aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/Makefile6
-rw-r--r--net/mac80211/aes_cmac.c135
-rw-r--r--net/mac80211/aes_cmac.h19
-rw-r--r--net/mac80211/agg-rx.c302
-rw-r--r--net/mac80211/agg-tx.c701
-rw-r--r--net/mac80211/cfg.c170
-rw-r--r--net/mac80211/debugfs.c59
-rw-r--r--net/mac80211/debugfs_key.c79
-rw-r--r--net/mac80211/debugfs_key.h10
-rw-r--r--net/mac80211/debugfs_netdev.c48
-rw-r--r--net/mac80211/debugfs_sta.c5
-rw-r--r--net/mac80211/ht.c903
-rw-r--r--net/mac80211/ibss.c907
-rw-r--r--net/mac80211/ieee80211_i.h278
-rw-r--r--net/mac80211/iface.c168
-rw-r--r--net/mac80211/key.c115
-rw-r--r--net/mac80211/key.h16
-rw-r--r--net/mac80211/main.c172
-rw-r--r--net/mac80211/mesh.c15
-rw-r--r--net/mac80211/mesh.h10
-rw-r--r--net/mac80211/mesh_hwmp.c7
-rw-r--r--net/mac80211/mesh_plink.c38
-rw-r--r--net/mac80211/mlme.c1885
-rw-r--r--net/mac80211/pm.c117
-rw-r--r--net/mac80211/rate.h12
-rw-r--r--net/mac80211/rx.c406
-rw-r--r--net/mac80211/scan.c688
-rw-r--r--net/mac80211/spectmgmt.c103
-rw-r--r--net/mac80211/sta_info.c52
-rw-r--r--net/mac80211/sta_info.h13
-rw-r--r--net/mac80211/tx.c124
-rw-r--r--net/mac80211/util.c267
-rw-r--r--net/mac80211/wext.c467
-rw-r--r--net/mac80211/wme.c170
-rw-r--r--net/mac80211/wme.h6
-rw-r--r--net/mac80211/wpa.c152
-rw-r--r--net/mac80211/wpa.h5
37 files changed, 5130 insertions, 3500 deletions
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 7d4971aa443f..0e3ab88bb706 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -8,13 +8,15 @@ mac80211-y := \
8 wep.o \ 8 wep.o \
9 wpa.o \ 9 wpa.o \
10 scan.o \ 10 scan.o \
11 ht.o \ 11 ht.o agg-tx.o agg-rx.o \
12 ibss.o \
12 mlme.o \ 13 mlme.o \
13 iface.o \ 14 iface.o \
14 rate.o \ 15 rate.o \
15 michael.o \ 16 michael.o \
16 tkip.o \ 17 tkip.o \
17 aes_ccm.o \ 18 aes_ccm.o \
19 aes_cmac.o \
18 cfg.o \ 20 cfg.o \
19 rx.o \ 21 rx.o \
20 spectmgmt.o \ 22 spectmgmt.o \
@@ -37,6 +39,8 @@ mac80211-$(CONFIG_MAC80211_MESH) += \
37 mesh_plink.o \ 39 mesh_plink.o \
38 mesh_hwmp.o 40 mesh_hwmp.o
39 41
42mac80211-$(CONFIG_PM) += pm.o
43
40# objects for PID algorithm 44# objects for PID algorithm
41rc80211_pid-y := rc80211_pid_algo.o 45rc80211_pid-y := rc80211_pid_algo.o
42rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o 46rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o
diff --git a/net/mac80211/aes_cmac.c b/net/mac80211/aes_cmac.c
new file mode 100644
index 000000000000..3d097b3d7b62
--- /dev/null
+++ b/net/mac80211/aes_cmac.c
@@ -0,0 +1,135 @@
1/*
2 * AES-128-CMAC with TLen 16 for IEEE 802.11w BIP
3 * Copyright 2008, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/kernel.h>
11#include <linux/types.h>
12#include <linux/crypto.h>
13#include <linux/err.h>
14
15#include <net/mac80211.h>
16#include "key.h"
17#include "aes_cmac.h"
18
19#define AES_BLOCK_SIZE 16
20#define AES_CMAC_KEY_LEN 16
21#define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */
22#define AAD_LEN 20
23
24
25static void gf_mulx(u8 *pad)
26{
27 int i, carry;
28
29 carry = pad[0] & 0x80;
30 for (i = 0; i < AES_BLOCK_SIZE - 1; i++)
31 pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
32 pad[AES_BLOCK_SIZE - 1] <<= 1;
33 if (carry)
34 pad[AES_BLOCK_SIZE - 1] ^= 0x87;
35}
36
37
38static void aes_128_cmac_vector(struct crypto_cipher *tfm, u8 *scratch,
39 size_t num_elem,
40 const u8 *addr[], const size_t *len, u8 *mac)
41{
42 u8 *cbc, *pad;
43 const u8 *pos, *end;
44 size_t i, e, left, total_len;
45
46 cbc = scratch;
47 pad = scratch + AES_BLOCK_SIZE;
48
49 memset(cbc, 0, AES_BLOCK_SIZE);
50
51 total_len = 0;
52 for (e = 0; e < num_elem; e++)
53 total_len += len[e];
54 left = total_len;
55
56 e = 0;
57 pos = addr[0];
58 end = pos + len[0];
59
60 while (left >= AES_BLOCK_SIZE) {
61 for (i = 0; i < AES_BLOCK_SIZE; i++) {
62 cbc[i] ^= *pos++;
63 if (pos >= end) {
64 e++;
65 pos = addr[e];
66 end = pos + len[e];
67 }
68 }
69 if (left > AES_BLOCK_SIZE)
70 crypto_cipher_encrypt_one(tfm, cbc, cbc);
71 left -= AES_BLOCK_SIZE;
72 }
73
74 memset(pad, 0, AES_BLOCK_SIZE);
75 crypto_cipher_encrypt_one(tfm, pad, pad);
76 gf_mulx(pad);
77
78 if (left || total_len == 0) {
79 for (i = 0; i < left; i++) {
80 cbc[i] ^= *pos++;
81 if (pos >= end) {
82 e++;
83 pos = addr[e];
84 end = pos + len[e];
85 }
86 }
87 cbc[left] ^= 0x80;
88 gf_mulx(pad);
89 }
90
91 for (i = 0; i < AES_BLOCK_SIZE; i++)
92 pad[i] ^= cbc[i];
93 crypto_cipher_encrypt_one(tfm, pad, pad);
94 memcpy(mac, pad, CMAC_TLEN);
95}
96
97
98void ieee80211_aes_cmac(struct crypto_cipher *tfm, u8 *scratch, const u8 *aad,
99 const u8 *data, size_t data_len, u8 *mic)
100{
101 const u8 *addr[3];
102 size_t len[3];
103 u8 zero[CMAC_TLEN];
104
105 memset(zero, 0, CMAC_TLEN);
106 addr[0] = aad;
107 len[0] = AAD_LEN;
108 addr[1] = data;
109 len[1] = data_len - CMAC_TLEN;
110 addr[2] = zero;
111 len[2] = CMAC_TLEN;
112
113 aes_128_cmac_vector(tfm, scratch, 3, addr, len, mic);
114}
115
116
117struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[])
118{
119 struct crypto_cipher *tfm;
120
121 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
122 if (IS_ERR(tfm))
123 return NULL;
124
125 crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
126
127 return tfm;
128}
129
130
131void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm)
132{
133 if (tfm)
134 crypto_free_cipher(tfm);
135}
diff --git a/net/mac80211/aes_cmac.h b/net/mac80211/aes_cmac.h
new file mode 100644
index 000000000000..0eb9a4831508
--- /dev/null
+++ b/net/mac80211/aes_cmac.h
@@ -0,0 +1,19 @@
1/*
2 * Copyright 2008, Jouni Malinen <j@w1.fi>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef AES_CMAC_H
10#define AES_CMAC_H
11
12#include <linux/crypto.h>
13
14struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[]);
15void ieee80211_aes_cmac(struct crypto_cipher *tfm, u8 *scratch, const u8 *aad,
16 const u8 *data, size_t data_len, u8 *mic);
17void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm);
18
19#endif /* AES_CMAC_H */
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
new file mode 100644
index 000000000000..a95affc94629
--- /dev/null
+++ b/net/mac80211/agg-rx.c
@@ -0,0 +1,302 @@
1/*
2 * HT handling
3 *
4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2005, Instant802 Networks, Inc.
6 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2008, Intel Corporation
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
14 */
15
16#include <linux/ieee80211.h>
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19
20void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
21 u16 initiator, u16 reason)
22{
23 struct ieee80211_local *local = sta->local;
24 struct ieee80211_hw *hw = &local->hw;
25 int i;
26
27 /* check if TID is in operational state */
28 spin_lock_bh(&sta->lock);
29 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_OPERATIONAL) {
30 spin_unlock_bh(&sta->lock);
31 return;
32 }
33
34 sta->ampdu_mlme.tid_state_rx[tid] =
35 HT_AGG_STATE_REQ_STOP_BA_MSK |
36 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
37 spin_unlock_bh(&sta->lock);
38
39#ifdef CONFIG_MAC80211_HT_DEBUG
40 printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n",
41 sta->sta.addr, tid);
42#endif /* CONFIG_MAC80211_HT_DEBUG */
43
44 if (local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
45 &sta->sta, tid, NULL))
46 printk(KERN_DEBUG "HW problem - can not stop rx "
47 "aggregation for tid %d\n", tid);
48
49 /* shutdown timer has not expired */
50 if (initiator != WLAN_BACK_TIMER)
51 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
52
53 /* check if this is a self generated aggregation halt */
54 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
55 ieee80211_send_delba(sta->sdata, sta->sta.addr,
56 tid, 0, reason);
57
58 /* free the reordering buffer */
59 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
60 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
61 /* release the reordered frames */
62 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
63 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
64 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
65 }
66 }
67
68 spin_lock_bh(&sta->lock);
69 /* free resources */
70 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
71
72 if (!sta->ampdu_mlme.tid_rx[tid]->shutdown) {
73 kfree(sta->ampdu_mlme.tid_rx[tid]);
74 sta->ampdu_mlme.tid_rx[tid] = NULL;
75 }
76
77 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
78 spin_unlock_bh(&sta->lock);
79}
80
81void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
82 u16 initiator, u16 reason)
83{
84 struct ieee80211_local *local = sdata->local;
85 struct sta_info *sta;
86
87 /* stop HW Rx aggregation. ampdu_action existence
88 * already verified in session init so we add the BUG_ON */
89 BUG_ON(!local->ops->ampdu_action);
90
91 rcu_read_lock();
92
93 sta = sta_info_get(local, ra);
94 if (!sta) {
95 rcu_read_unlock();
96 return;
97 }
98
99 __ieee80211_stop_rx_ba_session(sta, tid, initiator, reason);
100
101 rcu_read_unlock();
102}
103
104/*
105 * After accepting the AddBA Request we activated a timer,
106 * resetting it after each frame that arrives from the originator.
107 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
108 */
109static void sta_rx_agg_session_timer_expired(unsigned long data)
110{
111 /* not an elegant detour, but there is no choice as the timer passes
112 * only one argument, and various sta_info are needed here, so init
113 * flow in sta_info_create gives the TID as data, while the timer_to_id
114 * array gives the sta through container_of */
115 u8 *ptid = (u8 *)data;
116 u8 *timer_to_id = ptid - *ptid;
117 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
118 timer_to_tid[0]);
119
120#ifdef CONFIG_MAC80211_HT_DEBUG
121 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
122#endif
123 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->sta.addr,
124 (u16)*ptid, WLAN_BACK_TIMER,
125 WLAN_REASON_QSTA_TIMEOUT);
126}
127
128static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
129 u8 dialog_token, u16 status, u16 policy,
130 u16 buf_size, u16 timeout)
131{
132 struct ieee80211_local *local = sdata->local;
133 struct sk_buff *skb;
134 struct ieee80211_mgmt *mgmt;
135 u16 capab;
136
137 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
138
139 if (!skb) {
140 printk(KERN_DEBUG "%s: failed to allocate buffer "
141 "for addba resp frame\n", sdata->dev->name);
142 return;
143 }
144
145 skb_reserve(skb, local->hw.extra_tx_headroom);
146 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
147 memset(mgmt, 0, 24);
148 memcpy(mgmt->da, da, ETH_ALEN);
149 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
150 if (sdata->vif.type == NL80211_IFTYPE_AP ||
151 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
152 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
153 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
154 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
155
156 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
157 IEEE80211_STYPE_ACTION);
158
159 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
160 mgmt->u.action.category = WLAN_CATEGORY_BACK;
161 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
162 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
163
164 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
165 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
166 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
167
168 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
169 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
170 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
171
172 ieee80211_tx_skb(sdata, skb, 1);
173}
174
175void ieee80211_process_addba_request(struct ieee80211_local *local,
176 struct sta_info *sta,
177 struct ieee80211_mgmt *mgmt,
178 size_t len)
179{
180 struct ieee80211_hw *hw = &local->hw;
181 struct ieee80211_conf *conf = &hw->conf;
182 struct tid_ampdu_rx *tid_agg_rx;
183 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
184 u8 dialog_token;
185 int ret = -EOPNOTSUPP;
186
187 /* extract session parameters from addba request frame */
188 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
189 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
190 start_seq_num =
191 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
192
193 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
194 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
195 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
196 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
197
198 status = WLAN_STATUS_REQUEST_DECLINED;
199
200 /* sanity check for incoming parameters:
201 * check if configuration can support the BA policy
202 * and if buffer size does not exceeds max value */
203 /* XXX: check own ht delayed BA capability?? */
204 if (((ba_policy != 1)
205 && (!(sta->sta.ht_cap.cap & IEEE80211_HT_CAP_DELAY_BA)))
206 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
207 status = WLAN_STATUS_INVALID_QOS_PARAM;
208#ifdef CONFIG_MAC80211_HT_DEBUG
209 if (net_ratelimit())
210 printk(KERN_DEBUG "AddBA Req with bad params from "
211 "%pM on tid %u. policy %d, buffer size %d\n",
212 mgmt->sa, tid, ba_policy,
213 buf_size);
214#endif /* CONFIG_MAC80211_HT_DEBUG */
215 goto end_no_lock;
216 }
217 /* determine default buffer size */
218 if (buf_size == 0) {
219 struct ieee80211_supported_band *sband;
220
221 sband = local->hw.wiphy->bands[conf->channel->band];
222 buf_size = IEEE80211_MIN_AMPDU_BUF;
223 buf_size = buf_size << sband->ht_cap.ampdu_factor;
224 }
225
226
227 /* examine state machine */
228 spin_lock_bh(&sta->lock);
229
230 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
231#ifdef CONFIG_MAC80211_HT_DEBUG
232 if (net_ratelimit())
233 printk(KERN_DEBUG "unexpected AddBA Req from "
234 "%pM on tid %u\n",
235 mgmt->sa, tid);
236#endif /* CONFIG_MAC80211_HT_DEBUG */
237 goto end;
238 }
239
240 /* prepare A-MPDU MLME for Rx aggregation */
241 sta->ampdu_mlme.tid_rx[tid] =
242 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
243 if (!sta->ampdu_mlme.tid_rx[tid]) {
244#ifdef CONFIG_MAC80211_HT_DEBUG
245 if (net_ratelimit())
246 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
247 tid);
248#endif
249 goto end;
250 }
251 /* rx timer */
252 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
253 sta_rx_agg_session_timer_expired;
254 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
255 (unsigned long)&sta->timer_to_tid[tid];
256 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
257
258 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
259
260 /* prepare reordering buffer */
261 tid_agg_rx->reorder_buf =
262 kcalloc(buf_size, sizeof(struct sk_buff *), GFP_ATOMIC);
263 if (!tid_agg_rx->reorder_buf) {
264#ifdef CONFIG_MAC80211_HT_DEBUG
265 if (net_ratelimit())
266 printk(KERN_ERR "can not allocate reordering buffer "
267 "to tid %d\n", tid);
268#endif
269 kfree(sta->ampdu_mlme.tid_rx[tid]);
270 goto end;
271 }
272
273 if (local->ops->ampdu_action)
274 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
275 &sta->sta, tid, &start_seq_num);
276#ifdef CONFIG_MAC80211_HT_DEBUG
277 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
278#endif /* CONFIG_MAC80211_HT_DEBUG */
279
280 if (ret) {
281 kfree(tid_agg_rx->reorder_buf);
282 kfree(tid_agg_rx);
283 sta->ampdu_mlme.tid_rx[tid] = NULL;
284 goto end;
285 }
286
287 /* change state and send addba resp */
288 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
289 tid_agg_rx->dialog_token = dialog_token;
290 tid_agg_rx->ssn = start_seq_num;
291 tid_agg_rx->head_seq_num = start_seq_num;
292 tid_agg_rx->buf_size = buf_size;
293 tid_agg_rx->timeout = timeout;
294 tid_agg_rx->stored_mpdu_num = 0;
295 status = WLAN_STATUS_SUCCESS;
296end:
297 spin_unlock_bh(&sta->lock);
298
299end_no_lock:
300 ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid,
301 dialog_token, status, 1, buf_size, timeout);
302}
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c
new file mode 100644
index 000000000000..1df116d4d6e7
--- /dev/null
+++ b/net/mac80211/agg-tx.c
@@ -0,0 +1,701 @@
1/*
2 * HT handling
3 *
4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2005, Instant802 Networks, Inc.
6 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2009, Intel Corporation
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
14 */
15
16#include <linux/ieee80211.h>
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19#include "wme.h"
20
21/**
22 * DOC: TX aggregation
23 *
24 * Aggregation on the TX side requires setting the hardware flag
25 * %IEEE80211_HW_AMPDU_AGGREGATION as well as, if present, the @ampdu_queues
26 * hardware parameter to the number of hardware AMPDU queues. If there are no
27 * hardware queues then the driver will (currently) have to do all frame
28 * buffering.
29 *
30 * When TX aggregation is started by some subsystem (usually the rate control
31 * algorithm would be appropriate) by calling the
32 * ieee80211_start_tx_ba_session() function, the driver will be notified via
33 * its @ampdu_action function, with the %IEEE80211_AMPDU_TX_START action.
34 *
35 * In response to that, the driver is later required to call the
36 * ieee80211_start_tx_ba_cb() (or ieee80211_start_tx_ba_cb_irqsafe())
37 * function, which will start the aggregation session.
38 *
39 * Similarly, when the aggregation session is stopped by
40 * ieee80211_stop_tx_ba_session(), the driver's @ampdu_action function will
41 * be called with the action %IEEE80211_AMPDU_TX_STOP. In this case, the
42 * call must not fail, and the driver must later call ieee80211_stop_tx_ba_cb()
43 * (or ieee80211_stop_tx_ba_cb_irqsafe()).
44 */
45
46static void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata,
47 const u8 *da, u16 tid,
48 u8 dialog_token, u16 start_seq_num,
49 u16 agg_size, u16 timeout)
50{
51 struct ieee80211_local *local = sdata->local;
52 struct sk_buff *skb;
53 struct ieee80211_mgmt *mgmt;
54 u16 capab;
55
56 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
57
58 if (!skb) {
59 printk(KERN_ERR "%s: failed to allocate buffer "
60 "for addba request frame\n", sdata->dev->name);
61 return;
62 }
63 skb_reserve(skb, local->hw.extra_tx_headroom);
64 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
65 memset(mgmt, 0, 24);
66 memcpy(mgmt->da, da, ETH_ALEN);
67 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
68 if (sdata->vif.type == NL80211_IFTYPE_AP ||
69 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
70 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
71 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
72 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
73
74 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
75 IEEE80211_STYPE_ACTION);
76
77 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
78
79 mgmt->u.action.category = WLAN_CATEGORY_BACK;
80 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
81
82 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
83 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
84 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
85 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
86
87 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
88
89 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
90 mgmt->u.action.u.addba_req.start_seq_num =
91 cpu_to_le16(start_seq_num << 4);
92
93 ieee80211_tx_skb(sdata, skb, 1);
94}
95
96void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
97{
98 struct ieee80211_local *local = sdata->local;
99 struct sk_buff *skb;
100 struct ieee80211_bar *bar;
101 u16 bar_control = 0;
102
103 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
104 if (!skb) {
105 printk(KERN_ERR "%s: failed to allocate buffer for "
106 "bar frame\n", sdata->dev->name);
107 return;
108 }
109 skb_reserve(skb, local->hw.extra_tx_headroom);
110 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
111 memset(bar, 0, sizeof(*bar));
112 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
113 IEEE80211_STYPE_BACK_REQ);
114 memcpy(bar->ra, ra, ETH_ALEN);
115 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
116 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
117 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
118 bar_control |= (u16)(tid << 12);
119 bar->control = cpu_to_le16(bar_control);
120 bar->start_seq_num = cpu_to_le16(ssn);
121
122 ieee80211_tx_skb(sdata, skb, 0);
123}
124
125static int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
126 enum ieee80211_back_parties initiator)
127{
128 struct ieee80211_local *local = sta->local;
129 int ret;
130 u8 *state;
131
132 state = &sta->ampdu_mlme.tid_state_tx[tid];
133
134 if (local->hw.ampdu_queues) {
135 if (initiator) {
136 /*
137 * Stop the AC queue to avoid issues where we send
138 * unaggregated frames already before the delba.
139 */
140 ieee80211_stop_queue_by_reason(&local->hw,
141 local->hw.queues + sta->tid_to_tx_q[tid],
142 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
143 }
144
145 /*
146 * Pretend the driver woke the queue, just in case
147 * it disabled it before the session was stopped.
148 */
149 ieee80211_wake_queue(
150 &local->hw, local->hw.queues + sta->tid_to_tx_q[tid]);
151 }
152 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
153 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
154
155 ret = local->ops->ampdu_action(&local->hw, IEEE80211_AMPDU_TX_STOP,
156 &sta->sta, tid, NULL);
157
158 /* HW shall not deny going back to legacy */
159 if (WARN_ON(ret)) {
160 *state = HT_AGG_STATE_OPERATIONAL;
161 }
162
163 return ret;
164}
165
166/*
167 * After sending add Block Ack request we activated a timer until
168 * add Block Ack response will arrive from the recipient.
169 * If this timer expires sta_addba_resp_timer_expired will be executed.
170 */
171static void sta_addba_resp_timer_expired(unsigned long data)
172{
173 /* not an elegant detour, but there is no choice as the timer passes
174 * only one argument, and both sta_info and TID are needed, so init
175 * flow in sta_info_create gives the TID as data, while the timer_to_id
176 * array gives the sta through container_of */
177 u16 tid = *(u8 *)data;
178 struct sta_info *sta = container_of((void *)data,
179 struct sta_info, timer_to_tid[tid]);
180 u8 *state;
181
182 state = &sta->ampdu_mlme.tid_state_tx[tid];
183
184 /* check if the TID waits for addBA response */
185 spin_lock_bh(&sta->lock);
186 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
187 spin_unlock_bh(&sta->lock);
188 *state = HT_AGG_STATE_IDLE;
189#ifdef CONFIG_MAC80211_HT_DEBUG
190 printk(KERN_DEBUG "timer expired on tid %d but we are not "
191 "expecting addBA response there", tid);
192#endif
193 return;
194 }
195
196#ifdef CONFIG_MAC80211_HT_DEBUG
197 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
198#endif
199
200 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
201 spin_unlock_bh(&sta->lock);
202}
203
204static inline int ieee80211_ac_from_tid(int tid)
205{
206 return ieee802_1d_to_ac[tid & 7];
207}
208
209int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
210{
211 struct ieee80211_local *local = hw_to_local(hw);
212 struct sta_info *sta;
213 struct ieee80211_sub_if_data *sdata;
214 u8 *state;
215 int i, qn = -1, ret = 0;
216 u16 start_seq_num;
217
218 if (WARN_ON(!local->ops->ampdu_action))
219 return -EINVAL;
220
221 if ((tid >= STA_TID_NUM) || !(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
222 return -EINVAL;
223
224#ifdef CONFIG_MAC80211_HT_DEBUG
225 printk(KERN_DEBUG "Open BA session requested for %pM tid %u\n",
226 ra, tid);
227#endif /* CONFIG_MAC80211_HT_DEBUG */
228
229 if (hw->ampdu_queues && ieee80211_ac_from_tid(tid) == 0) {
230#ifdef CONFIG_MAC80211_HT_DEBUG
231 printk(KERN_DEBUG "rejecting on voice AC\n");
232#endif
233 return -EINVAL;
234 }
235
236 rcu_read_lock();
237
238 sta = sta_info_get(local, ra);
239 if (!sta) {
240#ifdef CONFIG_MAC80211_HT_DEBUG
241 printk(KERN_DEBUG "Could not find the station\n");
242#endif
243 ret = -ENOENT;
244 goto unlock;
245 }
246
247 /*
248 * The aggregation code is not prepared to handle
249 * anything but STA/AP due to the BSSID handling.
250 * IBSS could work in the code but isn't supported
251 * by drivers or the standard.
252 */
253 if (sta->sdata->vif.type != NL80211_IFTYPE_STATION &&
254 sta->sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
255 sta->sdata->vif.type != NL80211_IFTYPE_AP) {
256 ret = -EINVAL;
257 goto unlock;
258 }
259
260 spin_lock_bh(&sta->lock);
261
262 sdata = sta->sdata;
263
264 /* we have tried too many times, receiver does not want A-MPDU */
265 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
266 ret = -EBUSY;
267 goto err_unlock_sta;
268 }
269
270 state = &sta->ampdu_mlme.tid_state_tx[tid];
271 /* check if the TID is not in aggregation flow already */
272 if (*state != HT_AGG_STATE_IDLE) {
273#ifdef CONFIG_MAC80211_HT_DEBUG
274 printk(KERN_DEBUG "BA request denied - session is not "
275 "idle on tid %u\n", tid);
276#endif /* CONFIG_MAC80211_HT_DEBUG */
277 ret = -EAGAIN;
278 goto err_unlock_sta;
279 }
280
281 if (hw->ampdu_queues) {
282 spin_lock(&local->queue_stop_reason_lock);
283 /* reserve a new queue for this session */
284 for (i = 0; i < local->hw.ampdu_queues; i++) {
285 if (local->ampdu_ac_queue[i] < 0) {
286 qn = i;
287 local->ampdu_ac_queue[qn] =
288 ieee80211_ac_from_tid(tid);
289 break;
290 }
291 }
292 spin_unlock(&local->queue_stop_reason_lock);
293
294 if (qn < 0) {
295#ifdef CONFIG_MAC80211_HT_DEBUG
296 printk(KERN_DEBUG "BA request denied - "
297 "queue unavailable for tid %d\n", tid);
298#endif /* CONFIG_MAC80211_HT_DEBUG */
299 ret = -ENOSPC;
300 goto err_unlock_sta;
301 }
302
303 /*
304 * If we successfully allocate the session, we can't have
305 * anything going on on the queue this TID maps into, so
306 * stop it for now. This is a "virtual" stop using the same
307 * mechanism that drivers will use.
308 *
309 * XXX: queue up frames for this session in the sta_info
310 * struct instead to avoid hitting all other STAs.
311 */
312 ieee80211_stop_queue_by_reason(
313 &local->hw, hw->queues + qn,
314 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
315 }
316
317 /* prepare A-MPDU MLME for Tx aggregation */
318 sta->ampdu_mlme.tid_tx[tid] =
319 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
320 if (!sta->ampdu_mlme.tid_tx[tid]) {
321#ifdef CONFIG_MAC80211_HT_DEBUG
322 if (net_ratelimit())
323 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
324 tid);
325#endif
326 ret = -ENOMEM;
327 goto err_return_queue;
328 }
329
330 /* Tx timer */
331 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
332 sta_addba_resp_timer_expired;
333 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
334 (unsigned long)&sta->timer_to_tid[tid];
335 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
336
337 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
338 * call back right away, it must see that the flow has begun */
339 *state |= HT_ADDBA_REQUESTED_MSK;
340
341 start_seq_num = sta->tid_seq[tid];
342
343 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
344 &sta->sta, tid, &start_seq_num);
345
346 if (ret) {
347#ifdef CONFIG_MAC80211_HT_DEBUG
348 printk(KERN_DEBUG "BA request denied - HW unavailable for"
349 " tid %d\n", tid);
350#endif /* CONFIG_MAC80211_HT_DEBUG */
351 *state = HT_AGG_STATE_IDLE;
352 goto err_free;
353 }
354 sta->tid_to_tx_q[tid] = qn;
355
356 spin_unlock_bh(&sta->lock);
357
358 /* send an addBA request */
359 sta->ampdu_mlme.dialog_token_allocator++;
360 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
361 sta->ampdu_mlme.dialog_token_allocator;
362 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
363
364 ieee80211_send_addba_request(sta->sdata, ra, tid,
365 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
366 sta->ampdu_mlme.tid_tx[tid]->ssn,
367 0x40, 5000);
368 /* activate the timer for the recipient's addBA response */
369 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
370 jiffies + ADDBA_RESP_INTERVAL;
371 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
372#ifdef CONFIG_MAC80211_HT_DEBUG
373 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
374#endif
375 goto unlock;
376
377 err_free:
378 kfree(sta->ampdu_mlme.tid_tx[tid]);
379 sta->ampdu_mlme.tid_tx[tid] = NULL;
380 err_return_queue:
381 if (qn >= 0) {
382 /* We failed, so start queue again right away. */
383 ieee80211_wake_queue_by_reason(hw, hw->queues + qn,
384 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
385 /* give queue back to pool */
386 spin_lock(&local->queue_stop_reason_lock);
387 local->ampdu_ac_queue[qn] = -1;
388 spin_unlock(&local->queue_stop_reason_lock);
389 }
390 err_unlock_sta:
391 spin_unlock_bh(&sta->lock);
392 unlock:
393 rcu_read_unlock();
394 return ret;
395}
396EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
397
398void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
399{
400 struct ieee80211_local *local = hw_to_local(hw);
401 struct sta_info *sta;
402 u8 *state;
403
404 if (tid >= STA_TID_NUM) {
405#ifdef CONFIG_MAC80211_HT_DEBUG
406 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
407 tid, STA_TID_NUM);
408#endif
409 return;
410 }
411
412 rcu_read_lock();
413 sta = sta_info_get(local, ra);
414 if (!sta) {
415 rcu_read_unlock();
416#ifdef CONFIG_MAC80211_HT_DEBUG
417 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
418#endif
419 return;
420 }
421
422 state = &sta->ampdu_mlme.tid_state_tx[tid];
423 spin_lock_bh(&sta->lock);
424
425 if (WARN_ON(!(*state & HT_ADDBA_REQUESTED_MSK))) {
426#ifdef CONFIG_MAC80211_HT_DEBUG
427 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
428 *state);
429#endif
430 spin_unlock_bh(&sta->lock);
431 rcu_read_unlock();
432 return;
433 }
434
435 if (WARN_ON(*state & HT_ADDBA_DRV_READY_MSK))
436 goto out;
437
438 *state |= HT_ADDBA_DRV_READY_MSK;
439
440 if (*state == HT_AGG_STATE_OPERATIONAL) {
441#ifdef CONFIG_MAC80211_HT_DEBUG
442 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
443#endif
444 if (hw->ampdu_queues) {
445 /*
446 * Wake up this queue, we stopped it earlier,
447 * this will in turn wake the entire AC.
448 */
449 ieee80211_wake_queue_by_reason(hw,
450 hw->queues + sta->tid_to_tx_q[tid],
451 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
452 }
453 }
454
455 out:
456 spin_unlock_bh(&sta->lock);
457 rcu_read_unlock();
458}
459EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
460
461void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
462 const u8 *ra, u16 tid)
463{
464 struct ieee80211_local *local = hw_to_local(hw);
465 struct ieee80211_ra_tid *ra_tid;
466 struct sk_buff *skb = dev_alloc_skb(0);
467
468 if (unlikely(!skb)) {
469#ifdef CONFIG_MAC80211_HT_DEBUG
470 if (net_ratelimit())
471 printk(KERN_WARNING "%s: Not enough memory, "
472 "dropping start BA session", skb->dev->name);
473#endif
474 return;
475 }
476 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
477 memcpy(&ra_tid->ra, ra, ETH_ALEN);
478 ra_tid->tid = tid;
479
480 skb->pkt_type = IEEE80211_ADDBA_MSG;
481 skb_queue_tail(&local->skb_queue, skb);
482 tasklet_schedule(&local->tasklet);
483}
484EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
485
486int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
487 enum ieee80211_back_parties initiator)
488{
489 u8 *state;
490 int ret;
491
492 /* check if the TID is in aggregation */
493 state = &sta->ampdu_mlme.tid_state_tx[tid];
494 spin_lock_bh(&sta->lock);
495
496 if (*state != HT_AGG_STATE_OPERATIONAL) {
497 ret = -ENOENT;
498 goto unlock;
499 }
500
501#ifdef CONFIG_MAC80211_HT_DEBUG
502 printk(KERN_DEBUG "Tx BA session stop requested for %pM tid %u\n",
503 sta->sta.addr, tid);
504#endif /* CONFIG_MAC80211_HT_DEBUG */
505
506 ret = ___ieee80211_stop_tx_ba_session(sta, tid, initiator);
507
508 unlock:
509 spin_unlock_bh(&sta->lock);
510 return ret;
511}
512
513int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
514 u8 *ra, u16 tid,
515 enum ieee80211_back_parties initiator)
516{
517 struct ieee80211_local *local = hw_to_local(hw);
518 struct sta_info *sta;
519 int ret = 0;
520
521 if (WARN_ON(!local->ops->ampdu_action))
522 return -EINVAL;
523
524 if (tid >= STA_TID_NUM)
525 return -EINVAL;
526
527 rcu_read_lock();
528 sta = sta_info_get(local, ra);
529 if (!sta) {
530 rcu_read_unlock();
531 return -ENOENT;
532 }
533
534 ret = __ieee80211_stop_tx_ba_session(sta, tid, initiator);
535 rcu_read_unlock();
536 return ret;
537}
538EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
539
540void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
541{
542 struct ieee80211_local *local = hw_to_local(hw);
543 struct sta_info *sta;
544 u8 *state;
545
546 if (tid >= STA_TID_NUM) {
547#ifdef CONFIG_MAC80211_HT_DEBUG
548 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
549 tid, STA_TID_NUM);
550#endif
551 return;
552 }
553
554#ifdef CONFIG_MAC80211_HT_DEBUG
555 printk(KERN_DEBUG "Stopping Tx BA session for %pM tid %d\n",
556 ra, tid);
557#endif /* CONFIG_MAC80211_HT_DEBUG */
558
559 rcu_read_lock();
560 sta = sta_info_get(local, ra);
561 if (!sta) {
562#ifdef CONFIG_MAC80211_HT_DEBUG
563 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
564#endif
565 rcu_read_unlock();
566 return;
567 }
568 state = &sta->ampdu_mlme.tid_state_tx[tid];
569
570 /* NOTE: no need to use sta->lock in this state check, as
571 * ieee80211_stop_tx_ba_session will let only one stop call to
572 * pass through per sta/tid
573 */
574 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
575#ifdef CONFIG_MAC80211_HT_DEBUG
576 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
577#endif
578 rcu_read_unlock();
579 return;
580 }
581
582 if (*state & HT_AGG_STATE_INITIATOR_MSK)
583 ieee80211_send_delba(sta->sdata, ra, tid,
584 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
585
586 spin_lock_bh(&sta->lock);
587
588 if (*state & HT_AGG_STATE_INITIATOR_MSK &&
589 hw->ampdu_queues) {
590 /*
591 * Wake up this queue, we stopped it earlier,
592 * this will in turn wake the entire AC.
593 */
594 ieee80211_wake_queue_by_reason(hw,
595 hw->queues + sta->tid_to_tx_q[tid],
596 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
597 }
598
599 *state = HT_AGG_STATE_IDLE;
600 sta->ampdu_mlme.addba_req_num[tid] = 0;
601 kfree(sta->ampdu_mlme.tid_tx[tid]);
602 sta->ampdu_mlme.tid_tx[tid] = NULL;
603 spin_unlock_bh(&sta->lock);
604
605 rcu_read_unlock();
606}
607EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
608
609void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
610 const u8 *ra, u16 tid)
611{
612 struct ieee80211_local *local = hw_to_local(hw);
613 struct ieee80211_ra_tid *ra_tid;
614 struct sk_buff *skb = dev_alloc_skb(0);
615
616 if (unlikely(!skb)) {
617#ifdef CONFIG_MAC80211_HT_DEBUG
618 if (net_ratelimit())
619 printk(KERN_WARNING "%s: Not enough memory, "
620 "dropping stop BA session", skb->dev->name);
621#endif
622 return;
623 }
624 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
625 memcpy(&ra_tid->ra, ra, ETH_ALEN);
626 ra_tid->tid = tid;
627
628 skb->pkt_type = IEEE80211_DELBA_MSG;
629 skb_queue_tail(&local->skb_queue, skb);
630 tasklet_schedule(&local->tasklet);
631}
632EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
633
634
635void ieee80211_process_addba_resp(struct ieee80211_local *local,
636 struct sta_info *sta,
637 struct ieee80211_mgmt *mgmt,
638 size_t len)
639{
640 struct ieee80211_hw *hw = &local->hw;
641 u16 capab;
642 u16 tid, start_seq_num;
643 u8 *state;
644
645 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
646 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
647
648 state = &sta->ampdu_mlme.tid_state_tx[tid];
649
650 spin_lock_bh(&sta->lock);
651
652 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
653 spin_unlock_bh(&sta->lock);
654 return;
655 }
656
657 if (mgmt->u.action.u.addba_resp.dialog_token !=
658 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
659 spin_unlock_bh(&sta->lock);
660#ifdef CONFIG_MAC80211_HT_DEBUG
661 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
662#endif /* CONFIG_MAC80211_HT_DEBUG */
663 return;
664 }
665
666 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
667#ifdef CONFIG_MAC80211_HT_DEBUG
668 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
669#endif /* CONFIG_MAC80211_HT_DEBUG */
670 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
671 == WLAN_STATUS_SUCCESS) {
672 u8 curstate = *state;
673
674 *state |= HT_ADDBA_RECEIVED_MSK;
675
676 if (hw->ampdu_queues && *state != curstate &&
677 *state == HT_AGG_STATE_OPERATIONAL) {
678 /*
679 * Wake up this queue, we stopped it earlier,
680 * this will in turn wake the entire AC.
681 */
682 ieee80211_wake_queue_by_reason(hw,
683 hw->queues + sta->tid_to_tx_q[tid],
684 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
685 }
686 sta->ampdu_mlme.addba_req_num[tid] = 0;
687
688 if (local->ops->ampdu_action) {
689 (void)local->ops->ampdu_action(hw,
690 IEEE80211_AMPDU_TX_RESUME,
691 &sta->sta, tid, &start_seq_num);
692 }
693#ifdef CONFIG_MAC80211_HT_DEBUG
694 printk(KERN_DEBUG "Resuming TX aggregation for tid %d\n", tid);
695#endif /* CONFIG_MAC80211_HT_DEBUG */
696 } else {
697 sta->ampdu_mlme.addba_req_num[tid]++;
698 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
699 }
700 spin_unlock_bh(&sta->lock);
701}
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 9d4e4d846ec1..58693e52d458 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -133,6 +133,9 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
133 case WLAN_CIPHER_SUITE_CCMP: 133 case WLAN_CIPHER_SUITE_CCMP:
134 alg = ALG_CCMP; 134 alg = ALG_CCMP;
135 break; 135 break;
136 case WLAN_CIPHER_SUITE_AES_CMAC:
137 alg = ALG_AES_CMAC;
138 break;
136 default: 139 default:
137 return -EINVAL; 140 return -EINVAL;
138 } 141 }
@@ -275,6 +278,17 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
275 else 278 else
276 params.cipher = WLAN_CIPHER_SUITE_WEP104; 279 params.cipher = WLAN_CIPHER_SUITE_WEP104;
277 break; 280 break;
281 case ALG_AES_CMAC:
282 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
283 seq[0] = key->u.aes_cmac.tx_pn[5];
284 seq[1] = key->u.aes_cmac.tx_pn[4];
285 seq[2] = key->u.aes_cmac.tx_pn[3];
286 seq[3] = key->u.aes_cmac.tx_pn[2];
287 seq[4] = key->u.aes_cmac.tx_pn[1];
288 seq[5] = key->u.aes_cmac.tx_pn[0];
289 params.seq = seq;
290 params.seq_len = 6;
291 break;
278 } 292 }
279 293
280 params.key = key->conf.key; 294 params.key = key->conf.key;
@@ -304,6 +318,22 @@ static int ieee80211_config_default_key(struct wiphy *wiphy,
304 return 0; 318 return 0;
305} 319}
306 320
321static int ieee80211_config_default_mgmt_key(struct wiphy *wiphy,
322 struct net_device *dev,
323 u8 key_idx)
324{
325 struct ieee80211_sub_if_data *sdata;
326
327 rcu_read_lock();
328
329 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
330 ieee80211_set_default_mgmt_key(sdata, key_idx);
331
332 rcu_read_unlock();
333
334 return 0;
335}
336
307static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo) 337static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
308{ 338{
309 struct ieee80211_sub_if_data *sdata = sta->sdata; 339 struct ieee80211_sub_if_data *sdata = sta->sdata;
@@ -311,11 +341,15 @@ static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
311 sinfo->filled = STATION_INFO_INACTIVE_TIME | 341 sinfo->filled = STATION_INFO_INACTIVE_TIME |
312 STATION_INFO_RX_BYTES | 342 STATION_INFO_RX_BYTES |
313 STATION_INFO_TX_BYTES | 343 STATION_INFO_TX_BYTES |
344 STATION_INFO_RX_PACKETS |
345 STATION_INFO_TX_PACKETS |
314 STATION_INFO_TX_BITRATE; 346 STATION_INFO_TX_BITRATE;
315 347
316 sinfo->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx); 348 sinfo->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx);
317 sinfo->rx_bytes = sta->rx_bytes; 349 sinfo->rx_bytes = sta->rx_bytes;
318 sinfo->tx_bytes = sta->tx_bytes; 350 sinfo->tx_bytes = sta->tx_bytes;
351 sinfo->rx_packets = sta->rx_packets;
352 sinfo->tx_packets = sta->tx_packets;
319 353
320 if (sta->local->hw.flags & IEEE80211_HW_SIGNAL_DBM) { 354 if (sta->local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {
321 sinfo->filled |= STATION_INFO_SIGNAL; 355 sinfo->filled |= STATION_INFO_SIGNAL;
@@ -417,7 +451,8 @@ static int ieee80211_config_beacon(struct ieee80211_sub_if_data *sdata,
417 * This is a kludge. beacon interval should really be part 451 * This is a kludge. beacon interval should really be part
418 * of the beacon information. 452 * of the beacon information.
419 */ 453 */
420 if (params->interval) { 454 if (params->interval && (sdata->local->hw.conf.beacon_int !=
455 params->interval)) {
421 sdata->local->hw.conf.beacon_int = params->interval; 456 sdata->local->hw.conf.beacon_int = params->interval;
422 err = ieee80211_hw_config(sdata->local, 457 err = ieee80211_hw_config(sdata->local,
423 IEEE80211_CONF_CHANGE_BEACON_INTERVAL); 458 IEEE80211_CONF_CHANGE_BEACON_INTERVAL);
@@ -493,7 +528,8 @@ static int ieee80211_config_beacon(struct ieee80211_sub_if_data *sdata,
493 528
494 kfree(old); 529 kfree(old);
495 530
496 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON); 531 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON |
532 IEEE80211_IFCC_BEACON_ENABLED);
497} 533}
498 534
499static int ieee80211_add_beacon(struct wiphy *wiphy, struct net_device *dev, 535static int ieee80211_add_beacon(struct wiphy *wiphy, struct net_device *dev,
@@ -553,7 +589,7 @@ static int ieee80211_del_beacon(struct wiphy *wiphy, struct net_device *dev)
553 synchronize_rcu(); 589 synchronize_rcu();
554 kfree(old); 590 kfree(old);
555 591
556 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON); 592 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON_ENABLED);
557} 593}
558 594
559/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */ 595/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */
@@ -630,6 +666,10 @@ static void sta_apply_parameters(struct ieee80211_local *local,
630 sta->flags &= ~WLAN_STA_WME; 666 sta->flags &= ~WLAN_STA_WME;
631 if (params->station_flags & STATION_FLAG_WME) 667 if (params->station_flags & STATION_FLAG_WME)
632 sta->flags |= WLAN_STA_WME; 668 sta->flags |= WLAN_STA_WME;
669
670 sta->flags &= ~WLAN_STA_MFP;
671 if (params->station_flags & STATION_FLAG_MFP)
672 sta->flags |= WLAN_STA_MFP;
633 spin_unlock_bh(&sta->lock); 673 spin_unlock_bh(&sta->lock);
634 } 674 }
635 675
@@ -1141,6 +1181,125 @@ static int ieee80211_set_channel(struct wiphy *wiphy,
1141 return ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 1181 return ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
1142} 1182}
1143 1183
1184static int set_mgmt_extra_ie_sta(struct ieee80211_sub_if_data *sdata,
1185 u8 subtype, u8 *ies, size_t ies_len)
1186{
1187 struct ieee80211_local *local = sdata->local;
1188 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1189
1190 switch (subtype) {
1191 case IEEE80211_STYPE_PROBE_REQ >> 4:
1192 if (local->ops->hw_scan)
1193 break;
1194 kfree(ifmgd->ie_probereq);
1195 ifmgd->ie_probereq = ies;
1196 ifmgd->ie_probereq_len = ies_len;
1197 return 0;
1198 case IEEE80211_STYPE_PROBE_RESP >> 4:
1199 kfree(ifmgd->ie_proberesp);
1200 ifmgd->ie_proberesp = ies;
1201 ifmgd->ie_proberesp_len = ies_len;
1202 return 0;
1203 case IEEE80211_STYPE_AUTH >> 4:
1204 kfree(ifmgd->ie_auth);
1205 ifmgd->ie_auth = ies;
1206 ifmgd->ie_auth_len = ies_len;
1207 return 0;
1208 case IEEE80211_STYPE_ASSOC_REQ >> 4:
1209 kfree(ifmgd->ie_assocreq);
1210 ifmgd->ie_assocreq = ies;
1211 ifmgd->ie_assocreq_len = ies_len;
1212 return 0;
1213 case IEEE80211_STYPE_REASSOC_REQ >> 4:
1214 kfree(ifmgd->ie_reassocreq);
1215 ifmgd->ie_reassocreq = ies;
1216 ifmgd->ie_reassocreq_len = ies_len;
1217 return 0;
1218 case IEEE80211_STYPE_DEAUTH >> 4:
1219 kfree(ifmgd->ie_deauth);
1220 ifmgd->ie_deauth = ies;
1221 ifmgd->ie_deauth_len = ies_len;
1222 return 0;
1223 case IEEE80211_STYPE_DISASSOC >> 4:
1224 kfree(ifmgd->ie_disassoc);
1225 ifmgd->ie_disassoc = ies;
1226 ifmgd->ie_disassoc_len = ies_len;
1227 return 0;
1228 }
1229
1230 return -EOPNOTSUPP;
1231}
1232
1233static int ieee80211_set_mgmt_extra_ie(struct wiphy *wiphy,
1234 struct net_device *dev,
1235 struct mgmt_extra_ie_params *params)
1236{
1237 struct ieee80211_sub_if_data *sdata;
1238 u8 *ies;
1239 size_t ies_len;
1240 int ret = -EOPNOTSUPP;
1241
1242 if (params->ies) {
1243 ies = kmemdup(params->ies, params->ies_len, GFP_KERNEL);
1244 if (ies == NULL)
1245 return -ENOMEM;
1246 ies_len = params->ies_len;
1247 } else {
1248 ies = NULL;
1249 ies_len = 0;
1250 }
1251
1252 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1253
1254 switch (sdata->vif.type) {
1255 case NL80211_IFTYPE_STATION:
1256 ret = set_mgmt_extra_ie_sta(sdata, params->subtype,
1257 ies, ies_len);
1258 break;
1259 default:
1260 ret = -EOPNOTSUPP;
1261 break;
1262 }
1263
1264 if (ret)
1265 kfree(ies);
1266 return ret;
1267}
1268
1269#ifdef CONFIG_PM
1270static int ieee80211_suspend(struct wiphy *wiphy)
1271{
1272 return __ieee80211_suspend(wiphy_priv(wiphy));
1273}
1274
1275static int ieee80211_resume(struct wiphy *wiphy)
1276{
1277 return __ieee80211_resume(wiphy_priv(wiphy));
1278}
1279#else
1280#define ieee80211_suspend NULL
1281#define ieee80211_resume NULL
1282#endif
1283
1284static int ieee80211_scan(struct wiphy *wiphy,
1285 struct net_device *dev,
1286 struct cfg80211_scan_request *req)
1287{
1288 struct ieee80211_sub_if_data *sdata;
1289
1290 if (!netif_running(dev))
1291 return -ENETDOWN;
1292
1293 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1294
1295 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
1296 sdata->vif.type != NL80211_IFTYPE_ADHOC &&
1297 sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
1298 return -EOPNOTSUPP;
1299
1300 return ieee80211_request_scan(sdata, req);
1301}
1302
1144struct cfg80211_ops mac80211_config_ops = { 1303struct cfg80211_ops mac80211_config_ops = {
1145 .add_virtual_intf = ieee80211_add_iface, 1304 .add_virtual_intf = ieee80211_add_iface,
1146 .del_virtual_intf = ieee80211_del_iface, 1305 .del_virtual_intf = ieee80211_del_iface,
@@ -1149,6 +1308,7 @@ struct cfg80211_ops mac80211_config_ops = {
1149 .del_key = ieee80211_del_key, 1308 .del_key = ieee80211_del_key,
1150 .get_key = ieee80211_get_key, 1309 .get_key = ieee80211_get_key,
1151 .set_default_key = ieee80211_config_default_key, 1310 .set_default_key = ieee80211_config_default_key,
1311 .set_default_mgmt_key = ieee80211_config_default_mgmt_key,
1152 .add_beacon = ieee80211_add_beacon, 1312 .add_beacon = ieee80211_add_beacon,
1153 .set_beacon = ieee80211_set_beacon, 1313 .set_beacon = ieee80211_set_beacon,
1154 .del_beacon = ieee80211_del_beacon, 1314 .del_beacon = ieee80211_del_beacon,
@@ -1169,4 +1329,8 @@ struct cfg80211_ops mac80211_config_ops = {
1169 .change_bss = ieee80211_change_bss, 1329 .change_bss = ieee80211_change_bss,
1170 .set_txq_params = ieee80211_set_txq_params, 1330 .set_txq_params = ieee80211_set_txq_params,
1171 .set_channel = ieee80211_set_channel, 1331 .set_channel = ieee80211_set_channel,
1332 .set_mgmt_extra_ie = ieee80211_set_mgmt_extra_ie,
1333 .suspend = ieee80211_suspend,
1334 .resume = ieee80211_resume,
1335 .scan = ieee80211_scan,
1172}; 1336};
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index 2697a2fe608f..e37f557de3f3 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -57,11 +57,62 @@ DEBUGFS_READONLY_FILE(long_retry_limit, 20, "%d",
57 local->hw.conf.long_frame_max_tx_count); 57 local->hw.conf.long_frame_max_tx_count);
58DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d", 58DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d",
59 local->total_ps_buffered); 59 local->total_ps_buffered);
60DEBUGFS_READONLY_FILE(wep_iv, 20, "%#06x", 60DEBUGFS_READONLY_FILE(wep_iv, 20, "%#08x",
61 local->wep_iv & 0xffffff); 61 local->wep_iv & 0xffffff);
62DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s", 62DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s",
63 local->rate_ctrl ? local->rate_ctrl->ops->name : "<unset>"); 63 local->rate_ctrl ? local->rate_ctrl->ops->name : "<unset>");
64 64
65static ssize_t tsf_read(struct file *file, char __user *user_buf,
66 size_t count, loff_t *ppos)
67{
68 struct ieee80211_local *local = file->private_data;
69 u64 tsf = 0;
70 char buf[100];
71
72 if (local->ops->get_tsf)
73 tsf = local->ops->get_tsf(local_to_hw(local));
74
75 snprintf(buf, sizeof(buf), "0x%016llx\n", (unsigned long long) tsf);
76
77 return simple_read_from_buffer(user_buf, count, ppos, buf, 19);
78}
79
80static ssize_t tsf_write(struct file *file,
81 const char __user *user_buf,
82 size_t count, loff_t *ppos)
83{
84 struct ieee80211_local *local = file->private_data;
85 unsigned long long tsf;
86 char buf[100];
87 size_t len;
88
89 len = min(count, sizeof(buf) - 1);
90 if (copy_from_user(buf, user_buf, len))
91 return -EFAULT;
92 buf[len] = '\0';
93
94 if (strncmp(buf, "reset", 5) == 0) {
95 if (local->ops->reset_tsf) {
96 local->ops->reset_tsf(local_to_hw(local));
97 printk(KERN_INFO "%s: debugfs reset TSF\n", wiphy_name(local->hw.wiphy));
98 }
99 } else {
100 tsf = simple_strtoul(buf, NULL, 0);
101 if (local->ops->set_tsf) {
102 local->ops->set_tsf(local_to_hw(local), tsf);
103 printk(KERN_INFO "%s: debugfs set TSF to %#018llx\n", wiphy_name(local->hw.wiphy), tsf);
104 }
105 }
106
107 return count;
108}
109
110static const struct file_operations tsf_ops = {
111 .read = tsf_read,
112 .write = tsf_write,
113 .open = mac80211_open_file_generic
114};
115
65/* statistics stuff */ 116/* statistics stuff */
66 117
67#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \ 118#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \
@@ -136,8 +187,6 @@ DEBUGFS_STATS_FILE(multicast_received_frame_count, 20, "%u",
136 local->dot11MulticastReceivedFrameCount); 187 local->dot11MulticastReceivedFrameCount);
137DEBUGFS_STATS_FILE(transmitted_frame_count, 20, "%u", 188DEBUGFS_STATS_FILE(transmitted_frame_count, 20, "%u",
138 local->dot11TransmittedFrameCount); 189 local->dot11TransmittedFrameCount);
139DEBUGFS_STATS_FILE(wep_undecryptable_count, 20, "%u",
140 local->dot11WEPUndecryptableCount);
141#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 190#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
142DEBUGFS_STATS_FILE(tx_handlers_drop, 20, "%u", 191DEBUGFS_STATS_FILE(tx_handlers_drop, 20, "%u",
143 local->tx_handlers_drop); 192 local->tx_handlers_drop);
@@ -204,6 +253,7 @@ void debugfs_hw_add(struct ieee80211_local *local)
204 DEBUGFS_ADD(long_retry_limit); 253 DEBUGFS_ADD(long_retry_limit);
205 DEBUGFS_ADD(total_ps_buffered); 254 DEBUGFS_ADD(total_ps_buffered);
206 DEBUGFS_ADD(wep_iv); 255 DEBUGFS_ADD(wep_iv);
256 DEBUGFS_ADD(tsf);
207 257
208 statsd = debugfs_create_dir("statistics", phyd); 258 statsd = debugfs_create_dir("statistics", phyd);
209 local->debugfs.statistics = statsd; 259 local->debugfs.statistics = statsd;
@@ -221,7 +271,6 @@ void debugfs_hw_add(struct ieee80211_local *local)
221 DEBUGFS_STATS_ADD(received_fragment_count); 271 DEBUGFS_STATS_ADD(received_fragment_count);
222 DEBUGFS_STATS_ADD(multicast_received_frame_count); 272 DEBUGFS_STATS_ADD(multicast_received_frame_count);
223 DEBUGFS_STATS_ADD(transmitted_frame_count); 273 DEBUGFS_STATS_ADD(transmitted_frame_count);
224 DEBUGFS_STATS_ADD(wep_undecryptable_count);
225#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 274#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
226 DEBUGFS_STATS_ADD(tx_handlers_drop); 275 DEBUGFS_STATS_ADD(tx_handlers_drop);
227 DEBUGFS_STATS_ADD(tx_handlers_queued); 276 DEBUGFS_STATS_ADD(tx_handlers_queued);
@@ -258,6 +307,7 @@ void debugfs_hw_del(struct ieee80211_local *local)
258 DEBUGFS_DEL(long_retry_limit); 307 DEBUGFS_DEL(long_retry_limit);
259 DEBUGFS_DEL(total_ps_buffered); 308 DEBUGFS_DEL(total_ps_buffered);
260 DEBUGFS_DEL(wep_iv); 309 DEBUGFS_DEL(wep_iv);
310 DEBUGFS_DEL(tsf);
261 311
262 DEBUGFS_STATS_DEL(transmitted_fragment_count); 312 DEBUGFS_STATS_DEL(transmitted_fragment_count);
263 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count); 313 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count);
@@ -268,7 +318,6 @@ void debugfs_hw_del(struct ieee80211_local *local)
268 DEBUGFS_STATS_DEL(received_fragment_count); 318 DEBUGFS_STATS_DEL(received_fragment_count);
269 DEBUGFS_STATS_DEL(multicast_received_frame_count); 319 DEBUGFS_STATS_DEL(multicast_received_frame_count);
270 DEBUGFS_STATS_DEL(transmitted_frame_count); 320 DEBUGFS_STATS_DEL(transmitted_frame_count);
271 DEBUGFS_STATS_DEL(wep_undecryptable_count);
272 DEBUGFS_STATS_DEL(num_scans); 321 DEBUGFS_STATS_DEL(num_scans);
273#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 322#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
274 DEBUGFS_STATS_DEL(tx_handlers_drop); 323 DEBUGFS_STATS_DEL(tx_handlers_drop);
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
index 6424ac565ae0..99c752588b30 100644
--- a/net/mac80211/debugfs_key.c
+++ b/net/mac80211/debugfs_key.c
@@ -76,6 +76,9 @@ static ssize_t key_algorithm_read(struct file *file,
76 case ALG_CCMP: 76 case ALG_CCMP:
77 alg = "CCMP\n"; 77 alg = "CCMP\n";
78 break; 78 break;
79 case ALG_AES_CMAC:
80 alg = "AES-128-CMAC\n";
81 break;
79 default: 82 default:
80 return 0; 83 return 0;
81 } 84 }
@@ -105,6 +108,12 @@ static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
105 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n", 108 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
106 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]); 109 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]);
107 break; 110 break;
111 case ALG_AES_CMAC:
112 tpn = key->u.aes_cmac.tx_pn;
113 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
114 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4],
115 tpn[5]);
116 break;
108 default: 117 default:
109 return 0; 118 return 0;
110 } 119 }
@@ -142,6 +151,14 @@ static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
142 } 151 }
143 len = p - buf; 152 len = p - buf;
144 break; 153 break;
154 case ALG_AES_CMAC:
155 rpn = key->u.aes_cmac.rx_pn;
156 p += scnprintf(p, sizeof(buf)+buf-p,
157 "%02x%02x%02x%02x%02x%02x\n",
158 rpn[0], rpn[1], rpn[2],
159 rpn[3], rpn[4], rpn[5]);
160 len = p - buf;
161 break;
145 default: 162 default:
146 return 0; 163 return 0;
147 } 164 }
@@ -156,13 +173,40 @@ static ssize_t key_replays_read(struct file *file, char __user *userbuf,
156 char buf[20]; 173 char buf[20];
157 int len; 174 int len;
158 175
159 if (key->conf.alg != ALG_CCMP) 176 switch (key->conf.alg) {
177 case ALG_CCMP:
178 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
179 break;
180 case ALG_AES_CMAC:
181 len = scnprintf(buf, sizeof(buf), "%u\n",
182 key->u.aes_cmac.replays);
183 break;
184 default:
160 return 0; 185 return 0;
161 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays); 186 }
162 return simple_read_from_buffer(userbuf, count, ppos, buf, len); 187 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
163} 188}
164KEY_OPS(replays); 189KEY_OPS(replays);
165 190
191static ssize_t key_icverrors_read(struct file *file, char __user *userbuf,
192 size_t count, loff_t *ppos)
193{
194 struct ieee80211_key *key = file->private_data;
195 char buf[20];
196 int len;
197
198 switch (key->conf.alg) {
199 case ALG_AES_CMAC:
200 len = scnprintf(buf, sizeof(buf), "%u\n",
201 key->u.aes_cmac.icverrors);
202 break;
203 default:
204 return 0;
205 }
206 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
207}
208KEY_OPS(icverrors);
209
166static ssize_t key_key_read(struct file *file, char __user *userbuf, 210static ssize_t key_key_read(struct file *file, char __user *userbuf,
167 size_t count, loff_t *ppos) 211 size_t count, loff_t *ppos)
168{ 212{
@@ -222,6 +266,7 @@ void ieee80211_debugfs_key_add(struct ieee80211_key *key)
222 DEBUGFS_ADD(tx_spec); 266 DEBUGFS_ADD(tx_spec);
223 DEBUGFS_ADD(rx_spec); 267 DEBUGFS_ADD(rx_spec);
224 DEBUGFS_ADD(replays); 268 DEBUGFS_ADD(replays);
269 DEBUGFS_ADD(icverrors);
225 DEBUGFS_ADD(key); 270 DEBUGFS_ADD(key);
226 DEBUGFS_ADD(ifindex); 271 DEBUGFS_ADD(ifindex);
227}; 272};
@@ -243,6 +288,7 @@ void ieee80211_debugfs_key_remove(struct ieee80211_key *key)
243 DEBUGFS_DEL(tx_spec); 288 DEBUGFS_DEL(tx_spec);
244 DEBUGFS_DEL(rx_spec); 289 DEBUGFS_DEL(rx_spec);
245 DEBUGFS_DEL(replays); 290 DEBUGFS_DEL(replays);
291 DEBUGFS_DEL(icverrors);
246 DEBUGFS_DEL(key); 292 DEBUGFS_DEL(key);
247 DEBUGFS_DEL(ifindex); 293 DEBUGFS_DEL(ifindex);
248 294
@@ -280,6 +326,35 @@ void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata)
280 sdata->common_debugfs.default_key = NULL; 326 sdata->common_debugfs.default_key = NULL;
281} 327}
282 328
329void ieee80211_debugfs_key_add_mgmt_default(struct ieee80211_sub_if_data *sdata)
330{
331 char buf[50];
332 struct ieee80211_key *key;
333
334 if (!sdata->debugfsdir)
335 return;
336
337 /* this is running under the key lock */
338
339 key = sdata->default_mgmt_key;
340 if (key) {
341 sprintf(buf, "../keys/%d", key->debugfs.cnt);
342 sdata->common_debugfs.default_mgmt_key =
343 debugfs_create_symlink("default_mgmt_key",
344 sdata->debugfsdir, buf);
345 } else
346 ieee80211_debugfs_key_remove_mgmt_default(sdata);
347}
348
349void ieee80211_debugfs_key_remove_mgmt_default(struct ieee80211_sub_if_data *sdata)
350{
351 if (!sdata)
352 return;
353
354 debugfs_remove(sdata->common_debugfs.default_mgmt_key);
355 sdata->common_debugfs.default_mgmt_key = NULL;
356}
357
283void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key, 358void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
284 struct sta_info *sta) 359 struct sta_info *sta)
285{ 360{
diff --git a/net/mac80211/debugfs_key.h b/net/mac80211/debugfs_key.h
index b1a3754ee240..54717b4e1371 100644
--- a/net/mac80211/debugfs_key.h
+++ b/net/mac80211/debugfs_key.h
@@ -6,6 +6,10 @@ void ieee80211_debugfs_key_add(struct ieee80211_key *key);
6void ieee80211_debugfs_key_remove(struct ieee80211_key *key); 6void ieee80211_debugfs_key_remove(struct ieee80211_key *key);
7void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata); 7void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata);
8void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata); 8void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_key_add_mgmt_default(
10 struct ieee80211_sub_if_data *sdata);
11void ieee80211_debugfs_key_remove_mgmt_default(
12 struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key, 13void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
10 struct sta_info *sta); 14 struct sta_info *sta);
11#else 15#else
@@ -19,6 +23,12 @@ static inline void ieee80211_debugfs_key_add_default(
19static inline void ieee80211_debugfs_key_remove_default( 23static inline void ieee80211_debugfs_key_remove_default(
20 struct ieee80211_sub_if_data *sdata) 24 struct ieee80211_sub_if_data *sdata)
21{} 25{}
26static inline void ieee80211_debugfs_key_add_mgmt_default(
27 struct ieee80211_sub_if_data *sdata)
28{}
29static inline void ieee80211_debugfs_key_remove_mgmt_default(
30 struct ieee80211_sub_if_data *sdata)
31{}
22static inline void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key, 32static inline void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
23 struct sta_info *sta) 33 struct sta_info *sta)
24{} 34{}
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index c54219301724..e3420329f4e6 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -94,31 +94,31 @@ IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
94IEEE80211_IF_FILE(force_unicast_rateidx, force_unicast_rateidx, DEC); 94IEEE80211_IF_FILE(force_unicast_rateidx, force_unicast_rateidx, DEC);
95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC); 95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC);
96 96
97/* STA/IBSS attributes */ 97/* STA attributes */
98IEEE80211_IF_FILE(state, u.sta.state, DEC); 98IEEE80211_IF_FILE(state, u.mgd.state, DEC);
99IEEE80211_IF_FILE(bssid, u.sta.bssid, MAC); 99IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC);
100IEEE80211_IF_FILE(prev_bssid, u.sta.prev_bssid, MAC); 100IEEE80211_IF_FILE(prev_bssid, u.mgd.prev_bssid, MAC);
101IEEE80211_IF_FILE(ssid_len, u.sta.ssid_len, SIZE); 101IEEE80211_IF_FILE(ssid_len, u.mgd.ssid_len, SIZE);
102IEEE80211_IF_FILE(aid, u.sta.aid, DEC); 102IEEE80211_IF_FILE(aid, u.mgd.aid, DEC);
103IEEE80211_IF_FILE(ap_capab, u.sta.ap_capab, HEX); 103IEEE80211_IF_FILE(ap_capab, u.mgd.ap_capab, HEX);
104IEEE80211_IF_FILE(capab, u.sta.capab, HEX); 104IEEE80211_IF_FILE(capab, u.mgd.capab, HEX);
105IEEE80211_IF_FILE(extra_ie_len, u.sta.extra_ie_len, SIZE); 105IEEE80211_IF_FILE(extra_ie_len, u.mgd.extra_ie_len, SIZE);
106IEEE80211_IF_FILE(auth_tries, u.sta.auth_tries, DEC); 106IEEE80211_IF_FILE(auth_tries, u.mgd.auth_tries, DEC);
107IEEE80211_IF_FILE(assoc_tries, u.sta.assoc_tries, DEC); 107IEEE80211_IF_FILE(assoc_tries, u.mgd.assoc_tries, DEC);
108IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX); 108IEEE80211_IF_FILE(auth_algs, u.mgd.auth_algs, HEX);
109IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC); 109IEEE80211_IF_FILE(auth_alg, u.mgd.auth_alg, DEC);
110IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC); 110IEEE80211_IF_FILE(auth_transaction, u.mgd.auth_transaction, DEC);
111 111
112static ssize_t ieee80211_if_fmt_flags( 112static ssize_t ieee80211_if_fmt_flags(
113 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen) 113 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
114{ 114{
115 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n", 115 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n",
116 sdata->u.sta.flags & IEEE80211_STA_SSID_SET ? "SSID\n" : "", 116 sdata->u.mgd.flags & IEEE80211_STA_SSID_SET ? "SSID\n" : "",
117 sdata->u.sta.flags & IEEE80211_STA_BSSID_SET ? "BSSID\n" : "", 117 sdata->u.mgd.flags & IEEE80211_STA_BSSID_SET ? "BSSID\n" : "",
118 sdata->u.sta.flags & IEEE80211_STA_PREV_BSSID_SET ? "prev BSSID\n" : "", 118 sdata->u.mgd.flags & IEEE80211_STA_PREV_BSSID_SET ? "prev BSSID\n" : "",
119 sdata->u.sta.flags & IEEE80211_STA_AUTHENTICATED ? "AUTH\n" : "", 119 sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED ? "AUTH\n" : "",
120 sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED ? "ASSOC\n" : "", 120 sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED ? "ASSOC\n" : "",
121 sdata->u.sta.flags & IEEE80211_STA_PROBEREQ_POLL ? "PROBEREQ POLL\n" : "", 121 sdata->u.mgd.flags & IEEE80211_STA_PROBEREQ_POLL ? "PROBEREQ POLL\n" : "",
122 sdata->vif.bss_conf.use_cts_prot ? "CTS prot\n" : ""); 122 sdata->vif.bss_conf.use_cts_prot ? "CTS prot\n" : "");
123} 123}
124__IEEE80211_IF_FILE(flags); 124__IEEE80211_IF_FILE(flags);
@@ -283,9 +283,11 @@ static void add_files(struct ieee80211_sub_if_data *sdata)
283#endif 283#endif
284 break; 284 break;
285 case NL80211_IFTYPE_STATION: 285 case NL80211_IFTYPE_STATION:
286 case NL80211_IFTYPE_ADHOC:
287 add_sta_files(sdata); 286 add_sta_files(sdata);
288 break; 287 break;
288 case NL80211_IFTYPE_ADHOC:
289 /* XXX */
290 break;
289 case NL80211_IFTYPE_AP: 291 case NL80211_IFTYPE_AP:
290 add_ap_files(sdata); 292 add_ap_files(sdata);
291 break; 293 break;
@@ -418,9 +420,11 @@ static void del_files(struct ieee80211_sub_if_data *sdata)
418#endif 420#endif
419 break; 421 break;
420 case NL80211_IFTYPE_STATION: 422 case NL80211_IFTYPE_STATION:
421 case NL80211_IFTYPE_ADHOC:
422 del_sta_files(sdata); 423 del_sta_files(sdata);
423 break; 424 break;
425 case NL80211_IFTYPE_ADHOC:
426 /* XXX */
427 break;
424 case NL80211_IFTYPE_AP: 428 case NL80211_IFTYPE_AP:
425 del_ap_files(sdata); 429 del_ap_files(sdata);
426 break; 430 break;
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index a2fbe0131312..90230c718b5b 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -67,14 +67,15 @@ static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
67 char buf[100]; 67 char buf[100];
68 struct sta_info *sta = file->private_data; 68 struct sta_info *sta = file->private_data;
69 u32 staflags = get_sta_flags(sta); 69 u32 staflags = get_sta_flags(sta);
70 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s", 70 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s",
71 staflags & WLAN_STA_AUTH ? "AUTH\n" : "", 71 staflags & WLAN_STA_AUTH ? "AUTH\n" : "",
72 staflags & WLAN_STA_ASSOC ? "ASSOC\n" : "", 72 staflags & WLAN_STA_ASSOC ? "ASSOC\n" : "",
73 staflags & WLAN_STA_PS ? "PS\n" : "", 73 staflags & WLAN_STA_PS ? "PS\n" : "",
74 staflags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "", 74 staflags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "",
75 staflags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "", 75 staflags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "",
76 staflags & WLAN_STA_WME ? "WME\n" : "", 76 staflags & WLAN_STA_WME ? "WME\n" : "",
77 staflags & WLAN_STA_WDS ? "WDS\n" : ""); 77 staflags & WLAN_STA_WDS ? "WDS\n" : "",
78 staflags & WLAN_STA_MFP ? "MFP\n" : "");
78 return simple_read_from_buffer(userbuf, count, ppos, buf, res); 79 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
79} 80}
80STA_OPS(flags); 81STA_OPS(flags);
diff --git a/net/mac80211/ht.c b/net/mac80211/ht.c
index c5c0c5271096..4e3c72f20de7 100644
--- a/net/mac80211/ht.c
+++ b/net/mac80211/ht.c
@@ -17,8 +17,7 @@
17#include <net/wireless.h> 17#include <net/wireless.h>
18#include <net/mac80211.h> 18#include <net/mac80211.h>
19#include "ieee80211_i.h" 19#include "ieee80211_i.h"
20#include "sta_info.h" 20#include "rate.h"
21#include "wme.h"
22 21
23void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_supported_band *sband, 22void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_supported_band *sband,
24 struct ieee80211_ht_cap *ht_cap_ie, 23 struct ieee80211_ht_cap *ht_cap_ie,
@@ -95,7 +94,9 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
95{ 94{
96 struct ieee80211_local *local = sdata->local; 95 struct ieee80211_local *local = sdata->local;
97 struct ieee80211_supported_band *sband; 96 struct ieee80211_supported_band *sband;
97 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
98 struct ieee80211_bss_ht_conf ht; 98 struct ieee80211_bss_ht_conf ht;
99 struct sta_info *sta;
99 u32 changed = 0; 100 u32 changed = 0;
100 bool enable_ht = true, ht_changed; 101 bool enable_ht = true, ht_changed;
101 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 102 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
@@ -130,14 +131,25 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
130 } 131 }
131 } 132 }
132 133
133 ht_changed = local->hw.conf.ht.enabled != enable_ht || 134 ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
134 channel_type != local->hw.conf.ht.channel_type; 135 channel_type != local->hw.conf.channel_type;
135 136
136 local->oper_channel_type = channel_type; 137 local->oper_channel_type = channel_type;
137 local->hw.conf.ht.enabled = enable_ht;
138 138
139 if (ht_changed) 139 if (ht_changed) {
140 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_HT); 140 /* channel_type change automatically detected */
141 ieee80211_hw_config(local, 0);
142
143 rcu_read_lock();
144
145 sta = sta_info_get(local, ifmgd->bssid);
146 if (sta)
147 rate_control_rate_update(local, sband, sta,
148 IEEE80211_RC_HT_CHANGED);
149
150 rcu_read_unlock();
151
152 }
141 153
142 /* disable HT */ 154 /* disable HT */
143 if (!enable_ht) 155 if (!enable_ht)
@@ -154,108 +166,22 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
154 return changed; 166 return changed;
155} 167}
156 168
157static void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata, 169void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta)
158 const u8 *da, u16 tid,
159 u8 dialog_token, u16 start_seq_num,
160 u16 agg_size, u16 timeout)
161{ 170{
162 struct ieee80211_local *local = sdata->local; 171 int i;
163 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
164 struct sk_buff *skb;
165 struct ieee80211_mgmt *mgmt;
166 u16 capab;
167
168 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
169
170 if (!skb) {
171 printk(KERN_ERR "%s: failed to allocate buffer "
172 "for addba request frame\n", sdata->dev->name);
173 return;
174 }
175 skb_reserve(skb, local->hw.extra_tx_headroom);
176 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
177 memset(mgmt, 0, 24);
178 memcpy(mgmt->da, da, ETH_ALEN);
179 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
180 if (sdata->vif.type == NL80211_IFTYPE_AP)
181 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
182 else
183 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
184
185 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
186 IEEE80211_STYPE_ACTION);
187
188 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
189
190 mgmt->u.action.category = WLAN_CATEGORY_BACK;
191 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
192
193 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
194 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
195 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
196 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
197
198 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
199
200 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
201 mgmt->u.action.u.addba_req.start_seq_num =
202 cpu_to_le16(start_seq_num << 4);
203
204 ieee80211_tx_skb(sdata, skb, 0);
205}
206
207static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
208 u8 dialog_token, u16 status, u16 policy,
209 u16 buf_size, u16 timeout)
210{
211 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
212 struct ieee80211_local *local = sdata->local;
213 struct sk_buff *skb;
214 struct ieee80211_mgmt *mgmt;
215 u16 capab;
216
217 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
218 172
219 if (!skb) { 173 for (i = 0; i < STA_TID_NUM; i++) {
220 printk(KERN_DEBUG "%s: failed to allocate buffer " 174 __ieee80211_stop_tx_ba_session(sta, i, WLAN_BACK_INITIATOR);
221 "for addba resp frame\n", sdata->dev->name); 175 __ieee80211_stop_rx_ba_session(sta, i, WLAN_BACK_RECIPIENT,
222 return; 176 WLAN_REASON_QSTA_LEAVE_QBSS);
223 } 177 }
224
225 skb_reserve(skb, local->hw.extra_tx_headroom);
226 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
227 memset(mgmt, 0, 24);
228 memcpy(mgmt->da, da, ETH_ALEN);
229 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
230 if (sdata->vif.type == NL80211_IFTYPE_AP)
231 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
232 else
233 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
234 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
235 IEEE80211_STYPE_ACTION);
236
237 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
238 mgmt->u.action.category = WLAN_CATEGORY_BACK;
239 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
240 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
241
242 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
243 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
244 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
245
246 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
247 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
248 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
249
250 ieee80211_tx_skb(sdata, skb, 0);
251} 178}
252 179
253static void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata, 180void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
254 const u8 *da, u16 tid, 181 const u8 *da, u16 tid,
255 u16 initiator, u16 reason_code) 182 u16 initiator, u16 reason_code)
256{ 183{
257 struct ieee80211_local *local = sdata->local; 184 struct ieee80211_local *local = sdata->local;
258 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
259 struct sk_buff *skb; 185 struct sk_buff *skb;
260 struct ieee80211_mgmt *mgmt; 186 struct ieee80211_mgmt *mgmt;
261 u16 params; 187 u16 params;
@@ -273,10 +199,12 @@ static void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
273 memset(mgmt, 0, 24); 199 memset(mgmt, 0, 24);
274 memcpy(mgmt->da, da, ETH_ALEN); 200 memcpy(mgmt->da, da, ETH_ALEN);
275 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 201 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
276 if (sdata->vif.type == NL80211_IFTYPE_AP) 202 if (sdata->vif.type == NL80211_IFTYPE_AP ||
203 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
277 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN); 204 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
278 else 205 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
279 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 206 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
207
280 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 208 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
281 IEEE80211_STYPE_ACTION); 209 IEEE80211_STYPE_ACTION);
282 210
@@ -290,770 +218,7 @@ static void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
290 mgmt->u.action.u.delba.params = cpu_to_le16(params); 218 mgmt->u.action.u.delba.params = cpu_to_le16(params);
291 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code); 219 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
292 220
293 ieee80211_tx_skb(sdata, skb, 0); 221 ieee80211_tx_skb(sdata, skb, 1);
294}
295
296void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
297{
298 struct ieee80211_local *local = sdata->local;
299 struct sk_buff *skb;
300 struct ieee80211_bar *bar;
301 u16 bar_control = 0;
302
303 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
304 if (!skb) {
305 printk(KERN_ERR "%s: failed to allocate buffer for "
306 "bar frame\n", sdata->dev->name);
307 return;
308 }
309 skb_reserve(skb, local->hw.extra_tx_headroom);
310 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
311 memset(bar, 0, sizeof(*bar));
312 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
313 IEEE80211_STYPE_BACK_REQ);
314 memcpy(bar->ra, ra, ETH_ALEN);
315 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
316 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
317 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
318 bar_control |= (u16)(tid << 12);
319 bar->control = cpu_to_le16(bar_control);
320 bar->start_seq_num = cpu_to_le16(ssn);
321
322 ieee80211_tx_skb(sdata, skb, 0);
323}
324
325void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
326 u16 initiator, u16 reason)
327{
328 struct ieee80211_local *local = sdata->local;
329 struct ieee80211_hw *hw = &local->hw;
330 struct sta_info *sta;
331 int ret, i;
332
333 rcu_read_lock();
334
335 sta = sta_info_get(local, ra);
336 if (!sta) {
337 rcu_read_unlock();
338 return;
339 }
340
341 /* check if TID is in operational state */
342 spin_lock_bh(&sta->lock);
343 if (sta->ampdu_mlme.tid_state_rx[tid]
344 != HT_AGG_STATE_OPERATIONAL) {
345 spin_unlock_bh(&sta->lock);
346 rcu_read_unlock();
347 return;
348 }
349 sta->ampdu_mlme.tid_state_rx[tid] =
350 HT_AGG_STATE_REQ_STOP_BA_MSK |
351 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
352 spin_unlock_bh(&sta->lock);
353
354 /* stop HW Rx aggregation. ampdu_action existence
355 * already verified in session init so we add the BUG_ON */
356 BUG_ON(!local->ops->ampdu_action);
357
358#ifdef CONFIG_MAC80211_HT_DEBUG
359 printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n",
360 ra, tid);
361#endif /* CONFIG_MAC80211_HT_DEBUG */
362
363 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
364 &sta->sta, tid, NULL);
365 if (ret)
366 printk(KERN_DEBUG "HW problem - can not stop rx "
367 "aggregation for tid %d\n", tid);
368
369 /* shutdown timer has not expired */
370 if (initiator != WLAN_BACK_TIMER)
371 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
372
373 /* check if this is a self generated aggregation halt */
374 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
375 ieee80211_send_delba(sdata, ra, tid, 0, reason);
376
377 /* free the reordering buffer */
378 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
379 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
380 /* release the reordered frames */
381 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
382 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
383 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
384 }
385 }
386 /* free resources */
387 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
388 kfree(sta->ampdu_mlme.tid_rx[tid]);
389 sta->ampdu_mlme.tid_rx[tid] = NULL;
390 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
391
392 rcu_read_unlock();
393}
394
395
396/*
397 * After sending add Block Ack request we activated a timer until
398 * add Block Ack response will arrive from the recipient.
