aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/Makefile6
-rw-r--r--net/mac80211/aes_cmac.c135
-rw-r--r--net/mac80211/aes_cmac.h19
-rw-r--r--net/mac80211/agg-rx.c310
-rw-r--r--net/mac80211/agg-tx.c695
-rw-r--r--net/mac80211/cfg.c237
-rw-r--r--net/mac80211/debugfs.c83
-rw-r--r--net/mac80211/debugfs_key.c79
-rw-r--r--net/mac80211/debugfs_key.h10
-rw-r--r--net/mac80211/debugfs_netdev.c48
-rw-r--r--net/mac80211/debugfs_sta.c5
-rw-r--r--net/mac80211/ht.c903
-rw-r--r--net/mac80211/ibss.c908
-rw-r--r--net/mac80211/ieee80211_i.h314
-rw-r--r--net/mac80211/iface.c168
-rw-r--r--net/mac80211/key.c115
-rw-r--r--net/mac80211/key.h16
-rw-r--r--net/mac80211/main.c185
-rw-r--r--net/mac80211/mesh.c15
-rw-r--r--net/mac80211/mesh.h10
-rw-r--r--net/mac80211/mesh_hwmp.c7
-rw-r--r--net/mac80211/mesh_plink.c38
-rw-r--r--net/mac80211/mlme.c2026
-rw-r--r--net/mac80211/pm.c179
-rw-r--r--net/mac80211/rate.c6
-rw-r--r--net/mac80211/rate.h16
-rw-r--r--net/mac80211/rx.c423
-rw-r--r--net/mac80211/scan.c763
-rw-r--r--net/mac80211/spectmgmt.c103
-rw-r--r--net/mac80211/sta_info.c45
-rw-r--r--net/mac80211/sta_info.h16
-rw-r--r--net/mac80211/tx.c675
-rw-r--r--net/mac80211/util.c243
-rw-r--r--net/mac80211/wep.c21
-rw-r--r--net/mac80211/wext.c492
-rw-r--r--net/mac80211/wme.c170
-rw-r--r--net/mac80211/wme.h6
-rw-r--r--net/mac80211/wpa.c180
-rw-r--r--net/mac80211/wpa.h5
39 files changed, 5780 insertions, 3895 deletions
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 7d4971aa443f..0e3ab88bb706 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -8,13 +8,15 @@ mac80211-y := \
8 wep.o \ 8 wep.o \
9 wpa.o \ 9 wpa.o \
10 scan.o \ 10 scan.o \
11 ht.o \ 11 ht.o agg-tx.o agg-rx.o \
12 ibss.o \
12 mlme.o \ 13 mlme.o \
13 iface.o \ 14 iface.o \
14 rate.o \ 15 rate.o \
15 michael.o \ 16 michael.o \
16 tkip.o \ 17 tkip.o \
17 aes_ccm.o \ 18 aes_ccm.o \
19 aes_cmac.o \
18 cfg.o \ 20 cfg.o \
19 rx.o \ 21 rx.o \
20 spectmgmt.o \ 22 spectmgmt.o \
@@ -37,6 +39,8 @@ mac80211-$(CONFIG_MAC80211_MESH) += \
37 mesh_plink.o \ 39 mesh_plink.o \
38 mesh_hwmp.o 40 mesh_hwmp.o
39 41
42mac80211-$(CONFIG_PM) += pm.o
43
40# objects for PID algorithm 44# objects for PID algorithm
41rc80211_pid-y := rc80211_pid_algo.o 45rc80211_pid-y := rc80211_pid_algo.o
42rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o 46rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o
diff --git a/net/mac80211/aes_cmac.c b/net/mac80211/aes_cmac.c
new file mode 100644
index 000000000000..3d097b3d7b62
--- /dev/null
+++ b/net/mac80211/aes_cmac.c
@@ -0,0 +1,135 @@
1/*
2 * AES-128-CMAC with TLen 16 for IEEE 802.11w BIP
3 * Copyright 2008, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/kernel.h>
11#include <linux/types.h>
12#include <linux/crypto.h>
13#include <linux/err.h>
14
15#include <net/mac80211.h>
16#include "key.h"
17#include "aes_cmac.h"
18
19#define AES_BLOCK_SIZE 16
20#define AES_CMAC_KEY_LEN 16
21#define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */
22#define AAD_LEN 20
23
24
25static void gf_mulx(u8 *pad)
26{
27 int i, carry;
28
29 carry = pad[0] & 0x80;
30 for (i = 0; i < AES_BLOCK_SIZE - 1; i++)
31 pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7);
32 pad[AES_BLOCK_SIZE - 1] <<= 1;
33 if (carry)
34 pad[AES_BLOCK_SIZE - 1] ^= 0x87;
35}
36
37
38static void aes_128_cmac_vector(struct crypto_cipher *tfm, u8 *scratch,
39 size_t num_elem,
40 const u8 *addr[], const size_t *len, u8 *mac)
41{
42 u8 *cbc, *pad;
43 const u8 *pos, *end;
44 size_t i, e, left, total_len;
45
46 cbc = scratch;
47 pad = scratch + AES_BLOCK_SIZE;
48
49 memset(cbc, 0, AES_BLOCK_SIZE);
50
51 total_len = 0;
52 for (e = 0; e < num_elem; e++)
53 total_len += len[e];
54 left = total_len;
55
56 e = 0;
57 pos = addr[0];
58 end = pos + len[0];
59
60 while (left >= AES_BLOCK_SIZE) {
61 for (i = 0; i < AES_BLOCK_SIZE; i++) {
62 cbc[i] ^= *pos++;
63 if (pos >= end) {
64 e++;
65 pos = addr[e];
66 end = pos + len[e];
67 }
68 }
69 if (left > AES_BLOCK_SIZE)
70 crypto_cipher_encrypt_one(tfm, cbc, cbc);
71 left -= AES_BLOCK_SIZE;
72 }
73
74 memset(pad, 0, AES_BLOCK_SIZE);
75 crypto_cipher_encrypt_one(tfm, pad, pad);
76 gf_mulx(pad);
77
78 if (left || total_len == 0) {
79 for (i = 0; i < left; i++) {
80 cbc[i] ^= *pos++;
81 if (pos >= end) {
82 e++;
83 pos = addr[e];
84 end = pos + len[e];
85 }
86 }
87 cbc[left] ^= 0x80;
88 gf_mulx(pad);
89 }
90
91 for (i = 0; i < AES_BLOCK_SIZE; i++)
92 pad[i] ^= cbc[i];
93 crypto_cipher_encrypt_one(tfm, pad, pad);
94 memcpy(mac, pad, CMAC_TLEN);
95}
96
97
98void ieee80211_aes_cmac(struct crypto_cipher *tfm, u8 *scratch, const u8 *aad,
99 const u8 *data, size_t data_len, u8 *mic)
100{
101 const u8 *addr[3];
102 size_t len[3];
103 u8 zero[CMAC_TLEN];
104
105 memset(zero, 0, CMAC_TLEN);
106 addr[0] = aad;
107 len[0] = AAD_LEN;
108 addr[1] = data;
109 len[1] = data_len - CMAC_TLEN;
110 addr[2] = zero;
111 len[2] = CMAC_TLEN;
112
113 aes_128_cmac_vector(tfm, scratch, 3, addr, len, mic);
114}
115
116
117struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[])
118{
119 struct crypto_cipher *tfm;
120
121 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
122 if (IS_ERR(tfm))
123 return NULL;
124
125 crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
126
127 return tfm;
128}
129
130
131void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm)
132{
133 if (tfm)
134 crypto_free_cipher(tfm);
135}
diff --git a/net/mac80211/aes_cmac.h b/net/mac80211/aes_cmac.h
new file mode 100644
index 000000000000..0eb9a4831508
--- /dev/null
+++ b/net/mac80211/aes_cmac.h
@@ -0,0 +1,19 @@
1/*
2 * Copyright 2008, Jouni Malinen <j@w1.fi>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef AES_CMAC_H
10#define AES_CMAC_H
11
12#include <linux/crypto.h>
13
14struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[]);
15void ieee80211_aes_cmac(struct crypto_cipher *tfm, u8 *scratch, const u8 *aad,
16 const u8 *data, size_t data_len, u8 *mic);
17void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm);
18
19#endif /* AES_CMAC_H */
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
new file mode 100644
index 000000000000..07656d830bc4
--- /dev/null
+++ b/net/mac80211/agg-rx.c
@@ -0,0 +1,310 @@
1/*
2 * HT handling
3 *
4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2005, Instant802 Networks, Inc.
6 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2008, Intel Corporation
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
14 */
15
16#include <linux/ieee80211.h>
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19
20void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
21 u16 initiator, u16 reason)
22{
23 struct ieee80211_local *local = sta->local;
24 struct ieee80211_hw *hw = &local->hw;
25 int i;
26
27 /* check if TID is in operational state */
28 spin_lock_bh(&sta->lock);
29 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_OPERATIONAL) {
30 spin_unlock_bh(&sta->lock);
31 return;
32 }
33
34 sta->ampdu_mlme.tid_state_rx[tid] =
35 HT_AGG_STATE_REQ_STOP_BA_MSK |
36 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
37 spin_unlock_bh(&sta->lock);
38
39#ifdef CONFIG_MAC80211_HT_DEBUG
40 printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n",
41 sta->sta.addr, tid);
42#endif /* CONFIG_MAC80211_HT_DEBUG */
43
44 if (local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
45 &sta->sta, tid, NULL))
46 printk(KERN_DEBUG "HW problem - can not stop rx "
47 "aggregation for tid %d\n", tid);
48
49 /* shutdown timer has not expired */
50 if (initiator != WLAN_BACK_TIMER)
51 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
52
53 /* check if this is a self generated aggregation halt */
54 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
55 ieee80211_send_delba(sta->sdata, sta->sta.addr,
56 tid, 0, reason);
57
58 /* free the reordering buffer */
59 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
60 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
61 /* release the reordered frames */
62 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
63 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
64 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
65 }
66 }
67
68 spin_lock_bh(&sta->lock);
69 /* free resources */
70 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
71
72 if (!sta->ampdu_mlme.tid_rx[tid]->shutdown) {
73 kfree(sta->ampdu_mlme.tid_rx[tid]);
74 sta->ampdu_mlme.tid_rx[tid] = NULL;
75 }
76
77 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
78 spin_unlock_bh(&sta->lock);
79}
80
81void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
82 u16 initiator, u16 reason)
83{
84 struct ieee80211_local *local = sdata->local;
85 struct sta_info *sta;
86
87 /* stop HW Rx aggregation. ampdu_action existence
88 * already verified in session init so we add the BUG_ON */
89 BUG_ON(!local->ops->ampdu_action);
90
91 rcu_read_lock();
92
93 sta = sta_info_get(local, ra);
94 if (!sta) {
95 rcu_read_unlock();
96 return;
97 }
98
99 __ieee80211_stop_rx_ba_session(sta, tid, initiator, reason);
100
101 rcu_read_unlock();
102}
103
104/*
105 * After accepting the AddBA Request we activated a timer,
106 * resetting it after each frame that arrives from the originator.
107 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
108 */
109static void sta_rx_agg_session_timer_expired(unsigned long data)
110{
111 /* not an elegant detour, but there is no choice as the timer passes
112 * only one argument, and various sta_info are needed here, so init
113 * flow in sta_info_create gives the TID as data, while the timer_to_id
114 * array gives the sta through container_of */
115 u8 *ptid = (u8 *)data;
116 u8 *timer_to_id = ptid - *ptid;
117 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
118 timer_to_tid[0]);
119
120#ifdef CONFIG_MAC80211_HT_DEBUG
121 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
122#endif
123 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->sta.addr,
124 (u16)*ptid, WLAN_BACK_TIMER,
125 WLAN_REASON_QSTA_TIMEOUT);
126}
127
128static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
129 u8 dialog_token, u16 status, u16 policy,
130 u16 buf_size, u16 timeout)
131{
132 struct ieee80211_local *local = sdata->local;
133 struct sk_buff *skb;
134 struct ieee80211_mgmt *mgmt;
135 u16 capab;
136
137 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
138
139 if (!skb) {
140 printk(KERN_DEBUG "%s: failed to allocate buffer "
141 "for addba resp frame\n", sdata->dev->name);
142 return;
143 }
144
145 skb_reserve(skb, local->hw.extra_tx_headroom);
146 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
147 memset(mgmt, 0, 24);
148 memcpy(mgmt->da, da, ETH_ALEN);
149 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
150 if (sdata->vif.type == NL80211_IFTYPE_AP ||
151 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
152 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
153 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
154 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
155
156 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
157 IEEE80211_STYPE_ACTION);
158
159 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
160 mgmt->u.action.category = WLAN_CATEGORY_BACK;
161 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
162 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
163
164 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
165 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
166 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
167
168 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
169 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
170 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
171
172 ieee80211_tx_skb(sdata, skb, 1);
173}
174
175void ieee80211_process_addba_request(struct ieee80211_local *local,
176 struct sta_info *sta,
177 struct ieee80211_mgmt *mgmt,
178 size_t len)
179{
180 struct ieee80211_hw *hw = &local->hw;
181 struct ieee80211_conf *conf = &hw->conf;
182 struct tid_ampdu_rx *tid_agg_rx;
183 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
184 u8 dialog_token;
185 int ret = -EOPNOTSUPP;
186
187 /* extract session parameters from addba request frame */
188 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
189 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
190 start_seq_num =
191 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
192
193 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
194 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
195 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
196 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
197
198 status = WLAN_STATUS_REQUEST_DECLINED;
199
200 if (test_sta_flags(sta, WLAN_STA_SUSPEND)) {
201#ifdef CONFIG_MAC80211_HT_DEBUG
202 printk(KERN_DEBUG "Suspend in progress. "
203 "Denying ADDBA request\n");
204#endif
205 goto end_no_lock;
206 }
207
208 /* sanity check for incoming parameters:
209 * check if configuration can support the BA policy
210 * and if buffer size does not exceeds max value */
211 /* XXX: check own ht delayed BA capability?? */
212 if (((ba_policy != 1)
213 && (!(sta->sta.ht_cap.cap & IEEE80211_HT_CAP_DELAY_BA)))
214 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
215 status = WLAN_STATUS_INVALID_QOS_PARAM;
216#ifdef CONFIG_MAC80211_HT_DEBUG
217 if (net_ratelimit())
218 printk(KERN_DEBUG "AddBA Req with bad params from "
219 "%pM on tid %u. policy %d, buffer size %d\n",
220 mgmt->sa, tid, ba_policy,
221 buf_size);
222#endif /* CONFIG_MAC80211_HT_DEBUG */
223 goto end_no_lock;
224 }
225 /* determine default buffer size */
226 if (buf_size == 0) {
227 struct ieee80211_supported_band *sband;
228
229 sband = local->hw.wiphy->bands[conf->channel->band];
230 buf_size = IEEE80211_MIN_AMPDU_BUF;
231 buf_size = buf_size << sband->ht_cap.ampdu_factor;
232 }
233
234
235 /* examine state machine */
236 spin_lock_bh(&sta->lock);
237
238 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
239#ifdef CONFIG_MAC80211_HT_DEBUG
240 if (net_ratelimit())
241 printk(KERN_DEBUG "unexpected AddBA Req from "
242 "%pM on tid %u\n",
243 mgmt->sa, tid);
244#endif /* CONFIG_MAC80211_HT_DEBUG */
245 goto end;
246 }
247
248 /* prepare A-MPDU MLME for Rx aggregation */
249 sta->ampdu_mlme.tid_rx[tid] =
250 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
251 if (!sta->ampdu_mlme.tid_rx[tid]) {
252#ifdef CONFIG_MAC80211_HT_DEBUG
253 if (net_ratelimit())
254 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
255 tid);
256#endif
257 goto end;
258 }
259 /* rx timer */
260 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
261 sta_rx_agg_session_timer_expired;
262 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
263 (unsigned long)&sta->timer_to_tid[tid];
264 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
265
266 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
267
268 /* prepare reordering buffer */
269 tid_agg_rx->reorder_buf =
270 kcalloc(buf_size, sizeof(struct sk_buff *), GFP_ATOMIC);
271 if (!tid_agg_rx->reorder_buf) {
272#ifdef CONFIG_MAC80211_HT_DEBUG
273 if (net_ratelimit())
274 printk(KERN_ERR "can not allocate reordering buffer "
275 "to tid %d\n", tid);
276#endif
277 kfree(sta->ampdu_mlme.tid_rx[tid]);
278 goto end;
279 }
280
281 if (local->ops->ampdu_action)
282 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
283 &sta->sta, tid, &start_seq_num);
284#ifdef CONFIG_MAC80211_HT_DEBUG
285 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
286#endif /* CONFIG_MAC80211_HT_DEBUG */
287
288 if (ret) {
289 kfree(tid_agg_rx->reorder_buf);
290 kfree(tid_agg_rx);
291 sta->ampdu_mlme.tid_rx[tid] = NULL;
292 goto end;
293 }
294
295 /* change state and send addba resp */
296 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
297 tid_agg_rx->dialog_token = dialog_token;
298 tid_agg_rx->ssn = start_seq_num;
299 tid_agg_rx->head_seq_num = start_seq_num;
300 tid_agg_rx->buf_size = buf_size;
301 tid_agg_rx->timeout = timeout;
302 tid_agg_rx->stored_mpdu_num = 0;
303 status = WLAN_STATUS_SUCCESS;
304end:
305 spin_unlock_bh(&sta->lock);
306
307end_no_lock:
308 ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid,
309 dialog_token, status, 1, buf_size, timeout);
310}
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c
new file mode 100644
index 000000000000..947aaaad35d2
--- /dev/null
+++ b/net/mac80211/agg-tx.c
@@ -0,0 +1,695 @@
1/*
2 * HT handling
3 *
4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2005, Instant802 Networks, Inc.
6 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2009, Intel Corporation
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
14 */
15
16#include <linux/ieee80211.h>
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19#include "wme.h"
20
21/**
22 * DOC: TX aggregation
23 *
24 * Aggregation on the TX side requires setting the hardware flag
25 * %IEEE80211_HW_AMPDU_AGGREGATION as well as, if present, the @ampdu_queues
26 * hardware parameter to the number of hardware AMPDU queues. If there are no
27 * hardware queues then the driver will (currently) have to do all frame
28 * buffering.
29 *
30 * When TX aggregation is started by some subsystem (usually the rate control
31 * algorithm would be appropriate) by calling the
32 * ieee80211_start_tx_ba_session() function, the driver will be notified via
33 * its @ampdu_action function, with the %IEEE80211_AMPDU_TX_START action.
34 *
35 * In response to that, the driver is later required to call the
36 * ieee80211_start_tx_ba_cb() (or ieee80211_start_tx_ba_cb_irqsafe())
37 * function, which will start the aggregation session.
38 *
39 * Similarly, when the aggregation session is stopped by
40 * ieee80211_stop_tx_ba_session(), the driver's @ampdu_action function will
41 * be called with the action %IEEE80211_AMPDU_TX_STOP. In this case, the
42 * call must not fail, and the driver must later call ieee80211_stop_tx_ba_cb()
43 * (or ieee80211_stop_tx_ba_cb_irqsafe()).
44 */
45
46static void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata,
47 const u8 *da, u16 tid,
48 u8 dialog_token, u16 start_seq_num,
49 u16 agg_size, u16 timeout)
50{
51 struct ieee80211_local *local = sdata->local;
52 struct sk_buff *skb;
53 struct ieee80211_mgmt *mgmt;
54 u16 capab;
55
56 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
57
58 if (!skb) {
59 printk(KERN_ERR "%s: failed to allocate buffer "
60 "for addba request frame\n", sdata->dev->name);
61 return;
62 }
63 skb_reserve(skb, local->hw.extra_tx_headroom);
64 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
65 memset(mgmt, 0, 24);
66 memcpy(mgmt->da, da, ETH_ALEN);
67 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
68 if (sdata->vif.type == NL80211_IFTYPE_AP ||
69 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
70 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
71 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
72 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
73
74 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
75 IEEE80211_STYPE_ACTION);
76
77 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
78
79 mgmt->u.action.category = WLAN_CATEGORY_BACK;
80 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
81
82 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
83 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
84 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
85 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
86
87 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
88
89 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
90 mgmt->u.action.u.addba_req.start_seq_num =
91 cpu_to_le16(start_seq_num << 4);
92
93 ieee80211_tx_skb(sdata, skb, 1);
94}
95
96void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
97{
98 struct ieee80211_local *local = sdata->local;
99 struct sk_buff *skb;
100 struct ieee80211_bar *bar;
101 u16 bar_control = 0;
102
103 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
104 if (!skb) {
105 printk(KERN_ERR "%s: failed to allocate buffer for "
106 "bar frame\n", sdata->dev->name);
107 return;
108 }
109 skb_reserve(skb, local->hw.extra_tx_headroom);
110 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
111 memset(bar, 0, sizeof(*bar));
112 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
113 IEEE80211_STYPE_BACK_REQ);
114 memcpy(bar->ra, ra, ETH_ALEN);
115 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
116 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
117 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
118 bar_control |= (u16)(tid << 12);
119 bar->control = cpu_to_le16(bar_control);
120 bar->start_seq_num = cpu_to_le16(ssn);
121
122 ieee80211_tx_skb(sdata, skb, 0);
123}
124
125static int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
126 enum ieee80211_back_parties initiator)
127{
128 struct ieee80211_local *local = sta->local;
129 int ret;
130 u8 *state;
131
132 state = &sta->ampdu_mlme.tid_state_tx[tid];
133
134 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
135 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
136
137 ret = local->ops->ampdu_action(&local->hw, IEEE80211_AMPDU_TX_STOP,
138 &sta->sta, tid, NULL);
139
140 /* HW shall not deny going back to legacy */
141 if (WARN_ON(ret)) {
142 *state = HT_AGG_STATE_OPERATIONAL;
143 /*
144 * We may have pending packets get stuck in this case...
145 * Not bothering with a workaround for now.
146 */
147 }
148
149 return ret;
150}
151
152/*
153 * After sending add Block Ack request we activated a timer until
154 * add Block Ack response will arrive from the recipient.
155 * If this timer expires sta_addba_resp_timer_expired will be executed.
156 */
157static void sta_addba_resp_timer_expired(unsigned long data)
158{
159 /* not an elegant detour, but there is no choice as the timer passes
160 * only one argument, and both sta_info and TID are needed, so init
161 * flow in sta_info_create gives the TID as data, while the timer_to_id
162 * array gives the sta through container_of */
163 u16 tid = *(u8 *)data;
164 struct sta_info *sta = container_of((void *)data,
165 struct sta_info, timer_to_tid[tid]);
166 u8 *state;
167
168 state = &sta->ampdu_mlme.tid_state_tx[tid];
169
170 /* check if the TID waits for addBA response */
171 spin_lock_bh(&sta->lock);
172 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
173 spin_unlock_bh(&sta->lock);
174 *state = HT_AGG_STATE_IDLE;
175#ifdef CONFIG_MAC80211_HT_DEBUG
176 printk(KERN_DEBUG "timer expired on tid %d but we are not "
177 "expecting addBA response there", tid);
178#endif
179 return;
180 }
181
182#ifdef CONFIG_MAC80211_HT_DEBUG
183 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
184#endif
185
186 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
187 spin_unlock_bh(&sta->lock);
188}
189
190static inline int ieee80211_ac_from_tid(int tid)
191{
192 return ieee802_1d_to_ac[tid & 7];
193}
194
195int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
196{
197 struct ieee80211_local *local = hw_to_local(hw);
198 struct sta_info *sta;
199 struct ieee80211_sub_if_data *sdata;
200 u8 *state;
201 int ret = 0;
202 u16 start_seq_num;
203
204 if (WARN_ON(!local->ops->ampdu_action))
205 return -EINVAL;
206
207 if ((tid >= STA_TID_NUM) || !(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
208 return -EINVAL;
209
210#ifdef CONFIG_MAC80211_HT_DEBUG
211 printk(KERN_DEBUG "Open BA session requested for %pM tid %u\n",
212 ra, tid);
213#endif /* CONFIG_MAC80211_HT_DEBUG */
214
215 rcu_read_lock();
216
217 sta = sta_info_get(local, ra);
218 if (!sta) {
219#ifdef CONFIG_MAC80211_HT_DEBUG
220 printk(KERN_DEBUG "Could not find the station\n");
221#endif
222 ret = -ENOENT;
223 goto unlock;
224 }
225
226 /*
227 * The aggregation code is not prepared to handle
228 * anything but STA/AP due to the BSSID handling.
229 * IBSS could work in the code but isn't supported
230 * by drivers or the standard.
231 */
232 if (sta->sdata->vif.type != NL80211_IFTYPE_STATION &&
233 sta->sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
234 sta->sdata->vif.type != NL80211_IFTYPE_AP) {
235 ret = -EINVAL;
236 goto unlock;
237 }
238
239 if (test_sta_flags(sta, WLAN_STA_SUSPEND)) {
240#ifdef CONFIG_MAC80211_HT_DEBUG
241 printk(KERN_DEBUG "Suspend in progress. "
242 "Denying BA session request\n");
243#endif
244 ret = -EINVAL;
245 goto unlock;
246 }
247
248 spin_lock_bh(&sta->lock);
249 spin_lock(&local->ampdu_lock);
250
251 sdata = sta->sdata;
252
253 /* we have tried too many times, receiver does not want A-MPDU */
254 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
255 ret = -EBUSY;
256 goto err_unlock_sta;
257 }
258
259 state = &sta->ampdu_mlme.tid_state_tx[tid];
260 /* check if the TID is not in aggregation flow already */
261 if (*state != HT_AGG_STATE_IDLE) {
262#ifdef CONFIG_MAC80211_HT_DEBUG
263 printk(KERN_DEBUG "BA request denied - session is not "
264 "idle on tid %u\n", tid);
265#endif /* CONFIG_MAC80211_HT_DEBUG */
266 ret = -EAGAIN;
267 goto err_unlock_sta;
268 }
269
270 /*
271 * While we're asking the driver about the aggregation,
272 * stop the AC queue so that we don't have to worry
273 * about frames that came in while we were doing that,
274 * which would require us to put them to the AC pending
275 * afterwards which just makes the code more complex.
276 */
277 ieee80211_stop_queue_by_reason(
278 &local->hw, ieee80211_ac_from_tid(tid),
279 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
280
281 /* prepare A-MPDU MLME for Tx aggregation */
282 sta->ampdu_mlme.tid_tx[tid] =
283 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
284 if (!sta->ampdu_mlme.tid_tx[tid]) {
285#ifdef CONFIG_MAC80211_HT_DEBUG
286 if (net_ratelimit())
287 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
288 tid);
289#endif
290 ret = -ENOMEM;
291 goto err_wake_queue;
292 }
293
294 skb_queue_head_init(&sta->ampdu_mlme.tid_tx[tid]->pending);
295
296 /* Tx timer */
297 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
298 sta_addba_resp_timer_expired;
299 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
300 (unsigned long)&sta->timer_to_tid[tid];
301 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
302
303 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
304 * call back right away, it must see that the flow has begun */
305 *state |= HT_ADDBA_REQUESTED_MSK;
306
307 start_seq_num = sta->tid_seq[tid];
308
309 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
310 &sta->sta, tid, &start_seq_num);
311
312 if (ret) {
313#ifdef CONFIG_MAC80211_HT_DEBUG
314 printk(KERN_DEBUG "BA request denied - HW unavailable for"
315 " tid %d\n", tid);
316#endif /* CONFIG_MAC80211_HT_DEBUG */
317 *state = HT_AGG_STATE_IDLE;
318 goto err_free;
319 }
320
321 /* Driver vetoed or OKed, but we can take packets again now */
322 ieee80211_wake_queue_by_reason(
323 &local->hw, ieee80211_ac_from_tid(tid),
324 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
325
326 spin_unlock(&local->ampdu_lock);
327 spin_unlock_bh(&sta->lock);
328
329 /* send an addBA request */
330 sta->ampdu_mlme.dialog_token_allocator++;
331 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
332 sta->ampdu_mlme.dialog_token_allocator;
333 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
334
335 ieee80211_send_addba_request(sta->sdata, ra, tid,
336 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
337 sta->ampdu_mlme.tid_tx[tid]->ssn,
338 0x40, 5000);
339 /* activate the timer for the recipient's addBA response */
340 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
341 jiffies + ADDBA_RESP_INTERVAL;
342 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
343#ifdef CONFIG_MAC80211_HT_DEBUG
344 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
345#endif
346 goto unlock;
347
348 err_free:
349 kfree(sta->ampdu_mlme.tid_tx[tid]);
350 sta->ampdu_mlme.tid_tx[tid] = NULL;
351 err_wake_queue:
352 ieee80211_wake_queue_by_reason(
353 &local->hw, ieee80211_ac_from_tid(tid),
354 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
355 err_unlock_sta:
356 spin_unlock(&local->ampdu_lock);
357 spin_unlock_bh(&sta->lock);
358 unlock:
359 rcu_read_unlock();
360 return ret;
361}
362EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
363
364/*
365 * splice packets from the STA's pending to the local pending,
366 * requires a call to ieee80211_agg_splice_finish and holding
367 * local->ampdu_lock across both calls.
368 */
369static void ieee80211_agg_splice_packets(struct ieee80211_local *local,
370 struct sta_info *sta, u16 tid)
371{
372 unsigned long flags;
373 u16 queue = ieee80211_ac_from_tid(tid);
374
375 ieee80211_stop_queue_by_reason(
376 &local->hw, queue,
377 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
378
379 if (!skb_queue_empty(&sta->ampdu_mlme.tid_tx[tid]->pending)) {
380 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
381 /* mark queue as pending, it is stopped already */
382 __set_bit(IEEE80211_QUEUE_STOP_REASON_PENDING,
383 &local->queue_stop_reasons[queue]);
384 /* copy over remaining packets */
385 skb_queue_splice_tail_init(
386 &sta->ampdu_mlme.tid_tx[tid]->pending,
387 &local->pending[queue]);
388 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
389 }
390}
391
392static void ieee80211_agg_splice_finish(struct ieee80211_local *local,
393 struct sta_info *sta, u16 tid)
394{
395 u16 queue = ieee80211_ac_from_tid(tid);
396
397 ieee80211_wake_queue_by_reason(
398 &local->hw, queue,
399 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
400}
401
402/* caller must hold sta->lock */
403static void ieee80211_agg_tx_operational(struct ieee80211_local *local,
404 struct sta_info *sta, u16 tid)
405{
406#ifdef CONFIG_MAC80211_HT_DEBUG
407 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
408#endif
409
410 spin_lock(&local->ampdu_lock);
411 ieee80211_agg_splice_packets(local, sta, tid);
412 /*
413 * NB: we rely on sta->lock being taken in the TX
414 * processing here when adding to the pending queue,
415 * otherwise we could only change the state of the
416 * session to OPERATIONAL _here_.
417 */
418 ieee80211_agg_splice_finish(local, sta, tid);
419 spin_unlock(&local->ampdu_lock);
420
421 local->ops->ampdu_action(&local->hw, IEEE80211_AMPDU_TX_OPERATIONAL,
422 &sta->sta, tid, NULL);
423}
424
425void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
426{
427 struct ieee80211_local *local = hw_to_local(hw);
428 struct sta_info *sta;
429 u8 *state;
430
431 if (tid >= STA_TID_NUM) {
432#ifdef CONFIG_MAC80211_HT_DEBUG
433 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
434 tid, STA_TID_NUM);
435#endif
436 return;
437 }
438
439 rcu_read_lock();
440 sta = sta_info_get(local, ra);
441 if (!sta) {
442 rcu_read_unlock();
443#ifdef CONFIG_MAC80211_HT_DEBUG
444 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
445#endif
446 return;
447 }
448
449 state = &sta->ampdu_mlme.tid_state_tx[tid];
450 spin_lock_bh(&sta->lock);
451
452 if (WARN_ON(!(*state & HT_ADDBA_REQUESTED_MSK))) {
453#ifdef CONFIG_MAC80211_HT_DEBUG
454 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
455 *state);
456#endif
457 spin_unlock_bh(&sta->lock);
458 rcu_read_unlock();
459 return;
460 }
461
462 if (WARN_ON(*state & HT_ADDBA_DRV_READY_MSK))
463 goto out;
464
465 *state |= HT_ADDBA_DRV_READY_MSK;
466
467 if (*state == HT_AGG_STATE_OPERATIONAL)
468 ieee80211_agg_tx_operational(local, sta, tid);
469
470 out:
471 spin_unlock_bh(&sta->lock);
472 rcu_read_unlock();
473}
474EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
475
476void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
477 const u8 *ra, u16 tid)
478{
479 struct ieee80211_local *local = hw_to_local(hw);
480 struct ieee80211_ra_tid *ra_tid;
481 struct sk_buff *skb = dev_alloc_skb(0);
482
483 if (unlikely(!skb)) {
484#ifdef CONFIG_MAC80211_HT_DEBUG
485 if (net_ratelimit())
486 printk(KERN_WARNING "%s: Not enough memory, "
487 "dropping start BA session", skb->dev->name);
488#endif
489 return;
490 }
491 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
492 memcpy(&ra_tid->ra, ra, ETH_ALEN);
493 ra_tid->tid = tid;
494
495 skb->pkt_type = IEEE80211_ADDBA_MSG;
496 skb_queue_tail(&local->skb_queue, skb);
497 tasklet_schedule(&local->tasklet);
498}
499EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
500
501int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
502 enum ieee80211_back_parties initiator)
503{
504 u8 *state;
505 int ret;
506
507 /* check if the TID is in aggregation */
508 state = &sta->ampdu_mlme.tid_state_tx[tid];
509 spin_lock_bh(&sta->lock);
510
511 if (*state != HT_AGG_STATE_OPERATIONAL) {
512 ret = -ENOENT;
513 goto unlock;
514 }
515
516#ifdef CONFIG_MAC80211_HT_DEBUG
517 printk(KERN_DEBUG "Tx BA session stop requested for %pM tid %u\n",
518 sta->sta.addr, tid);
519#endif /* CONFIG_MAC80211_HT_DEBUG */
520
521 ret = ___ieee80211_stop_tx_ba_session(sta, tid, initiator);
522
523 unlock:
524 spin_unlock_bh(&sta->lock);
525 return ret;
526}
527
528int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
529 u8 *ra, u16 tid,
530 enum ieee80211_back_parties initiator)
531{
532 struct ieee80211_local *local = hw_to_local(hw);
533 struct sta_info *sta;
534 int ret = 0;
535
536 if (WARN_ON(!local->ops->ampdu_action))
537 return -EINVAL;
538
539 if (tid >= STA_TID_NUM)
540 return -EINVAL;
541
542 rcu_read_lock();
543 sta = sta_info_get(local, ra);
544 if (!sta) {
545 rcu_read_unlock();
546 return -ENOENT;
547 }
548
549 ret = __ieee80211_stop_tx_ba_session(sta, tid, initiator);
550 rcu_read_unlock();
551 return ret;
552}
553EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
554
555void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
556{
557 struct ieee80211_local *local = hw_to_local(hw);
558 struct sta_info *sta;
559 u8 *state;
560
561 if (tid >= STA_TID_NUM) {
562#ifdef CONFIG_MAC80211_HT_DEBUG
563 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
564 tid, STA_TID_NUM);
565#endif
566 return;
567 }
568
569#ifdef CONFIG_MAC80211_HT_DEBUG
570 printk(KERN_DEBUG "Stopping Tx BA session for %pM tid %d\n",
571 ra, tid);
572#endif /* CONFIG_MAC80211_HT_DEBUG */
573
574 rcu_read_lock();
575 sta = sta_info_get(local, ra);
576 if (!sta) {
577#ifdef CONFIG_MAC80211_HT_DEBUG
578 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
579#endif
580 rcu_read_unlock();
581 return;
582 }
583 state = &sta->ampdu_mlme.tid_state_tx[tid];
584
585 /* NOTE: no need to use sta->lock in this state check, as
586 * ieee80211_stop_tx_ba_session will let only one stop call to
587 * pass through per sta/tid
588 */
589 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
590#ifdef CONFIG_MAC80211_HT_DEBUG
591 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
592#endif
593 rcu_read_unlock();
594 return;
595 }
596
597 if (*state & HT_AGG_STATE_INITIATOR_MSK)
598 ieee80211_send_delba(sta->sdata, ra, tid,
599 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
600
601 spin_lock_bh(&sta->lock);
602 spin_lock(&local->ampdu_lock);
603
604 ieee80211_agg_splice_packets(local, sta, tid);
605
606 *state = HT_AGG_STATE_IDLE;
607 /* from now on packets are no longer put onto sta->pending */
608 sta->ampdu_mlme.addba_req_num[tid] = 0;
609 kfree(sta->ampdu_mlme.tid_tx[tid]);
610 sta->ampdu_mlme.tid_tx[tid] = NULL;
611
612 ieee80211_agg_splice_finish(local, sta, tid);
613
614 spin_unlock(&local->ampdu_lock);
615 spin_unlock_bh(&sta->lock);
616
617 rcu_read_unlock();
618}
619EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
620
621void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
622 const u8 *ra, u16 tid)
623{
624 struct ieee80211_local *local = hw_to_local(hw);
625 struct ieee80211_ra_tid *ra_tid;
626 struct sk_buff *skb = dev_alloc_skb(0);
627
628 if (unlikely(!skb)) {
629#ifdef CONFIG_MAC80211_HT_DEBUG
630 if (net_ratelimit())
631 printk(KERN_WARNING "%s: Not enough memory, "
632 "dropping stop BA session", skb->dev->name);
633#endif
634 return;
635 }
636 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
637 memcpy(&ra_tid->ra, ra, ETH_ALEN);
638 ra_tid->tid = tid;
639
640 skb->pkt_type = IEEE80211_DELBA_MSG;
641 skb_queue_tail(&local->skb_queue, skb);
642 tasklet_schedule(&local->tasklet);
643}
644EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
645
646
647void ieee80211_process_addba_resp(struct ieee80211_local *local,
648 struct sta_info *sta,
649 struct ieee80211_mgmt *mgmt,
650 size_t len)
651{
652 u16 capab, tid;
653 u8 *state;
654
655 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
656 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
657
658 state = &sta->ampdu_mlme.tid_state_tx[tid];
659
660 spin_lock_bh(&sta->lock);
661
662 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
663 spin_unlock_bh(&sta->lock);
664 return;
665 }
666
667 if (mgmt->u.action.u.addba_resp.dialog_token !=
668 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
669 spin_unlock_bh(&sta->lock);
670#ifdef CONFIG_MAC80211_HT_DEBUG
671 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
672#endif /* CONFIG_MAC80211_HT_DEBUG */
673 return;
674 }
675
676 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
677#ifdef CONFIG_MAC80211_HT_DEBUG
678 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
679#endif /* CONFIG_MAC80211_HT_DEBUG */
680 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
681 == WLAN_STATUS_SUCCESS) {
682 u8 curstate = *state;
683
684 *state |= HT_ADDBA_RECEIVED_MSK;
685
686 if (*state != curstate && *state == HT_AGG_STATE_OPERATIONAL)
687 ieee80211_agg_tx_operational(local, sta, tid);
688
689 sta->ampdu_mlme.addba_req_num[tid] = 0;
690 } else {
691 sta->ampdu_mlme.addba_req_num[tid]++;
692 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
693 }
694 spin_unlock_bh(&sta->lock);
695}
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 9d4e4d846ec1..e677b751d468 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -133,6 +133,9 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
133 case WLAN_CIPHER_SUITE_CCMP: 133 case WLAN_CIPHER_SUITE_CCMP:
134 alg = ALG_CCMP; 134 alg = ALG_CCMP;
135 break; 135 break;
136 case WLAN_CIPHER_SUITE_AES_CMAC:
137 alg = ALG_AES_CMAC;
138 break;
136 default: 139 default:
137 return -EINVAL; 140 return -EINVAL;
138 } 141 }
@@ -275,6 +278,17 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
275 else 278 else
276 params.cipher = WLAN_CIPHER_SUITE_WEP104; 279 params.cipher = WLAN_CIPHER_SUITE_WEP104;
277 break; 280 break;
281 case ALG_AES_CMAC:
282 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
283 seq[0] = key->u.aes_cmac.tx_pn[5];
284 seq[1] = key->u.aes_cmac.tx_pn[4];
285 seq[2] = key->u.aes_cmac.tx_pn[3];
286 seq[3] = key->u.aes_cmac.tx_pn[2];
287 seq[4] = key->u.aes_cmac.tx_pn[1];
288 seq[5] = key->u.aes_cmac.tx_pn[0];
289 params.seq = seq;
290 params.seq_len = 6;
291 break;
278 } 292 }
279 293
280 params.key = key->conf.key; 294 params.key = key->conf.key;
@@ -304,6 +318,22 @@ static int ieee80211_config_default_key(struct wiphy *wiphy,
304 return 0; 318 return 0;
305} 319}
306 320
321static int ieee80211_config_default_mgmt_key(struct wiphy *wiphy,
322 struct net_device *dev,
323 u8 key_idx)
324{
325 struct ieee80211_sub_if_data *sdata;
326
327 rcu_read_lock();
328
329 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
330 ieee80211_set_default_mgmt_key(sdata, key_idx);
331
332 rcu_read_unlock();
333
334 return 0;
335}
336
307static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo) 337static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
308{ 338{
309 struct ieee80211_sub_if_data *sdata = sta->sdata; 339 struct ieee80211_sub_if_data *sdata = sta->sdata;
@@ -311,11 +341,15 @@ static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
311 sinfo->filled = STATION_INFO_INACTIVE_TIME | 341 sinfo->filled = STATION_INFO_INACTIVE_TIME |
312 STATION_INFO_RX_BYTES | 342 STATION_INFO_RX_BYTES |
313 STATION_INFO_TX_BYTES | 343 STATION_INFO_TX_BYTES |
344 STATION_INFO_RX_PACKETS |
345 STATION_INFO_TX_PACKETS |
314 STATION_INFO_TX_BITRATE; 346 STATION_INFO_TX_BITRATE;
315 347
316 sinfo->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx); 348 sinfo->inactive_time = jiffies_to_msecs(jiffies - sta->last_rx);
317 sinfo->rx_bytes = sta->rx_bytes; 349 sinfo->rx_bytes = sta->rx_bytes;
318 sinfo->tx_bytes = sta->tx_bytes; 350 sinfo->tx_bytes = sta->tx_bytes;
351 sinfo->rx_packets = sta->rx_packets;
352 sinfo->tx_packets = sta->tx_packets;
319 353
320 if (sta->local->hw.flags & IEEE80211_HW_SIGNAL_DBM) { 354 if (sta->local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {
321 sinfo->filled |= STATION_INFO_SIGNAL; 355 sinfo->filled |= STATION_INFO_SIGNAL;
@@ -417,7 +451,8 @@ static int ieee80211_config_beacon(struct ieee80211_sub_if_data *sdata,
417 * This is a kludge. beacon interval should really be part 451 * This is a kludge. beacon interval should really be part
418 * of the beacon information. 452 * of the beacon information.
419 */ 453 */
420 if (params->interval) { 454 if (params->interval && (sdata->local->hw.conf.beacon_int !=
455 params->interval)) {
421 sdata->local->hw.conf.beacon_int = params->interval; 456 sdata->local->hw.conf.beacon_int = params->interval;
422 err = ieee80211_hw_config(sdata->local, 457 err = ieee80211_hw_config(sdata->local,
423 IEEE80211_CONF_CHANGE_BEACON_INTERVAL); 458 IEEE80211_CONF_CHANGE_BEACON_INTERVAL);
@@ -493,7 +528,8 @@ static int ieee80211_config_beacon(struct ieee80211_sub_if_data *sdata,
493 528
494 kfree(old); 529 kfree(old);
495 530
496 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON); 531 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON |
532 IEEE80211_IFCC_BEACON_ENABLED);
497} 533}
498 534
499static int ieee80211_add_beacon(struct wiphy *wiphy, struct net_device *dev, 535static int ieee80211_add_beacon(struct wiphy *wiphy, struct net_device *dev,
@@ -504,9 +540,6 @@ static int ieee80211_add_beacon(struct wiphy *wiphy, struct net_device *dev,
504 540
505 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 541 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
506 542
507 if (sdata->vif.type != NL80211_IFTYPE_AP)
508 return -EINVAL;
509
510 old = sdata->u.ap.beacon; 543 old = sdata->u.ap.beacon;
511 544
512 if (old) 545 if (old)
@@ -523,9 +556,6 @@ static int ieee80211_set_beacon(struct wiphy *wiphy, struct net_device *dev,
523 556
524 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 557 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
525 558
526 if (sdata->vif.type != NL80211_IFTYPE_AP)
527 return -EINVAL;
528
529 old = sdata->u.ap.beacon; 559 old = sdata->u.ap.beacon;
530 560
531 if (!old) 561 if (!old)
@@ -541,9 +571,6 @@ static int ieee80211_del_beacon(struct wiphy *wiphy, struct net_device *dev)
541 571
542 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 572 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
543 573
544 if (sdata->vif.type != NL80211_IFTYPE_AP)
545 return -EINVAL;
546
547 old = sdata->u.ap.beacon; 574 old = sdata->u.ap.beacon;
548 575
549 if (!old) 576 if (!old)
@@ -553,7 +580,7 @@ static int ieee80211_del_beacon(struct wiphy *wiphy, struct net_device *dev)
553 synchronize_rcu(); 580 synchronize_rcu();
554 kfree(old); 581 kfree(old);
555 582
556 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON); 583 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON_ENABLED);
557} 584}
558 585
559/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */ 586/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */
@@ -630,6 +657,10 @@ static void sta_apply_parameters(struct ieee80211_local *local,
630 sta->flags &= ~WLAN_STA_WME; 657 sta->flags &= ~WLAN_STA_WME;
631 if (params->station_flags & STATION_FLAG_WME) 658 if (params->station_flags & STATION_FLAG_WME)
632 sta->flags |= WLAN_STA_WME; 659 sta->flags |= WLAN_STA_WME;
660
661 sta->flags &= ~WLAN_STA_MFP;
662 if (params->station_flags & STATION_FLAG_MFP)
663 sta->flags |= WLAN_STA_MFP;
633 spin_unlock_bh(&sta->lock); 664 spin_unlock_bh(&sta->lock);
634 } 665 }
635 666
@@ -688,10 +719,6 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
688 int err; 719 int err;
689 int layer2_update; 720 int layer2_update;
690 721
691 /* Prevent a race with changing the rate control algorithm */
692 if (!netif_running(dev))
693 return -ENETDOWN;
694
695 if (params->vlan) { 722 if (params->vlan) {
696 sdata = IEEE80211_DEV_TO_SUB_IF(params->vlan); 723 sdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
697 724
@@ -820,14 +847,8 @@ static int ieee80211_add_mpath(struct wiphy *wiphy, struct net_device *dev,
820 struct sta_info *sta; 847 struct sta_info *sta;
821 int err; 848 int err;
822 849
823 if (!netif_running(dev))
824 return -ENETDOWN;
825
826 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 850 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
827 851
828 if (sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
829 return -ENOTSUPP;
830
831 rcu_read_lock(); 852 rcu_read_lock();
832 sta = sta_info_get(local, next_hop); 853 sta = sta_info_get(local, next_hop);
833 if (!sta) { 854 if (!sta) {
@@ -873,14 +894,8 @@ static int ieee80211_change_mpath(struct wiphy *wiphy,
873 struct mesh_path *mpath; 894 struct mesh_path *mpath;
874 struct sta_info *sta; 895 struct sta_info *sta;
875 896
876 if (!netif_running(dev))
877 return -ENETDOWN;
878
879 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 897 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
880 898
881 if (sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
882 return -ENOTSUPP;
883
884 rcu_read_lock(); 899 rcu_read_lock();
885 900
886 sta = sta_info_get(local, next_hop); 901 sta = sta_info_get(local, next_hop);
@@ -949,9 +964,6 @@ static int ieee80211_get_mpath(struct wiphy *wiphy, struct net_device *dev,
949 964
950 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 965 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
951 966
952 if (sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
953 return -ENOTSUPP;
954
955 rcu_read_lock(); 967 rcu_read_lock();
956 mpath = mesh_path_lookup(dst, sdata); 968 mpath = mesh_path_lookup(dst, sdata);
957 if (!mpath) { 969 if (!mpath) {
@@ -973,9 +985,6 @@ static int ieee80211_dump_mpath(struct wiphy *wiphy, struct net_device *dev,
973 985
974 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 986 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
975 987
976 if (sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
977 return -ENOTSUPP;
978
979 rcu_read_lock(); 988 rcu_read_lock();
980 mpath = mesh_path_lookup_by_idx(idx, sdata); 989 mpath = mesh_path_lookup_by_idx(idx, sdata);
981 if (!mpath) { 990 if (!mpath) {
@@ -995,8 +1004,6 @@ static int ieee80211_get_mesh_params(struct wiphy *wiphy,
995 struct ieee80211_sub_if_data *sdata; 1004 struct ieee80211_sub_if_data *sdata;
996 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1005 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
997 1006
998 if (sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
999 return -ENOTSUPP;
1000 memcpy(conf, &(sdata->u.mesh.mshcfg), sizeof(struct mesh_config)); 1007 memcpy(conf, &(sdata->u.mesh.mshcfg), sizeof(struct mesh_config));
1001 return 0; 1008 return 0;
1002} 1009}
@@ -1014,9 +1021,6 @@ static int ieee80211_set_mesh_params(struct wiphy *wiphy,
1014 struct ieee80211_sub_if_data *sdata; 1021 struct ieee80211_sub_if_data *sdata;
1015 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1022 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1016 1023
1017 if (sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
1018 return -ENOTSUPP;
1019
1020 /* Set the config options which we are interested in setting */ 1024 /* Set the config options which we are interested in setting */
1021 conf = &(sdata->u.mesh.mshcfg); 1025 conf = &(sdata->u.mesh.mshcfg);
1022 if (_chg_mesh_attr(NL80211_MESHCONF_RETRY_TIMEOUT, mask)) 1026 if (_chg_mesh_attr(NL80211_MESHCONF_RETRY_TIMEOUT, mask))
@@ -1064,9 +1068,6 @@ static int ieee80211_change_bss(struct wiphy *wiphy,
1064 1068
1065 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1069 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1066 1070
1067 if (sdata->vif.type != NL80211_IFTYPE_AP)
1068 return -EINVAL;
1069
1070 if (params->use_cts_prot >= 0) { 1071 if (params->use_cts_prot >= 0) {
1071 sdata->vif.bss_conf.use_cts_prot = params->use_cts_prot; 1072 sdata->vif.bss_conf.use_cts_prot = params->use_cts_prot;
1072 changed |= BSS_CHANGED_ERP_CTS_PROT; 1073 changed |= BSS_CHANGED_ERP_CTS_PROT;
@@ -1141,6 +1142,150 @@ static int ieee80211_set_channel(struct wiphy *wiphy,
1141 return ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 1142 return ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
1142} 1143}
1143 1144
1145#ifdef CONFIG_PM
1146static int ieee80211_suspend(struct wiphy *wiphy)
1147{
1148 return __ieee80211_suspend(wiphy_priv(wiphy));
1149}
1150
1151static int ieee80211_resume(struct wiphy *wiphy)
1152{
1153 return __ieee80211_resume(wiphy_priv(wiphy));
1154}
1155#else
1156#define ieee80211_suspend NULL
1157#define ieee80211_resume NULL
1158#endif
1159
1160static int ieee80211_scan(struct wiphy *wiphy,
1161 struct net_device *dev,
1162 struct cfg80211_scan_request *req)
1163{
1164 struct ieee80211_sub_if_data *sdata;
1165
1166 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1167
1168 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
1169 sdata->vif.type != NL80211_IFTYPE_ADHOC &&
1170 sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
1171 return -EOPNOTSUPP;
1172
1173 return ieee80211_request_scan(sdata, req);
1174}
1175
1176static int ieee80211_auth(struct wiphy *wiphy, struct net_device *dev,
1177 struct cfg80211_auth_request *req)
1178{
1179 struct ieee80211_sub_if_data *sdata;
1180
1181 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1182
1183 switch (req->auth_type) {
1184 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1185 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_OPEN;
1186 break;
1187 case NL80211_AUTHTYPE_SHARED_KEY:
1188 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_SHARED_KEY;
1189 break;
1190 case NL80211_AUTHTYPE_FT:
1191 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_FT;
1192 break;
1193 case NL80211_AUTHTYPE_NETWORK_EAP:
1194 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_LEAP;
1195 break;
1196 default:
1197 return -EOPNOTSUPP;
1198 }
1199
1200 memcpy(sdata->u.mgd.bssid, req->peer_addr, ETH_ALEN);
1201 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
1202 sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
1203
1204 /* TODO: req->chan */
1205 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_CHANNEL_SEL;
1206
1207 if (req->ssid) {
1208 sdata->u.mgd.flags |= IEEE80211_STA_SSID_SET;
1209 memcpy(sdata->u.mgd.ssid, req->ssid, req->ssid_len);
1210 sdata->u.mgd.ssid_len = req->ssid_len;
1211 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
1212 }
1213
1214 kfree(sdata->u.mgd.sme_auth_ie);
1215 sdata->u.mgd.sme_auth_ie = NULL;
1216 sdata->u.mgd.sme_auth_ie_len = 0;
1217 if (req->ie) {
1218 sdata->u.mgd.sme_auth_ie = kmalloc(req->ie_len, GFP_KERNEL);
1219 if (sdata->u.mgd.sme_auth_ie == NULL)
1220 return -ENOMEM;
1221 memcpy(sdata->u.mgd.sme_auth_ie, req->ie, req->ie_len);
1222 sdata->u.mgd.sme_auth_ie_len = req->ie_len;
1223 }
1224
1225 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
1226 sdata->u.mgd.state = IEEE80211_STA_MLME_DIRECT_PROBE;
1227 ieee80211_sta_req_auth(sdata);
1228 return 0;
1229}
1230
1231static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev,
1232 struct cfg80211_assoc_request *req)
1233{
1234 struct ieee80211_sub_if_data *sdata;
1235 int ret;
1236
1237 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1238
1239 if (memcmp(sdata->u.mgd.bssid, req->peer_addr, ETH_ALEN) != 0 ||
1240 !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
1241 return -ENOLINK; /* not authenticated */
1242
1243 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
1244 sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
1245
1246 /* TODO: req->chan */
1247 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_CHANNEL_SEL;
1248
1249 if (req->ssid) {
1250 sdata->u.mgd.flags |= IEEE80211_STA_SSID_SET;
1251 memcpy(sdata->u.mgd.ssid, req->ssid, req->ssid_len);
1252 sdata->u.mgd.ssid_len = req->ssid_len;
1253 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
1254 } else
1255 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
1256
1257 ret = ieee80211_sta_set_extra_ie(sdata, req->ie, req->ie_len);
1258 if (ret)
1259 return ret;
1260
1261 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
1262 sdata->u.mgd.state = IEEE80211_STA_MLME_ASSOCIATE;
1263 ieee80211_sta_req_auth(sdata);
1264 return 0;
1265}
1266
1267static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev,
1268 struct cfg80211_deauth_request *req)
1269{
1270 struct ieee80211_sub_if_data *sdata;
1271
1272 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1273
1274 /* TODO: req->ie */
1275 return ieee80211_sta_deauthenticate(sdata, req->reason_code);
1276}
1277
1278static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev,
1279 struct cfg80211_disassoc_request *req)
1280{
1281 struct ieee80211_sub_if_data *sdata;
1282
1283 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1284
1285 /* TODO: req->ie */
1286 return ieee80211_sta_disassociate(sdata, req->reason_code);
1287}
1288
1144struct cfg80211_ops mac80211_config_ops = { 1289struct cfg80211_ops mac80211_config_ops = {
1145 .add_virtual_intf = ieee80211_add_iface, 1290 .add_virtual_intf = ieee80211_add_iface,
1146 .del_virtual_intf = ieee80211_del_iface, 1291 .del_virtual_intf = ieee80211_del_iface,
@@ -1149,6 +1294,7 @@ struct cfg80211_ops mac80211_config_ops = {
1149 .del_key = ieee80211_del_key, 1294 .del_key = ieee80211_del_key,
1150 .get_key = ieee80211_get_key, 1295 .get_key = ieee80211_get_key,
1151 .set_default_key = ieee80211_config_default_key, 1296 .set_default_key = ieee80211_config_default_key,
1297 .set_default_mgmt_key = ieee80211_config_default_mgmt_key,
1152 .add_beacon = ieee80211_add_beacon, 1298 .add_beacon = ieee80211_add_beacon,
1153 .set_beacon = ieee80211_set_beacon, 1299 .set_beacon = ieee80211_set_beacon,
1154 .del_beacon = ieee80211_del_beacon, 1300 .del_beacon = ieee80211_del_beacon,
@@ -1169,4 +1315,11 @@ struct cfg80211_ops mac80211_config_ops = {
1169 .change_bss = ieee80211_change_bss, 1315 .change_bss = ieee80211_change_bss,
1170 .set_txq_params = ieee80211_set_txq_params, 1316 .set_txq_params = ieee80211_set_txq_params,
1171 .set_channel = ieee80211_set_channel, 1317 .set_channel = ieee80211_set_channel,
1318 .suspend = ieee80211_suspend,
1319 .resume = ieee80211_resume,
1320 .scan = ieee80211_scan,
1321 .auth = ieee80211_auth,
1322 .assoc = ieee80211_assoc,
1323 .deauth = ieee80211_deauth,
1324 .disassoc = ieee80211_disassoc,
1172}; 1325};
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index 2697a2fe608f..210b9b6fecd2 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -40,6 +40,10 @@ static const struct file_operations name## _ops = { \
40 local->debugfs.name = debugfs_create_file(#name, 0400, phyd, \ 40 local->debugfs.name = debugfs_create_file(#name, 0400, phyd, \
41 local, &name## _ops); 41 local, &name## _ops);
42 42
43#define DEBUGFS_ADD_MODE(name, mode) \
44 local->debugfs.name = debugfs_create_file(#name, mode, phyd, \
45 local, &name## _ops);
46
43#define DEBUGFS_DEL(name) \ 47#define DEBUGFS_DEL(name) \
44 debugfs_remove(local->debugfs.name); \ 48 debugfs_remove(local->debugfs.name); \
45 local->debugfs.name = NULL; 49 local->debugfs.name = NULL;
@@ -57,11 +61,80 @@ DEBUGFS_READONLY_FILE(long_retry_limit, 20, "%d",
57 local->hw.conf.long_frame_max_tx_count); 61 local->hw.conf.long_frame_max_tx_count);
58DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d", 62DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d",
59 local->total_ps_buffered); 63 local->total_ps_buffered);
60DEBUGFS_READONLY_FILE(wep_iv, 20, "%#06x", 64DEBUGFS_READONLY_FILE(wep_iv, 20, "%#08x",
61 local->wep_iv & 0xffffff); 65 local->wep_iv & 0xffffff);
62DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s", 66DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s",
63 local->rate_ctrl ? local->rate_ctrl->ops->name : "<unset>"); 67 local->rate_ctrl ? local->rate_ctrl->ops->name : "<unset>");
64 68
69static ssize_t tsf_read(struct file *file, char __user *user_buf,
70 size_t count, loff_t *ppos)
71{
72 struct ieee80211_local *local = file->private_data;
73 u64 tsf = 0;
74 char buf[100];
75
76 if (local->ops->get_tsf)
77 tsf = local->ops->get_tsf(local_to_hw(local));
78
79 snprintf(buf, sizeof(buf), "0x%016llx\n", (unsigned long long) tsf);
80
81 return simple_read_from_buffer(user_buf, count, ppos, buf, 19);
82}
83
84static ssize_t tsf_write(struct file *file,
85 const char __user *user_buf,
86 size_t count, loff_t *ppos)
87{
88 struct ieee80211_local *local = file->private_data;
89 unsigned long long tsf;
90 char buf[100];
91 size_t len;
92
93 len = min(count, sizeof(buf) - 1);
94 if (copy_from_user(buf, user_buf, len))
95 return -EFAULT;
96 buf[len] = '\0';
97
98 if (strncmp(buf, "reset", 5) == 0) {
99 if (local->ops->reset_tsf) {
100 local->ops->reset_tsf(local_to_hw(local));
101 printk(KERN_INFO "%s: debugfs reset TSF\n", wiphy_name(local->hw.wiphy));
102 }
103 } else {
104 tsf = simple_strtoul(buf, NULL, 0);
105 if (local->ops->set_tsf) {
106 local->ops->set_tsf(local_to_hw(local), tsf);
107 printk(KERN_INFO "%s: debugfs set TSF to %#018llx\n", wiphy_name(local->hw.wiphy), tsf);
108 }
109 }
110
111 return count;
112}
113
114static const struct file_operations tsf_ops = {
115 .read = tsf_read,
116 .write = tsf_write,
117 .open = mac80211_open_file_generic
118};
119
120static ssize_t reset_write(struct file *file, const char __user *user_buf,
121 size_t count, loff_t *ppos)
122{
123 struct ieee80211_local *local = file->private_data;
124
125 rtnl_lock();
126 __ieee80211_suspend(&local->hw);
127 __ieee80211_resume(&local->hw);
128 rtnl_unlock();
129
130 return count;
131}
132
133static const struct file_operations reset_ops = {
134 .write = reset_write,
135 .open = mac80211_open_file_generic,
136};
137
65/* statistics stuff */ 138/* statistics stuff */
66 139
67#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \ 140#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \
@@ -136,8 +209,6 @@ DEBUGFS_STATS_FILE(multicast_received_frame_count, 20, "%u",
136 local->dot11MulticastReceivedFrameCount); 209 local->dot11MulticastReceivedFrameCount);
137DEBUGFS_STATS_FILE(transmitted_frame_count, 20, "%u", 210DEBUGFS_STATS_FILE(transmitted_frame_count, 20, "%u",
138 local->dot11TransmittedFrameCount); 211 local->dot11TransmittedFrameCount);
139DEBUGFS_STATS_FILE(wep_undecryptable_count, 20, "%u",
140 local->dot11WEPUndecryptableCount);
141#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 212#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
142DEBUGFS_STATS_FILE(tx_handlers_drop, 20, "%u", 213DEBUGFS_STATS_FILE(tx_handlers_drop, 20, "%u",
143 local->tx_handlers_drop); 214 local->tx_handlers_drop);
@@ -204,6 +275,8 @@ void debugfs_hw_add(struct ieee80211_local *local)
204 DEBUGFS_ADD(long_retry_limit); 275 DEBUGFS_ADD(long_retry_limit);
205 DEBUGFS_ADD(total_ps_buffered); 276 DEBUGFS_ADD(total_ps_buffered);
206 DEBUGFS_ADD(wep_iv); 277 DEBUGFS_ADD(wep_iv);
278 DEBUGFS_ADD(tsf);
279 DEBUGFS_ADD_MODE(reset, 0200);
207 280
208 statsd = debugfs_create_dir("statistics", phyd); 281 statsd = debugfs_create_dir("statistics", phyd);
209 local->debugfs.statistics = statsd; 282 local->debugfs.statistics = statsd;
@@ -221,7 +294,6 @@ void debugfs_hw_add(struct ieee80211_local *local)
221 DEBUGFS_STATS_ADD(received_fragment_count); 294 DEBUGFS_STATS_ADD(received_fragment_count);
222 DEBUGFS_STATS_ADD(multicast_received_frame_count); 295 DEBUGFS_STATS_ADD(multicast_received_frame_count);
223 DEBUGFS_STATS_ADD(transmitted_frame_count); 296 DEBUGFS_STATS_ADD(transmitted_frame_count);
224 DEBUGFS_STATS_ADD(wep_undecryptable_count);
225#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 297#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
226 DEBUGFS_STATS_ADD(tx_handlers_drop); 298 DEBUGFS_STATS_ADD(tx_handlers_drop);
227 DEBUGFS_STATS_ADD(tx_handlers_queued); 299 DEBUGFS_STATS_ADD(tx_handlers_queued);
@@ -258,6 +330,8 @@ void debugfs_hw_del(struct ieee80211_local *local)
258 DEBUGFS_DEL(long_retry_limit); 330 DEBUGFS_DEL(long_retry_limit);
259 DEBUGFS_DEL(total_ps_buffered); 331 DEBUGFS_DEL(total_ps_buffered);
260 DEBUGFS_DEL(wep_iv); 332 DEBUGFS_DEL(wep_iv);
333 DEBUGFS_DEL(tsf);
334 DEBUGFS_DEL(reset);
261 335
262 DEBUGFS_STATS_DEL(transmitted_fragment_count); 336 DEBUGFS_STATS_DEL(transmitted_fragment_count);
263 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count); 337 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count);
@@ -268,7 +342,6 @@ void debugfs_hw_del(struct ieee80211_local *local)
268 DEBUGFS_STATS_DEL(received_fragment_count); 342 DEBUGFS_STATS_DEL(received_fragment_count);
269 DEBUGFS_STATS_DEL(multicast_received_frame_count); 343 DEBUGFS_STATS_DEL(multicast_received_frame_count);
270 DEBUGFS_STATS_DEL(transmitted_frame_count); 344 DEBUGFS_STATS_DEL(transmitted_frame_count);
271 DEBUGFS_STATS_DEL(wep_undecryptable_count);
272 DEBUGFS_STATS_DEL(num_scans); 345 DEBUGFS_STATS_DEL(num_scans);
273#ifdef CONFIG_MAC80211_DEBUG_COUNTERS 346#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
274 DEBUGFS_STATS_DEL(tx_handlers_drop); 347 DEBUGFS_STATS_DEL(tx_handlers_drop);
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
index 6424ac565ae0..99c752588b30 100644
--- a/net/mac80211/debugfs_key.c
+++ b/net/mac80211/debugfs_key.c
@@ -76,6 +76,9 @@ static ssize_t key_algorithm_read(struct file *file,
76 case ALG_CCMP: 76 case ALG_CCMP:
77 alg = "CCMP\n"; 77 alg = "CCMP\n";
78 break; 78 break;
79 case ALG_AES_CMAC:
80 alg = "AES-128-CMAC\n";
81 break;
79 default: 82 default:
80 return 0; 83 return 0;
81 } 84 }
@@ -105,6 +108,12 @@ static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
105 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n", 108 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
106 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]); 109 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]);
107 break; 110 break;
111 case ALG_AES_CMAC:
112 tpn = key->u.aes_cmac.tx_pn;
113 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
114 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4],
115 tpn[5]);
116 break;
108 default: 117 default:
109 return 0; 118 return 0;
110 } 119 }
@@ -142,6 +151,14 @@ static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
142 } 151 }
143 len = p - buf; 152 len = p - buf;
144 break; 153 break;
154 case ALG_AES_CMAC:
155 rpn = key->u.aes_cmac.rx_pn;
156 p += scnprintf(p, sizeof(buf)+buf-p,
157 "%02x%02x%02x%02x%02x%02x\n",
158 rpn[0], rpn[1], rpn[2],
159 rpn[3], rpn[4], rpn[5]);
160 len = p - buf;
161 break;
145 default: 162 default:
146 return 0; 163 return 0;
147 } 164 }
@@ -156,13 +173,40 @@ static ssize_t key_replays_read(struct file *file, char __user *userbuf,
156 char buf[20]; 173 char buf[20];
157 int len; 174 int len;
158 175
159 if (key->conf.alg != ALG_CCMP) 176 switch (key->conf.alg) {
177 case ALG_CCMP:
178 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
179 break;
180 case ALG_AES_CMAC:
181 len = scnprintf(buf, sizeof(buf), "%u\n",
182 key->u.aes_cmac.replays);
183 break;
184 default:
160 return 0; 185 return 0;
161 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays); 186 }
162 return simple_read_from_buffer(userbuf, count, ppos, buf, len); 187 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
163} 188}
164KEY_OPS(replays); 189KEY_OPS(replays);
165 190
191static ssize_t key_icverrors_read(struct file *file, char __user *userbuf,
192 size_t count, loff_t *ppos)
193{
194 struct ieee80211_key *key = file->private_data;
195 char buf[20];
196 int len;
197
198 switch (key->conf.alg) {
199 case ALG_AES_CMAC:
200 len = scnprintf(buf, sizeof(buf), "%u\n",
201 key->u.aes_cmac.icverrors);
202 break;
203 default:
204 return 0;
205 }
206 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
207}
208KEY_OPS(icverrors);
209
166static ssize_t key_key_read(struct file *file, char __user *userbuf, 210static ssize_t key_key_read(struct file *file, char __user *userbuf,
167 size_t count, loff_t *ppos) 211 size_t count, loff_t *ppos)
168{ 212{
@@ -222,6 +266,7 @@ void ieee80211_debugfs_key_add(struct ieee80211_key *key)
222 DEBUGFS_ADD(tx_spec); 266 DEBUGFS_ADD(tx_spec);
223 DEBUGFS_ADD(rx_spec); 267 DEBUGFS_ADD(rx_spec);
224 DEBUGFS_ADD(replays); 268 DEBUGFS_ADD(replays);
269 DEBUGFS_ADD(icverrors);
225 DEBUGFS_ADD(key); 270 DEBUGFS_ADD(key);
226 DEBUGFS_ADD(ifindex); 271 DEBUGFS_ADD(ifindex);
227}; 272};
@@ -243,6 +288,7 @@ void ieee80211_debugfs_key_remove(struct ieee80211_key *key)
243 DEBUGFS_DEL(tx_spec); 288 DEBUGFS_DEL(tx_spec);
244 DEBUGFS_DEL(rx_spec); 289 DEBUGFS_DEL(rx_spec);
245 DEBUGFS_DEL(replays); 290 DEBUGFS_DEL(replays);
291 DEBUGFS_DEL(icverrors);
246 DEBUGFS_DEL(key); 292 DEBUGFS_DEL(key);
247 DEBUGFS_DEL(ifindex); 293 DEBUGFS_DEL(ifindex);
248 294
@@ -280,6 +326,35 @@ void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata)
280 sdata->common_debugfs.default_key = NULL; 326 sdata->common_debugfs.default_key = NULL;
281} 327}
282 328
329void ieee80211_debugfs_key_add_mgmt_default(struct ieee80211_sub_if_data *sdata)
330{
331 char buf[50];
332 struct ieee80211_key *key;
333
334 if (!sdata->debugfsdir)
335 return;
336
337 /* this is running under the key lock */
338
339 key = sdata->default_mgmt_key;
340 if (key) {
341 sprintf(buf, "../keys/%d", key->debugfs.cnt);
342 sdata->common_debugfs.default_mgmt_key =
343 debugfs_create_symlink("default_mgmt_key",
344 sdata->debugfsdir, buf);
345 } else
346 ieee80211_debugfs_key_remove_mgmt_default(sdata);
347}
348
349void ieee80211_debugfs_key_remove_mgmt_default(struct ieee80211_sub_if_data *sdata)
350{
351 if (!sdata)
352 return;
353
354 debugfs_remove(sdata->common_debugfs.default_mgmt_key);
355 sdata->common_debugfs.default_mgmt_key = NULL;
356}
357
283void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key, 358void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
284 struct sta_info *sta) 359 struct sta_info *sta)
285{ 360{
diff --git a/net/mac80211/debugfs_key.h b/net/mac80211/debugfs_key.h
index b1a3754ee240..54717b4e1371 100644
--- a/net/mac80211/debugfs_key.h
+++ b/net/mac80211/debugfs_key.h
@@ -6,6 +6,10 @@ void ieee80211_debugfs_key_add(struct ieee80211_key *key);
6void ieee80211_debugfs_key_remove(struct ieee80211_key *key); 6void ieee80211_debugfs_key_remove(struct ieee80211_key *key);
7void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata); 7void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata);
8void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata); 8void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_key_add_mgmt_default(
10 struct ieee80211_sub_if_data *sdata);
11void ieee80211_debugfs_key_remove_mgmt_default(
12 struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key, 13void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
10 struct sta_info *sta); 14 struct sta_info *sta);
11#else 15#else
@@ -19,6 +23,12 @@ static inline void ieee80211_debugfs_key_add_default(
19static inline void ieee80211_debugfs_key_remove_default( 23static inline void ieee80211_debugfs_key_remove_default(
20 struct ieee80211_sub_if_data *sdata) 24 struct ieee80211_sub_if_data *sdata)
21{} 25{}
26static inline void ieee80211_debugfs_key_add_mgmt_default(
27 struct ieee80211_sub_if_data *sdata)
28{}
29static inline void ieee80211_debugfs_key_remove_mgmt_default(
30 struct ieee80211_sub_if_data *sdata)
31{}
22static inline void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key, 32static inline void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
23 struct sta_info *sta) 33 struct sta_info *sta)
24{} 34{}
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index c54219301724..e3420329f4e6 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -94,31 +94,31 @@ IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
94IEEE80211_IF_FILE(force_unicast_rateidx, force_unicast_rateidx, DEC); 94IEEE80211_IF_FILE(force_unicast_rateidx, force_unicast_rateidx, DEC);
95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC); 95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC);
96 96
97/* STA/IBSS attributes */ 97/* STA attributes */
98IEEE80211_IF_FILE(state, u.sta.state, DEC); 98IEEE80211_IF_FILE(state, u.mgd.state, DEC);
99IEEE80211_IF_FILE(bssid, u.sta.bssid, MAC); 99IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC);
100IEEE80211_IF_FILE(prev_bssid, u.sta.prev_bssid, MAC); 100IEEE80211_IF_FILE(prev_bssid, u.mgd.prev_bssid, MAC);
101IEEE80211_IF_FILE(ssid_len, u.sta.ssid_len, SIZE); 101IEEE80211_IF_FILE(ssid_len, u.mgd.ssid_len, SIZE);
102IEEE80211_IF_FILE(aid, u.sta.aid, DEC); 102IEEE80211_IF_FILE(aid, u.mgd.aid, DEC);
103IEEE80211_IF_FILE(ap_capab, u.sta.ap_capab, HEX); 103IEEE80211_IF_FILE(ap_capab, u.mgd.ap_capab, HEX);
104IEEE80211_IF_FILE(capab, u.sta.capab, HEX); 104IEEE80211_IF_FILE(capab, u.mgd.capab, HEX);
105IEEE80211_IF_FILE(extra_ie_len, u.sta.extra_ie_len, SIZE); 105IEEE80211_IF_FILE(extra_ie_len, u.mgd.extra_ie_len, SIZE);
106IEEE80211_IF_FILE(auth_tries, u.sta.auth_tries, DEC); 106IEEE80211_IF_FILE(auth_tries, u.mgd.auth_tries, DEC);
107IEEE80211_IF_FILE(assoc_tries, u.sta.assoc_tries, DEC); 107IEEE80211_IF_FILE(assoc_tries, u.mgd.assoc_tries, DEC);
108IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX); 108IEEE80211_IF_FILE(auth_algs, u.mgd.auth_algs, HEX);
109IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC); 109IEEE80211_IF_FILE(auth_alg, u.mgd.auth_alg, DEC);
110IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC); 110IEEE80211_IF_FILE(auth_transaction, u.mgd.auth_transaction, DEC);
111 111
112static ssize_t ieee80211_if_fmt_flags( 112static ssize_t ieee80211_if_fmt_flags(
113 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen) 113 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
114{ 114{
115 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n", 115 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n",
116 sdata->u.sta.flags & IEEE80211_STA_SSID_SET ? "SSID\n" : "", 116 sdata->u.mgd.flags & IEEE80211_STA_SSID_SET ? "SSID\n" : "",
117 sdata->u.sta.flags & IEEE80211_STA_BSSID_SET ? "BSSID\n" : "", 117 sdata->u.mgd.flags & IEEE80211_STA_BSSID_SET ? "BSSID\n" : "",
118 sdata->u.sta.flags & IEEE80211_STA_PREV_BSSID_SET ? "prev BSSID\n" : "", 118 sdata->u.mgd.flags & IEEE80211_STA_PREV_BSSID_SET ? "prev BSSID\n" : "",
119 sdata->u.sta.flags & IEEE80211_STA_AUTHENTICATED ? "AUTH\n" : "", 119 sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED ? "AUTH\n" : "",
120 sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED ? "ASSOC\n" : "", 120 sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED ? "ASSOC\n" : "",
121 sdata->u.sta.flags & IEEE80211_STA_PROBEREQ_POLL ? "PROBEREQ POLL\n" : "", 121 sdata->u.mgd.flags & IEEE80211_STA_PROBEREQ_POLL ? "PROBEREQ POLL\n" : "",
122 sdata->vif.bss_conf.use_cts_prot ? "CTS prot\n" : ""); 122 sdata->vif.bss_conf.use_cts_prot ? "CTS prot\n" : "");
123} 123}
124__IEEE80211_IF_FILE(flags); 124__IEEE80211_IF_FILE(flags);
@@ -283,9 +283,11 @@ static void add_files(struct ieee80211_sub_if_data *sdata)
283#endif 283#endif
284 break; 284 break;
285 case NL80211_IFTYPE_STATION: 285 case NL80211_IFTYPE_STATION:
286 case NL80211_IFTYPE_ADHOC:
287 add_sta_files(sdata); 286 add_sta_files(sdata);
288 break; 287 break;
288 case NL80211_IFTYPE_ADHOC:
289 /* XXX */
290 break;
289 case NL80211_IFTYPE_AP: 291 case NL80211_IFTYPE_AP:
290 add_ap_files(sdata); 292 add_ap_files(sdata);
291 break; 293 break;
@@ -418,9 +420,11 @@ static void del_files(struct ieee80211_sub_if_data *sdata)
418#endif 420#endif
419 break; 421 break;
420 case NL80211_IFTYPE_STATION: 422 case NL80211_IFTYPE_STATION:
421 case NL80211_IFTYPE_ADHOC:
422 del_sta_files(sdata); 423 del_sta_files(sdata);
423 break; 424 break;
425 case NL80211_IFTYPE_ADHOC:
426 /* XXX */
427 break;
424 case NL80211_IFTYPE_AP: 428 case NL80211_IFTYPE_AP:
425 del_ap_files(sdata); 429 del_ap_files(sdata);
426 break; 430 break;
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index a2fbe0131312..90230c718b5b 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -67,14 +67,15 @@ static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
67 char buf[100]; 67 char buf[100];
68 struct sta_info *sta = file->private_data; 68 struct sta_info *sta = file->private_data;
69 u32 staflags = get_sta_flags(sta); 69 u32 staflags = get_sta_flags(sta);
70 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s", 70 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s",
71 staflags & WLAN_STA_AUTH ? "AUTH\n" : "", 71 staflags & WLAN_STA_AUTH ? "AUTH\n" : "",
72 staflags & WLAN_STA_ASSOC ? "ASSOC\n" : "", 72 staflags & WLAN_STA_ASSOC ? "ASSOC\n" : "",
73 staflags & WLAN_STA_PS ? "PS\n" : "", 73 staflags & WLAN_STA_PS ? "PS\n" : "",
74 staflags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "", 74 staflags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "",
75 staflags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "", 75 staflags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "",
76 staflags & WLAN_STA_WME ? "WME\n" : "", 76 staflags & WLAN_STA_WME ? "WME\n" : "",
77 staflags & WLAN_STA_WDS ? "WDS\n" : ""); 77 staflags & WLAN_STA_WDS ? "WDS\n" : "",
78 staflags & WLAN_STA_MFP ? "MFP\n" : "");
78 return simple_read_from_buffer(userbuf, count, ppos, buf, res); 79 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
79} 80}
80STA_OPS(flags); 81STA_OPS(flags);
diff --git a/net/mac80211/ht.c b/net/mac80211/ht.c
index c5c0c5271096..4e3c72f20de7 100644
--- a/net/mac80211/ht.c
+++ b/net/mac80211/ht.c
@@ -17,8 +17,7 @@
17#include <net/wireless.h> 17#include <net/wireless.h>
18#include <net/mac80211.h> 18#include <net/mac80211.h>
19#include "ieee80211_i.h" 19#include "ieee80211_i.h"
20#include "sta_info.h" 20#include "rate.h"
21#include "wme.h"
22 21
23void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_supported_band *sband, 22void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_supported_band *sband,
24 struct ieee80211_ht_cap *ht_cap_ie, 23 struct ieee80211_ht_cap *ht_cap_ie,
@@ -95,7 +94,9 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
95{ 94{
96 struct ieee80211_local *local = sdata->local; 95 struct ieee80211_local *local = sdata->local;
97 struct ieee80211_supported_band *sband; 96 struct ieee80211_supported_band *sband;
97 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
98 struct ieee80211_bss_ht_conf ht; 98 struct ieee80211_bss_ht_conf ht;
99 struct sta_info *sta;
99 u32 changed = 0; 100 u32 changed = 0;
100 bool enable_ht = true, ht_changed; 101 bool enable_ht = true, ht_changed;
101 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 102 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
@@ -130,14 +131,25 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
130 } 131 }
131 } 132 }
132 133
133 ht_changed = local->hw.conf.ht.enabled != enable_ht || 134 ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
134 channel_type != local->hw.conf.ht.channel_type; 135 channel_type != local->hw.conf.channel_type;
135 136
136 local->oper_channel_type = channel_type; 137 local->oper_channel_type = channel_type;
137 local->hw.conf.ht.enabled = enable_ht;
138 138
139 if (ht_changed) 139 if (ht_changed) {
140 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_HT); 140 /* channel_type change automatically detected */
141 ieee80211_hw_config(local, 0);
142
143 rcu_read_lock();
144
145 sta = sta_info_get(local, ifmgd->bssid);
146 if (sta)
147 rate_control_rate_update(local, sband, sta,
148 IEEE80211_RC_HT_CHANGED);
149
150 rcu_read_unlock();
151
152 }
141 153
142 /* disable HT */ 154 /* disable HT */
143 if (!enable_ht) 155 if (!enable_ht)
@@ -154,108 +166,22 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
154 return changed; 166 return changed;
155} 167}
156 168
157static void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata, 169void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta)
158 const u8 *da, u16 tid,
159 u8 dialog_token, u16 start_seq_num,
160 u16 agg_size, u16 timeout)
161{ 170{
162 struct ieee80211_local *local = sdata->local; 171 int i;
163 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
164 struct sk_buff *skb;
165 struct ieee80211_mgmt *mgmt;
166 u16 capab;
167
168 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
169
170 if (!skb) {
171 printk(KERN_ERR "%s: failed to allocate buffer "
172 "for addba request frame\n", sdata->dev->name);
173 return;
174 }
175 skb_reserve(skb, local->hw.extra_tx_headroom);
176 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
177 memset(mgmt, 0, 24);
178 memcpy(mgmt->da, da, ETH_ALEN);
179 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
180 if (sdata->vif.type == NL80211_IFTYPE_AP)
181 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
182 else
183 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
184
185 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
186 IEEE80211_STYPE_ACTION);
187
188 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
189
190 mgmt->u.action.category = WLAN_CATEGORY_BACK;
191 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
192
193 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
194 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
195 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
196 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
197
198 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
199
200 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
201 mgmt->u.action.u.addba_req.start_seq_num =
202 cpu_to_le16(start_seq_num << 4);
203
204 ieee80211_tx_skb(sdata, skb, 0);
205}
206
207static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
208 u8 dialog_token, u16 status, u16 policy,
209 u16 buf_size, u16 timeout)
210{
211 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
212 struct ieee80211_local *local = sdata->local;
213 struct sk_buff *skb;
214 struct ieee80211_mgmt *mgmt;
215 u16 capab;
216
217 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
218 172
219 if (!skb) { 173 for (i = 0; i < STA_TID_NUM; i++) {
220 printk(KERN_DEBUG "%s: failed to allocate buffer " 174 __ieee80211_stop_tx_ba_session(sta, i, WLAN_BACK_INITIATOR);
221 "for addba resp frame\n", sdata->dev->name); 175 __ieee80211_stop_rx_ba_session(sta, i, WLAN_BACK_RECIPIENT,
222 return; 176 WLAN_REASON_QSTA_LEAVE_QBSS);
223 } 177 }
224
225 skb_reserve(skb, local->hw.extra_tx_headroom);
226 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
227 memset(mgmt, 0, 24);
228 memcpy(mgmt->da, da, ETH_ALEN);
229 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
230 if (sdata->vif.type == NL80211_IFTYPE_AP)
231 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
232 else
233 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
234 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
235 IEEE80211_STYPE_ACTION);
236
237 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
238 mgmt->u.action.category = WLAN_CATEGORY_BACK;
239 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
240 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
241
242 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
243 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
244 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
245
246 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
247 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
248 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
249
250 ieee80211_tx_skb(sdata, skb, 0);
251} 178}
252 179
253static void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata, 180void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
254 const u8 *da, u16 tid, 181 const u8 *da, u16 tid,
255 u16 initiator, u16 reason_code) 182 u16 initiator, u16 reason_code)
256{ 183{
257 struct ieee80211_local *local = sdata->local; 184 struct ieee80211_local *local = sdata->local;
258 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
259 struct sk_buff *skb; 185 struct sk_buff *skb;
260 struct ieee80211_mgmt *mgmt; 186 struct ieee80211_mgmt *mgmt;
261 u16 params; 187 u16 params;
@@ -273,10 +199,12 @@ static void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
273 memset(mgmt, 0, 24); 199 memset(mgmt, 0, 24);
274 memcpy(mgmt->da, da, ETH_ALEN); 200 memcpy(mgmt->da, da, ETH_ALEN);
275 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 201 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
276 if (sdata->vif.type == NL80211_IFTYPE_AP) 202 if (sdata->vif.type == NL80211_IFTYPE_AP ||
203 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
277 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN); 204 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
278 else 205 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
279 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 206 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
207
280 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 208 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
281 IEEE80211_STYPE_ACTION); 209 IEEE80211_STYPE_ACTION);
282 210
@@ -290,770 +218,7 @@ static void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
290 mgmt->u.action.u.delba.params = cpu_to_le16(params); 218 mgmt->u.action.u.delba.params = cpu_to_le16(params);
291 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code); 219 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
292 220
293 ieee80211_tx_skb(sdata, skb, 0); 221 ieee80211_tx_skb(sdata, skb, 1);
294}
295
296void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
297{
298 struct ieee80211_local *local = sdata->local;
299 struct sk_buff *skb;
300 struct ieee80211_bar *bar;
301 u16 bar_control = 0;
302
303 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
304 if (!skb) {
305 printk(KERN_ERR "%s: failed to allocate buffer for "
306 "bar frame\n", sdata->dev->name);
307 return;
308 }
309 skb_reserve(skb, local->hw.extra_tx_headroom);
310 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
311 memset(bar, 0, sizeof(*bar));
312 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
313 IEEE80211_STYPE_BACK_REQ);
314 memcpy(bar->ra, ra, ETH_ALEN);
315 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
316 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
317 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
318 bar_control |= (u16)(tid << 12);
319 bar->control = cpu_to_le16(bar_control);
320 bar->start_seq_num = cpu_to_le16(ssn);
321
322 ieee80211_tx_skb(sdata, skb, 0);
323}
324
325void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
326 u16 initiator, u16 reason)
327{
328 struct ieee80211_local *local = sdata->local;
329 struct ieee80211_hw *hw = &local->hw;
330 struct sta_info *sta;
331 int ret, i;
332
333 rcu_read_lock();
334
335 sta = sta_info_get(local, ra);
336 if (!sta) {
337 rcu_read_unlock();
338 return;
339 }
340
341 /* check if TID is in operational state */
342 spin_lock_bh(&sta->lock);
343 if (sta->ampdu_mlme.tid_state_rx[tid]
344 != HT_AGG_STATE_OPERATIONAL) {
345 spin_unlock_bh(&sta->lock);
346 rcu_read_unlock();
347 return;
348 }
349 sta->ampdu_mlme.tid_state_rx[tid] =
350 HT_AGG_STATE_REQ_STOP_BA_MSK |
351 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
352 spin_unlock_bh(&sta->lock);
353
354 /* stop HW Rx aggregation. ampdu_action existence
355 * already verified in session init so we add the BUG_ON */
356 BUG_ON(!local->ops->ampdu_action);
357
358#ifdef CONFIG_MAC80211_HT_DEBUG
359 printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n",
360 ra, tid);
361#endif /* CONFIG_MAC80211_HT_DEBUG */
362
363 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
364 &sta->sta, tid, NULL);
365 if (ret)
366 printk(KERN_DEBUG "HW problem - can not stop rx "
367 "aggregation for tid %d\n", tid);
368
369 /* shutdown timer has not expired */
370 if (initiator != WLAN_BACK_TIMER)
371 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
372
373 /* check if this is a self generated aggregation halt */
374 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
375 ieee80211_send_delba(sdata, ra, tid, 0, reason);
376
377 /* free the reordering buffer */
378 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
379 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
380 /* release the reordered frames */
381 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
382 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
383 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
384 }
385 }
386 /* free resources */
387 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
388 kfree(sta->ampdu_mlme.tid_rx[tid]);
389 sta->ampdu_mlme.tid_rx[tid] = NULL;
390 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
391
392 rcu_read_unlock();
393}
394
395
396/*
397 * After sending add Block Ack request we activated a timer until
398 * add Block Ack response will arrive from the recipient.
