aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/8021q/vlan_core.c4
-rw-r--r--net/8021q/vlan_dev.c37
-rw-r--r--net/8021q/vlanproc.c3
-rw-r--r--net/core/datagram.c116
-rw-r--r--net/core/dev.c386
-rw-r--r--net/core/drop_monitor.c13
-rw-r--r--net/core/fib_rules.c2
-rw-r--r--net/core/iovec.c33
-rw-r--r--net/core/net_namespace.c47
-rw-r--r--net/core/stream.c3
-rw-r--r--net/decnet/dn_nsp_in.c17
-rw-r--r--net/decnet/dn_rules.c2
-rw-r--r--net/ipv4/af_inet.c2
-rw-r--r--net/ipv4/fib_frontend.c1
-rw-r--r--net/ipv4/fib_hash.c1
-rw-r--r--net/ipv4/fib_lookup.h3
-rw-r--r--net/ipv4/fib_rules.c2
-rw-r--r--net/ipv4/fib_semantics.c3
-rw-r--r--net/ipv4/fib_trie.c3
-rw-r--r--net/ipv4/inet_diag.c2
-rw-r--r--net/ipv4/inet_timewait_sock.c23
-rw-r--r--net/ipv4/ip_input.c13
-rw-r--r--net/ipv4/ip_output.c12
-rw-r--r--net/ipv4/proc.c10
-rw-r--r--net/ipv4/syncookies.c5
-rw-r--r--net/ipv4/tcp_input.c2
-rw-r--r--net/ipv4/tcp_ipv4.c4
-rw-r--r--net/ipv4/tcp_output.c2
-rw-r--r--net/ipv6/fib6_rules.c2
-rw-r--r--net/ipv6/ip6_input.c7
-rw-r--r--net/ipv6/ip6_output.c9
-rw-r--r--net/ipv6/ip6_tunnel.c4
-rw-r--r--net/ipv6/mcast.c19
-rw-r--r--net/ipv6/ndisc.c4
-rw-r--r--net/ipv6/proc.c10
-rw-r--r--net/ipv6/raw.c2
-rw-r--r--net/ipv6/syncookies.c4
-rw-r--r--net/ipv6/tcp_ipv6.c2
-rw-r--r--net/iucv/af_iucv.c408
-rw-r--r--net/iucv/iucv.c43
-rw-r--r--net/llc/af_llc.c2
-rw-r--r--net/mac80211/Kconfig16
-rw-r--r--net/mac80211/agg-rx.c19
-rw-r--r--net/mac80211/agg-tx.c13
-rw-r--r--net/mac80211/cfg.c144
-rw-r--r--net/mac80211/debugfs.c66
-rw-r--r--net/mac80211/driver-ops.h184
-rw-r--r--net/mac80211/event.c17
-rw-r--r--net/mac80211/ht.c84
-rw-r--r--net/mac80211/ibss.c484
-rw-r--r--net/mac80211/ieee80211_i.h108
-rw-r--r--net/mac80211/iface.c113
-rw-r--r--net/mac80211/key.c29
-rw-r--r--net/mac80211/key.h3
-rw-r--r--net/mac80211/main.c299
-rw-r--r--net/mac80211/mesh.c6
-rw-r--r--net/mac80211/mlme.c544
-rw-r--r--net/mac80211/pm.c130
-rw-r--r--net/mac80211/rc80211_minstrel.c8
-rw-r--r--net/mac80211/rc80211_pid_algo.c8
-rw-r--r--net/mac80211/rx.c198
-rw-r--r--net/mac80211/scan.c428
-rw-r--r--net/mac80211/spectmgmt.c2
-rw-r--r--net/mac80211/sta_info.c97
-rw-r--r--net/mac80211/sta_info.h5
-rw-r--r--net/mac80211/tkip.c6
-rw-r--r--net/mac80211/tx.c49
-rw-r--r--net/mac80211/util.c289
-rw-r--r--net/mac80211/wext.c552
-rw-r--r--net/mac80211/wme.c2
-rw-r--r--net/mac80211/wpa.c2
-rw-r--r--net/rds/af_rds.c1
-rw-r--r--net/rds/connection.c4
-rw-r--r--net/rds/ib.c4
-rw-r--r--net/rds/ib.h2
-rw-r--r--net/rds/ib_recv.c2
-rw-r--r--net/rds/ib_ring.c2
-rw-r--r--net/rds/ib_send.c10
-rw-r--r--net/rds/info.c5
-rw-r--r--net/rds/iw.c4
-rw-r--r--net/rds/iw.h2
-rw-r--r--net/rds/iw_recv.c2
-rw-r--r--net/rds/iw_ring.c2
-rw-r--r--net/rds/iw_send.c10
-rw-r--r--net/rds/rdma.c7
-rw-r--r--net/rds/rdma_transport.c12
-rw-r--r--net/rds/rds.h2
-rw-r--r--net/rds/send.c10
-rw-r--r--net/rfkill/rfkill-input.c69
-rw-r--r--net/rfkill/rfkill.c59
-rw-r--r--net/sched/cls_cgroup.c6
-rw-r--r--net/sched/sch_generic.c40
-rw-r--r--net/sctp/output.c17
-rw-r--r--net/tipc/eth_media.c2
-rw-r--r--net/wimax/op-rfkill.c9
-rw-r--r--net/wireless/Makefile2
-rw-r--r--net/wireless/core.c33
-rw-r--r--net/wireless/core.h21
-rw-r--r--net/wireless/ibss.c369
-rw-r--r--net/wireless/mlme.c50
-rw-r--r--net/wireless/nl80211.c767
-rw-r--r--net/wireless/nl80211.h32
-rw-r--r--net/wireless/reg.c43
-rw-r--r--net/wireless/scan.c63
-rw-r--r--net/wireless/util.c51
-rw-r--r--net/wireless/wext-compat.c510
-rw-r--r--net/wireless/wext.c20
107 files changed, 4979 insertions, 2437 deletions
diff --git a/net/8021q/vlan_core.c b/net/8021q/vlan_core.c
index c67fe6f75653..7f7de1a04de6 100644
--- a/net/8021q/vlan_core.c
+++ b/net/8021q/vlan_core.c
@@ -114,9 +114,9 @@ int vlan_gro_receive(struct napi_struct *napi, struct vlan_group *grp,
114EXPORT_SYMBOL(vlan_gro_receive); 114EXPORT_SYMBOL(vlan_gro_receive);
115 115
116int vlan_gro_frags(struct napi_struct *napi, struct vlan_group *grp, 116int vlan_gro_frags(struct napi_struct *napi, struct vlan_group *grp,
117 unsigned int vlan_tci, struct napi_gro_fraginfo *info) 117 unsigned int vlan_tci)
118{ 118{
119 struct sk_buff *skb = napi_fraginfo_skb(napi, info); 119 struct sk_buff *skb = napi_frags_skb(napi);
120 120
121 if (!skb) 121 if (!skb)
122 return NET_RX_DROP; 122 return NET_RX_DROP;
diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c
index b4b9068e55a7..8faacee68633 100644
--- a/net/8021q/vlan_dev.c
+++ b/net/8021q/vlan_dev.c
@@ -290,7 +290,7 @@ static int vlan_dev_hard_header(struct sk_buff *skb, struct net_device *dev,
290 290
291static int vlan_dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev) 291static int vlan_dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
292{ 292{
293 struct net_device_stats *stats = &dev->stats; 293 struct netdev_queue *txq = netdev_get_tx_queue(dev, 0);
294 struct vlan_ethhdr *veth = (struct vlan_ethhdr *)(skb->data); 294 struct vlan_ethhdr *veth = (struct vlan_ethhdr *)(skb->data);
295 295
296 /* Handle non-VLAN frames if they are sent to us, for example by DHCP. 296 /* Handle non-VLAN frames if they are sent to us, for example by DHCP.
@@ -309,7 +309,7 @@ static int vlan_dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
309 vlan_tci |= vlan_dev_get_egress_qos_mask(dev, skb); 309 vlan_tci |= vlan_dev_get_egress_qos_mask(dev, skb);
310 skb = __vlan_put_tag(skb, vlan_tci); 310 skb = __vlan_put_tag(skb, vlan_tci);
311 if (!skb) { 311 if (!skb) {
312 stats->tx_dropped++; 312 txq->tx_dropped++;
313 return NETDEV_TX_OK; 313 return NETDEV_TX_OK;
314 } 314 }
315 315
@@ -317,8 +317,8 @@ static int vlan_dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
317 vlan_dev_info(dev)->cnt_inc_headroom_on_tx++; 317 vlan_dev_info(dev)->cnt_inc_headroom_on_tx++;
318 } 318 }
319 319
320 stats->tx_packets++; 320 txq->tx_packets++;
321 stats->tx_bytes += skb->len; 321 txq->tx_bytes += skb->len;
322 322
323 skb->dev = vlan_dev_info(dev)->real_dev; 323 skb->dev = vlan_dev_info(dev)->real_dev;
324 dev_queue_xmit(skb); 324 dev_queue_xmit(skb);
@@ -328,15 +328,15 @@ static int vlan_dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
328static int vlan_dev_hwaccel_hard_start_xmit(struct sk_buff *skb, 328static int vlan_dev_hwaccel_hard_start_xmit(struct sk_buff *skb,
329 struct net_device *dev) 329 struct net_device *dev)
330{ 330{
331 struct net_device_stats *stats = &dev->stats; 331 struct netdev_queue *txq = netdev_get_tx_queue(dev, 0);
332 u16 vlan_tci; 332 u16 vlan_tci;
333 333
334 vlan_tci = vlan_dev_info(dev)->vlan_id; 334 vlan_tci = vlan_dev_info(dev)->vlan_id;
335 vlan_tci |= vlan_dev_get_egress_qos_mask(dev, skb); 335 vlan_tci |= vlan_dev_get_egress_qos_mask(dev, skb);
336 skb = __vlan_hwaccel_put_tag(skb, vlan_tci); 336 skb = __vlan_hwaccel_put_tag(skb, vlan_tci);
337 337
338 stats->tx_packets++; 338 txq->tx_packets++;
339 stats->tx_bytes += skb->len; 339 txq->tx_bytes += skb->len;
340 340
341 skb->dev = vlan_dev_info(dev)->real_dev; 341 skb->dev = vlan_dev_info(dev)->real_dev;
342 dev_queue_xmit(skb); 342 dev_queue_xmit(skb);
@@ -671,13 +671,7 @@ static int vlan_ethtool_get_settings(struct net_device *dev,
671 struct ethtool_cmd *cmd) 671 struct ethtool_cmd *cmd)
672{ 672{
673 const struct vlan_dev_info *vlan = vlan_dev_info(dev); 673 const struct vlan_dev_info *vlan = vlan_dev_info(dev);
674 struct net_device *real_dev = vlan->real_dev; 674 return dev_ethtool_get_settings(vlan->real_dev, cmd);
675
676 if (!real_dev->ethtool_ops ||
677 !real_dev->ethtool_ops->get_settings)
678 return -EOPNOTSUPP;
679
680 return real_dev->ethtool_ops->get_settings(real_dev, cmd);
681} 675}
682 676
683static void vlan_ethtool_get_drvinfo(struct net_device *dev, 677static void vlan_ethtool_get_drvinfo(struct net_device *dev,
@@ -691,24 +685,13 @@ static void vlan_ethtool_get_drvinfo(struct net_device *dev,
691static u32 vlan_ethtool_get_rx_csum(struct net_device *dev) 685static u32 vlan_ethtool_get_rx_csum(struct net_device *dev)
692{ 686{
693 const struct vlan_dev_info *vlan = vlan_dev_info(dev); 687 const struct vlan_dev_info *vlan = vlan_dev_info(dev);
694 struct net_device *real_dev = vlan->real_dev; 688 return dev_ethtool_get_rx_csum(vlan->real_dev);
695
696 if (real_dev->ethtool_ops == NULL ||
697 real_dev->ethtool_ops->get_rx_csum == NULL)
698 return 0;
699 return real_dev->ethtool_ops->get_rx_csum(real_dev);
700} 689}
701 690
702static u32 vlan_ethtool_get_flags(struct net_device *dev) 691static u32 vlan_ethtool_get_flags(struct net_device *dev)
703{ 692{
704 const struct vlan_dev_info *vlan = vlan_dev_info(dev); 693 const struct vlan_dev_info *vlan = vlan_dev_info(dev);
705 struct net_device *real_dev = vlan->real_dev; 694 return dev_ethtool_get_flags(vlan->real_dev);
706
707 if (!(real_dev->features & NETIF_F_HW_VLAN_RX) ||
708 real_dev->ethtool_ops == NULL ||
709 real_dev->ethtool_ops->get_flags == NULL)
710 return 0;
711 return real_dev->ethtool_ops->get_flags(real_dev);
712} 695}
713 696
714static const struct ethtool_ops vlan_ethtool_ops = { 697static const struct ethtool_ops vlan_ethtool_ops = {
diff --git a/net/8021q/vlanproc.c b/net/8021q/vlanproc.c
index 3628e0a81b40..b55a091a33df 100644
--- a/net/8021q/vlanproc.c
+++ b/net/8021q/vlanproc.c
@@ -279,13 +279,14 @@ static int vlandev_seq_show(struct seq_file *seq, void *offset)
279{ 279{
280 struct net_device *vlandev = (struct net_device *) seq->private; 280 struct net_device *vlandev = (struct net_device *) seq->private;
281 const struct vlan_dev_info *dev_info = vlan_dev_info(vlandev); 281 const struct vlan_dev_info *dev_info = vlan_dev_info(vlandev);
282 struct net_device_stats *stats = &vlandev->stats; 282 const struct net_device_stats *stats;
283 static const char fmt[] = "%30s %12lu\n"; 283 static const char fmt[] = "%30s %12lu\n";
284 int i; 284 int i;
285 285
286 if (!is_vlan_dev(vlandev)) 286 if (!is_vlan_dev(vlandev))
287 return 0; 287 return 0;
288 288
289 stats = dev_get_stats(vlandev);
289 seq_printf(seq, 290 seq_printf(seq,
290 "%s VID: %d REORDER_HDR: %i dev->priv_flags: %hx\n", 291 "%s VID: %d REORDER_HDR: %i dev->priv_flags: %hx\n",
291 vlandev->name, dev_info->vlan_id, 292 vlandev->name, dev_info->vlan_id,
diff --git a/net/core/datagram.c b/net/core/datagram.c
index b01a76abe1d2..e2a36f05cdf7 100644
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -260,7 +260,9 @@ int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags)
260 spin_unlock_bh(&sk->sk_receive_queue.lock); 260 spin_unlock_bh(&sk->sk_receive_queue.lock);
261 } 261 }
262 262
263 skb_free_datagram(sk, skb); 263 kfree_skb(skb);
264 sk_mem_reclaim_partial(sk);
265
264 return err; 266 return err;
265} 267}
266 268
@@ -351,17 +353,111 @@ fault:
351} 353}
352 354
353/** 355/**
356 * skb_copy_datagram_const_iovec - Copy a datagram to an iovec.
357 * @skb: buffer to copy
358 * @offset: offset in the buffer to start copying from
359 * @to: io vector to copy to
360 * @to_offset: offset in the io vector to start copying to
361 * @len: amount of data to copy from buffer to iovec
362 *
363 * Returns 0 or -EFAULT.
364 * Note: the iovec is not modified during the copy.
365 */
366int skb_copy_datagram_const_iovec(const struct sk_buff *skb, int offset,
367 const struct iovec *to, int to_offset,
368 int len)
369{
370 int start = skb_headlen(skb);
371 int i, copy = start - offset;
372
373 /* Copy header. */
374 if (copy > 0) {
375 if (copy > len)
376 copy = len;
377 if (memcpy_toiovecend(to, skb->data + offset, to_offset, copy))
378 goto fault;
379 if ((len -= copy) == 0)
380 return 0;
381 offset += copy;
382 to_offset += copy;
383 }
384
385 /* Copy paged appendix. Hmm... why does this look so complicated? */
386 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) {
387 int end;
388
389 WARN_ON(start > offset + len);
390
391 end = start + skb_shinfo(skb)->frags[i].size;
392 if ((copy = end - offset) > 0) {
393 int err;
394 u8 *vaddr;
395 skb_frag_t *frag = &skb_shinfo(skb)->frags[i];
396 struct page *page = frag->page;
397
398 if (copy > len)
399 copy = len;
400 vaddr = kmap(page);
401 err = memcpy_toiovecend(to, vaddr + frag->page_offset +
402 offset - start, to_offset, copy);
403 kunmap(page);
404 if (err)
405 goto fault;
406 if (!(len -= copy))
407 return 0;
408 offset += copy;
409 to_offset += copy;
410 }
411 start = end;
412 }
413
414 if (skb_shinfo(skb)->frag_list) {
415 struct sk_buff *list = skb_shinfo(skb)->frag_list;
416
417 for (; list; list = list->next) {
418 int end;
419
420 WARN_ON(start > offset + len);
421
422 end = start + list->len;
423 if ((copy = end - offset) > 0) {
424 if (copy > len)
425 copy = len;
426 if (skb_copy_datagram_const_iovec(list,
427 offset - start,
428 to, to_offset,
429 copy))
430 goto fault;
431 if ((len -= copy) == 0)
432 return 0;
433 offset += copy;
434 to_offset += copy;
435 }
436 start = end;
437 }
438 }
439 if (!len)
440 return 0;
441
442fault:
443 return -EFAULT;
444}
445EXPORT_SYMBOL(skb_copy_datagram_const_iovec);
446
447/**
354 * skb_copy_datagram_from_iovec - Copy a datagram from an iovec. 448 * skb_copy_datagram_from_iovec - Copy a datagram from an iovec.
355 * @skb: buffer to copy 449 * @skb: buffer to copy
356 * @offset: offset in the buffer to start copying to 450 * @offset: offset in the buffer to start copying to
357 * @from: io vector to copy to 451 * @from: io vector to copy to
452 * @from_offset: offset in the io vector to start copying from
358 * @len: amount of data to copy to buffer from iovec 453 * @len: amount of data to copy to buffer from iovec
359 * 454 *
360 * Returns 0 or -EFAULT. 455 * Returns 0 or -EFAULT.
361 * Note: the iovec is modified during the copy. 456 * Note: the iovec is not modified during the copy.
362 */ 457 */
363int skb_copy_datagram_from_iovec(struct sk_buff *skb, int offset, 458int skb_copy_datagram_from_iovec(struct sk_buff *skb, int offset,
364 struct iovec *from, int len) 459 const struct iovec *from, int from_offset,
460 int len)
365{ 461{
366 int start = skb_headlen(skb); 462 int start = skb_headlen(skb);
367 int i, copy = start - offset; 463 int i, copy = start - offset;
@@ -370,11 +466,12 @@ int skb_copy_datagram_from_iovec(struct sk_buff *skb, int offset,
370 if (copy > 0) { 466 if (copy > 0) {
371 if (copy > len) 467 if (copy > len)
372 copy = len; 468 copy = len;
373 if (memcpy_fromiovec(skb->data + offset, from, copy)) 469 if (memcpy_fromiovecend(skb->data + offset, from, 0, copy))
374 goto fault; 470 goto fault;
375 if ((len -= copy) == 0) 471 if ((len -= copy) == 0)
376 return 0; 472 return 0;
377 offset += copy; 473 offset += copy;
474 from_offset += copy;
378 } 475 }
379 476
380 /* Copy paged appendix. Hmm... why does this look so complicated? */ 477 /* Copy paged appendix. Hmm... why does this look so complicated? */
@@ -393,8 +490,9 @@ int skb_copy_datagram_from_iovec(struct sk_buff *skb, int offset,
393 if (copy > len) 490 if (copy > len)
394 copy = len; 491 copy = len;
395 vaddr = kmap(page); 492 vaddr = kmap(page);
396 err = memcpy_fromiovec(vaddr + frag->page_offset + 493 err = memcpy_fromiovecend(vaddr + frag->page_offset +
397 offset - start, from, copy); 494 offset - start,
495 from, from_offset, copy);
398 kunmap(page); 496 kunmap(page);
399 if (err) 497 if (err)
400 goto fault; 498 goto fault;
@@ -402,6 +500,7 @@ int skb_copy_datagram_from_iovec(struct sk_buff *skb, int offset,
402 if (!(len -= copy)) 500 if (!(len -= copy))
403 return 0; 501 return 0;
404 offset += copy; 502 offset += copy;
503 from_offset += copy;
405 } 504 }
406 start = end; 505 start = end;
407 } 506 }
@@ -420,11 +519,14 @@ int skb_copy_datagram_from_iovec(struct sk_buff *skb, int offset,
420 copy = len; 519 copy = len;
421 if (skb_copy_datagram_from_iovec(list, 520 if (skb_copy_datagram_from_iovec(list,
422 offset - start, 521 offset - start,
423 from, copy)) 522 from,
523 from_offset,
524 copy))
424 goto fault; 525 goto fault;
425 if ((len -= copy) == 0) 526 if ((len -= copy) == 0)
426 return 0; 527 return 0;
427 offset += copy; 528 offset += copy;
529 from_offset += copy;
428 } 530 }
429 start = end; 531 start = end;
430 } 532 }
diff --git a/net/core/dev.c b/net/core/dev.c
index e2e9e4af3ace..6d3630d16271 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1735,8 +1735,12 @@ u16 skb_tx_hash(const struct net_device *dev, const struct sk_buff *skb)
1735{ 1735{
1736 u32 hash; 1736 u32 hash;
1737 1737
1738 if (skb_rx_queue_recorded(skb)) 1738 if (skb_rx_queue_recorded(skb)) {
1739 return skb_get_rx_queue(skb) % dev->real_num_tx_queues; 1739 hash = skb_get_rx_queue(skb);
1740 while (unlikely (hash >= dev->real_num_tx_queues))
1741 hash -= dev->real_num_tx_queues;
1742 return hash;
1743 }
1740 1744
1741 if (skb->sk && skb->sk->sk_hash) 1745 if (skb->sk && skb->sk->sk_hash)
1742 hash = skb->sk->sk_hash; 1746 hash = skb->sk->sk_hash;
@@ -2379,18 +2383,13 @@ void *skb_gro_header(struct sk_buff *skb, unsigned int hlen)
2379 unsigned int offset = skb_gro_offset(skb); 2383 unsigned int offset = skb_gro_offset(skb);
2380 2384
2381 hlen += offset; 2385 hlen += offset;
2382 if (hlen <= skb_headlen(skb)) 2386 if (unlikely(skb_headlen(skb) ||
2383 return skb->data + offset; 2387 skb_shinfo(skb)->frags[0].size < hlen ||
2384
2385 if (unlikely(!skb_shinfo(skb)->nr_frags ||
2386 skb_shinfo(skb)->frags[0].size <=
2387 hlen - skb_headlen(skb) ||
2388 PageHighMem(skb_shinfo(skb)->frags[0].page))) 2388 PageHighMem(skb_shinfo(skb)->frags[0].page)))
2389 return pskb_may_pull(skb, hlen) ? skb->data + offset : NULL; 2389 return pskb_may_pull(skb, hlen) ? skb->data + offset : NULL;
2390 2390
2391 return page_address(skb_shinfo(skb)->frags[0].page) + 2391 return page_address(skb_shinfo(skb)->frags[0].page) +
2392 skb_shinfo(skb)->frags[0].page_offset + 2392 skb_shinfo(skb)->frags[0].page_offset + offset;
2393 offset - skb_headlen(skb);
2394} 2393}
2395EXPORT_SYMBOL(skb_gro_header); 2394EXPORT_SYMBOL(skb_gro_header);
2396 2395
@@ -2526,16 +2525,10 @@ void napi_reuse_skb(struct napi_struct *napi, struct sk_buff *skb)
2526} 2525}
2527EXPORT_SYMBOL(napi_reuse_skb); 2526EXPORT_SYMBOL(napi_reuse_skb);
2528 2527
2529struct sk_buff *napi_fraginfo_skb(struct napi_struct *napi, 2528struct sk_buff *napi_get_frags(struct napi_struct *napi)
2530 struct napi_gro_fraginfo *info)
2531{ 2529{
2532 struct net_device *dev = napi->dev; 2530 struct net_device *dev = napi->dev;
2533 struct sk_buff *skb = napi->skb; 2531 struct sk_buff *skb = napi->skb;
2534 struct ethhdr *eth;
2535 skb_frag_t *frag;
2536 int i;
2537
2538 napi->skb = NULL;
2539 2532
2540 if (!skb) { 2533 if (!skb) {
2541 skb = netdev_alloc_skb(dev, GRO_MAX_HEAD + NET_IP_ALIGN); 2534 skb = netdev_alloc_skb(dev, GRO_MAX_HEAD + NET_IP_ALIGN);
@@ -2543,47 +2536,14 @@ struct sk_buff *napi_fraginfo_skb(struct napi_struct *napi,
2543 goto out; 2536 goto out;
2544 2537
2545 skb_reserve(skb, NET_IP_ALIGN); 2538 skb_reserve(skb, NET_IP_ALIGN);
2546 }
2547
2548 BUG_ON(info->nr_frags > MAX_SKB_FRAGS);
2549 frag = info->frags;
2550
2551 for (i = 0; i < info->nr_frags; i++) {
2552 skb_fill_page_desc(skb, i, frag->page, frag->page_offset,
2553 frag->size);
2554 frag++;
2555 }
2556 skb_shinfo(skb)->nr_frags = info->nr_frags;
2557
2558 skb->data_len = info->len;
2559 skb->len += info->len;
2560 skb->truesize += info->len;
2561
2562 skb_reset_mac_header(skb);
2563 skb_gro_reset_offset(skb);
2564 2539
2565 eth = skb_gro_header(skb, sizeof(*eth)); 2540 napi->skb = skb;
2566 if (!eth) {
2567 napi_reuse_skb(napi, skb);
2568 skb = NULL;
2569 goto out;
2570 } 2541 }
2571 2542
2572 skb_gro_pull(skb, sizeof(*eth));
2573
2574 /*
2575 * This works because the only protocols we care about don't require
2576 * special handling. We'll fix it up properly at the end.
2577 */
2578 skb->protocol = eth->h_proto;
2579
2580 skb->ip_summed = info->ip_summed;
2581 skb->csum = info->csum;
2582
2583out: 2543out:
2584 return skb; 2544 return skb;
2585} 2545}
2586EXPORT_SYMBOL(napi_fraginfo_skb); 2546EXPORT_SYMBOL(napi_get_frags);
2587 2547
2588int napi_frags_finish(struct napi_struct *napi, struct sk_buff *skb, int ret) 2548int napi_frags_finish(struct napi_struct *napi, struct sk_buff *skb, int ret)
2589{ 2549{
@@ -2613,9 +2573,39 @@ int napi_frags_finish(struct napi_struct *napi, struct sk_buff *skb, int ret)
2613} 2573}
2614EXPORT_SYMBOL(napi_frags_finish); 2574EXPORT_SYMBOL(napi_frags_finish);
2615 2575
2616int napi_gro_frags(struct napi_struct *napi, struct napi_gro_fraginfo *info) 2576struct sk_buff *napi_frags_skb(struct napi_struct *napi)
2577{
2578 struct sk_buff *skb = napi->skb;
2579 struct ethhdr *eth;
2580
2581 napi->skb = NULL;
2582
2583 skb_reset_mac_header(skb);
2584 skb_gro_reset_offset(skb);
2585
2586 eth = skb_gro_header(skb, sizeof(*eth));
2587 if (!eth) {
2588 napi_reuse_skb(napi, skb);
2589 skb = NULL;
2590 goto out;
2591 }
2592
2593 skb_gro_pull(skb, sizeof(*eth));
2594
2595 /*
2596 * This works because the only protocols we care about don't require
2597 * special handling. We'll fix it up properly at the end.
2598 */
2599 skb->protocol = eth->h_proto;
2600
2601out:
2602 return skb;
2603}
2604EXPORT_SYMBOL(napi_frags_skb);
2605
2606int napi_gro_frags(struct napi_struct *napi)
2617{ 2607{
2618 struct sk_buff *skb = napi_fraginfo_skb(napi, info); 2608 struct sk_buff *skb = napi_frags_skb(napi);
2619 2609
2620 if (!skb) 2610 if (!skb)
2621 return NET_RX_DROP; 2611 return NET_RX_DROP;
@@ -2719,7 +2709,7 @@ void netif_napi_del(struct napi_struct *napi)
2719 struct sk_buff *skb, *next; 2709 struct sk_buff *skb, *next;
2720 2710
2721 list_del_init(&napi->dev_list); 2711 list_del_init(&napi->dev_list);
2722 kfree_skb(napi->skb); 2712 napi_free_frags(napi);
2723 2713
2724 for (skb = napi->gro_list; skb; skb = next) { 2714 for (skb = napi->gro_list; skb; skb = next) {
2725 next = skb->next; 2715 next = skb->next;
@@ -3444,6 +3434,252 @@ void dev_set_rx_mode(struct net_device *dev)
3444 netif_addr_unlock_bh(dev); 3434 netif_addr_unlock_bh(dev);
3445} 3435}
3446 3436
3437/* hw addresses list handling functions */
3438
3439static int __hw_addr_add(struct list_head *list, unsigned char *addr,
3440 int addr_len, unsigned char addr_type)
3441{
3442 struct netdev_hw_addr *ha;
3443 int alloc_size;
3444
3445 if (addr_len > MAX_ADDR_LEN)
3446 return -EINVAL;
3447
3448 alloc_size = sizeof(*ha);
3449 if (alloc_size < L1_CACHE_BYTES)
3450 alloc_size = L1_CACHE_BYTES;
3451 ha = kmalloc(alloc_size, GFP_ATOMIC);
3452 if (!ha)
3453 return -ENOMEM;
3454 memcpy(ha->addr, addr, addr_len);
3455 ha->type = addr_type;
3456 list_add_tail_rcu(&ha->list, list);
3457 return 0;
3458}
3459
3460static void ha_rcu_free(struct rcu_head *head)
3461{
3462 struct netdev_hw_addr *ha;
3463
3464 ha = container_of(head, struct netdev_hw_addr, rcu_head);
3465 kfree(ha);
3466}
3467
3468static int __hw_addr_del_ii(struct list_head *list, unsigned char *addr,
3469 int addr_len, unsigned char addr_type,
3470 int ignore_index)
3471{
3472 struct netdev_hw_addr *ha;
3473 int i = 0;
3474
3475 list_for_each_entry(ha, list, list) {
3476 if (i++ != ignore_index &&
3477 !memcmp(ha->addr, addr, addr_len) &&
3478 (ha->type == addr_type || !addr_type)) {
3479 list_del_rcu(&ha->list);
3480 call_rcu(&ha->rcu_head, ha_rcu_free);
3481 return 0;
3482 }
3483 }
3484 return -ENOENT;
3485}
3486
3487static int __hw_addr_add_multiple_ii(struct list_head *to_list,
3488 struct list_head *from_list,
3489 int addr_len, unsigned char addr_type,
3490 int ignore_index)
3491{
3492 int err;
3493 struct netdev_hw_addr *ha, *ha2;
3494 unsigned char type;
3495
3496 list_for_each_entry(ha, from_list, list) {
3497 type = addr_type ? addr_type : ha->type;
3498 err = __hw_addr_add(to_list, ha->addr, addr_len, type);
3499 if (err)
3500 goto unroll;
3501 }
3502 return 0;
3503
3504unroll:
3505 list_for_each_entry(ha2, from_list, list) {
3506 if (ha2 == ha)
3507 break;
3508 type = addr_type ? addr_type : ha2->type;
3509 __hw_addr_del_ii(to_list, ha2->addr, addr_len, type,
3510 ignore_index);
3511 }
3512 return err;
3513}
3514
3515static void __hw_addr_del_multiple_ii(struct list_head *to_list,
3516 struct list_head *from_list,
3517 int addr_len, unsigned char addr_type,
3518 int ignore_index)
3519{
3520 struct netdev_hw_addr *ha;
3521 unsigned char type;
3522
3523 list_for_each_entry(ha, from_list, list) {
3524 type = addr_type ? addr_type : ha->type;
3525 __hw_addr_del_ii(to_list, ha->addr, addr_len, addr_type,
3526 ignore_index);
3527 }
3528}
3529
3530static void __hw_addr_flush(struct list_head *list)
3531{
3532 struct netdev_hw_addr *ha, *tmp;
3533
3534 list_for_each_entry_safe(ha, tmp, list, list) {
3535 list_del_rcu(&ha->list);
3536 call_rcu(&ha->rcu_head, ha_rcu_free);
3537 }
3538}
3539
3540/* Device addresses handling functions */
3541
3542static void dev_addr_flush(struct net_device *dev)
3543{
3544 /* rtnl_mutex must be held here */
3545
3546 __hw_addr_flush(&dev->dev_addr_list);
3547 dev->dev_addr = NULL;
3548}
3549
3550static int dev_addr_init(struct net_device *dev)
3551{
3552 unsigned char addr[MAX_ADDR_LEN];
3553 struct netdev_hw_addr *ha;
3554 int err;
3555
3556 /* rtnl_mutex must be held here */
3557
3558 INIT_LIST_HEAD(&dev->dev_addr_list);
3559 memset(addr, 0, sizeof(*addr));
3560 err = __hw_addr_add(&dev->dev_addr_list, addr, sizeof(*addr),
3561 NETDEV_HW_ADDR_T_LAN);
3562 if (!err) {
3563 /*
3564 * Get the first (previously created) address from the list
3565 * and set dev_addr pointer to this location.
3566 */
3567 ha = list_first_entry(&dev->dev_addr_list,
3568 struct netdev_hw_addr, list);
3569 dev->dev_addr = ha->addr;
3570 }
3571 return err;
3572}
3573
3574/**
3575 * dev_addr_add - Add a device address
3576 * @dev: device
3577 * @addr: address to add
3578 * @addr_type: address type
3579 *
3580 * Add a device address to the device or increase the reference count if
3581 * it already exists.
3582 *
3583 * The caller must hold the rtnl_mutex.
3584 */
3585int dev_addr_add(struct net_device *dev, unsigned char *addr,
3586 unsigned char addr_type)
3587{
3588 int err;
3589
3590 ASSERT_RTNL();
3591
3592 err = __hw_addr_add(&dev->dev_addr_list, addr, dev->addr_len,
3593 addr_type);
3594 if (!err)
3595 call_netdevice_notifiers(NETDEV_CHANGEADDR, dev);
3596 return err;
3597}
3598EXPORT_SYMBOL(dev_addr_add);
3599
3600/**
3601 * dev_addr_del - Release a device address.
3602 * @dev: device
3603 * @addr: address to delete
3604 * @addr_type: address type
3605 *
3606 * Release reference to a device address and remove it from the device
3607 * if the reference count drops to zero.
3608 *
3609 * The caller must hold the rtnl_mutex.
3610 */
3611int dev_addr_del(struct net_device *dev, unsigned char *addr,
3612 unsigned char addr_type)
3613{
3614 int err;
3615
3616 ASSERT_RTNL();
3617
3618 err = __hw_addr_del_ii(&dev->dev_addr_list, addr, dev->addr_len,
3619 addr_type, 0);
3620 if (!err)
3621 call_netdevice_notifiers(NETDEV_CHANGEADDR, dev);
3622 return err;
3623}
3624EXPORT_SYMBOL(dev_addr_del);
3625
3626/**
3627 * dev_addr_add_multiple - Add device addresses from another device
3628 * @to_dev: device to which addresses will be added
3629 * @from_dev: device from which addresses will be added
3630 * @addr_type: address type - 0 means type will be used from from_dev
3631 *
3632 * Add device addresses of the one device to another.
3633 **
3634 * The caller must hold the rtnl_mutex.
3635 */
3636int dev_addr_add_multiple(struct net_device *to_dev,
3637 struct net_device *from_dev,
3638 unsigned char addr_type)
3639{
3640 int err;
3641
3642 ASSERT_RTNL();
3643
3644 if (from_dev->addr_len != to_dev->addr_len)
3645 return -EINVAL;
3646 err = __hw_addr_add_multiple_ii(&to_dev->dev_addr_list,
3647 &from_dev->dev_addr_list,
3648 to_dev->addr_len, addr_type, 0);
3649 if (!err)
3650 call_netdevice_notifiers(NETDEV_CHANGEADDR, to_dev);
3651 return err;
3652}
3653EXPORT_SYMBOL(dev_addr_add_multiple);
3654
3655/**
3656 * dev_addr_del_multiple - Delete device addresses by another device
3657 * @to_dev: device where the addresses will be deleted
3658 * @from_dev: device by which addresses the addresses will be deleted
3659 * @addr_type: address type - 0 means type will used from from_dev
3660 *
3661 * Deletes addresses in to device by the list of addresses in from device.
3662 *
3663 * The caller must hold the rtnl_mutex.
3664 */
3665int dev_addr_del_multiple(struct net_device *to_dev,
3666 struct net_device *from_dev,
3667 unsigned char addr_type)
3668{
3669 ASSERT_RTNL();
3670
3671 if (from_dev->addr_len != to_dev->addr_len)
3672 return -EINVAL;
3673 __hw_addr_del_multiple_ii(&to_dev->dev_addr_list,
3674 &from_dev->dev_addr_list,
3675 to_dev->addr_len, addr_type, 0);
3676 call_netdevice_notifiers(NETDEV_CHANGEADDR, to_dev);
3677 return 0;
3678}
3679EXPORT_SYMBOL(dev_addr_del_multiple);
3680
3681/* unicast and multicast addresses handling functions */
3682
3447int __dev_addr_delete(struct dev_addr_list **list, int *count, 3683int __dev_addr_delete(struct dev_addr_list **list, int *count,
3448 void *addr, int alen, int glbl) 3684 void *addr, int alen, int glbl)
3449{ 3685{
@@ -4707,13 +4943,30 @@ void netdev_run_todo(void)
4707 * the internal statistics structure is used. 4943 * the internal statistics structure is used.
4708 */ 4944 */
4709const struct net_device_stats *dev_get_stats(struct net_device *dev) 4945const struct net_device_stats *dev_get_stats(struct net_device *dev)
4710 { 4946{
4711 const struct net_device_ops *ops = dev->netdev_ops; 4947 const struct net_device_ops *ops = dev->netdev_ops;
4712 4948
4713 if (ops->ndo_get_stats) 4949 if (ops->ndo_get_stats)
4714 return ops->ndo_get_stats(dev); 4950 return ops->ndo_get_stats(dev);
4715 else 4951 else {
4716 return &dev->stats; 4952 unsigned long tx_bytes = 0, tx_packets = 0, tx_dropped = 0;
4953 struct net_device_stats *stats = &dev->stats;
4954 unsigned int i;
4955 struct netdev_queue *txq;
4956
4957 for (i = 0; i < dev->num_tx_queues; i++) {
4958 txq = netdev_get_tx_queue(dev, i);
4959 tx_bytes += txq->tx_bytes;
4960 tx_packets += txq->tx_packets;
4961 tx_dropped += txq->tx_dropped;
4962 }
4963 if (tx_bytes || tx_packets || tx_dropped) {
4964 stats->tx_bytes = tx_bytes;
4965 stats->tx_packets = tx_packets;
4966 stats->tx_dropped = tx_dropped;
4967 }
4968 return stats;
4969 }
4717} 4970}
4718EXPORT_SYMBOL(dev_get_stats); 4971EXPORT_SYMBOL(dev_get_stats);
4719 4972
@@ -4771,13 +5024,16 @@ struct net_device *alloc_netdev_mq(int sizeof_priv, const char *name,
4771 if (!tx) { 5024 if (!tx) {
4772 printk(KERN_ERR "alloc_netdev: Unable to allocate " 5025 printk(KERN_ERR "alloc_netdev: Unable to allocate "
4773 "tx qdiscs.\n"); 5026 "tx qdiscs.\n");
4774 kfree(p); 5027 goto free_p;
4775 return NULL;
4776 } 5028 }
4777 5029
4778 dev = (struct net_device *) 5030 dev = (struct net_device *)
4779 (((long)p + NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST); 5031 (((long)p + NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST);
4780 dev->padded = (char *)dev - (char *)p; 5032 dev->padded = (char *)dev - (char *)p;
5033
5034 if (dev_addr_init(dev))
5035 goto free_tx;
5036
4781 dev_net_set(dev, &init_net); 5037 dev_net_set(dev, &init_net);
4782 5038
4783 dev->_tx = tx; 5039 dev->_tx = tx;
@@ -4792,6 +5048,13 @@ struct net_device *alloc_netdev_mq(int sizeof_priv, const char *name,
4792 setup(dev); 5048 setup(dev);
4793 strcpy(dev->name, name); 5049 strcpy(dev->name, name);
4794 return dev; 5050 return dev;
5051
5052free_tx:
5053 kfree(tx);
5054
5055free_p:
5056 kfree(p);
5057 return NULL;
4795} 5058}
4796EXPORT_SYMBOL(alloc_netdev_mq); 5059EXPORT_SYMBOL(alloc_netdev_mq);
4797 5060
@@ -4811,6 +5074,9 @@ void free_netdev(struct net_device *dev)
4811 5074
4812 kfree(dev->_tx); 5075 kfree(dev->_tx);
4813 5076
5077 /* Flush device addresses */
5078 dev_addr_flush(dev);
5079
4814 list_for_each_entry_safe(p, n, &dev->napi_list, dev_list) 5080 list_for_each_entry_safe(p, n, &dev->napi_list, dev_list)
4815 netif_napi_del(p); 5081 netif_napi_del(p);
4816 5082
diff --git a/net/core/drop_monitor.c b/net/core/drop_monitor.c
index 9fd0dc3cca99..2797b711a978 100644
--- a/net/core/drop_monitor.c
+++ b/net/core/drop_monitor.c
@@ -51,7 +51,7 @@ static struct genl_family net_drop_monitor_family = {
51 .id = GENL_ID_GENERATE, 51 .id = GENL_ID_GENERATE,
52 .hdrsize = 0, 52 .hdrsize = 0,
53 .name = "NET_DM", 53 .name = "NET_DM",
54 .version = 1, 54 .version = 2,
55 .maxattr = NET_DM_CMD_MAX, 55 .maxattr = NET_DM_CMD_MAX,
56}; 56};
57 57
@@ -65,13 +65,17 @@ static void reset_per_cpu_data(struct per_cpu_dm_data *data)
65{ 65{
66 size_t al; 66 size_t al;
67 struct net_dm_alert_msg *msg; 67 struct net_dm_alert_msg *msg;
68 struct nlattr *nla;
68 69
69 al = sizeof(struct net_dm_alert_msg); 70 al = sizeof(struct net_dm_alert_msg);
70 al += dm_hit_limit * sizeof(struct net_dm_drop_point); 71 al += dm_hit_limit * sizeof(struct net_dm_drop_point);
72 al += sizeof(struct nlattr);
73
71 data->skb = genlmsg_new(al, GFP_KERNEL); 74 data->skb = genlmsg_new(al, GFP_KERNEL);
72 genlmsg_put(data->skb, 0, 0, &net_drop_monitor_family, 75 genlmsg_put(data->skb, 0, 0, &net_drop_monitor_family,
73 0, NET_DM_CMD_ALERT); 76 0, NET_DM_CMD_ALERT);
74 msg = __nla_reserve_nohdr(data->skb, sizeof(struct net_dm_alert_msg)); 77 nla = nla_reserve(data->skb, NLA_UNSPEC, sizeof(struct net_dm_alert_msg));
78 msg = nla_data(nla);
75 memset(msg, 0, al); 79 memset(msg, 0, al);
76 atomic_set(&data->dm_hit_count, dm_hit_limit); 80 atomic_set(&data->dm_hit_count, dm_hit_limit);
77} 81}
@@ -115,6 +119,7 @@ static void trace_kfree_skb_hit(struct sk_buff *skb, void *location)
115{ 119{
116 struct net_dm_alert_msg *msg; 120 struct net_dm_alert_msg *msg;
117 struct nlmsghdr *nlh; 121 struct nlmsghdr *nlh;
122 struct nlattr *nla;
118 int i; 123 int i;
119 struct per_cpu_dm_data *data = &__get_cpu_var(dm_cpu_data); 124 struct per_cpu_dm_data *data = &__get_cpu_var(dm_cpu_data);
120 125
@@ -127,7 +132,8 @@ static void trace_kfree_skb_hit(struct sk_buff *skb, void *location)
127 } 132 }
128 133
129 nlh = (struct nlmsghdr *)data->skb->data; 134 nlh = (struct nlmsghdr *)data->skb->data;
130 msg = genlmsg_data(nlmsg_data(nlh)); 135 nla = genlmsg_data(nlmsg_data(nlh));
136 msg = nla_data(nla);
131 for (i = 0; i < msg->entries; i++) { 137 for (i = 0; i < msg->entries; i++) {
132 if (!memcmp(&location, msg->points[i].pc, sizeof(void *))) { 138 if (!memcmp(&location, msg->points[i].pc, sizeof(void *))) {
133 msg->points[i].count++; 139 msg->points[i].count++;
@@ -139,6 +145,7 @@ static void trace_kfree_skb_hit(struct sk_buff *skb, void *location)
139 * We need to create a new entry 145 * We need to create a new entry
140 */ 146 */
141 __nla_reserve_nohdr(data->skb, sizeof(struct net_dm_drop_point)); 147 __nla_reserve_nohdr(data->skb, sizeof(struct net_dm_drop_point));
148 nla->nla_len += NLA_ALIGN(sizeof(struct net_dm_drop_point));
142 memcpy(msg->points[msg->entries].pc, &location, sizeof(void *)); 149 memcpy(msg->points[msg->entries].pc, &location, sizeof(void *));
143 msg->points[msg->entries].count = 1; 150 msg->points[msg->entries].count = 1;
144 msg->entries++; 151 msg->entries++;
diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index 98691e1466b8..17d9f497b797 100644
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -299,7 +299,7 @@ static int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
299 } else if (rule->action == FR_ACT_GOTO) 299 } else if (rule->action == FR_ACT_GOTO)
300 goto errout_free; 300 goto errout_free;
301 301
302 err = ops->configure(rule, skb, nlh, frh, tb); 302 err = ops->configure(rule, skb, frh, tb);
303 if (err < 0) 303 if (err < 0)
304 goto errout_free; 304 goto errout_free;
305 305
diff --git a/net/core/iovec.c b/net/core/iovec.c
index 4c9c0121c9da..40a76ce19d9f 100644
--- a/net/core/iovec.c
+++ b/net/core/iovec.c
@@ -98,6 +98,31 @@ int memcpy_toiovec(struct iovec *iov, unsigned char *kdata, int len)
98} 98}
99 99
100/* 100/*
101 * Copy kernel to iovec. Returns -EFAULT on error.
102 */
103
104int memcpy_toiovecend(const struct iovec *iov, unsigned char *kdata,
105 int offset, int len)
106{
107 int copy;
108 for (; len > 0; ++iov) {
109 /* Skip over the finished iovecs */
110 if (unlikely(offset >= iov->iov_len)) {
111 offset -= iov->iov_len;
112 continue;
113 }
114 copy = min_t(unsigned int, iov->iov_len - offset, len);
115 offset = 0;
116 if (copy_to_user(iov->iov_base, kdata, copy))
117 return -EFAULT;
118 kdata += copy;
119 len -= copy;
120 }
121
122 return 0;
123}
124
125/*
101 * Copy iovec to kernel. Returns -EFAULT on error. 126 * Copy iovec to kernel. Returns -EFAULT on error.
102 * 127 *
103 * Note: this modifies the original iovec. 128 * Note: this modifies the original iovec.
@@ -122,10 +147,11 @@ int memcpy_fromiovec(unsigned char *kdata, struct iovec *iov, int len)
122} 147}
123 148
124/* 149/*
125 * For use with ip_build_xmit 150 * Copy iovec from kernel. Returns -EFAULT on error.
126 */ 151 */
127int memcpy_fromiovecend(unsigned char *kdata, struct iovec *iov, int offset, 152
128 int len) 153int memcpy_fromiovecend(unsigned char *kdata, const struct iovec *iov,
154 int offset, int len)
129{ 155{
130 /* Skip over the finished iovecs */ 156 /* Skip over the finished iovecs */
131 while (offset >= iov->iov_len) { 157 while (offset >= iov->iov_len) {
@@ -236,3 +262,4 @@ EXPORT_SYMBOL(csum_partial_copy_fromiovecend);
236EXPORT_SYMBOL(memcpy_fromiovec); 262EXPORT_SYMBOL(memcpy_fromiovec);
237EXPORT_SYMBOL(memcpy_fromiovecend); 263EXPORT_SYMBOL(memcpy_fromiovecend);
238EXPORT_SYMBOL(memcpy_toiovec); 264EXPORT_SYMBOL(memcpy_toiovec);
265EXPORT_SYMBOL(memcpy_toiovecend);
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index e3bebd36f053..6b3edc9e6f19 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -115,41 +115,34 @@ static void net_free(struct net *net)
115 kmem_cache_free(net_cachep, net); 115 kmem_cache_free(net_cachep, net);
116} 116}
117 117
118struct net *copy_net_ns(unsigned long flags, struct net *old_net) 118static struct net *net_create(void)
119{ 119{
120 struct net *new_net = NULL; 120 struct net *net;
121 int err; 121 int rv;
122
123 get_net(old_net);
124
125 if (!(flags & CLONE_NEWNET))
126 return old_net;
127
128 err = -ENOMEM;
129 new_net = net_alloc();
130 if (!new_net)
131 goto out_err;
132 122
123 net = net_alloc();
124 if (!net)
125 return ERR_PTR(-ENOMEM);
133 mutex_lock(&net_mutex); 126 mutex_lock(&net_mutex);
134 err = setup_net(new_net); 127 rv = setup_net(net);
135 if (!err) { 128 if (rv == 0) {
136 rtnl_lock(); 129 rtnl_lock();
137 list_add_tail(&new_net->list, &net_namespace_list); 130 list_add_tail(&net->list, &net_namespace_list);
138 rtnl_unlock(); 131 rtnl_unlock();
139 } 132 }
140 mutex_unlock(&net_mutex); 133 mutex_unlock(&net_mutex);
134 if (rv < 0) {
135 net_free(net);
136 return ERR_PTR(rv);
137 }
138 return net;
139}
141 140
142 if (err) 141struct net *copy_net_ns(unsigned long flags, struct net *old_net)
143 goto out_free; 142{
144out: 143 if (!(flags & CLONE_NEWNET))
145 put_net(old_net); 144 return get_net(old_net);
146 return new_net; 145 return net_create();
147
148out_free:
149 net_free(new_net);
150out_err:
151 new_net = ERR_PTR(err);
152 goto out;
153} 146}
154 147
155static void cleanup_net(struct work_struct *work) 148static void cleanup_net(struct work_struct *work)
diff --git a/net/core/stream.c b/net/core/stream.c
index 8727cead64ad..a37debfeb1b2 100644
--- a/net/core/stream.c
+++ b/net/core/stream.c
@@ -33,7 +33,8 @@ void sk_stream_write_space(struct sock *sk)
33 clear_bit(SOCK_NOSPACE, &sock->flags); 33 clear_bit(SOCK_NOSPACE, &sock->flags);
34 34
35 if (sk->sk_sleep && waitqueue_active(sk->sk_sleep)) 35 if (sk->sk_sleep && waitqueue_active(sk->sk_sleep))
36 wake_up_interruptible(sk->sk_sleep); 36 wake_up_interruptible_poll(sk->sk_sleep, POLLOUT |
37 POLLWRNORM | POLLWRBAND);
37 if (sock->fasync_list && !(sk->sk_shutdown & SEND_SHUTDOWN)) 38 if (sock->fasync_list && !(sk->sk_shutdown & SEND_SHUTDOWN))
38 sock_wake_async(sock, SOCK_WAKE_SPACE, POLL_OUT); 39 sock_wake_async(sock, SOCK_WAKE_SPACE, POLL_OUT);
39 } 40 }
diff --git a/net/decnet/dn_nsp_in.c b/net/decnet/dn_nsp_in.c
index 5d8a2a56fd39..932408dca86d 100644
--- a/net/decnet/dn_nsp_in.c
+++ b/net/decnet/dn_nsp_in.c
@@ -578,6 +578,7 @@ out:
578static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig, struct sk_buff_head *queue) 578static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig, struct sk_buff_head *queue)
579{ 579{
580 int err; 580 int err;
581 int skb_len;
581 582
582 /* Cast skb->rcvbuf to unsigned... It's pointless, but reduces 583 /* Cast skb->rcvbuf to unsigned... It's pointless, but reduces
583 number of warnings when compiling with -W --ANK 584 number of warnings when compiling with -W --ANK
@@ -592,22 +593,12 @@ static __inline__ int dn_queue_skb(struct sock *sk, struct sk_buff *skb, int sig
592 if (err) 593 if (err)
593 goto out; 594 goto out;
594 595
596 skb_len = skb->len;
595 skb_set_owner_r(skb, sk); 597 skb_set_owner_r(skb, sk);
596 skb_queue_tail(queue, skb); 598 skb_queue_tail(queue, skb);
597 599
598 /* This code only runs from BH or BH protected context. 600 if (!sock_flag(sk, SOCK_DEAD))
599 * Therefore the plain read_lock is ok here. -DaveM 601 sk->sk_data_ready(sk, skb_len);
600 */
601 read_lock(&sk->sk_callback_lock);
602 if (!sock_flag(sk, SOCK_DEAD)) {
603 struct socket *sock = sk->sk_socket;
604 wake_up_interruptible(sk->sk_sleep);
605 if (sock && sock->fasync_list &&
606 !test_bit(SOCK_ASYNC_WAITDATA, &sock->flags))
607 __kill_fasync(sock->fasync_list, sig,
608 (sig == SIGURG) ? POLL_PRI : POLL_IN);
609 }
610 read_unlock(&sk->sk_callback_lock);
611out: 602out:
612 return err; 603 return err;
613} 604}
diff --git a/net/decnet/dn_rules.c b/net/decnet/dn_rules.c
index 14fbca55e908..a2690b12e03c 100644
--- a/net/decnet/dn_rules.c
+++ b/net/decnet/dn_rules.c
@@ -115,7 +115,7 @@ static int dn_fib_rule_match(struct fib_rule *rule, struct flowi *fl, int flags)
115} 115}
116 116
117static int dn_fib_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 117static int dn_fib_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
118 struct nlmsghdr *nlh, struct fib_rule_hdr *frh, 118 struct fib_rule_hdr *frh,
119 struct nlattr **tb) 119 struct nlattr **tb)
120{ 120{
121 int err = -EINVAL; 121 int err = -EINVAL;
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 7f03373b8c07..170689681aa2 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1003,8 +1003,6 @@ void inet_register_protosw(struct inet_protosw *p)
1003out: 1003out:
1004 spin_unlock_bh(&inetsw_lock); 1004 spin_unlock_bh(&inetsw_lock);
1005 1005
1006 synchronize_net();
1007
1008 return; 1006 return;
1009 1007
1010out_permanent: 1008out_permanent:
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index cafcc49d0993..e2f950592566 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -40,7 +40,6 @@
40#include <net/route.h> 40#include <net/route.h>
41#include <net/tcp.h> 41#include <net/tcp.h>
42#include <net/sock.h> 42#include <net/sock.h>
43#include <net/icmp.h>
44#include <net/arp.h> 43#include <net/arp.h>
45#include <net/ip_fib.h> 44#include <net/ip_fib.h>
46#include <net/rtnetlink.h> 45#include <net/rtnetlink.h>
diff --git a/net/ipv4/fib_hash.c b/net/ipv4/fib_hash.c
index ded8c44fb848..ecd39454235c 100644
--- a/net/ipv4/fib_hash.c
+++ b/net/ipv4/fib_hash.c
@@ -263,7 +263,6 @@ fn_hash_lookup(struct fib_table *tb, const struct flowi *flp, struct fib_result
263 263
264 err = fib_semantic_match(&f->fn_alias, 264 err = fib_semantic_match(&f->fn_alias,
265 flp, res, 265 flp, res,
266 f->fn_key, fz->fz_mask,
267 fz->fz_order); 266 fz->fz_order);
268 if (err <= 0) 267 if (err <= 0)
269 goto out; 268 goto out;
diff --git a/net/ipv4/fib_lookup.h b/net/ipv4/fib_lookup.h
index 2c1623d2768b..637b133973bd 100644
--- a/net/ipv4/fib_lookup.h
+++ b/net/ipv4/fib_lookup.h
@@ -22,8 +22,7 @@ struct fib_alias {
22/* Exported by fib_semantics.c */ 22/* Exported by fib_semantics.c */
23extern int fib_semantic_match(struct list_head *head, 23extern int fib_semantic_match(struct list_head *head,
24 const struct flowi *flp, 24 const struct flowi *flp,
25 struct fib_result *res, __be32 zone, __be32 mask, 25 struct fib_result *res, int prefixlen);
26 int prefixlen);
27extern void fib_release_info(struct fib_info *); 26extern void fib_release_info(struct fib_info *);
28extern struct fib_info *fib_create_info(struct fib_config *cfg); 27extern struct fib_info *fib_create_info(struct fib_config *cfg);
29extern int fib_nh_match(struct fib_config *cfg, struct fib_info *fi); 28extern int fib_nh_match(struct fib_config *cfg, struct fib_info *fi);
diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c
index 6080d7120821..38904be4102e 100644
--- a/net/ipv4/fib_rules.c
+++ b/net/ipv4/fib_rules.c
@@ -134,7 +134,7 @@ static const struct nla_policy fib4_rule_policy[FRA_MAX+1] = {
134}; 134};
135 135
136static int fib4_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 136static int fib4_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
137 struct nlmsghdr *nlh, struct fib_rule_hdr *frh, 137 struct fib_rule_hdr *frh,
138 struct nlattr **tb) 138 struct nlattr **tb)
139{ 139{
140 struct net *net = sock_net(skb->sk); 140 struct net *net = sock_net(skb->sk);
diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
index f831df500907..9b096d6ff3f2 100644
--- a/net/ipv4/fib_semantics.c
+++ b/net/ipv4/fib_semantics.c
@@ -866,8 +866,7 @@ failure:
866 866
867/* Note! fib_semantic_match intentionally uses RCU list functions. */ 867/* Note! fib_semantic_match intentionally uses RCU list functions. */
868int fib_semantic_match(struct list_head *head, const struct flowi *flp, 868int fib_semantic_match(struct list_head *head, const struct flowi *flp,
869 struct fib_result *res, __be32 zone, __be32 mask, 869 struct fib_result *res, int prefixlen)
870 int prefixlen)
871{ 870{
872 struct fib_alias *fa; 871 struct fib_alias *fa;
873 int nh_sel = 0; 872 int nh_sel = 0;
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index ec0ae490f0b6..9070d11058e5 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -1347,8 +1347,7 @@ static int check_leaf(struct trie *t, struct leaf *l,
1347 if (l->key != (key & ntohl(mask))) 1347 if (l->key != (key & ntohl(mask)))
1348 continue; 1348 continue;
1349 1349
1350 err = fib_semantic_match(&li->falh, flp, res, 1350 err = fib_semantic_match(&li->falh, flp, res, plen);
1351 htonl(l->key), mask, plen);
1352 1351
1353#ifdef CONFIG_IP_FIB_TRIE_STATS 1352#ifdef CONFIG_IP_FIB_TRIE_STATS
1354 if (err <= 0) 1353 if (err <= 0)
diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c
index 588a7796e3e3..b0b273503e2a 100644
--- a/net/ipv4/inet_diag.c
+++ b/net/ipv4/inet_diag.c
@@ -198,8 +198,6 @@ static int inet_twsk_diag_fill(struct inet_timewait_sock *tw,
198 tmo = 0; 198 tmo = 0;
199 199
200 r->idiag_family = tw->tw_family; 200 r->idiag_family = tw->tw_family;
201 r->idiag_state = tw->tw_state;
202 r->idiag_timer = 0;
203 r->idiag_retrans = 0; 201 r->idiag_retrans = 0;
204 r->id.idiag_if = tw->tw_bound_dev_if; 202 r->id.idiag_if = tw->tw_bound_dev_if;
205 r->id.idiag_cookie[0] = (u32)(unsigned long)tw; 203 r->id.idiag_cookie[0] = (u32)(unsigned long)tw;
diff --git a/net/ipv4/inet_timewait_sock.c b/net/ipv4/inet_timewait_sock.c
index 8554d0ea1719..68a8d892c711 100644
--- a/net/ipv4/inet_timewait_sock.c
+++ b/net/ipv4/inet_timewait_sock.c
@@ -49,19 +49,22 @@ static void __inet_twsk_kill(struct inet_timewait_sock *tw,
49 inet_twsk_put(tw); 49 inet_twsk_put(tw);
50} 50}
51 51
52void inet_twsk_put(struct inet_timewait_sock *tw) 52static noinline void inet_twsk_free(struct inet_timewait_sock *tw)
53{ 53{
54 if (atomic_dec_and_test(&tw->tw_refcnt)) { 54 struct module *owner = tw->tw_prot->owner;
55 struct module *owner = tw->tw_prot->owner; 55 twsk_destructor((struct sock *)tw);
56 twsk_destructor((struct sock *)tw);
57#ifdef SOCK_REFCNT_DEBUG 56#ifdef SOCK_REFCNT_DEBUG
58 printk(KERN_DEBUG "%s timewait_sock %p released\n", 57 pr_debug("%s timewait_sock %p released\n", tw->tw_prot->name, tw);
59 tw->tw_prot->name, tw);
60#endif 58#endif
61 release_net(twsk_net(tw)); 59 release_net(twsk_net(tw));
62 kmem_cache_free(tw->tw_prot->twsk_prot->twsk_slab, tw); 60 kmem_cache_free(tw->tw_prot->twsk_prot->twsk_slab, tw);
63 module_put(owner); 61 module_put(owner);
64 } 62}
63
64void inet_twsk_put(struct inet_timewait_sock *tw)
65{
66 if (atomic_dec_and_test(&tw->tw_refcnt))
67 inet_twsk_free(tw);
65} 68}
66EXPORT_SYMBOL_GPL(inet_twsk_put); 69EXPORT_SYMBOL_GPL(inet_twsk_put);
67 70
diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
index 1a58a6fa1dc0..40f6206b2aa9 100644
--- a/net/ipv4/ip_input.c
+++ b/net/ipv4/ip_input.c
@@ -358,10 +358,12 @@ static int ip_rcv_finish(struct sk_buff *skb)
358 goto drop; 358 goto drop;
359 359
360 rt = skb->rtable; 360 rt = skb->rtable;
361 if (rt->rt_type == RTN_MULTICAST) 361 if (rt->rt_type == RTN_MULTICAST) {
362 IP_INC_STATS_BH(dev_net(rt->u.dst.dev), IPSTATS_MIB_INMCASTPKTS); 362 IP_UPD_PO_STATS_BH(dev_net(rt->u.dst.dev), IPSTATS_MIB_INMCAST,
363 else if (rt->rt_type == RTN_BROADCAST) 363 skb->len);
364 IP_INC_STATS_BH(dev_net(rt->u.dst.dev), IPSTATS_MIB_INBCASTPKTS); 364 } else if (rt->rt_type == RTN_BROADCAST)
365 IP_UPD_PO_STATS_BH(dev_net(rt->u.dst.dev), IPSTATS_MIB_INBCAST,
366 skb->len);
365 367
366 return dst_input(skb); 368 return dst_input(skb);
367 369
@@ -384,7 +386,8 @@ int ip_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt,
384 if (skb->pkt_type == PACKET_OTHERHOST) 386 if (skb->pkt_type == PACKET_OTHERHOST)
385 goto drop; 387 goto drop;
386 388
387 IP_INC_STATS_BH(dev_net(dev), IPSTATS_MIB_INRECEIVES); 389
390 IP_UPD_PO_STATS_BH(dev_net(dev), IPSTATS_MIB_IN, skb->len);
388 391
389 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) { 392 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) {
390 IP_INC_STATS_BH(dev_net(dev), IPSTATS_MIB_INDISCARDS); 393 IP_INC_STATS_BH(dev_net(dev), IPSTATS_MIB_INDISCARDS);
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index 3e7e910c7c0f..ea19c37ccc0c 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -181,10 +181,10 @@ static inline int ip_finish_output2(struct sk_buff *skb)
181 struct net_device *dev = dst->dev; 181 struct net_device *dev = dst->dev;
182 unsigned int hh_len = LL_RESERVED_SPACE(dev); 182 unsigned int hh_len = LL_RESERVED_SPACE(dev);
183 183
184 if (rt->rt_type == RTN_MULTICAST) 184 if (rt->rt_type == RTN_MULTICAST) {
185 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_OUTMCASTPKTS); 185 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTMCAST, skb->len);
186 else if (rt->rt_type == RTN_BROADCAST) 186 } else if (rt->rt_type == RTN_BROADCAST)
187 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_OUTBCASTPKTS); 187 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTBCAST, skb->len);
188 188
189 /* Be paranoid, rather than too clever. */ 189 /* Be paranoid, rather than too clever. */
190 if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) { 190 if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) {
@@ -244,7 +244,7 @@ int ip_mc_output(struct sk_buff *skb)
244 /* 244 /*
245 * If the indicated interface is up and running, send the packet. 245 * If the indicated interface is up and running, send the packet.
