aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/8021q/vlan.c3
-rw-r--r--net/8021q/vlanproc.c36
-rw-r--r--net/Kconfig1
-rw-r--r--net/Makefile4
-rw-r--r--net/bridge/br_if.c4
-rw-r--r--net/bridge/br_ioctl.c4
-rw-r--r--net/bridge/br_netfilter.c138
-rw-r--r--net/bridge/br_netlink.c3
-rw-r--r--net/core/dev.c99
-rw-r--r--net/core/dev_mcast.c5
-rw-r--r--net/core/rtnetlink.c7
-rw-r--r--net/decnet/af_decnet.c11
-rw-r--r--net/decnet/dn_dev.c85
-rw-r--r--net/decnet/dn_fib.c2
-rw-r--r--net/decnet/dn_route.c14
-rw-r--r--net/ipv4/devinet.c17
-rw-r--r--net/ipv4/igmp.c15
-rw-r--r--net/ipv4/ipconfig.c2
-rw-r--r--net/ipv4/netfilter/nf_nat_proto_gre.c20
-rw-r--r--net/ipv4/netfilter/nf_nat_rule.c4
-rw-r--r--net/ipv4/netfilter/nf_nat_sip.c26
-rw-r--r--net/ipv4/tcp.c3
-rw-r--r--net/ipv4/tcp_highspeed.c24
-rw-r--r--net/ipv4/tcp_yeah.h7
-rw-r--r--net/ipv6/addrconf.c28
-rw-r--r--net/ipv6/anycast.c17
-rw-r--r--net/ipv6/mcast.c15
-rw-r--r--net/iucv/af_iucv.c193
-rw-r--r--net/iucv/iucv.c49
-rw-r--r--net/llc/llc_core.c10
-rw-r--r--net/mac80211/Kconfig78
-rw-r--r--net/mac80211/Makefile20
-rw-r--r--net/mac80211/aes_ccm.c155
-rw-r--r--net/mac80211/aes_ccm.h26
-rw-r--r--net/mac80211/debugfs.c433
-rw-r--r--net/mac80211/debugfs.h16
-rw-r--r--net/mac80211/debugfs_key.c252
-rw-r--r--net/mac80211/debugfs_key.h34
-rw-r--r--net/mac80211/debugfs_netdev.c440
-rw-r--r--net/mac80211/debugfs_netdev.h30
-rw-r--r--net/mac80211/debugfs_sta.c246
-rw-r--r--net/mac80211/debugfs_sta.h12
-rw-r--r--net/mac80211/hostapd_ioctl.h108
-rw-r--r--net/mac80211/ieee80211.c4984
-rw-r--r--net/mac80211/ieee80211_cfg.c66
-rw-r--r--net/mac80211/ieee80211_cfg.h9
-rw-r--r--net/mac80211/ieee80211_common.h98
-rw-r--r--net/mac80211/ieee80211_i.h798
-rw-r--r--net/mac80211/ieee80211_iface.c352
-rw-r--r--net/mac80211/ieee80211_ioctl.c1822
-rw-r--r--net/mac80211/ieee80211_key.h106
-rw-r--r--net/mac80211/ieee80211_led.c91
-rw-r--r--net/mac80211/ieee80211_led.h32
-rw-r--r--net/mac80211/ieee80211_rate.c140
-rw-r--r--net/mac80211/ieee80211_rate.h144
-rw-r--r--net/mac80211/ieee80211_sta.c3060
-rw-r--r--net/mac80211/michael.c104
-rw-r--r--net/mac80211/michael.h20
-rw-r--r--net/mac80211/rc80211_simple.c432
-rw-r--r--net/mac80211/sta_info.c470
-rw-r--r--net/mac80211/sta_info.h164
-rw-r--r--net/mac80211/tkip.c341
-rw-r--r--net/mac80211/tkip.h36
-rw-r--r--net/mac80211/wep.c328
-rw-r--r--net/mac80211/wep.h40
-rw-r--r--net/mac80211/wme.c678
-rw-r--r--net/mac80211/wme.h57
-rw-r--r--net/mac80211/wpa.c660
-rw-r--r--net/mac80211/wpa.h31
-rw-r--r--net/netlink/af_netlink.c34
-rw-r--r--net/netrom/nr_route.c5
-rw-r--r--net/rose/rose_route.c8
-rw-r--r--net/rxrpc/Kconfig3
-rw-r--r--net/rxrpc/ar-ack.c80
-rw-r--r--net/rxrpc/ar-error.c2
-rw-r--r--net/rxrpc/ar-output.c2
-rw-r--r--net/rxrpc/ar-peer.c45
-rw-r--r--net/sched/sch_api.c7
-rw-r--r--net/sctp/associola.c29
-rw-r--r--net/sctp/ipv6.c49
-rw-r--r--net/sctp/protocol.c81
-rw-r--r--net/sctp/sm_make_chunk.c15
-rw-r--r--net/sctp/sm_sideeffect.c35
-rw-r--r--net/sctp/sm_statefuns.c29
-rw-r--r--net/sctp/socket.c40
-rw-r--r--net/sunrpc/Makefile2
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_seal.c13
-rw-r--r--net/sunrpc/clnt.c69
-rw-r--r--net/sunrpc/pmap_clnt.c383
-rw-r--r--net/sunrpc/rpcb_clnt.c625
-rw-r--r--net/sunrpc/sched.c65
-rw-r--r--net/sunrpc/svc.c2
-rw-r--r--net/sunrpc/xprt.c4
-rw-r--r--net/sunrpc/xprtsock.c4
-rw-r--r--net/tipc/eth_media.c12
-rw-r--r--net/xfrm/xfrm_policy.c2
-rw-r--r--net/xfrm/xfrm_state.c2
-rw-r--r--net/xfrm/xfrm_user.c73
98 files changed, 18446 insertions, 1033 deletions
diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c
index c0c7bb8e9f07..bd93c45778d4 100644
--- a/net/8021q/vlan.c
+++ b/net/8021q/vlan.c
@@ -117,8 +117,7 @@ static void __exit vlan_cleanup_devices(void)
117 struct net_device *dev, *nxt; 117 struct net_device *dev, *nxt;
118 118
119 rtnl_lock(); 119 rtnl_lock();
120 for (dev = dev_base; dev; dev = nxt) { 120 for_each_netdev_safe(dev, nxt) {
121 nxt = dev->next;
122 if (dev->priv_flags & IFF_802_1Q_VLAN) { 121 if (dev->priv_flags & IFF_802_1Q_VLAN) {
123 unregister_vlan_dev(VLAN_DEV_INFO(dev)->real_dev, 122 unregister_vlan_dev(VLAN_DEV_INFO(dev)->real_dev,
124 VLAN_DEV_INFO(dev)->vlan_id); 123 VLAN_DEV_INFO(dev)->vlan_id);
diff --git a/net/8021q/vlanproc.c b/net/8021q/vlanproc.c
index 5e24f72602a1..d216a64421cd 100644
--- a/net/8021q/vlanproc.c
+++ b/net/8021q/vlanproc.c
@@ -237,13 +237,9 @@ int vlan_proc_rem_dev(struct net_device *vlandev)
237 * The following few functions build the content of /proc/net/vlan/config 237 * The following few functions build the content of /proc/net/vlan/config
238 */ 238 */
239 239
240/* starting at dev, find a VLAN device */ 240static inline int is_vlan_dev(struct net_device *dev)
241static struct net_device *vlan_skip(struct net_device *dev)
242{ 241{
243 while (dev && !(dev->priv_flags & IFF_802_1Q_VLAN)) 242 return dev->priv_flags & IFF_802_1Q_VLAN;
244 dev = dev->next;
245
246 return dev;
247} 243}
248 244
249/* start read of /proc/net/vlan/config */ 245/* start read of /proc/net/vlan/config */
@@ -257,19 +253,35 @@ static void *vlan_seq_start(struct seq_file *seq, loff_t *pos)
257 if (*pos == 0) 253 if (*pos == 0)
258 return SEQ_START_TOKEN; 254 return SEQ_START_TOKEN;
259 255
260 for (dev = vlan_skip(dev_base); dev && i < *pos; 256 for_each_netdev(dev) {
261 dev = vlan_skip(dev->next), ++i); 257 if (!is_vlan_dev(dev))
258 continue;
259
260 if (i++ == *pos)
261 return dev;
262 }
262 263
263 return (i == *pos) ? dev : NULL; 264 return NULL;
264} 265}
265 266
266static void *vlan_seq_next(struct seq_file *seq, void *v, loff_t *pos) 267static void *vlan_seq_next(struct seq_file *seq, void *v, loff_t *pos)
267{ 268{
269 struct net_device *dev;
270
268 ++*pos; 271 ++*pos;
269 272
270 return vlan_skip((v == SEQ_START_TOKEN) 273 dev = (struct net_device *)v;
271 ? dev_base 274 if (v == SEQ_START_TOKEN)
272 : ((struct net_device *)v)->next); 275 dev = net_device_entry(&dev_base_head);
276
277 for_each_netdev_continue(dev) {
278 if (!is_vlan_dev(dev))
279 continue;
280
281 return dev;
282 }
283
284 return NULL;
273} 285}
274 286
275static void vlan_seq_stop(struct seq_file *seq, void *v) 287static void vlan_seq_stop(struct seq_file *seq, void *v)
diff --git a/net/Kconfig b/net/Kconfig
index 2fc8e77b1e62..5b2227813923 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -220,6 +220,7 @@ config FIB_RULES
220menu "Wireless" 220menu "Wireless"
221 221
222source "net/wireless/Kconfig" 222source "net/wireless/Kconfig"
223source "net/mac80211/Kconfig"
223source "net/ieee80211/Kconfig" 224source "net/ieee80211/Kconfig"
224 225
225endmenu 226endmenu
diff --git a/net/Makefile b/net/Makefile
index 6b74d4118c5b..9fdb60c2e4a1 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -45,6 +45,8 @@ obj-$(CONFIG_ECONET) += econet/
45obj-$(CONFIG_VLAN_8021Q) += 8021q/ 45obj-$(CONFIG_VLAN_8021Q) += 8021q/
46obj-$(CONFIG_IP_DCCP) += dccp/ 46obj-$(CONFIG_IP_DCCP) += dccp/
47obj-$(CONFIG_IP_SCTP) += sctp/ 47obj-$(CONFIG_IP_SCTP) += sctp/
48obj-y += wireless/
49obj-$(CONFIG_MAC80211) += mac80211/
48obj-$(CONFIG_IEEE80211) += ieee80211/ 50obj-$(CONFIG_IEEE80211) += ieee80211/
49obj-$(CONFIG_TIPC) += tipc/ 51obj-$(CONFIG_TIPC) += tipc/
50obj-$(CONFIG_NETLABEL) += netlabel/ 52obj-$(CONFIG_NETLABEL) += netlabel/
@@ -53,5 +55,3 @@ obj-$(CONFIG_IUCV) += iucv/
53ifeq ($(CONFIG_NET),y) 55ifeq ($(CONFIG_NET),y)
54obj-$(CONFIG_SYSCTL) += sysctl_net.o 56obj-$(CONFIG_SYSCTL) += sysctl_net.o
55endif 57endif
56
57obj-y += wireless/
diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
index 690573bbf012..849deaf14108 100644
--- a/net/bridge/br_if.c
+++ b/net/bridge/br_if.c
@@ -475,11 +475,9 @@ void __exit br_cleanup_bridges(void)
475 struct net_device *dev, *nxt; 475 struct net_device *dev, *nxt;
476 476
477 rtnl_lock(); 477 rtnl_lock();
478 for (dev = dev_base; dev; dev = nxt) { 478 for_each_netdev_safe(dev, nxt)
479 nxt = dev->next;
480 if (dev->priv_flags & IFF_EBRIDGE) 479 if (dev->priv_flags & IFF_EBRIDGE)
481 del_br(dev->priv); 480 del_br(dev->priv);
482 }
483 rtnl_unlock(); 481 rtnl_unlock();
484 482
485} 483}
diff --git a/net/bridge/br_ioctl.c b/net/bridge/br_ioctl.c
index eda0fbfc923a..bb15e9e259b1 100644
--- a/net/bridge/br_ioctl.c
+++ b/net/bridge/br_ioctl.c
@@ -27,7 +27,9 @@ static int get_bridge_ifindices(int *indices, int num)
27 struct net_device *dev; 27 struct net_device *dev;
28 int i = 0; 28 int i = 0;
29 29
30 for (dev = dev_base; dev && i < num; dev = dev->next) { 30 for_each_netdev(dev) {
31 if (i >= num)
32 break;
31 if (dev->priv_flags & IFF_EBRIDGE) 33 if (dev->priv_flags & IFF_EBRIDGE)
32 indices[i++] = dev->ifindex; 34 indices[i++] = dev->ifindex;
33 } 35 }
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 9b2986b182ba..fa779874b9dd 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -142,14 +142,33 @@ static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
142 return skb->nf_bridge; 142 return skb->nf_bridge;
143} 143}
144 144
145static inline void nf_bridge_save_header(struct sk_buff *skb) 145static inline void nf_bridge_push_encap_header(struct sk_buff *skb)
146{
147 unsigned int len = nf_bridge_encap_header_len(skb);
148
149 skb_push(skb, len);
150 skb->network_header -= len;
151}
152
153static inline void nf_bridge_pull_encap_header(struct sk_buff *skb)
146{ 154{
147 int header_size = ETH_HLEN; 155 unsigned int len = nf_bridge_encap_header_len(skb);
156
157 skb_pull(skb, len);
158 skb->network_header += len;
159}
148 160
149 if (skb->protocol == htons(ETH_P_8021Q)) 161static inline void nf_bridge_pull_encap_header_rcsum(struct sk_buff *skb)
150 header_size += VLAN_HLEN; 162{
151 else if (skb->protocol == htons(ETH_P_PPP_SES)) 163 unsigned int len = nf_bridge_encap_header_len(skb);
152 header_size += PPPOE_SES_HLEN; 164
165 skb_pull_rcsum(skb, len);
166 skb->network_header += len;
167}
168
169static inline void nf_bridge_save_header(struct sk_buff *skb)
170{
171 int header_size = ETH_HLEN + nf_bridge_encap_header_len(skb);
153 172
154 skb_copy_from_linear_data_offset(skb, -header_size, 173 skb_copy_from_linear_data_offset(skb, -header_size,
155 skb->nf_bridge->data, header_size); 174 skb->nf_bridge->data, header_size);
@@ -162,12 +181,7 @@ static inline void nf_bridge_save_header(struct sk_buff *skb)
162int nf_bridge_copy_header(struct sk_buff *skb) 181int nf_bridge_copy_header(struct sk_buff *skb)
163{ 182{
164 int err; 183 int err;
165 int header_size = ETH_HLEN; 184 int header_size = ETH_HLEN + nf_bridge_encap_header_len(skb);
166
167 if (skb->protocol == htons(ETH_P_8021Q))
168 header_size += VLAN_HLEN;
169 else if (skb->protocol == htons(ETH_P_PPP_SES))
170 header_size += PPPOE_SES_HLEN;
171 185
172 err = skb_cow(skb, header_size); 186 err = skb_cow(skb, header_size);
173 if (err) 187 if (err)
@@ -175,11 +189,7 @@ int nf_bridge_copy_header(struct sk_buff *skb)
175 189
176 skb_copy_to_linear_data_offset(skb, -header_size, 190 skb_copy_to_linear_data_offset(skb, -header_size,
177 skb->nf_bridge->data, header_size); 191 skb->nf_bridge->data, header_size);
178 192 __skb_push(skb, nf_bridge_encap_header_len(skb));
179 if (skb->protocol == htons(ETH_P_8021Q))
180 __skb_push(skb, VLAN_HLEN);
181 else if (skb->protocol == htons(ETH_P_PPP_SES))
182 __skb_push(skb, PPPOE_SES_HLEN);
183 return 0; 193 return 0;
184} 194}
185 195
@@ -200,13 +210,7 @@ static int br_nf_pre_routing_finish_ipv6(struct sk_buff *skb)
200 dst_hold(skb->dst); 210 dst_hold(skb->dst);
201 211
202 skb->dev = nf_bridge->physindev; 212 skb->dev = nf_bridge->physindev;
203 if (skb->protocol == htons(ETH_P_8021Q)) { 213 nf_bridge_push_encap_header(skb);
204 skb_push(skb, VLAN_HLEN);
205 skb->network_header -= VLAN_HLEN;
206 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
207 skb_push(skb, PPPOE_SES_HLEN);
208 skb->network_header -= PPPOE_SES_HLEN;
209 }
210 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL, 214 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL,
211 br_handle_frame_finish, 1); 215 br_handle_frame_finish, 1);
212 216
@@ -284,13 +288,7 @@ static int br_nf_pre_routing_finish_bridge(struct sk_buff *skb)
284 if (!skb->dev) 288 if (!skb->dev)
285 kfree_skb(skb); 289 kfree_skb(skb);
286 else { 290 else {
287 if (skb->protocol == htons(ETH_P_8021Q)) { 291 nf_bridge_pull_encap_header(skb);
288 skb_pull(skb, VLAN_HLEN);
289 skb->network_header += VLAN_HLEN;
290 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
291 skb_pull(skb, PPPOE_SES_HLEN);
292 skb->network_header += PPPOE_SES_HLEN;
293 }
294 skb->dst->output(skb); 292 skb->dst->output(skb);
295 } 293 }
296 return 0; 294 return 0;
@@ -356,15 +354,7 @@ bridged_dnat:
356 * bridged frame */ 354 * bridged frame */
357 nf_bridge->mask |= BRNF_BRIDGED_DNAT; 355 nf_bridge->mask |= BRNF_BRIDGED_DNAT;
358 skb->dev = nf_bridge->physindev; 356 skb->dev = nf_bridge->physindev;
359 if (skb->protocol == 357 nf_bridge_push_encap_header(skb);
360 htons(ETH_P_8021Q)) {
361 skb_push(skb, VLAN_HLEN);
362 skb->network_header -= VLAN_HLEN;
363 } else if(skb->protocol ==
364 htons(ETH_P_PPP_SES)) {
365 skb_push(skb, PPPOE_SES_HLEN);
366 skb->network_header -= PPPOE_SES_HLEN;
367 }
368 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, 358 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING,
369 skb, skb->dev, NULL, 359 skb, skb->dev, NULL,
370 br_nf_pre_routing_finish_bridge, 360 br_nf_pre_routing_finish_bridge,
@@ -380,13 +370,7 @@ bridged_dnat:
380 } 370 }
381 371
382 skb->dev = nf_bridge->physindev; 372 skb->dev = nf_bridge->physindev;
383 if (skb->protocol == htons(ETH_P_8021Q)) { 373 nf_bridge_push_encap_header(skb);
384 skb_push(skb, VLAN_HLEN);
385 skb->network_header -= VLAN_HLEN;
386 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
387 skb_push(skb, PPPOE_SES_HLEN);
388 skb->network_header -= PPPOE_SES_HLEN;
389 }
390 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL, 374 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL,
391 br_handle_frame_finish, 1); 375 br_handle_frame_finish, 1);
392 376
@@ -536,14 +520,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
536#endif 520#endif
537 if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL) 521 if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL)
538 goto out; 522 goto out;
539 523 nf_bridge_pull_encap_header_rcsum(skb);
540 if (skb->protocol == htons(ETH_P_8021Q)) {
541 skb_pull_rcsum(skb, VLAN_HLEN);
542 skb->network_header += VLAN_HLEN;
543 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
544 skb_pull_rcsum(skb, PPPOE_SES_HLEN);
545 skb->network_header += PPPOE_SES_HLEN;
546 }
547 return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn); 524 return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn);
548 } 525 }
549#ifdef CONFIG_SYSCTL 526#ifdef CONFIG_SYSCTL
@@ -557,14 +534,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
557 534
558 if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL) 535 if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL)
559 goto out; 536 goto out;
560 537 nf_bridge_pull_encap_header_rcsum(skb);
561 if (skb->protocol == htons(ETH_P_8021Q)) {
562 skb_pull_rcsum(skb, VLAN_HLEN);
563 skb->network_header += VLAN_HLEN;
564 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
565 skb_pull_rcsum(skb, PPPOE_SES_HLEN);
566 skb->network_header += PPPOE_SES_HLEN;
567 }
568 538
569 if (!pskb_may_pull(skb, sizeof(struct iphdr))) 539 if (!pskb_may_pull(skb, sizeof(struct iphdr)))
570 goto inhdr_error; 540 goto inhdr_error;
@@ -642,13 +612,7 @@ static int br_nf_forward_finish(struct sk_buff *skb)
642 } else { 612 } else {
643 in = *((struct net_device **)(skb->cb)); 613 in = *((struct net_device **)(skb->cb));
644 } 614 }
645 if (skb->protocol == htons(ETH_P_8021Q)) { 615 nf_bridge_push_encap_header(skb);
646 skb_push(skb, VLAN_HLEN);
647 skb->network_header -= VLAN_HLEN;
648 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
649 skb_push(skb, PPPOE_SES_HLEN);
650 skb->network_header -= PPPOE_SES_HLEN;
651 }
652 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_FORWARD, skb, in, 616 NF_HOOK_THRESH(PF_BRIDGE, NF_BR_FORWARD, skb, in,
653 skb->dev, br_forward_finish, 1); 617 skb->dev, br_forward_finish, 1);
654 return 0; 618 return 0;
@@ -682,13 +646,7 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb,
682 else 646 else
683 pf = PF_INET6; 647 pf = PF_INET6;
684 648
685 if (skb->protocol == htons(ETH_P_8021Q)) { 649 nf_bridge_pull_encap_header(*pskb);
686 skb_pull(*pskb, VLAN_HLEN);
687 (*pskb)->network_header += VLAN_HLEN;
688 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
689 skb_pull(*pskb, PPPOE_SES_HLEN);
690 (*pskb)->network_header += PPPOE_SES_HLEN;
691 }
692 650
693 nf_bridge = skb->nf_bridge; 651 nf_bridge = skb->nf_bridge;
694 if (skb->pkt_type == PACKET_OTHERHOST) { 652 if (skb->pkt_type == PACKET_OTHERHOST) {
@@ -722,15 +680,12 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb,
722 if (skb->protocol != htons(ETH_P_ARP)) { 680 if (skb->protocol != htons(ETH_P_ARP)) {
723 if (!IS_VLAN_ARP(skb)) 681 if (!IS_VLAN_ARP(skb))
724 return NF_ACCEPT; 682 return NF_ACCEPT;
725 skb_pull(*pskb, VLAN_HLEN); 683 nf_bridge_pull_encap_header(*pskb);
726 (*pskb)->network_header += VLAN_HLEN;
727 } 684 }
728 685
729 if (arp_hdr(skb)->ar_pln != 4) { 686 if (arp_hdr(skb)->ar_pln != 4) {
730 if (IS_VLAN_ARP(skb)) { 687 if (IS_VLAN_ARP(skb))
731 skb_push(*pskb, VLAN_HLEN); 688 nf_bridge_push_encap_header(*pskb);
732 (*pskb)->network_header -= VLAN_HLEN;
733 }
734 return NF_ACCEPT; 689 return NF_ACCEPT;
735 } 690 }
736 *d = (struct net_device *)in; 691 *d = (struct net_device *)in;
@@ -777,13 +732,7 @@ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb,
777 skb->pkt_type = PACKET_OTHERHOST; 732 skb->pkt_type = PACKET_OTHERHOST;
778 nf_bridge->mask ^= BRNF_PKT_TYPE; 733 nf_bridge->mask ^= BRNF_PKT_TYPE;
779 } 734 }
780 if (skb->protocol == htons(ETH_P_8021Q)) { 735 nf_bridge_push_encap_header(skb);
781 skb_push(skb, VLAN_HLEN);
782 skb->network_header -= VLAN_HLEN;
783 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
784 skb_push(skb, PPPOE_SES_HLEN);
785 skb->network_header -= PPPOE_SES_HLEN;
786 }
787 736
788 NF_HOOK(PF_BRIDGE, NF_BR_FORWARD, skb, realindev, skb->dev, 737 NF_HOOK(PF_BRIDGE, NF_BR_FORWARD, skb, realindev, skb->dev,
789 br_forward_finish); 738 br_forward_finish);
@@ -848,14 +797,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
848 nf_bridge->mask |= BRNF_PKT_TYPE; 797 nf_bridge->mask |= BRNF_PKT_TYPE;
849 } 798 }
850 799
851 if (skb->protocol == htons(ETH_P_8021Q)) { 800 nf_bridge_pull_encap_header(skb);
852 skb_pull(skb, VLAN_HLEN);
853 skb->network_header += VLAN_HLEN;
854 } else if (skb->protocol == htons(ETH_P_PPP_SES)) {
855 skb_pull(skb, PPPOE_SES_HLEN);
856 skb->network_header += PPPOE_SES_HLEN;
857 }
858
859 nf_bridge_save_header(skb); 801 nf_bridge_save_header(skb);
860 802
861#if defined(CONFIG_VLAN_8021Q) || defined(CONFIG_VLAN_8021Q_MODULE) 803#if defined(CONFIG_VLAN_8021Q) || defined(CONFIG_VLAN_8021Q_MODULE)
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
index 35facc0c11c2..0fcf6f073064 100644
--- a/net/bridge/br_netlink.c
+++ b/net/bridge/br_netlink.c
@@ -109,7 +109,8 @@ static int br_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
109 struct net_device *dev; 109 struct net_device *dev;
110 int idx; 110 int idx;
111 111
112 for (dev = dev_base, idx = 0; dev; dev = dev->next) { 112 idx = 0;
113 for_each_netdev(dev) {
113 /* not a bridge port */ 114 /* not a bridge port */
114 if (dev->br_port == NULL || idx < cb->args[0]) 115 if (dev->br_port == NULL || idx < cb->args[0])
115 goto skip; 116 goto skip;
diff --git a/net/core/dev.c b/net/core/dev.c
index eb999003bbb7..f27d4ab181e6 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -156,13 +156,13 @@ static spinlock_t net_dma_event_lock;
156#endif 156#endif
157 157
158/* 158/*
159 * The @dev_base list is protected by @dev_base_lock and the rtnl 159 * The @dev_base_head list is protected by @dev_base_lock and the rtnl
160 * semaphore. 160 * semaphore.
161 * 161 *
162 * Pure readers hold dev_base_lock for reading. 162 * Pure readers hold dev_base_lock for reading.
163 * 163 *
164 * Writers must hold the rtnl semaphore while they loop through the 164 * Writers must hold the rtnl semaphore while they loop through the
165 * dev_base list, and hold dev_base_lock for writing when they do the 165 * dev_base_head list, and hold dev_base_lock for writing when they do the
166 * actual updates. This allows pure readers to access the list even 166 * actual updates. This allows pure readers to access the list even
167 * while a writer is preparing to update it. 167 * while a writer is preparing to update it.
168 * 168 *
@@ -174,11 +174,10 @@ static spinlock_t net_dma_event_lock;
174 * unregister_netdevice(), which must be called with the rtnl 174 * unregister_netdevice(), which must be called with the rtnl
175 * semaphore held. 175 * semaphore held.
176 */ 176 */
177struct net_device *dev_base; 177LIST_HEAD(dev_base_head);
178static struct net_device **dev_tail = &dev_base;
179DEFINE_RWLOCK(dev_base_lock); 178DEFINE_RWLOCK(dev_base_lock);
180 179
181EXPORT_SYMBOL(dev_base); 180EXPORT_SYMBOL(dev_base_head);
182EXPORT_SYMBOL(dev_base_lock); 181EXPORT_SYMBOL(dev_base_lock);
183 182
184#define NETDEV_HASHBITS 8 183#define NETDEV_HASHBITS 8
@@ -567,26 +566,38 @@ struct net_device *dev_getbyhwaddr(unsigned short type, char *ha)
567 566
568 ASSERT_RTNL(); 567 ASSERT_RTNL();
569 568
570 for (dev = dev_base; dev; dev = dev->next) 569 for_each_netdev(dev)
571 if (dev->type == type && 570 if (dev->type == type &&
572 !memcmp(dev->dev_addr, ha, dev->addr_len)) 571 !memcmp(dev->dev_addr, ha, dev->addr_len))
573 break; 572 return dev;
574 return dev; 573
574 return NULL;
575} 575}
576 576
577EXPORT_SYMBOL(dev_getbyhwaddr); 577EXPORT_SYMBOL(dev_getbyhwaddr);
578 578
579struct net_device *__dev_getfirstbyhwtype(unsigned short type)
580{
581 struct net_device *dev;
582
583 ASSERT_RTNL();
584 for_each_netdev(dev)
585 if (dev->type == type)
586 return dev;
587
588 return NULL;
589}
590
591EXPORT_SYMBOL(__dev_getfirstbyhwtype);
592
579struct net_device *dev_getfirstbyhwtype(unsigned short type) 593struct net_device *dev_getfirstbyhwtype(unsigned short type)
580{ 594{
581 struct net_device *dev; 595 struct net_device *dev;
582 596
583 rtnl_lock(); 597 rtnl_lock();
584 for (dev = dev_base; dev; dev = dev->next) { 598 dev = __dev_getfirstbyhwtype(type);
585 if (dev->type == type) { 599 if (dev)
586 dev_hold(dev); 600 dev_hold(dev);
587 break;
588 }
589 }
590 rtnl_unlock(); 601 rtnl_unlock();
591 return dev; 602 return dev;
592} 603}
@@ -606,17 +617,19 @@ EXPORT_SYMBOL(dev_getfirstbyhwtype);
606 617
607struct net_device * dev_get_by_flags(unsigned short if_flags, unsigned short mask) 618struct net_device * dev_get_by_flags(unsigned short if_flags, unsigned short mask)
608{ 619{
609 struct net_device *dev; 620 struct net_device *dev, *ret;
610 621
622 ret = NULL;
611 read_lock(&dev_base_lock); 623 read_lock(&dev_base_lock);
612 for (dev = dev_base; dev != NULL; dev = dev->next) { 624 for_each_netdev(dev) {
613 if (((dev->flags ^ if_flags) & mask) == 0) { 625 if (((dev->flags ^ if_flags) & mask) == 0) {
614 dev_hold(dev); 626 dev_hold(dev);
627 ret = dev;
615 break; 628 break;
616 } 629 }
617 } 630 }
618 read_unlock(&dev_base_lock); 631 read_unlock(&dev_base_lock);
619 return dev; 632 return ret;
620} 633}
621 634
622/** 635/**
@@ -682,7 +695,7 @@ int dev_alloc_name(struct net_device *dev, const char *name)
682 if (!inuse) 695 if (!inuse)
683 return -ENOMEM; 696 return -ENOMEM;
684 697
685 for (d = dev_base; d; d = d->next) { 698 for_each_netdev(d) {
686 if (!sscanf(d->name, name, &i)) 699 if (!sscanf(d->name, name, &i))
687 continue; 700 continue;
688 if (i < 0 || i >= max_netdevices) 701 if (i < 0 || i >= max_netdevices)
@@ -964,7 +977,7 @@ int register_netdevice_notifier(struct notifier_block *nb)
964 rtnl_lock(); 977 rtnl_lock();
965 err = raw_notifier_chain_register(&netdev_chain, nb); 978 err = raw_notifier_chain_register(&netdev_chain, nb);
966 if (!err) { 979 if (!err) {
967 for (dev = dev_base; dev; dev = dev->next) { 980 for_each_netdev(dev) {
968 nb->notifier_call(nb, NETDEV_REGISTER, dev); 981 nb->notifier_call(nb, NETDEV_REGISTER, dev);
969 982
970 if (dev->flags & IFF_UP) 983 if (dev->flags & IFF_UP)
@@ -2038,7 +2051,7 @@ static int dev_ifconf(char __user *arg)
2038 */ 2051 */
2039 2052
2040 total = 0; 2053 total = 0;
2041 for (dev = dev_base; dev; dev = dev->next) { 2054 for_each_netdev(dev) {
2042 for (i = 0; i < NPROTO; i++) { 2055 for (i = 0; i < NPROTO; i++) {
2043 if (gifconf_list[i]) { 2056 if (gifconf_list[i]) {
2044 int done; 2057 int done;
@@ -2070,26 +2083,28 @@ static int dev_ifconf(char __user *arg)
2070 * This is invoked by the /proc filesystem handler to display a device 2083 * This is invoked by the /proc filesystem handler to display a device
2071 * in detail. 2084 * in detail.
2072 */ 2085 */
2073static struct net_device *dev_get_idx(loff_t pos) 2086void *dev_seq_start(struct seq_file *seq, loff_t *pos)
2074{ 2087{
2088 loff_t off;
2075 struct net_device *dev; 2089 struct net_device *dev;
2076 loff_t i;
2077 2090
2078 for (i = 0, dev = dev_base; dev && i < pos; ++i, dev = dev->next); 2091 read_lock(&dev_base_lock);
2092 if (!*pos)
2093 return SEQ_START_TOKEN;
2079 2094
2080 return i == pos ? dev : NULL; 2095 off = 1;
2081} 2096 for_each_netdev(dev)
2097 if (off++ == *pos)
2098 return dev;
2082 2099
2083void *dev_seq_start(struct seq_file *seq, loff_t *pos) 2100 return NULL;
2084{
2085 read_lock(&dev_base_lock);
2086 return *pos ? dev_get_idx(*pos - 1) : SEQ_START_TOKEN;
2087} 2101}
2088 2102
2089void *dev_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2103void *dev_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2090{ 2104{
2091 ++*pos; 2105 ++*pos;
2092 return v == SEQ_START_TOKEN ? dev_base : ((struct net_device *)v)->next; 2106 return v == SEQ_START_TOKEN ?
2107 first_net_device() : next_net_device((struct net_device *)v);
2093} 2108}
2094 2109
2095void dev_seq_stop(struct seq_file *seq, void *v) 2110void dev_seq_stop(struct seq_file *seq, void *v)
@@ -3071,11 +3086,9 @@ int register_netdevice(struct net_device *dev)
3071 3086
3072 set_bit(__LINK_STATE_PRESENT, &dev->state); 3087 set_bit(__LINK_STATE_PRESENT, &dev->state);
3073 3088
3074 dev->next = NULL;
3075 dev_init_scheduler(dev); 3089 dev_init_scheduler(dev);
3076 write_lock_bh(&dev_base_lock); 3090 write_lock_bh(&dev_base_lock);
3077 *dev_tail = dev; 3091 list_add_tail(&dev->dev_list, &dev_base_head);
3078 dev_tail = &dev->next;
3079 hlist_add_head(&dev->name_hlist, head); 3092 hlist_add_head(&dev->name_hlist, head);
3080 hlist_add_head(&dev->index_hlist, dev_index_hash(dev->ifindex)); 3093 hlist_add_head(&dev->index_hlist, dev_index_hash(dev->ifindex));
3081 dev_hold(dev); 3094 dev_hold(dev);
@@ -3349,8 +3362,6 @@ void synchronize_net(void)
3349 3362
3350void unregister_netdevice(struct net_device *dev) 3363void unregister_netdevice(struct net_device *dev)
3351{ 3364{
3352 struct net_device *d, **dp;
3353
3354 BUG_ON(dev_boot_phase); 3365 BUG_ON(dev_boot_phase);
3355 ASSERT_RTNL(); 3366 ASSERT_RTNL();
3356 3367
@@ -3370,19 +3381,11 @@ void unregister_netdevice(struct net_device *dev)
3370 dev_close(dev); 3381 dev_close(dev);
3371 3382
3372 /* And unlink it from device chain. */ 3383 /* And unlink it from device chain. */
3373 for (dp = &dev_base; (d = *dp) != NULL; dp = &d->next) { 3384 write_lock_bh(&dev_base_lock);
3374 if (d == dev) { 3385 list_del(&dev->dev_list);
3375 write_lock_bh(&dev_base_lock); 3386 hlist_del(&dev->name_hlist);
3376 hlist_del(&dev->name_hlist); 3387 hlist_del(&dev->index_hlist);
3377 hlist_del(&dev->index_hlist); 3388 write_unlock_bh(&dev_base_lock);
3378 if (dev_tail == &dev->next)
3379 dev_tail = dp;
3380 *dp = d->next;
3381 write_unlock_bh(&dev_base_lock);
3382 break;
3383 }
3384 }
3385 BUG_ON(!d);
3386 3389
3387 dev->reg_state = NETREG_UNREGISTERING; 3390 dev->reg_state = NETREG_UNREGISTERING;
3388 3391
diff --git a/net/core/dev_mcast.c b/net/core/dev_mcast.c
index 7d57bf77f3a3..5a54053386c8 100644
--- a/net/core/dev_mcast.c
+++ b/net/core/dev_mcast.c
@@ -223,7 +223,7 @@ static void *dev_mc_seq_start(struct seq_file *seq, loff_t *pos)
223 loff_t off = 0; 223 loff_t off = 0;
224 224
225 read_lock(&dev_base_lock); 225 read_lock(&dev_base_lock);
226 for (dev = dev_base; dev; dev = dev->next) { 226 for_each_netdev(dev) {
227 if (off++ == *pos) 227 if (off++ == *pos)
228 return dev; 228 return dev;
229 } 229 }
@@ -232,9 +232,8 @@ static void *dev_mc_seq_start(struct seq_file *seq, loff_t *pos)
232 232
233static void *dev_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 233static void *dev_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
234{ 234{
235 struct net_device *dev = v;
236 ++*pos; 235 ++*pos;
237 return dev->next; 236 return next_net_device((struct net_device *)v);
238} 237}
239 238
240static void dev_mc_seq_stop(struct seq_file *seq, void *v) 239static void dev_mc_seq_stop(struct seq_file *seq, void *v)
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index cec111109155..8c971a2efe2a 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -539,13 +539,16 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
539 int s_idx = cb->args[0]; 539 int s_idx = cb->args[0];
540 struct net_device *dev; 540 struct net_device *dev;
541 541
542 for (dev=dev_base, idx=0; dev; dev = dev->next, idx++) { 542 idx = 0;
543 for_each_netdev(dev) {
543 if (idx < s_idx) 544 if (idx < s_idx)
544 continue; 545 goto cont;
545 if (rtnl_fill_ifinfo(skb, dev, NULL, 0, RTM_NEWLINK, 546 if (rtnl_fill_ifinfo(skb, dev, NULL, 0, RTM_NEWLINK,
546 NETLINK_CB(cb->skb).pid, 547 NETLINK_CB(cb->skb).pid,
547 cb->nlh->nlmsg_seq, 0, NLM_F_MULTI) <= 0) 548 cb->nlh->nlmsg_seq, 0, NLM_F_MULTI) <= 0)
548 break; 549 break;
550cont:
551 idx++;
549 } 552 }
550 cb->args[0] = idx; 553 cb->args[0] = idx;
551 554
diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c
index a205eaa87f52..9fbe87c93802 100644
--- a/net/decnet/af_decnet.c
+++ b/net/decnet/af_decnet.c
@@ -721,7 +721,7 @@ static int dn_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
721 struct sock *sk = sock->sk; 721 struct sock *sk = sock->sk;
722 struct dn_scp *scp = DN_SK(sk); 722 struct dn_scp *scp = DN_SK(sk);
723 struct sockaddr_dn *saddr = (struct sockaddr_dn *)uaddr; 723 struct sockaddr_dn *saddr = (struct sockaddr_dn *)uaddr;
724 struct net_device *dev; 724 struct net_device *dev, *ldev;
725 int rv; 725 int rv;
726 726
727 if (addr_len != sizeof(struct sockaddr_dn)) 727 if (addr_len != sizeof(struct sockaddr_dn))
@@ -746,14 +746,17 @@ static int dn_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
746 if (!(saddr->sdn_flags & SDF_WILD)) { 746 if (!(saddr->sdn_flags & SDF_WILD)) {
747 if (dn_ntohs(saddr->sdn_nodeaddrl)) { 747 if (dn_ntohs(saddr->sdn_nodeaddrl)) {
748 read_lock(&dev_base_lock); 748 read_lock(&dev_base_lock);
749 for(dev = dev_base; dev; dev = dev->next) { 749 ldev = NULL;
750 for_each_netdev(dev) {
750 if (!dev->dn_ptr) 751 if (!dev->dn_ptr)
751 continue; 752 continue;
752 if (dn_dev_islocal(dev, dn_saddr2dn(saddr))) 753 if (dn_dev_islocal(dev, dn_saddr2dn(saddr))) {
754 ldev = dev;
753 break; 755 break;
756 }
754 } 757 }
755 read_unlock(&dev_base_lock); 758 read_unlock(&dev_base_lock);
756 if (dev == NULL) 759 if (ldev == NULL)
757 return -EADDRNOTAVAIL; 760 return -EADDRNOTAVAIL;
758 } 761 }
759 } 762 }
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index 5c2a9951b638..764a56a13e38 100644
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -799,9 +799,10 @@ static int dn_nl_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
799 skip_ndevs = cb->args[0]; 799 skip_ndevs = cb->args[0];
800 skip_naddr = cb->args[1]; 800 skip_naddr = cb->args[1];
801 801
802 for (dev = dev_base, idx = 0; dev; dev = dev->next, idx++) { 802 idx = 0;
803 for_each_netdev(dev) {
803 if (idx < skip_ndevs) 804 if (idx < skip_ndevs)
804 continue; 805 goto cont;
805 else if (idx > skip_ndevs) { 806 else if (idx > skip_ndevs) {
806 /* Only skip over addresses for first dev dumped 807 /* Only skip over addresses for first dev dumped
807 * in this iteration (idx == skip_ndevs) */ 808 * in this iteration (idx == skip_ndevs) */
@@ -809,18 +810,20 @@ static int dn_nl_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
809 } 810 }
810 811
811 if ((dn_db = dev->dn_ptr) == NULL) 812 if ((dn_db = dev->dn_ptr) == NULL)
812 continue; 813 goto cont;
813 814
814 for (ifa = dn_db->ifa_list, dn_idx = 0; ifa; 815 for (ifa = dn_db->ifa_list, dn_idx = 0; ifa;
815 ifa = ifa->ifa_next, dn_idx++) { 816 ifa = ifa->ifa_next, dn_idx++) {
816 if (dn_idx < skip_naddr) 817 if (dn_idx < skip_naddr)
817 continue; 818 goto cont;
818 819
819 if (dn_nl_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).pid, 820 if (dn_nl_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).pid,
820 cb->nlh->nlmsg_seq, RTM_NEWADDR, 821 cb->nlh->nlmsg_seq, RTM_NEWADDR,
821 NLM_F_MULTI) < 0) 822 NLM_F_MULTI) < 0)
822 goto done; 823 goto done;
823 } 824 }
825cont:
826 idx++;
824 } 827 }
825done: 828done:
826 cb->args[0] = idx; 829 cb->args[0] = idx;
@@ -1296,7 +1299,7 @@ void dn_dev_devices_off(void)
1296 struct net_device *dev; 1299 struct net_device *dev;
1297 1300
1298 rtnl_lock(); 1301 rtnl_lock();
1299 for(dev = dev_base; dev; dev = dev->next) 1302 for_each_netdev(dev)
1300 dn_dev_down(dev); 1303 dn_dev_down(dev);
1301 rtnl_unlock(); 1304 rtnl_unlock();
1302 1305
@@ -1307,7 +1310,7 @@ void dn_dev_devices_on(void)
1307 struct net_device *dev; 1310 struct net_device *dev;
1308 1311
1309 rtnl_lock(); 1312 rtnl_lock();
1310 for(dev = dev_base; dev; dev = dev->next) { 1313 for_each_netdev(dev) {
1311 if (dev->flags & IFF_UP) 1314 if (dev->flags & IFF_UP)
1312 dn_dev_up(dev); 1315 dn_dev_up(dev);
1313 } 1316 }
@@ -1325,62 +1328,56 @@ int unregister_dnaddr_notifier(struct notifier_block *nb)
1325} 1328}
1326 1329
1327#ifdef CONFIG_PROC_FS 1330#ifdef CONFIG_PROC_FS
1328static inline struct net_device *dn_dev_get_next(struct seq_file *seq, struct net_device *dev) 1331static inline int is_dn_dev(struct net_device *dev)
1329{ 1332{
1330 do { 1333 return dev->dn_ptr != NULL;
1331 dev = dev->next;
1332 } while(dev && !dev->dn_ptr);
1333
1334 return dev;
1335} 1334}
1336 1335
1337static struct net_device *dn_dev_get_idx(struct seq_file *seq, loff_t pos) 1336static void *dn_dev_seq_start(struct seq_file *seq, loff_t *pos)
1338{ 1337{
1338 int i;
1339 struct net_device *dev; 1339 struct net_device *dev;
1340 1340
1341 dev = dev_base; 1341 read_lock(&dev_base_lock);
1342 if (dev && !dev->dn_ptr)
1343 dev = dn_dev_get_next(seq, dev);
1344 if (pos) {
1345 while(dev && (dev = dn_dev_get_next(seq, dev)))
1346 --pos;
1347 }
1348 return dev;
1349}
1350 1342
1351static void *dn_dev_seq_start(struct seq_file *seq, loff_t *pos) 1343 if (*pos == 0)
1352{ 1344 return SEQ_START_TOKEN;
1353 if (*pos) { 1345
1354 struct net_device *dev; 1346 i = 1;
1355 read_lock(&dev_base_lock); 1347 for_each_netdev(dev) {
1356 dev = dn_dev_get_idx(seq, *pos - 1); 1348 if (!is_dn_dev(dev))
1357 if (dev == NULL) 1349 continue;
1358 read_unlock(&dev_base_lock); 1350
1359 return dev; 1351 if (i++ == *pos)
1352 return dev;
1360 } 1353 }
1361 return SEQ_START_TOKEN; 1354
1355 return NULL;
1362} 1356}
1363 1357
1364static void *dn_dev_seq_next(struct seq_file *seq, void *v, loff_t *pos) 1358static void *dn_dev_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1365{ 1359{
1366 struct net_device *dev = v; 1360 struct net_device *dev;
1367 loff_t one = 1;
1368 1361
1369 if (v == SEQ_START_TOKEN) {
1370 dev = dn_dev_seq_start(seq, &one);
1371 } else {
1372 dev = dn_dev_get_next(seq, dev);
1373 if (dev == NULL)
1374 read_unlock(&dev_base_lock);
1375 }
1376 ++*pos; 1362 ++*pos;
1377 return dev; 1363
1364 dev = (struct net_device *)v;
1365 if (v == SEQ_START_TOKEN)
1366 dev = net_device_entry(&dev_base_head);
1367
1368 for_each_netdev_continue(dev) {
1369 if (!is_dn_dev(dev))
1370 continue;
1371
1372 return dev;
1373 }
1374
1375 return NULL;
1378} 1376}
1379 1377
1380static void dn_dev_seq_stop(struct seq_file *seq, void *v) 1378static void dn_dev_seq_stop(struct seq_file *seq, void *v)
1381{ 1379{
1382 if (v && v != SEQ_START_TOKEN) 1380 read_unlock(&dev_base_lock);
1383 read_unlock(&dev_base_lock);
1384} 1381}
1385 1382
1386static char *dn_type2asc(char type) 1383static char *dn_type2asc(char type)
diff --git a/net/decnet/dn_fib.c b/net/decnet/dn_fib.c
index 310a86268d2b..d2bc19d47950 100644
--- a/net/decnet/dn_fib.c
+++ b/net/decnet/dn_fib.c
@@ -602,7 +602,7 @@ static void dn_fib_del_ifaddr(struct dn_ifaddr *ifa)
602 602
603 /* Scan device list */ 603 /* Scan device list */
604 read_lock(&dev_base_lock); 604 read_lock(&dev_base_lock);
605 for(dev = dev_base; dev; dev = dev->next) { 605 for_each_netdev(dev) {
606 dn_db = dev->dn_ptr; 606 dn_db = dev->dn_ptr;
607 if (dn_db == NULL) 607 if (dn_db == NULL)
608 continue; 608 continue;
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c
index 5d7337bcf0fe..a8bf106b7a61 100644
--- a/net/decnet/dn_route.c
+++ b/net/decnet/dn_route.c
@@ -886,7 +886,7 @@ static int dn_route_output_slow(struct dst_entry **pprt, const struct flowi *old
886 .iif = loopback_dev.ifindex, 886 .iif = loopback_dev.ifindex,
887 .oif = oldflp->oif }; 887 .oif = oldflp->oif };
888 struct dn_route *rt = NULL; 888 struct dn_route *rt = NULL;
889 struct net_device *dev_out = NULL; 889 struct net_device *dev_out = NULL, *dev;
890 struct neighbour *neigh = NULL; 890 struct neighbour *neigh = NULL;
891 unsigned hash; 891 unsigned hash;
892 unsigned flags = 0; 892 unsigned flags = 0;
@@ -925,15 +925,17 @@ static int dn_route_output_slow(struct dst_entry **pprt, const struct flowi *old
925 goto out; 925 goto out;
926 } 926 }
927 read_lock(&dev_base_lock); 927 read_lock(&dev_base_lock);
928 for(dev_out = dev_base; dev_out; dev_out = dev_out->next) { 928 for_each_netdev(dev) {
929 if (!dev_out->dn_ptr) 929 if (!dev->dn_ptr)
930 continue; 930 continue;
931 if (!dn_dev_islocal(dev_out, oldflp->fld_src)) 931 if (!dn_dev_islocal(dev, oldflp->fld_src))
932 continue; 932 continue;
933 if ((dev_out->flags & IFF_LOOPBACK) && 933 if ((dev->flags & IFF_LOOPBACK) &&
934 oldflp->fld_dst && 934 oldflp->fld_dst &&
935 !dn_dev_islocal(dev_out, oldflp->fld_dst)) 935 !dn_dev_islocal(dev, oldflp->fld_dst))
936 continue; 936 continue;
937
938 dev_out = dev;
937 break; 939 break;
938 } 940 }
939 read_unlock(&dev_base_lock); 941 read_unlock(&dev_base_lock);
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index 088888db8b3d..7f95e6e9beeb 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -910,7 +910,7 @@ no_in_dev:
910 */ 910 */
911 read_lock(&dev_base_lock); 911 read_lock(&dev_base_lock);
912 rcu_read_lock(); 912 rcu_read_lock();
913 for (dev = dev_base; dev; dev = dev->next) { 913 for_each_netdev(dev) {
914 if ((in_dev = __in_dev_get_rcu(dev)) == NULL) 914 if ((in_dev = __in_dev_get_rcu(dev)) == NULL)
915 continue; 915 continue;
916 916
@@ -989,7 +989,7 @@ __be32 inet_confirm_addr(const struct net_device *dev, __be32 dst, __be32 local,
989 989
990 read_lock(&dev_base_lock); 990 read_lock(&dev_base_lock);
991 rcu_read_lock(); 991 rcu_read_lock();
992 for (dev = dev_base; dev; dev = dev->next) { 992 for_each_netdev(dev) {
993 if ((in_dev = __in_dev_get_rcu(dev))) { 993 if ((in_dev = __in_dev_get_rcu(dev))) {
994 addr = confirm_addr_indev(in_dev, dst, local, scope); 994 addr = confirm_addr_indev(in_dev, dst, local, scope);
995 if (addr) 995 if (addr)
@@ -1182,23 +1182,26 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1182 int s_ip_idx, s_idx = cb->args[0]; 1182 int s_ip_idx, s_idx = cb->args[0];
1183 1183
1184 s_ip_idx = ip_idx = cb->args[1]; 1184 s_ip_idx = ip_idx = cb->args[1];
1185 for (dev = dev_base, idx = 0; dev; dev = dev->next, idx++) { 1185 idx = 0;
1186 for_each_netdev(dev) {
1186 if (idx < s_idx) 1187 if (idx < s_idx)
1187 continue; 1188 goto cont;
1188 if (idx > s_idx) 1189 if (idx > s_idx)
1189 s_ip_idx = 0; 1190 s_ip_idx = 0;
1190 if ((in_dev = __in_dev_get_rtnl(dev)) == NULL) 1191 if ((in_dev = __in_dev_get_rtnl(dev)) == NULL)
1191 continue; 1192 goto cont;
1192 1193
1193 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa; 1194 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
1194 ifa = ifa->ifa_next, ip_idx++) { 1195 ifa = ifa->ifa_next, ip_idx++) {
1195 if (ip_idx < s_ip_idx) 1196 if (ip_idx < s_ip_idx)
1196 continue; 1197 goto cont;
1197 if (inet_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).pid, 1198 if (inet_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).pid,
1198 cb->nlh->nlmsg_seq, 1199 cb->nlh->nlmsg_seq,
1199 RTM_NEWADDR, NLM_F_MULTI) <= 0) 1200 RTM_NEWADDR, NLM_F_MULTI) <= 0)
1200 goto done; 1201 goto done;
1201 } 1202 }
1203cont:
1204 idx++;
1202 } 1205 }
1203 1206
1204done: 1207done:
@@ -1243,7 +1246,7 @@ void inet_forward_change(void)
1243 ipv4_devconf_dflt.forwarding = on; 1246 ipv4_devconf_dflt.forwarding = on;
1244 1247
1245 read_lock(&dev_base_lock); 1248 read_lock(&dev_base_lock);
1246 for (dev = dev_base; dev; dev = dev->next) { 1249 for_each_netdev(dev) {
1247 struct in_device *in_dev; 1250 struct in_device *in_dev;
1248 rcu_read_lock(); 1251 rcu_read_lock();
1249 in_dev = __in_dev_get_rcu(dev); 1252 in_dev = __in_dev_get_rcu(dev);
diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
index 2506021c2935..f4dd47453108 100644
--- a/net/ipv4/igmp.c
+++ b/net/ipv4/igmp.c
@@ -2288,9 +2288,8 @@ static inline struct ip_mc_list *igmp_mc_get_first(struct seq_file *seq)
2288 struct ip_mc_list *im = NULL; 2288 struct ip_mc_list *im = NULL;
2289 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2289 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq);
2290 2290
2291 for (state->dev = dev_base, state->in_dev = NULL; 2291 state->in_dev = NULL;
2292 state->dev; 2292 for_each_netdev(state->dev) {
2293 state->dev = state->dev->next) {
2294 struct in_device *in_dev; 2293 struct in_device *in_dev;
2295 in_dev = in_dev_get(state->dev); 2294 in_dev = in_dev_get(state->dev);
2296 if (!in_dev) 2295 if (!in_dev)
@@ -2316,7 +2315,7 @@ static struct ip_mc_list *igmp_mc_get_next(struct seq_file *seq, struct ip_mc_li
2316 read_unlock(&state->in_dev->mc_list_lock); 2315 read_unlock(&state->in_dev->mc_list_lock);
2317 in_dev_put(state->in_dev); 2316 in_dev_put(state->in_dev);
2318 } 2317 }
2319 state->dev = state->dev->next; 2318 state->dev = next_net_device(state->dev);
2320 if (!state->dev) { 2319 if (!state->dev) {
2321 state->in_dev = NULL; 2320 state->in_dev = NULL;
2322 break; 2321 break;
@@ -2450,9 +2449,9 @@ static inline struct ip_sf_list *igmp_mcf_get_first(struct seq_file *seq)
2450 struct ip_mc_list *im = NULL; 2449 struct ip_mc_list *im = NULL;
2451 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2450 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq);
2452 2451
2453 for (state->dev = dev_base, state->idev = NULL, state->im = NULL; 2452 state->idev = NULL;
2454 state->dev; 2453 state->im = NULL;
2455 state->dev = state->dev->next) { 2454 for_each_netdev(state->dev) {
2456 struct in_device *idev; 2455 struct in_device *idev;
2457 idev = in_dev_get(state->dev); 2456 idev = in_dev_get(state->dev);
2458 if (unlikely(idev == NULL)) 2457 if (unlikely(idev == NULL))
@@ -2488,7 +2487,7 @@ static struct ip_sf_list *igmp_mcf_get_next(struct seq_file *seq, struct ip_sf_l
2488 read_unlock(&state->idev->mc_list_lock); 2487 read_unlock(&state->idev->mc_list_lock);
2489 in_dev_put(state->idev); 2488 in_dev_put(state->idev);
2490 } 2489 }
2491 state->dev = state->dev->next; 2490 state->dev = next_net_device(state->dev);
2492 if (!state->dev) { 2491 if (!state->dev) {
2493 state->idev = NULL; 2492 state->idev = NULL;
2494 goto out; 2493 goto out;
diff --git a/net/ipv4/ipconfig.c b/net/ipv4/ipconfig.c
index 597c800b2fdc..342ca8d89458 100644
--- a/net/ipv4/ipconfig.c
+++ b/net/ipv4/ipconfig.c
@@ -192,7 +192,7 @@ static int __init ic_open_devs(void)
192 if (dev_change_flags(&loopback_dev, loopback_dev.flags | IFF_UP) < 0) 192 if (dev_change_flags(&loopback_dev, loopback_dev.flags | IFF_UP) < 0)
193 printk(KERN_ERR "IP-Config: Failed to open %s\n", loopback_dev.name); 193 printk(KERN_ERR "IP-Config: Failed to open %s\n", loopback_dev.name);
194 194
195 for (dev = dev_base; dev; dev = dev->next) { 195 for_each_netdev(dev) {
196 if (dev == &loopback_dev) 196 if (dev == &loopback_dev)
197 continue; 197 continue;
198 if (user_dev_name[0] ? !strcmp(dev->name, user_dev_name) : 198 if (user_dev_name[0] ? !strcmp(dev->name, user_dev_name) :
diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c
index e5a34c17d927..c3908bc5a709 100644
--- a/net/ipv4/netfilter/nf_nat_proto_gre.c
+++ b/net/ipv4/netfilter/nf_nat_proto_gre.c
@@ -72,6 +72,11 @@ gre_unique_tuple(struct nf_conntrack_tuple *tuple,
72 __be16 *keyptr; 72 __be16 *keyptr;
73 unsigned int min, i, range_size; 73 unsigned int min, i, range_size;
74 74
75 /* If there is no master conntrack we are not PPTP,
76 do not change tuples */
77 if (!conntrack->master)
78 return 0;
79
75 if (maniptype == IP_NAT_MANIP_SRC) 80 if (maniptype == IP_NAT_MANIP_SRC)
76 keyptr = &tuple->src.u.gre.key; 81 keyptr = &tuple->src.u.gre.key;
77 else 82 else
@@ -122,18 +127,9 @@ gre_manip_pkt(struct sk_buff **pskb, unsigned int iphdroff,
122 if (maniptype != IP_NAT_MANIP_DST) 127 if (maniptype != IP_NAT_MANIP_DST)
123 return 1; 128 return 1;
124 switch (greh->version) { 129 switch (greh->version) {
125 case 0: 130 case GRE_VERSION_1701:
126 if (!greh->key) { 131 /* We do not currently NAT any GREv0 packets.
127 DEBUGP("can't nat GRE w/o key\n"); 132 * Try to behave like "nf_nat_proto_unknown" */
128 break;
129 }
130 if (greh->csum) {
131 /* FIXME: Never tested this code... */
132 nf_proto_csum_replace4(gre_csum(greh), *pskb,
133 *(gre_key(greh)),
134 tuple->dst.u.gre.key, 0);
135 }
136 *(gre_key(greh)) = tuple->dst.u.gre.key;
137 break; 133 break;
138 case GRE_VERSION_PPTP: 134 case GRE_VERSION_PPTP:
139 DEBUGP("call_id -> 0x%04x\n", ntohs(tuple->dst.u.gre.key)); 135 DEBUGP("call_id -> 0x%04x\n", ntohs(tuple->dst.u.gre.key));
diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c
index 2a283397a8b6..2534f718ab92 100644
--- a/net/ipv4/netfilter/nf_nat_rule.c
+++ b/net/ipv4/netfilter/nf_nat_rule.c
@@ -226,10 +226,6 @@ static int ipt_dnat_checkentry(const char *tablename,
226 printk("DNAT: multiple ranges no longer supported\n"); 226 printk("DNAT: multiple ranges no longer supported\n");
227 return 0; 227 return 0;
228 } 228 }
229 if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM) {
230 printk("DNAT: port randomization not supported\n");
231 return 0;
232 }
233 return 1; 229 return 1;
234} 230}
235 231
diff --git a/net/ipv4/netfilter/nf_nat_sip.c b/net/ipv4/netfilter/nf_nat_sip.c
index bfd88e4e0685..fac97cf51ae5 100644
--- a/net/ipv4/netfilter/nf_nat_sip.c
+++ b/net/ipv4/netfilter/nf_nat_sip.c
@@ -222,6 +222,29 @@ static unsigned int mangle_sdp(struct sk_buff **pskb,
222 return mangle_content_len(pskb, ctinfo, ct, dptr); 222 return mangle_content_len(pskb, ctinfo, ct, dptr);
223} 223}
224 224
225static void ip_nat_sdp_expect(struct nf_conn *ct,
226 struct nf_conntrack_expect *exp)
227{
228 struct nf_nat_range range;
229
230 /* This must be a fresh one. */
231 BUG_ON(ct->status & IPS_NAT_DONE_MASK);
232
233 /* Change src to where master sends to */
234 range.flags = IP_NAT_RANGE_MAP_IPS;
235 range.min_ip = range.max_ip
236 = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip;
237 /* hook doesn't matter, but it has to do source manip */
238 nf_nat_setup_info(ct, &range, NF_IP_POST_ROUTING);
239
240 /* For DST manip, map port here to where it's expected. */
241 range.flags = (IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED);
242 range.min = range.max = exp->saved_proto;
243 range.min_ip = range.max_ip = exp->saved_ip;
244 /* hook doesn't matter, but it has to do destination manip */
245 nf_nat_setup_info(ct, &range, NF_IP_PRE_ROUTING);
246}
247
225/* So, this packet has hit the connection tracking matching code. 248/* So, this packet has hit the connection tracking matching code.
226 Mangle it, and change the expectation to match the new version. */ 249 Mangle it, and change the expectation to match the new version. */
227static unsigned int ip_nat_sdp(struct sk_buff **pskb, 250static unsigned int ip_nat_sdp(struct sk_buff **pskb,
@@ -239,13 +262,14 @@ static unsigned int ip_nat_sdp(struct sk_buff **pskb,
239 /* Connection will come from reply */ 262 /* Connection will come from reply */
240 newip = ct->tuplehash[!dir].tuple.dst.u3.ip; 263 newip = ct->tuplehash[!dir].tuple.dst.u3.ip;
241 264
265 exp->saved_ip = exp->tuple.dst.u3.ip;
242 exp->tuple.dst.u3.ip = newip; 266 exp->tuple.dst.u3.ip = newip;
243 exp->saved_proto.udp.port = exp->tuple.dst.u.udp.port; 267 exp->saved_proto.udp.port = exp->tuple.dst.u.udp.port;
244 exp->dir = !dir; 268 exp->dir = !dir;
245 269
246 /* When you see the packet, we need to NAT it the same as the 270 /* When you see the packet, we need to NAT it the same as the
247 this one. */ 271 this one. */
248 exp->expectfn = nf_nat_follow_master; 272 exp->expectfn = ip_nat_sdp_expect;
249 273
250 /* Try to get same port: if not, try to change it. */ 274 /* Try to get same port: if not, try to change it. */
251 for (port = ntohs(exp->saved_proto.udp.port); port != 0; port++) { 275 for (port = ntohs(exp->saved_proto.udp.port); port != 0; port++) {
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index d6e488668171..8b124eafbb90 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1760,8 +1760,7 @@ int tcp_disconnect(struct sock *sk, int flags)
1760 tcp_clear_retrans(tp); 1760 tcp_clear_retrans(tp);
1761 inet_csk_delack_init(sk); 1761 inet_csk_delack_init(sk);
1762 tcp_init_send_head(sk); 1762 tcp_init_send_head(sk);
1763 tp->rx_opt.saw_tstamp = 0; 1763 memset(&tp->rx_opt, 0, sizeof(tp->rx_opt));
1764 tcp_sack_reset(&tp->rx_opt);
1765 __sk_dst_reset(sk); 1764 __sk_dst_reset(sk);
1766 1765
1767 BUG_TRAP(!inet->num || icsk->icsk_bind_hash); 1766 BUG_TRAP(!inet->num || icsk->icsk_bind_hash);
diff --git a/net/ipv4/tcp_highspeed.c b/net/ipv4/tcp_highspeed.c
index a291097fcc0a..43d624e5043c 100644
--- a/net/ipv4/tcp_highspeed.c
+++ b/net/ipv4/tcp_highspeed.c
@@ -97,10 +97,6 @@ struct hstcp {
97 u32 ai; 97 u32 ai;
98}; 98};
99 99
100static int max_ssthresh = 100;
101module_param(max_ssthresh, int, 0644);
102MODULE_PARM_DESC(max_ssthresh, "limited slow start threshold (RFC3742)");
103
104static void hstcp_init(struct sock *sk) 100static void hstcp_init(struct sock *sk)
105{ 101{
106 struct tcp_sock *tp = tcp_sk(sk); 102 struct tcp_sock *tp = tcp_sk(sk);
@@ -122,23 +118,9 @@ static void hstcp_cong_avoid(struct sock *sk, u32 adk, u32 rtt,
122 if (!tcp_is_cwnd_limited(sk, in_flight)) 118 if (!tcp_is_cwnd_limited(sk, in_flight))
123 return; 119 return;
124 120
125 if (tp->snd_cwnd <= tp->snd_ssthresh) { 121 if (tp->snd_cwnd <= tp->snd_ssthresh)
126 /* RFC3742: limited slow start 122 tcp_slow_start(tp);
127 * the window is increased by 1/K MSS for each arriving ACK, 123 else {
128 * for K = int(cwnd/(0.5 max_ssthresh))
129 */
130 if (max_ssthresh > 0 && tp->snd_cwnd > max_ssthresh) {
131 u32 k = max(tp->snd_cwnd / (max_ssthresh >> 1), 1U);
132 if (++tp->snd_cwnd_cnt >= k) {
133 if (tp->snd_cwnd < tp->snd_cwnd_clamp)
134 tp->snd_cwnd++;
135 tp->snd_cwnd_cnt = 0;
136 }
137 } else {
138 if (tp->snd_cwnd < tp->snd_cwnd_clamp)
139 tp->snd_cwnd++;
140 }
141 } else {
142 /* Update AIMD parameters. 124 /* Update AIMD parameters.
143 * 125 *
144 * We want to guarantee that: 126 * We want to guarantee that:
diff --git a/net/ipv4/tcp_yeah.h b/net/ipv4/tcp_yeah.h
deleted file mode 100644
index ed3b7198f23c..000000000000
--- a/net/ipv4/tcp_yeah.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#include <linux/mm.h>
2#include <linux/module.h>
3#include <linux/skbuff.h>
4#include <linux/inet_diag.h>
5#include <asm/div64.h>
6
7#include <net/tcp.h>
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 3452433cbc96..d02685c6bc69 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -449,7 +449,7 @@ static void addrconf_forward_change(void)
449 struct inet6_dev *idev; 449 struct inet6_dev *idev;
450 450
451 read_lock(&dev_base_lock); 451 read_lock(&dev_base_lock);
452 for (dev=dev_base; dev; dev=dev->next) { 452 for_each_netdev(dev) {
453 rcu_read_lock(); 453 rcu_read_lock();
454 idev = __in6_dev_get(dev); 454 idev = __in6_dev_get(dev);
455 if (idev) { 455 if (idev) {
@@ -911,7 +911,7 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev,
911 read_lock(&dev_base_lock); 911 read_lock(&dev_base_lock);
912 rcu_read_lock(); 912 rcu_read_lock();
913 913
914 for (dev = dev_base; dev; dev=dev->next) { 914 for_each_netdev(dev) {
915 struct inet6_dev *idev; 915 struct inet6_dev *idev;
916 struct inet6_ifaddr *ifa; 916 struct inet6_ifaddr *ifa;
917 917
@@ -2064,7 +2064,7 @@ static void sit_add_v4_addrs(struct inet6_dev *idev)
2064 return; 2064 return;
2065 } 2065 }
2066 2066
2067 for (dev = dev_base; dev != NULL; dev = dev->next) { 2067 for_each_netdev(dev) {
2068 struct in_device * in_dev = __in_dev_get_rtnl(dev); 2068 struct in_device * in_dev = __in_dev_get_rtnl(dev);
2069 if (in_dev && (dev->flags & IFF_UP)) { 2069 if (in_dev && (dev->flags & IFF_UP)) {
2070 struct in_ifaddr * ifa; 2070 struct in_ifaddr * ifa;
@@ -2225,7 +2225,7 @@ static void ip6_tnl_add_linklocal(struct inet6_dev *idev)
2225 return; 2225 return;
2226 } 2226 }
2227 /* then try to inherit it from any device */ 2227 /* then try to inherit it from any device */
2228 for (link_dev = dev_base; link_dev; link_dev = link_dev->next) { 2228 for_each_netdev(link_dev) {
2229 if (!ipv6_inherit_linklocal(idev, link_dev)) 2229 if (!ipv6_inherit_linklocal(idev, link_dev))
2230 return; 2230 return;
2231 } 2231 }
@@ -3257,14 +3257,15 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
3257 s_idx = cb->args[0]; 3257 s_idx = cb->args[0];
3258 s_ip_idx = ip_idx = cb->args[1]; 3258 s_ip_idx = ip_idx = cb->args[1];
3259 3259
3260 for (dev = dev_base, idx = 0; dev; dev = dev->next, idx++) { 3260 idx = 0;
3261 for_each_netdev(dev) {
3261 if (idx < s_idx) 3262 if (idx < s_idx)
3262 continue; 3263 goto cont;
3263 if (idx > s_idx) 3264 if (idx > s_idx)
3264 s_ip_idx = 0; 3265 s_ip_idx = 0;
3265 ip_idx = 0; 3266 ip_idx = 0;
3266 if ((idev = in6_dev_get(dev)) == NULL) 3267 if ((idev = in6_dev_get(dev)) == NULL)
3267 continue; 3268 goto cont;
3268 read_lock_bh(&idev->lock); 3269 read_lock_bh(&idev->lock);
3269 switch (type) { 3270 switch (type) {
3270 case UNICAST_ADDR: 3271 case UNICAST_ADDR:
@@ -3311,6 +3312,8 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
3311 } 3312 }
3312 read_unlock_bh(&idev->lock); 3313 read_unlock_bh(&idev->lock);
3313 in6_dev_put(idev); 3314 in6_dev_put(idev);
3315cont:
3316 idx++;
3314 } 3317 }
3315done: 3318done:
3316 if (err <= 0) { 3319 if (err <= 0) {
@@ -3575,16 +3578,19 @@ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
3575 struct inet6_dev *idev; 3578 struct inet6_dev *idev;
3576 3579
3577 read_lock(&dev_base_lock); 3580 read_lock(&dev_base_lock);
3578 for (dev=dev_base, idx=0; dev; dev = dev->next, idx++) { 3581 idx = 0;
3582 for_each_netdev(dev) {
3579 if (idx < s_idx) 3583 if (idx < s_idx)
3580 continue; 3584 goto cont;
3581 if ((idev = in6_dev_get(dev)) == NULL) 3585 if ((idev = in6_dev_get(dev)) == NULL)
3582 continue; 3586 goto cont;
3583 err = inet6_fill_ifinfo(skb, idev, NETLINK_CB(cb->skb).pid, 3587 err = inet6_fill_ifinfo(skb, idev, NETLINK_CB(cb->skb).pid,
3584 cb->nlh->nlmsg_seq, RTM_NEWLINK, NLM_F_MULTI); 3588 cb->nlh->nlmsg_seq, RTM_NEWLINK, NLM_F_MULTI);
3585 in6_dev_put(idev); 3589 in6_dev_put(idev);
3586 if (err <= 0) 3590 if (err <= 0)
3587 break; 3591 break;
3592cont:
3593 idx++;
3588 } 3594 }
3589 read_unlock(&dev_base_lock); 3595 read_unlock(&dev_base_lock);
3590 cb->args[0] = idx; 3596 cb->args[0] = idx;
@@ -4247,7 +4253,7 @@ void __exit addrconf_cleanup(void)
4247 * clean dev list. 4253 * clean dev list.
4248 */ 4254 */
4249 4255
4250 for (dev=dev_base; dev; dev=dev->next) { 4256 for_each_netdev(dev) {
4251 if ((idev = __in6_dev_get(dev)) == NULL) 4257 if ((idev = __in6_dev_get(dev)) == NULL)
4252 continue; 4258 continue;
4253 addrconf_ifdown(dev, 1); 4259 addrconf_ifdown(dev, 1);
diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c
index 09117d63256f..9b81264eb78f 100644
--- a/net/ipv6/anycast.c
+++ b/net/ipv6/anycast.c
@@ -423,14 +423,18 @@ static int ipv6_chk_acast_dev(struct net_device *dev, struct in6_addr *addr)
423 */ 423 */
424int ipv6_chk_acast_addr(struct net_device *dev, struct in6_addr *addr) 424int ipv6_chk_acast_addr(struct net_device *dev, struct in6_addr *addr)
425{ 425{
426 int found = 0;
427
426 if (dev) 428 if (dev)
427 return ipv6_chk_acast_dev(dev, addr); 429 return ipv6_chk_acast_dev(dev, addr);
428 read_lock(&dev_base_lock); 430 read_lock(&dev_base_lock);
429 for (dev=dev_base; dev; dev=dev->next) 431 for_each_netdev(dev)
430 if (ipv6_chk_acast_dev(dev, addr)) 432 if (ipv6_chk_acast_dev(dev, addr)) {
433 found = 1;
431 break; 434 break;
435 }
432 read_unlock(&dev_base_lock); 436 read_unlock(&dev_base_lock);
433 return dev != 0; 437 return found;
434} 438}
435 439
436 440
@@ -447,9 +451,8 @@ static inline struct ifacaddr6 *ac6_get_first(struct seq_file *seq)
447 struct ifacaddr6 *im = NULL; 451 struct ifacaddr6 *im = NULL;
448 struct ac6_iter_state *state = ac6_seq_private(seq); 452 struct ac6_iter_state *state = ac6_seq_private(seq);
449 453
450 for (state->dev = dev_base, state->idev = NULL; 454 state->idev = NULL;
451 state->dev; 455 for_each_netdev(state->dev) {
452 state->dev = state->dev->next) {
453 struct inet6_dev *idev; 456 struct inet6_dev *idev;
454 idev = in6_dev_get(state->dev); 457 idev = in6_dev_get(state->dev);
455 if (!idev) 458 if (!idev)
@@ -476,7 +479,7 @@ static struct ifacaddr6 *ac6_get_next(struct seq_file *seq, struct ifacaddr6 *im
476 read_unlock_bh(&state->idev->lock); 479 read_unlock_bh(&state->idev->lock);
477 in6_dev_put(state->idev); 480 in6_dev_put(state->idev);
478 } 481 }
479 state->dev = state->dev->next; 482 state->dev = next_net_device(state->dev);
480 if (!state->dev) { 483 if (!state->dev) {
481 state->idev = NULL; 484 state->idev = NULL;
482 break; 485 break;
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index 6c2758951d60..3e308fb41b49 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -2331,9 +2331,8 @@ static inline struct ifmcaddr6 *igmp6_mc_get_first(struct seq_file *seq)
2331 struct ifmcaddr6 *im = NULL; 2331 struct ifmcaddr6 *im = NULL;
2332 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2332 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
2333 2333
2334 for (state->dev = dev_base, state->idev = NULL; 2334 state->idev = NULL;
2335 state->dev; 2335 for_each_netdev(state->dev) {
2336 state->dev = state->dev->next) {
2337 struct inet6_dev *idev; 2336 struct inet6_dev *idev;
2338 idev = in6_dev_get(state->dev); 2337 idev = in6_dev_get(state->dev);
2339 if (!idev) 2338 if (!idev)
@@ -2360,7 +2359,7 @@ static struct ifmcaddr6 *igmp6_mc_get_next(struct seq_file *seq, struct ifmcaddr
2360 read_unlock_bh(&state->idev->lock); 2359 read_unlock_bh(&state->idev->lock);
2361 in6_dev_put(state->idev); 2360 in6_dev_put(state->idev);
2362 } 2361 }
2363 state->dev = state->dev->next; 2362 state->dev = next_net_device(state->dev);
2364 if (!state->dev) { 2363 if (!state->dev) {
2365 state->idev = NULL; 2364 state->idev = NULL;
2366 break; 2365 break;
@@ -2475,9 +2474,9 @@ static inline struct ip6_sf_list *igmp6_mcf_get_first(struct seq_file *seq)
2475 struct ifmcaddr6 *im = NULL; 2474 struct ifmcaddr6 *im = NULL;
2476 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 2475 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
2477 2476
2478 for (state->dev = dev_base, state->idev = NULL, state->im = NULL; 2477 state->idev = NULL;
2479 state->dev; 2478 state->im = NULL;
2480 state->dev = state->dev->next) { 2479 for_each_netdev(state->dev) {
2481 struct inet6_dev *idev; 2480 struct inet6_dev *idev;
2482 idev = in6_dev_get(state->dev); 2481 idev = in6_dev_get(state->dev);
2483 if (unlikely(idev == NULL)) 2482 if (unlikely(idev == NULL))
@@ -2513,7 +2512,7 @@ static struct ip6_sf_list *igmp6_mcf_get_next(struct seq_file *seq, struct ip6_s
2513 read_unlock_bh(&state->idev->lock); 2512 read_unlock_bh(&state->idev->lock);
2514 in6_dev_put(state->idev); 2513 in6_dev_put(state->idev);
2515 } 2514 }
2516 state->dev = state->dev->next; 2515 state->dev = next_net_device(state->dev);
2517 if (!state->dev) { 2516 if (!state->dev) {
2518 state->idev = NULL; 2517 state->idev = NULL;
2519 goto out; 2518 goto out;
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
index e84c924a81ee..d9e9ddb8eac5 100644
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -45,7 +45,8 @@ static struct proto iucv_proto = {
45static void iucv_callback_rx(struct iucv_path *, struct iucv_message *); 45static void iucv_callback_rx(struct iucv_path *, struct iucv_message *);
46static void iucv_callback_txdone(struct iucv_path *, struct iucv_message *); 46static void iucv_callback_txdone(struct iucv_path *, struct iucv_message *);
47static void iucv_callback_connack(struct iucv_path *, u8 ipuser[16]); 47static void iucv_callback_connack(struct iucv_path *, u8 ipuser[16]);
48static int iucv_callback_connreq(struct iucv_path *, u8 ipvmid[8], u8 ipuser[16]); 48static int iucv_callback_connreq(struct iucv_path *, u8 ipvmid[8],
49 u8 ipuser[16]);
49static void iucv_callback_connrej(struct iucv_path *, u8 ipuser[16]); 50static void iucv_callback_connrej(struct iucv_path *, u8 ipuser[16]);
50 51
51static struct iucv_sock_list iucv_sk_list = { 52static struct iucv_sock_list iucv_sk_list = {
@@ -147,11 +148,12 @@ static void iucv_sock_close(struct sock *sk)
147 unsigned char user_data[16]; 148 unsigned char user_data[16];
148 struct iucv_sock *iucv = iucv_sk(sk); 149 struct iucv_sock *iucv = iucv_sk(sk);
149 int err; 150 int err;
151 unsigned long timeo;
150 152
151 iucv_sock_clear_timer(sk); 153 iucv_sock_clear_timer(sk);
152 lock_sock(sk); 154 lock_sock(sk);
153 155
154 switch(sk->sk_state) { 156 switch (sk->sk_state) {
155 case IUCV_LISTEN: 157 case IUCV_LISTEN:
156 iucv_sock_cleanup_listen(sk); 158 iucv_sock_cleanup_listen(sk);
157 break; 159 break;
@@ -159,6 +161,21 @@ static void iucv_sock_close(struct sock *sk)
159 case IUCV_CONNECTED: 161 case IUCV_CONNECTED:
160 case IUCV_DISCONN: 162 case IUCV_DISCONN:
161 err = 0; 163 err = 0;
164
165 sk->sk_state = IUCV_CLOSING;
166 sk->sk_state_change(sk);
167
168 if (!skb_queue_empty(&iucv->send_skb_q)) {
169 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime)
170 timeo = sk->sk_lingertime;
171 else
172 timeo = IUCV_DISCONN_TIMEOUT;
173 err = iucv_sock_wait_state(sk, IUCV_CLOSED, 0, timeo);
174 }
175
176 sk->sk_state = IUCV_CLOSED;
177 sk->sk_state_change(sk);
178
162 if (iucv->path) { 179 if (iucv->path) {
163 low_nmcpy(user_data, iucv->src_name); 180 low_nmcpy(user_data, iucv->src_name);
164 high_nmcpy(user_data, iucv->dst_name); 181 high_nmcpy(user_data, iucv->dst_name);
@@ -168,12 +185,11 @@ static void iucv_sock_close(struct sock *sk)
168 iucv->path = NULL; 185 iucv->path = NULL;
169 } 186 }
170 187
171 sk->sk_state = IUCV_CLOSED;
172 sk->sk_state_change(sk);
173 sk->sk_err = ECONNRESET; 188 sk->sk_err = ECONNRESET;
174 sk->sk_state_change(sk); 189 sk->sk_state_change(sk);
175 190
176 skb_queue_purge(&iucv->send_skb_q); 191 skb_queue_purge(&iucv->send_skb_q);
192 skb_queue_purge(&iucv->backlog_skb_q);
177 193
178 sock_set_flag(sk, SOCK_ZAPPED); 194 sock_set_flag(sk, SOCK_ZAPPED);
179 break; 195 break;
@@ -204,6 +220,7 @@ static struct sock *iucv_sock_alloc(struct socket *sock, int proto, gfp_t prio)
204 sock_init_data(sock, sk); 220 sock_init_data(sock, sk);
205 INIT_LIST_HEAD(&iucv_sk(sk)->accept_q); 221 INIT_LIST_HEAD(&iucv_sk(sk)->accept_q);
206 skb_queue_head_init(&iucv_sk(sk)->send_skb_q); 222 skb_queue_head_init(&iucv_sk(sk)->send_skb_q);
223 skb_queue_head_init(&iucv_sk(sk)->backlog_skb_q);
207 iucv_sk(sk)->send_tag = 0; 224 iucv_sk(sk)->send_tag = 0;
208 225
209 sk->sk_destruct = iucv_sock_destruct; 226 sk->sk_destruct = iucv_sock_destruct;
@@ -276,7 +293,7 @@ struct sock *iucv_accept_dequeue(struct sock *parent, struct socket *newsock)
276 struct iucv_sock *isk, *n; 293 struct iucv_sock *isk, *n;
277 struct sock *sk; 294 struct sock *sk;
278 295
279 list_for_each_entry_safe(isk, n, &iucv_sk(parent)->accept_q, accept_q){ 296 list_for_each_entry_safe(isk, n, &iucv_sk(parent)->accept_q, accept_q) {
280 sk = (struct sock *) isk; 297 sk = (struct sock *) isk;
281 lock_sock(sk); 298 lock_sock(sk);
282 299
@@ -510,7 +527,7 @@ static int iucv_sock_accept(struct socket *sock, struct socket *newsock,
510 long timeo; 527 long timeo;
511 int err = 0; 528 int err = 0;
512 529
513 lock_sock(sk); 530 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
514 531
515 if (sk->sk_state != IUCV_LISTEN) { 532 if (sk->sk_state != IUCV_LISTEN) {
516 err = -EBADFD; 533 err = -EBADFD;
@@ -521,7 +538,7 @@ static int iucv_sock_accept(struct socket *sock, struct socket *newsock,
521 538
522 /* Wait for an incoming connection */ 539 /* Wait for an incoming connection */
523 add_wait_queue_exclusive(sk->sk_sleep, &wait); 540 add_wait_queue_exclusive(sk->sk_sleep, &wait);
524 while (!(nsk = iucv_accept_dequeue(sk, newsock))){ 541 while (!(nsk = iucv_accept_dequeue(sk, newsock))) {
525 set_current_state(TASK_INTERRUPTIBLE); 542 set_current_state(TASK_INTERRUPTIBLE);
526 if (!timeo) { 543 if (!timeo) {
527 err = -EAGAIN; 544 err = -EAGAIN;
@@ -530,7 +547,7 @@ static int iucv_sock_accept(struct socket *sock, struct socket *newsock,
530 547
531 release_sock(sk); 548 release_sock(sk);
532 timeo = schedule_timeout(timeo); 549 timeo = schedule_timeout(timeo);
533 lock_sock(sk); 550 lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
534 551
535 if (sk->sk_state != IUCV_LISTEN) { 552 if (sk->sk_state != IUCV_LISTEN) {
536 err = -EBADFD; 553 err = -EBADFD;
@@ -602,13 +619,13 @@ static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
602 goto out; 619 goto out;
603 } 620 }
604 621
605 if (sk->sk_state == IUCV_CONNECTED){ 622 if (sk->sk_state == IUCV_CONNECTED) {
606 if(!(skb = sock_alloc_send_skb(sk, len, 623 if (!(skb = sock_alloc_send_skb(sk, len,
607 msg->msg_flags & MSG_DONTWAIT, 624 msg->msg_flags & MSG_DONTWAIT,
608 &err))) 625 &err)))
609 return err; 626 goto out;
610 627
611 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)){ 628 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
612 err = -EFAULT; 629 err = -EFAULT;
613 goto fail; 630 goto fail;
614 } 631 }
@@ -647,10 +664,16 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
647{ 664{
648 int noblock = flags & MSG_DONTWAIT; 665 int noblock = flags & MSG_DONTWAIT;
649 struct sock *sk = sock->sk; 666 struct sock *sk = sock->sk;
667 struct iucv_sock *iucv = iucv_sk(sk);
650 int target, copied = 0; 668 int target, copied = 0;
651 struct sk_buff *skb; 669 struct sk_buff *skb, *rskb, *cskb;
652 int err = 0; 670 int err = 0;
653 671
672 if ((sk->sk_state == IUCV_DISCONN || sk->sk_state == IUCV_SEVERED) &&
673 skb_queue_empty(&iucv->backlog_skb_q) &&
674 skb_queue_empty(&sk->sk_receive_queue))
675 return 0;
676
654 if (flags & (MSG_OOB)) 677 if (flags & (MSG_OOB))
655 return -EOPNOTSUPP; 678 return -EOPNOTSUPP;
656 679
@@ -665,10 +688,12 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
665 688
666 copied = min_t(unsigned int, skb->len, len); 689 copied = min_t(unsigned int, skb->len, len);
667 690
668 if (memcpy_toiovec(msg->msg_iov, skb->data, copied)) { 691 cskb = skb;
692 if (memcpy_toiovec(msg->msg_iov, cskb->data, copied)) {
669 skb_queue_head(&sk->sk_receive_queue, skb); 693 skb_queue_head(&sk->sk_receive_queue, skb);
670 if (copied == 0) 694 if (copied == 0)
671 return -EFAULT; 695 return -EFAULT;
696 goto done;
672 } 697 }
673 698
674 len -= copied; 699 len -= copied;
@@ -683,6 +708,18 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
683 } 708 }
684 709
685 kfree_skb(skb); 710 kfree_skb(skb);
711
712 /* Queue backlog skbs */
713 rskb = skb_dequeue(&iucv_sk(sk)->backlog_skb_q);
714 while (rskb) {
715 if (sock_queue_rcv_skb(sk, rskb)) {
716 skb_queue_head(&iucv_sk(sk)->backlog_skb_q,
717 rskb);
718 break;
719 } else {
720 rskb = skb_dequeue(&iucv_sk(sk)->backlog_skb_q);
721 }
722 }
686 } else 723 } else
687 skb_queue_head(&sk->sk_receive_queue, skb); 724 skb_queue_head(&sk->sk_receive_queue, skb);
688 725
@@ -695,7 +732,7 @@ static inline unsigned int iucv_accept_poll(struct sock *parent)
695 struct iucv_sock *isk, *n; 732 struct iucv_sock *isk, *n;
696 struct sock *sk; 733 struct sock *sk;
697 734
698 list_for_each_entry_safe(isk, n, &iucv_sk(parent)->accept_q, accept_q){ 735 list_for_each_entry_safe(isk, n, &iucv_sk(parent)->accept_q, accept_q) {
699 sk = (struct sock *) isk; 736 sk = (struct sock *) isk;
700 737
701 if (sk->sk_state == IUCV_CONNECTED) 738 if (sk->sk_state == IUCV_CONNECTED)
@@ -726,12 +763,15 @@ unsigned int iucv_sock_poll(struct file *file, struct socket *sock,
726 mask |= POLLHUP; 763 mask |= POLLHUP;
727 764
728 if (!skb_queue_empty(&sk->sk_receive_queue) || 765 if (!skb_queue_empty(&sk->sk_receive_queue) ||
729 (sk->sk_shutdown & RCV_SHUTDOWN)) 766 (sk->sk_shutdown & RCV_SHUTDOWN))
730 mask |= POLLIN | POLLRDNORM; 767 mask |= POLLIN | POLLRDNORM;
731 768
732 if (sk->sk_state == IUCV_CLOSED) 769 if (sk->sk_state == IUCV_CLOSED)
733 mask |= POLLHUP; 770 mask |= POLLHUP;
734 771
772 if (sk->sk_state == IUCV_DISCONN || sk->sk_state == IUCV_SEVERED)
773 mask |= POLLIN;
774
735 if (sock_writeable(sk)) 775 if (sock_writeable(sk))
736 mask |= POLLOUT | POLLWRNORM | POLLWRBAND; 776 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
737 else 777 else
@@ -754,7 +794,7 @@ static int iucv_sock_shutdown(struct socket *sock, int how)
754 return -EINVAL; 794 return -EINVAL;
755 795
756 lock_sock(sk); 796 lock_sock(sk);
757 switch(sk->sk_state) { 797 switch (sk->sk_state) {
758 case IUCV_CLOSED: 798 case IUCV_CLOSED:
759 err = -ENOTCONN; 799 err = -ENOTCONN;
760 goto fail; 800 goto fail;
@@ -770,7 +810,7 @@ static int iucv_sock_shutdown(struct socket *sock, int how)
770 err = iucv_message_send(iucv->path, &txmsg, IUCV_IPRMDATA, 0, 810 err = iucv_message_send(iucv->path, &txmsg, IUCV_IPRMDATA, 0,
771 (void *) prmmsg, 8); 811 (void *) prmmsg, 8);
772 if (err) { 812 if (err) {
773 switch(err) { 813 switch (err) {
774 case 1: 814 case 1:
775 err = -ENOTCONN; 815 err = -ENOTCONN;
776 break; 816 break;
@@ -817,13 +857,6 @@ static int iucv_sock_release(struct socket *sock)
817 iucv_sk(sk)->path = NULL; 857 iucv_sk(sk)->path = NULL;
818 } 858 }
819 859
820 if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime){
821 lock_sock(sk);
822 err = iucv_sock_wait_state(sk, IUCV_CLOSED, 0,
823 sk->sk_lingertime);
824 release_sock(sk);
825 }
826
827 sock_orphan(sk); 860 sock_orphan(sk);
828 iucv_sock_kill(sk); 861 iucv_sock_kill(sk);
829 return err; 862 return err;
@@ -880,7 +913,7 @@ static int iucv_callback_connreq(struct iucv_path *path,
880 913
881 /* Create the new socket */ 914 /* Create the new socket */
882 nsk = iucv_sock_alloc(NULL, SOCK_STREAM, GFP_ATOMIC); 915 nsk = iucv_sock_alloc(NULL, SOCK_STREAM, GFP_ATOMIC);
883 if (!nsk){ 916 if (!nsk) {
884 err = iucv_path_sever(path, user_data); 917 err = iucv_path_sever(path, user_data);
885 goto fail; 918 goto fail;
886 } 919 }
@@ -903,7 +936,7 @@ static int iucv_callback_connreq(struct iucv_path *path,
903 936
904 path->msglim = IUCV_QUEUELEN_DEFAULT; 937 path->msglim = IUCV_QUEUELEN_DEFAULT;
905 err = iucv_path_accept(path, &af_iucv_handler, nuser_data, nsk); 938 err = iucv_path_accept(path, &af_iucv_handler, nuser_data, nsk);
906 if (err){ 939 if (err) {
907 err = iucv_path_sever(path, user_data); 940 err = iucv_path_sever(path, user_data);
908 goto fail; 941 goto fail;
909 } 942 }
@@ -927,18 +960,53 @@ static void iucv_callback_connack(struct iucv_path *path, u8 ipuser[16])
927 sk->sk_state_change(sk); 960 sk->sk_state_change(sk);
928} 961}
929 962
963static int iucv_fragment_skb(struct sock *sk, struct sk_buff *skb, int len,
964 struct sk_buff_head *fragmented_skb_q)
965{
966 int dataleft, size, copied = 0;
967 struct sk_buff *nskb;
968
969 dataleft = len;
970 while (dataleft) {
971 if (dataleft >= sk->sk_rcvbuf / 4)
972 size = sk->sk_rcvbuf / 4;
973 else
974 size = dataleft;
975
976 nskb = alloc_skb(size, GFP_ATOMIC | GFP_DMA);
977 if (!nskb)
978 return -ENOMEM;
979
980 memcpy(nskb->data, skb->data + copied, size);
981 copied += size;
982 dataleft -= size;
983
984 skb_reset_transport_header(nskb);
985 skb_reset_network_header(nskb);
986 nskb->len = size;
987
988 skb_queue_tail(fragmented_skb_q, nskb);
989 }
990
991 return 0;
992}
993
930static void iucv_callback_rx(struct iucv_path *path, struct iucv_message *msg) 994static void iucv_callback_rx(struct iucv_path *path, struct iucv_message *msg)
931{ 995{
932 struct sock *sk = path->private; 996 struct sock *sk = path->private;
933 struct sk_buff *skb; 997 struct iucv_sock *iucv = iucv_sk(sk);
998 struct sk_buff *skb, *fskb;
999 struct sk_buff_head fragmented_skb_q;
934 int rc; 1000 int rc;
935 1001
1002 skb_queue_head_init(&fragmented_skb_q);
1003
936 if (sk->sk_shutdown & RCV_SHUTDOWN) 1004 if (sk->sk_shutdown & RCV_SHUTDOWN)
937 return; 1005 return;
938 1006
939 skb = alloc_skb(msg->length, GFP_ATOMIC | GFP_DMA); 1007 skb = alloc_skb(msg->length, GFP_ATOMIC | GFP_DMA);
940 if (!skb) { 1008 if (!skb) {
941 iucv_message_reject(path, msg); 1009 iucv_path_sever(path, NULL);
942 return; 1010 return;
943 } 1011 }
944 1012
@@ -952,14 +1020,39 @@ static void iucv_callback_rx(struct iucv_path *path, struct iucv_message *msg)
952 kfree_skb(skb); 1020 kfree_skb(skb);
953 return; 1021 return;
954 } 1022 }
1023 if (skb->truesize >= sk->sk_rcvbuf / 4) {
1024 rc = iucv_fragment_skb(sk, skb, msg->length,
1025 &fragmented_skb_q);
1026 kfree_skb(skb);
1027 skb = NULL;
1028 if (rc) {
1029 iucv_path_sever(path, NULL);
1030 return;
1031 }
1032 } else {
1033 skb_reset_transport_header(skb);
1034 skb_reset_network_header(skb);
1035 skb->len = msg->length;
1036 }
1037 }
1038 /* Queue the fragmented skb */
1039 fskb = skb_dequeue(&fragmented_skb_q);
1040 while (fskb) {
1041 if (!skb_queue_empty(&iucv->backlog_skb_q))
1042 skb_queue_tail(&iucv->backlog_skb_q, fskb);
1043 else if (sock_queue_rcv_skb(sk, fskb))
1044 skb_queue_tail(&iucv_sk(sk)->backlog_skb_q, fskb);
1045 fskb = skb_dequeue(&fragmented_skb_q);
1046 }
955 1047
956 skb_reset_transport_header(skb); 1048 /* Queue the original skb if it exists (was not fragmented) */
957 skb_reset_network_header(skb); 1049 if (skb) {
958 skb->len = msg->length; 1050 if (!skb_queue_empty(&iucv->backlog_skb_q))
1051 skb_queue_tail(&iucv_sk(sk)->backlog_skb_q, skb);
1052 else if (sock_queue_rcv_skb(sk, skb))
1053 skb_queue_tail(&iucv_sk(sk)->backlog_skb_q, skb);
959 } 1054 }
960 1055
961 if (sock_queue_rcv_skb(sk, skb))
962 kfree_skb(skb);
963} 1056}
964 1057
965static void iucv_callback_txdone(struct iucv_path *path, 1058static void iucv_callback_txdone(struct iucv_path *path,
@@ -971,17 +1064,27 @@ static void iucv_callback_txdone(struct iucv_path *path,
971 struct sk_buff *list_skb = list->next; 1064 struct sk_buff *list_skb = list->next;
972 unsigned long flags; 1065 unsigned long flags;
973 1066
974 spin_lock_irqsave(&list->lock, flags); 1067 if (list_skb) {
1068 spin_lock_irqsave(&list->lock, flags);
1069
1070 do {
1071 this = list_skb;
1072 list_skb = list_skb->next;
1073 } while (memcmp(&msg->tag, this->cb, 4) && list_skb);
1074
1075 spin_unlock_irqrestore(&list->lock, flags);
975 1076
976 do { 1077 skb_unlink(this, &iucv_sk(sk)->send_skb_q);
977 this = list_skb; 1078 kfree_skb(this);
978 list_skb = list_skb->next; 1079 }
979 } while (memcmp(&msg->tag, this->cb, 4));
980 1080
981 spin_unlock_irqrestore(&list->lock, flags); 1081 if (sk->sk_state == IUCV_CLOSING) {
1082 if (skb_queue_empty(&iucv_sk(sk)->send_skb_q)) {
1083 sk->sk_state = IUCV_CLOSED;
1084 sk->sk_state_change(sk);
1085 }
1086 }
982 1087
983 skb_unlink(this, &iucv_sk(sk)->send_skb_q);
984 kfree_skb(this);
985} 1088}
986 1089
987static void iucv_callback_connrej(struct iucv_path *path, u8 ipuser[16]) 1090static void iucv_callback_connrej(struct iucv_path *path, u8 ipuser[16])
@@ -1022,7 +1125,7 @@ static struct net_proto_family iucv_sock_family_ops = {
1022 .create = iucv_sock_create, 1125 .create = iucv_sock_create,
1023}; 1126};
1024 1127
1025static int afiucv_init(void) 1128static int __init afiucv_init(void)
1026{ 1129{
1027 int err; 1130 int err;
1028 1131
diff --git a/net/iucv/iucv.c b/net/iucv/iucv.c
index 903bdb6eaaa1..fb3faf72e850 100644
--- a/net/iucv/iucv.c
+++ b/net/iucv/iucv.c
@@ -32,7 +32,6 @@
32 32
33#include <linux/module.h> 33#include <linux/module.h>
34#include <linux/moduleparam.h> 34#include <linux/moduleparam.h>
35
36#include <linux/spinlock.h> 35#include <linux/spinlock.h>
37#include <linux/kernel.h> 36#include <linux/kernel.h>
38#include <linux/slab.h> 37#include <linux/slab.h>
@@ -69,7 +68,7 @@
69#define IUCV_IPNORPY 0x10 68#define IUCV_IPNORPY 0x10
70#define IUCV_IPALL 0x80 69#define IUCV_IPALL 0x80
71 70
72static int iucv_bus_match (struct device *dev, struct device_driver *drv) 71static int iucv_bus_match(struct device *dev, struct device_driver *drv)
73{ 72{
74 return 0; 73 return 0;
75} 74}
@@ -78,8 +77,11 @@ struct bus_type iucv_bus = {
78 .name = "iucv", 77 .name = "iucv",
79 .match = iucv_bus_match, 78 .match = iucv_bus_match,
80}; 79};
80EXPORT_SYMBOL(iucv_bus);
81 81
82struct device *iucv_root; 82struct device *iucv_root;
83EXPORT_SYMBOL(iucv_root);
84
83static int iucv_available; 85static int iucv_available;
84 86
85/* General IUCV interrupt structure */ 87/* General IUCV interrupt structure */
@@ -405,7 +407,7 @@ static void iucv_declare_cpu(void *data)
405 rc = iucv_call_b2f0(IUCV_DECLARE_BUFFER, parm); 407 rc = iucv_call_b2f0(IUCV_DECLARE_BUFFER, parm);
406 if (rc) { 408 if (rc) {
407 char *err = "Unknown"; 409 char *err = "Unknown";
408 switch(rc) { 410 switch (rc) {
409 case 0x03: 411 case 0x03:
410 err = "Directory error"; 412 err = "Directory error";
411 break; 413 break;
@@ -588,7 +590,7 @@ static int __cpuinit iucv_cpu_notify(struct notifier_block *self,
588 return NOTIFY_OK; 590 return NOTIFY_OK;
589} 591}
590 592
591static struct notifier_block iucv_cpu_notifier = { 593static struct notifier_block __cpuinitdata iucv_cpu_notifier = {
592 .notifier_call = iucv_cpu_notify, 594 .notifier_call = iucv_cpu_notify,
593}; 595};
594 596
@@ -691,6 +693,7 @@ out_mutex:
691 mutex_unlock(&iucv_register_mutex); 693 mutex_unlock(&iucv_register_mutex);
692 return rc; 694 return rc;
693} 695}
696EXPORT_SYMBOL(iucv_register);
694 697
695/** 698/**
696 * iucv_unregister 699 * iucv_unregister
@@ -723,6 +726,7 @@ void iucv_unregister(struct iucv_handler *handler, int smp)
723 iucv_setmask_mp(); 726 iucv_setmask_mp();
724 mutex_unlock(&iucv_register_mutex); 727 mutex_unlock(&iucv_register_mutex);
725} 728}
729EXPORT_SYMBOL(iucv_unregister);
726 730
727/** 731/**
728 * iucv_path_accept 732 * iucv_path_accept
@@ -761,6 +765,7 @@ int iucv_path_accept(struct iucv_path *path, struct iucv_handler *handler,
761 local_bh_enable(); 765 local_bh_enable();
762 return rc; 766 return rc;
763} 767}
768EXPORT_SYMBOL(iucv_path_accept);
764 769
765/** 770/**
766 * iucv_path_connect 771 * iucv_path_connect
@@ -824,6 +829,7 @@ int iucv_path_connect(struct iucv_path *path, struct iucv_handler *handler,
824 spin_unlock_bh(&iucv_table_lock); 829 spin_unlock_bh(&iucv_table_lock);
825 return rc; 830 return rc;
826} 831}
832EXPORT_SYMBOL(iucv_path_connect);
827 833
828/** 834/**
829 * iucv_path_quiesce: 835 * iucv_path_quiesce:
@@ -850,6 +856,7 @@ int iucv_path_quiesce(struct iucv_path *path, u8 userdata[16])
850 local_bh_enable(); 856 local_bh_enable();
851 return rc; 857 return rc;
852} 858}
859EXPORT_SYMBOL(iucv_path_quiesce);
853 860
854/** 861/**
855 * iucv_path_resume: 862 * iucv_path_resume:
@@ -890,7 +897,6 @@ int iucv_path_sever(struct iucv_path *path, u8 userdata[16])
890{ 897{
891 int rc; 898 int rc;
892 899
893
894 preempt_disable(); 900 preempt_disable();
895 if (iucv_active_cpu != smp_processor_id()) 901 if (iucv_active_cpu != smp_processor_id())
896 spin_lock_bh(&iucv_table_lock); 902 spin_lock_bh(&iucv_table_lock);
@@ -904,6 +910,7 @@ int iucv_path_sever(struct iucv_path *path, u8 userdata[16])
904 preempt_enable(); 910 preempt_enable();
905 return rc; 911 return rc;
906} 912}
913EXPORT_SYMBOL(iucv_path_sever);
907 914
908/** 915/**
909 * iucv_message_purge 916 * iucv_message_purge
@@ -936,6 +943,7 @@ int iucv_message_purge(struct iucv_path *path, struct iucv_message *msg,
936 local_bh_enable(); 943 local_bh_enable();
937 return rc; 944 return rc;
938} 945}
946EXPORT_SYMBOL(iucv_message_purge);
939 947
940/** 948/**
941 * iucv_message_receive 949 * iucv_message_receive
@@ -1006,6 +1014,7 @@ int iucv_message_receive(struct iucv_path *path, struct iucv_message *msg,
1006 local_bh_enable(); 1014 local_bh_enable();
1007 return rc; 1015 return rc;
1008} 1016}
1017EXPORT_SYMBOL(iucv_message_receive);
1009 1018
1010/** 1019/**
1011 * iucv_message_reject 1020 * iucv_message_reject
@@ -1034,6 +1043,7 @@ int iucv_message_reject(struct iucv_path *path, struct iucv_message *msg)
1034 local_bh_enable(); 1043 local_bh_enable();
1035 return rc; 1044 return rc;
1036} 1045}
1046EXPORT_SYMBOL(iucv_message_reject);
1037 1047
1038/** 1048/**
1039 * iucv_message_reply 1049 * iucv_message_reply
@@ -1077,6 +1087,7 @@ int iucv_message_reply(struct iucv_path *path, struct iucv_message *msg,
1077 local_bh_enable(); 1087 local_bh_enable();
1078 return rc; 1088 return rc;
1079} 1089}
1090EXPORT_SYMBOL(iucv_message_reply);
1080 1091
1081/** 1092/**
1082 * iucv_message_send 1093 * iucv_message_send
@@ -1125,6 +1136,7 @@ int iucv_message_send(struct iucv_path *path, struct iucv_message *msg,
1125 local_bh_enable(); 1136 local_bh_enable();
1126 return rc; 1137 return rc;
1127} 1138}
1139EXPORT_SYMBOL(iucv_message_send);
1128 1140
1129/** 1141/**
1130 * iucv_message_send2way 1142 * iucv_message_send2way
@@ -1181,6 +1193,7 @@ int iucv_message_send2way(struct iucv_path *path, struct iucv_message *msg,
1181 local_bh_enable(); 1193 local_bh_enable();
1182 return rc; 1194 return rc;
1183} 1195}
1196EXPORT_SYMBOL(iucv_message_send2way);
1184 1197
1185/** 1198/**
1186 * iucv_path_pending 1199 * iucv_path_pending
@@ -1572,7 +1585,7 @@ static void iucv_external_interrupt(u16 code)
1572 * 1585 *
1573 * Allocates and initializes various data structures. 1586 * Allocates and initializes various data structures.
