timers */ 235 /* tid to tx queue: initialize according to HW (0 is valid) */
166 sta->ampdu_mlme.tid_rx[i].session_timer.function = 236 sta->tid_to_tx_q[i] = local->hw.queues;
167 sta_rx_agg_session_timer_expired; 237 /* rx */
168 sta->ampdu_mlme.tid_rx[i].session_timer.data = 238 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE;
169 (unsigned long)&sta->timer_to_tid[i]; 239 sta->ampdu_mlme.tid_rx[i] = NULL;
170 init_timer(&sta->ampdu_mlme.tid_rx[i].session_timer); 240 /* tx */
241 sta->ampdu_mlme.tid_state_tx[i] = HT_AGG_STATE_IDLE;
242 sta->ampdu_mlme.tid_tx[i] = NULL;
243 sta->ampdu_mlme.addba_req_num[i] = 0;
171 } 244 }
172 skb_queue_head_init(&sta->ps_tx_buf); 245 skb_queue_head_init(&sta->ps_tx_buf);
173 skb_queue_head_init(&sta->tx_filtered); 246 skb_queue_head_init(&sta->tx_filtered);
174 __sta_info_get(sta); /* sta used by caller, decremented by 247
175 * sta_info_put() */ 248#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
176 write_lock_bh(&local->sta_lock); 249 printk(KERN_DEBUG "%s: Allocated STA %s\n",
250 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr));
251#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
252
253#ifdef CONFIG_MAC80211_MESH
254 sta->plink_state = PLINK_LISTEN;
255 spin_lock_init(&sta->plink_lock);
256 init_timer(&sta->plink_timer);
257#endif
258
259 return sta;
260}
261
262int sta_info_insert(struct sta_info *sta)
263{
264 struct ieee80211_local *local = sta->local;
265 struct ieee80211_sub_if_data *sdata = sta->sdata;
266 unsigned long flags;
267 DECLARE_MAC_BUF(mac);
268
269 /*
270 * Can't be a WARN_ON because it can be triggered through a race:
271 * something inserts a STA (on one CPU) without holding the RTNL
272 * and another CPU turns off the net device.
273 */
274 if (unlikely(!netif_running(sdata->dev)))
275 return -ENETDOWN;
276
277 if (WARN_ON(compare_ether_addr(sta->addr, sdata->dev->dev_addr) == 0))
278 return -EINVAL;
279
280 if (WARN_ON(is_multicast_ether_addr(sta->addr)))
281 return -EINVAL;
282
283 spin_lock_irqsave(&local->sta_lock, flags);
284 /* check if STA exists already */
285 if (__sta_info_find(local, sta->addr)) {
286 spin_unlock_irqrestore(&local->sta_lock, flags);
287 return -EEXIST;
288 }
177 list_add(&sta->list, &local->sta_list); 289 list_add(&sta->list, &local->sta_list);
178 local->num_sta++; 290 local->num_sta++;
179 sta_info_hash_add(local, sta); 291 sta_info_hash_add(local, sta);
180 if (local->ops->sta_notify) {
181 struct ieee80211_sub_if_data *sdata;
182 292
183 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 293 /* notify driver */
294 if (local->ops->sta_notify) {
184 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 295 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN)
185 sdata = sdata->u.vlan.ap; 296 sdata = sdata->u.vlan.ap;
186 297
187 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 298 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
188 STA_NOTIFY_ADD, addr); 299 STA_NOTIFY_ADD, sta->addr);
189 } 300 }
190 write_unlock_bh(&local->sta_lock);
191 301
192#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 302#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
193 printk(KERN_DEBUG "%s: Added STA %s\n", 303 printk(KERN_DEBUG "%s: Inserted STA %s\n",
194 wiphy_name(local->hw.wiphy), print_mac(mac, addr)); 304 wiphy_name(local->hw.wiphy), print_mac(mac, sta->addr));
195#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 305#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
196 306
307 spin_unlock_irqrestore(&local->sta_lock, flags);
308
197#ifdef CONFIG_MAC80211_DEBUGFS 309#ifdef CONFIG_MAC80211_DEBUGFS
198 /* debugfs entry adding might sleep, so schedule process 310 /* debugfs entry adding might sleep, so schedule process
199 * context task for adding entry for STAs that do not yet 311 * context task for adding entry for STAs that do not yet
@@ -201,77 +313,185 @@ struct sta_info * sta_info_add(struct ieee80211_local *local,
201 queue_work(local->hw.workqueue, &local->sta_debugfs_add); 313 queue_work(local->hw.workqueue, &local->sta_debugfs_add);
202#endif 314#endif
203 315
204 return sta; 316 if (ieee80211_vif_is_mesh(&sdata->vif))
317 mesh_accept_plinks_update(sdata);
318
319 return 0;
205} 320}
206 321
207/* Caller must hold local->sta_lock */ 322static inline void __bss_tim_set(struct ieee80211_if_ap *bss, u16 aid)
208void sta_info_remove(struct sta_info *sta)
209{ 323{
210 struct ieee80211_local *local = sta->local; 324 /*
211 struct ieee80211_sub_if_data *sdata; 325 * This format has been mandated by the IEEE specifications,
326 * so this line may not be changed to use the __set_bit() format.
327 */
328 bss->tim[aid / 8] |= (1 << (aid % 8));
329}
212 330
213 /* don't do anything if we've been removed already */ 331static inline void __bss_tim_clear(struct ieee80211_if_ap *bss, u16 aid)
214 if (sta_info_hash_del(local, sta)) 332{
215 return; 333 /*
334 * This format has been mandated by the IEEE specifications,
335 * so this line may not be changed to use the __clear_bit() format.
336 */
337 bss->tim[aid / 8] &= ~(1 << (aid % 8));
338}
216 339
217 list_del(&sta->list); 340static void __sta_info_set_tim_bit(struct ieee80211_if_ap *bss,
218 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 341 struct sta_info *sta)
219 if (sta->flags & WLAN_STA_PS) { 342{
220 sta->flags &= ~WLAN_STA_PS; 343 if (bss)
221 if (sdata->bss) 344 __bss_tim_set(bss, sta->aid);
222 atomic_dec(&sdata->bss->num_sta_ps); 345 if (sta->local->ops->set_tim) {
346 sta->local->tim_in_locked_section = true;
347 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 1);
348 sta->local->tim_in_locked_section = false;
223 } 349 }
224 local->num_sta--; 350}
225 sta_info_remove_aid_ptr(sta); 351
352void sta_info_set_tim_bit(struct sta_info *sta)
353{
354 unsigned long flags;
226 355
356 spin_lock_irqsave(&sta->local->sta_lock, flags);
357 __sta_info_set_tim_bit(sta->sdata->bss, sta);
358 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
227} 359}
228 360
229void sta_info_free(struct sta_info *sta) 361static void __sta_info_clear_tim_bit(struct ieee80211_if_ap *bss,
362 struct sta_info *sta)
230{ 363{
231 struct sk_buff *skb; 364 if (bss)
232 struct ieee80211_local *local = sta->local; 365 __bss_tim_clear(bss, sta->aid);
233 DECLARE_MAC_BUF(mac); 366 if (sta->local->ops->set_tim) {
367 sta->local->tim_in_locked_section = true;
368 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 0);
369 sta->local->tim_in_locked_section = false;
370 }
371}
234 372
235 might_sleep(); 373void sta_info_clear_tim_bit(struct sta_info *sta)
374{
375 unsigned long flags;
236 376
237 write_lock_bh(&local->sta_lock); 377 spin_lock_irqsave(&sta->local->sta_lock, flags);
238 sta_info_remove(sta); 378 __sta_info_clear_tim_bit(sta->sdata->bss, sta);
239 write_unlock_bh(&local->sta_lock); 379 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
380}
240 381
241 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 382/*
242 local->total_ps_buffered--; 383 * See comment in __sta_info_unlink,
243 dev_kfree_skb(skb); 384 * caller must hold local->sta_lock.
244 } 385 */
245 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) { 386static void __sta_info_pin(struct sta_info *sta)
246 dev_kfree_skb(skb); 387{
247 } 388 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_NORMAL);
389 sta->pin_status = STA_INFO_PIN_STAT_PINNED;
390}
248 391
392/*
393 * See comment in __sta_info_unlink, returns sta if it
394 * needs to be destroyed.
395 */
396static struct sta_info *__sta_info_unpin(struct sta_info *sta)
397{
398 struct sta_info *ret = NULL;
399 unsigned long flags;
400
401 spin_lock_irqsave(&sta->local->sta_lock, flags);
402 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_DESTROY &&
403 sta->pin_status != STA_INFO_PIN_STAT_PINNED);
404 if (sta->pin_status == STA_INFO_PIN_STAT_DESTROY)
405 ret = sta;
406 sta->pin_status = STA_INFO_PIN_STAT_NORMAL;
407 spin_unlock_irqrestore(&sta->local->sta_lock, flags);
408
409 return ret;
410}
411
412static void __sta_info_unlink(struct sta_info **sta)
413{
414 struct ieee80211_local *local = (*sta)->local;
415 struct ieee80211_sub_if_data *sdata = (*sta)->sdata;
249#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 416#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
250 printk(KERN_DEBUG "%s: Removed STA %s\n", 417 DECLARE_MAC_BUF(mbuf);
251 wiphy_name(local->hw.wiphy), print_mac(mac, sta->addr)); 418#endif
252#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 419 /*
420 * pull caller's reference if we're already gone.
421 */
422 if (sta_info_hash_del(local, *sta)) {
423 *sta = NULL;
424 return;
425 }
253 426
254 ieee80211_key_free(sta->key); 427 /*
255 sta->key = NULL; 428 * Also pull caller's reference if the STA is pinned by the
429 * task that is adding the debugfs entries. In that case, we
430 * leave the STA "to be freed".
431 *
432 * The rules are not trivial, but not too complex either:
433 * (1) pin_status is only modified under the sta_lock
434 * (2) sta_info_debugfs_add_work() will set the status
435 * to PINNED when it found an item that needs a new
436 * debugfs directory created. In that case, that item
437 * must not be freed although all *RCU* users are done
438 * with it. Hence, we tell the caller of _unlink()
439 * that the item is already gone (as can happen when
440 * two tasks try to unlink/destroy at the same time)
441 * (3) We set the pin_status to DESTROY here when we
442 * find such an item.
443 * (4) sta_info_debugfs_add_work() will reset the pin_status
444 * from PINNED to NORMAL when it is done with the item,
445 * but will check for DESTROY before resetting it in
446 * which case it will free the item.
447 */
448 if ((*sta)->pin_status == STA_INFO_PIN_STAT_PINNED) {
449 (*sta)->pin_status = STA_INFO_PIN_STAT_DESTROY;
450 *sta = NULL;
451 return;
452 }
256 453
257 if (local->ops->sta_notify) { 454 list_del(&(*sta)->list);
258 struct ieee80211_sub_if_data *sdata;
259 455
260 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev); 456 if ((*sta)->flags & WLAN_STA_PS) {
457 (*sta)->flags &= ~WLAN_STA_PS;
458 if (sdata->bss)
459 atomic_dec(&sdata->bss->num_sta_ps);
460 __sta_info_clear_tim_bit(sdata->bss, *sta);
461 }
261 462
463 local->num_sta--;
464
465 if (local->ops->sta_notify) {
262 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 466 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN)
263 sdata = sdata->u.vlan.ap; 467 sdata = sdata->u.vlan.ap;
264 468
265 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 469 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
266 STA_NOTIFY_REMOVE, sta->addr); 470 STA_NOTIFY_REMOVE, (*sta)->addr);
267 } 471 }
268 472
269 rate_control_remove_sta_debugfs(sta); 473 if (ieee80211_vif_is_mesh(&sdata->vif)) {
270 ieee80211_sta_debugfs_remove(sta); 474 mesh_accept_plinks_update(sdata);
475#ifdef CONFIG_MAC80211_MESH
476 del_timer(&(*sta)->plink_timer);
477#endif
478 }
271 479
272 sta_info_put(sta); 480#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
481 printk(KERN_DEBUG "%s: Removed STA %s\n",
482 wiphy_name(local->hw.wiphy), print_mac(mbuf, (*sta)->addr));
483#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
273} 484}
274 485
486void sta_info_unlink(struct sta_info **sta)
487{
488 struct ieee80211_local *local = (*sta)->local;
489 unsigned long flags;
490
491 spin_lock_irqsave(&local->sta_lock, flags);
492 __sta_info_unlink(sta);
493 spin_unlock_irqrestore(&local->sta_lock, flags);
494}
275 495
276static inline int sta_info_buffer_expired(struct ieee80211_local *local, 496static inline int sta_info_buffer_expired(struct ieee80211_local *local,
277 struct sta_info *sta, 497 struct sta_info *sta,
@@ -299,6 +519,7 @@ static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
299{ 519{
300 unsigned long flags; 520 unsigned long flags;
301 struct sk_buff *skb; 521 struct sk_buff *skb;
522 struct ieee80211_sub_if_data *sdata;
302 DECLARE_MAC_BUF(mac); 523 DECLARE_MAC_BUF(mac);
303 524
304 if (skb_queue_empty(&sta->ps_tx_buf)) 525 if (skb_queue_empty(&sta->ps_tx_buf))
@@ -307,21 +528,23 @@ static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
307 for (;;) { 528 for (;;) {
308 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags); 529 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags);
309 skb = skb_peek(&sta->ps_tx_buf); 530 skb = skb_peek(&sta->ps_tx_buf);
310 if (sta_info_buffer_expired(local, sta, skb)) { 531 if (sta_info_buffer_expired(local, sta, skb))
311 skb = __skb_dequeue(&sta->ps_tx_buf); 532 skb = __skb_dequeue(&sta->ps_tx_buf);
312 if (skb_queue_empty(&sta->ps_tx_buf)) 533 else
313 sta->flags &= ~WLAN_STA_TIM;
314 } else
315 skb = NULL; 534 skb = NULL;
316 spin_unlock_irqrestore(&sta->ps_tx_buf.lock, flags); 535 spin_unlock_irqrestore(&sta->ps_tx_buf.lock, flags);
317 536
318 if (skb) { 537 if (!skb)
319 local->total_ps_buffered--;
320 printk(KERN_DEBUG "Buffered frame expired (STA "
321 "%s)\n", print_mac(mac, sta->addr));
322 dev_kfree_skb(skb);
323 } else
324 break; 538 break;
539
540 sdata = sta->sdata;
541 local->total_ps_buffered--;
542 printk(KERN_DEBUG "Buffered frame expired (STA "
543 "%s)\n", print_mac(mac, sta->addr));
544 dev_kfree_skb(skb);
545
546 if (skb_queue_empty(&sta->ps_tx_buf))
547 sta_info_clear_tim_bit(sta);
325 } 548 }
326} 549}
327 550
@@ -331,13 +554,10 @@ static void sta_info_cleanup(unsigned long data)
331 struct ieee80211_local *local = (struct ieee80211_local *) data; 554 struct ieee80211_local *local = (struct ieee80211_local *) data;
332 struct sta_info *sta; 555 struct sta_info *sta;
333 556
334 read_lock_bh(&local->sta_lock); 557 rcu_read_lock();
335 list_for_each_entry(sta, &local->sta_list, list) { 558 list_for_each_entry_rcu(sta, &local->sta_list, list)
336 __sta_info_get(sta);
337 sta_info_cleanup_expire_buffered(local, sta); 559 sta_info_cleanup_expire_buffered(local, sta);
338 sta_info_put(sta); 560 rcu_read_unlock();
339 }
340 read_unlock_bh(&local->sta_lock);
341 561
342 local->sta_cleanup.expires = 562 local->sta_cleanup.expires =
343 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 563 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL);
@@ -345,37 +565,45 @@ static void sta_info_cleanup(unsigned long data)
345} 565}
346 566
347#ifdef CONFIG_MAC80211_DEBUGFS 567#ifdef CONFIG_MAC80211_DEBUGFS
348static void sta_info_debugfs_add_task(struct work_struct *work) 568static void sta_info_debugfs_add_work(struct work_struct *work)
349{ 569{
350 struct ieee80211_local *local = 570 struct ieee80211_local *local =
351 container_of(work, struct ieee80211_local, sta_debugfs_add); 571 container_of(work, struct ieee80211_local, sta_debugfs_add);
352 struct sta_info *sta, *tmp; 572 struct sta_info *sta, *tmp;
573 unsigned long flags;
353 574
354 while (1) { 575 while (1) {
355 sta = NULL; 576 sta = NULL;
356 read_lock_bh(&local->sta_lock); 577
578 spin_lock_irqsave(&local->sta_lock, flags);
357 list_for_each_entry(tmp, &local->sta_list, list) { 579 list_for_each_entry(tmp, &local->sta_list, list) {
358 if (!tmp->debugfs.dir) { 580 if (!tmp->debugfs.dir) {
359 sta = tmp; 581 sta = tmp;
360 __sta_info_get(sta); 582 __sta_info_pin(sta);
361 break; 583 break;
362 } 584 }
363 } 585 }
364 read_unlock_bh(&local->sta_lock); 586 spin_unlock_irqrestore(&local->sta_lock, flags);
365 587
366 if (!sta) 588 if (!sta)
367 break; 589 break;
368 590
369 ieee80211_sta_debugfs_add(sta); 591 ieee80211_sta_debugfs_add(sta);
370 rate_control_add_sta_debugfs(sta); 592 rate_control_add_sta_debugfs(sta);
371 sta_info_put(sta); 593
594 sta = __sta_info_unpin(sta);
595
596 if (sta) {
597 synchronize_rcu();
598 sta_info_destroy(sta);
599 }
372 } 600 }
373} 601}
374#endif 602#endif
375 603
376void sta_info_init(struct ieee80211_local *local) 604void sta_info_init(struct ieee80211_local *local)
377{ 605{
378 rwlock_init(&local->sta_lock); 606 spin_lock_init(&local->sta_lock);
379 INIT_LIST_HEAD(&local->sta_list); 607 INIT_LIST_HEAD(&local->sta_list);
380 608
381 setup_timer(&local->sta_cleanup, sta_info_cleanup, 609 setup_timer(&local->sta_cleanup, sta_info_cleanup,
@@ -384,7 +612,7 @@ void sta_info_init(struct ieee80211_local *local)
384 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 612 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL);
385 613
386#ifdef CONFIG_MAC80211_DEBUGFS 614#ifdef CONFIG_MAC80211_DEBUGFS
387 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_task); 615 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_work);
388#endif 616#endif
389} 617}
390 618
@@ -400,44 +628,40 @@ void sta_info_stop(struct ieee80211_local *local)
400 sta_info_flush(local, NULL); 628 sta_info_flush(local, NULL);
401} 629}
402 630
403void sta_info_remove_aid_ptr(struct sta_info *sta)
404{
405 struct ieee80211_sub_if_data *sdata;
406
407 if (sta->aid <= 0)
408 return;
409
410 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
411
412 if (sdata->local->ops->set_tim)
413 sdata->local->ops->set_tim(local_to_hw(sdata->local),
414 sta->aid, 0);
415 if (sdata->bss)
416 __bss_tim_clear(sdata->bss, sta->aid);
417}
418
419
420/** 631/**
421 * sta_info_flush - flush matching STA entries from the STA table 632 * sta_info_flush - flush matching STA entries from the STA table
633 *
634 * Returns the number of removed STA entries.
635 *
422 * @local: local interface data 636 * @local: local interface data
423 * @dev: matching rule for the net device (sta->dev) or %NULL to match all STAs 637 * @sdata: matching rule for the net device (sta->dev) or %NULL to match all STAs
424 */ 638 */
425void sta_info_flush(struct ieee80211_local *local, struct net_device *dev) 639int sta_info_flush(struct ieee80211_local *local,
640 struct ieee80211_sub_if_data *sdata)
426{ 641{
427 struct sta_info *sta, *tmp; 642 struct sta_info *sta, *tmp;
428 LIST_HEAD(tmp_list); 643 LIST_HEAD(tmp_list);
644 int ret = 0;
645 unsigned long flags;
429 646
430 write_lock_bh(&local->sta_lock); 647 might_sleep();
431 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
432 if (!dev || dev == sta->dev) {
433 __sta_info_get(sta);
434 sta_info_remove(sta);
435 list_add_tail(&sta->list, &tmp_list);
436 }
437 write_unlock_bh(&local->sta_lock);
438 648
439 list_for_each_entry_safe(sta, tmp, &tmp_list, list) { 649 spin_lock_irqsave(&local->sta_lock, flags);
440 sta_info_free(sta); 650 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
441 sta_info_put(sta); 651 if (!sdata || sdata == sta->sdata) {
652 __sta_info_unlink(&sta);
653 if (sta) {
654 list_add_tail(&sta->list, &tmp_list);
655 ret++;
656 }
657 }
442 } 658 }
659 spin_unlock_irqrestore(&local->sta_lock, flags);
660
661 synchronize_rcu();
662
663 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
664 sta_info_destroy(sta);
665
666 return ret;
443} 667}
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 96fe3ed95038..5e39a4164b9b 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -12,160 +12,293 @@
12#include <linux/list.h> 12#include <linux/list.h>
13#include <linux/types.h> 13#include <linux/types.h>
14#include <linux/if_ether.h> 14#include <linux/if_ether.h>
15#include <linux/kref.h>
16#include "ieee80211_key.h" 15#include "ieee80211_key.h"
17 16
18/* Stations flags (struct sta_info::flags) */ 17/**
19#define WLAN_STA_AUTH BIT(0) 18 * enum ieee80211_sta_info_flags - Stations flags
20#define WLAN_STA_ASSOC BIT(1) 19 *
21#define WLAN_STA_PS BIT(2) 20 * These flags are used with &struct sta_info's @flags member.