399 * If this timer expires sta_addba_resp_timer_expired will be executed.
400 */
401static void sta_addba_resp_timer_expired(unsigned long data)
402{
403 /* not an elegant detour, but there is no choice as the timer passes
404 * only one argument, and both sta_info and TID are needed, so init
405 * flow in sta_info_create gives the TID as data, while the timer_to_id
406 * array gives the sta through container_of */
407 u16 tid = *(u8 *)data;
408 struct sta_info *temp_sta = container_of((void *)data,
409 struct sta_info, timer_to_tid[tid]);
410
411 struct ieee80211_local *local = temp_sta->local;
412 struct ieee80211_hw *hw = &local->hw;
413 struct sta_info *sta;
414 u8 *state;
415
416 rcu_read_lock();
417
418 sta = sta_info_get(local, temp_sta->sta.addr);
419 if (!sta) {
420 rcu_read_unlock();
421 return;
422 }
423
424 state = &sta->ampdu_mlme.tid_state_tx[tid];
425 /* check if the TID waits for addBA response */
426 spin_lock_bh(&sta->lock);
427 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
428 spin_unlock_bh(&sta->lock);
429 *state = HT_AGG_STATE_IDLE;
430#ifdef CONFIG_MAC80211_HT_DEBUG
431 printk(KERN_DEBUG "timer expired on tid %d but we are not "
432 "expecting addBA response there", tid);
433#endif
434 goto timer_expired_exit;
435 }
436
437#ifdef CONFIG_MAC80211_HT_DEBUG
438 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
439#endif
440
441 /* go through the state check in stop_BA_session */
442 *state = HT_AGG_STATE_OPERATIONAL;
443 spin_unlock_bh(&sta->lock);
444 ieee80211_stop_tx_ba_session(hw, temp_sta->sta.addr, tid,
445 WLAN_BACK_INITIATOR);
446
447timer_expired_exit:
448 rcu_read_unlock();
449}
450
451void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr)
452{
453 struct ieee80211_local *local = sdata->local;
454 int i;
455
456 for (i = 0; i < STA_TID_NUM; i++) {
457 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
458 WLAN_BACK_INITIATOR);
459 ieee80211_sta_stop_rx_ba_session(sdata, addr, i,
460 WLAN_BACK_RECIPIENT,
461 WLAN_REASON_QSTA_LEAVE_QBSS);
462 }
463}
464
465int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
466{
467 struct ieee80211_local *local = hw_to_local(hw);
468 struct sta_info *sta;
469 struct ieee80211_sub_if_data *sdata;
470 u16 start_seq_num;
471 u8 *state;
472 int ret = 0;
473
474 if ((tid >= STA_TID_NUM) || !(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
475 return -EINVAL;
476
477#ifdef CONFIG_MAC80211_HT_DEBUG
478 printk(KERN_DEBUG "Open BA session requested for %pM tid %u\n",
479 ra, tid);
480#endif /* CONFIG_MAC80211_HT_DEBUG */
481
482 rcu_read_lock();
483
484 sta = sta_info_get(local, ra);
485 if (!sta) {
486#ifdef CONFIG_MAC80211_HT_DEBUG
487 printk(KERN_DEBUG "Could not find the station\n");
488#endif
489 ret = -ENOENT;
490 goto exit;
491 }
492
493 spin_lock_bh(&sta->lock);
494
495 /* we have tried too many times, receiver does not want A-MPDU */
496 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
497 ret = -EBUSY;
498 goto err_unlock_sta;
499 }
500
501 state = &sta->ampdu_mlme.tid_state_tx[tid];
502 /* check if the TID is not in aggregation flow already */
503 if (*state != HT_AGG_STATE_IDLE) {
504#ifdef CONFIG_MAC80211_HT_DEBUG
505 printk(KERN_DEBUG "BA request denied - session is not "
506 "idle on tid %u\n", tid);
507#endif /* CONFIG_MAC80211_HT_DEBUG */
508 ret = -EAGAIN;
509 goto err_unlock_sta;
510 }
511
512 /* prepare A-MPDU MLME for Tx aggregation */
513 sta->ampdu_mlme.tid_tx[tid] =
514 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
515 if (!sta->ampdu_mlme.tid_tx[tid]) {
516#ifdef CONFIG_MAC80211_HT_DEBUG
517 if (net_ratelimit())
518 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
519 tid);
520#endif
521 ret = -ENOMEM;
522 goto err_unlock_sta;
523 }
524 /* Tx timer */
525 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
526 sta_addba_resp_timer_expired;
527 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
528 (unsigned long)&sta->timer_to_tid[tid];
529 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
530
531 if (hw->ampdu_queues) {
532 /* create a new queue for this aggregation */
533 ret = ieee80211_ht_agg_queue_add(local, sta, tid);
534
535 /* case no queue is available to aggregation
536 * don't switch to aggregation */
537 if (ret) {
538#ifdef CONFIG_MAC80211_HT_DEBUG
539 printk(KERN_DEBUG "BA request denied - "
540 "queue unavailable for tid %d\n", tid);
541#endif /* CONFIG_MAC80211_HT_DEBUG */
542 goto err_unlock_queue;
543 }
544 }
545 sdata = sta->sdata;
546
547 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
548 * call back right away, it must see that the flow has begun */
549 *state |= HT_ADDBA_REQUESTED_MSK;
550
551 /* This is slightly racy because the queue isn't stopped */
552 start_seq_num = sta->tid_seq[tid];
553
554 if (local->ops->ampdu_action)
555 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
556 &sta->sta, tid, &start_seq_num);
557
558 if (ret) {
559 /* No need to requeue the packets in the agg queue, since we
560 * held the tx lock: no packet could be enqueued to the newly
561 * allocated queue */
562 if (hw->ampdu_queues)
563 ieee80211_ht_agg_queue_remove(local, sta, tid, 0);
564#ifdef CONFIG_MAC80211_HT_DEBUG
565 printk(KERN_DEBUG "BA request denied - HW unavailable for"
566 " tid %d\n", tid);
567#endif /* CONFIG_MAC80211_HT_DEBUG */
568 *state = HT_AGG_STATE_IDLE;
569 goto err_unlock_queue;
570 }
571
572 /* Will put all the packets in the new SW queue */
573 if (hw->ampdu_queues)
574 ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
575 spin_unlock_bh(&sta->lock);
576
577 /* send an addBA request */
578 sta->ampdu_mlme.dialog_token_allocator++;
579 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
580 sta->ampdu_mlme.dialog_token_allocator;
581 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
582
583
584 ieee80211_send_addba_request(sta->sdata, ra, tid,
585 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
586 sta->ampdu_mlme.tid_tx[tid]->ssn,
587 0x40, 5000);
588 /* activate the timer for the recipient's addBA response */
589 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
590 jiffies + ADDBA_RESP_INTERVAL;
591 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
592#ifdef CONFIG_MAC80211_HT_DEBUG
593 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
594#endif
595 goto exit;
596
597err_unlock_queue:
598 kfree(sta->ampdu_mlme.tid_tx[tid]);
599 sta->ampdu_mlme.tid_tx[tid] = NULL;
600 ret = -EBUSY;
601err_unlock_sta:
602 spin_unlock_bh(&sta->lock);
603exit:
604 rcu_read_unlock();
605 return ret;
606}
607EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
608
609int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
610 u8 *ra, u16 tid,
611 enum ieee80211_back_parties initiator)
612{
613 struct ieee80211_local *local = hw_to_local(hw);
614 struct sta_info *sta;
615 u8 *state;
616 int ret = 0;
617
618 if (tid >= STA_TID_NUM)
619 return -EINVAL;
620
621 rcu_read_lock();
622 sta = sta_info_get(local, ra);
623 if (!sta) {
624 rcu_read_unlock();
625 return -ENOENT;
626 }
627
628 /* check if the TID is in aggregation */
629 state = &sta->ampdu_mlme.tid_state_tx[tid];
630 spin_lock_bh(&sta->lock);
631
632 if (*state != HT_AGG_STATE_OPERATIONAL) {
633 ret = -ENOENT;
634 goto stop_BA_exit;
635 }
636
637#ifdef CONFIG_MAC80211_HT_DEBUG
638 printk(KERN_DEBUG "Tx BA session stop requested for %pM tid %u\n",
639 ra, tid);
640#endif /* CONFIG_MAC80211_HT_DEBUG */
641
642 if (hw->ampdu_queues)
643 ieee80211_stop_queue(hw, sta->tid_to_tx_q[tid]);
644
645 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
646 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
647
648 if (local->ops->ampdu_action)
649 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_STOP,
650 &sta->sta, tid, NULL);
651
652 /* case HW denied going back to legacy */
653 if (ret) {
654 WARN_ON(ret != -EBUSY);
655 *state = HT_AGG_STATE_OPERATIONAL;
656 if (hw->ampdu_queues)
657 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
658 goto stop_BA_exit;
659 }
660
661stop_BA_exit:
662 spin_unlock_bh(&sta->lock);
663 rcu_read_unlock();
664 return ret;
665}
666EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
667
668void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
669{
670 struct ieee80211_local *local = hw_to_local(hw);
671 struct sta_info *sta;
672 u8 *state;
673
674 if (tid >= STA_TID_NUM) {
675#ifdef CONFIG_MAC80211_HT_DEBUG
676 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
677 tid, STA_TID_NUM);
678#endif
679 return;
680 }
681
682 rcu_read_lock();
683 sta = sta_info_get(local, ra);
684 if (!sta) {
685 rcu_read_unlock();
686#ifdef CONFIG_MAC80211_HT_DEBUG
687 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
688#endif
689 return;
690 }
691
692 state = &sta->ampdu_mlme.tid_state_tx[tid];
693 spin_lock_bh(&sta->lock);
694
695 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
696#ifdef CONFIG_MAC80211_HT_DEBUG
697 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
698 *state);
699#endif
700 spin_unlock_bh(&sta->lock);
701 rcu_read_unlock();
702 return;
703 }
704
705 WARN_ON_ONCE(*state & HT_ADDBA_DRV_READY_MSK);
706
707 *state |= HT_ADDBA_DRV_READY_MSK;
708
709 if (*state == HT_AGG_STATE_OPERATIONAL) {
710#ifdef CONFIG_MAC80211_HT_DEBUG
711 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
712#endif
713 if (hw->ampdu_queues)
714 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
715 }
716 spin_unlock_bh(&sta->lock);
717 rcu_read_unlock();
718}
719EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
720
721void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
722{
723 struct ieee80211_local *local = hw_to_local(hw);
724 struct sta_info *sta;
725 u8 *state;
726 int agg_queue;
727
728 if (tid >= STA_TID_NUM) {
729#ifdef CONFIG_MAC80211_HT_DEBUG
730 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
731 tid, STA_TID_NUM);
732#endif
733 return;
734 }
735
736#ifdef CONFIG_MAC80211_HT_DEBUG
737 printk(KERN_DEBUG "Stopping Tx BA session for %pM tid %d\n",
738 ra, tid);
739#endif /* CONFIG_MAC80211_HT_DEBUG */
740
741 rcu_read_lock();
742 sta = sta_info_get(local, ra);
743 if (!sta) {
744#ifdef CONFIG_MAC80211_HT_DEBUG
745 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
746#endif
747 rcu_read_unlock();
748 return;
749 }
750 state = &sta->ampdu_mlme.tid_state_tx[tid];
751
752 /* NOTE: no need to use sta->lock in this state check, as
753 * ieee80211_stop_tx_ba_session will let only one stop call to
754 * pass through per sta/tid
755 */
756 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
757#ifdef CONFIG_MAC80211_HT_DEBUG
758 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
759#endif
760 rcu_read_unlock();
761 return;
762 }
763
764 if (*state & HT_AGG_STATE_INITIATOR_MSK)
765 ieee80211_send_delba(sta->sdata, ra, tid,
766 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
767
768 if (hw->ampdu_queues) {
769 agg_queue = sta->tid_to_tx_q[tid];
770 ieee80211_ht_agg_queue_remove(local, sta, tid, 1);
771
772 /* We just requeued the all the frames that were in the
773 * removed queue, and since we might miss a softirq we do
774 * netif_schedule_queue. ieee80211_wake_queue is not used
775 * here as this queue is not necessarily stopped
776 */
777 netif_schedule_queue(netdev_get_tx_queue(local->mdev,
778 agg_queue));
779 }
780 spin_lock_bh(&sta->lock);
781 *state = HT_AGG_STATE_IDLE;
782 sta->ampdu_mlme.addba_req_num[tid] = 0;
783 kfree(sta->ampdu_mlme.tid_tx[tid]);
784 sta->ampdu_mlme.tid_tx[tid] = NULL;
785 spin_unlock_bh(&sta->lock);
786
787 rcu_read_unlock();
788}
789EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
790
791void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
792 const u8 *ra, u16 tid)
793{
794 struct ieee80211_local *local = hw_to_local(hw);
795 struct ieee80211_ra_tid *ra_tid;
796 struct sk_buff *skb = dev_alloc_skb(0);
797
798 if (unlikely(!skb)) {
799#ifdef CONFIG_MAC80211_HT_DEBUG
800 if (net_ratelimit())
801 printk(KERN_WARNING "%s: Not enough memory, "
802 "dropping start BA session", skb->dev->name);
803#endif
804 return;
805 }
806 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
807 memcpy(&ra_tid->ra, ra, ETH_ALEN);
808 ra_tid->tid = tid;
809
810 skb->pkt_type = IEEE80211_ADDBA_MSG;
811 skb_queue_tail(&local->skb_queue, skb);
812 tasklet_schedule(&local->tasklet);
813}
814EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
815
816void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
817 const u8 *ra, u16 tid)
818{
819 struct ieee80211_local *local = hw_to_local(hw);
820 struct ieee80211_ra_tid *ra_tid;
821 struct sk_buff *skb = dev_alloc_skb(0);
822
823 if (unlikely(!skb)) {
824#ifdef CONFIG_MAC80211_HT_DEBUG
825 if (net_ratelimit())
826 printk(KERN_WARNING "%s: Not enough memory, "
827 "dropping stop BA session", skb->dev->name);
828#endif
829 return;
830 }
831 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
832 memcpy(&ra_tid->ra, ra, ETH_ALEN);
833 ra_tid->tid = tid;
834
835 skb->pkt_type = IEEE80211_DELBA_MSG;
836 skb_queue_tail(&local->skb_queue, skb);
837 tasklet_schedule(&local->tasklet);
838}
839EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
840
841/*
842 * After accepting the AddBA Request we activated a timer,
843 * resetting it after each frame that arrives from the originator.
844 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
845 */
846static void sta_rx_agg_session_timer_expired(unsigned long data)
847{
848 /* not an elegant detour, but there is no choice as the timer passes
849 * only one argument, and various sta_info are needed here, so init
850 * flow in sta_info_create gives the TID as data, while the timer_to_id
851 * array gives the sta through container_of */
852 u8 *ptid = (u8 *)data;
853 u8 *timer_to_id = ptid - *ptid;
854 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
855 timer_to_tid[0]);
856
857#ifdef CONFIG_MAC80211_HT_DEBUG
858 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
859#endif
860 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->sta.addr,
861 (u16)*ptid, WLAN_BACK_TIMER,
862 WLAN_REASON_QSTA_TIMEOUT);
863}
864
865void ieee80211_process_addba_request(struct ieee80211_local *local,
866 struct sta_info *sta,
867 struct ieee80211_mgmt *mgmt,
868 size_t len)
869{
870 struct ieee80211_hw *hw = &local->hw;
871 struct ieee80211_conf *conf = &hw->conf;
872 struct tid_ampdu_rx *tid_agg_rx;
873 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
874 u8 dialog_token;
875 int ret = -EOPNOTSUPP;
876
877 /* extract session parameters from addba request frame */
878 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
879 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
880 start_seq_num =
881 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
882
883 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
884 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
885 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
886 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
887
888 status = WLAN_STATUS_REQUEST_DECLINED;
889
890 /* sanity check for incoming parameters:
891 * check if configuration can support the BA policy
892 * and if buffer size does not exceeds max value */
893 /* XXX: check own ht delayed BA capability?? */
894 if (((ba_policy != 1)
895 && (!(sta->sta.ht_cap.cap & IEEE80211_HT_CAP_DELAY_BA)))
896 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
897 status = WLAN_STATUS_INVALID_QOS_PARAM;
898#ifdef CONFIG_MAC80211_HT_DEBUG
899 if (net_ratelimit())
900 printk(KERN_DEBUG "AddBA Req with bad params from "
901 "%pM on tid %u. policy %d, buffer size %d\n",
902 mgmt->sa, tid, ba_policy,
903 buf_size);
904#endif /* CONFIG_MAC80211_HT_DEBUG */
905 goto end_no_lock;
906 }
907 /* determine default buffer size */
908 if (buf_size == 0) {
909 struct ieee80211_supported_band *sband;
910
911 sband = local->hw.wiphy->bands[conf->channel->band];
912 buf_size = IEEE80211_MIN_AMPDU_BUF;
913 buf_size = buf_size << sband->ht_cap.ampdu_factor;
914 }
915
916
917 /* examine state machine */
918 spin_lock_bh(&sta->lock);
919
920 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
921#ifdef CONFIG_MAC80211_HT_DEBUG
922 if (net_ratelimit())
923 printk(KERN_DEBUG "unexpected AddBA Req from "
924 "%pM on tid %u\n",
925 mgmt->sa, tid);
926#endif /* CONFIG_MAC80211_HT_DEBUG */
927 goto end;
928 }
929
930 /* prepare A-MPDU MLME for Rx aggregation */
931 sta->ampdu_mlme.tid_rx[tid] =
932 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
933 if (!sta->ampdu_mlme.tid_rx[tid]) {
934#ifdef CONFIG_MAC80211_HT_DEBUG
935 if (net_ratelimit())
936 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
937 tid);
938#endif
939 goto end;
940 }
941 /* rx timer */
942 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
943 sta_rx_agg_session_timer_expired;
944 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
945 (unsigned long)&sta->timer_to_tid[tid];
946 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
947
948 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
949
950 /* prepare reordering buffer */
951 tid_agg_rx->reorder_buf =
952 kmalloc(buf_size * sizeof(struct sk_buff *), GFP_ATOMIC);
953 if (!tid_agg_rx->reorder_buf) {
954#ifdef CONFIG_MAC80211_HT_DEBUG
955 if (net_ratelimit())
956 printk(KERN_ERR "can not allocate reordering buffer "
957 "to tid %d\n", tid);
958#endif
959 kfree(sta->ampdu_mlme.tid_rx[tid]);
960 goto end;
961 }
962 memset(tid_agg_rx->reorder_buf, 0,
963 buf_size * sizeof(struct sk_buff *));
964
965 if (local->ops->ampdu_action)
966 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
967 &sta->sta, tid, &start_seq_num);
968#ifdef CONFIG_MAC80211_HT_DEBUG
969 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
970#endif /* CONFIG_MAC80211_HT_DEBUG */
971
972 if (ret) {
973 kfree(tid_agg_rx->reorder_buf);
974 kfree(tid_agg_rx);
975 sta->ampdu_mlme.tid_rx[tid] = NULL;
976 goto end;
977 }
978
979 /* change state and send addba resp */
980 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
981 tid_agg_rx->dialog_token = dialog_token;
982 tid_agg_rx->ssn = start_seq_num;
983 tid_agg_rx->head_seq_num = start_seq_num;
984 tid_agg_rx->buf_size = buf_size;
985 tid_agg_rx->timeout = timeout;
986 tid_agg_rx->stored_mpdu_num = 0;
987 status = WLAN_STATUS_SUCCESS;
988end:
989 spin_unlock_bh(&sta->lock);
990
991end_no_lock:
992 ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid,
993 dialog_token, status, 1, buf_size, timeout);
994}
995
996void ieee80211_process_addba_resp(struct ieee80211_local *local,
997 struct sta_info *sta,
998 struct ieee80211_mgmt *mgmt,
999 size_t len)
1000{
1001 struct ieee80211_hw *hw = &local->hw;
1002 u16 capab;
1003 u16 tid, start_seq_num;
1004 u8 *state;
1005
1006 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1007 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1008
1009 state = &sta->ampdu_mlme.tid_state_tx[tid];
1010
1011 spin_lock_bh(&sta->lock);
1012
1013 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1014 spin_unlock_bh(&sta->lock);
1015 return;
1016 }
1017
1018 if (mgmt->u.action.u.addba_resp.dialog_token !=
1019 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1020 spin_unlock_bh(&sta->lock);
1021#ifdef CONFIG_MAC80211_HT_DEBUG
1022 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1023#endif /* CONFIG_MAC80211_HT_DEBUG */
1024 return;
1025 }
1026
1027 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1028#ifdef CONFIG_MAC80211_HT_DEBUG
1029 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1030#endif /* CONFIG_MAC80211_HT_DEBUG */
1031 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1032 == WLAN_STATUS_SUCCESS) {
1033 *state |= HT_ADDBA_RECEIVED_MSK;
1034 sta->ampdu_mlme.addba_req_num[tid] = 0;
1035
1036 if (*state == HT_AGG_STATE_OPERATIONAL &&
1037 local->hw.ampdu_queues)
1038 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1039
1040 if (local->ops->ampdu_action) {
1041 (void)local->ops->ampdu_action(hw,
1042 IEEE80211_AMPDU_TX_RESUME,
1043 &sta->sta, tid, &start_seq_num);
1044 }
1045#ifdef CONFIG_MAC80211_HT_DEBUG
1046 printk(KERN_DEBUG "Resuming TX aggregation for tid %d\n", tid);
1047#endif /* CONFIG_MAC80211_HT_DEBUG */
1048 spin_unlock_bh(&sta->lock);
1049 } else {
1050 sta->ampdu_mlme.addba_req_num[tid]++;
1051 /* this will allow the state check in stop_BA_session */
1052 *state = HT_AGG_STATE_OPERATIONAL;
1053 spin_unlock_bh(&sta->lock);
1054 ieee80211_stop_tx_ba_session(hw, sta->sta.addr, tid,
1055 WLAN_BACK_INITIATOR);
1056 }
1057} 222}
1058 223
1059void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata, 224void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata,
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
new file mode 100644
index 000000000000..f4becc12904e
--- /dev/null
+++ b/net/mac80211/ibss.c
@@ -0,0 +1,907 @@
1/*
2 * IBSS mode implementation
3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 * Copyright 2009, Johannes Berg <johannes@sipsolutions.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2 as
12 * published by the Free Software Foundation.
13 */
14
15#include <linux/delay.h>
16#include <linux/if_ether.h>
17#include <linux/skbuff.h>
18#include <linux/if_arp.h>
19#include <linux/etherdevice.h>
20#include <linux/rtnetlink.h>
21#include <net/mac80211.h>
22#include <asm/unaligned.h>
23
24#include "ieee80211_i.h"
25#include "rate.h"
26
27#define IEEE80211_SCAN_INTERVAL (2 * HZ)
28#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
29#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
30
31#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
32#define IEEE80211_IBSS_MERGE_DELAY 0x400000
33#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
34
35#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
36
37
38static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
39 struct ieee80211_mgmt *mgmt,
40 size_t len)
41{
42 u16 auth_alg, auth_transaction, status_code;
43
44 if (len < 24 + 6)
45 return;
46
47 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
48 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
49 status_code = le16_to_cpu(mgmt->u.auth.status_code);
50
51 /*
52 * IEEE 802.11 standard does not require authentication in IBSS
53 * networks and most implementations do not seem to use it.
54 * However, try to reply to authentication attempts if someone
55 * has actually implemented this.
56 */
57 if (auth_alg == WLAN_AUTH_OPEN && auth_transaction == 1)
58 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0,
59 sdata->u.ibss.bssid, 0);
60}
61
62static int __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
63 const u8 *bssid, const int beacon_int,
64 const int freq,
65 const size_t supp_rates_len,
66 const u8 *supp_rates,
67 const u16 capability, u64 tsf)
68{
69 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
70 struct ieee80211_local *local = sdata->local;
71 int res = 0, rates, i, j;
72 struct sk_buff *skb;
73 struct ieee80211_mgmt *mgmt;
74 u8 *pos;
75 struct ieee80211_supported_band *sband;
76 union iwreq_data wrqu;
77
78 if (local->ops->reset_tsf) {
79 /* Reset own TSF to allow time synchronization work. */
80 local->ops->reset_tsf(local_to_hw(local));
81 }
82
83 if ((ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET) &&
84 memcmp(ifibss->bssid, bssid, ETH_ALEN) == 0)
85 return res;
86
87 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
88 if (!skb) {
89 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
90 "response\n", sdata->dev->name);
91 return -ENOMEM;
92 }
93
94 if (!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET)) {
95 /* Remove possible STA entries from other IBSS networks. */
96 sta_info_flush_delayed(sdata);
97 }
98
99 memcpy(ifibss->bssid, bssid, ETH_ALEN);
100 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
101 if (res)
102 return res;
103
104 local->hw.conf.beacon_int = beacon_int >= 10 ? beacon_int : 10;
105
106 sdata->drop_unencrypted = capability &
107 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
108
109 res = ieee80211_set_freq(sdata, freq);
110
111 if (res)
112 return res;
113
114 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
115
116 /* Build IBSS probe response */
117
118 skb_reserve(skb, local->hw.extra_tx_headroom);
119
120 mgmt = (struct ieee80211_mgmt *)
121 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
122 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
123 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
124 IEEE80211_STYPE_PROBE_RESP);
125 memset(mgmt->da, 0xff, ETH_ALEN);
126 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
127 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
128 mgmt->u.beacon.beacon_int =
129 cpu_to_le16(local->hw.conf.beacon_int);
130 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
131 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
132
133 pos = skb_put(skb, 2 + ifibss->ssid_len);
134 *pos++ = WLAN_EID_SSID;
135 *pos++ = ifibss->ssid_len;
136 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
137
138 rates = supp_rates_len;
139 if (rates > 8)
140 rates = 8;
141 pos = skb_put(skb, 2 + rates);
142 *pos++ = WLAN_EID_SUPP_RATES;
143 *pos++ = rates;
144 memcpy(pos, supp_rates, rates);
145
146 if (sband->band == IEEE80211_BAND_2GHZ) {
147 pos = skb_put(skb, 2 + 1);
148 *pos++ = WLAN_EID_DS_PARAMS;
149 *pos++ = 1;
150 *pos++ = ieee80211_frequency_to_channel(freq);
151 }
152
153 pos = skb_put(skb, 2 + 2);
154 *pos++ = WLAN_EID_IBSS_PARAMS;
155 *pos++ = 2;
156 /* FIX: set ATIM window based on scan results */
157 *pos++ = 0;
158 *pos++ = 0;
159
160 if (supp_rates_len > 8) {
161 rates = supp_rates_len - 8;
162 pos = skb_put(skb, 2 + rates);
163 *pos++ = WLAN_EID_EXT_SUPP_RATES;
164 *pos++ = rates;
165 memcpy(pos, &supp_rates[8], rates);
166 }
167
168 ifibss->probe_resp = skb;
169
170 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON |
171 IEEE80211_IFCC_BEACON_ENABLED);
172
173
174 rates = 0;
175 for (i = 0; i < supp_rates_len; i++) {
176 int bitrate = (supp_rates[i] & 0x7f) * 5;
177 for (j = 0; j < sband->n_bitrates; j++)
178 if (sband->bitrates[j].bitrate == bitrate)
179 rates |= BIT(j);
180 }
181
182 ieee80211_sta_def_wmm_params(sdata, supp_rates_len, supp_rates);
183
184 ifibss->flags |= IEEE80211_IBSS_PREV_BSSID_SET;
185 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
186 mod_timer(&ifibss->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
187
188 memset(&wrqu, 0, sizeof(wrqu));
189 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
190 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
191
192 return res;
193}
194
195static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
196 struct ieee80211_bss *bss)
197{
198 return __ieee80211_sta_join_ibss(sdata,
199 bss->cbss.bssid,
200 bss->cbss.beacon_interval,
201 bss->cbss.channel->center_freq,
202 bss->supp_rates_len, bss->supp_rates,
203 bss->cbss.capability,
204 bss->cbss.tsf);
205}
206
207static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
208 struct ieee80211_mgmt *mgmt,
209 size_t len,
210 struct ieee80211_rx_status *rx_status,
211 struct ieee802_11_elems *elems,
212 bool beacon)
213{
214 struct ieee80211_local *local = sdata->local;
215 int freq;
216 struct ieee80211_bss *bss;
217 struct sta_info *sta;
218 struct ieee80211_channel *channel;
219 u64 beacon_timestamp, rx_timestamp;
220 u32 supp_rates = 0;
221 enum ieee80211_band band = rx_status->band;
222
223 if (elems->ds_params && elems->ds_params_len == 1)
224 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
225 else
226 freq = rx_status->freq;
227
228 channel = ieee80211_get_channel(local->hw.wiphy, freq);
229
230 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
231 return;
232
233 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && elems->supp_rates &&
234 memcmp(mgmt->bssid, sdata->u.ibss.bssid, ETH_ALEN) == 0) {
235 supp_rates = ieee80211_sta_get_rates(local, elems, band);
236
237 rcu_read_lock();
238
239 sta = sta_info_get(local, mgmt->sa);
240 if (sta) {
241 u32 prev_rates;
242
243 prev_rates = sta->sta.supp_rates[band];
244 /* make sure mandatory rates are always added */
245 sta->sta.supp_rates[band] = supp_rates |
246 ieee80211_mandatory_rates(local, band);
247
248#ifdef CONFIG_MAC80211_IBSS_DEBUG
249 if (sta->sta.supp_rates[band] != prev_rates)
250 printk(KERN_DEBUG "%s: updated supp_rates set "
251 "for %pM based on beacon info (0x%llx | "
252 "0x%llx -> 0x%llx)\n",
253 sdata->dev->name,
254 sta->sta.addr,
255 (unsigned long long) prev_rates,
256 (unsigned long long) supp_rates,
257 (unsigned long long) sta->sta.supp_rates[band]);
258#endif
259 } else
260 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
261
262 rcu_read_unlock();
263 }
264
265 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
266 channel, beacon);
267 if (!bss)
268 return;
269
270 /* was just updated in ieee80211_bss_info_update */
271 beacon_timestamp = bss->cbss.tsf;
272
273 /* check if we need to merge IBSS */
274
275 /* merge only on beacons (???) */
276 if (!beacon)
277 goto put_bss;
278
279 /* we use a fixed BSSID */
280 if (sdata->u.ibss.flags & IEEE80211_IBSS_BSSID_SET)
281 goto put_bss;
282
283 /* not an IBSS */
284 if (!(bss->cbss.capability & WLAN_CAPABILITY_IBSS))
285 goto put_bss;
286
287 /* different channel */
288 if (bss->cbss.channel != local->oper_channel)
289 goto put_bss;
290
291 /* different SSID */
292 if (elems->ssid_len != sdata->u.ibss.ssid_len ||
293 memcmp(elems->ssid, sdata->u.ibss.ssid,
294 sdata->u.ibss.ssid_len))
295 goto put_bss;
296
297 /* same BSSID */
298 if (memcmp(bss->cbss.bssid, sdata->u.ibss.bssid, ETH_ALEN) == 0)
299 goto put_bss;
300
301 if (rx_status->flag & RX_FLAG_TSFT) {
302 /*
303 * For correct IBSS merging we need mactime; since mactime is
304 * defined as the time the first data symbol of the frame hits
305 * the PHY, and the timestamp of the beacon is defined as "the
306 * time that the data symbol containing the first bit of the
307 * timestamp is transmitted to the PHY plus the transmitting
308 * STA's delays through its local PHY from the MAC-PHY
309 * interface to its interface with the WM" (802.11 11.1.2)
310 * - equals the time this bit arrives at the receiver - we have
311 * to take into account the offset between the two.
312 *
313 * E.g. at 1 MBit that means mactime is 192 usec earlier
314 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
315 */
316 int rate;
317
318 if (rx_status->flag & RX_FLAG_HT)
319 rate = 65; /* TODO: HT rates */
320 else
321 rate = local->hw.wiphy->bands[band]->
322 bitrates[rx_status->rate_idx].bitrate;
323
324 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
325 } else if (local && local->ops && local->ops->get_tsf)
326 /* second best option: get current TSF */
327 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
328 else
329 /* can't merge without knowing the TSF */
330 rx_timestamp = -1LLU;
331
332#ifdef CONFIG_MAC80211_IBSS_DEBUG
333 printk(KERN_DEBUG "RX beacon SA=%pM BSSID="
334 "%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
335 mgmt->sa, mgmt->bssid,
336 (unsigned long long)rx_timestamp,
337 (unsigned long long)beacon_timestamp,
338 (unsigned long long)(rx_timestamp - beacon_timestamp),
339 jiffies);
340#endif
341
342 /* give slow hardware some time to do the TSF sync */
343 if (rx_timestamp < IEEE80211_IBSS_MERGE_DELAY)
344 goto put_bss;
345
346 if (beacon_timestamp > rx_timestamp) {
347#ifdef CONFIG_MAC80211_IBSS_DEBUG
348 printk(KERN_DEBUG "%s: beacon TSF higher than "
349 "local TSF - IBSS merge with BSSID %pM\n",
350 sdata->dev->name, mgmt->bssid);
351#endif
352 ieee80211_sta_join_ibss(sdata, bss);
353 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
354 }
355
356 put_bss:
357 ieee80211_rx_bss_put(local, bss);
358}
359
360/*
361 * Add a new IBSS station, will also be called by the RX code when,
362 * in IBSS mode, receiving a frame from a yet-unknown station, hence
363 * must be callable in atomic context.
364 */
365struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
366 u8 *bssid,u8 *addr, u32 supp_rates)
367{
368 struct ieee80211_local *local = sdata->local;
369 struct sta_info *sta;
370 int band = local->hw.conf.channel->band;
371
372 /* TODO: Could consider removing the least recently used entry and
373 * allow new one to be added. */
374 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
375 if (net_ratelimit()) {
376 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
377 "entry %pM\n", sdata->dev->name, addr);
378 }
379 return NULL;
380 }
381
382 if (compare_ether_addr(bssid, sdata->u.ibss.bssid))
383 return NULL;
384
385#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
386 printk(KERN_DEBUG "%s: Adding new IBSS station %pM (dev=%s)\n",
387 wiphy_name(local->hw.wiphy), addr, sdata->dev->name);
388#endif
389
390 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
391 if (!sta)
392 return NULL;
393
394 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
395
396 /* make sure mandatory rates are always added */
397 sta->sta.supp_rates[band] = supp_rates |
398 ieee80211_mandatory_rates(local, band);
399
400 rate_control_rate_init(sta);
401
402 if (sta_info_insert(sta))
403 return NULL;
404
405 return sta;
406}
407
408static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
409{
410 struct ieee80211_local *local = sdata->local;
411 int active = 0;
412 struct sta_info *sta;
413
414 rcu_read_lock();
415
416 list_for_each_entry_rcu(sta, &local->sta_list, list) {
417 if (sta->sdata == sdata &&
418 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
419 jiffies)) {
420 active++;
421 break;
422 }
423 }
424
425 rcu_read_unlock();
426
427 return active;
428}
429
430
431static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
432{
433 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
434
435 mod_timer(&ifibss->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
436
437 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
438 if (ieee80211_sta_active_ibss(sdata))
439 return;
440
441 if ((ifibss->flags & IEEE80211_IBSS_BSSID_SET) &&
442 (!(ifibss->flags & IEEE80211_IBSS_AUTO_CHANNEL_SEL)))
443 return;
444
445 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
446 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
447
448 /* XXX maybe racy? */
449 if (sdata->local->scan_req)
450 return;
451
452 memcpy(sdata->local->int_scan_req.ssids[0].ssid,
453 ifibss->ssid, IEEE80211_MAX_SSID_LEN);
454 sdata->local->int_scan_req.ssids[0].ssid_len = ifibss->ssid_len;
455 ieee80211_request_scan(sdata, &sdata->local->int_scan_req);
456}
457
458static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
459{
460 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
461 struct ieee80211_local *local = sdata->local;
462 struct ieee80211_supported_band *sband;
463 u8 *pos;
464 u8 bssid[ETH_ALEN];
465 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
466 u16 capability;
467 int i;
468
469 if (ifibss->flags & IEEE80211_IBSS_BSSID_SET) {
470 memcpy(bssid, ifibss->bssid, ETH_ALEN);
471 } else {
472 /* Generate random, not broadcast, locally administered BSSID. Mix in
473 * own MAC address to make sure that devices that do not have proper
474 * random number generator get different BSSID. */
475 get_random_bytes(bssid, ETH_ALEN);
476 for (i = 0; i < ETH_ALEN; i++)
477 bssid[i] ^= sdata->dev->dev_addr[i];
478 bssid[0] &= ~0x01;
479 bssid[0] |= 0x02;
480 }
481
482 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n",
483 sdata->dev->name, bssid);
484
485 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
486
487 if (local->hw.conf.beacon_int == 0)
488 local->hw.conf.beacon_int = 100;
489
490 capability = WLAN_CAPABILITY_IBSS;
491
492 if (sdata->default_key)
493 capability |= WLAN_CAPABILITY_PRIVACY;
494 else
495 sdata->drop_unencrypted = 0;
496
497 pos = supp_rates;
498 for (i = 0; i < sband->n_bitrates; i++) {
499 int rate = sband->bitrates[i].bitrate;
500 *pos++ = (u8) (rate / 5);
501 }
502
503 return __ieee80211_sta_join_ibss(sdata,
504 bssid, local->hw.conf.beacon_int,
505 local->hw.conf.channel->center_freq,
506 sband->n_bitrates, supp_rates,
507 capability, 0);
508}
509
510static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
511{
512 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
513 struct ieee80211_local *local = sdata->local;
514 struct ieee80211_bss *bss;
515 const u8 *bssid = NULL;
516 int active_ibss;
517
518 if (ifibss->ssid_len == 0)
519 return -EINVAL;
520
521 active_ibss = ieee80211_sta_active_ibss(sdata);
522#ifdef CONFIG_MAC80211_IBSS_DEBUG
523 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
524 sdata->dev->name, active_ibss);
525#endif /* CONFIG_MAC80211_IBSS_DEBUG */
526
527 if (active_ibss)
528 return 0;
529
530 if (ifibss->flags & IEEE80211_IBSS_BSSID_SET)
531 bssid = ifibss->bssid;
532 bss = (void *)cfg80211_get_bss(local->hw.wiphy, NULL, bssid,
533 ifibss->ssid, ifibss->ssid_len,
534 WLAN_CAPABILITY_IBSS,
535 WLAN_CAPABILITY_IBSS);
536
537#ifdef CONFIG_MAC80211_IBSS_DEBUG
538 if (bss)
539 printk(KERN_DEBUG " sta_find_ibss: selected %pM current "
540 "%pM\n", bss->cbss.bssid, ifibss->bssid);
541#endif /* CONFIG_MAC80211_IBSS_DEBUG */
542
543 if (bss &&
544 (!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET) ||
545 memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN))) {
546 int ret;
547
548 printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM"
549 " based on configured SSID\n",
550 sdata->dev->name, bss->cbss.bssid);
551
552 ret = ieee80211_sta_join_ibss(sdata, bss);
553 ieee80211_rx_bss_put(local, bss);
554 return ret;
555 } else if (bss)
556 ieee80211_rx_bss_put(local, bss);
557
558#ifdef CONFIG_MAC80211_IBSS_DEBUG
559 printk(KERN_DEBUG " did not try to join ibss\n");
560#endif /* CONFIG_MAC80211_IBSS_DEBUG */
561
562 /* Selected IBSS not found in current scan results - try to scan */
563 if (ifibss->state == IEEE80211_IBSS_MLME_JOINED &&
564 !ieee80211_sta_active_ibss(sdata)) {
565 mod_timer(&ifibss->timer, jiffies +
566 IEEE80211_IBSS_MERGE_INTERVAL);
567 } else if (time_after(jiffies, local->last_scan_completed +
568 IEEE80211_SCAN_INTERVAL)) {
569 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
570 "join\n", sdata->dev->name);
571
572 /* XXX maybe racy? */
573 if (local->scan_req)
574 return -EBUSY;
575
576 memcpy(local->int_scan_req.ssids[0].ssid,
577 ifibss->ssid, IEEE80211_MAX_SSID_LEN);
578 local->int_scan_req.ssids[0].ssid_len = ifibss->ssid_len;
579 return ieee80211_request_scan(sdata, &local->int_scan_req);
580 } else if (ifibss->state != IEEE80211_IBSS_MLME_JOINED) {
581 int interval = IEEE80211_SCAN_INTERVAL;
582
583 if (time_after(jiffies, ifibss->ibss_join_req +
584 IEEE80211_IBSS_JOIN_TIMEOUT)) {
585 if (!(local->oper_channel->flags &
586 IEEE80211_CHAN_NO_IBSS))
587 return ieee80211_sta_create_ibss(sdata);
588 printk(KERN_DEBUG "%s: IBSS not allowed on"
589 " %d MHz\n", sdata->dev->name,
590 local->hw.conf.channel->center_freq);
591
592 /* No IBSS found - decrease scan interval and continue
593 * scanning. */
594 interval = IEEE80211_SCAN_INTERVAL_SLOW;
595 }
596
597 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
598 mod_timer(&ifibss->timer, jiffies + interval);
599 return 0;
600 }
601
602 return 0;
603}
604
605static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
606 struct ieee80211_mgmt *mgmt,
607 size_t len)
608{
609 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
610 struct ieee80211_local *local = sdata->local;
611 int tx_last_beacon;
612 struct sk_buff *skb;
613 struct ieee80211_mgmt *resp;
614 u8 *pos, *end;
615
616 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
617 len < 24 + 2 || !ifibss->probe_resp)
618 return;
619
620 if (local->ops->tx_last_beacon)
621 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
622 else
623 tx_last_beacon = 1;
624
625#ifdef CONFIG_MAC80211_IBSS_DEBUG
626 printk(KERN_DEBUG "%s: RX ProbeReq SA=%pM DA=%pM BSSID=%pM"
627 " (tx_last_beacon=%d)\n",
628 sdata->dev->name, mgmt->sa, mgmt->da,
629 mgmt->bssid, tx_last_beacon);
630#endif /* CONFIG_MAC80211_IBSS_DEBUG */
631
632 if (!tx_last_beacon)
633 return;
634
635 if (memcmp(mgmt->bssid, ifibss->bssid, ETH_ALEN) != 0 &&
636 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
637 return;
638
639 end = ((u8 *) mgmt) + len;
640 pos = mgmt->u.probe_req.variable;
641 if (pos[0] != WLAN_EID_SSID ||
642 pos + 2 + pos[1] > end) {
643#ifdef CONFIG_MAC80211_IBSS_DEBUG
644 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
645 "from %pM\n",
646 sdata->dev->name, mgmt->sa);
647#endif
648 return;
649 }
650 if (pos[1] != 0 &&
651 (pos[1] != ifibss->ssid_len ||
652 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len) != 0)) {
653 /* Ignore ProbeReq for foreign SSID */
654 return;
655 }
656
657 /* Reply with ProbeResp */
658 skb = skb_copy(ifibss->probe_resp, GFP_KERNEL);
659 if (!skb)
660 return;
661
662 resp = (struct ieee80211_mgmt *) skb->data;
663 memcpy(resp->da, mgmt->sa, ETH_ALEN);
664#ifdef CONFIG_MAC80211_IBSS_DEBUG
665 printk(KERN_DEBUG "%s: Sending ProbeResp to %pM\n",
666 sdata->dev->name, resp->da);
667#endif /* CONFIG_MAC80211_IBSS_DEBUG */
668 ieee80211_tx_skb(sdata, skb, 0);
669}
670
671static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
672 struct ieee80211_mgmt *mgmt,
673 size_t len,
674 struct ieee80211_rx_status *rx_status)
675{
676 size_t baselen;
677 struct ieee802_11_elems elems;
678
679 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
680 return; /* ignore ProbeResp to foreign address */
681
682 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
683 if (baselen > len)
684 return;
685
686 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
687 &elems);
688
689 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false);
690}
691
692static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
693 struct ieee80211_mgmt *mgmt,
694 size_t len,
695 struct ieee80211_rx_status *rx_status)
696{
697 size_t baselen;
698 struct ieee802_11_elems elems;
699
700 /* Process beacon from the current BSS */
701 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
702 if (baselen > len)
703 return;
704
705 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
706
707 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true);
708}
709
710static void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
711 struct sk_buff *skb)
712{
713 struct ieee80211_rx_status *rx_status;
714 struct ieee80211_mgmt *mgmt;
715 u16 fc;
716
717 rx_status = (struct ieee80211_rx_status *) skb->cb;
718 mgmt = (struct ieee80211_mgmt *) skb->data;
719 fc = le16_to_cpu(mgmt->frame_control);
720
721 switch (fc & IEEE80211_FCTL_STYPE) {
722 case IEEE80211_STYPE_PROBE_REQ:
723 ieee80211_rx_mgmt_probe_req(sdata, mgmt, skb->len);
724 break;
725 case IEEE80211_STYPE_PROBE_RESP:
726 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len,
727 rx_status);
728 break;
729 case IEEE80211_STYPE_BEACON:
730 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len,
731 rx_status);
732 break;
733 case IEEE80211_STYPE_AUTH:
734 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
735 break;
736 }
737
738 kfree_skb(skb);
739}
740
741static void ieee80211_ibss_work(struct work_struct *work)
742{
743 struct ieee80211_sub_if_data *sdata =
744 container_of(work, struct ieee80211_sub_if_data, u.ibss.work);
745 struct ieee80211_local *local = sdata->local;
746 struct ieee80211_if_ibss *ifibss;
747 struct sk_buff *skb;
748
749 if (!netif_running(sdata->dev))
750 return;
751
752 if (local->sw_scanning || local->hw_scanning)
753 return;
754
755 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_ADHOC))
756 return;
757 ifibss = &sdata->u.ibss;
758
759 while ((skb = skb_dequeue(&ifibss->skb_queue)))
760 ieee80211_ibss_rx_queued_mgmt(sdata, skb);
761
762 if (!test_and_clear_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request))
763 return;
764
765 switch (ifibss->state) {
766 case IEEE80211_IBSS_MLME_SEARCH:
767 ieee80211_sta_find_ibss(sdata);
768 break;
769 case IEEE80211_IBSS_MLME_JOINED:
770 ieee80211_sta_merge_ibss(sdata);
771 break;
772 default:
773 WARN_ON(1);
774 break;
775 }
776}
777
778static void ieee80211_ibss_timer(unsigned long data)
779{
780 struct ieee80211_sub_if_data *sdata =
781 (struct ieee80211_sub_if_data *) data;
782 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
783 struct ieee80211_local *local = sdata->local;
784
785 set_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request);
786 queue_work(local->hw.workqueue, &ifibss->work);
787}
788
789void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
790{
791 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
792
793 INIT_WORK(&ifibss->work, ieee80211_ibss_work);
794 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
795 (unsigned long) sdata);
796 skb_queue_head_init(&ifibss->skb_queue);
797
798 ifibss->flags |= IEEE80211_IBSS_AUTO_BSSID_SEL |
799 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
800}
801
802int ieee80211_ibss_commit(struct ieee80211_sub_if_data *sdata)
803{
804 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
805
806 ifibss->flags &= ~IEEE80211_IBSS_PREV_BSSID_SET;
807
808 if (ifibss->ssid_len)
809 ifibss->flags |= IEEE80211_IBSS_SSID_SET;
810 else
811 ifibss->flags &= ~IEEE80211_IBSS_SSID_SET;
812
813 ifibss->ibss_join_req = jiffies;
814 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
815
816 return ieee80211_sta_find_ibss(sdata);
817}
818
819int ieee80211_ibss_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
820{
821 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
822
823 if (len > IEEE80211_MAX_SSID_LEN)
824 return -EINVAL;
825
826 if (ifibss->ssid_len != len || memcmp(ifibss->ssid, ssid, len) != 0) {
827 memset(ifibss->ssid, 0, sizeof(ifibss->ssid));
828 memcpy(ifibss->ssid, ssid, len);
829 ifibss->ssid_len = len;
830 }
831
832 return ieee80211_ibss_commit(sdata);
833}
834
835int ieee80211_ibss_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
836{
837 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
838
839 memcpy(ssid, ifibss->ssid, ifibss->ssid_len);
840 *len = ifibss->ssid_len;
841
842 return 0;
843}
844
845int ieee80211_ibss_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
846{
847 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
848
849 if (is_valid_ether_addr(bssid)) {
850 memcpy(ifibss->bssid, bssid, ETH_ALEN);
851 ifibss->flags |= IEEE80211_IBSS_BSSID_SET;
852 } else {
853 memset(ifibss->bssid, 0, ETH_ALEN);
854 ifibss->flags &= ~IEEE80211_IBSS_BSSID_SET;
855 }
856
857 if (netif_running(sdata->dev)) {
858 if (ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID)) {
859 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
860 "the low-level driver\n", sdata->dev->name);
861 }
862 }
863
864 return ieee80211_ibss_commit(sdata);
865}
866
867/* scan finished notification */
868void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
869{
870 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
871 struct ieee80211_if_ibss *ifibss;
872
873 if (sdata && sdata->vif.type == NL80211_IFTYPE_ADHOC) {
874 ifibss = &sdata->u.ibss;
875 if ((!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET)) ||
876 !ieee80211_sta_active_ibss(sdata))
877 ieee80211_sta_find_ibss(sdata);
878 }
879}
880
881ieee80211_rx_result
882ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
883 struct ieee80211_rx_status *rx_status)
884{
885 struct ieee80211_local *local = sdata->local;
886 struct ieee80211_mgmt *mgmt;
887 u16 fc;
888
889 if (skb->len < 24)
890 return RX_DROP_MONITOR;
891
892 mgmt = (struct ieee80211_mgmt *) skb->data;
893 fc = le16_to_cpu(mgmt->frame_control);
894
895 switch (fc & IEEE80211_FCTL_STYPE) {
896 case IEEE80211_STYPE_PROBE_RESP:
897 case IEEE80211_STYPE_BEACON:
898 memcpy(skb->cb, rx_status, sizeof(*rx_status));
899 case IEEE80211_STYPE_PROBE_REQ:
900 case IEEE80211_STYPE_AUTH:
901 skb_queue_tail(&sdata->u.ibss.skb_queue, skb);
902 queue_work(local->hw.workqueue, &sdata->u.ibss.work);
903 return RX_QUEUED;
904 }
905
906 return RX_DROP_MONITOR;
907}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index f3eec989662b..fbb91f1aebb2 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -43,7 +43,7 @@ struct ieee80211_local;
43 43
44/* Required encryption head and tailroom */ 44/* Required encryption head and tailroom */
45#define IEEE80211_ENCRYPT_HEADROOM 8 45#define IEEE80211_ENCRYPT_HEADROOM 8
46#define IEEE80211_ENCRYPT_TAILROOM 12 46#define IEEE80211_ENCRYPT_TAILROOM 18
47 47
48/* IEEE 802.11 (Ch. 9.5 Defragmentation) requires support for concurrent 48/* IEEE 802.11 (Ch. 9.5 Defragmentation) requires support for concurrent
49 * reception of at least three fragmented frames. This limit can be increased 49 * reception of at least three fragmented frames. This limit can be increased
@@ -57,6 +57,8 @@ struct ieee80211_local;
57 */ 57 */
58#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ) 58#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
59 59
60#define TU_TO_EXP_TIME(x) (jiffies + usecs_to_jiffies((x) * 1024))
61
60struct ieee80211_fragment_entry { 62struct ieee80211_fragment_entry {
61 unsigned long first_frag_time; 63 unsigned long first_frag_time;
62 unsigned int seq; 64 unsigned int seq;
@@ -70,43 +72,36 @@ struct ieee80211_fragment_entry {
70 72
71 73
72struct ieee80211_bss { 74struct ieee80211_bss {
73 struct list_head list; 75 /* Yes, this is a hack */
74 struct ieee80211_bss *hnext; 76 struct cfg80211_bss cbss;
75 size_t ssid_len;
76 77
77 atomic_t users; 78 /* don't want to look up all the time */
78 79 size_t ssid_len;
79 u8 bssid[ETH_ALEN];
80 u8 ssid[IEEE80211_MAX_SSID_LEN]; 80 u8 ssid[IEEE80211_MAX_SSID_LEN];
81
81 u8 dtim_period; 82 u8 dtim_period;
82 u16 capability; /* host byte order */ 83
83 enum ieee80211_band band;
84 int freq;
85 int signal, noise, qual;
86 u8 *ies; /* all information elements from the last Beacon or Probe
87 * Response frames; note Beacon frame is not allowed to
88 * override values from Probe Response */
89 size_t ies_len;
90 bool wmm_used; 84 bool wmm_used;
85
86 unsigned long last_probe_resp;
87
91#ifdef CONFIG_MAC80211_MESH 88#ifdef CONFIG_MAC80211_MESH
92 u8 *mesh_id; 89 u8 *mesh_id;
93 size_t mesh_id_len; 90 size_t mesh_id_len;
94 u8 *mesh_cfg; 91 u8 *mesh_cfg;
95#endif 92#endif
93
96#define IEEE80211_MAX_SUPP_RATES 32 94#define IEEE80211_MAX_SUPP_RATES 32
97 u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; 95 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
98 size_t supp_rates_len; 96 size_t supp_rates_len;
99 u64 timestamp;
100 int beacon_int;
101
102 unsigned long last_probe_resp;
103 unsigned long last_update;
104 97
105 /* during assocation, we save an ERP value from a probe response so 98 /*
99 * During assocation, we save an ERP value from a probe response so
106 * that we can feed ERP info to the driver when handling the 100 * that we can feed ERP info to the driver when handling the
107 * association completes. these fields probably won't be up-to-date 101 * association completes. these fields probably won't be up-to-date
108 * otherwise, you probably don't want to use them. */ 102 * otherwise, you probably don't want to use them.