1574 */ 1587 */
1575static int iucv_init(void) 1588static int __init iucv_init(void)
1576{ 1589{
1577 int rc; 1590 int rc;
1578 1591
@@ -1583,7 +1596,7 @@ static int iucv_init(void)
1583 rc = iucv_query_maxconn(); 1596 rc = iucv_query_maxconn();
1584 if (rc) 1597 if (rc)
1585 goto out; 1598 goto out;
1586 rc = register_external_interrupt (0x4000, iucv_external_interrupt); 1599 rc = register_external_interrupt(0x4000, iucv_external_interrupt);
1587 if (rc) 1600 if (rc)
1588 goto out; 1601 goto out;
1589 rc = bus_register(&iucv_bus); 1602 rc = bus_register(&iucv_bus);
@@ -1594,7 +1607,7 @@ static int iucv_init(void)
1594 rc = PTR_ERR(iucv_root); 1607 rc = PTR_ERR(iucv_root);
1595 goto out_bus; 1608 goto out_bus;
1596 } 1609 }
1597 /* Note: GFP_DMA used used to get memory below 2G */ 1610 /* Note: GFP_DMA used to get memory below 2G */
1598 iucv_irq_data = percpu_alloc(sizeof(struct iucv_irq_data), 1611 iucv_irq_data = percpu_alloc(sizeof(struct iucv_irq_data),
1599 GFP_KERNEL|GFP_DMA); 1612 GFP_KERNEL|GFP_DMA);
1600 if (!iucv_irq_data) { 1613 if (!iucv_irq_data) {
@@ -1632,7 +1645,7 @@ out:
1632 * 1645 *
1633 * Frees everything allocated from iucv_init. 1646 * Frees everything allocated from iucv_init.
1634 */ 1647 */
1635static void iucv_exit(void) 1648static void __exit iucv_exit(void)
1636{ 1649{
1637 struct iucv_irq_list *p, *n; 1650 struct iucv_irq_list *p, *n;
1638 1651
@@ -1653,24 +1666,6 @@ static void iucv_exit(void)
1653subsys_initcall(iucv_init); 1666subsys_initcall(iucv_init);
1654module_exit(iucv_exit); 1667module_exit(iucv_exit);
1655 1668
1656/**
1657 * Export all public stuff
1658 */
1659EXPORT_SYMBOL (iucv_bus);
1660EXPORT_SYMBOL (iucv_root);
1661EXPORT_SYMBOL (iucv_register);
1662EXPORT_SYMBOL (iucv_unregister);
1663EXPORT_SYMBOL (iucv_path_accept);
1664EXPORT_SYMBOL (iucv_path_connect);
1665EXPORT_SYMBOL (iucv_path_quiesce);
1666EXPORT_SYMBOL (iucv_path_sever);
1667EXPORT_SYMBOL (iucv_message_purge);
1668EXPORT_SYMBOL (iucv_message_receive);
1669EXPORT_SYMBOL (iucv_message_reject);
1670EXPORT_SYMBOL (iucv_message_reply);
1671EXPORT_SYMBOL (iucv_message_send);
1672EXPORT_SYMBOL (iucv_message_send2way);
1673
1674MODULE_AUTHOR("(C) 2001 IBM Corp. by Fritz Elfert (felfert@millenux.com)"); 1669MODULE_AUTHOR("(C) 2001 IBM Corp. by Fritz Elfert (felfert@millenux.com)");
1675MODULE_DESCRIPTION("Linux for S/390 IUCV lowlevel driver"); 1670MODULE_DESCRIPTION("Linux for S/390 IUCV lowlevel driver");
1676MODULE_LICENSE("GPL"); 1671MODULE_LICENSE("GPL");
diff --git a/net/llc/llc_core.c b/net/llc/llc_core.c
index d12413cff5bd..d4b13a031fd5 100644
--- a/net/llc/llc_core.c
+++ b/net/llc/llc_core.c
@@ -160,8 +160,14 @@ static struct packet_type llc_tr_packet_type = {
160 160
161static int __init llc_init(void) 161static int __init llc_init(void)
162{ 162{
163 if (dev_base->next) 163 struct net_device *dev;
164 memcpy(llc_station_mac_sa, dev_base->next->dev_addr, ETH_ALEN); 164
165 dev = first_net_device();
166 if (dev != NULL)
167 dev = next_net_device(dev);
168
169 if (dev != NULL)
170 memcpy(llc_station_mac_sa, dev->dev_addr, ETH_ALEN);
165 else 171 else
166 memset(llc_station_mac_sa, 0, ETH_ALEN); 172 memset(llc_station_mac_sa, 0, ETH_ALEN);
167 dev_add_pack(&llc_packet_type); 173 dev_add_pack(&llc_packet_type);
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
new file mode 100644
index 000000000000..6fffb3845ab6
--- /dev/null
+++ b/net/mac80211/Kconfig
@@ -0,0 +1,78 @@
1config MAC80211
2 tristate "Generic IEEE 802.11 Networking Stack (mac80211)"
3 depends on EXPERIMENTAL
4 select CRYPTO
5 select CRYPTO_ECB
6 select CRYPTO_ARC4
7 select CRYPTO_AES
8 select CRC32
9 select WIRELESS_EXT
10 select CFG80211
11 select NET_SCH_FIFO
12 ---help---
13 This option enables the hardware independent IEEE 802.11
14 networking stack.
15
16config MAC80211_LEDS
17 bool "Enable LED triggers"
18 depends on MAC80211 && LEDS_TRIGGERS
19 ---help---
20 This option enables a few LED triggers for different
21 packet receive/transmit events.
22
23config MAC80211_DEBUGFS
24 bool "Export mac80211 internals in DebugFS"
25 depends on MAC80211 && DEBUG_FS
26 ---help---
27 Select this to see extensive information about
28 the internal state of mac80211 in debugfs.
29
30 Say N unless you know you need this.
31
32config MAC80211_DEBUG
33 bool "Enable debugging output"
34 depends on MAC80211
35 ---help---
36 This option will enable debug tracing output for the
37 ieee80211 network stack.
38
39 If you are not trying to debug or develop the ieee80211
40 subsystem, you most likely want to say N here.
41
42config MAC80211_VERBOSE_DEBUG
43 bool "Verbose debugging output"
44 depends on MAC80211_DEBUG
45
46config MAC80211_LOWTX_FRAME_DUMP
47 bool "Debug frame dumping"
48 depends on MAC80211_DEBUG
49 ---help---
50 Selecting this option will cause the stack to
51 print a message for each frame that is handed
52 to the lowlevel driver for transmission. This
53 message includes all MAC addresses and the
54 frame control field.
55
56 If unsure, say N and insert the debugging code
57 you require into the driver you are debugging.
58
59config TKIP_DEBUG
60 bool "TKIP debugging"
61 depends on MAC80211_DEBUG
62
63config MAC80211_DEBUG_COUNTERS
64 bool "Extra statistics for TX/RX debugging"
65 depends on MAC80211_DEBUG
66
67config MAC80211_IBSS_DEBUG
68 bool "Support for IBSS testing"
69 depends on MAC80211_DEBUG
70 ---help---
71 Say Y here if you intend to debug the IBSS code.
72
73config MAC80211_VERBOSE_PS_DEBUG
74 bool "Verbose powersave mode debugging"
75 depends on MAC80211_DEBUG
76 ---help---
77 Say Y here to print out verbose powersave
78 mode debug messages.
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
new file mode 100644
index 000000000000..e9738dad2d7c
--- /dev/null
+++ b/net/mac80211/Makefile
@@ -0,0 +1,20 @@
1obj-$(CONFIG_MAC80211) += mac80211.o rc80211_simple.o
2
3mac80211-objs-$(CONFIG_MAC80211_LEDS) += ieee80211_led.o
4mac80211-objs-$(CONFIG_MAC80211_DEBUGFS) += debugfs.o debugfs_sta.o debugfs_netdev.o debugfs_key.o
5
6mac80211-objs := \
7 ieee80211.o \
8 ieee80211_ioctl.o \
9 sta_info.o \
10 wep.o \
11 wpa.o \
12 ieee80211_sta.o \
13 ieee80211_iface.o \
14 ieee80211_rate.o \
15 michael.o \
16 tkip.o \
17 aes_ccm.o \
18 wme.o \
19 ieee80211_cfg.o \
20 $(mac80211-objs-y)
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c
new file mode 100644
index 000000000000..e55569bee7d0
--- /dev/null
+++ b/net/mac80211/aes_ccm.c
@@ -0,0 +1,155 @@
1/*
2 * Copyright 2003-2004, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/types.h>
11#include <linux/crypto.h>
12#include <linux/err.h>
13#include <asm/scatterlist.h>
14
15#include <net/mac80211.h>
16#include "ieee80211_key.h"
17#include "aes_ccm.h"
18
19
20static void ieee80211_aes_encrypt(struct crypto_cipher *tfm,
21 const u8 pt[16], u8 ct[16])
22{
23 crypto_cipher_encrypt_one(tfm, ct, pt);
24}
25
26
27static inline void aes_ccm_prepare(struct crypto_cipher *tfm, u8 *b_0, u8 *aad,
28 u8 *b, u8 *s_0, u8 *a)
29{
30 int i;
31
32 ieee80211_aes_encrypt(tfm, b_0, b);
33
34 /* Extra Authenticate-only data (always two AES blocks) */
35 for (i = 0; i < AES_BLOCK_LEN; i++)
36 aad[i] ^= b[i];
37 ieee80211_aes_encrypt(tfm, aad, b);
38
39 aad += AES_BLOCK_LEN;
40
41 for (i = 0; i < AES_BLOCK_LEN; i++)
42 aad[i] ^= b[i];
43 ieee80211_aes_encrypt(tfm, aad, a);
44
45 /* Mask out bits from auth-only-b_0 */
46 b_0[0] &= 0x07;
47
48 /* S_0 is used to encrypt T (= MIC) */
49 b_0[14] = 0;
50 b_0[15] = 0;
51 ieee80211_aes_encrypt(tfm, b_0, s_0);
52}
53
54
55void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
56 u8 *b_0, u8 *aad, u8 *data, size_t data_len,
57 u8 *cdata, u8 *mic)
58{
59 int i, j, last_len, num_blocks;
60 u8 *pos, *cpos, *b, *s_0, *e;
61
62 b = scratch;
63 s_0 = scratch + AES_BLOCK_LEN;
64 e = scratch + 2 * AES_BLOCK_LEN;
65
66 num_blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
67 last_len = data_len % AES_BLOCK_LEN;
68 aes_ccm_prepare(tfm, b_0, aad, b, s_0, b);
69
70 /* Process payload blocks */
71 pos = data;
72 cpos = cdata;
73 for (j = 1; j <= num_blocks; j++) {
74 int blen = (j == num_blocks && last_len) ?
75 last_len : AES_BLOCK_LEN;
76
77 /* Authentication followed by encryption */
78 for (i = 0; i < blen; i++)
79 b[i] ^= pos[i];
80 ieee80211_aes_encrypt(tfm, b, b);
81
82 b_0[14] = (j >> 8) & 0xff;
83 b_0[15] = j & 0xff;
84 ieee80211_aes_encrypt(tfm, b_0, e);
85 for (i = 0; i < blen; i++)
86 *cpos++ = *pos++ ^ e[i];
87 }
88
89 for (i = 0; i < CCMP_MIC_LEN; i++)
90 mic[i] = b[i] ^ s_0[i];
91}
92
93
94int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
95 u8 *b_0, u8 *aad, u8 *cdata, size_t data_len,
96 u8 *mic, u8 *data)
97{
98 int i, j, last_len, num_blocks;
99 u8 *pos, *cpos, *b, *s_0, *a;
100
101 b = scratch;
102 s_0 = scratch + AES_BLOCK_LEN;
103 a = scratch + 2 * AES_BLOCK_LEN;
104
105 num_blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
106 last_len = data_len % AES_BLOCK_LEN;
107 aes_ccm_prepare(tfm, b_0, aad, b, s_0, a);
108
109 /* Process payload blocks */
110 cpos = cdata;
111 pos = data;
112 for (j = 1; j <= num_blocks; j++) {
113 int blen = (j == num_blocks && last_len) ?
114 last_len : AES_BLOCK_LEN;
115
116 /* Decryption followed by authentication */
117 b_0[14] = (j >> 8) & 0xff;
118 b_0[15] = j & 0xff;
119 ieee80211_aes_encrypt(tfm, b_0, b);
120 for (i = 0; i < blen; i++) {
121 *pos = *cpos++ ^ b[i];
122 a[i] ^= *pos++;
123 }
124
125 ieee80211_aes_encrypt(tfm, a, a);
126 }
127
128 for (i = 0; i < CCMP_MIC_LEN; i++) {
129 if ((mic[i] ^ s_0[i]) != a[i])
130 return -1;
131 }
132
133 return 0;
134}
135
136
137struct crypto_cipher * ieee80211_aes_key_setup_encrypt(const u8 key[])
138{
139 struct crypto_cipher *tfm;
140
141 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
142 if (IS_ERR(tfm))
143 return NULL;
144
145 crypto_cipher_setkey(tfm, key, ALG_CCMP_KEY_LEN);
146
147 return tfm;
148}
149
150
151void ieee80211_aes_key_free(struct crypto_cipher *tfm)
152{
153 if (tfm)
154 crypto_free_cipher(tfm);
155}
diff --git a/net/mac80211/aes_ccm.h b/net/mac80211/aes_ccm.h
new file mode 100644
index 000000000000..885f19030b29
--- /dev/null
+++ b/net/mac80211/aes_ccm.h
@@ -0,0 +1,26 @@
1/*
2 * Copyright 2003-2004, Instant802 Networks, Inc.
3 * Copyright 2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef AES_CCM_H
11#define AES_CCM_H
12
13#include <linux/crypto.h>
14
15#define AES_BLOCK_LEN 16
16
17struct crypto_cipher * ieee80211_aes_key_setup_encrypt(const u8 key[]);
18void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
19 u8 *b_0, u8 *aad, u8 *data, size_t data_len,
20 u8 *cdata, u8 *mic);
21int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
22 u8 *b_0, u8 *aad, u8 *cdata, size_t data_len,
23 u8 *mic, u8 *data);
24void ieee80211_aes_key_free(struct crypto_cipher *tfm);
25
26#endif /* AES_CCM_H */
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
new file mode 100644
index 000000000000..bb6c0feb2d48
--- /dev/null
+++ b/net/mac80211/debugfs.c
@@ -0,0 +1,433 @@
1/*
2 * mac80211 debugfs for wireless PHYs
3 *
4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * GPLv2
7 *
8 */
9
10#include <linux/debugfs.h>
11#include <linux/rtnetlink.h>
12#include "ieee80211_i.h"
13#include "ieee80211_rate.h"
14#include "debugfs.h"
15
16int mac80211_open_file_generic(struct inode *inode, struct file *file)
17{
18 file->private_data = inode->i_private;
19 return 0;
20}
21
22static const char *ieee80211_mode_str(int mode)
23{
24 switch (mode) {
25 case MODE_IEEE80211A:
26 return "IEEE 802.11a";
27 case MODE_IEEE80211B:
28 return "IEEE 802.11b";
29 case MODE_IEEE80211G:
30 return "IEEE 802.11g";
31 case MODE_ATHEROS_TURBO:
32 return "Atheros Turbo (5 GHz)";
33 default:
34 return "UNKNOWN";
35 }
36}
37
38static ssize_t modes_read(struct file *file, char __user *userbuf,
39 size_t count, loff_t *ppos)
40{
41 struct ieee80211_local *local = file->private_data;
42 struct ieee80211_hw_mode *mode;
43 char buf[150], *p = buf;
44
45 /* FIXME: locking! */
46 list_for_each_entry(mode, &local->modes_list, list) {
47 p += scnprintf(p, sizeof(buf)+buf-p,
48 "%s\n", ieee80211_mode_str(mode->mode));
49 }
50
51 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
52}
53
54static const struct file_operations modes_ops = {
55 .read = modes_read,
56 .open = mac80211_open_file_generic,
57};
58
59#define DEBUGFS_READONLY_FILE(name, buflen, fmt, value...) \
60static ssize_t name## _read(struct file *file, char __user *userbuf, \
61 size_t count, loff_t *ppos) \
62{ \
63 struct ieee80211_local *local = file->private_data; \
64 char buf[buflen]; \
65 int res; \
66 \
67 res = scnprintf(buf, buflen, fmt "\n", ##value); \
68 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
69} \
70 \
71static const struct file_operations name## _ops = { \
72 .read = name## _read, \
73 .open = mac80211_open_file_generic, \
74};
75
76#define DEBUGFS_ADD(name) \
77 local->debugfs.name = debugfs_create_file(#name, 0444, phyd, \
78 local, &name## _ops);
79
80#define DEBUGFS_DEL(name) \
81 debugfs_remove(local->debugfs.name); \
82 local->debugfs.name = NULL;
83
84
85DEBUGFS_READONLY_FILE(channel, 20, "%d",
86 local->hw.conf.channel);
87DEBUGFS_READONLY_FILE(frequency, 20, "%d",
88 local->hw.conf.freq);
89DEBUGFS_READONLY_FILE(radar_detect, 20, "%d",
90 local->hw.conf.radar_detect);
91DEBUGFS_READONLY_FILE(antenna_sel_tx, 20, "%d",
92 local->hw.conf.antenna_sel_tx);
93DEBUGFS_READONLY_FILE(antenna_sel_rx, 20, "%d",
94 local->hw.conf.antenna_sel_rx);
95DEBUGFS_READONLY_FILE(bridge_packets, 20, "%d",
96 local->bridge_packets);
97DEBUGFS_READONLY_FILE(key_tx_rx_threshold, 20, "%d",
98 local->key_tx_rx_threshold);
99DEBUGFS_READONLY_FILE(rts_threshold, 20, "%d",
100 local->rts_threshold);
101DEBUGFS_READONLY_FILE(fragmentation_threshold, 20, "%d",
102 local->fragmentation_threshold);
103DEBUGFS_READONLY_FILE(short_retry_limit, 20, "%d",
104 local->short_retry_limit);
105DEBUGFS_READONLY_FILE(long_retry_limit, 20, "%d",
106 local->long_retry_limit);
107DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d",
108 local->total_ps_buffered);
109DEBUGFS_READONLY_FILE(mode, 20, "%s",
110 ieee80211_mode_str(local->hw.conf.phymode));
111DEBUGFS_READONLY_FILE(wep_iv, 20, "%#06x",
112 local->wep_iv & 0xffffff);
113DEBUGFS_READONLY_FILE(tx_power_reduction, 20, "%d.%d dBm",
114 local->hw.conf.tx_power_reduction / 10,
115 local->hw.conf.tx_power_reduction & 10);
116DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s",
117 local->rate_ctrl ? local->rate_ctrl->ops->name : "<unset>");
118
119/* statistics stuff */
120
121static inline int rtnl_lock_local(struct ieee80211_local *local)
122{
123 rtnl_lock();
124 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED)) {
125 rtnl_unlock();
126 return -ENODEV;
127 }
128 return 0;
129}
130
131#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \
132 DEBUGFS_READONLY_FILE(stats_ ##name, buflen, fmt, ##value)
133
134static ssize_t format_devstat_counter(struct ieee80211_local *local,
135 char __user *userbuf,
136 size_t count, loff_t *ppos,
137 int (*printvalue)(struct ieee80211_low_level_stats *stats, char *buf,
138 int buflen))
139{
140 struct ieee80211_low_level_stats stats;
141 char buf[20];
142 int res;
143
144 if (!local->ops->get_stats)
145 return -EOPNOTSUPP;
146
147 res = rtnl_lock_local(local);
148 if (res)
149 return res;
150
151 res = local->ops->get_stats(local_to_hw(local), &stats);
152 rtnl_unlock();
153 if (!res)
154 res = printvalue(&stats, buf, sizeof(buf));
155 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
156}
157
158#define DEBUGFS_DEVSTATS_FILE(name) \
159static int print_devstats_##name(struct ieee80211_low_level_stats *stats,\
160 char *buf, int buflen) \
161{ \
162 return scnprintf(buf, buflen, "%u\n", stats->name); \
163} \
164static ssize_t stats_ ##name## _read(struct file *file, \
165 char __user *userbuf, \
166 size_t count, loff_t *ppos) \
167{ \
168 return format_devstat_counter(file->private_data, \
169 userbuf, \
170 count, \
171 ppos, \
172 print_devstats_##name); \
173} \
174 \
175static const struct file_operations stats_ ##name## _ops = { \
176 .read = stats_ ##name## _read, \
177 .open = mac80211_open_file_generic, \
178};
179
180#define DEBUGFS_STATS_ADD(name) \
181 local->debugfs.stats.name = debugfs_create_file(#name, 0444, statsd,\
182 local, &stats_ ##name## _ops);
183
184#define DEBUGFS_STATS_DEL(name) \
185 debugfs_remove(local->debugfs.stats.name); \
186 local->debugfs.stats.name = NULL;
187
188DEBUGFS_STATS_FILE(transmitted_fragment_count, 20, "%u",
189 local->dot11TransmittedFragmentCount);
190DEBUGFS_STATS_FILE(multicast_transmitted_frame_count, 20, "%u",
191 local->dot11MulticastTransmittedFrameCount);
192DEBUGFS_STATS_FILE(failed_count, 20, "%u",
193 local->dot11FailedCount);
194DEBUGFS_STATS_FILE(retry_count, 20, "%u",
195 local->dot11RetryCount);
196DEBUGFS_STATS_FILE(multiple_retry_count, 20, "%u",
197 local->dot11MultipleRetryCount);
198DEBUGFS_STATS_FILE(frame_duplicate_count, 20, "%u",
199 local->dot11FrameDuplicateCount);
200DEBUGFS_STATS_FILE(received_fragment_count, 20, "%u",
201 local->dot11ReceivedFragmentCount);
202DEBUGFS_STATS_FILE(multicast_received_frame_count, 20, "%u",
203 local->dot11MulticastReceivedFrameCount);
204DEBUGFS_STATS_FILE(transmitted_frame_count, 20, "%u",
205 local->dot11TransmittedFrameCount);
206DEBUGFS_STATS_FILE(wep_undecryptable_count, 20, "%u",
207 local->dot11WEPUndecryptableCount);
208#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
209DEBUGFS_STATS_FILE(tx_handlers_drop, 20, "%u",
210 local->tx_handlers_drop);
211DEBUGFS_STATS_FILE(tx_handlers_queued, 20, "%u",
212 local->tx_handlers_queued);
213DEBUGFS_STATS_FILE(tx_handlers_drop_unencrypted, 20, "%u",
214 local->tx_handlers_drop_unencrypted);
215DEBUGFS_STATS_FILE(tx_handlers_drop_fragment, 20, "%u",
216 local->tx_handlers_drop_fragment);
217DEBUGFS_STATS_FILE(tx_handlers_drop_wep, 20, "%u",
218 local->tx_handlers_drop_wep);
219DEBUGFS_STATS_FILE(tx_handlers_drop_not_assoc, 20, "%u",
220 local->tx_handlers_drop_not_assoc);
221DEBUGFS_STATS_FILE(tx_handlers_drop_unauth_port, 20, "%u",
222 local->tx_handlers_drop_unauth_port);
223DEBUGFS_STATS_FILE(rx_handlers_drop, 20, "%u",
224 local->rx_handlers_drop);
225DEBUGFS_STATS_FILE(rx_handlers_queued, 20, "%u",
226 local->rx_handlers_queued);
227DEBUGFS_STATS_FILE(rx_handlers_drop_nullfunc, 20, "%u",
228 local->rx_handlers_drop_nullfunc);
229DEBUGFS_STATS_FILE(rx_handlers_drop_defrag, 20, "%u",
230 local->rx_handlers_drop_defrag);
231DEBUGFS_STATS_FILE(rx_handlers_drop_short, 20, "%u",
232 local->rx_handlers_drop_short);
233DEBUGFS_STATS_FILE(rx_handlers_drop_passive_scan, 20, "%u",
234 local->rx_handlers_drop_passive_scan);
235DEBUGFS_STATS_FILE(tx_expand_skb_head, 20, "%u",
236 local->tx_expand_skb_head);
237DEBUGFS_STATS_FILE(tx_expand_skb_head_cloned, 20, "%u",
238 local->tx_expand_skb_head_cloned);
239DEBUGFS_STATS_FILE(rx_expand_skb_head, 20, "%u",
240 local->rx_expand_skb_head);
241DEBUGFS_STATS_FILE(rx_expand_skb_head2, 20, "%u",
242 local->rx_expand_skb_head2);
243DEBUGFS_STATS_FILE(rx_handlers_fragments, 20, "%u",
244 local->rx_handlers_fragments);
245DEBUGFS_STATS_FILE(tx_status_drop, 20, "%u",
246 local->tx_status_drop);
247
248static ssize_t stats_wme_rx_queue_read(struct file *file,
249 char __user *userbuf,
250 size_t count, loff_t *ppos)
251{
252 struct ieee80211_local *local = file->private_data;
253 char buf[NUM_RX_DATA_QUEUES*15], *p = buf;
254 int i;
255
256 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
257 p += scnprintf(p, sizeof(buf)+buf-p,
258 "%u\n", local->wme_rx_queue[i]);
259
260 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
261}
262
263static const struct file_operations stats_wme_rx_queue_ops = {
264 .read = stats_wme_rx_queue_read,
265 .open = mac80211_open_file_generic,
266};
267
268static ssize_t stats_wme_tx_queue_read(struct file *file,
269 char __user *userbuf,
270 size_t count, loff_t *ppos)
271{
272 struct ieee80211_local *local = file->private_data;
273 char buf[NUM_TX_DATA_QUEUES*15], *p = buf;
274 int i;
275
276 for (i = 0; i < NUM_TX_DATA_QUEUES; i++)
277 p += scnprintf(p, sizeof(buf)+buf-p,
278 "%u\n", local->wme_tx_queue[i]);
279
280 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
281}
282
283static const struct file_operations stats_wme_tx_queue_ops = {
284 .read = stats_wme_tx_queue_read,
285 .open = mac80211_open_file_generic,
286};
287#endif
288
289DEBUGFS_DEVSTATS_FILE(dot11ACKFailureCount);
290DEBUGFS_DEVSTATS_FILE(dot11RTSFailureCount);
291DEBUGFS_DEVSTATS_FILE(dot11FCSErrorCount);
292DEBUGFS_DEVSTATS_FILE(dot11RTSSuccessCount);
293
294
295void debugfs_hw_add(struct ieee80211_local *local)
296{
297 struct dentry *phyd = local->hw.wiphy->debugfsdir;
298 struct dentry *statsd;
299
300 if (!phyd)
301 return;
302
303 local->debugfs.stations = debugfs_create_dir("stations", phyd);
304 local->debugfs.keys = debugfs_create_dir("keys", phyd);
305
306 DEBUGFS_ADD(channel);
307 DEBUGFS_ADD(frequency);
308 DEBUGFS_ADD(radar_detect);
309 DEBUGFS_ADD(antenna_sel_tx);
310 DEBUGFS_ADD(antenna_sel_rx);
311 DEBUGFS_ADD(bridge_packets);
312 DEBUGFS_ADD(key_tx_rx_threshold);
313 DEBUGFS_ADD(rts_threshold);
314 DEBUGFS_ADD(fragmentation_threshold);
315 DEBUGFS_ADD(short_retry_limit);
316 DEBUGFS_ADD(long_retry_limit);
317 DEBUGFS_ADD(total_ps_buffered);
318 DEBUGFS_ADD(mode);
319 DEBUGFS_ADD(wep_iv);
320 DEBUGFS_ADD(tx_power_reduction);
321 DEBUGFS_ADD(modes);
322
323 statsd = debugfs_create_dir("statistics", phyd);
324 local->debugfs.statistics = statsd;
325
326 /* if the dir failed, don't put all the other things into the root! */
327 if (!statsd)
328 return;
329
330 DEBUGFS_STATS_ADD(transmitted_fragment_count);
331 DEBUGFS_STATS_ADD(multicast_transmitted_frame_count);
332 DEBUGFS_STATS_ADD(failed_count);
333 DEBUGFS_STATS_ADD(retry_count);
334 DEBUGFS_STATS_ADD(multiple_retry_count);
335 DEBUGFS_STATS_ADD(frame_duplicate_count);
336 DEBUGFS_STATS_ADD(received_fragment_count);
337 DEBUGFS_STATS_ADD(multicast_received_frame_count);
338 DEBUGFS_STATS_ADD(transmitted_frame_count);
339 DEBUGFS_STATS_ADD(wep_undecryptable_count);
340#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
341 DEBUGFS_STATS_ADD(tx_handlers_drop);
342 DEBUGFS_STATS_ADD(tx_handlers_queued);
343 DEBUGFS_STATS_ADD(tx_handlers_drop_unencrypted);
344 DEBUGFS_STATS_ADD(tx_handlers_drop_fragment);
345 DEBUGFS_STATS_ADD(tx_handlers_drop_wep);
346 DEBUGFS_STATS_ADD(tx_handlers_drop_not_assoc);
347 DEBUGFS_STATS_ADD(tx_handlers_drop_unauth_port);
348 DEBUGFS_STATS_ADD(rx_handlers_drop);
349 DEBUGFS_STATS_ADD(rx_handlers_queued);
350 DEBUGFS_STATS_ADD(rx_handlers_drop_nullfunc);
351 DEBUGFS_STATS_ADD(rx_handlers_drop_defrag);
352 DEBUGFS_STATS_ADD(rx_handlers_drop_short);
353 DEBUGFS_STATS_ADD(rx_handlers_drop_passive_scan);
354 DEBUGFS_STATS_ADD(tx_expand_skb_head);
355 DEBUGFS_STATS_ADD(tx_expand_skb_head_cloned);
356 DEBUGFS_STATS_ADD(rx_expand_skb_head);
357 DEBUGFS_STATS_ADD(rx_expand_skb_head2);
358 DEBUGFS_STATS_ADD(rx_handlers_fragments);
359 DEBUGFS_STATS_ADD(tx_status_drop);
360 DEBUGFS_STATS_ADD(wme_tx_queue);
361 DEBUGFS_STATS_ADD(wme_rx_queue);
362#endif
363 DEBUGFS_STATS_ADD(dot11ACKFailureCount);
364 DEBUGFS_STATS_ADD(dot11RTSFailureCount);
365 DEBUGFS_STATS_ADD(dot11FCSErrorCount);
366 DEBUGFS_STATS_ADD(dot11RTSSuccessCount);
367}
368
369void debugfs_hw_del(struct ieee80211_local *local)
370{
371 DEBUGFS_DEL(channel);
372 DEBUGFS_DEL(frequency);
373 DEBUGFS_DEL(radar_detect);
374 DEBUGFS_DEL(antenna_sel_tx);
375 DEBUGFS_DEL(antenna_sel_rx);
376 DEBUGFS_DEL(bridge_packets);
377 DEBUGFS_DEL(key_tx_rx_threshold);
378 DEBUGFS_DEL(rts_threshold);
379 DEBUGFS_DEL(fragmentation_threshold);
380 DEBUGFS_DEL(short_retry_limit);
381 DEBUGFS_DEL(long_retry_limit);
382 DEBUGFS_DEL(total_ps_buffered);
383 DEBUGFS_DEL(mode);
384 DEBUGFS_DEL(wep_iv);
385 DEBUGFS_DEL(tx_power_reduction);
386 DEBUGFS_DEL(modes);
387
388 DEBUGFS_STATS_DEL(transmitted_fragment_count);
389 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count);
390 DEBUGFS_STATS_DEL(failed_count);
391 DEBUGFS_STATS_DEL(retry_count);
392 DEBUGFS_STATS_DEL(multiple_retry_count);
393 DEBUGFS_STATS_DEL(frame_duplicate_count);
394 DEBUGFS_STATS_DEL(received_fragment_count);
395 DEBUGFS_STATS_DEL(multicast_received_frame_count);
396 DEBUGFS_STATS_DEL(transmitted_frame_count);
397 DEBUGFS_STATS_DEL(wep_undecryptable_count);
398 DEBUGFS_STATS_DEL(num_scans);
399#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
400 DEBUGFS_STATS_DEL(tx_handlers_drop);
401 DEBUGFS_STATS_DEL(tx_handlers_queued);
402 DEBUGFS_STATS_DEL(tx_handlers_drop_unencrypted);
403 DEBUGFS_STATS_DEL(tx_handlers_drop_fragment);
404 DEBUGFS_STATS_DEL(tx_handlers_drop_wep);
405 DEBUGFS_STATS_DEL(tx_handlers_drop_not_assoc);
406 DEBUGFS_STATS_DEL(tx_handlers_drop_unauth_port);
407 DEBUGFS_STATS_DEL(rx_handlers_drop);
408 DEBUGFS_STATS_DEL(rx_handlers_queued);
409 DEBUGFS_STATS_DEL(rx_handlers_drop_nullfunc);
410 DEBUGFS_STATS_DEL(rx_handlers_drop_defrag);
411 DEBUGFS_STATS_DEL(rx_handlers_drop_short);
412 DEBUGFS_STATS_DEL(rx_handlers_drop_passive_scan);
413 DEBUGFS_STATS_DEL(tx_expand_skb_head);
414 DEBUGFS_STATS_DEL(tx_expand_skb_head_cloned);
415 DEBUGFS_STATS_DEL(rx_expand_skb_head);
416 DEBUGFS_STATS_DEL(rx_expand_skb_head2);
417 DEBUGFS_STATS_DEL(rx_handlers_fragments);
418 DEBUGFS_STATS_DEL(tx_status_drop);
419 DEBUGFS_STATS_DEL(wme_tx_queue);
420 DEBUGFS_STATS_DEL(wme_rx_queue);
421#endif
422 DEBUGFS_STATS_DEL(dot11ACKFailureCount);
423 DEBUGFS_STATS_DEL(dot11RTSFailureCount);
424 DEBUGFS_STATS_DEL(dot11FCSErrorCount);
425 DEBUGFS_STATS_DEL(dot11RTSSuccessCount);
426
427 debugfs_remove(local->debugfs.statistics);
428 local->debugfs.statistics = NULL;
429 debugfs_remove(local->debugfs.stations);
430 local->debugfs.stations = NULL;
431 debugfs_remove(local->debugfs.keys);
432 local->debugfs.keys = NULL;
433}
diff --git a/net/mac80211/debugfs.h b/net/mac80211/debugfs.h
new file mode 100644
index 000000000000..dd2541935c27
--- /dev/null
+++ b/net/mac80211/debugfs.h
@@ -0,0 +1,16 @@
1#ifndef __MAC80211_DEBUGFS_H
2#define __MAC80211_DEBUGFS_H
3
4#ifdef CONFIG_MAC80211_DEBUGFS
5extern void debugfs_hw_add(struct ieee80211_local *local);
6extern void debugfs_hw_del(struct ieee80211_local *local);
7extern int mac80211_open_file_generic(struct inode *inode, struct file *file);
8#else
9static inline void debugfs_hw_add(struct ieee80211_local *local)
10{
11 return;
12}
13static inline void debugfs_hw_del(struct ieee80211_local *local) {}
14#endif
15
16#endif /* __MAC80211_DEBUGFS_H */
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
new file mode 100644
index 000000000000..7d56dc9e7326
--- /dev/null
+++ b/net/mac80211/debugfs_key.c
@@ -0,0 +1,252 @@
1/*
2 * Copyright 2003-2005 Devicescape Software, Inc.
3 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/kobject.h>
12#include "ieee80211_i.h"
13#include "ieee80211_key.h"
14#include "debugfs.h"
15#include "debugfs_key.h"
16
17#define KEY_READ(name, buflen, format_string) \
18static ssize_t key_##name##_read(struct file *file, \
19 char __user *userbuf, \
20 size_t count, loff_t *ppos) \
21{ \
22 char buf[buflen]; \
23 struct ieee80211_key *key = file->private_data; \
24 int res = scnprintf(buf, buflen, format_string, key->name); \
25 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
26}
27#define KEY_READ_D(name) KEY_READ(name, 20, "%d\n")
28
29#define KEY_OPS(name) \
30static const struct file_operations key_ ##name## _ops = { \
31 .read = key_##name##_read, \
32 .open = mac80211_open_file_generic, \
33}
34
35#define KEY_FILE(name, format) \
36 KEY_READ_##format(name) \
37 KEY_OPS(name)
38
39KEY_FILE(keylen, D);
40KEY_FILE(force_sw_encrypt, D);
41KEY_FILE(keyidx, D);
42KEY_FILE(hw_key_idx, D);
43KEY_FILE(tx_rx_count, D);
44
45static ssize_t key_algorithm_read(struct file *file,
46 char __user *userbuf,
47 size_t count, loff_t *ppos)
48{
49 char *alg;
50 struct ieee80211_key *key = file->private_data;
51
52 switch (key->alg) {
53 case ALG_WEP:
54 alg = "WEP\n";
55 break;
56 case ALG_TKIP:
57 alg = "TKIP\n";
58 break;
59 case ALG_CCMP:
60 alg = "CCMP\n";
61 break;
62 default:
63 return 0;
64 }
65 return simple_read_from_buffer(userbuf, count, ppos, alg, strlen(alg));
66}
67KEY_OPS(algorithm);
68
69static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
70 size_t count, loff_t *ppos)
71{
72 const u8 *tpn;
73 char buf[20];
74 int len;
75 struct ieee80211_key *key = file->private_data;
76
77 switch (key->alg) {
78 case ALG_WEP:
79 len = scnprintf(buf, sizeof(buf), "\n");
80 case ALG_TKIP:
81 len = scnprintf(buf, sizeof(buf), "%08x %04x\n",
82 key->u.tkip.iv32,
83 key->u.tkip.iv16);
84 case ALG_CCMP:
85 tpn = key->u.ccmp.tx_pn;
86 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
87 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]);
88 default:
89 return 0;
90 }
91 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
92}
93KEY_OPS(tx_spec);
94
95static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
96 size_t count, loff_t *ppos)
97{
98 struct ieee80211_key *key = file->private_data;
99 char buf[14*NUM_RX_DATA_QUEUES+1], *p = buf;
100 int i, len;
101 const u8 *rpn;
102
103 switch (key->alg) {
104 case ALG_WEP:
105 len = scnprintf(buf, sizeof(buf), "\n");
106 case ALG_TKIP:
107 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
108 p += scnprintf(p, sizeof(buf)+buf-p,
109 "%08x %04x\n",
110 key->u.tkip.iv32_rx[i],
111 key->u.tkip.iv16_rx[i]);
112 len = p - buf;
113 case ALG_CCMP:
114 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) {
115 rpn = key->u.ccmp.rx_pn[i];
116 p += scnprintf(p, sizeof(buf)+buf-p,
117 "%02x%02x%02x%02x%02x%02x\n",
118 rpn[0], rpn[1], rpn[2],
119 rpn[3], rpn[4], rpn[5]);
120 }
121 len = p - buf;
122 default:
123 return 0;
124 }
125 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
126}
127KEY_OPS(rx_spec);
128
129static ssize_t key_replays_read(struct file *file, char __user *userbuf,
130 size_t count, loff_t *ppos)
131{
132 struct ieee80211_key *key = file->private_data;
133 char buf[20];
134 int len;
135
136 if (key->alg != ALG_CCMP)
137 return 0;
138 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
139 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
140}
141KEY_OPS(replays);
142
143static ssize_t key_key_read(struct file *file, char __user *userbuf,
144 size_t count, loff_t *ppos)
145{
146 struct ieee80211_key *key = file->private_data;
147 int i, res, bufsize = 2*key->keylen+2;
148 char *buf = kmalloc(bufsize, GFP_KERNEL);
149 char *p = buf;
150
151 for (i = 0; i < key->keylen; i++)
152 p += scnprintf(p, bufsize+buf-p, "%02x", key->key[i]);
153 p += scnprintf(p, bufsize+buf-p, "\n");
154 res = simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
155 kfree(buf);
156 return res;
157}
158KEY_OPS(key);
159
160#define DEBUGFS_ADD(name) \
161 key->debugfs.name = debugfs_create_file(#name, 0400,\
162 key->debugfs.dir, key, &key_##name##_ops);
163
164void ieee80211_debugfs_key_add(struct ieee80211_local *local,
165 struct ieee80211_key *key)
166{
167 char buf[20];
168
169 if (!local->debugfs.keys)
170 return;
171
172 sprintf(buf, "%d", key->keyidx);
173 key->debugfs.dir = debugfs_create_dir(buf,
174 local->debugfs.keys);
175
176 if (!key->debugfs.dir)
177 return;
178
179 DEBUGFS_ADD(keylen);
180 DEBUGFS_ADD(force_sw_encrypt);
181 DEBUGFS_ADD(keyidx);
182 DEBUGFS_ADD(hw_key_idx);
183 DEBUGFS_ADD(tx_rx_count);
184 DEBUGFS_ADD(algorithm);
185 DEBUGFS_ADD(tx_spec);
186 DEBUGFS_ADD(rx_spec);
187 DEBUGFS_ADD(replays);
188 DEBUGFS_ADD(key);
189};
190
191#define DEBUGFS_DEL(name) \
192 debugfs_remove(key->debugfs.name); key->debugfs.name = NULL;
193
194void ieee80211_debugfs_key_remove(struct ieee80211_key *key)
195{
196 if (!key)
197 return;
198
199 DEBUGFS_DEL(keylen);
200 DEBUGFS_DEL(force_sw_encrypt);
201 DEBUGFS_DEL(keyidx);
202 DEBUGFS_DEL(hw_key_idx);
203 DEBUGFS_DEL(tx_rx_count);
204 DEBUGFS_DEL(algorithm);
205 DEBUGFS_DEL(tx_spec);
206 DEBUGFS_DEL(rx_spec);
207 DEBUGFS_DEL(replays);
208 DEBUGFS_DEL(key);
209
210 debugfs_remove(key->debugfs.stalink);
211 key->debugfs.stalink = NULL;
212 debugfs_remove(key->debugfs.dir);
213 key->debugfs.dir = NULL;
214}
215void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata)
216{
217 char buf[50];
218
219 if (!sdata->debugfsdir)
220 return;
221
222 sprintf(buf, "../keys/%d", sdata->default_key->keyidx);
223 sdata->debugfs.default_key =
224 debugfs_create_symlink("default_key", sdata->debugfsdir, buf);
225}
226void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata)
227{
228 if (!sdata)
229 return;
230
231 debugfs_remove(sdata->debugfs.default_key);
232 sdata->debugfs.default_key = NULL;
233}
234void ieee80211_debugfs_key_sta_link(struct ieee80211_key *key,
235 struct sta_info *sta)
236{
237 char buf[50];
238
239 if (!key->debugfs.dir)
240 return;
241
242 sprintf(buf, "../sta/" MAC_FMT, MAC_ARG(sta->addr));
243 key->debugfs.stalink =
244 debugfs_create_symlink("station", key->debugfs.dir, buf);
245}
246
247void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
248 struct sta_info *sta)
249{
250 debugfs_remove(key->debugfs.stalink);
251 key->debugfs.stalink = NULL;
252}
diff --git a/net/mac80211/debugfs_key.h b/net/mac80211/debugfs_key.h
new file mode 100644
index 000000000000..aecfce395da6
--- /dev/null
+++ b/net/mac80211/debugfs_key.h
@@ -0,0 +1,34 @@
1#ifndef __MAC80211_DEBUGFS_KEY_H
2#define __MAC80211_DEBUGFS_KEY_H
3
4#ifdef CONFIG_MAC80211_DEBUGFS
5void ieee80211_debugfs_key_add(struct ieee80211_local *local,
6 struct ieee80211_key *key);
7void ieee80211_debugfs_key_remove(struct ieee80211_key *key);
8void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata);
10void ieee80211_debugfs_key_sta_link(struct ieee80211_key *key,
11 struct sta_info *sta);
12void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
13 struct sta_info *sta);
14#else
15static inline void ieee80211_debugfs_key_add(struct ieee80211_local *local,
16 struct ieee80211_key *key)
17{}
18static inline void ieee80211_debugfs_key_remove(struct ieee80211_key *key)
19{}
20static inline void ieee80211_debugfs_key_add_default(
21 struct ieee80211_sub_if_data *sdata)
22{}
23static inline void ieee80211_debugfs_key_remove_default(
24 struct ieee80211_sub_if_data *sdata)
25{}
26static inline void ieee80211_debugfs_key_sta_link(
27 struct ieee80211_key *key, struct sta_info *sta)
28{}
29static inline void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
30 struct sta_info *sta)
31{}
32#endif
33
34#endif /* __MAC80211_DEBUGFS_KEY_H */
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
new file mode 100644
index 000000000000..9e3964638bad
--- /dev/null
+++ b/net/mac80211/debugfs_netdev.c
@@ -0,0 +1,440 @@
1/*
2 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
3 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/kernel.h>
11#include <linux/device.h>
12#include <linux/if.h>
13#include <linux/interrupt.h>
14#include <linux/netdevice.h>
15#include <linux/rtnetlink.h>
16#include <linux/notifier.h>
17#include <net/mac80211.h>
18#include <net/cfg80211.h>
19#include "ieee80211_i.h"
20#include "ieee80211_rate.h"
21#include "debugfs.h"
22#include "debugfs_netdev.h"
23
24static ssize_t ieee80211_if_read(
25 struct ieee80211_sub_if_data *sdata,
26 char __user *userbuf,
27 size_t count, loff_t *ppos,
28 ssize_t (*format)(const struct ieee80211_sub_if_data *, char *, int))
29{
30 char buf[70];
31 ssize_t ret = -EINVAL;
32
33 read_lock(&dev_base_lock);
34 if (sdata->dev->reg_state == NETREG_REGISTERED) {
35 ret = (*format)(sdata, buf, sizeof(buf));
36 ret = simple_read_from_buffer(userbuf, count, ppos, buf, ret);
37 }
38 read_unlock(&dev_base_lock);
39 return ret;
40}
41
42#define IEEE80211_IF_FMT(name, field, format_string) \
43static ssize_t ieee80211_if_fmt_##name( \
44 const struct ieee80211_sub_if_data *sdata, char *buf, \
45 int buflen) \
46{ \
47 return scnprintf(buf, buflen, format_string, sdata->field); \
48}
49#define IEEE80211_IF_FMT_DEC(name, field) \
50 IEEE80211_IF_FMT(name, field, "%d\n")
51#define IEEE80211_IF_FMT_HEX(name, field) \
52 IEEE80211_IF_FMT(name, field, "%#x\n")
53#define IEEE80211_IF_FMT_SIZE(name, field) \
54 IEEE80211_IF_FMT(name, field, "%zd\n")
55
56#define IEEE80211_IF_FMT_ATOMIC(name, field) \
57static ssize_t ieee80211_if_fmt_##name( \
58 const struct ieee80211_sub_if_data *sdata, \
59 char *buf, int buflen) \
60{ \
61 return scnprintf(buf, buflen, "%d\n", atomic_read(&sdata->field));\
62}
63
64#define IEEE80211_IF_FMT_MAC(name, field) \
65static ssize_t ieee80211_if_fmt_##name( \
66 const struct ieee80211_sub_if_data *sdata, char *buf, \
67 int buflen) \
68{ \
69 return scnprintf(buf, buflen, MAC_FMT "\n", MAC_ARG(sdata->field));\
70}
71
72#define __IEEE80211_IF_FILE(name) \
73static ssize_t ieee80211_if_read_##name(struct file *file, \
74 char __user *userbuf, \
75 size_t count, loff_t *ppos) \
76{ \
77 return ieee80211_if_read(file->private_data, \
78 userbuf, count, ppos, \
79 ieee80211_if_fmt_##name); \
80} \
81static const struct file_operations name##_ops = { \
82 .read = ieee80211_if_read_##name, \
83 .open = mac80211_open_file_generic, \
84}
85
86#define IEEE80211_IF_FILE(name, field, format) \
87 IEEE80211_IF_FMT_##format(name, field) \
88 __IEEE80211_IF_FILE(name)
89
90/* common attributes */
91IEEE80211_IF_FILE(channel_use, channel_use, DEC);
92IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
93IEEE80211_IF_FILE(eapol, eapol, DEC);
94IEEE80211_IF_FILE(ieee8021_x, ieee802_1x, DEC);
95
96/* STA/IBSS attributes */
97IEEE80211_IF_FILE(state, u.sta.state, DEC);
98IEEE80211_IF_FILE(bssid, u.sta.bssid, MAC);
99IEEE80211_IF_FILE(prev_bssid, u.sta.prev_bssid, MAC);
100IEEE80211_IF_FILE(ssid_len, u.sta.ssid_len, SIZE);
101IEEE80211_IF_FILE(aid, u.sta.aid, DEC);
102IEEE80211_IF_FILE(ap_capab, u.sta.ap_capab, HEX);
103IEEE80211_IF_FILE(capab, u.sta.capab, HEX);
104IEEE80211_IF_FILE(extra_ie_len, u.sta.extra_ie_len, SIZE);
105IEEE80211_IF_FILE(auth_tries, u.sta.auth_tries, DEC);
106IEEE80211_IF_FILE(assoc_tries, u.sta.assoc_tries, DEC);
107IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX);
108IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC);
109IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC);
110
111static ssize_t ieee80211_if_fmt_flags(
112 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
113{
114 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n",
115 sdata->u.sta.ssid_set ? "SSID\n" : "",
116 sdata->u.sta.bssid_set ? "BSSID\n" : "",
117 sdata->u.sta.prev_bssid_set ? "prev BSSID\n" : "",
118 sdata->u.sta.authenticated ? "AUTH\n" : "",
119 sdata->u.sta.associated ? "ASSOC\n" : "",
120 sdata->u.sta.probereq_poll ? "PROBEREQ POLL\n" : "",
121 sdata->u.sta.use_protection ? "CTS prot\n" : "");
122}
123__IEEE80211_IF_FILE(flags);
124
125/* AP attributes */
126IEEE80211_IF_FILE(num_sta_ps, u.ap.num_sta_ps, ATOMIC);
127IEEE80211_IF_FILE(dtim_period, u.ap.dtim_period, DEC);
128IEEE80211_IF_FILE(dtim_count, u.ap.dtim_count, DEC);
129IEEE80211_IF_FILE(num_beacons, u.ap.num_beacons, DEC);
130IEEE80211_IF_FILE(force_unicast_rateidx, u.ap.force_unicast_rateidx, DEC);
131IEEE80211_IF_FILE(max_ratectrl_rateidx, u.ap.max_ratectrl_rateidx, DEC);
132
133static ssize_t ieee80211_if_fmt_num_buffered_multicast(
134 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
135{
136 return scnprintf(buf, buflen, "%u\n",
137 skb_queue_len(&sdata->u.ap.ps_bc_buf));
138}
139__IEEE80211_IF_FILE(num_buffered_multicast);
140
141static ssize_t ieee80211_if_fmt_beacon_head_len(
142 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
143{
144 if (sdata->u.ap.beacon_head)
145 return scnprintf(buf, buflen, "%d\n",
146 sdata->u.ap.beacon_head_len);
147 return scnprintf(buf, buflen, "\n");
148}
149__IEEE80211_IF_FILE(beacon_head_len);
150
151static ssize_t ieee80211_if_fmt_beacon_tail_len(
152 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
153{
154 if (sdata->u.ap.beacon_tail)
155 return scnprintf(buf, buflen, "%d\n",
156 sdata->u.ap.beacon_tail_len);
157 return scnprintf(buf, buflen, "\n");
158}
159__IEEE80211_IF_FILE(beacon_tail_len);
160
161/* WDS attributes */
162IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC);
163
164/* VLAN attributes */
165IEEE80211_IF_FILE(vlan_id, u.vlan.id, DEC);
166
167/* MONITOR attributes */
168static ssize_t ieee80211_if_fmt_mode(
169 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
170{
171 struct ieee80211_local *local = sdata->local;
172
173 return scnprintf(buf, buflen, "%s\n",
174 ((local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) ||
175 local->open_count == local->monitors) ?
176 "hard" : "soft");
177}
178__IEEE80211_IF_FILE(mode);
179
180
181#define DEBUGFS_ADD(name, type)\
182 sdata->debugfs.type.name = debugfs_create_file(#name, 0444,\
183 sdata->debugfsdir, sdata, &name##_ops);
184
185static void add_sta_files(struct ieee80211_sub_if_data *sdata)
186{
187 DEBUGFS_ADD(channel_use, sta);
188 DEBUGFS_ADD(drop_unencrypted, sta);
189 DEBUGFS_ADD(eapol, sta);
190 DEBUGFS_ADD(ieee8021_x, sta);
191 DEBUGFS_ADD(state, sta);
192 DEBUGFS_ADD(bssid, sta);
193 DEBUGFS_ADD(prev_bssid, sta);
194 DEBUGFS_ADD(ssid_len, sta);
195 DEBUGFS_ADD(aid, sta);
196 DEBUGFS_ADD(ap_capab, sta);
197 DEBUGFS_ADD(capab, sta);
198 DEBUGFS_ADD(extra_ie_len, sta);
199 DEBUGFS_ADD(auth_tries, sta);
200 DEBUGFS_ADD(assoc_tries, sta);
201 DEBUGFS_ADD(auth_algs, sta);
202 DEBUGFS_ADD(auth_alg, sta);
203 DEBUGFS_ADD(auth_transaction, sta);
204 DEBUGFS_ADD(flags, sta);
205}
206
207static void add_ap_files(struct ieee80211_sub_if_data *sdata)
208{
209 DEBUGFS_ADD(channel_use, ap);
210 DEBUGFS_ADD(drop_unencrypted, ap);
211 DEBUGFS_ADD(eapol, ap);
212 DEBUGFS_ADD(ieee8021_x, ap);
213 DEBUGFS_ADD(num_sta_ps, ap);
214 DEBUGFS_ADD(dtim_period, ap);
215 DEBUGFS_ADD(dtim_count, ap);
216 DEBUGFS_ADD(num_beacons, ap);
217 DEBUGFS_ADD(force_unicast_rateidx, ap);
218 DEBUGFS_ADD(max_ratectrl_rateidx, ap);
219 DEBUGFS_ADD(num_buffered_multicast, ap);
220 DEBUGFS_ADD(beacon_head_len, ap);
221 DEBUGFS_ADD(beacon_tail_len, ap);
222}
223
224static void add_wds_files(struct ieee80211_sub_if_data *sdata)
225{
226 DEBUGFS_ADD(channel_use, wds);
227 DEBUGFS_ADD(drop_unencrypted, wds);
228 DEBUGFS_ADD(eapol, wds);
229 DEBUGFS_ADD(ieee8021_x, wds);
230 DEBUGFS_ADD(peer, wds);
231}
232
233static void add_vlan_files(struct ieee80211_sub_if_data *sdata)
234{
235 DEBUGFS_ADD(channel_use, vlan);
236 DEBUGFS_ADD(drop_unencrypted, vlan);
237 DEBUGFS_ADD(eapol, vlan);
238 DEBUGFS_ADD(ieee8021_x, vlan);
239 DEBUGFS_ADD(vlan_id, vlan);
240}
241
242static void add_monitor_files(struct ieee80211_sub_if_data *sdata)
243{
244 DEBUGFS_ADD(mode, monitor);
245}
246
247static void add_files(struct ieee80211_sub_if_data *sdata)
248{
249 if (!sdata->debugfsdir)
250 return;
251
252 switch (sdata->type) {
253 case IEEE80211_IF_TYPE_STA:
254 case IEEE80211_IF_TYPE_IBSS:
255 add_sta_files(sdata);
256 break;
257 case IEEE80211_IF_TYPE_AP:
258 add_ap_files(sdata);
259 break;
260 case IEEE80211_IF_TYPE_WDS:
261 add_wds_files(sdata);
262 break;
263 case IEEE80211_IF_TYPE_MNTR:
264 add_monitor_files(sdata);
265 break;
266 case IEEE80211_IF_TYPE_VLAN:
267 add_vlan_files(sdata);
268 break;
269 default:
270 break;
271 }
272}
273
274#define DEBUGFS_DEL(name, type)\
275 debugfs_remove(sdata->debugfs.type.name);\
276 sdata->debugfs.type.name = NULL;
277
278static void del_sta_files(struct ieee80211_sub_if_data *sdata)
279{
280 DEBUGFS_DEL(channel_use, sta);
281 DEBUGFS_DEL(drop_unencrypted, sta);
282 DEBUGFS_DEL(eapol, sta);
283 DEBUGFS_DEL(ieee8021_x, sta);
284 DEBUGFS_DEL(state, sta);
285 DEBUGFS_DEL(bssid, sta);
286 DEBUGFS_DEL(prev_bssid, sta);
287 DEBUGFS_DEL(ssid_len, sta);
288 DEBUGFS_DEL(aid, sta);
289 DEBUGFS_DEL(ap_capab, sta);
290 DEBUGFS_DEL(capab, sta);
291 DEBUGFS_DEL(extra_ie_len, sta);
292 DEBUGFS_DEL(auth_tries, sta);
293 DEBUGFS_DEL(assoc_tries, sta);
294 DEBUGFS_DEL(auth_algs, sta);
295 DEBUGFS_DEL(auth_alg, sta);
296 DEBUGFS_DEL(auth_transaction, sta);
297 DEBUGFS_DEL(flags, sta);
298}
299
300static void del_ap_files(struct ieee80211_sub_if_data *sdata)
301{
302 DEBUGFS_DEL(channel_use, ap);
303 DEBUGFS_DEL(drop_unencrypted, ap);
304 DEBUGFS_DEL(eapol, ap);
305 DEBUGFS_DEL(ieee8021_x, ap);
306 DEBUGFS_DEL(num_sta_ps, ap);
307 DEBUGFS_DEL(dtim_period, ap);
308 DEBUGFS_DEL(dtim_count, ap);
309 DEBUGFS_DEL(num_beacons, ap);
310 DEBUGFS_DEL(force_unicast_rateidx, ap);
311 DEBUGFS_DEL(max_ratectrl_rateidx, ap);
312 DEBUGFS_DEL(num_buffered_multicast, ap);
313 DEBUGFS_DEL(beacon_head_len, ap);
314 DEBUGFS_DEL(beacon_tail_len, ap);
315}
316
317static void del_wds_files(struct ieee80211_sub_if_data *sdata)
318{
319 DEBUGFS_DEL(channel_use, wds);
320 DEBUGFS_DEL(drop_unencrypted, wds);
321 DEBUGFS_DEL(eapol, wds);
322 DEBUGFS_DEL(ieee8021_x, wds);
323 DEBUGFS_DEL(peer, wds);
324}
325
326static void del_vlan_files(struct ieee80211_sub_if_data *sdata)
327{
328 DEBUGFS_DEL(channel_use, vlan);
329 DEBUGFS_DEL(drop_unencrypted, vlan);
330 DEBUGFS_DEL(eapol, vlan);
331 DEBUGFS_DEL(ieee8021_x, vlan);
332 DEBUGFS_DEL(vlan_id, vlan);
333}
334
335static void del_monitor_files(struct ieee80211_sub_if_data *sdata)
336{
337 DEBUGFS_DEL(mode, monitor);
338}
339
340static void del_files(struct ieee80211_sub_if_data *sdata, int type)
341{
342 if (!sdata->debugfsdir)
343 return;
344
345 switch (type) {
346 case IEEE80211_IF_TYPE_STA:
347 case IEEE80211_IF_TYPE_IBSS:
348 del_sta_files(sdata);
349 break;
350 case IEEE80211_IF_TYPE_AP:
351 del_ap_files(sdata);
352 break;
353 case IEEE80211_IF_TYPE_WDS:
354 del_wds_files(sdata);
355 break;
356 case IEEE80211_IF_TYPE_MNTR:
357 del_monitor_files(sdata);
358 break;
359 case IEEE80211_IF_TYPE_VLAN:
360 del_vlan_files(sdata);
361 break;
362 default:
363 break;
364 }
365}
366
367static int notif_registered;
368
369void ieee80211_debugfs_add_netdev(struct ieee80211_sub_if_data *sdata)
370{
371 char buf[10+IFNAMSIZ];
372
373 if (!notif_registered)
374 return;
375
376 sprintf(buf, "netdev:%s", sdata->dev->name);
377 sdata->debugfsdir = debugfs_create_dir(buf,
378 sdata->local->hw.wiphy->debugfsdir);
379}
380
381void ieee80211_debugfs_remove_netdev(struct ieee80211_sub_if_data *sdata)
382{
383 del_files(sdata, sdata->type);
384 debugfs_remove(sdata->debugfsdir);
385 sdata->debugfsdir = NULL;
386}
387
388void ieee80211_debugfs_change_if_type(struct ieee80211_sub_if_data *sdata,
389 int oldtype)
390{
391 del_files(sdata, oldtype);
392 add_files(sdata);
393}
394
395static int netdev_notify(struct notifier_block * nb,
396 unsigned long state,
397 void *ndev)
398{
399 struct net_device *dev = ndev;
400 char buf[10+IFNAMSIZ];
401
402 if (state != NETDEV_CHANGENAME)
403 return 0;
404
405 if (!dev->ieee80211_ptr || !dev->ieee80211_ptr->wiphy)
406 return 0;
407
408 if (dev->ieee80211_ptr->wiphy->privid != mac80211_wiphy_privid)
409 return 0;
410
411 /* TODO
412 sprintf(buf, "netdev:%s", dev->name);
413 debugfs_rename(IEEE80211_DEV_TO_SUB_IF(dev)->debugfsdir, buf);
414 */
415
416 return 0;
417}
418
419static struct notifier_block mac80211_debugfs_netdev_notifier = {
420 .notifier_call = netdev_notify,
421};
422
423void ieee80211_debugfs_netdev_init(void)
424{
425 int err;
426
427 err = register_netdevice_notifier(&mac80211_debugfs_netdev_notifier);
428 if (err) {
429 printk(KERN_ERR
430 "mac80211: failed to install netdev notifier,"
431 " disabling per-netdev debugfs!\n");
432 } else
433 notif_registered = 1;
434}
435
436void ieee80211_debugfs_netdev_exit(void)
437{
438 unregister_netdevice_notifier(&mac80211_debugfs_netdev_notifier);
439 notif_registered = 0;
440}
diff --git a/net/mac80211/debugfs_netdev.h b/net/mac80211/debugfs_netdev.h
new file mode 100644
index 000000000000..a690071fde8a
--- /dev/null
+++ b/net/mac80211/debugfs_netdev.h
@@ -0,0 +1,30 @@
1/* routines exported for debugfs handling */
2
3#ifndef __IEEE80211_DEBUGFS_NETDEV_H
4#define __IEEE80211_DEBUGFS_NETDEV_H
5
6#ifdef CONFIG_MAC80211_DEBUGFS
7void ieee80211_debugfs_add_netdev(struct ieee80211_sub_if_data *sdata);
8void ieee80211_debugfs_remove_netdev(struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_change_if_type(struct ieee80211_sub_if_data *sdata,
10 int oldtype);
11void ieee80211_debugfs_netdev_init(void);
12void ieee80211_debugfs_netdev_exit(void);
13#else
14static inline void ieee80211_debugfs_add_netdev(
15 struct ieee80211_sub_if_data *sdata)
16{}
17static inline void ieee80211_debugfs_remove_netdev(
18 struct ieee80211_sub_if_data *sdata)
19{}
20static inline void ieee80211_debugfs_change_if_type(
21 struct ieee80211_sub_if_data *sdata, int oldtype)
22{}
23static inline void ieee80211_debugfs_netdev_init(void)
24{}
25
26static inline void ieee80211_debugfs_netdev_exit(void)
27{}
28#endif
29
30#endif /* __IEEE80211_DEBUGFS_NETDEV_H */
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
new file mode 100644
index 000000000000..d41e696f3980
--- /dev/null
+++ b/net/mac80211/debugfs_sta.c
@@ -0,0 +1,246 @@
1/*
2 * Copyright 2003-2005 Devicescape Software, Inc.
3 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/debugfs.h>
12#include <linux/ieee80211.h>
13#include "ieee80211_i.h"
14#include "debugfs.h"
15#include "debugfs_sta.h"
16#include "sta_info.h"
17
18/* sta attributtes */
19
20#define STA_READ(name, buflen, field, format_string) \
21static ssize_t sta_ ##name## _read(struct file *file, \
22 char __user *userbuf, \
23 size_t count, loff_t *ppos) \
24{ \
25 int res; \
26 struct sta_info *sta = file->private_data; \
27 char buf[buflen]; \
28 res = scnprintf(buf, buflen, format_string, sta->field); \
29 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
30}
31#define STA_READ_D(name, field) STA_READ(name, 20, field, "%d\n")
32#define STA_READ_U(name, field) STA_READ(name, 20, field, "%u\n")
33#define STA_READ_LU(name, field) STA_READ(name, 20, field, "%lu\n")
34#define STA_READ_S(name, field) STA_READ(name, 20, field, "%s\n")
35
36#define STA_READ_RATE(name, field) \
37static ssize_t sta_##name##_read(struct file *file, \
38 char __user *userbuf, \
39 size_t count, loff_t *ppos) \
40{ \
41 struct sta_info *sta = file->private_data; \
42 struct ieee80211_local *local = wdev_priv(sta->dev->ieee80211_ptr);\
43 struct ieee80211_hw_mode *mode = local->oper_hw_mode; \
44 char buf[20]; \
45 int res = scnprintf(buf, sizeof(buf), "%d\n", \
46 (sta->field >= 0 && \
47 sta->field < mode->num_rates) ? \
48 mode->rates[sta->field].rate : -1); \
49 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
50}
51
52#define STA_OPS(name) \
53static const struct file_operations sta_ ##name## _ops = { \
54 .read = sta_##name##_read, \
55 .open = mac80211_open_file_generic, \
56}
57
58#define STA_FILE(name, field, format) \
59 STA_READ_##format(name, field) \
60 STA_OPS(name)
61
62STA_FILE(aid, aid, D);
63STA_FILE(key_idx_compression, key_idx_compression, D);
64STA_FILE(dev, dev->name, S);
65STA_FILE(vlan_id, vlan_id, D);
66STA_FILE(rx_packets, rx_packets, LU);
67STA_FILE(tx_packets, tx_packets, LU);
68STA_FILE(rx_bytes, rx_bytes, LU);
69STA_FILE(tx_bytes, tx_bytes, LU);
70STA_FILE(rx_duplicates, num_duplicates, LU);
71STA_FILE(rx_fragments, rx_fragments, LU);
72STA_FILE(rx_dropped, rx_dropped, LU);
73STA_FILE(tx_fragments, tx_fragments, LU);
74STA_FILE(tx_filtered, tx_filtered_count, LU);
75STA_FILE(txrate, txrate, RATE);
76STA_FILE(last_txrate, last_txrate, RATE);
77STA_FILE(tx_retry_failed, tx_retry_failed, LU);
78STA_FILE(tx_retry_count, tx_retry_count, LU);
79STA_FILE(last_rssi, last_rssi, D);
80STA_FILE(last_signal, last_signal, D);
81STA_FILE(last_noise, last_noise, D);
82STA_FILE(channel_use, channel_use, D);
83STA_FILE(wep_weak_iv_count, wep_weak_iv_count, D);
84
85static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
86 size_t count, loff_t *ppos)
87{
88 char buf[100];
89 struct sta_info *sta = file->private_data;
90 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s%s",
91 sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "",
92 sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "",
93 sta->flags & WLAN_STA_PS ? "PS\n" : "",
94 sta->flags & WLAN_STA_TIM ? "TIM\n" : "",
95 sta->flags & WLAN_STA_PERM ? "PERM\n" : "",
96 sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "",
97 sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "",
98 sta->flags & WLAN_STA_WME ? "WME\n" : "",
99 sta->flags & WLAN_STA_WDS ? "WDS\n" : "");
100 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
101}
102STA_OPS(flags);
103
104static ssize_t sta_num_ps_buf_frames_read(struct file *file,
105 char __user *userbuf,
106 size_t count, loff_t *ppos)
107{
108 char buf[20];
109 struct sta_info *sta = file->private_data;
110 int res = scnprintf(buf, sizeof(buf), "%u\n",
111 skb_queue_len(&sta->ps_tx_buf));
112 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
113}
114STA_OPS(num_ps_buf_frames);
115
116static ssize_t sta_last_ack_rssi_read(struct file *file, char __user *userbuf,
117 size_t count, loff_t *ppos)
118{
119 char buf[100];
120 struct sta_info *sta = file->private_data;
121 int res = scnprintf(buf, sizeof(buf), "%d %d %d\n",
122 sta->last_ack_rssi[0],
123 sta->last_ack_rssi[1],
124 sta->last_ack_rssi[2]);
125 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
126}
127STA_OPS(last_ack_rssi);
128
129static ssize_t sta_last_ack_ms_read(struct file *file, char __user *userbuf,
130 size_t count, loff_t *ppos)
131{
132 char buf[20];
133 struct sta_info *sta = file->private_data;
134 int res = scnprintf(buf, sizeof(buf), "%d\n",
135 sta->last_ack ?
136 jiffies_to_msecs(jiffies - sta->last_ack) : -1);
137 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
138}
139STA_OPS(last_ack_ms);
140
141static ssize_t sta_inactive_ms_read(struct file *file, char __user *userbuf,
142 size_t count, loff_t *ppos)
143{
144 char buf[20];
145 struct sta_info *sta = file->private_data;
146 int res = scnprintf(buf, sizeof(buf), "%d\n",
147 jiffies_to_msecs(jiffies - sta->last_rx));
148 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
149}
150STA_OPS(inactive_ms);
151
152static ssize_t sta_last_seq_ctrl_read(struct file *file, char __user *userbuf,
153 size_t count, loff_t *ppos)
154{
155 char buf[15*NUM_RX_DATA_QUEUES], *p = buf;
156 int i;
157 struct sta_info *sta = file->private_data;
158 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
159 p += scnprintf(p, sizeof(buf)+buf-p, "%x ",
160 sta->last_seq_ctrl[i]);
161 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
162 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
163}
164STA_OPS(last_seq_ctrl);
165
166#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
167static ssize_t sta_wme_rx_queue_read(struct file *file, char __user *userbuf,
168 size_t count, loff_t *ppos)
169{
170 char buf[15*NUM_RX_DATA_QUEUES], *p = buf;
171 int i;
172 struct sta_info *sta = file->private_data;
173 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
174 p += scnprintf(p, sizeof(buf)+buf-p, "%u ",
175 sta->wme_rx_queue[i]);
176 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
177 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
178}
179STA_OPS(wme_rx_queue);
180
181static ssize_t sta_wme_tx_queue_read(struct file *file, char __user *userbuf,
182 size_t count, loff_t *ppos)
183{
184 char buf[15*NUM_TX_DATA_QUEUES], *p = buf;
185 int i;
186 struct sta_info *sta = file->private_data;
187 for (i = 0; i < NUM_TX_DATA_QUEUES; i++)
188 p += scnprintf(p, sizeof(buf)+buf-p, "%u ",
189 sta->wme_tx_queue[i]);
190 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
191 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
192}
193STA_OPS(wme_tx_queue);
194#endif
195
196#define DEBUGFS_ADD(name) \
197 sta->debugfs.name = debugfs_create_file(#name, 0444, \
198 sta->debugfs.dir, sta, &sta_ ##name## _ops);
199
200#define DEBUGFS_DEL(name) \
201 debugfs_remove(sta->debugfs.name);\
202 sta->debugfs.name = NULL;
203
204
205void ieee80211_sta_debugfs_add(struct sta_info *sta)
206{
207 char buf[3*6];
208 struct dentry *stations_dir = sta->local->debugfs.stations;
209
210 if (!stations_dir)
211 return;
212
213 sprintf(buf, MAC_FMT, MAC_ARG(sta->addr));
214
215 sta->debugfs.dir = debugfs_create_dir(buf, stations_dir);
216 if (!sta->debugfs.dir)
217 return;
218
219 DEBUGFS_ADD(flags);
220 DEBUGFS_ADD(num_ps_buf_frames);
221 DEBUGFS_ADD(last_ack_rssi);
222 DEBUGFS_ADD(last_ack_ms);
223 DEBUGFS_ADD(inactive_ms);
224 DEBUGFS_ADD(last_seq_ctrl);
225#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
226 DEBUGFS_ADD(wme_rx_queue);
227 DEBUGFS_ADD(wme_tx_queue);
228#endif
229}
230
231void ieee80211_sta_debugfs_remove(struct sta_info *sta)
232{
233 DEBUGFS_DEL(flags);
234 DEBUGFS_DEL(num_ps_buf_frames);
235 DEBUGFS_DEL(last_ack_rssi);
236 DEBUGFS_DEL(last_ack_ms);
237 DEBUGFS_DEL(inactive_ms);
238 DEBUGFS_DEL(last_seq_ctrl);
239#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
240 DEBUGFS_DEL(wme_rx_queue);
241 DEBUGFS_DEL(wme_tx_queue);
242#endif
243
244 debugfs_remove(sta->debugfs.dir);
245 sta->debugfs.dir = NULL;
246}
diff --git a/net/mac80211/debugfs_sta.h b/net/mac80211/debugfs_sta.h
new file mode 100644
index 000000000000..574a1cd54b96
--- /dev/null
+++ b/net/mac80211/debugfs_sta.h
@@ -0,0 +1,12 @@
1#ifndef __MAC80211_DEBUGFS_STA_H
2#define __MAC80211_DEBUGFS_STA_H
3
4#ifdef CONFIG_MAC80211_DEBUGFS
5void ieee80211_sta_debugfs_add(struct sta_info *sta);
6void ieee80211_sta_debugfs_remove(struct sta_info *sta);
7#else
8static inline void ieee80211_sta_debugfs_add(struct sta_info *sta) {}
9static inline void ieee80211_sta_debugfs_remove(struct sta_info *sta) {}
10#endif
11
12#endif /* __MAC80211_DEBUGFS_STA_H */
diff --git a/net/mac80211/hostapd_ioctl.h b/net/mac80211/hostapd_ioctl.h
new file mode 100644
index 000000000000..34fa128e9872
--- /dev/null
+++ b/net/mac80211/hostapd_ioctl.h
@@ -0,0 +1,108 @@
1/*
2 * Host AP (software wireless LAN access point) user space daemon for
3 * Host AP kernel driver
4 * Copyright 2002-2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2004, Instant802 Networks, Inc.
6 * Copyright 2005, Devicescape Software, Inc.
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
11 */
12
13#ifndef HOSTAPD_IOCTL_H
14#define HOSTAPD_IOCTL_H
15
16#ifdef __KERNEL__
17#include <linux/types.h>
18#endif /* __KERNEL__ */
19
20#define PRISM2_IOCTL_PRISM2_PARAM (SIOCIWFIRSTPRIV + 0)
21#define PRISM2_IOCTL_GET_PRISM2_PARAM (SIOCIWFIRSTPRIV + 1)
22#define PRISM2_IOCTL_HOSTAPD (SIOCIWFIRSTPRIV + 3)
23
24/* PRISM2_IOCTL_PRISM2_PARAM ioctl() subtypes:
25 * This table is no longer added to, the whole sub-ioctl
26 * mess shall be deleted completely. */
27enum {
28 PRISM2_PARAM_IEEE_802_1X = 23,
29 PRISM2_PARAM_ANTSEL_TX = 24,
30 PRISM2_PARAM_ANTSEL_RX = 25,
31
32 /* Instant802 additions */
33 PRISM2_PARAM_CTS_PROTECT_ERP_FRAMES = 1001,
34 PRISM2_PARAM_DROP_UNENCRYPTED = 1002,
35 PRISM2_PARAM_PREAMBLE = 1003,
36 PRISM2_PARAM_SHORT_SLOT_TIME = 1006,
37 PRISM2_PARAM_NEXT_MODE = 1008,
38 PRISM2_PARAM_CLEAR_KEYS = 1009,
39 PRISM2_PARAM_RADIO_ENABLED = 1010,
40 PRISM2_PARAM_ANTENNA_MODE = 1013,
41 PRISM2_PARAM_STAT_TIME = 1016,
42 PRISM2_PARAM_STA_ANTENNA_SEL = 1017,
43 PRISM2_PARAM_FORCE_UNICAST_RATE = 1018,
44 PRISM2_PARAM_RATE_CTRL_NUM_UP = 1019,
45 PRISM2_PARAM_RATE_CTRL_NUM_DOWN = 1020,
46 PRISM2_PARAM_MAX_RATECTRL_RATE = 1021,
47 PRISM2_PARAM_TX_POWER_REDUCTION = 1022,
48 PRISM2_PARAM_KEY_TX_RX_THRESHOLD = 1024,
49 PRISM2_PARAM_DEFAULT_WEP_ONLY = 1026,
50 PRISM2_PARAM_WIFI_WME_NOACK_TEST = 1033,
51 PRISM2_PARAM_SCAN_FLAGS = 1035,
52 PRISM2_PARAM_HW_MODES = 1036,
53 PRISM2_PARAM_CREATE_IBSS = 1037,
54 PRISM2_PARAM_WMM_ENABLED = 1038,
55 PRISM2_PARAM_MIXED_CELL = 1039,
56 PRISM2_PARAM_RADAR_DETECT = 1043,
57 PRISM2_PARAM_SPECTRUM_MGMT = 1044,
58};
59
60enum {
61 IEEE80211_KEY_MGMT_NONE = 0,
62 IEEE80211_KEY_MGMT_IEEE8021X = 1,
63 IEEE80211_KEY_MGMT_WPA_PSK = 2,
64 IEEE80211_KEY_MGMT_WPA_EAP = 3,
65};
66
67
68/* Data structures used for get_hw_features ioctl */
69struct hostapd_ioctl_hw_modes_hdr {
70 int mode;
71 int num_channels;
72 int num_rates;
73};
74
75struct ieee80211_channel_data {
76 short chan; /* channel number (IEEE 802.11) */
77 short freq; /* frequency in MHz */
78 int flag; /* flag for hostapd use (IEEE80211_CHAN_*) */
79};
80
81struct ieee80211_rate_data {
82 int rate; /* rate in 100 kbps */
83 int flags; /* IEEE80211_RATE_ flags */
84};
85
86
87/* ADD_IF, REMOVE_IF, and UPDATE_IF 'type' argument */
88enum {
89 HOSTAP_IF_WDS = 1, HOSTAP_IF_VLAN = 2, HOSTAP_IF_BSS = 3,
90 HOSTAP_IF_STA = 4
91};
92
93struct hostapd_if_wds {
94 u8 remote_addr[ETH_ALEN];
95};
96
97struct hostapd_if_vlan {
98 u8 id;
99};
100
101struct hostapd_if_bss {
102 u8 bssid[ETH_ALEN];
103};
104
105struct hostapd_if_sta {
106};
107
108#endif /* HOSTAPD_IOCTL_H */
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c
new file mode 100644
index 000000000000..6e36df67f8d5
--- /dev/null
+++ b/net/mac80211/ieee80211.c
@@ -0,0 +1,4984 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <net/mac80211.h>
12#include <net/ieee80211_radiotap.h>
13#include <linux/module.h>
14#include <linux/init.h>
15#include <linux/netdevice.h>
16#include <linux/types.h>
17#include <linux/slab.h>
18#include <linux/skbuff.h>
19#include <linux/etherdevice.h>
20#include <linux/if_arp.h>
21#include <linux/wireless.h>
22#include <linux/rtnetlink.h>
23#include <net/iw_handler.h>
24#include <linux/compiler.h>
25#include <linux/bitmap.h>
26#include <net/cfg80211.h>
27
28#include "ieee80211_common.h"
29#include "ieee80211_i.h"
30#include "ieee80211_rate.h"
31#include "wep.h"
32#include "wpa.h"
33#include "tkip.h"
34#include "wme.h"
35#include "aes_ccm.h"
36#include "ieee80211_led.h"
37#include "ieee80211_cfg.h"
38#include "debugfs.h"
39#include "debugfs_netdev.h"
40#include "debugfs_key.h"
41
42/* privid for wiphys to determine whether they belong to us or not */
43void *mac80211_wiphy_privid = &mac80211_wiphy_privid;
44
45/* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */
46/* Ethernet-II snap header (RFC1042 for most EtherTypes) */
47static const unsigned char rfc1042_header[] =
48 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
49
50/* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */
51static const unsigned char bridge_tunnel_header[] =
52 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
53
54/* No encapsulation header if EtherType < 0x600 (=length) */
55static const unsigned char eapol_header[] =
56 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x88, 0x8e };
57
58
59static inline void ieee80211_include_sequence(struct ieee80211_sub_if_data *sdata,
60 struct ieee80211_hdr *hdr)
61{
62 /* Set the sequence number for this frame. */
63 hdr->seq_ctrl = cpu_to_le16(sdata->sequence);
64
65 /* Increase the sequence number. */
66 sdata->sequence = (sdata->sequence + 0x10) & IEEE80211_SCTL_SEQ;
67}
68
69struct ieee80211_key_conf *
70ieee80211_key_data2conf(struct ieee80211_local *local,
71 const struct ieee80211_key *data)
72{
73 struct ieee80211_key_conf *conf;
74
75 conf = kmalloc(sizeof(*conf) + data->keylen, GFP_ATOMIC);
76 if (!conf)
77 return NULL;
78
79 conf->hw_key_idx = data->hw_key_idx;
80 conf->alg = data->alg;
81 conf->keylen = data->keylen;
82 conf->flags = 0;
83 if (data->force_sw_encrypt)
84 conf->flags |= IEEE80211_KEY_FORCE_SW_ENCRYPT;
85 conf->keyidx = data->keyidx;
86 if (data->default_tx_key)
87 conf->flags |= IEEE80211_KEY_DEFAULT_TX_KEY;
88 if (local->default_wep_only)
89 conf->flags |= IEEE80211_KEY_DEFAULT_WEP_ONLY;
90 memcpy(conf->key, data->key, data->keylen);
91
92 return conf;
93}
94
95struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
96 int idx, size_t key_len, gfp_t flags)
97{
98 struct ieee80211_key *key;
99
100 key = kzalloc(sizeof(struct ieee80211_key) + key_len, flags);
101 if (!key)
102 return NULL;
103 kref_init(&key->kref);
104 return key;
105}
106
107static void ieee80211_key_release(struct kref *kref)
108{
109 struct ieee80211_key *key;
110
111 key = container_of(kref, struct ieee80211_key, kref);
112 if (key->alg == ALG_CCMP)
113 ieee80211_aes_key_free(key->u.ccmp.tfm);
114 ieee80211_debugfs_key_remove(key);
115 kfree(key);
116}
117
118void ieee80211_key_free(struct ieee80211_key *key)
119{
120 if (key)
121 kref_put(&key->kref, ieee80211_key_release);
122}
123
124static int rate_list_match(const int *rate_list, int rate)
125{
126 int i;
127
128 if (!rate_list)
129 return 0;
130
131 for (i = 0; rate_list[i] >= 0; i++)
132 if (rate_list[i] == rate)
133 return 1;
134
135 return 0;
136}
137
138
139void ieee80211_prepare_rates(struct ieee80211_local *local,
140 struct ieee80211_hw_mode *mode)
141{
142 int i;
143
144 for (i = 0; i < mode->num_rates; i++) {
145 struct ieee80211_rate *rate = &mode->rates[i];
146
147 rate->flags &= ~(IEEE80211_RATE_SUPPORTED |
148 IEEE80211_RATE_BASIC);
149
150 if (local->supp_rates[mode->mode]) {
151 if (!rate_list_match(local->supp_rates[mode->mode],
152 rate->rate))
153 continue;
154 }
155
156 rate->flags |= IEEE80211_RATE_SUPPORTED;
157
158 /* Use configured basic rate set if it is available. If not,
159 * use defaults that are sane for most cases. */
160 if (local->basic_rates[mode->mode]) {
161 if (rate_list_match(local->basic_rates[mode->mode],
162 rate->rate))
163 rate->flags |= IEEE80211_RATE_BASIC;
164 } else switch (mode->mode) {
165 case MODE_IEEE80211A:
166 if (rate->rate == 60 || rate->rate == 120 ||
167 rate->rate == 240)
168 rate->flags |= IEEE80211_RATE_BASIC;
169 break;
170 case MODE_IEEE80211B:
171 if (rate->rate == 10 || rate->rate == 20)
172 rate->flags |= IEEE80211_RATE_BASIC;
173 break;
174 case MODE_ATHEROS_TURBO:
175 if (rate->rate == 120 || rate->rate == 240 ||
176 rate->rate == 480)
177 rate->flags |= IEEE80211_RATE_BASIC;
178 break;
179 case MODE_IEEE80211G:
180 if (rate->rate == 10 || rate->rate == 20 ||
181 rate->rate == 55 || rate->rate == 110)
182 rate->flags |= IEEE80211_RATE_BASIC;
183 break;
184 }
185
186 /* Set ERP and MANDATORY flags based on phymode */
187 switch (mode->mode) {
188 case MODE_IEEE80211A:
189 if (rate->rate == 60 || rate->rate == 120 ||
190 rate->rate == 240)
191 rate->flags |= IEEE80211_RATE_MANDATORY;
192 break;
193 case MODE_IEEE80211B:
194 if (rate->rate == 10)
195 rate->flags |= IEEE80211_RATE_MANDATORY;
196 break;
197 case MODE_ATHEROS_TURBO:
198 break;
199 case MODE_IEEE80211G:
200 if (rate->rate == 10 || rate->rate == 20 ||
201 rate->rate == 55 || rate->rate == 110 ||
202 rate->rate == 60 || rate->rate == 120 ||
203 rate->rate == 240)
204 rate->flags |= IEEE80211_RATE_MANDATORY;
205 break;
206 }
207 if (ieee80211_is_erp_rate(mode->mode, rate->rate))
208 rate->flags |= IEEE80211_RATE_ERP;
209 }
210}
211
212
213static void ieee80211_key_threshold_notify(struct net_device *dev,
214 struct ieee80211_key *key,
215 struct sta_info *sta)
216{
217 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
218 struct sk_buff *skb;
219 struct ieee80211_msg_key_notification *msg;
220
221 /* if no one will get it anyway, don't even allocate it.
222 * unlikely because this is only relevant for APs
223 * where the device must be open... */
224 if (unlikely(!local->apdev))
225 return;
226
227 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
228 sizeof(struct ieee80211_msg_key_notification));
229 if (!skb)
230 return;
231
232 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
233 msg = (struct ieee80211_msg_key_notification *)
234 skb_put(skb, sizeof(struct ieee80211_msg_key_notification));
235 msg->tx_rx_count = key->tx_rx_count;
236 memcpy(msg->ifname, dev->name, IFNAMSIZ);
237 if (sta)
238 memcpy(msg->addr, sta->addr, ETH_ALEN);
239 else
240 memset(msg->addr, 0xff, ETH_ALEN);
241
242 key->tx_rx_count = 0;
243
244 ieee80211_rx_mgmt(local, skb, NULL,
245 ieee80211_msg_key_threshold_notification);
246}
247
248
249static u8 * ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len)
250{
251 u16 fc;
252
253 if (len < 24)
254 return NULL;
255
256 fc = le16_to_cpu(hdr->frame_control);
257
258 switch (fc & IEEE80211_FCTL_FTYPE) {
259 case IEEE80211_FTYPE_DATA:
260 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
261 case IEEE80211_FCTL_TODS:
262 return hdr->addr1;
263 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
264 return NULL;
265 case IEEE80211_FCTL_FROMDS:
266 return hdr->addr2;
267 case 0:
268 return hdr->addr3;
269 }
270 break;
271 case IEEE80211_FTYPE_MGMT:
272 return hdr->addr3;
273 case IEEE80211_FTYPE_CTL:
274 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)
275 return hdr->addr1;
276 else
277 return NULL;
278 }
279
280 return NULL;
281}
282
283int ieee80211_get_hdrlen(u16 fc)
284{
285 int hdrlen = 24;
286
287 switch (fc & IEEE80211_FCTL_FTYPE) {
288 case IEEE80211_FTYPE_DATA:
289 if ((fc & IEEE80211_FCTL_FROMDS) && (fc & IEEE80211_FCTL_TODS))
290 hdrlen = 30; /* Addr4 */
291 /*
292 * The QoS Control field is two bytes and its presence is
293 * indicated by the IEEE80211_STYPE_QOS_DATA bit. Add 2 to
294 * hdrlen if that bit is set.
295 * This works by masking out the bit and shifting it to
296 * bit position 1 so the result has the value 0 or 2.
297 */
298 hdrlen += (fc & IEEE80211_STYPE_QOS_DATA)
299 >> (ilog2(IEEE80211_STYPE_QOS_DATA)-1);
300 break;
301 case IEEE80211_FTYPE_CTL:
302 /*
303 * ACK and CTS are 10 bytes, all others 16. To see how
304 * to get this condition consider
305 * subtype mask: 0b0000000011110000 (0x00F0)
306 * ACK subtype: 0b0000000011010000 (0x00D0)
307 * CTS subtype: 0b0000000011000000 (0x00C0)
308 * bits that matter: ^^^ (0x00E0)
309 * value of those: 0b0000000011000000 (0x00C0)
310 */
311 if ((fc & 0xE0) == 0xC0)
312 hdrlen = 10;
313 else
314 hdrlen = 16;
315 break;
316 }
317
318 return hdrlen;
319}
320EXPORT_SYMBOL(ieee80211_get_hdrlen);
321
322int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb)
323{
324 const struct ieee80211_hdr *hdr = (const struct ieee80211_hdr *) skb->data;
325 int hdrlen;
326
327 if (unlikely(skb->len < 10))
328 return 0;
329 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control));
330 if (unlikely(hdrlen > skb->len))
331 return 0;
332 return hdrlen;
333}
334EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb);
335
336static int ieee80211_get_radiotap_len(struct sk_buff *skb)
337{
338 struct ieee80211_radiotap_header *hdr =
339 (struct ieee80211_radiotap_header *) skb->data;
340
341 return le16_to_cpu(hdr->it_len);
342}
343
344#ifdef CONFIG_MAC80211_LOWTX_FRAME_DUMP
345static void ieee80211_dump_frame(const char *ifname, const char *title,
346 const struct sk_buff *skb)
347{
348 const struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
349 u16 fc;
350 int hdrlen;
351
352 printk(KERN_DEBUG "%s: %s (len=%d)", ifname, title, skb->len);
353 if (skb->len < 4) {
354 printk("\n");
355 return;
356 }
357
358 fc = le16_to_cpu(hdr->frame_control);
359 hdrlen = ieee80211_get_hdrlen(fc);
360 if (hdrlen > skb->len)
361 hdrlen = skb->len;
362 if (hdrlen >= 4)
363 printk(" FC=0x%04x DUR=0x%04x",
364 fc, le16_to_cpu(hdr->duration_id));
365 if (hdrlen >= 10)
366 printk(" A1=" MAC_FMT, MAC_ARG(hdr->addr1));
367 if (hdrlen >= 16)
368 printk(" A2=" MAC_FMT, MAC_ARG(hdr->addr2));
369 if (hdrlen >= 24)
370 printk(" A3=" MAC_FMT, MAC_ARG(hdr->addr3));
371 if (hdrlen >= 30)
372 printk(" A4=" MAC_FMT, MAC_ARG(hdr->addr4));
373 printk("\n");
374}
375#else /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
376static inline void ieee80211_dump_frame(const char *ifname, const char *title,
377 struct sk_buff *skb)
378{
379}
380#endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
381
382
383static int ieee80211_is_eapol(const struct sk_buff *skb)
384{
385 const struct ieee80211_hdr *hdr;
386 u16 fc;
387 int hdrlen;
388
389 if (unlikely(skb->len < 10))
390 return 0;
391
392 hdr = (const struct ieee80211_hdr *) skb->data;
393 fc = le16_to_cpu(hdr->frame_control);
394
395 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
396 return 0;
397
398 hdrlen = ieee80211_get_hdrlen(fc);
399
400 if (unlikely(skb->len >= hdrlen + sizeof(eapol_header) &&
401 memcmp(skb->data + hdrlen, eapol_header,
402 sizeof(eapol_header)) == 0))
403 return 1;
404
405 return 0;
406}
407
408
409static ieee80211_txrx_result
410ieee80211_tx_h_rate_ctrl(struct ieee80211_txrx_data *tx)
411{
412 struct rate_control_extra extra;
413
414 memset(&extra, 0, sizeof(extra));
415 extra.mode = tx->u.tx.mode;
416 extra.mgmt_data = tx->sdata &&
417 tx->sdata->type == IEEE80211_IF_TYPE_MGMT;
418 extra.ethertype = tx->ethertype;
419
420 tx->u.tx.rate = rate_control_get_rate(tx->local, tx->dev, tx->skb,
421 &extra);
422 if (unlikely(extra.probe != NULL)) {
423 tx->u.tx.control->flags |= IEEE80211_TXCTL_RATE_CTRL_PROBE;
424 tx->u.tx.probe_last_frag = 1;
425 tx->u.tx.control->alt_retry_rate = tx->u.tx.rate->val;
426 tx->u.tx.rate = extra.probe;
427 } else {
428 tx->u.tx.control->alt_retry_rate = -1;
429 }
430 if (!tx->u.tx.rate)
431 return TXRX_DROP;
432 if (tx->u.tx.mode->mode == MODE_IEEE80211G &&
433 tx->local->cts_protect_erp_frames && tx->fragmented &&
434 extra.nonerp) {
435 tx->u.tx.last_frag_rate = tx->u.tx.rate;
436 tx->u.tx.probe_last_frag = extra.probe ? 1 : 0;
437
438 tx->u.tx.rate = extra.nonerp;
439 tx->u.tx.control->rate = extra.nonerp;
440 tx->u.tx.control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
441 } else {
442 tx->u.tx.last_frag_rate = tx->u.tx.rate;
443 tx->u.tx.control->rate = tx->u.tx.rate;
444 }
445 tx->u.tx.control->tx_rate = tx->u.tx.rate->val;
446 if ((tx->u.tx.rate->flags & IEEE80211_RATE_PREAMBLE2) &&
447 tx->local->short_preamble &&
448 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) {
449 tx->u.tx.short_preamble = 1;
450 tx->u.tx.control->tx_rate = tx->u.tx.rate->val2;
451 }
452
453 return TXRX_CONTINUE;
454}
455
456
457static ieee80211_txrx_result
458ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx)
459{
460 if (tx->sta)
461 tx->u.tx.control->key_idx = tx->sta->key_idx_compression;
462 else
463 tx->u.tx.control->key_idx = HW_KEY_IDX_INVALID;
464
465 if (unlikely(tx->u.tx.control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
466 tx->key = NULL;
467 else if (tx->sta && tx->sta->key)
468 tx->key = tx->sta->key;
469 else if (tx->sdata->default_key)
470 tx->key = tx->sdata->default_key;
471 else if (tx->sdata->drop_unencrypted &&
472 !(tx->sdata->eapol && ieee80211_is_eapol(tx->skb))) {
473 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
474 return TXRX_DROP;
475 } else
476 tx->key = NULL;
477
478 if (tx->key) {
479 tx->key->tx_rx_count++;
480 if (unlikely(tx->local->key_tx_rx_threshold &&
481 tx->key->tx_rx_count >
482 tx->local->key_tx_rx_threshold)) {
483 ieee80211_key_threshold_notify(tx->dev, tx->key,
484 tx->sta);
485 }
486 }
487
488 return TXRX_CONTINUE;
489}
490
491
492static ieee80211_txrx_result
493ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
494{
495 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
496 size_t hdrlen, per_fragm, num_fragm, payload_len, left;
497 struct sk_buff **frags, *first, *frag;
498 int i;
499 u16 seq;
500 u8 *pos;
501 int frag_threshold = tx->local->fragmentation_threshold;
502
503 if (!tx->fragmented)
504 return TXRX_CONTINUE;
505
506 first = tx->skb;
507
508 hdrlen = ieee80211_get_hdrlen(tx->fc);
509 payload_len = first->len - hdrlen;
510 per_fragm = frag_threshold - hdrlen - FCS_LEN;
511 num_fragm = (payload_len + per_fragm - 1) / per_fragm;
512
513 frags = kzalloc(num_fragm * sizeof(struct sk_buff *), GFP_ATOMIC);
514 if (!frags)
515 goto fail;
516
517 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREFRAGS);
518 seq = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ;
519 pos = first->data + hdrlen + per_fragm;
520 left = payload_len - per_fragm;
521 for (i = 0; i < num_fragm - 1; i++) {
522 struct ieee80211_hdr *fhdr;
523 size_t copylen;
524
525 if (left <= 0)
526 goto fail;
527
528 /* reserve enough extra head and tail room for possible
529 * encryption */
530 frag = frags[i] =
531 dev_alloc_skb(tx->local->hw.extra_tx_headroom +
532 frag_threshold +
533 IEEE80211_ENCRYPT_HEADROOM +
534 IEEE80211_ENCRYPT_TAILROOM);
535 if (!frag)
536 goto fail;
537 /* Make sure that all fragments use the same priority so
538 * that they end up using the same TX queue */
539 frag->priority = first->priority;
540 skb_reserve(frag, tx->local->hw.extra_tx_headroom +
541 IEEE80211_ENCRYPT_HEADROOM);
542 fhdr = (struct ieee80211_hdr *) skb_put(frag, hdrlen);
543 memcpy(fhdr, first->data, hdrlen);
544 if (i == num_fragm - 2)
545 fhdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREFRAGS);
546 fhdr->seq_ctrl = cpu_to_le16(seq | ((i + 1) & IEEE80211_SCTL_FRAG));
547 copylen = left > per_fragm ? per_fragm : left;
548 memcpy(skb_put(frag, copylen), pos, copylen);
549
550 pos += copylen;
551 left -= copylen;
552 }
553 skb_trim(first, hdrlen + per_fragm);
554
555 tx->u.tx.num_extra_frag = num_fragm - 1;
556 tx->u.tx.extra_frag = frags;
557
558 return TXRX_CONTINUE;
559
560 fail:
561 printk(KERN_DEBUG "%s: failed to fragment frame\n", tx->dev->name);
562 if (frags) {
563 for (i = 0; i < num_fragm - 1; i++)
564 if (frags[i])
565 dev_kfree_skb(frags[i]);
566 kfree(frags);
567 }
568 I802_DEBUG_INC(tx->local->tx_handlers_drop_fragment);
569 return TXRX_DROP;
570}
571
572
573static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb)
574{
575 if (tx->key->force_sw_encrypt) {
576 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
577 return -1;
578 } else {
579 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
580 if (tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
581 if (ieee80211_wep_add_iv(tx->local, skb, tx->key) ==
582 NULL)
583 return -1;
584 }
585 }
586 return 0;
587}
588
589
590void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx)
591{
592 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
593
594 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
595 if (tx->u.tx.extra_frag) {
596 struct ieee80211_hdr *fhdr;
597 int i;
598 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
599 fhdr = (struct ieee80211_hdr *)
600 tx->u.tx.extra_frag[i]->data;
601 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
602 }
603 }
604}
605
606
607static ieee80211_txrx_result
608ieee80211_tx_h_wep_encrypt(struct ieee80211_txrx_data *tx)
609{
610 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
611 u16 fc;
612
613 fc = le16_to_cpu(hdr->frame_control);
614
615 if (!tx->key || tx->key->alg != ALG_WEP ||
616 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
617 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
618 (fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
619 return TXRX_CONTINUE;
620
621 tx->u.tx.control->iv_len = WEP_IV_LEN;
622 tx->u.tx.control->icv_len = WEP_ICV_LEN;
623 ieee80211_tx_set_iswep(tx);
624
625 if (wep_encrypt_skb(tx, tx->skb) < 0) {
626 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep);
627 return TXRX_DROP;
628 }
629
630 if (tx->u.tx.extra_frag) {
631 int i;
632 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
633 if (wep_encrypt_skb(tx, tx->u.tx.extra_frag[i]) < 0) {
634 I802_DEBUG_INC(tx->local->
635 tx_handlers_drop_wep);
636 return TXRX_DROP;
637 }
638 }
639 }
640
641 return TXRX_CONTINUE;
642}
643
644
645static int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
646 int rate, int erp, int short_preamble)
647{
648 int dur;
649
650 /* calculate duration (in microseconds, rounded up to next higher
651 * integer if it includes a fractional microsecond) to send frame of
652 * len bytes (does not include FCS) at the given rate. Duration will
653 * also include SIFS.