22#define WLAN_STA_TIM BIT(3) /* TIM bit is on for PS stations */ 21 *
23#define WLAN_STA_PERM BIT(4) /* permanent; do not remove entry on expiration */ 22 * @WLAN_STA_AUTH: Station is authenticated.
24#define WLAN_STA_AUTHORIZED BIT(5) /* If 802.1X is used, this flag is 23 * @WLAN_STA_ASSOC: Station is associated.
25 * controlling whether STA is authorized to 24 * @WLAN_STA_PS: Station is in power-save mode
26 * send and receive non-IEEE 802.1X frames 25 * @WLAN_STA_AUTHORIZED: Station is authorized to send/receive traffic.
27 */ 26 * This bit is always checked so needs to be enabled for all stations
28#define WLAN_STA_SHORT_PREAMBLE BIT(7) 27 * when virtual port control is not in use.
29/* whether this is an AP that we are associated with as a client */ 28 * @WLAN_STA_SHORT_PREAMBLE: Station is capable of receiving short-preamble
30#define WLAN_STA_ASSOC_AP BIT(8) 29 * frames.
31#define WLAN_STA_WME BIT(9) 30 * @WLAN_STA_ASSOC_AP: We're associated to that station, it is an AP.
32#define WLAN_STA_WDS BIT(27) 31 * @WLAN_STA_WME: Station is a QoS-STA.
32 * @WLAN_STA_WDS: Station is one of our WDS peers.
33 * @WLAN_STA_PSPOLL: Station has just PS-polled us.
34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
35 * IEEE80211_TXCTL_CLEAR_PS_FILT control flag) when the next
36 * frame to this station is transmitted.
37 */
38enum ieee80211_sta_info_flags {
39 WLAN_STA_AUTH = 1<<0,
40 WLAN_STA_ASSOC = 1<<1,
41 WLAN_STA_PS = 1<<2,
42 WLAN_STA_AUTHORIZED = 1<<3,
43 WLAN_STA_SHORT_PREAMBLE = 1<<4,
44 WLAN_STA_ASSOC_AP = 1<<5,
45 WLAN_STA_WME = 1<<6,
46 WLAN_STA_WDS = 1<<7,
47 WLAN_STA_PSPOLL = 1<<8,
48 WLAN_STA_CLEAR_PS_FILT = 1<<9,
49};
33 50
34#define STA_TID_NUM 16 51#define STA_TID_NUM 16
35#define ADDBA_RESP_INTERVAL HZ 52#define ADDBA_RESP_INTERVAL HZ
53#define HT_AGG_MAX_RETRIES (0x3)
36 54
37#define HT_AGG_STATE_INITIATOR_SHIFT (4) 55#define HT_AGG_STATE_INITIATOR_SHIFT (4)
38 56
57#define HT_ADDBA_REQUESTED_MSK BIT(0)
58#define HT_ADDBA_DRV_READY_MSK BIT(1)
59#define HT_ADDBA_RECEIVED_MSK BIT(2)
39#define HT_AGG_STATE_REQ_STOP_BA_MSK BIT(3) 60#define HT_AGG_STATE_REQ_STOP_BA_MSK BIT(3)
40 61#define HT_AGG_STATE_INITIATOR_MSK BIT(HT_AGG_STATE_INITIATOR_SHIFT)
41#define HT_AGG_STATE_IDLE (0x0) 62#define HT_AGG_STATE_IDLE (0x0)
42#define HT_AGG_STATE_OPERATIONAL (0x7) 63#define HT_AGG_STATE_OPERATIONAL (HT_ADDBA_REQUESTED_MSK | \
64 HT_ADDBA_DRV_READY_MSK | \
65 HT_ADDBA_RECEIVED_MSK)
66#define HT_AGG_STATE_DEBUGFS_CTL BIT(7)
43 67
44/** 68/**
45 * struct tid_ampdu_rx - TID aggregation information (Rx). 69 * struct tid_ampdu_tx - TID aggregation information (Tx).
46 * 70 *
47 * @state: TID's state in session state machine. 71 * @addba_resp_timer: timer for peer's response to addba request
72 * @ssn: Starting Sequence Number expected to be aggregated.
48 * @dialog_token: dialog token for aggregation session 73 * @dialog_token: dialog token for aggregation session
74 */
75struct tid_ampdu_tx {
76 struct timer_list addba_resp_timer;
77 u16 ssn;
78 u8 dialog_token;
79};
80
81/**
82 * struct tid_ampdu_rx - TID aggregation information (Rx).
83 *
84 * @reorder_buf: buffer to reorder incoming aggregated MPDUs
85 * @session_timer: check if peer keeps Tx-ing on the TID (by timeout value)
86 * @head_seq_num: head sequence number in reordering buffer.
87 * @stored_mpdu_num: number of MPDUs in reordering buffer
49 * @ssn: Starting Sequence Number expected to be aggregated. 88 * @ssn: Starting Sequence Number expected to be aggregated.
50 * @buf_size: buffer size for incoming A-MPDUs 89 * @buf_size: buffer size for incoming A-MPDUs
51 * @timeout: reset timer value. 90 * @timeout: reset timer value.
52 * @head_seq_num: head sequence number in reordering buffer. 91 * @dialog_token: dialog token for aggregation session
53 * @stored_mpdu_num: number of MPDUs in reordering buffer
54 * @reorder_buf: buffer to reorder incoming aggregated MPDUs
55 * @session_timer: check if peer keeps Tx-ing on the TID (by timeout value)
56 */ 92 */
57struct tid_ampdu_rx { 93struct tid_ampdu_rx {
58 u8 state; 94 struct sk_buff **reorder_buf;
59 u8 dialog_token; 95 struct timer_list session_timer;
96 u16 head_seq_num;
97 u16 stored_mpdu_num;
60 u16 ssn; 98 u16 ssn;
61 u16 buf_size; 99 u16 buf_size;
62 u16 timeout; 100 u16 timeout;
63 u16 head_seq_num; 101 u8 dialog_token;
64 u16 stored_mpdu_num; 102};
65 struct sk_buff **reorder_buf; 103
66 struct timer_list session_timer; 104/**
105 * enum plink_state - state of a mesh peer link finite state machine
106 *
107 * @PLINK_LISTEN: initial state, considered the implicit state of non existant
108 * mesh peer links
109 * @PLINK_OPN_SNT: mesh plink open frame has been sent to this mesh peer
110 * @PLINK_OPN_RCVD: mesh plink open frame has been received from this mesh peer
111 * @PLINK_CNF_RCVD: mesh plink confirm frame has been received from this mesh
112 * peer
113 * @PLINK_ESTAB: mesh peer link is established
114 * @PLINK_HOLDING: mesh peer link is being closed or cancelled
115 * @PLINK_BLOCKED: all frames transmitted from this mesh plink are discarded
116 */
117enum plink_state {
118 PLINK_LISTEN,
119 PLINK_OPN_SNT,
120 PLINK_OPN_RCVD,
121 PLINK_CNF_RCVD,
122 PLINK_ESTAB,
123 PLINK_HOLDING,
124 PLINK_BLOCKED
67}; 125};
68 126
69/** 127/**
70 * struct sta_ampdu_mlme - STA aggregation information. 128 * struct sta_ampdu_mlme - STA aggregation information.
71 * 129 *
72 * @tid_agg_info_rx: aggregation info for Rx per TID 130 * @tid_state_rx: TID's state in Rx session state machine.
131 * @tid_rx: aggregation info for Rx per TID
73 * @ampdu_rx: for locking sections in aggregation Rx flow 132 * @ampdu_rx: for locking sections in aggregation Rx flow
133 * @tid_state_tx: TID's state in Tx session state machine.
134 * @tid_tx: aggregation info for Tx per TID
135 * @addba_req_num: number of times addBA request has been sent.
136 * @ampdu_tx: for locking sectionsi in aggregation Tx flow
137 * @dialog_token_allocator: dialog token enumerator for each new session;
74 */ 138 */
75struct sta_ampdu_mlme { 139struct sta_ampdu_mlme {
76 struct tid_ampdu_rx tid_rx[STA_TID_NUM]; 140 /* rx */
141 u8 tid_state_rx[STA_TID_NUM];
142 struct tid_ampdu_rx *tid_rx[STA_TID_NUM];
77 spinlock_t ampdu_rx; 143 spinlock_t ampdu_rx;
144 /* tx */
145 u8 tid_state_tx[STA_TID_NUM];
146 struct tid_ampdu_tx *tid_tx[STA_TID_NUM];
147 u8 addba_req_num[STA_TID_NUM];
148 spinlock_t ampdu_tx;
149 u8 dialog_token_allocator;
78}; 150};
79 151
152
153/* see __sta_info_unlink */
154#define STA_INFO_PIN_STAT_NORMAL 0
155#define STA_INFO_PIN_STAT_PINNED 1
156#define STA_INFO_PIN_STAT_DESTROY 2
157
158/**
159 * struct sta_info - STA information
160 *
161 * This structure collects information about a station that
162 * mac80211 is communicating with.
163 *
164 * @list: global linked list entry
165 * @hnext: hash table linked list pointer
166 * @local: pointer to the global information
167 * @addr: MAC address of this STA
168 * @aid: STA's unique AID (1..2007, 0 = not assigned yet),
169 * only used in AP (and IBSS?) mode
170 * @flags: STA flags, see &enum ieee80211_sta_info_flags
171 * @ps_tx_buf: buffer of frames to transmit to this station
172 * when it leaves power saving state
173 * @tx_filtered: buffer of frames we already tried to transmit
174 * but were filtered by hardware due to STA having entered
175 * power saving state
176 * @rx_packets: Number of MSDUs received from this STA
177 * @rx_bytes: Number of bytes received from this STA
178 * @supp_rates: Bitmap of supported rates (per band)
179 * @ht_info: HT capabilities of this STA
180 */
80struct sta_info { 181struct sta_info {
81 struct kref kref; 182 /* General information, mostly static */
82 struct list_head list; 183 struct list_head list;
83 struct sta_info *hnext; /* next entry in hash table list */ 184 struct sta_info *hnext;
84
85 struct ieee80211_local *local; 185 struct ieee80211_local *local;
86 186 struct ieee80211_sub_if_data *sdata;
87 u8 addr[ETH_ALEN];
88 u16 aid; /* STA's unique AID (1..2007), 0 = not yet assigned */
89 u32 flags; /* WLAN_STA_ */
90
91 struct sk_buff_head ps_tx_buf; /* buffer of TX frames for station in
92 * power saving state */
93 int pspoll; /* whether STA has send a PS Poll frame */
94 struct sk_buff_head tx_filtered; /* buffer of TX frames that were
95 * already given to low-level driver,
96 * but were filtered */
97 int clear_dst_mask;
98
99 unsigned long rx_packets, tx_packets; /* number of RX/TX MSDUs */
100 unsigned long rx_bytes, tx_bytes;
101 unsigned long tx_retry_failed, tx_retry_count;
102 unsigned long tx_filtered_count;
103
104 unsigned int wep_weak_iv_count; /* number of RX frames with weak IV */
105
106 unsigned long last_rx;
107 u32 supp_rates; /* bitmap of supported rates in local->curr_rates */
108 int txrate; /* index in local->curr_rates */
109 int last_txrate; /* last rate used to send a frame to this STA */
110 int last_nonerp_idx;
111
112 struct net_device *dev; /* which net device is this station associated
113 * to */
114
115 struct ieee80211_key *key; 187 struct ieee80211_key *key;
116
117 u32 tx_num_consecutive_failures;
118 u32 tx_num_mpdu_ok;
119 u32 tx_num_mpdu_fail;
120
121 struct rate_control_ref *rate_ctrl; 188 struct rate_control_ref *rate_ctrl;
122 void *rate_ctrl_priv; 189 void *rate_ctrl_priv;
190 struct ieee80211_ht_info ht_info;
191 u64 supp_rates[IEEE80211_NUM_BANDS];
192 u8 addr[ETH_ALEN];
193 u16 aid;
194 u16 listen_interval;
123 195
124 /* last received seq/frag number from this STA (per RX queue) */ 196 /*
125 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES]; 197 * for use by the internal lifetime management,
198 * see __sta_info_unlink
199 */
200 u8 pin_status;
201
202 /* frequently updated information, needs locking? */
203 u32 flags;
204
205 /*
206 * STA powersave frame queues, no more than the internal
207 * locking required.
208 */
209 struct sk_buff_head ps_tx_buf;
210 struct sk_buff_head tx_filtered;
211
212 /* Updated from RX path only, no locking requirements */
213 unsigned long rx_packets, rx_bytes;
214 unsigned long wep_weak_iv_count;
215 unsigned long last_rx;
126 unsigned long num_duplicates; /* number of duplicate frames received 216 unsigned long num_duplicates; /* number of duplicate frames received
127 * from this STA */ 217 * from this STA */
128 unsigned long tx_fragments; /* number of transmitted MPDUs */
129 unsigned long rx_fragments; /* number of received MPDUs */ 218 unsigned long rx_fragments; /* number of received MPDUs */
130 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */ 219 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */
131
132 int last_rssi; /* RSSI of last received frame from this STA */ 220 int last_rssi; /* RSSI of last received frame from this STA */
133 int last_signal; /* signal of last received frame from this STA */ 221 int last_signal; /* signal of last received frame from this STA */
134 int last_noise; /* noise of last received frame from this STA */ 222 int last_noise; /* noise of last received frame from this STA */
135 int last_ack_rssi[3]; /* RSSI of last received ACKs from this STA */ 223 /* last received seq/frag number from this STA (per RX queue) */
136 unsigned long last_ack; 224 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES];
137 int channel_use;
138 int channel_use_raw;
139
140#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 225#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
141 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES]; 226 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES];
227#endif
228
229 /* Updated from TX status path only, no locking requirements */
230 unsigned long tx_filtered_count;
231 unsigned long tx_retry_failed, tx_retry_count;
232 /* TODO: update in generic code not rate control? */
233 u32 tx_num_consecutive_failures;
234 u32 tx_num_mpdu_ok;
235 u32 tx_num_mpdu_fail;
236 /* moving percentage of failed MSDUs */
237 unsigned int fail_avg;
238
239 /* Updated from TX path only, no locking requirements */
240 unsigned long tx_packets; /* number of RX/TX MSDUs */
241 unsigned long tx_bytes;
242 unsigned long tx_fragments; /* number of transmitted MPDUs */
243 int txrate_idx;
244 int last_txrate_idx;
245#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
142 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES]; 246 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
143#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */ 247#endif
144 248
145 u16 listen_interval; 249 /* Debug counters, no locking doesn't matter */
250 int channel_use;
251 int channel_use_raw;
146 252
147 struct ieee80211_ht_info ht_info; /* 802.11n HT capabilities 253 /*
148 of this STA */ 254 * Aggregation information, comes with own locking.
255 */
149 struct sta_ampdu_mlme ampdu_mlme; 256 struct sta_ampdu_mlme ampdu_mlme;
150 u8 timer_to_tid[STA_TID_NUM]; /* convert timer id to tid */ 257 u8 timer_to_tid[STA_TID_NUM]; /* identity mapping to ID timers */
258 u8 tid_to_tx_q[STA_TID_NUM]; /* map tid to tx queue */
259
260#ifdef CONFIG_MAC80211_MESH
261 /*
262 * Mesh peer link attributes
263 * TODO: move to a sub-structure that is referenced with pointer?
264 */
265 __le16 llid; /* Local link ID */
266 __le16 plid; /* Peer link ID */
267 __le16 reason; /* Cancel reason on PLINK_HOLDING state */
268 u8 plink_retries; /* Retries in establishment */
269 bool ignore_plink_timer;
270 enum plink_state plink_state;
271 u32 plink_timeout;
272 struct timer_list plink_timer;
273 spinlock_t plink_lock; /* For peer_state reads / updates and other
274 updates in the structure. Ensures robust
275 transitions for the peerlink FSM */
276#endif
151 277
152#ifdef CONFIG_MAC80211_DEBUGFS 278#ifdef CONFIG_MAC80211_DEBUGFS
153 struct sta_info_debugfsdentries { 279 struct sta_info_debugfsdentries {
154 struct dentry *dir; 280 struct dentry *dir;
155 struct dentry *flags; 281 struct dentry *flags;
156 struct dentry *num_ps_buf_frames; 282 struct dentry *num_ps_buf_frames;
157 struct dentry *last_ack_rssi;
158 struct dentry *last_ack_ms;
159 struct dentry *inactive_ms; 283 struct dentry *inactive_ms;
160 struct dentry *last_seq_ctrl; 284 struct dentry *last_seq_ctrl;
161#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 285#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
162 struct dentry *wme_rx_queue; 286 struct dentry *wme_rx_queue;
163 struct dentry *wme_tx_queue; 287 struct dentry *wme_tx_queue;
164#endif 288#endif
289 struct dentry *agg_status;
165 } debugfs; 290 } debugfs;
166#endif 291#endif
167}; 292};
168 293
294static inline enum plink_state sta_plink_state(struct sta_info *sta)
295{
296#ifdef CONFIG_MAC80211_MESH
297 return sta->plink_state;
298#endif
299 return PLINK_LISTEN;
300}
301
169 302
170/* Maximum number of concurrently registered stations */ 303/* Maximum number of concurrently registered stations */
171#define MAX_STA_COUNT 2007 304#define MAX_STA_COUNT 2007
@@ -185,22 +318,44 @@ struct sta_info {
185 */ 318 */
186#define STA_INFO_CLEANUP_INTERVAL (10 * HZ) 319#define STA_INFO_CLEANUP_INTERVAL (10 * HZ)
187 320
188static inline void __sta_info_get(struct sta_info *sta) 321/*
189{ 322 * Get a STA info, must have be under RCU read lock.
190 kref_get(&sta->kref); 323 */
191} 324struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr);
325/*
326 * Get STA info by index, BROKEN!
327 */
328struct sta_info *sta_info_get_by_idx(struct ieee80211_local *local, int idx,
329 struct net_device *dev);
330/*
331 * Create a new STA info, caller owns returned structure
332 * until sta_info_insert().
333 */
334struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
335 u8 *addr, gfp_t gfp);
336/*
337 * Insert STA info into hash table/list, returns zero or a
338 * -EEXIST if (if the same MAC address is already present).
339 *
340 * Calling this without RCU protection makes the caller
341 * relinquish its reference to @sta.
342 */
343int sta_info_insert(struct sta_info *sta);
344/*
345 * Unlink a STA info from the hash table/list.
346 * This can NULL the STA pointer if somebody else
347 * has already unlinked it.
