aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/8021q/vlan.c19
-rw-r--r--net/Kconfig20
-rw-r--r--net/Makefile1
-rw-r--r--net/atm/br2684.c4
-rw-r--r--net/atm/clip.c12
-rw-r--r--net/atm/lec.c8
-rw-r--r--net/atm/mpc.c2
-rw-r--r--net/bluetooth/bnep/netdev.c6
-rw-r--r--net/bridge/br_device.c2
-rw-r--r--net/bridge/br_netfilter.c96
-rw-r--r--net/compat.c17
-rw-r--r--net/core/dev.c8
-rw-r--r--net/core/ethtool.c16
-rw-r--r--net/core/neighbour.c6
-rw-r--r--net/core/net_namespace.c35
-rw-r--r--net/core/netpoll.c6
-rw-r--r--net/core/rtnetlink.c21
-rw-r--r--net/core/skbuff.c3
-rw-r--r--net/decnet/dn_route.c2
-rw-r--r--net/econet/af_econet.c4
-rw-r--r--net/ieee802154/af_ieee802154.c4
-rw-r--r--net/ieee802154/dgram.c6
-rw-r--r--net/ieee802154/netlink.c6
-rw-r--r--net/ieee802154/raw.c2
-rw-r--r--net/ipv4/af_inet.c12
-rw-r--r--net/ipv4/fib_trie.c50
-rw-r--r--net/ipv4/ip_gre.c6
-rw-r--r--net/ipv4/ipip.c6
-rw-r--r--net/ipv4/ipmr.c2
-rw-r--r--net/ipv4/route.c2
-rw-r--r--net/ipv4/tcp_output.c58
-rw-r--r--net/ipv4/udp.c144
-rw-r--r--net/ipv4/xfrm4_policy.c31
-rw-r--r--net/ipv6/af_inet6.c20
-rw-r--r--net/ipv6/ip6_fib.c16
-rw-r--r--net/ipv6/ip6_input.c6
-rw-r--r--net/ipv6/ip6_output.c26
-rw-r--r--net/ipv6/ip6_tunnel.c4
-rw-r--r--net/ipv6/ip6mr.c2
-rw-r--r--net/ipv6/mcast.c1
-rw-r--r--net/ipv6/sit.c6
-rw-r--r--net/ipv6/udp.c141
-rw-r--r--net/ipv6/xfrm6_policy.c33
-rw-r--r--net/irda/irlan/irlan_eth.c4
-rw-r--r--net/irda/irnetlink.c2
-rw-r--r--net/lapb/lapb_iface.c2
-rw-r--r--net/mac80211/Kconfig28
-rw-r--r--net/mac80211/Makefile3
-rw-r--r--net/mac80211/agg-tx.c3
-rw-r--r--net/mac80211/cfg.c216
-rw-r--r--net/mac80211/debugfs.c2
-rw-r--r--net/mac80211/debugfs_netdev.c46
-rw-r--r--net/mac80211/debugfs_sta.c98
-rw-r--r--net/mac80211/driver-ops.h85
-rw-r--r--net/mac80211/driver-trace.c6
-rw-r--r--net/mac80211/driver-trace.h648
-rw-r--r--net/mac80211/event.c23
-rw-r--r--net/mac80211/ibss.c15
-rw-r--r--net/mac80211/ieee80211_i.h181
-rw-r--r--net/mac80211/iface.c81
-rw-r--r--net/mac80211/key.c28
-rw-r--r--net/mac80211/main.c125
-rw-r--r--net/mac80211/mesh.c11
-rw-r--r--net/mac80211/mesh.h3
-rw-r--r--net/mac80211/mesh_hwmp.c9
-rw-r--r--net/mac80211/mesh_pathtbl.c26
-rw-r--r--net/mac80211/mlme.c1905
-rw-r--r--net/mac80211/rate.c31
-rw-r--r--net/mac80211/rc80211_minstrel.c23
-rw-r--r--net/mac80211/rc80211_pid_algo.c12
-rw-r--r--net/mac80211/rx.c158
-rw-r--r--net/mac80211/scan.c48
-rw-r--r--net/mac80211/sta_info.h17
-rw-r--r--net/mac80211/tx.c335
-rw-r--r--net/mac80211/util.c68
-rw-r--r--net/mac80211/wep.c52
-rw-r--r--net/mac80211/wep.h7
-rw-r--r--net/mac80211/wext.c450
-rw-r--r--net/mac80211/wme.c6
-rw-r--r--net/mac80211/wme.h3
-rw-r--r--net/mac80211/wpa.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_app.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_conn.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_core.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_ctl.c5
-rw-r--r--net/netfilter/ipvs/ip_vs_dh.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_est.c4
-rw-r--r--net/netfilter/ipvs/ip_vs_ftp.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_lblc.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_lblcr.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_lc.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_nq.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_proto.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_ah_esp.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_tcp.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_udp.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_rr.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_sched.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_sed.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_sh.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_sync.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_wlc.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_wrr.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_xmit.c3
-rw-r--r--net/netlabel/netlabel_kapi.c6
-rw-r--r--net/netlink/af_netlink.c72
-rw-r--r--net/netlink/genetlink.c186
-rw-r--r--net/netrom/nr_dev.c4
-rw-r--r--net/packet/af_packet.c246
-rw-r--r--net/phonet/datagram.c5
-rw-r--r--net/phonet/pep-gprs.c4
-rw-r--r--net/phonet/pep.c7
-rw-r--r--net/phonet/pn_dev.c10
-rw-r--r--net/phonet/socket.c96
-rw-r--r--net/rds/connection.c49
-rw-r--r--net/rds/ib.c6
-rw-r--r--net/rds/ib.h18
-rw-r--r--net/rds/ib_cm.c62
-rw-r--r--net/rds/ib_rdma.c12
-rw-r--r--net/rds/ib_recv.c53
-rw-r--r--net/rds/ib_sysctl.c12
-rw-r--r--net/rds/iw.c15
-rw-r--r--net/rds/iw.h1
-rw-r--r--net/rds/iw_rdma.c28
-rw-r--r--net/rds/iw_send.c2
-rw-r--r--net/rds/rdma_transport.c8
-rw-r--r--net/rds/recv.c24
-rw-r--r--net/rfkill/core.c10
-rw-r--r--net/rose/rose_dev.c2
-rw-r--r--net/sched/sch_teql.c6
-rw-r--r--net/tipc/netlink.c2
-rw-r--r--net/tipc/socket.c6
-rw-r--r--net/wireless/Kconfig43
-rw-r--r--net/wireless/Makefile4
-rw-r--r--net/wireless/core.c384
-rw-r--r--net/wireless/core.h206
-rw-r--r--net/wireless/debugfs.c14
-rw-r--r--net/wireless/debugfs.h8
-rw-r--r--net/wireless/ibss.c234
-rw-r--r--net/wireless/mlme.c589
-rw-r--r--net/wireless/nl80211.c1522
-rw-r--r--net/wireless/nl80211.h71
-rw-r--r--net/wireless/reg.c73
-rw-r--r--net/wireless/scan.c75
-rw-r--r--net/wireless/sme.c836
-rw-r--r--net/wireless/util.c66
-rw-r--r--net/wireless/wext-compat.c678
-rw-r--r--net/wireless/wext-sme.c394
-rw-r--r--net/wireless/wext.c256
149 files changed, 8278 insertions, 3842 deletions
diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c
index fe649081fbdc..a1f16303703a 100644
--- a/net/8021q/vlan.c
+++ b/net/8021q/vlan.c
@@ -225,12 +225,6 @@ int vlan_check_real_dev(struct net_device *real_dev, u16 vlan_id)
225 return -EOPNOTSUPP; 225 return -EOPNOTSUPP;
226 } 226 }
227 227
228 /* The real device must be up and operating in order to
229 * assosciate a VLAN device with it.
230 */
231 if (!(real_dev->flags & IFF_UP))
232 return -ENETDOWN;
233
234 if (__find_vlan_dev(real_dev, vlan_id) != NULL) 228 if (__find_vlan_dev(real_dev, vlan_id) != NULL)
235 return -EEXIST; 229 return -EEXIST;
236 230
@@ -468,6 +462,19 @@ static int vlan_device_event(struct notifier_block *unused, unsigned long event,
468 } 462 }
469 break; 463 break;
470 464
465 case NETDEV_CHANGEMTU:
466 for (i = 0; i < VLAN_GROUP_ARRAY_LEN; i++) {
467 vlandev = vlan_group_get_device(grp, i);
468 if (!vlandev)
469 continue;
470
471 if (vlandev->mtu <= dev->mtu)
472 continue;
473
474 dev_set_mtu(vlandev, dev->mtu);
475 }
476 break;
477
471 case NETDEV_FEAT_CHANGE: 478 case NETDEV_FEAT_CHANGE:
472 /* Propagate device features to underlying device */ 479 /* Propagate device features to underlying device */
473 for (i = 0; i < VLAN_GROUP_ARRAY_LEN; i++) { 480 for (i = 0; i < VLAN_GROUP_ARRAY_LEN; i++) {
diff --git a/net/Kconfig b/net/Kconfig
index 7051b9710675..041c35edb763 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -23,6 +23,26 @@ menuconfig NET
23 23
24if NET 24if NET
25 25
26config WANT_COMPAT_NETLINK_MESSAGES
27 bool
28 help
29 This option can be selected by other options that need compat
30 netlink messages.
31
32config COMPAT_NETLINK_MESSAGES
33 def_bool y
34 depends on COMPAT
35 depends on WIRELESS_EXT || WANT_COMPAT_NETLINK_MESSAGES
36 help
37 This option makes it possible to send different netlink messages
38 to tasks depending on whether the task is a compat task or not. To
39 achieve this, you need to set skb_shinfo(skb)->frag_list to the
40 compat skb before sending the skb, the netlink code will sort out
41 which message to actually pass to the task.
42
43 Newly written code should NEVER need this option but do
44 compat-independent messages instead!
45
26menu "Networking options" 46menu "Networking options"
27 47
28source "net/packet/Kconfig" 48source "net/packet/Kconfig"
diff --git a/net/Makefile b/net/Makefile
index ba324aefda73..1542e7268a7b 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -24,7 +24,6 @@ obj-y += ipv6/
24endif 24endif
25obj-$(CONFIG_PACKET) += packet/ 25obj-$(CONFIG_PACKET) += packet/
26obj-$(CONFIG_NET_KEY) += key/ 26obj-$(CONFIG_NET_KEY) += key/
27obj-$(CONFIG_NET_SCHED) += sched/
28obj-$(CONFIG_BRIDGE) += bridge/ 27obj-$(CONFIG_BRIDGE) += bridge/
29obj-$(CONFIG_NET_DSA) += dsa/ 28obj-$(CONFIG_NET_DSA) += dsa/
30obj-$(CONFIG_IPX) += ipx/ 29obj-$(CONFIG_IPX) += ipx/
diff --git a/net/atm/br2684.c b/net/atm/br2684.c
index 2912665fc58c..848af113ba2a 100644
--- a/net/atm/br2684.c
+++ b/net/atm/br2684.c
@@ -238,7 +238,7 @@ static int br2684_start_xmit(struct sk_buff *skb, struct net_device *dev)
238 /* netif_stop_queue(dev); */ 238 /* netif_stop_queue(dev); */
239 dev_kfree_skb(skb); 239 dev_kfree_skb(skb);
240 read_unlock(&devs_lock); 240 read_unlock(&devs_lock);
241 return 0; 241 return NETDEV_TX_OK;
242 } 242 }
243 if (!br2684_xmit_vcc(skb, dev, brvcc)) { 243 if (!br2684_xmit_vcc(skb, dev, brvcc)) {
244 /* 244 /*
@@ -252,7 +252,7 @@ static int br2684_start_xmit(struct sk_buff *skb, struct net_device *dev)
252 dev->stats.tx_fifo_errors++; 252 dev->stats.tx_fifo_errors++;
253 } 253 }
254 read_unlock(&devs_lock); 254 read_unlock(&devs_lock);
255 return 0; 255 return NETDEV_TX_OK;
256} 256}
257 257
258/* 258/*
diff --git a/net/atm/clip.c b/net/atm/clip.c
index e65a3b1477f8..64910bb86089 100644
--- a/net/atm/clip.c
+++ b/net/atm/clip.c
@@ -373,7 +373,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
373 printk(KERN_ERR "clip_start_xmit: skb_dst(skb) == NULL\n"); 373 printk(KERN_ERR "clip_start_xmit: skb_dst(skb) == NULL\n");
374 dev_kfree_skb(skb); 374 dev_kfree_skb(skb);
375 dev->stats.tx_dropped++; 375 dev->stats.tx_dropped++;
376 return 0; 376 return NETDEV_TX_OK;
377 } 377 }
378 if (!skb_dst(skb)->neighbour) { 378 if (!skb_dst(skb)->neighbour) {
379#if 0 379#if 0
@@ -387,7 +387,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
387 printk(KERN_ERR "clip_start_xmit: NO NEIGHBOUR !\n"); 387 printk(KERN_ERR "clip_start_xmit: NO NEIGHBOUR !\n");
388 dev_kfree_skb(skb); 388 dev_kfree_skb(skb);
389 dev->stats.tx_dropped++; 389 dev->stats.tx_dropped++;
390 return 0; 390 return NETDEV_TX_OK;
391 } 391 }
392 entry = NEIGH2ENTRY(skb_dst(skb)->neighbour); 392 entry = NEIGH2ENTRY(skb_dst(skb)->neighbour);
393 if (!entry->vccs) { 393 if (!entry->vccs) {
@@ -402,7 +402,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
402 dev_kfree_skb(skb); 402 dev_kfree_skb(skb);
403 dev->stats.tx_dropped++; 403 dev->stats.tx_dropped++;
404 } 404 }
405 return 0; 405 return NETDEV_TX_OK;
406 } 406 }
407 pr_debug("neigh %p, vccs %p\n", entry, entry->vccs); 407 pr_debug("neigh %p, vccs %p\n", entry, entry->vccs);
408 ATM_SKB(skb)->vcc = vcc = entry->vccs->vcc; 408 ATM_SKB(skb)->vcc = vcc = entry->vccs->vcc;
@@ -421,14 +421,14 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
421 old = xchg(&entry->vccs->xoff, 1); /* assume XOFF ... */ 421 old = xchg(&entry->vccs->xoff, 1); /* assume XOFF ... */
422 if (old) { 422 if (old) {
423 printk(KERN_WARNING "clip_start_xmit: XOFF->XOFF transition\n"); 423 printk(KERN_WARNING "clip_start_xmit: XOFF->XOFF transition\n");
424 return 0; 424 return NETDEV_TX_OK;
425 } 425 }
426 dev->stats.tx_packets++; 426 dev->stats.tx_packets++;
427 dev->stats.tx_bytes += skb->len; 427 dev->stats.tx_bytes += skb->len;
428 vcc->send(vcc, skb); 428 vcc->send(vcc, skb);
429 if (atm_may_send(vcc, 0)) { 429 if (atm_may_send(vcc, 0)) {
430 entry->vccs->xoff = 0; 430 entry->vccs->xoff = 0;
431 return 0; 431 return NETDEV_TX_OK;
432 } 432 }
433 spin_lock_irqsave(&clip_priv->xoff_lock, flags); 433 spin_lock_irqsave(&clip_priv->xoff_lock, flags);
434 netif_stop_queue(dev); /* XOFF -> throttle immediately */ 434 netif_stop_queue(dev); /* XOFF -> throttle immediately */
@@ -440,7 +440,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
440 of the brief netif_stop_queue. If this isn't true or if it 440 of the brief netif_stop_queue. If this isn't true or if it
441 changes, use netif_wake_queue instead. */ 441 changes, use netif_wake_queue instead. */
442 spin_unlock_irqrestore(&clip_priv->xoff_lock, flags); 442 spin_unlock_irqrestore(&clip_priv->xoff_lock, flags);
443 return 0; 443 return NETDEV_TX_OK;
444} 444}
445 445
446static int clip_mkip(struct atm_vcc *vcc, int timeout) 446static int clip_mkip(struct atm_vcc *vcc, int timeout)
diff --git a/net/atm/lec.c b/net/atm/lec.c
index ff2e594dca9b..c463868c993b 100644
--- a/net/atm/lec.c
+++ b/net/atm/lec.c
@@ -289,7 +289,7 @@ static int lec_start_xmit(struct sk_buff *skb, struct net_device *dev)
289 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN); 289 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN);
290 kfree_skb(skb); 290 kfree_skb(skb);
291 if (skb2 == NULL) 291 if (skb2 == NULL)
292 return 0; 292 return NETDEV_TX_OK;
293 skb = skb2; 293 skb = skb2;
294 } 294 }
295 skb_push(skb, 2); 295 skb_push(skb, 2);
@@ -307,7 +307,7 @@ static int lec_start_xmit(struct sk_buff *skb, struct net_device *dev)
307 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN); 307 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN);
308 kfree_skb(skb); 308 kfree_skb(skb);
309 if (skb2 == NULL) 309 if (skb2 == NULL)
310 return 0; 310 return NETDEV_TX_OK;
311 skb = skb2; 311 skb = skb2;
312 } 312 }
313#endif 313#endif
@@ -345,7 +345,7 @@ static int lec_start_xmit(struct sk_buff *skb, struct net_device *dev)
345 dev_kfree_skb(skb); 345 dev_kfree_skb(skb);
346 if (skb2 == NULL) { 346 if (skb2 == NULL) {
347 dev->stats.tx_dropped++; 347 dev->stats.tx_dropped++;
348 return 0; 348 return NETDEV_TX_OK;
349 } 349 }
350 skb = skb2; 350 skb = skb2;
351 } 351 }
@@ -416,7 +416,7 @@ out:
416 if (entry) 416 if (entry)
417 lec_arp_put(entry); 417 lec_arp_put(entry);
418 dev->trans_start = jiffies; 418 dev->trans_start = jiffies;
419 return 0; 419 return NETDEV_TX_OK;
420} 420}
421 421
422/* The inverse routine to net_open(). */ 422/* The inverse routine to net_open(). */
diff --git a/net/atm/mpc.c b/net/atm/mpc.c
index e5bf11453a18..1ac4b94bf626 100644
--- a/net/atm/mpc.c
+++ b/net/atm/mpc.c
@@ -554,7 +554,7 @@ static int mpc_send_packet(struct sk_buff *skb, struct net_device *dev)
554 while (i < mpc->number_of_mps_macs) { 554 while (i < mpc->number_of_mps_macs) {
555 if (!compare_ether_addr(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN))) 555 if (!compare_ether_addr(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN)))
556 if ( send_via_shortcut(skb, mpc) == 0 ) /* try shortcut */ 556 if ( send_via_shortcut(skb, mpc) == 0 ) /* try shortcut */
557 return 0; /* success! */ 557 return NETDEV_TX_OK; /* success! */
558 i++; 558 i++;
559 } 559 }
560 560
diff --git a/net/bluetooth/bnep/netdev.c b/net/bluetooth/bnep/netdev.c
index d7a0e9722def..9c42990126a0 100644
--- a/net/bluetooth/bnep/netdev.c
+++ b/net/bluetooth/bnep/netdev.c
@@ -175,14 +175,14 @@ static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev)
175#ifdef CONFIG_BT_BNEP_MC_FILTER 175#ifdef CONFIG_BT_BNEP_MC_FILTER
176 if (bnep_net_mc_filter(skb, s)) { 176 if (bnep_net_mc_filter(skb, s)) {
177 kfree_skb(skb); 177 kfree_skb(skb);
178 return 0; 178 return NETDEV_TX_OK;
179 } 179 }
180#endif 180#endif
181 181
182#ifdef CONFIG_BT_BNEP_PROTO_FILTER 182#ifdef CONFIG_BT_BNEP_PROTO_FILTER
183 if (bnep_net_proto_filter(skb, s)) { 183 if (bnep_net_proto_filter(skb, s)) {
184 kfree_skb(skb); 184 kfree_skb(skb);
185 return 0; 185 return NETDEV_TX_OK;
186 } 186 }
187#endif 187#endif
188 188
@@ -203,7 +203,7 @@ static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev)
203 netif_stop_queue(dev); 203 netif_stop_queue(dev);
204 } 204 }
205 205
206 return 0; 206 return NETDEV_TX_OK;
207} 207}
208 208
209static const struct net_device_ops bnep_netdev_ops = { 209static const struct net_device_ops bnep_netdev_ops = {
diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
index 18538d7460d7..15d43ba86b53 100644
--- a/net/bridge/br_device.c
+++ b/net/bridge/br_device.c
@@ -39,7 +39,7 @@ int br_dev_xmit(struct sk_buff *skb, struct net_device *dev)
39 else 39 else
40 br_flood_deliver(br, skb); 40 br_flood_deliver(br, skb);
41 41
42 return 0; 42 return NETDEV_TX_OK;
43} 43}
44 44
45static int br_dev_open(struct net_device *dev) 45static int br_dev_open(struct net_device *dev)
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index d22f611e4004..4fde7425077d 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -905,46 +905,62 @@ static unsigned int ip_sabotage_in(unsigned int hook, struct sk_buff *skb,
905 * For br_nf_post_routing, we need (prio = NF_BR_PRI_LAST), because 905 * For br_nf_post_routing, we need (prio = NF_BR_PRI_LAST), because
906 * ip_refrag() can return NF_STOLEN. */ 906 * ip_refrag() can return NF_STOLEN. */
907static struct nf_hook_ops br_nf_ops[] __read_mostly = { 907static struct nf_hook_ops br_nf_ops[] __read_mostly = {
908 { .hook = br_nf_pre_routing, 908 {
909 .owner = THIS_MODULE, 909 .hook = br_nf_pre_routing,
910 .pf = PF_BRIDGE, 910 .owner = THIS_MODULE,
911 .hooknum = NF_BR_PRE_ROUTING, 911 .pf = PF_BRIDGE,
912 .priority = NF_BR_PRI_BRNF, }, 912 .hooknum = NF_BR_PRE_ROUTING,
913 { .hook = br_nf_local_in, 913 .priority = NF_BR_PRI_BRNF,
914 .owner = THIS_MODULE, 914 },
915 .pf = PF_BRIDGE, 915 {
916 .hooknum = NF_BR_LOCAL_IN, 916 .hook = br_nf_local_in,
917 .priority = NF_BR_PRI_BRNF, }, 917 .owner = THIS_MODULE,
918 { .hook = br_nf_forward_ip, 918 .pf = PF_BRIDGE,
919 .owner = THIS_MODULE, 919 .hooknum = NF_BR_LOCAL_IN,
920 .pf = PF_BRIDGE, 920 .priority = NF_BR_PRI_BRNF,
921 .hooknum = NF_BR_FORWARD, 921 },
922 .priority = NF_BR_PRI_BRNF - 1, }, 922 {
923 { .hook = br_nf_forward_arp, 923 .hook = br_nf_forward_ip,
924 .owner = THIS_MODULE, 924 .owner = THIS_MODULE,
925 .pf = PF_BRIDGE, 925 .pf = PF_BRIDGE,
926 .hooknum = NF_BR_FORWARD, 926 .hooknum = NF_BR_FORWARD,
927 .priority = NF_BR_PRI_BRNF, }, 927 .priority = NF_BR_PRI_BRNF - 1,
928 { .hook = br_nf_local_out, 928 },
929 .owner = THIS_MODULE, 929 {
930 .pf = PF_BRIDGE, 930 .hook = br_nf_forward_arp,
931 .hooknum = NF_BR_LOCAL_OUT, 931 .owner = THIS_MODULE,
932 .priority = NF_BR_PRI_FIRST, }, 932 .pf = PF_BRIDGE,
933 { .hook = br_nf_post_routing, 933 .hooknum = NF_BR_FORWARD,
934 .owner = THIS_MODULE, 934 .priority = NF_BR_PRI_BRNF,
935 .pf = PF_BRIDGE, 935 },
936 .hooknum = NF_BR_POST_ROUTING, 936 {
937 .priority = NF_BR_PRI_LAST, }, 937 .hook = br_nf_local_out,
938 { .hook = ip_sabotage_in, 938 .owner = THIS_MODULE,
939 .owner = THIS_MODULE, 939 .pf = PF_BRIDGE,
940 .pf = PF_INET, 940 .hooknum = NF_BR_LOCAL_OUT,
941 .hooknum = NF_INET_PRE_ROUTING, 941 .priority = NF_BR_PRI_FIRST,
942 .priority = NF_IP_PRI_FIRST, }, 942 },
943 { .hook = ip_sabotage_in, 943 {
944 .owner = THIS_MODULE, 944 .hook = br_nf_post_routing,
945 .pf = PF_INET6, 945 .owner = THIS_MODULE,
946 .hooknum = NF_INET_PRE_ROUTING, 946 .pf = PF_BRIDGE,
947 .priority = NF_IP6_PRI_FIRST, }, 947 .hooknum = NF_BR_POST_ROUTING,
948 .priority = NF_BR_PRI_LAST,
949 },
950 {
951 .hook = ip_sabotage_in,
952 .owner = THIS_MODULE,
953 .pf = PF_INET,
954 .hooknum = NF_INET_PRE_ROUTING,
955 .priority = NF_IP_PRI_FIRST,
956 },
957 {
958 .hook = ip_sabotage_in,
959 .owner = THIS_MODULE,
960 .pf = PF_INET6,
961 .hooknum = NF_INET_PRE_ROUTING,
962 .priority = NF_IP6_PRI_FIRST,
963 },
948}; 964};
949 965
950#ifdef CONFIG_SYSCTL 966#ifdef CONFIG_SYSCTL
diff --git a/net/compat.c b/net/compat.c
index 8d739053afe4..12728b17a226 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -743,6 +743,18 @@ asmlinkage long compat_sys_recvmsg(int fd, struct compat_msghdr __user *msg, uns
743 return sys_recvmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT); 743 return sys_recvmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT);
744} 744}
745 745
746asmlinkage long compat_sys_recv(int fd, void __user *buf, size_t len, unsigned flags)
747{
748 return sys_recv(fd, buf, len, flags | MSG_CMSG_COMPAT);
749}
750
751asmlinkage long compat_sys_recvfrom(int fd, void __user *buf, size_t len,
752 unsigned flags, struct sockaddr __user *addr,
753 int __user *addrlen)
754{
755 return sys_recvfrom(fd, buf, len, flags | MSG_CMSG_COMPAT, addr, addrlen);
756}
757
746asmlinkage long compat_sys_socketcall(int call, u32 __user *args) 758asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
747{ 759{
748 int ret; 760 int ret;
@@ -788,10 +800,11 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
788 ret = sys_sendto(a0, compat_ptr(a1), a[2], a[3], compat_ptr(a[4]), a[5]); 800 ret = sys_sendto(a0, compat_ptr(a1), a[2], a[3], compat_ptr(a[4]), a[5]);
789 break; 801 break;
790 case SYS_RECV: 802 case SYS_RECV:
791 ret = sys_recv(a0, compat_ptr(a1), a[2], a[3]); 803 ret = compat_sys_recv(a0, compat_ptr(a1), a[2], a[3]);
792 break; 804 break;
793 case SYS_RECVFROM: 805 case SYS_RECVFROM:
794 ret = sys_recvfrom(a0, compat_ptr(a1), a[2], a[3], compat_ptr(a[4]), compat_ptr(a[5])); 806 ret = compat_sys_recvfrom(a0, compat_ptr(a1), a[2], a[3],
807 compat_ptr(a[4]), compat_ptr(a[5]));
795 break; 808 break;
796 case SYS_SHUTDOWN: 809 case SYS_SHUTDOWN:
797 ret = sys_shutdown(a0,a1); 810 ret = sys_shutdown(a0,a1);
diff --git a/net/core/dev.c b/net/core/dev.c
index 70c27e0c7c32..d6c657ee413d 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1704,7 +1704,7 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
1704 skb_dst_drop(skb); 1704 skb_dst_drop(skb);
1705 1705
1706 rc = ops->ndo_start_xmit(skb, dev); 1706 rc = ops->ndo_start_xmit(skb, dev);
1707 if (rc == 0) 1707 if (rc == NETDEV_TX_OK)
1708 txq_trans_update(txq); 1708 txq_trans_update(txq);
1709 /* 1709 /*
1710 * TODO: if skb_orphan() was called by 1710 * TODO: if skb_orphan() was called by
@@ -1730,7 +1730,7 @@ gso:
1730 skb->next = nskb->next; 1730 skb->next = nskb->next;
1731 nskb->next = NULL; 1731 nskb->next = NULL;
1732 rc = ops->ndo_start_xmit(nskb, dev); 1732 rc = ops->ndo_start_xmit(nskb, dev);
1733 if (unlikely(rc)) { 1733 if (unlikely(rc != NETDEV_TX_OK)) {
1734 nskb->next = skb->next; 1734 nskb->next = skb->next;
1735 skb->next = nskb; 1735 skb->next = nskb;
1736 return rc; 1736 return rc;
@@ -1744,7 +1744,7 @@ gso:
1744 1744
1745out_kfree_skb: 1745out_kfree_skb:
1746 kfree_skb(skb); 1746 kfree_skb(skb);
1747 return 0; 1747 return NETDEV_TX_OK;
1748} 1748}
1749 1749
1750static u32 skb_tx_hashrnd; 1750static u32 skb_tx_hashrnd;
@@ -3923,6 +3923,7 @@ int __dev_addr_sync(struct dev_addr_list **to, int *to_count,
3923 } 3923 }
3924 return err; 3924 return err;
3925} 3925}
3926EXPORT_SYMBOL_GPL(__dev_addr_sync);
3926 3927
3927void __dev_addr_unsync(struct dev_addr_list **to, int *to_count, 3928void __dev_addr_unsync(struct dev_addr_list **to, int *to_count,
3928 struct dev_addr_list **from, int *from_count) 3929 struct dev_addr_list **from, int *from_count)
@@ -3942,6 +3943,7 @@ void __dev_addr_unsync(struct dev_addr_list **to, int *to_count,
3942 da = next; 3943 da = next;
3943 } 3944 }
3944} 3945}
3946EXPORT_SYMBOL_GPL(__dev_addr_unsync);
3945 3947
3946/** 3948/**
3947 * dev_unicast_sync - Synchronize device's unicast list to another device 3949 * dev_unicast_sync - Synchronize device's unicast list to another device
diff --git a/net/core/ethtool.c b/net/core/ethtool.c
index d9d5160610d5..44e571111d3a 100644
--- a/net/core/ethtool.c
+++ b/net/core/ethtool.c
@@ -30,10 +30,17 @@ u32 ethtool_op_get_link(struct net_device *dev)
30 return netif_carrier_ok(dev) ? 1 : 0; 30 return netif_carrier_ok(dev) ? 1 : 0;
31} 31}
32 32
33u32 ethtool_op_get_rx_csum(struct net_device *dev)
34{
35 return (dev->features & NETIF_F_ALL_CSUM) != 0;
36}
37EXPORT_SYMBOL(ethtool_op_get_rx_csum);
38
33u32 ethtool_op_get_tx_csum(struct net_device *dev) 39u32 ethtool_op_get_tx_csum(struct net_device *dev)
34{ 40{
35 return (dev->features & NETIF_F_ALL_CSUM) != 0; 41 return (dev->features & NETIF_F_ALL_CSUM) != 0;
36} 42}
43EXPORT_SYMBOL(ethtool_op_get_tx_csum);
37 44
38int ethtool_op_set_tx_csum(struct net_device *dev, u32 data) 45int ethtool_op_set_tx_csum(struct net_device *dev, u32 data)
39{ 46{
@@ -1004,7 +1011,9 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
1004 break; 1011 break;
1005 case ETHTOOL_GRXCSUM: 1012 case ETHTOOL_GRXCSUM:
1006 rc = ethtool_get_value(dev, useraddr, ethcmd, 1013 rc = ethtool_get_value(dev, useraddr, ethcmd,
1007 dev->ethtool_ops->get_rx_csum); 1014 (dev->ethtool_ops->get_rx_csum ?
1015 dev->ethtool_ops->get_rx_csum :
1016 ethtool_op_get_rx_csum));
1008 break; 1017 break;
1009 case ETHTOOL_SRXCSUM: 1018 case ETHTOOL_SRXCSUM:
1010 rc = ethtool_set_rx_csum(dev, useraddr); 1019 rc = ethtool_set_rx_csum(dev, useraddr);
@@ -1068,7 +1077,9 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
1068 break; 1077 break;
1069 case ETHTOOL_GFLAGS: 1078 case ETHTOOL_GFLAGS:
1070 rc = ethtool_get_value(dev, useraddr, ethcmd, 1079 rc = ethtool_get_value(dev, useraddr, ethcmd,
1071 dev->ethtool_ops->get_flags); 1080 (dev->ethtool_ops->get_flags ?
1081 dev->ethtool_ops->get_flags :
1082 ethtool_op_get_flags));
1072 break; 1083 break;
1073 case ETHTOOL_SFLAGS: 1084 case ETHTOOL_SFLAGS:
1074 rc = ethtool_set_value(dev, useraddr, 1085 rc = ethtool_set_value(dev, useraddr,
@@ -1116,7 +1127,6 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
1116EXPORT_SYMBOL(ethtool_op_get_link); 1127EXPORT_SYMBOL(ethtool_op_get_link);
1117EXPORT_SYMBOL(ethtool_op_get_sg); 1128EXPORT_SYMBOL(ethtool_op_get_sg);
1118EXPORT_SYMBOL(ethtool_op_get_tso); 1129EXPORT_SYMBOL(ethtool_op_get_tso);
1119EXPORT_SYMBOL(ethtool_op_get_tx_csum);
1120EXPORT_SYMBOL(ethtool_op_set_sg); 1130EXPORT_SYMBOL(ethtool_op_set_sg);
1121EXPORT_SYMBOL(ethtool_op_set_tso); 1131EXPORT_SYMBOL(ethtool_op_set_tso);
1122EXPORT_SYMBOL(ethtool_op_set_tx_csum); 1132EXPORT_SYMBOL(ethtool_op_set_tx_csum);
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 163b4f5b0365..c6f9ad8e4c7a 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -1316,7 +1316,7 @@ void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1316} 1316}
1317EXPORT_SYMBOL(pneigh_enqueue); 1317EXPORT_SYMBOL(pneigh_enqueue);
1318 1318
1319static inline struct neigh_parms *lookup_neigh_params(struct neigh_table *tbl, 1319static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1320 struct net *net, int ifindex) 1320 struct net *net, int ifindex)
1321{ 1321{
1322 struct neigh_parms *p; 1322 struct neigh_parms *p;
@@ -1337,7 +1337,7 @@ struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1337 struct net *net = dev_net(dev); 1337 struct net *net = dev_net(dev);
1338 const struct net_device_ops *ops = dev->netdev_ops; 1338 const struct net_device_ops *ops = dev->netdev_ops;
1339 1339
1340 ref = lookup_neigh_params(tbl, net, 0); 1340 ref = lookup_neigh_parms(tbl, net, 0);
1341 if (!ref) 1341 if (!ref)
1342 return NULL; 1342 return NULL;
1343 1343
@@ -1906,7 +1906,7 @@ static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1906 if (tbp[NDTPA_IFINDEX]) 1906 if (tbp[NDTPA_IFINDEX])
1907 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]); 1907 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
1908 1908
1909 p = lookup_neigh_params(tbl, net, ifindex); 1909 p = lookup_neigh_parms(tbl, net, ifindex);
1910 if (p == NULL) { 1910 if (p == NULL) {
1911 err = -ENOENT; 1911 err = -ENOENT;
1912 goto errout_tbl_lock; 1912 goto errout_tbl_lock;
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index b7292a2719dc..ddd2cd2b1775 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -6,6 +6,8 @@
6#include <linux/delay.h> 6#include <linux/delay.h>
7#include <linux/sched.h> 7#include <linux/sched.h>
8#include <linux/idr.h> 8#include <linux/idr.h>
9#include <linux/rculist.h>
10#include <linux/nsproxy.h>
9#include <net/net_namespace.h> 11#include <net/net_namespace.h>
10#include <net/netns/generic.h> 12#include <net/netns/generic.h>
11 13
@@ -127,7 +129,7 @@ static struct net *net_create(void)
127 rv = setup_net(net); 129 rv = setup_net(net);
128 if (rv == 0) { 130 if (rv == 0) {
129 rtnl_lock(); 131 rtnl_lock();
130 list_add_tail(&net->list, &net_namespace_list); 132 list_add_tail_rcu(&net->list, &net_namespace_list);
131 rtnl_unlock(); 133 rtnl_unlock();
132 } 134 }
133 mutex_unlock(&net_mutex); 135 mutex_unlock(&net_mutex);
@@ -156,9 +158,16 @@ static void cleanup_net(struct work_struct *work)
156 158
157 /* Don't let anyone else find us. */ 159 /* Don't let anyone else find us. */
158 rtnl_lock(); 160 rtnl_lock();
159 list_del(&net->list); 161 list_del_rcu(&net->list);
160 rtnl_unlock(); 162 rtnl_unlock();
161 163
164 /*
165 * Another CPU might be rcu-iterating the list, wait for it.
166 * This needs to be before calling the exit() notifiers, so
167 * the rcu_barrier() below isn't sufficient alone.
168 */
169 synchronize_rcu();
170
162 /* Run all of the network namespace exit methods */ 171 /* Run all of the network namespace exit methods */
163 list_for_each_entry_reverse(ops, &pernet_list, list) { 172 list_for_each_entry_reverse(ops, &pernet_list, list) {
164 if (ops->exit) 173 if (ops->exit)
@@ -193,6 +202,26 @@ struct net *copy_net_ns(unsigned long flags, struct net *old_net)
193} 202}
194#endif 203#endif
195 204
205struct net *get_net_ns_by_pid(pid_t pid)
206{
207 struct task_struct *tsk;
208 struct net *net;
209
210 /* Lookup the network namespace */
211 net = ERR_PTR(-ESRCH);
212 rcu_read_lock();
213 tsk = find_task_by_vpid(pid);
214 if (tsk) {
215 struct nsproxy *nsproxy;
216 nsproxy = task_nsproxy(tsk);
217 if (nsproxy)
218 net = get_net(nsproxy->net_ns);
219 }
220 rcu_read_unlock();
221 return net;
222}
223EXPORT_SYMBOL_GPL(get_net_ns_by_pid);
224
196static int __init net_ns_init(void) 225static int __init net_ns_init(void)
197{ 226{
198 struct net_generic *ng; 227 struct net_generic *ng;
@@ -219,7 +248,7 @@ static int __init net_ns_init(void)
219 panic("Could not setup the initial network namespace"); 248 panic("Could not setup the initial network namespace");
220 249
221 rtnl_lock(); 250 rtnl_lock();
222 list_add_tail(&init_net.list, &net_namespace_list); 251 list_add_tail_rcu(&init_net.list, &net_namespace_list);
223 rtnl_unlock(); 252 rtnl_unlock();
224 253
225 mutex_unlock(&net_mutex); 254 mutex_unlock(&net_mutex);
diff --git a/net/core/netpoll.c b/net/core/netpoll.c
index df30feb2fc72..0ac309154b0d 100644
--- a/net/core/netpoll.c
+++ b/net/core/netpoll.c
@@ -9,6 +9,7 @@
9 * Copyright (C) 2002 Red Hat, Inc. 9 * Copyright (C) 2002 Red Hat, Inc.
10 */ 10 */
11 11
12#include <linux/moduleparam.h>
12#include <linux/netdevice.h> 13#include <linux/netdevice.h>
13#include <linux/etherdevice.h> 14#include <linux/etherdevice.h>
14#include <linux/string.h> 15#include <linux/string.h>
@@ -50,6 +51,9 @@ static atomic_t trapped;
50static void zap_completion_queue(void); 51static void zap_completion_queue(void);
51static void arp_reply(struct sk_buff *skb); 52static void arp_reply(struct sk_buff *skb);
52 53
54static unsigned int carrier_timeout = 4;
55module_param(carrier_timeout, uint, 0644);
56
53static void queue_process(struct work_struct *work) 57static void queue_process(struct work_struct *work)
54{ 58{
55 struct netpoll_info *npinfo = 59 struct netpoll_info *npinfo =
@@ -732,7 +736,7 @@ int netpoll_setup(struct netpoll *np)
732 } 736 }
733 737
734 atleast = jiffies + HZ/10; 738 atleast = jiffies + HZ/10;
735 atmost = jiffies + 4*HZ; 739 atmost = jiffies + carrier_timeout * HZ;
736 while (!netif_carrier_ok(ndev)) { 740 while (!netif_carrier_ok(ndev)) {
737 if (time_after(jiffies, atmost)) { 741 if (time_after(jiffies, atmost)) {
738 printk(KERN_NOTICE 742 printk(KERN_NOTICE
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index d78030f88bd0..b44775f9f2bf 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -35,7 +35,6 @@
35#include <linux/security.h> 35#include <linux/security.h>
36#include <linux/mutex.h> 36#include <linux/mutex.h>
37#include <linux/if_addr.h> 37#include <linux/if_addr.h>
38#include <linux/nsproxy.h>
39 38
40#include <asm/uaccess.h> 39#include <asm/uaccess.h>
41#include <asm/system.h> 40#include <asm/system.h>
@@ -52,6 +51,7 @@
52#include <net/pkt_sched.h> 51#include <net/pkt_sched.h>
53#include <net/fib_rules.h> 52#include <net/fib_rules.h>
54#include <net/rtnetlink.h> 53#include <net/rtnetlink.h>
54#include <net/net_namespace.h>
55 55
56struct rtnl_link 56struct rtnl_link
57{ 57{
@@ -725,25 +725,6 @@ static const struct nla_policy ifla_info_policy[IFLA_INFO_MAX+1] = {
725 [IFLA_INFO_DATA] = { .type = NLA_NESTED }, 725 [IFLA_INFO_DATA] = { .type = NLA_NESTED },
726}; 726};
727 727
728static struct net *get_net_ns_by_pid(pid_t pid)
729{
730 struct task_struct *tsk;
731 struct net *net;
732
733 /* Lookup the network namespace */
734 net = ERR_PTR(-ESRCH);
735 rcu_read_lock();
736 tsk = find_task_by_vpid(pid);
737 if (tsk) {
738 struct nsproxy *nsproxy;
739 nsproxy = task_nsproxy(tsk);
740 if (nsproxy)
741 net = get_net(nsproxy->net_ns);
742 }
743 rcu_read_unlock();
744 return net;
745}
746
747static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[]) 728static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[])
748{ 729{
749 if (dev) { 730 if (dev) {
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 9e0597d189b0..80a96166df39 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -559,9 +559,6 @@ static void __copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
559#endif 559#endif
560#endif 560#endif
561 new->vlan_tci = old->vlan_tci; 561 new->vlan_tci = old->vlan_tci;
562#if defined(CONFIG_MAC80211) || defined(CONFIG_MAC80211_MODULE)
563 new->do_not_encrypt = old->do_not_encrypt;
564#endif
565 562
566 skb_copy_secmark(new, old); 563 skb_copy_secmark(new, old);
567} 564}
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c
index 1d6ca8a98dc6..9383d3e5a1ab 100644
--- a/net/decnet/dn_route.c
+++ b/net/decnet/dn_route.c
@@ -774,7 +774,7 @@ static int dn_rt_bug(struct sk_buff *skb)
774 774
775 kfree_skb(skb); 775 kfree_skb(skb);
776 776
777 return NET_RX_BAD; 777 return NET_RX_DROP;
778} 778}
779 779
780static int dn_rt_set_next_hop(struct dn_route *rt, struct dn_fib_res *res) 780static int dn_rt_set_next_hop(struct dn_route *rt, struct dn_fib_res *res)
diff --git a/net/econet/af_econet.c b/net/econet/af_econet.c
index 2e1f836d4240..e114da7ca9b8 100644
--- a/net/econet/af_econet.c
+++ b/net/econet/af_econet.c
@@ -1072,7 +1072,7 @@ static int econet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet
1072 skb->protocol = htons(ETH_P_IP); 1072 skb->protocol = htons(ETH_P_IP);
1073 skb_pull(skb, sizeof(struct ec_framehdr)); 1073 skb_pull(skb, sizeof(struct ec_framehdr));
1074 netif_rx(skb); 1074 netif_rx(skb);
1075 return 0; 1075 return NET_RX_SUCCESS;
1076 } 1076 }
1077 1077
1078 sk = ec_listening_socket(hdr->port, hdr->src_stn, hdr->src_net); 1078 sk = ec_listening_socket(hdr->port, hdr->src_stn, hdr->src_net);
@@ -1083,7 +1083,7 @@ static int econet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet
1083 hdr->port)) 1083 hdr->port))
1084 goto drop; 1084 goto drop;
1085 1085
1086 return 0; 1086 return NET_RX_SUCCESS;
1087 1087
1088drop: 1088drop:
1089 kfree_skb(skb); 1089 kfree_skb(skb);
diff --git a/net/ieee802154/af_ieee802154.c b/net/ieee802154/af_ieee802154.c
index 3bb6bdb1dac1..69c8d9207aa7 100644
--- a/net/ieee802154/af_ieee802154.c
+++ b/net/ieee802154/af_ieee802154.c
@@ -34,8 +34,8 @@
34#include <net/tcp_states.h> 34#include <net/tcp_states.h>
35#include <net/route.h> 35#include <net/route.h>
36 36
37#include <net/ieee802154/af_ieee802154.h> 37#include <net/af_ieee802154.h>
38#include <net/ieee802154/netdevice.h> 38#include <net/ieee802154_netdev.h>
39 39
40#include "af802154.h" 40#include "af802154.h"
41 41
diff --git a/net/ieee802154/dgram.c b/net/ieee802154/dgram.c
index 14d39840dd62..53dd912d52b4 100644
--- a/net/ieee802154/dgram.c
+++ b/net/ieee802154/dgram.c
@@ -26,9 +26,9 @@
26#include <linux/if_arp.h> 26#include <linux/if_arp.h>
27#include <linux/list.h> 27#include <linux/list.h>
28#include <net/sock.h> 28#include <net/sock.h>
29#include <net/ieee802154/af_ieee802154.h> 29#include <net/af_ieee802154.h>
30#include <net/ieee802154/mac_def.h> 30#include <net/ieee802154.h>
31#include <net/ieee802154/netdevice.h> 31#include <net/ieee802154_netdev.h>
32 32
33#include <asm/ioctls.h> 33#include <asm/ioctls.h>
34 34
diff --git a/net/ieee802154/netlink.c b/net/ieee802154/netlink.c
index 27eda9fdf3c2..a615b9d13212 100644
--- a/net/ieee802154/netlink.c
+++ b/net/ieee802154/netlink.c
@@ -27,9 +27,9 @@
27#include <net/netlink.h> 27#include <net/netlink.h>
28#include <net/genetlink.h> 28#include <net/genetlink.h>
29#include <linux/nl802154.h> 29#include <linux/nl802154.h>
30#include <net/ieee802154/af_ieee802154.h> 30#include <net/af_ieee802154.h>
31#include <net/ieee802154/nl802154.h> 31#include <net/nl802154.h>
32#include <net/ieee802154/netdevice.h> 32#include <net/ieee802154_netdev.h>
33 33
34static unsigned int ieee802154_seq_num; 34static unsigned int ieee802154_seq_num;
35 35
diff --git a/net/ieee802154/raw.c b/net/ieee802154/raw.c
index fca44d59f97e..ea8d1f15206e 100644
--- a/net/ieee802154/raw.c
+++ b/net/ieee802154/raw.c
@@ -26,7 +26,7 @@
26#include <linux/if_arp.h> 26#include <linux/if_arp.h>
27#include <linux/list.h> 27#include <linux/list.h>
28#include <net/sock.h> 28#include <net/sock.h>
29#include <net/ieee802154/af_ieee802154.h> 29#include <net/af_ieee802154.h>
30 30
31#include "af802154.h" 31#include "af802154.h"
32 32
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 566ea6c4321d..197d024b2536 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1187,6 +1187,7 @@ static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features)
1187 int proto; 1187 int proto;
1188 int ihl; 1188 int ihl;
1189 int id; 1189 int id;
1190 unsigned int offset = 0;
1190 1191
1191 if (!(features & NETIF_F_V4_CSUM)) 1192 if (!(features & NETIF_F_V4_CSUM))
1192 features &= ~NETIF_F_SG; 1193 features &= ~NETIF_F_SG;
@@ -1229,7 +1230,14 @@ static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features)
1229 skb = segs; 1230 skb = segs;
1230 do { 1231 do {
1231 iph = ip_hdr(skb); 1232 iph = ip_hdr(skb);
1232 iph->id = htons(id++); 1233 if (proto == IPPROTO_UDP) {
1234 iph->id = htons(id);
1235 iph->frag_off = htons(offset >> 3);
1236 if (skb->next != NULL)
1237 iph->frag_off |= htons(IP_MF);
1238 offset += (skb->len - skb->mac_len - iph->ihl * 4);
1239 } else
1240 iph->id = htons(id++);
1233 iph->tot_len = htons(skb->len - skb->mac_len); 1241 iph->tot_len = htons(skb->len - skb->mac_len);
1234 iph->check = 0; 1242 iph->check = 0;
1235 iph->check = ip_fast_csum(skb_network_header(skb), iph->ihl); 1243 iph->check = ip_fast_csum(skb_network_header(skb), iph->ihl);
@@ -1425,6 +1433,8 @@ static struct net_protocol tcp_protocol = {
1425static struct net_protocol udp_protocol = { 1433static struct net_protocol udp_protocol = {
1426 .handler = udp_rcv, 1434 .handler = udp_rcv,
1427 .err_handler = udp_err, 1435 .err_handler = udp_err,
1436 .gso_send_check = udp4_ufo_send_check,
1437 .gso_segment = udp4_ufo_fragment,
1428 .no_policy = 1, 1438 .no_policy = 1,
1429 .netns_ok = 1, 1439 .netns_ok = 1,
1430}; 1440};
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index 63c2fa7b68c4..d58b49115386 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -164,6 +164,14 @@ static struct tnode *inflate(struct trie *t, struct tnode *tn);
164static struct tnode *halve(struct trie *t, struct tnode *tn); 164static struct tnode *halve(struct trie *t, struct tnode *tn);
165/* tnodes to free after resize(); protected by RTNL */ 165/* tnodes to free after resize(); protected by RTNL */
166static struct tnode *tnode_free_head; 166static struct tnode *tnode_free_head;
167static size_t tnode_free_size;
168
169/*
170 * synchronize_rcu after call_rcu for that many pages; it should be especially
171 * useful before resizing the root node with PREEMPT_NONE configs; the value was
172 * obtained experimentally, aiming to avoid visible slowdown.