654 *
655 * rate is in 100 kbps, so divident is multiplied by 10 in the
656 * DIV_ROUND_UP() operations.
657 */
658
659 if (local->hw.conf.phymode == MODE_IEEE80211A || erp ||
660 local->hw.conf.phymode == MODE_ATHEROS_TURBO) {
661 /*
662 * OFDM:
663 *
664 * N_DBPS = DATARATE x 4
665 * N_SYM = Ceiling((16+8xLENGTH+6) / N_DBPS)
666 * (16 = SIGNAL time, 6 = tail bits)
667 * TXTIME = T_PREAMBLE + T_SIGNAL + T_SYM x N_SYM + Signal Ext
668 *
669 * T_SYM = 4 usec
670 * 802.11a - 17.5.2: aSIFSTime = 16 usec
671 * 802.11g - 19.8.4: aSIFSTime = 10 usec +
672 * signal ext = 6 usec
673 */
674 /* FIX: Atheros Turbo may have different (shorter) duration? */
675 dur = 16; /* SIFS + signal ext */
676 dur += 16; /* 17.3.2.3: T_PREAMBLE = 16 usec */
677 dur += 4; /* 17.3.2.3: T_SIGNAL = 4 usec */
678 dur += 4 * DIV_ROUND_UP((16 + 8 * (len + 4) + 6) * 10,
679 4 * rate); /* T_SYM x N_SYM */
680 } else {
681 /*
682 * 802.11b or 802.11g with 802.11b compatibility:
683 * 18.3.4: TXTIME = PreambleLength + PLCPHeaderTime +
684 * Ceiling(((LENGTH+PBCC)x8)/DATARATE). PBCC=0.
685 *
686 * 802.11 (DS): 15.3.3, 802.11b: 18.3.4
687 * aSIFSTime = 10 usec
688 * aPreambleLength = 144 usec or 72 usec with short preamble
689 * aPLCPHeaderLength = 48 usec or 24 usec with short preamble
690 */
691 dur = 10; /* aSIFSTime = 10 usec */
692 dur += short_preamble ? (72 + 24) : (144 + 48);
693
694 dur += DIV_ROUND_UP(8 * (len + 4) * 10, rate);
695 }
696
697 return dur;
698}
699
700
701/* Exported duration function for driver use */
702__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
703 size_t frame_len, int rate)
704{
705 struct ieee80211_local *local = hw_to_local(hw);
706 u16 dur;
707 int erp;
708
709 erp = ieee80211_is_erp_rate(hw->conf.phymode, rate);
710 dur = ieee80211_frame_duration(local, frame_len, rate,
711 erp, local->short_preamble);
712
713 return cpu_to_le16(dur);
714}
715EXPORT_SYMBOL(ieee80211_generic_frame_duration);
716
717
718static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr,
719 int next_frag_len)
720{
721 int rate, mrate, erp, dur, i;
722 struct ieee80211_rate *txrate = tx->u.tx.rate;
723 struct ieee80211_local *local = tx->local;
724 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
725
726 erp = txrate->flags & IEEE80211_RATE_ERP;
727
728 /*
729 * data and mgmt (except PS Poll):
730 * - during CFP: 32768
731 * - during contention period:
732 * if addr1 is group address: 0
733 * if more fragments = 0 and addr1 is individual address: time to
734 * transmit one ACK plus SIFS
735 * if more fragments = 1 and addr1 is individual address: time to
736 * transmit next fragment plus 2 x ACK plus 3 x SIFS
737 *
738 * IEEE 802.11, 9.6:
739 * - control response frame (CTS or ACK) shall be transmitted using the
740 * same rate as the immediately previous frame in the frame exchange
741 * sequence, if this rate belongs to the PHY mandatory rates, or else
742 * at the highest possible rate belonging to the PHY rates in the
743 * BSSBasicRateSet
744 */
745
746 if ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL) {
747 /* TODO: These control frames are not currently sent by
748 * 80211.o, but should they be implemented, this function
749 * needs to be updated to support duration field calculation.
750 *
751 * RTS: time needed to transmit pending data/mgmt frame plus
752 * one CTS frame plus one ACK frame plus 3 x SIFS
753 * CTS: duration of immediately previous RTS minus time
754 * required to transmit CTS and its SIFS
755 * ACK: 0 if immediately previous directed data/mgmt had
756 * more=0, with more=1 duration in ACK frame is duration
757 * from previous frame minus time needed to transmit ACK
758 * and its SIFS
759 * PS Poll: BIT(15) | BIT(14) | aid
760 */
761 return 0;
762 }
763
764 /* data/mgmt */
765 if (0 /* FIX: data/mgmt during CFP */)
766 return 32768;
767
768 if (group_addr) /* Group address as the destination - no ACK */
769 return 0;
770
771 /* Individual destination address:
772 * IEEE 802.11, Ch. 9.6 (after IEEE 802.11g changes)
773 * CTS and ACK frames shall be transmitted using the highest rate in
774 * basic rate set that is less than or equal to the rate of the
775 * immediately previous frame and that is using the same modulation
776 * (CCK or OFDM). If no basic rate set matches with these requirements,
777 * the highest mandatory rate of the PHY that is less than or equal to
778 * the rate of the previous frame is used.
779 * Mandatory rates for IEEE 802.11g PHY: 1, 2, 5.5, 11, 6, 12, 24 Mbps
780 */
781 rate = -1;
782 mrate = 10; /* use 1 Mbps if everything fails */
783 for (i = 0; i < mode->num_rates; i++) {
784 struct ieee80211_rate *r = &mode->rates[i];
785 if (r->rate > txrate->rate)
786 break;
787
788 if (IEEE80211_RATE_MODULATION(txrate->flags) !=
789 IEEE80211_RATE_MODULATION(r->flags))
790 continue;
791
792 if (r->flags & IEEE80211_RATE_BASIC)
793 rate = r->rate;
794 else if (r->flags & IEEE80211_RATE_MANDATORY)
795 mrate = r->rate;
796 }
797 if (rate == -1) {
798 /* No matching basic rate found; use highest suitable mandatory
799 * PHY rate */
800 rate = mrate;
801 }
802
803 /* Time needed to transmit ACK
804 * (10 bytes + 4-byte FCS = 112 bits) plus SIFS; rounded up
805 * to closest integer */
806
807 dur = ieee80211_frame_duration(local, 10, rate, erp,
808 local->short_preamble);
809
810 if (next_frag_len) {
811 /* Frame is fragmented: duration increases with time needed to
812 * transmit next fragment plus ACK and 2 x SIFS. */
813 dur *= 2; /* ACK + SIFS */
814 /* next fragment */
815 dur += ieee80211_frame_duration(local, next_frag_len,
816 txrate->rate, erp,
817 local->short_preamble);
818 }
819
820 return dur;
821}
822
823
824static ieee80211_txrx_result
825ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
826{
827 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
828 u16 dur;
829 struct ieee80211_tx_control *control = tx->u.tx.control;
830 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
831
832 if (!is_multicast_ether_addr(hdr->addr1)) {
833 if (tx->skb->len + FCS_LEN > tx->local->rts_threshold &&
834 tx->local->rts_threshold < IEEE80211_MAX_RTS_THRESHOLD) {
835 control->flags |= IEEE80211_TXCTL_USE_RTS_CTS;
836 control->retry_limit =
837 tx->local->long_retry_limit;
838 } else {
839 control->retry_limit =
840 tx->local->short_retry_limit;
841 }
842 } else {
843 control->retry_limit = 1;
844 }
845
846 if (tx->fragmented) {
847 /* Do not use multiple retry rates when sending fragmented
848 * frames.
849 * TODO: The last fragment could still use multiple retry
850 * rates. */
851 control->alt_retry_rate = -1;
852 }
853
854 /* Use CTS protection for unicast frames sent using extended rates if
855 * there are associated non-ERP stations and RTS/CTS is not configured
856 * for the frame. */
857 if (mode->mode == MODE_IEEE80211G &&
858 (tx->u.tx.rate->flags & IEEE80211_RATE_ERP) &&
859 tx->u.tx.unicast &&
860 tx->local->cts_protect_erp_frames &&
861 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
862 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
863
864 /* Setup duration field for the first fragment of the frame. Duration
865 * for remaining fragments will be updated when they are being sent
866 * to low-level driver in ieee80211_tx(). */
867 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
868 tx->fragmented ? tx->u.tx.extra_frag[0]->len :
869 0);
870 hdr->duration_id = cpu_to_le16(dur);
871
872 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
873 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) {
874 struct ieee80211_rate *rate;
875
876 /* Do not use multiple retry rates when using RTS/CTS */
877 control->alt_retry_rate = -1;
878
879 /* Use min(data rate, max base rate) as CTS/RTS rate */
880 rate = tx->u.tx.rate;
881 while (rate > mode->rates &&
882 !(rate->flags & IEEE80211_RATE_BASIC))
883 rate--;
884
885 control->rts_cts_rate = rate->val;
886 control->rts_rate = rate;
887 }
888
889 if (tx->sta) {
890 tx->sta->tx_packets++;
891 tx->sta->tx_fragments++;
892 tx->sta->tx_bytes += tx->skb->len;
893 if (tx->u.tx.extra_frag) {
894 int i;
895 tx->sta->tx_fragments += tx->u.tx.num_extra_frag;
896 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
897 tx->sta->tx_bytes +=
898 tx->u.tx.extra_frag[i]->len;
899 }
900 }
901 }
902
903 return TXRX_CONTINUE;
904}
905
906
907static ieee80211_txrx_result
908ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
909{
910#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
911 struct sk_buff *skb = tx->skb;
912 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
913#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
914 u32 sta_flags;
915
916 if (unlikely(tx->local->sta_scanning != 0) &&
917 ((tx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
918 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ))
919 return TXRX_DROP;
920
921 if (tx->u.tx.ps_buffered)
922 return TXRX_CONTINUE;
923
924 sta_flags = tx->sta ? tx->sta->flags : 0;
925
926 if (likely(tx->u.tx.unicast)) {
927 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) &&
928 tx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
929 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
930#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
931 printk(KERN_DEBUG "%s: dropped data frame to not "
932 "associated station " MAC_FMT "\n",
933 tx->dev->name, MAC_ARG(hdr->addr1));
934#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
935 I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc);
936 return TXRX_DROP;
937 }
938 } else {
939 if (unlikely((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
940 tx->local->num_sta == 0 &&
941 !tx->local->allow_broadcast_always &&
942 tx->sdata->type != IEEE80211_IF_TYPE_IBSS)) {
943 /*
944 * No associated STAs - no need to send multicast
945 * frames.
946 */
947 return TXRX_DROP;
948 }
949 return TXRX_CONTINUE;
950 }
951
952 if (unlikely(!tx->u.tx.mgmt_interface && tx->sdata->ieee802_1x &&
953 !(sta_flags & WLAN_STA_AUTHORIZED))) {
954#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
955 printk(KERN_DEBUG "%s: dropped frame to " MAC_FMT
956 " (unauthorized port)\n", tx->dev->name,
957 MAC_ARG(hdr->addr1));
958#endif
959 I802_DEBUG_INC(tx->local->tx_handlers_drop_unauth_port);
960 return TXRX_DROP;
961 }
962
963 return TXRX_CONTINUE;
964}
965
966static ieee80211_txrx_result
967ieee80211_tx_h_sequence(struct ieee80211_txrx_data *tx)
968{
969 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
970
971 if (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control)) >= 24)
972 ieee80211_include_sequence(tx->sdata, hdr);
973
974 return TXRX_CONTINUE;
975}
976
977/* This function is called whenever the AP is about to exceed the maximum limit
978 * of buffered frames for power saving STAs. This situation should not really
979 * happen often during normal operation, so dropping the oldest buffered packet
980 * from each queue should be OK to make some room for new frames. */
981static void purge_old_ps_buffers(struct ieee80211_local *local)
982{
983 int total = 0, purged = 0;
984 struct sk_buff *skb;
985 struct ieee80211_sub_if_data *sdata;
986 struct sta_info *sta;
987
988 read_lock(&local->sub_if_lock);
989 list_for_each_entry(sdata, &local->sub_if_list, list) {
990 struct ieee80211_if_ap *ap;
991 if (sdata->dev == local->mdev ||
992 sdata->type != IEEE80211_IF_TYPE_AP)
993 continue;
994 ap = &sdata->u.ap;
995 skb = skb_dequeue(&ap->ps_bc_buf);
996 if (skb) {
997 purged++;
998 dev_kfree_skb(skb);
999 }
1000 total += skb_queue_len(&ap->ps_bc_buf);
1001 }
1002 read_unlock(&local->sub_if_lock);
1003
1004 spin_lock_bh(&local->sta_lock);
1005 list_for_each_entry(sta, &local->sta_list, list) {
1006 skb = skb_dequeue(&sta->ps_tx_buf);
1007 if (skb) {
1008 purged++;
1009 dev_kfree_skb(skb);
1010 }
1011 total += skb_queue_len(&sta->ps_tx_buf);
1012 }
1013 spin_unlock_bh(&local->sta_lock);
1014
1015 local->total_ps_buffered = total;
1016 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n",
1017 local->mdev->name, purged);
1018}
1019
1020
1021static inline ieee80211_txrx_result
1022ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx)
1023{
1024 /* broadcast/multicast frame */
1025 /* If any of the associated stations is in power save mode,
1026 * the frame is buffered to be sent after DTIM beacon frame */
1027 if ((tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING) &&
1028 tx->sdata->type != IEEE80211_IF_TYPE_WDS &&
1029 tx->sdata->bss && atomic_read(&tx->sdata->bss->num_sta_ps) &&
1030 !(tx->fc & IEEE80211_FCTL_ORDER)) {
1031 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1032 purge_old_ps_buffers(tx->local);
1033 if (skb_queue_len(&tx->sdata->bss->ps_bc_buf) >=
1034 AP_MAX_BC_BUFFER) {
1035 if (net_ratelimit()) {
1036 printk(KERN_DEBUG "%s: BC TX buffer full - "
1037 "dropping the oldest frame\n",
1038 tx->dev->name);
1039 }
1040 dev_kfree_skb(skb_dequeue(&tx->sdata->bss->ps_bc_buf));
1041 } else
1042 tx->local->total_ps_buffered++;
1043 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb);
1044 return TXRX_QUEUED;
1045 }
1046
1047 return TXRX_CONTINUE;
1048}
1049
1050
1051static inline ieee80211_txrx_result
1052ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
1053{
1054 struct sta_info *sta = tx->sta;
1055
1056 if (unlikely(!sta ||
1057 ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT &&
1058 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP)))
1059 return TXRX_CONTINUE;
1060
1061 if (unlikely((sta->flags & WLAN_STA_PS) && !sta->pspoll)) {
1062 struct ieee80211_tx_packet_data *pkt_data;
1063#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1064 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS buffer (entries "
1065 "before %d)\n",
1066 MAC_ARG(sta->addr), sta->aid,
1067 skb_queue_len(&sta->ps_tx_buf));
1068#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1069 sta->flags |= WLAN_STA_TIM;
1070 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1071 purge_old_ps_buffers(tx->local);
1072 if (skb_queue_len(&sta->ps_tx_buf) >= STA_MAX_TX_BUFFER) {
1073 struct sk_buff *old = skb_dequeue(&sta->ps_tx_buf);
1074 if (net_ratelimit()) {
1075 printk(KERN_DEBUG "%s: STA " MAC_FMT " TX "
1076 "buffer full - dropping oldest frame\n",
1077 tx->dev->name, MAC_ARG(sta->addr));
1078 }
1079 dev_kfree_skb(old);
1080 } else
1081 tx->local->total_ps_buffered++;
1082 /* Queue frame to be sent after STA sends an PS Poll frame */
1083 if (skb_queue_empty(&sta->ps_tx_buf)) {
1084 if (tx->local->ops->set_tim)
1085 tx->local->ops->set_tim(local_to_hw(tx->local),
1086 sta->aid, 1);
1087 if (tx->sdata->bss)
1088 bss_tim_set(tx->local, tx->sdata->bss, sta->aid);
1089 }
1090 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb;
1091 pkt_data->jiffies = jiffies;
1092 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
1093 return TXRX_QUEUED;
1094 }
1095#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1096 else if (unlikely(sta->flags & WLAN_STA_PS)) {
1097 printk(KERN_DEBUG "%s: STA " MAC_FMT " in PS mode, but pspoll "
1098 "set -> send frame\n", tx->dev->name,
1099 MAC_ARG(sta->addr));
1100 }
1101#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1102 sta->pspoll = 0;
1103
1104 return TXRX_CONTINUE;
1105}
1106
1107
1108static ieee80211_txrx_result
1109ieee80211_tx_h_ps_buf(struct ieee80211_txrx_data *tx)
1110{
1111 if (unlikely(tx->u.tx.ps_buffered))
1112 return TXRX_CONTINUE;
1113
1114 if (tx->u.tx.unicast)
1115 return ieee80211_tx_h_unicast_ps_buf(tx);
1116 else
1117 return ieee80211_tx_h_multicast_ps_buf(tx);
1118}
1119
1120
1121static void inline
1122__ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1123 struct sk_buff *skb,
1124 struct net_device *dev,
1125 struct ieee80211_tx_control *control)
1126{
1127 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1128 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1129 int hdrlen;
1130
1131 memset(tx, 0, sizeof(*tx));
1132 tx->skb = skb;
1133 tx->dev = dev; /* use original interface */
1134 tx->local = local;
1135 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1136 tx->sta = sta_info_get(local, hdr->addr1);
1137 tx->fc = le16_to_cpu(hdr->frame_control);
1138 control->power_level = local->hw.conf.power_level;
1139 tx->u.tx.control = control;
1140 tx->u.tx.unicast = !is_multicast_ether_addr(hdr->addr1);
1141 if (is_multicast_ether_addr(hdr->addr1))
1142 control->flags |= IEEE80211_TXCTL_NO_ACK;
1143 else
1144 control->flags &= ~IEEE80211_TXCTL_NO_ACK;
1145 tx->fragmented = local->fragmentation_threshold <
1146 IEEE80211_MAX_FRAG_THRESHOLD && tx->u.tx.unicast &&
1147 skb->len + FCS_LEN > local->fragmentation_threshold &&
1148 (!local->ops->set_frag_threshold);
1149 if (!tx->sta)
1150 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1151 else if (tx->sta->clear_dst_mask) {
1152 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1153 tx->sta->clear_dst_mask = 0;
1154 }
1155 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1156 if (local->sta_antenna_sel != STA_ANTENNA_SEL_AUTO && tx->sta)
1157 control->antenna_sel_tx = tx->sta->antenna_sel_tx;
1158 hdrlen = ieee80211_get_hdrlen(tx->fc);
1159 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) {
1160 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)];
1161 tx->ethertype = (pos[0] << 8) | pos[1];
1162 }
1163 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT;
1164
1165}
1166
1167static int inline is_ieee80211_device(struct net_device *dev,
1168 struct net_device *master)
1169{
1170 return (wdev_priv(dev->ieee80211_ptr) ==
1171 wdev_priv(master->ieee80211_ptr));
1172}
1173
1174/* Device in tx->dev has a reference added; use dev_put(tx->dev) when
1175 * finished with it. */
1176static int inline ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1177 struct sk_buff *skb,
1178 struct net_device *mdev,
1179 struct ieee80211_tx_control *control)
1180{
1181 struct ieee80211_tx_packet_data *pkt_data;
1182 struct net_device *dev;
1183
1184 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1185 dev = dev_get_by_index(pkt_data->ifindex);
1186 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) {
1187 dev_put(dev);
1188 dev = NULL;
1189 }
1190 if (unlikely(!dev))
1191 return -ENODEV;
1192 __ieee80211_tx_prepare(tx, skb, dev, control);
1193 return 0;
1194}
1195
1196static inline int __ieee80211_queue_stopped(const struct ieee80211_local *local,
1197 int queue)
1198{
1199 return test_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
1200}
1201
1202static inline int __ieee80211_queue_pending(const struct ieee80211_local *local,
1203 int queue)
1204{
1205 return test_bit(IEEE80211_LINK_STATE_PENDING, &local->state[queue]);
1206}
1207
1208#define IEEE80211_TX_OK 0
1209#define IEEE80211_TX_AGAIN 1
1210#define IEEE80211_TX_FRAG_AGAIN 2
1211
1212static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1213 struct ieee80211_txrx_data *tx)
1214{
1215 struct ieee80211_tx_control *control = tx->u.tx.control;
1216 int ret, i;
1217
1218 if (!ieee80211_qdisc_installed(local->mdev) &&
1219 __ieee80211_queue_stopped(local, 0)) {
1220 netif_stop_queue(local->mdev);
1221 return IEEE80211_TX_AGAIN;
1222 }
1223 if (skb) {
1224 ieee80211_dump_frame(local->mdev->name, "TX to low-level driver", skb);
1225 ret = local->ops->tx(local_to_hw(local), skb, control);
1226 if (ret)
1227 return IEEE80211_TX_AGAIN;
1228 local->mdev->trans_start = jiffies;
1229 ieee80211_led_tx(local, 1);
1230 }
1231 if (tx->u.tx.extra_frag) {
1232 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1233 IEEE80211_TXCTL_USE_CTS_PROTECT |
1234 IEEE80211_TXCTL_CLEAR_DST_MASK |
1235 IEEE80211_TXCTL_FIRST_FRAGMENT);
1236 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
1237 if (!tx->u.tx.extra_frag[i])
1238 continue;
1239 if (__ieee80211_queue_stopped(local, control->queue))
1240 return IEEE80211_TX_FRAG_AGAIN;
1241 if (i == tx->u.tx.num_extra_frag) {
1242 control->tx_rate = tx->u.tx.last_frag_hwrate;
1243 control->rate = tx->u.tx.last_frag_rate;
1244 if (tx->u.tx.probe_last_frag)
1245 control->flags |=
1246 IEEE80211_TXCTL_RATE_CTRL_PROBE;
1247 else
1248 control->flags &=
1249 ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
1250 }
1251
1252 ieee80211_dump_frame(local->mdev->name,
1253 "TX to low-level driver",
1254 tx->u.tx.extra_frag[i]);
1255 ret = local->ops->tx(local_to_hw(local),
1256 tx->u.tx.extra_frag[i],
1257 control);
1258 if (ret)
1259 return IEEE80211_TX_FRAG_AGAIN;
1260 local->mdev->trans_start = jiffies;
1261 ieee80211_led_tx(local, 1);
1262 tx->u.tx.extra_frag[i] = NULL;
1263 }
1264 kfree(tx->u.tx.extra_frag);
1265 tx->u.tx.extra_frag = NULL;
1266 }
1267 return IEEE80211_TX_OK;
1268}
1269
1270static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1271 struct ieee80211_tx_control *control, int mgmt)
1272{
1273 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1274 struct sta_info *sta;
1275 ieee80211_tx_handler *handler;
1276 struct ieee80211_txrx_data tx;
1277 ieee80211_txrx_result res = TXRX_DROP;
1278 int ret, i;
1279
1280 WARN_ON(__ieee80211_queue_pending(local, control->queue));
1281
1282 if (unlikely(skb->len < 10)) {
1283 dev_kfree_skb(skb);
1284 return 0;
1285 }
1286
1287 __ieee80211_tx_prepare(&tx, skb, dev, control);
1288 sta = tx.sta;
1289 tx.u.tx.mgmt_interface = mgmt;
1290 tx.u.tx.mode = local->hw.conf.mode;
1291
1292 for (handler = local->tx_handlers; *handler != NULL; handler++) {
1293 res = (*handler)(&tx);
1294 if (res != TXRX_CONTINUE)
1295 break;
1296 }
1297
1298 skb = tx.skb; /* handlers are allowed to change skb */
1299
1300 if (sta)
1301 sta_info_put(sta);
1302
1303 if (unlikely(res == TXRX_DROP)) {
1304 I802_DEBUG_INC(local->tx_handlers_drop);
1305 goto drop;
1306 }
1307
1308 if (unlikely(res == TXRX_QUEUED)) {
1309 I802_DEBUG_INC(local->tx_handlers_queued);
1310 return 0;
1311 }
1312
1313 if (tx.u.tx.extra_frag) {
1314 for (i = 0; i < tx.u.tx.num_extra_frag; i++) {
1315 int next_len, dur;
1316 struct ieee80211_hdr *hdr =
1317 (struct ieee80211_hdr *)
1318 tx.u.tx.extra_frag[i]->data;
1319
1320 if (i + 1 < tx.u.tx.num_extra_frag) {
1321 next_len = tx.u.tx.extra_frag[i + 1]->len;
1322 } else {
1323 next_len = 0;
1324 tx.u.tx.rate = tx.u.tx.last_frag_rate;
1325 tx.u.tx.last_frag_hwrate = tx.u.tx.rate->val;
1326 }
1327 dur = ieee80211_duration(&tx, 0, next_len);
1328 hdr->duration_id = cpu_to_le16(dur);
1329 }
1330 }
1331
1332retry:
1333 ret = __ieee80211_tx(local, skb, &tx);
1334 if (ret) {
1335 struct ieee80211_tx_stored_packet *store =
1336 &local->pending_packet[control->queue];
1337
1338 if (ret == IEEE80211_TX_FRAG_AGAIN)
1339 skb = NULL;
1340 set_bit(IEEE80211_LINK_STATE_PENDING,
1341 &local->state[control->queue]);
1342 smp_mb();
1343 /* When the driver gets out of buffers during sending of
1344 * fragments and calls ieee80211_stop_queue, there is
1345 * a small window between IEEE80211_LINK_STATE_XOFF and
1346 * IEEE80211_LINK_STATE_PENDING flags are set. If a buffer
1347 * gets available in that window (i.e. driver calls
1348 * ieee80211_wake_queue), we would end up with ieee80211_tx
1349 * called with IEEE80211_LINK_STATE_PENDING. Prevent this by
1350 * continuing transmitting here when that situation is
1351 * possible to have happened. */
1352 if (!__ieee80211_queue_stopped(local, control->queue)) {
1353 clear_bit(IEEE80211_LINK_STATE_PENDING,
1354 &local->state[control->queue]);
1355 goto retry;
1356 }
1357 memcpy(&store->control, control,
1358 sizeof(struct ieee80211_tx_control));
1359 store->skb = skb;
1360 store->extra_frag = tx.u.tx.extra_frag;
1361 store->num_extra_frag = tx.u.tx.num_extra_frag;
1362 store->last_frag_hwrate = tx.u.tx.last_frag_hwrate;
1363 store->last_frag_rate = tx.u.tx.last_frag_rate;
1364 store->last_frag_rate_ctrl_probe = tx.u.tx.probe_last_frag;
1365 }
1366 return 0;
1367
1368 drop:
1369 if (skb)
1370 dev_kfree_skb(skb);
1371 for (i = 0; i < tx.u.tx.num_extra_frag; i++)
1372 if (tx.u.tx.extra_frag[i])
1373 dev_kfree_skb(tx.u.tx.extra_frag[i]);
1374 kfree(tx.u.tx.extra_frag);
1375 return 0;
1376}
1377
1378static void ieee80211_tx_pending(unsigned long data)
1379{
1380 struct ieee80211_local *local = (struct ieee80211_local *)data;
1381 struct net_device *dev = local->mdev;
1382 struct ieee80211_tx_stored_packet *store;
1383 struct ieee80211_txrx_data tx;
1384 int i, ret, reschedule = 0;
1385
1386 netif_tx_lock_bh(dev);
1387 for (i = 0; i < local->hw.queues; i++) {
1388 if (__ieee80211_queue_stopped(local, i))
1389 continue;
1390 if (!__ieee80211_queue_pending(local, i)) {
1391 reschedule = 1;
1392 continue;
1393 }
1394 store = &local->pending_packet[i];
1395 tx.u.tx.control = &store->control;
1396 tx.u.tx.extra_frag = store->extra_frag;
1397 tx.u.tx.num_extra_frag = store->num_extra_frag;
1398 tx.u.tx.last_frag_hwrate = store->last_frag_hwrate;
1399 tx.u.tx.last_frag_rate = store->last_frag_rate;
1400 tx.u.tx.probe_last_frag = store->last_frag_rate_ctrl_probe;
1401 ret = __ieee80211_tx(local, store->skb, &tx);
1402 if (ret) {
1403 if (ret == IEEE80211_TX_FRAG_AGAIN)
1404 store->skb = NULL;
1405 } else {
1406 clear_bit(IEEE80211_LINK_STATE_PENDING,
1407 &local->state[i]);
1408 reschedule = 1;
1409 }
1410 }
1411 netif_tx_unlock_bh(dev);
1412 if (reschedule) {
1413 if (!ieee80211_qdisc_installed(dev)) {
1414 if (!__ieee80211_queue_stopped(local, 0))
1415 netif_wake_queue(dev);
1416 } else
1417 netif_schedule(dev);
1418 }
1419}
1420
1421static void ieee80211_clear_tx_pending(struct ieee80211_local *local)
1422{
1423 int i, j;
1424 struct ieee80211_tx_stored_packet *store;
1425
1426 for (i = 0; i < local->hw.queues; i++) {
1427 if (!__ieee80211_queue_pending(local, i))
1428 continue;
1429 store = &local->pending_packet[i];
1430 kfree_skb(store->skb);
1431 for (j = 0; j < store->num_extra_frag; j++)
1432 kfree_skb(store->extra_frag[j]);
1433 kfree(store->extra_frag);
1434 clear_bit(IEEE80211_LINK_STATE_PENDING, &local->state[i]);
1435 }
1436}
1437
1438static int ieee80211_master_start_xmit(struct sk_buff *skb,
1439 struct net_device *dev)
1440{
1441 struct ieee80211_tx_control control;
1442 struct ieee80211_tx_packet_data *pkt_data;
1443 struct net_device *odev = NULL;
1444 struct ieee80211_sub_if_data *osdata;
1445 int headroom;
1446 int ret;
1447
1448 /*
1449 * copy control out of the skb so other people can use skb->cb
1450 */
1451 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1452 memset(&control, 0, sizeof(struct ieee80211_tx_control));
1453
1454 if (pkt_data->ifindex)
1455 odev = dev_get_by_index(pkt_data->ifindex);
1456 if (unlikely(odev && !is_ieee80211_device(odev, dev))) {
1457 dev_put(odev);
1458 odev = NULL;
1459 }
1460 if (unlikely(!odev)) {
1461#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1462 printk(KERN_DEBUG "%s: Discarded packet with nonexistent "
1463 "originating device\n", dev->name);
1464#endif
1465 dev_kfree_skb(skb);
1466 return 0;
1467 }
1468 osdata = IEEE80211_DEV_TO_SUB_IF(odev);
1469
1470 headroom = osdata->local->hw.extra_tx_headroom +
1471 IEEE80211_ENCRYPT_HEADROOM;
1472 if (skb_headroom(skb) < headroom) {
1473 if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) {
1474 dev_kfree_skb(skb);
1475 return 0;
1476 }
1477 }
1478
1479 control.ifindex = odev->ifindex;
1480 control.type = osdata->type;
1481 if (pkt_data->req_tx_status)
1482 control.flags |= IEEE80211_TXCTL_REQ_TX_STATUS;
1483 if (pkt_data->do_not_encrypt)
1484 control.flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
1485 if (pkt_data->requeue)
1486 control.flags |= IEEE80211_TXCTL_REQUEUE;
1487 control.queue = pkt_data->queue;
1488
1489 ret = ieee80211_tx(odev, skb, &control,
1490 control.type == IEEE80211_IF_TYPE_MGMT);
1491 dev_put(odev);
1492
1493 return ret;
1494}
1495
1496
1497/**
1498 * ieee80211_subif_start_xmit - netif start_xmit function for Ethernet-type
1499 * subinterfaces (wlan#, WDS, and VLAN interfaces)
1500 * @skb: packet to be sent
1501 * @dev: incoming interface
1502 *
1503 * Returns: 0 on success (and frees skb in this case) or 1 on failure (skb will
1504 * not be freed, and caller is responsible for either retrying later or freeing
1505 * skb).
1506 *
1507 * This function takes in an Ethernet header and encapsulates it with suitable
1508 * IEEE 802.11 header based on which interface the packet is coming in. The
1509 * encapsulated packet will then be passed to master interface, wlan#.11, for
1510 * transmission (through low-level driver).
1511 */
1512static int ieee80211_subif_start_xmit(struct sk_buff *skb,
1513 struct net_device *dev)
1514{
1515 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1516 struct ieee80211_tx_packet_data *pkt_data;
1517 struct ieee80211_sub_if_data *sdata;
1518 int ret = 1, head_need;
1519 u16 ethertype, hdrlen, fc;
1520 struct ieee80211_hdr hdr;
1521 const u8 *encaps_data;
1522 int encaps_len, skip_header_bytes;
1523 int nh_pos, h_pos, no_encrypt = 0;
1524 struct sta_info *sta;
1525
1526 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1527 if (unlikely(skb->len < ETH_HLEN)) {
1528 printk(KERN_DEBUG "%s: short skb (len=%d)\n",
1529 dev->name, skb->len);
1530 ret = 0;
1531 goto fail;
1532 }
1533
1534 nh_pos = skb_network_header(skb) - skb->data;
1535 h_pos = skb_transport_header(skb) - skb->data;
1536
1537 /* convert Ethernet header to proper 802.11 header (based on
1538 * operation mode) */
1539 ethertype = (skb->data[12] << 8) | skb->data[13];
1540 /* TODO: handling for 802.1x authorized/unauthorized port */
1541 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA;
1542
1543 if (likely(sdata->type == IEEE80211_IF_TYPE_AP ||
1544 sdata->type == IEEE80211_IF_TYPE_VLAN)) {
1545 fc |= IEEE80211_FCTL_FROMDS;
1546 /* DA BSSID SA */
1547 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1548 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1549 memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN);
1550 hdrlen = 24;
1551 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
1552 fc |= IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS;
1553 /* RA TA DA SA */
1554 memcpy(hdr.addr1, sdata->u.wds.remote_addr, ETH_ALEN);
1555 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1556 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1557 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1558 hdrlen = 30;
1559 } else if (sdata->type == IEEE80211_IF_TYPE_STA) {
1560 fc |= IEEE80211_FCTL_TODS;
1561 /* BSSID SA DA */
1562 memcpy(hdr.addr1, sdata->u.sta.bssid, ETH_ALEN);
1563 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1564 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1565 hdrlen = 24;
1566 } else if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
1567 /* DA SA BSSID */
1568 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1569 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1570 memcpy(hdr.addr3, sdata->u.sta.bssid, ETH_ALEN);
1571 hdrlen = 24;
1572 } else {
1573 ret = 0;
1574 goto fail;
1575 }
1576
1577 /* receiver is QoS enabled, use a QoS type frame */
1578 sta = sta_info_get(local, hdr.addr1);
1579 if (sta) {
1580 if (sta->flags & WLAN_STA_WME) {
1581 fc |= IEEE80211_STYPE_QOS_DATA;
1582 hdrlen += 2;
1583 }
1584 sta_info_put(sta);
1585 }
1586
1587 hdr.frame_control = cpu_to_le16(fc);
1588 hdr.duration_id = 0;
1589 hdr.seq_ctrl = 0;
1590
1591 skip_header_bytes = ETH_HLEN;
1592 if (ethertype == ETH_P_AARP || ethertype == ETH_P_IPX) {
1593 encaps_data = bridge_tunnel_header;
1594 encaps_len = sizeof(bridge_tunnel_header);
1595 skip_header_bytes -= 2;
1596 } else if (ethertype >= 0x600) {
1597 encaps_data = rfc1042_header;
1598 encaps_len = sizeof(rfc1042_header);
1599 skip_header_bytes -= 2;
1600 } else {
1601 encaps_data = NULL;
1602 encaps_len = 0;
1603 }
1604
1605 skb_pull(skb, skip_header_bytes);
1606 nh_pos -= skip_header_bytes;
1607 h_pos -= skip_header_bytes;
1608
1609 /* TODO: implement support for fragments so that there is no need to
1610 * reallocate and copy payload; it might be enough to support one
1611 * extra fragment that would be copied in the beginning of the frame
1612 * data.. anyway, it would be nice to include this into skb structure
1613 * somehow
1614 *
1615 * There are few options for this:
1616 * use skb->cb as an extra space for 802.11 header
1617 * allocate new buffer if not enough headroom
1618 * make sure that there is enough headroom in every skb by increasing
1619 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1620 * alloc_skb() (net/core/skbuff.c)
1621 */
1622 head_need = hdrlen + encaps_len + local->hw.extra_tx_headroom;
1623 head_need -= skb_headroom(skb);
1624
1625 /* We are going to modify skb data, so make a copy of it if happens to
1626 * be cloned. This could happen, e.g., with Linux bridge code passing
1627 * us broadcast frames. */
1628
1629 if (head_need > 0 || skb_cloned(skb)) {
1630#if 0
1631 printk(KERN_DEBUG "%s: need to reallocate buffer for %d bytes "
1632 "of headroom\n", dev->name, head_need);
1633#endif
1634
1635 if (skb_cloned(skb))
1636 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1637 else
1638 I802_DEBUG_INC(local->tx_expand_skb_head);
1639 /* Since we have to reallocate the buffer, make sure that there
1640 * is enough room for possible WEP IV/ICV and TKIP (8 bytes
1641 * before payload and 12 after). */
1642 if (pskb_expand_head(skb, (head_need > 0 ? head_need + 8 : 8),
1643 12, GFP_ATOMIC)) {
1644 printk(KERN_DEBUG "%s: failed to reallocate TX buffer"
1645 "\n", dev->name);
1646 goto fail;
1647 }
1648 }
1649
1650 if (encaps_data) {
1651 memcpy(skb_push(skb, encaps_len), encaps_data, encaps_len);
1652 nh_pos += encaps_len;
1653 h_pos += encaps_len;
1654 }
1655 memcpy(skb_push(skb, hdrlen), &hdr, hdrlen);
1656 nh_pos += hdrlen;
1657 h_pos += hdrlen;
1658
1659 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1660 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1661 pkt_data->ifindex = sdata->dev->ifindex;
1662 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1663 pkt_data->do_not_encrypt = no_encrypt;
1664
1665 skb->dev = local->mdev;
1666 sdata->stats.tx_packets++;
1667 sdata->stats.tx_bytes += skb->len;
1668
1669 /* Update skb pointers to various headers since this modified frame
1670 * is going to go through Linux networking code that may potentially
1671 * need things like pointer to IP header. */
1672 skb_set_mac_header(skb, 0);
1673 skb_set_network_header(skb, nh_pos);
1674 skb_set_transport_header(skb, h_pos);
1675
1676 dev->trans_start = jiffies;
1677 dev_queue_xmit(skb);
1678
1679 return 0;
1680
1681 fail:
1682 if (!ret)
1683 dev_kfree_skb(skb);
1684
1685 return ret;
1686}
1687
1688
1689/*
1690 * This is the transmit routine for the 802.11 type interfaces
1691 * called by upper layers of the linux networking
1692 * stack when it has a frame to transmit
1693 */
1694static int
1695ieee80211_mgmt_start_xmit(struct sk_buff *skb, struct net_device *dev)
1696{
1697 struct ieee80211_sub_if_data *sdata;
1698 struct ieee80211_tx_packet_data *pkt_data;
1699 struct ieee80211_hdr *hdr;
1700 u16 fc;
1701
1702 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1703
1704 if (skb->len < 10) {
1705 dev_kfree_skb(skb);
1706 return 0;
1707 }
1708
1709 if (skb_headroom(skb) < sdata->local->hw.extra_tx_headroom) {
1710 if (pskb_expand_head(skb,
1711 sdata->local->hw.extra_tx_headroom, 0, GFP_ATOMIC)) {
1712 dev_kfree_skb(skb);
1713 return 0;
1714 }
1715 }
1716
1717 hdr = (struct ieee80211_hdr *) skb->data;
1718 fc = le16_to_cpu(hdr->frame_control);
1719
1720 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
1721 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1722 pkt_data->ifindex = sdata->dev->ifindex;
1723 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1724
1725 skb->priority = 20; /* use hardcoded priority for mgmt TX queue */
1726 skb->dev = sdata->local->mdev;
1727
1728 /*
1729 * We're using the protocol field of the the frame control header
1730 * to request TX callback for hostapd. BIT(1) is checked.
1731 */
1732 if ((fc & BIT(1)) == BIT(1)) {
1733 pkt_data->req_tx_status = 1;
1734 fc &= ~BIT(1);
1735 hdr->frame_control = cpu_to_le16(fc);
1736 }
1737
1738 pkt_data->do_not_encrypt = !(fc & IEEE80211_FCTL_PROTECTED);
1739
1740 sdata->stats.tx_packets++;
1741 sdata->stats.tx_bytes += skb->len;
1742
1743 dev_queue_xmit(skb);
1744
1745 return 0;
1746}
1747
1748
1749static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1750 struct ieee80211_if_ap *bss,
1751 struct sk_buff *skb)
1752{
1753 u8 *pos, *tim;
1754 int aid0 = 0;
1755 int i, have_bits = 0, n1, n2;
1756
1757 /* Generate bitmap for TIM only if there are any STAs in power save
1758 * mode. */
1759 spin_lock_bh(&local->sta_lock);
1760 if (atomic_read(&bss->num_sta_ps) > 0)
1761 /* in the hope that this is faster than
1762 * checking byte-for-byte */
1763 have_bits = !bitmap_empty((unsigned long*)bss->tim,
1764 IEEE80211_MAX_AID+1);
1765
1766 if (bss->dtim_count == 0)
1767 bss->dtim_count = bss->dtim_period - 1;
1768 else
1769 bss->dtim_count--;
1770
1771 tim = pos = (u8 *) skb_put(skb, 6);
1772 *pos++ = WLAN_EID_TIM;
1773 *pos++ = 4;
1774 *pos++ = bss->dtim_count;
1775 *pos++ = bss->dtim_period;
1776
1777 if (bss->dtim_count == 0 && !skb_queue_empty(&bss->ps_bc_buf))
1778 aid0 = 1;
1779
1780 if (have_bits) {
1781 /* Find largest even number N1 so that bits numbered 1 through
1782 * (N1 x 8) - 1 in the bitmap are 0 and number N2 so that bits
1783 * (N2 + 1) x 8 through 2007 are 0. */
1784 n1 = 0;
1785 for (i = 0; i < IEEE80211_MAX_TIM_LEN; i++) {
1786 if (bss->tim[i]) {
1787 n1 = i & 0xfe;
1788 break;
1789 }
1790 }
1791 n2 = n1;
1792 for (i = IEEE80211_MAX_TIM_LEN - 1; i >= n1; i--) {
1793 if (bss->tim[i]) {
1794 n2 = i;
1795 break;
1796 }
1797 }
1798
1799 /* Bitmap control */
1800 *pos++ = n1 | aid0;
1801 /* Part Virt Bitmap */
1802 memcpy(pos, bss->tim + n1, n2 - n1 + 1);
1803
1804 tim[1] = n2 - n1 + 4;
1805 skb_put(skb, n2 - n1);
1806 } else {
1807 *pos++ = aid0; /* Bitmap control */
1808 *pos++ = 0; /* Part Virt Bitmap */
1809 }
1810 spin_unlock_bh(&local->sta_lock);
1811}
1812
1813
1814struct sk_buff * ieee80211_beacon_get(struct ieee80211_hw *hw, int if_id,
1815 struct ieee80211_tx_control *control)
1816{
1817 struct ieee80211_local *local = hw_to_local(hw);
1818 struct sk_buff *skb;
1819 struct net_device *bdev;
1820 struct ieee80211_sub_if_data *sdata = NULL;
1821 struct ieee80211_if_ap *ap = NULL;
1822 struct ieee80211_rate *rate;
1823 struct rate_control_extra extra;
1824 u8 *b_head, *b_tail;
1825 int bh_len, bt_len;
1826
1827 bdev = dev_get_by_index(if_id);
1828 if (bdev) {
1829 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
1830 ap = &sdata->u.ap;
1831 dev_put(bdev);
1832 }
1833
1834 if (!ap || sdata->type != IEEE80211_IF_TYPE_AP ||
1835 !ap->beacon_head) {
1836#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1837 if (net_ratelimit())
1838 printk(KERN_DEBUG "no beacon data avail for idx=%d "
1839 "(%s)\n", if_id, bdev ? bdev->name : "N/A");
1840#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
1841 return NULL;
1842 }
1843
1844 /* Assume we are generating the normal beacon locally */
1845 b_head = ap->beacon_head;
1846 b_tail = ap->beacon_tail;
1847 bh_len = ap->beacon_head_len;
1848 bt_len = ap->beacon_tail_len;
1849
1850 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
1851 bh_len + bt_len + 256 /* maximum TIM len */);
1852 if (!skb)
1853 return NULL;
1854
1855 skb_reserve(skb, local->hw.extra_tx_headroom);
1856 memcpy(skb_put(skb, bh_len), b_head, bh_len);
1857
1858 ieee80211_include_sequence(sdata, (struct ieee80211_hdr *)skb->data);
1859
1860 ieee80211_beacon_add_tim(local, ap, skb);
1861
1862 if (b_tail) {
1863 memcpy(skb_put(skb, bt_len), b_tail, bt_len);
1864 }
1865
1866 if (control) {
1867 memset(&extra, 0, sizeof(extra));
1868 extra.mode = local->oper_hw_mode;
1869
1870 rate = rate_control_get_rate(local, local->mdev, skb, &extra);
1871 if (!rate) {
1872 if (net_ratelimit()) {
1873 printk(KERN_DEBUG "%s: ieee80211_beacon_get: no rate "
1874 "found\n", local->mdev->name);
1875 }
1876 dev_kfree_skb(skb);
1877 return NULL;
1878 }
1879
1880 control->tx_rate = (local->short_preamble &&
1881 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
1882 rate->val2 : rate->val;
1883 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1884 control->power_level = local->hw.conf.power_level;
1885 control->flags |= IEEE80211_TXCTL_NO_ACK;
1886 control->retry_limit = 1;
1887 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1888 }
1889
1890 ap->num_beacons++;
1891 return skb;
1892}
1893EXPORT_SYMBOL(ieee80211_beacon_get);
1894
1895__le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
1896 size_t frame_len,
1897 const struct ieee80211_tx_control *frame_txctl)
1898{
1899 struct ieee80211_local *local = hw_to_local(hw);
1900 struct ieee80211_rate *rate;
1901 int short_preamble = local->short_preamble;
1902 int erp;
1903 u16 dur;
1904
1905 rate = frame_txctl->rts_rate;
1906 erp = !!(rate->flags & IEEE80211_RATE_ERP);
1907
1908 /* CTS duration */
1909 dur = ieee80211_frame_duration(local, 10, rate->rate,
1910 erp, short_preamble);
1911 /* Data frame duration */
1912 dur += ieee80211_frame_duration(local, frame_len, rate->rate,
1913 erp, short_preamble);
1914 /* ACK duration */
1915 dur += ieee80211_frame_duration(local, 10, rate->rate,
1916 erp, short_preamble);
1917
1918 return cpu_to_le16(dur);
1919}
1920EXPORT_SYMBOL(ieee80211_rts_duration);
1921
1922
1923__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
1924 size_t frame_len,
1925 const struct ieee80211_tx_control *frame_txctl)
1926{
1927 struct ieee80211_local *local = hw_to_local(hw);
1928 struct ieee80211_rate *rate;
1929 int short_preamble = local->short_preamble;
1930 int erp;
1931 u16 dur;
1932
1933 rate = frame_txctl->rts_rate;
1934 erp = !!(rate->flags & IEEE80211_RATE_ERP);
1935
1936 /* Data frame duration */
1937 dur = ieee80211_frame_duration(local, frame_len, rate->rate,
1938 erp, short_preamble);
1939 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) {
1940 /* ACK duration */
1941 dur += ieee80211_frame_duration(local, 10, rate->rate,
1942 erp, short_preamble);
1943 }
1944
1945 return cpu_to_le16(dur);
1946}
1947EXPORT_SYMBOL(ieee80211_ctstoself_duration);
1948
1949void ieee80211_rts_get(struct ieee80211_hw *hw,
1950 const void *frame, size_t frame_len,
1951 const struct ieee80211_tx_control *frame_txctl,
1952 struct ieee80211_rts *rts)
1953{
1954 const struct ieee80211_hdr *hdr = frame;
1955 u16 fctl;
1956
1957 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS;
1958 rts->frame_control = cpu_to_le16(fctl);
1959 rts->duration = ieee80211_rts_duration(hw, frame_len, frame_txctl);
1960 memcpy(rts->ra, hdr->addr1, sizeof(rts->ra));
1961 memcpy(rts->ta, hdr->addr2, sizeof(rts->ta));
1962}
1963EXPORT_SYMBOL(ieee80211_rts_get);
1964
1965void ieee80211_ctstoself_get(struct ieee80211_hw *hw,
1966 const void *frame, size_t frame_len,
1967 const struct ieee80211_tx_control *frame_txctl,
1968 struct ieee80211_cts *cts)
1969{
1970 const struct ieee80211_hdr *hdr = frame;
1971 u16 fctl;
1972
1973 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_CTS;
1974 cts->frame_control = cpu_to_le16(fctl);
1975 cts->duration = ieee80211_ctstoself_duration(hw, frame_len, frame_txctl);
1976 memcpy(cts->ra, hdr->addr1, sizeof(cts->ra));
1977}
1978EXPORT_SYMBOL(ieee80211_ctstoself_get);
1979
1980struct sk_buff *
1981ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id,
1982 struct ieee80211_tx_control *control)
1983{
1984 struct ieee80211_local *local = hw_to_local(hw);
1985 struct sk_buff *skb;
1986 struct sta_info *sta;
1987 ieee80211_tx_handler *handler;
1988 struct ieee80211_txrx_data tx;
1989 ieee80211_txrx_result res = TXRX_DROP;
1990 struct net_device *bdev;
1991 struct ieee80211_sub_if_data *sdata;
1992 struct ieee80211_if_ap *bss = NULL;
1993
1994 bdev = dev_get_by_index(if_id);
1995 if (bdev) {
1996 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
1997 bss = &sdata->u.ap;
1998 dev_put(bdev);
1999 }
2000 if (!bss || sdata->type != IEEE80211_IF_TYPE_AP || !bss->beacon_head)
2001 return NULL;
2002
2003 if (bss->dtim_count != 0)
2004 return NULL; /* send buffered bc/mc only after DTIM beacon */
2005 memset(control, 0, sizeof(*control));
2006 while (1) {
2007 skb = skb_dequeue(&bss->ps_bc_buf);
2008 if (!skb)
2009 return NULL;
2010 local->total_ps_buffered--;
2011
2012 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) {
2013 struct ieee80211_hdr *hdr =
2014 (struct ieee80211_hdr *) skb->data;
2015 /* more buffered multicast/broadcast frames ==> set
2016 * MoreData flag in IEEE 802.11 header to inform PS
2017 * STAs */
2018 hdr->frame_control |=
2019 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
2020 }
2021
2022 if (ieee80211_tx_prepare(&tx, skb, local->mdev, control) == 0)
2023 break;
2024 dev_kfree_skb_any(skb);
2025 }
2026 sta = tx.sta;
2027 tx.u.tx.ps_buffered = 1;
2028
2029 for (handler = local->tx_handlers; *handler != NULL; handler++) {
2030 res = (*handler)(&tx);
2031 if (res == TXRX_DROP || res == TXRX_QUEUED)
2032 break;
2033 }
2034 dev_put(tx.dev);
2035 skb = tx.skb; /* handlers are allowed to change skb */
2036
2037 if (res == TXRX_DROP) {
2038 I802_DEBUG_INC(local->tx_handlers_drop);
2039 dev_kfree_skb(skb);
2040 skb = NULL;
2041 } else if (res == TXRX_QUEUED) {
2042 I802_DEBUG_INC(local->tx_handlers_queued);
2043 skb = NULL;
2044 }
2045
2046 if (sta)
2047 sta_info_put(sta);
2048
2049 return skb;
2050}
2051EXPORT_SYMBOL(ieee80211_get_buffered_bc);
2052
2053static int __ieee80211_if_config(struct net_device *dev,
2054 struct sk_buff *beacon,
2055 struct ieee80211_tx_control *control)
2056{
2057 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2058 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2059 struct ieee80211_if_conf conf;
2060 static u8 scan_bssid[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2061
2062 if (!local->ops->config_interface || !netif_running(dev))
2063 return 0;
2064
2065 memset(&conf, 0, sizeof(conf));
2066 conf.type = sdata->type;
2067 if (sdata->type == IEEE80211_IF_TYPE_STA ||
2068 sdata->type == IEEE80211_IF_TYPE_IBSS) {
2069 if (local->sta_scanning &&
2070 local->scan_dev == dev)
2071 conf.bssid = scan_bssid;
2072 else
2073 conf.bssid = sdata->u.sta.bssid;
2074 conf.ssid = sdata->u.sta.ssid;
2075 conf.ssid_len = sdata->u.sta.ssid_len;
2076 conf.generic_elem = sdata->u.sta.extra_ie;
2077 conf.generic_elem_len = sdata->u.sta.extra_ie_len;
2078 } else if (sdata->type == IEEE80211_IF_TYPE_AP) {
2079 conf.ssid = sdata->u.ap.ssid;
2080 conf.ssid_len = sdata->u.ap.ssid_len;
2081 conf.generic_elem = sdata->u.ap.generic_elem;
2082 conf.generic_elem_len = sdata->u.ap.generic_elem_len;
2083 conf.beacon = beacon;
2084 conf.beacon_control = control;
2085 }
2086 return local->ops->config_interface(local_to_hw(local),
2087 dev->ifindex, &conf);
2088}
2089
2090int ieee80211_if_config(struct net_device *dev)
2091{
2092 return __ieee80211_if_config(dev, NULL, NULL);
2093}
2094
2095int ieee80211_if_config_beacon(struct net_device *dev)
2096{
2097 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2098 struct ieee80211_tx_control control;
2099 struct sk_buff *skb;
2100
2101 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
2102 return 0;
2103 skb = ieee80211_beacon_get(local_to_hw(local), dev->ifindex, &control);
2104 if (!skb)
2105 return -ENOMEM;
2106 return __ieee80211_if_config(dev, skb, &control);
2107}
2108
2109int ieee80211_hw_config(struct ieee80211_local *local)
2110{
2111 struct ieee80211_hw_mode *mode;
2112 struct ieee80211_channel *chan;
2113 int ret = 0;
2114
2115 if (local->sta_scanning) {
2116 chan = local->scan_channel;
2117 mode = local->scan_hw_mode;
2118 } else {
2119 chan = local->oper_channel;
2120 mode = local->oper_hw_mode;
2121 }
2122
2123 local->hw.conf.channel = chan->chan;
2124 local->hw.conf.channel_val = chan->val;
2125 local->hw.conf.power_level = chan->power_level;
2126 local->hw.conf.freq = chan->freq;
2127 local->hw.conf.phymode = mode->mode;
2128 local->hw.conf.antenna_max = chan->antenna_max;
2129 local->hw.conf.chan = chan;
2130 local->hw.conf.mode = mode;
2131
2132#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2133 printk(KERN_DEBUG "HW CONFIG: channel=%d freq=%d "
2134 "phymode=%d\n", local->hw.conf.channel, local->hw.conf.freq,
2135 local->hw.conf.phymode);
2136#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2137
2138 if (local->ops->config)
2139 ret = local->ops->config(local_to_hw(local), &local->hw.conf);
2140
2141 return ret;
2142}
2143
2144
2145static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
2146{
2147 /* FIX: what would be proper limits for MTU?
2148 * This interface uses 802.3 frames. */
2149 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6) {
2150 printk(KERN_WARNING "%s: invalid MTU %d\n",
2151 dev->name, new_mtu);
2152 return -EINVAL;
2153 }
2154
2155#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2156 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2157#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2158 dev->mtu = new_mtu;
2159 return 0;
2160}
2161
2162
2163static int ieee80211_change_mtu_apdev(struct net_device *dev, int new_mtu)
2164{
2165 /* FIX: what would be proper limits for MTU?
2166 * This interface uses 802.11 frames. */
2167 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN) {
2168 printk(KERN_WARNING "%s: invalid MTU %d\n",
2169 dev->name, new_mtu);
2170 return -EINVAL;
2171 }
2172
2173#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2174 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2175#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2176 dev->mtu = new_mtu;
2177 return 0;
2178}
2179
2180enum netif_tx_lock_class {
2181 TX_LOCK_NORMAL,
2182 TX_LOCK_MASTER,
2183};
2184
2185static inline void netif_tx_lock_nested(struct net_device *dev, int subclass)
2186{
2187 spin_lock_nested(&dev->_xmit_lock, subclass);
2188 dev->xmit_lock_owner = smp_processor_id();
2189}
2190
2191static void ieee80211_set_multicast_list(struct net_device *dev)
2192{
2193 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2194 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2195 unsigned short flags;
2196
2197 netif_tx_lock_nested(local->mdev, TX_LOCK_MASTER);
2198 if (((dev->flags & IFF_ALLMULTI) != 0) ^ (sdata->allmulti != 0)) {
2199 if (sdata->allmulti) {
2200 sdata->allmulti = 0;
2201 local->iff_allmultis--;
2202 } else {
2203 sdata->allmulti = 1;
2204 local->iff_allmultis++;
2205 }
2206 }
2207 if (((dev->flags & IFF_PROMISC) != 0) ^ (sdata->promisc != 0)) {
2208 if (sdata->promisc) {
2209 sdata->promisc = 0;
2210 local->iff_promiscs--;
2211 } else {
2212 sdata->promisc = 1;
2213 local->iff_promiscs++;
2214 }
2215 }
2216 if (dev->mc_count != sdata->mc_count) {
2217 local->mc_count = local->mc_count - sdata->mc_count +
2218 dev->mc_count;
2219 sdata->mc_count = dev->mc_count;
2220 }
2221 if (local->ops->set_multicast_list) {
2222 flags = local->mdev->flags;
2223 if (local->iff_allmultis)
2224 flags |= IFF_ALLMULTI;
2225 if (local->iff_promiscs)
2226 flags |= IFF_PROMISC;
2227 read_lock(&local->sub_if_lock);
2228 local->ops->set_multicast_list(local_to_hw(local), flags,
2229 local->mc_count);
2230 read_unlock(&local->sub_if_lock);
2231 }
2232 netif_tx_unlock(local->mdev);
2233}
2234
2235struct dev_mc_list *ieee80211_get_mc_list_item(struct ieee80211_hw *hw,
2236 struct dev_mc_list *prev,
2237 void **ptr)
2238{
2239 struct ieee80211_local *local = hw_to_local(hw);
2240 struct ieee80211_sub_if_data *sdata = *ptr;
2241 struct dev_mc_list *mc;
2242
2243 if (!prev) {
2244 WARN_ON(sdata);
2245 sdata = NULL;
2246 }
2247 if (!prev || !prev->next) {
2248 if (sdata)
2249 sdata = list_entry(sdata->list.next,
2250 struct ieee80211_sub_if_data, list);
2251 else
2252 sdata = list_entry(local->sub_if_list.next,
2253 struct ieee80211_sub_if_data, list);
2254 if (&sdata->list != &local->sub_if_list)
2255 mc = sdata->dev->mc_list;
2256 else
2257 mc = NULL;
2258 } else
2259 mc = prev->next;
2260
2261 *ptr = sdata;
2262 return mc;
2263}
2264EXPORT_SYMBOL(ieee80211_get_mc_list_item);
2265
2266static struct net_device_stats *ieee80211_get_stats(struct net_device *dev)
2267{
2268 struct ieee80211_sub_if_data *sdata;
2269 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2270 return &(sdata->stats);
2271}
2272
2273static void ieee80211_if_shutdown(struct net_device *dev)
2274{
2275 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2276 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2277
2278 ASSERT_RTNL();
2279 switch (sdata->type) {
2280 case IEEE80211_IF_TYPE_STA:
2281 case IEEE80211_IF_TYPE_IBSS:
2282 sdata->u.sta.state = IEEE80211_DISABLED;
2283 del_timer_sync(&sdata->u.sta.timer);
2284 skb_queue_purge(&sdata->u.sta.skb_queue);
2285 if (!local->ops->hw_scan &&
2286 local->scan_dev == sdata->dev) {
2287 local->sta_scanning = 0;
2288 cancel_delayed_work(&local->scan_work);
2289 }
2290 flush_workqueue(local->hw.workqueue);
2291 break;
2292 }
2293}
2294
2295static inline int identical_mac_addr_allowed(int type1, int type2)
2296{
2297 return (type1 == IEEE80211_IF_TYPE_MNTR ||
2298 type2 == IEEE80211_IF_TYPE_MNTR ||
2299 (type1 == IEEE80211_IF_TYPE_AP &&
2300 type2 == IEEE80211_IF_TYPE_WDS) ||
2301 (type1 == IEEE80211_IF_TYPE_WDS &&
2302 (type2 == IEEE80211_IF_TYPE_WDS ||
2303 type2 == IEEE80211_IF_TYPE_AP)) ||
2304 (type1 == IEEE80211_IF_TYPE_AP &&
2305 type2 == IEEE80211_IF_TYPE_VLAN) ||
2306 (type1 == IEEE80211_IF_TYPE_VLAN &&
2307 (type2 == IEEE80211_IF_TYPE_AP ||
2308 type2 == IEEE80211_IF_TYPE_VLAN)));
2309}
2310
2311static int ieee80211_master_open(struct net_device *dev)
2312{
2313 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2314 struct ieee80211_sub_if_data *sdata;
2315 int res = -EOPNOTSUPP;
2316
2317 read_lock(&local->sub_if_lock);
2318 list_for_each_entry(sdata, &local->sub_if_list, list) {
2319 if (sdata->dev != dev && netif_running(sdata->dev)) {
2320 res = 0;
2321 break;
2322 }
2323 }
2324 read_unlock(&local->sub_if_lock);
2325 return res;
2326}
2327
2328static int ieee80211_master_stop(struct net_device *dev)
2329{
2330 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2331 struct ieee80211_sub_if_data *sdata;
2332
2333 read_lock(&local->sub_if_lock);
2334 list_for_each_entry(sdata, &local->sub_if_list, list)
2335 if (sdata->dev != dev && netif_running(sdata->dev))
2336 dev_close(sdata->dev);
2337 read_unlock(&local->sub_if_lock);
2338
2339 return 0;
2340}
2341
2342static int ieee80211_mgmt_open(struct net_device *dev)
2343{
2344 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2345
2346 if (!netif_running(local->mdev))
2347 return -EOPNOTSUPP;
2348 return 0;
2349}
2350
2351static int ieee80211_mgmt_stop(struct net_device *dev)
2352{
2353 return 0;
2354}
2355
2356/* Check if running monitor interfaces should go to a "soft monitor" mode
2357 * and switch them if necessary. */
2358static inline void ieee80211_start_soft_monitor(struct ieee80211_local *local)
2359{
2360 struct ieee80211_if_init_conf conf;
2361
2362 if (local->open_count && local->open_count == local->monitors &&
2363 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2364 local->ops->remove_interface) {
2365 conf.if_id = -1;
2366 conf.type = IEEE80211_IF_TYPE_MNTR;
2367 conf.mac_addr = NULL;
2368 local->ops->remove_interface(local_to_hw(local), &conf);
2369 }
2370}
2371
2372/* Check if running monitor interfaces should go to a "hard monitor" mode
2373 * and switch them if necessary. */
2374static void ieee80211_start_hard_monitor(struct ieee80211_local *local)
2375{
2376 struct ieee80211_if_init_conf conf;
2377
2378 if (local->open_count && local->open_count == local->monitors &&
2379 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2380 local->ops->add_interface) {
2381 conf.if_id = -1;
2382 conf.type = IEEE80211_IF_TYPE_MNTR;
2383 conf.mac_addr = NULL;
2384 local->ops->add_interface(local_to_hw(local), &conf);
2385 }
2386}
2387
2388static int ieee80211_open(struct net_device *dev)
2389{
2390 struct ieee80211_sub_if_data *sdata, *nsdata;
2391 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2392 struct ieee80211_if_init_conf conf;
2393 int res;
2394
2395 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2396 read_lock(&local->sub_if_lock);
2397 list_for_each_entry(nsdata, &local->sub_if_list, list) {
2398 struct net_device *ndev = nsdata->dev;
2399
2400 if (ndev != dev && ndev != local->mdev && netif_running(ndev) &&
2401 compare_ether_addr(dev->dev_addr, ndev->dev_addr) == 0 &&
2402 !identical_mac_addr_allowed(sdata->type, nsdata->type)) {
2403 read_unlock(&local->sub_if_lock);
2404 return -ENOTUNIQ;
2405 }
2406 }
2407 read_unlock(&local->sub_if_lock);
2408
2409 if (sdata->type == IEEE80211_IF_TYPE_WDS &&
2410 is_zero_ether_addr(sdata->u.wds.remote_addr))
2411 return -ENOLINK;
2412
2413 if (sdata->type == IEEE80211_IF_TYPE_MNTR && local->open_count &&
2414 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2415 /* run the interface in a "soft monitor" mode */
2416 local->monitors++;
2417 local->open_count++;
2418 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2419 return 0;
2420 }
2421 ieee80211_start_soft_monitor(local);
2422
2423 if (local->ops->add_interface) {
2424 conf.if_id = dev->ifindex;
2425 conf.type = sdata->type;
2426 conf.mac_addr = dev->dev_addr;
2427 res = local->ops->add_interface(local_to_hw(local), &conf);
2428 if (res) {
2429 if (sdata->type == IEEE80211_IF_TYPE_MNTR)
2430 ieee80211_start_hard_monitor(local);
2431 return res;
2432 }
2433 } else {
2434 if (sdata->type != IEEE80211_IF_TYPE_STA)
2435 return -EOPNOTSUPP;
2436 if (local->open_count > 0)
2437 return -ENOBUFS;
2438 }
2439
2440 if (local->open_count == 0) {
2441 res = 0;
2442 tasklet_enable(&local->tx_pending_tasklet);
2443 tasklet_enable(&local->tasklet);
2444 if (local->ops->open)
2445 res = local->ops->open(local_to_hw(local));
2446 if (res == 0) {
2447 res = dev_open(local->mdev);
2448 if (res) {
2449 if (local->ops->stop)
2450 local->ops->stop(local_to_hw(local));
2451 } else {
2452 res = ieee80211_hw_config(local);
2453 if (res && local->ops->stop)
2454 local->ops->stop(local_to_hw(local));
2455 else if (!res && local->apdev)
2456 dev_open(local->apdev);
2457 }
2458 }
2459 if (res) {
2460 if (local->ops->remove_interface)
2461 local->ops->remove_interface(local_to_hw(local),
2462 &conf);
2463 return res;
2464 }
2465 }
2466 local->open_count++;
2467
2468 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2469 local->monitors++;
2470 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2471 } else
2472 ieee80211_if_config(dev);
2473
2474 if (sdata->type == IEEE80211_IF_TYPE_STA &&
2475 !local->user_space_mlme)
2476 netif_carrier_off(dev);
2477
2478 netif_start_queue(dev);
2479 return 0;
2480}
2481
2482
2483static int ieee80211_stop(struct net_device *dev)
2484{
2485 struct ieee80211_sub_if_data *sdata;
2486 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2487
2488 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2489
2490 if (sdata->type == IEEE80211_IF_TYPE_MNTR &&
2491 local->open_count > 1 &&
2492 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2493 /* remove "soft monitor" interface */
2494 local->open_count--;
2495 local->monitors--;
2496 if (!local->monitors)
2497 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2498 return 0;
2499 }
2500
2501 netif_stop_queue(dev);
2502 ieee80211_if_shutdown(dev);
2503
2504 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2505 local->monitors--;
2506 if (!local->monitors)
2507 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2508 }
2509
2510 local->open_count--;
2511 if (local->open_count == 0) {
2512 if (netif_running(local->mdev))
2513 dev_close(local->mdev);
2514 if (local->apdev)
2515 dev_close(local->apdev);
2516 if (local->ops->stop)
2517 local->ops->stop(local_to_hw(local));
2518 tasklet_disable(&local->tx_pending_tasklet);
2519 tasklet_disable(&local->tasklet);
2520 }
2521 if (local->ops->remove_interface) {
2522 struct ieee80211_if_init_conf conf;
2523
2524 conf.if_id = dev->ifindex;
2525 conf.type = sdata->type;
2526 conf.mac_addr = dev->dev_addr;
2527 local->ops->remove_interface(local_to_hw(local), &conf);
2528 }
2529
2530 ieee80211_start_hard_monitor(local);
2531
2532 return 0;
2533}
2534
2535
2536static int header_parse_80211(struct sk_buff *skb, unsigned char *haddr)
2537{
2538 memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
2539 return ETH_ALEN;
2540}
2541
2542static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
2543{
2544 return compare_ether_addr(raddr, addr) == 0 ||
2545 is_broadcast_ether_addr(raddr);
2546}
2547
2548
2549static ieee80211_txrx_result
2550ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
2551{
2552 struct net_device *dev = rx->dev;
2553 struct ieee80211_local *local = rx->local;
2554 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
2555 u16 fc, hdrlen, ethertype;
2556 u8 *payload;
2557 u8 dst[ETH_ALEN];
2558 u8 src[ETH_ALEN];
2559 struct sk_buff *skb = rx->skb, *skb2;
2560 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2561
2562 fc = rx->fc;
2563 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
2564 return TXRX_CONTINUE;
2565
2566 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
2567 return TXRX_DROP;
2568
2569 hdrlen = ieee80211_get_hdrlen(fc);
2570
2571 /* convert IEEE 802.11 header + possible LLC headers into Ethernet
2572 * header
2573 * IEEE 802.11 address fields:
2574 * ToDS FromDS Addr1 Addr2 Addr3 Addr4
2575 * 0 0 DA SA BSSID n/a
2576 * 0 1 DA BSSID SA n/a
2577 * 1 0 BSSID SA DA n/a
2578 * 1 1 RA TA DA SA
2579 */
2580
2581 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
2582 case IEEE80211_FCTL_TODS:
2583 /* BSSID SA DA */
2584 memcpy(dst, hdr->addr3, ETH_ALEN);
2585 memcpy(src, hdr->addr2, ETH_ALEN);
2586
2587 if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP &&
2588 sdata->type != IEEE80211_IF_TYPE_VLAN)) {
2589 printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID="
2590 MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n",
2591 dev->name, MAC_ARG(hdr->addr1),
2592 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3));
2593 return TXRX_DROP;
2594 }
2595 break;
2596 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
2597 /* RA TA DA SA */
2598 memcpy(dst, hdr->addr3, ETH_ALEN);
2599 memcpy(src, hdr->addr4, ETH_ALEN);
2600
2601 if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) {
2602 printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA="
2603 MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA="
2604 MAC_FMT ")\n",
2605 rx->dev->name, MAC_ARG(hdr->addr1),
2606 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3),
2607 MAC_ARG(hdr->addr4));
2608 return TXRX_DROP;
2609 }
2610 break;
2611 case IEEE80211_FCTL_FROMDS:
2612 /* DA BSSID SA */
2613 memcpy(dst, hdr->addr1, ETH_ALEN);
2614 memcpy(src, hdr->addr3, ETH_ALEN);
2615
2616 if (sdata->type != IEEE80211_IF_TYPE_STA) {
2617 return TXRX_DROP;
2618 }
2619 break;
2620 case 0:
2621 /* DA SA BSSID */
2622 memcpy(dst, hdr->addr1, ETH_ALEN);
2623 memcpy(src, hdr->addr2, ETH_ALEN);
2624
2625 if (sdata->type != IEEE80211_IF_TYPE_IBSS) {
2626 if (net_ratelimit()) {
2627 printk(KERN_DEBUG "%s: dropped IBSS frame (DA="
2628 MAC_FMT " SA=" MAC_FMT " BSSID=" MAC_FMT
2629 ")\n",
2630 dev->name, MAC_ARG(hdr->addr1),
2631 MAC_ARG(hdr->addr2),
2632 MAC_ARG(hdr->addr3));
2633 }
2634 return TXRX_DROP;
2635 }
2636 break;
2637 }
2638
2639 payload = skb->data + hdrlen;
2640
2641 if (unlikely(skb->len - hdrlen < 8)) {
2642 if (net_ratelimit()) {
2643 printk(KERN_DEBUG "%s: RX too short data frame "
2644 "payload\n", dev->name);
2645 }
2646 return TXRX_DROP;
2647 }
2648
2649 ethertype = (payload[6] << 8) | payload[7];
2650
2651 if (likely((compare_ether_addr(payload, rfc1042_header) == 0 &&
2652 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
2653 compare_ether_addr(payload, bridge_tunnel_header) == 0)) {
2654 /* remove RFC1042 or Bridge-Tunnel encapsulation and
2655 * replace EtherType */
2656 skb_pull(skb, hdrlen + 6);
2657 memcpy(skb_push(skb, ETH_ALEN), src, ETH_ALEN);
2658 memcpy(skb_push(skb, ETH_ALEN), dst, ETH_ALEN);
2659 } else {
2660 struct ethhdr *ehdr;
2661 __be16 len;
2662 skb_pull(skb, hdrlen);
2663 len = htons(skb->len);
2664 ehdr = (struct ethhdr *) skb_push(skb, sizeof(struct ethhdr));
2665 memcpy(ehdr->h_dest, dst, ETH_ALEN);
2666 memcpy(ehdr->h_source, src, ETH_ALEN);
2667 ehdr->h_proto = len;
2668 }
2669 skb->dev = dev;
2670
2671 skb2 = NULL;
2672
2673 sdata->stats.rx_packets++;
2674 sdata->stats.rx_bytes += skb->len;
2675
2676 if (local->bridge_packets && (sdata->type == IEEE80211_IF_TYPE_AP
2677 || sdata->type == IEEE80211_IF_TYPE_VLAN) && rx->u.rx.ra_match) {
2678 if (is_multicast_ether_addr(skb->data)) {
2679 /* send multicast frames both to higher layers in
2680 * local net stack and back to the wireless media */
2681 skb2 = skb_copy(skb, GFP_ATOMIC);
2682 if (!skb2)
2683 printk(KERN_DEBUG "%s: failed to clone "
2684 "multicast frame\n", dev->name);
2685 } else {
2686 struct sta_info *dsta;
2687 dsta = sta_info_get(local, skb->data);
2688 if (dsta && !dsta->dev) {
2689 printk(KERN_DEBUG "Station with null dev "
2690 "structure!\n");
2691 } else if (dsta && dsta->dev == dev) {
2692 /* Destination station is associated to this
2693 * AP, so send the frame directly to it and
2694 * do not pass the frame to local net stack.
2695 */
2696 skb2 = skb;
2697 skb = NULL;
2698 }
2699 if (dsta)
2700 sta_info_put(dsta);
2701 }
2702 }
2703
2704 if (skb) {
2705 /* deliver to local stack */
2706 skb->protocol = eth_type_trans(skb, dev);
2707 memset(skb->cb, 0, sizeof(skb->cb));
2708 netif_rx(skb);
2709 }
2710
2711 if (skb2) {
2712 /* send to wireless media */
2713 skb2->protocol = __constant_htons(ETH_P_802_3);
2714 skb_set_network_header(skb2, 0);
2715 skb_set_mac_header(skb2, 0);
2716 dev_queue_xmit(skb2);
2717 }
2718
2719 return TXRX_QUEUED;
2720}
2721
2722
2723static struct ieee80211_rate *
2724ieee80211_get_rate(struct ieee80211_local *local, int phymode, int hw_rate)
2725{
2726 struct ieee80211_hw_mode *mode;
2727 int r;
2728
2729 list_for_each_entry(mode, &local->modes_list, list) {
2730 if (mode->mode != phymode)
2731 continue;
2732 for (r = 0; r < mode->num_rates; r++) {
2733 struct ieee80211_rate *rate = &mode->rates[r];
2734 if (rate->val == hw_rate ||
2735 (rate->flags & IEEE80211_RATE_PREAMBLE2 &&
2736 rate->val2 == hw_rate))
2737 return rate;
2738 }
2739 }
2740
2741 return NULL;
2742}
2743
2744static void
2745ieee80211_fill_frame_info(struct ieee80211_local *local,
2746 struct ieee80211_frame_info *fi,
2747 struct ieee80211_rx_status *status)
2748{
2749 if (status) {
2750 struct timespec ts;
2751 struct ieee80211_rate *rate;
2752
2753 jiffies_to_timespec(jiffies, &ts);
2754 fi->hosttime = cpu_to_be64((u64) ts.tv_sec * 1000000 +
2755 ts.tv_nsec / 1000);
2756 fi->mactime = cpu_to_be64(status->mactime);
2757 switch (status->phymode) {
2758 case MODE_IEEE80211A:
2759 fi->phytype = htonl(ieee80211_phytype_ofdm_dot11_a);
2760 break;
2761 case MODE_IEEE80211B:
2762 fi->phytype = htonl(ieee80211_phytype_dsss_dot11_b);
2763 break;
2764 case MODE_IEEE80211G:
2765 fi->phytype = htonl(ieee80211_phytype_pbcc_dot11_g);
2766 break;
2767 case MODE_ATHEROS_TURBO:
2768 fi->phytype =
2769 htonl(ieee80211_phytype_dsss_dot11_turbo);
2770 break;
2771 default:
2772 fi->phytype = htonl(0xAAAAAAAA);
2773 break;
2774 }
2775 fi->channel = htonl(status->channel);
2776 rate = ieee80211_get_rate(local, status->phymode,
2777 status->rate);
2778 if (rate) {
2779 fi->datarate = htonl(rate->rate);
2780 if (rate->flags & IEEE80211_RATE_PREAMBLE2) {
2781 if (status->rate == rate->val)
2782 fi->preamble = htonl(2); /* long */
2783 else if (status->rate == rate->val2)
2784 fi->preamble = htonl(1); /* short */
2785 } else
2786 fi->preamble = htonl(0);
2787 } else {
2788 fi->datarate = htonl(0);
2789 fi->preamble = htonl(0);
2790 }
2791
2792 fi->antenna = htonl(status->antenna);
2793 fi->priority = htonl(0xffffffff); /* no clue */
2794 fi->ssi_type = htonl(ieee80211_ssi_raw);
2795 fi->ssi_signal = htonl(status->ssi);
2796 fi->ssi_noise = 0x00000000;
2797 fi->encoding = 0;
2798 } else {
2799 /* clear everything because we really don't know.
2800 * the msg_type field isn't present on monitor frames
2801 * so we don't know whether it will be present or not,
2802 * but it's ok to not clear it since it'll be assigned
2803 * anyway */
2804 memset(fi, 0, sizeof(*fi) - sizeof(fi->msg_type));
2805
2806 fi->ssi_type = htonl(ieee80211_ssi_none);
2807 }
2808 fi->version = htonl(IEEE80211_FI_VERSION);
2809 fi->length = cpu_to_be32(sizeof(*fi) - sizeof(fi->msg_type));
2810}
2811
2812/* this routine is actually not just for this, but also
2813 * for pushing fake 'management' frames into userspace.
2814 * it shall be replaced by a netlink-based system. */
2815void
2816ieee80211_rx_mgmt(struct ieee80211_local *local, struct sk_buff *skb,
2817 struct ieee80211_rx_status *status, u32 msg_type)
2818{
2819 struct ieee80211_frame_info *fi;
2820 const size_t hlen = sizeof(struct ieee80211_frame_info);
2821 struct ieee80211_sub_if_data *sdata;
2822
2823 skb->dev = local->apdev;
2824
2825 sdata = IEEE80211_DEV_TO_SUB_IF(local->apdev);
2826
2827 if (skb_headroom(skb) < hlen) {
2828 I802_DEBUG_INC(local->rx_expand_skb_head);
2829 if (pskb_expand_head(skb, hlen, 0, GFP_ATOMIC)) {
2830 dev_kfree_skb(skb);
2831 return;
2832 }
2833 }
2834
2835 fi = (struct ieee80211_frame_info *) skb_push(skb, hlen);
2836
2837 ieee80211_fill_frame_info(local, fi, status);
2838 fi->msg_type = htonl(msg_type);
2839
2840 sdata->stats.rx_packets++;
2841 sdata->stats.rx_bytes += skb->len;
2842
2843 skb_set_mac_header(skb, 0);
2844 skb->ip_summed = CHECKSUM_UNNECESSARY;
2845 skb->pkt_type = PACKET_OTHERHOST;
2846 skb->protocol = htons(ETH_P_802_2);
2847 memset(skb->cb, 0, sizeof(skb->cb));
2848 netif_rx(skb);
2849}
2850
2851static void
2852ieee80211_rx_monitor(struct net_device *dev, struct sk_buff *skb,
2853 struct ieee80211_rx_status *status)
2854{
2855 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2856 struct ieee80211_sub_if_data *sdata;
2857 struct ieee80211_rate *rate;
2858 struct ieee80211_rtap_hdr {
2859 struct ieee80211_radiotap_header hdr;
2860 u8 flags;
2861 u8 rate;
2862 __le16 chan_freq;
2863 __le16 chan_flags;
2864 u8 antsignal;
2865 } __attribute__ ((packed)) *rthdr;
2866
2867 skb->dev = dev;
2868
2869 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2870
2871 if (status->flag & RX_FLAG_RADIOTAP)
2872 goto out;
2873
2874 if (skb_headroom(skb) < sizeof(*rthdr)) {
2875 I802_DEBUG_INC(local->rx_expand_skb_head);
2876 if (pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC)) {
2877 dev_kfree_skb(skb);
2878 return;
2879 }
2880 }
2881
2882 rthdr = (struct ieee80211_rtap_hdr *) skb_push(skb, sizeof(*rthdr));
2883 memset(rthdr, 0, sizeof(*rthdr));
2884 rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr));
2885 rthdr->hdr.it_present =
2886 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
2887 (1 << IEEE80211_RADIOTAP_RATE) |
2888 (1 << IEEE80211_RADIOTAP_CHANNEL) |
2889 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL));
2890 rthdr->flags = local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS ?
2891 IEEE80211_RADIOTAP_F_FCS : 0;
2892 rate = ieee80211_get_rate(local, status->phymode, status->rate);
2893 if (rate)
2894 rthdr->rate = rate->rate / 5;
2895 rthdr->chan_freq = cpu_to_le16(status->freq);
2896 rthdr->chan_flags =
2897 status->phymode == MODE_IEEE80211A ?
2898 cpu_to_le16(IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ) :
2899 cpu_to_le16(IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ);
2900 rthdr->antsignal = status->ssi;
2901
2902 out:
2903 sdata->stats.rx_packets++;
2904 sdata->stats.rx_bytes += skb->len;
2905
2906 skb_set_mac_header(skb, 0);
2907 skb->ip_summed = CHECKSUM_UNNECESSARY;
2908 skb->pkt_type = PACKET_OTHERHOST;
2909 skb->protocol = htons(ETH_P_802_2);
2910 memset(skb->cb, 0, sizeof(skb->cb));
2911 netif_rx(skb);
2912}
2913
2914int ieee80211_radar_status(struct ieee80211_hw *hw, int channel,
2915 int radar, int radar_type)
2916{
2917 struct sk_buff *skb;
2918 struct ieee80211_radar_info *msg;
2919 struct ieee80211_local *local = hw_to_local(hw);
2920
2921 if (!local->apdev)
2922 return 0;
2923
2924 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
2925 sizeof(struct ieee80211_radar_info));
2926
2927 if (!skb)
2928 return -ENOMEM;
2929 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
2930
2931 msg = (struct ieee80211_radar_info *)
2932 skb_put(skb, sizeof(struct ieee80211_radar_info));
2933 msg->channel = channel;
2934 msg->radar = radar;
2935 msg->radar_type = radar_type;
2936
2937 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_radar);
2938 return 0;
2939}
2940EXPORT_SYMBOL(ieee80211_radar_status);
2941
2942int ieee80211_set_aid_for_sta(struct ieee80211_hw *hw, u8 *peer_address,
2943 u16 aid)
2944{
2945 struct sk_buff *skb;
2946 struct ieee80211_msg_set_aid_for_sta *msg;
2947 struct ieee80211_local *local = hw_to_local(hw);
2948
2949 /* unlikely because if this event only happens for APs,
2950 * which require an open ap device. */
2951 if (unlikely(!local->apdev))
2952 return 0;
2953
2954 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
2955 sizeof(struct ieee80211_msg_set_aid_for_sta));
2956
2957 if (!skb)
2958 return -ENOMEM;
2959 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
2960
2961 msg = (struct ieee80211_msg_set_aid_for_sta *)
2962 skb_put(skb, sizeof(struct ieee80211_msg_set_aid_for_sta));
2963 memcpy(msg->sta_address, peer_address, ETH_ALEN);
2964 msg->aid = aid;
2965
2966 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_set_aid_for_sta);
2967 return 0;
2968}
2969EXPORT_SYMBOL(ieee80211_set_aid_for_sta);
2970
2971static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
2972{
2973 struct ieee80211_sub_if_data *sdata;
2974 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
2975
2976 if (sdata->bss)
2977 atomic_inc(&sdata->bss->num_sta_ps);
2978 sta->flags |= WLAN_STA_PS;
2979 sta->pspoll = 0;
2980#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
2981 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d enters power "
2982 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
2983#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
2984}
2985
2986
2987static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
2988{
2989 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2990 struct sk_buff *skb;
2991 int sent = 0;
2992 struct ieee80211_sub_if_data *sdata;
2993 struct ieee80211_tx_packet_data *pkt_data;
2994
2995 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
2996 if (sdata->bss)
2997 atomic_dec(&sdata->bss->num_sta_ps);
2998 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_TIM);
2999 sta->pspoll = 0;
3000 if (!skb_queue_empty(&sta->ps_tx_buf)) {
3001 if (local->ops->set_tim)
3002 local->ops->set_tim(local_to_hw(local), sta->aid, 0);
3003 if (sdata->bss)
3004 bss_tim_clear(local, sdata->bss, sta->aid);
3005 }
3006#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3007 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d exits power "
3008 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
3009#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3010 /* Send all buffered frames to the station */
3011 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
3012 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3013 sent++;
3014 pkt_data->requeue = 1;
3015 dev_queue_xmit(skb);
3016 }
3017 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
3018 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3019 local->total_ps_buffered--;
3020 sent++;
3021#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3022 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d send PS frame "
3023 "since STA not sleeping anymore\n", dev->name,
3024 MAC_ARG(sta->addr), sta->aid);
3025#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3026 pkt_data->requeue = 1;
3027 dev_queue_xmit(skb);
3028 }
3029
3030 return sent;
3031}
3032
3033
3034static ieee80211_txrx_result
3035ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
3036{
3037 struct sk_buff *skb;
3038 int no_pending_pkts;
3039
3040 if (likely(!rx->sta ||
3041 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL ||
3042 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL ||
3043 !rx->u.rx.ra_match))
3044 return TXRX_CONTINUE;
3045
3046 skb = skb_dequeue(&rx->sta->tx_filtered);
3047 if (!skb) {
3048 skb = skb_dequeue(&rx->sta->ps_tx_buf);
3049 if (skb)
3050 rx->local->total_ps_buffered--;
3051 }
3052 no_pending_pkts = skb_queue_empty(&rx->sta->tx_filtered) &&
3053 skb_queue_empty(&rx->sta->ps_tx_buf);
3054
3055 if (skb) {
3056 struct ieee80211_hdr *hdr =
3057 (struct ieee80211_hdr *) skb->data;
3058
3059 /* tell TX path to send one frame even though the STA may
3060 * still remain is PS mode after this frame exchange */
3061 rx->sta->pspoll = 1;
3062
3063#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3064 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS Poll (entries "
3065 "after %d)\n",
3066 MAC_ARG(rx->sta->addr), rx->sta->aid,
3067 skb_queue_len(&rx->sta->ps_tx_buf));
3068#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3069
3070 /* Use MoreData flag to indicate whether there are more
3071 * buffered frames for this STA */
3072 if (no_pending_pkts) {
3073 hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA);
3074 rx->sta->flags &= ~WLAN_STA_TIM;
3075 } else
3076 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA);
3077
3078 dev_queue_xmit(skb);
3079
3080 if (no_pending_pkts) {
3081 if (rx->local->ops->set_tim)
3082 rx->local->ops->set_tim(local_to_hw(rx->local),
3083 rx->sta->aid, 0);
3084 if (rx->sdata->bss)
3085 bss_tim_clear(rx->local, rx->sdata->bss, rx->sta->aid);
3086 }
3087#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3088 } else if (!rx->u.rx.sent_ps_buffered) {
3089 printk(KERN_DEBUG "%s: STA " MAC_FMT " sent PS Poll even "
3090 "though there is no buffered frames for it\n",
3091 rx->dev->name, MAC_ARG(rx->sta->addr));
3092#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3093
3094 }
3095
3096 /* Free PS Poll skb here instead of returning TXRX_DROP that would
3097 * count as an dropped frame. */
3098 dev_kfree_skb(rx->skb);
3099
3100 return TXRX_QUEUED;
3101}
3102
3103
3104static inline struct ieee80211_fragment_entry *
3105ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
3106 unsigned int frag, unsigned int seq, int rx_queue,
3107 struct sk_buff **skb)
3108{
3109 struct ieee80211_fragment_entry *entry;
3110 int idx;
3111
3112 idx = sdata->fragment_next;
3113 entry = &sdata->fragments[sdata->fragment_next++];
3114 if (sdata->fragment_next >= IEEE80211_FRAGMENT_MAX)
3115 sdata->fragment_next = 0;
3116
3117 if (!skb_queue_empty(&entry->skb_list)) {
3118#ifdef CONFIG_MAC80211_DEBUG
3119 struct ieee80211_hdr *hdr =
3120 (struct ieee80211_hdr *) entry->skb_list.next->data;
3121 printk(KERN_DEBUG "%s: RX reassembly removed oldest "
3122 "fragment entry (idx=%d age=%lu seq=%d last_frag=%d "
3123 "addr1=" MAC_FMT " addr2=" MAC_FMT "\n",
3124 sdata->dev->name, idx,
3125 jiffies - entry->first_frag_time, entry->seq,
3126 entry->last_frag, MAC_ARG(hdr->addr1),
3127 MAC_ARG(hdr->addr2));
3128#endif /* CONFIG_MAC80211_DEBUG */
3129 __skb_queue_purge(&entry->skb_list);
3130 }
3131
3132 __skb_queue_tail(&entry->skb_list, *skb); /* no need for locking */
3133 *skb = NULL;
3134 entry->first_frag_time = jiffies;
3135 entry->seq = seq;
3136 entry->rx_queue = rx_queue;
3137 entry->last_frag = frag;
3138 entry->ccmp = 0;
3139 entry->extra_len = 0;
3140
3141 return entry;
3142}
3143
3144
3145static inline struct ieee80211_fragment_entry *
3146ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
3147 u16 fc, unsigned int frag, unsigned int seq,
3148 int rx_queue, struct ieee80211_hdr *hdr)
3149{
3150 struct ieee80211_fragment_entry *entry;
3151 int i, idx;
3152
3153 idx = sdata->fragment_next;
3154 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) {
3155 struct ieee80211_hdr *f_hdr;
3156 u16 f_fc;
3157
3158 idx--;
3159 if (idx < 0)
3160 idx = IEEE80211_FRAGMENT_MAX - 1;
3161
3162 entry = &sdata->fragments[idx];
3163 if (skb_queue_empty(&entry->skb_list) || entry->seq != seq ||
3164 entry->rx_queue != rx_queue ||
3165 entry->last_frag + 1 != frag)
3166 continue;
3167
3168 f_hdr = (struct ieee80211_hdr *) entry->skb_list.next->data;
3169 f_fc = le16_to_cpu(f_hdr->frame_control);
3170
3171 if ((fc & IEEE80211_FCTL_FTYPE) != (f_fc & IEEE80211_FCTL_FTYPE) ||
3172 compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 ||
3173 compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0)
3174 continue;
3175
3176 if (entry->first_frag_time + 2 * HZ < jiffies) {
3177 __skb_queue_purge(&entry->skb_list);
3178 continue;
3179 }
3180 return entry;
3181 }
3182
3183 return NULL;
3184}
3185
3186
3187static ieee80211_txrx_result
3188ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
3189{
3190 struct ieee80211_hdr *hdr;
3191 u16 sc;
3192 unsigned int frag, seq;
3193 struct ieee80211_fragment_entry *entry;
3194 struct sk_buff *skb;
3195
3196 hdr = (struct ieee80211_hdr *) rx->skb->data;
3197 sc = le16_to_cpu(hdr->seq_ctrl);
3198 frag = sc & IEEE80211_SCTL_FRAG;
3199
3200 if (likely((!(rx->fc & IEEE80211_FCTL_MOREFRAGS) && frag == 0) ||
3201 (rx->skb)->len < 24 ||
3202 is_multicast_ether_addr(hdr->addr1))) {
3203 /* not fragmented */
3204 goto out;
3205 }
3206 I802_DEBUG_INC(rx->local->rx_handlers_fragments);
3207
3208 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
3209
3210 if (frag == 0) {
3211 /* This is the first fragment of a new frame. */
3212 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
3213 rx->u.rx.queue, &(rx->skb));
3214 if (rx->key && rx->key->alg == ALG_CCMP &&
3215 (rx->fc & IEEE80211_FCTL_PROTECTED)) {
3216 /* Store CCMP PN so that we can verify that the next
3217 * fragment has a sequential PN value. */
3218 entry->ccmp = 1;
3219 memcpy(entry->last_pn,
3220 rx->key->u.ccmp.rx_pn[rx->u.rx.queue],
3221 CCMP_PN_LEN);
3222 }
3223 return TXRX_QUEUED;
3224 }
3225
3226 /* This is a fragment for a frame that should already be pending in
3227 * fragment cache. Add this fragment to the end of the pending entry.
3228 */
3229 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq,
3230 rx->u.rx.queue, hdr);
3231 if (!entry) {
3232 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3233 return TXRX_DROP;
3234 }
3235
3236 /* Verify that MPDUs within one MSDU have sequential PN values.
3237 * (IEEE 802.11i, 8.3.3.4.5) */
3238 if (entry->ccmp) {
3239 int i;
3240 u8 pn[CCMP_PN_LEN], *rpn;
3241 if (!rx->key || rx->key->alg != ALG_CCMP)
3242 return TXRX_DROP;
3243 memcpy(pn, entry->last_pn, CCMP_PN_LEN);
3244 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
3245 pn[i]++;
3246 if (pn[i])
3247 break;
3248 }
3249 rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue];
3250 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
3251 printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential"
3252 " A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x "
3253 "(expected %02x%02x%02x%02x%02x%02x)\n",
3254 rx->dev->name, MAC_ARG(hdr->addr2),
3255 rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5],
3256 pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]);
3257 return TXRX_DROP;
3258 }
3259 memcpy(entry->last_pn, pn, CCMP_PN_LEN);
3260 }
3261
3262 skb_pull(rx->skb, ieee80211_get_hdrlen(rx->fc));
3263 __skb_queue_tail(&entry->skb_list, rx->skb);
3264 entry->last_frag = frag;
3265 entry->extra_len += rx->skb->len;
3266 if (rx->fc & IEEE80211_FCTL_MOREFRAGS) {
3267 rx->skb = NULL;
3268 return TXRX_QUEUED;
3269 }
3270
3271 rx->skb = __skb_dequeue(&entry->skb_list);
3272 if (skb_tailroom(rx->skb) < entry->extra_len) {
3273 I802_DEBUG_INC(rx->local->rx_expand_skb_head2);
3274 if (unlikely(pskb_expand_head(rx->skb, 0, entry->extra_len,
3275 GFP_ATOMIC))) {
3276 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3277 __skb_queue_purge(&entry->skb_list);
3278 return TXRX_DROP;
3279 }
3280 }
3281 while ((skb = __skb_dequeue(&entry->skb_list)))
3282 memcpy(skb_put(rx->skb, skb->len), skb->data, skb->len);
3283
3284 /* Complete frame has been reassembled - process it now */
3285 rx->fragmented = 1;
3286
3287 out:
3288 if (rx->sta)
3289 rx->sta->rx_packets++;
3290 if (is_multicast_ether_addr(hdr->addr1))
3291 rx->local->dot11MulticastReceivedFrameCount++;
3292 else
3293 ieee80211_led_rx(rx->local);
3294 return TXRX_CONTINUE;
3295}
3296
3297
3298static ieee80211_txrx_result
3299ieee80211_rx_h_monitor(struct ieee80211_txrx_data *rx)
3300{
3301 if (rx->sdata->type == IEEE80211_IF_TYPE_MNTR) {
3302 ieee80211_rx_monitor(rx->dev, rx->skb, rx->u.rx.status);
3303 return TXRX_QUEUED;
3304 }
3305
3306 if (rx->u.rx.status->flag & RX_FLAG_RADIOTAP)
3307 skb_pull(rx->skb, ieee80211_get_radiotap_len(rx->skb));
3308
3309 return TXRX_CONTINUE;
3310}
3311
3312
3313static ieee80211_txrx_result
3314ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
3315{
3316 struct ieee80211_hdr *hdr;
3317 int always_sta_key;
3318 hdr = (struct ieee80211_hdr *) rx->skb->data;
3319
3320 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
3321 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
3322 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY &&
3323 rx->sta->last_seq_ctrl[rx->u.rx.queue] ==
3324 hdr->seq_ctrl)) {
3325 if (rx->u.rx.ra_match) {
3326 rx->local->dot11FrameDuplicateCount++;
3327 rx->sta->num_duplicates++;
3328 }
3329 return TXRX_DROP;
3330 } else
3331 rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl;
3332 }
3333
3334 if ((rx->local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) &&
3335 rx->skb->len > FCS_LEN)
3336 skb_trim(rx->skb, rx->skb->len - FCS_LEN);
3337
3338 if (unlikely(rx->skb->len < 16)) {
3339 I802_DEBUG_INC(rx->local->rx_handlers_drop_short);
3340 return TXRX_DROP;
3341 }
3342
3343 if (!rx->u.rx.ra_match)
3344 rx->skb->pkt_type = PACKET_OTHERHOST;
3345 else if (compare_ether_addr(rx->dev->dev_addr, hdr->addr1) == 0)
3346 rx->skb->pkt_type = PACKET_HOST;
3347 else if (is_multicast_ether_addr(hdr->addr1)) {
3348 if (is_broadcast_ether_addr(hdr->addr1))
3349 rx->skb->pkt_type = PACKET_BROADCAST;
3350 else
3351 rx->skb->pkt_type = PACKET_MULTICAST;
3352 } else
3353 rx->skb->pkt_type = PACKET_OTHERHOST;
3354
3355 /* Drop disallowed frame classes based on STA auth/assoc state;
3356 * IEEE 802.11, Chap 5.5.
3357 *
3358 * 80211.o does filtering only based on association state, i.e., it
3359 * drops Class 3 frames from not associated stations. hostapd sends
3360 * deauth/disassoc frames when needed. In addition, hostapd is
3361 * responsible for filtering on both auth and assoc states.