348 */
349void sta_info_unlink(struct sta_info **sta);
350
351void sta_info_destroy(struct sta_info *sta);
352void sta_info_set_tim_bit(struct sta_info *sta);
353void sta_info_clear_tim_bit(struct sta_info *sta);
192 354
193struct sta_info * sta_info_get(struct ieee80211_local *local, u8 *addr);
194int sta_info_min_txrate_get(struct ieee80211_local *local);
195void sta_info_put(struct sta_info *sta);
196struct sta_info * sta_info_add(struct ieee80211_local *local,
197 struct net_device *dev, u8 *addr, gfp_t gfp);
198void sta_info_remove(struct sta_info *sta);
199void sta_info_free(struct sta_info *sta);
200void sta_info_init(struct ieee80211_local *local); 355void sta_info_init(struct ieee80211_local *local);
201int sta_info_start(struct ieee80211_local *local); 356int sta_info_start(struct ieee80211_local *local);
202void sta_info_stop(struct ieee80211_local *local); 357void sta_info_stop(struct ieee80211_local *local);
203void sta_info_remove_aid_ptr(struct sta_info *sta); 358int sta_info_flush(struct ieee80211_local *local,
204void sta_info_flush(struct ieee80211_local *local, struct net_device *dev); 359 struct ieee80211_sub_if_data *sdata);
205 360
206#endif /* STA_INFO_H */ 361#endif /* STA_INFO_H */
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index 3abe194e4d55..45d59f19c29f 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -214,6 +214,59 @@ void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
214 key->u.tkip.iv16, rc4key); 214 key->u.tkip.iv16, rc4key);
215} 215}
216 216
217void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
218 struct sk_buff *skb, enum ieee80211_tkip_key_type type,
219 u8 *outkey)
220{
221 struct ieee80211_key *key = (struct ieee80211_key *)
222 container_of(keyconf, struct ieee80211_key, conf);
223 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
224 u8 *data = (u8 *) hdr;
225 u16 fc = le16_to_cpu(hdr->frame_control);
226 int hdr_len = ieee80211_get_hdrlen(fc);
227 u8 *ta = hdr->addr2;
228 u16 iv16;
229 u32 iv32;
230
231 iv16 = data[hdr_len] << 8;
232 iv16 += data[hdr_len + 2];
233 iv32 = data[hdr_len + 4] +
234 (data[hdr_len + 5] >> 8) +
235 (data[hdr_len + 6] >> 16) +
236 (data[hdr_len + 7] >> 24);
237
238#ifdef CONFIG_TKIP_DEBUG
239 printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
240 iv16, iv32);
241
242 if (iv32 != key->u.tkip.iv32) {
243 printk(KERN_DEBUG "skb: iv32 = 0x%08x key: iv32 = 0x%08x\n",
244 iv32, key->u.tkip.iv32);
245 printk(KERN_DEBUG "Wrap around of iv16 in the middle of a "
246 "fragmented packet\n");
247 }
248#endif /* CONFIG_TKIP_DEBUG */
249
250 /* Update the p1k only when the iv16 in the packet wraps around, this
251 * might occur after the wrap around of iv16 in the key in case of
252 * fragmented packets. */
253 if (iv16 == 0 || !key->u.tkip.tx_initialized) {
254 /* IV16 wrapped around - perform TKIP phase 1 */
255 tkip_mixing_phase1(ta, &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY],
256 iv32, key->u.tkip.p1k);
257 key->u.tkip.tx_initialized = 1;
258 }
259
260 if (type == IEEE80211_TKIP_P1_KEY) {
261 memcpy(outkey, key->u.tkip.p1k, sizeof(u16) * 5);
262 return;
263 }
264
265 tkip_mixing_phase2(key->u.tkip.p1k,
266 &key->conf.key[ALG_TKIP_TEMP_ENCR_KEY], iv16, outkey);
267}
268EXPORT_SYMBOL(ieee80211_get_tkip_key);
269
217/* Encrypt packet payload with TKIP using @key. @pos is a pointer to the 270/* Encrypt packet payload with TKIP using @key. @pos is a pointer to the
218 * beginning of the buffer containing payload. This payload must include 271 * beginning of the buffer containing payload. This payload must include
219 * headroom of eight octets for IV and Ext. IV and taildroom of four octets 272 * headroom of eight octets for IV and Ext. IV and taildroom of four octets
@@ -238,7 +291,7 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
238int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, 291int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
239 struct ieee80211_key *key, 292 struct ieee80211_key *key,
240 u8 *payload, size_t payload_len, u8 *ta, 293 u8 *payload, size_t payload_len, u8 *ta,
241 int only_iv, int queue, 294 u8 *ra, int only_iv, int queue,
242 u32 *out_iv32, u16 *out_iv16) 295 u32 *out_iv32, u16 *out_iv16)
243{ 296{
244 u32 iv32; 297 u32 iv32;
@@ -315,6 +368,19 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
315 printk("\n"); 368 printk("\n");
316 } 369 }
317#endif /* CONFIG_TKIP_DEBUG */ 370#endif /* CONFIG_TKIP_DEBUG */
371 if (key->local->ops->update_tkip_key &&
372 key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
373 u8 bcast[ETH_ALEN] =
374 {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
375 u8 *sta_addr = key->sta->addr;
376
377 if (is_multicast_ether_addr(ra))
378 sta_addr = bcast;
379
380 key->local->ops->update_tkip_key(
381 local_to_hw(key->local), &key->conf,
382 sta_addr, iv32, key->u.tkip.p1k_rx[queue]);
383 }
318 } 384 }
319 385
320 tkip_mixing_phase2(key->u.tkip.p1k_rx[queue], 386 tkip_mixing_phase2(key->u.tkip.p1k_rx[queue],
diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h
index 73d8ef2a93b0..ffaee3253e19 100644
--- a/net/mac80211/tkip.h
+++ b/net/mac80211/tkip.h
@@ -31,7 +31,7 @@ enum {
31int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, 31int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
32 struct ieee80211_key *key, 32 struct ieee80211_key *key,
33 u8 *payload, size_t payload_len, u8 *ta, 33 u8 *payload, size_t payload_len, u8 *ta,
34 int only_iv, int queue, 34 u8 *ra, int only_iv, int queue,
35 u32 *out_iv32, u16 *out_iv16); 35 u32 *out_iv32, u16 *out_iv16);
36 36
37#endif /* TKIP_H */ 37#endif /* TKIP_H */
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 67b509edd431..80f4343a3007 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -26,6 +26,7 @@
26 26
27#include "ieee80211_i.h" 27#include "ieee80211_i.h"
28#include "ieee80211_led.h" 28#include "ieee80211_led.h"
29#include "mesh.h"
29#include "wep.h" 30#include "wep.h"
30#include "wpa.h" 31#include "wpa.h"
31#include "wme.h" 32#include "wme.h"
@@ -86,15 +87,19 @@ static inline void ieee80211_dump_frame(const char *ifname, const char *title,
86} 87}
87#endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */ 88#endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
88 89
89static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr, 90static u16 ieee80211_duration(struct ieee80211_tx_data *tx, int group_addr,
90 int next_frag_len) 91 int next_frag_len)
91{ 92{
92 int rate, mrate, erp, dur, i; 93 int rate, mrate, erp, dur, i;
93 struct ieee80211_rate *txrate = tx->u.tx.rate; 94 struct ieee80211_rate *txrate = tx->rate;
94 struct ieee80211_local *local = tx->local; 95 struct ieee80211_local *local = tx->local;
95 struct ieee80211_hw_mode *mode = tx->u.tx.mode; 96 struct ieee80211_supported_band *sband;
96 97
97 erp = txrate->flags & IEEE80211_RATE_ERP; 98 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
99
100 erp = 0;
101 if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
102 erp = txrate->flags & IEEE80211_RATE_ERP_G;
98 103
99 /* 104 /*
100 * data and mgmt (except PS Poll): 105 * data and mgmt (except PS Poll):
@@ -150,20 +155,36 @@ static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr,
150 * Mandatory rates for IEEE 802.11g PHY: 1, 2, 5.5, 11, 6, 12, 24 Mbps 155 * Mandatory rates for IEEE 802.11g PHY: 1, 2, 5.5, 11, 6, 12, 24 Mbps
151 */ 156 */
152 rate = -1; 157 rate = -1;
153 mrate = 10; /* use 1 Mbps if everything fails */ 158 /* use lowest available if everything fails */
154 for (i = 0; i < mode->num_rates; i++) { 159 mrate = sband->bitrates[0].bitrate;
155 struct ieee80211_rate *r = &mode->rates[i]; 160 for (i = 0; i < sband->n_bitrates; i++) {
156 if (r->rate > txrate->rate) 161 struct ieee80211_rate *r = &sband->bitrates[i];
157 break;
158 162
159 if (IEEE80211_RATE_MODULATION(txrate->flags) != 163 if (r->bitrate > txrate->bitrate)
160 IEEE80211_RATE_MODULATION(r->flags)) 164 break;
161 continue;
162 165
163 if (r->flags & IEEE80211_RATE_BASIC) 166 if (tx->sdata->basic_rates & BIT(i))
164 rate = r->rate; 167 rate = r->bitrate;
165 else if (r->flags & IEEE80211_RATE_MANDATORY) 168
166 mrate = r->rate; 169 switch (sband->band) {
170 case IEEE80211_BAND_2GHZ: {
171 u32 flag;
172 if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
173 flag = IEEE80211_RATE_MANDATORY_G;
174 else
175 flag = IEEE80211_RATE_MANDATORY_B;
176 if (r->flags & flag)
177 mrate = r->bitrate;
178 break;
179 }
180 case IEEE80211_BAND_5GHZ:
181 if (r->flags & IEEE80211_RATE_MANDATORY_A)
182 mrate = r->bitrate;
183 break;
184 case IEEE80211_NUM_BANDS:
185 WARN_ON(1);
186 break;
187 }
167 } 188 }
168 if (rate == -1) { 189 if (rate == -1) {
169 /* No matching basic rate found; use highest suitable mandatory 190 /* No matching basic rate found; use highest suitable mandatory
@@ -184,7 +205,7 @@ static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr,
184 dur *= 2; /* ACK + SIFS */ 205 dur *= 2; /* ACK + SIFS */
185 /* next fragment */ 206 /* next fragment */
186 dur += ieee80211_frame_duration(local, next_frag_len, 207 dur += ieee80211_frame_duration(local, next_frag_len,
187 txrate->rate, erp, 208 txrate->bitrate, erp,
188 tx->sdata->bss_conf.use_short_preamble); 209 tx->sdata->bss_conf.use_short_preamble);
189 } 210 }
190 211
@@ -212,8 +233,8 @@ static int inline is_ieee80211_device(struct net_device *dev,
212 233
213/* tx handlers */ 234/* tx handlers */
214 235
215static ieee80211_txrx_result 236static ieee80211_tx_result
216ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx) 237ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
217{ 238{
218#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 239#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
219 struct sk_buff *skb = tx->skb; 240 struct sk_buff *skb = tx->skb;
@@ -221,20 +242,23 @@ ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
221#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 242#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
222 u32 sta_flags; 243 u32 sta_flags;
223 244
224 if (unlikely(tx->flags & IEEE80211_TXRXD_TX_INJECTED)) 245 if (unlikely(tx->flags & IEEE80211_TX_INJECTED))
225 return TXRX_CONTINUE; 246 return TX_CONTINUE;
226 247
227 if (unlikely(tx->local->sta_sw_scanning) && 248 if (unlikely(tx->local->sta_sw_scanning) &&
228 ((tx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT || 249 ((tx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
229 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ)) 250 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ))
230 return TXRX_DROP; 251 return TX_DROP;
231 252
232 if (tx->flags & IEEE80211_TXRXD_TXPS_BUFFERED) 253 if (tx->sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT)
233 return TXRX_CONTINUE; 254 return TX_CONTINUE;
255
256 if (tx->flags & IEEE80211_TX_PS_BUFFERED)
257 return TX_CONTINUE;
234 258
235 sta_flags = tx->sta ? tx->sta->flags : 0; 259 sta_flags = tx->sta ? tx->sta->flags : 0;
236 260
237 if (likely(tx->flags & IEEE80211_TXRXD_TXUNICAST)) { 261 if (likely(tx->flags & IEEE80211_TX_UNICAST)) {
238 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) && 262 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) &&
239 tx->sdata->vif.type != IEEE80211_IF_TYPE_IBSS && 263 tx->sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
240 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) { 264 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
@@ -245,7 +269,7 @@ ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
245 tx->dev->name, print_mac(mac, hdr->addr1)); 269 tx->dev->name, print_mac(mac, hdr->addr1));
246#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 270#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
247 I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc); 271 I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc);
248 return TXRX_DROP; 272 return TX_DROP;
249 } 273 }
250 } else { 274 } else {
251 if (unlikely((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA && 275 if (unlikely((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
@@ -255,23 +279,23 @@ ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
255 * No associated STAs - no need to send multicast 279 * No associated STAs - no need to send multicast
256 * frames. 280 * frames.
257 */ 281 */
258 return TXRX_DROP; 282 return TX_DROP;
259 } 283 }
260 return TXRX_CONTINUE; 284 return TX_CONTINUE;
261 } 285 }
262 286
263 return TXRX_CONTINUE; 287 return TX_CONTINUE;
264} 288}
265 289
266static ieee80211_txrx_result 290static ieee80211_tx_result
267ieee80211_tx_h_sequence(struct ieee80211_txrx_data *tx) 291ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx)
268{ 292{
269 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; 293 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
270 294
271 if (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control)) >= 24) 295 if (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control)) >= 24)
272 ieee80211_include_sequence(tx->sdata, hdr); 296 ieee80211_include_sequence(tx->sdata, hdr);
273 297
274 return TXRX_CONTINUE; 298 return TX_CONTINUE;
275} 299}
276 300
277/* This function is called whenever the AP is about to exceed the maximum limit 301/* This function is called whenever the AP is about to exceed the maximum limit
@@ -303,10 +327,8 @@ static void purge_old_ps_buffers(struct ieee80211_local *local)
303 } 327 }
304 total += skb_queue_len(&ap->ps_bc_buf); 328 total += skb_queue_len(&ap->ps_bc_buf);
305 } 329 }
306 rcu_read_unlock();
307 330
308 read_lock_bh(&local->sta_lock); 331 list_for_each_entry_rcu(sta, &local->sta_list, list) {
309 list_for_each_entry(sta, &local->sta_list, list) {
310 skb = skb_dequeue(&sta->ps_tx_buf); 332 skb = skb_dequeue(&sta->ps_tx_buf);
311 if (skb) { 333 if (skb) {
312 purged++; 334 purged++;
@@ -314,15 +336,16 @@ static void purge_old_ps_buffers(struct ieee80211_local *local)
314 } 336 }
315 total += skb_queue_len(&sta->ps_tx_buf); 337 total += skb_queue_len(&sta->ps_tx_buf);
316 } 338 }
317 read_unlock_bh(&local->sta_lock); 339
340 rcu_read_unlock();
318 341
319 local->total_ps_buffered = total; 342 local->total_ps_buffered = total;
320 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n", 343 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n",
321 wiphy_name(local->hw.wiphy), purged); 344 wiphy_name(local->hw.wiphy), purged);
322} 345}
323 346
324static ieee80211_txrx_result 347static ieee80211_tx_result
325ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx) 348ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
326{ 349{
327 /* 350 /*
328 * broadcast/multicast frame 351 * broadcast/multicast frame
@@ -334,11 +357,11 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx)
334 357
335 /* not AP/IBSS or ordered frame */ 358 /* not AP/IBSS or ordered frame */
336 if (!tx->sdata->bss || (tx->fc & IEEE80211_FCTL_ORDER)) 359 if (!tx->sdata->bss || (tx->fc & IEEE80211_FCTL_ORDER))
337 return TXRX_CONTINUE; 360 return TX_CONTINUE;
338 361
339 /* no stations in PS mode */ 362 /* no stations in PS mode */
340 if (!atomic_read(&tx->sdata->bss->num_sta_ps)) 363 if (!atomic_read(&tx->sdata->bss->num_sta_ps))
341 return TXRX_CONTINUE; 364 return TX_CONTINUE;
342 365
343 /* buffered in mac80211 */ 366 /* buffered in mac80211 */
344 if (tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING) { 367 if (tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING) {
@@ -355,17 +378,17 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx)
355 } else 378 } else
356 tx->local->total_ps_buffered++; 379 tx->local->total_ps_buffered++;
357 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb); 380 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb);
358 return TXRX_QUEUED; 381 return TX_QUEUED;
359 } 382 }
360 383
361 /* buffered in hardware */ 384 /* buffered in hardware */
362 tx->u.tx.control->flags |= IEEE80211_TXCTL_SEND_AFTER_DTIM; 385 tx->control->flags |= IEEE80211_TXCTL_SEND_AFTER_DTIM;
363 386
364 return TXRX_CONTINUE; 387 return TX_CONTINUE;
365} 388}
366 389
367static ieee80211_txrx_result 390static ieee80211_tx_result
368ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx) 391ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
369{ 392{
370 struct sta_info *sta = tx->sta; 393 struct sta_info *sta = tx->sta;
371 DECLARE_MAC_BUF(mac); 394 DECLARE_MAC_BUF(mac);
@@ -373,9 +396,10 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
373 if (unlikely(!sta || 396 if (unlikely(!sta ||
374 ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT && 397 ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT &&
375 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP))) 398 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP)))
376 return TXRX_CONTINUE; 399 return TX_CONTINUE;
377 400
378 if (unlikely((sta->flags & WLAN_STA_PS) && !sta->pspoll)) { 401 if (unlikely((sta->flags & WLAN_STA_PS) &&
402 !(sta->flags & WLAN_STA_PSPOLL))) {
379 struct ieee80211_tx_packet_data *pkt_data; 403 struct ieee80211_tx_packet_data *pkt_data;
380#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 404#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
381 printk(KERN_DEBUG "STA %s aid %d: PS buffer (entries " 405 printk(KERN_DEBUG "STA %s aid %d: PS buffer (entries "
@@ -383,7 +407,6 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
383 print_mac(mac, sta->addr), sta->aid, 407 print_mac(mac, sta->addr), sta->aid,
384 skb_queue_len(&sta->ps_tx_buf)); 408 skb_queue_len(&sta->ps_tx_buf));
385#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 409#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
386 sta->flags |= WLAN_STA_TIM;
387 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER) 410 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
388 purge_old_ps_buffers(tx->local); 411 purge_old_ps_buffers(tx->local);
389 if (skb_queue_len(&sta->ps_tx_buf) >= STA_MAX_TX_BUFFER) { 412 if (skb_queue_len(&sta->ps_tx_buf) >= STA_MAX_TX_BUFFER) {
@@ -396,18 +419,15 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
396 dev_kfree_skb(old); 419 dev_kfree_skb(old);
397 } else 420 } else
398 tx->local->total_ps_buffered++; 421 tx->local->total_ps_buffered++;
422
399 /* Queue frame to be sent after STA sends an PS Poll frame */ 423 /* Queue frame to be sent after STA sends an PS Poll frame */
400 if (skb_queue_empty(&sta->ps_tx_buf)) { 424 if (skb_queue_empty(&sta->ps_tx_buf))
401 if (tx->local->ops->set_tim) 425 sta_info_set_tim_bit(sta);
402 tx->local->ops->set_tim(local_to_hw(tx->local), 426
403 sta->aid, 1);
404 if (tx->sdata->bss)
405 bss_tim_set(tx->local, tx->sdata->bss, sta->aid);
406 }
407 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb; 427 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb;
408 pkt_data->jiffies = jiffies; 428 pkt_data->jiffies = jiffies;
409 skb_queue_tail(&sta->ps_tx_buf, tx->skb); 429 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
410 return TXRX_QUEUED; 430 return TX_QUEUED;
411 } 431 }
412#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 432#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
413 else if (unlikely(sta->flags & WLAN_STA_PS)) { 433 else if (unlikely(sta->flags & WLAN_STA_PS)) {
@@ -416,40 +436,40 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
416 print_mac(mac, sta->addr)); 436 print_mac(mac, sta->addr));
417 } 437 }
418#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 438#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
419 sta->pspoll = 0; 439 sta->flags &= ~WLAN_STA_PSPOLL;
420 440
421 return TXRX_CONTINUE; 441 return TX_CONTINUE;
422} 442}
423 443
424static ieee80211_txrx_result 444static ieee80211_tx_result
425ieee80211_tx_h_ps_buf(struct ieee80211_txrx_data *tx) 445ieee80211_tx_h_ps_buf(struct ieee80211_tx_data *tx)
426{ 446{
427 if (unlikely(tx->flags & IEEE80211_TXRXD_TXPS_BUFFERED)) 447 if (unlikely(tx->flags & IEEE80211_TX_PS_BUFFERED))
428 return TXRX_CONTINUE; 448 return TX_CONTINUE;
429 449
430 if (tx->flags & IEEE80211_TXRXD_TXUNICAST) 450 if (tx->flags & IEEE80211_TX_UNICAST)
431 return ieee80211_tx_h_unicast_ps_buf(tx); 451 return ieee80211_tx_h_unicast_ps_buf(tx);
432 else 452 else
433 return ieee80211_tx_h_multicast_ps_buf(tx); 453 return ieee80211_tx_h_multicast_ps_buf(tx);
434} 454}
435 455
436static ieee80211_txrx_result 456static ieee80211_tx_result
437ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx) 457ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
438{ 458{
439 struct ieee80211_key *key; 459 struct ieee80211_key *key;
440 u16 fc = tx->fc; 460 u16 fc = tx->fc;
441 461
442 if (unlikely(tx->u.tx.control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT)) 462 if (unlikely(tx->control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
443 tx->key = NULL; 463 tx->key = NULL;
444 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 464 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
445 tx->key = key; 465 tx->key = key;
446 else if ((key = rcu_dereference(tx->sdata->default_key))) 466 else if ((key = rcu_dereference(tx->sdata->default_key)))
447 tx->key = key; 467 tx->key = key;
448 else if (tx->sdata->drop_unencrypted && 468 else if (tx->sdata->drop_unencrypted &&
449 !(tx->u.tx.control->flags & IEEE80211_TXCTL_EAPOL_FRAME) && 469 !(tx->control->flags & IEEE80211_TXCTL_EAPOL_FRAME) &&