173 */
174static const int sync_pages = 128;
167 175
168static struct kmem_cache *fn_alias_kmem __read_mostly; 176static struct kmem_cache *fn_alias_kmem __read_mostly;
169static struct kmem_cache *trie_leaf_kmem __read_mostly; 177static struct kmem_cache *trie_leaf_kmem __read_mostly;
@@ -319,6 +327,8 @@ static const int inflate_threshold = 50;
319static const int halve_threshold_root = 15; 327static const int halve_threshold_root = 15;
320static const int inflate_threshold_root = 25; 328static const int inflate_threshold_root = 25;
321 329
330static int inflate_threshold_root_fix;
331#define INFLATE_FIX_MAX 10 /* a comment in resize() */
322 332
323static void __alias_free_mem(struct rcu_head *head) 333static void __alias_free_mem(struct rcu_head *head)
324{ 334{
@@ -393,6 +403,8 @@ static void tnode_free_safe(struct tnode *tn)
393 BUG_ON(IS_LEAF(tn)); 403 BUG_ON(IS_LEAF(tn));
394 tn->tnode_free = tnode_free_head; 404 tn->tnode_free = tnode_free_head;
395 tnode_free_head = tn; 405 tnode_free_head = tn;
406 tnode_free_size += sizeof(struct tnode) +
407 (sizeof(struct node *) << tn->bits);
396} 408}
397 409
398static void tnode_free_flush(void) 410static void tnode_free_flush(void)
@@ -404,6 +416,11 @@ static void tnode_free_flush(void)
404 tn->tnode_free = NULL; 416 tn->tnode_free = NULL;
405 tnode_free(tn); 417 tnode_free(tn);
406 } 418 }
419
420 if (tnode_free_size >= PAGE_SIZE * sync_pages) {
421 tnode_free_size = 0;
422 synchronize_rcu();
423 }
407} 424}
408 425
409static struct leaf *leaf_new(void) 426static struct leaf *leaf_new(void)
@@ -602,7 +619,8 @@ static struct node *resize(struct trie *t, struct tnode *tn)
602 /* Keep root node larger */ 619 /* Keep root node larger */
603 620
604 if (!tn->parent) 621 if (!tn->parent)
605 inflate_threshold_use = inflate_threshold_root; 622 inflate_threshold_use = inflate_threshold_root +
623 inflate_threshold_root_fix;
606 else 624 else
607 inflate_threshold_use = inflate_threshold; 625 inflate_threshold_use = inflate_threshold;
608 626
@@ -626,15 +644,27 @@ static struct node *resize(struct trie *t, struct tnode *tn)
626 } 644 }
627 645
628 if (max_resize < 0) { 646 if (max_resize < 0) {
629 if (!tn->parent) 647 if (!tn->parent) {
630 pr_warning("Fix inflate_threshold_root." 648 /*
631 " Now=%d size=%d bits\n", 649 * It was observed that during large updates even
632 inflate_threshold_root, tn->bits); 650 * inflate_threshold_root = 35 might be needed to avoid
633 else 651 * this warning; but it should be temporary, so let's
652 * try to handle this automatically.
653 */
654 if (inflate_threshold_root_fix < INFLATE_FIX_MAX)
655 inflate_threshold_root_fix++;
656 else
657 pr_warning("Fix inflate_threshold_root."
658 " Now=%d size=%d bits fix=%d\n",
659 inflate_threshold_root, tn->bits,
660 inflate_threshold_root_fix);
661 } else {
634 pr_warning("Fix inflate_threshold." 662 pr_warning("Fix inflate_threshold."
635 " Now=%d size=%d bits\n", 663 " Now=%d size=%d bits\n",
636 inflate_threshold, tn->bits); 664 inflate_threshold, tn->bits);
637 } 665 }
666 } else if (max_resize > 3 && !tn->parent && inflate_threshold_root_fix)
667 inflate_threshold_root_fix--;
638 668
639 check_tnode(tn); 669 check_tnode(tn);
640 670
@@ -1435,7 +1465,7 @@ static int fn_trie_lookup(struct fib_table *tb, const struct flowi *flp,
1435 cindex = tkey_extract_bits(mask_pfx(key, current_prefix_length), 1465 cindex = tkey_extract_bits(mask_pfx(key, current_prefix_length),
1436 pos, bits); 1466 pos, bits);
1437 1467
1438 n = tnode_get_child(pn, cindex); 1468 n = tnode_get_child_rcu(pn, cindex);
1439 1469
1440 if (n == NULL) { 1470 if (n == NULL) {
1441#ifdef CONFIG_IP_FIB_TRIE_STATS 1471#ifdef CONFIG_IP_FIB_TRIE_STATS
@@ -1570,7 +1600,7 @@ backtrace:
1570 if (chopped_off <= pn->bits) { 1600 if (chopped_off <= pn->bits) {
1571 cindex &= ~(1 << (chopped_off-1)); 1601 cindex &= ~(1 << (chopped_off-1));
1572 } else { 1602 } else {
1573 struct tnode *parent = node_parent((struct node *) pn); 1603 struct tnode *parent = node_parent_rcu((struct node *) pn);
1574 if (!parent) 1604 if (!parent)
1575 goto failed; 1605 goto failed;
1576 1606
@@ -1783,7 +1813,7 @@ static struct leaf *trie_firstleaf(struct trie *t)
1783static struct leaf *trie_nextleaf(struct leaf *l) 1813static struct leaf *trie_nextleaf(struct leaf *l)
1784{ 1814{
1785 struct node *c = (struct node *) l; 1815 struct node *c = (struct node *) l;
1786 struct tnode *p = node_parent(c); 1816 struct tnode *p = node_parent_rcu(c);
1787 1817
1788 if (!p) 1818 if (!p)
1789 return NULL; /* trie with just one leaf */ 1819 return NULL; /* trie with just one leaf */
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index cb4a0f4bd5e5..b902ef55be7f 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -821,7 +821,7 @@ static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
821 stats->tx_dropped++; 821 stats->tx_dropped++;
822 dev_kfree_skb(skb); 822 dev_kfree_skb(skb);
823 tunnel->recursion--; 823 tunnel->recursion--;
824 return 0; 824 return NETDEV_TX_OK;
825 } 825 }
826 if (skb->sk) 826 if (skb->sk)
827 skb_set_owner_w(new_skb, skb->sk); 827 skb_set_owner_w(new_skb, skb->sk);
@@ -889,7 +889,7 @@ static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
889 889
890 IPTUNNEL_XMIT(); 890 IPTUNNEL_XMIT();
891 tunnel->recursion--; 891 tunnel->recursion--;
892 return 0; 892 return NETDEV_TX_OK;
893 893
894tx_error_icmp: 894tx_error_icmp:
895 dst_link_failure(skb); 895 dst_link_failure(skb);
@@ -898,7 +898,7 @@ tx_error:
898 stats->tx_errors++; 898 stats->tx_errors++;
899 dev_kfree_skb(skb); 899 dev_kfree_skb(skb);
900 tunnel->recursion--; 900 tunnel->recursion--;
901 return 0; 901 return NETDEV_TX_OK;
902} 902}
903 903
904static int ipgre_tunnel_bind_dev(struct net_device *dev) 904static int ipgre_tunnel_bind_dev(struct net_device *dev)
diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c
index 93e2b787da20..98075b6d619c 100644
--- a/net/ipv4/ipip.c
+++ b/net/ipv4/ipip.c
@@ -486,7 +486,7 @@ static int ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
486 stats->tx_dropped++; 486 stats->tx_dropped++;
487 dev_kfree_skb(skb); 487 dev_kfree_skb(skb);
488 tunnel->recursion--; 488 tunnel->recursion--;
489 return 0; 489 return NETDEV_TX_OK;
490 } 490 }
491 if (skb->sk) 491 if (skb->sk)
492 skb_set_owner_w(new_skb, skb->sk); 492 skb_set_owner_w(new_skb, skb->sk);
@@ -524,7 +524,7 @@ static int ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
524 524
525 IPTUNNEL_XMIT(); 525 IPTUNNEL_XMIT();
526 tunnel->recursion--; 526 tunnel->recursion--;
527 return 0; 527 return NETDEV_TX_OK;
528 528
529tx_error_icmp: 529tx_error_icmp:
530 dst_link_failure(skb); 530 dst_link_failure(skb);
@@ -532,7 +532,7 @@ tx_error:
532 stats->tx_errors++; 532 stats->tx_errors++;
533 dev_kfree_skb(skb); 533 dev_kfree_skb(skb);
534 tunnel->recursion--; 534 tunnel->recursion--;
535 return 0; 535 return NETDEV_TX_OK;
536} 536}
537 537
538static void ipip_tunnel_bind_dev(struct net_device *dev) 538static void ipip_tunnel_bind_dev(struct net_device *dev)
diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
index 9a8da5ed92b7..06c33fb6b321 100644
--- a/net/ipv4/ipmr.c
+++ b/net/ipv4/ipmr.c
@@ -212,7 +212,7 @@ static int reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
212 IGMPMSG_WHOLEPKT); 212 IGMPMSG_WHOLEPKT);
213 read_unlock(&mrt_lock); 213 read_unlock(&mrt_lock);
214 kfree_skb(skb); 214 kfree_skb(skb);
215 return 0; 215 return NETDEV_TX_OK;
216} 216}
217 217
218static const struct net_device_ops reg_vif_netdev_ops = { 218static const struct net_device_ops reg_vif_netdev_ops = {
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 278f46f5011b..fafbe163e2b5 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -3442,7 +3442,7 @@ int __init ip_rt_init(void)
3442 printk(KERN_ERR "Unable to create route proc files\n"); 3442 printk(KERN_ERR "Unable to create route proc files\n");
3443#ifdef CONFIG_XFRM 3443#ifdef CONFIG_XFRM
3444 xfrm_init(); 3444 xfrm_init();
3445 xfrm4_init(); 3445 xfrm4_init(ip_rt_max_size);
3446#endif 3446#endif
3447 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL); 3447 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
3448 3448
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index bd62712848fa..4e004424d400 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -59,6 +59,7 @@ int sysctl_tcp_base_mss __read_mostly = 512;
59/* By default, RFC2861 behavior. */ 59/* By default, RFC2861 behavior. */
60int sysctl_tcp_slow_start_after_idle __read_mostly = 1; 60int sysctl_tcp_slow_start_after_idle __read_mostly = 1;
61 61
62/* Account for new data that has been sent to the network. */
62static void tcp_event_new_data_sent(struct sock *sk, struct sk_buff *skb) 63static void tcp_event_new_data_sent(struct sock *sk, struct sk_buff *skb)
63{ 64{
64 struct tcp_sock *tp = tcp_sk(sk); 65 struct tcp_sock *tp = tcp_sk(sk);
@@ -142,6 +143,7 @@ static void tcp_cwnd_restart(struct sock *sk, struct dst_entry *dst)
142 tp->snd_cwnd_used = 0; 143 tp->snd_cwnd_used = 0;
143} 144}
144 145
146/* Congestion state accounting after a packet has been sent. */
145static void tcp_event_data_sent(struct tcp_sock *tp, 147static void tcp_event_data_sent(struct tcp_sock *tp,
146 struct sk_buff *skb, struct sock *sk) 148 struct sk_buff *skb, struct sock *sk)
147{ 149{
@@ -161,6 +163,7 @@ static void tcp_event_data_sent(struct tcp_sock *tp,
161 icsk->icsk_ack.pingpong = 1; 163 icsk->icsk_ack.pingpong = 1;
162} 164}
163 165
166/* Account for an ACK we sent. */
164static inline void tcp_event_ack_sent(struct sock *sk, unsigned int pkts) 167static inline void tcp_event_ack_sent(struct sock *sk, unsigned int pkts)
165{ 168{
166 tcp_dec_quickack_mode(sk, pkts); 169 tcp_dec_quickack_mode(sk, pkts);
@@ -276,6 +279,7 @@ static u16 tcp_select_window(struct sock *sk)
276 return new_win; 279 return new_win;
277} 280}
278 281
282/* Packet ECN state for a SYN-ACK */
279static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb) 283static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb)
280{ 284{
281 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_CWR; 285 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_CWR;
@@ -283,6 +287,7 @@ static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb)
283 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_ECE; 287 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_ECE;
284} 288}
285 289
290/* Packet ECN state for a SYN. */
286static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb) 291static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb)
287{ 292{
288 struct tcp_sock *tp = tcp_sk(sk); 293 struct tcp_sock *tp = tcp_sk(sk);
@@ -301,6 +306,9 @@ TCP_ECN_make_synack(struct request_sock *req, struct tcphdr *th)
301 th->ece = 1; 306 th->ece = 1;
302} 307}
303 308
309/* Set up ECN state for a packet on a ESTABLISHED socket that is about to
310 * be sent.
311 */
304static inline void TCP_ECN_send(struct sock *sk, struct sk_buff *skb, 312static inline void TCP_ECN_send(struct sock *sk, struct sk_buff *skb,
305 int tcp_header_len) 313 int tcp_header_len)
306{ 314{
@@ -362,7 +370,9 @@ struct tcp_out_options {
362 __u32 tsval, tsecr; /* need to include OPTION_TS */ 370 __u32 tsval, tsecr; /* need to include OPTION_TS */
363}; 371};
364 372
365/* Beware: Something in the Internet is very sensitive to the ordering of 373/* Write previously computed TCP options to the packet.
374 *
375 * Beware: Something in the Internet is very sensitive to the ordering of
366 * TCP options, we learned this through the hard way, so be careful here. 376 * TCP options, we learned this through the hard way, so be careful here.
367 * Luckily we can at least blame others for their non-compliance but from 377 * Luckily we can at least blame others for their non-compliance but from
368 * inter-operatibility perspective it seems that we're somewhat stuck with 378 * inter-operatibility perspective it seems that we're somewhat stuck with
@@ -445,6 +455,9 @@ static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp,
445 } 455 }
446} 456}
447 457
458/* Compute TCP options for SYN packets. This is not the final
459 * network wire format yet.
460 */
448static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb, 461static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb,
449 struct tcp_out_options *opts, 462 struct tcp_out_options *opts,
450 struct tcp_md5sig_key **md5) { 463 struct tcp_md5sig_key **md5) {
@@ -493,6 +506,7 @@ static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb,
493 return size; 506 return size;
494} 507}
495 508
509/* Set up TCP options for SYN-ACKs. */
496static unsigned tcp_synack_options(struct sock *sk, 510static unsigned tcp_synack_options(struct sock *sk,
497 struct request_sock *req, 511 struct request_sock *req,
498 unsigned mss, struct sk_buff *skb, 512 unsigned mss, struct sk_buff *skb,
@@ -541,6 +555,9 @@ static unsigned tcp_synack_options(struct sock *sk,
541 return size; 555 return size;
542} 556}
543 557
558/* Compute TCP options for ESTABLISHED sockets. This is not the
559 * final wire format yet.
560 */
544static unsigned tcp_established_options(struct sock *sk, struct sk_buff *skb, 561static unsigned tcp_established_options(struct sock *sk, struct sk_buff *skb,
545 struct tcp_out_options *opts, 562 struct tcp_out_options *opts,
546 struct tcp_md5sig_key **md5) { 563 struct tcp_md5sig_key **md5) {
@@ -705,7 +722,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it,
705 return net_xmit_eval(err); 722 return net_xmit_eval(err);
706} 723}
707 724
708/* This routine just queue's the buffer 725/* This routine just queues the buffer for sending.
709 * 726 *
710 * NOTE: probe0 timer is not checked, do not forget tcp_push_pending_frames, 727 * NOTE: probe0 timer is not checked, do not forget tcp_push_pending_frames,
711 * otherwise socket can stall. 728 * otherwise socket can stall.
@@ -722,6 +739,7 @@ static void tcp_queue_skb(struct sock *sk, struct sk_buff *skb)
722 sk_mem_charge(sk, skb->truesize); 739 sk_mem_charge(sk, skb->truesize);
723} 740}
724 741
742/* Initialize TSO segments for a packet. */
725static void tcp_set_skb_tso_segs(struct sock *sk, struct sk_buff *skb, 743static void tcp_set_skb_tso_segs(struct sock *sk, struct sk_buff *skb,
726 unsigned int mss_now) 744 unsigned int mss_now)
727{ 745{
@@ -909,6 +927,7 @@ static void __pskb_trim_head(struct sk_buff *skb, int len)
909 skb->len = skb->data_len; 927 skb->len = skb->data_len;
910} 928}
911 929
930/* Remove acked data from a packet in the transmit queue. */
912int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len) 931int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len)
913{ 932{
914 if (skb_cloned(skb) && pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) 933 if (skb_cloned(skb) && pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
@@ -937,7 +956,7 @@ int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len)
937 return 0; 956 return 0;
938} 957}
939 958
940/* Not accounting for SACKs here. */ 959/* Calculate MSS. Not accounting for SACKs here. */
941int tcp_mtu_to_mss(struct sock *sk, int pmtu) 960int tcp_mtu_to_mss(struct sock *sk, int pmtu)
942{ 961{
943 struct tcp_sock *tp = tcp_sk(sk); 962 struct tcp_sock *tp = tcp_sk(sk);
@@ -981,6 +1000,7 @@ int tcp_mss_to_mtu(struct sock *sk, int mss)
981 return mtu; 1000 return mtu;
982} 1001}
983 1002
1003/* MTU probing init per socket */
984void tcp_mtup_init(struct sock *sk) 1004void tcp_mtup_init(struct sock *sk)
985{ 1005{
986 struct tcp_sock *tp = tcp_sk(sk); 1006 struct tcp_sock *tp = tcp_sk(sk);
@@ -1143,7 +1163,8 @@ static inline unsigned int tcp_cwnd_test(struct tcp_sock *tp,
1143 return 0; 1163 return 0;
1144} 1164}
1145 1165
1146/* This must be invoked the first time we consider transmitting 1166/* Intialize TSO state of a skb.
1167 * This must be invoked the first time we consider transmitting
1147 * SKB onto the wire. 1168 * SKB onto the wire.
1148 */ 1169 */
1149static int tcp_init_tso_segs(struct sock *sk, struct sk_buff *skb, 1170static int tcp_init_tso_segs(struct sock *sk, struct sk_buff *skb,
@@ -1158,6 +1179,7 @@ static int tcp_init_tso_segs(struct sock *sk, struct sk_buff *skb,
1158 return tso_segs; 1179 return tso_segs;
1159} 1180}
1160 1181
1182/* Minshall's variant of the Nagle send check. */
1161static inline int tcp_minshall_check(const struct tcp_sock *tp) 1183static inline int tcp_minshall_check(const struct tcp_sock *tp)
1162{ 1184{
1163 return after(tp->snd_sml, tp->snd_una) && 1185 return after(tp->snd_sml, tp->snd_una) &&
@@ -1242,6 +1264,7 @@ static unsigned int tcp_snd_test(struct sock *sk, struct sk_buff *skb,
1242 return cwnd_quota; 1264 return cwnd_quota;
1243} 1265}
1244 1266
1267/* Test if sending is allowed right now. */
1245int tcp_may_send_now(struct sock *sk) 1268int tcp_may_send_now(struct sock *sk)
1246{ 1269{
1247 struct tcp_sock *tp = tcp_sk(sk); 1270 struct tcp_sock *tp = tcp_sk(sk);
@@ -1378,6 +1401,10 @@ send_now:
1378} 1401}
1379 1402
1380/* Create a new MTU probe if we are ready. 1403/* Create a new MTU probe if we are ready.
1404 * MTU probe is regularly attempting to increase the path MTU by
1405 * deliberately sending larger packets. This discovers routing
1406 * changes resulting in larger path MTUs.
1407 *
1381 * Returns 0 if we should wait to probe (no cwnd available), 1408 * Returns 0 if we should wait to probe (no cwnd available),
1382 * 1 if a probe was sent, 1409 * 1 if a probe was sent,
1383 * -1 otherwise 1410 * -1 otherwise
@@ -1790,6 +1817,7 @@ static void tcp_collapse_retrans(struct sock *sk, struct sk_buff *skb)
1790 sk_wmem_free_skb(sk, next_skb); 1817 sk_wmem_free_skb(sk, next_skb);
1791} 1818}
1792 1819
1820/* Check if coalescing SKBs is legal. */
1793static int tcp_can_collapse(struct sock *sk, struct sk_buff *skb) 1821static int tcp_can_collapse(struct sock *sk, struct sk_buff *skb)
1794{ 1822{
1795 if (tcp_skb_pcount(skb) > 1) 1823 if (tcp_skb_pcount(skb) > 1)
@@ -1808,6 +1836,9 @@ static int tcp_can_collapse(struct sock *sk, struct sk_buff *skb)
1808 return 1; 1836 return 1;
1809} 1837}
1810 1838
1839/* Collapse packets in the retransmit queue to make to create
1840 * less packets on the wire. This is only done on retransmission.
1841 */
1811static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to, 1842static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to,
1812 int space) 1843 int space)
1813{ 1844{
@@ -1957,6 +1988,9 @@ int tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb)
1957 return err; 1988 return err;
1958} 1989}
1959 1990
1991/* Check if we forward retransmits are possible in the current
1992 * window/congestion state.
1993 */
1960static int tcp_can_forward_retransmit(struct sock *sk) 1994static int tcp_can_forward_retransmit(struct sock *sk)
1961{ 1995{
1962 const struct inet_connection_sock *icsk = inet_csk(sk); 1996 const struct inet_connection_sock *icsk = inet_csk(sk);
@@ -2145,7 +2179,8 @@ void tcp_send_active_reset(struct sock *sk, gfp_t priority)
2145 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTRSTS); 2179 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTRSTS);
2146} 2180}
2147 2181
2148/* WARNING: This routine must only be called when we have already sent 2182/* Send a crossed SYN-ACK during socket establishment.
2183 * WARNING: This routine must only be called when we have already sent
2149 * a SYN packet that crossed the incoming SYN that caused this routine 2184 * a SYN packet that crossed the incoming SYN that caused this routine
2150 * to get called. If this assumption fails then the initial rcv_wnd 2185 * to get called. If this assumption fails then the initial rcv_wnd
2151 * and rcv_wscale values will not be correct. 2186 * and rcv_wscale values will not be correct.
@@ -2180,9 +2215,7 @@ int tcp_send_synack(struct sock *sk)
2180 return tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC); 2215 return tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC);
2181} 2216}
2182 2217
2183/* 2218/* Prepare a SYN-ACK. */
2184 * Prepare a SYN-ACK.
2185 */
2186struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, 2219struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2187 struct request_sock *req) 2220 struct request_sock *req)
2188{ 2221{
@@ -2269,9 +2302,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2269 return skb; 2302 return skb;
2270} 2303}
2271 2304
2272/* 2305/* Do all connect socket setups that can be done AF independent. */
2273 * Do all connect socket setups that can be done AF independent.
2274 */
2275static void tcp_connect_init(struct sock *sk) 2306static void tcp_connect_init(struct sock *sk)
2276{ 2307{
2277 struct dst_entry *dst = __sk_dst_get(sk); 2308 struct dst_entry *dst = __sk_dst_get(sk);
@@ -2330,9 +2361,7 @@ static void tcp_connect_init(struct sock *sk)
2330 tcp_clear_retrans(tp); 2361 tcp_clear_retrans(tp);
2331} 2362}
2332 2363
2333/* 2364/* Build a SYN and send it off. */
2334 * Build a SYN and send it off.
2335 */
2336int tcp_connect(struct sock *sk) 2365int tcp_connect(struct sock *sk)
2337{ 2366{
2338 struct tcp_sock *tp = tcp_sk(sk); 2367 struct tcp_sock *tp = tcp_sk(sk);
@@ -2493,6 +2522,7 @@ static int tcp_xmit_probe_skb(struct sock *sk, int urgent)
2493 return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC); 2522 return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC);
2494} 2523}
2495 2524
2525/* Initiate keepalive or window probe from timer. */
2496int tcp_write_wakeup(struct sock *sk) 2526int tcp_write_wakeup(struct sock *sk)
2497{ 2527{
2498 struct tcp_sock *tp = tcp_sk(sk); 2528 struct tcp_sock *tp = tcp_sk(sk);
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 80e3812837ad..29ebb0d27a1e 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -110,11 +110,12 @@ struct udp_table udp_table;
110EXPORT_SYMBOL(udp_table); 110EXPORT_SYMBOL(udp_table);
111 111
112int sysctl_udp_mem[3] __read_mostly; 112int sysctl_udp_mem[3] __read_mostly;
113int sysctl_udp_rmem_min __read_mostly;
114int sysctl_udp_wmem_min __read_mostly;
115
116EXPORT_SYMBOL(sysctl_udp_mem); 113EXPORT_SYMBOL(sysctl_udp_mem);
114
115int sysctl_udp_rmem_min __read_mostly;
117EXPORT_SYMBOL(sysctl_udp_rmem_min); 116EXPORT_SYMBOL(sysctl_udp_rmem_min);
117
118int sysctl_udp_wmem_min __read_mostly;
118EXPORT_SYMBOL(sysctl_udp_wmem_min); 119EXPORT_SYMBOL(sysctl_udp_wmem_min);
119 120
120atomic_t udp_memory_allocated; 121atomic_t udp_memory_allocated;
@@ -158,7 +159,7 @@ static int udp_lib_lport_inuse(struct net *net, __u16 num,
158 */ 159 */
159int udp_lib_get_port(struct sock *sk, unsigned short snum, 160int udp_lib_get_port(struct sock *sk, unsigned short snum,
160 int (*saddr_comp)(const struct sock *sk1, 161 int (*saddr_comp)(const struct sock *sk1,
161 const struct sock *sk2 ) ) 162 const struct sock *sk2))
162{ 163{
163 struct udp_hslot *hslot; 164 struct udp_hslot *hslot;
164 struct udp_table *udptable = sk->sk_prot->h.udp_table; 165 struct udp_table *udptable = sk->sk_prot->h.udp_table;
@@ -221,14 +222,15 @@ fail_unlock:
221fail: 222fail:
222 return error; 223 return error;
223} 224}
225EXPORT_SYMBOL(udp_lib_get_port);
224 226
225static int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2) 227static int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
226{ 228{
227 struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2); 229 struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2);
228 230
229 return ( !ipv6_only_sock(sk2) && 231 return (!ipv6_only_sock(sk2) &&
230 (!inet1->rcv_saddr || !inet2->rcv_saddr || 232 (!inet1->rcv_saddr || !inet2->rcv_saddr ||
231 inet1->rcv_saddr == inet2->rcv_saddr )); 233 inet1->rcv_saddr == inet2->rcv_saddr));
232} 234}
233 235
234int udp_v4_get_port(struct sock *sk, unsigned short snum) 236int udp_v4_get_port(struct sock *sk, unsigned short snum)
@@ -383,8 +385,8 @@ found:
383void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable) 385void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable)
384{ 386{
385 struct inet_sock *inet; 387 struct inet_sock *inet;
386 struct iphdr *iph = (struct iphdr*)skb->data; 388 struct iphdr *iph = (struct iphdr *)skb->data;
387 struct udphdr *uh = (struct udphdr*)(skb->data+(iph->ihl<<2)); 389 struct udphdr *uh = (struct udphdr *)(skb->data+(iph->ihl<<2));
388 const int type = icmp_hdr(skb)->type; 390 const int type = icmp_hdr(skb)->type;
389 const int code = icmp_hdr(skb)->code; 391 const int code = icmp_hdr(skb)->code;
390 struct sock *sk; 392 struct sock *sk;
@@ -439,7 +441,7 @@ void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable)
439 if (!harderr || sk->sk_state != TCP_ESTABLISHED) 441 if (!harderr || sk->sk_state != TCP_ESTABLISHED)
440 goto out; 442 goto out;
441 } else { 443 } else {
442 ip_icmp_error(sk, skb, err, uh->dest, info, (u8*)(uh+1)); 444 ip_icmp_error(sk, skb, err, uh->dest, info, (u8 *)(uh+1));
443 } 445 }
444 sk->sk_err = err; 446 sk->sk_err = err;
445 sk->sk_error_report(sk); 447 sk->sk_error_report(sk);
@@ -474,7 +476,7 @@ EXPORT_SYMBOL(udp_flush_pending_frames);
474 * (checksum field must be zeroed out) 476 * (checksum field must be zeroed out)
475 */ 477 */
476static void udp4_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb, 478static void udp4_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb,
477 __be32 src, __be32 dst, int len ) 479 __be32 src, __be32 dst, int len)
478{ 480{
479 unsigned int offset; 481 unsigned int offset;
480 struct udphdr *uh = udp_hdr(skb); 482 struct udphdr *uh = udp_hdr(skb);
@@ -545,7 +547,7 @@ static int udp_push_pending_frames(struct sock *sk)
545 547
546 } else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */ 548 } else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */
547 549
548 udp4_hwcsum_outgoing(sk, skb, fl->fl4_src,fl->fl4_dst, up->len); 550 udp4_hwcsum_outgoing(sk, skb, fl->fl4_src, fl->fl4_dst, up->len);
549 goto send; 551 goto send;
550 552
551 } else /* `normal' UDP */ 553 } else /* `normal' UDP */
@@ -553,7 +555,7 @@ static int udp_push_pending_frames(struct sock *sk)
553 555
554 /* add protocol-dependent pseudo-header */ 556 /* add protocol-dependent pseudo-header */
555 uh->check = csum_tcpudp_magic(fl->fl4_src, fl->fl4_dst, up->len, 557 uh->check = csum_tcpudp_magic(fl->fl4_src, fl->fl4_dst, up->len,
556 sk->sk_protocol, csum ); 558 sk->sk_protocol, csum);
557 if (uh->check == 0) 559 if (uh->check == 0)
558 uh->check = CSUM_MANGLED_0; 560 uh->check = CSUM_MANGLED_0;
559 561
@@ -592,7 +594,7 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
592 * Check the flags. 594 * Check the flags.
593 */ 595 */
594 596
595 if (msg->msg_flags&MSG_OOB) /* Mirror BSD error message compatibility */ 597 if (msg->msg_flags & MSG_OOB) /* Mirror BSD error message compatibility */
596 return -EOPNOTSUPP; 598 return -EOPNOTSUPP;
597 599
598 ipc.opt = NULL; 600 ipc.opt = NULL;
@@ -619,7 +621,7 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
619 * Get and verify the address. 621 * Get and verify the address.
620 */ 622 */
621 if (msg->msg_name) { 623 if (msg->msg_name) {
622 struct sockaddr_in * usin = (struct sockaddr_in*)msg->msg_name; 624 struct sockaddr_in * usin = (struct sockaddr_in *)msg->msg_name;
623 if (msg->msg_namelen < sizeof(*usin)) 625 if (msg->msg_namelen < sizeof(*usin))
624 return -EINVAL; 626 return -EINVAL;
625 if (usin->sin_family != AF_INET) { 627 if (usin->sin_family != AF_INET) {
@@ -684,7 +686,7 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
684 } 686 }
685 687
686 if (connected) 688 if (connected)
687 rt = (struct rtable*)sk_dst_check(sk, 0); 689 rt = (struct rtable *)sk_dst_check(sk, 0);
688 690
689 if (rt == NULL) { 691 if (rt == NULL) {
690 struct flowi fl = { .oif = ipc.oif, 692 struct flowi fl = { .oif = ipc.oif,
@@ -782,6 +784,7 @@ do_confirm:
782 err = 0; 784 err = 0;
783 goto out; 785 goto out;
784} 786}
787EXPORT_SYMBOL(udp_sendmsg);
785 788
786int udp_sendpage(struct sock *sk, struct page *page, int offset, 789int udp_sendpage(struct sock *sk, struct page *page, int offset,
787 size_t size, int flags) 790 size_t size, int flags)
@@ -871,6 +874,7 @@ int udp_ioctl(struct sock *sk, int cmd, unsigned long arg)
871 874
872 return 0; 875 return 0;
873} 876}
877EXPORT_SYMBOL(udp_ioctl);
874 878
875/* 879/*
876 * This should be easy, if there is something there we 880 * This should be easy, if there is something there we
@@ -892,7 +896,7 @@ int udp_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
892 * Check any passed addresses 896 * Check any passed addresses
893 */ 897 */
894 if (addr_len) 898 if (addr_len)
895 *addr_len=sizeof(*sin); 899 *addr_len = sizeof(*sin);
896 900
897 if (flags & MSG_ERRQUEUE) 901 if (flags & MSG_ERRQUEUE)
898 return ip_recv_error(sk, msg, len); 902 return ip_recv_error(sk, msg, len);
@@ -923,9 +927,11 @@ try_again:
923 927
924 if (skb_csum_unnecessary(skb)) 928 if (skb_csum_unnecessary(skb))
925 err = skb_copy_datagram_iovec(skb, sizeof(struct udphdr), 929 err = skb_copy_datagram_iovec(skb, sizeof(struct udphdr),
926 msg->msg_iov, copied ); 930 msg->msg_iov, copied);
927 else { 931 else {
928 err = skb_copy_and_csum_datagram_iovec(skb, sizeof(struct udphdr), msg->msg_iov); 932 err = skb_copy_and_csum_datagram_iovec(skb,
933 sizeof(struct udphdr),
934 msg->msg_iov);
929 935
930 if (err == -EINVAL) 936 if (err == -EINVAL)
931 goto csum_copy_err; 937 goto csum_copy_err;
@@ -941,8 +947,7 @@ try_again:
941 sock_recv_timestamp(msg, sk, skb); 947 sock_recv_timestamp(msg, sk, skb);
942 948
943 /* Copy the address. */ 949 /* Copy the address. */
944 if (sin) 950 if (sin) {
945 {
946 sin->sin_family = AF_INET; 951 sin->sin_family = AF_INET;
947 sin->sin_port = udp_hdr(skb)->source; 952 sin->sin_port = udp_hdr(skb)->source;
948 sin->sin_addr.s_addr = ip_hdr(skb)->saddr; 953 sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
@@ -995,6 +1000,7 @@ int udp_disconnect(struct sock *sk, int flags)
995 sk_dst_reset(sk); 1000 sk_dst_reset(sk);
996 return 0; 1001 return 0;
997} 1002}
1003EXPORT_SYMBOL(udp_disconnect);
998 1004
999void udp_lib_unhash(struct sock *sk) 1005void udp_lib_unhash(struct sock *sk)
1000{ 1006{
@@ -1044,7 +1050,7 @@ drop:
1044 * Note that in the success and error cases, the skb is assumed to 1050 * Note that in the success and error cases, the skb is assumed to
1045 * have either been requeued or freed. 1051 * have either been requeued or freed.
1046 */ 1052 */
1047int udp_queue_rcv_skb(struct sock * sk, struct sk_buff *skb) 1053int udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
1048{ 1054{
1049 struct udp_sock *up = udp_sk(sk); 1055 struct udp_sock *up = udp_sk(sk);
1050 int rc; 1056 int rc;
@@ -1214,7 +1220,7 @@ static inline int udp4_csum_init(struct sk_buff *skb, struct udphdr *uh,
1214 if (uh->check == 0) { 1220 if (uh->check == 0) {
1215 skb->ip_summed = CHECKSUM_UNNECESSARY; 1221 skb->ip_summed = CHECKSUM_UNNECESSARY;
1216 } else if (skb->ip_summed == CHECKSUM_COMPLETE) { 1222 } else if (skb->ip_summed == CHECKSUM_COMPLETE) {
1217 if (!csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len, 1223 if (!csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len,
1218 proto, skb->csum)) 1224 proto, skb->csum))
1219 skb->ip_summed = CHECKSUM_UNNECESSARY; 1225 skb->ip_summed = CHECKSUM_UNNECESSARY;
1220 } 1226 }
@@ -1355,7 +1361,7 @@ int udp_lib_setsockopt(struct sock *sk, int level, int optname,
1355 int err = 0; 1361 int err = 0;
1356 int is_udplite = IS_UDPLITE(sk); 1362 int is_udplite = IS_UDPLITE(sk);
1357 1363
1358 if (optlen<sizeof(int)) 1364 if (optlen < sizeof(int))
1359 return -EINVAL; 1365 return -EINVAL;
1360 1366
1361 if (get_user(val, (int __user *)optval)) 1367 if (get_user(val, (int __user *)optval))
@@ -1426,6 +1432,7 @@ int udp_lib_setsockopt(struct sock *sk, int level, int optname,
1426 1432
1427 return err; 1433 return err;
1428} 1434}
1435EXPORT_SYMBOL(udp_lib_setsockopt);
1429 1436
1430int udp_setsockopt(struct sock *sk, int level, int optname, 1437int udp_setsockopt(struct sock *sk, int level, int optname,
1431 char __user *optval, int optlen) 1438 char __user *optval, int optlen)
@@ -1453,7 +1460,7 @@ int udp_lib_getsockopt(struct sock *sk, int level, int optname,
1453 struct udp_sock *up = udp_sk(sk); 1460 struct udp_sock *up = udp_sk(sk);
1454 int val, len; 1461 int val, len;
1455 1462
1456 if (get_user(len,optlen)) 1463 if (get_user(len, optlen))
1457 return -EFAULT; 1464 return -EFAULT;
1458 1465
1459 len = min_t(unsigned int, len, sizeof(int)); 1466 len = min_t(unsigned int, len, sizeof(int));
@@ -1486,10 +1493,11 @@ int udp_lib_getsockopt(struct sock *sk, int level, int optname,
1486 1493
1487 if (put_user(len, optlen)) 1494 if (put_user(len, optlen))
1488 return -EFAULT; 1495 return -EFAULT;
1489 if (copy_to_user(optval, &val,len)) 1496 if (copy_to_user(optval, &val, len))
1490 return -EFAULT; 1497 return -EFAULT;
1491 return 0; 1498 return 0;
1492} 1499}
1500EXPORT_SYMBOL(udp_lib_getsockopt);
1493 1501
1494int udp_getsockopt(struct sock *sk, int level, int optname, 1502int udp_getsockopt(struct sock *sk, int level, int optname,
1495 char __user *optval, int __user *optlen) 1503 char __user *optval, int __user *optlen)
@@ -1528,9 +1536,9 @@ unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait)
1528 int is_lite = IS_UDPLITE(sk); 1536 int is_lite = IS_UDPLITE(sk);
1529 1537
1530 /* Check for false positives due to checksum errors */ 1538 /* Check for false positives due to checksum errors */
1531 if ( (mask & POLLRDNORM) && 1539 if ((mask & POLLRDNORM) &&
1532 !(file->f_flags & O_NONBLOCK) && 1540 !(file->f_flags & O_NONBLOCK) &&
1533 !(sk->sk_shutdown & RCV_SHUTDOWN)){ 1541 !(sk->sk_shutdown & RCV_SHUTDOWN)) {
1534 struct sk_buff_head *rcvq = &sk->sk_receive_queue; 1542 struct sk_buff_head *rcvq = &sk->sk_receive_queue;
1535 struct sk_buff *skb; 1543 struct sk_buff *skb;
1536 1544
@@ -1552,6 +1560,7 @@ unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait)
1552 return mask; 1560 return mask;
1553 1561
1554} 1562}
1563EXPORT_SYMBOL(udp_poll);
1555 1564
1556struct proto udp_prot = { 1565struct proto udp_prot = {
1557 .name = "UDP", 1566 .name = "UDP",
@@ -1582,6 +1591,7 @@ struct proto udp_prot = {
1582 .compat_getsockopt = compat_udp_getsockopt, 1591 .compat_getsockopt = compat_udp_getsockopt,
1583#endif 1592#endif
1584}; 1593};
1594EXPORT_SYMBOL(udp_prot);
1585 1595
1586/* ------------------------------------------------------------------------ */ 1596/* ------------------------------------------------------------------------ */
1587#ifdef CONFIG_PROC_FS 1597#ifdef CONFIG_PROC_FS
@@ -1703,11 +1713,13 @@ int udp_proc_register(struct net *net, struct udp_seq_afinfo *afinfo)
1703 rc = -ENOMEM; 1713 rc = -ENOMEM;
1704 return rc; 1714 return rc;
1705} 1715}
1716EXPORT_SYMBOL(udp_proc_register);
1706 1717
1707void udp_proc_unregister(struct net *net, struct udp_seq_afinfo *afinfo) 1718void udp_proc_unregister(struct net *net, struct udp_seq_afinfo *afinfo)
1708{ 1719{
1709 proc_net_remove(net, afinfo->name); 1720 proc_net_remove(net, afinfo->name);
1710} 1721}
1722EXPORT_SYMBOL(udp_proc_unregister);
1711 1723
1712/* ------------------------------------------------------------------------ */ 1724/* ------------------------------------------------------------------------ */
1713static void udp4_format_sock(struct sock *sp, struct seq_file *f, 1725static void udp4_format_sock(struct sock *sp, struct seq_file *f,
@@ -1741,7 +1753,7 @@ int udp4_seq_show(struct seq_file *seq, void *v)
1741 int len; 1753 int len;
1742 1754
1743 udp4_format_sock(v, seq, state->bucket, &len); 1755 udp4_format_sock(v, seq, state->bucket, &len);
1744 seq_printf(seq, "%*s\n", 127 - len ,""); 1756 seq_printf(seq, "%*s\n", 127 - len, "");
1745 } 1757 }
1746 return 0; 1758 return 0;
1747} 1759}
@@ -1816,16 +1828,64 @@ void __init udp_init(void)
1816 sysctl_udp_wmem_min = SK_MEM_QUANTUM; 1828 sysctl_udp_wmem_min = SK_MEM_QUANTUM;
1817} 1829}
1818 1830
1819EXPORT_SYMBOL(udp_disconnect); 1831int udp4_ufo_send_check(struct sk_buff *skb)
1820EXPORT_SYMBOL(udp_ioctl); 1832{
1821EXPORT_SYMBOL(udp_prot); 1833 const struct iphdr *iph;
1822EXPORT_SYMBOL(udp_sendmsg); 1834 struct udphdr *uh;
1823EXPORT_SYMBOL(udp_lib_getsockopt); 1835
1824EXPORT_SYMBOL(udp_lib_setsockopt); 1836 if (!pskb_may_pull(skb, sizeof(*uh)))
1825EXPORT_SYMBOL(udp_poll); 1837 return -EINVAL;
1826EXPORT_SYMBOL(udp_lib_get_port); 1838
1839 iph = ip_hdr(skb);
1840 uh = udp_hdr(skb);
1841
1842 uh->check = ~csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len,
1843 IPPROTO_UDP, 0);
1844 skb->csum_start = skb_transport_header(skb) - skb->head;
1845 skb->csum_offset = offsetof(struct udphdr, check);
1846 skb->ip_summed = CHECKSUM_PARTIAL;
1847 return 0;
1848}
1849
1850struct sk_buff *udp4_ufo_fragment(struct sk_buff *skb, int features)
1851{
1852 struct sk_buff *segs = ERR_PTR(-EINVAL);
1853 unsigned int mss;
1854 int offset;
1855 __wsum csum;
1856
1857 mss = skb_shinfo(skb)->gso_size;
1858 if (unlikely(skb->len <= mss))
1859 goto out;
1860
1861 if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
1862 /* Packet is from an untrusted source, reset gso_segs. */
1863 int type = skb_shinfo(skb)->gso_type;
1864
1865 if (unlikely(type & ~(SKB_GSO_UDP | SKB_GSO_DODGY) ||
1866 !(type & (SKB_GSO_UDP))))
1867 goto out;
1868
1869 skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len, mss);
1870
1871 segs = NULL;
1872 goto out;
1873 }
1874
1875 /* Do software UFO. Complete and fill in the UDP checksum as HW cannot
1876 * do checksum of UDP packets sent as multiple IP fragments.
1877 */
1878 offset = skb->csum_start - skb_headroom(skb);
1879 csum = skb_checksum(skb, offset, skb->len - offset, 0);
1880 offset += skb->csum_offset;
1881 *(__sum16 *)(skb->data + offset) = csum_fold(csum);
1882 skb->ip_summed = CHECKSUM_NONE;
1883
1884 /* Fragment the skb. IP headers of the fragments are updated in
1885 * inet_gso_segment()
1886 */
1887 segs = skb_segment(skb, features);
1888out:
1889 return segs;
1890}
1827 1891
1828#ifdef CONFIG_PROC_FS
1829EXPORT_SYMBOL(udp_proc_register);
1830EXPORT_SYMBOL(udp_proc_unregister);
1831#endif
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 0071ee6f441f..1ba44742ebbf 100644
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@@ -264,6 +264,20 @@ static struct xfrm_policy_afinfo xfrm4_policy_afinfo = {
264 .fill_dst = xfrm4_fill_dst, 264 .fill_dst = xfrm4_fill_dst,
265}; 265};
266 266
267static struct ctl_table xfrm4_policy_table[] = {
268 {
269 .ctl_name = CTL_UNNUMBERED,
270 .procname = "xfrm4_gc_thresh",
271 .data = &xfrm4_dst_ops.gc_thresh,
272 .maxlen = sizeof(int),
273 .mode = 0644,
274 .proc_handler = proc_dointvec,
275 },
276 { }
277};
278
279static struct ctl_table_header *sysctl_hdr;
280
267static void __init xfrm4_policy_init(void) 281static void __init xfrm4_policy_init(void)
268{ 282{
269 xfrm_policy_register_afinfo(&xfrm4_policy_afinfo); 283 xfrm_policy_register_afinfo(&xfrm4_policy_afinfo);
@@ -271,12 +285,27 @@ static void __init xfrm4_policy_init(void)
271 285
272static void __exit xfrm4_policy_fini(void) 286static void __exit xfrm4_policy_fini(void)
273{ 287{
288 if (sysctl_hdr)
289 unregister_net_sysctl_table(sysctl_hdr);
274 xfrm_policy_unregister_afinfo(&xfrm4_policy_afinfo); 290 xfrm_policy_unregister_afinfo(&xfrm4_policy_afinfo);
275} 291}
276 292
277void __init xfrm4_init(void) 293void __init xfrm4_init(int rt_max_size)
278{ 294{
279 xfrm4_state_init(); 295 xfrm4_state_init();
280 xfrm4_policy_init(); 296 xfrm4_policy_init();
297 /*
298 * Select a default value for the gc_thresh based on the main route
299 * table hash size. It seems to me the worst case scenario is when
300 * we have ipsec operating in transport mode, in which we create a
301 * dst_entry per socket. The xfrm gc algorithm starts trying to remove
302 * entries at gc_thresh, and prevents new allocations as 2*gc_thresh
303 * so lets set an initial xfrm gc_thresh value at the rt_max_size/2.