3362 */
3363 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA ||
3364 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
3365 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
3366 rx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
3367 (!rx->sta || !(rx->sta->flags & WLAN_STA_ASSOC)))) {
3368 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
3369 !(rx->fc & IEEE80211_FCTL_TODS) &&
3370 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
3371 || !rx->u.rx.ra_match) {
3372 /* Drop IBSS frames and frames for other hosts
3373 * silently. */
3374 return TXRX_DROP;
3375 }
3376
3377 if (!rx->local->apdev)
3378 return TXRX_DROP;
3379
3380 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3381 ieee80211_msg_sta_not_assoc);
3382 return TXRX_QUEUED;
3383 }
3384
3385 if (rx->sdata->type == IEEE80211_IF_TYPE_STA)
3386 always_sta_key = 0;
3387 else
3388 always_sta_key = 1;
3389
3390 if (rx->sta && rx->sta->key && always_sta_key) {
3391 rx->key = rx->sta->key;
3392 } else {
3393 if (rx->sta && rx->sta->key)
3394 rx->key = rx->sta->key;
3395 else
3396 rx->key = rx->sdata->default_key;
3397
3398 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3399 rx->fc & IEEE80211_FCTL_PROTECTED) {
3400 int keyidx = ieee80211_wep_get_keyidx(rx->skb);
3401
3402 if (keyidx >= 0 && keyidx < NUM_DEFAULT_KEYS &&
3403 (!rx->sta || !rx->sta->key || keyidx > 0))
3404 rx->key = rx->sdata->keys[keyidx];
3405
3406 if (!rx->key) {
3407 if (!rx->u.rx.ra_match)
3408 return TXRX_DROP;
3409 printk(KERN_DEBUG "%s: RX WEP frame with "
3410 "unknown keyidx %d (A1=" MAC_FMT " A2="
3411 MAC_FMT " A3=" MAC_FMT ")\n",
3412 rx->dev->name, keyidx,
3413 MAC_ARG(hdr->addr1),
3414 MAC_ARG(hdr->addr2),
3415 MAC_ARG(hdr->addr3));
3416 if (!rx->local->apdev)
3417 return TXRX_DROP;
3418 ieee80211_rx_mgmt(
3419 rx->local, rx->skb, rx->u.rx.status,
3420 ieee80211_msg_wep_frame_unknown_key);
3421 return TXRX_QUEUED;
3422 }
3423 }
3424 }
3425
3426 if (rx->fc & IEEE80211_FCTL_PROTECTED && rx->key && rx->u.rx.ra_match) {
3427 rx->key->tx_rx_count++;
3428 if (unlikely(rx->local->key_tx_rx_threshold &&
3429 rx->key->tx_rx_count >
3430 rx->local->key_tx_rx_threshold)) {
3431 ieee80211_key_threshold_notify(rx->dev, rx->key,
3432 rx->sta);
3433 }
3434 }
3435
3436 return TXRX_CONTINUE;
3437}
3438
3439
3440static ieee80211_txrx_result
3441ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
3442{
3443 struct sta_info *sta = rx->sta;
3444 struct net_device *dev = rx->dev;
3445 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
3446
3447 if (!sta)
3448 return TXRX_CONTINUE;
3449
3450 /* Update last_rx only for IBSS packets which are for the current
3451 * BSSID to avoid keeping the current IBSS network alive in cases where
3452 * other STAs are using different BSSID. */
3453 if (rx->sdata->type == IEEE80211_IF_TYPE_IBSS) {
3454 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len);
3455 if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0)
3456 sta->last_rx = jiffies;
3457 } else
3458 if (!is_multicast_ether_addr(hdr->addr1) ||
3459 rx->sdata->type == IEEE80211_IF_TYPE_STA) {
3460 /* Update last_rx only for unicast frames in order to prevent
3461 * the Probe Request frames (the only broadcast frames from a
3462 * STA in infrastructure mode) from keeping a connection alive.
3463 */
3464 sta->last_rx = jiffies;
3465 }
3466
3467 if (!rx->u.rx.ra_match)
3468 return TXRX_CONTINUE;
3469
3470 sta->rx_fragments++;
3471 sta->rx_bytes += rx->skb->len;
3472 sta->last_rssi = (sta->last_rssi * 15 +
3473 rx->u.rx.status->ssi) / 16;
3474 sta->last_signal = (sta->last_signal * 15 +
3475 rx->u.rx.status->signal) / 16;
3476 sta->last_noise = (sta->last_noise * 15 +
3477 rx->u.rx.status->noise) / 16;
3478
3479 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
3480 /* Change STA power saving mode only in the end of a frame
3481 * exchange sequence */
3482 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM))
3483 rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta);
3484 else if (!(sta->flags & WLAN_STA_PS) &&
3485 (rx->fc & IEEE80211_FCTL_PM))
3486 ap_sta_ps_start(dev, sta);
3487 }
3488
3489 /* Drop data::nullfunc frames silently, since they are used only to
3490 * control station power saving mode. */
3491 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3492 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_NULLFUNC) {
3493 I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc);
3494 /* Update counter and free packet here to avoid counting this
3495 * as a dropped packed. */
3496 sta->rx_packets++;
3497 dev_kfree_skb(rx->skb);
3498 return TXRX_QUEUED;
3499 }
3500
3501 return TXRX_CONTINUE;
3502} /* ieee80211_rx_h_sta_process */
3503
3504
3505static ieee80211_txrx_result
3506ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx)
3507{
3508 if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3509 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
3510 !rx->key || rx->key->alg != ALG_WEP || !rx->u.rx.ra_match)
3511 return TXRX_CONTINUE;
3512
3513 /* Check for weak IVs, if hwaccel did not remove IV from the frame */
3514 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) ||
3515 rx->key->force_sw_encrypt) {
3516 u8 *iv = ieee80211_wep_is_weak_iv(rx->skb, rx->key);
3517 if (iv) {
3518 rx->sta->wep_weak_iv_count++;
3519 }
3520 }
3521
3522 return TXRX_CONTINUE;
3523}
3524
3525
3526static ieee80211_txrx_result
3527ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
3528{
3529 /* If the device handles decryption totally, skip this test */
3530 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3531 return TXRX_CONTINUE;
3532
3533 if ((rx->key && rx->key->alg != ALG_WEP) ||
3534 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3535 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3536 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3537 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
3538 return TXRX_CONTINUE;
3539
3540 if (!rx->key) {
3541 printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
3542 rx->dev->name);
3543 return TXRX_DROP;
3544 }
3545
3546 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
3547 rx->key->force_sw_encrypt) {
3548 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
3549 printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
3550 "failed\n", rx->dev->name);
3551 return TXRX_DROP;
3552 }
3553 } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
3554 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
3555 /* remove ICV */
3556 skb_trim(rx->skb, rx->skb->len - 4);
3557 }
3558
3559 return TXRX_CONTINUE;
3560}
3561
3562
3563static ieee80211_txrx_result
3564ieee80211_rx_h_802_1x_pae(struct ieee80211_txrx_data *rx)
3565{
3566 if (rx->sdata->eapol && ieee80211_is_eapol(rx->skb) &&
3567 rx->sdata->type != IEEE80211_IF_TYPE_STA && rx->u.rx.ra_match) {
3568 /* Pass both encrypted and unencrypted EAPOL frames to user
3569 * space for processing. */
3570 if (!rx->local->apdev)
3571 return TXRX_DROP;
3572 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3573 ieee80211_msg_normal);
3574 return TXRX_QUEUED;
3575 }
3576
3577 if (unlikely(rx->sdata->ieee802_1x &&
3578 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3579 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3580 (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)) &&
3581 !ieee80211_is_eapol(rx->skb))) {
3582#ifdef CONFIG_MAC80211_DEBUG
3583 struct ieee80211_hdr *hdr =
3584 (struct ieee80211_hdr *) rx->skb->data;
3585 printk(KERN_DEBUG "%s: dropped frame from " MAC_FMT
3586 " (unauthorized port)\n", rx->dev->name,
3587 MAC_ARG(hdr->addr2));
3588#endif /* CONFIG_MAC80211_DEBUG */
3589 return TXRX_DROP;
3590 }
3591
3592 return TXRX_CONTINUE;
3593}
3594
3595
3596static ieee80211_txrx_result
3597ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
3598{
3599 /* If the device handles decryption totally, skip this test */
3600 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3601 return TXRX_CONTINUE;
3602
3603 /* Drop unencrypted frames if key is set. */
3604 if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
3605 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3606 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3607 (rx->key || rx->sdata->drop_unencrypted) &&
3608 (rx->sdata->eapol == 0 ||
3609 !ieee80211_is_eapol(rx->skb)))) {
3610 printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
3611 "encryption\n", rx->dev->name);
3612 return TXRX_DROP;
3613 }
3614 return TXRX_CONTINUE;
3615}
3616
3617
3618static ieee80211_txrx_result
3619ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx)
3620{
3621 struct ieee80211_sub_if_data *sdata;
3622
3623 if (!rx->u.rx.ra_match)
3624 return TXRX_DROP;
3625
3626 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
3627 if ((sdata->type == IEEE80211_IF_TYPE_STA ||
3628 sdata->type == IEEE80211_IF_TYPE_IBSS) &&
3629 !rx->local->user_space_mlme) {
3630 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status);
3631 } else {
3632 /* Management frames are sent to hostapd for processing */
3633 if (!rx->local->apdev)
3634 return TXRX_DROP;
3635 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3636 ieee80211_msg_normal);
3637 }
3638 return TXRX_QUEUED;
3639}
3640
3641
3642static ieee80211_txrx_result
3643ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx)
3644{
3645 struct ieee80211_local *local = rx->local;
3646 struct sk_buff *skb = rx->skb;
3647
3648 if (unlikely(local->sta_scanning != 0)) {
3649 ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status);
3650 return TXRX_QUEUED;
3651 }
3652
3653 if (unlikely(rx->u.rx.in_scan)) {
3654 /* scanning finished during invoking of handlers */
3655 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
3656 return TXRX_DROP;
3657 }
3658
3659 return TXRX_CONTINUE;
3660}
3661
3662
3663static void ieee80211_rx_michael_mic_report(struct net_device *dev,
3664 struct ieee80211_hdr *hdr,
3665 struct sta_info *sta,
3666 struct ieee80211_txrx_data *rx)
3667{
3668 int keyidx, hdrlen;
3669
3670 hdrlen = ieee80211_get_hdrlen_from_skb(rx->skb);
3671 if (rx->skb->len >= hdrlen + 4)
3672 keyidx = rx->skb->data[hdrlen + 3] >> 6;
3673 else
3674 keyidx = -1;
3675
3676 /* TODO: verify that this is not triggered by fragmented
3677 * frames (hw does not verify MIC for them). */
3678 printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC "
3679 "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n",
3680 dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx);
3681
3682 if (!sta) {
3683 /* Some hardware versions seem to generate incorrect
3684 * Michael MIC reports; ignore them to avoid triggering
3685 * countermeasures. */
3686 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3687 "error for unknown address " MAC_FMT "\n",
3688 dev->name, MAC_ARG(hdr->addr2));
3689 goto ignore;
3690 }
3691
3692 if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) {
3693 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3694 "error for a frame with no ISWEP flag (src "
3695 MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2));
3696 goto ignore;
3697 }
3698
3699 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3700 rx->sdata->type == IEEE80211_IF_TYPE_AP) {
3701 keyidx = ieee80211_wep_get_keyidx(rx->skb);
3702 /* AP with Pairwise keys support should never receive Michael
3703 * MIC errors for non-zero keyidx because these are reserved
3704 * for group keys and only the AP is sending real multicast
3705 * frames in BSS. */
3706 if (keyidx) {
3707 printk(KERN_DEBUG "%s: ignored Michael MIC error for "
3708 "a frame with non-zero keyidx (%d) (src " MAC_FMT
3709 ")\n", dev->name, keyidx, MAC_ARG(hdr->addr2));
3710 goto ignore;
3711 }
3712 }
3713
3714 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3715 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3716 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) {
3717 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3718 "error for a frame that cannot be encrypted "
3719 "(fc=0x%04x) (src " MAC_FMT ")\n",
3720 dev->name, rx->fc, MAC_ARG(hdr->addr2));
3721 goto ignore;
3722 }
3723
3724 do {
3725 union iwreq_data wrqu;
3726 char *buf = kmalloc(128, GFP_ATOMIC);
3727 if (!buf)
3728 break;
3729
3730 /* TODO: needed parameters: count, key type, TSC */
3731 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
3732 "keyid=%d %scast addr=" MAC_FMT ")",
3733 keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
3734 MAC_ARG(hdr->addr2));
3735 memset(&wrqu, 0, sizeof(wrqu));
3736 wrqu.data.length = strlen(buf);
3737 wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf);
3738 kfree(buf);
3739 } while (0);
3740
3741 /* TODO: consider verifying the MIC error report with software
3742 * implementation if we get too many spurious reports from the
3743 * hardware. */
3744 if (!rx->local->apdev)
3745 goto ignore;
3746 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3747 ieee80211_msg_michael_mic_failure);
3748 return;
3749
3750 ignore:
3751 dev_kfree_skb(rx->skb);
3752 rx->skb = NULL;
3753}
3754
3755static inline ieee80211_txrx_result __ieee80211_invoke_rx_handlers(
3756 struct ieee80211_local *local,
3757 ieee80211_rx_handler *handlers,
3758 struct ieee80211_txrx_data *rx,
3759 struct sta_info *sta)
3760{
3761 ieee80211_rx_handler *handler;
3762 ieee80211_txrx_result res = TXRX_DROP;
3763
3764 for (handler = handlers; *handler != NULL; handler++) {
3765 res = (*handler)(rx);
3766 if (res != TXRX_CONTINUE) {
3767 if (res == TXRX_DROP) {
3768 I802_DEBUG_INC(local->rx_handlers_drop);
3769 if (sta)
3770 sta->rx_dropped++;
3771 }
3772 if (res == TXRX_QUEUED)
3773 I802_DEBUG_INC(local->rx_handlers_queued);
3774 break;
3775 }
3776 }
3777
3778 if (res == TXRX_DROP) {
3779 dev_kfree_skb(rx->skb);
3780 }
3781 return res;
3782}
3783
3784static inline void ieee80211_invoke_rx_handlers(struct ieee80211_local *local,
3785 ieee80211_rx_handler *handlers,
3786 struct ieee80211_txrx_data *rx,
3787 struct sta_info *sta)
3788{
3789 if (__ieee80211_invoke_rx_handlers(local, handlers, rx, sta) ==
3790 TXRX_CONTINUE)
3791 dev_kfree_skb(rx->skb);
3792}
3793
3794/*
3795 * This is the receive path handler. It is called by a low level driver when an
3796 * 802.11 MPDU is received from the hardware.
3797 */
3798void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
3799 struct ieee80211_rx_status *status)
3800{
3801 struct ieee80211_local *local = hw_to_local(hw);
3802 struct ieee80211_sub_if_data *sdata;
3803 struct sta_info *sta;
3804 struct ieee80211_hdr *hdr;
3805 struct ieee80211_txrx_data rx;
3806 u16 type;
3807 int multicast;
3808 int radiotap_len = 0;
3809
3810 if (status->flag & RX_FLAG_RADIOTAP) {
3811 radiotap_len = ieee80211_get_radiotap_len(skb);
3812 skb_pull(skb, radiotap_len);
3813 }
3814
3815 hdr = (struct ieee80211_hdr *) skb->data;
3816 memset(&rx, 0, sizeof(rx));
3817 rx.skb = skb;
3818 rx.local = local;
3819
3820 rx.u.rx.status = status;
3821 rx.fc = skb->len >= 2 ? le16_to_cpu(hdr->frame_control) : 0;
3822 type = rx.fc & IEEE80211_FCTL_FTYPE;
3823 if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT)
3824 local->dot11ReceivedFragmentCount++;
3825 multicast = is_multicast_ether_addr(hdr->addr1);
3826
3827 if (skb->len >= 16)
3828 sta = rx.sta = sta_info_get(local, hdr->addr2);
3829 else
3830 sta = rx.sta = NULL;
3831
3832 if (sta) {
3833 rx.dev = sta->dev;
3834 rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev);
3835 }
3836
3837 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
3838 ieee80211_rx_michael_mic_report(local->mdev, hdr, sta, &rx);
3839 goto end;
3840 }
3841
3842 if (unlikely(local->sta_scanning))
3843 rx.u.rx.in_scan = 1;
3844
3845 if (__ieee80211_invoke_rx_handlers(local, local->rx_pre_handlers, &rx,
3846 sta) != TXRX_CONTINUE)
3847 goto end;
3848 skb = rx.skb;
3849
3850 skb_push(skb, radiotap_len);
3851 if (sta && !sta->assoc_ap && !(sta->flags & WLAN_STA_WDS) &&
3852 !local->iff_promiscs && !multicast) {
3853 rx.u.rx.ra_match = 1;
3854 ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx,
3855 sta);
3856 } else {
3857 struct ieee80211_sub_if_data *prev = NULL;
3858 struct sk_buff *skb_new;
3859 u8 *bssid = ieee80211_get_bssid(hdr, skb->len - radiotap_len);
3860
3861 read_lock(&local->sub_if_lock);
3862 list_for_each_entry(sdata, &local->sub_if_list, list) {
3863 rx.u.rx.ra_match = 1;
3864 switch (sdata->type) {
3865 case IEEE80211_IF_TYPE_STA:
3866 if (!bssid)
3867 continue;
3868 if (!ieee80211_bssid_match(bssid,
3869 sdata->u.sta.bssid)) {
3870 if (!rx.u.rx.in_scan)
3871 continue;
3872 rx.u.rx.ra_match = 0;
3873 } else if (!multicast &&
3874 compare_ether_addr(sdata->dev->dev_addr,
3875 hdr->addr1) != 0) {
3876 if (!sdata->promisc)
3877 continue;
3878 rx.u.rx.ra_match = 0;
3879 }
3880 break;
3881 case IEEE80211_IF_TYPE_IBSS:
3882 if (!bssid)
3883 continue;
3884 if (!ieee80211_bssid_match(bssid,
3885 sdata->u.sta.bssid)) {
3886 if (!rx.u.rx.in_scan)
3887 continue;
3888 rx.u.rx.ra_match = 0;
3889 } else if (!multicast &&
3890 compare_ether_addr(sdata->dev->dev_addr,
3891 hdr->addr1) != 0) {
3892 if (!sdata->promisc)
3893 continue;
3894 rx.u.rx.ra_match = 0;
3895 } else if (!sta)
3896 sta = rx.sta =
3897 ieee80211_ibss_add_sta(sdata->dev,
3898 skb, bssid,
3899 hdr->addr2);
3900 break;
3901 case IEEE80211_IF_TYPE_AP:
3902 if (!bssid) {
3903 if (compare_ether_addr(sdata->dev->dev_addr,
3904 hdr->addr1) != 0)
3905 continue;
3906 } else if (!ieee80211_bssid_match(bssid,
3907 sdata->dev->dev_addr)) {
3908 if (!rx.u.rx.in_scan)
3909 continue;
3910 rx.u.rx.ra_match = 0;
3911 }
3912 if (sdata->dev == local->mdev &&
3913 !rx.u.rx.in_scan)
3914 /* do not receive anything via
3915 * master device when not scanning */
3916 continue;
3917 break;
3918 case IEEE80211_IF_TYPE_WDS:
3919 if (bssid ||
3920 (rx.fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
3921 continue;
3922 if (compare_ether_addr(sdata->u.wds.remote_addr,
3923 hdr->addr2) != 0)
3924 continue;
3925 break;
3926 }
3927
3928 if (prev) {
3929 skb_new = skb_copy(skb, GFP_ATOMIC);
3930 if (!skb_new) {
3931 if (net_ratelimit())
3932 printk(KERN_DEBUG "%s: failed to copy "
3933 "multicast frame for %s",
3934 local->mdev->name, prev->dev->name);
3935 continue;
3936 }
3937 rx.skb = skb_new;
3938 rx.dev = prev->dev;
3939 rx.sdata = prev;
3940 ieee80211_invoke_rx_handlers(local,
3941 local->rx_handlers,
3942 &rx, sta);
3943 }
3944 prev = sdata;
3945 }
3946 if (prev) {
3947 rx.skb = skb;
3948 rx.dev = prev->dev;
3949 rx.sdata = prev;
3950 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
3951 &rx, sta);
3952 } else
3953 dev_kfree_skb(skb);
3954 read_unlock(&local->sub_if_lock);
3955 }
3956
3957 end:
3958 if (sta)
3959 sta_info_put(sta);
3960}
3961EXPORT_SYMBOL(__ieee80211_rx);
3962
3963static ieee80211_txrx_result
3964ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
3965{
3966 struct ieee80211_local *local = tx->local;
3967 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
3968 struct sk_buff *skb = tx->skb;
3969 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
3970 u32 load = 0, hdrtime;
3971
3972 /* TODO: this could be part of tx_status handling, so that the number
3973 * of retries would be known; TX rate should in that case be stored
3974 * somewhere with the packet */
3975
3976 /* Estimate total channel use caused by this frame */
3977
3978 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
3979 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
3980
3981 if (mode->mode == MODE_IEEE80211A ||
3982 mode->mode == MODE_ATHEROS_TURBO ||
3983 mode->mode == MODE_ATHEROS_TURBOG ||
3984 (mode->mode == MODE_IEEE80211G &&
3985 tx->u.tx.rate->flags & IEEE80211_RATE_ERP))
3986 hdrtime = CHAN_UTIL_HDR_SHORT;
3987 else
3988 hdrtime = CHAN_UTIL_HDR_LONG;
3989
3990 load = hdrtime;
3991 if (!is_multicast_ether_addr(hdr->addr1))
3992 load += hdrtime;
3993
3994 if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
3995 load += 2 * hdrtime;
3996 else if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
3997 load += hdrtime;
3998
3999 load += skb->len * tx->u.tx.rate->rate_inv;
4000
4001 if (tx->u.tx.extra_frag) {
4002 int i;
4003 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
4004 load += 2 * hdrtime;
4005 load += tx->u.tx.extra_frag[i]->len *
4006 tx->u.tx.rate->rate;
4007 }
4008 }
4009
4010 /* Divide channel_use by 8 to avoid wrapping around the counter */
4011 load >>= CHAN_UTIL_SHIFT;
4012 local->channel_use_raw += load;
4013 if (tx->sta)
4014 tx->sta->channel_use_raw += load;
4015 tx->sdata->channel_use_raw += load;
4016
4017 return TXRX_CONTINUE;
4018}
4019
4020
4021static ieee80211_txrx_result
4022ieee80211_rx_h_load_stats(struct ieee80211_txrx_data *rx)
4023{
4024 struct ieee80211_local *local = rx->local;
4025 struct sk_buff *skb = rx->skb;
4026 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4027 u32 load = 0, hdrtime;
4028 struct ieee80211_rate *rate;
4029 struct ieee80211_hw_mode *mode = local->hw.conf.mode;
4030 int i;
4031
4032 /* Estimate total channel use caused by this frame */
4033
4034 if (unlikely(mode->num_rates < 0))
4035 return TXRX_CONTINUE;
4036
4037 rate = &mode->rates[0];
4038 for (i = 0; i < mode->num_rates; i++) {
4039 if (mode->rates[i].val == rx->u.rx.status->rate) {
4040 rate = &mode->rates[i];
4041 break;
4042 }
4043 }
4044
4045 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
4046 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
4047
4048 if (mode->mode == MODE_IEEE80211A ||
4049 mode->mode == MODE_ATHEROS_TURBO ||
4050 mode->mode == MODE_ATHEROS_TURBOG ||
4051 (mode->mode == MODE_IEEE80211G &&
4052 rate->flags & IEEE80211_RATE_ERP))
4053 hdrtime = CHAN_UTIL_HDR_SHORT;
4054 else
4055 hdrtime = CHAN_UTIL_HDR_LONG;
4056
4057 load = hdrtime;
4058 if (!is_multicast_ether_addr(hdr->addr1))
4059 load += hdrtime;
4060
4061 load += skb->len * rate->rate_inv;
4062
4063 /* Divide channel_use by 8 to avoid wrapping around the counter */
4064 load >>= CHAN_UTIL_SHIFT;
4065 local->channel_use_raw += load;
4066 if (rx->sta)
4067 rx->sta->channel_use_raw += load;
4068 rx->u.rx.load = load;
4069
4070 return TXRX_CONTINUE;
4071}
4072
4073static ieee80211_txrx_result
4074ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx)
4075{
4076 rx->sdata->channel_use_raw += rx->u.rx.load;
4077 return TXRX_CONTINUE;
4078}
4079
4080static void ieee80211_stat_refresh(unsigned long data)
4081{
4082 struct ieee80211_local *local = (struct ieee80211_local *) data;
4083 struct sta_info *sta;
4084 struct ieee80211_sub_if_data *sdata;
4085
4086 if (!local->stat_time)
4087 return;
4088
4089 /* go through all stations */
4090 spin_lock_bh(&local->sta_lock);
4091 list_for_each_entry(sta, &local->sta_list, list) {
4092 sta->channel_use = (sta->channel_use_raw / local->stat_time) /
4093 CHAN_UTIL_PER_10MS;
4094 sta->channel_use_raw = 0;
4095 }
4096 spin_unlock_bh(&local->sta_lock);
4097
4098 /* go through all subinterfaces */
4099 read_lock(&local->sub_if_lock);
4100 list_for_each_entry(sdata, &local->sub_if_list, list) {
4101 sdata->channel_use = (sdata->channel_use_raw /
4102 local->stat_time) / CHAN_UTIL_PER_10MS;
4103 sdata->channel_use_raw = 0;
4104 }
4105 read_unlock(&local->sub_if_lock);
4106
4107 /* hardware interface */
4108 local->channel_use = (local->channel_use_raw /
4109 local->stat_time) / CHAN_UTIL_PER_10MS;
4110 local->channel_use_raw = 0;
4111
4112 local->stat_timer.expires = jiffies + HZ * local->stat_time / 100;
4113 add_timer(&local->stat_timer);
4114}
4115
4116
4117/* This is a version of the rx handler that can be called from hard irq
4118 * context. Post the skb on the queue and schedule the tasklet */
4119void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb,
4120 struct ieee80211_rx_status *status)
4121{
4122 struct ieee80211_local *local = hw_to_local(hw);
4123
4124 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb));
4125
4126 skb->dev = local->mdev;
4127 /* copy status into skb->cb for use by tasklet */
4128 memcpy(skb->cb, status, sizeof(*status));
4129 skb->pkt_type = IEEE80211_RX_MSG;
4130 skb_queue_tail(&local->skb_queue, skb);
4131 tasklet_schedule(&local->tasklet);
4132}
4133EXPORT_SYMBOL(ieee80211_rx_irqsafe);
4134
4135void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
4136 struct sk_buff *skb,
4137 struct ieee80211_tx_status *status)
4138{
4139 struct ieee80211_local *local = hw_to_local(hw);
4140 struct ieee80211_tx_status *saved;
4141 int tmp;
4142
4143 skb->dev = local->mdev;
4144 saved = kmalloc(sizeof(struct ieee80211_tx_status), GFP_ATOMIC);
4145 if (unlikely(!saved)) {
4146 if (net_ratelimit())
4147 printk(KERN_WARNING "%s: Not enough memory, "
4148 "dropping tx status", skb->dev->name);
4149 /* should be dev_kfree_skb_irq, but due to this function being
4150 * named _irqsafe instead of just _irq we can't be sure that
4151 * people won't call it from non-irq contexts */
4152 dev_kfree_skb_any(skb);
4153 return;
4154 }
4155 memcpy(saved, status, sizeof(struct ieee80211_tx_status));
4156 /* copy pointer to saved status into skb->cb for use by tasklet */
4157 memcpy(skb->cb, &saved, sizeof(saved));
4158
4159 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
4160 skb_queue_tail(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS ?
4161 &local->skb_queue : &local->skb_queue_unreliable, skb);
4162 tmp = skb_queue_len(&local->skb_queue) +
4163 skb_queue_len(&local->skb_queue_unreliable);
4164 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
4165 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4166 memcpy(&saved, skb->cb, sizeof(saved));
4167 kfree(saved);
4168 dev_kfree_skb_irq(skb);
4169 tmp--;
4170 I802_DEBUG_INC(local->tx_status_drop);
4171 }
4172 tasklet_schedule(&local->tasklet);
4173}
4174EXPORT_SYMBOL(ieee80211_tx_status_irqsafe);
4175
4176static void ieee80211_tasklet_handler(unsigned long data)
4177{
4178 struct ieee80211_local *local = (struct ieee80211_local *) data;
4179 struct sk_buff *skb;
4180 struct ieee80211_rx_status rx_status;
4181 struct ieee80211_tx_status *tx_status;
4182
4183 while ((skb = skb_dequeue(&local->skb_queue)) ||
4184 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4185 switch (skb->pkt_type) {
4186 case IEEE80211_RX_MSG:
4187 /* status is in skb->cb */
4188 memcpy(&rx_status, skb->cb, sizeof(rx_status));
4189 /* Clear skb->type in order to not confuse kernel
4190 * netstack. */
4191 skb->pkt_type = 0;
4192 __ieee80211_rx(local_to_hw(local), skb, &rx_status);
4193 break;
4194 case IEEE80211_TX_STATUS_MSG:
4195 /* get pointer to saved status out of skb->cb */
4196 memcpy(&tx_status, skb->cb, sizeof(tx_status));
4197 skb->pkt_type = 0;
4198 ieee80211_tx_status(local_to_hw(local),
4199 skb, tx_status);
4200 kfree(tx_status);
4201 break;
4202 default: /* should never get here! */
4203 printk(KERN_ERR "%s: Unknown message type (%d)\n",
4204 local->mdev->name, skb->pkt_type);
4205 dev_kfree_skb(skb);
4206 break;
4207 }
4208 }
4209}
4210
4211
4212/* Remove added headers (e.g., QoS control), encryption header/MIC, etc. to
4213 * make a prepared TX frame (one that has been given to hw) to look like brand
4214 * new IEEE 802.11 frame that is ready to go through TX processing again.
4215 * Also, tx_packet_data in cb is restored from tx_control. */
4216static void ieee80211_remove_tx_extra(struct ieee80211_local *local,
4217 struct ieee80211_key *key,
4218 struct sk_buff *skb,
4219 struct ieee80211_tx_control *control)
4220{
4221 int hdrlen, iv_len, mic_len;
4222 struct ieee80211_tx_packet_data *pkt_data;
4223
4224 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
4225 pkt_data->ifindex = control->ifindex;
4226 pkt_data->mgmt_iface = (control->type == IEEE80211_IF_TYPE_MGMT);
4227 pkt_data->req_tx_status = !!(control->flags & IEEE80211_TXCTL_REQ_TX_STATUS);
4228 pkt_data->do_not_encrypt = !!(control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT);
4229 pkt_data->requeue = !!(control->flags & IEEE80211_TXCTL_REQUEUE);
4230 pkt_data->queue = control->queue;
4231
4232 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
4233
4234 if (!key)
4235 goto no_key;
4236
4237 switch (key->alg) {
4238 case ALG_WEP:
4239 iv_len = WEP_IV_LEN;
4240 mic_len = WEP_ICV_LEN;
4241 break;
4242 case ALG_TKIP:
4243 iv_len = TKIP_IV_LEN;
4244 mic_len = TKIP_ICV_LEN;
4245 break;
4246 case ALG_CCMP:
4247 iv_len = CCMP_HDR_LEN;
4248 mic_len = CCMP_MIC_LEN;
4249 break;
4250 default:
4251 goto no_key;
4252 }
4253
4254 if (skb->len >= mic_len && key->force_sw_encrypt)
4255 skb_trim(skb, skb->len - mic_len);
4256 if (skb->len >= iv_len && skb->len > hdrlen) {
4257 memmove(skb->data + iv_len, skb->data, hdrlen);
4258 skb_pull(skb, iv_len);
4259 }
4260
4261no_key:
4262 {
4263 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4264 u16 fc = le16_to_cpu(hdr->frame_control);
4265 if ((fc & 0x8C) == 0x88) /* QoS Control Field */ {
4266 fc &= ~IEEE80211_STYPE_QOS_DATA;
4267 hdr->frame_control = cpu_to_le16(fc);
4268 memmove(skb->data + 2, skb->data, hdrlen - 2);
4269 skb_pull(skb, 2);
4270 }
4271 }
4272}
4273
4274
4275void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
4276 struct ieee80211_tx_status *status)
4277{
4278 struct sk_buff *skb2;
4279 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4280 struct ieee80211_local *local = hw_to_local(hw);
4281 u16 frag, type;
4282 u32 msg_type;
4283
4284 if (!status) {
4285 printk(KERN_ERR
4286 "%s: ieee80211_tx_status called with NULL status\n",
4287 local->mdev->name);
4288 dev_kfree_skb(skb);
4289 return;
4290 }
4291
4292 if (status->excessive_retries) {
4293 struct sta_info *sta;
4294 sta = sta_info_get(local, hdr->addr1);
4295 if (sta) {
4296 if (sta->flags & WLAN_STA_PS) {
4297 /* The STA is in power save mode, so assume
4298 * that this TX packet failed because of that.
4299 */
4300 status->excessive_retries = 0;
4301 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
4302 }
4303 sta_info_put(sta);
4304 }
4305 }
4306
4307 if (status->flags & IEEE80211_TX_STATUS_TX_FILTERED) {
4308 struct sta_info *sta;
4309 sta = sta_info_get(local, hdr->addr1);
4310 if (sta) {
4311 sta->tx_filtered_count++;
4312
4313 /* Clear the TX filter mask for this STA when sending
4314 * the next packet. If the STA went to power save mode,
4315 * this will happen when it is waking up for the next
4316 * time. */
4317 sta->clear_dst_mask = 1;
4318
4319 /* TODO: Is the WLAN_STA_PS flag always set here or is
4320 * the race between RX and TX status causing some
4321 * packets to be filtered out before 80211.o gets an
4322 * update for PS status? This seems to be the case, so
4323 * no changes are likely to be needed. */
4324 if (sta->flags & WLAN_STA_PS &&
4325 skb_queue_len(&sta->tx_filtered) <
4326 STA_MAX_TX_BUFFER) {
4327 ieee80211_remove_tx_extra(local, sta->key,
4328 skb,
4329 &status->control);
4330 skb_queue_tail(&sta->tx_filtered, skb);
4331 } else if (!(sta->flags & WLAN_STA_PS) &&
4332 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) {
4333 /* Software retry the packet once */
4334 status->control.flags |= IEEE80211_TXCTL_REQUEUE;
4335 ieee80211_remove_tx_extra(local, sta->key,
4336 skb,
4337 &status->control);
4338 dev_queue_xmit(skb);
4339 } else {
4340 if (net_ratelimit()) {
4341 printk(KERN_DEBUG "%s: dropped TX "
4342 "filtered frame queue_len=%d "
4343 "PS=%d @%lu\n",
4344 local->mdev->name,
4345 skb_queue_len(
4346 &sta->tx_filtered),
4347 !!(sta->flags & WLAN_STA_PS),
4348 jiffies);
4349 }
4350 dev_kfree_skb(skb);
4351 }
4352 sta_info_put(sta);
4353 return;
4354 }
4355 } else {
4356 /* FIXME: STUPID to call this with both local and local->mdev */
4357 rate_control_tx_status(local, local->mdev, skb, status);
4358 }
4359
4360 ieee80211_led_tx(local, 0);
4361
4362 /* SNMP counters
4363 * Fragments are passed to low-level drivers as separate skbs, so these
4364 * are actually fragments, not frames. Update frame counters only for
4365 * the first fragment of the frame. */
4366
4367 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
4368 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
4369
4370 if (status->flags & IEEE80211_TX_STATUS_ACK) {
4371 if (frag == 0) {
4372 local->dot11TransmittedFrameCount++;
4373 if (is_multicast_ether_addr(hdr->addr1))
4374 local->dot11MulticastTransmittedFrameCount++;
4375 if (status->retry_count > 0)
4376 local->dot11RetryCount++;
4377 if (status->retry_count > 1)
4378 local->dot11MultipleRetryCount++;
4379 }
4380
4381 /* This counter shall be incremented for an acknowledged MPDU
4382 * with an individual address in the address 1 field or an MPDU
4383 * with a multicast address in the address 1 field of type Data
4384 * or Management. */
4385 if (!is_multicast_ether_addr(hdr->addr1) ||
4386 type == IEEE80211_FTYPE_DATA ||
4387 type == IEEE80211_FTYPE_MGMT)
4388 local->dot11TransmittedFragmentCount++;
4389 } else {
4390 if (frag == 0)
4391 local->dot11FailedCount++;
4392 }
4393
4394 if (!(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS)
4395 || unlikely(!local->apdev)) {
4396 dev_kfree_skb(skb);
4397 return;
4398 }
4399
4400 msg_type = (status->flags & IEEE80211_TX_STATUS_ACK) ?
4401 ieee80211_msg_tx_callback_ack : ieee80211_msg_tx_callback_fail;
4402
4403 /* skb was the original skb used for TX. Clone it and give the clone
4404 * to netif_rx(). Free original skb. */
4405 skb2 = skb_copy(skb, GFP_ATOMIC);
4406 if (!skb2) {
4407 dev_kfree_skb(skb);
4408 return;
4409 }
4410 dev_kfree_skb(skb);
4411 skb = skb2;
4412
4413 /* Send frame to hostapd */
4414 ieee80211_rx_mgmt(local, skb, NULL, msg_type);
4415}
4416EXPORT_SYMBOL(ieee80211_tx_status);
4417
4418/* TODO: implement register/unregister functions for adding TX/RX handlers
4419 * into ordered list */
4420
4421/* rx_pre handlers don't have dev and sdata fields available in
4422 * ieee80211_txrx_data */
4423static ieee80211_rx_handler ieee80211_rx_pre_handlers[] =
4424{
4425 ieee80211_rx_h_parse_qos,
4426 ieee80211_rx_h_load_stats,
4427 NULL
4428};
4429
4430static ieee80211_rx_handler ieee80211_rx_handlers[] =
4431{
4432 ieee80211_rx_h_if_stats,
4433 ieee80211_rx_h_monitor,
4434 ieee80211_rx_h_passive_scan,
4435 ieee80211_rx_h_check,
4436 ieee80211_rx_h_sta_process,
4437 ieee80211_rx_h_ccmp_decrypt,
4438 ieee80211_rx_h_tkip_decrypt,
4439 ieee80211_rx_h_wep_weak_iv_detection,
4440 ieee80211_rx_h_wep_decrypt,
4441 ieee80211_rx_h_defragment,
4442 ieee80211_rx_h_ps_poll,
4443 ieee80211_rx_h_michael_mic_verify,
4444 /* this must be after decryption - so header is counted in MPDU mic
4445 * must be before pae and data, so QOS_DATA format frames
4446 * are not passed to user space by these functions
4447 */
4448 ieee80211_rx_h_remove_qos_control,
4449 ieee80211_rx_h_802_1x_pae,
4450 ieee80211_rx_h_drop_unencrypted,
4451 ieee80211_rx_h_data,
4452 ieee80211_rx_h_mgmt,
4453 NULL
4454};
4455
4456static ieee80211_tx_handler ieee80211_tx_handlers[] =
4457{
4458 ieee80211_tx_h_check_assoc,
4459 ieee80211_tx_h_sequence,
4460 ieee80211_tx_h_ps_buf,
4461 ieee80211_tx_h_select_key,
4462 ieee80211_tx_h_michael_mic_add,
4463 ieee80211_tx_h_fragment,
4464 ieee80211_tx_h_tkip_encrypt,
4465 ieee80211_tx_h_ccmp_encrypt,
4466 ieee80211_tx_h_wep_encrypt,
4467 ieee80211_tx_h_rate_ctrl,
4468 ieee80211_tx_h_misc,
4469 ieee80211_tx_h_load_stats,
4470 NULL
4471};
4472
4473
4474int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr)
4475{
4476 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4477 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4478 struct sta_info *sta;
4479
4480 if (compare_ether_addr(remote_addr, sdata->u.wds.remote_addr) == 0)
4481 return 0;
4482
4483 /* Create STA entry for the new peer */
4484 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL);
4485 if (!sta)
4486 return -ENOMEM;
4487 sta_info_put(sta);
4488
4489 /* Remove STA entry for the old peer */
4490 sta = sta_info_get(local, sdata->u.wds.remote_addr);
4491 if (sta) {
4492 sta_info_put(sta);
4493 sta_info_free(sta, 0);
4494 } else {
4495 printk(KERN_DEBUG "%s: could not find STA entry for WDS link "
4496 "peer " MAC_FMT "\n",
4497 dev->name, MAC_ARG(sdata->u.wds.remote_addr));
4498 }
4499
4500 /* Update WDS link data */
4501 memcpy(&sdata->u.wds.remote_addr, remote_addr, ETH_ALEN);
4502
4503 return 0;
4504}
4505
4506/* Must not be called for mdev and apdev */
4507void ieee80211_if_setup(struct net_device *dev)
4508{
4509 ether_setup(dev);
4510 dev->hard_start_xmit = ieee80211_subif_start_xmit;
4511 dev->wireless_handlers = &ieee80211_iw_handler_def;
4512 dev->set_multicast_list = ieee80211_set_multicast_list;
4513 dev->change_mtu = ieee80211_change_mtu;
4514 dev->get_stats = ieee80211_get_stats;
4515 dev->open = ieee80211_open;
4516 dev->stop = ieee80211_stop;
4517 dev->uninit = ieee80211_if_reinit;
4518 dev->destructor = ieee80211_if_free;
4519}
4520
4521void ieee80211_if_mgmt_setup(struct net_device *dev)
4522{
4523 ether_setup(dev);
4524 dev->hard_start_xmit = ieee80211_mgmt_start_xmit;
4525 dev->change_mtu = ieee80211_change_mtu_apdev;
4526 dev->get_stats = ieee80211_get_stats;
4527 dev->open = ieee80211_mgmt_open;
4528 dev->stop = ieee80211_mgmt_stop;
4529 dev->type = ARPHRD_IEEE80211_PRISM;
4530 dev->hard_header_parse = header_parse_80211;
4531 dev->uninit = ieee80211_if_reinit;
4532 dev->destructor = ieee80211_if_free;
4533}
4534
4535int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
4536 const char *name)
4537{
4538 struct rate_control_ref *ref, *old;
4539
4540 ASSERT_RTNL();
4541 if (local->open_count || netif_running(local->mdev) ||
4542 (local->apdev && netif_running(local->apdev)))
4543 return -EBUSY;
4544
4545 ref = rate_control_alloc(name, local);
4546 if (!ref) {
4547 printk(KERN_WARNING "%s: Failed to select rate control "
4548 "algorithm\n", local->mdev->name);
4549 return -ENOENT;
4550 }
4551
4552 old = local->rate_ctrl;
4553 local->rate_ctrl = ref;
4554 if (old) {
4555 rate_control_put(old);
4556 sta_info_flush(local, NULL);
4557 }
4558
4559 printk(KERN_DEBUG "%s: Selected rate control "
4560 "algorithm '%s'\n", local->mdev->name,
4561 ref->ops->name);
4562
4563
4564 return 0;
4565}
4566
4567static void rate_control_deinitialize(struct ieee80211_local *local)
4568{
4569 struct rate_control_ref *ref;
4570
4571 ref = local->rate_ctrl;
4572 local->rate_ctrl = NULL;
4573 rate_control_put(ref);
4574}
4575
4576struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
4577 const struct ieee80211_ops *ops)
4578{
4579 struct net_device *mdev;
4580 struct ieee80211_local *local;
4581 struct ieee80211_sub_if_data *sdata;
4582 int priv_size;
4583 struct wiphy *wiphy;
4584
4585 /* Ensure 32-byte alignment of our private data and hw private data.
4586 * We use the wiphy priv data for both our ieee80211_local and for
4587 * the driver's private data
4588 *
4589 * In memory it'll be like this:
4590 *
4591 * +-------------------------+
4592 * | struct wiphy |
4593 * +-------------------------+
4594 * | struct ieee80211_local |
4595 * +-------------------------+
4596 * | driver's private data |
4597 * +-------------------------+
4598 *
4599 */
4600 priv_size = ((sizeof(struct ieee80211_local) +
4601 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST) +
4602 priv_data_len;
4603
4604 wiphy = wiphy_new(&mac80211_config_ops, priv_size);
4605
4606 if (!wiphy)
4607 return NULL;
4608
4609 wiphy->privid = mac80211_wiphy_privid;
4610
4611 local = wiphy_priv(wiphy);
4612 local->hw.wiphy = wiphy;
4613
4614 local->hw.priv = (char *)local +
4615 ((sizeof(struct ieee80211_local) +
4616 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST);
4617
4618 local->ops = ops;
4619
4620 /* for now, mdev needs sub_if_data :/ */
4621 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
4622 "wmaster%d", ether_setup);
4623 if (!mdev) {
4624 wiphy_free(wiphy);
4625 return NULL;
4626 }
4627
4628 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
4629 mdev->ieee80211_ptr = &sdata->wdev;
4630 sdata->wdev.wiphy = wiphy;
4631
4632 local->hw.queues = 1; /* default */
4633
4634 local->mdev = mdev;
4635 local->rx_pre_handlers = ieee80211_rx_pre_handlers;
4636 local->rx_handlers = ieee80211_rx_handlers;
4637 local->tx_handlers = ieee80211_tx_handlers;
4638
4639 local->bridge_packets = 1;
4640
4641 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
4642 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
4643 local->short_retry_limit = 7;
4644 local->long_retry_limit = 4;
4645 local->hw.conf.radio_enabled = 1;
4646 local->rate_ctrl_num_up = RATE_CONTROL_NUM_UP;
4647 local->rate_ctrl_num_down = RATE_CONTROL_NUM_DOWN;
4648
4649 local->enabled_modes = (unsigned int) -1;
4650
4651 INIT_LIST_HEAD(&local->modes_list);
4652
4653 rwlock_init(&local->sub_if_lock);
4654 INIT_LIST_HEAD(&local->sub_if_list);
4655
4656 INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work);
4657 init_timer(&local->stat_timer);
4658 local->stat_timer.function = ieee80211_stat_refresh;
4659 local->stat_timer.data = (unsigned long) local;
4660 ieee80211_rx_bss_list_init(mdev);
4661
4662 sta_info_init(local);
4663
4664 mdev->hard_start_xmit = ieee80211_master_start_xmit;
4665 mdev->open = ieee80211_master_open;
4666 mdev->stop = ieee80211_master_stop;
4667 mdev->type = ARPHRD_IEEE80211;
4668 mdev->hard_header_parse = header_parse_80211;
4669
4670 sdata->type = IEEE80211_IF_TYPE_AP;
4671 sdata->dev = mdev;
4672 sdata->local = local;
4673 sdata->u.ap.force_unicast_rateidx = -1;
4674 sdata->u.ap.max_ratectrl_rateidx = -1;
4675 ieee80211_if_sdata_init(sdata);
4676 list_add_tail(&sdata->list, &local->sub_if_list);
4677
4678 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
4679 (unsigned long)local);
4680 tasklet_disable(&local->tx_pending_tasklet);
4681
4682 tasklet_init(&local->tasklet,
4683 ieee80211_tasklet_handler,
4684 (unsigned long) local);
4685 tasklet_disable(&local->tasklet);
4686
4687 skb_queue_head_init(&local->skb_queue);
4688 skb_queue_head_init(&local->skb_queue_unreliable);
4689
4690 return local_to_hw(local);
4691}
4692EXPORT_SYMBOL(ieee80211_alloc_hw);
4693
4694int ieee80211_register_hw(struct ieee80211_hw *hw)
4695{
4696 struct ieee80211_local *local = hw_to_local(hw);
4697 const char *name;
4698 int result;
4699
4700 result = wiphy_register(local->hw.wiphy);
4701 if (result < 0)
4702 return result;
4703
4704 name = wiphy_dev(local->hw.wiphy)->driver->name;
4705 local->hw.workqueue = create_singlethread_workqueue(name);
4706 if (!local->hw.workqueue) {
4707 result = -ENOMEM;
4708 goto fail_workqueue;
4709 }
4710
4711 debugfs_hw_add(local);
4712
4713 local->hw.conf.beacon_int = 1000;
4714
4715 local->wstats_flags |= local->hw.max_rssi ?
4716 IW_QUAL_LEVEL_UPDATED : IW_QUAL_LEVEL_INVALID;
4717 local->wstats_flags |= local->hw.max_signal ?
4718 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID;
4719 local->wstats_flags |= local->hw.max_noise ?
4720 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID;
4721 if (local->hw.max_rssi < 0 || local->hw.max_noise < 0)
4722 local->wstats_flags |= IW_QUAL_DBM;
4723
4724 result = sta_info_start(local);
4725 if (result < 0)
4726 goto fail_sta_info;
4727
4728 rtnl_lock();
4729 result = dev_alloc_name(local->mdev, local->mdev->name);
4730 if (result < 0)
4731 goto fail_dev;
4732
4733 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
4734 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
4735
4736 result = register_netdevice(local->mdev);
4737 if (result < 0)
4738 goto fail_dev;
4739
4740 ieee80211_debugfs_add_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4741
4742 result = ieee80211_init_rate_ctrl_alg(local, NULL);
4743 if (result < 0) {
4744 printk(KERN_DEBUG "%s: Failed to initialize rate control "
4745 "algorithm\n", local->mdev->name);
4746 goto fail_rate;
4747 }
4748
4749 result = ieee80211_wep_init(local);
4750
4751 if (result < 0) {
4752 printk(KERN_DEBUG "%s: Failed to initialize wep\n",
4753 local->mdev->name);
4754 goto fail_wep;
4755 }
4756
4757 ieee80211_install_qdisc(local->mdev);
4758
4759 /* add one default STA interface */
4760 result = ieee80211_if_add(local->mdev, "wlan%d", NULL,
4761 IEEE80211_IF_TYPE_STA);
4762 if (result)
4763 printk(KERN_WARNING "%s: Failed to add default virtual iface\n",
4764 local->mdev->name);
4765
4766 local->reg_state = IEEE80211_DEV_REGISTERED;
4767 rtnl_unlock();
4768
4769 ieee80211_led_init(local);
4770
4771 return 0;
4772
4773fail_wep:
4774 rate_control_deinitialize(local);
4775fail_rate:
4776 ieee80211_debugfs_remove_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4777 unregister_netdevice(local->mdev);
4778fail_dev:
4779 rtnl_unlock();
4780 sta_info_stop(local);
4781fail_sta_info:
4782 debugfs_hw_del(local);
4783 destroy_workqueue(local->hw.workqueue);
4784fail_workqueue:
4785 wiphy_unregister(local->hw.wiphy);
4786 return result;
4787}
4788EXPORT_SYMBOL(ieee80211_register_hw);
4789
4790int ieee80211_register_hwmode(struct ieee80211_hw *hw,
4791 struct ieee80211_hw_mode *mode)
4792{
4793 struct ieee80211_local *local = hw_to_local(hw);
4794 struct ieee80211_rate *rate;
4795 int i;
4796
4797 INIT_LIST_HEAD(&mode->list);
4798 list_add_tail(&mode->list, &local->modes_list);
4799
4800 local->hw_modes |= (1 << mode->mode);
4801 for (i = 0; i < mode->num_rates; i++) {
4802 rate = &(mode->rates[i]);
4803 rate->rate_inv = CHAN_UTIL_RATE_LCM / rate->rate;
4804 }
4805 ieee80211_prepare_rates(local, mode);
4806
4807 if (!local->oper_hw_mode) {
4808 /* Default to this mode */
4809 local->hw.conf.phymode = mode->mode;
4810 local->oper_hw_mode = local->scan_hw_mode = mode;
4811 local->oper_channel = local->scan_channel = &mode->channels[0];
4812 local->hw.conf.mode = local->oper_hw_mode;
4813 local->hw.conf.chan = local->oper_channel;
4814 }
4815
4816 if (!(hw->flags & IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED))
4817 ieee80211_init_client(local->mdev);
4818
4819 return 0;
4820}
4821EXPORT_SYMBOL(ieee80211_register_hwmode);
4822
4823void ieee80211_unregister_hw(struct ieee80211_hw *hw)
4824{
4825 struct ieee80211_local *local = hw_to_local(hw);
4826 struct ieee80211_sub_if_data *sdata, *tmp;
4827 struct list_head tmp_list;
4828 int i;
4829
4830 tasklet_kill(&local->tx_pending_tasklet);
4831 tasklet_kill(&local->tasklet);
4832
4833 rtnl_lock();
4834
4835 BUG_ON(local->reg_state != IEEE80211_DEV_REGISTERED);
4836
4837 local->reg_state = IEEE80211_DEV_UNREGISTERED;
4838 if (local->apdev)
4839 ieee80211_if_del_mgmt(local);
4840
4841 write_lock_bh(&local->sub_if_lock);
4842 list_replace_init(&local->sub_if_list, &tmp_list);
4843 write_unlock_bh(&local->sub_if_lock);
4844
4845 list_for_each_entry_safe(sdata, tmp, &tmp_list, list)
4846 __ieee80211_if_del(local, sdata);
4847
4848 rtnl_unlock();
4849
4850 if (local->stat_time)
4851 del_timer_sync(&local->stat_timer);
4852
4853 ieee80211_rx_bss_list_deinit(local->mdev);
4854 ieee80211_clear_tx_pending(local);
4855 sta_info_stop(local);
4856 rate_control_deinitialize(local);
4857 debugfs_hw_del(local);
4858
4859 for (i = 0; i < NUM_IEEE80211_MODES; i++) {
4860 kfree(local->supp_rates[i]);
4861 kfree(local->basic_rates[i]);
4862 }
4863
4864 if (skb_queue_len(&local->skb_queue)
4865 || skb_queue_len(&local->skb_queue_unreliable))
4866 printk(KERN_WARNING "%s: skb_queue not empty\n",
4867 local->mdev->name);
4868 skb_queue_purge(&local->skb_queue);
4869 skb_queue_purge(&local->skb_queue_unreliable);
4870
4871 destroy_workqueue(local->hw.workqueue);
4872 wiphy_unregister(local->hw.wiphy);
4873 ieee80211_wep_free(local);
4874 ieee80211_led_exit(local);
4875}
4876EXPORT_SYMBOL(ieee80211_unregister_hw);
4877
4878void ieee80211_free_hw(struct ieee80211_hw *hw)
4879{
4880 struct ieee80211_local *local = hw_to_local(hw);
4881
4882 ieee80211_if_free(local->mdev);
4883 wiphy_free(local->hw.wiphy);
4884}
4885EXPORT_SYMBOL(ieee80211_free_hw);
4886
4887void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue)
4888{
4889 struct ieee80211_local *local = hw_to_local(hw);
4890
4891 if (test_and_clear_bit(IEEE80211_LINK_STATE_XOFF,
4892 &local->state[queue])) {
4893 if (test_bit(IEEE80211_LINK_STATE_PENDING,
4894 &local->state[queue]))
4895 tasklet_schedule(&local->tx_pending_tasklet);
4896 else
4897 if (!ieee80211_qdisc_installed(local->mdev)) {
4898 if (queue == 0)
4899 netif_wake_queue(local->mdev);
4900 } else
4901 __netif_schedule(local->mdev);
4902 }
4903}
4904EXPORT_SYMBOL(ieee80211_wake_queue);
4905
4906void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue)
4907{
4908 struct ieee80211_local *local = hw_to_local(hw);
4909
4910 if (!ieee80211_qdisc_installed(local->mdev) && queue == 0)
4911 netif_stop_queue(local->mdev);
4912 set_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
4913}
4914EXPORT_SYMBOL(ieee80211_stop_queue);
4915
4916void ieee80211_start_queues(struct ieee80211_hw *hw)
4917{
4918 struct ieee80211_local *local = hw_to_local(hw);
4919 int i;
4920
4921 for (i = 0; i < local->hw.queues; i++)
4922 clear_bit(IEEE80211_LINK_STATE_XOFF, &local->state[i]);
4923 if (!ieee80211_qdisc_installed(local->mdev))
4924 netif_start_queue(local->mdev);
4925}
4926EXPORT_SYMBOL(ieee80211_start_queues);
4927
4928void ieee80211_stop_queues(struct ieee80211_hw *hw)
4929{
4930 int i;
4931
4932 for (i = 0; i < hw->queues; i++)
4933 ieee80211_stop_queue(hw, i);
4934}
4935EXPORT_SYMBOL(ieee80211_stop_queues);
4936
4937void ieee80211_wake_queues(struct ieee80211_hw *hw)
4938{
4939 int i;
4940
4941 for (i = 0; i < hw->queues; i++)
4942 ieee80211_wake_queue(hw, i);
4943}
4944EXPORT_SYMBOL(ieee80211_wake_queues);
4945
4946struct net_device_stats *ieee80211_dev_stats(struct net_device *dev)
4947{
4948 struct ieee80211_sub_if_data *sdata;
4949 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4950 return &sdata->stats;
4951}
4952
4953static int __init ieee80211_init(void)
4954{
4955 struct sk_buff *skb;
4956 int ret;
4957
4958 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb));
4959
4960 ret = ieee80211_wme_register();
4961 if (ret) {
4962 printk(KERN_DEBUG "ieee80211_init: failed to "
4963 "initialize WME (err=%d)\n", ret);
4964 return ret;
4965 }
4966
4967 ieee80211_debugfs_netdev_init();
4968
4969 return 0;
4970}
4971
4972
4973static void __exit ieee80211_exit(void)
4974{
4975 ieee80211_wme_unregister();
4976 ieee80211_debugfs_netdev_exit();
4977}
4978
4979
4980module_init(ieee80211_init);
4981module_exit(ieee80211_exit);
4982
4983MODULE_DESCRIPTION("IEEE 802.11 subsystem");
4984MODULE_LICENSE("GPL");
diff --git a/net/mac80211/ieee80211_cfg.c b/net/mac80211/ieee80211_cfg.c
new file mode 100644
index 000000000000..509096edb324
--- /dev/null
+++ b/net/mac80211/ieee80211_cfg.c
@@ -0,0 +1,66 @@
1/*
2 * mac80211 configuration hooks for cfg80211
3 *
4 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * This file is GPLv2 as found in COPYING.
7 */
8
9#include <linux/nl80211.h>
10#include <linux/rtnetlink.h>
11#include <net/cfg80211.h>
12#include "ieee80211_i.h"
13#include "ieee80211_cfg.h"
14
15static int ieee80211_add_iface(struct wiphy *wiphy, char *name,
16 unsigned int type)
17{
18 struct ieee80211_local *local = wiphy_priv(wiphy);
19 int itype;
20
21 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED))
22 return -ENODEV;
23
24 switch (type) {
25 case NL80211_IFTYPE_UNSPECIFIED:
26 itype = IEEE80211_IF_TYPE_STA;
27 break;
28 case NL80211_IFTYPE_ADHOC:
29 itype = IEEE80211_IF_TYPE_IBSS;
30 break;
31 case NL80211_IFTYPE_STATION:
32 itype = IEEE80211_IF_TYPE_STA;
33 break;
34 case NL80211_IFTYPE_MONITOR:
35 itype = IEEE80211_IF_TYPE_MNTR;
36 break;
37 default:
38 return -EINVAL;
39 }
40
41 return ieee80211_if_add(local->mdev, name, NULL, itype);
42}
43
44static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex)
45{
46 struct ieee80211_local *local = wiphy_priv(wiphy);
47 struct net_device *dev;
48 char *name;
49
50 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED))
51 return -ENODEV;
52
53 dev = dev_get_by_index(ifindex);
54 if (!dev)
55 return 0;
56
57 name = dev->name;
58 dev_put(dev);
59
60 return ieee80211_if_remove(local->mdev, name, -1);
61}
62
63struct cfg80211_ops mac80211_config_ops = {
64 .add_virtual_intf = ieee80211_add_iface,
65 .del_virtual_intf = ieee80211_del_iface,
66};
diff --git a/net/mac80211/ieee80211_cfg.h b/net/mac80211/ieee80211_cfg.h
new file mode 100644
index 000000000000..85ed2c924878
--- /dev/null
+++ b/net/mac80211/ieee80211_cfg.h
@@ -0,0 +1,9 @@
1/*
2 * mac80211 configuration hooks for cfg80211
3 */
4#ifndef __IEEE80211_CFG_H
5#define __IEEE80211_CFG_H
6
7extern struct cfg80211_ops mac80211_config_ops;
8
9#endif /* __IEEE80211_CFG_H */
diff --git a/net/mac80211/ieee80211_common.h b/net/mac80211/ieee80211_common.h
new file mode 100644
index 000000000000..b9a73e7f5f75
--- /dev/null
+++ b/net/mac80211/ieee80211_common.h
@@ -0,0 +1,98 @@
1/*
2 * IEEE 802.11 driver (80211.o) -- hostapd interface
3 * Copyright 2002-2004, Instant802 Networks, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef IEEE80211_COMMON_H
11#define IEEE80211_COMMON_H
12
13#include <linux/types.h>
14
15/*
16 * This is common header information with user space. It is used on all
17 * frames sent to wlan#ap interface.
18 */
19
20#define IEEE80211_FI_VERSION 0x80211001
21
22struct ieee80211_frame_info {
23 __be32 version;
24 __be32 length;
25 __be64 mactime;
26 __be64 hosttime;
27 __be32 phytype;
28 __be32 channel;
29 __be32 datarate;
30 __be32 antenna;
31 __be32 priority;
32 __be32 ssi_type;
33 __be32 ssi_signal;
34 __be32 ssi_noise;
35 __be32 preamble;
36 __be32 encoding;
37
38 /* Note: this structure is otherwise identical to capture format used
39 * in linux-wlan-ng, but this additional field is used to provide meta
40 * data about the frame to hostapd. This was the easiest method for
41 * providing this information, but this might change in the future. */
42 __be32 msg_type;
43} __attribute__ ((packed));
44
45
46enum ieee80211_msg_type {
47 ieee80211_msg_normal = 0,
48 ieee80211_msg_tx_callback_ack = 1,
49 ieee80211_msg_tx_callback_fail = 2,
50 ieee80211_msg_passive_scan = 3,
51 ieee80211_msg_wep_frame_unknown_key = 4,
52 ieee80211_msg_michael_mic_failure = 5,
53 /* hole at 6, was monitor but never sent to userspace */
54 ieee80211_msg_sta_not_assoc = 7,
55 ieee80211_msg_set_aid_for_sta = 8 /* used by Intersil MVC driver */,
56 ieee80211_msg_key_threshold_notification = 9,
57 ieee80211_msg_radar = 11,
58};
59
60struct ieee80211_msg_set_aid_for_sta {
61 char sta_address[ETH_ALEN];
62 u16 aid;
63};
64
65struct ieee80211_msg_key_notification {
66 int tx_rx_count;
67 char ifname[IFNAMSIZ];
68 u8 addr[ETH_ALEN]; /* ff:ff:ff:ff:ff:ff for broadcast keys */
69};
70
71
72enum ieee80211_phytype {
73 ieee80211_phytype_fhss_dot11_97 = 1,
74 ieee80211_phytype_dsss_dot11_97 = 2,
75 ieee80211_phytype_irbaseband = 3,
76 ieee80211_phytype_dsss_dot11_b = 4,
77 ieee80211_phytype_pbcc_dot11_b = 5,
78 ieee80211_phytype_ofdm_dot11_g = 6,
79 ieee80211_phytype_pbcc_dot11_g = 7,
80 ieee80211_phytype_ofdm_dot11_a = 8,
81 ieee80211_phytype_dsss_dot11_turbog = 255,
82 ieee80211_phytype_dsss_dot11_turbo = 256,
83};
84
85enum ieee80211_ssi_type {
86 ieee80211_ssi_none = 0,
87 ieee80211_ssi_norm = 1, /* normalized, 0-1000 */
88 ieee80211_ssi_dbm = 2,
89 ieee80211_ssi_raw = 3, /* raw SSI */
90};
91
92struct ieee80211_radar_info {
93 int channel;
94 int radar;
95 int radar_type;
96};
97
98#endif /* IEEE80211_COMMON_H */
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
new file mode 100644
index 000000000000..af4d14d0b969
--- /dev/null
+++ b/net/mac80211/ieee80211_i.h
@@ -0,0 +1,798 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef IEEE80211_I_H
12#define IEEE80211_I_H
13
14#include <linux/kernel.h>
15#include <linux/device.h>
16#include <linux/if_ether.h>
17#include <linux/interrupt.h>
18#include <linux/list.h>
19#include <linux/netdevice.h>
20#include <linux/skbuff.h>
21#include <linux/workqueue.h>
22#include <linux/types.h>
23#include <linux/spinlock.h>
24#include <net/wireless.h>
25#include "ieee80211_key.h"
26#include "sta_info.h"
27
28/* ieee80211.o internal definitions, etc. These are not included into
29 * low-level drivers. */
30
31#ifndef ETH_P_PAE
32#define ETH_P_PAE 0x888E /* Port Access Entity (IEEE 802.1X) */
33#endif /* ETH_P_PAE */
34
35#define WLAN_FC_DATA_PRESENT(fc) (((fc) & 0x4c) == 0x08)
36
37struct ieee80211_local;
38
39#define BIT(x) (1 << (x))
40
41#define IEEE80211_ALIGN32_PAD(a) ((4 - ((a) & 3)) & 3)
42
43/* Maximum number of broadcast/multicast frames to buffer when some of the
44 * associated stations are using power saving. */
45#define AP_MAX_BC_BUFFER 128
46
47/* Maximum number of frames buffered to all STAs, including multicast frames.
48 * Note: increasing this limit increases the potential memory requirement. Each
49 * frame can be up to about 2 kB long. */
50#define TOTAL_MAX_TX_BUFFER 512
51
52/* Required encryption head and tailroom */
53#define IEEE80211_ENCRYPT_HEADROOM 8
54#define IEEE80211_ENCRYPT_TAILROOM 12
55
56/* IEEE 802.11 (Ch. 9.5 Defragmentation) requires support for concurrent
57 * reception of at least three fragmented frames. This limit can be increased
58 * by changing this define, at the cost of slower frame reassembly and
59 * increased memory use (about 2 kB of RAM per entry). */
60#define IEEE80211_FRAGMENT_MAX 4
61
62struct ieee80211_fragment_entry {
63 unsigned long first_frag_time;
64 unsigned int seq;
65 unsigned int rx_queue;
66 unsigned int last_frag;
67 unsigned int extra_len;
68 struct sk_buff_head skb_list;
69 int ccmp; /* Whether fragments were encrypted with CCMP */
70 u8 last_pn[6]; /* PN of the last fragment if CCMP was used */
71};
72
73
74struct ieee80211_sta_bss {
75 struct list_head list;
76 struct ieee80211_sta_bss *hnext;
77 atomic_t users;
78
79 u8 bssid[ETH_ALEN];
80 u8 ssid[IEEE80211_MAX_SSID_LEN];
81 size_t ssid_len;
82 u16 capability; /* host byte order */
83 int hw_mode;
84 int channel;
85 int freq;
86 int rssi, signal, noise;
87 u8 *wpa_ie;
88 size_t wpa_ie_len;
89 u8 *rsn_ie;
90 size_t rsn_ie_len;
91 u8 *wmm_ie;
92 size_t wmm_ie_len;
93#define IEEE80211_MAX_SUPP_RATES 32
94 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
95 size_t supp_rates_len;
96 int beacon_int;
97 u64 timestamp;
98
99 int probe_resp;
100 unsigned long last_update;
101
102};
103
104
105typedef enum {
106 TXRX_CONTINUE, TXRX_DROP, TXRX_QUEUED
107} ieee80211_txrx_result;
108
109struct ieee80211_txrx_data {
110 struct sk_buff *skb;
111 struct net_device *dev;
112 struct ieee80211_local *local;
113 struct ieee80211_sub_if_data *sdata;
114 struct sta_info *sta;
115 u16 fc, ethertype;
116 struct ieee80211_key *key;
117 unsigned int fragmented:1; /* whether the MSDU was fragmented */
118 union {
119 struct {
120 struct ieee80211_tx_control *control;
121 unsigned int unicast:1;
122 unsigned int ps_buffered:1;
123 unsigned int short_preamble:1;
124 unsigned int probe_last_frag:1;
125 struct ieee80211_hw_mode *mode;
126 struct ieee80211_rate *rate;
127 /* use this rate (if set) for last fragment; rate can
128 * be set to lower rate for the first fragments, e.g.,
129 * when using CTS protection with IEEE 802.11g. */
130 struct ieee80211_rate *last_frag_rate;
131 int last_frag_hwrate;
132 int mgmt_interface;
133
134 /* Extra fragments (in addition to the first fragment
135 * in skb) */
136 int num_extra_frag;
137 struct sk_buff **extra_frag;
138 } tx;
139 struct {
140 struct ieee80211_rx_status *status;
141 int sent_ps_buffered;
142 int queue;
143 int load;
144 unsigned int in_scan:1;
145 /* frame is destined to interface currently processed
146 * (including multicast frames) */
147 unsigned int ra_match:1;
148 } rx;
149 } u;
150};
151
152/* Stored in sk_buff->cb */
153struct ieee80211_tx_packet_data {
154 int ifindex;
155 unsigned long jiffies;
156 unsigned int req_tx_status:1;
157 unsigned int do_not_encrypt:1;
158 unsigned int requeue:1;
159 unsigned int mgmt_iface:1;
160 unsigned int queue:4;
161};
162
163struct ieee80211_tx_stored_packet {
164 struct ieee80211_tx_control control;
165 struct sk_buff *skb;
166 int num_extra_frag;
167 struct sk_buff **extra_frag;
168 int last_frag_rateidx;
169 int last_frag_hwrate;
170 struct ieee80211_rate *last_frag_rate;
171 unsigned int last_frag_rate_ctrl_probe:1;
172};
173
174typedef ieee80211_txrx_result (*ieee80211_tx_handler)
175(struct ieee80211_txrx_data *tx);
176
177typedef ieee80211_txrx_result (*ieee80211_rx_handler)
178(struct ieee80211_txrx_data *rx);
179
180struct ieee80211_if_ap {
181 u8 *beacon_head, *beacon_tail;
182 int beacon_head_len, beacon_tail_len;
183
184 u8 ssid[IEEE80211_MAX_SSID_LEN];
185 size_t ssid_len;
186 u8 *generic_elem;
187 size_t generic_elem_len;
188
189 /* yes, this looks ugly, but guarantees that we can later use
190 * bitmap_empty :)
191 * NB: don't ever use set_bit, use bss_tim_set/bss_tim_clear! */
192 u8 tim[sizeof(unsigned long) * BITS_TO_LONGS(IEEE80211_MAX_AID + 1)];
193 atomic_t num_sta_ps; /* number of stations in PS mode */
194 struct sk_buff_head ps_bc_buf;
195 int dtim_period, dtim_count;
196 int force_unicast_rateidx; /* forced TX rateidx for unicast frames */
197 int max_ratectrl_rateidx; /* max TX rateidx for rate control */
198 int num_beacons; /* number of TXed beacon frames for this BSS */
199};
200
201struct ieee80211_if_wds {
202 u8 remote_addr[ETH_ALEN];
203 struct sta_info *sta;
204};
205
206struct ieee80211_if_vlan {
207 u8 id;
208};
209
210struct ieee80211_if_sta {
211 enum {
212 IEEE80211_DISABLED, IEEE80211_AUTHENTICATE,
213 IEEE80211_ASSOCIATE, IEEE80211_ASSOCIATED,
214 IEEE80211_IBSS_SEARCH, IEEE80211_IBSS_JOINED
215 } state;
216 struct timer_list timer;
217 struct work_struct work;
218 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
219 u8 ssid[IEEE80211_MAX_SSID_LEN];
220 size_t ssid_len;
221 u16 aid;
222 u16 ap_capab, capab;
223 u8 *extra_ie; /* to be added to the end of AssocReq */
224 size_t extra_ie_len;
225
226 /* The last AssocReq/Resp IEs */
227 u8 *assocreq_ies, *assocresp_ies;
228 size_t assocreq_ies_len, assocresp_ies_len;
229
230 int auth_tries, assoc_tries;
231
232 unsigned int ssid_set:1;
233 unsigned int bssid_set:1;
234 unsigned int prev_bssid_set:1;
235 unsigned int authenticated:1;
236 unsigned int associated:1;
237 unsigned int probereq_poll:1;
238 unsigned int use_protection:1;
239 unsigned int create_ibss:1;
240 unsigned int mixed_cell:1;
241 unsigned int wmm_enabled:1;
242 unsigned int auto_ssid_sel:1;
243 unsigned int auto_bssid_sel:1;
244 unsigned int auto_channel_sel:1;
245#define IEEE80211_STA_REQ_SCAN 0
246#define IEEE80211_STA_REQ_AUTH 1
247#define IEEE80211_STA_REQ_RUN 2
248 unsigned long request;
249 struct sk_buff_head skb_queue;
250
251 int key_mgmt;
252 unsigned long last_probe;
253
254#define IEEE80211_AUTH_ALG_OPEN BIT(0)
255#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1)
256#define IEEE80211_AUTH_ALG_LEAP BIT(2)
257 unsigned int auth_algs; /* bitfield of allowed auth algs */
258 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */
259 int auth_transaction;
260
261 unsigned long ibss_join_req;
262 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */
263 u32 supp_rates_bits;
264
265 int wmm_last_param_set;
266};
267
268
269struct ieee80211_sub_if_data {
270 struct list_head list;
271 unsigned int type;
272
273 struct wireless_dev wdev;
274
275 struct net_device *dev;
276 struct ieee80211_local *local;
277
278 int mc_count;
279 unsigned int allmulti:1;
280 unsigned int promisc:1;
281
282 struct net_device_stats stats;
283 int drop_unencrypted;
284 int eapol; /* 0 = process EAPOL frames as normal data frames,
285 * 1 = send EAPOL frames through wlan#ap to hostapd
286 * (default) */
287 int ieee802_1x; /* IEEE 802.1X PAE - drop packet to/from unauthorized
288 * port */
289
290 u16 sequence;
291
292 /* Fragment table for host-based reassembly */
293 struct ieee80211_fragment_entry fragments[IEEE80211_FRAGMENT_MAX];
294 unsigned int fragment_next;
295
296#define NUM_DEFAULT_KEYS 4
297 struct ieee80211_key *keys[NUM_DEFAULT_KEYS];
298 struct ieee80211_key *default_key;
299
300 struct ieee80211_if_ap *bss; /* BSS that this device belongs to */
301
302 union {
303 struct ieee80211_if_ap ap;
304 struct ieee80211_if_wds wds;
305 struct ieee80211_if_vlan vlan;
306 struct ieee80211_if_sta sta;
307 } u;
308 int channel_use;
309 int channel_use_raw;
310
311#ifdef CONFIG_MAC80211_DEBUGFS
312 struct dentry *debugfsdir;
313 union {
314 struct {
315 struct dentry *channel_use;
316 struct dentry *drop_unencrypted;
317 struct dentry *eapol;
318 struct dentry *ieee8021_x;
319 struct dentry *state;
320 struct dentry *bssid;
321 struct dentry *prev_bssid;
322 struct dentry *ssid_len;
323 struct dentry *aid;
324 struct dentry *ap_capab;
325 struct dentry *capab;
326 struct dentry *extra_ie_len;
327 struct dentry *auth_tries;
328 struct dentry *assoc_tries;
329 struct dentry *auth_algs;
330 struct dentry *auth_alg;
331 struct dentry *auth_transaction;
332 struct dentry *flags;
333 } sta;
334 struct {
335 struct dentry *channel_use;
336 struct dentry *drop_unencrypted;
337 struct dentry *eapol;
338 struct dentry *ieee8021_x;
339 struct dentry *num_sta_ps;
340 struct dentry *dtim_period;
341 struct dentry *dtim_count;
342 struct dentry *num_beacons;
343 struct dentry *force_unicast_rateidx;
344 struct dentry *max_ratectrl_rateidx;
345 struct dentry *num_buffered_multicast;
346 struct dentry *beacon_head_len;
347 struct dentry *beacon_tail_len;
348 } ap;
349 struct {
350 struct dentry *channel_use;
351 struct dentry *drop_unencrypted;
352 struct dentry *eapol;
353 struct dentry *ieee8021_x;
354 struct dentry *peer;
355 } wds;
356 struct {
357 struct dentry *channel_use;
358 struct dentry *drop_unencrypted;
359 struct dentry *eapol;
360 struct dentry *ieee8021_x;
361 struct dentry *vlan_id;
362 } vlan;
363 struct {
364 struct dentry *mode;
365 } monitor;
366 struct dentry *default_key;
367 } debugfs;
368#endif
369};
370
371#define IEEE80211_DEV_TO_SUB_IF(dev) netdev_priv(dev)
372
373enum {
374 IEEE80211_RX_MSG = 1,
375 IEEE80211_TX_STATUS_MSG = 2,
376};
377
378struct ieee80211_local {
379 /* embed the driver visible part.
380 * don't cast (use the static inlines below), but we keep
381 * it first anyway so they become a no-op */
382 struct ieee80211_hw hw;
383
384 const struct ieee80211_ops *ops;
385
386 /* List of registered struct ieee80211_hw_mode */
387 struct list_head modes_list;
388
389 struct net_device *mdev; /* wmaster# - "master" 802.11 device */
390 struct net_device *apdev; /* wlan#ap - management frames (hostapd) */
391 int open_count;
392 int monitors;
393 struct iw_statistics wstats;
394 u8 wstats_flags;
395
396 enum {
397 IEEE80211_DEV_UNINITIALIZED = 0,
398 IEEE80211_DEV_REGISTERED,
399 IEEE80211_DEV_UNREGISTERED,
400 } reg_state;
401
402 /* Tasklet and skb queue to process calls from IRQ mode. All frames
403 * added to skb_queue will be processed, but frames in
404 * skb_queue_unreliable may be dropped if the total length of these
405 * queues increases over the limit. */
406#define IEEE80211_IRQSAFE_QUEUE_LIMIT 128
407 struct tasklet_struct tasklet;
408 struct sk_buff_head skb_queue;
409 struct sk_buff_head skb_queue_unreliable;
410
411 /* Station data structures */
412 spinlock_t sta_lock; /* mutex for STA data structures */
413 int num_sta; /* number of stations in sta_list */
414 struct list_head sta_list;
415 struct list_head deleted_sta_list;
416 struct sta_info *sta_hash[STA_HASH_SIZE];
417 struct timer_list sta_cleanup;
418
419 unsigned long state[NUM_TX_DATA_QUEUES];
420 struct ieee80211_tx_stored_packet pending_packet[NUM_TX_DATA_QUEUES];
421 struct tasklet_struct tx_pending_tasklet;
422
423 int mc_count; /* total count of multicast entries in all interfaces */
424 int iff_allmultis, iff_promiscs;
425 /* number of interfaces with corresponding IFF_ flags */
426
427 struct rate_control_ref *rate_ctrl;
428
429 int next_mode; /* MODE_IEEE80211*
430 * The mode preference for next channel change. This is
431 * used to select .11g vs. .11b channels (or 4.9 GHz vs.
432 * .11a) when the channel number is not unique. */
433
434 /* Supported and basic rate filters for different modes. These are
435 * pointers to -1 terminated lists and rates in 100 kbps units. */
436 int *supp_rates[NUM_IEEE80211_MODES];
437 int *basic_rates[NUM_IEEE80211_MODES];
438
439 int rts_threshold;
440 int cts_protect_erp_frames;
441 int fragmentation_threshold;
442 int short_retry_limit; /* dot11ShortRetryLimit */
443 int long_retry_limit; /* dot11LongRetryLimit */
444 int short_preamble; /* use short preamble with IEEE 802.11b */
445
446 struct crypto_blkcipher *wep_tx_tfm;
447 struct crypto_blkcipher *wep_rx_tfm;
448 u32 wep_iv;
449 int key_tx_rx_threshold; /* number of times any key can be used in TX
450 * or RX before generating a rekey
451 * notification; 0 = notification disabled. */
452
453 int bridge_packets; /* bridge packets between associated stations and
454 * deliver multicast frames both back to wireless
455 * media and to the local net stack */
456
457 ieee80211_rx_handler *rx_pre_handlers;
458 ieee80211_rx_handler *rx_handlers;
459 ieee80211_tx_handler *tx_handlers;
460
461 rwlock_t sub_if_lock; /* Protects sub_if_list. Cannot be taken under
462 * sta_bss_lock or sta_lock. */
463 struct list_head sub_if_list;
464 int sta_scanning;
465 int scan_channel_idx;
466 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state;
467 unsigned long last_scan_completed;
468 struct delayed_work scan_work;
469 struct net_device *scan_dev;
470 struct ieee80211_channel *oper_channel, *scan_channel;
471 struct ieee80211_hw_mode *oper_hw_mode, *scan_hw_mode;
472 u8 scan_ssid[IEEE80211_MAX_SSID_LEN];
473 size_t scan_ssid_len;
474 struct list_head sta_bss_list;
475 struct ieee80211_sta_bss *sta_bss_hash[STA_HASH_SIZE];
476 spinlock_t sta_bss_lock;
477#define IEEE80211_SCAN_MATCH_SSID BIT(0)
478#define IEEE80211_SCAN_WPA_ONLY BIT(1)
479#define IEEE80211_SCAN_EXTRA_INFO BIT(2)
480 int scan_flags;
481
482 /* SNMP counters */
483 /* dot11CountersTable */
484 u32 dot11TransmittedFragmentCount;
485 u32 dot11MulticastTransmittedFrameCount;
486 u32 dot11FailedCount;
487 u32 dot11RetryCount;
488 u32 dot11MultipleRetryCount;
489 u32 dot11FrameDuplicateCount;
490 u32 dot11ReceivedFragmentCount;
491 u32 dot11MulticastReceivedFrameCount;
492 u32 dot11TransmittedFrameCount;
493 u32 dot11WEPUndecryptableCount;
494
495#ifdef CONFIG_MAC80211_LEDS
496 int tx_led_counter, rx_led_counter;
497 struct led_trigger *tx_led, *rx_led;
498 char tx_led_name[32], rx_led_name[32];
499#endif
500
501 u32 channel_use;
502 u32 channel_use_raw;
503 u32 stat_time;
504 struct timer_list stat_timer;
505
506#ifdef CONFIG_MAC80211_DEBUGFS
507 struct work_struct sta_debugfs_add;
508#endif
509
510 enum {
511 STA_ANTENNA_SEL_AUTO = 0,
512 STA_ANTENNA_SEL_SW_CTRL = 1,
513 STA_ANTENNA_SEL_SW_CTRL_DEBUG = 2
514 } sta_antenna_sel;
515
516 int rate_ctrl_num_up, rate_ctrl_num_down;
517
518#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
519 /* TX/RX handler statistics */
520 unsigned int tx_handlers_drop;
521 unsigned int tx_handlers_queued;
522 unsigned int tx_handlers_drop_unencrypted;
523 unsigned int tx_handlers_drop_fragment;
524 unsigned int tx_handlers_drop_wep;
525 unsigned int tx_handlers_drop_not_assoc;
526 unsigned int tx_handlers_drop_unauth_port;
527 unsigned int rx_handlers_drop;
528 unsigned int rx_handlers_queued;
529 unsigned int rx_handlers_drop_nullfunc;
530 unsigned int rx_handlers_drop_defrag;
531 unsigned int rx_handlers_drop_short;
532 unsigned int rx_handlers_drop_passive_scan;
533 unsigned int tx_expand_skb_head;
534 unsigned int tx_expand_skb_head_cloned;
535 unsigned int rx_expand_skb_head;
536 unsigned int rx_expand_skb_head2;
537 unsigned int rx_handlers_fragments;
538 unsigned int tx_status_drop;
539 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES];
540 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
541#define I802_DEBUG_INC(c) (c)++
542#else /* CONFIG_MAC80211_DEBUG_COUNTERS */
543#define I802_DEBUG_INC(c) do { } while (0)
544#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */
545
546
547 int default_wep_only; /* only default WEP keys are used with this
548 * interface; this is used to decide when hwaccel
549 * can be used with default keys */
550 int total_ps_buffered; /* total number of all buffered unicast and
551 * multicast packets for power saving stations
552 */
553 int allow_broadcast_always; /* whether to allow TX of broadcast frames
554 * even when there are no associated STAs
555 */
556
557 int wifi_wme_noack_test;
558 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */
559
560 unsigned int enabled_modes; /* bitfield of allowed modes;
561 * (1 << MODE_*) */
562 unsigned int hw_modes; /* bitfield of supported hardware modes;
563 * (1 << MODE_*) */
564
565 int user_space_mlme;
566
567#ifdef CONFIG_MAC80211_DEBUGFS
568 struct local_debugfsdentries {
569 struct dentry *channel;
570 struct dentry *frequency;
571 struct dentry *radar_detect;
572 struct dentry *antenna_sel_tx;
573 struct dentry *antenna_sel_rx;
574 struct dentry *bridge_packets;
575 struct dentry *key_tx_rx_threshold;
576 struct dentry *rts_threshold;
577 struct dentry *fragmentation_threshold;
578 struct dentry *short_retry_limit;
579 struct dentry *long_retry_limit;
580 struct dentry *total_ps_buffered;
581 struct dentry *mode;
582 struct dentry *wep_iv;
583 struct dentry *tx_power_reduction;
584 struct dentry *modes;
585 struct dentry *statistics;
586 struct local_debugfsdentries_statsdentries {
587 struct dentry *transmitted_fragment_count;
588 struct dentry *multicast_transmitted_frame_count;
589 struct dentry *failed_count;
590 struct dentry *retry_count;
591 struct dentry *multiple_retry_count;
592 struct dentry *frame_duplicate_count;
593 struct dentry *received_fragment_count;
594 struct dentry *multicast_received_frame_count;
595 struct dentry *transmitted_frame_count;
596 struct dentry *wep_undecryptable_count;
597 struct dentry *num_scans;
598#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
599 struct dentry *tx_handlers_drop;
600 struct dentry *tx_handlers_queued;
601 struct dentry *tx_handlers_drop_unencrypted;
602 struct dentry *tx_handlers_drop_fragment;
603 struct dentry *tx_handlers_drop_wep;
604 struct dentry *tx_handlers_drop_not_assoc;
605 struct dentry *tx_handlers_drop_unauth_port;
606 struct dentry *rx_handlers_drop;
607 struct dentry *rx_handlers_queued;
608 struct dentry *rx_handlers_drop_nullfunc;
609 struct dentry *rx_handlers_drop_defrag;
610 struct dentry *rx_handlers_drop_short;
611 struct dentry *rx_handlers_drop_passive_scan;
612 struct dentry *tx_expand_skb_head;
613 struct dentry *tx_expand_skb_head_cloned;
614 struct dentry *rx_expand_skb_head;
615 struct dentry *rx_expand_skb_head2;
616 struct dentry *rx_handlers_fragments;
617 struct dentry *tx_status_drop;
618 struct dentry *wme_tx_queue;
619 struct dentry *wme_rx_queue;
620#endif
621 struct dentry *dot11ACKFailureCount;
622 struct dentry *dot11RTSFailureCount;
623 struct dentry *dot11FCSErrorCount;
624 struct dentry *dot11RTSSuccessCount;
625 } stats;
626 struct dentry *stations;
627 struct dentry *keys;
628 } debugfs;
629#endif
630};
631
632static inline struct ieee80211_local *hw_to_local(
633 struct ieee80211_hw *hw)
634{
635 return container_of(hw, struct ieee80211_local, hw);
636}
637
638static inline struct ieee80211_hw *local_to_hw(
639 struct ieee80211_local *local)
640{
641 return &local->hw;
642}
643
644enum ieee80211_link_state_t {
645 IEEE80211_LINK_STATE_XOFF = 0,
646 IEEE80211_LINK_STATE_PENDING,
647};
648
649struct sta_attribute {
650 struct attribute attr;
651 ssize_t (*show)(const struct sta_info *, char *buf);
652 ssize_t (*store)(struct sta_info *, const char *buf, size_t count);
653};
654
655static inline void __bss_tim_set(struct ieee80211_if_ap *bss, int aid)
656{
657 /*
658 * This format has ben mandated by the IEEE specifications,
659 * so this line may not be changed to use the __set_bit() format.
660 */
661 bss->tim[(aid)/8] |= 1<<((aid) % 8);
662}
663
664static inline void bss_tim_set(struct ieee80211_local *local,
665 struct ieee80211_if_ap *bss, int aid)
666{
667 spin_lock_bh(&local->sta_lock);
668 __bss_tim_set(bss, aid);
669 spin_unlock_bh(&local->sta_lock);
670}
671
672static inline void __bss_tim_clear(struct ieee80211_if_ap *bss, int aid)
673{
674 /*
675 * This format has ben mandated by the IEEE specifications,
676 * so this line may not be changed to use the __clear_bit() format.
677 */
678 bss->tim[(aid)/8] &= !(1<<((aid) % 8));
679}
680
681static inline void bss_tim_clear(struct ieee80211_local *local,
682 struct ieee80211_if_ap *bss, int aid)
683{
684 spin_lock_bh(&local->sta_lock);
685 __bss_tim_clear(bss, aid);
686 spin_unlock_bh(&local->sta_lock);
687}
688
689/**
690 * ieee80211_is_erp_rate - Check if a rate is an ERP rate
691 * @phymode: The PHY-mode for this rate (MODE_IEEE80211...)
692 * @rate: Transmission rate to check, in 100 kbps
693 *
694 * Check if a given rate is an Extended Rate PHY (ERP) rate.
695 */
696static inline int ieee80211_is_erp_rate(int phymode, int rate)
697{
698 if (phymode == MODE_IEEE80211G) {
699 if (rate != 10 && rate != 20 &&
700 rate != 55 && rate != 110)
701 return 1;
702 }
703 return 0;
704}
705
706/* ieee80211.c */
707int ieee80211_hw_config(struct ieee80211_local *local);
708int ieee80211_if_config(struct net_device *dev);
709int ieee80211_if_config_beacon(struct net_device *dev);
710struct ieee80211_key_conf *
711ieee80211_key_data2conf(struct ieee80211_local *local,
712 const struct ieee80211_key *data);
713struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
714 int idx, size_t key_len, gfp_t flags);
715void ieee80211_key_free(struct ieee80211_key *key);
716void ieee80211_rx_mgmt(struct ieee80211_local *local, struct sk_buff *skb,
717 struct ieee80211_rx_status *status, u32 msg_type);
718void ieee80211_prepare_rates(struct ieee80211_local *local,
719 struct ieee80211_hw_mode *mode);
720void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx);
721int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr);
722void ieee80211_if_setup(struct net_device *dev);
723void ieee80211_if_mgmt_setup(struct net_device *dev);
724int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
725 const char *name);
726struct net_device_stats *ieee80211_dev_stats(struct net_device *dev);
727
728/* ieee80211_ioctl.c */
729extern const struct iw_handler_def ieee80211_iw_handler_def;
730
731void ieee80211_update_default_wep_only(struct ieee80211_local *local);
732
733
734/* Least common multiple of the used rates (in 100 kbps). This is used to
735 * calculate rate_inv values for each rate so that only integers are needed. */
736#define CHAN_UTIL_RATE_LCM 95040
737/* 1 usec is 1/8 * (95040/10) = 1188 */
738#define CHAN_UTIL_PER_USEC 1188
739/* Amount of bits to shift the result right to scale the total utilization
740 * to values that will not wrap around 32-bit integers. */
741#define CHAN_UTIL_SHIFT 9
742/* Theoretical maximum of channel utilization counter in 10 ms (stat_time=1):
743 * (CHAN_UTIL_PER_USEC * 10000) >> CHAN_UTIL_SHIFT = 23203. So dividing the
744 * raw value with about 23 should give utilization in 10th of a percentage
745 * (1/1000). However, utilization is only estimated and not all intervals
746 * between frames etc. are calculated. 18 seems to give numbers that are closer
747 * to the real maximum. */
748#define CHAN_UTIL_PER_10MS 18
749#define CHAN_UTIL_HDR_LONG (202 * CHAN_UTIL_PER_USEC)
750#define CHAN_UTIL_HDR_SHORT (40 * CHAN_UTIL_PER_USEC)
751
752
753/* ieee80211_ioctl.c */
754int ieee80211_set_compression(struct ieee80211_local *local,
755 struct net_device *dev, struct sta_info *sta);
756int ieee80211_init_client(struct net_device *dev);
757int ieee80211_set_channel(struct ieee80211_local *local, int channel, int freq);
758/* ieee80211_sta.c */
759void ieee80211_sta_timer(unsigned long data);
760void ieee80211_sta_work(struct work_struct *work);
761void ieee80211_sta_scan_work(struct work_struct *work);
762void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
763 struct ieee80211_rx_status *rx_status);
764int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len);
765int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len);
766int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid);
767int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len);
768void ieee80211_sta_req_auth(struct net_device *dev,
769 struct ieee80211_if_sta *ifsta);
770int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len);
771void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
772 struct ieee80211_rx_status *rx_status);
773void ieee80211_rx_bss_list_init(struct net_device *dev);
774void ieee80211_rx_bss_list_deinit(struct net_device *dev);
775int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len);
776struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
777 struct sk_buff *skb, u8 *bssid,
778 u8 *addr);
779int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason);
780int ieee80211_sta_disassociate(struct net_device *dev, u16 reason);
781
782/* ieee80211_iface.c */
783int ieee80211_if_add(struct net_device *dev, const char *name,
784 struct net_device **new_dev, int type);
785void ieee80211_if_set_type(struct net_device *dev, int type);
786void ieee80211_if_reinit(struct net_device *dev);
787void __ieee80211_if_del(struct ieee80211_local *local,
788 struct ieee80211_sub_if_data *sdata);
789int ieee80211_if_remove(struct net_device *dev, const char *name, int id);
790void ieee80211_if_free(struct net_device *dev);
791void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata);
792int ieee80211_if_add_mgmt(struct ieee80211_local *local);
793void ieee80211_if_del_mgmt(struct ieee80211_local *local);
794
795/* for wiphy privid */
796extern void *mac80211_wiphy_privid;
797
798#endif /* IEEE80211_I_H */
diff --git a/net/mac80211/ieee80211_iface.c b/net/mac80211/ieee80211_iface.c
new file mode 100644
index 000000000000..cf0f32e8c2a2
--- /dev/null
+++ b/net/mac80211/ieee80211_iface.c
@@ -0,0 +1,352 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10#include <linux/kernel.h>
11#include <linux/if_arp.h>
12#include <linux/netdevice.h>
13#include <linux/rtnetlink.h>
14#include <net/mac80211.h>
15#include "ieee80211_i.h"
16#include "sta_info.h"
17#include "debugfs_netdev.h"
18
19void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata)
20{
21 int i;
22
23 /* Default values for sub-interface parameters */
24 sdata->drop_unencrypted = 0;
25 sdata->eapol = 1;
26 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++)
27 skb_queue_head_init(&sdata->fragments[i].skb_list);
28}
29
30static void ieee80211_if_sdata_deinit(struct ieee80211_sub_if_data *sdata)
31{
32 int i;
33
34 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) {
35 __skb_queue_purge(&sdata->fragments[i].skb_list);
36 }
37}
38
39/* Must be called with rtnl lock held. */
40int ieee80211_if_add(struct net_device *dev, const char *name,
41 struct net_device **new_dev, int type)
42{
43 struct net_device *ndev;
44 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
45 struct ieee80211_sub_if_data *sdata = NULL;
46 int ret;
47
48 ASSERT_RTNL();
49 ndev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
50 name, ieee80211_if_setup);
51 if (!ndev)
52 return -ENOMEM;
53
54 ret = dev_alloc_name(ndev, ndev->name);
55 if (ret < 0)
56 goto fail;
57
58 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
59 ndev->base_addr = dev->base_addr;
60 ndev->irq = dev->irq;
61 ndev->mem_start = dev->mem_start;
62 ndev->mem_end = dev->mem_end;
63 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
64
65 sdata = IEEE80211_DEV_TO_SUB_IF(ndev);
66 ndev->ieee80211_ptr = &sdata->wdev;
67 sdata->wdev.wiphy = local->hw.wiphy;
68 sdata->type = IEEE80211_IF_TYPE_AP;
69 sdata->dev = ndev;
70 sdata->local = local;
71 ieee80211_if_sdata_init(sdata);
72
73 ret = register_netdevice(ndev);
74 if (ret)
75 goto fail;
76
77 ieee80211_debugfs_add_netdev(sdata);
78 ieee80211_if_set_type(ndev, type);
79
80 write_lock_bh(&local->sub_if_lock);
81 if (unlikely(local->reg_state == IEEE80211_DEV_UNREGISTERED)) {
82 write_unlock_bh(&local->sub_if_lock);
83 __ieee80211_if_del(local, sdata);
84 return -ENODEV;
85 }
86 list_add(&sdata->list, &local->sub_if_list);
87 if (new_dev)
88 *new_dev = ndev;
89 write_unlock_bh(&local->sub_if_lock);
90
91 ieee80211_update_default_wep_only(local);
92
93 return 0;
94
95fail:
96 free_netdev(ndev);
97 return ret;
98}
99
100int ieee80211_if_add_mgmt(struct ieee80211_local *local)
101{
102 struct net_device *ndev;
103 struct ieee80211_sub_if_data *nsdata;
104 int ret;
105
106 ASSERT_RTNL();
107
108 ndev = alloc_netdev(sizeof(struct ieee80211_sub_if_data), "wmgmt%d",
109 ieee80211_if_mgmt_setup);
110 if (!ndev)
111 return -ENOMEM;
112 ret = dev_alloc_name(ndev, ndev->name);
113 if (ret < 0)
114 goto fail;
115
116 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
117 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
118
119 nsdata = IEEE80211_DEV_TO_SUB_IF(ndev);
120 ndev->ieee80211_ptr = &nsdata->wdev;
121 nsdata->wdev.wiphy = local->hw.wiphy;
122 nsdata->type = IEEE80211_IF_TYPE_MGMT;
123 nsdata->dev = ndev;
124 nsdata->local = local;
125 ieee80211_if_sdata_init(nsdata);
126
127 ret = register_netdevice(ndev);
128 if (ret)
129 goto fail;
130
131 ieee80211_debugfs_add_netdev(nsdata);
132
133 if (local->open_count > 0)
134 dev_open(ndev);
135 local->apdev = ndev;
136 return 0;
137
138fail:
139 free_netdev(ndev);
140 return ret;
141}
142
143void ieee80211_if_del_mgmt(struct ieee80211_local *local)
144{
145 struct net_device *apdev;
146
147 ASSERT_RTNL();
148 apdev = local->apdev;
149 ieee80211_debugfs_remove_netdev(IEEE80211_DEV_TO_SUB_IF(apdev));
150 local->apdev = NULL;
151 unregister_netdevice(apdev);
152}
153
154void ieee80211_if_set_type(struct net_device *dev, int type)
155{
156 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
157 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
158 int oldtype = sdata->type;
159
160 sdata->type = type;
161 switch (type) {
162 case IEEE80211_IF_TYPE_WDS:
163 sdata->bss = NULL;
164 break;
165 case IEEE80211_IF_TYPE_VLAN:
166 break;
167 case IEEE80211_IF_TYPE_AP:
168 sdata->u.ap.dtim_period = 2;
169 sdata->u.ap.force_unicast_rateidx = -1;
170 sdata->u.ap.max_ratectrl_rateidx = -1;
171 skb_queue_head_init(&sdata->u.ap.ps_bc_buf);
172 sdata->bss = &sdata->u.ap;
173 break;
174 case IEEE80211_IF_TYPE_STA:
175 case IEEE80211_IF_TYPE_IBSS: {
176 struct ieee80211_sub_if_data *msdata;
177 struct ieee80211_if_sta *ifsta;
178
179 ifsta = &sdata->u.sta;
180 INIT_WORK(&ifsta->work, ieee80211_sta_work);
181 setup_timer(&ifsta->timer, ieee80211_sta_timer,
182 (unsigned long) sdata);
183 skb_queue_head_init(&ifsta->skb_queue);
184
185 ifsta->capab = WLAN_CAPABILITY_ESS;
186 ifsta->auth_algs = IEEE80211_AUTH_ALG_OPEN |
187 IEEE80211_AUTH_ALG_SHARED_KEY;
188 ifsta->create_ibss = 1;
189 ifsta->wmm_enabled = 1;
190 ifsta->auto_channel_sel = 1;
191 ifsta->auto_bssid_sel = 1;
192
193 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev);
194 sdata->bss = &msdata->u.ap;
195 break;
196 }
197 case IEEE80211_IF_TYPE_MNTR:
198 dev->type = ARPHRD_IEEE80211_RADIOTAP;
199 break;
200 default:
201 printk(KERN_WARNING "%s: %s: Unknown interface type 0x%x",
202 dev->name, __FUNCTION__, type);
203 }
204 ieee80211_debugfs_change_if_type(sdata, oldtype);
205 ieee80211_update_default_wep_only(local);
206}
207
208/* Must be called with rtnl lock held. */
209void ieee80211_if_reinit(struct net_device *dev)
210{
211 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
212 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
213 struct sta_info *sta;
214 int i;
215
216 ASSERT_RTNL();
217 ieee80211_if_sdata_deinit(sdata);
218 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
219 if (!sdata->keys[i])
220 continue;
221#if 0
222 /* The interface is down at the moment, so there is not
223 * really much point in disabling the keys at this point. */
224 memset(addr, 0xff, ETH_ALEN);
225 if (local->ops->set_key)
226 local->ops->set_key(local_to_hw(local), DISABLE_KEY, addr,
227 local->keys[i], 0);
228#endif
229 ieee80211_key_free(sdata->keys[i]);
230 sdata->keys[i] = NULL;
231 }
232
233 switch (sdata->type) {
234 case IEEE80211_IF_TYPE_AP: {
235 /* Remove all virtual interfaces that use this BSS
236 * as their sdata->bss */
237 struct ieee80211_sub_if_data *tsdata, *n;
238 LIST_HEAD(tmp_list);
239
240 write_lock_bh(&local->sub_if_lock);
241 list_for_each_entry_safe(tsdata, n, &local->sub_if_list, list) {
242 if (tsdata != sdata && tsdata->bss == &sdata->u.ap) {
243 printk(KERN_DEBUG "%s: removing virtual "
244 "interface %s because its BSS interface"
245 " is being removed\n",
246 sdata->dev->name, tsdata->dev->name);
247 list_move_tail(&tsdata->list, &tmp_list);
248 }
249 }
250 write_unlock_bh(&local->sub_if_lock);
251
252 list_for_each_entry_safe(tsdata, n, &tmp_list, list)
253 __ieee80211_if_del(local, tsdata);
254
255 kfree(sdata->u.ap.beacon_head);
256 kfree(sdata->u.ap.beacon_tail);
257 kfree(sdata->u.ap.generic_elem);
258
259 if (dev != local->mdev) {
260 struct sk_buff *skb;
261 while ((skb = skb_dequeue(&sdata->u.ap.ps_bc_buf))) {
262 local->total_ps_buffered--;
263 dev_kfree_skb(skb);
264 }
265 }
266
267 break;
268 }
269 case IEEE80211_IF_TYPE_WDS:
270 sta = sta_info_get(local, sdata->u.wds.remote_addr);
271 if (sta) {
272 sta_info_put(sta);
273 sta_info_free(sta, 0);
274 } else {
275#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
276 printk(KERN_DEBUG "%s: Someone had deleted my STA "
277 "entry for the WDS link\n", dev->name);
278#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
279 }
280 break;
281 case IEEE80211_IF_TYPE_STA:
282 case IEEE80211_IF_TYPE_IBSS:
283 kfree(sdata->u.sta.extra_ie);
284 sdata->u.sta.extra_ie = NULL;
285 kfree(sdata->u.sta.assocreq_ies);
286 sdata->u.sta.assocreq_ies = NULL;
287 kfree(sdata->u.sta.assocresp_ies);
288 sdata->u.sta.assocresp_ies = NULL;
289 if (sdata->u.sta.probe_resp) {
290 dev_kfree_skb(sdata->u.sta.probe_resp);
291 sdata->u.sta.probe_resp = NULL;
292 }
293
294 break;
295 case IEEE80211_IF_TYPE_MNTR:
296 dev->type = ARPHRD_ETHER;
297 break;
298 }
299
300 /* remove all STAs that are bound to this virtual interface */
301 sta_info_flush(local, dev);
302
303 memset(&sdata->u, 0, sizeof(sdata->u));
304 ieee80211_if_sdata_init(sdata);
305}
306
307/* Must be called with rtnl lock held. */
308void __ieee80211_if_del(struct ieee80211_local *local,
309 struct ieee80211_sub_if_data *sdata)
310{
311 struct net_device *dev = sdata->dev;
312
313 ieee80211_debugfs_remove_netdev(sdata);
314 unregister_netdevice(dev);
315 /* Except master interface, the net_device will be freed by
316 * net_device->destructor (i. e. ieee80211_if_free). */
317}
318
319/* Must be called with rtnl lock held. */
320int ieee80211_if_remove(struct net_device *dev, const char *name, int id)
321{
322 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
323 struct ieee80211_sub_if_data *sdata, *n;
324
325 ASSERT_RTNL();
326
327 write_lock_bh(&local->sub_if_lock);
328 list_for_each_entry_safe(sdata, n, &local->sub_if_list, list) {
329 if ((sdata->type == id || id == -1) &&
330 strcmp(name, sdata->dev->name) == 0 &&
331 sdata->dev != local->mdev) {
332 list_del(&sdata->list);
333 write_unlock_bh(&local->sub_if_lock);
334 __ieee80211_if_del(local, sdata);
335 ieee80211_update_default_wep_only(local);
336 return 0;
337 }
338 }
339 write_unlock_bh(&local->sub_if_lock);
340 return -ENODEV;
341}
342
343void ieee80211_if_free(struct net_device *dev)
344{
345 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
346 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
347
348 /* local->apdev must be NULL when freeing management interface */
349 BUG_ON(dev == local->apdev);
350 ieee80211_if_sdata_deinit(sdata);
351 free_netdev(dev);
352}
diff --git a/net/mac80211/ieee80211_ioctl.c b/net/mac80211/ieee80211_ioctl.c
new file mode 100644
index 000000000000..352f03bd8a3a
--- /dev/null
+++ b/net/mac80211/ieee80211_ioctl.c
@@ -0,0 +1,1822 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/init.h>
12#include <linux/netdevice.h>
13#include <linux/types.h>
14#include <linux/slab.h>
15#include <linux/skbuff.h>
16#include <linux/etherdevice.h>
17#include <linux/if_arp.h>
18#include <linux/wireless.h>
19#include <net/iw_handler.h>
20#include <asm/uaccess.h>
21
22#include <net/mac80211.h>
23#include "ieee80211_i.h"
24#include "hostapd_ioctl.h"
25#include "ieee80211_rate.h"
26#include "wpa.h"
27#include "aes_ccm.h"
28#include "debugfs_key.h"
29
30static int ieee80211_regdom = 0x10; /* FCC */
31module_param(ieee80211_regdom, int, 0444);
32MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain; 64=MKK");
33
34/*
35 * If firmware is upgraded by the vendor, additional channels can be used based
36 * on the new Japanese regulatory rules. This is indicated by setting
37 * ieee80211_japan_5ghz module parameter to one when loading the 80211 kernel
38 * module.