246 */ 246 */
247 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_OUTREQUESTS); 247 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len);
248 248
249 skb->dev = dev; 249 skb->dev = dev;
250 skb->protocol = htons(ETH_P_IP); 250 skb->protocol = htons(ETH_P_IP);
@@ -298,7 +298,7 @@ int ip_output(struct sk_buff *skb)
298{ 298{
299 struct net_device *dev = skb->dst->dev; 299 struct net_device *dev = skb->dst->dev;
300 300
301 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_OUTREQUESTS); 301 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len);
302 302
303 skb->dev = dev; 303 skb->dev = dev;
304 skb->protocol = htons(ETH_P_IP); 304 skb->protocol = htons(ETH_P_IP);
diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c
index cf0cdeeb1db0..f25542c48b7d 100644
--- a/net/ipv4/proc.c
+++ b/net/ipv4/proc.c
@@ -90,14 +90,14 @@ static const struct file_operations sockstat_seq_fops = {
90 90
91/* snmp items */ 91/* snmp items */
92static const struct snmp_mib snmp4_ipstats_list[] = { 92static const struct snmp_mib snmp4_ipstats_list[] = {
93 SNMP_MIB_ITEM("InReceives", IPSTATS_MIB_INRECEIVES), 93 SNMP_MIB_ITEM("InReceives", IPSTATS_MIB_INPKTS),
94 SNMP_MIB_ITEM("InHdrErrors", IPSTATS_MIB_INHDRERRORS), 94 SNMP_MIB_ITEM("InHdrErrors", IPSTATS_MIB_INHDRERRORS),
95 SNMP_MIB_ITEM("InAddrErrors", IPSTATS_MIB_INADDRERRORS), 95 SNMP_MIB_ITEM("InAddrErrors", IPSTATS_MIB_INADDRERRORS),
96 SNMP_MIB_ITEM("ForwDatagrams", IPSTATS_MIB_OUTFORWDATAGRAMS), 96 SNMP_MIB_ITEM("ForwDatagrams", IPSTATS_MIB_OUTFORWDATAGRAMS),
97 SNMP_MIB_ITEM("InUnknownProtos", IPSTATS_MIB_INUNKNOWNPROTOS), 97 SNMP_MIB_ITEM("InUnknownProtos", IPSTATS_MIB_INUNKNOWNPROTOS),
98 SNMP_MIB_ITEM("InDiscards", IPSTATS_MIB_INDISCARDS), 98 SNMP_MIB_ITEM("InDiscards", IPSTATS_MIB_INDISCARDS),
99 SNMP_MIB_ITEM("InDelivers", IPSTATS_MIB_INDELIVERS), 99 SNMP_MIB_ITEM("InDelivers", IPSTATS_MIB_INDELIVERS),
100 SNMP_MIB_ITEM("OutRequests", IPSTATS_MIB_OUTREQUESTS), 100 SNMP_MIB_ITEM("OutRequests", IPSTATS_MIB_OUTPKTS),
101 SNMP_MIB_ITEM("OutDiscards", IPSTATS_MIB_OUTDISCARDS), 101 SNMP_MIB_ITEM("OutDiscards", IPSTATS_MIB_OUTDISCARDS),
102 SNMP_MIB_ITEM("OutNoRoutes", IPSTATS_MIB_OUTNOROUTES), 102 SNMP_MIB_ITEM("OutNoRoutes", IPSTATS_MIB_OUTNOROUTES),
103 SNMP_MIB_ITEM("ReasmTimeout", IPSTATS_MIB_REASMTIMEOUT), 103 SNMP_MIB_ITEM("ReasmTimeout", IPSTATS_MIB_REASMTIMEOUT),
@@ -118,6 +118,12 @@ static const struct snmp_mib snmp4_ipextstats_list[] = {
118 SNMP_MIB_ITEM("OutMcastPkts", IPSTATS_MIB_OUTMCASTPKTS), 118 SNMP_MIB_ITEM("OutMcastPkts", IPSTATS_MIB_OUTMCASTPKTS),
119 SNMP_MIB_ITEM("InBcastPkts", IPSTATS_MIB_INBCASTPKTS), 119 SNMP_MIB_ITEM("InBcastPkts", IPSTATS_MIB_INBCASTPKTS),
120 SNMP_MIB_ITEM("OutBcastPkts", IPSTATS_MIB_OUTBCASTPKTS), 120 SNMP_MIB_ITEM("OutBcastPkts", IPSTATS_MIB_OUTBCASTPKTS),
121 SNMP_MIB_ITEM("InOctets", IPSTATS_MIB_INOCTETS),
122 SNMP_MIB_ITEM("OutOctets", IPSTATS_MIB_OUTOCTETS),
123 SNMP_MIB_ITEM("InMcastOctets", IPSTATS_MIB_INMCASTOCTETS),
124 SNMP_MIB_ITEM("OutMcastOctets", IPSTATS_MIB_OUTMCASTOCTETS),
125 SNMP_MIB_ITEM("InBcastOctets", IPSTATS_MIB_INBCASTOCTETS),
126 SNMP_MIB_ITEM("OutBcastOctets", IPSTATS_MIB_OUTBCASTOCTETS),
121 SNMP_MIB_SENTINEL 127 SNMP_MIB_SENTINEL
122}; 128};
123 129
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index b35a950d2e06..cd2b97f1b6e1 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -161,13 +161,12 @@ static __u16 const msstab[] = {
161 */ 161 */
162__u32 cookie_v4_init_sequence(struct sock *sk, struct sk_buff *skb, __u16 *mssp) 162__u32 cookie_v4_init_sequence(struct sock *sk, struct sk_buff *skb, __u16 *mssp)
163{ 163{
164 struct tcp_sock *tp = tcp_sk(sk);
165 const struct iphdr *iph = ip_hdr(skb); 164 const struct iphdr *iph = ip_hdr(skb);
166 const struct tcphdr *th = tcp_hdr(skb); 165 const struct tcphdr *th = tcp_hdr(skb);
167 int mssind; 166 int mssind;
168 const __u16 mss = *mssp; 167 const __u16 mss = *mssp;
169 168
170 tp->last_synq_overflow = jiffies; 169 tcp_synq_overflow(sk);
171 170
172 /* XXX sort msstab[] by probability? Binary search? */ 171 /* XXX sort msstab[] by probability? Binary search? */
173 for (mssind = 0; mss > msstab[mssind + 1]; mssind++) 172 for (mssind = 0; mss > msstab[mssind + 1]; mssind++)
@@ -268,7 +267,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
268 if (!sysctl_tcp_syncookies || !th->ack) 267 if (!sysctl_tcp_syncookies || !th->ack)
269 goto out; 268 goto out;
270 269
271 if (time_after(jiffies, tp->last_synq_overflow + TCP_TIMEOUT_INIT) || 270 if (tcp_synq_no_recent_overflow(sk) ||
272 (mss = cookie_check(skb, cookie)) == 0) { 271 (mss = cookie_check(skb, cookie)) == 0) {
273 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESFAILED); 272 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESFAILED);
274 goto out; 273 goto out;
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index eec3e6f9956c..eeb8a92aa416 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -77,7 +77,7 @@ int sysctl_tcp_window_scaling __read_mostly = 1;
77int sysctl_tcp_sack __read_mostly = 1; 77int sysctl_tcp_sack __read_mostly = 1;
78int sysctl_tcp_fack __read_mostly = 1; 78int sysctl_tcp_fack __read_mostly = 1;
79int sysctl_tcp_reordering __read_mostly = TCP_FASTRETRANS_THRESH; 79int sysctl_tcp_reordering __read_mostly = TCP_FASTRETRANS_THRESH;
80int sysctl_tcp_ecn __read_mostly; 80int sysctl_tcp_ecn __read_mostly = 2;
81int sysctl_tcp_dsack __read_mostly = 1; 81int sysctl_tcp_dsack __read_mostly = 1;
82int sysctl_tcp_app_win __read_mostly = 31; 82int sysctl_tcp_app_win __read_mostly = 31;
83int sysctl_tcp_adv_win_scale __read_mostly = 2; 83int sysctl_tcp_adv_win_scale __read_mostly = 2;
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 5d427f86b414..fc79e3416288 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1593,7 +1593,7 @@ process:
1593#endif 1593#endif
1594 { 1594 {
1595 if (!tcp_prequeue(sk, skb)) 1595 if (!tcp_prequeue(sk, skb))
1596 ret = tcp_v4_do_rcv(sk, skb); 1596 ret = tcp_v4_do_rcv(sk, skb);
1597 } 1597 }
1598 } else 1598 } else
1599 sk_add_backlog(sk, skb); 1599 sk_add_backlog(sk, skb);
@@ -2343,7 +2343,7 @@ void tcp4_proc_exit(void)
2343 2343
2344struct sk_buff **tcp4_gro_receive(struct sk_buff **head, struct sk_buff *skb) 2344struct sk_buff **tcp4_gro_receive(struct sk_buff **head, struct sk_buff *skb)
2345{ 2345{
2346 struct iphdr *iph = ip_hdr(skb); 2346 struct iphdr *iph = skb_gro_network_header(skb);
2347 2347
2348 switch (skb->ip_summed) { 2348 switch (skb->ip_summed) {
2349 case CHECKSUM_COMPLETE: 2349 case CHECKSUM_COMPLETE:
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index 59aec609cec6..79c39dc9b01c 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -288,7 +288,7 @@ static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb)
288 struct tcp_sock *tp = tcp_sk(sk); 288 struct tcp_sock *tp = tcp_sk(sk);
289 289
290 tp->ecn_flags = 0; 290 tp->ecn_flags = 0;
291 if (sysctl_tcp_ecn) { 291 if (sysctl_tcp_ecn == 1) {
292 TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ECE | TCPCB_FLAG_CWR; 292 TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ECE | TCPCB_FLAG_CWR;
293 tp->ecn_flags = TCP_ECN_OK; 293 tp->ecn_flags = TCP_ECN_OK;
294 } 294 }
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index f5de3f9dc692..e1a36dbb5a27 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -151,7 +151,7 @@ static const struct nla_policy fib6_rule_policy[FRA_MAX+1] = {
151}; 151};
152 152
153static int fib6_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 153static int fib6_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
154 struct nlmsghdr *nlh, struct fib_rule_hdr *frh, 154 struct fib_rule_hdr *frh,
155 struct nlattr **tb) 155 struct nlattr **tb)
156{ 156{
157 int err = -EINVAL; 157 int err = -EINVAL;
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
index 8f04bd9da274..bc1a920c34a1 100644
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -70,7 +70,7 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
70 70
71 idev = __in6_dev_get(skb->dev); 71 idev = __in6_dev_get(skb->dev);
72 72
73 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_INRECEIVES); 73 IP6_UPD_PO_STATS_BH(net, idev, IPSTATS_MIB_IN, skb->len);
74 74
75 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL || 75 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL ||
76 !idev || unlikely(idev->cnf.disable_ipv6)) { 76 !idev || unlikely(idev->cnf.disable_ipv6)) {
@@ -242,8 +242,9 @@ int ip6_mc_input(struct sk_buff *skb)
242 struct ipv6hdr *hdr; 242 struct ipv6hdr *hdr;
243 int deliver; 243 int deliver;
244 244
245 IP6_INC_STATS_BH(dev_net(skb->dst->dev), 245 IP6_UPD_PO_STATS_BH(dev_net(skb->dst->dev),
246 ip6_dst_idev(skb->dst), IPSTATS_MIB_INMCASTPKTS); 246 ip6_dst_idev(skb->dst), IPSTATS_MIB_INMCAST,
247 skb->len);
247 248
248 hdr = ipv6_hdr(skb); 249 hdr = ipv6_hdr(skb);
249 deliver = ipv6_chk_mcast_addr(skb->dev, &hdr->daddr, NULL); 250 deliver = ipv6_chk_mcast_addr(skb->dev, &hdr->daddr, NULL);
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 9fb49c3b518a..735a2bf4b5f1 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -159,7 +159,8 @@ static int ip6_output2(struct sk_buff *skb)
159 } 159 }
160 } 160 }
161 161
162 IP6_INC_STATS(dev_net(dev), idev, IPSTATS_MIB_OUTMCASTPKTS); 162 IP6_UPD_PO_STATS(dev_net(dev), idev, IPSTATS_MIB_OUTMCAST,
163 skb->len);
163 } 164 }
164 165
165 return NF_HOOK(PF_INET6, NF_INET_POST_ROUTING, skb, NULL, skb->dev, 166 return NF_HOOK(PF_INET6, NF_INET_POST_ROUTING, skb, NULL, skb->dev,
@@ -275,8 +276,8 @@ int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
275 276
276 mtu = dst_mtu(dst); 277 mtu = dst_mtu(dst);
277 if ((skb->len <= mtu) || skb->local_df || skb_is_gso(skb)) { 278 if ((skb->len <= mtu) || skb->local_df || skb_is_gso(skb)) {
278 IP6_INC_STATS(net, ip6_dst_idev(skb->dst), 279 IP6_UPD_PO_STATS(net, ip6_dst_idev(skb->dst),
279 IPSTATS_MIB_OUTREQUESTS); 280 IPSTATS_MIB_OUT, skb->len);
280 return NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev, 281 return NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
281 dst_output); 282 dst_output);
282 } 283 }
@@ -1516,7 +1517,7 @@ int ip6_push_pending_frames(struct sock *sk)
1516 skb->mark = sk->sk_mark; 1517 skb->mark = sk->sk_mark;
1517 1518
1518 skb->dst = dst_clone(&rt->u.dst); 1519 skb->dst = dst_clone(&rt->u.dst);
1519 IP6_INC_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUTREQUESTS); 1520 IP6_UPD_PO_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUT, skb->len);
1520 if (proto == IPPROTO_ICMPV6) { 1521 if (proto == IPPROTO_ICMPV6) {
1521 struct inet6_dev *idev = ip6_dst_idev(skb->dst); 1522 struct inet6_dev *idev = ip6_dst_idev(skb->dst);
1522 1523
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index d994c55a5b16..af256d47fd35 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -1100,8 +1100,8 @@ static void ip6_tnl_link_config(struct ip6_tnl *t)
1100 struct ip6_tnl_parm *p = &t->parms; 1100 struct ip6_tnl_parm *p = &t->parms;
1101 struct flowi *fl = &t->fl; 1101 struct flowi *fl = &t->fl;
1102 1102
1103 memcpy(&dev->dev_addr, &p->laddr, sizeof(struct in6_addr)); 1103 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
1104 memcpy(&dev->broadcast, &p->raddr, sizeof(struct in6_addr)); 1104 memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr));
1105 1105
1106 /* Set up flowi template */ 1106 /* Set up flowi template */
1107 ipv6_addr_copy(&fl->fl6_src, &p->laddr); 1107 ipv6_addr_copy(&fl->fl6_src, &p->laddr);
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index a51fb33e6864..4b48819a5b8d 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -1449,7 +1449,8 @@ static void mld_sendpack(struct sk_buff *skb)
1449 int err; 1449 int err;
1450 struct flowi fl; 1450 struct flowi fl;
1451 1451
1452 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTREQUESTS); 1452 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1453
1453 payload_len = (skb->tail - skb->network_header) - sizeof(*pip6); 1454 payload_len = (skb->tail - skb->network_header) - sizeof(*pip6);
1454 mldlen = skb->tail - skb->transport_header; 1455 mldlen = skb->tail - skb->transport_header;
1455 pip6->payload_len = htons(payload_len); 1456 pip6->payload_len = htons(payload_len);
@@ -1473,13 +1474,15 @@ static void mld_sendpack(struct sk_buff *skb)
1473 if (err) 1474 if (err)
1474 goto err_out; 1475 goto err_out;
1475 1476
1477 payload_len = skb->len;
1478
1476 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, skb->dev, 1479 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, skb->dev,
1477 dst_output); 1480 dst_output);
1478out: 1481out:
1479 if (!err) { 1482 if (!err) {
1480 ICMP6MSGOUT_INC_STATS_BH(net, idev, ICMPV6_MLD2_REPORT); 1483 ICMP6MSGOUT_INC_STATS_BH(net, idev, ICMPV6_MLD2_REPORT);
1481 ICMP6_INC_STATS_BH(net, idev, ICMP6_MIB_OUTMSGS); 1484 ICMP6_INC_STATS_BH(net, idev, ICMP6_MIB_OUTMSGS);
1482 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_OUTMCASTPKTS); 1485 IP6_UPD_PO_STATS_BH(net, idev, IPSTATS_MIB_OUTMCAST, payload_len);
1483 } else 1486 } else
1484 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_OUTDISCARDS); 1487 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_OUTDISCARDS);
1485 1488
@@ -1773,10 +1776,6 @@ static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type)
1773 IPV6_TLV_PADN, 0 }; 1776 IPV6_TLV_PADN, 0 };
1774 struct flowi fl; 1777 struct flowi fl;
1775 1778
1776 rcu_read_lock();
1777 IP6_INC_STATS(net, __in6_dev_get(dev),
1778 IPSTATS_MIB_OUTREQUESTS);
1779 rcu_read_unlock();
1780 if (type == ICMPV6_MGM_REDUCTION) 1779 if (type == ICMPV6_MGM_REDUCTION)
1781 snd_addr = &in6addr_linklocal_allrouters; 1780 snd_addr = &in6addr_linklocal_allrouters;
1782 else 1781 else
@@ -1786,6 +1785,11 @@ static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type)
1786 payload_len = len + sizeof(ra); 1785 payload_len = len + sizeof(ra);
1787 full_len = sizeof(struct ipv6hdr) + payload_len; 1786 full_len = sizeof(struct ipv6hdr) + payload_len;
1788 1787
1788 rcu_read_lock();
1789 IP6_UPD_PO_STATS(net, __in6_dev_get(dev),
1790 IPSTATS_MIB_OUT, full_len);
1791 rcu_read_unlock();
1792
1789 skb = sock_alloc_send_skb(sk, LL_ALLOCATED_SPACE(dev) + full_len, 1, &err); 1793 skb = sock_alloc_send_skb(sk, LL_ALLOCATED_SPACE(dev) + full_len, 1, &err);
1790 1794
1791 if (skb == NULL) { 1795 if (skb == NULL) {
@@ -1838,13 +1842,14 @@ static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type)
1838 if (err) 1842 if (err)
1839 goto err_out; 1843 goto err_out;
1840 1844
1845
1841 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, skb->dev, 1846 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, skb->dev,
1842 dst_output); 1847 dst_output);
1843out: 1848out:
1844 if (!err) { 1849 if (!err) {
1845 ICMP6MSGOUT_INC_STATS(net, idev, type); 1850 ICMP6MSGOUT_INC_STATS(net, idev, type);
1846 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS); 1851 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1847 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTMCASTPKTS); 1852 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUTMCAST, full_len);
1848 } else 1853 } else
1849 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS); 1854 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS);
1850 1855
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
index 9f061d1adbc2..ab65cc51b00e 100644
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -533,7 +533,7 @@ void ndisc_send_skb(struct sk_buff *skb,
533 skb->dst = dst; 533 skb->dst = dst;
534 534
535 idev = in6_dev_get(dst->dev); 535 idev = in6_dev_get(dst->dev);
536 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTREQUESTS); 536 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
537 537
538 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev, 538 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
539 dst_output); 539 dst_output);
@@ -1613,7 +1613,7 @@ void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1613 1613
1614 buff->dst = dst; 1614 buff->dst = dst;
1615 idev = in6_dev_get(dst->dev); 1615 idev = in6_dev_get(dst->dev);
1616 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTREQUESTS); 1616 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1617 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev, 1617 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1618 dst_output); 1618 dst_output);
1619 if (!err) { 1619 if (!err) {
diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c
index 97c17fdd6f75..590ddefb7ffc 100644
--- a/net/ipv6/proc.c
+++ b/net/ipv6/proc.c
@@ -61,7 +61,7 @@ static const struct file_operations sockstat6_seq_fops = {
61 61
62static struct snmp_mib snmp6_ipstats_list[] = { 62static struct snmp_mib snmp6_ipstats_list[] = {
63/* ipv6 mib according to RFC 2465 */ 63/* ipv6 mib according to RFC 2465 */
64 SNMP_MIB_ITEM("Ip6InReceives", IPSTATS_MIB_INRECEIVES), 64 SNMP_MIB_ITEM("Ip6InReceives", IPSTATS_MIB_INPKTS),
65 SNMP_MIB_ITEM("Ip6InHdrErrors", IPSTATS_MIB_INHDRERRORS), 65 SNMP_MIB_ITEM("Ip6InHdrErrors", IPSTATS_MIB_INHDRERRORS),
66 SNMP_MIB_ITEM("Ip6InTooBigErrors", IPSTATS_MIB_INTOOBIGERRORS), 66 SNMP_MIB_ITEM("Ip6InTooBigErrors", IPSTATS_MIB_INTOOBIGERRORS),
67 SNMP_MIB_ITEM("Ip6InNoRoutes", IPSTATS_MIB_INNOROUTES), 67 SNMP_MIB_ITEM("Ip6InNoRoutes", IPSTATS_MIB_INNOROUTES),
@@ -71,7 +71,7 @@ static struct snmp_mib snmp6_ipstats_list[] = {
71 SNMP_MIB_ITEM("Ip6InDiscards", IPSTATS_MIB_INDISCARDS), 71 SNMP_MIB_ITEM("Ip6InDiscards", IPSTATS_MIB_INDISCARDS),
72 SNMP_MIB_ITEM("Ip6InDelivers", IPSTATS_MIB_INDELIVERS), 72 SNMP_MIB_ITEM("Ip6InDelivers", IPSTATS_MIB_INDELIVERS),
73 SNMP_MIB_ITEM("Ip6OutForwDatagrams", IPSTATS_MIB_OUTFORWDATAGRAMS), 73 SNMP_MIB_ITEM("Ip6OutForwDatagrams", IPSTATS_MIB_OUTFORWDATAGRAMS),
74 SNMP_MIB_ITEM("Ip6OutRequests", IPSTATS_MIB_OUTREQUESTS), 74 SNMP_MIB_ITEM("Ip6OutRequests", IPSTATS_MIB_OUTPKTS),
75 SNMP_MIB_ITEM("Ip6OutDiscards", IPSTATS_MIB_OUTDISCARDS), 75 SNMP_MIB_ITEM("Ip6OutDiscards", IPSTATS_MIB_OUTDISCARDS),
76 SNMP_MIB_ITEM("Ip6OutNoRoutes", IPSTATS_MIB_OUTNOROUTES), 76 SNMP_MIB_ITEM("Ip6OutNoRoutes", IPSTATS_MIB_OUTNOROUTES),
77 SNMP_MIB_ITEM("Ip6ReasmTimeout", IPSTATS_MIB_REASMTIMEOUT), 77 SNMP_MIB_ITEM("Ip6ReasmTimeout", IPSTATS_MIB_REASMTIMEOUT),
@@ -83,6 +83,12 @@ static struct snmp_mib snmp6_ipstats_list[] = {
83 SNMP_MIB_ITEM("Ip6FragCreates", IPSTATS_MIB_FRAGCREATES), 83 SNMP_MIB_ITEM("Ip6FragCreates", IPSTATS_MIB_FRAGCREATES),
84 SNMP_MIB_ITEM("Ip6InMcastPkts", IPSTATS_MIB_INMCASTPKTS), 84 SNMP_MIB_ITEM("Ip6InMcastPkts", IPSTATS_MIB_INMCASTPKTS),
85 SNMP_MIB_ITEM("Ip6OutMcastPkts", IPSTATS_MIB_OUTMCASTPKTS), 85 SNMP_MIB_ITEM("Ip6OutMcastPkts", IPSTATS_MIB_OUTMCASTPKTS),
86 SNMP_MIB_ITEM("Ip6InOctets", IPSTATS_MIB_INOCTETS),
87 SNMP_MIB_ITEM("Ip6OutOctets", IPSTATS_MIB_OUTOCTETS),
88 SNMP_MIB_ITEM("Ip6InMcastOctets", IPSTATS_MIB_INMCASTOCTETS),
89 SNMP_MIB_ITEM("Ip6OutMcastOctets", IPSTATS_MIB_OUTMCASTOCTETS),
90 SNMP_MIB_ITEM("Ip6InBcastOctets", IPSTATS_MIB_INBCASTOCTETS),
91 SNMP_MIB_ITEM("Ip6OutBcastOctets", IPSTATS_MIB_OUTBCASTOCTETS),
86 SNMP_MIB_SENTINEL 92 SNMP_MIB_SENTINEL
87}; 93};
88 94
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index 61f6827e5906..e99307fba0b1 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -638,7 +638,7 @@ static int rawv6_send_hdrinc(struct sock *sk, void *from, int length,
638 if (err) 638 if (err)
639 goto error_fault; 639 goto error_fault;
640 640
641 IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTREQUESTS); 641 IP6_UPD_PO_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUT, skb->len);
642 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, rt->u.dst.dev, 642 err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, rt->u.dst.dev,
643 dst_output); 643 dst_output);
644 if (err > 0) 644 if (err > 0)
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c
index 711175e0571f..8c2513982b61 100644
--- a/net/ipv6/syncookies.c
+++ b/net/ipv6/syncookies.c
@@ -131,7 +131,7 @@ __u32 cookie_v6_init_sequence(struct sock *sk, struct sk_buff *skb, __u16 *mssp)
131 int mssind; 131 int mssind;
132 const __u16 mss = *mssp; 132 const __u16 mss = *mssp;
133 133
134 tcp_sk(sk)->last_synq_overflow = jiffies; 134 tcp_synq_overflow(sk);
135 135
136 for (mssind = 0; mss > msstab[mssind + 1]; mssind++) 136 for (mssind = 0; mss > msstab[mssind + 1]; mssind++)
137 ; 137 ;
@@ -175,7 +175,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
175 if (!sysctl_tcp_syncookies || !th->ack) 175 if (!sysctl_tcp_syncookies || !th->ack)
176 goto out; 176 goto out;
177 177
178 if (time_after(jiffies, tp->last_synq_overflow + TCP_TIMEOUT_INIT) || 178 if (tcp_synq_no_recent_overflow(sk) ||
179 (mss = cookie_check(skb, cookie)) == 0) { 179 (mss = cookie_check(skb, cookie)) == 0) {
180 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESFAILED); 180 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESFAILED);
181 goto out; 181 goto out;
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index 4b5aa1854260..d9dd94b6bf66 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -943,7 +943,7 @@ static int tcp_v6_gso_send_check(struct sk_buff *skb)
943 943
944struct sk_buff **tcp6_gro_receive(struct sk_buff **head, struct sk_buff *skb) 944struct sk_buff **tcp6_gro_receive(struct sk_buff **head, struct sk_buff *skb)
945{ 945{
946 struct ipv6hdr *iph = ipv6_hdr(skb); 946 struct ipv6hdr *iph = skb_gro_network_header(skb);
947 947
948 switch (skb->ip_summed) { 948 switch (skb->ip_summed) {
949 case CHECKSUM_COMPLETE: 949 case CHECKSUM_COMPLETE:
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
index b51c9187c347..a9b3a6f9ea95 100644
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -29,10 +29,7 @@
29#include <net/iucv/iucv.h> 29#include <net/iucv/iucv.h>
30#include <net/iucv/af_iucv.h> 30#include <net/iucv/af_iucv.h>
31 31
32#define CONFIG_IUCV_SOCK_DEBUG 1 32#define VERSION "1.1"
33
34#define IPRMDATA 0x80
35#define VERSION "1.0"
36 33
37static char iucv_userid[80]; 34static char iucv_userid[80];
38 35
@@ -44,6 +41,19 @@ static struct proto iucv_proto = {
44 .obj_size = sizeof(struct iucv_sock), 41 .obj_size = sizeof(struct iucv_sock),
45}; 42};
46 43
44/* special AF_IUCV IPRM messages */
45static const u8 iprm_shutdown[8] =
46 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
47
48#define TRGCLS_SIZE (sizeof(((struct iucv_message *)0)->class))
49
50/* macros to set/get socket control buffer at correct offset */
51#define CB_TAG(skb) ((skb)->cb) /* iucv message tag */
52#define CB_TAG_LEN (sizeof(((struct iucv_message *) 0)->tag))
53#define CB_TRGCLS(skb) ((skb)->cb + CB_TAG_LEN) /* iucv msg target class */
54#define CB_TRGCLS_LEN (TRGCLS_SIZE)
55
56
47static void iucv_sock_kill(struct sock *sk); 57static void iucv_sock_kill(struct sock *sk);
48static void iucv_sock_close(struct sock *sk); 58static void iucv_sock_close(struct sock *sk);
49 59
@@ -54,6 +64,7 @@ static void iucv_callback_connack(struct iucv_path *, u8 ipuser[16]);
54static int iucv_callback_connreq(struct iucv_path *, u8 ipvmid[8], 64static int iucv_callback_connreq(struct iucv_path *, u8 ipvmid[8],
55 u8 ipuser[16]); 65 u8 ipuser[16]);
56static void iucv_callback_connrej(struct iucv_path *, u8 ipuser[16]); 66static void iucv_callback_connrej(struct iucv_path *, u8 ipuser[16]);
67static void iucv_callback_shutdown(struct iucv_path *, u8 ipuser[16]);
57 68
58static struct iucv_sock_list iucv_sk_list = { 69static struct iucv_sock_list iucv_sk_list = {
59 .lock = __RW_LOCK_UNLOCKED(iucv_sk_list.lock), 70 .lock = __RW_LOCK_UNLOCKED(iucv_sk_list.lock),
@@ -65,7 +76,8 @@ static struct iucv_handler af_iucv_handler = {
65 .path_complete = iucv_callback_connack, 76 .path_complete = iucv_callback_connack,
66 .path_severed = iucv_callback_connrej, 77 .path_severed = iucv_callback_connrej,
67 .message_pending = iucv_callback_rx, 78 .message_pending = iucv_callback_rx,
68 .message_complete = iucv_callback_txdone 79 .message_complete = iucv_callback_txdone,
80 .path_quiesced = iucv_callback_shutdown,
69}; 81};
70 82
71static inline void high_nmcpy(unsigned char *dst, char *src) 83static inline void high_nmcpy(unsigned char *dst, char *src)
@@ -78,6 +90,37 @@ static inline void low_nmcpy(unsigned char *dst, char *src)
78 memcpy(&dst[8], src, 8); 90 memcpy(&dst[8], src, 8);
79} 91}
80 92
93/**
94 * iucv_msg_length() - Returns the length of an iucv message.
95 * @msg: Pointer to struct iucv_message, MUST NOT be NULL
96 *
97 * The function returns the length of the specified iucv message @msg of data
98 * stored in a buffer and of data stored in the parameter list (PRMDATA).
99 *
100 * For IUCV_IPRMDATA, AF_IUCV uses the following convention to transport socket
101 * data:
102 * PRMDATA[0..6] socket data (max 7 bytes);
103 * PRMDATA[7] socket data length value (len is 0xff - PRMDATA[7])
104 *
105 * The socket data length is computed by substracting the socket data length
106 * value from 0xFF.
107 * If the socket data len is greater 7, then PRMDATA can be used for special
108 * notifications (see iucv_sock_shutdown); and further,
109 * if the socket data len is > 7, the function returns 8.
110 *
111 * Use this function to allocate socket buffers to store iucv message data.
112 */
113static inline size_t iucv_msg_length(struct iucv_message *msg)
114{
115 size_t datalen;
116
117 if (msg->flags & IUCV_IPRMDATA) {
118 datalen = 0xff - msg->rmmsg[7];
119 return (datalen < 8) ? datalen : 8;
120 }
121 return msg->length;
122}
123
81/* Timers */ 124/* Timers */
82static void iucv_sock_timeout(unsigned long arg) 125static void iucv_sock_timeout(unsigned long arg)
83{ 126{
@@ -225,6 +268,8 @@ static struct sock *iucv_sock_alloc(struct socket *sock, int proto, gfp_t prio)
225 spin_lock_init(&iucv_sk(sk)->message_q.lock); 268 spin_lock_init(&iucv_sk(sk)->message_q.lock);
226 skb_queue_head_init(&iucv_sk(sk)->backlog_skb_q); 269 skb_queue_head_init(&iucv_sk(sk)->backlog_skb_q);
227 iucv_sk(sk)->send_tag = 0; 270 iucv_sk(sk)->send_tag = 0;
271 iucv_sk(sk)->flags = 0;
272 iucv_sk(sk)->msglimit = IUCV_QUEUELEN_DEFAULT;
228 iucv_sk(sk)->path = NULL; 273 iucv_sk(sk)->path = NULL;
229 memset(&iucv_sk(sk)->src_user_id , 0, 32); 274 memset(&iucv_sk(sk)->src_user_id , 0, 32);
230 275
@@ -248,11 +293,22 @@ static int iucv_sock_create(struct net *net, struct socket *sock, int protocol)
248{ 293{
249 struct sock *sk; 294 struct sock *sk;
250 295
251 if (sock->type != SOCK_STREAM) 296 if (protocol && protocol != PF_IUCV)
252 return -ESOCKTNOSUPPORT; 297 return -EPROTONOSUPPORT;
253 298
254 sock->state = SS_UNCONNECTED; 299 sock->state = SS_UNCONNECTED;
255 sock->ops = &iucv_sock_ops; 300
301 switch (sock->type) {
302 case SOCK_STREAM:
303 sock->ops = &iucv_sock_ops;
304 break;
305 case SOCK_SEQPACKET:
306 /* currently, proto ops can handle both sk types */
307 sock->ops = &iucv_sock_ops;
308 break;
309 default:
310 return -ESOCKTNOSUPPORT;
311 }
256 312
257 sk = iucv_sock_alloc(sock, protocol, GFP_KERNEL); 313 sk = iucv_sock_alloc(sock, protocol, GFP_KERNEL);
258 if (!sk) 314 if (!sk)
@@ -463,11 +519,9 @@ static int iucv_sock_connect(struct socket *sock, struct sockaddr *addr,
463 if (sk->sk_state != IUCV_OPEN && sk->sk_state != IUCV_BOUND) 519 if (sk->sk_state != IUCV_OPEN && sk->sk_state != IUCV_BOUND)
464 return -EBADFD; 520 return -EBADFD;
465 521
466 if (sk->sk_type != SOCK_STREAM) 522 if (sk->sk_type != SOCK_STREAM && sk->sk_type != SOCK_SEQPACKET)
467 return -EINVAL; 523 return -EINVAL;
468 524
469 iucv = iucv_sk(sk);
470
471 if (sk->sk_state == IUCV_OPEN) { 525 if (sk->sk_state == IUCV_OPEN) {
472 err = iucv_sock_autobind(sk); 526 err = iucv_sock_autobind(sk);
473 if (unlikely(err)) 527 if (unlikely(err))
@@ -486,8 +540,8 @@ static int iucv_sock_connect(struct socket *sock, struct sockaddr *addr,
486 540
487 iucv = iucv_sk(sk); 541 iucv = iucv_sk(sk);
488 /* Create path. */ 542 /* Create path. */
489 iucv->path = iucv_path_alloc(IUCV_QUEUELEN_DEFAULT, 543 iucv->path = iucv_path_alloc(iucv->msglimit,
490 IPRMDATA, GFP_KERNEL); 544 IUCV_IPRMDATA, GFP_KERNEL);
491 if (!iucv->path) { 545 if (!iucv->path) {
492 err = -ENOMEM; 546 err = -ENOMEM;
493 goto done; 547 goto done;
@@ -521,8 +575,7 @@ static int iucv_sock_connect(struct socket *sock, struct sockaddr *addr,
521 } 575 }
522 576
523 if (sk->sk_state == IUCV_DISCONN) { 577 if (sk->sk_state == IUCV_DISCONN) {
524 release_sock(sk); 578 err = -ECONNREFUSED;
525 return -ECONNREFUSED;
526 } 579 }
527 580
528 if (err) { 581 if (err) {
@@ -545,7 +598,10 @@ static int iucv_sock_listen(struct socket *sock, int backlog)
545 lock_sock(sk); 598 lock_sock(sk);
546 599
547 err = -EINVAL; 600 err = -EINVAL;
548 if (sk->sk_state != IUCV_BOUND || sock->type != SOCK_STREAM) 601 if (sk->sk_state != IUCV_BOUND)
602 goto done;
603
604 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
549 goto done; 605 goto done;
550 606
551 sk->sk_max_ack_backlog = backlog; 607 sk->sk_max_ack_backlog = backlog;
@@ -636,6 +692,30 @@ static int iucv_sock_getname(struct socket *sock, struct sockaddr *addr,
636 return 0; 692 return 0;
637} 693}
638 694
695/**
696 * iucv_send_iprm() - Send socket data in parameter list of an iucv message.
697 * @path: IUCV path
698 * @msg: Pointer to a struct iucv_message
699 * @skb: The socket data to send, skb->len MUST BE <= 7
700 *
701 * Send the socket data in the parameter list in the iucv message
702 * (IUCV_IPRMDATA). The socket data is stored at index 0 to 6 in the parameter
703 * list and the socket data len at index 7 (last byte).
704 * See also iucv_msg_length().
705 *
706 * Returns the error code from the iucv_message_send() call.
707 */
708static int iucv_send_iprm(struct iucv_path *path, struct iucv_message *msg,
709 struct sk_buff *skb)
710{
711 u8 prmdata[8];
712
713 memcpy(prmdata, (void *) skb->data, skb->len);
714 prmdata[7] = 0xff - (u8) skb->len;
715 return iucv_message_send(path, msg, IUCV_IPRMDATA, 0,
716 (void *) prmdata, 8);
717}
718
639static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock, 719static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
640 struct msghdr *msg, size_t len) 720 struct msghdr *msg, size_t len)
641{ 721{
@@ -643,6 +723,8 @@ static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
643 struct iucv_sock *iucv = iucv_sk(sk); 723 struct iucv_sock *iucv = iucv_sk(sk);
644 struct sk_buff *skb; 724 struct sk_buff *skb;
645 struct iucv_message txmsg; 725 struct iucv_message txmsg;
726 struct cmsghdr *cmsg;
727 int cmsg_done;
646 char user_id[9]; 728 char user_id[9];
647 char appl_id[9]; 729 char appl_id[9];
648 int err; 730 int err;
@@ -654,6 +736,10 @@ static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
654 if (msg->msg_flags & MSG_OOB) 736 if (msg->msg_flags & MSG_OOB)
655 return -EOPNOTSUPP; 737 return -EOPNOTSUPP;
656 738
739 /* SOCK_SEQPACKET: we do not support segmented records */
740 if (sk->sk_type == SOCK_SEQPACKET && !(msg->msg_flags & MSG_EOR))
741 return -EOPNOTSUPP;
742
657 lock_sock(sk); 743 lock_sock(sk);
658 744
659 if (sk->sk_shutdown & SEND_SHUTDOWN) { 745 if (sk->sk_shutdown & SEND_SHUTDOWN) {
@@ -662,6 +748,52 @@ static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
662 } 748 }
663 749
664 if (sk->sk_state == IUCV_CONNECTED) { 750 if (sk->sk_state == IUCV_CONNECTED) {
751 /* initialize defaults */
752 cmsg_done = 0; /* check for duplicate headers */
753 txmsg.class = 0;
754
755 /* iterate over control messages */
756 for (cmsg = CMSG_FIRSTHDR(msg); cmsg;
757 cmsg = CMSG_NXTHDR(msg, cmsg)) {
758
759 if (!CMSG_OK(msg, cmsg)) {
760 err = -EINVAL;
761 goto out;
762 }
763
764 if (cmsg->cmsg_level != SOL_IUCV)
765 continue;
766
767 if (cmsg->cmsg_type & cmsg_done) {
768 err = -EINVAL;
769 goto out;
770 }
771 cmsg_done |= cmsg->cmsg_type;
772
773 switch (cmsg->cmsg_type) {
774 case SCM_IUCV_TRGCLS:
775 if (cmsg->cmsg_len != CMSG_LEN(TRGCLS_SIZE)) {
776 err = -EINVAL;
777 goto out;
778 }
779
780 /* set iucv message target class */
781 memcpy(&txmsg.class,
782 (void *) CMSG_DATA(cmsg), TRGCLS_SIZE);
783
784 break;
785
786 default:
787 err = -EINVAL;
788 goto out;
789 break;
790 }
791 }
792
793 /* allocate one skb for each iucv message:
794 * this is fine for SOCK_SEQPACKET (unless we want to support
795 * segmented records using the MSG_EOR flag), but
796 * for SOCK_STREAM we might want to improve it in future */
665 if (!(skb = sock_alloc_send_skb(sk, len, 797 if (!(skb = sock_alloc_send_skb(sk, len,
666 msg->msg_flags & MSG_DONTWAIT, 798 msg->msg_flags & MSG_DONTWAIT,
667 &err))) 799 &err)))
@@ -672,13 +804,33 @@ static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
672 goto fail; 804 goto fail;
673 } 805 }
674 806
675 txmsg.class = 0; 807 /* increment and save iucv message tag for msg_completion cbk */
676 memcpy(&txmsg.class, skb->data, skb->len >= 4 ? 4 : skb->len);
677 txmsg.tag = iucv->send_tag++; 808 txmsg.tag = iucv->send_tag++;
678 memcpy(skb->cb, &txmsg.tag, 4); 809 memcpy(CB_TAG(skb), &txmsg.tag, CB_TAG_LEN);
679 skb_queue_tail(&iucv->send_skb_q, skb); 810 skb_queue_tail(&iucv->send_skb_q, skb);
680 err = iucv_message_send(iucv->path, &txmsg, 0, 0, 811
681 (void *) skb->data, skb->len); 812 if (((iucv->path->flags & IUCV_IPRMDATA) & iucv->flags)
813 && skb->len <= 7) {
814 err = iucv_send_iprm(iucv->path, &txmsg, skb);
815
816 /* on success: there is no message_complete callback
817 * for an IPRMDATA msg; remove skb from send queue */
818 if (err == 0) {
819 skb_unlink(skb, &iucv->send_skb_q);
820 kfree_skb(skb);
821 }
822
823 /* this error should never happen since the
824 * IUCV_IPRMDATA path flag is set... sever path */
825 if (err == 0x15) {
826 iucv_path_sever(iucv->path, NULL);
827 skb_unlink(skb, &iucv->send_skb_q);
828 err = -EPIPE;
829 goto fail;
830 }
831 } else
832 err = iucv_message_send(iucv->path, &txmsg, 0, 0,
833 (void *) skb->data, skb->len);
682 if (err) { 834 if (err) {
683 if (err == 3) { 835 if (err == 3) {
684 user_id[8] = 0; 836 user_id[8] = 0;
@@ -725,6 +877,10 @@ static int iucv_fragment_skb(struct sock *sk, struct sk_buff *skb, int len)
725 if (!nskb) 877 if (!nskb)
726 return -ENOMEM; 878 return -ENOMEM;
727 879
880 /* copy target class to control buffer of new skb */
881 memcpy(CB_TRGCLS(nskb), CB_TRGCLS(skb), CB_TRGCLS_LEN);
882
883 /* copy data fragment */
728 memcpy(nskb->data, skb->data + copied, size); 884 memcpy(nskb->data, skb->data + copied, size);
729 copied += size; 885 copied += size;
730 dataleft -= size; 886 dataleft -= size;
@@ -744,19 +900,33 @@ static void iucv_process_message(struct sock *sk, struct sk_buff *skb,
744 struct iucv_message *msg) 900 struct iucv_message *msg)
745{ 901{
746 int rc; 902 int rc;
903 unsigned int len;
904
905 len = iucv_msg_length(msg);
747 906
748 if (msg->flags & IPRMDATA) { 907 /* store msg target class in the second 4 bytes of skb ctrl buffer */
749 skb->data = NULL; 908 /* Note: the first 4 bytes are reserved for msg tag */
750 skb->len = 0; 909 memcpy(CB_TRGCLS(skb), &msg->class, CB_TRGCLS_LEN);
910
911 /* check for special IPRM messages (e.g. iucv_sock_shutdown) */
912 if ((msg->flags & IUCV_IPRMDATA) && len > 7) {
913 if (memcmp(msg->rmmsg, iprm_shutdown, 8) == 0) {
914 skb->data = NULL;
915 skb->len = 0;
916 }
751 } else { 917 } else {
752 rc = iucv_message_receive(path, msg, 0, skb->data, 918 rc = iucv_message_receive(path, msg, msg->flags & IUCV_IPRMDATA,
753 msg->length, NULL); 919 skb->data, len, NULL);
754 if (rc) { 920 if (rc) {
755 kfree_skb(skb); 921 kfree_skb(skb);
756 return; 922 return;
757 } 923 }
758 if (skb->truesize >= sk->sk_rcvbuf / 4) { 924 /* we need to fragment iucv messages for SOCK_STREAM only;
759 rc = iucv_fragment_skb(sk, skb, msg->length); 925 * for SOCK_SEQPACKET, it is only relevant if we support
926 * record segmentation using MSG_EOR (see also recvmsg()) */
927 if (sk->sk_type == SOCK_STREAM &&
928 skb->truesize >= sk->sk_rcvbuf / 4) {
929 rc = iucv_fragment_skb(sk, skb, len);
760 kfree_skb(skb); 930 kfree_skb(skb);
761 skb = NULL; 931 skb = NULL;
762 if (rc) { 932 if (rc) {
@@ -767,7 +937,7 @@ static void iucv_process_message(struct sock *sk, struct sk_buff *skb,
767 } else { 937 } else {
768 skb_reset_transport_header(skb); 938 skb_reset_transport_header(skb);
769 skb_reset_network_header(skb); 939 skb_reset_network_header(skb);
770 skb->len = msg->length; 940 skb->len = len;
771 } 941 }
772 } 942 }
773 943
@@ -782,7 +952,7 @@ static void iucv_process_message_q(struct sock *sk)
782 struct sock_msg_q *p, *n; 952 struct sock_msg_q *p, *n;
783 953
784 list_for_each_entry_safe(p, n, &iucv->message_q.list, list) { 954 list_for_each_entry_safe(p, n, &iucv->message_q.list, list) {
785 skb = alloc_skb(p->msg.length, GFP_ATOMIC | GFP_DMA); 955 skb = alloc_skb(iucv_msg_length(&p->msg), GFP_ATOMIC | GFP_DMA);
786 if (!skb) 956 if (!skb)
787 break; 957 break;
788 iucv_process_message(sk, skb, p->path, &p->msg); 958 iucv_process_message(sk, skb, p->path, &p->msg);
@@ -799,7 +969,7 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
799 int noblock = flags & MSG_DONTWAIT; 969 int noblock = flags & MSG_DONTWAIT;
800 struct sock *sk = sock->sk; 970 struct sock *sk = sock->sk;
801 struct iucv_sock *iucv = iucv_sk(sk); 971 struct iucv_sock *iucv = iucv_sk(sk);
802 int target, copied = 0; 972 unsigned int copied, rlen;
803 struct sk_buff *skb, *rskb, *cskb; 973 struct sk_buff *skb, *rskb, *cskb;
804 int err = 0; 974 int err = 0;
805 975
@@ -812,8 +982,6 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
812 if (flags & (MSG_OOB)) 982 if (flags & (MSG_OOB))
813 return -EOPNOTSUPP; 983 return -EOPNOTSUPP;
814 984
815 target = sock_rcvlowat(sk, flags & MSG_WAITALL, len);
816
817 /* receive/dequeue next skb: 985 /* receive/dequeue next skb:
818 * the function understands MSG_PEEK and, thus, does not dequeue skb */ 986 * the function understands MSG_PEEK and, thus, does not dequeue skb */
819 skb = skb_recv_datagram(sk, flags, noblock, &err); 987 skb = skb_recv_datagram(sk, flags, noblock, &err);
@@ -823,25 +991,45 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
823 return err; 991 return err;
824 } 992 }
825 993
826 copied = min_t(unsigned int, skb->len, len); 994 rlen = skb->len; /* real length of skb */
995 copied = min_t(unsigned int, rlen, len);
827 996
828 cskb = skb; 997 cskb = skb;
829 if (memcpy_toiovec(msg->msg_iov, cskb->data, copied)) { 998 if (memcpy_toiovec(msg->msg_iov, cskb->data, copied)) {
830 skb_queue_head(&sk->sk_receive_queue, skb); 999 if (!(flags & MSG_PEEK))
831 if (copied == 0) 1000 skb_queue_head(&sk->sk_receive_queue, skb);
832 return -EFAULT; 1001 return -EFAULT;
833 goto done;
834 } 1002 }
835 1003
836 len -= copied; 1004 /* SOCK_SEQPACKET: set MSG_TRUNC if recv buf size is too small */
1005 if (sk->sk_type == SOCK_SEQPACKET) {
1006 if (copied < rlen)
1007 msg->msg_flags |= MSG_TRUNC;
1008 /* each iucv message contains a complete record */
1009 msg->msg_flags |= MSG_EOR;
1010 }
1011
1012 /* create control message to store iucv msg target class:
1013 * get the trgcls from the control buffer of the skb due to
1014 * fragmentation of original iucv message. */
1015 err = put_cmsg(msg, SOL_IUCV, SCM_IUCV_TRGCLS,
1016 CB_TRGCLS_LEN, CB_TRGCLS(skb));
1017 if (err) {
1018 if (!(flags & MSG_PEEK))
1019 skb_queue_head(&sk->sk_receive_queue, skb);
1020 return err;
1021 }
837 1022
838 /* Mark read part of skb as used */ 1023 /* Mark read part of skb as used */
839 if (!(flags & MSG_PEEK)) { 1024 if (!(flags & MSG_PEEK)) {
840 skb_pull(skb, copied);
841 1025
842 if (skb->len) { 1026 /* SOCK_STREAM: re-queue skb if it contains unreceived data */
843 skb_queue_head(&sk->sk_receive_queue, skb); 1027 if (sk->sk_type == SOCK_STREAM) {
844 goto done; 1028 skb_pull(skb, copied);
1029 if (skb->len) {
1030 skb_queue_head(&sk->sk_receive_queue, skb);
1031 goto done;
1032 }
845 } 1033 }
846 1034
847 kfree_skb(skb); 1035 kfree_skb(skb);
@@ -866,7 +1054,11 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
866 } 1054 }
867 1055
868done: 1056done:
869 return err ? : copied; 1057 /* SOCK_SEQPACKET: return real length if MSG_TRUNC is set */
1058 if (sk->sk_type == SOCK_SEQPACKET && (flags & MSG_TRUNC))
1059 copied = rlen;
1060
1061 return copied;
870} 1062}
871 1063
872static inline unsigned int iucv_accept_poll(struct sock *parent) 1064static inline unsigned int iucv_accept_poll(struct sock *parent)
@@ -928,7 +1120,6 @@ static int iucv_sock_shutdown(struct socket *sock, int how)
928 struct iucv_sock *iucv = iucv_sk(sk); 1120 struct iucv_sock *iucv = iucv_sk(sk);
929 struct iucv_message txmsg; 1121 struct iucv_message txmsg;
930 int err = 0; 1122 int err = 0;
931 u8 prmmsg[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
932 1123
933 how++; 1124 how++;
934 1125
@@ -953,7 +1144,7 @@ static int iucv_sock_shutdown(struct socket *sock, int how)
953 txmsg.class = 0; 1144 txmsg.class = 0;
954 txmsg.tag = 0; 1145 txmsg.tag = 0;
955 err = iucv_message_send(iucv->path, &txmsg, IUCV_IPRMDATA, 0, 1146 err = iucv_message_send(iucv->path, &txmsg, IUCV_IPRMDATA, 0,
956 (void *) prmmsg, 8); 1147 (void *) iprm_shutdown, 8);
957 if (err) { 1148 if (err) {
958 switch (err) { 1149 switch (err) {
959 case 1: 1150 case 1:
@@ -1007,6 +1198,98 @@ static int iucv_sock_release(struct socket *sock)
1007 return err; 1198 return err;
1008} 1199}
1009 1200
1201/* getsockopt and setsockopt */
1202static int iucv_sock_setsockopt(struct socket *sock, int level, int optname,
1203 char __user *optval, int optlen)
1204{
1205 struct sock *sk = sock->sk;
1206 struct iucv_sock *iucv = iucv_sk(sk);
1207 int val;
1208 int rc;
1209
1210 if (level != SOL_IUCV)
1211 return -ENOPROTOOPT;
1212
1213 if (optlen < sizeof(int))
1214 return -EINVAL;
1215
1216 if (get_user(val, (int __user *) optval))
1217 return -EFAULT;
1218
1219 rc = 0;
1220
1221 lock_sock(sk);
1222 switch (optname) {
1223 case SO_IPRMDATA_MSG:
1224 if (val)
1225 iucv->flags |= IUCV_IPRMDATA;
1226 else
1227 iucv->flags &= ~IUCV_IPRMDATA;
1228 break;
1229 case SO_MSGLIMIT:
1230 switch (sk->sk_state) {
1231 case IUCV_OPEN:
1232 case IUCV_BOUND:
1233 if (val < 1 || val > (u16)(~0))
1234 rc = -EINVAL;
1235 else
1236 iucv->msglimit = val;
1237 break;
1238 default:
1239 rc = -EINVAL;
1240 break;
1241 }
1242 break;
1243 default:
1244 rc = -ENOPROTOOPT;
1245 break;
1246 }
1247 release_sock(sk);
1248
1249 return rc;
1250}
1251
1252static int iucv_sock_getsockopt(struct socket *sock, int level, int optname,
1253 char __user *optval, int __user *optlen)
1254{
1255 struct sock *sk = sock->sk;
1256 struct iucv_sock *iucv = iucv_sk(sk);
1257 int val, len;
1258
1259 if (level != SOL_IUCV)
1260 return -ENOPROTOOPT;
1261
1262 if (get_user(len, optlen))
1263 return -EFAULT;
1264
1265 if (len < 0)
1266 return -EINVAL;
1267
1268 len = min_t(unsigned int, len, sizeof(int));
1269
1270 switch (optname) {
1271 case SO_IPRMDATA_MSG:
1272 val = (iucv->flags & IUCV_IPRMDATA) ? 1 : 0;
1273 break;
1274 case SO_MSGLIMIT:
1275 lock_sock(sk);
1276 val = (iucv->path != NULL) ? iucv->path->msglim /* connected */
1277 : iucv->msglimit; /* default */
1278 release_sock(sk);
1279 break;
1280 default:
1281 return -ENOPROTOOPT;
1282 }
1283
1284 if (put_user(len, optlen))
1285 return -EFAULT;
1286 if (copy_to_user(optval, &val, len))
1287 return -EFAULT;
1288
1289 return 0;
1290}
1291
1292
1010/* Callback wrappers - called from iucv base support */ 1293/* Callback wrappers - called from iucv base support */
1011static int iucv_callback_connreq(struct iucv_path *path, 1294static int iucv_callback_connreq(struct iucv_path *path,
1012 u8 ipvmid[8], u8 ipuser[16]) 1295 u8 ipvmid[8], u8 ipuser[16])
@@ -1060,7 +1343,7 @@ static int iucv_callback_connreq(struct iucv_path *path,
1060 } 1343 }
1061 1344
1062 /* Create the new socket */ 1345 /* Create the new socket */
1063 nsk = iucv_sock_alloc(NULL, SOCK_STREAM, GFP_ATOMIC); 1346 nsk = iucv_sock_alloc(NULL, sk->sk_type, GFP_ATOMIC);
1064 if (!nsk) { 1347 if (!nsk) {
1065 err = iucv_path_sever(path, user_data); 1348 err = iucv_path_sever(path, user_data);
1066 iucv_path_free(path); 1349 iucv_path_free(path);
@@ -1083,7 +1366,9 @@ static int iucv_callback_connreq(struct iucv_path *path,
1083 memcpy(nuser_data + 8, niucv->src_name, 8); 1366 memcpy(nuser_data + 8, niucv->src_name, 8);
1084 ASCEBC(nuser_data + 8, 8); 1367 ASCEBC(nuser_data + 8, 8);
1085 1368
1086 path->msglim = IUCV_QUEUELEN_DEFAULT; 1369 /* set message limit for path based on msglimit of accepting socket */
1370 niucv->msglimit = iucv->msglimit;
1371 path->msglim = iucv->msglimit;
1087 err = iucv_path_accept(path, &af_iucv_handler, nuser_data, nsk); 1372 err = iucv_path_accept(path, &af_iucv_handler, nuser_data, nsk);
1088 if (err) { 1373 if (err) {
1089 err = iucv_path_sever(path, user_data); 1374 err = iucv_path_sever(path, user_data);
@@ -1131,19 +1416,17 @@ static void iucv_callback_rx(struct iucv_path *path, struct iucv_message *msg)
1131 goto save_message; 1416 goto save_message;
1132 1417
1133 len = atomic_read(&sk->sk_rmem_alloc); 1418 len = atomic_read(&sk->sk_rmem_alloc);
1134 len += msg->length + sizeof(struct sk_buff); 1419 len += iucv_msg_length(msg) + sizeof(struct sk_buff);
1135 if (len > sk->sk_rcvbuf) 1420 if (len > sk->sk_rcvbuf)
1136 goto save_message; 1421 goto save_message;
1137 1422
1138 skb = alloc_skb(msg->length, GFP_ATOMIC | GFP_DMA); 1423 skb = alloc_skb(iucv_msg_length(msg), GFP_ATOMIC | GFP_DMA);
1139 if (!skb) 1424 if (!skb)
1140 goto save_message; 1425 goto save_message;
1141 1426
1142 iucv_process_message(sk, skb, path, msg); 1427 iucv_process_message(sk, skb, path, msg);
1143 goto out_unlock; 1428 goto out_unlock;
1144 1429
1145 return;
1146
1147save_message: 1430save_message:
1148 save_msg = kzalloc(sizeof(struct sock_msg_q), GFP_ATOMIC | GFP_DMA); 1431 save_msg = kzalloc(sizeof(struct sock_msg_q), GFP_ATOMIC | GFP_DMA);
1149 if (!save_msg) 1432 if (!save_msg)
@@ -1170,7 +1453,7 @@ static void iucv_callback_txdone(struct iucv_path *path,
1170 spin_lock_irqsave(&list->lock, flags); 1453 spin_lock_irqsave(&list->lock, flags);
1171 1454
1172 while (list_skb != (struct sk_buff *)list) { 1455 while (list_skb != (struct sk_buff *)list) {
1173 if (!memcmp(&msg->tag, list_skb->cb, 4)) { 1456 if (!memcmp(&msg->tag, CB_TAG(list_skb), CB_TAG_LEN)) {
1174 this = list_skb; 1457 this = list_skb;
1175 break; 1458 break;
1176 } 1459 }
@@ -1206,6 +1489,21 @@ static void iucv_callback_connrej(struct iucv_path *path, u8 ipuser[16])
1206 sk->sk_state_change(sk); 1489 sk->sk_state_change(sk);
1207} 1490}
1208 1491
1492/* called if the other communication side shuts down its RECV direction;
1493 * in turn, the callback sets SEND_SHUTDOWN to disable sending of data.
1494 */
1495static void iucv_callback_shutdown(struct iucv_path *path, u8 ipuser[16])
1496{
1497 struct sock *sk = path->private;
1498
1499 bh_lock_sock(sk);
1500 if (sk->sk_state != IUCV_CLOSED) {
1501 sk->sk_shutdown |= SEND_SHUTDOWN;
1502 sk->sk_state_change(sk);
1503 }
1504 bh_unlock_sock(sk);
1505}
1506
1209static struct proto_ops iucv_sock_ops = { 1507static struct proto_ops iucv_sock_ops = {
1210 .family = PF_IUCV, 1508 .family = PF_IUCV,
1211 .owner = THIS_MODULE, 1509 .owner = THIS_MODULE,
@@ -1222,8 +1520,8 @@ static struct proto_ops iucv_sock_ops = {
1222 .mmap = sock_no_mmap, 1520 .mmap = sock_no_mmap,
1223 .socketpair = sock_no_socketpair, 1521 .socketpair = sock_no_socketpair,
1224 .shutdown = iucv_sock_shutdown, 1522 .shutdown = iucv_sock_shutdown,
1225 .setsockopt = sock_no_setsockopt, 1523 .setsockopt = iucv_sock_setsockopt,
1226 .getsockopt = sock_no_getsockopt 1524 .getsockopt = iucv_sock_getsockopt,
1227}; 1525};
1228 1526
1229static struct net_proto_family iucv_sock_family_ops = { 1527static struct net_proto_family iucv_sock_family_ops = {
diff --git a/net/iucv/iucv.c b/net/iucv/iucv.c
index a35240f61ec3..61e8038a55ee 100644
--- a/net/iucv/iucv.c
+++ b/net/iucv/iucv.c
@@ -280,6 +280,7 @@ union iucv_param {
280 * Anchor for per-cpu IUCV command parameter block. 280 * Anchor for per-cpu IUCV command parameter block.
281 */ 281 */
282static union iucv_param *iucv_param[NR_CPUS]; 282static union iucv_param *iucv_param[NR_CPUS];
283static union iucv_param *iucv_param_irq[NR_CPUS];
283 284
284/** 285/**
285 * iucv_call_b2f0 286 * iucv_call_b2f0
@@ -358,7 +359,7 @@ static void iucv_allow_cpu(void *data)
358 * 0x10 - Flag to allow priority message completion interrupts 359 * 0x10 - Flag to allow priority message completion interrupts
359 * 0x08 - Flag to allow IUCV control interrupts 360 * 0x08 - Flag to allow IUCV control interrupts
360 */ 361 */
361 parm = iucv_param[cpu]; 362 parm = iucv_param_irq[cpu];
362 memset(parm, 0, sizeof(union iucv_param)); 363 memset(parm, 0, sizeof(union iucv_param));
363 parm->set_mask.ipmask = 0xf8; 364 parm->set_mask.ipmask = 0xf8;
364 iucv_call_b2f0(IUCV_SETMASK, parm); 365 iucv_call_b2f0(IUCV_SETMASK, parm);
@@ -379,7 +380,7 @@ static void iucv_block_cpu(void *data)
379 union iucv_param *parm; 380 union iucv_param *parm;
380 381
381 /* Disable all iucv interrupts. */ 382 /* Disable all iucv interrupts. */
382 parm = iucv_param[cpu]; 383 parm = iucv_param_irq[cpu];
383 memset(parm, 0, sizeof(union iucv_param)); 384 memset(parm, 0, sizeof(union iucv_param));
384 iucv_call_b2f0(IUCV_SETMASK, parm); 385 iucv_call_b2f0(IUCV_SETMASK, parm);
385 386
@@ -403,7 +404,7 @@ static void iucv_declare_cpu(void *data)
403 return; 404 return;
404 405
405 /* Declare interrupt buffer. */ 406 /* Declare interrupt buffer. */
406 parm = iucv_param[cpu]; 407 parm = iucv_param_irq[cpu];
407 memset(parm, 0, sizeof(union iucv_param)); 408 memset(parm, 0, sizeof(union iucv_param));
408 parm->db.ipbfadr1 = virt_to_phys(iucv_irq_data[cpu]); 409 parm->db.ipbfadr1 = virt_to_phys(iucv_irq_data[cpu]);
409 rc = iucv_call_b2f0(IUCV_DECLARE_BUFFER, parm); 410 rc = iucv_call_b2f0(IUCV_DECLARE_BUFFER, parm);
@@ -460,7 +461,7 @@ static void iucv_retrieve_cpu(void *data)
460 iucv_block_cpu(NULL); 461 iucv_block_cpu(NULL);
461 462
462 /* Retrieve interrupt buffer. */ 463 /* Retrieve interrupt buffer. */
463 parm = iucv_param[cpu]; 464 parm = iucv_param_irq[cpu];
464 iucv_call_b2f0(IUCV_RETRIEVE_BUFFER, parm); 465 iucv_call_b2f0(IUCV_RETRIEVE_BUFFER, parm);
465 466
466 /* Clear indication that an iucv buffer exists for this cpu. */ 467 /* Clear indication that an iucv buffer exists for this cpu. */
@@ -574,11 +575,22 @@ static int __cpuinit iucv_cpu_notify(struct notifier_block *self,
574 iucv_irq_data[cpu] = NULL; 575 iucv_irq_data[cpu] = NULL;
575 return NOTIFY_BAD; 576 return NOTIFY_BAD;
576 } 577 }
578 iucv_param_irq[cpu] = kmalloc_node(sizeof(union iucv_param),
579 GFP_KERNEL|GFP_DMA, cpu_to_node(cpu));
580 if (!iucv_param_irq[cpu]) {
581 kfree(iucv_param[cpu]);
582 iucv_param[cpu] = NULL;
583 kfree(iucv_irq_data[cpu]);
584 iucv_irq_data[cpu] = NULL;
585 return NOTIFY_BAD;
586 }
577 break; 587 break;
578 case CPU_UP_CANCELED: 588 case CPU_UP_CANCELED:
579 case CPU_UP_CANCELED_FROZEN: 589 case CPU_UP_CANCELED_FROZEN:
580 case CPU_DEAD: 590 case CPU_DEAD:
581 case CPU_DEAD_FROZEN: 591 case CPU_DEAD_FROZEN:
592 kfree(iucv_param_irq[cpu]);
593 iucv_param_irq[cpu] = NULL;
582 kfree(iucv_param[cpu]); 594 kfree(iucv_param[cpu]);
583 iucv_param[cpu] = NULL; 595 iucv_param[cpu] = NULL;
584 kfree(iucv_irq_data[cpu]); 596 kfree(iucv_irq_data[cpu]);
@@ -625,7 +637,7 @@ static int iucv_sever_pathid(u16 pathid, u8 userdata[16])
625{ 637{
626 union iucv_param *parm; 638 union iucv_param *parm;
627 639
628 parm = iucv_param[smp_processor_id()]; 640 parm = iucv_param_irq[smp_processor_id()];
629 memset(parm, 0, sizeof(union iucv_param)); 641 memset(parm, 0, sizeof(union iucv_param));
630 if (userdata) 642 if (userdata)
631 memcpy(parm->ctrl.ipuser, userdata, sizeof(parm->ctrl.ipuser)); 643 memcpy(parm->ctrl.ipuser, userdata, sizeof(parm->ctrl.ipuser));
@@ -918,10 +930,8 @@ int iucv_path_sever(struct iucv_path *path, u8 userdata[16])
918 if (iucv_active_cpu != smp_processor_id()) 930 if (iucv_active_cpu != smp_processor_id())
919 spin_lock_bh(&iucv_table_lock); 931 spin_lock_bh(&iucv_table_lock);
920 rc = iucv_sever_pathid(path->pathid, userdata); 932 rc = iucv_sever_pathid(path->pathid, userdata);
921 if (!rc) { 933 iucv_path_table[path->pathid] = NULL;
922 iucv_path_table[path->pathid] = NULL; 934 list_del_init(&path->list);
923 list_del_init(&path->list);
924 }
925 if (iucv_active_cpu != smp_processor_id()) 935 if (iucv_active_cpu != smp_processor_id())
926 spin_unlock_bh(&iucv_table_lock); 936 spin_unlock_bh(&iucv_table_lock);
927 preempt_enable(); 937 preempt_enable();
@@ -1378,6 +1388,8 @@ static void iucv_path_complete(struct iucv_irq_data *data)
1378 struct iucv_path_complete *ipc = (void *) data; 1388 struct iucv_path_complete *ipc = (void *) data;
1379 struct iucv_path *path = iucv_path_table[ipc->ippathid]; 1389 struct iucv_path *path = iucv_path_table[ipc->ippathid];
1380 1390
1391 if (path)
1392 path->flags = ipc->ipflags1;
1381 if (path && path->handler && path->handler->path_complete) 1393 if (path && path->handler && path->handler->path_complete)
1382 path->handler->path_complete(path, ipc->ipuser); 1394 path->handler->path_complete(path, ipc->ipuser);
1383} 1395}
@@ -1413,7 +1425,7 @@ static void iucv_path_severed(struct iucv_irq_data *data)
1413 else { 1425 else {
1414 iucv_sever_pathid(path->pathid, NULL); 1426 iucv_sever_pathid(path->pathid, NULL);
1415 iucv_path_table[path->pathid] = NULL; 1427 iucv_path_table[path->pathid] = NULL;
1416 list_del_init(&path->list); 1428 list_del(&path->list);
1417 iucv_path_free(path); 1429 iucv_path_free(path);
1418 } 1430 }
1419} 1431}
@@ -1717,6 +1729,13 @@ static int __init iucv_init(void)
1717 rc = -ENOMEM; 1729 rc = -ENOMEM;
1718 goto out_free; 1730 goto out_free;
1719 } 1731 }
1732 iucv_param_irq[cpu] = kmalloc_node(sizeof(union iucv_param),
1733 GFP_KERNEL|GFP_DMA, cpu_to_node(cpu));
1734 if (!iucv_param_irq[cpu]) {
1735 rc = -ENOMEM;
1736 goto out_free;
1737 }
1738
1720 } 1739 }
1721 rc = register_hotcpu_notifier(&iucv_cpu_notifier); 1740 rc = register_hotcpu_notifier(&iucv_cpu_notifier);
1722 if (rc) 1741 if (rc)
@@ -1734,6 +1753,8 @@ out_cpu:
1734 unregister_hotcpu_notifier(&iucv_cpu_notifier); 1753 unregister_hotcpu_notifier(&iucv_cpu_notifier);
1735out_free: 1754out_free:
1736 for_each_possible_cpu(cpu) { 1755 for_each_possible_cpu(cpu) {
1756 kfree(iucv_param_irq[cpu]);
1757 iucv_param_irq[cpu] = NULL;
1737 kfree(iucv_param[cpu]); 1758 kfree(iucv_param[cpu]);
1738 iucv_param[cpu] = NULL; 1759 iucv_param[cpu] = NULL;
1739 kfree(iucv_irq_data[cpu]); 1760 kfree(iucv_irq_data[cpu]);
@@ -1764,6 +1785,8 @@ static void __exit iucv_exit(void)
1764 spin_unlock_irq(&iucv_queue_lock); 1785 spin_unlock_irq(&iucv_queue_lock);
1765 unregister_hotcpu_notifier(&iucv_cpu_notifier); 1786 unregister_hotcpu_notifier(&iucv_cpu_notifier);
1766 for_each_possible_cpu(cpu) { 1787 for_each_possible_cpu(cpu) {
1788 kfree(iucv_param_irq[cpu]);
1789 iucv_param_irq[cpu] = NULL;
1767 kfree(iucv_param[cpu]); 1790 kfree(iucv_param[cpu]);
1768 iucv_param[cpu] = NULL; 1791 iucv_param[cpu] = NULL;
1769 kfree(iucv_irq_data[cpu]); 1792 kfree(iucv_irq_data[cpu]);
diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c
index febae702685c..9208cf5f2bd5 100644
--- a/net/llc/af_llc.c
+++ b/net/llc/af_llc.c
@@ -935,7 +935,7 @@ static int llc_ui_getname(struct socket *sock, struct sockaddr *uaddr,
935 935
936 if (llc->dev) { 936 if (llc->dev) {
937 sllc.sllc_arphrd = llc->dev->type; 937 sllc.sllc_arphrd = llc->dev->type;
938 memcpy(&sllc.sllc_mac, &llc->dev->dev_addr, 938 memcpy(&sllc.sllc_mac, llc->dev->dev_addr,
939 IFHWADDRLEN); 939 IFHWADDRLEN);
940 } 940 }
941 } 941 }
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index ecc3faf9f11a..9cbf545e95a2 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -11,6 +11,22 @@ config MAC80211
11 This option enables the hardware independent IEEE 802.11 11 This option enables the hardware independent IEEE 802.11
12 networking stack. 12 networking stack.
13 13
14config MAC80211_DEFAULT_PS
15 bool "enable powersave by default"
16 depends on MAC80211
17 default y
18 help
19 This option enables powersave mode by default.
20
21 If this causes your applications to misbehave you should fix your
22 applications instead -- they need to register their network
23 latency requirement, see Documentation/power/pm_qos_interface.txt.