304 * That will let us store an ipsec connection per route table entry,
305 * and start cleaning when were 1/2 full
306 */
307 xfrm4_dst_ops.gc_thresh = rt_max_size/2;
308 sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv4_ctl_path,
309 xfrm4_policy_table);
281} 310}
282 311
diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
index caa0278d30a9..bf85d5f97032 100644
--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -772,6 +772,11 @@ static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features)
772 struct sk_buff *segs = ERR_PTR(-EINVAL); 772 struct sk_buff *segs = ERR_PTR(-EINVAL);
773 struct ipv6hdr *ipv6h; 773 struct ipv6hdr *ipv6h;
774 struct inet6_protocol *ops; 774 struct inet6_protocol *ops;
775 int proto;
776 struct frag_hdr *fptr;
777 unsigned int unfrag_ip6hlen;
778 u8 *prevhdr;
779 int offset = 0;
775 780
776 if (!(features & NETIF_F_V6_CSUM)) 781 if (!(features & NETIF_F_V6_CSUM))
777 features &= ~NETIF_F_SG; 782 features &= ~NETIF_F_SG;
@@ -791,10 +796,9 @@ static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features)
791 __skb_pull(skb, sizeof(*ipv6h)); 796 __skb_pull(skb, sizeof(*ipv6h));
792 segs = ERR_PTR(-EPROTONOSUPPORT); 797 segs = ERR_PTR(-EPROTONOSUPPORT);
793 798
799 proto = ipv6_gso_pull_exthdrs(skb, ipv6h->nexthdr);
794 rcu_read_lock(); 800 rcu_read_lock();
795 ops = rcu_dereference(inet6_protos[ 801 ops = rcu_dereference(inet6_protos[proto]);
796 ipv6_gso_pull_exthdrs(skb, ipv6h->nexthdr)]);
797
798 if (likely(ops && ops->gso_segment)) { 802 if (likely(ops && ops->gso_segment)) {
799 skb_reset_transport_header(skb); 803 skb_reset_transport_header(skb);
800 segs = ops->gso_segment(skb, features); 804 segs = ops->gso_segment(skb, features);
@@ -808,6 +812,16 @@ static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features)
808 ipv6h = ipv6_hdr(skb); 812 ipv6h = ipv6_hdr(skb);
809 ipv6h->payload_len = htons(skb->len - skb->mac_len - 813 ipv6h->payload_len = htons(skb->len - skb->mac_len -
810 sizeof(*ipv6h)); 814 sizeof(*ipv6h));
815 if (proto == IPPROTO_UDP) {
816 unfrag_ip6hlen = ip6_find_1stfragopt(skb, &prevhdr);
817 fptr = (struct frag_hdr *)(skb_network_header(skb) +
818 unfrag_ip6hlen);
819 fptr->frag_off = htons(offset);
820 if (skb->next != NULL)
821 fptr->frag_off |= htons(IP6_MF);
822 offset += (ntohs(ipv6h->payload_len) -
823 sizeof(struct frag_hdr));
824 }
811 } 825 }
812 826
813out: 827out:
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 52ee1dced2ff..0e93ca56eb69 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -164,12 +164,6 @@ static __inline__ void rt6_release(struct rt6_info *rt)
164 dst_free(&rt->u.dst); 164 dst_free(&rt->u.dst);
165} 165}
166 166
167#ifdef CONFIG_IPV6_MULTIPLE_TABLES
168#define FIB_TABLE_HASHSZ 256
169#else
170#define FIB_TABLE_HASHSZ 1
171#endif
172
173static void fib6_link_table(struct net *net, struct fib6_table *tb) 167static void fib6_link_table(struct net *net, struct fib6_table *tb)
174{ 168{
175 unsigned int h; 169 unsigned int h;
@@ -180,7 +174,7 @@ static void fib6_link_table(struct net *net, struct fib6_table *tb)
180 */ 174 */
181 rwlock_init(&tb->tb6_lock); 175 rwlock_init(&tb->tb6_lock);
182 176
183 h = tb->tb6_id & (FIB_TABLE_HASHSZ - 1); 177 h = tb->tb6_id & (FIB6_TABLE_HASHSZ - 1);
184 178
185 /* 179 /*
186 * No protection necessary, this is the only list mutatation 180 * No protection necessary, this is the only list mutatation
@@ -231,7 +225,7 @@ struct fib6_table *fib6_get_table(struct net *net, u32 id)
231 225
232 if (id == 0) 226 if (id == 0)
233 id = RT6_TABLE_MAIN; 227 id = RT6_TABLE_MAIN;
234 h = id & (FIB_TABLE_HASHSZ - 1); 228 h = id & (FIB6_TABLE_HASHSZ - 1);
235 rcu_read_lock(); 229 rcu_read_lock();
236 head = &net->ipv6.fib_table_hash[h]; 230 head = &net->ipv6.fib_table_hash[h];
237 hlist_for_each_entry_rcu(tb, node, head, tb6_hlist) { 231 hlist_for_each_entry_rcu(tb, node, head, tb6_hlist) {
@@ -382,7 +376,7 @@ static int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)
382 arg.net = net; 376 arg.net = net;
383 w->args = &arg; 377 w->args = &arg;
384 378
385 for (h = s_h; h < FIB_TABLE_HASHSZ; h++, s_e = 0) { 379 for (h = s_h; h < FIB6_TABLE_HASHSZ; h++, s_e = 0) {
386 e = 0; 380 e = 0;
387 head = &net->ipv6.fib_table_hash[h]; 381 head = &net->ipv6.fib_table_hash[h];
388 hlist_for_each_entry(tb, node, head, tb6_hlist) { 382 hlist_for_each_entry(tb, node, head, tb6_hlist) {
@@ -1368,7 +1362,7 @@ void fib6_clean_all(struct net *net, int (*func)(struct rt6_info *, void *arg),
1368 unsigned int h; 1362 unsigned int h;
1369 1363
1370 rcu_read_lock(); 1364 rcu_read_lock();
1371 for (h = 0; h < FIB_TABLE_HASHSZ; h++) { 1365 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
1372 head = &net->ipv6.fib_table_hash[h]; 1366 head = &net->ipv6.fib_table_hash[h];
1373 hlist_for_each_entry_rcu(table, node, head, tb6_hlist) { 1367 hlist_for_each_entry_rcu(table, node, head, tb6_hlist) {
1374 write_lock_bh(&table->tb6_lock); 1368 write_lock_bh(&table->tb6_lock);
@@ -1483,7 +1477,7 @@ static int fib6_net_init(struct net *net)
1483 if (!net->ipv6.rt6_stats) 1477 if (!net->ipv6.rt6_stats)
1484 goto out_timer; 1478 goto out_timer;
1485 1479
1486 net->ipv6.fib_table_hash = kcalloc(FIB_TABLE_HASHSZ, 1480 net->ipv6.fib_table_hash = kcalloc(FIB6_TABLE_HASHSZ,
1487 sizeof(*net->ipv6.fib_table_hash), 1481 sizeof(*net->ipv6.fib_table_hash),
1488 GFP_KERNEL); 1482 GFP_KERNEL);
1489 if (!net->ipv6.fib_table_hash) 1483 if (!net->ipv6.fib_table_hash)
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
index 6d6a4277c677..2d9cbaa67edb 100644
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -63,7 +63,7 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
63 63
64 if (skb->pkt_type == PACKET_OTHERHOST) { 64 if (skb->pkt_type == PACKET_OTHERHOST) {
65 kfree_skb(skb); 65 kfree_skb(skb);
66 return 0; 66 return NET_RX_DROP;
67 } 67 }
68 68
69 rcu_read_lock(); 69 rcu_read_lock();
@@ -133,7 +133,7 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
133 if (ipv6_parse_hopopts(skb) < 0) { 133 if (ipv6_parse_hopopts(skb) < 0) {
134 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_INHDRERRORS); 134 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_INHDRERRORS);
135 rcu_read_unlock(); 135 rcu_read_unlock();
136 return 0; 136 return NET_RX_DROP;
137 } 137 }
138 } 138 }
139 139
@@ -149,7 +149,7 @@ err:
149drop: 149drop:
150 rcu_read_unlock(); 150 rcu_read_unlock();
151 kfree_skb(skb); 151 kfree_skb(skb);
152 return 0; 152 return NET_RX_DROP;
153} 153}
154 154
155/* 155/*
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 87f8419a68fd..93beee944657 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -57,18 +57,6 @@
57 57
58static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)); 58static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *));
59 59
60static __inline__ void ipv6_select_ident(struct sk_buff *skb, struct frag_hdr *fhdr)
61{
62 static u32 ipv6_fragmentation_id = 1;
63 static DEFINE_SPINLOCK(ip6_id_lock);
64
65 spin_lock_bh(&ip6_id_lock);
66 fhdr->identification = htonl(ipv6_fragmentation_id);
67 if (++ipv6_fragmentation_id == 0)
68 ipv6_fragmentation_id = 1;
69 spin_unlock_bh(&ip6_id_lock);
70}
71
72int __ip6_local_out(struct sk_buff *skb) 60int __ip6_local_out(struct sk_buff *skb)
73{ 61{
74 int len; 62 int len;
@@ -706,7 +694,7 @@ static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
706 skb_reset_network_header(skb); 694 skb_reset_network_header(skb);
707 memcpy(skb_network_header(skb), tmp_hdr, hlen); 695 memcpy(skb_network_header(skb), tmp_hdr, hlen);
708 696
709 ipv6_select_ident(skb, fh); 697 ipv6_select_ident(fh);
710 fh->nexthdr = nexthdr; 698 fh->nexthdr = nexthdr;
711 fh->reserved = 0; 699 fh->reserved = 0;
712 fh->frag_off = htons(IP6_MF); 700 fh->frag_off = htons(IP6_MF);
@@ -844,7 +832,7 @@ slow_path:
844 fh->nexthdr = nexthdr; 832 fh->nexthdr = nexthdr;
845 fh->reserved = 0; 833 fh->reserved = 0;
846 if (!frag_id) { 834 if (!frag_id) {
847 ipv6_select_ident(skb, fh); 835 ipv6_select_ident(fh);
848 frag_id = fh->identification; 836 frag_id = fh->identification;
849 } else 837 } else
850 fh->identification = frag_id; 838 fh->identification = frag_id;
@@ -1087,11 +1075,13 @@ static inline int ip6_ufo_append_data(struct sock *sk,
1087 if (!err) { 1075 if (!err) {
1088 struct frag_hdr fhdr; 1076 struct frag_hdr fhdr;
1089 1077
1090 /* specify the length of each IP datagram fragment*/ 1078 /* Specify the length of each IPv6 datagram fragment.
1091 skb_shinfo(skb)->gso_size = mtu - fragheaderlen - 1079 * It has to be a multiple of 8.
1092 sizeof(struct frag_hdr); 1080 */
1081 skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
1082 sizeof(struct frag_hdr)) & ~7;
1093 skb_shinfo(skb)->gso_type = SKB_GSO_UDP; 1083 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1094 ipv6_select_ident(skb, &fhdr); 1084 ipv6_select_ident(&fhdr);
1095 skb_shinfo(skb)->ip6_frag_id = fhdr.identification; 1085 skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
1096 __skb_queue_tail(&sk->sk_write_queue, skb); 1086 __skb_queue_tail(&sk->sk_write_queue, skb);
1097 1087
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 51f410e7775a..a1d6045c4694 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -1063,14 +1063,14 @@ ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1063 goto tx_err; 1063 goto tx_err;
1064 1064
1065 t->recursion--; 1065 t->recursion--;
1066 return 0; 1066 return NETDEV_TX_OK;
1067 1067
1068tx_err: 1068tx_err:
1069 stats->tx_errors++; 1069 stats->tx_errors++;
1070 stats->tx_dropped++; 1070 stats->tx_dropped++;
1071 kfree_skb(skb); 1071 kfree_skb(skb);
1072 t->recursion--; 1072 t->recursion--;
1073 return 0; 1073 return NETDEV_TX_OK;
1074} 1074}
1075 1075
1076static void ip6_tnl_set_cap(struct ip6_tnl *t) 1076static void ip6_tnl_set_cap(struct ip6_tnl *t)
diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c
index c769f155c698..07ded5075b33 100644
--- a/net/ipv6/ip6mr.c
+++ b/net/ipv6/ip6mr.c
@@ -427,7 +427,7 @@ static int reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
427 MRT6MSG_WHOLEPKT); 427 MRT6MSG_WHOLEPKT);
428 read_unlock(&mrt_lock); 428 read_unlock(&mrt_lock);
429 kfree_skb(skb); 429 kfree_skb(skb);
430 return 0; 430 return NETDEV_TX_OK;
431} 431}
432 432
433static const struct net_device_ops reg_vif_netdev_ops = { 433static const struct net_device_ops reg_vif_netdev_ops = {
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index 4b264ed40a8c..71c3dacec1ed 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -2107,7 +2107,6 @@ static int ip6_mc_add_src(struct inet6_dev *idev, struct in6_addr *pmca,
2107 for (j=0; j<i; j++) 2107 for (j=0; j<i; j++)
2108 (void) ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]); 2108 (void) ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]);
2109 } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) { 2109 } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) {
2110 struct inet6_dev *idev = pmc->idev;
2111 struct ip6_sf_list *psf; 2110 struct ip6_sf_list *psf;
2112 2111
2113 /* filter mode change */ 2112 /* filter mode change */
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 98b7327d0949..d335a306a4db 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -753,7 +753,7 @@ static int ipip6_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
753 stats->tx_dropped++; 753 stats->tx_dropped++;
754 dev_kfree_skb(skb); 754 dev_kfree_skb(skb);
755 tunnel->recursion--; 755 tunnel->recursion--;
756 return 0; 756 return NETDEV_TX_OK;
757 } 757 }
758 if (skb->sk) 758 if (skb->sk)
759 skb_set_owner_w(new_skb, skb->sk); 759 skb_set_owner_w(new_skb, skb->sk);
@@ -794,7 +794,7 @@ static int ipip6_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
794 794
795 IPTUNNEL_XMIT(); 795 IPTUNNEL_XMIT();
796 tunnel->recursion--; 796 tunnel->recursion--;
797 return 0; 797 return NETDEV_TX_OK;
798 798
799tx_error_icmp: 799tx_error_icmp:
800 dst_link_failure(skb); 800 dst_link_failure(skb);
@@ -802,7 +802,7 @@ tx_error:
802 stats->tx_errors++; 802 stats->tx_errors++;
803 dev_kfree_skb(skb); 803 dev_kfree_skb(skb);
804 tunnel->recursion--; 804 tunnel->recursion--;
805 return 0; 805 return NETDEV_TX_OK;
806} 806}
807 807
808static void ipip6_tunnel_bind_dev(struct net_device *dev) 808static void ipip6_tunnel_bind_dev(struct net_device *dev)
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index 33b59bd92c4d..d79fa6724451 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -638,6 +638,47 @@ static void udp_v6_flush_pending_frames(struct sock *sk)
638 } 638 }
639} 639}
640 640
641/**
642 * udp6_hwcsum_outgoing - handle outgoing HW checksumming
643 * @sk: socket we are sending on
644 * @skb: sk_buff containing the filled-in UDP header
645 * (checksum field must be zeroed out)
646 */
647static void udp6_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb,
648 const struct in6_addr *saddr,
649 const struct in6_addr *daddr, int len)
650{
651 unsigned int offset;
652 struct udphdr *uh = udp_hdr(skb);
653 __wsum csum = 0;
654
655 if (skb_queue_len(&sk->sk_write_queue) == 1) {
656 /* Only one fragment on the socket. */
657 skb->csum_start = skb_transport_header(skb) - skb->head;
658 skb->csum_offset = offsetof(struct udphdr, check);
659 uh->check = ~csum_ipv6_magic(saddr, daddr, len, IPPROTO_UDP, 0);
660 } else {
661 /*
662 * HW-checksum won't work as there are two or more
663 * fragments on the socket so that all csums of sk_buffs
664 * should be together
665 */
666 offset = skb_transport_offset(skb);
667 skb->csum = skb_checksum(skb, offset, skb->len - offset, 0);
668
669 skb->ip_summed = CHECKSUM_NONE;
670
671 skb_queue_walk(&sk->sk_write_queue, skb) {
672 csum = csum_add(csum, skb->csum);
673 }
674
675 uh->check = csum_ipv6_magic(saddr, daddr, len, IPPROTO_UDP,
676 csum);
677 if (uh->check == 0)
678 uh->check = CSUM_MANGLED_0;
679 }
680}
681
641/* 682/*
642 * Sending 683 * Sending
643 */ 684 */
@@ -668,7 +709,11 @@ static int udp_v6_push_pending_frames(struct sock *sk)
668 709
669 if (is_udplite) 710 if (is_udplite)
670 csum = udplite_csum_outgoing(sk, skb); 711 csum = udplite_csum_outgoing(sk, skb);
671 else 712 else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */
713 udp6_hwcsum_outgoing(sk, skb, &fl->fl6_src, &fl->fl6_dst,
714 up->len);
715 goto send;
716 } else
672 csum = udp_csum_outgoing(sk, skb); 717 csum = udp_csum_outgoing(sk, skb);
673 718
674 /* add protocol-dependent pseudo-header */ 719 /* add protocol-dependent pseudo-header */
@@ -677,6 +722,7 @@ static int udp_v6_push_pending_frames(struct sock *sk)
677 if (uh->check == 0) 722 if (uh->check == 0)
678 uh->check = CSUM_MANGLED_0; 723 uh->check = CSUM_MANGLED_0;
679 724
725send:
680 err = ip6_push_pending_frames(sk); 726 err = ip6_push_pending_frames(sk);
681out: 727out:
682 up->len = 0; 728 up->len = 0;
@@ -1032,9 +1078,102 @@ int compat_udpv6_getsockopt(struct sock *sk, int level, int optname,
1032} 1078}
1033#endif 1079#endif
1034 1080
1081static int udp6_ufo_send_check(struct sk_buff *skb)
1082{
1083 struct ipv6hdr *ipv6h;
1084 struct udphdr *uh;
1085
1086 if (!pskb_may_pull(skb, sizeof(*uh)))
1087 return -EINVAL;
1088
1089 ipv6h = ipv6_hdr(skb);
1090 uh = udp_hdr(skb);
1091
1092 uh->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
1093 IPPROTO_UDP, 0);
1094 skb->csum_start = skb_transport_header(skb) - skb->head;
1095 skb->csum_offset = offsetof(struct udphdr, check);
1096 skb->ip_summed = CHECKSUM_PARTIAL;
1097 return 0;
1098}
1099
1100static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb, int features)
1101{
1102 struct sk_buff *segs = ERR_PTR(-EINVAL);
1103 unsigned int mss;
1104 unsigned int unfrag_ip6hlen, unfrag_len;
1105 struct frag_hdr *fptr;
1106 u8 *mac_start, *prevhdr;
1107 u8 nexthdr;
1108 u8 frag_hdr_sz = sizeof(struct frag_hdr);
1109 int offset;
1110 __wsum csum;
1111
1112 mss = skb_shinfo(skb)->gso_size;
1113 if (unlikely(skb->len <= mss))
1114 goto out;
1115
1116 if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
1117 /* Packet is from an untrusted source, reset gso_segs. */
1118 int type = skb_shinfo(skb)->gso_type;
1119
1120 if (unlikely(type & ~(SKB_GSO_UDP | SKB_GSO_DODGY) ||
1121 !(type & (SKB_GSO_UDP))))
1122 goto out;
1123
1124 skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len, mss);
1125
1126 segs = NULL;
1127 goto out;
1128 }
1129
1130 /* Do software UFO. Complete and fill in the UDP checksum as HW cannot
1131 * do checksum of UDP packets sent as multiple IP fragments.
1132 */
1133 offset = skb->csum_start - skb_headroom(skb);
1134 csum = skb_checksum(skb, offset, skb->len- offset, 0);
1135 offset += skb->csum_offset;
1136 *(__sum16 *)(skb->data + offset) = csum_fold(csum);
1137 skb->ip_summed = CHECKSUM_NONE;
1138
1139 /* Check if there is enough headroom to insert fragment header. */
1140 if ((skb_headroom(skb) < frag_hdr_sz) &&
1141 pskb_expand_head(skb, frag_hdr_sz, 0, GFP_ATOMIC))
1142 goto out;
1143
1144 /* Find the unfragmentable header and shift it left by frag_hdr_sz
1145 * bytes to insert fragment header.
1146 */
1147 unfrag_ip6hlen = ip6_find_1stfragopt(skb, &prevhdr);
1148 nexthdr = *prevhdr;
1149 *prevhdr = NEXTHDR_FRAGMENT;
1150 unfrag_len = skb_network_header(skb) - skb_mac_header(skb) +
1151 unfrag_ip6hlen;
1152 mac_start = skb_mac_header(skb);
1153 memmove(mac_start-frag_hdr_sz, mac_start, unfrag_len);
1154
1155 skb->mac_header -= frag_hdr_sz;
1156 skb->network_header -= frag_hdr_sz;
1157
1158 fptr = (struct frag_hdr *)(skb_network_header(skb) + unfrag_ip6hlen);
1159 fptr->nexthdr = nexthdr;
1160 fptr->reserved = 0;
1161 ipv6_select_ident(fptr);
1162
1163 /* Fragment the skb. ipv6 header and the remaining fields of the
1164 * fragment header are updated in ipv6_gso_segment()
1165 */
1166 segs = skb_segment(skb, features);
1167
1168out:
1169 return segs;
1170}
1171
1035static struct inet6_protocol udpv6_protocol = { 1172static struct inet6_protocol udpv6_protocol = {
1036 .handler = udpv6_rcv, 1173 .handler = udpv6_rcv,
1037 .err_handler = udpv6_err, 1174 .err_handler = udpv6_err,
1175 .gso_send_check = udp6_ufo_send_check,
1176 .gso_segment = udp6_ufo_fragment,
1038 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1177 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1039}; 1178};
1040 1179
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 3a3c677bc0f2..611cffcf554f 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -306,9 +306,24 @@ static void xfrm6_policy_fini(void)
306 xfrm_policy_unregister_afinfo(&xfrm6_policy_afinfo); 306 xfrm_policy_unregister_afinfo(&xfrm6_policy_afinfo);
307} 307}
308 308
309static struct ctl_table xfrm6_policy_table[] = {
310 {
311 .ctl_name = CTL_UNNUMBERED,
312 .procname = "xfrm6_gc_thresh",
313 .data = &xfrm6_dst_ops.gc_thresh,
314 .maxlen = sizeof(int),
315 .mode = 0644,
316 .proc_handler = proc_dointvec,
317 },
318 { }
319};
320
321static struct ctl_table_header *sysctl_hdr;
322
309int __init xfrm6_init(void) 323int __init xfrm6_init(void)
310{ 324{
311 int ret; 325 int ret;
326 unsigned int gc_thresh;
312 327
313 ret = xfrm6_policy_init(); 328 ret = xfrm6_policy_init();
314 if (ret) 329 if (ret)
@@ -317,6 +332,22 @@ int __init xfrm6_init(void)
317 ret = xfrm6_state_init(); 332 ret = xfrm6_state_init();
318 if (ret) 333 if (ret)
319 goto out_policy; 334 goto out_policy;
335 /*
336 * We need a good default value for the xfrm6 gc threshold.
337 * In ipv4 we set it to the route hash table size * 8, which
338 * is half the size of the maximaum route cache for ipv4. It
339 * would be good to do the same thing for v6, except the table is
340 * constructed differently here. Here each table for a net namespace
341 * can have FIB_TABLE_HASHSZ entries, so lets go with the same
342 * computation that we used for ipv4 here. Also, lets keep the initial
343 * gc_thresh to a minimum of 1024, since, the ipv6 route cache defaults
344 * to that as a minimum as well
345 */
346 gc_thresh = FIB6_TABLE_HASHSZ * 8;
347 xfrm6_dst_ops.gc_thresh = (gc_thresh < 1024) ? 1024 : gc_thresh;
348
349 sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv6_ctl_path,
350 xfrm6_policy_table);
320out: 351out:
321 return ret; 352 return ret;
322out_policy: 353out_policy:
@@ -326,6 +357,8 @@ out_policy:
326 357
327void xfrm6_fini(void) 358void xfrm6_fini(void)
328{ 359{
360 if (sysctl_hdr)
361 unregister_net_sysctl_table(sysctl_hdr);
329 //xfrm6_input_fini(); 362 //xfrm6_input_fini();
330 xfrm6_policy_fini(); 363 xfrm6_policy_fini();
331 xfrm6_state_fini(); 364 xfrm6_state_fini();
diff --git a/net/irda/irlan/irlan_eth.c b/net/irda/irlan/irlan_eth.c
index 724bcf951b80..64230cffcfee 100644
--- a/net/irda/irlan/irlan_eth.c
+++ b/net/irda/irlan/irlan_eth.c
@@ -177,7 +177,7 @@ static int irlan_eth_xmit(struct sk_buff *skb, struct net_device *dev)
177 177
178 /* Did the realloc succeed? */ 178 /* Did the realloc succeed? */
179 if (new_skb == NULL) 179 if (new_skb == NULL)
180 return 0; 180 return NETDEV_TX_OK;
181 181
182 /* Use the new skb instead */ 182 /* Use the new skb instead */
183 skb = new_skb; 183 skb = new_skb;
@@ -209,7 +209,7 @@ static int irlan_eth_xmit(struct sk_buff *skb, struct net_device *dev)
209 self->stats.tx_bytes += skb->len; 209 self->stats.tx_bytes += skb->len;
210 } 210 }
211 211
212 return 0; 212 return NETDEV_TX_OK;
213} 213}
214 214
215/* 215/*
diff --git a/net/irda/irnetlink.c b/net/irda/irnetlink.c
index 8dd7ed7e7c1f..476b307bd801 100644
--- a/net/irda/irnetlink.c
+++ b/net/irda/irnetlink.c
@@ -115,7 +115,7 @@ static int irda_nl_get_mode(struct sk_buff *skb, struct genl_info *info)
115 115
116 genlmsg_end(msg, hdr); 116 genlmsg_end(msg, hdr);
117 117
118 return genlmsg_unicast(msg, info->snd_pid); 118 return genlmsg_reply(msg, info);
119 119
120 err_out: 120 err_out:
121 nlmsg_free(msg); 121 nlmsg_free(msg);
diff --git a/net/lapb/lapb_iface.c b/net/lapb/lapb_iface.c
index 2ba1bc4f3c3a..bda96d18fd98 100644
--- a/net/lapb/lapb_iface.c
+++ b/net/lapb/lapb_iface.c
@@ -407,7 +407,7 @@ int lapb_data_indication(struct lapb_cb *lapb, struct sk_buff *skb)
407 return lapb->callbacks.data_indication(lapb->dev, skb); 407 return lapb->callbacks.data_indication(lapb->dev, skb);
408 408
409 kfree_skb(skb); 409 kfree_skb(skb);
410 return NET_RX_CN_HIGH; /* For now; must be != NET_RX_DROP */ 410 return NET_RX_SUCCESS; /* For now; must be != NET_RX_DROP */
411} 411}
412 412
413int lapb_data_transmit(struct lapb_cb *lapb, struct sk_buff *skb) 413int lapb_data_transmit(struct lapb_cb *lapb, struct sk_buff *skb)
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index 7836ee928983..19a4c66e143e 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -14,22 +14,6 @@ config MAC80211
14comment "CFG80211 needs to be enabled for MAC80211" 14comment "CFG80211 needs to be enabled for MAC80211"
15 depends on CFG80211=n 15 depends on CFG80211=n
16 16
17config MAC80211_DEFAULT_PS
18 bool "enable powersave by default"
19 depends on MAC80211
20 default y
21 help
22 This option enables powersave mode by default.
23
24 If this causes your applications to misbehave you should fix your
25 applications instead -- they need to register their network
26 latency requirement, see Documentation/power/pm_qos_interface.txt.
27
28config MAC80211_DEFAULT_PS_VALUE
29 int
30 default 1 if MAC80211_DEFAULT_PS
31 default 0
32
33menu "Rate control algorithm selection" 17menu "Rate control algorithm selection"
34 depends on MAC80211 != n 18 depends on MAC80211 != n
35 19
@@ -222,3 +206,15 @@ config MAC80211_DEBUG_COUNTERS
222 and show them in debugfs. 206 and show them in debugfs.
223 207
224 If unsure, say N. 208 If unsure, say N.
209
210config MAC80211_DRIVER_API_TRACER
211 bool "Driver API tracer"
212 depends on MAC80211_DEBUG_MENU
213 depends on EVENT_TRACING
214 help
215 Say Y here to make mac80211 register with the ftrace
216 framework for the driver API -- you can see which
217 driver methods it is calling then by looking at the
218 trace.
219
220 If unsure, say N.
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 0e3ab88bb706..91284a74ff91 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -41,6 +41,9 @@ mac80211-$(CONFIG_MAC80211_MESH) += \
41 41
42mac80211-$(CONFIG_PM) += pm.o 42mac80211-$(CONFIG_PM) += pm.o
43 43
44mac80211-$(CONFIG_MAC80211_DRIVER_API_TRACER) += driver-trace.o
45CFLAGS_driver-trace.o := -I$(src)
46
44# objects for PID algorithm 47# objects for PID algorithm
45rc80211_pid-y := rc80211_pid_algo.o 48rc80211_pid-y := rc80211_pid_algo.o
46rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o 49rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c
index 9e5762ad307d..1958c7c42cd9 100644
--- a/net/mac80211/agg-tx.c
+++ b/net/mac80211/agg-tx.c
@@ -383,9 +383,6 @@ static void ieee80211_agg_splice_packets(struct ieee80211_local *local,
383 383
384 if (!skb_queue_empty(&sta->ampdu_mlme.tid_tx[tid]->pending)) { 384 if (!skb_queue_empty(&sta->ampdu_mlme.tid_tx[tid]->pending)) {
385 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 385 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
386 /* mark queue as pending, it is stopped already */
387 __set_bit(IEEE80211_QUEUE_STOP_REASON_PENDING,
388 &local->queue_stop_reasons[queue]);
389 /* copy over remaining packets */ 386 /* copy over remaining packets */
390 skb_queue_splice_tail_init( 387 skb_queue_splice_tail_init(
391 &sta->ampdu_mlme.tid_tx[tid]->pending, 388 &sta->ampdu_mlme.tid_tx[tid]->pending,
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 3f47276caeb8..52928ad90570 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -74,19 +74,14 @@ static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex)
74 return 0; 74 return 0;
75} 75}
76 76
77static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex, 77static int ieee80211_change_iface(struct wiphy *wiphy,
78 struct net_device *dev,
78 enum nl80211_iftype type, u32 *flags, 79 enum nl80211_iftype type, u32 *flags,
79 struct vif_params *params) 80 struct vif_params *params)
80{ 81{
81 struct net_device *dev;
82 struct ieee80211_sub_if_data *sdata; 82 struct ieee80211_sub_if_data *sdata;
83 int ret; 83 int ret;
84 84
85 /* we're under RTNL */
86 dev = __dev_get_by_index(&init_net, ifindex);
87 if (!dev)
88 return -ENODEV;
89
90 if (!nl80211_type_check(type)) 85 if (!nl80211_type_check(type))
91 return -EINVAL; 86 return -EINVAL;
92 87
@@ -1177,123 +1172,29 @@ static int ieee80211_scan(struct wiphy *wiphy,
1177static int ieee80211_auth(struct wiphy *wiphy, struct net_device *dev, 1172static int ieee80211_auth(struct wiphy *wiphy, struct net_device *dev,
1178 struct cfg80211_auth_request *req) 1173 struct cfg80211_auth_request *req)
1179{ 1174{
1180 struct ieee80211_sub_if_data *sdata; 1175 return ieee80211_mgd_auth(IEEE80211_DEV_TO_SUB_IF(dev), req);
1181
1182 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1183
1184 switch (req->auth_type) {
1185 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1186 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_OPEN;
1187 break;
1188 case NL80211_AUTHTYPE_SHARED_KEY:
1189 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_SHARED_KEY;
1190 break;
1191 case NL80211_AUTHTYPE_FT:
1192 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_FT;
1193 break;
1194 case NL80211_AUTHTYPE_NETWORK_EAP:
1195 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_LEAP;
1196 break;
1197 default:
1198 return -EOPNOTSUPP;
1199 }
1200
1201 memcpy(sdata->u.mgd.bssid, req->peer_addr, ETH_ALEN);
1202 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
1203 sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
1204
1205 /* TODO: req->chan */
1206 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_CHANNEL_SEL;
1207
1208 if (req->ssid) {
1209 sdata->u.mgd.flags |= IEEE80211_STA_SSID_SET;
1210 memcpy(sdata->u.mgd.ssid, req->ssid, req->ssid_len);
1211 sdata->u.mgd.ssid_len = req->ssid_len;
1212 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
1213 }
1214
1215 kfree(sdata->u.mgd.sme_auth_ie);
1216 sdata->u.mgd.sme_auth_ie = NULL;
1217 sdata->u.mgd.sme_auth_ie_len = 0;
1218 if (req->ie) {
1219 sdata->u.mgd.sme_auth_ie = kmalloc(req->ie_len, GFP_KERNEL);
1220 if (sdata->u.mgd.sme_auth_ie == NULL)
1221 return -ENOMEM;
1222 memcpy(sdata->u.mgd.sme_auth_ie, req->ie, req->ie_len);
1223 sdata->u.mgd.sme_auth_ie_len = req->ie_len;
1224 }
1225
1226 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
1227 sdata->u.mgd.state = IEEE80211_STA_MLME_DIRECT_PROBE;
1228 ieee80211_sta_req_auth(sdata);
1229 return 0;
1230} 1176}
1231 1177
1232static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev, 1178static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev,
1233 struct cfg80211_assoc_request *req) 1179 struct cfg80211_assoc_request *req)
1234{ 1180{
1235 struct ieee80211_sub_if_data *sdata; 1181 return ieee80211_mgd_assoc(IEEE80211_DEV_TO_SUB_IF(dev), req);
1236 int ret;
1237
1238 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1239
1240 if (memcmp(sdata->u.mgd.bssid, req->peer_addr, ETH_ALEN) != 0 ||
1241 !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
1242 return -ENOLINK; /* not authenticated */
1243
1244 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
1245 sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
1246
1247 /* TODO: req->chan */
1248 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_CHANNEL_SEL;
1249
1250 if (req->ssid) {
1251 sdata->u.mgd.flags |= IEEE80211_STA_SSID_SET;
1252 memcpy(sdata->u.mgd.ssid, req->ssid, req->ssid_len);
1253 sdata->u.mgd.ssid_len = req->ssid_len;
1254 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
1255 } else
1256 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
1257
1258 ret = ieee80211_sta_set_extra_ie(sdata, req->ie, req->ie_len);
1259 if (ret && ret != -EALREADY)
1260 return ret;
1261
1262 if (req->use_mfp) {
1263 sdata->u.mgd.mfp = IEEE80211_MFP_REQUIRED;
1264 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED;
1265 } else {
1266 sdata->u.mgd.mfp = IEEE80211_MFP_DISABLED;
1267 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED;
1268 }
1269
1270 if (req->control_port)
1271 sdata->u.mgd.flags |= IEEE80211_STA_CONTROL_PORT;
1272 else
1273 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
1274
1275 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
1276 sdata->u.mgd.state = IEEE80211_STA_MLME_ASSOCIATE;
1277 ieee80211_sta_req_auth(sdata);
1278 return 0;
1279} 1182}
1280 1183
1281static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev, 1184static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev,
1282 struct cfg80211_deauth_request *req) 1185 struct cfg80211_deauth_request *req,
1186 void *cookie)
1283{ 1187{
1284 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1188 return ieee80211_mgd_deauth(IEEE80211_DEV_TO_SUB_IF(dev),
1285 1189 req, cookie);
1286 /* TODO: req->ie, req->peer_addr */
1287 return ieee80211_sta_deauthenticate(sdata, req->reason_code);
1288} 1190}
1289 1191
1290static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev, 1192static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev,
1291 struct cfg80211_disassoc_request *req) 1193 struct cfg80211_disassoc_request *req,
1194 void *cookie)
1292{ 1195{
1293 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1196 return ieee80211_mgd_disassoc(IEEE80211_DEV_TO_SUB_IF(dev),
1294 1197 req, cookie);
1295 /* TODO: req->ie, req->peer_addr */
1296 return ieee80211_sta_disassociate(sdata, req->reason_code);
1297} 1198}
1298 1199
1299static int ieee80211_join_ibss(struct wiphy *wiphy, struct net_device *dev, 1200static int ieee80211_join_ibss(struct wiphy *wiphy, struct net_device *dev,
@@ -1374,6 +1275,16 @@ static int ieee80211_get_tx_power(struct wiphy *wiphy, int *dbm)
1374 return 0; 1275 return 0;
1375} 1276}
1376 1277
1278static int ieee80211_set_wds_peer(struct wiphy *wiphy, struct net_device *dev,
1279 u8 *addr)
1280{
1281 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1282
1283 memcpy(&sdata->u.wds.remote_addr, addr, ETH_ALEN);
1284
1285 return 0;
1286}
1287
1377static void ieee80211_rfkill_poll(struct wiphy *wiphy) 1288static void ieee80211_rfkill_poll(struct wiphy *wiphy)
1378{ 1289{
1379 struct ieee80211_local *local = wiphy_priv(wiphy); 1290 struct ieee80211_local *local = wiphy_priv(wiphy);
@@ -1381,6 +1292,85 @@ static void ieee80211_rfkill_poll(struct wiphy *wiphy)
1381 drv_rfkill_poll(local); 1292 drv_rfkill_poll(local);
1382} 1293}
1383 1294
1295#ifdef CONFIG_NL80211_TESTMODE
1296static int ieee80211_testmode_cmd(struct wiphy *wiphy, void *data, int len)
1297{
1298 struct ieee80211_local *local = wiphy_priv(wiphy);
1299
1300 if (!local->ops->testmode_cmd)
1301 return -EOPNOTSUPP;
1302
1303 return local->ops->testmode_cmd(&local->hw, data, len);
1304}
1305#endif
1306
1307static int ieee80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
1308 bool enabled, int timeout)
1309{
1310 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1311 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1312 struct ieee80211_conf *conf = &local->hw.conf;
1313
1314 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
1315 return -EOPNOTSUPP;
1316
1317 if (enabled == sdata->u.mgd.powersave &&
1318 timeout == conf->dynamic_ps_timeout)
1319 return 0;
1320
1321 sdata->u.mgd.powersave = enabled;
1322 conf->dynamic_ps_timeout = timeout;
1323
1324 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
1325 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1326
1327 ieee80211_recalc_ps(local, -1);
1328
1329 return 0;
1330}
1331
1332static int ieee80211_set_bitrate_mask(struct wiphy *wiphy,
1333 struct net_device *dev,
1334 const u8 *addr,
1335 const struct cfg80211_bitrate_mask *mask)
1336{
1337 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1338 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1339 int i, err = -EINVAL;
1340 u32 target_rate;
1341 struct ieee80211_supported_band *sband;
1342
1343 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1344
1345 /* target_rate = -1, rate->fixed = 0 means auto only, so use all rates
1346 * target_rate = X, rate->fixed = 1 means only rate X
1347 * target_rate = X, rate->fixed = 0 means all rates <= X */
1348 sdata->max_ratectrl_rateidx = -1;
1349 sdata->force_unicast_rateidx = -1;
1350
1351 if (mask->fixed)
1352 target_rate = mask->fixed / 100;
1353 else if (mask->maxrate)
1354 target_rate = mask->maxrate / 100;
1355 else
1356 return 0;
1357
1358 for (i=0; i< sband->n_bitrates; i++) {
1359 struct ieee80211_rate *brate = &sband->bitrates[i];
1360 int this_rate = brate->bitrate;
1361
1362 if (target_rate == this_rate) {
1363 sdata->max_ratectrl_rateidx = i;
1364 if (mask->fixed)
1365 sdata->force_unicast_rateidx = i;
1366 err = 0;
1367 break;
1368 }
1369 }
1370
1371 return err;
1372}
1373
1384struct cfg80211_ops mac80211_config_ops = { 1374struct cfg80211_ops mac80211_config_ops = {
1385 .add_virtual_intf = ieee80211_add_iface, 1375 .add_virtual_intf = ieee80211_add_iface,
1386 .del_virtual_intf = ieee80211_del_iface, 1376 .del_virtual_intf = ieee80211_del_iface,
@@ -1422,5 +1412,9 @@ struct cfg80211_ops mac80211_config_ops = {
1422 .set_wiphy_params = ieee80211_set_wiphy_params, 1412 .set_wiphy_params = ieee80211_set_wiphy_params,
1423 .set_tx_power = ieee80211_set_tx_power, 1413 .set_tx_power = ieee80211_set_tx_power,
1424 .get_tx_power = ieee80211_get_tx_power, 1414 .get_tx_power = ieee80211_get_tx_power,
1415 .set_wds_peer = ieee80211_set_wds_peer,
1425 .rfkill_poll = ieee80211_rfkill_poll, 1416 .rfkill_poll = ieee80211_rfkill_poll,
1417 CFG80211_TESTMODE_CMD(ieee80211_testmode_cmd)
1418 .set_power_mgmt = ieee80211_set_power_mgmt,
1419 .set_bitrate_mask = ieee80211_set_bitrate_mask,
1426}; 1420};
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index 6c439cd5ccea..96991b68f048 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -175,7 +175,7 @@ static ssize_t queues_read(struct file *file, char __user *user_buf,
175 for (q = 0; q < local->hw.queues; q++) 175 for (q = 0; q < local->hw.queues; q++)
176 res += sprintf(buf + res, "%02d: %#.8lx/%d\n", q, 176 res += sprintf(buf + res, "%02d: %#.8lx/%d\n", q,
177 local->queue_stop_reasons[q], 177 local->queue_stop_reasons[q],
178 __netif_subqueue_stopped(local->mdev, q)); 178 skb_queue_len(&local->pending[q]));
179 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 179 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
180 180
181 return simple_read_from_buffer(user_buf, count, ppos, buf, res); 181 return simple_read_from_buffer(user_buf, count, ppos, buf, res);
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index e3420329f4e6..e9ec6cae2d39 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -95,33 +95,9 @@ IEEE80211_IF_FILE(force_unicast_rateidx, force_unicast_rateidx, DEC);
95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC); 95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC);
96 96
97/* STA attributes */ 97/* STA attributes */
98IEEE80211_IF_FILE(state, u.mgd.state, DEC);
99IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC); 98IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC);
100IEEE80211_IF_FILE(prev_bssid, u.mgd.prev_bssid, MAC);
101IEEE80211_IF_FILE(ssid_len, u.mgd.ssid_len, SIZE);
102IEEE80211_IF_FILE(aid, u.mgd.aid, DEC); 99IEEE80211_IF_FILE(aid, u.mgd.aid, DEC);
103IEEE80211_IF_FILE(ap_capab, u.mgd.ap_capab, HEX);
104IEEE80211_IF_FILE(capab, u.mgd.capab, HEX); 100IEEE80211_IF_FILE(capab, u.mgd.capab, HEX);
105IEEE80211_IF_FILE(extra_ie_len, u.mgd.extra_ie_len, SIZE);
106IEEE80211_IF_FILE(auth_tries, u.mgd.auth_tries, DEC);
107IEEE80211_IF_FILE(assoc_tries, u.mgd.assoc_tries, DEC);
108IEEE80211_IF_FILE(auth_algs, u.mgd.auth_algs, HEX);
109IEEE80211_IF_FILE(auth_alg, u.mgd.auth_alg, DEC);
110IEEE80211_IF_FILE(auth_transaction, u.mgd.auth_transaction, DEC);
111
112static ssize_t ieee80211_if_fmt_flags(
113 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
114{
115 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n",
116 sdata->u.mgd.flags & IEEE80211_STA_SSID_SET ? "SSID\n" : "",
117 sdata->u.mgd.flags & IEEE80211_STA_BSSID_SET ? "BSSID\n" : "",
118 sdata->u.mgd.flags & IEEE80211_STA_PREV_BSSID_SET ? "prev BSSID\n" : "",
119 sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED ? "AUTH\n" : "",
120 sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED ? "ASSOC\n" : "",
121 sdata->u.mgd.flags & IEEE80211_STA_PROBEREQ_POLL ? "PROBEREQ POLL\n" : "",
122 sdata->vif.bss_conf.use_cts_prot ? "CTS prot\n" : "");
123}
124__IEEE80211_IF_FILE(flags);
125 101
126/* AP attributes */ 102/* AP attributes */
127IEEE80211_IF_FILE(num_sta_ps, u.ap.num_sta_ps, ATOMIC); 103IEEE80211_IF_FILE(num_sta_ps, u.ap.num_sta_ps, ATOMIC);
@@ -184,20 +160,9 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
184 DEBUGFS_ADD(force_unicast_rateidx, sta); 160 DEBUGFS_ADD(force_unicast_rateidx, sta);
185 DEBUGFS_ADD(max_ratectrl_rateidx, sta); 161 DEBUGFS_ADD(max_ratectrl_rateidx, sta);
186 162
187 DEBUGFS_ADD(state, sta);
188 DEBUGFS_ADD(bssid, sta); 163 DEBUGFS_ADD(bssid, sta);
189 DEBUGFS_ADD(prev_bssid, sta);
190 DEBUGFS_ADD(ssid_len, sta);
191 DEBUGFS_ADD(aid, sta); 164 DEBUGFS_ADD(aid, sta);
192 DEBUGFS_ADD(ap_capab, sta);
193 DEBUGFS_ADD(capab, sta); 165 DEBUGFS_ADD(capab, sta);
194 DEBUGFS_ADD(extra_ie_len, sta);
195 DEBUGFS_ADD(auth_tries, sta);
196 DEBUGFS_ADD(assoc_tries, sta);
197 DEBUGFS_ADD(auth_algs, sta);
198 DEBUGFS_ADD(auth_alg, sta);
199 DEBUGFS_ADD(auth_transaction, sta);
200 DEBUGFS_ADD(flags, sta);
201} 166}
202 167
203static void add_ap_files(struct ieee80211_sub_if_data *sdata) 168static void add_ap_files(struct ieee80211_sub_if_data *sdata)
@@ -317,20 +282,9 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
317 DEBUGFS_DEL(force_unicast_rateidx, sta); 282 DEBUGFS_DEL(force_unicast_rateidx, sta);
318 DEBUGFS_DEL(max_ratectrl_rateidx, sta); 283 DEBUGFS_DEL(max_ratectrl_rateidx, sta);
319 284
320 DEBUGFS_DEL(state, sta);
321 DEBUGFS_DEL(bssid, sta); 285 DEBUGFS_DEL(bssid, sta);
322 DEBUGFS_DEL(prev_bssid, sta);
323 DEBUGFS_DEL(ssid_len, sta);
324 DEBUGFS_DEL(aid, sta); 286 DEBUGFS_DEL(aid, sta);
325 DEBUGFS_DEL(ap_capab, sta);
326 DEBUGFS_DEL(capab, sta); 287 DEBUGFS_DEL(capab, sta);
327 DEBUGFS_DEL(extra_ie_len, sta);
328 DEBUGFS_DEL(auth_tries, sta);
329 DEBUGFS_DEL(assoc_tries, sta);
330 DEBUGFS_DEL(auth_algs, sta);
331 DEBUGFS_DEL(auth_alg, sta);
332 DEBUGFS_DEL(auth_transaction, sta);
333 DEBUGFS_DEL(flags, sta);
334} 288}
335 289
336static void del_ap_files(struct ieee80211_sub_if_data *sdata) 290static void del_ap_files(struct ieee80211_sub_if_data *sdata)
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index 90230c718b5b..33a2e892115b 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -120,45 +120,38 @@ STA_OPS(last_seq_ctrl);
120static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf, 120static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf,
121 size_t count, loff_t *ppos) 121 size_t count, loff_t *ppos)
122{ 122{
123 char buf[768], *p = buf; 123 char buf[30 + STA_TID_NUM * 70], *p = buf;
124 int i; 124 int i;
125 struct sta_info *sta = file->private_data; 125 struct sta_info *sta = file->private_data;
126 p += scnprintf(p, sizeof(buf)+buf-p, "Agg state for STA is:\n");
127 p += scnprintf(p, sizeof(buf)+buf-p, " STA next dialog_token is %d \n "
128 "TIDs info is: \n TID :",
129 (sta->ampdu_mlme.dialog_token_allocator + 1));
130 for (i = 0; i < STA_TID_NUM; i++)
131 p += scnprintf(p, sizeof(buf)+buf-p, "%5d", i);
132
133 p += scnprintf(p, sizeof(buf)+buf-p, "\n RX :");
134 for (i = 0; i < STA_TID_NUM; i++)
135 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
136 sta->ampdu_mlme.tid_state_rx[i]);
137
138 p += scnprintf(p, sizeof(buf)+buf-p, "\n DTKN:");
139 for (i = 0; i < STA_TID_NUM; i++)
140 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
141 sta->ampdu_mlme.tid_state_rx[i] ?
142 sta->ampdu_mlme.tid_rx[i]->dialog_token : 0);
143
144 p += scnprintf(p, sizeof(buf)+buf-p, "\n TX :");
145 for (i = 0; i < STA_TID_NUM; i++)
146 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
147 sta->ampdu_mlme.tid_state_tx[i]);
148
149 p += scnprintf(p, sizeof(buf)+buf-p, "\n DTKN:");
150 for (i = 0; i < STA_TID_NUM; i++)
151 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
152 sta->ampdu_mlme.tid_state_tx[i] ?
153 sta->ampdu_mlme.tid_tx[i]->dialog_token : 0);
154
155 p += scnprintf(p, sizeof(buf)+buf-p, "\n SSN :");
156 for (i = 0; i < STA_TID_NUM; i++)
157 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
158 sta->ampdu_mlme.tid_state_tx[i] ?
159 sta->ampdu_mlme.tid_tx[i]->ssn : 0);
160 126
161 p += scnprintf(p, sizeof(buf)+buf-p, "\n"); 127 spin_lock_bh(&sta->lock);
128 p += scnprintf(p, sizeof(buf)+buf-p, "next dialog_token is %#02x\n",
129 sta->ampdu_mlme.dialog_token_allocator + 1);
130 for (i = 0; i < STA_TID_NUM; i++) {
131 p += scnprintf(p, sizeof(buf)+buf-p, "TID %02d:", i);
132 p += scnprintf(p, sizeof(buf)+buf-p, " RX=%x",
133 sta->ampdu_mlme.tid_state_rx[i]);
134 p += scnprintf(p, sizeof(buf)+buf-p, "/DTKN=%#.2x",
135 sta->ampdu_mlme.tid_state_rx[i] ?