39 */
40static int ieee80211_japan_5ghz /* = 0 */;
41module_param(ieee80211_japan_5ghz, int, 0444);
42MODULE_PARM_DESC(ieee80211_japan_5ghz, "Vendor-updated firmware for 5 GHz");
43
44static void ieee80211_set_hw_encryption(struct net_device *dev,
45 struct sta_info *sta, u8 addr[ETH_ALEN],
46 struct ieee80211_key *key)
47{
48 struct ieee80211_key_conf *keyconf = NULL;
49 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
50
51 /* default to sw encryption; this will be cleared by low-level
52 * driver if the hw supports requested encryption */
53 if (key)
54 key->force_sw_encrypt = 1;
55
56 if (key && local->ops->set_key &&
57 (keyconf = ieee80211_key_data2conf(local, key))) {
58 if (local->ops->set_key(local_to_hw(local), SET_KEY, addr,
59 keyconf, sta ? sta->aid : 0)) {
60 key->force_sw_encrypt = 1;
61 key->hw_key_idx = HW_KEY_IDX_INVALID;
62 } else {
63 key->force_sw_encrypt =
64 !!(keyconf->flags & IEEE80211_KEY_FORCE_SW_ENCRYPT);
65 key->hw_key_idx =
66 keyconf->hw_key_idx;
67
68 }
69 }
70 kfree(keyconf);
71}
72
73
74static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
75 int idx, int alg, int set_tx_key,
76 const u8 *_key, size_t key_len)
77{
78 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
79 int ret = 0;
80 struct sta_info *sta;
81 struct ieee80211_key *key, *old_key;
82 int try_hwaccel = 1;
83 struct ieee80211_key_conf *keyconf;
84 struct ieee80211_sub_if_data *sdata;
85
86 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
87
88 if (is_broadcast_ether_addr(sta_addr)) {
89 sta = NULL;
90 if (idx >= NUM_DEFAULT_KEYS) {
91 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
92 dev->name, idx);
93 return -EINVAL;
94 }
95 key = sdata->keys[idx];
96
97 /* TODO: consider adding hwaccel support for these; at least
98 * Atheros key cache should be able to handle this since AP is
99 * only transmitting frames with default keys. */
100 /* FIX: hw key cache can be used when only one virtual
101 * STA is associated with each AP. If more than one STA
102 * is associated to the same AP, software encryption
103 * must be used. This should be done automatically
104 * based on configured station devices. For the time
105 * being, this can be only set at compile time. */
106 } else {
107 set_tx_key = 0;
108 if (idx != 0) {
109 printk(KERN_DEBUG "%s: set_encrypt - non-zero idx for "
110 "individual key\n", dev->name);
111 return -EINVAL;
112 }
113
114 sta = sta_info_get(local, sta_addr);
115 if (!sta) {
116#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
117 printk(KERN_DEBUG "%s: set_encrypt - unknown addr "
118 MAC_FMT "\n",
119 dev->name, MAC_ARG(sta_addr));
120#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
121
122 return -ENOENT;
123 }
124
125 key = sta->key;
126 }
127
128 /* FIX:
129 * Cannot configure default hwaccel keys with WEP algorithm, if
130 * any of the virtual interfaces is using static WEP
131 * configuration because hwaccel would otherwise try to decrypt
132 * these frames.
133 *
134 * For now, just disable WEP hwaccel for broadcast when there is
135 * possibility of conflict with default keys. This can maybe later be
136 * optimized by using non-default keys (at least with Atheros ar521x).
137 */
138 if (!sta && alg == ALG_WEP && !local->default_wep_only &&
139 sdata->type != IEEE80211_IF_TYPE_IBSS &&
140 sdata->type != IEEE80211_IF_TYPE_AP) {
141 try_hwaccel = 0;
142 }
143
144 if (local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) {
145 /* Software encryption cannot be used with devices that hide
146 * encryption from the host system, so always try to use
147 * hardware acceleration with such devices. */
148 try_hwaccel = 1;
149 }
150
151 if ((local->hw.flags & IEEE80211_HW_NO_TKIP_WMM_HWACCEL) &&
152 alg == ALG_TKIP) {
153 if (sta && (sta->flags & WLAN_STA_WME)) {
154 /* Hardware does not support hwaccel with TKIP when using WMM.
155 */
156 try_hwaccel = 0;
157 }
158 else if (sdata->type == IEEE80211_IF_TYPE_STA) {
159 sta = sta_info_get(local, sdata->u.sta.bssid);
160 if (sta) {
161 if (sta->flags & WLAN_STA_WME) {
162 try_hwaccel = 0;
163 }
164 sta_info_put(sta);
165 sta = NULL;
166 }
167 }
168 }
169
170 if (alg == ALG_NONE) {
171 keyconf = NULL;
172 if (try_hwaccel && key &&
173 key->hw_key_idx != HW_KEY_IDX_INVALID &&
174 local->ops->set_key &&
175 (keyconf = ieee80211_key_data2conf(local, key)) != NULL &&
176 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
177 sta_addr, keyconf, sta ? sta->aid : 0)) {
178 printk(KERN_DEBUG "%s: set_encrypt - low-level disable"
179 " failed\n", dev->name);
180 ret = -EINVAL;
181 }
182 kfree(keyconf);
183
184 if (set_tx_key || sdata->default_key == key) {
185 ieee80211_debugfs_key_remove_default(sdata);
186 sdata->default_key = NULL;
187 }
188 ieee80211_debugfs_key_remove(key);
189 if (sta)
190 sta->key = NULL;
191 else
192 sdata->keys[idx] = NULL;
193 ieee80211_key_free(key);
194 key = NULL;
195 } else {
196 old_key = key;
197 key = ieee80211_key_alloc(sta ? NULL : sdata, idx, key_len,
198 GFP_KERNEL);
199 if (!key) {
200 ret = -ENOMEM;
201 goto err_out;
202 }
203
204 /* default to sw encryption; low-level driver sets these if the
205 * requested encryption is supported */
206 key->hw_key_idx = HW_KEY_IDX_INVALID;
207 key->force_sw_encrypt = 1;
208
209 key->alg = alg;
210 key->keyidx = idx;
211 key->keylen = key_len;
212 memcpy(key->key, _key, key_len);
213 if (set_tx_key)
214 key->default_tx_key = 1;
215
216 if (alg == ALG_CCMP) {
217 /* Initialize AES key state here as an optimization
218 * so that it does not need to be initialized for every
219 * packet. */
220 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
221 key->key);
222 if (!key->u.ccmp.tfm) {
223 ret = -ENOMEM;
224 goto err_free;
225 }
226 }
227
228 if (set_tx_key || sdata->default_key == old_key) {
229 ieee80211_debugfs_key_remove_default(sdata);
230 sdata->default_key = NULL;
231 }
232 ieee80211_debugfs_key_remove(old_key);
233 if (sta)
234 sta->key = key;
235 else
236 sdata->keys[idx] = key;
237 ieee80211_key_free(old_key);
238 ieee80211_debugfs_key_add(local, key);
239 if (sta)
240 ieee80211_debugfs_key_sta_link(key, sta);
241
242 if (try_hwaccel &&
243 (alg == ALG_WEP || alg == ALG_TKIP || alg == ALG_CCMP))
244 ieee80211_set_hw_encryption(dev, sta, sta_addr, key);
245 }
246
247 if (set_tx_key || (!sta && !sdata->default_key && key)) {
248 sdata->default_key = key;
249 if (key)
250 ieee80211_debugfs_key_add_default(sdata);
251
252 if (local->ops->set_key_idx &&
253 local->ops->set_key_idx(local_to_hw(local), idx))
254 printk(KERN_DEBUG "%s: failed to set TX key idx for "
255 "low-level driver\n", dev->name);
256 }
257
258 if (sta)
259 sta_info_put(sta);
260
261 return 0;
262
263err_free:
264 ieee80211_key_free(key);
265err_out:
266 if (sta)
267 sta_info_put(sta);
268 return ret;
269}
270
271static int ieee80211_ioctl_siwgenie(struct net_device *dev,
272 struct iw_request_info *info,
273 struct iw_point *data, char *extra)
274{
275 struct ieee80211_sub_if_data *sdata;
276 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
277
278 if (local->user_space_mlme)
279 return -EOPNOTSUPP;
280
281 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
282 if (sdata->type == IEEE80211_IF_TYPE_STA ||
283 sdata->type == IEEE80211_IF_TYPE_IBSS) {
284 int ret = ieee80211_sta_set_extra_ie(dev, extra, data->length);
285 if (ret)
286 return ret;
287 sdata->u.sta.auto_bssid_sel = 0;
288 ieee80211_sta_req_auth(dev, &sdata->u.sta);
289 return 0;
290 }
291
292 if (sdata->type == IEEE80211_IF_TYPE_AP) {
293 kfree(sdata->u.ap.generic_elem);
294 sdata->u.ap.generic_elem = kmalloc(data->length, GFP_KERNEL);
295 if (!sdata->u.ap.generic_elem)
296 return -ENOMEM;
297 memcpy(sdata->u.ap.generic_elem, extra, data->length);
298 sdata->u.ap.generic_elem_len = data->length;
299 return ieee80211_if_config(dev);
300 }
301 return -EOPNOTSUPP;
302}
303
304static int ieee80211_ioctl_set_radio_enabled(struct net_device *dev,
305 int val)
306{
307 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
308 struct ieee80211_conf *conf = &local->hw.conf;
309
310 conf->radio_enabled = val;
311 return ieee80211_hw_config(wdev_priv(dev->ieee80211_ptr));
312}
313
314static int ieee80211_ioctl_giwname(struct net_device *dev,
315 struct iw_request_info *info,
316 char *name, char *extra)
317{
318 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
319
320 switch (local->hw.conf.phymode) {
321 case MODE_IEEE80211A:
322 strcpy(name, "IEEE 802.11a");
323 break;
324 case MODE_IEEE80211B:
325 strcpy(name, "IEEE 802.11b");
326 break;
327 case MODE_IEEE80211G:
328 strcpy(name, "IEEE 802.11g");
329 break;
330 case MODE_ATHEROS_TURBO:
331 strcpy(name, "5GHz Turbo");
332 break;
333 default:
334 strcpy(name, "IEEE 802.11");
335 break;
336 }
337
338 return 0;
339}
340
341
342static int ieee80211_ioctl_giwrange(struct net_device *dev,
343 struct iw_request_info *info,
344 struct iw_point *data, char *extra)
345{
346 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
347 struct iw_range *range = (struct iw_range *) extra;
348
349 data->length = sizeof(struct iw_range);
350 memset(range, 0, sizeof(struct iw_range));
351
352 range->we_version_compiled = WIRELESS_EXT;
353 range->we_version_source = 21;
354 range->retry_capa = IW_RETRY_LIMIT;
355 range->retry_flags = IW_RETRY_LIMIT;
356 range->min_retry = 0;
357 range->max_retry = 255;
358 range->min_rts = 0;
359 range->max_rts = 2347;
360 range->min_frag = 256;
361 range->max_frag = 2346;
362
363 range->encoding_size[0] = 5;
364 range->encoding_size[1] = 13;
365 range->num_encoding_sizes = 2;
366 range->max_encoding_tokens = NUM_DEFAULT_KEYS;
367
368 range->max_qual.qual = local->hw.max_signal;
369 range->max_qual.level = local->hw.max_rssi;
370 range->max_qual.noise = local->hw.max_noise;
371 range->max_qual.updated = local->wstats_flags;
372
373 range->avg_qual.qual = local->hw.max_signal/2;
374 range->avg_qual.level = 0;
375 range->avg_qual.noise = 0;
376 range->avg_qual.updated = local->wstats_flags;
377
378 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
379 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;
380
381 IW_EVENT_CAPA_SET_KERNEL(range->event_capa);
382 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWTHRSPY);
383 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
384 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
385
386 return 0;
387}
388
389
390struct ieee80211_channel_range {
391 short start_freq;
392 short end_freq;
393 unsigned char power_level;
394 unsigned char antenna_max;
395};
396
397static const struct ieee80211_channel_range ieee80211_fcc_channels[] = {
398 { 2412, 2462, 27, 6 } /* IEEE 802.11b/g, channels 1..11 */,
399 { 5180, 5240, 17, 6 } /* IEEE 802.11a, channels 36..48 */,
400 { 5260, 5320, 23, 6 } /* IEEE 802.11a, channels 52..64 */,
401 { 5745, 5825, 30, 6 } /* IEEE 802.11a, channels 149..165, outdoor */,
402 { 0 }
403};
404
405static const struct ieee80211_channel_range ieee80211_mkk_channels[] = {
406 { 2412, 2472, 20, 6 } /* IEEE 802.11b/g, channels 1..13 */,
407 { 5170, 5240, 20, 6 } /* IEEE 802.11a, channels 34..48 */,
408 { 5260, 5320, 20, 6 } /* IEEE 802.11a, channels 52..64 */,
409 { 0 }
410};
411
412
413static const struct ieee80211_channel_range *channel_range =
414 ieee80211_fcc_channels;
415
416
417static void ieee80211_unmask_channel(struct net_device *dev, int mode,
418 struct ieee80211_channel *chan)
419{
420 int i;
421
422 chan->flag = 0;
423
424 if (ieee80211_regdom == 64 &&
425 (mode == MODE_ATHEROS_TURBO || mode == MODE_ATHEROS_TURBOG)) {
426 /* Do not allow Turbo modes in Japan. */
427 return;
428 }
429
430 for (i = 0; channel_range[i].start_freq; i++) {
431 const struct ieee80211_channel_range *r = &channel_range[i];
432 if (r->start_freq <= chan->freq && r->end_freq >= chan->freq) {
433 if (ieee80211_regdom == 64 && !ieee80211_japan_5ghz &&
434 chan->freq >= 5260 && chan->freq <= 5320) {
435 /*
436 * Skip new channels in Japan since the
437 * firmware was not marked having been upgraded
438 * by the vendor.
439 */
440 continue;
441 }
442
443 if (ieee80211_regdom == 0x10 &&
444 (chan->freq == 5190 || chan->freq == 5210 ||
445 chan->freq == 5230)) {
446 /* Skip MKK channels when in FCC domain. */
447 continue;
448 }
449
450 chan->flag |= IEEE80211_CHAN_W_SCAN |
451 IEEE80211_CHAN_W_ACTIVE_SCAN |
452 IEEE80211_CHAN_W_IBSS;
453 chan->power_level = r->power_level;
454 chan->antenna_max = r->antenna_max;
455
456 if (ieee80211_regdom == 64 &&
457 (chan->freq == 5170 || chan->freq == 5190 ||
458 chan->freq == 5210 || chan->freq == 5230)) {
459 /*
460 * New regulatory rules in Japan have backwards
461 * compatibility with old channels in 5.15-5.25
462 * GHz band, but the station is not allowed to
463 * use active scan on these old channels.
464 */
465 chan->flag &= ~IEEE80211_CHAN_W_ACTIVE_SCAN;
466 }
467
468 if (ieee80211_regdom == 64 &&
469 (chan->freq == 5260 || chan->freq == 5280 ||
470 chan->freq == 5300 || chan->freq == 5320)) {
471 /*
472 * IBSS is not allowed on 5.25-5.35 GHz band
473 * due to radar detection requirements.
474 */
475 chan->flag &= ~IEEE80211_CHAN_W_IBSS;
476 }
477
478 break;
479 }
480 }
481}
482
483
484static int ieee80211_unmask_channels(struct net_device *dev)
485{
486 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
487 struct ieee80211_hw_mode *mode;
488 int c;
489
490 list_for_each_entry(mode, &local->modes_list, list) {
491 for (c = 0; c < mode->num_channels; c++) {
492 ieee80211_unmask_channel(dev, mode->mode,
493 &mode->channels[c]);
494 }
495 }
496 return 0;
497}
498
499
500int ieee80211_init_client(struct net_device *dev)
501{
502 if (ieee80211_regdom == 0x40)
503 channel_range = ieee80211_mkk_channels;
504 ieee80211_unmask_channels(dev);
505 return 0;
506}
507
508
509static int ieee80211_ioctl_siwmode(struct net_device *dev,
510 struct iw_request_info *info,
511 __u32 *mode, char *extra)
512{
513 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
514 int type;
515
516 if (sdata->type == IEEE80211_IF_TYPE_VLAN)
517 return -EOPNOTSUPP;
518
519 switch (*mode) {
520 case IW_MODE_INFRA:
521 type = IEEE80211_IF_TYPE_STA;
522 break;
523 case IW_MODE_ADHOC:
524 type = IEEE80211_IF_TYPE_IBSS;
525 break;
526 case IW_MODE_MONITOR:
527 type = IEEE80211_IF_TYPE_MNTR;
528 break;
529 default:
530 return -EINVAL;
531 }
532
533 if (type == sdata->type)
534 return 0;
535 if (netif_running(dev))
536 return -EBUSY;
537
538 ieee80211_if_reinit(dev);
539 ieee80211_if_set_type(dev, type);
540
541 return 0;
542}
543
544
545static int ieee80211_ioctl_giwmode(struct net_device *dev,
546 struct iw_request_info *info,
547 __u32 *mode, char *extra)
548{
549 struct ieee80211_sub_if_data *sdata;
550
551 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
552 switch (sdata->type) {
553 case IEEE80211_IF_TYPE_AP:
554 *mode = IW_MODE_MASTER;
555 break;
556 case IEEE80211_IF_TYPE_STA:
557 *mode = IW_MODE_INFRA;
558 break;
559 case IEEE80211_IF_TYPE_IBSS:
560 *mode = IW_MODE_ADHOC;
561 break;
562 case IEEE80211_IF_TYPE_MNTR:
563 *mode = IW_MODE_MONITOR;
564 break;
565 case IEEE80211_IF_TYPE_WDS:
566 *mode = IW_MODE_REPEAT;
567 break;
568 case IEEE80211_IF_TYPE_VLAN:
569 *mode = IW_MODE_SECOND; /* FIXME */
570 break;
571 default:
572 *mode = IW_MODE_AUTO;
573 break;
574 }
575 return 0;
576}
577
578int ieee80211_set_channel(struct ieee80211_local *local, int channel, int freq)
579{
580 struct ieee80211_hw_mode *mode;
581 int c, set = 0;
582 int ret = -EINVAL;
583
584 list_for_each_entry(mode, &local->modes_list, list) {
585 if (!(local->enabled_modes & (1 << mode->mode)))
586 continue;
587 for (c = 0; c < mode->num_channels; c++) {
588 struct ieee80211_channel *chan = &mode->channels[c];
589 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
590 ((chan->chan == channel) || (chan->freq == freq))) {
591 /* Use next_mode as the mode preference to
592 * resolve non-unique channel numbers. */
593 if (set && mode->mode != local->next_mode)
594 continue;
595
596 local->oper_channel = chan;
597 local->oper_hw_mode = mode;
598 set++;
599 }
600 }
601 }
602
603 if (set) {
604 if (local->sta_scanning)
605 ret = 0;
606 else
607 ret = ieee80211_hw_config(local);
608
609 rate_control_clear(local);
610 }
611
612 return ret;
613}
614
615static int ieee80211_ioctl_siwfreq(struct net_device *dev,
616 struct iw_request_info *info,
617 struct iw_freq *freq, char *extra)
618{
619 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
620 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
621
622 if (sdata->type == IEEE80211_IF_TYPE_STA)
623 sdata->u.sta.auto_channel_sel = 0;
624
625 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */
626 if (freq->e == 0) {
627 if (freq->m < 0) {
628 if (sdata->type == IEEE80211_IF_TYPE_STA)
629 sdata->u.sta.auto_channel_sel = 1;
630 return 0;
631 } else
632 return ieee80211_set_channel(local, freq->m, -1);
633 } else {
634 int i, div = 1000000;
635 for (i = 0; i < freq->e; i++)
636 div /= 10;
637 if (div > 0)
638 return ieee80211_set_channel(local, -1, freq->m / div);
639 else
640 return -EINVAL;
641 }
642}
643
644
645static int ieee80211_ioctl_giwfreq(struct net_device *dev,
646 struct iw_request_info *info,
647 struct iw_freq *freq, char *extra)
648{
649 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
650
651 /* TODO: in station mode (Managed/Ad-hoc) might need to poll low-level
652 * driver for the current channel with firmware-based management */
653
654 freq->m = local->hw.conf.freq;
655 freq->e = 6;
656
657 return 0;
658}
659
660
661static int ieee80211_ioctl_siwessid(struct net_device *dev,
662 struct iw_request_info *info,
663 struct iw_point *data, char *ssid)
664{
665 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
666 struct ieee80211_sub_if_data *sdata;
667 size_t len = data->length;
668
669 /* iwconfig uses nul termination in SSID.. */
670 if (len > 0 && ssid[len - 1] == '\0')
671 len--;
672
673 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
674 if (sdata->type == IEEE80211_IF_TYPE_STA ||
675 sdata->type == IEEE80211_IF_TYPE_IBSS) {
676 int ret;
677 if (local->user_space_mlme) {
678 if (len > IEEE80211_MAX_SSID_LEN)
679 return -EINVAL;
680 memcpy(sdata->u.sta.ssid, ssid, len);
681 sdata->u.sta.ssid_len = len;
682 return 0;
683 }
684 sdata->u.sta.auto_ssid_sel = !data->flags;
685 ret = ieee80211_sta_set_ssid(dev, ssid, len);
686 if (ret)
687 return ret;
688 ieee80211_sta_req_auth(dev, &sdata->u.sta);
689 return 0;
690 }
691
692 if (sdata->type == IEEE80211_IF_TYPE_AP) {
693 memcpy(sdata->u.ap.ssid, ssid, len);
694 memset(sdata->u.ap.ssid + len, 0,
695 IEEE80211_MAX_SSID_LEN - len);
696 sdata->u.ap.ssid_len = len;
697 return ieee80211_if_config(dev);
698 }
699 return -EOPNOTSUPP;
700}
701
702
703static int ieee80211_ioctl_giwessid(struct net_device *dev,
704 struct iw_request_info *info,
705 struct iw_point *data, char *ssid)
706{
707 size_t len;
708
709 struct ieee80211_sub_if_data *sdata;
710 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
711 if (sdata->type == IEEE80211_IF_TYPE_STA ||
712 sdata->type == IEEE80211_IF_TYPE_IBSS) {
713 int res = ieee80211_sta_get_ssid(dev, ssid, &len);
714 if (res == 0) {
715 data->length = len;
716 data->flags = 1;
717 } else
718 data->flags = 0;
719 return res;
720 }
721
722 if (sdata->type == IEEE80211_IF_TYPE_AP) {
723 len = sdata->u.ap.ssid_len;
724 if (len > IW_ESSID_MAX_SIZE)
725 len = IW_ESSID_MAX_SIZE;
726 memcpy(ssid, sdata->u.ap.ssid, len);
727 data->length = len;
728 data->flags = 1;
729 return 0;
730 }
731 return -EOPNOTSUPP;
732}
733
734
735static int ieee80211_ioctl_siwap(struct net_device *dev,
736 struct iw_request_info *info,
737 struct sockaddr *ap_addr, char *extra)
738{
739 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
740 struct ieee80211_sub_if_data *sdata;
741
742 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
743 if (sdata->type == IEEE80211_IF_TYPE_STA ||
744 sdata->type == IEEE80211_IF_TYPE_IBSS) {
745 int ret;
746 if (local->user_space_mlme) {
747 memcpy(sdata->u.sta.bssid, (u8 *) &ap_addr->sa_data,
748 ETH_ALEN);
749 return 0;
750 }
751 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data)) {
752 sdata->u.sta.auto_bssid_sel = 1;
753 sdata->u.sta.auto_channel_sel = 1;
754 } else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
755 sdata->u.sta.auto_bssid_sel = 1;
756 else
757 sdata->u.sta.auto_bssid_sel = 0;
758 ret = ieee80211_sta_set_bssid(dev, (u8 *) &ap_addr->sa_data);
759 if (ret)
760 return ret;
761 ieee80211_sta_req_auth(dev, &sdata->u.sta);
762 return 0;
763 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
764 if (memcmp(sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data,
765 ETH_ALEN) == 0)
766 return 0;
767 return ieee80211_if_update_wds(dev, (u8 *) &ap_addr->sa_data);
768 }
769
770 return -EOPNOTSUPP;
771}
772
773
774static int ieee80211_ioctl_giwap(struct net_device *dev,
775 struct iw_request_info *info,
776 struct sockaddr *ap_addr, char *extra)
777{
778 struct ieee80211_sub_if_data *sdata;
779
780 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
781 if (sdata->type == IEEE80211_IF_TYPE_STA ||
782 sdata->type == IEEE80211_IF_TYPE_IBSS) {
783 ap_addr->sa_family = ARPHRD_ETHER;
784 memcpy(&ap_addr->sa_data, sdata->u.sta.bssid, ETH_ALEN);
785 return 0;
786 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
787 ap_addr->sa_family = ARPHRD_ETHER;
788 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN);
789 return 0;
790 }
791
792 return -EOPNOTSUPP;
793}
794
795
796static int ieee80211_ioctl_siwscan(struct net_device *dev,
797 struct iw_request_info *info,
798 struct iw_point *data, char *extra)
799{
800 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
801 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
802 u8 *ssid = NULL;
803 size_t ssid_len = 0;
804
805 if (!netif_running(dev))
806 return -ENETDOWN;
807
808 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID) {
809 if (sdata->type == IEEE80211_IF_TYPE_STA ||
810 sdata->type == IEEE80211_IF_TYPE_IBSS) {
811 ssid = sdata->u.sta.ssid;
812 ssid_len = sdata->u.sta.ssid_len;
813 } else if (sdata->type == IEEE80211_IF_TYPE_AP) {
814 ssid = sdata->u.ap.ssid;
815 ssid_len = sdata->u.ap.ssid_len;
816 } else
817 return -EINVAL;
818 }
819 return ieee80211_sta_req_scan(dev, ssid, ssid_len);
820}
821
822
823static int ieee80211_ioctl_giwscan(struct net_device *dev,
824 struct iw_request_info *info,
825 struct iw_point *data, char *extra)
826{
827 int res;
828 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
829 if (local->sta_scanning)
830 return -EAGAIN;
831 res = ieee80211_sta_scan_results(dev, extra, data->length);
832 if (res >= 0) {
833 data->length = res;
834 return 0;
835 }
836 data->length = 0;
837 return res;
838}
839
840
841static int ieee80211_ioctl_siwrts(struct net_device *dev,
842 struct iw_request_info *info,
843 struct iw_param *rts, char *extra)
844{
845 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
846
847 if (rts->disabled)
848 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
849 else if (rts->value < 0 || rts->value > IEEE80211_MAX_RTS_THRESHOLD)
850 return -EINVAL;
851 else
852 local->rts_threshold = rts->value;
853
854 /* If the wlan card performs RTS/CTS in hardware/firmware,
855 * configure it here */
856
857 if (local->ops->set_rts_threshold)
858 local->ops->set_rts_threshold(local_to_hw(local),
859 local->rts_threshold);
860
861 return 0;
862}
863
864static int ieee80211_ioctl_giwrts(struct net_device *dev,
865 struct iw_request_info *info,
866 struct iw_param *rts, char *extra)
867{
868 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
869
870 rts->value = local->rts_threshold;
871 rts->disabled = (rts->value >= IEEE80211_MAX_RTS_THRESHOLD);
872 rts->fixed = 1;
873
874 return 0;
875}
876
877
878static int ieee80211_ioctl_siwfrag(struct net_device *dev,
879 struct iw_request_info *info,
880 struct iw_param *frag, char *extra)
881{
882 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
883
884 if (frag->disabled)
885 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
886 else if (frag->value < 256 ||
887 frag->value > IEEE80211_MAX_FRAG_THRESHOLD)
888 return -EINVAL;
889 else {
890 /* Fragment length must be even, so strip LSB. */
891 local->fragmentation_threshold = frag->value & ~0x1;
892 }
893
894 /* If the wlan card performs fragmentation in hardware/firmware,
895 * configure it here */
896
897 if (local->ops->set_frag_threshold)
898 local->ops->set_frag_threshold(
899 local_to_hw(local),
900 local->fragmentation_threshold);
901
902 return 0;
903}
904
905static int ieee80211_ioctl_giwfrag(struct net_device *dev,
906 struct iw_request_info *info,
907 struct iw_param *frag, char *extra)
908{
909 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
910
911 frag->value = local->fragmentation_threshold;
912 frag->disabled = (frag->value >= IEEE80211_MAX_RTS_THRESHOLD);
913 frag->fixed = 1;
914
915 return 0;
916}
917
918
919static int ieee80211_ioctl_siwretry(struct net_device *dev,
920 struct iw_request_info *info,
921 struct iw_param *retry, char *extra)
922{
923 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
924
925 if (retry->disabled ||
926 (retry->flags & IW_RETRY_TYPE) != IW_RETRY_LIMIT)
927 return -EINVAL;
928
929 if (retry->flags & IW_RETRY_MAX)
930 local->long_retry_limit = retry->value;
931 else if (retry->flags & IW_RETRY_MIN)
932 local->short_retry_limit = retry->value;
933 else {
934 local->long_retry_limit = retry->value;
935 local->short_retry_limit = retry->value;
936 }
937
938 if (local->ops->set_retry_limit) {
939 return local->ops->set_retry_limit(
940 local_to_hw(local),
941 local->short_retry_limit,
942 local->long_retry_limit);
943 }
944
945 return 0;
946}
947
948
949static int ieee80211_ioctl_giwretry(struct net_device *dev,
950 struct iw_request_info *info,
951 struct iw_param *retry, char *extra)
952{
953 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
954
955 retry->disabled = 0;
956 if (retry->flags == 0 || retry->flags & IW_RETRY_MIN) {
957 /* first return min value, iwconfig will ask max value
958 * later if needed */
959 retry->flags |= IW_RETRY_LIMIT;
960 retry->value = local->short_retry_limit;
961 if (local->long_retry_limit != local->short_retry_limit)
962 retry->flags |= IW_RETRY_MIN;
963 return 0;
964 }
965 if (retry->flags & IW_RETRY_MAX) {
966 retry->flags = IW_RETRY_LIMIT | IW_RETRY_MAX;
967 retry->value = local->long_retry_limit;
968 }
969
970 return 0;
971}
972
973static int ieee80211_ioctl_clear_keys(struct net_device *dev)
974{
975 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
976 struct ieee80211_key_conf key;
977 int i;
978 u8 addr[ETH_ALEN];
979 struct ieee80211_key_conf *keyconf;
980 struct ieee80211_sub_if_data *sdata;
981 struct sta_info *sta;
982
983 memset(addr, 0xff, ETH_ALEN);
984 read_lock(&local->sub_if_lock);
985 list_for_each_entry(sdata, &local->sub_if_list, list) {
986 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
987 keyconf = NULL;
988 if (sdata->keys[i] &&
989 !sdata->keys[i]->force_sw_encrypt &&
990 local->ops->set_key &&
991 (keyconf = ieee80211_key_data2conf(local,
992 sdata->keys[i])))
993 local->ops->set_key(local_to_hw(local),
994 DISABLE_KEY, addr,
995 keyconf, 0);
996 kfree(keyconf);
997 ieee80211_key_free(sdata->keys[i]);
998 sdata->keys[i] = NULL;
999 }
1000 sdata->default_key = NULL;
1001 }
1002 read_unlock(&local->sub_if_lock);
1003
1004 spin_lock_bh(&local->sta_lock);
1005 list_for_each_entry(sta, &local->sta_list, list) {
1006 keyconf = NULL;
1007 if (sta->key && !sta->key->force_sw_encrypt &&
1008 local->ops->set_key &&
1009 (keyconf = ieee80211_key_data2conf(local, sta->key)))
1010 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
1011 sta->addr, keyconf, sta->aid);
1012 kfree(keyconf);
1013 ieee80211_key_free(sta->key);
1014 sta->key = NULL;
1015 }
1016 spin_unlock_bh(&local->sta_lock);
1017
1018 memset(&key, 0, sizeof(key));
1019 if (local->ops->set_key &&
1020 local->ops->set_key(local_to_hw(local), REMOVE_ALL_KEYS,
1021 NULL, &key, 0))
1022 printk(KERN_DEBUG "%s: failed to remove hwaccel keys\n",
1023 dev->name);
1024
1025 return 0;
1026}
1027
1028
1029static int
1030ieee80211_ioctl_force_unicast_rate(struct net_device *dev,
1031 struct ieee80211_sub_if_data *sdata,
1032 int rate)
1033{
1034 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1035 struct ieee80211_hw_mode *mode;
1036 int i;
1037
1038 if (sdata->type != IEEE80211_IF_TYPE_AP)
1039 return -ENOENT;
1040
1041 if (rate == 0) {
1042 sdata->u.ap.force_unicast_rateidx = -1;
1043 return 0;
1044 }
1045
1046 mode = local->oper_hw_mode;
1047 for (i = 0; i < mode->num_rates; i++) {
1048 if (mode->rates[i].rate == rate) {
1049 sdata->u.ap.force_unicast_rateidx = i;
1050 return 0;
1051 }
1052 }
1053 return -EINVAL;
1054}
1055
1056
1057static int
1058ieee80211_ioctl_max_ratectrl_rate(struct net_device *dev,
1059 struct ieee80211_sub_if_data *sdata,
1060 int rate)
1061{
1062 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1063 struct ieee80211_hw_mode *mode;
1064 int i;
1065
1066 if (sdata->type != IEEE80211_IF_TYPE_AP)
1067 return -ENOENT;
1068
1069 if (rate == 0) {
1070 sdata->u.ap.max_ratectrl_rateidx = -1;
1071 return 0;
1072 }
1073
1074 mode = local->oper_hw_mode;
1075 for (i = 0; i < mode->num_rates; i++) {
1076 if (mode->rates[i].rate == rate) {
1077 sdata->u.ap.max_ratectrl_rateidx = i;
1078 return 0;
1079 }
1080 }
1081 return -EINVAL;
1082}
1083
1084
1085static void ieee80211_key_enable_hwaccel(struct ieee80211_local *local,
1086 struct ieee80211_key *key)
1087{
1088 struct ieee80211_key_conf *keyconf;
1089 u8 addr[ETH_ALEN];
1090
1091 if (!key || key->alg != ALG_WEP || !key->force_sw_encrypt ||
1092 (local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP))
1093 return;
1094
1095 memset(addr, 0xff, ETH_ALEN);
1096 keyconf = ieee80211_key_data2conf(local, key);
1097 if (keyconf && local->ops->set_key &&
1098 local->ops->set_key(local_to_hw(local),
1099 SET_KEY, addr, keyconf, 0) == 0) {
1100 key->force_sw_encrypt =
1101 !!(keyconf->flags & IEEE80211_KEY_FORCE_SW_ENCRYPT);
1102 key->hw_key_idx = keyconf->hw_key_idx;
1103 }
1104 kfree(keyconf);
1105}
1106
1107
1108static void ieee80211_key_disable_hwaccel(struct ieee80211_local *local,
1109 struct ieee80211_key *key)
1110{
1111 struct ieee80211_key_conf *keyconf;
1112 u8 addr[ETH_ALEN];
1113
1114 if (!key || key->alg != ALG_WEP || key->force_sw_encrypt ||
1115 (local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP))
1116 return;
1117
1118 memset(addr, 0xff, ETH_ALEN);
1119 keyconf = ieee80211_key_data2conf(local, key);
1120 if (keyconf && local->ops->set_key)
1121 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
1122 addr, keyconf, 0);
1123 kfree(keyconf);
1124 key->force_sw_encrypt = 1;
1125}
1126
1127
1128static int ieee80211_ioctl_default_wep_only(struct ieee80211_local *local,
1129 int value)
1130{
1131 int i;
1132 struct ieee80211_sub_if_data *sdata;
1133
1134 local->default_wep_only = value;
1135 read_lock(&local->sub_if_lock);
1136 list_for_each_entry(sdata, &local->sub_if_list, list)
1137 for (i = 0; i < NUM_DEFAULT_KEYS; i++)
1138 if (value)
1139 ieee80211_key_enable_hwaccel(local,
1140 sdata->keys[i]);
1141 else
1142 ieee80211_key_disable_hwaccel(local,
1143 sdata->keys[i]);
1144 read_unlock(&local->sub_if_lock);
1145
1146 return 0;
1147}
1148
1149
1150void ieee80211_update_default_wep_only(struct ieee80211_local *local)
1151{
1152 int i = 0;
1153 struct ieee80211_sub_if_data *sdata;
1154
1155 read_lock(&local->sub_if_lock);
1156 list_for_each_entry(sdata, &local->sub_if_list, list) {
1157
1158 if (sdata->dev == local->mdev)
1159 continue;
1160
1161 /* If there is an AP interface then depend on userspace to
1162 set default_wep_only correctly. */
1163 if (sdata->type == IEEE80211_IF_TYPE_AP) {
1164 read_unlock(&local->sub_if_lock);
1165 return;
1166 }
1167
1168 i++;
1169 }
1170
1171 read_unlock(&local->sub_if_lock);
1172
1173 if (i <= 1)
1174 ieee80211_ioctl_default_wep_only(local, 1);
1175 else
1176 ieee80211_ioctl_default_wep_only(local, 0);
1177}
1178
1179
1180static int ieee80211_ioctl_prism2_param(struct net_device *dev,
1181 struct iw_request_info *info,
1182 void *wrqu, char *extra)
1183{
1184 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1185 struct ieee80211_sub_if_data *sdata;
1186 int *i = (int *) extra;
1187 int param = *i;
1188 int value = *(i + 1);
1189 int ret = 0;
1190
1191 if (!capable(CAP_NET_ADMIN))
1192 return -EPERM;
1193
1194 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1195
1196 switch (param) {
1197 case PRISM2_PARAM_IEEE_802_1X:
1198 if (local->ops->set_ieee8021x)
1199 ret = local->ops->set_ieee8021x(local_to_hw(local),
1200 value);
1201 if (ret)
1202 printk(KERN_DEBUG "%s: failed to set IEEE 802.1X (%d) "
1203 "for low-level driver\n", dev->name, value);
1204 else
1205 sdata->ieee802_1x = value;
1206 break;
1207
1208 case PRISM2_PARAM_ANTSEL_TX:
1209 local->hw.conf.antenna_sel_tx = value;
1210 if (ieee80211_hw_config(local))
1211 ret = -EINVAL;
1212 break;
1213
1214 case PRISM2_PARAM_ANTSEL_RX:
1215 local->hw.conf.antenna_sel_rx = value;
1216 if (ieee80211_hw_config(local))
1217 ret = -EINVAL;
1218 break;
1219
1220 case PRISM2_PARAM_CTS_PROTECT_ERP_FRAMES:
1221 local->cts_protect_erp_frames = value;
1222 break;
1223
1224 case PRISM2_PARAM_DROP_UNENCRYPTED:
1225 sdata->drop_unencrypted = value;
1226 break;
1227
1228 case PRISM2_PARAM_PREAMBLE:
1229 local->short_preamble = value;
1230 break;
1231
1232 case PRISM2_PARAM_STAT_TIME:
1233 if (!local->stat_time && value) {
1234 local->stat_timer.expires = jiffies + HZ * value / 100;
1235 add_timer(&local->stat_timer);
1236 } else if (local->stat_time && !value) {
1237 del_timer_sync(&local->stat_timer);
1238 }
1239 local->stat_time = value;
1240 break;
1241 case PRISM2_PARAM_SHORT_SLOT_TIME:
1242 if (value)
1243 local->hw.conf.flags |= IEEE80211_CONF_SHORT_SLOT_TIME;
1244 else
1245 local->hw.conf.flags &= ~IEEE80211_CONF_SHORT_SLOT_TIME;
1246 if (ieee80211_hw_config(local))
1247 ret = -EINVAL;
1248 break;
1249
1250 case PRISM2_PARAM_NEXT_MODE:
1251 local->next_mode = value;
1252 break;
1253
1254 case PRISM2_PARAM_CLEAR_KEYS:
1255 ret = ieee80211_ioctl_clear_keys(dev);
1256 break;
1257
1258 case PRISM2_PARAM_RADIO_ENABLED:
1259 ret = ieee80211_ioctl_set_radio_enabled(dev, value);
1260 break;
1261
1262 case PRISM2_PARAM_ANTENNA_MODE:
1263 local->hw.conf.antenna_mode = value;
1264 if (ieee80211_hw_config(local))
1265 ret = -EINVAL;
1266 break;
1267
1268 case PRISM2_PARAM_STA_ANTENNA_SEL:
1269 local->sta_antenna_sel = value;
1270 break;
1271
1272 case PRISM2_PARAM_FORCE_UNICAST_RATE:
1273 ret = ieee80211_ioctl_force_unicast_rate(dev, sdata, value);
1274 break;
1275
1276 case PRISM2_PARAM_MAX_RATECTRL_RATE:
1277 ret = ieee80211_ioctl_max_ratectrl_rate(dev, sdata, value);
1278 break;
1279
1280 case PRISM2_PARAM_RATE_CTRL_NUM_UP:
1281 local->rate_ctrl_num_up = value;
1282 break;
1283
1284 case PRISM2_PARAM_RATE_CTRL_NUM_DOWN:
1285 local->rate_ctrl_num_down = value;
1286 break;
1287
1288 case PRISM2_PARAM_TX_POWER_REDUCTION:
1289 if (value < 0)
1290 ret = -EINVAL;
1291 else
1292 local->hw.conf.tx_power_reduction = value;
1293 break;
1294
1295 case PRISM2_PARAM_KEY_TX_RX_THRESHOLD:
1296 local->key_tx_rx_threshold = value;
1297 break;
1298
1299 case PRISM2_PARAM_DEFAULT_WEP_ONLY:
1300 ret = ieee80211_ioctl_default_wep_only(local, value);
1301 break;
1302
1303 case PRISM2_PARAM_WIFI_WME_NOACK_TEST:
1304 local->wifi_wme_noack_test = value;
1305 break;
1306
1307 case PRISM2_PARAM_SCAN_FLAGS:
1308 local->scan_flags = value;
1309 break;
1310
1311 case PRISM2_PARAM_MIXED_CELL:
1312 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1313 sdata->type != IEEE80211_IF_TYPE_IBSS)
1314 ret = -EINVAL;
1315 else
1316 sdata->u.sta.mixed_cell = !!value;
1317 break;
1318
1319 case PRISM2_PARAM_HW_MODES:
1320 local->enabled_modes = value;
1321 break;
1322
1323 case PRISM2_PARAM_CREATE_IBSS:
1324 if (sdata->type != IEEE80211_IF_TYPE_IBSS)
1325 ret = -EINVAL;
1326 else
1327 sdata->u.sta.create_ibss = !!value;
1328 break;
1329 case PRISM2_PARAM_WMM_ENABLED:
1330 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1331 sdata->type != IEEE80211_IF_TYPE_IBSS)
1332 ret = -EINVAL;
1333 else
1334 sdata->u.sta.wmm_enabled = !!value;
1335 break;
1336 case PRISM2_PARAM_RADAR_DETECT:
1337 local->hw.conf.radar_detect = value;
1338 break;
1339 case PRISM2_PARAM_SPECTRUM_MGMT:
1340 local->hw.conf.spect_mgmt = value;
1341 break;
1342 default:
1343 ret = -EOPNOTSUPP;
1344 break;
1345 }
1346
1347 return ret;
1348}
1349
1350
1351static int ieee80211_ioctl_get_prism2_param(struct net_device *dev,
1352 struct iw_request_info *info,
1353 void *wrqu, char *extra)
1354{
1355 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1356 struct ieee80211_sub_if_data *sdata;
1357 int *param = (int *) extra;
1358 int ret = 0;
1359
1360 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1361
1362 switch (*param) {
1363 case PRISM2_PARAM_IEEE_802_1X:
1364 *param = sdata->ieee802_1x;
1365 break;
1366
1367 case PRISM2_PARAM_ANTSEL_TX:
1368 *param = local->hw.conf.antenna_sel_tx;
1369 break;
1370
1371 case PRISM2_PARAM_ANTSEL_RX:
1372 *param = local->hw.conf.antenna_sel_rx;
1373 break;
1374
1375 case PRISM2_PARAM_CTS_PROTECT_ERP_FRAMES:
1376 *param = local->cts_protect_erp_frames;
1377 break;
1378
1379 case PRISM2_PARAM_DROP_UNENCRYPTED:
1380 *param = sdata->drop_unencrypted;
1381 break;
1382
1383 case PRISM2_PARAM_PREAMBLE:
1384 *param = local->short_preamble;
1385 break;
1386
1387 case PRISM2_PARAM_STAT_TIME:
1388 *param = local->stat_time;
1389 break;
1390 case PRISM2_PARAM_SHORT_SLOT_TIME:
1391 *param = !!(local->hw.conf.flags & IEEE80211_CONF_SHORT_SLOT_TIME);
1392 break;
1393
1394 case PRISM2_PARAM_NEXT_MODE:
1395 *param = local->next_mode;
1396 break;
1397
1398 case PRISM2_PARAM_ANTENNA_MODE:
1399 *param = local->hw.conf.antenna_mode;
1400 break;
1401
1402 case PRISM2_PARAM_STA_ANTENNA_SEL:
1403 *param = local->sta_antenna_sel;
1404 break;
1405
1406 case PRISM2_PARAM_RATE_CTRL_NUM_UP:
1407 *param = local->rate_ctrl_num_up;
1408 break;
1409
1410 case PRISM2_PARAM_RATE_CTRL_NUM_DOWN:
1411 *param = local->rate_ctrl_num_down;
1412 break;
1413
1414 case PRISM2_PARAM_TX_POWER_REDUCTION:
1415 *param = local->hw.conf.tx_power_reduction;
1416 break;
1417
1418 case PRISM2_PARAM_KEY_TX_RX_THRESHOLD:
1419 *param = local->key_tx_rx_threshold;
1420 break;
1421
1422 case PRISM2_PARAM_DEFAULT_WEP_ONLY:
1423 *param = local->default_wep_only;
1424 break;
1425
1426 case PRISM2_PARAM_WIFI_WME_NOACK_TEST:
1427 *param = local->wifi_wme_noack_test;
1428 break;
1429
1430 case PRISM2_PARAM_SCAN_FLAGS:
1431 *param = local->scan_flags;
1432 break;
1433
1434 case PRISM2_PARAM_HW_MODES:
1435 *param = local->enabled_modes;
1436 break;
1437
1438 case PRISM2_PARAM_CREATE_IBSS:
1439 if (sdata->type != IEEE80211_IF_TYPE_IBSS)
1440 ret = -EINVAL;
1441 else
1442 *param = !!sdata->u.sta.create_ibss;
1443 break;
1444
1445 case PRISM2_PARAM_MIXED_CELL:
1446 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1447 sdata->type != IEEE80211_IF_TYPE_IBSS)
1448 ret = -EINVAL;
1449 else
1450 *param = !!sdata->u.sta.mixed_cell;
1451 break;
1452 case PRISM2_PARAM_WMM_ENABLED:
1453 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1454 sdata->type != IEEE80211_IF_TYPE_IBSS)
1455 ret = -EINVAL;
1456 else
1457 *param = !!sdata->u.sta.wmm_enabled;
1458 break;
1459 default:
1460 ret = -EOPNOTSUPP;
1461 break;
1462 }
1463
1464 return ret;
1465}
1466
1467static int ieee80211_ioctl_siwmlme(struct net_device *dev,
1468 struct iw_request_info *info,
1469 struct iw_point *data, char *extra)
1470{
1471 struct ieee80211_sub_if_data *sdata;
1472 struct iw_mlme *mlme = (struct iw_mlme *) extra;
1473
1474 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1475 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1476 sdata->type != IEEE80211_IF_TYPE_IBSS)
1477 return -EINVAL;
1478
1479 switch (mlme->cmd) {
1480 case IW_MLME_DEAUTH:
1481 /* TODO: mlme->addr.sa_data */
1482 return ieee80211_sta_deauthenticate(dev, mlme->reason_code);
1483 case IW_MLME_DISASSOC:
1484 /* TODO: mlme->addr.sa_data */
1485 return ieee80211_sta_disassociate(dev, mlme->reason_code);
1486 default:
1487 return -EOPNOTSUPP;
1488 }
1489}
1490
1491
1492static int ieee80211_ioctl_siwencode(struct net_device *dev,
1493 struct iw_request_info *info,
1494 struct iw_point *erq, char *keybuf)
1495{
1496 struct ieee80211_sub_if_data *sdata;
1497 int idx, i, alg = ALG_WEP;
1498 u8 bcaddr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
1499
1500 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1501
1502 idx = erq->flags & IW_ENCODE_INDEX;
1503 if (idx == 0) {
1504 if (sdata->default_key)
1505 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1506 if (sdata->default_key == sdata->keys[i]) {
1507 idx = i;
1508 break;
1509 }
1510 }
1511 } else if (idx < 1 || idx > 4)
1512 return -EINVAL;
1513 else
1514 idx--;
1515
1516 if (erq->flags & IW_ENCODE_DISABLED)
1517 alg = ALG_NONE;
1518 else if (erq->length == 0) {
1519 /* No key data - just set the default TX key index */
1520 if (sdata->default_key != sdata->keys[idx]) {
1521 ieee80211_debugfs_key_remove_default(sdata);
1522 sdata->default_key = sdata->keys[idx];
1523 if (sdata->default_key)
1524 ieee80211_debugfs_key_add_default(sdata);
1525 }
1526 return 0;
1527 }
1528
1529 return ieee80211_set_encryption(
1530 dev, bcaddr,
1531 idx, alg,
1532 !sdata->default_key,
1533 keybuf, erq->length);
1534}
1535
1536
1537static int ieee80211_ioctl_giwencode(struct net_device *dev,
1538 struct iw_request_info *info,
1539 struct iw_point *erq, char *key)
1540{
1541 struct ieee80211_sub_if_data *sdata;
1542 int idx, i;
1543
1544 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1545
1546 idx = erq->flags & IW_ENCODE_INDEX;
1547 if (idx < 1 || idx > 4) {
1548 idx = -1;
1549 if (!sdata->default_key)
1550 idx = 0;
1551 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1552 if (sdata->default_key == sdata->keys[i]) {
1553 idx = i;
1554 break;
1555 }
1556 }
1557 if (idx < 0)
1558 return -EINVAL;
1559 } else
1560 idx--;
1561
1562 erq->flags = idx + 1;
1563
1564 if (!sdata->keys[idx]) {
1565 erq->length = 0;
1566 erq->flags |= IW_ENCODE_DISABLED;
1567 return 0;
1568 }
1569
1570 memcpy(key, sdata->keys[idx]->key,
1571 min((int)erq->length, sdata->keys[idx]->keylen));
1572 erq->length = sdata->keys[idx]->keylen;
1573 erq->flags |= IW_ENCODE_ENABLED;
1574
1575 return 0;
1576}
1577
1578static int ieee80211_ioctl_siwauth(struct net_device *dev,
1579 struct iw_request_info *info,
1580 struct iw_param *data, char *extra)
1581{
1582 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1583 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1584 int ret = 0;
1585
1586 switch (data->flags & IW_AUTH_INDEX) {
1587 case IW_AUTH_WPA_VERSION:
1588 case IW_AUTH_CIPHER_PAIRWISE:
1589 case IW_AUTH_CIPHER_GROUP:
1590 case IW_AUTH_WPA_ENABLED:
1591 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1592 break;
1593 case IW_AUTH_KEY_MGMT:
1594 if (sdata->type != IEEE80211_IF_TYPE_STA)
1595 ret = -EINVAL;
1596 else {
1597 /*
1598 * TODO: sdata->u.sta.key_mgmt does not match with WE18
1599 * value completely; could consider modifying this to
1600 * be closer to WE18. For now, this value is not really
1601 * used for anything else than Privacy matching, so the
1602 * current code here should be more or less OK.
1603 */
1604 if (data->value & IW_AUTH_KEY_MGMT_802_1X) {
1605 sdata->u.sta.key_mgmt =
1606 IEEE80211_KEY_MGMT_WPA_EAP;
1607 } else if (data->value & IW_AUTH_KEY_MGMT_PSK) {
1608 sdata->u.sta.key_mgmt =
1609 IEEE80211_KEY_MGMT_WPA_PSK;
1610 } else {
1611 sdata->u.sta.key_mgmt =
1612 IEEE80211_KEY_MGMT_NONE;
1613 }
1614 }
1615 break;
1616 case IW_AUTH_80211_AUTH_ALG:
1617 if (sdata->type == IEEE80211_IF_TYPE_STA ||
1618 sdata->type == IEEE80211_IF_TYPE_IBSS)
1619 sdata->u.sta.auth_algs = data->value;
1620 else
1621 ret = -EOPNOTSUPP;
1622 break;
1623 case IW_AUTH_PRIVACY_INVOKED:
1624 if (local->ops->set_privacy_invoked)
1625 ret = local->ops->set_privacy_invoked(
1626 local_to_hw(local), data->value);
1627 break;
1628 default:
1629 ret = -EOPNOTSUPP;
1630 break;
1631 }
1632 return ret;
1633}
1634
1635/* Get wireless statistics. Called by /proc/net/wireless and by SIOCGIWSTATS */
1636static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev)
1637{
1638 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1639 struct iw_statistics *wstats = &local->wstats;
1640 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1641 struct sta_info *sta = NULL;
1642
1643 if (sdata->type == IEEE80211_IF_TYPE_STA ||
1644 sdata->type == IEEE80211_IF_TYPE_IBSS)
1645 sta = sta_info_get(local, sdata->u.sta.bssid);
1646 if (!sta) {
1647 wstats->discard.fragment = 0;
1648 wstats->discard.misc = 0;
1649 wstats->qual.qual = 0;
1650 wstats->qual.level = 0;
1651 wstats->qual.noise = 0;
1652 wstats->qual.updated = IW_QUAL_ALL_INVALID;
1653 } else {
1654 wstats->qual.level = sta->last_rssi;
1655 wstats->qual.qual = sta->last_signal;
1656 wstats->qual.noise = sta->last_noise;
1657 wstats->qual.updated = local->wstats_flags;
1658 sta_info_put(sta);
1659 }
1660 return wstats;
1661}
1662
1663static int ieee80211_ioctl_giwauth(struct net_device *dev,
1664 struct iw_request_info *info,
1665 struct iw_param *data, char *extra)
1666{
1667 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1668 int ret = 0;
1669
1670 switch (data->flags & IW_AUTH_INDEX) {
1671 case IW_AUTH_80211_AUTH_ALG:
1672 if (sdata->type == IEEE80211_IF_TYPE_STA ||
1673 sdata->type == IEEE80211_IF_TYPE_IBSS)
1674 data->value = sdata->u.sta.auth_algs;
1675 else
1676 ret = -EOPNOTSUPP;
1677 break;
1678 default:
1679 ret = -EOPNOTSUPP;
1680 break;
1681 }
1682 return ret;
1683}
1684
1685
1686static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1687 struct iw_request_info *info,
1688 struct iw_point *erq, char *extra)
1689{
1690 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1691 struct iw_encode_ext *ext = (struct iw_encode_ext *) extra;
1692 int alg, idx, i;
1693
1694 switch (ext->alg) {
1695 case IW_ENCODE_ALG_NONE:
1696 alg = ALG_NONE;
1697 break;
1698 case IW_ENCODE_ALG_WEP:
1699 alg = ALG_WEP;
1700 break;
1701 case IW_ENCODE_ALG_TKIP:
1702 alg = ALG_TKIP;
1703 break;
1704 case IW_ENCODE_ALG_CCMP:
1705 alg = ALG_CCMP;
1706 break;
1707 default:
1708 return -EOPNOTSUPP;
1709 }
1710
1711 if (erq->flags & IW_ENCODE_DISABLED)
1712 alg = ALG_NONE;
1713
1714 idx = erq->flags & IW_ENCODE_INDEX;
1715 if (idx < 1 || idx > 4) {
1716 idx = -1;
1717 if (!sdata->default_key)
1718 idx = 0;
1719 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1720 if (sdata->default_key == sdata->keys[i]) {
1721 idx = i;
1722 break;
1723 }
1724 }
1725 if (idx < 0)
1726 return -EINVAL;
1727 } else
1728 idx--;
1729
1730 return ieee80211_set_encryption(dev, ext->addr.sa_data, idx, alg,
1731 ext->ext_flags &
1732 IW_ENCODE_EXT_SET_TX_KEY,
1733 ext->key, ext->key_len);
1734}
1735
1736
1737static const struct iw_priv_args ieee80211_ioctl_priv[] = {
1738 { PRISM2_IOCTL_PRISM2_PARAM,
1739 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, 0, "param" },
1740 { PRISM2_IOCTL_GET_PRISM2_PARAM,
1741 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
1742 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_param" },
1743};
1744
1745/* Structures to export the Wireless Handlers */
1746
1747static const iw_handler ieee80211_handler[] =
1748{
1749 (iw_handler) NULL, /* SIOCSIWCOMMIT */
1750 (iw_handler) ieee80211_ioctl_giwname, /* SIOCGIWNAME */
1751 (iw_handler) NULL, /* SIOCSIWNWID */
1752 (iw_handler) NULL, /* SIOCGIWNWID */
1753 (iw_handler) ieee80211_ioctl_siwfreq, /* SIOCSIWFREQ */
1754 (iw_handler) ieee80211_ioctl_giwfreq, /* SIOCGIWFREQ */
1755 (iw_handler) ieee80211_ioctl_siwmode, /* SIOCSIWMODE */
1756 (iw_handler) ieee80211_ioctl_giwmode, /* SIOCGIWMODE */
1757 (iw_handler) NULL, /* SIOCSIWSENS */
1758 (iw_handler) NULL, /* SIOCGIWSENS */
1759 (iw_handler) NULL /* not used */, /* SIOCSIWRANGE */
1760 (iw_handler) ieee80211_ioctl_giwrange, /* SIOCGIWRANGE */
1761 (iw_handler) NULL /* not used */, /* SIOCSIWPRIV */
1762 (iw_handler) NULL /* kernel code */, /* SIOCGIWPRIV */
1763 (iw_handler) NULL /* not used */, /* SIOCSIWSTATS */
1764 (iw_handler) NULL /* kernel code */, /* SIOCGIWSTATS */
1765 iw_handler_set_spy, /* SIOCSIWSPY */
1766 iw_handler_get_spy, /* SIOCGIWSPY */
1767 iw_handler_set_thrspy, /* SIOCSIWTHRSPY */
1768 iw_handler_get_thrspy, /* SIOCGIWTHRSPY */
1769 (iw_handler) ieee80211_ioctl_siwap, /* SIOCSIWAP */
1770 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */
1771 (iw_handler) ieee80211_ioctl_siwmlme, /* SIOCSIWMLME */
1772 (iw_handler) NULL, /* SIOCGIWAPLIST */
1773 (iw_handler) ieee80211_ioctl_siwscan, /* SIOCSIWSCAN */
1774 (iw_handler) ieee80211_ioctl_giwscan, /* SIOCGIWSCAN */
1775 (iw_handler) ieee80211_ioctl_siwessid, /* SIOCSIWESSID */
1776 (iw_handler) ieee80211_ioctl_giwessid, /* SIOCGIWESSID */
1777 (iw_handler) NULL, /* SIOCSIWNICKN */
1778 (iw_handler) NULL, /* SIOCGIWNICKN */
1779 (iw_handler) NULL, /* -- hole -- */
1780 (iw_handler) NULL, /* -- hole -- */
1781 (iw_handler) NULL, /* SIOCSIWRATE */
1782 (iw_handler) NULL, /* SIOCGIWRATE */
1783 (iw_handler) ieee80211_ioctl_siwrts, /* SIOCSIWRTS */
1784 (iw_handler) ieee80211_ioctl_giwrts, /* SIOCGIWRTS */
1785 (iw_handler) ieee80211_ioctl_siwfrag, /* SIOCSIWFRAG */
1786 (iw_handler) ieee80211_ioctl_giwfrag, /* SIOCGIWFRAG */
1787 (iw_handler) NULL, /* SIOCSIWTXPOW */
1788 (iw_handler) NULL, /* SIOCGIWTXPOW */
1789 (iw_handler) ieee80211_ioctl_siwretry, /* SIOCSIWRETRY */
1790 (iw_handler) ieee80211_ioctl_giwretry, /* SIOCGIWRETRY */
1791 (iw_handler) ieee80211_ioctl_siwencode, /* SIOCSIWENCODE */
1792 (iw_handler) ieee80211_ioctl_giwencode, /* SIOCGIWENCODE */
1793 (iw_handler) NULL, /* SIOCSIWPOWER */
1794 (iw_handler) NULL, /* SIOCGIWPOWER */
1795 (iw_handler) NULL, /* -- hole -- */
1796 (iw_handler) NULL, /* -- hole -- */
1797 (iw_handler) ieee80211_ioctl_siwgenie, /* SIOCSIWGENIE */
1798 (iw_handler) NULL, /* SIOCGIWGENIE */
1799 (iw_handler) ieee80211_ioctl_siwauth, /* SIOCSIWAUTH */
1800 (iw_handler) ieee80211_ioctl_giwauth, /* SIOCGIWAUTH */
1801 (iw_handler) ieee80211_ioctl_siwencodeext, /* SIOCSIWENCODEEXT */
1802 (iw_handler) NULL, /* SIOCGIWENCODEEXT */
1803 (iw_handler) NULL, /* SIOCSIWPMKSA */
1804 (iw_handler) NULL, /* -- hole -- */
1805};
1806
1807static const iw_handler ieee80211_private_handler[] =
1808{ /* SIOCIWFIRSTPRIV + */
1809 (iw_handler) ieee80211_ioctl_prism2_param, /* 0 */
1810 (iw_handler) ieee80211_ioctl_get_prism2_param, /* 1 */
1811};
1812
1813const struct iw_handler_def ieee80211_iw_handler_def =
1814{
1815 .num_standard = ARRAY_SIZE(ieee80211_handler),
1816 .num_private = ARRAY_SIZE(ieee80211_private_handler),
1817 .num_private_args = ARRAY_SIZE(ieee80211_ioctl_priv),
1818 .standard = (iw_handler *) ieee80211_handler,
1819 .private = (iw_handler *) ieee80211_private_handler,
1820 .private_args = (struct iw_priv_args *) ieee80211_ioctl_priv,
1821 .get_wireless_stats = ieee80211_get_wireless_stats,
1822};
diff --git a/net/mac80211/ieee80211_key.h b/net/mac80211/ieee80211_key.h
new file mode 100644
index 000000000000..c33384912782
--- /dev/null
+++ b/net/mac80211/ieee80211_key.h
@@ -0,0 +1,106 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef IEEE80211_KEY_H
11#define IEEE80211_KEY_H
12
13#include <linux/types.h>
14#include <linux/kref.h>
15#include <linux/crypto.h>
16#include <net/mac80211.h>
17
18/* ALG_TKIP
19 * struct ieee80211_key::key is encoded as a 256-bit (32 byte) data block:
20 * Temporal Encryption Key (128 bits)
21 * Temporal Authenticator Tx MIC Key (64 bits)
22 * Temporal Authenticator Rx MIC Key (64 bits)
23 */
24
25#define WEP_IV_LEN 4
26#define WEP_ICV_LEN 4
27
28#define ALG_TKIP_KEY_LEN 32
29/* Starting offsets for each key */
30#define ALG_TKIP_TEMP_ENCR_KEY 0
31#define ALG_TKIP_TEMP_AUTH_TX_MIC_KEY 16
32#define ALG_TKIP_TEMP_AUTH_RX_MIC_KEY 24
33#define TKIP_IV_LEN 8
34#define TKIP_ICV_LEN 4
35
36#define ALG_CCMP_KEY_LEN 16
37#define CCMP_HDR_LEN 8
38#define CCMP_MIC_LEN 8
39#define CCMP_TK_LEN 16
40#define CCMP_PN_LEN 6
41
42#define NUM_RX_DATA_QUEUES 17
43
44struct ieee80211_key {
45 struct kref kref;
46
47 int hw_key_idx; /* filled and used by low-level driver */
48 ieee80211_key_alg alg;
49 union {
50 struct {
51 /* last used TSC */
52 u32 iv32;
53 u16 iv16;
54 u16 p1k[5];
55 int tx_initialized;
56
57 /* last received RSC */
58 u32 iv32_rx[NUM_RX_DATA_QUEUES];
59 u16 iv16_rx[NUM_RX_DATA_QUEUES];
60 u16 p1k_rx[NUM_RX_DATA_QUEUES][5];
61 int rx_initialized[NUM_RX_DATA_QUEUES];
62 } tkip;
63 struct {
64 u8 tx_pn[6];
65 u8 rx_pn[NUM_RX_DATA_QUEUES][6];
66 struct crypto_cipher *tfm;
67 u32 replays; /* dot11RSNAStatsCCMPReplays */
68 /* scratch buffers for virt_to_page() (crypto API) */
69#ifndef AES_BLOCK_LEN
70#define AES_BLOCK_LEN 16
71#endif
72 u8 tx_crypto_buf[6 * AES_BLOCK_LEN];
73 u8 rx_crypto_buf[6 * AES_BLOCK_LEN];
74 } ccmp;
75 } u;
76 int tx_rx_count; /* number of times this key has been used */
77 int keylen;
78
79 /* if the low level driver can provide hardware acceleration it should
80 * clear this flag */
81 unsigned int force_sw_encrypt:1;
82 unsigned int default_tx_key:1; /* This key is the new default TX key
83 * (used only for broadcast keys). */
84 s8 keyidx; /* WEP key index */
85
86#ifdef CONFIG_MAC80211_DEBUGFS
87 struct {
88 struct dentry *stalink;
89 struct dentry *dir;
90 struct dentry *keylen;
91 struct dentry *force_sw_encrypt;
92 struct dentry *keyidx;
93 struct dentry *hw_key_idx;
94 struct dentry *tx_rx_count;
95 struct dentry *algorithm;
96 struct dentry *tx_spec;
97 struct dentry *rx_spec;
98 struct dentry *replays;
99 struct dentry *key;
100 } debugfs;
101#endif
102
103 u8 key[0];
104};
105
106#endif /* IEEE80211_KEY_H */
diff --git a/net/mac80211/ieee80211_led.c b/net/mac80211/ieee80211_led.c
new file mode 100644
index 000000000000..719d75b20707
--- /dev/null
+++ b/net/mac80211/ieee80211_led.c
@@ -0,0 +1,91 @@
1/*
2 * Copyright 2006, Johannes Berg <johannes@sipsolutions.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9/* just for IFNAMSIZ */
10#include <linux/if.h>
11#include "ieee80211_led.h"
12
13void ieee80211_led_rx(struct ieee80211_local *local)
14{
15 if (unlikely(!local->rx_led))
16 return;
17 if (local->rx_led_counter++ % 2 == 0)
18 led_trigger_event(local->rx_led, LED_OFF);
19 else
20 led_trigger_event(local->rx_led, LED_FULL);
21}
22
23/* q is 1 if a packet was enqueued, 0 if it has been transmitted */
24void ieee80211_led_tx(struct ieee80211_local *local, int q)
25{
26 if (unlikely(!local->tx_led))
27 return;
28 /* not sure how this is supposed to work ... */
29 local->tx_led_counter += 2*q-1;
30 if (local->tx_led_counter % 2 == 0)
31 led_trigger_event(local->tx_led, LED_OFF);
32 else
33 led_trigger_event(local->tx_led, LED_FULL);
34}
35
36void ieee80211_led_init(struct ieee80211_local *local)
37{
38 local->rx_led = kzalloc(sizeof(struct led_trigger), GFP_KERNEL);
39 if (!local->rx_led)
40 return;
41 snprintf(local->rx_led_name, sizeof(local->rx_led_name),
42 "%srx", wiphy_name(local->hw.wiphy));
43 local->rx_led->name = local->rx_led_name;
44 if (led_trigger_register(local->rx_led)) {
45 kfree(local->rx_led);
46 local->rx_led = NULL;
47 }
48
49 local->tx_led = kzalloc(sizeof(struct led_trigger), GFP_KERNEL);
50 if (!local->tx_led)
51 return;
52 snprintf(local->tx_led_name, sizeof(local->tx_led_name),
53 "%stx", wiphy_name(local->hw.wiphy));
54 local->tx_led->name = local->tx_led_name;
55 if (led_trigger_register(local->tx_led)) {
56 kfree(local->tx_led);
57 local->tx_led = NULL;
58 }
59}
60
61void ieee80211_led_exit(struct ieee80211_local *local)
62{
63 if (local->tx_led) {
64 led_trigger_unregister(local->tx_led);
65 kfree(local->tx_led);
66 }
67 if (local->rx_led) {
68 led_trigger_unregister(local->rx_led);
69 kfree(local->rx_led);
70 }
71}
72
73char *__ieee80211_get_tx_led_name(struct ieee80211_hw *hw)
74{
75 struct ieee80211_local *local = hw_to_local(hw);
76
77 if (local->tx_led)
78 return local->tx_led_name;
79 return NULL;
80}
81EXPORT_SYMBOL(__ieee80211_get_tx_led_name);
82
83char *__ieee80211_get_rx_led_name(struct ieee80211_hw *hw)
84{
85 struct ieee80211_local *local = hw_to_local(hw);
86
87 if (local->rx_led)
88 return local->rx_led_name;
89 return NULL;
90}
91EXPORT_SYMBOL(__ieee80211_get_rx_led_name);
diff --git a/net/mac80211/ieee80211_led.h b/net/mac80211/ieee80211_led.h
new file mode 100644
index 000000000000..5c8ab8263878
--- /dev/null
+++ b/net/mac80211/ieee80211_led.h
@@ -0,0 +1,32 @@
1/*
2 * Copyright 2006, Johannes Berg <johannes@sipsolutions.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/list.h>
10#include <linux/spinlock.h>
11#include <linux/leds.h>
12#include "ieee80211_i.h"
13
14#ifdef CONFIG_MAC80211_LEDS
15extern void ieee80211_led_rx(struct ieee80211_local *local);
16extern void ieee80211_led_tx(struct ieee80211_local *local, int q);
17extern void ieee80211_led_init(struct ieee80211_local *local);
18extern void ieee80211_led_exit(struct ieee80211_local *local);
19#else
20static inline void ieee80211_led_rx(struct ieee80211_local *local)
21{
22}
23static inline void ieee80211_led_tx(struct ieee80211_local *local, int q)
24{
25}
26static inline void ieee80211_led_init(struct ieee80211_local *local)
27{
28}
29static inline void ieee80211_led_exit(struct ieee80211_local *local)
30{
31}
32#endif
diff --git a/net/mac80211/ieee80211_rate.c b/net/mac80211/ieee80211_rate.c
new file mode 100644
index 000000000000..16e850864b8a
--- /dev/null
+++ b/net/mac80211/ieee80211_rate.c
@@ -0,0 +1,140 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/kernel.h>
12#include "ieee80211_rate.h"
13#include "ieee80211_i.h"
14
15struct rate_control_alg {
16 struct list_head list;
17 struct rate_control_ops *ops;
18};
19
20static LIST_HEAD(rate_ctrl_algs);
21static DEFINE_MUTEX(rate_ctrl_mutex);
22
23int ieee80211_rate_control_register(struct rate_control_ops *ops)
24{
25 struct rate_control_alg *alg;
26
27 alg = kmalloc(sizeof(*alg), GFP_KERNEL);
28 if (alg == NULL) {
29 return -ENOMEM;
30 }
31 memset(alg, 0, sizeof(*alg));
32 alg->ops = ops;
33
34 mutex_lock(&rate_ctrl_mutex);
35 list_add_tail(&alg->list, &rate_ctrl_algs);
36 mutex_unlock(&rate_ctrl_mutex);
37
38 return 0;
39}
40EXPORT_SYMBOL(ieee80211_rate_control_register);
41
42void ieee80211_rate_control_unregister(struct rate_control_ops *ops)
43{
44 struct rate_control_alg *alg;
45
46 mutex_lock(&rate_ctrl_mutex);
47 list_for_each_entry(alg, &rate_ctrl_algs, list) {
48 if (alg->ops == ops) {
49 list_del(&alg->list);
50 break;
51 }
52 }
53 mutex_unlock(&rate_ctrl_mutex);
54 kfree(alg);
55}
56EXPORT_SYMBOL(ieee80211_rate_control_unregister);
57
58static struct rate_control_ops *
59ieee80211_try_rate_control_ops_get(const char *name)
60{
61 struct rate_control_alg *alg;
62 struct rate_control_ops *ops = NULL;
63
64 mutex_lock(&rate_ctrl_mutex);
65 list_for_each_entry(alg, &rate_ctrl_algs, list) {
66 if (!name || !strcmp(alg->ops->name, name))
67 if (try_module_get(alg->ops->module)) {
68 ops = alg->ops;
69 break;
70 }
71 }
72 mutex_unlock(&rate_ctrl_mutex);
73 return ops;
74}
75
76/* Get the rate control algorithm. If `name' is NULL, get the first
77 * available algorithm. */
78static struct rate_control_ops *
79ieee80211_rate_control_ops_get(const char *name)
80{
81 struct rate_control_ops *ops;
82
83 ops = ieee80211_try_rate_control_ops_get(name);
84 if (!ops) {
85 request_module("rc80211_%s", name ? name : "default");
86 ops = ieee80211_try_rate_control_ops_get(name);
87 }
88 return ops;
89}
90
91static void ieee80211_rate_control_ops_put(struct rate_control_ops *ops)
92{
93 module_put(ops->module);
94}
95
96struct rate_control_ref *rate_control_alloc(const char *name,
97 struct ieee80211_local *local)
98{
99 struct rate_control_ref *ref;
100
101 ref = kmalloc(sizeof(struct rate_control_ref), GFP_KERNEL);
102 if (!ref)
103 goto fail_ref;
104 kref_init(&ref->kref);
105 ref->ops = ieee80211_rate_control_ops_get(name);
106 if (!ref->ops)
107 goto fail_ops;
108 ref->priv = ref->ops->alloc(local);
109 if (!ref->priv)
110 goto fail_priv;
111 return ref;
112
113fail_priv:
114 ieee80211_rate_control_ops_put(ref->ops);
115fail_ops:
116 kfree(ref);
117fail_ref:
118 return NULL;
119}
120
121static void rate_control_release(struct kref *kref)
122{
123 struct rate_control_ref *ctrl_ref;
124
125 ctrl_ref = container_of(kref, struct rate_control_ref, kref);
126 ctrl_ref->ops->free(ctrl_ref->priv);
127 ieee80211_rate_control_ops_put(ctrl_ref->ops);
128 kfree(ctrl_ref);
129}
130
131struct rate_control_ref *rate_control_get(struct rate_control_ref *ref)
132{
133 kref_get(&ref->kref);
134 return ref;
135}
136
137void rate_control_put(struct rate_control_ref *ref)
138{
139 kref_put(&ref->kref, rate_control_release);
140}
diff --git a/net/mac80211/ieee80211_rate.h b/net/mac80211/ieee80211_rate.h
new file mode 100644
index 000000000000..f021a028d9d0
--- /dev/null
+++ b/net/mac80211/ieee80211_rate.h
@@ -0,0 +1,144 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef IEEE80211_RATE_H
12#define IEEE80211_RATE_H
13
14#include <linux/netdevice.h>
15#include <linux/skbuff.h>
16#include <linux/types.h>
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19#include "sta_info.h"
20
21#define RATE_CONTROL_NUM_DOWN 20
22#define RATE_CONTROL_NUM_UP 15
23
24
25struct rate_control_extra {
26 /* values from rate_control_get_rate() to the caller: */
27 struct ieee80211_rate *probe; /* probe with this rate, or NULL for no
28 * probing */
29 struct ieee80211_rate *nonerp;
30
31 /* parameters from the caller to rate_control_get_rate(): */
32 struct ieee80211_hw_mode *mode;
33 int mgmt_data; /* this is data frame that is used for management
34 * (e.g., IEEE 802.1X EAPOL) */
35 u16 ethertype;
36};
37
38
39struct rate_control_ops {
40 struct module *module;
41 const char *name;
42 void (*tx_status)(void *priv, struct net_device *dev,
43 struct sk_buff *skb,
44 struct ieee80211_tx_status *status);
45 struct ieee80211_rate *(*get_rate)(void *priv, struct net_device *dev,
46 struct sk_buff *skb,
47 struct rate_control_extra *extra);
48 void (*rate_init)(void *priv, void *priv_sta,
49 struct ieee80211_local *local, struct sta_info *sta);
50 void (*clear)(void *priv);
51
52 void *(*alloc)(struct ieee80211_local *local);
53 void (*free)(void *priv);
54 void *(*alloc_sta)(void *priv, gfp_t gfp);
55 void (*free_sta)(void *priv, void *priv_sta);
56
57 int (*add_attrs)(void *priv, struct kobject *kobj);
58 void (*remove_attrs)(void *priv, struct kobject *kobj);
59 void (*add_sta_debugfs)(void *priv, void *priv_sta,
60 struct dentry *dir);
61 void (*remove_sta_debugfs)(void *priv, void *priv_sta);
62};
63
64struct rate_control_ref {
65 struct rate_control_ops *ops;
66 void *priv;
67 struct kref kref;
68};
69
70int ieee80211_rate_control_register(struct rate_control_ops *ops);
71void ieee80211_rate_control_unregister(struct rate_control_ops *ops);
72
73/* Get a reference to the rate control algorithm. If `name' is NULL, get the
74 * first available algorithm. */
75struct rate_control_ref *rate_control_alloc(const char *name,
76 struct ieee80211_local *local);
77struct rate_control_ref *rate_control_get(struct rate_control_ref *ref);
78void rate_control_put(struct rate_control_ref *ref);
79
80static inline void rate_control_tx_status(struct ieee80211_local *local,
81 struct net_device *dev,
82 struct sk_buff *skb,
83 struct ieee80211_tx_status *status)
84{
85 struct rate_control_ref *ref = local->rate_ctrl;
86 ref->ops->tx_status(ref->priv, dev, skb, status);
87}
88
89
90static inline struct ieee80211_rate *
91rate_control_get_rate(struct ieee80211_local *local, struct net_device *dev,
92 struct sk_buff *skb, struct rate_control_extra *extra)
93{
94 struct rate_control_ref *ref = local->rate_ctrl;
95 return ref->ops->get_rate(ref->priv, dev, skb, extra);
96}
97
98
99static inline void rate_control_rate_init(struct sta_info *sta,
100 struct ieee80211_local *local)
101{
102 struct rate_control_ref *ref = sta->rate_ctrl;
103 ref->ops->rate_init(ref->priv, sta->rate_ctrl_priv, local, sta);
104}
105
106
107static inline void rate_control_clear(struct ieee80211_local *local)
108{
109 struct rate_control_ref *ref = local->rate_ctrl;
110 ref->ops->clear(ref->priv);
111}
112
113static inline void *rate_control_alloc_sta(struct rate_control_ref *ref,
114 gfp_t gfp)
115{
116 return ref->ops->alloc_sta(ref->priv, gfp);
117}
118
119static inline void rate_control_free_sta(struct rate_control_ref *ref,
120 void *priv)
121{
122 ref->ops->free_sta(ref->priv, priv);
123}
124
125static inline void rate_control_add_sta_debugfs(struct sta_info *sta)
126{
127#ifdef CONFIG_MAC80211_DEBUGFS
128 struct rate_control_ref *ref = sta->rate_ctrl;
129 if (sta->debugfs.dir && ref->ops->add_sta_debugfs)
130 ref->ops->add_sta_debugfs(ref->priv, sta->rate_ctrl_priv,
131 sta->debugfs.dir);
132#endif
133}
134
135static inline void rate_control_remove_sta_debugfs(struct sta_info *sta)
136{
137#ifdef CONFIG_MAC80211_DEBUGFS
138 struct rate_control_ref *ref = sta->rate_ctrl;
139 if (ref->ops->remove_sta_debugfs)
140 ref->ops->remove_sta_debugfs(ref->priv, sta->rate_ctrl_priv);
141#endif
142}
143
144#endif /* IEEE80211_RATE_H */
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c
new file mode 100644
index 000000000000..822917debeff
--- /dev/null
+++ b/net/mac80211/ieee80211_sta.c
@@ -0,0 +1,3060 @@
1/*
2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14/* TODO:
15 * BSS table: use <BSSID,SSID> as the key to support multi-SSID APs
16 * order BSS list by RSSI(?) ("quality of AP")
17 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
18 * SSID)
19 */
20#include <linux/if_ether.h>
21#include <linux/skbuff.h>
22#include <linux/netdevice.h>
23#include <linux/if_arp.h>
24#include <linux/wireless.h>
25#include <linux/random.h>
26#include <linux/etherdevice.h>
27#include <linux/rtnetlink.h>
28#include <net/iw_handler.h>
29#include <asm/types.h>
30#include <asm/delay.h>
31
32#include <net/mac80211.h>
33#include "ieee80211_i.h"
34#include "ieee80211_rate.h"
35#include "hostapd_ioctl.h"
36
37#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
38#define IEEE80211_AUTH_MAX_TRIES 3
39#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
40#define IEEE80211_ASSOC_MAX_TRIES 3
41#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42#define IEEE80211_PROBE_INTERVAL (60 * HZ)
43#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
44#define IEEE80211_SCAN_INTERVAL (2 * HZ)
45#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
46#define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
47
48#define IEEE80211_PROBE_DELAY (HZ / 33)
49#define IEEE80211_CHANNEL_TIME (HZ / 33)
50#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
51#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
52#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
53#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
54
55#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
56
57
58#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
59
60#define ERP_INFO_USE_PROTECTION BIT(1)
61
62static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
63 u8 *ssid, size_t ssid_len);
64static struct ieee80211_sta_bss *
65ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid);
66static void ieee80211_rx_bss_put(struct net_device *dev,
67 struct ieee80211_sta_bss *bss);
68static int ieee80211_sta_find_ibss(struct net_device *dev,
69 struct ieee80211_if_sta *ifsta);
70static int ieee80211_sta_wep_configured(struct net_device *dev);
71static int ieee80211_sta_start_scan(struct net_device *dev,
72 u8 *ssid, size_t ssid_len);
73static int ieee80211_sta_config_auth(struct net_device *dev,
74 struct ieee80211_if_sta *ifsta);
75
76
77/* Parsed Information Elements */
78struct ieee802_11_elems {
79 u8 *ssid;
80 u8 ssid_len;
81 u8 *supp_rates;
82 u8 supp_rates_len;
83 u8 *fh_params;
84 u8 fh_params_len;
85 u8 *ds_params;
86 u8 ds_params_len;
87 u8 *cf_params;
88 u8 cf_params_len;
89 u8 *tim;
90 u8 tim_len;
91 u8 *ibss_params;
92 u8 ibss_params_len;
93 u8 *challenge;
94 u8 challenge_len;
95 u8 *wpa;
96 u8 wpa_len;
97 u8 *rsn;
98 u8 rsn_len;
99 u8 *erp_info;
100 u8 erp_info_len;
101 u8 *ext_supp_rates;
102 u8 ext_supp_rates_len;
103 u8 *wmm_info;
104 u8 wmm_info_len;
105 u8 *wmm_param;
106 u8 wmm_param_len;
107};
108
109typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes;
110
111
112static ParseRes ieee802_11_parse_elems(u8 *start, size_t len,
113 struct ieee802_11_elems *elems)
114{
115 size_t left = len;
116 u8 *pos = start;
117 int unknown = 0;
118
119 memset(elems, 0, sizeof(*elems));
120
121 while (left >= 2) {
122 u8 id, elen;
123
124 id = *pos++;
125 elen = *pos++;
126 left -= 2;
127
128 if (elen > left) {
129#if 0
130 if (net_ratelimit())
131 printk(KERN_DEBUG "IEEE 802.11 element parse "
132 "failed (id=%d elen=%d left=%d)\n",
133 id, elen, left);
134#endif
135 return ParseFailed;
136 }
137
138 switch (id) {
139 case WLAN_EID_SSID:
140 elems->ssid = pos;
141 elems->ssid_len = elen;
142 break;
143 case WLAN_EID_SUPP_RATES:
144 elems->supp_rates = pos;
145 elems->supp_rates_len = elen;
146 break;
147 case WLAN_EID_FH_PARAMS:
148 elems->fh_params = pos;
149 elems->fh_params_len = elen;
150 break;
151 case WLAN_EID_DS_PARAMS:
152 elems->ds_params = pos;
153 elems->ds_params_len = elen;
154 break;
155 case WLAN_EID_CF_PARAMS:
156 elems->cf_params = pos;
157 elems->cf_params_len = elen;
158 break;
159 case WLAN_EID_TIM:
160 elems->tim = pos;
161 elems->tim_len = elen;
162 break;
163 case WLAN_EID_IBSS_PARAMS:
164 elems->ibss_params = pos;
165 elems->ibss_params_len = elen;
166 break;
167 case WLAN_EID_CHALLENGE:
168 elems->challenge = pos;
169 elems->challenge_len = elen;
170 break;
171 case WLAN_EID_WPA:
172 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
173 pos[2] == 0xf2) {
174 /* Microsoft OUI (00:50:F2) */
175 if (pos[3] == 1) {
176 /* OUI Type 1 - WPA IE */
177 elems->wpa = pos;
178 elems->wpa_len = elen;
179 } else if (elen >= 5 && pos[3] == 2) {
180 if (pos[4] == 0) {
181 elems->wmm_info = pos;
182 elems->wmm_info_len = elen;
183 } else if (pos[4] == 1) {
184 elems->wmm_param = pos;
185 elems->wmm_param_len = elen;
186 }
187 }
188 }
189 break;
190 case WLAN_EID_RSN:
191 elems->rsn = pos;
192 elems->rsn_len = elen;
193 break;
194 case WLAN_EID_ERP_INFO:
195 elems->erp_info = pos;
196 elems->erp_info_len = elen;
197 break;
198 case WLAN_EID_EXT_SUPP_RATES:
199 elems->ext_supp_rates = pos;
200 elems->ext_supp_rates_len = elen;
201 break;
202 default:
203#if 0
204 printk(KERN_DEBUG "IEEE 802.11 element parse ignored "
205 "unknown element (id=%d elen=%d)\n",
206 id, elen);
207#endif
208 unknown++;
209 break;
210 }
211
212 left -= elen;
213 pos += elen;
214 }
215
216 /* Do not trigger error if left == 1 as Apple Airport base stations
217 * send AssocResps that are one spurious byte too long. */
218
219 return unknown ? ParseUnknown : ParseOK;
220}
221
222
223
224
225static int ecw2cw(int ecw)
226{
227 int cw = 1;
228 while (ecw > 0) {
229 cw <<= 1;
230 ecw--;
231 }
232 return cw - 1;
233}
234
235
236static void ieee80211_sta_wmm_params(struct net_device *dev,
237 struct ieee80211_if_sta *ifsta,
238 u8 *wmm_param, size_t wmm_param_len)
239{
240 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
241 struct ieee80211_tx_queue_params params;
242 size_t left;
243 int count;
244 u8 *pos;
245
246 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
247 return;
248 count = wmm_param[6] & 0x0f;
249 if (count == ifsta->wmm_last_param_set)
250 return;
251 ifsta->wmm_last_param_set = count;
252
253 pos = wmm_param + 8;
254 left = wmm_param_len - 8;
255
256 memset(&params, 0, sizeof(params));
257
258 if (!local->ops->conf_tx)
259 return;
260
261 local->wmm_acm = 0;
262 for (; left >= 4; left -= 4, pos += 4) {
263 int aci = (pos[0] >> 5) & 0x03;
264 int acm = (pos[0] >> 4) & 0x01;
265 int queue;
266
267 switch (aci) {
268 case 1:
269 queue = IEEE80211_TX_QUEUE_DATA3;
270 if (acm) {
271 local->wmm_acm |= BIT(0) | BIT(3);
272 }
273 break;
274 case 2:
275 queue = IEEE80211_TX_QUEUE_DATA1;
276 if (acm) {
277 local->wmm_acm |= BIT(4) | BIT(5);
278 }
279 break;
280 case 3:
281 queue = IEEE80211_TX_QUEUE_DATA0;
282 if (acm) {
283 local->wmm_acm |= BIT(6) | BIT(7);
284 }
285 break;
286 case 0:
287 default:
288 queue = IEEE80211_TX_QUEUE_DATA2;
289 if (acm) {
290 local->wmm_acm |= BIT(1) | BIT(2);
291 }
292 break;
293 }
294
295 params.aifs = pos[0] & 0x0f;
296 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
297 params.cw_min = ecw2cw(pos[1] & 0x0f);
298 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */
299 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100;
300 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
301 "cWmin=%d cWmax=%d burst=%d\n",
302 dev->name, queue, aci, acm, params.aifs, params.cw_min,
303 params.cw_max, params.burst_time);
304 /* TODO: handle ACM (block TX, fallback to next lowest allowed
305 * AC for now) */
306 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
307 printk(KERN_DEBUG "%s: failed to set TX queue "
308 "parameters for queue %d\n", dev->name, queue);
309 }
310 }
311}
312
313
314static void ieee80211_sta_send_associnfo(struct net_device *dev,
315 struct ieee80211_if_sta *ifsta)
316{
317 char *buf;
318 size_t len;
319 int i;
320 union iwreq_data wrqu;
321
322 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
323 return;
324
325 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
326 ifsta->assocresp_ies_len), GFP_ATOMIC);
327 if (!buf)
328 return;
329
330 len = sprintf(buf, "ASSOCINFO(");
331 if (ifsta->assocreq_ies) {
332 len += sprintf(buf + len, "ReqIEs=");
333 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
334 len += sprintf(buf + len, "%02x",
335 ifsta->assocreq_ies[i]);
336 }
337 }
338 if (ifsta->assocresp_ies) {
339 if (ifsta->assocreq_ies)
340 len += sprintf(buf + len, " ");
341 len += sprintf(buf + len, "RespIEs=");
342 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
343 len += sprintf(buf + len, "%02x",
344 ifsta->assocresp_ies[i]);
345 }
346 }
347 len += sprintf(buf + len, ")");
348
349 if (len > IW_CUSTOM_MAX) {
350 len = sprintf(buf, "ASSOCRESPIE=");
351 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
352 len += sprintf(buf + len, "%02x",
353 ifsta->assocresp_ies[i]);
354 }
355 }
356
357 memset(&wrqu, 0, sizeof(wrqu));
358 wrqu.data.length = len;
359 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
360
361 kfree(buf);
362}
363
364
365static void ieee80211_set_associated(struct net_device *dev,
366 struct ieee80211_if_sta *ifsta, int assoc)
367{
368 union iwreq_data wrqu;
369
370 if (ifsta->associated == assoc)
371 return;
372
373 ifsta->associated = assoc;
374
375 if (assoc) {
376 struct ieee80211_sub_if_data *sdata;
377 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
378 if (sdata->type != IEEE80211_IF_TYPE_STA)
379 return;
380 netif_carrier_on(dev);
381 ifsta->prev_bssid_set = 1;
382 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
383 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
384 ieee80211_sta_send_associnfo(dev, ifsta);
385 } else {
386 netif_carrier_off(dev);
387 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
388 }
389 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
390 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
391 ifsta->last_probe = jiffies;
392}
393
394static void ieee80211_set_disassoc(struct net_device *dev,
395 struct ieee80211_if_sta *ifsta, int deauth)
396{
397 if (deauth)
398 ifsta->auth_tries = 0;
399 ifsta->assoc_tries = 0;
400 ieee80211_set_associated(dev, ifsta, 0);
401}
402
403static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
404 int encrypt)
405{
406 struct ieee80211_sub_if_data *sdata;
407 struct ieee80211_tx_packet_data *pkt_data;
408
409 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
410 skb->dev = sdata->local->mdev;
411 skb_set_mac_header(skb, 0);
412 skb_set_network_header(skb, 0);
413 skb_set_transport_header(skb, 0);
414
415 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
416 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
417 pkt_data->ifindex = sdata->dev->ifindex;
418 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
419 pkt_data->do_not_encrypt = !encrypt;
420
421 dev_queue_xmit(skb);
422}
423
424
425static void ieee80211_send_auth(struct net_device *dev,
426 struct ieee80211_if_sta *ifsta,
427 int transaction, u8 *extra, size_t extra_len,
428 int encrypt)
429{
430 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
431 struct sk_buff *skb;
432 struct ieee80211_mgmt *mgmt;
433
434 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
435 sizeof(*mgmt) + 6 + extra_len);
436 if (!skb) {
437 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
438 "frame\n", dev->name);
439 return;
440 }
441 skb_reserve(skb, local->hw.extra_tx_headroom);
442
443 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
444 memset(mgmt, 0, 24 + 6);
445 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
446 IEEE80211_STYPE_AUTH);
447 if (encrypt)
448 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
449 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
450 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
451 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
452 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
453 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
454 ifsta->auth_transaction = transaction + 1;
455 mgmt->u.auth.status_code = cpu_to_le16(0);
456 if (extra)
457 memcpy(skb_put(skb, extra_len), extra, extra_len);
458
459 ieee80211_sta_tx(dev, skb, encrypt);
460}
461
462
463static void ieee80211_authenticate(struct net_device *dev,
464 struct ieee80211_if_sta *ifsta)
465{
466 ifsta->auth_tries++;
467 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
468 printk(KERN_DEBUG "%s: authentication with AP " MAC_FMT
469 " timed out\n",
470 dev->name, MAC_ARG(ifsta->bssid));
471 ifsta->state = IEEE80211_DISABLED;
472 return;
473 }
474
475 ifsta->state = IEEE80211_AUTHENTICATE;
476 printk(KERN_DEBUG "%s: authenticate with AP " MAC_FMT "\n",
477 dev->name, MAC_ARG(ifsta->bssid));
478
479 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
480
481 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
482}
483
484
485static void ieee80211_send_assoc(struct net_device *dev,
486 struct ieee80211_if_sta *ifsta)
487{
488 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
489 struct ieee80211_hw_mode *mode;
490 struct sk_buff *skb;
491 struct ieee80211_mgmt *mgmt;
492 u8 *pos, *ies;
493 int i, len;
494 u16 capab;
495 struct ieee80211_sta_bss *bss;
496 int wmm = 0;
497
498 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
499 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
500 ifsta->ssid_len);
501 if (!skb) {
502 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
503 "frame\n", dev->name);
504 return;
505 }
506 skb_reserve(skb, local->hw.extra_tx_headroom);
507
508 mode = local->oper_hw_mode;
509 capab = ifsta->capab;
510 if (mode->mode == MODE_IEEE80211G) {
511 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME |
512 WLAN_CAPABILITY_SHORT_PREAMBLE;
513 }
514 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
515 if (bss) {
516 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
517 capab |= WLAN_CAPABILITY_PRIVACY;
518 if (bss->wmm_ie) {
519 wmm = 1;
520 }
521 ieee80211_rx_bss_put(dev, bss);
522 }
523
524 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
525 memset(mgmt, 0, 24);
526 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
527 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
528 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
529
530 if (ifsta->prev_bssid_set) {
531 skb_put(skb, 10);
532 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
533 IEEE80211_STYPE_REASSOC_REQ);
534 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
535 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
536 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
537 ETH_ALEN);
538 } else {
539 skb_put(skb, 4);
540 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
541 IEEE80211_STYPE_ASSOC_REQ);
542 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
543 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
544 }
545
546 /* SSID */
547 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
548 *pos++ = WLAN_EID_SSID;
549 *pos++ = ifsta->ssid_len;
550 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
551
552 len = mode->num_rates;
553 if (len > 8)
554 len = 8;
555 pos = skb_put(skb, len + 2);
556 *pos++ = WLAN_EID_SUPP_RATES;
557 *pos++ = len;
558 for (i = 0; i < len; i++) {
559 int rate = mode->rates[i].rate;
560 if (mode->mode == MODE_ATHEROS_TURBO)
561 rate /= 2;
562 *pos++ = (u8) (rate / 5);
563 }
564
565 if (mode->num_rates > len) {
566 pos = skb_put(skb, mode->num_rates - len + 2);
567 *pos++ = WLAN_EID_EXT_SUPP_RATES;
568 *pos++ = mode->num_rates - len;
569 for (i = len; i < mode->num_rates; i++) {
570 int rate = mode->rates[i].rate;
571 if (mode->mode == MODE_ATHEROS_TURBO)
572 rate /= 2;
573 *pos++ = (u8) (rate / 5);
574 }
575 }
576
577 if (ifsta->extra_ie) {
578 pos = skb_put(skb, ifsta->extra_ie_len);
579 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
580 }
581
582 if (wmm && ifsta->wmm_enabled) {
583 pos = skb_put(skb, 9);
584 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
585 *pos++ = 7; /* len */
586 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
587 *pos++ = 0x50;
588 *pos++ = 0xf2;
589 *pos++ = 2; /* WME */
590 *pos++ = 0; /* WME info */
591 *pos++ = 1; /* WME ver */
592 *pos++ = 0;
593 }
594
595 kfree(ifsta->assocreq_ies);
596 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
597 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_ATOMIC);
598 if (ifsta->assocreq_ies)
599 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
600
601 ieee80211_sta_tx(dev, skb, 0);
602}
603
604
605static void ieee80211_send_deauth(struct net_device *dev,
606 struct ieee80211_if_sta *ifsta, u16 reason)
607{
608 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
609 struct sk_buff *skb;
610 struct ieee80211_mgmt *mgmt;
611
612 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
613 if (!skb) {
614 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
615 "frame\n", dev->name);
616 return;
617 }
618 skb_reserve(skb, local->hw.extra_tx_headroom);
619
620 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
621 memset(mgmt, 0, 24);
622 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
623 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
624 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
625 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
626 IEEE80211_STYPE_DEAUTH);
627 skb_put(skb, 2);
628 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
629
630 ieee80211_sta_tx(dev, skb, 0);
631}
632
633
634static void ieee80211_send_disassoc(struct net_device *dev,
635 struct ieee80211_if_sta *ifsta, u16 reason)
636{
637 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
638 struct sk_buff *skb;
639 struct ieee80211_mgmt *mgmt;
640
641 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
642 if (!skb) {
643 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
644 "frame\n", dev->name);
645 return;
646 }
647 skb_reserve(skb, local->hw.extra_tx_headroom);
648
649 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
650 memset(mgmt, 0, 24);
651 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
652 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
653 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
654 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
655 IEEE80211_STYPE_DISASSOC);
656 skb_put(skb, 2);
657 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
658
659 ieee80211_sta_tx(dev, skb, 0);
660}
661
662
663static int ieee80211_privacy_mismatch(struct net_device *dev,
664 struct ieee80211_if_sta *ifsta)
665{
666 struct ieee80211_sta_bss *bss;
667 int res = 0;
668
669 if (!ifsta || ifsta->mixed_cell ||
670 ifsta->key_mgmt != IEEE80211_KEY_MGMT_NONE)
671 return 0;
672
673 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
674 if (!bss)
675 return 0;
676
677 if (ieee80211_sta_wep_configured(dev) !=
678 !!(bss->capability & WLAN_CAPABILITY_PRIVACY))
679 res = 1;
680
681 ieee80211_rx_bss_put(dev, bss);
682
683 return res;
684}
685
686
687static void ieee80211_associate(struct net_device *dev,
688 struct ieee80211_if_sta *ifsta)
689{
690 ifsta->assoc_tries++;
691 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
692 printk(KERN_DEBUG "%s: association with AP " MAC_FMT
693 " timed out\n",
694 dev->name, MAC_ARG(ifsta->bssid));
695 ifsta->state = IEEE80211_DISABLED;
696 return;
697 }
698
699 ifsta->state = IEEE80211_ASSOCIATE;
700 printk(KERN_DEBUG "%s: associate with AP " MAC_FMT "\n",
701 dev->name, MAC_ARG(ifsta->bssid));
702 if (ieee80211_privacy_mismatch(dev, ifsta)) {
703 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
704 "mixed-cell disabled - abort association\n", dev->name);
705 ifsta->state = IEEE80211_DISABLED;
706 return;
707 }
708
709 ieee80211_send_assoc(dev, ifsta);
710
711 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
712}
713
714
715static void ieee80211_associated(struct net_device *dev,
716 struct ieee80211_if_sta *ifsta)
717{
718 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
719 struct sta_info *sta;
720 int disassoc;
721
722 /* TODO: start monitoring current AP signal quality and number of
723 * missed beacons. Scan other channels every now and then and search
724 * for better APs. */
725 /* TODO: remove expired BSSes */
726
727 ifsta->state = IEEE80211_ASSOCIATED;
728
729 sta = sta_info_get(local, ifsta->bssid);
730 if (!sta) {
731 printk(KERN_DEBUG "%s: No STA entry for own AP " MAC_FMT "\n",
732 dev->name, MAC_ARG(ifsta->bssid));
733 disassoc = 1;
734 } else {
735 disassoc = 0;
736 if (time_after(jiffies,
737 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
738 if (ifsta->probereq_poll) {
739 printk(KERN_DEBUG "%s: No ProbeResp from "
740 "current AP " MAC_FMT " - assume out of "
741 "range\n",
742 dev->name, MAC_ARG(ifsta->bssid));
743 disassoc = 1;
744 sta_info_free(sta, 0);
745 ifsta->probereq_poll = 0;
746 } else {
747 ieee80211_send_probe_req(dev, ifsta->bssid,
748 local->scan_ssid,
749 local->scan_ssid_len);
750 ifsta->probereq_poll = 1;
751 }
752 } else {
753 ifsta->probereq_poll = 0;
754 if (time_after(jiffies, ifsta->last_probe +
755 IEEE80211_PROBE_INTERVAL)) {
756 ifsta->last_probe = jiffies;
757 ieee80211_send_probe_req(dev, ifsta->bssid,
758 ifsta->ssid,
759 ifsta->ssid_len);
760 }
761 }
762 sta_info_put(sta);
763 }
764 if (disassoc) {
765 union iwreq_data wrqu;
766 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
767 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
768 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
769 mod_timer(&ifsta->timer, jiffies +
770 IEEE80211_MONITORING_INTERVAL + 30 * HZ);
771 } else {
772 mod_timer(&ifsta->timer, jiffies +
773 IEEE80211_MONITORING_INTERVAL);
774 }
775}
776
777
778static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
779 u8 *ssid, size_t ssid_len)
780{
781 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
782 struct ieee80211_hw_mode *mode;
783 struct sk_buff *skb;
784 struct ieee80211_mgmt *mgmt;
785 u8 *pos, *supp_rates, *esupp_rates = NULL;
786 int i;
787
788 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
789 if (!skb) {
790 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
791 "request\n", dev->name);
792 return;
793 }
794 skb_reserve(skb, local->hw.extra_tx_headroom);
795
796 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
797 memset(mgmt, 0, 24);
798 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
799 IEEE80211_STYPE_PROBE_REQ);
800 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
801 if (dst) {
802 memcpy(mgmt->da, dst, ETH_ALEN);
803 memcpy(mgmt->bssid, dst, ETH_ALEN);
804 } else {
805 memset(mgmt->da, 0xff, ETH_ALEN);
806 memset(mgmt->bssid, 0xff, ETH_ALEN);
807 }
808 pos = skb_put(skb, 2 + ssid_len);
809 *pos++ = WLAN_EID_SSID;
810 *pos++ = ssid_len;
811 memcpy(pos, ssid, ssid_len);
812
813 supp_rates = skb_put(skb, 2);
814 supp_rates[0] = WLAN_EID_SUPP_RATES;
815 supp_rates[1] = 0;
816 mode = local->oper_hw_mode;
817 for (i = 0; i < mode->num_rates; i++) {
818 struct ieee80211_rate *rate = &mode->rates[i];
819 if (!(rate->flags & IEEE80211_RATE_SUPPORTED))
820 continue;
821 if (esupp_rates) {
822 pos = skb_put(skb, 1);
823 esupp_rates[1]++;
824 } else if (supp_rates[1] == 8) {
825 esupp_rates = skb_put(skb, 3);
826 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
827 esupp_rates[1] = 1;
828 pos = &esupp_rates[2];
829 } else {
830 pos = skb_put(skb, 1);
831 supp_rates[1]++;
832 }
833 if (mode->mode == MODE_ATHEROS_TURBO)
834 *pos = rate->rate / 10;
835 else
836 *pos = rate->rate / 5;
837 }
838
839 ieee80211_sta_tx(dev, skb, 0);
840}
841
842
843static int ieee80211_sta_wep_configured(struct net_device *dev)
844{
845 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
846 if (!sdata || !sdata->default_key ||
847 sdata->default_key->alg != ALG_WEP)
848 return 0;
849 return 1;
850}
851
852
853static void ieee80211_auth_completed(struct net_device *dev,
854 struct ieee80211_if_sta *ifsta)
855{
856 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
857 ifsta->authenticated = 1;
858 ieee80211_associate(dev, ifsta);
859}
860
861
862static void ieee80211_auth_challenge(struct net_device *dev,
863 struct ieee80211_if_sta *ifsta,
864 struct ieee80211_mgmt *mgmt,
865 size_t len)
866{
867 u8 *pos;
868 struct ieee802_11_elems elems;
869
870 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
871 pos = mgmt->u.auth.variable;
872 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
873 == ParseFailed) {
874 printk(KERN_DEBUG "%s: failed to parse Auth(challenge)\n",
875 dev->name);
876 return;
877 }
878 if (!elems.challenge) {
879 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
880 "frame\n", dev->name);
881 return;
882 }
883 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
884 elems.challenge_len + 2, 1);
885}
886
887
888static void ieee80211_rx_mgmt_auth(struct net_device *dev,
889 struct ieee80211_if_sta *ifsta,
890 struct ieee80211_mgmt *mgmt,
891 size_t len)
892{
893 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
894 u16 auth_alg, auth_transaction, status_code;
895
896 if (ifsta->state != IEEE80211_AUTHENTICATE &&
897 sdata->type != IEEE80211_IF_TYPE_IBSS) {
898 printk(KERN_DEBUG "%s: authentication frame received from "
899 MAC_FMT ", but not in authenticate state - ignored\n",
900 dev->name, MAC_ARG(mgmt->sa));
901 return;
902 }
903
904 if (len < 24 + 6) {
905 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
906 "received from " MAC_FMT " - ignored\n",
907 dev->name, len, MAC_ARG(mgmt->sa));
908 return;
909 }
910
911 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
912 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
913 printk(KERN_DEBUG "%s: authentication frame received from "
914 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
915 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
916 MAC_ARG(mgmt->bssid));
917 return;
918 }
919
920 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
921 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
922 printk(KERN_DEBUG "%s: authentication frame received from "
923 "unknown BSSID (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
924 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
925 MAC_ARG(mgmt->bssid));
926 return;
927 }
928
929 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
930 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
931 status_code = le16_to_cpu(mgmt->u.auth.status_code);
932
933 printk(KERN_DEBUG "%s: RX authentication from " MAC_FMT " (alg=%d "
934 "transaction=%d status=%d)\n",
935 dev->name, MAC_ARG(mgmt->sa), auth_alg,
936 auth_transaction, status_code);
937
938 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
939 /* IEEE 802.11 standard does not require authentication in IBSS
940 * networks and most implementations do not seem to use it.