24
25config MAC80211_DEFAULT_PS_VALUE
26 int
27 default 1 if MAC80211_DEFAULT_PS
28 default 0
29
14menu "Rate control algorithm selection" 30menu "Rate control algorithm selection"
15 depends on MAC80211 != n 31 depends on MAC80211 != n
16 32
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
index 07656d830bc4..bc064d7933ff 100644
--- a/net/mac80211/agg-rx.c
+++ b/net/mac80211/agg-rx.c
@@ -16,12 +16,12 @@
16#include <linux/ieee80211.h> 16#include <linux/ieee80211.h>
17#include <net/mac80211.h> 17#include <net/mac80211.h>
18#include "ieee80211_i.h" 18#include "ieee80211_i.h"
19#include "driver-ops.h"
19 20
20void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, 21void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
21 u16 initiator, u16 reason) 22 u16 initiator, u16 reason)
22{ 23{
23 struct ieee80211_local *local = sta->local; 24 struct ieee80211_local *local = sta->local;
24 struct ieee80211_hw *hw = &local->hw;
25 int i; 25 int i;
26 26
27 /* check if TID is in operational state */ 27 /* check if TID is in operational state */
@@ -41,8 +41,8 @@ void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
41 sta->sta.addr, tid); 41 sta->sta.addr, tid);
42#endif /* CONFIG_MAC80211_HT_DEBUG */ 42#endif /* CONFIG_MAC80211_HT_DEBUG */
43 43
44 if (local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP, 44 if (drv_ampdu_action(local, IEEE80211_AMPDU_RX_STOP,
45 &sta->sta, tid, NULL)) 45 &sta->sta, tid, NULL))
46 printk(KERN_DEBUG "HW problem - can not stop rx " 46 printk(KERN_DEBUG "HW problem - can not stop rx "
47 "aggregation for tid %d\n", tid); 47 "aggregation for tid %d\n", tid);
48 48
@@ -68,6 +68,7 @@ void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid,
68 spin_lock_bh(&sta->lock); 68 spin_lock_bh(&sta->lock);
69 /* free resources */ 69 /* free resources */
70 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf); 70 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
71 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_time);
71 72
72 if (!sta->ampdu_mlme.tid_rx[tid]->shutdown) { 73 if (!sta->ampdu_mlme.tid_rx[tid]->shutdown) {
73 kfree(sta->ampdu_mlme.tid_rx[tid]); 74 kfree(sta->ampdu_mlme.tid_rx[tid]);
@@ -268,19 +269,23 @@ void ieee80211_process_addba_request(struct ieee80211_local *local,
268 /* prepare reordering buffer */ 269 /* prepare reordering buffer */
269 tid_agg_rx->reorder_buf = 270 tid_agg_rx->reorder_buf =
270 kcalloc(buf_size, sizeof(struct sk_buff *), GFP_ATOMIC); 271 kcalloc(buf_size, sizeof(struct sk_buff *), GFP_ATOMIC);
271 if (!tid_agg_rx->reorder_buf) { 272 tid_agg_rx->reorder_time =
273 kcalloc(buf_size, sizeof(unsigned long), GFP_ATOMIC);
274 if (!tid_agg_rx->reorder_buf || !tid_agg_rx->reorder_time) {
272#ifdef CONFIG_MAC80211_HT_DEBUG 275#ifdef CONFIG_MAC80211_HT_DEBUG
273 if (net_ratelimit()) 276 if (net_ratelimit())
274 printk(KERN_ERR "can not allocate reordering buffer " 277 printk(KERN_ERR "can not allocate reordering buffer "
275 "to tid %d\n", tid); 278 "to tid %d\n", tid);
276#endif 279#endif
280 kfree(tid_agg_rx->reorder_buf);
281 kfree(tid_agg_rx->reorder_time);
277 kfree(sta->ampdu_mlme.tid_rx[tid]); 282 kfree(sta->ampdu_mlme.tid_rx[tid]);
283 sta->ampdu_mlme.tid_rx[tid] = NULL;
278 goto end; 284 goto end;
279 } 285 }
280 286
281 if (local->ops->ampdu_action) 287 ret = drv_ampdu_action(local, IEEE80211_AMPDU_RX_START,
282 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START, 288 &sta->sta, tid, &start_seq_num);
283 &sta->sta, tid, &start_seq_num);
284#ifdef CONFIG_MAC80211_HT_DEBUG 289#ifdef CONFIG_MAC80211_HT_DEBUG
285 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret); 290 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
286#endif /* CONFIG_MAC80211_HT_DEBUG */ 291#endif /* CONFIG_MAC80211_HT_DEBUG */
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c
index 947aaaad35d2..43d00ffd3988 100644
--- a/net/mac80211/agg-tx.c
+++ b/net/mac80211/agg-tx.c
@@ -16,6 +16,7 @@
16#include <linux/ieee80211.h> 16#include <linux/ieee80211.h>
17#include <net/mac80211.h> 17#include <net/mac80211.h>
18#include "ieee80211_i.h" 18#include "ieee80211_i.h"
19#include "driver-ops.h"
19#include "wme.h" 20#include "wme.h"
20 21
21/** 22/**
@@ -134,8 +135,8 @@ static int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
134 *state = HT_AGG_STATE_REQ_STOP_BA_MSK | 135 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
135 (initiator << HT_AGG_STATE_INITIATOR_SHIFT); 136 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
136 137
137 ret = local->ops->ampdu_action(&local->hw, IEEE80211_AMPDU_TX_STOP, 138 ret = drv_ampdu_action(local, IEEE80211_AMPDU_TX_STOP,
138 &sta->sta, tid, NULL); 139 &sta->sta, tid, NULL);
139 140
140 /* HW shall not deny going back to legacy */ 141 /* HW shall not deny going back to legacy */
141 if (WARN_ON(ret)) { 142 if (WARN_ON(ret)) {
@@ -306,8 +307,8 @@ int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
306 307
307 start_seq_num = sta->tid_seq[tid]; 308 start_seq_num = sta->tid_seq[tid];
308 309
309 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START, 310 ret = drv_ampdu_action(local, IEEE80211_AMPDU_TX_START,
310 &sta->sta, tid, &start_seq_num); 311 &sta->sta, tid, &start_seq_num);
311 312
312 if (ret) { 313 if (ret) {
313#ifdef CONFIG_MAC80211_HT_DEBUG 314#ifdef CONFIG_MAC80211_HT_DEBUG
@@ -418,8 +419,8 @@ static void ieee80211_agg_tx_operational(struct ieee80211_local *local,
418 ieee80211_agg_splice_finish(local, sta, tid); 419 ieee80211_agg_splice_finish(local, sta, tid);
419 spin_unlock(&local->ampdu_lock); 420 spin_unlock(&local->ampdu_lock);
420 421
421 local->ops->ampdu_action(&local->hw, IEEE80211_AMPDU_TX_OPERATIONAL, 422 drv_ampdu_action(local, IEEE80211_AMPDU_TX_OPERATIONAL,
422 &sta->sta, tid, NULL); 423 &sta->sta, tid, NULL);
423} 424}
424 425
425void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid) 426void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index e677b751d468..77e9ff5ec4f3 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -13,6 +13,7 @@
13#include <linux/rcupdate.h> 13#include <linux/rcupdate.h>
14#include <net/cfg80211.h> 14#include <net/cfg80211.h>
15#include "ieee80211_i.h" 15#include "ieee80211_i.h"
16#include "driver-ops.h"
16#include "cfg.h" 17#include "cfg.h"
17#include "rate.h" 18#include "rate.h"
18#include "mesh.h" 19#include "mesh.h"
@@ -111,7 +112,7 @@ static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex,
111} 112}
112 113
113static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev, 114static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
114 u8 key_idx, u8 *mac_addr, 115 u8 key_idx, const u8 *mac_addr,
115 struct key_params *params) 116 struct key_params *params)
116{ 117{
117 struct ieee80211_sub_if_data *sdata; 118 struct ieee80211_sub_if_data *sdata;
@@ -140,7 +141,8 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
140 return -EINVAL; 141 return -EINVAL;
141 } 142 }
142 143
143 key = ieee80211_key_alloc(alg, key_idx, params->key_len, params->key); 144 key = ieee80211_key_alloc(alg, key_idx, params->key_len, params->key,
145 params->seq_len, params->seq);
144 if (!key) 146 if (!key)
145 return -ENOMEM; 147 return -ENOMEM;
146 148
@@ -165,7 +167,7 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
165} 167}
166 168
167static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev, 169static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
168 u8 key_idx, u8 *mac_addr) 170 u8 key_idx, const u8 *mac_addr)
169{ 171{
170 struct ieee80211_sub_if_data *sdata; 172 struct ieee80211_sub_if_data *sdata;
171 struct sta_info *sta; 173 struct sta_info *sta;
@@ -207,7 +209,7 @@ static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
207} 209}
208 210
209static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev, 211static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
210 u8 key_idx, u8 *mac_addr, void *cookie, 212 u8 key_idx, const u8 *mac_addr, void *cookie,
211 void (*callback)(void *cookie, 213 void (*callback)(void *cookie,
212 struct key_params *params)) 214 struct key_params *params))
213{ 215{
@@ -245,12 +247,10 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
245 iv32 = key->u.tkip.tx.iv32; 247 iv32 = key->u.tkip.tx.iv32;
246 iv16 = key->u.tkip.tx.iv16; 248 iv16 = key->u.tkip.tx.iv16;
247 249
248 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 250 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)
249 sdata->local->ops->get_tkip_seq) 251 drv_get_tkip_seq(sdata->local,
250 sdata->local->ops->get_tkip_seq( 252 key->conf.hw_key_idx,
251 local_to_hw(sdata->local), 253 &iv32, &iv16);
252 key->conf.hw_key_idx,
253 &iv32, &iv16);
254 254
255 seq[0] = iv16 & 0xff; 255 seq[0] = iv16 & 0xff;
256 seq[1] = (iv16 >> 8) & 0xff; 256 seq[1] = (iv16 >> 8) & 0xff;
@@ -451,18 +451,11 @@ static int ieee80211_config_beacon(struct ieee80211_sub_if_data *sdata,
451 * This is a kludge. beacon interval should really be part 451 * This is a kludge. beacon interval should really be part
452 * of the beacon information. 452 * of the beacon information.
453 */ 453 */
454 if (params->interval && (sdata->local->hw.conf.beacon_int != 454 if (params->interval &&
455 params->interval)) { 455 (sdata->vif.bss_conf.beacon_int != params->interval)) {
456 sdata->local->hw.conf.beacon_int = params->interval; 456 sdata->vif.bss_conf.beacon_int = params->interval;
457 err = ieee80211_hw_config(sdata->local, 457 ieee80211_bss_info_change_notify(sdata,
458 IEEE80211_CONF_CHANGE_BEACON_INTERVAL); 458 BSS_CHANGED_BEACON_INT);
459 if (err < 0)
460 return err;
461 /*
462 * We updated some parameter so if below bails out
463 * it's not an error.
464 */
465 err = 0;
466 } 459 }
467 460
468 /* Need to have a beacon head if we don't have one yet */ 461 /* Need to have a beacon head if we don't have one yet */
@@ -528,8 +521,9 @@ static int ieee80211_config_beacon(struct ieee80211_sub_if_data *sdata,
528 521
529 kfree(old); 522 kfree(old);
530 523
531 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON | 524 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
532 IEEE80211_IFCC_BEACON_ENABLED); 525 BSS_CHANGED_BEACON);
526 return 0;
533} 527}
534 528
535static int ieee80211_add_beacon(struct wiphy *wiphy, struct net_device *dev, 529static int ieee80211_add_beacon(struct wiphy *wiphy, struct net_device *dev,
@@ -580,7 +574,8 @@ static int ieee80211_del_beacon(struct wiphy *wiphy, struct net_device *dev)
580 synchronize_rcu(); 574 synchronize_rcu();
581 kfree(old); 575 kfree(old);
582 576
583 return ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON_ENABLED); 577 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
578 return 0;
584} 579}
585 580
586/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */ 581/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */
@@ -635,34 +630,38 @@ static void sta_apply_parameters(struct ieee80211_local *local,
635 int i, j; 630 int i, j;
636 struct ieee80211_supported_band *sband; 631 struct ieee80211_supported_band *sband;
637 struct ieee80211_sub_if_data *sdata = sta->sdata; 632 struct ieee80211_sub_if_data *sdata = sta->sdata;
633 u32 mask, set;
638 634
639 sband = local->hw.wiphy->bands[local->oper_channel->band]; 635 sband = local->hw.wiphy->bands[local->oper_channel->band];
640 636
641 /* 637 spin_lock_bh(&sta->lock);
642 * FIXME: updating the flags is racy when this function is 638 mask = params->sta_flags_mask;
643 * called from ieee80211_change_station(), this will 639 set = params->sta_flags_set;
644 * be resolved in a future patch.
645 */
646 640
647 if (params->station_flags & STATION_FLAG_CHANGED) { 641 if (mask & BIT(NL80211_STA_FLAG_AUTHORIZED)) {
648 spin_lock_bh(&sta->lock);
649 sta->flags &= ~WLAN_STA_AUTHORIZED; 642 sta->flags &= ~WLAN_STA_AUTHORIZED;
650 if (params->station_flags & STATION_FLAG_AUTHORIZED) 643 if (set & BIT(NL80211_STA_FLAG_AUTHORIZED))
651 sta->flags |= WLAN_STA_AUTHORIZED; 644 sta->flags |= WLAN_STA_AUTHORIZED;
645 }
652 646
647 if (mask & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE)) {
653 sta->flags &= ~WLAN_STA_SHORT_PREAMBLE; 648 sta->flags &= ~WLAN_STA_SHORT_PREAMBLE;
654 if (params->station_flags & STATION_FLAG_SHORT_PREAMBLE) 649 if (set & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE))
655 sta->flags |= WLAN_STA_SHORT_PREAMBLE; 650 sta->flags |= WLAN_STA_SHORT_PREAMBLE;
651 }
656 652
653 if (mask & BIT(NL80211_STA_FLAG_WME)) {
657 sta->flags &= ~WLAN_STA_WME; 654 sta->flags &= ~WLAN_STA_WME;
658 if (params->station_flags & STATION_FLAG_WME) 655 if (set & BIT(NL80211_STA_FLAG_WME))
659 sta->flags |= WLAN_STA_WME; 656 sta->flags |= WLAN_STA_WME;
657 }
660 658
659 if (mask & BIT(NL80211_STA_FLAG_MFP)) {
661 sta->flags &= ~WLAN_STA_MFP; 660 sta->flags &= ~WLAN_STA_MFP;
662 if (params->station_flags & STATION_FLAG_MFP) 661 if (set & BIT(NL80211_STA_FLAG_MFP))
663 sta->flags |= WLAN_STA_MFP; 662 sta->flags |= WLAN_STA_MFP;
664 spin_unlock_bh(&sta->lock);
665 } 663 }
664 spin_unlock_bh(&sta->lock);
666 665
667 /* 666 /*
668 * FIXME: updating the following information is racy when this 667 * FIXME: updating the following information is racy when this
@@ -1120,7 +1119,7 @@ static int ieee80211_set_txq_params(struct wiphy *wiphy,
1120 p.cw_max = params->cwmax; 1119 p.cw_max = params->cwmax;
1121 p.cw_min = params->cwmin; 1120 p.cw_min = params->cwmin;
1122 p.txop = params->txop; 1121 p.txop = params->txop;
1123 if (local->ops->conf_tx(local_to_hw(local), params->queue, &p)) { 1122 if (drv_conf_tx(local, params->queue, &p)) {
1124 printk(KERN_DEBUG "%s: failed to set TX queue " 1123 printk(KERN_DEBUG "%s: failed to set TX queue "
1125 "parameters for queue %d\n", local->mdev->name, 1124 "parameters for queue %d\n", local->mdev->name,
1126 params->queue); 1125 params->queue);
@@ -1167,7 +1166,8 @@ static int ieee80211_scan(struct wiphy *wiphy,
1167 1166
1168 if (sdata->vif.type != NL80211_IFTYPE_STATION && 1167 if (sdata->vif.type != NL80211_IFTYPE_STATION &&
1169 sdata->vif.type != NL80211_IFTYPE_ADHOC && 1168 sdata->vif.type != NL80211_IFTYPE_ADHOC &&
1170 sdata->vif.type != NL80211_IFTYPE_MESH_POINT) 1169 sdata->vif.type != NL80211_IFTYPE_MESH_POINT &&
1170 (sdata->vif.type != NL80211_IFTYPE_AP || sdata->u.ap.beacon))
1171 return -EOPNOTSUPP; 1171 return -EOPNOTSUPP;
1172 1172
1173 return ieee80211_request_scan(sdata, req); 1173 return ieee80211_request_scan(sdata, req);
@@ -1258,6 +1258,19 @@ static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev,
1258 if (ret) 1258 if (ret)
1259 return ret; 1259 return ret;
1260 1260
1261 if (req->use_mfp) {
1262 sdata->u.mgd.mfp = IEEE80211_MFP_REQUIRED;
1263 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED;
1264 } else {
1265 sdata->u.mgd.mfp = IEEE80211_MFP_DISABLED;
1266 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED;
1267 }
1268
1269 if (req->control_port)
1270 sdata->u.mgd.flags |= IEEE80211_STA_CONTROL_PORT;
1271 else
1272 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
1273
1261 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME; 1274 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
1262 sdata->u.mgd.state = IEEE80211_STA_MLME_ASSOCIATE; 1275 sdata->u.mgd.state = IEEE80211_STA_MLME_ASSOCIATE;
1263 ieee80211_sta_req_auth(sdata); 1276 ieee80211_sta_req_auth(sdata);
@@ -1267,25 +1280,59 @@ static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev,
1267static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev, 1280static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev,
1268 struct cfg80211_deauth_request *req) 1281 struct cfg80211_deauth_request *req)
1269{ 1282{
1270 struct ieee80211_sub_if_data *sdata; 1283 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1271
1272 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1273 1284
1274 /* TODO: req->ie */ 1285 /* TODO: req->ie, req->peer_addr */
1275 return ieee80211_sta_deauthenticate(sdata, req->reason_code); 1286 return ieee80211_sta_deauthenticate(sdata, req->reason_code);
1276} 1287}
1277 1288
1278static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev, 1289static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev,
1279 struct cfg80211_disassoc_request *req) 1290 struct cfg80211_disassoc_request *req)
1280{ 1291{
1281 struct ieee80211_sub_if_data *sdata; 1292 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1282
1283 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1284 1293
1285 /* TODO: req->ie */ 1294 /* TODO: req->ie, req->peer_addr */
1286 return ieee80211_sta_disassociate(sdata, req->reason_code); 1295 return ieee80211_sta_disassociate(sdata, req->reason_code);
1287} 1296}
1288 1297
1298static int ieee80211_join_ibss(struct wiphy *wiphy, struct net_device *dev,
1299 struct cfg80211_ibss_params *params)
1300{
1301 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1302
1303 return ieee80211_ibss_join(sdata, params);
1304}
1305
1306static int ieee80211_leave_ibss(struct wiphy *wiphy, struct net_device *dev)
1307{
1308 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1309
1310 return ieee80211_ibss_leave(sdata);
1311}
1312
1313static int ieee80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1314{
1315 struct ieee80211_local *local = wiphy_priv(wiphy);
1316 int err;
1317
1318 if (changed & WIPHY_PARAM_RTS_THRESHOLD) {
1319 err = drv_set_rts_threshold(local, wiphy->rts_threshold);
1320
1321 if (err)
1322 return err;
1323 }
1324
1325 if (changed & WIPHY_PARAM_RETRY_SHORT)
1326 local->hw.conf.short_frame_max_tx_count = wiphy->retry_short;
1327 if (changed & WIPHY_PARAM_RETRY_LONG)
1328 local->hw.conf.long_frame_max_tx_count = wiphy->retry_long;
1329 if (changed &
1330 (WIPHY_PARAM_RETRY_SHORT | WIPHY_PARAM_RETRY_LONG))
1331 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_RETRY_LIMITS);
1332
1333 return 0;
1334}
1335
1289struct cfg80211_ops mac80211_config_ops = { 1336struct cfg80211_ops mac80211_config_ops = {
1290 .add_virtual_intf = ieee80211_add_iface, 1337 .add_virtual_intf = ieee80211_add_iface,
1291 .del_virtual_intf = ieee80211_del_iface, 1338 .del_virtual_intf = ieee80211_del_iface,
@@ -1322,4 +1369,7 @@ struct cfg80211_ops mac80211_config_ops = {
1322 .assoc = ieee80211_assoc, 1369 .assoc = ieee80211_assoc,
1323 .deauth = ieee80211_deauth, 1370 .deauth = ieee80211_deauth,
1324 .disassoc = ieee80211_disassoc, 1371 .disassoc = ieee80211_disassoc,
1372 .join_ibss = ieee80211_join_ibss,
1373 .leave_ibss = ieee80211_leave_ibss,
1374 .set_wiphy_params = ieee80211_set_wiphy_params,
1325}; 1375};
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index 210b9b6fecd2..e7682fe1c590 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -10,6 +10,7 @@
10#include <linux/debugfs.h> 10#include <linux/debugfs.h>
11#include <linux/rtnetlink.h> 11#include <linux/rtnetlink.h>
12#include "ieee80211_i.h" 12#include "ieee80211_i.h"
13#include "driver-ops.h"
13#include "rate.h" 14#include "rate.h"
14#include "debugfs.h" 15#include "debugfs.h"
15 16
@@ -52,13 +53,13 @@ static const struct file_operations name## _ops = { \
52DEBUGFS_READONLY_FILE(frequency, 20, "%d", 53DEBUGFS_READONLY_FILE(frequency, 20, "%d",
53 local->hw.conf.channel->center_freq); 54 local->hw.conf.channel->center_freq);
54DEBUGFS_READONLY_FILE(rts_threshold, 20, "%d", 55DEBUGFS_READONLY_FILE(rts_threshold, 20, "%d",
55 local->rts_threshold); 56 local->hw.wiphy->rts_threshold);
56DEBUGFS_READONLY_FILE(fragmentation_threshold, 20, "%d", 57DEBUGFS_READONLY_FILE(fragmentation_threshold, 20, "%d",
57 local->fragmentation_threshold); 58 local->hw.wiphy->frag_threshold);
58DEBUGFS_READONLY_FILE(short_retry_limit, 20, "%d", 59DEBUGFS_READONLY_FILE(short_retry_limit, 20, "%d",
59 local->hw.conf.short_frame_max_tx_count); 60 local->hw.wiphy->retry_short);
60DEBUGFS_READONLY_FILE(long_retry_limit, 20, "%d", 61DEBUGFS_READONLY_FILE(long_retry_limit, 20, "%d",
61 local->hw.conf.long_frame_max_tx_count); 62 local->hw.wiphy->retry_long);
62DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d", 63DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d",
63 local->total_ps_buffered); 64 local->total_ps_buffered);
64DEBUGFS_READONLY_FILE(wep_iv, 20, "%#08x", 65DEBUGFS_READONLY_FILE(wep_iv, 20, "%#08x",
@@ -70,11 +71,10 @@ static ssize_t tsf_read(struct file *file, char __user *user_buf,
70 size_t count, loff_t *ppos) 71 size_t count, loff_t *ppos)
71{ 72{
72 struct ieee80211_local *local = file->private_data; 73 struct ieee80211_local *local = file->private_data;
73 u64 tsf = 0; 74 u64 tsf;
74 char buf[100]; 75 char buf[100];
75 76
76 if (local->ops->get_tsf) 77 tsf = drv_get_tsf(local);
77 tsf = local->ops->get_tsf(local_to_hw(local));
78 78
79 snprintf(buf, sizeof(buf), "0x%016llx\n", (unsigned long long) tsf); 79 snprintf(buf, sizeof(buf), "0x%016llx\n", (unsigned long long) tsf);
80 80
@@ -97,13 +97,13 @@ static ssize_t tsf_write(struct file *file,
97 97
98 if (strncmp(buf, "reset", 5) == 0) { 98 if (strncmp(buf, "reset", 5) == 0) {
99 if (local->ops->reset_tsf) { 99 if (local->ops->reset_tsf) {
100 local->ops->reset_tsf(local_to_hw(local)); 100 drv_reset_tsf(local);
101 printk(KERN_INFO "%s: debugfs reset TSF\n", wiphy_name(local->hw.wiphy)); 101 printk(KERN_INFO "%s: debugfs reset TSF\n", wiphy_name(local->hw.wiphy));
102 } 102 }
103 } else { 103 } else {
104 tsf = simple_strtoul(buf, NULL, 0); 104 tsf = simple_strtoul(buf, NULL, 0);
105 if (local->ops->set_tsf) { 105 if (local->ops->set_tsf) {
106 local->ops->set_tsf(local_to_hw(local), tsf); 106 drv_set_tsf(local, tsf);
107 printk(KERN_INFO "%s: debugfs set TSF to %#018llx\n", wiphy_name(local->hw.wiphy), tsf); 107 printk(KERN_INFO "%s: debugfs set TSF to %#018llx\n", wiphy_name(local->hw.wiphy), tsf);
108 } 108 }
109 } 109 }
@@ -135,6 +135,42 @@ static const struct file_operations reset_ops = {
135 .open = mac80211_open_file_generic, 135 .open = mac80211_open_file_generic,
136}; 136};
137 137
138static ssize_t noack_read(struct file *file, char __user *user_buf,
139 size_t count, loff_t *ppos)
140{
141 struct ieee80211_local *local = file->private_data;
142 int res;
143 char buf[10];
144
145 res = scnprintf(buf, sizeof(buf), "%d\n", local->wifi_wme_noack_test);
146
147 return simple_read_from_buffer(user_buf, count, ppos, buf, res);
148}
149
150static ssize_t noack_write(struct file *file,
151 const char __user *user_buf,
152 size_t count, loff_t *ppos)
153{
154 struct ieee80211_local *local = file->private_data;
155 char buf[10];
156 size_t len;
157
158 len = min(count, sizeof(buf) - 1);
159 if (copy_from_user(buf, user_buf, len))
160 return -EFAULT;
161 buf[len] = '\0';
162
163 local->wifi_wme_noack_test = !!simple_strtoul(buf, NULL, 0);
164
165 return count;
166}
167
168static const struct file_operations noack_ops = {
169 .read = noack_read,
170 .write = noack_write,
171 .open = mac80211_open_file_generic
172};
173
138/* statistics stuff */ 174/* statistics stuff */
139 175
140#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \ 176#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \
@@ -150,14 +186,12 @@ static ssize_t format_devstat_counter(struct ieee80211_local *local,
150 char buf[20]; 186 char buf[20];
151 int res; 187 int res;
152 188
153 if (!local->ops->get_stats)
154 return -EOPNOTSUPP;
155
156 rtnl_lock(); 189 rtnl_lock();
157 res = local->ops->get_stats(local_to_hw(local), &stats); 190 res = drv_get_stats(local, &stats);
158 rtnl_unlock(); 191 rtnl_unlock();
159 if (!res) 192 if (res)
160 res = printvalue(&stats, buf, sizeof(buf)); 193 return res;
194 res = printvalue(&stats, buf, sizeof(buf));
161 return simple_read_from_buffer(userbuf, count, ppos, buf, res); 195 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
162} 196}
163 197
@@ -277,6 +311,7 @@ void debugfs_hw_add(struct ieee80211_local *local)
277 DEBUGFS_ADD(wep_iv); 311 DEBUGFS_ADD(wep_iv);
278 DEBUGFS_ADD(tsf); 312 DEBUGFS_ADD(tsf);
279 DEBUGFS_ADD_MODE(reset, 0200); 313 DEBUGFS_ADD_MODE(reset, 0200);
314 DEBUGFS_ADD(noack);
280 315
281 statsd = debugfs_create_dir("statistics", phyd); 316 statsd = debugfs_create_dir("statistics", phyd);
282 local->debugfs.statistics = statsd; 317 local->debugfs.statistics = statsd;
@@ -332,6 +367,7 @@ void debugfs_hw_del(struct ieee80211_local *local)
332 DEBUGFS_DEL(wep_iv); 367 DEBUGFS_DEL(wep_iv);
333 DEBUGFS_DEL(tsf); 368 DEBUGFS_DEL(tsf);
334 DEBUGFS_DEL(reset); 369 DEBUGFS_DEL(reset);
370 DEBUGFS_DEL(noack);
335 371
336 DEBUGFS_STATS_DEL(transmitted_fragment_count); 372 DEBUGFS_STATS_DEL(transmitted_fragment_count);
337 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count); 373 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count);
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
new file mode 100644
index 000000000000..3912b5334b9c
--- /dev/null
+++ b/net/mac80211/driver-ops.h
@@ -0,0 +1,184 @@
1#ifndef __MAC80211_DRIVER_OPS
2#define __MAC80211_DRIVER_OPS
3
4#include <net/mac80211.h>
5#include "ieee80211_i.h"
6
7static inline int drv_tx(struct ieee80211_local *local, struct sk_buff *skb)
8{
9 return local->ops->tx(&local->hw, skb);
10}
11
12static inline int drv_start(struct ieee80211_local *local)
13{
14 return local->ops->start(&local->hw);
15}
16
17static inline void drv_stop(struct ieee80211_local *local)
18{
19 local->ops->stop(&local->hw);
20}
21
22static inline int drv_add_interface(struct ieee80211_local *local,
23 struct ieee80211_if_init_conf *conf)
24{
25 return local->ops->add_interface(&local->hw, conf);
26}
27
28static inline void drv_remove_interface(struct ieee80211_local *local,
29 struct ieee80211_if_init_conf *conf)
30{
31 local->ops->remove_interface(&local->hw, conf);
32}
33
34static inline int drv_config(struct ieee80211_local *local, u32 changed)
35{
36 return local->ops->config(&local->hw, changed);
37}
38
39static inline void drv_bss_info_changed(struct ieee80211_local *local,
40 struct ieee80211_vif *vif,
41 struct ieee80211_bss_conf *info,
42 u32 changed)
43{
44 if (local->ops->bss_info_changed)
45 local->ops->bss_info_changed(&local->hw, vif, info, changed);
46}
47
48static inline void drv_configure_filter(struct ieee80211_local *local,
49 unsigned int changed_flags,
50 unsigned int *total_flags,
51 int mc_count,
52 struct dev_addr_list *mc_list)
53{
54 local->ops->configure_filter(&local->hw, changed_flags, total_flags,
55 mc_count, mc_list);
56}
57
58static inline int drv_set_tim(struct ieee80211_local *local,
59 struct ieee80211_sta *sta, bool set)
60{
61 if (local->ops->set_tim)
62 return local->ops->set_tim(&local->hw, sta, set);
63 return 0;
64}
65
66static inline int drv_set_key(struct ieee80211_local *local,
67 enum set_key_cmd cmd, struct ieee80211_vif *vif,
68 struct ieee80211_sta *sta,
69 struct ieee80211_key_conf *key)
70{
71 return local->ops->set_key(&local->hw, cmd, vif, sta, key);
72}
73
74static inline void drv_update_tkip_key(struct ieee80211_local *local,
75 struct ieee80211_key_conf *conf,
76 const u8 *address, u32 iv32,
77 u16 *phase1key)
78{
79 if (local->ops->update_tkip_key)
80 local->ops->update_tkip_key(&local->hw, conf, address,
81 iv32, phase1key);
82}
83
84static inline int drv_hw_scan(struct ieee80211_local *local,
85 struct cfg80211_scan_request *req)
86{
87 return local->ops->hw_scan(&local->hw, req);
88}
89
90static inline void drv_sw_scan_start(struct ieee80211_local *local)
91{
92 if (local->ops->sw_scan_start)
93 local->ops->sw_scan_start(&local->hw);
94}
95
96static inline void drv_sw_scan_complete(struct ieee80211_local *local)
97{
98 if (local->ops->sw_scan_complete)
99 local->ops->sw_scan_complete(&local->hw);
100}
101
102static inline int drv_get_stats(struct ieee80211_local *local,
103 struct ieee80211_low_level_stats *stats)
104{
105 if (!local->ops->get_stats)
106 return -EOPNOTSUPP;
107 return local->ops->get_stats(&local->hw, stats);
108}
109
110static inline void drv_get_tkip_seq(struct ieee80211_local *local,
111 u8 hw_key_idx, u32 *iv32, u16 *iv16)
112{
113 if (local->ops->get_tkip_seq)
114 local->ops->get_tkip_seq(&local->hw, hw_key_idx, iv32, iv16);
115}
116
117static inline int drv_set_rts_threshold(struct ieee80211_local *local,
118 u32 value)
119{
120 if (local->ops->set_rts_threshold)
121 return local->ops->set_rts_threshold(&local->hw, value);
122 return 0;
123}
124
125static inline void drv_sta_notify(struct ieee80211_local *local,
126 struct ieee80211_vif *vif,
127 enum sta_notify_cmd cmd,
128 struct ieee80211_sta *sta)
129{
130 if (local->ops->sta_notify)
131 local->ops->sta_notify(&local->hw, vif, cmd, sta);
132}
133
134static inline int drv_conf_tx(struct ieee80211_local *local, u16 queue,
135 const struct ieee80211_tx_queue_params *params)
136{
137 if (local->ops->conf_tx)
138 return local->ops->conf_tx(&local->hw, queue, params);
139 return -EOPNOTSUPP;
140}
141
142static inline int drv_get_tx_stats(struct ieee80211_local *local,
143 struct ieee80211_tx_queue_stats *stats)
144{
145 return local->ops->get_tx_stats(&local->hw, stats);
146}
147
148static inline u64 drv_get_tsf(struct ieee80211_local *local)
149{
150 if (local->ops->get_tsf)
151 return local->ops->get_tsf(&local->hw);
152 return -1ULL;
153}
154
155static inline void drv_set_tsf(struct ieee80211_local *local, u64 tsf)
156{
157 if (local->ops->set_tsf)
158 local->ops->set_tsf(&local->hw, tsf);
159}
160
161static inline void drv_reset_tsf(struct ieee80211_local *local)
162{
163 if (local->ops->reset_tsf)
164 local->ops->reset_tsf(&local->hw);
165}
166
167static inline int drv_tx_last_beacon(struct ieee80211_local *local)
168{
169 if (local->ops->tx_last_beacon)
170 return local->ops->tx_last_beacon(&local->hw);
171 return 1;
172}
173
174static inline int drv_ampdu_action(struct ieee80211_local *local,
175 enum ieee80211_ampdu_mlme_action action,
176 struct ieee80211_sta *sta, u16 tid,
177 u16 *ssn)
178{
179 if (local->ops->ampdu_action)
180 return local->ops->ampdu_action(&local->hw, action,
181 sta, tid, ssn);
182 return -EOPNOTSUPP;
183}
184#endif /* __MAC80211_DRIVER_OPS */
diff --git a/net/mac80211/event.c b/net/mac80211/event.c
index 0d95561c0ee0..f288d01a6344 100644
--- a/net/mac80211/event.c
+++ b/net/mac80211/event.c
@@ -12,12 +12,12 @@
12#include "ieee80211_i.h" 12#include "ieee80211_i.h"
13 13
14/* 14/*
15 * indicate a failed Michael MIC to userspace; the passed packet 15 * Indicate a failed Michael MIC to userspace. If the caller knows the TSC of
16 * (in the variable hdr) must be long enough to extract the TKIP 16 * the frame that generated the MIC failure (i.e., if it was provided by the
17 * fields like TSC 17 * driver or is still in the frame), it should provide that information.
18 */ 18 */
19void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx, 19void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx,
20 struct ieee80211_hdr *hdr) 20 struct ieee80211_hdr *hdr, const u8 *tsc)
21{ 21{
22 union iwreq_data wrqu; 22 union iwreq_data wrqu;
23 char *buf = kmalloc(128, GFP_ATOMIC); 23 char *buf = kmalloc(128, GFP_ATOMIC);
@@ -34,8 +34,9 @@ void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int ke
34 kfree(buf); 34 kfree(buf);
35 } 35 }
36 36
37 /* 37 cfg80211_michael_mic_failure(sdata->dev, hdr->addr2,
38 * TODO: re-add support for sending MIC failure indication 38 (hdr->addr1[0] & 0x01) ?
39 * with all info via nl80211 39 NL80211_KEYTYPE_GROUP :
40 */ 40 NL80211_KEYTYPE_PAIRWISE,
41 keyidx, tsc);
41} 42}
diff --git a/net/mac80211/ht.c b/net/mac80211/ht.c
index 4e3c72f20de7..0891bfb06996 100644
--- a/net/mac80211/ht.c
+++ b/net/mac80211/ht.c
@@ -14,7 +14,6 @@
14 */ 14 */
15 15
16#include <linux/ieee80211.h> 16#include <linux/ieee80211.h>
17#include <net/wireless.h>
18#include <net/mac80211.h> 17#include <net/mac80211.h>
19#include "ieee80211_i.h" 18#include "ieee80211_i.h"
20#include "rate.h" 19#include "rate.h"
@@ -83,89 +82,6 @@ void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_supported_band *sband,
83 ht_cap->mcs.rx_mask[32/8] |= 1; 82 ht_cap->mcs.rx_mask[32/8] |= 1;
84} 83}
85 84
86/*
87 * ieee80211_enable_ht should be called only after the operating band
88 * has been determined as ht configuration depends on the hw's
89 * HT abilities for a specific band.
90 */
91u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
92 struct ieee80211_ht_info *hti,
93 u16 ap_ht_cap_flags)
94{
95 struct ieee80211_local *local = sdata->local;
96 struct ieee80211_supported_band *sband;
97 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
98 struct ieee80211_bss_ht_conf ht;
99 struct sta_info *sta;
100 u32 changed = 0;
101 bool enable_ht = true, ht_changed;
102 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
103
104 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
105
106 memset(&ht, 0, sizeof(ht));
107
108 /* HT is not supported */
109 if (!sband->ht_cap.ht_supported)
110 enable_ht = false;
111
112 /* check that channel matches the right operating channel */
113 if (local->hw.conf.channel->center_freq !=
114 ieee80211_channel_to_frequency(hti->control_chan))
115 enable_ht = false;
116
117 if (enable_ht) {
118 channel_type = NL80211_CHAN_HT20;
119
120 if (!(ap_ht_cap_flags & IEEE80211_HT_CAP_40MHZ_INTOLERANT) &&
121 (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
122 (hti->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) {
123 switch(hti->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
124 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
125 channel_type = NL80211_CHAN_HT40PLUS;
126 break;
127 case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
128 channel_type = NL80211_CHAN_HT40MINUS;
129 break;
130 }
131 }
132 }
133
134 ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
135 channel_type != local->hw.conf.channel_type;
136
137 local->oper_channel_type = channel_type;
138
139 if (ht_changed) {
140 /* channel_type change automatically detected */
141 ieee80211_hw_config(local, 0);
142
143 rcu_read_lock();
144
145 sta = sta_info_get(local, ifmgd->bssid);
146 if (sta)
147 rate_control_rate_update(local, sband, sta,
148 IEEE80211_RC_HT_CHANGED);
149
150 rcu_read_unlock();
151
152 }
153
154 /* disable HT */
155 if (!enable_ht)
156 return 0;
157
158 ht.operation_mode = le16_to_cpu(hti->operation_mode);
159
160 /* if bss configuration changed store the new one */
161 if (memcmp(&sdata->vif.bss_conf.ht, &ht, sizeof(ht))) {
162 changed |= BSS_CHANGED_HT;
163 sdata->vif.bss_conf.ht = ht;
164 }
165
166 return changed;
167}
168
169void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta) 85void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta)
170{ 86{
171 int i; 87 int i;
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 3201e1f96365..c236079ed38a 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -22,6 +22,7 @@
22#include <asm/unaligned.h> 22#include <asm/unaligned.h>
23 23
24#include "ieee80211_i.h" 24#include "ieee80211_i.h"
25#include "driver-ops.h"
25#include "rate.h" 26#include "rate.h"
26 27
27#define IEEE80211_SCAN_INTERVAL (2 * HZ) 28#define IEEE80211_SCAN_INTERVAL (2 * HZ)
@@ -59,74 +60,65 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
59 sdata->u.ibss.bssid, 0); 60 sdata->u.ibss.bssid, 0);
60} 61}
61 62
62static int __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 63static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
63 const u8 *bssid, const int beacon_int, 64 const u8 *bssid, const int beacon_int,
64 const int freq, 65 struct ieee80211_channel *chan,
65 const size_t supp_rates_len, 66 const u32 basic_rates,
66 const u8 *supp_rates, 67 const u16 capability, u64 tsf)
67 const u16 capability, u64 tsf)
68{ 68{
69 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 69 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
70 struct ieee80211_local *local = sdata->local; 70 struct ieee80211_local *local = sdata->local;
71 int res = 0, rates, i, j; 71 int rates, i;
72 struct sk_buff *skb; 72 struct sk_buff *skb;
73 struct ieee80211_mgmt *mgmt; 73 struct ieee80211_mgmt *mgmt;
74 u8 *pos; 74 u8 *pos;
75 struct ieee80211_supported_band *sband; 75 struct ieee80211_supported_band *sband;
76 union iwreq_data wrqu; 76 u32 bss_change;
77 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
77 78
78 if (local->ops->reset_tsf) { 79 /* Reset own TSF to allow time synchronization work. */
79 /* Reset own TSF to allow time synchronization work. */ 80 drv_reset_tsf(local);
80 local->ops->reset_tsf(local_to_hw(local));
81 }
82 81
83 if ((ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET) && 82 skb = ifibss->skb;
84 memcmp(ifibss->bssid, bssid, ETH_ALEN) == 0) 83 rcu_assign_pointer(ifibss->presp, NULL);
85 return res; 84 synchronize_rcu();
85 skb->data = skb->head;
86 skb->len = 0;
87 skb_reset_tail_pointer(skb);
88 skb_reserve(skb, sdata->local->hw.extra_tx_headroom);
86 89
87 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400); 90 if (memcmp(ifibss->bssid, bssid, ETH_ALEN))
88 if (!skb) { 91 sta_info_flush(sdata->local, sdata);
89 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
90 "response\n", sdata->dev->name);
91 return -ENOMEM;
92 }
93
94 if (!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET)) {
95 /* Remove possible STA entries from other IBSS networks. */
96 sta_info_flush_delayed(sdata);
97 }
98 92
99 memcpy(ifibss->bssid, bssid, ETH_ALEN); 93 memcpy(ifibss->bssid, bssid, ETH_ALEN);
100 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
101 if (res)
102 return res;
103
104 local->hw.conf.beacon_int = beacon_int >= 10 ? beacon_int : 10;
105 94
106 sdata->drop_unencrypted = capability & 95 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
107 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
108 96
109 res = ieee80211_set_freq(sdata, freq); 97 local->oper_channel = chan;
98 local->oper_channel_type = NL80211_CHAN_NO_HT;
99 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
110 100
111 if (res) 101 sband = local->hw.wiphy->bands[chan->band];
112 return res;
113 102
114 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 103 /* build supported rates array */
104 pos = supp_rates;
105 for (i = 0; i < sband->n_bitrates; i++) {
106 int rate = sband->bitrates[i].bitrate;
107 u8 basic = 0;
108 if (basic_rates & BIT(i))
109 basic = 0x80;
110 *pos++ = basic | (u8) (rate / 5);
111 }
115 112
116 /* Build IBSS probe response */ 113 /* Build IBSS probe response */
117 114 mgmt = (void *) skb_put(skb, 24 + sizeof(mgmt->u.beacon));
118 skb_reserve(skb, local->hw.extra_tx_headroom);
119
120 mgmt = (struct ieee80211_mgmt *)
121 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
122 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon)); 115 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
123 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 116 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
124 IEEE80211_STYPE_PROBE_RESP); 117 IEEE80211_STYPE_PROBE_RESP);
125 memset(mgmt->da, 0xff, ETH_ALEN); 118 memset(mgmt->da, 0xff, ETH_ALEN);
126 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 119 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
127 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN); 120 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
128 mgmt->u.beacon.beacon_int = 121 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int);
129 cpu_to_le16(local->hw.conf.beacon_int);
130 mgmt->u.beacon.timestamp = cpu_to_le64(tsf); 122 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
131 mgmt->u.beacon.capab_info = cpu_to_le16(capability); 123 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
132 124
@@ -135,7 +127,7 @@ static int __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
135 *pos++ = ifibss->ssid_len; 127 *pos++ = ifibss->ssid_len;
136 memcpy(pos, ifibss->ssid, ifibss->ssid_len); 128 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
137 129
138 rates = supp_rates_len; 130 rates = sband->n_bitrates;
139 if (rates > 8) 131 if (rates > 8)
140 rates = 8; 132 rates = 8;
141 pos = skb_put(skb, 2 + rates); 133 pos = skb_put(skb, 2 + rates);
@@ -147,7 +139,7 @@ static int __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
147 pos = skb_put(skb, 2 + 1); 139 pos = skb_put(skb, 2 + 1);
148 *pos++ = WLAN_EID_DS_PARAMS; 140 *pos++ = WLAN_EID_DS_PARAMS;
149 *pos++ = 1; 141 *pos++ = 1;
150 *pos++ = ieee80211_frequency_to_channel(freq); 142 *pos++ = ieee80211_frequency_to_channel(chan->center_freq);
151 } 143 }
152 144
153 pos = skb_put(skb, 2 + 2); 145 pos = skb_put(skb, 2 + 2);
@@ -157,51 +149,73 @@ static int __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
157 *pos++ = 0; 149 *pos++ = 0;
158 *pos++ = 0; 150 *pos++ = 0;
159 151
160 if (supp_rates_len > 8) { 152 if (sband->n_bitrates > 8) {
161 rates = supp_rates_len - 8; 153 rates = sband->n_bitrates - 8;
162 pos = skb_put(skb, 2 + rates); 154 pos = skb_put(skb, 2 + rates);
163 *pos++ = WLAN_EID_EXT_SUPP_RATES; 155 *pos++ = WLAN_EID_EXT_SUPP_RATES;
164 *pos++ = rates; 156 *pos++ = rates;
165 memcpy(pos, &supp_rates[8], rates); 157 memcpy(pos, &supp_rates[8], rates);
166 } 158 }
167 159
168 ifibss->probe_resp = skb; 160 if (ifibss->ie_len)
161 memcpy(skb_put(skb, ifibss->ie_len),
162 ifibss->ie, ifibss->ie_len);
169 163
170 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON | 164 rcu_assign_pointer(ifibss->presp, skb);
171 IEEE80211_IFCC_BEACON_ENABLED);
172 165
166 sdata->vif.bss_conf.beacon_int = beacon_int;
167 bss_change = BSS_CHANGED_BEACON_INT;
168 bss_change |= ieee80211_reset_erp_info(sdata);
169 bss_change |= BSS_CHANGED_BSSID;
170 bss_change |= BSS_CHANGED_BEACON;
171 bss_change |= BSS_CHANGED_BEACON_ENABLED;
172 ieee80211_bss_info_change_notify(sdata, bss_change);
173 173
174 rates = 0; 174 ieee80211_sta_def_wmm_params(sdata, sband->n_bitrates, supp_rates);
175 for (i = 0; i < supp_rates_len; i++) {
176 int bitrate = (supp_rates[i] & 0x7f) * 5;
177 for (j = 0; j < sband->n_bitrates; j++)
178 if (sband->bitrates[j].bitrate == bitrate)
179 rates |= BIT(j);
180 }
181
182 ieee80211_sta_def_wmm_params(sdata, supp_rates_len, supp_rates);
183 175
184 ifibss->flags |= IEEE80211_IBSS_PREV_BSSID_SET;
185 ifibss->state = IEEE80211_IBSS_MLME_JOINED; 176 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
186 mod_timer(&ifibss->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL); 177 mod_timer(&ifibss->timer,
178 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
187 179
188 memset(&wrqu, 0, sizeof(wrqu)); 180 cfg80211_inform_bss_frame(local->hw.wiphy, local->hw.conf.channel,
189 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN); 181 mgmt, skb->len, 0, GFP_KERNEL);
190 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL); 182 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, GFP_KERNEL);
191
192 return res;
193} 183}
194 184
195static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 185static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
196 struct ieee80211_bss *bss) 186 struct ieee80211_bss *bss)
197{ 187{
198 return __ieee80211_sta_join_ibss(sdata, 188 struct ieee80211_supported_band *sband;
199 bss->cbss.bssid, 189 u32 basic_rates;
200 bss->cbss.beacon_interval, 190 int i, j;
201 bss->cbss.channel->center_freq, 191 u16 beacon_int = bss->cbss.beacon_interval;
202 bss->supp_rates_len, bss->supp_rates, 192
203 bss->cbss.capability, 193 if (beacon_int < 10)
204 bss->cbss.tsf); 194 beacon_int = 10;
195
196 sband = sdata->local->hw.wiphy->bands[bss->cbss.channel->band];
197
198 basic_rates = 0;
199
200 for (i = 0; i < bss->supp_rates_len; i++) {
201 int rate = (bss->supp_rates[i] & 0x7f) * 5;
202 bool is_basic = !!(bss->supp_rates[i] & 0x80);
203
204 for (j = 0; j < sband->n_bitrates; j++) {
205 if (sband->bitrates[j].bitrate == rate) {
206 if (is_basic)
207 basic_rates |= BIT(j);
208 break;
209 }
210 }
211 }
212
213 __ieee80211_sta_join_ibss(sdata, bss->cbss.bssid,
214 beacon_int,
215 bss->cbss.channel,
216 basic_rates,
217 bss->cbss.capability,
218 bss->cbss.tsf);
205} 219}
206 220
207static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 221static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
@@ -277,7 +291,7 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
277 goto put_bss; 291 goto put_bss;
278 292
279 /* we use a fixed BSSID */ 293 /* we use a fixed BSSID */
280 if (sdata->u.ibss.flags & IEEE80211_IBSS_BSSID_SET) 294 if (sdata->u.ibss.bssid)
281 goto put_bss; 295 goto put_bss;
282 296
283 /* not an IBSS */ 297 /* not an IBSS */
@@ -322,12 +336,13 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
322 bitrates[rx_status->rate_idx].bitrate; 336 bitrates[rx_status->rate_idx].bitrate;
323 337
324 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate); 338 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
325 } else if (local && local->ops && local->ops->get_tsf) 339 } else {
326 /* second best option: get current TSF */ 340 /*
327 rx_timestamp = local->ops->get_tsf(local_to_hw(local)); 341 * second best option: get current TSF
328 else 342 * (will return -1 if not supported)
329 /* can't merge without knowing the TSF */ 343 */
330 rx_timestamp = -1LLU; 344 rx_timestamp = drv_get_tsf(local);
345 }
331 346
332#ifdef CONFIG_MAC80211_IBSS_DEBUG 347#ifdef CONFIG_MAC80211_IBSS_DEBUG
333 printk(KERN_DEBUG "RX beacon SA=%pM BSSID=" 348 printk(KERN_DEBUG "RX beacon SA=%pM BSSID="
@@ -369,13 +384,14 @@ struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
369 struct sta_info *sta; 384 struct sta_info *sta;
370 int band = local->hw.conf.channel->band; 385 int band = local->hw.conf.channel->band;
371 386
372 /* TODO: Could consider removing the least recently used entry and 387 /*
373 * allow new one to be added. */ 388 * XXX: Consider removing the least recently used entry and
389 * allow new one to be added.
390 */
374 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 391 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
375 if (net_ratelimit()) { 392 if (net_ratelimit())
376 printk(KERN_DEBUG "%s: No room for a new IBSS STA " 393 printk(KERN_DEBUG "%s: No room for a new IBSS STA entry %pM\n",
377 "entry %pM\n", sdata->dev->name, addr); 394 sdata->dev->name, addr);
378 }
379 return NULL; 395 return NULL;
380 } 396 }
381 397
@@ -432,41 +448,33 @@ static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
432{ 448{
433 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 449 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
434 450
435 mod_timer(&ifibss->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL); 451 mod_timer(&ifibss->timer,
452 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
436 453
437 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT); 454 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
455
438 if (ieee80211_sta_active_ibss(sdata)) 456 if (ieee80211_sta_active_ibss(sdata))
439 return; 457 return;
440 458
441 if ((ifibss->flags & IEEE80211_IBSS_BSSID_SET) && 459 if (ifibss->fixed_channel)
442 (!(ifibss->flags & IEEE80211_IBSS_AUTO_CHANNEL_SEL)))
443 return; 460 return;
444 461
445 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other " 462 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
446 "IBSS networks with same SSID (merge)\n", sdata->dev->name); 463 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
447 464
448 /* XXX maybe racy? */ 465 ieee80211_request_internal_scan(sdata, ifibss->ssid, ifibss->ssid_len);
449 if (sdata->local->scan_req)
450 return;
451
452 memcpy(sdata->local->int_scan_req.ssids[0].ssid,
453 ifibss->ssid, IEEE80211_MAX_SSID_LEN);
454 sdata->local->int_scan_req.ssids[0].ssid_len = ifibss->ssid_len;
455 ieee80211_request_scan(sdata, &sdata->local->int_scan_req);
456} 466}
457 467
458static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) 468static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
459{ 469{
460 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 470 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
461 struct ieee80211_local *local = sdata->local; 471 struct ieee80211_local *local = sdata->local;
462 struct ieee80211_supported_band *sband; 472 struct ieee80211_supported_band *sband;
463 u8 *pos;
464 u8 bssid[ETH_ALEN]; 473 u8 bssid[ETH_ALEN];
465 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
466 u16 capability; 474 u16 capability;
467 int i; 475 int i;
468 476
469 if (ifibss->flags & IEEE80211_IBSS_BSSID_SET) { 477 if (ifibss->fixed_bssid) {
470 memcpy(bssid, ifibss->bssid, ETH_ALEN); 478 memcpy(bssid, ifibss->bssid, ETH_ALEN);
471 } else { 479 } else {
472 /* Generate random, not broadcast, locally administered BSSID. Mix in 480 /* Generate random, not broadcast, locally administered BSSID. Mix in
@@ -482,10 +490,7 @@ static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
482 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n", 490 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %pM\n",
483 sdata->dev->name, bssid); 491 sdata->dev->name, bssid);
484 492
485 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 493 sband = local->hw.wiphy->bands[ifibss->channel->band];
486
487 if (local->hw.conf.beacon_int == 0)
488 local->hw.conf.beacon_int = 100;
489 494
490 capability = WLAN_CAPABILITY_IBSS; 495 capability = WLAN_CAPABILITY_IBSS;
491 496
@@ -494,29 +499,20 @@ static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
494 else 499 else
495 sdata->drop_unencrypted = 0; 500 sdata->drop_unencrypted = 0;
496 501
497 pos = supp_rates; 502 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
498 for (i = 0; i < sband->n_bitrates; i++) { 503 ifibss->channel, 3, /* first two are basic */
499 int rate = sband->bitrates[i].bitrate; 504 capability, 0);
500 *pos++ = (u8) (rate / 5);
501 }
502
503 return __ieee80211_sta_join_ibss(sdata,
504 bssid, local->hw.conf.beacon_int,
505 local->hw.conf.channel->center_freq,
506 sband->n_bitrates, supp_rates,
507 capability, 0);
508} 505}
509 506
510static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) 507static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
511{ 508{
512 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 509 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
513 struct ieee80211_local *local = sdata->local; 510 struct ieee80211_local *local = sdata->local;
514 struct ieee80211_bss *bss; 511 struct ieee80211_bss *bss;
512 struct ieee80211_channel *chan = NULL;
515 const u8 *bssid = NULL; 513 const u8 *bssid = NULL;
516 int active_ibss; 514 int active_ibss;
517 515 u16 capability;
518 if (ifibss->ssid_len == 0)
519 return -EINVAL;
520 516
521 active_ibss = ieee80211_sta_active_ibss(sdata); 517 active_ibss = ieee80211_sta_active_ibss(sdata);
522#ifdef CONFIG_MAC80211_IBSS_DEBUG 518#ifdef CONFIG_MAC80211_IBSS_DEBUG
@@ -525,14 +521,23 @@ static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
525#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 521#endif /* CONFIG_MAC80211_IBSS_DEBUG */
526 522
527 if (active_ibss) 523 if (active_ibss)
528 return 0; 524 return;
525
526 capability = WLAN_CAPABILITY_IBSS;
527 if (sdata->default_key)
528 capability |= WLAN_CAPABILITY_PRIVACY;
529 529
530 if (ifibss->flags & IEEE80211_IBSS_BSSID_SET) 530 if (ifibss->fixed_bssid)
531 bssid = ifibss->bssid; 531 bssid = ifibss->bssid;
532 bss = (void *)cfg80211_get_bss(local->hw.wiphy, NULL, bssid, 532 if (ifibss->fixed_channel)
533 chan = ifibss->channel;
534 if (!is_zero_ether_addr(ifibss->bssid))
535 bssid = ifibss->bssid;
536 bss = (void *)cfg80211_get_bss(local->hw.wiphy, chan, bssid,
533 ifibss->ssid, ifibss->ssid_len, 537 ifibss->ssid, ifibss->ssid_len,
534 WLAN_CAPABILITY_IBSS, 538 capability,
535 WLAN_CAPABILITY_IBSS); 539 WLAN_CAPABILITY_IBSS |
540 WLAN_CAPABILITY_PRIVACY);
536 541
537#ifdef CONFIG_MAC80211_IBSS_DEBUG 542#ifdef CONFIG_MAC80211_IBSS_DEBUG
538 if (bss) 543 if (bss)
@@ -540,18 +545,14 @@ static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
540 "%pM\n", bss->cbss.bssid, ifibss->bssid); 545 "%pM\n", bss->cbss.bssid, ifibss->bssid);
541#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 546#endif /* CONFIG_MAC80211_IBSS_DEBUG */
542 547
543 if (bss && 548 if (bss && memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN)) {
544 (!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET) ||
545 memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN))) {
546 int ret;
547
548 printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM" 549 printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM"
549 " based on configured SSID\n", 550 " based on configured SSID\n",
550 sdata->dev->name, bss->cbss.bssid); 551 sdata->dev->name, bss->cbss.bssid);
551 552
552 ret = ieee80211_sta_join_ibss(sdata, bss); 553 ieee80211_sta_join_ibss(sdata, bss);
553 ieee80211_rx_bss_put(local, bss); 554 ieee80211_rx_bss_put(local, bss);
554 return ret; 555 return;
555 } else if (bss) 556 } else if (bss)
556 ieee80211_rx_bss_put(local, bss); 557 ieee80211_rx_bss_put(local, bss);
557 558
@@ -562,29 +563,24 @@ static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
562 /* Selected IBSS not found in current scan results - try to scan */ 563 /* Selected IBSS not found in current scan results - try to scan */
563 if (ifibss->state == IEEE80211_IBSS_MLME_JOINED && 564 if (ifibss->state == IEEE80211_IBSS_MLME_JOINED &&
564 !ieee80211_sta_active_ibss(sdata)) { 565 !ieee80211_sta_active_ibss(sdata)) {
565 mod_timer(&ifibss->timer, jiffies + 566 mod_timer(&ifibss->timer,
566 IEEE80211_IBSS_MERGE_INTERVAL); 567 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
567 } else if (time_after(jiffies, local->last_scan_completed + 568 } else if (time_after(jiffies, ifibss->last_scan_completed +
568 IEEE80211_SCAN_INTERVAL)) { 569 IEEE80211_SCAN_INTERVAL)) {
569 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to " 570 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
570 "join\n", sdata->dev->name); 571 "join\n", sdata->dev->name);
571 572
572 /* XXX maybe racy? */ 573 ieee80211_request_internal_scan(sdata, ifibss->ssid,
573 if (local->scan_req) 574 ifibss->ssid_len);
574 return -EBUSY;
575
576 memcpy(local->int_scan_req.ssids[0].ssid,
577 ifibss->ssid, IEEE80211_MAX_SSID_LEN);
578 local->int_scan_req.ssids[0].ssid_len = ifibss->ssid_len;
579 return ieee80211_request_scan(sdata, &local->int_scan_req);
580 } else if (ifibss->state != IEEE80211_IBSS_MLME_JOINED) { 575 } else if (ifibss->state != IEEE80211_IBSS_MLME_JOINED) {
581 int interval = IEEE80211_SCAN_INTERVAL; 576 int interval = IEEE80211_SCAN_INTERVAL;
582 577
583 if (time_after(jiffies, ifibss->ibss_join_req + 578 if (time_after(jiffies, ifibss->ibss_join_req +
584 IEEE80211_IBSS_JOIN_TIMEOUT)) { 579 IEEE80211_IBSS_JOIN_TIMEOUT)) {
585 if (!(local->oper_channel->flags & 580 if (!(local->oper_channel->flags & IEEE80211_CHAN_NO_IBSS)) {
586 IEEE80211_CHAN_NO_IBSS)) 581 ieee80211_sta_create_ibss(sdata);
587 return ieee80211_sta_create_ibss(sdata); 582 return;
583 }
588 printk(KERN_DEBUG "%s: IBSS not allowed on" 584 printk(KERN_DEBUG "%s: IBSS not allowed on"
589 " %d MHz\n", sdata->dev->name, 585 " %d MHz\n", sdata->dev->name,
590 local->hw.conf.channel->center_freq); 586 local->hw.conf.channel->center_freq);
@@ -595,11 +591,9 @@ static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
595 } 591 }
596 592
597 ifibss->state = IEEE80211_IBSS_MLME_SEARCH; 593 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
598 mod_timer(&ifibss->timer, jiffies + interval); 594 mod_timer(&ifibss->timer,
599 return 0; 595 round_jiffies(jiffies + interval));
600 } 596 }
601
602 return 0;
603} 597}
604 598
605static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata, 599static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
@@ -614,13 +608,10 @@ static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
614 u8 *pos, *end; 608 u8 *pos, *end;
615 609
616 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED || 610 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
617 len < 24 + 2 || !ifibss->probe_resp) 611 len < 24 + 2 || !ifibss->presp)
618 return; 612 return;
619 613
620 if (local->ops->tx_last_beacon) 614 tx_last_beacon = drv_tx_last_beacon(local);
621 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
622 else
623 tx_last_beacon = 1;
624 615
625#ifdef CONFIG_MAC80211_IBSS_DEBUG 616#ifdef CONFIG_MAC80211_IBSS_DEBUG
626 printk(KERN_DEBUG "%s: RX ProbeReq SA=%pM DA=%pM BSSID=%pM" 617 printk(KERN_DEBUG "%s: RX ProbeReq SA=%pM DA=%pM BSSID=%pM"
@@ -649,13 +640,13 @@ static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
649 } 640 }
650 if (pos[1] != 0 && 641 if (pos[1] != 0 &&
651 (pos[1] != ifibss->ssid_len || 642 (pos[1] != ifibss->ssid_len ||
652 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len) != 0)) { 643 !memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) {
653 /* Ignore ProbeReq for foreign SSID */ 644 /* Ignore ProbeReq for foreign SSID */
654 return; 645 return;
655 } 646 }
656 647
657 /* Reply with ProbeResp */ 648 /* Reply with ProbeResp */
658 skb = skb_copy(ifibss->probe_resp, GFP_KERNEL); 649 skb = skb_copy(ifibss->presp, GFP_KERNEL);
659 if (!skb) 650 if (!skb)
660 return; 651 return;
661 652
@@ -794,89 +785,25 @@ void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
794 setup_timer(&ifibss->timer, ieee80211_ibss_timer, 785 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
795 (unsigned long) sdata); 786 (unsigned long) sdata);
796 skb_queue_head_init(&ifibss->skb_queue); 787 skb_queue_head_init(&ifibss->skb_queue);
797
798 ifibss->flags |= IEEE80211_IBSS_AUTO_BSSID_SEL |
799 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
800}
801
802int ieee80211_ibss_commit(struct ieee80211_sub_if_data *sdata)
803{
804 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
805
806 ifibss->flags &= ~IEEE80211_IBSS_PREV_BSSID_SET;
807
808 if (ifibss->ssid_len)
809 ifibss->flags |= IEEE80211_IBSS_SSID_SET;
810 else
811 ifibss->flags &= ~IEEE80211_IBSS_SSID_SET;
812
813 ifibss->ibss_join_req = jiffies;
814 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
815 set_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request);
816
817 return 0;
818}
819
820int ieee80211_ibss_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
821{
822 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
823
824 if (len > IEEE80211_MAX_SSID_LEN)
825 return -EINVAL;
826
827 if (ifibss->ssid_len != len || memcmp(ifibss->ssid, ssid, len) != 0) {
828 memset(ifibss->ssid, 0, sizeof(ifibss->ssid));
829 memcpy(ifibss->ssid, ssid, len);
830 ifibss->ssid_len = len;
831 }
832
833 return ieee80211_ibss_commit(sdata);
834}
835
836int ieee80211_ibss_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
837{
838 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
839
840 memcpy(ssid, ifibss->ssid, ifibss->ssid_len);
841 *len = ifibss->ssid_len;
842
843 return 0;
844}
845
846int ieee80211_ibss_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
847{
848 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
849
850 if (is_valid_ether_addr(bssid)) {
851 memcpy(ifibss->bssid, bssid, ETH_ALEN);
852 ifibss->flags |= IEEE80211_IBSS_BSSID_SET;
853 } else {
854 memset(ifibss->bssid, 0, ETH_ALEN);
855 ifibss->flags &= ~IEEE80211_IBSS_BSSID_SET;
856 }
857
858 if (netif_running(sdata->dev)) {
859 if (ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID)) {
860 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
861 "the low-level driver\n", sdata->dev->name);
862 }
863 }
864
865 return ieee80211_ibss_commit(sdata);
866} 788}
867 789
868/* scan finished notification */ 790/* scan finished notification */
869void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local) 791void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
870{ 792{
871 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 793 struct ieee80211_sub_if_data *sdata;
872 struct ieee80211_if_ibss *ifibss; 794
873 795 mutex_lock(&local->iflist_mtx);
874 if (sdata && sdata->vif.type == NL80211_IFTYPE_ADHOC) { 796 list_for_each_entry(sdata, &local->interfaces, list) {
875 ifibss = &sdata->u.ibss; 797 if (!netif_running(sdata->dev))
876 if ((!(ifibss->flags & IEEE80211_IBSS_PREV_BSSID_SET)) || 798 continue;
877 !ieee80211_sta_active_ibss(sdata)) 799 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
878 ieee80211_sta_find_ibss(sdata); 800 continue;
801 if (!sdata->u.ibss.ssid_len)
802 continue;
803 sdata->u.ibss.last_scan_completed = jiffies;
804 ieee80211_sta_find_ibss(sdata);
879 } 805 }
806 mutex_unlock(&local->iflist_mtx);
880} 807}
881 808
882ieee80211_rx_result 809ieee80211_rx_result
@@ -906,3 +833,86 @@ ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
906 833
907 return RX_DROP_MONITOR; 834 return RX_DROP_MONITOR;
908} 835}
836
837int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
838 struct cfg80211_ibss_params *params)
839{
840 struct sk_buff *skb;
841
842 if (params->bssid) {
843 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN);
844 sdata->u.ibss.fixed_bssid = true;
845 } else
846 sdata->u.ibss.fixed_bssid = false;
847
848 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
849
850 sdata->u.ibss.channel = params->channel;
851 sdata->u.ibss.fixed_channel = params->channel_fixed;
852
853 if (params->ie) {
854 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len,
855 GFP_KERNEL);
856 if (sdata->u.ibss.ie)
857 sdata->u.ibss.ie_len = params->ie_len;
858 }
859
860 skb = dev_alloc_skb(sdata->local->hw.extra_tx_headroom +
861 36 /* bitrates */ +
862 34 /* SSID */ +
863 3 /* DS params */ +
864 4 /* IBSS params */ +
865 params->ie_len);
866 if (!skb)
867 return -ENOMEM;
868
869 sdata->u.ibss.skb = skb;
870 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH;
871 sdata->u.ibss.ibss_join_req = jiffies;
872
873 memcpy(sdata->u.ibss.ssid, params->ssid, IEEE80211_MAX_SSID_LEN);
874
875 /*
876 * The ssid_len setting below is used to see whether
877 * we are active, and we need all other settings
878 * before that may get visible.