399 * If this timer expires sta_addba_resp_timer_expired will be executed.
400 */
401static void sta_addba_resp_timer_expired(unsigned long data)
402{
403 /* not an elegant detour, but there is no choice as the timer passes
404 * only one argument, and both sta_info and TID are needed, so init
405 * flow in sta_info_create gives the TID as data, while the timer_to_id
406 * array gives the sta through container_of */
407 u16 tid = *(u8 *)data;
408 struct sta_info *temp_sta = container_of((void *)data,
409 struct sta_info, timer_to_tid[tid]);
410
411 struct ieee80211_local *local = temp_sta->local;
412 struct ieee80211_hw *hw = &local->hw;
413 struct sta_info *sta;
414 u8 *state;
415
416 rcu_read_lock();
417
418 sta = sta_info_get(local, temp_sta->sta.addr);
419 if (!sta) {
420 rcu_read_unlock();
421 return;
422 }
423
424 state = &sta->ampdu_mlme.tid_state_tx[tid];
425 /* check if the TID waits for addBA response */
426 spin_lock_bh(&sta->lock);
427 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
428 spin_unlock_bh(&sta->lock);
429 *state = HT_AGG_STATE_IDLE;
430#ifdef CONFIG_MAC80211_HT_DEBUG
431 printk(KERN_DEBUG "timer expired on tid %d but we are not "
432 "expecting addBA response there", tid);
433#endif
434 goto timer_expired_exit;
435 }
436
437#ifdef CONFIG_MAC80211_HT_DEBUG
438 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
439#endif
440
441 /* go through the state check in stop_BA_session */
442 *state = HT_AGG_STATE_OPERATIONAL;
443 spin_unlock_bh(&sta->lock);
444 ieee80211_stop_tx_ba_session(hw, temp_sta->sta.addr, tid,
445 WLAN_BACK_INITIATOR);
446
447timer_expired_exit:
448 rcu_read_unlock();
449}
450
451void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr)
452{
453 struct ieee80211_local *local = sdata->local;
454 int i;
455
456 for (i = 0; i < STA_TID_NUM; i++) {
457 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
458 WLAN_BACK_INITIATOR);
459 ieee80211_sta_stop_rx_ba_session(sdata, addr, i,
460 WLAN_BACK_RECIPIENT,
461 WLAN_REASON_QSTA_LEAVE_QBSS);
462 }
463}
464
465int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
466{
467 struct ieee80211_local *local = hw_to_local(hw);
468 struct sta_info *sta;
469 struct ieee80211_sub_if_data *sdata;
470 u16 start_seq_num;
471 u8 *state;
472 int ret = 0;
473
474 if ((tid >= STA_TID_NUM) || !(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
475 return -EINVAL;
476
477#ifdef CONFIG_MAC80211_HT_DEBUG
478 printk(KERN_DEBUG "Open BA session requested for %pM tid %u\n",
479 ra, tid);
480#endif /* CONFIG_MAC80211_HT_DEBUG */
481
482 rcu_read_lock();
483
484 sta = sta_info_get(local, ra);
485 if (!sta) {
486#ifdef CONFIG_MAC80211_HT_DEBUG
487 printk(KERN_DEBUG "Could not find the station\n");
488#endif
489 ret = -ENOENT;
490 goto exit;
491 }
492
493 spin_lock_bh(&sta->lock);
494
495 /* we have tried too many times, receiver does not want A-MPDU */
496 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
497 ret = -EBUSY;
498 goto err_unlock_sta;
499 }
500
501 state = &sta->ampdu_mlme.tid_state_tx[tid];
502 /* check if the TID is not in aggregation flow already */
503 if (*state != HT_AGG_STATE_IDLE) {
504#ifdef CONFIG_MAC80211_HT_DEBUG
505 printk(KERN_DEBUG "BA request denied - session is not "
506 "idle on tid %u\n", tid);
507#endif /* CONFIG_MAC80211_HT_DEBUG */
508 ret = -EAGAIN;
509 goto err_unlock_sta;
510 }
511
512 /* prepare A-MPDU MLME for Tx aggregation */
513 sta->ampdu_mlme.tid_tx[tid] =
514 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
515 if (!sta->ampdu_mlme.tid_tx[tid]) {
516#ifdef CONFIG_MAC80211_HT_DEBUG
517 if (net_ratelimit())
518 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
519 tid);
520#endif
521 ret = -ENOMEM;
522 goto err_unlock_sta;
523 }
524 /* Tx timer */
525 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
526 sta_addba_resp_timer_expired;
527 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
528 (unsigned long)&sta->timer_to_tid[tid];
529 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
530
531 if (hw->ampdu_queues) {
532 /* create a new queue for this aggregation */
533 ret = ieee80211_ht_agg_queue_add(local, sta, tid);
534
535 /* case no queue is available to aggregation
536 * don't switch to aggregation */
537 if (ret) {
538#ifdef CONFIG_MAC80211_HT_DEBUG
539 printk(KERN_DEBUG "BA request denied - "
540 "queue unavailable for tid %d\n", tid);
541#endif /* CONFIG_MAC80211_HT_DEBUG */
542 goto err_unlock_queue;
543 }
544 }
545 sdata = sta->sdata;
546
547 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
548 * call back right away, it must see that the flow has begun */
549 *state |= HT_ADDBA_REQUESTED_MSK;
550
551 /* This is slightly racy because the queue isn't stopped */
552 start_seq_num = sta->tid_seq[tid];
553
554 if (local->ops->ampdu_action)
555 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
556 &sta->sta, tid, &start_seq_num);
557
558 if (ret) {
559 /* No need to requeue the packets in the agg queue, since we
560 * held the tx lock: no packet could be enqueued to the newly
561 * allocated queue */
562 if (hw->ampdu_queues)
563 ieee80211_ht_agg_queue_remove(local, sta, tid, 0);
564#ifdef CONFIG_MAC80211_HT_DEBUG
565 printk(KERN_DEBUG "BA request denied - HW unavailable for"
566 " tid %d\n", tid);
567#endif /* CONFIG_MAC80211_HT_DEBUG */
568 *state = HT_AGG_STATE_IDLE;
569 goto err_unlock_queue;
570 }
571
572 /* Will put all the packets in the new SW queue */
573 if (hw->ampdu_queues)
574 ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
575 spin_unlock_bh(&sta->lock);
576
577 /* send an addBA request */
578 sta->ampdu_mlme.dialog_token_allocator++;
579 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
580 sta->ampdu_mlme.dialog_token_allocator;
581 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
582
583
584 ieee80211_send_addba_request(sta->sdata, ra, tid,
585 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
586 sta->ampdu_mlme.tid_tx[tid]->ssn,
587 0x40, 5000);
588 /* activate the timer for the recipient's addBA response */
589 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
590 jiffies + ADDBA_RESP_INTERVAL;
591 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
592#ifdef CONFIG_MAC80211_HT_DEBUG
593 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
594#endif
595 goto exit;
596
597err_unlock_queue:
598 kfree(sta->ampdu_mlme.tid_tx[tid]);
599 sta->ampdu_mlme.tid_tx[tid] = NULL;
600 ret = -EBUSY;
601err_unlock_sta:
602 spin_unlock_bh(&sta->lock);
603exit:
604 rcu_read_unlock();
605 return ret;
606}
607EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
608
609int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
610 u8 *ra, u16 tid,
611 enum ieee80211_back_parties initiator)
612{
613 struct ieee80211_local *local = hw_to_local(hw);
614 struct sta_info *sta;
615 u8 *state;
616 int ret = 0;
617
618 if (tid >= STA_TID_NUM)
619 return -EINVAL;
620
621 rcu_read_lock();
622 sta = sta_info_get(local, ra);
623 if (!sta) {
624 rcu_read_unlock();
625 return -ENOENT;
626 }
627
628 /* check if the TID is in aggregation */
629 state = &sta->ampdu_mlme.tid_state_tx[tid];
630 spin_lock_bh(&sta->lock);
631
632 if (*state != HT_AGG_STATE_OPERATIONAL) {
633 ret = -ENOENT;
634 goto stop_BA_exit;
635 }
636
637#ifdef CONFIG_MAC80211_HT_DEBUG
638 printk(KERN_DEBUG "Tx BA session stop requested for %pM tid %u\n",
639 ra, tid);
640#endif /* CONFIG_MAC80211_HT_DEBUG */
641
642 if (hw->ampdu_queues)
643 ieee80211_stop_queue(hw, sta->tid_to_tx_q[tid]);
644
645 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
646 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
647
648 if (local->ops->ampdu_action)
649 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_STOP,
650 &sta->sta, tid, NULL);
651
652 /* case HW denied going back to legacy */
653 if (ret) {
654 WARN_ON(ret != -EBUSY);
655 *state = HT_AGG_STATE_OPERATIONAL;
656 if (hw->ampdu_queues)
657 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
658 goto stop_BA_exit;
659 }
660
661stop_BA_exit:
662 spin_unlock_bh(&sta->lock);
663 rcu_read_unlock();
664 return ret;
665}
666EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
667
668void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
669{
670 struct ieee80211_local *local = hw_to_local(hw);
671 struct sta_info *sta;
672 u8 *state;
673
674 if (tid >= STA_TID_NUM) {
675#ifdef CONFIG_MAC80211_HT_DEBUG
676 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
677 tid, STA_TID_NUM);
678#endif
679 return;
680 }
681
682 rcu_read_lock();
683 sta = sta_info_get(local, ra);
684 if (!sta) {
685 rcu_read_unlock();
686#ifdef CONFIG_MAC80211_HT_DEBUG
687 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
688#endif
689 return;
690 }
691
692 state = &sta->ampdu_mlme.tid_state_tx[tid];
693 spin_lock_bh(&sta->lock);
694
695 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
696#ifdef CONFIG_MAC80211_HT_DEBUG
697 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
698 *state);
699#endif
700 spin_unlock_bh(&sta->lock);
701 rcu_read_unlock();
702 return;
703 }
704
705 WARN_ON_ONCE(*state & HT_ADDBA_DRV_READY_MSK);
706
707 *state |= HT_ADDBA_DRV_READY_MSK;
708
709 if (*state == HT_AGG_STATE_OPERATIONAL) {
710#ifdef CONFIG_MAC80211_HT_DEBUG
711 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
712#endif
713 if (hw->ampdu_queues)
714 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
715 }
716 spin_unlock_bh(&sta->lock);
717 rcu_read_unlock();
718}
719EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
720
721void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
722{
723 struct ieee80211_local *local = hw_to_local(hw);
724 struct sta_info *sta;
725 u8 *state;
726 int agg_queue;
727
728 if (tid >= STA_TID_NUM) {
729#ifdef CONFIG_MAC80211_HT_DEBUG
730 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
731 tid, STA_TID_NUM);
732#endif
733 return;
734 }
735
736#ifdef CONFIG_MAC80211_HT_DEBUG
737 printk(KERN_DEBUG "Stopping Tx BA session for %pM tid %d\n",
738 ra, tid);
739#endif /* CONFIG_MAC80211_HT_DEBUG */
740
741 rcu_read_lock();
742 sta = sta_info_get(local, ra);
743 if (!sta) {
744#ifdef CONFIG_MAC80211_HT_DEBUG
745 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
746#endif
747 rcu_read_unlock();
748 return;
749 }
750 state = &sta->ampdu_mlme.tid_state_tx[tid];
751
752 /* NOTE: no need to use sta->lock in this state check, as
753 * ieee80211_stop_tx_ba_session will let only one stop call to
754 * pass through per sta/tid
755 */
756 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
757#ifdef CONFIG_MAC80211_HT_DEBUG
758 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
759#endif
760 rcu_read_unlock();
761 return;
762 }
763
764 if (*state & HT_AGG_STATE_INITIATOR_MSK)
765 ieee80211_send_delba(sta->sdata, ra, tid,
766 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
767
768 if (hw->ampdu_queues) {
769 agg_queue = sta->tid_to_tx_q[tid];
770 ieee80211_ht_agg_queue_remove(local, sta, tid, 1);
771
772 /* We just requeued the all the frames that were in the
773 * removed queue, and since we might miss a softirq we do
774 * netif_schedule_queue. ieee80211_wake_queue is not used
775 * here as this queue is not necessarily stopped
776 */
777 netif_schedule_queue(netdev_get_tx_queue(local->mdev,
778 agg_queue));
779 }
780 spin_lock_bh(&sta->lock);
781 *state = HT_AGG_STATE_IDLE;
782 sta->ampdu_mlme.addba_req_num[tid] = 0;
783 kfree(sta->ampdu_mlme.tid_tx[tid]);
784 sta->ampdu_mlme.tid_tx[tid] = NULL;
785 spin_unlock_bh(&sta->lock);
786
787 rcu_read_unlock();
788}
789EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
790
791void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
792 const u8 *ra, u16 tid)
793{
794 struct ieee80211_local *local = hw_to_local(hw);
795 struct ieee80211_ra_tid *ra_tid;
796 struct sk_buff *skb = dev_alloc_skb(0);
797
798 if (unlikely(!skb)) {
799#ifdef CONFIG_MAC80211_HT_DEBUG
800 if (net_ratelimit())
801 printk(KERN_WARNING "%s: Not enough memory, "
802 "dropping start BA session", skb->dev->name);
803#endif
804 return;
805 }
806 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
807 memcpy(&ra_tid->ra, ra, ETH_ALEN);
808 ra_tid->tid = tid;
809
810 skb->pkt_type = IEEE80211_ADDBA_MSG;
811 skb_queue_tail(&local->skb_queue, skb);
812 tasklet_schedule(&local->tasklet);
813}
814EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
815
816void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
817 const u8 *ra, u16 tid)
818{
819 struct ieee80211_local *local = hw_to_local(hw);
820 struct ieee80211_ra_tid *ra_tid;
821 struct sk_buff *skb = dev_alloc_skb(0);
822
823 if (unlikely(!skb)) {
824#ifdef CONFIG_MAC80211_HT_DEBUG
825 if (net_ratelimit())
826 printk(KERN_WARNING "%s: Not enough memory, "
827 "dropping stop BA session", skb->dev->name);
828#endif
829 return;
830 }
831 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
832 memcpy(&ra_tid->ra, ra, ETH_ALEN);
833 ra_tid->tid = tid;
834
835 skb->pkt_type = IEEE80211_DELBA_MSG;
836 skb_queue_tail(&local->skb_queue, skb);
837 tasklet_schedule(&local->tasklet);
838}
839EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
840
841/*
842 * After accepting the AddBA Request we activated a timer,
843 * resetting it after each frame that arrives from the originator.
844 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
845 */
846static void sta_rx_agg_session_timer_expired(unsigned long data)
847{
848 /* not an elegant detour, but there is no choice as the timer passes
849 * only one argument, and various sta_info are needed here, so init
850 * flow in sta_info_create gives the TID as data, while the timer_to_id
851 * array gives the sta through container_of */
852 u8 *ptid = (u8 *)data;
853 u8 *timer_to_id = ptid - *ptid;
854 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
855 timer_to_tid[0]);
856
857#ifdef CONFIG_MAC80211_HT_DEBUG
858 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
859#endif
860 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->sta.addr,
861 (u16)*ptid, WLAN_BACK_TIMER,
862 WLAN_REASON_QSTA_TIMEOUT);
863}
864
865void ieee80211_process_addba_request(struct ieee80211_local *local,
866 struct sta_info *sta,
867 struct ieee80211_mgmt *mgmt,
868 size_t len)
869{
870 struct ieee80211_hw *hw = &local->hw;
871 struct ieee80211_conf *conf = &hw->conf;
872 struct tid_ampdu_rx *tid_agg_rx;
873 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
874 u8 dialog_token;
875 int ret = -EOPNOTSUPP;
876
877 /* extract session parameters from addba request frame */
878 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
879 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
880 start_seq_num =
881 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
882
883 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
884 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
885 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
886 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
887
888 status = WLAN_STATUS_REQUEST_DECLINED;
889
890 /* sanity check for incoming parameters:
891 * check if configuration can support the BA policy
892 * and if buffer size does not exceeds max value */
893 /* XXX: check own ht delayed BA capability?? */
894 if (((ba_policy != 1)
895 && (!(sta->sta.ht_cap.cap & IEEE80211_HT_CAP_DELAY_BA)))
896 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
897 status = WLAN_STATUS_INVALID_QOS_PARAM;
898#ifdef CONFIG_MAC80211_HT_DEBUG
899 if (net_ratelimit())
900 printk(KERN_DEBUG "AddBA Req with bad params from "
901 "%pM on tid %u. policy %d, buffer size %d\n",
902 mgmt->sa, tid, ba_policy,
903 buf_size);
904#endif /* CONFIG_MAC80211_HT_DEBUG */
905 goto end_no_lock;
906 }
907 /* determine default buffer size */
908 if (buf_size == 0) {
909 struct ieee80211_supported_band *sband;
910
911 sband = local->hw.wiphy->bands[conf->channel->band];
912 buf_size = IEEE80211_MIN_AMPDU_BUF;
913 buf_size = buf_size << sband->ht_cap.ampdu_factor;
914 }
915
916
917 /* examine state machine */
918 spin_lock_bh(&sta->lock);
919
920 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
921#ifdef CONFIG_MAC80211_HT_DEBUG
922 if (net_ratelimit())
923 printk(KERN_DEBUG "unexpected AddBA Req from "
924 "%pM on tid %u\n",
925 mgmt->sa, tid);
926#endif /* CONFIG_MAC80211_HT_DEBUG */
927 goto end;
928 }
929
930 /* prepare A-MPDU MLME for Rx aggregation */
931 sta->ampdu_mlme.tid_rx[tid] =
932 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
933 if (!sta->ampdu_mlme.tid_rx[tid]) {
934#ifdef CONFIG_MAC80211_HT_DEBUG
935 if (net_ratelimit())
936 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
937 tid);
938#endif
939 goto end;
940 }
941 /* rx timer */
942 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
943 sta_rx_agg_session_timer_expired;
944 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
945 (unsigned long)&sta->timer_to_tid[tid];
946 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
947
948 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
949
950 /* prepare reordering buffer */
951 tid_agg_rx->reorder_buf =
952 kmalloc(buf_size * sizeof(struct sk_buff *), GFP_ATOMIC);
953 if (!tid_agg_rx->reorder_buf) {
954#ifdef CONFIG_MAC80211_HT_DEBUG
955 if (net_ratelimit())
956 printk(KERN_ERR "can not allocate reordering buffer "
957 "to tid %d\n", tid);
958#endif
959 kfree(sta->ampdu_mlme.tid_rx[tid]);
960 goto end;
961 }
962 memset(tid_agg_rx->reorder_buf, 0,
963 buf_size * sizeof(struct sk_buff *));
964
965 if (local->ops->ampdu_action)
966 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
967 &sta->sta, tid, &start_seq_num);
968#ifdef CONFIG_MAC80211_HT_DEBUG
969 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
970#endif /* CONFIG_MAC80211_HT_DEBUG */
971
972 if (ret) {
973 kfree(tid_agg_rx->reorder_buf);
974 kfree(tid_agg_rx);
975 sta->ampdu_mlme.tid_rx[tid] = NULL;
976 goto end;
977 }
978
979 /* change state and send addba resp */
980 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
981 tid_agg_rx->dialog_token = dialog_token;
982 tid_agg_rx->ssn = start_seq_num;
983 tid_agg_rx->head_seq_num = start_seq_num;
984 tid_agg_rx->buf_size = buf_size;
985 tid_agg_rx->timeout = timeout;
986 tid_agg_rx->stored_mpdu_num = 0;
987 status = WLAN_STATUS_SUCCESS;
988end:
989 spin_unlock_bh(&sta->lock);
990
991end_no_lock:
992 ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid,
993 dialog_token, status, 1, buf_size, timeout);
994}
995
996void ieee80211_process_addba_resp(struct ieee80211_local *local,
997 struct sta_info *sta,
998 struct ieee80211_mgmt *mgmt,
999 size_t len)
1000{
1001 struct ieee80211_hw *hw = &local->hw;
1002 u16 capab;
1003 u16 tid, start_seq_num;
1004 u8 *state;
1005
1006 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1007 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1008
1009 state = &sta->ampdu_mlme.tid_state_tx[tid];
1010
1011 spin_lock_bh(&sta->lock);
1012
1013 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1014 spin_unlock_bh(&sta->lock);
1015 return;
1016 }
1017
1018 if (mgmt->u.action.u.addba_resp.dialog_token !=
1019 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1020 spin_unlock_bh(&sta->lock);
1021#ifdef CONFIG_MAC80211_HT_DEBUG
1022 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1023#endif /* CONFIG_MAC80211_HT_DEBUG */
1024 return;
1025 }
1026
1027 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1028#ifdef CONFIG_MAC80211_HT_DEBUG
1029 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1030#endif /* CONFIG_MAC80211_HT_DEBUG */
1031 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1032 == WLAN_STATUS_SUCCESS) {
1033 *state |= HT_ADDBA_RECEIVED_MSK;
1034 sta->ampdu_mlme.addba_req_num[tid] = 0;
1035
1036 if (*state == HT_AGG_STATE_OPERATIONAL &&
1037 local->hw.ampdu_queues)
1038 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1039
1040 if (local->ops->ampdu_action) {
1041 (void)local->ops->ampdu_action(hw,
1042 IEEE80211_AMPDU_TX_RESUME,
1043 &sta->sta, tid, &start_seq_num);
1044 }
1045#ifdef CONFIG_MAC80211_HT_DEBUG
1046 printk(KERN_DEBUG "Resuming TX aggregation for tid %d\n", tid);
1047#endif /* CONFIG_MAC80211_HT_DEBUG */
1048 spin_unlock_bh(&sta->lock);
1049 } else {
1050 sta->ampdu_mlme.addba_req_num[tid]++;
1051 /* this will allow the state check in stop_BA_session */
1052 *state = HT_AGG_STATE_OPERATIONAL;
1053 spin_unlock_bh(&sta->lock);
1054 ieee80211_stop_tx_ba_session(hw, sta->sta.addr, tid,
1055 WLAN_BACK_INITIATOR);
1056 }
1057} 222}
1058 223
1059void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata, 224void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata,
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
new file mode 100644
index 000000000000..3201e1f96365
--- /dev/null
+++ b/net/mac80211/ibss.c
@@ -0,0 +1,908 @@
1/*
2 * IBSS mode implementation
3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 * Copyright 2009, Johannes Berg <johannes@sipsolutions.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2 as
12 * published by the Free Software Foundation.
13 */
14
15#include <linux/delay.h>
16#include <linux/if_ether.h>
17#include <linux/skbuff.h>
18#include <linux/if_arp.h>
19#include <linux/etherdevice.h>
20#include <linux/rtnetlink.h>
21#include <net/mac80211.h>
22#include <asm/unaligned.h>
23
24#include "ieee80211_i.h"
25#include "rate.h"
26
27#define IEEE80211_SCAN_INTERVAL (2 * HZ)
28#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
29#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
30
31#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
32#define IEEE80211_IBSS_MERGE_DELAY 0x400000
33#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
34
35#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
36
37
38static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
39 struct ieee80211_mgmt *mgmt,
40 size_t len)
41{
42 u16 auth_alg, auth_transaction, status_code;
43
44 if (len < 24 + 6)
45 return;
46
47 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
48 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
49 status_code = le16_to_cpu(mgmt->u.auth.status_code);
50
51 /*
52 * IEEE 802.11 standard does not require authentication in IBSS
53 * networks and most implementations do not seem to use it.
54 * However, try to reply to authentication attempts if someone
55 * has actually implemented this.
56 */
57 if (auth_alg == WLAN_AUTH_OPEN && auth_transaction == 1)
58 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0,
59 sdata->u.ibss.bssid, 0);
60}
61
62static int __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
63 const u8 *bssid, const int beacon_int,
64 const int freq,
65 const size_t supp_rates_len,
66 const u8 *supp_rates,
67 const u16 capability, u64 tsf)
68{
69 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
70 struct ieee80211_local *local = sdata->local;
71 int res = 0, rates, i, j;
72 struct sk_buff *skb;
73 struct ieee80211_mgmt *mgmt;
74 u8 *pos;
75 struct ieee80211_supported_band *sband;
76 union iwreq_data wrqu;
77
78 if (local->ops->reset_tsf) {
79 /* Reset own TSF to allow time synchronization work. */
80 local->ops->reset_tsf(local_to_hw(local));
81 }
82
83 if ((ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET) &&
84 memcmp(ifibss->bssid, bssid, ETH_ALEN) == 0)
85 return res;
86
87 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
88 if (!skb) {
89 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
90 "response\n", sdata->dev->name);
91 return -ENOMEM;
92 }
93
94 if (!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET)) {
95 /* Remove possible STA entries from other IBSS networks. */
96 sta_info_flush_delayed(sdata);
97 }
98
99 memcpy(ifibss->bssid, bssid, ETH_ALEN);
100 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
101 if (res)
102 return res;
103
104 local->hw.conf.beacon_int = beacon_int >= 10 ? beacon_int : 10;
105
106 sdata->drop_unencrypted = capability &
107 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
108
109 res = ieee80211_set_freq(sdata, freq);
110
111 if (res)
112 return res;
113
114 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
115
116 /* Build IBSS probe response */
117
118 skb_reserve(skb, local->hw.extra_tx_headroom);
119
120 mgmt = (struct ieee80211_mgmt *)
121 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
122 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
123 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
124 IEEE80211_STYPE_PROBE_RESP);
125 memset(mgmt->da, 0xff, ETH_ALEN);
126 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
127 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
128 mgmt->u.beacon.beacon_int =
129 cpu_to_le16(local->hw.conf.beacon_int);
130 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
131 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
132
133 pos = skb_put(skb, 2 + ifibss->ssid_len);
134 *pos++ = WLAN_EID_SSID;
135 *pos++ = ifibss->ssid_len;
136 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
137
138 rates = supp_rates_len;
139 if (rates > 8)
140 rates = 8;
141 pos = skb_put(skb, 2 + rates);
142 *pos++ = WLAN_EID_SUPP_RATES;
143 *pos++ = rates;
144 memcpy(pos, supp_rates, rates);
145
146 if (sband->band == IEEE80211_BAND_2GHZ) {
147 pos = skb_put(skb, 2 + 1);
148 *pos++ = WLAN_EID_DS_PARAMS;
149 *pos++ = 1;
150 *pos++ = ieee80211_frequency_to_channel(freq);
151 }
152
153 pos = skb_put(skb, 2 + 2);
154 *pos++ = WLAN_EID_IBSS_PARAMS;
155 *pos++ = 2;
156 /* FIX: set ATIM window based on scan results */
157 *pos++ = 0;
158 *pos++ = 0;
159
160 if (supp_rates_len > 8) {
161 rates = supp_rates_len - 8;
162 pos = skb_put(skb, 2 + rates);
163 *pos++ = WLAN_EID_EXT_SUPP_RATES;
164 *pos++ = rates;
165 memcpy(pos, &supp_rates[8], rates);
166 }
167
168 ifibss->probe_resp = skb;
169
170 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON |
171 IEEE80211_IFCC_BEACON_ENABLED);
172
173
174 rates = 0;
175 for (i = 0; i < supp_rates_len; i++) {
176 int bitrate = (supp_rates[i] & 0x7f) * 5;
177 for (j = 0; j < sband->n_bitrates; j++)
178 if (sband->bitrates[j].bitrate == bitrate)
179 rates |= BIT(j);
180 }
181
182 ieee80211_sta_def_wmm_params(sdata, supp_rates_len, supp_rates);
183
184 ifibss->flags |= IEEE80211_IBSS_PREV_BSSID_SET;
185 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
186 mod_timer(&ifibss->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
187
188 memset(&wrqu, 0, sizeof(wrqu));
189 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
190 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
191
192 return res;
193}
194
195static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
196 struct ieee80211_bss *bss)
197{
198 return __ieee80211_sta_join_ibss(sdata,
199 bss->cbss.bssid,
200 bss->cbss.beacon_interval,
201 bss->cbss.channel->center_freq,
202 bss->supp_rates_len, bss->supp_rates,
203 bss->cbss.capability,
204 bss->cbss.tsf);
205}
206
207static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
208 struct ieee80211_mgmt *mgmt,
209 size_t len,
210 struct ieee80211_rx_status *rx_status,
211 struct ieee802_11_elems *elems,
212 bool beacon)
213{
214 struct ieee80211_local *local = sdata->local;
215 int freq;
216 struct ieee80211_bss *bss;
217 struct sta_info *sta;
218 struct ieee80211_channel *channel;
219 u64 beacon_timestamp, rx_timestamp;
220 u32 supp_rates = 0;
221 enum ieee80211_band band = rx_status->band;
222
223 if (elems->ds_params && elems->ds_params_len == 1)
224 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
225 else
226 freq = rx_status->freq;
227
228 channel = ieee80211_get_channel(local->hw.wiphy, freq);
229
230 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
231 return;
232
233 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && elems->supp_rates &&
234 memcmp(mgmt->bssid, sdata->u.ibss.bssid, ETH_ALEN) == 0) {
235 supp_rates = ieee80211_sta_get_rates(local, elems, band);
236
237 rcu_read_lock();
238
239 sta = sta_info_get(local, mgmt->sa);
240 if (sta) {
241 u32 prev_rates;
242
243 prev_rates = sta->sta.supp_rates[band];
244 /* make sure mandatory rates are always added */
245 sta->sta.supp_rates[band] = supp_rates |
246 ieee80211_mandatory_rates(local, band);
247
248#ifdef CONFIG_MAC80211_IBSS_DEBUG
249 if (sta->sta.supp_rates[band] != prev_rates)
250 printk(KERN_DEBUG "%s: updated supp_rates set "
251 "for %pM based on beacon info (0x%llx | "
252 "0x%llx -> 0x%llx)\n",
253 sdata->dev->name,
254 sta->sta.addr,
255 (unsigned long long) prev_rates,
256 (unsigned long long) supp_rates,
257 (unsigned long long) sta->sta.supp_rates[band]);
258#endif
259 } else
260 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
261
262 rcu_read_unlock();
263 }
264
265 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
266 channel, beacon);
267 if (!bss)
268 return;
269
270 /* was just updated in ieee80211_bss_info_update */
271 beacon_timestamp = bss->cbss.tsf;
272
273 /* check if we need to merge IBSS */
274
275 /* merge only on beacons (???) */
276 if (!beacon)
277 goto put_bss;
278
279 /* we use a fixed BSSID */
280 if (sdata->u.ibss.flags & IEEE80211_IBSS_BSSID_SET)
281 goto put_bss;
282
283 /* not an IBSS */
284 if (!(bss->cbss.capability & WLAN_CAPABILITY_IBSS))
285 goto put_bss;
286
287 /* different channel */
288 if (bss->cbss.channel != local->oper_channel)
289 goto put_bss;
290
291 /* different SSID */
292 if (elems->ssid_len != sdata->u.ibss.ssid_len ||
293 memcmp(elems->ssid, sdata->u.ibss.ssid,
294 sdata->u.ibss.ssid_len))
295 goto put_bss;
296
297 /* same BSSID */
298 if (memcmp(bss->cbss.bssid, sdata->u.ibss.bssid, ETH_ALEN) == 0)
299 goto put_bss;
300
301 if (rx_status->flag & RX_FLAG_TSFT) {
302 /*
303 * For correct IBSS merging we need mactime; since mactime is
304 * defined as the time the first data symbol of the frame hits
305 * the PHY, and the timestamp of the beacon is defined as "the
306 * time that the data symbol containing the first bit of the
307 * timestamp is transmitted to the PHY plus the transmitting
308 * STA's delays through its local PHY from the MAC-PHY
309 * interface to its interface with the WM" (802.11 11.1.2)
310 * - equals the time this bit arrives at the receiver - we have
311 * to take into account the offset between the two.
312 *
313 * E.g. at 1 MBit that means mactime is 192 usec earlier
314 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
315 */
316 int rate;
317
318 if (rx_status->flag & RX_FLAG_HT)
319 rate = 65; /* TODO: HT rates */
320 else
321 rate = local->hw.wiphy->bands[band]->
322 bitrates[rx_status->rate_idx].bitrate;
323
324 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
325 } else if (local && local->ops && local->ops->get_tsf)
326 /* second best option: get current TSF */
327 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
328 else
329 /* can't merge without knowing the TSF */
330 rx_timestamp = -1LLU;
331
332#ifdef CONFIG_MAC80211_IBSS_DEBUG
333 printk(KERN_DEBUG "RX beacon SA=%pM BSSID="
334 "%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
335 mgmt->sa, mgmt->bssid,
336 (unsigned long long)rx_timestamp,
337 (unsigned long long)beacon_timestamp,
338 (unsigned long long)(rx_timestamp - beacon_timestamp),
339 jiffies);
340#endif
341
342 /* give slow hardware some time to do the TSF sync */
343 if (rx_timestamp < IEEE80211_IBSS_MERGE_DELAY)
344 goto put_bss;
345
346 if (beacon_timestamp > rx_timestamp) {
347#ifdef CONFIG_MAC80211_IBSS_DEBUG
348 printk(KERN_DEBUG "%s: beacon TSF higher than "
349 "local TSF - IBSS merge with BSSID %pM\n",
350 sdata->dev->name, mgmt->bssid);
351#endif
352 ieee80211_sta_join_ibss(sdata, bss);
353 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
354 }
355
356 put_bss:
357 ieee80211_rx_bss_put(local, bss);
358}
359
360/*
361 * Add a new IBSS station, will also be called by the RX code when,
362 * in IBSS mode, receiving a frame from a yet-unknown station, hence
363 * must be callable in atomic context.
364 */
365struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
366 u8 *bssid,u8 *addr, u32 supp_rates)
367{
368 struct ieee80211_local *local = sdata->local;
369 struct sta_info *sta;
370 int band = local->hw.conf.channel->band;
371
372 /* TODO: Could consider removing the least recently used entry and
373 * allow new one to be added. */
374 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
375 if (net_ratelimit()) {
376 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
377 "entry %pM\n", sdata->dev->name, addr);
378 }
379 return NULL;
380 }
381
382 if (compare_ether_addr(bssid, sdata->u.ibss.bssid))
383 return NULL;
384
385#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
386 printk(KERN_DEBUG "%s: Adding new IBSS station %pM (dev=%s)\n",
387 wiphy_name(local->hw.wiphy), addr, sdata->dev->name);
388#endif
389
390 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
391 if (!sta)
392 return NULL;
393
394 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
395
396 /* make sure mandatory rates are always added */
397 sta->sta.supp_rates[band] = supp_rates |
398 ieee80211_mandatory_rates(local, band);
399
400 rate_control_rate_init(sta);
401
402 if (sta_info_insert(sta))
403 return NULL;
404
405 return sta;
406}
407
408static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
409{
410 struct ieee80211_local *local = sdata->local;
411 int active = 0;
412 struct sta_info *sta;
413
414 rcu_read_lock();
415
416 list_for_each_entry_rcu(sta, &local->sta_list, list) {
417 if (sta->sdata == sdata &&
418 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
419 jiffies)) {
420 active++;
421 break;
422 }
423 }
424
425 rcu_read_unlock();
426
427 return active;
428}
429
430
431static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
432{
433 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
434
435 mod_timer(&ifibss->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
436
437 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
438 if (ieee80211_sta_active_ibss(sdata))
439 return;
440
441 if ((ifibss->flags & IEEE80211_IBSS_BSSID_SET) &&
442 (!(ifibss->flags & IEEE80211_IBSS_AUTO_CHANNEL_SEL)))
443 return;
444
445 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
446 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
447
448 /* XXX maybe racy? */
449 if (sdata->local->scan_req)
450 return;
451
452 memcpy(sdata->local->int_scan_req.ssids[0].ssid,
453 ifibss->ssid, IEEE80211_MAX_SSID_LEN);
454 sdata->local->int_scan_req.ssids[0].ssid_len = ifibss->ssid_len;
455 ieee80211_request_scan(sdata, &sdata->local->int_scan_req);
456}
457
458static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
459{
460 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
461 struct ieee80211_local *local = sdata->local;
462 struct ieee80211_supported_band *sband;
463 u8 *pos;
464 u8 bssid[ETH_ALEN];
465 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
466 u16 capability;
467 int i;
468
469 if (ifibss->flags & IEEE80211_IBSS_BSSID_SET) {
470 memcpy(bssid, ifibss->bssid, ETH_ALEN);
471 } else {
472 /* Generate random, not broadcast, locally administered BSSID. Mix in
473 * own MAC address to make sure that devices that do not have proper
474 * random number generator get different BSSID. */
475 get_random_bytes(bssid, ETH_ALEN);
476 for (i = 0; i < ETH_ALEN; i++)
477 bssid[i] ^= sdata->dev->dev_addr[i];
478 bssid[0] &= ~0x01;
479 bssid[0] |= 0x02;
480 }
481
482 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n",
483 sdata->dev->name, bssid);
484
485 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
486
487 if (local->hw.conf.beacon_int == 0)
488 local->hw.conf.beacon_int = 100;
489
490 capability = WLAN_CAPABILITY_IBSS;
491
492 if (sdata->default_key)
493 capability |= WLAN_CAPABILITY_PRIVACY;
494 else
495 sdata->drop_unencrypted = 0;
496
497 pos = supp_rates;
498 for (i = 0; i < sband->n_bitrates; i++) {
499 int rate = sband->bitrates[i].bitrate;
500 *pos++ = (u8) (rate / 5);
501 }
502
503 return __ieee80211_sta_join_ibss(sdata,
504 bssid, local->hw.conf.beacon_int,
505 local->hw.conf.channel->center_freq,
506 sband->n_bitrates, supp_rates,
507 capability, 0);
508}
509
510static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
511{
512 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
513 struct ieee80211_local *local = sdata->local;
514 struct ieee80211_bss *bss;
515 const u8 *bssid = NULL;
516 int active_ibss;
517
518 if (ifibss->ssid_len == 0)
519 return -EINVAL;
520
521 active_ibss = ieee80211_sta_active_ibss(sdata);
522#ifdef CONFIG_MAC80211_IBSS_DEBUG
523 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
524 sdata->dev->name, active_ibss);
525#endif /* CONFIG_MAC80211_IBSS_DEBUG */
526
527 if (active_ibss)
528 return 0;
529
530 if (ifibss->flags & IEEE80211_IBSS_BSSID_SET)
531 bssid = ifibss->bssid;
532 bss = (void *)cfg80211_get_bss(local->hw.wiphy, NULL, bssid,
533 ifibss->ssid, ifibss->ssid_len,
534 WLAN_CAPABILITY_IBSS,
535 WLAN_CAPABILITY_IBSS);
536
537#ifdef CONFIG_MAC80211_IBSS_DEBUG
538 if (bss)
539 printk(KERN_DEBUG " sta_find_ibss: selected %pM current "
540 "%pM\n", bss->cbss.bssid, ifibss->bssid);
541#endif /* CONFIG_MAC80211_IBSS_DEBUG */
542
543 if (bss &&
544 (!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET) ||
545 memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN))) {
546 int ret;
547
548 printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM"
549 " based on configured SSID\n",
550 sdata->dev->name, bss->cbss.bssid);
551
552 ret = ieee80211_sta_join_ibss(sdata, bss);
553 ieee80211_rx_bss_put(local, bss);
554 return ret;
555 } else if (bss)
556 ieee80211_rx_bss_put(local, bss);
557
558#ifdef CONFIG_MAC80211_IBSS_DEBUG
559 printk(KERN_DEBUG " did not try to join ibss\n");
560#endif /* CONFIG_MAC80211_IBSS_DEBUG */
561
562 /* Selected IBSS not found in current scan results - try to scan */
563 if (ifibss->state == IEEE80211_IBSS_MLME_JOINED &&
564 !ieee80211_sta_active_ibss(sdata)) {
565 mod_timer(&ifibss->timer, jiffies +
566 IEEE80211_IBSS_MERGE_INTERVAL);
567 } else if (time_after(jiffies, local->last_scan_completed +
568 IEEE80211_SCAN_INTERVAL)) {
569 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
570 "join\n", sdata->dev->name);
571
572 /* XXX maybe racy? */
573 if (local->scan_req)
574 return -EBUSY;
575
576 memcpy(local->int_scan_req.ssids[0].ssid,
577 ifibss->ssid, IEEE80211_MAX_SSID_LEN);
578 local->int_scan_req.ssids[0].ssid_len = ifibss->ssid_len;
579 return ieee80211_request_scan(sdata, &local->int_scan_req);
580 } else if (ifibss->state != IEEE80211_IBSS_MLME_JOINED) {
581 int interval = IEEE80211_SCAN_INTERVAL;
582
583 if (time_after(jiffies, ifibss->ibss_join_req +
584 IEEE80211_IBSS_JOIN_TIMEOUT)) {
585 if (!(local->oper_channel->flags &
586 IEEE80211_CHAN_NO_IBSS))
587 return ieee80211_sta_create_ibss(sdata);
588 printk(KERN_DEBUG "%s: IBSS not allowed on"
589 " %d MHz\n", sdata->dev->name,
590 local->hw.conf.channel->center_freq);
591
592 /* No IBSS found - decrease scan interval and continue
593 * scanning. */
594 interval = IEEE80211_SCAN_INTERVAL_SLOW;
595 }
596
597 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
598 mod_timer(&ifibss->timer, jiffies + interval);
599 return 0;
600 }
601
602 return 0;
603}
604
605static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
606 struct ieee80211_mgmt *mgmt,
607 size_t len)
608{
609 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
610 struct ieee80211_local *local = sdata->local;
611 int tx_last_beacon;
612 struct sk_buff *skb;
613 struct ieee80211_mgmt *resp;
614 u8 *pos, *end;
615
616 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
617 len < 24 + 2 || !ifibss->probe_resp)
618 return;
619
620 if (local->ops->tx_last_beacon)
621 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
622 else
623 tx_last_beacon = 1;
624
625#ifdef CONFIG_MAC80211_IBSS_DEBUG
626 printk(KERN_DEBUG "%s: RX ProbeReq SA=%pM DA=%pM BSSID=%pM"
627 " (tx_last_beacon=%d)\n",
628 sdata->dev->name, mgmt->sa, mgmt->da,
629 mgmt->bssid, tx_last_beacon);
630#endif /* CONFIG_MAC80211_IBSS_DEBUG */
631
632 if (!tx_last_beacon)
633 return;
634
635 if (memcmp(mgmt->bssid, ifibss->bssid, ETH_ALEN) != 0 &&
636 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
637 return;
638
639 end = ((u8 *) mgmt) + len;
640 pos = mgmt->u.probe_req.variable;
641 if (pos[0] != WLAN_EID_SSID ||
642 pos + 2 + pos[1] > end) {
643#ifdef CONFIG_MAC80211_IBSS_DEBUG
644 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
645 "from %pM\n",
646 sdata->dev->name, mgmt->sa);
647#endif
648 return;
649 }
650 if (pos[1] != 0 &&
651 (pos[1] != ifibss->ssid_len ||
652 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len) != 0)) {
653 /* Ignore ProbeReq for foreign SSID */
654 return;
655 }
656
657 /* Reply with ProbeResp */
658 skb = skb_copy(ifibss->probe_resp, GFP_KERNEL);
659 if (!skb)
660 return;
661
662 resp = (struct ieee80211_mgmt *) skb->data;
663 memcpy(resp->da, mgmt->sa, ETH_ALEN);
664#ifdef CONFIG_MAC80211_IBSS_DEBUG
665 printk(KERN_DEBUG "%s: Sending ProbeResp to %pM\n",
666 sdata->dev->name, resp->da);
667#endif /* CONFIG_MAC80211_IBSS_DEBUG */
668 ieee80211_tx_skb(sdata, skb, 0);
669}
670
671static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
672 struct ieee80211_mgmt *mgmt,
673 size_t len,
674 struct ieee80211_rx_status *rx_status)
675{
676 size_t baselen;
677 struct ieee802_11_elems elems;
678
679 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
680 return; /* ignore ProbeResp to foreign address */
681
682 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
683 if (baselen > len)
684 return;
685
686 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
687 &elems);
688
689 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false);
690}
691
692static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
693 struct ieee80211_mgmt *mgmt,
694 size_t len,
695 struct ieee80211_rx_status *rx_status)
696{
697 size_t baselen;
698 struct ieee802_11_elems elems;
699
700 /* Process beacon from the current BSS */
701 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
702 if (baselen > len)
703 return;
704
705 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
706
707 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true);
708}
709
710static void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
711 struct sk_buff *skb)
712{
713 struct ieee80211_rx_status *rx_status;
714 struct ieee80211_mgmt *mgmt;
715 u16 fc;
716
717 rx_status = (struct ieee80211_rx_status *) skb->cb;
718 mgmt = (struct ieee80211_mgmt *) skb->data;
719 fc = le16_to_cpu(mgmt->frame_control);
720
721 switch (fc & IEEE80211_FCTL_STYPE) {
722 case IEEE80211_STYPE_PROBE_REQ:
723 ieee80211_rx_mgmt_probe_req(sdata, mgmt, skb->len);
724 break;
725 case IEEE80211_STYPE_PROBE_RESP:
726 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len,
727 rx_status);
728 break;
729 case IEEE80211_STYPE_BEACON:
730 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len,
731 rx_status);
732 break;
733 case IEEE80211_STYPE_AUTH:
734 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
735 break;
736 }
737
738 kfree_skb(skb);
739}
740
741static void ieee80211_ibss_work(struct work_struct *work)
742{
743 struct ieee80211_sub_if_data *sdata =
744 container_of(work, struct ieee80211_sub_if_data, u.ibss.work);
745 struct ieee80211_local *local = sdata->local;
746 struct ieee80211_if_ibss *ifibss;
747 struct sk_buff *skb;
748
749 if (!netif_running(sdata->dev))
750 return;
751
752 if (local->sw_scanning || local->hw_scanning)
753 return;
754
755 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_ADHOC))
756 return;
757 ifibss = &sdata->u.ibss;
758
759 while ((skb = skb_dequeue(&ifibss->skb_queue)))
760 ieee80211_ibss_rx_queued_mgmt(sdata, skb);
761
762 if (!test_and_clear_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request))
763 return;
764
765 switch (ifibss->state) {
766 case IEEE80211_IBSS_MLME_SEARCH:
767 ieee80211_sta_find_ibss(sdata);
768 break;
769 case IEEE80211_IBSS_MLME_JOINED:
770 ieee80211_sta_merge_ibss(sdata);
771 break;
772 default:
773 WARN_ON(1);
774 break;
775 }
776}
777
778static void ieee80211_ibss_timer(unsigned long data)
779{
780 struct ieee80211_sub_if_data *sdata =
781 (struct ieee80211_sub_if_data *) data;
782 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
783 struct ieee80211_local *local = sdata->local;
784
785 set_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request);
786 queue_work(local->hw.workqueue, &ifibss->work);
787}
788
789void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
790{
791 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
792
793 INIT_WORK(&ifibss->work, ieee80211_ibss_work);
794 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
795 (unsigned long) sdata);
796 skb_queue_head_init(&ifibss->skb_queue);
797
798 ifibss->flags |= IEEE80211_IBSS_AUTO_BSSID_SEL |
799 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
800}
801
802int ieee80211_ibss_commit(struct ieee80211_sub_if_data *sdata)
803{
804 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
805
806 ifibss->flags &= ~IEEE80211_IBSS_PREV_BSSID_SET;
807
808 if (ifibss->ssid_len)
809 ifibss->flags |= IEEE80211_IBSS_SSID_SET;
810 else
811 ifibss->flags &= ~IEEE80211_IBSS_SSID_SET;
812
813 ifibss->ibss_join_req = jiffies;
814 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
815 set_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request);
816
817 return 0;
818}
819
820int ieee80211_ibss_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
821{
822 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
823
824 if (len > IEEE80211_MAX_SSID_LEN)
825 return -EINVAL;
826
827 if (ifibss->ssid_len != len || memcmp(ifibss->ssid, ssid, len) != 0) {
828 memset(ifibss->ssid, 0, sizeof(ifibss->ssid));
829 memcpy(ifibss->ssid, ssid, len);
830 ifibss->ssid_len = len;
831 }
832
833 return ieee80211_ibss_commit(sdata);
834}
835
836int ieee80211_ibss_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
837{
838 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
839
840 memcpy(ssid, ifibss->ssid, ifibss->ssid_len);
841 *len = ifibss->ssid_len;
842
843 return 0;
844}
845
846int ieee80211_ibss_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
847{
848 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
849
850 if (is_valid_ether_addr(bssid)) {
851 memcpy(ifibss->bssid, bssid, ETH_ALEN);
852 ifibss->flags |= IEEE80211_IBSS_BSSID_SET;
853 } else {
854 memset(ifibss->bssid, 0, ETH_ALEN);
855 ifibss->flags &= ~IEEE80211_IBSS_BSSID_SET;
856 }
857
858 if (netif_running(sdata->dev)) {
859 if (ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID)) {
860 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
861 "the low-level driver\n", sdata->dev->name);
862 }
863 }
864
865 return ieee80211_ibss_commit(sdata);
866}
867
868/* scan finished notification */
869void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
870{
871 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
872 struct ieee80211_if_ibss *ifibss;
873
874 if (sdata && sdata->vif.type == NL80211_IFTYPE_ADHOC) {
875 ifibss = &sdata->u.ibss;
876 if ((!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET)) ||
877 !ieee80211_sta_active_ibss(sdata))
878 ieee80211_sta_find_ibss(sdata);
879 }
880}
881
882ieee80211_rx_result
883ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
884 struct ieee80211_rx_status *rx_status)
885{
886 struct ieee80211_local *local = sdata->local;
887 struct ieee80211_mgmt *mgmt;
888 u16 fc;
889
890 if (skb->len < 24)
891 return RX_DROP_MONITOR;
892
893 mgmt = (struct ieee80211_mgmt *) skb->data;
894 fc = le16_to_cpu(mgmt->frame_control);
895
896 switch (fc & IEEE80211_FCTL_STYPE) {
897 case IEEE80211_STYPE_PROBE_RESP:
898 case IEEE80211_STYPE_BEACON:
899 memcpy(skb->cb, rx_status, sizeof(*rx_status));
900 case IEEE80211_STYPE_PROBE_REQ:
901 case IEEE80211_STYPE_AUTH:
902 skb_queue_tail(&sdata->u.ibss.skb_queue, skb);
903 queue_work(local->hw.workqueue, &sdata->u.ibss.work);
904 return RX_QUEUED;
905 }
906
907 return RX_DROP_MONITOR;
908}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index f3eec989662b..e6ed78cb16b3 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -43,7 +43,7 @@ struct ieee80211_local;
43 43
44/* Required encryption head and tailroom */ 44/* Required encryption head and tailroom */
45#define IEEE80211_ENCRYPT_HEADROOM 8 45#define IEEE80211_ENCRYPT_HEADROOM 8
46#define IEEE80211_ENCRYPT_TAILROOM 12 46#define IEEE80211_ENCRYPT_TAILROOM 18
47 47
48/* IEEE 802.11 (Ch. 9.5 Defragmentation) requires support for concurrent 48/* IEEE 802.11 (Ch. 9.5 Defragmentation) requires support for concurrent
49 * reception of at least three fragmented frames. This limit can be increased 49 * reception of at least three fragmented frames. This limit can be increased
@@ -57,6 +57,8 @@ struct ieee80211_local;
57 */ 57 */
58#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ) 58#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
59 59
60#define TU_TO_EXP_TIME(x) (jiffies + usecs_to_jiffies((x) * 1024))
61
60struct ieee80211_fragment_entry { 62struct ieee80211_fragment_entry {
61 unsigned long first_frag_time; 63 unsigned long first_frag_time;
62 unsigned int seq; 64 unsigned int seq;
@@ -70,43 +72,36 @@ struct ieee80211_fragment_entry {
70 72
71 73
72struct ieee80211_bss { 74struct ieee80211_bss {
73 struct list_head list; 75 /* Yes, this is a hack */
74 struct ieee80211_bss *hnext; 76 struct cfg80211_bss cbss;
75 size_t ssid_len;
76 77
77 atomic_t users; 78 /* don't want to look up all the time */
78 79 size_t ssid_len;
79 u8 bssid[ETH_ALEN];
80 u8 ssid[IEEE80211_MAX_SSID_LEN]; 80 u8 ssid[IEEE80211_MAX_SSID_LEN];
81
81 u8 dtim_period; 82 u8 dtim_period;
82 u16 capability; /* host byte order */ 83
83 enum ieee80211_band band;
84 int freq;
85 int signal, noise, qual;
86 u8 *ies; /* all information elements from the last Beacon or Probe
87 * Response frames; note Beacon frame is not allowed to
88 * override values from Probe Response */
89 size_t ies_len;
90 bool wmm_used; 84 bool wmm_used;
85
86 unsigned long last_probe_resp;
87
91#ifdef CONFIG_MAC80211_MESH 88#ifdef CONFIG_MAC80211_MESH
92 u8 *mesh_id; 89 u8 *mesh_id;
93 size_t mesh_id_len; 90 size_t mesh_id_len;
94 u8 *mesh_cfg; 91 u8 *mesh_cfg;
95#endif 92#endif
93
96#define IEEE80211_MAX_SUPP_RATES 32 94#define IEEE80211_MAX_SUPP_RATES 32
97 u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; 95 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
98 size_t supp_rates_len; 96 size_t supp_rates_len;
99 u64 timestamp;
100 int beacon_int;
101 97
102 unsigned long last_probe_resp; 98 /*
103 unsigned long last_update; 99 * During assocation, we save an ERP value from a probe response so
104
105 /* during assocation, we save an ERP value from a probe response so
106 * that we can feed ERP info to the driver when handling the 100 * that we can feed ERP info to the driver when handling the
107 * association completes. these fields probably won't be up-to-date 101 * association completes. these fields probably won't be up-to-date
108 * otherwise, you probably don't want to use them. */ 102 * otherwise, you probably don't want to use them.