109 int has_erp_value; 103 */
104 bool has_erp_value;
110 u8 erp_value; 105 u8 erp_value;
111}; 106};
112 107
@@ -244,7 +239,7 @@ struct mesh_preq_queue {
244 u8 flags; 239 u8 flags;
245}; 240};
246 241
247/* flags used in struct ieee80211_if_sta.flags */ 242/* flags used in struct ieee80211_if_managed.flags */
248#define IEEE80211_STA_SSID_SET BIT(0) 243#define IEEE80211_STA_SSID_SET BIT(0)
249#define IEEE80211_STA_BSSID_SET BIT(1) 244#define IEEE80211_STA_BSSID_SET BIT(1)
250#define IEEE80211_STA_PREV_BSSID_SET BIT(2) 245#define IEEE80211_STA_PREV_BSSID_SET BIT(2)
@@ -258,37 +253,39 @@ struct mesh_preq_queue {
258#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11) 253#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11)
259#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12) 254#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12)
260#define IEEE80211_STA_PRIVACY_INVOKED BIT(13) 255#define IEEE80211_STA_PRIVACY_INVOKED BIT(13)
256#define IEEE80211_STA_TKIP_WEP_USED BIT(14)
257#define IEEE80211_STA_CSA_RECEIVED BIT(15)
258#define IEEE80211_STA_MFP_ENABLED BIT(16)
261/* flags for MLME request */ 259/* flags for MLME request */
262#define IEEE80211_STA_REQ_SCAN 0 260#define IEEE80211_STA_REQ_SCAN 0
263#define IEEE80211_STA_REQ_DIRECT_PROBE 1 261#define IEEE80211_STA_REQ_DIRECT_PROBE 1
264#define IEEE80211_STA_REQ_AUTH 2 262#define IEEE80211_STA_REQ_AUTH 2
265#define IEEE80211_STA_REQ_RUN 3 263#define IEEE80211_STA_REQ_RUN 3
266 264
267/* STA/IBSS MLME states */
268enum ieee80211_sta_mlme_state {
269 IEEE80211_STA_MLME_DISABLED,
270 IEEE80211_STA_MLME_DIRECT_PROBE,
271 IEEE80211_STA_MLME_AUTHENTICATE,
272 IEEE80211_STA_MLME_ASSOCIATE,
273 IEEE80211_STA_MLME_ASSOCIATED,
274 IEEE80211_STA_MLME_IBSS_SEARCH,
275 IEEE80211_STA_MLME_IBSS_JOINED,
276};
277
278/* bitfield of allowed auth algs */ 265/* bitfield of allowed auth algs */
279#define IEEE80211_AUTH_ALG_OPEN BIT(0) 266#define IEEE80211_AUTH_ALG_OPEN BIT(0)
280#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1) 267#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1)
281#define IEEE80211_AUTH_ALG_LEAP BIT(2) 268#define IEEE80211_AUTH_ALG_LEAP BIT(2)
282 269
283struct ieee80211_if_sta { 270struct ieee80211_if_managed {
284 struct timer_list timer; 271 struct timer_list timer;
272 struct timer_list chswitch_timer;
285 struct work_struct work; 273 struct work_struct work;
274 struct work_struct chswitch_work;
275
286 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN]; 276 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
277
287 u8 ssid[IEEE80211_MAX_SSID_LEN]; 278 u8 ssid[IEEE80211_MAX_SSID_LEN];
288 enum ieee80211_sta_mlme_state state;
289 size_t ssid_len; 279 size_t ssid_len;
290 u8 scan_ssid[IEEE80211_MAX_SSID_LEN]; 280
291 size_t scan_ssid_len; 281 enum {
282 IEEE80211_STA_MLME_DISABLED,
283 IEEE80211_STA_MLME_DIRECT_PROBE,
284 IEEE80211_STA_MLME_AUTHENTICATE,
285 IEEE80211_STA_MLME_ASSOCIATE,
286 IEEE80211_STA_MLME_ASSOCIATED,
287 } state;
288
292 u16 aid; 289 u16 aid;
293 u16 ap_capab, capab; 290 u16 ap_capab, capab;
294 u8 *extra_ie; /* to be added to the end of AssocReq */ 291 u8 *extra_ie; /* to be added to the end of AssocReq */
@@ -315,11 +312,65 @@ struct ieee80211_if_sta {
315 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */ 312 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */
316 int auth_transaction; 313 int auth_transaction;
317 314
315 enum {
316 IEEE80211_MFP_DISABLED,
317 IEEE80211_MFP_OPTIONAL,
318 IEEE80211_MFP_REQUIRED
319 } mfp; /* management frame protection */
320
321 int wmm_last_param_set;
322
323 /* Extra IE data for management frames */
324 u8 *ie_probereq;
325 size_t ie_probereq_len;
326 u8 *ie_proberesp;
327 size_t ie_proberesp_len;
328 u8 *ie_auth;
329 size_t ie_auth_len;
330 u8 *ie_assocreq;
331 size_t ie_assocreq_len;
332 u8 *ie_reassocreq;
333 size_t ie_reassocreq_len;
334 u8 *ie_deauth;
335 size_t ie_deauth_len;
336 u8 *ie_disassoc;
337 size_t ie_disassoc_len;
338};
339
340enum ieee80211_ibss_flags {
341 IEEE80211_IBSS_AUTO_CHANNEL_SEL = BIT(0),
342 IEEE80211_IBSS_AUTO_BSSID_SEL = BIT(1),
343 IEEE80211_IBSS_BSSID_SET = BIT(2),
344 IEEE80211_IBSS_PREV_BSSID_SET = BIT(3),
345 IEEE80211_IBSS_SSID_SET = BIT(4),
346};
347
348enum ieee80211_ibss_request {
349 IEEE80211_IBSS_REQ_RUN = 0,
350};
351
352struct ieee80211_if_ibss {
353 struct timer_list timer;
354 struct work_struct work;
355
356 struct sk_buff_head skb_queue;
357
358 u8 ssid[IEEE80211_MAX_SSID_LEN];
359 u8 ssid_len;
360
361 u32 flags;
362
363 u8 bssid[ETH_ALEN];
364
365 unsigned long request;
366
318 unsigned long ibss_join_req; 367 unsigned long ibss_join_req;
319 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */ 368 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */
320 u32 supp_rates_bits[IEEE80211_NUM_BANDS];
321 369
322 int wmm_last_param_set; 370 enum {
371 IEEE80211_IBSS_MLME_SEARCH,
372 IEEE80211_IBSS_MLME_JOINED,
373 } state;
323}; 374};
324 375
325struct ieee80211_if_mesh { 376struct ieee80211_if_mesh {
@@ -404,8 +455,10 @@ struct ieee80211_sub_if_data {
404 unsigned int fragment_next; 455 unsigned int fragment_next;
405 456
406#define NUM_DEFAULT_KEYS 4 457#define NUM_DEFAULT_KEYS 4
407 struct ieee80211_key *keys[NUM_DEFAULT_KEYS]; 458#define NUM_DEFAULT_MGMT_KEYS 2
459 struct ieee80211_key *keys[NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS];
408 struct ieee80211_key *default_key; 460 struct ieee80211_key *default_key;
461 struct ieee80211_key *default_mgmt_key;
409 462
410 u16 sequence_number; 463 u16 sequence_number;
411 464
@@ -423,7 +476,8 @@ struct ieee80211_sub_if_data {
423 struct ieee80211_if_ap ap; 476 struct ieee80211_if_ap ap;
424 struct ieee80211_if_wds wds; 477 struct ieee80211_if_wds wds;
425 struct ieee80211_if_vlan vlan; 478 struct ieee80211_if_vlan vlan;
426 struct ieee80211_if_sta sta; 479 struct ieee80211_if_managed mgd;
480 struct ieee80211_if_ibss ibss;
427#ifdef CONFIG_MAC80211_MESH 481#ifdef CONFIG_MAC80211_MESH
428 struct ieee80211_if_mesh mesh; 482 struct ieee80211_if_mesh mesh;
429#endif 483#endif
@@ -477,6 +531,7 @@ struct ieee80211_sub_if_data {
477 } debugfs; 531 } debugfs;
478 struct { 532 struct {
479 struct dentry *default_key; 533 struct dentry *default_key;
534 struct dentry *default_mgmt_key;
480 } common_debugfs; 535 } common_debugfs;
481 536
482#ifdef CONFIG_MAC80211_MESH 537#ifdef CONFIG_MAC80211_MESH
@@ -541,11 +596,10 @@ enum {
541enum queue_stop_reason { 596enum queue_stop_reason {
542 IEEE80211_QUEUE_STOP_REASON_DRIVER, 597 IEEE80211_QUEUE_STOP_REASON_DRIVER,
543 IEEE80211_QUEUE_STOP_REASON_PS, 598 IEEE80211_QUEUE_STOP_REASON_PS,
599 IEEE80211_QUEUE_STOP_REASON_CSA,
600 IEEE80211_QUEUE_STOP_REASON_AGGREGATION,
544}; 601};
545 602
546/* maximum number of hardware queues we support. */
547#define QD_MAX_QUEUES (IEEE80211_MAX_AMPDU_QUEUES + IEEE80211_MAX_QUEUES)
548
549struct ieee80211_master_priv { 603struct ieee80211_master_priv {
550 struct ieee80211_local *local; 604 struct ieee80211_local *local;
551}; 605};
@@ -558,9 +612,15 @@ struct ieee80211_local {
558 612
559 const struct ieee80211_ops *ops; 613 const struct ieee80211_ops *ops;
560 614
561 unsigned long queue_pool[BITS_TO_LONGS(QD_MAX_QUEUES)]; 615 /* AC queue corresponding to each AMPDU queue */
562 unsigned long queue_stop_reasons[IEEE80211_MAX_QUEUES]; 616 s8 ampdu_ac_queue[IEEE80211_MAX_AMPDU_QUEUES];
617 unsigned int amdpu_ac_stop_refcnt[IEEE80211_MAX_AMPDU_QUEUES];
618
619 unsigned long queue_stop_reasons[IEEE80211_MAX_QUEUES +
620 IEEE80211_MAX_AMPDU_QUEUES];
621 /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */
563 spinlock_t queue_stop_reason_lock; 622 spinlock_t queue_stop_reason_lock;
623
564 struct net_device *mdev; /* wmaster# - "master" 802.11 device */ 624 struct net_device *mdev; /* wmaster# - "master" 802.11 device */
565 int open_count; 625 int open_count;
566 int monitors, cooked_mntrs; 626 int monitors, cooked_mntrs;
@@ -568,7 +628,6 @@ struct ieee80211_local {
568 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss; 628 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss;
569 unsigned int filter_flags; /* FIF_* */ 629 unsigned int filter_flags; /* FIF_* */
570 struct iw_statistics wstats; 630 struct iw_statistics wstats;
571 u8 wstats_flags;
572 bool tim_in_locked_section; /* see ieee80211_beacon_get() */ 631 bool tim_in_locked_section; /* see ieee80211_beacon_get() */
573 int tx_headroom; /* required headroom for hardware/radiotap */ 632 int tx_headroom; /* required headroom for hardware/radiotap */
574 633
@@ -612,7 +671,9 @@ struct ieee80211_local {
612 struct crypto_blkcipher *wep_rx_tfm; 671 struct crypto_blkcipher *wep_rx_tfm;
613 u32 wep_iv; 672 u32 wep_iv;
614 673
674 /* see iface.c */
615 struct list_head interfaces; 675 struct list_head interfaces;
676 struct mutex iflist_mtx;
616 677
617 /* 678 /*
618 * Key lock, protects sdata's key_list and sta_info's 679 * Key lock, protects sdata's key_list and sta_info's
@@ -623,20 +684,18 @@ struct ieee80211_local {
623 684
624 /* Scanning and BSS list */ 685 /* Scanning and BSS list */
625 bool sw_scanning, hw_scanning; 686 bool sw_scanning, hw_scanning;
687 struct cfg80211_ssid scan_ssid;
688 struct cfg80211_scan_request int_scan_req;
689 struct cfg80211_scan_request *scan_req;
690 struct ieee80211_channel *scan_channel;
626 int scan_channel_idx; 691 int scan_channel_idx;
627 enum ieee80211_band scan_band;
628 692
629 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state; 693 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state;
630 unsigned long last_scan_completed; 694 unsigned long last_scan_completed;
631 struct delayed_work scan_work; 695 struct delayed_work scan_work;
632 struct ieee80211_sub_if_data *scan_sdata; 696 struct ieee80211_sub_if_data *scan_sdata;
633 struct ieee80211_channel *oper_channel, *scan_channel;
634 enum nl80211_channel_type oper_channel_type; 697 enum nl80211_channel_type oper_channel_type;
635 u8 scan_ssid[IEEE80211_MAX_SSID_LEN]; 698 struct ieee80211_channel *oper_channel, *csa_channel;
636 size_t scan_ssid_len;
637 struct list_head bss_list;
638 struct ieee80211_bss *bss_hash[STA_HASH_SIZE];
639 spinlock_t bss_lock;
640 699
641 /* SNMP counters */ 700 /* SNMP counters */
642 /* dot11CountersTable */ 701 /* dot11CountersTable */
@@ -649,7 +708,6 @@ struct ieee80211_local {
649 u32 dot11ReceivedFragmentCount; 708 u32 dot11ReceivedFragmentCount;
650 u32 dot11MulticastReceivedFrameCount; 709 u32 dot11MulticastReceivedFrameCount;
651 u32 dot11TransmittedFrameCount; 710 u32 dot11TransmittedFrameCount;
652 u32 dot11WEPUndecryptableCount;
653 711
654#ifdef CONFIG_MAC80211_LEDS 712#ifdef CONFIG_MAC80211_LEDS
655 int tx_led_counter, rx_led_counter; 713 int tx_led_counter, rx_led_counter;
@@ -696,11 +754,14 @@ struct ieee80211_local {
696 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */ 754 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */
697 755
698 bool powersave; 756 bool powersave;
699 int dynamic_ps_timeout; 757 bool pspolling;
700 struct work_struct dynamic_ps_enable_work; 758 struct work_struct dynamic_ps_enable_work;
701 struct work_struct dynamic_ps_disable_work; 759 struct work_struct dynamic_ps_disable_work;
702 struct timer_list dynamic_ps_timer; 760 struct timer_list dynamic_ps_timer;
703 761
762 int user_power_level; /* in dBm */
763 int power_constr_level; /* in dBm */
764
704#ifdef CONFIG_MAC80211_DEBUGFS 765#ifdef CONFIG_MAC80211_DEBUGFS
705 struct local_debugfsdentries { 766 struct local_debugfsdentries {
706 struct dentry *rcdir; 767 struct dentry *rcdir;
@@ -712,6 +773,7 @@ struct ieee80211_local {
712 struct dentry *long_retry_limit; 773 struct dentry *long_retry_limit;
713 struct dentry *total_ps_buffered; 774 struct dentry *total_ps_buffered;
714 struct dentry *wep_iv; 775 struct dentry *wep_iv;
776 struct dentry *tsf;
715 struct dentry *statistics; 777 struct dentry *statistics;
716 struct local_debugfsdentries_statsdentries { 778 struct local_debugfsdentries_statsdentries {
717 struct dentry *transmitted_fragment_count; 779 struct dentry *transmitted_fragment_count;
@@ -805,6 +867,7 @@ struct ieee802_11_elems {
805 u8 *country_elem; 867 u8 *country_elem;
806 u8 *pwr_constr_elem; 868 u8 *pwr_constr_elem;
807 u8 *quiet_elem; /* first quite element */ 869 u8 *quiet_elem; /* first quite element */
870 u8 *timeout_int;
808 871
809 /* length of them, respectively */ 872 /* length of them, respectively */
810 u8 ssid_len; 873 u8 ssid_len;
@@ -832,6 +895,7 @@ struct ieee802_11_elems {
832 u8 pwr_constr_elem_len; 895 u8 pwr_constr_elem_len;
833 u8 quiet_elem_len; 896 u8 quiet_elem_len;
834 u8 num_of_quiet_elem; /* can be more the one */ 897 u8 num_of_quiet_elem; /* can be more the one */
898 u8 timeout_int_len;
835}; 899};
836 900
837static inline struct ieee80211_local *hw_to_local( 901static inline struct ieee80211_local *hw_to_local(
@@ -860,34 +924,43 @@ void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx);
860void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata, 924void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
861 u32 changed); 925 u32 changed);
862void ieee80211_configure_filter(struct ieee80211_local *local); 926void ieee80211_configure_filter(struct ieee80211_local *local);
927u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata);
863 928
864/* wireless extensions */ 929/* wireless extensions */
865extern const struct iw_handler_def ieee80211_iw_handler_def; 930extern const struct iw_handler_def ieee80211_iw_handler_def;
866 931
867/* STA/IBSS code */ 932/* STA code */
868void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata); 933void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata);
869void ieee80211_scan_work(struct work_struct *work); 934ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
870void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 935 struct sk_buff *skb,
871 struct ieee80211_rx_status *rx_status); 936 struct ieee80211_rx_status *rx_status);
937int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata);
872int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len); 938int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len);
873int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len); 939int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len);
874int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid); 940int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid);
875void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata, 941void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata);
876 struct ieee80211_if_sta *ifsta);
877struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
878 u8 *bssid, u8 *addr, u64 supp_rates);
879int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason); 942int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason);
880int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason); 943int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason);
881u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata); 944void ieee80211_send_pspoll(struct ieee80211_local *local,
882u64 ieee80211_sta_get_rates(struct ieee80211_local *local, 945 struct ieee80211_sub_if_data *sdata);
883 struct ieee802_11_elems *elems, 946
884 enum ieee80211_band band); 947/* IBSS code */
885void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 948int ieee80211_ibss_commit(struct ieee80211_sub_if_data *sdata);
886 u8 *ssid, size_t ssid_len); 949int ieee80211_ibss_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len);
950int ieee80211_ibss_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len);
951int ieee80211_ibss_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid);
952void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local);
953void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata);
954ieee80211_rx_result
955ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
956 struct ieee80211_rx_status *rx_status);
957struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
958 u8 *bssid, u8 *addr, u32 supp_rates);
887 959
888/* scan/BSS handling */ 960/* scan/BSS handling */
961void ieee80211_scan_work(struct work_struct *work);
889int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 962int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
890 u8 *ssid, size_t ssid_len); 963 struct cfg80211_scan_request *req);
891int ieee80211_scan_results(struct ieee80211_local *local, 964int ieee80211_scan_results(struct ieee80211_local *local,
892 struct iw_request_info *info, 965 struct iw_request_info *info,
893 char *buf, size_t len); 966 char *buf, size_t len);
@@ -895,29 +968,28 @@ ieee80211_rx_result
895ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, 968ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata,
896 struct sk_buff *skb, 969 struct sk_buff *skb,
897 struct ieee80211_rx_status *rx_status); 970 struct ieee80211_rx_status *rx_status);
898void ieee80211_rx_bss_list_init(struct ieee80211_local *local);
899void ieee80211_rx_bss_list_deinit(struct ieee80211_local *local);
900int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, 971int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata,
901 char *ie, size_t len); 972 char *ie, size_t len);
902 973
903void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local); 974void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local);
975void ieee80211_scan_failed(struct ieee80211_local *local);
904int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata, 976int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
905 u8 *ssid, size_t ssid_len); 977 struct cfg80211_scan_request *req);
906struct ieee80211_bss * 978struct ieee80211_bss *
907ieee80211_bss_info_update(struct ieee80211_local *local, 979ieee80211_bss_info_update(struct ieee80211_local *local,
908 struct ieee80211_rx_status *rx_status, 980 struct ieee80211_rx_status *rx_status,
909 struct ieee80211_mgmt *mgmt, 981 struct ieee80211_mgmt *mgmt,
910 size_t len, 982 size_t len,
911 struct ieee802_11_elems *elems, 983 struct ieee802_11_elems *elems,
912 int freq, bool beacon); 984 struct ieee80211_channel *channel,
913struct ieee80211_bss * 985 bool beacon);
914ieee80211_rx_bss_add(struct ieee80211_local *local, u8 *bssid, int freq,
915 u8 *ssid, u8 ssid_len);
916struct ieee80211_bss * 986struct ieee80211_bss *
917ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq, 987ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
918 u8 *ssid, u8 ssid_len); 988 u8 *ssid, u8 ssid_len);
919void ieee80211_rx_bss_put(struct ieee80211_local *local, 989void ieee80211_rx_bss_put(struct ieee80211_local *local,
920 struct ieee80211_bss *bss); 990 struct ieee80211_bss *bss);
991void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
992 int freq, u8 *ssid, u8 ssid_len);
921 993
922/* interface handling */ 994/* interface handling */
923int ieee80211_if_add(struct ieee80211_local *local, const char *name, 995int ieee80211_if_add(struct ieee80211_local *local, const char *name,
@@ -943,10 +1015,15 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
943 struct ieee80211_ht_info *hti, 1015 struct ieee80211_ht_info *hti,
944 u16 ap_ht_cap_flags); 1016 u16 ap_ht_cap_flags);
945void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn); 1017void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn);
1018void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
1019 const u8 *da, u16 tid,
1020 u16 initiator, u16 reason_code);
946 1021
947void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *da, 1022void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *da,
948 u16 tid, u16 initiator, u16 reason); 1023 u16 tid, u16 initiator, u16 reason);
949void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr); 1024void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
1025 u16 initiator, u16 reason);
1026void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta);
950void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata, 1027void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata,
951 struct sta_info *sta, 1028 struct sta_info *sta,
952 struct ieee80211_mgmt *mgmt, size_t len); 1029 struct ieee80211_mgmt *mgmt, size_t len);
@@ -959,10 +1036,25 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
959 struct ieee80211_mgmt *mgmt, 1036 struct ieee80211_mgmt *mgmt,
960 size_t len); 1037 size_t len);
961 1038
1039int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
1040 enum ieee80211_back_parties initiator);
1041
962/* Spectrum management */ 1042/* Spectrum management */
963void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata, 1043void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
964 struct ieee80211_mgmt *mgmt, 1044 struct ieee80211_mgmt *mgmt,
965 size_t len); 1045 size_t len);
1046void ieee80211_chswitch_timer(unsigned long data);
1047void ieee80211_chswitch_work(struct work_struct *work);
1048void ieee80211_process_chanswitch(struct ieee80211_sub_if_data *sdata,
1049 struct ieee80211_channel_sw_ie *sw_elem,
1050 struct ieee80211_bss *bss);
1051void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
1052 u16 capab_info, u8 *pwr_constr_elem,
1053 u8 pwr_constr_elem_len);
1054
1055/* Suspend/resume */
1056int __ieee80211_suspend(struct ieee80211_hw *hw);
1057int __ieee80211_resume(struct ieee80211_hw *hw);
966 1058
967/* utility functions/constants */ 1059/* utility functions/constants */
968extern void *mac80211_wiphy_privid; /* for wiphy privid */ 1060extern void *mac80211_wiphy_privid; /* for wiphy privid */
@@ -980,17 +1072,39 @@ void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
980void ieee802_11_parse_elems(u8 *start, size_t len, 1072void ieee802_11_parse_elems(u8 *start, size_t len,
981 struct ieee802_11_elems *elems); 1073 struct ieee802_11_elems *elems);
982int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freq); 1074int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freq);
983u64 ieee80211_mandatory_rates(struct ieee80211_local *local, 1075u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
984 enum ieee80211_band band); 1076 enum ieee80211_band band);
985 1077
986void ieee80211_dynamic_ps_enable_work(struct work_struct *work); 1078void ieee80211_dynamic_ps_enable_work(struct work_struct *work);
987void ieee80211_dynamic_ps_disable_work(struct work_struct *work); 1079void ieee80211_dynamic_ps_disable_work(struct work_struct *work);
988void ieee80211_dynamic_ps_timer(unsigned long data); 1080void ieee80211_dynamic_ps_timer(unsigned long data);
1081void ieee80211_send_nullfunc(struct ieee80211_local *local,
1082 struct ieee80211_sub_if_data *sdata,
1083 int powersave);
989 1084
990void ieee80211_wake_queues_by_reason(struct ieee80211_hw *hw, 1085void ieee80211_wake_queues_by_reason(struct ieee80211_hw *hw,
991 enum queue_stop_reason reason); 1086 enum queue_stop_reason reason);
992void ieee80211_stop_queues_by_reason(struct ieee80211_hw *hw, 1087void ieee80211_stop_queues_by_reason(struct ieee80211_hw *hw,
993 enum queue_stop_reason reason); 1088 enum queue_stop_reason reason);
1089void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue,
1090 enum queue_stop_reason reason);
1091void ieee80211_stop_queue_by_reason(struct ieee80211_hw *hw, int queue,
1092 enum queue_stop_reason reason);
1093
1094void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1095 u16 transaction, u16 auth_alg,
1096 u8 *extra, size_t extra_len,
1097 const u8 *bssid, int encrypt);
1098void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1099 u8 *ssid, size_t ssid_len,
1100 u8 *ie, size_t ie_len);
1101
1102void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
1103 const size_t supp_rates_len,
1104 const u8 *supp_rates);
1105u32 ieee80211_sta_get_rates(struct ieee80211_local *local,
1106 struct ieee802_11_elems *elems,
1107 enum ieee80211_band band);
994 1108
995#ifdef CONFIG_MAC80211_NOINLINE 1109#ifdef CONFIG_MAC80211_NOINLINE
996#define debug_noinline noinline 1110#define debug_noinline noinline
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index b9074824862a..f9f27b9cadbe 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -21,6 +21,23 @@
21#include "mesh.h" 21#include "mesh.h"
22#include "led.h" 22#include "led.h"
23 23
24/**
25 * DOC: Interface list locking
26 *
27 * The interface list in each struct ieee80211_local is protected
28 * three-fold:
29 *
30 * (1) modifications may only be done under the RTNL
31 * (2) modifications and readers are protected against each other by
32 * the iflist_mtx.
33 * (3) modifications are done in an RCU manner so atomic readers
34 * can traverse the list in RCU-safe blocks.
35 *
36 * As a consequence, reads (traversals) of the list can be protected
37 * by either the RTNL, the iflist_mtx or RCU.
38 */
39
40
24static int ieee80211_change_mtu(struct net_device *dev, int new_mtu) 41static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
25{ 42{
26 int meshhdrlen; 43 int meshhdrlen;
@@ -219,7 +236,10 @@ static int ieee80211_open(struct net_device *dev)
219 break; 236 break;
220 case NL80211_IFTYPE_STATION: 237 case NL80211_IFTYPE_STATION:
221 case NL80211_IFTYPE_ADHOC: 238 case NL80211_IFTYPE_ADHOC:
222 sdata->u.sta.flags &= ~IEEE80211_STA_PREV_BSSID_SET; 239 if (sdata->vif.type == NL80211_IFTYPE_STATION)
240 sdata->u.mgd.flags &= ~IEEE80211_STA_PREV_BSSID_SET;
241 else
242 sdata->u.ibss.flags &= ~IEEE80211_IBSS_PREV_BSSID_SET;
223 /* fall through */ 243 /* fall through */
224 default: 244 default:
225 conf.vif = &sdata->vif; 245 conf.vif = &sdata->vif;
@@ -304,11 +324,10 @@ static int ieee80211_open(struct net_device *dev)
304 * yet be effective. Trigger execution of ieee80211_sta_work 324 * yet be effective. Trigger execution of ieee80211_sta_work
305 * to fix this. 325 * to fix this.
306 */ 326 */
307 if (sdata->vif.type == NL80211_IFTYPE_STATION || 327 if (sdata->vif.type == NL80211_IFTYPE_STATION)
308 sdata->vif.type == NL80211_IFTYPE_ADHOC) { 328 queue_work(local->hw.workqueue, &sdata->u.mgd.work);
309 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 329 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
310 queue_work(local->hw.workqueue, &ifsta->work); 330 queue_work(local->hw.workqueue, &sdata->u.ibss.work);
311 }
312 331
313 netif_tx_start_all_queues(dev); 332 netif_tx_start_all_queues(dev);
314 333
@@ -345,13 +364,24 @@ static int ieee80211_stop(struct net_device *dev)
345 364
346 list_for_each_entry_rcu(sta, &local->sta_list, list) { 365 list_for_each_entry_rcu(sta, &local->sta_list, list) {
347 if (sta->sdata == sdata) 366 if (sta->sdata == sdata)
348 ieee80211_sta_tear_down_BA_sessions(sdata, 367 ieee80211_sta_tear_down_BA_sessions(sta);
349 sta->sta.addr);
350 } 368 }
351 369
352 rcu_read_unlock(); 370 rcu_read_unlock();
353 371
354 /* 372 /*
373 * Announce that we are leaving the network, in case we are a
374 * station interface type. This must be done before removing
375 * all stations associated with sta_info_flush, otherwise STA
376 * information will be gone and no announce being done.
377 */
378 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
379 if (sdata->u.mgd.state != IEEE80211_STA_MLME_DISABLED)
380 ieee80211_sta_deauthenticate(sdata,
381 WLAN_REASON_DEAUTH_LEAVING);
382 }
383
384 /*
355 * Remove all stations associated with this interface. 385 * Remove all stations associated with this interface.
356 * 386 *
357 * This must be done before calling ops->remove_interface() 387 * This must be done before calling ops->remove_interface()
@@ -383,6 +413,8 @@ static int ieee80211_stop(struct net_device *dev)
383 atomic_dec(&local->iff_promiscs); 413 atomic_dec(&local->iff_promiscs);
384 414
385 dev_mc_unsync(local->mdev, dev); 415 dev_mc_unsync(local->mdev, dev);
416 del_timer_sync(&local->dynamic_ps_timer);
417 cancel_work_sync(&local->dynamic_ps_enable_work);
386 418
387 /* APs need special treatment */ 419 /* APs need special treatment */
388 if (sdata->vif.type == NL80211_IFTYPE_AP) { 420 if (sdata->vif.type == NL80211_IFTYPE_AP) {
@@ -434,14 +466,9 @@ static int ieee80211_stop(struct net_device *dev)
434 netif_addr_unlock_bh(local->mdev); 466 netif_addr_unlock_bh(local->mdev);
435 break; 467 break;
436 case NL80211_IFTYPE_STATION: 468 case NL80211_IFTYPE_STATION:
437 case NL80211_IFTYPE_ADHOC: 469 memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
438 /* Announce that we are leaving the network. */ 470 del_timer_sync(&sdata->u.mgd.chswitch_timer);
439 if (sdata->u.sta.state != IEEE80211_STA_MLME_DISABLED) 471 del_timer_sync(&sdata->u.mgd.timer);
440 ieee80211_sta_deauthenticate(sdata,
441 WLAN_REASON_DEAUTH_LEAVING);
442
443 memset(sdata->u.sta.bssid, 0, ETH_ALEN);
444 del_timer_sync(&sdata->u.sta.timer);
445 /* 472 /*
446 * If the timer fired while we waited for it, it will have 473 * If the timer fired while we waited for it, it will have
447 * requeued the work. Now the work will be running again 474 * requeued the work. Now the work will be running again
@@ -449,7 +476,8 @@ static int ieee80211_stop(struct net_device *dev)
449 * whether the interface is running, which, at this point, 476 * whether the interface is running, which, at this point,
450 * it no longer is. 477 * it no longer is.
451 */ 478 */
452 cancel_work_sync(&sdata->u.sta.work); 479 cancel_work_sync(&sdata->u.mgd.work);
480 cancel_work_sync(&sdata->u.mgd.chswitch_work);
453 /* 481 /*
454 * When we get here, the interface is marked down. 482 * When we get here, the interface is marked down.
455 * Call synchronize_rcu() to wait for the RX path 483 * Call synchronize_rcu() to wait for the RX path
@@ -457,12 +485,22 @@ static int ieee80211_stop(struct net_device *dev)
457 * frames at this very time on another CPU. 485 * frames at this very time on another CPU.
458 */ 486 */
459 synchronize_rcu(); 487 synchronize_rcu();
460 skb_queue_purge(&sdata->u.sta.skb_queue); 488 skb_queue_purge(&sdata->u.mgd.skb_queue);
461 489
462 sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; 490 sdata->u.mgd.flags &= ~(IEEE80211_STA_PRIVACY_INVOKED |
463 kfree(sdata->u.sta.extra_ie); 491 IEEE80211_STA_TKIP_WEP_USED);
464 sdata->u.sta.extra_ie = NULL; 492 kfree(sdata->u.mgd.extra_ie);
465 sdata->u.sta.extra_ie_len = 0; 493 sdata->u.mgd.extra_ie = NULL;
494 sdata->u.mgd.extra_ie_len = 0;
495 /* fall through */
496 case NL80211_IFTYPE_ADHOC:
497 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
498 memset(sdata->u.ibss.bssid, 0, ETH_ALEN);
499 del_timer_sync(&sdata->u.ibss.timer);
500 cancel_work_sync(&sdata->u.ibss.work);
501 synchronize_rcu();
502 skb_queue_purge(&sdata->u.ibss.skb_queue);
503 }
466 /* fall through */ 504 /* fall through */
467 case NL80211_IFTYPE_MESH_POINT: 505 case NL80211_IFTYPE_MESH_POINT:
468 if (ieee80211_vif_is_mesh(&sdata->vif)) { 506 if (ieee80211_vif_is_mesh(&sdata->vif)) {
@@ -501,7 +539,7 @@ static int ieee80211_stop(struct net_device *dev)
501 * scan event to userspace -- the scan is incomplete. 539 * scan event to userspace -- the scan is incomplete.
502 */ 540 */
503 if (local->sw_scanning) 541 if (local->sw_scanning)
504 ieee80211_scan_completed(&local->hw); 542 ieee80211_scan_completed(&local->hw, true);
505 } 543 }
506 544
507 conf.vif = &sdata->vif; 545 conf.vif = &sdata->vif;
@@ -569,19 +607,6 @@ static void ieee80211_set_multicast_list(struct net_device *dev)
569 dev_mc_sync(local->mdev, dev); 607 dev_mc_sync(local->mdev, dev);
570} 608}
571 609
572static void ieee80211_if_setup(struct net_device *dev)
573{
574 ether_setup(dev);
575 dev->hard_start_xmit = ieee80211_subif_start_xmit;
576 dev->wireless_handlers = &ieee80211_iw_handler_def;
577 dev->set_multicast_list = ieee80211_set_multicast_list;
578 dev->change_mtu = ieee80211_change_mtu;
579 dev->open = ieee80211_open;
580 dev->stop = ieee80211_stop;
581 dev->destructor = free_netdev;
582 /* we will validate the address ourselves in ->open */
583 dev->validate_addr = NULL;
584}
585/* 610/*
586 * Called when the netdev is removed or, by the code below, before 611 * Called when the netdev is removed or, by the code below, before
587 * the interface type changes. 612 * the interface type changes.
@@ -621,12 +646,20 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
621 if (ieee80211_vif_is_mesh(&sdata->vif)) 646 if (ieee80211_vif_is_mesh(&sdata->vif))
622 mesh_rmc_free(sdata); 647 mesh_rmc_free(sdata);
623 break; 648 break;
624 case NL80211_IFTYPE_STATION:
625 case NL80211_IFTYPE_ADHOC: 649 case NL80211_IFTYPE_ADHOC:
626 kfree(sdata->u.sta.extra_ie); 650 kfree_skb(sdata->u.ibss.probe_resp);
627 kfree(sdata->u.sta.assocreq_ies); 651 break;
628 kfree(sdata->u.sta.assocresp_ies); 652 case NL80211_IFTYPE_STATION:
629 kfree_skb(sdata->u.sta.probe_resp); 653 kfree(sdata->u.mgd.extra_ie);
654 kfree(sdata->u.mgd.assocreq_ies);
655 kfree(sdata->u.mgd.assocresp_ies);
656 kfree(sdata->u.mgd.ie_probereq);
657 kfree(sdata->u.mgd.ie_proberesp);
658 kfree(sdata->u.mgd.ie_auth);
659 kfree(sdata->u.mgd.ie_assocreq);
660 kfree(sdata->u.mgd.ie_reassocreq);
661 kfree(sdata->u.mgd.ie_deauth);
662 kfree(sdata->u.mgd.ie_disassoc);
630 break; 663 break;
631 case NL80211_IFTYPE_WDS: 664 case NL80211_IFTYPE_WDS:
632 case NL80211_IFTYPE_AP_VLAN: 665 case NL80211_IFTYPE_AP_VLAN:
@@ -642,6 +675,34 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
642 WARN_ON(flushed); 675 WARN_ON(flushed);
643} 676}
644 677
678static const struct net_device_ops ieee80211_dataif_ops = {
679 .ndo_open = ieee80211_open,
680 .ndo_stop = ieee80211_stop,
681 .ndo_uninit = ieee80211_teardown_sdata,
682 .ndo_start_xmit = ieee80211_subif_start_xmit,
683 .ndo_set_multicast_list = ieee80211_set_multicast_list,
684 .ndo_change_mtu = ieee80211_change_mtu,
685 .ndo_set_mac_address = eth_mac_addr,
686};
687
688static const struct net_device_ops ieee80211_monitorif_ops = {
689 .ndo_open = ieee80211_open,
690 .ndo_stop = ieee80211_stop,
691 .ndo_uninit = ieee80211_teardown_sdata,
692 .ndo_start_xmit = ieee80211_monitor_start_xmit,
693 .ndo_set_multicast_list = ieee80211_set_multicast_list,
694 .ndo_change_mtu = ieee80211_change_mtu,
695 .ndo_set_mac_address = eth_mac_addr,
696};
697
698static void ieee80211_if_setup(struct net_device *dev)
699{
700 ether_setup(dev);
701 dev->netdev_ops = &ieee80211_dataif_ops;
702 dev->wireless_handlers = &ieee80211_iw_handler_def;
703 dev->destructor = free_netdev;
704}
705
645/* 706/*
646 * Helper function to initialise an interface to a specific type. 707 * Helper function to initialise an interface to a specific type.
647 */ 708 */
@@ -653,7 +714,7 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
653 714
654 /* and set some type-dependent values */ 715 /* and set some type-dependent values */
655 sdata->vif.type = type; 716 sdata->vif.type = type;
656 sdata->dev->hard_start_xmit = ieee80211_subif_start_xmit; 717 sdata->dev->netdev_ops = &ieee80211_dataif_ops;
657 sdata->wdev.iftype = type; 718 sdata->wdev.iftype = type;
658 719
659 /* only monitor differs */ 720 /* only monitor differs */
@@ -665,16 +726,18 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
665 INIT_LIST_HEAD(&sdata->u.ap.vlans); 726 INIT_LIST_HEAD(&sdata->u.ap.vlans);
666 break; 727 break;
667 case NL80211_IFTYPE_STATION: 728 case NL80211_IFTYPE_STATION:
668 case NL80211_IFTYPE_ADHOC:
669 ieee80211_sta_setup_sdata(sdata); 729 ieee80211_sta_setup_sdata(sdata);
670 break; 730 break;
731 case NL80211_IFTYPE_ADHOC:
732 ieee80211_ibss_setup_sdata(sdata);
733 break;
671 case NL80211_IFTYPE_MESH_POINT: 734 case NL80211_IFTYPE_MESH_POINT:
672 if (ieee80211_vif_is_mesh(&sdata->vif)) 735 if (ieee80211_vif_is_mesh(&sdata->vif))
673 ieee80211_mesh_init_sdata(sdata); 736 ieee80211_mesh_init_sdata(sdata);
674 break; 737 break;
675 case NL80211_IFTYPE_MONITOR: 738 case NL80211_IFTYPE_MONITOR:
676 sdata->dev->type = ARPHRD_IEEE80211_RADIOTAP; 739 sdata->dev->type = ARPHRD_IEEE80211_RADIOTAP;
677 sdata->dev->hard_start_xmit = ieee80211_monitor_start_xmit; 740 sdata->dev->netdev_ops = &ieee80211_monitorif_ops;
678 sdata->u.mntr_flags = MONITOR_FLAG_CONTROL | 741 sdata->u.mntr_flags = MONITOR_FLAG_CONTROL |
679 MONITOR_FLAG_OTHER_BSS; 742 MONITOR_FLAG_OTHER_BSS;
680 break; 743 break;
@@ -755,6 +818,7 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
755 818
756 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN); 819 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
757 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy)); 820 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
821 ndev->features |= NETIF_F_NETNS_LOCAL;
758 822
759 /* don't use IEEE80211_DEV_TO_SUB_IF because it checks too much */ 823 /* don't use IEEE80211_DEV_TO_SUB_IF because it checks too much */
760 sdata = netdev_priv(ndev); 824 sdata = netdev_priv(ndev);
@@ -780,15 +844,15 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
780 if (ret) 844 if (ret)
781 goto fail; 845 goto fail;
782 846
783 ndev->uninit = ieee80211_teardown_sdata;
784
785 if (ieee80211_vif_is_mesh(&sdata->vif) && 847 if (ieee80211_vif_is_mesh(&sdata->vif) &&
786 params && params->mesh_id_len) 848 params && params->mesh_id_len)
787 ieee80211_sdata_set_mesh_id(sdata, 849 ieee80211_sdata_set_mesh_id(sdata,
788 params->mesh_id_len, 850 params->mesh_id_len,
789 params->mesh_id); 851 params->mesh_id);
790 852
853 mutex_lock(&local->iflist_mtx);
791 list_add_tail_rcu(&sdata->list, &local->interfaces); 854 list_add_tail_rcu(&sdata->list, &local->interfaces);
855 mutex_unlock(&local->iflist_mtx);
792 856
793 if (new_dev) 857 if (new_dev)
794 *new_dev = ndev; 858 *new_dev = ndev;
@@ -804,7 +868,10 @@ void ieee80211_if_remove(struct ieee80211_sub_if_data *sdata)
804{ 868{
805 ASSERT_RTNL(); 869 ASSERT_RTNL();
806 870
871 mutex_lock(&sdata->local->iflist_mtx);
807 list_del_rcu(&sdata->list); 872 list_del_rcu(&sdata->list);
873 mutex_unlock(&sdata->local->iflist_mtx);
874
808 synchronize_rcu(); 875 synchronize_rcu();
809 unregister_netdevice(sdata->dev); 876 unregister_netdevice(sdata->dev);
810} 877}
@@ -820,7 +887,16 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local)
820 ASSERT_RTNL(); 887 ASSERT_RTNL();
821 888
822 list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) { 889 list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) {
890 /*
891 * we cannot hold the iflist_mtx across unregister_netdevice,
892 * but we only need to hold it for list modifications to lock
893 * out readers since we're under the RTNL here as all other
894 * writers.
895 */
896 mutex_lock(&local->iflist_mtx);
823 list_del(&sdata->list); 897 list_del(&sdata->list);
898 mutex_unlock(&local->iflist_mtx);
899
824 unregister_netdevice(sdata->dev); 900 unregister_netdevice(sdata->dev);
825 } 901 }
826} 902}
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 999f7aa42326..687acf23054d 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -18,6 +18,7 @@
18#include "ieee80211_i.h" 18#include "ieee80211_i.h"
19#include "debugfs_key.h" 19#include "debugfs_key.h"
20#include "aes_ccm.h" 20#include "aes_ccm.h"
21#include "aes_cmac.h"
21 22
22 23
23/** 24/**
@@ -47,7 +48,6 @@
47 */ 48 */
48 49
49static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 50static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
50static const u8 zero_addr[ETH_ALEN];
51 51
52/* key mutex: used to synchronise todo runners */ 52/* key mutex: used to synchronise todo runners */
53static DEFINE_MUTEX(key_mutex); 53static DEFINE_MUTEX(key_mutex);
@@ -108,29 +108,18 @@ static void assert_key_lock(void)
108 WARN_ON(!mutex_is_locked(&key_mutex)); 108 WARN_ON(!mutex_is_locked(&key_mutex));
109} 109}
110 110
111static const u8 *get_mac_for_key(struct ieee80211_key *key) 111static struct ieee80211_sta *get_sta_for_key(struct ieee80211_key *key)
112{ 112{
113 const u8 *addr = bcast_addr;
114
115 /*
116 * If we're an AP we won't ever receive frames with a non-WEP
117 * group key so we tell the driver that by using the zero MAC
118 * address to indicate a transmit-only key.
119 */
120 if (key->conf.alg != ALG_WEP &&
121 (key->sdata->vif.type == NL80211_IFTYPE_AP ||
122 key->sdata->vif.type == NL80211_IFTYPE_AP_VLAN))
123 addr = zero_addr;
124
125 if (key->sta) 113 if (key->sta)
126 addr = key->sta->sta.addr; 114 return &key->sta->sta;
127 115
128 return addr; 116 return NULL;
129} 117}
130 118
131static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 119static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
132{ 120{
133 const u8 *addr; 121 struct ieee80211_sub_if_data *sdata;
122 struct ieee80211_sta *sta;
134 int ret; 123 int ret;
135 124
136 assert_key_lock(); 125 assert_key_lock();
@@ -139,11 +128,16 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
139 if (!key->local->ops->set_key) 128 if (!key->local->ops->set_key)
140 return; 129 return;
141 130
142 addr = get_mac_for_key(key); 131 sta = get_sta_for_key(key);
132
133 sdata = key->sdata;
134 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
135 sdata = container_of(sdata->bss,
136 struct ieee80211_sub_if_data,
137 u.ap);
143 138
144 ret = key->local->ops->set_key(local_to_hw(key->local), SET_KEY, 139 ret = key->local->ops->set_key(local_to_hw(key->local), SET_KEY,
145 key->sdata->dev->dev_addr, addr, 140 &sdata->vif, sta, &key->conf);
146 &key->conf);
147 141
148 if (!ret) { 142 if (!ret) {
149 spin_lock(&todo_lock); 143 spin_lock(&todo_lock);
@@ -155,12 +149,13 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
155 printk(KERN_ERR "mac80211-%s: failed to set key " 149 printk(KERN_ERR "mac80211-%s: failed to set key "
156 "(%d, %pM) to hardware (%d)\n", 150 "(%d, %pM) to hardware (%d)\n",
157 wiphy_name(key->local->hw.wiphy), 151 wiphy_name(key->local->hw.wiphy),
158 key->conf.keyidx, addr, ret); 152 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
159} 153}
160 154
161static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 155static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
162{ 156{
163 const u8 *addr; 157 struct ieee80211_sub_if_data *sdata;
158 struct ieee80211_sta *sta;
164 int ret; 159 int ret;
165 160
166 assert_key_lock(); 161 assert_key_lock();
@@ -176,17 +171,22 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
176 } 171 }
177 spin_unlock(&todo_lock); 172 spin_unlock(&todo_lock);
178 173
179 addr = get_mac_for_key(key); 174 sta = get_sta_for_key(key);
175 sdata = key->sdata;
176
177 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
178 sdata = container_of(sdata->bss,
179 struct ieee80211_sub_if_data,
180 u.ap);
180 181
181 ret = key->local->ops->set_key(local_to_hw(key->local), DISABLE_KEY, 182 ret = key->local->ops->set_key(local_to_hw(key->local), DISABLE_KEY,
182 key->sdata->dev->dev_addr, addr, 183 &sdata->vif, sta, &key->conf);
183 &key->conf);
184 184
185 if (ret) 185 if (ret)
186 printk(KERN_ERR "mac80211-%s: failed to remove key " 186 printk(KERN_ERR "mac80211-%s: failed to remove key "
187 "(%d, %pM) from hardware (%d)\n", 187 "(%d, %pM) from hardware (%d)\n",
188 wiphy_name(key->local->hw.wiphy), 188 wiphy_name(key->local->hw.wiphy),
189 key->conf.keyidx, addr, ret); 189 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
190 190
191 spin_lock(&todo_lock); 191 spin_lock(&todo_lock);
192 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 192 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
@@ -216,13 +216,38 @@ void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx)
216 spin_unlock_irqrestore(&sdata->local->key_lock, flags); 216 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
217} 217}
218 218
219static void
220__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
221{
222 struct ieee80211_key *key = NULL;
223
224 if (idx >= NUM_DEFAULT_KEYS &&
225 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
226 key = sdata->keys[idx];
227
228 rcu_assign_pointer(sdata->default_mgmt_key, key);
229
230 if (key)
231 add_todo(key, KEY_FLAG_TODO_DEFMGMTKEY);
232}
233
234void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
235 int idx)
236{
237 unsigned long flags;
238
239 spin_lock_irqsave(&sdata->local->key_lock, flags);
240 __ieee80211_set_default_mgmt_key(sdata, idx);
241 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
242}
243
219 244
220static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 245static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
221 struct sta_info *sta, 246 struct sta_info *sta,
222 struct ieee80211_key *old, 247 struct ieee80211_key *old,
223 struct ieee80211_key *new) 248 struct ieee80211_key *new)
224{ 249{
225 int idx, defkey; 250 int idx, defkey, defmgmtkey;
226 251
227 if (new) 252 if (new)
228 list_add(&new->list, &sdata->key_list); 253 list_add(&new->list, &sdata->key_list);
@@ -238,13 +263,19 @@ static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
238 idx = new->conf.keyidx; 263 idx = new->conf.keyidx;
239 264
240 defkey = old && sdata->default_key == old; 265 defkey = old && sdata->default_key == old;
266 defmgmtkey = old && sdata->default_mgmt_key == old;
241 267
242 if (defkey && !new) 268 if (defkey && !new)
243 __ieee80211_set_default_key(sdata, -1); 269 __ieee80211_set_default_key(sdata, -1);
270 if (defmgmtkey && !new)
271 __ieee80211_set_default_mgmt_key(sdata, -1);
244 272
245 rcu_assign_pointer(sdata->keys[idx], new); 273 rcu_assign_pointer(sdata->keys[idx], new);
246 if (defkey && new) 274 if (defkey && new)
247 __ieee80211_set_default_key(sdata, new->conf.keyidx); 275 __ieee80211_set_default_key(sdata, new->conf.keyidx);
276 if (defmgmtkey && new)
277 __ieee80211_set_default_mgmt_key(sdata,
278 new->conf.keyidx);
248 } 279 }
249 280
250 if (old) { 281 if (old) {
@@ -263,7 +294,7 @@ struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
263{ 294{
264 struct ieee80211_key *key; 295 struct ieee80211_key *key;
265 296
266 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS); 297 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
267 298
268 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 299 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
269 if (!key) 300 if (!key)
@@ -292,6 +323,10 @@ struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
292 key->conf.iv_len = CCMP_HDR_LEN; 323 key->conf.iv_len = CCMP_HDR_LEN;
293 key->conf.icv_len = CCMP_MIC_LEN; 324 key->conf.icv_len = CCMP_MIC_LEN;
294 break; 325 break;
326 case ALG_AES_CMAC:
327 key->conf.iv_len = 0;
328 key->conf.icv_len = sizeof(struct ieee80211_mmie);
329 break;
295 } 330 }
296 memcpy(key->conf.key, key_data, key_len); 331 memcpy(key->conf.key, key_data, key_len);
297 INIT_LIST_HEAD(&key->list); 332 INIT_LIST_HEAD(&key->list);
@@ -309,6 +344,19 @@ struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
309 } 344 }
310 } 345 }
311 346
347 if (alg == ALG_AES_CMAC) {
348 /*
349 * Initialize AES key state here as an optimization so that
350 * it does not need to be initialized for every packet.
351 */
352 key->u.aes_cmac.tfm =
353 ieee80211_aes_cmac_key_setup(key_data);
354 if (!key->u.aes_cmac.tfm) {
355 kfree(key);
356 return NULL;
357 }
358 }
359
312 return key; 360 return key;
313} 361}
314 362
@@ -352,7 +400,7 @@ void ieee80211_key_link(struct ieee80211_key *key,
352 */ 400 */
353 401
354 /* same here, the AP could be using QoS */ 402 /* same here, the AP could be using QoS */
355 ap = sta_info_get(key->local, key->sdata->u.sta.bssid); 403 ap = sta_info_get(key->local, key->sdata->u.mgd.bssid);
356 if (ap) { 404 if (ap) {
357 if (test_sta_flags(ap, WLAN_STA_WME)) 405 if (test_sta_flags(ap, WLAN_STA_WME))
358 key->conf.flags |= 406 key->conf.flags |=
@@ -462,6 +510,8 @@ static void __ieee80211_key_destroy(struct ieee80211_key *key)
462 510
463 if (key->conf.alg == ALG_CCMP) 511 if (key->conf.alg == ALG_CCMP)
464 ieee80211_aes_key_free(key->u.ccmp.tfm); 512 ieee80211_aes_key_free(key->u.ccmp.tfm);
513 if (key->conf.alg == ALG_AES_CMAC)
514 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
465 ieee80211_debugfs_key_remove(key); 515 ieee80211_debugfs_key_remove(key);
466 516
467 kfree(key); 517 kfree(key);
@@ -484,6 +534,7 @@ static void __ieee80211_key_todo(void)
484 list_del_init(&key->todo); 534 list_del_init(&key->todo);
485 todoflags = key->flags & (KEY_FLAG_TODO_ADD_DEBUGFS | 535 todoflags = key->flags & (KEY_FLAG_TODO_ADD_DEBUGFS |
486 KEY_FLAG_TODO_DEFKEY | 536 KEY_FLAG_TODO_DEFKEY |
537 KEY_FLAG_TODO_DEFMGMTKEY |
487 KEY_FLAG_TODO_HWACCEL_ADD | 538 KEY_FLAG_TODO_HWACCEL_ADD |
488 KEY_FLAG_TODO_HWACCEL_REMOVE | 539 KEY_FLAG_TODO_HWACCEL_REMOVE |
489 KEY_FLAG_TODO_DELETE); 540 KEY_FLAG_TODO_DELETE);
@@ -501,6 +552,11 @@ static void __ieee80211_key_todo(void)
501 ieee80211_debugfs_key_add_default(key->sdata); 552 ieee80211_debugfs_key_add_default(key->sdata);
502 work_done = true; 553 work_done = true;
503 } 554 }
555 if (todoflags & KEY_FLAG_TODO_DEFMGMTKEY) {
556 ieee80211_debugfs_key_remove_mgmt_default(key->sdata);
557 ieee80211_debugfs_key_add_mgmt_default(key->sdata);
558 work_done = true;
559 }
504 if (todoflags & KEY_FLAG_TODO_HWACCEL_ADD) { 560 if (todoflags & KEY_FLAG_TODO_HWACCEL_ADD) {
505 ieee80211_key_enable_hw_accel(key); 561 ieee80211_key_enable_hw_accel(key);
506 work_done = true; 562 work_done = true;
@@ -536,6 +592,7 @@ void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
536 ieee80211_key_lock(); 592 ieee80211_key_lock();
537 593
538 ieee80211_debugfs_key_remove_default(sdata); 594 ieee80211_debugfs_key_remove_default(sdata);
595 ieee80211_debugfs_key_remove_mgmt_default(sdata);
539 596
540 spin_lock_irqsave(&sdata->local->key_lock, flags); 597 spin_lock_irqsave(&sdata->local->key_lock, flags);
541 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 598 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index 425816e0996c..215d3ef42a4f 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -46,6 +46,8 @@ struct sta_info;
46 * acceleration. 46 * acceleration.