136 sta->ampdu_mlme.tid_rx[i]->dialog_token : 0);
137 p += scnprintf(p, sizeof(buf)+buf-p, "/SSN=%#.3x",
138 sta->ampdu_mlme.tid_state_rx[i] ?
139 sta->ampdu_mlme.tid_rx[i]->ssn : 0);
140
141 p += scnprintf(p, sizeof(buf)+buf-p, " TX=%x",
142 sta->ampdu_mlme.tid_state_tx[i]);
143 p += scnprintf(p, sizeof(buf)+buf-p, "/DTKN=%#.2x",
144 sta->ampdu_mlme.tid_state_tx[i] ?
145 sta->ampdu_mlme.tid_tx[i]->dialog_token : 0);
146 p += scnprintf(p, sizeof(buf)+buf-p, "/SSN=%#.3x",
147 sta->ampdu_mlme.tid_state_tx[i] ?
148 sta->ampdu_mlme.tid_tx[i]->ssn : 0);
149 p += scnprintf(p, sizeof(buf)+buf-p, "/pending=%03d",
150 sta->ampdu_mlme.tid_state_tx[i] ?
151 skb_queue_len(&sta->ampdu_mlme.tid_tx[i]->pending) : 0);
152 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
153 }
154 spin_unlock_bh(&sta->lock);
162 155
163 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); 156 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
164} 157}
@@ -203,6 +196,22 @@ void ieee80211_sta_debugfs_add(struct sta_info *sta)
203 DEBUGFS_ADD(inactive_ms); 196 DEBUGFS_ADD(inactive_ms);
204 DEBUGFS_ADD(last_seq_ctrl); 197 DEBUGFS_ADD(last_seq_ctrl);
205 DEBUGFS_ADD(agg_status); 198 DEBUGFS_ADD(agg_status);
199 DEBUGFS_ADD(dev);
200 DEBUGFS_ADD(rx_packets);
201 DEBUGFS_ADD(tx_packets);
202 DEBUGFS_ADD(rx_bytes);
203 DEBUGFS_ADD(tx_bytes);
204 DEBUGFS_ADD(rx_duplicates);
205 DEBUGFS_ADD(rx_fragments);
206 DEBUGFS_ADD(rx_dropped);
207 DEBUGFS_ADD(tx_fragments);
208 DEBUGFS_ADD(tx_filtered);
209 DEBUGFS_ADD(tx_retry_failed);
210 DEBUGFS_ADD(tx_retry_count);
211 DEBUGFS_ADD(last_signal);
212 DEBUGFS_ADD(last_qual);
213 DEBUGFS_ADD(last_noise);
214 DEBUGFS_ADD(wep_weak_iv_count);
206} 215}
207 216
208void ieee80211_sta_debugfs_remove(struct sta_info *sta) 217void ieee80211_sta_debugfs_remove(struct sta_info *sta)
@@ -212,6 +221,23 @@ void ieee80211_sta_debugfs_remove(struct sta_info *sta)
212 DEBUGFS_DEL(inactive_ms); 221 DEBUGFS_DEL(inactive_ms);
213 DEBUGFS_DEL(last_seq_ctrl); 222 DEBUGFS_DEL(last_seq_ctrl);
214 DEBUGFS_DEL(agg_status); 223 DEBUGFS_DEL(agg_status);
224 DEBUGFS_DEL(aid);
225 DEBUGFS_DEL(dev);
226 DEBUGFS_DEL(rx_packets);
227 DEBUGFS_DEL(tx_packets);
228 DEBUGFS_DEL(rx_bytes);
229 DEBUGFS_DEL(tx_bytes);
230 DEBUGFS_DEL(rx_duplicates);
231 DEBUGFS_DEL(rx_fragments);
232 DEBUGFS_DEL(rx_dropped);
233 DEBUGFS_DEL(tx_fragments);
234 DEBUGFS_DEL(tx_filtered);
235 DEBUGFS_DEL(tx_retry_failed);
236 DEBUGFS_DEL(tx_retry_count);
237 DEBUGFS_DEL(last_signal);
238 DEBUGFS_DEL(last_qual);
239 DEBUGFS_DEL(last_noise);
240 DEBUGFS_DEL(wep_weak_iv_count);
215 241
216 debugfs_remove(sta->debugfs.dir); 242 debugfs_remove(sta->debugfs.dir);
217 sta->debugfs.dir = NULL; 243 sta->debugfs.dir = NULL;
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index b13446afd48f..4100c361a99d 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -3,6 +3,7 @@
3 3
4#include <net/mac80211.h> 4#include <net/mac80211.h>
5#include "ieee80211_i.h" 5#include "ieee80211_i.h"
6#include "driver-trace.h"
6 7
7static inline int drv_tx(struct ieee80211_local *local, struct sk_buff *skb) 8static inline int drv_tx(struct ieee80211_local *local, struct sk_buff *skb)
8{ 9{
@@ -11,29 +12,37 @@ static inline int drv_tx(struct ieee80211_local *local, struct sk_buff *skb)
11 12
12static inline int drv_start(struct ieee80211_local *local) 13static inline int drv_start(struct ieee80211_local *local)
13{ 14{
14 return local->ops->start(&local->hw); 15 int ret = local->ops->start(&local->hw);
16 trace_drv_start(local, ret);
17 return ret;
15} 18}
16 19
17static inline void drv_stop(struct ieee80211_local *local) 20static inline void drv_stop(struct ieee80211_local *local)
18{ 21{
19 local->ops->stop(&local->hw); 22 local->ops->stop(&local->hw);
23 trace_drv_stop(local);
20} 24}
21 25
22static inline int drv_add_interface(struct ieee80211_local *local, 26static inline int drv_add_interface(struct ieee80211_local *local,
23 struct ieee80211_if_init_conf *conf) 27 struct ieee80211_if_init_conf *conf)
24{ 28{
25 return local->ops->add_interface(&local->hw, conf); 29 int ret = local->ops->add_interface(&local->hw, conf);
30 trace_drv_add_interface(local, conf->mac_addr, conf->vif, ret);
31 return ret;
26} 32}
27 33
28static inline void drv_remove_interface(struct ieee80211_local *local, 34static inline void drv_remove_interface(struct ieee80211_local *local,
29 struct ieee80211_if_init_conf *conf) 35 struct ieee80211_if_init_conf *conf)
30{ 36{
31 local->ops->remove_interface(&local->hw, conf); 37 local->ops->remove_interface(&local->hw, conf);
38 trace_drv_remove_interface(local, conf->mac_addr, conf->vif);
32} 39}
33 40
34static inline int drv_config(struct ieee80211_local *local, u32 changed) 41static inline int drv_config(struct ieee80211_local *local, u32 changed)
35{ 42{
36 return local->ops->config(&local->hw, changed); 43 int ret = local->ops->config(&local->hw, changed);
44 trace_drv_config(local, changed, ret);
45 return ret;
37} 46}
38 47
39static inline void drv_bss_info_changed(struct ieee80211_local *local, 48static inline void drv_bss_info_changed(struct ieee80211_local *local,
@@ -43,6 +52,7 @@ static inline void drv_bss_info_changed(struct ieee80211_local *local,
43{ 52{
44 if (local->ops->bss_info_changed) 53 if (local->ops->bss_info_changed)
45 local->ops->bss_info_changed(&local->hw, vif, info, changed); 54 local->ops->bss_info_changed(&local->hw, vif, info, changed);
55 trace_drv_bss_info_changed(local, vif, info, changed);
46} 56}
47 57
48static inline void drv_configure_filter(struct ieee80211_local *local, 58static inline void drv_configure_filter(struct ieee80211_local *local,
@@ -53,14 +63,18 @@ static inline void drv_configure_filter(struct ieee80211_local *local,
53{ 63{
54 local->ops->configure_filter(&local->hw, changed_flags, total_flags, 64 local->ops->configure_filter(&local->hw, changed_flags, total_flags,
55 mc_count, mc_list); 65 mc_count, mc_list);
66 trace_drv_configure_filter(local, changed_flags, total_flags,
67 mc_count);
56} 68}
57 69
58static inline int drv_set_tim(struct ieee80211_local *local, 70static inline int drv_set_tim(struct ieee80211_local *local,
59 struct ieee80211_sta *sta, bool set) 71 struct ieee80211_sta *sta, bool set)
60{ 72{
73 int ret = 0;
61 if (local->ops->set_tim) 74 if (local->ops->set_tim)
62 return local->ops->set_tim(&local->hw, sta, set); 75 ret = local->ops->set_tim(&local->hw, sta, set);
63 return 0; 76 trace_drv_set_tim(local, sta, set, ret);
77 return ret;
64} 78}
65 79
66static inline int drv_set_key(struct ieee80211_local *local, 80static inline int drv_set_key(struct ieee80211_local *local,
@@ -68,7 +82,9 @@ static inline int drv_set_key(struct ieee80211_local *local,
68 struct ieee80211_sta *sta, 82 struct ieee80211_sta *sta,
69 struct ieee80211_key_conf *key) 83 struct ieee80211_key_conf *key)
70{ 84{
71 return local->ops->set_key(&local->hw, cmd, vif, sta, key); 85 int ret = local->ops->set_key(&local->hw, cmd, vif, sta, key);
86 trace_drv_set_key(local, cmd, vif, sta, key, ret);
87 return ret;
72} 88}
73 89
74static inline void drv_update_tkip_key(struct ieee80211_local *local, 90static inline void drv_update_tkip_key(struct ieee80211_local *local,
@@ -79,32 +95,41 @@ static inline void drv_update_tkip_key(struct ieee80211_local *local,
79 if (local->ops->update_tkip_key) 95 if (local->ops->update_tkip_key)
80 local->ops->update_tkip_key(&local->hw, conf, address, 96 local->ops->update_tkip_key(&local->hw, conf, address,
81 iv32, phase1key); 97 iv32, phase1key);
98 trace_drv_update_tkip_key(local, conf, address, iv32);
82} 99}
83 100
84static inline int drv_hw_scan(struct ieee80211_local *local, 101static inline int drv_hw_scan(struct ieee80211_local *local,
85 struct cfg80211_scan_request *req) 102 struct cfg80211_scan_request *req)
86{ 103{
87 return local->ops->hw_scan(&local->hw, req); 104 int ret = local->ops->hw_scan(&local->hw, req);
105 trace_drv_hw_scan(local, req, ret);
106 return ret;
88} 107}
89 108
90static inline void drv_sw_scan_start(struct ieee80211_local *local) 109static inline void drv_sw_scan_start(struct ieee80211_local *local)
91{ 110{
92 if (local->ops->sw_scan_start) 111 if (local->ops->sw_scan_start)
93 local->ops->sw_scan_start(&local->hw); 112 local->ops->sw_scan_start(&local->hw);
113 trace_drv_sw_scan_start(local);
94} 114}
95 115
96static inline void drv_sw_scan_complete(struct ieee80211_local *local) 116static inline void drv_sw_scan_complete(struct ieee80211_local *local)
97{ 117{
98 if (local->ops->sw_scan_complete) 118 if (local->ops->sw_scan_complete)
99 local->ops->sw_scan_complete(&local->hw); 119 local->ops->sw_scan_complete(&local->hw);
120 trace_drv_sw_scan_complete(local);
100} 121}
101 122
102static inline int drv_get_stats(struct ieee80211_local *local, 123static inline int drv_get_stats(struct ieee80211_local *local,
103 struct ieee80211_low_level_stats *stats) 124 struct ieee80211_low_level_stats *stats)
104{ 125{
105 if (!local->ops->get_stats) 126 int ret = -EOPNOTSUPP;
106 return -EOPNOTSUPP; 127
107 return local->ops->get_stats(&local->hw, stats); 128 if (local->ops->get_stats)
129 ret = local->ops->get_stats(&local->hw, stats);
130 trace_drv_get_stats(local, stats, ret);
131
132 return ret;
108} 133}
109 134
110static inline void drv_get_tkip_seq(struct ieee80211_local *local, 135static inline void drv_get_tkip_seq(struct ieee80211_local *local,
@@ -112,14 +137,17 @@ static inline void drv_get_tkip_seq(struct ieee80211_local *local,
112{ 137{
113 if (local->ops->get_tkip_seq) 138 if (local->ops->get_tkip_seq)
114 local->ops->get_tkip_seq(&local->hw, hw_key_idx, iv32, iv16); 139 local->ops->get_tkip_seq(&local->hw, hw_key_idx, iv32, iv16);
140 trace_drv_get_tkip_seq(local, hw_key_idx, iv32, iv16);
115} 141}
116 142
117static inline int drv_set_rts_threshold(struct ieee80211_local *local, 143static inline int drv_set_rts_threshold(struct ieee80211_local *local,
118 u32 value) 144 u32 value)
119{ 145{
146 int ret = 0;
120 if (local->ops->set_rts_threshold) 147 if (local->ops->set_rts_threshold)
121 return local->ops->set_rts_threshold(&local->hw, value); 148 ret = local->ops->set_rts_threshold(&local->hw, value);
122 return 0; 149 trace_drv_set_rts_threshold(local, value, ret);
150 return ret;
123} 151}
124 152
125static inline void drv_sta_notify(struct ieee80211_local *local, 153static inline void drv_sta_notify(struct ieee80211_local *local,
@@ -129,46 +157,57 @@ static inline void drv_sta_notify(struct ieee80211_local *local,
129{ 157{
130 if (local->ops->sta_notify) 158 if (local->ops->sta_notify)
131 local->ops->sta_notify(&local->hw, vif, cmd, sta); 159 local->ops->sta_notify(&local->hw, vif, cmd, sta);
160 trace_drv_sta_notify(local, vif, cmd, sta);
132} 161}
133 162
134static inline int drv_conf_tx(struct ieee80211_local *local, u16 queue, 163static inline int drv_conf_tx(struct ieee80211_local *local, u16 queue,
135 const struct ieee80211_tx_queue_params *params) 164 const struct ieee80211_tx_queue_params *params)
136{ 165{
166 int ret = -EOPNOTSUPP;
137 if (local->ops->conf_tx) 167 if (local->ops->conf_tx)
138 return local->ops->conf_tx(&local->hw, queue, params); 168 ret = local->ops->conf_tx(&local->hw, queue, params);
139 return -EOPNOTSUPP; 169 trace_drv_conf_tx(local, queue, params, ret);
170 return ret;
140} 171}
141 172
142static inline int drv_get_tx_stats(struct ieee80211_local *local, 173static inline int drv_get_tx_stats(struct ieee80211_local *local,
143 struct ieee80211_tx_queue_stats *stats) 174 struct ieee80211_tx_queue_stats *stats)
144{ 175{
145 return local->ops->get_tx_stats(&local->hw, stats); 176 int ret = local->ops->get_tx_stats(&local->hw, stats);
177 trace_drv_get_tx_stats(local, stats, ret);
178 return ret;
146} 179}
147 180
148static inline u64 drv_get_tsf(struct ieee80211_local *local) 181static inline u64 drv_get_tsf(struct ieee80211_local *local)
149{ 182{
183 u64 ret = -1ULL;
150 if (local->ops->get_tsf) 184 if (local->ops->get_tsf)
151 return local->ops->get_tsf(&local->hw); 185 ret = local->ops->get_tsf(&local->hw);
152 return -1ULL; 186 trace_drv_get_tsf(local, ret);
187 return ret;
153} 188}
154 189
155static inline void drv_set_tsf(struct ieee80211_local *local, u64 tsf) 190static inline void drv_set_tsf(struct ieee80211_local *local, u64 tsf)
156{ 191{
157 if (local->ops->set_tsf) 192 if (local->ops->set_tsf)
158 local->ops->set_tsf(&local->hw, tsf); 193 local->ops->set_tsf(&local->hw, tsf);
194 trace_drv_set_tsf(local, tsf);
159} 195}
160 196
161static inline void drv_reset_tsf(struct ieee80211_local *local) 197static inline void drv_reset_tsf(struct ieee80211_local *local)
162{ 198{
163 if (local->ops->reset_tsf) 199 if (local->ops->reset_tsf)
164 local->ops->reset_tsf(&local->hw); 200 local->ops->reset_tsf(&local->hw);
201 trace_drv_reset_tsf(local);
165} 202}
166 203
167static inline int drv_tx_last_beacon(struct ieee80211_local *local) 204static inline int drv_tx_last_beacon(struct ieee80211_local *local)
168{ 205{
206 int ret = 1;
169 if (local->ops->tx_last_beacon) 207 if (local->ops->tx_last_beacon)
170 return local->ops->tx_last_beacon(&local->hw); 208 ret = local->ops->tx_last_beacon(&local->hw);
171 return 1; 209 trace_drv_tx_last_beacon(local, ret);
210 return ret;
172} 211}
173 212
174static inline int drv_ampdu_action(struct ieee80211_local *local, 213static inline int drv_ampdu_action(struct ieee80211_local *local,
@@ -176,10 +215,12 @@ static inline int drv_ampdu_action(struct ieee80211_local *local,
176 struct ieee80211_sta *sta, u16 tid, 215 struct ieee80211_sta *sta, u16 tid,
177 u16 *ssn) 216 u16 *ssn)
178{ 217{
218 int ret = -EOPNOTSUPP;
179 if (local->ops->ampdu_action) 219 if (local->ops->ampdu_action)
180 return local->ops->ampdu_action(&local->hw, action, 220 ret = local->ops->ampdu_action(&local->hw, action,
181 sta, tid, ssn); 221 sta, tid, ssn);
182 return -EOPNOTSUPP; 222 trace_drv_ampdu_action(local, action, sta, tid, ssn, ret);
223 return ret;
183} 224}
184 225
185 226
diff --git a/net/mac80211/driver-trace.c b/net/mac80211/driver-trace.c
new file mode 100644
index 000000000000..6da6f79932fc
--- /dev/null
+++ b/net/mac80211/driver-trace.c
@@ -0,0 +1,6 @@
1/* bug in tracepoint.h, it should include this */
2#include <linux/module.h>
3
4#include "driver-ops.h"
5#define CREATE_TRACE_POINTS
6#include "driver-trace.h"
diff --git a/net/mac80211/driver-trace.h b/net/mac80211/driver-trace.h
new file mode 100644
index 000000000000..5a10da2d70fd
--- /dev/null
+++ b/net/mac80211/driver-trace.h
@@ -0,0 +1,648 @@
1#if !defined(__MAC80211_DRIVER_TRACE) || defined(TRACE_HEADER_MULTI_READ)
2#define __MAC80211_DRIVER_TRACE
3
4#include <linux/tracepoint.h>
5#include <net/mac80211.h>
6#include "ieee80211_i.h"
7
8#if !defined(CONFIG_MAC80211_DRIVER_API_TRACER) || defined(__CHECKER__)
9#undef TRACE_EVENT
10#define TRACE_EVENT(name, proto, ...) \
11static inline void trace_ ## name(proto) {}
12#endif
13
14#undef TRACE_SYSTEM
15#define TRACE_SYSTEM mac80211
16
17#define MAXNAME 32
18#define LOCAL_ENTRY __array(char, wiphy_name, 32)
19#define LOCAL_ASSIGN strlcpy(__entry->wiphy_name, wiphy_name(local->hw.wiphy), MAXNAME)
20#define LOCAL_PR_FMT "%s"
21#define LOCAL_PR_ARG __entry->wiphy_name
22
23#define STA_ENTRY __array(char, sta_addr, ETH_ALEN)
24#define STA_ASSIGN (sta ? memcpy(__entry->sta_addr, sta->addr, ETH_ALEN) : memset(__entry->sta_addr, 0, ETH_ALEN))
25#define STA_PR_FMT " sta:%pM"
26#define STA_PR_ARG __entry->sta_addr
27
28#define VIF_ENTRY __field(enum nl80211_iftype, vif_type) __field(void *, vif)
29#define VIF_ASSIGN __entry->vif_type = vif ? vif->type : 0; __entry->vif = vif
30#define VIF_PR_FMT " vif:%p(%d)"
31#define VIF_PR_ARG __entry->vif, __entry->vif_type
32
33TRACE_EVENT(drv_start,
34 TP_PROTO(struct ieee80211_local *local, int ret),
35
36 TP_ARGS(local, ret),
37
38 TP_STRUCT__entry(
39 LOCAL_ENTRY
40 __field(int, ret)
41 ),
42
43 TP_fast_assign(
44 LOCAL_ASSIGN;
45 __entry->ret = ret;
46 ),
47
48 TP_printk(
49 LOCAL_PR_FMT, LOCAL_PR_ARG
50 )
51);
52
53TRACE_EVENT(drv_stop,
54 TP_PROTO(struct ieee80211_local *local),
55
56 TP_ARGS(local),
57
58 TP_STRUCT__entry(
59 LOCAL_ENTRY
60 ),
61
62 TP_fast_assign(
63 LOCAL_ASSIGN;
64 ),
65
66 TP_printk(
67 LOCAL_PR_FMT, LOCAL_PR_ARG
68 )
69);
70
71TRACE_EVENT(drv_add_interface,
72 TP_PROTO(struct ieee80211_local *local,
73 const u8 *addr,
74 struct ieee80211_vif *vif,
75 int ret),
76
77 TP_ARGS(local, addr, vif, ret),
78
79 TP_STRUCT__entry(
80 LOCAL_ENTRY
81 VIF_ENTRY
82 __array(char, addr, 6)
83 __field(int, ret)
84 ),
85
86 TP_fast_assign(
87 LOCAL_ASSIGN;
88 VIF_ASSIGN;
89 memcpy(__entry->addr, addr, 6);
90 __entry->ret = ret;
91 ),
92
93 TP_printk(
94 LOCAL_PR_FMT VIF_PR_FMT " addr:%pM ret:%d",
95 LOCAL_PR_ARG, VIF_PR_ARG, __entry->addr, __entry->ret
96 )
97);
98
99TRACE_EVENT(drv_remove_interface,
100 TP_PROTO(struct ieee80211_local *local,
101 const u8 *addr, struct ieee80211_vif *vif),
102
103 TP_ARGS(local, addr, vif),
104
105 TP_STRUCT__entry(
106 LOCAL_ENTRY
107 VIF_ENTRY
108 __array(char, addr, 6)
109 ),
110
111 TP_fast_assign(
112 LOCAL_ASSIGN;
113 VIF_ASSIGN;
114 memcpy(__entry->addr, addr, 6);
115 ),
116
117 TP_printk(
118 LOCAL_PR_FMT VIF_PR_FMT " addr:%pM",
119 LOCAL_PR_ARG, VIF_PR_ARG, __entry->addr
120 )
121);
122
123TRACE_EVENT(drv_config,
124 TP_PROTO(struct ieee80211_local *local,
125 u32 changed,
126 int ret),
127
128 TP_ARGS(local, changed, ret),
129
130 TP_STRUCT__entry(
131 LOCAL_ENTRY
132 __field(u32, changed)
133 __field(int, ret)
134 ),
135
136 TP_fast_assign(
137 LOCAL_ASSIGN;
138 __entry->changed = changed;
139 __entry->ret = ret;
140 ),
141
142 TP_printk(
143 LOCAL_PR_FMT " ch:%#x ret:%d",
144 LOCAL_PR_ARG, __entry->changed, __entry->ret
145 )
146);
147
148TRACE_EVENT(drv_bss_info_changed,
149 TP_PROTO(struct ieee80211_local *local,
150 struct ieee80211_vif *vif,
151 struct ieee80211_bss_conf *info,
152 u32 changed),
153
154 TP_ARGS(local, vif, info, changed),
155
156 TP_STRUCT__entry(
157 LOCAL_ENTRY
158 VIF_ENTRY
159 __field(bool, assoc)
160 __field(u16, aid)
161 __field(bool, cts)
162 __field(bool, shortpre)
163 __field(bool, shortslot)
164 __field(u8, dtimper)
165 __field(u16, bcnint)
166 __field(u16, assoc_cap)
167 __field(u64, timestamp)
168 __field(u32, basic_rates)
169 __field(u32, changed)
170 ),
171
172 TP_fast_assign(
173 LOCAL_ASSIGN;
174 VIF_ASSIGN;
175 __entry->changed = changed;
176 __entry->aid = info->aid;
177 __entry->assoc = info->assoc;
178 __entry->shortpre = info->use_short_preamble;
179 __entry->cts = info->use_cts_prot;
180 __entry->shortslot = info->use_short_slot;
181 __entry->dtimper = info->dtim_period;
182 __entry->bcnint = info->beacon_int;
183 __entry->assoc_cap = info->assoc_capability;
184 __entry->timestamp = info->timestamp;
185 __entry->basic_rates = info->basic_rates;
186 ),
187
188 TP_printk(
189 LOCAL_PR_FMT VIF_PR_FMT " changed:%#x",
190 LOCAL_PR_ARG, VIF_PR_ARG, __entry->changed
191 )
192);
193
194TRACE_EVENT(drv_configure_filter,
195 TP_PROTO(struct ieee80211_local *local,
196 unsigned int changed_flags,
197 unsigned int *total_flags,
198 int mc_count),
199
200 TP_ARGS(local, changed_flags, total_flags, mc_count),
201
202 TP_STRUCT__entry(
203 LOCAL_ENTRY
204 __field(unsigned int, changed)
205 __field(unsigned int, total)
206 __field(int, mc)
207 ),
208
209 TP_fast_assign(
210 LOCAL_ASSIGN;
211 __entry->changed = changed_flags;
212 __entry->total = *total_flags;
213 __entry->mc = mc_count;
214 ),
215
216 TP_printk(
217 LOCAL_PR_FMT " changed:%#x total:%#x mc:%d",
218 LOCAL_PR_ARG, __entry->changed, __entry->total, __entry->mc
219 )
220);
221
222TRACE_EVENT(drv_set_tim,
223 TP_PROTO(struct ieee80211_local *local,
224 struct ieee80211_sta *sta, bool set, int ret),
225
226 TP_ARGS(local, sta, set, ret),
227
228 TP_STRUCT__entry(
229 LOCAL_ENTRY
230 STA_ENTRY
231 __field(bool, set)
232 __field(int, ret)
233 ),
234
235 TP_fast_assign(
236 LOCAL_ASSIGN;
237 STA_ASSIGN;
238 __entry->set = set;
239 __entry->ret = ret;
240 ),
241
242 TP_printk(
243 LOCAL_PR_FMT STA_PR_FMT " set:%d ret:%d",
244 LOCAL_PR_ARG, STA_PR_FMT, __entry->set, __entry->ret
245 )
246);
247
248TRACE_EVENT(drv_set_key,
249 TP_PROTO(struct ieee80211_local *local,
250 enum set_key_cmd cmd, struct ieee80211_vif *vif,
251 struct ieee80211_sta *sta,
252 struct ieee80211_key_conf *key, int ret),
253
254 TP_ARGS(local, cmd, vif, sta, key, ret),
255
256 TP_STRUCT__entry(
257 LOCAL_ENTRY
258 VIF_ENTRY
259 STA_ENTRY
260 __field(enum ieee80211_key_alg, alg)
261 __field(u8, hw_key_idx)
262 __field(u8, flags)
263 __field(s8, keyidx)
264 __field(int, ret)
265 ),
266
267 TP_fast_assign(
268 LOCAL_ASSIGN;
269 VIF_ASSIGN;
270 STA_ASSIGN;
271 __entry->alg = key->alg;
272 __entry->flags = key->flags;
273 __entry->keyidx = key->keyidx;
274 __entry->hw_key_idx = key->hw_key_idx;
275 __entry->ret = ret;
276 ),
277
278 TP_printk(
279 LOCAL_PR_FMT VIF_PR_FMT STA_PR_FMT " ret:%d",
280 LOCAL_PR_ARG, VIF_PR_ARG, STA_PR_ARG, __entry->ret
281 )
282);
283
284TRACE_EVENT(drv_update_tkip_key,
285 TP_PROTO(struct ieee80211_local *local,
286 struct ieee80211_key_conf *conf,
287 const u8 *address, u32 iv32),
288
289 TP_ARGS(local, conf, address, iv32),
290
291 TP_STRUCT__entry(
292 LOCAL_ENTRY
293 __array(u8, addr, 6)
294 __field(u32, iv32)
295 ),
296
297 TP_fast_assign(
298 LOCAL_ASSIGN;
299 memcpy(__entry->addr, address, 6);
300 __entry->iv32 = iv32;
301 ),
302
303 TP_printk(
304 LOCAL_PR_FMT " addr:%pM iv32:%#x",
305 LOCAL_PR_ARG, __entry->addr, __entry->iv32
306 )
307);
308
309TRACE_EVENT(drv_hw_scan,
310 TP_PROTO(struct ieee80211_local *local,
311 struct cfg80211_scan_request *req, int ret),
312
313 TP_ARGS(local, req, ret),
314
315 TP_STRUCT__entry(
316 LOCAL_ENTRY
317 __field(int, ret)
318 ),
319
320 TP_fast_assign(
321 LOCAL_ASSIGN;
322 __entry->ret = ret;
323 ),
324
325 TP_printk(
326 LOCAL_PR_FMT " ret:%d",
327 LOCAL_PR_ARG, __entry->ret
328 )
329);
330
331TRACE_EVENT(drv_sw_scan_start,
332 TP_PROTO(struct ieee80211_local *local),
333
334 TP_ARGS(local),
335
336 TP_STRUCT__entry(
337 LOCAL_ENTRY
338 ),
339
340 TP_fast_assign(
341 LOCAL_ASSIGN;
342 ),
343
344 TP_printk(
345 LOCAL_PR_FMT, LOCAL_PR_ARG
346 )
347);
348
349TRACE_EVENT(drv_sw_scan_complete,
350 TP_PROTO(struct ieee80211_local *local),
351
352 TP_ARGS(local),
353
354 TP_STRUCT__entry(
355 LOCAL_ENTRY
356 ),
357
358 TP_fast_assign(
359 LOCAL_ASSIGN;
360 ),
361
362 TP_printk(
363 LOCAL_PR_FMT, LOCAL_PR_ARG
364 )
365);
366
367TRACE_EVENT(drv_get_stats,
368 TP_PROTO(struct ieee80211_local *local,
369 struct ieee80211_low_level_stats *stats,
370 int ret),
371
372 TP_ARGS(local, stats, ret),
373
374 TP_STRUCT__entry(
375 LOCAL_ENTRY
376 __field(int, ret)
377 __field(unsigned int, ackfail)
378 __field(unsigned int, rtsfail)
379 __field(unsigned int, fcserr)
380 __field(unsigned int, rtssucc)
381 ),
382
383 TP_fast_assign(
384 LOCAL_ASSIGN;
385 __entry->ret = ret;
386 __entry->ackfail = stats->dot11ACKFailureCount;
387 __entry->rtsfail = stats->dot11RTSFailureCount;
388 __entry->fcserr = stats->dot11FCSErrorCount;
389 __entry->rtssucc = stats->dot11RTSSuccessCount;
390 ),
391
392 TP_printk(
393 LOCAL_PR_FMT " ret:%d",
394 LOCAL_PR_ARG, __entry->ret
395 )
396);
397
398TRACE_EVENT(drv_get_tkip_seq,
399 TP_PROTO(struct ieee80211_local *local,
400 u8 hw_key_idx, u32 *iv32, u16 *iv16),
401
402 TP_ARGS(local, hw_key_idx, iv32, iv16),
403
404 TP_STRUCT__entry(
405 LOCAL_ENTRY
406 __field(u8, hw_key_idx)
407 __field(u32, iv32)
408 __field(u16, iv16)
409 ),
410
411 TP_fast_assign(
412 LOCAL_ASSIGN;
413 __entry->hw_key_idx = hw_key_idx;
414 __entry->iv32 = *iv32;
415 __entry->iv16 = *iv16;
416 ),
417
418 TP_printk(
419 LOCAL_PR_FMT, LOCAL_PR_ARG
420 )
421);
422
423TRACE_EVENT(drv_set_rts_threshold,
424 TP_PROTO(struct ieee80211_local *local, u32 value, int ret),
425
426 TP_ARGS(local, value, ret),
427
428 TP_STRUCT__entry(
429 LOCAL_ENTRY
430 __field(u32, value)
431 __field(int, ret)
432 ),
433
434 TP_fast_assign(
435 LOCAL_ASSIGN;
436 __entry->ret = ret;
437 __entry->value = value;
438 ),
439
440 TP_printk(
441 LOCAL_PR_FMT " value:%d ret:%d",
442 LOCAL_PR_ARG, __entry->value, __entry->ret
443 )
444);
445
446TRACE_EVENT(drv_sta_notify,
447 TP_PROTO(struct ieee80211_local *local,
448 struct ieee80211_vif *vif,
449 enum sta_notify_cmd cmd,
450 struct ieee80211_sta *sta),
451
452 TP_ARGS(local, vif, cmd, sta),
453
454 TP_STRUCT__entry(
455 LOCAL_ENTRY
456 VIF_ENTRY
457 STA_ENTRY
458 __field(u32, cmd)
459 ),
460
461 TP_fast_assign(
462 LOCAL_ASSIGN;
463 VIF_ASSIGN;
464 STA_ASSIGN;
465 __entry->cmd = cmd;
466 ),
467
468 TP_printk(
469 LOCAL_PR_FMT VIF_PR_FMT STA_PR_FMT " cmd:%d",
470 LOCAL_PR_ARG, VIF_PR_ARG, STA_PR_ARG, __entry->cmd
471 )
472);
473
474TRACE_EVENT(drv_conf_tx,
475 TP_PROTO(struct ieee80211_local *local, u16 queue,
476 const struct ieee80211_tx_queue_params *params,
477 int ret),
478
479 TP_ARGS(local, queue, params, ret),
480
481 TP_STRUCT__entry(
482 LOCAL_ENTRY
483 __field(u16, queue)
484 __field(u16, txop)
485 __field(u16, cw_min)
486 __field(u16, cw_max)
487 __field(u8, aifs)
488 __field(int, ret)
489 ),
490
491 TP_fast_assign(
492 LOCAL_ASSIGN;
493 __entry->queue = queue;
494 __entry->ret = ret;
495 __entry->txop = params->txop;
496 __entry->cw_max = params->cw_max;
497 __entry->cw_min = params->cw_min;
498 __entry->aifs = params->aifs;
499 ),
500
501 TP_printk(
502 LOCAL_PR_FMT " queue:%d ret:%d",
503 LOCAL_PR_ARG, __entry->queue, __entry->ret
504 )
505);
506
507TRACE_EVENT(drv_get_tx_stats,
508 TP_PROTO(struct ieee80211_local *local,
509 struct ieee80211_tx_queue_stats *stats,
510 int ret),
511
512 TP_ARGS(local, stats, ret),
513
514 TP_STRUCT__entry(
515 LOCAL_ENTRY
516 __field(int, ret)
517 ),
518
519 TP_fast_assign(
520 LOCAL_ASSIGN;
521 __entry->ret = ret;
522 ),
523
524 TP_printk(
525 LOCAL_PR_FMT " ret:%d",
526 LOCAL_PR_ARG, __entry->ret
527 )
528);
529
530TRACE_EVENT(drv_get_tsf,
531 TP_PROTO(struct ieee80211_local *local, u64 ret),
532
533 TP_ARGS(local, ret),
534
535 TP_STRUCT__entry(
536 LOCAL_ENTRY
537 __field(u64, ret)
538 ),
539
540 TP_fast_assign(
541 LOCAL_ASSIGN;
542 __entry->ret = ret;
543 ),
544
545 TP_printk(
546 LOCAL_PR_FMT " ret:%llu",
547 LOCAL_PR_ARG, (unsigned long long)__entry->ret
548 )
549);
550
551TRACE_EVENT(drv_set_tsf,
552 TP_PROTO(struct ieee80211_local *local, u64 tsf),
553
554 TP_ARGS(local, tsf),
555
556 TP_STRUCT__entry(
557 LOCAL_ENTRY
558 __field(u64, tsf)
559 ),
560
561 TP_fast_assign(
562 LOCAL_ASSIGN;
563 __entry->tsf = tsf;
564 ),
565
566 TP_printk(
567 LOCAL_PR_FMT " tsf:%llu",
568 LOCAL_PR_ARG, (unsigned long long)__entry->tsf
569 )
570);
571
572TRACE_EVENT(drv_reset_tsf,
573 TP_PROTO(struct ieee80211_local *local),
574
575 TP_ARGS(local),
576
577 TP_STRUCT__entry(
578 LOCAL_ENTRY
579 ),
580
581 TP_fast_assign(
582 LOCAL_ASSIGN;
583 ),
584
585 TP_printk(
586 LOCAL_PR_FMT, LOCAL_PR_ARG
587 )
588);
589
590TRACE_EVENT(drv_tx_last_beacon,
591 TP_PROTO(struct ieee80211_local *local, int ret),
592
593 TP_ARGS(local, ret),
594
595 TP_STRUCT__entry(
596 LOCAL_ENTRY
597 __field(int, ret)
598 ),
599
600 TP_fast_assign(
601 LOCAL_ASSIGN;
602 __entry->ret = ret;
603 ),
604
605 TP_printk(
606 LOCAL_PR_FMT " ret:%d",
607 LOCAL_PR_ARG, __entry->ret
608 )
609);
610
611TRACE_EVENT(drv_ampdu_action,
612 TP_PROTO(struct ieee80211_local *local,
613 enum ieee80211_ampdu_mlme_action action,
614 struct ieee80211_sta *sta, u16 tid,
615 u16 *ssn, int ret),
616
617 TP_ARGS(local, action, sta, tid, ssn, ret),
618
619 TP_STRUCT__entry(
620 LOCAL_ENTRY
621 STA_ENTRY
622 __field(u32, action)
623 __field(u16, tid)
624 __field(u16, ssn)
625 __field(int, ret)
626 ),
627
628 TP_fast_assign(
629 LOCAL_ASSIGN;
630 STA_ASSIGN;
631 __entry->ret = ret;
632 __entry->action = action;
633 __entry->tid = tid;
634 __entry->ssn = *ssn;
635 ),
636
637 TP_printk(
638 LOCAL_PR_FMT STA_PR_FMT " action:%d tid:%d ret:%d",
639 LOCAL_PR_ARG, STA_PR_ARG, __entry->action, __entry->tid, __entry->ret
640 )
641);
642#endif /* !__MAC80211_DRIVER_TRACE || TRACE_HEADER_MULTI_READ */
643
644#undef TRACE_INCLUDE_PATH
645#define TRACE_INCLUDE_PATH .
646#undef TRACE_INCLUDE_FILE
647#define TRACE_INCLUDE_FILE driver-trace
648#include <trace/define_trace.h>
diff --git a/net/mac80211/event.c b/net/mac80211/event.c
index f288d01a6344..01ae759518f6 100644
--- a/net/mac80211/event.c
+++ b/net/mac80211/event.c
@@ -7,8 +7,7 @@
7 * 7 *
8 * mac80211 - events 8 * mac80211 - events
9 */ 9 */
10 10#include <net/cfg80211.h>
11#include <net/iw_handler.h>
12#include "ieee80211_i.h" 11#include "ieee80211_i.h"
13 12
14/* 13/*
@@ -17,26 +16,12 @@
17 * driver or is still in the frame), it should provide that information. 16 * driver or is still in the frame), it should provide that information.
18 */ 17 */
19void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx, 18void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx,
20 struct ieee80211_hdr *hdr, const u8 *tsc) 19 struct ieee80211_hdr *hdr, const u8 *tsc,
20 gfp_t gfp)
21{ 21{
22 union iwreq_data wrqu;
23 char *buf = kmalloc(128, GFP_ATOMIC);
24
25 if (buf) {
26 /* TODO: needed parameters: count, key type, TSC */
27 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
28 "keyid=%d %scast addr=%pM)",
29 keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
30 hdr->addr2);
31 memset(&wrqu, 0, sizeof(wrqu));
32 wrqu.data.length = strlen(buf);
33 wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
34 kfree(buf);
35 }
36
37 cfg80211_michael_mic_failure(sdata->dev, hdr->addr2, 22 cfg80211_michael_mic_failure(sdata->dev, hdr->addr2,
38 (hdr->addr1[0] & 0x01) ? 23 (hdr->addr1[0] & 0x01) ?
39 NL80211_KEYTYPE_GROUP : 24 NL80211_KEYTYPE_GROUP :
40 NL80211_KEYTYPE_PAIRWISE, 25 NL80211_KEYTYPE_PAIRWISE,
41 keyidx, tsc); 26 keyidx, tsc, gfp);
42} 27}
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 0b30277eb366..8e2220000e5c 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -57,7 +57,7 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
57 */ 57 */
58 if (auth_alg == WLAN_AUTH_OPEN && auth_transaction == 1) 58 if (auth_alg == WLAN_AUTH_OPEN && auth_transaction == 1)
59 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0, 59 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0,
60 sdata->u.ibss.bssid, 0); 60 sdata->u.ibss.bssid, NULL, 0, 0);
61} 61}
62 62
63static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 63static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
@@ -494,7 +494,7 @@ static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
494 494
495 capability = WLAN_CAPABILITY_IBSS; 495 capability = WLAN_CAPABILITY_IBSS;
496 496
497 if (sdata->default_key) 497 if (ifibss->privacy)
498 capability |= WLAN_CAPABILITY_PRIVACY; 498 capability |= WLAN_CAPABILITY_PRIVACY;
499 else 499 else
500 sdata->drop_unencrypted = 0; 500 sdata->drop_unencrypted = 0;
@@ -524,9 +524,8 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
524 return; 524 return;
525 525
526 capability = WLAN_CAPABILITY_IBSS; 526 capability = WLAN_CAPABILITY_IBSS;
527 if (sdata->default_key) 527 if (ifibss->privacy)
528 capability |= WLAN_CAPABILITY_PRIVACY; 528 capability |= WLAN_CAPABILITY_PRIVACY;
529
530 if (ifibss->fixed_bssid) 529 if (ifibss->fixed_bssid)
531 bssid = ifibss->bssid; 530 bssid = ifibss->bssid;
532 if (ifibss->fixed_channel) 531 if (ifibss->fixed_channel)
@@ -705,7 +704,7 @@ static void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
705 struct ieee80211_mgmt *mgmt; 704 struct ieee80211_mgmt *mgmt;
706 u16 fc; 705 u16 fc;
707 706
708 rx_status = (struct ieee80211_rx_status *) skb->cb; 707 rx_status = IEEE80211_SKB_RXCB(skb);
709 mgmt = (struct ieee80211_mgmt *) skb->data; 708 mgmt = (struct ieee80211_mgmt *) skb->data;
710 fc = le16_to_cpu(mgmt->frame_control); 709 fc = le16_to_cpu(mgmt->frame_control);
711 710
@@ -836,8 +835,7 @@ void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
836} 835}
837 836
838ieee80211_rx_result 837ieee80211_rx_result
839ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 838ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
840 struct ieee80211_rx_status *rx_status)
841{ 839{
842 struct ieee80211_local *local = sdata->local; 840 struct ieee80211_local *local = sdata->local;
843 struct ieee80211_mgmt *mgmt; 841 struct ieee80211_mgmt *mgmt;
@@ -852,7 +850,6 @@ ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
852 switch (fc & IEEE80211_FCTL_STYPE) { 850 switch (fc & IEEE80211_FCTL_STYPE) {
853 case IEEE80211_STYPE_PROBE_RESP: 851 case IEEE80211_STYPE_PROBE_RESP:
854 case IEEE80211_STYPE_BEACON: 852 case IEEE80211_STYPE_BEACON:
855 memcpy(skb->cb, rx_status, sizeof(*rx_status));
856 case IEEE80211_STYPE_PROBE_REQ: 853 case IEEE80211_STYPE_PROBE_REQ:
857 case IEEE80211_STYPE_AUTH: 854 case IEEE80211_STYPE_AUTH:
858 skb_queue_tail(&sdata->u.ibss.skb_queue, skb); 855 skb_queue_tail(&sdata->u.ibss.skb_queue, skb);
@@ -874,6 +871,8 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
874 } else 871 } else
875 sdata->u.ibss.fixed_bssid = false; 872 sdata->u.ibss.fixed_bssid = false;
876 873
874 sdata->u.ibss.privacy = params->privacy;
875
877 sdata->vif.bss_conf.beacon_int = params->beacon_interval; 876 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
878 877
879 sdata->u.ibss.channel = params->channel; 878 sdata->u.ibss.channel = params->channel;
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 68eb5052179a..6a0177137dd5 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -227,86 +227,79 @@ struct mesh_preq_queue {
227 u8 flags; 227 u8 flags;
228}; 228};
229 229
230enum ieee80211_mgd_state {
231 IEEE80211_MGD_STATE_IDLE,
232 IEEE80211_MGD_STATE_PROBE,
233 IEEE80211_MGD_STATE_AUTH,
234 IEEE80211_MGD_STATE_ASSOC,
235};
236
237struct ieee80211_mgd_work {
238 struct list_head list;
239 struct ieee80211_bss *bss;
240 int ie_len;
241 u8 prev_bssid[ETH_ALEN];
242 u8 ssid[IEEE80211_MAX_SSID_LEN];
243 u8 ssid_len;
244 unsigned long timeout;
245 enum ieee80211_mgd_state state;
246 u16 auth_alg, auth_transaction;
247
248 int tries;
249
250 u8 key[WLAN_KEY_LEN_WEP104];
251 u8 key_len, key_idx;
252
253 /* must be last */
254 u8 ie[0]; /* for auth or assoc frame, not probe */
255};
256
230/* flags used in struct ieee80211_if_managed.flags */ 257/* flags used in struct ieee80211_if_managed.flags */
231#define IEEE80211_STA_SSID_SET BIT(0) 258enum ieee80211_sta_flags {
232#define IEEE80211_STA_BSSID_SET BIT(1) 259 IEEE80211_STA_BEACON_POLL = BIT(0),
233#define IEEE80211_STA_PREV_BSSID_SET BIT(2) 260 IEEE80211_STA_CONNECTION_POLL = BIT(1),
234#define IEEE80211_STA_AUTHENTICATED BIT(3) 261 IEEE80211_STA_CONTROL_PORT = BIT(2),
235#define IEEE80211_STA_ASSOCIATED BIT(4) 262 IEEE80211_STA_WMM_ENABLED = BIT(3),
236#define IEEE80211_STA_PROBEREQ_POLL BIT(5) 263 IEEE80211_STA_DISABLE_11N = BIT(4),
237#define IEEE80211_STA_CREATE_IBSS BIT(6) 264 IEEE80211_STA_CSA_RECEIVED = BIT(5),
238#define IEEE80211_STA_CONTROL_PORT BIT(7) 265 IEEE80211_STA_MFP_ENABLED = BIT(6),
239#define IEEE80211_STA_WMM_ENABLED BIT(8) 266};
240/* hole at 9, please re-use */
241#define IEEE80211_STA_AUTO_SSID_SEL BIT(10)
242#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11)
243#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12)
244#define IEEE80211_STA_PRIVACY_INVOKED BIT(13)
245#define IEEE80211_STA_TKIP_WEP_USED BIT(14)
246#define IEEE80211_STA_CSA_RECEIVED BIT(15)
247#define IEEE80211_STA_MFP_ENABLED BIT(16)
248#define IEEE80211_STA_EXT_SME BIT(17)
249/* flags for MLME request */
250#define IEEE80211_STA_REQ_SCAN 0
251#define IEEE80211_STA_REQ_AUTH 1
252#define IEEE80211_STA_REQ_RUN 2
253 267
254/* bitfield of allowed auth algs */ 268/* flags for MLME request */
255#define IEEE80211_AUTH_ALG_OPEN BIT(0) 269enum ieee80211_sta_request {
256#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1) 270 IEEE80211_STA_REQ_SCAN,
257#define IEEE80211_AUTH_ALG_LEAP BIT(2) 271};
258#define IEEE80211_AUTH_ALG_FT BIT(3)
259 272
260struct ieee80211_if_managed { 273struct ieee80211_if_managed {
261 struct timer_list timer; 274 struct timer_list timer;
275 struct timer_list conn_mon_timer;
276 struct timer_list bcn_mon_timer;
262 struct timer_list chswitch_timer; 277 struct timer_list chswitch_timer;
263 struct work_struct work; 278 struct work_struct work;
279 struct work_struct monitor_work;
264 struct work_struct chswitch_work; 280 struct work_struct chswitch_work;
265 struct work_struct beacon_loss_work; 281 struct work_struct beacon_loss_work;
266 282
267 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN]; 283 unsigned long probe_timeout;
268 284
269 u8 ssid[IEEE80211_MAX_SSID_LEN]; 285 struct mutex mtx;
270 size_t ssid_len; 286 struct ieee80211_bss *associated;
287 struct list_head work_list;
271 288
272 enum { 289 u8 bssid[ETH_ALEN];
273 IEEE80211_STA_MLME_DISABLED,
274 IEEE80211_STA_MLME_DIRECT_PROBE,
275 IEEE80211_STA_MLME_AUTHENTICATE,
276 IEEE80211_STA_MLME_ASSOCIATE,
277 IEEE80211_STA_MLME_ASSOCIATED,
278 } state;
279 290
280 u16 aid; 291 u16 aid;
281 u16 ap_capab, capab; 292 u16 capab;
282 u8 *extra_ie; /* to be added to the end of AssocReq */
283 size_t extra_ie_len;
284
285 /* The last AssocReq/Resp IEs */
286 u8 *assocreq_ies, *assocresp_ies;
287 size_t assocreq_ies_len, assocresp_ies_len;
288 293
289 struct sk_buff_head skb_queue; 294 struct sk_buff_head skb_queue;
290 295
291 int assoc_scan_tries; /* number of scans done pre-association */
292 int direct_probe_tries; /* retries for direct probes */
293 int auth_tries; /* retries for auth req */
294 int assoc_tries; /* retries for assoc req */
295
296 unsigned long timers_running; /* used for quiesce/restart */ 296 unsigned long timers_running; /* used for quiesce/restart */
297 bool powersave; /* powersave requested for this iface */ 297 bool powersave; /* powersave requested for this iface */
298 298
299 unsigned long request; 299 unsigned long request;
300 300
301 unsigned long last_probe;
302 unsigned long last_beacon;
303
304 unsigned int flags; 301 unsigned int flags;
305 302
306 unsigned int auth_algs; /* bitfield of allowed auth algs */
307 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */
308 int auth_transaction;
309
310 u32 beacon_crc; 303 u32 beacon_crc;
311 304
312 enum { 305 enum {
@@ -316,10 +309,6 @@ struct ieee80211_if_managed {
316 } mfp; /* management frame protection */ 309 } mfp; /* management frame protection */
317 310
318 int wmm_last_param_set; 311 int wmm_last_param_set;
319
320 /* Extra IE data for management frames */
321 u8 *sme_auth_ie;
322 size_t sme_auth_ie_len;
323}; 312};
324 313
325enum ieee80211_ibss_request { 314enum ieee80211_ibss_request {
@@ -339,6 +328,7 @@ struct ieee80211_if_ibss {
339 328
340 bool fixed_bssid; 329 bool fixed_bssid;
341 bool fixed_channel; 330 bool fixed_channel;
331 bool privacy;
342 332
343 u8 bssid[ETH_ALEN]; 333 u8 bssid[ETH_ALEN];
344 u8 ssid[IEEE80211_MAX_SSID_LEN]; 334 u8 ssid[IEEE80211_MAX_SSID_LEN];
@@ -478,20 +468,9 @@ struct ieee80211_sub_if_data {
478 union { 468 union {
479 struct { 469 struct {
480 struct dentry *drop_unencrypted; 470 struct dentry *drop_unencrypted;
481 struct dentry *state;
482 struct dentry *bssid; 471 struct dentry *bssid;
483 struct dentry *prev_bssid;
484 struct dentry *ssid_len;
485 struct dentry *aid; 472 struct dentry *aid;
486 struct dentry *ap_capab;
487 struct dentry *capab; 473 struct dentry *capab;
488 struct dentry *extra_ie_len;
489 struct dentry *auth_tries;
490 struct dentry *assoc_tries;
491 struct dentry *auth_algs;
492 struct dentry *auth_alg;
493 struct dentry *auth_transaction;
494 struct dentry *flags;
495 struct dentry *force_unicast_rateidx; 474 struct dentry *force_unicast_rateidx;
496 struct dentry *max_ratectrl_rateidx; 475 struct dentry *max_ratectrl_rateidx;
497 } sta; 476 } sta;
@@ -588,14 +567,9 @@ enum queue_stop_reason {
588 IEEE80211_QUEUE_STOP_REASON_CSA, 567 IEEE80211_QUEUE_STOP_REASON_CSA,
589 IEEE80211_QUEUE_STOP_REASON_AGGREGATION, 568 IEEE80211_QUEUE_STOP_REASON_AGGREGATION,
590 IEEE80211_QUEUE_STOP_REASON_SUSPEND, 569 IEEE80211_QUEUE_STOP_REASON_SUSPEND,
591 IEEE80211_QUEUE_STOP_REASON_PENDING,
592 IEEE80211_QUEUE_STOP_REASON_SKB_ADD, 570 IEEE80211_QUEUE_STOP_REASON_SKB_ADD,
593}; 571};
594 572
595struct ieee80211_master_priv {
596 struct ieee80211_local *local;
597};
598
599struct ieee80211_local { 573struct ieee80211_local {
600 /* embed the driver visible part. 574 /* embed the driver visible part.