941 * However, try to reply to authentication attempts if someone
942 * has actually implemented this.
943 * TODO: Could implement shared key authentication. */
944 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
945 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
946 "frame (alg=%d transaction=%d)\n",
947 dev->name, auth_alg, auth_transaction);
948 return;
949 }
950 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
951 }
952
953 if (auth_alg != ifsta->auth_alg ||
954 auth_transaction != ifsta->auth_transaction) {
955 printk(KERN_DEBUG "%s: unexpected authentication frame "
956 "(alg=%d transaction=%d)\n",
957 dev->name, auth_alg, auth_transaction);
958 return;
959 }
960
961 if (status_code != WLAN_STATUS_SUCCESS) {
962 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
963 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
964 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
965 u8 algs[3];
966 const int num_algs = ARRAY_SIZE(algs);
967 int i, pos;
968 algs[0] = algs[1] = algs[2] = 0xff;
969 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
970 algs[0] = WLAN_AUTH_OPEN;
971 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
972 algs[1] = WLAN_AUTH_SHARED_KEY;
973 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
974 algs[2] = WLAN_AUTH_LEAP;
975 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
976 pos = 0;
977 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
978 pos = 1;
979 else
980 pos = 2;
981 for (i = 0; i < num_algs; i++) {
982 pos++;
983 if (pos >= num_algs)
984 pos = 0;
985 if (algs[pos] == ifsta->auth_alg ||
986 algs[pos] == 0xff)
987 continue;
988 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
989 !ieee80211_sta_wep_configured(dev))
990 continue;
991 ifsta->auth_alg = algs[pos];
992 printk(KERN_DEBUG "%s: set auth_alg=%d for "
993 "next try\n",
994 dev->name, ifsta->auth_alg);
995 break;
996 }
997 }
998 return;
999 }
1000
1001 switch (ifsta->auth_alg) {
1002 case WLAN_AUTH_OPEN:
1003 case WLAN_AUTH_LEAP:
1004 ieee80211_auth_completed(dev, ifsta);
1005 break;
1006 case WLAN_AUTH_SHARED_KEY:
1007 if (ifsta->auth_transaction == 4)
1008 ieee80211_auth_completed(dev, ifsta);
1009 else
1010 ieee80211_auth_challenge(dev, ifsta, mgmt, len);
1011 break;
1012 }
1013}
1014
1015
1016static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
1017 struct ieee80211_if_sta *ifsta,
1018 struct ieee80211_mgmt *mgmt,
1019 size_t len)
1020{
1021 u16 reason_code;
1022
1023 if (len < 24 + 2) {
1024 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1025 "received from " MAC_FMT " - ignored\n",
1026 dev->name, len, MAC_ARG(mgmt->sa));
1027 return;
1028 }
1029
1030 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1031 printk(KERN_DEBUG "%s: deauthentication frame received from "
1032 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1033 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1034 MAC_ARG(mgmt->bssid));
1035 return;
1036 }
1037
1038 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1039
1040 printk(KERN_DEBUG "%s: RX deauthentication from " MAC_FMT
1041 " (reason=%d)\n",
1042 dev->name, MAC_ARG(mgmt->sa), reason_code);
1043
1044 if (ifsta->authenticated) {
1045 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1046 }
1047
1048 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1049 ifsta->state == IEEE80211_ASSOCIATE ||
1050 ifsta->state == IEEE80211_ASSOCIATED) {
1051 ifsta->state = IEEE80211_AUTHENTICATE;
1052 mod_timer(&ifsta->timer, jiffies +
1053 IEEE80211_RETRY_AUTH_INTERVAL);
1054 }
1055
1056 ieee80211_set_disassoc(dev, ifsta, 1);
1057 ifsta->authenticated = 0;
1058}
1059
1060
1061static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1062 struct ieee80211_if_sta *ifsta,
1063 struct ieee80211_mgmt *mgmt,
1064 size_t len)
1065{
1066 u16 reason_code;
1067
1068 if (len < 24 + 2) {
1069 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1070 "received from " MAC_FMT " - ignored\n",
1071 dev->name, len, MAC_ARG(mgmt->sa));
1072 return;
1073 }
1074
1075 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1076 printk(KERN_DEBUG "%s: disassociation frame received from "
1077 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1078 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1079 MAC_ARG(mgmt->bssid));
1080 return;
1081 }
1082
1083 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1084
1085 printk(KERN_DEBUG "%s: RX disassociation from " MAC_FMT
1086 " (reason=%d)\n",
1087 dev->name, MAC_ARG(mgmt->sa), reason_code);
1088
1089 if (ifsta->associated)
1090 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1091
1092 if (ifsta->state == IEEE80211_ASSOCIATED) {
1093 ifsta->state = IEEE80211_ASSOCIATE;
1094 mod_timer(&ifsta->timer, jiffies +
1095 IEEE80211_RETRY_AUTH_INTERVAL);
1096 }
1097
1098 ieee80211_set_disassoc(dev, ifsta, 0);
1099}
1100
1101
1102static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev,
1103 struct ieee80211_if_sta *ifsta,
1104 struct ieee80211_mgmt *mgmt,
1105 size_t len,
1106 int reassoc)
1107{
1108 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1109 struct ieee80211_hw_mode *mode;
1110 struct sta_info *sta;
1111 u32 rates;
1112 u16 capab_info, status_code, aid;
1113 struct ieee802_11_elems elems;
1114 u8 *pos;
1115 int i, j;
1116
1117 /* AssocResp and ReassocResp have identical structure, so process both
1118 * of them in this function. */
1119
1120 if (ifsta->state != IEEE80211_ASSOCIATE) {
1121 printk(KERN_DEBUG "%s: association frame received from "
1122 MAC_FMT ", but not in associate state - ignored\n",
1123 dev->name, MAC_ARG(mgmt->sa));
1124 return;
1125 }
1126
1127 if (len < 24 + 6) {
1128 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1129 "received from " MAC_FMT " - ignored\n",
1130 dev->name, len, MAC_ARG(mgmt->sa));
1131 return;
1132 }
1133
1134 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1135 printk(KERN_DEBUG "%s: association frame received from "
1136 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1137 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1138 MAC_ARG(mgmt->bssid));
1139 return;
1140 }
1141
1142 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1143 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1144 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1145 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1146 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1147 "set\n", dev->name, aid);
1148 aid &= ~(BIT(15) | BIT(14));
1149
1150 printk(KERN_DEBUG "%s: RX %sssocResp from " MAC_FMT " (capab=0x%x "
1151 "status=%d aid=%d)\n",
1152 dev->name, reassoc ? "Rea" : "A", MAC_ARG(mgmt->sa),
1153 capab_info, status_code, aid);
1154
1155 if (status_code != WLAN_STATUS_SUCCESS) {
1156 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1157 dev->name, status_code);
1158 return;
1159 }
1160
1161 pos = mgmt->u.assoc_resp.variable;
1162 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
1163 == ParseFailed) {
1164 printk(KERN_DEBUG "%s: failed to parse AssocResp\n",
1165 dev->name);
1166 return;
1167 }
1168
1169 if (!elems.supp_rates) {
1170 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1171 dev->name);
1172 return;
1173 }
1174
1175 printk(KERN_DEBUG "%s: associated\n", dev->name);
1176 ifsta->aid = aid;
1177 ifsta->ap_capab = capab_info;
1178
1179 kfree(ifsta->assocresp_ies);
1180 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1181 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_ATOMIC);
1182 if (ifsta->assocresp_ies)
1183 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1184
1185 ieee80211_set_associated(dev, ifsta, 1);
1186
1187 /* Add STA entry for the AP */
1188 sta = sta_info_get(local, ifsta->bssid);
1189 if (!sta) {
1190 struct ieee80211_sta_bss *bss;
1191 sta = sta_info_add(local, dev, ifsta->bssid, GFP_ATOMIC);
1192 if (!sta) {
1193 printk(KERN_DEBUG "%s: failed to add STA entry for the"
1194 " AP\n", dev->name);
1195 return;
1196 }
1197 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
1198 if (bss) {
1199 sta->last_rssi = bss->rssi;
1200 sta->last_signal = bss->signal;
1201 sta->last_noise = bss->noise;
1202 ieee80211_rx_bss_put(dev, bss);
1203 }
1204 }
1205
1206 sta->dev = dev;
1207 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
1208 sta->assoc_ap = 1;
1209
1210 rates = 0;
1211 mode = local->oper_hw_mode;
1212 for (i = 0; i < elems.supp_rates_len; i++) {
1213 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1214 if (mode->mode == MODE_ATHEROS_TURBO)
1215 rate *= 2;
1216 for (j = 0; j < mode->num_rates; j++)
1217 if (mode->rates[j].rate == rate)
1218 rates |= BIT(j);
1219 }
1220 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1221 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1222 if (mode->mode == MODE_ATHEROS_TURBO)
1223 rate *= 2;
1224 for (j = 0; j < mode->num_rates; j++)
1225 if (mode->rates[j].rate == rate)
1226 rates |= BIT(j);
1227 }
1228 sta->supp_rates = rates;
1229
1230 rate_control_rate_init(sta, local);
1231
1232 if (elems.wmm_param && ifsta->wmm_enabled) {
1233 sta->flags |= WLAN_STA_WME;
1234 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1235 elems.wmm_param_len);
1236 }
1237
1238
1239 sta_info_put(sta);
1240
1241 ieee80211_associated(dev, ifsta);
1242}
1243
1244
1245/* Caller must hold local->sta_bss_lock */
1246static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1247 struct ieee80211_sta_bss *bss)
1248{
1249 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1250 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)];
1251 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss;
1252}
1253
1254
1255/* Caller must hold local->sta_bss_lock */
1256static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
1257 struct ieee80211_sta_bss *bss)
1258{
1259 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1260 struct ieee80211_sta_bss *b, *prev = NULL;
1261 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
1262 while (b) {
1263 if (b == bss) {
1264 if (!prev)
1265 local->sta_bss_hash[STA_HASH(bss->bssid)] =
1266 bss->hnext;
1267 else
1268 prev->hnext = bss->hnext;
1269 break;
1270 }
1271 prev = b;
1272 b = b->hnext;
1273 }
1274}
1275
1276
1277static struct ieee80211_sta_bss *
1278ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid)
1279{
1280 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1281 struct ieee80211_sta_bss *bss;
1282
1283 bss = kmalloc(sizeof(*bss), GFP_ATOMIC);
1284 if (!bss)
1285 return NULL;
1286 memset(bss, 0, sizeof(*bss));
1287 atomic_inc(&bss->users);
1288 atomic_inc(&bss->users);
1289 memcpy(bss->bssid, bssid, ETH_ALEN);
1290
1291 spin_lock_bh(&local->sta_bss_lock);
1292 /* TODO: order by RSSI? */
1293 list_add_tail(&bss->list, &local->sta_bss_list);
1294 __ieee80211_rx_bss_hash_add(dev, bss);
1295 spin_unlock_bh(&local->sta_bss_lock);
1296 return bss;
1297}
1298
1299
1300static struct ieee80211_sta_bss *
1301ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid)
1302{
1303 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1304 struct ieee80211_sta_bss *bss;
1305
1306 spin_lock_bh(&local->sta_bss_lock);
1307 bss = local->sta_bss_hash[STA_HASH(bssid)];
1308 while (bss) {
1309 if (memcmp(bss->bssid, bssid, ETH_ALEN) == 0) {
1310 atomic_inc(&bss->users);
1311 break;
1312 }
1313 bss = bss->hnext;
1314 }
1315 spin_unlock_bh(&local->sta_bss_lock);
1316 return bss;
1317}
1318
1319
1320static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1321{
1322 kfree(bss->wpa_ie);
1323 kfree(bss->rsn_ie);
1324 kfree(bss->wmm_ie);
1325 kfree(bss);
1326}
1327
1328
1329static void ieee80211_rx_bss_put(struct net_device *dev,
1330 struct ieee80211_sta_bss *bss)
1331{
1332 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1333 if (!atomic_dec_and_test(&bss->users))
1334 return;
1335
1336 spin_lock_bh(&local->sta_bss_lock);
1337 __ieee80211_rx_bss_hash_del(dev, bss);
1338 list_del(&bss->list);
1339 spin_unlock_bh(&local->sta_bss_lock);
1340 ieee80211_rx_bss_free(bss);
1341}
1342
1343
1344void ieee80211_rx_bss_list_init(struct net_device *dev)
1345{
1346 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1347 spin_lock_init(&local->sta_bss_lock);
1348 INIT_LIST_HEAD(&local->sta_bss_list);
1349}
1350
1351
1352void ieee80211_rx_bss_list_deinit(struct net_device *dev)
1353{
1354 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1355 struct ieee80211_sta_bss *bss, *tmp;
1356
1357 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
1358 ieee80211_rx_bss_put(dev, bss);
1359}
1360
1361
1362static void ieee80211_rx_bss_info(struct net_device *dev,
1363 struct ieee80211_mgmt *mgmt,
1364 size_t len,
1365 struct ieee80211_rx_status *rx_status,
1366 int beacon)
1367{
1368 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1369 struct ieee802_11_elems elems;
1370 size_t baselen;
1371 int channel, invalid = 0, clen;
1372 struct ieee80211_sta_bss *bss;
1373 struct sta_info *sta;
1374 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1375 u64 timestamp;
1376
1377 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
1378 return; /* ignore ProbeResp to foreign address */
1379
1380#if 0
1381 printk(KERN_DEBUG "%s: RX %s from " MAC_FMT " to " MAC_FMT "\n",
1382 dev->name, beacon ? "Beacon" : "Probe Response",
1383 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da));
1384#endif
1385
1386 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1387 if (baselen > len)
1388 return;
1389
1390 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1391
1392 if (sdata->type == IEEE80211_IF_TYPE_IBSS && beacon &&
1393 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1394#ifdef CONFIG_MAC80211_IBSS_DEBUG
1395 static unsigned long last_tsf_debug = 0;
1396 u64 tsf;
1397 if (local->ops->get_tsf)
1398 tsf = local->ops->get_tsf(local_to_hw(local));
1399 else
1400 tsf = -1LLU;
1401 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1402 printk(KERN_DEBUG "RX beacon SA=" MAC_FMT " BSSID="
1403 MAC_FMT " TSF=0x%llx BCN=0x%llx diff=%lld "
1404 "@%lu\n",
1405 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->bssid),
1406 (unsigned long long)tsf,
1407 (unsigned long long)timestamp,
1408 (unsigned long long)(tsf - timestamp),
1409 jiffies);
1410 last_tsf_debug = jiffies;
1411 }
1412#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1413 }
1414
1415 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1416 &elems) == ParseFailed)
1417 invalid = 1;
1418
1419 if (sdata->type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
1420 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
1421 (sta = sta_info_get(local, mgmt->sa))) {
1422 struct ieee80211_hw_mode *mode;
1423 struct ieee80211_rate *rates;
1424 size_t num_rates;
1425 u32 supp_rates, prev_rates;
1426 int i, j;
1427
1428 mode = local->sta_scanning ?
1429 local->scan_hw_mode : local->oper_hw_mode;
1430 rates = mode->rates;
1431 num_rates = mode->num_rates;
1432
1433 supp_rates = 0;
1434 for (i = 0; i < elems.supp_rates_len +
1435 elems.ext_supp_rates_len; i++) {
1436 u8 rate = 0;
1437 int own_rate;
1438 if (i < elems.supp_rates_len)
1439 rate = elems.supp_rates[i];
1440 else if (elems.ext_supp_rates)
1441 rate = elems.ext_supp_rates
1442 [i - elems.supp_rates_len];
1443 own_rate = 5 * (rate & 0x7f);
1444 if (mode->mode == MODE_ATHEROS_TURBO)
1445 own_rate *= 2;
1446 for (j = 0; j < num_rates; j++)
1447 if (rates[j].rate == own_rate)
1448 supp_rates |= BIT(j);
1449 }
1450
1451 prev_rates = sta->supp_rates;
1452 sta->supp_rates &= supp_rates;
1453 if (sta->supp_rates == 0) {
1454 /* No matching rates - this should not really happen.
1455 * Make sure that at least one rate is marked
1456 * supported to avoid issues with TX rate ctrl. */
1457 sta->supp_rates = sdata->u.sta.supp_rates_bits;
1458 }
1459 if (sta->supp_rates != prev_rates) {
1460 printk(KERN_DEBUG "%s: updated supp_rates set for "
1461 MAC_FMT " based on beacon info (0x%x & 0x%x -> "
1462 "0x%x)\n",
1463 dev->name, MAC_ARG(sta->addr), prev_rates,
1464 supp_rates, sta->supp_rates);
1465 }
1466 sta_info_put(sta);
1467 }
1468
1469 if (!elems.ssid)
1470 return;
1471
1472 if (elems.ds_params && elems.ds_params_len == 1)
1473 channel = elems.ds_params[0];
1474 else
1475 channel = rx_status->channel;
1476
1477 bss = ieee80211_rx_bss_get(dev, mgmt->bssid);
1478 if (!bss) {
1479 bss = ieee80211_rx_bss_add(dev, mgmt->bssid);
1480 if (!bss)
1481 return;
1482 } else {
1483#if 0
1484 /* TODO: order by RSSI? */
1485 spin_lock_bh(&local->sta_bss_lock);
1486 list_move_tail(&bss->list, &local->sta_bss_list);
1487 spin_unlock_bh(&local->sta_bss_lock);
1488#endif
1489 }
1490
1491 if (bss->probe_resp && beacon) {
1492 /* Do not allow beacon to override data from Probe Response. */
1493 ieee80211_rx_bss_put(dev, bss);
1494 return;
1495 }
1496
1497 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
1498 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
1499 if (elems.ssid && elems.ssid_len <= IEEE80211_MAX_SSID_LEN) {
1500 memcpy(bss->ssid, elems.ssid, elems.ssid_len);
1501 bss->ssid_len = elems.ssid_len;
1502 }
1503
1504 bss->supp_rates_len = 0;
1505 if (elems.supp_rates) {
1506 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1507 if (clen > elems.supp_rates_len)
1508 clen = elems.supp_rates_len;
1509 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
1510 clen);
1511 bss->supp_rates_len += clen;
1512 }
1513 if (elems.ext_supp_rates) {
1514 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1515 if (clen > elems.ext_supp_rates_len)
1516 clen = elems.ext_supp_rates_len;
1517 memcpy(&bss->supp_rates[bss->supp_rates_len],
1518 elems.ext_supp_rates, clen);
1519 bss->supp_rates_len += clen;
1520 }
1521
1522 if (elems.wpa &&
1523 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
1524 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
1525 kfree(bss->wpa_ie);
1526 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
1527 if (bss->wpa_ie) {
1528 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
1529 bss->wpa_ie_len = elems.wpa_len + 2;
1530 } else
1531 bss->wpa_ie_len = 0;
1532 } else if (!elems.wpa && bss->wpa_ie) {
1533 kfree(bss->wpa_ie);
1534 bss->wpa_ie = NULL;
1535 bss->wpa_ie_len = 0;
1536 }
1537
1538 if (elems.rsn &&
1539 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
1540 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
1541 kfree(bss->rsn_ie);
1542 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
1543 if (bss->rsn_ie) {
1544 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
1545 bss->rsn_ie_len = elems.rsn_len + 2;
1546 } else
1547 bss->rsn_ie_len = 0;
1548 } else if (!elems.rsn && bss->rsn_ie) {
1549 kfree(bss->rsn_ie);
1550 bss->rsn_ie = NULL;
1551 bss->rsn_ie_len = 0;
1552 }
1553
1554 if (elems.wmm_param &&
1555 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
1556 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
1557 kfree(bss->wmm_ie);
1558 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
1559 if (bss->wmm_ie) {
1560 memcpy(bss->wmm_ie, elems.wmm_param - 2,
1561 elems.wmm_param_len + 2);
1562 bss->wmm_ie_len = elems.wmm_param_len + 2;
1563 } else
1564 bss->wmm_ie_len = 0;
1565 } else if (!elems.wmm_param && bss->wmm_ie) {
1566 kfree(bss->wmm_ie);
1567 bss->wmm_ie = NULL;
1568 bss->wmm_ie_len = 0;
1569 }
1570
1571
1572 bss->hw_mode = rx_status->phymode;
1573 bss->channel = channel;
1574 bss->freq = rx_status->freq;
1575 if (channel != rx_status->channel &&
1576 (bss->hw_mode == MODE_IEEE80211G ||
1577 bss->hw_mode == MODE_IEEE80211B) &&
1578 channel >= 1 && channel <= 14) {
1579 static const int freq_list[] = {
1580 2412, 2417, 2422, 2427, 2432, 2437, 2442,
1581 2447, 2452, 2457, 2462, 2467, 2472, 2484
1582 };
1583 /* IEEE 802.11g/b mode can receive packets from neighboring
1584 * channels, so map the channel into frequency. */
1585 bss->freq = freq_list[channel - 1];
1586 }
1587 bss->timestamp = timestamp;
1588 bss->last_update = jiffies;
1589 bss->rssi = rx_status->ssi;
1590 bss->signal = rx_status->signal;
1591 bss->noise = rx_status->noise;
1592 if (!beacon)
1593 bss->probe_resp++;
1594 ieee80211_rx_bss_put(dev, bss);
1595}
1596
1597
1598static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
1599 struct ieee80211_mgmt *mgmt,
1600 size_t len,
1601 struct ieee80211_rx_status *rx_status)
1602{
1603 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
1604}
1605
1606
1607static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
1608 struct ieee80211_mgmt *mgmt,
1609 size_t len,
1610 struct ieee80211_rx_status *rx_status)
1611{
1612 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1613 struct ieee80211_sub_if_data *sdata;
1614 struct ieee80211_if_sta *ifsta;
1615 int use_protection;
1616 size_t baselen;
1617 struct ieee802_11_elems elems;
1618
1619 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
1620
1621 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1622 if (sdata->type != IEEE80211_IF_TYPE_STA)
1623 return;
1624 ifsta = &sdata->u.sta;
1625
1626 if (!ifsta->associated ||
1627 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1628 return;
1629
1630 /* Process beacon from the current BSS */
1631 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1632 if (baselen > len)
1633 return;
1634
1635 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1636 &elems) == ParseFailed)
1637 return;
1638
1639 use_protection = 0;
1640 if (elems.erp_info && elems.erp_info_len >= 1) {
1641 use_protection =
1642 (elems.erp_info[0] & ERP_INFO_USE_PROTECTION) != 0;
1643 }
1644
1645 if (use_protection != !!ifsta->use_protection) {
1646 if (net_ratelimit()) {
1647 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
1648 MAC_FMT ")\n",
1649 dev->name,
1650 use_protection ? "enabled" : "disabled",
1651 MAC_ARG(ifsta->bssid));
1652 }
1653 ifsta->use_protection = use_protection ? 1 : 0;
1654 local->cts_protect_erp_frames = use_protection;
1655 }
1656
1657 if (elems.wmm_param && ifsta->wmm_enabled) {
1658 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1659 elems.wmm_param_len);
1660 }
1661}
1662
1663
1664static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
1665 struct ieee80211_if_sta *ifsta,
1666 struct ieee80211_mgmt *mgmt,
1667 size_t len,
1668 struct ieee80211_rx_status *rx_status)
1669{
1670 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1671 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1672 int tx_last_beacon;
1673 struct sk_buff *skb;
1674 struct ieee80211_mgmt *resp;
1675 u8 *pos, *end;
1676
1677 if (sdata->type != IEEE80211_IF_TYPE_IBSS ||
1678 ifsta->state != IEEE80211_IBSS_JOINED ||
1679 len < 24 + 2 || !ifsta->probe_resp)
1680 return;
1681
1682 if (local->ops->tx_last_beacon)
1683 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1684 else
1685 tx_last_beacon = 1;
1686
1687#ifdef CONFIG_MAC80211_IBSS_DEBUG
1688 printk(KERN_DEBUG "%s: RX ProbeReq SA=" MAC_FMT " DA=" MAC_FMT " BSSID="
1689 MAC_FMT " (tx_last_beacon=%d)\n",
1690 dev->name, MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da),
1691 MAC_ARG(mgmt->bssid), tx_last_beacon);
1692#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1693
1694 if (!tx_last_beacon)
1695 return;
1696
1697 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1698 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1699 return;
1700
1701 end = ((u8 *) mgmt) + len;
1702 pos = mgmt->u.probe_req.variable;
1703 if (pos[0] != WLAN_EID_SSID ||
1704 pos + 2 + pos[1] > end) {
1705 if (net_ratelimit()) {
1706 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1707 "from " MAC_FMT "\n",
1708 dev->name, MAC_ARG(mgmt->sa));
1709 }
1710 return;
1711 }
1712 if (pos[1] != 0 &&
1713 (pos[1] != ifsta->ssid_len ||
1714 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1715 /* Ignore ProbeReq for foreign SSID */
1716 return;
1717 }
1718
1719 /* Reply with ProbeResp */
1720 skb = skb_copy(ifsta->probe_resp, GFP_ATOMIC);
1721 if (!skb)
1722 return;
1723
1724 resp = (struct ieee80211_mgmt *) skb->data;
1725 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1726#ifdef CONFIG_MAC80211_IBSS_DEBUG
1727 printk(KERN_DEBUG "%s: Sending ProbeResp to " MAC_FMT "\n",
1728 dev->name, MAC_ARG(resp->da));
1729#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1730 ieee80211_sta_tx(dev, skb, 0);
1731}
1732
1733
1734void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
1735 struct ieee80211_rx_status *rx_status)
1736{
1737 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1738 struct ieee80211_sub_if_data *sdata;
1739 struct ieee80211_if_sta *ifsta;
1740 struct ieee80211_mgmt *mgmt;
1741 u16 fc;
1742
1743 if (skb->len < 24)
1744 goto fail;
1745
1746 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1747 ifsta = &sdata->u.sta;
1748
1749 mgmt = (struct ieee80211_mgmt *) skb->data;
1750 fc = le16_to_cpu(mgmt->frame_control);
1751
1752 switch (fc & IEEE80211_FCTL_STYPE) {
1753 case IEEE80211_STYPE_PROBE_REQ:
1754 case IEEE80211_STYPE_PROBE_RESP:
1755 case IEEE80211_STYPE_BEACON:
1756 memcpy(skb->cb, rx_status, sizeof(*rx_status));
1757 case IEEE80211_STYPE_AUTH:
1758 case IEEE80211_STYPE_ASSOC_RESP:
1759 case IEEE80211_STYPE_REASSOC_RESP:
1760 case IEEE80211_STYPE_DEAUTH:
1761 case IEEE80211_STYPE_DISASSOC:
1762 skb_queue_tail(&ifsta->skb_queue, skb);
1763 queue_work(local->hw.workqueue, &ifsta->work);
1764 return;
1765 default:
1766 printk(KERN_DEBUG "%s: received unknown management frame - "
1767 "stype=%d\n", dev->name,
1768 (fc & IEEE80211_FCTL_STYPE) >> 4);
1769 break;
1770 }
1771
1772 fail:
1773 kfree_skb(skb);
1774}
1775
1776
1777static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
1778 struct sk_buff *skb)
1779{
1780 struct ieee80211_rx_status *rx_status;
1781 struct ieee80211_sub_if_data *sdata;
1782 struct ieee80211_if_sta *ifsta;
1783 struct ieee80211_mgmt *mgmt;
1784 u16 fc;
1785
1786 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1787 ifsta = &sdata->u.sta;
1788
1789 rx_status = (struct ieee80211_rx_status *) skb->cb;
1790 mgmt = (struct ieee80211_mgmt *) skb->data;
1791 fc = le16_to_cpu(mgmt->frame_control);
1792
1793 switch (fc & IEEE80211_FCTL_STYPE) {
1794 case IEEE80211_STYPE_PROBE_REQ:
1795 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
1796 rx_status);
1797 break;
1798 case IEEE80211_STYPE_PROBE_RESP:
1799 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
1800 break;
1801 case IEEE80211_STYPE_BEACON:
1802 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
1803 break;
1804 case IEEE80211_STYPE_AUTH:
1805 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len);
1806 break;
1807 case IEEE80211_STYPE_ASSOC_RESP:
1808 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 0);
1809 break;
1810 case IEEE80211_STYPE_REASSOC_RESP:
1811 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 1);
1812 break;
1813 case IEEE80211_STYPE_DEAUTH:
1814 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len);
1815 break;
1816 case IEEE80211_STYPE_DISASSOC:
1817 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
1818 break;
1819 }
1820
1821 kfree_skb(skb);
1822}
1823
1824
1825void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
1826 struct ieee80211_rx_status *rx_status)
1827{
1828 struct ieee80211_mgmt *mgmt;
1829 u16 fc;
1830
1831 if (skb->len < 24) {
1832 dev_kfree_skb(skb);
1833 return;
1834 }
1835
1836 mgmt = (struct ieee80211_mgmt *) skb->data;
1837 fc = le16_to_cpu(mgmt->frame_control);
1838
1839 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1840 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
1841 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
1842 skb->len, rx_status);
1843 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
1844 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
1845 rx_status);
1846 }
1847 }
1848
1849 dev_kfree_skb(skb);
1850}
1851
1852
1853static int ieee80211_sta_active_ibss(struct net_device *dev)
1854{
1855 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1856 int active = 0;
1857 struct sta_info *sta;
1858
1859 spin_lock_bh(&local->sta_lock);
1860 list_for_each_entry(sta, &local->sta_list, list) {
1861 if (sta->dev == dev &&
1862 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1863 jiffies)) {
1864 active++;
1865 break;
1866 }
1867 }
1868 spin_unlock_bh(&local->sta_lock);
1869
1870 return active;
1871}
1872
1873
1874static void ieee80211_sta_expire(struct net_device *dev)
1875{
1876 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1877 struct sta_info *sta, *tmp;
1878
1879 spin_lock_bh(&local->sta_lock);
1880 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
1881 if (time_after(jiffies, sta->last_rx +
1882 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
1883 printk(KERN_DEBUG "%s: expiring inactive STA " MAC_FMT
1884 "\n", dev->name, MAC_ARG(sta->addr));
1885 sta_info_free(sta, 1);
1886 }
1887 spin_unlock_bh(&local->sta_lock);
1888}
1889
1890
1891static void ieee80211_sta_merge_ibss(struct net_device *dev,
1892 struct ieee80211_if_sta *ifsta)
1893{
1894 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1895
1896 ieee80211_sta_expire(dev);
1897 if (ieee80211_sta_active_ibss(dev))
1898 return;
1899
1900 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1901 "IBSS networks with same SSID (merge)\n", dev->name);
1902 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
1903}
1904
1905
1906void ieee80211_sta_timer(unsigned long data)
1907{
1908 struct ieee80211_sub_if_data *sdata =
1909 (struct ieee80211_sub_if_data *) data;
1910 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1911 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
1912
1913 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
1914 queue_work(local->hw.workqueue, &ifsta->work);
1915}
1916
1917
1918void ieee80211_sta_work(struct work_struct *work)
1919{
1920 struct ieee80211_sub_if_data *sdata =
1921 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
1922 struct net_device *dev = sdata->dev;
1923 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1924 struct ieee80211_if_sta *ifsta;
1925 struct sk_buff *skb;
1926
1927 if (!netif_running(dev))
1928 return;
1929
1930 if (local->sta_scanning)
1931 return;
1932
1933 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1934 sdata->type != IEEE80211_IF_TYPE_IBSS) {
1935 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
1936 "(type=%d)\n", dev->name, sdata->type);
1937 return;
1938 }
1939 ifsta = &sdata->u.sta;
1940
1941 while ((skb = skb_dequeue(&ifsta->skb_queue)))
1942 ieee80211_sta_rx_queued_mgmt(dev, skb);
1943
1944 if (ifsta->state != IEEE80211_AUTHENTICATE &&
1945 ifsta->state != IEEE80211_ASSOCIATE &&
1946 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
1947 ieee80211_sta_start_scan(dev, NULL, 0);
1948 return;
1949 }
1950
1951 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
1952 if (ieee80211_sta_config_auth(dev, ifsta))
1953 return;
1954 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
1955 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
1956 return;
1957
1958 switch (ifsta->state) {
1959 case IEEE80211_DISABLED:
1960 break;
1961 case IEEE80211_AUTHENTICATE:
1962 ieee80211_authenticate(dev, ifsta);
1963 break;
1964 case IEEE80211_ASSOCIATE:
1965 ieee80211_associate(dev, ifsta);
1966 break;
1967 case IEEE80211_ASSOCIATED:
1968 ieee80211_associated(dev, ifsta);
1969 break;
1970 case IEEE80211_IBSS_SEARCH:
1971 ieee80211_sta_find_ibss(dev, ifsta);
1972 break;
1973 case IEEE80211_IBSS_JOINED:
1974 ieee80211_sta_merge_ibss(dev, ifsta);
1975 break;
1976 default:
1977 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
1978 ifsta->state);
1979 break;
1980 }
1981
1982 if (ieee80211_privacy_mismatch(dev, ifsta)) {
1983 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
1984 "mixed-cell disabled - disassociate\n", dev->name);
1985
1986 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
1987 ieee80211_set_disassoc(dev, ifsta, 0);
1988 }
1989}
1990
1991
1992static void ieee80211_sta_reset_auth(struct net_device *dev,
1993 struct ieee80211_if_sta *ifsta)
1994{
1995 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1996
1997 if (local->ops->reset_tsf) {
1998 /* Reset own TSF to allow time synchronization work. */
1999 local->ops->reset_tsf(local_to_hw(local));
2000 }
2001
2002 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
2003
2004
2005 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
2006 ifsta->auth_alg = WLAN_AUTH_OPEN;
2007 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2008 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
2009 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
2010 ifsta->auth_alg = WLAN_AUTH_LEAP;
2011 else
2012 ifsta->auth_alg = WLAN_AUTH_OPEN;
2013 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
2014 ifsta->auth_alg);
2015 ifsta->auth_transaction = -1;
2016 ifsta->associated = ifsta->auth_tries = ifsta->assoc_tries = 0;
2017 netif_carrier_off(dev);
2018}
2019
2020
2021void ieee80211_sta_req_auth(struct net_device *dev,
2022 struct ieee80211_if_sta *ifsta)
2023{
2024 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2025 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2026
2027 if (sdata->type != IEEE80211_IF_TYPE_STA)
2028 return;
2029
2030 if ((ifsta->bssid_set || ifsta->auto_bssid_sel) &&
2031 (ifsta->ssid_set || ifsta->auto_ssid_sel)) {
2032 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2033 queue_work(local->hw.workqueue, &ifsta->work);
2034 }
2035}
2036
2037static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
2038 const char *ssid, int ssid_len)
2039{
2040 int tmp, hidden_ssid;
2041
2042 if (!memcmp(ifsta->ssid, ssid, ssid_len))
2043 return 1;
2044
2045 if (ifsta->auto_bssid_sel)
2046 return 0;
2047
2048 hidden_ssid = 1;
2049 tmp = ssid_len;
2050 while (tmp--) {
2051 if (ssid[tmp] != '\0') {
2052 hidden_ssid = 0;
2053 break;
2054 }
2055 }
2056
2057 if (hidden_ssid && ifsta->ssid_len == ssid_len)
2058 return 1;
2059
2060 if (ssid_len == 1 && ssid[0] == ' ')
2061 return 1;
2062
2063 return 0;
2064}
2065
2066static int ieee80211_sta_config_auth(struct net_device *dev,
2067 struct ieee80211_if_sta *ifsta)
2068{
2069 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2070 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2071 struct ieee80211_sta_bss *bss, *selected = NULL;
2072 int top_rssi = 0, freq;
2073
2074 rtnl_lock();
2075
2076 if (!ifsta->auto_channel_sel && !ifsta->auto_bssid_sel &&
2077 !ifsta->auto_ssid_sel) {
2078 ifsta->state = IEEE80211_AUTHENTICATE;
2079 rtnl_unlock();
2080 ieee80211_sta_reset_auth(dev, ifsta);
2081 return 0;
2082 }
2083
2084 spin_lock_bh(&local->sta_bss_lock);
2085 freq = local->oper_channel->freq;
2086 list_for_each_entry(bss, &local->sta_bss_list, list) {
2087 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2088 continue;
2089
2090 if (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
2091 !!sdata->default_key)
2092 continue;
2093
2094 if (!ifsta->auto_channel_sel && bss->freq != freq)
2095 continue;
2096
2097 if (!ifsta->auto_bssid_sel &&
2098 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
2099 continue;
2100
2101 if (!ifsta->auto_ssid_sel &&
2102 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
2103 continue;
2104
2105 if (!selected || top_rssi < bss->rssi) {
2106 selected = bss;
2107 top_rssi = bss->rssi;
2108 }
2109 }
2110 if (selected)
2111 atomic_inc(&selected->users);
2112 spin_unlock_bh(&local->sta_bss_lock);
2113
2114 if (selected) {
2115 ieee80211_set_channel(local, -1, selected->freq);
2116 if (!ifsta->ssid_set)
2117 ieee80211_sta_set_ssid(dev, selected->ssid,
2118 selected->ssid_len);
2119 ieee80211_sta_set_bssid(dev, selected->bssid);
2120 ieee80211_rx_bss_put(dev, selected);
2121 ifsta->state = IEEE80211_AUTHENTICATE;
2122 rtnl_unlock();
2123 ieee80211_sta_reset_auth(dev, ifsta);
2124 return 0;
2125 } else {
2126 if (ifsta->state != IEEE80211_AUTHENTICATE) {
2127 ieee80211_sta_start_scan(dev, NULL, 0);
2128 ifsta->state = IEEE80211_AUTHENTICATE;
2129 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2130 } else
2131 ifsta->state = IEEE80211_DISABLED;
2132 }
2133 rtnl_unlock();
2134 return -1;
2135}
2136
2137static int ieee80211_sta_join_ibss(struct net_device *dev,
2138 struct ieee80211_if_sta *ifsta,
2139 struct ieee80211_sta_bss *bss)
2140{
2141 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2142 int res, rates, i, j;
2143 struct sk_buff *skb;
2144 struct ieee80211_mgmt *mgmt;
2145 struct ieee80211_tx_control control;
2146 struct ieee80211_rate *rate;
2147 struct ieee80211_hw_mode *mode;
2148 struct rate_control_extra extra;
2149 u8 *pos;
2150 struct ieee80211_sub_if_data *sdata;
2151
2152 /* Remove possible STA entries from other IBSS networks. */
2153 sta_info_flush(local, NULL);
2154
2155 if (local->ops->reset_tsf) {
2156 /* Reset own TSF to allow time synchronization work. */
2157 local->ops->reset_tsf(local_to_hw(local));
2158 }
2159 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2160 res = ieee80211_if_config(dev);
2161 if (res)
2162 return res;
2163
2164 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2165
2166 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2167 sdata->drop_unencrypted = bss->capability &
2168 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2169
2170 res = ieee80211_set_channel(local, -1, bss->freq);
2171
2172 if (!(local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)) {
2173 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d "
2174 "(%d MHz)\n", dev->name, local->hw.conf.channel,
2175 local->hw.conf.freq);
2176 return -1;
2177 }
2178
2179 /* Set beacon template based on scan results */
2180 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2181 do {
2182 if (!skb)
2183 break;
2184
2185 skb_reserve(skb, local->hw.extra_tx_headroom);
2186
2187 mgmt = (struct ieee80211_mgmt *)
2188 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2189 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2190 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2191 IEEE80211_STYPE_BEACON);
2192 memset(mgmt->da, 0xff, ETH_ALEN);
2193 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2194 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2195 mgmt->u.beacon.beacon_int =
2196 cpu_to_le16(local->hw.conf.beacon_int);
2197 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2198
2199 pos = skb_put(skb, 2 + ifsta->ssid_len);
2200 *pos++ = WLAN_EID_SSID;
2201 *pos++ = ifsta->ssid_len;
2202 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2203
2204 rates = bss->supp_rates_len;
2205 if (rates > 8)
2206 rates = 8;
2207 pos = skb_put(skb, 2 + rates);
2208 *pos++ = WLAN_EID_SUPP_RATES;
2209 *pos++ = rates;
2210 memcpy(pos, bss->supp_rates, rates);
2211
2212 pos = skb_put(skb, 2 + 1);
2213 *pos++ = WLAN_EID_DS_PARAMS;
2214 *pos++ = 1;
2215 *pos++ = bss->channel;
2216
2217 pos = skb_put(skb, 2 + 2);
2218 *pos++ = WLAN_EID_IBSS_PARAMS;
2219 *pos++ = 2;
2220 /* FIX: set ATIM window based on scan results */
2221 *pos++ = 0;
2222 *pos++ = 0;
2223
2224 if (bss->supp_rates_len > 8) {
2225 rates = bss->supp_rates_len - 8;
2226 pos = skb_put(skb, 2 + rates);
2227 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2228 *pos++ = rates;
2229 memcpy(pos, &bss->supp_rates[8], rates);
2230 }
2231
2232 memset(&control, 0, sizeof(control));
2233 memset(&extra, 0, sizeof(extra));
2234 extra.mode = local->oper_hw_mode;
2235 rate = rate_control_get_rate(local, dev, skb, &extra);
2236 if (!rate) {
2237 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2238 "for IBSS beacon\n", dev->name);
2239 break;
2240 }
2241 control.tx_rate = (local->short_preamble &&
2242 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2243 rate->val2 : rate->val;
2244 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2245 control.power_level = local->hw.conf.power_level;
2246 control.flags |= IEEE80211_TXCTL_NO_ACK;
2247 control.retry_limit = 1;
2248
2249 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2250 if (ifsta->probe_resp) {
2251 mgmt = (struct ieee80211_mgmt *)
2252 ifsta->probe_resp->data;
2253 mgmt->frame_control =
2254 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2255 IEEE80211_STYPE_PROBE_RESP);
2256 } else {
2257 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2258 "template for IBSS\n", dev->name);
2259 }
2260
2261 if (local->ops->beacon_update &&
2262 local->ops->beacon_update(local_to_hw(local),
2263 skb, &control) == 0) {
2264 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2265 "template based on scan results\n", dev->name);
2266 skb = NULL;
2267 }
2268
2269 rates = 0;
2270 mode = local->oper_hw_mode;
2271 for (i = 0; i < bss->supp_rates_len; i++) {
2272 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2273 if (mode->mode == MODE_ATHEROS_TURBO)
2274 bitrate *= 2;
2275 for (j = 0; j < mode->num_rates; j++)
2276 if (mode->rates[j].rate == bitrate)
2277 rates |= BIT(j);
2278 }
2279 ifsta->supp_rates_bits = rates;
2280 } while (0);
2281
2282 if (skb) {
2283 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2284 "template\n", dev->name);
2285 dev_kfree_skb(skb);
2286 }
2287
2288 ifsta->state = IEEE80211_IBSS_JOINED;
2289 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2290
2291 ieee80211_rx_bss_put(dev, bss);
2292
2293 return res;
2294}
2295
2296
2297static int ieee80211_sta_create_ibss(struct net_device *dev,
2298 struct ieee80211_if_sta *ifsta)
2299{
2300 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2301 struct ieee80211_sta_bss *bss;
2302 struct ieee80211_sub_if_data *sdata;
2303 struct ieee80211_hw_mode *mode;
2304 u8 bssid[ETH_ALEN], *pos;
2305 int i;
2306
2307#if 0
2308 /* Easier testing, use fixed BSSID. */
2309 memset(bssid, 0xfe, ETH_ALEN);
2310#else
2311 /* Generate random, not broadcast, locally administered BSSID. Mix in
2312 * own MAC address to make sure that devices that do not have proper
2313 * random number generator get different BSSID. */
2314 get_random_bytes(bssid, ETH_ALEN);
2315 for (i = 0; i < ETH_ALEN; i++)
2316 bssid[i] ^= dev->dev_addr[i];
2317 bssid[0] &= ~0x01;
2318 bssid[0] |= 0x02;
2319#endif
2320
2321 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID " MAC_FMT "\n",
2322 dev->name, MAC_ARG(bssid));
2323
2324 bss = ieee80211_rx_bss_add(dev, bssid);
2325 if (!bss)
2326 return -ENOMEM;
2327
2328 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2329 mode = local->oper_hw_mode;
2330
2331 if (local->hw.conf.beacon_int == 0)
2332 local->hw.conf.beacon_int = 100;
2333 bss->beacon_int = local->hw.conf.beacon_int;
2334 bss->hw_mode = local->hw.conf.phymode;
2335 bss->channel = local->hw.conf.channel;
2336 bss->freq = local->hw.conf.freq;
2337 bss->last_update = jiffies;
2338 bss->capability = WLAN_CAPABILITY_IBSS;
2339 if (sdata->default_key) {
2340 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2341 } else
2342 sdata->drop_unencrypted = 0;
2343 bss->supp_rates_len = mode->num_rates;
2344 pos = bss->supp_rates;
2345 for (i = 0; i < mode->num_rates; i++) {
2346 int rate = mode->rates[i].rate;
2347 if (mode->mode == MODE_ATHEROS_TURBO)
2348 rate /= 2;
2349 *pos++ = (u8) (rate / 5);
2350 }
2351
2352 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2353}
2354
2355
2356static int ieee80211_sta_find_ibss(struct net_device *dev,
2357 struct ieee80211_if_sta *ifsta)
2358{
2359 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2360 struct ieee80211_sta_bss *bss;
2361 int found = 0;
2362 u8 bssid[ETH_ALEN];
2363 int active_ibss;
2364
2365 if (ifsta->ssid_len == 0)
2366 return -EINVAL;
2367
2368 active_ibss = ieee80211_sta_active_ibss(dev);
2369#ifdef CONFIG_MAC80211_IBSS_DEBUG
2370 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2371 dev->name, active_ibss);
2372#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2373 spin_lock_bh(&local->sta_bss_lock);
2374 list_for_each_entry(bss, &local->sta_bss_list, list) {
2375 if (ifsta->ssid_len != bss->ssid_len ||
2376 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2377 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2378 continue;
2379#ifdef CONFIG_MAC80211_IBSS_DEBUG
2380 printk(KERN_DEBUG " bssid=" MAC_FMT " found\n",
2381 MAC_ARG(bss->bssid));
2382#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2383 memcpy(bssid, bss->bssid, ETH_ALEN);
2384 found = 1;
2385 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2386 break;
2387 }
2388 spin_unlock_bh(&local->sta_bss_lock);
2389
2390#ifdef CONFIG_MAC80211_IBSS_DEBUG
2391 printk(KERN_DEBUG " sta_find_ibss: selected " MAC_FMT " current "
2392 MAC_FMT "\n", MAC_ARG(bssid), MAC_ARG(ifsta->bssid));
2393#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2394 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
2395 (bss = ieee80211_rx_bss_get(dev, bssid))) {
2396 printk(KERN_DEBUG "%s: Selected IBSS BSSID " MAC_FMT
2397 " based on configured SSID\n",
2398 dev->name, MAC_ARG(bssid));
2399 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2400 }
2401#ifdef CONFIG_MAC80211_IBSS_DEBUG
2402 printk(KERN_DEBUG " did not try to join ibss\n");
2403#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2404
2405 /* Selected IBSS not found in current scan results - try to scan */
2406 if (ifsta->state == IEEE80211_IBSS_JOINED &&
2407 !ieee80211_sta_active_ibss(dev)) {
2408 mod_timer(&ifsta->timer, jiffies +
2409 IEEE80211_IBSS_MERGE_INTERVAL);
2410 } else if (time_after(jiffies, local->last_scan_completed +
2411 IEEE80211_SCAN_INTERVAL)) {
2412 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2413 "join\n", dev->name);
2414 return ieee80211_sta_req_scan(dev, ifsta->ssid,
2415 ifsta->ssid_len);
2416 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
2417 int interval = IEEE80211_SCAN_INTERVAL;
2418
2419 if (time_after(jiffies, ifsta->ibss_join_req +
2420 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2421 if (ifsta->create_ibss &&
2422 local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)
2423 return ieee80211_sta_create_ibss(dev, ifsta);
2424 if (ifsta->create_ibss) {
2425 printk(KERN_DEBUG "%s: IBSS not allowed on the"
2426 " configured channel %d (%d MHz)\n",
2427 dev->name, local->hw.conf.channel,
2428 local->hw.conf.freq);
2429 }
2430
2431 /* No IBSS found - decrease scan interval and continue
2432 * scanning. */
2433 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2434 }
2435
2436 ifsta->state = IEEE80211_IBSS_SEARCH;
2437 mod_timer(&ifsta->timer, jiffies + interval);
2438 return 0;
2439 }
2440
2441 return 0;
2442}
2443
2444
2445int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
2446{
2447 struct ieee80211_sub_if_data *sdata;
2448 struct ieee80211_if_sta *ifsta;
2449 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2450
2451 if (len > IEEE80211_MAX_SSID_LEN)
2452 return -EINVAL;
2453
2454 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is
2455 * not defined. */
2456 if (local->ops->conf_tx) {
2457 struct ieee80211_tx_queue_params qparam;
2458 int i;
2459
2460 memset(&qparam, 0, sizeof(qparam));
2461 /* TODO: are these ok defaults for all hw_modes? */
2462 qparam.aifs = 2;
2463 qparam.cw_min =
2464 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15;
2465 qparam.cw_max = 1023;
2466 qparam.burst_time = 0;
2467 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
2468 {
2469 local->ops->conf_tx(local_to_hw(local),
2470 i + IEEE80211_TX_QUEUE_DATA0,
2471 &qparam);
2472 }
2473 /* IBSS uses different parameters for Beacon sending */
2474 qparam.cw_min++;
2475 qparam.cw_min *= 2;
2476 qparam.cw_min--;
2477 local->ops->conf_tx(local_to_hw(local),
2478 IEEE80211_TX_QUEUE_BEACON, &qparam);
2479 }
2480
2481 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2482 ifsta = &sdata->u.sta;
2483
2484 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
2485 ifsta->prev_bssid_set = 0;
2486 memcpy(ifsta->ssid, ssid, len);
2487 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
2488 ifsta->ssid_len = len;
2489
2490 ifsta->ssid_set = len ? 1 : 0;
2491 if (sdata->type == IEEE80211_IF_TYPE_IBSS && !ifsta->bssid_set) {
2492 ifsta->ibss_join_req = jiffies;
2493 ifsta->state = IEEE80211_IBSS_SEARCH;
2494 return ieee80211_sta_find_ibss(dev, ifsta);
2495 }
2496 return 0;
2497}
2498
2499
2500int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
2501{
2502 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2503 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2504 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
2505 *len = ifsta->ssid_len;
2506 return 0;
2507}
2508
2509
2510int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
2511{
2512 struct ieee80211_sub_if_data *sdata;
2513 struct ieee80211_if_sta *ifsta;
2514 int res;
2515
2516 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2517 ifsta = &sdata->u.sta;
2518
2519 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
2520 memcpy(ifsta->bssid, bssid, ETH_ALEN);
2521 res = ieee80211_if_config(dev);
2522 if (res) {
2523 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2524 "the low-level driver\n", dev->name);
2525 return res;
2526 }
2527 }
2528
2529 if (!is_valid_ether_addr(bssid))
2530 ifsta->bssid_set = 0;
2531 else
2532 ifsta->bssid_set = 1;
2533 return 0;
2534}
2535
2536
2537static void ieee80211_send_nullfunc(struct ieee80211_local *local,
2538 struct ieee80211_sub_if_data *sdata,
2539 int powersave)
2540{
2541 struct sk_buff *skb;
2542 struct ieee80211_hdr *nullfunc;
2543 u16 fc;
2544
2545 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
2546 if (!skb) {
2547 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
2548 "frame\n", sdata->dev->name);
2549 return;
2550 }
2551 skb_reserve(skb, local->hw.extra_tx_headroom);
2552
2553 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
2554 memset(nullfunc, 0, 24);
2555 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
2556 IEEE80211_FCTL_TODS;
2557 if (powersave)
2558 fc |= IEEE80211_FCTL_PM;
2559 nullfunc->frame_control = cpu_to_le16(fc);
2560 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
2561 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
2562 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
2563
2564 ieee80211_sta_tx(sdata->dev, skb, 0);
2565}
2566
2567
2568void ieee80211_scan_completed(struct ieee80211_hw *hw)
2569{
2570 struct ieee80211_local *local = hw_to_local(hw);
2571 struct net_device *dev = local->scan_dev;
2572 struct ieee80211_sub_if_data *sdata;
2573 union iwreq_data wrqu;
2574
2575 local->last_scan_completed = jiffies;
2576 wmb();
2577 local->sta_scanning = 0;
2578
2579 if (ieee80211_hw_config(local))
2580 printk(KERN_DEBUG "%s: failed to restore operational"
2581 "channel after scan\n", dev->name);
2582
2583 if (!(local->hw.flags & IEEE80211_HW_NO_PROBE_FILTERING) &&
2584 ieee80211_if_config(dev))
2585 printk(KERN_DEBUG "%s: failed to restore operational"
2586 "BSSID after scan\n", dev->name);
2587
2588 memset(&wrqu, 0, sizeof(wrqu));
2589 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2590
2591 read_lock(&local->sub_if_lock);
2592 list_for_each_entry(sdata, &local->sub_if_list, list) {
2593 if (sdata->type == IEEE80211_IF_TYPE_STA) {
2594 if (sdata->u.sta.associated)
2595 ieee80211_send_nullfunc(local, sdata, 0);
2596 ieee80211_sta_timer((unsigned long)sdata);
2597 }
2598 netif_wake_queue(sdata->dev);
2599 }
2600 read_unlock(&local->sub_if_lock);
2601
2602 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2603 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
2604 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2605 if (!ifsta->bssid_set ||
2606 (!ifsta->state == IEEE80211_IBSS_JOINED &&
2607 !ieee80211_sta_active_ibss(dev)))
2608 ieee80211_sta_find_ibss(dev, ifsta);
2609 }
2610}
2611EXPORT_SYMBOL(ieee80211_scan_completed);
2612
2613void ieee80211_sta_scan_work(struct work_struct *work)
2614{
2615 struct ieee80211_local *local =
2616 container_of(work, struct ieee80211_local, scan_work.work);
2617 struct net_device *dev = local->scan_dev;
2618 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2619 struct ieee80211_hw_mode *mode;
2620 struct ieee80211_channel *chan;
2621 int skip;
2622 unsigned long next_delay = 0;
2623
2624 if (!local->sta_scanning)
2625 return;
2626
2627 switch (local->scan_state) {
2628 case SCAN_SET_CHANNEL:
2629 mode = local->scan_hw_mode;
2630 if (local->scan_hw_mode->list.next == &local->modes_list &&
2631 local->scan_channel_idx >= mode->num_channels) {
2632 ieee80211_scan_completed(local_to_hw(local));
2633 return;
2634 }
2635 skip = !(local->enabled_modes & (1 << mode->mode));
2636 chan = &mode->channels[local->scan_channel_idx];
2637 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) ||
2638 (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2639 !(chan->flag & IEEE80211_CHAN_W_IBSS)) ||
2640 (local->hw_modes & local->enabled_modes &
2641 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B))
2642 skip = 1;
2643
2644 if (!skip) {
2645#if 0
2646 printk(KERN_DEBUG "%s: scan channel %d (%d MHz)\n",
2647 dev->name, chan->chan, chan->freq);
2648#endif
2649
2650 local->scan_channel = chan;
2651 if (ieee80211_hw_config(local)) {
2652 printk(KERN_DEBUG "%s: failed to set channel "
2653 "%d (%d MHz) for scan\n", dev->name,
2654 chan->chan, chan->freq);
2655 skip = 1;
2656 }
2657 }
2658
2659 local->scan_channel_idx++;
2660 if (local->scan_channel_idx >= local->scan_hw_mode->num_channels) {
2661 if (local->scan_hw_mode->list.next != &local->modes_list) {
2662 local->scan_hw_mode = list_entry(local->scan_hw_mode->list.next,
2663 struct ieee80211_hw_mode,
2664 list);
2665 local->scan_channel_idx = 0;
2666 }
2667 }
2668
2669 if (skip)
2670 break;
2671
2672 next_delay = IEEE80211_PROBE_DELAY +
2673 usecs_to_jiffies(local->hw.channel_change_time);
2674 local->scan_state = SCAN_SEND_PROBE;
2675 break;
2676 case SCAN_SEND_PROBE:
2677 if (local->scan_channel->flag & IEEE80211_CHAN_W_ACTIVE_SCAN) {
2678 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
2679 local->scan_ssid_len);
2680 next_delay = IEEE80211_CHANNEL_TIME;
2681 } else
2682 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
2683 local->scan_state = SCAN_SET_CHANNEL;
2684 break;
2685 }
2686
2687 if (local->sta_scanning)
2688 queue_delayed_work(local->hw.workqueue, &local->scan_work,
2689 next_delay);
2690}
2691
2692
2693static int ieee80211_sta_start_scan(struct net_device *dev,
2694 u8 *ssid, size_t ssid_len)
2695{
2696 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2697 struct ieee80211_sub_if_data *sdata;
2698
2699 if (ssid_len > IEEE80211_MAX_SSID_LEN)
2700 return -EINVAL;
2701
2702 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
2703 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
2704 * BSSID: MACAddress
2705 * SSID
2706 * ScanType: ACTIVE, PASSIVE
2707 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
2708 * a Probe frame during active scanning
2709 * ChannelList
2710 * MinChannelTime (>= ProbeDelay), in TU
2711 * MaxChannelTime: (>= MinChannelTime), in TU
2712 */
2713
2714 /* MLME-SCAN.confirm
2715 * BSSDescriptionSet
2716 * ResultCode: SUCCESS, INVALID_PARAMETERS
2717 */
2718
2719 if (local->sta_scanning) {
2720 if (local->scan_dev == dev)
2721 return 0;
2722 return -EBUSY;
2723 }
2724
2725 if (local->ops->hw_scan) {
2726 int rc = local->ops->hw_scan(local_to_hw(local),
2727 ssid, ssid_len);
2728 if (!rc) {
2729 local->sta_scanning = 1;
2730 local->scan_dev = dev;
2731 }
2732 return rc;
2733 }
2734
2735 local->sta_scanning = 1;
2736
2737 read_lock(&local->sub_if_lock);
2738 list_for_each_entry(sdata, &local->sub_if_list, list) {
2739 netif_stop_queue(sdata->dev);
2740 if (sdata->type == IEEE80211_IF_TYPE_STA &&
2741 sdata->u.sta.associated)
2742 ieee80211_send_nullfunc(local, sdata, 1);
2743 }
2744 read_unlock(&local->sub_if_lock);
2745
2746 if (ssid) {
2747 local->scan_ssid_len = ssid_len;
2748 memcpy(local->scan_ssid, ssid, ssid_len);
2749 } else
2750 local->scan_ssid_len = 0;
2751 local->scan_state = SCAN_SET_CHANNEL;
2752 local->scan_hw_mode = list_entry(local->modes_list.next,
2753 struct ieee80211_hw_mode,
2754 list);
2755 local->scan_channel_idx = 0;
2756 local->scan_dev = dev;
2757
2758 if (!(local->hw.flags & IEEE80211_HW_NO_PROBE_FILTERING) &&
2759 ieee80211_if_config(dev))
2760 printk(KERN_DEBUG "%s: failed to set BSSID for scan\n",
2761 dev->name);
2762
2763 /* TODO: start scan as soon as all nullfunc frames are ACKed */
2764 queue_delayed_work(local->hw.workqueue, &local->scan_work,
2765 IEEE80211_CHANNEL_TIME);
2766
2767 return 0;
2768}
2769
2770
2771int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
2772{
2773 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2774 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2775 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2776
2777 if (sdata->type != IEEE80211_IF_TYPE_STA)
2778 return ieee80211_sta_start_scan(dev, ssid, ssid_len);
2779
2780 if (local->sta_scanning) {
2781 if (local->scan_dev == dev)
2782 return 0;
2783 return -EBUSY;
2784 }
2785
2786 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
2787 queue_work(local->hw.workqueue, &ifsta->work);
2788 return 0;
2789}
2790
2791static char *
2792ieee80211_sta_scan_result(struct net_device *dev,
2793 struct ieee80211_sta_bss *bss,
2794 char *current_ev, char *end_buf)
2795{
2796 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2797 struct iw_event iwe;
2798
2799 if (time_after(jiffies,
2800 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
2801 return current_ev;
2802
2803 if (!(local->enabled_modes & (1 << bss->hw_mode)))
2804 return current_ev;
2805
2806 if (local->scan_flags & IEEE80211_SCAN_WPA_ONLY &&
2807 !bss->wpa_ie && !bss->rsn_ie)
2808 return current_ev;
2809
2810 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID &&
2811 (local->scan_ssid_len != bss->ssid_len ||
2812 memcmp(local->scan_ssid, bss->ssid, bss->ssid_len) != 0))
2813 return current_ev;
2814
2815 memset(&iwe, 0, sizeof(iwe));
2816 iwe.cmd = SIOCGIWAP;
2817 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2818 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2819 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2820 IW_EV_ADDR_LEN);
2821
2822 memset(&iwe, 0, sizeof(iwe));
2823 iwe.cmd = SIOCGIWESSID;
2824 iwe.u.data.length = bss->ssid_len;
2825 iwe.u.data.flags = 1;
2826 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2827 bss->ssid);
2828
2829 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
2830 memset(&iwe, 0, sizeof(iwe));
2831 iwe.cmd = SIOCGIWMODE;
2832 if (bss->capability & WLAN_CAPABILITY_ESS)
2833 iwe.u.mode = IW_MODE_MASTER;
2834 else
2835 iwe.u.mode = IW_MODE_ADHOC;
2836 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2837 IW_EV_UINT_LEN);
2838 }
2839
2840 memset(&iwe, 0, sizeof(iwe));
2841 iwe.cmd = SIOCGIWFREQ;
2842 iwe.u.freq.m = bss->channel;
2843 iwe.u.freq.e = 0;
2844 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2845 IW_EV_FREQ_LEN);
2846 iwe.u.freq.m = bss->freq * 100000;
2847 iwe.u.freq.e = 1;
2848 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2849 IW_EV_FREQ_LEN);
2850
2851 memset(&iwe, 0, sizeof(iwe));
2852 iwe.cmd = IWEVQUAL;
2853 iwe.u.qual.qual = bss->signal;
2854 iwe.u.qual.level = bss->rssi;
2855 iwe.u.qual.noise = bss->noise;
2856 iwe.u.qual.updated = local->wstats_flags;
2857 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2858 IW_EV_QUAL_LEN);
2859
2860 memset(&iwe, 0, sizeof(iwe));
2861 iwe.cmd = SIOCGIWENCODE;
2862 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
2863 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2864 else
2865 iwe.u.data.flags = IW_ENCODE_DISABLED;
2866 iwe.u.data.length = 0;
2867 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
2868
2869 if (bss && bss->wpa_ie) {
2870 memset(&iwe, 0, sizeof(iwe));
2871 iwe.cmd = IWEVGENIE;
2872 iwe.u.data.length = bss->wpa_ie_len;
2873 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2874 bss->wpa_ie);
2875 }
2876
2877 if (bss && bss->rsn_ie) {
2878 memset(&iwe, 0, sizeof(iwe));
2879 iwe.cmd = IWEVGENIE;
2880 iwe.u.data.length = bss->rsn_ie_len;
2881 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2882 bss->rsn_ie);
2883 }
2884
2885 if (bss && bss->supp_rates_len > 0) {
2886 /* display all supported rates in readable format */
2887 char *p = current_ev + IW_EV_LCP_LEN;
2888 int i;
2889
2890 memset(&iwe, 0, sizeof(iwe));
2891 iwe.cmd = SIOCGIWRATE;
2892 /* Those two flags are ignored... */
2893 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
2894
2895 for (i = 0; i < bss->supp_rates_len; i++) {
2896 iwe.u.bitrate.value = ((bss->supp_rates[i] &
2897 0x7f) * 500000);
2898 p = iwe_stream_add_value(current_ev, p,
2899 end_buf, &iwe, IW_EV_PARAM_LEN);
2900 }
2901 current_ev = p;
2902 }
2903
2904 if (bss) {
2905 char *buf;
2906 buf = kmalloc(30, GFP_ATOMIC);
2907 if (buf) {
2908 memset(&iwe, 0, sizeof(iwe));
2909 iwe.cmd = IWEVCUSTOM;
2910 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
2911 iwe.u.data.length = strlen(buf);
2912 current_ev = iwe_stream_add_point(current_ev, end_buf,
2913 &iwe, buf);
2914 kfree(buf);
2915 }
2916 }
2917
2918 do {
2919 char *buf;
2920
2921 if (!(local->scan_flags & IEEE80211_SCAN_EXTRA_INFO))
2922 break;
2923
2924 buf = kmalloc(100, GFP_ATOMIC);
2925 if (!buf)
2926 break;
2927
2928 memset(&iwe, 0, sizeof(iwe));
2929 iwe.cmd = IWEVCUSTOM;
2930 sprintf(buf, "bcn_int=%d", bss->beacon_int);
2931 iwe.u.data.length = strlen(buf);
2932 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2933 buf);
2934
2935 memset(&iwe, 0, sizeof(iwe));
2936 iwe.cmd = IWEVCUSTOM;
2937 sprintf(buf, "capab=0x%04x", bss->capability);
2938 iwe.u.data.length = strlen(buf);
2939 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2940 buf);
2941
2942 kfree(buf);
2943 break;
2944 } while (0);
2945
2946 return current_ev;
2947}
2948
2949
2950int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
2951{
2952 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2953 char *current_ev = buf;
2954 char *end_buf = buf + len;
2955 struct ieee80211_sta_bss *bss;
2956
2957 spin_lock_bh(&local->sta_bss_lock);
2958 list_for_each_entry(bss, &local->sta_bss_list, list) {
2959 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
2960 spin_unlock_bh(&local->sta_bss_lock);
2961 return -E2BIG;
2962 }
2963 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
2964 end_buf);
2965 }
2966 spin_unlock_bh(&local->sta_bss_lock);
2967 return current_ev - buf;
2968}
2969
2970
2971int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
2972{
2973 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2974 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2975 kfree(ifsta->extra_ie);
2976 if (len == 0) {
2977 ifsta->extra_ie = NULL;
2978 ifsta->extra_ie_len = 0;
2979 return 0;
2980 }
2981 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
2982 if (!ifsta->extra_ie) {
2983 ifsta->extra_ie_len = 0;
2984 return -ENOMEM;
2985 }
2986 memcpy(ifsta->extra_ie, ie, len);
2987 ifsta->extra_ie_len = len;
2988 return 0;
2989}
2990
2991
2992struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
2993 struct sk_buff *skb, u8 *bssid,
2994 u8 *addr)
2995{
2996 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2997 struct sta_info *sta;
2998 struct ieee80211_sub_if_data *sdata = NULL;
2999
3000 /* TODO: Could consider removing the least recently used entry and
3001 * allow new one to be added. */
3002 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
3003 if (net_ratelimit()) {
3004 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
3005 "entry " MAC_FMT "\n", dev->name, MAC_ARG(addr));
3006 }
3007 return NULL;
3008 }
3009
3010 printk(KERN_DEBUG "%s: Adding new IBSS station " MAC_FMT " (dev=%s)\n",
3011 local->mdev->name, MAC_ARG(addr), dev->name);
3012
3013 sta = sta_info_add(local, dev, addr, GFP_ATOMIC);
3014 if (!sta)
3015 return NULL;
3016
3017 sta->supp_rates = sdata->u.sta.supp_rates_bits;
3018
3019 rate_control_rate_init(sta, local);
3020
3021 return sta; /* caller will call sta_info_put() */
3022}
3023
3024
3025int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
3026{
3027 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3028 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3029
3030 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
3031 dev->name, reason);
3032
3033 if (sdata->type != IEEE80211_IF_TYPE_STA &&
3034 sdata->type != IEEE80211_IF_TYPE_IBSS)
3035 return -EINVAL;
3036
3037 ieee80211_send_deauth(dev, ifsta, reason);
3038 ieee80211_set_disassoc(dev, ifsta, 1);
3039 return 0;
3040}
3041
3042
3043int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
3044{
3045 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3046 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3047
3048 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
3049 dev->name, reason);
3050
3051 if (sdata->type != IEEE80211_IF_TYPE_STA)
3052 return -EINVAL;
3053
3054 if (!ifsta->associated)
3055 return -1;
3056
3057 ieee80211_send_disassoc(dev, ifsta, reason);
3058 ieee80211_set_disassoc(dev, ifsta, 0);
3059 return 0;
3060}
diff --git a/net/mac80211/michael.c b/net/mac80211/michael.c
new file mode 100644
index 000000000000..0f844f7895f1
--- /dev/null
+++ b/net/mac80211/michael.c
@@ -0,0 +1,104 @@
1/*
2 * Michael MIC implementation - optimized for TKIP MIC operations
3 * Copyright 2002-2003, Instant802 Networks, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/types.h>
11
12#include "michael.h"
13
14static inline u32 rotr(u32 val, int bits)
15{
16 return (val >> bits) | (val << (32 - bits));
17}
18
19
20static inline u32 rotl(u32 val, int bits)
21{
22 return (val << bits) | (val >> (32 - bits));
23}
24
25
26static inline u32 xswap(u32 val)
27{
28 return ((val & 0xff00ff00) >> 8) | ((val & 0x00ff00ff) << 8);
29}
30
31
32#define michael_block(l, r) \
33do { \
34 r ^= rotl(l, 17); \
35 l += r; \
36 r ^= xswap(l); \
37 l += r; \
38 r ^= rotl(l, 3); \
39 l += r; \
40 r ^= rotr(l, 2); \
41 l += r; \
42} while (0)
43
44
45static inline u32 michael_get32(u8 *data)
46{
47 return data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24);
48}
49
50
51static inline void michael_put32(u32 val, u8 *data)
52{
53 data[0] = val & 0xff;
54 data[1] = (val >> 8) & 0xff;
55 data[2] = (val >> 16) & 0xff;
56 data[3] = (val >> 24) & 0xff;
57}
58
59
60void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority,
61 u8 *data, size_t data_len, u8 *mic)
62{
63 u32 l, r, val;
64 size_t block, blocks, left;
65
66 l = michael_get32(key);
67 r = michael_get32(key + 4);
68
69 /* A pseudo header (DA, SA, Priority, 0, 0, 0) is used in Michael MIC
70 * calculation, but it is _not_ transmitted */
71 l ^= michael_get32(da);
72 michael_block(l, r);
73 l ^= da[4] | (da[5] << 8) | (sa[0] << 16) | (sa[1] << 24);
74 michael_block(l, r);
75 l ^= michael_get32(&sa[2]);
76 michael_block(l, r);
77 l ^= priority;
78 michael_block(l, r);
79
80 /* Real data */
81 blocks = data_len / 4;
82 left = data_len % 4;
83
84 for (block = 0; block < blocks; block++) {
85 l ^= michael_get32(&data[block * 4]);
86 michael_block(l, r);
87 }
88
89 /* Partial block of 0..3 bytes and padding: 0x5a + 4..7 zeros to make
90 * total length a multiple of 4. */
91 val = 0x5a;
92 while (left > 0) {
93 val <<= 8;
94 left--;
95 val |= data[blocks * 4 + left];
96 }
97 l ^= val;
98 michael_block(l, r);
99 /* last block is zero, so l ^ 0 = l */
100 michael_block(l, r);
101
102 michael_put32(l, mic);
103 michael_put32(r, mic + 4);
104}
diff --git a/net/mac80211/michael.h b/net/mac80211/michael.h
new file mode 100644
index 000000000000..2e6aebabeea1
--- /dev/null
+++ b/net/mac80211/michael.h
@@ -0,0 +1,20 @@
1/*
2 * Michael MIC implementation - optimized for TKIP MIC operations
3 * Copyright 2002-2003, Instant802 Networks, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef MICHAEL_H
11#define MICHAEL_H
12
13#include <linux/types.h>
14
15#define MICHAEL_MIC_LEN 8
16
17void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority,
18 u8 *data, size_t data_len, u8 *mic);
19
20#endif /* MICHAEL_H */
diff --git a/net/mac80211/rc80211_simple.c b/net/mac80211/rc80211_simple.c
new file mode 100644
index 000000000000..2048cfd1ca70
--- /dev/null
+++ b/net/mac80211/rc80211_simple.c
@@ -0,0 +1,432 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/init.h>
12#include <linux/netdevice.h>
13#include <linux/types.h>
14#include <linux/slab.h>
15#include <linux/skbuff.h>
16#include <linux/compiler.h>
17
18#include <net/mac80211.h>
19#include "ieee80211_i.h"
20#include "ieee80211_rate.h"
21#include "debugfs.h"
22
23
24/* This is a minimal implementation of TX rate controlling that can be used
25 * as the default when no improved mechanisms are available. */
26
27
28#define RATE_CONTROL_EMERG_DEC 2
29#define RATE_CONTROL_INTERVAL (HZ / 20)
30#define RATE_CONTROL_MIN_TX 10
31
32MODULE_ALIAS("rc80211_default");
33
34static void rate_control_rate_inc(struct ieee80211_local *local,
35 struct sta_info *sta)
36{
37 struct ieee80211_sub_if_data *sdata;
38 struct ieee80211_hw_mode *mode;
39 int i = sta->txrate;
40 int maxrate;
41
42 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
43 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
44 /* forced unicast rate - do not change STA rate */
45 return;
46 }
47
48 mode = local->oper_hw_mode;
49 maxrate = sdata->bss ? sdata->bss->max_ratectrl_rateidx : -1;
50
51 if (i > mode->num_rates)
52 i = mode->num_rates - 2;
53
54 while (i + 1 < mode->num_rates) {
55 i++;
56 if (sta->supp_rates & BIT(i) &&
57 mode->rates[i].flags & IEEE80211_RATE_SUPPORTED &&
58 (maxrate < 0 || i <= maxrate)) {
59 sta->txrate = i;
60 break;
61 }
62 }
63}
64
65
66static void rate_control_rate_dec(struct ieee80211_local *local,
67 struct sta_info *sta)
68{
69 struct ieee80211_sub_if_data *sdata;
70 struct ieee80211_hw_mode *mode;
71 int i = sta->txrate;
72
73 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
74 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
75 /* forced unicast rate - do not change STA rate */
76 return;
77 }
78
79 mode = local->oper_hw_mode;
80 if (i > mode->num_rates)
81 i = mode->num_rates;
82
83 while (i > 0) {
84 i--;
85 if (sta->supp_rates & BIT(i) &&
86 mode->rates[i].flags & IEEE80211_RATE_SUPPORTED) {
87 sta->txrate = i;
88 break;
89 }
90 }
91}
92
93
94static struct ieee80211_rate *
95rate_control_lowest_rate(struct ieee80211_local *local,
96 struct ieee80211_hw_mode *mode)
97{
98 int i;
99
100 for (i = 0; i < mode->num_rates; i++) {
101 struct ieee80211_rate *rate = &mode->rates[i];
102
103 if (rate->flags & IEEE80211_RATE_SUPPORTED)
104 return rate;
105 }
106
107 printk(KERN_DEBUG "rate_control_lowest_rate - no supported rates "
108 "found\n");
109 return &mode->rates[0];
110}
111
112
113struct global_rate_control {
114 int dummy;
115};
116
117struct sta_rate_control {
118 unsigned long last_rate_change;
119 u32 tx_num_failures;
120 u32 tx_num_xmit;
121
122 unsigned long avg_rate_update;
123 u32 tx_avg_rate_sum;
124 u32 tx_avg_rate_num;
125
126#ifdef CONFIG_MAC80211_DEBUGFS
127 struct dentry *tx_avg_rate_sum_dentry;
128 struct dentry *tx_avg_rate_num_dentry;
129#endif
130};
131
132
133static void rate_control_simple_tx_status(void *priv, struct net_device *dev,
134 struct sk_buff *skb,
135 struct ieee80211_tx_status *status)
136{
137 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
138 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
139 struct sta_info *sta;
140 struct sta_rate_control *srctrl;
141
142 sta = sta_info_get(local, hdr->addr1);
143
144 if (!sta)
145 return;
146
147 srctrl = sta->rate_ctrl_priv;
148 srctrl->tx_num_xmit++;
149 if (status->excessive_retries) {
150 sta->antenna_sel_tx = sta->antenna_sel_tx == 1 ? 2 : 1;
151 sta->antenna_sel_rx = sta->antenna_sel_rx == 1 ? 2 : 1;
152 if (local->sta_antenna_sel == STA_ANTENNA_SEL_SW_CTRL_DEBUG) {
153 printk(KERN_DEBUG "%s: " MAC_FMT " TX antenna --> %d "
154 "RX antenna --> %d (@%lu)\n",
155 dev->name, MAC_ARG(hdr->addr1),
156 sta->antenna_sel_tx, sta->antenna_sel_rx, jiffies);
157 }
158 srctrl->tx_num_failures++;
159 sta->tx_retry_failed++;
160 sta->tx_num_consecutive_failures++;
161 sta->tx_num_mpdu_fail++;
162 } else {
163 sta->last_ack_rssi[0] = sta->last_ack_rssi[1];
164 sta->last_ack_rssi[1] = sta->last_ack_rssi[2];
165 sta->last_ack_rssi[2] = status->ack_signal;
166 sta->tx_num_consecutive_failures = 0;
167 sta->tx_num_mpdu_ok++;
168 }
169 sta->tx_retry_count += status->retry_count;
170 sta->tx_num_mpdu_fail += status->retry_count;
171
172 if (time_after(jiffies,
173 srctrl->last_rate_change + RATE_CONTROL_INTERVAL) &&
174 srctrl->tx_num_xmit > RATE_CONTROL_MIN_TX) {
175 u32 per_failed;
176 srctrl->last_rate_change = jiffies;
177
178 per_failed = (100 * sta->tx_num_mpdu_fail) /
179 (sta->tx_num_mpdu_fail + sta->tx_num_mpdu_ok);
180 /* TODO: calculate average per_failed to make adjusting
181 * parameters easier */
182#if 0
183 if (net_ratelimit()) {
184 printk(KERN_DEBUG "MPDU fail=%d ok=%d per_failed=%d\n",
185 sta->tx_num_mpdu_fail, sta->tx_num_mpdu_ok,
186 per_failed);
187 }
188#endif
189
190 if (per_failed > local->rate_ctrl_num_down) {
191 rate_control_rate_dec(local, sta);
192 } else if (per_failed < local->rate_ctrl_num_up) {
193 rate_control_rate_inc(local, sta);
194 }
195 srctrl->tx_avg_rate_sum += status->control.rate->rate;
196 srctrl->tx_avg_rate_num++;
197 srctrl->tx_num_failures = 0;
198 srctrl->tx_num_xmit = 0;
199 } else if (sta->tx_num_consecutive_failures >=
200 RATE_CONTROL_EMERG_DEC) {
201 rate_control_rate_dec(local, sta);
202 }
203
204 if (srctrl->avg_rate_update + 60 * HZ < jiffies) {
205 srctrl->avg_rate_update = jiffies;
206 if (srctrl->tx_avg_rate_num > 0) {
207#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
208 printk(KERN_DEBUG "%s: STA " MAC_FMT " Average rate: "
209 "%d (%d/%d)\n",
210 dev->name, MAC_ARG(sta->addr),
211 srctrl->tx_avg_rate_sum /
212 srctrl->tx_avg_rate_num,
213 srctrl->tx_avg_rate_sum,
214 srctrl->tx_avg_rate_num);
215#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
216 srctrl->tx_avg_rate_sum = 0;
217 srctrl->tx_avg_rate_num = 0;
218 }
219 }
220
221 sta_info_put(sta);
222}
223
224
225static struct ieee80211_rate *
226rate_control_simple_get_rate(void *priv, struct net_device *dev,
227 struct sk_buff *skb,
228 struct rate_control_extra *extra)
229{
230 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
231 struct ieee80211_sub_if_data *sdata;
232 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
233 struct ieee80211_hw_mode *mode = extra->mode;
234 struct sta_info *sta;
235 int rateidx, nonerp_idx;
236 u16 fc;
237
238 memset(extra, 0, sizeof(*extra));
239
240 fc = le16_to_cpu(hdr->frame_control);
241 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
242 (hdr->addr1[0] & 0x01)) {
243 /* Send management frames and broadcast/multicast data using
244 * lowest rate. */
245 /* TODO: this could probably be improved.. */
246 return rate_control_lowest_rate(local, mode);
247 }
248
249 sta = sta_info_get(local, hdr->addr1);
250
251 if (!sta)
252 return rate_control_lowest_rate(local, mode);
253
254 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
255 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1)
256 sta->txrate = sdata->bss->force_unicast_rateidx;
257
258 rateidx = sta->txrate;
259
260 if (rateidx >= mode->num_rates)
261 rateidx = mode->num_rates - 1;
262
263 sta->last_txrate = rateidx;
264 nonerp_idx = rateidx;
265 while (nonerp_idx > 0 &&
266 ((mode->rates[nonerp_idx].flags & IEEE80211_RATE_ERP) ||
267 !(mode->rates[nonerp_idx].flags & IEEE80211_RATE_SUPPORTED) ||
268 !(sta->supp_rates & BIT(nonerp_idx))))
269 nonerp_idx--;
270 extra->nonerp = &mode->rates[nonerp_idx];
271
272 sta_info_put(sta);
273
274 return &mode->rates[rateidx];
275}
276
277
278static void rate_control_simple_rate_init(void *priv, void *priv_sta,
279 struct ieee80211_local *local,
280 struct sta_info *sta)
281{
282 struct ieee80211_hw_mode *mode;
283 int i;
284 sta->txrate = 0;
285 mode = local->oper_hw_mode;
286 /* TODO: what is a good starting rate for STA? About middle? Maybe not
287 * the lowest or the highest rate.. Could consider using RSSI from
288 * previous packets? Need to have IEEE 802.1X auth succeed immediately
289 * after assoc.. */
290 for (i = 0; i < mode->num_rates; i++) {
291 if ((sta->supp_rates & BIT(i)) &&
292 (mode->rates[i].flags & IEEE80211_RATE_SUPPORTED))
293 sta->txrate = i;
294 }
295}
296
297
298static void * rate_control_simple_alloc(struct ieee80211_local *local)
299{
300 struct global_rate_control *rctrl;
301
302 rctrl = kzalloc(sizeof(*rctrl), GFP_ATOMIC);
303
304 return rctrl;
305}
306
307
308static void rate_control_simple_free(void *priv)
309{
310 struct global_rate_control *rctrl = priv;
311 kfree(rctrl);
312}
313
314
315static void rate_control_simple_clear(void *priv)
316{
317}
318
319
320static void * rate_control_simple_alloc_sta(void *priv, gfp_t gfp)
321{
322 struct sta_rate_control *rctrl;
323
324 rctrl = kzalloc(sizeof(*rctrl), gfp);
325
326 return rctrl;
327}
328
329
330static void rate_control_simple_free_sta(void *priv, void *priv_sta)
331{
332 struct sta_rate_control *rctrl = priv_sta;
333 kfree(rctrl);
334}
335
336#ifdef CONFIG_MAC80211_DEBUGFS
337
338static int open_file_generic(struct inode *inode, struct file *file)
339{
340 file->private_data = inode->i_private;
341 return 0;
342}
343
344static ssize_t sta_tx_avg_rate_sum_read(struct file *file,
345 char __user *userbuf,
346 size_t count, loff_t *ppos)
347{
348 struct sta_rate_control *srctrl = file->private_data;
349 char buf[20];
350
351 sprintf(buf, "%d\n", srctrl->tx_avg_rate_sum);
352 return simple_read_from_buffer(userbuf, count, ppos, buf, strlen(buf));
353}
354
355static const struct file_operations sta_tx_avg_rate_sum_ops = {
356 .read = sta_tx_avg_rate_sum_read,
357 .open = open_file_generic,
358};
359
360static ssize_t sta_tx_avg_rate_num_read(struct file *file,
361 char __user *userbuf,
362 size_t count, loff_t *ppos)
363{
364 struct sta_rate_control *srctrl = file->private_data;
365 char buf[20];
366
367 sprintf(buf, "%d\n", srctrl->tx_avg_rate_num);
368 return simple_read_from_buffer(userbuf, count, ppos, buf, strlen(buf));
369}
370
371static const struct file_operations sta_tx_avg_rate_num_ops = {
372 .read = sta_tx_avg_rate_num_read,
373 .open = open_file_generic,
374};
375
376static void rate_control_simple_add_sta_debugfs(void *priv, void *priv_sta,
377 struct dentry *dir)
378{
379 struct sta_rate_control *srctrl = priv_sta;
380
381 srctrl->tx_avg_rate_num_dentry =
382 debugfs_create_file("rc_simple_sta_tx_avg_rate_num", 0400,
383 dir, srctrl, &sta_tx_avg_rate_num_ops);
384 srctrl->tx_avg_rate_sum_dentry =
385 debugfs_create_file("rc_simple_sta_tx_avg_rate_sum", 0400,
386 dir, srctrl, &sta_tx_avg_rate_sum_ops);
387}
388
389static void rate_control_simple_remove_sta_debugfs(void *priv, void *priv_sta)
390{
391 struct sta_rate_control *srctrl = priv_sta;
392
393 debugfs_remove(srctrl->tx_avg_rate_sum_dentry);
394 debugfs_remove(srctrl->tx_avg_rate_num_dentry);
395}
396#endif
397
398static struct rate_control_ops rate_control_simple = {
399 .module = THIS_MODULE,
400 .name = "simple",
401 .tx_status = rate_control_simple_tx_status,
402 .get_rate = rate_control_simple_get_rate,
403 .rate_init = rate_control_simple_rate_init,
404 .clear = rate_control_simple_clear,
405 .alloc = rate_control_simple_alloc,
406 .free = rate_control_simple_free,
407 .alloc_sta = rate_control_simple_alloc_sta,
408 .free_sta = rate_control_simple_free_sta,
409#ifdef CONFIG_MAC80211_DEBUGFS
410 .add_sta_debugfs = rate_control_simple_add_sta_debugfs,
411 .remove_sta_debugfs = rate_control_simple_remove_sta_debugfs,
412#endif
413};
414
415
416static int __init rate_control_simple_init(void)
417{
418 return ieee80211_rate_control_register(&rate_control_simple);
419}
420
421
422static void __exit rate_control_simple_exit(void)
423{
424 ieee80211_rate_control_unregister(&rate_control_simple);
425}
426
427
428module_init(rate_control_simple_init);
429module_exit(rate_control_simple_exit);
430
431MODULE_DESCRIPTION("Simple rate control algorithm for ieee80211");
432MODULE_LICENSE("GPL");
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
new file mode 100644
index 000000000000..ab7b1f067c6e
--- /dev/null
+++ b/net/mac80211/sta_info.c
@@ -0,0 +1,470 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/init.h>
12#include <linux/netdevice.h>
13#include <linux/types.h>
14#include <linux/slab.h>
15#include <linux/skbuff.h>
16#include <linux/if_arp.h>
17
18#include <net/mac80211.h>
19#include "ieee80211_i.h"
20#include "ieee80211_rate.h"
21#include "sta_info.h"
22#include "debugfs_key.h"
23#include "debugfs_sta.h"
24
25/* Caller must hold local->sta_lock */
26static void sta_info_hash_add(struct ieee80211_local *local,
27 struct sta_info *sta)
28{
29 sta->hnext = local->sta_hash[STA_HASH(sta->addr)];
30 local->sta_hash[STA_HASH(sta->addr)] = sta;
31}
32
33
34/* Caller must hold local->sta_lock */
35static void sta_info_hash_del(struct ieee80211_local *local,
36 struct sta_info *sta)
37{
38 struct sta_info *s;
39
40 s = local->sta_hash[STA_HASH(sta->addr)];
41 if (!s)
42 return;
43 if (memcmp(s->addr, sta->addr, ETH_ALEN) == 0) {
44 local->sta_hash[STA_HASH(sta->addr)] = s->hnext;
45 return;
46 }
47
48 while (s->hnext && memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0)
49 s = s->hnext;
50 if (s->hnext)
51 s->hnext = s->hnext->hnext;
52 else
53 printk(KERN_ERR "%s: could not remove STA " MAC_FMT " from "
54 "hash table\n", local->mdev->name, MAC_ARG(sta->addr));
55}
56
57static inline void __sta_info_get(struct sta_info *sta)
58{
59 kref_get(&sta->kref);
60}
61
62struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr)
63{
64 struct sta_info *sta;
65
66 spin_lock_bh(&local->sta_lock);
67 sta = local->sta_hash[STA_HASH(addr)];
68 while (sta) {
69 if (memcmp(sta->addr, addr, ETH_ALEN) == 0) {
70 __sta_info_get(sta);
71 break;
72 }
73 sta = sta->hnext;
74 }
75 spin_unlock_bh(&local->sta_lock);
76
77 return sta;
78}
79EXPORT_SYMBOL(sta_info_get);
80
81int sta_info_min_txrate_get(struct ieee80211_local *local)
82{
83 struct sta_info *sta;
84 struct ieee80211_hw_mode *mode;
85 int min_txrate = 9999999;
86 int i;
87
88 spin_lock_bh(&local->sta_lock);
89 mode = local->oper_hw_mode;
90 for (i = 0; i < STA_HASH_SIZE; i++) {
91 sta = local->sta_hash[i];
92 while (sta) {
93 if (sta->txrate < min_txrate)
94 min_txrate = sta->txrate;
95 sta = sta->hnext;
96 }
97 }
98 spin_unlock_bh(&local->sta_lock);
99 if (min_txrate == 9999999)
100 min_txrate = 0;
101
102 return mode->rates[min_txrate].rate;
103}
104
105
106static void sta_info_release(struct kref *kref)
107{
108 struct sta_info *sta = container_of(kref, struct sta_info, kref);
109 struct ieee80211_local *local = sta->local;
110 struct sk_buff *skb;
111
112 /* free sta structure; it has already been removed from
113 * hash table etc. external structures. Make sure that all
114 * buffered frames are release (one might have been added
115 * after sta_info_free() was called). */
116 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
117 local->total_ps_buffered--;
118 dev_kfree_skb_any(skb);
119 }
120 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
121 dev_kfree_skb_any(skb);
122 }
123 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv);
124 rate_control_put(sta->rate_ctrl);
125 if (sta->key)
126 ieee80211_debugfs_key_sta_del(sta->key, sta);
127 kfree(sta);
128}
129
130
131void sta_info_put(struct sta_info *sta)
132{
133 kref_put(&sta->kref, sta_info_release);
134}
135EXPORT_SYMBOL(sta_info_put);
136
137
138struct sta_info * sta_info_add(struct ieee80211_local *local,
139 struct net_device *dev, u8 *addr, gfp_t gfp)
140{
141 struct sta_info *sta;
142
143 sta = kzalloc(sizeof(*sta), gfp);
144 if (!sta)
145 return NULL;
146
147 kref_init(&sta->kref);
148
149 sta->rate_ctrl = rate_control_get(local->rate_ctrl);
150 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl, gfp);
151 if (!sta->rate_ctrl_priv) {
152 rate_control_put(sta->rate_ctrl);
153 kref_put(&sta->kref, sta_info_release);
154 kfree(sta);
155 return NULL;
156 }
157
158 memcpy(sta->addr, addr, ETH_ALEN);
159 sta->local = local;
160 sta->dev = dev;
161 skb_queue_head_init(&sta->ps_tx_buf);
162 skb_queue_head_init(&sta->tx_filtered);
163 __sta_info_get(sta); /* sta used by caller, decremented by
164 * sta_info_put() */
165 spin_lock_bh(&local->sta_lock);
166 list_add(&sta->list, &local->sta_list);
167 local->num_sta++;
168 sta_info_hash_add(local, sta);
169 spin_unlock_bh(&local->sta_lock);
170 if (local->ops->sta_table_notification)
171 local->ops->sta_table_notification(local_to_hw(local),
172 local->num_sta);
173 sta->key_idx_compression = HW_KEY_IDX_INVALID;
174
175#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
176 printk(KERN_DEBUG "%s: Added STA " MAC_FMT "\n",
177 local->mdev->name, MAC_ARG(addr));
178#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
179
180#ifdef CONFIG_MAC80211_DEBUGFS
181 if (!in_interrupt()) {
182 sta->debugfs_registered = 1;
183 ieee80211_sta_debugfs_add(sta);
184 rate_control_add_sta_debugfs(sta);
185 } else {
186 /* debugfs entry adding might sleep, so schedule process
187 * context task for adding entry for STAs that do not yet
188 * have one. */
189 queue_work(local->hw.workqueue, &local->sta_debugfs_add);
190 }
191#endif
192
193 return sta;
194}
195
196static void finish_sta_info_free(struct ieee80211_local *local,
197 struct sta_info *sta)
198{
199#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
200 printk(KERN_DEBUG "%s: Removed STA " MAC_FMT "\n",
201 local->mdev->name, MAC_ARG(sta->addr));
202#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
203
204 if (sta->key) {
205 ieee80211_debugfs_key_remove(sta->key);
206 ieee80211_key_free(sta->key);
207 sta->key = NULL;
208 }
209
210 rate_control_remove_sta_debugfs(sta);
211 ieee80211_sta_debugfs_remove(sta);
212
213 sta_info_put(sta);
214}
215
216static void sta_info_remove(struct sta_info *sta)
217{
218 struct ieee80211_local *local = sta->local;
219 struct ieee80211_sub_if_data *sdata;
220
221 sta_info_hash_del(local, sta);
222 list_del(&sta->list);
223 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
224 if (sta->flags & WLAN_STA_PS) {
225 sta->flags &= ~WLAN_STA_PS;
226 if (sdata->bss)
227 atomic_dec(&sdata->bss->num_sta_ps);
228 }
229 local->num_sta--;
230 sta_info_remove_aid_ptr(sta);
231}
232
233void sta_info_free(struct sta_info *sta, int locked)
234{
235 struct sk_buff *skb;
236 struct ieee80211_local *local = sta->local;
237
238 if (!locked) {
239 spin_lock_bh(&local->sta_lock);
240 sta_info_remove(sta);
241 spin_unlock_bh(&local->sta_lock);
242 } else {
243 sta_info_remove(sta);
244 }
245 if (local->ops->sta_table_notification)
246 local->ops->sta_table_notification(local_to_hw(local),
247 local->num_sta);
248
249 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
250 local->total_ps_buffered--;
251 dev_kfree_skb_any(skb);
252 }
253 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
254 dev_kfree_skb_any(skb);
255 }
256
257 if (sta->key) {
258 if (local->ops->set_key) {
259 struct ieee80211_key_conf *key;
260 key = ieee80211_key_data2conf(local, sta->key);
261 if (key) {
262 local->ops->set_key(local_to_hw(local),
263 DISABLE_KEY,
264 sta->addr, key, sta->aid);
265 kfree(key);
266 }
267 }
268 } else if (sta->key_idx_compression != HW_KEY_IDX_INVALID) {
269 struct ieee80211_key_conf conf;
270 memset(&conf, 0, sizeof(conf));
271 conf.hw_key_idx = sta->key_idx_compression;
272 conf.alg = ALG_NULL;
273 conf.flags |= IEEE80211_KEY_FORCE_SW_ENCRYPT;
274 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
275 sta->addr, &conf, sta->aid);
276 sta->key_idx_compression = HW_KEY_IDX_INVALID;
277 }
278
279#ifdef CONFIG_MAC80211_DEBUGFS
280 if (in_atomic()) {
281 list_add(&sta->list, &local->deleted_sta_list);
282 queue_work(local->hw.workqueue, &local->sta_debugfs_add);
283 } else
284#endif
285 finish_sta_info_free(local, sta);
286}
287
288
289static inline int sta_info_buffer_expired(struct ieee80211_local *local,
290 struct sta_info *sta,
291 struct sk_buff *skb)
292{
293 struct ieee80211_tx_packet_data *pkt_data;
294 int timeout;
295
296 if (!skb)
297 return 0;
298
299 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
300
301 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */
302 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 /
303 15625) * HZ;
304 if (timeout < STA_TX_BUFFER_EXPIRE)
305 timeout = STA_TX_BUFFER_EXPIRE;
306 return time_after(jiffies, pkt_data->jiffies + timeout);
307}
308
309
310static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
311 struct sta_info *sta)
312{
313 unsigned long flags;
314 struct sk_buff *skb;
315
316 if (skb_queue_empty(&sta->ps_tx_buf))
317 return;
318
319 for (;;) {
320 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags);
321 skb = skb_peek(&sta->ps_tx_buf);
322 if (sta_info_buffer_expired(local, sta, skb)) {
323 skb = __skb_dequeue(&sta->ps_tx_buf);
324 if (skb_queue_empty(&sta->ps_tx_buf))
325 sta->flags &= ~WLAN_STA_TIM;
326 } else
327 skb = NULL;