109 int has_erp_value; 103 */
104 bool has_erp_value;
110 u8 erp_value; 105 u8 erp_value;
111}; 106};
112 107
@@ -154,11 +149,6 @@ struct ieee80211_tx_data {
154 149
155 struct ieee80211_channel *channel; 150 struct ieee80211_channel *channel;
156 151
157 /* Extra fragments (in addition to the first fragment
158 * in skb) */
159 struct sk_buff **extra_frag;
160 int num_extra_frag;
161
162 u16 ethertype; 152 u16 ethertype;
163 unsigned int flags; 153 unsigned int flags;
164}; 154};
@@ -194,12 +184,6 @@ struct ieee80211_rx_data {
194 u16 tkip_iv16; 184 u16 tkip_iv16;
195}; 185};
196 186
197struct ieee80211_tx_stored_packet {
198 struct sk_buff *skb;
199 struct sk_buff **extra_frag;
200 int num_extra_frag;
201};
202
203struct beacon_data { 187struct beacon_data {
204 u8 *head, *tail; 188 u8 *head, *tail;
205 int head_len, tail_len; 189 int head_len, tail_len;
@@ -244,7 +228,7 @@ struct mesh_preq_queue {
244 u8 flags; 228 u8 flags;
245}; 229};
246 230
247/* flags used in struct ieee80211_if_sta.flags */ 231/* flags used in struct ieee80211_if_managed.flags */
248#define IEEE80211_STA_SSID_SET BIT(0) 232#define IEEE80211_STA_SSID_SET BIT(0)
249#define IEEE80211_STA_BSSID_SET BIT(1) 233#define IEEE80211_STA_BSSID_SET BIT(1)
250#define IEEE80211_STA_PREV_BSSID_SET BIT(2) 234#define IEEE80211_STA_PREV_BSSID_SET BIT(2)
@@ -252,43 +236,49 @@ struct mesh_preq_queue {
252#define IEEE80211_STA_ASSOCIATED BIT(4) 236#define IEEE80211_STA_ASSOCIATED BIT(4)
253#define IEEE80211_STA_PROBEREQ_POLL BIT(5) 237#define IEEE80211_STA_PROBEREQ_POLL BIT(5)
254#define IEEE80211_STA_CREATE_IBSS BIT(6) 238#define IEEE80211_STA_CREATE_IBSS BIT(6)
255#define IEEE80211_STA_MIXED_CELL BIT(7) 239/* hole at 7, please re-use */
256#define IEEE80211_STA_WMM_ENABLED BIT(8) 240#define IEEE80211_STA_WMM_ENABLED BIT(8)
241/* hole at 9, please re-use */
257#define IEEE80211_STA_AUTO_SSID_SEL BIT(10) 242#define IEEE80211_STA_AUTO_SSID_SEL BIT(10)
258#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11) 243#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11)
259#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12) 244#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12)
260#define IEEE80211_STA_PRIVACY_INVOKED BIT(13) 245#define IEEE80211_STA_PRIVACY_INVOKED BIT(13)
246#define IEEE80211_STA_TKIP_WEP_USED BIT(14)
247#define IEEE80211_STA_CSA_RECEIVED BIT(15)
248#define IEEE80211_STA_MFP_ENABLED BIT(16)
249#define IEEE80211_STA_EXT_SME BIT(17)
261/* flags for MLME request */ 250/* flags for MLME request */
262#define IEEE80211_STA_REQ_SCAN 0 251#define IEEE80211_STA_REQ_SCAN 0
263#define IEEE80211_STA_REQ_DIRECT_PROBE 1 252#define IEEE80211_STA_REQ_DIRECT_PROBE 1
264#define IEEE80211_STA_REQ_AUTH 2 253#define IEEE80211_STA_REQ_AUTH 2
265#define IEEE80211_STA_REQ_RUN 3 254#define IEEE80211_STA_REQ_RUN 3
266 255
267/* STA/IBSS MLME states */
268enum ieee80211_sta_mlme_state {
269 IEEE80211_STA_MLME_DISABLED,
270 IEEE80211_STA_MLME_DIRECT_PROBE,
271 IEEE80211_STA_MLME_AUTHENTICATE,
272 IEEE80211_STA_MLME_ASSOCIATE,
273 IEEE80211_STA_MLME_ASSOCIATED,
274 IEEE80211_STA_MLME_IBSS_SEARCH,
275 IEEE80211_STA_MLME_IBSS_JOINED,
276};
277
278/* bitfield of allowed auth algs */ 256/* bitfield of allowed auth algs */
279#define IEEE80211_AUTH_ALG_OPEN BIT(0) 257#define IEEE80211_AUTH_ALG_OPEN BIT(0)
280#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1) 258#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1)
281#define IEEE80211_AUTH_ALG_LEAP BIT(2) 259#define IEEE80211_AUTH_ALG_LEAP BIT(2)
260#define IEEE80211_AUTH_ALG_FT BIT(3)
282 261
283struct ieee80211_if_sta { 262struct ieee80211_if_managed {
284 struct timer_list timer; 263 struct timer_list timer;
264 struct timer_list chswitch_timer;
285 struct work_struct work; 265 struct work_struct work;
266 struct work_struct chswitch_work;
267 struct work_struct beacon_loss_work;
268
286 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN]; 269 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
270
287 u8 ssid[IEEE80211_MAX_SSID_LEN]; 271 u8 ssid[IEEE80211_MAX_SSID_LEN];
288 enum ieee80211_sta_mlme_state state;
289 size_t ssid_len; 272 size_t ssid_len;
290 u8 scan_ssid[IEEE80211_MAX_SSID_LEN]; 273
291 size_t scan_ssid_len; 274 enum {
275 IEEE80211_STA_MLME_DISABLED,
276 IEEE80211_STA_MLME_DIRECT_PROBE,
277 IEEE80211_STA_MLME_AUTHENTICATE,
278 IEEE80211_STA_MLME_ASSOCIATE,
279 IEEE80211_STA_MLME_ASSOCIATED,
280 } state;
281
292 u16 aid; 282 u16 aid;
293 u16 ap_capab, capab; 283 u16 ap_capab, capab;
294 u8 *extra_ie; /* to be added to the end of AssocReq */ 284 u8 *extra_ie; /* to be added to the end of AssocReq */
@@ -308,6 +298,7 @@ struct ieee80211_if_sta {
308 unsigned long request; 298 unsigned long request;
309 299
310 unsigned long last_probe; 300 unsigned long last_probe;
301 unsigned long last_beacon;
311 302
312 unsigned int flags; 303 unsigned int flags;
313 304
@@ -315,11 +306,53 @@ struct ieee80211_if_sta {
315 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */ 306 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */
316 int auth_transaction; 307 int auth_transaction;
317 308
309 enum {
310 IEEE80211_MFP_DISABLED,
311 IEEE80211_MFP_OPTIONAL,
312 IEEE80211_MFP_REQUIRED
313 } mfp; /* management frame protection */
314
315 int wmm_last_param_set;
316
317 /* Extra IE data for management frames */
318 u8 *sme_auth_ie;
319 size_t sme_auth_ie_len;
320};
321
322enum ieee80211_ibss_flags {
323 IEEE80211_IBSS_AUTO_CHANNEL_SEL = BIT(0),
324 IEEE80211_IBSS_AUTO_BSSID_SEL = BIT(1),
325 IEEE80211_IBSS_BSSID_SET = BIT(2),
326 IEEE80211_IBSS_PREV_BSSID_SET = BIT(3),
327 IEEE80211_IBSS_SSID_SET = BIT(4),
328};
329
330enum ieee80211_ibss_request {
331 IEEE80211_IBSS_REQ_RUN = 0,
332};
333
334struct ieee80211_if_ibss {
335 struct timer_list timer;
336 struct work_struct work;
337
338 struct sk_buff_head skb_queue;
339
340 u8 ssid[IEEE80211_MAX_SSID_LEN];
341 u8 ssid_len;
342
343 u32 flags;
344
345 u8 bssid[ETH_ALEN];
346
347 unsigned long request;
348
318 unsigned long ibss_join_req; 349 unsigned long ibss_join_req;
319 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */ 350 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */
320 u32 supp_rates_bits[IEEE80211_NUM_BANDS];
321 351
322 int wmm_last_param_set; 352 enum {
353 IEEE80211_IBSS_MLME_SEARCH,
354 IEEE80211_IBSS_MLME_JOINED,
355 } state;
323}; 356};
324 357
325struct ieee80211_if_mesh { 358struct ieee80211_if_mesh {
@@ -370,7 +403,6 @@ struct ieee80211_if_mesh {
370 * 403 *
371 * @IEEE80211_SDATA_ALLMULTI: interface wants all multicast packets 404 * @IEEE80211_SDATA_ALLMULTI: interface wants all multicast packets
372 * @IEEE80211_SDATA_PROMISC: interface is promisc 405 * @IEEE80211_SDATA_PROMISC: interface is promisc
373 * @IEEE80211_SDATA_USERSPACE_MLME: userspace MLME is active
374 * @IEEE80211_SDATA_OPERATING_GMODE: operating in G-only mode 406 * @IEEE80211_SDATA_OPERATING_GMODE: operating in G-only mode
375 * @IEEE80211_SDATA_DONT_BRIDGE_PACKETS: bridge packets between 407 * @IEEE80211_SDATA_DONT_BRIDGE_PACKETS: bridge packets between
376 * associated stations and deliver multicast frames both 408 * associated stations and deliver multicast frames both
@@ -379,9 +411,8 @@ struct ieee80211_if_mesh {
379enum ieee80211_sub_if_data_flags { 411enum ieee80211_sub_if_data_flags {
380 IEEE80211_SDATA_ALLMULTI = BIT(0), 412 IEEE80211_SDATA_ALLMULTI = BIT(0),
381 IEEE80211_SDATA_PROMISC = BIT(1), 413 IEEE80211_SDATA_PROMISC = BIT(1),
382 IEEE80211_SDATA_USERSPACE_MLME = BIT(2), 414 IEEE80211_SDATA_OPERATING_GMODE = BIT(2),
383 IEEE80211_SDATA_OPERATING_GMODE = BIT(3), 415 IEEE80211_SDATA_DONT_BRIDGE_PACKETS = BIT(3),
384 IEEE80211_SDATA_DONT_BRIDGE_PACKETS = BIT(4),
385}; 416};
386 417
387struct ieee80211_sub_if_data { 418struct ieee80211_sub_if_data {
@@ -404,8 +435,10 @@ struct ieee80211_sub_if_data {
404 unsigned int fragment_next; 435 unsigned int fragment_next;
405 436
406#define NUM_DEFAULT_KEYS 4 437#define NUM_DEFAULT_KEYS 4
407 struct ieee80211_key *keys[NUM_DEFAULT_KEYS]; 438#define NUM_DEFAULT_MGMT_KEYS 2
439 struct ieee80211_key *keys[NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS];
408 struct ieee80211_key *default_key; 440 struct ieee80211_key *default_key;
441 struct ieee80211_key *default_mgmt_key;
409 442
410 u16 sequence_number; 443 u16 sequence_number;
411 444
@@ -423,7 +456,8 @@ struct ieee80211_sub_if_data {
423 struct ieee80211_if_ap ap; 456 struct ieee80211_if_ap ap;
424 struct ieee80211_if_wds wds; 457 struct ieee80211_if_wds wds;
425 struct ieee80211_if_vlan vlan; 458 struct ieee80211_if_vlan vlan;
426 struct ieee80211_if_sta sta; 459 struct ieee80211_if_managed mgd;
460 struct ieee80211_if_ibss ibss;
427#ifdef CONFIG_MAC80211_MESH 461#ifdef CONFIG_MAC80211_MESH
428 struct ieee80211_if_mesh mesh; 462 struct ieee80211_if_mesh mesh;
429#endif 463#endif
@@ -477,6 +511,7 @@ struct ieee80211_sub_if_data {
477 } debugfs; 511 } debugfs;
478 struct { 512 struct {
479 struct dentry *default_key; 513 struct dentry *default_key;
514 struct dentry *default_mgmt_key;
480 } common_debugfs; 515 } common_debugfs;
481 516
482#ifdef CONFIG_MAC80211_MESH 517#ifdef CONFIG_MAC80211_MESH
@@ -541,11 +576,12 @@ enum {
541enum queue_stop_reason { 576enum queue_stop_reason {
542 IEEE80211_QUEUE_STOP_REASON_DRIVER, 577 IEEE80211_QUEUE_STOP_REASON_DRIVER,
543 IEEE80211_QUEUE_STOP_REASON_PS, 578 IEEE80211_QUEUE_STOP_REASON_PS,
579 IEEE80211_QUEUE_STOP_REASON_CSA,
580 IEEE80211_QUEUE_STOP_REASON_AGGREGATION,
581 IEEE80211_QUEUE_STOP_REASON_SUSPEND,
582 IEEE80211_QUEUE_STOP_REASON_PENDING,
544}; 583};
545 584
546/* maximum number of hardware queues we support. */
547#define QD_MAX_QUEUES (IEEE80211_MAX_AMPDU_QUEUES + IEEE80211_MAX_QUEUES)
548
549struct ieee80211_master_priv { 585struct ieee80211_master_priv {
550 struct ieee80211_local *local; 586 struct ieee80211_local *local;
551}; 587};
@@ -558,9 +594,10 @@ struct ieee80211_local {
558 594
559 const struct ieee80211_ops *ops; 595 const struct ieee80211_ops *ops;
560 596
561 unsigned long queue_pool[BITS_TO_LONGS(QD_MAX_QUEUES)];
562 unsigned long queue_stop_reasons[IEEE80211_MAX_QUEUES]; 597 unsigned long queue_stop_reasons[IEEE80211_MAX_QUEUES];
598 /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */
563 spinlock_t queue_stop_reason_lock; 599 spinlock_t queue_stop_reason_lock;
600
564 struct net_device *mdev; /* wmaster# - "master" 802.11 device */ 601 struct net_device *mdev; /* wmaster# - "master" 802.11 device */
565 int open_count; 602 int open_count;
566 int monitors, cooked_mntrs; 603 int monitors, cooked_mntrs;
@@ -568,7 +605,6 @@ struct ieee80211_local {
568 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss; 605 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss;
569 unsigned int filter_flags; /* FIF_* */ 606 unsigned int filter_flags; /* FIF_* */
570 struct iw_statistics wstats; 607 struct iw_statistics wstats;
571 u8 wstats_flags;
572 bool tim_in_locked_section; /* see ieee80211_beacon_get() */ 608 bool tim_in_locked_section; /* see ieee80211_beacon_get() */
573 int tx_headroom; /* required headroom for hardware/radiotap */ 609 int tx_headroom; /* required headroom for hardware/radiotap */
574 610
@@ -595,11 +631,17 @@ struct ieee80211_local {
595 struct sta_info *sta_hash[STA_HASH_SIZE]; 631 struct sta_info *sta_hash[STA_HASH_SIZE];
596 struct timer_list sta_cleanup; 632 struct timer_list sta_cleanup;
597 633
598 unsigned long queues_pending[BITS_TO_LONGS(IEEE80211_MAX_QUEUES)]; 634 struct sk_buff_head pending[IEEE80211_MAX_QUEUES];
599 unsigned long queues_pending_run[BITS_TO_LONGS(IEEE80211_MAX_QUEUES)];
600 struct ieee80211_tx_stored_packet pending_packet[IEEE80211_MAX_QUEUES];
601 struct tasklet_struct tx_pending_tasklet; 635 struct tasklet_struct tx_pending_tasklet;
602 636
637 /*
638 * This lock is used to prevent concurrent A-MPDU
639 * session start/stop processing, this thus also
640 * synchronises the ->ampdu_action() callback to
641 * drivers and limits it to one at a time.
642 */
643 spinlock_t ampdu_lock;
644
603 /* number of interfaces with corresponding IFF_ flags */ 645 /* number of interfaces with corresponding IFF_ flags */
604 atomic_t iff_allmultis, iff_promiscs; 646 atomic_t iff_allmultis, iff_promiscs;
605 647
@@ -612,7 +654,9 @@ struct ieee80211_local {
612 struct crypto_blkcipher *wep_rx_tfm; 654 struct crypto_blkcipher *wep_rx_tfm;
613 u32 wep_iv; 655 u32 wep_iv;
614 656
657 /* see iface.c */
615 struct list_head interfaces; 658 struct list_head interfaces;
659 struct mutex iflist_mtx;
616 660
617 /* 661 /*
618 * Key lock, protects sdata's key_list and sta_info's 662 * Key lock, protects sdata's key_list and sta_info's
@@ -623,20 +667,18 @@ struct ieee80211_local {
623 667
624 /* Scanning and BSS list */ 668 /* Scanning and BSS list */
625 bool sw_scanning, hw_scanning; 669 bool sw_scanning, hw_scanning;
670 struct cfg80211_ssid scan_ssid;
671 struct cfg80211_scan_request int_scan_req;
672 struct cfg80211_scan_request *scan_req;
673 struct ieee80211_channel *scan_channel;
626 int scan_channel_idx; 674 int scan_channel_idx;
627 enum ieee80211_band scan_band;
628 675
629 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state; 676 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state;
630 unsigned long last_scan_completed; 677 unsigned long last_scan_completed;
631 struct delayed_work scan_work; 678 struct delayed_work scan_work;
632 struct ieee80211_sub_if_data *scan_sdata; 679 struct ieee80211_sub_if_data *scan_sdata;
633 struct ieee80211_channel *oper_channel, *scan_channel;
634 enum nl80211_channel_type oper_channel_type; 680 enum nl80211_channel_type oper_channel_type;
635 u8 scan_ssid[IEEE80211_MAX_SSID_LEN]; 681 struct ieee80211_channel *oper_channel, *csa_channel;
636 size_t scan_ssid_len;
637 struct list_head bss_list;
638 struct ieee80211_bss *bss_hash[STA_HASH_SIZE];
639 spinlock_t bss_lock;
640 682
641 /* SNMP counters */ 683 /* SNMP counters */
642 /* dot11CountersTable */ 684 /* dot11CountersTable */
@@ -649,7 +691,6 @@ struct ieee80211_local {
649 u32 dot11ReceivedFragmentCount; 691 u32 dot11ReceivedFragmentCount;
650 u32 dot11MulticastReceivedFrameCount; 692 u32 dot11MulticastReceivedFrameCount;
651 u32 dot11TransmittedFrameCount; 693 u32 dot11TransmittedFrameCount;
652 u32 dot11WEPUndecryptableCount;
653 694
654#ifdef CONFIG_MAC80211_LEDS 695#ifdef CONFIG_MAC80211_LEDS
655 int tx_led_counter, rx_led_counter; 696 int tx_led_counter, rx_led_counter;
@@ -696,11 +737,14 @@ struct ieee80211_local {
696 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */ 737 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */
697 738
698 bool powersave; 739 bool powersave;
699 int dynamic_ps_timeout; 740 bool pspolling;
700 struct work_struct dynamic_ps_enable_work; 741 struct work_struct dynamic_ps_enable_work;
701 struct work_struct dynamic_ps_disable_work; 742 struct work_struct dynamic_ps_disable_work;
702 struct timer_list dynamic_ps_timer; 743 struct timer_list dynamic_ps_timer;
703 744
745 int user_power_level; /* in dBm */
746 int power_constr_level; /* in dBm */
747
704#ifdef CONFIG_MAC80211_DEBUGFS 748#ifdef CONFIG_MAC80211_DEBUGFS
705 struct local_debugfsdentries { 749 struct local_debugfsdentries {
706 struct dentry *rcdir; 750 struct dentry *rcdir;
@@ -712,6 +756,8 @@ struct ieee80211_local {
712 struct dentry *long_retry_limit; 756 struct dentry *long_retry_limit;
713 struct dentry *total_ps_buffered; 757 struct dentry *total_ps_buffered;
714 struct dentry *wep_iv; 758 struct dentry *wep_iv;
759 struct dentry *tsf;
760 struct dentry *reset;
715 struct dentry *statistics; 761 struct dentry *statistics;
716 struct local_debugfsdentries_statsdentries { 762 struct local_debugfsdentries_statsdentries {
717 struct dentry *transmitted_fragment_count; 763 struct dentry *transmitted_fragment_count;
@@ -805,6 +851,7 @@ struct ieee802_11_elems {
805 u8 *country_elem; 851 u8 *country_elem;
806 u8 *pwr_constr_elem; 852 u8 *pwr_constr_elem;
807 u8 *quiet_elem; /* first quite element */ 853 u8 *quiet_elem; /* first quite element */
854 u8 *timeout_int;
808 855
809 /* length of them, respectively */ 856 /* length of them, respectively */
810 u8 ssid_len; 857 u8 ssid_len;
@@ -832,6 +879,7 @@ struct ieee802_11_elems {
832 u8 pwr_constr_elem_len; 879 u8 pwr_constr_elem_len;
833 u8 quiet_elem_len; 880 u8 quiet_elem_len;
834 u8 num_of_quiet_elem; /* can be more the one */ 881 u8 num_of_quiet_elem; /* can be more the one */
882 u8 timeout_int_len;
835}; 883};
836 884
837static inline struct ieee80211_local *hw_to_local( 885static inline struct ieee80211_local *hw_to_local(
@@ -860,34 +908,43 @@ void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx);
860void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata, 908void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
861 u32 changed); 909 u32 changed);
862void ieee80211_configure_filter(struct ieee80211_local *local); 910void ieee80211_configure_filter(struct ieee80211_local *local);
911u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata);
863 912
864/* wireless extensions */ 913/* wireless extensions */
865extern const struct iw_handler_def ieee80211_iw_handler_def; 914extern const struct iw_handler_def ieee80211_iw_handler_def;
866 915
867/* STA/IBSS code */ 916/* STA code */
868void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata); 917void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata);
869void ieee80211_scan_work(struct work_struct *work); 918ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
870void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 919 struct sk_buff *skb,
871 struct ieee80211_rx_status *rx_status); 920 struct ieee80211_rx_status *rx_status);
921int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata);
872int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len); 922int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len);
873int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len); 923int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len);
874int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid); 924int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid);
875void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata, 925void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata);
876 struct ieee80211_if_sta *ifsta);
877struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
878 u8 *bssid, u8 *addr, u64 supp_rates);
879int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason); 926int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason);
880int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason); 927int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason);
881u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata); 928void ieee80211_send_pspoll(struct ieee80211_local *local,
882u64 ieee80211_sta_get_rates(struct ieee80211_local *local, 929 struct ieee80211_sub_if_data *sdata);
883 struct ieee802_11_elems *elems, 930
884 enum ieee80211_band band); 931/* IBSS code */
885void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 932int ieee80211_ibss_commit(struct ieee80211_sub_if_data *sdata);
886 u8 *ssid, size_t ssid_len); 933int ieee80211_ibss_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len);
934int ieee80211_ibss_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len);
935int ieee80211_ibss_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid);
936void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local);
937void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata);
938ieee80211_rx_result
939ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
940 struct ieee80211_rx_status *rx_status);
941struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
942 u8 *bssid, u8 *addr, u32 supp_rates);
887 943
888/* scan/BSS handling */ 944/* scan/BSS handling */
945void ieee80211_scan_work(struct work_struct *work);
889int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 946int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
890 u8 *ssid, size_t ssid_len); 947 struct cfg80211_scan_request *req);
891int ieee80211_scan_results(struct ieee80211_local *local, 948int ieee80211_scan_results(struct ieee80211_local *local,
892 struct iw_request_info *info, 949 struct iw_request_info *info,
893 char *buf, size_t len); 950 char *buf, size_t len);
@@ -895,29 +952,28 @@ ieee80211_rx_result
895ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, 952ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata,
896 struct sk_buff *skb, 953 struct sk_buff *skb,
897 struct ieee80211_rx_status *rx_status); 954 struct ieee80211_rx_status *rx_status);
898void ieee80211_rx_bss_list_init(struct ieee80211_local *local);
899void ieee80211_rx_bss_list_deinit(struct ieee80211_local *local);
900int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, 955int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata,
901 char *ie, size_t len); 956 const char *ie, size_t len);
902 957
903void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local); 958void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local);
959void ieee80211_scan_failed(struct ieee80211_local *local);
904int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata, 960int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
905 u8 *ssid, size_t ssid_len); 961 struct cfg80211_scan_request *req);
906struct ieee80211_bss * 962struct ieee80211_bss *
907ieee80211_bss_info_update(struct ieee80211_local *local, 963ieee80211_bss_info_update(struct ieee80211_local *local,
908 struct ieee80211_rx_status *rx_status, 964 struct ieee80211_rx_status *rx_status,
909 struct ieee80211_mgmt *mgmt, 965 struct ieee80211_mgmt *mgmt,
910 size_t len, 966 size_t len,
911 struct ieee802_11_elems *elems, 967 struct ieee802_11_elems *elems,
912 int freq, bool beacon); 968 struct ieee80211_channel *channel,
913struct ieee80211_bss * 969 bool beacon);
914ieee80211_rx_bss_add(struct ieee80211_local *local, u8 *bssid, int freq,
915 u8 *ssid, u8 ssid_len);
916struct ieee80211_bss * 970struct ieee80211_bss *
917ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq, 971ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
918 u8 *ssid, u8 ssid_len); 972 u8 *ssid, u8 ssid_len);
919void ieee80211_rx_bss_put(struct ieee80211_local *local, 973void ieee80211_rx_bss_put(struct ieee80211_local *local,
920 struct ieee80211_bss *bss); 974 struct ieee80211_bss *bss);
975void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
976 int freq, u8 *ssid, u8 ssid_len);
921 977
922/* interface handling */ 978/* interface handling */
923int ieee80211_if_add(struct ieee80211_local *local, const char *name, 979int ieee80211_if_add(struct ieee80211_local *local, const char *name,
@@ -943,10 +999,15 @@ u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
943 struct ieee80211_ht_info *hti, 999 struct ieee80211_ht_info *hti,
944 u16 ap_ht_cap_flags); 1000 u16 ap_ht_cap_flags);
945void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn); 1001void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn);
1002void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
1003 const u8 *da, u16 tid,
1004 u16 initiator, u16 reason_code);
946 1005
947void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *da, 1006void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *da,
948 u16 tid, u16 initiator, u16 reason); 1007 u16 tid, u16 initiator, u16 reason);
949void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr); 1008void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
1009 u16 initiator, u16 reason);
1010void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta);
950void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata, 1011void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata,
951 struct sta_info *sta, 1012 struct sta_info *sta,
952 struct ieee80211_mgmt *mgmt, size_t len); 1013 struct ieee80211_mgmt *mgmt, size_t len);
@@ -959,10 +1020,36 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
959 struct ieee80211_mgmt *mgmt, 1020 struct ieee80211_mgmt *mgmt,
960 size_t len); 1021 size_t len);
961 1022
1023int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
1024 enum ieee80211_back_parties initiator);
1025
962/* Spectrum management */ 1026/* Spectrum management */
963void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata, 1027void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
964 struct ieee80211_mgmt *mgmt, 1028 struct ieee80211_mgmt *mgmt,
965 size_t len); 1029 size_t len);
1030void ieee80211_chswitch_timer(unsigned long data);
1031void ieee80211_chswitch_work(struct work_struct *work);
1032void ieee80211_process_chanswitch(struct ieee80211_sub_if_data *sdata,
1033 struct ieee80211_channel_sw_ie *sw_elem,
1034 struct ieee80211_bss *bss);
1035void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
1036 u16 capab_info, u8 *pwr_constr_elem,
1037 u8 pwr_constr_elem_len);
1038
1039/* Suspend/resume */
1040#ifdef CONFIG_PM
1041int __ieee80211_suspend(struct ieee80211_hw *hw);
1042int __ieee80211_resume(struct ieee80211_hw *hw);
1043#else
1044static inline int __ieee80211_suspend(struct ieee80211_hw *hw)
1045{
1046 return 0;
1047}
1048static inline int __ieee80211_resume(struct ieee80211_hw *hw)
1049{
1050 return 0;
1051}
1052#endif
966 1053
967/* utility functions/constants */ 1054/* utility functions/constants */
968extern void *mac80211_wiphy_privid; /* for wiphy privid */ 1055extern void *mac80211_wiphy_privid; /* for wiphy privid */
@@ -980,17 +1067,42 @@ void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
980void ieee802_11_parse_elems(u8 *start, size_t len, 1067void ieee802_11_parse_elems(u8 *start, size_t len,
981 struct ieee802_11_elems *elems); 1068 struct ieee802_11_elems *elems);
982int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freq); 1069int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freq);
983u64 ieee80211_mandatory_rates(struct ieee80211_local *local, 1070u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
984 enum ieee80211_band band); 1071 enum ieee80211_band band);
985 1072
986void ieee80211_dynamic_ps_enable_work(struct work_struct *work); 1073void ieee80211_dynamic_ps_enable_work(struct work_struct *work);
987void ieee80211_dynamic_ps_disable_work(struct work_struct *work); 1074void ieee80211_dynamic_ps_disable_work(struct work_struct *work);
988void ieee80211_dynamic_ps_timer(unsigned long data); 1075void ieee80211_dynamic_ps_timer(unsigned long data);
1076void ieee80211_send_nullfunc(struct ieee80211_local *local,
1077 struct ieee80211_sub_if_data *sdata,
1078 int powersave);
1079void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
1080 struct ieee80211_hdr *hdr);
1081void ieee80211_beacon_loss_work(struct work_struct *work);
989 1082
990void ieee80211_wake_queues_by_reason(struct ieee80211_hw *hw, 1083void ieee80211_wake_queues_by_reason(struct ieee80211_hw *hw,
991 enum queue_stop_reason reason); 1084 enum queue_stop_reason reason);
992void ieee80211_stop_queues_by_reason(struct ieee80211_hw *hw, 1085void ieee80211_stop_queues_by_reason(struct ieee80211_hw *hw,
993 enum queue_stop_reason reason); 1086 enum queue_stop_reason reason);
1087void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue,
1088 enum queue_stop_reason reason);
1089void ieee80211_stop_queue_by_reason(struct ieee80211_hw *hw, int queue,
1090 enum queue_stop_reason reason);
1091
1092void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1093 u16 transaction, u16 auth_alg,
1094 u8 *extra, size_t extra_len,
1095 const u8 *bssid, int encrypt);
1096void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1097 u8 *ssid, size_t ssid_len,
1098 u8 *ie, size_t ie_len);
1099
1100void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
1101 const size_t supp_rates_len,
1102 const u8 *supp_rates);
1103u32 ieee80211_sta_get_rates(struct ieee80211_local *local,
1104 struct ieee802_11_elems *elems,
1105 enum ieee80211_band band);
994 1106
995#ifdef CONFIG_MAC80211_NOINLINE 1107#ifdef CONFIG_MAC80211_NOINLINE
996#define debug_noinline noinline 1108#define debug_noinline noinline
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index b9074824862a..91e8e1bacaaa 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -21,6 +21,23 @@
21#include "mesh.h" 21#include "mesh.h"
22#include "led.h" 22#include "led.h"
23 23
24/**
25 * DOC: Interface list locking
26 *
27 * The interface list in each struct ieee80211_local is protected
28 * three-fold:
29 *
30 * (1) modifications may only be done under the RTNL
31 * (2) modifications and readers are protected against each other by
32 * the iflist_mtx.
33 * (3) modifications are done in an RCU manner so atomic readers
34 * can traverse the list in RCU-safe blocks.
35 *
36 * As a consequence, reads (traversals) of the list can be protected
37 * by either the RTNL, the iflist_mtx or RCU.
38 */
39
40
24static int ieee80211_change_mtu(struct net_device *dev, int new_mtu) 41static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
25{ 42{
26 int meshhdrlen; 43 int meshhdrlen;
@@ -219,7 +236,10 @@ static int ieee80211_open(struct net_device *dev)
219 break; 236 break;
220 case NL80211_IFTYPE_STATION: 237 case NL80211_IFTYPE_STATION:
221 case NL80211_IFTYPE_ADHOC: 238 case NL80211_IFTYPE_ADHOC:
222 sdata->u.sta.flags &= ~IEEE80211_STA_PREV_BSSID_SET; 239 if (sdata->vif.type == NL80211_IFTYPE_STATION)
240 sdata->u.mgd.flags &= ~IEEE80211_STA_PREV_BSSID_SET;
241 else
242 sdata->u.ibss.flags &= ~IEEE80211_IBSS_PREV_BSSID_SET;
223 /* fall through */ 243 /* fall through */
224 default: 244 default:
225 conf.vif = &sdata->vif; 245 conf.vif = &sdata->vif;
@@ -241,8 +261,7 @@ static int ieee80211_open(struct net_device *dev)
241 ieee80211_bss_info_change_notify(sdata, changed); 261 ieee80211_bss_info_change_notify(sdata, changed);
242 ieee80211_enable_keys(sdata); 262 ieee80211_enable_keys(sdata);
243 263
244 if (sdata->vif.type == NL80211_IFTYPE_STATION && 264 if (sdata->vif.type == NL80211_IFTYPE_STATION)
245 !(sdata->flags & IEEE80211_SDATA_USERSPACE_MLME))
246 netif_carrier_off(dev); 265 netif_carrier_off(dev);
247 else 266 else
248 netif_carrier_on(dev); 267 netif_carrier_on(dev);
@@ -304,11 +323,10 @@ static int ieee80211_open(struct net_device *dev)
304 * yet be effective. Trigger execution of ieee80211_sta_work 323 * yet be effective. Trigger execution of ieee80211_sta_work
305 * to fix this. 324 * to fix this.
306 */ 325 */
307 if (sdata->vif.type == NL80211_IFTYPE_STATION || 326 if (sdata->vif.type == NL80211_IFTYPE_STATION)
308 sdata->vif.type == NL80211_IFTYPE_ADHOC) { 327 queue_work(local->hw.workqueue, &sdata->u.mgd.work);
309 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 328 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
310 queue_work(local->hw.workqueue, &ifsta->work); 329 queue_work(local->hw.workqueue, &sdata->u.ibss.work);
311 }
312 330
313 netif_tx_start_all_queues(dev); 331 netif_tx_start_all_queues(dev);
314 332
@@ -345,13 +363,24 @@ static int ieee80211_stop(struct net_device *dev)
345 363
346 list_for_each_entry_rcu(sta, &local->sta_list, list) { 364 list_for_each_entry_rcu(sta, &local->sta_list, list) {
347 if (sta->sdata == sdata) 365 if (sta->sdata == sdata)
348 ieee80211_sta_tear_down_BA_sessions(sdata, 366 ieee80211_sta_tear_down_BA_sessions(sta);
349 sta->sta.addr);
350 } 367 }
351 368
352 rcu_read_unlock(); 369 rcu_read_unlock();
353 370
354 /* 371 /*
372 * Announce that we are leaving the network, in case we are a
373 * station interface type. This must be done before removing
374 * all stations associated with sta_info_flush, otherwise STA
375 * information will be gone and no announce being done.
376 */
377 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
378 if (sdata->u.mgd.state != IEEE80211_STA_MLME_DISABLED)
379 ieee80211_sta_deauthenticate(sdata,
380 WLAN_REASON_DEAUTH_LEAVING);
381 }
382
383 /*
355 * Remove all stations associated with this interface. 384 * Remove all stations associated with this interface.
356 * 385 *
357 * This must be done before calling ops->remove_interface() 386 * This must be done before calling ops->remove_interface()
@@ -383,6 +412,8 @@ static int ieee80211_stop(struct net_device *dev)
383 atomic_dec(&local->iff_promiscs); 412 atomic_dec(&local->iff_promiscs);
384 413
385 dev_mc_unsync(local->mdev, dev); 414 dev_mc_unsync(local->mdev, dev);
415 del_timer_sync(&local->dynamic_ps_timer);
416 cancel_work_sync(&local->dynamic_ps_enable_work);
386 417
387 /* APs need special treatment */ 418 /* APs need special treatment */
388 if (sdata->vif.type == NL80211_IFTYPE_AP) { 419 if (sdata->vif.type == NL80211_IFTYPE_AP) {
@@ -434,14 +465,9 @@ static int ieee80211_stop(struct net_device *dev)
434 netif_addr_unlock_bh(local->mdev); 465 netif_addr_unlock_bh(local->mdev);
435 break; 466 break;
436 case NL80211_IFTYPE_STATION: 467 case NL80211_IFTYPE_STATION:
437 case NL80211_IFTYPE_ADHOC: 468 memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
438 /* Announce that we are leaving the network. */ 469 del_timer_sync(&sdata->u.mgd.chswitch_timer);
439 if (sdata->u.sta.state != IEEE80211_STA_MLME_DISABLED) 470 del_timer_sync(&sdata->u.mgd.timer);
440 ieee80211_sta_deauthenticate(sdata,
441 WLAN_REASON_DEAUTH_LEAVING);
442
443 memset(sdata->u.sta.bssid, 0, ETH_ALEN);
444 del_timer_sync(&sdata->u.sta.timer);
445 /* 471 /*
446 * If the timer fired while we waited for it, it will have 472 * If the timer fired while we waited for it, it will have
447 * requeued the work. Now the work will be running again 473 * requeued the work. Now the work will be running again
@@ -449,7 +475,11 @@ static int ieee80211_stop(struct net_device *dev)
449 * whether the interface is running, which, at this point, 475 * whether the interface is running, which, at this point,
450 * it no longer is. 476 * it no longer is.
451 */ 477 */
452 cancel_work_sync(&sdata->u.sta.work); 478 cancel_work_sync(&sdata->u.mgd.work);
479 cancel_work_sync(&sdata->u.mgd.chswitch_work);
480
481 cancel_work_sync(&sdata->u.mgd.beacon_loss_work);
482
453 /* 483 /*
454 * When we get here, the interface is marked down. 484 * When we get here, the interface is marked down.
455 * Call synchronize_rcu() to wait for the RX path 485 * Call synchronize_rcu() to wait for the RX path
@@ -457,12 +487,22 @@ static int ieee80211_stop(struct net_device *dev)
457 * frames at this very time on another CPU. 487 * frames at this very time on another CPU.
458 */ 488 */
459 synchronize_rcu(); 489 synchronize_rcu();
460 skb_queue_purge(&sdata->u.sta.skb_queue); 490 skb_queue_purge(&sdata->u.mgd.skb_queue);
461 491
462 sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; 492 sdata->u.mgd.flags &= ~(IEEE80211_STA_PRIVACY_INVOKED |
463 kfree(sdata->u.sta.extra_ie); 493 IEEE80211_STA_TKIP_WEP_USED);
464 sdata->u.sta.extra_ie = NULL; 494 kfree(sdata->u.mgd.extra_ie);
465 sdata->u.sta.extra_ie_len = 0; 495 sdata->u.mgd.extra_ie = NULL;
496 sdata->u.mgd.extra_ie_len = 0;
497 /* fall through */
498 case NL80211_IFTYPE_ADHOC:
499 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
500 memset(sdata->u.ibss.bssid, 0, ETH_ALEN);
501 del_timer_sync(&sdata->u.ibss.timer);
502 cancel_work_sync(&sdata->u.ibss.work);
503 synchronize_rcu();
504 skb_queue_purge(&sdata->u.ibss.skb_queue);
505 }
466 /* fall through */ 506 /* fall through */
467 case NL80211_IFTYPE_MESH_POINT: 507 case NL80211_IFTYPE_MESH_POINT:
468 if (ieee80211_vif_is_mesh(&sdata->vif)) { 508 if (ieee80211_vif_is_mesh(&sdata->vif)) {
@@ -501,7 +541,7 @@ static int ieee80211_stop(struct net_device *dev)
501 * scan event to userspace -- the scan is incomplete. 541 * scan event to userspace -- the scan is incomplete.
502 */ 542 */
503 if (local->sw_scanning) 543 if (local->sw_scanning)
504 ieee80211_scan_completed(&local->hw); 544 ieee80211_scan_completed(&local->hw, true);
505 } 545 }
506 546
507 conf.vif = &sdata->vif; 547 conf.vif = &sdata->vif;
@@ -569,19 +609,6 @@ static void ieee80211_set_multicast_list(struct net_device *dev)
569 dev_mc_sync(local->mdev, dev); 609 dev_mc_sync(local->mdev, dev);
570} 610}
571 611
572static void ieee80211_if_setup(struct net_device *dev)
573{
574 ether_setup(dev);
575 dev->hard_start_xmit = ieee80211_subif_start_xmit;
576 dev->wireless_handlers = &ieee80211_iw_handler_def;
577 dev->set_multicast_list = ieee80211_set_multicast_list;
578 dev->change_mtu = ieee80211_change_mtu;
579 dev->open = ieee80211_open;
580 dev->stop = ieee80211_stop;
581 dev->destructor = free_netdev;
582 /* we will validate the address ourselves in ->open */
583 dev->validate_addr = NULL;
584}
585/* 612/*
586 * Called when the netdev is removed or, by the code below, before 613 * Called when the netdev is removed or, by the code below, before
587 * the interface type changes. 614 * the interface type changes.
@@ -621,12 +648,14 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
621 if (ieee80211_vif_is_mesh(&sdata->vif)) 648 if (ieee80211_vif_is_mesh(&sdata->vif))
622 mesh_rmc_free(sdata); 649 mesh_rmc_free(sdata);
623 break; 650 break;
624 case NL80211_IFTYPE_STATION:
625 case NL80211_IFTYPE_ADHOC: 651 case NL80211_IFTYPE_ADHOC:
626 kfree(sdata->u.sta.extra_ie); 652 kfree_skb(sdata->u.ibss.probe_resp);
627 kfree(sdata->u.sta.assocreq_ies); 653 break;
628 kfree(sdata->u.sta.assocresp_ies); 654 case NL80211_IFTYPE_STATION:
629 kfree_skb(sdata->u.sta.probe_resp); 655 kfree(sdata->u.mgd.extra_ie);
656 kfree(sdata->u.mgd.assocreq_ies);
657 kfree(sdata->u.mgd.assocresp_ies);
658 kfree(sdata->u.mgd.sme_auth_ie);
630 break; 659 break;
631 case NL80211_IFTYPE_WDS: 660 case NL80211_IFTYPE_WDS:
632 case NL80211_IFTYPE_AP_VLAN: 661 case NL80211_IFTYPE_AP_VLAN:
@@ -642,6 +671,34 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
642 WARN_ON(flushed); 671 WARN_ON(flushed);
643} 672}
644 673
674static const struct net_device_ops ieee80211_dataif_ops = {
675 .ndo_open = ieee80211_open,
676 .ndo_stop = ieee80211_stop,
677 .ndo_uninit = ieee80211_teardown_sdata,
678 .ndo_start_xmit = ieee80211_subif_start_xmit,
679 .ndo_set_multicast_list = ieee80211_set_multicast_list,
680 .ndo_change_mtu = ieee80211_change_mtu,
681 .ndo_set_mac_address = eth_mac_addr,
682};
683
684static const struct net_device_ops ieee80211_monitorif_ops = {
685 .ndo_open = ieee80211_open,
686 .ndo_stop = ieee80211_stop,
687 .ndo_uninit = ieee80211_teardown_sdata,
688 .ndo_start_xmit = ieee80211_monitor_start_xmit,
689 .ndo_set_multicast_list = ieee80211_set_multicast_list,
690 .ndo_change_mtu = ieee80211_change_mtu,
691 .ndo_set_mac_address = eth_mac_addr,
692};
693
694static void ieee80211_if_setup(struct net_device *dev)
695{
696 ether_setup(dev);
697 dev->netdev_ops = &ieee80211_dataif_ops;
698 dev->wireless_handlers = &ieee80211_iw_handler_def;
699 dev->destructor = free_netdev;
700}
701
645/* 702/*
646 * Helper function to initialise an interface to a specific type. 703 * Helper function to initialise an interface to a specific type.
647 */ 704 */
@@ -653,7 +710,7 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
653 710
654 /* and set some type-dependent values */ 711 /* and set some type-dependent values */
655 sdata->vif.type = type; 712 sdata->vif.type = type;
656 sdata->dev->hard_start_xmit = ieee80211_subif_start_xmit; 713 sdata->dev->netdev_ops = &ieee80211_dataif_ops;
657 sdata->wdev.iftype = type; 714 sdata->wdev.iftype = type;
658 715
659 /* only monitor differs */ 716 /* only monitor differs */
@@ -665,16 +722,18 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
665 INIT_LIST_HEAD(&sdata->u.ap.vlans); 722 INIT_LIST_HEAD(&sdata->u.ap.vlans);
666 break; 723 break;
667 case NL80211_IFTYPE_STATION: 724 case NL80211_IFTYPE_STATION:
668 case NL80211_IFTYPE_ADHOC:
669 ieee80211_sta_setup_sdata(sdata); 725 ieee80211_sta_setup_sdata(sdata);
670 break; 726 break;
727 case NL80211_IFTYPE_ADHOC:
728 ieee80211_ibss_setup_sdata(sdata);
729 break;
671 case NL80211_IFTYPE_MESH_POINT: 730 case NL80211_IFTYPE_MESH_POINT:
672 if (ieee80211_vif_is_mesh(&sdata->vif)) 731 if (ieee80211_vif_is_mesh(&sdata->vif))
673 ieee80211_mesh_init_sdata(sdata); 732 ieee80211_mesh_init_sdata(sdata);
674 break; 733 break;
675 case NL80211_IFTYPE_MONITOR: 734 case NL80211_IFTYPE_MONITOR:
676 sdata->dev->type = ARPHRD_IEEE80211_RADIOTAP; 735 sdata->dev->type = ARPHRD_IEEE80211_RADIOTAP;
677 sdata->dev->hard_start_xmit = ieee80211_monitor_start_xmit; 736 sdata->dev->netdev_ops = &ieee80211_monitorif_ops;
678 sdata->u.mntr_flags = MONITOR_FLAG_CONTROL | 737 sdata->u.mntr_flags = MONITOR_FLAG_CONTROL |
679 MONITOR_FLAG_OTHER_BSS; 738 MONITOR_FLAG_OTHER_BSS;
680 break; 739 break;
@@ -755,6 +814,7 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
755 814
756 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN); 815 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
757 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy)); 816 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
817 ndev->features |= NETIF_F_NETNS_LOCAL;
758 818
759 /* don't use IEEE80211_DEV_TO_SUB_IF because it checks too much */ 819 /* don't use IEEE80211_DEV_TO_SUB_IF because it checks too much */
760 sdata = netdev_priv(ndev); 820 sdata = netdev_priv(ndev);
@@ -780,15 +840,15 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
780 if (ret) 840 if (ret)
781 goto fail; 841 goto fail;
782 842
783 ndev->uninit = ieee80211_teardown_sdata;
784
785 if (ieee80211_vif_is_mesh(&sdata->vif) && 843 if (ieee80211_vif_is_mesh(&sdata->vif) &&
786 params && params->mesh_id_len) 844 params && params->mesh_id_len)
787 ieee80211_sdata_set_mesh_id(sdata, 845 ieee80211_sdata_set_mesh_id(sdata,
788 params->mesh_id_len, 846 params->mesh_id_len,
789 params->mesh_id); 847 params->mesh_id);
790 848
849 mutex_lock(&local->iflist_mtx);
791 list_add_tail_rcu(&sdata->list, &local->interfaces); 850 list_add_tail_rcu(&sdata->list, &local->interfaces);
851 mutex_unlock(&local->iflist_mtx);
792 852
793 if (new_dev) 853 if (new_dev)
794 *new_dev = ndev; 854 *new_dev = ndev;
@@ -804,7 +864,10 @@ void ieee80211_if_remove(struct ieee80211_sub_if_data *sdata)
804{ 864{
805 ASSERT_RTNL(); 865 ASSERT_RTNL();
806 866
867 mutex_lock(&sdata->local->iflist_mtx);
807 list_del_rcu(&sdata->list); 868 list_del_rcu(&sdata->list);
869 mutex_unlock(&sdata->local->iflist_mtx);
870
808 synchronize_rcu(); 871 synchronize_rcu();
809 unregister_netdevice(sdata->dev); 872 unregister_netdevice(sdata->dev);
810} 873}
@@ -820,7 +883,16 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local)
820 ASSERT_RTNL(); 883 ASSERT_RTNL();
821 884
822 list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) { 885 list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) {
886 /*
887 * we cannot hold the iflist_mtx across unregister_netdevice,
888 * but we only need to hold it for list modifications to lock
889 * out readers since we're under the RTNL here as all other
890 * writers.
891 */
892 mutex_lock(&local->iflist_mtx);
823 list_del(&sdata->list); 893 list_del(&sdata->list);
894 mutex_unlock(&local->iflist_mtx);
895
824 unregister_netdevice(sdata->dev); 896 unregister_netdevice(sdata->dev);
825 } 897 }
826} 898}
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 999f7aa42326..687acf23054d 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -18,6 +18,7 @@
18#include "ieee80211_i.h" 18#include "ieee80211_i.h"
19#include "debugfs_key.h" 19#include "debugfs_key.h"
20#include "aes_ccm.h" 20#include "aes_ccm.h"
21#include "aes_cmac.h"
21 22
22 23
23/** 24/**
@@ -47,7 +48,6 @@
47 */ 48 */
48 49
49static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 50static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
50static const u8 zero_addr[ETH_ALEN];
51 51
52/* key mutex: used to synchronise todo runners */ 52/* key mutex: used to synchronise todo runners */
53static DEFINE_MUTEX(key_mutex); 53static DEFINE_MUTEX(key_mutex);
@@ -108,29 +108,18 @@ static void assert_key_lock(void)
108 WARN_ON(!mutex_is_locked(&key_mutex)); 108 WARN_ON(!mutex_is_locked(&key_mutex));
109} 109}
110 110
111static const u8 *get_mac_for_key(struct ieee80211_key *key) 111static struct ieee80211_sta *get_sta_for_key(struct ieee80211_key *key)
112{ 112{
113 const u8 *addr = bcast_addr;
114
115 /*
116 * If we're an AP we won't ever receive frames with a non-WEP
117 * group key so we tell the driver that by using the zero MAC
118 * address to indicate a transmit-only key.
119 */
120 if (key->conf.alg != ALG_WEP &&
121 (key->sdata->vif.type == NL80211_IFTYPE_AP ||
122 key->sdata->vif.type == NL80211_IFTYPE_AP_VLAN))
123 addr = zero_addr;
124
125 if (key->sta) 113 if (key->sta)
126 addr = key->sta->sta.addr; 114 return &key->sta->sta;
127 115
128 return addr; 116 return NULL;
129} 117}
130 118
131static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 119static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
132{ 120{
133 const u8 *addr; 121 struct ieee80211_sub_if_data *sdata;
122 struct ieee80211_sta *sta;
134 int ret; 123 int ret;
135 124
136 assert_key_lock(); 125 assert_key_lock();
@@ -139,11 +128,16 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
139 if (!key->local->ops->set_key) 128 if (!key->local->ops->set_key)
140 return; 129 return;
141 130
142 addr = get_mac_for_key(key); 131 sta = get_sta_for_key(key);
132
133 sdata = key->sdata;
134 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
135 sdata = container_of(sdata->bss,
136 struct ieee80211_sub_if_data,
137 u.ap);
143 138
144 ret = key->local->ops->set_key(local_to_hw(key->local), SET_KEY, 139 ret = key->local->ops->set_key(local_to_hw(key->local), SET_KEY,
145 key->sdata->dev->dev_addr, addr, 140 &sdata->vif, sta, &key->conf);
146 &key->conf);
147 141
148 if (!ret) { 142 if (!ret) {
149 spin_lock(&todo_lock); 143 spin_lock(&todo_lock);
@@ -155,12 +149,13 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
155 printk(KERN_ERR "mac80211-%s: failed to set key " 149 printk(KERN_ERR "mac80211-%s: failed to set key "
156 "(%d, %pM) to hardware (%d)\n", 150 "(%d, %pM) to hardware (%d)\n",
157 wiphy_name(key->local->hw.wiphy), 151 wiphy_name(key->local->hw.wiphy),
158 key->conf.keyidx, addr, ret); 152 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
159} 153}
160 154
161static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 155static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
162{ 156{
163 const u8 *addr; 157 struct ieee80211_sub_if_data *sdata;
158 struct ieee80211_sta *sta;
164 int ret; 159 int ret;
165 160
166 assert_key_lock(); 161 assert_key_lock();
@@ -176,17 +171,22 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
176 } 171 }
177 spin_unlock(&todo_lock); 172 spin_unlock(&todo_lock);
178 173
179 addr = get_mac_for_key(key); 174 sta = get_sta_for_key(key);
175 sdata = key->sdata;
176
177 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
178 sdata = container_of(sdata->bss,
179 struct ieee80211_sub_if_data,
180 u.ap);
180 181
181 ret = key->local->ops->set_key(local_to_hw(key->local), DISABLE_KEY, 182 ret = key->local->ops->set_key(local_to_hw(key->local), DISABLE_KEY,
182 key->sdata->dev->dev_addr, addr, 183 &sdata->vif, sta, &key->conf);
183 &key->conf);
184 184
185 if (ret) 185 if (ret)
186 printk(KERN_ERR "mac80211-%s: failed to remove key " 186 printk(KERN_ERR "mac80211-%s: failed to remove key "
187 "(%d, %pM) from hardware (%d)\n", 187 "(%d, %pM) from hardware (%d)\n",
188 wiphy_name(key->local->hw.wiphy), 188 wiphy_name(key->local->hw.wiphy),
189 key->conf.keyidx, addr, ret); 189 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
190 190
191 spin_lock(&todo_lock); 191 spin_lock(&todo_lock);
192 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 192 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
@@ -216,13 +216,38 @@ void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx)
216 spin_unlock_irqrestore(&sdata->local->key_lock, flags); 216 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
217} 217}
218 218
219static void
220__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
221{
222 struct ieee80211_key *key = NULL;
223
224 if (idx >= NUM_DEFAULT_KEYS &&
225 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
226 key = sdata->keys[idx];
227
228 rcu_assign_pointer(sdata->default_mgmt_key, key);
229
230 if (key)
231 add_todo(key, KEY_FLAG_TODO_DEFMGMTKEY);
232}
233
234void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
235 int idx)
236{
237 unsigned long flags;
238
239 spin_lock_irqsave(&sdata->local->key_lock, flags);
240 __ieee80211_set_default_mgmt_key(sdata, idx);
241 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
242}
243
219 244
220static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 245static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
221 struct sta_info *sta, 246 struct sta_info *sta,
222 struct ieee80211_key *old, 247 struct ieee80211_key *old,
223 struct ieee80211_key *new) 248 struct ieee80211_key *new)
224{ 249{
225 int idx, defkey; 250 int idx, defkey, defmgmtkey;
226 251
227 if (new) 252 if (new)
228 list_add(&new->list, &sdata->key_list); 253 list_add(&new->list, &sdata->key_list);
@@ -238,13 +263,19 @@ static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
238 idx = new->conf.keyidx; 263 idx = new->conf.keyidx;
239 264
240 defkey = old && sdata->default_key == old; 265 defkey = old && sdata->default_key == old;
266 defmgmtkey = old && sdata->default_mgmt_key == old;
241 267
242 if (defkey && !new) 268 if (defkey && !new)
243 __ieee80211_set_default_key(sdata, -1); 269 __ieee80211_set_default_key(sdata, -1);
270 if (defmgmtkey && !new)
271 __ieee80211_set_default_mgmt_key(sdata, -1);
244 272
245 rcu_assign_pointer(sdata->keys[idx], new); 273 rcu_assign_pointer(sdata->keys[idx], new);
246 if (defkey && new) 274 if (defkey && new)
247 __ieee80211_set_default_key(sdata, new->conf.keyidx); 275 __ieee80211_set_default_key(sdata, new->conf.keyidx);
276 if (defmgmtkey && new)
277 __ieee80211_set_default_mgmt_key(sdata,
278 new->conf.keyidx);
248 } 279 }
249 280
250 if (old) { 281 if (old) {
@@ -263,7 +294,7 @@ struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
263{ 294{
264 struct ieee80211_key *key; 295 struct ieee80211_key *key;
265 296
266 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS); 297 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
267 298
268 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 299 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
269 if (!key) 300 if (!key)
@@ -292,6 +323,10 @@ struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
292 key->conf.iv_len = CCMP_HDR_LEN; 323 key->conf.iv_len = CCMP_HDR_LEN;
293 key->conf.icv_len = CCMP_MIC_LEN; 324 key->conf.icv_len = CCMP_MIC_LEN;
294 break; 325 break;
326 case ALG_AES_CMAC:
327 key->conf.iv_len = 0;
328 key->conf.icv_len = sizeof(struct ieee80211_mmie);
329 break;
295 } 330 }
296 memcpy(key->conf.key, key_data, key_len); 331 memcpy(key->conf.key, key_data, key_len);
297 INIT_LIST_HEAD(&key->list); 332 INIT_LIST_HEAD(&key->list);
@@ -309,6 +344,19 @@ struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
309 } 344 }
310 } 345 }
311 346
347 if (alg == ALG_AES_CMAC) {
348 /*
349 * Initialize AES key state here as an optimization so that
350 * it does not need to be initialized for every packet.
351 */
352 key->u.aes_cmac.tfm =
353 ieee80211_aes_cmac_key_setup(key_data);
354 if (!key->u.aes_cmac.tfm) {
355 kfree(key);
356 return NULL;
357 }
358 }
359
312 return key; 360 return key;
313} 361}
314 362
@@ -352,7 +400,7 @@ void ieee80211_key_link(struct ieee80211_key *key,
352 */ 400 */
353 401
354 /* same here, the AP could be using QoS */ 402 /* same here, the AP could be using QoS */
355 ap = sta_info_get(key->local, key->sdata->u.sta.bssid); 403 ap = sta_info_get(key->local, key->sdata->u.mgd.bssid);
356 if (ap) { 404 if (ap) {
357 if (test_sta_flags(ap, WLAN_STA_WME)) 405 if (test_sta_flags(ap, WLAN_STA_WME))
358 key->conf.flags |= 406 key->conf.flags |=
@@ -462,6 +510,8 @@ static void __ieee80211_key_destroy(struct ieee80211_key *key)
462 510
463 if (key->conf.alg == ALG_CCMP) 511 if (key->conf.alg == ALG_CCMP)
464 ieee80211_aes_key_free(key->u.ccmp.tfm); 512 ieee80211_aes_key_free(key->u.ccmp.tfm);
513 if (key->conf.alg == ALG_AES_CMAC)
514 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
465 ieee80211_debugfs_key_remove(key); 515 ieee80211_debugfs_key_remove(key);
466 516
467 kfree(key); 517 kfree(key);
@@ -484,6 +534,7 @@ static void __ieee80211_key_todo(void)
484 list_del_init(&key->todo); 534 list_del_init(&key->todo);
485 todoflags = key->flags & (KEY_FLAG_TODO_ADD_DEBUGFS | 535 todoflags = key->flags & (KEY_FLAG_TODO_ADD_DEBUGFS |
486 KEY_FLAG_TODO_DEFKEY | 536 KEY_FLAG_TODO_DEFKEY |
537 KEY_FLAG_TODO_DEFMGMTKEY |
487 KEY_FLAG_TODO_HWACCEL_ADD | 538 KEY_FLAG_TODO_HWACCEL_ADD |
488 KEY_FLAG_TODO_HWACCEL_REMOVE | 539 KEY_FLAG_TODO_HWACCEL_REMOVE |
489 KEY_FLAG_TODO_DELETE); 540 KEY_FLAG_TODO_DELETE);
@@ -501,6 +552,11 @@ static void __ieee80211_key_todo(void)
501 ieee80211_debugfs_key_add_default(key->sdata); 552 ieee80211_debugfs_key_add_default(key->sdata);
502 work_done = true; 553 work_done = true;
503 } 554 }
555 if (todoflags & KEY_FLAG_TODO_DEFMGMTKEY) {
556 ieee80211_debugfs_key_remove_mgmt_default(key->sdata);
557 ieee80211_debugfs_key_add_mgmt_default(key->sdata);
558 work_done = true;
559 }
504 if (todoflags & KEY_FLAG_TODO_HWACCEL_ADD) { 560 if (todoflags & KEY_FLAG_TODO_HWACCEL_ADD) {
505 ieee80211_key_enable_hw_accel(key); 561 ieee80211_key_enable_hw_accel(key);
506 work_done = true; 562 work_done = true;
@@ -536,6 +592,7 @@ void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
536 ieee80211_key_lock(); 592 ieee80211_key_lock();
537 593
538 ieee80211_debugfs_key_remove_default(sdata); 594 ieee80211_debugfs_key_remove_default(sdata);
595 ieee80211_debugfs_key_remove_mgmt_default(sdata);
539 596
540 spin_lock_irqsave(&sdata->local->key_lock, flags); 597 spin_lock_irqsave(&sdata->local->key_lock, flags);
541 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 598 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index 425816e0996c..215d3ef42a4f 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -46,6 +46,8 @@ struct sta_info;
46 * acceleration. 46 * acceleration.
47 * @KEY_FLAG_TODO_DEFKEY: Key is default key and debugfs needs to be updated. 47 * @KEY_FLAG_TODO_DEFKEY: Key is default key and debugfs needs to be updated.
48 * @KEY_FLAG_TODO_ADD_DEBUGFS: Key needs to be added to debugfs. 48 * @KEY_FLAG_TODO_ADD_DEBUGFS: Key needs to be added to debugfs.
49 * @KEY_FLAG_TODO_DEFMGMTKEY: Key is default management key and debugfs needs
50 * to be updated.
49 */ 51 */
50enum ieee80211_internal_key_flags { 52enum ieee80211_internal_key_flags {
51 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0), 53 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0),
@@ -54,6 +56,7 @@ enum ieee80211_internal_key_flags {
54 KEY_FLAG_TODO_HWACCEL_REMOVE = BIT(3), 56 KEY_FLAG_TODO_HWACCEL_REMOVE = BIT(3),
55 KEY_FLAG_TODO_DEFKEY = BIT(4), 57 KEY_FLAG_TODO_DEFKEY = BIT(4),
56 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5), 58 KEY_FLAG_TODO_ADD_DEBUGFS = BIT(5),
59 KEY_FLAG_TODO_DEFMGMTKEY = BIT(6),
57}; 60};
58 61
59struct tkip_ctx { 62struct tkip_ctx {
@@ -96,6 +99,16 @@ struct ieee80211_key {
96 u8 tx_crypto_buf[6 * AES_BLOCK_LEN]; 99 u8 tx_crypto_buf[6 * AES_BLOCK_LEN];
97 u8 rx_crypto_buf[6 * AES_BLOCK_LEN]; 100 u8 rx_crypto_buf[6 * AES_BLOCK_LEN];
98 } ccmp; 101 } ccmp;
102 struct {
103 u8 tx_pn[6];
104 u8 rx_pn[6];
105 struct crypto_cipher *tfm;
106 u32 replays; /* dot11RSNAStatsCMACReplays */
107 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
108 /* scratch buffers for virt_to_page() (crypto API) */
109 u8 tx_crypto_buf[2 * AES_BLOCK_LEN];
110 u8 rx_crypto_buf[2 * AES_BLOCK_LEN];
111 } aes_cmac;
99 } u; 112 } u;
100 113
101 /* number of times this key has been used */ 114 /* number of times this key has been used */
@@ -114,6 +127,7 @@ struct ieee80211_key {
114 struct dentry *tx_spec; 127 struct dentry *tx_spec;
115 struct dentry *rx_spec; 128 struct dentry *rx_spec;
116 struct dentry *replays; 129 struct dentry *replays;
130 struct dentry *icverrors;
117 struct dentry *key; 131 struct dentry *key;
118 struct dentry *ifindex; 132 struct dentry *ifindex;
119 int cnt; 133 int cnt;
@@ -140,6 +154,8 @@ void ieee80211_key_link(struct ieee80211_key *key,
140 struct sta_info *sta); 154 struct sta_info *sta);
141void ieee80211_key_free(struct ieee80211_key *key); 155void ieee80211_key_free(struct ieee80211_key *key);
142void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx); 156void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx);
157void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
158 int idx);
143void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata); 159void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata);
144void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata); 160void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata);
145void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata); 161void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata);
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 24b14363d6e7..a6f1d8a869bc 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -161,30 +161,67 @@ int ieee80211_if_config(struct ieee80211_sub_if_data *sdata, u32 changed)
161 if (WARN_ON(!netif_running(sdata->dev))) 161 if (WARN_ON(!netif_running(sdata->dev)))
162 return 0; 162 return 0;
163 163
164 if (WARN_ON(sdata->vif.type == NL80211_IFTYPE_AP_VLAN))
165 return -EINVAL;
166
167 if (!local->ops->config_interface)
168 return 0;
169
170 memset(&conf, 0, sizeof(conf)); 164 memset(&conf, 0, sizeof(conf));
171 conf.changed = changed;
172 165
173 if (sdata->vif.type == NL80211_IFTYPE_STATION || 166 if (sdata->vif.type == NL80211_IFTYPE_STATION)
174 sdata->vif.type == NL80211_IFTYPE_ADHOC) 167 conf.bssid = sdata->u.mgd.bssid;
175 conf.bssid = sdata->u.sta.bssid; 168 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
169 conf.bssid = sdata->u.ibss.bssid;
176 else if (sdata->vif.type == NL80211_IFTYPE_AP) 170 else if (sdata->vif.type == NL80211_IFTYPE_AP)
177 conf.bssid = sdata->dev->dev_addr; 171 conf.bssid = sdata->dev->dev_addr;
178 else if (ieee80211_vif_is_mesh(&sdata->vif)) { 172 else if (ieee80211_vif_is_mesh(&sdata->vif)) {
179 u8 zero[ETH_ALEN] = { 0 }; 173 static const u8 zero[ETH_ALEN] = { 0 };
180 conf.bssid = zero; 174 conf.bssid = zero;
181 } else { 175 } else {
182 WARN_ON(1); 176 WARN_ON(1);
183 return -EINVAL; 177 return -EINVAL;
184 } 178 }
185 179
186 if (WARN_ON(!conf.bssid && (changed & IEEE80211_IFCC_BSSID))) 180 if (!local->ops->config_interface)
187 return -EINVAL; 181 return 0;
182
183 switch (sdata->vif.type) {
184 case NL80211_IFTYPE_AP:
185 case NL80211_IFTYPE_ADHOC:
186 case NL80211_IFTYPE_MESH_POINT:
187 break;
188 default:
189 /* do not warn to simplify caller in scan.c */
190 changed &= ~IEEE80211_IFCC_BEACON_ENABLED;
191 if (WARN_ON(changed & IEEE80211_IFCC_BEACON))
192 return -EINVAL;
193 changed &= ~IEEE80211_IFCC_BEACON;
194 break;
195 }
196
197 if (changed & IEEE80211_IFCC_BEACON_ENABLED) {
198 if (local->sw_scanning) {
199 conf.enable_beacon = false;
200 } else {
201 /*
202 * Beacon should be enabled, but AP mode must
203 * check whether there is a beacon configured.
204 */
205 switch (sdata->vif.type) {
206 case NL80211_IFTYPE_AP:
207 conf.enable_beacon =
208 !!rcu_dereference(sdata->u.ap.beacon);
209 break;
210 case NL80211_IFTYPE_ADHOC:
211 conf.enable_beacon = !!sdata->u.ibss.probe_resp;
212 break;
213 case NL80211_IFTYPE_MESH_POINT:
214 conf.enable_beacon = true;
215 break;
216 default:
217 /* not reached */
218 WARN_ON(1);
219 break;
220 }
221 }
222 }
223
224 conf.changed = changed;
188 225
189 return local->ops->config_interface(local_to_hw(local), 226 return local->ops->config_interface(local_to_hw(local),
190 &sdata->vif, &conf); 227 &sdata->vif, &conf);
@@ -208,26 +245,22 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
208 } 245 }
209 246
210 if (chan != local->hw.conf.channel || 247 if (chan != local->hw.conf.channel ||
211 channel_type != local->hw.conf.ht.channel_type) { 248 channel_type != local->hw.conf.channel_type) {
212 local->hw.conf.channel = chan; 249 local->hw.conf.channel = chan;
213 local->hw.conf.ht.channel_type = channel_type; 250 local->hw.conf.channel_type = channel_type;
214 switch (channel_type) {
215 case NL80211_CHAN_NO_HT:
216 local->hw.conf.ht.enabled = false;
217 break;
218 case NL80211_CHAN_HT20:
219 case NL80211_CHAN_HT40MINUS:
220 case NL80211_CHAN_HT40PLUS:
221 local->hw.conf.ht.enabled = true;
222 break;
223 }
224 changed |= IEEE80211_CONF_CHANGE_CHANNEL; 251 changed |= IEEE80211_CONF_CHANGE_CHANNEL;
225 } 252 }
226 253
227 if (!local->hw.conf.power_level) 254 if (local->sw_scanning)
228 power = chan->max_power; 255 power = chan->max_power;
229 else 256 else
230 power = min(chan->max_power, local->hw.conf.power_level); 257 power = local->power_constr_level ?
258 (chan->max_power - local->power_constr_level) :
259 chan->max_power;
260
261 if (local->user_power_level)
262 power = min(power, local->user_power_level);
263
231 if (local->hw.conf.power_level != power) { 264 if (local->hw.conf.power_level != power) {
232 changed |= IEEE80211_CONF_CHANGE_POWER; 265 changed |= IEEE80211_CONF_CHANGE_POWER;
233 local->hw.conf.power_level = power; 266 local->hw.conf.power_level = power;
@@ -667,7 +700,7 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
667 const struct ieee80211_ops *ops) 700 const struct ieee80211_ops *ops)
668{ 701{
669 struct ieee80211_local *local; 702 struct ieee80211_local *local;
670 int priv_size; 703 int priv_size, i;
671 struct wiphy *wiphy; 704 struct wiphy *wiphy;
672 705
673 /* Ensure 32-byte alignment of our private data and hw private data. 706 /* Ensure 32-byte alignment of our private data and hw private data.