47 * @KEY_FLAG_TODO_DEFKEY: Key is default key and debugfs needs to be updated. 47 * @KEY_FLAG_TODO_DEFKEY: Key is default key and debugfs needs to be updated.
48 * @KEY_FLAG_TODO_ADD_DEBUGFS: Key needs to be added to debugfs. 48 * @KEY_FLAG_TODO_ADD_DEBUGFS: Key needs to be added to debugfs.
49 * @KEY_FLAG_TODO_DEFMGMTKEY: Key is default management key and debugfs needs
50 * to be updated.
49 */ 51 */
50enum ieee80211_internal_key_flags { 52enum ieee80211_internal_key_flags {
51 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0), 53 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0),
@@ -54,6 +56,7 @@ enum ieee80211_internal_key_flags {
54 KEY_FLAG_TODO_HWACCEL_REMOVE = BIT(3), 56 KEY_FLAG_TODO_HWACCEL_REMOVE = BIT(3),
55 KEY_FLAG_TODO_DEFKEY = BIT(4), 57 KEY_FLAG_TODO_DEFKEY = BIT(4),
56 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5), 58 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5),
59 KEY_FLAG_TODO_DEFMGMTKEY = BIT(6),
57}; 60};
58 61
59struct tkip_ctx { 62struct tkip_ctx {
@@ -96,6 +99,16 @@ struct ieee80211_key {
96 u8 tx_crypto_buf[6 * AES_BLOCK_LEN]; 99 u8 tx_crypto_buf[6 * AES_BLOCK_LEN];
97 u8 rx_crypto_buf[6 * AES_BLOCK_LEN]; 100 u8 rx_crypto_buf[6 * AES_BLOCK_LEN];
98 } ccmp; 101 } ccmp;
102 struct {
103 u8 tx_pn[6];
104 u8 rx_pn[6];
105 struct crypto_cipher *tfm;
106 u32 replays; /* dot11RSNAStatsCMACReplays */
107 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
108 /* scratch buffers for virt_to_page() (crypto API) */
109 u8 tx_crypto_buf[2 * AES_BLOCK_LEN];
110 u8 rx_crypto_buf[2 * AES_BLOCK_LEN];
111 } aes_cmac;
99 } u; 112 } u;
100 113
101 /* number of times this key has been used */ 114 /* number of times this key has been used */
@@ -114,6 +127,7 @@ struct ieee80211_key {
114 struct dentry *tx_spec; 127 struct dentry *tx_spec;
115 struct dentry *rx_spec; 128 struct dentry *rx_spec;
116 struct dentry *replays; 129 struct dentry *replays;
130 struct dentry *icverrors;
117 struct dentry *key; 131 struct dentry *key;
118 struct dentry *ifindex; 132 struct dentry *ifindex;
119 int cnt; 133 int cnt;
@@ -140,6 +154,8 @@ void ieee80211_key_link(struct ieee80211_key *key,
140 struct sta_info *sta); 154 struct sta_info *sta);
141void ieee80211_key_free(struct ieee80211_key *key); 155void ieee80211_key_free(struct ieee80211_key *key);
142void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx); 156void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx);
157void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
158 int idx);
143void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata); 159void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata);
144void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata); 160void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata);
145void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata); 161void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata);
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 24b14363d6e7..f38db4d37e5d 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -168,24 +168,67 @@ int ieee80211_if_config(struct ieee80211_sub_if_data *sdata, u32 changed)
168 return 0; 168 return 0;
169 169
170 memset(&conf, 0, sizeof(conf)); 170 memset(&conf, 0, sizeof(conf));
171 conf.changed = changed;
172 171
173 if (sdata->vif.type == NL80211_IFTYPE_STATION || 172 if (sdata->vif.type == NL80211_IFTYPE_STATION)
174 sdata->vif.type == NL80211_IFTYPE_ADHOC) 173 conf.bssid = sdata->u.mgd.bssid;
175 conf.bssid = sdata->u.sta.bssid; 174 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
175 conf.bssid = sdata->u.ibss.bssid;
176 else if (sdata->vif.type == NL80211_IFTYPE_AP) 176 else if (sdata->vif.type == NL80211_IFTYPE_AP)
177 conf.bssid = sdata->dev->dev_addr; 177 conf.bssid = sdata->dev->dev_addr;
178 else if (ieee80211_vif_is_mesh(&sdata->vif)) { 178 else if (ieee80211_vif_is_mesh(&sdata->vif)) {
179 u8 zero[ETH_ALEN] = { 0 }; 179 static const u8 zero[ETH_ALEN] = { 0 };
180 conf.bssid = zero; 180 conf.bssid = zero;
181 } else { 181 } else {
182 WARN_ON(1); 182 WARN_ON(1);
183 return -EINVAL; 183 return -EINVAL;
184 } 184 }
185 185
186 switch (sdata->vif.type) {
187 case NL80211_IFTYPE_AP:
188 case NL80211_IFTYPE_ADHOC:
189 case NL80211_IFTYPE_MESH_POINT:
190 break;
191 default:
192 /* do not warn to simplify caller in scan.c */
193 changed &= ~IEEE80211_IFCC_BEACON_ENABLED;
194 if (WARN_ON(changed & IEEE80211_IFCC_BEACON))
195 return -EINVAL;
196 changed &= ~IEEE80211_IFCC_BEACON;
197 break;
198 }
199
200 if (changed & IEEE80211_IFCC_BEACON_ENABLED) {
201 if (local->sw_scanning) {
202 conf.enable_beacon = false;
203 } else {
204 /*
205 * Beacon should be enabled, but AP mode must
206 * check whether there is a beacon configured.
207 */
208 switch (sdata->vif.type) {
209 case NL80211_IFTYPE_AP:
210 conf.enable_beacon =
211 !!rcu_dereference(sdata->u.ap.beacon);
212 break;
213 case NL80211_IFTYPE_ADHOC:
214 conf.enable_beacon = !!sdata->u.ibss.probe_resp;
215 break;
216 case NL80211_IFTYPE_MESH_POINT:
217 conf.enable_beacon = true;
218 break;
219 default:
220 /* not reached */
221 WARN_ON(1);
222 break;
223 }
224 }
225 }
226
186 if (WARN_ON(!conf.bssid && (changed & IEEE80211_IFCC_BSSID))) 227 if (WARN_ON(!conf.bssid && (changed & IEEE80211_IFCC_BSSID)))
187 return -EINVAL; 228 return -EINVAL;
188 229
230 conf.changed = changed;
231
189 return local->ops->config_interface(local_to_hw(local), 232 return local->ops->config_interface(local_to_hw(local),
190 &sdata->vif, &conf); 233 &sdata->vif, &conf);
191} 234}
@@ -208,26 +251,22 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
208 } 251 }
209 252
210 if (chan != local->hw.conf.channel || 253 if (chan != local->hw.conf.channel ||
211 channel_type != local->hw.conf.ht.channel_type) { 254 channel_type != local->hw.conf.channel_type) {
212 local->hw.conf.channel = chan; 255 local->hw.conf.channel = chan;
213 local->hw.conf.ht.channel_type = channel_type; 256 local->hw.conf.channel_type = channel_type;
214 switch (channel_type) {
215 case NL80211_CHAN_NO_HT:
216 local->hw.conf.ht.enabled = false;
217 break;
218 case NL80211_CHAN_HT20:
219 case NL80211_CHAN_HT40MINUS:
220 case NL80211_CHAN_HT40PLUS:
221 local->hw.conf.ht.enabled = true;
222 break;
223 }
224 changed |= IEEE80211_CONF_CHANGE_CHANNEL; 257 changed |= IEEE80211_CONF_CHANGE_CHANNEL;
225 } 258 }
226 259
227 if (!local->hw.conf.power_level) 260 if (local->sw_scanning)
228 power = chan->max_power; 261 power = chan->max_power;
229 else 262 else
230 power = min(chan->max_power, local->hw.conf.power_level); 263 power = local->power_constr_level ?
264 (chan->max_power - local->power_constr_level) :
265 chan->max_power;
266
267 if (local->user_power_level)
268 power = min(power, local->user_power_level);
269
231 if (local->hw.conf.power_level != power) { 270 if (local->hw.conf.power_level != power) {
232 changed |= IEEE80211_CONF_CHANGE_POWER; 271 changed |= IEEE80211_CONF_CHANGE_POWER;
233 local->hw.conf.power_level = power; 272 local->hw.conf.power_level = power;
@@ -667,7 +706,7 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
667 const struct ieee80211_ops *ops) 706 const struct ieee80211_ops *ops)
668{ 707{
669 struct ieee80211_local *local; 708 struct ieee80211_local *local;
670 int priv_size; 709 int priv_size, i;
671 struct wiphy *wiphy; 710 struct wiphy *wiphy;
672 711
673 /* Ensure 32-byte alignment of our private data and hw private data. 712 /* Ensure 32-byte alignment of our private data and hw private data.
@@ -695,6 +734,10 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
695 return NULL; 734 return NULL;
696 735
697 wiphy->privid = mac80211_wiphy_privid; 736 wiphy->privid = mac80211_wiphy_privid;
737 wiphy->max_scan_ssids = 4;
738 /* Yes, putting cfg80211_bss into ieee80211_bss is a hack */
739 wiphy->bss_priv_size = sizeof(struct ieee80211_bss) -
740 sizeof(struct cfg80211_bss);
698 741
699 local = wiphy_priv(wiphy); 742 local = wiphy_priv(wiphy);
700 local->hw.wiphy = wiphy; 743 local->hw.wiphy = wiphy;
@@ -722,6 +765,7 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
722 local->hw.conf.radio_enabled = true; 765 local->hw.conf.radio_enabled = true;
723 766
724 INIT_LIST_HEAD(&local->interfaces); 767 INIT_LIST_HEAD(&local->interfaces);
768 mutex_init(&local->iflist_mtx);
725 769
726 spin_lock_init(&local->key_lock); 770 spin_lock_init(&local->key_lock);
727 771
@@ -736,6 +780,11 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
736 setup_timer(&local->dynamic_ps_timer, 780 setup_timer(&local->dynamic_ps_timer,
737 ieee80211_dynamic_ps_timer, (unsigned long) local); 781 ieee80211_dynamic_ps_timer, (unsigned long) local);
738 782
783 for (i = 0; i < IEEE80211_MAX_AMPDU_QUEUES; i++)
784 local->ampdu_ac_queue[i] = -1;
785 /* using an s8 won't work with more than that */
786 BUILD_BUG_ON(IEEE80211_MAX_AMPDU_QUEUES > 127);
787
739 sta_info_init(local); 788 sta_info_init(local);
740 789
741 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending, 790 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
@@ -754,6 +803,23 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
754} 803}
755EXPORT_SYMBOL(ieee80211_alloc_hw); 804EXPORT_SYMBOL(ieee80211_alloc_hw);
756 805
806static const struct net_device_ops ieee80211_master_ops = {
807 .ndo_start_xmit = ieee80211_master_start_xmit,
808 .ndo_open = ieee80211_master_open,
809 .ndo_stop = ieee80211_master_stop,
810 .ndo_set_multicast_list = ieee80211_master_set_multicast_list,
811 .ndo_select_queue = ieee80211_select_queue,
812};
813
814static void ieee80211_master_setup(struct net_device *mdev)
815{
816 mdev->type = ARPHRD_IEEE80211;
817 mdev->netdev_ops = &ieee80211_master_ops;
818 mdev->header_ops = &ieee80211_header_ops;
819 mdev->tx_queue_len = 1000;
820 mdev->addr_len = ETH_ALEN;
821}
822
757int ieee80211_register_hw(struct ieee80211_hw *hw) 823int ieee80211_register_hw(struct ieee80211_hw *hw)
758{ 824{
759 struct ieee80211_local *local = hw_to_local(hw); 825 struct ieee80211_local *local = hw_to_local(hw);
@@ -761,25 +827,33 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
761 enum ieee80211_band band; 827 enum ieee80211_band band;
762 struct net_device *mdev; 828 struct net_device *mdev;
763 struct ieee80211_master_priv *mpriv; 829 struct ieee80211_master_priv *mpriv;
830 int channels, i, j;
764 831
765 /* 832 /*
766 * generic code guarantees at least one band, 833 * generic code guarantees at least one band,
767 * set this very early because much code assumes 834 * set this very early because much code assumes
768 * that hw.conf.channel is assigned 835 * that hw.conf.channel is assigned
769 */ 836 */
837 channels = 0;
770 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 838 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
771 struct ieee80211_supported_band *sband; 839 struct ieee80211_supported_band *sband;
772 840
773 sband = local->hw.wiphy->bands[band]; 841 sband = local->hw.wiphy->bands[band];
774 if (sband) { 842 if (sband && !local->oper_channel) {
775 /* init channel we're on */ 843 /* init channel we're on */
776 local->hw.conf.channel = 844 local->hw.conf.channel =
777 local->oper_channel = 845 local->oper_channel =
778 local->scan_channel = &sband->channels[0]; 846 local->scan_channel = &sband->channels[0];
779 break;
780 } 847 }
848 if (sband)
849 channels += sband->n_channels;
781 } 850 }
782 851
852 local->int_scan_req.n_channels = channels;
853 local->int_scan_req.channels = kzalloc(sizeof(void *) * channels, GFP_KERNEL);
854 if (!local->int_scan_req.channels)
855 return -ENOMEM;
856
783 /* if low-level driver supports AP, we also support VLAN */ 857 /* if low-level driver supports AP, we also support VLAN */
784 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_AP)) 858 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_AP))
785 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN); 859 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
@@ -787,9 +861,14 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
787 /* mac80211 always supports monitor */ 861 /* mac80211 always supports monitor */
788 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR); 862 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
789 863
864 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
865 local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
866 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
867 local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;
868
790 result = wiphy_register(local->hw.wiphy); 869 result = wiphy_register(local->hw.wiphy);
791 if (result < 0) 870 if (result < 0)
792 return result; 871 goto fail_wiphy_register;
793 872
794 /* 873 /*
795 * We use the number of queues for feature tests (QoS, HT) internally 874 * We use the number of queues for feature tests (QoS, HT) internally
@@ -803,8 +882,8 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
803 hw->ampdu_queues = 0; 882 hw->ampdu_queues = 0;
804 883
805 mdev = alloc_netdev_mq(sizeof(struct ieee80211_master_priv), 884 mdev = alloc_netdev_mq(sizeof(struct ieee80211_master_priv),
806 "wmaster%d", ether_setup, 885 "wmaster%d", ieee80211_master_setup,
807 ieee80211_num_queues(hw)); 886 hw->queues);
808 if (!mdev) 887 if (!mdev)
809 goto fail_mdev_alloc; 888 goto fail_mdev_alloc;
810 889
@@ -812,17 +891,8 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
812 mpriv->local = local; 891 mpriv->local = local;
813 local->mdev = mdev; 892 local->mdev = mdev;
814 893
815 ieee80211_rx_bss_list_init(local);
816
817 mdev->hard_start_xmit = ieee80211_master_start_xmit;
818 mdev->open = ieee80211_master_open;
819 mdev->stop = ieee80211_master_stop;
820 mdev->type = ARPHRD_IEEE80211;
821 mdev->header_ops = &ieee80211_header_ops;
822 mdev->set_multicast_list = ieee80211_master_set_multicast_list;
823
824 local->hw.workqueue = 894 local->hw.workqueue =
825 create_freezeable_workqueue(wiphy_name(local->hw.wiphy)); 895 create_singlethread_workqueue(wiphy_name(local->hw.wiphy));
826 if (!local->hw.workqueue) { 896 if (!local->hw.workqueue) {
827 result = -ENOMEM; 897 result = -ENOMEM;
828 goto fail_workqueue; 898 goto fail_workqueue;
@@ -846,15 +916,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
846 916
847 local->hw.conf.listen_interval = local->hw.max_listen_interval; 917 local->hw.conf.listen_interval = local->hw.max_listen_interval;
848 918
849 local->wstats_flags |= local->hw.flags & (IEEE80211_HW_SIGNAL_UNSPEC |
850 IEEE80211_HW_SIGNAL_DB |
851 IEEE80211_HW_SIGNAL_DBM) ?
852 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID;
853 local->wstats_flags |= local->hw.flags & IEEE80211_HW_NOISE_DBM ?
854 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID;
855 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
856 local->wstats_flags |= IW_QUAL_DBM;
857
858 result = sta_info_start(local); 919 result = sta_info_start(local);
859 if (result < 0) 920 if (result < 0)
860 goto fail_sta_info; 921 goto fail_sta_info;
@@ -866,6 +927,7 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
866 927
867 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN); 928 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
868 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy)); 929 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
930 local->mdev->features |= NETIF_F_NETNS_LOCAL;
869 931
870 result = register_netdevice(local->mdev); 932 result = register_netdevice(local->mdev);
871 if (result < 0) 933 if (result < 0)
@@ -887,8 +949,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
887 goto fail_wep; 949 goto fail_wep;
888 } 950 }
889 951
890 local->mdev->select_queue = ieee80211_select_queue;
891
892 /* add one default STA interface if supported */ 952 /* add one default STA interface if supported */
893 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_STATION)) { 953 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_STATION)) {
894 result = ieee80211_if_add(local, "wlan%d", NULL, 954 result = ieee80211_if_add(local, "wlan%d", NULL,
@@ -902,6 +962,20 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
902 962
903 ieee80211_led_init(local); 963 ieee80211_led_init(local);
904 964
965 /* alloc internal scan request */
966 i = 0;
967 local->int_scan_req.ssids = &local->scan_ssid;
968 local->int_scan_req.n_ssids = 1;
969 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
970 if (!hw->wiphy->bands[band])
971 continue;
972 for (j = 0; j < hw->wiphy->bands[band]->n_channels; j++) {
973 local->int_scan_req.channels[i] =
974 &hw->wiphy->bands[band]->channels[j];
975 i++;
976 }
977 }
978
905 return 0; 979 return 0;
906 980
907fail_wep: 981fail_wep:
@@ -920,6 +994,8 @@ fail_workqueue:
920 free_netdev(local->mdev); 994 free_netdev(local->mdev);
921fail_mdev_alloc: 995fail_mdev_alloc:
922 wiphy_unregister(local->hw.wiphy); 996 wiphy_unregister(local->hw.wiphy);
997fail_wiphy_register:
998 kfree(local->int_scan_req.channels);
923 return result; 999 return result;
924} 1000}
925EXPORT_SYMBOL(ieee80211_register_hw); 1001EXPORT_SYMBOL(ieee80211_register_hw);
@@ -947,7 +1023,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
947 1023
948 rtnl_unlock(); 1024 rtnl_unlock();
949 1025
950 ieee80211_rx_bss_list_deinit(local);
951 ieee80211_clear_tx_pending(local); 1026 ieee80211_clear_tx_pending(local);
952 sta_info_stop(local); 1027 sta_info_stop(local);
953 rate_control_deinitialize(local); 1028 rate_control_deinitialize(local);
@@ -965,6 +1040,7 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
965 ieee80211_wep_free(local); 1040 ieee80211_wep_free(local);
966 ieee80211_led_exit(local); 1041 ieee80211_led_exit(local);
967 free_netdev(local->mdev); 1042 free_netdev(local->mdev);
1043 kfree(local->int_scan_req.channels);
968} 1044}
969EXPORT_SYMBOL(ieee80211_unregister_hw); 1045EXPORT_SYMBOL(ieee80211_unregister_hw);
970 1046
@@ -972,6 +1048,8 @@ void ieee80211_free_hw(struct ieee80211_hw *hw)
972{ 1048{
973 struct ieee80211_local *local = hw_to_local(hw); 1049 struct ieee80211_local *local = hw_to_local(hw);
974 1050
1051 mutex_destroy(&local->iflist_mtx);
1052
975 wiphy_free(local->hw.wiphy); 1053 wiphy_free(local->hw.wiphy);
976} 1054}
977EXPORT_SYMBOL(ieee80211_free_hw); 1055EXPORT_SYMBOL(ieee80211_free_hw);
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 82f568e94365..9a3e5de0410a 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -275,16 +275,6 @@ u32 mesh_table_hash(u8 *addr, struct ieee80211_sub_if_data *sdata, struct mesh_t
275 & tbl->hash_mask; 275 & tbl->hash_mask;
276} 276}
277 277
278u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len)
279{
280 if (!mesh_id_len)
281 return 1;
282 else if (mesh_id_len == 1)
283 return (u8) mesh_id[0];
284 else
285 return (u8) (mesh_id[0] + 2 * mesh_id[1]);
286}
287
288struct mesh_table *mesh_table_alloc(int size_order) 278struct mesh_table *mesh_table_alloc(int size_order)
289{ 279{
290 int i; 280 int i;
@@ -442,7 +432,8 @@ void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
442 432
443 ifmsh->housekeeping = true; 433 ifmsh->housekeeping = true;
444 queue_work(local->hw.workqueue, &ifmsh->work); 434 queue_work(local->hw.workqueue, &ifmsh->work);
445 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON); 435 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON |
436 IEEE80211_IFCC_BEACON_ENABLED);
446} 437}
447 438
448void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata) 439void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
@@ -476,7 +467,7 @@ static void ieee80211_mesh_rx_bcn_presp(struct ieee80211_sub_if_data *sdata,
476 struct ieee80211_local *local = sdata->local; 467 struct ieee80211_local *local = sdata->local;
477 struct ieee802_11_elems elems; 468 struct ieee802_11_elems elems;
478 struct ieee80211_channel *channel; 469 struct ieee80211_channel *channel;
479 u64 supp_rates = 0; 470 u32 supp_rates = 0;
480 size_t baselen; 471 size_t baselen;
481 int freq; 472 int freq;
482 enum ieee80211_band band = rx_status->band; 473 enum ieee80211_band band = rx_status->band;
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index c197ab545e54..d891d7ddccd7 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -24,15 +24,15 @@
24 * 24 *
25 * 25 *
26 * 26 *
27 * @MESH_PATH_ACTIVE: the mesh path is can be used for forwarding 27 * @MESH_PATH_ACTIVE: the mesh path can be used for forwarding
28 * @MESH_PATH_RESOLVED: the discovery process is running for this mesh path 28 * @MESH_PATH_RESOLVING: the discovery process is running for this mesh path
29 * @MESH_PATH_DSN_VALID: the mesh path contains a valid destination sequence 29 * @MESH_PATH_DSN_VALID: the mesh path contains a valid destination sequence
30 * number 30 * number
31 * @MESH_PATH_FIXED: the mesh path has been manually set and should not be 31 * @MESH_PATH_FIXED: the mesh path has been manually set and should not be
32 * modified 32 * modified
33 * @MESH_PATH_RESOLVED: the mesh path can has been resolved 33 * @MESH_PATH_RESOLVED: the mesh path can has been resolved
34 * 34 *
35 * MESH_PATH_RESOLVED and MESH_PATH_DELETE are used by the mesh path timer to 35 * MESH_PATH_RESOLVED is used by the mesh path timer to
36 * decide when to stop or cancel the mesh path discovery. 36 * decide when to stop or cancel the mesh path discovery.
37 */ 37 */
38enum mesh_path_flags { 38enum mesh_path_flags {
@@ -196,7 +196,6 @@ struct mesh_rmc {
196 196
197/* Public interfaces */ 197/* Public interfaces */
198/* Various */ 198/* Various */
199u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len);
200int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr); 199int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr);
201int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr, 200int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
202 struct ieee80211_sub_if_data *sdata); 201 struct ieee80211_sub_if_data *sdata);
@@ -236,14 +235,13 @@ void mesh_rx_path_sel_frame(struct ieee80211_sub_if_data *sdata,
236 struct ieee80211_mgmt *mgmt, size_t len); 235 struct ieee80211_mgmt *mgmt, size_t len);
237int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata); 236int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata);
238/* Mesh plinks */ 237/* Mesh plinks */
239void mesh_neighbour_update(u8 *hw_addr, u64 rates, 238void mesh_neighbour_update(u8 *hw_addr, u32 rates,
240 struct ieee80211_sub_if_data *sdata, bool add); 239 struct ieee80211_sub_if_data *sdata, bool add);
241bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie); 240bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie);
242void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata); 241void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata);
243void mesh_plink_broken(struct sta_info *sta); 242void mesh_plink_broken(struct sta_info *sta);
244void mesh_plink_deactivate(struct sta_info *sta); 243void mesh_plink_deactivate(struct sta_info *sta);
245int mesh_plink_open(struct sta_info *sta); 244int mesh_plink_open(struct sta_info *sta);
246int mesh_plink_close(struct sta_info *sta);
247void mesh_plink_block(struct sta_info *sta); 245void mesh_plink_block(struct sta_info *sta);
248void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, 246void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata,
249 struct ieee80211_mgmt *mgmt, size_t len, 247 struct ieee80211_mgmt *mgmt, size_t len,
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index 71fe60961230..60b35accda91 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -58,7 +58,6 @@ static inline u32 u32_field_get(u8 *preq_elem, int offset, bool ae)
58#define PERR_IE_DST_ADDR(x) (x + 2) 58#define PERR_IE_DST_ADDR(x) (x + 2)
59#define PERR_IE_DST_DSN(x) u32_field_get(x, 8, 0); 59#define PERR_IE_DST_DSN(x) u32_field_get(x, 8, 0);
60 60
61#define TU_TO_EXP_TIME(x) (jiffies + msecs_to_jiffies(x * 1024 / 1000))
62#define MSEC_TO_TU(x) (x*1000/1024) 61#define MSEC_TO_TU(x) (x*1000/1024)
63#define DSN_GT(x, y) ((long) (y) - (long) (x) < 0) 62#define DSN_GT(x, y) ((long) (y) - (long) (x) < 0)
64#define DSN_LT(x, y) ((long) (x) - (long) (y) < 0) 63#define DSN_LT(x, y) ((long) (x) - (long) (y) < 0)
@@ -149,7 +148,7 @@ static int mesh_path_sel_frame_tx(enum mpath_frame_type action, u8 flags,
149 pos += ETH_ALEN; 148 pos += ETH_ALEN;
150 memcpy(pos, &dst_dsn, 4); 149 memcpy(pos, &dst_dsn, 4);
151 150
152 ieee80211_tx_skb(sdata, skb, 0); 151 ieee80211_tx_skb(sdata, skb, 1);
153 return 0; 152 return 0;
154} 153}
155 154
@@ -198,7 +197,7 @@ int mesh_path_error_tx(u8 *dst, __le32 dst_dsn, u8 *ra,
198 pos += ETH_ALEN; 197 pos += ETH_ALEN;
199 memcpy(pos, &dst_dsn, 4); 198 memcpy(pos, &dst_dsn, 4);
200 199
201 ieee80211_tx_skb(sdata, skb, 0); 200 ieee80211_tx_skb(sdata, skb, 1);
202 return 0; 201 return 0;
203} 202}
204 203
@@ -759,7 +758,7 @@ enddiscovery:
759} 758}
760 759
761/** 760/**
762 * ieee80211s_lookup_nexthop - put the appropriate next hop on a mesh frame 761 * mesh_nexthop_lookup - put the appropriate next hop on a mesh frame
763 * 762 *
764 * @skb: 802.11 frame to be sent 763 * @skb: 802.11 frame to be sent
765 * @sdata: network subif the frame will be sent through 764 * @sdata: network subif the frame will be sent through
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 1159bdb4119c..a8bbdeca013a 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -93,7 +93,7 @@ static inline void mesh_plink_fsm_restart(struct sta_info *sta)
93 * on it in the lifecycle management section! 93 * on it in the lifecycle management section!
94 */ 94 */
95static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata, 95static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
96 u8 *hw_addr, u64 rates) 96 u8 *hw_addr, u32 rates)
97{ 97{
98 struct ieee80211_local *local = sdata->local; 98 struct ieee80211_local *local = sdata->local;
99 struct sta_info *sta; 99 struct sta_info *sta;
@@ -218,11 +218,11 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
218 memcpy(pos, &reason, 2); 218 memcpy(pos, &reason, 2);
219 } 219 }
220 220
221 ieee80211_tx_skb(sdata, skb, 0); 221 ieee80211_tx_skb(sdata, skb, 1);
222 return 0; 222 return 0;
223} 223}
224 224
225void mesh_neighbour_update(u8 *hw_addr, u64 rates, struct ieee80211_sub_if_data *sdata, 225void mesh_neighbour_update(u8 *hw_addr, u32 rates, struct ieee80211_sub_if_data *sdata,
226 bool peer_accepting_plinks) 226 bool peer_accepting_plinks)
227{ 227{
228 struct ieee80211_local *local = sdata->local; 228 struct ieee80211_local *local = sdata->local;
@@ -361,36 +361,6 @@ void mesh_plink_block(struct sta_info *sta)
361 spin_unlock_bh(&sta->lock); 361 spin_unlock_bh(&sta->lock);
362} 362}
363 363
364int mesh_plink_close(struct sta_info *sta)
365{
366 struct ieee80211_sub_if_data *sdata = sta->sdata;
367 __le16 llid, plid, reason;
368
369 mpl_dbg("Mesh plink: closing link with %pM\n", sta->sta.addr);
370 spin_lock_bh(&sta->lock);
371 sta->reason = cpu_to_le16(MESH_LINK_CANCELLED);
372 reason = sta->reason;
373
374 if (sta->plink_state == PLINK_LISTEN ||
375 sta->plink_state == PLINK_BLOCKED) {
376 mesh_plink_fsm_restart(sta);
377 spin_unlock_bh(&sta->lock);
378 return 0;
379 } else if (sta->plink_state == PLINK_ESTAB) {
380 __mesh_plink_deactivate(sta);
381 /* The timer should not be running */
382 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
383 } else if (!mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)))
384 sta->ignore_plink_timer = true;
385
386 sta->plink_state = PLINK_HOLDING;
387 llid = sta->llid;
388 plid = sta->plid;
389 spin_unlock_bh(&sta->lock);
390 mesh_plink_frame_tx(sta->sdata, PLINK_CLOSE, sta->sta.addr, llid,
391 plid, reason);
392 return 0;
393}
394 364
395void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt, 365void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt,
396 size_t len, struct ieee80211_rx_status *rx_status) 366 size_t len, struct ieee80211_rx_status *rx_status)
@@ -477,7 +447,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
477 spin_lock_bh(&sta->lock); 447 spin_lock_bh(&sta->lock);
478 } else if (!sta) { 448 } else if (!sta) {
479 /* ftype == PLINK_OPEN */ 449 /* ftype == PLINK_OPEN */
480 u64 rates; 450 u32 rates;
481 if (!mesh_plink_free_count(sdata)) { 451 if (!mesh_plink_free_count(sdata)) {
482 mpl_dbg("Mesh plink error: no more free plinks\n"); 452 mpl_dbg("Mesh plink error: no more free plinks\n");
483 rcu_read_unlock(); 453 rcu_read_unlock();
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 2b890af01ba4..841b8450b3de 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1,6 +1,6 @@
1/* 1/*
2 * BSS client mode implementation 2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi> 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4 * Copyright 2004, Instant802 Networks, Inc. 4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc. 5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
@@ -15,11 +15,8 @@
15#include <linux/if_ether.h> 15#include <linux/if_ether.h>
16#include <linux/skbuff.h> 16#include <linux/skbuff.h>
17#include <linux/if_arp.h> 17#include <linux/if_arp.h>
18#include <linux/wireless.h>
19#include <linux/random.h>
20#include <linux/etherdevice.h> 18#include <linux/etherdevice.h>
21#include <linux/rtnetlink.h> 19#include <linux/rtnetlink.h>
22#include <net/iw_handler.h>
23#include <net/mac80211.h> 20#include <net/mac80211.h>
24#include <asm/unaligned.h> 21#include <asm/unaligned.h>
25 22
@@ -35,15 +32,6 @@
35#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 32#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
36#define IEEE80211_PROBE_INTERVAL (60 * HZ) 33#define IEEE80211_PROBE_INTERVAL (60 * HZ)
37#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 34#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
38#define IEEE80211_SCAN_INTERVAL (2 * HZ)
39#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
40#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
41
42#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
43#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
44
45#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
46
47 35
48/* utils */ 36/* utils */
49static int ecw2cw(int ecw) 37static int ecw2cw(int ecw)
@@ -55,10 +43,10 @@ static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
55{ 43{
56 u8 *end, *pos; 44 u8 *end, *pos;
57 45
58 pos = bss->ies; 46 pos = bss->cbss.information_elements;
59 if (pos == NULL) 47 if (pos == NULL)
60 return NULL; 48 return NULL;
61 end = pos + bss->ies_len; 49 end = pos + bss->cbss.len_information_elements;
62 50
63 while (pos + 1 < end) { 51 while (pos + 1 < end) {
64 if (pos + 2 + pos[1] > end) 52 if (pos + 2 + pos[1] > end)
@@ -73,7 +61,7 @@ static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
73 61
74static int ieee80211_compatible_rates(struct ieee80211_bss *bss, 62static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
75 struct ieee80211_supported_band *sband, 63 struct ieee80211_supported_band *sband,
76 u64 *rates) 64 u32 *rates)
77{ 65{
78 int i, j, count; 66 int i, j, count;
79 *rates = 0; 67 *rates = 0;
@@ -92,160 +80,40 @@ static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
92 return count; 80 return count;
93} 81}
94 82
95/* also used by mesh code */
96u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
97 struct ieee802_11_elems *elems,
98 enum ieee80211_band band)
99{
100 struct ieee80211_supported_band *sband;
101 struct ieee80211_rate *bitrates;
102 size_t num_rates;
103 u64 supp_rates;
104 int i, j;
105 sband = local->hw.wiphy->bands[band];
106
107 if (!sband) {
108 WARN_ON(1);
109 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
110 }
111
112 bitrates = sband->bitrates;
113 num_rates = sband->n_bitrates;
114 supp_rates = 0;
115 for (i = 0; i < elems->supp_rates_len +
116 elems->ext_supp_rates_len; i++) {
117 u8 rate = 0;
118 int own_rate;
119 if (i < elems->supp_rates_len)
120 rate = elems->supp_rates[i];
121 else if (elems->ext_supp_rates)
122 rate = elems->ext_supp_rates
123 [i - elems->supp_rates_len];
124 own_rate = 5 * (rate & 0x7f);
125 for (j = 0; j < num_rates; j++)
126 if (bitrates[j].bitrate == own_rate)
127 supp_rates |= BIT(j);
128 }
129 return supp_rates;
130}
131
132/* frame sending functions */ 83/* frame sending functions */
133 84
134/* also used by scanning code */ 85static void add_extra_ies(struct sk_buff *skb, u8 *ies, size_t ies_len)
135void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
136 u8 *ssid, size_t ssid_len)
137{ 86{
138 struct ieee80211_local *local = sdata->local; 87 if (ies)
139 struct ieee80211_supported_band *sband; 88 memcpy(skb_put(skb, ies_len), ies, ies_len);
140 struct sk_buff *skb;
141 struct ieee80211_mgmt *mgmt;
142 u8 *pos, *supp_rates, *esupp_rates = NULL;
143 int i;
144
145 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
146 if (!skb) {
147 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
148 "request\n", sdata->dev->name);
149 return;
150 }
151 skb_reserve(skb, local->hw.extra_tx_headroom);
152
153 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
154 memset(mgmt, 0, 24);
155 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
156 IEEE80211_STYPE_PROBE_REQ);
157 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
158 if (dst) {
159 memcpy(mgmt->da, dst, ETH_ALEN);
160 memcpy(mgmt->bssid, dst, ETH_ALEN);
161 } else {
162 memset(mgmt->da, 0xff, ETH_ALEN);
163 memset(mgmt->bssid, 0xff, ETH_ALEN);
164 }
165 pos = skb_put(skb, 2 + ssid_len);
166 *pos++ = WLAN_EID_SSID;
167 *pos++ = ssid_len;
168 memcpy(pos, ssid, ssid_len);
169
170 supp_rates = skb_put(skb, 2);
171 supp_rates[0] = WLAN_EID_SUPP_RATES;
172 supp_rates[1] = 0;
173 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
174
175 for (i = 0; i < sband->n_bitrates; i++) {
176 struct ieee80211_rate *rate = &sband->bitrates[i];
177 if (esupp_rates) {
178 pos = skb_put(skb, 1);
179 esupp_rates[1]++;
180 } else if (supp_rates[1] == 8) {
181 esupp_rates = skb_put(skb, 3);
182 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
183 esupp_rates[1] = 1;
184 pos = &esupp_rates[2];
185 } else {
186 pos = skb_put(skb, 1);
187 supp_rates[1]++;
188 }
189 *pos = rate->bitrate / 5;
190 }
191
192 ieee80211_tx_skb(sdata, skb, 0);
193} 89}
194 90
195static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, 91static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
196 struct ieee80211_if_sta *ifsta,
197 int transaction, u8 *extra, size_t extra_len,
198 int encrypt)
199{ 92{
93 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
200 struct ieee80211_local *local = sdata->local; 94 struct ieee80211_local *local = sdata->local;
201 struct sk_buff *skb; 95 struct sk_buff *skb;
202 struct ieee80211_mgmt *mgmt; 96 struct ieee80211_mgmt *mgmt;
203 97 u8 *pos, *ies, *ht_ie, *e_ies;
204 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
205 sizeof(*mgmt) + 6 + extra_len);
206 if (!skb) {
207 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
208 "frame\n", sdata->dev->name);
209 return;
210 }
211 skb_reserve(skb, local->hw.extra_tx_headroom);
212
213 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
214 memset(mgmt, 0, 24 + 6);
215 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
216 IEEE80211_STYPE_AUTH);
217 if (encrypt)
218 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
219 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
220 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
221 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
222 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
223 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
224 ifsta->auth_transaction = transaction + 1;
225 mgmt->u.auth.status_code = cpu_to_le16(0);
226 if (extra)
227 memcpy(skb_put(skb, extra_len), extra, extra_len);
228
229 ieee80211_tx_skb(sdata, skb, encrypt);
230}
231
232static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
233 struct ieee80211_if_sta *ifsta)
234{
235 struct ieee80211_local *local = sdata->local;
236 struct sk_buff *skb;
237 struct ieee80211_mgmt *mgmt;
238 u8 *pos, *ies, *ht_ie;
239 int i, len, count, rates_len, supp_rates_len; 98 int i, len, count, rates_len, supp_rates_len;
240 u16 capab; 99 u16 capab;
241 struct ieee80211_bss *bss; 100 struct ieee80211_bss *bss;
242 int wmm = 0; 101 int wmm = 0;
243 struct ieee80211_supported_band *sband; 102 struct ieee80211_supported_band *sband;
244 u64 rates = 0; 103 u32 rates = 0;
104 size_t e_ies_len;
105
106 if (ifmgd->flags & IEEE80211_IBSS_PREV_BSSID_SET) {
107 e_ies = sdata->u.mgd.ie_reassocreq;
108 e_ies_len = sdata->u.mgd.ie_reassocreq_len;
109 } else {
110 e_ies = sdata->u.mgd.ie_assocreq;
111 e_ies_len = sdata->u.mgd.ie_assocreq_len;
112 }
245 113
246 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 114 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
247 sizeof(*mgmt) + 200 + ifsta->extra_ie_len + 115 sizeof(*mgmt) + 200 + ifmgd->extra_ie_len +
248 ifsta->ssid_len); 116 ifmgd->ssid_len + e_ies_len);
249 if (!skb) { 117 if (!skb) {
250 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc " 118 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
251 "frame\n", sdata->dev->name); 119 "frame\n", sdata->dev->name);
@@ -255,7 +123,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
255 123
256 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 124 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
257 125
258 capab = ifsta->capab; 126 capab = ifmgd->capab;
259 127
260 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) { 128 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
261 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE)) 129 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
@@ -264,11 +132,11 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
264 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 132 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
265 } 133 }
266 134
267 bss = ieee80211_rx_bss_get(local, ifsta->bssid, 135 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
268 local->hw.conf.channel->center_freq, 136 local->hw.conf.channel->center_freq,
269 ifsta->ssid, ifsta->ssid_len); 137 ifmgd->ssid, ifmgd->ssid_len);
270 if (bss) { 138 if (bss) {
271 if (bss->capability & WLAN_CAPABILITY_PRIVACY) 139 if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
272 capab |= WLAN_CAPABILITY_PRIVACY; 140 capab |= WLAN_CAPABILITY_PRIVACY;
273 if (bss->wmm_used) 141 if (bss->wmm_used)
274 wmm = 1; 142 wmm = 1;
@@ -279,7 +147,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
279 * b-only mode) */ 147 * b-only mode) */
280 rates_len = ieee80211_compatible_rates(bss, sband, &rates); 148 rates_len = ieee80211_compatible_rates(bss, sband, &rates);
281 149
282 if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 150 if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
283 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 151 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
284 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 152 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
285 153
@@ -291,18 +159,18 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
291 159
292 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 160 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
293 memset(mgmt, 0, 24); 161 memset(mgmt, 0, 24);
294 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 162 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
295 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 163 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
296 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 164 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
297 165
298 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) { 166 if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) {
299 skb_put(skb, 10); 167 skb_put(skb, 10);
300 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 168 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
301 IEEE80211_STYPE_REASSOC_REQ); 169 IEEE80211_STYPE_REASSOC_REQ);
302 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 170 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
303 mgmt->u.reassoc_req.listen_interval = 171 mgmt->u.reassoc_req.listen_interval =
304 cpu_to_le16(local->hw.conf.listen_interval); 172 cpu_to_le16(local->hw.conf.listen_interval);
305 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid, 173 memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid,
306 ETH_ALEN); 174 ETH_ALEN);
307 } else { 175 } else {
308 skb_put(skb, 4); 176 skb_put(skb, 4);
@@ -314,10 +182,10 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
314 } 182 }
315 183
316 /* SSID */ 184 /* SSID */
317 ies = pos = skb_put(skb, 2 + ifsta->ssid_len); 185 ies = pos = skb_put(skb, 2 + ifmgd->ssid_len);
318 *pos++ = WLAN_EID_SSID; 186 *pos++ = WLAN_EID_SSID;
319 *pos++ = ifsta->ssid_len; 187 *pos++ = ifmgd->ssid_len;
320 memcpy(pos, ifsta->ssid, ifsta->ssid_len); 188 memcpy(pos, ifmgd->ssid, ifmgd->ssid_len);
321 189
322 /* add all rates which were marked to be used above */ 190 /* add all rates which were marked to be used above */
323 supp_rates_len = rates_len; 191 supp_rates_len = rates_len;
@@ -372,12 +240,12 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
372 } 240 }
373 } 241 }
374 242
375 if (ifsta->extra_ie) { 243 if (ifmgd->extra_ie) {
376 pos = skb_put(skb, ifsta->extra_ie_len); 244 pos = skb_put(skb, ifmgd->extra_ie_len);
377 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len); 245 memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len);
378 } 246 }
379 247
380 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) { 248 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) {
381 pos = skb_put(skb, 9); 249 pos = skb_put(skb, 9);
382 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 250 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
383 *pos++ = 7; /* len */ 251 *pos++ = 7; /* len */
@@ -391,10 +259,17 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
391 } 259 }
392 260
393 /* wmm support is a must to HT */ 261 /* wmm support is a must to HT */
394 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) && 262 /*
263 * IEEE802.11n does not allow TKIP/WEP as pairwise
264 * ciphers in HT mode. We still associate in non-ht
265 * mode (11a/b/g) if any one of these ciphers is
266 * configured as pairwise.
267 */
268 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
395 sband->ht_cap.ht_supported && 269 sband->ht_cap.ht_supported &&
396 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && 270 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) &&
397 ht_ie[1] >= sizeof(struct ieee80211_ht_info)) { 271 ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
272 (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) {
398 struct ieee80211_ht_info *ht_info = 273 struct ieee80211_ht_info *ht_info =
399 (struct ieee80211_ht_info *)(ht_ie + 2); 274 (struct ieee80211_ht_info *)(ht_ie + 2);
400 u16 cap = sband->ht_cap.cap; 275 u16 cap = sband->ht_cap.cap;
@@ -429,11 +304,13 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
429 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs)); 304 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
430 } 305 }
431 306
432 kfree(ifsta->assocreq_ies); 307 add_extra_ies(skb, e_ies, e_ies_len);
433 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies; 308
434 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL); 309 kfree(ifmgd->assocreq_ies);
435 if (ifsta->assocreq_ies) 310 ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies;
436 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len); 311 ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL);
312 if (ifmgd->assocreq_ies)
313 memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len);
437 314
438 ieee80211_tx_skb(sdata, skb, 0); 315 ieee80211_tx_skb(sdata, skb, 0);
439} 316}
@@ -443,11 +320,22 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
443 u16 stype, u16 reason) 320 u16 stype, u16 reason)
444{ 321{
445 struct ieee80211_local *local = sdata->local; 322 struct ieee80211_local *local = sdata->local;
446 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 323 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
447 struct sk_buff *skb; 324 struct sk_buff *skb;
448 struct ieee80211_mgmt *mgmt; 325 struct ieee80211_mgmt *mgmt;
326 u8 *ies;
327 size_t ies_len;
328
329 if (stype == IEEE80211_STYPE_DEAUTH) {
330 ies = sdata->u.mgd.ie_deauth;
331 ies_len = sdata->u.mgd.ie_deauth_len;
332 } else {
333 ies = sdata->u.mgd.ie_disassoc;
334 ies_len = sdata->u.mgd.ie_disassoc_len;
335 }
449 336
450 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt)); 337 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) +
338 ies_len);
451 if (!skb) { 339 if (!skb) {
452 printk(KERN_DEBUG "%s: failed to allocate buffer for " 340 printk(KERN_DEBUG "%s: failed to allocate buffer for "
453 "deauth/disassoc frame\n", sdata->dev->name); 341 "deauth/disassoc frame\n", sdata->dev->name);
@@ -457,40 +345,53 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
457 345
458 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 346 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
459 memset(mgmt, 0, 24); 347 memset(mgmt, 0, 24);
460 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 348 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
461 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 349 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
462 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 350 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
463 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 351 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
464 skb_put(skb, 2); 352 skb_put(skb, 2);
465 /* u.deauth.reason_code == u.disassoc.reason_code */ 353 /* u.deauth.reason_code == u.disassoc.reason_code */
466 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 354 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
467 355
468 ieee80211_tx_skb(sdata, skb, 0); 356 add_extra_ies(skb, ies, ies_len);
357
358 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
469} 359}
470 360
471/* MLME */ 361void ieee80211_send_pspoll(struct ieee80211_local *local,
472static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata, 362 struct ieee80211_sub_if_data *sdata)
473 struct ieee80211_bss *bss)
474{ 363{
475 struct ieee80211_local *local = sdata->local; 364 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
476 int i, have_higher_than_11mbit = 0; 365 struct ieee80211_pspoll *pspoll;
366 struct sk_buff *skb;
367 u16 fc;
477 368
478 /* cf. IEEE 802.11 9.2.12 */ 369 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*pspoll));
479 for (i = 0; i < bss->supp_rates_len; i++) 370 if (!skb) {
480 if ((bss->supp_rates[i] & 0x7f) * 5 > 110) 371 printk(KERN_DEBUG "%s: failed to allocate buffer for "
481 have_higher_than_11mbit = 1; 372 "pspoll frame\n", sdata->dev->name);
373 return;
374 }
375 skb_reserve(skb, local->hw.extra_tx_headroom);
482 376
483 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ && 377 pspoll = (struct ieee80211_pspoll *) skb_put(skb, sizeof(*pspoll));
484 have_higher_than_11mbit) 378 memset(pspoll, 0, sizeof(*pspoll));
485 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 379 fc = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_PSPOLL | IEEE80211_FCTL_PM;
486 else 380 pspoll->frame_control = cpu_to_le16(fc);
487 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 381 pspoll->aid = cpu_to_le16(ifmgd->aid);
488 382
489 ieee80211_set_wmm_default(sdata); 383 /* aid in PS-Poll has its two MSBs each set to 1 */
384 pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14);
385
386 memcpy(pspoll->bssid, ifmgd->bssid, ETH_ALEN);
387 memcpy(pspoll->ta, sdata->dev->dev_addr, ETH_ALEN);
388
389 ieee80211_tx_skb(sdata, skb, 0);
490} 390}
491 391
392/* MLME */
492static void ieee80211_sta_wmm_params(struct ieee80211_local *local, 393static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
493 struct ieee80211_if_sta *ifsta, 394 struct ieee80211_if_managed *ifmgd,
494 u8 *wmm_param, size_t wmm_param_len) 395 u8 *wmm_param, size_t wmm_param_len)
495{ 396{
496 struct ieee80211_tx_queue_params params; 397 struct ieee80211_tx_queue_params params;
@@ -498,7 +399,7 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
498 int count; 399 int count;
499 u8 *pos; 400 u8 *pos;
500 401
501 if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED)) 402 if (!(ifmgd->flags & IEEE80211_STA_WMM_ENABLED))
502 return; 403 return;
503 404
504 if (!wmm_param) 405 if (!wmm_param)
@@ -507,18 +408,15 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
507 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 408 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
508 return; 409 return;
509 count = wmm_param[6] & 0x0f; 410 count = wmm_param[6] & 0x0f;
510 if (count == ifsta->wmm_last_param_set) 411 if (count == ifmgd->wmm_last_param_set)
511 return; 412 return;
512 ifsta->wmm_last_param_set = count; 413 ifmgd->wmm_last_param_set = count;
513 414
514 pos = wmm_param + 8; 415 pos = wmm_param + 8;
515 left = wmm_param_len - 8; 416 left = wmm_param_len - 8;
516 417
517 memset(&params, 0, sizeof(params)); 418 memset(&params, 0, sizeof(params));
518 419
519 if (!local->ops->conf_tx)
520 return;
521
522 local->wmm_acm = 0; 420 local->wmm_acm = 0;
523 for (; left >= 4; left -= 4, pos += 4) { 421 for (; left >= 4; left -= 4, pos += 4) {
524 int aci = (pos[0] >> 5) & 0x03; 422 int aci = (pos[0] >> 5) & 0x03;
@@ -526,26 +424,26 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
526 int queue; 424 int queue;
527 425
528 switch (aci) { 426 switch (aci) {
529 case 1: 427 case 1: /* AC_BK */
530 queue = 3; 428 queue = 3;
531 if (acm) 429 if (acm)
532 local->wmm_acm |= BIT(0) | BIT(3); 430 local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */
533 break; 431 break;
534 case 2: 432 case 2: /* AC_VI */
535 queue = 1; 433 queue = 1;
536 if (acm) 434 if (acm)
537 local->wmm_acm |= BIT(4) | BIT(5); 435 local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */
538 break; 436 break;
539 case 3: 437 case 3: /* AC_VO */
540 queue = 0; 438 queue = 0;
541 if (acm) 439 if (acm)
542 local->wmm_acm |= BIT(6) | BIT(7); 440 local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */
543 break; 441 break;
544 case 0: 442 case 0: /* AC_BE */
545 default: 443 default:
546 queue = 2; 444 queue = 2;
547 if (acm) 445 if (acm)
548 local->wmm_acm |= BIT(1) | BIT(2); 446 local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */
549 break; 447 break;
550 } 448 }
551 449
@@ -559,21 +457,41 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
559 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min, 457 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
560 params.cw_max, params.txop); 458 params.cw_max, params.txop);
561#endif 459#endif
562 /* TODO: handle ACM (block TX, fallback to next lowest allowed 460 if (local->ops->conf_tx &&
563 * AC for now) */ 461 local->ops->conf_tx(local_to_hw(local), queue, &params)) {
564 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
565 printk(KERN_DEBUG "%s: failed to set TX queue " 462 printk(KERN_DEBUG "%s: failed to set TX queue "
566 "parameters for queue %d\n", local->mdev->name, queue); 463 "parameters for queue %d\n", local->mdev->name, queue);
567 } 464 }
568 } 465 }
569} 466}
570 467
468static bool ieee80211_check_tim(struct ieee802_11_elems *elems, u16 aid)
469{
470 u8 mask;
471 u8 index, indexn1, indexn2;
472 struct ieee80211_tim_ie *tim = (struct ieee80211_tim_ie *) elems->tim;
473
474 aid &= 0x3fff;
475 index = aid / 8;
476 mask = 1 << (aid & 7);
477
478 indexn1 = tim->bitmap_ctrl & 0xfe;
479 indexn2 = elems->tim_len + indexn1 - 4;
480
481 if (index < indexn1 || index > indexn2)
482 return false;
483
484 index -= indexn1;
485
486 return !!(tim->virtual_map[index] & mask);
487}
488
571static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 489static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
572 u16 capab, bool erp_valid, u8 erp) 490 u16 capab, bool erp_valid, u8 erp)
573{ 491{
574 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 492 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
575#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 493#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
576 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 494 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
577#endif 495#endif
578 u32 changed = 0; 496 u32 changed = 0;
579 bool use_protection; 497 bool use_protection;
@@ -596,7 +514,7 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
596 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n", 514 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
597 sdata->dev->name, 515 sdata->dev->name,
598 use_protection ? "enabled" : "disabled", 516 use_protection ? "enabled" : "disabled",
599 ifsta->bssid); 517 ifmgd->bssid);
600 } 518 }
601#endif 519#endif
602 bss_conf->use_cts_prot = use_protection; 520 bss_conf->use_cts_prot = use_protection;
@@ -610,7 +528,7 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
610 " (BSSID=%pM)\n", 528 " (BSSID=%pM)\n",
611 sdata->dev->name, 529 sdata->dev->name,
612 use_short_preamble ? "short" : "long", 530 use_short_preamble ? "short" : "long",
613 ifsta->bssid); 531 ifmgd->bssid);
614 } 532 }
615#endif 533#endif
616 bss_conf->use_short_preamble = use_short_preamble; 534 bss_conf->use_short_preamble = use_short_preamble;
@@ -624,7 +542,7 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
624 " (BSSID=%pM)\n", 542 " (BSSID=%pM)\n",
625 sdata->dev->name, 543 sdata->dev->name,
626 use_short_slot ? "short" : "long", 544 use_short_slot ? "short" : "long",
627 ifsta->bssid); 545 ifmgd->bssid);
628 } 546 }
629#endif 547#endif
630 bss_conf->use_short_slot = use_short_slot; 548 bss_conf->use_short_slot = use_short_slot;
@@ -634,57 +552,57 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
634 return changed; 552 return changed;
635} 553}
636 554
637static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata, 555static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata)
638 struct ieee80211_if_sta *ifsta)
639{ 556{
640 union iwreq_data wrqu; 557 union iwreq_data wrqu;
558
641 memset(&wrqu, 0, sizeof(wrqu)); 559 memset(&wrqu, 0, sizeof(wrqu));
642 if (ifsta->flags & IEEE80211_STA_ASSOCIATED) 560 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)
643 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN); 561 memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN);
644 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 562 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
645 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL); 563 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
646} 564}
647 565
648static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata, 566static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata)
649 struct ieee80211_if_sta *ifsta)
650{ 567{
568 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
651 char *buf; 569 char *buf;
652 size_t len; 570 size_t len;
653 int i; 571 int i;
654 union iwreq_data wrqu; 572 union iwreq_data wrqu;
655 573
656 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies) 574 if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies)
657 return; 575 return;
658 576
659 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len + 577 buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len +
660 ifsta->assocresp_ies_len), GFP_KERNEL); 578 ifmgd->assocresp_ies_len), GFP_KERNEL);
661 if (!buf) 579 if (!buf)
662 return; 580 return;
663 581
664 len = sprintf(buf, "ASSOCINFO("); 582 len = sprintf(buf, "ASSOCINFO(");
665 if (ifsta->assocreq_ies) { 583 if (ifmgd->assocreq_ies) {
666 len += sprintf(buf + len, "ReqIEs="); 584 len += sprintf(buf + len, "ReqIEs=");
667 for (i = 0; i < ifsta->assocreq_ies_len; i++) { 585 for (i = 0; i < ifmgd->assocreq_ies_len; i++) {
668 len += sprintf(buf + len, "%02x", 586 len += sprintf(buf + len, "%02x",
669 ifsta->assocreq_ies[i]); 587 ifmgd->assocreq_ies[i]);
670 } 588 }
671 } 589 }
672 if (ifsta->assocresp_ies) { 590 if (ifmgd->assocresp_ies) {
673 if (ifsta->assocreq_ies) 591 if (ifmgd->assocreq_ies)
674 len += sprintf(buf + len, " "); 592 len += sprintf(buf + len, " ");
675 len += sprintf(buf + len, "RespIEs="); 593 len += sprintf(buf + len, "RespIEs=");
676 for (i = 0; i < ifsta->assocresp_ies_len; i++) { 594 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
677 len += sprintf(buf + len, "%02x", 595 len += sprintf(buf + len, "%02x",
678 ifsta->assocresp_ies[i]); 596 ifmgd->assocresp_ies[i]);
679 } 597 }
680 } 598 }
681 len += sprintf(buf + len, ")"); 599 len += sprintf(buf + len, ")");
682 600
683 if (len > IW_CUSTOM_MAX) { 601 if (len > IW_CUSTOM_MAX) {
684 len = sprintf(buf, "ASSOCRESPIE="); 602 len = sprintf(buf, "ASSOCRESPIE=");
685 for (i = 0; i < ifsta->assocresp_ies_len; i++) { 603 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
686 len += sprintf(buf + len, "%02x", 604 len += sprintf(buf + len, "%02x",
687 ifsta->assocresp_ies[i]); 605 ifmgd->assocresp_ies[i]);
688 } 606 }
689 } 607 }
690 608
@@ -699,40 +617,37 @@ static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
699 617
700 618
701static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 619static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
702 struct ieee80211_if_sta *ifsta,
703 u32 bss_info_changed) 620 u32 bss_info_changed)
704{ 621{
622 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
705 struct ieee80211_local *local = sdata->local; 623 struct ieee80211_local *local = sdata->local;
706 struct ieee80211_conf *conf = &local_to_hw(local)->conf; 624 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
707 625
708 struct ieee80211_bss *bss; 626 struct ieee80211_bss *bss;
709 627
710 bss_info_changed |= BSS_CHANGED_ASSOC; 628 bss_info_changed |= BSS_CHANGED_ASSOC;
711 ifsta->flags |= IEEE80211_STA_ASSOCIATED; 629 ifmgd->flags |= IEEE80211_STA_ASSOCIATED;
712 630
713 if (sdata->vif.type != NL80211_IFTYPE_STATION) 631 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
714 return;
715
716 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
717 conf->channel->center_freq, 632 conf->channel->center_freq,
718 ifsta->ssid, ifsta->ssid_len); 633 ifmgd->ssid, ifmgd->ssid_len);
719 if (bss) { 634 if (bss) {
720 /* set timing information */ 635 /* set timing information */
721 sdata->vif.bss_conf.beacon_int = bss->beacon_int; 636 sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
722 sdata->vif.bss_conf.timestamp = bss->timestamp; 637 sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
723 sdata->vif.bss_conf.dtim_period = bss->dtim_period; 638 sdata->vif.bss_conf.dtim_period = bss->dtim_period;
724 639
725 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 640 bss_info_changed |= ieee80211_handle_bss_capability(sdata,
726 bss->capability, bss->has_erp_value, bss->erp_value); 641 bss->cbss.capability, bss->has_erp_value, bss->erp_value);
727 642
728 ieee80211_rx_bss_put(local, bss); 643 ieee80211_rx_bss_put(local, bss);
729 } 644 }
730 645
731 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET; 646 ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET;
732 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN); 647 memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN);
733 ieee80211_sta_send_associnfo(sdata, ifsta); 648 ieee80211_sta_send_associnfo(sdata);
734 649
735 ifsta->last_probe = jiffies; 650 ifmgd->last_probe = jiffies;
736 ieee80211_led_assoc(local, 1); 651 ieee80211_led_assoc(local, 1);
737 652
738 sdata->vif.bss_conf.assoc = 1; 653 sdata->vif.bss_conf.assoc = 1;
@@ -745,72 +660,90 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
745 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 660 ieee80211_bss_info_change_notify(sdata, bss_info_changed);
746 661
747 if (local->powersave) { 662 if (local->powersave) {
748 if (local->dynamic_ps_timeout > 0) 663 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS) &&
664 local->hw.conf.dynamic_ps_timeout > 0) {
749 mod_timer(&local->dynamic_ps_timer, jiffies + 665 mod_timer(&local->dynamic_ps_timer, jiffies +
750 msecs_to_jiffies(local->dynamic_ps_timeout)); 666 msecs_to_jiffies(
751 else { 667 local->hw.conf.dynamic_ps_timeout));
668 } else {
669 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
670 ieee80211_send_nullfunc(local, sdata, 1);
752 conf->flags |= IEEE80211_CONF_PS; 671 conf->flags |= IEEE80211_CONF_PS;
753 ieee80211_hw_config(local, 672 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
754 IEEE80211_CONF_CHANGE_PS);
755 } 673 }
756 } 674 }
757 675
758 netif_tx_start_all_queues(sdata->dev); 676 netif_tx_start_all_queues(sdata->dev);
759 netif_carrier_on(sdata->dev); 677 netif_carrier_on(sdata->dev);
760 678
761 ieee80211_sta_send_apinfo(sdata, ifsta); 679 ieee80211_sta_send_apinfo(sdata);
762} 680}
763 681
764static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata, 682static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata)
765 struct ieee80211_if_sta *ifsta)
766{ 683{
767 ifsta->direct_probe_tries++; 684 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
768 if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) { 685
686 ifmgd->direct_probe_tries++;
687 if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
769 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n", 688 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
770 sdata->dev->name, ifsta->bssid); 689 sdata->dev->name, ifmgd->bssid);
771 ifsta->state = IEEE80211_STA_MLME_DISABLED; 690 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
772 ieee80211_sta_send_apinfo(sdata, ifsta); 691 ieee80211_sta_send_apinfo(sdata);
692
693 /*
694 * Most likely AP is not in the range so remove the
695 * bss information associated to the AP
696 */
697 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
698 sdata->local->hw.conf.channel->center_freq,
699 ifmgd->ssid, ifmgd->ssid_len);
773 return; 700 return;
774 } 701 }
775 702
776 printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n", 703 printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n",
777 sdata->dev->name, ifsta->bssid, 704 sdata->dev->name, ifmgd->bssid,
778 ifsta->direct_probe_tries); 705 ifmgd->direct_probe_tries);
779 706
780 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE; 707 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
781 708
782 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request); 709 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifmgd->request);
783 710
784 /* Direct probe is sent to broadcast address as some APs 711 /* Direct probe is sent to broadcast address as some APs
785 * will not answer to direct packet in unassociated state. 712 * will not answer to direct packet in unassociated state.