328 spin_unlock_irqrestore(&sta->ps_tx_buf.lock, flags);
329
330 if (skb) {
331 local->total_ps_buffered--;
332 printk(KERN_DEBUG "Buffered frame expired (STA "
333 MAC_FMT ")\n", MAC_ARG(sta->addr));
334 dev_kfree_skb(skb);
335 } else
336 break;
337 }
338}
339
340
341static void sta_info_cleanup(unsigned long data)
342{
343 struct ieee80211_local *local = (struct ieee80211_local *) data;
344 struct sta_info *sta;
345
346 spin_lock_bh(&local->sta_lock);
347 list_for_each_entry(sta, &local->sta_list, list) {
348 __sta_info_get(sta);
349 sta_info_cleanup_expire_buffered(local, sta);
350 sta_info_put(sta);
351 }
352 spin_unlock_bh(&local->sta_lock);
353
354 local->sta_cleanup.expires = jiffies + STA_INFO_CLEANUP_INTERVAL;
355 add_timer(&local->sta_cleanup);
356}
357
358#ifdef CONFIG_MAC80211_DEBUGFS
359static void sta_info_debugfs_add_task(struct work_struct *work)
360{
361 struct ieee80211_local *local =
362 container_of(work, struct ieee80211_local, sta_debugfs_add);
363 struct sta_info *sta, *tmp;
364
365 while (1) {
366 spin_lock_bh(&local->sta_lock);
367 if (!list_empty(&local->deleted_sta_list)) {
368 sta = list_entry(local->deleted_sta_list.next,
369 struct sta_info, list);
370 list_del(local->deleted_sta_list.next);
371 } else
372 sta = NULL;
373 spin_unlock_bh(&local->sta_lock);
374 if (!sta)
375 break;
376 finish_sta_info_free(local, sta);
377 }
378
379 while (1) {
380 sta = NULL;
381 spin_lock_bh(&local->sta_lock);
382 list_for_each_entry(tmp, &local->sta_list, list) {
383 if (!tmp->debugfs_registered) {
384 sta = tmp;
385 __sta_info_get(sta);
386 break;
387 }
388 }
389 spin_unlock_bh(&local->sta_lock);
390
391 if (!sta)
392 break;
393
394 sta->debugfs_registered = 1;
395 ieee80211_sta_debugfs_add(sta);
396 rate_control_add_sta_debugfs(sta);
397 sta_info_put(sta);
398 }
399}
400#endif
401
402void sta_info_init(struct ieee80211_local *local)
403{
404 spin_lock_init(&local->sta_lock);
405 INIT_LIST_HEAD(&local->sta_list);
406 INIT_LIST_HEAD(&local->deleted_sta_list);
407
408 init_timer(&local->sta_cleanup);
409 local->sta_cleanup.expires = jiffies + STA_INFO_CLEANUP_INTERVAL;
410 local->sta_cleanup.data = (unsigned long) local;
411 local->sta_cleanup.function = sta_info_cleanup;
412
413#ifdef CONFIG_MAC80211_DEBUGFS
414 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_task);
415#endif
416}
417
418int sta_info_start(struct ieee80211_local *local)
419{
420 add_timer(&local->sta_cleanup);
421 return 0;
422}
423
424void sta_info_stop(struct ieee80211_local *local)
425{
426 struct sta_info *sta, *tmp;
427
428 del_timer(&local->sta_cleanup);
429
430 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
431 /* sta_info_free must be called with 0 as the last
432 * parameter to ensure all debugfs sta entries are
433 * unregistered. We don't need locking at this
434 * point. */
435 sta_info_free(sta, 0);
436 }
437}
438
439void sta_info_remove_aid_ptr(struct sta_info *sta)
440{
441 struct ieee80211_sub_if_data *sdata;
442
443 if (sta->aid <= 0)
444 return;
445
446 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
447
448 if (sdata->local->ops->set_tim)
449 sdata->local->ops->set_tim(local_to_hw(sdata->local),
450 sta->aid, 0);
451 if (sdata->bss)
452 __bss_tim_clear(sdata->bss, sta->aid);
453}
454
455
456/**
457 * sta_info_flush - flush matching STA entries from the STA table
458 * @local: local interface data
459 * @dev: matching rule for the net device (sta->dev) or %NULL to match all STAs
460 */
461void sta_info_flush(struct ieee80211_local *local, struct net_device *dev)
462{
463 struct sta_info *sta, *tmp;
464
465 spin_lock_bh(&local->sta_lock);
466 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
467 if (!dev || dev == sta->dev)
468 sta_info_free(sta, 1);
469 spin_unlock_bh(&local->sta_lock);
470}
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
new file mode 100644
index 000000000000..b5591d2f60a4
--- /dev/null
+++ b/net/mac80211/sta_info.h
@@ -0,0 +1,164 @@
1/*
2 * Copyright 2002-2005, Devicescape Software, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef STA_INFO_H
10#define STA_INFO_H
11
12#include <linux/list.h>
13#include <linux/types.h>
14#include <linux/if_ether.h>
15#include <linux/kref.h>
16#include "ieee80211_key.h"
17
18/* Stations flags (struct sta_info::flags) */
19#define WLAN_STA_AUTH BIT(0)
20#define WLAN_STA_ASSOC BIT(1)
21#define WLAN_STA_PS BIT(2)
22#define WLAN_STA_TIM BIT(3) /* TIM bit is on for PS stations */
23#define WLAN_STA_PERM BIT(4) /* permanent; do not remove entry on expiration */
24#define WLAN_STA_AUTHORIZED BIT(5) /* If 802.1X is used, this flag is
25 * controlling whether STA is authorized to
26 * send and receive non-IEEE 802.1X frames
27 */
28#define WLAN_STA_SHORT_PREAMBLE BIT(7)
29#define WLAN_STA_WME BIT(9)
30#define WLAN_STA_WDS BIT(27)
31
32
33struct sta_info {
34 struct kref kref;
35 struct list_head list;
36 struct sta_info *hnext; /* next entry in hash table list */
37
38 struct ieee80211_local *local;
39
40 u8 addr[ETH_ALEN];
41 u16 aid; /* STA's unique AID (1..2007), 0 = not yet assigned */
42 u32 flags; /* WLAN_STA_ */
43
44 struct sk_buff_head ps_tx_buf; /* buffer of TX frames for station in
45 * power saving state */
46 int pspoll; /* whether STA has send a PS Poll frame */
47 struct sk_buff_head tx_filtered; /* buffer of TX frames that were
48 * already given to low-level driver,
49 * but were filtered */
50 int clear_dst_mask;
51
52 unsigned long rx_packets, tx_packets; /* number of RX/TX MSDUs */
53 unsigned long rx_bytes, tx_bytes;
54 unsigned long tx_retry_failed, tx_retry_count;
55 unsigned long tx_filtered_count;
56
57 unsigned int wep_weak_iv_count; /* number of RX frames with weak IV */
58
59 unsigned long last_rx;
60 u32 supp_rates; /* bitmap of supported rates in local->curr_rates */
61 int txrate; /* index in local->curr_rates */
62 int last_txrate; /* last rate used to send a frame to this STA */
63 int last_nonerp_idx;
64
65 struct net_device *dev; /* which net device is this station associated
66 * to */
67
68 struct ieee80211_key *key;
69
70 u32 tx_num_consecutive_failures;
71 u32 tx_num_mpdu_ok;
72 u32 tx_num_mpdu_fail;
73
74 struct rate_control_ref *rate_ctrl;
75 void *rate_ctrl_priv;
76
77 /* last received seq/frag number from this STA (per RX queue) */
78 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES];
79 unsigned long num_duplicates; /* number of duplicate frames received
80 * from this STA */
81 unsigned long tx_fragments; /* number of transmitted MPDUs */
82 unsigned long rx_fragments; /* number of received MPDUs */
83 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */
84
85 int last_rssi; /* RSSI of last received frame from this STA */
86 int last_signal; /* signal of last received frame from this STA */
87 int last_noise; /* noise of last received frame from this STA */
88 int last_ack_rssi[3]; /* RSSI of last received ACKs from this STA */
89 unsigned long last_ack;
90 int channel_use;
91 int channel_use_raw;
92
93 u8 antenna_sel_tx;
94 u8 antenna_sel_rx;
95
96
97 int key_idx_compression; /* key table index for compression and TX
98 * filtering; used only if sta->key is not
99 * set */
100
101#ifdef CONFIG_MAC80211_DEBUGFS
102 int debugfs_registered;
103#endif
104 int assoc_ap; /* whether this is an AP that we are
105 * associated with as a client */
106
107#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
108 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES];
109 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
110#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */
111
112 int vlan_id;
113
114 u16 listen_interval;
115
116#ifdef CONFIG_MAC80211_DEBUGFS
117 struct sta_info_debugfsdentries {
118 struct dentry *dir;
119 struct dentry *flags;
120 struct dentry *num_ps_buf_frames;
121 struct dentry *last_ack_rssi;
122 struct dentry *last_ack_ms;
123 struct dentry *inactive_ms;
124 struct dentry *last_seq_ctrl;
125#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
126 struct dentry *wme_rx_queue;
127 struct dentry *wme_tx_queue;
128#endif
129 } debugfs;
130#endif
131};
132
133
134/* Maximum number of concurrently registered stations */
135#define MAX_STA_COUNT 2007
136
137#define STA_HASH_SIZE 256
138#define STA_HASH(sta) (sta[5])
139
140
141/* Maximum number of frames to buffer per power saving station */
142#define STA_MAX_TX_BUFFER 128
143
144/* Minimum buffered frame expiry time. If STA uses listen interval that is
145 * smaller than this value, the minimum value here is used instead. */
146#define STA_TX_BUFFER_EXPIRE (10 * HZ)
147
148/* How often station data is cleaned up (e.g., expiration of buffered frames)
149 */
150#define STA_INFO_CLEANUP_INTERVAL (10 * HZ)
151
152struct sta_info * sta_info_get(struct ieee80211_local *local, u8 *addr);
153int sta_info_min_txrate_get(struct ieee80211_local *local);
154void sta_info_put(struct sta_info *sta);
155struct sta_info * sta_info_add(struct ieee80211_local *local,
156 struct net_device *dev, u8 *addr, gfp_t gfp);
157void sta_info_free(struct sta_info *sta, int locked);
158void sta_info_init(struct ieee80211_local *local);
159int sta_info_start(struct ieee80211_local *local);
160void sta_info_stop(struct ieee80211_local *local);
161void sta_info_remove_aid_ptr(struct sta_info *sta);
162void sta_info_flush(struct ieee80211_local *local, struct net_device *dev);
163
164#endif /* STA_INFO_H */
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
new file mode 100644
index 000000000000..41621720e560
--- /dev/null
+++ b/net/mac80211/tkip.c
@@ -0,0 +1,341 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/kernel.h>
11#include <linux/types.h>
12#include <linux/netdevice.h>
13
14#include <net/mac80211.h>
15#include "ieee80211_key.h"
16#include "tkip.h"
17#include "wep.h"
18
19
20/* TKIP key mixing functions */
21
22
23#define PHASE1_LOOP_COUNT 8
24
25
26/* 2-byte by 2-byte subset of the full AES S-box table; second part of this
27 * table is identical to first part but byte-swapped */
28static const u16 tkip_sbox[256] =
29{
30 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
31 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
32 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
33 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
34 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
35 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
36 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
37 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
38 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
39 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
40 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
41 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
42 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
43 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
44 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
45 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
46 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
47 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
48 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
49 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
50 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
51 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
52 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
53 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
54 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
55 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
56 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
57 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
58 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
59 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
60 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
61 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
62};
63
64
65static inline u16 Mk16(u8 x, u8 y)
66{
67 return ((u16) x << 8) | (u16) y;
68}
69
70
71static inline u8 Hi8(u16 v)
72{
73 return v >> 8;
74}
75
76
77static inline u8 Lo8(u16 v)
78{
79 return v & 0xff;
80}
81
82
83static inline u16 Hi16(u32 v)
84{
85 return v >> 16;
86}
87
88
89static inline u16 Lo16(u32 v)
90{
91 return v & 0xffff;
92}
93
94
95static inline u16 RotR1(u16 v)
96{
97 return (v >> 1) | ((v & 0x0001) << 15);
98}
99
100
101static inline u16 tkip_S(u16 val)
102{
103 u16 a = tkip_sbox[Hi8(val)];
104
105 return tkip_sbox[Lo8(val)] ^ Hi8(a) ^ (Lo8(a) << 8);
106}
107
108
109
110/* P1K := Phase1(TA, TK, TSC)
111 * TA = transmitter address (48 bits)
112 * TK = dot11DefaultKeyValue or dot11KeyMappingValue (128 bits)
113 * TSC = TKIP sequence counter (48 bits, only 32 msb bits used)
114 * P1K: 80 bits
115 */
116static void tkip_mixing_phase1(const u8 *ta, const u8 *tk, u32 tsc_IV32,
117 u16 *p1k)
118{
119 int i, j;
120
121 p1k[0] = Lo16(tsc_IV32);
122 p1k[1] = Hi16(tsc_IV32);
123 p1k[2] = Mk16(ta[1], ta[0]);
124 p1k[3] = Mk16(ta[3], ta[2]);
125 p1k[4] = Mk16(ta[5], ta[4]);
126
127 for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
128 j = 2 * (i & 1);
129 p1k[0] += tkip_S(p1k[4] ^ Mk16(tk[ 1 + j], tk[ 0 + j]));
130 p1k[1] += tkip_S(p1k[0] ^ Mk16(tk[ 5 + j], tk[ 4 + j]));
131 p1k[2] += tkip_S(p1k[1] ^ Mk16(tk[ 9 + j], tk[ 8 + j]));
132 p1k[3] += tkip_S(p1k[2] ^ Mk16(tk[13 + j], tk[12 + j]));
133 p1k[4] += tkip_S(p1k[3] ^ Mk16(tk[ 1 + j], tk[ 0 + j])) + i;
134 }
135}
136
137
138static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16,
139 u8 *rc4key)
140{
141 u16 ppk[6];
142 int i;
143
144 ppk[0] = p1k[0];
145 ppk[1] = p1k[1];
146 ppk[2] = p1k[2];
147 ppk[3] = p1k[3];
148 ppk[4] = p1k[4];
149 ppk[5] = p1k[4] + tsc_IV16;
150
151 ppk[0] += tkip_S(ppk[5] ^ Mk16(tk[ 1], tk[ 0]));
152 ppk[1] += tkip_S(ppk[0] ^ Mk16(tk[ 3], tk[ 2]));
153 ppk[2] += tkip_S(ppk[1] ^ Mk16(tk[ 5], tk[ 4]));
154 ppk[3] += tkip_S(ppk[2] ^ Mk16(tk[ 7], tk[ 6]));
155 ppk[4] += tkip_S(ppk[3] ^ Mk16(tk[ 9], tk[ 8]));
156 ppk[5] += tkip_S(ppk[4] ^ Mk16(tk[11], tk[10]));
157 ppk[0] += RotR1(ppk[5] ^ Mk16(tk[13], tk[12]));
158 ppk[1] += RotR1(ppk[0] ^ Mk16(tk[15], tk[14]));
159 ppk[2] += RotR1(ppk[1]);
160 ppk[3] += RotR1(ppk[2]);
161 ppk[4] += RotR1(ppk[3]);
162 ppk[5] += RotR1(ppk[4]);
163
164 rc4key[0] = Hi8(tsc_IV16);
165 rc4key[1] = (Hi8(tsc_IV16) | 0x20) & 0x7f;
166 rc4key[2] = Lo8(tsc_IV16);
167 rc4key[3] = Lo8((ppk[5] ^ Mk16(tk[1], tk[0])) >> 1);
168
169 for (i = 0; i < 6; i++) {
170 rc4key[4 + 2 * i] = Lo8(ppk[i]);
171 rc4key[5 + 2 * i] = Hi8(ppk[i]);
172 }
173}
174
175
176/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets
177 * of the IV. Returns pointer to the octet following IVs (i.e., beginning of
178 * the packet payload). */
179u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
180 u8 iv0, u8 iv1, u8 iv2)
181{
182 *pos++ = iv0;
183 *pos++ = iv1;
184 *pos++ = iv2;
185 *pos++ = (key->keyidx << 6) | (1 << 5) /* Ext IV */;
186 *pos++ = key->u.tkip.iv32 & 0xff;
187 *pos++ = (key->u.tkip.iv32 >> 8) & 0xff;
188 *pos++ = (key->u.tkip.iv32 >> 16) & 0xff;
189 *pos++ = (key->u.tkip.iv32 >> 24) & 0xff;
190 return pos;
191}
192
193
194void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
195 u16 *phase1key)
196{
197 tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
198 key->u.tkip.iv32, phase1key);
199}
200
201void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
202 u8 *rc4key)
203{
204 /* Calculate per-packet key */
205 if (key->u.tkip.iv16 == 0 || !key->u.tkip.tx_initialized) {
206 /* IV16 wrapped around - perform TKIP phase 1 */
207 tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
208 key->u.tkip.iv32, key->u.tkip.p1k);
209 key->u.tkip.tx_initialized = 1;
210 }
211
212 tkip_mixing_phase2(key->u.tkip.p1k, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
213 key->u.tkip.iv16, rc4key);
214}
215
216/* Encrypt packet payload with TKIP using @key. @pos is a pointer to the
217 * beginning of the buffer containing payload. This payload must include
218 * headroom of eight octets for IV and Ext. IV and taildroom of four octets
219 * for ICV. @payload_len is the length of payload (_not_ including extra
220 * headroom and tailroom). @ta is the transmitter addresses. */
221void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
222 struct ieee80211_key *key,
223 u8 *pos, size_t payload_len, u8 *ta)
224{
225 u8 rc4key[16];
226
227 ieee80211_tkip_gen_rc4key(key, ta, rc4key);
228 pos = ieee80211_tkip_add_iv(pos, key, rc4key[0], rc4key[1], rc4key[2]);
229 ieee80211_wep_encrypt_data(tfm, rc4key, 16, pos, payload_len);
230}
231
232
233/* Decrypt packet payload with TKIP using @key. @pos is a pointer to the
234 * beginning of the buffer containing IEEE 802.11 header payload, i.e.,
235 * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the
236 * length of payload, including IV, Ext. IV, MIC, ICV. */
237int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
238 struct ieee80211_key *key,
239 u8 *payload, size_t payload_len, u8 *ta,
240 int only_iv, int queue)
241{
242 u32 iv32;
243 u32 iv16;
244 u8 rc4key[16], keyid, *pos = payload;
245 int res;
246
247 if (payload_len < 12)
248 return -1;
249
250 iv16 = (pos[0] << 8) | pos[2];
251 keyid = pos[3];
252 iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
253 pos += 8;
254#ifdef CONFIG_TKIP_DEBUG
255 {
256 int i;
257 printk(KERN_DEBUG "TKIP decrypt: data(len=%zd)", payload_len);
258 for (i = 0; i < payload_len; i++)
259 printk(" %02x", payload[i]);
260 printk("\n");
261 printk(KERN_DEBUG "TKIP decrypt: iv16=%04x iv32=%08x\n",
262 iv16, iv32);
263 }
264#endif /* CONFIG_TKIP_DEBUG */
265
266 if (!(keyid & (1 << 5)))
267 return TKIP_DECRYPT_NO_EXT_IV;
268
269 if ((keyid >> 6) != key->keyidx)
270 return TKIP_DECRYPT_INVALID_KEYIDX;
271
272 if (key->u.tkip.rx_initialized[queue] &&
273 (iv32 < key->u.tkip.iv32_rx[queue] ||
274 (iv32 == key->u.tkip.iv32_rx[queue] &&
275 iv16 <= key->u.tkip.iv16_rx[queue]))) {
276#ifdef CONFIG_TKIP_DEBUG
277 printk(KERN_DEBUG "TKIP replay detected for RX frame from "
278 MAC_FMT " (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
279 MAC_ARG(ta),
280 iv32, iv16, key->u.tkip.iv32_rx[queue],
281 key->u.tkip.iv16_rx[queue]);
282#endif /* CONFIG_TKIP_DEBUG */
283 return TKIP_DECRYPT_REPLAY;
284 }
285
286 if (only_iv) {
287 res = TKIP_DECRYPT_OK;
288 key->u.tkip.rx_initialized[queue] = 1;
289 goto done;
290 }
291
292 if (!key->u.tkip.rx_initialized[queue] ||
293 key->u.tkip.iv32_rx[queue] != iv32) {
294 key->u.tkip.rx_initialized[queue] = 1;
295 /* IV16 wrapped around - perform TKIP phase 1 */
296 tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
297 iv32, key->u.tkip.p1k_rx[queue]);
298#ifdef CONFIG_TKIP_DEBUG
299 {
300 int i;
301 printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=" MAC_FMT
302 " TK=", MAC_ARG(ta));
303 for (i = 0; i < 16; i++)
304 printk("%02x ",
305 key->key[ALG_TKIP_TEMP_ENCR_KEY + i]);
306 printk("\n");
307 printk(KERN_DEBUG "TKIP decrypt: P1K=");
308 for (i = 0; i < 5; i++)
309 printk("%04x ", key->u.tkip.p1k_rx[queue][i]);
310 printk("\n");
311 }
312#endif /* CONFIG_TKIP_DEBUG */
313 }
314
315 tkip_mixing_phase2(key->u.tkip.p1k_rx[queue],
316 &key->key[ALG_TKIP_TEMP_ENCR_KEY],
317 iv16, rc4key);
318#ifdef CONFIG_TKIP_DEBUG
319 {
320 int i;
321 printk(KERN_DEBUG "TKIP decrypt: Phase2 rc4key=");
322 for (i = 0; i < 16; i++)
323 printk("%02x ", rc4key[i]);
324 printk("\n");
325 }
326#endif /* CONFIG_TKIP_DEBUG */
327
328 res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12);
329 done:
330 if (res == TKIP_DECRYPT_OK) {
331 /* FIX: these should be updated only after Michael MIC has been
332 * verified */
333 /* Record previously received IV */
334 key->u.tkip.iv32_rx[queue] = iv32;
335 key->u.tkip.iv16_rx[queue] = iv16;
336 }
337
338 return res;
339}
340
341
diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h
new file mode 100644
index 000000000000..a0d181a18049
--- /dev/null
+++ b/net/mac80211/tkip.h
@@ -0,0 +1,36 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef TKIP_H
10#define TKIP_H
11
12#include <linux/types.h>
13#include <linux/crypto.h>
14#include "ieee80211_key.h"
15
16u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
17 u8 iv0, u8 iv1, u8 iv2);
18void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
19 u16 *phase1key);
20void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
21 u8 *rc4key);
22void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
23 struct ieee80211_key *key,
24 u8 *pos, size_t payload_len, u8 *ta);
25enum {
26 TKIP_DECRYPT_OK = 0,
27 TKIP_DECRYPT_NO_EXT_IV = -1,
28 TKIP_DECRYPT_INVALID_KEYIDX = -2,
29 TKIP_DECRYPT_REPLAY = -3,
30};
31int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
32 struct ieee80211_key *key,
33 u8 *payload, size_t payload_len, u8 *ta,
34 int only_iv, int queue);
35
36#endif /* TKIP_H */
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
new file mode 100644
index 000000000000..1ad3d75281cc
--- /dev/null
+++ b/net/mac80211/wep.c
@@ -0,0 +1,328 @@
1/*
2 * Software WEP encryption implementation
3 * Copyright 2002, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2003, Instant802 Networks, Inc.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/netdevice.h>
12#include <linux/types.h>
13#include <linux/random.h>
14#include <linux/compiler.h>
15#include <linux/crc32.h>
16#include <linux/crypto.h>
17#include <linux/err.h>
18#include <linux/mm.h>
19#include <asm/scatterlist.h>
20
21#include <net/mac80211.h>
22#include "ieee80211_i.h"
23#include "wep.h"
24
25
26int ieee80211_wep_init(struct ieee80211_local *local)
27{
28 /* start WEP IV from a random value */
29 get_random_bytes(&local->wep_iv, WEP_IV_LEN);
30
31 local->wep_tx_tfm = crypto_alloc_blkcipher("ecb(arc4)", 0,
32 CRYPTO_ALG_ASYNC);
33 if (IS_ERR(local->wep_tx_tfm))
34 return -ENOMEM;
35
36 local->wep_rx_tfm = crypto_alloc_blkcipher("ecb(arc4)", 0,
37 CRYPTO_ALG_ASYNC);
38 if (IS_ERR(local->wep_rx_tfm)) {
39 crypto_free_blkcipher(local->wep_tx_tfm);
40 return -ENOMEM;
41 }
42
43 return 0;
44}
45
46void ieee80211_wep_free(struct ieee80211_local *local)
47{
48 crypto_free_blkcipher(local->wep_tx_tfm);
49 crypto_free_blkcipher(local->wep_rx_tfm);
50}
51
52static inline int ieee80211_wep_weak_iv(u32 iv, int keylen)
53{
54 /* Fluhrer, Mantin, and Shamir have reported weaknesses in the
55 * key scheduling algorithm of RC4. At least IVs (KeyByte + 3,
56 * 0xff, N) can be used to speedup attacks, so avoid using them. */
57 if ((iv & 0xff00) == 0xff00) {
58 u8 B = (iv >> 16) & 0xff;
59 if (B >= 3 && B < 3 + keylen)
60 return 1;
61 }
62 return 0;
63}
64
65
66void ieee80211_wep_get_iv(struct ieee80211_local *local,
67 struct ieee80211_key *key, u8 *iv)
68{
69 local->wep_iv++;
70 if (ieee80211_wep_weak_iv(local->wep_iv, key->keylen))
71 local->wep_iv += 0x0100;
72
73 if (!iv)
74 return;
75
76 *iv++ = (local->wep_iv >> 16) & 0xff;
77 *iv++ = (local->wep_iv >> 8) & 0xff;
78 *iv++ = local->wep_iv & 0xff;
79 *iv++ = key->keyidx << 6;
80}
81
82
83u8 * ieee80211_wep_add_iv(struct ieee80211_local *local,
84 struct sk_buff *skb,
85 struct ieee80211_key *key)
86{
87 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
88 u16 fc;
89 int hdrlen;
90 u8 *newhdr;
91
92 fc = le16_to_cpu(hdr->frame_control);
93 fc |= IEEE80211_FCTL_PROTECTED;
94 hdr->frame_control = cpu_to_le16(fc);
95
96 if ((skb_headroom(skb) < WEP_IV_LEN ||
97 skb_tailroom(skb) < WEP_ICV_LEN)) {
98 I802_DEBUG_INC(local->tx_expand_skb_head);
99 if (unlikely(pskb_expand_head(skb, WEP_IV_LEN, WEP_ICV_LEN,
100 GFP_ATOMIC)))
101 return NULL;
102 }
103
104 hdrlen = ieee80211_get_hdrlen(fc);
105 newhdr = skb_push(skb, WEP_IV_LEN);
106 memmove(newhdr, newhdr + WEP_IV_LEN, hdrlen);
107 ieee80211_wep_get_iv(local, key, newhdr + hdrlen);
108 return newhdr + hdrlen;
109}
110
111
112void ieee80211_wep_remove_iv(struct ieee80211_local *local,
113 struct sk_buff *skb,
114 struct ieee80211_key *key)
115{
116 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
117 u16 fc;
118 int hdrlen;
119
120 fc = le16_to_cpu(hdr->frame_control);
121 hdrlen = ieee80211_get_hdrlen(fc);
122 memmove(skb->data + WEP_IV_LEN, skb->data, hdrlen);
123 skb_pull(skb, WEP_IV_LEN);
124}
125
126
127/* Perform WEP encryption using given key. data buffer must have tailroom
128 * for 4-byte ICV. data_len must not include this ICV. Note: this function
129 * does _not_ add IV. data = RC4(data | CRC32(data)) */
130void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
131 size_t klen, u8 *data, size_t data_len)
132{
133 struct blkcipher_desc desc = { .tfm = tfm };
134 struct scatterlist sg;
135 __le32 *icv;
136
137 icv = (__le32 *)(data + data_len);
138 *icv = cpu_to_le32(~crc32_le(~0, data, data_len));
139
140 crypto_blkcipher_setkey(tfm, rc4key, klen);
141 sg.page = virt_to_page(data);
142 sg.offset = offset_in_page(data);
143 sg.length = data_len + WEP_ICV_LEN;
144 crypto_blkcipher_encrypt(&desc, &sg, &sg, sg.length);
145}
146
147
148/* Perform WEP encryption on given skb. 4 bytes of extra space (IV) in the
149 * beginning of the buffer 4 bytes of extra space (ICV) in the end of the
150 * buffer will be added. Both IV and ICV will be transmitted, so the
151 * payload length increases with 8 bytes.
152 *
153 * WEP frame payload: IV + TX key idx, RC4(data), ICV = RC4(CRC32(data))
154 */
155int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
156 struct ieee80211_key *key)
157{
158 u32 klen;
159 u8 *rc4key, *iv;
160 size_t len;
161
162 if (!key || key->alg != ALG_WEP)
163 return -1;
164
165 klen = 3 + key->keylen;
166 rc4key = kmalloc(klen, GFP_ATOMIC);
167 if (!rc4key)
168 return -1;
169
170 iv = ieee80211_wep_add_iv(local, skb, key);
171 if (!iv) {
172 kfree(rc4key);
173 return -1;
174 }
175
176 len = skb->len - (iv + WEP_IV_LEN - skb->data);
177
178 /* Prepend 24-bit IV to RC4 key */
179 memcpy(rc4key, iv, 3);
180
181 /* Copy rest of the WEP key (the secret part) */
182 memcpy(rc4key + 3, key->key, key->keylen);
183
184 /* Add room for ICV */
185 skb_put(skb, WEP_ICV_LEN);
186
187 ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, klen,
188 iv + WEP_IV_LEN, len);
189
190 kfree(rc4key);
191
192 return 0;
193}
194
195
196/* Perform WEP decryption using given key. data buffer includes encrypted
197 * payload, including 4-byte ICV, but _not_ IV. data_len must not include ICV.
198 * Return 0 on success and -1 on ICV mismatch. */
199int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
200 size_t klen, u8 *data, size_t data_len)
201{
202 struct blkcipher_desc desc = { .tfm = tfm };
203 struct scatterlist sg;
204 __le32 crc;
205
206 crypto_blkcipher_setkey(tfm, rc4key, klen);
207 sg.page = virt_to_page(data);
208 sg.offset = offset_in_page(data);
209 sg.length = data_len + WEP_ICV_LEN;
210 crypto_blkcipher_decrypt(&desc, &sg, &sg, sg.length);
211
212 crc = cpu_to_le32(~crc32_le(~0, data, data_len));
213 if (memcmp(&crc, data + data_len, WEP_ICV_LEN) != 0)
214 /* ICV mismatch */
215 return -1;
216
217 return 0;
218}
219
220
221/* Perform WEP decryption on given skb. Buffer includes whole WEP part of
222 * the frame: IV (4 bytes), encrypted payload (including SNAP header),
223 * ICV (4 bytes). skb->len includes both IV and ICV.
224 *
225 * Returns 0 if frame was decrypted successfully and ICV was correct and -1 on
226 * failure. If frame is OK, IV and ICV will be removed, i.e., decrypted payload
227 * is moved to the beginning of the skb and skb length will be reduced.
228 */
229int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
230 struct ieee80211_key *key)
231{
232 u32 klen;
233 u8 *rc4key;
234 u8 keyidx;
235 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
236 u16 fc;
237 int hdrlen;
238 size_t len;
239 int ret = 0;
240
241 fc = le16_to_cpu(hdr->frame_control);
242 if (!(fc & IEEE80211_FCTL_PROTECTED))
243 return -1;
244
245 hdrlen = ieee80211_get_hdrlen(fc);
246
247 if (skb->len < 8 + hdrlen)
248 return -1;
249
250 len = skb->len - hdrlen - 8;
251
252 keyidx = skb->data[hdrlen + 3] >> 6;
253
254 if (!key || keyidx != key->keyidx || key->alg != ALG_WEP)
255 return -1;
256
257 klen = 3 + key->keylen;
258
259 rc4key = kmalloc(klen, GFP_ATOMIC);
260 if (!rc4key)
261 return -1;
262
263 /* Prepend 24-bit IV to RC4 key */
264 memcpy(rc4key, skb->data + hdrlen, 3);
265
266 /* Copy rest of the WEP key (the secret part) */
267 memcpy(rc4key + 3, key->key, key->keylen);
268
269 if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen,
270 skb->data + hdrlen + WEP_IV_LEN,
271 len)) {
272 printk(KERN_DEBUG "WEP decrypt failed (ICV)\n");
273 ret = -1;
274 }
275
276 kfree(rc4key);
277
278 /* Trim ICV */
279 skb_trim(skb, skb->len - WEP_ICV_LEN);
280
281 /* Remove IV */
282 memmove(skb->data + WEP_IV_LEN, skb->data, hdrlen);
283 skb_pull(skb, WEP_IV_LEN);
284
285 return ret;
286}
287
288
289int ieee80211_wep_get_keyidx(struct sk_buff *skb)
290{
291 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
292 u16 fc;
293 int hdrlen;
294
295 fc = le16_to_cpu(hdr->frame_control);
296 if (!(fc & IEEE80211_FCTL_PROTECTED))
297 return -1;
298
299 hdrlen = ieee80211_get_hdrlen(fc);
300
301 if (skb->len < 8 + hdrlen)
302 return -1;
303
304 return skb->data[hdrlen + 3] >> 6;
305}
306
307
308u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key)
309{
310 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
311 u16 fc;
312 int hdrlen;
313 u8 *ivpos;
314 u32 iv;
315
316 fc = le16_to_cpu(hdr->frame_control);
317 if (!(fc & IEEE80211_FCTL_PROTECTED))
318 return NULL;
319
320 hdrlen = ieee80211_get_hdrlen(fc);
321 ivpos = skb->data + hdrlen;
322 iv = (ivpos[0] << 16) | (ivpos[1] << 8) | ivpos[2];
323
324 if (ieee80211_wep_weak_iv(iv, key->keylen))
325 return ivpos;
326
327 return NULL;
328}
diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h
new file mode 100644
index 000000000000..bfe29e8e10aa
--- /dev/null
+++ b/net/mac80211/wep.h
@@ -0,0 +1,40 @@
1/*
2 * Software WEP encryption implementation
3 * Copyright 2002, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2003, Instant802 Networks, Inc.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef WEP_H
12#define WEP_H
13
14#include <linux/skbuff.h>
15#include <linux/types.h>
16#include "ieee80211_i.h"
17#include "ieee80211_key.h"
18
19int ieee80211_wep_init(struct ieee80211_local *local);
20void ieee80211_wep_free(struct ieee80211_local *local);
21void ieee80211_wep_get_iv(struct ieee80211_local *local,
22 struct ieee80211_key *key, u8 *iv);
23u8 * ieee80211_wep_add_iv(struct ieee80211_local *local,
24 struct sk_buff *skb,
25 struct ieee80211_key *key);
26void ieee80211_wep_remove_iv(struct ieee80211_local *local,
27 struct sk_buff *skb,
28 struct ieee80211_key *key);
29void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
30 size_t klen, u8 *data, size_t data_len);
31int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
32 size_t klen, u8 *data, size_t data_len);
33int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
34 struct ieee80211_key *key);
35int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
36 struct ieee80211_key *key);
37int ieee80211_wep_get_keyidx(struct sk_buff *skb);
38u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
39
40#endif /* WEP_H */
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
new file mode 100644
index 000000000000..89ce81529694
--- /dev/null
+++ b/net/mac80211/wme.c
@@ -0,0 +1,678 @@
1/*
2 * Copyright 2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/netdevice.h>
10#include <linux/skbuff.h>
11#include <linux/module.h>
12#include <linux/if_arp.h>
13#include <linux/types.h>
14#include <net/ip.h>
15#include <net/pkt_sched.h>
16
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19#include "wme.h"
20
21static inline int WLAN_FC_IS_QOS_DATA(u16 fc)
22{
23 return (fc & 0x8C) == 0x88;
24}
25
26
27ieee80211_txrx_result
28ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx)
29{
30 u8 *data = rx->skb->data;
31 int tid;
32
33 /* does the frame have a qos control field? */
34 if (WLAN_FC_IS_QOS_DATA(rx->fc)) {
35 u8 *qc = data + ieee80211_get_hdrlen(rx->fc) - QOS_CONTROL_LEN;
36 /* frame has qos control */
37 tid = qc[0] & QOS_CONTROL_TID_MASK;
38 } else {
39 if (unlikely((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)) {
40 /* Separate TID for management frames */
41 tid = NUM_RX_DATA_QUEUES - 1;
42 } else {
43 /* no qos control present */
44 tid = 0; /* 802.1d - Best Effort */
45 }
46 }
47#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
48 I802_DEBUG_INC(rx->local->wme_rx_queue[tid]);
49 if (rx->sta) {
50 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]);
51 }
52#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */
53
54 rx->u.rx.queue = tid;
55 /* Set skb->priority to 1d tag if highest order bit of TID is not set.
56 * For now, set skb->priority to 0 for other cases. */
57 rx->skb->priority = (tid > 7) ? 0 : tid;
58
59 return TXRX_CONTINUE;
60}
61
62
63ieee80211_txrx_result
64ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx)
65{
66 u16 fc = rx->fc;
67 u8 *data = rx->skb->data;
68 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) data;
69
70 if (!WLAN_FC_IS_QOS_DATA(fc))
71 return TXRX_CONTINUE;
72
73 /* remove the qos control field, update frame type and meta-data */
74 memmove(data + 2, data, ieee80211_get_hdrlen(fc) - 2);
75 hdr = (struct ieee80211_hdr *) skb_pull(rx->skb, 2);
76 /* change frame type to non QOS */
77 rx->fc = fc &= ~IEEE80211_STYPE_QOS_DATA;
78 hdr->frame_control = cpu_to_le16(fc);
79
80 return TXRX_CONTINUE;
81}
82
83
84#ifdef CONFIG_NET_SCHED
85/* maximum number of hardware queues we support. */
86#define TC_80211_MAX_QUEUES 8
87
88struct ieee80211_sched_data
89{
90 struct tcf_proto *filter_list;
91 struct Qdisc *queues[TC_80211_MAX_QUEUES];
92 struct sk_buff_head requeued[TC_80211_MAX_QUEUES];
93};
94
95
96/* given a data frame determine the 802.1p/1d tag to use */
97static inline unsigned classify_1d(struct sk_buff *skb, struct Qdisc *qd)
98{
99 struct iphdr *ip;
100 int dscp;
101 int offset;
102
103 struct ieee80211_sched_data *q = qdisc_priv(qd);
104 struct tcf_result res = { -1, 0 };
105
106 /* if there is a user set filter list, call out to that */
107 if (q->filter_list) {
108 tc_classify(skb, q->filter_list, &res);
109 if (res.class != -1)
110 return res.class;
111 }
112
113 /* skb->priority values from 256->263 are magic values to
114 * directly indicate a specific 802.1d priority.
115 * This is used to allow 802.1d priority to be passed directly in
116 * from VLAN tags, etc. */
117 if (skb->priority >= 256 && skb->priority <= 263)
118 return skb->priority - 256;
119
120 /* check there is a valid IP header present */
121 offset = ieee80211_get_hdrlen_from_skb(skb) + 8 /* LLC + proto */;
122 if (skb->protocol != __constant_htons(ETH_P_IP) ||
123 skb->len < offset + sizeof(*ip))
124 return 0;
125
126 ip = (struct iphdr *) (skb->data + offset);
127
128 dscp = ip->tos & 0xfc;
129 if (dscp & 0x1c)
130 return 0;
131 return dscp >> 5;
132}
133
134
135static inline int wme_downgrade_ac(struct sk_buff *skb)
136{
137 switch (skb->priority) {
138 case 6:
139 case 7:
140 skb->priority = 5; /* VO -> VI */
141 return 0;
142 case 4:
143 case 5:
144 skb->priority = 3; /* VI -> BE */
145 return 0;
146 case 0:
147 case 3:
148 skb->priority = 2; /* BE -> BK */
149 return 0;
150 default:
151 return -1;
152 }
153}
154
155
156/* positive return value indicates which queue to use
157 * negative return value indicates to drop the frame */
158static inline int classify80211(struct sk_buff *skb, struct Qdisc *qd)
159{
160 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
161 struct ieee80211_tx_packet_data *pkt_data =
162 (struct ieee80211_tx_packet_data *) skb->cb;
163 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
164 unsigned short fc = le16_to_cpu(hdr->frame_control);
165 int qos;
166 const int ieee802_1d_to_ac[8] = { 2, 3, 3, 2, 1, 1, 0, 0 };
167
168 /* see if frame is data or non data frame */
169 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) {
170 /* management frames go on AC_VO queue, but are sent
171 * without QoS control fields */
172 return IEEE80211_TX_QUEUE_DATA0;
173 }
174
175 if (unlikely(pkt_data->mgmt_iface)) {
176 /* Data frames from hostapd (mainly, EAPOL) use AC_VO
177 * and they will include QoS control fields if
178 * the target STA is using WME. */
179 skb->priority = 7;
180 return ieee802_1d_to_ac[skb->priority];
181 }
182
183 /* is this a QoS frame? */
184 qos = fc & IEEE80211_STYPE_QOS_DATA;
185
186 if (!qos) {
187 skb->priority = 0; /* required for correct WPA/11i MIC */
188 return ieee802_1d_to_ac[skb->priority];
189 }
190
191 /* use the data classifier to determine what 802.1d tag the
192 * data frame has */
193 skb->priority = classify_1d(skb, qd);
194
195 /* incase we are a client verify acm is not set for this ac */
196 while (unlikely(local->wmm_acm & BIT(skb->priority))) {
197 if (wme_downgrade_ac(skb)) {
198 /* No AC with lower priority has acm=0,
199 * drop packet. */
200 return -1;
201 }
202 }
203
204 /* look up which queue to use for frames with this 1d tag */
205 return ieee802_1d_to_ac[skb->priority];
206}
207
208
209static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
210{
211 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
212 struct ieee80211_sched_data *q = qdisc_priv(qd);
213 struct ieee80211_tx_packet_data *pkt_data =
214 (struct ieee80211_tx_packet_data *) skb->cb;
215 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
216 unsigned short fc = le16_to_cpu(hdr->frame_control);
217 struct Qdisc *qdisc;
218 int err, queue;
219
220 if (pkt_data->requeue) {
221 skb_queue_tail(&q->requeued[pkt_data->queue], skb);
222 qd->q.qlen++;
223 return 0;
224 }
225
226 queue = classify80211(skb, qd);
227
228 /* now we know the 1d priority, fill in the QoS header if there is one
229 */
230 if (WLAN_FC_IS_QOS_DATA(fc)) {
231 u8 *p = skb->data + ieee80211_get_hdrlen(fc) - 2;
232 u8 qos_hdr = skb->priority & QOS_CONTROL_TAG1D_MASK;
233 if (local->wifi_wme_noack_test)
234 qos_hdr |= QOS_CONTROL_ACK_POLICY_NOACK <<
235 QOS_CONTROL_ACK_POLICY_SHIFT;
236 /* qos header is 2 bytes, second reserved */
237 *p = qos_hdr;
238 p++;
239 *p = 0;
240 }
241
242 if (unlikely(queue >= local->hw.queues)) {
243#if 0
244 if (net_ratelimit()) {
245 printk(KERN_DEBUG "%s - queue=%d (hw does not "
246 "support) -> %d\n",
247 __func__, queue, local->hw.queues - 1);
248 }
249#endif
250 queue = local->hw.queues - 1;
251 }
252
253 if (unlikely(queue < 0)) {
254 kfree_skb(skb);
255 err = NET_XMIT_DROP;
256 } else {
257 pkt_data->queue = (unsigned int) queue;
258 qdisc = q->queues[queue];
259 err = qdisc->enqueue(skb, qdisc);
260 if (err == NET_XMIT_SUCCESS) {
261 qd->q.qlen++;
262 qd->bstats.bytes += skb->len;
263 qd->bstats.packets++;
264 return NET_XMIT_SUCCESS;
265 }
266 }
267 qd->qstats.drops++;
268 return err;
269}
270
271
272/* TODO: clean up the cases where master_hard_start_xmit
273 * returns non 0 - it shouldn't ever do that. Once done we
274 * can remove this function */
275static int wme_qdiscop_requeue(struct sk_buff *skb, struct Qdisc* qd)
276{
277 struct ieee80211_sched_data *q = qdisc_priv(qd);
278 struct ieee80211_tx_packet_data *pkt_data =
279 (struct ieee80211_tx_packet_data *) skb->cb;
280 struct Qdisc *qdisc;
281 int err;
282
283 /* we recorded which queue to use earlier! */
284 qdisc = q->queues[pkt_data->queue];
285
286 if ((err = qdisc->ops->requeue(skb, qdisc)) == 0) {
287 qd->q.qlen++;
288 return 0;
289 }
290 qd->qstats.drops++;
291 return err;
292}
293
294
295static struct sk_buff *wme_qdiscop_dequeue(struct Qdisc* qd)
296{
297 struct ieee80211_sched_data *q = qdisc_priv(qd);
298 struct net_device *dev = qd->dev;
299 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
300 struct ieee80211_hw *hw = &local->hw;
301 struct sk_buff *skb;
302 struct Qdisc *qdisc;
303 int queue;
304
305 /* check all the h/w queues in numeric/priority order */
306 for (queue = 0; queue < hw->queues; queue++) {
307 /* see if there is room in this hardware queue */
308 if (test_bit(IEEE80211_LINK_STATE_XOFF,
309 &local->state[queue]) ||
310 test_bit(IEEE80211_LINK_STATE_PENDING,
311 &local->state[queue]))
312 continue;
313
314 /* there is space - try and get a frame */
315 skb = skb_dequeue(&q->requeued[queue]);
316 if (skb) {
317 qd->q.qlen--;
318 return skb;
319 }
320
321 qdisc = q->queues[queue];
322 skb = qdisc->dequeue(qdisc);
323 if (skb) {
324 qd->q.qlen--;
325 return skb;
326 }
327 }
328 /* returning a NULL here when all the h/w queues are full means we
329 * never need to call netif_stop_queue in the driver */
330 return NULL;
331}
332
333
334static void wme_qdiscop_reset(struct Qdisc* qd)
335{
336 struct ieee80211_sched_data *q = qdisc_priv(qd);
337 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
338 struct ieee80211_hw *hw = &local->hw;
339 int queue;
340
341 /* QUESTION: should we have some hardware flush functionality here? */
342
343 for (queue = 0; queue < hw->queues; queue++) {
344 skb_queue_purge(&q->requeued[queue]);
345 qdisc_reset(q->queues[queue]);
346 }
347 qd->q.qlen = 0;
348}
349
350
351static void wme_qdiscop_destroy(struct Qdisc* qd)
352{
353 struct ieee80211_sched_data *q = qdisc_priv(qd);
354 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
355 struct ieee80211_hw *hw = &local->hw;
356 int queue;
357
358 tcf_destroy_chain(q->filter_list);
359 q->filter_list = NULL;
360
361 for (queue=0; queue < hw->queues; queue++) {
362 skb_queue_purge(&q->requeued[queue]);
363 qdisc_destroy(q->queues[queue]);
364 q->queues[queue] = &noop_qdisc;
365 }
366}
367
368
369/* called whenever parameters are updated on existing qdisc */
370static int wme_qdiscop_tune(struct Qdisc *qd, struct rtattr *opt)
371{
372/* struct ieee80211_sched_data *q = qdisc_priv(qd);
373*/
374 /* check our options block is the right size */
375 /* copy any options to our local structure */
376/* Ignore options block for now - always use static mapping
377 struct tc_ieee80211_qopt *qopt = RTA_DATA(opt);
378
379 if (opt->rta_len < RTA_LENGTH(sizeof(*qopt)))
380 return -EINVAL;
381 memcpy(q->tag2queue, qopt->tag2queue, sizeof(qopt->tag2queue));
382*/
383 return 0;
384}
385
386
387/* called during initial creation of qdisc on device */
388static int wme_qdiscop_init(struct Qdisc *qd, struct rtattr *opt)
389{
390 struct ieee80211_sched_data *q = qdisc_priv(qd);
391 struct net_device *dev = qd->dev;
392 struct ieee80211_local *local;
393 int queues;
394 int err = 0, i;
395
396 /* check that device is a mac80211 device */
397 if (!dev->ieee80211_ptr ||
398 dev->ieee80211_ptr->wiphy->privid != mac80211_wiphy_privid)
399 return -EINVAL;
400
401 /* check this device is an ieee80211 master type device */
402 if (dev->type != ARPHRD_IEEE80211)
403 return -EINVAL;
404
405 /* check that there is no qdisc currently attached to device
406 * this ensures that we will be the root qdisc. (I can't find a better
407 * way to test this explicitly) */
408 if (dev->qdisc_sleeping != &noop_qdisc)
409 return -EINVAL;
410
411 if (qd->flags & TCQ_F_INGRESS)
412 return -EINVAL;
413
414 local = wdev_priv(dev->ieee80211_ptr);
415 queues = local->hw.queues;
416
417 /* if options were passed in, set them */
418 if (opt) {
419 err = wme_qdiscop_tune(qd, opt);
420 }
421
422 /* create child queues */
423 for (i = 0; i < queues; i++) {
424 skb_queue_head_init(&q->requeued[i]);
425 q->queues[i] = qdisc_create_dflt(qd->dev, &pfifo_qdisc_ops,
426 qd->handle);
427 if (q->queues[i] == 0) {
428 q->queues[i] = &noop_qdisc;
429 printk(KERN_ERR "%s child qdisc %i creation failed", dev->name, i);
430 }
431 }
432
433 return err;
434}
435
436static int wme_qdiscop_dump(struct Qdisc *qd, struct sk_buff *skb)
437{
438/* struct ieee80211_sched_data *q = qdisc_priv(qd);
439 unsigned char *p = skb->tail;
440 struct tc_ieee80211_qopt opt;
441
442 memcpy(&opt.tag2queue, q->tag2queue, TC_80211_MAX_TAG + 1);
443 RTA_PUT(skb, TCA_OPTIONS, sizeof(opt), &opt);
444*/ return skb->len;
445/*
446rtattr_failure:
447 skb_trim(skb, p - skb->data);*/
448 return -1;
449}
450
451
452static int wme_classop_graft(struct Qdisc *qd, unsigned long arg,
453 struct Qdisc *new, struct Qdisc **old)
454{
455 struct ieee80211_sched_data *q = qdisc_priv(qd);
456 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
457 struct ieee80211_hw *hw = &local->hw;
458 unsigned long queue = arg - 1;
459
460 if (queue >= hw->queues)
461 return -EINVAL;
462
463 if (!new)
464 new = &noop_qdisc;
465
466 sch_tree_lock(qd);
467 *old = q->queues[queue];
468 q->queues[queue] = new;
469 qdisc_reset(*old);
470 sch_tree_unlock(qd);
471
472 return 0;
473}
474
475
476static struct Qdisc *
477wme_classop_leaf(struct Qdisc *qd, unsigned long arg)
478{
479 struct ieee80211_sched_data *q = qdisc_priv(qd);
480 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
481 struct ieee80211_hw *hw = &local->hw;
482 unsigned long queue = arg - 1;
483
484 if (queue >= hw->queues)
485 return NULL;
486
487 return q->queues[queue];
488}
489
490
491static unsigned long wme_classop_get(struct Qdisc *qd, u32 classid)
492{
493 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
494 struct ieee80211_hw *hw = &local->hw;
495 unsigned long queue = TC_H_MIN(classid);
496
497 if (queue - 1 >= hw->queues)
498 return 0;
499
500 return queue;
501}
502
503
504static unsigned long wme_classop_bind(struct Qdisc *qd, unsigned long parent,
505 u32 classid)
506{
507 return wme_classop_get(qd, classid);
508}
509
510
511static void wme_classop_put(struct Qdisc *q, unsigned long cl)
512{
513}
514
515
516static int wme_classop_change(struct Qdisc *qd, u32 handle, u32 parent,
517 struct rtattr **tca, unsigned long *arg)
518{
519 unsigned long cl = *arg;
520 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
521 struct ieee80211_hw *hw = &local->hw;
522
523 if (cl - 1 > hw->queues)
524 return -ENOENT;
525
526 /* TODO: put code to program hardware queue parameters here,
527 * to allow programming from tc command line */
528
529 return 0;
530}
531
532
533/* we don't support deleting hardware queues
534 * when we add WMM-SA support - TSPECs may be deleted here */
535static int wme_classop_delete(struct Qdisc *qd, unsigned long cl)
536{
537 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
538 struct ieee80211_hw *hw = &local->hw;
539
540 if (cl - 1 > hw->queues)
541 return -ENOENT;
542 return 0;
543}
544
545
546static int wme_classop_dump_class(struct Qdisc *qd, unsigned long cl,
547 struct sk_buff *skb, struct tcmsg *tcm)
548{
549 struct ieee80211_sched_data *q = qdisc_priv(qd);
550 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
551 struct ieee80211_hw *hw = &local->hw;
552
553 if (cl - 1 > hw->queues)
554 return -ENOENT;
555 tcm->tcm_handle = TC_H_MIN(cl);
556 tcm->tcm_parent = qd->handle;
557 tcm->tcm_info = q->queues[cl-1]->handle; /* do we need this? */
558 return 0;
559}
560
561
562static void wme_classop_walk(struct Qdisc *qd, struct qdisc_walker *arg)
563{
564 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
565 struct ieee80211_hw *hw = &local->hw;
566 int queue;
567
568 if (arg->stop)
569 return;
570
571 for (queue = 0; queue < hw->queues; queue++) {
572 if (arg->count < arg->skip) {
573 arg->count++;
574 continue;
575 }
576 /* we should return classids for our internal queues here
577 * as well as the external ones */
578 if (arg->fn(qd, queue+1, arg) < 0) {
579 arg->stop = 1;
580 break;
581 }
582 arg->count++;
583 }
584}
585
586
587static struct tcf_proto ** wme_classop_find_tcf(struct Qdisc *qd,
588 unsigned long cl)
589{
590 struct ieee80211_sched_data *q = qdisc_priv(qd);
591
592 if (cl)
593 return NULL;
594
595 return &q->filter_list;
596}
597
598
599/* this qdisc is classful (i.e. has classes, some of which may have leaf qdiscs attached)
600 * - these are the operations on the classes */
601static struct Qdisc_class_ops class_ops =
602{
603 .graft = wme_classop_graft,
604 .leaf = wme_classop_leaf,
605
606 .get = wme_classop_get,
607 .put = wme_classop_put,
608 .change = wme_classop_change,
609 .delete = wme_classop_delete,
610 .walk = wme_classop_walk,
611
612 .tcf_chain = wme_classop_find_tcf,
613 .bind_tcf = wme_classop_bind,
614 .unbind_tcf = wme_classop_put,
615
616 .dump = wme_classop_dump_class,
617};
618
619
620/* queueing discipline operations */
621static struct Qdisc_ops wme_qdisc_ops =
622{
623 .next = NULL,
624 .cl_ops = &class_ops,
625 .id = "ieee80211",
626 .priv_size = sizeof(struct ieee80211_sched_data),
627
628 .enqueue = wme_qdiscop_enqueue,
629 .dequeue = wme_qdiscop_dequeue,
630 .requeue = wme_qdiscop_requeue,
631 .drop = NULL, /* drop not needed since we are always the root qdisc */
632
633 .init = wme_qdiscop_init,
634 .reset = wme_qdiscop_reset,
635 .destroy = wme_qdiscop_destroy,
636 .change = wme_qdiscop_tune,
637
638 .dump = wme_qdiscop_dump,
639};
640
641
642void ieee80211_install_qdisc(struct net_device *dev)
643{
644 struct Qdisc *qdisc;
645
646 qdisc = qdisc_create_dflt(dev, &wme_qdisc_ops, TC_H_ROOT);
647 if (!qdisc) {
648 printk(KERN_ERR "%s: qdisc installation failed\n", dev->name);
649 return;
650 }
651
652 /* same handle as would be allocated by qdisc_alloc_handle() */
653 qdisc->handle = 0x80010000;
654
655 qdisc_lock_tree(dev);
656 list_add_tail(&qdisc->list, &dev->qdisc_list);
657 dev->qdisc_sleeping = qdisc;
658 qdisc_unlock_tree(dev);
659}
660
661
662int ieee80211_qdisc_installed(struct net_device *dev)
663{
664 return dev->qdisc_sleeping->ops == &wme_qdisc_ops;
665}
666
667
668int ieee80211_wme_register(void)
669{
670 return register_qdisc(&wme_qdisc_ops);
671}
672
673
674void ieee80211_wme_unregister(void)
675{
676 unregister_qdisc(&wme_qdisc_ops);
677}
678#endif /* CONFIG_NET_SCHED */
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
new file mode 100644
index 000000000000..f0bff10f0e08
--- /dev/null
+++ b/net/mac80211/wme.h
@@ -0,0 +1,57 @@
1/*
2 * IEEE 802.11 driver (80211.o) - QoS datatypes
3 * Copyright 2004, Instant802 Networks, Inc.
4 * Copyright 2005, Devicescape Software, Inc.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef _WME_H
12#define _WME_H
13
14#include <linux/netdevice.h>
15#include "ieee80211_i.h"
16
17#define QOS_CONTROL_LEN 2
18
19#define QOS_CONTROL_ACK_POLICY_NORMAL 0
20#define QOS_CONTROL_ACK_POLICY_NOACK 1
21
22#define QOS_CONTROL_TID_MASK 0x0f
23#define QOS_CONTROL_ACK_POLICY_SHIFT 5
24
25#define QOS_CONTROL_TAG1D_MASK 0x07
26
27ieee80211_txrx_result
28ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx);
29
30ieee80211_txrx_result
31ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx);
32
33#ifdef CONFIG_NET_SCHED
34void ieee80211_install_qdisc(struct net_device *dev);
35int ieee80211_qdisc_installed(struct net_device *dev);
36
37int ieee80211_wme_register(void);
38void ieee80211_wme_unregister(void);
39#else
40static inline void ieee80211_install_qdisc(struct net_device *dev)
41{
42}
43static inline int ieee80211_qdisc_installed(struct net_device *dev)
44{
45 return 0;
46}
47
48static inline int ieee80211_wme_register(void)
49{
50 return 0;
51}
52static inline void ieee80211_wme_unregister(void)
53{
54}
55#endif /* CONFIG_NET_SCHED */
56
57#endif /* _WME_H */
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
new file mode 100644
index 000000000000..783af32c6911
--- /dev/null
+++ b/net/mac80211/wpa.c
@@ -0,0 +1,660 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/netdevice.h>
10#include <linux/types.h>
11#include <linux/slab.h>
12#include <linux/skbuff.h>
13#include <linux/compiler.h>
14#include <net/iw_handler.h>
15
16#include <net/mac80211.h>
17#include "ieee80211_common.h"
18#include "ieee80211_i.h"
19#include "michael.h"
20#include "tkip.h"
21#include "aes_ccm.h"
22#include "wpa.h"
23
24static int ieee80211_get_hdr_info(const struct sk_buff *skb, u8 **sa, u8 **da,
25 u8 *qos_tid, u8 **data, size_t *data_len)
26{
27 struct ieee80211_hdr *hdr;
28 size_t hdrlen;
29 u16 fc;
30 int a4_included;
31 u8 *pos;
32
33 hdr = (struct ieee80211_hdr *) skb->data;
34 fc = le16_to_cpu(hdr->frame_control);
35
36 hdrlen = 24;
37 if ((fc & (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) ==
38 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
39 hdrlen += ETH_ALEN;
40 *sa = hdr->addr4;
41 *da = hdr->addr3;
42 } else if (fc & IEEE80211_FCTL_FROMDS) {
43 *sa = hdr->addr3;
44 *da = hdr->addr1;
45 } else if (fc & IEEE80211_FCTL_TODS) {
46 *sa = hdr->addr2;
47 *da = hdr->addr3;
48 } else {
49 *sa = hdr->addr2;
50 *da = hdr->addr1;
51 }
52
53 if (fc & 0x80)
54 hdrlen += 2;
55
56 *data = skb->data + hdrlen;
57 *data_len = skb->len - hdrlen;
58
59 a4_included = (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
60 (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS);
61 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
62 fc & IEEE80211_STYPE_QOS_DATA) {
63 pos = (u8 *) &hdr->addr4;
64 if (a4_included)
65 pos += 6;
66 *qos_tid = pos[0] & 0x0f;
67 *qos_tid |= 0x80; /* qos_included flag */
68 } else
69 *qos_tid = 0;
70
71 return skb->len < hdrlen ? -1 : 0;
72}
73
74
75ieee80211_txrx_result
76ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx)
77{
78 u8 *data, *sa, *da, *key, *mic, qos_tid;
79 size_t data_len;
80 u16 fc;
81 struct sk_buff *skb = tx->skb;
82 int authenticator;
83 int wpa_test = 0;
84
85 fc = tx->fc;
86
87 if (!tx->key || tx->key->alg != ALG_TKIP || skb->len < 24 ||
88 !WLAN_FC_DATA_PRESENT(fc))
89 return TXRX_CONTINUE;
90
91 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len))
92 return TXRX_DROP;
93
94 if (!tx->key->force_sw_encrypt &&
95 !tx->fragmented &&
96 !(tx->local->hw.flags & IEEE80211_HW_TKIP_INCLUDE_MMIC) &&
97 !wpa_test) {
98 /* hwaccel - with no need for preallocated room for Michael MIC
99 */
100 return TXRX_CONTINUE;
101 }
102
103 if (skb_tailroom(skb) < MICHAEL_MIC_LEN) {
104 I802_DEBUG_INC(tx->local->tx_expand_skb_head);
105 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN,
106 MICHAEL_MIC_LEN + TKIP_ICV_LEN,
107 GFP_ATOMIC))) {
108 printk(KERN_DEBUG "%s: failed to allocate more memory "
109 "for Michael MIC\n", tx->dev->name);
110 return TXRX_DROP;
111 }
112 }
113
114#if 0
115 authenticator = fc & IEEE80211_FCTL_FROMDS; /* FIX */
116#else
117 authenticator = 1;
118#endif
119 key = &tx->key->key[authenticator ? ALG_TKIP_TEMP_AUTH_TX_MIC_KEY :
120 ALG_TKIP_TEMP_AUTH_RX_MIC_KEY];
121 mic = skb_put(skb, MICHAEL_MIC_LEN);
122 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
123
124 return TXRX_CONTINUE;
125}
126
127
128ieee80211_txrx_result
129ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
130{
131 u8 *data, *sa, *da, *key = NULL, qos_tid;
132 size_t data_len;
133 u16 fc;
134 u8 mic[MICHAEL_MIC_LEN];
135 struct sk_buff *skb = rx->skb;
136 int authenticator = 1, wpa_test = 0;
137
138 fc = rx->fc;
139
140 /* If device handles decryption totally, skip this check */
141 if ((rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) ||
142 (rx->local->hw.flags & IEEE80211_HW_DEVICE_STRIPS_MIC))
143 return TXRX_CONTINUE;
144
145 if (!rx->key || rx->key->alg != ALG_TKIP ||
146 !(rx->fc & IEEE80211_FCTL_PROTECTED) || !WLAN_FC_DATA_PRESENT(fc))
147 return TXRX_CONTINUE;
148
149 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
150 !rx->key->force_sw_encrypt) {
151 if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
152 if (skb->len < MICHAEL_MIC_LEN)
153 return TXRX_DROP;
154 }
155 /* Need to verify Michael MIC sometimes in software even when
156 * hwaccel is used. Atheros ar5212: fragmented frames and QoS
157 * frames. */
158 if (!rx->fragmented && !wpa_test)
159 goto remove_mic;
160 }
161
162 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len)
163 || data_len < MICHAEL_MIC_LEN)
164 return TXRX_DROP;
165
166 data_len -= MICHAEL_MIC_LEN;
167
168#if 0
169 authenticator = fc & IEEE80211_FCTL_TODS; /* FIX */
170#else
171 authenticator = 1;
172#endif
173 key = &rx->key->key[authenticator ? ALG_TKIP_TEMP_AUTH_RX_MIC_KEY :
174 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];
175 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
176 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) {
177 if (!rx->u.rx.ra_match)
178 return TXRX_DROP;
179
180 printk(KERN_DEBUG "%s: invalid Michael MIC in data frame from "
181 MAC_FMT "\n", rx->dev->name, MAC_ARG(sa));
182
183 do {
184 struct ieee80211_hdr *hdr;
185 union iwreq_data wrqu;
186 char *buf = kmalloc(128, GFP_ATOMIC);
187 if (!buf)
188 break;
189
190 /* TODO: needed parameters: count, key type, TSC */
191 hdr = (struct ieee80211_hdr *) skb->data;
192 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
193 "keyid=%d %scast addr=" MAC_FMT ")",
194 rx->key->keyidx,
195 hdr->addr1[0] & 0x01 ? "broad" : "uni",
196 MAC_ARG(hdr->addr2));
197 memset(&wrqu, 0, sizeof(wrqu));
198 wrqu.data.length = strlen(buf);
199 wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf);
200 kfree(buf);
201 } while (0);
202
203 if (!rx->local->apdev)
204 return TXRX_DROP;
205
206 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
207 ieee80211_msg_michael_mic_failure);
208
209 return TXRX_QUEUED;
210 }
211
212 remove_mic:
213 /* remove Michael MIC from payload */
214 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
215
216 return TXRX_CONTINUE;
217}
218
219
220static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx,
221 struct sk_buff *skb, int test)
222{
223 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
224 struct ieee80211_key *key = tx->key;
225 int hdrlen, len, tailneed;
226 u16 fc;
227 u8 *pos;
228
229 fc = le16_to_cpu(hdr->frame_control);
230 hdrlen = ieee80211_get_hdrlen(fc);
231 len = skb->len - hdrlen;
232
233 tailneed = !tx->key->force_sw_encrypt ? 0 : TKIP_ICV_LEN;
234 if ((skb_headroom(skb) < TKIP_IV_LEN ||
235 skb_tailroom(skb) < tailneed)) {
236 I802_DEBUG_INC(tx->local->tx_expand_skb_head);
237 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN, tailneed,
238 GFP_ATOMIC)))
239 return -1;
240 }
241
242 pos = skb_push(skb, TKIP_IV_LEN);
243 memmove(pos, pos + TKIP_IV_LEN, hdrlen);
244 pos += hdrlen;
245
246 /* Increase IV for the frame */
247 key->u.tkip.iv16++;
248 if (key->u.tkip.iv16 == 0)
249 key->u.tkip.iv32++;
250
251 if (!tx->key->force_sw_encrypt) {
252 u32 flags = tx->local->hw.flags;
253 hdr = (struct ieee80211_hdr *)skb->data;
254
255 /* hwaccel - with preallocated room for IV */
256 ieee80211_tkip_add_iv(pos, key,
257 (u8) (key->u.tkip.iv16 >> 8),
258 (u8) (((key->u.tkip.iv16 >> 8) | 0x20) &
259 0x7f),
260 (u8) key->u.tkip.iv16);
261
262 if (flags & IEEE80211_HW_TKIP_REQ_PHASE2_KEY)
263 ieee80211_tkip_gen_rc4key(key, hdr->addr2,
264 tx->u.tx.control->tkip_key);
265 else if (flags & IEEE80211_HW_TKIP_REQ_PHASE1_KEY) {
266 if (key->u.tkip.iv16 == 0 ||
267 !key->u.tkip.tx_initialized) {
268 ieee80211_tkip_gen_phase1key(key, hdr->addr2,
269 (u16 *)tx->u.tx.control->tkip_key);
270 key->u.tkip.tx_initialized = 1;
271 tx->u.tx.control->flags |=
272 IEEE80211_TXCTL_TKIP_NEW_PHASE1_KEY;
273 } else
274 tx->u.tx.control->flags &=
275 ~IEEE80211_TXCTL_TKIP_NEW_PHASE1_KEY;
276 }
277
278 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
279 return 0;
280 }
281
282 /* Add room for ICV */
283 skb_put(skb, TKIP_ICV_LEN);
284
285 hdr = (struct ieee80211_hdr *) skb->data;
286 ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm,
287 key, pos, len, hdr->addr2);
288 return 0;
289}
290
291
292ieee80211_txrx_result
293ieee80211_tx_h_tkip_encrypt(struct ieee80211_txrx_data *tx)
294{
295 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
296 u16 fc;
297 struct ieee80211_key *key = tx->key;
298 struct sk_buff *skb = tx->skb;
299 int wpa_test = 0, test = 0;
300
301 fc = le16_to_cpu(hdr->frame_control);
302
303 if (!key || key->alg != ALG_TKIP || !WLAN_FC_DATA_PRESENT(fc))
304 return TXRX_CONTINUE;
305
306 tx->u.tx.control->icv_len = TKIP_ICV_LEN;
307 tx->u.tx.control->iv_len = TKIP_IV_LEN;
308 ieee80211_tx_set_iswep(tx);
309
310 if (!tx->key->force_sw_encrypt &&
311 !(tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
312 !wpa_test) {
313 /* hwaccel - with no need for preallocated room for IV/ICV */
314 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
315 return TXRX_CONTINUE;
316 }
317
318 if (tkip_encrypt_skb(tx, skb, test) < 0)
319 return TXRX_DROP;
320
321 if (tx->u.tx.extra_frag) {
322 int i;
323 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
324 if (tkip_encrypt_skb(tx, tx->u.tx.extra_frag[i], test)
325 < 0)
326 return TXRX_DROP;
327 }
328 }
329
330 return TXRX_CONTINUE;
331}
332
333
334ieee80211_txrx_result
335ieee80211_rx_h_tkip_decrypt(struct ieee80211_txrx_data *rx)
336{
337 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
338 u16 fc;
339 int hdrlen, res, hwaccel = 0, wpa_test = 0;
340 struct ieee80211_key *key = rx->key;
341 struct sk_buff *skb = rx->skb;
342
343 fc = le16_to_cpu(hdr->frame_control);
344 hdrlen = ieee80211_get_hdrlen(fc);
345
346 if (!rx->key || rx->key->alg != ALG_TKIP ||
347 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
348 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
349 return TXRX_CONTINUE;
350
351 if (!rx->sta || skb->len - hdrlen < 12)
352 return TXRX_DROP;
353
354 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
355 !rx->key->force_sw_encrypt) {
356 if (!(rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV)) {
357 /* Hardware takes care of all processing, including
358 * replay protection, so no need to continue here. */
359 return TXRX_CONTINUE;
360 }
361
362 /* let TKIP code verify IV, but skip decryption */
363 hwaccel = 1;
364 }
365
366 res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm,
367 key, skb->data + hdrlen,
368 skb->len - hdrlen, rx->sta->addr,
369 hwaccel, rx->u.rx.queue);
370 if (res != TKIP_DECRYPT_OK || wpa_test) {
371 printk(KERN_DEBUG "%s: TKIP decrypt failed for RX frame from "
372 MAC_FMT " (res=%d)\n",
373 rx->dev->name, MAC_ARG(rx->sta->addr), res);
374 return TXRX_DROP;
375 }
376
377 /* Trim ICV */
378 skb_trim(skb, skb->len - TKIP_ICV_LEN);
379
380 /* Remove IV */
381 memmove(skb->data + TKIP_IV_LEN, skb->data, hdrlen);
382 skb_pull(skb, TKIP_IV_LEN);
383
384 return TXRX_CONTINUE;
385}
386
387
388static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *b_0, u8 *aad,
389 int encrypted)
390{
391 u16 fc;
392 int a4_included, qos_included;
393 u8 qos_tid, *fc_pos, *data, *sa, *da;
394 int len_a;
395 size_t data_len;
396 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
397
398 fc_pos = (u8 *) &hdr->frame_control;
399 fc = fc_pos[0] ^ (fc_pos[1] << 8);
400 a4_included = (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
401 (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS);
402
403 ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len);
404 data_len -= CCMP_HDR_LEN + (encrypted ? CCMP_MIC_LEN : 0);
405 if (qos_tid & 0x80) {
406 qos_included = 1;
407 qos_tid &= 0x0f;
408 } else
409 qos_included = 0;
410 /* First block, b_0 */
411
412 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
413 /* Nonce: QoS Priority | A2 | PN */
414 b_0[1] = qos_tid;
415 memcpy(&b_0[2], hdr->addr2, 6);
416 memcpy(&b_0[8], pn, CCMP_PN_LEN);
417 /* l(m) */
418 b_0[14] = (data_len >> 8) & 0xff;
419 b_0[15] = data_len & 0xff;
420
421
422 /* AAD (extra authenticate-only data) / masked 802.11 header
423 * FC | A1 | A2 | A3 | SC | [A4] | [QC] */
424
425 len_a = a4_included ? 28 : 22;
426 if (qos_included)
427 len_a += 2;
428
429 aad[0] = 0; /* (len_a >> 8) & 0xff; */
430 aad[1] = len_a & 0xff;
431 /* Mask FC: zero subtype b4 b5 b6 */
432 aad[2] = fc_pos[0] & ~(BIT(4) | BIT(5) | BIT(6));
433 /* Retry, PwrMgt, MoreData; set Protected */
434 aad[3] = (fc_pos[1] & ~(BIT(3) | BIT(4) | BIT(5))) | BIT(6);
435 memcpy(&aad[4], &hdr->addr1, 18);
436
437 /* Mask Seq#, leave Frag# */
438 aad[22] = *((u8 *) &hdr->seq_ctrl) & 0x0f;
439 aad[23] = 0;
440 if (a4_included) {
441 memcpy(&aad[24], hdr->addr4, 6);
442 aad[30] = 0;
443 aad[31] = 0;
444 } else
445 memset(&aad[24], 0, 8);
446 if (qos_included) {
447 u8 *dpos = &aad[a4_included ? 30 : 24];
448
449 /* Mask QoS Control field */
450 dpos[0] = qos_tid;
451 dpos[1] = 0;
452 }
453}
454
455
456static inline void ccmp_pn2hdr(u8 *hdr, u8 *pn, int key_id)
457{
458 hdr[0] = pn[5];
459 hdr[1] = pn[4];
460 hdr[2] = 0;
461 hdr[3] = 0x20 | (key_id << 6);
462 hdr[4] = pn[3];
463 hdr[5] = pn[2];
464 hdr[6] = pn[1];
465 hdr[7] = pn[0];
466}
467
468
469static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr)
470{
471 pn[0] = hdr[7];
472 pn[1] = hdr[6];
473 pn[2] = hdr[5];
474 pn[3] = hdr[4];
475 pn[4] = hdr[1];
476 pn[5] = hdr[0];
477 return (hdr[3] >> 6) & 0x03;
478}
479
480
481static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx,
482 struct sk_buff *skb, int test)
483{
484 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
485 struct ieee80211_key *key = tx->key;
486 int hdrlen, len, tailneed;
487 u16 fc;
488 u8 *pos, *pn, *b_0, *aad, *scratch;
489 int i;
490
491 scratch = key->u.ccmp.tx_crypto_buf;
492 b_0 = scratch + 3 * AES_BLOCK_LEN;
493 aad = scratch + 4 * AES_BLOCK_LEN;
494
495 fc = le16_to_cpu(hdr->frame_control);
496 hdrlen = ieee80211_get_hdrlen(fc);
497 len = skb->len - hdrlen;
498
499 tailneed = !key->force_sw_encrypt ? 0 : CCMP_MIC_LEN;
500
501 if ((skb_headroom(skb) < CCMP_HDR_LEN ||
502 skb_tailroom(skb) < tailneed)) {
503 I802_DEBUG_INC(tx->local->tx_expand_skb_head);
504 if (unlikely(pskb_expand_head(skb, CCMP_HDR_LEN, tailneed,
505 GFP_ATOMIC)))
506 return -1;
507 }
508
509 pos = skb_push(skb, CCMP_HDR_LEN);
510 memmove(pos, pos + CCMP_HDR_LEN, hdrlen);
511 hdr = (struct ieee80211_hdr *) pos;
512 pos += hdrlen;
513
514 /* PN = PN + 1 */
515 pn = key->u.ccmp.tx_pn;
516
517 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
518 pn[i]++;
519 if (pn[i])
520 break;
521 }
522
523 ccmp_pn2hdr(pos, pn, key->keyidx);
524
525 if (!key->force_sw_encrypt) {
526 /* hwaccel - with preallocated room for CCMP header */
527 tx->u.tx.control->key_idx = key->hw_key_idx;
528 return 0;
529 }
530
531 pos += CCMP_HDR_LEN;
532 ccmp_special_blocks(skb, pn, b_0, aad, 0);
533 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, scratch, b_0, aad, pos, len,
534 pos, skb_put(skb, CCMP_MIC_LEN));
535
536 return 0;
537}
538
539
540ieee80211_txrx_result
541ieee80211_tx_h_ccmp_encrypt(struct ieee80211_txrx_data *tx)
542{
543 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
544 struct ieee80211_key *key = tx->key;
545 u16 fc;
546 struct sk_buff *skb = tx->skb;
547 int test = 0;
548
549 fc = le16_to_cpu(hdr->frame_control);
550
551 if (!key || key->alg != ALG_CCMP || !WLAN_FC_DATA_PRESENT(fc))
552 return TXRX_CONTINUE;
553
554 tx->u.tx.control->icv_len = CCMP_MIC_LEN;
555 tx->u.tx.control->iv_len = CCMP_HDR_LEN;
556 ieee80211_tx_set_iswep(tx);
557
558 if (!tx->key->force_sw_encrypt &&
559 !(tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV)) {
560 /* hwaccel - with no need for preallocated room for CCMP "
561 * header or MIC fields */
562 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
563 return TXRX_CONTINUE;
564 }
565
566 if (ccmp_encrypt_skb(tx, skb, test) < 0)
567 return TXRX_DROP;
568
569 if (tx->u.tx.extra_frag) {
570 int i;
571
572 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
573 if (ccmp_encrypt_skb(tx, tx->u.tx.extra_frag[i], test)
574 < 0)
575 return TXRX_DROP;
576 }
577 }
578
579 return TXRX_CONTINUE;
580}
581
582
583ieee80211_txrx_result
584ieee80211_rx_h_ccmp_decrypt(struct ieee80211_txrx_data *rx)
585{
586 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
587 u16 fc;
588 int hdrlen;
589 struct ieee80211_key *key = rx->key;
590 struct sk_buff *skb = rx->skb;
591 u8 pn[CCMP_PN_LEN];
592 int data_len;
593
594 fc = le16_to_cpu(hdr->frame_control);
595 hdrlen = ieee80211_get_hdrlen(fc);
596
597 if (!key || key->alg != ALG_CCMP ||
598 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
599 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
600 return TXRX_CONTINUE;
601
602 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
603 if (!rx->sta || data_len < 0)
604 return TXRX_DROP;
605
606 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
607 !key->force_sw_encrypt &&
608 !(rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV))
609 return TXRX_CONTINUE;
610
611 (void) ccmp_hdr2pn(pn, skb->data + hdrlen);
612
613 if (memcmp(pn, key->u.ccmp.rx_pn[rx->u.rx.queue], CCMP_PN_LEN) <= 0) {
614#ifdef CONFIG_MAC80211_DEBUG
615 u8 *ppn = key->u.ccmp.rx_pn[rx->u.rx.queue];
616 printk(KERN_DEBUG "%s: CCMP replay detected for RX frame from "
617 MAC_FMT " (RX PN %02x%02x%02x%02x%02x%02x <= prev. PN "
618 "%02x%02x%02x%02x%02x%02x)\n", rx->dev->name,
619 MAC_ARG(rx->sta->addr),
620 pn[0], pn[1], pn[2], pn[3], pn[4], pn[5],
621 ppn[0], ppn[1], ppn[2], ppn[3], ppn[4], ppn[5]);
622#endif /* CONFIG_MAC80211_DEBUG */
623 key->u.ccmp.replays++;
624 return TXRX_DROP;
625 }
626
627 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
628 !key->force_sw_encrypt) {
629 /* hwaccel has already decrypted frame and verified MIC */
630 } else {
631 u8 *scratch, *b_0, *aad;
632
633 scratch = key->u.ccmp.rx_crypto_buf;
634 b_0 = scratch + 3 * AES_BLOCK_LEN;
635 aad = scratch + 4 * AES_BLOCK_LEN;
636
637 ccmp_special_blocks(skb, pn, b_0, aad, 1);
638
639 if (ieee80211_aes_ccm_decrypt(
640 key->u.ccmp.tfm, scratch, b_0, aad,
641 skb->data + hdrlen + CCMP_HDR_LEN, data_len,
642 skb->data + skb->len - CCMP_MIC_LEN,
643 skb->data + hdrlen + CCMP_HDR_LEN)) {
644 printk(KERN_DEBUG "%s: CCMP decrypt failed for RX "
645 "frame from " MAC_FMT "\n", rx->dev->name,
646 MAC_ARG(rx->sta->addr));
647 return TXRX_DROP;
648 }
649 }
650
651 memcpy(key->u.ccmp.rx_pn[rx->u.rx.queue], pn, CCMP_PN_LEN);
652
653 /* Remove CCMP header and MIC */
654 skb_trim(skb, skb->len - CCMP_MIC_LEN);
655 memmove(skb->data + CCMP_HDR_LEN, skb->data, hdrlen);
656 skb_pull(skb, CCMP_HDR_LEN);
657
658 return TXRX_CONTINUE;
659}
660
diff --git a/net/mac80211/wpa.h b/net/mac80211/wpa.h
new file mode 100644
index 000000000000..da3b9594f9c3
--- /dev/null
+++ b/net/mac80211/wpa.h
@@ -0,0 +1,31 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef WPA_H
10#define WPA_H
11
12#include <linux/skbuff.h>
13#include <linux/types.h>
14#include "ieee80211_i.h"
15
16ieee80211_txrx_result
17ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx);
18ieee80211_txrx_result
19ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx);
20
21ieee80211_txrx_result
22ieee80211_tx_h_tkip_encrypt(struct ieee80211_txrx_data *tx);
23ieee80211_txrx_result
24ieee80211_rx_h_tkip_decrypt(struct ieee80211_txrx_data *rx);
25
26ieee80211_txrx_result
27ieee80211_tx_h_ccmp_encrypt(struct ieee80211_txrx_data *tx);
28ieee80211_txrx_result
29ieee80211_rx_h_ccmp_decrypt(struct ieee80211_txrx_data *rx);
30
31#endif /* WPA_H */
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 42d2fb94eff1..507828d7d4ae 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -140,6 +140,14 @@ static struct hlist_head *nl_pid_hashfn(struct nl_pid_hash *hash, u32 pid)
140 140
141static void netlink_sock_destruct(struct sock *sk) 141static void netlink_sock_destruct(struct sock *sk)
142{ 142{
143 struct netlink_sock *nlk = nlk_sk(sk);
144
145 if (nlk->cb) {
146 if (nlk->cb->done)
147 nlk->cb->done(nlk->cb);
148 netlink_destroy_callback(nlk->cb);
149 }
150
143 skb_queue_purge(&sk->sk_receive_queue); 151 skb_queue_purge(&sk->sk_receive_queue);
144 152
145 if (!sock_flag(sk, SOCK_DEAD)) { 153 if (!sock_flag(sk, SOCK_DEAD)) {
@@ -148,7 +156,6 @@ static void netlink_sock_destruct(struct sock *sk)
148 } 156 }
149 BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc)); 157 BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc));
150 BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc)); 158 BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc));
151 BUG_TRAP(!nlk_sk(sk)->cb);
152 BUG_TRAP(!nlk_sk(sk)->groups); 159 BUG_TRAP(!nlk_sk(sk)->groups);
153} 160}
154 161
@@ -456,17 +463,10 @@ static int netlink_release(struct socket *sock)
456 sock_orphan(sk); 463 sock_orphan(sk);
457 nlk = nlk_sk(sk); 464 nlk = nlk_sk(sk);
458 465
459 mutex_lock(nlk->cb_mutex); 466 /*
460 if (nlk->cb) { 467 * OK. Socket is unlinked, any packets that arrive now
461 if (nlk->cb->done) 468 * will be purged.
462 nlk->cb->done(nlk->cb); 469 */
463 netlink_destroy_callback(nlk->cb);
464 nlk->cb = NULL;
465 }
466 mutex_unlock(nlk->cb_mutex);
467
468 /* OK. Socket is unlinked, and, therefore,
469 no new packets will arrive */
470 470
471 sock->sk = NULL; 471 sock->sk = NULL;
472 wake_up_interruptible_all(&nlk->wait); 472 wake_up_interruptible_all(&nlk->wait);
@@ -1245,16 +1245,14 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1245 siocb->scm = &scm; 1245 siocb->scm = &scm;
1246 } 1246 }
1247 siocb->scm->creds = *NETLINK_CREDS(skb); 1247 siocb->scm->creds = *NETLINK_CREDS(skb);
1248 if (flags & MSG_TRUNC)
1249 copied = skb->len;
1248 skb_free_datagram(sk, skb); 1250 skb_free_datagram(sk, skb);
1249 1251
1250 if (nlk->cb && atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf / 2) 1252 if (nlk->cb && atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf / 2)
1251 netlink_dump(sk); 1253 netlink_dump(sk);
1252 1254
1253 scm_recv(sock, msg, siocb->scm, flags); 1255 scm_recv(sock, msg, siocb->scm, flags);
1254
1255 if (flags & MSG_TRUNC)
1256 copied = skb->len;
1257
1258out: 1256out:
1259 netlink_rcv_wake(sk); 1257 netlink_rcv_wake(sk);
1260 return err ? : copied; 1258 return err ? : copied;
@@ -1426,9 +1424,9 @@ int netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
1426 return -ECONNREFUSED; 1424 return -ECONNREFUSED;
1427 } 1425 }
1428 nlk = nlk_sk(sk); 1426 nlk = nlk_sk(sk);
1429 /* A dump or destruction is in progress... */ 1427 /* A dump is in progress... */
1430 mutex_lock(nlk->cb_mutex); 1428 mutex_lock(nlk->cb_mutex);
1431 if (nlk->cb || sock_flag(sk, SOCK_DEAD)) { 1429 if (nlk->cb) {
1432 mutex_unlock(nlk->cb_mutex); 1430 mutex_unlock(nlk->cb_mutex);
1433 netlink_destroy_callback(cb); 1431 netlink_destroy_callback(cb);
1434 sock_put(sk); 1432 sock_put(sk);
diff --git a/net/netrom/nr_route.c b/net/netrom/nr_route.c
index 8e6bd4e9d82c..2f76e062609d 100644
--- a/net/netrom/nr_route.c
+++ b/net/netrom/nr_route.c
@@ -598,7 +598,7 @@ struct net_device *nr_dev_first(void)
598 struct net_device *dev, *first = NULL; 598 struct net_device *dev, *first = NULL;
599 599
600 read_lock(&dev_base_lock); 600 read_lock(&dev_base_lock);
601 for (dev = dev_base; dev != NULL; dev = dev->next) { 601 for_each_netdev(dev) {
602 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_NETROM) 602 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_NETROM)
603 if (first == NULL || strncmp(dev->name, first->name, 3) < 0) 603 if (first == NULL || strncmp(dev->name, first->name, 3) < 0)
604 first = dev; 604 first = dev;
@@ -618,12 +618,13 @@ struct net_device *nr_dev_get(ax25_address *addr)
618 struct net_device *dev; 618 struct net_device *dev;
619 619
620 read_lock(&dev_base_lock); 620 read_lock(&dev_base_lock);
621 for (dev = dev_base; dev != NULL; dev = dev->next) { 621 for_each_netdev(dev) {
622 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_NETROM && ax25cmp(addr, (ax25_address *)dev->dev_addr) == 0) { 622 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_NETROM && ax25cmp(addr, (ax25_address *)dev->dev_addr) == 0) {
623 dev_hold(dev); 623 dev_hold(dev);
624 goto out; 624 goto out;
625 } 625 }
626 } 626 }
627 dev = NULL;
627out: 628out:
628 read_unlock(&dev_base_lock); 629 read_unlock(&dev_base_lock);
629 return dev; 630 return dev;
diff --git a/net/rose/rose_route.c b/net/rose/rose_route.c
index 1f9aefd95a99..929a784a86d7 100644
--- a/net/rose/rose_route.c
+++ b/net/rose/rose_route.c
@@ -596,7 +596,7 @@ struct net_device *rose_dev_first(void)
596 struct net_device *dev, *first = NULL; 596 struct net_device *dev, *first = NULL;
597 597
598 read_lock(&dev_base_lock); 598 read_lock(&dev_base_lock);
599 for (dev = dev_base; dev != NULL; dev = dev->next) { 599 for_each_netdev(dev) {
600 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE) 600 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE)
601 if (first == NULL || strncmp(dev->name, first->name, 3) < 0) 601 if (first == NULL || strncmp(dev->name, first->name, 3) < 0)
602 first = dev; 602 first = dev;
@@ -614,12 +614,13 @@ struct net_device *rose_dev_get(rose_address *addr)
614 struct net_device *dev; 614 struct net_device *dev;
615 615
616 read_lock(&dev_base_lock); 616 read_lock(&dev_base_lock);
617 for (dev = dev_base; dev != NULL; dev = dev->next) { 617 for_each_netdev(dev) {
618 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE && rosecmp(addr, (rose_address *)dev->dev_addr) == 0) { 618 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE && rosecmp(addr, (rose_address *)dev->dev_addr) == 0) {
619 dev_hold(dev); 619 dev_hold(dev);
620 goto out; 620 goto out;
621 } 621 }
622 } 622 }
623 dev = NULL;
623out: 624out:
624 read_unlock(&dev_base_lock); 625 read_unlock(&dev_base_lock);
625 return dev; 626 return dev;
@@ -630,10 +631,11 @@ static int rose_dev_exists(rose_address *addr)
630 struct net_device *dev; 631 struct net_device *dev;
631 632
632 read_lock(&dev_base_lock); 633 read_lock(&dev_base_lock);
633 for (dev = dev_base; dev != NULL; dev = dev->next) { 634 for_each_netdev(dev) {
634 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE && rosecmp(addr, (rose_address *)dev->dev_addr) == 0) 635 if ((dev->flags & IFF_UP) && dev->type == ARPHRD_ROSE && rosecmp(addr, (rose_address *)dev->dev_addr) == 0)
635 goto out; 636 goto out;
636 } 637 }
638 dev = NULL;
637out: 639out:
638 read_unlock(&dev_base_lock); 640 read_unlock(&dev_base_lock);
639 return dev != NULL; 641 return dev != NULL;
diff --git a/net/rxrpc/Kconfig b/net/rxrpc/Kconfig
index 8750f6da6bc7..91b3d52f6f1a 100644
--- a/net/rxrpc/Kconfig
+++ b/net/rxrpc/Kconfig
@@ -5,6 +5,7 @@
5config AF_RXRPC 5config AF_RXRPC
6 tristate "RxRPC session sockets" 6 tristate "RxRPC session sockets"
7 depends on EXPERIMENTAL 7 depends on EXPERIMENTAL
8 select KEYS
8 help 9 help
9 Say Y or M here to include support for RxRPC session sockets (just 10 Say Y or M here to include support for RxRPC session sockets (just
10 the transport part, not the presentation part: (un)marshalling is 11 the transport part, not the presentation part: (un)marshalling is
@@ -29,7 +30,7 @@ config AF_RXRPC_DEBUG
29 30
30config RXKAD 31config RXKAD
31 tristate "RxRPC Kerberos security" 32 tristate "RxRPC Kerberos security"
32 depends on AF_RXRPC && KEYS 33 depends on AF_RXRPC
33 select CRYPTO 34 select CRYPTO
34 select CRYPTO_MANAGER 35 select CRYPTO_MANAGER
35 select CRYPTO_BLKCIPHER 36 select CRYPTO_BLKCIPHER
diff --git a/net/rxrpc/ar-ack.c b/net/rxrpc/ar-ack.c
index fc07a926df56..657ee69f2133 100644
--- a/net/rxrpc/ar-ack.c
+++ b/net/rxrpc/ar-ack.c
@@ -543,6 +543,38 @@ static void rxrpc_zap_tx_window(struct rxrpc_call *call)
543} 543}
544 544
545/* 545/*
546 * process the extra information that may be appended to an ACK packet
547 */
548static void rxrpc_extract_ackinfo(struct rxrpc_call *call, struct sk_buff *skb,
549 unsigned latest, int nAcks)
550{
551 struct rxrpc_ackinfo ackinfo;
552 struct rxrpc_peer *peer;
553 unsigned mtu;
554
555 if (skb_copy_bits(skb, nAcks + 3, &ackinfo, sizeof(ackinfo)) < 0) {
556 _leave(" [no ackinfo]");
557 return;
558 }
559
560 _proto("Rx ACK %%%u Info { rx=%u max=%u rwin=%u jm=%u }",
561 latest,
562 ntohl(ackinfo.rxMTU), ntohl(ackinfo.maxMTU),
563 ntohl(ackinfo.rwind), ntohl(ackinfo.jumbo_max));
564
565 mtu = min(ntohl(ackinfo.rxMTU), ntohl(ackinfo.maxMTU));
566
567 peer = call->conn->trans->peer;
568 if (mtu < peer->maxdata) {
569 spin_lock_bh(&peer->lock);
570 peer->maxdata = mtu;
571 peer->mtu = mtu + peer->hdrsize;
572 spin_unlock_bh(&peer->lock);
573 _net("Net MTU %u (maxdata %u)", peer->mtu, peer->maxdata);
574 }
575}
576
577/*
546 * process packets in the reception queue 578 * process packets in the reception queue
547 */ 579 */
548static int rxrpc_process_rx_queue(struct rxrpc_call *call, 580static int rxrpc_process_rx_queue(struct rxrpc_call *call,
@@ -606,6 +638,8 @@ process_further:
606 rxrpc_acks[ack.reason], 638 rxrpc_acks[ack.reason],
607 ack.nAcks); 639 ack.nAcks);
608 640
641 rxrpc_extract_ackinfo(call, skb, latest, ack.nAcks);
642
609 if (ack.reason == RXRPC_ACK_PING) { 643 if (ack.reason == RXRPC_ACK_PING) {
610 _proto("Rx ACK %%%u PING Request", latest); 644 _proto("Rx ACK %%%u PING Request", latest);
611 rxrpc_propose_ACK(call, RXRPC_ACK_PING_RESPONSE, 645 rxrpc_propose_ACK(call, RXRPC_ACK_PING_RESPONSE,
@@ -801,9 +835,9 @@ void rxrpc_process_call(struct work_struct *work)
801 struct msghdr msg; 835 struct msghdr msg;
802 struct kvec iov[5]; 836 struct kvec iov[5];
803 unsigned long bits; 837 unsigned long bits;
804 __be32 data; 838 __be32 data, pad;
805 size_t len; 839 size_t len;
806 int genbit, loop, nbit, ioc, ret; 840 int genbit, loop, nbit, ioc, ret, mtu;
807 u32 abort_code = RX_PROTOCOL_ERROR; 841 u32 abort_code = RX_PROTOCOL_ERROR;
808 u8 *acks = NULL; 842 u8 *acks = NULL;
809 843
@@ -899,9 +933,30 @@ void rxrpc_process_call(struct work_struct *work)
899 } 933 }
900 934
901 if (test_bit(RXRPC_CALL_ACK_FINAL, &call->events)) { 935 if (test_bit(RXRPC_CALL_ACK_FINAL, &call->events)) {
902 hdr.type = RXRPC_PACKET_TYPE_ACKALL;
903 genbit = RXRPC_CALL_ACK_FINAL; 936 genbit = RXRPC_CALL_ACK_FINAL;
904 goto send_message; 937
938 ack.bufferSpace = htons(8);
939 ack.maxSkew = 0;
940 ack.serial = 0;
941 ack.reason = RXRPC_ACK_IDLE;
942 ack.nAcks = 0;
943 call->ackr_reason = 0;
944
945 spin_lock_bh(&call->lock);
946 ack.serial = call->ackr_serial;
947 ack.previousPacket = call->ackr_prev_seq;
948 ack.firstPacket = htonl(call->rx_data_eaten + 1);
949 spin_unlock_bh(&call->lock);
950
951 pad = 0;
952
953 iov[1].iov_base = &ack;
954 iov[1].iov_len = sizeof(ack);
955 iov[2].iov_base = &pad;
956 iov[2].iov_len = 3;
957 iov[3].iov_base = &ackinfo;
958 iov[3].iov_len = sizeof(ackinfo);
959 goto send_ACK;
905 } 960 }
906 961
907 if (call->events & ((1 << RXRPC_CALL_RCVD_BUSY) | 962 if (call->events & ((1 << RXRPC_CALL_RCVD_BUSY) |
@@ -971,8 +1026,6 @@ void rxrpc_process_call(struct work_struct *work)
971 1026
972 /* consider sending an ordinary ACK */ 1027 /* consider sending an ordinary ACK */
973 if (test_bit(RXRPC_CALL_ACK, &call->events)) { 1028 if (test_bit(RXRPC_CALL_ACK, &call->events)) {
974 __be32 pad;
975
976 _debug("send ACK: window: %d - %d { %lx }", 1029 _debug("send ACK: window: %d - %d { %lx }",
977 call->rx_data_eaten, call->ackr_win_top, 1030 call->rx_data_eaten, call->ackr_win_top,
978 call->ackr_window[0]); 1031 call->ackr_window[0]);
@@ -997,12 +1050,6 @@ void rxrpc_process_call(struct work_struct *work)
997 ack.serial = 0; 1050 ack.serial = 0;
998 ack.reason = 0; 1051 ack.reason = 0;
999 1052
1000 ackinfo.rxMTU = htonl(5692);
1001// ackinfo.rxMTU = htonl(call->conn->trans->peer->maxdata);
1002 ackinfo.maxMTU = htonl(call->conn->trans->peer->maxdata);
1003 ackinfo.rwind = htonl(32);
1004 ackinfo.jumbo_max = htonl(4);
1005
1006 spin_lock_bh(&call->lock); 1053 spin_lock_bh(&call->lock);
1007 ack.reason = call->ackr_reason; 1054 ack.reason = call->ackr_reason;
1008 ack.serial = call->ackr_serial; 1055 ack.serial = call->ackr_serial;
@@ -1116,6 +1163,15 @@ send_ACK_with_skew:
1116 ack.maxSkew = htons(atomic_read(&call->conn->hi_serial) - 1163 ack.maxSkew = htons(atomic_read(&call->conn->hi_serial) -
1117 ntohl(ack.serial)); 1164 ntohl(ack.serial));
1118send_ACK: 1165send_ACK:
1166 mtu = call->conn->trans->peer->if_mtu;
1167 mtu -= call->conn->trans->peer->hdrsize;
1168 ackinfo.maxMTU = htonl(mtu);
1169 ackinfo.rwind = htonl(32);
1170
1171 /* permit the peer to send us jumbo packets if it wants to */
1172 ackinfo.rxMTU = htonl(5692);
1173 ackinfo.jumbo_max = htonl(4);
1174
1119 hdr.serial = htonl(atomic_inc_return(&call->conn->serial)); 1175 hdr.serial = htonl(atomic_inc_return(&call->conn->serial));
1120 _proto("Tx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }", 1176 _proto("Tx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
1121 ntohl(hdr.serial), 1177 ntohl(hdr.serial),
diff --git a/net/rxrpc/ar-error.c b/net/rxrpc/ar-error.c
index 2c27df1ffa17..6cb3e8890e7e 100644
--- a/net/rxrpc/ar-error.c
+++ b/net/rxrpc/ar-error.c
@@ -100,8 +100,10 @@ void rxrpc_UDP_error_report(struct sock *sk)
100 } 100 }
101 101
102 if (mtu < peer->mtu) { 102 if (mtu < peer->mtu) {
103 spin_lock_bh(&peer->lock);
103 peer->mtu = mtu; 104 peer->mtu = mtu;
104 peer->maxdata = peer->mtu - peer->hdrsize; 105 peer->maxdata = peer->mtu - peer->hdrsize;
106 spin_unlock_bh(&peer->lock);
105 _net("Net MTU %u (maxdata %u)", 107 _net("Net MTU %u (maxdata %u)",
106 peer->mtu, peer->maxdata); 108 peer->mtu, peer->maxdata);
107 } 109 }
diff --git a/net/rxrpc/ar-output.c b/net/rxrpc/ar-output.c
index 5cdde4a48ed1..591c4422205e 100644
--- a/net/rxrpc/ar-output.c
+++ b/net/rxrpc/ar-output.c
@@ -582,7 +582,7 @@ static int rxrpc_send_data(struct kiocb *iocb,
582 max &= ~(call->conn->size_align - 1UL); 582 max &= ~(call->conn->size_align - 1UL);
583 583
584 chunk = max; 584 chunk = max;
585 if (chunk > len) 585 if (chunk > len && !more)
586 chunk = len; 586 chunk = len;
587 587
588 space = chunk + call->conn->size_align; 588 space = chunk + call->conn->size_align;
diff --git a/net/rxrpc/ar-peer.c b/net/rxrpc/ar-peer.c
index d399de4a7fe2..ce08b78647ce 100644
--- a/net/rxrpc/ar-peer.c
+++ b/net/rxrpc/ar-peer.c
@@ -19,6 +19,7 @@
19#include <net/sock.h> 19#include <net/sock.h>
20#include <net/af_rxrpc.h> 20#include <net/af_rxrpc.h>
21#include <net/ip.h> 21#include <net/ip.h>
22#include <net/route.h>
22#include "ar-internal.h" 23#include "ar-internal.h"
23 24
24static LIST_HEAD(rxrpc_peers); 25static LIST_HEAD(rxrpc_peers);
@@ -28,6 +29,47 @@ static DECLARE_WAIT_QUEUE_HEAD(rxrpc_peer_wq);
28static void rxrpc_destroy_peer(struct work_struct *work); 29static void rxrpc_destroy_peer(struct work_struct *work);
29 30
30/* 31/*
32 * assess the MTU size for the network interface through which this peer is
33 * reached
34 */
35static void rxrpc_assess_MTU_size(struct rxrpc_peer *peer)
36{
37 struct rtable *rt;
38 struct flowi fl;
39 int ret;
40
41 peer->if_mtu = 1500;
42
43 memset(&fl, 0, sizeof(fl));
44
45 switch (peer->srx.transport.family) {
46 case AF_INET:
47 fl.oif = 0;
48 fl.proto = IPPROTO_UDP,
49 fl.nl_u.ip4_u.saddr = 0;
50 fl.nl_u.ip4_u.daddr = peer->srx.transport.sin.sin_addr.s_addr;
51 fl.nl_u.ip4_u.tos = 0;
52 /* assume AFS.CM talking to AFS.FS */
53 fl.uli_u.ports.sport = htons(7001);
54 fl.uli_u.ports.dport = htons(7000);
55 break;
56 default:
57 BUG();
58 }
59
60 ret = ip_route_output_key(&rt, &fl);
61 if (ret < 0) {
62 kleave(" [route err %d]", ret);
63 return;
64 }
65
66 peer->if_mtu = dst_mtu(&rt->u.dst);
67 dst_release(&rt->u.dst);
68
69 kleave(" [if_mtu %u]", peer->if_mtu);
70}
71
72/*
31 * allocate a new peer 73 * allocate a new peer
32 */ 74 */
33static struct rxrpc_peer *rxrpc_alloc_peer(struct sockaddr_rxrpc *srx, 75static struct rxrpc_peer *rxrpc_alloc_peer(struct sockaddr_rxrpc *srx,
@@ -47,7 +89,8 @@ static struct rxrpc_peer *rxrpc_alloc_peer(struct sockaddr_rxrpc *srx,
47 peer->debug_id = atomic_inc_return(&rxrpc_debug_id); 89 peer->debug_id = atomic_inc_return(&rxrpc_debug_id);
48 memcpy(&peer->srx, srx, sizeof(*srx)); 90 memcpy(&peer->srx, srx, sizeof(*srx));
49 91
50 peer->mtu = peer->if_mtu = 65535; 92 rxrpc_assess_MTU_size(peer);
93 peer->mtu = peer->if_mtu;
51 94
52 if (srx->transport.family == AF_INET) { 95 if (srx->transport.family == AF_INET) {
53 peer->hdrsize = sizeof(struct iphdr); 96 peer->hdrsize = sizeof(struct iphdr);
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c
index 8699e7006d80..bec600af03ca 100644
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -894,9 +894,10 @@ static int tc_dump_qdisc(struct sk_buff *skb, struct netlink_callback *cb)
894 s_idx = cb->args[0]; 894 s_idx = cb->args[0];
895 s_q_idx = q_idx = cb->args[1]; 895 s_q_idx = q_idx = cb->args[1];
896 read_lock(&dev_base_lock); 896 read_lock(&dev_base_lock);
897 for (dev=dev_base, idx=0; dev; dev = dev->next, idx++) { 897 idx = 0;
898 for_each_netdev(dev) {
898 if (idx < s_idx) 899 if (idx < s_idx)
899 continue; 900 goto cont;
900 if (idx > s_idx) 901 if (idx > s_idx)
901 s_q_idx = 0; 902 s_q_idx = 0;
902 q_idx = 0; 903 q_idx = 0;
@@ -910,6 +911,8 @@ static int tc_dump_qdisc(struct sk_buff *skb, struct netlink_callback *cb)
910 goto done; 911 goto done;
911 q_idx++; 912 q_idx++;
912 } 913 }
914cont:
915 idx++;
913 } 916 }
914 917
915done: 918done:
diff --git a/net/sctp/associola.c b/net/sctp/associola.c
index db73ef97485a..df94e3cdfba3 100644
--- a/net/sctp/associola.c
+++ b/net/sctp/associola.c
@@ -1103,6 +1103,13 @@ void sctp_assoc_update(struct sctp_association *asoc,
1103 asoc->ssnmap = new->ssnmap; 1103 asoc->ssnmap = new->ssnmap;
1104 new->ssnmap = NULL; 1104 new->ssnmap = NULL;
1105 } 1105 }
1106
1107 if (!asoc->assoc_id) {
1108 /* get a new association id since we don't have one
1109 * yet.