450 !(tx->flags & IEEE80211_TXRXD_TX_INJECTED)) { 470 !(tx->flags & IEEE80211_TX_INJECTED)) {
451 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted); 471 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
452 return TXRX_DROP; 472 return TX_DROP;
453 } else 473 } else
454 tx->key = NULL; 474 tx->key = NULL;
455 475
@@ -476,13 +496,13 @@ ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx)
476 } 496 }
477 497
478 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 498 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
479 tx->u.tx.control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 499 tx->control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
480 500
481 return TXRX_CONTINUE; 501 return TX_CONTINUE;
482} 502}
483 503
484static ieee80211_txrx_result 504static ieee80211_tx_result
485ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx) 505ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
486{ 506{
487 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data; 507 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
488 size_t hdrlen, per_fragm, num_fragm, payload_len, left; 508 size_t hdrlen, per_fragm, num_fragm, payload_len, left;
@@ -492,8 +512,8 @@ ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
492 u8 *pos; 512 u8 *pos;
493 int frag_threshold = tx->local->fragmentation_threshold; 513 int frag_threshold = tx->local->fragmentation_threshold;
494 514
495 if (!(tx->flags & IEEE80211_TXRXD_FRAGMENTED)) 515 if (!(tx->flags & IEEE80211_TX_FRAGMENTED))
496 return TXRX_CONTINUE; 516 return TX_CONTINUE;
497 517
498 first = tx->skb; 518 first = tx->skb;
499 519
@@ -544,10 +564,10 @@ ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
544 } 564 }
545 skb_trim(first, hdrlen + per_fragm); 565 skb_trim(first, hdrlen + per_fragm);
546 566
547 tx->u.tx.num_extra_frag = num_fragm - 1; 567 tx->num_extra_frag = num_fragm - 1;
548 tx->u.tx.extra_frag = frags; 568 tx->extra_frag = frags;
549 569
550 return TXRX_CONTINUE; 570 return TX_CONTINUE;
551 571
552 fail: 572 fail:
553 printk(KERN_DEBUG "%s: failed to fragment frame\n", tx->dev->name); 573 printk(KERN_DEBUG "%s: failed to fragment frame\n", tx->dev->name);
@@ -558,14 +578,14 @@ ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
558 kfree(frags); 578 kfree(frags);
559 } 579 }
560 I802_DEBUG_INC(tx->local->tx_handlers_drop_fragment); 580 I802_DEBUG_INC(tx->local->tx_handlers_drop_fragment);
561 return TXRX_DROP; 581 return TX_DROP;
562} 582}
563 583
564static ieee80211_txrx_result 584static ieee80211_tx_result
565ieee80211_tx_h_encrypt(struct ieee80211_txrx_data *tx) 585ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
566{ 586{
567 if (!tx->key) 587 if (!tx->key)
568 return TXRX_CONTINUE; 588 return TX_CONTINUE;
569 589
570 switch (tx->key->conf.alg) { 590 switch (tx->key->conf.alg) {
571 case ALG_WEP: 591 case ALG_WEP:
@@ -578,59 +598,60 @@ ieee80211_tx_h_encrypt(struct ieee80211_txrx_data *tx)
578 598
579 /* not reached */ 599 /* not reached */
580 WARN_ON(1); 600 WARN_ON(1);
581 return TXRX_DROP; 601 return TX_DROP;
582} 602}
583 603
584static ieee80211_txrx_result 604static ieee80211_tx_result
585ieee80211_tx_h_rate_ctrl(struct ieee80211_txrx_data *tx) 605ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
586{ 606{
587 struct rate_selection rsel; 607 struct rate_selection rsel;
608 struct ieee80211_supported_band *sband;
609
610 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band];
588 611
589 if (likely(!tx->u.tx.rate)) { 612 if (likely(!tx->rate)) {
590 rate_control_get_rate(tx->dev, tx->u.tx.mode, tx->skb, &rsel); 613 rate_control_get_rate(tx->dev, sband, tx->skb, &rsel);
591 tx->u.tx.rate = rsel.rate; 614 tx->rate = rsel.rate;
592 if (unlikely(rsel.probe != NULL)) { 615 if (unlikely(rsel.probe)) {
593 tx->u.tx.control->flags |= 616 tx->control->flags |=
594 IEEE80211_TXCTL_RATE_CTRL_PROBE; 617 IEEE80211_TXCTL_RATE_CTRL_PROBE;
595 tx->flags |= IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 618 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
596 tx->u.tx.control->alt_retry_rate = tx->u.tx.rate->val; 619 tx->control->alt_retry_rate = tx->rate;
597 tx->u.tx.rate = rsel.probe; 620 tx->rate = rsel.probe;
598 } else 621 } else
599 tx->u.tx.control->alt_retry_rate = -1; 622 tx->control->alt_retry_rate = NULL;
600 623
601 if (!tx->u.tx.rate) 624 if (!tx->rate)
602 return TXRX_DROP; 625 return TX_DROP;
603 } else 626 } else
604 tx->u.tx.control->alt_retry_rate = -1; 627 tx->control->alt_retry_rate = NULL;
605 628
606 if (tx->u.tx.mode->mode == MODE_IEEE80211G && 629 if (tx->sdata->bss_conf.use_cts_prot &&
607 tx->sdata->bss_conf.use_cts_prot && 630 (tx->flags & IEEE80211_TX_FRAGMENTED) && rsel.nonerp) {
608 (tx->flags & IEEE80211_TXRXD_FRAGMENTED) && rsel.nonerp) { 631 tx->last_frag_rate = tx->rate;
609 tx->u.tx.last_frag_rate = tx->u.tx.rate;
610 if (rsel.probe) 632 if (rsel.probe)
611 tx->flags &= ~IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 633 tx->flags &= ~IEEE80211_TX_PROBE_LAST_FRAG;
612 else 634 else
613 tx->flags |= IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 635 tx->flags |= IEEE80211_TX_PROBE_LAST_FRAG;
614 tx->u.tx.rate = rsel.nonerp; 636 tx->rate = rsel.nonerp;
615 tx->u.tx.control->rate = rsel.nonerp; 637 tx->control->tx_rate = rsel.nonerp;
616 tx->u.tx.control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE; 638 tx->control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
617 } else { 639 } else {
618 tx->u.tx.last_frag_rate = tx->u.tx.rate; 640 tx->last_frag_rate = tx->rate;
619 tx->u.tx.control->rate = tx->u.tx.rate; 641 tx->control->tx_rate = tx->rate;
620 } 642 }
621 tx->u.tx.control->tx_rate = tx->u.tx.rate->val; 643 tx->control->tx_rate = tx->rate;
622 644
623 return TXRX_CONTINUE; 645 return TX_CONTINUE;
624} 646}
625 647
626static ieee80211_txrx_result 648static ieee80211_tx_result
627ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx) 649ieee80211_tx_h_misc(struct ieee80211_tx_data *tx)
628{ 650{
629 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data; 651 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
630 u16 fc = le16_to_cpu(hdr->frame_control); 652 u16 fc = le16_to_cpu(hdr->frame_control);
631 u16 dur; 653 u16 dur;
632 struct ieee80211_tx_control *control = tx->u.tx.control; 654 struct ieee80211_tx_control *control = tx->control;
633 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
634 655
635 if (!control->retry_limit) { 656 if (!control->retry_limit) {
636 if (!is_multicast_ether_addr(hdr->addr1)) { 657 if (!is_multicast_ether_addr(hdr->addr1)) {
@@ -652,20 +673,20 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
652 } 673 }
653 } 674 }
654 675
655 if (tx->flags & IEEE80211_TXRXD_FRAGMENTED) { 676 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
656 /* Do not use multiple retry rates when sending fragmented 677 /* Do not use multiple retry rates when sending fragmented
657 * frames. 678 * frames.
658 * TODO: The last fragment could still use multiple retry 679 * TODO: The last fragment could still use multiple retry
659 * rates. */ 680 * rates. */
660 control->alt_retry_rate = -1; 681 control->alt_retry_rate = NULL;
661 } 682 }
662 683
663 /* Use CTS protection for unicast frames sent using extended rates if 684 /* Use CTS protection for unicast frames sent using extended rates if
664 * there are associated non-ERP stations and RTS/CTS is not configured 685 * there are associated non-ERP stations and RTS/CTS is not configured
665 * for the frame. */ 686 * for the frame. */
666 if (mode->mode == MODE_IEEE80211G && 687 if ((tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) &&
667 (tx->u.tx.rate->flags & IEEE80211_RATE_ERP) && 688 (tx->rate->flags & IEEE80211_RATE_ERP_G) &&
668 (tx->flags & IEEE80211_TXRXD_TXUNICAST) && 689 (tx->flags & IEEE80211_TX_UNICAST) &&
669 tx->sdata->bss_conf.use_cts_prot && 690 tx->sdata->bss_conf.use_cts_prot &&
670 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS)) 691 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
671 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT; 692 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
@@ -674,62 +695,76 @@ ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
674 * short preambles at the selected rate and short preambles are 695 * short preambles at the selected rate and short preambles are
675 * available on the network at the current point in time. */ 696 * available on the network at the current point in time. */
676 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) && 697 if (((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
677 (tx->u.tx.rate->flags & IEEE80211_RATE_PREAMBLE2) && 698 (tx->rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
678 tx->sdata->bss_conf.use_short_preamble && 699 tx->sdata->bss_conf.use_short_preamble &&
679 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) { 700 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) {
680 tx->u.tx.control->tx_rate = tx->u.tx.rate->val2; 701 tx->control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE;
681 } 702 }
682 703
683 /* Setup duration field for the first fragment of the frame. Duration 704 /* Setup duration field for the first fragment of the frame. Duration
684 * for remaining fragments will be updated when they are being sent 705 * for remaining fragments will be updated when they are being sent
685 * to low-level driver in ieee80211_tx(). */ 706 * to low-level driver in ieee80211_tx(). */
686 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1), 707 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
687 (tx->flags & IEEE80211_TXRXD_FRAGMENTED) ? 708 (tx->flags & IEEE80211_TX_FRAGMENTED) ?
688 tx->u.tx.extra_frag[0]->len : 0); 709 tx->extra_frag[0]->len : 0);
689 hdr->duration_id = cpu_to_le16(dur); 710 hdr->duration_id = cpu_to_le16(dur);
690 711
691 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) || 712 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
692 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) { 713 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) {
693 struct ieee80211_rate *rate; 714 struct ieee80211_supported_band *sband;
715 struct ieee80211_rate *rate, *baserate;
716 int idx;
717
718 sband = tx->local->hw.wiphy->bands[
719 tx->local->hw.conf.channel->band];
694 720
695 /* Do not use multiple retry rates when using RTS/CTS */ 721 /* Do not use multiple retry rates when using RTS/CTS */
696 control->alt_retry_rate = -1; 722 control->alt_retry_rate = NULL;
697 723
698 /* Use min(data rate, max base rate) as CTS/RTS rate */ 724 /* Use min(data rate, max base rate) as CTS/RTS rate */
699 rate = tx->u.tx.rate; 725 rate = tx->rate;
700 while (rate > mode->rates && 726 baserate = NULL;
701 !(rate->flags & IEEE80211_RATE_BASIC)) 727
702 rate--; 728 for (idx = 0; idx < sband->n_bitrates; idx++) {
729 if (sband->bitrates[idx].bitrate > rate->bitrate)
730 continue;
731 if (tx->sdata->basic_rates & BIT(idx) &&
732 (!baserate ||
733 (baserate->bitrate < sband->bitrates[idx].bitrate)))
734 baserate = &sband->bitrates[idx];
735 }
703 736
704 control->rts_cts_rate = rate->val; 737 if (baserate)
705 control->rts_rate = rate; 738 control->rts_cts_rate = baserate;
739 else
740 control->rts_cts_rate = &sband->bitrates[0];
706 } 741 }
707 742
708 if (tx->sta) { 743 if (tx->sta) {
709 tx->sta->tx_packets++; 744 tx->sta->tx_packets++;
710 tx->sta->tx_fragments++; 745 tx->sta->tx_fragments++;
711 tx->sta->tx_bytes += tx->skb->len; 746 tx->sta->tx_bytes += tx->skb->len;
712 if (tx->u.tx.extra_frag) { 747 if (tx->extra_frag) {
713 int i; 748 int i;
714 tx->sta->tx_fragments += tx->u.tx.num_extra_frag; 749 tx->sta->tx_fragments += tx->num_extra_frag;
715 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 750 for (i = 0; i < tx->num_extra_frag; i++) {
716 tx->sta->tx_bytes += 751 tx->sta->tx_bytes +=
717 tx->u.tx.extra_frag[i]->len; 752 tx->extra_frag[i]->len;
718 } 753 }
719 } 754 }
720 } 755 }
721 756
722 return TXRX_CONTINUE; 757 return TX_CONTINUE;
723} 758}
724 759
725static ieee80211_txrx_result 760static ieee80211_tx_result
726ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx) 761ieee80211_tx_h_load_stats(struct ieee80211_tx_data *tx)
727{ 762{
728 struct ieee80211_local *local = tx->local; 763 struct ieee80211_local *local = tx->local;
729 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
730 struct sk_buff *skb = tx->skb; 764 struct sk_buff *skb = tx->skb;
731 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 765 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
732 u32 load = 0, hdrtime; 766 u32 load = 0, hdrtime;
767 struct ieee80211_rate *rate = tx->rate;
733 768
734 /* TODO: this could be part of tx_status handling, so that the number 769 /* TODO: this could be part of tx_status handling, so that the number
735 * of retries would be known; TX rate should in that case be stored 770 * of retries would be known; TX rate should in that case be stored
@@ -740,9 +775,9 @@ ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
740 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values, 775 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
741 * 1 usec = 1/8 * (1080 / 10) = 13.5 */ 776 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
742 777
743 if (mode->mode == MODE_IEEE80211A || 778 if (tx->channel->band == IEEE80211_BAND_5GHZ ||
744 (mode->mode == MODE_IEEE80211G && 779 (tx->channel->band == IEEE80211_BAND_2GHZ &&
745 tx->u.tx.rate->flags & IEEE80211_RATE_ERP)) 780 rate->flags & IEEE80211_RATE_ERP_G))
746 hdrtime = CHAN_UTIL_HDR_SHORT; 781 hdrtime = CHAN_UTIL_HDR_SHORT;
747 else 782 else
748 hdrtime = CHAN_UTIL_HDR_LONG; 783 hdrtime = CHAN_UTIL_HDR_LONG;
@@ -751,19 +786,20 @@ ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
751 if (!is_multicast_ether_addr(hdr->addr1)) 786 if (!is_multicast_ether_addr(hdr->addr1))
752 load += hdrtime; 787 load += hdrtime;
753 788
754 if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_RTS_CTS) 789 if (tx->control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
755 load += 2 * hdrtime; 790 load += 2 * hdrtime;
756 else if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT) 791 else if (tx->control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
757 load += hdrtime; 792 load += hdrtime;
758 793
759 load += skb->len * tx->u.tx.rate->rate_inv; 794 /* TODO: optimise again */
795 load += skb->len * CHAN_UTIL_RATE_LCM / rate->bitrate;
760 796
761 if (tx->u.tx.extra_frag) { 797 if (tx->extra_frag) {
762 int i; 798 int i;
763 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 799 for (i = 0; i < tx->num_extra_frag; i++) {
764 load += 2 * hdrtime; 800 load += 2 * hdrtime;
765 load += tx->u.tx.extra_frag[i]->len * 801 load += tx->extra_frag[i]->len *
766 tx->u.tx.rate->rate; 802 tx->rate->bitrate;
767 } 803 }
768 } 804 }
769 805
@@ -774,13 +810,12 @@ ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
774 tx->sta->channel_use_raw += load; 810 tx->sta->channel_use_raw += load;
775 tx->sdata->channel_use_raw += load; 811 tx->sdata->channel_use_raw += load;
776 812
777 return TXRX_CONTINUE; 813 return TX_CONTINUE;
778} 814}
779 815
780/* TODO: implement register/unregister functions for adding TX/RX handlers
781 * into ordered list */
782 816
783ieee80211_tx_handler ieee80211_tx_handlers[] = 817typedef ieee80211_tx_result (*ieee80211_tx_handler)(struct ieee80211_tx_data *);
818static ieee80211_tx_handler ieee80211_tx_handlers[] =
784{ 819{
785 ieee80211_tx_h_check_assoc, 820 ieee80211_tx_h_check_assoc,
786 ieee80211_tx_h_sequence, 821 ieee80211_tx_h_sequence,
@@ -801,8 +836,8 @@ ieee80211_tx_handler ieee80211_tx_handlers[] =
801 * deal with packet injection down monitor interface 836 * deal with packet injection down monitor interface
802 * with Radiotap Header -- only called for monitor mode interface 837 * with Radiotap Header -- only called for monitor mode interface
803 */ 838 */
804static ieee80211_txrx_result 839static ieee80211_tx_result
805__ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx, 840__ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
806 struct sk_buff *skb) 841 struct sk_buff *skb)
807{ 842{
808 /* 843 /*
@@ -816,13 +851,15 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
816 struct ieee80211_radiotap_iterator iterator; 851 struct ieee80211_radiotap_iterator iterator;
817 struct ieee80211_radiotap_header *rthdr = 852 struct ieee80211_radiotap_header *rthdr =
818 (struct ieee80211_radiotap_header *) skb->data; 853 (struct ieee80211_radiotap_header *) skb->data;
819 struct ieee80211_hw_mode *mode = tx->local->hw.conf.mode; 854 struct ieee80211_supported_band *sband;
820 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len); 855 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len);
821 struct ieee80211_tx_control *control = tx->u.tx.control; 856 struct ieee80211_tx_control *control = tx->control;
857
858 sband = tx->local->hw.wiphy->bands[tx->local->hw.conf.channel->band];
822 859
823 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT; 860 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
824 tx->flags |= IEEE80211_TXRXD_TX_INJECTED; 861 tx->flags |= IEEE80211_TX_INJECTED;
825 tx->flags &= ~IEEE80211_TXRXD_FRAGMENTED; 862 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
826 863
827 /* 864 /*
828 * for every radiotap entry that is present 865 * for every radiotap entry that is present
@@ -852,11 +889,13 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
852 * ieee80211 rate int is in 100kbps units eg, 0x0a=1Mbps 889 * ieee80211 rate int is in 100kbps units eg, 0x0a=1Mbps
853 */ 890 */
854 target_rate = (*iterator.this_arg) * 5; 891 target_rate = (*iterator.this_arg) * 5;
855 for (i = 0; i < mode->num_rates; i++) { 892 for (i = 0; i < sband->n_bitrates; i++) {
856 struct ieee80211_rate *r = &mode->rates[i]; 893 struct ieee80211_rate *r;
894
895 r = &sband->bitrates[i];
857 896
858 if (r->rate == target_rate) { 897 if (r->bitrate == target_rate) {
859 tx->u.tx.rate = r; 898 tx->rate = r;
860 break; 899 break;
861 } 900 }
862 } 901 }
@@ -870,9 +909,11 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
870 control->antenna_sel_tx = (*iterator.this_arg) + 1; 909 control->antenna_sel_tx = (*iterator.this_arg) + 1;
871 break; 910 break;
872 911
912#if 0
873 case IEEE80211_RADIOTAP_DBM_TX_POWER: 913 case IEEE80211_RADIOTAP_DBM_TX_POWER:
874 control->power_level = *iterator.this_arg; 914 control->power_level = *iterator.this_arg;
875 break; 915 break;
916#endif
876 917
877 case IEEE80211_RADIOTAP_FLAGS: 918 case IEEE80211_RADIOTAP_FLAGS:
878 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FCS) { 919 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FCS) {
@@ -884,7 +925,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
884 * on transmission 925 * on transmission
885 */ 926 */
886 if (skb->len < (iterator.max_length + FCS_LEN)) 927 if (skb->len < (iterator.max_length + FCS_LEN))
887 return TXRX_DROP; 928 return TX_DROP;
888 929
889 skb_trim(skb, skb->len - FCS_LEN); 930 skb_trim(skb, skb->len - FCS_LEN);
890 } 931 }
@@ -892,7 +933,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
892 control->flags &= 933 control->flags &=
893 ~IEEE80211_TXCTL_DO_NOT_ENCRYPT; 934 ~IEEE80211_TXCTL_DO_NOT_ENCRYPT;
894 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG) 935 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG)
895 tx->flags |= IEEE80211_TXRXD_FRAGMENTED; 936 tx->flags |= IEEE80211_TX_FRAGMENTED;
896 break; 937 break;
897 938
898 /* 939 /*
@@ -907,7 +948,7 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
907 } 948 }
908 949
909 if (ret != -ENOENT) /* ie, if we didn't simply run out of fields */ 950 if (ret != -ENOENT) /* ie, if we didn't simply run out of fields */
910 return TXRX_DROP; 951 return TX_DROP;
911 952
912 /* 953 /*
913 * remove the radiotap header 954 * remove the radiotap header
@@ -916,14 +957,14 @@ __ieee80211_parse_tx_radiotap(struct ieee80211_txrx_data *tx,
916 */ 957 */
917 skb_pull(skb, iterator.max_length); 958 skb_pull(skb, iterator.max_length);
918 959
919 return TXRX_CONTINUE; 960 return TX_CONTINUE;
920} 961}
921 962
922/* 963/*
923 * initialises @tx 964 * initialises @tx
924 */ 965 */
925static ieee80211_txrx_result 966static ieee80211_tx_result
926__ieee80211_tx_prepare(struct ieee80211_txrx_data *tx, 967__ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
927 struct sk_buff *skb, 968 struct sk_buff *skb,
928 struct net_device *dev, 969 struct net_device *dev,
929 struct ieee80211_tx_control *control) 970 struct ieee80211_tx_control *control)
@@ -939,18 +980,18 @@ __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
939 tx->dev = dev; /* use original interface */ 980 tx->dev = dev; /* use original interface */
940 tx->local = local; 981 tx->local = local;
941 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev); 982 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
942 tx->u.tx.control = control; 983 tx->control = control;
943 /* 984 /*
944 * Set this flag (used below to indicate "automatic fragmentation"), 985 * Set this flag (used below to indicate "automatic fragmentation"),
945 * it will be cleared/left by radiotap as desired. 986 * it will be cleared/left by radiotap as desired.