786 */ 713 */
787 ieee80211_send_probe_req(sdata, NULL, 714 ieee80211_send_probe_req(sdata, NULL,
788 ifsta->ssid, ifsta->ssid_len); 715 ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
789 716
790 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 717 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
791} 718}
792 719
793 720
794static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata, 721static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata)
795 struct ieee80211_if_sta *ifsta)
796{ 722{
797 ifsta->auth_tries++; 723 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
798 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) { 724
725 ifmgd->auth_tries++;
726 if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
799 printk(KERN_DEBUG "%s: authentication with AP %pM" 727 printk(KERN_DEBUG "%s: authentication with AP %pM"
800 " timed out\n", 728 " timed out\n",
801 sdata->dev->name, ifsta->bssid); 729 sdata->dev->name, ifmgd->bssid);
802 ifsta->state = IEEE80211_STA_MLME_DISABLED; 730 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
803 ieee80211_sta_send_apinfo(sdata, ifsta); 731 ieee80211_sta_send_apinfo(sdata);
732 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
733 sdata->local->hw.conf.channel->center_freq,
734 ifmgd->ssid, ifmgd->ssid_len);
804 return; 735 return;
805 } 736 }
806 737
807 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE; 738 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
808 printk(KERN_DEBUG "%s: authenticate with AP %pM\n", 739 printk(KERN_DEBUG "%s: authenticate with AP %pM\n",
809 sdata->dev->name, ifsta->bssid); 740 sdata->dev->name, ifmgd->bssid);
810 741
811 ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0); 742 ieee80211_send_auth(sdata, 1, ifmgd->auth_alg, NULL, 0,
743 ifmgd->bssid, 0);
744 ifmgd->auth_transaction = 2;
812 745
813 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 746 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
814} 747}
815 748
816/* 749/*
@@ -818,32 +751,33 @@ static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
818 * if self disconnected or a reason code from the AP. 751 * if self disconnected or a reason code from the AP.
819 */ 752 */
820static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 753static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
821 struct ieee80211_if_sta *ifsta, bool deauth, 754 bool deauth, bool self_disconnected,
822 bool self_disconnected, u16 reason) 755 u16 reason)
823{ 756{
757 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
824 struct ieee80211_local *local = sdata->local; 758 struct ieee80211_local *local = sdata->local;
825 struct sta_info *sta; 759 struct sta_info *sta;
826 u32 changed = 0, config_changed = 0; 760 u32 changed = 0, config_changed = 0;
827 761
828 rcu_read_lock(); 762 rcu_read_lock();
829 763
830 sta = sta_info_get(local, ifsta->bssid); 764 sta = sta_info_get(local, ifmgd->bssid);
831 if (!sta) { 765 if (!sta) {
832 rcu_read_unlock(); 766 rcu_read_unlock();
833 return; 767 return;
834 } 768 }
835 769
836 if (deauth) { 770 if (deauth) {
837 ifsta->direct_probe_tries = 0; 771 ifmgd->direct_probe_tries = 0;
838 ifsta->auth_tries = 0; 772 ifmgd->auth_tries = 0;
839 } 773 }
840 ifsta->assoc_scan_tries = 0; 774 ifmgd->assoc_scan_tries = 0;
841 ifsta->assoc_tries = 0; 775 ifmgd->assoc_tries = 0;
842 776
843 netif_tx_stop_all_queues(sdata->dev); 777 netif_tx_stop_all_queues(sdata->dev);
844 netif_carrier_off(sdata->dev); 778 netif_carrier_off(sdata->dev);
845 779
846 ieee80211_sta_tear_down_BA_sessions(sdata, sta->sta.addr); 780 ieee80211_sta_tear_down_BA_sessions(sta);
847 781
848 if (self_disconnected) { 782 if (self_disconnected) {
849 if (deauth) 783 if (deauth)
@@ -854,23 +788,28 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
854 IEEE80211_STYPE_DISASSOC, reason); 788 IEEE80211_STYPE_DISASSOC, reason);
855 } 789 }
856 790
857 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED; 791 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
858 changed |= ieee80211_reset_erp_info(sdata); 792 changed |= ieee80211_reset_erp_info(sdata);
859 793
860 ieee80211_led_assoc(local, 0); 794 ieee80211_led_assoc(local, 0);
861 changed |= BSS_CHANGED_ASSOC; 795 changed |= BSS_CHANGED_ASSOC;
862 sdata->vif.bss_conf.assoc = false; 796 sdata->vif.bss_conf.assoc = false;
863 797
864 ieee80211_sta_send_apinfo(sdata, ifsta); 798 ieee80211_sta_send_apinfo(sdata);
865 799
866 if (self_disconnected || reason == WLAN_REASON_DISASSOC_STA_HAS_LEFT) 800 if (self_disconnected || reason == WLAN_REASON_DISASSOC_STA_HAS_LEFT) {
867 ifsta->state = IEEE80211_STA_MLME_DISABLED; 801 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
802 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
803 sdata->local->hw.conf.channel->center_freq,
804 ifmgd->ssid, ifmgd->ssid_len);
805 }
868 806
869 rcu_read_unlock(); 807 rcu_read_unlock();
870 808
871 local->hw.conf.ht.enabled = false; 809 /* channel(_type) changes are handled by ieee80211_hw_config */
872 local->oper_channel_type = NL80211_CHAN_NO_HT; 810 local->oper_channel_type = NL80211_CHAN_NO_HT;
873 config_changed |= IEEE80211_CONF_CHANGE_HT; 811
812 local->power_constr_level = 0;
874 813
875 del_timer_sync(&local->dynamic_ps_timer); 814 del_timer_sync(&local->dynamic_ps_timer);
876 cancel_work_sync(&local->dynamic_ps_enable_work); 815 cancel_work_sync(&local->dynamic_ps_enable_work);
@@ -885,7 +824,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
885 824
886 rcu_read_lock(); 825 rcu_read_lock();
887 826
888 sta = sta_info_get(local, ifsta->bssid); 827 sta = sta_info_get(local, ifmgd->bssid);
889 if (!sta) { 828 if (!sta) {
890 rcu_read_unlock(); 829 rcu_read_unlock();
891 return; 830 return;
@@ -906,27 +845,27 @@ static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
906 return 1; 845 return 1;
907} 846}
908 847
909static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata, 848static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata)
910 struct ieee80211_if_sta *ifsta)
911{ 849{
850 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
912 struct ieee80211_local *local = sdata->local; 851 struct ieee80211_local *local = sdata->local;
913 struct ieee80211_bss *bss; 852 struct ieee80211_bss *bss;
914 int bss_privacy; 853 int bss_privacy;
915 int wep_privacy; 854 int wep_privacy;
916 int privacy_invoked; 855 int privacy_invoked;
917 856
918 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL)) 857 if (!ifmgd || (ifmgd->flags & IEEE80211_STA_MIXED_CELL))
919 return 0; 858 return 0;
920 859
921 bss = ieee80211_rx_bss_get(local, ifsta->bssid, 860 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
922 local->hw.conf.channel->center_freq, 861 local->hw.conf.channel->center_freq,
923 ifsta->ssid, ifsta->ssid_len); 862 ifmgd->ssid, ifmgd->ssid_len);
924 if (!bss) 863 if (!bss)
925 return 0; 864 return 0;
926 865
927 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY); 866 bss_privacy = !!(bss->cbss.capability & WLAN_CAPABILITY_PRIVACY);
928 wep_privacy = !!ieee80211_sta_wep_configured(sdata); 867 wep_privacy = !!ieee80211_sta_wep_configured(sdata);
929 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED); 868 privacy_invoked = !!(ifmgd->flags & IEEE80211_STA_PRIVACY_INVOKED);
930 869
931 ieee80211_rx_bss_put(local, bss); 870 ieee80211_rx_bss_put(local, bss);
932 871
@@ -936,38 +875,42 @@ static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
936 return 1; 875 return 1;
937} 876}
938 877
939static void ieee80211_associate(struct ieee80211_sub_if_data *sdata, 878static void ieee80211_associate(struct ieee80211_sub_if_data *sdata)
940 struct ieee80211_if_sta *ifsta)
941{ 879{
942 ifsta->assoc_tries++; 880 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
943 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) { 881
882 ifmgd->assoc_tries++;
883 if (ifmgd->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
944 printk(KERN_DEBUG "%s: association with AP %pM" 884 printk(KERN_DEBUG "%s: association with AP %pM"
945 " timed out\n", 885 " timed out\n",
946 sdata->dev->name, ifsta->bssid); 886 sdata->dev->name, ifmgd->bssid);
947 ifsta->state = IEEE80211_STA_MLME_DISABLED; 887 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
948 ieee80211_sta_send_apinfo(sdata, ifsta); 888 ieee80211_sta_send_apinfo(sdata);
889 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
890 sdata->local->hw.conf.channel->center_freq,
891 ifmgd->ssid, ifmgd->ssid_len);
949 return; 892 return;
950 } 893 }
951 894
952 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE; 895 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE;
953 printk(KERN_DEBUG "%s: associate with AP %pM\n", 896 printk(KERN_DEBUG "%s: associate with AP %pM\n",
954 sdata->dev->name, ifsta->bssid); 897 sdata->dev->name, ifmgd->bssid);
955 if (ieee80211_privacy_mismatch(sdata, ifsta)) { 898 if (ieee80211_privacy_mismatch(sdata)) {
956 printk(KERN_DEBUG "%s: mismatch in privacy configuration and " 899 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
957 "mixed-cell disabled - abort association\n", sdata->dev->name); 900 "mixed-cell disabled - abort association\n", sdata->dev->name);
958 ifsta->state = IEEE80211_STA_MLME_DISABLED; 901 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
959 return; 902 return;
960 } 903 }
961 904
962 ieee80211_send_assoc(sdata, ifsta); 905 ieee80211_send_assoc(sdata);
963 906
964 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT); 907 mod_timer(&ifmgd->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
965} 908}
966 909
967 910
968static void ieee80211_associated(struct ieee80211_sub_if_data *sdata, 911static void ieee80211_associated(struct ieee80211_sub_if_data *sdata)
969 struct ieee80211_if_sta *ifsta)
970{ 912{
913 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
971 struct ieee80211_local *local = sdata->local; 914 struct ieee80211_local *local = sdata->local;
972 struct sta_info *sta; 915 struct sta_info *sta;
973 int disassoc; 916 int disassoc;
@@ -977,38 +920,40 @@ static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
977 * for better APs. */ 920 * for better APs. */
978 /* TODO: remove expired BSSes */ 921 /* TODO: remove expired BSSes */
979 922
980 ifsta->state = IEEE80211_STA_MLME_ASSOCIATED; 923 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATED;
981 924
982 rcu_read_lock(); 925 rcu_read_lock();
983 926
984 sta = sta_info_get(local, ifsta->bssid); 927 sta = sta_info_get(local, ifmgd->bssid);
985 if (!sta) { 928 if (!sta) {
986 printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n", 929 printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n",
987 sdata->dev->name, ifsta->bssid); 930 sdata->dev->name, ifmgd->bssid);
988 disassoc = 1; 931 disassoc = 1;
989 } else { 932 } else {
990 disassoc = 0; 933 disassoc = 0;
991 if (time_after(jiffies, 934 if (time_after(jiffies,
992 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) { 935 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
993 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) { 936 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) {
994 printk(KERN_DEBUG "%s: No ProbeResp from " 937 printk(KERN_DEBUG "%s: No ProbeResp from "
995 "current AP %pM - assume out of " 938 "current AP %pM - assume out of "
996 "range\n", 939 "range\n",
997 sdata->dev->name, ifsta->bssid); 940 sdata->dev->name, ifmgd->bssid);
998 disassoc = 1; 941 disassoc = 1;
999 } else 942 } else
1000 ieee80211_send_probe_req(sdata, ifsta->bssid, 943 ieee80211_send_probe_req(sdata, ifmgd->bssid,
1001 ifsta->ssid, 944 ifmgd->ssid,
1002 ifsta->ssid_len); 945 ifmgd->ssid_len,
1003 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL; 946 NULL, 0);
947 ifmgd->flags ^= IEEE80211_STA_PROBEREQ_POLL;
1004 } else { 948 } else {
1005 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 949 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1006 if (time_after(jiffies, ifsta->last_probe + 950 if (time_after(jiffies, ifmgd->last_probe +
1007 IEEE80211_PROBE_INTERVAL)) { 951 IEEE80211_PROBE_INTERVAL)) {
1008 ifsta->last_probe = jiffies; 952 ifmgd->last_probe = jiffies;
1009 ieee80211_send_probe_req(sdata, ifsta->bssid, 953 ieee80211_send_probe_req(sdata, ifmgd->bssid,
1010 ifsta->ssid, 954 ifmgd->ssid,
1011 ifsta->ssid_len); 955 ifmgd->ssid_len,
956 NULL, 0);
1012 } 957 }
1013 } 958 }
1014 } 959 }
@@ -1016,25 +961,25 @@ static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
1016 rcu_read_unlock(); 961 rcu_read_unlock();
1017 962
1018 if (disassoc) 963 if (disassoc)
1019 ieee80211_set_disassoc(sdata, ifsta, true, true, 964 ieee80211_set_disassoc(sdata, true, true,
1020 WLAN_REASON_PREV_AUTH_NOT_VALID); 965 WLAN_REASON_PREV_AUTH_NOT_VALID);
1021 else 966 else
1022 mod_timer(&ifsta->timer, jiffies + 967 mod_timer(&ifmgd->timer, jiffies +
1023 IEEE80211_MONITORING_INTERVAL); 968 IEEE80211_MONITORING_INTERVAL);
1024} 969}
1025 970
1026 971
1027static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata, 972static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata)
1028 struct ieee80211_if_sta *ifsta)
1029{ 973{
974 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
975
1030 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name); 976 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1031 ifsta->flags |= IEEE80211_STA_AUTHENTICATED; 977 ifmgd->flags |= IEEE80211_STA_AUTHENTICATED;
1032 ieee80211_associate(sdata, ifsta); 978 ieee80211_associate(sdata);
1033} 979}
1034 980
1035 981
1036static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 982static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1037 struct ieee80211_if_sta *ifsta,
1038 struct ieee80211_mgmt *mgmt, 983 struct ieee80211_mgmt *mgmt,
1039 size_t len) 984 size_t len)
1040{ 985{
@@ -1045,50 +990,37 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1045 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 990 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1046 if (!elems.challenge) 991 if (!elems.challenge)
1047 return; 992 return;
1048 ieee80211_send_auth(sdata, ifsta, 3, elems.challenge - 2, 993 ieee80211_send_auth(sdata, 3, sdata->u.mgd.auth_alg,
1049 elems.challenge_len + 2, 1); 994 elems.challenge - 2, elems.challenge_len + 2,
995 sdata->u.mgd.bssid, 1);
996 sdata->u.mgd.auth_transaction = 4;
1050} 997}
1051 998
1052static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 999static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1053 struct ieee80211_if_sta *ifsta,
1054 struct ieee80211_mgmt *mgmt, 1000 struct ieee80211_mgmt *mgmt,
1055 size_t len) 1001 size_t len)
1056{ 1002{
1003 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1057 u16 auth_alg, auth_transaction, status_code; 1004 u16 auth_alg, auth_transaction, status_code;
1058 1005
1059 if (ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE && 1006 if (ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE)
1060 sdata->vif.type != NL80211_IFTYPE_ADHOC)
1061 return; 1007 return;
1062 1008
1063 if (len < 24 + 6) 1009 if (len < 24 + 6)
1064 return; 1010 return;
1065 1011
1066 if (sdata->vif.type != NL80211_IFTYPE_ADHOC && 1012 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0)
1067 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
1068 return; 1013 return;
1069 1014
1070 if (sdata->vif.type != NL80211_IFTYPE_ADHOC && 1015 if (memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0)
1071 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1072 return; 1016 return;
1073 1017
1074 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1018 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1075 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1019 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1076 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1020 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1077 1021
1078 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 1022 if (auth_alg != ifmgd->auth_alg ||
1079 /* 1023 auth_transaction != ifmgd->auth_transaction)
1080 * IEEE 802.11 standard does not require authentication in IBSS
1081 * networks and most implementations do not seem to use it.
1082 * However, try to reply to authentication attempts if someone
1083 * has actually implemented this.
1084 */
1085 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
1086 return;
1087 ieee80211_send_auth(sdata, ifsta, 2, NULL, 0, 0);
1088 }
1089
1090 if (auth_alg != ifsta->auth_alg ||
1091 auth_transaction != ifsta->auth_transaction)
1092 return; 1024 return;
1093 1025
1094 if (status_code != WLAN_STATUS_SUCCESS) { 1026 if (status_code != WLAN_STATUS_SUCCESS) {
@@ -1097,15 +1029,15 @@ static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1097 const int num_algs = ARRAY_SIZE(algs); 1029 const int num_algs = ARRAY_SIZE(algs);
1098 int i, pos; 1030 int i, pos;
1099 algs[0] = algs[1] = algs[2] = 0xff; 1031 algs[0] = algs[1] = algs[2] = 0xff;
1100 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN) 1032 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1101 algs[0] = WLAN_AUTH_OPEN; 1033 algs[0] = WLAN_AUTH_OPEN;
1102 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 1034 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1103 algs[1] = WLAN_AUTH_SHARED_KEY; 1035 algs[1] = WLAN_AUTH_SHARED_KEY;
1104 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP) 1036 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1105 algs[2] = WLAN_AUTH_LEAP; 1037 algs[2] = WLAN_AUTH_LEAP;
1106 if (ifsta->auth_alg == WLAN_AUTH_OPEN) 1038 if (ifmgd->auth_alg == WLAN_AUTH_OPEN)
1107 pos = 0; 1039 pos = 0;
1108 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY) 1040 else if (ifmgd->auth_alg == WLAN_AUTH_SHARED_KEY)
1109 pos = 1; 1041 pos = 1;
1110 else 1042 else
1111 pos = 2; 1043 pos = 2;
@@ -1113,105 +1045,105 @@ static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1113 pos++; 1045 pos++;
1114 if (pos >= num_algs) 1046 if (pos >= num_algs)
1115 pos = 0; 1047 pos = 0;
1116 if (algs[pos] == ifsta->auth_alg || 1048 if (algs[pos] == ifmgd->auth_alg ||
1117 algs[pos] == 0xff) 1049 algs[pos] == 0xff)
1118 continue; 1050 continue;
1119 if (algs[pos] == WLAN_AUTH_SHARED_KEY && 1051 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1120 !ieee80211_sta_wep_configured(sdata)) 1052 !ieee80211_sta_wep_configured(sdata))
1121 continue; 1053 continue;
1122 ifsta->auth_alg = algs[pos]; 1054 ifmgd->auth_alg = algs[pos];
1123 break; 1055 break;
1124 } 1056 }
1125 } 1057 }
1126 return; 1058 return;
1127 } 1059 }
1128 1060
1129 switch (ifsta->auth_alg) { 1061 switch (ifmgd->auth_alg) {
1130 case WLAN_AUTH_OPEN: 1062 case WLAN_AUTH_OPEN:
1131 case WLAN_AUTH_LEAP: 1063 case WLAN_AUTH_LEAP:
1132 ieee80211_auth_completed(sdata, ifsta); 1064 ieee80211_auth_completed(sdata);
1133 break; 1065 break;
1134 case WLAN_AUTH_SHARED_KEY: 1066 case WLAN_AUTH_SHARED_KEY:
1135 if (ifsta->auth_transaction == 4) 1067 if (ifmgd->auth_transaction == 4)
1136 ieee80211_auth_completed(sdata, ifsta); 1068 ieee80211_auth_completed(sdata);
1137 else 1069 else
1138 ieee80211_auth_challenge(sdata, ifsta, mgmt, len); 1070 ieee80211_auth_challenge(sdata, mgmt, len);
1139 break; 1071 break;
1140 } 1072 }
1141} 1073}
1142 1074
1143 1075
1144static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1076static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
1145 struct ieee80211_if_sta *ifsta,
1146 struct ieee80211_mgmt *mgmt, 1077 struct ieee80211_mgmt *mgmt,
1147 size_t len) 1078 size_t len)
1148{ 1079{
1080 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1149 u16 reason_code; 1081 u16 reason_code;
1150 1082
1151 if (len < 24 + 2) 1083 if (len < 24 + 2)
1152 return; 1084 return;
1153 1085
1154 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN)) 1086 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN))
1155 return; 1087 return;
1156 1088
1157 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1089 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1158 1090
1159 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED) 1091 if (ifmgd->flags & IEEE80211_STA_AUTHENTICATED)
1160 printk(KERN_DEBUG "%s: deauthenticated (Reason: %u)\n", 1092 printk(KERN_DEBUG "%s: deauthenticated (Reason: %u)\n",
1161 sdata->dev->name, reason_code); 1093 sdata->dev->name, reason_code);
1162 1094
1163 if (ifsta->state == IEEE80211_STA_MLME_AUTHENTICATE || 1095 if (ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE ||
1164 ifsta->state == IEEE80211_STA_MLME_ASSOCIATE || 1096 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE ||
1165 ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) { 1097 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED) {
1166 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1098 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1167 mod_timer(&ifsta->timer, jiffies + 1099 mod_timer(&ifmgd->timer, jiffies +
1168 IEEE80211_RETRY_AUTH_INTERVAL); 1100 IEEE80211_RETRY_AUTH_INTERVAL);
1169 } 1101 }
1170 1102
1171 ieee80211_set_disassoc(sdata, ifsta, true, false, 0); 1103 ieee80211_set_disassoc(sdata, true, false, 0);
1172 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED; 1104 ifmgd->flags &= ~IEEE80211_STA_AUTHENTICATED;
1173} 1105}
1174 1106
1175 1107
1176static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1108static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
1177 struct ieee80211_if_sta *ifsta,
1178 struct ieee80211_mgmt *mgmt, 1109 struct ieee80211_mgmt *mgmt,
1179 size_t len) 1110 size_t len)
1180{ 1111{
1112 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1181 u16 reason_code; 1113 u16 reason_code;
1182 1114
1183 if (len < 24 + 2) 1115 if (len < 24 + 2)
1184 return; 1116 return;
1185 1117
1186 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN)) 1118 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN))
1187 return; 1119 return;
1188 1120
1189 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1121 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1190 1122
1191 if (ifsta->flags & IEEE80211_STA_ASSOCIATED) 1123 if (ifmgd->flags & IEEE80211_STA_ASSOCIATED)
1192 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n", 1124 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n",
1193 sdata->dev->name, reason_code); 1125 sdata->dev->name, reason_code);
1194 1126
1195 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) { 1127 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED) {
1196 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE; 1128 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE;
1197 mod_timer(&ifsta->timer, jiffies + 1129 mod_timer(&ifmgd->timer, jiffies +
1198 IEEE80211_RETRY_AUTH_INTERVAL); 1130 IEEE80211_RETRY_AUTH_INTERVAL);
1199 } 1131 }
1200 1132
1201 ieee80211_set_disassoc(sdata, ifsta, false, false, reason_code); 1133 ieee80211_set_disassoc(sdata, false, false, reason_code);
1202} 1134}
1203 1135
1204 1136
1205static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 1137static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1206 struct ieee80211_if_sta *ifsta,
1207 struct ieee80211_mgmt *mgmt, 1138 struct ieee80211_mgmt *mgmt,
1208 size_t len, 1139 size_t len,
1209 int reassoc) 1140 int reassoc)
1210{ 1141{
1142 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1211 struct ieee80211_local *local = sdata->local; 1143 struct ieee80211_local *local = sdata->local;
1212 struct ieee80211_supported_band *sband; 1144 struct ieee80211_supported_band *sband;
1213 struct sta_info *sta; 1145 struct sta_info *sta;
1214 u64 rates, basic_rates; 1146 u32 rates, basic_rates;
1215 u16 capab_info, status_code, aid; 1147 u16 capab_info, status_code, aid;
1216 struct ieee802_11_elems elems; 1148 struct ieee802_11_elems elems;
1217 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1149 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
@@ -1224,13 +1156,13 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1224 /* AssocResp and ReassocResp have identical structure, so process both 1156 /* AssocResp and ReassocResp have identical structure, so process both
1225 * of them in this function. */ 1157 * of them in this function. */
1226 1158
1227 if (ifsta->state != IEEE80211_STA_MLME_ASSOCIATE) 1159 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE)
1228 return; 1160 return;
1229 1161
1230 if (len < 24 + 6) 1162 if (len < 24 + 6)
1231 return; 1163 return;
1232 1164
1233 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) 1165 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0)
1234 return; 1166 return;
1235 1167
1236 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1168 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
@@ -1242,13 +1174,31 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1242 sdata->dev->name, reassoc ? "Rea" : "A", mgmt->sa, 1174 sdata->dev->name, reassoc ? "Rea" : "A", mgmt->sa,
1243 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14)))); 1175 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1244 1176
1177 pos = mgmt->u.assoc_resp.variable;
1178 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1179
1180 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
1181 elems.timeout_int && elems.timeout_int_len == 5 &&
1182 elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) {
1183 u32 tu, ms;
1184 tu = get_unaligned_le32(elems.timeout_int + 1);
1185 ms = tu * 1024 / 1000;
1186 printk(KERN_DEBUG "%s: AP rejected association temporarily; "
1187 "comeback duration %u TU (%u ms)\n",
1188 sdata->dev->name, tu, ms);
1189 if (ms > IEEE80211_ASSOC_TIMEOUT)
1190 mod_timer(&ifmgd->timer,
1191 jiffies + msecs_to_jiffies(ms));
1192 return;
1193 }
1194
1245 if (status_code != WLAN_STATUS_SUCCESS) { 1195 if (status_code != WLAN_STATUS_SUCCESS) {
1246 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n", 1196 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1247 sdata->dev->name, status_code); 1197 sdata->dev->name, status_code);
1248 /* if this was a reassociation, ensure we try a "full" 1198 /* if this was a reassociation, ensure we try a "full"
1249 * association next time. This works around some broken APs 1199 * association next time. This works around some broken APs
1250 * which do not correctly reject reassociation requests. */ 1200 * which do not correctly reject reassociation requests. */
1251 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET; 1201 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1252 return; 1202 return;
1253 } 1203 }
1254 1204
@@ -1257,9 +1207,6 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1257 "set\n", sdata->dev->name, aid); 1207 "set\n", sdata->dev->name, aid);
1258 aid &= ~(BIT(15) | BIT(14)); 1208 aid &= ~(BIT(15) | BIT(14));
1259 1209
1260 pos = mgmt->u.assoc_resp.variable;
1261 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1262
1263 if (!elems.supp_rates) { 1210 if (!elems.supp_rates) {
1264 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", 1211 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1265 sdata->dev->name); 1212 sdata->dev->name);
@@ -1267,40 +1214,29 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1267 } 1214 }
1268 1215
1269 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name); 1216 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
1270 ifsta->aid = aid; 1217 ifmgd->aid = aid;
1271 ifsta->ap_capab = capab_info; 1218 ifmgd->ap_capab = capab_info;
1272 1219
1273 kfree(ifsta->assocresp_ies); 1220 kfree(ifmgd->assocresp_ies);
1274 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt); 1221 ifmgd->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1275 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL); 1222 ifmgd->assocresp_ies = kmalloc(ifmgd->assocresp_ies_len, GFP_KERNEL);
1276 if (ifsta->assocresp_ies) 1223 if (ifmgd->assocresp_ies)
1277 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len); 1224 memcpy(ifmgd->assocresp_ies, pos, ifmgd->assocresp_ies_len);
1278 1225
1279 rcu_read_lock(); 1226 rcu_read_lock();
1280 1227
1281 /* Add STA entry for the AP */ 1228 /* Add STA entry for the AP */
1282 sta = sta_info_get(local, ifsta->bssid); 1229 sta = sta_info_get(local, ifmgd->bssid);
1283 if (!sta) { 1230 if (!sta) {
1284 struct ieee80211_bss *bss;
1285
1286 newsta = true; 1231 newsta = true;
1287 1232
1288 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC); 1233 sta = sta_info_alloc(sdata, ifmgd->bssid, GFP_ATOMIC);
1289 if (!sta) { 1234 if (!sta) {
1290 printk(KERN_DEBUG "%s: failed to alloc STA entry for" 1235 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1291 " the AP\n", sdata->dev->name); 1236 " the AP\n", sdata->dev->name);
1292 rcu_read_unlock(); 1237 rcu_read_unlock();
1293 return; 1238 return;
1294 } 1239 }
1295 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1296 local->hw.conf.channel->center_freq,
1297 ifsta->ssid, ifsta->ssid_len);
1298 if (bss) {
1299 sta->last_signal = bss->signal;
1300 sta->last_qual = bss->qual;
1301 sta->last_noise = bss->noise;
1302 ieee80211_rx_bss_put(local, bss);
1303 }
1304 1240
1305 /* update new sta with its last rx activity */ 1241 /* update new sta with its last rx activity */
1306 sta->last_rx = jiffies; 1242 sta->last_rx = jiffies;
@@ -1367,7 +1303,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1367 else 1303 else
1368 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 1304 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
1369 1305
1370 if (elems.ht_cap_elem) 1306 /* If TKIP/WEP is used, no need to parse AP's HT capabilities */
1307 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))
1371 ieee80211_ht_cap_ie_to_sta_ht_cap(sband, 1308 ieee80211_ht_cap_ie_to_sta_ht_cap(sband,
1372 elems.ht_cap_elem, &sta->sta.ht_cap); 1309 elems.ht_cap_elem, &sta->sta.ht_cap);
1373 1310
@@ -1375,6 +1312,9 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1375 1312
1376 rate_control_rate_init(sta); 1313 rate_control_rate_init(sta);
1377 1314
1315 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED)
1316 set_sta_flags(sta, WLAN_STA_MFP);
1317
1378 if (elems.wmm_param) 1318 if (elems.wmm_param)
1379 set_sta_flags(sta, WLAN_STA_WME); 1319 set_sta_flags(sta, WLAN_STA_WME);
1380 1320
@@ -1391,11 +1331,12 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1391 rcu_read_unlock(); 1331 rcu_read_unlock();
1392 1332
1393 if (elems.wmm_param) 1333 if (elems.wmm_param)
1394 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param, 1334 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param,
1395 elems.wmm_param_len); 1335 elems.wmm_param_len);
1396 1336
1397 if (elems.ht_info_elem && elems.wmm_param && 1337 if (elems.ht_info_elem && elems.wmm_param &&
1398 (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) 1338 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
1339 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))
1399 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1340 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem,
1400 ap_ht_cap_flags); 1341 ap_ht_cap_flags);
1401 1342
@@ -1403,136 +1344,12 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1403 * ieee80211_set_associated() will tell the driver */ 1344 * ieee80211_set_associated() will tell the driver */
1404 bss_conf->aid = aid; 1345 bss_conf->aid = aid;
1405 bss_conf->assoc_capability = capab_info; 1346 bss_conf->assoc_capability = capab_info;
1406 ieee80211_set_associated(sdata, ifsta, changed); 1347 ieee80211_set_associated(sdata, changed);
1407 1348
1408 ieee80211_associated(sdata, ifsta); 1349 ieee80211_associated(sdata);
1409} 1350}
1410 1351
1411 1352
1412static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
1413 struct ieee80211_if_sta *ifsta,
1414 struct ieee80211_bss *bss)
1415{
1416 struct ieee80211_local *local = sdata->local;
1417 int res, rates, i, j;
1418 struct sk_buff *skb;
1419 struct ieee80211_mgmt *mgmt;
1420 u8 *pos;
1421 struct ieee80211_supported_band *sband;
1422 union iwreq_data wrqu;
1423
1424 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
1425 if (!skb) {
1426 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
1427 "response\n", sdata->dev->name);
1428 return -ENOMEM;
1429 }
1430
1431 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1432
1433 /* Remove possible STA entries from other IBSS networks. */
1434 sta_info_flush_delayed(sdata);
1435
1436 if (local->ops->reset_tsf) {
1437 /* Reset own TSF to allow time synchronization work. */
1438 local->ops->reset_tsf(local_to_hw(local));
1439 }
1440 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
1441 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
1442 if (res)
1443 return res;
1444
1445 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
1446
1447 sdata->drop_unencrypted = bss->capability &
1448 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
1449
1450 res = ieee80211_set_freq(sdata, bss->freq);
1451
1452 if (res)
1453 return res;
1454
1455 /* Build IBSS probe response */
1456
1457 skb_reserve(skb, local->hw.extra_tx_headroom);
1458
1459 mgmt = (struct ieee80211_mgmt *)
1460 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
1461 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
1462 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1463 IEEE80211_STYPE_PROBE_RESP);
1464 memset(mgmt->da, 0xff, ETH_ALEN);
1465 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1466 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1467 mgmt->u.beacon.beacon_int =
1468 cpu_to_le16(local->hw.conf.beacon_int);
1469 mgmt->u.beacon.timestamp = cpu_to_le64(bss->timestamp);
1470 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
1471
1472 pos = skb_put(skb, 2 + ifsta->ssid_len);
1473 *pos++ = WLAN_EID_SSID;
1474 *pos++ = ifsta->ssid_len;
1475 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
1476
1477 rates = bss->supp_rates_len;
1478 if (rates > 8)
1479 rates = 8;
1480 pos = skb_put(skb, 2 + rates);
1481 *pos++ = WLAN_EID_SUPP_RATES;
1482 *pos++ = rates;
1483 memcpy(pos, bss->supp_rates, rates);
1484
1485 if (bss->band == IEEE80211_BAND_2GHZ) {
1486 pos = skb_put(skb, 2 + 1);
1487 *pos++ = WLAN_EID_DS_PARAMS;
1488 *pos++ = 1;
1489 *pos++ = ieee80211_frequency_to_channel(bss->freq);
1490 }
1491
1492 pos = skb_put(skb, 2 + 2);
1493 *pos++ = WLAN_EID_IBSS_PARAMS;
1494 *pos++ = 2;
1495 /* FIX: set ATIM window based on scan results */
1496 *pos++ = 0;
1497 *pos++ = 0;
1498
1499 if (bss->supp_rates_len > 8) {
1500 rates = bss->supp_rates_len - 8;
1501 pos = skb_put(skb, 2 + rates);
1502 *pos++ = WLAN_EID_EXT_SUPP_RATES;
1503 *pos++ = rates;
1504 memcpy(pos, &bss->supp_rates[8], rates);
1505 }
1506
1507 ifsta->probe_resp = skb;
1508
1509 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
1510
1511
1512 rates = 0;
1513 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1514 for (i = 0; i < bss->supp_rates_len; i++) {
1515 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
1516 for (j = 0; j < sband->n_bitrates; j++)
1517 if (sband->bitrates[j].bitrate == bitrate)
1518 rates |= BIT(j);
1519 }
1520 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
1521
1522 ieee80211_sta_def_wmm_params(sdata, bss);
1523
1524 ifsta->state = IEEE80211_STA_MLME_IBSS_JOINED;
1525 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1526
1527 ieee80211_led_assoc(local, true);
1528
1529 memset(&wrqu, 0, sizeof(wrqu));
1530 memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN);
1531 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
1532
1533 return res;
1534}
1535
1536static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 1353static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1537 struct ieee80211_mgmt *mgmt, 1354 struct ieee80211_mgmt *mgmt,
1538 size_t len, 1355 size_t len,
@@ -1543,11 +1360,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1543 struct ieee80211_local *local = sdata->local; 1360 struct ieee80211_local *local = sdata->local;
1544 int freq; 1361 int freq;
1545 struct ieee80211_bss *bss; 1362 struct ieee80211_bss *bss;
1546 struct sta_info *sta;
1547 struct ieee80211_channel *channel; 1363 struct ieee80211_channel *channel;
1548 u64 beacon_timestamp, rx_timestamp;
1549 u64 supp_rates = 0;
1550 enum ieee80211_band band = rx_status->band;
1551 1364
1552 if (elems->ds_params && elems->ds_params_len == 1) 1365 if (elems->ds_params && elems->ds_params_len == 1)
1553 freq = ieee80211_channel_to_frequency(elems->ds_params[0]); 1366 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
@@ -1559,112 +1372,16 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1559 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 1372 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
1560 return; 1373 return;
1561 1374
1562 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && elems->supp_rates &&
1563 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1564 supp_rates = ieee80211_sta_get_rates(local, elems, band);
1565
1566 rcu_read_lock();
1567
1568 sta = sta_info_get(local, mgmt->sa);
1569 if (sta) {
1570 u64 prev_rates;
1571
1572 prev_rates = sta->sta.supp_rates[band];
1573 /* make sure mandatory rates are always added */
1574 sta->sta.supp_rates[band] = supp_rates |
1575 ieee80211_mandatory_rates(local, band);
1576
1577#ifdef CONFIG_MAC80211_IBSS_DEBUG
1578 if (sta->sta.supp_rates[band] != prev_rates)
1579 printk(KERN_DEBUG "%s: updated supp_rates set "
1580 "for %pM based on beacon info (0x%llx | "
1581 "0x%llx -> 0x%llx)\n",
1582 sdata->dev->name,
1583 sta->sta.addr,
1584 (unsigned long long) prev_rates,
1585 (unsigned long long) supp_rates,
1586 (unsigned long long) sta->sta.supp_rates[band]);
1587#endif
1588 } else {
1589 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
1590 }
1591
1592 rcu_read_unlock();
1593 }
1594
1595 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 1375 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1596 freq, beacon); 1376 channel, beacon);
1597 if (!bss) 1377 if (!bss)
1598 return; 1378 return;
1599 1379
1600 /* was just updated in ieee80211_bss_info_update */ 1380 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) &&
1601 beacon_timestamp = bss->timestamp; 1381 (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN) == 0)) {
1602 1382 struct ieee80211_channel_sw_ie *sw_elem =
1603 /* 1383 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem;
1604 * In STA mode, the remaining parameters should not be overridden 1384 ieee80211_process_chanswitch(sdata, sw_elem, bss);
1605 * by beacons because they're not necessarily accurate there.
1606 */
1607 if (sdata->vif.type != NL80211_IFTYPE_ADHOC &&
1608 bss->last_probe_resp && beacon) {
1609 ieee80211_rx_bss_put(local, bss);
1610 return;
1611 }
1612
1613 /* check if we need to merge IBSS */
1614 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && beacon &&
1615 bss->capability & WLAN_CAPABILITY_IBSS &&
1616 bss->freq == local->oper_channel->center_freq &&
1617 elems->ssid_len == sdata->u.sta.ssid_len &&
1618 memcmp(elems->ssid, sdata->u.sta.ssid,
1619 sdata->u.sta.ssid_len) == 0) {
1620 if (rx_status->flag & RX_FLAG_TSFT) {
1621 /* in order for correct IBSS merging we need mactime
1622 *
1623 * since mactime is defined as the time the first data
1624 * symbol of the frame hits the PHY, and the timestamp
1625 * of the beacon is defined as "the time that the data
1626 * symbol containing the first bit of the timestamp is
1627 * transmitted to the PHY plus the transmitting STA’s
1628 * delays through its local PHY from the MAC-PHY
1629 * interface to its interface with the WM"
1630 * (802.11 11.1.2) - equals the time this bit arrives at
1631 * the receiver - we have to take into account the
1632 * offset between the two.
1633 * e.g: at 1 MBit that means mactime is 192 usec earlier
1634 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
1635 */
1636 int rate;
1637 if (rx_status->flag & RX_FLAG_HT) {
1638 rate = 65; /* TODO: HT rates */
1639 } else {
1640 rate = local->hw.wiphy->bands[band]->
1641 bitrates[rx_status->rate_idx].bitrate;
1642 }
1643 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
1644 } else if (local && local->ops && local->ops->get_tsf)
1645 /* second best option: get current TSF */
1646 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
1647 else
1648 /* can't merge without knowing the TSF */
1649 rx_timestamp = -1LLU;
1650#ifdef CONFIG_MAC80211_IBSS_DEBUG
1651 printk(KERN_DEBUG "RX beacon SA=%pM BSSID="
1652 "%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
1653 mgmt->sa, mgmt->bssid,
1654 (unsigned long long)rx_timestamp,
1655 (unsigned long long)beacon_timestamp,
1656 (unsigned long long)(rx_timestamp - beacon_timestamp),
1657 jiffies);
1658#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1659 if (beacon_timestamp > rx_timestamp) {
1660#ifdef CONFIG_MAC80211_IBSS_DEBUG
1661 printk(KERN_DEBUG "%s: beacon TSF higher than "
1662 "local TSF - IBSS merge with BSSID %pM\n",
1663 sdata->dev->name, mgmt->bssid);
1664#endif
1665 ieee80211_sta_join_ibss(sdata, &sdata->u.sta, bss);
1666 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
1667 }
1668 } 1385 }
1669 1386
1670 ieee80211_rx_bss_put(local, bss); 1387 ieee80211_rx_bss_put(local, bss);
@@ -1678,7 +1395,6 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1678{ 1395{
1679 size_t baselen; 1396 size_t baselen;
1680 struct ieee802_11_elems elems; 1397 struct ieee802_11_elems elems;
1681 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1682 1398
1683 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN)) 1399 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
1684 return; /* ignore ProbeResp to foreign address */ 1400 return; /* ignore ProbeResp to foreign address */
@@ -1694,25 +1410,24 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1694 1410
1695 /* direct probe may be part of the association flow */ 1411 /* direct probe may be part of the association flow */
1696 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE, 1412 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE,
1697 &ifsta->request)) { 1413 &sdata->u.mgd.request)) {
1698 printk(KERN_DEBUG "%s direct probe responded\n", 1414 printk(KERN_DEBUG "%s direct probe responded\n",
1699 sdata->dev->name); 1415 sdata->dev->name);
1700 ieee80211_authenticate(sdata, ifsta); 1416 ieee80211_authenticate(sdata);
1701 } 1417 }
1702} 1418}
1703 1419
1704
1705static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 1420static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1706 struct ieee80211_mgmt *mgmt, 1421 struct ieee80211_mgmt *mgmt,
1707 size_t len, 1422 size_t len,
1708 struct ieee80211_rx_status *rx_status) 1423 struct ieee80211_rx_status *rx_status)
1709{ 1424{
1710 struct ieee80211_if_sta *ifsta; 1425 struct ieee80211_if_managed *ifmgd;
1711 size_t baselen; 1426 size_t baselen;
1712 struct ieee802_11_elems elems; 1427 struct ieee802_11_elems elems;
1713 struct ieee80211_local *local = sdata->local; 1428 struct ieee80211_local *local = sdata->local;
1714 u32 changed = 0; 1429 u32 changed = 0;
1715 bool erp_valid; 1430 bool erp_valid, directed_tim;
1716 u8 erp_value = 0; 1431 u8 erp_value = 0;
1717 1432
1718 /* Process beacon from the current BSS */ 1433 /* Process beacon from the current BSS */
@@ -1726,15 +1441,43 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1726 1441
1727 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1442 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1728 return; 1443 return;
1729 ifsta = &sdata->u.sta;
1730 1444
1731 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) || 1445 ifmgd = &sdata->u.mgd;
1732 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) 1446
1447 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED) ||
1448 memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0)
1449 return;
1450
1451 if (rx_status->freq != local->hw.conf.channel->center_freq)
1733 return; 1452 return;
1734 1453
1735 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param, 1454 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param,
1736 elems.wmm_param_len); 1455 elems.wmm_param_len);
1737 1456
1457 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) {
1458 directed_tim = ieee80211_check_tim(&elems, ifmgd->aid);
1459
1460 if (directed_tim) {
1461 if (local->hw.conf.dynamic_ps_timeout > 0) {
1462 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
1463 ieee80211_hw_config(local,
1464 IEEE80211_CONF_CHANGE_PS);
1465 ieee80211_send_nullfunc(local, sdata, 0);
1466 } else {
1467 local->pspolling = true;
1468
1469 /*
1470 * Here is assumed that the driver will be
1471 * able to send ps-poll frame and receive a
1472 * response even though power save mode is
1473 * enabled, but some drivers might require
1474 * to disable power save here. This needs
1475 * to be investigated.
1476 */
1477 ieee80211_send_pspoll(local, sdata);
1478 }
1479 }
1480 }
1738 1481
1739 if (elems.erp_info && elems.erp_info_len >= 1) { 1482 if (elems.erp_info && elems.erp_info_len >= 1) {
1740 erp_valid = true; 1483 erp_valid = true;
@@ -1747,14 +1490,15 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1747 erp_valid, erp_value); 1490 erp_valid, erp_value);
1748 1491
1749 1492
1750 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param) { 1493 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
1494 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) {
1751 struct sta_info *sta; 1495 struct sta_info *sta;
1752 struct ieee80211_supported_band *sband; 1496 struct ieee80211_supported_band *sband;
1753 u16 ap_ht_cap_flags; 1497 u16 ap_ht_cap_flags;
1754 1498
1755 rcu_read_lock(); 1499 rcu_read_lock();
1756 1500
1757 sta = sta_info_get(local, ifsta->bssid); 1501 sta = sta_info_get(local, ifmgd->bssid);
1758 if (!sta) { 1502 if (!sta) {
1759 rcu_read_unlock(); 1503 rcu_read_unlock();
1760 return; 1504 return;
@@ -1778,92 +1522,28 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1778 * for the BSSID we are associated to */ 1522 * for the BSSID we are associated to */
1779 regulatory_hint_11d(local->hw.wiphy, 1523 regulatory_hint_11d(local->hw.wiphy,
1780 elems.country_elem, elems.country_elem_len); 1524 elems.country_elem, elems.country_elem_len);
1781 }
1782
1783 ieee80211_bss_info_change_notify(sdata, changed);
1784}
1785 1525
1786 1526 /* TODO: IBSS also needs this */
1787static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata, 1527 if (elems.pwr_constr_elem)
1788 struct ieee80211_if_sta *ifsta, 1528 ieee80211_handle_pwr_constr(sdata,
1789 struct ieee80211_mgmt *mgmt, 1529 le16_to_cpu(mgmt->u.probe_resp.capab_info),
1790 size_t len, 1530 elems.pwr_constr_elem,
1791 struct ieee80211_rx_status *rx_status) 1531 elems.pwr_constr_elem_len);
1792{
1793 struct ieee80211_local *local = sdata->local;
1794 int tx_last_beacon;
1795 struct sk_buff *skb;
1796 struct ieee80211_mgmt *resp;
1797 u8 *pos, *end;
1798
1799 if (sdata->vif.type != NL80211_IFTYPE_ADHOC ||
1800 ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED ||
1801 len < 24 + 2 || !ifsta->probe_resp)
1802 return;
1803
1804 if (local->ops->tx_last_beacon)
1805 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1806 else
1807 tx_last_beacon = 1;
1808
1809#ifdef CONFIG_MAC80211_IBSS_DEBUG
1810 printk(KERN_DEBUG "%s: RX ProbeReq SA=%pM DA=%pM BSSID=%pM"
1811 " (tx_last_beacon=%d)\n",
1812 sdata->dev->name, mgmt->sa, mgmt->da,
1813 mgmt->bssid, tx_last_beacon);
1814#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1815
1816 if (!tx_last_beacon)
1817 return;
1818
1819 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1820 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1821 return;
1822
1823 end = ((u8 *) mgmt) + len;
1824 pos = mgmt->u.probe_req.variable;
1825 if (pos[0] != WLAN_EID_SSID ||
1826 pos + 2 + pos[1] > end) {
1827#ifdef CONFIG_MAC80211_IBSS_DEBUG
1828 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1829 "from %pM\n",
1830 sdata->dev->name, mgmt->sa);
1831#endif
1832 return;
1833 } 1532 }
1834 if (pos[1] != 0 &&
1835 (pos[1] != ifsta->ssid_len ||
1836 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1837 /* Ignore ProbeReq for foreign SSID */
1838 return;
1839 }
1840
1841 /* Reply with ProbeResp */
1842 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
1843 if (!skb)
1844 return;
1845 1533
1846 resp = (struct ieee80211_mgmt *) skb->data; 1534 ieee80211_bss_info_change_notify(sdata, changed);
1847 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1848#ifdef CONFIG_MAC80211_IBSS_DEBUG
1849 printk(KERN_DEBUG "%s: Sending ProbeResp to %pM\n",
1850 sdata->dev->name, resp->da);
1851#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1852 ieee80211_tx_skb(sdata, skb, 0);
1853} 1535}
1854 1536
1855void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 1537ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
1856 struct ieee80211_rx_status *rx_status) 1538 struct sk_buff *skb,
1539 struct ieee80211_rx_status *rx_status)
1857{ 1540{
1858 struct ieee80211_local *local = sdata->local; 1541 struct ieee80211_local *local = sdata->local;
1859 struct ieee80211_if_sta *ifsta;
1860 struct ieee80211_mgmt *mgmt; 1542 struct ieee80211_mgmt *mgmt;
1861 u16 fc; 1543 u16 fc;
1862 1544
1863 if (skb->len < 24) 1545 if (skb->len < 24)
1864 goto fail; 1546 return RX_DROP_MONITOR;
1865
1866 ifsta = &sdata->u.sta;
1867 1547
1868 mgmt = (struct ieee80211_mgmt *) skb->data; 1548 mgmt = (struct ieee80211_mgmt *) skb->data;
1869 fc = le16_to_cpu(mgmt->frame_control); 1549 fc = le16_to_cpu(mgmt->frame_control);
@@ -1878,113 +1558,68 @@ void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *
1878 case IEEE80211_STYPE_REASSOC_RESP: 1558 case IEEE80211_STYPE_REASSOC_RESP:
1879 case IEEE80211_STYPE_DEAUTH: 1559 case IEEE80211_STYPE_DEAUTH:
1880 case IEEE80211_STYPE_DISASSOC: 1560 case IEEE80211_STYPE_DISASSOC:
1881 skb_queue_tail(&ifsta->skb_queue, skb); 1561 skb_queue_tail(&sdata->u.mgd.skb_queue, skb);
1882 queue_work(local->hw.workqueue, &ifsta->work); 1562 queue_work(local->hw.workqueue, &sdata->u.mgd.work);
1883 return; 1563 return RX_QUEUED;
1884 } 1564 }
1885 1565
1886 fail: 1566 return RX_DROP_MONITOR;
1887 kfree_skb(skb);
1888} 1567}
1889 1568
1890static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 1569static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1891 struct sk_buff *skb) 1570 struct sk_buff *skb)
1892{ 1571{
1893 struct ieee80211_rx_status *rx_status; 1572 struct ieee80211_rx_status *rx_status;
1894 struct ieee80211_if_sta *ifsta;
1895 struct ieee80211_mgmt *mgmt; 1573 struct ieee80211_mgmt *mgmt;
1896 u16 fc; 1574 u16 fc;
1897 1575
1898 ifsta = &sdata->u.sta;
1899
1900 rx_status = (struct ieee80211_rx_status *) skb->cb; 1576 rx_status = (struct ieee80211_rx_status *) skb->cb;
1901 mgmt = (struct ieee80211_mgmt *) skb->data; 1577 mgmt = (struct ieee80211_mgmt *) skb->data;
1902 fc = le16_to_cpu(mgmt->frame_control); 1578 fc = le16_to_cpu(mgmt->frame_control);
1903 1579
1904 switch (fc & IEEE80211_FCTL_STYPE) { 1580 switch (fc & IEEE80211_FCTL_STYPE) {
1905 case IEEE80211_STYPE_PROBE_REQ:
1906 ieee80211_rx_mgmt_probe_req(sdata, ifsta, mgmt, skb->len,
1907 rx_status);
1908 break;
1909 case IEEE80211_STYPE_PROBE_RESP: 1581 case IEEE80211_STYPE_PROBE_RESP:
1910 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status); 1582 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len,
1583 rx_status);
1911 break; 1584 break;
1912 case IEEE80211_STYPE_BEACON: 1585 case IEEE80211_STYPE_BEACON:
1913 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status); 1586 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len,
1587 rx_status);
1914 break; 1588 break;
1915 case IEEE80211_STYPE_AUTH: 1589 case IEEE80211_STYPE_AUTH:
1916 ieee80211_rx_mgmt_auth(sdata, ifsta, mgmt, skb->len); 1590 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len);
1917 break; 1591 break;
1918 case IEEE80211_STYPE_ASSOC_RESP: 1592 case IEEE80211_STYPE_ASSOC_RESP:
1919 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0); 1593 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 0);
1920 break; 1594 break;
1921 case IEEE80211_STYPE_REASSOC_RESP: 1595 case IEEE80211_STYPE_REASSOC_RESP:
1922 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1); 1596 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 1);
1923 break; 1597 break;
1924 case IEEE80211_STYPE_DEAUTH: 1598 case IEEE80211_STYPE_DEAUTH:
1925 ieee80211_rx_mgmt_deauth(sdata, ifsta, mgmt, skb->len); 1599 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len);
1926 break; 1600 break;
1927 case IEEE80211_STYPE_DISASSOC: 1601 case IEEE80211_STYPE_DISASSOC:
1928 ieee80211_rx_mgmt_disassoc(sdata, ifsta, mgmt, skb->len); 1602 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
1929 break; 1603 break;
1930 } 1604 }
1931 1605
1932 kfree_skb(skb); 1606 kfree_skb(skb);
1933} 1607}
1934 1608
1935
1936static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
1937{
1938 struct ieee80211_local *local = sdata->local;
1939 int active = 0;
1940 struct sta_info *sta;
1941
1942 rcu_read_lock();
1943
1944 list_for_each_entry_rcu(sta, &local->sta_list, list) {
1945 if (sta->sdata == sdata &&
1946 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1947 jiffies)) {
1948 active++;
1949 break;
1950 }
1951 }
1952
1953 rcu_read_unlock();
1954
1955 return active;
1956}
1957
1958
1959static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata,
1960 struct ieee80211_if_sta *ifsta)
1961{
1962 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1963
1964 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
1965 if (ieee80211_sta_active_ibss(sdata))
1966 return;
1967
1968 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1969 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
1970 ieee80211_request_scan(sdata, ifsta->ssid, ifsta->ssid_len);
1971}
1972
1973
1974static void ieee80211_sta_timer(unsigned long data) 1609static void ieee80211_sta_timer(unsigned long data)
1975{ 1610{
1976 struct ieee80211_sub_if_data *sdata = 1611 struct ieee80211_sub_if_data *sdata =
1977 (struct ieee80211_sub_if_data *) data; 1612 (struct ieee80211_sub_if_data *) data;
1978 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1613 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1979 struct ieee80211_local *local = sdata->local; 1614 struct ieee80211_local *local = sdata->local;
1980 1615
1981 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request); 1616 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request);
1982 queue_work(local->hw.workqueue, &ifsta->work); 1617 queue_work(local->hw.workqueue, &ifmgd->work);
1983} 1618}
1984 1619
1985static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata, 1620static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata)
1986 struct ieee80211_if_sta *ifsta)
1987{ 1621{
1622 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1988 struct ieee80211_local *local = sdata->local; 1623 struct ieee80211_local *local = sdata->local;
1989 1624
1990 if (local->ops->reset_tsf) { 1625 if (local->ops->reset_tsf) {
@@ -1992,298 +1627,109 @@ static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata,
1992 local->ops->reset_tsf(local_to_hw(local)); 1627 local->ops->reset_tsf(local_to_hw(local));
1993 } 1628 }
1994 1629
1995 ifsta->wmm_last_param_set = -1; /* allow any WMM update */ 1630 ifmgd->wmm_last_param_set = -1; /* allow any WMM update */
1996 1631
1997 1632
1998 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN) 1633 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1999 ifsta->auth_alg = WLAN_AUTH_OPEN; 1634 ifmgd->auth_alg = WLAN_AUTH_OPEN;
2000 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 1635 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2001 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY; 1636 ifmgd->auth_alg = WLAN_AUTH_SHARED_KEY;
2002 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP) 1637 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP)
2003 ifsta->auth_alg = WLAN_AUTH_LEAP; 1638 ifmgd->auth_alg = WLAN_AUTH_LEAP;
2004 else 1639 else
2005 ifsta->auth_alg = WLAN_AUTH_OPEN; 1640 ifmgd->auth_alg = WLAN_AUTH_OPEN;
2006 ifsta->auth_transaction = -1; 1641 ifmgd->auth_transaction = -1;
2007 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED; 1642 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
2008 ifsta->assoc_scan_tries = 0; 1643 ifmgd->assoc_scan_tries = 0;
2009 ifsta->direct_probe_tries = 0; 1644 ifmgd->direct_probe_tries = 0;
2010 ifsta->auth_tries = 0; 1645 ifmgd->auth_tries = 0;
2011 ifsta->assoc_tries = 0; 1646 ifmgd->assoc_tries = 0;
2012 netif_tx_stop_all_queues(sdata->dev); 1647 netif_tx_stop_all_queues(sdata->dev);
2013 netif_carrier_off(sdata->dev); 1648 netif_carrier_off(sdata->dev);
2014} 1649}
2015 1650
2016 1651static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata)
2017static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
2018 const char *ssid, int ssid_len)
2019{
2020 int tmp, hidden_ssid;
2021
2022 if (ssid_len == ifsta->ssid_len &&
2023 !memcmp(ifsta->ssid, ssid, ssid_len))
2024 return 1;
2025
2026 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
2027 return 0;
2028
2029 hidden_ssid = 1;
2030 tmp = ssid_len;
2031 while (tmp--) {
2032 if (ssid[tmp] != '\0') {
2033 hidden_ssid = 0;
2034 break;
2035 }
2036 }
2037
2038 if (hidden_ssid && (ifsta->ssid_len == ssid_len || ssid_len == 0))
2039 return 1;
2040
2041 if (ssid_len == 1 && ssid[0] == ' ')
2042 return 1;
2043
2044 return 0;
2045}
2046
2047static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata,
2048 struct ieee80211_if_sta *ifsta)
2049{ 1652{
1653 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2050 struct ieee80211_local *local = sdata->local; 1654 struct ieee80211_local *local = sdata->local;
2051 struct ieee80211_bss *bss; 1655 struct ieee80211_bss *bss;
2052 struct ieee80211_supported_band *sband; 1656 u8 *bssid = ifmgd->bssid, *ssid = ifmgd->ssid;
2053 u8 bssid[ETH_ALEN], *pos; 1657 u8 ssid_len = ifmgd->ssid_len;
2054 int i; 1658 u16 capa_mask = WLAN_CAPABILITY_ESS;
2055 int ret; 1659 u16 capa_val = WLAN_CAPABILITY_ESS;
2056 1660 struct ieee80211_channel *chan = local->oper_channel;
2057#if 0
2058 /* Easier testing, use fixed BSSID. */
2059 memset(bssid, 0xfe, ETH_ALEN);
2060#else
2061 /* Generate random, not broadcast, locally administered BSSID. Mix in
2062 * own MAC address to make sure that devices that do not have proper
2063 * random number generator get different BSSID. */
2064 get_random_bytes(bssid, ETH_ALEN);
2065 for (i = 0; i < ETH_ALEN; i++)
2066 bssid[i] ^= sdata->dev->dev_addr[i];
2067 bssid[0] &= ~0x01;
2068 bssid[0] |= 0x02;
2069#endif
2070
2071 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n",
2072 sdata->dev->name, bssid);
2073
2074 bss = ieee80211_rx_bss_add(local, bssid,
2075 local->hw.conf.channel->center_freq,
2076 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
2077 if (!bss)
2078 return -ENOMEM;
2079
2080 bss->band = local->hw.conf.channel->band;
2081 sband = local->hw.wiphy->bands[bss->band];
2082
2083 if (local->hw.conf.beacon_int == 0)
2084 local->hw.conf.beacon_int = 100;
2085 bss->beacon_int = local->hw.conf.beacon_int;
2086 bss->last_update = jiffies;
2087 bss->capability = WLAN_CAPABILITY_IBSS;
2088 1661
2089 if (sdata->default_key) 1662 if (ifmgd->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2090 bss->capability |= WLAN_CAPABILITY_PRIVACY; 1663 IEEE80211_STA_AUTO_BSSID_SEL |
2091 else 1664 IEEE80211_STA_AUTO_CHANNEL_SEL)) {
2092 sdata->drop_unencrypted = 0; 1665 capa_mask |= WLAN_CAPABILITY_PRIVACY;
2093 1666 if (sdata->default_key)
2094 bss->supp_rates_len = sband->n_bitrates; 1667 capa_val |= WLAN_CAPABILITY_PRIVACY;
2095 pos = bss->supp_rates;
2096 for (i = 0; i < sband->n_bitrates; i++) {
2097 int rate = sband->bitrates[i].bitrate;
2098 *pos++ = (u8) (rate / 5);
2099 } 1668 }
2100 1669
2101 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss); 1670 if (ifmgd->flags & IEEE80211_STA_AUTO_CHANNEL_SEL)
2102 ieee80211_rx_bss_put(local, bss); 1671 chan = NULL;
2103 return ret;
2104}
2105
2106 1672
2107static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata, 1673 if (ifmgd->flags & IEEE80211_STA_AUTO_BSSID_SEL)
2108 struct ieee80211_if_sta *ifsta) 1674 bssid = NULL;
2109{
2110 struct ieee80211_local *local = sdata->local;
2111 struct ieee80211_bss *bss;
2112 int found = 0;
2113 u8 bssid[ETH_ALEN];
2114 int active_ibss;
2115 1675
2116 if (ifsta->ssid_len == 0) 1676 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL) {
2117 return -EINVAL; 1677 ssid = NULL;
2118 1678 ssid_len = 0;
2119 active_ibss = ieee80211_sta_active_ibss(sdata);
2120#ifdef CONFIG_MAC80211_IBSS_DEBUG
2121 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2122 sdata->dev->name, active_ibss);
2123#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2124 spin_lock_bh(&local->bss_lock);
2125 list_for_each_entry(bss, &local->bss_list, list) {
2126 if (ifsta->ssid_len != bss->ssid_len ||
2127 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2128 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2129 continue;
2130#ifdef CONFIG_MAC80211_IBSS_DEBUG
2131 printk(KERN_DEBUG " bssid=%pM found\n", bss->bssid);
2132#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2133 memcpy(bssid, bss->bssid, ETH_ALEN);
2134 found = 1;
2135 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2136 break;
2137 } 1679 }
2138 spin_unlock_bh(&local->bss_lock);
2139 1680
2140#ifdef CONFIG_MAC80211_IBSS_DEBUG 1681 bss = (void *)cfg80211_get_bss(local->hw.wiphy, chan,
2141 if (found) 1682 bssid, ssid, ssid_len,
2142 printk(KERN_DEBUG " sta_find_ibss: selected %pM current " 1683 capa_mask, capa_val);
2143 "%pM\n", bssid, ifsta->bssid);
2144#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2145 1684
2146 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) { 1685 if (bss) {
2147 int ret; 1686 ieee80211_set_freq(sdata, bss->cbss.channel->center_freq);
2148 int search_freq; 1687 if (!(ifmgd->flags & IEEE80211_STA_SSID_SET))
2149 1688 ieee80211_sta_set_ssid(sdata, bss->ssid,
2150 if (ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) 1689 bss->ssid_len);
2151 search_freq = bss->freq; 1690 ieee80211_sta_set_bssid(sdata, bss->cbss.bssid);
1691 ieee80211_sta_def_wmm_params(sdata, bss->supp_rates_len,
1692 bss->supp_rates);
1693 if (sdata->u.mgd.mfp == IEEE80211_MFP_REQUIRED)
1694 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED;
2152 else 1695 else
2153 search_freq = local->hw.conf.channel->center_freq; 1696 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED;
2154
2155 bss = ieee80211_rx_bss_get(local, bssid, search_freq,
2156 ifsta->ssid, ifsta->ssid_len);
2157 if (!bss)
2158 goto dont_join;
2159
2160 printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM"
2161 " based on configured SSID\n",
2162 sdata->dev->name, bssid);
2163 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
2164 ieee80211_rx_bss_put(local, bss);
2165 return ret;
2166 }
2167
2168dont_join:
2169#ifdef CONFIG_MAC80211_IBSS_DEBUG
2170 printk(KERN_DEBUG " did not try to join ibss\n");
2171#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2172
2173 /* Selected IBSS not found in current scan results - try to scan */
2174 if (ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED &&
2175 !ieee80211_sta_active_ibss(sdata)) {
2176 mod_timer(&ifsta->timer, jiffies +
2177 IEEE80211_IBSS_MERGE_INTERVAL);
2178 } else if (time_after(jiffies, local->last_scan_completed +
2179 IEEE80211_SCAN_INTERVAL)) {
2180 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2181 "join\n", sdata->dev->name);
2182 return ieee80211_request_scan(sdata, ifsta->ssid,
2183 ifsta->ssid_len);
2184 } else if (ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED) {
2185 int interval = IEEE80211_SCAN_INTERVAL;
2186
2187 if (time_after(jiffies, ifsta->ibss_join_req +
2188 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2189 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
2190 (!(local->oper_channel->flags &
2191 IEEE80211_CHAN_NO_IBSS)))
2192 return ieee80211_sta_create_ibss(sdata, ifsta);
2193 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
2194 printk(KERN_DEBUG "%s: IBSS not allowed on"
2195 " %d MHz\n", sdata->dev->name,
2196 local->hw.conf.channel->center_freq);
2197 }
2198
2199 /* No IBSS found - decrease scan interval and continue
2200 * scanning. */
2201 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2202 }
2203
2204 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
2205 mod_timer(&ifsta->timer, jiffies + interval);
2206 return 0;
2207 }
2208
2209 return 0;
2210}
2211
2212
2213static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
2214 struct ieee80211_if_sta *ifsta)
2215{
2216 struct ieee80211_local *local = sdata->local;
2217 struct ieee80211_bss *bss, *selected = NULL;
2218 int top_rssi = 0, freq;
2219
2220 spin_lock_bh(&local->bss_lock);
2221 freq = local->oper_channel->center_freq;
2222 list_for_each_entry(bss, &local->bss_list, list) {
2223 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2224 continue;
2225
2226 if ((ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2227 IEEE80211_STA_AUTO_BSSID_SEL |
2228 IEEE80211_STA_AUTO_CHANNEL_SEL)) &&
2229 (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
2230 !!sdata->default_key))
2231 continue;
2232
2233 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
2234 bss->freq != freq)
2235 continue;
2236
2237 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
2238 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
2239 continue;
2240
2241 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
2242 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
2243 continue;
2244
2245 if (!selected || top_rssi < bss->signal) {
2246 selected = bss;
2247 top_rssi = bss->signal;
2248 }
2249 }
2250 if (selected)
2251 atomic_inc(&selected->users);
2252 spin_unlock_bh(&local->bss_lock);
2253
2254 if (selected) {
2255 ieee80211_set_freq(sdata, selected->freq);
2256 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
2257 ieee80211_sta_set_ssid(sdata, selected->ssid,
2258 selected->ssid_len);
2259 ieee80211_sta_set_bssid(sdata, selected->bssid);
2260 ieee80211_sta_def_wmm_params(sdata, selected);
2261 1697
2262 /* Send out direct probe if no probe resp was received or 1698 /* Send out direct probe if no probe resp was received or
2263 * the one we have is outdated 1699 * the one we have is outdated
2264 */ 1700 */
2265 if (!selected->last_probe_resp || 1701 if (!bss->last_probe_resp ||
2266 time_after(jiffies, selected->last_probe_resp 1702 time_after(jiffies, bss->last_probe_resp
2267 + IEEE80211_SCAN_RESULT_EXPIRE)) 1703 + IEEE80211_SCAN_RESULT_EXPIRE))
2268 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1704 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
2269 else 1705 else
2270 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE; 1706 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
2271 1707
2272 ieee80211_rx_bss_put(local, selected); 1708 ieee80211_rx_bss_put(local, bss);
2273 ieee80211_sta_reset_auth(sdata, ifsta); 1709 ieee80211_sta_reset_auth(sdata);
2274 return 0; 1710 return 0;
2275 } else { 1711 } else {
2276 if (ifsta->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) { 1712 if (ifmgd->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
2277 ifsta->assoc_scan_tries++; 1713 ifmgd->assoc_scan_tries++;
2278 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) 1714 /* XXX maybe racy? */
2279 ieee80211_start_scan(sdata, NULL, 0); 1715 if (local->scan_req)
1716 return -1;
1717 memcpy(local->int_scan_req.ssids[0].ssid,
1718 ifmgd->ssid, IEEE80211_MAX_SSID_LEN);
1719 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL)
1720 local->int_scan_req.ssids[0].ssid_len = 0;
2280 else 1721 else
2281 ieee80211_start_scan(sdata, ifsta->ssid, 1722 local->int_scan_req.ssids[0].ssid_len = ifmgd->ssid_len;
2282 ifsta->ssid_len); 1723
2283 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE; 1724 if (ieee80211_start_scan(sdata, &local->int_scan_req))
2284 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request); 1725 ieee80211_scan_failed(local);
2285 } else 1726
2286 ifsta->state = IEEE80211_STA_MLME_DISABLED; 1727 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
1728 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request);
1729 } else {
1730 ifmgd->assoc_scan_tries = 0;
1731 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1732 }
2287 } 1733 }
2288 return -1; 1734 return -1;
2289} 1735}
@@ -2292,9 +1738,9 @@ static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
2292static void ieee80211_sta_work(struct work_struct *work) 1738static void ieee80211_sta_work(struct work_struct *work)
2293{ 1739{
2294 struct ieee80211_sub_if_data *sdata = 1740 struct ieee80211_sub_if_data *sdata =
2295 container_of(work, struct ieee80211_sub_if_data, u.sta.work); 1741 container_of(work, struct ieee80211_sub_if_data, u.mgd.work);
2296 struct ieee80211_local *local = sdata->local; 1742 struct ieee80211_local *local = sdata->local;
2297 struct ieee80211_if_sta *ifsta; 1743 struct ieee80211_if_managed *ifmgd;
2298 struct sk_buff *skb; 1744 struct sk_buff *skb;
2299 1745
2300 if (!netif_running(sdata->dev)) 1746 if (!netif_running(sdata->dev))
@@ -2303,61 +1749,60 @@ static void ieee80211_sta_work(struct work_struct *work)
2303 if (local->sw_scanning || local->hw_scanning) 1749 if (local->sw_scanning || local->hw_scanning)
2304 return; 1750 return;
2305 1751
2306 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION && 1752 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2307 sdata->vif.type != NL80211_IFTYPE_ADHOC))
2308 return; 1753 return;
2309 ifsta = &sdata->u.sta; 1754 ifmgd = &sdata->u.mgd;
2310 1755
2311 while ((skb = skb_dequeue(&ifsta->skb_queue))) 1756 while ((skb = skb_dequeue(&ifmgd->skb_queue)))
2312 ieee80211_sta_rx_queued_mgmt(sdata, skb); 1757 ieee80211_sta_rx_queued_mgmt(sdata, skb);
2313 1758
2314 if (ifsta->state != IEEE80211_STA_MLME_DIRECT_PROBE && 1759 if (ifmgd->state != IEEE80211_STA_MLME_DIRECT_PROBE &&
2315 ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE && 1760 ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE &&
2316 ifsta->state != IEEE80211_STA_MLME_ASSOCIATE && 1761 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE &&
2317 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) { 1762 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request)) {
2318 ieee80211_start_scan(sdata, ifsta->scan_ssid, 1763 /*
2319 ifsta->scan_ssid_len); 1764 * The call to ieee80211_start_scan can fail but ieee80211_request_scan
1765 * (which queued ieee80211_sta_work) did not return an error. Thus, call
1766 * ieee80211_scan_failed here if ieee80211_start_scan fails in order to
1767 * notify the scan requester.