1110 */
1111 sctp_assoc_set_id(asoc, GFP_ATOMIC);
1112 }
1106 } 1113 }
1107} 1114}
1108 1115
@@ -1375,3 +1382,25 @@ out:
1375 sctp_read_unlock(&asoc->base.addr_lock); 1382 sctp_read_unlock(&asoc->base.addr_lock);
1376 return found; 1383 return found;
1377} 1384}
1385
1386/* Set an association id for a given association */
1387int sctp_assoc_set_id(struct sctp_association *asoc, gfp_t gfp)
1388{
1389 int assoc_id;
1390 int error = 0;
1391retry:
1392 if (unlikely(!idr_pre_get(&sctp_assocs_id, gfp)))
1393 return -ENOMEM;
1394
1395 spin_lock_bh(&sctp_assocs_id_lock);
1396 error = idr_get_new_above(&sctp_assocs_id, (void *)asoc,
1397 1, &assoc_id);
1398 spin_unlock_bh(&sctp_assocs_id_lock);
1399 if (error == -EAGAIN)
1400 goto retry;
1401 else if (error)
1402 return error;
1403
1404 asoc->assoc_id = (sctp_assoc_t) assoc_id;
1405 return error;
1406}
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index ca527a27dd05..84cd53635fe8 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -992,45 +992,52 @@ static struct sctp_pf sctp_pf_inet6_specific = {
992 .af = &sctp_ipv6_specific, 992 .af = &sctp_ipv6_specific,
993}; 993};
994 994
995/* Initialize IPv6 support and register with inet6 stack. */ 995/* Initialize IPv6 support and register with socket layer. */
996int sctp_v6_init(void) 996int sctp_v6_init(void)
997{ 997{
998 int rc = proto_register(&sctpv6_prot, 1); 998 int rc;
999 999
1000 /* Register the SCTP specific PF_INET6 functions. */
1001 sctp_register_pf(&sctp_pf_inet6_specific, PF_INET6);
1002
1003 /* Register the SCTP specific AF_INET6 functions. */
1004 sctp_register_af(&sctp_ipv6_specific);
1005
1006 rc = proto_register(&sctpv6_prot, 1);
1000 if (rc) 1007 if (rc)
1001 goto out; 1008 return rc;
1002 /* Register inet6 protocol. */
1003 rc = -EAGAIN;
1004 if (inet6_add_protocol(&sctpv6_protocol, IPPROTO_SCTP) < 0)
1005 goto out_unregister_sctp_proto;
1006 1009
1007 /* Add SCTPv6(UDP and TCP style) to inetsw6 linked list. */ 1010 /* Add SCTPv6(UDP and TCP style) to inetsw6 linked list. */
1008 inet6_register_protosw(&sctpv6_seqpacket_protosw); 1011 inet6_register_protosw(&sctpv6_seqpacket_protosw);
1009 inet6_register_protosw(&sctpv6_stream_protosw); 1012 inet6_register_protosw(&sctpv6_stream_protosw);
1010 1013
1011 /* Register the SCTP specific PF_INET6 functions. */ 1014 return 0;
1012 sctp_register_pf(&sctp_pf_inet6_specific, PF_INET6); 1015}
1013
1014 /* Register the SCTP specific AF_INET6 functions. */
1015 sctp_register_af(&sctp_ipv6_specific);
1016 1016
1017/* Register with inet6 layer. */
1018int sctp_v6_add_protocol(void)
1019{
1017 /* Register notifier for inet6 address additions/deletions. */ 1020 /* Register notifier for inet6 address additions/deletions. */
1018 register_inet6addr_notifier(&sctp_inet6addr_notifier); 1021 register_inet6addr_notifier(&sctp_inet6addr_notifier);
1019 rc = 0; 1022
1020out: 1023 if (inet6_add_protocol(&sctpv6_protocol, IPPROTO_SCTP) < 0)
1021 return rc; 1024 return -EAGAIN;
1022out_unregister_sctp_proto: 1025
1023 proto_unregister(&sctpv6_prot); 1026 return 0;
1024 goto out;
1025} 1027}
1026 1028
1027/* IPv6 specific exit support. */ 1029/* IPv6 specific exit support. */
1028void sctp_v6_exit(void) 1030void sctp_v6_exit(void)
1029{ 1031{
1030 list_del(&sctp_ipv6_specific.list);
1031 inet6_del_protocol(&sctpv6_protocol, IPPROTO_SCTP);
1032 inet6_unregister_protosw(&sctpv6_seqpacket_protosw); 1032 inet6_unregister_protosw(&sctpv6_seqpacket_protosw);
1033 inet6_unregister_protosw(&sctpv6_stream_protosw); 1033 inet6_unregister_protosw(&sctpv6_stream_protosw);
1034 unregister_inet6addr_notifier(&sctp_inet6addr_notifier);
1035 proto_unregister(&sctpv6_prot); 1034 proto_unregister(&sctpv6_prot);
1035 list_del(&sctp_ipv6_specific.list);
1036}
1037
1038/* Unregister with inet6 layer. */
1039void sctp_v6_del_protocol(void)
1040{
1041 inet6_del_protocol(&sctpv6_protocol, IPPROTO_SCTP);
1042 unregister_inet6addr_notifier(&sctp_inet6addr_notifier);
1036} 1043}
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
index c361deb6cea9..34bab36637ac 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -170,7 +170,7 @@ static void sctp_get_local_addr_list(void)
170 struct sctp_af *af; 170 struct sctp_af *af;
171 171
172 read_lock(&dev_base_lock); 172 read_lock(&dev_base_lock);
173 for (dev = dev_base; dev; dev = dev->next) { 173 for_each_netdev(dev) {
174 __list_for_each(pos, &sctp_address_families) { 174 __list_for_each(pos, &sctp_address_families) {
175 af = list_entry(pos, struct sctp_af, list); 175 af = list_entry(pos, struct sctp_af, list);
176 af->copy_addrlist(&sctp_local_addr_list, dev); 176 af->copy_addrlist(&sctp_local_addr_list, dev);
@@ -975,28 +975,14 @@ SCTP_STATIC __init int sctp_init(void)
975 if (!sctp_sanity_check()) 975 if (!sctp_sanity_check())
976 goto out; 976 goto out;
977 977
978 status = proto_register(&sctp_prot, 1); 978 /* Allocate bind_bucket and chunk caches. */
979 if (status)
980 goto out;
981
982 /* Add SCTP to inet_protos hash table. */
983 status = -EAGAIN;
984 if (inet_add_protocol(&sctp_protocol, IPPROTO_SCTP) < 0)
985 goto err_add_protocol;
986
987 /* Add SCTP(TCP and UDP style) to inetsw linked list. */
988 inet_register_protosw(&sctp_seqpacket_protosw);
989 inet_register_protosw(&sctp_stream_protosw);
990
991 /* Allocate a cache pools. */
992 status = -ENOBUFS; 979 status = -ENOBUFS;
993 sctp_bucket_cachep = kmem_cache_create("sctp_bind_bucket", 980 sctp_bucket_cachep = kmem_cache_create("sctp_bind_bucket",
994 sizeof(struct sctp_bind_bucket), 981 sizeof(struct sctp_bind_bucket),
995 0, SLAB_HWCACHE_ALIGN, 982 0, SLAB_HWCACHE_ALIGN,
996 NULL, NULL); 983 NULL, NULL);
997
998 if (!sctp_bucket_cachep) 984 if (!sctp_bucket_cachep)
999 goto err_bucket_cachep; 985 goto out;
1000 986
1001 sctp_chunk_cachep = kmem_cache_create("sctp_chunk", 987 sctp_chunk_cachep = kmem_cache_create("sctp_chunk",
1002 sizeof(struct sctp_chunk), 988 sizeof(struct sctp_chunk),
@@ -1153,6 +1139,14 @@ SCTP_STATIC __init int sctp_init(void)
1153 INIT_LIST_HEAD(&sctp_address_families); 1139 INIT_LIST_HEAD(&sctp_address_families);
1154 sctp_register_af(&sctp_ipv4_specific); 1140 sctp_register_af(&sctp_ipv4_specific);
1155 1141
1142 status = proto_register(&sctp_prot, 1);
1143 if (status)
1144 goto err_proto_register;
1145
1146 /* Register SCTP(UDP and TCP style) with socket layer. */
1147 inet_register_protosw(&sctp_seqpacket_protosw);
1148 inet_register_protosw(&sctp_stream_protosw);
1149
1156 status = sctp_v6_init(); 1150 status = sctp_v6_init();
1157 if (status) 1151 if (status)
1158 goto err_v6_init; 1152 goto err_v6_init;
@@ -1166,19 +1160,39 @@ SCTP_STATIC __init int sctp_init(void)
1166 1160
1167 /* Initialize the local address list. */ 1161 /* Initialize the local address list. */
1168 INIT_LIST_HEAD(&sctp_local_addr_list); 1162 INIT_LIST_HEAD(&sctp_local_addr_list);
1169
1170 sctp_get_local_addr_list(); 1163 sctp_get_local_addr_list();
1171 1164
1172 /* Register notifier for inet address additions/deletions. */ 1165 /* Register notifier for inet address additions/deletions. */
1173 register_inetaddr_notifier(&sctp_inetaddr_notifier); 1166 register_inetaddr_notifier(&sctp_inetaddr_notifier);
1174 1167
1168 /* Register SCTP with inet layer. */
1169 if (inet_add_protocol(&sctp_protocol, IPPROTO_SCTP) < 0) {
1170 status = -EAGAIN;
1171 goto err_add_protocol;
1172 }
1173
1174 /* Register SCTP with inet6 layer. */
1175 status = sctp_v6_add_protocol();
1176 if (status)
1177 goto err_v6_add_protocol;
1178
1175 __unsafe(THIS_MODULE); 1179 __unsafe(THIS_MODULE);
1176 status = 0; 1180 status = 0;
1177out: 1181out:
1178 return status; 1182 return status;
1183err_v6_add_protocol:
1184 inet_del_protocol(&sctp_protocol, IPPROTO_SCTP);
1185 unregister_inetaddr_notifier(&sctp_inetaddr_notifier);
1186err_add_protocol:
1187 sctp_free_local_addr_list();
1188 sock_release(sctp_ctl_socket);
1179err_ctl_sock_init: 1189err_ctl_sock_init:
1180 sctp_v6_exit(); 1190 sctp_v6_exit();
1181err_v6_init: 1191err_v6_init:
1192 inet_unregister_protosw(&sctp_stream_protosw);
1193 inet_unregister_protosw(&sctp_seqpacket_protosw);
1194 proto_unregister(&sctp_prot);
1195err_proto_register:
1182 sctp_sysctl_unregister(); 1196 sctp_sysctl_unregister();
1183 list_del(&sctp_ipv4_specific.list); 1197 list_del(&sctp_ipv4_specific.list);
1184 free_pages((unsigned long)sctp_port_hashtable, 1198 free_pages((unsigned long)sctp_port_hashtable,
@@ -1192,19 +1206,13 @@ err_ehash_alloc:
1192 sizeof(struct sctp_hashbucket))); 1206 sizeof(struct sctp_hashbucket)));
1193err_ahash_alloc: 1207err_ahash_alloc:
1194 sctp_dbg_objcnt_exit(); 1208 sctp_dbg_objcnt_exit();
1195err_init_proc:
1196 sctp_proc_exit(); 1209 sctp_proc_exit();
1210err_init_proc:
1197 cleanup_sctp_mibs(); 1211 cleanup_sctp_mibs();
1198err_init_mibs: 1212err_init_mibs:
1199 kmem_cache_destroy(sctp_chunk_cachep); 1213 kmem_cache_destroy(sctp_chunk_cachep);
1200err_chunk_cachep: 1214err_chunk_cachep:
1201 kmem_cache_destroy(sctp_bucket_cachep); 1215 kmem_cache_destroy(sctp_bucket_cachep);
1202err_bucket_cachep:
1203 inet_del_protocol(&sctp_protocol, IPPROTO_SCTP);
1204 inet_unregister_protosw(&sctp_seqpacket_protosw);
1205 inet_unregister_protosw(&sctp_stream_protosw);
1206err_add_protocol:
1207 proto_unregister(&sctp_prot);
1208 goto out; 1216 goto out;
1209} 1217}
1210 1218
@@ -1215,8 +1223,9 @@ SCTP_STATIC __exit void sctp_exit(void)
1215 * up all the remaining associations and all that memory. 1223 * up all the remaining associations and all that memory.
1216 */ 1224 */
1217 1225
1218 /* Unregister notifier for inet address additions/deletions. */ 1226 /* Unregister with inet6/inet layers. */
1219 unregister_inetaddr_notifier(&sctp_inetaddr_notifier); 1227 sctp_v6_del_protocol();
1228 inet_del_protocol(&sctp_protocol, IPPROTO_SCTP);
1220 1229
1221 /* Free the local address list. */ 1230 /* Free the local address list. */
1222 sctp_free_local_addr_list(); 1231 sctp_free_local_addr_list();
@@ -1224,7 +1233,16 @@ SCTP_STATIC __exit void sctp_exit(void)
1224 /* Free the control endpoint. */ 1233 /* Free the control endpoint. */
1225 sock_release(sctp_ctl_socket); 1234 sock_release(sctp_ctl_socket);
1226 1235
1236 /* Cleanup v6 initializations. */
1227 sctp_v6_exit(); 1237 sctp_v6_exit();
1238
1239 /* Unregister with socket layer. */
1240 inet_unregister_protosw(&sctp_stream_protosw);
1241 inet_unregister_protosw(&sctp_seqpacket_protosw);
1242
1243 /* Unregister notifier for inet address additions/deletions. */
1244 unregister_inetaddr_notifier(&sctp_inetaddr_notifier);
1245
1228 sctp_sysctl_unregister(); 1246 sctp_sysctl_unregister();
1229 list_del(&sctp_ipv4_specific.list); 1247 list_del(&sctp_ipv4_specific.list);
1230 1248
@@ -1236,16 +1254,13 @@ SCTP_STATIC __exit void sctp_exit(void)
1236 get_order(sctp_port_hashsize * 1254 get_order(sctp_port_hashsize *
1237 sizeof(struct sctp_bind_hashbucket))); 1255 sizeof(struct sctp_bind_hashbucket)));
1238 1256
1239 kmem_cache_destroy(sctp_chunk_cachep);
1240 kmem_cache_destroy(sctp_bucket_cachep);
1241
1242 sctp_dbg_objcnt_exit(); 1257 sctp_dbg_objcnt_exit();
1243 sctp_proc_exit(); 1258 sctp_proc_exit();
1244 cleanup_sctp_mibs(); 1259 cleanup_sctp_mibs();
1245 1260
1246 inet_del_protocol(&sctp_protocol, IPPROTO_SCTP); 1261 kmem_cache_destroy(sctp_chunk_cachep);
1247 inet_unregister_protosw(&sctp_seqpacket_protosw); 1262 kmem_cache_destroy(sctp_bucket_cachep);
1248 inet_unregister_protosw(&sctp_stream_protosw); 1263
1249 proto_unregister(&sctp_prot); 1264 proto_unregister(&sctp_prot);
1250} 1265}
1251 1266
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index be783a3761c4..8d18f570c2e6 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -1939,7 +1939,6 @@ int sctp_process_init(struct sctp_association *asoc, sctp_cid_t cid,
1939 * association. 1939 * association.
1940 */ 1940 */
1941 if (!asoc->temp) { 1941 if (!asoc->temp) {
1942 int assoc_id;
1943 int error; 1942 int error;
1944 1943
1945 asoc->ssnmap = sctp_ssnmap_new(asoc->c.sinit_max_instreams, 1944 asoc->ssnmap = sctp_ssnmap_new(asoc->c.sinit_max_instreams,
@@ -1947,19 +1946,9 @@ int sctp_process_init(struct sctp_association *asoc, sctp_cid_t cid,
1947 if (!asoc->ssnmap) 1946 if (!asoc->ssnmap)
1948 goto clean_up; 1947 goto clean_up;
1949 1948
1950 retry: 1949 error = sctp_assoc_set_id(asoc, gfp);
1951 if (unlikely(!idr_pre_get(&sctp_assocs_id, gfp))) 1950 if (error)
1952 goto clean_up; 1951 goto clean_up;
1953 spin_lock_bh(&sctp_assocs_id_lock);
1954 error = idr_get_new_above(&sctp_assocs_id, (void *)asoc, 1,
1955 &assoc_id);
1956 spin_unlock_bh(&sctp_assocs_id_lock);
1957 if (error == -EAGAIN)
1958 goto retry;
1959 else if (error)
1960 goto clean_up;
1961
1962 asoc->assoc_id = (sctp_assoc_t) assoc_id;
1963 } 1952 }
1964 1953
1965 /* ADDIP Section 4.1 ASCONF Chunk Procedures 1954 /* ADDIP Section 4.1 ASCONF Chunk Procedures
diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c
index b37a7adeb150..d9fad4f6ffc3 100644
--- a/net/sctp/sm_sideeffect.c
+++ b/net/sctp/sm_sideeffect.c
@@ -862,6 +862,33 @@ static void sctp_cmd_set_sk_err(struct sctp_association *asoc, int error)
862 sk->sk_err = error; 862 sk->sk_err = error;
863} 863}
864 864
865/* Helper function to generate an association change event */
866static void sctp_cmd_assoc_change(sctp_cmd_seq_t *commands,
867 struct sctp_association *asoc,
868 u8 state)
869{
870 struct sctp_ulpevent *ev;
871
872 ev = sctp_ulpevent_make_assoc_change(asoc, 0, state, 0,
873 asoc->c.sinit_num_ostreams,
874 asoc->c.sinit_max_instreams,
875 NULL, GFP_ATOMIC);
876 if (ev)
877 sctp_ulpq_tail_event(&asoc->ulpq, ev);
878}
879
880/* Helper function to generate an adaptation indication event */
881static void sctp_cmd_adaptation_ind(sctp_cmd_seq_t *commands,
882 struct sctp_association *asoc)
883{
884 struct sctp_ulpevent *ev;
885
886 ev = sctp_ulpevent_make_adaptation_indication(asoc, GFP_ATOMIC);
887
888 if (ev)
889 sctp_ulpq_tail_event(&asoc->ulpq, ev);
890}
891
865/* These three macros allow us to pull the debugging code out of the 892/* These three macros allow us to pull the debugging code out of the
866 * main flow of sctp_do_sm() to keep attention focused on the real 893 * main flow of sctp_do_sm() to keep attention focused on the real
867 * functionality there. 894 * functionality there.
@@ -1485,6 +1512,14 @@ static int sctp_cmd_interpreter(sctp_event_t event_type,
1485 case SCTP_CMD_SET_SK_ERR: 1512 case SCTP_CMD_SET_SK_ERR:
1486 sctp_cmd_set_sk_err(asoc, cmd->obj.error); 1513 sctp_cmd_set_sk_err(asoc, cmd->obj.error);
1487 break; 1514 break;
1515 case SCTP_CMD_ASSOC_CHANGE:
1516 sctp_cmd_assoc_change(commands, asoc,
1517 cmd->obj.u8);
1518 break;
1519 case SCTP_CMD_ADAPTATION_IND:
1520 sctp_cmd_adaptation_ind(commands, asoc);
1521 break;
1522
1488 default: 1523 default:
1489 printk(KERN_WARNING "Impossible command: %u, %p\n", 1524 printk(KERN_WARNING "Impossible command: %u, %p\n",
1490 cmd->verb, cmd->obj.ptr); 1525 cmd->verb, cmd->obj.ptr);
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index 9e28a5d51200..f02ce3dddb7b 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -1656,7 +1656,6 @@ static sctp_disposition_t sctp_sf_do_dupcook_b(const struct sctp_endpoint *ep,
1656 struct sctp_association *new_asoc) 1656 struct sctp_association *new_asoc)
1657{ 1657{
1658 sctp_init_chunk_t *peer_init; 1658 sctp_init_chunk_t *peer_init;
1659 struct sctp_ulpevent *ev;
1660 struct sctp_chunk *repl; 1659 struct sctp_chunk *repl;
1661 1660
1662 /* new_asoc is a brand-new association, so these are not yet 1661 /* new_asoc is a brand-new association, so these are not yet
@@ -1687,34 +1686,28 @@ static sctp_disposition_t sctp_sf_do_dupcook_b(const struct sctp_endpoint *ep,
1687 * D) IMPLEMENTATION NOTE: An implementation may choose to 1686 * D) IMPLEMENTATION NOTE: An implementation may choose to
1688 * send the Communication Up notification to the SCTP user 1687 * send the Communication Up notification to the SCTP user
1689 * upon reception of a valid COOKIE ECHO chunk. 1688 * upon reception of a valid COOKIE ECHO chunk.
1689 *
1690 * Sadly, this needs to be implemented as a side-effect, because
1691 * we are not guaranteed to have set the association id of the real
1692 * association and so these notifications need to be delayed until
1693 * the association id is allocated.
1690 */ 1694 */
1691 ev = sctp_ulpevent_make_assoc_change(asoc, 0, SCTP_COMM_UP, 0,
1692 new_asoc->c.sinit_num_ostreams,
1693 new_asoc->c.sinit_max_instreams,
1694 NULL, GFP_ATOMIC);
1695 if (!ev)
1696 goto nomem_ev;
1697 1695
1698 sctp_add_cmd_sf(commands, SCTP_CMD_EVENT_ULP, SCTP_ULPEVENT(ev)); 1696 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_CHANGE, SCTP_U8(SCTP_COMM_UP));
1699 1697
1700 /* Sockets API Draft Section 5.3.1.6 1698 /* Sockets API Draft Section 5.3.1.6
1701 * When a peer sends a Adaptation Layer Indication parameter , SCTP 1699 * When a peer sends a Adaptation Layer Indication parameter , SCTP
1702 * delivers this notification to inform the application that of the 1700 * delivers this notification to inform the application that of the
1703 * peers requested adaptation layer. 1701 * peers requested adaptation layer.
1702 *
1703 * This also needs to be done as a side effect for the same reason as
1704 * above.
1704 */ 1705 */
1705 if (asoc->peer.adaptation_ind) { 1706 if (asoc->peer.adaptation_ind)
1706 ev = sctp_ulpevent_make_adaptation_indication(asoc, GFP_ATOMIC); 1707 sctp_add_cmd_sf(commands, SCTP_CMD_ADAPTATION_IND, SCTP_NULL());
1707 if (!ev)
1708 goto nomem_ev;
1709
1710 sctp_add_cmd_sf(commands, SCTP_CMD_EVENT_ULP,
1711 SCTP_ULPEVENT(ev));
1712 }
1713 1708
1714 return SCTP_DISPOSITION_CONSUME; 1709 return SCTP_DISPOSITION_CONSUME;
1715 1710
1716nomem_ev:
1717 sctp_chunk_free(repl);
1718nomem: 1711nomem:
1719 return SCTP_DISPOSITION_NOMEM; 1712 return SCTP_DISPOSITION_NOMEM;
1720} 1713}
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 2fc0a92caa78..9f1a908776de 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -972,6 +972,7 @@ static int __sctp_connect(struct sock* sk,
972 int walk_size = 0; 972 int walk_size = 0;
973 union sctp_addr *sa_addr; 973 union sctp_addr *sa_addr;
974 void *addr_buf; 974 void *addr_buf;
975 unsigned short port;
975 976
976 sp = sctp_sk(sk); 977 sp = sctp_sk(sk);
977 ep = sp->ep; 978 ep = sp->ep;
@@ -992,6 +993,7 @@ static int __sctp_connect(struct sock* sk,
992 while (walk_size < addrs_size) { 993 while (walk_size < addrs_size) {
993 sa_addr = (union sctp_addr *)addr_buf; 994 sa_addr = (union sctp_addr *)addr_buf;
994 af = sctp_get_af_specific(sa_addr->sa.sa_family); 995 af = sctp_get_af_specific(sa_addr->sa.sa_family);
996 port = ntohs(sa_addr->v4.sin_port);
995 997
996 /* If the address family is not supported or if this address 998 /* If the address family is not supported or if this address
997 * causes the address buffer to overflow return EINVAL. 999 * causes the address buffer to overflow return EINVAL.
@@ -1005,6 +1007,12 @@ static int __sctp_connect(struct sock* sk,
1005 if (err) 1007 if (err)
1006 goto out_free; 1008 goto out_free;
1007 1009
1010 /* Make sure the destination port is correctly set
1011 * in all addresses.
1012 */
1013 if (asoc && asoc->peer.port && asoc->peer.port != port)
1014 goto out_free;
1015
1008 memcpy(&to, sa_addr, af->sockaddr_len); 1016 memcpy(&to, sa_addr, af->sockaddr_len);
1009 1017
1010 /* Check if there already is a matching association on the 1018 /* Check if there already is a matching association on the
@@ -5012,7 +5020,8 @@ pp_found:
5012 struct hlist_node *node; 5020 struct hlist_node *node;
5013 5021
5014 SCTP_DEBUG_PRINTK("sctp_get_port() found a possible match\n"); 5022 SCTP_DEBUG_PRINTK("sctp_get_port() found a possible match\n");
5015 if (pp->fastreuse && sk->sk_reuse) 5023 if (pp->fastreuse && sk->sk_reuse &&
5024 sk->sk_state != SCTP_SS_LISTENING)
5016 goto success; 5025 goto success;
5017 5026
5018 /* Run through the list of sockets bound to the port 5027 /* Run through the list of sockets bound to the port
@@ -5029,7 +5038,8 @@ pp_found:
5029 struct sctp_endpoint *ep2; 5038 struct sctp_endpoint *ep2;
5030 ep2 = sctp_sk(sk2)->ep; 5039 ep2 = sctp_sk(sk2)->ep;
5031 5040
5032 if (reuse && sk2->sk_reuse) 5041 if (reuse && sk2->sk_reuse &&
5042 sk2->sk_state != SCTP_SS_LISTENING)
5033 continue; 5043 continue;
5034 5044
5035 if (sctp_bind_addr_match(&ep2->base.bind_addr, addr, 5045 if (sctp_bind_addr_match(&ep2->base.bind_addr, addr,
@@ -5050,9 +5060,13 @@ pp_not_found:
5050 * if sk->sk_reuse is too (that is, if the caller requested 5060 * if sk->sk_reuse is too (that is, if the caller requested
5051 * SO_REUSEADDR on this socket -sk-). 5061 * SO_REUSEADDR on this socket -sk-).
5052 */ 5062 */
5053 if (hlist_empty(&pp->owner)) 5063 if (hlist_empty(&pp->owner)) {
5054 pp->fastreuse = sk->sk_reuse ? 1 : 0; 5064 if (sk->sk_reuse && sk->sk_state != SCTP_SS_LISTENING)
5055 else if (pp->fastreuse && !sk->sk_reuse) 5065 pp->fastreuse = 1;
5066 else
5067 pp->fastreuse = 0;
5068 } else if (pp->fastreuse &&
5069 (!sk->sk_reuse || sk->sk_state == SCTP_SS_LISTENING))
5056 pp->fastreuse = 0; 5070 pp->fastreuse = 0;
5057 5071
5058 /* We are set, so fill up all the data in the hash table 5072 /* We are set, so fill up all the data in the hash table
@@ -5060,8 +5074,8 @@ pp_not_found:
5060 * sockets FIXME: Blurry, NPI (ipg). 5074 * sockets FIXME: Blurry, NPI (ipg).
5061 */ 5075 */
5062success: 5076success:
5063 inet_sk(sk)->num = snum;
5064 if (!sctp_sk(sk)->bind_hash) { 5077 if (!sctp_sk(sk)->bind_hash) {
5078 inet_sk(sk)->num = snum;
5065 sk_add_bind_node(sk, &pp->owner); 5079 sk_add_bind_node(sk, &pp->owner);
5066 sctp_sk(sk)->bind_hash = pp; 5080 sctp_sk(sk)->bind_hash = pp;
5067 } 5081 }
@@ -5134,12 +5148,16 @@ SCTP_STATIC int sctp_seqpacket_listen(struct sock *sk, int backlog)
5134 * This is not currently spelled out in the SCTP sockets 5148 * This is not currently spelled out in the SCTP sockets
5135 * extensions draft, but follows the practice as seen in TCP 5149 * extensions draft, but follows the practice as seen in TCP
5136 * sockets. 5150 * sockets.
5151 *
5152 * Additionally, turn off fastreuse flag since we are not listening
5137 */ 5153 */
5154 sk->sk_state = SCTP_SS_LISTENING;
5138 if (!ep->base.bind_addr.port) { 5155 if (!ep->base.bind_addr.port) {
5139 if (sctp_autobind(sk)) 5156 if (sctp_autobind(sk))
5140 return -EAGAIN; 5157 return -EAGAIN;
5141 } 5158 } else
5142 sk->sk_state = SCTP_SS_LISTENING; 5159 sctp_sk(sk)->bind_hash->fastreuse = 0;
5160
5143 sctp_hash_endpoint(ep); 5161 sctp_hash_endpoint(ep);
5144 return 0; 5162 return 0;
5145} 5163}
@@ -5177,11 +5195,13 @@ SCTP_STATIC int sctp_stream_listen(struct sock *sk, int backlog)
5177 * extensions draft, but follows the practice as seen in TCP 5195 * extensions draft, but follows the practice as seen in TCP
5178 * sockets. 5196 * sockets.
5179 */ 5197 */
5198 sk->sk_state = SCTP_SS_LISTENING;
5180 if (!ep->base.bind_addr.port) { 5199 if (!ep->base.bind_addr.port) {
5181 if (sctp_autobind(sk)) 5200 if (sctp_autobind(sk))
5182 return -EAGAIN; 5201 return -EAGAIN;
5183 } 5202 } else
5184 sk->sk_state = SCTP_SS_LISTENING; 5203 sctp_sk(sk)->bind_hash->fastreuse = 0;
5204
5185 sk->sk_max_ack_backlog = backlog; 5205 sk->sk_max_ack_backlog = backlog;
5186 sctp_hash_endpoint(ep); 5206 sctp_hash_endpoint(ep);
5187 return 0; 5207 return 0;
diff --git a/net/sunrpc/Makefile b/net/sunrpc/Makefile
index cdcab9ca4c60..8ebfc4db7f51 100644
--- a/net/sunrpc/Makefile
+++ b/net/sunrpc/Makefile
@@ -9,7 +9,7 @@ obj-$(CONFIG_SUNRPC_GSS) += auth_gss/
9sunrpc-y := clnt.o xprt.o socklib.o xprtsock.o sched.o \ 9sunrpc-y := clnt.o xprt.o socklib.o xprtsock.o sched.o \
10 auth.o auth_null.o auth_unix.o \ 10 auth.o auth_null.o auth_unix.o \
11 svc.o svcsock.o svcauth.o svcauth_unix.o \ 11 svc.o svcsock.o svcauth.o svcauth_unix.o \
12 pmap_clnt.o timer.o xdr.o \ 12 rpcb_clnt.o timer.o xdr.o \
13 sunrpc_syms.o cache.o rpc_pipe.o 13 sunrpc_syms.o cache.o rpc_pipe.o
14sunrpc-$(CONFIG_PROC_FS) += stats.o 14sunrpc-$(CONFIG_PROC_FS) += stats.o
15sunrpc-$(CONFIG_SYSCTL) += sysctl.o 15sunrpc-$(CONFIG_SYSCTL) += sysctl.o
diff --git a/net/sunrpc/auth_gss/gss_spkm3_seal.c b/net/sunrpc/auth_gss/gss_spkm3_seal.c
index 104cbf4f769f..d158635de6c0 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_seal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_seal.c
@@ -123,9 +123,6 @@ spkm3_make_token(struct spkm3_ctx *ctx,
123 123
124 return GSS_S_COMPLETE; 124 return GSS_S_COMPLETE;
125out_err: 125out_err:
126 if (md5cksum.data)
127 kfree(md5cksum.data);
128
129 token->data = NULL; 126 token->data = NULL;
130 token->len = 0; 127 token->len = 0;
131 return GSS_S_FAILURE; 128 return GSS_S_FAILURE;
@@ -152,7 +149,7 @@ make_spkm3_checksum(s32 cksumtype, struct xdr_netobj *key, char *header,
152 149
153 switch (cksumtype) { 150 switch (cksumtype) {
154 case CKSUMTYPE_HMAC_MD5: 151 case CKSUMTYPE_HMAC_MD5:
155 cksumname = "md5"; 152 cksumname = "hmac(md5)";
156 break; 153 break;
157 default: 154 default:
158 dprintk("RPC: spkm3_make_checksum:" 155 dprintk("RPC: spkm3_make_checksum:"
@@ -172,8 +169,12 @@ make_spkm3_checksum(s32 cksumtype, struct xdr_netobj *key, char *header,
172 if (err) 169 if (err)
173 goto out; 170 goto out;
174 171
172 err = crypto_hash_init(&desc);
173 if (err)
174 goto out;
175
175 sg_set_buf(sg, header, hdrlen); 176 sg_set_buf(sg, header, hdrlen);
176 crypto_hash_update(&desc, sg, 1); 177 crypto_hash_update(&desc, sg, sg->length);
177 178
178 xdr_process_buf(body, body_offset, body->len - body_offset, 179 xdr_process_buf(body, body_offset, body->len - body_offset,
179 spkm3_checksummer, &desc); 180 spkm3_checksummer, &desc);
@@ -184,5 +185,3 @@ out:
184 185
185 return err ? GSS_S_FAILURE : 0; 186 return err ? GSS_S_FAILURE : 0;
186} 187}
187
188EXPORT_SYMBOL(make_spkm3_checksum);
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
index 396cdbe249d1..d8fbee40a19c 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -36,8 +36,6 @@
36#include <linux/sunrpc/metrics.h> 36#include <linux/sunrpc/metrics.h>
37 37
38 38
39#define RPC_SLACK_SPACE (1024) /* total overkill */
40
41#ifdef RPC_DEBUG 39#ifdef RPC_DEBUG
42# define RPCDBG_FACILITY RPCDBG_CALL 40# define RPCDBG_FACILITY RPCDBG_CALL
43#endif 41#endif
@@ -747,21 +745,38 @@ call_reserveresult(struct rpc_task *task)
747static void 745static void
748call_allocate(struct rpc_task *task) 746call_allocate(struct rpc_task *task)
749{ 747{
748 unsigned int slack = task->tk_auth->au_cslack;
750 struct rpc_rqst *req = task->tk_rqstp; 749 struct rpc_rqst *req = task->tk_rqstp;
751 struct rpc_xprt *xprt = task->tk_xprt; 750 struct rpc_xprt *xprt = task->tk_xprt;
752 unsigned int bufsiz; 751 struct rpc_procinfo *proc = task->tk_msg.rpc_proc;
753 752
754 dprint_status(task); 753 dprint_status(task);
755 754
755 task->tk_status = 0;
756 task->tk_action = call_bind; 756 task->tk_action = call_bind;
757
757 if (req->rq_buffer) 758 if (req->rq_buffer)
758 return; 759 return;
759 760
760 /* FIXME: compute buffer requirements more exactly using 761 if (proc->p_proc != 0) {
761 * auth->au_wslack */ 762 BUG_ON(proc->p_arglen == 0);
762 bufsiz = task->tk_msg.rpc_proc->p_bufsiz + RPC_SLACK_SPACE; 763 if (proc->p_decode != NULL)
764 BUG_ON(proc->p_replen == 0);
765 }
763 766
764 if (xprt->ops->buf_alloc(task, bufsiz << 1) != NULL) 767 /*
768 * Calculate the size (in quads) of the RPC call
769 * and reply headers, and convert both values
770 * to byte sizes.
771 */
772 req->rq_callsize = RPC_CALLHDRSIZE + (slack << 1) + proc->p_arglen;
773 req->rq_callsize <<= 2;
774 req->rq_rcvsize = RPC_REPHDRSIZE + slack + proc->p_replen;
775 req->rq_rcvsize <<= 2;
776
777 req->rq_buffer = xprt->ops->buf_alloc(task,
778 req->rq_callsize + req->rq_rcvsize);
779 if (req->rq_buffer != NULL)
765 return; 780 return;
766 781
767 dprintk("RPC: %5u rpc_buffer allocation failed\n", task->tk_pid); 782 dprintk("RPC: %5u rpc_buffer allocation failed\n", task->tk_pid);
@@ -788,6 +803,17 @@ rpc_task_force_reencode(struct rpc_task *task)
788 task->tk_rqstp->rq_snd_buf.len = 0; 803 task->tk_rqstp->rq_snd_buf.len = 0;
789} 804}
790 805
806static inline void
807rpc_xdr_buf_init(struct xdr_buf *buf, void *start, size_t len)
808{
809 buf->head[0].iov_base = start;
810 buf->head[0].iov_len = len;
811 buf->tail[0].iov_len = 0;
812 buf->page_len = 0;
813 buf->len = 0;
814 buf->buflen = len;
815}
816
791/* 817/*
792 * 3. Encode arguments of an RPC call 818 * 3. Encode arguments of an RPC call
793 */ 819 */
@@ -795,28 +821,17 @@ static void
795call_encode(struct rpc_task *task) 821call_encode(struct rpc_task *task)
796{ 822{
797 struct rpc_rqst *req = task->tk_rqstp; 823 struct rpc_rqst *req = task->tk_rqstp;
798 struct xdr_buf *sndbuf = &req->rq_snd_buf;
799 struct xdr_buf *rcvbuf = &req->rq_rcv_buf;
800 unsigned int bufsiz;
801 kxdrproc_t encode; 824 kxdrproc_t encode;
802 __be32 *p; 825 __be32 *p;
803 826
804 dprint_status(task); 827 dprint_status(task);
805 828
806 /* Default buffer setup */ 829 rpc_xdr_buf_init(&req->rq_snd_buf,
807 bufsiz = req->rq_bufsize >> 1; 830 req->rq_buffer,
808 sndbuf->head[0].iov_base = (void *)req->rq_buffer; 831 req->rq_callsize);
809 sndbuf->head[0].iov_len = bufsiz; 832 rpc_xdr_buf_init(&req->rq_rcv_buf,
810 sndbuf->tail[0].iov_len = 0; 833 (char *)req->rq_buffer + req->rq_callsize,
811 sndbuf->page_len = 0; 834 req->rq_rcvsize);
812 sndbuf->len = 0;
813 sndbuf->buflen = bufsiz;
814 rcvbuf->head[0].iov_base = (void *)((char *)req->rq_buffer + bufsiz);
815 rcvbuf->head[0].iov_len = bufsiz;
816 rcvbuf->tail[0].iov_len = 0;
817 rcvbuf->page_len = 0;
818 rcvbuf->len = 0;
819 rcvbuf->buflen = bufsiz;
820 835
821 /* Encode header and provided arguments */ 836 /* Encode header and provided arguments */
822 encode = task->tk_msg.rpc_proc->p_encode; 837 encode = task->tk_msg.rpc_proc->p_encode;
@@ -887,9 +902,11 @@ call_bind_status(struct rpc_task *task)
887 task->tk_pid); 902 task->tk_pid);
888 break; 903 break;
889 case -EPROTONOSUPPORT: 904 case -EPROTONOSUPPORT:
890 dprintk("RPC: %5u remote rpcbind version 2 unavailable\n", 905 dprintk("RPC: %5u remote rpcbind version unavailable, retrying\n",
891 task->tk_pid); 906 task->tk_pid);
892 break; 907 task->tk_status = 0;
908 task->tk_action = call_bind;
909 return;
893 default: 910 default:
894 dprintk("RPC: %5u unrecognized rpcbind error (%d)\n", 911 dprintk("RPC: %5u unrecognized rpcbind error (%d)\n",
895 task->tk_pid, -task->tk_status); 912 task->tk_pid, -task->tk_status);
diff --git a/net/sunrpc/pmap_clnt.c b/net/sunrpc/pmap_clnt.c
deleted file mode 100644
index d9f765344589..000000000000
--- a/net/sunrpc/pmap_clnt.c
+++ /dev/null
@@ -1,383 +0,0 @@
1/*
2 * linux/net/sunrpc/pmap_clnt.c
3 *
4 * In-kernel RPC portmapper client.
5 *
6 * Portmapper supports version 2 of the rpcbind protocol (RFC 1833).
7 *
8 * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
9 */
10
11#include <linux/types.h>
12#include <linux/socket.h>
13#include <linux/kernel.h>
14#include <linux/errno.h>
15#include <linux/uio.h>
16#include <linux/in.h>
17#include <linux/sunrpc/clnt.h>
18#include <linux/sunrpc/sched.h>
19
20#ifdef RPC_DEBUG
21# define RPCDBG_FACILITY RPCDBG_PMAP
22#endif
23
24#define PMAP_SET 1
25#define PMAP_UNSET 2
26#define PMAP_GETPORT 3
27
28struct portmap_args {
29 u32 pm_prog;
30 u32 pm_vers;
31 u32 pm_prot;
32 unsigned short pm_port;
33 struct rpc_xprt * pm_xprt;
34};
35
36static struct rpc_procinfo pmap_procedures[];
37static struct rpc_clnt * pmap_create(char *, struct sockaddr_in *, int, int);
38static void pmap_getport_done(struct rpc_task *, void *);
39static struct rpc_program pmap_program;
40
41static void pmap_getport_prepare(struct rpc_task *task, void *calldata)
42{
43 struct portmap_args *map = calldata;
44 struct rpc_message msg = {
45 .rpc_proc = &pmap_procedures[PMAP_GETPORT],
46 .rpc_argp = map,
47 .rpc_resp = &map->pm_port,
48 };
49
50 rpc_call_setup(task, &msg, 0);
51}
52
53static inline struct portmap_args *pmap_map_alloc(void)
54{
55 return kmalloc(sizeof(struct portmap_args), GFP_NOFS);
56}
57
58static inline void pmap_map_free(struct portmap_args *map)
59{
60 kfree(map);
61}
62
63static void pmap_map_release(void *data)
64{
65 struct portmap_args *map = data;
66
67 xprt_put(map->pm_xprt);
68 pmap_map_free(map);
69}
70
71static const struct rpc_call_ops pmap_getport_ops = {
72 .rpc_call_prepare = pmap_getport_prepare,
73 .rpc_call_done = pmap_getport_done,
74 .rpc_release = pmap_map_release,
75};
76
77static inline void pmap_wake_portmap_waiters(struct rpc_xprt *xprt, int status)
78{
79 xprt_clear_binding(xprt);
80 rpc_wake_up_status(&xprt->binding, status);
81}
82
83/**
84 * rpc_getport - obtain the port for a given RPC service on a given host
85 * @task: task that is waiting for portmapper request
86 *
87 * This one can be called for an ongoing RPC request, and can be used in
88 * an async (rpciod) context.
89 */
90void rpc_getport(struct rpc_task *task)
91{
92 struct rpc_clnt *clnt = task->tk_client;
93 struct rpc_xprt *xprt = task->tk_xprt;
94 struct sockaddr_in addr;
95 struct portmap_args *map;
96 struct rpc_clnt *pmap_clnt;
97 struct rpc_task *child;
98 int status;
99
100 dprintk("RPC: %5u rpc_getport(%s, %u, %u, %d)\n",
101 task->tk_pid, clnt->cl_server,
102 clnt->cl_prog, clnt->cl_vers, xprt->prot);
103
104 /* Autobind on cloned rpc clients is discouraged */
105 BUG_ON(clnt->cl_parent != clnt);
106
107 status = -EACCES; /* tell caller to check again */
108 if (xprt_test_and_set_binding(xprt))
109 goto bailout_nowake;
110
111 /* Put self on queue before sending rpcbind request, in case
112 * pmap_getport_done completes before we return from rpc_run_task */
113 rpc_sleep_on(&xprt->binding, task, NULL, NULL);
114
115 /* Someone else may have bound if we slept */
116 status = 0;
117 if (xprt_bound(xprt))
118 goto bailout_nofree;
119
120 status = -ENOMEM;
121 map = pmap_map_alloc();
122 if (!map)
123 goto bailout_nofree;
124 map->pm_prog = clnt->cl_prog;
125 map->pm_vers = clnt->cl_vers;
126 map->pm_prot = xprt->prot;
127 map->pm_port = 0;
128 map->pm_xprt = xprt_get(xprt);
129
130 rpc_peeraddr(clnt, (struct sockaddr *) &addr, sizeof(addr));
131 pmap_clnt = pmap_create(clnt->cl_server, &addr, map->pm_prot, 0);
132 status = PTR_ERR(pmap_clnt);
133 if (IS_ERR(pmap_clnt))
134 goto bailout;
135
136 status = -EIO;
137 child = rpc_run_task(pmap_clnt, RPC_TASK_ASYNC, &pmap_getport_ops, map);
138 if (IS_ERR(child))
139 goto bailout_nofree;
140 rpc_put_task(child);
141
142 task->tk_xprt->stat.bind_count++;
143 return;
144
145bailout:
146 pmap_map_free(map);
147 xprt_put(xprt);
148bailout_nofree:
149 pmap_wake_portmap_waiters(xprt, status);
150bailout_nowake:
151 task->tk_status = status;
152}
153
154#ifdef CONFIG_ROOT_NFS
155/**
156 * rpc_getport_external - obtain the port for a given RPC service on a given host
157 * @sin: address of remote peer
158 * @prog: RPC program number to bind
159 * @vers: RPC version number to bind
160 * @prot: transport protocol to use to make this request
161 *
162 * This one is called from outside the RPC client in a synchronous task context.
163 */
164int rpc_getport_external(struct sockaddr_in *sin, __u32 prog, __u32 vers, int prot)
165{
166 struct portmap_args map = {
167 .pm_prog = prog,
168 .pm_vers = vers,
169 .pm_prot = prot,
170 .pm_port = 0
171 };
172 struct rpc_message msg = {
173 .rpc_proc = &pmap_procedures[PMAP_GETPORT],
174 .rpc_argp = &map,
175 .rpc_resp = &map.pm_port,
176 };
177 struct rpc_clnt *pmap_clnt;
178 char hostname[32];
179 int status;
180
181 dprintk("RPC: rpc_getport_external(%u.%u.%u.%u, %u, %u, %d)\n",
182 NIPQUAD(sin->sin_addr.s_addr), prog, vers, prot);
183
184 sprintf(hostname, "%u.%u.%u.%u", NIPQUAD(sin->sin_addr.s_addr));
185 pmap_clnt = pmap_create(hostname, sin, prot, 0);
186 if (IS_ERR(pmap_clnt))
187 return PTR_ERR(pmap_clnt);
188
189 /* Setup the call info struct */
190 status = rpc_call_sync(pmap_clnt, &msg, 0);
191
192 if (status >= 0) {
193 if (map.pm_port != 0)
194 return map.pm_port;
195 status = -EACCES;
196 }
197 return status;
198}
199#endif
200
201/*
202 * Portmapper child task invokes this callback via tk_exit.
203 */
204static void pmap_getport_done(struct rpc_task *child, void *data)
205{
206 struct portmap_args *map = data;
207 struct rpc_xprt *xprt = map->pm_xprt;
208 int status = child->tk_status;
209
210 if (status < 0) {
211 /* Portmapper not available */
212 xprt->ops->set_port(xprt, 0);
213 } else if (map->pm_port == 0) {
214 /* Requested RPC service wasn't registered */
215 xprt->ops->set_port(xprt, 0);
216 status = -EACCES;
217 } else {
218 /* Succeeded */
219 xprt->ops->set_port(xprt, map->pm_port);
220 xprt_set_bound(xprt);
221 status = 0;
222 }
223
224 dprintk("RPC: %5u pmap_getport_done(status %d, port %u)\n",
225 child->tk_pid, status, map->pm_port);
226
227 pmap_wake_portmap_waiters(xprt, status);
228}
229
230/**
231 * rpc_register - set or unset a port registration with the local portmapper
232 * @prog: RPC program number to bind
233 * @vers: RPC version number to bind
234 * @prot: transport protocol to use to make this request
235 * @port: port value to register
236 * @okay: result code
237 *
238 * port == 0 means unregister, port != 0 means register.
239 */
240int rpc_register(u32 prog, u32 vers, int prot, unsigned short port, int *okay)
241{
242 struct sockaddr_in sin = {
243 .sin_family = AF_INET,
244 .sin_addr.s_addr = htonl(INADDR_LOOPBACK),
245 };
246 struct portmap_args map = {
247 .pm_prog = prog,
248 .pm_vers = vers,
249 .pm_prot = prot,
250 .pm_port = port,
251 };
252 struct rpc_message msg = {
253 .rpc_proc = &pmap_procedures[port ? PMAP_SET : PMAP_UNSET],
254 .rpc_argp = &map,
255 .rpc_resp = okay,
256 };
257 struct rpc_clnt *pmap_clnt;
258 int error = 0;
259
260 dprintk("RPC: registering (%u, %u, %d, %u) with portmapper.\n",
261 prog, vers, prot, port);
262
263 pmap_clnt = pmap_create("localhost", &sin, IPPROTO_UDP, 1);
264 if (IS_ERR(pmap_clnt)) {
265 error = PTR_ERR(pmap_clnt);
266 dprintk("RPC: couldn't create pmap client. Error = %d\n",
267 error);
268 return error;
269 }
270
271 error = rpc_call_sync(pmap_clnt, &msg, 0);
272
273 if (error < 0) {
274 printk(KERN_WARNING
275 "RPC: failed to contact portmap (errno %d).\n",
276 error);
277 }
278 dprintk("RPC: registration status %d/%d\n", error, *okay);
279
280 /* Client deleted automatically because cl_oneshot == 1 */
281 return error;
282}
283
284static struct rpc_clnt *pmap_create(char *hostname, struct sockaddr_in *srvaddr, int proto, int privileged)
285{
286 struct rpc_create_args args = {
287 .protocol = proto,
288 .address = (struct sockaddr *)srvaddr,
289 .addrsize = sizeof(*srvaddr),
290 .servername = hostname,
291 .program = &pmap_program,
292 .version = RPC_PMAP_VERSION,
293 .authflavor = RPC_AUTH_UNIX,
294 .flags = (RPC_CLNT_CREATE_ONESHOT |
295 RPC_CLNT_CREATE_NOPING),
296 };
297
298 srvaddr->sin_port = htons(RPC_PMAP_PORT);
299 if (!privileged)
300 args.flags |= RPC_CLNT_CREATE_NONPRIVPORT;
301 return rpc_create(&args);
302}
303
304/*
305 * XDR encode/decode functions for PMAP
306 */
307static int xdr_encode_mapping(struct rpc_rqst *req, __be32 *p, struct portmap_args *map)
308{
309 dprintk("RPC: xdr_encode_mapping(%u, %u, %u, %u)\n",
310 map->pm_prog, map->pm_vers,
311 map->pm_prot, map->pm_port);
312 *p++ = htonl(map->pm_prog);
313 *p++ = htonl(map->pm_vers);
314 *p++ = htonl(map->pm_prot);
315 *p++ = htonl(map->pm_port);
316
317 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
318 return 0;
319}
320
321static int xdr_decode_port(struct rpc_rqst *req, __be32 *p, unsigned short *portp)
322{
323 *portp = (unsigned short) ntohl(*p++);
324 return 0;
325}
326
327static int xdr_decode_bool(struct rpc_rqst *req, __be32 *p, unsigned int *boolp)
328{
329 *boolp = (unsigned int) ntohl(*p++);
330 return 0;
331}
332
333static struct rpc_procinfo pmap_procedures[] = {
334[PMAP_SET] = {
335 .p_proc = PMAP_SET,
336 .p_encode = (kxdrproc_t) xdr_encode_mapping,
337 .p_decode = (kxdrproc_t) xdr_decode_bool,
338 .p_bufsiz = 4,
339 .p_count = 1,
340 .p_statidx = PMAP_SET,
341 .p_name = "SET",
342 },
343[PMAP_UNSET] = {
344 .p_proc = PMAP_UNSET,
345 .p_encode = (kxdrproc_t) xdr_encode_mapping,
346 .p_decode = (kxdrproc_t) xdr_decode_bool,
347 .p_bufsiz = 4,
348 .p_count = 1,
349 .p_statidx = PMAP_UNSET,
350 .p_name = "UNSET",
351 },
352[PMAP_GETPORT] = {
353 .p_proc = PMAP_GETPORT,
354 .p_encode = (kxdrproc_t) xdr_encode_mapping,
355 .p_decode = (kxdrproc_t) xdr_decode_port,
356 .p_bufsiz = 4,
357 .p_count = 1,
358 .p_statidx = PMAP_GETPORT,
359 .p_name = "GETPORT",
360 },
361};
362
363static struct rpc_version pmap_version2 = {
364 .number = 2,
365 .nrprocs = 4,
366 .procs = pmap_procedures
367};
368
369static struct rpc_version * pmap_version[] = {
370 NULL,
371 NULL,
372 &pmap_version2
373};
374
375static struct rpc_stat pmap_stats;
376
377static struct rpc_program pmap_program = {
378 .name = "portmap",
379 .number = RPC_PMAP_PROGRAM,
380 .nrvers = ARRAY_SIZE(pmap_version),
381 .version = pmap_version,
382 .stats = &pmap_stats,
383};
diff --git a/net/sunrpc/rpcb_clnt.c b/net/sunrpc/rpcb_clnt.c
new file mode 100644
index 000000000000..6c7aa8a1f0c6
--- /dev/null
+++ b/net/sunrpc/rpcb_clnt.c
@@ -0,0 +1,625 @@
1/*
2 * In-kernel rpcbind client supporting versions 2, 3, and 4 of the rpcbind
3 * protocol
4 *
5 * Based on RFC 1833: "Binding Protocols for ONC RPC Version 2" and
6 * RFC 3530: "Network File System (NFS) version 4 Protocol"
7 *
8 * Original: Gilles Quillard, Bull Open Source, 2005 <gilles.quillard@bull.net>
9 * Updated: Chuck Lever, Oracle Corporation, 2007 <chuck.lever@oracle.com>
10 *
11 * Descended from net/sunrpc/pmap_clnt.c,
12 * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
13 */
14
15#include <linux/types.h>
16#include <linux/socket.h>
17#include <linux/kernel.h>
18#include <linux/errno.h>
19
20#include <linux/sunrpc/clnt.h>
21#include <linux/sunrpc/sched.h>
22
23#ifdef RPC_DEBUG
24# define RPCDBG_FACILITY RPCDBG_BIND
25#endif
26
27#define RPCBIND_PROGRAM (100000u)
28#define RPCBIND_PORT (111u)
29
30enum {
31 RPCBPROC_NULL,
32 RPCBPROC_SET,
33 RPCBPROC_UNSET,
34 RPCBPROC_GETPORT,
35 RPCBPROC_GETADDR = 3, /* alias for GETPORT */
36 RPCBPROC_DUMP,
37 RPCBPROC_CALLIT,
38 RPCBPROC_BCAST = 5, /* alias for CALLIT */
39 RPCBPROC_GETTIME,
40 RPCBPROC_UADDR2TADDR,
41 RPCBPROC_TADDR2UADDR,
42 RPCBPROC_GETVERSADDR,
43 RPCBPROC_INDIRECT,
44 RPCBPROC_GETADDRLIST,
45 RPCBPROC_GETSTAT,
46};
47
48#define RPCB_HIGHPROC_2 RPCBPROC_CALLIT
49#define RPCB_HIGHPROC_3 RPCBPROC_TADDR2UADDR
50#define RPCB_HIGHPROC_4 RPCBPROC_GETSTAT
51
52/*
53 * r_addr
54 *
55 * Quoting RFC 3530, section 2.2:
56 *
57 * For TCP over IPv4 and for UDP over IPv4, the format of r_addr is the
58 * US-ASCII string:
59 *
60 * h1.h2.h3.h4.p1.p2
61 *
62 * The prefix, "h1.h2.h3.h4", is the standard textual form for
63 * representing an IPv4 address, which is always four octets long.
64 * Assuming big-endian ordering, h1, h2, h3, and h4, are respectively,
65 * the first through fourth octets each converted to ASCII-decimal.
66 * Assuming big-endian ordering, p1 and p2 are, respectively, the first
67 * and second octets each converted to ASCII-decimal. For example, if a
68 * host, in big-endian order, has an address of 0x0A010307 and there is
69 * a service listening on, in big endian order, port 0x020F (decimal
70 * 527), then the complete universal address is "10.1.3.7.2.15".
71 *
72 * ...
73 *
74 * For TCP over IPv6 and for UDP over IPv6, the format of r_addr is the
75 * US-ASCII string:
76 *
77 * x1:x2:x3:x4:x5:x6:x7:x8.p1.p2
78 *
79 * The suffix "p1.p2" is the service port, and is computed the same way
80 * as with universal addresses for TCP and UDP over IPv4. The prefix,
81 * "x1:x2:x3:x4:x5:x6:x7:x8", is the standard textual form for
82 * representing an IPv6 address as defined in Section 2.2 of [RFC2373].
83 * Additionally, the two alternative forms specified in Section 2.2 of
84 * [RFC2373] are also acceptable.
85 *
86 * XXX: Currently this implementation does not explicitly convert the
87 * stored address to US-ASCII on non-ASCII systems.
88 */
89#define RPCB_MAXADDRLEN (128u)
90
91/*
92 * r_netid
93 *
94 * Quoting RFC 3530, section 2.2:
95 *
96 * For TCP over IPv4 the value of r_netid is the string "tcp". For UDP
97 * over IPv4 the value of r_netid is the string "udp".
98 *
99 * ...
100 *
101 * For TCP over IPv6 the value of r_netid is the string "tcp6". For UDP
102 * over IPv6 the value of r_netid is the string "udp6".
103 */
104#define RPCB_NETID_UDP "\165\144\160" /* "udp" */
105#define RPCB_NETID_TCP "\164\143\160" /* "tcp" */
106#define RPCB_NETID_UDP6 "\165\144\160\066" /* "udp6" */
107#define RPCB_NETID_TCP6 "\164\143\160\066" /* "tcp6" */
108
109#define RPCB_MAXNETIDLEN (4u)
110
111/*
112 * r_owner
113 *
114 * The "owner" is allowed to unset a service in the rpcbind database.
115 * We always use the following (arbitrary) fixed string.
116 */
117#define RPCB_OWNER_STRING "rpcb"
118#define RPCB_MAXOWNERLEN sizeof(RPCB_OWNER_STRING)
119
120static void rpcb_getport_done(struct rpc_task *, void *);
121extern struct rpc_program rpcb_program;
122
123struct rpcbind_args {
124 struct rpc_xprt * r_xprt;
125
126 u32 r_prog;
127 u32 r_vers;
128 u32 r_prot;
129 unsigned short r_port;
130 char * r_netid;
131 char r_addr[RPCB_MAXADDRLEN];
132 char * r_owner;
133};
134
135static struct rpc_procinfo rpcb_procedures2[];
136static struct rpc_procinfo rpcb_procedures3[];
137
138static struct rpcb_info {
139 int rpc_vers;
140 struct rpc_procinfo * rpc_proc;
141} rpcb_next_version[];
142
143static void rpcb_getport_prepare(struct rpc_task *task, void *calldata)
144{
145 struct rpcbind_args *map = calldata;
146 struct rpc_xprt *xprt = map->r_xprt;
147 struct rpc_message msg = {
148 .rpc_proc = rpcb_next_version[xprt->bind_index].rpc_proc,
149 .rpc_argp = map,
150 .rpc_resp = &map->r_port,
151 };
152
153 rpc_call_setup(task, &msg, 0);
154}
155
156static void rpcb_map_release(void *data)
157{
158 struct rpcbind_args *map = data;
159
160 xprt_put(map->r_xprt);
161 kfree(map);
162}
163
164static const struct rpc_call_ops rpcb_getport_ops = {
165 .rpc_call_prepare = rpcb_getport_prepare,
166 .rpc_call_done = rpcb_getport_done,
167 .rpc_release = rpcb_map_release,
168};
169
170static void rpcb_wake_rpcbind_waiters(struct rpc_xprt *xprt, int status)
171{
172 xprt_clear_binding(xprt);
173 rpc_wake_up_status(&xprt->binding, status);
174}
175
176static struct rpc_clnt *rpcb_create(char *hostname, struct sockaddr *srvaddr,
177 int proto, int version, int privileged)
178{
179 struct rpc_create_args args = {
180 .protocol = proto,
181 .address = srvaddr,
182 .addrsize = sizeof(struct sockaddr_in),
183 .servername = hostname,
184 .program = &rpcb_program,
185 .version = version,
186 .authflavor = RPC_AUTH_UNIX,
187 .flags = (RPC_CLNT_CREATE_ONESHOT |
188 RPC_CLNT_CREATE_NOPING),
189 };
190
191 ((struct sockaddr_in *)srvaddr)->sin_port = htons(RPCBIND_PORT);
192 if (!privileged)
193 args.flags |= RPC_CLNT_CREATE_NONPRIVPORT;
194 return rpc_create(&args);
195}
196
197/**
198 * rpcb_register - set or unset a port registration with the local rpcbind svc
199 * @prog: RPC program number to bind
200 * @vers: RPC version number to bind
201 * @prot: transport protocol to use to make this request
202 * @port: port value to register
203 * @okay: result code
204 *
205 * port == 0 means unregister, port != 0 means register.
206 *
207 * This routine supports only rpcbind version 2.
208 */
209int rpcb_register(u32 prog, u32 vers, int prot, unsigned short port, int *okay)
210{
211 struct sockaddr_in sin = {
212 .sin_family = AF_INET,
213 .sin_addr.s_addr = htonl(INADDR_LOOPBACK),
214 };
215 struct rpcbind_args map = {
216 .r_prog = prog,
217 .r_vers = vers,
218 .r_prot = prot,
219 .r_port = port,
220 };
221 struct rpc_message msg = {
222 .rpc_proc = &rpcb_procedures2[port ?
223 RPCBPROC_SET : RPCBPROC_UNSET],
224 .rpc_argp = &map,
225 .rpc_resp = okay,
226 };
227 struct rpc_clnt *rpcb_clnt;
228 int error = 0;
229
230 dprintk("RPC: %sregistering (%u, %u, %d, %u) with local "
231 "rpcbind\n", (port ? "" : "un"),
232 prog, vers, prot, port);
233
234 rpcb_clnt = rpcb_create("localhost", (struct sockaddr *) &sin,
235 IPPROTO_UDP, 2, 1);
236 if (IS_ERR(rpcb_clnt))
237 return PTR_ERR(rpcb_clnt);
238
239 error = rpc_call_sync(rpcb_clnt, &msg, 0);
240
241 if (error < 0)
242 printk(KERN_WARNING "RPC: failed to contact local rpcbind "
243 "server (errno %d).\n", -error);
244 dprintk("RPC: registration status %d/%d\n", error, *okay);
245
246 return error;
247}
248
249#ifdef CONFIG_ROOT_NFS
250/**
251 * rpcb_getport_external - obtain the port for an RPC service on a given host
252 * @sin: address of remote peer
253 * @prog: RPC program number to bind
254 * @vers: RPC version number to bind
255 * @prot: transport protocol to use to make this request
256 *
257 * Called from outside the RPC client in a synchronous task context.
258 *
259 * For now, this supports only version 2 queries, but is used only by
260 * mount_clnt for NFS_ROOT.
261 */
262int rpcb_getport_external(struct sockaddr_in *sin, __u32 prog,
263 __u32 vers, int prot)
264{
265 struct rpcbind_args map = {
266 .r_prog = prog,
267 .r_vers = vers,
268 .r_prot = prot,
269 .r_port = 0,
270 };
271 struct rpc_message msg = {
272 .rpc_proc = &rpcb_procedures2[RPCBPROC_GETPORT],
273 .rpc_argp = &map,
274 .rpc_resp = &map.r_port,
275 };
276 struct rpc_clnt *rpcb_clnt;
277 char hostname[40];
278 int status;
279
280 dprintk("RPC: rpcb_getport_external(%u.%u.%u.%u, %u, %u, %d)\n",
281 NIPQUAD(sin->sin_addr.s_addr), prog, vers, prot);
282
283 sprintf(hostname, "%u.%u.%u.%u", NIPQUAD(sin->sin_addr.s_addr));
284 rpcb_clnt = rpcb_create(hostname, (struct sockaddr *)sin, prot, 2, 0);
285 if (IS_ERR(rpcb_clnt))
286 return PTR_ERR(rpcb_clnt);
287
288 status = rpc_call_sync(rpcb_clnt, &msg, 0);
289
290 if (status >= 0) {
291 if (map.r_port != 0)
292 return map.r_port;
293 status = -EACCES;
294 }
295 return status;
296}
297#endif
298
299/**
300 * rpcb_getport - obtain the port for a given RPC service on a given host
301 * @task: task that is waiting for portmapper request
302 *
303 * This one can be called for an ongoing RPC request, and can be used in
304 * an async (rpciod) context.
305 */
306void rpcb_getport(struct rpc_task *task)
307{
308 struct rpc_clnt *clnt = task->tk_client;
309 int bind_version;
310 struct rpc_xprt *xprt = task->tk_xprt;
311 struct rpc_clnt *rpcb_clnt;
312 static struct rpcbind_args *map;
313 struct rpc_task *child;
314 struct sockaddr addr;
315 int status;
316
317 dprintk("RPC: %5u rpcb_getport(%s, %u, %u, %d)\n",
318 task->tk_pid, clnt->cl_server,
319 clnt->cl_prog, clnt->cl_vers, xprt->prot);
320
321 /* Autobind on cloned rpc clients is discouraged */
322 BUG_ON(clnt->cl_parent != clnt);
323
324 if (xprt_test_and_set_binding(xprt)) {
325 status = -EACCES; /* tell caller to check again */
326 dprintk("RPC: %5u rpcb_getport waiting for another binder\n",
327 task->tk_pid);
328 goto bailout_nowake;
329 }
330
331 /* Put self on queue before sending rpcbind request, in case
332 * rpcb_getport_done completes before we return from rpc_run_task */
333 rpc_sleep_on(&xprt->binding, task, NULL, NULL);
334
335 /* Someone else may have bound if we slept */
336 if (xprt_bound(xprt)) {
337 status = 0;
338 dprintk("RPC: %5u rpcb_getport already bound\n", task->tk_pid);
339 goto bailout_nofree;
340 }
341
342 if (rpcb_next_version[xprt->bind_index].rpc_proc == NULL) {
343 xprt->bind_index = 0;
344 status = -EACCES; /* tell caller to try again later */
345 dprintk("RPC: %5u rpcb_getport no more getport versions "
346 "available\n", task->tk_pid);
347 goto bailout_nofree;
348 }
349 bind_version = rpcb_next_version[xprt->bind_index].rpc_vers;
350
351 dprintk("RPC: %5u rpcb_getport trying rpcbind version %u\n",
352 task->tk_pid, bind_version);
353
354 map = kzalloc(sizeof(struct rpcbind_args), GFP_ATOMIC);
355 if (!map) {
356 status = -ENOMEM;
357 dprintk("RPC: %5u rpcb_getport no memory available\n",
358 task->tk_pid);
359 goto bailout_nofree;
360 }
361 map->r_prog = clnt->cl_prog;
362 map->r_vers = clnt->cl_vers;
363 map->r_prot = xprt->prot;
364 map->r_port = 0;
365 map->r_xprt = xprt_get(xprt);
366 map->r_netid = (xprt->prot == IPPROTO_TCP) ? RPCB_NETID_TCP :
367 RPCB_NETID_UDP;
368 memcpy(&map->r_addr, rpc_peeraddr2str(clnt, RPC_DISPLAY_ADDR),
369 sizeof(map->r_addr));
370 map->r_owner = RPCB_OWNER_STRING; /* ignored for GETADDR */
371
372 rpc_peeraddr(clnt, (void *)&addr, sizeof(addr));
373 rpcb_clnt = rpcb_create(clnt->cl_server, &addr, xprt->prot, bind_version, 0);
374 if (IS_ERR(rpcb_clnt)) {
375 status = PTR_ERR(rpcb_clnt);
376 dprintk("RPC: %5u rpcb_getport rpcb_create failed, error %ld\n",
377 task->tk_pid, PTR_ERR(rpcb_clnt));
378 goto bailout;
379 }
380
381 child = rpc_run_task(rpcb_clnt, RPC_TASK_ASYNC, &rpcb_getport_ops, map);
382 if (IS_ERR(child)) {
383 status = -EIO;
384 dprintk("RPC: %5u rpcb_getport rpc_run_task failed\n",
385 task->tk_pid);
386 goto bailout_nofree;
387 }
388 rpc_put_task(child);
389
390 task->tk_xprt->stat.bind_count++;
391 return;
392
393bailout:
394 kfree(map);
395 xprt_put(xprt);
396bailout_nofree:
397 rpcb_wake_rpcbind_waiters(xprt, status);
398bailout_nowake:
399 task->tk_status = status;
400}
401
402/*
403 * Rpcbind child task calls this callback via tk_exit.
404 */
405static void rpcb_getport_done(struct rpc_task *child, void *data)
406{
407 struct rpcbind_args *map = data;
408 struct rpc_xprt *xprt = map->r_xprt;
409 int status = child->tk_status;
410
411 /* rpcbind server doesn't support this rpcbind protocol version */
412 if (status == -EPROTONOSUPPORT)
413 xprt->bind_index++;
414
415 if (status < 0) {
416 /* rpcbind server not available on remote host? */
417 xprt->ops->set_port(xprt, 0);
418 } else if (map->r_port == 0) {
419 /* Requested RPC service wasn't registered on remote host */
420 xprt->ops->set_port(xprt, 0);
421 status = -EACCES;
422 } else {
423 /* Succeeded */
424 xprt->ops->set_port(xprt, map->r_port);
425 xprt_set_bound(xprt);
426 status = 0;
427 }
428
429 dprintk("RPC: %5u rpcb_getport_done(status %d, port %u)\n",
430 child->tk_pid, status, map->r_port);
431
432 rpcb_wake_rpcbind_waiters(xprt, status);
433}
434
435static int rpcb_encode_mapping(struct rpc_rqst *req, __be32 *p,
436 struct rpcbind_args *rpcb)
437{
438 dprintk("RPC: rpcb_encode_mapping(%u, %u, %d, %u)\n",
439 rpcb->r_prog, rpcb->r_vers, rpcb->r_prot, rpcb->r_port);
440 *p++ = htonl(rpcb->r_prog);
441 *p++ = htonl(rpcb->r_vers);
442 *p++ = htonl(rpcb->r_prot);
443 *p++ = htonl(rpcb->r_port);
444
445 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
446 return 0;
447}
448
449static int rpcb_decode_getport(struct rpc_rqst *req, __be32 *p,
450 unsigned short *portp)
451{
452 *portp = (unsigned short) ntohl(*p++);
453 dprintk("RPC: rpcb_decode_getport result %u\n",
454 *portp);
455 return 0;
456}
457
458static int rpcb_decode_set(struct rpc_rqst *req, __be32 *p,
459 unsigned int *boolp)
460{
461 *boolp = (unsigned int) ntohl(*p++);
462 dprintk("RPC: rpcb_decode_set result %u\n",
463 *boolp);
464 return 0;
465}
466
467static int rpcb_encode_getaddr(struct rpc_rqst *req, __be32 *p,
468 struct rpcbind_args *rpcb)
469{
470 dprintk("RPC: rpcb_encode_getaddr(%u, %u, %s)\n",
471 rpcb->r_prog, rpcb->r_vers, rpcb->r_addr);
472 *p++ = htonl(rpcb->r_prog);
473 *p++ = htonl(rpcb->r_vers);
474
475 p = xdr_encode_string(p, rpcb->r_netid);
476 p = xdr_encode_string(p, rpcb->r_addr);
477 p = xdr_encode_string(p, rpcb->r_owner);
478
479 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
480
481 return 0;
482}
483
484static int rpcb_decode_getaddr(struct rpc_rqst *req, __be32 *p,
485 unsigned short *portp)
486{
487 char *addr;
488 int addr_len, c, i, f, first, val;
489
490 *portp = 0;
491 addr_len = (unsigned int) ntohl(*p++);
492 if (addr_len > RPCB_MAXADDRLEN) /* sanity */
493 return -EINVAL;
494
495 dprintk("RPC: rpcb_decode_getaddr returned string: '%s'\n",
496 (char *) p);
497
498 addr = (char *)p;
499 val = 0;
500 first = 1;
501 f = 1;
502 for (i = addr_len - 1; i > 0; i--) {
503 c = addr[i];
504 if (c >= '0' && c <= '9') {
505 val += (c - '0') * f;
506 f *= 10;
507 } else if (c == '.') {
508 if (first) {
509 *portp = val;
510 val = first = 0;
511 f = 1;
512 } else {
513 *portp |= (val << 8);
514 break;
515 }
516 }
517 }
518
519 dprintk("RPC: rpcb_decode_getaddr port=%u\n", *portp);
520 return 0;
521}
522
523#define RPCB_program_sz (1u)
524#define RPCB_version_sz (1u)
525#define RPCB_protocol_sz (1u)
526#define RPCB_port_sz (1u)
527#define RPCB_boolean_sz (1u)
528
529#define RPCB_netid_sz (1+XDR_QUADLEN(RPCB_MAXNETIDLEN))
530#define RPCB_addr_sz (1+XDR_QUADLEN(RPCB_MAXADDRLEN))
531#define RPCB_ownerstring_sz (1+XDR_QUADLEN(RPCB_MAXOWNERLEN))
532
533#define RPCB_mappingargs_sz RPCB_program_sz+RPCB_version_sz+ \
534 RPCB_protocol_sz+RPCB_port_sz
535#define RPCB_getaddrargs_sz RPCB_program_sz+RPCB_version_sz+ \
536 RPCB_netid_sz+RPCB_addr_sz+ \
537 RPCB_ownerstring_sz
538
539#define RPCB_setres_sz RPCB_boolean_sz
540#define RPCB_getportres_sz RPCB_port_sz
541
542/*
543 * Note that RFC 1833 does not put any size restrictions on the
544 * address string returned by the remote rpcbind database.
545 */
546#define RPCB_getaddrres_sz RPCB_addr_sz
547
548#define PROC(proc, argtype, restype) \
549 [RPCBPROC_##proc] = { \
550 .p_proc = RPCBPROC_##proc, \
551 .p_encode = (kxdrproc_t) rpcb_encode_##argtype, \
552 .p_decode = (kxdrproc_t) rpcb_decode_##restype, \
553 .p_arglen = RPCB_##argtype##args_sz, \
554 .p_replen = RPCB_##restype##res_sz, \
555 .p_statidx = RPCBPROC_##proc, \
556 .p_timer = 0, \
557 .p_name = #proc, \
558 }
559
560/*
561 * Not all rpcbind procedures described in RFC 1833 are implemented
562 * since the Linux kernel RPC code requires only these.
563 */
564static struct rpc_procinfo rpcb_procedures2[] = {
565 PROC(SET, mapping, set),
566 PROC(UNSET, mapping, set),
567 PROC(GETADDR, mapping, getport),
568};
569
570static struct rpc_procinfo rpcb_procedures3[] = {
571 PROC(SET, mapping, set),
572 PROC(UNSET, mapping, set),
573 PROC(GETADDR, getaddr, getaddr),
574};
575
576static struct rpc_procinfo rpcb_procedures4[] = {
577 PROC(SET, mapping, set),
578 PROC(UNSET, mapping, set),
579 PROC(GETVERSADDR, getaddr, getaddr),
580};
581
582static struct rpcb_info rpcb_next_version[] = {
583#ifdef CONFIG_SUNRPC_BIND34
584 { 4, &rpcb_procedures4[RPCBPROC_GETVERSADDR] },
585 { 3, &rpcb_procedures3[RPCBPROC_GETADDR] },
586#endif
587 { 2, &rpcb_procedures2[RPCBPROC_GETPORT] },
588 { 0, NULL },
589};
590
591static struct rpc_version rpcb_version2 = {
592 .number = 2,
593 .nrprocs = RPCB_HIGHPROC_2,
594 .procs = rpcb_procedures2
595};
596
597static struct rpc_version rpcb_version3 = {
598 .number = 3,
599 .nrprocs = RPCB_HIGHPROC_3,
600 .procs = rpcb_procedures3
601};
602
603static struct rpc_version rpcb_version4 = {
604 .number = 4,
605 .nrprocs = RPCB_HIGHPROC_4,
606 .procs = rpcb_procedures4
607};
608
609static struct rpc_version *rpcb_version[] = {
610 NULL,
611 NULL,
612 &rpcb_version2,
613 &rpcb_version3,
614 &rpcb_version4
615};
616
617static struct rpc_stat rpcb_stats;
618
619struct rpc_program rpcb_program = {
620 .name = "rpcbind",
621 .number = RPCBIND_PROGRAM,
622 .nrvers = ARRAY_SIZE(rpcb_version),
623 .version = rpcb_version,
624 .stats = &rpcb_stats,
625};
diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c
index 6d87320074b1..4a53e94f8134 100644
--- a/net/sunrpc/sched.c
+++ b/net/sunrpc/sched.c
@@ -741,50 +741,53 @@ static void rpc_async_schedule(struct work_struct *work)
741 * @task: RPC task that will use this buffer 741 * @task: RPC task that will use this buffer
742 * @size: requested byte size 742 * @size: requested byte size
743 * 743 *
744 * We try to ensure that some NFS reads and writes can always proceed 744 * To prevent rpciod from hanging, this allocator never sleeps,
745 * by using a mempool when allocating 'small' buffers. 745 * returning NULL if the request cannot be serviced immediately.
746 * The caller can arrange to sleep in a way that is safe for rpciod.
747 *
748 * Most requests are 'small' (under 2KiB) and can be serviced from a
749 * mempool, ensuring that NFS reads and writes can always proceed,
750 * and that there is good locality of reference for these buffers.
751 *
746 * In order to avoid memory starvation triggering more writebacks of 752 * In order to avoid memory starvation triggering more writebacks of
747 * NFS requests, we use GFP_NOFS rather than GFP_KERNEL. 753 * NFS requests, we avoid using GFP_KERNEL.
748 */ 754 */
749void * rpc_malloc(struct rpc_task *task, size_t size) 755void *rpc_malloc(struct rpc_task *task, size_t size)
750{ 756{
751 struct rpc_rqst *req = task->tk_rqstp; 757 size_t *buf;
752 gfp_t gfp; 758 gfp_t gfp = RPC_IS_SWAPPER(task) ? GFP_ATOMIC : GFP_NOWAIT;
753 759
754 if (task->tk_flags & RPC_TASK_SWAPPER) 760 size += sizeof(size_t);
755 gfp = GFP_ATOMIC; 761 if (size <= RPC_BUFFER_MAXSIZE)
762 buf = mempool_alloc(rpc_buffer_mempool, gfp);
756 else 763 else
757 gfp = GFP_NOFS; 764 buf = kmalloc(size, gfp);
758 765 *buf = size;
759 if (size > RPC_BUFFER_MAXSIZE) { 766 dprintk("RPC: %5u allocated buffer of size %u at %p\n",
760 req->rq_buffer = kmalloc(size, gfp); 767 task->tk_pid, size, buf);
761 if (req->rq_buffer) 768 return (void *) ++buf;
762 req->rq_bufsize = size;
763 } else {
764 req->rq_buffer = mempool_alloc(rpc_buffer_mempool, gfp);
765 if (req->rq_buffer)
766 req->rq_bufsize = RPC_BUFFER_MAXSIZE;
767 }
768 return req->rq_buffer;
769} 769}
770 770
771/** 771/**
772 * rpc_free - free buffer allocated via rpc_malloc 772 * rpc_free - free buffer allocated via rpc_malloc
773 * @task: RPC task with a buffer to be freed 773 * @buffer: buffer to free
774 * 774 *
775 */ 775 */
776void rpc_free(struct rpc_task *task) 776void rpc_free(void *buffer)
777{ 777{
778 struct rpc_rqst *req = task->tk_rqstp; 778 size_t size, *buf = (size_t *) buffer;
779 779
780 if (req->rq_buffer) { 780 if (!buffer)
781 if (req->rq_bufsize == RPC_BUFFER_MAXSIZE) 781 return;
782 mempool_free(req->rq_buffer, rpc_buffer_mempool); 782 size = *buf;
783 else 783 buf--;
784 kfree(req->rq_buffer); 784
785 req->rq_buffer = NULL; 785 dprintk("RPC: freeing buffer of size %u at %p\n",
786 req->rq_bufsize = 0; 786 size, buf);
787 } 787 if (size <= RPC_BUFFER_MAXSIZE)
788 mempool_free(buf, rpc_buffer_mempool);
789 else
790 kfree(buf);
788} 791}
789 792
790/* 793/*
diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c
index b4db53ff1435..b7503c103ae8 100644
--- a/net/sunrpc/svc.c
+++ b/net/sunrpc/svc.c
@@ -757,7 +757,7 @@ svc_register(struct svc_serv *serv, int proto, unsigned short port)
757 if (progp->pg_vers[i]->vs_hidden) 757 if (progp->pg_vers[i]->vs_hidden)
758 continue; 758 continue;
759 759
760 error = rpc_register(progp->pg_prog, i, proto, port, &dummy); 760 error = rpcb_register(progp->pg_prog, i, proto, port, &dummy);
761 if (error < 0) 761 if (error < 0)
762 break; 762 break;
763 if (port && !dummy) { 763 if (port && !dummy) {
diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c
index 456a14510308..5b05b73e4c1d 100644
--- a/net/sunrpc/xprt.c
+++ b/net/sunrpc/xprt.c
@@ -823,7 +823,6 @@ static void xprt_request_init(struct rpc_task *task, struct rpc_xprt *xprt)
823 req->rq_task = task; 823 req->rq_task = task;
824 req->rq_xprt = xprt; 824 req->rq_xprt = xprt;
825 req->rq_buffer = NULL; 825 req->rq_buffer = NULL;
826 req->rq_bufsize = 0;
827 req->rq_xid = xprt_alloc_xid(xprt); 826 req->rq_xid = xprt_alloc_xid(xprt);
828 req->rq_release_snd_buf = NULL; 827 req->rq_release_snd_buf = NULL;
829 xprt_reset_majortimeo(req); 828 xprt_reset_majortimeo(req);
@@ -855,7 +854,7 @@ void xprt_release(struct rpc_task *task)
855 mod_timer(&xprt->timer, 854 mod_timer(&xprt->timer,
856 xprt->last_used + xprt->idle_timeout); 855 xprt->last_used + xprt->idle_timeout);
857 spin_unlock_bh(&xprt->transport_lock); 856 spin_unlock_bh(&xprt->transport_lock);
858 xprt->ops->buf_free(task); 857 xprt->ops->buf_free(req->rq_buffer);
859 task->tk_rqstp = NULL; 858 task->tk_rqstp = NULL;
860 if (req->rq_release_snd_buf) 859 if (req->rq_release_snd_buf)
861 req->rq_release_snd_buf(req); 860 req->rq_release_snd_buf(req);
@@ -928,6 +927,7 @@ struct rpc_xprt *xprt_create_transport(int proto, struct sockaddr *ap, size_t si
928 xprt->timer.data = (unsigned long) xprt; 927 xprt->timer.data = (unsigned long) xprt;
929 xprt->last_used = jiffies; 928 xprt->last_used = jiffies;
930 xprt->cwnd = RPC_INITCWND; 929 xprt->cwnd = RPC_INITCWND;
930 xprt->bind_index = 0;
931 931
932 rpc_init_wait_queue(&xprt->binding, "xprt_binding"); 932 rpc_init_wait_queue(&xprt->binding, "xprt_binding");
933 rpc_init_wait_queue(&xprt->pending, "xprt_pending"); 933 rpc_init_wait_queue(&xprt->pending, "xprt_pending");
diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
index a5a32029e728..cc33c5880abb 100644
--- a/net/sunrpc/xprtsock.c
+++ b/net/sunrpc/xprtsock.c
@@ -1476,7 +1476,7 @@ static struct rpc_xprt_ops xs_udp_ops = {
1476 .set_buffer_size = xs_udp_set_buffer_size, 1476 .set_buffer_size = xs_udp_set_buffer_size,
1477 .reserve_xprt = xprt_reserve_xprt_cong, 1477 .reserve_xprt = xprt_reserve_xprt_cong,
1478 .release_xprt = xprt_release_xprt_cong, 1478 .release_xprt = xprt_release_xprt_cong,
1479 .rpcbind = rpc_getport, 1479 .rpcbind = rpcb_getport,
1480 .set_port = xs_set_port, 1480 .set_port = xs_set_port,
1481 .connect = xs_connect, 1481 .connect = xs_connect,
1482 .buf_alloc = rpc_malloc, 1482 .buf_alloc = rpc_malloc,
@@ -1493,7 +1493,7 @@ static struct rpc_xprt_ops xs_udp_ops = {
1493static struct rpc_xprt_ops xs_tcp_ops = { 1493static struct rpc_xprt_ops xs_tcp_ops = {
1494 .reserve_xprt = xprt_reserve_xprt, 1494 .reserve_xprt = xprt_reserve_xprt,
1495 .release_xprt = xs_tcp_release_xprt, 1495 .release_xprt = xs_tcp_release_xprt,
1496 .rpcbind = rpc_getport, 1496 .rpcbind = rpcb_getport,
1497 .set_port = xs_set_port, 1497 .set_port = xs_set_port,
1498 .connect = xs_connect, 1498 .connect = xs_connect,
1499 .buf_alloc = rpc_malloc, 1499 .buf_alloc = rpc_malloc,
diff --git a/net/tipc/eth_media.c b/net/tipc/eth_media.c
index 67bb29b44d1b..0ee6ded18f3a 100644
--- a/net/tipc/eth_media.c
+++ b/net/tipc/eth_media.c
@@ -120,16 +120,18 @@ static int recv_msg(struct sk_buff *buf, struct net_device *dev,
120 120
121static int enable_bearer(struct tipc_bearer *tb_ptr) 121static int enable_bearer(struct tipc_bearer *tb_ptr)
122{ 122{
123 struct net_device *dev = dev_base; 123 struct net_device *dev, *pdev;
124 struct eth_bearer *eb_ptr = &eth_bearers[0]; 124 struct eth_bearer *eb_ptr = &eth_bearers[0];
125 struct eth_bearer *stop = &eth_bearers[MAX_ETH_BEARERS]; 125 struct eth_bearer *stop = &eth_bearers[MAX_ETH_BEARERS];
126 char *driver_name = strchr((const char *)tb_ptr->name, ':') + 1; 126 char *driver_name = strchr((const char *)tb_ptr->name, ':') + 1;
127 127
128 /* Find device with specified name */ 128 /* Find device with specified name */
129 129 dev = NULL;
130 while (dev && dev->name && strncmp(dev->name, driver_name, IFNAMSIZ)) { 130 for_each_netdev(pdev)
131 dev = dev->next; 131 if (!strncmp(dev->name, driver_name, IFNAMSIZ)) {
132 } 132 dev = pdev;
133 break;
134 }
133 if (!dev) 135 if (!dev)
134 return -ENODEV; 136 return -ENODEV;
135 137
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 263e34e45265..95271e8426a1 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -579,7 +579,7 @@ static inline int xfrm_byidx_should_resize(int total)
579 return 0; 579 return 0;
580} 580}
581 581
582void xfrm_spd_getinfo(struct xfrm_spdinfo *si) 582void xfrm_spd_getinfo(struct xfrmk_spdinfo *si)
583{ 583{
584 read_lock_bh(&xfrm_policy_lock); 584 read_lock_bh(&xfrm_policy_lock);
585 si->incnt = xfrm_policy_count[XFRM_POLICY_IN]; 585 si->incnt = xfrm_policy_count[XFRM_POLICY_IN];
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index f3a61ebd8d65..9955ff4da0a2 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -421,7 +421,7 @@ restart:
421} 421}
422EXPORT_SYMBOL(xfrm_state_flush); 422EXPORT_SYMBOL(xfrm_state_flush);
423 423
424void xfrm_sad_getinfo(struct xfrm_sadinfo *si) 424void xfrm_sad_getinfo(struct xfrmk_sadinfo *si)
425{ 425{
426 spin_lock_bh(&xfrm_state_lock); 426 spin_lock_bh(&xfrm_state_lock);
427 si->sadcnt = xfrm_state_num; 427 si->sadcnt = xfrm_state_num;
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 4210d91624cd..b14c7e590c31 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -674,7 +674,9 @@ static struct sk_buff *xfrm_state_netlink(struct sk_buff *in_skb,
674 674
675static int build_spdinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) 675static int build_spdinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
676{ 676{
677 struct xfrm_spdinfo si; 677 struct xfrmk_spdinfo si;
678 struct xfrmu_spdinfo spc;
679 struct xfrmu_spdhinfo sph;
678 struct nlmsghdr *nlh; 680 struct nlmsghdr *nlh;
679 u32 *f; 681 u32 *f;
680 682
@@ -685,23 +687,17 @@ static int build_spdinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
685 f = nlmsg_data(nlh); 687 f = nlmsg_data(nlh);
686 *f = flags; 688 *f = flags;
687 xfrm_spd_getinfo(&si); 689 xfrm_spd_getinfo(&si);
688 690 spc.incnt = si.incnt;
689 if (flags & XFRM_SPD_HMASK) 691 spc.outcnt = si.outcnt;
690 NLA_PUT_U32(skb, XFRMA_SPDHMASK, si.spdhcnt); 692 spc.fwdcnt = si.fwdcnt;
691 if (flags & XFRM_SPD_HMAX) 693 spc.inscnt = si.inscnt;
692 NLA_PUT_U32(skb, XFRMA_SPDHMAX, si.spdhmcnt); 694 spc.outscnt = si.outscnt;
693 if (flags & XFRM_SPD_ICNT) 695 spc.fwdscnt = si.fwdscnt;
694 NLA_PUT_U32(skb, XFRMA_SPDICNT, si.incnt); 696 sph.spdhcnt = si.spdhcnt;
695 if (flags & XFRM_SPD_OCNT) 697 sph.spdhmcnt = si.spdhmcnt;
696 NLA_PUT_U32(skb, XFRMA_SPDOCNT, si.outcnt); 698
697 if (flags & XFRM_SPD_FCNT) 699 NLA_PUT(skb, XFRMA_SPD_INFO, sizeof(spc), &spc);
698 NLA_PUT_U32(skb, XFRMA_SPDFCNT, si.fwdcnt); 700 NLA_PUT(skb, XFRMA_SPD_HINFO, sizeof(sph), &sph);
699 if (flags & XFRM_SPD_ISCNT)
700 NLA_PUT_U32(skb, XFRMA_SPDISCNT, si.inscnt);
701 if (flags & XFRM_SPD_OSCNT)
702 NLA_PUT_U32(skb, XFRMA_SPDOSCNT, si.inscnt);
703 if (flags & XFRM_SPD_FSCNT)
704 NLA_PUT_U32(skb, XFRMA_SPDFSCNT, si.inscnt);
705 701
706 return nlmsg_end(skb, nlh); 702 return nlmsg_end(skb, nlh);
707 703
@@ -719,23 +715,8 @@ static int xfrm_get_spdinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
719 u32 seq = nlh->nlmsg_seq; 715 u32 seq = nlh->nlmsg_seq;
720 int len = NLMSG_LENGTH(sizeof(u32)); 716 int len = NLMSG_LENGTH(sizeof(u32));
721 717
722 718 len += RTA_SPACE(sizeof(struct xfrmu_spdinfo));
723 if (*flags & XFRM_SPD_HMASK) 719 len += RTA_SPACE(sizeof(struct xfrmu_spdhinfo));
724 len += RTA_SPACE(sizeof(u32));
725 if (*flags & XFRM_SPD_HMAX)
726 len += RTA_SPACE(sizeof(u32));
727 if (*flags & XFRM_SPD_ICNT)
728 len += RTA_SPACE(sizeof(u32));
729 if (*flags & XFRM_SPD_OCNT)
730 len += RTA_SPACE(sizeof(u32));
731 if (*flags & XFRM_SPD_FCNT)
732 len += RTA_SPACE(sizeof(u32));
733 if (*flags & XFRM_SPD_ISCNT)
734 len += RTA_SPACE(sizeof(u32));
735 if (*flags & XFRM_SPD_OSCNT)
736 len += RTA_SPACE(sizeof(u32));
737 if (*flags & XFRM_SPD_FSCNT)
738 len += RTA_SPACE(sizeof(u32));
739 720
740 r_skb = alloc_skb(len, GFP_ATOMIC); 721 r_skb = alloc_skb(len, GFP_ATOMIC);
741 if (r_skb == NULL) 722 if (r_skb == NULL)
@@ -749,7 +730,8 @@ static int xfrm_get_spdinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
749 730
750static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) 731static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
751{ 732{
752 struct xfrm_sadinfo si; 733 struct xfrmk_sadinfo si;
734 struct xfrmu_sadhinfo sh;
753 struct nlmsghdr *nlh; 735 struct nlmsghdr *nlh;
754 u32 *f; 736 u32 *f;
755 737
@@ -761,12 +743,11 @@ static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
761 *f = flags; 743 *f = flags;
762 xfrm_sad_getinfo(&si); 744 xfrm_sad_getinfo(&si);
763 745
764 if (flags & XFRM_SAD_HMASK) 746 sh.sadhmcnt = si.sadhmcnt;
765 NLA_PUT_U32(skb, XFRMA_SADHMASK, si.sadhcnt); 747 sh.sadhcnt = si.sadhcnt;
766 if (flags & XFRM_SAD_HMAX) 748
767 NLA_PUT_U32(skb, XFRMA_SADHMAX, si.sadhmcnt); 749 NLA_PUT_U32(skb, XFRMA_SAD_CNT, si.sadcnt);
768 if (flags & XFRM_SAD_CNT) 750 NLA_PUT(skb, XFRMA_SAD_HINFO, sizeof(sh), &sh);
769 NLA_PUT_U32(skb, XFRMA_SADCNT, si.sadcnt);
770 751
771 return nlmsg_end(skb, nlh); 752 return nlmsg_end(skb, nlh);
772 753
@@ -784,12 +765,8 @@ static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
784 u32 seq = nlh->nlmsg_seq; 765 u32 seq = nlh->nlmsg_seq;
785 int len = NLMSG_LENGTH(sizeof(u32)); 766 int len = NLMSG_LENGTH(sizeof(u32));
786 767
787 if (*flags & XFRM_SAD_HMASK) 768 len += RTA_SPACE(sizeof(struct xfrmu_sadhinfo));
788 len += RTA_SPACE(sizeof(u32)); 769 len += RTA_SPACE(sizeof(u32));
789 if (*flags & XFRM_SAD_HMAX)
790 len += RTA_SPACE(sizeof(u32));
791 if (*flags & XFRM_SAD_CNT)
792 len += RTA_SPACE(sizeof(u32));
793 770
794 r_skb = alloc_skb(len, GFP_ATOMIC); 771 r_skb = alloc_skb(len, GFP_ATOMIC);
795 772