601 * don't cast (use the static inlines below), but we keep 575 * don't cast (use the static inlines below), but we keep
@@ -608,13 +582,20 @@ struct ieee80211_local {
608 /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */ 582 /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */
609 spinlock_t queue_stop_reason_lock; 583 spinlock_t queue_stop_reason_lock;
610 584
611 struct net_device *mdev; /* wmaster# - "master" 802.11 device */
612 int open_count; 585 int open_count;
613 int monitors, cooked_mntrs; 586 int monitors, cooked_mntrs;
614 /* number of interfaces with corresponding FIF_ flags */ 587 /* number of interfaces with corresponding FIF_ flags */
615 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss; 588 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss;
616 unsigned int filter_flags; /* FIF_* */ 589 unsigned int filter_flags; /* FIF_* */
617 struct iw_statistics wstats; 590 struct iw_statistics wstats;
591
592 /* protects the aggregated multicast list and filter calls */
593 spinlock_t filter_lock;
594
595 /* aggregated multicast list */
596 struct dev_addr_list *mc_list;
597 int mc_count;
598
618 bool tim_in_locked_section; /* see ieee80211_beacon_get() */ 599 bool tim_in_locked_section; /* see ieee80211_beacon_get() */
619 600
620 /* 601 /*
@@ -834,10 +815,6 @@ struct ieee80211_local {
834static inline struct ieee80211_sub_if_data * 815static inline struct ieee80211_sub_if_data *
835IEEE80211_DEV_TO_SUB_IF(struct net_device *dev) 816IEEE80211_DEV_TO_SUB_IF(struct net_device *dev)
836{ 817{
837 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
838
839 BUG_ON(!local || local->mdev == dev);
840
841 return netdev_priv(dev); 818 return netdev_priv(dev);
842} 819}
843 820
@@ -942,16 +919,18 @@ extern const struct iw_handler_def ieee80211_iw_handler_def;
942 919
943/* STA code */ 920/* STA code */
944void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata); 921void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata);
922int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
923 struct cfg80211_auth_request *req);
924int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
925 struct cfg80211_assoc_request *req);
926int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
927 struct cfg80211_deauth_request *req,
928 void *cookie);
929int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
930 struct cfg80211_disassoc_request *req,
931 void *cookie);
945ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, 932ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
946 struct sk_buff *skb, 933 struct sk_buff *skb);
947 struct ieee80211_rx_status *rx_status);
948int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata);
949int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len);
950int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len);
951int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid);
952void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata);
953int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason);
954int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason);
955void ieee80211_send_pspoll(struct ieee80211_local *local, 934void ieee80211_send_pspoll(struct ieee80211_local *local,
956 struct ieee80211_sub_if_data *sdata); 935 struct ieee80211_sub_if_data *sdata);
957void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency); 936void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency);
@@ -967,8 +946,7 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata);
967void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local); 946void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local);
968void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata); 947void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata);
969ieee80211_rx_result 948ieee80211_rx_result
970ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 949ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb);
971 struct ieee80211_rx_status *rx_status);
972struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, 950struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
973 u8 *bssid, u8 *addr, u32 supp_rates); 951 u8 *bssid, u8 *addr, u32 supp_rates);
974int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata, 952int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
@@ -983,16 +961,9 @@ int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
983 const u8 *ssid, u8 ssid_len); 961 const u8 *ssid, u8 ssid_len);
984int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 962int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
985 struct cfg80211_scan_request *req); 963 struct cfg80211_scan_request *req);
986int ieee80211_scan_results(struct ieee80211_local *local,
987 struct iw_request_info *info,
988 char *buf, size_t len);
989void ieee80211_scan_cancel(struct ieee80211_local *local); 964void ieee80211_scan_cancel(struct ieee80211_local *local);
990ieee80211_rx_result 965ieee80211_rx_result
991ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, 966ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb);
992 struct sk_buff *skb,
993 struct ieee80211_rx_status *rx_status);
994int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata,
995 const char *ie, size_t len);
996 967
997void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local); 968void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local);
998struct ieee80211_bss * 969struct ieee80211_bss *
@@ -1008,8 +979,6 @@ ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
1008 u8 *ssid, u8 ssid_len); 979 u8 *ssid, u8 ssid_len);
1009void ieee80211_rx_bss_put(struct ieee80211_local *local, 980void ieee80211_rx_bss_put(struct ieee80211_local *local,
1010 struct ieee80211_bss *bss); 981 struct ieee80211_bss *bss);
1011void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
1012 int freq, u8 *ssid, u8 ssid_len);
1013 982
1014/* interface handling */ 983/* interface handling */
1015int ieee80211_if_add(struct ieee80211_local *local, const char *name, 984int ieee80211_if_add(struct ieee80211_local *local, const char *name,
@@ -1025,7 +994,6 @@ void ieee80211_recalc_idle(struct ieee80211_local *local);
1025/* tx handling */ 994/* tx handling */
1026void ieee80211_clear_tx_pending(struct ieee80211_local *local); 995void ieee80211_clear_tx_pending(struct ieee80211_local *local);
1027void ieee80211_tx_pending(unsigned long data); 996void ieee80211_tx_pending(unsigned long data);
1028int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev);
1029int ieee80211_monitor_start_xmit(struct sk_buff *skb, struct net_device *dev); 997int ieee80211_monitor_start_xmit(struct sk_buff *skb, struct net_device *dev);
1030int ieee80211_subif_start_xmit(struct sk_buff *skb, struct net_device *dev); 998int ieee80211_subif_start_xmit(struct sk_buff *skb, struct net_device *dev);
1031 999
@@ -1092,7 +1060,8 @@ u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len,
1092int ieee80211_frame_duration(struct ieee80211_local *local, size_t len, 1060int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
1093 int rate, int erp, int short_preamble); 1061 int rate, int erp, int short_preamble);
1094void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx, 1062void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx,
1095 struct ieee80211_hdr *hdr, const u8 *tsc); 1063 struct ieee80211_hdr *hdr, const u8 *tsc,
1064 gfp_t gfp);
1096void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata); 1065void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata);
1097void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 1066void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
1098 int encrypt); 1067 int encrypt);
@@ -1129,8 +1098,8 @@ int ieee80211_add_pending_skbs(struct ieee80211_local *local,
1129 1098
1130void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, 1099void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1131 u16 transaction, u16 auth_alg, 1100 u16 transaction, u16 auth_alg,
1132 u8 *extra, size_t extra_len, 1101 u8 *extra, size_t extra_len, const u8 *bssid,
1133 const u8 *bssid, int encrypt); 1102 const u8 *key, u8 key_len, u8 key_idx);
1134int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 1103int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
1135 const u8 *ie, size_t ie_len); 1104 const u8 *ie, size_t ie_len);
1136void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 1105void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index b7c8a4484298..2f797a86ced5 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -190,10 +190,6 @@ static int ieee80211_open(struct net_device *dev)
190 ETH_ALEN); 190 ETH_ALEN);
191 } 191 }
192 192
193 if (compare_ether_addr(null_addr, local->mdev->dev_addr) == 0)
194 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr,
195 ETH_ALEN);
196
197 /* 193 /*
198 * Validate the MAC address for this device. 194 * Validate the MAC address for this device.
199 */ 195 */
@@ -229,13 +225,10 @@ static int ieee80211_open(struct net_device *dev)
229 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS) 225 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
230 local->fif_other_bss++; 226 local->fif_other_bss++;
231 227
232 netif_addr_lock_bh(local->mdev); 228 spin_lock_bh(&local->filter_lock);
233 ieee80211_configure_filter(local); 229 ieee80211_configure_filter(local);
234 netif_addr_unlock_bh(local->mdev); 230 spin_unlock_bh(&local->filter_lock);
235 break; 231 break;
236 case NL80211_IFTYPE_STATION:
237 sdata->u.mgd.flags &= ~IEEE80211_STA_PREV_BSSID_SET;
238 /* fall through */
239 default: 232 default:
240 conf.vif = &sdata->vif; 233 conf.vif = &sdata->vif;
241 conf.type = sdata->vif.type; 234 conf.type = sdata->vif.type;
@@ -246,9 +239,9 @@ static int ieee80211_open(struct net_device *dev)
246 239
247 if (ieee80211_vif_is_mesh(&sdata->vif)) { 240 if (ieee80211_vif_is_mesh(&sdata->vif)) {
248 local->fif_other_bss++; 241 local->fif_other_bss++;
249 netif_addr_lock_bh(local->mdev); 242 spin_lock_bh(&local->filter_lock);
250 ieee80211_configure_filter(local); 243 ieee80211_configure_filter(local);
251 netif_addr_unlock_bh(local->mdev); 244 spin_unlock_bh(&local->filter_lock);
252 245
253 ieee80211_start_mesh(sdata); 246 ieee80211_start_mesh(sdata);
254 } 247 }
@@ -282,10 +275,6 @@ static int ieee80211_open(struct net_device *dev)
282 } 275 }
283 276
284 if (local->open_count == 0) { 277 if (local->open_count == 0) {
285 res = dev_open(local->mdev);
286 WARN_ON(res);
287 if (res)
288 goto err_del_interface;
289 tasklet_enable(&local->tx_pending_tasklet); 278 tasklet_enable(&local->tx_pending_tasklet);
290 tasklet_enable(&local->tasklet); 279 tasklet_enable(&local->tasklet);
291 } 280 }
@@ -366,18 +355,6 @@ static int ieee80211_stop(struct net_device *dev)
366 rcu_read_unlock(); 355 rcu_read_unlock();
367 356
368 /* 357 /*
369 * Announce that we are leaving the network, in case we are a
370 * station interface type. This must be done before removing
371 * all stations associated with sta_info_flush, otherwise STA
372 * information will be gone and no announce being done.
373 */
374 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
375 if (sdata->u.mgd.state != IEEE80211_STA_MLME_DISABLED)
376 ieee80211_sta_deauthenticate(sdata,
377 WLAN_REASON_DEAUTH_LEAVING);
378 }
379
380 /*
381 * Remove all stations associated with this interface. 358 * Remove all stations associated with this interface.
382 * 359 *
383 * This must be done before calling ops->remove_interface() 360 * This must be done before calling ops->remove_interface()
@@ -408,7 +385,14 @@ static int ieee80211_stop(struct net_device *dev)
408 if (sdata->flags & IEEE80211_SDATA_PROMISC) 385 if (sdata->flags & IEEE80211_SDATA_PROMISC)
409 atomic_dec(&local->iff_promiscs); 386 atomic_dec(&local->iff_promiscs);
410 387
411 dev_mc_unsync(local->mdev, dev); 388 netif_addr_lock_bh(dev);
389 spin_lock_bh(&local->filter_lock);
390 __dev_addr_unsync(&local->mc_list, &local->mc_count,
391 &dev->mc_list, &dev->mc_count);
392 ieee80211_configure_filter(local);
393 spin_unlock_bh(&local->filter_lock);
394 netif_addr_unlock_bh(dev);
395
412 del_timer_sync(&local->dynamic_ps_timer); 396 del_timer_sync(&local->dynamic_ps_timer);
413 cancel_work_sync(&local->dynamic_ps_enable_work); 397 cancel_work_sync(&local->dynamic_ps_enable_work);
414 398
@@ -457,24 +441,25 @@ static int ieee80211_stop(struct net_device *dev)
457 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS) 441 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
458 local->fif_other_bss--; 442 local->fif_other_bss--;
459 443
460 netif_addr_lock_bh(local->mdev); 444 spin_lock_bh(&local->filter_lock);
461 ieee80211_configure_filter(local); 445 ieee80211_configure_filter(local);
462 netif_addr_unlock_bh(local->mdev); 446 spin_unlock_bh(&local->filter_lock);
463 break; 447 break;
464 case NL80211_IFTYPE_STATION: 448 case NL80211_IFTYPE_STATION:
465 memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
466 del_timer_sync(&sdata->u.mgd.chswitch_timer); 449 del_timer_sync(&sdata->u.mgd.chswitch_timer);
467 del_timer_sync(&sdata->u.mgd.timer); 450 del_timer_sync(&sdata->u.mgd.timer);
451 del_timer_sync(&sdata->u.mgd.conn_mon_timer);
452 del_timer_sync(&sdata->u.mgd.bcn_mon_timer);
468 /* 453 /*
469 * If the timer fired while we waited for it, it will have 454 * If any of the timers fired while we waited for it, it will
470 * requeued the work. Now the work will be running again 455 * have queued its work. Now the work will be running again
471 * but will not rearm the timer again because it checks 456 * but will not rearm the timer again because it checks
472 * whether the interface is running, which, at this point, 457 * whether the interface is running, which, at this point,
473 * it no longer is. 458 * it no longer is.
474 */ 459 */
475 cancel_work_sync(&sdata->u.mgd.work); 460 cancel_work_sync(&sdata->u.mgd.work);
476 cancel_work_sync(&sdata->u.mgd.chswitch_work); 461 cancel_work_sync(&sdata->u.mgd.chswitch_work);
477 462 cancel_work_sync(&sdata->u.mgd.monitor_work);
478 cancel_work_sync(&sdata->u.mgd.beacon_loss_work); 463 cancel_work_sync(&sdata->u.mgd.beacon_loss_work);
479 464
480 /* 465 /*
@@ -485,12 +470,6 @@ static int ieee80211_stop(struct net_device *dev)
485 */ 470 */
486 synchronize_rcu(); 471 synchronize_rcu();
487 skb_queue_purge(&sdata->u.mgd.skb_queue); 472 skb_queue_purge(&sdata->u.mgd.skb_queue);
488
489 sdata->u.mgd.flags &= ~(IEEE80211_STA_PRIVACY_INVOKED |
490 IEEE80211_STA_TKIP_WEP_USED);
491 kfree(sdata->u.mgd.extra_ie);
492 sdata->u.mgd.extra_ie = NULL;
493 sdata->u.mgd.extra_ie_len = 0;
494 /* fall through */ 473 /* fall through */
495 case NL80211_IFTYPE_ADHOC: 474 case NL80211_IFTYPE_ADHOC:
496 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 475 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
@@ -507,9 +486,9 @@ static int ieee80211_stop(struct net_device *dev)
507 local->fif_other_bss--; 486 local->fif_other_bss--;
508 atomic_dec(&local->iff_allmultis); 487 atomic_dec(&local->iff_allmultis);
509 488
510 netif_addr_lock_bh(local->mdev); 489 spin_lock_bh(&local->filter_lock);
511 ieee80211_configure_filter(local); 490 ieee80211_configure_filter(local);
512 netif_addr_unlock_bh(local->mdev); 491 spin_unlock_bh(&local->filter_lock);
513 492
514 ieee80211_stop_mesh(sdata); 493 ieee80211_stop_mesh(sdata);
515 } 494 }
@@ -555,9 +534,6 @@ static int ieee80211_stop(struct net_device *dev)
555 ieee80211_recalc_ps(local, -1); 534 ieee80211_recalc_ps(local, -1);
556 535
557 if (local->open_count == 0) { 536 if (local->open_count == 0) {
558 if (netif_running(local->mdev))
559 dev_close(local->mdev);
560
561 drv_stop(local); 537 drv_stop(local);
562 538
563 ieee80211_led_radio(local, false); 539 ieee80211_led_radio(local, false);
@@ -604,8 +580,11 @@ static void ieee80211_set_multicast_list(struct net_device *dev)
604 atomic_dec(&local->iff_promiscs); 580 atomic_dec(&local->iff_promiscs);
605 sdata->flags ^= IEEE80211_SDATA_PROMISC; 581 sdata->flags ^= IEEE80211_SDATA_PROMISC;
606 } 582 }
607 583 spin_lock_bh(&local->filter_lock);
608 dev_mc_sync(local->mdev, dev); 584 __dev_addr_sync(&local->mc_list, &local->mc_count,
585 &dev->mc_list, &dev->mc_count);
586 ieee80211_configure_filter(local);
587 spin_unlock_bh(&local->filter_lock);
609} 588}
610 589
611/* 590/*
@@ -652,11 +631,6 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
652 kfree_skb(sdata->u.ibss.presp); 631 kfree_skb(sdata->u.ibss.presp);
653 break; 632 break;
654 case NL80211_IFTYPE_STATION: 633 case NL80211_IFTYPE_STATION:
655 kfree(sdata->u.mgd.extra_ie);
656 kfree(sdata->u.mgd.assocreq_ies);
657 kfree(sdata->u.mgd.assocresp_ies);
658 kfree(sdata->u.mgd.sme_auth_ie);
659 break;
660 case NL80211_IFTYPE_WDS: 634 case NL80211_IFTYPE_WDS:
661 case NL80211_IFTYPE_AP_VLAN: 635 case NL80211_IFTYPE_AP_VLAN:
662 case NL80211_IFTYPE_MONITOR: 636 case NL80211_IFTYPE_MONITOR:
@@ -939,7 +913,8 @@ u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
939 continue; 913 continue;
940 /* do not count disabled managed interfaces */ 914 /* do not count disabled managed interfaces */
941 if (sdata->vif.type == NL80211_IFTYPE_STATION && 915 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
942 sdata->u.mgd.state == IEEE80211_STA_MLME_DISABLED) 916 !sdata->u.mgd.associated &&
917 list_empty(&sdata->u.mgd.work_list))
943 continue; 918 continue;
944 /* do not count unused IBSS interfaces */ 919 /* do not count unused IBSS interfaces */
945 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && 920 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index ce267565e180..659a42d529e3 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -67,6 +67,8 @@ static DECLARE_WORK(todo_work, key_todo);
67 * 67 *
68 * @key: key to add to do item for 68 * @key: key to add to do item for
69 * @flag: todo flag(s) 69 * @flag: todo flag(s)
70 *
71 * Must be called with IRQs or softirqs disabled.
70 */ 72 */
71static void add_todo(struct ieee80211_key *key, u32 flag) 73static void add_todo(struct ieee80211_key *key, u32 flag)
72{ 74{
@@ -140,9 +142,9 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
140 ret = drv_set_key(key->local, SET_KEY, &sdata->vif, sta, &key->conf); 142 ret = drv_set_key(key->local, SET_KEY, &sdata->vif, sta, &key->conf);
141 143
142 if (!ret) { 144 if (!ret) {
143 spin_lock(&todo_lock); 145 spin_lock_bh(&todo_lock);
144 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 146 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
145 spin_unlock(&todo_lock); 147 spin_unlock_bh(&todo_lock);
146 } 148 }
147 149
148 if (ret && ret != -ENOSPC && ret != -EOPNOTSUPP) 150 if (ret && ret != -ENOSPC && ret != -EOPNOTSUPP)
@@ -164,12 +166,12 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
164 if (!key || !key->local->ops->set_key) 166 if (!key || !key->local->ops->set_key)
165 return; 167 return;
166 168
167 spin_lock(&todo_lock); 169 spin_lock_bh(&todo_lock);
168 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 170 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
169 spin_unlock(&todo_lock); 171 spin_unlock_bh(&todo_lock);
170 return; 172 return;
171 } 173 }
172 spin_unlock(&todo_lock); 174 spin_unlock_bh(&todo_lock);
173 175
174 sta = get_sta_for_key(key); 176 sta = get_sta_for_key(key);
175 sdata = key->sdata; 177 sdata = key->sdata;
@@ -188,9 +190,9 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
188 wiphy_name(key->local->hw.wiphy), 190 wiphy_name(key->local->hw.wiphy),
189 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret); 191 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
190 192
191 spin_lock(&todo_lock); 193 spin_lock_bh(&todo_lock);
192 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 194 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
193 spin_unlock(&todo_lock); 195 spin_unlock_bh(&todo_lock);
194} 196}
195 197
196static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 198static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
@@ -437,14 +439,14 @@ void ieee80211_key_link(struct ieee80211_key *key,
437 439
438 __ieee80211_key_replace(sdata, sta, old_key, key); 440 __ieee80211_key_replace(sdata, sta, old_key, key);
439 441
440 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
441
442 /* free old key later */ 442 /* free old key later */
443 add_todo(old_key, KEY_FLAG_TODO_DELETE); 443 add_todo(old_key, KEY_FLAG_TODO_DELETE);
444 444
445 add_todo(key, KEY_FLAG_TODO_ADD_DEBUGFS); 445 add_todo(key, KEY_FLAG_TODO_ADD_DEBUGFS);
446 if (netif_running(sdata->dev)) 446 if (netif_running(sdata->dev))
447 add_todo(key, KEY_FLAG_TODO_HWACCEL_ADD); 447 add_todo(key, KEY_FLAG_TODO_HWACCEL_ADD);
448
449 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
448} 450}
449 451
450static void __ieee80211_key_free(struct ieee80211_key *key) 452static void __ieee80211_key_free(struct ieee80211_key *key)
@@ -547,7 +549,7 @@ static void __ieee80211_key_todo(void)
547 */ 549 */
548 synchronize_rcu(); 550 synchronize_rcu();
549 551
550 spin_lock(&todo_lock); 552 spin_lock_bh(&todo_lock);
551 while (!list_empty(&todo_list)) { 553 while (!list_empty(&todo_list)) {
552 key = list_first_entry(&todo_list, struct ieee80211_key, todo); 554 key = list_first_entry(&todo_list, struct ieee80211_key, todo);
553 list_del_init(&key->todo); 555 list_del_init(&key->todo);
@@ -558,7 +560,7 @@ static void __ieee80211_key_todo(void)
558 KEY_FLAG_TODO_HWACCEL_REMOVE | 560 KEY_FLAG_TODO_HWACCEL_REMOVE |
559 KEY_FLAG_TODO_DELETE); 561 KEY_FLAG_TODO_DELETE);
560 key->flags &= ~todoflags; 562 key->flags &= ~todoflags;
561 spin_unlock(&todo_lock); 563 spin_unlock_bh(&todo_lock);
562 564
563 work_done = false; 565 work_done = false;
564 566
@@ -591,9 +593,9 @@ static void __ieee80211_key_todo(void)
591 593
592 WARN_ON(!work_done); 594 WARN_ON(!work_done);
593 595
594 spin_lock(&todo_lock); 596 spin_lock_bh(&todo_lock);
595 } 597 }
596 spin_unlock(&todo_lock); 598 spin_unlock_bh(&todo_lock);
597} 599}
598 600
599void ieee80211_key_todo(void) 601void ieee80211_key_todo(void)
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 092a017b237e..3234f3751d22 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -83,75 +83,14 @@ void ieee80211_configure_filter(struct ieee80211_local *local)
83 new_flags |= (1<<31); 83 new_flags |= (1<<31);
84 84
85 drv_configure_filter(local, changed_flags, &new_flags, 85 drv_configure_filter(local, changed_flags, &new_flags,
86 local->mdev->mc_count, 86 local->mc_count,
87 local->mdev->mc_list); 87 local->mc_list);
88 88
89 WARN_ON(new_flags & (1<<31)); 89 WARN_ON(new_flags & (1<<31));
90 90
91 local->filter_flags = new_flags & ~(1<<31); 91 local->filter_flags = new_flags & ~(1<<31);
92} 92}
93 93
94/* master interface */
95
96static int header_parse_80211(const struct sk_buff *skb, unsigned char *haddr)
97{
98 memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
99 return ETH_ALEN;
100}
101
102static const struct header_ops ieee80211_header_ops = {
103 .create = eth_header,
104 .parse = header_parse_80211,
105 .rebuild = eth_rebuild_header,
106 .cache = eth_header_cache,
107 .cache_update = eth_header_cache_update,
108};
109
110static int ieee80211_master_open(struct net_device *dev)
111{
112 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
113 struct ieee80211_local *local = mpriv->local;
114 struct ieee80211_sub_if_data *sdata;
115 int res = -EOPNOTSUPP;
116
117 /* we hold the RTNL here so can safely walk the list */
118 list_for_each_entry(sdata, &local->interfaces, list) {
119 if (netif_running(sdata->dev)) {
120 res = 0;
121 break;
122 }
123 }
124
125 if (res)
126 return res;
127
128 netif_tx_start_all_queues(local->mdev);
129
130 return 0;
131}
132
133static int ieee80211_master_stop(struct net_device *dev)
134{
135 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
136 struct ieee80211_local *local = mpriv->local;
137 struct ieee80211_sub_if_data *sdata;
138
139 /* we hold the RTNL here so can safely walk the list */
140 list_for_each_entry(sdata, &local->interfaces, list)
141 if (netif_running(sdata->dev))
142 dev_close(sdata->dev);
143
144 return 0;
145}
146
147static void ieee80211_master_set_multicast_list(struct net_device *dev)
148{
149 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
150 struct ieee80211_local *local = mpriv->local;
151
152 ieee80211_configure_filter(local);
153}
154
155int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) 94int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
156{ 95{
157 struct ieee80211_channel *chan, *scan_chan; 96 struct ieee80211_channel *chan, *scan_chan;
@@ -310,7 +249,6 @@ void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
310 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 249 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
311 int tmp; 250 int tmp;
312 251
313 skb->dev = local->mdev;
314 skb->pkt_type = IEEE80211_TX_STATUS_MSG; 252 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
315 skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ? 253 skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ?
316 &local->skb_queue : &local->skb_queue_unreliable, skb); 254 &local->skb_queue : &local->skb_queue_unreliable, skb);
@@ -330,19 +268,16 @@ static void ieee80211_tasklet_handler(unsigned long data)
330{ 268{
331 struct ieee80211_local *local = (struct ieee80211_local *) data; 269 struct ieee80211_local *local = (struct ieee80211_local *) data;
332 struct sk_buff *skb; 270 struct sk_buff *skb;
333 struct ieee80211_rx_status rx_status;
334 struct ieee80211_ra_tid *ra_tid; 271 struct ieee80211_ra_tid *ra_tid;
335 272
336 while ((skb = skb_dequeue(&local->skb_queue)) || 273 while ((skb = skb_dequeue(&local->skb_queue)) ||
337 (skb = skb_dequeue(&local->skb_queue_unreliable))) { 274 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
338 switch (skb->pkt_type) { 275 switch (skb->pkt_type) {
339 case IEEE80211_RX_MSG: 276 case IEEE80211_RX_MSG:
340 /* status is in skb->cb */
341 memcpy(&rx_status, skb->cb, sizeof(rx_status));
342 /* Clear skb->pkt_type in order to not confuse kernel 277 /* Clear skb->pkt_type in order to not confuse kernel
343 * netstack. */ 278 * netstack. */
344 skb->pkt_type = 0; 279 skb->pkt_type = 0;
345 __ieee80211_rx(local_to_hw(local), skb, &rx_status); 280 ieee80211_rx(local_to_hw(local), skb);
346 break; 281 break;
347 case IEEE80211_TX_STATUS_MSG: 282 case IEEE80211_TX_STATUS_MSG:
348 skb->pkt_type = 0; 283 skb->pkt_type = 0;
@@ -719,7 +654,7 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
719 mutex_init(&local->scan_mtx); 654 mutex_init(&local->scan_mtx);
720 655
721 spin_lock_init(&local->key_lock); 656 spin_lock_init(&local->key_lock);
722 657 spin_lock_init(&local->filter_lock);
723 spin_lock_init(&local->queue_stop_reason_lock); 658 spin_lock_init(&local->queue_stop_reason_lock);
724 659
725 INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work); 660 INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work);
@@ -755,30 +690,11 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
755} 690}
756EXPORT_SYMBOL(ieee80211_alloc_hw); 691EXPORT_SYMBOL(ieee80211_alloc_hw);
757 692
758static const struct net_device_ops ieee80211_master_ops = {
759 .ndo_start_xmit = ieee80211_master_start_xmit,
760 .ndo_open = ieee80211_master_open,
761 .ndo_stop = ieee80211_master_stop,
762 .ndo_set_multicast_list = ieee80211_master_set_multicast_list,
763 .ndo_select_queue = ieee80211_select_queue,
764};
765
766static void ieee80211_master_setup(struct net_device *mdev)
767{
768 mdev->type = ARPHRD_IEEE80211;
769 mdev->netdev_ops = &ieee80211_master_ops;
770 mdev->header_ops = &ieee80211_header_ops;
771 mdev->tx_queue_len = 1000;
772 mdev->addr_len = ETH_ALEN;
773}
774
775int ieee80211_register_hw(struct ieee80211_hw *hw) 693int ieee80211_register_hw(struct ieee80211_hw *hw)
776{ 694{
777 struct ieee80211_local *local = hw_to_local(hw); 695 struct ieee80211_local *local = hw_to_local(hw);
778 int result; 696 int result;
779 enum ieee80211_band band; 697 enum ieee80211_band band;
780 struct net_device *mdev;
781 struct ieee80211_master_priv *mpriv;
782 int channels, i, j, max_bitrates; 698 int channels, i, j, max_bitrates;
783 bool supp_ht; 699 bool supp_ht;
784 static const u32 cipher_suites[] = { 700 static const u32 cipher_suites[] = {
@@ -877,16 +793,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
877 if (hw->queues > IEEE80211_MAX_QUEUES) 793 if (hw->queues > IEEE80211_MAX_QUEUES)
878 hw->queues = IEEE80211_MAX_QUEUES; 794 hw->queues = IEEE80211_MAX_QUEUES;
879 795
880 mdev = alloc_netdev_mq(sizeof(struct ieee80211_master_priv),
881 "wmaster%d", ieee80211_master_setup,
882 hw->queues);
883 if (!mdev)
884 goto fail_mdev_alloc;
885
886 mpriv = netdev_priv(mdev);
887 mpriv->local = local;
888 local->mdev = mdev;
889
890 local->hw.workqueue = 796 local->hw.workqueue =
891 create_singlethread_workqueue(wiphy_name(local->hw.wiphy)); 797 create_singlethread_workqueue(wiphy_name(local->hw.wiphy));
892 if (!local->hw.workqueue) { 798 if (!local->hw.workqueue) {
@@ -921,17 +827,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
921 } 827 }
922 828
923 rtnl_lock(); 829 rtnl_lock();
924 result = dev_alloc_name(local->mdev, local->mdev->name);
925 if (result < 0)
926 goto fail_dev;
927
928 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
929 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
930 local->mdev->features |= NETIF_F_NETNS_LOCAL;
931
932 result = register_netdevice(local->mdev);
933 if (result < 0)
934 goto fail_dev;
935 830
936 result = ieee80211_init_rate_ctrl_alg(local, 831 result = ieee80211_init_rate_ctrl_alg(local,
937 hw->rate_control_algorithm); 832 hw->rate_control_algorithm);
@@ -984,9 +879,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
984 ieee80211_led_exit(local); 879 ieee80211_led_exit(local);
985 ieee80211_remove_interfaces(local); 880 ieee80211_remove_interfaces(local);
986 fail_rate: 881 fail_rate:
987 unregister_netdevice(local->mdev);
988 local->mdev = NULL;
989 fail_dev:
990 rtnl_unlock(); 882 rtnl_unlock();
991 ieee80211_wep_free(local); 883 ieee80211_wep_free(local);
992 fail_wep: 884 fail_wep:
@@ -995,9 +887,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
995 debugfs_hw_del(local); 887 debugfs_hw_del(local);
996 destroy_workqueue(local->hw.workqueue); 888 destroy_workqueue(local->hw.workqueue);
997 fail_workqueue: 889 fail_workqueue:
998 if (local->mdev)
999 free_netdev(local->mdev);
1000 fail_mdev_alloc:
1001 wiphy_unregister(local->hw.wiphy); 890 wiphy_unregister(local->hw.wiphy);
1002 fail_wiphy_register: 891 fail_wiphy_register:
1003 kfree(local->int_scan_req.channels); 892 kfree(local->int_scan_req.channels);
@@ -1022,13 +911,8 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1022 * because the driver cannot be handing us frames any 911 * because the driver cannot be handing us frames any
1023 * more and the tasklet is killed. 912 * more and the tasklet is killed.
1024 */ 913 */
1025
1026 /* First, we remove all virtual interfaces. */
1027 ieee80211_remove_interfaces(local); 914 ieee80211_remove_interfaces(local);
1028 915
1029 /* then, finally, remove the master interface */
1030 unregister_netdevice(local->mdev);
1031
1032 rtnl_unlock(); 916 rtnl_unlock();
1033 917
1034 ieee80211_clear_tx_pending(local); 918 ieee80211_clear_tx_pending(local);
@@ -1047,7 +931,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1047 wiphy_unregister(local->hw.wiphy); 931 wiphy_unregister(local->hw.wiphy);
1048 ieee80211_wep_free(local); 932 ieee80211_wep_free(local);
1049 ieee80211_led_exit(local); 933 ieee80211_led_exit(local);
1050 free_netdev(local->mdev);
1051 kfree(local->int_scan_req.channels); 934 kfree(local->int_scan_req.channels);
1052} 935}
1053EXPORT_SYMBOL(ieee80211_unregister_hw); 936EXPORT_SYMBOL(ieee80211_unregister_hw);
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 11cf45bce38a..8a97b1423088 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -568,7 +568,7 @@ static void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
568 568
569 ifmsh = &sdata->u.mesh; 569 ifmsh = &sdata->u.mesh;
570 570
571 rx_status = (struct ieee80211_rx_status *) skb->cb; 571 rx_status = IEEE80211_SKB_RXCB(skb);
572 mgmt = (struct ieee80211_mgmt *) skb->data; 572 mgmt = (struct ieee80211_mgmt *) skb->data;
573 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; 573 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
574 574
@@ -671,8 +671,7 @@ void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
671} 671}
672 672
673ieee80211_rx_result 673ieee80211_rx_result
674ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 674ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
675 struct ieee80211_rx_status *rx_status)
676{ 675{
677 struct ieee80211_local *local = sdata->local; 676 struct ieee80211_local *local = sdata->local;
678 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 677 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
@@ -686,10 +685,12 @@ ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
686 fc = le16_to_cpu(mgmt->frame_control); 685 fc = le16_to_cpu(mgmt->frame_control);
687 686
688 switch (fc & IEEE80211_FCTL_STYPE) { 687 switch (fc & IEEE80211_FCTL_STYPE) {
688 case IEEE80211_STYPE_ACTION:
689 if (skb->len < IEEE80211_MIN_ACTION_SIZE)
690 return RX_DROP_MONITOR;
691 /* fall through */
689 case IEEE80211_STYPE_PROBE_RESP: 692 case IEEE80211_STYPE_PROBE_RESP:
690 case IEEE80211_STYPE_BEACON: 693 case IEEE80211_STYPE_BEACON:
691 case IEEE80211_STYPE_ACTION:
692 memcpy(skb->cb, rx_status, sizeof(*rx_status));
693 skb_queue_tail(&ifmsh->skb_queue, skb); 694 skb_queue_tail(&ifmsh->skb_queue, skb);
694 queue_work(local->hw.workqueue, &ifmsh->work); 695 queue_work(local->hw.workqueue, &ifmsh->work);
695 return RX_QUEUED; 696 return RX_QUEUED;
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index c7d72819cdd2..2a2ed182cb7e 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -208,8 +208,7 @@ void ieee80211s_init(void);
208void ieee80211s_stop(void); 208void ieee80211s_stop(void);
209void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata); 209void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata);
210ieee80211_rx_result 210ieee80211_rx_result
211ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 211ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb);
212 struct ieee80211_rx_status *rx_status);
213void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata); 212void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata);
214void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata); 213void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata);
215 214
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index f49ef288e2e2..e93c37ef6a48 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -686,11 +686,11 @@ void mesh_path_start_discovery(struct ieee80211_sub_if_data *sdata)
686 u8 ttl, dst_flags; 686 u8 ttl, dst_flags;
687 u32 lifetime; 687 u32 lifetime;
688 688
689 spin_lock(&ifmsh->mesh_preq_queue_lock); 689 spin_lock_bh(&ifmsh->mesh_preq_queue_lock);
690 if (!ifmsh->preq_queue_len || 690 if (!ifmsh->preq_queue_len ||
691 time_before(jiffies, ifmsh->last_preq + 691 time_before(jiffies, ifmsh->last_preq +
692 min_preq_int_jiff(sdata))) { 692 min_preq_int_jiff(sdata))) {
693 spin_unlock(&ifmsh->mesh_preq_queue_lock); 693 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock);
694 return; 694 return;
695 } 695 }
696 696
@@ -698,7 +698,7 @@ void mesh_path_start_discovery(struct ieee80211_sub_if_data *sdata)
698 struct mesh_preq_queue, list); 698 struct mesh_preq_queue, list);
699 list_del(&preq_node->list); 699 list_del(&preq_node->list);
700 --ifmsh->preq_queue_len; 700 --ifmsh->preq_queue_len;
701 spin_unlock(&ifmsh->mesh_preq_queue_lock); 701 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock);
702 702
703 rcu_read_lock(); 703 rcu_read_lock();
704 mpath = mesh_path_lookup(preq_node->dst, sdata); 704 mpath = mesh_path_lookup(preq_node->dst, sdata);
@@ -784,7 +784,6 @@ int mesh_nexthop_lookup(struct sk_buff *skb,
784 mesh_path_add(dst_addr, sdata); 784 mesh_path_add(dst_addr, sdata);
785 mpath = mesh_path_lookup(dst_addr, sdata); 785 mpath = mesh_path_lookup(dst_addr, sdata);
786 if (!mpath) { 786 if (!mpath) {
787 dev_kfree_skb(skb);
788 sdata->u.mesh.mshstats.dropped_frames_no_route++; 787 sdata->u.mesh.mshstats.dropped_frames_no_route++;
789 err = -ENOSPC; 788 err = -ENOSPC;
790 goto endlookup; 789 goto endlookup;
@@ -804,6 +803,7 @@ int mesh_nexthop_lookup(struct sk_buff *skb,
804 memcpy(hdr->addr1, mpath->next_hop->sta.addr, 803 memcpy(hdr->addr1, mpath->next_hop->sta.addr,
805 ETH_ALEN); 804 ETH_ALEN);
806 } else { 805 } else {
806 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
807 if (!(mpath->flags & MESH_PATH_RESOLVING)) { 807 if (!(mpath->flags & MESH_PATH_RESOLVING)) {
808 /* Start discovery only if it is not running yet */ 808 /* Start discovery only if it is not running yet */
809 mesh_queue_preq(mpath, PREQ_Q_F_START); 809 mesh_queue_preq(mpath, PREQ_Q_F_START);
@@ -815,6 +815,7 @@ int mesh_nexthop_lookup(struct sk_buff *skb,
815 skb_unlink(skb_to_free, &mpath->frame_queue); 815 skb_unlink(skb_to_free, &mpath->frame_queue);
816 } 816 }
817 817
818 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
818 skb_queue_tail(&mpath->frame_queue, skb); 819 skb_queue_tail(&mpath->frame_queue, skb);
819 if (skb_to_free) 820 if (skb_to_free)
820 mesh_path_discard_frame(skb_to_free, sdata); 821 mesh_path_discard_frame(skb_to_free, sdata);
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
index 479597e88583..04b9e4d61b8e 100644
--- a/net/mac80211/mesh_pathtbl.c
+++ b/net/mac80211/mesh_pathtbl.c
@@ -55,7 +55,25 @@ static DEFINE_RWLOCK(pathtbl_resize_lock);
55 */ 55 */
56void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta) 56void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta)
57{ 57{
58 struct sk_buff *skb;
59 struct ieee80211_hdr *hdr;
60 struct sk_buff_head tmpq;
61 unsigned long flags;
62
58 rcu_assign_pointer(mpath->next_hop, sta); 63 rcu_assign_pointer(mpath->next_hop, sta);
64
65 __skb_queue_head_init(&tmpq);
66
67 spin_lock_irqsave(&mpath->frame_queue.lock, flags);
68
69 while ((skb = __skb_dequeue(&mpath->frame_queue)) != NULL) {
70 hdr = (struct ieee80211_hdr *) skb->data;
71 memcpy(hdr->addr1, sta->sta.addr, ETH_ALEN);
72 __skb_queue_tail(&tmpq, skb);
73 }
74
75 skb_queue_splice(&tmpq, &mpath->frame_queue);
76 spin_unlock_irqrestore(&mpath->frame_queue.lock, flags);
59} 77}
60 78
61 79
@@ -481,11 +499,9 @@ enddel:
481 */ 499 */
482void mesh_path_tx_pending(struct mesh_path *mpath) 500void mesh_path_tx_pending(struct mesh_path *mpath)
483{ 501{
484 struct sk_buff *skb; 502 if (mpath->flags & MESH_PATH_ACTIVE)
485 503 ieee80211_add_pending_skbs(mpath->sdata->local,
486 while ((skb = skb_dequeue(&mpath->frame_queue)) && 504 &mpath->frame_queue);
487 (mpath->flags & MESH_PATH_ACTIVE))
488 dev_queue_xmit(skb);
489} 505}
490 506
491/** 507/**
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 07e7e41816be..0b3551da8f43 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -27,43 +27,98 @@
27#include "rate.h" 27#include "rate.h"
28#include "led.h" 28#include "led.h"
29 29
30#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
31#define IEEE80211_AUTH_TIMEOUT (HZ / 5) 30#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
32#define IEEE80211_AUTH_MAX_TRIES 3 31#define IEEE80211_AUTH_MAX_TRIES 3
33#define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 32#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
34#define IEEE80211_ASSOC_MAX_TRIES 3 33#define IEEE80211_ASSOC_MAX_TRIES 3
35#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 34
36#define IEEE80211_PROBE_WAIT (HZ / 5) 35/*
37#define IEEE80211_PROBE_IDLE_TIME (60 * HZ) 36 * beacon loss detection timeout
38#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 37 * XXX: should depend on beacon interval
38 */
39#define IEEE80211_BEACON_LOSS_TIME (2 * HZ)
40/*
41 * Time the connection can be idle before we probe
42 * it to see if we can still talk to the AP.
43 */
44#define IEEE80211_CONNECTION_IDLE_TIME (2 * HZ)
45/*
46 * Time we wait for a probe response after sending
47 * a probe request because of beacon loss or for
48 * checking the connection still works.
49 */
50#define IEEE80211_PROBE_WAIT (HZ / 5)
39 51
40#define TMR_RUNNING_TIMER 0 52#define TMR_RUNNING_TIMER 0
41#define TMR_RUNNING_CHANSW 1 53#define TMR_RUNNING_CHANSW 1
42 54
55/*
56 * All cfg80211 functions have to be called outside a locked
57 * section so that they can acquire a lock themselves... This
58 * is much simpler than queuing up things in cfg80211, but we
59 * do need some indirection for that here.
60 */
61enum rx_mgmt_action {
62 /* no action required */
63 RX_MGMT_NONE,
64
65 /* caller must call cfg80211_send_rx_auth() */
66 RX_MGMT_CFG80211_AUTH,
67
68 /* caller must call cfg80211_send_rx_assoc() */
69 RX_MGMT_CFG80211_ASSOC,
70
71 /* caller must call cfg80211_send_deauth() */
72 RX_MGMT_CFG80211_DEAUTH,
73
74 /* caller must call cfg80211_send_disassoc() */
75 RX_MGMT_CFG80211_DISASSOC,
76
77 /* caller must call cfg80211_auth_timeout() & free work */
78 RX_MGMT_CFG80211_AUTH_TO,
79
80 /* caller must call cfg80211_assoc_timeout() & free work */
81 RX_MGMT_CFG80211_ASSOC_TO,
82};
83
43/* utils */ 84/* utils */
44static int ecw2cw(int ecw) 85static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd)
45{ 86{
46 return (1 << ecw) - 1; 87 WARN_ON(!mutex_is_locked(&ifmgd->mtx));
47} 88}
48 89
49static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie) 90/*
91 * We can have multiple work items (and connection probing)
92 * scheduling this timer, but we need to take care to only
93 * reschedule it when it should fire _earlier_ than it was
94 * asked for before, or if it's not pending right now. This
95 * function ensures that. Note that it then is required to
96 * run this function for all timeouts after the first one
97 * has happened -- the work that runs from this timer will
98 * do that.