1768 */
1769 if (ieee80211_start_scan(sdata, local->scan_req))
1770 ieee80211_scan_failed(local);
2320 return; 1771 return;
2321 } 1772 }
2322 1773
2323 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) { 1774 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request)) {
2324 if (ieee80211_sta_config_auth(sdata, ifsta)) 1775 if (ieee80211_sta_config_auth(sdata))
2325 return; 1776 return;
2326 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request); 1777 clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request);
2327 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request)) 1778 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request))
2328 return; 1779 return;
2329 1780
2330 switch (ifsta->state) { 1781 switch (ifmgd->state) {
2331 case IEEE80211_STA_MLME_DISABLED: 1782 case IEEE80211_STA_MLME_DISABLED:
2332 break; 1783 break;
2333 case IEEE80211_STA_MLME_DIRECT_PROBE: 1784 case IEEE80211_STA_MLME_DIRECT_PROBE:
2334 ieee80211_direct_probe(sdata, ifsta); 1785 ieee80211_direct_probe(sdata);
2335 break; 1786 break;
2336 case IEEE80211_STA_MLME_AUTHENTICATE: 1787 case IEEE80211_STA_MLME_AUTHENTICATE:
2337 ieee80211_authenticate(sdata, ifsta); 1788 ieee80211_authenticate(sdata);
2338 break; 1789 break;
2339 case IEEE80211_STA_MLME_ASSOCIATE: 1790 case IEEE80211_STA_MLME_ASSOCIATE:
2340 ieee80211_associate(sdata, ifsta); 1791 ieee80211_associate(sdata);
2341 break; 1792 break;
2342 case IEEE80211_STA_MLME_ASSOCIATED: 1793 case IEEE80211_STA_MLME_ASSOCIATED:
2343 ieee80211_associated(sdata, ifsta); 1794 ieee80211_associated(sdata);
2344 break;
2345 case IEEE80211_STA_MLME_IBSS_SEARCH:
2346 ieee80211_sta_find_ibss(sdata, ifsta);
2347 break;
2348 case IEEE80211_STA_MLME_IBSS_JOINED:
2349 ieee80211_sta_merge_ibss(sdata, ifsta);
2350 break; 1795 break;
2351 default: 1796 default:
2352 WARN_ON(1); 1797 WARN_ON(1);
2353 break; 1798 break;
2354 } 1799 }
2355 1800
2356 if (ieee80211_privacy_mismatch(sdata, ifsta)) { 1801 if (ieee80211_privacy_mismatch(sdata)) {
2357 printk(KERN_DEBUG "%s: privacy configuration mismatch and " 1802 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
2358 "mixed-cell disabled - disassociate\n", sdata->dev->name); 1803 "mixed-cell disabled - disassociate\n", sdata->dev->name);
2359 1804
2360 ieee80211_set_disassoc(sdata, ifsta, false, true, 1805 ieee80211_set_disassoc(sdata, false, true,
2361 WLAN_REASON_UNSPECIFIED); 1806 WLAN_REASON_UNSPECIFIED);
2362 } 1807 }
2363} 1808}
@@ -2366,208 +1811,153 @@ static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
2366{ 1811{
2367 if (sdata->vif.type == NL80211_IFTYPE_STATION) 1812 if (sdata->vif.type == NL80211_IFTYPE_STATION)
2368 queue_work(sdata->local->hw.workqueue, 1813 queue_work(sdata->local->hw.workqueue,
2369 &sdata->u.sta.work); 1814 &sdata->u.mgd.work);
2370} 1815}
2371 1816
2372/* interface setup */ 1817/* interface setup */
2373void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 1818void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
2374{ 1819{
2375 struct ieee80211_if_sta *ifsta; 1820 struct ieee80211_if_managed *ifmgd;
2376 1821
2377 ifsta = &sdata->u.sta; 1822 ifmgd = &sdata->u.mgd;
2378 INIT_WORK(&ifsta->work, ieee80211_sta_work); 1823 INIT_WORK(&ifmgd->work, ieee80211_sta_work);
2379 setup_timer(&ifsta->timer, ieee80211_sta_timer, 1824 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
1825 setup_timer(&ifmgd->timer, ieee80211_sta_timer,
1826 (unsigned long) sdata);
1827 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer,
2380 (unsigned long) sdata); 1828 (unsigned long) sdata);
2381 skb_queue_head_init(&ifsta->skb_queue); 1829 skb_queue_head_init(&ifmgd->skb_queue);
2382 1830
2383 ifsta->capab = WLAN_CAPABILITY_ESS; 1831 ifmgd->capab = WLAN_CAPABILITY_ESS;
2384 ifsta->auth_algs = IEEE80211_AUTH_ALG_OPEN | 1832 ifmgd->auth_algs = IEEE80211_AUTH_ALG_OPEN |
2385 IEEE80211_AUTH_ALG_SHARED_KEY; 1833 IEEE80211_AUTH_ALG_SHARED_KEY;
2386 ifsta->flags |= IEEE80211_STA_CREATE_IBSS | 1834 ifmgd->flags |= IEEE80211_STA_CREATE_IBSS |
2387 IEEE80211_STA_AUTO_BSSID_SEL | 1835 IEEE80211_STA_AUTO_BSSID_SEL |
2388 IEEE80211_STA_AUTO_CHANNEL_SEL; 1836 IEEE80211_STA_AUTO_CHANNEL_SEL;
2389 if (ieee80211_num_regular_queues(&sdata->local->hw) >= 4) 1837 if (ieee80211_num_regular_queues(&sdata->local->hw) >= 4)
2390 ifsta->flags |= IEEE80211_STA_WMM_ENABLED; 1838 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED;
2391}
2392
2393/*
2394 * Add a new IBSS station, will also be called by the RX code when,
2395 * in IBSS mode, receiving a frame from a yet-unknown station, hence
2396 * must be callable in atomic context.
2397 */
2398struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
2399 u8 *bssid,u8 *addr, u64 supp_rates)
2400{
2401 struct ieee80211_local *local = sdata->local;
2402 struct sta_info *sta;
2403 int band = local->hw.conf.channel->band;
2404
2405 /* TODO: Could consider removing the least recently used entry and
2406 * allow new one to be added. */
2407 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
2408 if (net_ratelimit()) {
2409 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
2410 "entry %pM\n", sdata->dev->name, addr);
2411 }
2412 return NULL;
2413 }
2414
2415 if (compare_ether_addr(bssid, sdata->u.sta.bssid))
2416 return NULL;
2417
2418#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2419 printk(KERN_DEBUG "%s: Adding new IBSS station %pM (dev=%s)\n",
2420 wiphy_name(local->hw.wiphy), addr, sdata->dev->name);
2421#endif
2422
2423 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
2424 if (!sta)
2425 return NULL;
2426
2427 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
2428
2429 /* make sure mandatory rates are always added */
2430 sta->sta.supp_rates[band] = supp_rates |
2431 ieee80211_mandatory_rates(local, band);
2432
2433 rate_control_rate_init(sta);
2434
2435 if (sta_info_insert(sta))
2436 return NULL;
2437
2438 return sta;
2439} 1839}
2440 1840
2441/* configuration hooks */ 1841/* configuration hooks */
2442void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata, 1842void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata)
2443 struct ieee80211_if_sta *ifsta)
2444{ 1843{
1844 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2445 struct ieee80211_local *local = sdata->local; 1845 struct ieee80211_local *local = sdata->local;
2446 1846
2447 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1847 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2448 return; 1848 return;
2449 1849
2450 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET | 1850 if ((ifmgd->flags & (IEEE80211_STA_BSSID_SET |
2451 IEEE80211_STA_AUTO_BSSID_SEL)) && 1851 IEEE80211_STA_AUTO_BSSID_SEL)) &&
2452 (ifsta->flags & (IEEE80211_STA_SSID_SET | 1852 (ifmgd->flags & (IEEE80211_STA_SSID_SET |
2453 IEEE80211_STA_AUTO_SSID_SEL))) { 1853 IEEE80211_STA_AUTO_SSID_SEL))) {
2454 1854
2455 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) 1855 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2456 ieee80211_set_disassoc(sdata, ifsta, true, true, 1856 ieee80211_set_disassoc(sdata, true, true,
2457 WLAN_REASON_DEAUTH_LEAVING); 1857 WLAN_REASON_DEAUTH_LEAVING);
2458 1858
2459 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request); 1859 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request);
2460 queue_work(local->hw.workqueue, &ifsta->work); 1860 queue_work(local->hw.workqueue, &ifmgd->work);
2461 } 1861 }
2462} 1862}
2463 1863
1864int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata)
1865{
1866 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1867
1868 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1869
1870 if (ifmgd->ssid_len)
1871 ifmgd->flags |= IEEE80211_STA_SSID_SET;
1872 else
1873 ifmgd->flags &= ~IEEE80211_STA_SSID_SET;
1874
1875 return 0;
1876}
1877
2464int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len) 1878int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
2465{ 1879{
2466 struct ieee80211_if_sta *ifsta; 1880 struct ieee80211_if_managed *ifmgd;
2467 1881
2468 if (len > IEEE80211_MAX_SSID_LEN) 1882 if (len > IEEE80211_MAX_SSID_LEN)
2469 return -EINVAL; 1883 return -EINVAL;
2470 1884
2471 ifsta = &sdata->u.sta; 1885 ifmgd = &sdata->u.mgd;
2472
2473 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) {
2474 memset(ifsta->ssid, 0, sizeof(ifsta->ssid));
2475 memcpy(ifsta->ssid, ssid, len);
2476 ifsta->ssid_len = len;
2477 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2478 }
2479
2480 if (len)
2481 ifsta->flags |= IEEE80211_STA_SSID_SET;
2482 else
2483 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
2484 1886
2485 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && 1887 if (ifmgd->ssid_len != len || memcmp(ifmgd->ssid, ssid, len) != 0) {
2486 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) { 1888 memset(ifmgd->ssid, 0, sizeof(ifmgd->ssid));
2487 ifsta->ibss_join_req = jiffies; 1889 memcpy(ifmgd->ssid, ssid, len);
2488 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH; 1890 ifmgd->ssid_len = len;
2489 return ieee80211_sta_find_ibss(sdata, ifsta);
2490 } 1891 }
2491 1892
2492 return 0; 1893 return ieee80211_sta_commit(sdata);
2493} 1894}
2494 1895
2495int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len) 1896int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
2496{ 1897{
2497 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1898 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2498 memcpy(ssid, ifsta->ssid, ifsta->ssid_len); 1899 memcpy(ssid, ifmgd->ssid, ifmgd->ssid_len);
2499 *len = ifsta->ssid_len; 1900 *len = ifmgd->ssid_len;
2500 return 0; 1901 return 0;
2501} 1902}
2502 1903
2503int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid) 1904int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
2504{ 1905{
2505 struct ieee80211_if_sta *ifsta; 1906 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2506 int res;
2507 1907
2508 ifsta = &sdata->u.sta; 1908 if (is_valid_ether_addr(bssid)) {
1909 memcpy(ifmgd->bssid, bssid, ETH_ALEN);
1910 ifmgd->flags |= IEEE80211_STA_BSSID_SET;
1911 } else {
1912 memset(ifmgd->bssid, 0, ETH_ALEN);
1913 ifmgd->flags &= ~IEEE80211_STA_BSSID_SET;
1914 }
2509 1915
2510 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) { 1916 if (netif_running(sdata->dev)) {
2511 memcpy(ifsta->bssid, bssid, ETH_ALEN); 1917 if (ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID)) {
2512 res = 0;
2513 /*
2514 * Hack! See also ieee80211_sta_set_ssid.
2515 */
2516 if (netif_running(sdata->dev))
2517 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
2518 if (res) {
2519 printk(KERN_DEBUG "%s: Failed to config new BSSID to " 1918 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2520 "the low-level driver\n", sdata->dev->name); 1919 "the low-level driver\n", sdata->dev->name);
2521 return res;
2522 } 1920 }
2523 } 1921 }
2524 1922
2525 if (is_valid_ether_addr(bssid)) 1923 return ieee80211_sta_commit(sdata);
2526 ifsta->flags |= IEEE80211_STA_BSSID_SET;
2527 else
2528 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
2529
2530 return 0;
2531} 1924}
2532 1925
2533int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, char *ie, size_t len) 1926int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, char *ie, size_t len)
2534{ 1927{
2535 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1928 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2536 1929
2537 kfree(ifsta->extra_ie); 1930 kfree(ifmgd->extra_ie);
2538 if (len == 0) { 1931 if (len == 0) {
2539 ifsta->extra_ie = NULL; 1932 ifmgd->extra_ie = NULL;
2540 ifsta->extra_ie_len = 0; 1933 ifmgd->extra_ie_len = 0;
2541 return 0; 1934 return 0;
2542 } 1935 }
2543 ifsta->extra_ie = kmalloc(len, GFP_KERNEL); 1936 ifmgd->extra_ie = kmalloc(len, GFP_KERNEL);
2544 if (!ifsta->extra_ie) { 1937 if (!ifmgd->extra_ie) {
2545 ifsta->extra_ie_len = 0; 1938 ifmgd->extra_ie_len = 0;
2546 return -ENOMEM; 1939 return -ENOMEM;
2547 } 1940 }
2548 memcpy(ifsta->extra_ie, ie, len); 1941 memcpy(ifmgd->extra_ie, ie, len);
2549 ifsta->extra_ie_len = len; 1942 ifmgd->extra_ie_len = len;
2550 return 0; 1943 return 0;
2551} 1944}
2552 1945
2553int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason) 1946int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason)
2554{ 1947{
2555 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2556
2557 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n", 1948 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
2558 sdata->dev->name, reason); 1949 sdata->dev->name, reason);
2559 1950
2560 if (sdata->vif.type != NL80211_IFTYPE_STATION && 1951 if (sdata->vif.type != NL80211_IFTYPE_STATION)
2561 sdata->vif.type != NL80211_IFTYPE_ADHOC)
2562 return -EINVAL; 1952 return -EINVAL;
2563 1953
2564 ieee80211_set_disassoc(sdata, ifsta, true, true, reason); 1954 ieee80211_set_disassoc(sdata, true, true, reason);
2565 return 0; 1955 return 0;
2566} 1956}
2567 1957
2568int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason) 1958int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2569{ 1959{
2570 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1960 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2571 1961
2572 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n", 1962 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
2573 sdata->dev->name, reason); 1963 sdata->dev->name, reason);
@@ -2575,10 +1965,10 @@ int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2575 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1965 if (sdata->vif.type != NL80211_IFTYPE_STATION)
2576 return -EINVAL; 1966 return -EINVAL;
2577 1967
2578 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED)) 1968 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED))
2579 return -1; 1969 return -ENOLINK;
2580 1970
2581 ieee80211_set_disassoc(sdata, ifsta, false, true, reason); 1971 ieee80211_set_disassoc(sdata, false, true, reason);
2582 return 0; 1972 return 0;
2583} 1973}
2584 1974
@@ -2586,15 +1976,6 @@ int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2586void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 1976void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
2587{ 1977{
2588 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 1978 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2589 struct ieee80211_if_sta *ifsta;
2590
2591 if (sdata && sdata->vif.type == NL80211_IFTYPE_ADHOC) {
2592 ifsta = &sdata->u.sta;
2593 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
2594 (!(ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED) &&
2595 !ieee80211_sta_active_ibss(sdata)))
2596 ieee80211_sta_find_ibss(sdata, ifsta);
2597 }
2598 1979
2599 /* Restart STA timers */ 1980 /* Restart STA timers */
2600 rcu_read_lock(); 1981 rcu_read_lock();
@@ -2623,12 +2004,15 @@ void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
2623 struct ieee80211_local *local = 2004 struct ieee80211_local *local =
2624 container_of(work, struct ieee80211_local, 2005 container_of(work, struct ieee80211_local,
2625 dynamic_ps_enable_work); 2006 dynamic_ps_enable_work);
2007 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2626 2008
2627 if (local->hw.conf.flags & IEEE80211_CONF_PS) 2009 if (local->hw.conf.flags & IEEE80211_CONF_PS)
2628 return; 2010 return;
2629 2011
2630 local->hw.conf.flags |= IEEE80211_CONF_PS; 2012 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
2013 ieee80211_send_nullfunc(local, sdata, 1);
2631 2014
2015 local->hw.conf.flags |= IEEE80211_CONF_PS;
2632 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 2016 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
2633} 2017}
2634 2018
@@ -2638,3 +2022,36 @@ void ieee80211_dynamic_ps_timer(unsigned long data)
2638 2022
2639 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work); 2023 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work);
2640} 2024}
2025
2026void ieee80211_send_nullfunc(struct ieee80211_local *local,
2027 struct ieee80211_sub_if_data *sdata,
2028 int powersave)
2029{
2030 struct sk_buff *skb;
2031 struct ieee80211_hdr *nullfunc;
2032 __le16 fc;
2033
2034 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2035 return;
2036
2037 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
2038 if (!skb) {
2039 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
2040 "frame\n", sdata->dev->name);
2041 return;
2042 }
2043 skb_reserve(skb, local->hw.extra_tx_headroom);
2044
2045 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
2046 memset(nullfunc, 0, 24);
2047 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
2048 IEEE80211_FCTL_TODS);
2049 if (powersave)
2050 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
2051 nullfunc->frame_control = fc;
2052 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
2053 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
2054 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
2055
2056 ieee80211_tx_skb(sdata, skb, 0);
2057}
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
new file mode 100644
index 000000000000..44525f517077
--- /dev/null
+++ b/net/mac80211/pm.c
@@ -0,0 +1,117 @@
1#include <net/mac80211.h>
2#include <net/rtnetlink.h>
3
4#include "ieee80211_i.h"
5#include "led.h"
6
7int __ieee80211_suspend(struct ieee80211_hw *hw)
8{
9 struct ieee80211_local *local = hw_to_local(hw);
10 struct ieee80211_sub_if_data *sdata;
11 struct ieee80211_if_init_conf conf;
12 struct sta_info *sta;
13
14 flush_workqueue(local->hw.workqueue);
15
16 /* disable keys */
17 list_for_each_entry(sdata, &local->interfaces, list)
18 ieee80211_disable_keys(sdata);
19
20 /* remove STAs */
21 list_for_each_entry(sta, &local->sta_list, list) {
22
23 if (local->ops->sta_notify) {
24 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
25 sdata = container_of(sdata->bss,
26 struct ieee80211_sub_if_data,
27 u.ap);
28
29 local->ops->sta_notify(hw, &sdata->vif,
30 STA_NOTIFY_REMOVE, &sta->sta);
31 }
32 }
33
34 /* remove all interfaces */
35 list_for_each_entry(sdata, &local->interfaces, list) {
36
37 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
38 sdata->vif.type != NL80211_IFTYPE_MONITOR &&
39 netif_running(sdata->dev)) {
40 conf.vif = &sdata->vif;
41 conf.type = sdata->vif.type;
42 conf.mac_addr = sdata->dev->dev_addr;
43 local->ops->remove_interface(hw, &conf);
44 }
45 }
46
47 /* flush again, in case driver queued work */
48 flush_workqueue(local->hw.workqueue);
49
50 /* stop hardware */
51 if (local->open_count) {
52 ieee80211_led_radio(local, false);
53 local->ops->stop(hw);
54 }
55 return 0;
56}
57
58int __ieee80211_resume(struct ieee80211_hw *hw)
59{
60 struct ieee80211_local *local = hw_to_local(hw);
61 struct ieee80211_sub_if_data *sdata;
62 struct ieee80211_if_init_conf conf;
63 struct sta_info *sta;
64 int res;
65
66 /* restart hardware */
67 if (local->open_count) {
68 res = local->ops->start(hw);
69
70 ieee80211_led_radio(local, hw->conf.radio_enabled);
71 }
72
73 /* add interfaces */
74 list_for_each_entry(sdata, &local->interfaces, list) {
75
76 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
77 sdata->vif.type != NL80211_IFTYPE_MONITOR &&
78 netif_running(sdata->dev)) {
79 conf.vif = &sdata->vif;
80 conf.type = sdata->vif.type;
81 conf.mac_addr = sdata->dev->dev_addr;
82 res = local->ops->add_interface(hw, &conf);
83 }
84 }
85
86 /* add STAs back */
87 list_for_each_entry(sta, &local->sta_list, list) {
88
89 if (local->ops->sta_notify) {
90 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
91 sdata = container_of(sdata->bss,
92 struct ieee80211_sub_if_data,
93 u.ap);
94
95 local->ops->sta_notify(hw, &sdata->vif,
96 STA_NOTIFY_ADD, &sta->sta);
97 }
98 }
99
100 /* add back keys */
101 list_for_each_entry(sdata, &local->interfaces, list)
102 if (netif_running(sdata->dev))
103 ieee80211_enable_keys(sdata);
104
105 /* setup RTS threshold */
106 if (local->ops->set_rts_threshold)
107 local->ops->set_rts_threshold(hw, local->rts_threshold);
108
109 /* reconfigure hardware */
110 ieee80211_hw_config(local, ~0);
111
112 netif_addr_lock_bh(local->mdev);
113 ieee80211_configure_filter(local);
114 netif_addr_unlock_bh(local->mdev);
115
116 return 0;
117}
diff --git a/net/mac80211/rate.h b/net/mac80211/rate.h
index 928da625e281..b9164c9a9563 100644
--- a/net/mac80211/rate.h
+++ b/net/mac80211/rate.h
@@ -62,6 +62,18 @@ static inline void rate_control_rate_init(struct sta_info *sta)
62 ref->ops->rate_init(ref->priv, sband, ista, priv_sta); 62 ref->ops->rate_init(ref->priv, sband, ista, priv_sta);
63} 63}
64 64
65static inline void rate_control_rate_update(struct ieee80211_local *local,
66 struct ieee80211_supported_band *sband,
67 struct sta_info *sta, u32 changed)
68{
69 struct rate_control_ref *ref = local->rate_ctrl;
70 struct ieee80211_sta *ista = &sta->sta;
71 void *priv_sta = sta->rate_ctrl_priv;
72
73 if (ref->ops->rate_update)
74 ref->ops->rate_update(ref->priv, sband, ista,
75 priv_sta, changed);
76}
65 77
66static inline void *rate_control_alloc_sta(struct rate_control_ref *ref, 78static inline void *rate_control_alloc_sta(struct rate_control_ref *ref,
67 struct ieee80211_sta *sta, 79 struct ieee80211_sta *sta,
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 7175ae80c36a..66f7ecf51b92 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -86,8 +86,7 @@ ieee80211_rx_radiotap_len(struct ieee80211_local *local,
86 86
87 if (status->flag & RX_FLAG_TSFT) 87 if (status->flag & RX_FLAG_TSFT)
88 len += 8; 88 len += 8;
89 if (local->hw.flags & IEEE80211_HW_SIGNAL_DB || 89 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
90 local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
91 len += 1; 90 len += 1;
92 if (local->hw.flags & IEEE80211_HW_NOISE_DBM) 91 if (local->hw.flags & IEEE80211_HW_NOISE_DBM)
93 len += 1; 92 len += 1;
@@ -102,7 +101,7 @@ ieee80211_rx_radiotap_len(struct ieee80211_local *local,
102 return len; 101 return len;
103} 102}
104 103
105/** 104/*
106 * ieee80211_add_rx_radiotap_header - add radiotap header 105 * ieee80211_add_rx_radiotap_header - add radiotap header
107 * 106 *
108 * add a radiotap header containing all the fields which the hardware provided. 107 * add a radiotap header containing all the fields which the hardware provided.
@@ -158,7 +157,7 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
158 */ 157 */
159 *pos = 0; 158 *pos = 0;
160 } else { 159 } else {
161 rthdr->it_present |= (1 << IEEE80211_RADIOTAP_RATE); 160 rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_RATE);
162 *pos = rate->bitrate / 5; 161 *pos = rate->bitrate / 5;
163 } 162 }
164 pos++; 163 pos++;
@@ -199,14 +198,6 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
199 *pos = status->antenna; 198 *pos = status->antenna;
200 pos++; 199 pos++;
201 200
202 /* IEEE80211_RADIOTAP_DB_ANTSIGNAL */
203 if (local->hw.flags & IEEE80211_HW_SIGNAL_DB) {
204 *pos = status->signal;
205 rthdr->it_present |=
206 cpu_to_le32(1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL);
207 pos++;
208 }
209
210 /* IEEE80211_RADIOTAP_DB_ANTNOISE is not used */ 201 /* IEEE80211_RADIOTAP_DB_ANTNOISE is not used */
211 202
212 /* IEEE80211_RADIOTAP_RX_FLAGS */ 203 /* IEEE80211_RADIOTAP_RX_FLAGS */
@@ -371,39 +362,50 @@ static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
371 rx->skb->priority = (tid > 7) ? 0 : tid; 362 rx->skb->priority = (tid > 7) ? 0 : tid;
372} 363}
373 364
374static void ieee80211_verify_ip_alignment(struct ieee80211_rx_data *rx) 365/**
366 * DOC: Packet alignment
367 *
368 * Drivers always need to pass packets that are aligned to two-byte boundaries
369 * to the stack.
370 *
371 * Additionally, should, if possible, align the payload data in a way that
372 * guarantees that the contained IP header is aligned to a four-byte
373 * boundary. In the case of regular frames, this simply means aligning the
374 * payload to a four-byte boundary (because either the IP header is directly
375 * contained, or IV/RFC1042 headers that have a length divisible by four are
376 * in front of it).
377 *
378 * With A-MSDU frames, however, the payload data address must yield two modulo
379 * four because there are 14-byte 802.3 headers within the A-MSDU frames that
380 * push the IP header further back to a multiple of four again. Thankfully, the
381 * specs were sane enough this time around to require padding each A-MSDU
382 * subframe to a length that is a multiple of four.
383 *
384 * Padding like Atheros hardware adds which is inbetween the 802.11 header and
385 * the payload is not supported, the driver is required to move the 802.11
386 * header to be directly in front of the payload in that case.
387 */
388static void ieee80211_verify_alignment(struct ieee80211_rx_data *rx)
375{ 389{
376#ifdef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT
377 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 390 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
378 int hdrlen; 391 int hdrlen;
379 392
393#ifndef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT
394 return;
395#endif
396
397 if (WARN_ONCE((unsigned long)rx->skb->data & 1,
398 "unaligned packet at 0x%p\n", rx->skb->data))
399 return;
400
380 if (!ieee80211_is_data_present(hdr->frame_control)) 401 if (!ieee80211_is_data_present(hdr->frame_control))
381 return; 402 return;
382 403
383 /*
384 * Drivers are required to align the payload data in a way that
385 * guarantees that the contained IP header is aligned to a four-
386 * byte boundary. In the case of regular frames, this simply means
387 * aligning the payload to a four-byte boundary (because either
388 * the IP header is directly contained, or IV/RFC1042 headers that
389 * have a length divisible by four are in front of it.
390 *
391 * With A-MSDU frames, however, the payload data address must
392 * yield two modulo four because there are 14-byte 802.3 headers
393 * within the A-MSDU frames that push the IP header further back
394 * to a multiple of four again. Thankfully, the specs were sane
395 * enough this time around to require padding each A-MSDU subframe
396 * to a length that is a multiple of four.
397 *
398 * Padding like atheros hardware adds which is inbetween the 802.11
399 * header and the payload is not supported, the driver is required
400 * to move the 802.11 header further back in that case.
401 */
402 hdrlen = ieee80211_hdrlen(hdr->frame_control); 404 hdrlen = ieee80211_hdrlen(hdr->frame_control);
403 if (rx->flags & IEEE80211_RX_AMSDU) 405 if (rx->flags & IEEE80211_RX_AMSDU)
404 hdrlen += ETH_HLEN; 406 hdrlen += ETH_HLEN;
405 WARN_ON_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3); 407 WARN_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3,
406#endif 408 "unaligned IP payload at 0x%p\n", rx->skb->data + hdrlen);
407} 409}
408 410
409 411
@@ -435,6 +437,52 @@ ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
435 return RX_CONTINUE; 437 return RX_CONTINUE;
436} 438}
437 439
440
441static int ieee80211_is_unicast_robust_mgmt_frame(struct sk_buff *skb)
442{
443 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
444
445 if (skb->len < 24 || is_multicast_ether_addr(hdr->addr1))
446 return 0;
447
448 return ieee80211_is_robust_mgmt_frame(hdr);
449}
450
451
452static int ieee80211_is_multicast_robust_mgmt_frame(struct sk_buff *skb)
453{
454 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
455
456 if (skb->len < 24 || !is_multicast_ether_addr(hdr->addr1))
457 return 0;
458
459 return ieee80211_is_robust_mgmt_frame(hdr);
460}
461
462
463/* Get the BIP key index from MMIE; return -1 if this is not a BIP frame */
464static int ieee80211_get_mmie_keyidx(struct sk_buff *skb)
465{
466 struct ieee80211_mgmt *hdr = (struct ieee80211_mgmt *) skb->data;
467 struct ieee80211_mmie *mmie;
468
469 if (skb->len < 24 + sizeof(*mmie) ||
470 !is_multicast_ether_addr(hdr->da))
471 return -1;
472
473 if (!ieee80211_is_robust_mgmt_frame((struct ieee80211_hdr *) hdr))
474 return -1; /* not a robust management frame */
475
476 mmie = (struct ieee80211_mmie *)
477 (skb->data + skb->len - sizeof(*mmie));
478 if (mmie->element_id != WLAN_EID_MMIE ||
479 mmie->length != sizeof(*mmie) - 2)
480 return -1;
481
482 return le16_to_cpu(mmie->key_id);
483}
484
485
438static ieee80211_rx_result 486static ieee80211_rx_result
439ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx) 487ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx)
440{ 488{
@@ -550,21 +598,23 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
550 int hdrlen; 598 int hdrlen;
551 ieee80211_rx_result result = RX_DROP_UNUSABLE; 599 ieee80211_rx_result result = RX_DROP_UNUSABLE;
552 struct ieee80211_key *stakey = NULL; 600 struct ieee80211_key *stakey = NULL;
601 int mmie_keyidx = -1;
553 602
554 /* 603 /*
555 * Key selection 101 604 * Key selection 101
556 * 605 *
557 * There are three types of keys: 606 * There are four types of keys:
558 * - GTK (group keys) 607 * - GTK (group keys)
608 * - IGTK (group keys for management frames)
559 * - PTK (pairwise keys) 609 * - PTK (pairwise keys)
560 * - STK (station-to-station pairwise keys) 610 * - STK (station-to-station pairwise keys)
561 * 611 *
562 * When selecting a key, we have to distinguish between multicast 612 * When selecting a key, we have to distinguish between multicast
563 * (including broadcast) and unicast frames, the latter can only 613 * (including broadcast) and unicast frames, the latter can only
564 * use PTKs and STKs while the former always use GTKs. Unless, of 614 * use PTKs and STKs while the former always use GTKs and IGTKs.
565 * course, actual WEP keys ("pre-RSNA") are used, then unicast 615 * Unless, of course, actual WEP keys ("pre-RSNA") are used, then
566 * frames can also use key indizes like GTKs. Hence, if we don't 616 * unicast frames can also use key indices like GTKs. Hence, if we
567 * have a PTK/STK we check the key index for a WEP key. 617 * don't have a PTK/STK we check the key index for a WEP key.
568 * 618 *
569 * Note that in a regular BSS, multicast frames are sent by the 619 * Note that in a regular BSS, multicast frames are sent by the
570 * AP only, associated stations unicast the frame to the AP first 620 * AP only, associated stations unicast the frame to the AP first
@@ -577,8 +627,14 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
577 * possible. 627 * possible.
578 */ 628 */
579 629
580 if (!ieee80211_has_protected(hdr->frame_control)) 630 if (!ieee80211_has_protected(hdr->frame_control)) {
581 return RX_CONTINUE; 631 if (!ieee80211_is_mgmt(hdr->frame_control) ||
632 rx->sta == NULL || !test_sta_flags(rx->sta, WLAN_STA_MFP))
633 return RX_CONTINUE;
634 mmie_keyidx = ieee80211_get_mmie_keyidx(rx->skb);
635 if (mmie_keyidx < 0)
636 return RX_CONTINUE;
637 }
582 638
583 /* 639 /*
584 * No point in finding a key and decrypting if the frame is neither 640 * No point in finding a key and decrypting if the frame is neither
@@ -592,6 +648,16 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
592 648
593 if (!is_multicast_ether_addr(hdr->addr1) && stakey) { 649 if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
594 rx->key = stakey; 650 rx->key = stakey;
651 } else if (mmie_keyidx >= 0) {
652 /* Broadcast/multicast robust management frame / BIP */
653 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
654 (rx->status->flag & RX_FLAG_IV_STRIPPED))
655 return RX_CONTINUE;
656
657 if (mmie_keyidx < NUM_DEFAULT_KEYS ||
658 mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
659 return RX_DROP_MONITOR; /* unexpected BIP keyidx */
660 rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]);
595 } else { 661 } else {
596 /* 662 /*
597 * The device doesn't give us the IV so we won't be 663 * The device doesn't give us the IV so we won't be
@@ -654,6 +720,9 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
654 case ALG_CCMP: 720 case ALG_CCMP:
655 result = ieee80211_crypto_ccmp_decrypt(rx); 721 result = ieee80211_crypto_ccmp_decrypt(rx);
656 break; 722 break;
723 case ALG_AES_CMAC:
724 result = ieee80211_crypto_aes_cmac_decrypt(rx);
725 break;
657 } 726 }
658 727
659 /* either the frame has been decrypted or will be dropped */ 728 /* either the frame has been decrypted or will be dropped */
@@ -662,6 +731,39 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
662 return result; 731 return result;
663} 732}
664 733
734static ieee80211_rx_result debug_noinline
735ieee80211_rx_h_check_more_data(struct ieee80211_rx_data *rx)
736{
737 struct ieee80211_local *local;
738 struct ieee80211_hdr *hdr;
739 struct sk_buff *skb;
740
741 local = rx->local;
742 skb = rx->skb;
743 hdr = (struct ieee80211_hdr *) skb->data;
744
745 if (!local->pspolling)
746 return RX_CONTINUE;
747
748 if (!ieee80211_has_fromds(hdr->frame_control))
749 /* this is not from AP */
750 return RX_CONTINUE;
751
752 if (!ieee80211_is_data(hdr->frame_control))
753 return RX_CONTINUE;
754
755 if (!ieee80211_has_moredata(hdr->frame_control)) {
756 /* AP has no more frames buffered for us */
757 local->pspolling = false;
758 return RX_CONTINUE;
759 }
760
761 /* more data bit is set, let's request a new frame from the AP */
762 ieee80211_send_pspoll(local, rx->sdata);
763
764 return RX_CONTINUE;
765}
766
665static void ap_sta_ps_start(struct sta_info *sta) 767static void ap_sta_ps_start(struct sta_info *sta)
666{ 768{
667 struct ieee80211_sub_if_data *sdata = sta->sdata; 769 struct ieee80211_sub_if_data *sdata = sta->sdata;
@@ -736,7 +838,7 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
736 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) { 838 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) {
737 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len, 839 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len,
738 NL80211_IFTYPE_ADHOC); 840 NL80211_IFTYPE_ADHOC);
739 if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0) 841 if (compare_ether_addr(bssid, rx->sdata->u.ibss.bssid) == 0)
740 sta->last_rx = jiffies; 842 sta->last_rx = jiffies;
741 } else 843 } else
742 if (!is_multicast_ether_addr(hdr->addr1) || 844 if (!is_multicast_ether_addr(hdr->addr1) ||
@@ -1101,6 +1203,15 @@ ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx, __le16 fc)
1101 /* Drop unencrypted frames if key is set. */ 1203 /* Drop unencrypted frames if key is set. */
1102 if (unlikely(!ieee80211_has_protected(fc) && 1204 if (unlikely(!ieee80211_has_protected(fc) &&
1103 !ieee80211_is_nullfunc(fc) && 1205 !ieee80211_is_nullfunc(fc) &&
1206 (!ieee80211_is_mgmt(fc) ||
1207 (ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1208 rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP))) &&
1209 (rx->key || rx->sdata->drop_unencrypted)))
1210 return -EACCES;
1211 /* BIP does not use Protected field, so need to check MMIE */
1212 if (unlikely(rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP) &&
1213 ieee80211_is_multicast_robust_mgmt_frame(rx->skb) &&
1214 ieee80211_get_mmie_keyidx(rx->skb) < 0 &&
1104 (rx->key || rx->sdata->drop_unencrypted))) 1215 (rx->key || rx->sdata->drop_unencrypted)))
1105 return -EACCES; 1216 return -EACCES;
1106 1217
@@ -1138,12 +1249,12 @@ ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1138 1249
1139 switch (hdr->frame_control & 1250 switch (hdr->frame_control &
1140 cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) { 1251 cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
1141 case __constant_cpu_to_le16(IEEE80211_FCTL_TODS): 1252 case cpu_to_le16(IEEE80211_FCTL_TODS):
1142 if (unlikely(sdata->vif.type != NL80211_IFTYPE_AP && 1253 if (unlikely(sdata->vif.type != NL80211_IFTYPE_AP &&
1143 sdata->vif.type != NL80211_IFTYPE_AP_VLAN)) 1254 sdata->vif.type != NL80211_IFTYPE_AP_VLAN))
1144 return -1; 1255 return -1;
1145 break; 1256 break;
1146 case __constant_cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS): 1257 case cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
1147 if (unlikely(sdata->vif.type != NL80211_IFTYPE_WDS && 1258 if (unlikely(sdata->vif.type != NL80211_IFTYPE_WDS &&
1148 sdata->vif.type != NL80211_IFTYPE_MESH_POINT)) 1259 sdata->vif.type != NL80211_IFTYPE_MESH_POINT))
1149 return -1; 1260 return -1;
@@ -1157,13 +1268,13 @@ ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1157 } 1268 }
1158 } 1269 }
1159 break; 1270 break;
1160 case __constant_cpu_to_le16(IEEE80211_FCTL_FROMDS): 1271 case cpu_to_le16(IEEE80211_FCTL_FROMDS):
1161 if (sdata->vif.type != NL80211_IFTYPE_STATION || 1272 if (sdata->vif.type != NL80211_IFTYPE_STATION ||
1162 (is_multicast_ether_addr(dst) && 1273 (is_multicast_ether_addr(dst) &&
1163 !compare_ether_addr(src, dev->dev_addr))) 1274 !compare_ether_addr(src, dev->dev_addr)))
1164 return -1; 1275 return -1;
1165 break; 1276 break;
1166 case __constant_cpu_to_le16(0): 1277 case cpu_to_le16(0):
1167 if (sdata->vif.type != NL80211_IFTYPE_ADHOC) 1278 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
1168 return -1; 1279 return -1;
1169 break; 1280 break;
@@ -1267,10 +1378,37 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1267 } 1378 }
1268 1379
1269 if (skb) { 1380 if (skb) {
1270 /* deliver to local stack */ 1381 int align __maybe_unused;
1271 skb->protocol = eth_type_trans(skb, dev); 1382
1272 memset(skb->cb, 0, sizeof(skb->cb)); 1383#if defined(CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT) || !defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)
1273 netif_rx(skb); 1384 /*
1385 * 'align' will only take the values 0 or 2 here
1386 * since all frames are required to be aligned
1387 * to 2-byte boundaries when being passed to
1388 * mac80211. That also explains the __skb_push()
1389 * below.
1390 */
1391 align = (unsigned long)skb->data & 4;
1392 if (align) {
1393 if (WARN_ON(skb_headroom(skb) < 3)) {
1394 dev_kfree_skb(skb);
1395 skb = NULL;
1396 } else {
1397 u8 *data = skb->data;
1398 size_t len = skb->len;
1399 u8 *new = __skb_push(skb, align);
1400 memmove(new, data, len);
1401 __skb_trim(skb, len);
1402 }
1403 }
1404#endif
1405
1406 if (skb) {
1407 /* deliver to local stack */
1408 skb->protocol = eth_type_trans(skb, dev);
1409 memset(skb->cb, 0, sizeof(skb->cb));
1410 netif_rx(skb);
1411 }
1274 } 1412 }
1275 1413
1276 if (xmit_skb) { 1414 if (xmit_skb) {
@@ -1339,14 +1477,20 @@ ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1339 if (remaining <= subframe_len + padding) 1477 if (remaining <= subframe_len + padding)
1340 frame = skb; 1478 frame = skb;
1341 else { 1479 else {
1342 frame = dev_alloc_skb(local->hw.extra_tx_headroom + 1480 /*
1343 subframe_len); 1481 * Allocate and reserve two bytes more for payload
1482 * alignment since sizeof(struct ethhdr) is 14.
1483 */
1484 frame = dev_alloc_skb(
1485 ALIGN(local->hw.extra_tx_headroom, 4) +
1486 subframe_len + 2);
1344 1487
1345 if (frame == NULL) 1488 if (frame == NULL)
1346 return RX_DROP_UNUSABLE; 1489 return RX_DROP_UNUSABLE;
1347 1490
1348 skb_reserve(frame, local->hw.extra_tx_headroom + 1491 skb_reserve(frame,
1349 sizeof(struct ethhdr)); 1492 ALIGN(local->hw.extra_tx_headroom, 4) +
1493 sizeof(struct ethhdr) + 2);
1350 memcpy(skb_put(frame, ntohs(len)), skb->data, 1494 memcpy(skb_put(frame, ntohs(len)), skb->data,
1351 ntohs(len)); 1495 ntohs(len));
1352 1496
@@ -1529,11 +1673,9 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1529 start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4; 1673 start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4;
1530 1674
1531 /* reset session timer */ 1675 /* reset session timer */
1532 if (tid_agg_rx->timeout) { 1676 if (tid_agg_rx->timeout)
1533 unsigned long expires = 1677 mod_timer(&tid_agg_rx->session_timer,
1534 jiffies + (tid_agg_rx->timeout / 1000) * HZ; 1678 TU_TO_EXP_TIME(tid_agg_rx->timeout));
1535 mod_timer(&tid_agg_rx->session_timer, expires);
1536 }
1537 1679
1538 /* manage reordering buffer according to requested */ 1680 /* manage reordering buffer according to requested */
1539 /* sequence number */ 1681 /* sequence number */
@@ -1547,12 +1689,64 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1547 return RX_CONTINUE; 1689 return RX_CONTINUE;
1548} 1690}
1549 1691
1692static void ieee80211_process_sa_query_req(struct ieee80211_sub_if_data *sdata,
1693 struct ieee80211_mgmt *mgmt,
1694 size_t len)
1695{
1696 struct ieee80211_local *local = sdata->local;
1697 struct sk_buff *skb;
1698 struct ieee80211_mgmt *resp;
1699
1700 if (compare_ether_addr(mgmt->da, sdata->dev->dev_addr) != 0) {
1701 /* Not to own unicast address */
1702 return;
1703 }
1704
1705 if (compare_ether_addr(mgmt->sa, sdata->u.mgd.bssid) != 0 ||
1706 compare_ether_addr(mgmt->bssid, sdata->u.mgd.bssid) != 0) {
1707 /* Not from the current AP. */
1708 return;
1709 }
1710
1711 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATE) {
1712 /* Association in progress; ignore SA Query */
1713 return;
1714 }
1715
1716 if (len < 24 + 1 + sizeof(resp->u.action.u.sa_query)) {
1717 /* Too short SA Query request frame */
1718 return;
1719 }
1720
1721 skb = dev_alloc_skb(sizeof(*resp) + local->hw.extra_tx_headroom);
1722 if (skb == NULL)
1723 return;
1724
1725 skb_reserve(skb, local->hw.extra_tx_headroom);
1726 resp = (struct ieee80211_mgmt *) skb_put(skb, 24);
1727 memset(resp, 0, 24);
1728 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1729 memcpy(resp->sa, sdata->dev->dev_addr, ETH_ALEN);
1730 memcpy(resp->bssid, sdata->u.mgd.bssid, ETH_ALEN);
1731 resp->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1732 IEEE80211_STYPE_ACTION);
1733 skb_put(skb, 1 + sizeof(resp->u.action.u.sa_query));
1734 resp->u.action.category = WLAN_CATEGORY_SA_QUERY;
1735 resp->u.action.u.sa_query.action = WLAN_ACTION_SA_QUERY_RESPONSE;
1736 memcpy(resp->u.action.u.sa_query.trans_id,
1737 mgmt->u.action.u.sa_query.trans_id,
1738 WLAN_SA_QUERY_TR_ID_LEN);
1739
1740 ieee80211_tx_skb(sdata, skb, 1);
1741}
1742
1550static ieee80211_rx_result debug_noinline 1743static ieee80211_rx_result debug_noinline
1551ieee80211_rx_h_action(struct ieee80211_rx_data *rx) 1744ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1552{ 1745{
1553 struct ieee80211_local *local = rx->local; 1746 struct ieee80211_local *local = rx->local;
1554 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1747 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1555 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 1748 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1749 struct ieee80211_bss *bss;
1556 int len = rx->skb->len; 1750 int len = rx->skb->len;
1557 1751
1558 if (!ieee80211_is_action(mgmt->frame_control)) 1752 if (!ieee80211_is_action(mgmt->frame_control))
@@ -1564,12 +1758,26 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1564 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1758 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
1565 return RX_DROP_MONITOR; 1759 return RX_DROP_MONITOR;
1566 1760
1761 if (ieee80211_drop_unencrypted(rx, mgmt->frame_control))
1762 return RX_DROP_MONITOR;
1763
1567 /* all categories we currently handle have action_code */ 1764 /* all categories we currently handle have action_code */
1568 if (len < IEEE80211_MIN_ACTION_SIZE + 1) 1765 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
1569 return RX_DROP_MONITOR; 1766 return RX_DROP_MONITOR;
1570 1767
1571 switch (mgmt->u.action.category) { 1768 switch (mgmt->u.action.category) {
1572 case WLAN_CATEGORY_BACK: 1769 case WLAN_CATEGORY_BACK:
1770 /*
1771 * The aggregation code is not prepared to handle
1772 * anything but STA/AP due to the BSSID handling;
1773 * IBSS could work in the code but isn't supported
1774 * by drivers or the standard.
1775 */
1776 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
1777 sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
1778 sdata->vif.type != NL80211_IFTYPE_AP)
1779 return RX_DROP_MONITOR;
1780
1573 switch (mgmt->u.action.u.addba_req.action_code) { 1781 switch (mgmt->u.action.u.addba_req.action_code) {
1574 case WLAN_ACTION_ADDBA_REQ: 1782 case WLAN_ACTION_ADDBA_REQ:
1575 if (len < (IEEE80211_MIN_ACTION_SIZE + 1783 if (len < (IEEE80211_MIN_ACTION_SIZE +
@@ -1594,6 +1802,10 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1594 case WLAN_CATEGORY_SPECTRUM_MGMT: 1802 case WLAN_CATEGORY_SPECTRUM_MGMT:
1595 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ) 1803 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ)
1596 return RX_DROP_MONITOR; 1804 return RX_DROP_MONITOR;
1805
1806 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1807 return RX_DROP_MONITOR;
1808
1597 switch (mgmt->u.action.u.measurement.action_code) { 1809 switch (mgmt->u.action.u.measurement.action_code) {
1598 case WLAN_ACTION_SPCT_MSR_REQ: 1810 case WLAN_ACTION_SPCT_MSR_REQ:
1599 if (len < (IEEE80211_MIN_ACTION_SIZE + 1811 if (len < (IEEE80211_MIN_ACTION_SIZE +
@@ -1601,6 +1813,43 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1601 return RX_DROP_MONITOR; 1813 return RX_DROP_MONITOR;
1602 ieee80211_process_measurement_req(sdata, mgmt, len); 1814 ieee80211_process_measurement_req(sdata, mgmt, len);
1603 break; 1815 break;
1816 case WLAN_ACTION_SPCT_CHL_SWITCH:
1817 if (len < (IEEE80211_MIN_ACTION_SIZE +
1818 sizeof(mgmt->u.action.u.chan_switch)))
1819 return RX_DROP_MONITOR;
1820
1821 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN))
1822 return RX_DROP_MONITOR;
1823
1824 bss = ieee80211_rx_bss_get(local, sdata->u.mgd.bssid,
1825 local->hw.conf.channel->center_freq,
1826 sdata->u.mgd.ssid,
1827 sdata->u.mgd.ssid_len);
1828 if (!bss)
1829 return RX_DROP_MONITOR;
1830
1831 ieee80211_process_chanswitch(sdata,
1832 &mgmt->u.action.u.chan_switch.sw_elem, bss);
1833 ieee80211_rx_bss_put(local, bss);
1834 break;
1835 }
1836 break;
1837 case WLAN_CATEGORY_SA_QUERY:
1838 if (len < (IEEE80211_MIN_ACTION_SIZE +
1839 sizeof(mgmt->u.action.u.sa_query)))
1840 return RX_DROP_MONITOR;
1841 switch (mgmt->u.action.u.sa_query.action) {
1842 case WLAN_ACTION_SA_QUERY_REQUEST:
1843 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1844 return RX_DROP_MONITOR;
1845 ieee80211_process_sa_query_req(sdata, mgmt, len);
1846 break;
1847 case WLAN_ACTION_SA_QUERY_RESPONSE:
1848 /*
1849 * SA Query response is currently only used in AP mode
1850 * and it is processed in user space.
1851 */
1852 return RX_CONTINUE;
1604 } 1853 }
1605 break; 1854 break;
1606 default: 1855 default:
@@ -1616,10 +1865,14 @@ static ieee80211_rx_result debug_noinline
1616ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx) 1865ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
1617{ 1866{
1618 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1867 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1868 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1619 1869
1620 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1870 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
1621 return RX_DROP_MONITOR; 1871 return RX_DROP_MONITOR;
1622 1872
1873 if (ieee80211_drop_unencrypted(rx, mgmt->frame_control))
1874 return RX_DROP_MONITOR;
1875
1623 if (ieee80211_vif_is_mesh(&sdata->vif)) 1876 if (ieee80211_vif_is_mesh(&sdata->vif))
1624 return ieee80211_mesh_rx_mgmt(sdata, rx->skb, rx->status); 1877 return ieee80211_mesh_rx_mgmt(sdata, rx->skb, rx->status);
1625 1878
@@ -1627,11 +1880,14 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
1627 sdata->vif.type != NL80211_IFTYPE_ADHOC) 1880 sdata->vif.type != NL80211_IFTYPE_ADHOC)
1628 return RX_DROP_MONITOR; 1881 return RX_DROP_MONITOR;
1629 1882
1630 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME)
1631 return RX_DROP_MONITOR;
1632 1883
1633 ieee80211_sta_rx_mgmt(sdata, rx->skb, rx->status); 1884 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
1634 return RX_QUEUED; 1885 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME)
1886 return RX_DROP_MONITOR;
1887 return ieee80211_sta_rx_mgmt(sdata, rx->skb, rx->status);
1888 }
1889
1890 return ieee80211_ibss_rx_mgmt(sdata, rx->skb, rx->status);
1635} 1891}
1636 1892
1637static void ieee80211_rx_michael_mic_report(struct net_device *dev, 1893static void ieee80211_rx_michael_mic_report(struct net_device *dev,
@@ -1780,6 +2036,7 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
1780 CALL_RXH(ieee80211_rx_h_passive_scan) 2036 CALL_RXH(ieee80211_rx_h_passive_scan)
1781 CALL_RXH(ieee80211_rx_h_check) 2037 CALL_RXH(ieee80211_rx_h_check)
1782 CALL_RXH(ieee80211_rx_h_decrypt) 2038 CALL_RXH(ieee80211_rx_h_decrypt)
2039 CALL_RXH(ieee80211_rx_h_check_more_data)
1783 CALL_RXH(ieee80211_rx_h_sta_process) 2040 CALL_RXH(ieee80211_rx_h_sta_process)
1784 CALL_RXH(ieee80211_rx_h_defragment) 2041 CALL_RXH(ieee80211_rx_h_defragment)
1785 CALL_RXH(ieee80211_rx_h_ps_poll) 2042 CALL_RXH(ieee80211_rx_h_ps_poll)
@@ -1823,16 +2080,17 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
1823/* main receive path */ 2080/* main receive path */
1824 2081
1825static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata, 2082static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1826 u8 *bssid, struct ieee80211_rx_data *rx, 2083 struct ieee80211_rx_data *rx,
1827 struct ieee80211_hdr *hdr) 2084 struct ieee80211_hdr *hdr)
1828{ 2085{
2086 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len, sdata->vif.type);
1829 int multicast = is_multicast_ether_addr(hdr->addr1); 2087 int multicast = is_multicast_ether_addr(hdr->addr1);
1830 2088
1831 switch (sdata->vif.type) { 2089 switch (sdata->vif.type) {
1832 case NL80211_IFTYPE_STATION: 2090 case NL80211_IFTYPE_STATION:
1833 if (!bssid) 2091 if (!bssid)
1834 return 0; 2092 return 0;
1835 if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 2093 if (!ieee80211_bssid_match(bssid, sdata->u.mgd.bssid)) {
1836 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2094 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1837 return 0; 2095 return 0;
1838 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2096 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -1850,7 +2108,7 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1850 if (ieee80211_is_beacon(hdr->frame_control)) { 2108 if (ieee80211_is_beacon(hdr->frame_control)) {
1851 return 1; 2109 return 1;
1852 } 2110 }
1853 else if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 2111 else if (!ieee80211_bssid_match(bssid, sdata->u.ibss.bssid)) {
1854 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2112 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1855 return 0; 2113 return 0;
1856 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2114 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -1928,7 +2186,6 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1928 int prepares; 2186 int prepares;
1929 struct ieee80211_sub_if_data *prev = NULL; 2187 struct ieee80211_sub_if_data *prev = NULL;
1930 struct sk_buff *skb_new; 2188 struct sk_buff *skb_new;
1931 u8 *bssid;
1932 2189
1933 hdr = (struct ieee80211_hdr *)skb->data; 2190 hdr = (struct ieee80211_hdr *)skb->data;
1934 memset(&rx, 0, sizeof(rx)); 2191 memset(&rx, 0, sizeof(rx));
@@ -1956,7 +2213,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1956 rx.flags |= IEEE80211_RX_IN_SCAN; 2213 rx.flags |= IEEE80211_RX_IN_SCAN;
1957 2214
1958 ieee80211_parse_qos(&rx); 2215 ieee80211_parse_qos(&rx);
1959 ieee80211_verify_ip_alignment(&rx); 2216 ieee80211_verify_alignment(&rx);
1960 2217
1961 skb = rx.skb; 2218 skb = rx.skb;
1962 2219
@@ -1967,9 +2224,8 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1967 if (sdata->vif.type == NL80211_IFTYPE_MONITOR) 2224 if (sdata->vif.type == NL80211_IFTYPE_MONITOR)
1968 continue; 2225 continue;
1969 2226
1970 bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type);
1971 rx.flags |= IEEE80211_RX_RA_MATCH; 2227 rx.flags |= IEEE80211_RX_RA_MATCH;
1972 prepares = prepare_for_handlers(sdata, bssid, &rx, hdr); 2228 prepares = prepare_for_handlers(sdata, &rx, hdr);
1973 2229
1974 if (!prepares) 2230 if (!prepares)
1975 continue; 2231 continue;
@@ -2174,11 +2430,9 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2174 /* new un-ordered ampdu frame - process it */ 2430 /* new un-ordered ampdu frame - process it */
2175 2431
2176 /* reset session timer */ 2432 /* reset session timer */
2177 if (tid_agg_rx->timeout) { 2433 if (tid_agg_rx->timeout)
2178 unsigned long expires = 2434 mod_timer(&tid_agg_rx->session_timer,
2179 jiffies + (tid_agg_rx->timeout / 1000) * HZ; 2435 TU_TO_EXP_TIME(tid_agg_rx->timeout));
2180 mod_timer(&tid_agg_rx->session_timer, expires);
2181 }
2182 2436
2183 /* if this mpdu is fragmented - terminate rx aggregation session */ 2437 /* if this mpdu is fragmented - terminate rx aggregation session */
2184 sc = le16_to_cpu(hdr->seq_ctrl); 2438 sc = le16_to_cpu(hdr->seq_ctrl);
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index f5c7c3371929..5030a3c87509 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -12,14 +12,11 @@
12 * published by the Free Software Foundation. 12 * published by the Free Software Foundation.