879 */
880 mb();
881
882 sdata->u.ibss.ssid_len = params->ssid_len;
883
884 ieee80211_recalc_idle(sdata->local);
885
886 set_bit(IEEE80211_IBSS_REQ_RUN, &sdata->u.ibss.request);
887 queue_work(sdata->local->hw.workqueue, &sdata->u.ibss.work);
888
889 return 0;
890}
891
892int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
893{
894 struct sk_buff *skb;
895
896 del_timer_sync(&sdata->u.ibss.timer);
897 clear_bit(IEEE80211_IBSS_REQ_RUN, &sdata->u.ibss.request);
898 cancel_work_sync(&sdata->u.ibss.work);
899 clear_bit(IEEE80211_IBSS_REQ_RUN, &sdata->u.ibss.request);
900
901 sta_info_flush(sdata->local, sdata);
902
903 /* remove beacon */
904 kfree(sdata->u.ibss.ie);
905 skb = sdata->u.ibss.presp;
906 rcu_assign_pointer(sdata->u.ibss.presp, NULL);
907 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
908 synchronize_rcu();
909 kfree_skb(skb);
910
911 skb_queue_purge(&sdata->u.ibss.skb_queue);
912 memset(sdata->u.ibss.bssid, 0, ETH_ALEN);
913 sdata->u.ibss.ssid_len = 0;
914
915 ieee80211_recalc_idle(sdata->local);
916
917 return 0;
918}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index e6ed78cb16b3..9d1514727f6e 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -24,7 +24,6 @@
24#include <linux/spinlock.h> 24#include <linux/spinlock.h>
25#include <linux/etherdevice.h> 25#include <linux/etherdevice.h>
26#include <net/cfg80211.h> 26#include <net/cfg80211.h>
27#include <net/wireless.h>
28#include <net/iw_handler.h> 27#include <net/iw_handler.h>
29#include <net/mac80211.h> 28#include <net/mac80211.h>
30#include "key.h" 29#include "key.h"
@@ -236,7 +235,7 @@ struct mesh_preq_queue {
236#define IEEE80211_STA_ASSOCIATED BIT(4) 235#define IEEE80211_STA_ASSOCIATED BIT(4)
237#define IEEE80211_STA_PROBEREQ_POLL BIT(5) 236#define IEEE80211_STA_PROBEREQ_POLL BIT(5)
238#define IEEE80211_STA_CREATE_IBSS BIT(6) 237#define IEEE80211_STA_CREATE_IBSS BIT(6)
239/* hole at 7, please re-use */ 238#define IEEE80211_STA_CONTROL_PORT BIT(7)
240#define IEEE80211_STA_WMM_ENABLED BIT(8) 239#define IEEE80211_STA_WMM_ENABLED BIT(8)
241/* hole at 9, please re-use */ 240/* hole at 9, please re-use */
242#define IEEE80211_STA_AUTO_SSID_SEL BIT(10) 241#define IEEE80211_STA_AUTO_SSID_SEL BIT(10)
@@ -249,9 +248,8 @@ struct mesh_preq_queue {
249#define IEEE80211_STA_EXT_SME BIT(17) 248#define IEEE80211_STA_EXT_SME BIT(17)
250/* flags for MLME request */ 249/* flags for MLME request */
251#define IEEE80211_STA_REQ_SCAN 0 250#define IEEE80211_STA_REQ_SCAN 0
252#define IEEE80211_STA_REQ_DIRECT_PROBE 1 251#define IEEE80211_STA_REQ_AUTH 1
253#define IEEE80211_STA_REQ_AUTH 2 252#define IEEE80211_STA_REQ_RUN 2
254#define IEEE80211_STA_REQ_RUN 3
255 253
256/* bitfield of allowed auth algs */ 254/* bitfield of allowed auth algs */
257#define IEEE80211_AUTH_ALG_OPEN BIT(0) 255#define IEEE80211_AUTH_ALG_OPEN BIT(0)
@@ -295,6 +293,8 @@ struct ieee80211_if_managed {
295 int auth_tries; /* retries for auth req */ 293 int auth_tries; /* retries for auth req */
296 int assoc_tries; /* retries for assoc req */ 294 int assoc_tries; /* retries for assoc req */
297 295
296 bool powersave; /* powersave requested for this iface */
297
298 unsigned long request; 298 unsigned long request;
299 299
300 unsigned long last_probe; 300 unsigned long last_probe;
@@ -306,6 +306,8 @@ struct ieee80211_if_managed {
306 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */ 306 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */
307 int auth_transaction; 307 int auth_transaction;
308 308
309 u32 beacon_crc;
310
309 enum { 311 enum {
310 IEEE80211_MFP_DISABLED, 312 IEEE80211_MFP_DISABLED,
311 IEEE80211_MFP_OPTIONAL, 313 IEEE80211_MFP_OPTIONAL,
@@ -319,14 +321,6 @@ struct ieee80211_if_managed {
319 size_t sme_auth_ie_len; 321 size_t sme_auth_ie_len;
320}; 322};
321 323
322enum ieee80211_ibss_flags {
323 IEEE80211_IBSS_AUTO_CHANNEL_SEL = BIT(0),
324 IEEE80211_IBSS_AUTO_BSSID_SEL = BIT(1),
325 IEEE80211_IBSS_BSSID_SET = BIT(2),
326 IEEE80211_IBSS_PREV_BSSID_SET = BIT(3),
327 IEEE80211_IBSS_SSID_SET = BIT(4),
328};
329
330enum ieee80211_ibss_request { 324enum ieee80211_ibss_request {
331 IEEE80211_IBSS_REQ_RUN = 0, 325 IEEE80211_IBSS_REQ_RUN = 0,
332}; 326};
@@ -337,17 +331,20 @@ struct ieee80211_if_ibss {
337 331
338 struct sk_buff_head skb_queue; 332 struct sk_buff_head skb_queue;
339 333
340 u8 ssid[IEEE80211_MAX_SSID_LEN]; 334 unsigned long request;
341 u8 ssid_len; 335 unsigned long last_scan_completed;
342 336 bool fixed_bssid;
343 u32 flags; 337 bool fixed_channel;
344 338
345 u8 bssid[ETH_ALEN]; 339 u8 bssid[ETH_ALEN];
346 340 u8 ssid[IEEE80211_MAX_SSID_LEN];
347 unsigned long request; 341 u8 ssid_len, ie_len;
342 u8 *ie;
343 struct ieee80211_channel *channel;
348 344
349 unsigned long ibss_join_req; 345 unsigned long ibss_join_req;
350 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */ 346 /* probe response/beacon for IBSS */
347 struct sk_buff *presp, *skb;
351 348
352 enum { 349 enum {
353 IEEE80211_IBSS_MLME_SEARCH, 350 IEEE80211_IBSS_MLME_SEARCH,
@@ -430,6 +427,12 @@ struct ieee80211_sub_if_data {
430 427
431 int drop_unencrypted; 428 int drop_unencrypted;
432 429
430 /*
431 * keep track of whether the HT opmode (stored in
432 * vif.bss_info.ht_operation_mode) is valid.
433 */
434 bool ht_opmode_valid;
435
433 /* Fragment table for host-based reassembly */ 436 /* Fragment table for host-based reassembly */
434 struct ieee80211_fragment_entry fragments[IEEE80211_FRAGMENT_MAX]; 437 struct ieee80211_fragment_entry fragments[IEEE80211_FRAGMENT_MAX];
435 unsigned int fragment_next; 438 unsigned int fragment_next;
@@ -626,8 +629,6 @@ struct ieee80211_local {
626 spinlock_t sta_lock; 629 spinlock_t sta_lock;
627 unsigned long num_sta; 630 unsigned long num_sta;
628 struct list_head sta_list; 631 struct list_head sta_list;
629 struct list_head sta_flush_list;
630 struct work_struct sta_flush_work;
631 struct sta_info *sta_hash[STA_HASH_SIZE]; 632 struct sta_info *sta_hash[STA_HASH_SIZE];
632 struct timer_list sta_cleanup; 633 struct timer_list sta_cleanup;
633 634
@@ -647,9 +648,6 @@ struct ieee80211_local {
647 648
648 struct rate_control_ref *rate_ctrl; 649 struct rate_control_ref *rate_ctrl;
649 650
650 int rts_threshold;
651 int fragmentation_threshold;
652
653 struct crypto_blkcipher *wep_tx_tfm; 651 struct crypto_blkcipher *wep_tx_tfm;
654 struct crypto_blkcipher *wep_rx_tfm; 652 struct crypto_blkcipher *wep_rx_tfm;
655 u32 wep_iv; 653 u32 wep_iv;
@@ -666,15 +664,18 @@ struct ieee80211_local {
666 664
667 665
668 /* Scanning and BSS list */ 666 /* Scanning and BSS list */
667 struct mutex scan_mtx;
669 bool sw_scanning, hw_scanning; 668 bool sw_scanning, hw_scanning;
670 struct cfg80211_ssid scan_ssid; 669 struct cfg80211_ssid scan_ssid;
671 struct cfg80211_scan_request int_scan_req; 670 struct cfg80211_scan_request int_scan_req;
672 struct cfg80211_scan_request *scan_req; 671 struct cfg80211_scan_request *scan_req;
673 struct ieee80211_channel *scan_channel; 672 struct ieee80211_channel *scan_channel;
673 const u8 *orig_ies;
674 int orig_ies_len;
674 int scan_channel_idx; 675 int scan_channel_idx;
676 int scan_ies_len;
675 677
676 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state; 678 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state;
677 unsigned long last_scan_completed;
678 struct delayed_work scan_work; 679 struct delayed_work scan_work;
679 struct ieee80211_sub_if_data *scan_sdata; 680 struct ieee80211_sub_if_data *scan_sdata;
680 enum nl80211_channel_type oper_channel_type; 681 enum nl80211_channel_type oper_channel_type;
@@ -736,15 +737,22 @@ struct ieee80211_local {
736 int wifi_wme_noack_test; 737 int wifi_wme_noack_test;
737 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */ 738 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */
738 739
739 bool powersave;
740 bool pspolling; 740 bool pspolling;
741 /*
742 * PS can only be enabled when we have exactly one managed
743 * interface (and monitors) in PS, this then points there.
744 */
745 struct ieee80211_sub_if_data *ps_sdata;
741 struct work_struct dynamic_ps_enable_work; 746 struct work_struct dynamic_ps_enable_work;
742 struct work_struct dynamic_ps_disable_work; 747 struct work_struct dynamic_ps_disable_work;
743 struct timer_list dynamic_ps_timer; 748 struct timer_list dynamic_ps_timer;
749 struct notifier_block network_latency_notifier;
744 750
745 int user_power_level; /* in dBm */ 751 int user_power_level; /* in dBm */
746 int power_constr_level; /* in dBm */ 752 int power_constr_level; /* in dBm */
747 753
754 struct work_struct restart_work;
755
748#ifdef CONFIG_MAC80211_DEBUGFS 756#ifdef CONFIG_MAC80211_DEBUGFS
749 struct local_debugfsdentries { 757 struct local_debugfsdentries {
750 struct dentry *rcdir; 758 struct dentry *rcdir;
@@ -758,6 +766,7 @@ struct ieee80211_local {
758 struct dentry *wep_iv; 766 struct dentry *wep_iv;
759 struct dentry *tsf; 767 struct dentry *tsf;
760 struct dentry *reset; 768 struct dentry *reset;
769 struct dentry *noack;
761 struct dentry *statistics; 770 struct dentry *statistics;
762 struct local_debugfsdentries_statsdentries { 771 struct local_debugfsdentries_statsdentries {
763 struct dentry *transmitted_fragment_count; 772 struct dentry *transmitted_fragment_count;
@@ -830,7 +839,7 @@ struct ieee802_11_elems {
830 u8 *fh_params; 839 u8 *fh_params;
831 u8 *ds_params; 840 u8 *ds_params;
832 u8 *cf_params; 841 u8 *cf_params;
833 u8 *tim; 842 struct ieee80211_tim_ie *tim;
834 u8 *ibss_params; 843 u8 *ibss_params;
835 u8 *challenge; 844 u8 *challenge;
836 u8 *wpa; 845 u8 *wpa;
@@ -903,7 +912,6 @@ static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
903 912
904 913
905int ieee80211_hw_config(struct ieee80211_local *local, u32 changed); 914int ieee80211_hw_config(struct ieee80211_local *local, u32 changed);
906int ieee80211_if_config(struct ieee80211_sub_if_data *sdata, u32 changed);
907void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx); 915void ieee80211_tx_set_protected(struct ieee80211_tx_data *tx);
908void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata, 916void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
909 u32 changed); 917 u32 changed);
@@ -927,12 +935,11 @@ int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason
927int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason); 935int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason);
928void ieee80211_send_pspoll(struct ieee80211_local *local, 936void ieee80211_send_pspoll(struct ieee80211_local *local,
929 struct ieee80211_sub_if_data *sdata); 937 struct ieee80211_sub_if_data *sdata);
938void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency);
939int ieee80211_max_network_latency(struct notifier_block *nb,
940 unsigned long data, void *dummy);
930 941
931/* IBSS code */ 942/* IBSS code */
932int ieee80211_ibss_commit(struct ieee80211_sub_if_data *sdata);
933int ieee80211_ibss_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len);
934int ieee80211_ibss_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len);
935int ieee80211_ibss_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid);
936void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local); 943void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local);
937void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata); 944void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata);
938ieee80211_rx_result 945ieee80211_rx_result
@@ -940,9 +947,14 @@ ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
940 struct ieee80211_rx_status *rx_status); 947 struct ieee80211_rx_status *rx_status);
941struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, 948struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
942 u8 *bssid, u8 *addr, u32 supp_rates); 949 u8 *bssid, u8 *addr, u32 supp_rates);
950int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
951 struct cfg80211_ibss_params *params);
952int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata);
943 953
944/* scan/BSS handling */ 954/* scan/BSS handling */
945void ieee80211_scan_work(struct work_struct *work); 955void ieee80211_scan_work(struct work_struct *work);
956int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
957 const u8 *ssid, u8 ssid_len);
946int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 958int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
947 struct cfg80211_scan_request *req); 959 struct cfg80211_scan_request *req);
948int ieee80211_scan_results(struct ieee80211_local *local, 960int ieee80211_scan_results(struct ieee80211_local *local,
@@ -956,9 +968,6 @@ int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata,
956 const char *ie, size_t len); 968 const char *ie, size_t len);
957 969
958void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local); 970void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local);
959void ieee80211_scan_failed(struct ieee80211_local *local);
960int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata,
961 struct cfg80211_scan_request *req);
962struct ieee80211_bss * 971struct ieee80211_bss *
963ieee80211_bss_info_update(struct ieee80211_local *local, 972ieee80211_bss_info_update(struct ieee80211_local *local,
964 struct ieee80211_rx_status *rx_status, 973 struct ieee80211_rx_status *rx_status,
@@ -983,6 +992,8 @@ int ieee80211_if_change_type(struct ieee80211_sub_if_data *sdata,
983 enum nl80211_iftype type); 992 enum nl80211_iftype type);
984void ieee80211_if_remove(struct ieee80211_sub_if_data *sdata); 993void ieee80211_if_remove(struct ieee80211_sub_if_data *sdata);
985void ieee80211_remove_interfaces(struct ieee80211_local *local); 994void ieee80211_remove_interfaces(struct ieee80211_local *local);
995u32 __ieee80211_recalc_idle(struct ieee80211_local *local);
996void ieee80211_recalc_idle(struct ieee80211_local *local);
986 997
987/* tx handling */ 998/* tx handling */
988void ieee80211_clear_tx_pending(struct ieee80211_local *local); 999void ieee80211_clear_tx_pending(struct ieee80211_local *local);
@@ -995,9 +1006,6 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb, struct net_device *dev);
995void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_supported_band *sband, 1006void ieee80211_ht_cap_ie_to_sta_ht_cap(struct ieee80211_supported_band *sband,
996 struct ieee80211_ht_cap *ht_cap_ie, 1007 struct ieee80211_ht_cap *ht_cap_ie,
997 struct ieee80211_sta_ht_cap *ht_cap); 1008 struct ieee80211_sta_ht_cap *ht_cap);
998u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
999 struct ieee80211_ht_info *hti,
1000 u16 ap_ht_cap_flags);
1001void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn); 1009void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn);
1002void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata, 1010void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
1003 const u8 *da, u16 tid, 1011 const u8 *da, u16 tid,
@@ -1036,15 +1044,22 @@ void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
1036 u16 capab_info, u8 *pwr_constr_elem, 1044 u16 capab_info, u8 *pwr_constr_elem,
1037 u8 pwr_constr_elem_len); 1045 u8 pwr_constr_elem_len);
1038 1046
1039/* Suspend/resume */ 1047/* Suspend/resume and hw reconfiguration */
1048int ieee80211_reconfig(struct ieee80211_local *local);
1049
1040#ifdef CONFIG_PM 1050#ifdef CONFIG_PM
1041int __ieee80211_suspend(struct ieee80211_hw *hw); 1051int __ieee80211_suspend(struct ieee80211_hw *hw);
1042int __ieee80211_resume(struct ieee80211_hw *hw); 1052
1053static inline int __ieee80211_resume(struct ieee80211_hw *hw)
1054{
1055 return ieee80211_reconfig(hw_to_local(hw));
1056}
1043#else 1057#else
1044static inline int __ieee80211_suspend(struct ieee80211_hw *hw) 1058static inline int __ieee80211_suspend(struct ieee80211_hw *hw)
1045{ 1059{
1046 return 0; 1060 return 0;
1047} 1061}
1062
1048static inline int __ieee80211_resume(struct ieee80211_hw *hw) 1063static inline int __ieee80211_resume(struct ieee80211_hw *hw)
1049{ 1064{
1050 return 0; 1065 return 0;
@@ -1060,12 +1075,15 @@ u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len,
1060int ieee80211_frame_duration(struct ieee80211_local *local, size_t len, 1075int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
1061 int rate, int erp, int short_preamble); 1076 int rate, int erp, int short_preamble);
1062void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx, 1077void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx,
1063 struct ieee80211_hdr *hdr); 1078 struct ieee80211_hdr *hdr, const u8 *tsc);
1064void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata); 1079void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata);
1065void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 1080void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
1066 int encrypt); 1081 int encrypt);
1067void ieee802_11_parse_elems(u8 *start, size_t len, 1082void ieee802_11_parse_elems(u8 *start, size_t len,
1068 struct ieee802_11_elems *elems); 1083 struct ieee802_11_elems *elems);
1084u32 ieee802_11_parse_elems_crc(u8 *start, size_t len,
1085 struct ieee802_11_elems *elems,
1086 u64 filter, u32 crc);
1069int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freq); 1087int ieee80211_set_freq(struct ieee80211_sub_if_data *sdata, int freq);
1070u32 ieee80211_mandatory_rates(struct ieee80211_local *local, 1088u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
1071 enum ieee80211_band band); 1089 enum ieee80211_band band);
@@ -1093,9 +1111,11 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1093 u16 transaction, u16 auth_alg, 1111 u16 transaction, u16 auth_alg,
1094 u8 *extra, size_t extra_len, 1112 u8 *extra, size_t extra_len,
1095 const u8 *bssid, int encrypt); 1113 const u8 *bssid, int encrypt);
1114int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
1115 const u8 *ie, size_t ie_len);
1096void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 1116void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1097 u8 *ssid, size_t ssid_len, 1117 const u8 *ssid, size_t ssid_len,
1098 u8 *ie, size_t ie_len); 1118 const u8 *ie, size_t ie_len);
1099 1119
1100void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata, 1120void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
1101 const size_t supp_rates_len, 1121 const size_t supp_rates_len,
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 91e8e1bacaaa..8c9f1c722cdb 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -20,6 +20,7 @@
20#include "debugfs_netdev.h" 20#include "debugfs_netdev.h"
21#include "mesh.h" 21#include "mesh.h"
22#include "led.h" 22#include "led.h"
23#include "driver-ops.h"
23 24
24/** 25/**
25 * DOC: Interface list locking 26 * DOC: Interface list locking
@@ -164,9 +165,7 @@ static int ieee80211_open(struct net_device *dev)
164 } 165 }
165 166
166 if (local->open_count == 0) { 167 if (local->open_count == 0) {
167 res = 0; 168 res = drv_start(local);
168 if (local->ops->start)
169 res = local->ops->start(local_to_hw(local));
170 if (res) 169 if (res)
171 goto err_del_bss; 170 goto err_del_bss;
172 /* we're brought up, everything changes */ 171 /* we're brought up, everything changes */
@@ -199,8 +198,8 @@ static int ieee80211_open(struct net_device *dev)
199 * Validate the MAC address for this device. 198 * Validate the MAC address for this device.
200 */ 199 */
201 if (!is_valid_ether_addr(dev->dev_addr)) { 200 if (!is_valid_ether_addr(dev->dev_addr)) {
202 if (!local->open_count && local->ops->stop) 201 if (!local->open_count)
203 local->ops->stop(local_to_hw(local)); 202 drv_stop(local);
204 return -EADDRNOTAVAIL; 203 return -EADDRNOTAVAIL;
205 } 204 }
206 205
@@ -235,17 +234,13 @@ static int ieee80211_open(struct net_device *dev)
235 netif_addr_unlock_bh(local->mdev); 234 netif_addr_unlock_bh(local->mdev);
236 break; 235 break;
237 case NL80211_IFTYPE_STATION: 236 case NL80211_IFTYPE_STATION:
238 case NL80211_IFTYPE_ADHOC: 237 sdata->u.mgd.flags &= ~IEEE80211_STA_PREV_BSSID_SET;
239 if (sdata->vif.type == NL80211_IFTYPE_STATION)
240 sdata->u.mgd.flags &= ~IEEE80211_STA_PREV_BSSID_SET;
241 else
242 sdata->u.ibss.flags &= ~IEEE80211_IBSS_PREV_BSSID_SET;
243 /* fall through */ 238 /* fall through */
244 default: 239 default:
245 conf.vif = &sdata->vif; 240 conf.vif = &sdata->vif;
246 conf.type = sdata->vif.type; 241 conf.type = sdata->vif.type;
247 conf.mac_addr = dev->dev_addr; 242 conf.mac_addr = dev->dev_addr;
248 res = local->ops->add_interface(local_to_hw(local), &conf); 243 res = drv_add_interface(local, &conf);
249 if (res) 244 if (res)
250 goto err_stop; 245 goto err_stop;
251 246
@@ -306,6 +301,8 @@ static int ieee80211_open(struct net_device *dev)
306 if (sdata->flags & IEEE80211_SDATA_PROMISC) 301 if (sdata->flags & IEEE80211_SDATA_PROMISC)
307 atomic_inc(&local->iff_promiscs); 302 atomic_inc(&local->iff_promiscs);
308 303
304 hw_reconf_flags |= __ieee80211_recalc_idle(local);
305
309 local->open_count++; 306 local->open_count++;
310 if (hw_reconf_flags) { 307 if (hw_reconf_flags) {
311 ieee80211_hw_config(local, hw_reconf_flags); 308 ieee80211_hw_config(local, hw_reconf_flags);
@@ -317,6 +314,8 @@ static int ieee80211_open(struct net_device *dev)
317 ieee80211_set_wmm_default(sdata); 314 ieee80211_set_wmm_default(sdata);
318 } 315 }
319 316
317 ieee80211_recalc_ps(local, -1);
318
320 /* 319 /*
321 * ieee80211_sta_work is disabled while network interface 320 * ieee80211_sta_work is disabled while network interface
322 * is down. Therefore, some configuration changes may not 321 * is down. Therefore, some configuration changes may not
@@ -325,17 +324,15 @@ static int ieee80211_open(struct net_device *dev)
325 */ 324 */
326 if (sdata->vif.type == NL80211_IFTYPE_STATION) 325 if (sdata->vif.type == NL80211_IFTYPE_STATION)
327 queue_work(local->hw.workqueue, &sdata->u.mgd.work); 326 queue_work(local->hw.workqueue, &sdata->u.mgd.work);
328 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
329 queue_work(local->hw.workqueue, &sdata->u.ibss.work);
330 327
331 netif_tx_start_all_queues(dev); 328 netif_tx_start_all_queues(dev);
332 329
333 return 0; 330 return 0;
334 err_del_interface: 331 err_del_interface:
335 local->ops->remove_interface(local_to_hw(local), &conf); 332 drv_remove_interface(local, &conf);
336 err_stop: 333 err_stop:
337 if (!local->open_count && local->ops->stop) 334 if (!local->open_count)
338 local->ops->stop(local_to_hw(local)); 335 drv_stop(local);
339 err_del_bss: 336 err_del_bss:
340 sdata->bss = NULL; 337 sdata->bss = NULL;
341 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 338 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
@@ -497,7 +494,6 @@ static int ieee80211_stop(struct net_device *dev)
497 /* fall through */ 494 /* fall through */
498 case NL80211_IFTYPE_ADHOC: 495 case NL80211_IFTYPE_ADHOC:
499 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 496 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
500 memset(sdata->u.ibss.bssid, 0, ETH_ALEN);
501 del_timer_sync(&sdata->u.ibss.timer); 497 del_timer_sync(&sdata->u.ibss.timer);
502 cancel_work_sync(&sdata->u.ibss.work); 498 cancel_work_sync(&sdata->u.ibss.work);
503 synchronize_rcu(); 499 synchronize_rcu();
@@ -549,17 +545,20 @@ static int ieee80211_stop(struct net_device *dev)
549 conf.mac_addr = dev->dev_addr; 545 conf.mac_addr = dev->dev_addr;
550 /* disable all keys for as long as this netdev is down */ 546 /* disable all keys for as long as this netdev is down */
551 ieee80211_disable_keys(sdata); 547 ieee80211_disable_keys(sdata);
552 local->ops->remove_interface(local_to_hw(local), &conf); 548 drv_remove_interface(local, &conf);
553 } 549 }
554 550
555 sdata->bss = NULL; 551 sdata->bss = NULL;
556 552
553 hw_reconf_flags |= __ieee80211_recalc_idle(local);
554
555 ieee80211_recalc_ps(local, -1);
556
557 if (local->open_count == 0) { 557 if (local->open_count == 0) {
558 if (netif_running(local->mdev)) 558 if (netif_running(local->mdev))
559 dev_close(local->mdev); 559 dev_close(local->mdev);
560 560
561 if (local->ops->stop) 561 drv_stop(local);
562 local->ops->stop(local_to_hw(local));
563 562
564 ieee80211_led_radio(local, 0); 563 ieee80211_led_radio(local, 0);
565 564
@@ -649,7 +648,8 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
649 mesh_rmc_free(sdata); 648 mesh_rmc_free(sdata);
650 break; 649 break;
651 case NL80211_IFTYPE_ADHOC: 650 case NL80211_IFTYPE_ADHOC:
652 kfree_skb(sdata->u.ibss.probe_resp); 651 if (WARN_ON(sdata->u.ibss.presp))
652 kfree_skb(sdata->u.ibss.presp);
653 break; 653 break;
654 case NL80211_IFTYPE_STATION: 654 case NL80211_IFTYPE_STATION:
655 kfree(sdata->u.mgd.extra_ie); 655 kfree(sdata->u.mgd.extra_ie);
@@ -896,3 +896,74 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local)
896 unregister_netdevice(sdata->dev); 896 unregister_netdevice(sdata->dev);
897 } 897 }
898} 898}
899
900static u32 ieee80211_idle_off(struct ieee80211_local *local,
901 const char *reason)
902{
903 if (!(local->hw.conf.flags & IEEE80211_CONF_IDLE))
904 return 0;
905
906#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
907 printk(KERN_DEBUG "%s: device no longer idle - %s\n",
908 wiphy_name(local->hw.wiphy), reason);
909#endif
910
911 local->hw.conf.flags &= ~IEEE80211_CONF_IDLE;
912 return IEEE80211_CONF_CHANGE_IDLE;
913}
914
915static u32 ieee80211_idle_on(struct ieee80211_local *local)
916{
917 if (local->hw.conf.flags & IEEE80211_CONF_IDLE)
918 return 0;
919
920#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
921 printk(KERN_DEBUG "%s: device now idle\n",
922 wiphy_name(local->hw.wiphy));
923#endif
924
925 local->hw.conf.flags |= IEEE80211_CONF_IDLE;
926 return IEEE80211_CONF_CHANGE_IDLE;
927}
928
929u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
930{
931 struct ieee80211_sub_if_data *sdata;
932 int count = 0;
933
934 if (local->hw_scanning || local->sw_scanning)
935 return ieee80211_idle_off(local, "scanning");
936
937 list_for_each_entry(sdata, &local->interfaces, list) {
938 if (!netif_running(sdata->dev))
939 continue;
940 /* do not count disabled managed interfaces */
941 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
942 sdata->u.mgd.state == IEEE80211_STA_MLME_DISABLED)
943 continue;
944 /* do not count unused IBSS interfaces */
945 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
946 !sdata->u.ibss.ssid_len)
947 continue;
948 /* count everything else */
949 count++;
950 }
951
952 if (!count)
953 return ieee80211_idle_on(local);
954 else
955 return ieee80211_idle_off(local, "in use");
956
957 return 0;
958}
959
960void ieee80211_recalc_idle(struct ieee80211_local *local)
961{
962 u32 chg;
963
964 mutex_lock(&local->iflist_mtx);
965 chg = __ieee80211_recalc_idle(local);
966 mutex_unlock(&local->iflist_mtx);
967 if (chg)
968 ieee80211_hw_config(local, chg);
969}
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 687acf23054d..827ea8e6ee0a 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -16,6 +16,7 @@
16#include <linux/rtnetlink.h> 16#include <linux/rtnetlink.h>
17#include <net/mac80211.h> 17#include <net/mac80211.h>
18#include "ieee80211_i.h" 18#include "ieee80211_i.h"
19#include "driver-ops.h"
19#include "debugfs_key.h" 20#include "debugfs_key.h"
20#include "aes_ccm.h" 21#include "aes_ccm.h"
21#include "aes_cmac.h" 22#include "aes_cmac.h"
@@ -136,8 +137,7 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
136 struct ieee80211_sub_if_data, 137 struct ieee80211_sub_if_data,
137 u.ap); 138 u.ap);
138 139
139 ret = key->local->ops->set_key(local_to_hw(key->local), SET_KEY, 140 ret = drv_set_key(key->local, SET_KEY, &sdata->vif, sta, &key->conf);
140 &sdata->vif, sta, &key->conf);
141 141
142 if (!ret) { 142 if (!ret) {
143 spin_lock(&todo_lock); 143 spin_lock(&todo_lock);
@@ -179,8 +179,8 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
179 struct ieee80211_sub_if_data, 179 struct ieee80211_sub_if_data,
180 u.ap); 180 u.ap);
181 181
182 ret = key->local->ops->set_key(local_to_hw(key->local), DISABLE_KEY, 182 ret = drv_set_key(key->local, DISABLE_KEY, &sdata->vif,
183 &sdata->vif, sta, &key->conf); 183 sta, &key->conf);
184 184
185 if (ret) 185 if (ret)
186 printk(KERN_ERR "mac80211-%s: failed to remove key " 186 printk(KERN_ERR "mac80211-%s: failed to remove key "
@@ -290,9 +290,11 @@ static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
290struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg, 290struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
291 int idx, 291 int idx,
292 size_t key_len, 292 size_t key_len,
293 const u8 *key_data) 293 const u8 *key_data,
294 size_t seq_len, const u8 *seq)
294{ 295{
295 struct ieee80211_key *key; 296 struct ieee80211_key *key;
297 int i, j;
296 298
297 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS); 299 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
298 300
@@ -318,14 +320,31 @@ struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
318 case ALG_TKIP: 320 case ALG_TKIP:
319 key->conf.iv_len = TKIP_IV_LEN; 321 key->conf.iv_len = TKIP_IV_LEN;
320 key->conf.icv_len = TKIP_ICV_LEN; 322 key->conf.icv_len = TKIP_ICV_LEN;
323 if (seq && seq_len == 6) {
324 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) {
325 key->u.tkip.rx[i].iv32 =
326 get_unaligned_le32(&seq[2]);
327 key->u.tkip.rx[i].iv16 =
328 get_unaligned_le16(seq);
329 }
330 }
321 break; 331 break;
322 case ALG_CCMP: 332 case ALG_CCMP:
323 key->conf.iv_len = CCMP_HDR_LEN; 333 key->conf.iv_len = CCMP_HDR_LEN;
324 key->conf.icv_len = CCMP_MIC_LEN; 334 key->conf.icv_len = CCMP_MIC_LEN;
335 if (seq && seq_len == CCMP_PN_LEN) {
336 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
337 for (j = 0; j < CCMP_PN_LEN; j++)
338 key->u.ccmp.rx_pn[i][j] =
339 seq[CCMP_PN_LEN - j - 1];
340 }
325 break; 341 break;
326 case ALG_AES_CMAC: 342 case ALG_AES_CMAC:
327 key->conf.iv_len = 0; 343 key->conf.iv_len = 0;
328 key->conf.icv_len = sizeof(struct ieee80211_mmie); 344 key->conf.icv_len = sizeof(struct ieee80211_mmie);
345 if (seq && seq_len == 6)
346 for (j = 0; j < 6; j++)
347 key->u.aes_cmac.rx_pn[j] = seq[6 - j - 1];
329 break; 348 break;
330 } 349 }
331 memcpy(key->conf.key, key_data, key_len); 350 memcpy(key->conf.key, key_data, key_len);
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index 215d3ef42a4f..9572e00f532c 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -144,7 +144,8 @@ struct ieee80211_key {
144struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg, 144struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
145 int idx, 145 int idx,
146 size_t key_len, 146 size_t key_len,
147 const u8 *key_data); 147 const u8 *key_data,
148 size_t seq_len, const u8 *seq);
148/* 149/*
149 * Insert a key into data structures (sdata, sta if necessary) 150 * Insert a key into data structures (sdata, sta if necessary)
150 * to make it used, free old key. 151 * to make it used, free old key.
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 14134193cd17..76df5eabf268 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -21,10 +21,12 @@
21#include <linux/wireless.h> 21#include <linux/wireless.h>
22#include <linux/rtnetlink.h> 22#include <linux/rtnetlink.h>
23#include <linux/bitmap.h> 23#include <linux/bitmap.h>
24#include <linux/pm_qos_params.h>
24#include <net/net_namespace.h> 25#include <net/net_namespace.h>
25#include <net/cfg80211.h> 26#include <net/cfg80211.h>
26 27
27#include "ieee80211_i.h" 28#include "ieee80211_i.h"
29#include "driver-ops.h"
28#include "rate.h" 30#include "rate.h"
29#include "mesh.h" 31#include "mesh.h"
30#include "wep.h" 32#include "wep.h"
@@ -80,10 +82,9 @@ void ieee80211_configure_filter(struct ieee80211_local *local)
80 /* be a bit nasty */ 82 /* be a bit nasty */
81 new_flags |= (1<<31); 83 new_flags |= (1<<31);
82 84
83 local->ops->configure_filter(local_to_hw(local), 85 drv_configure_filter(local, changed_flags, &new_flags,
84 changed_flags, &new_flags, 86 local->mdev->mc_count,
85 local->mdev->mc_count, 87 local->mdev->mc_list);
86 local->mdev->mc_list);
87 88
88 WARN_ON(new_flags & (1<<31)); 89 WARN_ON(new_flags & (1<<31));
89 90
@@ -151,93 +152,19 @@ static void ieee80211_master_set_multicast_list(struct net_device *dev)
151 ieee80211_configure_filter(local); 152 ieee80211_configure_filter(local);
152} 153}
153 154
154/* everything else */
155
156int ieee80211_if_config(struct ieee80211_sub_if_data *sdata, u32 changed)
157{
158 struct ieee80211_local *local = sdata->local;
159 struct ieee80211_if_conf conf;
160
161 if (WARN_ON(!netif_running(sdata->dev)))
162 return 0;
163
164 memset(&conf, 0, sizeof(conf));
165
166 if (sdata->vif.type == NL80211_IFTYPE_STATION)
167 conf.bssid = sdata->u.mgd.bssid;
168 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
169 conf.bssid = sdata->u.ibss.bssid;
170 else if (sdata->vif.type == NL80211_IFTYPE_AP)
171 conf.bssid = sdata->dev->dev_addr;
172 else if (ieee80211_vif_is_mesh(&sdata->vif)) {
173 static const u8 zero[ETH_ALEN] = { 0 };
174 conf.bssid = zero;
175 } else {
176 WARN_ON(1);
177 return -EINVAL;
178 }
179
180 if (!local->ops->config_interface)
181 return 0;
182
183 switch (sdata->vif.type) {
184 case NL80211_IFTYPE_AP:
185 case NL80211_IFTYPE_ADHOC:
186 case NL80211_IFTYPE_MESH_POINT:
187 break;
188 default:
189 /* do not warn to simplify caller in scan.c */
190 changed &= ~IEEE80211_IFCC_BEACON_ENABLED;
191 if (WARN_ON(changed & IEEE80211_IFCC_BEACON))
192 return -EINVAL;
193 changed &= ~IEEE80211_IFCC_BEACON;
194 break;
195 }
196
197 if (changed & IEEE80211_IFCC_BEACON_ENABLED) {
198 if (local->sw_scanning) {
199 conf.enable_beacon = false;
200 } else {
201 /*
202 * Beacon should be enabled, but AP mode must
203 * check whether there is a beacon configured.
204 */
205 switch (sdata->vif.type) {
206 case NL80211_IFTYPE_AP:
207 conf.enable_beacon =
208 !!rcu_dereference(sdata->u.ap.beacon);
209 break;
210 case NL80211_IFTYPE_ADHOC:
211 conf.enable_beacon = !!sdata->u.ibss.probe_resp;
212 break;
213 case NL80211_IFTYPE_MESH_POINT:
214 conf.enable_beacon = true;
215 break;
216 default:
217 /* not reached */
218 WARN_ON(1);
219 break;
220 }
221 }
222 }
223
224 conf.changed = changed;
225
226 return local->ops->config_interface(local_to_hw(local),
227 &sdata->vif, &conf);
228}
229
230int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) 155int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
231{ 156{
232 struct ieee80211_channel *chan; 157 struct ieee80211_channel *chan, *scan_chan;
233 int ret = 0; 158 int ret = 0;
234 int power; 159 int power;
235 enum nl80211_channel_type channel_type; 160 enum nl80211_channel_type channel_type;
236 161
237 might_sleep(); 162 might_sleep();
238 163
239 if (local->sw_scanning) { 164 scan_chan = local->scan_channel;
240 chan = local->scan_channel; 165
166 if (scan_chan) {
167 chan = scan_chan;
241 channel_type = NL80211_CHAN_NO_HT; 168 channel_type = NL80211_CHAN_NO_HT;
242 } else { 169 } else {
243 chan = local->oper_channel; 170 chan = local->oper_channel;
@@ -251,7 +178,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
251 changed |= IEEE80211_CONF_CHANGE_CHANNEL; 178 changed |= IEEE80211_CONF_CHANGE_CHANNEL;
252 } 179 }
253 180
254 if (local->sw_scanning) 181 if (scan_chan)
255 power = chan->max_power; 182 power = chan->max_power;
256 else 183 else
257 power = local->power_constr_level ? 184 power = local->power_constr_level ?
@@ -267,7 +194,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
267 } 194 }
268 195
269 if (changed && local->open_count) { 196 if (changed && local->open_count) {
270 ret = local->ops->config(local_to_hw(local), changed); 197 ret = drv_config(local, changed);
271 /* 198 /*
272 * Goal: 199 * Goal:
273 * HW reconfiguration should never fail, the driver has told 200 * HW reconfiguration should never fail, the driver has told
@@ -293,17 +220,77 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
293{ 220{
294 struct ieee80211_local *local = sdata->local; 221 struct ieee80211_local *local = sdata->local;
295 222
296 if (WARN_ON(sdata->vif.type == NL80211_IFTYPE_AP_VLAN)) 223 if (!changed)
297 return; 224 return;
298 225
299 if (!changed) 226 if (sdata->vif.type == NL80211_IFTYPE_STATION)
227 sdata->vif.bss_conf.bssid = sdata->u.mgd.bssid;
228 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
229 sdata->vif.bss_conf.bssid = sdata->u.ibss.bssid;
230 else if (sdata->vif.type == NL80211_IFTYPE_AP)
231 sdata->vif.bss_conf.bssid = sdata->dev->dev_addr;
232 else if (ieee80211_vif_is_mesh(&sdata->vif)) {
233 static const u8 zero[ETH_ALEN] = { 0 };
234 sdata->vif.bss_conf.bssid = zero;
235 } else {
236 WARN_ON(1);
300 return; 237 return;
238 }
239
240 switch (sdata->vif.type) {
241 case NL80211_IFTYPE_AP:
242 case NL80211_IFTYPE_ADHOC:
243 case NL80211_IFTYPE_MESH_POINT:
244 break;
245 default:
246 /* do not warn to simplify caller in scan.c */
247 changed &= ~BSS_CHANGED_BEACON_ENABLED;
248 if (WARN_ON(changed & BSS_CHANGED_BEACON))
249 return;
250 break;
251 }
301 252
302 if (local->ops->bss_info_changed) 253 if (changed & BSS_CHANGED_BEACON_ENABLED) {
303 local->ops->bss_info_changed(local_to_hw(local), 254 if (local->sw_scanning) {
304 &sdata->vif, 255 sdata->vif.bss_conf.enable_beacon = false;
305 &sdata->vif.bss_conf, 256 } else {
306 changed); 257 /*
258 * Beacon should be enabled, but AP mode must
259 * check whether there is a beacon configured.
260 */
261 switch (sdata->vif.type) {
262 case NL80211_IFTYPE_AP:
263 sdata->vif.bss_conf.enable_beacon =
264 !!rcu_dereference(sdata->u.ap.beacon);
265 break;
266 case NL80211_IFTYPE_ADHOC:
267 sdata->vif.bss_conf.enable_beacon =
268 !!rcu_dereference(sdata->u.ibss.presp);
269 break;
270 case NL80211_IFTYPE_MESH_POINT:
271 sdata->vif.bss_conf.enable_beacon = true;
272 break;
273 default:
274 /* not reached */
275 WARN_ON(1);
276 break;
277 }
278 }
279 }
280
281 drv_bss_info_changed(local, &sdata->vif,
282 &sdata->vif.bss_conf, changed);
283
284 /*
285 * DEPRECATED
286 *
287 * ~changed is just there to not do this at resume time
288 */
289 if (changed & BSS_CHANGED_BEACON_INT && ~changed) {
290 local->hw.conf.beacon_int = sdata->vif.bss_conf.beacon_int;
291 ieee80211_hw_config(local,
292 _IEEE80211_CONF_CHANGE_BEACON_INTERVAL);
293 }
307} 294}
308 295
309u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata) 296u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata)
@@ -696,6 +683,28 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
696} 683}
697EXPORT_SYMBOL(ieee80211_tx_status); 684EXPORT_SYMBOL(ieee80211_tx_status);
698 685
686static void ieee80211_restart_work(struct work_struct *work)
687{
688 struct ieee80211_local *local =
689 container_of(work, struct ieee80211_local, restart_work);
690
691 rtnl_lock();
692 ieee80211_reconfig(local);
693 rtnl_unlock();
694}
695
696void ieee80211_restart_hw(struct ieee80211_hw *hw)
697{
698 struct ieee80211_local *local = hw_to_local(hw);
699
700 /* use this reason, __ieee80211_resume will unblock it */
701 ieee80211_stop_queues_by_reason(hw,
702 IEEE80211_QUEUE_STOP_REASON_SUSPEND);
703
704 schedule_work(&local->restart_work);
705}
706EXPORT_SYMBOL(ieee80211_restart_hw);
707
699struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len, 708struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
700 const struct ieee80211_ops *ops) 709 const struct ieee80211_ops *ops)
701{ 710{
@@ -728,12 +737,13 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
728 return NULL; 737 return NULL;
729 738
730 wiphy->privid = mac80211_wiphy_privid; 739 wiphy->privid = mac80211_wiphy_privid;
731 wiphy->max_scan_ssids = 4; 740
732 /* Yes, putting cfg80211_bss into ieee80211_bss is a hack */ 741 /* Yes, putting cfg80211_bss into ieee80211_bss is a hack */
733 wiphy->bss_priv_size = sizeof(struct ieee80211_bss) - 742 wiphy->bss_priv_size = sizeof(struct ieee80211_bss) -
734 sizeof(struct cfg80211_bss); 743 sizeof(struct cfg80211_bss);
735 744
736 local = wiphy_priv(wiphy); 745 local = wiphy_priv(wiphy);
746
737 local->hw.wiphy = wiphy; 747 local->hw.wiphy = wiphy;
738 748
739 local->hw.priv = (char *)local + 749 local->hw.priv = (char *)local +
@@ -752,15 +762,14 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
752 /* set up some defaults */ 762 /* set up some defaults */
753 local->hw.queues = 1; 763 local->hw.queues = 1;
754 local->hw.max_rates = 1; 764 local->hw.max_rates = 1;
755 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD; 765 local->hw.conf.long_frame_max_tx_count = wiphy->retry_long;
756 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD; 766 local->hw.conf.short_frame_max_tx_count = wiphy->retry_short;
757 local->hw.conf.long_frame_max_tx_count = 4;
758 local->hw.conf.short_frame_max_tx_count = 7;
759 local->hw.conf.radio_enabled = true; 767 local->hw.conf.radio_enabled = true;
760 local->user_power_level = -1; 768 local->user_power_level = -1;
761 769
762 INIT_LIST_HEAD(&local->interfaces); 770 INIT_LIST_HEAD(&local->interfaces);
763 mutex_init(&local->iflist_mtx); 771 mutex_init(&local->iflist_mtx);
772 mutex_init(&local->scan_mtx);
764 773
765 spin_lock_init(&local->key_lock); 774 spin_lock_init(&local->key_lock);
766 775
@@ -768,6 +777,8 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
768 777
769 INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work); 778 INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work);
770 779
780 INIT_WORK(&local->restart_work, ieee80211_restart_work);
781
771 INIT_WORK(&local->dynamic_ps_enable_work, 782 INIT_WORK(&local->dynamic_ps_enable_work,
772 ieee80211_dynamic_ps_enable_work); 783 ieee80211_dynamic_ps_enable_work);
773 INIT_WORK(&local->dynamic_ps_disable_work, 784 INIT_WORK(&local->dynamic_ps_disable_work,
@@ -821,7 +832,17 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
821 enum ieee80211_band band; 832 enum ieee80211_band band;
822 struct net_device *mdev; 833 struct net_device *mdev;
823 struct ieee80211_master_priv *mpriv; 834 struct ieee80211_master_priv *mpriv;
824 int channels, i, j; 835 int channels, i, j, max_bitrates;
836 bool supp_ht;
837 static const u32 cipher_suites[] = {
838 WLAN_CIPHER_SUITE_WEP40,
839 WLAN_CIPHER_SUITE_WEP104,
840 WLAN_CIPHER_SUITE_TKIP,
841 WLAN_CIPHER_SUITE_CCMP,
842
843 /* keep last -- depends on hw flags! */
844 WLAN_CIPHER_SUITE_AES_CMAC
845 };
825 846
826 /* 847 /*
827 * generic code guarantees at least one band, 848 * generic code guarantees at least one band,
@@ -829,18 +850,25 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
829 * that hw.conf.channel is assigned 850 * that hw.conf.channel is assigned
830 */ 851 */
831 channels = 0; 852 channels = 0;
853 max_bitrates = 0;
854 supp_ht = false;
832 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 855 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
833 struct ieee80211_supported_band *sband; 856 struct ieee80211_supported_band *sband;
834 857
835 sband = local->hw.wiphy->bands[band]; 858 sband = local->hw.wiphy->bands[band];
836 if (sband && !local->oper_channel) { 859 if (!sband)
860 continue;
861 if (!local->oper_channel) {
837 /* init channel we're on */ 862 /* init channel we're on */
838 local->hw.conf.channel = 863 local->hw.conf.channel =
839 local->oper_channel = 864 local->oper_channel = &sband->channels[0];
840 local->scan_channel = &sband->channels[0]; 865 local->hw.conf.channel_type = NL80211_CHAN_NO_HT;
841 } 866 }
842 if (sband) 867 channels += sband->n_channels;
843 channels += sband->n_channels; 868
869 if (max_bitrates < sband->n_bitrates)
870 max_bitrates = sband->n_bitrates;
871 supp_ht = supp_ht || sband->ht_cap.ht_supported;
844 } 872 }
845 873
846 local->int_scan_req.n_channels = channels; 874 local->int_scan_req.n_channels = channels;
@@ -860,6 +888,37 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
860 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC) 888 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
861 local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC; 889 local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;
862 890
891 /*
892 * Calculate scan IE length -- we need this to alloc
893 * memory and to subtract from the driver limit. It
894 * includes the (extended) supported rates and HT
895 * information -- SSID is the driver's responsibility.
896 */
897 local->scan_ies_len = 4 + max_bitrates; /* (ext) supp rates */
898 if (supp_ht)
899 local->scan_ies_len += 2 + sizeof(struct ieee80211_ht_cap);
900
901 if (!local->ops->hw_scan) {
902 /* For hw_scan, driver needs to set these up. */
903 local->hw.wiphy->max_scan_ssids = 4;
904 local->hw.wiphy->max_scan_ie_len = IEEE80211_MAX_DATA_LEN;
905 }
906
907 /*
908 * If the driver supports any scan IEs, then assume the
909 * limit includes the IEs mac80211 will add, otherwise
910 * leave it at zero and let the driver sort it out; we
911 * still pass our IEs to the driver but userspace will
912 * not be allowed to in that case.
913 */
914 if (local->hw.wiphy->max_scan_ie_len)
915 local->hw.wiphy->max_scan_ie_len -= local->scan_ies_len;
916
917 local->hw.wiphy->cipher_suites = cipher_suites;
918 local->hw.wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
919 if (!(local->hw.flags & IEEE80211_HW_MFP_CAPABLE))
920 local->hw.wiphy->n_cipher_suites--;
921
863 result = wiphy_register(local->hw.wiphy); 922 result = wiphy_register(local->hw.wiphy);
864 if (result < 0) 923 if (result < 0)
865 goto fail_wiphy_register; 924 goto fail_wiphy_register;
@@ -898,9 +957,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
898 957
899 debugfs_hw_add(local); 958 debugfs_hw_add(local);
900 959
901 if (local->hw.conf.beacon_int < 10)
902 local->hw.conf.beacon_int = 100;
903
904 if (local->hw.max_listen_interval == 0) 960 if (local->hw.max_listen_interval == 0)
905 local->hw.max_listen_interval = 1; 961 local->hw.max_listen_interval = 1;
906 962
@@ -965,25 +1021,38 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
965 } 1021 }
966 } 1022 }
967 1023
1024 local->network_latency_notifier.notifier_call =
1025 ieee80211_max_network_latency;
1026 result = pm_qos_add_notifier(PM_QOS_NETWORK_LATENCY,
1027 &local->network_latency_notifier);
1028
1029 if (result) {
1030 rtnl_lock();
1031 goto fail_pm_qos;
1032 }
1033
968 return 0; 1034 return 0;
969 1035
970fail_rate: 1036 fail_pm_qos:
1037 ieee80211_led_exit(local);
1038 ieee80211_remove_interfaces(local);
1039 fail_rate:
971 unregister_netdevice(local->mdev); 1040 unregister_netdevice(local->mdev);
972 local->mdev = NULL; 1041 local->mdev = NULL;
973fail_dev: 1042 fail_dev:
974 rtnl_unlock(); 1043 rtnl_unlock();
975 ieee80211_wep_free(local); 1044 ieee80211_wep_free(local);
976fail_wep: 1045 fail_wep:
977 sta_info_stop(local); 1046 sta_info_stop(local);
978fail_sta_info: 1047 fail_sta_info:
979 debugfs_hw_del(local); 1048 debugfs_hw_del(local);
980 destroy_workqueue(local->hw.workqueue); 1049 destroy_workqueue(local->hw.workqueue);
981fail_workqueue: 1050 fail_workqueue:
982 if (local->mdev) 1051 if (local->mdev)
983 free_netdev(local->mdev); 1052 free_netdev(local->mdev);
984fail_mdev_alloc: 1053 fail_mdev_alloc:
985 wiphy_unregister(local->hw.wiphy); 1054 wiphy_unregister(local->hw.wiphy);
986fail_wiphy_register: 1055 fail_wiphy_register:
987 kfree(local->int_scan_req.channels); 1056 kfree(local->int_scan_req.channels);
988 return result; 1057 return result;
989} 1058}
@@ -996,6 +1065,9 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
996 tasklet_kill(&local->tx_pending_tasklet); 1065 tasklet_kill(&local->tx_pending_tasklet);
997 tasklet_kill(&local->tasklet); 1066 tasklet_kill(&local->tasklet);
998 1067
1068 pm_qos_remove_notifier(PM_QOS_NETWORK_LATENCY,
1069 &local->network_latency_notifier);
1070
999 rtnl_lock(); 1071 rtnl_lock();
1000 1072
1001 /* 1073 /*
@@ -1038,6 +1110,7 @@ void ieee80211_free_hw(struct ieee80211_hw *hw)
1038 struct ieee80211_local *local = hw_to_local(hw); 1110 struct ieee80211_local *local = hw_to_local(hw);
1039 1111
1040 mutex_destroy(&local->iflist_mtx); 1112 mutex_destroy(&local->iflist_mtx);
1113 mutex_destroy(&local->scan_mtx);
1041 1114
1042 wiphy_free(local->hw.wiphy); 1115 wiphy_free(local->hw.wiphy);
1043} 1116}
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 9a3e5de0410a..9000b01a1671 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -417,7 +417,7 @@ static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata,
417 417
418 free_plinks = mesh_plink_availables(sdata); 418 free_plinks = mesh_plink_availables(sdata);
419 if (free_plinks != sdata->u.mesh.accepting_plinks) 419 if (free_plinks != sdata->u.mesh.accepting_plinks)
420 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON); 420 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
421 421
422 ifmsh->housekeeping = false; 422 ifmsh->housekeeping = false;
423 mod_timer(&ifmsh->housekeeping_timer, 423 mod_timer(&ifmsh->housekeeping_timer,
@@ -432,8 +432,8 @@ void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
432 432
433 ifmsh->housekeeping = true; 433 ifmsh->housekeeping = true;
434 queue_work(local->hw.workqueue, &ifmsh->work); 434 queue_work(local->hw.workqueue, &ifmsh->work);
435 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON | 435 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON |
436 IEEE80211_IFCC_BEACON_ENABLED); 436 BSS_CHANGED_BEACON_ENABLED);
437} 437}
438 438
439void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata) 439void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 132938b073dc..ae030688771f 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -17,10 +17,13 @@
17#include <linux/if_arp.h> 17#include <linux/if_arp.h>
18#include <linux/etherdevice.h> 18#include <linux/etherdevice.h>
19#include <linux/rtnetlink.h> 19#include <linux/rtnetlink.h>
20#include <linux/pm_qos_params.h>
21#include <linux/crc32.h>
20#include <net/mac80211.h> 22#include <net/mac80211.h>
21#include <asm/unaligned.h> 23#include <asm/unaligned.h>
22 24
23#include "ieee80211_i.h" 25#include "ieee80211_i.h"
26#include "driver-ops.h"
24#include "rate.h" 27#include "rate.h"
25#include "led.h" 28#include "led.h"
26 29
@@ -30,6 +33,7 @@
30#define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 33#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
31#define IEEE80211_ASSOC_MAX_TRIES 3 34#define IEEE80211_ASSOC_MAX_TRIES 3
32#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 35#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
36#define IEEE80211_PROBE_WAIT (HZ / 20)
33#define IEEE80211_PROBE_IDLE_TIME (60 * HZ) 37#define IEEE80211_PROBE_IDLE_TIME (60 * HZ)
34#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 38#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
35 39
@@ -80,6 +84,88 @@ static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
80 return count; 84 return count;
81} 85}
82 86
87/*
88 * ieee80211_enable_ht should be called only after the operating band
89 * has been determined as ht configuration depends on the hw's
90 * HT abilities for a specific band.
91 */
92static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
93 struct ieee80211_ht_info *hti,
94 u16 ap_ht_cap_flags)
95{
96 struct ieee80211_local *local = sdata->local;
97 struct ieee80211_supported_band *sband;
98 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
99 struct sta_info *sta;
100 u32 changed = 0;
101 u16 ht_opmode;
102 bool enable_ht = true, ht_changed;
103 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
104
105 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
106
107 /* HT is not supported */
108 if (!sband->ht_cap.ht_supported)
109 enable_ht = false;
110
111 /* check that channel matches the right operating channel */
112 if (local->hw.conf.channel->center_freq !=
113 ieee80211_channel_to_frequency(hti->control_chan))
114 enable_ht = false;
115
116 if (enable_ht) {
117 channel_type = NL80211_CHAN_HT20;
118
119 if (!(ap_ht_cap_flags & IEEE80211_HT_CAP_40MHZ_INTOLERANT) &&
120 (sband->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
121 (hti->ht_param & IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) {
122 switch(hti->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
123 case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
124 channel_type = NL80211_CHAN_HT40PLUS;
125 break;
126 case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
127 channel_type = NL80211_CHAN_HT40MINUS;
128 break;
129 }
130 }
131 }
132
133 ht_changed = conf_is_ht(&local->hw.conf) != enable_ht ||
134 channel_type != local->hw.conf.channel_type;
135
136 local->oper_channel_type = channel_type;
137
138 if (ht_changed) {
139 /* channel_type change automatically detected */
140 ieee80211_hw_config(local, 0);
141
142 rcu_read_lock();
143
144 sta = sta_info_get(local, ifmgd->bssid);
145 if (sta)
146 rate_control_rate_update(local, sband, sta,
147 IEEE80211_RC_HT_CHANGED);
148
149 rcu_read_unlock();
150 }
151
152 /* disable HT */
153 if (!enable_ht)
154 return 0;
155
156 ht_opmode = le16_to_cpu(hti->operation_mode);
157
158 /* if bss configuration changed store the new one */
159 if (!sdata->ht_opmode_valid ||
160 sdata->vif.bss_conf.ht_operation_mode != ht_opmode) {
161 changed |= BSS_CHANGED_HT;
162 sdata->vif.bss_conf.ht_operation_mode = ht_opmode;
163 sdata->ht_opmode_valid = true;
164 }
165
166 return changed;
167}
168
83/* frame sending functions */ 169/* frame sending functions */
84 170
85static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 171static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
@@ -325,6 +411,10 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
325 /* u.deauth.reason_code == u.disassoc.reason_code */ 411 /* u.deauth.reason_code == u.disassoc.reason_code */
326 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 412 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
327 413
414 if (stype == IEEE80211_STYPE_DEAUTH)
415 cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, skb->len);
416 else
417 cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, skb->len);
328 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED); 418 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
329} 419}
330 420
@@ -359,6 +449,173 @@ void ieee80211_send_pspoll(struct ieee80211_local *local,
359 ieee80211_tx_skb(sdata, skb, 0); 449 ieee80211_tx_skb(sdata, skb, 0);
360} 450}
361 451
452void ieee80211_send_nullfunc(struct ieee80211_local *local,
453 struct ieee80211_sub_if_data *sdata,
454 int powersave)
455{
456 struct sk_buff *skb;
457 struct ieee80211_hdr *nullfunc;
458 __le16 fc;
459
460 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
461 return;
462
463 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
464 if (!skb) {
465 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
466 "frame\n", sdata->dev->name);
467 return;
468 }
469 skb_reserve(skb, local->hw.extra_tx_headroom);
470
471 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
472 memset(nullfunc, 0, 24);
473 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
474 IEEE80211_FCTL_TODS);
475 if (powersave)
476 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
477 nullfunc->frame_control = fc;
478 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
479 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
480 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
481
482 ieee80211_tx_skb(sdata, skb, 0);
483}
484
485/* powersave */
486static void ieee80211_enable_ps(struct ieee80211_local *local,
487 struct ieee80211_sub_if_data *sdata)
488{
489 struct ieee80211_conf *conf = &local->hw.conf;
490
491 /*
492 * If we are scanning right now then the parameters will
493 * take effect when scan finishes.
494 */
495 if (local->hw_scanning || local->sw_scanning)
496 return;
497
498 if (conf->dynamic_ps_timeout > 0 &&
499 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
500 mod_timer(&local->dynamic_ps_timer, jiffies +
501 msecs_to_jiffies(conf->dynamic_ps_timeout));
502 } else {
503 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
504 ieee80211_send_nullfunc(local, sdata, 1);
505 conf->flags |= IEEE80211_CONF_PS;
506 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
507 }
508}
509
510static void ieee80211_change_ps(struct ieee80211_local *local)
511{
512 struct ieee80211_conf *conf = &local->hw.conf;
513
514 if (local->ps_sdata) {
515 if (!(local->ps_sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED))
516 return;
517
518 ieee80211_enable_ps(local, local->ps_sdata);
519 } else if (conf->flags & IEEE80211_CONF_PS) {
520 conf->flags &= ~IEEE80211_CONF_PS;
521 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
522 del_timer_sync(&local->dynamic_ps_timer);
523 cancel_work_sync(&local->dynamic_ps_enable_work);
524 }
525}
526
527/* need to hold RTNL or interface lock */
528void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
529{
530 struct ieee80211_sub_if_data *sdata, *found = NULL;
531 int count = 0;
532
533 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) {
534 local->ps_sdata = NULL;
535 return;
536 }
537
538 list_for_each_entry(sdata, &local->interfaces, list) {
539 if (!netif_running(sdata->dev))
540 continue;
541 if (sdata->vif.type != NL80211_IFTYPE_STATION)
542 continue;
543 found = sdata;
544 count++;
545 }
546
547 if (count == 1 && found->u.mgd.powersave) {
548 s32 beaconint_us;
549
550 if (latency < 0)
551 latency = pm_qos_requirement(PM_QOS_NETWORK_LATENCY);
552
553 beaconint_us = ieee80211_tu_to_usec(
554 found->vif.bss_conf.beacon_int);
555
556 if (beaconint_us > latency) {
557 local->ps_sdata = NULL;
558 } else {
559 u8 dtimper = found->vif.bss_conf.dtim_period;
560 int maxslp = 1;
561
562 if (dtimper > 1)
563 maxslp = min_t(int, dtimper,
564 latency / beaconint_us);
565
566 local->hw.conf.max_sleep_period = maxslp;
567 local->ps_sdata = found;
568 }
569 } else {
570 local->ps_sdata = NULL;
571 }
572
573 ieee80211_change_ps(local);
574}
575
576void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
577{
578 struct ieee80211_local *local =
579 container_of(work, struct ieee80211_local,
580 dynamic_ps_disable_work);
581
582 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
583 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
584 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
585 }
586
587 ieee80211_wake_queues_by_reason(&local->hw,
588 IEEE80211_QUEUE_STOP_REASON_PS);
589}
590
591void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
592{
593 struct ieee80211_local *local =
594 container_of(work, struct ieee80211_local,
595 dynamic_ps_enable_work);
596 struct ieee80211_sub_if_data *sdata = local->ps_sdata;
597
598 /* can only happen when PS was just disabled anyway */
599 if (!sdata)
600 return;
601
602 if (local->hw.conf.flags & IEEE80211_CONF_PS)
603 return;
604
605 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
606 ieee80211_send_nullfunc(local, sdata, 1);
607
608 local->hw.conf.flags |= IEEE80211_CONF_PS;
609 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
610}
611
612void ieee80211_dynamic_ps_timer(unsigned long data)
613{
614 struct ieee80211_local *local = (void *) data;
615
616 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work);
617}
618
362/* MLME */ 619/* MLME */
363static void ieee80211_sta_wmm_params(struct ieee80211_local *local, 620static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
364 struct ieee80211_if_managed *ifmgd, 621 struct ieee80211_if_managed *ifmgd,
@@ -427,38 +684,13 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
427 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min, 684 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
428 params.cw_max, params.txop); 685 params.cw_max, params.txop);
429#endif 686#endif
430 if (local->ops->conf_tx && 687 if (drv_conf_tx(local, queue, &params) && local->ops->conf_tx)
431 local->ops->conf_tx(local_to_hw(local), queue, &params)) {
432 printk(KERN_DEBUG "%s: failed to set TX queue " 688 printk(KERN_DEBUG "%s: failed to set TX queue "
433 "parameters for queue %d\n", local->mdev->name, queue); 689 "parameters for queue %d\n", local->mdev->name,
434 } 690 queue);
435 } 691 }
436} 692}
437 693
438static bool ieee80211_check_tim(struct ieee802_11_elems *elems, u16 aid)
439{
440 u8 mask;
441 u8 index, indexn1, indexn2;
442 struct ieee80211_tim_ie *tim = (struct ieee80211_tim_ie *) elems->tim;
443
444 if (unlikely(!tim || elems->tim_len < 4))
445 return false;
446
447 aid &= 0x3fff;
448 index = aid / 8;
449 mask = 1 << (aid & 7);
450
451 indexn1 = tim->bitmap_ctrl & 0xfe;
452 indexn2 = elems->tim_len + indexn1 - 4;
453
454 if (index < indexn1 || index > indexn2)
455 return false;
456
457 index -= indexn1;
458
459 return !!(tim->virtual_map[index] & mask);
460}
461
462static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, 694static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
463 u16 capab, bool erp_valid, u8 erp) 695 u16 capab, bool erp_valid, u8 erp)
464{ 696{
@@ -610,6 +842,7 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
610 sdata->vif.bss_conf.timestamp = bss->cbss.tsf; 842 sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
611 sdata->vif.bss_conf.dtim_period = bss->dtim_period; 843 sdata->vif.bss_conf.dtim_period = bss->dtim_period;
612 844
845 bss_info_changed |= BSS_CHANGED_BEACON_INT;
613 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 846 bss_info_changed |= ieee80211_handle_bss_capability(sdata,
614 bss->cbss.capability, bss->has_erp_value, bss->erp_value); 847 bss->cbss.capability, bss->has_erp_value, bss->erp_value);
615 848
@@ -634,18 +867,11 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
634 bss_info_changed |= BSS_CHANGED_BASIC_RATES; 867 bss_info_changed |= BSS_CHANGED_BASIC_RATES;
635 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 868 ieee80211_bss_info_change_notify(sdata, bss_info_changed);
636 869
637 if (local->powersave) { 870 /* will be same as sdata */
638 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS) && 871 if (local->ps_sdata) {
639 local->hw.conf.dynamic_ps_timeout > 0) { 872 mutex_lock(&local->iflist_mtx);
640 mod_timer(&local->dynamic_ps_timer, jiffies + 873 ieee80211_recalc_ps(local, -1);
641 msecs_to_jiffies( 874 mutex_unlock(&local->iflist_mtx);
642 local->hw.conf.dynamic_ps_timeout));
643 } else {
644 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
645 ieee80211_send_nullfunc(local, sdata, 1);
646 conf->flags |= IEEE80211_CONF_PS;
647 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
648 }
649 } 875 }
650 876
651 netif_tx_start_all_queues(sdata->dev); 877 netif_tx_start_all_queues(sdata->dev);
@@ -664,7 +890,8 @@ static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata)
664 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n", 890 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
665 sdata->dev->name, ifmgd->bssid); 891 sdata->dev->name, ifmgd->bssid);
666 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 892 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
667 ieee80211_sta_send_apinfo(sdata); 893 ieee80211_recalc_idle(local);
894 cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
668 895
669 /* 896 /*
670 * Most likely AP is not in the range so remove the 897 * Most likely AP is not in the range so remove the
@@ -689,8 +916,6 @@ static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata)
689 916
690 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE; 917 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
691 918
692 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifmgd->request);
693
694 /* Direct probe is sent to broadcast address as some APs 919 /* Direct probe is sent to broadcast address as some APs
695 * will not answer to direct packet in unassociated state. 920 * will not answer to direct packet in unassociated state.