99 */
100static void run_again(struct ieee80211_if_managed *ifmgd,
101 unsigned long timeout)
50{ 102{
51 u8 *end, *pos; 103 ASSERT_MGD_MTX(ifmgd);
52 104
53 pos = bss->cbss.information_elements; 105 if (!timer_pending(&ifmgd->timer) ||
54 if (pos == NULL) 106 time_before(timeout, ifmgd->timer.expires))
55 return NULL; 107 mod_timer(&ifmgd->timer, timeout);
56 end = pos + bss->cbss.len_information_elements; 108}
57 109
58 while (pos + 1 < end) { 110static void mod_beacon_timer(struct ieee80211_sub_if_data *sdata)
59 if (pos + 2 + pos[1] > end) 111{
60 break; 112 if (sdata->local->hw.flags & IEEE80211_HW_BEACON_FILTER)
61 if (pos[0] == ie) 113 return;
62 return pos; 114
63 pos += 2 + pos[1]; 115 mod_timer(&sdata->u.mgd.bcn_mon_timer,
64 } 116 round_jiffies_up(jiffies + IEEE80211_BEACON_LOSS_TIME));
117}
65 118
66 return NULL; 119static int ecw2cw(int ecw)
120{
121 return (1 << ecw) - 1;
67} 122}
68 123
69static int ieee80211_compatible_rates(struct ieee80211_bss *bss, 124static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
@@ -94,11 +149,10 @@ static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
94 */ 149 */
95static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata, 150static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
96 struct ieee80211_ht_info *hti, 151 struct ieee80211_ht_info *hti,
97 u16 ap_ht_cap_flags) 152 const u8 *bssid, u16 ap_ht_cap_flags)
98{ 153{
99 struct ieee80211_local *local = sdata->local; 154 struct ieee80211_local *local = sdata->local;
100 struct ieee80211_supported_band *sband; 155 struct ieee80211_supported_band *sband;
101 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
102 struct sta_info *sta; 156 struct sta_info *sta;
103 u32 changed = 0; 157 u32 changed = 0;
104 u16 ht_opmode; 158 u16 ht_opmode;
@@ -147,12 +201,10 @@ static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
147 ieee80211_hw_config(local, 0); 201 ieee80211_hw_config(local, 0);
148 202
149 rcu_read_lock(); 203 rcu_read_lock();
150 204 sta = sta_info_get(local, bssid);
151 sta = sta_info_get(local, ifmgd->bssid);
152 if (sta) 205 if (sta)
153 rate_control_rate_update(local, sband, sta, 206 rate_control_rate_update(local, sband, sta,
154 IEEE80211_RC_HT_CHANGED); 207 IEEE80211_RC_HT_CHANGED);
155
156 rcu_read_unlock(); 208 rcu_read_unlock();
157 } 209 }
158 210
@@ -175,23 +227,24 @@ static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
175 227
176/* frame sending functions */ 228/* frame sending functions */
177 229
178static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 230static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
231 struct ieee80211_mgd_work *wk)
179{ 232{
180 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 233 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
181 struct ieee80211_local *local = sdata->local; 234 struct ieee80211_local *local = sdata->local;
182 struct sk_buff *skb; 235 struct sk_buff *skb;
183 struct ieee80211_mgmt *mgmt; 236 struct ieee80211_mgmt *mgmt;
184 u8 *pos, *ies, *ht_ie; 237 u8 *pos;
238 const u8 *ies, *ht_ie;
185 int i, len, count, rates_len, supp_rates_len; 239 int i, len, count, rates_len, supp_rates_len;
186 u16 capab; 240 u16 capab;
187 struct ieee80211_bss *bss;
188 int wmm = 0; 241 int wmm = 0;
189 struct ieee80211_supported_band *sband; 242 struct ieee80211_supported_band *sband;
190 u32 rates = 0; 243 u32 rates = 0;
191 244
192 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 245 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
193 sizeof(*mgmt) + 200 + ifmgd->extra_ie_len + 246 sizeof(*mgmt) + 200 + wk->ie_len +
194 ifmgd->ssid_len); 247 wk->ssid_len);
195 if (!skb) { 248 if (!skb) {
196 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc " 249 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
197 "frame\n", sdata->dev->name); 250 "frame\n", sdata->dev->name);
@@ -210,45 +263,35 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
210 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 263 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
211 } 264 }
212 265
213 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 266 if (wk->bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
214 local->hw.conf.channel->center_freq, 267 capab |= WLAN_CAPABILITY_PRIVACY;
215 ifmgd->ssid, ifmgd->ssid_len); 268 if (wk->bss->wmm_used)
216 if (bss) { 269 wmm = 1;
217 if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
218 capab |= WLAN_CAPABILITY_PRIVACY;
219 if (bss->wmm_used)
220 wmm = 1;
221 270
222 /* get all rates supported by the device and the AP as 271 /* get all rates supported by the device and the AP as
223 * some APs don't like getting a superset of their rates 272 * some APs don't like getting a superset of their rates
224 * in the association request (e.g. D-Link DAP 1353 in 273 * in the association request (e.g. D-Link DAP 1353 in
225 * b-only mode) */ 274 * b-only mode) */
226 rates_len = ieee80211_compatible_rates(bss, sband, &rates); 275 rates_len = ieee80211_compatible_rates(wk->bss, sband, &rates);
227 276
228 if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 277 if ((wk->bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
229 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 278 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
230 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 279 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
231
232 ieee80211_rx_bss_put(local, bss);
233 } else {
234 rates = ~0;
235 rates_len = sband->n_bitrates;
236 }
237 280
238 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 281 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
239 memset(mgmt, 0, 24); 282 memset(mgmt, 0, 24);
240 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN); 283 memcpy(mgmt->da, wk->bss->cbss.bssid, ETH_ALEN);
241 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 284 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
242 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN); 285 memcpy(mgmt->bssid, wk->bss->cbss.bssid, ETH_ALEN);
243 286
244 if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) { 287 if (!is_zero_ether_addr(wk->prev_bssid)) {
245 skb_put(skb, 10); 288 skb_put(skb, 10);
246 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 289 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
247 IEEE80211_STYPE_REASSOC_REQ); 290 IEEE80211_STYPE_REASSOC_REQ);
248 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 291 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
249 mgmt->u.reassoc_req.listen_interval = 292 mgmt->u.reassoc_req.listen_interval =
250 cpu_to_le16(local->hw.conf.listen_interval); 293 cpu_to_le16(local->hw.conf.listen_interval);
251 memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid, 294 memcpy(mgmt->u.reassoc_req.current_ap, wk->prev_bssid,
252 ETH_ALEN); 295 ETH_ALEN);
253 } else { 296 } else {
254 skb_put(skb, 4); 297 skb_put(skb, 4);
@@ -260,10 +303,10 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
260 } 303 }
261 304
262 /* SSID */ 305 /* SSID */
263 ies = pos = skb_put(skb, 2 + ifmgd->ssid_len); 306 ies = pos = skb_put(skb, 2 + wk->ssid_len);
264 *pos++ = WLAN_EID_SSID; 307 *pos++ = WLAN_EID_SSID;
265 *pos++ = ifmgd->ssid_len; 308 *pos++ = wk->ssid_len;
266 memcpy(pos, ifmgd->ssid, ifmgd->ssid_len); 309 memcpy(pos, wk->ssid, wk->ssid_len);
267 310
268 /* add all rates which were marked to be used above */ 311 /* add all rates which were marked to be used above */
269 supp_rates_len = rates_len; 312 supp_rates_len = rates_len;
@@ -318,9 +361,9 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
318 } 361 }
319 } 362 }
320 363
321 if (ifmgd->extra_ie) { 364 if (wk->ie_len && wk->ie) {
322 pos = skb_put(skb, ifmgd->extra_ie_len); 365 pos = skb_put(skb, wk->ie_len);
323 memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len); 366 memcpy(pos, wk->ie, wk->ie_len);
324 } 367 }
325 368
326 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) { 369 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) {
@@ -345,9 +388,9 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
345 */ 388 */
346 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) && 389 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
347 sband->ht_cap.ht_supported && 390 sband->ht_cap.ht_supported &&
348 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && 391 (ht_ie = ieee80211_bss_get_ie(&wk->bss->cbss, WLAN_EID_HT_INFORMATION)) &&
349 ht_ie[1] >= sizeof(struct ieee80211_ht_info) && 392 ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
350 (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) { 393 (!(ifmgd->flags & IEEE80211_STA_DISABLE_11N))) {
351 struct ieee80211_ht_info *ht_info = 394 struct ieee80211_ht_info *ht_info =
352 (struct ieee80211_ht_info *)(ht_ie + 2); 395 (struct ieee80211_ht_info *)(ht_ie + 2);
353 u16 cap = sband->ht_cap.cap; 396 u16 cap = sband->ht_cap.cap;
@@ -382,18 +425,13 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
382 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs)); 425 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
383 } 426 }
384 427
385 kfree(ifmgd->assocreq_ies);
386 ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies;
387 ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL);
388 if (ifmgd->assocreq_ies)
389 memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len);
390
391 ieee80211_tx_skb(sdata, skb, 0); 428 ieee80211_tx_skb(sdata, skb, 0);
392} 429}
393 430
394 431
395static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, 432static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
396 u16 stype, u16 reason) 433 const u8 *bssid, u16 stype, u16 reason,
434 void *cookie)
397{ 435{
398 struct ieee80211_local *local = sdata->local; 436 struct ieee80211_local *local = sdata->local;
399 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 437 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
@@ -410,18 +448,18 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
410 448
411 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 449 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
412 memset(mgmt, 0, 24); 450 memset(mgmt, 0, 24);
413 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN); 451 memcpy(mgmt->da, bssid, ETH_ALEN);
414 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 452 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
415 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN); 453 memcpy(mgmt->bssid, bssid, ETH_ALEN);
416 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 454 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
417 skb_put(skb, 2); 455 skb_put(skb, 2);
418 /* u.deauth.reason_code == u.disassoc.reason_code */ 456 /* u.deauth.reason_code == u.disassoc.reason_code */
419 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 457 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
420 458
421 if (stype == IEEE80211_STYPE_DEAUTH) 459 if (stype == IEEE80211_STYPE_DEAUTH)
422 cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, skb->len); 460 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len, cookie);
423 else 461 else
424 cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, skb->len); 462 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len, cookie);
425 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED); 463 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
426} 464}
427 465
@@ -494,28 +532,26 @@ static void ieee80211_chswitch_work(struct work_struct *work)
494{ 532{
495 struct ieee80211_sub_if_data *sdata = 533 struct ieee80211_sub_if_data *sdata =
496 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work); 534 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
497 struct ieee80211_bss *bss;
498 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 535 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
499 536
500 if (!netif_running(sdata->dev)) 537 if (!netif_running(sdata->dev))
501 return; 538 return;
502 539
503 bss = ieee80211_rx_bss_get(sdata->local, ifmgd->bssid, 540 mutex_lock(&ifmgd->mtx);
504 sdata->local->hw.conf.channel->center_freq, 541 if (!ifmgd->associated)
505 ifmgd->ssid, ifmgd->ssid_len); 542 goto out;
506 if (!bss)
507 goto exit;
508 543
509 sdata->local->oper_channel = sdata->local->csa_channel; 544 sdata->local->oper_channel = sdata->local->csa_channel;
545 ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL);
546
510 /* XXX: shouldn't really modify cfg80211-owned data! */ 547 /* XXX: shouldn't really modify cfg80211-owned data! */
511 if (!ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL)) 548 ifmgd->associated->cbss.channel = sdata->local->oper_channel;
512 bss->cbss.channel = sdata->local->oper_channel;
513 549
514 ieee80211_rx_bss_put(sdata->local, bss);
515exit:
516 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
517 ieee80211_wake_queues_by_reason(&sdata->local->hw, 550 ieee80211_wake_queues_by_reason(&sdata->local->hw,
518 IEEE80211_QUEUE_STOP_REASON_CSA); 551 IEEE80211_QUEUE_STOP_REASON_CSA);
552 out:
553 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
554 mutex_unlock(&ifmgd->mtx);
519} 555}
520 556
521static void ieee80211_chswitch_timer(unsigned long data) 557static void ieee80211_chswitch_timer(unsigned long data)
@@ -540,7 +576,9 @@ void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
540 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 576 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
541 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num); 577 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);
542 578
543 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATED) 579 ASSERT_MGD_MTX(ifmgd);
580
581 if (!ifmgd->associated)
544 return; 582 return;
545 583
546 if (sdata->local->sw_scanning || sdata->local->hw_scanning) 584 if (sdata->local->sw_scanning || sdata->local->hw_scanning)
@@ -651,8 +689,9 @@ void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
651 } 689 }
652 690
653 if (count == 1 && found->u.mgd.powersave && 691 if (count == 1 && found->u.mgd.powersave &&
654 (found->u.mgd.flags & IEEE80211_STA_ASSOCIATED) && 692 found->u.mgd.associated && list_empty(&found->u.mgd.work_list) &&
655 !(found->u.mgd.flags & IEEE80211_STA_PROBEREQ_POLL)) { 693 !(found->u.mgd.flags & (IEEE80211_STA_BEACON_POLL |
694 IEEE80211_STA_CONNECTION_POLL))) {
656 s32 beaconint_us; 695 s32 beaconint_us;
657 696
658 if (latency < 0) 697 if (latency < 0)
@@ -806,9 +845,6 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
806 u16 capab, bool erp_valid, u8 erp) 845 u16 capab, bool erp_valid, u8 erp)
807{ 846{
808 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 847 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
809#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
810 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
811#endif
812 u32 changed = 0; 848 u32 changed = 0;
813 bool use_protection; 849 bool use_protection;
814 bool use_short_preamble; 850 bool use_short_preamble;
@@ -825,42 +861,16 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
825 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 861 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
826 862
827 if (use_protection != bss_conf->use_cts_prot) { 863 if (use_protection != bss_conf->use_cts_prot) {
828#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
829 if (net_ratelimit()) {
830 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
831 sdata->dev->name,
832 use_protection ? "enabled" : "disabled",
833 ifmgd->bssid);
834 }
835#endif
836 bss_conf->use_cts_prot = use_protection; 864 bss_conf->use_cts_prot = use_protection;
837 changed |= BSS_CHANGED_ERP_CTS_PROT; 865 changed |= BSS_CHANGED_ERP_CTS_PROT;
838 } 866 }
839 867
840 if (use_short_preamble != bss_conf->use_short_preamble) { 868 if (use_short_preamble != bss_conf->use_short_preamble) {
841#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
842 if (net_ratelimit()) {
843 printk(KERN_DEBUG "%s: switched to %s barker preamble"
844 " (BSSID=%pM)\n",
845 sdata->dev->name,
846 use_short_preamble ? "short" : "long",
847 ifmgd->bssid);
848 }
849#endif
850 bss_conf->use_short_preamble = use_short_preamble; 869 bss_conf->use_short_preamble = use_short_preamble;
851 changed |= BSS_CHANGED_ERP_PREAMBLE; 870 changed |= BSS_CHANGED_ERP_PREAMBLE;
852 } 871 }
853 872
854 if (use_short_slot != bss_conf->use_short_slot) { 873 if (use_short_slot != bss_conf->use_short_slot) {
855#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
856 if (net_ratelimit()) {
857 printk(KERN_DEBUG "%s: switched to %s slot time"
858 " (BSSID=%pM)\n",
859 sdata->dev->name,
860 use_short_slot ? "short" : "long",
861 ifmgd->bssid);
862 }
863#endif
864 bss_conf->use_short_slot = use_short_slot; 874 bss_conf->use_short_slot = use_short_slot;
865 changed |= BSS_CHANGED_ERP_SLOT; 875 changed |= BSS_CHANGED_ERP_SLOT;
866 } 876 }
@@ -868,105 +878,29 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
868 return changed; 878 return changed;
869} 879}
870 880
871static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata)
872{
873 union iwreq_data wrqu;
874
875 memset(&wrqu, 0, sizeof(wrqu));
876 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)
877 memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN);
878 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
879 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
880}
881
882static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata)
883{
884 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
885 char *buf;
886 size_t len;
887 int i;
888 union iwreq_data wrqu;
889
890 if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies)
891 return;
892
893 buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len +
894 ifmgd->assocresp_ies_len), GFP_KERNEL);
895 if (!buf)
896 return;
897
898 len = sprintf(buf, "ASSOCINFO(");
899 if (ifmgd->assocreq_ies) {
900 len += sprintf(buf + len, "ReqIEs=");
901 for (i = 0; i < ifmgd->assocreq_ies_len; i++) {
902 len += sprintf(buf + len, "%02x",
903 ifmgd->assocreq_ies[i]);
904 }
905 }
906 if (ifmgd->assocresp_ies) {
907 if (ifmgd->assocreq_ies)
908 len += sprintf(buf + len, " ");
909 len += sprintf(buf + len, "RespIEs=");
910 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
911 len += sprintf(buf + len, "%02x",
912 ifmgd->assocresp_ies[i]);
913 }
914 }
915 len += sprintf(buf + len, ")");
916
917 if (len > IW_CUSTOM_MAX) {
918 len = sprintf(buf, "ASSOCRESPIE=");
919 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
920 len += sprintf(buf + len, "%02x",
921 ifmgd->assocresp_ies[i]);
922 }
923 }
924
925 if (len <= IW_CUSTOM_MAX) {
926 memset(&wrqu, 0, sizeof(wrqu));
927 wrqu.data.length = len;
928 wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
929 }
930
931 kfree(buf);
932}
933
934
935static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 881static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
882 struct ieee80211_bss *bss,
936 u32 bss_info_changed) 883 u32 bss_info_changed)
937{ 884{
938 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
939 struct ieee80211_local *local = sdata->local; 885 struct ieee80211_local *local = sdata->local;
940 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
941
942 struct ieee80211_bss *bss;
943 886
944 bss_info_changed |= BSS_CHANGED_ASSOC; 887 bss_info_changed |= BSS_CHANGED_ASSOC;
945 ifmgd->flags |= IEEE80211_STA_ASSOCIATED; 888 /* set timing information */
946 889 sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
947 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 890 sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
948 conf->channel->center_freq, 891 sdata->vif.bss_conf.dtim_period = bss->dtim_period;
949 ifmgd->ssid, ifmgd->ssid_len);
950 if (bss) {
951 /* set timing information */
952 sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
953 sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
954 sdata->vif.bss_conf.dtim_period = bss->dtim_period;
955 892
956 bss_info_changed |= BSS_CHANGED_BEACON_INT; 893 bss_info_changed |= BSS_CHANGED_BEACON_INT;
957 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 894 bss_info_changed |= ieee80211_handle_bss_capability(sdata,
958 bss->cbss.capability, bss->has_erp_value, bss->erp_value); 895 bss->cbss.capability, bss->has_erp_value, bss->erp_value);
959 896
960 cfg80211_hold_bss(&bss->cbss); 897 sdata->u.mgd.associated = bss;
898 memcpy(sdata->u.mgd.bssid, bss->cbss.bssid, ETH_ALEN);
961 899
962 ieee80211_rx_bss_put(local, bss); 900 /* just to be sure */
963 } 901 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL |
902 IEEE80211_STA_BEACON_POLL);
964 903
965 ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET;
966 memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN);
967 ieee80211_sta_send_associnfo(sdata);
968
969 ifmgd->last_probe = jiffies;
970 ieee80211_led_assoc(local, 1); 904 ieee80211_led_assoc(local, 1);
971 905
972 sdata->vif.bss_conf.assoc = 1; 906 sdata->vif.bss_conf.assoc = 1;
@@ -991,167 +925,140 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
991 925
992 netif_tx_start_all_queues(sdata->dev); 926 netif_tx_start_all_queues(sdata->dev);
993 netif_carrier_on(sdata->dev); 927 netif_carrier_on(sdata->dev);
994
995 ieee80211_sta_send_apinfo(sdata);
996} 928}
997 929
998static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata) 930static enum rx_mgmt_action __must_check
931ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
932 struct ieee80211_mgd_work *wk)
999{ 933{
1000 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 934 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1001 struct ieee80211_local *local = sdata->local; 935 struct ieee80211_local *local = sdata->local;
1002 936
1003 ifmgd->direct_probe_tries++; 937 wk->tries++;
1004 if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) { 938 if (wk->tries > IEEE80211_AUTH_MAX_TRIES) {
1005 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n", 939 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
1006 sdata->dev->name, ifmgd->bssid); 940 sdata->dev->name, wk->bss->cbss.bssid);
1007 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1008 ieee80211_recalc_idle(local);
1009 cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1010 941
1011 /* 942 /*
1012 * Most likely AP is not in the range so remove the 943 * Most likely AP is not in the range so remove the
1013 * bss information associated to the AP 944 * bss struct for that AP.
1014 */ 945 */
1015 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 946 cfg80211_unlink_bss(local->hw.wiphy, &wk->bss->cbss);
1016 sdata->local->hw.conf.channel->center_freq,
1017 ifmgd->ssid, ifmgd->ssid_len);
1018 947
1019 /* 948 /*
1020 * We might have a pending scan which had no chance to run yet 949 * We might have a pending scan which had no chance to run yet
1021 * due to state == IEEE80211_STA_MLME_DIRECT_PROBE. 950 * due to work needing to be done. Hence, queue the STAs work
1022 * Hence, queue the STAs work again 951 * again for that.
1023 */ 952 */
1024 queue_work(local->hw.workqueue, &ifmgd->work); 953 queue_work(local->hw.workqueue, &ifmgd->work);
1025 return; 954 return RX_MGMT_CFG80211_AUTH_TO;
1026 } 955 }
1027 956
1028 printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n", 957 printk(KERN_DEBUG "%s: direct probe to AP %pM (try %d)\n",
1029 sdata->dev->name, ifmgd->bssid, 958 sdata->dev->name, wk->bss->cbss.bssid,
1030 ifmgd->direct_probe_tries); 959 wk->tries);
1031 960
1032 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE; 961 /*
1033 962 * Direct probe is sent to broadcast address as some APs
1034 /* Direct probe is sent to broadcast address as some APs
1035 * will not answer to direct packet in unassociated state. 963 * will not answer to direct packet in unassociated state.
1036 */ 964 */
1037 ieee80211_send_probe_req(sdata, NULL, 965 ieee80211_send_probe_req(sdata, NULL, wk->ssid, wk->ssid_len, NULL, 0);
1038 ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
1039 966
1040 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 967 wk->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
968 run_again(ifmgd, wk->timeout);
969
970 return RX_MGMT_NONE;
1041} 971}
1042 972
1043 973
1044static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata) 974static enum rx_mgmt_action __must_check
975ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
976 struct ieee80211_mgd_work *wk)
1045{ 977{
1046 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 978 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1047 struct ieee80211_local *local = sdata->local; 979 struct ieee80211_local *local = sdata->local;
1048 u8 *ies;
1049 size_t ies_len;
1050 980
1051 ifmgd->auth_tries++; 981 wk->tries++;
1052 if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) { 982 if (wk->tries > IEEE80211_AUTH_MAX_TRIES) {
1053 printk(KERN_DEBUG "%s: authentication with AP %pM" 983 printk(KERN_DEBUG "%s: authentication with AP %pM"
1054 " timed out\n", 984 " timed out\n",
1055 sdata->dev->name, ifmgd->bssid); 985 sdata->dev->name, wk->bss->cbss.bssid);
1056 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 986
1057 ieee80211_recalc_idle(local); 987 /*
1058 cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid); 988 * Most likely AP is not in the range so remove the
1059 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 989 * bss struct for that AP.
1060 sdata->local->hw.conf.channel->center_freq, 990 */
1061 ifmgd->ssid, ifmgd->ssid_len); 991 cfg80211_unlink_bss(local->hw.wiphy, &wk->bss->cbss);
1062 992
1063 /* 993 /*
1064 * We might have a pending scan which had no chance to run yet 994 * We might have a pending scan which had no chance to run yet
1065 * due to state == IEEE80211_STA_MLME_AUTHENTICATE. 995 * due to work needing to be done. Hence, queue the STAs work
1066 * Hence, queue the STAs work again 996 * again for that.
1067 */ 997 */
1068 queue_work(local->hw.workqueue, &ifmgd->work); 998 queue_work(local->hw.workqueue, &ifmgd->work);
1069 return; 999 return RX_MGMT_CFG80211_AUTH_TO;
1070 } 1000 }
1071 1001
1072 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE; 1002 printk(KERN_DEBUG "%s: authenticate with AP %pM (try %d)\n",
1073 printk(KERN_DEBUG "%s: authenticate with AP %pM\n", 1003 sdata->dev->name, wk->bss->cbss.bssid, wk->tries);
1074 sdata->dev->name, ifmgd->bssid);
1075 1004
1076 if (ifmgd->flags & IEEE80211_STA_EXT_SME) { 1005 ieee80211_send_auth(sdata, 1, wk->auth_alg, wk->ie, wk->ie_len,
1077 ies = ifmgd->sme_auth_ie; 1006 wk->bss->cbss.bssid, NULL, 0, 0);
1078 ies_len = ifmgd->sme_auth_ie_len; 1007 wk->auth_transaction = 2;
1079 } else { 1008
1080 ies = NULL; 1009 wk->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
1081 ies_len = 0; 1010 run_again(ifmgd, wk->timeout);
1082 }
1083 ieee80211_send_auth(sdata, 1, ifmgd->auth_alg, ies, ies_len,
1084 ifmgd->bssid, 0);
1085 ifmgd->auth_transaction = 2;
1086 1011
1087 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 1012 return RX_MGMT_NONE;
1088} 1013}
1089 1014
1090/* 1015static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata)
1091 * The disassoc 'reason' argument can be either our own reason
1092 * if self disconnected or a reason code from the AP.
1093 */
1094static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1095 bool deauth, bool self_disconnected,
1096 u16 reason)
1097{ 1016{
1098 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1017 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1099 struct ieee80211_local *local = sdata->local; 1018 struct ieee80211_local *local = sdata->local;
1100 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
1101 struct ieee80211_bss *bss;
1102 struct sta_info *sta; 1019 struct sta_info *sta;
1103 u32 changed = 0, config_changed = 0; 1020 u32 changed = 0, config_changed = 0;
1021 u8 bssid[ETH_ALEN];
1104 1022
1105 if (deauth) { 1023 ASSERT_MGD_MTX(ifmgd);
1106 ifmgd->direct_probe_tries = 0; 1024
1107 ifmgd->auth_tries = 0; 1025 if (WARN_ON(!ifmgd->associated))
1108 } 1026 return;
1109 ifmgd->assoc_scan_tries = 0; 1027
1110 ifmgd->assoc_tries = 0; 1028 memcpy(bssid, ifmgd->associated->cbss.bssid, ETH_ALEN);
1029
1030 ifmgd->associated = NULL;
1031 memset(ifmgd->bssid, 0, ETH_ALEN);
1032
1033 /*
1034 * we need to commit the associated = NULL change because the
1035 * scan code uses that to determine whether this iface should
1036 * go to/wake up from powersave or not -- and could otherwise
1037 * wake the queues erroneously.
1038 */
1039 smp_mb();
1040
1041 /*
1042 * Thus, we can only afterwards stop the queues -- to account
1043 * for the case where another CPU is finishing a scan at this
1044 * time -- we don't want the scan code to enable queues.
1045 */
1111 1046
1112 netif_tx_stop_all_queues(sdata->dev); 1047 netif_tx_stop_all_queues(sdata->dev);
1113 netif_carrier_off(sdata->dev); 1048 netif_carrier_off(sdata->dev);
1114 1049
1115 rcu_read_lock(); 1050 rcu_read_lock();
1116 sta = sta_info_get(local, ifmgd->bssid); 1051 sta = sta_info_get(local, bssid);
1117 if (sta) 1052 if (sta)
1118 ieee80211_sta_tear_down_BA_sessions(sta); 1053 ieee80211_sta_tear_down_BA_sessions(sta);
1119 rcu_read_unlock(); 1054 rcu_read_unlock();
1120 1055
1121 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
1122 conf->channel->center_freq,
1123 ifmgd->ssid, ifmgd->ssid_len);
1124
1125 if (bss) {
1126 cfg80211_unhold_bss(&bss->cbss);
1127 ieee80211_rx_bss_put(local, bss);
1128 }
1129
1130 if (self_disconnected) {
1131 if (deauth)
1132 ieee80211_send_deauth_disassoc(sdata,
1133 IEEE80211_STYPE_DEAUTH, reason);
1134 else
1135 ieee80211_send_deauth_disassoc(sdata,
1136 IEEE80211_STYPE_DISASSOC, reason);
1137 }
1138
1139 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
1140 changed |= ieee80211_reset_erp_info(sdata); 1056 changed |= ieee80211_reset_erp_info(sdata);
1141 1057
1142 ieee80211_led_assoc(local, 0); 1058 ieee80211_led_assoc(local, 0);
1143 changed |= BSS_CHANGED_ASSOC; 1059 changed |= BSS_CHANGED_ASSOC;
1144 sdata->vif.bss_conf.assoc = false; 1060 sdata->vif.bss_conf.assoc = false;
1145 1061
1146 ieee80211_sta_send_apinfo(sdata);
1147
1148 if (self_disconnected || reason == WLAN_REASON_DISASSOC_STA_HAS_LEFT) {
1149 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1150 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1151 sdata->local->hw.conf.channel->center_freq,
1152 ifmgd->ssid, ifmgd->ssid_len);
1153 }
1154
1155 ieee80211_set_wmm_default(sdata); 1062 ieee80211_set_wmm_default(sdata);
1156 1063
1157 ieee80211_recalc_idle(local); 1064 ieee80211_recalc_idle(local);
@@ -1180,7 +1087,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1180 1087
1181 rcu_read_lock(); 1088 rcu_read_lock();
1182 1089
1183 sta = sta_info_get(local, ifmgd->bssid); 1090 sta = sta_info_get(local, bssid);
1184 if (!sta) { 1091 if (!sta) {
1185 rcu_read_unlock(); 1092 rcu_read_unlock();
1186 return; 1093 return;
@@ -1193,83 +1100,42 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1193 sta_info_destroy(sta); 1100 sta_info_destroy(sta);
1194} 1101}
1195 1102
1196static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata) 1103static enum rx_mgmt_action __must_check
1197{ 1104ieee80211_associate(struct ieee80211_sub_if_data *sdata,
1198 if (!sdata || !sdata->default_key || 1105 struct ieee80211_mgd_work *wk)
1199 sdata->default_key->conf.alg != ALG_WEP)
1200 return 0;
1201 return 1;
1202}
1203
1204static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata)
1205{
1206 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1207 struct ieee80211_local *local = sdata->local;
1208 struct ieee80211_bss *bss;
1209 int bss_privacy;
1210 int wep_privacy;
1211 int privacy_invoked;
1212
1213 if (!ifmgd || (ifmgd->flags & IEEE80211_STA_EXT_SME))
1214 return 0;
1215
1216 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
1217 local->hw.conf.channel->center_freq,
1218 ifmgd->ssid, ifmgd->ssid_len);
1219 if (!bss)
1220 return 0;
1221
1222 bss_privacy = !!(bss->cbss.capability & WLAN_CAPABILITY_PRIVACY);
1223 wep_privacy = !!ieee80211_sta_wep_configured(sdata);
1224 privacy_invoked = !!(ifmgd->flags & IEEE80211_STA_PRIVACY_INVOKED);
1225
1226 ieee80211_rx_bss_put(local, bss);
1227
1228 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
1229 return 0;
1230
1231 return 1;
1232}
1233
1234static void ieee80211_associate(struct ieee80211_sub_if_data *sdata)
1235{ 1106{
1236 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1107 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1237 struct ieee80211_local *local = sdata->local; 1108 struct ieee80211_local *local = sdata->local;
1238 1109
1239 ifmgd->assoc_tries++; 1110 wk->tries++;
1240 if (ifmgd->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) { 1111 if (wk->tries > IEEE80211_ASSOC_MAX_TRIES) {
1241 printk(KERN_DEBUG "%s: association with AP %pM" 1112 printk(KERN_DEBUG "%s: association with AP %pM"
1242 " timed out\n", 1113 " timed out\n",
1243 sdata->dev->name, ifmgd->bssid); 1114 sdata->dev->name, wk->bss->cbss.bssid);
1244 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 1115
1245 ieee80211_recalc_idle(local); 1116 /*
1246 cfg80211_send_assoc_timeout(sdata->dev, ifmgd->bssid); 1117 * Most likely AP is not in the range so remove the
1247 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 1118 * bss struct for that AP.
1248 sdata->local->hw.conf.channel->center_freq, 1119 */
1249 ifmgd->ssid, ifmgd->ssid_len); 1120 cfg80211_unlink_bss(local->hw.wiphy, &wk->bss->cbss);
1121
1250 /* 1122 /*
1251 * We might have a pending scan which had no chance to run yet 1123 * We might have a pending scan which had no chance to run yet
1252 * due to state == IEEE80211_STA_MLME_ASSOCIATE. 1124 * due to work needing to be done. Hence, queue the STAs work
1253 * Hence, queue the STAs work again 1125 * again for that.
1254 */ 1126 */
1255 queue_work(local->hw.workqueue, &ifmgd->work); 1127 queue_work(local->hw.workqueue, &ifmgd->work);
1256 return; 1128 return RX_MGMT_CFG80211_ASSOC_TO;
1257 } 1129 }
1258 1130
1259 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE; 1131 printk(KERN_DEBUG "%s: associate with AP %pM (try %d)\n",
1260 printk(KERN_DEBUG "%s: associate with AP %pM\n", 1132 sdata->dev->name, wk->bss->cbss.bssid, wk->tries);
1261 sdata->dev->name, ifmgd->bssid); 1133 ieee80211_send_assoc(sdata, wk);
1262 if (ieee80211_privacy_mismatch(sdata)) {
1263 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
1264 "mixed-cell disabled - abort association\n", sdata->dev->name);
1265 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1266 ieee80211_recalc_idle(local);
1267 return;
1268 }
1269 1134
1270 ieee80211_send_assoc(sdata); 1135 wk->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT;
1136 run_again(ifmgd, wk->timeout);
1271 1137
1272 mod_timer(&ifmgd->timer, jiffies + IEEE80211_ASSOC_TIMEOUT); 1138 return RX_MGMT_NONE;
1273} 1139}
1274 1140
1275void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, 1141void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
@@ -1280,50 +1146,83 @@ void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
1280 * from AP because we know that the connection is working both ways 1146 * from AP because we know that the connection is working both ways
1281 * at that time. But multicast frames (and hence also beacons) must 1147 * at that time. But multicast frames (and hence also beacons) must
1282 * be ignored here, because we need to trigger the timer during 1148 * be ignored here, because we need to trigger the timer during
1283 * data idle periods for sending the periodical probe request to 1149 * data idle periods for sending the periodic probe request to the
1284 * the AP. 1150 * AP we're connected to.
1285 */ 1151 */
1286 if (!is_multicast_ether_addr(hdr->addr1)) 1152 if (is_multicast_ether_addr(hdr->addr1))
1287 mod_timer(&sdata->u.mgd.timer, 1153 return;
1288 jiffies + IEEE80211_MONITORING_INTERVAL); 1154
1155 mod_timer(&sdata->u.mgd.conn_mon_timer,
1156 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME));
1289} 1157}
1290 1158
1291void ieee80211_beacon_loss_work(struct work_struct *work) 1159static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata,
1160 bool beacon)
1292{ 1161{
1293 struct ieee80211_sub_if_data *sdata =
1294 container_of(work, struct ieee80211_sub_if_data,
1295 u.mgd.beacon_loss_work);
1296 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1162 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1163 const u8 *ssid;
1164 bool already = false;
1297 1165
1298 /* 1166 if (!netif_running(sdata->dev))
1299 * The driver has already reported this event and we have
1300 * already sent a probe request. Maybe the AP died and the
1301 * driver keeps reporting until we disassociate... We have
1302 * to ignore that because otherwise we would continually
1303 * reset the timer and never check whether we received a
1304 * probe response!
1305 */
1306 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL)
1307 return; 1167 return;
1308 1168
1169 mutex_lock(&ifmgd->mtx);
1170
1171 if (!ifmgd->associated)
1172 goto out;
1173
1309#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1174#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1310 if (net_ratelimit()) { 1175 if (beacon && net_ratelimit())
1311 printk(KERN_DEBUG "%s: driver reports beacon loss from AP %pM " 1176 printk(KERN_DEBUG "%s: detected beacon loss from AP "
1312 "- sending probe request\n", sdata->dev->name, 1177 "- sending probe request\n", sdata->dev->name);
1313 sdata->u.mgd.bssid);
1314 }
1315#endif 1178#endif
1316 1179
1317 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL; 1180 /*
1181 * The driver/our work has already reported this event or the
1182 * connection monitoring has kicked in and we have already sent
1183 * a probe request. Or maybe the AP died and the driver keeps
1184 * reporting until we disassociate...
1185 *
1186 * In either case we have to ignore the current call to this
1187 * function (except for setting the correct probe reason bit)
1188 * because otherwise we would reset the timer every time and
1189 * never check whether we received a probe response!
1190 */
1191 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
1192 IEEE80211_STA_CONNECTION_POLL))
1193 already = true;
1194
1195 if (beacon)
1196 ifmgd->flags |= IEEE80211_STA_BEACON_POLL;
1197 else
1198 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL;
1199
1200 if (already)
1201 goto out;
1202
1203 ifmgd->probe_timeout = jiffies + IEEE80211_PROBE_WAIT;
1318 1204
1319 mutex_lock(&sdata->local->iflist_mtx); 1205 mutex_lock(&sdata->local->iflist_mtx);
1320 ieee80211_recalc_ps(sdata->local, -1); 1206 ieee80211_recalc_ps(sdata->local, -1);
1321 mutex_unlock(&sdata->local->iflist_mtx); 1207 mutex_unlock(&sdata->local->iflist_mtx);
1322 1208
1323 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid, 1209 ssid = ieee80211_bss_get_ie(&ifmgd->associated->cbss, WLAN_EID_SSID);
1324 ifmgd->ssid_len, NULL, 0); 1210 ieee80211_send_probe_req(sdata, ifmgd->associated->cbss.bssid,
1211 ssid + 2, ssid[1], NULL, 0);
1212
1213 run_again(ifmgd, ifmgd->probe_timeout);
1325 1214
1326 mod_timer(&ifmgd->timer, jiffies + IEEE80211_PROBE_WAIT); 1215 out:
1216 mutex_unlock(&ifmgd->mtx);
1217}
1218
1219void ieee80211_beacon_loss_work(struct work_struct *work)
1220{
1221 struct ieee80211_sub_if_data *sdata =
1222 container_of(work, struct ieee80211_sub_if_data,
1223 u.mgd.beacon_loss_work);
1224
1225 ieee80211_mgd_probe_ap(sdata, true);
1327} 1226}
1328 1227
1329void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1228void ieee80211_beacon_loss(struct ieee80211_vif *vif)
@@ -1335,105 +1234,16 @@ void ieee80211_beacon_loss(struct ieee80211_vif *vif)
1335} 1234}
1336EXPORT_SYMBOL(ieee80211_beacon_loss); 1235EXPORT_SYMBOL(ieee80211_beacon_loss);
1337 1236
1338static void ieee80211_associated(struct ieee80211_sub_if_data *sdata) 1237static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
1339{ 1238 struct ieee80211_mgd_work *wk)
1340 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1341 struct ieee80211_local *local = sdata->local;
1342 struct sta_info *sta;
1343 unsigned long last_rx;
1344 bool disassoc = false;
1345
1346 /* TODO: start monitoring current AP signal quality and number of
1347 * missed beacons. Scan other channels every now and then and search
1348 * for better APs. */
1349 /* TODO: remove expired BSSes */
1350
1351 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATED;
1352
1353 rcu_read_lock();
1354
1355 sta = sta_info_get(local, ifmgd->bssid);
1356 if (!sta) {
1357 printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n",
1358 sdata->dev->name, ifmgd->bssid);
1359 disassoc = true;
1360 rcu_read_unlock();
1361 goto out;
1362 }
1363
1364 last_rx = sta->last_rx;
1365 rcu_read_unlock();
1366
1367 if ((ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) &&
1368 time_after(jiffies, last_rx + IEEE80211_PROBE_WAIT)) {
1369 printk(KERN_DEBUG "%s: no probe response from AP %pM "
1370 "- disassociating\n",
1371 sdata->dev->name, ifmgd->bssid);
1372 disassoc = true;
1373 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1374 goto out;
1375 }
1376
1377 /*
1378 * Beacon filtering is only enabled with power save and then the
1379 * stack should not check for beacon loss.
1380 */
1381 if (!((local->hw.flags & IEEE80211_HW_BEACON_FILTER) &&
1382 (local->hw.conf.flags & IEEE80211_CONF_PS)) &&
1383 time_after(jiffies,
1384 ifmgd->last_beacon + IEEE80211_MONITORING_INTERVAL)) {
1385#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1386 if (net_ratelimit()) {
1387 printk(KERN_DEBUG "%s: beacon loss from AP %pM "
1388 "- sending probe request\n",
1389 sdata->dev->name, ifmgd->bssid);
1390 }
1391#endif
1392 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
1393 mutex_lock(&local->iflist_mtx);
1394 ieee80211_recalc_ps(local, -1);
1395 mutex_unlock(&local->iflist_mtx);
1396 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
1397 ifmgd->ssid_len, NULL, 0);
1398 mod_timer(&ifmgd->timer, jiffies + IEEE80211_PROBE_WAIT);
1399 goto out;
1400 }
1401
1402 if (time_after(jiffies, last_rx + IEEE80211_PROBE_IDLE_TIME)) {
1403 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
1404 mutex_lock(&local->iflist_mtx);
1405 ieee80211_recalc_ps(local, -1);
1406 mutex_unlock(&local->iflist_mtx);
1407 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
1408 ifmgd->ssid_len, NULL, 0);
1409 }
1410
1411 out:
1412 if (!disassoc)
1413 mod_timer(&ifmgd->timer,
1414 jiffies + IEEE80211_MONITORING_INTERVAL);
1415 else
1416 ieee80211_set_disassoc(sdata, true, true,
1417 WLAN_REASON_PREV_AUTH_NOT_VALID);
1418}
1419
1420
1421static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata)
1422{ 1239{
1423 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1240 wk->state = IEEE80211_MGD_STATE_IDLE;
1424
1425 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name); 1241 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1426 ifmgd->flags |= IEEE80211_STA_AUTHENTICATED;
1427 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
1428 /* Wait for SME to request association */
1429 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1430 ieee80211_recalc_idle(sdata->local);
1431 } else
1432 ieee80211_associate(sdata);
1433} 1242}
1434 1243
1435 1244
1436static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1245static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1246 struct ieee80211_mgd_work *wk,
1437 struct ieee80211_mgmt *mgmt, 1247 struct ieee80211_mgmt *mgmt,
1438 size_t len) 1248 size_t len)
1439{ 1249{
@@ -1444,161 +1254,133 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1444 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1254 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1445 if (!elems.challenge) 1255 if (!elems.challenge)
1446 return; 1256 return;
1447 ieee80211_send_auth(sdata, 3, sdata->u.mgd.auth_alg, 1257 ieee80211_send_auth(sdata, 3, wk->auth_alg,
1448 elems.challenge - 2, elems.challenge_len + 2, 1258 elems.challenge - 2, elems.challenge_len + 2,
1449 sdata->u.mgd.bssid, 1); 1259 wk->bss->cbss.bssid,
1450 sdata->u.mgd.auth_transaction = 4; 1260 wk->key, wk->key_len, wk->key_idx);
1261 wk->auth_transaction = 4;
1451} 1262}
1452 1263
1453static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1264static enum rx_mgmt_action __must_check
1454 struct ieee80211_mgmt *mgmt, 1265ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1455 size_t len) 1266 struct ieee80211_mgd_work *wk,
1267 struct ieee80211_mgmt *mgmt, size_t len)
1456{ 1268{
1457 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1458 u16 auth_alg, auth_transaction, status_code; 1269 u16 auth_alg, auth_transaction, status_code;
1459 1270
1460 if (ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE) 1271 if (wk->state != IEEE80211_MGD_STATE_AUTH)
1461 return; 1272 return RX_MGMT_NONE;
1462 1273
1463 if (len < 24 + 6) 1274 if (len < 24 + 6)
1464 return; 1275 return RX_MGMT_NONE;
1465 1276
1466 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0) 1277 if (memcmp(wk->bss->cbss.bssid, mgmt->sa, ETH_ALEN) != 0)
1467 return; 1278 return RX_MGMT_NONE;
1468 1279
1469 if (memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0) 1280 if (memcmp(wk->bss->cbss.bssid, mgmt->bssid, ETH_ALEN) != 0)
1470 return; 1281 return RX_MGMT_NONE;
1471 1282
1472 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1283 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1473 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1284 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1474 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1285 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1475 1286
1476 if (auth_alg != ifmgd->auth_alg || 1287 if (auth_alg != wk->auth_alg ||
1477 auth_transaction != ifmgd->auth_transaction) 1288 auth_transaction != wk->auth_transaction)
1478 return; 1289 return RX_MGMT_NONE;
1479 1290
1480 if (status_code != WLAN_STATUS_SUCCESS) { 1291 if (status_code != WLAN_STATUS_SUCCESS) {
1481 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { 1292 list_del(&wk->list);
1482 u8 algs[3]; 1293 kfree(wk);
1483 const int num_algs = ARRAY_SIZE(algs); 1294 return RX_MGMT_CFG80211_AUTH;
1484 int i, pos;
1485 algs[0] = algs[1] = algs[2] = 0xff;
1486 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1487 algs[0] = WLAN_AUTH_OPEN;
1488 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1489 algs[1] = WLAN_AUTH_SHARED_KEY;
1490 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1491 algs[2] = WLAN_AUTH_LEAP;
1492 if (ifmgd->auth_alg == WLAN_AUTH_OPEN)
1493 pos = 0;
1494 else if (ifmgd->auth_alg == WLAN_AUTH_SHARED_KEY)
1495 pos = 1;
1496 else
1497 pos = 2;
1498 for (i = 0; i < num_algs; i++) {
1499 pos++;
1500 if (pos >= num_algs)
1501 pos = 0;
1502 if (algs[pos] == ifmgd->auth_alg ||
1503 algs[pos] == 0xff)
1504 continue;
1505 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1506 !ieee80211_sta_wep_configured(sdata))
1507 continue;
1508 ifmgd->auth_alg = algs[pos];
1509 break;
1510 }
1511 }
1512 return;
1513 } 1295 }
1514 1296
1515 switch (ifmgd->auth_alg) { 1297 switch (wk->auth_alg) {
1516 case WLAN_AUTH_OPEN: 1298 case WLAN_AUTH_OPEN:
1517 case WLAN_AUTH_LEAP: 1299 case WLAN_AUTH_LEAP:
1518 case WLAN_AUTH_FT: 1300 case WLAN_AUTH_FT:
1519 ieee80211_auth_completed(sdata); 1301 ieee80211_auth_completed(sdata, wk);
1520 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len); 1302 return RX_MGMT_CFG80211_AUTH;
1521 break;
1522 case WLAN_AUTH_SHARED_KEY: 1303 case WLAN_AUTH_SHARED_KEY:
1523 if (ifmgd->auth_transaction == 4) { 1304 if (wk->auth_transaction == 4) {
1524 ieee80211_auth_completed(sdata); 1305 ieee80211_auth_completed(sdata, wk);
1525 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len); 1306 return RX_MGMT_CFG80211_AUTH;
1526 } else 1307 } else
1527 ieee80211_auth_challenge(sdata, mgmt, len); 1308 ieee80211_auth_challenge(sdata, wk, mgmt, len);
1528 break; 1309 break;
1529 } 1310 }
1311
1312 return RX_MGMT_NONE;
1530} 1313}
1531 1314
1532 1315
1533static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1316static enum rx_mgmt_action __must_check
1534 struct ieee80211_mgmt *mgmt, 1317ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
1535 size_t len) 1318 struct ieee80211_mgd_work *wk,
1319 struct ieee80211_mgmt *mgmt, size_t len)
1536{ 1320{
1537 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1321 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1322 const u8 *bssid = NULL;
1538 u16 reason_code; 1323 u16 reason_code;
1539 1324
1540 if (len < 24 + 2) 1325 if (len < 24 + 2)
1541 return; 1326 return RX_MGMT_NONE;
1542 1327
1543 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN)) 1328 ASSERT_MGD_MTX(ifmgd);
1544 return; 1329
1330 if (wk)
1331 bssid = wk->bss->cbss.bssid;
1332 else
1333 bssid = ifmgd->associated->cbss.bssid;
1545 1334
1546 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1335 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1547 1336
1548 if (ifmgd->flags & IEEE80211_STA_AUTHENTICATED) 1337 printk(KERN_DEBUG "%s: deauthenticated from %pM (Reason: %u)\n",
1549 printk(KERN_DEBUG "%s: deauthenticated (Reason: %u)\n", 1338 sdata->dev->name, bssid, reason_code);
1550 sdata->dev->name, reason_code);
1551 1339
1552 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 1340 if (!wk) {
1553 (ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE || 1341 ieee80211_set_disassoc(sdata);
1554 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE || 1342 } else {
1555 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)) { 1343 list_del(&wk->list);
1556 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1344 kfree(wk);
1557 mod_timer(&ifmgd->timer, jiffies +
1558 IEEE80211_RETRY_AUTH_INTERVAL);
1559 } 1345 }
1560 1346
1561 ieee80211_set_disassoc(sdata, true, false, 0); 1347 return RX_MGMT_CFG80211_DEAUTH;
1562 ifmgd->flags &= ~IEEE80211_STA_AUTHENTICATED;
1563 cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, len);
1564} 1348}
1565 1349
1566 1350
1567static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1351static enum rx_mgmt_action __must_check
1568 struct ieee80211_mgmt *mgmt, 1352ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
1569 size_t len) 1353 struct ieee80211_mgmt *mgmt, size_t len)
1570{ 1354{
1571 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1355 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1572 u16 reason_code; 1356 u16 reason_code;
1573 1357
1574 if (len < 24 + 2) 1358 if (len < 24 + 2)
1575 return; 1359 return RX_MGMT_NONE;
1576 1360
1577 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN)) 1361 ASSERT_MGD_MTX(ifmgd);
1578 return;
1579 1362
1580 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1363 if (WARN_ON(!ifmgd->associated))
1364 return RX_MGMT_NONE;
1581 1365
1582 if (ifmgd->flags & IEEE80211_STA_ASSOCIATED) 1366 if (WARN_ON(memcmp(ifmgd->associated->cbss.bssid, mgmt->sa, ETH_ALEN)))
1583 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n", 1367 return RX_MGMT_NONE;
1584 sdata->dev->name, reason_code);
1585 1368
1586 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 1369 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1587 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED) {
1588 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE;
1589 mod_timer(&ifmgd->timer, jiffies +
1590 IEEE80211_RETRY_AUTH_INTERVAL);
1591 }
1592 1370
1593 ieee80211_set_disassoc(sdata, false, false, reason_code); 1371 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n",
1594 cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, len); 1372 sdata->dev->name, reason_code);
1373
1374 ieee80211_set_disassoc(sdata);
1375 return RX_MGMT_CFG80211_DISASSOC;
1595} 1376}
1596 1377
1597 1378
1598static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 1379static enum rx_mgmt_action __must_check
1599 struct ieee80211_mgmt *mgmt, 1380ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1600 size_t len, 1381 struct ieee80211_mgd_work *wk,
1601 int reassoc) 1382 struct ieee80211_mgmt *mgmt, size_t len,
1383 bool reassoc)
1602{ 1384{
1603 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1385 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1604 struct ieee80211_local *local = sdata->local; 1386 struct ieee80211_local *local = sdata->local;
@@ -1614,17 +1396,16 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1614 bool have_higher_than_11mbit = false, newsta = false; 1396 bool have_higher_than_11mbit = false, newsta = false;
1615 u16 ap_ht_cap_flags; 1397 u16 ap_ht_cap_flags;
1616 1398
1617 /* AssocResp and ReassocResp have identical structure, so process both 1399 /*
1618 * of them in this function. */ 1400 * AssocResp and ReassocResp have identical structure, so process both
1619 1401 * of them in this function.