@@ -695,6 +728,10 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
695 return NULL; 728 return NULL;
696 729
697 wiphy->privid = mac80211_wiphy_privid; 730 wiphy->privid = mac80211_wiphy_privid;
731 wiphy->max_scan_ssids = 4;
732 /* Yes, putting cfg80211_bss into ieee80211_bss is a hack */
733 wiphy->bss_priv_size = sizeof(struct ieee80211_bss) -
734 sizeof(struct cfg80211_bss);
698 735
699 local = wiphy_priv(wiphy); 736 local = wiphy_priv(wiphy);
700 local->hw.wiphy = wiphy; 737 local->hw.wiphy = wiphy;
@@ -722,6 +759,7 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
722 local->hw.conf.radio_enabled = true; 759 local->hw.conf.radio_enabled = true;
723 760
724 INIT_LIST_HEAD(&local->interfaces); 761 INIT_LIST_HEAD(&local->interfaces);
762 mutex_init(&local->iflist_mtx);
725 763
726 spin_lock_init(&local->key_lock); 764 spin_lock_init(&local->key_lock);
727 765
@@ -738,6 +776,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
738 776
739 sta_info_init(local); 777 sta_info_init(local);
740 778
779 for (i = 0; i < IEEE80211_MAX_QUEUES; i++)
780 skb_queue_head_init(&local->pending[i]);
741 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending, 781 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
742 (unsigned long)local); 782 (unsigned long)local);
743 tasklet_disable(&local->tx_pending_tasklet); 783 tasklet_disable(&local->tx_pending_tasklet);
@@ -750,10 +790,29 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
750 skb_queue_head_init(&local->skb_queue); 790 skb_queue_head_init(&local->skb_queue);
751 skb_queue_head_init(&local->skb_queue_unreliable); 791 skb_queue_head_init(&local->skb_queue_unreliable);
752 792
793 spin_lock_init(&local->ampdu_lock);
794
753 return local_to_hw(local); 795 return local_to_hw(local);
754} 796}
755EXPORT_SYMBOL(ieee80211_alloc_hw); 797EXPORT_SYMBOL(ieee80211_alloc_hw);
756 798
799static const struct net_device_ops ieee80211_master_ops = {
800 .ndo_start_xmit = ieee80211_master_start_xmit,
801 .ndo_open = ieee80211_master_open,
802 .ndo_stop = ieee80211_master_stop,
803 .ndo_set_multicast_list = ieee80211_master_set_multicast_list,
804 .ndo_select_queue = ieee80211_select_queue,
805};
806
807static void ieee80211_master_setup(struct net_device *mdev)
808{
809 mdev->type = ARPHRD_IEEE80211;
810 mdev->netdev_ops = &ieee80211_master_ops;
811 mdev->header_ops = &ieee80211_header_ops;
812 mdev->tx_queue_len = 1000;
813 mdev->addr_len = ETH_ALEN;
814}
815
757int ieee80211_register_hw(struct ieee80211_hw *hw) 816int ieee80211_register_hw(struct ieee80211_hw *hw)
758{ 817{
759 struct ieee80211_local *local = hw_to_local(hw); 818 struct ieee80211_local *local = hw_to_local(hw);
@@ -761,25 +820,33 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
761 enum ieee80211_band band; 820 enum ieee80211_band band;
762 struct net_device *mdev; 821 struct net_device *mdev;
763 struct ieee80211_master_priv *mpriv; 822 struct ieee80211_master_priv *mpriv;
823 int channels, i, j;
764 824
765 /* 825 /*
766 * generic code guarantees at least one band, 826 * generic code guarantees at least one band,
767 * set this very early because much code assumes 827 * set this very early because much code assumes
768 * that hw.conf.channel is assigned 828 * that hw.conf.channel is assigned
769 */ 829 */
830 channels = 0;
770 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 831 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
771 struct ieee80211_supported_band *sband; 832 struct ieee80211_supported_band *sband;
772 833
773 sband = local->hw.wiphy->bands[band]; 834 sband = local->hw.wiphy->bands[band];
774 if (sband) { 835 if (sband && !local->oper_channel) {
775 /* init channel we're on */ 836 /* init channel we're on */
776 local->hw.conf.channel = 837 local->hw.conf.channel =
777 local->oper_channel = 838 local->oper_channel =
778 local->scan_channel = &sband->channels[0]; 839 local->scan_channel = &sband->channels[0];
779 break;
780 } 840 }
841 if (sband)
842 channels += sband->n_channels;
781 } 843 }
782 844
845 local->int_scan_req.n_channels = channels;
846 local->int_scan_req.channels = kzalloc(sizeof(void *) * channels, GFP_KERNEL);
847 if (!local->int_scan_req.channels)
848 return -ENOMEM;
849
783 /* if low-level driver supports AP, we also support VLAN */ 850 /* if low-level driver supports AP, we also support VLAN */
784 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_AP)) 851 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_AP))
785 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN); 852 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
@@ -787,9 +854,14 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
787 /* mac80211 always supports monitor */ 854 /* mac80211 always supports monitor */
788 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR); 855 local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
789 856
857 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
858 local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
859 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
860 local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;
861
790 result = wiphy_register(local->hw.wiphy); 862 result = wiphy_register(local->hw.wiphy);
791 if (result < 0) 863 if (result < 0)
792 return result; 864 goto fail_wiphy_register;
793 865
794 /* 866 /*
795 * We use the number of queues for feature tests (QoS, HT) internally 867 * We use the number of queues for feature tests (QoS, HT) internally
@@ -797,14 +869,10 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
797 */ 869 */
798 if (hw->queues > IEEE80211_MAX_QUEUES) 870 if (hw->queues > IEEE80211_MAX_QUEUES)
799 hw->queues = IEEE80211_MAX_QUEUES; 871 hw->queues = IEEE80211_MAX_QUEUES;
800 if (hw->ampdu_queues > IEEE80211_MAX_AMPDU_QUEUES)
801 hw->ampdu_queues = IEEE80211_MAX_AMPDU_QUEUES;
802 if (hw->queues < 4)
803 hw->ampdu_queues = 0;
804 872
805 mdev = alloc_netdev_mq(sizeof(struct ieee80211_master_priv), 873 mdev = alloc_netdev_mq(sizeof(struct ieee80211_master_priv),
806 "wmaster%d", ether_setup, 874 "wmaster%d", ieee80211_master_setup,
807 ieee80211_num_queues(hw)); 875 hw->queues);
808 if (!mdev) 876 if (!mdev)
809 goto fail_mdev_alloc; 877 goto fail_mdev_alloc;
810 878
@@ -812,17 +880,8 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
812 mpriv->local = local; 880 mpriv->local = local;
813 local->mdev = mdev; 881 local->mdev = mdev;
814 882
815 ieee80211_rx_bss_list_init(local);
816
817 mdev->hard_start_xmit = ieee80211_master_start_xmit;
818 mdev->open = ieee80211_master_open;
819 mdev->stop = ieee80211_master_stop;
820 mdev->type = ARPHRD_IEEE80211;
821 mdev->header_ops = &ieee80211_header_ops;
822 mdev->set_multicast_list = ieee80211_master_set_multicast_list;
823
824 local->hw.workqueue = 883 local->hw.workqueue =
825 create_freezeable_workqueue(wiphy_name(local->hw.wiphy)); 884 create_singlethread_workqueue(wiphy_name(local->hw.wiphy));
826 if (!local->hw.workqueue) { 885 if (!local->hw.workqueue) {
827 result = -ENOMEM; 886 result = -ENOMEM;
828 goto fail_workqueue; 887 goto fail_workqueue;
@@ -846,15 +905,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
846 905
847 local->hw.conf.listen_interval = local->hw.max_listen_interval; 906 local->hw.conf.listen_interval = local->hw.max_listen_interval;
848 907
849 local->wstats_flags |= local->hw.flags & (IEEE80211_HW_SIGNAL_UNSPEC |
850 IEEE80211_HW_SIGNAL_DB |
851 IEEE80211_HW_SIGNAL_DBM) ?
852 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID;
853 local->wstats_flags |= local->hw.flags & IEEE80211_HW_NOISE_DBM ?
854 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID;
855 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
856 local->wstats_flags |= IW_QUAL_DBM;
857
858 result = sta_info_start(local); 908 result = sta_info_start(local);
859 if (result < 0) 909 if (result < 0)
860 goto fail_sta_info; 910 goto fail_sta_info;
@@ -866,6 +916,7 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
866 916
867 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN); 917 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
868 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy)); 918 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
919 local->mdev->features |= NETIF_F_NETNS_LOCAL;
869 920
870 result = register_netdevice(local->mdev); 921 result = register_netdevice(local->mdev);
871 if (result < 0) 922 if (result < 0)
@@ -887,8 +938,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
887 goto fail_wep; 938 goto fail_wep;
888 } 939 }
889 940
890 local->mdev->select_queue = ieee80211_select_queue;
891
892 /* add one default STA interface if supported */ 941 /* add one default STA interface if supported */
893 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_STATION)) { 942 if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_STATION)) {
894 result = ieee80211_if_add(local, "wlan%d", NULL, 943 result = ieee80211_if_add(local, "wlan%d", NULL,
@@ -902,6 +951,20 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
902 951
903 ieee80211_led_init(local); 952 ieee80211_led_init(local);
904 953
954 /* alloc internal scan request */
955 i = 0;
956 local->int_scan_req.ssids = &local->scan_ssid;
957 local->int_scan_req.n_ssids = 1;
958 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
959 if (!hw->wiphy->bands[band])
960 continue;
961 for (j = 0; j < hw->wiphy->bands[band]->n_channels; j++) {
962 local->int_scan_req.channels[i] =
963 &hw->wiphy->bands[band]->channels[j];
964 i++;
965 }
966 }
967
905 return 0; 968 return 0;
906 969
907fail_wep: 970fail_wep:
@@ -920,6 +983,8 @@ fail_workqueue:
920 free_netdev(local->mdev); 983 free_netdev(local->mdev);
921fail_mdev_alloc: 984fail_mdev_alloc:
922 wiphy_unregister(local->hw.wiphy); 985 wiphy_unregister(local->hw.wiphy);
986fail_wiphy_register:
987 kfree(local->int_scan_req.channels);
923 return result; 988 return result;
924} 989}
925EXPORT_SYMBOL(ieee80211_register_hw); 990EXPORT_SYMBOL(ieee80211_register_hw);
@@ -947,7 +1012,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
947 1012
948 rtnl_unlock(); 1013 rtnl_unlock();
949 1014
950 ieee80211_rx_bss_list_deinit(local);
951 ieee80211_clear_tx_pending(local); 1015 ieee80211_clear_tx_pending(local);
952 sta_info_stop(local); 1016 sta_info_stop(local);
953 rate_control_deinitialize(local); 1017 rate_control_deinitialize(local);
@@ -965,6 +1029,7 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
965 ieee80211_wep_free(local); 1029 ieee80211_wep_free(local);
966 ieee80211_led_exit(local); 1030 ieee80211_led_exit(local);
967 free_netdev(local->mdev); 1031 free_netdev(local->mdev);
1032 kfree(local->int_scan_req.channels);
968} 1033}
969EXPORT_SYMBOL(ieee80211_unregister_hw); 1034EXPORT_SYMBOL(ieee80211_unregister_hw);
970 1035
@@ -972,6 +1037,8 @@ void ieee80211_free_hw(struct ieee80211_hw *hw)
972{ 1037{
973 struct ieee80211_local *local = hw_to_local(hw); 1038 struct ieee80211_local *local = hw_to_local(hw);
974 1039
1040 mutex_destroy(&local->iflist_mtx);
1041
975 wiphy_free(local->hw.wiphy); 1042 wiphy_free(local->hw.wiphy);
976} 1043}
977EXPORT_SYMBOL(ieee80211_free_hw); 1044EXPORT_SYMBOL(ieee80211_free_hw);
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 82f568e94365..9a3e5de0410a 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -275,16 +275,6 @@ u32 mesh_table_hash(u8 *addr, struct ieee80211_sub_if_data *sdata, struct mesh_t
275 & tbl->hash_mask; 275 & tbl->hash_mask;
276} 276}
277 277
278u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len)
279{
280 if (!mesh_id_len)
281 return 1;
282 else if (mesh_id_len == 1)
283 return (u8) mesh_id[0];
284 else
285 return (u8) (mesh_id[0] + 2 * mesh_id[1]);
286}
287
288struct mesh_table *mesh_table_alloc(int size_order) 278struct mesh_table *mesh_table_alloc(int size_order)
289{ 279{
290 int i; 280 int i;
@@ -442,7 +432,8 @@ void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
442 432
443 ifmsh->housekeeping = true; 433 ifmsh->housekeeping = true;
444 queue_work(local->hw.workqueue, &ifmsh->work); 434 queue_work(local->hw.workqueue, &ifmsh->work);
445 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON); 435 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON |
436 IEEE80211_IFCC_BEACON_ENABLED);
446} 437}
447 438
448void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata) 439void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
@@ -476,7 +467,7 @@ static void ieee80211_mesh_rx_bcn_presp(struct ieee80211_sub_if_data *sdata,
476 struct ieee80211_local *local = sdata->local; 467 struct ieee80211_local *local = sdata->local;
477 struct ieee802_11_elems elems; 468 struct ieee802_11_elems elems;
478 struct ieee80211_channel *channel; 469 struct ieee80211_channel *channel;
479 u64 supp_rates = 0; 470 u32 supp_rates = 0;
480 size_t baselen; 471 size_t baselen;
481 int freq; 472 int freq;
482 enum ieee80211_band band = rx_status->band; 473 enum ieee80211_band band = rx_status->band;
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index c197ab545e54..d891d7ddccd7 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -24,15 +24,15 @@
24 * 24 *
25 * 25 *
26 * 26 *
27 * @MESH_PATH_ACTIVE: the mesh path is can be used for forwarding 27 * @MESH_PATH_ACTIVE: the mesh path can be used for forwarding
28 * @MESH_PATH_RESOLVED: the discovery process is running for this mesh path 28 * @MESH_PATH_RESOLVING: the discovery process is running for this mesh path
29 * @MESH_PATH_DSN_VALID: the mesh path contains a valid destination sequence 29 * @MESH_PATH_DSN_VALID: the mesh path contains a valid destination sequence
30 * number 30 * number
31 * @MESH_PATH_FIXED: the mesh path has been manually set and should not be 31 * @MESH_PATH_FIXED: the mesh path has been manually set and should not be
32 * modified 32 * modified
33 * @MESH_PATH_RESOLVED: the mesh path can has been resolved 33 * @MESH_PATH_RESOLVED: the mesh path can has been resolved
34 * 34 *
35 * MESH_PATH_RESOLVED and MESH_PATH_DELETE are used by the mesh path timer to 35 * MESH_PATH_RESOLVED is used by the mesh path timer to
36 * decide when to stop or cancel the mesh path discovery. 36 * decide when to stop or cancel the mesh path discovery.
37 */ 37 */
38enum mesh_path_flags { 38enum mesh_path_flags {
@@ -196,7 +196,6 @@ struct mesh_rmc {
196 196
197/* Public interfaces */ 197/* Public interfaces */
198/* Various */ 198/* Various */
199u8 mesh_id_hash(u8 *mesh_id, int mesh_id_len);
200int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr); 199int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr);
201int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr, 200int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
202 struct ieee80211_sub_if_data *sdata); 201 struct ieee80211_sub_if_data *sdata);
@@ -236,14 +235,13 @@ void mesh_rx_path_sel_frame(struct ieee80211_sub_if_data *sdata,
236 struct ieee80211_mgmt *mgmt, size_t len); 235 struct ieee80211_mgmt *mgmt, size_t len);
237int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata); 236int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata);
238/* Mesh plinks */ 237/* Mesh plinks */
239void mesh_neighbour_update(u8 *hw_addr, u64 rates, 238void mesh_neighbour_update(u8 *hw_addr, u32 rates,
240 struct ieee80211_sub_if_data *sdata, bool add); 239 struct ieee80211_sub_if_data *sdata, bool add);
241bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie); 240bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie);
242void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata); 241void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata);
243void mesh_plink_broken(struct sta_info *sta); 242void mesh_plink_broken(struct sta_info *sta);
244void mesh_plink_deactivate(struct sta_info *sta); 243void mesh_plink_deactivate(struct sta_info *sta);
245int mesh_plink_open(struct sta_info *sta); 244int mesh_plink_open(struct sta_info *sta);
246int mesh_plink_close(struct sta_info *sta);
247void mesh_plink_block(struct sta_info *sta); 245void mesh_plink_block(struct sta_info *sta);
248void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, 246void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata,
249 struct ieee80211_mgmt *mgmt, size_t len, 247 struct ieee80211_mgmt *mgmt, size_t len,
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index 71fe60961230..60b35accda91 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -58,7 +58,6 @@ static inline u32 u32_field_get(u8 *preq_elem, int offset, bool ae)
58#define PERR_IE_DST_ADDR(x) (x + 2) 58#define PERR_IE_DST_ADDR(x) (x + 2)
59#define PERR_IE_DST_DSN(x) u32_field_get(x, 8, 0); 59#define PERR_IE_DST_DSN(x) u32_field_get(x, 8, 0);
60 60
61#define TU_TO_EXP_TIME(x) (jiffies + msecs_to_jiffies(x * 1024 / 1000))
62#define MSEC_TO_TU(x) (x*1000/1024) 61#define MSEC_TO_TU(x) (x*1000/1024)
63#define DSN_GT(x, y) ((long) (y) - (long) (x) < 0) 62#define DSN_GT(x, y) ((long) (y) - (long) (x) < 0)
64#define DSN_LT(x, y) ((long) (x) - (long) (y) < 0) 63#define DSN_LT(x, y) ((long) (x) - (long) (y) < 0)
@@ -149,7 +148,7 @@ static int mesh_path_sel_frame_tx(enum mpath_frame_type action, u8 flags,
149 pos += ETH_ALEN; 148 pos += ETH_ALEN;
150 memcpy(pos, &dst_dsn, 4); 149 memcpy(pos, &dst_dsn, 4);
151 150
152 ieee80211_tx_skb(sdata, skb, 0); 151 ieee80211_tx_skb(sdata, skb, 1);
153 return 0; 152 return 0;
154} 153}
155 154
@@ -198,7 +197,7 @@ int mesh_path_error_tx(u8 *dst, __le32 dst_dsn, u8 *ra,
198 pos += ETH_ALEN; 197 pos += ETH_ALEN;
199 memcpy(pos, &dst_dsn, 4); 198 memcpy(pos, &dst_dsn, 4);
200 199
201 ieee80211_tx_skb(sdata, skb, 0); 200 ieee80211_tx_skb(sdata, skb, 1);
202 return 0; 201 return 0;
203} 202}
204 203
@@ -759,7 +758,7 @@ enddiscovery:
759} 758}
760 759
761/** 760/**
762 * ieee80211s_lookup_nexthop - put the appropriate next hop on a mesh frame 761 * mesh_nexthop_lookup - put the appropriate next hop on a mesh frame
763 * 762 *
764 * @skb: 802.11 frame to be sent 763 * @skb: 802.11 frame to be sent
765 * @sdata: network subif the frame will be sent through 764 * @sdata: network subif the frame will be sent through
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 1159bdb4119c..a8bbdeca013a 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -93,7 +93,7 @@ static inline void mesh_plink_fsm_restart(struct sta_info *sta)
93 * on it in the lifecycle management section! 93 * on it in the lifecycle management section!
94 */ 94 */
95static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata, 95static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
96 u8 *hw_addr, u64 rates) 96 u8 *hw_addr, u32 rates)
97{ 97{
98 struct ieee80211_local *local = sdata->local; 98 struct ieee80211_local *local = sdata->local;
99 struct sta_info *sta; 99 struct sta_info *sta;
@@ -218,11 +218,11 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
218 memcpy(pos, &reason, 2); 218 memcpy(pos, &reason, 2);
219 } 219 }
220 220
221 ieee80211_tx_skb(sdata, skb, 0); 221 ieee80211_tx_skb(sdata, skb, 1);
222 return 0; 222 return 0;
223} 223}
224 224
225void mesh_neighbour_update(u8 *hw_addr, u64 rates, struct ieee80211_sub_if_data *sdata, 225void mesh_neighbour_update(u8 *hw_addr, u32 rates, struct ieee80211_sub_if_data *sdata,
226 bool peer_accepting_plinks) 226 bool peer_accepting_plinks)
227{ 227{
228 struct ieee80211_local *local = sdata->local; 228 struct ieee80211_local *local = sdata->local;
@@ -361,36 +361,6 @@ void mesh_plink_block(struct sta_info *sta)
361 spin_unlock_bh(&sta->lock); 361 spin_unlock_bh(&sta->lock);
362} 362}
363 363
364int mesh_plink_close(struct sta_info *sta)
365{
366 struct ieee80211_sub_if_data *sdata = sta->sdata;
367 __le16 llid, plid, reason;
368
369 mpl_dbg("Mesh plink: closing link with %pM\n", sta->sta.addr);
370 spin_lock_bh(&sta->lock);
371 sta->reason = cpu_to_le16(MESH_LINK_CANCELLED);
372 reason = sta->reason;
373
374 if (sta->plink_state == PLINK_LISTEN ||
375 sta->plink_state == PLINK_BLOCKED) {
376 mesh_plink_fsm_restart(sta);
377 spin_unlock_bh(&sta->lock);
378 return 0;
379 } else if (sta->plink_state == PLINK_ESTAB) {
380 __mesh_plink_deactivate(sta);
381 /* The timer should not be running */
382 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
383 } else if (!mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)))
384 sta->ignore_plink_timer = true;
385
386 sta->plink_state = PLINK_HOLDING;
387 llid = sta->llid;
388 plid = sta->plid;
389 spin_unlock_bh(&sta->lock);
390 mesh_plink_frame_tx(sta->sdata, PLINK_CLOSE, sta->sta.addr, llid,
391 plid, reason);
392 return 0;
393}
394 364
395void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt, 365void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt,
396 size_t len, struct ieee80211_rx_status *rx_status) 366 size_t len, struct ieee80211_rx_status *rx_status)
@@ -477,7 +447,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
477 spin_lock_bh(&sta->lock); 447 spin_lock_bh(&sta->lock);
478 } else if (!sta) { 448 } else if (!sta) {
479 /* ftype == PLINK_OPEN */ 449 /* ftype == PLINK_OPEN */
480 u64 rates; 450 u32 rates;
481 if (!mesh_plink_free_count(sdata)) { 451 if (!mesh_plink_free_count(sdata)) {
482 mpl_dbg("Mesh plink error: no more free plinks\n"); 452 mpl_dbg("Mesh plink error: no more free plinks\n");
483 rcu_read_unlock(); 453 rcu_read_unlock();
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 2b890af01ba4..7ecda9d59d8a 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1,6 +1,6 @@
1/* 1/*
2 * BSS client mode implementation 2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi> 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4 * Copyright 2004, Instant802 Networks, Inc. 4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc. 5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
@@ -15,11 +15,8 @@
15#include <linux/if_ether.h> 15#include <linux/if_ether.h>
16#include <linux/skbuff.h> 16#include <linux/skbuff.h>
17#include <linux/if_arp.h> 17#include <linux/if_arp.h>
18#include <linux/wireless.h>
19#include <linux/random.h>
20#include <linux/etherdevice.h> 18#include <linux/etherdevice.h>
21#include <linux/rtnetlink.h> 19#include <linux/rtnetlink.h>
22#include <net/iw_handler.h>
23#include <net/mac80211.h> 20#include <net/mac80211.h>
24#include <asm/unaligned.h> 21#include <asm/unaligned.h>
25 22
@@ -33,17 +30,8 @@
33#define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 30#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
34#define IEEE80211_ASSOC_MAX_TRIES 3 31#define IEEE80211_ASSOC_MAX_TRIES 3
35#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 32#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
36#define IEEE80211_PROBE_INTERVAL (60 * HZ) 33#define IEEE80211_PROBE_IDLE_TIME (60 * HZ)
37#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 34#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
38#define IEEE80211_SCAN_INTERVAL (2 * HZ)
39#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
40#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
41
42#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
43#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
44
45#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
46
47 35
48/* utils */ 36/* utils */
49static int ecw2cw(int ecw) 37static int ecw2cw(int ecw)
@@ -55,10 +43,10 @@ static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
55{ 43{
56 u8 *end, *pos; 44 u8 *end, *pos;
57 45
58 pos = bss->ies; 46 pos = bss->cbss.information_elements;
59 if (pos == NULL) 47 if (pos == NULL)
60 return NULL; 48 return NULL;
61 end = pos + bss->ies_len; 49 end = pos + bss->cbss.len_information_elements;
62 50
63 while (pos + 1 < end) { 51 while (pos + 1 < end) {
64 if (pos + 2 + pos[1] > end) 52 if (pos + 2 + pos[1] > end)
@@ -73,7 +61,7 @@ static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie)
73 61
74static int ieee80211_compatible_rates(struct ieee80211_bss *bss, 62static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
75 struct ieee80211_supported_band *sband, 63 struct ieee80211_supported_band *sband,
76 u64 *rates) 64 u32 *rates)
77{ 65{
78 int i, j, count; 66 int i, j, count;
79 *rates = 0; 67 *rates = 0;
@@ -92,146 +80,11 @@ static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
92 return count; 80 return count;
93} 81}
94 82
95/* also used by mesh code */
96u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
97 struct ieee802_11_elems *elems,
98 enum ieee80211_band band)
99{
100 struct ieee80211_supported_band *sband;
101 struct ieee80211_rate *bitrates;
102 size_t num_rates;
103 u64 supp_rates;
104 int i, j;
105 sband = local->hw.wiphy->bands[band];
106
107 if (!sband) {
108 WARN_ON(1);
109 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
110 }
111
112 bitrates = sband->bitrates;
113 num_rates = sband->n_bitrates;
114 supp_rates = 0;
115 for (i = 0; i < elems->supp_rates_len +
116 elems->ext_supp_rates_len; i++) {
117 u8 rate = 0;
118 int own_rate;
119 if (i < elems->supp_rates_len)
120 rate = elems->supp_rates[i];
121 else if (elems->ext_supp_rates)
122 rate = elems->ext_supp_rates
123 [i - elems->supp_rates_len];
124 own_rate = 5 * (rate & 0x7f);
125 for (j = 0; j < num_rates; j++)
126 if (bitrates[j].bitrate == own_rate)
127 supp_rates |= BIT(j);
128 }
129 return supp_rates;
130}
131
132/* frame sending functions */ 83/* frame sending functions */
133 84
134/* also used by scanning code */ 85static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
135void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
136 u8 *ssid, size_t ssid_len)
137{
138 struct ieee80211_local *local = sdata->local;
139 struct ieee80211_supported_band *sband;
140 struct sk_buff *skb;
141 struct ieee80211_mgmt *mgmt;
142 u8 *pos, *supp_rates, *esupp_rates = NULL;
143 int i;
144
145 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
146 if (!skb) {
147 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
148 "request\n", sdata->dev->name);
149 return;
150 }
151 skb_reserve(skb, local->hw.extra_tx_headroom);
152
153 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
154 memset(mgmt, 0, 24);
155 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
156 IEEE80211_STYPE_PROBE_REQ);
157 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
158 if (dst) {
159 memcpy(mgmt->da, dst, ETH_ALEN);
160 memcpy(mgmt->bssid, dst, ETH_ALEN);
161 } else {
162 memset(mgmt->da, 0xff, ETH_ALEN);
163 memset(mgmt->bssid, 0xff, ETH_ALEN);
164 }
165 pos = skb_put(skb, 2 + ssid_len);
166 *pos++ = WLAN_EID_SSID;
167 *pos++ = ssid_len;
168 memcpy(pos, ssid, ssid_len);
169
170 supp_rates = skb_put(skb, 2);
171 supp_rates[0] = WLAN_EID_SUPP_RATES;
172 supp_rates[1] = 0;
173 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
174
175 for (i = 0; i < sband->n_bitrates; i++) {
176 struct ieee80211_rate *rate = &sband->bitrates[i];
177 if (esupp_rates) {
178 pos = skb_put(skb, 1);
179 esupp_rates[1]++;
180 } else if (supp_rates[1] == 8) {
181 esupp_rates = skb_put(skb, 3);
182 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
183 esupp_rates[1] = 1;
184 pos = &esupp_rates[2];
185 } else {
186 pos = skb_put(skb, 1);
187 supp_rates[1]++;
188 }
189 *pos = rate->bitrate / 5;
190 }
191
192 ieee80211_tx_skb(sdata, skb, 0);
193}
194
195static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
196 struct ieee80211_if_sta *ifsta,
197 int transaction, u8 *extra, size_t extra_len,
198 int encrypt)
199{
200 struct ieee80211_local *local = sdata->local;
201 struct sk_buff *skb;
202 struct ieee80211_mgmt *mgmt;
203
204 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
205 sizeof(*mgmt) + 6 + extra_len);
206 if (!skb) {
207 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
208 "frame\n", sdata->dev->name);
209 return;
210 }
211 skb_reserve(skb, local->hw.extra_tx_headroom);
212
213 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
214 memset(mgmt, 0, 24 + 6);
215 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
216 IEEE80211_STYPE_AUTH);
217 if (encrypt)
218 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
219 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
220 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
221 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
222 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
223 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
224 ifsta->auth_transaction = transaction + 1;
225 mgmt->u.auth.status_code = cpu_to_le16(0);
226 if (extra)
227 memcpy(skb_put(skb, extra_len), extra, extra_len);
228
229 ieee80211_tx_skb(sdata, skb, encrypt);
230}
231
232static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
233 struct ieee80211_if_sta *ifsta)
234{ 86{
87 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
235 struct ieee80211_local *local = sdata->local; 88 struct ieee80211_local *local = sdata->local;
236 struct sk_buff *skb; 89 struct sk_buff *skb;
237 struct ieee80211_mgmt *mgmt; 90 struct ieee80211_mgmt *mgmt;
@@ -241,11 +94,11 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
241 struct ieee80211_bss *bss; 94 struct ieee80211_bss *bss;
242 int wmm = 0; 95 int wmm = 0;
243 struct ieee80211_supported_band *sband; 96 struct ieee80211_supported_band *sband;
244 u64 rates = 0; 97 u32 rates = 0;
245 98
246 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 99 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
247 sizeof(*mgmt) + 200 + ifsta->extra_ie_len + 100 sizeof(*mgmt) + 200 + ifmgd->extra_ie_len +
248 ifsta->ssid_len); 101 ifmgd->ssid_len);
249 if (!skb) { 102 if (!skb) {
250 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc " 103 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
251 "frame\n", sdata->dev->name); 104 "frame\n", sdata->dev->name);
@@ -255,7 +108,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
255 108
256 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 109 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
257 110
258 capab = ifsta->capab; 111 capab = ifmgd->capab;
259 112
260 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) { 113 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
261 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE)) 114 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
@@ -264,11 +117,11 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
264 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 117 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
265 } 118 }
266 119
267 bss = ieee80211_rx_bss_get(local, ifsta->bssid, 120 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
268 local->hw.conf.channel->center_freq, 121 local->hw.conf.channel->center_freq,
269 ifsta->ssid, ifsta->ssid_len); 122 ifmgd->ssid, ifmgd->ssid_len);
270 if (bss) { 123 if (bss) {
271 if (bss->capability & WLAN_CAPABILITY_PRIVACY) 124 if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
272 capab |= WLAN_CAPABILITY_PRIVACY; 125 capab |= WLAN_CAPABILITY_PRIVACY;
273 if (bss->wmm_used) 126 if (bss->wmm_used)
274 wmm = 1; 127 wmm = 1;
@@ -279,7 +132,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
279 * b-only mode) */ 132 * b-only mode) */
280 rates_len = ieee80211_compatible_rates(bss, sband, &rates); 133 rates_len = ieee80211_compatible_rates(bss, sband, &rates);
281 134
282 if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 135 if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
283 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 136 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
284 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 137 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
285 138
@@ -291,18 +144,18 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
291 144
292 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 145 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
293 memset(mgmt, 0, 24); 146 memset(mgmt, 0, 24);
294 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 147 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
295 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 148 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
296 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 149 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
297 150
298 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) { 151 if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) {
299 skb_put(skb, 10); 152 skb_put(skb, 10);
300 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 153 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
301 IEEE80211_STYPE_REASSOC_REQ); 154 IEEE80211_STYPE_REASSOC_REQ);
302 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 155 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
303 mgmt->u.reassoc_req.listen_interval = 156 mgmt->u.reassoc_req.listen_interval =
304 cpu_to_le16(local->hw.conf.listen_interval); 157 cpu_to_le16(local->hw.conf.listen_interval);
305 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid, 158 memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid,
306 ETH_ALEN); 159 ETH_ALEN);
307 } else { 160 } else {
308 skb_put(skb, 4); 161 skb_put(skb, 4);
@@ -314,10 +167,10 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
314 } 167 }
315 168
316 /* SSID */ 169 /* SSID */
317 ies = pos = skb_put(skb, 2 + ifsta->ssid_len); 170 ies = pos = skb_put(skb, 2 + ifmgd->ssid_len);
318 *pos++ = WLAN_EID_SSID; 171 *pos++ = WLAN_EID_SSID;
319 *pos++ = ifsta->ssid_len; 172 *pos++ = ifmgd->ssid_len;
320 memcpy(pos, ifsta->ssid, ifsta->ssid_len); 173 memcpy(pos, ifmgd->ssid, ifmgd->ssid_len);
321 174
322 /* add all rates which were marked to be used above */ 175 /* add all rates which were marked to be used above */
323 supp_rates_len = rates_len; 176 supp_rates_len = rates_len;
@@ -372,12 +225,12 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
372 } 225 }
373 } 226 }
374 227
375 if (ifsta->extra_ie) { 228 if (ifmgd->extra_ie) {
376 pos = skb_put(skb, ifsta->extra_ie_len); 229 pos = skb_put(skb, ifmgd->extra_ie_len);
377 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len); 230 memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len);
378 } 231 }
379 232
380 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) { 233 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) {
381 pos = skb_put(skb, 9); 234 pos = skb_put(skb, 9);
382 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 235 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
383 *pos++ = 7; /* len */ 236 *pos++ = 7; /* len */
@@ -391,10 +244,17 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
391 } 244 }
392 245
393 /* wmm support is a must to HT */ 246 /* wmm support is a must to HT */
394 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) && 247 /*
248 * IEEE802.11n does not allow TKIP/WEP as pairwise
249 * ciphers in HT mode. We still associate in non-ht
250 * mode (11a/b/g) if any one of these ciphers is
251 * configured as pairwise.
252 */
253 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
395 sband->ht_cap.ht_supported && 254 sband->ht_cap.ht_supported &&
396 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && 255 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) &&
397 ht_ie[1] >= sizeof(struct ieee80211_ht_info)) { 256 ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
257 (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) {
398 struct ieee80211_ht_info *ht_info = 258 struct ieee80211_ht_info *ht_info =
399 (struct ieee80211_ht_info *)(ht_ie + 2); 259 (struct ieee80211_ht_info *)(ht_ie + 2);
400 u16 cap = sband->ht_cap.cap; 260 u16 cap = sband->ht_cap.cap;
@@ -429,11 +289,11 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
429 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs)); 289 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
430 } 290 }
431 291
432 kfree(ifsta->assocreq_ies); 292 kfree(ifmgd->assocreq_ies);
433 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies; 293 ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies;
434 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL); 294 ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL);
435 if (ifsta->assocreq_ies) 295 if (ifmgd->assocreq_ies)
436 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len); 296 memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len);
437 297
438 ieee80211_tx_skb(sdata, skb, 0); 298 ieee80211_tx_skb(sdata, skb, 0);
439} 299}
@@ -443,7 +303,7 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
443 u16 stype, u16 reason) 303 u16 stype, u16 reason)
444{ 304{
445 struct ieee80211_local *local = sdata->local; 305 struct ieee80211_local *local = sdata->local;
446 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 306 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
447 struct sk_buff *skb; 307 struct sk_buff *skb;
448 struct ieee80211_mgmt *mgmt; 308 struct ieee80211_mgmt *mgmt;
449 309
@@ -457,40 +317,51 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
457 317
458 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 318 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
459 memset(mgmt, 0, 24); 319 memset(mgmt, 0, 24);
460 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 320 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN);
461 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 321 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
462 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 322 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN);
463 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 323 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
464 skb_put(skb, 2); 324 skb_put(skb, 2);
465 /* u.deauth.reason_code == u.disassoc.reason_code */ 325 /* u.deauth.reason_code == u.disassoc.reason_code */
466 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 326 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
467 327
468 ieee80211_tx_skb(sdata, skb, 0); 328 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
469} 329}
470 330
471/* MLME */ 331void ieee80211_send_pspoll(struct ieee80211_local *local,
472static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata, 332 struct ieee80211_sub_if_data *sdata)
473 struct ieee80211_bss *bss)
474{ 333{
475 struct ieee80211_local *local = sdata->local; 334 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
476 int i, have_higher_than_11mbit = 0; 335 struct ieee80211_pspoll *pspoll;
336 struct sk_buff *skb;
337 u16 fc;
477 338
478 /* cf. IEEE 802.11 9.2.12 */ 339 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*pspoll));
479 for (i = 0; i < bss->supp_rates_len; i++) 340 if (!skb) {
480 if ((bss->supp_rates[i] & 0x7f) * 5 > 110) 341 printk(KERN_DEBUG "%s: failed to allocate buffer for "
481 have_higher_than_11mbit = 1; 342 "pspoll frame\n", sdata->dev->name);
343 return;
344 }
345 skb_reserve(skb, local->hw.extra_tx_headroom);
482 346
483 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ && 347 pspoll = (struct ieee80211_pspoll *) skb_put(skb, sizeof(*pspoll));
484 have_higher_than_11mbit) 348 memset(pspoll, 0, sizeof(*pspoll));
485 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 349 fc = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_PSPOLL | IEEE80211_FCTL_PM;
486 else 350 pspoll->frame_control = cpu_to_le16(fc);
487 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 351 pspoll->aid = cpu_to_le16(ifmgd->aid);
352
353 /* aid in PS-Poll has its two MSBs each set to 1 */
354 pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14);
488 355
489 ieee80211_set_wmm_default(sdata); 356 memcpy(pspoll->bssid, ifmgd->bssid, ETH_ALEN);
357 memcpy(pspoll->ta, sdata->dev->dev_addr, ETH_ALEN);
358
359 ieee80211_tx_skb(sdata, skb, 0);
490} 360}
491 361
362/* MLME */
492static void ieee80211_sta_wmm_params(struct ieee80211_local *local, 363static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
493 struct ieee80211_if_sta *ifsta, 364 struct ieee80211_if_managed *ifmgd,
494 u8 *wmm_param, size_t wmm_param_len) 365 u8 *wmm_param, size_t wmm_param_len)
495{ 366{
496 struct ieee80211_tx_queue_params params; 367 struct ieee80211_tx_queue_params params;
@@ -498,7 +369,7 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
498 int count; 369 int count;
499 u8 *pos; 370 u8 *pos;
500 371
501 if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED)) 372 if (!(ifmgd->flags & IEEE80211_STA_WMM_ENABLED))
502 return; 373 return;
503 374
504 if (!wmm_param) 375 if (!wmm_param)
@@ -507,18 +378,15 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
507 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 378 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
508 return; 379 return;
509 count = wmm_param[6] & 0x0f; 380 count = wmm_param[6] & 0x0f;
510 if (count == ifsta->wmm_last_param_set) 381 if (count == ifmgd->wmm_last_param_set)
511 return; 382 return;
512 ifsta->wmm_last_param_set = count; 383 ifmgd->wmm_last_param_set = count;
513 384
514 pos = wmm_param + 8; 385 pos = wmm_param + 8;
515 left = wmm_param_len - 8; 386 left = wmm_param_len - 8;
516 387
517 memset(&params, 0, sizeof(params)); 388 memset(&params, 0, sizeof(params));
518 389
519 if (!local->ops->conf_tx)
520 return;
521
522 local->wmm_acm = 0; 390 local->wmm_acm = 0;
523 for (; left >= 4; left -= 4, pos += 4) { 391 for (; left >= 4; left -= 4, pos += 4) {
524 int aci = (pos[0] >> 5) & 0x03; 392 int aci = (pos[0] >> 5) & 0x03;
@@ -526,26 +394,26 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
526 int queue; 394 int queue;
527 395
528 switch (aci) { 396 switch (aci) {
529 case 1: 397 case 1: /* AC_BK */
530 queue = 3; 398 queue = 3;
531 if (acm) 399 if (acm)
532 local->wmm_acm |= BIT(0) | BIT(3); 400 local->wmm_acm |= BIT(1) | BIT(2); /* BK/- */
533 break; 401 break;
534 case 2: 402 case 2: /* AC_VI */
535 queue = 1; 403 queue = 1;
536 if (acm) 404 if (acm)
537 local->wmm_acm |= BIT(4) | BIT(5); 405 local->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */
538 break; 406 break;
539 case 3: 407 case 3: /* AC_VO */
540 queue = 0; 408 queue = 0;
541 if (acm) 409 if (acm)
542 local->wmm_acm |= BIT(6) | BIT(7); 410 local->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */
543 break; 411 break;
544 case 0: 412 case 0: /* AC_BE */
545 default: 413 default:
546 queue = 2; 414 queue = 2;
547 if (acm) 415 if (acm)
548 local->wmm_acm |= BIT(1) | BIT(2); 416 local->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */
549 break; 417 break;
550 } 418 }
551 419
@@ -559,21 +427,41 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
559 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min, 427 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
560 params.cw_max, params.txop); 428 params.cw_max, params.txop);
561#endif 429#endif
562 /* TODO: handle ACM (block TX, fallback to next lowest allowed 430 if (local->ops->conf_tx &&
563 * AC for now) */ 431 local->ops->conf_tx(local_to_hw(local), queue, &params)) {
564 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
565 printk(KERN_DEBUG "%s: failed to set TX queue " 432 printk(KERN_DEBUG "%s: failed to set TX queue "
566 "parameters for queue %d\n", local->mdev->name, queue); 433 "parameters for queue %d\n", local->mdev->name, queue);
567 } 434 }
568 } 435 }
569} 436}
570 437
438static bool ieee80211_check_tim(struct ieee802_11_elems *elems, u16 aid)
439{
440 u8 mask;
441 u8 index, indexn1, indexn2;
442 struct ieee80211_tim_ie *tim = (struct ieee80211_tim_ie *) elems->tim;
443
444 aid &= 0x3fff;
445 index = aid / 8;
446 mask = 1 << (aid & 7);
447
448 indexn1 = tim->bitmap_ctrl & 0xfe;
449 indexn2 = elems->tim_len + indexn1 - 4;
450
451 if (index < indexn1 || index > indexn2)
452 return false;
453
454 index -= indexn1;
455
456 return !!(tim->virtual_map[index] & mask);
457}
458
571static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 459static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
572 u16 capab, bool erp_valid, u8 erp) 460 u16 capab, bool erp_valid, u8 erp)
573{ 461{
574 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 462 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
575#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 463#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
576 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 464 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
577#endif 465#endif
578 u32 changed = 0; 466 u32 changed = 0;
579 bool use_protection; 467 bool use_protection;
@@ -596,7 +484,7 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
596 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n", 484 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
597 sdata->dev->name, 485 sdata->dev->name,
598 use_protection ? "enabled" : "disabled", 486 use_protection ? "enabled" : "disabled",
599 ifsta->bssid); 487 ifmgd->bssid);
600 } 488 }
601#endif 489#endif
602 bss_conf->use_cts_prot = use_protection; 490 bss_conf->use_cts_prot = use_protection;
@@ -610,7 +498,7 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
610 " (BSSID=%pM)\n", 498 " (BSSID=%pM)\n",
611 sdata->dev->name, 499 sdata->dev->name,
612 use_short_preamble ? "short" : "long", 500 use_short_preamble ? "short" : "long",
613 ifsta->bssid); 501 ifmgd->bssid);
614 } 502 }
615#endif 503#endif
616 bss_conf->use_short_preamble = use_short_preamble; 504 bss_conf->use_short_preamble = use_short_preamble;
@@ -624,7 +512,7 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
624 " (BSSID=%pM)\n", 512 " (BSSID=%pM)\n",
625 sdata->dev->name, 513 sdata->dev->name,
626 use_short_slot ? "short" : "long", 514 use_short_slot ? "short" : "long",
627 ifsta->bssid); 515 ifmgd->bssid);
628 } 516 }
629#endif 517#endif
630 bss_conf->use_short_slot = use_short_slot; 518 bss_conf->use_short_slot = use_short_slot;
@@ -634,57 +522,57 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
634 return changed; 522 return changed;
635} 523}
636 524
637static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata, 525static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata)
638 struct ieee80211_if_sta *ifsta)
639{ 526{
640 union iwreq_data wrqu; 527 union iwreq_data wrqu;
528
641 memset(&wrqu, 0, sizeof(wrqu)); 529 memset(&wrqu, 0, sizeof(wrqu));
642 if (ifsta->flags & IEEE80211_STA_ASSOCIATED) 530 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)
643 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN); 531 memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN);
644 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 532 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
645 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL); 533 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
646} 534}
647 535
648static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata, 536static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata)
649 struct ieee80211_if_sta *ifsta)
650{ 537{
538 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
651 char *buf; 539 char *buf;
652 size_t len; 540 size_t len;
653 int i; 541 int i;
654 union iwreq_data wrqu; 542 union iwreq_data wrqu;
655 543
656 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies) 544 if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies)
657 return; 545 return;
658 546
659 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len + 547 buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len +
660 ifsta->assocresp_ies_len), GFP_KERNEL); 548 ifmgd->assocresp_ies_len), GFP_KERNEL);
661 if (!buf) 549 if (!buf)
662 return; 550 return;
663 551
664 len = sprintf(buf, "ASSOCINFO("); 552 len = sprintf(buf, "ASSOCINFO(");
665 if (ifsta->assocreq_ies) { 553 if (ifmgd->assocreq_ies) {
666 len += sprintf(buf + len, "ReqIEs="); 554 len += sprintf(buf + len, "ReqIEs=");
667 for (i = 0; i < ifsta->assocreq_ies_len; i++) { 555 for (i = 0; i < ifmgd->assocreq_ies_len; i++) {
668 len += sprintf(buf + len, "%02x", 556 len += sprintf(buf + len, "%02x",
669 ifsta->assocreq_ies[i]); 557 ifmgd->assocreq_ies[i]);
670 } 558 }
671 } 559 }
672 if (ifsta->assocresp_ies) { 560 if (ifmgd->assocresp_ies) {
673 if (ifsta->assocreq_ies) 561 if (ifmgd->assocreq_ies)
674 len += sprintf(buf + len, " "); 562 len += sprintf(buf + len, " ");
675 len += sprintf(buf + len, "RespIEs="); 563 len += sprintf(buf + len, "RespIEs=");
676 for (i = 0; i < ifsta->assocresp_ies_len; i++) { 564 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
677 len += sprintf(buf + len, "%02x", 565 len += sprintf(buf + len, "%02x",
678 ifsta->assocresp_ies[i]); 566 ifmgd->assocresp_ies[i]);
679 } 567 }
680 } 568 }
681 len += sprintf(buf + len, ")"); 569 len += sprintf(buf + len, ")");
682 570
683 if (len > IW_CUSTOM_MAX) { 571 if (len > IW_CUSTOM_MAX) {
684 len = sprintf(buf, "ASSOCRESPIE="); 572 len = sprintf(buf, "ASSOCRESPIE=");
685 for (i = 0; i < ifsta->assocresp_ies_len; i++) { 573 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
686 len += sprintf(buf + len, "%02x", 574 len += sprintf(buf + len, "%02x",
687 ifsta->assocresp_ies[i]); 575 ifmgd->assocresp_ies[i]);
688 } 576 }
689 } 577 }
690 578
@@ -699,40 +587,39 @@ static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
699 587
700 588
701static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 589static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
702 struct ieee80211_if_sta *ifsta,
703 u32 bss_info_changed) 590 u32 bss_info_changed)
704{ 591{
592 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
705 struct ieee80211_local *local = sdata->local; 593 struct ieee80211_local *local = sdata->local;
706 struct ieee80211_conf *conf = &local_to_hw(local)->conf; 594 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
707 595
708 struct ieee80211_bss *bss; 596 struct ieee80211_bss *bss;
709 597
710 bss_info_changed |= BSS_CHANGED_ASSOC; 598 bss_info_changed |= BSS_CHANGED_ASSOC;
711 ifsta->flags |= IEEE80211_STA_ASSOCIATED; 599 ifmgd->flags |= IEEE80211_STA_ASSOCIATED;
712
713 if (sdata->vif.type != NL80211_IFTYPE_STATION)
714 return;
715 600
716 bss = ieee80211_rx_bss_get(local, ifsta->bssid, 601 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
717 conf->channel->center_freq, 602 conf->channel->center_freq,
718 ifsta->ssid, ifsta->ssid_len); 603 ifmgd->ssid, ifmgd->ssid_len);
719 if (bss) { 604 if (bss) {
720 /* set timing information */ 605 /* set timing information */
721 sdata->vif.bss_conf.beacon_int = bss->beacon_int; 606 sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
722 sdata->vif.bss_conf.timestamp = bss->timestamp; 607 sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
723 sdata->vif.bss_conf.dtim_period = bss->dtim_period; 608 sdata->vif.bss_conf.dtim_period = bss->dtim_period;
724 609
725 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 610 bss_info_changed |= ieee80211_handle_bss_capability(sdata,
726 bss->capability, bss->has_erp_value, bss->erp_value); 611 bss->cbss.capability, bss->has_erp_value, bss->erp_value);
612
613 cfg80211_hold_bss(&bss->cbss);
727 614
728 ieee80211_rx_bss_put(local, bss); 615 ieee80211_rx_bss_put(local, bss);
729 } 616 }
730 617
731 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET; 618 ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET;
732 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN); 619 memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN);
733 ieee80211_sta_send_associnfo(sdata, ifsta); 620 ieee80211_sta_send_associnfo(sdata);
734 621
735 ifsta->last_probe = jiffies; 622 ifmgd->last_probe = jiffies;
736 ieee80211_led_assoc(local, 1); 623 ieee80211_led_assoc(local, 1);
737 624
738 sdata->vif.bss_conf.assoc = 1; 625 sdata->vif.bss_conf.assoc = 1;
@@ -745,72 +632,115 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
745 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 632 ieee80211_bss_info_change_notify(sdata, bss_info_changed);
746 633
747 if (local->powersave) { 634 if (local->powersave) {
748 if (local->dynamic_ps_timeout > 0) 635 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS) &&
636 local->hw.conf.dynamic_ps_timeout > 0) {
749 mod_timer(&local->dynamic_ps_timer, jiffies + 637 mod_timer(&local->dynamic_ps_timer, jiffies +
750 msecs_to_jiffies(local->dynamic_ps_timeout)); 638 msecs_to_jiffies(
751 else { 639 local->hw.conf.dynamic_ps_timeout));
640 } else {
641 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
642 ieee80211_send_nullfunc(local, sdata, 1);
752 conf->flags |= IEEE80211_CONF_PS; 643 conf->flags |= IEEE80211_CONF_PS;
753 ieee80211_hw_config(local, 644 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
754 IEEE80211_CONF_CHANGE_PS);
755 } 645 }
756 } 646 }
757 647
758 netif_tx_start_all_queues(sdata->dev); 648 netif_tx_start_all_queues(sdata->dev);
759 netif_carrier_on(sdata->dev); 649 netif_carrier_on(sdata->dev);
760 650
761 ieee80211_sta_send_apinfo(sdata, ifsta); 651 ieee80211_sta_send_apinfo(sdata);
762} 652}
763 653
764static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata, 654static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata)
765 struct ieee80211_if_sta *ifsta)
766{ 655{
767 ifsta->direct_probe_tries++; 656 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
768 if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) { 657 struct ieee80211_local *local = sdata->local;
658
659 ifmgd->direct_probe_tries++;
660 if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
769 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n", 661 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
770 sdata->dev->name, ifsta->bssid); 662 sdata->dev->name, ifmgd->bssid);
771 ifsta->state = IEEE80211_STA_MLME_DISABLED; 663 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
772 ieee80211_sta_send_apinfo(sdata, ifsta); 664 ieee80211_sta_send_apinfo(sdata);
665
666 /*
667 * Most likely AP is not in the range so remove the
668 * bss information associated to the AP
669 */
670 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
671 sdata->local->hw.conf.channel->center_freq,
672 ifmgd->ssid, ifmgd->ssid_len);
673
674 /*
675 * We might have a pending scan which had no chance to run yet
676 * due to state == IEEE80211_STA_MLME_DIRECT_PROBE.
677 * Hence, queue the STAs work again
678 */
679 queue_work(local->hw.workqueue, &ifmgd->work);
773 return; 680 return;
774 } 681 }
775 682
776 printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n", 683 printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n",
777 sdata->dev->name, ifsta->bssid, 684 sdata->dev->name, ifmgd->bssid,
778 ifsta->direct_probe_tries); 685 ifmgd->direct_probe_tries);
779 686
780 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE; 687 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
781 688
782 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request); 689 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifmgd->request);
783 690
784 /* Direct probe is sent to broadcast address as some APs 691 /* Direct probe is sent to broadcast address as some APs
785 * will not answer to direct packet in unassociated state. 692 * will not answer to direct packet in unassociated state.
786 */ 693 */
787 ieee80211_send_probe_req(sdata, NULL, 694 ieee80211_send_probe_req(sdata, NULL,
788 ifsta->ssid, ifsta->ssid_len); 695 ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
789 696
790 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 697 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
791} 698}
792 699
793 700
794static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata, 701static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata)
795 struct ieee80211_if_sta *ifsta)
796{ 702{
797 ifsta->auth_tries++; 703 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
798 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) { 704 struct ieee80211_local *local = sdata->local;
705 u8 *ies;
706 size_t ies_len;
707
708 ifmgd->auth_tries++;
709 if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
799 printk(KERN_DEBUG "%s: authentication with AP %pM" 710 printk(KERN_DEBUG "%s: authentication with AP %pM"
800 " timed out\n", 711 " timed out\n",
801 sdata->dev->name, ifsta->bssid); 712 sdata->dev->name, ifmgd->bssid);
802 ifsta->state = IEEE80211_STA_MLME_DISABLED; 713 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
803 ieee80211_sta_send_apinfo(sdata, ifsta); 714 ieee80211_sta_send_apinfo(sdata);
715 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
716 sdata->local->hw.conf.channel->center_freq,
717 ifmgd->ssid, ifmgd->ssid_len);
718
719 /*
720 * We might have a pending scan which had no chance to run yet
721 * due to state == IEEE80211_STA_MLME_AUTHENTICATE.
722 * Hence, queue the STAs work again
723 */
724 queue_work(local->hw.workqueue, &ifmgd->work);
804 return; 725 return;
805 } 726 }
806 727
807 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE; 728 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
808 printk(KERN_DEBUG "%s: authenticate with AP %pM\n", 729 printk(KERN_DEBUG "%s: authenticate with AP %pM\n",
809 sdata->dev->name, ifsta->bssid); 730 sdata->dev->name, ifmgd->bssid);
810 731
811 ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0); 732 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
733 ies = ifmgd->sme_auth_ie;
734 ies_len = ifmgd->sme_auth_ie_len;
735 } else {
736 ies = NULL;
737 ies_len = 0;
738 }
739 ieee80211_send_auth(sdata, 1, ifmgd->auth_alg, ies, ies_len,
740 ifmgd->bssid, 0);
741 ifmgd->auth_transaction = 2;
812 742
813 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 743 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
814} 744}
815 745
816/* 746/*
@@ -818,32 +748,44 @@ static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
818 * if self disconnected or a reason code from the AP. 748 * if self disconnected or a reason code from the AP.
819 */ 749 */
820static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 750static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
821 struct ieee80211_if_sta *ifsta, bool deauth, 751 bool deauth, bool self_disconnected,
822 bool self_disconnected, u16 reason) 752 u16 reason)
823{ 753{
754 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
824 struct ieee80211_local *local = sdata->local; 755 struct ieee80211_local *local = sdata->local;
756 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
757 struct ieee80211_bss *bss;
825 struct sta_info *sta; 758 struct sta_info *sta;
826 u32 changed = 0, config_changed = 0; 759 u32 changed = 0, config_changed = 0;
827 760
828 rcu_read_lock(); 761 rcu_read_lock();
829 762
830 sta = sta_info_get(local, ifsta->bssid); 763 sta = sta_info_get(local, ifmgd->bssid);
831 if (!sta) { 764 if (!sta) {
832 rcu_read_unlock(); 765 rcu_read_unlock();
833 return; 766 return;
834 } 767 }
835 768
836 if (deauth) { 769 if (deauth) {
837 ifsta->direct_probe_tries = 0; 770 ifmgd->direct_probe_tries = 0;
838 ifsta->auth_tries = 0; 771 ifmgd->auth_tries = 0;
839 } 772 }
840 ifsta->assoc_scan_tries = 0; 773 ifmgd->assoc_scan_tries = 0;
841 ifsta->assoc_tries = 0; 774 ifmgd->assoc_tries = 0;
842 775
843 netif_tx_stop_all_queues(sdata->dev); 776 netif_tx_stop_all_queues(sdata->dev);
844 netif_carrier_off(sdata->dev); 777 netif_carrier_off(sdata->dev);
845 778
846 ieee80211_sta_tear_down_BA_sessions(sdata, sta->sta.addr); 779 ieee80211_sta_tear_down_BA_sessions(sta);
780
781 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
782 conf->channel->center_freq,
783 ifmgd->ssid, ifmgd->ssid_len);
784
785 if (bss) {
786 cfg80211_unhold_bss(&bss->cbss);
787 ieee80211_rx_bss_put(local, bss);
788 }
847 789
848 if (self_disconnected) { 790 if (self_disconnected) {
849 if (deauth) 791 if (deauth)
@@ -854,23 +796,28 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
854 IEEE80211_STYPE_DISASSOC, reason); 796 IEEE80211_STYPE_DISASSOC, reason);
855 } 797 }
856 798
857 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED; 799 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
858 changed |= ieee80211_reset_erp_info(sdata); 800 changed |= ieee80211_reset_erp_info(sdata);
859 801
860 ieee80211_led_assoc(local, 0); 802 ieee80211_led_assoc(local, 0);
861 changed |= BSS_CHANGED_ASSOC; 803 changed |= BSS_CHANGED_ASSOC;
862 sdata->vif.bss_conf.assoc = false; 804 sdata->vif.bss_conf.assoc = false;
863 805
864 ieee80211_sta_send_apinfo(sdata, ifsta); 806 ieee80211_sta_send_apinfo(sdata);
865 807
866 if (self_disconnected || reason == WLAN_REASON_DISASSOC_STA_HAS_LEFT) 808 if (self_disconnected || reason == WLAN_REASON_DISASSOC_STA_HAS_LEFT) {
867 ifsta->state = IEEE80211_STA_MLME_DISABLED; 809 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
810 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
811 sdata->local->hw.conf.channel->center_freq,
812 ifmgd->ssid, ifmgd->ssid_len);
813 }
868 814
869 rcu_read_unlock(); 815 rcu_read_unlock();
870 816
871 local->hw.conf.ht.enabled = false; 817 /* channel(_type) changes are handled by ieee80211_hw_config */
872 local->oper_channel_type = NL80211_CHAN_NO_HT; 818 local->oper_channel_type = NL80211_CHAN_NO_HT;
873 config_changed |= IEEE80211_CONF_CHANGE_HT; 819
820 local->power_constr_level = 0;
874 821
875 del_timer_sync(&local->dynamic_ps_timer); 822 del_timer_sync(&local->dynamic_ps_timer);
876 cancel_work_sync(&local->dynamic_ps_enable_work); 823 cancel_work_sync(&local->dynamic_ps_enable_work);
@@ -885,7 +832,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
885 832
886 rcu_read_lock(); 833 rcu_read_lock();
887 834
888 sta = sta_info_get(local, ifsta->bssid); 835 sta = sta_info_get(local, ifmgd->bssid);
889 if (!sta) { 836 if (!sta) {
890 rcu_read_unlock(); 837 rcu_read_unlock();
891 return; 838 return;
@@ -906,27 +853,27 @@ static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
906 return 1; 853 return 1;
907} 854}
908 855
909static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata, 856static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata)
910 struct ieee80211_if_sta *ifsta)
911{ 857{
858 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
912 struct ieee80211_local *local = sdata->local; 859 struct ieee80211_local *local = sdata->local;
913 struct ieee80211_bss *bss; 860 struct ieee80211_bss *bss;
914 int bss_privacy; 861 int bss_privacy;
915 int wep_privacy; 862 int wep_privacy;
916 int privacy_invoked; 863 int privacy_invoked;
917 864
918 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL)) 865 if (!ifmgd || (ifmgd->flags & IEEE80211_STA_EXT_SME))
919 return 0; 866 return 0;
920 867
921 bss = ieee80211_rx_bss_get(local, ifsta->bssid, 868 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
922 local->hw.conf.channel->center_freq, 869 local->hw.conf.channel->center_freq,
923 ifsta->ssid, ifsta->ssid_len); 870 ifmgd->ssid, ifmgd->ssid_len);
924 if (!bss) 871 if (!bss)
925 return 0; 872 return 0;
926 873
927 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY); 874 bss_privacy = !!(bss->cbss.capability & WLAN_CAPABILITY_PRIVACY);
928 wep_privacy = !!ieee80211_sta_wep_configured(sdata); 875 wep_privacy = !!ieee80211_sta_wep_configured(sdata);
929 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED); 876 privacy_invoked = !!(ifmgd->flags & IEEE80211_STA_PRIVACY_INVOKED);
930 877
931 ieee80211_rx_bss_put(local, bss); 878 ieee80211_rx_bss_put(local, bss);
932 879
@@ -936,105 +883,173 @@ static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
936 return 1; 883 return 1;
937} 884}
938 885
939static void ieee80211_associate(struct ieee80211_sub_if_data *sdata, 886static void ieee80211_associate(struct ieee80211_sub_if_data *sdata)
940 struct ieee80211_if_sta *ifsta)
941{ 887{
942 ifsta->assoc_tries++; 888 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
943 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) { 889 struct ieee80211_local *local = sdata->local;
890
891 ifmgd->assoc_tries++;
892 if (ifmgd->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
944 printk(KERN_DEBUG "%s: association with AP %pM" 893 printk(KERN_DEBUG "%s: association with AP %pM"
945 " timed out\n", 894 " timed out\n",
946 sdata->dev->name, ifsta->bssid); 895 sdata->dev->name, ifmgd->bssid);
947 ifsta->state = IEEE80211_STA_MLME_DISABLED; 896 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
948 ieee80211_sta_send_apinfo(sdata, ifsta); 897 ieee80211_sta_send_apinfo(sdata);
898 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
899 sdata->local->hw.conf.channel->center_freq,
900 ifmgd->ssid, ifmgd->ssid_len);
901 /*
902 * We might have a pending scan which had no chance to run yet
903 * due to state == IEEE80211_STA_MLME_ASSOCIATE.
904 * Hence, queue the STAs work again
905 */
906 queue_work(local->hw.workqueue, &ifmgd->work);
949 return; 907 return;
950 } 908 }
951 909
952 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE; 910 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE;
953 printk(KERN_DEBUG "%s: associate with AP %pM\n", 911 printk(KERN_DEBUG "%s: associate with AP %pM\n",
954 sdata->dev->name, ifsta->bssid); 912 sdata->dev->name, ifmgd->bssid);
955 if (ieee80211_privacy_mismatch(sdata, ifsta)) { 913 if (ieee80211_privacy_mismatch(sdata)) {
956 printk(KERN_DEBUG "%s: mismatch in privacy configuration and " 914 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
957 "mixed-cell disabled - abort association\n", sdata->dev->name); 915 "mixed-cell disabled - abort association\n", sdata->dev->name);
958 ifsta->state = IEEE80211_STA_MLME_DISABLED; 916 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
959 return; 917 return;
960 } 918 }
961 919
962 ieee80211_send_assoc(sdata, ifsta); 920 ieee80211_send_assoc(sdata);
963 921
964 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT); 922 mod_timer(&ifmgd->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
965} 923}
966 924
925void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
926 struct ieee80211_hdr *hdr)
927{
928 /*
929 * We can postpone the mgd.timer whenever receiving unicast frames
930 * from AP because we know that the connection is working both ways
931 * at that time. But multicast frames (and hence also beacons) must
932 * be ignored here, because we need to trigger the timer during
933 * data idle periods for sending the periodical probe request to
934 * the AP.
935 */
936 if (!is_multicast_ether_addr(hdr->addr1))
937 mod_timer(&sdata->u.mgd.timer,
938 jiffies + IEEE80211_MONITORING_INTERVAL);
939}
967 940
968static void ieee80211_associated(struct ieee80211_sub_if_data *sdata, 941void ieee80211_beacon_loss_work(struct work_struct *work)
969 struct ieee80211_if_sta *ifsta)
970{ 942{
943 struct ieee80211_sub_if_data *sdata =
944 container_of(work, struct ieee80211_sub_if_data,
945 u.mgd.beacon_loss_work);
946 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
947
948 printk(KERN_DEBUG "%s: driver reports beacon loss from AP %pM "
949 "- sending probe request\n", sdata->dev->name,
950 sdata->u.mgd.bssid);
951
952 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
953 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
954 ifmgd->ssid_len, NULL, 0);
955
956 mod_timer(&ifmgd->timer, jiffies + IEEE80211_MONITORING_INTERVAL);
957}
958
959void ieee80211_beacon_loss(struct ieee80211_vif *vif)
960{
961 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
962
963 queue_work(sdata->local->hw.workqueue,
964 &sdata->u.mgd.beacon_loss_work);
965}
966EXPORT_SYMBOL(ieee80211_beacon_loss);
967
968static void ieee80211_associated(struct ieee80211_sub_if_data *sdata)
969{
970 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
971 struct ieee80211_local *local = sdata->local; 971 struct ieee80211_local *local = sdata->local;
972 struct sta_info *sta; 972 struct sta_info *sta;
973 int disassoc; 973 bool disassoc = false;
974 974
975 /* TODO: start monitoring current AP signal quality and number of 975 /* TODO: start monitoring current AP signal quality and number of
976 * missed beacons. Scan other channels every now and then and search 976 * missed beacons. Scan other channels every now and then and search
977 * for better APs. */ 977 * for better APs. */
978 /* TODO: remove expired BSSes */ 978 /* TODO: remove expired BSSes */
979 979
980 ifsta->state = IEEE80211_STA_MLME_ASSOCIATED; 980 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATED;
981 981
982 rcu_read_lock(); 982 rcu_read_lock();
983 983
984 sta = sta_info_get(local, ifsta->bssid); 984 sta = sta_info_get(local, ifmgd->bssid);
985 if (!sta) { 985 if (!sta) {
986 printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n", 986 printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n",
987 sdata->dev->name, ifsta->bssid); 987 sdata->dev->name, ifmgd->bssid);
988 disassoc = 1; 988 disassoc = true;
989 } else { 989 goto unlock;
990 disassoc = 0;
991 if (time_after(jiffies,
992 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
993 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
994 printk(KERN_DEBUG "%s: No ProbeResp from "
995 "current AP %pM - assume out of "
996 "range\n",
997 sdata->dev->name, ifsta->bssid);
998 disassoc = 1;
999 } else
1000 ieee80211_send_probe_req(sdata, ifsta->bssid,
1001 ifsta->ssid,
1002 ifsta->ssid_len);
1003 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
1004 } else {
1005 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1006 if (time_after(jiffies, ifsta->last_probe +
1007 IEEE80211_PROBE_INTERVAL)) {
1008 ifsta->last_probe = jiffies;
1009 ieee80211_send_probe_req(sdata, ifsta->bssid,
1010 ifsta->ssid,
1011 ifsta->ssid_len);
1012 }
1013 }
1014 } 990 }
1015 991
992 if ((ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) &&
993 time_after(jiffies, sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
994 printk(KERN_DEBUG "%s: no probe response from AP %pM "
995 "- disassociating\n",
996 sdata->dev->name, ifmgd->bssid);
997 disassoc = true;
998 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
999 goto unlock;
1000 }
1001
1002 /*
1003 * Beacon filtering is only enabled with power save and then the
1004 * stack should not check for beacon loss.
1005 */
1006 if (!((local->hw.flags & IEEE80211_HW_BEACON_FILTER) &&
1007 (local->hw.conf.flags & IEEE80211_CONF_PS)) &&
1008 time_after(jiffies,
1009 ifmgd->last_beacon + IEEE80211_MONITORING_INTERVAL)) {
1010 printk(KERN_DEBUG "%s: beacon loss from AP %pM "
1011 "- sending probe request\n",
1012 sdata->dev->name, ifmgd->bssid);
1013 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
1014 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
1015 ifmgd->ssid_len, NULL, 0);
1016 goto unlock;
1017
1018 }
1019
1020 if (time_after(jiffies, sta->last_rx + IEEE80211_PROBE_IDLE_TIME)) {
1021 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
1022 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
1023 ifmgd->ssid_len, NULL, 0);
1024 }
1025
1026 unlock:
1016 rcu_read_unlock(); 1027 rcu_read_unlock();
1017 1028
1018 if (disassoc) 1029 if (disassoc)
1019 ieee80211_set_disassoc(sdata, ifsta, true, true, 1030 ieee80211_set_disassoc(sdata, true, true,
1020 WLAN_REASON_PREV_AUTH_NOT_VALID); 1031 WLAN_REASON_PREV_AUTH_NOT_VALID);
1021 else 1032 else
1022 mod_timer(&ifsta->timer, jiffies + 1033 mod_timer(&ifmgd->timer, jiffies +
1023 IEEE80211_MONITORING_INTERVAL); 1034 IEEE80211_MONITORING_INTERVAL);
1024} 1035}
1025 1036
1026 1037
1027static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata, 1038static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata)
1028 struct ieee80211_if_sta *ifsta)
1029{ 1039{
1040 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1041
1030 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name); 1042 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1031 ifsta->flags |= IEEE80211_STA_AUTHENTICATED; 1043 ifmgd->flags |= IEEE80211_STA_AUTHENTICATED;
1032 ieee80211_associate(sdata, ifsta); 1044 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
1045 /* Wait for SME to request association */
1046 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1047 } else
1048 ieee80211_associate(sdata);
1033} 1049}
1034 1050
1035 1051
1036static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1052static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1037 struct ieee80211_if_sta *ifsta,
1038 struct ieee80211_mgmt *mgmt, 1053 struct ieee80211_mgmt *mgmt,
1039 size_t len) 1054 size_t len)
1040{ 1055{
@@ -1045,50 +1060,37 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1045 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1060 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1046 if (!elems.challenge) 1061 if (!elems.challenge)
1047 return; 1062 return;
1048 ieee80211_send_auth(sdata, ifsta, 3, elems.challenge - 2, 1063 ieee80211_send_auth(sdata, 3, sdata->u.mgd.auth_alg,
1049 elems.challenge_len + 2, 1); 1064 elems.challenge - 2, elems.challenge_len + 2,
1065 sdata->u.mgd.bssid, 1);
1066 sdata->u.mgd.auth_transaction = 4;
1050} 1067}
1051 1068
1052static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1069static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1053 struct ieee80211_if_sta *ifsta,
1054 struct ieee80211_mgmt *mgmt, 1070 struct ieee80211_mgmt *mgmt,
1055 size_t len) 1071 size_t len)
1056{ 1072{
1073 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1057 u16 auth_alg, auth_transaction, status_code; 1074 u16 auth_alg, auth_transaction, status_code;
1058 1075
1059 if (ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE && 1076 if (ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE)
1060 sdata->vif.type != NL80211_IFTYPE_ADHOC)
1061 return; 1077 return;
1062 1078
1063 if (len < 24 + 6) 1079 if (len < 24 + 6)
1064 return; 1080 return;
1065 1081
1066 if (sdata->vif.type != NL80211_IFTYPE_ADHOC && 1082 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0)
1067 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
1068 return; 1083 return;
1069 1084
1070 if (sdata->vif.type != NL80211_IFTYPE_ADHOC && 1085 if (memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0)
1071 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1072 return; 1086 return;
1073 1087
1074 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1088 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1075 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1089 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1076 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1090 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1077 1091
1078 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 1092 if (auth_alg != ifmgd->auth_alg ||
1079 /* 1093 auth_transaction != ifmgd->auth_transaction)
1080 * IEEE 802.11 standard does not require authentication in IBSS
1081 * networks and most implementations do not seem to use it.