946 */ 987 */
947 tx->flags |= IEEE80211_TXRXD_FRAGMENTED; 988 tx->flags |= IEEE80211_TX_FRAGMENTED;
948 989
949 /* process and remove the injection radiotap header */ 990 /* process and remove the injection radiotap header */
950 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 991 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
951 if (unlikely(sdata->vif.type == IEEE80211_IF_TYPE_MNTR)) { 992 if (unlikely(sdata->vif.type == IEEE80211_IF_TYPE_MNTR)) {
952 if (__ieee80211_parse_tx_radiotap(tx, skb) == TXRX_DROP) 993 if (__ieee80211_parse_tx_radiotap(tx, skb) == TX_DROP)
953 return TXRX_DROP; 994 return TX_DROP;
954 995
955 /* 996 /*
956 * __ieee80211_parse_tx_radiotap has now removed 997 * __ieee80211_parse_tx_radiotap has now removed
@@ -965,27 +1006,27 @@ __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
965 tx->fc = le16_to_cpu(hdr->frame_control); 1006 tx->fc = le16_to_cpu(hdr->frame_control);
966 1007
967 if (is_multicast_ether_addr(hdr->addr1)) { 1008 if (is_multicast_ether_addr(hdr->addr1)) {
968 tx->flags &= ~IEEE80211_TXRXD_TXUNICAST; 1009 tx->flags &= ~IEEE80211_TX_UNICAST;
969 control->flags |= IEEE80211_TXCTL_NO_ACK; 1010 control->flags |= IEEE80211_TXCTL_NO_ACK;
970 } else { 1011 } else {
971 tx->flags |= IEEE80211_TXRXD_TXUNICAST; 1012 tx->flags |= IEEE80211_TX_UNICAST;
972 control->flags &= ~IEEE80211_TXCTL_NO_ACK; 1013 control->flags &= ~IEEE80211_TXCTL_NO_ACK;
973 } 1014 }
974 1015
975 if (tx->flags & IEEE80211_TXRXD_FRAGMENTED) { 1016 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
976 if ((tx->flags & IEEE80211_TXRXD_TXUNICAST) && 1017 if ((tx->flags & IEEE80211_TX_UNICAST) &&
977 skb->len + FCS_LEN > local->fragmentation_threshold && 1018 skb->len + FCS_LEN > local->fragmentation_threshold &&
978 !local->ops->set_frag_threshold) 1019 !local->ops->set_frag_threshold)
979 tx->flags |= IEEE80211_TXRXD_FRAGMENTED; 1020 tx->flags |= IEEE80211_TX_FRAGMENTED;
980 else 1021 else
981 tx->flags &= ~IEEE80211_TXRXD_FRAGMENTED; 1022 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
982 } 1023 }
983 1024
984 if (!tx->sta) 1025 if (!tx->sta)
985 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK; 1026 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT;
986 else if (tx->sta->clear_dst_mask) { 1027 else if (tx->sta->flags & WLAN_STA_CLEAR_PS_FILT) {
987 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK; 1028 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT;
988 tx->sta->clear_dst_mask = 0; 1029 tx->sta->flags &= ~WLAN_STA_CLEAR_PS_FILT;
989 } 1030 }
990 1031
991 hdrlen = ieee80211_get_hdrlen(tx->fc); 1032 hdrlen = ieee80211_get_hdrlen(tx->fc);
@@ -995,13 +1036,13 @@ __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
995 } 1036 }
996 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT; 1037 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT;
997 1038
998 return TXRX_CONTINUE; 1039 return TX_CONTINUE;
999} 1040}
1000 1041
1001/* 1042/*
1002 * NB: @tx is uninitialised when passed in here 1043 * NB: @tx is uninitialised when passed in here
1003 */ 1044 */
1004static int ieee80211_tx_prepare(struct ieee80211_txrx_data *tx, 1045static int ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1005 struct sk_buff *skb, 1046 struct sk_buff *skb,
1006 struct net_device *mdev, 1047 struct net_device *mdev,
1007 struct ieee80211_tx_control *control) 1048 struct ieee80211_tx_control *control)
@@ -1024,9 +1065,9 @@ static int ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1024} 1065}
1025 1066
1026static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb, 1067static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1027 struct ieee80211_txrx_data *tx) 1068 struct ieee80211_tx_data *tx)
1028{ 1069{
1029 struct ieee80211_tx_control *control = tx->u.tx.control; 1070 struct ieee80211_tx_control *control = tx->control;
1030 int ret, i; 1071 int ret, i;
1031 1072
1032 if (!ieee80211_qdisc_installed(local->mdev) && 1073 if (!ieee80211_qdisc_installed(local->mdev) &&
@@ -1043,20 +1084,20 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1043 local->mdev->trans_start = jiffies; 1084 local->mdev->trans_start = jiffies;
1044 ieee80211_led_tx(local, 1); 1085 ieee80211_led_tx(local, 1);
1045 } 1086 }
1046 if (tx->u.tx.extra_frag) { 1087 if (tx->extra_frag) {
1047 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS | 1088 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1048 IEEE80211_TXCTL_USE_CTS_PROTECT | 1089 IEEE80211_TXCTL_USE_CTS_PROTECT |
1049 IEEE80211_TXCTL_CLEAR_DST_MASK | 1090 IEEE80211_TXCTL_CLEAR_PS_FILT |
1050 IEEE80211_TXCTL_FIRST_FRAGMENT); 1091 IEEE80211_TXCTL_FIRST_FRAGMENT);
1051 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 1092 for (i = 0; i < tx->num_extra_frag; i++) {
1052 if (!tx->u.tx.extra_frag[i]) 1093 if (!tx->extra_frag[i])
1053 continue; 1094 continue;
1054 if (__ieee80211_queue_stopped(local, control->queue)) 1095 if (__ieee80211_queue_stopped(local, control->queue))
1055 return IEEE80211_TX_FRAG_AGAIN; 1096 return IEEE80211_TX_FRAG_AGAIN;
1056 if (i == tx->u.tx.num_extra_frag) { 1097 if (i == tx->num_extra_frag) {
1057 control->tx_rate = tx->u.tx.last_frag_hwrate; 1098 control->tx_rate = tx->last_frag_rate;
1058 control->rate = tx->u.tx.last_frag_rate; 1099
1059 if (tx->flags & IEEE80211_TXRXD_TXPROBE_LAST_FRAG) 1100 if (tx->flags & IEEE80211_TX_PROBE_LAST_FRAG)
1060 control->flags |= 1101 control->flags |=
1061 IEEE80211_TXCTL_RATE_CTRL_PROBE; 1102 IEEE80211_TXCTL_RATE_CTRL_PROBE;
1062 else 1103 else
@@ -1066,18 +1107,18 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1066 1107
1067 ieee80211_dump_frame(wiphy_name(local->hw.wiphy), 1108 ieee80211_dump_frame(wiphy_name(local->hw.wiphy),
1068 "TX to low-level driver", 1109 "TX to low-level driver",
1069 tx->u.tx.extra_frag[i]); 1110 tx->extra_frag[i]);
1070 ret = local->ops->tx(local_to_hw(local), 1111 ret = local->ops->tx(local_to_hw(local),
1071 tx->u.tx.extra_frag[i], 1112 tx->extra_frag[i],
1072 control); 1113 control);
1073 if (ret) 1114 if (ret)
1074 return IEEE80211_TX_FRAG_AGAIN; 1115 return IEEE80211_TX_FRAG_AGAIN;
1075 local->mdev->trans_start = jiffies; 1116 local->mdev->trans_start = jiffies;
1076 ieee80211_led_tx(local, 1); 1117 ieee80211_led_tx(local, 1);
1077 tx->u.tx.extra_frag[i] = NULL; 1118 tx->extra_frag[i] = NULL;
1078 } 1119 }
1079 kfree(tx->u.tx.extra_frag); 1120 kfree(tx->extra_frag);
1080 tx->u.tx.extra_frag = NULL; 1121 tx->extra_frag = NULL;
1081 } 1122 }
1082 return IEEE80211_TX_OK; 1123 return IEEE80211_TX_OK;
1083} 1124}
@@ -1088,8 +1129,8 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1088 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1129 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1089 struct sta_info *sta; 1130 struct sta_info *sta;
1090 ieee80211_tx_handler *handler; 1131 ieee80211_tx_handler *handler;
1091 struct ieee80211_txrx_data tx; 1132 struct ieee80211_tx_data tx;
1092 ieee80211_txrx_result res = TXRX_DROP, res_prepare; 1133 ieee80211_tx_result res = TX_DROP, res_prepare;
1093 int ret, i; 1134 int ret, i;
1094 1135
1095 WARN_ON(__ieee80211_queue_pending(local, control->queue)); 1136 WARN_ON(__ieee80211_queue_pending(local, control->queue));
@@ -1099,59 +1140,52 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1099 return 0; 1140 return 0;
1100 } 1141 }
1101 1142
1143 rcu_read_lock();
1144
1102 /* initialises tx */ 1145 /* initialises tx */
1103 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev, control); 1146 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev, control);
1104 1147
1105 if (res_prepare == TXRX_DROP) { 1148 if (res_prepare == TX_DROP) {
1106 dev_kfree_skb(skb); 1149 dev_kfree_skb(skb);
1150 rcu_read_unlock();
1107 return 0; 1151 return 0;
1108 } 1152 }
1109 1153
1110 /*
1111 * key references are protected using RCU and this requires that
1112 * we are in a read-site RCU section during receive processing
1113 */
1114 rcu_read_lock();
1115
1116 sta = tx.sta; 1154 sta = tx.sta;
1117 tx.u.tx.mode = local->hw.conf.mode; 1155 tx.channel = local->hw.conf.channel;
1118 1156
1119 for (handler = local->tx_handlers; *handler != NULL; 1157 for (handler = ieee80211_tx_handlers; *handler != NULL;
1120 handler++) { 1158 handler++) {
1121 res = (*handler)(&tx); 1159 res = (*handler)(&tx);
1122 if (res != TXRX_CONTINUE) 1160 if (res != TX_CONTINUE)
1123 break; 1161 break;
1124 } 1162 }
1125 1163
1126 skb = tx.skb; /* handlers are allowed to change skb */ 1164 skb = tx.skb; /* handlers are allowed to change skb */
1127 1165
1128 if (sta) 1166 if (unlikely(res == TX_DROP)) {
1129 sta_info_put(sta);
1130
1131 if (unlikely(res == TXRX_DROP)) {
1132 I802_DEBUG_INC(local->tx_handlers_drop); 1167 I802_DEBUG_INC(local->tx_handlers_drop);
1133 goto drop; 1168 goto drop;
1134 } 1169 }
1135 1170
1136 if (unlikely(res == TXRX_QUEUED)) { 1171 if (unlikely(res == TX_QUEUED)) {
1137 I802_DEBUG_INC(local->tx_handlers_queued); 1172 I802_DEBUG_INC(local->tx_handlers_queued);
1138 rcu_read_unlock(); 1173 rcu_read_unlock();
1139 return 0; 1174 return 0;
1140 } 1175 }
1141 1176
1142 if (tx.u.tx.extra_frag) { 1177 if (tx.extra_frag) {
1143 for (i = 0; i < tx.u.tx.num_extra_frag; i++) { 1178 for (i = 0; i < tx.num_extra_frag; i++) {
1144 int next_len, dur; 1179 int next_len, dur;
1145 struct ieee80211_hdr *hdr = 1180 struct ieee80211_hdr *hdr =
1146 (struct ieee80211_hdr *) 1181 (struct ieee80211_hdr *)
1147 tx.u.tx.extra_frag[i]->data; 1182 tx.extra_frag[i]->data;
1148 1183
1149 if (i + 1 < tx.u.tx.num_extra_frag) { 1184 if (i + 1 < tx.num_extra_frag) {
1150 next_len = tx.u.tx.extra_frag[i + 1]->len; 1185 next_len = tx.extra_frag[i + 1]->len;
1151 } else { 1186 } else {
1152 next_len = 0; 1187 next_len = 0;
1153 tx.u.tx.rate = tx.u.tx.last_frag_rate; 1188 tx.rate = tx.last_frag_rate;
1154 tx.u.tx.last_frag_hwrate = tx.u.tx.rate->val;
1155 } 1189 }
1156 dur = ieee80211_duration(&tx, 0, next_len); 1190 dur = ieee80211_duration(&tx, 0, next_len);
1157 hdr->duration_id = cpu_to_le16(dur); 1191 hdr->duration_id = cpu_to_le16(dur);
@@ -1186,12 +1220,11 @@ retry:
1186 memcpy(&store->control, control, 1220 memcpy(&store->control, control,
1187 sizeof(struct ieee80211_tx_control)); 1221 sizeof(struct ieee80211_tx_control));
1188 store->skb = skb; 1222 store->skb = skb;
1189 store->extra_frag = tx.u.tx.extra_frag; 1223 store->extra_frag = tx.extra_frag;
1190 store->num_extra_frag = tx.u.tx.num_extra_frag; 1224 store->num_extra_frag = tx.num_extra_frag;
1191 store->last_frag_hwrate = tx.u.tx.last_frag_hwrate; 1225 store->last_frag_rate = tx.last_frag_rate;
1192 store->last_frag_rate = tx.u.tx.last_frag_rate;
1193 store->last_frag_rate_ctrl_probe = 1226 store->last_frag_rate_ctrl_probe =
1194 !!(tx.flags & IEEE80211_TXRXD_TXPROBE_LAST_FRAG); 1227 !!(tx.flags & IEEE80211_TX_PROBE_LAST_FRAG);
1195 } 1228 }
1196 rcu_read_unlock(); 1229 rcu_read_unlock();
1197 return 0; 1230 return 0;
@@ -1199,10 +1232,10 @@ retry:
1199 drop: 1232 drop:
1200 if (skb) 1233 if (skb)
1201 dev_kfree_skb(skb); 1234 dev_kfree_skb(skb);
1202 for (i = 0; i < tx.u.tx.num_extra_frag; i++) 1235 for (i = 0; i < tx.num_extra_frag; i++)
1203 if (tx.u.tx.extra_frag[i]) 1236 if (tx.extra_frag[i])
1204 dev_kfree_skb(tx.u.tx.extra_frag[i]); 1237 dev_kfree_skb(tx.extra_frag[i]);
1205 kfree(tx.u.tx.extra_frag); 1238 kfree(tx.extra_frag);
1206 rcu_read_unlock(); 1239 rcu_read_unlock();
1207 return 0; 1240 return 0;
1208} 1241}
@@ -1260,6 +1293,8 @@ int ieee80211_master_start_xmit(struct sk_buff *skb,
1260 control.flags |= IEEE80211_TXCTL_REQUEUE; 1293 control.flags |= IEEE80211_TXCTL_REQUEUE;
1261 if (pkt_data->flags & IEEE80211_TXPD_EAPOL_FRAME) 1294 if (pkt_data->flags & IEEE80211_TXPD_EAPOL_FRAME)
1262 control.flags |= IEEE80211_TXCTL_EAPOL_FRAME; 1295 control.flags |= IEEE80211_TXCTL_EAPOL_FRAME;
1296 if (pkt_data->flags & IEEE80211_TXPD_AMPDU)
1297 control.flags |= IEEE80211_TXCTL_AMPDU;
1263 control.queue = pkt_data->queue; 1298 control.queue = pkt_data->queue;
1264 1299
1265 ret = ieee80211_tx(odev, skb, &control); 1300 ret = ieee80211_tx(odev, skb, &control);
@@ -1346,8 +1381,9 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1346 struct ieee80211_tx_packet_data *pkt_data; 1381 struct ieee80211_tx_packet_data *pkt_data;
1347 struct ieee80211_sub_if_data *sdata; 1382 struct ieee80211_sub_if_data *sdata;
1348 int ret = 1, head_need; 1383 int ret = 1, head_need;
1349 u16 ethertype, hdrlen, fc; 1384 u16 ethertype, hdrlen, meshhdrlen = 0, fc;
1350 struct ieee80211_hdr hdr; 1385 struct ieee80211_hdr hdr;
1386 struct ieee80211s_hdr mesh_hdr;
1351 const u8 *encaps_data; 1387 const u8 *encaps_data;
1352 int encaps_len, skip_header_bytes; 1388 int encaps_len, skip_header_bytes;
1353 int nh_pos, h_pos; 1389 int nh_pos, h_pos;
@@ -1389,6 +1425,37 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1389 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN); 1425 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1390 hdrlen = 30; 1426 hdrlen = 30;
1391 break; 1427 break;
1428#ifdef CONFIG_MAC80211_MESH
1429 case IEEE80211_IF_TYPE_MESH_POINT:
1430 fc |= IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS;
1431 /* RA TA DA SA */
1432 if (is_multicast_ether_addr(skb->data))
1433 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1434 else if (mesh_nexthop_lookup(hdr.addr1, skb, dev))
1435 return 0;
1436 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1437 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1438 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1439 if (skb->pkt_type == PACKET_OTHERHOST) {
1440 /* Forwarded frame, keep mesh ttl and seqnum */
1441 struct ieee80211s_hdr *prev_meshhdr;
1442 prev_meshhdr = ((struct ieee80211s_hdr *)skb->cb);
1443 meshhdrlen = ieee80211_get_mesh_hdrlen(prev_meshhdr);
1444 memcpy(&mesh_hdr, prev_meshhdr, meshhdrlen);
1445 sdata->u.sta.mshstats.fwded_frames++;
1446 } else {
1447 if (!sdata->u.sta.mshcfg.dot11MeshTTL) {
1448 /* Do not send frames with mesh_ttl == 0 */
1449 sdata->u.sta.mshstats.dropped_frames_ttl++;
1450 ret = 0;
1451 goto fail;
1452 }
1453 meshhdrlen = ieee80211_new_mesh_header(&mesh_hdr,
1454 sdata);
1455 }
1456 hdrlen = 30;
1457 break;
1458#endif
1392 case IEEE80211_IF_TYPE_STA: 1459 case IEEE80211_IF_TYPE_STA:
1393 fc |= IEEE80211_FCTL_TODS; 1460 fc |= IEEE80211_FCTL_TODS;
1394 /* BSSID SA DA */ 1461 /* BSSID SA DA */
@@ -1409,10 +1476,17 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1409 goto fail; 1476 goto fail;
1410 } 1477 }
1411 1478
1412 sta = sta_info_get(local, hdr.addr1); 1479 /*
1413 if (sta) { 1480 * There's no need to try to look up the destination
1414 sta_flags = sta->flags; 1481 * if it is a multicast address (which can only happen
1415 sta_info_put(sta); 1482 * in AP mode)
1483 */
1484 if (!is_multicast_ether_addr(hdr.addr1)) {
1485 rcu_read_lock();
1486 sta = sta_info_get(local, hdr.addr1);
1487 if (sta)
1488 sta_flags = sta->flags;
1489 rcu_read_unlock();
1416 } 1490 }
1417 1491
1418 /* receiver is QoS enabled, use a QoS type frame */ 1492 /* receiver is QoS enabled, use a QoS type frame */
@@ -1422,12 +1496,12 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1422 } 1496 }
1423 1497
1424 /* 1498 /*
1425 * If port access control is enabled, drop frames to unauthorised 1499 * Drop unicast frames to unauthorised stations unless they are
1426 * stations unless they are EAPOL frames from the local station. 1500 * EAPOL frames from the local station.