1620 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE) 1402 */
1621 return;
1622 1403
1623 if (len < 24 + 6) 1404 if (len < 24 + 6)
1624 return; 1405 return RX_MGMT_NONE;
1625 1406
1626 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0) 1407 if (memcmp(wk->bss->cbss.bssid, mgmt->sa, ETH_ALEN) != 0)
1627 return; 1408 return RX_MGMT_NONE;
1628 1409
1629 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1410 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1630 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 1411 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
@@ -1647,26 +1428,18 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1647 printk(KERN_DEBUG "%s: AP rejected association temporarily; " 1428 printk(KERN_DEBUG "%s: AP rejected association temporarily; "
1648 "comeback duration %u TU (%u ms)\n", 1429 "comeback duration %u TU (%u ms)\n",
1649 sdata->dev->name, tu, ms); 1430 sdata->dev->name, tu, ms);
1431 wk->timeout = jiffies + msecs_to_jiffies(ms);
1650 if (ms > IEEE80211_ASSOC_TIMEOUT) 1432 if (ms > IEEE80211_ASSOC_TIMEOUT)
1651 mod_timer(&ifmgd->timer, 1433 run_again(ifmgd, jiffies + msecs_to_jiffies(ms));
1652 jiffies + msecs_to_jiffies(ms)); 1434 return RX_MGMT_NONE;
1653 return;
1654 } 1435 }
1655 1436
1656 if (status_code != WLAN_STATUS_SUCCESS) { 1437 if (status_code != WLAN_STATUS_SUCCESS) {
1657 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n", 1438 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1658 sdata->dev->name, status_code); 1439 sdata->dev->name, status_code);
1659 /* if this was a reassociation, ensure we try a "full" 1440 list_del(&wk->list);
1660 * association next time. This works around some broken APs 1441 kfree(wk);
1661 * which do not correctly reject reassociation requests. */ 1442 return RX_MGMT_CFG80211_ASSOC;
1662 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1663 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len);
1664 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
1665 /* Wait for SME to decide what to do next */
1666 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1667 ieee80211_recalc_idle(local);
1668 }
1669 return;
1670 } 1443 }
1671 1444
1672 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 1445 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
@@ -1677,51 +1450,35 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1677 if (!elems.supp_rates) { 1450 if (!elems.supp_rates) {
1678 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", 1451 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1679 sdata->dev->name); 1452 sdata->dev->name);
1680 return; 1453 return RX_MGMT_NONE;
1681 } 1454 }
1682 1455
1683 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name); 1456 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
1684 ifmgd->aid = aid; 1457 ifmgd->aid = aid;
1685 ifmgd->ap_capab = capab_info;
1686
1687 kfree(ifmgd->assocresp_ies);
1688 ifmgd->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1689 ifmgd->assocresp_ies = kmalloc(ifmgd->assocresp_ies_len, GFP_KERNEL);
1690 if (ifmgd->assocresp_ies)
1691 memcpy(ifmgd->assocresp_ies, pos, ifmgd->assocresp_ies_len);
1692 1458
1693 rcu_read_lock(); 1459 rcu_read_lock();
1694 1460
1695 /* Add STA entry for the AP */ 1461 /* Add STA entry for the AP */
1696 sta = sta_info_get(local, ifmgd->bssid); 1462 sta = sta_info_get(local, wk->bss->cbss.bssid);
1697 if (!sta) { 1463 if (!sta) {
1698 newsta = true; 1464 newsta = true;
1699 1465
1700 sta = sta_info_alloc(sdata, ifmgd->bssid, GFP_ATOMIC); 1466 rcu_read_unlock();
1467
1468 sta = sta_info_alloc(sdata, wk->bss->cbss.bssid, GFP_KERNEL);
1701 if (!sta) { 1469 if (!sta) {
1702 printk(KERN_DEBUG "%s: failed to alloc STA entry for" 1470 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1703 " the AP\n", sdata->dev->name); 1471 " the AP\n", sdata->dev->name);
1704 rcu_read_unlock(); 1472 return RX_MGMT_NONE;
1705 return;
1706 } 1473 }
1707 1474
1708 /* update new sta with its last rx activity */ 1475 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC |
1709 sta->last_rx = jiffies; 1476 WLAN_STA_ASSOC_AP);
1710 } 1477 if (!(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
1711 1478 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
1712 /*
1713 * FIXME: Do we really need to update the sta_info's information here?
1714 * We already know about the AP (we found it in our list) so it
1715 * should already be filled with the right info, no?
1716 * As is stands, all this is racy because typically we assume
1717 * the information that is filled in here (except flags) doesn't
1718 * change while a STA structure is alive. As such, it should move
1719 * to between the sta_info_alloc() and sta_info_insert() above.
1720 */
1721 1479
1722 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP); 1480 rcu_read_lock();
1723 if (!(ifmgd->flags & IEEE80211_STA_CONTROL_PORT)) 1481 }
1724 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
1725 1482
1726 rates = 0; 1483 rates = 0;
1727 basic_rates = 0; 1484 basic_rates = 0;
@@ -1771,8 +1528,7 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1771 else 1528 else
1772 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 1529 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
1773 1530
1774 /* If TKIP/WEP is used, no need to parse AP's HT capabilities */ 1531 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_11N))
1775 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))
1776 ieee80211_ht_cap_ie_to_sta_ht_cap(sband, 1532 ieee80211_ht_cap_ie_to_sta_ht_cap(sband,
1777 elems.ht_cap_elem, &sta->sta.ht_cap); 1533 elems.ht_cap_elem, &sta->sta.ht_cap);
1778 1534
@@ -1792,7 +1548,7 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1792 printk(KERN_DEBUG "%s: failed to insert STA entry for" 1548 printk(KERN_DEBUG "%s: failed to insert STA entry for"
1793 " the AP (error %d)\n", sdata->dev->name, err); 1549 " the AP (error %d)\n", sdata->dev->name, err);
1794 rcu_read_unlock(); 1550 rcu_read_unlock();
1795 return; 1551 return RX_MGMT_NONE;
1796 } 1552 }
1797 } 1553 }
1798 1554
@@ -1806,24 +1562,27 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1806 1562
1807 if (elems.ht_info_elem && elems.wmm_param && 1563 if (elems.ht_info_elem && elems.wmm_param &&
1808 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) && 1564 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
1809 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) 1565 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N))
1810 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1566 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem,
1567 wk->bss->cbss.bssid,
1811 ap_ht_cap_flags); 1568 ap_ht_cap_flags);
1812 1569
1813 /* set AID and assoc capability, 1570 /* set AID and assoc capability,
1814 * ieee80211_set_associated() will tell the driver */ 1571 * ieee80211_set_associated() will tell the driver */
1815 bss_conf->aid = aid; 1572 bss_conf->aid = aid;
1816 bss_conf->assoc_capability = capab_info; 1573 bss_conf->assoc_capability = capab_info;
1817 ieee80211_set_associated(sdata, changed); 1574 ieee80211_set_associated(sdata, wk->bss, changed);
1818 1575
1819 /* 1576 /*
1820 * initialise the time of last beacon to be the association time, 1577 * Start timer to probe the connection to the AP now.
1821 * otherwise beacon loss check will trigger immediately 1578 * Also start the timer that will detect beacon loss.
1822 */ 1579 */
1823 ifmgd->last_beacon = jiffies; 1580 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt);
1581 mod_beacon_timer(sdata);
1824 1582
1825 ieee80211_associated(sdata); 1583 list_del(&wk->list);
1826 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len); 1584 kfree(wk);
1585 return RX_MGMT_CFG80211_ASSOC;
1827} 1586}
1828 1587
1829 1588
@@ -1851,23 +1610,25 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1851 1610
1852 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 1611 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1853 channel, beacon); 1612 channel, beacon);
1854 if (!bss) 1613 if (bss)
1614 ieee80211_rx_bss_put(local, bss);
1615
1616 if (!sdata->u.mgd.associated)
1855 return; 1617 return;
1856 1618
1857 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) && 1619 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) &&
1858 (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN) == 0)) { 1620 (memcmp(mgmt->bssid, sdata->u.mgd.associated->cbss.bssid,
1621 ETH_ALEN) == 0)) {
1859 struct ieee80211_channel_sw_ie *sw_elem = 1622 struct ieee80211_channel_sw_ie *sw_elem =
1860 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem; 1623 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem;
1861 ieee80211_sta_process_chanswitch(sdata, sw_elem, bss); 1624 ieee80211_sta_process_chanswitch(sdata, sw_elem, bss);
1862 } 1625 }
1863
1864 ieee80211_rx_bss_put(local, bss);
1865} 1626}
1866 1627
1867 1628
1868static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 1629static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1869 struct ieee80211_mgmt *mgmt, 1630 struct ieee80211_mgd_work *wk,
1870 size_t len, 1631 struct ieee80211_mgmt *mgmt, size_t len,
1871 struct ieee80211_rx_status *rx_status) 1632 struct ieee80211_rx_status *rx_status)
1872{ 1633{
1873 struct ieee80211_if_managed *ifmgd; 1634 struct ieee80211_if_managed *ifmgd;
@@ -1876,6 +1637,8 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1876 1637
1877 ifmgd = &sdata->u.mgd; 1638 ifmgd = &sdata->u.mgd;
1878 1639
1640 ASSERT_MGD_MTX(ifmgd);
1641
1879 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN)) 1642 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
1880 return; /* ignore ProbeResp to foreign address */ 1643 return; /* ignore ProbeResp to foreign address */
1881 1644
@@ -1889,17 +1652,32 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1889 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 1652 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false);
1890 1653
1891 /* direct probe may be part of the association flow */ 1654 /* direct probe may be part of the association flow */
1892 if (ifmgd->state == IEEE80211_STA_MLME_DIRECT_PROBE) { 1655 if (wk && wk->state == IEEE80211_MGD_STATE_PROBE) {
1893 printk(KERN_DEBUG "%s direct probe responded\n", 1656 printk(KERN_DEBUG "%s direct probe responded\n",
1894 sdata->dev->name); 1657 sdata->dev->name);
1895 ieee80211_authenticate(sdata); 1658 wk->tries = 0;
1659 wk->state = IEEE80211_MGD_STATE_AUTH;
1660 WARN_ON(ieee80211_authenticate(sdata, wk) != RX_MGMT_NONE);
1896 } 1661 }
1897 1662
1898 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) { 1663 if (ifmgd->associated &&
1899 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 1664 memcmp(mgmt->bssid, ifmgd->associated->cbss.bssid, ETH_ALEN) == 0 &&
1665 ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
1666 IEEE80211_STA_CONNECTION_POLL)) {
1667 ifmgd->flags &= ~(IEEE80211_STA_CONNECTION_POLL |
1668 IEEE80211_STA_BEACON_POLL);
1900 mutex_lock(&sdata->local->iflist_mtx); 1669 mutex_lock(&sdata->local->iflist_mtx);
1901 ieee80211_recalc_ps(sdata->local, -1); 1670 ieee80211_recalc_ps(sdata->local, -1);
1902 mutex_unlock(&sdata->local->iflist_mtx); 1671 mutex_unlock(&sdata->local->iflist_mtx);
1672 /*
1673 * We've received a probe response, but are not sure whether
1674 * we have or will be receiving any beacons or data, so let's
1675 * schedule the timers again, just in case.
1676 */
1677 mod_beacon_timer(sdata);
1678 mod_timer(&ifmgd->conn_mon_timer,
1679 round_jiffies_up(jiffies +
1680 IEEE80211_CONNECTION_IDLE_TIME));
1903 } 1681 }
1904} 1682}
1905 1683
@@ -1937,6 +1715,9 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1937 bool erp_valid, directed_tim = false; 1715 bool erp_valid, directed_tim = false;
1938 u8 erp_value = 0; 1716 u8 erp_value = 0;
1939 u32 ncrc; 1717 u32 ncrc;
1718 u8 *bssid;
1719
1720 ASSERT_MGD_MTX(ifmgd);
1940 1721
1941 /* Process beacon from the current BSS */ 1722 /* Process beacon from the current BSS */
1942 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 1723 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
@@ -1946,23 +1727,41 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1946 if (rx_status->freq != local->hw.conf.channel->center_freq) 1727 if (rx_status->freq != local->hw.conf.channel->center_freq)
1947 return; 1728 return;
1948 1729
1949 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED) || 1730 /*
1950 memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0) 1731 * We might have received a number of frames, among them a
1732 * disassoc frame and a beacon...
1733 */
1734 if (!ifmgd->associated)
1951 return; 1735 return;
1952 1736
1953 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) { 1737 bssid = ifmgd->associated->cbss.bssid;
1738
1739 /*
1740 * And in theory even frames from a different AP we were just
1741 * associated to a split-second ago!
1742 */
1743 if (memcmp(bssid, mgmt->bssid, ETH_ALEN) != 0)
1744 return;
1745
1746 if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) {
1954#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1747#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1955 if (net_ratelimit()) { 1748 if (net_ratelimit()) {
1956 printk(KERN_DEBUG "%s: cancelling probereq poll due " 1749 printk(KERN_DEBUG "%s: cancelling probereq poll due "
1957 "to a received beacon\n", sdata->dev->name); 1750 "to a received beacon\n", sdata->dev->name);
1958 } 1751 }
1959#endif 1752#endif
1960 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 1753 ifmgd->flags &= ~IEEE80211_STA_BEACON_POLL;
1961 mutex_lock(&local->iflist_mtx); 1754 mutex_lock(&local->iflist_mtx);
1962 ieee80211_recalc_ps(local, -1); 1755 ieee80211_recalc_ps(local, -1);
1963 mutex_unlock(&local->iflist_mtx); 1756 mutex_unlock(&local->iflist_mtx);
1964 } 1757 }
1965 1758
1759 /*
1760 * Push the beacon loss detection into the future since
1761 * we are processing a beacon from the AP just now.
1762 */
1763 mod_beacon_timer(sdata);
1764
1966 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4); 1765 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4);
1967 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable, 1766 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable,
1968 len - baselen, &elems, 1767 len - baselen, &elems,
@@ -2019,15 +1818,15 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2019 1818
2020 1819
2021 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param && 1820 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
2022 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) { 1821 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) {
2023 struct sta_info *sta; 1822 struct sta_info *sta;
2024 struct ieee80211_supported_band *sband; 1823 struct ieee80211_supported_band *sband;
2025 u16 ap_ht_cap_flags; 1824 u16 ap_ht_cap_flags;
2026 1825
2027 rcu_read_lock(); 1826 rcu_read_lock();
2028 1827
2029 sta = sta_info_get(local, ifmgd->bssid); 1828 sta = sta_info_get(local, bssid);
2030 if (!sta) { 1829 if (WARN_ON(!sta)) {
2031 rcu_read_unlock(); 1830 rcu_read_unlock();
2032 return; 1831 return;
2033 } 1832 }
@@ -2042,7 +1841,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2042 rcu_read_unlock(); 1841 rcu_read_unlock();
2043 1842
2044 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1843 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem,
2045 ap_ht_cap_flags); 1844 bssid, ap_ht_cap_flags);
2046 } 1845 }
2047 1846
2048 if (elems.country_elem) { 1847 if (elems.country_elem) {
@@ -2063,8 +1862,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2063} 1862}
2064 1863
2065ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, 1864ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
2066 struct sk_buff *skb, 1865 struct sk_buff *skb)
2067 struct ieee80211_rx_status *rx_status)
2068{ 1866{
2069 struct ieee80211_local *local = sdata->local; 1867 struct ieee80211_local *local = sdata->local;
2070 struct ieee80211_mgmt *mgmt; 1868 struct ieee80211_mgmt *mgmt;
@@ -2080,12 +1878,12 @@ ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
2080 case IEEE80211_STYPE_PROBE_REQ: 1878 case IEEE80211_STYPE_PROBE_REQ:
2081 case IEEE80211_STYPE_PROBE_RESP: 1879 case IEEE80211_STYPE_PROBE_RESP:
2082 case IEEE80211_STYPE_BEACON: 1880 case IEEE80211_STYPE_BEACON:
2083 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2084 case IEEE80211_STYPE_AUTH: 1881 case IEEE80211_STYPE_AUTH:
2085 case IEEE80211_STYPE_ASSOC_RESP: 1882 case IEEE80211_STYPE_ASSOC_RESP:
2086 case IEEE80211_STYPE_REASSOC_RESP: 1883 case IEEE80211_STYPE_REASSOC_RESP:
2087 case IEEE80211_STYPE_DEAUTH: 1884 case IEEE80211_STYPE_DEAUTH:
2088 case IEEE80211_STYPE_DISASSOC: 1885 case IEEE80211_STYPE_DISASSOC:
1886 case IEEE80211_STYPE_ACTION:
2089 skb_queue_tail(&sdata->u.mgd.skb_queue, skb); 1887 skb_queue_tail(&sdata->u.mgd.skb_queue, skb);
2090 queue_work(local->hw.workqueue, &sdata->u.mgd.work); 1888 queue_work(local->hw.workqueue, &sdata->u.mgd.work);
2091 return RX_QUEUED; 1889 return RX_QUEUED;
@@ -2097,40 +1895,116 @@ ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
2097static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 1895static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
2098 struct sk_buff *skb) 1896 struct sk_buff *skb)
2099{ 1897{
1898 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2100 struct ieee80211_rx_status *rx_status; 1899 struct ieee80211_rx_status *rx_status;
2101 struct ieee80211_mgmt *mgmt; 1900 struct ieee80211_mgmt *mgmt;
1901 struct ieee80211_mgd_work *wk;
1902 enum rx_mgmt_action rma = RX_MGMT_NONE;
2102 u16 fc; 1903 u16 fc;
2103 1904
2104 rx_status = (struct ieee80211_rx_status *) skb->cb; 1905 rx_status = (struct ieee80211_rx_status *) skb->cb;
2105 mgmt = (struct ieee80211_mgmt *) skb->data; 1906 mgmt = (struct ieee80211_mgmt *) skb->data;
2106 fc = le16_to_cpu(mgmt->frame_control); 1907 fc = le16_to_cpu(mgmt->frame_control);
2107 1908
2108 switch (fc & IEEE80211_FCTL_STYPE) { 1909 mutex_lock(&ifmgd->mtx);
2109 case IEEE80211_STYPE_PROBE_RESP: 1910
2110 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, 1911 if (ifmgd->associated &&
2111 rx_status); 1912 memcmp(ifmgd->associated->cbss.bssid, mgmt->bssid,
2112 break; 1913 ETH_ALEN) == 0) {
2113 case IEEE80211_STYPE_BEACON: 1914 switch (fc & IEEE80211_FCTL_STYPE) {
2114 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, 1915 case IEEE80211_STYPE_BEACON:
2115 rx_status); 1916 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len,
2116 break; 1917 rx_status);
2117 case IEEE80211_STYPE_AUTH: 1918 break;
2118 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 1919 case IEEE80211_STYPE_PROBE_RESP:
2119 break; 1920 ieee80211_rx_mgmt_probe_resp(sdata, NULL, mgmt,
2120 case IEEE80211_STYPE_ASSOC_RESP: 1921 skb->len, rx_status);
2121 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 0); 1922 break;
1923 case IEEE80211_STYPE_DEAUTH:
1924 rma = ieee80211_rx_mgmt_deauth(sdata, NULL,
1925 mgmt, skb->len);
1926 break;
1927 case IEEE80211_STYPE_DISASSOC:
1928 rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
1929 break;
1930 case IEEE80211_STYPE_ACTION:
1931 /* XXX: differentiate, can only happen for CSA now! */
1932 ieee80211_sta_process_chanswitch(sdata,
1933 &mgmt->u.action.u.chan_switch.sw_elem,
1934 ifmgd->associated);
1935 break;
1936 }
1937 mutex_unlock(&ifmgd->mtx);
1938
1939 switch (rma) {
1940 case RX_MGMT_NONE:
1941 /* no action */
1942 break;
1943 case RX_MGMT_CFG80211_DEAUTH:
1944 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len,
1945 NULL);
1946 break;
1947 case RX_MGMT_CFG80211_DISASSOC:
1948 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len,
1949 NULL);
1950 break;
1951 default:
1952 WARN(1, "unexpected: %d", rma);
1953 }
1954 goto out;
1955 }
1956
1957 list_for_each_entry(wk, &ifmgd->work_list, list) {
1958 if (memcmp(wk->bss->cbss.bssid, mgmt->bssid, ETH_ALEN) != 0)
1959 continue;
1960
1961 switch (fc & IEEE80211_FCTL_STYPE) {
1962 case IEEE80211_STYPE_PROBE_RESP:
1963 ieee80211_rx_mgmt_probe_resp(sdata, wk, mgmt, skb->len,
1964 rx_status);
1965 break;
1966 case IEEE80211_STYPE_AUTH:
1967 rma = ieee80211_rx_mgmt_auth(sdata, wk, mgmt, skb->len);
1968 break;
1969 case IEEE80211_STYPE_ASSOC_RESP:
1970 rma = ieee80211_rx_mgmt_assoc_resp(sdata, wk, mgmt,
1971 skb->len, false);
1972 break;
1973 case IEEE80211_STYPE_REASSOC_RESP:
1974 rma = ieee80211_rx_mgmt_assoc_resp(sdata, wk, mgmt,
1975 skb->len, true);
1976 break;
1977 case IEEE80211_STYPE_DEAUTH:
1978 rma = ieee80211_rx_mgmt_deauth(sdata, wk, mgmt,
1979 skb->len);
1980 break;
1981 }
1982 /*
1983 * We've processed this frame for that work, so it can't
1984 * belong to another work struct.
1985 * NB: this is also required for correctness because the
1986 * called functions can free 'wk', and for 'rma'!
1987 */
2122 break; 1988 break;
2123 case IEEE80211_STYPE_REASSOC_RESP: 1989 }
2124 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 1); 1990
1991 mutex_unlock(&ifmgd->mtx);
1992
1993 switch (rma) {
1994 case RX_MGMT_NONE:
1995 /* no action */
2125 break; 1996 break;
2126 case IEEE80211_STYPE_DEAUTH: 1997 case RX_MGMT_CFG80211_AUTH:
2127 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 1998 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, skb->len);
2128 break; 1999 break;
2129 case IEEE80211_STYPE_DISASSOC: 2000 case RX_MGMT_CFG80211_ASSOC:
2130 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 2001 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, skb->len);
2131 break; 2002 break;
2003 default:
2004 WARN(1, "unexpected: %d", rma);
2132 } 2005 }
2133 2006
2007 out:
2134 kfree_skb(skb); 2008 kfree_skb(skb);
2135} 2009}
2136 2010
@@ -2146,125 +2020,9 @@ static void ieee80211_sta_timer(unsigned long data)
2146 return; 2020 return;
2147 } 2021 }
2148 2022
2149 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request);
2150 queue_work(local->hw.workqueue, &ifmgd->work); 2023 queue_work(local->hw.workqueue, &ifmgd->work);
2151} 2024}
2152 2025
2153static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata)
2154{
2155 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2156 struct ieee80211_local *local = sdata->local;
2157
2158 /* Reset own TSF to allow time synchronization work. */
2159 drv_reset_tsf(local);
2160
2161 ifmgd->wmm_last_param_set = -1; /* allow any WMM update */
2162
2163
2164 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN)
2165 ifmgd->auth_alg = WLAN_AUTH_OPEN;
2166 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2167 ifmgd->auth_alg = WLAN_AUTH_SHARED_KEY;
2168 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP)
2169 ifmgd->auth_alg = WLAN_AUTH_LEAP;
2170 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_FT)
2171 ifmgd->auth_alg = WLAN_AUTH_FT;
2172 else
2173 ifmgd->auth_alg = WLAN_AUTH_OPEN;
2174 ifmgd->auth_transaction = -1;
2175 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
2176 ifmgd->assoc_scan_tries = 0;
2177 ifmgd->direct_probe_tries = 0;
2178 ifmgd->auth_tries = 0;
2179 ifmgd->assoc_tries = 0;
2180 netif_tx_stop_all_queues(sdata->dev);
2181 netif_carrier_off(sdata->dev);
2182}
2183
2184static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata)
2185{
2186 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2187 struct ieee80211_local *local = sdata->local;
2188 struct ieee80211_bss *bss;
2189 u8 *bssid = ifmgd->bssid, *ssid = ifmgd->ssid;
2190 u8 ssid_len = ifmgd->ssid_len;
2191 u16 capa_mask = WLAN_CAPABILITY_ESS;
2192 u16 capa_val = WLAN_CAPABILITY_ESS;
2193 struct ieee80211_channel *chan = local->oper_channel;
2194
2195 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) &&
2196 ifmgd->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2197 IEEE80211_STA_AUTO_BSSID_SEL |
2198 IEEE80211_STA_AUTO_CHANNEL_SEL)) {
2199 capa_mask |= WLAN_CAPABILITY_PRIVACY;
2200 if (sdata->default_key)
2201 capa_val |= WLAN_CAPABILITY_PRIVACY;
2202 }
2203
2204 if (ifmgd->flags & IEEE80211_STA_AUTO_CHANNEL_SEL)
2205 chan = NULL;
2206
2207 if (ifmgd->flags & IEEE80211_STA_AUTO_BSSID_SEL)
2208 bssid = NULL;
2209
2210 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL) {
2211 ssid = NULL;
2212 ssid_len = 0;
2213 }
2214
2215 bss = (void *)cfg80211_get_bss(local->hw.wiphy, chan,
2216 bssid, ssid, ssid_len,
2217 capa_mask, capa_val);
2218
2219 if (bss) {
2220 local->oper_channel = bss->cbss.channel;
2221 local->oper_channel_type = NL80211_CHAN_NO_HT;
2222 ieee80211_hw_config(local, 0);
2223
2224 if (!(ifmgd->flags & IEEE80211_STA_SSID_SET))
2225 ieee80211_sta_set_ssid(sdata, bss->ssid,
2226 bss->ssid_len);
2227 ieee80211_sta_set_bssid(sdata, bss->cbss.bssid);
2228 ieee80211_sta_def_wmm_params(sdata, bss->supp_rates_len,
2229 bss->supp_rates);
2230 if (sdata->u.mgd.mfp == IEEE80211_MFP_REQUIRED)
2231 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED;
2232 else
2233 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED;
2234
2235 /* Send out direct probe if no probe resp was received or
2236 * the one we have is outdated
2237 */
2238 if (!bss->last_probe_resp ||
2239 time_after(jiffies, bss->last_probe_resp
2240 + IEEE80211_SCAN_RESULT_EXPIRE))
2241 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
2242 else
2243 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
2244
2245 ieee80211_rx_bss_put(local, bss);
2246 ieee80211_sta_reset_auth(sdata);
2247 return 0;
2248 } else {
2249 if (ifmgd->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
2250
2251 ifmgd->assoc_scan_tries++;
2252
2253 ieee80211_request_internal_scan(sdata, ifmgd->ssid,
2254 ssid_len);
2255
2256 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
2257 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request);
2258 } else {
2259 ifmgd->assoc_scan_tries = 0;
2260 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
2261 ieee80211_recalc_idle(local);
2262 }
2263 }
2264 return -1;
2265}
2266
2267
2268static void ieee80211_sta_work(struct work_struct *work) 2026static void ieee80211_sta_work(struct work_struct *work)
2269{ 2027{
2270 struct ieee80211_sub_if_data *sdata = 2028 struct ieee80211_sub_if_data *sdata =
@@ -2272,6 +2030,10 @@ static void ieee80211_sta_work(struct work_struct *work)
2272 struct ieee80211_local *local = sdata->local; 2030 struct ieee80211_local *local = sdata->local;
2273 struct ieee80211_if_managed *ifmgd; 2031 struct ieee80211_if_managed *ifmgd;
2274 struct sk_buff *skb; 2032 struct sk_buff *skb;
2033 struct ieee80211_mgd_work *wk, *tmp;
2034 LIST_HEAD(free_work);
2035 enum rx_mgmt_action rma;
2036 bool anybusy = false;
2275 2037
2276 if (!netif_running(sdata->dev)) 2038 if (!netif_running(sdata->dev))
2277 return; 2039 return;
@@ -2294,66 +2056,179 @@ static void ieee80211_sta_work(struct work_struct *work)
2294 2056
2295 ifmgd = &sdata->u.mgd; 2057 ifmgd = &sdata->u.mgd;
2296 2058
2059 /* first process frames to avoid timing out while a frame is pending */
2297 while ((skb = skb_dequeue(&ifmgd->skb_queue))) 2060 while ((skb = skb_dequeue(&ifmgd->skb_queue)))
2298 ieee80211_sta_rx_queued_mgmt(sdata, skb); 2061 ieee80211_sta_rx_queued_mgmt(sdata, skb);
2299 2062
2300 if (ifmgd->state != IEEE80211_STA_MLME_DIRECT_PROBE && 2063 /* then process the rest of the work */
2301 ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE && 2064 mutex_lock(&ifmgd->mtx);
2302 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE && 2065
2303 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request)) { 2066 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
2304 queue_delayed_work(local->hw.workqueue, &local->scan_work, 2067 IEEE80211_STA_CONNECTION_POLL) &&
2305 round_jiffies_relative(0)); 2068 ifmgd->associated) {
2306 return; 2069 if (time_is_after_jiffies(ifmgd->probe_timeout))
2070 run_again(ifmgd, ifmgd->probe_timeout);
2071 else {
2072 u8 bssid[ETH_ALEN];
2073 /*
2074 * We actually lost the connection ... or did we?
2075 * Let's make sure!
2076 */
2077 ifmgd->flags &= ~(IEEE80211_STA_CONNECTION_POLL |
2078 IEEE80211_STA_BEACON_POLL);
2079 memcpy(bssid, ifmgd->associated->cbss.bssid, ETH_ALEN);
2080 printk(KERN_DEBUG "No probe response from AP %pM"
2081 " after %dms, disconnecting.\n",
2082 bssid, (1000 * IEEE80211_PROBE_WAIT)/HZ);
2083 ieee80211_set_disassoc(sdata);
2084 mutex_unlock(&ifmgd->mtx);
2085 /*
2086 * must be outside lock due to cfg80211,
2087 * but that's not a problem.
2088 */
2089 ieee80211_send_deauth_disassoc(sdata, bssid,
2090 IEEE80211_STYPE_DEAUTH,
2091 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
2092 NULL);
2093 mutex_lock(&ifmgd->mtx);
2094 }
2307 } 2095 }
2308 2096
2309 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request)) { 2097 list_for_each_entry(wk, &ifmgd->work_list, list) {
2310 if (ieee80211_sta_config_auth(sdata)) 2098 if (wk->state != IEEE80211_MGD_STATE_IDLE) {
2311 return; 2099 anybusy = true;
2312 clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request); 2100 break;
2313 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request)) 2101 }
2314 return; 2102 }
2315 2103
2316 ieee80211_recalc_idle(local); 2104 ieee80211_recalc_idle(local);
2317 2105
2318 switch (ifmgd->state) { 2106 if (!anybusy) {
2319 case IEEE80211_STA_MLME_DISABLED: 2107 mutex_unlock(&ifmgd->mtx);
2320 break; 2108
2321 case IEEE80211_STA_MLME_DIRECT_PROBE: 2109 if (test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request))
2322 ieee80211_direct_probe(sdata); 2110 queue_delayed_work(local->hw.workqueue,
2323 break; 2111 &local->scan_work,
2324 case IEEE80211_STA_MLME_AUTHENTICATE: 2112 round_jiffies_relative(0));
2325 ieee80211_authenticate(sdata); 2113 return;
2326 break;
2327 case IEEE80211_STA_MLME_ASSOCIATE:
2328 ieee80211_associate(sdata);
2329 break;
2330 case IEEE80211_STA_MLME_ASSOCIATED:
2331 ieee80211_associated(sdata);
2332 break;
2333 default:
2334 WARN_ON(1);
2335 break;
2336 } 2114 }
2337 2115
2338 if (ieee80211_privacy_mismatch(sdata)) { 2116 list_for_each_entry_safe(wk, tmp, &ifmgd->work_list, list) {
2339 printk(KERN_DEBUG "%s: privacy configuration mismatch and " 2117 if (time_is_after_jiffies(wk->timeout)) {
2340 "mixed-cell disabled - disassociate\n", sdata->dev->name); 2118 /*
2119 * This work item isn't supposed to be worked on
2120 * right now, but take care to adjust the timer
2121 * properly.
2122 */
2123 run_again(ifmgd, wk->timeout);
2124 continue;
2125 }
2126
2127 switch (wk->state) {
2128 default:
2129 WARN_ON(1);
2130 /* fall through */
2131 case IEEE80211_MGD_STATE_IDLE:
2132 /* nothing */
2133 rma = RX_MGMT_NONE;
2134 break;
2135 case IEEE80211_MGD_STATE_PROBE:
2136 rma = ieee80211_direct_probe(sdata, wk);
2137 break;
2138 case IEEE80211_MGD_STATE_AUTH:
2139 rma = ieee80211_authenticate(sdata, wk);
2140 break;
2141 case IEEE80211_MGD_STATE_ASSOC:
2142 rma = ieee80211_associate(sdata, wk);
2143 break;
2144 }
2145
2146 switch (rma) {
2147 case RX_MGMT_NONE:
2148 /* no action required */
2149 break;
2150 case RX_MGMT_CFG80211_AUTH_TO:
2151 case RX_MGMT_CFG80211_ASSOC_TO:
2152 list_del(&wk->list);
2153 list_add(&wk->list, &free_work);
2154 wk->tries = rma; /* small abuse but only local */
2155 break;
2156 default:
2157 WARN(1, "unexpected: %d", rma);
2158 }
2159 }
2160
2161 mutex_unlock(&ifmgd->mtx);
2162
2163 list_for_each_entry_safe(wk, tmp, &free_work, list) {
2164 switch (wk->tries) {
2165 case RX_MGMT_CFG80211_AUTH_TO:
2166 cfg80211_send_auth_timeout(sdata->dev,
2167 wk->bss->cbss.bssid);
2168 break;
2169 case RX_MGMT_CFG80211_ASSOC_TO:
2170 cfg80211_send_assoc_timeout(sdata->dev,
2171 wk->bss->cbss.bssid);
2172 break;
2173 default:
2174 WARN(1, "unexpected: %d", wk->tries);
2175 }
2341 2176
2342 ieee80211_set_disassoc(sdata, false, true, 2177 list_del(&wk->list);
2343 WLAN_REASON_UNSPECIFIED); 2178 kfree(wk);
2344 } 2179 }
2180
2181 ieee80211_recalc_idle(local);
2182}
2183
2184static void ieee80211_sta_bcn_mon_timer(unsigned long data)
2185{
2186 struct ieee80211_sub_if_data *sdata =
2187 (struct ieee80211_sub_if_data *) data;
2188 struct ieee80211_local *local = sdata->local;
2189
2190 if (local->quiescing)
2191 return;
2192
2193 queue_work(sdata->local->hw.workqueue,
2194 &sdata->u.mgd.beacon_loss_work);
2195}
2196
2197static void ieee80211_sta_conn_mon_timer(unsigned long data)
2198{
2199 struct ieee80211_sub_if_data *sdata =
2200 (struct ieee80211_sub_if_data *) data;
2201 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2202 struct ieee80211_local *local = sdata->local;
2203
2204 if (local->quiescing)
2205 return;
2206
2207 queue_work(local->hw.workqueue, &ifmgd->monitor_work);
2208}
2209
2210static void ieee80211_sta_monitor_work(struct work_struct *work)
2211{
2212 struct ieee80211_sub_if_data *sdata =
2213 container_of(work, struct ieee80211_sub_if_data,
2214 u.mgd.monitor_work);
2215
2216 if (sdata->local->sw_scanning || sdata->local->hw_scanning)
2217 return;
2218
2219 ieee80211_mgd_probe_ap(sdata, false);
2345} 2220}
2346 2221
2347static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata) 2222static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
2348{ 2223{
2349 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 2224 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
2350 /* 2225 sdata->u.mgd.flags &= ~(IEEE80211_STA_BEACON_POLL |
2351 * Need to update last_beacon to avoid beacon loss 2226 IEEE80211_STA_CONNECTION_POLL);
2352 * test to trigger.
2353 */
2354 sdata->u.mgd.last_beacon = jiffies;
2355
2356 2227
2228 /* let's probe the connection once */
2229 queue_work(sdata->local->hw.workqueue,
2230 &sdata->u.mgd.monitor_work);
2231 /* and do all the other regular work too */
2357 queue_work(sdata->local->hw.workqueue, 2232 queue_work(sdata->local->hw.workqueue,
2358 &sdata->u.mgd.work); 2233 &sdata->u.mgd.work);
2359 } 2234 }
@@ -2378,6 +2253,11 @@ void ieee80211_sta_quiesce(struct ieee80211_sub_if_data *sdata)
2378 cancel_work_sync(&ifmgd->chswitch_work); 2253 cancel_work_sync(&ifmgd->chswitch_work);
2379 if (del_timer_sync(&ifmgd->chswitch_timer)) 2254 if (del_timer_sync(&ifmgd->chswitch_timer))
2380 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 2255 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running);
2256
2257 cancel_work_sync(&ifmgd->monitor_work);
2258 /* these will just be re-established on connection */
2259 del_timer_sync(&ifmgd->conn_mon_timer);
2260 del_timer_sync(&ifmgd->bcn_mon_timer);
2381} 2261}
2382 2262
2383void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata) 2263void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
@@ -2395,210 +2275,265 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
2395void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 2275void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
2396{ 2276{
2397 struct ieee80211_if_managed *ifmgd; 2277 struct ieee80211_if_managed *ifmgd;
2398 u32 hw_flags;
2399 2278
2400 ifmgd = &sdata->u.mgd; 2279 ifmgd = &sdata->u.mgd;
2401 INIT_WORK(&ifmgd->work, ieee80211_sta_work); 2280 INIT_WORK(&ifmgd->work, ieee80211_sta_work);
2281 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work);
2402 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 2282 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
2403 INIT_WORK(&ifmgd->beacon_loss_work, ieee80211_beacon_loss_work); 2283 INIT_WORK(&ifmgd->beacon_loss_work, ieee80211_beacon_loss_work);
2404 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 2284 setup_timer(&ifmgd->timer, ieee80211_sta_timer,
2405 (unsigned long) sdata); 2285 (unsigned long) sdata);
2286 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer,
2287 (unsigned long) sdata);
2288 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer,
2289 (unsigned long) sdata);
2406 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer, 2290 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer,
2407 (unsigned long) sdata); 2291 (unsigned long) sdata);
2408 skb_queue_head_init(&ifmgd->skb_queue); 2292 skb_queue_head_init(&ifmgd->skb_queue);
2409 2293
2294 INIT_LIST_HEAD(&ifmgd->work_list);
2295
2410 ifmgd->capab = WLAN_CAPABILITY_ESS; 2296 ifmgd->capab = WLAN_CAPABILITY_ESS;
2411 ifmgd->auth_algs = IEEE80211_AUTH_ALG_OPEN | 2297 ifmgd->flags = 0;
2412 IEEE80211_AUTH_ALG_SHARED_KEY;
2413 ifmgd->flags |= IEEE80211_STA_CREATE_IBSS |
2414 IEEE80211_STA_AUTO_BSSID_SEL |
2415 IEEE80211_STA_AUTO_CHANNEL_SEL;
2416 if (sdata->local->hw.queues >= 4) 2298 if (sdata->local->hw.queues >= 4)
2417 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED; 2299 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED;
2418 2300
2419 hw_flags = sdata->local->hw.flags; 2301 mutex_init(&ifmgd->mtx);
2420
2421 if (hw_flags & IEEE80211_HW_SUPPORTS_PS) {
2422 ifmgd->powersave = CONFIG_MAC80211_DEFAULT_PS_VALUE;
2423 sdata->local->hw.conf.dynamic_ps_timeout = 500;
2424 }
2425} 2302}
2426 2303
2427/* configuration hooks */ 2304/* scan finished notification */
2428void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata) 2305void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
2429{ 2306{
2430 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2307 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2431 struct ieee80211_local *local = sdata->local;
2432
2433 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2434 return;
2435
2436 if ((ifmgd->flags & (IEEE80211_STA_BSSID_SET |
2437 IEEE80211_STA_AUTO_BSSID_SEL)) &&
2438 (ifmgd->flags & (IEEE80211_STA_SSID_SET |
2439 IEEE80211_STA_AUTO_SSID_SEL))) {
2440
2441 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2442 ieee80211_set_disassoc(sdata, true, true,
2443 WLAN_REASON_DEAUTH_LEAVING);
2444
2445 if (ifmgd->ssid_len == 0) {
2446 /*
2447 * Only allow association to be started if a valid SSID
2448 * is configured.
2449 */
2450 return;
2451 }
2452 2308
2453 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) || 2309 /* Restart STA timers */
2454 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE) 2310 rcu_read_lock();
2455 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request); 2311 list_for_each_entry_rcu(sdata, &local->interfaces, list)
2456 else if (ifmgd->flags & IEEE80211_STA_EXT_SME) 2312 ieee80211_restart_sta_timer(sdata);
2457 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request); 2313 rcu_read_unlock();
2458 queue_work(local->hw.workqueue, &ifmgd->work);
2459 }
2460} 2314}
2461 2315
2462int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata) 2316int ieee80211_max_network_latency(struct notifier_block *nb,
2317 unsigned long data, void *dummy)
2463{ 2318{
2464 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2319 s32 latency_usec = (s32) data;
2320 struct ieee80211_local *local =
2321 container_of(nb, struct ieee80211_local,
2322 network_latency_notifier);
2465 2323
2466 if (ifmgd->ssid_len) 2324 mutex_lock(&local->iflist_mtx);
2467 ifmgd->flags |= IEEE80211_STA_SSID_SET; 2325 ieee80211_recalc_ps(local, latency_usec);
2468 else 2326 mutex_unlock(&local->iflist_mtx);
2469 ifmgd->flags &= ~IEEE80211_STA_SSID_SET;
2470 2327
2471 return 0; 2328 return 0;
2472} 2329}
2473 2330
2474int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len) 2331/* config hooks */
2332int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
2333 struct cfg80211_auth_request *req)
2475{ 2334{
2476 struct ieee80211_if_managed *ifmgd; 2335 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2336 const u8 *ssid;
2337 struct ieee80211_mgd_work *wk;
2338 u16 auth_alg;
2477 2339
2478 if (len > IEEE80211_MAX_SSID_LEN) 2340 switch (req->auth_type) {
2479 return -EINVAL; 2341 case NL80211_AUTHTYPE_OPEN_SYSTEM:
2342 auth_alg = WLAN_AUTH_OPEN;
2343 break;
2344 case NL80211_AUTHTYPE_SHARED_KEY:
2345 auth_alg = WLAN_AUTH_SHARED_KEY;
2346 break;
2347 case NL80211_AUTHTYPE_FT:
2348 auth_alg = WLAN_AUTH_FT;
2349 break;
2350 case NL80211_AUTHTYPE_NETWORK_EAP:
2351 auth_alg = WLAN_AUTH_LEAP;
2352 break;
2353 default:
2354 return -EOPNOTSUPP;
2355 }
2480 2356
2481 ifmgd = &sdata->u.mgd; 2357 wk = kzalloc(sizeof(*wk) + req->ie_len, GFP_KERNEL);
2358 if (!wk)
2359 return -ENOMEM;
2482 2360
2483 if (ifmgd->ssid_len != len || memcmp(ifmgd->ssid, ssid, len) != 0) { 2361 wk->bss = (void *)req->bss;
2484 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2485 ieee80211_set_disassoc(sdata, true, true,
2486 WLAN_REASON_DEAUTH_LEAVING);
2487 2362
2488 /* 2363 if (req->ie && req->ie_len) {
2489 * Do not use reassociation if SSID is changed (different ESS). 2364 memcpy(wk->ie, req->ie, req->ie_len);
2490 */ 2365 wk->ie_len = req->ie_len;
2491 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2492 memset(ifmgd->ssid, 0, sizeof(ifmgd->ssid));
2493 memcpy(ifmgd->ssid, ssid, len);
2494 ifmgd->ssid_len = len;
2495 } 2366 }
2496 2367
2497 return ieee80211_sta_commit(sdata); 2368 if (req->key && req->key_len) {
2498} 2369 wk->key_len = req->key_len;
2370 wk->key_idx = req->key_idx;
2371 memcpy(wk->key, req->key, req->key_len);
2372 }
2499 2373
2500int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len) 2374 ssid = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);
2501{ 2375 memcpy(wk->ssid, ssid + 2, ssid[1]);
2502 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2376 wk->ssid_len = ssid[1];
2503 memcpy(ssid, ifmgd->ssid, ifmgd->ssid_len); 2377
2504 *len = ifmgd->ssid_len; 2378 wk->state = IEEE80211_MGD_STATE_PROBE;
2379 wk->auth_alg = auth_alg;
2380
2381 /*
2382 * XXX: if still associated need to tell AP that we're going
2383 * to sleep and then change channel etc.