696 */ 921 */
@@ -714,7 +939,8 @@ static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata)
714 " timed out\n", 939 " timed out\n",
715 sdata->dev->name, ifmgd->bssid); 940 sdata->dev->name, ifmgd->bssid);
716 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 941 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
717 ieee80211_sta_send_apinfo(sdata); 942 ieee80211_recalc_idle(local);
943 cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
718 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 944 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
719 sdata->local->hw.conf.channel->center_freq, 945 sdata->local->hw.conf.channel->center_freq,
720 ifmgd->ssid, ifmgd->ssid_len); 946 ifmgd->ssid, ifmgd->ssid_len);
@@ -817,9 +1043,16 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
817 1043
818 rcu_read_unlock(); 1044 rcu_read_unlock();
819 1045
1046 ieee80211_set_wmm_default(sdata);
1047
1048 ieee80211_recalc_idle(local);
1049
820 /* channel(_type) changes are handled by ieee80211_hw_config */ 1050 /* channel(_type) changes are handled by ieee80211_hw_config */
821 local->oper_channel_type = NL80211_CHAN_NO_HT; 1051 local->oper_channel_type = NL80211_CHAN_NO_HT;
822 1052
1053 /* on the next assoc, re-program HT parameters */
1054 sdata->ht_opmode_valid = false;
1055
823 local->power_constr_level = 0; 1056 local->power_constr_level = 0;
824 1057
825 del_timer_sync(&local->dynamic_ps_timer); 1058 del_timer_sync(&local->dynamic_ps_timer);
@@ -897,7 +1130,8 @@ static void ieee80211_associate(struct ieee80211_sub_if_data *sdata)
897 " timed out\n", 1130 " timed out\n",
898 sdata->dev->name, ifmgd->bssid); 1131 sdata->dev->name, ifmgd->bssid);
899 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 1132 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
900 ieee80211_sta_send_apinfo(sdata); 1133 ieee80211_recalc_idle(local);
1134 cfg80211_send_assoc_timeout(sdata->dev, ifmgd->bssid);
901 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 1135 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
902 sdata->local->hw.conf.channel->center_freq, 1136 sdata->local->hw.conf.channel->center_freq,
903 ifmgd->ssid, ifmgd->ssid_len); 1137 ifmgd->ssid, ifmgd->ssid_len);
@@ -917,6 +1151,7 @@ static void ieee80211_associate(struct ieee80211_sub_if_data *sdata)
917 printk(KERN_DEBUG "%s: mismatch in privacy configuration and " 1151 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
918 "mixed-cell disabled - abort association\n", sdata->dev->name); 1152 "mixed-cell disabled - abort association\n", sdata->dev->name);
919 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 1153 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1154 ieee80211_recalc_idle(local);
920 return; 1155 return;
921 } 1156 }
922 1157
@@ -948,6 +1183,17 @@ void ieee80211_beacon_loss_work(struct work_struct *work)
948 u.mgd.beacon_loss_work); 1183 u.mgd.beacon_loss_work);
949 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1184 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
950 1185
1186 /*
1187 * The driver has already reported this event and we have
1188 * already sent a probe request. Maybe the AP died and the
1189 * driver keeps reporting until we disassociate... We have
1190 * to ignore that because otherwise we would continually
1191 * reset the timer and never check whether we received a
1192 * probe response!
1193 */
1194 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL)
1195 return;
1196
951#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1197#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
952 if (net_ratelimit()) { 1198 if (net_ratelimit()) {
953 printk(KERN_DEBUG "%s: driver reports beacon loss from AP %pM " 1199 printk(KERN_DEBUG "%s: driver reports beacon loss from AP %pM "
@@ -960,7 +1206,7 @@ void ieee80211_beacon_loss_work(struct work_struct *work)
960 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid, 1206 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
961 ifmgd->ssid_len, NULL, 0); 1207 ifmgd->ssid_len, NULL, 0);
962 1208
963 mod_timer(&ifmgd->timer, jiffies + IEEE80211_MONITORING_INTERVAL); 1209 mod_timer(&ifmgd->timer, jiffies + IEEE80211_PROBE_WAIT);
964} 1210}
965 1211
966void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1212void ieee80211_beacon_loss(struct ieee80211_vif *vif)
@@ -997,7 +1243,7 @@ static void ieee80211_associated(struct ieee80211_sub_if_data *sdata)
997 } 1243 }
998 1244
999 if ((ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) && 1245 if ((ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) &&
1000 time_after(jiffies, sta->last_rx + IEEE80211_MONITORING_INTERVAL)) { 1246 time_after(jiffies, sta->last_rx + IEEE80211_PROBE_WAIT)) {
1001 printk(KERN_DEBUG "%s: no probe response from AP %pM " 1247 printk(KERN_DEBUG "%s: no probe response from AP %pM "
1002 "- disassociating\n", 1248 "- disassociating\n",
1003 sdata->dev->name, ifmgd->bssid); 1249 sdata->dev->name, ifmgd->bssid);
@@ -1055,6 +1301,7 @@ static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata)
1055 if (ifmgd->flags & IEEE80211_STA_EXT_SME) { 1301 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
1056 /* Wait for SME to request association */ 1302 /* Wait for SME to request association */
1057 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 1303 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1304 ieee80211_recalc_idle(sdata->local);
1058 } else 1305 } else
1059 ieee80211_associate(sdata); 1306 ieee80211_associate(sdata);
1060} 1307}
@@ -1187,7 +1434,7 @@ static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
1187 1434
1188 ieee80211_set_disassoc(sdata, true, false, 0); 1435 ieee80211_set_disassoc(sdata, true, false, 0);
1189 ifmgd->flags &= ~IEEE80211_STA_AUTHENTICATED; 1436 ifmgd->flags &= ~IEEE80211_STA_AUTHENTICATED;
1190 cfg80211_send_rx_deauth(sdata->dev, (u8 *) mgmt, len); 1437 cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, len);
1191} 1438}
1192 1439
1193 1440
@@ -1218,7 +1465,7 @@ static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
1218 } 1465 }
1219 1466
1220 ieee80211_set_disassoc(sdata, false, false, reason_code); 1467 ieee80211_set_disassoc(sdata, false, false, reason_code);
1221 cfg80211_send_rx_disassoc(sdata->dev, (u8 *) mgmt, len); 1468 cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, len);
1222} 1469}
1223 1470
1224 1471
@@ -1287,6 +1534,12 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1287 * association next time. This works around some broken APs 1534 * association next time. This works around some broken APs
1288 * which do not correctly reject reassociation requests. */ 1535 * which do not correctly reject reassociation requests. */
1289 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET; 1536 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1537 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len);
1538 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
1539 /* Wait for SME to decide what to do next */
1540 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1541 ieee80211_recalc_idle(local);
1542 }
1290 return; 1543 return;
1291 } 1544 }
1292 1545
@@ -1340,8 +1593,9 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1340 * to between the sta_info_alloc() and sta_info_insert() above. 1593 * to between the sta_info_alloc() and sta_info_insert() above.
1341 */ 1594 */
1342 1595
1343 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP | 1596 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP);
1344 WLAN_STA_AUTHORIZED); 1597 if (!(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
1598 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
1345 1599
1346 rates = 0; 1600 rates = 0;
1347 basic_rates = 0; 1601 basic_rates = 0;
@@ -1421,6 +1675,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1421 if (elems.wmm_param) 1675 if (elems.wmm_param)
1422 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param, 1676 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param,
1423 elems.wmm_param_len); 1677 elems.wmm_param_len);
1678 else
1679 ieee80211_set_wmm_default(sdata);
1424 1680
1425 if (elems.ht_info_elem && elems.wmm_param && 1681 if (elems.ht_info_elem && elems.wmm_param &&
1426 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) && 1682 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
@@ -1507,8 +1763,7 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1507 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 1763 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false);
1508 1764
1509 /* direct probe may be part of the association flow */ 1765 /* direct probe may be part of the association flow */
1510 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE, 1766 if (ifmgd->state == IEEE80211_STA_MLME_DIRECT_PROBE) {
1511 &ifmgd->request)) {
1512 printk(KERN_DEBUG "%s direct probe responded\n", 1767 printk(KERN_DEBUG "%s direct probe responded\n",
1513 sdata->dev->name); 1768 sdata->dev->name);
1514 ieee80211_authenticate(sdata); 1769 ieee80211_authenticate(sdata);
@@ -1518,46 +1773,74 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1518 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 1773 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1519} 1774}
1520 1775
1776/*
1777 * This is the canonical list of information elements we care about,
1778 * the filter code also gives us all changes to the Microsoft OUI
1779 * (00:50:F2) vendor IE which is used for WMM which we need to track.
1780 *
1781 * We implement beacon filtering in software since that means we can
1782 * avoid processing the frame here and in cfg80211, and userspace
1783 * will not be able to tell whether the hardware supports it or not.
1784 *
1785 * XXX: This list needs to be dynamic -- userspace needs to be able to
1786 * add items it requires. It also needs to be able to tell us to
1787 * look out for other vendor IEs.
1788 */
1789static const u64 care_about_ies =
1790 (1ULL << WLAN_EID_COUNTRY) |
1791 (1ULL << WLAN_EID_ERP_INFO) |
1792 (1ULL << WLAN_EID_CHANNEL_SWITCH) |
1793 (1ULL << WLAN_EID_PWR_CONSTRAINT) |
1794 (1ULL << WLAN_EID_HT_CAPABILITY) |
1795 (1ULL << WLAN_EID_HT_INFORMATION);
1796
1521static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, 1797static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1522 struct ieee80211_mgmt *mgmt, 1798 struct ieee80211_mgmt *mgmt,
1523 size_t len, 1799 size_t len,
1524 struct ieee80211_rx_status *rx_status) 1800 struct ieee80211_rx_status *rx_status)
1525{ 1801{
1526 struct ieee80211_if_managed *ifmgd; 1802 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1527 size_t baselen; 1803 size_t baselen;
1528 struct ieee802_11_elems elems; 1804 struct ieee802_11_elems elems;
1529 struct ieee80211_local *local = sdata->local; 1805 struct ieee80211_local *local = sdata->local;
1530 u32 changed = 0; 1806 u32 changed = 0;
1531 bool erp_valid, directed_tim; 1807 bool erp_valid, directed_tim = false;
1532 u8 erp_value = 0; 1808 u8 erp_value = 0;
1809 u32 ncrc;
1533 1810
1534 /* Process beacon from the current BSS */ 1811 /* Process beacon from the current BSS */
1535 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 1812 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1536 if (baselen > len) 1813 if (baselen > len)
1537 return; 1814 return;
1538 1815
1539 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); 1816 if (rx_status->freq != local->hw.conf.channel->center_freq)
1540
1541 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true);
1542
1543 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1544 return; 1817 return;
1545 1818
1546 ifmgd = &sdata->u.mgd;
1547
1548 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED) || 1819 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED) ||
1549 memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0) 1820 memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0)
1550 return; 1821 return;
1551 1822
1552 if (rx_status->freq != local->hw.conf.channel->center_freq) 1823 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4);
1824 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable,
1825 len - baselen, &elems,
1826 care_about_ies, ncrc);
1827
1828 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
1829 directed_tim = ieee80211_check_tim(elems.tim, elems.tim_len,
1830 ifmgd->aid);
1831
1832 ncrc = crc32_be(ncrc, (void *)&directed_tim, sizeof(directed_tim));
1833
1834 if (ncrc == ifmgd->beacon_crc)
1553 return; 1835 return;
1836 ifmgd->beacon_crc = ncrc;
1837
1838 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, true);
1554 1839
1555 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param, 1840 ieee80211_sta_wmm_params(local, ifmgd, elems.wmm_param,
1556 elems.wmm_param_len); 1841 elems.wmm_param_len);
1557 1842
1558 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) { 1843 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) {
1559 directed_tim = ieee80211_check_tim(&elems, ifmgd->aid);
1560
1561 if (directed_tim) { 1844 if (directed_tim) {
1562 if (local->hw.conf.dynamic_ps_timeout > 0) { 1845 if (local->hw.conf.dynamic_ps_timeout > 0) {
1563 local->hw.conf.flags &= ~IEEE80211_CONF_PS; 1846 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
@@ -1723,10 +2006,8 @@ static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata)
1723 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2006 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1724 struct ieee80211_local *local = sdata->local; 2007 struct ieee80211_local *local = sdata->local;
1725 2008
1726 if (local->ops->reset_tsf) { 2009 /* Reset own TSF to allow time synchronization work. */
1727 /* Reset own TSF to allow time synchronization work. */ 2010 drv_reset_tsf(local);
1728 local->ops->reset_tsf(local_to_hw(local));
1729 }
1730 2011
1731 ifmgd->wmm_last_param_set = -1; /* allow any WMM update */ 2012 ifmgd->wmm_last_param_set = -1; /* allow any WMM update */
1732 2013
@@ -1814,25 +2095,18 @@ static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata)
1814 return 0; 2095 return 0;
1815 } else { 2096 } else {
1816 if (ifmgd->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) { 2097 if (ifmgd->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
2098
1817 ifmgd->assoc_scan_tries++; 2099 ifmgd->assoc_scan_tries++;
1818 /* XXX maybe racy? */
1819 if (local->scan_req)
1820 return -1;
1821 memcpy(local->int_scan_req.ssids[0].ssid,
1822 ifmgd->ssid, IEEE80211_MAX_SSID_LEN);
1823 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL)
1824 local->int_scan_req.ssids[0].ssid_len = 0;
1825 else
1826 local->int_scan_req.ssids[0].ssid_len = ifmgd->ssid_len;
1827 2100
1828 if (ieee80211_start_scan(sdata, &local->int_scan_req)) 2101 ieee80211_request_internal_scan(sdata, ifmgd->ssid,
1829 ieee80211_scan_failed(local); 2102 ssid_len);
1830 2103
1831 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE; 2104 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
1832 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request); 2105 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request);
1833 } else { 2106 } else {
1834 ifmgd->assoc_scan_tries = 0; 2107 ifmgd->assoc_scan_tries = 0;
1835 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 2108 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
2109 ieee80211_recalc_idle(local);
1836 } 2110 }
1837 } 2111 }
1838 return -1; 2112 return -1;
@@ -1864,14 +2138,8 @@ static void ieee80211_sta_work(struct work_struct *work)
1864 ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE && 2138 ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE &&
1865 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE && 2139 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE &&
1866 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request)) { 2140 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request)) {
1867 /* 2141 queue_delayed_work(local->hw.workqueue, &local->scan_work,
1868 * The call to ieee80211_start_scan can fail but ieee80211_request_scan 2142 round_jiffies_relative(0));
1869 * (which queued ieee80211_sta_work) did not return an error. Thus, call
1870 * ieee80211_scan_failed here if ieee80211_start_scan fails in order to
1871 * notify the scan requester.
1872 */
1873 if (ieee80211_start_scan(sdata, local->scan_req))
1874 ieee80211_scan_failed(local);
1875 return; 2143 return;
1876 } 2144 }
1877 2145
@@ -1882,6 +2150,8 @@ static void ieee80211_sta_work(struct work_struct *work)
1882 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request)) 2150 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request))
1883 return; 2151 return;
1884 2152
2153 ieee80211_recalc_idle(local);
2154
1885 switch (ifmgd->state) { 2155 switch (ifmgd->state) {
1886 case IEEE80211_STA_MLME_DISABLED: 2156 case IEEE80211_STA_MLME_DISABLED:
1887 break; 2157 break;
@@ -1930,6 +2200,7 @@ static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
1930void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 2200void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
1931{ 2201{
1932 struct ieee80211_if_managed *ifmgd; 2202 struct ieee80211_if_managed *ifmgd;
2203 u32 hw_flags;
1933 2204
1934 ifmgd = &sdata->u.mgd; 2205 ifmgd = &sdata->u.mgd;
1935 INIT_WORK(&ifmgd->work, ieee80211_sta_work); 2206 INIT_WORK(&ifmgd->work, ieee80211_sta_work);
@@ -1949,6 +2220,13 @@ void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
1949 IEEE80211_STA_AUTO_CHANNEL_SEL; 2220 IEEE80211_STA_AUTO_CHANNEL_SEL;
1950 if (sdata->local->hw.queues >= 4) 2221 if (sdata->local->hw.queues >= 4)
1951 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED; 2222 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED;
2223
2224 hw_flags = sdata->local->hw.flags;
2225
2226 if (hw_flags & IEEE80211_HW_SUPPORTS_PS) {
2227 ifmgd->powersave = CONFIG_MAC80211_DEFAULT_PS_VALUE;
2228 sdata->local->hw.conf.dynamic_ps_timeout = 500;
2229 }
1952} 2230}
1953 2231
1954/* configuration hooks */ 2232/* configuration hooks */
@@ -2032,12 +2310,8 @@ int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
2032 ifmgd->flags &= ~IEEE80211_STA_BSSID_SET; 2310 ifmgd->flags &= ~IEEE80211_STA_BSSID_SET;
2033 } 2311 }
2034 2312
2035 if (netif_running(sdata->dev)) { 2313 if (netif_running(sdata->dev))
2036 if (ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID)) { 2314 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
2037 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2038 "the low-level driver\n", sdata->dev->name);
2039 }
2040 }
2041 2315
2042 return ieee80211_sta_commit(sdata); 2316 return ieee80211_sta_commit(sdata);
2043} 2317}
@@ -2068,9 +2342,6 @@ int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason
2068 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n", 2342 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
2069 sdata->dev->name, reason); 2343 sdata->dev->name, reason);
2070 2344
2071 if (sdata->vif.type != NL80211_IFTYPE_STATION)
2072 return -EINVAL;
2073
2074 ieee80211_set_disassoc(sdata, true, true, reason); 2345 ieee80211_set_disassoc(sdata, true, true, reason);
2075 return 0; 2346 return 0;
2076} 2347}
@@ -2082,9 +2353,6 @@ int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
2082 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n", 2353 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
2083 sdata->dev->name, reason); 2354 sdata->dev->name, reason);
2084 2355
2085 if (sdata->vif.type != NL80211_IFTYPE_STATION)
2086 return -EINVAL;
2087
2088 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED)) 2356 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED))
2089 return -ENOLINK; 2357 return -ENOLINK;
2090 2358
@@ -2104,75 +2372,17 @@ void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
2104 rcu_read_unlock(); 2372 rcu_read_unlock();
2105} 2373}
2106 2374
2107void ieee80211_dynamic_ps_disable_work(struct work_struct *work) 2375int ieee80211_max_network_latency(struct notifier_block *nb,
2108{ 2376 unsigned long data, void *dummy)
2109 struct ieee80211_local *local =
2110 container_of(work, struct ieee80211_local,
2111 dynamic_ps_disable_work);
2112
2113 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
2114 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
2115 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
2116 }
2117
2118 ieee80211_wake_queues_by_reason(&local->hw,
2119 IEEE80211_QUEUE_STOP_REASON_PS);
2120}
2121
2122void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
2123{ 2377{
2378 s32 latency_usec = (s32) data;
2124 struct ieee80211_local *local = 2379 struct ieee80211_local *local =
2125 container_of(work, struct ieee80211_local, 2380 container_of(nb, struct ieee80211_local,
2126 dynamic_ps_enable_work); 2381 network_latency_notifier);
2127 /* XXX: using scan_sdata is completely broken! */
2128 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2129
2130 if (local->hw.conf.flags & IEEE80211_CONF_PS)
2131 return;
2132
2133 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK && sdata)
2134 ieee80211_send_nullfunc(local, sdata, 1);
2135
2136 local->hw.conf.flags |= IEEE80211_CONF_PS;
2137 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
2138}
2139
2140void ieee80211_dynamic_ps_timer(unsigned long data)
2141{
2142 struct ieee80211_local *local = (void *) data;
2143 2382
2144 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work); 2383 mutex_lock(&local->iflist_mtx);
2145} 2384 ieee80211_recalc_ps(local, latency_usec);
2146 2385 mutex_unlock(&local->iflist_mtx);
2147void ieee80211_send_nullfunc(struct ieee80211_local *local,
2148 struct ieee80211_sub_if_data *sdata,
2149 int powersave)
2150{
2151 struct sk_buff *skb;
2152 struct ieee80211_hdr *nullfunc;
2153 __le16 fc;
2154
2155 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2156 return;
2157
2158 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
2159 if (!skb) {
2160 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
2161 "frame\n", sdata->dev->name);
2162 return;
2163 }
2164 skb_reserve(skb, local->hw.extra_tx_headroom);
2165 2386
2166 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24); 2387 return 0;
2167 memset(nullfunc, 0, 24);
2168 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
2169 IEEE80211_FCTL_TODS);
2170 if (powersave)
2171 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
2172 nullfunc->frame_control = fc;
2173 memcpy(nullfunc->addr1, sdata->u.mgd.bssid, ETH_ALEN);
2174 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
2175 memcpy(nullfunc->addr3, sdata->u.mgd.bssid, ETH_ALEN);
2176
2177 ieee80211_tx_skb(sdata, skb, 0);
2178} 2388}
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
index 81985d27cbda..9d3d89abbb57 100644
--- a/net/mac80211/pm.c
+++ b/net/mac80211/pm.c
@@ -2,6 +2,7 @@
2#include <net/rtnetlink.h> 2#include <net/rtnetlink.h>
3 3
4#include "ieee80211_i.h" 4#include "ieee80211_i.h"
5#include "driver-ops.h"
5#include "led.h" 6#include "led.h"
6 7
7int __ieee80211_suspend(struct ieee80211_hw *hw) 8int __ieee80211_suspend(struct ieee80211_hw *hw)
@@ -43,8 +44,8 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
43 struct ieee80211_sub_if_data, 44 struct ieee80211_sub_if_data,
44 u.ap); 45 u.ap);
45 46
46 local->ops->sta_notify(hw, &sdata->vif, 47 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_REMOVE,
47 STA_NOTIFY_REMOVE, &sta->sta); 48 &sta->sta);
48 } 49 }
49 spin_unlock_irqrestore(&local->sta_lock, flags); 50 spin_unlock_irqrestore(&local->sta_lock, flags);
50 } 51 }
@@ -57,7 +58,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
57 conf.vif = &sdata->vif; 58 conf.vif = &sdata->vif;
58 conf.type = sdata->vif.type; 59 conf.type = sdata->vif.type;
59 conf.mac_addr = sdata->dev->dev_addr; 60 conf.mac_addr = sdata->dev->dev_addr;
60 local->ops->remove_interface(hw, &conf); 61 drv_remove_interface(local, &conf);
61 } 62 }
62 } 63 }
63 64
@@ -67,124 +68,13 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
67 /* stop hardware */ 68 /* stop hardware */
68 if (local->open_count) { 69 if (local->open_count) {
69 ieee80211_led_radio(local, false); 70 ieee80211_led_radio(local, false);
70 local->ops->stop(hw); 71 drv_stop(local);
71 } 72 }
72 return 0; 73 return 0;
73} 74}
74 75
75int __ieee80211_resume(struct ieee80211_hw *hw) 76/*
76{ 77 * __ieee80211_resume() is a static inline which just calls
77 struct ieee80211_local *local = hw_to_local(hw); 78 * ieee80211_reconfig(), which is also needed for hardware
78 struct ieee80211_sub_if_data *sdata; 79 * hang/firmware failure/etc. recovery.
79 struct ieee80211_if_init_conf conf; 80 */
80 struct sta_info *sta;
81 unsigned long flags;
82 int res;
83
84 /* restart hardware */
85 if (local->open_count) {
86 res = local->ops->start(hw);
87
88 ieee80211_led_radio(local, hw->conf.radio_enabled);
89 }
90
91 /* add interfaces */
92 list_for_each_entry(sdata, &local->interfaces, list) {
93 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
94 sdata->vif.type != NL80211_IFTYPE_MONITOR &&
95 netif_running(sdata->dev)) {
96 conf.vif = &sdata->vif;
97 conf.type = sdata->vif.type;
98 conf.mac_addr = sdata->dev->dev_addr;
99 res = local->ops->add_interface(hw, &conf);
100 }
101 }
102
103 /* add STAs back */
104 if (local->ops->sta_notify) {
105 spin_lock_irqsave(&local->sta_lock, flags);
106 list_for_each_entry(sta, &local->sta_list, list) {
107 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
108 sdata = container_of(sdata->bss,
109 struct ieee80211_sub_if_data,
110 u.ap);
111
112 local->ops->sta_notify(hw, &sdata->vif,
113 STA_NOTIFY_ADD, &sta->sta);
114 }
115 spin_unlock_irqrestore(&local->sta_lock, flags);
116 }
117
118 /* Clear Suspend state so that ADDBA requests can be processed */
119
120 rcu_read_lock();
121
122 if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) {
123 list_for_each_entry_rcu(sta, &local->sta_list, list) {
124 clear_sta_flags(sta, WLAN_STA_SUSPEND);
125 }
126 }
127
128 rcu_read_unlock();
129
130 /* add back keys */
131 list_for_each_entry(sdata, &local->interfaces, list)
132 if (netif_running(sdata->dev))
133 ieee80211_enable_keys(sdata);
134
135 /* setup RTS threshold */
136 if (local->ops->set_rts_threshold)
137 local->ops->set_rts_threshold(hw, local->rts_threshold);
138
139 /* reconfigure hardware */
140 ieee80211_hw_config(local, ~0);
141
142 netif_addr_lock_bh(local->mdev);
143 ieee80211_configure_filter(local);
144 netif_addr_unlock_bh(local->mdev);
145
146 /* Finally also reconfigure all the BSS information */
147 list_for_each_entry(sdata, &local->interfaces, list) {
148 u32 changed = ~0;
149 if (!netif_running(sdata->dev))
150 continue;
151 switch (sdata->vif.type) {
152 case NL80211_IFTYPE_STATION:
153 /* disable beacon change bits */
154 changed &= ~IEEE80211_IFCC_BEACON;
155 /* fall through */
156 case NL80211_IFTYPE_ADHOC:
157 case NL80211_IFTYPE_AP:
158 case NL80211_IFTYPE_MESH_POINT:
159 /*
160 * Driver's config_interface can fail if rfkill is
161 * enabled. Accommodate this return code.
162 * FIXME: When mac80211 has knowledge of rfkill
163 * state the code below can change back to:
164 * WARN(ieee80211_if_config(sdata, changed));
165 * ieee80211_bss_info_change_notify(sdata, ~0);
166 */
167 if (ieee80211_if_config(sdata, changed))
168 printk(KERN_DEBUG "%s: failed to configure interface during resume\n",
169 sdata->dev->name);
170 else
171 ieee80211_bss_info_change_notify(sdata, ~0);
172 break;
173 case NL80211_IFTYPE_WDS:
174 break;
175 case NL80211_IFTYPE_AP_VLAN:
176 case NL80211_IFTYPE_MONITOR:
177 /* ignore virtual */
178 break;
179 case NL80211_IFTYPE_UNSPECIFIED:
180 case __NL80211_IFTYPE_AFTER_LAST:
181 WARN_ON(1);
182 break;
183 }
184 }
185
186 ieee80211_wake_queues_by_reason(hw,
187 IEEE80211_QUEUE_STOP_REASON_SUSPEND);
188
189 return 0;
190}
diff --git a/net/mac80211/rc80211_minstrel.c b/net/mac80211/rc80211_minstrel.c
index d9233ec50610..0a11515341ba 100644
--- a/net/mac80211/rc80211_minstrel.c
+++ b/net/mac80211/rc80211_minstrel.c
@@ -80,8 +80,7 @@ use_low_rate(struct sk_buff *skb)
80 fc = le16_to_cpu(hdr->frame_control); 80 fc = le16_to_cpu(hdr->frame_control);
81 81
82 return ((info->flags & IEEE80211_TX_CTL_NO_ACK) || 82 return ((info->flags & IEEE80211_TX_CTL_NO_ACK) ||
83 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || 83 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA);
84 is_multicast_ether_addr(hdr->addr1));
85} 84}
86 85
87 86
@@ -245,7 +244,10 @@ minstrel_get_rate(void *priv, struct ieee80211_sta *sta,
245 244
246 if (!sta || !mi || use_low_rate(skb)) { 245 if (!sta || !mi || use_low_rate(skb)) {
247 ar[0].idx = rate_lowest_index(sband, sta); 246 ar[0].idx = rate_lowest_index(sband, sta);
248 ar[0].count = mp->max_retry; 247 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
248 ar[0].count = 1;
249 else
250 ar[0].count = mp->max_retry;
249 return; 251 return;
250 } 252 }
251 253
diff --git a/net/mac80211/rc80211_pid_algo.c b/net/mac80211/rc80211_pid_algo.c
index 8bef9a1262ff..a0bef767ceb5 100644
--- a/net/mac80211/rc80211_pid_algo.c
+++ b/net/mac80211/rc80211_pid_algo.c
@@ -289,13 +289,15 @@ rate_control_pid_get_rate(void *priv, struct ieee80211_sta *sta,
289 info->control.rates[0].count = 289 info->control.rates[0].count =
290 txrc->hw->conf.short_frame_max_tx_count; 290 txrc->hw->conf.short_frame_max_tx_count;
291 291
292 /* Send management frames and broadcast/multicast data using lowest 292 /* Send management frames and NO_ACK data using lowest rate. */
293 * rate. */
294 fc = le16_to_cpu(hdr->frame_control); 293 fc = le16_to_cpu(hdr->frame_control);
295 if (!sta || !spinfo || 294 if (!sta || !spinfo ||
296 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA || 295 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
297 is_multicast_ether_addr(hdr->addr1)) { 296 info->flags & IEEE80211_TX_CTL_NO_ACK) {
298 info->control.rates[0].idx = rate_lowest_index(sband, sta); 297 info->control.rates[0].idx = rate_lowest_index(sband, sta);
298 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
299 info->control.rates[0].count = 1;
300
299 return; 301 return;
300 } 302 }
301 303
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 9776f73c51ad..f962bd1b16e2 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -19,6 +19,7 @@
19#include <net/ieee80211_radiotap.h> 19#include <net/ieee80211_radiotap.h>
20 20
21#include "ieee80211_i.h" 21#include "ieee80211_i.h"
22#include "driver-ops.h"
22#include "led.h" 23#include "led.h"
23#include "mesh.h" 24#include "mesh.h"
24#include "wep.h" 25#include "wep.h"
@@ -629,15 +630,6 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
629 * possible. 630 * possible.
630 */ 631 */
631 632
632 if (!ieee80211_has_protected(hdr->frame_control)) {
633 if (!ieee80211_is_mgmt(hdr->frame_control) ||
634 rx->sta == NULL || !test_sta_flags(rx->sta, WLAN_STA_MFP))
635 return RX_CONTINUE;
636 mmie_keyidx = ieee80211_get_mmie_keyidx(rx->skb);
637 if (mmie_keyidx < 0)
638 return RX_CONTINUE;
639 }
640
641 /* 633 /*
642 * No point in finding a key and decrypting if the frame is neither 634 * No point in finding a key and decrypting if the frame is neither
643 * addressed to us nor a multicast frame. 635 * addressed to us nor a multicast frame.
@@ -648,8 +640,14 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
648 if (rx->sta) 640 if (rx->sta)
649 stakey = rcu_dereference(rx->sta->key); 641 stakey = rcu_dereference(rx->sta->key);
650 642
643 if (!ieee80211_has_protected(hdr->frame_control))
644 mmie_keyidx = ieee80211_get_mmie_keyidx(rx->skb);
645
651 if (!is_multicast_ether_addr(hdr->addr1) && stakey) { 646 if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
652 rx->key = stakey; 647 rx->key = stakey;
648 /* Skip decryption if the frame is not protected. */
649 if (!ieee80211_has_protected(hdr->frame_control))
650 return RX_CONTINUE;
653 } else if (mmie_keyidx >= 0) { 651 } else if (mmie_keyidx >= 0) {
654 /* Broadcast/multicast robust management frame / BIP */ 652 /* Broadcast/multicast robust management frame / BIP */
655 if ((rx->status->flag & RX_FLAG_DECRYPTED) && 653 if ((rx->status->flag & RX_FLAG_DECRYPTED) &&
@@ -660,6 +658,21 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
660 mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 658 mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
661 return RX_DROP_MONITOR; /* unexpected BIP keyidx */ 659 return RX_DROP_MONITOR; /* unexpected BIP keyidx */
662 rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]); 660 rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]);
661 } else if (!ieee80211_has_protected(hdr->frame_control)) {
662 /*
663 * The frame was not protected, so skip decryption. However, we
664 * need to set rx->key if there is a key that could have been
665 * used so that the frame may be dropped if encryption would
666 * have been expected.
667 */
668 struct ieee80211_key *key = NULL;
669 if (ieee80211_is_mgmt(hdr->frame_control) &&
670 is_multicast_ether_addr(hdr->addr1) &&
671 (key = rcu_dereference(rx->sdata->default_mgmt_key)))
672 rx->key = key;
673 else if ((key = rcu_dereference(rx->sdata->default_key)))
674 rx->key = key;
675 return RX_CONTINUE;
663 } else { 676 } else {
664 /* 677 /*
665 * The device doesn't give us the IV so we won't be 678 * The device doesn't give us the IV so we won't be
@@ -773,9 +786,7 @@ static void ap_sta_ps_start(struct sta_info *sta)
773 786
774 atomic_inc(&sdata->bss->num_sta_ps); 787 atomic_inc(&sdata->bss->num_sta_ps);
775 set_and_clear_sta_flags(sta, WLAN_STA_PS, WLAN_STA_PSPOLL); 788 set_and_clear_sta_flags(sta, WLAN_STA_PS, WLAN_STA_PSPOLL);
776 if (local->ops->sta_notify) 789 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_SLEEP, &sta->sta);
777 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
778 STA_NOTIFY_SLEEP, &sta->sta);
779#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 790#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
780 printk(KERN_DEBUG "%s: STA %pM aid %d enters power save mode\n", 791 printk(KERN_DEBUG "%s: STA %pM aid %d enters power save mode\n",
781 sdata->dev->name, sta->sta.addr, sta->sta.aid); 792 sdata->dev->name, sta->sta.addr, sta->sta.aid);
@@ -792,9 +803,7 @@ static int ap_sta_ps_end(struct sta_info *sta)
792 atomic_dec(&sdata->bss->num_sta_ps); 803 atomic_dec(&sdata->bss->num_sta_ps);
793 804
794 clear_sta_flags(sta, WLAN_STA_PS | WLAN_STA_PSPOLL); 805 clear_sta_flags(sta, WLAN_STA_PS | WLAN_STA_PSPOLL);
795 if (local->ops->sta_notify) 806 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_AWAKE, &sta->sta);
796 local->ops->sta_notify(local_to_hw(local), &sdata->vif,
797 STA_NOTIFY_AWAKE, &sta->sta);
798 807
799 if (!skb_queue_empty(&sta->ps_tx_buf)) 808 if (!skb_queue_empty(&sta->ps_tx_buf))
800 sta_info_clear_tim_bit(sta); 809 sta_info_clear_tim_bit(sta);
@@ -1212,17 +1221,27 @@ ieee80211_drop_unencrypted(struct ieee80211_rx_data *rx, __le16 fc)
1212 /* Drop unencrypted frames if key is set. */ 1221 /* Drop unencrypted frames if key is set. */
1213 if (unlikely(!ieee80211_has_protected(fc) && 1222 if (unlikely(!ieee80211_has_protected(fc) &&
1214 !ieee80211_is_nullfunc(fc) && 1223 !ieee80211_is_nullfunc(fc) &&
1215 (!ieee80211_is_mgmt(fc) || 1224 ieee80211_is_data(fc) &&
1216 (ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1217 rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP))) &&
1218 (rx->key || rx->sdata->drop_unencrypted)))
1219 return -EACCES;
1220 /* BIP does not use Protected field, so need to check MMIE */
1221 if (unlikely(rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP) &&
1222 ieee80211_is_multicast_robust_mgmt_frame(rx->skb) &&
1223 ieee80211_get_mmie_keyidx(rx->skb) < 0 &&
1224 (rx->key || rx->sdata->drop_unencrypted))) 1225 (rx->key || rx->sdata->drop_unencrypted)))
1225 return -EACCES; 1226 return -EACCES;
1227 if (rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP)) {
1228 if (unlikely(ieee80211_is_unicast_robust_mgmt_frame(rx->skb) &&
1229 rx->key))
1230 return -EACCES;
1231 /* BIP does not use Protected field, so need to check MMIE */
1232 if (unlikely(ieee80211_is_multicast_robust_mgmt_frame(rx->skb)
1233 && ieee80211_get_mmie_keyidx(rx->skb) < 0 &&
1234 rx->key))
1235 return -EACCES;
1236 /*
1237 * When using MFP, Action frames are not allowed prior to
1238 * having configured keys.
1239 */
1240 if (unlikely(ieee80211_is_action(fc) && !rx->key &&
1241 ieee80211_is_robust_mgmt_frame(
1242 (struct ieee80211_hdr *) rx->skb->data)))
1243 return -EACCES;
1244 }
1226 1245
1227 return 0; 1246 return 0;
1228} 1247}
@@ -1932,7 +1951,7 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1932 !ieee80211_is_auth(hdr->frame_control)) 1951 !ieee80211_is_auth(hdr->frame_control))
1933 goto ignore; 1952 goto ignore;
1934 1953
1935 mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr); 1954 mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr, NULL);
1936 ignore: 1955 ignore:
1937 dev_kfree_skb(rx->skb); 1956 dev_kfree_skb(rx->skb);
1938 rx->skb = NULL; 1957 rx->skb = NULL;
@@ -2287,6 +2306,43 @@ static inline u16 seq_sub(u16 sq1, u16 sq2)
2287} 2306}
2288 2307
2289 2308
2309static void ieee80211_release_reorder_frame(struct ieee80211_hw *hw,
2310 struct tid_ampdu_rx *tid_agg_rx,
2311 int index)
2312{
2313 struct ieee80211_supported_band *sband;
2314 struct ieee80211_rate *rate;
2315 struct ieee80211_rx_status status;
2316
2317 if (!tid_agg_rx->reorder_buf[index])
2318 goto no_frame;
2319
2320 /* release the reordered frames to stack */
2321 memcpy(&status, tid_agg_rx->reorder_buf[index]->cb, sizeof(status));
2322 sband = hw->wiphy->bands[status.band];
2323 if (status.flag & RX_FLAG_HT)
2324 rate = sband->bitrates; /* TODO: HT rates */
2325 else
2326 rate = &sband->bitrates[status.rate_idx];
2327 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index],
2328 &status, rate);
2329 tid_agg_rx->stored_mpdu_num--;
2330 tid_agg_rx->reorder_buf[index] = NULL;
2331
2332no_frame:
2333 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num);
2334}
2335
2336
2337/*
2338 * Timeout (in jiffies) for skb's that are waiting in the RX reorder buffer. If
2339 * the skb was added to the buffer longer than this time ago, the earlier
2340 * frames that have not yet been received are assumed to be lost and the skb
2341 * can be released for processing. This may also release other skb's from the
2342 * reorder buffer if there are no additional gaps between the frames.
2343 */
2344#define HT_RX_REORDER_BUF_TIMEOUT (HZ / 10)
2345
2290/* 2346/*
2291 * As it function blongs to Rx path it must be called with 2347 * As it function blongs to Rx path it must be called with
2292 * the proper rcu_read_lock protection for its flow. 2348 * the proper rcu_read_lock protection for its flow.
@@ -2298,12 +2354,8 @@ static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2298 u16 mpdu_seq_num, 2354 u16 mpdu_seq_num,
2299 int bar_req) 2355 int bar_req)
2300{ 2356{
2301 struct ieee80211_local *local = hw_to_local(hw);
2302 struct ieee80211_rx_status status;
2303 u16 head_seq_num, buf_size; 2357 u16 head_seq_num, buf_size;
2304 int index; 2358 int index;
2305 struct ieee80211_supported_band *sband;
2306 struct ieee80211_rate *rate;
2307 2359
2308 buf_size = tid_agg_rx->buf_size; 2360 buf_size = tid_agg_rx->buf_size;
2309 head_seq_num = tid_agg_rx->head_seq_num; 2361 head_seq_num = tid_agg_rx->head_seq_num;
@@ -2328,28 +2380,8 @@ static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2328 index = seq_sub(tid_agg_rx->head_seq_num, 2380 index = seq_sub(tid_agg_rx->head_seq_num,
2329 tid_agg_rx->ssn) 2381 tid_agg_rx->ssn)
2330 % tid_agg_rx->buf_size; 2382 % tid_agg_rx->buf_size;
2331 2383 ieee80211_release_reorder_frame(hw, tid_agg_rx,
2332 if (tid_agg_rx->reorder_buf[index]) { 2384 index);
2333 /* release the reordered frames to stack */
2334 memcpy(&status,
2335 tid_agg_rx->reorder_buf[index]->cb,
2336 sizeof(status));
2337 sband = local->hw.wiphy->bands[status.band];
2338 if (status.flag & RX_FLAG_HT) {
2339 /* TODO: HT rates */
2340 rate = sband->bitrates;
2341 } else {
2342 rate = &sband->bitrates
2343 [status.rate_idx];
2344 }
2345 __ieee80211_rx_handle_packet(hw,
2346 tid_agg_rx->reorder_buf[index],
2347 &status, rate);
2348 tid_agg_rx->stored_mpdu_num--;
2349 tid_agg_rx->reorder_buf[index] = NULL;
2350 }
2351 tid_agg_rx->head_seq_num =
2352 seq_inc(tid_agg_rx->head_seq_num);
2353 } 2385 }
2354 if (bar_req) 2386 if (bar_req)
2355 return 1; 2387 return 1;
@@ -2376,26 +2408,50 @@ static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2376 2408
2377 /* put the frame in the reordering buffer */ 2409 /* put the frame in the reordering buffer */
2378 tid_agg_rx->reorder_buf[index] = skb; 2410 tid_agg_rx->reorder_buf[index] = skb;
2411 tid_agg_rx->reorder_time[index] = jiffies;
2379 memcpy(tid_agg_rx->reorder_buf[index]->cb, rxstatus, 2412 memcpy(tid_agg_rx->reorder_buf[index]->cb, rxstatus,
2380 sizeof(*rxstatus)); 2413 sizeof(*rxstatus));
2381 tid_agg_rx->stored_mpdu_num++; 2414 tid_agg_rx->stored_mpdu_num++;
2382 /* release the buffer until next missing frame */ 2415 /* release the buffer until next missing frame */
2383 index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) 2416 index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn)
2384 % tid_agg_rx->buf_size; 2417 % tid_agg_rx->buf_size;
2385 while (tid_agg_rx->reorder_buf[index]) { 2418 if (!tid_agg_rx->reorder_buf[index] &&
2386 /* release the reordered frame back to stack */ 2419 tid_agg_rx->stored_mpdu_num > 1) {
2387 memcpy(&status, tid_agg_rx->reorder_buf[index]->cb, 2420 /*
2388 sizeof(status)); 2421 * No buffers ready to be released, but check whether any
2389 sband = local->hw.wiphy->bands[status.band]; 2422 * frames in the reorder buffer have timed out.
2390 if (status.flag & RX_FLAG_HT) 2423 */
2391 rate = sband->bitrates; /* TODO: HT rates */ 2424 int j;
2392 else 2425 int skipped = 1;
2393 rate = &sband->bitrates[status.rate_idx]; 2426 for (j = (index + 1) % tid_agg_rx->buf_size; j != index;
2394 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index], 2427 j = (j + 1) % tid_agg_rx->buf_size) {
2395 &status, rate); 2428 if (tid_agg_rx->reorder_buf[j] == NULL) {
2396 tid_agg_rx->stored_mpdu_num--; 2429 skipped++;
2397 tid_agg_rx->reorder_buf[index] = NULL; 2430 continue;
2398 tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num); 2431 }
2432 if (!time_after(jiffies, tid_agg_rx->reorder_time[j] +
2433 HZ / 10))
2434 break;
2435
2436#ifdef CONFIG_MAC80211_HT_DEBUG
2437 if (net_ratelimit())
2438 printk(KERN_DEBUG "%s: release an RX reorder "
2439 "frame due to timeout on earlier "
2440 "frames\n",
2441 wiphy_name(hw->wiphy));
2442#endif
2443 ieee80211_release_reorder_frame(hw, tid_agg_rx, j);
2444
2445 /*
2446 * Increment the head seq# also for the skipped slots.
2447 */
2448 tid_agg_rx->head_seq_num =
2449 (tid_agg_rx->head_seq_num + skipped) &
2450 SEQ_MASK;
2451 skipped = 0;
2452 }
2453 } else while (tid_agg_rx->reorder_buf[index]) {
2454 ieee80211_release_reorder_frame(hw, tid_agg_rx, index);
2399 index = seq_sub(tid_agg_rx->head_seq_num, 2455 index = seq_sub(tid_agg_rx->head_seq_num,
2400 tid_agg_rx->ssn) % tid_agg_rx->buf_size; 2456 tid_agg_rx->ssn) % tid_agg_rx->buf_size;
2401 } 2457 }
@@ -2517,6 +2573,18 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2517 return; 2573 return;
2518 } 2574 }
2519 2575
2576 /*
2577 * In theory, the block ack reordering should happen after duplicate
2578 * removal (ieee80211_rx_h_check(), which is an RX handler). As such,
2579 * the call to ieee80211_rx_reorder_ampdu() should really be moved to
2580 * happen as a new RX handler between ieee80211_rx_h_check and
2581 * ieee80211_rx_h_decrypt. This cleanup may eventually happen, but for
2582 * the time being, the call can be here since RX reorder buf processing
2583 * will implicitly skip duplicates. We could, in theory at least,
2584 * process frames that ieee80211_rx_h_passive_scan would drop (e.g.,
2585 * frames from other than operational channel), but that should not
2586 * happen in normal networks.
2587 */
2520 if (!ieee80211_rx_reorder_ampdu(local, skb, status)) 2588 if (!ieee80211_rx_reorder_ampdu(local, skb, status))
2521 __ieee80211_rx_handle_packet(hw, skb, status, rate); 2589 __ieee80211_rx_handle_packet(hw, skb, status, rate);
2522 2590
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 3bf9839f5916..e65d74ba404b 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -21,6 +21,7 @@
21#include <net/iw_handler.h> 21#include <net/iw_handler.h>
22 22
23#include "ieee80211_i.h" 23#include "ieee80211_i.h"
24#include "driver-ops.h"
24#include "mesh.h" 25#include "mesh.h"
25 26
26#define IEEE80211_PROBE_DELAY (HZ / 33) 27#define IEEE80211_PROBE_DELAY (HZ / 33)
@@ -202,18 +203,6 @@ ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
202 return RX_QUEUED; 203 return RX_QUEUED;
203} 204}
204 205
205void ieee80211_scan_failed(struct ieee80211_local *local)
206{
207 if (WARN_ON(!local->scan_req))
208 return;
209
210 /* notify cfg80211 about the failed scan */
211 if (local->scan_req != &local->int_scan_req)
212 cfg80211_scan_done(local->scan_req, true);
213
214 local->scan_req = NULL;
215}
216
217/* 206/*
218 * inform AP that we will go to sleep so that it will buffer the frames 207 * inform AP that we will go to sleep so that it will buffer the frames
219 * while we scan 208 * while we scan
@@ -253,7 +242,7 @@ static void ieee80211_scan_ps_disable(struct ieee80211_sub_if_data *sdata)
253{ 242{
254 struct ieee80211_local *local = sdata->local; 243 struct ieee80211_local *local = sdata->local;
255 244
256 if (!local->powersave) 245 if (!local->ps_sdata)
257 ieee80211_send_nullfunc(local, sdata, 0); 246 ieee80211_send_nullfunc(local, sdata, 0);
258 else { 247 else {
259 /* 248 /*
@@ -274,51 +263,62 @@ static void ieee80211_scan_ps_disable(struct ieee80211_sub_if_data *sdata)
274 } 263 }
275} 264}
276 265
266static void ieee80211_restore_scan_ies(struct ieee80211_local *local)
267{
268 kfree(local->scan_req->ie);
269 local->scan_req->ie = local->orig_ies;
270 local->scan_req->ie_len = local->orig_ies_len;
271}
272
277void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted) 273void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
278{ 274{
279 struct ieee80211_local *local = hw_to_local(hw); 275 struct ieee80211_local *local = hw_to_local(hw);
280 struct ieee80211_sub_if_data *sdata; 276 struct ieee80211_sub_if_data *sdata;
277 bool was_hw_scan;
281 278
282 if (WARN_ON(!local->hw_scanning && !local->sw_scanning)) 279 mutex_lock(&local->scan_mtx);
280
281 if (WARN_ON(!local->hw_scanning && !local->sw_scanning)) {
282 mutex_unlock(&local->scan_mtx);
283 return; 283 return;
284 }
284 285
285 if (WARN_ON(!local->scan_req)) 286 if (WARN_ON(!local->scan_req)) {
287 mutex_unlock(&local->scan_mtx);
286 return; 288 return;
289 }
290
291 if (local->hw_scanning)
292 ieee80211_restore_scan_ies(local);
287 293
288 if (local->scan_req != &local->int_scan_req) 294 if (local->scan_req != &local->int_scan_req)
289 cfg80211_scan_done(local->scan_req, aborted); 295 cfg80211_scan_done(local->scan_req, aborted);
290 local->scan_req = NULL; 296 local->scan_req = NULL;
291 297
292 local->last_scan_completed = jiffies; 298 was_hw_scan = local->hw_scanning;
299 local->hw_scanning = false;
300 local->sw_scanning = false;
301 local->scan_channel = NULL;
293 302
294 if (local->hw_scanning) { 303 /* we only have to protect scan_req and hw/sw scan */
295 local->hw_scanning = false; 304 mutex_unlock(&local->scan_mtx);
296 /*
297 * Somebody might have requested channel change during scan
298 * that we won't have acted upon, try now. ieee80211_hw_config
299 * will set the flag based on actual changes.
300 */
301 ieee80211_hw_config(local, 0);
302 goto done;
303 }
304 305
305 local->sw_scanning = false;
306 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 306 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
307 if (was_hw_scan)
308 goto done;
307 309
308 netif_tx_lock_bh(local->mdev); 310 netif_tx_lock_bh(local->mdev);
309 netif_addr_lock(local->mdev); 311 netif_addr_lock(local->mdev);
310 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC; 312 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
311 local->ops->configure_filter(local_to_hw(local), 313 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC,
312 FIF_BCN_PRBRESP_PROMISC, 314 &local->filter_flags,
313 &local->filter_flags, 315 local->mdev->mc_count,
314 local->mdev->mc_count, 316 local->mdev->mc_list);
315 local->mdev->mc_list);
316 317
317 netif_addr_unlock(local->mdev); 318 netif_addr_unlock(local->mdev);
318 netif_tx_unlock_bh(local->mdev); 319 netif_tx_unlock_bh(local->mdev);
319 320
320 if (local->ops->sw_scan_complete) 321 drv_sw_scan_complete(local);
321 local->ops->sw_scan_complete(local_to_hw(local));
322 322
323 mutex_lock(&local->iflist_mtx); 323 mutex_lock(&local->iflist_mtx);
324 list_for_each_entry(sdata, &local->interfaces, list) { 324 list_for_each_entry(sdata, &local->interfaces, list) {
@@ -338,18 +338,160 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
338 if (sdata->vif.type == NL80211_IFTYPE_AP || 338 if (sdata->vif.type == NL80211_IFTYPE_AP ||
339 sdata->vif.type == NL80211_IFTYPE_ADHOC || 339 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
340 sdata->vif.type == NL80211_IFTYPE_MESH_POINT) 340 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
341 ieee80211_if_config(sdata, 341 ieee80211_bss_info_change_notify(
342 IEEE80211_IFCC_BEACON_ENABLED); 342 sdata, BSS_CHANGED_BEACON_ENABLED);
343 } 343 }
344 mutex_unlock(&local->iflist_mtx); 344 mutex_unlock(&local->iflist_mtx);
345 345
346 done: 346 done:
347 ieee80211_recalc_idle(local);
347 ieee80211_mlme_notify_scan_completed(local); 348 ieee80211_mlme_notify_scan_completed(local);
348 ieee80211_ibss_notify_scan_completed(local); 349 ieee80211_ibss_notify_scan_completed(local);
349 ieee80211_mesh_notify_scan_completed(local); 350 ieee80211_mesh_notify_scan_completed(local);
350} 351}
351EXPORT_SYMBOL(ieee80211_scan_completed); 352EXPORT_SYMBOL(ieee80211_scan_completed);
352 353
354static int ieee80211_start_sw_scan(struct ieee80211_local *local)
355{
356 struct ieee80211_sub_if_data *sdata;
357
358 /*
359 * Hardware/driver doesn't support hw_scan, so use software
360 * scanning instead. First send a nullfunc frame with power save
361 * bit on so that AP will buffer the frames for us while we are not
362 * listening, then send probe requests to each channel and wait for
363 * the responses. After all channels are scanned, tune back to the
364 * original channel and send a nullfunc frame with power save bit
365 * off to trigger the AP to send us all the buffered frames.
366 *
367 * Note that while local->sw_scanning is true everything else but
368 * nullfunc frames and probe requests will be dropped in
369 * ieee80211_tx_h_check_assoc().
370 */
371 drv_sw_scan_start(local);
372
373 mutex_lock(&local->iflist_mtx);
374 list_for_each_entry(sdata, &local->interfaces, list) {
375 if (!netif_running(sdata->dev))
376 continue;
377
378 /* disable beaconing */
379 if (sdata->vif.type == NL80211_IFTYPE_AP ||
380 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
381 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
382 ieee80211_bss_info_change_notify(
383 sdata, BSS_CHANGED_BEACON_ENABLED);
384
385 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
386 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) {
387 netif_tx_stop_all_queues(sdata->dev);
388 ieee80211_scan_ps_enable(sdata);
389 }
390 } else
391 netif_tx_stop_all_queues(sdata->dev);
392 }
393 mutex_unlock(&local->iflist_mtx);
394
395 local->scan_state = SCAN_SET_CHANNEL;
396 local->scan_channel_idx = 0;
397
398 netif_addr_lock_bh(local->mdev);
399 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
400 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC,
401 &local->filter_flags,
402 local->mdev->mc_count,
403 local->mdev->mc_list);
404 netif_addr_unlock_bh(local->mdev);
405
406 /* TODO: start scan as soon as all nullfunc frames are ACKed */
407 queue_delayed_work(local->hw.workqueue, &local->scan_work,
408 IEEE80211_CHANNEL_TIME);
409
410 return 0;
411}
412
413
414static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
415 struct cfg80211_scan_request *req)
416{
417 struct ieee80211_local *local = sdata->local;
418 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
419 int rc;
420
421 if (local->scan_req)
422 return -EBUSY;
423
424 if (local->ops->hw_scan) {
425 u8 *ies;
426 int ielen;
427
428 ies = kmalloc(2 + IEEE80211_MAX_SSID_LEN +
429 local->scan_ies_len + req->ie_len, GFP_KERNEL);
430 if (!ies)
431 return -ENOMEM;
432
433 ielen = ieee80211_build_preq_ies(local, ies,
434 req->ie, req->ie_len);
435 local->orig_ies = req->ie;
436 local->orig_ies_len = req->ie_len;
437 req->ie = ies;
438 req->ie_len = ielen;
439 }
440
441 local->scan_req = req;
442 local->scan_sdata = sdata;
443
444 if (req != &local->int_scan_req &&
445 sdata->vif.type == NL80211_IFTYPE_STATION &&
446 (ifmgd->state == IEEE80211_STA_MLME_DIRECT_PROBE ||
447 ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE ||
448 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE)) {
449 /* actually wait for the assoc to finish/time out */
450 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request);
451 return 0;
452 }
453
454 if (local->ops->hw_scan)
455 local->hw_scanning = true;
456 else
457 local->sw_scanning = true;
458 /*
459 * Kicking off the scan need not be protected,
460 * only the scan variable stuff, since now
461 * local->scan_req is assigned and other callers
462 * will abort their scan attempts.
463 *
464 * This avoids getting a scan_mtx -> iflist_mtx
465 * dependency, so that the scan completed calls
466 * have more locking freedom.
467 */
468
469 ieee80211_recalc_idle(local);
470 mutex_unlock(&local->scan_mtx);
471
472 if (local->ops->hw_scan)
473 rc = drv_hw_scan(local, local->scan_req);
474 else
475 rc = ieee80211_start_sw_scan(local);
476
477 mutex_lock(&local->scan_mtx);
478
479 if (rc) {
480 if (local->ops->hw_scan) {
481 local->hw_scanning = false;
482 ieee80211_restore_scan_ies(local);
483 } else
484 local->sw_scanning = false;
485
486 ieee80211_recalc_idle(local);
487
488 local->scan_req = NULL;
489 local->scan_sdata = NULL;
490 }
491
492 return rc;
493}
494
353void ieee80211_scan_work(struct work_struct *work) 495void ieee80211_scan_work(struct work_struct *work)
354{ 496{
355 struct ieee80211_local *local = 497 struct ieee80211_local *local =
@@ -359,17 +501,41 @@ void ieee80211_scan_work(struct work_struct *work)
359 int skip, i; 501 int skip, i;
360 unsigned long next_delay = 0; 502 unsigned long next_delay = 0;
361 503
504 mutex_lock(&local->scan_mtx);
505 if (!sdata || !local->scan_req) {
506 mutex_unlock(&local->scan_mtx);
507 return;
508 }
509
510 if (local->scan_req && !(local->sw_scanning || local->hw_scanning)) {
511 struct cfg80211_scan_request *req = local->scan_req;
512 int rc;
513
514 local->scan_req = NULL;
515
516 rc = __ieee80211_start_scan(sdata, req);
517 mutex_unlock(&local->scan_mtx);
518
519 if (rc)
520 ieee80211_scan_completed(&local->hw, true);
521 return;
522 }
523
524 mutex_unlock(&local->scan_mtx);
525
362 /* 526 /*
363 * Avoid re-scheduling when the sdata is going away. 527 * Avoid re-scheduling when the sdata is going away.
364 */ 528 */
365 if (!netif_running(sdata->dev)) 529 if (!netif_running(sdata->dev)) {
530 ieee80211_scan_completed(&local->hw, true);
366 return; 531 return;
532 }
367 533
368 switch (local->scan_state) { 534 switch (local->scan_state) {
369 case SCAN_SET_CHANNEL: 535 case SCAN_SET_CHANNEL:
370 /* if no more bands/channels left, complete scan */ 536 /* if no more bands/channels left, complete scan */
371 if (local->scan_channel_idx >= local->scan_req->n_channels) { 537 if (local->scan_channel_idx >= local->scan_req->n_channels) {
372 ieee80211_scan_completed(local_to_hw(local), false); 538 ieee80211_scan_completed(&local->hw, false);
373 return; 539 return;
374 } 540 }
375 skip = 0; 541 skip = 0;
@@ -393,24 +559,39 @@ void ieee80211_scan_work(struct work_struct *work)
393 if (skip) 559 if (skip)
394 break; 560 break;
395 561
396 next_delay = IEEE80211_PROBE_DELAY + 562 /*
397 usecs_to_jiffies(local->hw.channel_change_time); 563 * Probe delay is used to update the NAV, cf. 11.1.3.2.2
564 * (which unfortunately doesn't say _why_ step a) is done,
565 * but it waits for the probe delay or until a frame is
566 * received - and the received frame would update the NAV).
567 * For now, we do not support waiting until a frame is
568 * received.
569 *
570 * In any case, it is not necessary for a passive scan.
571 */
572 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
573 !local->scan_req->n_ssids) {
574 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
575 break;
576 }
577
578 next_delay = IEEE80211_PROBE_DELAY;
398 local->scan_state = SCAN_SEND_PROBE; 579 local->scan_state = SCAN_SEND_PROBE;
399 break; 580 break;
400 case SCAN_SEND_PROBE: 581 case SCAN_SEND_PROBE:
401 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
402 local->scan_state = SCAN_SET_CHANNEL;
403
404 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
405 !local->scan_req->n_ssids)
406 break;
407 for (i = 0; i < local->scan_req->n_ssids; i++) 582 for (i = 0; i < local->scan_req->n_ssids; i++)
408 ieee80211_send_probe_req( 583 ieee80211_send_probe_req(
409 sdata, NULL, 584 sdata, NULL,
410 local->scan_req->ssids[i].ssid, 585 local->scan_req->ssids[i].ssid,
411 local->scan_req->ssids[i].ssid_len, 586 local->scan_req->ssids[i].ssid_len,
412 local->scan_req->ie, local->scan_req->ie_len); 587 local->scan_req->ie, local->scan_req->ie_len);
588
589 /*
590 * After sending probe requests, wait for probe responses
591 * on the channel.
592 */
413 next_delay = IEEE80211_CHANNEL_TIME; 593 next_delay = IEEE80211_CHANNEL_TIME;
594 local->scan_state = SCAN_SET_CHANNEL;
414 break; 595 break;
415 } 596 }
416 597
@@ -418,150 +599,35 @@ void ieee80211_scan_work(struct work_struct *work)
418 next_delay); 599 next_delay);
419} 600}
420 601
421 602int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
422int ieee80211_start_scan(struct ieee80211_sub_if_data *scan_sdata, 603 struct cfg80211_scan_request *req)
423 struct cfg80211_scan_request *req)
424{ 604{
425 struct ieee80211_local *local = scan_sdata->local; 605 int res;
426 struct ieee80211_sub_if_data *sdata;
427
428 if (!req)
429 return -EINVAL;
430 606
431 if (local->scan_req && local->scan_req != req) 607 mutex_lock(&sdata->local->scan_mtx);
432 return -EBUSY; 608 res = __ieee80211_start_scan(sdata, req);
433 609 mutex_unlock(&sdata->local->scan_mtx);
434 local->scan_req = req;
435
436 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
437 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
438 * BSSID: MACAddress
439 * SSID
440 * ScanType: ACTIVE, PASSIVE
441 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
442 * a Probe frame during active scanning
443 * ChannelList
444 * MinChannelTime (>= ProbeDelay), in TU
445 * MaxChannelTime: (>= MinChannelTime), in TU
446 */
447
448 /* MLME-SCAN.confirm
449 * BSSDescriptionSet
450 * ResultCode: SUCCESS, INVALID_PARAMETERS
451 */
452 610
453 if (local->sw_scanning || local->hw_scanning) { 611 return res;
454 if (local->scan_sdata == scan_sdata)
455 return 0;
456 return -EBUSY;
457 }
458
459 if (local->ops->hw_scan) {
460 int rc;
461
462 local->hw_scanning = true;
463 rc = local->ops->hw_scan(local_to_hw(local), req);
464 if (rc) {
465 local->hw_scanning = false;
466 return rc;
467 }
468 local->scan_sdata = scan_sdata;
469 return 0;
470 }
471
472 /*
473 * Hardware/driver doesn't support hw_scan, so use software
474 * scanning instead. First send a nullfunc frame with power save
475 * bit on so that AP will buffer the frames for us while we are not
476 * listening, then send probe requests to each channel and wait for
477 * the responses. After all channels are scanned, tune back to the
478 * original channel and send a nullfunc frame with power save bit
479 * off to trigger the AP to send us all the buffered frames.
480 *
481 * Note that while local->sw_scanning is true everything else but
482 * nullfunc frames and probe requests will be dropped in
483 * ieee80211_tx_h_check_assoc().
484 */
485 local->sw_scanning = true;
486 if (local->ops->sw_scan_start)
487 local->ops->sw_scan_start(local_to_hw(local));
488
489 mutex_lock(&local->iflist_mtx);
490 list_for_each_entry(sdata, &local->interfaces, list) {
491 if (!netif_running(sdata->dev))
492 continue;
493
494 /* disable beaconing */
495 if (sdata->vif.type == NL80211_IFTYPE_AP ||
496 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
497 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
498 ieee80211_if_config(sdata,
499 IEEE80211_IFCC_BEACON_ENABLED);
500
501 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
502 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) {
503 netif_tx_stop_all_queues(sdata->dev);
504 ieee80211_scan_ps_enable(sdata);
505 }
506 } else
507 netif_tx_stop_all_queues(sdata->dev);
508 }
509 mutex_unlock(&local->iflist_mtx);
510
511 local->scan_state = SCAN_SET_CHANNEL;
512 local->scan_channel_idx = 0;
513 local->scan_sdata = scan_sdata;
514 local->scan_req = req;
515
516 netif_addr_lock_bh(local->mdev);
517 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
518 local->ops->configure_filter(local_to_hw(local),
519 FIF_BCN_PRBRESP_PROMISC,
520 &local->filter_flags,
521 local->mdev->mc_count,
522 local->mdev->mc_list);
523 netif_addr_unlock_bh(local->mdev);
524
525 /* TODO: start scan as soon as all nullfunc frames are ACKed */
526 queue_delayed_work(local->hw.workqueue, &local->scan_work,
527 IEEE80211_CHANNEL_TIME);
528
529 return 0;
530} 612}
531 613
532 614int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
533int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 615 const u8 *ssid, u8 ssid_len)
534 struct cfg80211_scan_request *req)
535{ 616{
536 struct ieee80211_local *local = sdata->local; 617 struct ieee80211_local *local = sdata->local;
537 struct ieee80211_if_managed *ifmgd; 618 int ret = -EBUSY;
538 619
539 if (!req) 620 mutex_lock(&local->scan_mtx);
540 return -EINVAL;
541 621
542 if (local->scan_req && local->scan_req != req) 622 /* busy scanning */
543 return -EBUSY; 623 if (local->scan_req)
624 goto unlock;
544 625
545 local->scan_req = req; 626 memcpy(local->int_scan_req.ssids[0].ssid, ssid, IEEE80211_MAX_SSID_LEN);
627 local->int_scan_req.ssids[0].ssid_len = ssid_len;
546 628
547 if (sdata->vif.type != NL80211_IFTYPE_STATION) 629 ret = __ieee80211_start_scan(sdata, &sdata->local->int_scan_req);
548 return ieee80211_start_scan(sdata, req); 630 unlock:
549 631 mutex_unlock(&local->scan_mtx);
550 /* 632 return ret;
551 * STA has a state machine that might need to defer scanning
552 * while it's trying to associate/authenticate, therefore we
553 * queue it up to the state machine in that case.