1427 */ 1501 */
1428 if (unlikely(sdata->ieee802_1x_pac && 1502 if (unlikely(!is_multicast_ether_addr(hdr.addr1) &&
1429 !(sta_flags & WLAN_STA_AUTHORIZED) && 1503 !(sta_flags & WLAN_STA_AUTHORIZED) &&
1430 !(ethertype == ETH_P_PAE && 1504 !(ethertype == ETH_P_PAE &&
1431 compare_ether_addr(dev->dev_addr, 1505 compare_ether_addr(dev->dev_addr,
1432 skb->data + ETH_ALEN) == 0))) { 1506 skb->data + ETH_ALEN) == 0))) {
1433#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1507#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
@@ -1480,7 +1554,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1480 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and 1554 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1481 * alloc_skb() (net/core/skbuff.c) 1555 * alloc_skb() (net/core/skbuff.c)
1482 */ 1556 */
1483 head_need = hdrlen + encaps_len + local->tx_headroom; 1557 head_need = hdrlen + encaps_len + meshhdrlen + local->tx_headroom;
1484 head_need -= skb_headroom(skb); 1558 head_need -= skb_headroom(skb);
1485 1559
1486 /* We are going to modify skb data, so make a copy of it if happens to 1560 /* We are going to modify skb data, so make a copy of it if happens to
@@ -1514,6 +1588,12 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1514 h_pos += encaps_len; 1588 h_pos += encaps_len;
1515 } 1589 }
1516 1590
1591 if (meshhdrlen > 0) {
1592 memcpy(skb_push(skb, meshhdrlen), &mesh_hdr, meshhdrlen);
1593 nh_pos += meshhdrlen;
1594 h_pos += meshhdrlen;
1595 }
1596
1517 if (fc & IEEE80211_STYPE_QOS_DATA) { 1597 if (fc & IEEE80211_STYPE_QOS_DATA) {
1518 __le16 *qos_control; 1598 __le16 *qos_control;
1519 1599
@@ -1583,7 +1663,7 @@ void ieee80211_tx_pending(unsigned long data)
1583 struct ieee80211_local *local = (struct ieee80211_local *)data; 1663 struct ieee80211_local *local = (struct ieee80211_local *)data;
1584 struct net_device *dev = local->mdev; 1664 struct net_device *dev = local->mdev;
1585 struct ieee80211_tx_stored_packet *store; 1665 struct ieee80211_tx_stored_packet *store;
1586 struct ieee80211_txrx_data tx; 1666 struct ieee80211_tx_data tx;
1587 int i, ret, reschedule = 0; 1667 int i, ret, reschedule = 0;
1588 1668
1589 netif_tx_lock_bh(dev); 1669 netif_tx_lock_bh(dev);
@@ -1595,14 +1675,13 @@ void ieee80211_tx_pending(unsigned long data)
1595 continue; 1675 continue;
1596 } 1676 }
1597 store = &local->pending_packet[i]; 1677 store = &local->pending_packet[i];
1598 tx.u.tx.control = &store->control; 1678 tx.control = &store->control;
1599 tx.u.tx.extra_frag = store->extra_frag; 1679 tx.extra_frag = store->extra_frag;
1600 tx.u.tx.num_extra_frag = store->num_extra_frag; 1680 tx.num_extra_frag = store->num_extra_frag;
1601 tx.u.tx.last_frag_hwrate = store->last_frag_hwrate; 1681 tx.last_frag_rate = store->last_frag_rate;
1602 tx.u.tx.last_frag_rate = store->last_frag_rate;
1603 tx.flags = 0; 1682 tx.flags = 0;
1604 if (store->last_frag_rate_ctrl_probe) 1683 if (store->last_frag_rate_ctrl_probe)
1605 tx.flags |= IEEE80211_TXRXD_TXPROBE_LAST_FRAG; 1684 tx.flags |= IEEE80211_TX_PROBE_LAST_FRAG;
1606 ret = __ieee80211_tx(local, store->skb, &tx); 1685 ret = __ieee80211_tx(local, store->skb, &tx);
1607 if (ret) { 1686 if (ret) {
1608 if (ret == IEEE80211_TX_FRAG_AGAIN) 1687 if (ret == IEEE80211_TX_FRAG_AGAIN)
@@ -1636,7 +1715,6 @@ static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1636 1715
1637 /* Generate bitmap for TIM only if there are any STAs in power save 1716 /* Generate bitmap for TIM only if there are any STAs in power save
1638 * mode. */ 1717 * mode. */
1639 read_lock_bh(&local->sta_lock);
1640 if (atomic_read(&bss->num_sta_ps) > 0) 1718 if (atomic_read(&bss->num_sta_ps) > 0)
1641 /* in the hope that this is faster than 1719 /* in the hope that this is faster than
1642 * checking byte-for-byte */ 1720 * checking byte-for-byte */
@@ -1687,7 +1765,6 @@ static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1687 *pos++ = aid0; /* Bitmap control */ 1765 *pos++ = aid0; /* Bitmap control */
1688 *pos++ = 0; /* Part Virt Bitmap */ 1766 *pos++ = 0; /* Part Virt Bitmap */
1689 } 1767 }
1690 read_unlock_bh(&local->sta_lock);
1691} 1768}
1692 1769
1693struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, 1770struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
@@ -1701,16 +1778,96 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1701 struct ieee80211_if_ap *ap = NULL; 1778 struct ieee80211_if_ap *ap = NULL;
1702 struct rate_selection rsel; 1779 struct rate_selection rsel;
1703 struct beacon_data *beacon; 1780 struct beacon_data *beacon;
1781 struct ieee80211_supported_band *sband;
1782 struct ieee80211_mgmt *mgmt;
1783 int *num_beacons;
1784 bool err = true;
1785 u8 *pos;
1786
1787 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1704 1788
1705 rcu_read_lock(); 1789 rcu_read_lock();
1706 1790
1707 sdata = vif_to_sdata(vif); 1791 sdata = vif_to_sdata(vif);
1708 bdev = sdata->dev; 1792 bdev = sdata->dev;
1709 ap = &sdata->u.ap;
1710 1793
1711 beacon = rcu_dereference(ap->beacon); 1794 if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
1795 ap = &sdata->u.ap;
1796 beacon = rcu_dereference(ap->beacon);
1797 if (ap && beacon) {
1798 /*
1799 * headroom, head length,
1800 * tail length and maximum TIM length
1801 */
1802 skb = dev_alloc_skb(local->tx_headroom +
1803 beacon->head_len +
1804 beacon->tail_len + 256);
1805 if (!skb)
1806 goto out;
1807
1808 skb_reserve(skb, local->tx_headroom);
1809 memcpy(skb_put(skb, beacon->head_len), beacon->head,
1810 beacon->head_len);
1811
1812 ieee80211_include_sequence(sdata,
1813 (struct ieee80211_hdr *)skb->data);
1814
1815 /*
1816 * Not very nice, but we want to allow the driver to call
1817 * ieee80211_beacon_get() as a response to the set_tim()
1818 * callback. That, however, is already invoked under the
1819 * sta_lock to guarantee consistent and race-free update
1820 * of the tim bitmap in mac80211 and the driver.
1821 */
1822 if (local->tim_in_locked_section) {
1823 ieee80211_beacon_add_tim(local, ap, skb, beacon);
1824 } else {
1825 unsigned long flags;
1826
1827 spin_lock_irqsave(&local->sta_lock, flags);
1828 ieee80211_beacon_add_tim(local, ap, skb, beacon);
1829 spin_unlock_irqrestore(&local->sta_lock, flags);
1830 }
1831
1832 if (beacon->tail)
1833 memcpy(skb_put(skb, beacon->tail_len),
1834 beacon->tail, beacon->tail_len);
1712 1835
1713 if (!ap || sdata->vif.type != IEEE80211_IF_TYPE_AP || !beacon) { 1836 num_beacons = &ap->num_beacons;
1837
1838 err = false;
1839 }
1840 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
1841 /* headroom, head length, tail length and maximum TIM length */
1842 skb = dev_alloc_skb(local->tx_headroom + 400);
1843 if (!skb)
1844 goto out;
1845
1846 skb_reserve(skb, local->hw.extra_tx_headroom);
1847 mgmt = (struct ieee80211_mgmt *)
1848 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
1849 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
1850 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1851 IEEE80211_STYPE_BEACON);
1852 memset(mgmt->da, 0xff, ETH_ALEN);
1853 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1854 /* BSSID is left zeroed, wildcard value */
1855 mgmt->u.beacon.beacon_int =
1856 cpu_to_le16(local->hw.conf.beacon_int);
1857 mgmt->u.beacon.capab_info = 0x0; /* 0x0 for MPs */
1858
1859 pos = skb_put(skb, 2);
1860 *pos++ = WLAN_EID_SSID;
1861 *pos++ = 0x0;
1862
1863 mesh_mgmt_ies_add(skb, sdata->dev);
1864
1865 num_beacons = &sdata->u.sta.num_beacons;
1866
1867 err = false;
1868 }
1869
1870 if (err) {
1714#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1871#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1715 if (net_ratelimit()) 1872 if (net_ratelimit())
1716 printk(KERN_DEBUG "no beacon data avail for %s\n", 1873 printk(KERN_DEBUG "no beacon data avail for %s\n",
@@ -1720,27 +1877,8 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1720 goto out; 1877 goto out;
1721 } 1878 }
1722 1879
1723 /* headroom, head length, tail length and maximum TIM length */
1724 skb = dev_alloc_skb(local->tx_headroom + beacon->head_len +
1725 beacon->tail_len + 256);
1726 if (!skb)
1727 goto out;
1728
1729 skb_reserve(skb, local->tx_headroom);
1730 memcpy(skb_put(skb, beacon->head_len), beacon->head,
1731 beacon->head_len);
1732
1733 ieee80211_include_sequence(sdata, (struct ieee80211_hdr *)skb->data);
1734
1735 ieee80211_beacon_add_tim(local, ap, skb, beacon);
1736
1737 if (beacon->tail)
1738 memcpy(skb_put(skb, beacon->tail_len), beacon->tail,
1739 beacon->tail_len);
1740
1741 if (control) { 1880 if (control) {
1742 rate_control_get_rate(local->mdev, local->oper_hw_mode, skb, 1881 rate_control_get_rate(local->mdev, sband, skb, &rsel);
1743 &rsel);
1744 if (!rsel.rate) { 1882 if (!rsel.rate) {
1745 if (net_ratelimit()) { 1883 if (net_ratelimit()) {
1746 printk(KERN_DEBUG "%s: ieee80211_beacon_get: " 1884 printk(KERN_DEBUG "%s: ieee80211_beacon_get: "
@@ -1753,20 +1891,17 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1753 } 1891 }
1754 1892
1755 control->vif = vif; 1893 control->vif = vif;
1756 control->tx_rate = 1894 control->tx_rate = rsel.rate;
1757 (sdata->bss_conf.use_short_preamble && 1895 if (sdata->bss_conf.use_short_preamble &&
1758 (rsel.rate->flags & IEEE80211_RATE_PREAMBLE2)) ? 1896 rsel.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE)
1759 rsel.rate->val2 : rsel.rate->val; 1897 control->flags |= IEEE80211_TXCTL_SHORT_PREAMBLE;
1760 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx; 1898 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1761 control->power_level = local->hw.conf.power_level;
1762 control->flags |= IEEE80211_TXCTL_NO_ACK; 1899 control->flags |= IEEE80211_TXCTL_NO_ACK;
1763 control->retry_limit = 1; 1900 control->retry_limit = 1;
1764 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK; 1901 control->flags |= IEEE80211_TXCTL_CLEAR_PS_FILT;
1765 } 1902 }
1766 1903 (*num_beacons)++;
1767 ap->num_beacons++; 1904out:
1768
1769 out:
1770 rcu_read_unlock(); 1905 rcu_read_unlock();
1771 return skb; 1906 return skb;
1772} 1907}
@@ -1814,8 +1949,8 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1814 struct sk_buff *skb; 1949 struct sk_buff *skb;
1815 struct sta_info *sta; 1950 struct sta_info *sta;
1816 ieee80211_tx_handler *handler; 1951 ieee80211_tx_handler *handler;
1817 struct ieee80211_txrx_data tx; 1952 struct ieee80211_tx_data tx;
1818 ieee80211_txrx_result res = TXRX_DROP; 1953 ieee80211_tx_result res = TX_DROP;
1819 struct net_device *bdev; 1954 struct net_device *bdev;
1820 struct ieee80211_sub_if_data *sdata; 1955 struct ieee80211_sub_if_data *sdata;
1821 struct ieee80211_if_ap *bss = NULL; 1956 struct ieee80211_if_ap *bss = NULL;
@@ -1836,7 +1971,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1836 rcu_read_unlock(); 1971 rcu_read_unlock();
1837 return NULL; 1972 return NULL;
1838 } 1973 }
1839 rcu_read_unlock();
1840 1974
1841 if (bss->dtim_count != 0) 1975 if (bss->dtim_count != 0)
1842 return NULL; /* send buffered bc/mc only after DTIM beacon */ 1976 return NULL; /* send buffered bc/mc only after DTIM beacon */
@@ -1862,27 +1996,26 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
1862 dev_kfree_skb_any(skb); 1996 dev_kfree_skb_any(skb);
1863 } 1997 }
1864 sta = tx.sta; 1998 sta = tx.sta;
1865 tx.flags |= IEEE80211_TXRXD_TXPS_BUFFERED; 1999 tx.flags |= IEEE80211_TX_PS_BUFFERED;
1866 tx.u.tx.mode = local->hw.conf.mode; 2000 tx.channel = local->hw.conf.channel;
1867 2001
1868 for (handler = local->tx_handlers; *handler != NULL; handler++) { 2002 for (handler = ieee80211_tx_handlers; *handler != NULL; handler++) {
1869 res = (*handler)(&tx); 2003 res = (*handler)(&tx);
1870 if (res == TXRX_DROP || res == TXRX_QUEUED) 2004 if (res == TX_DROP || res == TX_QUEUED)
1871 break; 2005 break;
1872 } 2006 }
1873 skb = tx.skb; /* handlers are allowed to change skb */ 2007 skb = tx.skb; /* handlers are allowed to change skb */
1874 2008
1875 if (res == TXRX_DROP) { 2009 if (res == TX_DROP) {
1876 I802_DEBUG_INC(local->tx_handlers_drop); 2010 I802_DEBUG_INC(local->tx_handlers_drop);
1877 dev_kfree_skb(skb); 2011 dev_kfree_skb(skb);
1878 skb = NULL; 2012 skb = NULL;
1879 } else if (res == TXRX_QUEUED) { 2013 } else if (res == TX_QUEUED) {
1880 I802_DEBUG_INC(local->tx_handlers_queued); 2014 I802_DEBUG_INC(local->tx_handlers_queued);
1881 skb = NULL; 2015 skb = NULL;
1882 } 2016 }
1883 2017
1884 if (sta) 2018 rcu_read_unlock();
1885 sta_info_put(sta);
1886 2019
1887 return skb; 2020 return skb;
1888} 2021}
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 5e631ce98d7e..57c404f3f6d0 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -26,6 +26,7 @@
26 26
27#include "ieee80211_i.h" 27#include "ieee80211_i.h"
28#include "ieee80211_rate.h" 28#include "ieee80211_rate.h"
29#include "mesh.h"
29#include "wme.h" 30#include "wme.h"
30 31
31/* privid for wiphys to determine whether they belong to us or not */ 32/* privid for wiphys to determine whether they belong to us or not */
@@ -41,92 +42,6 @@ const unsigned char bridge_tunnel_header[] =
41 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 }; 42 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
42 43
43 44
44static int rate_list_match(const int *rate_list, int rate)
45{
46 int i;
47
48 if (!rate_list)
49 return 0;
50
51 for (i = 0; rate_list[i] >= 0; i++)
52 if (rate_list[i] == rate)
53 return 1;
54
55 return 0;
56}
57
58void ieee80211_prepare_rates(struct ieee80211_local *local,
59 struct ieee80211_hw_mode *mode)
60{
61 int i;
62
63 for (i = 0; i < mode->num_rates; i++) {
64 struct ieee80211_rate *rate = &mode->rates[i];
65
66 rate->flags &= ~(IEEE80211_RATE_SUPPORTED |
67 IEEE80211_RATE_BASIC);
68
69 if (local->supp_rates[mode->mode]) {
70 if (!rate_list_match(local->supp_rates[mode->mode],
71 rate->rate))
72 continue;
73 }
74
75 rate->flags |= IEEE80211_RATE_SUPPORTED;
76
77 /* Use configured basic rate set if it is available. If not,
78 * use defaults that are sane for most cases. */
79 if (local->basic_rates[mode->mode]) {
80 if (rate_list_match(local->basic_rates[mode->mode],
81 rate->rate))
82 rate->flags |= IEEE80211_RATE_BASIC;
83 } else switch (mode->mode) {
84 case MODE_IEEE80211A:
85 if (rate->rate == 60 || rate->rate == 120 ||
86 rate->rate == 240)
87 rate->flags |= IEEE80211_RATE_BASIC;
88 break;
89 case MODE_IEEE80211B:
90 if (rate->rate == 10 || rate->rate == 20)
91 rate->flags |= IEEE80211_RATE_BASIC;
92 break;
93 case MODE_IEEE80211G:
94 if (rate->rate == 10 || rate->rate == 20 ||
95 rate->rate == 55 || rate->rate == 110)
96 rate->flags |= IEEE80211_RATE_BASIC;
97 break;
98 case NUM_IEEE80211_MODES:
99 /* not useful */
100 break;
101 }
102
103 /* Set ERP and MANDATORY flags based on phymode */
104 switch (mode->mode) {
105 case MODE_IEEE80211A:
106 if (rate->rate == 60 || rate->rate == 120 ||
107 rate->rate == 240)
108 rate->flags |= IEEE80211_RATE_MANDATORY;
109 break;
110 case MODE_IEEE80211B:
111 if (rate->rate == 10)
112 rate->flags |= IEEE80211_RATE_MANDATORY;
113 break;
114 case MODE_IEEE80211G:
115 if (rate->rate == 10 || rate->rate == 20 ||
116 rate->rate == 55 || rate->rate == 110 ||
117 rate->rate == 60 || rate->rate == 120 ||
118 rate->rate == 240)
119 rate->flags |= IEEE80211_RATE_MANDATORY;
120 break;
121 case NUM_IEEE80211_MODES:
122 /* not useful */
123 break;
124 }
125 if (ieee80211_is_erp_rate(mode->mode, rate->rate))
126 rate->flags |= IEEE80211_RATE_ERP;
127 }
128}
129
130u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len, 45u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len,
131 enum ieee80211_if_types type) 46 enum ieee80211_if_types type)
132{ 47{
@@ -232,17 +147,35 @@ int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb)
232} 147}
233EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb); 148EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb);
234 149
235void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx) 150int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr)
151{
152 int ae = meshhdr->flags & IEEE80211S_FLAGS_AE;
153 /* 7.1.3.5a.2 */
154 switch (ae) {
155 case 0:
156 return 5;
157 case 1:
158 return 11;
159 case 2:
160 return 17;
161 case 3:
162 return 23;
163 default:
164 return 5;
165 }
166}
167
168void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx)
236{ 169{
237 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data; 170 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
238 171
239 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 172 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
240 if (tx->u.tx.extra_frag) { 173 if (tx->extra_frag) {
241 struct ieee80211_hdr *fhdr; 174 struct ieee80211_hdr *fhdr;
242 int i; 175 int i;
243 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 176 for (i = 0; i < tx->num_extra_frag; i++) {
244 fhdr = (struct ieee80211_hdr *) 177 fhdr = (struct ieee80211_hdr *)
245 tx->u.tx.extra_frag[i]->data; 178 tx->extra_frag[i]->data;
246 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 179 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
247 } 180 }
248 } 181 }
@@ -262,7 +195,7 @@ int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
262 * DIV_ROUND_UP() operations. 195 * DIV_ROUND_UP() operations.