13 */ 13 */
14 14
15/* TODO: 15/* TODO: figure out how to avoid that the "current BSS" expires */
16 * order BSS list by RSSI(?) ("quality of AP")
17 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
18 * SSID)
19 */
20 16
21#include <linux/wireless.h> 17#include <linux/wireless.h>
22#include <linux/if_arp.h> 18#include <linux/if_arp.h>
19#include <linux/rtnetlink.h>
23#include <net/mac80211.h> 20#include <net/mac80211.h>
24#include <net/iw_handler.h> 21#include <net/iw_handler.h>
25 22
@@ -30,192 +27,29 @@
30#define IEEE80211_CHANNEL_TIME (HZ / 33) 27#define IEEE80211_CHANNEL_TIME (HZ / 33)
31#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5) 28#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
32 29
33void ieee80211_rx_bss_list_init(struct ieee80211_local *local)
34{
35 spin_lock_init(&local->bss_lock);
36 INIT_LIST_HEAD(&local->bss_list);
37}
38
39void ieee80211_rx_bss_list_deinit(struct ieee80211_local *local)
40{
41 struct ieee80211_bss *bss, *tmp;
42
43 list_for_each_entry_safe(bss, tmp, &local->bss_list, list)
44 ieee80211_rx_bss_put(local, bss);
45}
46
47struct ieee80211_bss * 30struct ieee80211_bss *
48ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq, 31ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
49 u8 *ssid, u8 ssid_len) 32 u8 *ssid, u8 ssid_len)
50{ 33{
51 struct ieee80211_bss *bss; 34 return (void *)cfg80211_get_bss(local->hw.wiphy,
52 35 ieee80211_get_channel(local->hw.wiphy,
53 spin_lock_bh(&local->bss_lock); 36 freq),
54 bss = local->bss_hash[STA_HASH(bssid)]; 37 bssid, ssid, ssid_len,
55 while (bss) { 38 0, 0);
56 if (!bss_mesh_cfg(bss) &&
57 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
58 bss->freq == freq &&
59 bss->ssid_len == ssid_len &&
60 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
61 atomic_inc(&bss->users);
62 break;
63 }
64 bss = bss->hnext;
65 }
66 spin_unlock_bh(&local->bss_lock);
67 return bss;
68}
69
70/* Caller must hold local->bss_lock */
71static void __ieee80211_rx_bss_hash_add(struct ieee80211_local *local,
72 struct ieee80211_bss *bss)
73{
74 u8 hash_idx;
75
76 if (bss_mesh_cfg(bss))
77 hash_idx = mesh_id_hash(bss_mesh_id(bss),
78 bss_mesh_id_len(bss));
79 else
80 hash_idx = STA_HASH(bss->bssid);
81
82 bss->hnext = local->bss_hash[hash_idx];
83 local->bss_hash[hash_idx] = bss;
84}
85
86/* Caller must hold local->bss_lock */
87static void __ieee80211_rx_bss_hash_del(struct ieee80211_local *local,
88 struct ieee80211_bss *bss)
89{
90 struct ieee80211_bss *b, *prev = NULL;
91 b = local->bss_hash[STA_HASH(bss->bssid)];
92 while (b) {
93 if (b == bss) {
94 if (!prev)
95 local->bss_hash[STA_HASH(bss->bssid)] =
96 bss->hnext;
97 else
98 prev->hnext = bss->hnext;
99 break;
100 }
101 prev = b;
102 b = b->hnext;
103 }
104}
105
106struct ieee80211_bss *
107ieee80211_rx_bss_add(struct ieee80211_local *local, u8 *bssid, int freq,
108 u8 *ssid, u8 ssid_len)
109{
110 struct ieee80211_bss *bss;
111
112 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
113 if (!bss)
114 return NULL;
115 atomic_set(&bss->users, 2);
116 memcpy(bss->bssid, bssid, ETH_ALEN);
117 bss->freq = freq;
118 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
119 memcpy(bss->ssid, ssid, ssid_len);
120 bss->ssid_len = ssid_len;
121 }
122
123 spin_lock_bh(&local->bss_lock);
124 /* TODO: order by RSSI? */
125 list_add_tail(&bss->list, &local->bss_list);
126 __ieee80211_rx_bss_hash_add(local, bss);
127 spin_unlock_bh(&local->bss_lock);
128 return bss;
129} 39}
130 40
131#ifdef CONFIG_MAC80211_MESH 41static void ieee80211_rx_bss_free(struct cfg80211_bss *cbss)
132static struct ieee80211_bss *
133ieee80211_rx_mesh_bss_get(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
134 u8 *mesh_cfg, int freq)
135{ 42{
136 struct ieee80211_bss *bss; 43 struct ieee80211_bss *bss = (void *)cbss;
137 44
138 spin_lock_bh(&local->bss_lock);
139 bss = local->bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
140 while (bss) {
141 if (bss_mesh_cfg(bss) &&
142 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
143 bss->freq == freq &&
144 mesh_id_len == bss->mesh_id_len &&
145 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
146 mesh_id_len))) {
147 atomic_inc(&bss->users);
148 break;
149 }
150 bss = bss->hnext;
151 }
152 spin_unlock_bh(&local->bss_lock);
153 return bss;
154}
155
156static struct ieee80211_bss *
157ieee80211_rx_mesh_bss_add(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
158 u8 *mesh_cfg, int mesh_config_len, int freq)
159{
160 struct ieee80211_bss *bss;
161
162 if (mesh_config_len != IEEE80211_MESH_CONFIG_LEN)
163 return NULL;
164
165 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
166 if (!bss)
167 return NULL;
168
169 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
170 if (!bss->mesh_cfg) {
171 kfree(bss);
172 return NULL;
173 }
174
175 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
176 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
177 if (!bss->mesh_id) {
178 kfree(bss->mesh_cfg);
179 kfree(bss);
180 return NULL;
181 }
182 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
183 }
184
185 atomic_set(&bss->users, 2);
186 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
187 bss->mesh_id_len = mesh_id_len;
188 bss->freq = freq;
189 spin_lock_bh(&local->bss_lock);
190 /* TODO: order by RSSI? */
191 list_add_tail(&bss->list, &local->bss_list);
192 __ieee80211_rx_bss_hash_add(local, bss);
193 spin_unlock_bh(&local->bss_lock);
194 return bss;
195}
196#endif
197
198static void ieee80211_rx_bss_free(struct ieee80211_bss *bss)
199{
200 kfree(bss->ies);
201 kfree(bss_mesh_id(bss)); 45 kfree(bss_mesh_id(bss));
202 kfree(bss_mesh_cfg(bss)); 46 kfree(bss_mesh_cfg(bss));
203 kfree(bss);
204} 47}
205 48
206void ieee80211_rx_bss_put(struct ieee80211_local *local, 49void ieee80211_rx_bss_put(struct ieee80211_local *local,
207 struct ieee80211_bss *bss) 50 struct ieee80211_bss *bss)
208{ 51{
209 local_bh_disable(); 52 cfg80211_put_bss((struct cfg80211_bss *)bss);
210 if (!atomic_dec_and_lock(&bss->users, &local->bss_lock)) {
211 local_bh_enable();
212 return;
213 }
214
215 __ieee80211_rx_bss_hash_del(local, bss);
216 list_del(&bss->list);
217 spin_unlock_bh(&local->bss_lock);
218 ieee80211_rx_bss_free(bss);
219} 53}
220 54
221struct ieee80211_bss * 55struct ieee80211_bss *
@@ -224,39 +58,25 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
224 struct ieee80211_mgmt *mgmt, 58 struct ieee80211_mgmt *mgmt,
225 size_t len, 59 size_t len,
226 struct ieee802_11_elems *elems, 60 struct ieee802_11_elems *elems,
227 int freq, bool beacon) 61 struct ieee80211_channel *channel,
62 bool beacon)
228{ 63{
229 struct ieee80211_bss *bss; 64 struct ieee80211_bss *bss;
230 int clen; 65 int clen;
66 s32 signal = 0;
231 67
232#ifdef CONFIG_MAC80211_MESH 68 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
233 if (elems->mesh_config) 69 signal = rx_status->signal * 100;
234 bss = ieee80211_rx_mesh_bss_get(local, elems->mesh_id, 70 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
235 elems->mesh_id_len, elems->mesh_config, freq); 71 signal = (rx_status->signal * 100) / local->hw.max_signal;
236 else 72
237#endif 73 bss = (void *)cfg80211_inform_bss_frame(local->hw.wiphy, channel,
238 bss = ieee80211_rx_bss_get(local, mgmt->bssid, freq, 74 mgmt, len, signal, GFP_ATOMIC);
239 elems->ssid, elems->ssid_len); 75
240 if (!bss) { 76 if (!bss)
241#ifdef CONFIG_MAC80211_MESH 77 return NULL;
242 if (elems->mesh_config) 78
243 bss = ieee80211_rx_mesh_bss_add(local, elems->mesh_id, 79 bss->cbss.free_priv = ieee80211_rx_bss_free;
244 elems->mesh_id_len, elems->mesh_config,
245 elems->mesh_config_len, freq);
246 else
247#endif
248 bss = ieee80211_rx_bss_add(local, mgmt->bssid, freq,
249 elems->ssid, elems->ssid_len);
250 if (!bss)
251 return NULL;
252 } else {
253#if 0
254 /* TODO: order by RSSI? */
255 spin_lock_bh(&local->bss_lock);
256 list_move_tail(&bss->list, &local->bss_list);
257 spin_unlock_bh(&local->bss_lock);
258#endif
259 }
260 80
261 /* save the ERP value so that it is available at association time */ 81 /* save the ERP value so that it is available at association time */
262 if (elems->erp_info && elems->erp_info_len >= 1) { 82 if (elems->erp_info && elems->erp_info_len >= 1) {
@@ -264,9 +84,6 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
264 bss->has_erp_value = 1; 84 bss->has_erp_value = 1;
265 } 85 }
266 86
267 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
268 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
269
270 if (elems->tim) { 87 if (elems->tim) {
271 struct ieee80211_tim_ie *tim_ie = 88 struct ieee80211_tim_ie *tim_ie =
272 (struct ieee80211_tim_ie *)elems->tim; 89 (struct ieee80211_tim_ie *)elems->tim;
@@ -295,37 +112,27 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
295 bss->supp_rates_len += clen; 112 bss->supp_rates_len += clen;
296 } 113 }
297 114
298 bss->band = rx_status->band;
299
300 bss->timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
301 bss->last_update = jiffies;
302 bss->signal = rx_status->signal;
303 bss->noise = rx_status->noise;
304 bss->qual = rx_status->qual;
305 bss->wmm_used = elems->wmm_param || elems->wmm_info; 115 bss->wmm_used = elems->wmm_param || elems->wmm_info;
306 116
307 if (!beacon) 117 if (!beacon)
308 bss->last_probe_resp = jiffies; 118 bss->last_probe_resp = jiffies;
309 119
310 /*
311 * For probe responses, or if we don't have any information yet,
312 * use the IEs from the beacon.
313 */
314 if (!bss->ies || !beacon) {
315 if (bss->ies == NULL || bss->ies_len < elems->total_len) {
316 kfree(bss->ies);
317 bss->ies = kmalloc(elems->total_len, GFP_ATOMIC);
318 }
319 if (bss->ies) {
320 memcpy(bss->ies, elems->ie_start, elems->total_len);
321 bss->ies_len = elems->total_len;
322 } else
323 bss->ies_len = 0;
324 }
325
326 return bss; 120 return bss;
327} 121}
328 122
123void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
124 int freq, u8 *ssid, u8 ssid_len)
125{
126 struct ieee80211_bss *bss;
127 struct ieee80211_local *local = sdata->local;
128
129 bss = ieee80211_rx_bss_get(local, bssid, freq, ssid, ssid_len);
130 if (bss) {
131 cfg80211_unlink_bss(local->hw.wiphy, (void *)bss);
132 ieee80211_rx_bss_put(local, bss);
133 }
134}
135
329ieee80211_rx_result 136ieee80211_rx_result
330ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 137ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
331 struct ieee80211_rx_status *rx_status) 138 struct ieee80211_rx_status *rx_status)
@@ -387,7 +194,7 @@ ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
387 194
388 bss = ieee80211_bss_info_update(sdata->local, rx_status, 195 bss = ieee80211_bss_info_update(sdata->local, rx_status,
389 mgmt, skb->len, &elems, 196 mgmt, skb->len, &elems,
390 freq, beacon); 197 channel, beacon);
391 if (bss) 198 if (bss)
392 ieee80211_rx_bss_put(sdata->local, bss); 199 ieee80211_rx_bss_put(sdata->local, bss);
393 200
@@ -395,56 +202,34 @@ ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
395 return RX_QUEUED; 202 return RX_QUEUED;
396} 203}
397 204
398static void ieee80211_send_nullfunc(struct ieee80211_local *local, 205void ieee80211_scan_failed(struct ieee80211_local *local)
399 struct ieee80211_sub_if_data *sdata,
400 int powersave)
401{ 206{
402 struct sk_buff *skb; 207 if (WARN_ON(!local->scan_req))
403 struct ieee80211_hdr *nullfunc;
404 __le16 fc;
405
406 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
407 if (!skb) {
408 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
409 "frame\n", sdata->dev->name);
410 return; 208 return;
411 } 209
412 skb_reserve(skb, local->hw.extra_tx_headroom); 210 /* notify cfg80211 about the failed scan */
413 211 if (local->scan_req != &local->int_scan_req)
414 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24); 212 cfg80211_scan_done(local->scan_req, true);
415 memset(nullfunc, 0, 24); 213
416 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC | 214 local->scan_req = NULL;
417 IEEE80211_FCTL_TODS);
418 if (powersave)
419 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
420 nullfunc->frame_control = fc;
421 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
422 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
423 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
424
425 ieee80211_tx_skb(sdata, skb, 0);
426} 215}
427 216
428void ieee80211_scan_completed(struct ieee80211_hw *hw) 217void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
429{ 218{
430 struct ieee80211_local *local = hw_to_local(hw); 219 struct ieee80211_local *local = hw_to_local(hw);
431 struct ieee80211_sub_if_data *sdata; 220 struct ieee80211_sub_if_data *sdata;
432 union iwreq_data wrqu;
433 221
434 if (WARN_ON(!local->hw_scanning && !local->sw_scanning)) 222 if (WARN_ON(!local->hw_scanning && !local->sw_scanning))
435 return; 223 return;
436 224
437 local->last_scan_completed = jiffies; 225 if (WARN_ON(!local->scan_req))
438 memset(&wrqu, 0, sizeof(wrqu)); 226 return;
439 227
440 /* 228 if (local->scan_req != &local->int_scan_req)
441 * local->scan_sdata could have been NULLed by the interface 229 cfg80211_scan_done(local->scan_req, aborted);
442 * down code in case we were scanning on an interface that is 230 local->scan_req = NULL;
443 * being taken down. 231
444 */ 232 local->last_scan_completed = jiffies;
445 sdata = local->scan_sdata;
446 if (sdata)
447 wireless_send_event(sdata->dev, SIOCGIWSCAN, &wrqu, NULL);
448 233
449 if (local->hw_scanning) { 234 if (local->hw_scanning) {
450 local->hw_scanning = false; 235 local->hw_scanning = false;
@@ -472,34 +257,46 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw)
472 netif_addr_unlock(local->mdev); 257 netif_addr_unlock(local->mdev);
473 netif_tx_unlock_bh(local->mdev); 258 netif_tx_unlock_bh(local->mdev);
474 259
475 rcu_read_lock(); 260 if (local->ops->sw_scan_complete)
476 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 261 local->ops->sw_scan_complete(local_to_hw(local));
262
263 mutex_lock(&local->iflist_mtx);
264 list_for_each_entry(sdata, &local->interfaces, list) {
265 if (!netif_running(sdata->dev))
266 continue;
267
477 /* Tell AP we're back */ 268 /* Tell AP we're back */
478 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 269 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
479 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) { 270 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) {
480 ieee80211_send_nullfunc(local, sdata, 0); 271 ieee80211_send_nullfunc(local, sdata, 0);
481 netif_tx_wake_all_queues(sdata->dev); 272 netif_tx_wake_all_queues(sdata->dev);
482 } 273 }
483 } else 274 } else
484 netif_tx_wake_all_queues(sdata->dev); 275 netif_tx_wake_all_queues(sdata->dev);
276
277 /* re-enable beaconing */
278 if (sdata->vif.type == NL80211_IFTYPE_AP ||
279 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
280 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
281 ieee80211_if_config(sdata,
282 IEEE80211_IFCC_BEACON_ENABLED);
485 } 283 }
486 rcu_read_unlock(); 284 mutex_unlock(&local->iflist_mtx);
487 285
488 done: 286 done:
489 ieee80211_mlme_notify_scan_completed(local); 287 ieee80211_mlme_notify_scan_completed(local);
288 ieee80211_ibss_notify_scan_completed(local);
490 ieee80211_mesh_notify_scan_completed(local); 289 ieee80211_mesh_notify_scan_completed(local);
491} 290}
492EXPORT_SYMBOL(ieee80211_scan_completed); 291EXPORT_SYMBOL(ieee80211_scan_completed);
493 292
494
495void ieee80211_scan_work(struct work_struct *work) 293void ieee80211_scan_work(struct work_struct *work)
496{ 294{
497 struct ieee80211_local *local = 295 struct ieee80211_local *local =
498 container_of(work, struct ieee80211_local, scan_work.work); 296 container_of(work, struct ieee80211_local, scan_work.work);
499 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 297 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
500 struct ieee80211_supported_band *sband;
501 struct ieee80211_channel *chan; 298 struct ieee80211_channel *chan;
502 int skip; 299 int skip, i;
503 unsigned long next_delay = 0; 300 unsigned long next_delay = 0;
504 301
505 /* 302 /*
@@ -510,33 +307,13 @@ void ieee80211_scan_work(struct work_struct *work)
510 307
511 switch (local->scan_state) { 308 switch (local->scan_state) {
512 case SCAN_SET_CHANNEL: 309 case SCAN_SET_CHANNEL:
513 /*
514 * Get current scan band. scan_band may be IEEE80211_NUM_BANDS
515 * after we successfully scanned the last channel of the last
516 * band (and the last band is supported by the hw)
517 */
518 if (local->scan_band < IEEE80211_NUM_BANDS)
519 sband = local->hw.wiphy->bands[local->scan_band];
520 else
521 sband = NULL;
522
523 /*
524 * If we are at an unsupported band and have more bands
525 * left to scan, advance to the next supported one.
526 */
527 while (!sband && local->scan_band < IEEE80211_NUM_BANDS - 1) {
528 local->scan_band++;
529 sband = local->hw.wiphy->bands[local->scan_band];
530 local->scan_channel_idx = 0;
531 }
532
533 /* if no more bands/channels left, complete scan */ 310 /* if no more bands/channels left, complete scan */
534 if (!sband || local->scan_channel_idx >= sband->n_channels) { 311 if (local->scan_channel_idx >= local->scan_req->n_channels) {
535 ieee80211_scan_completed(local_to_hw(local)); 312 ieee80211_scan_completed(local_to_hw(local), false);
536 return; 313 return;
537 } 314 }
538 skip = 0; 315 skip = 0;
539 chan = &sband->channels[local->scan_channel_idx]; 316 chan = local->scan_req->channels[local->scan_channel_idx];
540 317
541 if (chan->flags & IEEE80211_CHAN_DISABLED || 318 if (chan->flags & IEEE80211_CHAN_DISABLED ||
542 (sdata->vif.type == NL80211_IFTYPE_ADHOC && 319 (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
@@ -552,15 +329,6 @@ void ieee80211_scan_work(struct work_struct *work)
552 329
553 /* advance state machine to next channel/band */ 330 /* advance state machine to next channel/band */
554 local->scan_channel_idx++; 331 local->scan_channel_idx++;
555 if (local->scan_channel_idx >= sband->n_channels) {
556 /*
557 * scan_band may end up == IEEE80211_NUM_BANDS, but
558 * we'll catch that case above and complete the scan
559 * if that is the case.
560 */
561 local->scan_band++;
562 local->scan_channel_idx = 0;
563 }
564 332
565 if (skip) 333 if (skip)
566 break; 334 break;
@@ -573,10 +341,15 @@ void ieee80211_scan_work(struct work_struct *work)
573 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME; 341 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
574 local->scan_state = SCAN_SET_CHANNEL; 342 local->scan_state = SCAN_SET_CHANNEL;
575 343
576 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN) 344 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
345 !local->scan_req->n_ssids)
577 break; 346 break;
578 ieee80211_send_probe_req(sdata, NULL, local->scan_ssid, 347 for (i = 0; i < local->scan_req->n_ssids; i++)
579 local->scan_ssid_len); 348 ieee80211_send_probe_req(
349 sdata, NULL,
350 local->scan_req->ssids[i].ssid,
351 local->scan_req->ssids[i].ssid_len,
352 local->scan_req->ie, local->scan_req->ie_len);
580 next_delay = IEEE80211_CHANNEL_TIME; 353 next_delay = IEEE80211_CHANNEL_TIME;
581 break; 354 break;
582 } 355 }
@@ -587,14 +360,19 @@ void ieee80211_scan_work(struct work_struct *work)
587 360
588 361
589int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata, 362int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
590 u8 *ssid, size_t ssid_len) 363 struct cfg80211_scan_request *req)
591{ 364{
592 struct ieee80211_local *local = scan_sdata->local; 365 struct ieee80211_local *local = scan_sdata->local;
593 struct ieee80211_sub_if_data *sdata; 366 struct ieee80211_sub_if_data *sdata;
594 367
595 if (ssid_len > IEEE80211_MAX_SSID_LEN) 368 if (!req)
596 return -EINVAL; 369 return -EINVAL;
597 370
371 if (local->scan_req && local->scan_req != req)
372 return -EBUSY;
373
374 local->scan_req = req;
375
598 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1) 376 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
599 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS 377 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
600 * BSSID: MACAddress 378 * BSSID: MACAddress
@@ -622,7 +400,7 @@ int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
622 int rc; 400 int rc;
623 401
624 local->hw_scanning = true; 402 local->hw_scanning = true;
625 rc = local->ops->hw_scan(local_to_hw(local), ssid, ssid_len); 403 rc = local->ops->hw_scan(local_to_hw(local), req);
626 if (rc) { 404 if (rc) {
627 local->hw_scanning = false; 405 local->hw_scanning = false;
628 return rc; 406 return rc;
@@ -632,28 +410,35 @@ int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
632 } 410 }
633 411
634 local->sw_scanning = true; 412 local->sw_scanning = true;
413 if (local->ops->sw_scan_start)
414 local->ops->sw_scan_start(local_to_hw(local));
415
416 mutex_lock(&local->iflist_mtx);
417 list_for_each_entry(sdata, &local->interfaces, list) {
418 if (!netif_running(sdata->dev))
419 continue;
420
421 /* disable beaconing */
422 if (sdata->vif.type == NL80211_IFTYPE_AP ||
423 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
424 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
425 ieee80211_if_config(sdata,
426 IEEE80211_IFCC_BEACON_ENABLED);
635 427
636 rcu_read_lock();
637 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
638 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 428 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
639 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) { 429 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) {
640 netif_tx_stop_all_queues(sdata->dev); 430 netif_tx_stop_all_queues(sdata->dev);
641 ieee80211_send_nullfunc(local, sdata, 1); 431 ieee80211_send_nullfunc(local, sdata, 1);
642 } 432 }
643 } else 433 } else
644 netif_tx_stop_all_queues(sdata->dev); 434 netif_tx_stop_all_queues(sdata->dev);
645 } 435 }
646 rcu_read_unlock(); 436 mutex_unlock(&local->iflist_mtx);
647 437
648 if (ssid) {
649 local->scan_ssid_len = ssid_len;
650 memcpy(local->scan_ssid, ssid, ssid_len);
651 } else
652 local->scan_ssid_len = 0;
653 local->scan_state = SCAN_SET_CHANNEL; 438 local->scan_state = SCAN_SET_CHANNEL;
654 local->scan_channel_idx = 0; 439 local->scan_channel_idx = 0;
655 local->scan_band = IEEE80211_BAND_2GHZ;
656 local->scan_sdata = scan_sdata; 440 local->scan_sdata = scan_sdata;
441 local->scan_req = req;
657 442
658 netif_addr_lock_bh(local->mdev); 443 netif_addr_lock_bh(local->mdev);
659 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC; 444 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
@@ -673,13 +458,21 @@ int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
673 458
674 459
675int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 460int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
676 u8 *ssid, size_t ssid_len) 461 struct cfg80211_scan_request *req)
677{ 462{
678 struct ieee80211_local *local = sdata->local; 463 struct ieee80211_local *local = sdata->local;
679 struct ieee80211_if_sta *ifsta; 464 struct ieee80211_if_managed *ifmgd;
465
466 if (!req)
467 return -EINVAL;
468
469 if (local->scan_req && local->scan_req != req)
470 return -EBUSY;
471
472 local->scan_req = req;
680 473
681 if (sdata->vif.type != NL80211_IFTYPE_STATION) 474 if (sdata->vif.type != NL80211_IFTYPE_STATION)
682 return ieee80211_start_scan(sdata, ssid, ssid_len); 475 return ieee80211_start_scan(sdata, req);
683 476
684 /* 477 /*
685 * STA has a state machine that might need to defer scanning 478 * STA has a state machine that might need to defer scanning
@@ -693,242 +486,9 @@ int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
693 return -EBUSY; 486 return -EBUSY;
694 } 487 }
695 488
696 ifsta = &sdata->u.sta; 489 ifmgd = &sdata->u.mgd;
697 490 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request);
698 ifsta->scan_ssid_len = ssid_len; 491 queue_work(local->hw.workqueue, &ifmgd->work);
699 if (ssid_len)
700 memcpy(ifsta->scan_ssid, ssid, ssid_len);
701 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
702 queue_work(local->hw.workqueue, &ifsta->work);
703 492
704 return 0; 493 return 0;
705} 494}
706
707
708static void ieee80211_scan_add_ies(struct iw_request_info *info,
709 struct ieee80211_bss *bss,
710 char **current_ev, char *end_buf)
711{
712 u8 *pos, *end, *next;
713 struct iw_event iwe;
714
715 if (bss == NULL || bss->ies == NULL)
716 return;
717
718 /*
719 * If needed, fragment the IEs buffer (at IE boundaries) into short
720 * enough fragments to fit into IW_GENERIC_IE_MAX octet messages.
721 */
722 pos = bss->ies;
723 end = pos + bss->ies_len;
724
725 while (end - pos > IW_GENERIC_IE_MAX) {
726 next = pos + 2 + pos[1];
727 while (next + 2 + next[1] - pos < IW_GENERIC_IE_MAX)
728 next = next + 2 + next[1];
729
730 memset(&iwe, 0, sizeof(iwe));
731 iwe.cmd = IWEVGENIE;
732 iwe.u.data.length = next - pos;
733 *current_ev = iwe_stream_add_point(info, *current_ev,
734 end_buf, &iwe, pos);
735
736 pos = next;
737 }
738
739 if (end > pos) {
740 memset(&iwe, 0, sizeof(iwe));
741 iwe.cmd = IWEVGENIE;
742 iwe.u.data.length = end - pos;
743 *current_ev = iwe_stream_add_point(info, *current_ev,
744 end_buf, &iwe, pos);
745 }
746}
747
748
749static char *
750ieee80211_scan_result(struct ieee80211_local *local,
751 struct iw_request_info *info,
752 struct ieee80211_bss *bss,
753 char *current_ev, char *end_buf)
754{
755 struct iw_event iwe;
756 char *buf;
757
758 if (time_after(jiffies,
759 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
760 return current_ev;
761
762 memset(&iwe, 0, sizeof(iwe));
763 iwe.cmd = SIOCGIWAP;
764 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
765 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
766 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
767 IW_EV_ADDR_LEN);
768
769 memset(&iwe, 0, sizeof(iwe));
770 iwe.cmd = SIOCGIWESSID;
771 if (bss_mesh_cfg(bss)) {
772 iwe.u.data.length = bss_mesh_id_len(bss);
773 iwe.u.data.flags = 1;
774 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
775 &iwe, bss_mesh_id(bss));
776 } else {
777 iwe.u.data.length = bss->ssid_len;
778 iwe.u.data.flags = 1;
779 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
780 &iwe, bss->ssid);
781 }
782
783 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
784 || bss_mesh_cfg(bss)) {
785 memset(&iwe, 0, sizeof(iwe));
786 iwe.cmd = SIOCGIWMODE;
787 if (bss_mesh_cfg(bss))
788 iwe.u.mode = IW_MODE_MESH;
789 else if (bss->capability & WLAN_CAPABILITY_ESS)
790 iwe.u.mode = IW_MODE_MASTER;
791 else
792 iwe.u.mode = IW_MODE_ADHOC;
793 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
794 &iwe, IW_EV_UINT_LEN);
795 }
796
797 memset(&iwe, 0, sizeof(iwe));
798 iwe.cmd = SIOCGIWFREQ;
799 iwe.u.freq.m = ieee80211_frequency_to_channel(bss->freq);
800 iwe.u.freq.e = 0;
801 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
802 IW_EV_FREQ_LEN);
803
804 memset(&iwe, 0, sizeof(iwe));
805 iwe.cmd = SIOCGIWFREQ;
806 iwe.u.freq.m = bss->freq;
807 iwe.u.freq.e = 6;
808 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
809 IW_EV_FREQ_LEN);
810 memset(&iwe, 0, sizeof(iwe));
811 iwe.cmd = IWEVQUAL;
812 iwe.u.qual.qual = bss->qual;
813 iwe.u.qual.level = bss->signal;
814 iwe.u.qual.noise = bss->noise;
815 iwe.u.qual.updated = local->wstats_flags;
816 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
817 IW_EV_QUAL_LEN);
818
819 memset(&iwe, 0, sizeof(iwe));
820 iwe.cmd = SIOCGIWENCODE;
821 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
822 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
823 else
824 iwe.u.data.flags = IW_ENCODE_DISABLED;
825 iwe.u.data.length = 0;
826 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
827 &iwe, "");
828
829 ieee80211_scan_add_ies(info, bss, &current_ev, end_buf);
830
831 if (bss->supp_rates_len > 0) {
832 /* display all supported rates in readable format */
833 char *p = current_ev + iwe_stream_lcp_len(info);
834 int i;
835
836 memset(&iwe, 0, sizeof(iwe));
837 iwe.cmd = SIOCGIWRATE;
838 /* Those two flags are ignored... */
839 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
840
841 for (i = 0; i < bss->supp_rates_len; i++) {
842 iwe.u.bitrate.value = ((bss->supp_rates[i] &
843 0x7f) * 500000);
844 p = iwe_stream_add_value(info, current_ev, p,
845 end_buf, &iwe, IW_EV_PARAM_LEN);
846 }
847 current_ev = p;
848 }
849
850 buf = kmalloc(30, GFP_ATOMIC);
851 if (buf) {
852 memset(&iwe, 0, sizeof(iwe));
853 iwe.cmd = IWEVCUSTOM;
854 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
855 iwe.u.data.length = strlen(buf);
856 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
857 &iwe, buf);
858 memset(&iwe, 0, sizeof(iwe));
859 iwe.cmd = IWEVCUSTOM;
860 sprintf(buf, " Last beacon: %dms ago",
861 jiffies_to_msecs(jiffies - bss->last_update));
862 iwe.u.data.length = strlen(buf);
863 current_ev = iwe_stream_add_point(info, current_ev,
864 end_buf, &iwe, buf);
865 kfree(buf);
866 }
867
868 if (bss_mesh_cfg(bss)) {
869 u8 *cfg = bss_mesh_cfg(bss);
870 buf = kmalloc(50, GFP_ATOMIC);
871 if (buf) {
872 memset(&iwe, 0, sizeof(iwe));
873 iwe.cmd = IWEVCUSTOM;
874 sprintf(buf, "Mesh network (version %d)", cfg[0]);
875 iwe.u.data.length = strlen(buf);
876 current_ev = iwe_stream_add_point(info, current_ev,
877 end_buf,
878 &iwe, buf);
879 sprintf(buf, "Path Selection Protocol ID: "
880 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
881 cfg[4]);
882 iwe.u.data.length = strlen(buf);
883 current_ev = iwe_stream_add_point(info, current_ev,
884 end_buf,
885 &iwe, buf);
886 sprintf(buf, "Path Selection Metric ID: "
887 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
888 cfg[8]);
889 iwe.u.data.length = strlen(buf);
890 current_ev = iwe_stream_add_point(info, current_ev,
891 end_buf,
892 &iwe, buf);
893 sprintf(buf, "Congestion Control Mode ID: "
894 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
895 cfg[11], cfg[12]);
896 iwe.u.data.length = strlen(buf);
897 current_ev = iwe_stream_add_point(info, current_ev,
898 end_buf,
899 &iwe, buf);
900 sprintf(buf, "Channel Precedence: "
901 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
902 cfg[15], cfg[16]);
903 iwe.u.data.length = strlen(buf);
904 current_ev = iwe_stream_add_point(info, current_ev,
905 end_buf,
906 &iwe, buf);
907 kfree(buf);
908 }
909 }
910
911 return current_ev;
912}
913
914
915int ieee80211_scan_results(struct ieee80211_local *local,
916 struct iw_request_info *info,
917 char *buf, size_t len)
918{
919 char *current_ev = buf;
920 char *end_buf = buf + len;
921 struct ieee80211_bss *bss;
922
923 spin_lock_bh(&local->bss_lock);
924 list_for_each_entry(bss, &local->bss_list, list) {
925 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
926 spin_unlock_bh(&local->bss_lock);
927 return -E2BIG;
928 }
929 current_ev = ieee80211_scan_result(local, info, bss,
930 current_ev, end_buf);
931 }
932 spin_unlock_bh(&local->bss_lock);
933 return current_ev - buf;
934}
diff --git a/net/mac80211/spectmgmt.c b/net/mac80211/spectmgmt.c
index f72bad636d8e..5f7a2624ed74 100644
--- a/net/mac80211/spectmgmt.c
+++ b/net/mac80211/spectmgmt.c
@@ -65,7 +65,7 @@ static void ieee80211_send_refuse_measurement_request(struct ieee80211_sub_if_da
65 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED; 65 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED;
66 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type; 66 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type;
67 67
68 ieee80211_tx_skb(sdata, skb, 0); 68 ieee80211_tx_skb(sdata, skb, 1);
69} 69}
70 70
71void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata, 71void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
@@ -84,3 +84,104 @@ void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
84 mgmt->sa, mgmt->bssid, 84 mgmt->sa, mgmt->bssid,
85 mgmt->u.action.u.measurement.dialog_token); 85 mgmt->u.action.u.measurement.dialog_token);
86} 86}
87
88void ieee80211_chswitch_work(struct work_struct *work)
89{
90 struct ieee80211_sub_if_data *sdata =
91 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
92 struct ieee80211_bss *bss;
93 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
94
95 if (!netif_running(sdata->dev))
96 return;
97
98 bss = ieee80211_rx_bss_get(sdata->local, ifmgd->bssid,
99 sdata->local->hw.conf.channel->center_freq,
100 ifmgd->ssid, ifmgd->ssid_len);
101 if (!bss)
102 goto exit;
103
104 sdata->local->oper_channel = sdata->local->csa_channel;
105 /* XXX: shouldn't really modify cfg80211-owned data! */
106 if (!ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL))
107 bss->cbss.channel = sdata->local->oper_channel;
108
109 ieee80211_rx_bss_put(sdata->local, bss);
110exit:
111 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
112 ieee80211_wake_queues_by_reason(&sdata->local->hw,
113 IEEE80211_QUEUE_STOP_REASON_CSA);
114}
115
116void ieee80211_chswitch_timer(unsigned long data)
117{
118 struct ieee80211_sub_if_data *sdata =
119 (struct ieee80211_sub_if_data *) data;
120 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
121
122 queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
123}
124
125void ieee80211_process_chanswitch(struct ieee80211_sub_if_data *sdata,
126 struct ieee80211_channel_sw_ie *sw_elem,
127 struct ieee80211_bss *bss)
128{
129 struct ieee80211_channel *new_ch;
130 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
131 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);
132
133 /* FIXME: Handle ADHOC later */
134 if (sdata->vif.type != NL80211_IFTYPE_STATION)
135 return;
136
137 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATED)
138 return;
139
140 if (sdata->local->sw_scanning || sdata->local->hw_scanning)
141 return;
142
143 /* Disregard subsequent beacons if we are already running a timer
144 processing a CSA */
145
146 if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED)
147 return;
148
149 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq);
150 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED)
151 return;
152
153 sdata->local->csa_channel = new_ch;
154
155 if (sw_elem->count <= 1) {
156 queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
157 } else {
158 ieee80211_stop_queues_by_reason(&sdata->local->hw,
159 IEEE80211_QUEUE_STOP_REASON_CSA);
160 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
161 mod_timer(&ifmgd->chswitch_timer,
162 jiffies +
163 msecs_to_jiffies(sw_elem->count *
164 bss->cbss.beacon_interval));
165 }
166}
167
168void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
169 u16 capab_info, u8 *pwr_constr_elem,
170 u8 pwr_constr_elem_len)
171{
172 struct ieee80211_conf *conf = &sdata->local->hw.conf;
173
174 if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT))
175 return;
176
177 /* Power constraint IE length should be 1 octet */
178 if (pwr_constr_elem_len != 1)
179 return;
180
181 if ((*pwr_constr_elem <= conf->channel->max_power) &&
182 (*pwr_constr_elem != sdata->local->power_constr_level)) {
183 sdata->local->power_constr_level = *pwr_constr_elem;
184 ieee80211_hw_config(sdata->local, 0);
185 }
186}
187
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 10c5539c20ab..4ba3c540fcf3 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -194,12 +194,53 @@ void sta_info_destroy(struct sta_info *sta)
194 dev_kfree_skb_any(skb); 194 dev_kfree_skb_any(skb);
195 195
196 for (i = 0; i < STA_TID_NUM; i++) { 196 for (i = 0; i < STA_TID_NUM; i++) {
197 struct tid_ampdu_rx *tid_rx;
198 struct tid_ampdu_tx *tid_tx;
199
197 spin_lock_bh(&sta->lock); 200 spin_lock_bh(&sta->lock);
198 if (sta->ampdu_mlme.tid_rx[i]) 201 tid_rx = sta->ampdu_mlme.tid_rx[i];
199 del_timer_sync(&sta->ampdu_mlme.tid_rx[i]->session_timer); 202 /* Make sure timer won't free the tid_rx struct, see below */
200 if (sta->ampdu_mlme.tid_tx[i]) 203 if (tid_rx)
201 del_timer_sync(&sta->ampdu_mlme.tid_tx[i]->addba_resp_timer); 204 tid_rx->shutdown = true;
205
206 /*
207 * The stop callback cannot find this station any more, but
208 * it didn't complete its work -- start the queue if necessary
209 */
210 if (sta->ampdu_mlme.tid_state_tx[i] & HT_AGG_STATE_INITIATOR_MSK &&
211 sta->ampdu_mlme.tid_state_tx[i] & HT_AGG_STATE_REQ_STOP_BA_MSK &&
212 local->hw.ampdu_queues)
213 ieee80211_wake_queue_by_reason(&local->hw,
214 local->hw.queues + sta->tid_to_tx_q[i],
215 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
216
202 spin_unlock_bh(&sta->lock); 217 spin_unlock_bh(&sta->lock);
218
219 /*
220 * Outside spinlock - shutdown is true now so that the timer
221 * won't free tid_rx, we have to do that now. Can't let the
222 * timer do it because we have to sync the timer outside the
223 * lock that it takes itself.
224 */
225 if (tid_rx) {
226 del_timer_sync(&tid_rx->session_timer);
227 kfree(tid_rx);
228 }
229
230 /*
231 * No need to do such complications for TX agg sessions, the
232 * path leading to freeing the tid_tx struct goes via a call
233 * from the driver, and thus needs to look up the sta struct
234 * again, which cannot be found when we get here. Hence, we
235 * just need to delete the timer and free the aggregation
236 * info; we won't be telling the peer about it then but that
237 * doesn't matter if we're not talking to it again anyway.
238 */
239 tid_tx = sta->ampdu_mlme.tid_tx[i];
240 if (tid_tx) {
241 del_timer_sync(&tid_tx->addba_resp_timer);
242 kfree(tid_tx);
243 }
203 } 244 }
204 245
205 __sta_info_free(local, sta); 246 __sta_info_free(local, sta);
@@ -246,8 +287,7 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
246 * enable session_timer's data differentiation. refer to 287 * enable session_timer's data differentiation. refer to
247 * sta_rx_agg_session_timer_expired for useage */ 288 * sta_rx_agg_session_timer_expired for useage */
248 sta->timer_to_tid[i] = i; 289 sta->timer_to_tid[i] = i;
249 /* tid to tx queue: initialize according to HW (0 is valid) */ 290 sta->tid_to_tx_q[i] = -1;
250 sta->tid_to_tx_q[i] = ieee80211_num_queues(&local->hw);
251 /* rx */ 291 /* rx */
252 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE; 292 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE;
253 sta->ampdu_mlme.tid_rx[i] = NULL; 293 sta->ampdu_mlme.tid_rx[i] = NULL;
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index e49a5b99cf10..1f45573c580c 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -34,6 +34,7 @@
34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the 34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
35 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next 35 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next
36 * frame to this station is transmitted. 36 * frame to this station is transmitted.
37 * @WLAN_STA_MFP: Management frame protection is used with this STA.
37 */ 38 */
38enum ieee80211_sta_info_flags { 39enum ieee80211_sta_info_flags {
39 WLAN_STA_AUTH = 1<<0, 40 WLAN_STA_AUTH = 1<<0,
@@ -46,6 +47,7 @@ enum ieee80211_sta_info_flags {
46 WLAN_STA_WDS = 1<<7, 47 WLAN_STA_WDS = 1<<7,
47 WLAN_STA_PSPOLL = 1<<8, 48 WLAN_STA_PSPOLL = 1<<8,
48 WLAN_STA_CLEAR_PS_FILT = 1<<9, 49 WLAN_STA_CLEAR_PS_FILT = 1<<9,
50 WLAN_STA_MFP = 1<<10,
49}; 51};
50 52
51#define STA_TID_NUM 16 53#define STA_TID_NUM 16
@@ -63,7 +65,6 @@ enum ieee80211_sta_info_flags {
63#define HT_AGG_STATE_OPERATIONAL (HT_ADDBA_REQUESTED_MSK | \ 65#define HT_AGG_STATE_OPERATIONAL (HT_ADDBA_REQUESTED_MSK | \
64 HT_ADDBA_DRV_READY_MSK | \ 66 HT_ADDBA_DRV_READY_MSK | \
65 HT_ADDBA_RECEIVED_MSK) 67 HT_ADDBA_RECEIVED_MSK)
66#define HT_AGG_STATE_DEBUGFS_CTL BIT(7)
67 68
68/** 69/**
69 * struct tid_ampdu_tx - TID aggregation information (Tx). 70 * struct tid_ampdu_tx - TID aggregation information (Tx).
@@ -87,8 +88,9 @@ struct tid_ampdu_tx {
87 * @stored_mpdu_num: number of MPDUs in reordering buffer 88 * @stored_mpdu_num: number of MPDUs in reordering buffer
88 * @ssn: Starting Sequence Number expected to be aggregated. 89 * @ssn: Starting Sequence Number expected to be aggregated.
89 * @buf_size: buffer size for incoming A-MPDUs 90 * @buf_size: buffer size for incoming A-MPDUs
90 * @timeout: reset timer value. 91 * @timeout: reset timer value (in TUs).
91 * @dialog_token: dialog token for aggregation session 92 * @dialog_token: dialog token for aggregation session
93 * @shutdown: this session is being shut down due to STA removal
92 */ 94 */
93struct tid_ampdu_rx { 95struct tid_ampdu_rx {
94 struct sk_buff **reorder_buf; 96 struct sk_buff **reorder_buf;
@@ -99,6 +101,7 @@ struct tid_ampdu_rx {
99 u16 buf_size; 101 u16 buf_size;
100 u16 timeout; 102 u16 timeout;
101 u8 dialog_token; 103 u8 dialog_token;
104 bool shutdown;
102}; 105};
103 106
104/** 107/**
@@ -198,7 +201,7 @@ struct sta_ampdu_mlme {
198 * @tid_seq: per-TID sequence numbers for sending to this STA 201 * @tid_seq: per-TID sequence numbers for sending to this STA
199 * @ampdu_mlme: A-MPDU state machine state 202 * @ampdu_mlme: A-MPDU state machine state
200 * @timer_to_tid: identity mapping to ID timers 203 * @timer_to_tid: identity mapping to ID timers
201 * @tid_to_tx_q: map tid to tx queue 204 * @tid_to_tx_q: map tid to tx queue (invalid == negative values)
202 * @llid: Local link ID 205 * @llid: Local link ID
203 * @plid: Peer link ID 206 * @plid: Peer link ID
204 * @reason: Cancel reason on PLINK_HOLDING state 207 * @reason: Cancel reason on PLINK_HOLDING state
@@ -273,7 +276,7 @@ struct sta_info {
273 */ 276 */
274 struct sta_ampdu_mlme ampdu_mlme; 277 struct sta_ampdu_mlme ampdu_mlme;
275 u8 timer_to_tid[STA_TID_NUM]; 278 u8 timer_to_tid[STA_TID_NUM];
276 u8 tid_to_tx_q[STA_TID_NUM]; 279 s8 tid_to_tx_q[STA_TID_NUM];
277 280
278#ifdef CONFIG_MAC80211_MESH 281#ifdef CONFIG_MAC80211_MESH
279 /* 282 /*
@@ -382,8 +385,6 @@ static inline u32 get_sta_flags(struct sta_info *sta)
382} 385}
383 386
384 387
385/* Maximum number of concurrently registered stations */
386#define MAX_STA_COUNT 2007
387 388
388#define STA_HASH_SIZE 256 389#define STA_HASH_SIZE 256
389#define STA_HASH(sta) (sta[5]) 390#define STA_HASH(sta) (sta[5])
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 94de5033f0b6..457238a2f3fc 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -35,6 +35,7 @@
35#define IEEE80211_TX_OK 0 35#define IEEE80211_TX_OK 0
36#define IEEE80211_TX_AGAIN 1 36#define IEEE80211_TX_AGAIN 1
37#define IEEE80211_TX_FRAG_AGAIN 2 37#define IEEE80211_TX_FRAG_AGAIN 2
38#define IEEE80211_TX_PENDING 3
38 39
39/* misc utils */ 40/* misc utils */
40 41
@@ -330,6 +331,22 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
330 return TX_CONTINUE; 331 return TX_CONTINUE;
331} 332}
332 333
334static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta,
335 struct sk_buff *skb)
336{
337 if (!ieee80211_is_mgmt(fc))
338 return 0;
339
340 if (sta == NULL || !test_sta_flags(sta, WLAN_STA_MFP))
341 return 0;
342
343 if (!ieee80211_is_robust_mgmt_frame((struct ieee80211_hdr *)
344 skb->data))
345 return 0;
346
347 return 1;
348}
349
333static ieee80211_tx_result 350static ieee80211_tx_result
334ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx) 351ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
335{ 352{
@@ -409,11 +426,17 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
409 tx->key = NULL; 426 tx->key = NULL;
410 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 427 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
411 tx->key = key; 428 tx->key = key;
429 else if (ieee80211_is_mgmt(hdr->frame_control) &&
430 (key = rcu_dereference(tx->sdata->default_mgmt_key)))
431 tx->key = key;
412 else if ((key = rcu_dereference(tx->sdata->default_key))) 432 else if ((key = rcu_dereference(tx->sdata->default_key)))
413 tx->key = key; 433 tx->key = key;
414 else if (tx->sdata->drop_unencrypted && 434 else if (tx->sdata->drop_unencrypted &&
415 (tx->skb->protocol != cpu_to_be16(ETH_P_PAE)) && 435 (tx->skb->protocol != cpu_to_be16(ETH_P_PAE)) &&
416 !(info->flags & IEEE80211_TX_CTL_INJECTED)) { 436 !(info->flags & IEEE80211_TX_CTL_INJECTED) &&
437 (!ieee80211_is_robust_mgmt_frame(hdr) ||
438 (ieee80211_is_action(hdr->frame_control) &&
439 tx->sta && test_sta_flags(tx->sta, WLAN_STA_MFP)))) {
417 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted); 440 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
418 return TX_DROP; 441 return TX_DROP;
419 } else 442 } else
@@ -428,10 +451,19 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
428 if (ieee80211_is_auth(hdr->frame_control)) 451 if (ieee80211_is_auth(hdr->frame_control))
429 break; 452 break;
430 case ALG_TKIP: 453 case ALG_TKIP:
431 case ALG_CCMP:
432 if (!ieee80211_is_data_present(hdr->frame_control)) 454 if (!ieee80211_is_data_present(hdr->frame_control))
433 tx->key = NULL; 455 tx->key = NULL;
434 break; 456 break;
457 case ALG_CCMP:
458 if (!ieee80211_is_data_present(hdr->frame_control) &&
459 !ieee80211_use_mfp(hdr->frame_control, tx->sta,
460 tx->skb))
461 tx->key = NULL;
462 break;
463 case ALG_AES_CMAC:
464 if (!ieee80211_is_mgmt(hdr->frame_control))
465 tx->key = NULL;
466 break;
435 } 467 }
436 } 468 }
437 469
@@ -752,6 +784,8 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
752 skb_copy_queue_mapping(frag, first); 784 skb_copy_queue_mapping(frag, first);
753 785
754 frag->do_not_encrypt = first->do_not_encrypt; 786 frag->do_not_encrypt = first->do_not_encrypt;
787 frag->dev = first->dev;
788 frag->iif = first->iif;
755 789
756 pos += copylen; 790 pos += copylen;
757 left -= copylen; 791 left -= copylen;
@@ -787,6 +821,8 @@ ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
787 return ieee80211_crypto_tkip_encrypt(tx); 821 return ieee80211_crypto_tkip_encrypt(tx);
788 case ALG_CCMP: 822 case ALG_CCMP:
789 return ieee80211_crypto_ccmp_encrypt(tx); 823 return ieee80211_crypto_ccmp_encrypt(tx);
824 case ALG_AES_CMAC:
825 return ieee80211_crypto_aes_cmac_encrypt(tx);
790 } 826 }
791 827
792 /* not reached */ 828 /* not reached */
@@ -842,7 +878,6 @@ ieee80211_tx_h_stats(struct ieee80211_tx_data *tx)
842 return TX_CONTINUE; 878 return TX_CONTINUE;
843} 879}
844 880
845
846/* actual transmit path */ 881/* actual transmit path */
847 882
848/* 883/*
@@ -982,12 +1017,20 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
982 tx->sta = sta_info_get(local, hdr->addr1); 1017 tx->sta = sta_info_get(local, hdr->addr1);
983 1018
984 if (tx->sta && ieee80211_is_data_qos(hdr->frame_control)) { 1019 if (tx->sta && ieee80211_is_data_qos(hdr->frame_control)) {
1020 unsigned long flags;
985 qc = ieee80211_get_qos_ctl(hdr); 1021 qc = ieee80211_get_qos_ctl(hdr);
986 tid = *qc & IEEE80211_QOS_CTL_TID_MASK; 1022 tid = *qc & IEEE80211_QOS_CTL_TID_MASK;
987 1023
1024 spin_lock_irqsave(&tx->sta->lock, flags);
988 state = &tx->sta->ampdu_mlme.tid_state_tx[tid]; 1025 state = &tx->sta->ampdu_mlme.tid_state_tx[tid];
989 if (*state == HT_AGG_STATE_OPERATIONAL) 1026 if (*state == HT_AGG_STATE_OPERATIONAL) {
990 info->flags |= IEEE80211_TX_CTL_AMPDU; 1027 info->flags |= IEEE80211_TX_CTL_AMPDU;
1028 if (local->hw.ampdu_queues)
1029 skb_set_queue_mapping(
1030 skb, tx->local->hw.queues +
1031 tx->sta->tid_to_tx_q[tid]);
1032 }
1033 spin_unlock_irqrestore(&tx->sta->lock, flags);
991 } 1034 }
992 1035
993 if (is_multicast_ether_addr(hdr->addr1)) { 1036 if (is_multicast_ether_addr(hdr->addr1)) {
@@ -1051,9 +1094,9 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1051 int ret, i; 1094 int ret, i;
1052 1095
1053 if (skb) { 1096 if (skb) {
1054 if (netif_subqueue_stopped(local->mdev, skb)) 1097 if (ieee80211_queue_stopped(&local->hw,
1055 return IEEE80211_TX_AGAIN; 1098 skb_get_queue_mapping(skb)))
1056 info = IEEE80211_SKB_CB(skb); 1099 return IEEE80211_TX_PENDING;
1057 1100
1058 ret = local->ops->tx(local_to_hw(local), skb); 1101 ret = local->ops->tx(local_to_hw(local), skb);
1059 if (ret) 1102 if (ret)
@@ -1068,8 +1111,8 @@ static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1068 info = IEEE80211_SKB_CB(tx->extra_frag[i]); 1111 info = IEEE80211_SKB_CB(tx->extra_frag[i]);
1069 info->flags &= ~(IEEE80211_TX_CTL_CLEAR_PS_FILT | 1112 info->flags &= ~(IEEE80211_TX_CTL_CLEAR_PS_FILT |
1070 IEEE80211_TX_CTL_FIRST_FRAGMENT); 1113 IEEE80211_TX_CTL_FIRST_FRAGMENT);
1071 if (netif_subqueue_stopped(local->mdev, 1114 if (ieee80211_queue_stopped(&local->hw,
1072 tx->extra_frag[i])) 1115 skb_get_queue_mapping(tx->extra_frag[i])))
1073 return IEEE80211_TX_FRAG_AGAIN; 1116 return IEEE80211_TX_FRAG_AGAIN;
1074 1117
1075 ret = local->ops->tx(local_to_hw(local), 1118 ret = local->ops->tx(local_to_hw(local),
@@ -1179,8 +1222,9 @@ retry:
1179 * queues, there's no reason for a driver to reject 1222 * queues, there's no reason for a driver to reject
1180 * a frame there, warn and drop it. 1223 * a frame there, warn and drop it.
1181 */ 1224 */
1182 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU)) 1225 if (ret != IEEE80211_TX_PENDING)
1183 goto drop; 1226 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU))
1227 goto drop;
1184 1228
1185 store = &local->pending_packet[queue]; 1229 store = &local->pending_packet[queue];
1186 1230
@@ -1296,6 +1340,19 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1296 return 0; 1340 return 0;
1297 } 1341 }
1298 1342
1343 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
1344 local->hw.conf.dynamic_ps_timeout > 0) {
1345 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1346 ieee80211_stop_queues_by_reason(&local->hw,
1347 IEEE80211_QUEUE_STOP_REASON_PS);
1348 queue_work(local->hw.workqueue,
1349 &local->dynamic_ps_disable_work);
1350 }
1351
1352 mod_timer(&local->dynamic_ps_timer, jiffies +
1353 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
1354 }
1355
1299 memset(info, 0, sizeof(*info)); 1356 memset(info, 0, sizeof(*info));
1300 1357
1301 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS; 1358 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
@@ -1390,10 +1447,31 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1390 struct net_device *dev) 1447 struct net_device *dev)
1391{ 1448{
1392 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1449 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1450 struct ieee80211_channel *chan = local->hw.conf.channel;
1393 struct ieee80211_radiotap_header *prthdr = 1451 struct ieee80211_radiotap_header *prthdr =
1394 (struct ieee80211_radiotap_header *)skb->data; 1452 (struct ieee80211_radiotap_header *)skb->data;
1395 u16 len_rthdr; 1453 u16 len_rthdr;
1396 1454
1455 /*
1456 * Frame injection is not allowed if beaconing is not allowed
1457 * or if we need radar detection. Beaconing is usually not allowed when
1458 * the mode or operation (Adhoc, AP, Mesh) does not support DFS.
1459 * Passive scan is also used in world regulatory domains where
1460 * your country is not known and as such it should be treated as
1461 * NO TX unless the channel is explicitly allowed in which case
1462 * your current regulatory domain would not have the passive scan
1463 * flag.
1464 *
1465 * Since AP mode uses monitor interfaces to inject/TX management
1466 * frames we can make AP mode the exception to this rule once it
1467 * supports radar detection as its implementation can deal with
1468 * radar detection by itself. We can do that later by adding a
1469 * monitor flag interfaces used for AP support.
1470 */
1471 if ((chan->flags & (IEEE80211_CHAN_NO_IBSS | IEEE80211_CHAN_RADAR |
1472 IEEE80211_CHAN_PASSIVE_SCAN)))
1473 goto fail;
1474
1397 /* check for not even having the fixed radiotap header part */ 1475 /* check for not even having the fixed radiotap header part */
1398 if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header))) 1476 if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header)))
1399 goto fail; /* too short to be possibly valid */ 1477 goto fail; /* too short to be possibly valid */
@@ -1477,19 +1555,6 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1477 goto fail; 1555 goto fail;
1478 } 1556 }
1479 1557
1480 if (!(local->hw.flags & IEEE80211_HW_NO_STACK_DYNAMIC_PS) &&
1481 local->dynamic_ps_timeout > 0) {
1482 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1483 ieee80211_stop_queues_by_reason(&local->hw,
1484 IEEE80211_QUEUE_STOP_REASON_PS);
1485 queue_work(local->hw.workqueue,
1486 &local->dynamic_ps_disable_work);
1487 }
1488
1489 mod_timer(&local->dynamic_ps_timer, jiffies +
1490 msecs_to_jiffies(local->dynamic_ps_timeout));
1491 }
1492
1493 nh_pos = skb_network_header(skb) - skb->data; 1558 nh_pos = skb_network_header(skb) - skb->data;
1494 h_pos = skb_transport_header(skb) - skb->data; 1559 h_pos = skb_transport_header(skb) - skb->data;
1495 1560
@@ -1570,7 +1635,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1570 case NL80211_IFTYPE_STATION: 1635 case NL80211_IFTYPE_STATION:
1571 fc |= cpu_to_le16(IEEE80211_FCTL_TODS); 1636 fc |= cpu_to_le16(IEEE80211_FCTL_TODS);
1572 /* BSSID SA DA */ 1637 /* BSSID SA DA */
1573 memcpy(hdr.addr1, sdata->u.sta.bssid, ETH_ALEN); 1638 memcpy(hdr.addr1, sdata->u.mgd.bssid, ETH_ALEN);
1574 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); 1639 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1575 memcpy(hdr.addr3, skb->data, ETH_ALEN); 1640 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1576 hdrlen = 24; 1641 hdrlen = 24;
@@ -1579,7 +1644,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1579 /* DA SA BSSID */ 1644 /* DA SA BSSID */
1580 memcpy(hdr.addr1, skb->data, ETH_ALEN); 1645 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1581 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); 1646 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1582 memcpy(hdr.addr3, sdata->u.sta.bssid, ETH_ALEN); 1647 memcpy(hdr.addr3, sdata->u.ibss.bssid, ETH_ALEN);
1583 hdrlen = 24; 1648 hdrlen = 24;
1584 break; 1649 break;
1585 default: 1650 default:
@@ -1865,7 +1930,6 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1865 struct ieee80211_tx_info *info; 1930 struct ieee80211_tx_info *info;
1866 struct ieee80211_sub_if_data *sdata = NULL; 1931 struct ieee80211_sub_if_data *sdata = NULL;
1867 struct ieee80211_if_ap *ap = NULL; 1932 struct ieee80211_if_ap *ap = NULL;
1868 struct ieee80211_if_sta *ifsta = NULL;
1869 struct beacon_data *beacon; 1933 struct beacon_data *beacon;
1870 struct ieee80211_supported_band *sband; 1934 struct ieee80211_supported_band *sband;
1871 enum ieee80211_band band = local->hw.conf.channel->band; 1935 enum ieee80211_band band = local->hw.conf.channel->band;
@@ -1917,13 +1981,13 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1917 } else 1981 } else
1918 goto out; 1982 goto out;
1919 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 1983 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
1984 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1920 struct ieee80211_hdr *hdr; 1985 struct ieee80211_hdr *hdr;
1921 ifsta = &sdata->u.sta;
1922 1986
1923 if (!ifsta->probe_resp) 1987 if (!ifibss->probe_resp)
1924 goto out; 1988 goto out;
1925 1989
1926 skb = skb_copy(ifsta->probe_resp, GFP_ATOMIC); 1990 skb = skb_copy(ifibss->probe_resp, GFP_ATOMIC);
1927 if (!skb) 1991 if (!skb)
1928 goto out; 1992 goto out;
1929 1993
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index fb89e1d0aa03..e0431a1d218b 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -41,6 +41,15 @@ const unsigned char rfc1042_header[] __aligned(2) =
41const unsigned char bridge_tunnel_header[] __aligned(2) = 41const unsigned char bridge_tunnel_header[] __aligned(2) =
42 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 }; 42 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
43 43
44struct ieee80211_hw *wiphy_to_ieee80211_hw(struct wiphy *wiphy)
45{
46 struct ieee80211_local *local;
47 BUG_ON(!wiphy);
48
49 local = wiphy_priv(wiphy);
50 return &local->hw;
51}
52EXPORT_SYMBOL(wiphy_to_ieee80211_hw);
44 53
45u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len, 54u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len,
46 enum nl80211_iftype type) 55 enum nl80211_iftype type)
@@ -335,15 +344,36 @@ static void __ieee80211_wake_queue(struct ieee80211_hw *hw, int queue,
335{ 344{
336 struct ieee80211_local *local = hw_to_local(hw); 345 struct ieee80211_local *local = hw_to_local(hw);
337 346
338 /* we don't need to track ampdu queues */ 347 if (queue >= hw->queues) {
339 if (queue < ieee80211_num_regular_queues(hw)) { 348 if (local->ampdu_ac_queue[queue - hw->queues] < 0)
340 __clear_bit(reason, &local->queue_stop_reasons[queue]); 349 return;
350
351 /*
352 * for virtual aggregation queues, we need to refcount the
353 * internal mac80211 disable (multiple times!), keep track of
354 * driver disable _and_ make sure the regular queue is
355 * actually enabled.