554 */
555
556 if (local->sw_scanning || local->hw_scanning) {
557 if (local->scan_sdata == sdata)
558 return 0;
559 return -EBUSY;
560 }
561
562 ifmgd = &sdata->u.mgd;
563 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request);
564 queue_work(local->hw.workqueue, &ifmgd->work);
565
566 return 0;
567} 633}
diff --git a/net/mac80211/spectmgmt.c b/net/mac80211/spectmgmt.c
index 5f7a2624ed74..48bf78e7fa7a 100644
--- a/net/mac80211/spectmgmt.c
+++ b/net/mac80211/spectmgmt.c
@@ -15,7 +15,7 @@
15 */ 15 */
16 16
17#include <linux/ieee80211.h> 17#include <linux/ieee80211.h>
18#include <net/wireless.h> 18#include <net/cfg80211.h>
19#include <net/mac80211.h> 19#include <net/mac80211.h>
20#include "ieee80211_i.h" 20#include "ieee80211_i.h"
21#include "sta_info.h" 21#include "sta_info.h"
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index c5f14e6bbde2..a98ea273a155 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -19,6 +19,7 @@
19 19
20#include <net/mac80211.h> 20#include <net/mac80211.h>
21#include "ieee80211_i.h" 21#include "ieee80211_i.h"
22#include "driver-ops.h"
22#include "rate.h" 23#include "rate.h"
23#include "sta_info.h" 24#include "sta_info.h"
24#include "debugfs_sta.h" 25#include "debugfs_sta.h"
@@ -346,8 +347,7 @@ int sta_info_insert(struct sta_info *sta)
346 struct ieee80211_sub_if_data, 347 struct ieee80211_sub_if_data,
347 u.ap); 348 u.ap);
348 349
349 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 350 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_ADD, &sta->sta);
350 STA_NOTIFY_ADD, &sta->sta);
351 } 351 }
352 352
353#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 353#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
@@ -405,8 +405,7 @@ static void __sta_info_set_tim_bit(struct ieee80211_if_ap *bss,
405 405
406 if (sta->local->ops->set_tim) { 406 if (sta->local->ops->set_tim) {
407 sta->local->tim_in_locked_section = true; 407 sta->local->tim_in_locked_section = true;
408 sta->local->ops->set_tim(local_to_hw(sta->local), 408 drv_set_tim(sta->local, &sta->sta, true);
409 &sta->sta, true);
410 sta->local->tim_in_locked_section = false; 409 sta->local->tim_in_locked_section = false;
411 } 410 }
412} 411}
@@ -431,8 +430,7 @@ static void __sta_info_clear_tim_bit(struct ieee80211_if_ap *bss,
431 430
432 if (sta->local->ops->set_tim) { 431 if (sta->local->ops->set_tim) {
433 sta->local->tim_in_locked_section = true; 432 sta->local->tim_in_locked_section = true;
434 sta->local->ops->set_tim(local_to_hw(sta->local), 433 drv_set_tim(sta->local, &sta->sta, false);
435 &sta->sta, false);
436 sta->local->tim_in_locked_section = false; 434 sta->local->tim_in_locked_section = false;
437 } 435 }
438} 436}
@@ -482,8 +480,8 @@ static void __sta_info_unlink(struct sta_info **sta)
482 struct ieee80211_sub_if_data, 480 struct ieee80211_sub_if_data,
483 u.ap); 481 u.ap);
484 482
485 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 483 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_REMOVE,
486 STA_NOTIFY_REMOVE, &(*sta)->sta); 484 &(*sta)->sta);
487 } 485 }
488 486
489 if (ieee80211_vif_is_mesh(&sdata->vif)) { 487 if (ieee80211_vif_is_mesh(&sdata->vif)) {
@@ -543,9 +541,8 @@ void sta_info_unlink(struct sta_info **sta)
543 spin_unlock_irqrestore(&local->sta_lock, flags); 541 spin_unlock_irqrestore(&local->sta_lock, flags);
544} 542}
545 543
546static inline int sta_info_buffer_expired(struct ieee80211_local *local, 544static int sta_info_buffer_expired(struct sta_info *sta,
547 struct sta_info *sta, 545 struct sk_buff *skb)
548 struct sk_buff *skb)
549{ 546{
550 struct ieee80211_tx_info *info; 547 struct ieee80211_tx_info *info;
551 int timeout; 548 int timeout;
@@ -556,8 +553,9 @@ static inline int sta_info_buffer_expired(struct ieee80211_local *local,
556 info = IEEE80211_SKB_CB(skb); 553 info = IEEE80211_SKB_CB(skb);
557 554
558 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */ 555 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */
559 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 / 556 timeout = (sta->listen_interval *
560 15625) * HZ; 557 sta->sdata->vif.bss_conf.beacon_int *
558 32 / 15625) * HZ;
561 if (timeout < STA_TX_BUFFER_EXPIRE) 559 if (timeout < STA_TX_BUFFER_EXPIRE)
562 timeout = STA_TX_BUFFER_EXPIRE; 560 timeout = STA_TX_BUFFER_EXPIRE;
563 return time_after(jiffies, info->control.jiffies + timeout); 561 return time_after(jiffies, info->control.jiffies + timeout);
@@ -577,7 +575,7 @@ static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
577 for (;;) { 575 for (;;) {
578 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags); 576 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags);
579 skb = skb_peek(&sta->ps_tx_buf); 577 skb = skb_peek(&sta->ps_tx_buf);
580 if (sta_info_buffer_expired(local, sta, skb)) 578 if (sta_info_buffer_expired(sta, skb))
581 skb = __skb_dequeue(&sta->ps_tx_buf); 579 skb = __skb_dequeue(&sta->ps_tx_buf);
582 else 580 else
583 skb = NULL; 581 skb = NULL;
@@ -686,41 +684,10 @@ static void sta_info_debugfs_add_work(struct work_struct *work)
686} 684}
687#endif 685#endif
688 686
689static void __ieee80211_run_pending_flush(struct ieee80211_local *local)
690{
691 struct sta_info *sta;
692 unsigned long flags;
693
694 ASSERT_RTNL();
695
696 spin_lock_irqsave(&local->sta_lock, flags);
697 while (!list_empty(&local->sta_flush_list)) {
698 sta = list_first_entry(&local->sta_flush_list,
699 struct sta_info, list);
700 list_del(&sta->list);
701 spin_unlock_irqrestore(&local->sta_lock, flags);
702 sta_info_destroy(sta);
703 spin_lock_irqsave(&local->sta_lock, flags);
704 }
705 spin_unlock_irqrestore(&local->sta_lock, flags);
706}
707
708static void ieee80211_sta_flush_work(struct work_struct *work)
709{
710 struct ieee80211_local *local =
711 container_of(work, struct ieee80211_local, sta_flush_work);
712
713 rtnl_lock();
714 __ieee80211_run_pending_flush(local);
715 rtnl_unlock();
716}
717
718void sta_info_init(struct ieee80211_local *local) 687void sta_info_init(struct ieee80211_local *local)
719{ 688{
720 spin_lock_init(&local->sta_lock); 689 spin_lock_init(&local->sta_lock);
721 INIT_LIST_HEAD(&local->sta_list); 690 INIT_LIST_HEAD(&local->sta_list);
722 INIT_LIST_HEAD(&local->sta_flush_list);
723 INIT_WORK(&local->sta_flush_work, ieee80211_sta_flush_work);
724 691
725 setup_timer(&local->sta_cleanup, sta_info_cleanup, 692 setup_timer(&local->sta_cleanup, sta_info_cleanup,
726 (unsigned long)local); 693 (unsigned long)local);
@@ -741,7 +708,6 @@ int sta_info_start(struct ieee80211_local *local)
741void sta_info_stop(struct ieee80211_local *local) 708void sta_info_stop(struct ieee80211_local *local)
742{ 709{
743 del_timer(&local->sta_cleanup); 710 del_timer(&local->sta_cleanup);
744 cancel_work_sync(&local->sta_flush_work);
745#ifdef CONFIG_MAC80211_DEBUGFS 711#ifdef CONFIG_MAC80211_DEBUGFS
746 /* 712 /*
747 * Make sure the debugfs adding work isn't pending after this 713 * Make sure the debugfs adding work isn't pending after this
@@ -752,10 +718,7 @@ void sta_info_stop(struct ieee80211_local *local)
752 cancel_work_sync(&local->sta_debugfs_add); 718 cancel_work_sync(&local->sta_debugfs_add);
753#endif 719#endif
754 720
755 rtnl_lock();
756 sta_info_flush(local, NULL); 721 sta_info_flush(local, NULL);
757 __ieee80211_run_pending_flush(local);
758 rtnl_unlock();
759} 722}
760 723
761/** 724/**
@@ -767,7 +730,7 @@ void sta_info_stop(struct ieee80211_local *local)
767 * @sdata: matching rule for the net device (sta->dev) or %NULL to match all STAs 730 * @sdata: matching rule for the net device (sta->dev) or %NULL to match all STAs
768 */ 731 */
769int sta_info_flush(struct ieee80211_local *local, 732int sta_info_flush(struct ieee80211_local *local,
770 struct ieee80211_sub_if_data *sdata) 733 struct ieee80211_sub_if_data *sdata)
771{ 734{
772 struct sta_info *sta, *tmp; 735 struct sta_info *sta, *tmp;
773 LIST_HEAD(tmp_list); 736 LIST_HEAD(tmp_list);
@@ -775,7 +738,6 @@ int sta_info_flush(struct ieee80211_local *local,
775 unsigned long flags; 738 unsigned long flags;
776 739
777 might_sleep(); 740 might_sleep();
778 ASSERT_RTNL();
779 741
780 spin_lock_irqsave(&local->sta_lock, flags); 742 spin_lock_irqsave(&local->sta_lock, flags);
781 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) { 743 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
@@ -795,39 +757,6 @@ int sta_info_flush(struct ieee80211_local *local,
795 return ret; 757 return ret;
796} 758}
797 759
798/**
799 * sta_info_flush_delayed - flush matching STA entries from the STA table
800 *
801 * This function unlinks all stations for a given interface and queues
802 * them for freeing. Note that the workqueue function scheduled here has
803 * to run before any new keys can be added to the system to avoid set_key()
804 * callback ordering issues.
805 *
806 * @sdata: the interface
807 */
808void sta_info_flush_delayed(struct ieee80211_sub_if_data *sdata)
809{
810 struct ieee80211_local *local = sdata->local;
811 struct sta_info *sta, *tmp;
812 unsigned long flags;
813 bool work = false;
814
815 spin_lock_irqsave(&local->sta_lock, flags);
816 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
817 if (sdata == sta->sdata) {
818 __sta_info_unlink(&sta);
819 if (sta) {
820 list_add_tail(&sta->list,
821 &local->sta_flush_list);
822 work = true;
823 }
824 }
825 }
826 if (work)
827 schedule_work(&local->sta_flush_work);
828 spin_unlock_irqrestore(&local->sta_lock, flags);
829}
830
831void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata, 760void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata,
832 unsigned long exp_time) 761 unsigned long exp_time)
833{ 762{
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 5534d489f506..164b16cbe0a5 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -88,6 +88,7 @@ struct tid_ampdu_tx {
88 * struct tid_ampdu_rx - TID aggregation information (Rx). 88 * struct tid_ampdu_rx - TID aggregation information (Rx).
89 * 89 *
90 * @reorder_buf: buffer to reorder incoming aggregated MPDUs 90 * @reorder_buf: buffer to reorder incoming aggregated MPDUs
91 * @reorder_time: jiffies when skb was added
91 * @session_timer: check if peer keeps Tx-ing on the TID (by timeout value) 92 * @session_timer: check if peer keeps Tx-ing on the TID (by timeout value)
92 * @head_seq_num: head sequence number in reordering buffer. 93 * @head_seq_num: head sequence number in reordering buffer.
93 * @stored_mpdu_num: number of MPDUs in reordering buffer 94 * @stored_mpdu_num: number of MPDUs in reordering buffer
@@ -99,6 +100,7 @@ struct tid_ampdu_tx {
99 */ 100 */
100struct tid_ampdu_rx { 101struct tid_ampdu_rx {
101 struct sk_buff **reorder_buf; 102 struct sk_buff **reorder_buf;
103 unsigned long *reorder_time;
102 struct timer_list session_timer; 104 struct timer_list session_timer;
103 u16 head_seq_num; 105 u16 head_seq_num;
104 u16 stored_mpdu_num; 106 u16 stored_mpdu_num;
@@ -442,8 +444,7 @@ void sta_info_init(struct ieee80211_local *local);
442int sta_info_start(struct ieee80211_local *local); 444int sta_info_start(struct ieee80211_local *local);
443void sta_info_stop(struct ieee80211_local *local); 445void sta_info_stop(struct ieee80211_local *local);
444int sta_info_flush(struct ieee80211_local *local, 446int sta_info_flush(struct ieee80211_local *local,
445 struct ieee80211_sub_if_data *sdata); 447 struct ieee80211_sub_if_data *sdata);
446void sta_info_flush_delayed(struct ieee80211_sub_if_data *sdata);
447void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata, 448void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata,
448 unsigned long exp_time); 449 unsigned long exp_time);
449 450
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index 38fa111d2dc6..964b7faa7f17 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -13,6 +13,7 @@
13#include <asm/unaligned.h> 13#include <asm/unaligned.h>
14 14
15#include <net/mac80211.h> 15#include <net/mac80211.h>
16#include "driver-ops.h"
16#include "key.h" 17#include "key.h"
17#include "tkip.h" 18#include "tkip.h"
18#include "wep.h" 19#include "wep.h"
@@ -307,9 +308,8 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
307 if (is_multicast_ether_addr(ra)) 308 if (is_multicast_ether_addr(ra))
308 sta_addr = bcast; 309 sta_addr = bcast;
309 310
310 key->local->ops->update_tkip_key( 311 drv_update_tkip_key(key->local, &key->conf, sta_addr,
311 local_to_hw(key->local), &key->conf, 312 iv32, key->u.tkip.rx[queue].p1k);
312 sta_addr, iv32, key->u.tkip.rx[queue].p1k);
313 } 313 }
314 } 314 }
315 315
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 63656266d567..8f68bf9746d0 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -25,6 +25,7 @@
25#include <asm/unaligned.h> 25#include <asm/unaligned.h>
26 26
27#include "ieee80211_i.h" 27#include "ieee80211_i.h"
28#include "driver-ops.h"
28#include "led.h" 29#include "led.h"
29#include "mesh.h" 30#include "mesh.h"
30#include "wep.h" 31#include "wep.h"
@@ -409,8 +410,24 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
409 sta->sta.addr); 410 sta->sta.addr);
410 } 411 }
411#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 412#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
412 clear_sta_flags(sta, WLAN_STA_PSPOLL); 413 if (test_and_clear_sta_flags(sta, WLAN_STA_PSPOLL)) {
414 /*
415 * The sleeping station with pending data is now snoozing.
416 * It queried us for its buffered frames and will go back
417 * to deep sleep once it got everything.
418 *
419 * inform the driver, in case the hardware does powersave
420 * frame filtering and keeps a station blacklist on its own
421 * (e.g: p54), so that frames can be delivered unimpeded.
422 *
423 * Note: It should be save to disable the filter now.
424 * As, it is really unlikely that we still have any pending
425 * frame for this station in the hw's buffers/fifos left,
426 * that is not rejected with a unsuccessful tx_status yet.
427 */
413 428
429 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
430 }
414 return TX_CONTINUE; 431 return TX_CONTINUE;
415} 432}
416 433
@@ -429,7 +446,7 @@ ieee80211_tx_h_ps_buf(struct ieee80211_tx_data *tx)
429static ieee80211_tx_result debug_noinline 446static ieee80211_tx_result debug_noinline
430ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx) 447ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
431{ 448{
432 struct ieee80211_key *key; 449 struct ieee80211_key *key = NULL;
433 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb); 450 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
434 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; 451 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
435 452
@@ -500,7 +517,7 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
500 sband = tx->local->hw.wiphy->bands[tx->channel->band]; 517 sband = tx->local->hw.wiphy->bands[tx->channel->band];
501 518
502 len = min_t(int, tx->skb->len + FCS_LEN, 519 len = min_t(int, tx->skb->len + FCS_LEN,
503 tx->local->fragmentation_threshold); 520 tx->local->hw.wiphy->frag_threshold);
504 521
505 /* set up the tx rate control struct we give the RC algo */ 522 /* set up the tx rate control struct we give the RC algo */
506 txrc.hw = local_to_hw(tx->local); 523 txrc.hw = local_to_hw(tx->local);
@@ -511,8 +528,7 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
511 txrc.max_rate_idx = tx->sdata->max_ratectrl_rateidx; 528 txrc.max_rate_idx = tx->sdata->max_ratectrl_rateidx;
512 529
513 /* set up RTS protection if desired */ 530 /* set up RTS protection if desired */
514 if (tx->local->rts_threshold < IEEE80211_MAX_RTS_THRESHOLD && 531 if (len > tx->local->hw.wiphy->rts_threshold) {
515 len > tx->local->rts_threshold) {
516 txrc.rts = rts = true; 532 txrc.rts = rts = true;
517 } 533 }
518 534
@@ -542,6 +558,10 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
542 if (unlikely(!info->control.rates[0].count)) 558 if (unlikely(!info->control.rates[0].count))
543 info->control.rates[0].count = 1; 559 info->control.rates[0].count = 1;
544 560
561 if (WARN_ON_ONCE((info->control.rates[0].count > 1) &&
562 (info->flags & IEEE80211_TX_CTL_NO_ACK)))
563 info->control.rates[0].count = 1;
564
545 if (is_multicast_ether_addr(hdr->addr1)) { 565 if (is_multicast_ether_addr(hdr->addr1)) {
546 /* 566 /*
547 * XXX: verify the rate is in the basic rateset 567 * XXX: verify the rate is in the basic rateset
@@ -754,7 +774,7 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
754 struct sk_buff *skb = tx->skb; 774 struct sk_buff *skb = tx->skb;
755 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 775 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
756 struct ieee80211_hdr *hdr = (void *)skb->data; 776 struct ieee80211_hdr *hdr = (void *)skb->data;
757 int frag_threshold = tx->local->fragmentation_threshold; 777 int frag_threshold = tx->local->hw.wiphy->frag_threshold;
758 int hdrlen; 778 int hdrlen;
759 int fragnum; 779 int fragnum;
760 780
@@ -1067,12 +1087,15 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1067 info->flags |= IEEE80211_TX_CTL_NO_ACK; 1087 info->flags |= IEEE80211_TX_CTL_NO_ACK;
1068 } else { 1088 } else {
1069 tx->flags |= IEEE80211_TX_UNICAST; 1089 tx->flags |= IEEE80211_TX_UNICAST;
1070 info->flags &= ~IEEE80211_TX_CTL_NO_ACK; 1090 if (unlikely(local->wifi_wme_noack_test))
1091 info->flags |= IEEE80211_TX_CTL_NO_ACK;
1092 else
1093 info->flags &= ~IEEE80211_TX_CTL_NO_ACK;
1071 } 1094 }
1072 1095
1073 if (tx->flags & IEEE80211_TX_FRAGMENTED) { 1096 if (tx->flags & IEEE80211_TX_FRAGMENTED) {
1074 if ((tx->flags & IEEE80211_TX_UNICAST) && 1097 if ((tx->flags & IEEE80211_TX_UNICAST) &&
1075 skb->len + FCS_LEN > local->fragmentation_threshold && 1098 skb->len + FCS_LEN > local->hw.wiphy->frag_threshold &&
1076 !(info->flags & IEEE80211_TX_CTL_AMPDU)) 1099 !(info->flags & IEEE80211_TX_CTL_AMPDU))
1077 tx->flags |= IEEE80211_TX_FRAGMENTED; 1100 tx->flags |= IEEE80211_TX_FRAGMENTED;
1078 else 1101 else
@@ -1147,7 +1170,7 @@ static int __ieee80211_tx(struct ieee80211_local *local,
1147 1170
1148 next = skb->next; 1171 next = skb->next;
1149 len = skb->len; 1172 len = skb->len;
1150 ret = local->ops->tx(local_to_hw(local), skb); 1173 ret = drv_tx(local, skb);
1151 if (WARN_ON(ret != NETDEV_TX_OK && skb->len != len)) { 1174 if (WARN_ON(ret != NETDEV_TX_OK && skb->len != len)) {
1152 dev_kfree_skb(skb); 1175 dev_kfree_skb(skb);
1153 ret = NETDEV_TX_OK; 1176 ret = NETDEV_TX_OK;
@@ -2086,18 +2109,18 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
2086 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 2109 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
2087 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 2110 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
2088 struct ieee80211_hdr *hdr; 2111 struct ieee80211_hdr *hdr;
2112 struct sk_buff *presp = rcu_dereference(ifibss->presp);
2089 2113
2090 if (!ifibss->probe_resp) 2114 if (!presp)
2091 goto out; 2115 goto out;
2092 2116
2093 skb = skb_copy(ifibss->probe_resp, GFP_ATOMIC); 2117 skb = skb_copy(presp, GFP_ATOMIC);
2094 if (!skb) 2118 if (!skb)
2095 goto out; 2119 goto out;
2096 2120
2097 hdr = (struct ieee80211_hdr *) skb->data; 2121 hdr = (struct ieee80211_hdr *) skb->data;
2098 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 2122 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2099 IEEE80211_STYPE_BEACON); 2123 IEEE80211_STYPE_BEACON);
2100
2101 } else if (ieee80211_vif_is_mesh(&sdata->vif)) { 2124 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
2102 struct ieee80211_mgmt *mgmt; 2125 struct ieee80211_mgmt *mgmt;
2103 u8 *pos; 2126 u8 *pos;
@@ -2117,7 +2140,7 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
2117 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 2140 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
2118 /* BSSID is left zeroed, wildcard value */ 2141 /* BSSID is left zeroed, wildcard value */
2119 mgmt->u.beacon.beacon_int = 2142 mgmt->u.beacon.beacon_int =
2120 cpu_to_le16(local->hw.conf.beacon_int); 2143 cpu_to_le16(sdata->vif.bss_conf.beacon_int);
2121 mgmt->u.beacon.capab_info = 0x0; /* 0x0 for MPs */ 2144 mgmt->u.beacon.capab_info = 0x0; /* 0x0 for MPs */
2122 2145
2123 pos = skb_put(skb, 2); 2146 pos = skb_put(skb, 2);
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index fdf432f14554..0689a8fbd1e6 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -20,14 +20,17 @@
20#include <linux/if_arp.h> 20#include <linux/if_arp.h>
21#include <linux/wireless.h> 21#include <linux/wireless.h>
22#include <linux/bitmap.h> 22#include <linux/bitmap.h>
23#include <linux/crc32.h>
23#include <net/net_namespace.h> 24#include <net/net_namespace.h>
24#include <net/cfg80211.h> 25#include <net/cfg80211.h>
25#include <net/rtnetlink.h> 26#include <net/rtnetlink.h>
26 27
27#include "ieee80211_i.h" 28#include "ieee80211_i.h"
29#include "driver-ops.h"
28#include "rate.h" 30#include "rate.h"
29#include "mesh.h" 31#include "mesh.h"
30#include "wme.h" 32#include "wme.h"
33#include "led.h"
31 34
32/* privid for wiphys to determine whether they belong to us or not */ 35/* privid for wiphys to determine whether they belong to us or not */
33void *mac80211_wiphy_privid = &mac80211_wiphy_privid; 36void *mac80211_wiphy_privid = &mac80211_wiphy_privid;
@@ -536,8 +539,16 @@ EXPORT_SYMBOL_GPL(ieee80211_iterate_active_interfaces_atomic);
536void ieee802_11_parse_elems(u8 *start, size_t len, 539void ieee802_11_parse_elems(u8 *start, size_t len,
537 struct ieee802_11_elems *elems) 540 struct ieee802_11_elems *elems)
538{ 541{
542 ieee802_11_parse_elems_crc(start, len, elems, 0, 0);
543}
544
545u32 ieee802_11_parse_elems_crc(u8 *start, size_t len,
546 struct ieee802_11_elems *elems,
547 u64 filter, u32 crc)
548{
539 size_t left = len; 549 size_t left = len;
540 u8 *pos = start; 550 u8 *pos = start;
551 bool calc_crc = filter != 0;
541 552
542 memset(elems, 0, sizeof(*elems)); 553 memset(elems, 0, sizeof(*elems));
543 elems->ie_start = start; 554 elems->ie_start = start;
@@ -551,7 +562,10 @@ void ieee802_11_parse_elems(u8 *start, size_t len,
551 left -= 2; 562 left -= 2;
552 563
553 if (elen > left) 564 if (elen > left)
554 return; 565 break;
566
567 if (calc_crc && id < 64 && (filter & BIT(id)))
568 crc = crc32_be(crc, pos - 2, elen + 2);
555 569
556 switch (id) { 570 switch (id) {
557 case WLAN_EID_SSID: 571 case WLAN_EID_SSID:
@@ -575,8 +589,10 @@ void ieee802_11_parse_elems(u8 *start, size_t len,
575 elems->cf_params_len = elen; 589 elems->cf_params_len = elen;
576 break; 590 break;
577 case WLAN_EID_TIM: 591 case WLAN_EID_TIM:
578 elems->tim = pos; 592 if (elen >= sizeof(struct ieee80211_tim_ie)) {
579 elems->tim_len = elen; 593 elems->tim = (void *)pos;
594 elems->tim_len = elen;
595 }
580 break; 596 break;
581 case WLAN_EID_IBSS_PARAMS: 597 case WLAN_EID_IBSS_PARAMS:
582 elems->ibss_params = pos; 598 elems->ibss_params = pos;
@@ -586,15 +602,20 @@ void ieee802_11_parse_elems(u8 *start, size_t len,
586 elems->challenge = pos; 602 elems->challenge = pos;
587 elems->challenge_len = elen; 603 elems->challenge_len = elen;
588 break; 604 break;
589 case WLAN_EID_WPA: 605 case WLAN_EID_VENDOR_SPECIFIC:
590 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 && 606 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
591 pos[2] == 0xf2) { 607 pos[2] == 0xf2) {
592 /* Microsoft OUI (00:50:F2) */ 608 /* Microsoft OUI (00:50:F2) */
609
610 if (calc_crc)
611 crc = crc32_be(crc, pos - 2, elen + 2);
612
593 if (pos[3] == 1) { 613 if (pos[3] == 1) {
594 /* OUI Type 1 - WPA IE */ 614 /* OUI Type 1 - WPA IE */
595 elems->wpa = pos; 615 elems->wpa = pos;
596 elems->wpa_len = elen; 616 elems->wpa_len = elen;
597 } else if (elen >= 5 && pos[3] == 2) { 617 } else if (elen >= 5 && pos[3] == 2) {
618 /* OUI Type 2 - WMM IE */
598 if (pos[4] == 0) { 619 if (pos[4] == 0) {
599 elems->wmm_info = pos; 620 elems->wmm_info = pos;
600 elems->wmm_info_len = elen; 621 elems->wmm_info_len = elen;
@@ -679,32 +700,70 @@ void ieee802_11_parse_elems(u8 *start, size_t len,
679 left -= elen; 700 left -= elen;
680 pos += elen; 701 pos += elen;
681 } 702 }
703
704 return crc;
682} 705}
683 706
684void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata) 707void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata)
685{ 708{
686 struct ieee80211_local *local = sdata->local; 709 struct ieee80211_local *local = sdata->local;
687 struct ieee80211_tx_queue_params qparam; 710 struct ieee80211_tx_queue_params qparam;
688 int i; 711 int queue;
712 bool use_11b;
713 int aCWmin, aCWmax;
689 714
690 if (!local->ops->conf_tx) 715 if (!local->ops->conf_tx)
691 return; 716 return;
692 717
693 memset(&qparam, 0, sizeof(qparam)); 718 memset(&qparam, 0, sizeof(qparam));
694 719
695 qparam.aifs = 2; 720 use_11b = (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) &&
696 721 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE);
697 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
698 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
699 qparam.cw_min = 31;
700 else
701 qparam.cw_min = 15;
702 722
703 qparam.cw_max = 1023; 723 for (queue = 0; queue < local_to_hw(local)->queues; queue++) {
704 qparam.txop = 0; 724 /* Set defaults according to 802.11-2007 Table 7-37 */
725 aCWmax = 1023;
726 if (use_11b)
727 aCWmin = 31;
728 else
729 aCWmin = 15;
730
731 switch (queue) {
732 case 3: /* AC_BK */
733 qparam.cw_max = aCWmin;
734 qparam.cw_min = aCWmax;
735 qparam.txop = 0;
736 qparam.aifs = 7;
737 break;
738 default: /* never happens but let's not leave undefined */
739 case 2: /* AC_BE */
740 qparam.cw_max = aCWmin;
741 qparam.cw_min = aCWmax;
742 qparam.txop = 0;
743 qparam.aifs = 3;
744 break;
745 case 1: /* AC_VI */
746 qparam.cw_max = aCWmin;
747 qparam.cw_min = (aCWmin + 1) / 2 - 1;
748 if (use_11b)
749 qparam.txop = 6016/32;
750 else
751 qparam.txop = 3008/32;
752 qparam.aifs = 2;
753 break;
754 case 0: /* AC_VO */
755 qparam.cw_max = (aCWmin + 1) / 2 - 1;
756 qparam.cw_min = (aCWmin + 1) / 4 - 1;
757 if (use_11b)
758 qparam.txop = 3264/32;
759 else
760 qparam.txop = 1504/32;
761 qparam.aifs = 2;
762 break;
763 }
705 764
706 for (i = 0; i < local_to_hw(local)->queues; i++) 765 drv_conf_tx(local, queue, &qparam);
707 local->ops->conf_tx(local_to_hw(local), i, &qparam); 766 }
708} 767}
709 768
710void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata, 769void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
@@ -831,16 +890,73 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
831 ieee80211_tx_skb(sdata, skb, encrypt); 890 ieee80211_tx_skb(sdata, skb, encrypt);
832} 891}
833 892
893int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
894 const u8 *ie, size_t ie_len)
895{
896 struct ieee80211_supported_band *sband;
897 u8 *pos, *supp_rates_len, *esupp_rates_len = NULL;
898 int i;
899
900 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
901
902 pos = buffer;
903
904 *pos++ = WLAN_EID_SUPP_RATES;
905 supp_rates_len = pos;
906 *pos++ = 0;
907
908 for (i = 0; i < sband->n_bitrates; i++) {
909 struct ieee80211_rate *rate = &sband->bitrates[i];
910
911 if (esupp_rates_len) {
912 *esupp_rates_len += 1;
913 } else if (*supp_rates_len == 8) {
914 *pos++ = WLAN_EID_EXT_SUPP_RATES;
915 esupp_rates_len = pos;
916 *pos++ = 1;
917 } else
918 *supp_rates_len += 1;
919
920 *pos++ = rate->bitrate / 5;
921 }
922
923 if (sband->ht_cap.ht_supported) {
924 __le16 tmp = cpu_to_le16(sband->ht_cap.cap);
925
926 *pos++ = WLAN_EID_HT_CAPABILITY;
927 *pos++ = sizeof(struct ieee80211_ht_cap);
928 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
929 memcpy(pos, &tmp, sizeof(u16));
930 pos += sizeof(u16);
931 /* TODO: needs a define here for << 2 */
932 *pos++ = sband->ht_cap.ampdu_factor |
933 (sband->ht_cap.ampdu_density << 2);
934 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
935 pos += sizeof(sband->ht_cap.mcs);
936 pos += 2 + 4 + 1; /* ext info, BF cap, antsel */
937 }
938
939 /*
940 * If adding more here, adjust code in main.c
941 * that calculates local->scan_ies_len.
942 */
943
944 if (ie) {
945 memcpy(pos, ie, ie_len);
946 pos += ie_len;
947 }
948
949 return pos - buffer;
950}
951
834void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 952void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
835 u8 *ssid, size_t ssid_len, 953 const u8 *ssid, size_t ssid_len,
836 u8 *ie, size_t ie_len) 954 const u8 *ie, size_t ie_len)
837{ 955{
838 struct ieee80211_local *local = sdata->local; 956 struct ieee80211_local *local = sdata->local;
839 struct ieee80211_supported_band *sband;
840 struct sk_buff *skb; 957 struct sk_buff *skb;
841 struct ieee80211_mgmt *mgmt; 958 struct ieee80211_mgmt *mgmt;
842 u8 *pos, *supp_rates, *esupp_rates = NULL; 959 u8 *pos;
843 int i;
844 960
845 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 + 961 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 +
846 ie_len); 962 ie_len);
@@ -867,31 +983,9 @@ void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
867 *pos++ = WLAN_EID_SSID; 983 *pos++ = WLAN_EID_SSID;
868 *pos++ = ssid_len; 984 *pos++ = ssid_len;
869 memcpy(pos, ssid, ssid_len); 985 memcpy(pos, ssid, ssid_len);
986 pos += ssid_len;
870 987
871 supp_rates = skb_put(skb, 2); 988 skb_put(skb, ieee80211_build_preq_ies(local, pos, ie, ie_len));
872 supp_rates[0] = WLAN_EID_SUPP_RATES;
873 supp_rates[1] = 0;
874 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
875
876 for (i = 0; i < sband->n_bitrates; i++) {
877 struct ieee80211_rate *rate = &sband->bitrates[i];
878 if (esupp_rates) {
879 pos = skb_put(skb, 1);
880 esupp_rates[1]++;
881 } else if (supp_rates[1] == 8) {
882 esupp_rates = skb_put(skb, 3);
883 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
884 esupp_rates[1] = 1;
885 pos = &esupp_rates[2];
886 } else {
887 pos = skb_put(skb, 1);
888 supp_rates[1]++;
889 }
890 *pos = rate->bitrate / 5;
891 }
892
893 if (ie)
894 memcpy(skb_put(skb, ie_len), ie, ie_len);
895 989
896 ieee80211_tx_skb(sdata, skb, 0); 990 ieee80211_tx_skb(sdata, skb, 0);
897} 991}
@@ -931,3 +1025,108 @@ u32 ieee80211_sta_get_rates(struct ieee80211_local *local,
931 } 1025 }
932 return supp_rates; 1026 return supp_rates;
933} 1027}
1028
1029int ieee80211_reconfig(struct ieee80211_local *local)
1030{
1031 struct ieee80211_hw *hw = &local->hw;
1032 struct ieee80211_sub_if_data *sdata;
1033 struct ieee80211_if_init_conf conf;
1034 struct sta_info *sta;
1035 unsigned long flags;
1036 int res;
1037
1038 /* restart hardware */
1039 if (local->open_count) {
1040 res = drv_start(local);
1041
1042 ieee80211_led_radio(local, hw->conf.radio_enabled);
1043 }
1044
1045 /* add interfaces */
1046 list_for_each_entry(sdata, &local->interfaces, list) {
1047 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
1048 sdata->vif.type != NL80211_IFTYPE_MONITOR &&
1049 netif_running(sdata->dev)) {
1050 conf.vif = &sdata->vif;
1051 conf.type = sdata->vif.type;
1052 conf.mac_addr = sdata->dev->dev_addr;
1053 res = drv_add_interface(local, &conf);
1054 }
1055 }
1056
1057 /* add STAs back */
1058 if (local->ops->sta_notify) {
1059 spin_lock_irqsave(&local->sta_lock, flags);
1060 list_for_each_entry(sta, &local->sta_list, list) {
1061 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
1062 sdata = container_of(sdata->bss,
1063 struct ieee80211_sub_if_data,
1064 u.ap);
1065
1066 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_ADD,
1067 &sta->sta);
1068 }
1069 spin_unlock_irqrestore(&local->sta_lock, flags);
1070 }
1071
1072 /* Clear Suspend state so that ADDBA requests can be processed */
1073
1074 rcu_read_lock();
1075
1076 if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) {
1077 list_for_each_entry_rcu(sta, &local->sta_list, list) {
1078 clear_sta_flags(sta, WLAN_STA_SUSPEND);
1079 }
1080 }
1081
1082 rcu_read_unlock();
1083
1084 /* setup RTS threshold */
1085 drv_set_rts_threshold(local, hw->wiphy->rts_threshold);
1086
1087 /* reconfigure hardware */
1088 ieee80211_hw_config(local, ~0);
1089
1090 netif_addr_lock_bh(local->mdev);
1091 ieee80211_configure_filter(local);
1092 netif_addr_unlock_bh(local->mdev);
1093
1094 /* Finally also reconfigure all the BSS information */
1095 list_for_each_entry(sdata, &local->interfaces, list) {
1096 u32 changed = ~0;
1097 if (!netif_running(sdata->dev))
1098 continue;
1099 switch (sdata->vif.type) {
1100 case NL80211_IFTYPE_STATION:
1101 /* disable beacon change bits */
1102 changed &= ~(BSS_CHANGED_BEACON |
1103 BSS_CHANGED_BEACON_ENABLED);
1104 /* fall through */
1105 case NL80211_IFTYPE_ADHOC:
1106 case NL80211_IFTYPE_AP:
1107 case NL80211_IFTYPE_MESH_POINT:
1108 ieee80211_bss_info_change_notify(sdata, changed);
1109 break;
1110 case NL80211_IFTYPE_WDS:
1111 break;
1112 case NL80211_IFTYPE_AP_VLAN:
1113 case NL80211_IFTYPE_MONITOR:
1114 /* ignore virtual */
1115 break;
1116 case NL80211_IFTYPE_UNSPECIFIED:
1117 case __NL80211_IFTYPE_AFTER_LAST:
1118 WARN_ON(1);
1119 break;
1120 }
1121 }
1122
1123 /* add back keys */
1124 list_for_each_entry(sdata, &local->interfaces, list)
1125 if (netif_running(sdata->dev))
1126 ieee80211_enable_keys(sdata);
1127
1128 ieee80211_wake_queues_by_reason(hw,
1129 IEEE80211_QUEUE_STOP_REASON_SUSPEND);
1130
1131 return 0;
1132}
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index 959aa8379ccf..c14394744a9c 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -27,100 +27,6 @@
27#include "aes_ccm.h" 27#include "aes_ccm.h"
28 28
29 29
30static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta_addr,
31 int idx, int alg, int remove,
32 int set_tx_key, const u8 *_key,
33 size_t key_len)
34{
35 struct ieee80211_local *local = sdata->local;
36 struct sta_info *sta;
37 struct ieee80211_key *key;
38 int err;
39
40 if (alg == ALG_AES_CMAC) {
41 if (idx < NUM_DEFAULT_KEYS ||
42 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
43 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d "
44 "(BIP)\n", sdata->dev->name, idx);
45 return -EINVAL;
46 }
47 } else if (idx < 0 || idx >= NUM_DEFAULT_KEYS) {
48 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
49 sdata->dev->name, idx);
50 return -EINVAL;
51 }
52
53 if (remove) {
54 rcu_read_lock();
55
56 err = 0;
57
58 if (is_broadcast_ether_addr(sta_addr)) {
59 key = sdata->keys[idx];
60 } else {
61 sta = sta_info_get(local, sta_addr);
62 if (!sta) {
63 err = -ENOENT;
64 goto out_unlock;
65 }
66 key = sta->key;
67 }
68
69 ieee80211_key_free(key);
70 } else {
71 key = ieee80211_key_alloc(alg, idx, key_len, _key);
72 if (!key)
73 return -ENOMEM;
74
75 sta = NULL;
76 err = 0;
77
78 rcu_read_lock();
79
80 if (!is_broadcast_ether_addr(sta_addr)) {
81 set_tx_key = 0;
82 /*
83 * According to the standard, the key index of a
84 * pairwise key must be zero. However, some AP are
85 * broken when it comes to WEP key indices, so we
86 * work around this.
87 */
88 if (idx != 0 && alg != ALG_WEP) {
89 ieee80211_key_free(key);
90 err = -EINVAL;
91 goto out_unlock;
92 }
93
94 sta = sta_info_get(local, sta_addr);
95 if (!sta) {
96 ieee80211_key_free(key);
97 err = -ENOENT;
98 goto out_unlock;
99 }
100 }
101
102 if (alg == ALG_WEP &&
103 key_len != LEN_WEP40 && key_len != LEN_WEP104) {
104 ieee80211_key_free(key);
105 err = -EINVAL;
106 goto out_unlock;
107 }
108
109 ieee80211_key_link(key, sdata, sta);
110
111 if (set_tx_key || (!sta && !sdata->default_key && key))
112 ieee80211_set_default_key(sdata, idx);
113 if (alg == ALG_AES_CMAC &&
114 (set_tx_key || (!sta && !sdata->default_mgmt_key && key)))
115 ieee80211_set_default_mgmt_key(sdata, idx);
116 }
117
118 out_unlock:
119 rcu_read_unlock();
120
121 return err;
122}
123
124static int ieee80211_ioctl_siwgenie(struct net_device *dev, 30static int ieee80211_ioctl_siwgenie(struct net_device *dev,
125 struct iw_request_info *info, 31 struct iw_request_info *info,
126 struct iw_point *data, char *extra) 32 struct iw_point *data, char *extra)
@@ -135,6 +41,7 @@ static int ieee80211_ioctl_siwgenie(struct net_device *dev,
135 return ret; 41 return ret;
136 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL; 42 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
137 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME; 43 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
44 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
138 ieee80211_sta_req_auth(sdata); 45 ieee80211_sta_req_auth(sdata);
139 return 0; 46 return 0;
140 } 47 }
@@ -149,17 +56,14 @@ static int ieee80211_ioctl_siwfreq(struct net_device *dev,
149 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 56 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
150 57
151 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 58 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
152 sdata->u.ibss.flags &= ~IEEE80211_IBSS_AUTO_CHANNEL_SEL; 59 return cfg80211_ibss_wext_siwfreq(dev, info, freq, extra);
153 else if (sdata->vif.type == NL80211_IFTYPE_STATION) 60 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
154 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL; 61 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL;
155 62
156 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */ 63 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */
157 if (freq->e == 0) { 64 if (freq->e == 0) {
158 if (freq->m < 0) { 65 if (freq->m < 0) {
159 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 66 if (sdata->vif.type == NL80211_IFTYPE_STATION)
160 sdata->u.ibss.flags |=
161 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
162 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
163 sdata->u.mgd.flags |= 67 sdata->u.mgd.flags |=
164 IEEE80211_STA_AUTO_CHANNEL_SEL; 68 IEEE80211_STA_AUTO_CHANNEL_SEL;
165 return 0; 69 return 0;
@@ -183,8 +87,12 @@ static int ieee80211_ioctl_giwfreq(struct net_device *dev,
183 struct iw_freq *freq, char *extra) 87 struct iw_freq *freq, char *extra)
184{ 88{
185 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 89 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
90 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
91
92 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
93 return cfg80211_ibss_wext_giwfreq(dev, info, freq, extra);
186 94
187 freq->m = local->hw.conf.channel->center_freq; 95 freq->m = local->oper_channel->center_freq;
188 freq->e = 6; 96 freq->e = 6;
189 97
190 return 0; 98 return 0;
@@ -195,15 +103,17 @@ static int ieee80211_ioctl_siwessid(struct net_device *dev,
195 struct iw_request_info *info, 103 struct iw_request_info *info,
196 struct iw_point *data, char *ssid) 104 struct iw_point *data, char *ssid)
197{ 105{
198 struct ieee80211_sub_if_data *sdata; 106 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
199 size_t len = data->length; 107 size_t len = data->length;
200 int ret; 108 int ret;
201 109
110 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
111 return cfg80211_ibss_wext_siwessid(dev, info, data, ssid);
112
202 /* iwconfig uses nul termination in SSID.. */ 113 /* iwconfig uses nul termination in SSID.. */
203 if (len > 0 && ssid[len - 1] == '\0') 114 if (len > 0 && ssid[len - 1] == '\0')
204 len--; 115 len--;
205 116
206 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
207 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 117 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
208 if (data->flags) 118 if (data->flags)
209 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL; 119 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
@@ -215,10 +125,10 @@ static int ieee80211_ioctl_siwessid(struct net_device *dev,
215 return ret; 125 return ret;
216 126
217 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME; 127 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
128 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
218 ieee80211_sta_req_auth(sdata); 129 ieee80211_sta_req_auth(sdata);
219 return 0; 130 return 0;
220 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 131 }
221 return ieee80211_ibss_set_ssid(sdata, ssid, len);
222 132
223 return -EOPNOTSUPP; 133 return -EOPNOTSUPP;
224} 134}
@@ -229,9 +139,13 @@ static int ieee80211_ioctl_giwessid(struct net_device *dev,
229 struct iw_point *data, char *ssid) 139 struct iw_point *data, char *ssid)
230{ 140{
231 size_t len; 141 size_t len;
232
233 struct ieee80211_sub_if_data *sdata; 142 struct ieee80211_sub_if_data *sdata;
143
234 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 144 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
145
146 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
147 return cfg80211_ibss_wext_giwessid(dev, info, data, ssid);
148
235 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 149 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
236 int res = ieee80211_sta_get_ssid(sdata, ssid, &len); 150 int res = ieee80211_sta_get_ssid(sdata, ssid, &len);
237 if (res == 0) { 151 if (res == 0) {
@@ -240,14 +154,6 @@ static int ieee80211_ioctl_giwessid(struct net_device *dev,
240 } else 154 } else
241 data->flags = 0; 155 data->flags = 0;
242 return res; 156 return res;
243 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
244 int res = ieee80211_ibss_get_ssid(sdata, ssid, &len);
245 if (res == 0) {
246 data->length = len;
247 data->flags = 1;
248 } else
249 data->flags = 0;
250 return res;
251 } 157 }
252 158
253 return -EOPNOTSUPP; 159 return -EOPNOTSUPP;
@@ -258,9 +164,11 @@ static int ieee80211_ioctl_siwap(struct net_device *dev,
258 struct iw_request_info *info, 164 struct iw_request_info *info,
259 struct sockaddr *ap_addr, char *extra) 165 struct sockaddr *ap_addr, char *extra)
260{ 166{
261 struct ieee80211_sub_if_data *sdata; 167 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
168
169 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
170 return cfg80211_ibss_wext_siwap(dev, info, ap_addr, extra);
262 171
263 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
264 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 172 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
265 int ret; 173 int ret;
266 174
@@ -275,18 +183,9 @@ static int ieee80211_ioctl_siwap(struct net_device *dev,
275 if (ret) 183 if (ret)
276 return ret; 184 return ret;
277 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME; 185 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
186 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
278 ieee80211_sta_req_auth(sdata); 187 ieee80211_sta_req_auth(sdata);
279 return 0; 188 return 0;
280 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
281 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data))
282 sdata->u.ibss.flags |= IEEE80211_IBSS_AUTO_BSSID_SEL |
283 IEEE80211_IBSS_AUTO_CHANNEL_SEL;
284 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
285 sdata->u.ibss.flags |= IEEE80211_IBSS_AUTO_BSSID_SEL;
286 else
287 sdata->u.ibss.flags &= ~IEEE80211_IBSS_AUTO_BSSID_SEL;
288
289 return ieee80211_ibss_set_bssid(sdata, (u8 *) &ap_addr->sa_data);
290 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) { 189 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
291 /* 190 /*
292 * If it is necessary to update the WDS peer address 191 * If it is necessary to update the WDS peer address
@@ -312,9 +211,11 @@ static int ieee80211_ioctl_giwap(struct net_device *dev,
312 struct iw_request_info *info, 211 struct iw_request_info *info,
313 struct sockaddr *ap_addr, char *extra) 212 struct sockaddr *ap_addr, char *extra)
314{ 213{
315 struct ieee80211_sub_if_data *sdata; 214 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
215
216 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
217 return cfg80211_ibss_wext_giwap(dev, info, ap_addr, extra);
316 218
317 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
318 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 219 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
319 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATED) { 220 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATED) {
320 ap_addr->sa_family = ARPHRD_ETHER; 221 ap_addr->sa_family = ARPHRD_ETHER;
@@ -322,13 +223,6 @@ static int ieee80211_ioctl_giwap(struct net_device *dev,
322 } else 223 } else
323 memset(&ap_addr->sa_data, 0, ETH_ALEN); 224 memset(&ap_addr->sa_data, 0, ETH_ALEN);
324 return 0; 225 return 0;
325 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
326 if (sdata->u.ibss.state == IEEE80211_IBSS_MLME_JOINED) {
327 ap_addr->sa_family = ARPHRD_ETHER;
328 memcpy(&ap_addr->sa_data, sdata->u.ibss.bssid, ETH_ALEN);
329 } else
330 memset(&ap_addr->sa_data, 0, ETH_ALEN);
331 return 0;
332 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) { 226 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
333 ap_addr->sa_family = ARPHRD_ETHER; 227 ap_addr->sa_family = ARPHRD_ETHER;
334 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN); 228 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN);
@@ -487,258 +381,6 @@ static int ieee80211_ioctl_giwtxpower(struct net_device *dev,
487 return 0; 381 return 0;
488} 382}
489 383
490static int ieee80211_ioctl_siwrts(struct net_device *dev,
491 struct iw_request_info *info,
492 struct iw_param *rts, char *extra)
493{
494 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
495
496 if (rts->disabled)
497 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
498 else if (!rts->fixed)
499 /* if the rts value is not fixed, then take default */
500 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
501 else if (rts->value < 0 || rts->value > IEEE80211_MAX_RTS_THRESHOLD)
502 return -EINVAL;
503 else
504 local->rts_threshold = rts->value;
505
506 /* If the wlan card performs RTS/CTS in hardware/firmware,
507 * configure it here */
508
509 if (local->ops->set_rts_threshold)
510 local->ops->set_rts_threshold(local_to_hw(local),
511 local->rts_threshold);
512
513 return 0;
514}
515
516static int ieee80211_ioctl_giwrts(struct net_device *dev,
517 struct iw_request_info *info,
518 struct iw_param *rts, char *extra)
519{
520 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
521
522 rts->value = local->rts_threshold;
523 rts->disabled = (rts->value >= IEEE80211_MAX_RTS_THRESHOLD);
524 rts->fixed = 1;
525
526 return 0;
527}
528
529
530static int ieee80211_ioctl_siwfrag(struct net_device *dev,
531 struct iw_request_info *info,
532 struct iw_param *frag, char *extra)
533{
534 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
535
536 if (frag->disabled)
537 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
538 else if (!frag->fixed)
539 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
540 else if (frag->value < 256 ||
541 frag->value > IEEE80211_MAX_FRAG_THRESHOLD)
542 return -EINVAL;
543 else {
544 /* Fragment length must be even, so strip LSB. */
545 local->fragmentation_threshold = frag->value & ~0x1;
546 }
547
548 return 0;
549}
550
551static int ieee80211_ioctl_giwfrag(struct net_device *dev,
552 struct iw_request_info *info,
553 struct iw_param *frag, char *extra)
554{
555 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
556
557 frag->value = local->fragmentation_threshold;
558 frag->disabled = (frag->value >= IEEE80211_MAX_FRAG_THRESHOLD);
559 frag->fixed = 1;
560
561 return 0;
562}
563
564
565static int ieee80211_ioctl_siwretry(struct net_device *dev,
566 struct iw_request_info *info,
567 struct iw_param *retry, char *extra)
568{
569 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
570
571 if (retry->disabled ||
572 (retry->flags & IW_RETRY_TYPE) != IW_RETRY_LIMIT)
573 return -EINVAL;
574
575 if (retry->flags & IW_RETRY_MAX) {
576 local->hw.conf.long_frame_max_tx_count = retry->value;
577 } else if (retry->flags & IW_RETRY_MIN) {
578 local->hw.conf.short_frame_max_tx_count = retry->value;
579 } else {
580 local->hw.conf.long_frame_max_tx_count = retry->value;
581 local->hw.conf.short_frame_max_tx_count = retry->value;
582 }
583
584 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_RETRY_LIMITS);
585
586 return 0;
587}
588
589
590static int ieee80211_ioctl_giwretry(struct net_device *dev,
591 struct iw_request_info *info,
592 struct iw_param *retry, char *extra)
593{
594 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
595
596 retry->disabled = 0;
597 if (retry->flags == 0 || retry->flags & IW_RETRY_MIN) {
598 /* first return min value, iwconfig will ask max value
599 * later if needed */
600 retry->flags |= IW_RETRY_LIMIT;
601 retry->value = local->hw.conf.short_frame_max_tx_count;
602 if (local->hw.conf.long_frame_max_tx_count !=
603 local->hw.conf.short_frame_max_tx_count)
604 retry->flags |= IW_RETRY_MIN;
605 return 0;
606 }
607 if (retry->flags & IW_RETRY_MAX) {
608 retry->flags = IW_RETRY_LIMIT | IW_RETRY_MAX;
609 retry->value = local->hw.conf.long_frame_max_tx_count;
610 }
611
612 return 0;
613}
614
615static int ieee80211_ioctl_siwmlme(struct net_device *dev,
616 struct iw_request_info *info,
617 struct iw_point *data, char *extra)
618{
619 struct ieee80211_sub_if_data *sdata;
620 struct iw_mlme *mlme = (struct iw_mlme *) extra;
621
622 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
623 if (!(sdata->vif.type == NL80211_IFTYPE_STATION))
624 return -EINVAL;
625
626 switch (mlme->cmd) {
627 case IW_MLME_DEAUTH:
628 /* TODO: mlme->addr.sa_data */
629 return ieee80211_sta_deauthenticate(sdata, mlme->reason_code);
630 case IW_MLME_DISASSOC:
631 /* TODO: mlme->addr.sa_data */
632 return ieee80211_sta_disassociate(sdata, mlme->reason_code);
633 default:
634 return -EOPNOTSUPP;
635 }
636}
637
638
639static int ieee80211_ioctl_siwencode(struct net_device *dev,
640 struct iw_request_info *info,
641 struct iw_point *erq, char *keybuf)
642{
643 struct ieee80211_sub_if_data *sdata;
644 int idx, i, alg = ALG_WEP;
645 u8 bcaddr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
646 int remove = 0, ret;
647
648 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
649
650 idx = erq->flags & IW_ENCODE_INDEX;
651 if (idx == 0) {
652 if (sdata->default_key)
653 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
654 if (sdata->default_key == sdata->keys[i]) {
655 idx = i;
656 break;
657 }
658 }
659 } else if (idx < 1 || idx > 4)
660 return -EINVAL;
661 else
662 idx--;
663
664 if (erq->flags & IW_ENCODE_DISABLED)
665 remove = 1;
666 else if (erq->length == 0) {
667 /* No key data - just set the default TX key index */
668 ieee80211_set_default_key(sdata, idx);
669 return 0;
670 }
671
672 ret = ieee80211_set_encryption(
673 sdata, bcaddr,
674 idx, alg, remove,
675 !sdata->default_key,
676 keybuf, erq->length);
677
678 if (!ret) {
679 if (remove)
680 sdata->u.mgd.flags &= ~IEEE80211_STA_TKIP_WEP_USED;
681 else
682 sdata->u.mgd.flags |= IEEE80211_STA_TKIP_WEP_USED;
683 }
684
685 return ret;
686}
687
688
689static int ieee80211_ioctl_giwencode(struct net_device *dev,
690 struct iw_request_info *info,
691 struct iw_point *erq, char *key)
692{
693 struct ieee80211_sub_if_data *sdata;
694 int idx, i;
695
696 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
697
698 idx = erq->flags & IW_ENCODE_INDEX;
699 if (idx < 1 || idx > 4) {
700 idx = -1;
701 if (!sdata->default_key)
702 idx = 0;
703 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
704 if (sdata->default_key == sdata->keys[i]) {
705 idx = i;
706 break;
707 }
708 }
709 if (idx < 0)
710 return -EINVAL;
711 } else
712 idx--;
713
714 erq->flags = idx + 1;
715
716 if (!sdata->keys[idx]) {
717 erq->length = 0;
718 erq->flags |= IW_ENCODE_DISABLED;
719 return 0;
720 }
721
722 memcpy(key, sdata->keys[idx]->conf.key,
723 min_t(int, erq->length, sdata->keys[idx]->conf.keylen));
724 erq->length = sdata->keys[idx]->conf.keylen;
725 erq->flags |= IW_ENCODE_ENABLED;
726
727 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
728 switch (sdata->u.mgd.auth_alg) {
729 case WLAN_AUTH_OPEN:
730 case WLAN_AUTH_LEAP:
731 erq->flags |= IW_ENCODE_OPEN;
732 break;
733 case WLAN_AUTH_SHARED_KEY:
734 erq->flags |= IW_ENCODE_RESTRICTED;
735 break;
736 }
737 }
738
739 return 0;
740}
741
742static int ieee80211_ioctl_siwpower(struct net_device *dev, 384static int ieee80211_ioctl_siwpower(struct net_device *dev,
743 struct iw_request_info *info, 385 struct iw_request_info *info,
744 struct iw_param *wrq, 386 struct iw_param *wrq,
@@ -747,7 +389,7 @@ static int ieee80211_ioctl_siwpower(struct net_device *dev,
747 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 389 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
748 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 390 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
749 struct ieee80211_conf *conf = &local->hw.conf; 391 struct ieee80211_conf *conf = &local->hw.conf;
750 int ret = 0, timeout = 0; 392 int timeout = 0;
751 bool ps; 393 bool ps;
752 394
753 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) 395 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
@@ -779,42 +421,18 @@ static int ieee80211_ioctl_siwpower(struct net_device *dev,
779 timeout = wrq->value / 1000; 421 timeout = wrq->value / 1000;
780 422
781 set: 423 set:
782 if (ps == local->powersave && timeout == conf->dynamic_ps_timeout) 424 if (ps == sdata->u.mgd.powersave && timeout == conf->dynamic_ps_timeout)
783 return ret; 425 return 0;
784 426
785 local->powersave = ps; 427 sdata->u.mgd.powersave = ps;
786 conf->dynamic_ps_timeout = timeout; 428 conf->dynamic_ps_timeout = timeout;
787 429
788 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS) 430 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
789 ret = ieee80211_hw_config(local, 431 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
790 IEEE80211_CONF_CHANGE_DYNPS_TIMEOUT);
791 432
792 if (!(sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)) 433 ieee80211_recalc_ps(local, -1);
793 return ret;
794
795 if (conf->dynamic_ps_timeout > 0 &&
796 !(local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)) {
797 mod_timer(&local->dynamic_ps_timer, jiffies +
798 msecs_to_jiffies(conf->dynamic_ps_timeout));
799 } else {
800 if (local->powersave) {
801 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
802 ieee80211_send_nullfunc(local, sdata, 1);
803 conf->flags |= IEEE80211_CONF_PS;
804 ret = ieee80211_hw_config(local,
805 IEEE80211_CONF_CHANGE_PS);
806 } else {
807 conf->flags &= ~IEEE80211_CONF_PS;
808 ret = ieee80211_hw_config(local,
809 IEEE80211_CONF_CHANGE_PS);
810 if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
811 ieee80211_send_nullfunc(local, sdata, 0);
812 del_timer_sync(&local->dynamic_ps_timer);
813 cancel_work_sync(&local->dynamic_ps_enable_work);
814 }
815 }
816 434
817 return ret; 435 return 0;
818} 436}
819 437
820static int ieee80211_ioctl_giwpower(struct net_device *dev, 438static int ieee80211_ioctl_giwpower(struct net_device *dev,
@@ -822,9 +440,9 @@ static int ieee80211_ioctl_giwpower(struct net_device *dev,
822 union iwreq_data *wrqu, 440 union iwreq_data *wrqu,
823 char *extra) 441 char *extra)
824{ 442{
825 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 443 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
826 444
827 wrqu->power.disabled = !local->powersave; 445 wrqu->power.disabled = !sdata->u.mgd.powersave;
828 446
829 return 0; 447 return 0;
830} 448}
@@ -997,82 +615,6 @@ static int ieee80211_ioctl_giwauth(struct net_device *dev,
997} 615}
998 616
999 617
1000static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1001 struct iw_request_info *info,
1002 struct iw_point *erq, char *extra)
1003{
1004 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1005 struct iw_encode_ext *ext = (struct iw_encode_ext *) extra;
1006 int uninitialized_var(alg), idx, i, remove = 0;
1007
1008 switch (ext->alg) {
1009 case IW_ENCODE_ALG_NONE:
1010 remove = 1;
1011 break;
1012 case IW_ENCODE_ALG_WEP:
1013 alg = ALG_WEP;
1014 break;
1015 case IW_ENCODE_ALG_TKIP:
1016 alg = ALG_TKIP;
1017 break;
1018 case IW_ENCODE_ALG_CCMP:
1019 alg = ALG_CCMP;
1020 break;
1021 case IW_ENCODE_ALG_AES_CMAC:
1022 alg = ALG_AES_CMAC;
1023 break;
1024 default:
1025 return -EOPNOTSUPP;
1026 }
1027
1028 if (erq->flags & IW_ENCODE_DISABLED)
1029 remove = 1;
1030
1031 idx = erq->flags & IW_ENCODE_INDEX;
1032 if (alg == ALG_AES_CMAC) {
1033 if (idx < NUM_DEFAULT_KEYS + 1 ||
1034 idx > NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
1035 idx = -1;
1036 if (!sdata->default_mgmt_key)
1037 idx = 0;
1038 else for (i = NUM_DEFAULT_KEYS;
1039 i < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS;
1040 i++) {
1041 if (sdata->default_mgmt_key == sdata->keys[i])
1042 {
1043 idx = i;
1044 break;
1045 }
1046 }
1047 if (idx < 0)
1048 return -EINVAL;
1049 } else
1050 idx--;
1051 } else {
1052 if (idx < 1 || idx > 4) {
1053 idx = -1;
1054 if (!sdata->default_key)
1055 idx = 0;
1056 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1057 if (sdata->default_key == sdata->keys[i]) {
1058 idx = i;
1059 break;
1060 }
1061 }
1062 if (idx < 0)
1063 return -EINVAL;
1064 } else
1065 idx--;
1066 }
1067
1068 return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg,
1069 remove,
1070 ext->ext_flags &
1071 IW_ENCODE_EXT_SET_TX_KEY,
1072 ext->key, ext->key_len);
1073}
1074
1075
1076/* Structures to export the Wireless Handlers */ 618/* Structures to export the Wireless Handlers */
1077 619
1078static const iw_handler ieee80211_handler[] = 620static const iw_handler ieee80211_handler[] =
@@ -1099,7 +641,7 @@ static const iw_handler ieee80211_handler[] =
1099 (iw_handler) NULL, /* SIOCGIWTHRSPY */ 641 (iw_handler) NULL, /* SIOCGIWTHRSPY */
1100 (iw_handler) ieee80211_ioctl_siwap, /* SIOCSIWAP */ 642 (iw_handler) ieee80211_ioctl_siwap, /* SIOCSIWAP */
1101 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */ 643 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */
1102 (iw_handler) ieee80211_ioctl_siwmlme, /* SIOCSIWMLME */ 644 (iw_handler) cfg80211_wext_siwmlme, /* SIOCSIWMLME */
1103 (iw_handler) NULL, /* SIOCGIWAPLIST */ 645 (iw_handler) NULL, /* SIOCGIWAPLIST */
1104 (iw_handler) cfg80211_wext_siwscan, /* SIOCSIWSCAN */ 646 (iw_handler) cfg80211_wext_siwscan, /* SIOCSIWSCAN */
1105 (iw_handler) cfg80211_wext_giwscan, /* SIOCGIWSCAN */ 647 (iw_handler) cfg80211_wext_giwscan, /* SIOCGIWSCAN */
@@ -1111,16 +653,16 @@ static const iw_handler ieee80211_handler[] =
1111 (iw_handler) NULL, /* -- hole -- */ 653 (iw_handler) NULL, /* -- hole -- */
1112 (iw_handler) ieee80211_ioctl_siwrate, /* SIOCSIWRATE */ 654 (iw_handler) ieee80211_ioctl_siwrate, /* SIOCSIWRATE */
1113 (iw_handler) ieee80211_ioctl_giwrate, /* SIOCGIWRATE */ 655 (iw_handler) ieee80211_ioctl_giwrate, /* SIOCGIWRATE */
1114 (iw_handler) ieee80211_ioctl_siwrts, /* SIOCSIWRTS */ 656 (iw_handler) cfg80211_wext_siwrts, /* SIOCSIWRTS */
1115 (iw_handler) ieee80211_ioctl_giwrts, /* SIOCGIWRTS */ 657 (iw_handler) cfg80211_wext_giwrts, /* SIOCGIWRTS */
1116 (iw_handler) ieee80211_ioctl_siwfrag, /* SIOCSIWFRAG */ 658 (iw_handler) cfg80211_wext_siwfrag, /* SIOCSIWFRAG */
1117 (iw_handler) ieee80211_ioctl_giwfrag, /* SIOCGIWFRAG */ 659 (iw_handler) cfg80211_wext_giwfrag, /* SIOCGIWFRAG */
1118 (iw_handler) ieee80211_ioctl_siwtxpower, /* SIOCSIWTXPOW */ 660 (iw_handler) ieee80211_ioctl_siwtxpower, /* SIOCSIWTXPOW */
1119 (iw_handler) ieee80211_ioctl_giwtxpower, /* SIOCGIWTXPOW */ 661 (iw_handler) ieee80211_ioctl_giwtxpower, /* SIOCGIWTXPOW */
1120 (iw_handler) ieee80211_ioctl_siwretry, /* SIOCSIWRETRY */ 662 (iw_handler) cfg80211_wext_siwretry, /* SIOCSIWRETRY */
1121 (iw_handler) ieee80211_ioctl_giwretry, /* SIOCGIWRETRY */ 663 (iw_handler) cfg80211_wext_giwretry, /* SIOCGIWRETRY */
1122 (iw_handler) ieee80211_ioctl_siwencode, /* SIOCSIWENCODE */ 664 (iw_handler) cfg80211_wext_siwencode, /* SIOCSIWENCODE */
1123 (iw_handler) ieee80211_ioctl_giwencode, /* SIOCGIWENCODE */ 665 (iw_handler) cfg80211_wext_giwencode, /* SIOCGIWENCODE */
1124 (iw_handler) ieee80211_ioctl_siwpower, /* SIOCSIWPOWER */ 666 (iw_handler) ieee80211_ioctl_siwpower, /* SIOCSIWPOWER */
1125 (iw_handler) ieee80211_ioctl_giwpower, /* SIOCGIWPOWER */ 667 (iw_handler) ieee80211_ioctl_giwpower, /* SIOCGIWPOWER */
1126 (iw_handler) NULL, /* -- hole -- */ 668 (iw_handler) NULL, /* -- hole -- */
@@ -1129,7 +671,7 @@ static const iw_handler ieee80211_handler[] =
1129 (iw_handler) NULL, /* SIOCGIWGENIE */ 671 (iw_handler) NULL, /* SIOCGIWGENIE */
1130 (iw_handler) ieee80211_ioctl_siwauth, /* SIOCSIWAUTH */ 672 (iw_handler) ieee80211_ioctl_siwauth, /* SIOCSIWAUTH */
1131 (iw_handler) ieee80211_ioctl_giwauth, /* SIOCGIWAUTH */ 673 (iw_handler) ieee80211_ioctl_giwauth, /* SIOCGIWAUTH */
1132 (iw_handler) ieee80211_ioctl_siwencodeext, /* SIOCSIWENCODEEXT */ 674 (iw_handler) cfg80211_wext_siwencodeext, /* SIOCSIWENCODEEXT */
1133 (iw_handler) NULL, /* SIOCGIWENCODEEXT */ 675 (iw_handler) NULL, /* SIOCGIWENCODEEXT */
1134 (iw_handler) NULL, /* SIOCSIWPMKSA */ 676 (iw_handler) NULL, /* SIOCSIWPMKSA */
1135 (iw_handler) NULL, /* -- hole -- */ 677 (iw_handler) NULL, /* -- hole -- */
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index 0b8ad1f4ecdd..45b74f38b867 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -133,7 +133,7 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
133 u8 *p = ieee80211_get_qos_ctl(hdr); 133 u8 *p = ieee80211_get_qos_ctl(hdr);
134 u8 ack_policy = 0; 134 u8 ack_policy = 0;
135 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; 135 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
136 if (local->wifi_wme_noack_test) 136 if (unlikely(local->wifi_wme_noack_test))
137 ack_policy |= QOS_CONTROL_ACK_POLICY_NOACK << 137 ack_policy |= QOS_CONTROL_ACK_POLICY_NOACK <<
138 QOS_CONTROL_ACK_POLICY_SHIFT; 138 QOS_CONTROL_ACK_POLICY_SHIFT;
139 /* qos header is 2 bytes, second reserved */ 139 /* qos header is 2 bytes, second reserved */
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 4f8bfea278f2..dcfae8884b86 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -122,7 +122,7 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
122 return RX_DROP_UNUSABLE; 122 return RX_DROP_UNUSABLE;
123 123
124 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx, 124 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx,
125 (void *) skb->data); 125 (void *) skb->data, NULL);
126 return RX_DROP_UNUSABLE; 126 return RX_DROP_UNUSABLE;
127 } 127 }
128 128
diff --git a/net/rds/af_rds.c b/net/rds/af_rds.c
index 20cf16fc572f..b11e7e527864 100644
--- a/net/rds/af_rds.c
+++ b/net/rds/af_rds.c
@@ -35,7 +35,6 @@
35#include <linux/kernel.h> 35#include <linux/kernel.h>
36#include <linux/in.h> 36#include <linux/in.h>
37#include <linux/poll.h> 37#include <linux/poll.h>
38#include <linux/version.h>
39#include <net/sock.h> 38#include <net/sock.h>
40 39
41#include "rds.h" 40#include "rds.h"
diff --git a/net/rds/connection.c b/net/rds/connection.c
index 273f064930a8..d14445c48304 100644
--- a/net/rds/connection.c
+++ b/net/rds/connection.c
@@ -148,14 +148,12 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr,
148 if (conn) 148 if (conn)
149 goto out; 149 goto out;
150 150
151 conn = kmem_cache_alloc(rds_conn_slab, gfp); 151 conn = kmem_cache_zalloc(rds_conn_slab, gfp);
152 if (conn == NULL) { 152 if (conn == NULL) {
153 conn = ERR_PTR(-ENOMEM); 153 conn = ERR_PTR(-ENOMEM);
154 goto out; 154 goto out;
155 } 155 }
156 156
157 memset(conn, 0, sizeof(*conn));
158
159 INIT_HLIST_NODE(&conn->c_hash_node); 157 INIT_HLIST_NODE(&conn->c_hash_node);
160 conn->c_version = RDS_PROTOCOL_3_0; 158 conn->c_version = RDS_PROTOCOL_3_0;
161 conn->c_laddr = laddr; 159 conn->c_laddr = laddr;
diff --git a/net/rds/ib.c b/net/rds/ib.c
index 4933b380985e..b9bcd32431e1 100644
--- a/net/rds/ib.c
+++ b/net/rds/ib.c
@@ -224,8 +224,8 @@ static int rds_ib_laddr_check(__be32 addr)
224 * IB and iWARP capable NICs. 224 * IB and iWARP capable NICs.