263 */ 196 */
264 197
265 if (local->hw.conf.phymode == MODE_IEEE80211A || erp) { 198 if (local->hw.conf.channel->band == IEEE80211_BAND_5GHZ || erp) {
266 /* 199 /*
267 * OFDM: 200 * OFDM:
268 * 201 *
@@ -304,15 +237,19 @@ int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
304/* Exported duration function for driver use */ 237/* Exported duration function for driver use */
305__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw, 238__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
306 struct ieee80211_vif *vif, 239 struct ieee80211_vif *vif,
307 size_t frame_len, int rate) 240 size_t frame_len,
241 struct ieee80211_rate *rate)
308{ 242{
309 struct ieee80211_local *local = hw_to_local(hw); 243 struct ieee80211_local *local = hw_to_local(hw);
310 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 244 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
311 u16 dur; 245 u16 dur;
312 int erp; 246 int erp;
313 247
314 erp = ieee80211_is_erp_rate(hw->conf.phymode, rate); 248 erp = 0;
315 dur = ieee80211_frame_duration(local, frame_len, rate, erp, 249 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
250 erp = rate->flags & IEEE80211_RATE_ERP_G;
251
252 dur = ieee80211_frame_duration(local, frame_len, rate->bitrate, erp,
316 sdata->bss_conf.use_short_preamble); 253 sdata->bss_conf.use_short_preamble);
317 254
318 return cpu_to_le16(dur); 255 return cpu_to_le16(dur);
@@ -332,17 +269,20 @@ __le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
332 269
333 short_preamble = sdata->bss_conf.use_short_preamble; 270 short_preamble = sdata->bss_conf.use_short_preamble;
334 271
335 rate = frame_txctl->rts_rate; 272 rate = frame_txctl->rts_cts_rate;
336 erp = !!(rate->flags & IEEE80211_RATE_ERP); 273
274 erp = 0;
275 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
276 erp = rate->flags & IEEE80211_RATE_ERP_G;
337 277
338 /* CTS duration */ 278 /* CTS duration */
339 dur = ieee80211_frame_duration(local, 10, rate->rate, 279 dur = ieee80211_frame_duration(local, 10, rate->bitrate,
340 erp, short_preamble); 280 erp, short_preamble);
341 /* Data frame duration */ 281 /* Data frame duration */
342 dur += ieee80211_frame_duration(local, frame_len, rate->rate, 282 dur += ieee80211_frame_duration(local, frame_len, rate->bitrate,
343 erp, short_preamble); 283 erp, short_preamble);
344 /* ACK duration */ 284 /* ACK duration */
345 dur += ieee80211_frame_duration(local, 10, rate->rate, 285 dur += ieee80211_frame_duration(local, 10, rate->bitrate,
346 erp, short_preamble); 286 erp, short_preamble);
347 287
348 return cpu_to_le16(dur); 288 return cpu_to_le16(dur);
@@ -363,15 +303,17 @@ __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
363 303
364 short_preamble = sdata->bss_conf.use_short_preamble; 304 short_preamble = sdata->bss_conf.use_short_preamble;
365 305
366 rate = frame_txctl->rts_rate; 306 rate = frame_txctl->rts_cts_rate;
367 erp = !!(rate->flags & IEEE80211_RATE_ERP); 307 erp = 0;
308 if (sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
309 erp = rate->flags & IEEE80211_RATE_ERP_G;
368 310
369 /* Data frame duration */ 311 /* Data frame duration */
370 dur = ieee80211_frame_duration(local, frame_len, rate->rate, 312 dur = ieee80211_frame_duration(local, frame_len, rate->bitrate,
371 erp, short_preamble); 313 erp, short_preamble);
372 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) { 314 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) {
373 /* ACK duration */ 315 /* ACK duration */
374 dur += ieee80211_frame_duration(local, 10, rate->rate, 316 dur += ieee80211_frame_duration(local, 10, rate->bitrate,
375 erp, short_preamble); 317 erp, short_preamble);
376 } 318 }
377 319
@@ -379,27 +321,6 @@ __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
379} 321}
380EXPORT_SYMBOL(ieee80211_ctstoself_duration); 322EXPORT_SYMBOL(ieee80211_ctstoself_duration);
381 323
382struct ieee80211_rate *
383ieee80211_get_rate(struct ieee80211_local *local, int phymode, int hw_rate)
384{
385 struct ieee80211_hw_mode *mode;
386 int r;
387
388 list_for_each_entry(mode, &local->modes_list, list) {
389 if (mode->mode != phymode)
390 continue;
391 for (r = 0; r < mode->num_rates; r++) {
392 struct ieee80211_rate *rate = &mode->rates[r];
393 if (rate->val == hw_rate ||
394 (rate->flags & IEEE80211_RATE_PREAMBLE2 &&
395 rate->val2 == hw_rate))
396 return rate;
397 }
398 }
399
400 return NULL;
401}
402
403void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue) 324void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue)
404{ 325{
405 struct ieee80211_local *local = hw_to_local(hw); 326 struct ieee80211_local *local = hw_to_local(hw);
@@ -480,6 +401,7 @@ void ieee80211_iterate_active_interfaces(
480 case IEEE80211_IF_TYPE_STA: 401 case IEEE80211_IF_TYPE_STA:
481 case IEEE80211_IF_TYPE_IBSS: 402 case IEEE80211_IF_TYPE_IBSS:
482 case IEEE80211_IF_TYPE_WDS: 403 case IEEE80211_IF_TYPE_WDS:
404 case IEEE80211_IF_TYPE_MESH_POINT:
483 break; 405 break;
484 } 406 }
485 if (sdata->dev == local->mdev) 407 if (sdata->dev == local->mdev)
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index a0cff72a580b..affcecd78c10 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -305,39 +305,39 @@ u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key)
305 return NULL; 305 return NULL;
306} 306}
307 307
308ieee80211_txrx_result 308ieee80211_rx_result
309ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx) 309ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx)
310{ 310{
311 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA && 311 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
312 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT || 312 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
313 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) 313 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH))
314 return TXRX_CONTINUE; 314 return RX_CONTINUE;
315 315
316 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) { 316 if (!(rx->status->flag & RX_FLAG_DECRYPTED)) {
317 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) { 317 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
318#ifdef CONFIG_MAC80211_DEBUG 318#ifdef CONFIG_MAC80211_DEBUG
319 if (net_ratelimit()) 319 if (net_ratelimit())
320 printk(KERN_DEBUG "%s: RX WEP frame, decrypt " 320 printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
321 "failed\n", rx->dev->name); 321 "failed\n", rx->dev->name);
322#endif /* CONFIG_MAC80211_DEBUG */ 322#endif /* CONFIG_MAC80211_DEBUG */
323 return TXRX_DROP; 323 return RX_DROP_UNUSABLE;
324 } 324 }
325 } else if (!(rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) { 325 } else if (!(rx->status->flag & RX_FLAG_IV_STRIPPED)) {
326 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key); 326 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
327 /* remove ICV */ 327 /* remove ICV */
328 skb_trim(rx->skb, rx->skb->len - 4); 328 skb_trim(rx->skb, rx->skb->len - 4);
329 } 329 }
330 330
331 return TXRX_CONTINUE; 331 return RX_CONTINUE;
332} 332}
333 333
334static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb) 334static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
335{ 335{
336 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 336 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
337 if (ieee80211_wep_encrypt(tx->local, skb, tx->key)) 337 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
338 return -1; 338 return -1;
339 } else { 339 } else {
340 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 340 tx->control->key_idx = tx->key->conf.hw_key_idx;
341 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) { 341 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) {
342 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key)) 342 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key))
343 return -1; 343 return -1;
@@ -346,28 +346,28 @@ static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb)
346 return 0; 346 return 0;
347} 347}
348 348
349ieee80211_txrx_result 349ieee80211_tx_result
350ieee80211_crypto_wep_encrypt(struct ieee80211_txrx_data *tx) 350ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx)
351{ 351{
352 tx->u.tx.control->iv_len = WEP_IV_LEN; 352 tx->control->iv_len = WEP_IV_LEN;
353 tx->u.tx.control->icv_len = WEP_ICV_LEN; 353 tx->control->icv_len = WEP_ICV_LEN;
354 ieee80211_tx_set_iswep(tx); 354 ieee80211_tx_set_protected(tx);
355 355
356 if (wep_encrypt_skb(tx, tx->skb) < 0) { 356 if (wep_encrypt_skb(tx, tx->skb) < 0) {
357 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep); 357 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep);
358 return TXRX_DROP; 358 return TX_DROP;
359 } 359 }
360 360
361 if (tx->u.tx.extra_frag) { 361 if (tx->extra_frag) {
362 int i; 362 int i;
363 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 363 for (i = 0; i < tx->num_extra_frag; i++) {
364 if (wep_encrypt_skb(tx, tx->u.tx.extra_frag[i]) < 0) { 364 if (wep_encrypt_skb(tx, tx->extra_frag[i]) < 0) {
365 I802_DEBUG_INC(tx->local-> 365 I802_DEBUG_INC(tx->local->
366 tx_handlers_drop_wep); 366 tx_handlers_drop_wep);
367 return TXRX_DROP; 367 return TX_DROP;
368 } 368 }
369 } 369 }
370 } 370 }
371 371
372 return TXRX_CONTINUE; 372 return TX_CONTINUE;
373} 373}
diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h
index 785fbb4e0dd7..9f723938b63f 100644
--- a/net/mac80211/wep.h
+++ b/net/mac80211/wep.h
@@ -28,9 +28,9 @@ int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
28 struct ieee80211_key *key); 28 struct ieee80211_key *key);
29u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key); 29u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
30 30
31ieee80211_txrx_result 31ieee80211_rx_result
32ieee80211_crypto_wep_decrypt(struct ieee80211_txrx_data *rx); 32ieee80211_crypto_wep_decrypt(struct ieee80211_rx_data *rx);
33ieee80211_txrx_result 33ieee80211_tx_result
34ieee80211_crypto_wep_encrypt(struct ieee80211_txrx_data *tx); 34ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx);
35 35
36#endif /* WEP_H */ 36#endif /* WEP_H */
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index 4e236599dd31..4e94e4026e78 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -19,10 +19,13 @@
19#include "wme.h" 19#include "wme.h"
20 20
21/* maximum number of hardware queues we support. */ 21/* maximum number of hardware queues we support. */
22#define TC_80211_MAX_QUEUES 8 22#define TC_80211_MAX_QUEUES 16
23
24const int ieee802_1d_to_ac[8] = { 2, 3, 3, 2, 1, 1, 0, 0 };
23 25
24struct ieee80211_sched_data 26struct ieee80211_sched_data
25{ 27{
28 unsigned long qdisc_pool[BITS_TO_LONGS(TC_80211_MAX_QUEUES)];
26 struct tcf_proto *filter_list; 29 struct tcf_proto *filter_list;
27 struct Qdisc *queues[TC_80211_MAX_QUEUES]; 30 struct Qdisc *queues[TC_80211_MAX_QUEUES];
28 struct sk_buff_head requeued[TC_80211_MAX_QUEUES]; 31 struct sk_buff_head requeued[TC_80211_MAX_QUEUES];
@@ -98,7 +101,6 @@ static inline int classify80211(struct sk_buff *skb, struct Qdisc *qd)
98 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 101 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
99 unsigned short fc = le16_to_cpu(hdr->frame_control); 102 unsigned short fc = le16_to_cpu(hdr->frame_control);
100 int qos; 103 int qos;
101 const int ieee802_1d_to_ac[8] = { 2, 3, 3, 2, 1, 1, 0, 0 };
102 104
103 /* see if frame is data or non data frame */ 105 /* see if frame is data or non data frame */
104 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) { 106 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) {
@@ -146,9 +148,26 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
146 unsigned short fc = le16_to_cpu(hdr->frame_control); 148 unsigned short fc = le16_to_cpu(hdr->frame_control);
147 struct Qdisc *qdisc; 149 struct Qdisc *qdisc;
148 int err, queue; 150 int err, queue;
151 struct sta_info *sta;
152 u8 tid;
149 153
150 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE) { 154 if (pkt_data->flags & IEEE80211_TXPD_REQUEUE) {
151 skb_queue_tail(&q->requeued[pkt_data->queue], skb); 155 queue = pkt_data->queue;
156 rcu_read_lock();
157 sta = sta_info_get(local, hdr->addr1);
158 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
159 if (sta) {
160 int ampdu_queue = sta->tid_to_tx_q[tid];
161 if ((ampdu_queue < local->hw.queues) &&
162 test_bit(ampdu_queue, q->qdisc_pool)) {
163 queue = ampdu_queue;
164 pkt_data->flags |= IEEE80211_TXPD_AMPDU;
165 } else {
166 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU;
167 }
168 }
169 rcu_read_unlock();
170 skb_queue_tail(&q->requeued[queue], skb);
152 qd->q.qlen++; 171 qd->q.qlen++;
153 return 0; 172 return 0;
154 } 173 }
@@ -159,14 +178,31 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
159 */ 178 */
160 if (WLAN_FC_IS_QOS_DATA(fc)) { 179 if (WLAN_FC_IS_QOS_DATA(fc)) {
161 u8 *p = skb->data + ieee80211_get_hdrlen(fc) - 2; 180 u8 *p = skb->data + ieee80211_get_hdrlen(fc) - 2;
162 u8 qos_hdr = skb->priority & QOS_CONTROL_TAG1D_MASK; 181 u8 ack_policy = 0;
182 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
163 if (local->wifi_wme_noack_test) 183 if (local->wifi_wme_noack_test)
164 qos_hdr |= QOS_CONTROL_ACK_POLICY_NOACK << 184 ack_policy |= QOS_CONTROL_ACK_POLICY_NOACK <<
165 QOS_CONTROL_ACK_POLICY_SHIFT; 185 QOS_CONTROL_ACK_POLICY_SHIFT;
166 /* qos header is 2 bytes, second reserved */ 186 /* qos header is 2 bytes, second reserved */
167 *p = qos_hdr; 187 *p = ack_policy | tid;
168 p++; 188 p++;
169 *p = 0; 189 *p = 0;
190
191 rcu_read_lock();
192
193 sta = sta_info_get(local, hdr->addr1);
194 if (sta) {
195 int ampdu_queue = sta->tid_to_tx_q[tid];
196 if ((ampdu_queue < local->hw.queues) &&
197 test_bit(ampdu_queue, q->qdisc_pool)) {
198 queue = ampdu_queue;
199 pkt_data->flags |= IEEE80211_TXPD_AMPDU;
200 } else {
201 pkt_data->flags &= ~IEEE80211_TXPD_AMPDU;
202 }
203 }
204
205 rcu_read_unlock();
170 } 206 }
171 207
172 if (unlikely(queue >= local->hw.queues)) { 208 if (unlikely(queue >= local->hw.queues)) {
@@ -184,6 +220,7 @@ static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
184 kfree_skb(skb); 220 kfree_skb(skb);
185 err = NET_XMIT_DROP; 221 err = NET_XMIT_DROP;
186 } else { 222 } else {
223 tid = skb->priority & QOS_CONTROL_TAG1D_MASK;
187 pkt_data->queue = (unsigned int) queue; 224 pkt_data->queue = (unsigned int) queue;
188 qdisc = q->queues[queue]; 225 qdisc = q->queues[queue];
189 err = qdisc->enqueue(skb, qdisc); 226 err = qdisc->enqueue(skb, qdisc);
@@ -235,10 +272,11 @@ static struct sk_buff *wme_qdiscop_dequeue(struct Qdisc* qd)
235 /* check all the h/w queues in numeric/priority order */ 272 /* check all the h/w queues in numeric/priority order */
236 for (queue = 0; queue < hw->queues; queue++) { 273 for (queue = 0; queue < hw->queues; queue++) {
237 /* see if there is room in this hardware queue */ 274 /* see if there is room in this hardware queue */
238 if (test_bit(IEEE80211_LINK_STATE_XOFF, 275 if ((test_bit(IEEE80211_LINK_STATE_XOFF,
239 &local->state[queue]) || 276 &local->state[queue])) ||
240 test_bit(IEEE80211_LINK_STATE_PENDING, 277 (test_bit(IEEE80211_LINK_STATE_PENDING,
241 &local->state[queue])) 278 &local->state[queue])) ||
279 (!test_bit(queue, q->qdisc_pool)))
242 continue; 280 continue;
243 281
244 /* there is space - try and get a frame */ 282 /* there is space - try and get a frame */
@@ -360,6 +398,10 @@ static int wme_qdiscop_init(struct Qdisc *qd, struct nlattr *opt)
360 } 398 }
361 } 399 }
362 400
401 /* reserve all legacy QoS queues */
402 for (i = 0; i < min(IEEE80211_TX_QUEUE_DATA4, queues); i++)
403 set_bit(i, q->qdisc_pool);
404
363 return err; 405 return err;
364} 406}
365 407
@@ -605,3 +647,80 @@ void ieee80211_wme_unregister(void)
605{ 647{
606 unregister_qdisc(&wme_qdisc_ops); 648 unregister_qdisc(&wme_qdisc_ops);
607} 649}
650
651int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
652 struct sta_info *sta, u16 tid)
653{
654 int i;
655 struct ieee80211_sched_data *q =
656 qdisc_priv(local->mdev->qdisc_sleeping);
657 DECLARE_MAC_BUF(mac);
658
659 /* prepare the filter and save it for the SW queue
660 * matching the recieved HW queue */
661
662 /* try to get a Qdisc from the pool */
663 for (i = IEEE80211_TX_QUEUE_BEACON; i < local->hw.queues; i++)
664 if (!test_and_set_bit(i, q->qdisc_pool)) {
665 ieee80211_stop_queue(local_to_hw(local), i);
666 sta->tid_to_tx_q[tid] = i;
667
668 /* IF there are already pending packets
669 * on this tid first we need to drain them
670 * on the previous queue
671 * since HT is strict in order */
672#ifdef CONFIG_MAC80211_HT_DEBUG
673 if (net_ratelimit())
674 printk(KERN_DEBUG "allocated aggregation queue"
675 " %d tid %d addr %s pool=0x%lX",
676 i, tid, print_mac(mac, sta->addr),
677 q->qdisc_pool[0]);
678#endif /* CONFIG_MAC80211_HT_DEBUG */
679 return 0;
680 }
681
682 return -EAGAIN;
683}
684
685/**
686 * the caller needs to hold local->mdev->queue_lock
687 */
688void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
689 struct sta_info *sta, u16 tid,
690 u8 requeue)
691{
692 struct ieee80211_sched_data *q =
693 qdisc_priv(local->mdev->qdisc_sleeping);
694 int agg_queue = sta->tid_to_tx_q[tid];
695
696 /* return the qdisc to the pool */
697 clear_bit(agg_queue, q->qdisc_pool);
698 sta->tid_to_tx_q[tid] = local->hw.queues;
699
700 if (requeue)
701 ieee80211_requeue(local, agg_queue);
702 else
703 q->queues[agg_queue]->ops->reset(q->queues[agg_queue]);
704}
705
706void ieee80211_requeue(struct ieee80211_local *local, int queue)
707{
708 struct Qdisc *root_qd = local->mdev->qdisc_sleeping;
709 struct ieee80211_sched_data *q = qdisc_priv(root_qd);
710 struct Qdisc *qdisc = q->queues[queue];
711 struct sk_buff *skb = NULL;
712 u32 len = qdisc->q.qlen;
713
714 if (!qdisc || !qdisc->dequeue)
715 return;
716
717 printk(KERN_DEBUG "requeue: qlen = %d\n", qdisc->q.qlen);
718 for (len = qdisc->q.qlen; len > 0; len--) {
719 skb = qdisc->dequeue(qdisc);
720 root_qd->q.qlen--;
721 /* packet will be classified again and */
722 /* skb->packet_data->queue will be overridden if needed */
723 if (skb)
724 wme_qdiscop_enqueue(skb, root_qd);
725 }
726}
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
index 76c713a6450c..fcc6b05508cc 100644
--- a/net/mac80211/wme.h
+++ b/net/mac80211/wme.h
@@ -24,6 +24,8 @@
24 24
25#define QOS_CONTROL_TAG1D_MASK 0x07 25#define QOS_CONTROL_TAG1D_MASK 0x07
26 26
27extern const int ieee802_1d_to_ac[8];
28
27static inline int WLAN_FC_IS_QOS_DATA(u16 fc) 29static inline int WLAN_FC_IS_QOS_DATA(u16 fc)
28{ 30{
29 return (fc & 0x8C) == 0x88; 31 return (fc & 0x8C) == 0x88;
@@ -32,7 +34,12 @@ static inline int WLAN_FC_IS_QOS_DATA(u16 fc)
32#ifdef CONFIG_NET_SCHED 34#ifdef CONFIG_NET_SCHED
33void ieee80211_install_qdisc(struct net_device *dev); 35void ieee80211_install_qdisc(struct net_device *dev);
34int ieee80211_qdisc_installed(struct net_device *dev); 36int ieee80211_qdisc_installed(struct net_device *dev);
35 37int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
38 struct sta_info *sta, u16 tid);
39void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
40 struct sta_info *sta, u16 tid,
41 u8 requeue);
42void ieee80211_requeue(struct ieee80211_local *local, int queue);
36int ieee80211_wme_register(void); 43int ieee80211_wme_register(void);
37void ieee80211_wme_unregister(void); 44void ieee80211_wme_unregister(void);