356 */
357 if (reason == IEEE80211_QUEUE_STOP_REASON_AGGREGATION)
358 local->amdpu_ac_stop_refcnt[queue - hw->queues]--;
359 else
360 __clear_bit(reason, &local->queue_stop_reasons[queue]);
341 361
342 if (local->queue_stop_reasons[queue] != 0) 362 if (local->queue_stop_reasons[queue] ||
343 /* someone still has this queue stopped */ 363 local->amdpu_ac_stop_refcnt[queue - hw->queues])
344 return; 364 return;
365
366 /* now go on to treat the corresponding regular queue */
367 queue = local->ampdu_ac_queue[queue - hw->queues];
368 reason = IEEE80211_QUEUE_STOP_REASON_AGGREGATION;
345 } 369 }
346 370
371 __clear_bit(reason, &local->queue_stop_reasons[queue]);
372
373 if (local->queue_stop_reasons[queue] != 0)
374 /* someone still has this queue stopped */
375 return;
376
347 if (test_bit(queue, local->queues_pending)) { 377 if (test_bit(queue, local->queues_pending)) {
348 set_bit(queue, local->queues_pending_run); 378 set_bit(queue, local->queues_pending_run);
349 tasklet_schedule(&local->tx_pending_tasklet); 379 tasklet_schedule(&local->tx_pending_tasklet);
@@ -375,9 +405,27 @@ static void __ieee80211_stop_queue(struct ieee80211_hw *hw, int queue,
375{ 405{
376 struct ieee80211_local *local = hw_to_local(hw); 406 struct ieee80211_local *local = hw_to_local(hw);
377 407
378 /* we don't need to track ampdu queues */ 408 if (queue >= hw->queues) {
379 if (queue < ieee80211_num_regular_queues(hw)) 409 if (local->ampdu_ac_queue[queue - hw->queues] < 0)
380 __set_bit(reason, &local->queue_stop_reasons[queue]); 410 return;
411
412 /*
413 * for virtual aggregation queues, we need to refcount the
414 * internal mac80211 disable (multiple times!), keep track of
415 * driver disable _and_ make sure the regular queue is
416 * actually enabled.
417 */
418 if (reason == IEEE80211_QUEUE_STOP_REASON_AGGREGATION)
419 local->amdpu_ac_stop_refcnt[queue - hw->queues]++;
420 else
421 __set_bit(reason, &local->queue_stop_reasons[queue]);
422
423 /* now go on to treat the corresponding regular queue */
424 queue = local->ampdu_ac_queue[queue - hw->queues];
425 reason = IEEE80211_QUEUE_STOP_REASON_AGGREGATION;
426 }
427
428 __set_bit(reason, &local->queue_stop_reasons[queue]);
381 429
382 netif_stop_subqueue(local->mdev, queue); 430 netif_stop_subqueue(local->mdev, queue);
383} 431}
@@ -409,7 +457,7 @@ void ieee80211_stop_queues_by_reason(struct ieee80211_hw *hw,
409 457
410 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 458 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
411 459
412 for (i = 0; i < ieee80211_num_queues(hw); i++) 460 for (i = 0; i < hw->queues; i++)
413 __ieee80211_stop_queue(hw, i, reason); 461 __ieee80211_stop_queue(hw, i, reason);
414 462
415 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 463 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
@@ -425,6 +473,16 @@ EXPORT_SYMBOL(ieee80211_stop_queues);
425int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue) 473int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue)
426{ 474{
427 struct ieee80211_local *local = hw_to_local(hw); 475 struct ieee80211_local *local = hw_to_local(hw);
476 unsigned long flags;
477
478 if (queue >= hw->queues) {
479 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
480 queue = local->ampdu_ac_queue[queue - hw->queues];
481 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
482 if (queue < 0)
483 return true;
484 }
485
428 return __netif_subqueue_stopped(local->mdev, queue); 486 return __netif_subqueue_stopped(local->mdev, queue);
429} 487}
430EXPORT_SYMBOL(ieee80211_queue_stopped); 488EXPORT_SYMBOL(ieee80211_queue_stopped);
@@ -459,7 +517,7 @@ void ieee80211_iterate_active_interfaces(
459 struct ieee80211_local *local = hw_to_local(hw); 517 struct ieee80211_local *local = hw_to_local(hw);
460 struct ieee80211_sub_if_data *sdata; 518 struct ieee80211_sub_if_data *sdata;
461 519
462 rtnl_lock(); 520 mutex_lock(&local->iflist_mtx);
463 521
464 list_for_each_entry(sdata, &local->interfaces, list) { 522 list_for_each_entry(sdata, &local->interfaces, list) {
465 switch (sdata->vif.type) { 523 switch (sdata->vif.type) {
@@ -480,7 +538,7 @@ void ieee80211_iterate_active_interfaces(
480 &sdata->vif); 538 &sdata->vif);
481 } 539 }
482 540
483 rtnl_unlock(); 541 mutex_unlock(&local->iflist_mtx);
484} 542}
485EXPORT_SYMBOL_GPL(ieee80211_iterate_active_interfaces); 543EXPORT_SYMBOL_GPL(ieee80211_iterate_active_interfaces);
486 544
@@ -653,6 +711,10 @@ void ieee802_11_parse_elems(u8 *start, size_t len,
653 elems->pwr_constr_elem = pos; 711 elems->pwr_constr_elem = pos;
654 elems->pwr_constr_elem_len = elen; 712 elems->pwr_constr_elem_len = elen;
655 break; 713 break;
714 case WLAN_EID_TIMEOUT_INTERVAL:
715 elems->timeout_int = pos;
716 elems->timeout_int_len = elen;
717 break;
656 default: 718 default:
657 break; 719 break;
658 } 720 }
@@ -688,6 +750,27 @@ void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata)
688 local->ops->conf_tx(local_to_hw(local), i, &qparam); 750 local->ops->conf_tx(local_to_hw(local), i, &qparam);
689} 751}
690 752
753void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
754 const size_t supp_rates_len,
755 const u8 *supp_rates)
756{
757 struct ieee80211_local *local = sdata->local;
758 int i, have_higher_than_11mbit = 0;
759
760 /* cf. IEEE 802.11 9.2.12 */
761 for (i = 0; i < supp_rates_len; i++)
762 if ((supp_rates[i] & 0x7f) * 5 > 110)
763 have_higher_than_11mbit = 1;
764
765 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
766 have_higher_than_11mbit)
767 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
768 else
769 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
770
771 ieee80211_set_wmm_default(sdata);
772}
773
691void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 774void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
692 int encrypt) 775 int encrypt)
693{ 776{
@@ -727,12 +810,12 @@ int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freqMHz)
727 return ret; 810 return ret;
728} 811}
729 812
730u64 ieee80211_mandatory_rates(struct ieee80211_local *local, 813u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
731 enum ieee80211_band band) 814 enum ieee80211_band band)
732{ 815{
733 struct ieee80211_supported_band *sband; 816 struct ieee80211_supported_band *sband;
734 struct ieee80211_rate *bitrates; 817 struct ieee80211_rate *bitrates;
735 u64 mandatory_rates; 818 u32 mandatory_rates;
736 enum ieee80211_rate_flags mandatory_flag; 819 enum ieee80211_rate_flags mandatory_flag;
737 int i; 820 int i;
738 821
@@ -754,3 +837,161 @@ u64 ieee80211_mandatory_rates(struct ieee80211_local *local,
754 mandatory_rates |= BIT(i); 837 mandatory_rates |= BIT(i);
755 return mandatory_rates; 838 return mandatory_rates;
756} 839}
840
841void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
842 u16 transaction, u16 auth_alg,
843 u8 *extra, size_t extra_len,
844 const u8 *bssid, int encrypt)
845{
846 struct ieee80211_local *local = sdata->local;
847 struct sk_buff *skb;
848 struct ieee80211_mgmt *mgmt;
849 const u8 *ie_auth = NULL;
850 int ie_auth_len = 0;
851
852 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
853 ie_auth_len = sdata->u.mgd.ie_auth_len;
854 ie_auth = sdata->u.mgd.ie_auth;
855 }
856
857 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
858 sizeof(*mgmt) + 6 + extra_len + ie_auth_len);
859 if (!skb) {
860 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
861 "frame\n", sdata->dev->name);
862 return;
863 }
864 skb_reserve(skb, local->hw.extra_tx_headroom);
865
866 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
867 memset(mgmt, 0, 24 + 6);
868 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
869 IEEE80211_STYPE_AUTH);
870 if (encrypt)
871 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
872 memcpy(mgmt->da, bssid, ETH_ALEN);
873 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
874 memcpy(mgmt->bssid, bssid, ETH_ALEN);
875 mgmt->u.auth.auth_alg = cpu_to_le16(auth_alg);
876 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
877 mgmt->u.auth.status_code = cpu_to_le16(0);
878 if (extra)
879 memcpy(skb_put(skb, extra_len), extra, extra_len);
880 if (ie_auth)
881 memcpy(skb_put(skb, ie_auth_len), ie_auth, ie_auth_len);
882
883 ieee80211_tx_skb(sdata, skb, encrypt);
884}
885
886void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
887 u8 *ssid, size_t ssid_len,
888 u8 *ie, size_t ie_len)
889{
890 struct ieee80211_local *local = sdata->local;
891 struct ieee80211_supported_band *sband;
892 struct sk_buff *skb;
893 struct ieee80211_mgmt *mgmt;
894 u8 *pos, *supp_rates, *esupp_rates = NULL, *extra_preq_ie = NULL;
895 int i, extra_preq_ie_len = 0;
896
897 switch (sdata->vif.type) {
898 case NL80211_IFTYPE_STATION:
899 extra_preq_ie_len = sdata->u.mgd.ie_probereq_len;
900 extra_preq_ie = sdata->u.mgd.ie_probereq;
901 break;
902 default:
903 break;
904 }
905
906 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 +
907 ie_len + extra_preq_ie_len);
908 if (!skb) {
909 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
910 "request\n", sdata->dev->name);
911 return;
912 }
913 skb_reserve(skb, local->hw.extra_tx_headroom);
914
915 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
916 memset(mgmt, 0, 24);
917 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
918 IEEE80211_STYPE_PROBE_REQ);
919 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
920 if (dst) {
921 memcpy(mgmt->da, dst, ETH_ALEN);
922 memcpy(mgmt->bssid, dst, ETH_ALEN);
923 } else {
924 memset(mgmt->da, 0xff, ETH_ALEN);
925 memset(mgmt->bssid, 0xff, ETH_ALEN);
926 }
927 pos = skb_put(skb, 2 + ssid_len);
928 *pos++ = WLAN_EID_SSID;
929 *pos++ = ssid_len;
930 memcpy(pos, ssid, ssid_len);
931
932 supp_rates = skb_put(skb, 2);
933 supp_rates[0] = WLAN_EID_SUPP_RATES;
934 supp_rates[1] = 0;
935 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
936
937 for (i = 0; i < sband->n_bitrates; i++) {
938 struct ieee80211_rate *rate = &sband->bitrates[i];
939 if (esupp_rates) {
940 pos = skb_put(skb, 1);
941 esupp_rates[1]++;
942 } else if (supp_rates[1] == 8) {
943 esupp_rates = skb_put(skb, 3);
944 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
945 esupp_rates[1] = 1;
946 pos = &esupp_rates[2];
947 } else {
948 pos = skb_put(skb, 1);
949 supp_rates[1]++;
950 }
951 *pos = rate->bitrate / 5;
952 }
953
954 if (ie)
955 memcpy(skb_put(skb, ie_len), ie, ie_len);
956 if (extra_preq_ie)
957 memcpy(skb_put(skb, extra_preq_ie_len), extra_preq_ie,
958 extra_preq_ie_len);
959
960 ieee80211_tx_skb(sdata, skb, 0);
961}
962
963u32 ieee80211_sta_get_rates(struct ieee80211_local *local,
964 struct ieee802_11_elems *elems,
965 enum ieee80211_band band)
966{
967 struct ieee80211_supported_band *sband;
968 struct ieee80211_rate *bitrates;
969 size_t num_rates;
970 u32 supp_rates;
971 int i, j;
972 sband = local->hw.wiphy->bands[band];
973
974 if (!sband) {
975 WARN_ON(1);
976 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
977 }
978
979 bitrates = sband->bitrates;
980 num_rates = sband->n_bitrates;
981 supp_rates = 0;
982 for (i = 0; i < elems->supp_rates_len +
983 elems->ext_supp_rates_len; i++) {
984 u8 rate = 0;
985 int own_rate;
986 if (i < elems->supp_rates_len)
987 rate = elems->supp_rates[i];
988 else if (elems->ext_supp_rates)
989 rate = elems->ext_supp_rates
990 [i - elems->supp_rates_len];
991 own_rate = 5 * (rate & 0x7f);
992 for (j = 0; j < num_rates; j++)
993 if (bitrates[j].bitrate == own_rate)
994 supp_rates |= BIT(j);
995 }
996 return supp_rates;
997}
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index 7162d5816f39..935c63ed3dfa 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -37,7 +37,14 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
37 struct ieee80211_key *key; 37 struct ieee80211_key *key;
38 int err; 38 int err;
39 39
40 if (idx < 0 || idx >= NUM_DEFAULT_KEYS) { 40 if (alg == ALG_AES_CMAC) {
41 if (idx < NUM_DEFAULT_KEYS ||
42 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
43 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d "
44 "(BIP)\n", sdata->dev->name, idx);
45 return -EINVAL;
46 }
47 } else if (idx < 0 || idx >= NUM_DEFAULT_KEYS) {
41 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n", 48 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
42 sdata->dev->name, idx); 49 sdata->dev->name, idx);
43 return -EINVAL; 50 return -EINVAL;
@@ -103,6 +110,9 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
103 110
104 if (set_tx_key || (!sta && !sdata->default_key && key)) 111 if (set_tx_key || (!sta && !sdata->default_key && key))
105 ieee80211_set_default_key(sdata, idx); 112 ieee80211_set_default_key(sdata, idx);
113 if (alg == ALG_AES_CMAC &&
114 (set_tx_key || (!sta && !sdata->default_mgmt_key && key)))
115 ieee80211_set_default_mgmt_key(sdata, idx);
106 } 116 }
107 117
108 out_unlock: 118 out_unlock:
@@ -122,122 +132,37 @@ static int ieee80211_ioctl_siwgenie(struct net_device *dev,
122 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) 132 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME)
123 return -EOPNOTSUPP; 133 return -EOPNOTSUPP;
124 134
125 if (sdata->vif.type == NL80211_IFTYPE_STATION || 135 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
126 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
127 int ret = ieee80211_sta_set_extra_ie(sdata, extra, data->length); 136 int ret = ieee80211_sta_set_extra_ie(sdata, extra, data->length);
128 if (ret) 137 if (ret)
129 return ret; 138 return ret;
130 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL; 139 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
131 ieee80211_sta_req_auth(sdata, &sdata->u.sta); 140 ieee80211_sta_req_auth(sdata);
132 return 0; 141 return 0;
133 } 142 }
134 143
135 return -EOPNOTSUPP; 144 return -EOPNOTSUPP;
136} 145}
137 146
138static int ieee80211_ioctl_giwrange(struct net_device *dev,
139 struct iw_request_info *info,
140 struct iw_point *data, char *extra)
141{
142 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
143 struct iw_range *range = (struct iw_range *) extra;
144 enum ieee80211_band band;
145 int c = 0;
146
147 data->length = sizeof(struct iw_range);
148 memset(range, 0, sizeof(struct iw_range));
149
150 range->we_version_compiled = WIRELESS_EXT;
151 range->we_version_source = 21;
152 range->retry_capa = IW_RETRY_LIMIT;
153 range->retry_flags = IW_RETRY_LIMIT;
154 range->min_retry = 0;
155 range->max_retry = 255;
156 range->min_rts = 0;
157 range->max_rts = 2347;
158 range->min_frag = 256;
159 range->max_frag = 2346;
160
161 range->encoding_size[0] = 5;
162 range->encoding_size[1] = 13;
163 range->num_encoding_sizes = 2;
164 range->max_encoding_tokens = NUM_DEFAULT_KEYS;
165
166 if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC ||
167 local->hw.flags & IEEE80211_HW_SIGNAL_DB)
168 range->max_qual.level = local->hw.max_signal;
169 else if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
170 range->max_qual.level = -110;
171 else
172 range->max_qual.level = 0;
173
174 if (local->hw.flags & IEEE80211_HW_NOISE_DBM)
175 range->max_qual.noise = -110;
176 else
177 range->max_qual.noise = 0;
178
179 range->max_qual.qual = 100;
180 range->max_qual.updated = local->wstats_flags;
181
182 range->avg_qual.qual = 50;
183 /* not always true but better than nothing */
184 range->avg_qual.level = range->max_qual.level / 2;
185 range->avg_qual.noise = range->max_qual.noise / 2;
186 range->avg_qual.updated = local->wstats_flags;
187
188 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
189 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;
190
191
192 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) {
193 int i;
194 struct ieee80211_supported_band *sband;
195
196 sband = local->hw.wiphy->bands[band];
197
198 if (!sband)
199 continue;
200
201 for (i = 0; i < sband->n_channels && c < IW_MAX_FREQUENCIES; i++) {
202 struct ieee80211_channel *chan = &sband->channels[i];
203
204 if (!(chan->flags & IEEE80211_CHAN_DISABLED)) {
205 range->freq[c].i =
206 ieee80211_frequency_to_channel(
207 chan->center_freq);
208 range->freq[c].m = chan->center_freq;
209 range->freq[c].e = 6;
210 c++;
211 }
212 }
213 }
214 range->num_channels = c;
215 range->num_frequency = c;
216
217 IW_EVENT_CAPA_SET_KERNEL(range->event_capa);
218 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
219 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
220
221 range->scan_capa |= IW_SCAN_CAPA_ESSID;
222
223 return 0;
224}
225
226
227static int ieee80211_ioctl_siwfreq(struct net_device *dev, 147static int ieee80211_ioctl_siwfreq(struct net_device *dev,
228 struct iw_request_info *info, 148 struct iw_request_info *info,
229 struct iw_freq *freq, char *extra) 149 struct iw_freq *freq, char *extra)
230{ 150{
231 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 151 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
232 152
233 if (sdata->vif.type == NL80211_IFTYPE_STATION) 153 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
234 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL; 154 sdata->u.ibss.flags &= ~IEEE80211_IBSS_AUTO_CHANNEL_SEL;
155 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
156 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL;
235 157
236 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */ 158 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */
237 if (freq->e == 0) { 159 if (freq->e == 0) {
238 if (freq->m < 0) { 160 if (freq->m < 0) {
239 if (sdata->vif.type == NL80211_IFTYPE_STATION) 161 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
240 sdata->u.sta.flags |= 162 sdata->u.ibss.flags |=
163 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
164 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
165 sdata->u.mgd.flags |=
241 IEEE80211_STA_AUTO_CHANNEL_SEL; 166 IEEE80211_STA_AUTO_CHANNEL_SEL;
242 return 0; 167 return 0;
243 } else 168 } else
@@ -274,32 +199,35 @@ static int ieee80211_ioctl_siwessid(struct net_device *dev,
274{ 199{
275 struct ieee80211_sub_if_data *sdata; 200 struct ieee80211_sub_if_data *sdata;
276 size_t len = data->length; 201 size_t len = data->length;
202 int ret;
277 203
278 /* iwconfig uses nul termination in SSID.. */ 204 /* iwconfig uses nul termination in SSID.. */
279 if (len > 0 && ssid[len - 1] == '\0') 205 if (len > 0 && ssid[len - 1] == '\0')
280 len--; 206 len--;
281 207
282 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 208 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
283 if (sdata->vif.type == NL80211_IFTYPE_STATION || 209 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
284 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
285 int ret;
286 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) { 210 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) {
287 if (len > IEEE80211_MAX_SSID_LEN) 211 if (len > IEEE80211_MAX_SSID_LEN)
288 return -EINVAL; 212 return -EINVAL;
289 memcpy(sdata->u.sta.ssid, ssid, len); 213 memcpy(sdata->u.mgd.ssid, ssid, len);
290 sdata->u.sta.ssid_len = len; 214 sdata->u.mgd.ssid_len = len;
291 return 0; 215 return 0;
292 } 216 }
217
293 if (data->flags) 218 if (data->flags)
294 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_SSID_SEL; 219 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
295 else 220 else
296 sdata->u.sta.flags |= IEEE80211_STA_AUTO_SSID_SEL; 221 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
222
297 ret = ieee80211_sta_set_ssid(sdata, ssid, len); 223 ret = ieee80211_sta_set_ssid(sdata, ssid, len);
298 if (ret) 224 if (ret)
299 return ret; 225 return ret;
300 ieee80211_sta_req_auth(sdata, &sdata->u.sta); 226
227 ieee80211_sta_req_auth(sdata);
301 return 0; 228 return 0;
302 } 229 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
230 return ieee80211_ibss_set_ssid(sdata, ssid, len);
303 231
304 return -EOPNOTSUPP; 232 return -EOPNOTSUPP;
305} 233}
@@ -313,8 +241,7 @@ static int ieee80211_ioctl_giwessid(struct net_device *dev,
313 241
314 struct ieee80211_sub_if_data *sdata; 242 struct ieee80211_sub_if_data *sdata;
315 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 243 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
316 if (sdata->vif.type == NL80211_IFTYPE_STATION || 244 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
317 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
318 int res = ieee80211_sta_get_ssid(sdata, ssid, &len); 245 int res = ieee80211_sta_get_ssid(sdata, ssid, &len);
319 if (res == 0) { 246 if (res == 0) {
320 data->length = len; 247 data->length = len;
@@ -322,6 +249,14 @@ static int ieee80211_ioctl_giwessid(struct net_device *dev,
322 } else 249 } else
323 data->flags = 0; 250 data->flags = 0;
324 return res; 251 return res;
252 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
253 int res = ieee80211_ibss_get_ssid(sdata, ssid, &len);
254 if (res == 0) {
255 data->length = len;
256 data->flags = 1;
257 } else
258 data->flags = 0;
259 return res;
325 } 260 }
326 261
327 return -EOPNOTSUPP; 262 return -EOPNOTSUPP;
@@ -335,26 +270,35 @@ static int ieee80211_ioctl_siwap(struct net_device *dev,
335 struct ieee80211_sub_if_data *sdata; 270 struct ieee80211_sub_if_data *sdata;
336 271
337 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 272 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
338 if (sdata->vif.type == NL80211_IFTYPE_STATION || 273 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
339 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
340 int ret; 274 int ret;
341 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) { 275 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) {
342 memcpy(sdata->u.sta.bssid, (u8 *) &ap_addr->sa_data, 276 memcpy(sdata->u.mgd.bssid, (u8 *) &ap_addr->sa_data,
343 ETH_ALEN); 277 ETH_ALEN);
344 return 0; 278 return 0;
345 } 279 }
346 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data)) 280 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data))
347 sdata->u.sta.flags |= IEEE80211_STA_AUTO_BSSID_SEL | 281 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL |
348 IEEE80211_STA_AUTO_CHANNEL_SEL; 282 IEEE80211_STA_AUTO_CHANNEL_SEL;
349 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data)) 283 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
350 sdata->u.sta.flags |= IEEE80211_STA_AUTO_BSSID_SEL; 284 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL;
351 else 285 else
352 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL; 286 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
353 ret = ieee80211_sta_set_bssid(sdata, (u8 *) &ap_addr->sa_data); 287 ret = ieee80211_sta_set_bssid(sdata, (u8 *) &ap_addr->sa_data);
354 if (ret) 288 if (ret)
355 return ret; 289 return ret;
356 ieee80211_sta_req_auth(sdata, &sdata->u.sta); 290 ieee80211_sta_req_auth(sdata);
357 return 0; 291 return 0;
292 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
293 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data))
294 sdata->u.ibss.flags |= IEEE80211_IBSS_AUTO_BSSID_SEL |
295 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
296 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
297 sdata->u.ibss.flags |= IEEE80211_IBSS_AUTO_BSSID_SEL;
298 else
299 sdata->u.ibss.flags &= ~IEEE80211_IBSS_AUTO_BSSID_SEL;
300
301 return ieee80211_ibss_set_bssid(sdata, (u8 *) &ap_addr->sa_data);
358 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) { 302 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
359 /* 303 /*
360 * If it is necessary to update the WDS peer address 304 * If it is necessary to update the WDS peer address
@@ -383,17 +327,20 @@ static int ieee80211_ioctl_giwap(struct net_device *dev,
383 struct ieee80211_sub_if_data *sdata; 327 struct ieee80211_sub_if_data *sdata;
384 328
385 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 329 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
386 if (sdata->vif.type == NL80211_IFTYPE_STATION || 330 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
387 sdata->vif.type == NL80211_IFTYPE_ADHOC) { 331 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATED) {
388 if (sdata->u.sta.state == IEEE80211_STA_MLME_ASSOCIATED ||
389 sdata->u.sta.state == IEEE80211_STA_MLME_IBSS_JOINED) {
390 ap_addr->sa_family = ARPHRD_ETHER; 332 ap_addr->sa_family = ARPHRD_ETHER;
391 memcpy(&ap_addr->sa_data, sdata->u.sta.bssid, ETH_ALEN); 333 memcpy(&ap_addr->sa_data, sdata->u.mgd.bssid, ETH_ALEN);
392 return 0; 334 } else
393 } else {
394 memset(&ap_addr->sa_data, 0, ETH_ALEN); 335 memset(&ap_addr->sa_data, 0, ETH_ALEN);
395 return 0; 336 return 0;
396 } 337 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
338 if (sdata->u.ibss.state == IEEE80211_IBSS_MLME_JOINED) {
339 ap_addr->sa_family = ARPHRD_ETHER;
340 memcpy(&ap_addr->sa_data, sdata->u.ibss.bssid, ETH_ALEN);
341 } else
342 memset(&ap_addr->sa_data, 0, ETH_ALEN);
343 return 0;
397 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) { 344 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
398 ap_addr->sa_family = ARPHRD_ETHER; 345 ap_addr->sa_family = ARPHRD_ETHER;
399 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN); 346 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN);
@@ -404,58 +351,6 @@ static int ieee80211_ioctl_giwap(struct net_device *dev,
404} 351}
405 352
406 353
407static int ieee80211_ioctl_siwscan(struct net_device *dev,
408 struct iw_request_info *info,
409 union iwreq_data *wrqu, char *extra)
410{
411 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
412 struct iw_scan_req *req = NULL;
413 u8 *ssid = NULL;
414 size_t ssid_len = 0;
415
416 if (!netif_running(dev))
417 return -ENETDOWN;
418
419 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
420 sdata->vif.type != NL80211_IFTYPE_ADHOC &&
421 sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
422 return -EOPNOTSUPP;
423
424 /* if SSID was specified explicitly then use that */
425 if (wrqu->data.length == sizeof(struct iw_scan_req) &&
426 wrqu->data.flags & IW_SCAN_THIS_ESSID) {
427 req = (struct iw_scan_req *)extra;
428 ssid = req->essid;
429 ssid_len = req->essid_len;
430 }
431
432 return ieee80211_request_scan(sdata, ssid, ssid_len);
433}
434
435
436static int ieee80211_ioctl_giwscan(struct net_device *dev,
437 struct iw_request_info *info,
438 struct iw_point *data, char *extra)
439{
440 int res;
441 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
442 struct ieee80211_sub_if_data *sdata;
443
444 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
445
446 if (local->sw_scanning || local->hw_scanning)
447 return -EAGAIN;
448
449 res = ieee80211_scan_results(local, info, extra, data->length);
450 if (res >= 0) {
451 data->length = res;
452 return 0;
453 }
454 data->length = 0;
455 return res;
456}
457
458
459static int ieee80211_ioctl_siwrate(struct net_device *dev, 354static int ieee80211_ioctl_siwrate(struct net_device *dev,
460 struct iw_request_info *info, 355 struct iw_request_info *info,
461 struct iw_param *rate, char *extra) 356 struct iw_param *rate, char *extra)
@@ -511,7 +406,7 @@ static int ieee80211_ioctl_giwrate(struct net_device *dev,
511 406
512 rcu_read_lock(); 407 rcu_read_lock();
513 408
514 sta = sta_info_get(local, sdata->u.sta.bssid); 409 sta = sta_info_get(local, sdata->u.mgd.bssid);
515 410
516 if (sta && !(sta->last_tx_rate.flags & IEEE80211_TX_RC_MCS)) 411 if (sta && !(sta->last_tx_rate.flags & IEEE80211_TX_RC_MCS))
517 rate->value = sband->bitrates[sta->last_tx_rate.idx].bitrate; 412 rate->value = sband->bitrates[sta->last_tx_rate.idx].bitrate;
@@ -549,10 +444,9 @@ static int ieee80211_ioctl_siwtxpower(struct net_device *dev,
549 else /* Automatic power level setting */ 444 else /* Automatic power level setting */
550 new_power_level = chan->max_power; 445 new_power_level = chan->max_power;
551 446
552 if (local->hw.conf.power_level != new_power_level) { 447 local->user_power_level = new_power_level;
553 local->hw.conf.power_level = new_power_level; 448 if (local->hw.conf.power_level != new_power_level)
554 reconf_flags |= IEEE80211_CONF_CHANGE_POWER; 449 reconf_flags |= IEEE80211_CONF_CHANGE_POWER;
555 }
556 450
557 if (local->hw.conf.radio_enabled != !(data->txpower.disabled)) { 451 if (local->hw.conf.radio_enabled != !(data->txpower.disabled)) {
558 local->hw.conf.radio_enabled = !(data->txpower.disabled); 452 local->hw.conf.radio_enabled = !(data->txpower.disabled);
@@ -713,8 +607,7 @@ static int ieee80211_ioctl_siwmlme(struct net_device *dev,
713 struct iw_mlme *mlme = (struct iw_mlme *) extra; 607 struct iw_mlme *mlme = (struct iw_mlme *) extra;
714 608
715 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 609 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
716 if (sdata->vif.type != NL80211_IFTYPE_STATION && 610 if (!(sdata->vif.type == NL80211_IFTYPE_STATION))
717 sdata->vif.type != NL80211_IFTYPE_ADHOC)
718 return -EINVAL; 611 return -EINVAL;
719 612
720 switch (mlme->cmd) { 613 switch (mlme->cmd) {
@@ -810,8 +703,7 @@ static int ieee80211_ioctl_giwencode(struct net_device *dev,
810 erq->flags |= IW_ENCODE_ENABLED; 703 erq->flags |= IW_ENCODE_ENABLED;
811 704
812 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 705 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
813 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 706 switch (sdata->u.mgd.auth_alg) {
814 switch (ifsta->auth_alg) {
815 case WLAN_AUTH_OPEN: 707 case WLAN_AUTH_OPEN:
816 case WLAN_AUTH_LEAP: 708 case WLAN_AUTH_LEAP:
817 erq->flags |= IW_ENCODE_OPEN; 709 erq->flags |= IW_ENCODE_OPEN;
@@ -836,6 +728,9 @@ static int ieee80211_ioctl_siwpower(struct net_device *dev,
836 int ret = 0, timeout = 0; 728 int ret = 0, timeout = 0;
837 bool ps; 729 bool ps;
838 730
731 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
732 return -EOPNOTSUPP;
733
839 if (sdata->vif.type != NL80211_IFTYPE_STATION) 734 if (sdata->vif.type != NL80211_IFTYPE_STATION)
840 return -EINVAL; 735 return -EINVAL;
841 736
@@ -852,31 +747,49 @@ static int ieee80211_ioctl_siwpower(struct net_device *dev,
852 ps = true; 747 ps = true;
853 break; 748 break;
854 default: /* Otherwise we ignore */ 749 default: /* Otherwise we ignore */
855 break; 750 return -EINVAL;
856 } 751 }
857 752
753 if (wrq->flags & ~(IW_POWER_MODE | IW_POWER_TIMEOUT))
754 return -EINVAL;
755
858 if (wrq->flags & IW_POWER_TIMEOUT) 756 if (wrq->flags & IW_POWER_TIMEOUT)
859 timeout = wrq->value / 1000; 757 timeout = wrq->value / 1000;
860 758
861set: 759 set:
862 if (ps == local->powersave && timeout == local->dynamic_ps_timeout) 760 if (ps == local->powersave && timeout == conf->dynamic_ps_timeout)
863 return ret; 761 return ret;
864 762
865 local->powersave = ps; 763 local->powersave = ps;
866 local->dynamic_ps_timeout = timeout; 764 conf->dynamic_ps_timeout = timeout;
867 765
868 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) { 766 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
869 if (!(local->hw.flags & IEEE80211_HW_NO_STACK_DYNAMIC_PS) && 767 ret = ieee80211_hw_config(local,
870 local->dynamic_ps_timeout > 0) 768 IEEE80211_CONF_CHANGE_DYNPS_TIMEOUT);
871 mod_timer(&local->dynamic_ps_timer, jiffies + 769
872 msecs_to_jiffies(local->dynamic_ps_timeout)); 770 if (!(sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED))
873 else { 771 return ret;
874 if (local->powersave) 772
875 conf->flags |= IEEE80211_CONF_PS; 773 if (conf->dynamic_ps_timeout > 0 &&
876 else 774 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
877 conf->flags &= ~IEEE80211_CONF_PS; 775 mod_timer(&local->dynamic_ps_timer, jiffies +
776 msecs_to_jiffies(conf->dynamic_ps_timeout));
777 } else {
778 if (local->powersave) {
779 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
780 ieee80211_send_nullfunc(local, sdata, 1);
781 conf->flags |= IEEE80211_CONF_PS;
782 ret = ieee80211_hw_config(local,
783 IEEE80211_CONF_CHANGE_PS);
784 } else {
785 conf->flags &= ~IEEE80211_CONF_PS;
786 ret = ieee80211_hw_config(local,
787 IEEE80211_CONF_CHANGE_PS);
788 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
789 ieee80211_send_nullfunc(local, sdata, 0);
790 del_timer_sync(&local->dynamic_ps_timer);
791 cancel_work_sync(&local->dynamic_ps_enable_work);
878 } 792 }
879 ret = ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
880 } 793 }
881 794
882 return ret; 795 return ret;
@@ -903,11 +816,22 @@ static int ieee80211_ioctl_siwauth(struct net_device *dev,
903 816
904 switch (data->flags & IW_AUTH_INDEX) { 817 switch (data->flags & IW_AUTH_INDEX) {
905 case IW_AUTH_WPA_VERSION: 818 case IW_AUTH_WPA_VERSION:
906 case IW_AUTH_CIPHER_PAIRWISE:
907 case IW_AUTH_CIPHER_GROUP: 819 case IW_AUTH_CIPHER_GROUP:
908 case IW_AUTH_WPA_ENABLED: 820 case IW_AUTH_WPA_ENABLED:
909 case IW_AUTH_RX_UNENCRYPTED_EAPOL: 821 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
910 case IW_AUTH_KEY_MGMT: 822 case IW_AUTH_KEY_MGMT:
823 case IW_AUTH_CIPHER_GROUP_MGMT:
824 break;
825 case IW_AUTH_CIPHER_PAIRWISE:
826 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
827 if (data->value & (IW_AUTH_CIPHER_WEP40 |
828 IW_AUTH_CIPHER_WEP104 | IW_AUTH_CIPHER_TKIP))
829 sdata->u.mgd.flags |=
830 IEEE80211_STA_TKIP_WEP_USED;
831 else
832 sdata->u.mgd.flags &=
833 ~IEEE80211_STA_TKIP_WEP_USED;
834 }
911 break; 835 break;
912 case IW_AUTH_DROP_UNENCRYPTED: 836 case IW_AUTH_DROP_UNENCRYPTED:
913 sdata->drop_unencrypted = !!data->value; 837 sdata->drop_unencrypted = !!data->value;
@@ -916,24 +840,45 @@ static int ieee80211_ioctl_siwauth(struct net_device *dev,
916 if (sdata->vif.type != NL80211_IFTYPE_STATION) 840 if (sdata->vif.type != NL80211_IFTYPE_STATION)
917 ret = -EINVAL; 841 ret = -EINVAL;
918 else { 842 else {
919 sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; 843 sdata->u.mgd.flags &= ~IEEE80211_STA_PRIVACY_INVOKED;
920 /* 844 /*
921 * Privacy invoked by wpa_supplicant, store the 845 * Privacy invoked by wpa_supplicant, store the
922 * value and allow associating to a protected 846 * value and allow associating to a protected
923 * network without having a key up front. 847 * network without having a key up front.
924 */ 848 */
925 if (data->value) 849 if (data->value)
926 sdata->u.sta.flags |= 850 sdata->u.mgd.flags |=
927 IEEE80211_STA_PRIVACY_INVOKED; 851 IEEE80211_STA_PRIVACY_INVOKED;
928 } 852 }
929 break; 853 break;
930 case IW_AUTH_80211_AUTH_ALG: 854 case IW_AUTH_80211_AUTH_ALG:
931 if (sdata->vif.type == NL80211_IFTYPE_STATION || 855 if (sdata->vif.type == NL80211_IFTYPE_STATION)
932 sdata->vif.type == NL80211_IFTYPE_ADHOC) 856 sdata->u.mgd.auth_algs = data->value;
933 sdata->u.sta.auth_algs = data->value;
934 else 857 else
935 ret = -EOPNOTSUPP; 858 ret = -EOPNOTSUPP;
936 break; 859 break;
860 case IW_AUTH_MFP:
861 if (!(sdata->local->hw.flags & IEEE80211_HW_MFP_CAPABLE)) {
862 ret = -EOPNOTSUPP;
863 break;
864 }
865 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
866 switch (data->value) {
867 case IW_AUTH_MFP_DISABLED:
868 sdata->u.mgd.mfp = IEEE80211_MFP_DISABLED;
869 break;
870 case IW_AUTH_MFP_OPTIONAL:
871 sdata->u.mgd.mfp = IEEE80211_MFP_OPTIONAL;
872 break;
873 case IW_AUTH_MFP_REQUIRED:
874 sdata->u.mgd.mfp = IEEE80211_MFP_REQUIRED;
875 break;
876 default:
877 ret = -EINVAL;
878 }
879 } else
880 ret = -EOPNOTSUPP;
881 break;
937 default: 882 default:
938 ret = -EOPNOTSUPP; 883 ret = -EOPNOTSUPP;
939 break; 884 break;
@@ -951,9 +896,9 @@ static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev
951 896
952 rcu_read_lock(); 897 rcu_read_lock();
953 898
954 if (sdata->vif.type == NL80211_IFTYPE_STATION || 899 if (sdata->vif.type == NL80211_IFTYPE_STATION)
955 sdata->vif.type == NL80211_IFTYPE_ADHOC) 900 sta = sta_info_get(local, sdata->u.mgd.bssid);
956 sta = sta_info_get(local, sdata->u.sta.bssid); 901
957 if (!sta) { 902 if (!sta) {
958 wstats->discard.fragment = 0; 903 wstats->discard.fragment = 0;
959 wstats->discard.misc = 0; 904 wstats->discard.misc = 0;
@@ -962,10 +907,45 @@ static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev
962 wstats->qual.noise = 0; 907 wstats->qual.noise = 0;
963 wstats->qual.updated = IW_QUAL_ALL_INVALID; 908 wstats->qual.updated = IW_QUAL_ALL_INVALID;
964 } else { 909 } else {
965 wstats->qual.level = sta->last_signal; 910 wstats->qual.updated = 0;
966 wstats->qual.qual = sta->last_qual; 911 /*
967 wstats->qual.noise = sta->last_noise; 912 * mirror what cfg80211 does for iwrange/scan results,
968 wstats->qual.updated = local->wstats_flags; 913 * otherwise userspace gets confused.
914 */
915 if (local->hw.flags & (IEEE80211_HW_SIGNAL_UNSPEC |
916 IEEE80211_HW_SIGNAL_DBM)) {
917 wstats->qual.updated |= IW_QUAL_LEVEL_UPDATED;
918 wstats->qual.updated |= IW_QUAL_QUAL_UPDATED;
919 } else {
920 wstats->qual.updated |= IW_QUAL_LEVEL_INVALID;
921 wstats->qual.updated |= IW_QUAL_QUAL_INVALID;
922 }
923
924 if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC) {
925 wstats->qual.level = sta->last_signal;
926 wstats->qual.qual = sta->last_signal;
927 } else if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {
928 int sig = sta->last_signal;
929
930 wstats->qual.updated |= IW_QUAL_DBM;
931 wstats->qual.level = sig;
932 if (sig < -110)
933 sig = -110;
934 else if (sig > -40)
935 sig = -40;
936 wstats->qual.qual = sig + 110;
937 }
938
939 if (local->hw.flags & IEEE80211_HW_NOISE_DBM) {
940 /*
941 * This assumes that if driver reports noise, it also
942 * reports signal in dBm.
943 */
944 wstats->qual.noise = sta->last_noise;
945 wstats->qual.updated |= IW_QUAL_NOISE_UPDATED;
946 } else {
947 wstats->qual.updated |= IW_QUAL_NOISE_INVALID;
948 }
969 } 949 }
970 950
971 rcu_read_unlock(); 951 rcu_read_unlock();
@@ -982,9 +962,8 @@ static int ieee80211_ioctl_giwauth(struct net_device *dev,
982 962
983 switch (data->flags & IW_AUTH_INDEX) { 963 switch (data->flags & IW_AUTH_INDEX) {
984 case IW_AUTH_80211_AUTH_ALG: 964 case IW_AUTH_80211_AUTH_ALG:
985 if (sdata->vif.type == NL80211_IFTYPE_STATION || 965 if (sdata->vif.type == NL80211_IFTYPE_STATION)
986 sdata->vif.type == NL80211_IFTYPE_ADHOC) 966 data->value = sdata->u.mgd.auth_algs;
987 data->value = sdata->u.sta.auth_algs;
988 else 967 else
989 ret = -EOPNOTSUPP; 968 ret = -EOPNOTSUPP;
990 break; 969 break;
@@ -1017,6 +996,9 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1017 case IW_ENCODE_ALG_CCMP: 996 case IW_ENCODE_ALG_CCMP:
1018 alg = ALG_CCMP; 997 alg = ALG_CCMP;
1019 break; 998 break;
999 case IW_ENCODE_ALG_AES_CMAC:
1000 alg = ALG_AES_CMAC;
1001 break;
1020 default: 1002 default:
1021 return -EOPNOTSUPP; 1003 return -EOPNOTSUPP;
1022 } 1004 }
@@ -1025,20 +1007,41 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1025 remove = 1; 1007 remove = 1;
1026 1008
1027 idx = erq->flags & IW_ENCODE_INDEX; 1009 idx = erq->flags & IW_ENCODE_INDEX;
1028 if (idx < 1 || idx > 4) { 1010 if (alg == ALG_AES_CMAC) {
1029 idx = -1; 1011 if (idx < NUM_DEFAULT_KEYS + 1 ||
1030 if (!sdata->default_key) 1012 idx > NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
1031 idx = 0; 1013 idx = -1;
1032 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1014 if (!sdata->default_mgmt_key)
1033 if (sdata->default_key == sdata->keys[i]) { 1015 idx = 0;
1034 idx = i; 1016 else for (i = NUM_DEFAULT_KEYS;
1035 break; 1017 i < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS;
1018 i++) {
1019 if (sdata->default_mgmt_key == sdata->keys[i])
1020 {
1021 idx = i;
1022 break;
1023 }
1036 } 1024 }
1037 } 1025 if (idx < 0)
1038 if (idx < 0) 1026 return -EINVAL;
1039 return -EINVAL; 1027 } else
1040 } else 1028 idx--;
1041 idx--; 1029 } else {
1030 if (idx < 1 || idx > 4) {
1031 idx = -1;
1032 if (!sdata->default_key)
1033 idx = 0;
1034 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1035 if (sdata->default_key == sdata->keys[i]) {
1036 idx = i;
1037 break;
1038 }
1039 }
1040 if (idx < 0)
1041 return -EINVAL;
1042 } else
1043 idx--;
1044 }
1042 1045
1043 return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg, 1046 return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg,
1044 remove, 1047 remove,
@@ -1063,7 +1066,7 @@ static const iw_handler ieee80211_handler[] =
1063 (iw_handler) NULL, /* SIOCSIWSENS */ 1066 (iw_handler) NULL, /* SIOCSIWSENS */
1064 (iw_handler) NULL, /* SIOCGIWSENS */ 1067 (iw_handler) NULL, /* SIOCGIWSENS */
1065 (iw_handler) NULL /* not used */, /* SIOCSIWRANGE */ 1068 (iw_handler) NULL /* not used */, /* SIOCSIWRANGE */
1066 (iw_handler) ieee80211_ioctl_giwrange, /* SIOCGIWRANGE */ 1069 (iw_handler) cfg80211_wext_giwrange, /* SIOCGIWRANGE */
1067 (iw_handler) NULL /* not used */, /* SIOCSIWPRIV */ 1070 (iw_handler) NULL /* not used */, /* SIOCSIWPRIV */
1068 (iw_handler) NULL /* kernel code */, /* SIOCGIWPRIV */ 1071 (iw_handler) NULL /* kernel code */, /* SIOCGIWPRIV */
1069 (iw_handler) NULL /* not used */, /* SIOCSIWSTATS */ 1072 (iw_handler) NULL /* not used */, /* SIOCSIWSTATS */
@@ -1076,8 +1079,8 @@ static const iw_handler ieee80211_handler[] =
1076 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */ 1079 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */
1077 (iw_handler) ieee80211_ioctl_siwmlme, /* SIOCSIWMLME */ 1080 (iw_handler) ieee80211_ioctl_siwmlme, /* SIOCSIWMLME */
1078 (iw_handler) NULL, /* SIOCGIWAPLIST */ 1081 (iw_handler) NULL, /* SIOCGIWAPLIST */
1079 (iw_handler) ieee80211_ioctl_siwscan, /* SIOCSIWSCAN */ 1082 (iw_handler) cfg80211_wext_siwscan, /* SIOCSIWSCAN */
1080 (iw_handler) ieee80211_ioctl_giwscan, /* SIOCGIWSCAN */ 1083 (iw_handler) cfg80211_wext_giwscan, /* SIOCGIWSCAN */
1081 (iw_handler) ieee80211_ioctl_siwessid, /* SIOCSIWESSID */ 1084 (iw_handler) ieee80211_ioctl_siwessid, /* SIOCSIWESSID */
1082 (iw_handler) ieee80211_ioctl_giwessid, /* SIOCGIWESSID */ 1085 (iw_handler) ieee80211_ioctl_giwessid, /* SIOCGIWESSID */
1083 (iw_handler) NULL, /* SIOCSIWNICKN */ 1086 (iw_handler) NULL, /* SIOCSIWNICKN */
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index ac71b38f7cb5..0b8ad1f4ecdd 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -99,10 +99,13 @@ static u16 classify80211(struct ieee80211_local *local, struct sk_buff *skb)
99 /* in case we are a client verify acm is not set for this ac */ 99 /* in case we are a client verify acm is not set for this ac */
100 while (unlikely(local->wmm_acm & BIT(skb->priority))) { 100 while (unlikely(local->wmm_acm & BIT(skb->priority))) {
101 if (wme_downgrade_ac(skb)) { 101 if (wme_downgrade_ac(skb)) {
102 /* The old code would drop the packet in this 102 /*
103 * case. 103 * This should not really happen. The AP has marked all
104 * lower ACs to require admission control which is not
105 * a reasonable configuration. Allow the frame to be
106 * transmitted using AC_BK as a workaround.
104 */ 107 */
105 return 0; 108 break;
106 } 109 }
107 } 110 }
108 111
@@ -114,9 +117,7 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
114{ 117{
115 struct ieee80211_master_priv *mpriv = netdev_priv(dev); 118 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
116 struct ieee80211_local *local = mpriv->local; 119 struct ieee80211_local *local = mpriv->local;
117 struct ieee80211_hw *hw = &local->hw;
118 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 120 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
119 struct sta_info *sta;
120 u16 queue; 121 u16 queue;
121 u8 tid; 122 u8 tid;
122 123
@@ -124,29 +125,11 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
124 if (unlikely(queue >= local->hw.queues)) 125 if (unlikely(queue >= local->hw.queues))
125 queue = local->hw.queues - 1; 126 queue = local->hw.queues - 1;
126 127
127 if (skb->requeue) { 128 /*
128 if (!hw->ampdu_queues) 129 * Now we know the 1d priority, fill in the QoS header if
129 return queue; 130 * there is one (and we haven't done this before).
130
131 rcu_read_lock();
132 sta = sta_info_get(local, hdr->addr1);
133 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
134 if (sta) {
135 int ampdu_queue = sta->tid_to_tx_q[tid];
136
137 if ((ampdu_queue < ieee80211_num_queues(hw)) &&
138 test_bit(ampdu_queue, local->queue_pool))
139 queue = ampdu_queue;
140 }
141 rcu_read_unlock();
142
143 return queue;
144 }
145
146 /* Now we know the 1d priority, fill in the QoS header if
147 * there is one.
148 */ 131 */
149 if (ieee80211_is_data_qos(hdr->frame_control)) { 132 if (!skb->requeue && ieee80211_is_data_qos(hdr->frame_control)) {
150 u8 *p = ieee80211_get_qos_ctl(hdr); 133 u8 *p = ieee80211_get_qos_ctl(hdr);
151 u8 ack_policy = 0; 134 u8 ack_policy = 0;
152 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; 135 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
@@ -156,140 +139,7 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
156 /* qos header is 2 bytes, second reserved */ 139 /* qos header is 2 bytes, second reserved */
157 *p++ = ack_policy | tid; 140 *p++ = ack_policy | tid;
158 *p = 0; 141 *p = 0;
159
160 if (!hw->ampdu_queues)
161 return queue;
162
163 rcu_read_lock();
164
165 sta = sta_info_get(local, hdr->addr1);
166 if (sta) {
167 int ampdu_queue = sta->tid_to_tx_q[tid];
168
169 if ((ampdu_queue < ieee80211_num_queues(hw)) &&
170 test_bit(ampdu_queue, local->queue_pool))
171 queue = ampdu_queue;
172 }
173
174 rcu_read_unlock();
175 } 142 }
176 143
177 return queue; 144 return queue;
178} 145}
179
180int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
181 struct sta_info *sta, u16 tid)
182{
183 int i;
184
185 /* XXX: currently broken due to cb/requeue use */
186 return -EPERM;
187
188 /* prepare the filter and save it for the SW queue
189 * matching the received HW queue */
190
191 if (!local->hw.ampdu_queues)
192 return -EPERM;
193
194 /* try to get a Qdisc from the pool */
195 for (i = local->hw.queues; i < ieee80211_num_queues(&local->hw); i++)
196 if (!test_and_set_bit(i, local->queue_pool)) {
197 ieee80211_stop_queue(local_to_hw(local), i);
198 sta->tid_to_tx_q[tid] = i;
199
200 /* IF there are already pending packets
201 * on this tid first we need to drain them
202 * on the previous queue
203 * since HT is strict in order */
204#ifdef CONFIG_MAC80211_HT_DEBUG
205 if (net_ratelimit())
206 printk(KERN_DEBUG "allocated aggregation queue"
207 " %d tid %d addr %pM pool=0x%lX\n",
208 i, tid, sta->sta.addr,
209 local->queue_pool[0]);
210#endif /* CONFIG_MAC80211_HT_DEBUG */
211 return 0;
212 }
213
214 return -EAGAIN;
215}
216
217/**
218 * the caller needs to hold netdev_get_tx_queue(local->mdev, X)->lock
219 */
220void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
221 struct sta_info *sta, u16 tid,
222 u8 requeue)
223{
224 int agg_queue = sta->tid_to_tx_q[tid];
225 struct ieee80211_hw *hw = &local->hw;
226
227 /* return the qdisc to the pool */
228 clear_bit(agg_queue, local->queue_pool);
229 sta->tid_to_tx_q[tid] = ieee80211_num_queues(hw);
230
231 if (requeue) {
232 ieee80211_requeue(local, agg_queue);
233 } else {
234 struct netdev_queue *txq;
235 spinlock_t *root_lock;
236 struct Qdisc *q;
237
238 txq = netdev_get_tx_queue(local->mdev, agg_queue);
239 q = rcu_dereference(txq->qdisc);
240 root_lock = qdisc_lock(q);
241
242 spin_lock_bh(root_lock);
243 qdisc_reset(q);
244 spin_unlock_bh(root_lock);
245 }
246}
247
248void ieee80211_requeue(struct ieee80211_local *local, int queue)
249{
250 struct netdev_queue *txq = netdev_get_tx_queue(local->mdev, queue);
251 struct sk_buff_head list;
252 spinlock_t *root_lock;
253 struct Qdisc *qdisc;
254 u32 len;
255
256 rcu_read_lock_bh();
257
258 qdisc = rcu_dereference(txq->qdisc);
259 if (!qdisc || !qdisc->dequeue)
260 goto out_unlock;
261
262 skb_queue_head_init(&list);
263
264 root_lock = qdisc_root_lock(qdisc);
265 spin_lock(root_lock);
266 for (len = qdisc->q.qlen; len > 0; len--) {
267 struct sk_buff *skb = qdisc->dequeue(qdisc);
268
269 if (skb)
270 __skb_queue_tail(&list, skb);
271 }
272 spin_unlock(root_lock);
273
274 for (len = list.qlen; len > 0; len--) {
275 struct sk_buff *skb = __skb_dequeue(&list);
276 u16 new_queue;
277
278 BUG_ON(!skb);
279 new_queue = ieee80211_select_queue(local->mdev, skb);
280 skb_set_queue_mapping(skb, new_queue);
281
282 txq = netdev_get_tx_queue(local->mdev, new_queue);
283
284
285 qdisc = rcu_dereference(txq->qdisc);
286 root_lock = qdisc_root_lock(qdisc);
287
288 spin_lock(root_lock);
289 qdisc_enqueue_root(skb, qdisc);
290 spin_unlock(root_lock);
291 }
292
293out_unlock:
294 rcu_read_unlock_bh();
295}
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
index bc62f28a4d3d..7520d2e014dc 100644
--- a/net/mac80211/wme.h
+++ b/net/mac80211/wme.h
@@ -21,11 +21,5 @@
21extern const int ieee802_1d_to_ac[8]; 21extern const int ieee802_1d_to_ac[8];
22 22
23u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb); 23u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb);
24int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
25 struct sta_info *sta, u16 tid);
26void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
27 struct sta_info *sta, u16 tid,
28 u8 requeue);
29void ieee80211_requeue(struct ieee80211_local *local, int queue);
30 24
31#endif /* _WME_H */ 25#endif /* _WME_H */
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 7aa63caf8d50..9101b48ec2ae 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -1,5 +1,6 @@
1/* 1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc. 2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 * Copyright 2008, Jouni Malinen <j@w1.fi>
3 * 4 *
4 * This program is free software; you can redistribute it and/or modify 5 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as 6 * it under the terms of the GNU General Public License version 2 as
@@ -19,6 +20,7 @@
19#include "michael.h" 20#include "michael.h"
20#include "tkip.h" 21#include "tkip.h"
21#include "aes_ccm.h" 22#include "aes_ccm.h"
23#include "aes_cmac.h"
22#include "wpa.h" 24#include "wpa.h"
23 25
24ieee80211_tx_result 26ieee80211_tx_result
@@ -266,7 +268,7 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
266 int encrypted) 268 int encrypted)
267{ 269{
268 __le16 mask_fc; 270 __le16 mask_fc;
269 int a4_included; 271 int a4_included, mgmt;
270 u8 qos_tid; 272 u8 qos_tid;
271 u8 *b_0, *aad; 273 u8 *b_0, *aad;
272 u16 data_len, len_a; 274 u16 data_len, len_a;
@@ -277,12 +279,15 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
277 aad = scratch + 4 * AES_BLOCK_LEN; 279 aad = scratch + 4 * AES_BLOCK_LEN;
278 280
279 /* 281 /*
280 * Mask FC: zero subtype b4 b5 b6 282 * Mask FC: zero subtype b4 b5 b6 (if not mgmt)
281 * Retry, PwrMgt, MoreData; set Protected 283 * Retry, PwrMgt, MoreData; set Protected
282 */ 284 */
285 mgmt = ieee80211_is_mgmt(hdr->frame_control);
283 mask_fc = hdr->frame_control; 286 mask_fc = hdr->frame_control;
284 mask_fc &= ~cpu_to_le16(0x0070 | IEEE80211_FCTL_RETRY | 287 mask_fc &= ~cpu_to_le16(IEEE80211_FCTL_RETRY |
285 IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA); 288 IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA);
289 if (!mgmt)
290 mask_fc &= ~cpu_to_le16(0x0070);
286 mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 291 mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
287 292
288 hdrlen = ieee80211_hdrlen(hdr->frame_control); 293 hdrlen = ieee80211_hdrlen(hdr->frame_control);
@@ -300,8 +305,10 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
300 305
301 /* First block, b_0 */ 306 /* First block, b_0 */
302 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */ 307 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
303 /* Nonce: QoS Priority | A2 | PN */ 308 /* Nonce: Nonce Flags | A2 | PN
304 b_0[1] = qos_tid; 309 * Nonce Flags: Priority (b0..b3) | Management (b4) | Reserved (b5..b7)
310 */
311 b_0[1] = qos_tid | (mgmt << 4);
305 memcpy(&b_0[2], hdr->addr2, ETH_ALEN); 312 memcpy(&b_0[2], hdr->addr2, ETH_ALEN);
306 memcpy(&b_0[8], pn, CCMP_PN_LEN); 313 memcpy(&b_0[8], pn, CCMP_PN_LEN);
307 /* l(m) */ 314 /* l(m) */
@@ -360,9 +367,14 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
360 int hdrlen, len, tail; 367 int hdrlen, len, tail;
361 u8 *pos, *pn; 368 u8 *pos, *pn;
362 int i; 369 int i;
370 bool skip_hw;
371
372 skip_hw = (tx->key->conf.flags & IEEE80211_KEY_FLAG_SW_MGMT) &&
373 ieee80211_is_mgmt(hdr->frame_control);
363 374
364 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 375 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
365 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) { 376 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
377 !skip_hw) {
366 /* hwaccel - with no need for preallocated room for CCMP 378 /* hwaccel - with no need for preallocated room for CCMP
367 * header or MIC fields */ 379 * header or MIC fields */
368 info->control.hw_key = &tx->key->conf; 380 info->control.hw_key = &tx->key->conf;
@@ -397,7 +409,7 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
397 409
398 ccmp_pn2hdr(pos, pn, key->conf.keyidx); 410 ccmp_pn2hdr(pos, pn, key->conf.keyidx);
399 411
400 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 412 if ((key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && !skip_hw) {
401 /* hwaccel - with preallocated room for CCMP header */ 413 /* hwaccel - with preallocated room for CCMP header */
402 info->control.hw_key = &tx->key->conf; 414 info->control.hw_key = &tx->key->conf;
403 return 0; 415 return 0;
@@ -446,7 +458,8 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
446 458
447 hdrlen = ieee80211_hdrlen(hdr->frame_control); 459 hdrlen = ieee80211_hdrlen(hdr->frame_control);
448 460
449 if (!ieee80211_is_data(hdr->frame_control)) 461 if (!ieee80211_is_data(hdr->frame_control) &&
462 !ieee80211_is_robust_mgmt_frame(hdr))
450 return RX_CONTINUE; 463 return RX_CONTINUE;
451 464
452 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN; 465 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
@@ -485,3 +498,126 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
485 498
486 return RX_CONTINUE; 499 return RX_CONTINUE;
487} 500}
501
502
503static void bip_aad(struct sk_buff *skb, u8 *aad)
504{
505 /* BIP AAD: FC(masked) || A1 || A2 || A3 */
506
507 /* FC type/subtype */
508 aad[0] = skb->data[0];
509 /* Mask FC Retry, PwrMgt, MoreData flags to zero */
510 aad[1] = skb->data[1] & ~(BIT(4) | BIT(5) | BIT(6));
511 /* A1 || A2 || A3 */
512 memcpy(aad + 2, skb->data + 4, 3 * ETH_ALEN);
513}
514
515
516static inline void bip_ipn_swap(u8 *d, const u8 *s)
517{
518 *d++ = s[5];
519 *d++ = s[4];
520 *d++ = s[3];
521 *d++ = s[2];
522 *d++ = s[1];
523 *d = s[0];
524}
525
526
527ieee80211_tx_result
528ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx)
529{
530 struct sk_buff *skb = tx->skb;
531 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
532 struct ieee80211_key *key = tx->key;
533 struct ieee80211_mmie *mmie;
534 u8 *pn, aad[20];
535 int i;
536
537 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
538 /* hwaccel */
539 info->control.hw_key = &tx->key->conf;
540 return 0;
541 }
542
543 if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
544 return TX_DROP;
545
546 mmie = (struct ieee80211_mmie *) skb_put(skb, sizeof(*mmie));
547 mmie->element_id = WLAN_EID_MMIE;
548 mmie->length = sizeof(*mmie) - 2;
549 mmie->key_id = cpu_to_le16(key->conf.keyidx);
550
551 /* PN = PN + 1 */
552 pn = key->u.aes_cmac.tx_pn;
553
554 for (i = sizeof(key->u.aes_cmac.tx_pn) - 1; i >= 0; i--) {
555 pn[i]++;
556 if (pn[i])
557 break;
558 }
559 bip_ipn_swap(mmie->sequence_number, pn);
560
561 bip_aad(skb, aad);
562
563 /*
564 * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64)
565 */
566 ieee80211_aes_cmac(key->u.aes_cmac.tfm, key->u.aes_cmac.tx_crypto_buf,
567 aad, skb->data + 24, skb->len - 24, mmie->mic);
568
569 return TX_CONTINUE;
570}
571
572
573ieee80211_rx_result
574ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
575{
576 struct sk_buff *skb = rx->skb;
577 struct ieee80211_key *key = rx->key;
578 struct ieee80211_mmie *mmie;
579 u8 aad[20], mic[8], ipn[6];
580 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
581
582 if (!ieee80211_is_mgmt(hdr->frame_control))
583 return RX_CONTINUE;
584
585 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
586 (rx->status->flag & RX_FLAG_IV_STRIPPED))
587 return RX_CONTINUE;
588
589 if (skb->len < 24 + sizeof(*mmie))
590 return RX_DROP_UNUSABLE;
591
592 mmie = (struct ieee80211_mmie *)
593 (skb->data + skb->len - sizeof(*mmie));
594 if (mmie->element_id != WLAN_EID_MMIE ||
595 mmie->length != sizeof(*mmie) - 2)
596 return RX_DROP_UNUSABLE; /* Invalid MMIE */
597
598 bip_ipn_swap(ipn, mmie->sequence_number);
599
600 if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) {
601 key->u.aes_cmac.replays++;
602 return RX_DROP_UNUSABLE;
603 }
604
605 if (!(rx->status->flag & RX_FLAG_DECRYPTED)) {
606 /* hardware didn't decrypt/verify MIC */
607 bip_aad(skb, aad);
608 ieee80211_aes_cmac(key->u.aes_cmac.tfm,
609 key->u.aes_cmac.rx_crypto_buf, aad,
610 skb->data + 24, skb->len - 24, mic);
611 if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
612 key->u.aes_cmac.icverrors++;
613 return RX_DROP_UNUSABLE;
614 }
615 }
616
617 memcpy(key->u.aes_cmac.rx_pn, ipn, 6);
618
619 /* Remove MMIE */
620 skb_trim(skb, skb->len - sizeof(*mmie));
621
622 return RX_CONTINUE;
623}
diff --git a/net/mac80211/wpa.h b/net/mac80211/wpa.h
index d42d221d8a1d..baba0608313e 100644
--- a/net/mac80211/wpa.h
+++ b/net/mac80211/wpa.h
@@ -28,4 +28,9 @@ ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx);
28ieee80211_rx_result 28ieee80211_rx_result
29ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx); 29ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx);
30 30
31ieee80211_tx_result
32ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx);
33ieee80211_rx_result
34ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx);
35
31#endif /* WPA_H */ 36#endif /* WPA_H */
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-11 20:01:07 -0500