225 */ 225 */
226 cm_id = rdma_create_id(NULL, NULL, RDMA_PS_TCP); 226 cm_id = rdma_create_id(NULL, NULL, RDMA_PS_TCP);
227 if (!cm_id) 227 if (IS_ERR(cm_id))
228 return -EADDRNOTAVAIL; 228 return PTR_ERR(cm_id);
229 229
230 memset(&sin, 0, sizeof(sin)); 230 memset(&sin, 0, sizeof(sin));
231 sin.sin_family = AF_INET; 231 sin.sin_family = AF_INET;
diff --git a/net/rds/ib.h b/net/rds/ib.h
index 069206cae733..455ae73047fe 100644
--- a/net/rds/ib.h
+++ b/net/rds/ib.h
@@ -333,7 +333,7 @@ int rds_ib_xmit_rdma(struct rds_connection *conn, struct rds_rdma_op *op);
333void rds_ib_send_add_credits(struct rds_connection *conn, unsigned int credits); 333void rds_ib_send_add_credits(struct rds_connection *conn, unsigned int credits);
334void rds_ib_advertise_credits(struct rds_connection *conn, unsigned int posted); 334void rds_ib_advertise_credits(struct rds_connection *conn, unsigned int posted);
335int rds_ib_send_grab_credits(struct rds_ib_connection *ic, u32 wanted, 335int rds_ib_send_grab_credits(struct rds_ib_connection *ic, u32 wanted,
336 u32 *adv_credits, int need_posted); 336 u32 *adv_credits, int need_posted, int max_posted);
337 337
338/* ib_stats.c */ 338/* ib_stats.c */
339DECLARE_PER_CPU(struct rds_ib_statistics, rds_ib_stats); 339DECLARE_PER_CPU(struct rds_ib_statistics, rds_ib_stats);
diff --git a/net/rds/ib_recv.c b/net/rds/ib_recv.c
index 36d931573ff4..5709bad28329 100644
--- a/net/rds/ib_recv.c
+++ b/net/rds/ib_recv.c
@@ -524,7 +524,7 @@ void rds_ib_attempt_ack(struct rds_ib_connection *ic)
524 } 524 }
525 525
526 /* Can we get a send credit? */ 526 /* Can we get a send credit? */
527 if (!rds_ib_send_grab_credits(ic, 1, &adv_credits, 0)) { 527 if (!rds_ib_send_grab_credits(ic, 1, &adv_credits, 0, RDS_MAX_ADV_CREDIT)) {
528 rds_ib_stats_inc(s_ib_tx_throttle); 528 rds_ib_stats_inc(s_ib_tx_throttle);
529 clear_bit(IB_ACK_IN_FLIGHT, &ic->i_ack_flags); 529 clear_bit(IB_ACK_IN_FLIGHT, &ic->i_ack_flags);
530 return; 530 return;
diff --git a/net/rds/ib_ring.c b/net/rds/ib_ring.c
index 99a6ccae964c..ff97e8eda858 100644
--- a/net/rds/ib_ring.c
+++ b/net/rds/ib_ring.c
@@ -137,7 +137,7 @@ int rds_ib_ring_empty(struct rds_ib_work_ring *ring)
137 137
138int rds_ib_ring_low(struct rds_ib_work_ring *ring) 138int rds_ib_ring_low(struct rds_ib_work_ring *ring)
139{ 139{
140 return __rds_ib_ring_used(ring) <= (ring->w_nr >> 2); 140 return __rds_ib_ring_used(ring) <= (ring->w_nr >> 1);
141} 141}
142 142
143/* 143/*
diff --git a/net/rds/ib_send.c b/net/rds/ib_send.c
index cb6c52cb1c4c..23bf830db2d5 100644
--- a/net/rds/ib_send.c
+++ b/net/rds/ib_send.c
@@ -311,7 +311,7 @@ void rds_ib_send_cq_comp_handler(struct ib_cq *cq, void *context)
311 * and using atomic_cmpxchg when updating the two counters. 311 * and using atomic_cmpxchg when updating the two counters.
312 */ 312 */
313int rds_ib_send_grab_credits(struct rds_ib_connection *ic, 313int rds_ib_send_grab_credits(struct rds_ib_connection *ic,
314 u32 wanted, u32 *adv_credits, int need_posted) 314 u32 wanted, u32 *adv_credits, int need_posted, int max_posted)
315{ 315{
316 unsigned int avail, posted, got = 0, advertise; 316 unsigned int avail, posted, got = 0, advertise;
317 long oldval, newval; 317 long oldval, newval;
@@ -351,7 +351,7 @@ try_again:
351 * available. 351 * available.
352 */ 352 */
353 if (posted && (got || need_posted)) { 353 if (posted && (got || need_posted)) {
354 advertise = min_t(unsigned int, posted, RDS_MAX_ADV_CREDIT); 354 advertise = min_t(unsigned int, posted, max_posted);
355 newval -= IB_SET_POST_CREDITS(advertise); 355 newval -= IB_SET_POST_CREDITS(advertise);
356 } 356 }
357 357
@@ -498,7 +498,7 @@ int rds_ib_xmit(struct rds_connection *conn, struct rds_message *rm,
498 498
499 credit_alloc = work_alloc; 499 credit_alloc = work_alloc;
500 if (ic->i_flowctl) { 500 if (ic->i_flowctl) {
501 credit_alloc = rds_ib_send_grab_credits(ic, work_alloc, &posted, 0); 501 credit_alloc = rds_ib_send_grab_credits(ic, work_alloc, &posted, 0, RDS_MAX_ADV_CREDIT);
502 adv_credits += posted; 502 adv_credits += posted;
503 if (credit_alloc < work_alloc) { 503 if (credit_alloc < work_alloc) {
504 rds_ib_ring_unalloc(&ic->i_send_ring, work_alloc - credit_alloc); 504 rds_ib_ring_unalloc(&ic->i_send_ring, work_alloc - credit_alloc);
@@ -506,7 +506,7 @@ int rds_ib_xmit(struct rds_connection *conn, struct rds_message *rm,
506 flow_controlled++; 506 flow_controlled++;
507 } 507 }
508 if (work_alloc == 0) { 508 if (work_alloc == 0) {
509 rds_ib_ring_unalloc(&ic->i_send_ring, work_alloc); 509 set_bit(RDS_LL_SEND_FULL, &conn->c_flags);
510 rds_ib_stats_inc(s_ib_tx_throttle); 510 rds_ib_stats_inc(s_ib_tx_throttle);
511 ret = -ENOMEM; 511 ret = -ENOMEM;
512 goto out; 512 goto out;
@@ -571,7 +571,7 @@ int rds_ib_xmit(struct rds_connection *conn, struct rds_message *rm,
571 /* 571 /*
572 * Update adv_credits since we reset the ACK_REQUIRED bit. 572 * Update adv_credits since we reset the ACK_REQUIRED bit.
573 */ 573 */
574 rds_ib_send_grab_credits(ic, 0, &posted, 1); 574 rds_ib_send_grab_credits(ic, 0, &posted, 1, RDS_MAX_ADV_CREDIT - adv_credits);
575 adv_credits += posted; 575 adv_credits += posted;
576 BUG_ON(adv_credits > 255); 576 BUG_ON(adv_credits > 255);
577 } else if (ic->i_rm != rm) 577 } else if (ic->i_rm != rm)
diff --git a/net/rds/info.c b/net/rds/info.c
index 1d885535214d..62aeef37aefe 100644
--- a/net/rds/info.c
+++ b/net/rds/info.c
@@ -188,10 +188,7 @@ int rds_info_getsockopt(struct socket *sock, int optname, char __user *optval,
188 ret = -ENOMEM; 188 ret = -ENOMEM;
189 goto out; 189 goto out;
190 } 190 }
191 down_read(&current->mm->mmap_sem); 191 ret = get_user_pages_fast(start, nr_pages, 1, pages);
192 ret = get_user_pages(current, current->mm, start, nr_pages, 1, 0,
193 pages, NULL);
194 up_read(&current->mm->mmap_sem);
195 if (ret != nr_pages) { 192 if (ret != nr_pages) {
196 if (ret > 0) 193 if (ret > 0)
197 nr_pages = ret; 194 nr_pages = ret;
diff --git a/net/rds/iw.c b/net/rds/iw.c
index b732efb5b634..d16e1cbc8e83 100644
--- a/net/rds/iw.c
+++ b/net/rds/iw.c
@@ -233,8 +233,8 @@ static int rds_iw_laddr_check(__be32 addr)
233 * IB and iWARP capable NICs. 233 * IB and iWARP capable NICs.
234 */ 234 */
235 cm_id = rdma_create_id(NULL, NULL, RDMA_PS_TCP); 235 cm_id = rdma_create_id(NULL, NULL, RDMA_PS_TCP);
236 if (!cm_id) 236 if (IS_ERR(cm_id))
237 return -EADDRNOTAVAIL; 237 return PTR_ERR(cm_id);
238 238
239 memset(&sin, 0, sizeof(sin)); 239 memset(&sin, 0, sizeof(sin));
240 sin.sin_family = AF_INET; 240 sin.sin_family = AF_INET;
diff --git a/net/rds/iw.h b/net/rds/iw.h
index b4fb27252895..0715dde323e7 100644
--- a/net/rds/iw.h
+++ b/net/rds/iw.h
@@ -361,7 +361,7 @@ int rds_iw_xmit_rdma(struct rds_connection *conn, struct rds_rdma_op *op);
361void rds_iw_send_add_credits(struct rds_connection *conn, unsigned int credits); 361void rds_iw_send_add_credits(struct rds_connection *conn, unsigned int credits);
362void rds_iw_advertise_credits(struct rds_connection *conn, unsigned int posted); 362void rds_iw_advertise_credits(struct rds_connection *conn, unsigned int posted);
363int rds_iw_send_grab_credits(struct rds_iw_connection *ic, u32 wanted, 363int rds_iw_send_grab_credits(struct rds_iw_connection *ic, u32 wanted,
364 u32 *adv_credits, int need_posted); 364 u32 *adv_credits, int need_posted, int max_posted);
365 365
366/* ib_stats.c */ 366/* ib_stats.c */
367DECLARE_PER_CPU(struct rds_iw_statistics, rds_iw_stats); 367DECLARE_PER_CPU(struct rds_iw_statistics, rds_iw_stats);
diff --git a/net/rds/iw_recv.c b/net/rds/iw_recv.c
index fde470fa50d5..8683f5f66c4b 100644
--- a/net/rds/iw_recv.c
+++ b/net/rds/iw_recv.c
@@ -524,7 +524,7 @@ void rds_iw_attempt_ack(struct rds_iw_connection *ic)
524 } 524 }
525 525
526 /* Can we get a send credit? */ 526 /* Can we get a send credit? */
527 if (!rds_iw_send_grab_credits(ic, 1, &adv_credits, 0)) { 527 if (!rds_iw_send_grab_credits(ic, 1, &adv_credits, 0, RDS_MAX_ADV_CREDIT)) {
528 rds_iw_stats_inc(s_iw_tx_throttle); 528 rds_iw_stats_inc(s_iw_tx_throttle);
529 clear_bit(IB_ACK_IN_FLIGHT, &ic->i_ack_flags); 529 clear_bit(IB_ACK_IN_FLIGHT, &ic->i_ack_flags);
530 return; 530 return;
diff --git a/net/rds/iw_ring.c b/net/rds/iw_ring.c
index d422d4b5deef..da8e3b63f663 100644
--- a/net/rds/iw_ring.c
+++ b/net/rds/iw_ring.c
@@ -137,7 +137,7 @@ int rds_iw_ring_empty(struct rds_iw_work_ring *ring)
137 137
138int rds_iw_ring_low(struct rds_iw_work_ring *ring) 138int rds_iw_ring_low(struct rds_iw_work_ring *ring)
139{ 139{
140 return __rds_iw_ring_used(ring) <= (ring->w_nr >> 2); 140 return __rds_iw_ring_used(ring) <= (ring->w_nr >> 1);
141} 141}
142 142
143 143
diff --git a/net/rds/iw_send.c b/net/rds/iw_send.c
index 22dd38ffd608..44a6a0551f28 100644
--- a/net/rds/iw_send.c
+++ b/net/rds/iw_send.c
@@ -347,7 +347,7 @@ void rds_iw_send_cq_comp_handler(struct ib_cq *cq, void *context)
347 * and using atomic_cmpxchg when updating the two counters. 347 * and using atomic_cmpxchg when updating the two counters.
348 */ 348 */
349int rds_iw_send_grab_credits(struct rds_iw_connection *ic, 349int rds_iw_send_grab_credits(struct rds_iw_connection *ic,
350 u32 wanted, u32 *adv_credits, int need_posted) 350 u32 wanted, u32 *adv_credits, int need_posted, int max_posted)
351{ 351{
352 unsigned int avail, posted, got = 0, advertise; 352 unsigned int avail, posted, got = 0, advertise;
353 long oldval, newval; 353 long oldval, newval;
@@ -387,7 +387,7 @@ try_again:
387 * available. 387 * available.
388 */ 388 */
389 if (posted && (got || need_posted)) { 389 if (posted && (got || need_posted)) {
390 advertise = min_t(unsigned int, posted, RDS_MAX_ADV_CREDIT); 390 advertise = min_t(unsigned int, posted, max_posted);
391 newval -= IB_SET_POST_CREDITS(advertise); 391 newval -= IB_SET_POST_CREDITS(advertise);
392 } 392 }
393 393
@@ -541,7 +541,7 @@ int rds_iw_xmit(struct rds_connection *conn, struct rds_message *rm,
541 541
542 credit_alloc = work_alloc; 542 credit_alloc = work_alloc;
543 if (ic->i_flowctl) { 543 if (ic->i_flowctl) {
544 credit_alloc = rds_iw_send_grab_credits(ic, work_alloc, &posted, 0); 544 credit_alloc = rds_iw_send_grab_credits(ic, work_alloc, &posted, 0, RDS_MAX_ADV_CREDIT);
545 adv_credits += posted; 545 adv_credits += posted;
546 if (credit_alloc < work_alloc) { 546 if (credit_alloc < work_alloc) {
547 rds_iw_ring_unalloc(&ic->i_send_ring, work_alloc - credit_alloc); 547 rds_iw_ring_unalloc(&ic->i_send_ring, work_alloc - credit_alloc);
@@ -549,7 +549,7 @@ int rds_iw_xmit(struct rds_connection *conn, struct rds_message *rm,
549 flow_controlled++; 549 flow_controlled++;
550 } 550 }
551 if (work_alloc == 0) { 551 if (work_alloc == 0) {
552 rds_iw_ring_unalloc(&ic->i_send_ring, work_alloc); 552 set_bit(RDS_LL_SEND_FULL, &conn->c_flags);
553 rds_iw_stats_inc(s_iw_tx_throttle); 553 rds_iw_stats_inc(s_iw_tx_throttle);
554 ret = -ENOMEM; 554 ret = -ENOMEM;
555 goto out; 555 goto out;
@@ -614,7 +614,7 @@ int rds_iw_xmit(struct rds_connection *conn, struct rds_message *rm,
614 /* 614 /*
615 * Update adv_credits since we reset the ACK_REQUIRED bit. 615 * Update adv_credits since we reset the ACK_REQUIRED bit.
616 */ 616 */
617 rds_iw_send_grab_credits(ic, 0, &posted, 1); 617 rds_iw_send_grab_credits(ic, 0, &posted, 1, RDS_MAX_ADV_CREDIT - adv_credits);
618 adv_credits += posted; 618 adv_credits += posted;
619 BUG_ON(adv_credits > 255); 619 BUG_ON(adv_credits > 255);
620 } else if (ic->i_rm != rm) 620 } else if (ic->i_rm != rm)
diff --git a/net/rds/rdma.c b/net/rds/rdma.c
index eaeeb91e1119..8dc83d2caa58 100644
--- a/net/rds/rdma.c
+++ b/net/rds/rdma.c
@@ -150,12 +150,9 @@ static int rds_pin_pages(unsigned long user_addr, unsigned int nr_pages,
150{ 150{
151 int ret; 151 int ret;
152 152
153 down_read(&current->mm->mmap_sem); 153 ret = get_user_pages_fast(user_addr, nr_pages, write, pages);
154 ret = get_user_pages(current, current->mm, user_addr,
155 nr_pages, write, 0, pages, NULL);
156 up_read(&current->mm->mmap_sem);
157 154
158 if (0 <= ret && (unsigned) ret < nr_pages) { 155 if (ret >= 0 && ret < nr_pages) {
159 while (ret--) 156 while (ret--)
160 put_page(pages[ret]); 157 put_page(pages[ret]);
161 ret = -EFAULT; 158 ret = -EFAULT;
diff --git a/net/rds/rdma_transport.c b/net/rds/rdma_transport.c
index 7b19024f9706..7d0f901c93d5 100644
--- a/net/rds/rdma_transport.c
+++ b/net/rds/rdma_transport.c
@@ -34,7 +34,7 @@
34 34
35#include "rdma_transport.h" 35#include "rdma_transport.h"
36 36
37static struct rdma_cm_id *rds_iw_listen_id; 37static struct rdma_cm_id *rds_rdma_listen_id;
38 38
39int rds_rdma_cm_event_handler(struct rdma_cm_id *cm_id, 39int rds_rdma_cm_event_handler(struct rdma_cm_id *cm_id,
40 struct rdma_cm_event *event) 40 struct rdma_cm_event *event)
@@ -161,7 +161,7 @@ static int __init rds_rdma_listen_init(void)
161 161
162 rdsdebug("cm %p listening on port %u\n", cm_id, RDS_PORT); 162 rdsdebug("cm %p listening on port %u\n", cm_id, RDS_PORT);
163 163
164 rds_iw_listen_id = cm_id; 164 rds_rdma_listen_id = cm_id;
165 cm_id = NULL; 165 cm_id = NULL;
166out: 166out:
167 if (cm_id) 167 if (cm_id)
@@ -171,10 +171,10 @@ out:
171 171
172static void rds_rdma_listen_stop(void) 172static void rds_rdma_listen_stop(void)
173{ 173{
174 if (rds_iw_listen_id) { 174 if (rds_rdma_listen_id) {
175 rdsdebug("cm %p\n", rds_iw_listen_id); 175 rdsdebug("cm %p\n", rds_rdma_listen_id);
176 rdma_destroy_id(rds_iw_listen_id); 176 rdma_destroy_id(rds_rdma_listen_id);
177 rds_iw_listen_id = NULL; 177 rds_rdma_listen_id = NULL;
178 } 178 }
179} 179}
180 180
diff --git a/net/rds/rds.h b/net/rds/rds.h
index 71794449ca4e..dbe111236783 100644
--- a/net/rds/rds.h
+++ b/net/rds/rds.h
@@ -132,7 +132,7 @@ struct rds_connection {
132#define RDS_FLAG_CONG_BITMAP 0x01 132#define RDS_FLAG_CONG_BITMAP 0x01
133#define RDS_FLAG_ACK_REQUIRED 0x02 133#define RDS_FLAG_ACK_REQUIRED 0x02
134#define RDS_FLAG_RETRANSMITTED 0x04 134#define RDS_FLAG_RETRANSMITTED 0x04
135#define RDS_MAX_ADV_CREDIT 127 135#define RDS_MAX_ADV_CREDIT 255
136 136
137/* 137/*
138 * Maximum space available for extension headers. 138 * Maximum space available for extension headers.
diff --git a/net/rds/send.c b/net/rds/send.c
index 104fe033203d..a4a7f428cd76 100644
--- a/net/rds/send.c
+++ b/net/rds/send.c
@@ -854,11 +854,6 @@ int rds_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
854 854
855 rm->m_daddr = daddr; 855 rm->m_daddr = daddr;
856 856
857 /* Parse any control messages the user may have included. */
858 ret = rds_cmsg_send(rs, rm, msg, &allocated_mr);
859 if (ret)
860 goto out;
861
862 /* rds_conn_create has a spinlock that runs with IRQ off. 857 /* rds_conn_create has a spinlock that runs with IRQ off.
863 * Caching the conn in the socket helps a lot. */ 858 * Caching the conn in the socket helps a lot. */
864 if (rs->rs_conn && rs->rs_conn->c_faddr == daddr) 859 if (rs->rs_conn && rs->rs_conn->c_faddr == daddr)
@@ -874,6 +869,11 @@ int rds_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
874 rs->rs_conn = conn; 869 rs->rs_conn = conn;
875 } 870 }
876 871
872 /* Parse any control messages the user may have included. */
873 ret = rds_cmsg_send(rs, rm, msg, &allocated_mr);
874 if (ret)
875 goto out;
876
877 if ((rm->m_rdma_cookie || rm->m_rdma_op) 877 if ((rm->m_rdma_cookie || rm->m_rdma_op)
878 && conn->c_trans->xmit_rdma == NULL) { 878 && conn->c_trans->xmit_rdma == NULL) {
879 if (printk_ratelimit()) 879 if (printk_ratelimit())
diff --git a/net/rfkill/rfkill-input.c b/net/rfkill/rfkill-input.c
index 84efde97c5a7..60a34f3b5f65 100644
--- a/net/rfkill/rfkill-input.c
+++ b/net/rfkill/rfkill-input.c
@@ -47,12 +47,6 @@ enum rfkill_global_sched_op {
47 RFKILL_GLOBAL_OP_UNBLOCK, 47 RFKILL_GLOBAL_OP_UNBLOCK,
48}; 48};
49 49
50/*
51 * Currently, the code marked with RFKILL_NEED_SWSET is inactive.
52 * If handling of EV_SW SW_WLAN/WWAN/BLUETOOTH/etc is needed in the
53 * future, when such events are added, that code will be necessary.
54 */
55
56struct rfkill_task { 50struct rfkill_task {
57 struct delayed_work dwork; 51 struct delayed_work dwork;
58 52
@@ -65,14 +59,6 @@ struct rfkill_task {
65 /* pending regular switch operations (1=pending) */ 59 /* pending regular switch operations (1=pending) */
66 unsigned long sw_pending[BITS_TO_LONGS(RFKILL_TYPE_MAX)]; 60 unsigned long sw_pending[BITS_TO_LONGS(RFKILL_TYPE_MAX)];
67 61
68#ifdef RFKILL_NEED_SWSET
69 /* set operation pending (1=pending) */
70 unsigned long sw_setpending[BITS_TO_LONGS(RFKILL_TYPE_MAX)];
71
72 /* desired state for pending set operation (1=unblock) */
73 unsigned long sw_newstate[BITS_TO_LONGS(RFKILL_TYPE_MAX)];
74#endif
75
76 /* should the state be complemented (1=yes) */ 62 /* should the state be complemented (1=yes) */
77 unsigned long sw_togglestate[BITS_TO_LONGS(RFKILL_TYPE_MAX)]; 63 unsigned long sw_togglestate[BITS_TO_LONGS(RFKILL_TYPE_MAX)];
78 64
@@ -111,24 +97,6 @@ static void __rfkill_handle_global_op(enum rfkill_global_sched_op op)
111 } 97 }
112} 98}
113 99
114#ifdef RFKILL_NEED_SWSET
115static void __rfkill_handle_normal_op(const enum rfkill_type type,
116 const bool sp, const bool s, const bool c)
117{
118 enum rfkill_state state;
119
120 if (sp)
121 state = (s) ? RFKILL_STATE_UNBLOCKED :
122 RFKILL_STATE_SOFT_BLOCKED;
123 else
124 state = rfkill_get_global_state(type);
125
126 if (c)
127 state = rfkill_state_complement(state);
128
129 rfkill_switch_all(type, state);
130}
131#else
132static void __rfkill_handle_normal_op(const enum rfkill_type type, 100static void __rfkill_handle_normal_op(const enum rfkill_type type,
133 const bool c) 101 const bool c)
134{ 102{
@@ -140,7 +108,6 @@ static void __rfkill_handle_normal_op(const enum rfkill_type type,
140 108
141 rfkill_switch_all(type, state); 109 rfkill_switch_all(type, state);
142} 110}
143#endif
144 111
145static void rfkill_task_handler(struct work_struct *work) 112static void rfkill_task_handler(struct work_struct *work)
146{ 113{
@@ -171,21 +138,11 @@ static void rfkill_task_handler(struct work_struct *work)
171 i < RFKILL_TYPE_MAX) { 138 i < RFKILL_TYPE_MAX) {
172 if (test_and_clear_bit(i, task->sw_pending)) { 139 if (test_and_clear_bit(i, task->sw_pending)) {
173 bool c; 140 bool c;
174#ifdef RFKILL_NEED_SWSET
175 bool sp, s;
176 sp = test_and_clear_bit(i,
177 task->sw_setpending);
178 s = test_bit(i, task->sw_newstate);
179#endif
180 c = test_and_clear_bit(i, 141 c = test_and_clear_bit(i,
181 task->sw_togglestate); 142 task->sw_togglestate);
182 spin_unlock_irq(&task->lock); 143 spin_unlock_irq(&task->lock);
183 144
184#ifdef RFKILL_NEED_SWSET
185 __rfkill_handle_normal_op(i, sp, s, c);
186#else
187 __rfkill_handle_normal_op(i, c); 145 __rfkill_handle_normal_op(i, c);
188#endif
189 146
190 spin_lock_irq(&task->lock); 147 spin_lock_irq(&task->lock);
191 } 148 }
@@ -238,32 +195,6 @@ static void rfkill_schedule_global_op(enum rfkill_global_sched_op op)
238 spin_unlock_irqrestore(&rfkill_task.lock, flags); 195 spin_unlock_irqrestore(&rfkill_task.lock, flags);
239} 196}
240 197
241#ifdef RFKILL_NEED_SWSET
242/* Use this if you need to add EV_SW SW_WLAN/WWAN/BLUETOOTH/etc handling */
243
244static void rfkill_schedule_set(enum rfkill_type type,
245 enum rfkill_state desired_state)
246{
247 unsigned long flags;
248
249 if (rfkill_is_epo_lock_active())
250 return;
251
252 spin_lock_irqsave(&rfkill_task.lock, flags);
253 if (!rfkill_task.global_op_pending) {
254 set_bit(type, rfkill_task.sw_pending);
255 set_bit(type, rfkill_task.sw_setpending);
256 clear_bit(type, rfkill_task.sw_togglestate);
257 if (desired_state)
258 set_bit(type, rfkill_task.sw_newstate);
259 else
260 clear_bit(type, rfkill_task.sw_newstate);
261 rfkill_schedule_ratelimited();
262 }
263 spin_unlock_irqrestore(&rfkill_task.lock, flags);
264}
265#endif
266
267static void rfkill_schedule_toggle(enum rfkill_type type) 198static void rfkill_schedule_toggle(enum rfkill_type type)
268{ 199{
269 unsigned long flags; 200 unsigned long flags;
diff --git a/net/rfkill/rfkill.c b/net/rfkill/rfkill.c
index 3eaa39403c13..4f5a83183c95 100644
--- a/net/rfkill/rfkill.c
+++ b/net/rfkill/rfkill.c
@@ -75,6 +75,11 @@ static void rfkill_led_trigger_activate(struct led_classdev *led)
75 75
76 rfkill_led_trigger(rfkill, rfkill->state); 76 rfkill_led_trigger(rfkill, rfkill->state);
77} 77}
78#else
79static inline void rfkill_led_trigger(struct rfkill *rfkill,
80 enum rfkill_state state)
81{
82}
78#endif /* CONFIG_RFKILL_LEDS */ 83#endif /* CONFIG_RFKILL_LEDS */
79 84
80static void rfkill_uevent(struct rfkill *rfkill) 85static void rfkill_uevent(struct rfkill *rfkill)
@@ -96,6 +101,7 @@ static void update_rfkill_state(struct rfkill *rfkill)
96 } 101 }
97 mutex_unlock(&rfkill->mutex); 102 mutex_unlock(&rfkill->mutex);
98 } 103 }
104 rfkill_led_trigger(rfkill, rfkill->state);
99} 105}
100 106
101/** 107/**
@@ -136,8 +142,9 @@ static int rfkill_toggle_radio(struct rfkill *rfkill,
136 oldstate = rfkill->state; 142 oldstate = rfkill->state;
137 143
138 if (rfkill->get_state && !force && 144 if (rfkill->get_state && !force &&
139 !rfkill->get_state(rfkill->data, &newstate)) 145 !rfkill->get_state(rfkill->data, &newstate)) {
140 rfkill->state = newstate; 146 rfkill->state = newstate;
147 }
141 148
142 switch (state) { 149 switch (state) {
143 case RFKILL_STATE_HARD_BLOCKED: 150 case RFKILL_STATE_HARD_BLOCKED:
@@ -172,6 +179,7 @@ static int rfkill_toggle_radio(struct rfkill *rfkill,
172 if (force || rfkill->state != oldstate) 179 if (force || rfkill->state != oldstate)
173 rfkill_uevent(rfkill); 180 rfkill_uevent(rfkill);
174 181
182 rfkill_led_trigger(rfkill, rfkill->state);
175 return retval; 183 return retval;
176} 184}
177 185
@@ -200,10 +208,11 @@ static void __rfkill_switch_all(const enum rfkill_type type,
200 208
201 rfkill_global_states[type].current_state = state; 209 rfkill_global_states[type].current_state = state;
202 list_for_each_entry(rfkill, &rfkill_list, node) { 210 list_for_each_entry(rfkill, &rfkill_list, node) {
203 if ((!rfkill->user_claim) && (rfkill->type == type)) { 211 if (rfkill->type == type) {
204 mutex_lock(&rfkill->mutex); 212 mutex_lock(&rfkill->mutex);
205 rfkill_toggle_radio(rfkill, state, 0); 213 rfkill_toggle_radio(rfkill, state, 0);
206 mutex_unlock(&rfkill->mutex); 214 mutex_unlock(&rfkill->mutex);
215 rfkill_led_trigger(rfkill, rfkill->state);
207 } 216 }
208 } 217 }
209} 218}
@@ -256,6 +265,7 @@ void rfkill_epo(void)
256 RFKILL_STATE_SOFT_BLOCKED; 265 RFKILL_STATE_SOFT_BLOCKED;
257 } 266 }
258 mutex_unlock(&rfkill_global_mutex); 267 mutex_unlock(&rfkill_global_mutex);
268 rfkill_led_trigger(rfkill, rfkill->state);
259} 269}
260EXPORT_SYMBOL_GPL(rfkill_epo); 270EXPORT_SYMBOL_GPL(rfkill_epo);
261 271
@@ -358,6 +368,7 @@ int rfkill_force_state(struct rfkill *rfkill, enum rfkill_state state)
358 rfkill_uevent(rfkill); 368 rfkill_uevent(rfkill);
359 369
360 mutex_unlock(&rfkill->mutex); 370 mutex_unlock(&rfkill->mutex);
371 rfkill_led_trigger(rfkill, rfkill->state);
361 372
362 return 0; 373 return 0;
363} 374}
@@ -447,53 +458,14 @@ static ssize_t rfkill_claim_show(struct device *dev,
447 struct device_attribute *attr, 458 struct device_attribute *attr,
448 char *buf) 459 char *buf)
449{ 460{
450 struct rfkill *rfkill = to_rfkill(dev); 461 return sprintf(buf, "%d\n", 0);
451
452 return sprintf(buf, "%d\n", rfkill->user_claim);
453} 462}
454 463
455static ssize_t rfkill_claim_store(struct device *dev, 464static ssize_t rfkill_claim_store(struct device *dev,
456 struct device_attribute *attr, 465 struct device_attribute *attr,
457 const char *buf, size_t count) 466 const char *buf, size_t count)
458{ 467{
459 struct rfkill *rfkill = to_rfkill(dev); 468 return -EOPNOTSUPP;
460 unsigned long claim_tmp;
461 bool claim;
462 int error;
463
464 if (!capable(CAP_NET_ADMIN))
465 return -EPERM;
466
467 if (rfkill->user_claim_unsupported)
468 return -EOPNOTSUPP;
469
470 error = strict_strtoul(buf, 0, &claim_tmp);
471 if (error)
472 return error;
473 claim = !!claim_tmp;
474
475 /*
476 * Take the global lock to make sure the kernel is not in
477 * the middle of rfkill_switch_all
478 */
479 error = mutex_lock_killable(&rfkill_global_mutex);
480 if (error)
481 return error;
482
483 if (rfkill->user_claim != claim) {
484 if (!claim && !rfkill_epo_lock_active) {
485 mutex_lock(&rfkill->mutex);
486 rfkill_toggle_radio(rfkill,
487 rfkill_global_states[rfkill->type].current_state,
488 0);
489 mutex_unlock(&rfkill->mutex);
490 }
491 rfkill->user_claim = claim;
492 }
493
494 mutex_unlock(&rfkill_global_mutex);
495
496 return error ? error : count;
497} 469}
498 470
499static struct device_attribute rfkill_dev_attrs[] = { 471static struct device_attribute rfkill_dev_attrs[] = {
@@ -559,6 +531,7 @@ static int rfkill_resume(struct device *dev)
559 1); 531 1);
560 532
561 mutex_unlock(&rfkill->mutex); 533 mutex_unlock(&rfkill->mutex);
534 rfkill_led_trigger(rfkill, rfkill->state);
562 } 535 }
563 536
564 return 0; 537 return 0;
diff --git a/net/sched/cls_cgroup.c b/net/sched/cls_cgroup.c
index 91a3db4a76f8..1ab4542e61e0 100644
--- a/net/sched/cls_cgroup.c
+++ b/net/sched/cls_cgroup.c
@@ -62,13 +62,7 @@ static u64 read_classid(struct cgroup *cgrp, struct cftype *cft)
62 62
63static int write_classid(struct cgroup *cgrp, struct cftype *cft, u64 value) 63static int write_classid(struct cgroup *cgrp, struct cftype *cft, u64 value)
64{ 64{
65 if (!cgroup_lock_live_group(cgrp))
66 return -ENODEV;
67
68 cgrp_cls_state(cgrp)->classid = (u32) value; 65 cgrp_cls_state(cgrp)->classid = (u32) value;
69
70 cgroup_unlock();
71
72 return 0; 66 return 0;
73} 67}
74 68
diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c
index 5f5efe4e6072..27d03816ec3e 100644
--- a/net/sched/sch_generic.c
+++ b/net/sched/sch_generic.c
@@ -196,6 +196,21 @@ void __qdisc_run(struct Qdisc *q)
196 clear_bit(__QDISC_STATE_RUNNING, &q->state); 196 clear_bit(__QDISC_STATE_RUNNING, &q->state);
197} 197}
198 198
199unsigned long dev_trans_start(struct net_device *dev)
200{
201 unsigned long val, res = dev->trans_start;
202 unsigned int i;
203
204 for (i = 0; i < dev->num_tx_queues; i++) {
205 val = netdev_get_tx_queue(dev, i)->trans_start;
206 if (val && time_after(val, res))
207 res = val;
208 }
209 dev->trans_start = res;
210 return res;
211}
212EXPORT_SYMBOL(dev_trans_start);
213
199static void dev_watchdog(unsigned long arg) 214static void dev_watchdog(unsigned long arg)
200{ 215{
201 struct net_device *dev = (struct net_device *)arg; 216 struct net_device *dev = (struct net_device *)arg;
@@ -205,25 +220,30 @@ static void dev_watchdog(unsigned long arg)
205 if (netif_device_present(dev) && 220 if (netif_device_present(dev) &&
206 netif_running(dev) && 221 netif_running(dev) &&
207 netif_carrier_ok(dev)) { 222 netif_carrier_ok(dev)) {
208 int some_queue_stopped = 0; 223 int some_queue_timedout = 0;
209 unsigned int i; 224 unsigned int i;
225 unsigned long trans_start;
210 226
211 for (i = 0; i < dev->num_tx_queues; i++) { 227 for (i = 0; i < dev->num_tx_queues; i++) {
212 struct netdev_queue *txq; 228 struct netdev_queue *txq;
213 229
214 txq = netdev_get_tx_queue(dev, i); 230 txq = netdev_get_tx_queue(dev, i);
215 if (netif_tx_queue_stopped(txq)) { 231 /*
216 some_queue_stopped = 1; 232 * old device drivers set dev->trans_start
233 */
234 trans_start = txq->trans_start ? : dev->trans_start;
235 if (netif_tx_queue_stopped(txq) &&
236 time_after(jiffies, (trans_start +
237 dev->watchdog_timeo))) {
238 some_queue_timedout = 1;
217 break; 239 break;
218 } 240 }
219 } 241 }
220 242
221 if (some_queue_stopped && 243 if (some_queue_timedout) {
222 time_after(jiffies, (dev->trans_start +
223 dev->watchdog_timeo))) {
224 char drivername[64]; 244 char drivername[64];
225 WARN_ONCE(1, KERN_INFO "NETDEV WATCHDOG: %s (%s): transmit timed out\n", 245 WARN_ONCE(1, KERN_INFO "NETDEV WATCHDOG: %s (%s): transmit queue %u timed out\n",
226 dev->name, netdev_drivername(dev, drivername, 64)); 246 dev->name, netdev_drivername(dev, drivername, 64), i);
227 dev->netdev_ops->ndo_tx_timeout(dev); 247 dev->netdev_ops->ndo_tx_timeout(dev);
228 } 248 }
229 if (!mod_timer(&dev->watchdog_timer, 249 if (!mod_timer(&dev->watchdog_timer,
@@ -602,8 +622,10 @@ static void transition_one_qdisc(struct net_device *dev,
602 clear_bit(__QDISC_STATE_DEACTIVATED, &new_qdisc->state); 622 clear_bit(__QDISC_STATE_DEACTIVATED, &new_qdisc->state);
603 623
604 rcu_assign_pointer(dev_queue->qdisc, new_qdisc); 624 rcu_assign_pointer(dev_queue->qdisc, new_qdisc);
605 if (need_watchdog_p && new_qdisc != &noqueue_qdisc) 625 if (need_watchdog_p && new_qdisc != &noqueue_qdisc) {
626 dev_queue->trans_start = 0;
606 *need_watchdog_p = 1; 627 *need_watchdog_p = 1;
628 }
607} 629}
608 630
609void dev_activate(struct net_device *dev) 631void dev_activate(struct net_device *dev)
diff --git a/net/sctp/output.c b/net/sctp/output.c
index 7d08f522ec84..f0c91df59d4e 100644
--- a/net/sctp/output.c
+++ b/net/sctp/output.c
@@ -412,6 +412,7 @@ int sctp_packet_transmit(struct sctp_packet *packet)
412 412
413 /* Build the SCTP header. */ 413 /* Build the SCTP header. */
414 sh = (struct sctphdr *)skb_push(nskb, sizeof(struct sctphdr)); 414 sh = (struct sctphdr *)skb_push(nskb, sizeof(struct sctphdr));
415 skb_reset_transport_header(nskb);
415 sh->source = htons(packet->source_port); 416 sh->source = htons(packet->source_port);
416 sh->dest = htons(packet->destination_port); 417 sh->dest = htons(packet->destination_port);
417 418
@@ -527,15 +528,25 @@ int sctp_packet_transmit(struct sctp_packet *packet)
527 * Note: Adler-32 is no longer applicable, as has been replaced 528 * Note: Adler-32 is no longer applicable, as has been replaced
528 * by CRC32-C as described in <draft-ietf-tsvwg-sctpcsum-02.txt>. 529 * by CRC32-C as described in <draft-ietf-tsvwg-sctpcsum-02.txt>.
529 */ 530 */
530 if (!sctp_checksum_disable && !(dst->dev->features & NETIF_F_NO_CSUM)) { 531 if (!sctp_checksum_disable &&
532 !(dst->dev->features & (NETIF_F_NO_CSUM | NETIF_F_SCTP_CSUM))) {
531 __u32 crc32 = sctp_start_cksum((__u8 *)sh, cksum_buf_len); 533 __u32 crc32 = sctp_start_cksum((__u8 *)sh, cksum_buf_len);
532 534
533 /* 3) Put the resultant value into the checksum field in the 535 /* 3) Put the resultant value into the checksum field in the
534 * common header, and leave the rest of the bits unchanged. 536 * common header, and leave the rest of the bits unchanged.
535 */ 537 */
536 sh->checksum = sctp_end_cksum(crc32); 538 sh->checksum = sctp_end_cksum(crc32);
537 } else 539 } else {
538 nskb->ip_summed = CHECKSUM_UNNECESSARY; 540 if (dst->dev->features & NETIF_F_SCTP_CSUM) {
541 /* no need to seed psuedo checksum for SCTP */
542 nskb->ip_summed = CHECKSUM_PARTIAL;
543 nskb->csum_start = (skb_transport_header(nskb) -
544 nskb->head);
545 nskb->csum_offset = offsetof(struct sctphdr, checksum);
546 } else {
547 nskb->ip_summed = CHECKSUM_UNNECESSARY;
548 }
549 }
539 550
540 /* IP layer ECN support 551 /* IP layer ECN support
541 * From RFC 2481 552 * From RFC 2481
diff --git a/net/tipc/eth_media.c b/net/tipc/eth_media.c
index f72ba774c246..524ba5696d4d 100644
--- a/net/tipc/eth_media.c
+++ b/net/tipc/eth_media.c
@@ -167,7 +167,7 @@ static int enable_bearer(struct tipc_bearer *tb_ptr)
167 tb_ptr->mtu = dev->mtu; 167 tb_ptr->mtu = dev->mtu;
168 tb_ptr->blocked = 0; 168 tb_ptr->blocked = 0;
169 tb_ptr->addr.type = htonl(TIPC_MEDIA_TYPE_ETH); 169 tb_ptr->addr.type = htonl(TIPC_MEDIA_TYPE_ETH);
170 memcpy(&tb_ptr->addr.dev_addr, &dev->dev_addr, ETH_ALEN); 170 memcpy(&tb_ptr->addr.dev_addr, dev->dev_addr, ETH_ALEN);
171 return 0; 171 return 0;
172} 172}
173 173
diff --git a/net/wimax/op-rfkill.c b/net/wimax/op-rfkill.c
index 2b75aee04217..a3616e2ccb8a 100644
--- a/net/wimax/op-rfkill.c
+++ b/net/wimax/op-rfkill.c
@@ -113,7 +113,7 @@ void wimax_report_rfkill_hw(struct wimax_dev *wimax_dev,
113 if (state != wimax_dev->rf_hw) { 113 if (state != wimax_dev->rf_hw) {
114 wimax_dev->rf_hw = state; 114 wimax_dev->rf_hw = state;
115 rfkill_state = state == WIMAX_RF_ON ? 115 rfkill_state = state == WIMAX_RF_ON ?
116 RFKILL_STATE_OFF : RFKILL_STATE_ON; 116 RFKILL_STATE_UNBLOCKED : RFKILL_STATE_SOFT_BLOCKED;
117 if (wimax_dev->rf_hw == WIMAX_RF_ON 117 if (wimax_dev->rf_hw == WIMAX_RF_ON
118 && wimax_dev->rf_sw == WIMAX_RF_ON) 118 && wimax_dev->rf_sw == WIMAX_RF_ON)
119 wimax_state = WIMAX_ST_READY; 119 wimax_state = WIMAX_ST_READY;
@@ -259,10 +259,10 @@ int wimax_rfkill_toggle_radio(void *data, enum rfkill_state state)
259 259
260 d_fnstart(3, dev, "(wimax_dev %p state %u)\n", wimax_dev, state); 260 d_fnstart(3, dev, "(wimax_dev %p state %u)\n", wimax_dev, state);
261 switch (state) { 261 switch (state) {
262 case RFKILL_STATE_ON: 262 case RFKILL_STATE_SOFT_BLOCKED:
263 rf_state = WIMAX_RF_OFF; 263 rf_state = WIMAX_RF_OFF;
264 break; 264 break;
265 case RFKILL_STATE_OFF: 265 case RFKILL_STATE_UNBLOCKED:
266 rf_state = WIMAX_RF_ON; 266 rf_state = WIMAX_RF_ON;
267 break; 267 break;
268 default: 268 default:
@@ -361,10 +361,9 @@ int wimax_rfkill_add(struct wimax_dev *wimax_dev)
361 wimax_dev->rfkill = rfkill; 361 wimax_dev->rfkill = rfkill;
362 362
363 rfkill->name = wimax_dev->name; 363 rfkill->name = wimax_dev->name;
364 rfkill->state = RFKILL_STATE_OFF; 364 rfkill->state = RFKILL_STATE_UNBLOCKED;
365 rfkill->data = wimax_dev; 365 rfkill->data = wimax_dev;
366 rfkill->toggle_radio = wimax_rfkill_toggle_radio; 366 rfkill->toggle_radio = wimax_rfkill_toggle_radio;
367 rfkill->user_claim_unsupported = 1;
368 367
369 /* Initialize the input device for the hw key */ 368 /* Initialize the input device for the hw key */
370 input_dev = input_allocate_device(); 369 input_dev = input_allocate_device();
diff --git a/net/wireless/Makefile b/net/wireless/Makefile
index 6d1e7b27b752..14ea01c4a103 100644
--- a/net/wireless/Makefile
+++ b/net/wireless/Makefile
@@ -5,7 +5,7 @@ obj-$(CONFIG_LIB80211_CRYPT_WEP) += lib80211_crypt_wep.o
5obj-$(CONFIG_LIB80211_CRYPT_CCMP) += lib80211_crypt_ccmp.o 5obj-$(CONFIG_LIB80211_CRYPT_CCMP) += lib80211_crypt_ccmp.o
6obj-$(CONFIG_LIB80211_CRYPT_TKIP) += lib80211_crypt_tkip.o 6obj-$(CONFIG_LIB80211_CRYPT_TKIP) += lib80211_crypt_tkip.o
7 7
8cfg80211-y += core.o sysfs.o radiotap.o util.o reg.o scan.o nl80211.o mlme.o 8cfg80211-y += core.o sysfs.o radiotap.o util.o reg.o scan.o nl80211.o mlme.o ibss.o
9cfg80211-$(CONFIG_WIRELESS_EXT) += wext-compat.o 9cfg80211-$(CONFIG_WIRELESS_EXT) += wext-compat.o
10 10
11ccflags-y += -D__CHECK_ENDIAN__ 11ccflags-y += -D__CHECK_ENDIAN__
diff --git a/net/wireless/core.c b/net/wireless/core.c
index d1f556535f6d..47c20eb0c04d 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * This is the linux wireless configuration interface. 2 * This is the linux wireless configuration interface.
3 * 3 *
4 * Copyright 2006-2008 Johannes Berg <johannes@sipsolutions.net> 4 * Copyright 2006-2009 Johannes Berg <johannes@sipsolutions.net>
5 */ 5 */
6 6
7#include <linux/if.h> 7#include <linux/if.h>
@@ -14,7 +14,6 @@
14#include <linux/device.h> 14#include <linux/device.h>
15#include <net/genetlink.h> 15#include <net/genetlink.h>
16#include <net/cfg80211.h> 16#include <net/cfg80211.h>
17#include <net/wireless.h>
18#include "nl80211.h" 17#include "nl80211.h"
19#include "core.h" 18#include "core.h"
20#include "sysfs.h" 19#include "sysfs.h"
@@ -274,6 +273,16 @@ struct wiphy *wiphy_new(struct cfg80211_ops *ops, int sizeof_priv)
274 drv->wiphy.dev.class = &ieee80211_class; 273 drv->wiphy.dev.class = &ieee80211_class;
275 drv->wiphy.dev.platform_data = drv; 274 drv->wiphy.dev.platform_data = drv;
276 275
276 /*
277 * Initialize wiphy parameters to IEEE 802.11 MIB default values.
278 * Fragmentation and RTS threshold are disabled by default with the
279 * special -1 value.
280 */
281 drv->wiphy.retry_short = 7;
282 drv->wiphy.retry_long = 4;
283 drv->wiphy.frag_threshold = (u32) -1;
284 drv->wiphy.rts_threshold = (u32) -1;
285
277 return &drv->wiphy; 286 return &drv->wiphy;
278} 287}
279EXPORT_SYMBOL(wiphy_new); 288EXPORT_SYMBOL(wiphy_new);
@@ -448,8 +457,28 @@ static int cfg80211_netdev_notifier_call(struct notifier_block * nb,
448 "symlink to netdev!\n"); 457 "symlink to netdev!\n");
449 } 458 }
450 dev->ieee80211_ptr->netdev = dev; 459 dev->ieee80211_ptr->netdev = dev;
460#ifdef CONFIG_WIRELESS_EXT
461 dev->ieee80211_ptr->wext.default_key = -1;
462 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
463#endif
451 mutex_unlock(&rdev->devlist_mtx); 464 mutex_unlock(&rdev->devlist_mtx);
452 break; 465 break;
466 case NETDEV_GOING_DOWN:
467 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
468 break;
469 if (!dev->ieee80211_ptr->ssid_len)
470 break;
471 cfg80211_leave_ibss(rdev, dev, true);
472 break;
473 case NETDEV_UP:
474#ifdef CONFIG_WIRELESS_EXT
475 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
476 break;
477 if (!dev->ieee80211_ptr->wext.ibss.ssid_len)
478 break;
479 cfg80211_join_ibss(rdev, dev, &dev->ieee80211_ptr->wext.ibss);
480 break;
481#endif
453 case NETDEV_UNREGISTER: 482 case NETDEV_UNREGISTER:
454 mutex_lock(&rdev->devlist_mtx); 483 mutex_lock(&rdev->devlist_mtx);
455 if (!list_empty(&dev->ieee80211_ptr->list)) { 484 if (!list_empty(&dev->ieee80211_ptr->list)) {
diff --git a/net/wireless/core.h b/net/wireless/core.h
index 0a592e4295f0..f14b6c5f4221 100644
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -1,7 +1,7 @@
1/* 1/*
2 * Wireless configuration interface internals. 2 * Wireless configuration interface internals.
3 * 3 *
4 * Copyright 2006, 2007 Johannes Berg <johannes@sipsolutions.net> 4 * Copyright 2006-2009 Johannes Berg <johannes@sipsolutions.net>
5 */ 5 */
6#ifndef __NET_WIRELESS_CORE_H 6#ifndef __NET_WIRELESS_CORE_H
7#define __NET_WIRELESS_CORE_H 7#define __NET_WIRELESS_CORE_H
@@ -10,9 +10,7 @@
10#include <linux/netdevice.h> 10#include <linux/netdevice.h>
11#include <linux/kref.h> 11#include <linux/kref.h>
12#include <linux/rbtree.h> 12#include <linux/rbtree.h>
13#include <linux/mutex.h>
14#include <net/genetlink.h> 13#include <net/genetlink.h>
15#include <net/wireless.h>
16#include <net/cfg80211.h> 14#include <net/cfg80211.h>
17#include "reg.h" 15#include "reg.h"
18 16
@@ -74,10 +72,7 @@ bool wiphy_idx_valid(int wiphy_idx)
74extern struct mutex cfg80211_mutex; 72extern struct mutex cfg80211_mutex;
75extern struct list_head cfg80211_drv_list; 73extern struct list_head cfg80211_drv_list;
76 74
77static inline void assert_cfg80211_lock(void) 75#define assert_cfg80211_lock() WARN_ON(!mutex_is_locked(&cfg80211_mutex))
78{
79 WARN_ON(!mutex_is_locked(&cfg80211_mutex));
80}
81 76
82/* 77/*
83 * You can use this to mark a wiphy_idx as not having an associated wiphy. 78 * You can use this to mark a wiphy_idx as not having an associated wiphy.
@@ -148,4 +143,16 @@ void cfg80211_bss_expire(struct cfg80211_registered_device *dev);
148void cfg80211_bss_age(struct cfg80211_registered_device *dev, 143void cfg80211_bss_age(struct cfg80211_registered_device *dev,
149 unsigned long age_secs); 144 unsigned long age_secs);
150 145
146/* IBSS */
147int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
148 struct net_device *dev,
149 struct cfg80211_ibss_params *params);
150void cfg80211_clear_ibss(struct net_device *dev, bool nowext);
151int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
152 struct net_device *dev, bool nowext);
153
154/* internal helpers */
155int cfg80211_validate_key_settings(struct key_params *params, int key_idx,
156 const u8 *mac_addr);
157
151#endif /* __NET_WIRELESS_CORE_H */ 158#endif /* __NET_WIRELESS_CORE_H */
diff --git a/net/wireless/ibss.c b/net/wireless/ibss.c
new file mode 100644
index 000000000000..a4a1c3498ff2
--- /dev/null
+++ b/net/wireless/ibss.c
@@ -0,0 +1,369 @@
1/*
2 * Some IBSS support code for cfg80211.
3 *
4 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
5 */
6
7#include <linux/etherdevice.h>
8#include <linux/if_arp.h>
9#include <net/cfg80211.h>
10#include "nl80211.h"
11
12
13void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp)
14{
15 struct wireless_dev *wdev = dev->ieee80211_ptr;
16 struct cfg80211_bss *bss;
17#ifdef CONFIG_WIRELESS_EXT
18 union iwreq_data wrqu;
19#endif
20
21 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
22 return;
23
24 if (WARN_ON(!wdev->ssid_len))
25 return;
26
27 if (memcmp(bssid, wdev->bssid, ETH_ALEN) == 0)
28 return;
29
30 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
31 wdev->ssid, wdev->ssid_len,
32 WLAN_CAPABILITY_IBSS, WLAN_CAPABILITY_IBSS);
33
34 if (WARN_ON(!bss))
35 return;
36
37 if (wdev->current_bss) {
38 cfg80211_unhold_bss(wdev->current_bss);
39 cfg80211_put_bss(wdev->current_bss);
40 }
41
42 cfg80211_hold_bss(bss);
43 wdev->current_bss = bss;
44 memcpy(wdev->bssid, bssid, ETH_ALEN);
45
46 nl80211_send_ibss_bssid(wiphy_to_dev(wdev->wiphy), dev, bssid, gfp);
47#ifdef CONFIG_WIRELESS_EXT
48 memset(&wrqu, 0, sizeof(wrqu));
49 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
50 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
51#endif
52}
53EXPORT_SYMBOL(cfg80211_ibss_joined);
54
55int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
56 struct net_device *dev,
57 struct cfg80211_ibss_params *params)
58{
59 struct wireless_dev *wdev = dev->ieee80211_ptr;
60 int err;
61
62 if (wdev->ssid_len)
63 return -EALREADY;
64
65#ifdef CONFIG_WIRELESS_EXT
66 wdev->wext.ibss.channel = params->channel;
67#endif
68 err = rdev->ops->join_ibss(&rdev->wiphy, dev, params);
69
70 if (err)
71 return err;
72
73 memcpy(wdev->ssid, params->ssid, params->ssid_len);
74 wdev->ssid_len = params->ssid_len;
75
76 return 0;
77}
78
79void cfg80211_clear_ibss(struct net_device *dev, bool nowext)
80{
81 struct wireless_dev *wdev = dev->ieee80211_ptr;
82
83 if (wdev->current_bss) {
84 cfg80211_unhold_bss(wdev->current_bss);
85 cfg80211_put_bss(wdev->current_bss);
86 }
87
88 wdev->current_bss = NULL;
89 wdev->ssid_len = 0;
90 memset(wdev->bssid, 0, ETH_ALEN);
91#ifdef CONFIG_WIRELESS_EXT
92 if (!nowext)
93 wdev->wext.ibss.ssid_len = 0;
94#endif
95}
96
97int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
98 struct net_device *dev, bool nowext)
99{
100 int err;
101
102 err = rdev->ops->leave_ibss(&rdev->wiphy, dev);
103
104 if (err)
105 return err;
106
107 cfg80211_clear_ibss(dev, nowext);
108
109 return 0;
110}
111
112#ifdef CONFIG_WIRELESS_EXT
113static int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev,
114 struct wireless_dev *wdev)
115{
116 enum ieee80211_band band;
117 int i;
118
119 if (!wdev->wext.ibss.beacon_interval)
120 wdev->wext.ibss.beacon_interval = 100;
121
122 /* try to find an IBSS channel if none requested ... */
123 if (!wdev->wext.ibss.channel) {
124 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
125 struct ieee80211_supported_band *sband;
126 struct ieee80211_channel *chan;
127
128 sband = rdev->wiphy.bands[band];
129 if (!sband)
130 continue;
131
132 for (i = 0; i < sband->n_channels; i++) {
133 chan = &sband->channels[i];
134 if (chan->flags & IEEE80211_CHAN_NO_IBSS)
135 continue;
136 if (chan->flags & IEEE80211_CHAN_DISABLED)
137 continue;
138 wdev->wext.ibss.channel = chan;
139 break;
140 }
141
142 if (wdev->wext.ibss.channel)
143 break;
144 }
145
146 if (!wdev->wext.ibss.channel)
147 return -EINVAL;
148 }
149
150 /* don't join -- SSID is not there */
151 if (!wdev->wext.ibss.ssid_len)
152 return 0;
153
154 if (!netif_running(wdev->netdev))
155 return 0;
156
157 return cfg80211_join_ibss(wiphy_to_dev(wdev->wiphy),
158 wdev->netdev, &wdev->wext.ibss);
159}
160
161int cfg80211_ibss_wext_siwfreq(struct net_device *dev,
162 struct iw_request_info *info,
163 struct iw_freq *freq, char *extra)
164{
165 struct wireless_dev *wdev = dev->ieee80211_ptr;
166 struct ieee80211_channel *chan;
167 int err;
168
169 /* call only for ibss! */
170 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
171 return -EINVAL;
172
173 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss)
174 return -EOPNOTSUPP;
175
176 chan = cfg80211_wext_freq(wdev->wiphy, freq);
177 if (chan && IS_ERR(chan))
178 return PTR_ERR(chan);
179
180 if (chan &&
181 (chan->flags & IEEE80211_CHAN_NO_IBSS ||
182 chan->flags & IEEE80211_CHAN_DISABLED))
183 return -EINVAL;
184
185 if (wdev->wext.ibss.channel == chan)
186 return 0;
187
188 if (wdev->ssid_len) {
189 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy),
190 dev, true);
191 if (err)
192 return err;
193 }
194
195 if (chan) {
196 wdev->wext.ibss.channel = chan;
197 wdev->wext.ibss.channel_fixed = true;
198 } else {
199 /* cfg80211_ibss_wext_join will pick one if needed */
200 wdev->wext.ibss.channel_fixed = false;
201 }
202
203 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev);
204}
205/* temporary symbol - mark GPL - in the future the handler won't be */
206EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwfreq);
207
208int cfg80211_ibss_wext_giwfreq(struct net_device *dev,
209 struct iw_request_info *info,
210 struct iw_freq *freq, char *extra)
211{
212 struct wireless_dev *wdev = dev->ieee80211_ptr;
213 struct ieee80211_channel *chan = NULL;
214
215 /* call only for ibss! */
216 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
217 return -EINVAL;
218
219 if (wdev->current_bss)
220 chan = wdev->current_bss->channel;
221 else if (wdev->wext.ibss.channel)
222 chan = wdev->wext.ibss.channel;
223
224 if (chan) {
225 freq->m = chan->center_freq;
226 freq->e = 6;
227 return 0;
228 }
229
230 /* no channel if not joining */
231 return -EINVAL;
232}
233/* temporary symbol - mark GPL - in the future the handler won't be */
234EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_giwfreq);
235
236int cfg80211_ibss_wext_siwessid(struct net_device *dev,
237 struct iw_request_info *info,
238 struct iw_point *data, char *ssid)
239{
240 struct wireless_dev *wdev = dev->ieee80211_ptr;
241 size_t len = data->length;
242 int err;
243
244 /* call only for ibss! */
245 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
246 return -EINVAL;
247
248 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss)
249 return -EOPNOTSUPP;
250
251 if (wdev->ssid_len) {
252 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy),
253 dev, true);
254 if (err)
255 return err;
256 }
257
258 /* iwconfig uses nul termination in SSID.. */
259 if (len > 0 && ssid[len - 1] == '\0')
260 len--;
261
262 wdev->wext.ibss.ssid = wdev->ssid;
263 memcpy(wdev->wext.ibss.ssid, ssid, len);
264 wdev->wext.ibss.ssid_len = len;
265
266 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev);
267}
268/* temporary symbol - mark GPL - in the future the handler won't be */
269EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwessid);
270
271int cfg80211_ibss_wext_giwessid(struct net_device *dev,
272 struct iw_request_info *info,
273 struct iw_point *data, char *ssid)
274{
275 struct wireless_dev *wdev = dev->ieee80211_ptr;
276
277 /* call only for ibss! */
278 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
279 return -EINVAL;
280
281 data->flags = 0;
282
283 if (wdev->ssid_len) {
284 data->flags = 1;
285 data->length = wdev->ssid_len;
286 memcpy(ssid, wdev->ssid, data->length);
287 } else if (wdev->wext.ibss.ssid && wdev->wext.ibss.ssid_len) {
288 data->flags = 1;
289 data->length = wdev->wext.ibss.ssid_len;
290 memcpy(ssid, wdev->wext.ibss.ssid, data->length);
291 }
292
293 return 0;
294}
295/* temporary symbol - mark GPL - in the future the handler won't be */
296EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_giwessid);
297
298int cfg80211_ibss_wext_siwap(struct net_device *dev,
299 struct iw_request_info *info,
300 struct sockaddr *ap_addr, char *extra)
301{
302 struct wireless_dev *wdev = dev->ieee80211_ptr;
303 u8 *bssid = ap_addr->sa_data;
304 int err;
305
306 /* call only for ibss! */
307 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
308 return -EINVAL;
309
310 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss)
311 return -EOPNOTSUPP;
312
313 if (ap_addr->sa_family != ARPHRD_ETHER)
314 return -EINVAL;
315
316 /* automatic mode */
317 if (is_zero_ether_addr(bssid) || is_broadcast_ether_addr(bssid))
318 bssid = NULL;
319
320 /* both automatic */
321 if (!bssid && !wdev->wext.ibss.bssid)
322 return 0;
323
324 /* fixed already - and no change */
325 if (wdev->wext.ibss.bssid && bssid &&
326 compare_ether_addr(bssid, wdev->wext.ibss.bssid) == 0)
327 return 0;
328
329 if (wdev->ssid_len) {
330 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy),
331 dev, true);
332 if (err)
333 return err;
334 }
335
336 if (bssid) {
337 memcpy(wdev->wext.bssid, bssid, ETH_ALEN);
338 wdev->wext.ibss.bssid = wdev->wext.bssid;
339 } else
340 wdev->wext.ibss.bssid = NULL;
341
342 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev);
343}
344/* temporary symbol - mark GPL - in the future the handler won't be */
345EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwap);
346
347int cfg80211_ibss_wext_giwap(struct net_device *dev,
348 struct iw_request_info *info,
349 struct sockaddr *ap_addr, char *extra)
350{
351 struct wireless_dev *wdev = dev->ieee80211_ptr;
352
353 /* call only for ibss! */
354 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
355 return -EINVAL;
356
357 ap_addr->sa_family = ARPHRD_ETHER;
358
359 if (wdev->wext.ibss.bssid) {
360 memcpy(ap_addr->sa_data, wdev->wext.ibss.bssid, ETH_ALEN);
361 return 0;
362 }
363
364 memcpy(ap_addr->sa_data, wdev->bssid, ETH_ALEN);
365 return 0;
366}
367/* temporary symbol - mark GPL - in the future the handler won't be */
368EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_giwap);
369#endif
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index bec5721b6f99..42184361a109 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -28,19 +28,55 @@ void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
28} 28}
29EXPORT_SYMBOL(cfg80211_send_rx_assoc); 29EXPORT_SYMBOL(cfg80211_send_rx_assoc);
30 30
31void cfg80211_send_rx_deauth(struct net_device *dev, const u8 *buf, size_t len) 31void cfg80211_send_deauth(struct net_device *dev, const u8 *buf, size_t len)
32{ 32{
33 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 33 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
34 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 34 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
35 nl80211_send_rx_deauth(rdev, dev, buf, len); 35 nl80211_send_deauth(rdev, dev, buf, len);
36} 36}
37EXPORT_SYMBOL(cfg80211_send_rx_deauth); 37EXPORT_SYMBOL(cfg80211_send_deauth);
38 38
39void cfg80211_send_rx_disassoc(struct net_device *dev, const u8 *buf, 39void cfg80211_send_disassoc(struct net_device *dev, const u8 *buf, size_t len)
40 size_t len)
41{ 40{
42 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 41 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
43 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 42 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
44 nl80211_send_rx_disassoc(rdev, dev, buf, len); 43 nl80211_send_disassoc(rdev, dev, buf, len);
45} 44}
46EXPORT_SYMBOL(cfg80211_send_rx_disassoc); 45EXPORT_SYMBOL(cfg80211_send_disassoc);
46
47static void cfg80211_wext_disconnected(struct net_device *dev)
48{
49#ifdef CONFIG_WIRELESS_EXT
50 union iwreq_data wrqu;
51 memset(&wrqu, 0, sizeof(wrqu));
52 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
53#endif
54}
55
56void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr)
57{
58 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
59 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
60 nl80211_send_auth_timeout(rdev, dev, addr);
61 cfg80211_wext_disconnected(dev);
62}
63EXPORT_SYMBOL(cfg80211_send_auth_timeout);
64
65void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr)
66{
67 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
68 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
69 nl80211_send_assoc_timeout(rdev, dev, addr);
70 cfg80211_wext_disconnected(dev);
71}
72EXPORT_SYMBOL(cfg80211_send_assoc_timeout);
73
74void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr,
75 enum nl80211_key_type key_type, int key_id,
76 const u8 *tsc)
77{
78 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
79 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
80 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc);
81}
82EXPORT_SYMBOL(cfg80211_michael_mic_failure);
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 2456e4ee445e..f0fec2f49828 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * This is the new netlink-based wireless configuration interface. 2 * This is the new netlink-based wireless configuration interface.
3 * 3 *
4 * Copyright 2006, 2007 Johannes Berg <johannes@sipsolutions.net> 4 * Copyright 2006-2009 Johannes Berg <johannes@sipsolutions.net>
5 */ 5 */
6 6
7#include <linux/if.h> 7#include <linux/if.h>
@@ -61,6 +61,10 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
61 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 61 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
62 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 62 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
63 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 63 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
64 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
65 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
66 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
67 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
64 68
65 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 69 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
66 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 70 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
@@ -116,8 +120,45 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
116 .len = IEEE80211_MAX_SSID_LEN }, 120 .len = IEEE80211_MAX_SSID_LEN },
117 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 121 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
118 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 122 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
123 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
124 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
125 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
126 [NL80211_ATTR_STA_FLAGS2] = {
127 .len = sizeof(struct nl80211_sta_flag_update),
128 },
129 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
119}; 130};
120 131
132/* IE validation */
133static bool is_valid_ie_attr(const struct nlattr *attr)
134{
135 const u8 *pos;
136 int len;
137
138 if (!attr)
139 return true;
140
141 pos = nla_data(attr);
142 len = nla_len(attr);
143
144 while (len) {
145 u8 elemlen;
146
147 if (len < 2)
148 return false;
149 len -= 2;
150
151 elemlen = pos[1];
152 if (elemlen > len)
153 return false;
154
155 len -= elemlen;
156 pos += 2 + elemlen;
157 }
158
159 return true;
160}
161
121/* message building helper */ 162/* message building helper */
122static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 163static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq,
123 int flags, u8 cmd) 164 int flags, u8 cmd)
@@ -126,6 +167,30 @@ static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq,
126 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 167 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd);
127} 168}
128 169
170static int nl80211_msg_put_channel(struct sk_buff *msg,
171 struct ieee80211_channel *chan)
172{
173 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ,
174 chan->center_freq);
175
176 if (chan->flags & IEEE80211_CHAN_DISABLED)
177 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED);
178 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)
179 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN);
180 if (chan->flags & IEEE80211_CHAN_NO_IBSS)
181 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS);
182 if (chan->flags & IEEE80211_CHAN_RADAR)
183 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR);
184
185 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
186 DBM_TO_MBM(chan->max_power));
187
188 return 0;
189
190 nla_put_failure:
191 return -ENOBUFS;
192}
193
129/* netlink command implementations */ 194/* netlink command implementations */
130 195
131static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 196static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
@@ -149,8 +214,24 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
149 214
150 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 215 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx);
151 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 216 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy));
217
218 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
219 dev->wiphy.retry_short);
220 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
221 dev->wiphy.retry_long);
222 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
223 dev->wiphy.frag_threshold);
224 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
225 dev->wiphy.rts_threshold);
226
152 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 227 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
153 dev->wiphy.max_scan_ssids); 228 dev->wiphy.max_scan_ssids);
229 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
230 dev->wiphy.max_scan_ie_len);
231
232 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES,
233 sizeof(u32) * dev->wiphy.n_cipher_suites,
234 dev->wiphy.cipher_suites);
154 235
155 nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES); 236 nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES);
156 if (!nl_modes) 237 if (!nl_modes)
@@ -202,20 +283,9 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
202 goto nla_put_failure; 283 goto nla_put_failure;
203 284
204 chan = &dev->wiphy.bands[band]->channels[i]; 285 chan = &dev->wiphy.bands[band]->channels[i];
205 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ,
206 chan->center_freq);
207 286
208 if (chan->flags & IEEE80211_CHAN_DISABLED) 287 if (nl80211_msg_put_channel(msg, chan))
209 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 288 goto nla_put_failure;
210 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)
211 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN);
212 if (chan->flags & IEEE80211_CHAN_NO_IBSS)
213 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS);
214 if (chan->flags & IEEE80211_CHAN_RADAR)
215 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR);
216
217 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
218 DBM_TO_MBM(chan->max_power));
219 289
220 nla_nest_end(msg, nl_freq); 290 nla_nest_end(msg, nl_freq);
221 } 291 }
@@ -273,6 +343,7 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
273 CMD(assoc, ASSOCIATE); 343 CMD(assoc, ASSOCIATE);
274 CMD(deauth, DEAUTHENTICATE); 344 CMD(deauth, DEAUTHENTICATE);
275 CMD(disassoc, DISASSOCIATE); 345 CMD(disassoc, DISASSOCIATE);
346 CMD(join_ibss, JOIN_IBSS);
276 347
277#undef CMD 348#undef CMD
278 nla_nest_end(msg, nl_cmds); 349 nla_nest_end(msg, nl_cmds);
@@ -365,6 +436,9 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
365 struct cfg80211_registered_device *rdev; 436 struct cfg80211_registered_device *rdev;
366 int result = 0, rem_txq_params = 0; 437 int result = 0, rem_txq_params = 0;
367 struct nlattr *nl_txq_params; 438 struct nlattr *nl_txq_params;
439 u32 changed;
440 u8 retry_short = 0, retry_long = 0;
441 u32 frag_threshold = 0, rts_threshold = 0;
368 442
369 rtnl_lock(); 443 rtnl_lock();
370 444
@@ -479,6 +553,84 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
479 goto bad_res; 553 goto bad_res;
480 } 554 }
481 555
556 changed = 0;
557
558 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
559 retry_short = nla_get_u8(
560 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
561 if (retry_short == 0) {
562 result = -EINVAL;
563 goto bad_res;
564 }
565 changed |= WIPHY_PARAM_RETRY_SHORT;
566 }
567
568 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
569 retry_long = nla_get_u8(
570 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
571 if (retry_long == 0) {
572 result = -EINVAL;
573 goto bad_res;
574 }
575 changed |= WIPHY_PARAM_RETRY_LONG;
576 }
577
578 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
579 frag_threshold = nla_get_u32(
580 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
581 if (frag_threshold < 256) {
582 result = -EINVAL;
583 goto bad_res;
584 }
585 if (frag_threshold != (u32) -1) {
586 /*
587 * Fragments (apart from the last one) are required to
588 * have even length. Make the fragmentation code
589 * simpler by stripping LSB should someone try to use
590 * odd threshold value.