38#else 45#else
@@ -43,7 +50,19 @@ static inline int ieee80211_qdisc_installed(struct net_device *dev)
43{ 50{
44 return 0; 51 return 0;
45} 52}
46 53static inline int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
54 struct sta_info *sta, u16 tid)
55{
56 return -EAGAIN;
57}
58static inline void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
59 struct sta_info *sta, u16 tid,
60 u8 requeue)
61{
62}
63static inline void ieee80211_requeue(struct ieee80211_local *local, int queue)
64{
65}
47static inline int ieee80211_wme_register(void) 66static inline int ieee80211_wme_register(void)
48{ 67{
49 return 0; 68 return 0;
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 6f04311cf0a0..45709ada8fee 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -70,8 +70,8 @@ static int ieee80211_get_hdr_info(const struct sk_buff *skb, u8 **sa, u8 **da,
70} 70}
71 71
72 72
73ieee80211_txrx_result 73ieee80211_tx_result
74ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx) 74ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx)
75{ 75{
76 u8 *data, *sa, *da, *key, *mic, qos_tid; 76 u8 *data, *sa, *da, *key, *mic, qos_tid;
77 size_t data_len; 77 size_t data_len;
@@ -84,18 +84,18 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx)
84 84
85 if (!tx->key || tx->key->conf.alg != ALG_TKIP || skb->len < 24 || 85 if (!tx->key || tx->key->conf.alg != ALG_TKIP || skb->len < 24 ||
86 !WLAN_FC_DATA_PRESENT(fc)) 86 !WLAN_FC_DATA_PRESENT(fc))
87 return TXRX_CONTINUE; 87 return TX_CONTINUE;
88 88
89 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len)) 89 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len))
90 return TXRX_DROP; 90 return TX_DROP;
91 91
92 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 92 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
93 !(tx->flags & IEEE80211_TXRXD_FRAGMENTED) && 93 !(tx->flags & IEEE80211_TX_FRAGMENTED) &&
94 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) && 94 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) &&
95 !wpa_test) { 95 !wpa_test) {
96 /* hwaccel - with no need for preallocated room for Michael MIC 96 /* hwaccel - with no need for preallocated room for Michael MIC
97 */ 97 */
98 return TXRX_CONTINUE; 98 return TX_CONTINUE;
99 } 99 }
100 100
101 if (skb_tailroom(skb) < MICHAEL_MIC_LEN) { 101 if (skb_tailroom(skb) < MICHAEL_MIC_LEN) {
@@ -105,7 +105,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx)
105 GFP_ATOMIC))) { 105 GFP_ATOMIC))) {
106 printk(KERN_DEBUG "%s: failed to allocate more memory " 106 printk(KERN_DEBUG "%s: failed to allocate more memory "
107 "for Michael MIC\n", tx->dev->name); 107 "for Michael MIC\n", tx->dev->name);
108 return TXRX_DROP; 108 return TX_DROP;
109 } 109 }
110 } 110 }
111 111
@@ -119,12 +119,12 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx)
119 mic = skb_put(skb, MICHAEL_MIC_LEN); 119 mic = skb_put(skb, MICHAEL_MIC_LEN);
120 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic); 120 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
121 121
122 return TXRX_CONTINUE; 122 return TX_CONTINUE;
123} 123}
124 124
125 125
126ieee80211_txrx_result 126ieee80211_rx_result
127ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx) 127ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
128{ 128{
129 u8 *data, *sa, *da, *key = NULL, qos_tid; 129 u8 *data, *sa, *da, *key = NULL, qos_tid;
130 size_t data_len; 130 size_t data_len;
@@ -139,16 +139,16 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
139 /* 139 /*
140 * No way to verify the MIC if the hardware stripped it 140 * No way to verify the MIC if the hardware stripped it
141 */ 141 */
142 if (rx->u.rx.status->flag & RX_FLAG_MMIC_STRIPPED) 142 if (rx->status->flag & RX_FLAG_MMIC_STRIPPED)
143 return TXRX_CONTINUE; 143 return RX_CONTINUE;
144 144
145 if (!rx->key || rx->key->conf.alg != ALG_TKIP || 145 if (!rx->key || rx->key->conf.alg != ALG_TKIP ||
146 !(rx->fc & IEEE80211_FCTL_PROTECTED) || !WLAN_FC_DATA_PRESENT(fc)) 146 !(rx->fc & IEEE80211_FCTL_PROTECTED) || !WLAN_FC_DATA_PRESENT(fc))
147 return TXRX_CONTINUE; 147 return RX_CONTINUE;
148 148
149 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len) 149 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len)
150 || data_len < MICHAEL_MIC_LEN) 150 || data_len < MICHAEL_MIC_LEN)
151 return TXRX_DROP; 151 return RX_DROP_UNUSABLE;
152 152
153 data_len -= MICHAEL_MIC_LEN; 153 data_len -= MICHAEL_MIC_LEN;
154 154
@@ -161,29 +161,29 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
161 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY]; 161 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];
162 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic); 162 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
163 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) { 163 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) {
164 if (!(rx->flags & IEEE80211_TXRXD_RXRA_MATCH)) 164 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
165 return TXRX_DROP; 165 return RX_DROP_UNUSABLE;
166 166
167 printk(KERN_DEBUG "%s: invalid Michael MIC in data frame from " 167 printk(KERN_DEBUG "%s: invalid Michael MIC in data frame from "
168 "%s\n", rx->dev->name, print_mac(mac, sa)); 168 "%s\n", rx->dev->name, print_mac(mac, sa));
169 169
170 mac80211_ev_michael_mic_failure(rx->dev, rx->key->conf.keyidx, 170 mac80211_ev_michael_mic_failure(rx->dev, rx->key->conf.keyidx,
171 (void *) skb->data); 171 (void *) skb->data);
172 return TXRX_DROP; 172 return RX_DROP_UNUSABLE;
173 } 173 }
174 174
175 /* remove Michael MIC from payload */ 175 /* remove Michael MIC from payload */
176 skb_trim(skb, skb->len - MICHAEL_MIC_LEN); 176 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
177 177
178 /* update IV in key information to be able to detect replays */ 178 /* update IV in key information to be able to detect replays */
179 rx->key->u.tkip.iv32_rx[rx->u.rx.queue] = rx->u.rx.tkip_iv32; 179 rx->key->u.tkip.iv32_rx[rx->queue] = rx->tkip_iv32;
180 rx->key->u.tkip.iv16_rx[rx->u.rx.queue] = rx->u.rx.tkip_iv16; 180 rx->key->u.tkip.iv16_rx[rx->queue] = rx->tkip_iv16;
181 181
182 return TXRX_CONTINUE; 182 return RX_CONTINUE;
183} 183}
184 184
185 185
186static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx, 186static int tkip_encrypt_skb(struct ieee80211_tx_data *tx,
187 struct sk_buff *skb, int test) 187 struct sk_buff *skb, int test)
188{ 188{
189 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 189 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -228,7 +228,7 @@ static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx,
228 0x7f), 228 0x7f),
229 (u8) key->u.tkip.iv16); 229 (u8) key->u.tkip.iv16);
230 230
231 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 231 tx->control->key_idx = tx->key->conf.hw_key_idx;
232 return 0; 232 return 0;
233 } 233 }
234 234
@@ -242,42 +242,42 @@ static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx,
242} 242}
243 243
244 244
245ieee80211_txrx_result 245ieee80211_tx_result
246ieee80211_crypto_tkip_encrypt(struct ieee80211_txrx_data *tx) 246ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx)
247{ 247{
248 struct sk_buff *skb = tx->skb; 248 struct sk_buff *skb = tx->skb;
249 int wpa_test = 0, test = 0; 249 int wpa_test = 0, test = 0;
250 250
251 tx->u.tx.control->icv_len = TKIP_ICV_LEN; 251 tx->control->icv_len = TKIP_ICV_LEN;
252 tx->u.tx.control->iv_len = TKIP_IV_LEN; 252 tx->control->iv_len = TKIP_IV_LEN;
253 ieee80211_tx_set_iswep(tx); 253 ieee80211_tx_set_protected(tx);
254 254
255 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 255 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
256 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) && 256 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
257 !wpa_test) { 257 !wpa_test) {
258 /* hwaccel - with no need for preallocated room for IV/ICV */ 258 /* hwaccel - with no need for preallocated room for IV/ICV */
259 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 259 tx->control->key_idx = tx->key->conf.hw_key_idx;
260 return TXRX_CONTINUE; 260 return TX_CONTINUE;
261 } 261 }
262 262
263 if (tkip_encrypt_skb(tx, skb, test) < 0) 263 if (tkip_encrypt_skb(tx, skb, test) < 0)
264 return TXRX_DROP; 264 return TX_DROP;
265 265
266 if (tx->u.tx.extra_frag) { 266 if (tx->extra_frag) {
267 int i; 267 int i;
268 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 268 for (i = 0; i < tx->num_extra_frag; i++) {
269 if (tkip_encrypt_skb(tx, tx->u.tx.extra_frag[i], test) 269 if (tkip_encrypt_skb(tx, tx->extra_frag[i], test)
270 < 0) 270 < 0)
271 return TXRX_DROP; 271 return TX_DROP;
272 } 272 }
273 } 273 }
274 274
275 return TXRX_CONTINUE; 275 return TX_CONTINUE;
276} 276}
277 277
278 278
279ieee80211_txrx_result 279ieee80211_rx_result
280ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx) 280ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx)
281{ 281{
282 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 282 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
283 u16 fc; 283 u16 fc;
@@ -290,19 +290,19 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx)
290 hdrlen = ieee80211_get_hdrlen(fc); 290 hdrlen = ieee80211_get_hdrlen(fc);
291 291
292 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) 292 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
293 return TXRX_CONTINUE; 293 return RX_CONTINUE;
294 294
295 if (!rx->sta || skb->len - hdrlen < 12) 295 if (!rx->sta || skb->len - hdrlen < 12)
296 return TXRX_DROP; 296 return RX_DROP_UNUSABLE;
297 297
298 if (rx->u.rx.status->flag & RX_FLAG_DECRYPTED) { 298 if (rx->status->flag & RX_FLAG_DECRYPTED) {
299 if (rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED) { 299 if (rx->status->flag & RX_FLAG_IV_STRIPPED) {
300 /* 300 /*
301 * Hardware took care of all processing, including 301 * Hardware took care of all processing, including
302 * replay protection, and stripped the ICV/IV so 302 * replay protection, and stripped the ICV/IV so
303 * we cannot do any checks here. 303 * we cannot do any checks here.
304 */ 304 */
305 return TXRX_CONTINUE; 305 return RX_CONTINUE;
306 } 306 }
307 307
308 /* let TKIP code verify IV, but skip decryption */ 308 /* let TKIP code verify IV, but skip decryption */
@@ -312,9 +312,9 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx)
312 res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm, 312 res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm,
313 key, skb->data + hdrlen, 313 key, skb->data + hdrlen,
314 skb->len - hdrlen, rx->sta->addr, 314 skb->len - hdrlen, rx->sta->addr,
315 hwaccel, rx->u.rx.queue, 315 hdr->addr1, hwaccel, rx->queue,
316 &rx->u.rx.tkip_iv32, 316 &rx->tkip_iv32,
317 &rx->u.rx.tkip_iv16); 317 &rx->tkip_iv16);
318 if (res != TKIP_DECRYPT_OK || wpa_test) { 318 if (res != TKIP_DECRYPT_OK || wpa_test) {
319#ifdef CONFIG_MAC80211_DEBUG 319#ifdef CONFIG_MAC80211_DEBUG
320 if (net_ratelimit()) 320 if (net_ratelimit())
@@ -322,7 +322,7 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx)
322 "frame from %s (res=%d)\n", rx->dev->name, 322 "frame from %s (res=%d)\n", rx->dev->name,
323 print_mac(mac, rx->sta->addr), res); 323 print_mac(mac, rx->sta->addr), res);
324#endif /* CONFIG_MAC80211_DEBUG */ 324#endif /* CONFIG_MAC80211_DEBUG */
325 return TXRX_DROP; 325 return RX_DROP_UNUSABLE;
326 } 326 }
327 327
328 /* Trim ICV */ 328 /* Trim ICV */
@@ -332,7 +332,7 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx)
332 memmove(skb->data + TKIP_IV_LEN, skb->data, hdrlen); 332 memmove(skb->data + TKIP_IV_LEN, skb->data, hdrlen);
333 skb_pull(skb, TKIP_IV_LEN); 333 skb_pull(skb, TKIP_IV_LEN);
334 334
335 return TXRX_CONTINUE; 335 return RX_CONTINUE;
336} 336}
337 337
338 338
@@ -429,7 +429,7 @@ static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr)
429} 429}
430 430
431 431
432static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx, 432static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx,
433 struct sk_buff *skb, int test) 433 struct sk_buff *skb, int test)
434{ 434{
435 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 435 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -478,7 +478,7 @@ static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx,
478 478
479 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 479 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
480 /* hwaccel - with preallocated room for CCMP header */ 480 /* hwaccel - with preallocated room for CCMP header */
481 tx->u.tx.control->key_idx = key->conf.hw_key_idx; 481 tx->control->key_idx = key->conf.hw_key_idx;
482 return 0; 482 return 0;
483 } 483 }
484 484
@@ -491,42 +491,42 @@ static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx,
491} 491}
492 492
493 493
494ieee80211_txrx_result 494ieee80211_tx_result
495ieee80211_crypto_ccmp_encrypt(struct ieee80211_txrx_data *tx) 495ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
496{ 496{
497 struct sk_buff *skb = tx->skb; 497 struct sk_buff *skb = tx->skb;
498 int test = 0; 498 int test = 0;
499 499
500 tx->u.tx.control->icv_len = CCMP_MIC_LEN; 500 tx->control->icv_len = CCMP_MIC_LEN;
501 tx->u.tx.control->iv_len = CCMP_HDR_LEN; 501 tx->control->iv_len = CCMP_HDR_LEN;
502 ieee80211_tx_set_iswep(tx); 502 ieee80211_tx_set_protected(tx);
503 503
504 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 504 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
505 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) { 505 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
506 /* hwaccel - with no need for preallocated room for CCMP " 506 /* hwaccel - with no need for preallocated room for CCMP "
507 * header or MIC fields */ 507 * header or MIC fields */
508 tx->u.tx.control->key_idx = tx->key->conf.hw_key_idx; 508 tx->control->key_idx = tx->key->conf.hw_key_idx;
509 return TXRX_CONTINUE; 509 return TX_CONTINUE;
510 } 510 }
511 511
512 if (ccmp_encrypt_skb(tx, skb, test) < 0) 512 if (ccmp_encrypt_skb(tx, skb, test) < 0)
513 return TXRX_DROP; 513 return TX_DROP;
514 514
515 if (tx->u.tx.extra_frag) { 515 if (tx->extra_frag) {
516 int i; 516 int i;
517 for (i = 0; i < tx->u.tx.num_extra_frag; i++) { 517 for (i = 0; i < tx->num_extra_frag; i++) {
518 if (ccmp_encrypt_skb(tx, tx->u.tx.extra_frag[i], test) 518 if (ccmp_encrypt_skb(tx, tx->extra_frag[i], test)
519 < 0) 519 < 0)
520 return TXRX_DROP; 520 return TX_DROP;
521 } 521 }
522 } 522 }
523 523
524 return TXRX_CONTINUE; 524 return TX_CONTINUE;
525} 525}
526 526
527 527
528ieee80211_txrx_result 528ieee80211_rx_result
529ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx) 529ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
530{ 530{
531 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data; 531 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
532 u16 fc; 532 u16 fc;
@@ -541,21 +541,21 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx)
541 hdrlen = ieee80211_get_hdrlen(fc); 541 hdrlen = ieee80211_get_hdrlen(fc);
542 542
543 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) 543 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
544 return TXRX_CONTINUE; 544 return RX_CONTINUE;
545 545
546 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN; 546 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
547 if (!rx->sta || data_len < 0) 547 if (!rx->sta || data_len < 0)
548 return TXRX_DROP; 548 return RX_DROP_UNUSABLE;
549 549
550 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) && 550 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
551 (rx->u.rx.status->flag & RX_FLAG_IV_STRIPPED)) 551 (rx->status->flag & RX_FLAG_IV_STRIPPED))
552 return TXRX_CONTINUE; 552 return RX_CONTINUE;
553 553
554 (void) ccmp_hdr2pn(pn, skb->data + hdrlen); 554 (void) ccmp_hdr2pn(pn, skb->data + hdrlen);
555 555
556 if (memcmp(pn, key->u.ccmp.rx_pn[rx->u.rx.queue], CCMP_PN_LEN) <= 0) { 556 if (memcmp(pn, key->u.ccmp.rx_pn[rx->queue], CCMP_PN_LEN) <= 0) {
557#ifdef CONFIG_MAC80211_DEBUG 557#ifdef CONFIG_MAC80211_DEBUG
558 u8 *ppn = key->u.ccmp.rx_pn[rx->u.rx.queue]; 558 u8 *ppn = key->u.ccmp.rx_pn[rx->queue];
559 559
560 printk(KERN_DEBUG "%s: CCMP replay detected for RX frame from " 560 printk(KERN_DEBUG "%s: CCMP replay detected for RX frame from "
561 "%s (RX PN %02x%02x%02x%02x%02x%02x <= prev. PN " 561 "%s (RX PN %02x%02x%02x%02x%02x%02x <= prev. PN "
@@ -565,10 +565,10 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx)
565 ppn[0], ppn[1], ppn[2], ppn[3], ppn[4], ppn[5]); 565 ppn[0], ppn[1], ppn[2], ppn[3], ppn[4], ppn[5]);
566#endif /* CONFIG_MAC80211_DEBUG */ 566#endif /* CONFIG_MAC80211_DEBUG */
567 key->u.ccmp.replays++; 567 key->u.ccmp.replays++;
568 return TXRX_DROP; 568 return RX_DROP_UNUSABLE;
569 } 569 }
570 570
571 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED)) { 571 if (!(rx->status->flag & RX_FLAG_DECRYPTED)) {
572 /* hardware didn't decrypt/verify MIC */ 572 /* hardware didn't decrypt/verify MIC */
573 u8 *scratch, *b_0, *aad; 573 u8 *scratch, *b_0, *aad;
574 574
@@ -589,16 +589,16 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx)
589 "for RX frame from %s\n", rx->dev->name, 589 "for RX frame from %s\n", rx->dev->name,
590 print_mac(mac, rx->sta->addr)); 590 print_mac(mac, rx->sta->addr));
591#endif /* CONFIG_MAC80211_DEBUG */ 591#endif /* CONFIG_MAC80211_DEBUG */
592 return TXRX_DROP; 592 return RX_DROP_UNUSABLE;
593 } 593 }
594 } 594 }
595 595
596 memcpy(key->u.ccmp.rx_pn[rx->u.rx.queue], pn, CCMP_PN_LEN); 596 memcpy(key->u.ccmp.rx_pn[rx->queue], pn, CCMP_PN_LEN);
597 597
598 /* Remove CCMP header and MIC */ 598 /* Remove CCMP header and MIC */
599 skb_trim(skb, skb->len - CCMP_MIC_LEN); 599 skb_trim(skb, skb->len - CCMP_MIC_LEN);
600 memmove(skb->data + CCMP_HDR_LEN, skb->data, hdrlen); 600 memmove(skb->data + CCMP_HDR_LEN, skb->data, hdrlen);
601 skb_pull(skb, CCMP_HDR_LEN); 601 skb_pull(skb, CCMP_HDR_LEN);
602 602
603 return TXRX_CONTINUE; 603 return RX_CONTINUE;
604} 604}
diff --git a/net/mac80211/wpa.h b/net/mac80211/wpa.h
index 49d80cf0cd75..d42d221d8a1d 100644
--- a/net/mac80211/wpa.h
+++ b/net/mac80211/wpa.h
@@ -13,19 +13,19 @@
13#include <linux/types.h> 13#include <linux/types.h>
14#include "ieee80211_i.h" 14#include "ieee80211_i.h"
15 15
16ieee80211_txrx_result 16ieee80211_tx_result
17ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx); 17ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx);
18ieee80211_txrx_result 18ieee80211_rx_result
19ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx); 19ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx);
20 20
21ieee80211_txrx_result 21ieee80211_tx_result
22ieee80211_crypto_tkip_encrypt(struct ieee80211_txrx_data *tx); 22ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx);
23ieee80211_txrx_result 23ieee80211_rx_result
24ieee80211_crypto_tkip_decrypt(struct ieee80211_txrx_data *rx); 24ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx);
25 25
26ieee80211_txrx_result 26ieee80211_tx_result
27ieee80211_crypto_ccmp_encrypt(struct ieee80211_txrx_data *tx); 27ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx);
28ieee80211_txrx_result 28ieee80211_rx_result
29ieee80211_crypto_ccmp_decrypt(struct ieee80211_txrx_data *rx); 29ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx);
30 30
31#endif /* WPA_H */ 31#endif /* WPA_H */
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-24 20:20:56 -0500