1082 * However, try to reply to authentication attempts if someone
1083 * has actually implemented this.
1084 */
1085 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
1086 return;
1087 ieee80211_send_auth(sdata, ifsta, 2, NULL, 0, 0);
1088 }
1089
1090 if (auth_alg != ifsta->auth_alg ||
1091 auth_transaction != ifsta->auth_transaction)
1092 return; 1094 return;
1093 1095
1094 if (status_code != WLAN_STATUS_SUCCESS) { 1096 if (status_code != WLAN_STATUS_SUCCESS) {
@@ -1097,15 +1099,15 @@ static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1097 const int num_algs = ARRAY_SIZE(algs); 1099 const int num_algs = ARRAY_SIZE(algs);
1098 int i, pos; 1100 int i, pos;
1099 algs[0] = algs[1] = algs[2] = 0xff; 1101 algs[0] = algs[1] = algs[2] = 0xff;
1100 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN) 1102 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1101 algs[0] = WLAN_AUTH_OPEN; 1103 algs[0] = WLAN_AUTH_OPEN;
1102 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 1104 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1103 algs[1] = WLAN_AUTH_SHARED_KEY; 1105 algs[1] = WLAN_AUTH_SHARED_KEY;
1104 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP) 1106 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1105 algs[2] = WLAN_AUTH_LEAP; 1107 algs[2] = WLAN_AUTH_LEAP;
1106 if (ifsta->auth_alg == WLAN_AUTH_OPEN) 1108 if (ifmgd->auth_alg == WLAN_AUTH_OPEN)
1107 pos = 0; 1109 pos = 0;
1108 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY) 1110 else if (ifmgd->auth_alg == WLAN_AUTH_SHARED_KEY)
1109 pos = 1; 1111 pos = 1;
1110 else 1112 else
1111 pos = 2; 1113 pos = 2;
@@ -1113,105 +1115,112 @@ static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1113 pos++; 1115 pos++;
1114 if (pos >= num_algs) 1116 if (pos >= num_algs)
1115 pos = 0; 1117 pos = 0;
1116 if (algs[pos] == ifsta->auth_alg || 1118 if (algs[pos] == ifmgd->auth_alg ||
1117 algs[pos] == 0xff) 1119 algs[pos] == 0xff)
1118 continue; 1120 continue;
1119 if (algs[pos] == WLAN_AUTH_SHARED_KEY && 1121 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1120 !ieee80211_sta_wep_configured(sdata)) 1122 !ieee80211_sta_wep_configured(sdata))
1121 continue; 1123 continue;
1122 ifsta->auth_alg = algs[pos]; 1124 ifmgd->auth_alg = algs[pos];
1123 break; 1125 break;
1124 } 1126 }
1125 } 1127 }
1126 return; 1128 return;
1127 } 1129 }
1128 1130
1129 switch (ifsta->auth_alg) { 1131 switch (ifmgd->auth_alg) {
1130 case WLAN_AUTH_OPEN: 1132 case WLAN_AUTH_OPEN:
1131 case WLAN_AUTH_LEAP: 1133 case WLAN_AUTH_LEAP:
1132 ieee80211_auth_completed(sdata, ifsta); 1134 case WLAN_AUTH_FT:
1135 ieee80211_auth_completed(sdata);
1136 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len);
1133 break; 1137 break;
1134 case WLAN_AUTH_SHARED_KEY: 1138 case WLAN_AUTH_SHARED_KEY:
1135 if (ifsta->auth_transaction == 4) 1139 if (ifmgd->auth_transaction == 4) {
1136 ieee80211_auth_completed(sdata, ifsta); 1140 ieee80211_auth_completed(sdata);
1137 else 1141 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len);
1138 ieee80211_auth_challenge(sdata, ifsta, mgmt, len); 1142 } else
1143 ieee80211_auth_challenge(sdata, mgmt, len);
1139 break; 1144 break;
1140 } 1145 }
1141} 1146}
1142 1147
1143 1148
1144static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1149static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
1145 struct ieee80211_if_sta *ifsta,
1146 struct ieee80211_mgmt *mgmt, 1150 struct ieee80211_mgmt *mgmt,
1147 size_t len) 1151 size_t len)
1148{ 1152{
1153 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1149 u16 reason_code; 1154 u16 reason_code;
1150 1155
1151 if (len < 24 + 2) 1156 if (len < 24 + 2)
1152 return; 1157 return;
1153 1158
1154 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN)) 1159 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN))
1155 return; 1160 return;
1156 1161
1157 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1162 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1158 1163
1159 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED) 1164 if (ifmgd->flags & IEEE80211_STA_AUTHENTICATED)
1160 printk(KERN_DEBUG "%s: deauthenticated (Reason: %u)\n", 1165 printk(KERN_DEBUG "%s: deauthenticated (Reason: %u)\n",
1161 sdata->dev->name, reason_code); 1166 sdata->dev->name, reason_code);
1162 1167
1163 if (ifsta->state == IEEE80211_STA_MLME_AUTHENTICATE || 1168 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) &&
1164 ifsta->state == IEEE80211_STA_MLME_ASSOCIATE || 1169 (ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE ||
1165 ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) { 1170 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE ||
1166 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1171 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)) {
1167 mod_timer(&ifsta->timer, jiffies + 1172 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1173 mod_timer(&ifmgd->timer, jiffies +
1168 IEEE80211_RETRY_AUTH_INTERVAL); 1174 IEEE80211_RETRY_AUTH_INTERVAL);
1169 } 1175 }
1170 1176
1171 ieee80211_set_disassoc(sdata, ifsta, true, false, 0); 1177 ieee80211_set_disassoc(sdata, true, false, 0);
1172 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED; 1178 ifmgd->flags &= ~IEEE80211_STA_AUTHENTICATED;
1179 cfg80211_send_rx_deauth(sdata->dev, (u8 *) mgmt, len);
1173} 1180}
1174 1181
1175 1182
1176static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1183static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
1177 struct ieee80211_if_sta *ifsta,
1178 struct ieee80211_mgmt *mgmt, 1184 struct ieee80211_mgmt *mgmt,
1179 size_t len) 1185 size_t len)
1180{ 1186{
1187 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1181 u16 reason_code; 1188 u16 reason_code;
1182 1189
1183 if (len < 24 + 2) 1190 if (len < 24 + 2)
1184 return; 1191 return;
1185 1192
1186 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN)) 1193 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN))
1187 return; 1194 return;
1188 1195
1189 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1196 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1190 1197
1191 if (ifsta->flags & IEEE80211_STA_ASSOCIATED) 1198 if (ifmgd->flags & IEEE80211_STA_ASSOCIATED)
1192 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n", 1199 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n",
1193 sdata->dev->name, reason_code); 1200 sdata->dev->name, reason_code);
1194 1201
1195 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) { 1202 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) &&
1196 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE; 1203 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED) {
1197 mod_timer(&ifsta->timer, jiffies + 1204 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE;
1205 mod_timer(&ifmgd->timer, jiffies +
1198 IEEE80211_RETRY_AUTH_INTERVAL); 1206 IEEE80211_RETRY_AUTH_INTERVAL);
1199 } 1207 }
1200 1208
1201 ieee80211_set_disassoc(sdata, ifsta, false, false, reason_code); 1209 ieee80211_set_disassoc(sdata, false, false, reason_code);
1210 cfg80211_send_rx_disassoc(sdata->dev, (u8 *) mgmt, len);
1202} 1211}
1203 1212
1204 1213
1205static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 1214static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1206 struct ieee80211_if_sta *ifsta,
1207 struct ieee80211_mgmt *mgmt, 1215 struct ieee80211_mgmt *mgmt,
1208 size_t len, 1216 size_t len,
1209 int reassoc) 1217 int reassoc)
1210{ 1218{
1219 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1211 struct ieee80211_local *local = sdata->local; 1220 struct ieee80211_local *local = sdata->local;
1212 struct ieee80211_supported_band *sband; 1221 struct ieee80211_supported_band *sband;
1213 struct sta_info *sta; 1222 struct sta_info *sta;
1214 u64 rates, basic_rates; 1223 u32 rates, basic_rates;
1215 u16 capab_info, status_code, aid; 1224 u16 capab_info, status_code, aid;
1216 struct ieee802_11_elems elems; 1225 struct ieee802_11_elems elems;
1217 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 1226 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
@@ -1224,13 +1233,13 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1224 /* AssocResp and ReassocResp have identical structure, so process both 1233 /* AssocResp and ReassocResp have identical structure, so process both
1225 * of them in this function. */ 1234 * of them in this function. */
1226 1235
1227 if (ifsta->state != IEEE80211_STA_MLME_ASSOCIATE) 1236 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE)
1228 return; 1237 return;
1229 1238
1230 if (len < 24 + 6) 1239 if (len < 24 + 6)
1231 return; 1240 return;
1232 1241
1233 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) 1242 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0)
1234 return; 1243 return;
1235 1244
1236 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1245 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
@@ -1242,13 +1251,31 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1242 sdata->dev->name, reassoc ? "Rea" : "A", mgmt->sa, 1251 sdata->dev->name, reassoc ? "Rea" : "A", mgmt->sa,
1243 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14)))); 1252 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1244 1253
1254 pos = mgmt->u.assoc_resp.variable;
1255 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1256
1257 if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
1258 elems.timeout_int && elems.timeout_int_len == 5 &&
1259 elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) {
1260 u32 tu, ms;
1261 tu = get_unaligned_le32(elems.timeout_int + 1);
1262 ms = tu * 1024 / 1000;
1263 printk(KERN_DEBUG "%s: AP rejected association temporarily; "
1264 "comeback duration %u TU (%u ms)\n",
1265 sdata->dev->name, tu, ms);
1266 if (ms > IEEE80211_ASSOC_TIMEOUT)
1267 mod_timer(&ifmgd->timer,
1268 jiffies + msecs_to_jiffies(ms));
1269 return;
1270 }
1271
1245 if (status_code != WLAN_STATUS_SUCCESS) { 1272 if (status_code != WLAN_STATUS_SUCCESS) {
1246 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n", 1273 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1247 sdata->dev->name, status_code); 1274 sdata->dev->name, status_code);
1248 /* if this was a reassociation, ensure we try a "full" 1275 /* if this was a reassociation, ensure we try a "full"
1249 * association next time. This works around some broken APs 1276 * association next time. This works around some broken APs
1250 * which do not correctly reject reassociation requests. */ 1277 * which do not correctly reject reassociation requests. */
1251 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET; 1278 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1252 return; 1279 return;
1253 } 1280 }
1254 1281
@@ -1257,9 +1284,6 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1257 "set\n", sdata->dev->name, aid); 1284 "set\n", sdata->dev->name, aid);
1258 aid &= ~(BIT(15) | BIT(14)); 1285 aid &= ~(BIT(15) | BIT(14));
1259 1286
1260 pos = mgmt->u.assoc_resp.variable;
1261 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1262
1263 if (!elems.supp_rates) { 1287 if (!elems.supp_rates) {
1264 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", 1288 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1265 sdata->dev->name); 1289 sdata->dev->name);
@@ -1267,40 +1291,29 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1267 } 1291 }
1268 1292
1269 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name); 1293 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
1270 ifsta->aid = aid; 1294 ifmgd->aid = aid;
1271 ifsta->ap_capab = capab_info; 1295 ifmgd->ap_capab = capab_info;
1272 1296
1273 kfree(ifsta->assocresp_ies); 1297 kfree(ifmgd->assocresp_ies);
1274 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt); 1298 ifmgd->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1275 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL); 1299 ifmgd->assocresp_ies = kmalloc(ifmgd->assocresp_ies_len, GFP_KERNEL);
1276 if (ifsta->assocresp_ies) 1300 if (ifmgd->assocresp_ies)
1277 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len); 1301 memcpy(ifmgd->assocresp_ies, pos, ifmgd->assocresp_ies_len);
1278 1302
1279 rcu_read_lock(); 1303 rcu_read_lock();
1280 1304
1281 /* Add STA entry for the AP */ 1305 /* Add STA entry for the AP */
1282 sta = sta_info_get(local, ifsta->bssid); 1306 sta = sta_info_get(local, ifmgd->bssid);
1283 if (!sta) { 1307 if (!sta) {
1284 struct ieee80211_bss *bss;
1285
1286 newsta = true; 1308 newsta = true;
1287 1309
1288 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC); 1310 sta = sta_info_alloc(sdata, ifmgd->bssid, GFP_ATOMIC);
1289 if (!sta) { 1311 if (!sta) {
1290 printk(KERN_DEBUG "%s: failed to alloc STA entry for" 1312 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1291 " the AP\n", sdata->dev->name); 1313 " the AP\n", sdata->dev->name);
1292 rcu_read_unlock(); 1314 rcu_read_unlock();
1293 return; 1315 return;
1294 } 1316 }
1295 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1296 local->hw.conf.channel->center_freq,
1297 ifsta->ssid, ifsta->ssid_len);
1298 if (bss) {
1299 sta->last_signal = bss->signal;
1300 sta->last_qual = bss->qual;
1301 sta->last_noise = bss->noise;
1302 ieee80211_rx_bss_put(local, bss);
1303 }
1304 1317
1305 /* update new sta with its last rx activity */ 1318 /* update new sta with its last rx activity */
1306 sta->last_rx = jiffies; 1319 sta->last_rx = jiffies;
@@ -1367,7 +1380,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1367 else 1380 else
1368 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 1381 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
1369 1382
1370 if (elems.ht_cap_elem) 1383 /* If TKIP/WEP is used, no need to parse AP's HT capabilities */
1384 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))
1371 ieee80211_ht_cap_ie_to_sta_ht_cap(sband, 1385 ieee80211_ht_cap_ie_to_sta_ht_cap(sband,
1372 elems.ht_cap_elem, &sta->sta.ht_cap); 1386 elems.ht_cap_elem, &sta->sta.ht_cap);
1373 1387
@@ -1375,6 +1389,9 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1375 1389
1376 rate_control_rate_init(sta); 1390 rate_control_rate_init(sta);
1377 1391
1392 if (ifmgd->flags & IEEE80211_STA_MFP_ENABLED)
1393 set_sta_flags(sta, WLAN_STA_MFP);
1394
1378 if (elems.wmm_param) 1395 if (elems.wmm_param)
1379 set_sta_flags(sta, WLAN_STA_WME); 1396 set_sta_flags(sta, WLAN_STA_WME);
1380 1397
@@ -1391,11 +1408,12 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1391 rcu_read_unlock(); 1408 rcu_read_unlock();
1392 1409
1393 if (elems.wmm_param) 1410 if (elems.wmm_param)
1394 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param, 1411 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param,
1395 elems.wmm_param_len); 1412 elems.wmm_param_len);
1396 1413
1397 if (elems.ht_info_elem && elems.wmm_param && 1414 if (elems.ht_info_elem && elems.wmm_param &&
1398 (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) 1415 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
1416 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))
1399 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1417 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem,
1400 ap_ht_cap_flags); 1418 ap_ht_cap_flags);
1401 1419
@@ -1403,136 +1421,19 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1403 * ieee80211_set_associated() will tell the driver */ 1421 * ieee80211_set_associated() will tell the driver */
1404 bss_conf->aid = aid; 1422 bss_conf->aid = aid;
1405 bss_conf->assoc_capability = capab_info; 1423 bss_conf->assoc_capability = capab_info;
1406 ieee80211_set_associated(sdata, ifsta, changed); 1424 ieee80211_set_associated(sdata, changed);
1407
1408 ieee80211_associated(sdata, ifsta);
1409}
1410
1411
1412static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
1413 struct ieee80211_if_sta *ifsta,
1414 struct ieee80211_bss *bss)
1415{
1416 struct ieee80211_local *local = sdata->local;
1417 int res, rates, i, j;
1418 struct sk_buff *skb;
1419 struct ieee80211_mgmt *mgmt;
1420 u8 *pos;
1421 struct ieee80211_supported_band *sband;
1422 union iwreq_data wrqu;
1423
1424 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
1425 if (!skb) {
1426 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
1427 "response\n", sdata->dev->name);
1428 return -ENOMEM;
1429 }
1430
1431 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1432
1433 /* Remove possible STA entries from other IBSS networks. */
1434 sta_info_flush_delayed(sdata);
1435
1436 if (local->ops->reset_tsf) {
1437 /* Reset own TSF to allow time synchronization work. */
1438 local->ops->reset_tsf(local_to_hw(local));
1439 }
1440 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
1441 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
1442 if (res)
1443 return res;
1444
1445 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
1446
1447 sdata->drop_unencrypted = bss->capability &
1448 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
1449
1450 res = ieee80211_set_freq(sdata, bss->freq);
1451
1452 if (res)
1453 return res;
1454
1455 /* Build IBSS probe response */
1456 1425
1457 skb_reserve(skb, local->hw.extra_tx_headroom); 1426 /*
1458 1427 * initialise the time of last beacon to be the association time,
1459 mgmt = (struct ieee80211_mgmt *) 1428 * otherwise beacon loss check will trigger immediately
1460 skb_put(skb, 24 + sizeof(mgmt->u.beacon)); 1429 */
1461 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon)); 1430 ifmgd->last_beacon = jiffies;
1462 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1463 IEEE80211_STYPE_PROBE_RESP);
1464 memset(mgmt->da, 0xff, ETH_ALEN);
1465 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1466 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1467 mgmt->u.beacon.beacon_int =
1468 cpu_to_le16(local->hw.conf.beacon_int);
1469 mgmt->u.beacon.timestamp = cpu_to_le64(bss->timestamp);
1470 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
1471
1472 pos = skb_put(skb, 2 + ifsta->ssid_len);
1473 *pos++ = WLAN_EID_SSID;
1474 *pos++ = ifsta->ssid_len;
1475 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
1476
1477 rates = bss->supp_rates_len;
1478 if (rates > 8)
1479 rates = 8;
1480 pos = skb_put(skb, 2 + rates);
1481 *pos++ = WLAN_EID_SUPP_RATES;
1482 *pos++ = rates;
1483 memcpy(pos, bss->supp_rates, rates);
1484
1485 if (bss->band == IEEE80211_BAND_2GHZ) {
1486 pos = skb_put(skb, 2 + 1);
1487 *pos++ = WLAN_EID_DS_PARAMS;
1488 *pos++ = 1;
1489 *pos++ = ieee80211_frequency_to_channel(bss->freq);
1490 }
1491
1492 pos = skb_put(skb, 2 + 2);
1493 *pos++ = WLAN_EID_IBSS_PARAMS;
1494 *pos++ = 2;
1495 /* FIX: set ATIM window based on scan results */
1496 *pos++ = 0;
1497 *pos++ = 0;
1498
1499 if (bss->supp_rates_len > 8) {
1500 rates = bss->supp_rates_len - 8;
1501 pos = skb_put(skb, 2 + rates);
1502 *pos++ = WLAN_EID_EXT_SUPP_RATES;
1503 *pos++ = rates;
1504 memcpy(pos, &bss->supp_rates[8], rates);
1505 }
1506
1507 ifsta->probe_resp = skb;
1508
1509 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
1510
1511
1512 rates = 0;
1513 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1514 for (i = 0; i < bss->supp_rates_len; i++) {
1515 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
1516 for (j = 0; j < sband->n_bitrates; j++)
1517 if (sband->bitrates[j].bitrate == bitrate)
1518 rates |= BIT(j);
1519 }
1520 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
1521
1522 ieee80211_sta_def_wmm_params(sdata, bss);
1523
1524 ifsta->state = IEEE80211_STA_MLME_IBSS_JOINED;
1525 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1526
1527 ieee80211_led_assoc(local, true);
1528
1529 memset(&wrqu, 0, sizeof(wrqu));
1530 memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN);
1531 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
1532 1431
1533 return res; 1432 ieee80211_associated(sdata);
1433 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len);
1534} 1434}
1535 1435
1436
1536static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 1437static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1537 struct ieee80211_mgmt *mgmt, 1438 struct ieee80211_mgmt *mgmt,
1538 size_t len, 1439 size_t len,
@@ -1543,11 +1444,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1543 struct ieee80211_local *local = sdata->local; 1444 struct ieee80211_local *local = sdata->local;
1544 int freq; 1445 int freq;
1545 struct ieee80211_bss *bss; 1446 struct ieee80211_bss *bss;
1546 struct sta_info *sta;
1547 struct ieee80211_channel *channel; 1447 struct ieee80211_channel *channel;
1548 u64 beacon_timestamp, rx_timestamp;
1549 u64 supp_rates = 0;
1550 enum ieee80211_band band = rx_status->band;
1551 1448
1552 if (elems->ds_params && elems->ds_params_len == 1) 1449 if (elems->ds_params && elems->ds_params_len == 1)
1553 freq = ieee80211_channel_to_frequency(elems->ds_params[0]); 1450 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
@@ -1559,112 +1456,16 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1559 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) 1456 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
1560 return; 1457 return;
1561 1458
1562 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && elems->supp_rates &&
1563 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1564 supp_rates = ieee80211_sta_get_rates(local, elems, band);
1565
1566 rcu_read_lock();
1567
1568 sta = sta_info_get(local, mgmt->sa);
1569 if (sta) {
1570 u64 prev_rates;
1571
1572 prev_rates = sta->sta.supp_rates[band];
1573 /* make sure mandatory rates are always added */
1574 sta->sta.supp_rates[band] = supp_rates |
1575 ieee80211_mandatory_rates(local, band);
1576
1577#ifdef CONFIG_MAC80211_IBSS_DEBUG
1578 if (sta->sta.supp_rates[band] != prev_rates)
1579 printk(KERN_DEBUG "%s: updated supp_rates set "
1580 "for %pM based on beacon info (0x%llx | "
1581 "0x%llx -> 0x%llx)\n",
1582 sdata->dev->name,
1583 sta->sta.addr,
1584 (unsigned long long) prev_rates,
1585 (unsigned long long) supp_rates,
1586 (unsigned long long) sta->sta.supp_rates[band]);
1587#endif
1588 } else {
1589 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
1590 }
1591
1592 rcu_read_unlock();
1593 }
1594
1595 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 1459 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1596 freq, beacon); 1460 channel, beacon);
1597 if (!bss) 1461 if (!bss)
1598 return; 1462 return;
1599 1463
1600 /* was just updated in ieee80211_bss_info_update */ 1464 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) &&
1601 beacon_timestamp = bss->timestamp; 1465 (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN) == 0)) {
1602 1466 struct ieee80211_channel_sw_ie *sw_elem =
1603 /* 1467 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem;
1604 * In STA mode, the remaining parameters should not be overridden 1468 ieee80211_process_chanswitch(sdata, sw_elem, bss);
1605 * by beacons because they're not necessarily accurate there.
1606 */
1607 if (sdata->vif.type != NL80211_IFTYPE_ADHOC &&
1608 bss->last_probe_resp && beacon) {
1609 ieee80211_rx_bss_put(local, bss);
1610 return;
1611 }
1612
1613 /* check if we need to merge IBSS */
1614 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && beacon &&
1615 bss->capability & WLAN_CAPABILITY_IBSS &&
1616 bss->freq == local->oper_channel->center_freq &&
1617 elems->ssid_len == sdata->u.sta.ssid_len &&
1618 memcmp(elems->ssid, sdata->u.sta.ssid,
1619 sdata->u.sta.ssid_len) == 0) {
1620 if (rx_status->flag & RX_FLAG_TSFT) {
1621 /* in order for correct IBSS merging we need mactime
1622 *
1623 * since mactime is defined as the time the first data
1624 * symbol of the frame hits the PHY, and the timestamp
1625 * of the beacon is defined as "the time that the data
1626 * symbol containing the first bit of the timestamp is
1627 * transmitted to the PHY plus the transmitting STA’s
1628 * delays through its local PHY from the MAC-PHY
1629 * interface to its interface with the WM"
1630 * (802.11 11.1.2) - equals the time this bit arrives at
1631 * the receiver - we have to take into account the
1632 * offset between the two.
1633 * e.g: at 1 MBit that means mactime is 192 usec earlier
1634 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
1635 */
1636 int rate;
1637 if (rx_status->flag & RX_FLAG_HT) {
1638 rate = 65; /* TODO: HT rates */
1639 } else {
1640 rate = local->hw.wiphy->bands[band]->
1641 bitrates[rx_status->rate_idx].bitrate;
1642 }
1643 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
1644 } else if (local && local->ops && local->ops->get_tsf)
1645 /* second best option: get current TSF */
1646 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
1647 else
1648 /* can't merge without knowing the TSF */
1649 rx_timestamp = -1LLU;
1650#ifdef CONFIG_MAC80211_IBSS_DEBUG
1651 printk(KERN_DEBUG "RX beacon SA=%pM BSSID="
1652 "%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
1653 mgmt->sa, mgmt->bssid,
1654 (unsigned long long)rx_timestamp,
1655 (unsigned long long)beacon_timestamp,
1656 (unsigned long long)(rx_timestamp - beacon_timestamp),
1657 jiffies);
1658#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1659 if (beacon_timestamp > rx_timestamp) {
1660#ifdef CONFIG_MAC80211_IBSS_DEBUG
1661 printk(KERN_DEBUG "%s: beacon TSF higher than "
1662 "local TSF - IBSS merge with BSSID %pM\n",
1663 sdata->dev->name, mgmt->bssid);
1664#endif
1665 ieee80211_sta_join_ibss(sdata, &sdata->u.sta, bss);
1666 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, supp_rates);
1667 }
1668 } 1469 }
1669 1470
1670 ieee80211_rx_bss_put(local, bss); 1471 ieee80211_rx_bss_put(local, bss);
@@ -1676,9 +1477,11 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1676 size_t len, 1477 size_t len,
1677 struct ieee80211_rx_status *rx_status) 1478 struct ieee80211_rx_status *rx_status)
1678{ 1479{
1480 struct ieee80211_if_managed *ifmgd;
1679 size_t baselen; 1481 size_t baselen;
1680 struct ieee802_11_elems elems; 1482 struct ieee802_11_elems elems;
1681 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1483
1484 ifmgd = &sdata->u.mgd;
1682 1485
1683 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN)) 1486 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
1684 return; /* ignore ProbeResp to foreign address */ 1487 return; /* ignore ProbeResp to foreign address */
@@ -1694,25 +1497,27 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1694 1497
1695 /* direct probe may be part of the association flow */ 1498 /* direct probe may be part of the association flow */
1696 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE, 1499 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE,
1697 &ifsta->request)) { 1500 &ifmgd->request)) {
1698 printk(KERN_DEBUG "%s direct probe responded\n", 1501 printk(KERN_DEBUG "%s direct probe responded\n",
1699 sdata->dev->name); 1502 sdata->dev->name);
1700 ieee80211_authenticate(sdata, ifsta); 1503 ieee80211_authenticate(sdata);
1701 } 1504 }
1702}
1703 1505
1506 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL)
1507 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1508}
1704 1509
1705static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 1510static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1706 struct ieee80211_mgmt *mgmt, 1511 struct ieee80211_mgmt *mgmt,
1707 size_t len, 1512 size_t len,
1708 struct ieee80211_rx_status *rx_status) 1513 struct ieee80211_rx_status *rx_status)
1709{ 1514{
1710 struct ieee80211_if_sta *ifsta; 1515 struct ieee80211_if_managed *ifmgd;
1711 size_t baselen; 1516 size_t baselen;
1712 struct ieee802_11_elems elems; 1517 struct ieee802_11_elems elems;
1713 struct ieee80211_local *local = sdata->local; 1518 struct ieee80211_local *local = sdata->local;
1714 u32 changed = 0; 1519 u32 changed = 0;
1715 bool erp_valid; 1520 bool erp_valid, directed_tim;
1716 u8 erp_value = 0; 1521 u8 erp_value = 0;
1717 1522
1718 /* Process beacon from the current BSS */ 1523 /* Process beacon from the current BSS */
@@ -1726,15 +1531,43 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1726 1531
1727 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1532 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1728 return; 1533 return;
1729 ifsta = &sdata->u.sta;
1730 1534
1731 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) || 1535 ifmgd = &sdata->u.mgd;
1732 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) 1536
1537 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED) ||
1538 memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0)
1539 return;
1540
1541 if (rx_status->freq != local->hw.conf.channel->center_freq)
1733 return; 1542 return;
1734 1543
1735 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param, 1544 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param,
1736 elems.wmm_param_len); 1545 elems.wmm_param_len);
1737 1546
1547 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) {
1548 directed_tim = ieee80211_check_tim(&elems, ifmgd->aid);
1549
1550 if (directed_tim) {
1551 if (local->hw.conf.dynamic_ps_timeout > 0) {
1552 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
1553 ieee80211_hw_config(local,
1554 IEEE80211_CONF_CHANGE_PS);
1555 ieee80211_send_nullfunc(local, sdata, 0);
1556 } else {
1557 local->pspolling = true;
1558
1559 /*
1560 * Here is assumed that the driver will be
1561 * able to send ps-poll frame and receive a
1562 * response even though power save mode is
1563 * enabled, but some drivers might require
1564 * to disable power save here. This needs
1565 * to be investigated.
1566 */
1567 ieee80211_send_pspoll(local, sdata);
1568 }
1569 }
1570 }
1738 1571
1739 if (elems.erp_info && elems.erp_info_len >= 1) { 1572 if (elems.erp_info && elems.erp_info_len >= 1) {
1740 erp_valid = true; 1573 erp_valid = true;
@@ -1747,14 +1580,15 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1747 erp_valid, erp_value); 1580 erp_valid, erp_value);
1748 1581
1749 1582
1750 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param) { 1583 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
1584 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) {
1751 struct sta_info *sta; 1585 struct sta_info *sta;
1752 struct ieee80211_supported_band *sband; 1586 struct ieee80211_supported_band *sband;
1753 u16 ap_ht_cap_flags; 1587 u16 ap_ht_cap_flags;
1754 1588
1755 rcu_read_lock(); 1589 rcu_read_lock();
1756 1590
1757 sta = sta_info_get(local, ifsta->bssid); 1591 sta = sta_info_get(local, ifmgd->bssid);
1758 if (!sta) { 1592 if (!sta) {
1759 rcu_read_unlock(); 1593 rcu_read_unlock();
1760 return; 1594 return;
@@ -1778,92 +1612,28 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1778 * for the BSSID we are associated to */ 1612 * for the BSSID we are associated to */
1779 regulatory_hint_11d(local->hw.wiphy, 1613 regulatory_hint_11d(local->hw.wiphy,
1780 elems.country_elem, elems.country_elem_len); 1614 elems.country_elem, elems.country_elem_len);
1781 }
1782
1783 ieee80211_bss_info_change_notify(sdata, changed);
1784}
1785
1786
1787static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
1788 struct ieee80211_if_sta *ifsta,
1789 struct ieee80211_mgmt *mgmt,
1790 size_t len,
1791 struct ieee80211_rx_status *rx_status)
1792{
1793 struct ieee80211_local *local = sdata->local;
1794 int tx_last_beacon;
1795 struct sk_buff *skb;
1796 struct ieee80211_mgmt *resp;
1797 u8 *pos, *end;
1798 1615
1799 if (sdata->vif.type != NL80211_IFTYPE_ADHOC || 1616 /* TODO: IBSS also needs this */
1800 ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED || 1617 if (elems.pwr_constr_elem)
1801 len < 24 + 2 || !ifsta->probe_resp) 1618 ieee80211_handle_pwr_constr(sdata,
1802 return; 1619 le16_to_cpu(mgmt->u.probe_resp.capab_info),
1803 1620 elems.pwr_constr_elem,
1804 if (local->ops->tx_last_beacon) 1621 elems.pwr_constr_elem_len);
1805 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1806 else
1807 tx_last_beacon = 1;
1808
1809#ifdef CONFIG_MAC80211_IBSS_DEBUG
1810 printk(KERN_DEBUG "%s: RX ProbeReq SA=%pM DA=%pM BSSID=%pM"
1811 " (tx_last_beacon=%d)\n",
1812 sdata->dev->name, mgmt->sa, mgmt->da,
1813 mgmt->bssid, tx_last_beacon);
1814#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1815
1816 if (!tx_last_beacon)
1817 return;
1818
1819 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1820 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1821 return;
1822
1823 end = ((u8 *) mgmt) + len;
1824 pos = mgmt->u.probe_req.variable;
1825 if (pos[0] != WLAN_EID_SSID ||
1826 pos + 2 + pos[1] > end) {
1827#ifdef CONFIG_MAC80211_IBSS_DEBUG
1828 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1829 "from %pM\n",
1830 sdata->dev->name, mgmt->sa);
1831#endif
1832 return;
1833 } 1622 }
1834 if (pos[1] != 0 &&
1835 (pos[1] != ifsta->ssid_len ||
1836 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1837 /* Ignore ProbeReq for foreign SSID */
1838 return;
1839 }
1840
1841 /* Reply with ProbeResp */
1842 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
1843 if (!skb)
1844 return;
1845 1623
1846 resp = (struct ieee80211_mgmt *) skb->data; 1624 ieee80211_bss_info_change_notify(sdata, changed);
1847 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1848#ifdef CONFIG_MAC80211_IBSS_DEBUG
1849 printk(KERN_DEBUG "%s: Sending ProbeResp to %pM\n",
1850 sdata->dev->name, resp->da);
1851#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1852 ieee80211_tx_skb(sdata, skb, 0);
1853} 1625}
1854 1626
1855void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 1627ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
1856 struct ieee80211_rx_status *rx_status) 1628 struct sk_buff *skb,
1629 struct ieee80211_rx_status *rx_status)
1857{ 1630{
1858 struct ieee80211_local *local = sdata->local; 1631 struct ieee80211_local *local = sdata->local;
1859 struct ieee80211_if_sta *ifsta;
1860 struct ieee80211_mgmt *mgmt; 1632 struct ieee80211_mgmt *mgmt;
1861 u16 fc; 1633 u16 fc;
1862 1634
1863 if (skb->len < 24) 1635 if (skb->len < 24)
1864 goto fail; 1636 return RX_DROP_MONITOR;
1865
1866 ifsta = &sdata->u.sta;
1867 1637
1868 mgmt = (struct ieee80211_mgmt *) skb->data; 1638 mgmt = (struct ieee80211_mgmt *) skb->data;
1869 fc = le16_to_cpu(mgmt->frame_control); 1639 fc = le16_to_cpu(mgmt->frame_control);
@@ -1878,113 +1648,68 @@ void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *
1878 case IEEE80211_STYPE_REASSOC_RESP: 1648 case IEEE80211_STYPE_REASSOC_RESP:
1879 case IEEE80211_STYPE_DEAUTH: 1649 case IEEE80211_STYPE_DEAUTH:
1880 case IEEE80211_STYPE_DISASSOC: 1650 case IEEE80211_STYPE_DISASSOC:
1881 skb_queue_tail(&ifsta->skb_queue, skb); 1651 skb_queue_tail(&sdata->u.mgd.skb_queue, skb);
1882 queue_work(local->hw.workqueue, &ifsta->work); 1652 queue_work(local->hw.workqueue, &sdata->u.mgd.work);
1883 return; 1653 return RX_QUEUED;
1884 } 1654 }
1885 1655
1886 fail: 1656 return RX_DROP_MONITOR;
1887 kfree_skb(skb);
1888} 1657}
1889 1658
1890static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 1659static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1891 struct sk_buff *skb) 1660 struct sk_buff *skb)
1892{ 1661{
1893 struct ieee80211_rx_status *rx_status; 1662 struct ieee80211_rx_status *rx_status;
1894 struct ieee80211_if_sta *ifsta;
1895 struct ieee80211_mgmt *mgmt; 1663 struct ieee80211_mgmt *mgmt;
1896 u16 fc; 1664 u16 fc;
1897 1665
1898 ifsta = &sdata->u.sta;
1899
1900 rx_status = (struct ieee80211_rx_status *) skb->cb; 1666 rx_status = (struct ieee80211_rx_status *) skb->cb;
1901 mgmt = (struct ieee80211_mgmt *) skb->data; 1667 mgmt = (struct ieee80211_mgmt *) skb->data;
1902 fc = le16_to_cpu(mgmt->frame_control); 1668 fc = le16_to_cpu(mgmt->frame_control);
1903 1669
1904 switch (fc & IEEE80211_FCTL_STYPE) { 1670 switch (fc & IEEE80211_FCTL_STYPE) {
1905 case IEEE80211_STYPE_PROBE_REQ:
1906 ieee80211_rx_mgmt_probe_req(sdata, ifsta, mgmt, skb->len,
1907 rx_status);
1908 break;
1909 case IEEE80211_STYPE_PROBE_RESP: 1671 case IEEE80211_STYPE_PROBE_RESP:
1910 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status); 1672 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len,
1673 rx_status);
1911 break; 1674 break;
1912 case IEEE80211_STYPE_BEACON: 1675 case IEEE80211_STYPE_BEACON:
1913 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status); 1676 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len,
1677 rx_status);
1914 break; 1678 break;
1915 case IEEE80211_STYPE_AUTH: 1679 case IEEE80211_STYPE_AUTH:
1916 ieee80211_rx_mgmt_auth(sdata, ifsta, mgmt, skb->len); 1680 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len);
1917 break; 1681 break;
1918 case IEEE80211_STYPE_ASSOC_RESP: 1682 case IEEE80211_STYPE_ASSOC_RESP:
1919 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0); 1683 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 0);
1920 break; 1684 break;
1921 case IEEE80211_STYPE_REASSOC_RESP: 1685 case IEEE80211_STYPE_REASSOC_RESP:
1922 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1); 1686 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 1);
1923 break; 1687 break;
1924 case IEEE80211_STYPE_DEAUTH: 1688 case IEEE80211_STYPE_DEAUTH:
1925 ieee80211_rx_mgmt_deauth(sdata, ifsta, mgmt, skb->len); 1689 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len);
1926 break; 1690 break;
1927 case IEEE80211_STYPE_DISASSOC: 1691 case IEEE80211_STYPE_DISASSOC:
1928 ieee80211_rx_mgmt_disassoc(sdata, ifsta, mgmt, skb->len); 1692 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
1929 break; 1693 break;
1930 } 1694 }
1931 1695
1932 kfree_skb(skb); 1696 kfree_skb(skb);
1933} 1697}
1934 1698
1935
1936static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
1937{
1938 struct ieee80211_local *local = sdata->local;
1939 int active = 0;
1940 struct sta_info *sta;
1941
1942 rcu_read_lock();
1943
1944 list_for_each_entry_rcu(sta, &local->sta_list, list) {
1945 if (sta->sdata == sdata &&
1946 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1947 jiffies)) {
1948 active++;
1949 break;
1950 }
1951 }
1952
1953 rcu_read_unlock();
1954
1955 return active;
1956}
1957
1958
1959static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata,
1960 struct ieee80211_if_sta *ifsta)
1961{
1962 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1963
1964 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
1965 if (ieee80211_sta_active_ibss(sdata))
1966 return;
1967
1968 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1969 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
1970 ieee80211_request_scan(sdata, ifsta->ssid, ifsta->ssid_len);
1971}
1972
1973
1974static void ieee80211_sta_timer(unsigned long data) 1699static void ieee80211_sta_timer(unsigned long data)
1975{ 1700{
1976 struct ieee80211_sub_if_data *sdata = 1701 struct ieee80211_sub_if_data *sdata =
1977 (struct ieee80211_sub_if_data *) data; 1702 (struct ieee80211_sub_if_data *) data;
1978 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1703 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1979 struct ieee80211_local *local = sdata->local; 1704 struct ieee80211_local *local = sdata->local;
1980 1705
1981 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request); 1706 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request);
1982 queue_work(local->hw.workqueue, &ifsta->work); 1707 queue_work(local->hw.workqueue, &ifmgd->work);
1983} 1708}
1984 1709
1985static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata, 1710static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata)
1986 struct ieee80211_if_sta *ifsta)
1987{ 1711{
1712 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1988 struct ieee80211_local *local = sdata->local; 1713 struct ieee80211_local *local = sdata->local;
1989 1714
1990 if (local->ops->reset_tsf) { 1715 if (local->ops->reset_tsf) {
@@ -1992,298 +1717,112 @@ static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata,
1992 local->ops->reset_tsf(local_to_hw(local)); 1717 local->ops->reset_tsf(local_to_hw(local));
1993 } 1718 }
1994 1719
1995 ifsta->wmm_last_param_set = -1; /* allow any WMM update */ 1720 ifmgd->wmm_last_param_set = -1; /* allow any WMM update */
1996 1721
1997 1722
1998 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN) 1723 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1999 ifsta->auth_alg = WLAN_AUTH_OPEN; 1724 ifmgd->auth_alg = WLAN_AUTH_OPEN;
2000 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 1725 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2001 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY; 1726 ifmgd->auth_alg = WLAN_AUTH_SHARED_KEY;
2002 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP) 1727 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP)
2003 ifsta->auth_alg = WLAN_AUTH_LEAP; 1728 ifmgd->auth_alg = WLAN_AUTH_LEAP;
1729 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_FT)
1730 ifmgd->auth_alg = WLAN_AUTH_FT;
2004 else 1731 else
2005 ifsta->auth_alg = WLAN_AUTH_OPEN; 1732 ifmgd->auth_alg = WLAN_AUTH_OPEN;
2006 ifsta->auth_transaction = -1; 1733 ifmgd->auth_transaction = -1;
2007 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED; 1734 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
2008 ifsta->assoc_scan_tries = 0; 1735 ifmgd->assoc_scan_tries = 0;
2009 ifsta->direct_probe_tries = 0; 1736 ifmgd->direct_probe_tries = 0;
2010 ifsta->auth_tries = 0; 1737 ifmgd->auth_tries = 0;
2011 ifsta->assoc_tries = 0; 1738 ifmgd->assoc_tries = 0;
2012 netif_tx_stop_all_queues(sdata->dev); 1739 netif_tx_stop_all_queues(sdata->dev);
2013 netif_carrier_off(sdata->dev); 1740 netif_carrier_off(sdata->dev);
2014} 1741}
2015 1742
2016 1743static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata)
2017static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
2018 const char *ssid, int ssid_len)
2019{
2020 int tmp, hidden_ssid;
2021
2022 if (ssid_len == ifsta->ssid_len &&
2023 !memcmp(ifsta->ssid, ssid, ssid_len))
2024 return 1;
2025
2026 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
2027 return 0;
2028
2029 hidden_ssid = 1;
2030 tmp = ssid_len;
2031 while (tmp--) {
2032 if (ssid[tmp] != '\0') {
2033 hidden_ssid = 0;
2034 break;
2035 }
2036 }
2037
2038 if (hidden_ssid && (ifsta->ssid_len == ssid_len || ssid_len == 0))
2039 return 1;
2040
2041 if (ssid_len == 1 && ssid[0] == ' ')
2042 return 1;
2043
2044 return 0;
2045}
2046
2047static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata,
2048 struct ieee80211_if_sta *ifsta)
2049{ 1744{
1745 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2050 struct ieee80211_local *local = sdata->local; 1746 struct ieee80211_local *local = sdata->local;
2051 struct ieee80211_bss *bss; 1747 struct ieee80211_bss *bss;
2052 struct ieee80211_supported_band *sband; 1748 u8 *bssid = ifmgd->bssid, *ssid = ifmgd->ssid;
2053 u8 bssid[ETH_ALEN], *pos; 1749 u8 ssid_len = ifmgd->ssid_len;
2054 int i; 1750 u16 capa_mask = WLAN_CAPABILITY_ESS;
2055 int ret; 1751 u16 capa_val = WLAN_CAPABILITY_ESS;
2056 1752 struct ieee80211_channel *chan = local->oper_channel;
2057#if 0
2058 /* Easier testing, use fixed BSSID. */
2059 memset(bssid, 0xfe, ETH_ALEN);
2060#else
2061 /* Generate random, not broadcast, locally administered BSSID. Mix in
2062 * own MAC address to make sure that devices that do not have proper
2063 * random number generator get different BSSID. */
2064 get_random_bytes(bssid, ETH_ALEN);
2065 for (i = 0; i < ETH_ALEN; i++)
2066 bssid[i] ^= sdata->dev->dev_addr[i];
2067 bssid[0] &= ~0x01;
2068 bssid[0] |= 0x02;
2069#endif
2070
2071 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n",
2072 sdata->dev->name, bssid);
2073
2074 bss = ieee80211_rx_bss_add(local, bssid,
2075 local->hw.conf.channel->center_freq,
2076 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
2077 if (!bss)
2078 return -ENOMEM;
2079
2080 bss->band = local->hw.conf.channel->band;
2081 sband = local->hw.wiphy->bands[bss->band];
2082
2083 if (local->hw.conf.beacon_int == 0)
2084 local->hw.conf.beacon_int = 100;
2085 bss->beacon_int = local->hw.conf.beacon_int;
2086 bss->last_update = jiffies;
2087 bss->capability = WLAN_CAPABILITY_IBSS;
2088 1753
2089 if (sdata->default_key) 1754 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) &&
2090 bss->capability |= WLAN_CAPABILITY_PRIVACY; 1755 ifmgd->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2091 else 1756 IEEE80211_STA_AUTO_BSSID_SEL |
2092 sdata->drop_unencrypted = 0; 1757 IEEE80211_STA_AUTO_CHANNEL_SEL)) {
2093 1758 capa_mask |= WLAN_CAPABILITY_PRIVACY;
2094 bss->supp_rates_len = sband->n_bitrates; 1759 if (sdata->default_key)
2095 pos = bss->supp_rates; 1760 capa_val |= WLAN_CAPABILITY_PRIVACY;
2096 for (i = 0; i < sband->n_bitrates; i++) {
2097 int rate = sband->bitrates[i].bitrate;
2098 *pos++ = (u8) (rate / 5);
2099 } 1761 }
2100 1762
2101 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss); 1763 if (ifmgd->flags & IEEE80211_STA_AUTO_CHANNEL_SEL)
2102 ieee80211_rx_bss_put(local, bss); 1764 chan = NULL;
2103 return ret;
2104}
2105 1765
1766 if (ifmgd->flags & IEEE80211_STA_AUTO_BSSID_SEL)
1767 bssid = NULL;
2106 1768
2107static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata, 1769 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL) {
2108 struct ieee80211_if_sta *ifsta) 1770 ssid = NULL;
2109{ 1771 ssid_len = 0;
2110 struct ieee80211_local *local = sdata->local;
2111 struct ieee80211_bss *bss;
2112 int found = 0;
2113 u8 bssid[ETH_ALEN];
2114 int active_ibss;
2115
2116 if (ifsta->ssid_len == 0)
2117 return -EINVAL;
2118
2119 active_ibss = ieee80211_sta_active_ibss(sdata);
2120#ifdef CONFIG_MAC80211_IBSS_DEBUG
2121 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2122 sdata->dev->name, active_ibss);
2123#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2124 spin_lock_bh(&local->bss_lock);
2125 list_for_each_entry(bss, &local->bss_list, list) {
2126 if (ifsta->ssid_len != bss->ssid_len ||
2127 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2128 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2129 continue;
2130#ifdef CONFIG_MAC80211_IBSS_DEBUG
2131 printk(KERN_DEBUG " bssid=%pM found\n", bss->bssid);
2132#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2133 memcpy(bssid, bss->bssid, ETH_ALEN);
2134 found = 1;
2135 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2136 break;
2137 } 1772 }
2138 spin_unlock_bh(&local->bss_lock);
2139 1773
2140#ifdef CONFIG_MAC80211_IBSS_DEBUG 1774 bss = (void *)cfg80211_get_bss(local->hw.wiphy, chan,
2141 if (found) 1775 bssid, ssid, ssid_len,
2142 printk(KERN_DEBUG " sta_find_ibss: selected %pM current " 1776 capa_mask, capa_val);
2143 "%pM\n", bssid, ifsta->bssid);
2144#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2145 1777
2146 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) { 1778 if (bss) {
2147 int ret; 1779 ieee80211_set_freq(sdata, bss->cbss.channel->center_freq);
2148 int search_freq; 1780 if (!(ifmgd->flags & IEEE80211_STA_SSID_SET))
2149 1781 ieee80211_sta_set_ssid(sdata, bss->ssid,
2150 if (ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) 1782 bss->ssid_len);
2151 search_freq = bss->freq; 1783 ieee80211_sta_set_bssid(sdata, bss->cbss.bssid);
1784 ieee80211_sta_def_wmm_params(sdata, bss->supp_rates_len,
1785 bss->supp_rates);
1786 if (sdata->u.mgd.mfp == IEEE80211_MFP_REQUIRED)
1787 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED;
2152 else 1788 else
2153 search_freq = local->hw.conf.channel->center_freq; 1789 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED;
2154
2155 bss = ieee80211_rx_bss_get(local, bssid, search_freq,
2156 ifsta->ssid, ifsta->ssid_len);
2157 if (!bss)
2158 goto dont_join;
2159
2160 printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM"
2161 " based on configured SSID\n",
2162 sdata->dev->name, bssid);
2163 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
2164 ieee80211_rx_bss_put(local, bss);
2165 return ret;
2166 }
2167
2168dont_join:
2169#ifdef CONFIG_MAC80211_IBSS_DEBUG
2170 printk(KERN_DEBUG " did not try to join ibss\n");
2171#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2172
2173 /* Selected IBSS not found in current scan results - try to scan */
2174 if (ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED &&
2175 !ieee80211_sta_active_ibss(sdata)) {
2176 mod_timer(&ifsta->timer, jiffies +
2177 IEEE80211_IBSS_MERGE_INTERVAL);
2178 } else if (time_after(jiffies, local->last_scan_completed +
2179 IEEE80211_SCAN_INTERVAL)) {
2180 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2181 "join\n", sdata->dev->name);
2182 return ieee80211_request_scan(sdata, ifsta->ssid,
2183 ifsta->ssid_len);
2184 } else if (ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED) {
2185 int interval = IEEE80211_SCAN_INTERVAL;
2186
2187 if (time_after(jiffies, ifsta->ibss_join_req +
2188 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2189 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
2190 (!(local->oper_channel->flags &
2191 IEEE80211_CHAN_NO_IBSS)))
2192 return ieee80211_sta_create_ibss(sdata, ifsta);
2193 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
2194 printk(KERN_DEBUG "%s: IBSS not allowed on"
2195 " %d MHz\n", sdata->dev->name,
2196 local->hw.conf.channel->center_freq);
2197 }
2198
2199 /* No IBSS found - decrease scan interval and continue
2200 * scanning. */
2201 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2202 }
2203
2204 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
2205 mod_timer(&ifsta->timer, jiffies + interval);
2206 return 0;
2207 }
2208
2209 return 0;
2210}
2211
2212
2213static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
2214 struct ieee80211_if_sta *ifsta)
2215{
2216 struct ieee80211_local *local = sdata->local;
2217 struct ieee80211_bss *bss, *selected = NULL;
2218 int top_rssi = 0, freq;
2219
2220 spin_lock_bh(&local->bss_lock);
2221 freq = local->oper_channel->center_freq;
2222 list_for_each_entry(bss, &local->bss_list, list) {
2223 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2224 continue;
2225
2226 if ((ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2227 IEEE80211_STA_AUTO_BSSID_SEL |
2228 IEEE80211_STA_AUTO_CHANNEL_SEL)) &&
2229 (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
2230 !!sdata->default_key))
2231 continue;
2232
2233 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
2234 bss->freq != freq)
2235 continue;
2236
2237 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
2238 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
2239 continue;
2240
2241 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
2242 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
2243 continue;
2244
2245 if (!selected || top_rssi < bss->signal) {
2246 selected = bss;
2247 top_rssi = bss->signal;
2248 }
2249 }
2250 if (selected)
2251 atomic_inc(&selected->users);
2252 spin_unlock_bh(&local->bss_lock);
2253
2254 if (selected) {
2255 ieee80211_set_freq(sdata, selected->freq);
2256 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
2257 ieee80211_sta_set_ssid(sdata, selected->ssid,
2258 selected->ssid_len);
2259 ieee80211_sta_set_bssid(sdata, selected->bssid);
2260 ieee80211_sta_def_wmm_params(sdata, selected);
2261 1790
2262 /* Send out direct probe if no probe resp was received or 1791 /* Send out direct probe if no probe resp was received or
2263 * the one we have is outdated 1792 * the one we have is outdated
2264 */ 1793 */
2265 if (!selected->last_probe_resp || 1794 if (!bss->last_probe_resp ||
2266 time_after(jiffies, selected->last_probe_resp 1795 time_after(jiffies, bss->last_probe_resp
2267 + IEEE80211_SCAN_RESULT_EXPIRE)) 1796 + IEEE80211_SCAN_RESULT_EXPIRE))
2268 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1797 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
2269 else 1798 else
2270 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE; 1799 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
2271 1800
2272 ieee80211_rx_bss_put(local, selected); 1801 ieee80211_rx_bss_put(local, bss);
2273 ieee80211_sta_reset_auth(sdata, ifsta); 1802 ieee80211_sta_reset_auth(sdata);
2274 return 0; 1803 return 0;
2275 } else { 1804 } else {
2276 if (ifsta->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) { 1805 if (ifmgd->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
2277 ifsta->assoc_scan_tries++; 1806 ifmgd->assoc_scan_tries++;
2278 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) 1807 /* XXX maybe racy? */
2279 ieee80211_start_scan(sdata, NULL, 0); 1808 if (local->scan_req)
1809 return -1;
1810 memcpy(local->int_scan_req.ssids[0].ssid,
1811 ifmgd->ssid, IEEE80211_MAX_SSID_LEN);
1812 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL)
1813 local->int_scan_req.ssids[0].ssid_len = 0;
2280 else 1814 else
2281 ieee80211_start_scan(sdata, ifsta->ssid, 1815 local->int_scan_req.ssids[0].ssid_len = ifmgd->ssid_len;
2282 ifsta->ssid_len); 1816
2283 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE; 1817 if (ieee80211_start_scan(sdata, &local->int_scan_req))
2284 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request); 1818 ieee80211_scan_failed(local);
2285 } else 1819
2286 ifsta->state = IEEE80211_STA_MLME_DISABLED; 1820 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
1821 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request);
1822 } else {
1823 ifmgd->assoc_scan_tries = 0;
1824 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1825 }
2287 } 1826 }
2288 return -1; 1827 return -1;
2289} 1828}
@@ -2292,9 +1831,9 @@ static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
2292static void ieee80211_sta_work(struct work_struct *work) 1831static void ieee80211_sta_work(struct work_struct *work)
2293{ 1832{
2294 struct ieee80211_sub_if_data *sdata = 1833 struct ieee80211_sub_if_data *sdata =
2295 container_of(work, struct ieee80211_sub_if_data, u.sta.work); 1834 container_of(work, struct ieee80211_sub_if_data, u.mgd.work);
2296 struct ieee80211_local *local = sdata->local; 1835 struct ieee80211_local *local = sdata->local;
2297 struct ieee80211_if_sta *ifsta; 1836 struct ieee80211_if_managed *ifmgd;
2298 struct sk_buff *skb; 1837 struct sk_buff *skb;
2299 1838
2300 if (!netif_running(sdata->dev)) 1839 if (!netif_running(sdata->dev))
@@ -2303,61 +1842,60 @@ static void ieee80211_sta_work(struct work_struct *work)
2303 if (local->sw_scanning || local->hw_scanning) 1842 if (local->sw_scanning || local->hw_scanning)
2304 return; 1843 return;
2305 1844
2306 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION && 1845 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2307 sdata->vif.type != NL80211_IFTYPE_ADHOC))
2308 return; 1846 return;
2309 ifsta = &sdata->u.sta; 1847 ifmgd = &sdata->u.mgd;
2310 1848
2311 while ((skb = skb_dequeue(&ifsta->skb_queue))) 1849 while ((skb = skb_dequeue(&ifmgd->skb_queue)))
2312 ieee80211_sta_rx_queued_mgmt(sdata, skb); 1850 ieee80211_sta_rx_queued_mgmt(sdata, skb);
2313 1851
2314 if (ifsta->state != IEEE80211_STA_MLME_DIRECT_PROBE && 1852 if (ifmgd->state != IEEE80211_STA_MLME_DIRECT_PROBE &&
2315 ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE && 1853 ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE &&
2316 ifsta->state != IEEE80211_STA_MLME_ASSOCIATE && 1854 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE &&
2317 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) { 1855 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request)) {
2318 ieee80211_start_scan(sdata, ifsta->scan_ssid, 1856 /*
2319 ifsta->scan_ssid_len); 1857 * The call to ieee80211_start_scan can fail but ieee80211_request_scan
1858 * (which queued ieee80211_sta_work) did not return an error. Thus, call
1859 * ieee80211_scan_failed here if ieee80211_start_scan fails in order to
1860 * notify the scan requester.
1861 */
1862 if (ieee80211_start_scan(sdata, local->scan_req))
1863 ieee80211_scan_failed(local);
2320 return; 1864 return;
2321 } 1865 }
2322 1866
2323 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) { 1867 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request)) {
2324 if (ieee80211_sta_config_auth(sdata, ifsta)) 1868 if (ieee80211_sta_config_auth(sdata))
2325 return; 1869 return;
2326 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request); 1870 clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request);
2327 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request)) 1871 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request))
2328 return; 1872 return;
2329 1873
2330 switch (ifsta->state) { 1874 switch (ifmgd->state) {
2331 case IEEE80211_STA_MLME_DISABLED: 1875 case IEEE80211_STA_MLME_DISABLED:
2332 break; 1876 break;
2333 case IEEE80211_STA_MLME_DIRECT_PROBE: 1877 case IEEE80211_STA_MLME_DIRECT_PROBE:
2334 ieee80211_direct_probe(sdata, ifsta); 1878 ieee80211_direct_probe(sdata);
2335 break; 1879 break;
2336 case IEEE80211_STA_MLME_AUTHENTICATE: 1880 case IEEE80211_STA_MLME_AUTHENTICATE:
2337 ieee80211_authenticate(sdata, ifsta); 1881 ieee80211_authenticate(sdata);
2338 break; 1882 break;
2339 case IEEE80211_STA_MLME_ASSOCIATE: 1883 case IEEE80211_STA_MLME_ASSOCIATE:
2340 ieee80211_associate(sdata, ifsta); 1884 ieee80211_associate(sdata);
2341 break; 1885 break;
2342 case IEEE80211_STA_MLME_ASSOCIATED: 1886 case IEEE80211_STA_MLME_ASSOCIATED:
2343 ieee80211_associated(sdata, ifsta); 1887 ieee80211_associated(sdata);
2344 break;
2345 case IEEE80211_STA_MLME_IBSS_SEARCH:
2346 ieee80211_sta_find_ibss(sdata, ifsta);
2347 break;
2348 case IEEE80211_STA_MLME_IBSS_JOINED:
2349 ieee80211_sta_merge_ibss(sdata, ifsta);
2350 break; 1888 break;
2351 default: 1889 default:
2352 WARN_ON(1); 1890 WARN_ON(1);
2353 break; 1891 break;
2354 } 1892 }
2355 1893
2356 if (ieee80211_privacy_mismatch(sdata, ifsta)) { 1894 if (ieee80211_privacy_mismatch(sdata)) {
2357 printk(KERN_DEBUG "%s: privacy configuration mismatch and " 1895 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
2358 "mixed-cell disabled - disassociate\n", sdata->dev->name); 1896 "mixed-cell disabled - disassociate\n", sdata->dev->name);
2359 1897
2360 ieee80211_set_disassoc(sdata, ifsta, false, true, 1898 ieee80211_set_disassoc(sdata, false, true,
2361 WLAN_REASON_UNSPECIFIED); 1899 WLAN_REASON_UNSPECIFIED);
2362 } 1900 }
2363} 1901}
@@ -2366,208 +1904,161 @@ static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
2366{ 1904{
2367 if (sdata->vif.type == NL80211_IFTYPE_STATION) 1905 if (sdata->vif.type == NL80211_IFTYPE_STATION)
2368 queue_work(sdata->local->hw.workqueue, 1906 queue_work(sdata->local->hw.workqueue,
2369 &sdata->u.sta.work); 1907 &sdata->u.mgd.work);
2370} 1908}
2371 1909
2372/* interface setup */ 1910/* interface setup */
2373void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 1911void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
2374{ 1912{
2375 struct ieee80211_if_sta *ifsta; 1913 struct ieee80211_if_managed *ifmgd;
2376 1914
2377 ifsta = &sdata->u.sta; 1915 ifmgd = &sdata->u.mgd;
2378 INIT_WORK(&ifsta->work, ieee80211_sta_work); 1916 INIT_WORK(&ifmgd->work, ieee80211_sta_work);
2379 setup_timer(&ifsta->timer, ieee80211_sta_timer, 1917 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
1918 INIT_WORK(&ifmgd->beacon_loss_work, ieee80211_beacon_loss_work);
1919 setup_timer(&ifmgd->timer, ieee80211_sta_timer,
2380 (unsigned long) sdata); 1920 (unsigned long) sdata);
2381 skb_queue_head_init(&ifsta->skb_queue); 1921 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer,
1922 (unsigned long) sdata);
1923 skb_queue_head_init(&ifmgd->skb_queue);
2382 1924
2383 ifsta->capab = WLAN_CAPABILITY_ESS; 1925 ifmgd->capab = WLAN_CAPABILITY_ESS;
2384 ifsta->auth_algs = IEEE80211_AUTH_ALG_OPEN | 1926 ifmgd->auth_algs = IEEE80211_AUTH_ALG_OPEN |
2385 IEEE80211_AUTH_ALG_SHARED_KEY; 1927 IEEE80211_AUTH_ALG_SHARED_KEY;
2386 ifsta->flags |= IEEE80211_STA_CREATE_IBSS | 1928 ifmgd->flags |= IEEE80211_STA_CREATE_IBSS |
2387 IEEE80211_STA_AUTO_BSSID_SEL | 1929 IEEE80211_STA_AUTO_BSSID_SEL |
2388 IEEE80211_STA_AUTO_CHANNEL_SEL; 1930 IEEE80211_STA_AUTO_CHANNEL_SEL;
2389 if (ieee80211_num_regular_queues(&sdata->local->hw) >= 4) 1931 if (sdata->local->hw.queues >= 4)
2390 ifsta->flags |= IEEE80211_STA_WMM_ENABLED; 1932 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED;
2391}
2392
2393/*
2394 * Add a new IBSS station, will also be called by the RX code when,
2395 * in IBSS mode, receiving a frame from a yet-unknown station, hence
2396 * must be callable in atomic context.
2397 */
2398struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
2399 u8 *bssid,u8 *addr, u64 supp_rates)
2400{
2401 struct ieee80211_local *local = sdata->local;
2402 struct sta_info *sta;
2403 int band = local->hw.conf.channel->band;
2404
2405 /* TODO: Could consider removing the least recently used entry and
2406 * allow new one to be added. */
2407 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
2408 if (net_ratelimit()) {
2409 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
2410 "entry %pM\n", sdata->dev->name, addr);
2411 }
2412 return NULL;
2413 }
2414
2415 if (compare_ether_addr(bssid, sdata->u.sta.bssid))
2416 return NULL;
2417
2418#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2419 printk(KERN_DEBUG "%s: Adding new IBSS station %pM (dev=%s)\n",
2420 wiphy_name(local->hw.wiphy), addr, sdata->dev->name);
2421#endif
2422
2423 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
2424 if (!sta)
2425 return NULL;
2426
2427 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
2428
2429 /* make sure mandatory rates are always added */
2430 sta->sta.supp_rates[band] = supp_rates |
2431 ieee80211_mandatory_rates(local, band);
2432
2433 rate_control_rate_init(sta);
2434
2435 if (sta_info_insert(sta))
2436 return NULL;
2437
2438 return sta;
2439} 1933}
2440 1934
2441/* configuration hooks */ 1935/* configuration hooks */
2442void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata, 1936void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata)
2443 struct ieee80211_if_sta *ifsta)
2444{ 1937{
1938 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2445 struct ieee80211_local *local = sdata->local; 1939 struct ieee80211_local *local = sdata->local;
2446 1940
2447 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1941 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2448 return; 1942 return;
2449 1943
2450 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET | 1944 if ((ifmgd->flags & (IEEE80211_STA_BSSID_SET |
2451 IEEE80211_STA_AUTO_BSSID_SEL)) && 1945 IEEE80211_STA_AUTO_BSSID_SEL)) &&
2452 (ifsta->flags & (IEEE80211_STA_SSID_SET | 1946 (ifmgd->flags & (IEEE80211_STA_SSID_SET |
2453 IEEE80211_STA_AUTO_SSID_SEL))) { 1947 IEEE80211_STA_AUTO_SSID_SEL))) {
2454 1948
2455 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) 1949 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2456 ieee80211_set_disassoc(sdata, ifsta, true, true, 1950 ieee80211_set_disassoc(sdata, true, true,
2457 WLAN_REASON_DEAUTH_LEAVING); 1951 WLAN_REASON_DEAUTH_LEAVING);
2458 1952
2459 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request); 1953 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) ||
2460 queue_work(local->hw.workqueue, &ifsta->work); 1954 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE)
1955 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request);
1956 else if (ifmgd->flags & IEEE80211_STA_EXT_SME)
1957 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request);
1958 queue_work(local->hw.workqueue, &ifmgd->work);
2461 } 1959 }
2462} 1960}
2463 1961
1962int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata)
1963{
1964 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1965
1966 if (ifmgd->ssid_len)
1967 ifmgd->flags |= IEEE80211_STA_SSID_SET;
1968 else
1969 ifmgd->flags &= ~IEEE80211_STA_SSID_SET;
1970
1971 return 0;
1972}
1973
2464int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len) 1974int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
2465{ 1975{
2466 struct ieee80211_if_sta *ifsta; 1976 struct ieee80211_if_managed *ifmgd;
2467 1977
2468 if (len > IEEE80211_MAX_SSID_LEN) 1978 if (len > IEEE80211_MAX_SSID_LEN)
2469 return -EINVAL; 1979 return -EINVAL;
2470 1980
2471 ifsta = &sdata->u.sta; 1981 ifmgd = &sdata->u.mgd;
2472
2473 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) {
2474 memset(ifsta->ssid, 0, sizeof(ifsta->ssid));
2475 memcpy(ifsta->ssid, ssid, len);
2476 ifsta->ssid_len = len;
2477 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2478 }
2479
2480 if (len)
2481 ifsta->flags |= IEEE80211_STA_SSID_SET;
2482 else
2483 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
2484 1982
2485 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && 1983 if (ifmgd->ssid_len != len || memcmp(ifmgd->ssid, ssid, len) != 0) {
2486 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) { 1984 /*
2487 ifsta->ibss_join_req = jiffies; 1985 * Do not use reassociation if SSID is changed (different ESS).
2488 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH; 1986 */
2489 return ieee80211_sta_find_ibss(sdata, ifsta); 1987 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1988 memset(ifmgd->ssid, 0, sizeof(ifmgd->ssid));
1989 memcpy(ifmgd->ssid, ssid, len);
1990 ifmgd->ssid_len = len;
2490 } 1991 }
2491 1992
2492 return 0; 1993 return ieee80211_sta_commit(sdata);
2493} 1994}
2494 1995
2495int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len) 1996int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
2496{ 1997{
2497 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1998 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2498 memcpy(ssid, ifsta->ssid, ifsta->ssid_len); 1999 memcpy(ssid, ifmgd->ssid, ifmgd->ssid_len);
2499 *len = ifsta->ssid_len; 2000 *len = ifmgd->ssid_len;
2500 return 0; 2001 return 0;
2501} 2002}
2502 2003
2503int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid) 2004int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
2504{ 2005{
2505 struct ieee80211_if_sta *ifsta; 2006 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2506 int res;
2507 2007
2508 ifsta = &sdata->u.sta; 2008 if (is_valid_ether_addr(bssid)) {
2009 memcpy(ifmgd->bssid, bssid, ETH_ALEN);
2010 ifmgd->flags |= IEEE80211_STA_BSSID_SET;
2011 } else {
2012 memset(ifmgd->bssid, 0, ETH_ALEN);
2013 ifmgd->flags &= ~IEEE80211_STA_BSSID_SET;
2014 }
2509 2015
2510 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) { 2016 if (netif_running(sdata->dev)) {
2511 memcpy(ifsta->bssid, bssid, ETH_ALEN); 2017 if (ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID)) {
2512 res = 0;
2513 /*
2514 * Hack! See also ieee80211_sta_set_ssid.