591 */
592 frag_threshold &= ~0x1;
593 }
594 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
595 }
596
597 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
598 rts_threshold = nla_get_u32(
599 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
600 changed |= WIPHY_PARAM_RTS_THRESHOLD;
601 }
602
603 if (changed) {
604 u8 old_retry_short, old_retry_long;
605 u32 old_frag_threshold, old_rts_threshold;
606
607 if (!rdev->ops->set_wiphy_params) {
608 result = -EOPNOTSUPP;
609 goto bad_res;
610 }
611
612 old_retry_short = rdev->wiphy.retry_short;
613 old_retry_long = rdev->wiphy.retry_long;
614 old_frag_threshold = rdev->wiphy.frag_threshold;
615 old_rts_threshold = rdev->wiphy.rts_threshold;
616
617 if (changed & WIPHY_PARAM_RETRY_SHORT)
618 rdev->wiphy.retry_short = retry_short;
619 if (changed & WIPHY_PARAM_RETRY_LONG)
620 rdev->wiphy.retry_long = retry_long;
621 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
622 rdev->wiphy.frag_threshold = frag_threshold;
623 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
624 rdev->wiphy.rts_threshold = rts_threshold;
625
626 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed);
627 if (result) {
628 rdev->wiphy.retry_short = old_retry_short;
629 rdev->wiphy.retry_long = old_retry_long;
630 rdev->wiphy.frag_threshold = old_frag_threshold;
631 rdev->wiphy.rts_threshold = old_rts_threshold;
632 }
633 }
482 634
483 bad_res: 635 bad_res:
484 mutex_unlock(&rdev->mtx); 636 mutex_unlock(&rdev->mtx);
@@ -489,6 +641,7 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
489 641
490 642
491static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 643static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags,
644 struct cfg80211_registered_device *rdev,
492 struct net_device *dev) 645 struct net_device *dev)
493{ 646{
494 void *hdr; 647 void *hdr;
@@ -498,6 +651,7 @@ static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags,
498 return -1; 651 return -1;
499 652
500 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 653 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
654 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
501 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 655 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name);
502 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 656 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype);
503 return genlmsg_end(msg, hdr); 657 return genlmsg_end(msg, hdr);
@@ -532,7 +686,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *
532 } 686 }
533 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 687 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid,
534 cb->nlh->nlmsg_seq, NLM_F_MULTI, 688 cb->nlh->nlmsg_seq, NLM_F_MULTI,
535 wdev->netdev) < 0) { 689 dev, wdev->netdev) < 0) {
536 mutex_unlock(&dev->devlist_mtx); 690 mutex_unlock(&dev->devlist_mtx);
537 goto out; 691 goto out;
538 } 692 }
@@ -566,7 +720,8 @@ static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
566 if (!msg) 720 if (!msg)
567 goto out_err; 721 goto out_err;
568 722
569 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, netdev) < 0) 723 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0,
724 dev, netdev) < 0)
570 goto out_free; 725 goto out_free;
571 726
572 dev_put(netdev); 727 dev_put(netdev);
@@ -616,7 +771,7 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
616 struct cfg80211_registered_device *drv; 771 struct cfg80211_registered_device *drv;
617 struct vif_params params; 772 struct vif_params params;
618 int err, ifindex; 773 int err, ifindex;
619 enum nl80211_iftype type; 774 enum nl80211_iftype otype, ntype;
620 struct net_device *dev; 775 struct net_device *dev;
621 u32 _flags, *flags = NULL; 776 u32 _flags, *flags = NULL;
622 bool change = false; 777 bool change = false;
@@ -630,30 +785,27 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
630 goto unlock_rtnl; 785 goto unlock_rtnl;
631 786
632 ifindex = dev->ifindex; 787 ifindex = dev->ifindex;
633 type = dev->ieee80211_ptr->iftype; 788 otype = ntype = dev->ieee80211_ptr->iftype;
634 dev_put(dev); 789 dev_put(dev);
635 790
636 if (info->attrs[NL80211_ATTR_IFTYPE]) { 791 if (info->attrs[NL80211_ATTR_IFTYPE]) {
637 enum nl80211_iftype ntype;
638
639 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 792 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
640 if (type != ntype) 793 if (otype != ntype)
641 change = true; 794 change = true;
642 type = ntype; 795 if (ntype > NL80211_IFTYPE_MAX) {
643 if (type > NL80211_IFTYPE_MAX) {
644 err = -EINVAL; 796 err = -EINVAL;
645 goto unlock; 797 goto unlock;
646 } 798 }
647 } 799 }
648 800
649 if (!drv->ops->change_virtual_intf || 801 if (!drv->ops->change_virtual_intf ||
650 !(drv->wiphy.interface_modes & (1 << type))) { 802 !(drv->wiphy.interface_modes & (1 << ntype))) {
651 err = -EOPNOTSUPP; 803 err = -EOPNOTSUPP;
652 goto unlock; 804 goto unlock;
653 } 805 }
654 806
655 if (info->attrs[NL80211_ATTR_MESH_ID]) { 807 if (info->attrs[NL80211_ATTR_MESH_ID]) {
656 if (type != NL80211_IFTYPE_MESH_POINT) { 808 if (ntype != NL80211_IFTYPE_MESH_POINT) {
657 err = -EINVAL; 809 err = -EINVAL;
658 goto unlock; 810 goto unlock;
659 } 811 }
@@ -663,7 +815,7 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
663 } 815 }
664 816
665 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 817 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
666 if (type != NL80211_IFTYPE_MONITOR) { 818 if (ntype != NL80211_IFTYPE_MONITOR) {
667 err = -EINVAL; 819 err = -EINVAL;
668 goto unlock; 820 goto unlock;
669 } 821 }
@@ -678,12 +830,17 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
678 830
679 if (change) 831 if (change)
680 err = drv->ops->change_virtual_intf(&drv->wiphy, ifindex, 832 err = drv->ops->change_virtual_intf(&drv->wiphy, ifindex,
681 type, flags, &params); 833 ntype, flags, &params);
682 else 834 else
683 err = 0; 835 err = 0;
684 836
685 dev = __dev_get_by_index(&init_net, ifindex); 837 dev = __dev_get_by_index(&init_net, ifindex);
686 WARN_ON(!dev || (!err && dev->ieee80211_ptr->iftype != type)); 838 WARN_ON(!dev || (!err && dev->ieee80211_ptr->iftype != ntype));
839
840 if (dev && !err && (ntype != otype)) {
841 if (otype == NL80211_IFTYPE_ADHOC)
842 cfg80211_clear_ibss(dev, false);
843 }
687 844
688 unlock: 845 unlock:
689 cfg80211_put_dev(drv); 846 cfg80211_put_dev(drv);
@@ -920,6 +1077,14 @@ static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
920 } 1077 }
921 1078
922 err = func(&drv->wiphy, dev, key_idx); 1079 err = func(&drv->wiphy, dev, key_idx);
1080#ifdef CONFIG_WIRELESS_EXT
1081 if (!err) {
1082 if (func == drv->ops->set_default_key)
1083 dev->ieee80211_ptr->wext.default_key = key_idx;
1084 else
1085 dev->ieee80211_ptr->wext.default_mgmt_key = key_idx;
1086 }
1087#endif
923 1088
924 out: 1089 out:
925 cfg80211_put_dev(drv); 1090 cfg80211_put_dev(drv);
@@ -934,7 +1099,7 @@ static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
934static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1099static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
935{ 1100{
936 struct cfg80211_registered_device *drv; 1101 struct cfg80211_registered_device *drv;
937 int err; 1102 int err, i;
938 struct net_device *dev; 1103 struct net_device *dev;
939 struct key_params params; 1104 struct key_params params;
940 u8 key_idx = 0; 1105 u8 key_idx = 0;
@@ -950,6 +1115,11 @@ static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
950 params.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 1115 params.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
951 } 1116 }
952 1117
1118 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
1119 params.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
1120 params.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
1121 }
1122
953 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1123 if (info->attrs[NL80211_ATTR_KEY_IDX])
954 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1124 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
955 1125
@@ -958,44 +1128,8 @@ static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
958 if (info->attrs[NL80211_ATTR_MAC]) 1128 if (info->attrs[NL80211_ATTR_MAC])
959 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1129 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
960 1130
961 if (key_idx > 5) 1131 if (cfg80211_validate_key_settings(&params, key_idx, mac_addr))
962 return -EINVAL;
963
964 /*
965 * Disallow pairwise keys with non-zero index unless it's WEP
966 * (because current deployments use pairwise WEP keys with
967 * non-zero indizes but 802.11i clearly specifies to use zero)
968 */
969 if (mac_addr && key_idx &&
970 params.cipher != WLAN_CIPHER_SUITE_WEP40 &&
971 params.cipher != WLAN_CIPHER_SUITE_WEP104)
972 return -EINVAL;
973
974 /* TODO: add definitions for the lengths to linux/ieee80211.h */
975 switch (params.cipher) {
976 case WLAN_CIPHER_SUITE_WEP40:
977 if (params.key_len != 5)
978 return -EINVAL;
979 break;
980 case WLAN_CIPHER_SUITE_TKIP:
981 if (params.key_len != 32)
982 return -EINVAL;
983 break;
984 case WLAN_CIPHER_SUITE_CCMP:
985 if (params.key_len != 16)
986 return -EINVAL;
987 break;
988 case WLAN_CIPHER_SUITE_WEP104:
989 if (params.key_len != 13)
990 return -EINVAL;
991 break;
992 case WLAN_CIPHER_SUITE_AES_CMAC:
993 if (params.key_len != 16)
994 return -EINVAL;
995 break;
996 default:
997 return -EINVAL; 1132 return -EINVAL;
998 }
999 1133
1000 rtnl_lock(); 1134 rtnl_lock();
1001 1135
@@ -1003,6 +1137,14 @@ static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
1003 if (err) 1137 if (err)
1004 goto unlock_rtnl; 1138 goto unlock_rtnl;
1005 1139
1140 for (i = 0; i < drv->wiphy.n_cipher_suites; i++)
1141 if (params.cipher == drv->wiphy.cipher_suites[i])
1142 break;
1143 if (i == drv->wiphy.n_cipher_suites) {
1144 err = -EINVAL;
1145 goto out;
1146 }
1147
1006 if (!drv->ops->add_key) { 1148 if (!drv->ops->add_key) {
1007 err = -EOPNOTSUPP; 1149 err = -EOPNOTSUPP;
1008 goto out; 1150 goto out;
@@ -1049,6 +1191,15 @@ static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
1049 1191
1050 err = drv->ops->del_key(&drv->wiphy, dev, key_idx, mac_addr); 1192 err = drv->ops->del_key(&drv->wiphy, dev, key_idx, mac_addr);
1051 1193
1194#ifdef CONFIG_WIRELESS_EXT
1195 if (!err) {
1196 if (key_idx == dev->ieee80211_ptr->wext.default_key)
1197 dev->ieee80211_ptr->wext.default_key = -1;
1198 else if (key_idx == dev->ieee80211_ptr->wext.default_mgmt_key)
1199 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
1200 }
1201#endif
1202
1052 out: 1203 out:
1053 cfg80211_put_dev(drv); 1204 cfg80211_put_dev(drv);
1054 dev_put(dev); 1205 dev_put(dev);
@@ -1069,6 +1220,9 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1069 struct beacon_parameters params; 1220 struct beacon_parameters params;
1070 int haveinfo = 0; 1221 int haveinfo = 0;
1071 1222
1223 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]))
1224 return -EINVAL;
1225
1072 rtnl_lock(); 1226 rtnl_lock();
1073 1227
1074 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1228 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
@@ -1186,15 +1340,36 @@ static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
1186 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 1340 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
1187 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 1341 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
1188 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 1342 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
1343 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
1189}; 1344};
1190 1345
1191static int parse_station_flags(struct nlattr *nla, u32 *staflags) 1346static int parse_station_flags(struct genl_info *info,
1347 struct station_parameters *params)
1192{ 1348{
1193 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 1349 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
1350 struct nlattr *nla;
1194 int flag; 1351 int flag;
1195 1352
1196 *staflags = 0; 1353 /*
1354 * Try parsing the new attribute first so userspace
1355 * can specify both for older kernels.
1356 */
1357 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
1358 if (nla) {
1359 struct nl80211_sta_flag_update *sta_flags;
1360
1361 sta_flags = nla_data(nla);
1362 params->sta_flags_mask = sta_flags->mask;
1363 params->sta_flags_set = sta_flags->set;
1364 if ((params->sta_flags_mask |
1365 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
1366 return -EINVAL;
1367 return 0;
1368 }
1369
1370 /* if present, parse the old attribute */
1197 1371
1372 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
1198 if (!nla) 1373 if (!nla)
1199 return 0; 1374 return 0;
1200 1375
@@ -1202,11 +1377,12 @@ static int parse_station_flags(struct nlattr *nla, u32 *staflags)
1202 nla, sta_flags_policy)) 1377 nla, sta_flags_policy))
1203 return -EINVAL; 1378 return -EINVAL;
1204 1379
1205 *staflags = STATION_FLAG_CHANGED; 1380 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1;
1381 params->sta_flags_mask &= ~1;
1206 1382
1207 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 1383 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++)
1208 if (flags[flag]) 1384 if (flags[flag])
1209 *staflags |= (1<<flag); 1385 params->sta_flags_set |= (1<<flag);
1210 1386
1211 return 0; 1387 return 0;
1212} 1388}
@@ -1502,8 +1678,7 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1502 params.ht_capa = 1678 params.ht_capa =
1503 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 1679 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
1504 1680
1505 if (parse_station_flags(info->attrs[NL80211_ATTR_STA_FLAGS], 1681 if (parse_station_flags(info, &params))
1506 &params.station_flags))
1507 return -EINVAL; 1682 return -EINVAL;
1508 1683
1509 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 1684 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
@@ -1572,8 +1747,7 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1572 params.ht_capa = 1747 params.ht_capa =
1573 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 1748 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
1574 1749
1575 if (parse_station_flags(info->attrs[NL80211_ATTR_STA_FLAGS], 1750 if (parse_station_flags(info, &params))
1576 &params.station_flags))
1577 return -EINVAL; 1751 return -EINVAL;
1578 1752
1579 rtnl_lock(); 1753 rtnl_lock();
@@ -1582,6 +1756,12 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1582 if (err) 1756 if (err)
1583 goto out_rtnl; 1757 goto out_rtnl;
1584 1758
1759 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
1760 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN) {
1761 err = -EINVAL;
1762 goto out;
1763 }
1764
1585 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], drv, &params.vlan); 1765 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], drv, &params.vlan);
1586 if (err) 1766 if (err)
1587 goto out; 1767 goto out;
@@ -1625,6 +1805,12 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1625 if (err) 1805 if (err)
1626 goto out_rtnl; 1806 goto out_rtnl;
1627 1807
1808 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
1809 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN) {
1810 err = -EINVAL;
1811 goto out;
1812 }
1813
1628 if (!drv->ops->del_station) { 1814 if (!drv->ops->del_station) {
1629 err = -EOPNOTSUPP; 1815 err = -EOPNOTSUPP;
1630 goto out; 1816 goto out;
@@ -2442,6 +2628,9 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2442 enum ieee80211_band band; 2628 enum ieee80211_band band;
2443 size_t ie_len; 2629 size_t ie_len;
2444 2630
2631 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
2632 return -EINVAL;
2633
2445 rtnl_lock(); 2634 rtnl_lock();
2446 2635
2447 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2636 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
@@ -2492,6 +2681,11 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2492 else 2681 else
2493 ie_len = 0; 2682 ie_len = 0;
2494 2683
2684 if (ie_len > wiphy->max_scan_ie_len) {
2685 err = -EINVAL;
2686 goto out;
2687 }
2688
2495 request = kzalloc(sizeof(*request) 2689 request = kzalloc(sizeof(*request)
2496 + sizeof(*ssid) * n_ssids 2690 + sizeof(*ssid) * n_ssids
2497 + sizeof(channel) * n_channels 2691 + sizeof(channel) * n_channels
@@ -2554,7 +2748,8 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2554 2748
2555 if (info->attrs[NL80211_ATTR_IE]) { 2749 if (info->attrs[NL80211_ATTR_IE]) {
2556 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2750 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
2557 memcpy(request->ie, nla_data(info->attrs[NL80211_ATTR_IE]), 2751 memcpy((void *)request->ie,
2752 nla_data(info->attrs[NL80211_ATTR_IE]),
2558 request->ie_len); 2753 request->ie_len);
2559 } 2754 }
2560 2755
@@ -2710,6 +2905,15 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
2710 struct wiphy *wiphy; 2905 struct wiphy *wiphy;
2711 int err; 2906 int err;
2712 2907
2908 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
2909 return -EINVAL;
2910
2911 if (!info->attrs[NL80211_ATTR_MAC])
2912 return -EINVAL;
2913
2914 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
2915 return -EINVAL;
2916
2713 rtnl_lock(); 2917 rtnl_lock();
2714 2918
2715 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2919 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
@@ -2731,11 +2935,6 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
2731 goto out; 2935 goto out;
2732 } 2936 }
2733 2937
2734 if (!info->attrs[NL80211_ATTR_MAC]) {
2735 err = -EINVAL;
2736 goto out;
2737 }
2738
2739 wiphy = &drv->wiphy; 2938 wiphy = &drv->wiphy;
2740 memset(&req, 0, sizeof(req)); 2939 memset(&req, 0, sizeof(req));
2741 2940
@@ -2761,13 +2960,10 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
2761 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2960 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
2762 } 2961 }
2763 2962
2764 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 2963 req.auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
2765 req.auth_type = 2964 if (!nl80211_valid_auth_type(req.auth_type)) {
2766 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 2965 err = -EINVAL;
2767 if (!nl80211_valid_auth_type(req.auth_type)) { 2966 goto out;
2768 err = -EINVAL;
2769 goto out;
2770 }
2771 } 2967 }
2772 2968
2773 err = drv->ops->auth(&drv->wiphy, dev, &req); 2969 err = drv->ops->auth(&drv->wiphy, dev, &req);
@@ -2788,6 +2984,13 @@ static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
2788 struct wiphy *wiphy; 2984 struct wiphy *wiphy;
2789 int err; 2985 int err;
2790 2986
2987 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
2988 return -EINVAL;
2989
2990 if (!info->attrs[NL80211_ATTR_MAC] ||
2991 !info->attrs[NL80211_ATTR_SSID])
2992 return -EINVAL;
2993
2791 rtnl_lock(); 2994 rtnl_lock();
2792 2995
2793 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2996 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
@@ -2809,12 +3012,6 @@ static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
2809 goto out; 3012 goto out;
2810 } 3013 }
2811 3014
2812 if (!info->attrs[NL80211_ATTR_MAC] ||
2813 !info->attrs[NL80211_ATTR_SSID]) {
2814 err = -EINVAL;
2815 goto out;
2816 }
2817
2818 wiphy = &drv->wiphy; 3015 wiphy = &drv->wiphy;
2819 memset(&req, 0, sizeof(req)); 3016 memset(&req, 0, sizeof(req));
2820 3017
@@ -2838,6 +3035,19 @@ static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
2838 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3035 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
2839 } 3036 }
2840 3037
3038 if (info->attrs[NL80211_ATTR_USE_MFP]) {
3039 enum nl80211_mfp use_mfp =
3040 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
3041 if (use_mfp == NL80211_MFP_REQUIRED)
3042 req.use_mfp = true;
3043 else if (use_mfp != NL80211_MFP_NO) {
3044 err = -EINVAL;
3045 goto out;
3046 }
3047 }
3048
3049 req.control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
3050
2841 err = drv->ops->assoc(&drv->wiphy, dev, &req); 3051 err = drv->ops->assoc(&drv->wiphy, dev, &req);
2842 3052
2843out: 3053out:
@@ -2856,6 +3066,15 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
2856 struct wiphy *wiphy; 3066 struct wiphy *wiphy;
2857 int err; 3067 int err;
2858 3068
3069 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3070 return -EINVAL;
3071
3072 if (!info->attrs[NL80211_ATTR_MAC])
3073 return -EINVAL;
3074
3075 if (!info->attrs[NL80211_ATTR_REASON_CODE])
3076 return -EINVAL;
3077
2859 rtnl_lock(); 3078 rtnl_lock();
2860 3079
2861 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3080 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
@@ -2877,24 +3096,16 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
2877 goto out; 3096 goto out;
2878 } 3097 }
2879 3098
2880 if (!info->attrs[NL80211_ATTR_MAC]) {
2881 err = -EINVAL;
2882 goto out;
2883 }
2884
2885 wiphy = &drv->wiphy; 3099 wiphy = &drv->wiphy;
2886 memset(&req, 0, sizeof(req)); 3100 memset(&req, 0, sizeof(req));
2887 3101
2888 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 3102 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2889 3103
2890 if (info->attrs[NL80211_ATTR_REASON_CODE]) { 3104 req.reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
2891 req.reason_code = 3105 if (req.reason_code == 0) {
2892 nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3106 /* Reason Code 0 is reserved */
2893 if (req.reason_code == 0) { 3107 err = -EINVAL;
2894 /* Reason Code 0 is reserved */ 3108 goto out;
2895 err = -EINVAL;
2896 goto out;
2897 }
2898 } 3109 }
2899 3110
2900 if (info->attrs[NL80211_ATTR_IE]) { 3111 if (info->attrs[NL80211_ATTR_IE]) {
@@ -2920,6 +3131,15 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
2920 struct wiphy *wiphy; 3131 struct wiphy *wiphy;
2921 int err; 3132 int err;
2922 3133
3134 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3135 return -EINVAL;
3136
3137 if (!info->attrs[NL80211_ATTR_MAC])
3138 return -EINVAL;
3139
3140 if (!info->attrs[NL80211_ATTR_REASON_CODE])
3141 return -EINVAL;
3142
2923 rtnl_lock(); 3143 rtnl_lock();
2924 3144
2925 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3145 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
@@ -2941,24 +3161,16 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
2941 goto out; 3161 goto out;
2942 } 3162 }
2943 3163
2944 if (!info->attrs[NL80211_ATTR_MAC]) {
2945 err = -EINVAL;
2946 goto out;
2947 }
2948
2949 wiphy = &drv->wiphy; 3164 wiphy = &drv->wiphy;
2950 memset(&req, 0, sizeof(req)); 3165 memset(&req, 0, sizeof(req));
2951 3166
2952 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 3167 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2953 3168
2954 if (info->attrs[NL80211_ATTR_REASON_CODE]) { 3169 req.reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
2955 req.reason_code = 3170 if (req.reason_code == 0) {
2956 nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3171 /* Reason Code 0 is reserved */
2957 if (req.reason_code == 0) { 3172 err = -EINVAL;
2958 /* Reason Code 0 is reserved */ 3173 goto out;
2959 err = -EINVAL;
2960 goto out;
2961 }
2962 } 3174 }
2963 3175
2964 if (info->attrs[NL80211_ATTR_IE]) { 3176 if (info->attrs[NL80211_ATTR_IE]) {
@@ -2976,6 +3188,124 @@ unlock_rtnl:
2976 return err; 3188 return err;
2977} 3189}
2978 3190
3191static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3192{
3193 struct cfg80211_registered_device *drv;
3194 struct net_device *dev;
3195 struct cfg80211_ibss_params ibss;
3196 struct wiphy *wiphy;
3197 int err;
3198
3199 memset(&ibss, 0, sizeof(ibss));
3200
3201 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3202 return -EINVAL;
3203
3204 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
3205 !info->attrs[NL80211_ATTR_SSID] ||
3206 !nla_len(info->attrs[NL80211_ATTR_SSID]))
3207 return -EINVAL;
3208
3209 ibss.beacon_interval = 100;
3210
3211 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
3212 ibss.beacon_interval =
3213 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
3214 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000)
3215 return -EINVAL;
3216 }
3217
3218 rtnl_lock();
3219
3220 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
3221 if (err)
3222 goto unlock_rtnl;
3223
3224 if (!drv->ops->join_ibss) {
3225 err = -EOPNOTSUPP;
3226 goto out;
3227 }
3228
3229 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) {
3230 err = -EOPNOTSUPP;
3231 goto out;
3232 }
3233
3234 if (!netif_running(dev)) {
3235 err = -ENETDOWN;
3236 goto out;
3237 }
3238
3239 wiphy = &drv->wiphy;
3240
3241 if (info->attrs[NL80211_ATTR_MAC])
3242 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3243 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3244 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3245
3246 if (info->attrs[NL80211_ATTR_IE]) {
3247 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3248 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3249 }
3250
3251 ibss.channel = ieee80211_get_channel(wiphy,
3252 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3253 if (!ibss.channel ||
3254 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS ||
3255 ibss.channel->flags & IEEE80211_CHAN_DISABLED) {
3256 err = -EINVAL;
3257 goto out;
3258 }
3259
3260 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
3261
3262 err = cfg80211_join_ibss(drv, dev, &ibss);
3263
3264out:
3265 cfg80211_put_dev(drv);
3266 dev_put(dev);
3267unlock_rtnl:
3268 rtnl_unlock();
3269 return err;
3270}
3271
3272static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
3273{
3274 struct cfg80211_registered_device *drv;
3275 struct net_device *dev;
3276 int err;
3277
3278 rtnl_lock();
3279
3280 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
3281 if (err)
3282 goto unlock_rtnl;
3283
3284 if (!drv->ops->leave_ibss) {
3285 err = -EOPNOTSUPP;
3286 goto out;
3287 }
3288
3289 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) {
3290 err = -EOPNOTSUPP;
3291 goto out;
3292 }
3293
3294 if (!netif_running(dev)) {
3295 err = -ENETDOWN;
3296 goto out;
3297 }
3298
3299 err = cfg80211_leave_ibss(drv, dev, false);
3300
3301out:
3302 cfg80211_put_dev(drv);
3303 dev_put(dev);
3304unlock_rtnl:
3305 rtnl_unlock();
3306 return err;
3307}
3308
2979static struct genl_ops nl80211_ops[] = { 3309static struct genl_ops nl80211_ops[] = {
2980 { 3310 {
2981 .cmd = NL80211_CMD_GET_WIPHY, 3311 .cmd = NL80211_CMD_GET_WIPHY,
@@ -3177,6 +3507,18 @@ static struct genl_ops nl80211_ops[] = {
3177 .policy = nl80211_policy, 3507 .policy = nl80211_policy,
3178 .flags = GENL_ADMIN_PERM, 3508 .flags = GENL_ADMIN_PERM,
3179 }, 3509 },
3510 {
3511 .cmd = NL80211_CMD_JOIN_IBSS,
3512 .doit = nl80211_join_ibss,
3513 .policy = nl80211_policy,
3514 .flags = GENL_ADMIN_PERM,
3515 },
3516 {
3517 .cmd = NL80211_CMD_LEAVE_IBSS,
3518 .doit = nl80211_leave_ibss,
3519 .policy = nl80211_policy,
3520 .flags = GENL_ADMIN_PERM,
3521 },
3180}; 3522};
3181static struct genl_multicast_group nl80211_mlme_mcgrp = { 3523static struct genl_multicast_group nl80211_mlme_mcgrp = {
3182 .name = "mlme", 3524 .name = "mlme",
@@ -3375,22 +3717,197 @@ void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
3375 nl80211_send_mlme_event(rdev, netdev, buf, len, NL80211_CMD_ASSOCIATE); 3717 nl80211_send_mlme_event(rdev, netdev, buf, len, NL80211_CMD_ASSOCIATE);
3376} 3718}
3377 3719
3378void nl80211_send_rx_deauth(struct cfg80211_registered_device *rdev, 3720void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
3379 struct net_device *netdev, const u8 *buf, 3721 struct net_device *netdev, const u8 *buf, size_t len)
3380 size_t len)
3381{ 3722{
3382 nl80211_send_mlme_event(rdev, netdev, buf, len, 3723 nl80211_send_mlme_event(rdev, netdev, buf, len,
3383 NL80211_CMD_DEAUTHENTICATE); 3724 NL80211_CMD_DEAUTHENTICATE);
3384} 3725}
3385 3726
3386void nl80211_send_rx_disassoc(struct cfg80211_registered_device *rdev, 3727void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
3387 struct net_device *netdev, const u8 *buf, 3728 struct net_device *netdev, const u8 *buf,
3388 size_t len) 3729 size_t len)
3389{ 3730{
3390 nl80211_send_mlme_event(rdev, netdev, buf, len, 3731 nl80211_send_mlme_event(rdev, netdev, buf, len,
3391 NL80211_CMD_DISASSOCIATE); 3732 NL80211_CMD_DISASSOCIATE);
3392} 3733}
3393 3734
3735static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
3736 struct net_device *netdev, int cmd,
3737 const u8 *addr)
3738{
3739 struct sk_buff *msg;
3740 void *hdr;
3741
3742 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_ATOMIC);
3743 if (!msg)
3744 return;
3745
3746 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
3747 if (!hdr) {
3748 nlmsg_free(msg);
3749 return;
3750 }
3751
3752 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
3753 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
3754 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT);
3755 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3756
3757 if (genlmsg_end(msg, hdr) < 0) {
3758 nlmsg_free(msg);
3759 return;
3760 }
3761
3762 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_ATOMIC);
3763 return;
3764
3765 nla_put_failure:
3766 genlmsg_cancel(msg, hdr);
3767 nlmsg_free(msg);
3768}
3769
3770void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
3771 struct net_device *netdev, const u8 *addr)
3772{
3773 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
3774 addr);
3775}
3776
3777void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
3778 struct net_device *netdev, const u8 *addr)
3779{
3780 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, addr);
3781}
3782
3783void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
3784 struct net_device *netdev, const u8 *bssid,
3785 gfp_t gfp)
3786{
3787 struct sk_buff *msg;
3788 void *hdr;
3789
3790 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
3791 if (!msg)
3792 return;
3793
3794 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
3795 if (!hdr) {
3796 nlmsg_free(msg);
3797 return;
3798 }
3799
3800 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
3801 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
3802 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
3803
3804 if (genlmsg_end(msg, hdr) < 0) {
3805 nlmsg_free(msg);
3806 return;
3807 }
3808
3809 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
3810 return;
3811
3812 nla_put_failure:
3813 genlmsg_cancel(msg, hdr);
3814 nlmsg_free(msg);
3815}
3816
3817void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
3818 struct net_device *netdev, const u8 *addr,
3819 enum nl80211_key_type key_type, int key_id,
3820 const u8 *tsc)
3821{
3822 struct sk_buff *msg;
3823 void *hdr;
3824
3825 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
3826 if (!msg)
3827 return;
3828
3829 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
3830 if (!hdr) {
3831 nlmsg_free(msg);
3832 return;
3833 }
3834
3835 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
3836 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
3837 if (addr)
3838 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
3839 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type);
3840 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id);
3841 if (tsc)
3842 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc);
3843
3844 if (genlmsg_end(msg, hdr) < 0) {
3845 nlmsg_free(msg);
3846 return;
3847 }
3848
3849 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_KERNEL);
3850 return;
3851
3852 nla_put_failure:
3853 genlmsg_cancel(msg, hdr);
3854 nlmsg_free(msg);
3855}
3856
3857void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
3858 struct ieee80211_channel *channel_before,
3859 struct ieee80211_channel *channel_after)
3860{
3861 struct sk_buff *msg;
3862 void *hdr;
3863 struct nlattr *nl_freq;
3864
3865 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_ATOMIC);
3866 if (!msg)
3867 return;
3868
3869 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
3870 if (!hdr) {
3871 nlmsg_free(msg);
3872 return;
3873 }
3874
3875 /*
3876 * Since we are applying the beacon hint to a wiphy we know its
3877 * wiphy_idx is valid
3878 */
3879 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy));
3880
3881 /* Before */
3882 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE);
3883 if (!nl_freq)
3884 goto nla_put_failure;
3885 if (nl80211_msg_put_channel(msg, channel_before))
3886 goto nla_put_failure;
3887 nla_nest_end(msg, nl_freq);
3888
3889 /* After */
3890 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER);
3891 if (!nl_freq)
3892 goto nla_put_failure;
3893 if (nl80211_msg_put_channel(msg, channel_after))
3894 goto nla_put_failure;
3895 nla_nest_end(msg, nl_freq);
3896
3897 if (genlmsg_end(msg, hdr) < 0) {
3898 nlmsg_free(msg);
3899 return;
3900 }
3901
3902 genlmsg_multicast(msg, 0, nl80211_regulatory_mcgrp.id, GFP_ATOMIC);
3903
3904 return;
3905
3906nla_put_failure:
3907 genlmsg_cancel(msg, hdr);
3908 nlmsg_free(msg);
3909}
3910
3394/* initialisation/exit functions */ 3911/* initialisation/exit functions */
3395 3912
3396int nl80211_init(void) 3913int nl80211_init(void)
diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h
index b77af4ab80be..5c12ad13499b 100644
--- a/net/wireless/nl80211.h
+++ b/net/wireless/nl80211.h
@@ -17,11 +17,31 @@ extern void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
17extern void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 17extern void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
18 struct net_device *netdev, 18 struct net_device *netdev,
19 const u8 *buf, size_t len); 19 const u8 *buf, size_t len);
20extern void nl80211_send_rx_deauth(struct cfg80211_registered_device *rdev, 20extern void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
21 struct net_device *netdev, 21 struct net_device *netdev,
22 const u8 *buf, size_t len); 22 const u8 *buf, size_t len);
23extern void nl80211_send_rx_disassoc(struct cfg80211_registered_device *rdev, 23extern void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
24 struct net_device *netdev, 24 struct net_device *netdev,
25 const u8 *buf, size_t len); 25 const u8 *buf, size_t len);
26extern void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
27 struct net_device *netdev,
28 const u8 *addr);
29extern void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
30 struct net_device *netdev,
31 const u8 *addr);
32extern void
33nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
34 struct net_device *netdev, const u8 *addr,
35 enum nl80211_key_type key_type,
36 int key_id, const u8 *tsc);
37
38extern void
39nl80211_send_beacon_hint_event(struct wiphy *wiphy,
40 struct ieee80211_channel *channel_before,
41 struct ieee80211_channel *channel_after);
42
43void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
44 struct net_device *netdev, const u8 *bssid,
45 gfp_t gfp);
26 46
27#endif /* __NET_WIRELESS_NL80211_H */ 47#endif /* __NET_WIRELESS_NL80211_H */
diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index 08265ca15785..537af62ec42b 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -37,7 +37,6 @@
37#include <linux/random.h> 37#include <linux/random.h>
38#include <linux/nl80211.h> 38#include <linux/nl80211.h>
39#include <linux/platform_device.h> 39#include <linux/platform_device.h>
40#include <net/wireless.h>
41#include <net/cfg80211.h> 40#include <net/cfg80211.h>
42#include "core.h" 41#include "core.h"
43#include "reg.h" 42#include "reg.h"
@@ -1050,18 +1049,10 @@ static void handle_reg_beacon(struct wiphy *wiphy,
1050 unsigned int chan_idx, 1049 unsigned int chan_idx,
1051 struct reg_beacon *reg_beacon) 1050 struct reg_beacon *reg_beacon)
1052{ 1051{
1053#ifdef CONFIG_CFG80211_REG_DEBUG
1054#define REG_DEBUG_BEACON_FLAG(desc) \
1055 printk(KERN_DEBUG "cfg80211: Enabling " desc " on " \
1056 "frequency: %d MHz (Ch %d) on %s\n", \
1057 reg_beacon->chan.center_freq, \
1058 ieee80211_frequency_to_channel(reg_beacon->chan.center_freq), \
1059 wiphy_name(wiphy));
1060#else
1061#define REG_DEBUG_BEACON_FLAG(desc) do {} while (0)
1062#endif
1063 struct ieee80211_supported_band *sband; 1052 struct ieee80211_supported_band *sband;
1064 struct ieee80211_channel *chan; 1053 struct ieee80211_channel *chan;
1054 bool channel_changed = false;
1055 struct ieee80211_channel chan_before;
1065 1056
1066 assert_cfg80211_lock(); 1057 assert_cfg80211_lock();
1067 1058
@@ -1071,18 +1062,28 @@ static void handle_reg_beacon(struct wiphy *wiphy,
1071 if (likely(chan->center_freq != reg_beacon->chan.center_freq)) 1062 if (likely(chan->center_freq != reg_beacon->chan.center_freq))
1072 return; 1063 return;
1073 1064
1074 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) { 1065 if (chan->beacon_found)
1066 return;
1067
1068 chan->beacon_found = true;
1069
1070 chan_before.center_freq = chan->center_freq;
1071 chan_before.flags = chan->flags;
1072
1073 if ((chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) &&
1074 !(chan->orig_flags & IEEE80211_CHAN_PASSIVE_SCAN)) {
1075 chan->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN; 1075 chan->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN;
1076 REG_DEBUG_BEACON_FLAG("active scanning"); 1076 channel_changed = true;
1077 } 1077 }
1078 1078
1079 if (chan->flags & IEEE80211_CHAN_NO_IBSS) { 1079 if ((chan->flags & IEEE80211_CHAN_NO_IBSS) &&
1080 !(chan->orig_flags & IEEE80211_CHAN_NO_IBSS)) {
1080 chan->flags &= ~IEEE80211_CHAN_NO_IBSS; 1081 chan->flags &= ~IEEE80211_CHAN_NO_IBSS;
1081 REG_DEBUG_BEACON_FLAG("beaconing"); 1082 channel_changed = true;
1082 } 1083 }
1083 1084
1084 chan->beacon_found = true; 1085 if (channel_changed)
1085#undef REG_DEBUG_BEACON_FLAG 1086 nl80211_send_beacon_hint_event(wiphy, &chan_before, chan);
1086} 1087}
1087 1088
1088/* 1089/*
@@ -2112,14 +2113,14 @@ void reg_device_remove(struct wiphy *wiphy)
2112 2113
2113 assert_cfg80211_lock(); 2114 assert_cfg80211_lock();
2114 2115
2116 kfree(wiphy->regd);
2117
2115 if (last_request) 2118 if (last_request)
2116 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 2119 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
2117 2120
2118 kfree(wiphy->regd); 2121 if (!request_wiphy || request_wiphy != wiphy)
2119 if (!last_request || !request_wiphy)
2120 return;
2121 if (request_wiphy != wiphy)
2122 return; 2122 return;
2123
2123 last_request->wiphy_idx = WIPHY_IDX_STALE; 2124 last_request->wiphy_idx = WIPHY_IDX_STALE;
2124 last_request->country_ie_env = ENVIRON_ANY; 2125 last_request->country_ie_env = ENVIRON_ANY;
2125} 2126}
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index 1f260c40b6ca..df59440290e5 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -377,18 +377,16 @@ cfg80211_bss_update(struct cfg80211_registered_device *dev,
377 size_t used = dev->wiphy.bss_priv_size + sizeof(*res); 377 size_t used = dev->wiphy.bss_priv_size + sizeof(*res);
378 size_t ielen = res->pub.len_information_elements; 378 size_t ielen = res->pub.len_information_elements;
379 379
380 if (ksize(found) >= used + ielen) { 380 if (!found->ies_allocated && ksize(found) >= used + ielen) {
381 memcpy(found->pub.information_elements, 381 memcpy(found->pub.information_elements,
382 res->pub.information_elements, ielen); 382 res->pub.information_elements, ielen);
383 found->pub.len_information_elements = ielen; 383 found->pub.len_information_elements = ielen;
384 } else { 384 } else {
385 u8 *ies = found->pub.information_elements; 385 u8 *ies = found->pub.information_elements;
386 386
387 if (found->ies_allocated) { 387 if (found->ies_allocated)
388 if (ksize(ies) < ielen) 388 ies = krealloc(ies, ielen, GFP_ATOMIC);
389 ies = krealloc(ies, ielen, 389 else
390 GFP_ATOMIC);
391 } else
392 ies = kmalloc(ielen, GFP_ATOMIC); 390 ies = kmalloc(ielen, GFP_ATOMIC);
393 391
394 if (ies) { 392 if (ies) {
@@ -415,6 +413,55 @@ cfg80211_bss_update(struct cfg80211_registered_device *dev,
415 return found; 413 return found;
416} 414}
417 415
416struct cfg80211_bss*
417cfg80211_inform_bss(struct wiphy *wiphy,
418 struct ieee80211_channel *channel,
419 const u8 *bssid,
420 u64 timestamp, u16 capability, u16 beacon_interval,
421 const u8 *ie, size_t ielen,
422 s32 signal, gfp_t gfp)
423{
424 struct cfg80211_internal_bss *res;
425 size_t privsz;
426
427 if (WARN_ON(!wiphy))
428 return NULL;
429
430 privsz = wiphy->bss_priv_size;
431
432 if (WARN_ON(wiphy->signal_type == NL80211_BSS_SIGNAL_UNSPEC &&
433 (signal < 0 || signal > 100)))
434 return NULL;
435
436 res = kzalloc(sizeof(*res) + privsz + ielen, gfp);
437 if (!res)
438 return NULL;
439
440 memcpy(res->pub.bssid, bssid, ETH_ALEN);
441 res->pub.channel = channel;
442 res->pub.signal = signal;
443 res->pub.tsf = timestamp;
444 res->pub.beacon_interval = beacon_interval;
445 res->pub.capability = capability;
446 /* point to after the private area */
447 res->pub.information_elements = (u8 *)res + sizeof(*res) + privsz;
448 memcpy(res->pub.information_elements, ie, ielen);
449 res->pub.len_information_elements = ielen;
450
451 kref_init(&res->ref);
452
453 res = cfg80211_bss_update(wiphy_to_dev(wiphy), res, 0);
454 if (!res)
455 return NULL;
456
457 if (res->pub.capability & WLAN_CAPABILITY_ESS)
458 regulatory_hint_found_beacon(wiphy, channel, gfp);
459
460 /* cfg80211_bss_update gives us a referenced result */
461 return &res->pub;
462}
463EXPORT_SYMBOL(cfg80211_inform_bss);
464
418struct cfg80211_bss * 465struct cfg80211_bss *
419cfg80211_inform_bss_frame(struct wiphy *wiphy, 466cfg80211_inform_bss_frame(struct wiphy *wiphy,
420 struct ieee80211_channel *channel, 467 struct ieee80211_channel *channel,
@@ -605,7 +652,7 @@ int cfg80211_wext_siwscan(struct net_device *dev,
605 cfg80211_put_dev(rdev); 652 cfg80211_put_dev(rdev);
606 return err; 653 return err;
607} 654}
608EXPORT_SYMBOL(cfg80211_wext_siwscan); 655EXPORT_SYMBOL_GPL(cfg80211_wext_siwscan);
609 656
610static void ieee80211_scan_add_ies(struct iw_request_info *info, 657static void ieee80211_scan_add_ies(struct iw_request_info *info,
611 struct cfg80211_bss *bss, 658 struct cfg80211_bss *bss,
@@ -914,5 +961,5 @@ int cfg80211_wext_giwscan(struct net_device *dev,
914 cfg80211_put_dev(rdev); 961 cfg80211_put_dev(rdev);
915 return res; 962 return res;
916} 963}
917EXPORT_SYMBOL(cfg80211_wext_giwscan); 964EXPORT_SYMBOL_GPL(cfg80211_wext_giwscan);
918#endif 965#endif
diff --git a/net/wireless/util.c b/net/wireless/util.c
index 487cdd9bcffc..beb226e78cd7 100644
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -1,10 +1,10 @@
1/* 1/*
2 * Wireless utility functions 2 * Wireless utility functions
3 * 3 *
4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net> 4 * Copyright 2007-2009 Johannes Berg <johannes@sipsolutions.net>
5 */ 5 */
6#include <net/wireless.h> 6#include <linux/bitops.h>
7#include <asm/bitops.h> 7#include <net/cfg80211.h>
8#include "core.h" 8#include "core.h"
9 9
10struct ieee80211_rate * 10struct ieee80211_rate *
@@ -138,3 +138,48 @@ void ieee80211_set_bitrate_flags(struct wiphy *wiphy)
138 if (wiphy->bands[band]) 138 if (wiphy->bands[band])
139 set_mandatory_flags_band(wiphy->bands[band], band); 139 set_mandatory_flags_band(wiphy->bands[band], band);
140} 140}
141
142int cfg80211_validate_key_settings(struct key_params *params, int key_idx,
143 const u8 *mac_addr)
144{
145 if (key_idx > 5)
146 return -EINVAL;
147
148 /*
149 * Disallow pairwise keys with non-zero index unless it's WEP
150 * (because current deployments use pairwise WEP keys with
151 * non-zero indizes but 802.11i clearly specifies to use zero)
152 */
153 if (mac_addr && key_idx &&
154 params->cipher != WLAN_CIPHER_SUITE_WEP40 &&
155 params->cipher != WLAN_CIPHER_SUITE_WEP104)
156 return -EINVAL;
157
158 /* TODO: add definitions for the lengths to linux/ieee80211.h */
159 switch (params->cipher) {
160 case WLAN_CIPHER_SUITE_WEP40:
161 if (params->key_len != 5)
162 return -EINVAL;
163 break;
164 case WLAN_CIPHER_SUITE_TKIP:
165 if (params->key_len != 32)
166 return -EINVAL;
167 break;
168 case WLAN_CIPHER_SUITE_CCMP:
169 if (params->key_len != 16)
170 return -EINVAL;
171 break;
172 case WLAN_CIPHER_SUITE_WEP104:
173 if (params->key_len != 13)
174 return -EINVAL;
175 break;
176 case WLAN_CIPHER_SUITE_AES_CMAC:
177 if (params->key_len != 16)
178 return -EINVAL;
179 break;
180 default:
181 return -EINVAL;
182 }
183
184 return 0;
185}
diff --git a/net/wireless/wext-compat.c b/net/wireless/wext-compat.c
index 0fd1db6e95bb..f98090b90fbf 100644
--- a/net/wireless/wext-compat.c
+++ b/net/wireless/wext-compat.c
@@ -5,13 +5,14 @@
5 * into cfg80211, when that happens all the exports here go away and 5 * into cfg80211, when that happens all the exports here go away and
6 * we directly assign the wireless handlers of wireless interfaces. 6 * we directly assign the wireless handlers of wireless interfaces.
7 * 7 *
8 * Copyright 2008 Johannes Berg <johannes@sipsolutions.net> 8 * Copyright 2008-2009 Johannes Berg <johannes@sipsolutions.net>
9 */ 9 */
10 10
11#include <linux/wireless.h> 11#include <linux/wireless.h>
12#include <linux/nl80211.h> 12#include <linux/nl80211.h>
13#include <linux/if_arp.h>
14#include <linux/etherdevice.h>
13#include <net/iw_handler.h> 15#include <net/iw_handler.h>
14#include <net/wireless.h>
15#include <net/cfg80211.h> 16#include <net/cfg80211.h>
16#include "core.h" 17#include "core.h"
17 18
@@ -57,7 +58,7 @@ int cfg80211_wext_giwname(struct net_device *dev,
57 58
58 return 0; 59 return 0;
59} 60}
60EXPORT_SYMBOL(cfg80211_wext_giwname); 61EXPORT_SYMBOL_GPL(cfg80211_wext_giwname);
61 62
62int cfg80211_wext_siwmode(struct net_device *dev, struct iw_request_info *info, 63int cfg80211_wext_siwmode(struct net_device *dev, struct iw_request_info *info,
63 u32 *mode, char *extra) 64 u32 *mode, char *extra)
@@ -108,7 +109,7 @@ int cfg80211_wext_siwmode(struct net_device *dev, struct iw_request_info *info,
108 109
109 return ret; 110 return ret;
110} 111}
111EXPORT_SYMBOL(cfg80211_wext_siwmode); 112EXPORT_SYMBOL_GPL(cfg80211_wext_siwmode);
112 113
113int cfg80211_wext_giwmode(struct net_device *dev, struct iw_request_info *info, 114int cfg80211_wext_giwmode(struct net_device *dev, struct iw_request_info *info,
114 u32 *mode, char *extra) 115 u32 *mode, char *extra)
@@ -143,7 +144,7 @@ int cfg80211_wext_giwmode(struct net_device *dev, struct iw_request_info *info,
143 } 144 }
144 return 0; 145 return 0;
145} 146}
146EXPORT_SYMBOL(cfg80211_wext_giwmode); 147EXPORT_SYMBOL_GPL(cfg80211_wext_giwmode);
147 148
148 149
149int cfg80211_wext_giwrange(struct net_device *dev, 150int cfg80211_wext_giwrange(struct net_device *dev,
@@ -206,7 +207,6 @@ int cfg80211_wext_giwrange(struct net_device *dev,
206 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 | 207 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
207 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP; 208 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;
208 209
209
210 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) { 210 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) {
211 int i; 211 int i;
212 struct ieee80211_supported_band *sband; 212 struct ieee80211_supported_band *sband;
@@ -240,4 +240,500 @@ int cfg80211_wext_giwrange(struct net_device *dev,
240 240
241 return 0; 241 return 0;
242} 242}
243EXPORT_SYMBOL(cfg80211_wext_giwrange); 243EXPORT_SYMBOL_GPL(cfg80211_wext_giwrange);
244
245int cfg80211_wext_siwmlme(struct net_device *dev,
246 struct iw_request_info *info,
247 struct iw_point *data, char *extra)
248{
249 struct wireless_dev *wdev = dev->ieee80211_ptr;
250 struct iw_mlme *mlme = (struct iw_mlme *)extra;
251 struct cfg80211_registered_device *rdev;
252 union {
253 struct cfg80211_disassoc_request disassoc;
254 struct cfg80211_deauth_request deauth;
255 } cmd;
256
257 if (!wdev)
258 return -EOPNOTSUPP;
259
260 rdev = wiphy_to_dev(wdev->wiphy);
261
262 if (wdev->iftype != NL80211_IFTYPE_STATION)
263 return -EINVAL;
264
265 if (mlme->addr.sa_family != ARPHRD_ETHER)
266 return -EINVAL;
267
268 memset(&cmd, 0, sizeof(cmd));
269
270 switch (mlme->cmd) {
271 case IW_MLME_DEAUTH:
272 if (!rdev->ops->deauth)
273 return -EOPNOTSUPP;
274 cmd.deauth.peer_addr = mlme->addr.sa_data;
275 cmd.deauth.reason_code = mlme->reason_code;
276 return rdev->ops->deauth(wdev->wiphy, dev, &cmd.deauth);
277 case IW_MLME_DISASSOC:
278 if (!rdev->ops->disassoc)
279 return -EOPNOTSUPP;
280 cmd.disassoc.peer_addr = mlme->addr.sa_data;
281 cmd.disassoc.reason_code = mlme->reason_code;
282 return rdev->ops->disassoc(wdev->wiphy, dev, &cmd.disassoc);
283 default:
284 return -EOPNOTSUPP;
285 }
286}
287EXPORT_SYMBOL_GPL(cfg80211_wext_siwmlme);
288
289
290/**
291 * cfg80211_wext_freq - get wext frequency for non-"auto"
292 * @wiphy: the wiphy
293 * @freq: the wext freq encoding
294 *
295 * Returns a channel, %NULL for auto, or an ERR_PTR for errors!
296 */
297struct ieee80211_channel *cfg80211_wext_freq(struct wiphy *wiphy,
298 struct iw_freq *freq)
299{
300 struct ieee80211_channel *chan;
301 int f;
302
303 /*
304 * Parse frequency - return NULL for auto and
305 * -EINVAL for impossible things.
306 */
307 if (freq->e == 0) {
308 if (freq->m < 0)
309 return NULL;
310 f = ieee80211_channel_to_frequency(freq->m);
311 } else {
312 int i, div = 1000000;
313 for (i = 0; i < freq->e; i++)
314 div /= 10;
315 if (div <= 0)
316 return ERR_PTR(-EINVAL);
317 f = freq->m / div;
318 }
319
320 /*
321 * Look up channel struct and return -EINVAL when
322 * it cannot be found.
323 */
324 chan = ieee80211_get_channel(wiphy, f);
325 if (!chan)
326 return ERR_PTR(-EINVAL);
327 return chan;
328}
329EXPORT_SYMBOL_GPL(cfg80211_wext_freq);
330
331int cfg80211_wext_siwrts(struct net_device *dev,
332 struct iw_request_info *info,
333 struct iw_param *rts, char *extra)
334{
335 struct wireless_dev *wdev = dev->ieee80211_ptr;
336 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
337 u32 orts = wdev->wiphy->rts_threshold;
338 int err;
339
340 if (rts->disabled || !rts->fixed)
341 wdev->wiphy->rts_threshold = (u32) -1;
342 else if (rts->value < 0)
343 return -EINVAL;
344 else
345 wdev->wiphy->rts_threshold = rts->value;
346
347 err = rdev->ops->set_wiphy_params(wdev->wiphy,
348 WIPHY_PARAM_RTS_THRESHOLD);
349 if (err)
350 wdev->wiphy->rts_threshold = orts;
351
352 return err;
353}
354EXPORT_SYMBOL_GPL(cfg80211_wext_siwrts);
355
356int cfg80211_wext_giwrts(struct net_device *dev,
357 struct iw_request_info *info,
358 struct iw_param *rts, char *extra)
359{
360 struct wireless_dev *wdev = dev->ieee80211_ptr;
361
362 rts->value = wdev->wiphy->rts_threshold;
363 rts->disabled = rts->value == (u32) -1;
364 rts->fixed = 1;
365
366 return 0;
367}
368EXPORT_SYMBOL_GPL(cfg80211_wext_giwrts);
369
370int cfg80211_wext_siwfrag(struct net_device *dev,
371 struct iw_request_info *info,
372 struct iw_param *frag, char *extra)
373{
374 struct wireless_dev *wdev = dev->ieee80211_ptr;
375 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
376 u32 ofrag = wdev->wiphy->frag_threshold;
377 int err;
378
379 if (frag->disabled || !frag->fixed)
380 wdev->wiphy->frag_threshold = (u32) -1;
381 else if (frag->value < 256)
382 return -EINVAL;
383 else {
384 /* Fragment length must be even, so strip LSB. */
385 wdev->wiphy->frag_threshold = frag->value & ~0x1;
386 }
387
388 err = rdev->ops->set_wiphy_params(wdev->wiphy,
389 WIPHY_PARAM_FRAG_THRESHOLD);
390 if (err)
391 wdev->wiphy->frag_threshold = ofrag;
392
393 return err;
394}
395EXPORT_SYMBOL_GPL(cfg80211_wext_siwfrag);
396
397int cfg80211_wext_giwfrag(struct net_device *dev,
398 struct iw_request_info *info,
399 struct iw_param *frag, char *extra)
400{
401 struct wireless_dev *wdev = dev->ieee80211_ptr;
402
403 frag->value = wdev->wiphy->frag_threshold;
404 frag->disabled = frag->value == (u32) -1;
405 frag->fixed = 1;
406
407 return 0;
408}
409EXPORT_SYMBOL_GPL(cfg80211_wext_giwfrag);
410
411int cfg80211_wext_siwretry(struct net_device *dev,
412 struct iw_request_info *info,
413 struct iw_param *retry, char *extra)
414{
415 struct wireless_dev *wdev = dev->ieee80211_ptr;
416 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
417 u32 changed = 0;
418 u8 olong = wdev->wiphy->retry_long;
419 u8 oshort = wdev->wiphy->retry_short;
420 int err;
421
422 if (retry->disabled ||
423 (retry->flags & IW_RETRY_TYPE) != IW_RETRY_LIMIT)
424 return -EINVAL;
425
426 if (retry->flags & IW_RETRY_LONG) {
427 wdev->wiphy->retry_long = retry->value;
428 changed |= WIPHY_PARAM_RETRY_LONG;
429 } else if (retry->flags & IW_RETRY_SHORT) {
430 wdev->wiphy->retry_short = retry->value;
431 changed |= WIPHY_PARAM_RETRY_SHORT;
432 } else {
433 wdev->wiphy->retry_short = retry->value;
434 wdev->wiphy->retry_long = retry->value;
435 changed |= WIPHY_PARAM_RETRY_LONG;
436 changed |= WIPHY_PARAM_RETRY_SHORT;
437 }
438
439 if (!changed)
440 return 0;
441
442 err = rdev->ops->set_wiphy_params(wdev->wiphy, changed);
443 if (err) {
444 wdev->wiphy->retry_short = oshort;
445 wdev->wiphy->retry_long = olong;
446 }
447
448 return err;
449}
450EXPORT_SYMBOL_GPL(cfg80211_wext_siwretry);
451
452int cfg80211_wext_giwretry(struct net_device *dev,
453 struct iw_request_info *info,
454 struct iw_param *retry, char *extra)
455{
456 struct wireless_dev *wdev = dev->ieee80211_ptr;
457
458 retry->disabled = 0;
459
460 if (retry->flags == 0 || (retry->flags & IW_RETRY_SHORT)) {
461 /*
462 * First return short value, iwconfig will ask long value
463 * later if needed
464 */
465 retry->flags |= IW_RETRY_LIMIT;
466 retry->value = wdev->wiphy->retry_short;
467 if (wdev->wiphy->retry_long != wdev->wiphy->retry_short)
468 retry->flags |= IW_RETRY_LONG;
469
470 return 0;
471 }
472
473 if (retry->flags & IW_RETRY_LONG) {
474 retry->flags = IW_RETRY_LIMIT | IW_RETRY_LONG;
475 retry->value = wdev->wiphy->retry_long;
476 }
477
478 return 0;
479}
480EXPORT_SYMBOL_GPL(cfg80211_wext_giwretry);
481
482static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
483 struct net_device *dev, const u8 *addr,
484 bool remove, bool tx_key, int idx,
485 struct key_params *params)
486{
487 struct wireless_dev *wdev = dev->ieee80211_ptr;
488 int err;
489
490 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
491 if (!rdev->ops->set_default_mgmt_key)
492 return -EOPNOTSUPP;
493
494 if (idx < 4 || idx > 5)
495 return -EINVAL;
496 } else if (idx < 0 || idx > 3)
497 return -EINVAL;
498
499 if (remove) {
500 err = rdev->ops->del_key(&rdev->wiphy, dev, idx, addr);
501 if (!err) {
502 if (idx == wdev->wext.default_key)
503 wdev->wext.default_key = -1;
504 else if (idx == wdev->wext.default_mgmt_key)
505 wdev->wext.default_mgmt_key = -1;
506 }
507 return err;
508 } else {
509 if (addr)
510 tx_key = false;
511
512 if (cfg80211_validate_key_settings(params, idx, addr))
513 return -EINVAL;
514
515 err = rdev->ops->add_key(&rdev->wiphy, dev, idx, addr, params);
516 if (err)
517 return err;
518
519 if (tx_key || (!addr && wdev->wext.default_key == -1)) {
520 err = rdev->ops->set_default_key(&rdev->wiphy,
521 dev, idx);
522 if (!err)
523 wdev->wext.default_key = idx;
524 return err;
525 }
526
527 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC &&
528 (tx_key || (!addr && wdev->wext.default_mgmt_key == -1))) {
529 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy,
530 dev, idx);
531 if (!err)
532 wdev->wext.default_mgmt_key = idx;
533 return err;
534 }
535
536 return 0;
537 }
538}
539
540int cfg80211_wext_siwencode(struct net_device *dev,
541 struct iw_request_info *info,
542 struct iw_point *erq, char *keybuf)
543{
544 struct wireless_dev *wdev = dev->ieee80211_ptr;
545 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
546 int idx, err;
547 bool remove = false;
548 struct key_params params;
549
550 /* no use -- only MFP (set_default_mgmt_key) is optional */
551 if (!rdev->ops->del_key ||
552 !rdev->ops->add_key ||
553 !rdev->ops->set_default_key)
554 return -EOPNOTSUPP;
555
556 idx = erq->flags & IW_ENCODE_INDEX;
557 if (idx == 0) {
558 idx = wdev->wext.default_key;
559 if (idx < 0)
560 idx = 0;
561 } else if (idx < 1 || idx > 4)
562 return -EINVAL;
563 else
564 idx--;
565
566 if (erq->flags & IW_ENCODE_DISABLED)
567 remove = true;
568 else if (erq->length == 0) {
569 /* No key data - just set the default TX key index */
570 err = rdev->ops->set_default_key(&rdev->wiphy, dev, idx);
571 if (!err)
572 wdev->wext.default_key = idx;
573 return err;
574 }
575
576 memset(&params, 0, sizeof(params));
577 params.key = keybuf;
578 params.key_len = erq->length;
579 if (erq->length == 5)
580 params.cipher = WLAN_CIPHER_SUITE_WEP40;
581 else if (erq->length == 13)
582 params.cipher = WLAN_CIPHER_SUITE_WEP104;
583 else if (!remove)
584 return -EINVAL;
585
586 return cfg80211_set_encryption(rdev, dev, NULL, remove,
587 wdev->wext.default_key == -1,
588 idx, &params);
589}
590EXPORT_SYMBOL_GPL(cfg80211_wext_siwencode);
591
592int cfg80211_wext_siwencodeext(struct net_device *dev,
593 struct iw_request_info *info,
594 struct iw_point *erq, char *extra)
595{
596 struct wireless_dev *wdev = dev->ieee80211_ptr;
597 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
598 struct iw_encode_ext *ext = (struct iw_encode_ext *) extra;
599 const u8 *addr;
600 int idx;
601 bool remove = false;
602 struct key_params params;
603 u32 cipher;
604
605 /* no use -- only MFP (set_default_mgmt_key) is optional */
606 if (!rdev->ops->del_key ||
607 !rdev->ops->add_key ||
608 !rdev->ops->set_default_key)
609 return -EOPNOTSUPP;
610
611 switch (ext->alg) {
612 case IW_ENCODE_ALG_NONE:
613 remove = true;
614 cipher = 0;
615 break;
616 case IW_ENCODE_ALG_WEP:
617 if (ext->key_len == 5)
618 cipher = WLAN_CIPHER_SUITE_WEP40;
619 else if (ext->key_len == 13)
620 cipher = WLAN_CIPHER_SUITE_WEP104;
621 else
622 return -EINVAL;
623 break;
624 case IW_ENCODE_ALG_TKIP:
625 cipher = WLAN_CIPHER_SUITE_TKIP;
626 break;
627 case IW_ENCODE_ALG_CCMP:
628 cipher = WLAN_CIPHER_SUITE_CCMP;
629 break;
630 case IW_ENCODE_ALG_AES_CMAC:
631 cipher = WLAN_CIPHER_SUITE_AES_CMAC;
632 break;
633 default:
634 return -EOPNOTSUPP;
635 }
636
637 if (erq->flags & IW_ENCODE_DISABLED)
638 remove = true;
639
640 idx = erq->flags & IW_ENCODE_INDEX;
641 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
642 if (idx < 4 || idx > 5) {
643 idx = wdev->wext.default_mgmt_key;
644 if (idx < 0)
645 return -EINVAL;
646 } else
647 idx--;
648 } else {
649 if (idx < 1 || idx > 4) {
650 idx = wdev->wext.default_key;
651 if (idx < 0)
652 return -EINVAL;
653 } else
654 idx--;
655 }
656
657 addr = ext->addr.sa_data;
658 if (is_broadcast_ether_addr(addr))
659 addr = NULL;
660
661 memset(&params, 0, sizeof(params));
662 params.key = ext->key;
663 params.key_len = ext->key_len;
664 params.cipher = cipher;
665
666 if (ext->ext_flags & IW_ENCODE_EXT_RX_SEQ_VALID) {
667 params.seq = ext->rx_seq;
668 params.seq_len = 6;
669 }
670
671 return cfg80211_set_encryption(
672 rdev, dev, addr, remove,
673 ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY,
674 idx, &params);
675}
676EXPORT_SYMBOL_GPL(cfg80211_wext_siwencodeext);
677
678struct giwencode_cookie {
679 size_t buflen;
680 char *keybuf;
681};
682
683static void giwencode_get_key_cb(void *cookie, struct key_params *params)
684{
685 struct giwencode_cookie *data = cookie;
686
687 if (!params->key) {
688 data->buflen = 0;
689 return;
690 }
691
692 data->buflen = min_t(size_t, data->buflen, params->key_len);
693 memcpy(data->keybuf, params->key, data->buflen);
694}
695
696int cfg80211_wext_giwencode(struct net_device *dev,
697 struct iw_request_info *info,
698 struct iw_point *erq, char *keybuf)
699{
700 struct wireless_dev *wdev = dev->ieee80211_ptr;
701 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
702 int idx, err;
703 struct giwencode_cookie data = {
704 .keybuf = keybuf,
705 .buflen = erq->length,
706 };
707
708 if (!rdev->ops->get_key)
709 return -EOPNOTSUPP;
710
711 idx = erq->flags & IW_ENCODE_INDEX;
712 if (idx == 0) {
713 idx = wdev->wext.default_key;
714 if (idx < 0)
715 idx = 0;
716 } else if (idx < 1 || idx > 4)
717 return -EINVAL;
718 else
719 idx--;
720
721 erq->flags = idx + 1;
722
723 err = rdev->ops->get_key(&rdev->wiphy, dev, idx, NULL, &data,
724 giwencode_get_key_cb);
725 if (!err) {
726 erq->length = data.buflen;
727 erq->flags |= IW_ENCODE_ENABLED;
728 return 0;
729 }
730
731 if (err == -ENOENT) {
732 erq->flags |= IW_ENCODE_DISABLED;
733 erq->length = 0;
734 return 0;
735 }
736
737 return err;
738}
739EXPORT_SYMBOL_GPL(cfg80211_wext_giwencode);
diff --git a/net/wireless/wext.c b/net/wireless/wext.c
index cb6a5bb85d80..d3bbef70cc7c 100644
--- a/net/wireless/wext.c
+++ b/net/wireless/wext.c
@@ -649,14 +649,26 @@ static int wireless_seq_show(struct seq_file *seq, void *v)
649 return 0; 649 return 0;
650} 650}
651 651
652static void *wireless_dev_seq_start(struct seq_file *seq, loff_t *pos)
653{
654 rtnl_lock();
655 return dev_seq_start(seq, pos);
656}
657
658static void wireless_dev_seq_stop(struct seq_file *seq, void *v)
659{
660 dev_seq_stop(seq, v);
661 rtnl_unlock();
662}
663
652static const struct seq_operations wireless_seq_ops = { 664static const struct seq_operations wireless_seq_ops = {
653 .start = dev_seq_start, 665 .start = wireless_dev_seq_start,
654 .next = dev_seq_next, 666 .next = dev_seq_next,
655 .stop = dev_seq_stop, 667 .stop = wireless_dev_seq_stop,
656 .show = wireless_seq_show, 668 .show = wireless_seq_show,
657}; 669};
658 670
659static int wireless_seq_open(struct inode *inode, struct file *file) 671static int seq_open_wireless(struct inode *inode, struct file *file)
660{ 672{
661 return seq_open_net(inode, file, &wireless_seq_ops, 673 return seq_open_net(inode, file, &wireless_seq_ops,
662 sizeof(struct seq_net_private)); 674 sizeof(struct seq_net_private));
@@ -664,7 +676,7 @@ static int wireless_seq_open(struct inode *inode, struct file *file)
664 676
665static const struct file_operations wireless_seq_fops = { 677static const struct file_operations wireless_seq_fops = {
666 .owner = THIS_MODULE, 678 .owner = THIS_MODULE,
667 .open = wireless_seq_open, 679 .open = seq_open_wireless,
668 .read = seq_read, 680 .read = seq_read,
669 .llseek = seq_lseek, 681 .llseek = seq_lseek,
670 .release = seq_release_net, 682 .release = seq_release_net,
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-14 02:19:40 -0500