2515 */
2516 if (netif_running(sdata->dev))
2517 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
2518 if (res) {
2519 printk(KERN_DEBUG "%s: Failed to config new BSSID to " 2018 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2520 "the low-level driver\n", sdata->dev->name); 2019 "the low-level driver\n", sdata->dev->name);
2521 return res;
2522 } 2020 }
2523 } 2021 }
2524 2022
2525 if (is_valid_ether_addr(bssid)) 2023 return ieee80211_sta_commit(sdata);
2526 ifsta->flags |= IEEE80211_STA_BSSID_SET;
2527 else
2528 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
2529
2530 return 0;
2531} 2024}
2532 2025
2533int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, char *ie, size_t len) 2026int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata,
2027 const char *ie, size_t len)
2534{ 2028{
2535 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 2029 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2536 2030
2537 kfree(ifsta->extra_ie); 2031 kfree(ifmgd->extra_ie);
2538 if (len == 0) { 2032 if (len == 0) {
2539 ifsta->extra_ie = NULL; 2033 ifmgd->extra_ie = NULL;
2540 ifsta->extra_ie_len = 0; 2034 ifmgd->extra_ie_len = 0;
2541 return 0; 2035 return 0;
2542 } 2036 }
2543 ifsta->extra_ie = kmalloc(len, GFP_KERNEL); 2037 ifmgd->extra_ie = kmalloc(len, GFP_KERNEL);
2544 if (!ifsta->extra_ie) { 2038 if (!ifmgd->extra_ie) {
2545 ifsta->extra_ie_len = 0; 2039 ifmgd->extra_ie_len = 0;
2546 return -ENOMEM; 2040 return -ENOMEM;
2547 } 2041 }
2548 memcpy(ifsta->extra_ie, ie, len); 2042 memcpy(ifmgd->extra_ie, ie, len);
2549 ifsta->extra_ie_len = len; 2043 ifmgd->extra_ie_len = len;
2550 return 0; 2044 return 0;
2551} 2045}
2552 2046
2553int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason) 2047int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason)
2554{ 2048{
2555 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2556
2557 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n", 2049 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
2558 sdata->dev->name, reason); 2050 sdata->dev->name, reason);
2559 2051
2560 if (sdata->vif.type != NL80211_IFTYPE_STATION && 2052 if (sdata->vif.type != NL80211_IFTYPE_STATION)
2561 sdata->vif.type != NL80211_IFTYPE_ADHOC)
2562 return -EINVAL; 2053 return -EINVAL;
2563 2054
2564 ieee80211_set_disassoc(sdata, ifsta, true, true, reason); 2055 ieee80211_set_disassoc(sdata, true, true, reason);
2565 return 0; 2056 return 0;
2566} 2057}
2567 2058
2568int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason) 2059int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2569{ 2060{
2570 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 2061 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2571 2062
2572 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n", 2063 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
2573 sdata->dev->name, reason); 2064 sdata->dev->name, reason);
@@ -2575,10 +2066,10 @@ int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2575 if (sdata->vif.type != NL80211_IFTYPE_STATION) 2066 if (sdata->vif.type != NL80211_IFTYPE_STATION)
2576 return -EINVAL; 2067 return -EINVAL;
2577 2068
2578 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED)) 2069 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED))
2579 return -1; 2070 return -ENOLINK;
2580 2071
2581 ieee80211_set_disassoc(sdata, ifsta, false, true, reason); 2072 ieee80211_set_disassoc(sdata, false, true, reason);
2582 return 0; 2073 return 0;
2583} 2074}
2584 2075
@@ -2586,15 +2077,6 @@ int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2586void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 2077void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
2587{ 2078{
2588 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 2079 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2589 struct ieee80211_if_sta *ifsta;
2590
2591 if (sdata && sdata->vif.type == NL80211_IFTYPE_ADHOC) {
2592 ifsta = &sdata->u.sta;
2593 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
2594 (!(ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED) &&
2595 !ieee80211_sta_active_ibss(sdata)))
2596 ieee80211_sta_find_ibss(sdata, ifsta);
2597 }
2598 2080
2599 /* Restart STA timers */ 2081 /* Restart STA timers */
2600 rcu_read_lock(); 2082 rcu_read_lock();
@@ -2623,12 +2105,15 @@ void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
2623 struct ieee80211_local *local = 2105 struct ieee80211_local *local =
2624 container_of(work, struct ieee80211_local, 2106 container_of(work, struct ieee80211_local,
2625 dynamic_ps_enable_work); 2107 dynamic_ps_enable_work);
2108 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2626 2109
2627 if (local->hw.conf.flags & IEEE80211_CONF_PS) 2110 if (local->hw.conf.flags & IEEE80211_CONF_PS)
2628 return; 2111 return;
2629 2112
2630 local->hw.conf.flags |= IEEE80211_CONF_PS; 2113 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
2114 ieee80211_send_nullfunc(local, sdata, 1);
2631 2115
2116 local->hw.conf.flags |= IEEE80211_CONF_PS;
2632 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 2117 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
2633} 2118}
2634 2119
@@ -2638,3 +2123,36 @@ void ieee80211_dynamic_ps_timer(unsigned long data)
2638 2123
2639 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work); 2124 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work);
2640} 2125}
2126
2127void ieee80211_send_nullfunc(struct ieee80211_local *local,
2128 struct ieee80211_sub_if_data *sdata,
2129 int powersave)
2130{
2131 struct sk_buff *skb;
2132 struct ieee80211_hdr *nullfunc;
2133 __le16 fc;
2134
2135 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2136 return;
2137
2138 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
2139 if (!skb) {
2140 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
2141 "frame\n", sdata->dev->name);
2142 return;
2143 }
2144 skb_reserve(skb, local->hw.extra_tx_headroom);
2145
2146 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
2147 memset(nullfunc, 0, 24);
2148 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
2149 IEEE80211_FCTL_TODS);
2150 if (powersave)
2151 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
2152 nullfunc->frame_control = fc;
2153 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
2154 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
2155 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
2156
2157 ieee80211_tx_skb(sdata, skb, 0);
2158}
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
new file mode 100644
index 000000000000..027302326498
--- /dev/null
+++ b/net/mac80211/pm.c
@@ -0,0 +1,179 @@
1#include <net/mac80211.h>
2#include <net/rtnetlink.h>
3
4#include "ieee80211_i.h"
5#include "led.h"
6
7int __ieee80211_suspend(struct ieee80211_hw *hw)
8{
9 struct ieee80211_local *local = hw_to_local(hw);
10 struct ieee80211_sub_if_data *sdata;
11 struct ieee80211_if_init_conf conf;
12 struct sta_info *sta;
13 unsigned long flags;
14
15 ieee80211_stop_queues_by_reason(hw,
16 IEEE80211_QUEUE_STOP_REASON_SUSPEND);
17
18 flush_workqueue(local->hw.workqueue);
19
20 /* disable keys */
21 list_for_each_entry(sdata, &local->interfaces, list)
22 ieee80211_disable_keys(sdata);
23
24 /* Tear down aggregation sessions */
25
26 rcu_read_lock();
27
28 if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) {
29 list_for_each_entry_rcu(sta, &local->sta_list, list) {
30 set_sta_flags(sta, WLAN_STA_SUSPEND);
31 ieee80211_sta_tear_down_BA_sessions(sta);
32 }
33 }
34
35 rcu_read_unlock();
36
37 /* remove STAs */
38 if (local->ops->sta_notify) {
39 spin_lock_irqsave(&local->sta_lock, flags);
40 list_for_each_entry(sta, &local->sta_list, list) {
41 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
42 sdata = container_of(sdata->bss,
43 struct ieee80211_sub_if_data,
44 u.ap);
45
46 local->ops->sta_notify(hw, &sdata->vif,
47 STA_NOTIFY_REMOVE, &sta->sta);
48 }
49 spin_unlock_irqrestore(&local->sta_lock, flags);
50 }
51
52 /* remove all interfaces */
53 list_for_each_entry(sdata, &local->interfaces, list) {
54 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
55 sdata->vif.type != NL80211_IFTYPE_MONITOR &&
56 netif_running(sdata->dev)) {
57 conf.vif = &sdata->vif;
58 conf.type = sdata->vif.type;
59 conf.mac_addr = sdata->dev->dev_addr;
60 local->ops->remove_interface(hw, &conf);
61 }
62 }
63
64 /* flush again, in case driver queued work */
65 flush_workqueue(local->hw.workqueue);
66
67 /* stop hardware */
68 if (local->open_count) {
69 ieee80211_led_radio(local, false);
70 local->ops->stop(hw);
71 }
72 return 0;
73}
74
75int __ieee80211_resume(struct ieee80211_hw *hw)
76{
77 struct ieee80211_local *local = hw_to_local(hw);
78 struct ieee80211_sub_if_data *sdata;
79 struct ieee80211_if_init_conf conf;
80 struct sta_info *sta;
81 unsigned long flags;
82 int res;
83
84 /* restart hardware */
85 if (local->open_count) {
86 res = local->ops->start(hw);
87
88 ieee80211_led_radio(local, hw->conf.radio_enabled);
89 }
90
91 /* add interfaces */
92 list_for_each_entry(sdata, &local->interfaces, list) {
93 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
94 sdata->vif.type != NL80211_IFTYPE_MONITOR &&
95 netif_running(sdata->dev)) {
96 conf.vif = &sdata->vif;
97 conf.type = sdata->vif.type;
98 conf.mac_addr = sdata->dev->dev_addr;
99 res = local->ops->add_interface(hw, &conf);
100 }
101 }
102
103 /* add STAs back */
104 if (local->ops->sta_notify) {
105 spin_lock_irqsave(&local->sta_lock, flags);
106 list_for_each_entry(sta, &local->sta_list, list) {
107 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
108 sdata = container_of(sdata->bss,
109 struct ieee80211_sub_if_data,
110 u.ap);
111
112 local->ops->sta_notify(hw, &sdata->vif,
113 STA_NOTIFY_ADD, &sta->sta);
114 }
115 spin_unlock_irqrestore(&local->sta_lock, flags);
116 }
117
118 /* Clear Suspend state so that ADDBA requests can be processed */
119
120 rcu_read_lock();
121
122 if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) {
123 list_for_each_entry_rcu(sta, &local->sta_list, list) {
124 clear_sta_flags(sta, WLAN_STA_SUSPEND);
125 }
126 }
127
128 rcu_read_unlock();
129
130 /* add back keys */
131 list_for_each_entry(sdata, &local->interfaces, list)
132 if (netif_running(sdata->dev))
133 ieee80211_enable_keys(sdata);
134
135 /* setup RTS threshold */
136 if (local->ops->set_rts_threshold)
137 local->ops->set_rts_threshold(hw, local->rts_threshold);
138
139 /* reconfigure hardware */
140 ieee80211_hw_config(local, ~0);
141
142 netif_addr_lock_bh(local->mdev);
143 ieee80211_configure_filter(local);
144 netif_addr_unlock_bh(local->mdev);
145
146 /* Finally also reconfigure all the BSS information */
147 list_for_each_entry(sdata, &local->interfaces, list) {
148 u32 changed = ~0;
149 if (!netif_running(sdata->dev))
150 continue;
151 switch (sdata->vif.type) {
152 case NL80211_IFTYPE_STATION:
153 /* disable beacon change bits */
154 changed &= ~IEEE80211_IFCC_BEACON;
155 /* fall through */
156 case NL80211_IFTYPE_ADHOC:
157 case NL80211_IFTYPE_AP:
158 case NL80211_IFTYPE_MESH_POINT:
159 WARN_ON(ieee80211_if_config(sdata, changed));
160 ieee80211_bss_info_change_notify(sdata, ~0);
161 break;
162 case NL80211_IFTYPE_WDS:
163 break;
164 case NL80211_IFTYPE_AP_VLAN:
165 case NL80211_IFTYPE_MONITOR:
166 /* ignore virtual */
167 break;
168 case NL80211_IFTYPE_UNSPECIFIED:
169 case __NL80211_IFTYPE_AFTER_LAST:
170 WARN_ON(1);
171 break;
172 }
173 }
174
175 ieee80211_wake_queues_by_reason(hw,
176 IEEE80211_QUEUE_STOP_REASON_SUSPEND);
177
178 return 0;
179}
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index 3fa7ab285066..4641f00a1e5c 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -219,10 +219,12 @@ void rate_control_get_rate(struct ieee80211_sub_if_data *sdata,
219 info->control.rates[i].count = 1; 219 info->control.rates[i].count = 1;
220 } 220 }
221 221
222 if (sta && sdata->force_unicast_rateidx > -1) 222 if (sta && sdata->force_unicast_rateidx > -1) {
223 info->control.rates[0].idx = sdata->force_unicast_rateidx; 223 info->control.rates[0].idx = sdata->force_unicast_rateidx;
224 else 224 } else {
225 ref->ops->get_rate(ref->priv, ista, priv_sta, txrc); 225 ref->ops->get_rate(ref->priv, ista, priv_sta, txrc);
226 info->flags |= IEEE80211_TX_INTFL_RCALGO;
227 }
226 228
227 /* 229 /*
228 * try to enforce the maximum rate the user wanted 230 * try to enforce the maximum rate the user wanted
diff --git a/net/mac80211/rate.h b/net/mac80211/rate.h
index 928da625e281..2ab5ad9e71ce 100644
--- a/net/mac80211/rate.h
+++ b/net/mac80211/rate.h
@@ -44,8 +44,10 @@ static inline void rate_control_tx_status(struct ieee80211_local *local,
44 struct rate_control_ref *ref = local->rate_ctrl; 44 struct rate_control_ref *ref = local->rate_ctrl;
45 struct ieee80211_sta *ista = &sta->sta; 45 struct ieee80211_sta *ista = &sta->sta;
46 void *priv_sta = sta->rate_ctrl_priv; 46 void *priv_sta = sta->rate_ctrl_priv;
47 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
47 48
48 ref->ops->tx_status(ref->priv, sband, ista, priv_sta, skb); 49 if (likely(info->flags & IEEE80211_TX_INTFL_RCALGO))
50 ref->ops->tx_status(ref->priv, sband, ista, priv_sta, skb);
49} 51}
50 52
51 53
@@ -62,6 +64,18 @@ static inline void rate_control_rate_init(struct sta_info *sta)
62 ref->ops->rate_init(ref->priv, sband, ista, priv_sta); 64 ref->ops->rate_init(ref->priv, sband, ista, priv_sta);
63} 65}
64 66
67static inline void rate_control_rate_update(struct ieee80211_local *local,
68 struct ieee80211_supported_band *sband,
69 struct sta_info *sta, u32 changed)
70{
71 struct rate_control_ref *ref = local->rate_ctrl;
72 struct ieee80211_sta *ista = &sta->sta;
73 void *priv_sta = sta->rate_ctrl_priv;
74
75 if (ref->ops->rate_update)
76 ref->ops->rate_update(ref->priv, sband, ista,
77 priv_sta, changed);
78}
65 79
66static inline void *rate_control_alloc_sta(struct rate_control_ref *ref, 80static inline void *rate_control_alloc_sta(struct rate_control_ref *ref,
67 struct ieee80211_sta *sta, 81 struct ieee80211_sta *sta,
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 7175ae80c36a..64ebe664effc 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -86,8 +86,7 @@ ieee80211_rx_radiotap_len(struct ieee80211_local *local,
86 86
87 if (status->flag & RX_FLAG_TSFT) 87 if (status->flag & RX_FLAG_TSFT)
88 len += 8; 88 len += 8;
89 if (local->hw.flags & IEEE80211_HW_SIGNAL_DB || 89 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
90 local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
91 len += 1; 90 len += 1;
92 if (local->hw.flags & IEEE80211_HW_NOISE_DBM) 91 if (local->hw.flags & IEEE80211_HW_NOISE_DBM)
93 len += 1; 92 len += 1;
@@ -102,7 +101,7 @@ ieee80211_rx_radiotap_len(struct ieee80211_local *local,
102 return len; 101 return len;
103} 102}
104 103
105/** 104/*
106 * ieee80211_add_rx_radiotap_header - add radiotap header 105 * ieee80211_add_rx_radiotap_header - add radiotap header
107 * 106 *
108 * add a radiotap header containing all the fields which the hardware provided. 107 * add a radiotap header containing all the fields which the hardware provided.
@@ -143,6 +142,8 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
143 /* IEEE80211_RADIOTAP_FLAGS */ 142 /* IEEE80211_RADIOTAP_FLAGS */
144 if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) 143 if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS)
145 *pos |= IEEE80211_RADIOTAP_F_FCS; 144 *pos |= IEEE80211_RADIOTAP_F_FCS;
145 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC))
146 *pos |= IEEE80211_RADIOTAP_F_BADFCS;
146 if (status->flag & RX_FLAG_SHORTPRE) 147 if (status->flag & RX_FLAG_SHORTPRE)
147 *pos |= IEEE80211_RADIOTAP_F_SHORTPRE; 148 *pos |= IEEE80211_RADIOTAP_F_SHORTPRE;
148 pos++; 149 pos++;
@@ -158,7 +159,7 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
158 */ 159 */
159 *pos = 0; 160 *pos = 0;
160 } else { 161 } else {
161 rthdr->it_present |= (1 << IEEE80211_RADIOTAP_RATE); 162 rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_RATE);
162 *pos = rate->bitrate / 5; 163 *pos = rate->bitrate / 5;
163 } 164 }
164 pos++; 165 pos++;
@@ -199,23 +200,14 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
199 *pos = status->antenna; 200 *pos = status->antenna;
200 pos++; 201 pos++;
201 202
202 /* IEEE80211_RADIOTAP_DB_ANTSIGNAL */
203 if (local->hw.flags & IEEE80211_HW_SIGNAL_DB) {
204 *pos = status->signal;
205 rthdr->it_present |=
206 cpu_to_le32(1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL);
207 pos++;
208 }
209
210 /* IEEE80211_RADIOTAP_DB_ANTNOISE is not used */ 203 /* IEEE80211_RADIOTAP_DB_ANTNOISE is not used */
211 204
212 /* IEEE80211_RADIOTAP_RX_FLAGS */ 205 /* IEEE80211_RADIOTAP_RX_FLAGS */
213 /* ensure 2 byte alignment for the 2 byte field as required */ 206 /* ensure 2 byte alignment for the 2 byte field as required */
214 if ((pos - (unsigned char *)rthdr) & 1) 207 if ((pos - (unsigned char *)rthdr) & 1)
215 pos++; 208 pos++;
216 /* FIXME: when radiotap gets a 'bad PLCP' flag use it here */ 209 if (status->flag & RX_FLAG_FAILED_PLCP_CRC)
217 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC)) 210 *(__le16 *)pos |= cpu_to_le16(IEEE80211_RADIOTAP_F_RX_BADPLCP);
218 *(__le16 *)pos |= cpu_to_le16(IEEE80211_RADIOTAP_F_RX_BADFCS);
219 pos += 2; 211 pos += 2;
220} 212}
221 213
@@ -371,39 +363,50 @@ static void ieee80211_parse_qos(struct ieee80211_rx_data *rx)
371 rx->skb->priority = (tid > 7) ? 0 : tid; 363 rx->skb->priority = (tid > 7) ? 0 : tid;
372} 364}
373 365
374static void ieee80211_verify_ip_alignment(struct ieee80211_rx_data *rx) 366/**
367 * DOC: Packet alignment
368 *
369 * Drivers always need to pass packets that are aligned to two-byte boundaries
370 * to the stack.
371 *
372 * Additionally, should, if possible, align the payload data in a way that
373 * guarantees that the contained IP header is aligned to a four-byte
374 * boundary. In the case of regular frames, this simply means aligning the
375 * payload to a four-byte boundary (because either the IP header is directly
376 * contained, or IV/RFC1042 headers that have a length divisible by four are
377 * in front of it).
378 *
379 * With A-MSDU frames, however, the payload data address must yield two modulo
380 * four because there are 14-byte 802.3 headers within the A-MSDU frames that
381 * push the IP header further back to a multiple of four again. Thankfully, the
382 * specs were sane enough this time around to require padding each A-MSDU
383 * subframe to a length that is a multiple of four.
384 *
385 * Padding like Atheros hardware adds which is inbetween the 802.11 header and
386 * the payload is not supported, the driver is required to move the 802.11
387 * header to be directly in front of the payload in that case.
388 */
389static void ieee80211_verify_alignment(struct ieee80211_rx_data *rx)
375{ 390{
376#ifdef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT
377 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 391 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
378 int hdrlen; 392 int hdrlen;
379 393
394#ifndef CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT
395 return;
396#endif
397
398 if (WARN_ONCE((unsigned long)rx->skb->data & 1,
399 "unaligned packet at 0x%p\n", rx->skb->data))
400 return;
401
380 if (!ieee80211_is_data_present(hdr->frame_control)) 402 if (!ieee80211_is_data_present(hdr->frame_control))
381 return; 403 return;
382 404
383 /*
384 * Drivers are required to align the payload data in a way that
385 * guarantees that the contained IP header is aligned to a four-
386 * byte boundary. In the case of regular frames, this simply means
387 * aligning the payload to a four-byte boundary (because either
388 * the IP header is directly contained, or IV/RFC1042 headers that
389 * have a length divisible by four are in front of it.
390 *
391 * With A-MSDU frames, however, the payload data address must
392 * yield two modulo four because there are 14-byte 802.3 headers
393 * within the A-MSDU frames that push the IP header further back
394 * to a multiple of four again. Thankfully, the specs were sane
395 * enough this time around to require padding each A-MSDU subframe
396 * to a length that is a multiple of four.
397 *
398 * Padding like atheros hardware adds which is inbetween the 802.11
399 * header and the payload is not supported, the driver is required
400 * to move the 802.11 header further back in that case.
401 */
402 hdrlen = ieee80211_hdrlen(hdr->frame_control); 405 hdrlen = ieee80211_hdrlen(hdr->frame_control);
403 if (rx->flags & IEEE80211_RX_AMSDU) 406 if (rx->flags & IEEE80211_RX_AMSDU)
404 hdrlen += ETH_HLEN; 407 hdrlen += ETH_HLEN;
405 WARN_ON_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3); 408 WARN_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3,
406#endif 409 "unaligned IP payload at 0x%p\n", rx->skb->data + hdrlen);
407} 410}
408 411
409 412
@@ -435,6 +438,52 @@ ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
435 return RX_CONTINUE; 438 return RX_CONTINUE;
436} 439}
437 440
441
442static int ieee80211_is_unicast_robust_mgmt_frame(struct sk_buff *skb)
443{
444 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
445
446 if (skb->len < 24 || is_multicast_ether_addr(hdr->addr1))
447 return 0;
448
449 return ieee80211_is_robust_mgmt_frame(hdr);
450}
451
452
453static int ieee80211_is_multicast_robust_mgmt_frame(struct sk_buff *skb)
454{
455 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
456
457 if (skb->len < 24 || !is_multicast_ether_addr(hdr->addr1))
458 return 0;
459
460 return ieee80211_is_robust_mgmt_frame(hdr);
461}
462
463
464/* Get the BIP key index from MMIE; return -1 if this is not a BIP frame */
465static int ieee80211_get_mmie_keyidx(struct sk_buff *skb)
466{
467 struct ieee80211_mgmt *hdr = (struct ieee80211_mgmt *) skb->data;
468 struct ieee80211_mmie *mmie;
469
470 if (skb->len < 24 + sizeof(*mmie) ||
471 !is_multicast_ether_addr(hdr->da))
472 return -1;
473
474 if (!ieee80211_is_robust_mgmt_frame((struct ieee80211_hdr *) hdr))
475 return -1; /* not a robust management frame */
476
477 mmie = (struct ieee80211_mmie *)
478 (skb->data + skb->len - sizeof(*mmie));
479 if (mmie->element_id != WLAN_EID_MMIE ||
480 mmie->length != sizeof(*mmie) - 2)
481 return -1;
482
483 return le16_to_cpu(mmie->key_id);
484}
485
486
438static ieee80211_rx_result 487static ieee80211_rx_result
439ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx) 488ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx)
440{ 489{
@@ -550,21 +599,23 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
550 int hdrlen; 599 int hdrlen;
551 ieee80211_rx_result result = RX_DROP_UNUSABLE; 600 ieee80211_rx_result result = RX_DROP_UNUSABLE;
552 struct ieee80211_key *stakey = NULL; 601 struct ieee80211_key *stakey = NULL;
602 int mmie_keyidx = -1;
553 603
554 /* 604 /*
555 * Key selection 101 605 * Key selection 101
556 * 606 *
557 * There are three types of keys: 607 * There are four types of keys:
558 * - GTK (group keys) 608 * - GTK (group keys)
609 * - IGTK (group keys for management frames)
559 * - PTK (pairwise keys) 610 * - PTK (pairwise keys)
560 * - STK (station-to-station pairwise keys) 611 * - STK (station-to-station pairwise keys)
561 * 612 *
562 * When selecting a key, we have to distinguish between multicast 613 * When selecting a key, we have to distinguish between multicast
563 * (including broadcast) and unicast frames, the latter can only 614 * (including broadcast) and unicast frames, the latter can only
564 * use PTKs and STKs while the former always use GTKs. Unless, of 615 * use PTKs and STKs while the former always use GTKs and IGTKs.
565 * course, actual WEP keys ("pre-RSNA") are used, then unicast 616 * Unless, of course, actual WEP keys ("pre-RSNA") are used, then
566 * frames can also use key indizes like GTKs. Hence, if we don't 617 * unicast frames can also use key indices like GTKs. Hence, if we
567 * have a PTK/STK we check the key index for a WEP key. 618 * don't have a PTK/STK we check the key index for a WEP key.
568 * 619 *
569 * Note that in a regular BSS, multicast frames are sent by the 620 * Note that in a regular BSS, multicast frames are sent by the
570 * AP only, associated stations unicast the frame to the AP first 621 * AP only, associated stations unicast the frame to the AP first
@@ -577,8 +628,14 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
577 * possible. 628 * possible.
578 */ 629 */
579 630
580 if (!ieee80211_has_protected(hdr->frame_control)) 631 if (!ieee80211_has_protected(hdr->frame_control)) {
581 return RX_CONTINUE; 632 if (!ieee80211_is_mgmt(hdr->frame_control) ||
633 rx->sta == NULL || !test_sta_flags(rx->sta, WLAN_STA_MFP))
634 return RX_CONTINUE;
635 mmie_keyidx = ieee80211_get_mmie_keyidx(rx->skb);
636 if (mmie_keyidx < 0)
637 return RX_CONTINUE;
638 }
582 639
583 /* 640 /*
584 * No point in finding a key and decrypting if the frame is neither 641 * No point in finding a key and decrypting if the frame is neither
@@ -592,6 +649,16 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
592 649
593 if (!is_multicast_ether_addr(hdr->addr1) && stakey) { 650 if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
594 rx->key = stakey; 651 rx->key = stakey;
652 } else if (mmie_keyidx >= 0) {
653 /* Broadcast/multicast robust management frame / BIP */
654 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
655 (rx->status->flag & RX_FLAG_IV_STRIPPED))
656 return RX_CONTINUE;
657
658 if (mmie_keyidx < NUM_DEFAULT_KEYS ||
659 mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
660 return RX_DROP_MONITOR; /* unexpected BIP keyidx */
661 rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]);
595 } else { 662 } else {
596 /* 663 /*
597 * The device doesn't give us the IV so we won't be 664 * The device doesn't give us the IV so we won't be
@@ -654,6 +721,9 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
654 case ALG_CCMP: 721 case ALG_CCMP:
655 result = ieee80211_crypto_ccmp_decrypt(rx); 722 result = ieee80211_crypto_ccmp_decrypt(rx);
656 break; 723 break;
724 case ALG_AES_CMAC:
725 result = ieee80211_crypto_aes_cmac_decrypt(rx);
726 break;
657 } 727 }
658 728
659 /* either the frame has been decrypted or will be dropped */ 729 /* either the frame has been decrypted or will be dropped */
@@ -662,6 +732,39 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
662 return result; 732 return result;
663} 733}
664 734
735static ieee80211_rx_result debug_noinline
736ieee80211_rx_h_check_more_data(struct ieee80211_rx_data *rx)
737{
738 struct ieee80211_local *local;
739 struct ieee80211_hdr *hdr;
740 struct sk_buff *skb;
741
742 local = rx->local;
743 skb = rx->skb;
744 hdr = (struct ieee80211_hdr *) skb->data;
745
746 if (!local->pspolling)
747 return RX_CONTINUE;
748
749 if (!ieee80211_has_fromds(hdr->frame_control))
750 /* this is not from AP */
751 return RX_CONTINUE;
752
753 if (!ieee80211_is_data(hdr->frame_control))
754 return RX_CONTINUE;
755
756 if (!ieee80211_has_moredata(hdr->frame_control)) {
757 /* AP has no more frames buffered for us */
758 local->pspolling = false;
759 return RX_CONTINUE;
760 }
761
762 /* more data bit is set, let's request a new frame from the AP */
763 ieee80211_send_pspoll(local, rx->sdata);
764
765 return RX_CONTINUE;
766}
767
665static void ap_sta_ps_start(struct sta_info *sta) 768static void ap_sta_ps_start(struct sta_info *sta)
666{ 769{
667 struct ieee80211_sub_if_data *sdata = sta->sdata; 770 struct ieee80211_sub_if_data *sdata = sta->sdata;
@@ -736,7 +839,7 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
736 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) { 839 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) {
737 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len, 840 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len,
738 NL80211_IFTYPE_ADHOC); 841 NL80211_IFTYPE_ADHOC);
739 if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0) 842 if (compare_ether_addr(bssid, rx->sdata->u.ibss.bssid) == 0)
740 sta->last_rx = jiffies; 843 sta->last_rx = jiffies;
741 } else 844 } else
742 if (!is_multicast_ether_addr(hdr->addr1) || 845 if (!is_multicast_ether_addr(hdr->addr1) ||
@@ -747,12 +850,19 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
747 * Mesh beacons will update last_rx when if they are found to 850 * Mesh beacons will update last_rx when if they are found to
748 * match the current local configuration when processed. 851 * match the current local configuration when processed.
749 */ 852 */
750 sta->last_rx = jiffies; 853 if (rx->sdata->vif.type == NL80211_IFTYPE_STATION &&
854 ieee80211_is_beacon(hdr->frame_control)) {
855 rx->sdata->u.mgd.last_beacon = jiffies;
856 } else
857 sta->last_rx = jiffies;
751 } 858 }
752 859
753 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 860 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
754 return RX_CONTINUE; 861 return RX_CONTINUE;
755 862
863 if (rx->sdata->vif.type == NL80211_IFTYPE_STATION)
864 ieee80211_sta_rx_notify(rx->sdata, hdr);
865
756 sta->rx_fragments++; 866 sta->rx_fragments++;
757 sta->rx_bytes += rx->skb->len; 867 sta->rx_bytes += rx->skb->len;
758 sta->last_signal = rx->status->signal; 868 sta->last_signal = rx->status->signal;
@@ -1101,6 +1211,15 @@ ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx, __le16 fc)
1101 /* Drop unencrypted frames if key is set. */ 1211 /* Drop unencrypted frames if key is set. */
1102 if (unlikely(!ieee80211_has_protected(fc) && 1212 if (unlikely(!ieee80211_has_protected(fc) &&
1103 !ieee80211_is_nullfunc(fc) && 1213 !ieee80211_is_nullfunc(fc) &&
1214 (!ieee80211_is_mgmt(fc) ||
1215 (ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1216 rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP))) &&
1217 (rx->key || rx->sdata->drop_unencrypted)))
1218 return -EACCES;
1219 /* BIP does not use Protected field, so need to check MMIE */
1220 if (unlikely(rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP) &&
1221 ieee80211_is_multicast_robust_mgmt_frame(rx->skb) &&
1222 ieee80211_get_mmie_keyidx(rx->skb) < 0 &&
1104 (rx->key || rx->sdata->drop_unencrypted))) 1223 (rx->key || rx->sdata->drop_unencrypted)))
1105 return -EACCES; 1224 return -EACCES;
1106 1225
@@ -1138,12 +1257,12 @@ ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1138 1257
1139 switch (hdr->frame_control & 1258 switch (hdr->frame_control &
1140 cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) { 1259 cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
1141 case __constant_cpu_to_le16(IEEE80211_FCTL_TODS): 1260 case cpu_to_le16(IEEE80211_FCTL_TODS):
1142 if (unlikely(sdata->vif.type != NL80211_IFTYPE_AP && 1261 if (unlikely(sdata->vif.type != NL80211_IFTYPE_AP &&
1143 sdata->vif.type != NL80211_IFTYPE_AP_VLAN)) 1262 sdata->vif.type != NL80211_IFTYPE_AP_VLAN))
1144 return -1; 1263 return -1;
1145 break; 1264 break;
1146 case __constant_cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS): 1265 case cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
1147 if (unlikely(sdata->vif.type != NL80211_IFTYPE_WDS && 1266 if (unlikely(sdata->vif.type != NL80211_IFTYPE_WDS &&
1148 sdata->vif.type != NL80211_IFTYPE_MESH_POINT)) 1267 sdata->vif.type != NL80211_IFTYPE_MESH_POINT))
1149 return -1; 1268 return -1;
@@ -1157,13 +1276,13 @@ ieee80211_data_to_8023(struct ieee80211_rx_data *rx)
1157 } 1276 }
1158 } 1277 }
1159 break; 1278 break;
1160 case __constant_cpu_to_le16(IEEE80211_FCTL_FROMDS): 1279 case cpu_to_le16(IEEE80211_FCTL_FROMDS):
1161 if (sdata->vif.type != NL80211_IFTYPE_STATION || 1280 if (sdata->vif.type != NL80211_IFTYPE_STATION ||
1162 (is_multicast_ether_addr(dst) && 1281 (is_multicast_ether_addr(dst) &&
1163 !compare_ether_addr(src, dev->dev_addr))) 1282 !compare_ether_addr(src, dev->dev_addr)))
1164 return -1; 1283 return -1;
1165 break; 1284 break;
1166 case __constant_cpu_to_le16(0): 1285 case cpu_to_le16(0):
1167 if (sdata->vif.type != NL80211_IFTYPE_ADHOC) 1286 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
1168 return -1; 1287 return -1;
1169 break; 1288 break;
@@ -1267,10 +1386,37 @@ ieee80211_deliver_skb(struct ieee80211_rx_data *rx)
1267 } 1386 }
1268 1387
1269 if (skb) { 1388 if (skb) {
1270 /* deliver to local stack */ 1389 int align __maybe_unused;
1271 skb->protocol = eth_type_trans(skb, dev); 1390
1272 memset(skb->cb, 0, sizeof(skb->cb)); 1391#if defined(CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT) || !defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)
1273 netif_rx(skb); 1392 /*
1393 * 'align' will only take the values 0 or 2 here
1394 * since all frames are required to be aligned
1395 * to 2-byte boundaries when being passed to
1396 * mac80211. That also explains the __skb_push()
1397 * below.
1398 */
1399 align = (unsigned long)skb->data & 4;
1400 if (align) {
1401 if (WARN_ON(skb_headroom(skb) < 3)) {
1402 dev_kfree_skb(skb);
1403 skb = NULL;
1404 } else {
1405 u8 *data = skb->data;
1406 size_t len = skb->len;
1407 u8 *new = __skb_push(skb, align);
1408 memmove(new, data, len);
1409 __skb_trim(skb, len);
1410 }
1411 }
1412#endif
1413
1414 if (skb) {
1415 /* deliver to local stack */
1416 skb->protocol = eth_type_trans(skb, dev);
1417 memset(skb->cb, 0, sizeof(skb->cb));
1418 netif_rx(skb);
1419 }
1274 } 1420 }
1275 1421
1276 if (xmit_skb) { 1422 if (xmit_skb) {
@@ -1339,14 +1485,20 @@ ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx)
1339 if (remaining <= subframe_len + padding) 1485 if (remaining <= subframe_len + padding)
1340 frame = skb; 1486 frame = skb;
1341 else { 1487 else {
1342 frame = dev_alloc_skb(local->hw.extra_tx_headroom + 1488 /*
1343 subframe_len); 1489 * Allocate and reserve two bytes more for payload
1490 * alignment since sizeof(struct ethhdr) is 14.
1491 */
1492 frame = dev_alloc_skb(
1493 ALIGN(local->hw.extra_tx_headroom, 4) +
1494 subframe_len + 2);
1344 1495
1345 if (frame == NULL) 1496 if (frame == NULL)
1346 return RX_DROP_UNUSABLE; 1497 return RX_DROP_UNUSABLE;
1347 1498
1348 skb_reserve(frame, local->hw.extra_tx_headroom + 1499 skb_reserve(frame,
1349 sizeof(struct ethhdr)); 1500 ALIGN(local->hw.extra_tx_headroom, 4) +
1501 sizeof(struct ethhdr) + 2);
1350 memcpy(skb_put(frame, ntohs(len)), skb->data, 1502 memcpy(skb_put(frame, ntohs(len)), skb->data,
1351 ntohs(len)); 1503 ntohs(len));
1352 1504
@@ -1529,11 +1681,9 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1529 start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4; 1681 start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4;
1530 1682
1531 /* reset session timer */ 1683 /* reset session timer */
1532 if (tid_agg_rx->timeout) { 1684 if (tid_agg_rx->timeout)
1533 unsigned long expires = 1685 mod_timer(&tid_agg_rx->session_timer,
1534 jiffies + (tid_agg_rx->timeout / 1000) * HZ; 1686 TU_TO_EXP_TIME(tid_agg_rx->timeout));
1535 mod_timer(&tid_agg_rx->session_timer, expires);
1536 }
1537 1687
1538 /* manage reordering buffer according to requested */ 1688 /* manage reordering buffer according to requested */
1539 /* sequence number */ 1689 /* sequence number */
@@ -1547,12 +1697,64 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1547 return RX_CONTINUE; 1697 return RX_CONTINUE;
1548} 1698}
1549 1699
1700static void ieee80211_process_sa_query_req(struct ieee80211_sub_if_data *sdata,
1701 struct ieee80211_mgmt *mgmt,
1702 size_t len)
1703{
1704 struct ieee80211_local *local = sdata->local;
1705 struct sk_buff *skb;
1706 struct ieee80211_mgmt *resp;
1707
1708 if (compare_ether_addr(mgmt->da, sdata->dev->dev_addr) != 0) {
1709 /* Not to own unicast address */
1710 return;
1711 }
1712
1713 if (compare_ether_addr(mgmt->sa, sdata->u.mgd.bssid) != 0 ||
1714 compare_ether_addr(mgmt->bssid, sdata->u.mgd.bssid) != 0) {
1715 /* Not from the current AP. */
1716 return;
1717 }
1718
1719 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATE) {
1720 /* Association in progress; ignore SA Query */
1721 return;
1722 }
1723
1724 if (len < 24 + 1 + sizeof(resp->u.action.u.sa_query)) {
1725 /* Too short SA Query request frame */
1726 return;
1727 }
1728
1729 skb = dev_alloc_skb(sizeof(*resp) + local->hw.extra_tx_headroom);
1730 if (skb == NULL)
1731 return;
1732
1733 skb_reserve(skb, local->hw.extra_tx_headroom);
1734 resp = (struct ieee80211_mgmt *) skb_put(skb, 24);
1735 memset(resp, 0, 24);
1736 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1737 memcpy(resp->sa, sdata->dev->dev_addr, ETH_ALEN);
1738 memcpy(resp->bssid, sdata->u.mgd.bssid, ETH_ALEN);
1739 resp->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1740 IEEE80211_STYPE_ACTION);
1741 skb_put(skb, 1 + sizeof(resp->u.action.u.sa_query));
1742 resp->u.action.category = WLAN_CATEGORY_SA_QUERY;
1743 resp->u.action.u.sa_query.action = WLAN_ACTION_SA_QUERY_RESPONSE;
1744 memcpy(resp->u.action.u.sa_query.trans_id,
1745 mgmt->u.action.u.sa_query.trans_id,
1746 WLAN_SA_QUERY_TR_ID_LEN);
1747
1748 ieee80211_tx_skb(sdata, skb, 1);
1749}
1750
1550static ieee80211_rx_result debug_noinline 1751static ieee80211_rx_result debug_noinline
1551ieee80211_rx_h_action(struct ieee80211_rx_data *rx) 1752ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1552{ 1753{
1553 struct ieee80211_local *local = rx->local; 1754 struct ieee80211_local *local = rx->local;
1554 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1755 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1555 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 1756 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1757 struct ieee80211_bss *bss;
1556 int len = rx->skb->len; 1758 int len = rx->skb->len;
1557 1759
1558 if (!ieee80211_is_action(mgmt->frame_control)) 1760 if (!ieee80211_is_action(mgmt->frame_control))
@@ -1564,12 +1766,26 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1564 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1766 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
1565 return RX_DROP_MONITOR; 1767 return RX_DROP_MONITOR;
1566 1768
1769 if (ieee80211_drop_unencrypted(rx, mgmt->frame_control))
1770 return RX_DROP_MONITOR;
1771
1567 /* all categories we currently handle have action_code */ 1772 /* all categories we currently handle have action_code */
1568 if (len < IEEE80211_MIN_ACTION_SIZE + 1) 1773 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
1569 return RX_DROP_MONITOR; 1774 return RX_DROP_MONITOR;
1570 1775
1571 switch (mgmt->u.action.category) { 1776 switch (mgmt->u.action.category) {
1572 case WLAN_CATEGORY_BACK: 1777 case WLAN_CATEGORY_BACK:
1778 /*
1779 * The aggregation code is not prepared to handle
1780 * anything but STA/AP due to the BSSID handling;
1781 * IBSS could work in the code but isn't supported
1782 * by drivers or the standard.
1783 */
1784 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
1785 sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
1786 sdata->vif.type != NL80211_IFTYPE_AP)
1787 return RX_DROP_MONITOR;
1788
1573 switch (mgmt->u.action.u.addba_req.action_code) { 1789 switch (mgmt->u.action.u.addba_req.action_code) {
1574 case WLAN_ACTION_ADDBA_REQ: 1790 case WLAN_ACTION_ADDBA_REQ:
1575 if (len < (IEEE80211_MIN_ACTION_SIZE + 1791 if (len < (IEEE80211_MIN_ACTION_SIZE +
@@ -1594,6 +1810,10 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1594 case WLAN_CATEGORY_SPECTRUM_MGMT: 1810 case WLAN_CATEGORY_SPECTRUM_MGMT:
1595 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ) 1811 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ)
1596 return RX_DROP_MONITOR; 1812 return RX_DROP_MONITOR;
1813
1814 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1815 return RX_DROP_MONITOR;
1816
1597 switch (mgmt->u.action.u.measurement.action_code) { 1817 switch (mgmt->u.action.u.measurement.action_code) {
1598 case WLAN_ACTION_SPCT_MSR_REQ: 1818 case WLAN_ACTION_SPCT_MSR_REQ:
1599 if (len < (IEEE80211_MIN_ACTION_SIZE + 1819 if (len < (IEEE80211_MIN_ACTION_SIZE +
@@ -1601,6 +1821,43 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1601 return RX_DROP_MONITOR; 1821 return RX_DROP_MONITOR;
1602 ieee80211_process_measurement_req(sdata, mgmt, len); 1822 ieee80211_process_measurement_req(sdata, mgmt, len);
1603 break; 1823 break;
1824 case WLAN_ACTION_SPCT_CHL_SWITCH:
1825 if (len < (IEEE80211_MIN_ACTION_SIZE +
1826 sizeof(mgmt->u.action.u.chan_switch)))
1827 return RX_DROP_MONITOR;
1828
1829 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN))
1830 return RX_DROP_MONITOR;
1831
1832 bss = ieee80211_rx_bss_get(local, sdata->u.mgd.bssid,
1833 local->hw.conf.channel->center_freq,
1834 sdata->u.mgd.ssid,
1835 sdata->u.mgd.ssid_len);
1836 if (!bss)
1837 return RX_DROP_MONITOR;
1838
1839 ieee80211_process_chanswitch(sdata,
1840 &mgmt->u.action.u.chan_switch.sw_elem, bss);
1841 ieee80211_rx_bss_put(local, bss);
1842 break;
1843 }
1844 break;
1845 case WLAN_CATEGORY_SA_QUERY:
1846 if (len < (IEEE80211_MIN_ACTION_SIZE +
1847 sizeof(mgmt->u.action.u.sa_query)))
1848 return RX_DROP_MONITOR;
1849 switch (mgmt->u.action.u.sa_query.action) {
1850 case WLAN_ACTION_SA_QUERY_REQUEST:
1851 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1852 return RX_DROP_MONITOR;
1853 ieee80211_process_sa_query_req(sdata, mgmt, len);
1854 break;
1855 case WLAN_ACTION_SA_QUERY_RESPONSE:
1856 /*
1857 * SA Query response is currently only used in AP mode
1858 * and it is processed in user space.
1859 */
1860 return RX_CONTINUE;
1604 } 1861 }
1605 break; 1862 break;
1606 default: 1863 default:
@@ -1616,22 +1873,24 @@ static ieee80211_rx_result debug_noinline
1616ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx) 1873ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
1617{ 1874{
1618 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1875 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1876 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1619 1877
1620 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 1878 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
1621 return RX_DROP_MONITOR; 1879 return RX_DROP_MONITOR;
1622 1880
1881 if (ieee80211_drop_unencrypted(rx, mgmt->frame_control))
1882 return RX_DROP_MONITOR;
1883
1623 if (ieee80211_vif_is_mesh(&sdata->vif)) 1884 if (ieee80211_vif_is_mesh(&sdata->vif))
1624 return ieee80211_mesh_rx_mgmt(sdata, rx->skb, rx->status); 1885 return ieee80211_mesh_rx_mgmt(sdata, rx->skb, rx->status);
1625 1886
1626 if (sdata->vif.type != NL80211_IFTYPE_STATION && 1887 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
1627 sdata->vif.type != NL80211_IFTYPE_ADHOC) 1888 return ieee80211_ibss_rx_mgmt(sdata, rx->skb, rx->status);
1628 return RX_DROP_MONITOR;
1629 1889
1630 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) 1890 if (sdata->vif.type == NL80211_IFTYPE_STATION)
1631 return RX_DROP_MONITOR; 1891 return ieee80211_sta_rx_mgmt(sdata, rx->skb, rx->status);
1632 1892
1633 ieee80211_sta_rx_mgmt(sdata, rx->skb, rx->status); 1893 return RX_DROP_MONITOR;
1634 return RX_QUEUED;
1635} 1894}
1636 1895
1637static void ieee80211_rx_michael_mic_report(struct net_device *dev, 1896static void ieee80211_rx_michael_mic_report(struct net_device *dev,
@@ -1780,6 +2039,7 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
1780 CALL_RXH(ieee80211_rx_h_passive_scan) 2039 CALL_RXH(ieee80211_rx_h_passive_scan)
1781 CALL_RXH(ieee80211_rx_h_check) 2040 CALL_RXH(ieee80211_rx_h_check)
1782 CALL_RXH(ieee80211_rx_h_decrypt) 2041 CALL_RXH(ieee80211_rx_h_decrypt)
2042 CALL_RXH(ieee80211_rx_h_check_more_data)
1783 CALL_RXH(ieee80211_rx_h_sta_process) 2043 CALL_RXH(ieee80211_rx_h_sta_process)
1784 CALL_RXH(ieee80211_rx_h_defragment) 2044 CALL_RXH(ieee80211_rx_h_defragment)
1785 CALL_RXH(ieee80211_rx_h_ps_poll) 2045 CALL_RXH(ieee80211_rx_h_ps_poll)
@@ -1823,16 +2083,17 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_sub_if_data *sdata,
1823/* main receive path */ 2083/* main receive path */
1824 2084
1825static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata, 2085static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1826 u8 *bssid, struct ieee80211_rx_data *rx, 2086 struct ieee80211_rx_data *rx,
1827 struct ieee80211_hdr *hdr) 2087 struct ieee80211_hdr *hdr)
1828{ 2088{
2089 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len, sdata->vif.type);
1829 int multicast = is_multicast_ether_addr(hdr->addr1); 2090 int multicast = is_multicast_ether_addr(hdr->addr1);
1830 2091
1831 switch (sdata->vif.type) { 2092 switch (sdata->vif.type) {
1832 case NL80211_IFTYPE_STATION: 2093 case NL80211_IFTYPE_STATION:
1833 if (!bssid) 2094 if (!bssid)
1834 return 0; 2095 return 0;
1835 if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 2096 if (!ieee80211_bssid_match(bssid, sdata->u.mgd.bssid)) {
1836 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2097 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1837 return 0; 2098 return 0;
1838 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2099 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -1850,7 +2111,7 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
1850 if (ieee80211_is_beacon(hdr->frame_control)) { 2111 if (ieee80211_is_beacon(hdr->frame_control)) {
1851 return 1; 2112 return 1;
1852 } 2113 }
1853 else if (!ieee80211_bssid_match(bssid, sdata->u.sta.bssid)) { 2114 else if (!ieee80211_bssid_match(bssid, sdata->u.ibss.bssid)) {
1854 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2115 if (!(rx->flags & IEEE80211_RX_IN_SCAN))
1855 return 0; 2116 return 0;
1856 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2117 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -1928,7 +2189,6 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1928 int prepares; 2189 int prepares;
1929 struct ieee80211_sub_if_data *prev = NULL; 2190 struct ieee80211_sub_if_data *prev = NULL;
1930 struct sk_buff *skb_new; 2191 struct sk_buff *skb_new;
1931 u8 *bssid;
1932 2192
1933 hdr = (struct ieee80211_hdr *)skb->data; 2193 hdr = (struct ieee80211_hdr *)skb->data;
1934 memset(&rx, 0, sizeof(rx)); 2194 memset(&rx, 0, sizeof(rx));
@@ -1956,7 +2216,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1956 rx.flags |= IEEE80211_RX_IN_SCAN; 2216 rx.flags |= IEEE80211_RX_IN_SCAN;
1957 2217
1958 ieee80211_parse_qos(&rx); 2218 ieee80211_parse_qos(&rx);
1959 ieee80211_verify_ip_alignment(&rx); 2219 ieee80211_verify_alignment(&rx);
1960 2220
1961 skb = rx.skb; 2221 skb = rx.skb;
1962 2222
@@ -1967,9 +2227,8 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
1967 if (sdata->vif.type == NL80211_IFTYPE_MONITOR) 2227 if (sdata->vif.type == NL80211_IFTYPE_MONITOR)
1968 continue; 2228 continue;
1969 2229
1970 bssid = ieee80211_get_bssid(hdr, skb->len, sdata->vif.type);
1971 rx.flags |= IEEE80211_RX_RA_MATCH; 2230 rx.flags |= IEEE80211_RX_RA_MATCH;
1972 prepares = prepare_for_handlers(sdata, bssid, &rx, hdr); 2231 prepares = prepare_for_handlers(sdata, &rx, hdr);
1973 2232
1974 if (!prepares) 2233 if (!prepares)
1975 continue; 2234 continue;
@@ -2174,11 +2433,9 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2174 /* new un-ordered ampdu frame - process it */ 2433 /* new un-ordered ampdu frame - process it */
2175 2434
2176 /* reset session timer */ 2435 /* reset session timer */
2177 if (tid_agg_rx->timeout) { 2436 if (tid_agg_rx->timeout)
2178 unsigned long expires = 2437 mod_timer(&tid_agg_rx->session_timer,
2179 jiffies + (tid_agg_rx->timeout / 1000) * HZ; 2438 TU_TO_EXP_TIME(tid_agg_rx->timeout));
2180 mod_timer(&tid_agg_rx->session_timer, expires);
2181 }
2182 2439
2183 /* if this mpdu is fragmented - terminate rx aggregation session */ 2440 /* if this mpdu is fragmented - terminate rx aggregation session */
2184 sc = le16_to_cpu(hdr->seq_ctrl); 2441 sc = le16_to_cpu(hdr->seq_ctrl);
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index f5c7c3371929..3bf9839f5916 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -12,14 +12,11 @@
12 * published by the Free Software Foundation. 12 * published by the Free Software Foundation.
13 */ 13 */
14 14
15/* TODO: 15/* TODO: figure out how to avoid that the "current BSS" expires */
16 * order BSS list by RSSI(?) ("quality of AP")
17 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
18 * SSID)
19 */
20 16
21#include <linux/wireless.h> 17#include <linux/wireless.h>
22#include <linux/if_arp.h> 18#include <linux/if_arp.h>
19#include <linux/rtnetlink.h>
23#include <net/mac80211.h> 20#include <net/mac80211.h>
24#include <net/iw_handler.h> 21#include <net/iw_handler.h>
25 22
@@ -30,192 +27,29 @@
30#define IEEE80211_CHANNEL_TIME (HZ / 33) 27#define IEEE80211_CHANNEL_TIME (HZ / 33)
31#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5) 28#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
32 29
33void ieee80211_rx_bss_list_init(struct ieee80211_local *local)
34{
35 spin_lock_init(&local->bss_lock);
36 INIT_LIST_HEAD(&local->bss_list);
37}
38
39void ieee80211_rx_bss_list_deinit(struct ieee80211_local *local)
40{
41 struct ieee80211_bss *bss, *tmp;
42
43 list_for_each_entry_safe(bss, tmp, &local->bss_list, list)
44 ieee80211_rx_bss_put(local, bss);
45}
46
47struct ieee80211_bss * 30struct ieee80211_bss *
48ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq, 31ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
49 u8 *ssid, u8 ssid_len) 32 u8 *ssid, u8 ssid_len)
50{ 33{
51 struct ieee80211_bss *bss; 34 return (void *)cfg80211_get_bss(local->hw.wiphy,
52 35 ieee80211_get_channel(local->hw.wiphy,
53 spin_lock_bh(&local->bss_lock); 36 freq),
54 bss = local->bss_hash[STA_HASH(bssid)]; 37 bssid, ssid, ssid_len,
55 while (bss) { 38 0, 0);
56 if (!bss_mesh_cfg(bss) &&
57 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
58 bss->freq == freq &&
59 bss->ssid_len == ssid_len &&
60 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
61 atomic_inc(&bss->users);
62 break;
63 }
64 bss = bss->hnext;
65 }
66 spin_unlock_bh(&local->bss_lock);
67 return bss;
68}
69
70/* Caller must hold local->bss_lock */
71static void __ieee80211_rx_bss_hash_add(struct ieee80211_local *local,
72 struct ieee80211_bss *bss)
73{
74 u8 hash_idx;
75
76 if (bss_mesh_cfg(bss))
77 hash_idx = mesh_id_hash(bss_mesh_id(bss),
78 bss_mesh_id_len(bss));
79 else
80 hash_idx = STA_HASH(bss->bssid);
81
82 bss->hnext = local->bss_hash[hash_idx];
83 local->bss_hash[hash_idx] = bss;
84}
85
86/* Caller must hold local->bss_lock */
87static void __ieee80211_rx_bss_hash_del(struct ieee80211_local *local,
88 struct ieee80211_bss *bss)
89{
90 struct ieee80211_bss *b, *prev = NULL;
91 b = local->bss_hash[STA_HASH(bss->bssid)];
92 while (b) {
93 if (b == bss) {
94 if (!prev)
95 local->bss_hash[STA_HASH(bss->bssid)] =
96 bss->hnext;
97 else
98 prev->hnext = bss->hnext;
99 break;
100 }
101 prev = b;
102 b = b->hnext;
103 }
104}
105
106struct ieee80211_bss *
107ieee80211_rx_bss_add(struct ieee80211_local *local, u8 *bssid, int freq,
108 u8 *ssid, u8 ssid_len)
109{
110 struct ieee80211_bss *bss;
111
112 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
113 if (!bss)
114 return NULL;
115 atomic_set(&bss->users, 2);
116 memcpy(bss->bssid, bssid, ETH_ALEN);
117 bss->freq = freq;
118 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
119 memcpy(bss->ssid, ssid, ssid_len);
120 bss->ssid_len = ssid_len;
121 }
122
123 spin_lock_bh(&local->bss_lock);
124 /* TODO: order by RSSI? */
125 list_add_tail(&bss->list, &local->bss_list);
126 __ieee80211_rx_bss_hash_add(local, bss);
127 spin_unlock_bh(&local->bss_lock);
128 return bss;
129}
130
131#ifdef CONFIG_MAC80211_MESH
132static struct ieee80211_bss *
133ieee80211_rx_mesh_bss_get(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
134 u8 *mesh_cfg, int freq)
135{
136 struct ieee80211_bss *bss;
137
138 spin_lock_bh(&local->bss_lock);
139 bss = local->bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
140 while (bss) {
141 if (bss_mesh_cfg(bss) &&
142 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
143 bss->freq == freq &&
144 mesh_id_len == bss->mesh_id_len &&
145 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
146 mesh_id_len))) {
147 atomic_inc(&bss->users);
148 break;
149 }
150 bss = bss->hnext;
151 }
152 spin_unlock_bh(&local->bss_lock);
153 return bss;
154} 39}
155 40
156static struct ieee80211_bss * 41static void ieee80211_rx_bss_free(struct cfg80211_bss *cbss)
157ieee80211_rx_mesh_bss_add(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
158 u8 *mesh_cfg, int mesh_config_len, int freq)
159{ 42{
160 struct ieee80211_bss *bss; 43 struct ieee80211_bss *bss = (void *)cbss;
161
162 if (mesh_config_len != IEEE80211_MESH_CONFIG_LEN)
163 return NULL;
164
165 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
166 if (!bss)
167 return NULL;
168
169 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
170 if (!bss->mesh_cfg) {
171 kfree(bss);
172 return NULL;
173 }
174
175 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
176 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
177 if (!bss->mesh_id) {
178 kfree(bss->mesh_cfg);
179 kfree(bss);
180 return NULL;
181 }
182 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
183 }
184
185 atomic_set(&bss->users, 2);
186 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
187 bss->mesh_id_len = mesh_id_len;
188 bss->freq = freq;
189 spin_lock_bh(&local->bss_lock);
190 /* TODO: order by RSSI? */
191 list_add_tail(&bss->list, &local->bss_list);
192 __ieee80211_rx_bss_hash_add(local, bss);
193 spin_unlock_bh(&local->bss_lock);
194 return bss;
195}
196#endif
197 44
198static void ieee80211_rx_bss_free(struct ieee80211_bss *bss)
199{
200 kfree(bss->ies);
201 kfree(bss_mesh_id(bss)); 45 kfree(bss_mesh_id(bss));
202 kfree(bss_mesh_cfg(bss)); 46 kfree(bss_mesh_cfg(bss));
203 kfree(bss);
204} 47}
205 48
206void ieee80211_rx_bss_put(struct ieee80211_local *local, 49void ieee80211_rx_bss_put(struct ieee80211_local *local,
207 struct ieee80211_bss *bss) 50 struct ieee80211_bss *bss)
208{ 51{
209 local_bh_disable(); 52 cfg80211_put_bss((struct cfg80211_bss *)bss);
210 if (!atomic_dec_and_lock(&bss->users, &local->bss_lock)) {
211 local_bh_enable();
212 return;
213 }
214
215 __ieee80211_rx_bss_hash_del(local, bss);
216 list_del(&bss->list);
217 spin_unlock_bh(&local->bss_lock);
218 ieee80211_rx_bss_free(bss);
219} 53}
220 54
221struct ieee80211_bss * 55struct ieee80211_bss *
@@ -224,39 +58,25 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
224 struct ieee80211_mgmt *mgmt, 58 struct ieee80211_mgmt *mgmt,
225 size_t len, 59 size_t len,
226 struct ieee802_11_elems *elems, 60 struct ieee802_11_elems *elems,
227 int freq, bool beacon) 61 struct ieee80211_channel *channel,
62 bool beacon)
228{ 63{
229 struct ieee80211_bss *bss; 64 struct ieee80211_bss *bss;
230 int clen; 65 int clen;
66 s32 signal = 0;
231 67
232#ifdef CONFIG_MAC80211_MESH 68 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
233 if (elems->mesh_config) 69 signal = rx_status->signal * 100;
234 bss = ieee80211_rx_mesh_bss_get(local, elems->mesh_id, 70 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
235 elems->mesh_id_len, elems->mesh_config, freq); 71 signal = (rx_status->signal * 100) / local->hw.max_signal;
236 else 72
237#endif 73 bss = (void *)cfg80211_inform_bss_frame(local->hw.wiphy, channel,
238 bss = ieee80211_rx_bss_get(local, mgmt->bssid, freq, 74 mgmt, len, signal, GFP_ATOMIC);
239 elems->ssid, elems->ssid_len); 75
240 if (!bss) { 76 if (!bss)
241#ifdef CONFIG_MAC80211_MESH 77 return NULL;
242 if (elems->mesh_config) 78
243 bss = ieee80211_rx_mesh_bss_add(local, elems->mesh_id, 79 bss->cbss.free_priv = ieee80211_rx_bss_free;
244 elems->mesh_id_len, elems->mesh_config,
245 elems->mesh_config_len, freq);
246 else
247#endif
248 bss = ieee80211_rx_bss_add(local, mgmt->bssid, freq,
249 elems->ssid, elems->ssid_len);
250 if (!bss)
251 return NULL;
252 } else {
253#if 0
254 /* TODO: order by RSSI? */
255 spin_lock_bh(&local->bss_lock);
256 list_move_tail(&bss->list, &local->bss_list);
257 spin_unlock_bh(&local->bss_lock);
258#endif
259 }
260 80
261 /* save the ERP value so that it is available at association time */ 81 /* save the ERP value so that it is available at association time */
262 if (elems->erp_info && elems->erp_info_len >= 1) { 82 if (elems->erp_info && elems->erp_info_len >= 1) {
@@ -264,9 +84,6 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
264 bss->has_erp_value = 1; 84 bss->has_erp_value = 1;
265 } 85 }
266 86
267 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
268 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
269
270 if (elems->tim) { 87 if (elems->tim) {
271 struct ieee80211_tim_ie *tim_ie = 88 struct ieee80211_tim_ie *tim_ie =
272 (struct ieee80211_tim_ie *)elems->tim; 89 (struct ieee80211_tim_ie *)elems->tim;
@@ -295,37 +112,27 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
295 bss->supp_rates_len += clen; 112 bss->supp_rates_len += clen;
296 } 113 }
297 114
298 bss->band = rx_status->band;
299
300 bss->timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
301 bss->last_update = jiffies;
302 bss->signal = rx_status->signal;
303 bss->noise = rx_status->noise;
304 bss->qual = rx_status->qual;
305 bss->wmm_used = elems->wmm_param || elems->wmm_info; 115 bss->wmm_used = elems->wmm_param || elems->wmm_info;
306 116
307 if (!beacon) 117 if (!beacon)
308 bss->last_probe_resp = jiffies; 118 bss->last_probe_resp = jiffies;
309 119
310 /*
311 * For probe responses, or if we don't have any information yet,
312 * use the IEs from the beacon.
313 */
314 if (!bss->ies || !beacon) {
315 if (bss->ies == NULL || bss->ies_len < elems->total_len) {
316 kfree(bss->ies);
317 bss->ies = kmalloc(elems->total_len, GFP_ATOMIC);
318 }
319 if (bss->ies) {
320 memcpy(bss->ies, elems->ie_start, elems->total_len);
321 bss->ies_len = elems->total_len;
322 } else
323 bss->ies_len = 0;
324 }
325
326 return bss; 120 return bss;
327} 121}
328 122
123void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
124 int freq, u8 *ssid, u8 ssid_len)
125{
126 struct ieee80211_bss *bss;
127 struct ieee80211_local *local = sdata->local;
128
129 bss = ieee80211_rx_bss_get(local, bssid, freq, ssid, ssid_len);
130 if (bss) {
131 cfg80211_unlink_bss(local->hw.wiphy, (void *)bss);
132 ieee80211_rx_bss_put(local, bss);
133 }
134}
135
329ieee80211_rx_result 136ieee80211_rx_result
330ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 137ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
331 struct ieee80211_rx_status *rx_status) 138 struct ieee80211_rx_status *rx_status)
@@ -387,7 +194,7 @@ ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
387 194
388 bss = ieee80211_bss_info_update(sdata->local, rx_status, 195 bss = ieee80211_bss_info_update(sdata->local, rx_status,
389 mgmt, skb->len, &elems, 196 mgmt, skb->len, &elems,
390 freq, beacon); 197 channel, beacon);
391 if (bss) 198 if (bss)
392 ieee80211_rx_bss_put(sdata->local, bss); 199 ieee80211_rx_bss_put(sdata->local, bss);
393 200
@@ -395,56 +202,94 @@ ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
395 return RX_QUEUED; 202 return RX_QUEUED;
396} 203}
397 204
398static void ieee80211_send_nullfunc(struct ieee80211_local *local, 205void ieee80211_scan_failed(struct ieee80211_local *local)
399 struct ieee80211_sub_if_data *sdata,
400 int powersave)
401{ 206{
402 struct sk_buff *skb; 207 if (WARN_ON(!local->scan_req))
403 struct ieee80211_hdr *nullfunc;
404 __le16 fc;
405
406 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
407 if (!skb) {
408 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
409 "frame\n", sdata->dev->name);
410 return; 208 return;
209
210 /* notify cfg80211 about the failed scan */
211 if (local->scan_req != &local->int_scan_req)
212 cfg80211_scan_done(local->scan_req, true);
213
214 local->scan_req = NULL;
215}
216
217/*
218 * inform AP that we will go to sleep so that it will buffer the frames
219 * while we scan
220 */
221static void ieee80211_scan_ps_enable(struct ieee80211_sub_if_data *sdata)
222{
223 struct ieee80211_local *local = sdata->local;
224 bool ps = false;
225
226 /* FIXME: what to do when local->pspolling is true? */
227
228 del_timer_sync(&local->dynamic_ps_timer);
229 cancel_work_sync(&local->dynamic_ps_enable_work);
230
231 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
232 ps = true;
233 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
234 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
235 }
236
237 if (!ps || !(local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK))
238 /*
239 * If power save was enabled, no need to send a nullfunc
240 * frame because AP knows that we are sleeping. But if the
241 * hardware is creating the nullfunc frame for power save
242 * status (ie. IEEE80211_HW_PS_NULLFUNC_STACK is not
243 * enabled) and power save was enabled, the firmware just
244 * sent a null frame with power save disabled. So we need
245 * to send a new nullfunc frame to inform the AP that we
246 * are again sleeping.
247 */
248 ieee80211_send_nullfunc(local, sdata, 1);
249}
250
251/* inform AP that we are awake again, unless power save is enabled */
252static void ieee80211_scan_ps_disable(struct ieee80211_sub_if_data *sdata)
253{
254 struct ieee80211_local *local = sdata->local;
255
256 if (!local->powersave)
257 ieee80211_send_nullfunc(local, sdata, 0);
258 else {
259 /*
260 * In !IEEE80211_HW_PS_NULLFUNC_STACK case the hardware
261 * will send a nullfunc frame with the powersave bit set
262 * even though the AP already knows that we are sleeping.
263 * This could be avoided by sending a null frame with power
264 * save bit disabled before enabling the power save, but
265 * this doesn't gain anything.
266 *
267 * When IEEE80211_HW_PS_NULLFUNC_STACK is enabled, no need
268 * to send a nullfunc frame because AP already knows that
269 * we are sleeping, let's just enable power save mode in
270 * hardware.
271 */
272 local->hw.conf.flags |= IEEE80211_CONF_PS;
273 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
411 } 274 }
412 skb_reserve(skb, local->hw.extra_tx_headroom);
413
414 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
415 memset(nullfunc, 0, 24);
416 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
417 IEEE80211_FCTL_TODS);
418 if (powersave)
419 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
420 nullfunc->frame_control = fc;
421 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
422 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
423 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
424
425 ieee80211_tx_skb(sdata, skb, 0);
426} 275}
427 276
428void ieee80211_scan_completed(struct ieee80211_hw *hw) 277void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
429{ 278{
430 struct ieee80211_local *local = hw_to_local(hw); 279 struct ieee80211_local *local = hw_to_local(hw);
431 struct ieee80211_sub_if_data *sdata; 280 struct ieee80211_sub_if_data *sdata;
432 union iwreq_data wrqu;
433 281
434 if (WARN_ON(!local->hw_scanning && !local->sw_scanning)) 282 if (WARN_ON(!local->hw_scanning && !local->sw_scanning))
435 return; 283 return;
436 284
437 local->last_scan_completed = jiffies; 285 if (WARN_ON(!local->scan_req))
438 memset(&wrqu, 0, sizeof(wrqu)); 286 return;
439 287
440 /* 288 if (local->scan_req != &local->int_scan_req)
441 * local->scan_sdata could have been NULLed by the interface 289 cfg80211_scan_done(local->scan_req, aborted);
442 * down code in case we were scanning on an interface that is 290 local->scan_req = NULL;
443 * being taken down. 291
444 */ 292 local->last_scan_completed = jiffies;
445 sdata = local->scan_sdata;
446 if (sdata)
447 wireless_send_event(sdata->dev, SIOCGIWSCAN, &wrqu, NULL);
448 293
449 if (local->hw_scanning) { 294 if (local->hw_scanning) {
450 local->hw_scanning = false; 295 local->hw_scanning = false;
@@ -472,34 +317,46 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw)
472 netif_addr_unlock(local->mdev); 317 netif_addr_unlock(local->mdev);
473 netif_tx_unlock_bh(local->mdev); 318 netif_tx_unlock_bh(local->mdev);
474 319
475 rcu_read_lock(); 320 if (local->ops->sw_scan_complete)
476 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 321 local->ops->sw_scan_complete(local_to_hw(local));
322
323 mutex_lock(&local->iflist_mtx);
324 list_for_each_entry(sdata, &local->interfaces, list) {
325 if (!netif_running(sdata->dev))
326 continue;
327
477 /* Tell AP we're back */ 328 /* Tell AP we're back */
478 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 329 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
479 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) { 330 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) {
480 ieee80211_send_nullfunc(local, sdata, 0); 331 ieee80211_scan_ps_disable(sdata);
481 netif_tx_wake_all_queues(sdata->dev); 332 netif_tx_wake_all_queues(sdata->dev);
482 } 333 }
483 } else 334 } else
484 netif_tx_wake_all_queues(sdata->dev); 335 netif_tx_wake_all_queues(sdata->dev);
336
337 /* re-enable beaconing */
338 if (sdata->vif.type == NL80211_IFTYPE_AP ||
339 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
340 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
341 ieee80211_if_config(sdata,
342 IEEE80211_IFCC_BEACON_ENABLED);
485 } 343 }
486 rcu_read_unlock(); 344 mutex_unlock(&local->iflist_mtx);
487 345
488 done: 346 done:
489 ieee80211_mlme_notify_scan_completed(local); 347 ieee80211_mlme_notify_scan_completed(local);
348 ieee80211_ibss_notify_scan_completed(local);
490 ieee80211_mesh_notify_scan_completed(local); 349 ieee80211_mesh_notify_scan_completed(local);
491} 350}
492EXPORT_SYMBOL(ieee80211_scan_completed); 351EXPORT_SYMBOL(ieee80211_scan_completed);
493 352
494
495void ieee80211_scan_work(struct work_struct *work) 353void ieee80211_scan_work(struct work_struct *work)
496{ 354{
497 struct ieee80211_local *local = 355 struct ieee80211_local *local =
498 container_of(work, struct ieee80211_local, scan_work.work); 356 container_of(work, struct ieee80211_local, scan_work.work);
499 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 357 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
500 struct ieee80211_supported_band *sband;
501 struct ieee80211_channel *chan; 358 struct ieee80211_channel *chan;
502 int skip; 359 int skip, i;
503 unsigned long next_delay = 0; 360 unsigned long next_delay = 0;
504 361
505 /* 362 /*
@@ -510,33 +367,13 @@ void ieee80211_scan_work(struct work_struct *work)
510 367
511 switch (local->scan_state) { 368 switch (local->scan_state) {
512 case SCAN_SET_CHANNEL: 369 case SCAN_SET_CHANNEL:
513 /*
514 * Get current scan band. scan_band may be IEEE80211_NUM_BANDS
515 * after we successfully scanned the last channel of the last
516 * band (and the last band is supported by the hw)
517 */
518 if (local->scan_band < IEEE80211_NUM_BANDS)
519 sband = local->hw.wiphy->bands[local->scan_band];
520 else
521 sband = NULL;
522
523 /*
524 * If we are at an unsupported band and have more bands
525 * left to scan, advance to the next supported one.
526 */
527 while (!sband && local->scan_band < IEEE80211_NUM_BANDS - 1) {
528 local->scan_band++;
529 sband = local->hw.wiphy->bands[local->scan_band];
530 local->scan_channel_idx = 0;
531 }
532
533 /* if no more bands/channels left, complete scan */ 370 /* if no more bands/channels left, complete scan */
534 if (!sband || local->scan_channel_idx >= sband->n_channels) { 371 if (local->scan_channel_idx >= local->scan_req->n_channels) {
535 ieee80211_scan_completed(local_to_hw(local)); 372 ieee80211_scan_completed(local_to_hw(local), false);
536 return; 373 return;
537 } 374 }
538 skip = 0; 375 skip = 0;
539 chan = &sband->channels[local->scan_channel_idx]; 376 chan = local->scan_req->channels[local->scan_channel_idx];
540 377
541 if (chan->flags & IEEE80211_CHAN_DISABLED || 378 if (chan->flags & IEEE80211_CHAN_DISABLED ||
542 (sdata->vif.type == NL80211_IFTYPE_ADHOC && 379 (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
@@ -552,15 +389,6 @@ void ieee80211_scan_work(struct work_struct *work)
552 389
553 /* advance state machine to next channel/band */ 390 /* advance state machine to next channel/band */
554 local->scan_channel_idx++; 391 local->scan_channel_idx++;
555 if (local->scan_channel_idx >= sband->n_channels) {
556 /*
557 * scan_band may end up == IEEE80211_NUM_BANDS, but
558 * we'll catch that case above and complete the scan
559 * if that is the case.
560 */
561 local->scan_band++;
562 local->scan_channel_idx = 0;
563 }
564 392
565 if (skip) 393 if (skip)
566 break; 394 break;
@@ -573,10 +401,15 @@ void ieee80211_scan_work(struct work_struct *work)
573 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME; 401 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
574 local->scan_state = SCAN_SET_CHANNEL; 402 local->scan_state = SCAN_SET_CHANNEL;
575 403
576 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN) 404 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
405 !local->scan_req->n_ssids)
577 break; 406 break;
578 ieee80211_send_probe_req(sdata, NULL, local->scan_ssid, 407 for (i = 0; i < local->scan_req->n_ssids; i++)
579 local->scan_ssid_len); 408 ieee80211_send_probe_req(
409 sdata, NULL,
410 local->scan_req->ssids[i].ssid,
411 local->scan_req->ssids[i].ssid_len,
412 local->scan_req->ie, local->scan_req->ie_len);
580 next_delay = IEEE80211_CHANNEL_TIME; 413 next_delay = IEEE80211_CHANNEL_TIME;
581 break; 414 break;
582 } 415 }
@@ -587,14 +420,19 @@ void ieee80211_scan_work(struct work_struct *work)
587 420
588 421
589int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata, 422int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
590 u8 *ssid, size_t ssid_len) 423 struct cfg80211_scan_request *req)
591{ 424{
592 struct ieee80211_local *local = scan_sdata->local; 425 struct ieee80211_local *local = scan_sdata->local;
593 struct ieee80211_sub_if_data *sdata; 426 struct ieee80211_sub_if_data *sdata;
594 427
595 if (ssid_len > IEEE80211_MAX_SSID_LEN) 428 if (!req)
596 return -EINVAL; 429 return -EINVAL;
597 430
431 if (local->scan_req && local->scan_req != req)
432 return -EBUSY;
433
434 local->scan_req = req;
435
598 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1) 436 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
599 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS 437 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
600 * BSSID: MACAddress 438 * BSSID: MACAddress
@@ -622,7 +460,7 @@ int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
622 int rc; 460 int rc;
623 461
624 local->hw_scanning = true; 462 local->hw_scanning = true;
625 rc = local->ops->hw_scan(local_to_hw(local), ssid, ssid_len); 463 rc = local->ops->hw_scan(local_to_hw(local), req);
626 if (rc) { 464 if (rc) {
627 local->hw_scanning = false; 465 local->hw_scanning = false;
628 return rc; 466 return rc;
@@ -631,29 +469,49 @@ int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
631 return 0; 469 return 0;
632 } 470 }
633 471
472 /*
473 * Hardware/driver doesn't support hw_scan, so use software
474 * scanning instead. First send a nullfunc frame with power save
475 * bit on so that AP will buffer the frames for us while we are not
476 * listening, then send probe requests to each channel and wait for
477 * the responses. After all channels are scanned, tune back to the
478 * original channel and send a nullfunc frame with power save bit
479 * off to trigger the AP to send us all the buffered frames.
480 *
481 * Note that while local->sw_scanning is true everything else but
482 * nullfunc frames and probe requests will be dropped in
483 * ieee80211_tx_h_check_assoc().
484 */
634 local->sw_scanning = true; 485 local->sw_scanning = true;
486 if (local->ops->sw_scan_start)
487 local->ops->sw_scan_start(local_to_hw(local));
488
489 mutex_lock(&local->iflist_mtx);
490 list_for_each_entry(sdata, &local->interfaces, list) {
491 if (!netif_running(sdata->dev))
492 continue;
493
494 /* disable beaconing */
495 if (sdata->vif.type == NL80211_IFTYPE_AP ||
496 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
497 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
498 ieee80211_if_config(sdata,
499 IEEE80211_IFCC_BEACON_ENABLED);
635 500
636 rcu_read_lock();
637 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
638 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 501 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
639 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) { 502 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) {
640 netif_tx_stop_all_queues(sdata->dev); 503 netif_tx_stop_all_queues(sdata->dev);
641 ieee80211_send_nullfunc(local, sdata, 1); 504 ieee80211_scan_ps_enable(sdata);
642 } 505 }
643 } else 506 } else
644 netif_tx_stop_all_queues(sdata->dev); 507 netif_tx_stop_all_queues(sdata->dev);
645 } 508 }
646 rcu_read_unlock(); 509 mutex_unlock(&local->iflist_mtx);
647 510
648 if (ssid) {
649 local->scan_ssid_len = ssid_len;
650 memcpy(local->scan_ssid, ssid, ssid_len);
651 } else
652 local->scan_ssid_len = 0;
653 local->scan_state = SCAN_SET_CHANNEL; 511 local->scan_state = SCAN_SET_CHANNEL;
654 local->scan_channel_idx = 0; 512 local->scan_channel_idx = 0;
655 local->scan_band = IEEE80211_BAND_2GHZ;
656 local->scan_sdata = scan_sdata; 513 local->scan_sdata = scan_sdata;
514 local->scan_req = req;
657 515
658 netif_addr_lock_bh(local->mdev); 516 netif_addr_lock_bh(local->mdev);
659 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC; 517 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
@@ -673,13 +531,21 @@ int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
673 531
674 532
675int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 533int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
676 u8 *ssid, size_t ssid_len) 534 struct cfg80211_scan_request *req)
677{ 535{
678 struct ieee80211_local *local = sdata->local; 536 struct ieee80211_local *local = sdata->local;
679 struct ieee80211_if_sta *ifsta; 537 struct ieee80211_if_managed *ifmgd;
538
539 if (!req)
540 return -EINVAL;
541
542 if (local->scan_req && local->scan_req != req)
543 return -EBUSY;
544
545 local->scan_req = req;
680 546
681 if (sdata->vif.type != NL80211_IFTYPE_STATION) 547 if (sdata->vif.type != NL80211_IFTYPE_STATION)
682 return ieee80211_start_scan(sdata, ssid, ssid_len); 548 return ieee80211_start_scan(sdata, req);
683 549
684 /* 550 /*
685 * STA has a state machine that might need to defer scanning 551 * STA has a state machine that might need to defer scanning
@@ -693,242 +559,9 @@ int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
693 return -EBUSY; 559 return -EBUSY;
694 } 560 }
695 561
696 ifsta = &sdata->u.sta; 562 ifmgd = &sdata->u.mgd;
697 563 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request);
698 ifsta->scan_ssid_len = ssid_len; 564 queue_work(local->hw.workqueue, &ifmgd->work);
699 if (ssid_len)
700 memcpy(ifsta->scan_ssid, ssid, ssid_len);
701 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
702 queue_work(local->hw.workqueue, &ifsta->work);
703 565
704 return 0; 566 return 0;
705} 567}
706
707
708static void ieee80211_scan_add_ies(struct iw_request_info *info,
709 struct ieee80211_bss *bss,
710 char **current_ev, char *end_buf)
711{
712 u8 *pos, *end, *next;
713 struct iw_event iwe;
714
715 if (bss == NULL || bss->ies == NULL)
716 return;
717
718 /*
719 * If needed, fragment the IEs buffer (at IE boundaries) into short
720 * enough fragments to fit into IW_GENERIC_IE_MAX octet messages.
721 */
722 pos = bss->ies;
723 end = pos + bss->ies_len;
724
725 while (end - pos > IW_GENERIC_IE_MAX) {
726 next = pos + 2 + pos[1];
727 while (next + 2 + next[1] - pos < IW_GENERIC_IE_MAX)
728 next = next + 2 + next[1];
729
730 memset(&iwe, 0, sizeof(iwe));
731 iwe.cmd = IWEVGENIE;
732 iwe.u.data.length = next - pos;
733 *current_ev = iwe_stream_add_point(info, *current_ev,
734 end_buf, &iwe, pos);
735
736 pos = next;
737 }
738
739 if (end > pos) {
740 memset(&iwe, 0, sizeof(iwe));
741 iwe.cmd = IWEVGENIE;
742 iwe.u.data.length = end - pos;
743 *current_ev = iwe_stream_add_point(info, *current_ev,
744 end_buf, &iwe, pos);
745 }
746}
747
748
749static char *
750ieee80211_scan_result(struct ieee80211_local *local,
751 struct iw_request_info *info,
752 struct ieee80211_bss *bss,
753 char *current_ev, char *end_buf)
754{
755 struct iw_event iwe;
756 char *buf;
757
758 if (time_after(jiffies,
759 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
760 return current_ev;
761
762 memset(&iwe, 0, sizeof(iwe));
763 iwe.cmd = SIOCGIWAP;
764 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
765 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
766 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
767 IW_EV_ADDR_LEN);
768
769 memset(&iwe, 0, sizeof(iwe));
770 iwe.cmd = SIOCGIWESSID;
771 if (bss_mesh_cfg(bss)) {
772 iwe.u.data.length = bss_mesh_id_len(bss);
773 iwe.u.data.flags = 1;
774 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
775 &iwe, bss_mesh_id(bss));
776 } else {
777 iwe.u.data.length = bss->ssid_len;
778 iwe.u.data.flags = 1;
779 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
780 &iwe, bss->ssid);
781 }
782
783 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
784 || bss_mesh_cfg(bss)) {
785 memset(&iwe, 0, sizeof(iwe));
786 iwe.cmd = SIOCGIWMODE;
787 if (bss_mesh_cfg(bss))
788 iwe.u.mode = IW_MODE_MESH;
789 else if (bss->capability & WLAN_CAPABILITY_ESS)
790 iwe.u.mode = IW_MODE_MASTER;
791 else
792 iwe.u.mode = IW_MODE_ADHOC;
793 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
794 &iwe, IW_EV_UINT_LEN);
795 }
796
797 memset(&iwe, 0, sizeof(iwe));
798 iwe.cmd = SIOCGIWFREQ;
799 iwe.u.freq.m = ieee80211_frequency_to_channel(bss->freq);
800 iwe.u.freq.e = 0;
801 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
802 IW_EV_FREQ_LEN);
803
804 memset(&iwe, 0, sizeof(iwe));
805 iwe.cmd = SIOCGIWFREQ;
806 iwe.u.freq.m = bss->freq;
807 iwe.u.freq.e = 6;
808 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
809 IW_EV_FREQ_LEN);
810 memset(&iwe, 0, sizeof(iwe));
811 iwe.cmd = IWEVQUAL;
812 iwe.u.qual.qual = bss->qual;
813 iwe.u.qual.level = bss->signal;
814 iwe.u.qual.noise = bss->noise;
815 iwe.u.qual.updated = local->wstats_flags;
816 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
817 IW_EV_QUAL_LEN);
818
819 memset(&iwe, 0, sizeof(iwe));
820 iwe.cmd = SIOCGIWENCODE;
821 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
822 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
823 else
824 iwe.u.data.flags = IW_ENCODE_DISABLED;
825 iwe.u.data.length = 0;
826 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
827 &iwe, "");
828
829 ieee80211_scan_add_ies(info, bss, &current_ev, end_buf);
830
831 if (bss->supp_rates_len > 0) {
832 /* display all supported rates in readable format */
833 char *p = current_ev + iwe_stream_lcp_len(info);
834 int i;
835
836 memset(&iwe, 0, sizeof(iwe));
837 iwe.cmd = SIOCGIWRATE;
838 /* Those two flags are ignored... */
839 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
840
841 for (i = 0; i < bss->supp_rates_len; i++) {
842 iwe.u.bitrate.value = ((bss->supp_rates[i] &
843 0x7f) * 500000);
844 p = iwe_stream_add_value(info, current_ev, p,
845 end_buf, &iwe, IW_EV_PARAM_LEN);
846 }
847 current_ev = p;
848 }
849
850 buf = kmalloc(30, GFP_ATOMIC);
851 if (buf) {
852 memset(&iwe, 0, sizeof(iwe));
853 iwe.cmd = IWEVCUSTOM;
854 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
855 iwe.u.data.length = strlen(buf);
856 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
857 &iwe, buf);
858 memset(&iwe, 0, sizeof(iwe));
859 iwe.cmd = IWEVCUSTOM;
860 sprintf(buf, " Last beacon: %dms ago",
861 jiffies_to_msecs(jiffies - bss->last_update));
862 iwe.u.data.length = strlen(buf);
863 current_ev = iwe_stream_add_point(info, current_ev,
864 end_buf, &iwe, buf);
865 kfree(buf);
866 }
867
868 if (bss_mesh_cfg(bss)) {
869 u8 *cfg = bss_mesh_cfg(bss);
870 buf = kmalloc(50, GFP_ATOMIC);
871 if (buf) {
872 memset(&iwe, 0, sizeof(iwe));
873 iwe.cmd = IWEVCUSTOM;
874 sprintf(buf, "Mesh network (version %d)", cfg[0]);
875 iwe.u.data.length = strlen(buf);
876 current_ev = iwe_stream_add_point(info, current_ev,
877 end_buf,
878 &iwe, buf);
879 sprintf(buf, "Path Selection Protocol ID: "
880 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
881 cfg[4]);
882 iwe.u.data.length = strlen(buf);
883 current_ev = iwe_stream_add_point(info, current_ev,
884 end_buf,
885 &iwe, buf);
886 sprintf(buf, "Path Selection Metric ID: "
887 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
888 cfg[8]);
889 iwe.u.data.length = strlen(buf);
890 current_ev = iwe_stream_add_point(info, current_ev,
891 end_buf,
892 &iwe, buf);
893 sprintf(buf, "Congestion Control Mode ID: "
894 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
895 cfg[11], cfg[12]);
896 iwe.u.data.length = strlen(buf);
897 current_ev = iwe_stream_add_point(info, current_ev,
898 end_buf,
899 &iwe, buf);
900 sprintf(buf, "Channel Precedence: "
901 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
902 cfg[15], cfg[16]);
903 iwe.u.data.length = strlen(buf);
904 current_ev = iwe_stream_add_point(info, current_ev,
905 end_buf,
906 &iwe, buf);
907 kfree(buf);
908 }
909 }
910
911 return current_ev;
912}
913
914
915int ieee80211_scan_results(struct ieee80211_local *local,
916 struct iw_request_info *info,
917 char *buf, size_t len)
918{
919 char *current_ev = buf;
920 char *end_buf = buf + len;
921 struct ieee80211_bss *bss;
922
923 spin_lock_bh(&local->bss_lock);
924 list_for_each_entry(bss, &local->bss_list, list) {
925 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
926 spin_unlock_bh(&local->bss_lock);
927 return -E2BIG;
928 }
929 current_ev = ieee80211_scan_result(local, info, bss,
930 current_ev, end_buf);
931 }
932 spin_unlock_bh(&local->bss_lock);
933 return current_ev - buf;
934}
diff --git a/net/mac80211/spectmgmt.c b/net/mac80211/spectmgmt.c
index f72bad636d8e..5f7a2624ed74 100644
--- a/net/mac80211/spectmgmt.c
+++ b/net/mac80211/spectmgmt.c
@@ -65,7 +65,7 @@ static void ieee80211_send_refuse_measurement_request(struct ieee80211_sub_if_da
65 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED; 65 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED;
66 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type; 66 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type;
67 67
68 ieee80211_tx_skb(sdata, skb, 0); 68 ieee80211_tx_skb(sdata, skb, 1);
69} 69}
70 70
71void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata, 71void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
@@ -84,3 +84,104 @@ void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
84 mgmt->sa, mgmt->bssid, 84 mgmt->sa, mgmt->bssid,
85 mgmt->u.action.u.measurement.dialog_token); 85 mgmt->u.action.u.measurement.dialog_token);
86} 86}
87
88void ieee80211_chswitch_work(struct work_struct *work)
89{
90 struct ieee80211_sub_if_data *sdata =
91 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
92 struct ieee80211_bss *bss;
93 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
94
95 if (!netif_running(sdata->dev))
96 return;
97
98 bss = ieee80211_rx_bss_get(sdata->local, ifmgd->bssid,
99 sdata->local->hw.conf.channel->center_freq,
100 ifmgd->ssid, ifmgd->ssid_len);
101 if (!bss)
102 goto exit;
103
104 sdata->local->oper_channel = sdata->local->csa_channel;
105 /* XXX: shouldn't really modify cfg80211-owned data! */
106 if (!ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL))
107 bss->cbss.channel = sdata->local->oper_channel;
108
109 ieee80211_rx_bss_put(sdata->local, bss);
110exit:
111 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
112 ieee80211_wake_queues_by_reason(&sdata->local->hw,
113 IEEE80211_QUEUE_STOP_REASON_CSA);
114}
115
116void ieee80211_chswitch_timer(unsigned long data)
117{
118 struct ieee80211_sub_if_data *sdata =
119 (struct ieee80211_sub_if_data *) data;
120 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
121
122 queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
123}
124
125void ieee80211_process_chanswitch(struct ieee80211_sub_if_data *sdata,
126 struct ieee80211_channel_sw_ie *sw_elem,
127 struct ieee80211_bss *bss)
128{
129 struct ieee80211_channel *new_ch;
130 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
131 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);
132
133 /* FIXME: Handle ADHOC later */
134 if (sdata->vif.type != NL80211_IFTYPE_STATION)
135 return;
136
137 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATED)
138 return;
139
140 if (sdata->local->sw_scanning || sdata->local->hw_scanning)
141 return;
142
143 /* Disregard subsequent beacons if we are already running a timer
144 processing a CSA */
145
146 if (ifmgd->flags & IEEE80211_STA_CSA_RECEIVED)
147 return;
148
149 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq);
150 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED)
151 return;
152
153 sdata->local->csa_channel = new_ch;
154
155 if (sw_elem->count <= 1) {
156 queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work);
157 } else {
158 ieee80211_stop_queues_by_reason(&sdata->local->hw,
159 IEEE80211_QUEUE_STOP_REASON_CSA);
160 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
161 mod_timer(&ifmgd->chswitch_timer,
162 jiffies +
163 msecs_to_jiffies(sw_elem->count *
164 bss->cbss.beacon_interval));
165 }
166}
167
168void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
169 u16 capab_info, u8 *pwr_constr_elem,
170 u8 pwr_constr_elem_len)
171{
172 struct ieee80211_conf *conf = &sdata->local->hw.conf;
173
174 if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT))
175 return;
176
177 /* Power constraint IE length should be 1 octet */
178 if (pwr_constr_elem_len != 1)
179 return;
180
181 if ((*pwr_constr_elem <= conf->channel->max_power) &&
182 (*pwr_constr_elem != sdata->local->power_constr_level)) {
183 sdata->local->power_constr_level = *pwr_constr_elem;
184 ieee80211_hw_config(sdata->local, 0);
185 }
186}
187
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 10c5539c20ab..c5f14e6bbde2 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -194,12 +194,47 @@ void sta_info_destroy(struct sta_info *sta)
194 dev_kfree_skb_any(skb); 194 dev_kfree_skb_any(skb);
195 195
196 for (i = 0; i < STA_TID_NUM; i++) { 196 for (i = 0; i < STA_TID_NUM; i++) {
197 struct tid_ampdu_rx *tid_rx;
198 struct tid_ampdu_tx *tid_tx;
199
197 spin_lock_bh(&sta->lock); 200 spin_lock_bh(&sta->lock);
198 if (sta->ampdu_mlme.tid_rx[i]) 201 tid_rx = sta->ampdu_mlme.tid_rx[i];
199 del_timer_sync(&sta->ampdu_mlme.tid_rx[i]->session_timer); 202 /* Make sure timer won't free the tid_rx struct, see below */
200 if (sta->ampdu_mlme.tid_tx[i]) 203 if (tid_rx)
201 del_timer_sync(&sta->ampdu_mlme.tid_tx[i]->addba_resp_timer); 204 tid_rx->shutdown = true;
205
202 spin_unlock_bh(&sta->lock); 206 spin_unlock_bh(&sta->lock);
207
208 /*
209 * Outside spinlock - shutdown is true now so that the timer
210 * won't free tid_rx, we have to do that now. Can't let the
211 * timer do it because we have to sync the timer outside the
212 * lock that it takes itself.
213 */
214 if (tid_rx) {
215 del_timer_sync(&tid_rx->session_timer);
216 kfree(tid_rx);
217 }
218
219 /*
220 * No need to do such complications for TX agg sessions, the
221 * path leading to freeing the tid_tx struct goes via a call
222 * from the driver, and thus needs to look up the sta struct
223 * again, which cannot be found when we get here. Hence, we
224 * just need to delete the timer and free the aggregation
225 * info; we won't be telling the peer about it then but that
226 * doesn't matter if we're not talking to it again anyway.
227 */
228 tid_tx = sta->ampdu_mlme.tid_tx[i];
229 if (tid_tx) {
230 del_timer_sync(&tid_tx->addba_resp_timer);
231 /*
232 * STA removed while aggregation session being
233 * started? Bit odd, but purge frames anyway.
234 */
235 skb_queue_purge(&tid_tx->pending);
236 kfree(tid_tx);
237 }
203 } 238 }
204 239
205 __sta_info_free(local, sta); 240 __sta_info_free(local, sta);
@@ -246,8 +281,6 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
246 * enable session_timer's data differentiation. refer to 281 * enable session_timer's data differentiation. refer to
247 * sta_rx_agg_session_timer_expired for useage */ 282 * sta_rx_agg_session_timer_expired for useage */
248 sta->timer_to_tid[i] = i; 283 sta->timer_to_tid[i] = i;
249 /* tid to tx queue: initialize according to HW (0 is valid) */
250 sta->tid_to_tx_q[i] = ieee80211_num_queues(&local->hw);
251 /* rx */ 284 /* rx */
252 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE; 285 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE;
253 sta->ampdu_mlme.tid_rx[i] = NULL; 286 sta->ampdu_mlme.tid_rx[i] = NULL;
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index e49a5b99cf10..5534d489f506 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -34,6 +34,9 @@
34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the 34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
35 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next 35 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next
36 * frame to this station is transmitted. 36 * frame to this station is transmitted.
37 * @WLAN_STA_MFP: Management frame protection is used with this STA.
38 * @WLAN_STA_SUSPEND: Set/cleared during a suspend/resume cycle.
39 * Used to deny ADDBA requests (both TX and RX).
37 */ 40 */
38enum ieee80211_sta_info_flags { 41enum ieee80211_sta_info_flags {
39 WLAN_STA_AUTH = 1<<0, 42 WLAN_STA_AUTH = 1<<0,
@@ -46,6 +49,8 @@ enum ieee80211_sta_info_flags {
46 WLAN_STA_WDS = 1<<7, 49 WLAN_STA_WDS = 1<<7,
47 WLAN_STA_PSPOLL = 1<<8, 50 WLAN_STA_PSPOLL = 1<<8,
48 WLAN_STA_CLEAR_PS_FILT = 1<<9, 51 WLAN_STA_CLEAR_PS_FILT = 1<<9,
52 WLAN_STA_MFP = 1<<10,
53 WLAN_STA_SUSPEND = 1<<11
49}; 54};
50 55
51#define STA_TID_NUM 16 56#define STA_TID_NUM 16
@@ -63,17 +68,18 @@ enum ieee80211_sta_info_flags {
63#define HT_AGG_STATE_OPERATIONAL (HT_ADDBA_REQUESTED_MSK | \ 68#define HT_AGG_STATE_OPERATIONAL (HT_ADDBA_REQUESTED_MSK | \
64 HT_ADDBA_DRV_READY_MSK | \ 69 HT_ADDBA_DRV_READY_MSK | \
65 HT_ADDBA_RECEIVED_MSK) 70 HT_ADDBA_RECEIVED_MSK)
66#define HT_AGG_STATE_DEBUGFS_CTL BIT(7)
67 71
68/** 72/**
69 * struct tid_ampdu_tx - TID aggregation information (Tx). 73 * struct tid_ampdu_tx - TID aggregation information (Tx).
70 * 74 *
71 * @addba_resp_timer: timer for peer's response to addba request 75 * @addba_resp_timer: timer for peer's response to addba request
76 * @pending: pending frames queue -- use sta's spinlock to protect
72 * @ssn: Starting Sequence Number expected to be aggregated. 77 * @ssn: Starting Sequence Number expected to be aggregated.
73 * @dialog_token: dialog token for aggregation session 78 * @dialog_token: dialog token for aggregation session
74 */ 79 */
75struct tid_ampdu_tx { 80struct tid_ampdu_tx {
76 struct timer_list addba_resp_timer; 81 struct timer_list addba_resp_timer;
82 struct sk_buff_head pending;
77 u16 ssn; 83 u16 ssn;
78 u8 dialog_token; 84 u8 dialog_token;
79}; 85};
@@ -87,8 +93,9 @@ struct tid_ampdu_tx {
87 * @stored_mpdu_num: number of MPDUs in reordering buffer 93 * @stored_mpdu_num: number of MPDUs in reordering buffer
88 * @ssn: Starting Sequence Number expected to be aggregated. 94 * @ssn: Starting Sequence Number expected to be aggregated.
89 * @buf_size: buffer size for incoming A-MPDUs 95 * @buf_size: buffer size for incoming A-MPDUs
90 * @timeout: reset timer value. 96 * @timeout: reset timer value (in TUs).
91 * @dialog_token: dialog token for aggregation session 97 * @dialog_token: dialog token for aggregation session
98 * @shutdown: this session is being shut down due to STA removal
92 */ 99 */
93struct tid_ampdu_rx { 100struct tid_ampdu_rx {
94 struct sk_buff **reorder_buf; 101 struct sk_buff **reorder_buf;
@@ -99,6 +106,7 @@ struct tid_ampdu_rx {
99 u16 buf_size; 106 u16 buf_size;
100 u16 timeout; 107 u16 timeout;
101 u8 dialog_token; 108 u8 dialog_token;
109 bool shutdown;
102}; 110};
103 111
104/** 112/**
@@ -198,7 +206,6 @@ struct sta_ampdu_mlme {
198 * @tid_seq: per-TID sequence numbers for sending to this STA 206 * @tid_seq: per-TID sequence numbers for sending to this STA
199 * @ampdu_mlme: A-MPDU state machine state 207 * @ampdu_mlme: A-MPDU state machine state
200 * @timer_to_tid: identity mapping to ID timers 208 * @timer_to_tid: identity mapping to ID timers
201 * @tid_to_tx_q: map tid to tx queue
202 * @llid: Local link ID 209 * @llid: Local link ID
203 * @plid: Peer link ID 210 * @plid: Peer link ID
204 * @reason: Cancel reason on PLINK_HOLDING state 211 * @reason: Cancel reason on PLINK_HOLDING state
@@ -273,7 +280,6 @@ struct sta_info {
273 */ 280 */
274 struct sta_ampdu_mlme ampdu_mlme; 281 struct sta_ampdu_mlme ampdu_mlme;
275 u8 timer_to_tid[STA_TID_NUM]; 282 u8 timer_to_tid[STA_TID_NUM];
276 u8 tid_to_tx_q[STA_TID_NUM];
277 283
278#ifdef CONFIG_MAC80211_MESH 284#ifdef CONFIG_MAC80211_MESH
279 /* 285 /*
@@ -382,8 +388,6 @@ static inline u32 get_sta_flags(struct sta_info *sta)
382} 388}
383 389
384 390
385/* Maximum number of concurrently registered stations */
386#define MAX_STA_COUNT 2007
387 391
388#define STA_HASH_SIZE 256 392#define STA_HASH_SIZE 256
389#define STA_HASH(sta) (sta[5]) 393#define STA_HASH(sta) (sta[5])
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 94de5033f0b6..3fb04a86444d 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -34,7 +34,7 @@
34 34
35#define IEEE80211_TX_OK 0 35#define IEEE80211_TX_OK 0
36#define IEEE80211_TX_AGAIN 1 36#define IEEE80211_TX_AGAIN 1
37#define IEEE80211_TX_FRAG_AGAIN 2 37#define IEEE80211_TX_PENDING 2
38 38
39/* misc utils */ 39/* misc utils */
40 40
@@ -192,7 +192,19 @@ ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
192 return TX_CONTINUE; 192 return TX_CONTINUE;
193 193
194 if (unlikely(tx->local->sw_scanning) && 194 if (unlikely(tx->local->sw_scanning) &&
195 !ieee80211_is_probe_req(hdr->frame_control)) 195 !ieee80211_is_probe_req(hdr->frame_control) &&
196 !ieee80211_is_nullfunc(hdr->frame_control))
197 /*
198 * When software scanning only nullfunc frames (to notify
199 * the sleep state to the AP) and probe requests (for the
200 * active scan) are allowed, all other frames should not be
201 * sent and we should not get here, but if we do
202 * nonetheless, drop them to avoid sending them
203 * off-channel. See the link below and
204 * ieee80211_start_scan() for more.
205 *
206 * http://article.gmane.org/gmane.linux.kernel.wireless.general/30089
207 */
196 return TX_DROP; 208 return TX_DROP;
197 209
198 if (tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT) 210 if (tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
@@ -330,6 +342,22 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
330 return TX_CONTINUE; 342 return TX_CONTINUE;
331} 343}
332 344
345static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta,
346 struct sk_buff *skb)
347{
348 if (!ieee80211_is_mgmt(fc))
349 return 0;
350
351 if (sta == NULL || !test_sta_flags(sta, WLAN_STA_MFP))
352 return 0;
353
354 if (!ieee80211_is_robust_mgmt_frame((struct ieee80211_hdr *)
355 skb->data))
356 return 0;
357
358 return 1;
359}
360
333static ieee80211_tx_result 361static ieee80211_tx_result
334ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx) 362ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
335{ 363{
@@ -409,11 +437,17 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
409 tx->key = NULL; 437 tx->key = NULL;
410 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 438 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
411 tx->key = key; 439 tx->key = key;
440 else if (ieee80211_is_mgmt(hdr->frame_control) &&
441 (key = rcu_dereference(tx->sdata->default_mgmt_key)))
442 tx->key = key;
412 else if ((key = rcu_dereference(tx->sdata->default_key))) 443 else if ((key = rcu_dereference(tx->sdata->default_key)))
413 tx->key = key; 444 tx->key = key;
414 else if (tx->sdata->drop_unencrypted && 445 else if (tx->sdata->drop_unencrypted &&
415 (tx->skb->protocol != cpu_to_be16(ETH_P_PAE)) && 446 (tx->skb->protocol != cpu_to_be16(ETH_P_PAE)) &&
416 !(info->flags & IEEE80211_TX_CTL_INJECTED)) { 447 !(info->flags & IEEE80211_TX_CTL_INJECTED) &&
448 (!ieee80211_is_robust_mgmt_frame(hdr) ||
449 (ieee80211_is_action(hdr->frame_control) &&
450 tx->sta && test_sta_flags(tx->sta, WLAN_STA_MFP)))) {
417 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted); 451 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
418 return TX_DROP; 452 return TX_DROP;
419 } else 453 } else
@@ -428,10 +462,19 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
428 if (ieee80211_is_auth(hdr->frame_control)) 462 if (ieee80211_is_auth(hdr->frame_control))
429 break; 463 break;
430 case ALG_TKIP: 464 case ALG_TKIP:
431 case ALG_CCMP:
432 if (!ieee80211_is_data_present(hdr->frame_control)) 465 if (!ieee80211_is_data_present(hdr->frame_control))
433 tx->key = NULL; 466 tx->key = NULL;
434 break; 467 break;
468 case ALG_CCMP:
469 if (!ieee80211_is_data_present(hdr->frame_control) &&
470 !ieee80211_use_mfp(hdr->frame_control, tx->sta,
471 tx->skb))
472 tx->key = NULL;
473 break;
474 case ALG_AES_CMAC:
475 if (!ieee80211_is_mgmt(hdr->frame_control))
476 tx->key = NULL;
477 break;
435 } 478 }
436 } 479 }
437 480
@@ -658,17 +701,62 @@ ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx)
658 return TX_CONTINUE; 701 return TX_CONTINUE;
659} 702}
660 703
704static int ieee80211_fragment(struct ieee80211_local *local,
705 struct sk_buff *skb, int hdrlen,
706 int frag_threshold)
707{
708 struct sk_buff *tail = skb, *tmp;
709 int per_fragm = frag_threshold - hdrlen - FCS_LEN;
710 int pos = hdrlen + per_fragm;
711 int rem = skb->len - hdrlen - per_fragm;
712
713 if (WARN_ON(rem < 0))
714 return -EINVAL;
715
716 while (rem) {
717 int fraglen = per_fragm;
718
719 if (fraglen > rem)
720 fraglen = rem;
721 rem -= fraglen;
722 tmp = dev_alloc_skb(local->tx_headroom +
723 frag_threshold +
724 IEEE80211_ENCRYPT_HEADROOM +
725 IEEE80211_ENCRYPT_TAILROOM);
726 if (!tmp)
727 return -ENOMEM;
728 tail->next = tmp;
729 tail = tmp;
730 skb_reserve(tmp, local->tx_headroom +
731 IEEE80211_ENCRYPT_HEADROOM);
732 /* copy control information */
733 memcpy(tmp->cb, skb->cb, sizeof(tmp->cb));
734 skb_copy_queue_mapping(tmp, skb);
735 tmp->priority = skb->priority;
736 tmp->do_not_encrypt = skb->do_not_encrypt;
737 tmp->dev = skb->dev;
738 tmp->iif = skb->iif;
739
740 /* copy header and data */
741 memcpy(skb_put(tmp, hdrlen), skb->data, hdrlen);
742 memcpy(skb_put(tmp, fraglen), skb->data + pos, fraglen);
743
744 pos += fraglen;
745 }
746
747 skb->len = hdrlen + per_fragm;
748 return 0;
749}
750
661static ieee80211_tx_result debug_noinline 751static ieee80211_tx_result debug_noinline
662ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx) 752ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
663{ 753{
664 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb); 754 struct sk_buff *skb = tx->skb;
665 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; 755 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
666 size_t hdrlen, per_fragm, num_fragm, payload_len, left; 756 struct ieee80211_hdr *hdr = (void *)skb->data;
667 struct sk_buff **frags, *first, *frag;
668 int i;
669 u16 seq;
670 u8 *pos;
671 int frag_threshold = tx->local->fragmentation_threshold; 757 int frag_threshold = tx->local->fragmentation_threshold;
758 int hdrlen;
759 int fragnum;
672 760
673 if (!(tx->flags & IEEE80211_TX_FRAGMENTED)) 761 if (!(tx->flags & IEEE80211_TX_FRAGMENTED))
674 return TX_CONTINUE; 762 return TX_CONTINUE;
@@ -681,58 +769,35 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
681 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU)) 769 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU))
682 return TX_DROP; 770 return TX_DROP;
683 771
684 first = tx->skb;
685
686 hdrlen = ieee80211_hdrlen(hdr->frame_control); 772 hdrlen = ieee80211_hdrlen(hdr->frame_control);
687 payload_len = first->len - hdrlen;
688 per_fragm = frag_threshold - hdrlen - FCS_LEN;
689 num_fragm = DIV_ROUND_UP(payload_len, per_fragm);
690
691 frags = kzalloc(num_fragm * sizeof(struct sk_buff *), GFP_ATOMIC);
692 if (!frags)
693 goto fail;
694
695 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREFRAGS);
696 seq = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ;
697 pos = first->data + hdrlen + per_fragm;
698 left = payload_len - per_fragm;
699 for (i = 0; i < num_fragm - 1; i++) {
700 struct ieee80211_hdr *fhdr;
701 size_t copylen;
702
703 if (left <= 0)
704 goto fail;
705 773
706 /* reserve enough extra head and tail room for possible 774 /* internal error, why is TX_FRAGMENTED set? */
707 * encryption */ 775 if (WARN_ON(skb->len <= frag_threshold))
708 frag = frags[i] = 776 return TX_DROP;
709 dev_alloc_skb(tx->local->tx_headroom +
710 frag_threshold +
711 IEEE80211_ENCRYPT_HEADROOM +
712 IEEE80211_ENCRYPT_TAILROOM);
713 if (!frag)
714 goto fail;
715
716 /* Make sure that all fragments use the same priority so
717 * that they end up using the same TX queue */
718 frag->priority = first->priority;
719 777
720 skb_reserve(frag, tx->local->tx_headroom + 778 /*
721 IEEE80211_ENCRYPT_HEADROOM); 779 * Now fragment the frame. This will allocate all the fragments and
780 * chain them (using skb as the first fragment) to skb->next.
781 * During transmission, we will remove the successfully transmitted
782 * fragments from this list. When the low-level driver rejects one
783 * of the fragments then we will simply pretend to accept the skb
784 * but store it away as pending.
785 */
786 if (ieee80211_fragment(tx->local, skb, hdrlen, frag_threshold))
787 return TX_DROP;
722 788
723 /* copy TX information */ 789 /* update duration/seq/flags of fragments */
724 info = IEEE80211_SKB_CB(frag); 790 fragnum = 0;
725 memcpy(info, first->cb, sizeof(frag->cb)); 791 do {
792 int next_len;
793 const __le16 morefrags = cpu_to_le16(IEEE80211_FCTL_MOREFRAGS);
726 794
727 /* copy/fill in 802.11 header */ 795 hdr = (void *)skb->data;
728 fhdr = (struct ieee80211_hdr *) skb_put(frag, hdrlen); 796 info = IEEE80211_SKB_CB(skb);
729 memcpy(fhdr, first->data, hdrlen);
730 fhdr->seq_ctrl = cpu_to_le16(seq | ((i + 1) & IEEE80211_SCTL_FRAG));
731 797
732 if (i == num_fragm - 2) { 798 if (skb->next) {
733 /* clear MOREFRAGS bit for the last fragment */ 799 hdr->frame_control |= morefrags;
734 fhdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREFRAGS); 800 next_len = skb->next->len;
735 } else {
736 /* 801 /*
737 * No multi-rate retries for fragmented frames, that 802 * No multi-rate retries for fragmented frames, that
738 * would completely throw off the NAV at other STAs. 803 * would completely throw off the NAV at other STAs.
@@ -743,35 +808,16 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
743 info->control.rates[4].idx = -1; 808 info->control.rates[4].idx = -1;
744 BUILD_BUG_ON(IEEE80211_TX_MAX_RATES != 5); 809 BUILD_BUG_ON(IEEE80211_TX_MAX_RATES != 5);
745 info->flags &= ~IEEE80211_TX_CTL_RATE_CTRL_PROBE; 810 info->flags &= ~IEEE80211_TX_CTL_RATE_CTRL_PROBE;
811 } else {
812 hdr->frame_control &= ~morefrags;
813 next_len = 0;
746 } 814 }
747 815 hdr->duration_id = ieee80211_duration(tx, 0, next_len);
748 /* copy data */ 816 hdr->seq_ctrl |= cpu_to_le16(fragnum & IEEE80211_SCTL_FRAG);
749 copylen = left > per_fragm ? per_fragm : left; 817 fragnum++;
750 memcpy(skb_put(frag, copylen), pos, copylen); 818 } while ((skb = skb->next));
751
752 skb_copy_queue_mapping(frag, first);
753
754 frag->do_not_encrypt = first->do_not_encrypt;
755
756 pos += copylen;
757 left -= copylen;
758 }
759 skb_trim(first, hdrlen + per_fragm);
760
761 tx->num_extra_frag = num_fragm - 1;
762 tx->extra_frag = frags;
763 819
764 return TX_CONTINUE; 820 return TX_CONTINUE;
765
766 fail:
767 if (frags) {
768 for (i = 0; i < num_fragm - 1; i++)
769 if (frags[i])
770 dev_kfree_skb(frags[i]);
771 kfree(frags);
772 }
773 I802_DEBUG_INC(tx->local->tx_handlers_drop_fragment);
774 return TX_DROP;
775} 821}
776 822
777static ieee80211_tx_result debug_noinline 823static ieee80211_tx_result debug_noinline
@@ -787,6 +833,8 @@ ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
787 return ieee80211_crypto_tkip_encrypt(tx); 833 return ieee80211_crypto_tkip_encrypt(tx);
788 case ALG_CCMP: 834 case ALG_CCMP:
789 return ieee80211_crypto_ccmp_encrypt(tx); 835 return ieee80211_crypto_ccmp_encrypt(tx);
836 case ALG_AES_CMAC:
837 return ieee80211_crypto_aes_cmac_encrypt(tx);
790 } 838 }
791 839
792 /* not reached */ 840 /* not reached */
@@ -797,27 +845,19 @@ ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
797static ieee80211_tx_result debug_noinline 845static ieee80211_tx_result debug_noinline
798ieee80211_tx_h_calculate_duration(struct ieee80211_tx_data *tx) 846ieee80211_tx_h_calculate_duration(struct ieee80211_tx_data *tx)
799{ 847{
800 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; 848 struct sk_buff *skb = tx->skb;
801 int next_len, i; 849 struct ieee80211_hdr *hdr;
802 int group_addr = is_multicast_ether_addr(hdr->addr1); 850 int next_len;
803 851 bool group_addr;
804 if (!(tx->flags & IEEE80211_TX_FRAGMENTED)) {
805 hdr->duration_id = ieee80211_duration(tx, group_addr, 0);
806 return TX_CONTINUE;
807 }
808
809 hdr->duration_id = ieee80211_duration(tx, group_addr,
810 tx->extra_frag[0]->len);
811 852
812 for (i = 0; i < tx->num_extra_frag; i++) { 853 do {
813 if (i + 1 < tx->num_extra_frag) 854 hdr = (void *) skb->data;
814 next_len = tx->extra_frag[i + 1]->len; 855 next_len = skb->next ? skb->next->len : 0;
815 else 856 group_addr = is_multicast_ether_addr(hdr->addr1);
816 next_len = 0;
817 857
818 hdr = (struct ieee80211_hdr *)tx->extra_frag[i]->data; 858 hdr->duration_id =
819 hdr->duration_id = ieee80211_duration(tx, 0, next_len); 859 ieee80211_duration(tx, group_addr, next_len);
820 } 860 } while ((skb = skb->next));
821 861
822 return TX_CONTINUE; 862 return TX_CONTINUE;
823} 863}
@@ -825,24 +865,20 @@ ieee80211_tx_h_calculate_duration(struct ieee80211_tx_data *tx)
825static ieee80211_tx_result debug_noinline 865static ieee80211_tx_result debug_noinline
826ieee80211_tx_h_stats(struct ieee80211_tx_data *tx) 866ieee80211_tx_h_stats(struct ieee80211_tx_data *tx)
827{ 867{
828 int i; 868 struct sk_buff *skb = tx->skb;
829 869
830 if (!tx->sta) 870 if (!tx->sta)
831 return TX_CONTINUE; 871 return TX_CONTINUE;
832 872
833 tx->sta->tx_packets++; 873 tx->sta->tx_packets++;
834 tx->sta->tx_fragments++; 874 do {
835 tx->sta->tx_bytes += tx->skb->len; 875 tx->sta->tx_fragments++;
836 if (tx->extra_frag) { 876 tx->sta->tx_bytes += skb->len;
837 tx->sta->tx_fragments += tx->num_extra_frag; 877 } while ((skb = skb->next));
838 for (i = 0; i < tx->num_extra_frag; i++)
839 tx->sta->tx_bytes += tx->extra_frag[i]->len;
840 }
841 878
842 return TX_CONTINUE; 879 return TX_CONTINUE;
843} 880}
844 881
845
846/* actual transmit path */ 882/* actual transmit path */
847 883
848/* 884/*
@@ -948,9 +984,9 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
948 struct ieee80211_hdr *hdr; 984 struct ieee80211_hdr *hdr;
949 struct ieee80211_sub_if_data *sdata; 985 struct ieee80211_sub_if_data *sdata;
950 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 986 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
951
952 int hdrlen, tid; 987 int hdrlen, tid;
953 u8 *qc, *state; 988 u8 *qc, *state;
989 bool queued = false;
954 990
955 memset(tx, 0, sizeof(*tx)); 991 memset(tx, 0, sizeof(*tx));
956 tx->skb = skb; 992 tx->skb = skb;
@@ -977,17 +1013,53 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
977 */ 1013 */
978 } 1014 }
979 1015
1016 /*
1017 * If this flag is set to true anywhere, and we get here,
1018 * we are doing the needed processing, so remove the flag
1019 * now.
1020 */
1021 info->flags &= ~IEEE80211_TX_INTFL_NEED_TXPROCESSING;
1022
980 hdr = (struct ieee80211_hdr *) skb->data; 1023 hdr = (struct ieee80211_hdr *) skb->data;
981 1024
982 tx->sta = sta_info_get(local, hdr->addr1); 1025 tx->sta = sta_info_get(local, hdr->addr1);
983 1026
984 if (tx->sta && ieee80211_is_data_qos(hdr->frame_control)) { 1027 if (tx->sta && ieee80211_is_data_qos(hdr->frame_control) &&
1028 (local->hw.flags & IEEE80211_HW_AMPDU_AGGREGATION)) {
1029 unsigned long flags;
1030 struct tid_ampdu_tx *tid_tx;
1031
985 qc = ieee80211_get_qos_ctl(hdr); 1032 qc = ieee80211_get_qos_ctl(hdr);
986 tid = *qc & IEEE80211_QOS_CTL_TID_MASK; 1033 tid = *qc & IEEE80211_QOS_CTL_TID_MASK;
987 1034
1035 spin_lock_irqsave(&tx->sta->lock, flags);
1036 /*
1037 * XXX: This spinlock could be fairly expensive, but see the
1038 * comment in agg-tx.c:ieee80211_agg_tx_operational().
1039 * One way to solve this would be to do something RCU-like
1040 * for managing the tid_tx struct and using atomic bitops
1041 * for the actual state -- by introducing an actual
1042 * 'operational' bit that would be possible. It would
1043 * require changing ieee80211_agg_tx_operational() to
1044 * set that bit, and changing the way tid_tx is managed
1045 * everywhere, including races between that bit and
1046 * tid_tx going away (tid_tx being added can be easily
1047 * committed to memory before the 'operational' bit).
1048 */
1049 tid_tx = tx->sta->ampdu_mlme.tid_tx[tid];
988 state = &tx->sta->ampdu_mlme.tid_state_tx[tid]; 1050 state = &tx->sta->ampdu_mlme.tid_state_tx[tid];
989 if (*state == HT_AGG_STATE_OPERATIONAL) 1051 if (*state == HT_AGG_STATE_OPERATIONAL) {
990 info->flags |= IEEE80211_TX_CTL_AMPDU; 1052 info->flags |= IEEE80211_TX_CTL_AMPDU;
1053 } else if (*state != HT_AGG_STATE_IDLE) {
1054 /* in progress */
1055 queued = true;
1056 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
1057 __skb_queue_tail(&tid_tx->pending, skb);
1058 }
1059 spin_unlock_irqrestore(&tx->sta->lock, flags);
1060
1061 if (unlikely(queued))
1062 return TX_QUEUED;
991 } 1063 }
992 1064
993 if (is_multicast_ether_addr(hdr->addr1)) { 1065 if (is_multicast_ether_addr(hdr->addr1)) {
@@ -1038,51 +1110,55 @@ static int ieee80211_tx_prepare(struct ieee80211_local *local,
1038 } 1110 }
1039 if (unlikely(!dev)) 1111 if (unlikely(!dev))
1040 return -ENODEV; 1112 return -ENODEV;
1041 /* initialises tx with control */ 1113 /*
1114 * initialises tx with control
1115 *
1116 * return value is safe to ignore here because this function
1117 * can only be invoked for multicast frames
1118 *
1119 * XXX: clean up
1120 */
1042 __ieee80211_tx_prepare(tx, skb, dev); 1121 __ieee80211_tx_prepare(tx, skb, dev);
1043 dev_put(dev); 1122 dev_put(dev);
1044 return 0; 1123 return 0;
1045} 1124}
1046 1125
1047static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb, 1126static int __ieee80211_tx(struct ieee80211_local *local,
1048 struct ieee80211_tx_data *tx) 1127 struct sk_buff **skbp,
1128 struct sta_info *sta)
1049{ 1129{
1130 struct sk_buff *skb = *skbp, *next;
1050 struct ieee80211_tx_info *info; 1131 struct ieee80211_tx_info *info;
1051 int ret, i; 1132 int ret, len;
1133 bool fragm = false;
1052 1134
1053 if (skb) { 1135 local->mdev->trans_start = jiffies;
1054 if (netif_subqueue_stopped(local->mdev, skb))
1055 return IEEE80211_TX_AGAIN;
1056 info = IEEE80211_SKB_CB(skb);
1057 1136
1058 ret = local->ops->tx(local_to_hw(local), skb); 1137 while (skb) {
1059 if (ret) 1138 if (ieee80211_queue_stopped(&local->hw,
1060 return IEEE80211_TX_AGAIN; 1139 skb_get_queue_mapping(skb)))
1061 local->mdev->trans_start = jiffies; 1140 return IEEE80211_TX_PENDING;
1062 ieee80211_led_tx(local, 1); 1141
1063 } 1142 info = IEEE80211_SKB_CB(skb);
1064 if (tx->extra_frag) { 1143
1065 for (i = 0; i < tx->num_extra_frag; i++) { 1144 if (fragm)
1066 if (!tx->extra_frag[i])
1067 continue;
1068 info = IEEE80211_SKB_CB(tx->extra_frag[i]);
1069 info->flags &= ~(IEEE80211_TX_CTL_CLEAR_PS_FILT | 1145 info->flags &= ~(IEEE80211_TX_CTL_CLEAR_PS_FILT |
1070 IEEE80211_TX_CTL_FIRST_FRAGMENT); 1146 IEEE80211_TX_CTL_FIRST_FRAGMENT);
1071 if (netif_subqueue_stopped(local->mdev, 1147
1072 tx->extra_frag[i])) 1148 next = skb->next;
1073 return IEEE80211_TX_FRAG_AGAIN; 1149 len = skb->len;
1074 1150 ret = local->ops->tx(local_to_hw(local), skb);
1075 ret = local->ops->tx(local_to_hw(local), 1151 if (WARN_ON(ret != NETDEV_TX_OK && skb->len != len)) {
1076 tx->extra_frag[i]); 1152 dev_kfree_skb(skb);
1077 if (ret) 1153 ret = NETDEV_TX_OK;
1078 return IEEE80211_TX_FRAG_AGAIN;
1079 local->mdev->trans_start = jiffies;
1080 ieee80211_led_tx(local, 1);
1081 tx->extra_frag[i] = NULL;
1082 } 1154 }
1083 kfree(tx->extra_frag); 1155 if (ret != NETDEV_TX_OK)
1084 tx->extra_frag = NULL; 1156 return IEEE80211_TX_AGAIN;
1157 *skbp = skb = next;
1158 ieee80211_led_tx(local, 1);
1159 fragm = true;
1085 } 1160 }
1161
1086 return IEEE80211_TX_OK; 1162 return IEEE80211_TX_OK;
1087} 1163}
1088 1164
@@ -1094,7 +1170,6 @@ static int invoke_tx_handlers(struct ieee80211_tx_data *tx)
1094{ 1170{
1095 struct sk_buff *skb = tx->skb; 1171 struct sk_buff *skb = tx->skb;
1096 ieee80211_tx_result res = TX_DROP; 1172 ieee80211_tx_result res = TX_DROP;
1097 int i;
1098 1173
1099#define CALL_TXH(txh) \ 1174#define CALL_TXH(txh) \
1100 res = txh(tx); \ 1175 res = txh(tx); \
@@ -1118,11 +1193,13 @@ static int invoke_tx_handlers(struct ieee80211_tx_data *tx)
1118 txh_done: 1193 txh_done:
1119 if (unlikely(res == TX_DROP)) { 1194 if (unlikely(res == TX_DROP)) {
1120 I802_DEBUG_INC(tx->local->tx_handlers_drop); 1195 I802_DEBUG_INC(tx->local->tx_handlers_drop);
1121 dev_kfree_skb(skb); 1196 while (skb) {
1122 for (i = 0; i < tx->num_extra_frag; i++) 1197 struct sk_buff *next;
1123 if (tx->extra_frag[i]) 1198
1124 dev_kfree_skb(tx->extra_frag[i]); 1199 next = skb->next;
1125 kfree(tx->extra_frag); 1200 dev_kfree_skb(skb);
1201 skb = next;
1202 }
1126 return -1; 1203 return -1;
1127 } else if (unlikely(res == TX_QUEUED)) { 1204 } else if (unlikely(res == TX_QUEUED)) {
1128 I802_DEBUG_INC(tx->local->tx_handlers_queued); 1205 I802_DEBUG_INC(tx->local->tx_handlers_queued);
@@ -1132,23 +1209,26 @@ static int invoke_tx_handlers(struct ieee80211_tx_data *tx)
1132 return 0; 1209 return 0;
1133} 1210}
1134 1211
1135static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb) 1212static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1213 bool txpending)
1136{ 1214{
1137 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1215 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1138 struct sta_info *sta; 1216 struct sta_info *sta;
1139 struct ieee80211_tx_data tx; 1217 struct ieee80211_tx_data tx;
1140 ieee80211_tx_result res_prepare; 1218 ieee80211_tx_result res_prepare;
1141 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1219 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1142 int ret, i; 1220 struct sk_buff *next;
1221 unsigned long flags;
1222 int ret, retries;
1143 u16 queue; 1223 u16 queue;
1144 1224
1145 queue = skb_get_queue_mapping(skb); 1225 queue = skb_get_queue_mapping(skb);
1146 1226
1147 WARN_ON(test_bit(queue, local->queues_pending)); 1227 WARN_ON(!txpending && !skb_queue_empty(&local->pending[queue]));
1148 1228
1149 if (unlikely(skb->len < 10)) { 1229 if (unlikely(skb->len < 10)) {
1150 dev_kfree_skb(skb); 1230 dev_kfree_skb(skb);
1151 return 0; 1231 return;
1152 } 1232 }
1153 1233
1154 rcu_read_lock(); 1234 rcu_read_lock();
@@ -1156,10 +1236,13 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb)
1156 /* initialises tx */ 1236 /* initialises tx */
1157 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev); 1237 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev);
1158 1238
1159 if (res_prepare == TX_DROP) { 1239 if (unlikely(res_prepare == TX_DROP)) {
1160 dev_kfree_skb(skb); 1240 dev_kfree_skb(skb);
1161 rcu_read_unlock(); 1241 rcu_read_unlock();
1162 return 0; 1242 return;
1243 } else if (unlikely(res_prepare == TX_QUEUED)) {
1244 rcu_read_unlock();
1245 return;
1163 } 1246 }
1164 1247
1165 sta = tx.sta; 1248 sta = tx.sta;
@@ -1169,11 +1252,13 @@ static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb)
1169 if (invoke_tx_handlers(&tx)) 1252 if (invoke_tx_handlers(&tx))
1170 goto out; 1253 goto out;
1171 1254
1172retry: 1255 retries = 0;
1173 ret = __ieee80211_tx(local, skb, &tx); 1256 retry:
1174 if (ret) { 1257 ret = __ieee80211_tx(local, &tx.skb, tx.sta);
1175 struct ieee80211_tx_stored_packet *store; 1258 switch (ret) {
1176 1259 case IEEE80211_TX_OK:
1260 break;
1261 case IEEE80211_TX_AGAIN:
1177 /* 1262 /*
1178 * Since there are no fragmented frames on A-MPDU 1263 * Since there are no fragmented frames on A-MPDU
1179 * queues, there's no reason for a driver to reject 1264 * queues, there's no reason for a driver to reject
@@ -1181,46 +1266,57 @@ retry:
1181 */ 1266 */
1182 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU)) 1267 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU))
1183 goto drop; 1268 goto drop;
1269 /* fall through */
1270 case IEEE80211_TX_PENDING:
1271 skb = tx.skb;
1272
1273 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1274
1275 if (__netif_subqueue_stopped(local->mdev, queue)) {
1276 do {
1277 next = skb->next;
1278 skb->next = NULL;
1279 if (unlikely(txpending))
1280 skb_queue_head(&local->pending[queue],
1281 skb);
1282 else
1283 skb_queue_tail(&local->pending[queue],
1284 skb);
1285 } while ((skb = next));
1184 1286
1185 store = &local->pending_packet[queue]; 1287 /*
1288 * Make sure nobody will enable the queue on us
1289 * (without going through the tasklet) nor disable the
1290 * netdev queue underneath the pending handling code.
1291 */
1292 __set_bit(IEEE80211_QUEUE_STOP_REASON_PENDING,
1293 &local->queue_stop_reasons[queue]);
1186 1294
1187 if (ret == IEEE80211_TX_FRAG_AGAIN) 1295 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1188 skb = NULL; 1296 flags);
1297 } else {
1298 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1299 flags);
1189 1300
1190 set_bit(queue, local->queues_pending); 1301 retries++;
1191 smp_mb(); 1302 if (WARN(retries > 10, "tx refused but queue active"))
1192 /* 1303 goto drop;
1193 * When the driver gets out of buffers during sending of
1194 * fragments and calls ieee80211_stop_queue, the netif
1195 * subqueue is stopped. There is, however, a small window
1196 * in which the PENDING bit is not yet set. If a buffer
1197 * gets available in that window (i.e. driver calls
1198 * ieee80211_wake_queue), we would end up with ieee80211_tx
1199 * called with the PENDING bit still set. Prevent this by
1200 * continuing transmitting here when that situation is
1201 * possible to have happened.
1202 */
1203 if (!__netif_subqueue_stopped(local->mdev, queue)) {
1204 clear_bit(queue, local->queues_pending);
1205 goto retry; 1304 goto retry;
1206 } 1305 }
1207 store->skb = skb;
1208 store->extra_frag = tx.extra_frag;
1209 store->num_extra_frag = tx.num_extra_frag;
1210 } 1306 }
1211 out: 1307 out:
1212 rcu_read_unlock(); 1308 rcu_read_unlock();
1213 return 0; 1309 return;
1214 1310
1215 drop: 1311 drop:
1216 if (skb)
1217 dev_kfree_skb(skb);
1218 for (i = 0; i < tx.num_extra_frag; i++)
1219 if (tx.extra_frag[i])
1220 dev_kfree_skb(tx.extra_frag[i]);
1221 kfree(tx.extra_frag);
1222 rcu_read_unlock(); 1312 rcu_read_unlock();
1223 return 0; 1313
1314 skb = tx.skb;
1315 while (skb) {
1316 next = skb->next;
1317 dev_kfree_skb(skb);
1318 skb = next;
1319 }
1224} 1320}
1225 1321
1226/* device xmit handlers */ 1322/* device xmit handlers */
@@ -1279,7 +1375,6 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1279 FOUND_SDATA, 1375 FOUND_SDATA,
1280 UNKNOWN_ADDRESS, 1376 UNKNOWN_ADDRESS,
1281 } monitor_iface = NOT_MONITOR; 1377 } monitor_iface = NOT_MONITOR;
1282 int ret;
1283 1378
1284 if (skb->iif) 1379 if (skb->iif)
1285 odev = dev_get_by_index(&init_net, skb->iif); 1380 odev = dev_get_by_index(&init_net, skb->iif);
@@ -1293,7 +1388,20 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1293 "originating device\n", dev->name); 1388 "originating device\n", dev->name);
1294#endif 1389#endif
1295 dev_kfree_skb(skb); 1390 dev_kfree_skb(skb);
1296 return 0; 1391 return NETDEV_TX_OK;
1392 }
1393
1394 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
1395 local->hw.conf.dynamic_ps_timeout > 0) {
1396 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1397 ieee80211_stop_queues_by_reason(&local->hw,
1398 IEEE80211_QUEUE_STOP_REASON_PS);
1399 queue_work(local->hw.workqueue,
1400 &local->dynamic_ps_disable_work);
1401 }
1402
1403 mod_timer(&local->dynamic_ps_timer, jiffies +
1404 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
1297 } 1405 }
1298 1406
1299 memset(info, 0, sizeof(*info)); 1407 memset(info, 0, sizeof(*info));
@@ -1309,7 +1417,7 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1309 else 1417 else
1310 if (mesh_nexthop_lookup(skb, osdata)) { 1418 if (mesh_nexthop_lookup(skb, osdata)) {
1311 dev_put(odev); 1419 dev_put(odev);
1312 return 0; 1420 return NETDEV_TX_OK;
1313 } 1421 }
1314 if (memcmp(odev->dev_addr, hdr->addr4, ETH_ALEN) != 0) 1422 if (memcmp(odev->dev_addr, hdr->addr4, ETH_ALEN) != 0)
1315 IEEE80211_IFSTA_MESH_CTR_INC(&osdata->u.mesh, 1423 IEEE80211_IFSTA_MESH_CTR_INC(&osdata->u.mesh,
@@ -1371,7 +1479,7 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1371 if (ieee80211_skb_resize(osdata->local, skb, headroom, may_encrypt)) { 1479 if (ieee80211_skb_resize(osdata->local, skb, headroom, may_encrypt)) {
1372 dev_kfree_skb(skb); 1480 dev_kfree_skb(skb);
1373 dev_put(odev); 1481 dev_put(odev);
1374 return 0; 1482 return NETDEV_TX_OK;
1375 } 1483 }
1376 1484
1377 if (osdata->vif.type == NL80211_IFTYPE_AP_VLAN) 1485 if (osdata->vif.type == NL80211_IFTYPE_AP_VLAN)
@@ -1380,20 +1488,42 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1380 u.ap); 1488 u.ap);
1381 if (likely(monitor_iface != UNKNOWN_ADDRESS)) 1489 if (likely(monitor_iface != UNKNOWN_ADDRESS))
1382 info->control.vif = &osdata->vif; 1490 info->control.vif = &osdata->vif;
1383 ret = ieee80211_tx(odev, skb); 1491
1492 ieee80211_tx(odev, skb, false);
1384 dev_put(odev); 1493 dev_put(odev);
1385 1494
1386 return ret; 1495 return NETDEV_TX_OK;
1387} 1496}
1388 1497
1389int ieee80211_monitor_start_xmit(struct sk_buff *skb, 1498int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1390 struct net_device *dev) 1499 struct net_device *dev)
1391{ 1500{
1392 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1501 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1502 struct ieee80211_channel *chan = local->hw.conf.channel;
1393 struct ieee80211_radiotap_header *prthdr = 1503 struct ieee80211_radiotap_header *prthdr =
1394 (struct ieee80211_radiotap_header *)skb->data; 1504 (struct ieee80211_radiotap_header *)skb->data;
1395 u16 len_rthdr; 1505 u16 len_rthdr;
1396 1506
1507 /*
1508 * Frame injection is not allowed if beaconing is not allowed
1509 * or if we need radar detection. Beaconing is usually not allowed when
1510 * the mode or operation (Adhoc, AP, Mesh) does not support DFS.
1511 * Passive scan is also used in world regulatory domains where
1512 * your country is not known and as such it should be treated as
1513 * NO TX unless the channel is explicitly allowed in which case
1514 * your current regulatory domain would not have the passive scan
1515 * flag.
1516 *
1517 * Since AP mode uses monitor interfaces to inject/TX management
1518 * frames we can make AP mode the exception to this rule once it
1519 * supports radar detection as its implementation can deal with
1520 * radar detection by itself. We can do that later by adding a
1521 * monitor flag interfaces used for AP support.
1522 */
1523 if ((chan->flags & (IEEE80211_CHAN_NO_IBSS | IEEE80211_CHAN_RADAR |
1524 IEEE80211_CHAN_PASSIVE_SCAN)))
1525 goto fail;
1526
1397 /* check for not even having the fixed radiotap header part */ 1527 /* check for not even having the fixed radiotap header part */
1398 if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header))) 1528 if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header)))
1399 goto fail; /* too short to be possibly valid */ 1529 goto fail; /* too short to be possibly valid */
@@ -1477,19 +1607,6 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1477 goto fail; 1607 goto fail;
1478 } 1608 }
1479 1609
1480 if (!(local->hw.flags & IEEE80211_HW_NO_STACK_DYNAMIC_PS) &&
1481 local->dynamic_ps_timeout > 0) {
1482 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1483 ieee80211_stop_queues_by_reason(&local->hw,
1484 IEEE80211_QUEUE_STOP_REASON_PS);
1485 queue_work(local->hw.workqueue,
1486 &local->dynamic_ps_disable_work);
1487 }
1488
1489 mod_timer(&local->dynamic_ps_timer, jiffies +
1490 msecs_to_jiffies(local->dynamic_ps_timeout));
1491 }
1492
1493 nh_pos = skb_network_header(skb) - skb->data; 1610 nh_pos = skb_network_header(skb) - skb->data;
1494 h_pos = skb_transport_header(skb) - skb->data; 1611 h_pos = skb_transport_header(skb) - skb->data;
1495 1612
@@ -1570,7 +1687,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1570 case NL80211_IFTYPE_STATION: 1687 case NL80211_IFTYPE_STATION:
1571 fc |= cpu_to_le16(IEEE80211_FCTL_TODS); 1688 fc |= cpu_to_le16(IEEE80211_FCTL_TODS);
1572 /* BSSID SA DA */ 1689 /* BSSID SA DA */
1573 memcpy(hdr.addr1, sdata->u.sta.bssid, ETH_ALEN); 1690 memcpy(hdr.addr1, sdata->u.mgd.bssid, ETH_ALEN);
1574 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); 1691 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1575 memcpy(hdr.addr3, skb->data, ETH_ALEN); 1692 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1576 hdrlen = 24; 1693 hdrlen = 24;
@@ -1579,7 +1696,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1579 /* DA SA BSSID */ 1696 /* DA SA BSSID */
1580 memcpy(hdr.addr1, skb->data, ETH_ALEN); 1697 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1581 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); 1698 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1582 memcpy(hdr.addr3, sdata->u.sta.bssid, ETH_ALEN); 1699 memcpy(hdr.addr3, sdata->u.ibss.bssid, ETH_ALEN);
1583 hdrlen = 24; 1700 hdrlen = 24;
1584 break; 1701 break;
1585 default: 1702 default:
@@ -1601,8 +1718,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1601 } 1718 }
1602 1719
1603 /* receiver and we are QoS enabled, use a QoS type frame */ 1720 /* receiver and we are QoS enabled, use a QoS type frame */
1604 if (sta_flags & WLAN_STA_WME && 1721 if ((sta_flags & WLAN_STA_WME) && local->hw.queues >= 4) {
1605 ieee80211_num_regular_queues(&local->hw) >= 4) {
1606 fc |= cpu_to_le16(IEEE80211_STYPE_QOS_DATA); 1722 fc |= cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
1607 hdrlen += 2; 1723 hdrlen += 2;
1608 } 1724 }
@@ -1734,19 +1850,58 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1734 */ 1850 */
1735void ieee80211_clear_tx_pending(struct ieee80211_local *local) 1851void ieee80211_clear_tx_pending(struct ieee80211_local *local)
1736{ 1852{
1737 int i, j; 1853 int i;
1738 struct ieee80211_tx_stored_packet *store;
1739 1854
1740 for (i = 0; i < ieee80211_num_regular_queues(&local->hw); i++) { 1855 for (i = 0; i < local->hw.queues; i++)
1741 if (!test_bit(i, local->queues_pending)) 1856 skb_queue_purge(&local->pending[i]);
1742 continue; 1857}
1743 store = &local->pending_packet[i]; 1858
1744 kfree_skb(store->skb); 1859static bool ieee80211_tx_pending_skb(struct ieee80211_local *local,
1745 for (j = 0; j < store->num_extra_frag; j++) 1860 struct sk_buff *skb)
1746 kfree_skb(store->extra_frag[j]); 1861{
1747 kfree(store->extra_frag); 1862 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1748 clear_bit(i, local->queues_pending); 1863 struct ieee80211_sub_if_data *sdata;
1864 struct sta_info *sta;
1865 struct ieee80211_hdr *hdr;
1866 struct net_device *dev;
1867 int ret;
1868 bool result = true;
1869
1870 /* does interface still exist? */
1871 dev = dev_get_by_index(&init_net, skb->iif);
1872 if (!dev) {
1873 dev_kfree_skb(skb);
1874 return true;
1875 }
1876
1877 /* validate info->control.vif against skb->iif */
1878 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1879 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
1880 sdata = container_of(sdata->bss,
1881 struct ieee80211_sub_if_data,
1882 u.ap);
1883
1884 if (unlikely(info->control.vif && info->control.vif != &sdata->vif)) {
1885 dev_kfree_skb(skb);
1886 result = true;
1887 goto out;
1749 } 1888 }
1889
1890 if (info->flags & IEEE80211_TX_INTFL_NEED_TXPROCESSING) {
1891 ieee80211_tx(dev, skb, true);
1892 } else {
1893 hdr = (struct ieee80211_hdr *)skb->data;
1894 sta = sta_info_get(local, hdr->addr1);
1895
1896 ret = __ieee80211_tx(local, &skb, sta);
1897 if (ret != IEEE80211_TX_OK)
1898 result = false;
1899 }
1900
1901 out:
1902 dev_put(dev);
1903
1904 return result;
1750} 1905}
1751 1906
1752/* 1907/*
@@ -1757,40 +1912,53 @@ void ieee80211_tx_pending(unsigned long data)
1757{ 1912{
1758 struct ieee80211_local *local = (struct ieee80211_local *)data; 1913 struct ieee80211_local *local = (struct ieee80211_local *)data;
1759 struct net_device *dev = local->mdev; 1914 struct net_device *dev = local->mdev;
1760 struct ieee80211_tx_stored_packet *store; 1915 unsigned long flags;
1761 struct ieee80211_tx_data tx; 1916 int i;
1762 int i, ret; 1917 bool next;
1763 1918
1919 rcu_read_lock();
1764 netif_tx_lock_bh(dev); 1920 netif_tx_lock_bh(dev);
1765 for (i = 0; i < ieee80211_num_regular_queues(&local->hw); i++) {
1766 /* Check that this queue is ok */
1767 if (__netif_subqueue_stopped(local->mdev, i) &&
1768 !test_bit(i, local->queues_pending_run))
1769 continue;
1770 1921
1771 if (!test_bit(i, local->queues_pending)) { 1922 for (i = 0; i < local->hw.queues; i++) {
1772 clear_bit(i, local->queues_pending_run); 1923 /*
1773 ieee80211_wake_queue(&local->hw, i); 1924 * If queue is stopped by something other than due to pending
1925 * frames, or we have no pending frames, proceed to next queue.
1926 */
1927 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1928 next = false;
1929 if (local->queue_stop_reasons[i] !=
1930 BIT(IEEE80211_QUEUE_STOP_REASON_PENDING) ||
1931 skb_queue_empty(&local->pending[i]))
1932 next = true;
1933 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1934
1935 if (next)
1774 continue; 1936 continue;
1775 }
1776 1937
1777 clear_bit(i, local->queues_pending_run); 1938 /*
1939 * start the queue now to allow processing our packets,
1940 * we're under the tx lock here anyway so nothing will
1941 * happen as a result of this
1942 */
1778 netif_start_subqueue(local->mdev, i); 1943 netif_start_subqueue(local->mdev, i);
1779 1944
1780 store = &local->pending_packet[i]; 1945 while (!skb_queue_empty(&local->pending[i])) {
1781 tx.extra_frag = store->extra_frag; 1946 struct sk_buff *skb = skb_dequeue(&local->pending[i]);
1782 tx.num_extra_frag = store->num_extra_frag; 1947
1783 tx.flags = 0; 1948 if (!ieee80211_tx_pending_skb(local, skb)) {
1784 ret = __ieee80211_tx(local, store->skb, &tx); 1949 skb_queue_head(&local->pending[i], skb);
1785 if (ret) { 1950 break;
1786 if (ret == IEEE80211_TX_FRAG_AGAIN) 1951 }
1787 store->skb = NULL;
1788 } else {
1789 clear_bit(i, local->queues_pending);
1790 ieee80211_wake_queue(&local->hw, i);
1791 } 1952 }
1953
1954 /* Start regular packet processing again. */
1955 if (skb_queue_empty(&local->pending[i]))
1956 ieee80211_wake_queue_by_reason(&local->hw, i,
1957 IEEE80211_QUEUE_STOP_REASON_PENDING);
1792 } 1958 }
1959
1793 netif_tx_unlock_bh(dev); 1960 netif_tx_unlock_bh(dev);
1961 rcu_read_unlock();
1794} 1962}
1795 1963
1796/* functions for drivers to get certain frames */ 1964/* functions for drivers to get certain frames */
@@ -1865,7 +2033,6 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1865 struct ieee80211_tx_info *info; 2033 struct ieee80211_tx_info *info;
1866 struct ieee80211_sub_if_data *sdata = NULL; 2034 struct ieee80211_sub_if_data *sdata = NULL;
1867 struct ieee80211_if_ap *ap = NULL; 2035 struct ieee80211_if_ap *ap = NULL;
1868 struct ieee80211_if_sta *ifsta = NULL;
1869 struct beacon_data *beacon; 2036 struct beacon_data *beacon;
1870 struct ieee80211_supported_band *sband; 2037 struct ieee80211_supported_band *sband;
1871 enum ieee80211_band band = local->hw.conf.channel->band; 2038 enum ieee80211_band band = local->hw.conf.channel->band;
@@ -1917,13 +2084,13 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
1917 } else 2084 } else
1918 goto out; 2085 goto out;
1919 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 2086 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
2087 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1920 struct ieee80211_hdr *hdr; 2088 struct ieee80211_hdr *hdr;
1921 ifsta = &sdata->u.sta;
1922 2089
1923 if (!ifsta->probe_resp) 2090 if (!ifibss->probe_resp)
1924 goto out; 2091 goto out;
1925 2092
1926 skb = skb_copy(ifsta->probe_resp, GFP_ATOMIC); 2093 skb = skb_copy(ifibss->probe_resp, GFP_ATOMIC);
1927 if (!skb) 2094 if (!skb)
1928 goto out; 2095 goto out;
1929 2096
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index fb89e1d0aa03..fdf432f14554 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -41,6 +41,15 @@ const unsigned char rfc1042_header[] __aligned(2) =
41const unsigned char bridge_tunnel_header[] __aligned(2) = 41const unsigned char bridge_tunnel_header[] __aligned(2) =
42 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 }; 42 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
43 43
44struct ieee80211_hw *wiphy_to_ieee80211_hw(struct wiphy *wiphy)
45{
46 struct ieee80211_local *local;
47 BUG_ON(!wiphy);
48
49 local = wiphy_priv(wiphy);
50 return &local->hw;
51}
52EXPORT_SYMBOL(wiphy_to_ieee80211_hw);
44 53
45u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len, 54u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len,
46 enum nl80211_iftype type) 55 enum nl80211_iftype type)
@@ -157,18 +166,13 @@ int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr)
157 166
158void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx) 167void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx)
159{ 168{
160 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data; 169 struct sk_buff *skb = tx->skb;
170 struct ieee80211_hdr *hdr;
161 171
162 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 172 do {
163 if (tx->extra_frag) { 173 hdr = (struct ieee80211_hdr *) skb->data;
164 struct ieee80211_hdr *fhdr; 174 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
165 int i; 175 } while ((skb = skb->next));
166 for (i = 0; i < tx->num_extra_frag; i++) {
167 fhdr = (struct ieee80211_hdr *)
168 tx->extra_frag[i]->data;
169 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
170 }
171 }
172} 176}
173 177
174int ieee80211_frame_duration(struct ieee80211_local *local, size_t len, 178int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
@@ -335,21 +339,21 @@ static void __ieee80211_wake_queue(struct ieee80211_hw *hw, int queue,
335{ 339{
336 struct ieee80211_local *local = hw_to_local(hw); 340 struct ieee80211_local *local = hw_to_local(hw);
337 341
338 /* we don't need to track ampdu queues */ 342 if (WARN_ON(queue >= hw->queues))
339 if (queue < ieee80211_num_regular_queues(hw)) { 343 return;
340 __clear_bit(reason, &local->queue_stop_reasons[queue]);
341 344
342 if (local->queue_stop_reasons[queue] != 0) 345 __clear_bit(reason, &local->queue_stop_reasons[queue]);
343 /* someone still has this queue stopped */
344 return;
345 }
346 346
347 if (test_bit(queue, local->queues_pending)) { 347 if (!skb_queue_empty(&local->pending[queue]) &&
348 set_bit(queue, local->queues_pending_run); 348 local->queue_stop_reasons[queue] ==
349 BIT(IEEE80211_QUEUE_STOP_REASON_PENDING))
349 tasklet_schedule(&local->tx_pending_tasklet); 350 tasklet_schedule(&local->tx_pending_tasklet);
350 } else { 351
351 netif_wake_subqueue(local->mdev, queue); 352 if (local->queue_stop_reasons[queue] != 0)
352 } 353 /* someone still has this queue stopped */
354 return;
355
356 netif_wake_subqueue(local->mdev, queue);
353} 357}
354 358
355void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue, 359void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue,
@@ -375,11 +379,18 @@ static void __ieee80211_stop_queue(struct ieee80211_hw *hw, int queue,
375{ 379{
376 struct ieee80211_local *local = hw_to_local(hw); 380 struct ieee80211_local *local = hw_to_local(hw);
377 381
378 /* we don't need to track ampdu queues */ 382 if (WARN_ON(queue >= hw->queues))
379 if (queue < ieee80211_num_regular_queues(hw)) 383 return;
380 __set_bit(reason, &local->queue_stop_reasons[queue]); 384
385 /*
386 * Only stop if it was previously running, this is necessary
387 * for correct pending packets handling because there we may
388 * start (but not wake) the queue and rely on that.
389 */
390 if (!local->queue_stop_reasons[queue])
391 netif_stop_subqueue(local->mdev, queue);
381 392
382 netif_stop_subqueue(local->mdev, queue); 393 __set_bit(reason, &local->queue_stop_reasons[queue]);
383} 394}
384 395
385void ieee80211_stop_queue_by_reason(struct ieee80211_hw *hw, int queue, 396void ieee80211_stop_queue_by_reason(struct ieee80211_hw *hw, int queue,
@@ -409,7 +420,7 @@ void ieee80211_stop_queues_by_reason(struct ieee80211_hw *hw,
409 420
410 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 421 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
411 422
412 for (i = 0; i < ieee80211_num_queues(hw); i++) 423 for (i = 0; i < hw->queues; i++)
413 __ieee80211_stop_queue(hw, i, reason); 424 __ieee80211_stop_queue(hw, i, reason);
414 425
415 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 426 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
@@ -425,6 +436,10 @@ EXPORT_SYMBOL(ieee80211_stop_queues);
425int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue) 436int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue)
426{ 437{
427 struct ieee80211_local *local = hw_to_local(hw); 438 struct ieee80211_local *local = hw_to_local(hw);
439
440 if (WARN_ON(queue >= hw->queues))
441 return true;
442
428 return __netif_subqueue_stopped(local->mdev, queue); 443 return __netif_subqueue_stopped(local->mdev, queue);
429} 444}
430EXPORT_SYMBOL(ieee80211_queue_stopped); 445EXPORT_SYMBOL(ieee80211_queue_stopped);
@@ -438,7 +453,7 @@ void ieee80211_wake_queues_by_reason(struct ieee80211_hw *hw,
438 453
439 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 454 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
440 455
441 for (i = 0; i < hw->queues + hw->ampdu_queues; i++) 456 for (i = 0; i < hw->queues; i++)
442 __ieee80211_wake_queue(hw, i, reason); 457 __ieee80211_wake_queue(hw, i, reason);
443 458
444 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 459 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
@@ -459,7 +474,7 @@ void ieee80211_iterate_active_interfaces(
459 struct ieee80211_local *local = hw_to_local(hw); 474 struct ieee80211_local *local = hw_to_local(hw);
460 struct ieee80211_sub_if_data *sdata; 475 struct ieee80211_sub_if_data *sdata;
461 476
462 rtnl_lock(); 477 mutex_lock(&local->iflist_mtx);
463 478
464 list_for_each_entry(sdata, &local->interfaces, list) { 479 list_for_each_entry(sdata, &local->interfaces, list) {
465 switch (sdata->vif.type) { 480 switch (sdata->vif.type) {
@@ -480,7 +495,7 @@ void ieee80211_iterate_active_interfaces(
480 &sdata->vif); 495 &sdata->vif);
481 } 496 }
482 497
483 rtnl_unlock(); 498 mutex_unlock(&local->iflist_mtx);
484} 499}
485EXPORT_SYMBOL_GPL(ieee80211_iterate_active_interfaces); 500EXPORT_SYMBOL_GPL(ieee80211_iterate_active_interfaces);
486 501
@@ -653,6 +668,10 @@ void ieee802_11_parse_elems(u8 *start, size_t len,
653 elems->pwr_constr_elem = pos; 668 elems->pwr_constr_elem = pos;
654 elems->pwr_constr_elem_len = elen; 669 elems->pwr_constr_elem_len = elen;
655 break; 670 break;
671 case WLAN_EID_TIMEOUT_INTERVAL:
672 elems->timeout_int = pos;
673 elems->timeout_int_len = elen;
674 break;
656 default: 675 default:
657 break; 676 break;
658 } 677 }
@@ -688,6 +707,27 @@ void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata)
688 local->ops->conf_tx(local_to_hw(local), i, &qparam); 707 local->ops->conf_tx(local_to_hw(local), i, &qparam);
689} 708}
690 709
710void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
711 const size_t supp_rates_len,
712 const u8 *supp_rates)
713{
714 struct ieee80211_local *local = sdata->local;
715 int i, have_higher_than_11mbit = 0;
716
717 /* cf. IEEE 802.11 9.2.12 */
718 for (i = 0; i < supp_rates_len; i++)
719 if ((supp_rates[i] & 0x7f) * 5 > 110)
720 have_higher_than_11mbit = 1;
721
722 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
723 have_higher_than_11mbit)
724 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
725 else
726 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
727
728 ieee80211_set_wmm_default(sdata);
729}
730
691void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 731void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
692 int encrypt) 732 int encrypt)
693{ 733{
@@ -727,12 +767,12 @@ int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freqMHz)
727 return ret; 767 return ret;
728} 768}
729 769
730u64 ieee80211_mandatory_rates(struct ieee80211_local *local, 770u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
731 enum ieee80211_band band) 771 enum ieee80211_band band)
732{ 772{
733 struct ieee80211_supported_band *sband; 773 struct ieee80211_supported_band *sband;
734 struct ieee80211_rate *bitrates; 774 struct ieee80211_rate *bitrates;
735 u64 mandatory_rates; 775 u32 mandatory_rates;
736 enum ieee80211_rate_flags mandatory_flag; 776 enum ieee80211_rate_flags mandatory_flag;
737 int i; 777 int i;
738 778
@@ -754,3 +794,140 @@ u64 ieee80211_mandatory_rates(struct ieee80211_local *local,
754 mandatory_rates |= BIT(i); 794 mandatory_rates |= BIT(i);
755 return mandatory_rates; 795 return mandatory_rates;
756} 796}
797
798void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
799 u16 transaction, u16 auth_alg,
800 u8 *extra, size_t extra_len,
801 const u8 *bssid, int encrypt)
802{
803 struct ieee80211_local *local = sdata->local;
804 struct sk_buff *skb;
805 struct ieee80211_mgmt *mgmt;
806
807 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
808 sizeof(*mgmt) + 6 + extra_len);
809 if (!skb) {
810 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
811 "frame\n", sdata->dev->name);
812 return;
813 }
814 skb_reserve(skb, local->hw.extra_tx_headroom);
815
816 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
817 memset(mgmt, 0, 24 + 6);
818 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
819 IEEE80211_STYPE_AUTH);
820 if (encrypt)
821 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
822 memcpy(mgmt->da, bssid, ETH_ALEN);
823 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
824 memcpy(mgmt->bssid, bssid, ETH_ALEN);
825 mgmt->u.auth.auth_alg = cpu_to_le16(auth_alg);
826 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
827 mgmt->u.auth.status_code = cpu_to_le16(0);
828 if (extra)
829 memcpy(skb_put(skb, extra_len), extra, extra_len);
830
831 ieee80211_tx_skb(sdata, skb, encrypt);
832}
833
834void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
835 u8 *ssid, size_t ssid_len,
836 u8 *ie, size_t ie_len)
837{
838 struct ieee80211_local *local = sdata->local;
839 struct ieee80211_supported_band *sband;
840 struct sk_buff *skb;
841 struct ieee80211_mgmt *mgmt;
842 u8 *pos, *supp_rates, *esupp_rates = NULL;
843 int i;
844
845 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 +
846 ie_len);
847 if (!skb) {
848 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
849 "request\n", sdata->dev->name);
850 return;
851 }
852 skb_reserve(skb, local->hw.extra_tx_headroom);
853
854 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
855 memset(mgmt, 0, 24);
856 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
857 IEEE80211_STYPE_PROBE_REQ);
858 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
859 if (dst) {
860 memcpy(mgmt->da, dst, ETH_ALEN);
861 memcpy(mgmt->bssid, dst, ETH_ALEN);
862 } else {
863 memset(mgmt->da, 0xff, ETH_ALEN);
864 memset(mgmt->bssid, 0xff, ETH_ALEN);
865 }
866 pos = skb_put(skb, 2 + ssid_len);
867 *pos++ = WLAN_EID_SSID;
868 *pos++ = ssid_len;
869 memcpy(pos, ssid, ssid_len);
870
871 supp_rates = skb_put(skb, 2);
872 supp_rates[0] = WLAN_EID_SUPP_RATES;
873 supp_rates[1] = 0;
874 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
875
876 for (i = 0; i < sband->n_bitrates; i++) {
877 struct ieee80211_rate *rate = &sband->bitrates[i];
878 if (esupp_rates) {
879 pos = skb_put(skb, 1);
880 esupp_rates[1]++;
881 } else if (supp_rates[1] == 8) {
882 esupp_rates = skb_put(skb, 3);
883 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
884 esupp_rates[1] = 1;
885 pos = &esupp_rates[2];
886 } else {
887 pos = skb_put(skb, 1);
888 supp_rates[1]++;
889 }
890 *pos = rate->bitrate / 5;
891 }
892
893 if (ie)
894 memcpy(skb_put(skb, ie_len), ie, ie_len);
895
896 ieee80211_tx_skb(sdata, skb, 0);
897}
898
899u32 ieee80211_sta_get_rates(struct ieee80211_local *local,
900 struct ieee802_11_elems *elems,
901 enum ieee80211_band band)
902{
903 struct ieee80211_supported_band *sband;
904 struct ieee80211_rate *bitrates;
905 size_t num_rates;
906 u32 supp_rates;
907 int i, j;
908 sband = local->hw.wiphy->bands[band];
909
910 if (!sband) {
911 WARN_ON(1);
912 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
913 }
914
915 bitrates = sband->bitrates;
916 num_rates = sband->n_bitrates;
917 supp_rates = 0;
918 for (i = 0; i < elems->supp_rates_len +
919 elems->ext_supp_rates_len; i++) {
920 u8 rate = 0;
921 int own_rate;
922 if (i < elems->supp_rates_len)
923 rate = elems->supp_rates[i];
924 else if (elems->ext_supp_rates)
925 rate = elems->ext_supp_rates
926 [i - elems->supp_rates_len];
927 own_rate = 5 * (rate & 0x7f);
928 for (j = 0; j < num_rates; j++)
929 if (bitrates[j].bitrate == own_rate)
930 supp_rates |= BIT(j);
931 }
932 return supp_rates;
933}
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index 7043ddc75498..ef73105b3061 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -329,24 +329,17 @@ static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
329ieee80211_tx_result 329ieee80211_tx_result
330ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx) 330ieee80211_crypto_wep_encrypt(struct ieee80211_tx_data *tx)
331{ 331{
332 int i; 332 struct sk_buff *skb;
333 333
334 ieee80211_tx_set_protected(tx); 334 ieee80211_tx_set_protected(tx);
335 335
336 if (wep_encrypt_skb(tx, tx->skb) < 0) { 336 skb = tx->skb;
337 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep); 337 do {
338 return TX_DROP; 338 if (wep_encrypt_skb(tx, skb) < 0) {
339 } 339 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep);
340 340 return TX_DROP;
341 if (tx->extra_frag) {
342 for (i = 0; i < tx->num_extra_frag; i++) {
343 if (wep_encrypt_skb(tx, tx->extra_frag[i])) {
344 I802_DEBUG_INC(tx->local->
345 tx_handlers_drop_wep);
346 return TX_DROP;
347 }
348 } 341 }
349 } 342 } while ((skb = skb->next));
350 343
351 return TX_CONTINUE; 344 return TX_CONTINUE;
352} 345}
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index 7162d5816f39..deb4ecec122a 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -37,7 +37,14 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
37 struct ieee80211_key *key; 37 struct ieee80211_key *key;
38 int err; 38 int err;
39 39
40 if (idx < 0 || idx >= NUM_DEFAULT_KEYS) { 40 if (alg == ALG_AES_CMAC) {
41 if (idx < NUM_DEFAULT_KEYS ||
42 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
43 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d "
44 "(BIP)\n", sdata->dev->name, idx);
45 return -EINVAL;
46 }
47 } else if (idx < 0 || idx >= NUM_DEFAULT_KEYS) {
41 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n", 48 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
42 sdata->dev->name, idx); 49 sdata->dev->name, idx);
43 return -EINVAL; 50 return -EINVAL;
@@ -103,6 +110,9 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
103 110
104 if (set_tx_key || (!sta && !sdata->default_key && key)) 111 if (set_tx_key || (!sta && !sdata->default_key && key))
105 ieee80211_set_default_key(sdata, idx); 112 ieee80211_set_default_key(sdata, idx);
113 if (alg == ALG_AES_CMAC &&
114 (set_tx_key || (!sta && !sdata->default_mgmt_key && key)))
115 ieee80211_set_default_mgmt_key(sdata, idx);
106 } 116 }
107 117
108 out_unlock: 118 out_unlock:
@@ -119,125 +129,38 @@ static int ieee80211_ioctl_siwgenie(struct net_device *dev,
119 129
120 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 130 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
121 131
122 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) 132 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
123 return -EOPNOTSUPP;
124
125 if (sdata->vif.type == NL80211_IFTYPE_STATION ||
126 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
127 int ret = ieee80211_sta_set_extra_ie(sdata, extra, data->length); 133 int ret = ieee80211_sta_set_extra_ie(sdata, extra, data->length);
128 if (ret) 134 if (ret)
129 return ret; 135 return ret;
130 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL; 136 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
131 ieee80211_sta_req_auth(sdata, &sdata->u.sta); 137 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
138 ieee80211_sta_req_auth(sdata);
132 return 0; 139 return 0;
133 } 140 }
134 141
135 return -EOPNOTSUPP; 142 return -EOPNOTSUPP;
136} 143}
137 144
138static int ieee80211_ioctl_giwrange(struct net_device *dev,
139 struct iw_request_info *info,
140 struct iw_point *data, char *extra)
141{
142 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
143 struct iw_range *range = (struct iw_range *) extra;
144 enum ieee80211_band band;
145 int c = 0;
146
147 data->length = sizeof(struct iw_range);
148 memset(range, 0, sizeof(struct iw_range));
149
150 range->we_version_compiled = WIRELESS_EXT;
151 range->we_version_source = 21;
152 range->retry_capa = IW_RETRY_LIMIT;
153 range->retry_flags = IW_RETRY_LIMIT;
154 range->min_retry = 0;
155 range->max_retry = 255;
156 range->min_rts = 0;
157 range->max_rts = 2347;
158 range->min_frag = 256;
159 range->max_frag = 2346;
160
161 range->encoding_size[0] = 5;
162 range->encoding_size[1] = 13;
163 range->num_encoding_sizes = 2;
164 range->max_encoding_tokens = NUM_DEFAULT_KEYS;
165
166 if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC ||
167 local->hw.flags & IEEE80211_HW_SIGNAL_DB)
168 range->max_qual.level = local->hw.max_signal;
169 else if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
170 range->max_qual.level = -110;
171 else
172 range->max_qual.level = 0;
173
174 if (local->hw.flags & IEEE80211_HW_NOISE_DBM)
175 range->max_qual.noise = -110;
176 else
177 range->max_qual.noise = 0;
178
179 range->max_qual.qual = 100;
180 range->max_qual.updated = local->wstats_flags;
181
182 range->avg_qual.qual = 50;
183 /* not always true but better than nothing */
184 range->avg_qual.level = range->max_qual.level / 2;
185 range->avg_qual.noise = range->max_qual.noise / 2;
186 range->avg_qual.updated = local->wstats_flags;
187
188 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
189 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;
190
191
192 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) {
193 int i;
194 struct ieee80211_supported_band *sband;
195
196 sband = local->hw.wiphy->bands[band];
197
198 if (!sband)
199 continue;
200
201 for (i = 0; i < sband->n_channels && c < IW_MAX_FREQUENCIES; i++) {
202 struct ieee80211_channel *chan = &sband->channels[i];
203
204 if (!(chan->flags & IEEE80211_CHAN_DISABLED)) {
205 range->freq[c].i =
206 ieee80211_frequency_to_channel(
207 chan->center_freq);
208 range->freq[c].m = chan->center_freq;
209 range->freq[c].e = 6;
210 c++;
211 }
212 }
213 }
214 range->num_channels = c;
215 range->num_frequency = c;
216
217 IW_EVENT_CAPA_SET_KERNEL(range->event_capa);
218 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
219 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
220
221 range->scan_capa |= IW_SCAN_CAPA_ESSID;
222
223 return 0;
224}
225
226
227static int ieee80211_ioctl_siwfreq(struct net_device *dev, 145static int ieee80211_ioctl_siwfreq(struct net_device *dev,
228 struct iw_request_info *info, 146 struct iw_request_info *info,
229 struct iw_freq *freq, char *extra) 147 struct iw_freq *freq, char *extra)
230{ 148{
231 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 149 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
232 150
233 if (sdata->vif.type == NL80211_IFTYPE_STATION) 151 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
234 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL; 152 sdata->u.ibss.flags &= ~IEEE80211_IBSS_AUTO_CHANNEL_SEL;
153 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
154 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL;
235 155
236 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */ 156 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */
237 if (freq->e == 0) { 157 if (freq->e == 0) {
238 if (freq->m < 0) { 158 if (freq->m < 0) {
239 if (sdata->vif.type == NL80211_IFTYPE_STATION) 159 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
240 sdata->u.sta.flags |= 160 sdata->u.ibss.flags |=
161 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
162 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
163 sdata->u.mgd.flags |=
241 IEEE80211_STA_AUTO_CHANNEL_SEL; 164 IEEE80211_STA_AUTO_CHANNEL_SEL;
242 return 0; 165 return 0;
243 } else 166 } else
@@ -274,32 +197,28 @@ static int ieee80211_ioctl_siwessid(struct net_device *dev,
274{ 197{
275 struct ieee80211_sub_if_data *sdata; 198 struct ieee80211_sub_if_data *sdata;
276 size_t len = data->length; 199 size_t len = data->length;
200 int ret;
277 201
278 /* iwconfig uses nul termination in SSID.. */ 202 /* iwconfig uses nul termination in SSID.. */
279 if (len > 0 && ssid[len - 1] == '\0') 203 if (len > 0 && ssid[len - 1] == '\0')
280 len--; 204 len--;
281 205
282 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 206 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
283 if (sdata->vif.type == NL80211_IFTYPE_STATION || 207 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
284 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
285 int ret;
286 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) {
287 if (len > IEEE80211_MAX_SSID_LEN)
288 return -EINVAL;
289 memcpy(sdata->u.sta.ssid, ssid, len);
290 sdata->u.sta.ssid_len = len;
291 return 0;
292 }
293 if (data->flags) 208 if (data->flags)
294 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_SSID_SEL; 209 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
295 else 210 else
296 sdata->u.sta.flags |= IEEE80211_STA_AUTO_SSID_SEL; 211 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
212
297 ret = ieee80211_sta_set_ssid(sdata, ssid, len); 213 ret = ieee80211_sta_set_ssid(sdata, ssid, len);
298 if (ret) 214 if (ret)
299 return ret; 215 return ret;
300 ieee80211_sta_req_auth(sdata, &sdata->u.sta); 216
217 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
218 ieee80211_sta_req_auth(sdata);
301 return 0; 219 return 0;
302 } 220 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
221 return ieee80211_ibss_set_ssid(sdata, ssid, len);
303 222
304 return -EOPNOTSUPP; 223 return -EOPNOTSUPP;
305} 224}
@@ -313,8 +232,7 @@ static int ieee80211_ioctl_giwessid(struct net_device *dev,
313 232
314 struct ieee80211_sub_if_data *sdata; 233 struct ieee80211_sub_if_data *sdata;
315 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 234 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
316 if (sdata->vif.type == NL80211_IFTYPE_STATION || 235 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
317 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
318 int res = ieee80211_sta_get_ssid(sdata, ssid, &len); 236 int res = ieee80211_sta_get_ssid(sdata, ssid, &len);
319 if (res == 0) { 237 if (res == 0) {
320 data->length = len; 238 data->length = len;
@@ -322,6 +240,14 @@ static int ieee80211_ioctl_giwessid(struct net_device *dev,
322 } else 240 } else
323 data->flags = 0; 241 data->flags = 0;
324 return res; 242 return res;
243 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
244 int res = ieee80211_ibss_get_ssid(sdata, ssid, &len);
245 if (res == 0) {
246 data->length = len;
247 data->flags = 1;
248 } else
249 data->flags = 0;
250 return res;
325 } 251 }
326 252
327 return -EOPNOTSUPP; 253 return -EOPNOTSUPP;
@@ -335,26 +261,32 @@ static int ieee80211_ioctl_siwap(struct net_device *dev,
335 struct ieee80211_sub_if_data *sdata; 261 struct ieee80211_sub_if_data *sdata;
336 262
337 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 263 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
338 if (sdata->vif.type == NL80211_IFTYPE_STATION || 264 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
339 sdata->vif.type == NL80211_IFTYPE_ADHOC) {
340 int ret; 265 int ret;
341 if (sdata->flags & IEEE80211_SDATA_USERSPACE_MLME) { 266
342 memcpy(sdata->u.sta.bssid, (u8 *) &ap_addr->sa_data,
343 ETH_ALEN);
344 return 0;
345 }
346 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data)) 267 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data))
347 sdata->u.sta.flags |= IEEE80211_STA_AUTO_BSSID_SEL | 268 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL |
348 IEEE80211_STA_AUTO_CHANNEL_SEL; 269 IEEE80211_STA_AUTO_CHANNEL_SEL;
349 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data)) 270 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
350 sdata->u.sta.flags |= IEEE80211_STA_AUTO_BSSID_SEL; 271 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL;
351 else 272 else
352 sdata->u.sta.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL; 273 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
353 ret = ieee80211_sta_set_bssid(sdata, (u8 *) &ap_addr->sa_data); 274 ret = ieee80211_sta_set_bssid(sdata, (u8 *) &ap_addr->sa_data);
354 if (ret) 275 if (ret)
355 return ret; 276 return ret;
356 ieee80211_sta_req_auth(sdata, &sdata->u.sta); 277 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
278 ieee80211_sta_req_auth(sdata);
357 return 0; 279 return 0;
280 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
281 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data))
282 sdata->u.ibss.flags |= IEEE80211_IBSS_AUTO_BSSID_SEL |
283 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
284 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
285 sdata->u.ibss.flags |= IEEE80211_IBSS_AUTO_BSSID_SEL;
286 else
287 sdata->u.ibss.flags &= ~IEEE80211_IBSS_AUTO_BSSID_SEL;
288
289 return ieee80211_ibss_set_bssid(sdata, (u8 *) &ap_addr->sa_data);
358 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) { 290 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
359 /* 291 /*
360 * If it is necessary to update the WDS peer address 292 * If it is necessary to update the WDS peer address
@@ -383,17 +315,20 @@ static int ieee80211_ioctl_giwap(struct net_device *dev,
383 struct ieee80211_sub_if_data *sdata; 315 struct ieee80211_sub_if_data *sdata;
384 316
385 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 317 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
386 if (sdata->vif.type == NL80211_IFTYPE_STATION || 318 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
387 sdata->vif.type == NL80211_IFTYPE_ADHOC) { 319 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATED) {
388 if (sdata->u.sta.state == IEEE80211_STA_MLME_ASSOCIATED ||
389 sdata->u.sta.state == IEEE80211_STA_MLME_IBSS_JOINED) {
390 ap_addr->sa_family = ARPHRD_ETHER; 320 ap_addr->sa_family = ARPHRD_ETHER;
391 memcpy(&ap_addr->sa_data, sdata->u.sta.bssid, ETH_ALEN); 321 memcpy(&ap_addr->sa_data, sdata->u.mgd.bssid, ETH_ALEN);
392 return 0; 322 } else
393 } else {
394 memset(&ap_addr->sa_data, 0, ETH_ALEN); 323 memset(&ap_addr->sa_data, 0, ETH_ALEN);
395 return 0; 324 return 0;
396 } 325 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
326 if (sdata->u.ibss.state == IEEE80211_IBSS_MLME_JOINED) {
327 ap_addr->sa_family = ARPHRD_ETHER;
328 memcpy(&ap_addr->sa_data, sdata->u.ibss.bssid, ETH_ALEN);
329 } else
330 memset(&ap_addr->sa_data, 0, ETH_ALEN);
331 return 0;
397 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) { 332 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
398 ap_addr->sa_family = ARPHRD_ETHER; 333 ap_addr->sa_family = ARPHRD_ETHER;
399 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN); 334 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN);
@@ -404,58 +339,6 @@ static int ieee80211_ioctl_giwap(struct net_device *dev,
404} 339}
405 340
406 341
407static int ieee80211_ioctl_siwscan(struct net_device *dev,
408 struct iw_request_info *info,
409 union iwreq_data *wrqu, char *extra)
410{
411 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
412 struct iw_scan_req *req = NULL;
413 u8 *ssid = NULL;
414 size_t ssid_len = 0;
415
416 if (!netif_running(dev))
417 return -ENETDOWN;
418
419 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
420 sdata->vif.type != NL80211_IFTYPE_ADHOC &&
421 sdata->vif.type != NL80211_IFTYPE_MESH_POINT)
422 return -EOPNOTSUPP;
423
424 /* if SSID was specified explicitly then use that */
425 if (wrqu->data.length == sizeof(struct iw_scan_req) &&
426 wrqu->data.flags & IW_SCAN_THIS_ESSID) {
427 req = (struct iw_scan_req *)extra;
428 ssid = req->essid;
429 ssid_len = req->essid_len;
430 }
431
432 return ieee80211_request_scan(sdata, ssid, ssid_len);
433}
434
435
436static int ieee80211_ioctl_giwscan(struct net_device *dev,
437 struct iw_request_info *info,
438 struct iw_point *data, char *extra)
439{
440 int res;
441 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
442 struct ieee80211_sub_if_data *sdata;
443
444 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
445
446 if (local->sw_scanning || local->hw_scanning)
447 return -EAGAIN;
448
449 res = ieee80211_scan_results(local, info, extra, data->length);
450 if (res >= 0) {
451 data->length = res;
452 return 0;
453 }
454 data->length = 0;
455 return res;
456}
457
458
459static int ieee80211_ioctl_siwrate(struct net_device *dev, 342static int ieee80211_ioctl_siwrate(struct net_device *dev,
460 struct iw_request_info *info, 343 struct iw_request_info *info,
461 struct iw_param *rate, char *extra) 344 struct iw_param *rate, char *extra)
@@ -511,7 +394,7 @@ static int ieee80211_ioctl_giwrate(struct net_device *dev,
511 394
512 rcu_read_lock(); 395 rcu_read_lock();
513 396
514 sta = sta_info_get(local, sdata->u.sta.bssid); 397 sta = sta_info_get(local, sdata->u.mgd.bssid);
515 398
516 if (sta && !(sta->last_tx_rate.flags & IEEE80211_TX_RC_MCS)) 399 if (sta && !(sta->last_tx_rate.flags & IEEE80211_TX_RC_MCS))
517 rate->value = sband->bitrates[sta->last_tx_rate.idx].bitrate; 400 rate->value = sband->bitrates[sta->last_tx_rate.idx].bitrate;
@@ -549,10 +432,9 @@ static int ieee80211_ioctl_siwtxpower(struct net_device *dev,
549 else /* Automatic power level setting */ 432 else /* Automatic power level setting */
550 new_power_level = chan->max_power; 433 new_power_level = chan->max_power;
551 434
552 if (local->hw.conf.power_level != new_power_level) { 435 local->user_power_level = new_power_level;
553 local->hw.conf.power_level = new_power_level; 436 if (local->hw.conf.power_level != new_power_level)
554 reconf_flags |= IEEE80211_CONF_CHANGE_POWER; 437 reconf_flags |= IEEE80211_CONF_CHANGE_POWER;
555 }
556 438
557 if (local->hw.conf.radio_enabled != !(data->txpower.disabled)) { 439 if (local->hw.conf.radio_enabled != !(data->txpower.disabled)) {
558 local->hw.conf.radio_enabled = !(data->txpower.disabled); 440 local->hw.conf.radio_enabled = !(data->txpower.disabled);
@@ -713,8 +595,7 @@ static int ieee80211_ioctl_siwmlme(struct net_device *dev,
713 struct iw_mlme *mlme = (struct iw_mlme *) extra; 595 struct iw_mlme *mlme = (struct iw_mlme *) extra;
714 596
715 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 597 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
716 if (sdata->vif.type != NL80211_IFTYPE_STATION && 598 if (!(sdata->vif.type == NL80211_IFTYPE_STATION))
717 sdata->vif.type != NL80211_IFTYPE_ADHOC)
718 return -EINVAL; 599 return -EINVAL;
719 600
720 switch (mlme->cmd) { 601 switch (mlme->cmd) {
@@ -737,7 +618,7 @@ static int ieee80211_ioctl_siwencode(struct net_device *dev,
737 struct ieee80211_sub_if_data *sdata; 618 struct ieee80211_sub_if_data *sdata;
738 int idx, i, alg = ALG_WEP; 619 int idx, i, alg = ALG_WEP;
739 u8 bcaddr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 620 u8 bcaddr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
740 int remove = 0; 621 int remove = 0, ret;
741 622
742 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 623 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
743 624
@@ -763,11 +644,20 @@ static int ieee80211_ioctl_siwencode(struct net_device *dev,
763 return 0; 644 return 0;
764 } 645 }
765 646
766 return ieee80211_set_encryption( 647 ret = ieee80211_set_encryption(
767 sdata, bcaddr, 648 sdata, bcaddr,
768 idx, alg, remove, 649 idx, alg, remove,
769 !sdata->default_key, 650 !sdata->default_key,
770 keybuf, erq->length); 651 keybuf, erq->length);
652
653 if (!ret) {
654 if (remove)
655 sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
656 else
657 sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
658 }
659
660 return ret;
771} 661}
772 662
773 663
@@ -810,8 +700,7 @@ static int ieee80211_ioctl_giwencode(struct net_device *dev,
810 erq->flags |= IW_ENCODE_ENABLED; 700 erq->flags |= IW_ENCODE_ENABLED;
811 701
812 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 702 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
813 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 703 switch (sdata->u.mgd.auth_alg) {
814 switch (ifsta->auth_alg) {
815 case WLAN_AUTH_OPEN: 704 case WLAN_AUTH_OPEN:
816 case WLAN_AUTH_LEAP: 705 case WLAN_AUTH_LEAP:
817 erq->flags |= IW_ENCODE_OPEN; 706 erq->flags |= IW_ENCODE_OPEN;
@@ -836,6 +725,9 @@ static int ieee80211_ioctl_siwpower(struct net_device *dev,
836 int ret = 0, timeout = 0; 725 int ret = 0, timeout = 0;
837 bool ps; 726 bool ps;
838 727
728 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
729 return -EOPNOTSUPP;
730
839 if (sdata->vif.type != NL80211_IFTYPE_STATION) 731 if (sdata->vif.type != NL80211_IFTYPE_STATION)
840 return -EINVAL; 732 return -EINVAL;
841 733
@@ -852,31 +744,49 @@ static int ieee80211_ioctl_siwpower(struct net_device *dev,
852 ps = true; 744 ps = true;
853 break; 745 break;
854 default: /* Otherwise we ignore */ 746 default: /* Otherwise we ignore */
855 break; 747 return -EINVAL;
856 } 748 }
857 749
750 if (wrq->flags & ~(IW_POWER_MODE | IW_POWER_TIMEOUT))
751 return -EINVAL;
752
858 if (wrq->flags & IW_POWER_TIMEOUT) 753 if (wrq->flags & IW_POWER_TIMEOUT)
859 timeout = wrq->value / 1000; 754 timeout = wrq->value / 1000;
860 755
861set: 756 set:
862 if (ps == local->powersave && timeout == local->dynamic_ps_timeout) 757 if (ps == local->powersave && timeout == conf->dynamic_ps_timeout)
863 return ret; 758 return ret;
864 759
865 local->powersave = ps; 760 local->powersave = ps;
866 local->dynamic_ps_timeout = timeout; 761 conf->dynamic_ps_timeout = timeout;
867 762
868 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) { 763 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
869 if (!(local->hw.flags & IEEE80211_HW_NO_STACK_DYNAMIC_PS) && 764 ret = ieee80211_hw_config(local,
870 local->dynamic_ps_timeout > 0) 765 IEEE80211_CONF_CHANGE_DYNPS_TIMEOUT);
871 mod_timer(&local->dynamic_ps_timer, jiffies + 766
872 msecs_to_jiffies(local->dynamic_ps_timeout)); 767 if (!(sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED))
873 else { 768 return ret;
874 if (local->powersave) 769
875 conf->flags |= IEEE80211_CONF_PS; 770 if (conf->dynamic_ps_timeout > 0 &&
876 else 771 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
877 conf->flags &= ~IEEE80211_CONF_PS; 772 mod_timer(&local->dynamic_ps_timer, jiffies +
773 msecs_to_jiffies(conf->dynamic_ps_timeout));
774 } else {
775 if (local->powersave) {
776 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
777 ieee80211_send_nullfunc(local, sdata, 1);
778 conf->flags |= IEEE80211_CONF_PS;
779 ret = ieee80211_hw_config(local,
780 IEEE80211_CONF_CHANGE_PS);
781 } else {
782 conf->flags &= ~IEEE80211_CONF_PS;
783 ret = ieee80211_hw_config(local,
784 IEEE80211_CONF_CHANGE_PS);
785 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
786 ieee80211_send_nullfunc(local, sdata, 0);
787 del_timer_sync(&local->dynamic_ps_timer);
788 cancel_work_sync(&local->dynamic_ps_enable_work);
878 } 789 }
879 ret = ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
880 } 790 }
881 791
882 return ret; 792 return ret;
@@ -903,11 +813,22 @@ static int ieee80211_ioctl_siwauth(struct net_device *dev,
903 813
904 switch (data->flags & IW_AUTH_INDEX) { 814 switch (data->flags & IW_AUTH_INDEX) {
905 case IW_AUTH_WPA_VERSION: 815 case IW_AUTH_WPA_VERSION:
906 case IW_AUTH_CIPHER_PAIRWISE:
907 case IW_AUTH_CIPHER_GROUP: 816 case IW_AUTH_CIPHER_GROUP:
908 case IW_AUTH_WPA_ENABLED: 817 case IW_AUTH_WPA_ENABLED:
909 case IW_AUTH_RX_UNENCRYPTED_EAPOL: 818 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
910 case IW_AUTH_KEY_MGMT: 819 case IW_AUTH_KEY_MGMT:
820 case IW_AUTH_CIPHER_GROUP_MGMT:
821 break;
822 case IW_AUTH_CIPHER_PAIRWISE:
823 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
824 if (data->value & (IW_AUTH_CIPHER_WEP40 |
825 IW_AUTH_CIPHER_WEP104 | IW_AUTH_CIPHER_TKIP))
826 sdata->u.mgd.flags |=
827 IEEE80211_STA_TKIP_WEP_USED;
828 else
829 sdata->u.mgd.flags &=
830 ~IEEE80211_STA_TKIP_WEP_USED;
831 }
911 break; 832 break;
912 case IW_AUTH_DROP_UNENCRYPTED: 833 case IW_AUTH_DROP_UNENCRYPTED:
913 sdata->drop_unencrypted = !!data->value; 834 sdata->drop_unencrypted = !!data->value;
@@ -916,24 +837,45 @@ static int ieee80211_ioctl_siwauth(struct net_device *dev,
916 if (sdata->vif.type != NL80211_IFTYPE_STATION) 837 if (sdata->vif.type != NL80211_IFTYPE_STATION)
917 ret = -EINVAL; 838 ret = -EINVAL;
918 else { 839 else {
919 sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; 840 sdata->u.mgd.flags &= ~IEEE80211_STA_PRIVACY_INVOKED;
920 /* 841 /*
921 * Privacy invoked by wpa_supplicant, store the 842 * Privacy invoked by wpa_supplicant, store the
922 * value and allow associating to a protected 843 * value and allow associating to a protected
923 * network without having a key up front. 844 * network without having a key up front.
924 */ 845 */
925 if (data->value) 846 if (data->value)
926 sdata->u.sta.flags |= 847 sdata->u.mgd.flags |=
927 IEEE80211_STA_PRIVACY_INVOKED; 848 IEEE80211_STA_PRIVACY_INVOKED;
928 } 849 }
929 break; 850 break;
930 case IW_AUTH_80211_AUTH_ALG: 851 case IW_AUTH_80211_AUTH_ALG:
931 if (sdata->vif.type == NL80211_IFTYPE_STATION || 852 if (sdata->vif.type == NL80211_IFTYPE_STATION)
932 sdata->vif.type == NL80211_IFTYPE_ADHOC) 853 sdata->u.mgd.auth_algs = data->value;
933 sdata->u.sta.auth_algs = data->value;
934 else 854 else
935 ret = -EOPNOTSUPP; 855 ret = -EOPNOTSUPP;
936 break; 856 break;
857 case IW_AUTH_MFP:
858 if (!(sdata->local->hw.flags & IEEE80211_HW_MFP_CAPABLE)) {
859 ret = -EOPNOTSUPP;
860 break;
861 }
862 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
863 switch (data->value) {
864 case IW_AUTH_MFP_DISABLED:
865 sdata->u.mgd.mfp = IEEE80211_MFP_DISABLED;
866 break;
867 case IW_AUTH_MFP_OPTIONAL:
868 sdata->u.mgd.mfp = IEEE80211_MFP_OPTIONAL;
869 break;
870 case IW_AUTH_MFP_REQUIRED:
871 sdata->u.mgd.mfp = IEEE80211_MFP_REQUIRED;
872 break;
873 default:
874 ret = -EINVAL;
875 }
876 } else
877 ret = -EOPNOTSUPP;
878 break;
937 default: 879 default:
938 ret = -EOPNOTSUPP; 880 ret = -EOPNOTSUPP;
939 break; 881 break;
@@ -951,9 +893,9 @@ static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev
951 893
952 rcu_read_lock(); 894 rcu_read_lock();
953 895
954 if (sdata->vif.type == NL80211_IFTYPE_STATION || 896 if (sdata->vif.type == NL80211_IFTYPE_STATION)
955 sdata->vif.type == NL80211_IFTYPE_ADHOC) 897 sta = sta_info_get(local, sdata->u.mgd.bssid);
956 sta = sta_info_get(local, sdata->u.sta.bssid); 898
957 if (!sta) { 899 if (!sta) {
958 wstats->discard.fragment = 0; 900 wstats->discard.fragment = 0;
959 wstats->discard.misc = 0; 901 wstats->discard.misc = 0;
@@ -962,10 +904,45 @@ static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev
962 wstats->qual.noise = 0; 904 wstats->qual.noise = 0;
963 wstats->qual.updated = IW_QUAL_ALL_INVALID; 905 wstats->qual.updated = IW_QUAL_ALL_INVALID;
964 } else { 906 } else {
965 wstats->qual.level = sta->last_signal; 907 wstats->qual.updated = 0;
966 wstats->qual.qual = sta->last_qual; 908 /*
967 wstats->qual.noise = sta->last_noise; 909 * mirror what cfg80211 does for iwrange/scan results,
968 wstats->qual.updated = local->wstats_flags; 910 * otherwise userspace gets confused.
911 */
912 if (local->hw.flags & (IEEE80211_HW_SIGNAL_UNSPEC |
913 IEEE80211_HW_SIGNAL_DBM)) {
914 wstats->qual.updated |= IW_QUAL_LEVEL_UPDATED;
915 wstats->qual.updated |= IW_QUAL_QUAL_UPDATED;
916 } else {
917 wstats->qual.updated |= IW_QUAL_LEVEL_INVALID;
918 wstats->qual.updated |= IW_QUAL_QUAL_INVALID;
919 }
920
921 if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC) {
922 wstats->qual.level = sta->last_signal;
923 wstats->qual.qual = sta->last_signal;
924 } else if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {
925 int sig = sta->last_signal;
926
927 wstats->qual.updated |= IW_QUAL_DBM;
928 wstats->qual.level = sig;
929 if (sig < -110)
930 sig = -110;
931 else if (sig > -40)
932 sig = -40;
933 wstats->qual.qual = sig + 110;
934 }
935
936 if (local->hw.flags & IEEE80211_HW_NOISE_DBM) {
937 /*
938 * This assumes that if driver reports noise, it also
939 * reports signal in dBm.
940 */
941 wstats->qual.noise = sta->last_noise;
942 wstats->qual.updated |= IW_QUAL_NOISE_UPDATED;
943 } else {
944 wstats->qual.updated |= IW_QUAL_NOISE_INVALID;
945 }
969 } 946 }
970 947
971 rcu_read_unlock(); 948 rcu_read_unlock();
@@ -982,9 +959,8 @@ static int ieee80211_ioctl_giwauth(struct net_device *dev,
982 959
983 switch (data->flags & IW_AUTH_INDEX) { 960 switch (data->flags & IW_AUTH_INDEX) {
984 case IW_AUTH_80211_AUTH_ALG: 961 case IW_AUTH_80211_AUTH_ALG:
985 if (sdata->vif.type == NL80211_IFTYPE_STATION || 962 if (sdata->vif.type == NL80211_IFTYPE_STATION)
986 sdata->vif.type == NL80211_IFTYPE_ADHOC) 963 data->value = sdata->u.mgd.auth_algs;
987 data->value = sdata->u.sta.auth_algs;
988 else 964 else
989 ret = -EOPNOTSUPP; 965 ret = -EOPNOTSUPP;
990 break; 966 break;
@@ -1017,6 +993,9 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1017 case IW_ENCODE_ALG_CCMP: 993 case IW_ENCODE_ALG_CCMP:
1018 alg = ALG_CCMP; 994 alg = ALG_CCMP;
1019 break; 995 break;
996 case IW_ENCODE_ALG_AES_CMAC:
997 alg = ALG_AES_CMAC;
998 break;
1020 default: 999 default:
1021 return -EOPNOTSUPP; 1000 return -EOPNOTSUPP;
1022 } 1001 }
@@ -1025,20 +1004,41 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1025 remove = 1; 1004 remove = 1;
1026 1005
1027 idx = erq->flags & IW_ENCODE_INDEX; 1006 idx = erq->flags & IW_ENCODE_INDEX;
1028 if (idx < 1 || idx > 4) { 1007 if (alg == ALG_AES_CMAC) {
1029 idx = -1; 1008 if (idx < NUM_DEFAULT_KEYS + 1 ||
1030 if (!sdata->default_key) 1009 idx > NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
1031 idx = 0; 1010 idx = -1;
1032 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1011 if (!sdata->default_mgmt_key)
1033 if (sdata->default_key == sdata->keys[i]) { 1012 idx = 0;
1034 idx = i; 1013 else for (i = NUM_DEFAULT_KEYS;
1035 break; 1014 i < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS;
1015 i++) {
1016 if (sdata->default_mgmt_key == sdata->keys[i])
1017 {
1018 idx = i;
1019 break;
1020 }
1036 } 1021 }
1037 } 1022 if (idx < 0)
1038 if (idx < 0) 1023 return -EINVAL;
1039 return -EINVAL; 1024 } else
1040 } else 1025 idx--;
1041 idx--; 1026 } else {
1027 if (idx < 1 || idx > 4) {
1028 idx = -1;
1029 if (!sdata->default_key)
1030 idx = 0;
1031 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1032 if (sdata->default_key == sdata->keys[i]) {
1033 idx = i;
1034 break;
1035 }
1036 }
1037 if (idx < 0)
1038 return -EINVAL;
1039 } else
1040 idx--;
1041 }
1042 1042
1043 return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg, 1043 return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg,
1044 remove, 1044 remove,
@@ -1063,7 +1063,7 @@ static const iw_handler ieee80211_handler[] =
1063 (iw_handler) NULL, /* SIOCSIWSENS */ 1063 (iw_handler) NULL, /* SIOCSIWSENS */
1064 (iw_handler) NULL, /* SIOCGIWSENS */ 1064 (iw_handler) NULL, /* SIOCGIWSENS */
1065 (iw_handler) NULL /* not used */, /* SIOCSIWRANGE */ 1065 (iw_handler) NULL /* not used */, /* SIOCSIWRANGE */
1066 (iw_handler) ieee80211_ioctl_giwrange, /* SIOCGIWRANGE */ 1066 (iw_handler) cfg80211_wext_giwrange, /* SIOCGIWRANGE */
1067 (iw_handler) NULL /* not used */, /* SIOCSIWPRIV */ 1067 (iw_handler) NULL /* not used */, /* SIOCSIWPRIV */
1068 (iw_handler) NULL /* kernel code */, /* SIOCGIWPRIV */ 1068 (iw_handler) NULL /* kernel code */, /* SIOCGIWPRIV */
1069 (iw_handler) NULL /* not used */, /* SIOCSIWSTATS */ 1069 (iw_handler) NULL /* not used */, /* SIOCSIWSTATS */
@@ -1076,8 +1076,8 @@ static const iw_handler ieee80211_handler[] =
1076 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */ 1076 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */
1077 (iw_handler) ieee80211_ioctl_siwmlme, /* SIOCSIWMLME */ 1077 (iw_handler) ieee80211_ioctl_siwmlme, /* SIOCSIWMLME */
1078 (iw_handler) NULL, /* SIOCGIWAPLIST */ 1078 (iw_handler) NULL, /* SIOCGIWAPLIST */
1079 (iw_handler) ieee80211_ioctl_siwscan, /* SIOCSIWSCAN */ 1079 (iw_handler) cfg80211_wext_siwscan, /* SIOCSIWSCAN */
1080 (iw_handler) ieee80211_ioctl_giwscan, /* SIOCGIWSCAN */ 1080 (iw_handler) cfg80211_wext_giwscan, /* SIOCGIWSCAN */
1081 (iw_handler) ieee80211_ioctl_siwessid, /* SIOCSIWESSID */ 1081 (iw_handler) ieee80211_ioctl_siwessid, /* SIOCSIWESSID */
1082 (iw_handler) ieee80211_ioctl_giwessid, /* SIOCGIWESSID */ 1082 (iw_handler) ieee80211_ioctl_giwessid, /* SIOCGIWESSID */
1083 (iw_handler) NULL, /* SIOCSIWNICKN */ 1083 (iw_handler) NULL, /* SIOCSIWNICKN */
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index ac71b38f7cb5..0b8ad1f4ecdd 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -99,10 +99,13 @@ static u16 classify80211(struct ieee80211_local *local, struct sk_buff *skb)
99 /* in case we are a client verify acm is not set for this ac */ 99 /* in case we are a client verify acm is not set for this ac */
100 while (unlikely(local->wmm_acm & BIT(skb->priority))) { 100 while (unlikely(local->wmm_acm & BIT(skb->priority))) {
101 if (wme_downgrade_ac(skb)) { 101 if (wme_downgrade_ac(skb)) {
102 /* The old code would drop the packet in this 102 /*
103 * case. 103 * This should not really happen. The AP has marked all
104 * lower ACs to require admission control which is not
105 * a reasonable configuration. Allow the frame to be
106 * transmitted using AC_BK as a workaround.
104 */ 107 */
105 return 0; 108 break;
106 } 109 }
107 } 110 }
108 111
@@ -114,9 +117,7 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
114{ 117{
115 struct ieee80211_master_priv *mpriv = netdev_priv(dev); 118 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
116 struct ieee80211_local *local = mpriv->local; 119 struct ieee80211_local *local = mpriv->local;
117 struct ieee80211_hw *hw = &local->hw;
118 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 120 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
119 struct sta_info *sta;
120 u16 queue; 121 u16 queue;
121 u8 tid; 122 u8 tid;
122 123
@@ -124,29 +125,11 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
124 if (unlikely(queue >= local->hw.queues)) 125 if (unlikely(queue >= local->hw.queues))
125 queue = local->hw.queues - 1; 126 queue = local->hw.queues - 1;
126 127
127 if (skb->requeue) { 128 /*
128 if (!hw->ampdu_queues) 129 * Now we know the 1d priority, fill in the QoS header if
129 return queue; 130 * there is one (and we haven't done this before).
130
131 rcu_read_lock();
132 sta = sta_info_get(local, hdr->addr1);
133 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
134 if (sta) {
135 int ampdu_queue = sta->tid_to_tx_q[tid];
136
137 if ((ampdu_queue < ieee80211_num_queues(hw)) &&
138 test_bit(ampdu_queue, local->queue_pool))
139 queue = ampdu_queue;
140 }
141 rcu_read_unlock();
142
143 return queue;
144 }
145
146 /* Now we know the 1d priority, fill in the QoS header if
147 * there is one.
148 */ 131 */
149 if (ieee80211_is_data_qos(hdr->frame_control)) { 132 if (!skb->requeue && ieee80211_is_data_qos(hdr->frame_control)) {
150 u8 *p = ieee80211_get_qos_ctl(hdr); 133 u8 *p = ieee80211_get_qos_ctl(hdr);
151 u8 ack_policy = 0; 134 u8 ack_policy = 0;
152 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; 135 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
@@ -156,140 +139,7 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
156 /* qos header is 2 bytes, second reserved */ 139 /* qos header is 2 bytes, second reserved */
157 *p++ = ack_policy | tid; 140 *p++ = ack_policy | tid;
158 *p = 0; 141 *p = 0;
159
160 if (!hw->ampdu_queues)
161 return queue;
162
163 rcu_read_lock();
164
165 sta = sta_info_get(local, hdr->addr1);
166 if (sta) {
167 int ampdu_queue = sta->tid_to_tx_q[tid];
168
169 if ((ampdu_queue < ieee80211_num_queues(hw)) &&
170 test_bit(ampdu_queue, local->queue_pool))
171 queue = ampdu_queue;
172 }
173
174 rcu_read_unlock();
175 } 142 }
176 143
177 return queue; 144 return queue;
178} 145}
179
180int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
181 struct sta_info *sta, u16 tid)
182{
183 int i;
184
185 /* XXX: currently broken due to cb/requeue use */
186 return -EPERM;
187
188 /* prepare the filter and save it for the SW queue
189 * matching the received HW queue */
190
191 if (!local->hw.ampdu_queues)
192 return -EPERM;
193
194 /* try to get a Qdisc from the pool */
195 for (i = local->hw.queues; i < ieee80211_num_queues(&local->hw); i++)
196 if (!test_and_set_bit(i, local->queue_pool)) {
197 ieee80211_stop_queue(local_to_hw(local), i);
198 sta->tid_to_tx_q[tid] = i;
199
200 /* IF there are already pending packets
201 * on this tid first we need to drain them
202 * on the previous queue
203 * since HT is strict in order */
204#ifdef CONFIG_MAC80211_HT_DEBUG
205 if (net_ratelimit())
206 printk(KERN_DEBUG "allocated aggregation queue"
207 " %d tid %d addr %pM pool=0x%lX\n",
208 i, tid, sta->sta.addr,
209 local->queue_pool[0]);
210#endif /* CONFIG_MAC80211_HT_DEBUG */
211 return 0;
212 }
213
214 return -EAGAIN;
215}
216
217/**
218 * the caller needs to hold netdev_get_tx_queue(local->mdev, X)->lock
219 */
220void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
221 struct sta_info *sta, u16 tid,
222 u8 requeue)
223{
224 int agg_queue = sta->tid_to_tx_q[tid];
225 struct ieee80211_hw *hw = &local->hw;
226
227 /* return the qdisc to the pool */
228 clear_bit(agg_queue, local->queue_pool);
229 sta->tid_to_tx_q[tid] = ieee80211_num_queues(hw);
230
231 if (requeue) {
232 ieee80211_requeue(local, agg_queue);
233 } else {
234 struct netdev_queue *txq;
235 spinlock_t *root_lock;
236 struct Qdisc *q;
237
238 txq = netdev_get_tx_queue(local->mdev, agg_queue);
239 q = rcu_dereference(txq->qdisc);
240 root_lock = qdisc_lock(q);
241
242 spin_lock_bh(root_lock);
243 qdisc_reset(q);
244 spin_unlock_bh(root_lock);
245 }
246}
247
248void ieee80211_requeue(struct ieee80211_local *local, int queue)
249{
250 struct netdev_queue *txq = netdev_get_tx_queue(local->mdev, queue);
251 struct sk_buff_head list;
252 spinlock_t *root_lock;
253 struct Qdisc *qdisc;
254 u32 len;
255
256 rcu_read_lock_bh();
257
258 qdisc = rcu_dereference(txq->qdisc);
259 if (!qdisc || !qdisc->dequeue)
260 goto out_unlock;
261
262 skb_queue_head_init(&list);
263
264 root_lock = qdisc_root_lock(qdisc);
265 spin_lock(root_lock);
266 for (len = qdisc->q.qlen; len > 0; len--) {
267 struct sk_buff *skb = qdisc->dequeue(qdisc);
268
269 if (skb)
270 __skb_queue_tail(&list, skb);
271 }
272 spin_unlock(root_lock);
273
274 for (len = list.qlen; len > 0; len--) {
275 struct sk_buff *skb = __skb_dequeue(&list);
276 u16 new_queue;
277
278 BUG_ON(!skb);
279 new_queue = ieee80211_select_queue(local->mdev, skb);
280 skb_set_queue_mapping(skb, new_queue);
281
282 txq = netdev_get_tx_queue(local->mdev, new_queue);
283
284
285 qdisc = rcu_dereference(txq->qdisc);
286 root_lock = qdisc_root_lock(qdisc);
287
288 spin_lock(root_lock);
289 qdisc_enqueue_root(skb, qdisc);
290 spin_unlock(root_lock);
291 }
292
293out_unlock:
294 rcu_read_unlock_bh();
295}
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
index bc62f28a4d3d..7520d2e014dc 100644
--- a/net/mac80211/wme.h
+++ b/net/mac80211/wme.h
@@ -21,11 +21,5 @@
21extern const int ieee802_1d_to_ac[8]; 21extern const int ieee802_1d_to_ac[8];
22 22
23u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb); 23u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb);
24int ieee80211_ht_agg_queue_add(struct ieee80211_local *local,
25 struct sta_info *sta, u16 tid);
26void ieee80211_ht_agg_queue_remove(struct ieee80211_local *local,
27 struct sta_info *sta, u16 tid,
28 u8 requeue);
29void ieee80211_requeue(struct ieee80211_local *local, int queue);
30 24
31#endif /* _WME_H */ 25#endif /* _WME_H */
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 7aa63caf8d50..4f8bfea278f2 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -1,5 +1,6 @@
1/* 1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc. 2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 * Copyright 2008, Jouni Malinen <j@w1.fi>
3 * 4 *
4 * This program is free software; you can redistribute it and/or modify 5 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as 6 * it under the terms of the GNU General Public License version 2 as
@@ -19,6 +20,7 @@
19#include "michael.h" 20#include "michael.h"
20#include "tkip.h" 21#include "tkip.h"
21#include "aes_ccm.h" 22#include "aes_ccm.h"
23#include "aes_cmac.h"
22#include "wpa.h" 24#include "wpa.h"
23 25
24ieee80211_tx_result 26ieee80211_tx_result
@@ -194,19 +196,13 @@ ieee80211_tx_result
194ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx) 196ieee80211_crypto_tkip_encrypt(struct ieee80211_tx_data *tx)
195{ 197{
196 struct sk_buff *skb = tx->skb; 198 struct sk_buff *skb = tx->skb;
197 int i;
198 199
199 ieee80211_tx_set_protected(tx); 200 ieee80211_tx_set_protected(tx);
200 201
201 if (tkip_encrypt_skb(tx, skb) < 0) 202 do {
202 return TX_DROP; 203 if (tkip_encrypt_skb(tx, skb) < 0)
203 204 return TX_DROP;
204 if (tx->extra_frag) { 205 } while ((skb = skb->next));
205 for (i = 0; i < tx->num_extra_frag; i++) {
206 if (tkip_encrypt_skb(tx, tx->extra_frag[i]))
207 return TX_DROP;
208 }
209 }
210 206
211 return TX_CONTINUE; 207 return TX_CONTINUE;
212} 208}
@@ -266,7 +262,7 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
266 int encrypted) 262 int encrypted)
267{ 263{
268 __le16 mask_fc; 264 __le16 mask_fc;
269 int a4_included; 265 int a4_included, mgmt;
270 u8 qos_tid; 266 u8 qos_tid;
271 u8 *b_0, *aad; 267 u8 *b_0, *aad;
272 u16 data_len, len_a; 268 u16 data_len, len_a;
@@ -277,12 +273,15 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
277 aad = scratch + 4 * AES_BLOCK_LEN; 273 aad = scratch + 4 * AES_BLOCK_LEN;
278 274
279 /* 275 /*
280 * Mask FC: zero subtype b4 b5 b6 276 * Mask FC: zero subtype b4 b5 b6 (if not mgmt)
281 * Retry, PwrMgt, MoreData; set Protected 277 * Retry, PwrMgt, MoreData; set Protected
282 */ 278 */
279 mgmt = ieee80211_is_mgmt(hdr->frame_control);
283 mask_fc = hdr->frame_control; 280 mask_fc = hdr->frame_control;
284 mask_fc &= ~cpu_to_le16(0x0070 | IEEE80211_FCTL_RETRY | 281 mask_fc &= ~cpu_to_le16(IEEE80211_FCTL_RETRY |
285 IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA); 282 IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA);
283 if (!mgmt)
284 mask_fc &= ~cpu_to_le16(0x0070);
286 mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 285 mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
287 286
288 hdrlen = ieee80211_hdrlen(hdr->frame_control); 287 hdrlen = ieee80211_hdrlen(hdr->frame_control);
@@ -300,8 +299,10 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
300 299
301 /* First block, b_0 */ 300 /* First block, b_0 */
302 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */ 301 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
303 /* Nonce: QoS Priority | A2 | PN */ 302 /* Nonce: Nonce Flags | A2 | PN
304 b_0[1] = qos_tid; 303 * Nonce Flags: Priority (b0..b3) | Management (b4) | Reserved (b5..b7)
304 */
305 b_0[1] = qos_tid | (mgmt << 4);
305 memcpy(&b_0[2], hdr->addr2, ETH_ALEN); 306 memcpy(&b_0[2], hdr->addr2, ETH_ALEN);
306 memcpy(&b_0[8], pn, CCMP_PN_LEN); 307 memcpy(&b_0[8], pn, CCMP_PN_LEN);
307 /* l(m) */ 308 /* l(m) */
@@ -360,9 +361,14 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
360 int hdrlen, len, tail; 361 int hdrlen, len, tail;
361 u8 *pos, *pn; 362 u8 *pos, *pn;
362 int i; 363 int i;
364 bool skip_hw;
365
366 skip_hw = (tx->key->conf.flags & IEEE80211_KEY_FLAG_SW_MGMT) &&
367 ieee80211_is_mgmt(hdr->frame_control);
363 368
364 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && 369 if ((tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) &&
365 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) { 370 !(tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
371 !skip_hw) {
366 /* hwaccel - with no need for preallocated room for CCMP 372 /* hwaccel - with no need for preallocated room for CCMP
367 * header or MIC fields */ 373 * header or MIC fields */
368 info->control.hw_key = &tx->key->conf; 374 info->control.hw_key = &tx->key->conf;
@@ -397,7 +403,7 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
397 403
398 ccmp_pn2hdr(pos, pn, key->conf.keyidx); 404 ccmp_pn2hdr(pos, pn, key->conf.keyidx);
399 405
400 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 406 if ((key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) && !skip_hw) {
401 /* hwaccel - with preallocated room for CCMP header */ 407 /* hwaccel - with preallocated room for CCMP header */
402 info->control.hw_key = &tx->key->conf; 408 info->control.hw_key = &tx->key->conf;
403 return 0; 409 return 0;
@@ -416,19 +422,13 @@ ieee80211_tx_result
416ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx) 422ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
417{ 423{
418 struct sk_buff *skb = tx->skb; 424 struct sk_buff *skb = tx->skb;
419 int i;
420 425
421 ieee80211_tx_set_protected(tx); 426 ieee80211_tx_set_protected(tx);
422 427
423 if (ccmp_encrypt_skb(tx, skb) < 0) 428 do {
424 return TX_DROP; 429 if (ccmp_encrypt_skb(tx, skb) < 0)
425 430 return TX_DROP;
426 if (tx->extra_frag) { 431 } while ((skb = skb->next));
427 for (i = 0; i < tx->num_extra_frag; i++) {
428 if (ccmp_encrypt_skb(tx, tx->extra_frag[i]))
429 return TX_DROP;
430 }
431 }
432 432
433 return TX_CONTINUE; 433 return TX_CONTINUE;
434} 434}
@@ -446,7 +446,8 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
446 446
447 hdrlen = ieee80211_hdrlen(hdr->frame_control); 447 hdrlen = ieee80211_hdrlen(hdr->frame_control);
448 448
449 if (!ieee80211_is_data(hdr->frame_control)) 449 if (!ieee80211_is_data(hdr->frame_control) &&
450 !ieee80211_is_robust_mgmt_frame(hdr))
450 return RX_CONTINUE; 451 return RX_CONTINUE;
451 452
452 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN; 453 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
@@ -485,3 +486,126 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
485 486
486 return RX_CONTINUE; 487 return RX_CONTINUE;
487} 488}
489
490
491static void bip_aad(struct sk_buff *skb, u8 *aad)
492{
493 /* BIP AAD: FC(masked) || A1 || A2 || A3 */
494
495 /* FC type/subtype */
496 aad[0] = skb->data[0];
497 /* Mask FC Retry, PwrMgt, MoreData flags to zero */
498 aad[1] = skb->data[1] & ~(BIT(4) | BIT(5) | BIT(6));
499 /* A1 || A2 || A3 */
500 memcpy(aad + 2, skb->data + 4, 3 * ETH_ALEN);
501}
502
503
504static inline void bip_ipn_swap(u8 *d, const u8 *s)
505{
506 *d++ = s[5];
507 *d++ = s[4];
508 *d++ = s[3];
509 *d++ = s[2];
510 *d++ = s[1];
511 *d = s[0];
512}
513
514
515ieee80211_tx_result
516ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx)
517{
518 struct sk_buff *skb = tx->skb;
519 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
520 struct ieee80211_key *key = tx->key;
521 struct ieee80211_mmie *mmie;
522 u8 *pn, aad[20];
523 int i;
524
525 if (tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
526 /* hwaccel */
527 info->control.hw_key = &tx->key->conf;
528 return 0;
529 }
530
531 if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
532 return TX_DROP;
533
534 mmie = (struct ieee80211_mmie *) skb_put(skb, sizeof(*mmie));
535 mmie->element_id = WLAN_EID_MMIE;
536 mmie->length = sizeof(*mmie) - 2;
537 mmie->key_id = cpu_to_le16(key->conf.keyidx);
538
539 /* PN = PN + 1 */
540 pn = key->u.aes_cmac.tx_pn;
541
542 for (i = sizeof(key->u.aes_cmac.tx_pn) - 1; i >= 0; i--) {
543 pn[i]++;
544 if (pn[i])
545 break;
546 }
547 bip_ipn_swap(mmie->sequence_number, pn);
548
549 bip_aad(skb, aad);
550
551 /*
552 * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64)
553 */
554 ieee80211_aes_cmac(key->u.aes_cmac.tfm, key->u.aes_cmac.tx_crypto_buf,
555 aad, skb->data + 24, skb->len - 24, mmie->mic);
556
557 return TX_CONTINUE;
558}
559
560
561ieee80211_rx_result
562ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
563{
564 struct sk_buff *skb = rx->skb;
565 struct ieee80211_key *key = rx->key;
566 struct ieee80211_mmie *mmie;
567 u8 aad[20], mic[8], ipn[6];
568 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
569
570 if (!ieee80211_is_mgmt(hdr->frame_control))
571 return RX_CONTINUE;
572
573 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
574 (rx->status->flag & RX_FLAG_IV_STRIPPED))
575 return RX_CONTINUE;
576
577 if (skb->len < 24 + sizeof(*mmie))
578 return RX_DROP_UNUSABLE;
579
580 mmie = (struct ieee80211_mmie *)
581 (skb->data + skb->len - sizeof(*mmie));
582 if (mmie->element_id != WLAN_EID_MMIE ||
583 mmie->length != sizeof(*mmie) - 2)
584 return RX_DROP_UNUSABLE; /* Invalid MMIE */
585
586 bip_ipn_swap(ipn, mmie->sequence_number);
587
588 if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) {
589 key->u.aes_cmac.replays++;
590 return RX_DROP_UNUSABLE;
591 }
592
593 if (!(rx->status->flag & RX_FLAG_DECRYPTED)) {
594 /* hardware didn't decrypt/verify MIC */
595 bip_aad(skb, aad);
596 ieee80211_aes_cmac(key->u.aes_cmac.tfm,
597 key->u.aes_cmac.rx_crypto_buf, aad,
598 skb->data + 24, skb->len - 24, mic);
599 if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
600 key->u.aes_cmac.icverrors++;
601 return RX_DROP_UNUSABLE;
602 }
603 }
604
605 memcpy(key->u.aes_cmac.rx_pn, ipn, 6);
606
607 /* Remove MMIE */
608 skb_trim(skb, skb->len - sizeof(*mmie));
609
610 return RX_CONTINUE;
611}
diff --git a/net/mac80211/wpa.h b/net/mac80211/wpa.h
index d42d221d8a1d..baba0608313e 100644
--- a/net/mac80211/wpa.h
+++ b/net/mac80211/wpa.h
@@ -28,4 +28,9 @@ ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx);
28ieee80211_rx_result 28ieee80211_rx_result
29ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx); 29ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx);
30 30
31ieee80211_tx_result
32ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx);
33ieee80211_rx_result
34ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx);
35
31#endif /* WPA_H */ 36#endif /* WPA_H */