2384 */
2385 sdata->local->oper_channel = req->bss->channel;
2386 ieee80211_hw_config(sdata->local, 0);
2387
2388 mutex_lock(&ifmgd->mtx);
2389 list_add(&wk->list, &sdata->u.mgd.work_list);
2390 mutex_unlock(&ifmgd->mtx);
2391
2392 queue_work(sdata->local->hw.workqueue, &sdata->u.mgd.work);
2505 return 0; 2393 return 0;
2506} 2394}
2507 2395
2508int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid) 2396int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
2397 struct cfg80211_assoc_request *req)
2509{ 2398{
2510 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2399 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2400 struct ieee80211_mgd_work *wk, *found = NULL;
2401 int i, err;
2511 2402
2512 if (compare_ether_addr(bssid, ifmgd->bssid) != 0 && 2403 mutex_lock(&ifmgd->mtx);
2513 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2514 ieee80211_set_disassoc(sdata, true, true,
2515 WLAN_REASON_DEAUTH_LEAVING);
2516 2404
2517 if (is_valid_ether_addr(bssid)) { 2405 list_for_each_entry(wk, &ifmgd->work_list, list) {
2518 memcpy(ifmgd->bssid, bssid, ETH_ALEN); 2406 if (&wk->bss->cbss == req->bss &&
2519 ifmgd->flags |= IEEE80211_STA_BSSID_SET; 2407 wk->state == IEEE80211_MGD_STATE_IDLE) {
2520 } else { 2408 found = wk;
2521 memset(ifmgd->bssid, 0, ETH_ALEN); 2409 break;
2522 ifmgd->flags &= ~IEEE80211_STA_BSSID_SET; 2410 }
2523 } 2411 }
2524 2412
2525 return ieee80211_sta_commit(sdata); 2413 if (!found) {
2526} 2414 err = -ENOLINK;
2415 goto out;
2416 }
2527 2417
2528int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, 2418 list_del(&found->list);
2529 const char *ie, size_t len) 2419
2530{ 2420 wk = krealloc(found, sizeof(*wk) + req->ie_len, GFP_KERNEL);
2531 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2421 if (!wk) {
2422 list_add(&found->list, &ifmgd->work_list);
2423 err = -ENOMEM;
2424 goto out;
2425 }
2532 2426
2533 if (len == 0 && ifmgd->extra_ie_len == 0) 2427 list_add(&wk->list, &ifmgd->work_list);
2534 return -EALREADY;
2535 2428
2536 if (len == ifmgd->extra_ie_len && ifmgd->extra_ie && 2429 ifmgd->flags &= ~IEEE80211_STA_DISABLE_11N;
2537 memcmp(ifmgd->extra_ie, ie, len) == 0)
2538 return -EALREADY;
2539 2430
2540 kfree(ifmgd->extra_ie); 2431 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
2541 if (len == 0) { 2432 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
2542 ifmgd->extra_ie = NULL; 2433 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
2543 ifmgd->extra_ie_len = 0; 2434 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104)
2544 return 0; 2435 ifmgd->flags |= IEEE80211_STA_DISABLE_11N;
2545 } 2436
2546 ifmgd->extra_ie = kmalloc(len, GFP_KERNEL); 2437 sdata->local->oper_channel = req->bss->channel;
2547 if (!ifmgd->extra_ie) { 2438 ieee80211_hw_config(sdata->local, 0);
2548 ifmgd->extra_ie_len = 0; 2439
2549 return -ENOMEM; 2440 if (req->ie && req->ie_len) {
2441 memcpy(wk->ie, req->ie, req->ie_len);
2442 wk->ie_len = req->ie_len;
2443 } else
2444 wk->ie_len = 0;
2445
2446 if (req->prev_bssid)
2447 memcpy(wk->prev_bssid, req->prev_bssid, ETH_ALEN);
2448
2449 wk->state = IEEE80211_MGD_STATE_ASSOC;
2450 wk->tries = 0;
2451
2452 if (req->use_mfp) {
2453 ifmgd->mfp = IEEE80211_MFP_REQUIRED;
2454 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED;
2455 } else {
2456 ifmgd->mfp = IEEE80211_MFP_DISABLED;
2457 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED;
2550 } 2458 }
2551 memcpy(ifmgd->extra_ie, ie, len);
2552 ifmgd->extra_ie_len = len;
2553 return 0;
2554}
2555 2459
2556int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason) 2460 if (req->crypto.control_port)
2557{ 2461 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT;
2558 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n", 2462 else
2559 sdata->dev->name, reason); 2463 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT;
2560 2464
2561 ieee80211_set_disassoc(sdata, true, true, reason); 2465 queue_work(sdata->local->hw.workqueue, &sdata->u.mgd.work);
2562 return 0; 2466
2467 err = 0;
2468
2469 out:
2470 mutex_unlock(&ifmgd->mtx);
2471 return err;
2563} 2472}
2564 2473
2565int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason) 2474int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
2475 struct cfg80211_deauth_request *req,
2476 void *cookie)
2566{ 2477{
2567 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2478 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2479 struct ieee80211_mgd_work *wk;
2480 const u8 *bssid = NULL;
2568 2481
2569 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n", 2482 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
2570 sdata->dev->name, reason); 2483 sdata->dev->name, req->reason_code);
2484
2485 mutex_lock(&ifmgd->mtx);
2486
2487 if (ifmgd->associated && &ifmgd->associated->cbss == req->bss) {
2488 bssid = req->bss->bssid;
2489 ieee80211_set_disassoc(sdata);
2490 } else list_for_each_entry(wk, &ifmgd->work_list, list) {
2491 if (&wk->bss->cbss == req->bss) {
2492 bssid = req->bss->bssid;
2493 list_del(&wk->list);
2494 kfree(wk);
2495 break;
2496 }
2497 }
2571 2498
2572 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED)) 2499 /* cfg80211 should catch this... */
2500 if (WARN_ON(!bssid)) {
2501 mutex_unlock(&ifmgd->mtx);
2573 return -ENOLINK; 2502 return -ENOLINK;
2503 }
2504
2505 mutex_unlock(&ifmgd->mtx);
2506
2507 ieee80211_send_deauth_disassoc(sdata, bssid,
2508 IEEE80211_STYPE_DEAUTH, req->reason_code,
2509 cookie);
2574 2510
2575 ieee80211_set_disassoc(sdata, false, true, reason);
2576 return 0; 2511 return 0;
2577} 2512}
2578 2513
2579/* scan finished notification */ 2514int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
2580void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 2515 struct cfg80211_disassoc_request *req,
2516 void *cookie)
2581{ 2517{
2582 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 2518 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2583 2519
2584 /* Restart STA timers */ 2520 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
2585 rcu_read_lock(); 2521 sdata->dev->name, req->reason_code);
2586 list_for_each_entry_rcu(sdata, &local->interfaces, list)
2587 ieee80211_restart_sta_timer(sdata);
2588 rcu_read_unlock();
2589}
2590 2522
2591int ieee80211_max_network_latency(struct notifier_block *nb, 2523 mutex_lock(&ifmgd->mtx);
2592 unsigned long data, void *dummy)
2593{
2594 s32 latency_usec = (s32) data;
2595 struct ieee80211_local *local =
2596 container_of(nb, struct ieee80211_local,
2597 network_latency_notifier);
2598 2524
2599 mutex_lock(&local->iflist_mtx); 2525 /* cfg80211 should catch that */
2600 ieee80211_recalc_ps(local, latency_usec); 2526 if (WARN_ON(&ifmgd->associated->cbss != req->bss)) {
2601 mutex_unlock(&local->iflist_mtx); 2527 mutex_unlock(&ifmgd->mtx);
2528 return -ENOLINK;
2529 }
2530
2531 ieee80211_set_disassoc(sdata);
2532
2533 mutex_unlock(&ifmgd->mtx);
2602 2534
2535 ieee80211_send_deauth_disassoc(sdata, req->bss->bssid,
2536 IEEE80211_STYPE_DISASSOC, req->reason_code,
2537 cookie);
2603 return 0; 2538 return 0;
2604} 2539}
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index 4641f00a1e5c..b33efc4fc267 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -198,6 +198,35 @@ static void rate_control_release(struct kref *kref)
198 kfree(ctrl_ref); 198 kfree(ctrl_ref);
199} 199}
200 200
201static bool rc_no_data_or_no_ack(struct ieee80211_tx_rate_control *txrc)
202{
203 struct sk_buff *skb = txrc->skb;
204 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
205 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
206 __le16 fc;
207
208 fc = hdr->frame_control;
209
210 return ((info->flags & IEEE80211_TX_CTL_NO_ACK) || !ieee80211_is_data(fc));
211}
212
213bool rate_control_send_low(struct ieee80211_sta *sta,
214 void *priv_sta,
215 struct ieee80211_tx_rate_control *txrc)
216{
217 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(txrc->skb);
218
219 if (!sta || !priv_sta || rc_no_data_or_no_ack(txrc)) {
220 info->control.rates[0].idx = rate_lowest_index(txrc->sband, sta);
221 info->control.rates[0].count =
222 (info->flags & IEEE80211_TX_CTL_NO_ACK) ?
223 1 : txrc->hw->max_rate_tries;
224 return true;
225 }
226 return false;
227}
228EXPORT_SYMBOL(rate_control_send_low);
229
201void rate_control_get_rate(struct ieee80211_sub_if_data *sdata, 230void rate_control_get_rate(struct ieee80211_sub_if_data *sdata,
202 struct sta_info *sta, 231 struct sta_info *sta,
203 struct ieee80211_tx_rate_control *txrc) 232 struct ieee80211_tx_rate_control *txrc)
@@ -258,7 +287,7 @@ int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
258 struct rate_control_ref *ref, *old; 287 struct rate_control_ref *ref, *old;
259 288
260 ASSERT_RTNL(); 289 ASSERT_RTNL();
261 if (local->open_count || netif_running(local->mdev)) 290 if (local->open_count)
262 return -EBUSY; 291 return -EBUSY;
263 292
264 ref = rate_control_alloc(name, local); 293 ref = rate_control_alloc(name, local);
diff --git a/net/mac80211/rc80211_minstrel.c b/net/mac80211/rc80211_minstrel.c
index 37771abd8f5a..7c5142988bbb 100644
--- a/net/mac80211/rc80211_minstrel.c
+++ b/net/mac80211/rc80211_minstrel.c
@@ -70,20 +70,6 @@ rix_to_ndx(struct minstrel_sta_info *mi, int rix)
70 return i; 70 return i;
71} 71}
72 72
73static inline bool
74use_low_rate(struct sk_buff *skb)
75{
76 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
77 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
78 u16 fc;
79
80 fc = le16_to_cpu(hdr->frame_control);
81
82 return ((info->flags & IEEE80211_TX_CTL_NO_ACK) ||
83 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA);
84}
85
86
87static void 73static void
88minstrel_update_stats(struct minstrel_priv *mp, struct minstrel_sta_info *mi) 74minstrel_update_stats(struct minstrel_priv *mp, struct minstrel_sta_info *mi)
89{ 75{
@@ -232,7 +218,6 @@ minstrel_get_rate(void *priv, struct ieee80211_sta *sta,
232 void *priv_sta, struct ieee80211_tx_rate_control *txrc) 218 void *priv_sta, struct ieee80211_tx_rate_control *txrc)
233{ 219{
234 struct sk_buff *skb = txrc->skb; 220 struct sk_buff *skb = txrc->skb;
235 struct ieee80211_supported_band *sband = txrc->sband;
236 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 221 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
237 struct minstrel_sta_info *mi = priv_sta; 222 struct minstrel_sta_info *mi = priv_sta;
238 struct minstrel_priv *mp = priv; 223 struct minstrel_priv *mp = priv;
@@ -245,14 +230,8 @@ minstrel_get_rate(void *priv, struct ieee80211_sta *sta,
245 int mrr_ndx[3]; 230 int mrr_ndx[3];
246 int sample_rate; 231 int sample_rate;
247 232
248 if (!sta || !mi || use_low_rate(skb)) { 233 if (rate_control_send_low(sta, priv_sta, txrc))
249 ar[0].idx = rate_lowest_index(sband, sta);
250 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
251 ar[0].count = 1;
252 else
253 ar[0].count = mp->max_retry;
254 return; 234 return;
255 }
256 235
257 mrr = mp->has_mrr && !txrc->rts && !txrc->bss_conf->use_cts_prot; 236 mrr = mp->has_mrr && !txrc->rts && !txrc->bss_conf->use_cts_prot;
258 237
diff --git a/net/mac80211/rc80211_pid_algo.c b/net/mac80211/rc80211_pid_algo.c
index a0bef767ceb5..8c053be9dc24 100644
--- a/net/mac80211/rc80211_pid_algo.c
+++ b/net/mac80211/rc80211_pid_algo.c
@@ -276,11 +276,9 @@ rate_control_pid_get_rate(void *priv, struct ieee80211_sta *sta,
276{ 276{
277 struct sk_buff *skb = txrc->skb; 277 struct sk_buff *skb = txrc->skb;
278 struct ieee80211_supported_band *sband = txrc->sband; 278 struct ieee80211_supported_band *sband = txrc->sband;
279 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
280 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 279 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
281 struct rc_pid_sta_info *spinfo = priv_sta; 280 struct rc_pid_sta_info *spinfo = priv_sta;
282 int rateidx; 281 int rateidx;
283 u16 fc;
284 282
285 if (txrc->rts) 283 if (txrc->rts)
286 info->control.rates[0].count = 284 info->control.rates[0].count =
@@ -290,16 +288,8 @@ rate_control_pid_get_rate(void *priv, struct ieee80211_sta *sta,
290 txrc->hw->conf.short_frame_max_tx_count; 288 txrc->hw->conf.short_frame_max_tx_count;
291 289
292 /* Send management frames and NO_ACK data using lowest rate. */ 290 /* Send management frames and NO_ACK data using lowest rate. */
293 fc = le16_to_cpu(hdr->frame_control); 291 if (rate_control_send_low(sta, priv_sta, txrc))
294 if (!sta || !spinfo ||
295 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
296 info->flags & IEEE80211_TX_CTL_NO_ACK) {
297 info->control.rates[0].idx = rate_lowest_index(sband, sta);
298 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
299 info->control.rates[0].count = 1;
300
301 return; 292 return;
302 }
303 293
304 rateidx = spinfo->txrate_idx; 294 rateidx = spinfo->txrate_idx;
305 295
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 0936fc24942d..b6ddde3848fb 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -30,7 +30,6 @@
30static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw, 30static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
31 struct tid_ampdu_rx *tid_agg_rx, 31 struct tid_ampdu_rx *tid_agg_rx,
32 struct sk_buff *skb, 32 struct sk_buff *skb,
33 struct ieee80211_rx_status *status,
34 u16 mpdu_seq_num, 33 u16 mpdu_seq_num,
35 int bar_req); 34 int bar_req);
36/* 35/*
@@ -59,11 +58,11 @@ static struct sk_buff *remove_monitor_info(struct ieee80211_local *local,
59 return skb; 58 return skb;
60} 59}
61 60
62static inline int should_drop_frame(struct ieee80211_rx_status *status, 61static inline int should_drop_frame(struct sk_buff *skb,
63 struct sk_buff *skb,
64 int present_fcs_len, 62 int present_fcs_len,
65 int radiotap_len) 63 int radiotap_len)
66{ 64{
65 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
67 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 66 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
68 67
69 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC)) 68 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC))
@@ -111,10 +110,10 @@ ieee80211_rx_radiotap_len(struct ieee80211_local *local,
111static void 110static void
112ieee80211_add_rx_radiotap_header(struct ieee80211_local *local, 111ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
113 struct sk_buff *skb, 112 struct sk_buff *skb,
114 struct ieee80211_rx_status *status,
115 struct ieee80211_rate *rate, 113 struct ieee80211_rate *rate,
116 int rtap_len) 114 int rtap_len)
117{ 115{
116 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
118 struct ieee80211_radiotap_header *rthdr; 117 struct ieee80211_radiotap_header *rthdr;
119 unsigned char *pos; 118 unsigned char *pos;
120 119
@@ -220,9 +219,9 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
220 */ 219 */
221static struct sk_buff * 220static struct sk_buff *
222ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb, 221ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
223 struct ieee80211_rx_status *status,
224 struct ieee80211_rate *rate) 222 struct ieee80211_rate *rate)
225{ 223{
224 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(origskb);
226 struct ieee80211_sub_if_data *sdata; 225 struct ieee80211_sub_if_data *sdata;
227 int needed_headroom = 0; 226 int needed_headroom = 0;
228 struct sk_buff *skb, *skb2; 227 struct sk_buff *skb, *skb2;
@@ -248,8 +247,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
248 present_fcs_len = FCS_LEN; 247 present_fcs_len = FCS_LEN;
249 248
250 if (!local->monitors) { 249 if (!local->monitors) {
251 if (should_drop_frame(status, origskb, present_fcs_len, 250 if (should_drop_frame(origskb, present_fcs_len, rtap_len)) {
252 rtap_len)) {
253 dev_kfree_skb(origskb); 251 dev_kfree_skb(origskb);
254 return NULL; 252 return NULL;
255 } 253 }
@@ -257,7 +255,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
257 return remove_monitor_info(local, origskb, rtap_len); 255 return remove_monitor_info(local, origskb, rtap_len);
258 } 256 }
259 257
260 if (should_drop_frame(status, origskb, present_fcs_len, rtap_len)) { 258 if (should_drop_frame(origskb, present_fcs_len, rtap_len)) {
261 /* only need to expand headroom if necessary */ 259 /* only need to expand headroom if necessary */
262 skb = origskb; 260 skb = origskb;
263 origskb = NULL; 261 origskb = NULL;
@@ -289,7 +287,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
289 287
290 /* if necessary, prepend radiotap information */ 288 /* if necessary, prepend radiotap information */
291 if (!(status->flag & RX_FLAG_RADIOTAP)) 289 if (!(status->flag & RX_FLAG_RADIOTAP))
292 ieee80211_add_rx_radiotap_header(local, skb, status, rate, 290 ieee80211_add_rx_radiotap_header(local, skb, rate,
293 needed_headroom); 291 needed_headroom);
294 292
295 skb_reset_mac_header(skb); 293 skb_reset_mac_header(skb);
@@ -421,12 +419,11 @@ ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
421 struct sk_buff *skb = rx->skb; 419 struct sk_buff *skb = rx->skb;
422 420
423 if (unlikely(local->hw_scanning)) 421 if (unlikely(local->hw_scanning))
424 return ieee80211_scan_rx(rx->sdata, skb, rx->status); 422 return ieee80211_scan_rx(rx->sdata, skb);
425 423
426 if (unlikely(local->sw_scanning)) { 424 if (unlikely(local->sw_scanning)) {
427 /* drop all the other packets during a software scan anyway */ 425 /* drop all the other packets during a software scan anyway */
428 if (ieee80211_scan_rx(rx->sdata, skb, rx->status) 426 if (ieee80211_scan_rx(rx->sdata, skb) != RX_QUEUED)
429 != RX_QUEUED)
430 dev_kfree_skb(skb); 427 dev_kfree_skb(skb);
431 return RX_QUEUED; 428 return RX_QUEUED;
432 } 429 }
@@ -836,28 +833,22 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
836 if (!sta) 833 if (!sta)
837 return RX_CONTINUE; 834 return RX_CONTINUE;
838 835
839 /* Update last_rx only for IBSS packets which are for the current 836 /*
840 * BSSID to avoid keeping the current IBSS network alive in cases where 837 * Update last_rx only for IBSS packets which are for the current
841 * other STAs are using different BSSID. */ 838 * BSSID to avoid keeping the current IBSS network alive in cases
839 * where other STAs start using different BSSID.
840 */
842 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) { 841 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) {
843 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len, 842 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len,
844 NL80211_IFTYPE_ADHOC); 843 NL80211_IFTYPE_ADHOC);
845 if (compare_ether_addr(bssid, rx->sdata->u.ibss.bssid) == 0) 844 if (compare_ether_addr(bssid, rx->sdata->u.ibss.bssid) == 0)
846 sta->last_rx = jiffies; 845 sta->last_rx = jiffies;
847 } else 846 } else if (!is_multicast_ether_addr(hdr->addr1)) {
848 if (!is_multicast_ether_addr(hdr->addr1) || 847 /*
849 rx->sdata->vif.type == NL80211_IFTYPE_STATION) {
850 /* Update last_rx only for unicast frames in order to prevent
851 * the Probe Request frames (the only broadcast frames from a
852 * STA in infrastructure mode) from keeping a connection alive.
853 * Mesh beacons will update last_rx when if they are found to 848 * Mesh beacons will update last_rx when if they are found to
854 * match the current local configuration when processed. 849 * match the current local configuration when processed.
855 */ 850 */
856 if (rx->sdata->vif.type == NL80211_IFTYPE_STATION && 851 sta->last_rx = jiffies;
857 ieee80211_is_beacon(hdr->frame_control)) {
858 rx->sdata->u.mgd.last_beacon = jiffies;
859 } else
860 sta->last_rx = jiffies;
861 } 852 }
862 853
863 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 854 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
@@ -1487,10 +1478,13 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1487 struct ieee80211s_hdr *mesh_hdr; 1478 struct ieee80211s_hdr *mesh_hdr;
1488 unsigned int hdrlen; 1479 unsigned int hdrlen;
1489 struct sk_buff *skb = rx->skb, *fwd_skb; 1480 struct sk_buff *skb = rx->skb, *fwd_skb;
1481 struct ieee80211_local *local = rx->local;
1482 struct ieee80211_sub_if_data *sdata;
1490 1483
1491 hdr = (struct ieee80211_hdr *) skb->data; 1484 hdr = (struct ieee80211_hdr *) skb->data;
1492 hdrlen = ieee80211_hdrlen(hdr->frame_control); 1485 hdrlen = ieee80211_hdrlen(hdr->frame_control);
1493 mesh_hdr = (struct ieee80211s_hdr *) (skb->data + hdrlen); 1486 mesh_hdr = (struct ieee80211s_hdr *) (skb->data + hdrlen);
1487 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1494 1488
1495 if (!ieee80211_is_data(hdr->frame_control)) 1489 if (!ieee80211_is_data(hdr->frame_control))
1496 return RX_CONTINUE; 1490 return RX_CONTINUE;
@@ -1500,10 +1494,8 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1500 return RX_DROP_MONITOR; 1494 return RX_DROP_MONITOR;
1501 1495
1502 if (mesh_hdr->flags & MESH_FLAGS_AE_A5_A6){ 1496 if (mesh_hdr->flags & MESH_FLAGS_AE_A5_A6){
1503 struct ieee80211_sub_if_data *sdata;
1504 struct mesh_path *mppath; 1497 struct mesh_path *mppath;
1505 1498
1506 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1507 rcu_read_lock(); 1499 rcu_read_lock();
1508 mppath = mpp_path_lookup(mesh_hdr->eaddr2, sdata); 1500 mppath = mpp_path_lookup(mesh_hdr->eaddr2, sdata);
1509 if (!mppath) { 1501 if (!mppath) {
@@ -1529,6 +1521,8 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1529 dropped_frames_ttl); 1521 dropped_frames_ttl);
1530 else { 1522 else {
1531 struct ieee80211_hdr *fwd_hdr; 1523 struct ieee80211_hdr *fwd_hdr;
1524 struct ieee80211_tx_info *info;
1525
1532 fwd_skb = skb_copy(skb, GFP_ATOMIC); 1526 fwd_skb = skb_copy(skb, GFP_ATOMIC);
1533 1527
1534 if (!fwd_skb && net_ratelimit()) 1528 if (!fwd_skb && net_ratelimit())
@@ -1542,9 +1536,25 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1542 */ 1536 */
1543 memcpy(fwd_hdr->addr1, fwd_hdr->addr2, ETH_ALEN); 1537 memcpy(fwd_hdr->addr1, fwd_hdr->addr2, ETH_ALEN);
1544 memcpy(fwd_hdr->addr2, rx->dev->dev_addr, ETH_ALEN); 1538 memcpy(fwd_hdr->addr2, rx->dev->dev_addr, ETH_ALEN);
1545 fwd_skb->dev = rx->local->mdev; 1539 info = IEEE80211_SKB_CB(fwd_skb);
1540 memset(info, 0, sizeof(*info));
1541 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
1546 fwd_skb->iif = rx->dev->ifindex; 1542 fwd_skb->iif = rx->dev->ifindex;
1547 dev_queue_xmit(fwd_skb); 1543 ieee80211_select_queue(local, fwd_skb);
1544 if (is_multicast_ether_addr(fwd_hdr->addr3))
1545 memcpy(fwd_hdr->addr1, fwd_hdr->addr3,
1546 ETH_ALEN);
1547 else {
1548 int err = mesh_nexthop_lookup(fwd_skb, sdata);
1549 /* Failed to immediately resolve next hop:
1550 * fwded frame was dropped or will be added
1551 * later to the pending skb queue. */
1552 if (err)
1553 return RX_DROP_MONITOR;
1554 }
1555 IEEE80211_IFSTA_MESH_CTR_INC(&sdata->u.mesh,
1556 fwded_frames);
1557 ieee80211_add_pending_skb(local, fwd_skb);
1548 } 1558 }
1549 } 1559 }
1550 1560
@@ -1620,7 +1630,7 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1620 /* manage reordering buffer according to requested */ 1630 /* manage reordering buffer according to requested */
1621 /* sequence number */ 1631 /* sequence number */
1622 rcu_read_lock(); 1632 rcu_read_lock();
1623 ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, NULL, NULL, 1633 ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, NULL,
1624 start_seq_num, 1); 1634 start_seq_num, 1);
1625 rcu_read_unlock(); 1635 rcu_read_unlock();
1626 return RX_DROP_UNUSABLE; 1636 return RX_DROP_UNUSABLE;
@@ -1644,12 +1654,7 @@ static void ieee80211_process_sa_query_req(struct ieee80211_sub_if_data *sdata,
1644 1654
1645 if (compare_ether_addr(mgmt->sa, sdata->u.mgd.bssid) != 0 || 1655 if (compare_ether_addr(mgmt->sa, sdata->u.mgd.bssid) != 0 ||
1646 compare_ether_addr(mgmt->bssid, sdata->u.mgd.bssid) != 0) { 1656 compare_ether_addr(mgmt->bssid, sdata->u.mgd.bssid) != 0) {
1647 /* Not from the current AP. */ 1657 /* Not from the current AP or not associated yet. */
1648 return;
1649 }
1650
1651 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATE) {
1652 /* Association in progress; ignore SA Query */
1653 return; 1658 return;
1654 } 1659 }
1655 1660
@@ -1686,7 +1691,6 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1686 struct ieee80211_local *local = rx->local; 1691 struct ieee80211_local *local = rx->local;
1687 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1692 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1688 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 1693 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1689 struct ieee80211_bss *bss;
1690 int len = rx->skb->len; 1694 int len = rx->skb->len;
1691 1695
1692 if (!ieee80211_is_action(mgmt->frame_control)) 1696 if (!ieee80211_is_action(mgmt->frame_control))
@@ -1764,17 +1768,7 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1764 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN)) 1768 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN))
1765 return RX_DROP_MONITOR; 1769 return RX_DROP_MONITOR;
1766 1770
1767 bss = ieee80211_rx_bss_get(local, sdata->u.mgd.bssid, 1771 return ieee80211_sta_rx_mgmt(sdata, rx->skb);
1768 local->hw.conf.channel->center_freq,
1769 sdata->u.mgd.ssid,
1770 sdata->u.mgd.ssid_len);
1771 if (!bss)
1772 return RX_DROP_MONITOR;
1773
1774 ieee80211_sta_process_chanswitch(sdata,
1775 &mgmt->u.action.u.chan_switch.sw_elem, bss);
1776 ieee80211_rx_bss_put(local, bss);
1777 break;
1778 } 1772 }
1779 break; 1773 break;
1780 case WLAN_CATEGORY_SA_QUERY: 1774 case WLAN_CATEGORY_SA_QUERY:
@@ -1817,19 +1811,18 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
1817 return RX_DROP_MONITOR; 1811 return RX_DROP_MONITOR;
1818 1812
1819 if (ieee80211_vif_is_mesh(&sdata->vif)) 1813 if (ieee80211_vif_is_mesh(&sdata->vif))
1820 return ieee80211_mesh_rx_mgmt(sdata, rx->skb, rx->status); 1814 return ieee80211_mesh_rx_mgmt(sdata, rx->skb);
1821 1815
1822 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 1816 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
1823 return ieee80211_ibss_rx_mgmt(sdata, rx->skb, rx->status); 1817 return ieee80211_ibss_rx_mgmt(sdata, rx->skb);
1824 1818
1825 if (sdata->vif.type == NL80211_IFTYPE_STATION) 1819 if (sdata->vif.type == NL80211_IFTYPE_STATION)
1826 return ieee80211_sta_rx_mgmt(sdata, rx->skb, rx->status); 1820 return ieee80211_sta_rx_mgmt(sdata, rx->skb);
1827 1821
1828 return RX_DROP_MONITOR; 1822 return RX_DROP_MONITOR;
1829} 1823}
1830 1824
1831static void ieee80211_rx_michael_mic_report(struct net_device *dev, 1825static void ieee80211_rx_michael_mic_report(struct ieee80211_hdr *hdr,
1832 struct ieee80211_hdr *hdr,
1833 struct ieee80211_rx_data *rx) 1826 struct ieee80211_rx_data *rx)
1834{ 1827{
1835 int keyidx; 1828 int keyidx;
@@ -1866,7 +1859,8 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1866 !ieee80211_is_auth(hdr->frame_control)) 1859 !ieee80211_is_auth(hdr->frame_control))
1867 goto ignore; 1860 goto ignore;
1868 1861
1869 mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr, NULL); 1862 mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr, NULL,
1863 GFP_ATOMIC);
1870 ignore: 1864 ignore:
1871 dev_kfree_skb(rx->skb); 1865 dev_kfree_skb(rx->skb);
1872 rx->skb = NULL; 1866 rx->skb = NULL;
@@ -2028,13 +2022,8 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2028 case NL80211_IFTYPE_STATION: 2022 case NL80211_IFTYPE_STATION:
2029 if (!bssid) 2023 if (!bssid)
2030 return 0; 2024 return 0;
2031 if (!ieee80211_bssid_match(bssid, sdata->u.mgd.bssid)) { 2025 if (!multicast &&
2032 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2026 compare_ether_addr(sdata->dev->dev_addr, hdr->addr1) != 0) {
2033 return 0;
2034 rx->flags &= ~IEEE80211_RX_RA_MATCH;
2035 } else if (!multicast &&
2036 compare_ether_addr(sdata->dev->dev_addr,
2037 hdr->addr1) != 0) {
2038 if (!(sdata->dev->flags & IFF_PROMISC)) 2027 if (!(sdata->dev->flags & IFF_PROMISC))
2039 return 0; 2028 return 0;
2040 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2029 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -2114,9 +2103,9 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2114 */ 2103 */
2115static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, 2104static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2116 struct sk_buff *skb, 2105 struct sk_buff *skb,
2117 struct ieee80211_rx_status *status,
2118 struct ieee80211_rate *rate) 2106 struct ieee80211_rate *rate)
2119{ 2107{
2108 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
2120 struct ieee80211_local *local = hw_to_local(hw); 2109 struct ieee80211_local *local = hw_to_local(hw);
2121 struct ieee80211_sub_if_data *sdata; 2110 struct ieee80211_sub_if_data *sdata;
2122 struct ieee80211_hdr *hdr; 2111 struct ieee80211_hdr *hdr;
@@ -2143,7 +2132,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2143 } 2132 }
2144 2133
2145 if ((status->flag & RX_FLAG_MMIC_ERROR)) { 2134 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
2146 ieee80211_rx_michael_mic_report(local->mdev, hdr, &rx); 2135 ieee80211_rx_michael_mic_report(hdr, &rx);
2147 return; 2136 return;
2148 } 2137 }
2149 2138
@@ -2227,20 +2216,21 @@ static void ieee80211_release_reorder_frame(struct ieee80211_hw *hw,
2227{ 2216{
2228 struct ieee80211_supported_band *sband; 2217 struct ieee80211_supported_band *sband;
2229 struct ieee80211_rate *rate; 2218 struct ieee80211_rate *rate;
2230 struct ieee80211_rx_status status; 2219 struct sk_buff *skb = tid_agg_rx->reorder_buf[index];
2220 struct ieee80211_rx_status *status;
2231 2221
2232 if (!tid_agg_rx->reorder_buf[index]) 2222 if (!skb)
2233 goto no_frame; 2223 goto no_frame;
2234 2224
2225 status = IEEE80211_SKB_RXCB(skb);
2226
2235 /* release the reordered frames to stack */ 2227 /* release the reordered frames to stack */
2236 memcpy(&status, tid_agg_rx->reorder_buf[index]->cb, sizeof(status)); 2228 sband = hw->wiphy->bands[status->band];
2237 sband = hw->wiphy->bands[status.band]; 2229 if (status->flag & RX_FLAG_HT)
2238 if (status.flag & RX_FLAG_HT)
2239 rate = sband->bitrates; /* TODO: HT rates */ 2230 rate = sband->bitrates; /* TODO: HT rates */
2240 else 2231 else
2241 rate = &sband->bitrates[status.rate_idx]; 2232 rate = &sband->bitrates[status->rate_idx];
2242 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index], 2233 __ieee80211_rx_handle_packet(hw, skb, rate);
2243 &status, rate);
2244 tid_agg_rx->stored_mpdu_num--; 2234 tid_agg_rx->stored_mpdu_num--;
2245 tid_agg_rx->reorder_buf[index] = NULL; 2235 tid_agg_rx->reorder_buf[index] = NULL;
2246 2236
@@ -2265,7 +2255,6 @@ no_frame:
2265static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw, 2255static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2266 struct tid_ampdu_rx *tid_agg_rx, 2256 struct tid_ampdu_rx *tid_agg_rx,
2267 struct sk_buff *skb, 2257 struct sk_buff *skb,
2268 struct ieee80211_rx_status *rxstatus,
2269 u16 mpdu_seq_num, 2258 u16 mpdu_seq_num,
2270 int bar_req) 2259 int bar_req)
2271{ 2260{
@@ -2324,8 +2313,6 @@ static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2324 /* put the frame in the reordering buffer */ 2313 /* put the frame in the reordering buffer */
2325 tid_agg_rx->reorder_buf[index] = skb; 2314 tid_agg_rx->reorder_buf[index] = skb;
2326 tid_agg_rx->reorder_time[index] = jiffies; 2315 tid_agg_rx->reorder_time[index] = jiffies;
2327 memcpy(tid_agg_rx->reorder_buf[index]->cb, rxstatus,
2328 sizeof(*rxstatus));
2329 tid_agg_rx->stored_mpdu_num++; 2316 tid_agg_rx->stored_mpdu_num++;
2330 /* release the buffer until next missing frame */ 2317 /* release the buffer until next missing frame */
2331 index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) 2318 index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn)
@@ -2374,8 +2361,7 @@ static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2374} 2361}
2375 2362
2376static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local, 2363static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2377 struct sk_buff *skb, 2364 struct sk_buff *skb)
2378 struct ieee80211_rx_status *status)
2379{ 2365{
2380 struct ieee80211_hw *hw = &local->hw; 2366 struct ieee80211_hw *hw = &local->hw;
2381 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 2367 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -2424,7 +2410,7 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2424 2410
2425 /* according to mpdu sequence number deal with reordering buffer */ 2411 /* according to mpdu sequence number deal with reordering buffer */
2426 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4; 2412 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4;
2427 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb, status, 2413 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb,
2428 mpdu_seq_num, 0); 2414 mpdu_seq_num, 0);
2429 end_reorder: 2415 end_reorder:
2430 return ret; 2416 return ret;
@@ -2434,12 +2420,12 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2434 * This is the receive path handler. It is called by a low level driver when an 2420 * This is the receive path handler. It is called by a low level driver when an
2435 * 802.11 MPDU is received from the hardware. 2421 * 802.11 MPDU is received from the hardware.
2436 */ 2422 */
2437void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb, 2423void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb)
2438 struct ieee80211_rx_status *status)
2439{ 2424{
2440 struct ieee80211_local *local = hw_to_local(hw); 2425 struct ieee80211_local *local = hw_to_local(hw);
2441 struct ieee80211_rate *rate = NULL; 2426 struct ieee80211_rate *rate = NULL;
2442 struct ieee80211_supported_band *sband; 2427 struct ieee80211_supported_band *sband;
2428 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
2443 2429
2444 if (status->band < 0 || 2430 if (status->band < 0 ||
2445 status->band >= IEEE80211_NUM_BANDS) { 2431 status->band >= IEEE80211_NUM_BANDS) {
@@ -2494,7 +2480,7 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2494 * if it was previously present. 2480 * if it was previously present.
2495 * Also, frames with less than 16 bytes are dropped. 2481 * Also, frames with less than 16 bytes are dropped.
2496 */ 2482 */
2497 skb = ieee80211_rx_monitor(local, skb, status, rate); 2483 skb = ieee80211_rx_monitor(local, skb, rate);
2498 if (!skb) { 2484 if (!skb) {
2499 rcu_read_unlock(); 2485 rcu_read_unlock();
2500 return; 2486 return;
@@ -2512,8 +2498,8 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2512 * frames from other than operational channel), but that should not 2498 * frames from other than operational channel), but that should not
2513 * happen in normal networks. 2499 * happen in normal networks.
2514 */ 2500 */
2515 if (!ieee80211_rx_reorder_ampdu(local, skb, status)) 2501 if (!ieee80211_rx_reorder_ampdu(local, skb))
2516 __ieee80211_rx_handle_packet(hw, skb, status, rate); 2502 __ieee80211_rx_handle_packet(hw, skb, rate);
2517 2503
2518 rcu_read_unlock(); 2504 rcu_read_unlock();
2519} 2505}
@@ -2521,16 +2507,12 @@ EXPORT_SYMBOL(__ieee80211_rx);
2521 2507
2522/* This is a version of the rx handler that can be called from hard irq 2508/* This is a version of the rx handler that can be called from hard irq
2523 * context. Post the skb on the queue and schedule the tasklet */ 2509 * context. Post the skb on the queue and schedule the tasklet */
2524void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb, 2510void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb)
2525 struct ieee80211_rx_status *status)
2526{ 2511{
2527 struct ieee80211_local *local = hw_to_local(hw); 2512 struct ieee80211_local *local = hw_to_local(hw);
2528 2513
2529 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb)); 2514 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb));
2530 2515
2531 skb->dev = local->mdev;
2532 /* copy status into skb->cb for use by tasklet */
2533 memcpy(skb->cb, status, sizeof(*status));
2534 skb->pkt_type = IEEE80211_RX_MSG; 2516 skb->pkt_type = IEEE80211_RX_MSG;
2535 skb_queue_tail(&local->skb_queue, skb); 2517 skb_queue_tail(&local->skb_queue, skb);
2536 tasklet_schedule(&local->tasklet); 2518 tasklet_schedule(&local->tasklet);
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 2a8d09ad17ff..74820656dc89 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -26,7 +26,7 @@
26 26
27#define IEEE80211_PROBE_DELAY (HZ / 33) 27#define IEEE80211_PROBE_DELAY (HZ / 33)
28#define IEEE80211_CHANNEL_TIME (HZ / 33) 28#define IEEE80211_CHANNEL_TIME (HZ / 33)
29#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5) 29#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 8)
30 30
31struct ieee80211_bss * 31struct ieee80211_bss *
32ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq, 32ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
@@ -121,23 +121,10 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
121 return bss; 121 return bss;
122} 122}
123 123
124void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
125 int freq, u8 *ssid, u8 ssid_len)
126{
127 struct ieee80211_bss *bss;
128 struct ieee80211_local *local = sdata->local;
129
130 bss = ieee80211_rx_bss_get(local, bssid, freq, ssid, ssid_len);
131 if (bss) {
132 cfg80211_unlink_bss(local->hw.wiphy, (void *)bss);
133 ieee80211_rx_bss_put(local, bss);
134 }
135}
136
137ieee80211_rx_result 124ieee80211_rx_result
138ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 125ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
139 struct ieee80211_rx_status *rx_status)
140{ 126{
127 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
141 struct ieee80211_mgmt *mgmt; 128 struct ieee80211_mgmt *mgmt;
142 struct ieee80211_bss *bss; 129 struct ieee80211_bss *bss;
143 u8 *elements; 130 u8 *elements;
@@ -307,16 +294,13 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
307 if (was_hw_scan) 294 if (was_hw_scan)
308 goto done; 295 goto done;
309 296
310 netif_tx_lock_bh(local->mdev); 297 spin_lock_bh(&local->filter_lock);
311 netif_addr_lock(local->mdev);
312 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC; 298 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
313 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC, 299 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC,
314 &local->filter_flags, 300 &local->filter_flags,
315 local->mdev->mc_count, 301 local->mc_count,
316 local->mdev->mc_list); 302 local->mc_list);
317 303 spin_unlock_bh(&local->filter_lock);
318 netif_addr_unlock(local->mdev);
319 netif_tx_unlock_bh(local->mdev);
320 304
321 drv_sw_scan_complete(local); 305 drv_sw_scan_complete(local);
322 306
@@ -327,7 +311,7 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
327 311
328 /* Tell AP we're back */ 312 /* Tell AP we're back */
329 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 313 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
330 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) { 314 if (sdata->u.mgd.associated) {
331 ieee80211_scan_ps_disable(sdata); 315 ieee80211_scan_ps_disable(sdata);
332 netif_tx_wake_all_queues(sdata->dev); 316 netif_tx_wake_all_queues(sdata->dev);
333 } 317 }
@@ -383,7 +367,7 @@ static int ieee80211_start_sw_scan(struct ieee80211_local *local)
383 sdata, BSS_CHANGED_BEACON_ENABLED); 367 sdata, BSS_CHANGED_BEACON_ENABLED);
384 368
385 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 369 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
386 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) { 370 if (sdata->u.mgd.associated) {
387 netif_tx_stop_all_queues(sdata->dev); 371 netif_tx_stop_all_queues(sdata->dev);
388 ieee80211_scan_ps_enable(sdata); 372 ieee80211_scan_ps_enable(sdata);
389 } 373 }
@@ -395,13 +379,13 @@ static int ieee80211_start_sw_scan(struct ieee80211_local *local)
395 local->scan_state = SCAN_SET_CHANNEL; 379 local->scan_state = SCAN_SET_CHANNEL;
396 local->scan_channel_idx = 0; 380 local->scan_channel_idx = 0;
397 381
398 netif_addr_lock_bh(local->mdev); 382 spin_lock_bh(&local->filter_lock);
399 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC; 383 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
400 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC, 384 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC,
401 &local->filter_flags, 385 &local->filter_flags,
402 local->mdev->mc_count, 386 local->mc_count,
403 local->mdev->mc_list); 387 local->mc_list);
404 netif_addr_unlock_bh(local->mdev); 388 spin_unlock_bh(&local->filter_lock);
405 389
406 /* TODO: start scan as soon as all nullfunc frames are ACKed */ 390 /* TODO: start scan as soon as all nullfunc frames are ACKed */
407 queue_delayed_work(local->hw.workqueue, &local->scan_work, 391 queue_delayed_work(local->hw.workqueue, &local->scan_work,
@@ -443,10 +427,8 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
443 427
444 if (req != &local->int_scan_req && 428 if (req != &local->int_scan_req &&
445 sdata->vif.type == NL80211_IFTYPE_STATION && 429 sdata->vif.type == NL80211_IFTYPE_STATION &&
446 (ifmgd->state == IEEE80211_STA_MLME_DIRECT_PROBE || 430 !list_empty(&ifmgd->work_list)) {
447 ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE || 431 /* actually wait for the work it's doing to finish/time out */
448 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE)) {
449 /* actually wait for the assoc to finish/time out */
450 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request); 432 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request);
451 return 0; 433 return 0;
452 } 434 }
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 49a1a1f76511..4ecf10a9bd00 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -308,6 +308,23 @@ struct sta_info {
308 struct dentry *inactive_ms; 308 struct dentry *inactive_ms;
309 struct dentry *last_seq_ctrl; 309 struct dentry *last_seq_ctrl;
310 struct dentry *agg_status; 310 struct dentry *agg_status;
311 struct dentry *aid;
312 struct dentry *dev;
313 struct dentry *rx_packets;
314 struct dentry *tx_packets;
315 struct dentry *rx_bytes;
316 struct dentry *tx_bytes;
317 struct dentry *rx_duplicates;
318 struct dentry *rx_fragments;
319 struct dentry *rx_dropped;
320 struct dentry *tx_fragments;
321 struct dentry *tx_filtered;
322 struct dentry *tx_retry_failed;
323 struct dentry *tx_retry_count;
324 struct dentry *last_signal;
325 struct dentry *last_qual;
326 struct dentry *last_noise;
327 struct dentry *wep_weak_iv_count;
311 bool add_has_run; 328 bool add_has_run;
312 } debugfs; 329 } debugfs;
313#endif 330#endif
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 3a8922cd1038..2572509d5568 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -451,7 +451,7 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
451 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb); 451 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
452 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; 452 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
453 453
454 if (unlikely(tx->skb->do_not_encrypt)) 454 if (unlikely(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT))
455 tx->key = NULL; 455 tx->key = NULL;
456 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 456 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
457 tx->key = key; 457 tx->key = key;
@@ -497,7 +497,7 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
497 } 497 }
498 498
499 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 499 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
500 tx->skb->do_not_encrypt = 1; 500 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
501 501
502 return TX_CONTINUE; 502 return TX_CONTINUE;
503} 503}
@@ -512,6 +512,7 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
512 int i, len; 512 int i, len;
513 bool inval = false, rts = false, short_preamble = false; 513 bool inval = false, rts = false, short_preamble = false;
514 struct ieee80211_tx_rate_control txrc; 514 struct ieee80211_tx_rate_control txrc;
515 u32 sta_flags;
515 516
516 memset(&txrc, 0, sizeof(txrc)); 517 memset(&txrc, 0, sizeof(txrc));
517 518
@@ -544,7 +545,26 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
544 (tx->sta && test_sta_flags(tx->sta, WLAN_STA_SHORT_PREAMBLE)))) 545 (tx->sta && test_sta_flags(tx->sta, WLAN_STA_SHORT_PREAMBLE))))
545 txrc.short_preamble = short_preamble = true; 546 txrc.short_preamble = short_preamble = true;
546 547
548 sta_flags = tx->sta ? get_sta_flags(tx->sta) : 0;
549
550 /*
551 * Lets not bother rate control if we're associated and cannot
552 * talk to the sta. This should not happen.
553 */
554 if (WARN((tx->local->sw_scanning) &&
555 (sta_flags & WLAN_STA_ASSOC) &&
556 !rate_usable_index_exists(sband, &tx->sta->sta),
557 "%s: Dropped data frame as no usable bitrate found while "
558 "scanning and associated. Target station: "
559 "%pM on %d GHz band\n",
560 tx->dev->name, hdr->addr1,
561 tx->channel->band ? 5 : 2))
562 return TX_DROP;
547 563
564 /*
565 * If we're associated with the sta at this point we know we can at
566 * least send the frame at the lowest bit rate.
567 */
548 rate_control_get_rate(tx->sdata, tx->sta, &txrc); 568 rate_control_get_rate(tx->sdata, tx->sta, &txrc);
549 569
550 if (unlikely(info->control.rates[0].idx < 0)) 570 if (unlikely(info->control.rates[0].idx < 0))
@@ -754,9 +774,7 @@ static int ieee80211_fragment(struct ieee80211_local *local,
754 memcpy(tmp->cb, skb->cb, sizeof(tmp->cb)); 774 memcpy(tmp->cb, skb->cb, sizeof(tmp->cb));
755 skb_copy_queue_mapping(tmp, skb); 775 skb_copy_queue_mapping(tmp, skb);
756 tmp->priority = skb->priority; 776 tmp->priority = skb->priority;
757 tmp->do_not_encrypt = skb->do_not_encrypt;
758 tmp->dev = skb->dev; 777 tmp->dev = skb->dev;
759 tmp->iif = skb->iif;
760 778
761 /* copy header and data */ 779 /* copy header and data */
762 memcpy(skb_put(tmp, hdrlen), skb->data, hdrlen); 780 memcpy(skb_put(tmp, hdrlen), skb->data, hdrlen);
@@ -784,7 +802,7 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
784 802
785 /* 803 /*
786 * Warn when submitting a fragmented A-MPDU frame and drop it. 804 * Warn when submitting a fragmented A-MPDU frame and drop it.
787 * This scenario is handled in __ieee80211_tx_prepare but extra 805 * This scenario is handled in ieee80211_tx_prepare but extra
788 * caution taken here as fragmented ampdu may cause Tx stop. 806 * caution taken here as fragmented ampdu may cause Tx stop.
789 */ 807 */
790 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU)) 808 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU))
@@ -923,11 +941,12 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
923 struct ieee80211_radiotap_header *rthdr = 941 struct ieee80211_radiotap_header *rthdr =
924 (struct ieee80211_radiotap_header *) skb->data; 942 (struct ieee80211_radiotap_header *) skb->data;
925 struct ieee80211_supported_band *sband; 943 struct ieee80211_supported_band *sband;
944 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
926 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len); 945 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len);
927 946
928 sband = tx->local->hw.wiphy->bands[tx->channel->band]; 947 sband = tx->local->hw.wiphy->bands[tx->channel->band];
929 948
930 skb->do_not_encrypt = 1; 949 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
931 tx->flags &= ~IEEE80211_TX_FRAGMENTED; 950 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
932 951
933 /* 952 /*
@@ -965,7 +984,7 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
965 skb_trim(skb, skb->len - FCS_LEN); 984 skb_trim(skb, skb->len - FCS_LEN);
966 } 985 }
967 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP) 986 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP)
968 tx->skb->do_not_encrypt = 0; 987 info->flags &= ~IEEE80211_TX_INTFL_DONT_ENCRYPT;
969 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG) 988 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG)
970 tx->flags |= IEEE80211_TX_FRAGMENTED; 989 tx->flags |= IEEE80211_TX_FRAGMENTED;
971 break; 990 break;
@@ -998,13 +1017,12 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
998 * initialises @tx 1017 * initialises @tx
999 */ 1018 */
1000static ieee80211_tx_result 1019static ieee80211_tx_result
1001__ieee80211_tx_prepare(struct ieee80211_tx_data *tx, 1020ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata,
1002 struct sk_buff *skb, 1021 struct ieee80211_tx_data *tx,
1003 struct net_device *dev) 1022 struct sk_buff *skb)
1004{ 1023{
1005 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1024 struct ieee80211_local *local = sdata->local;
1006 struct ieee80211_hdr *hdr; 1025 struct ieee80211_hdr *hdr;
1007 struct ieee80211_sub_if_data *sdata;
1008 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1026 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1009 int hdrlen, tid; 1027 int hdrlen, tid;
1010 u8 *qc, *state; 1028 u8 *qc, *state;
@@ -1012,9 +1030,9 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1012 1030
1013 memset(tx, 0, sizeof(*tx)); 1031 memset(tx, 0, sizeof(*tx));
1014 tx->skb = skb; 1032 tx->skb = skb;
1015 tx->dev = dev; /* use original interface */ 1033 tx->dev = sdata->dev; /* use original interface */
1016 tx->local = local; 1034 tx->local = local;
1017 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1035 tx->sdata = sdata;
1018 tx->channel = local->hw.conf.channel; 1036 tx->channel = local->hw.conf.channel;
1019 /* 1037 /*
1020 * Set this flag (used below to indicate "automatic fragmentation"), 1038 * Set this flag (used below to indicate "automatic fragmentation"),
@@ -1023,7 +1041,6 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1023 tx->flags |= IEEE80211_TX_FRAGMENTED; 1041 tx->flags |= IEEE80211_TX_FRAGMENTED;
1024 1042
1025 /* process and remove the injection radiotap header */ 1043 /* process and remove the injection radiotap header */
1026 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1027 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) { 1044 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) {
1028 if (!__ieee80211_parse_tx_radiotap(tx, skb)) 1045 if (!__ieee80211_parse_tx_radiotap(tx, skb))
1029 return TX_DROP; 1046 return TX_DROP;
@@ -1119,50 +1136,28 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1119 return TX_CONTINUE; 1136 return TX_CONTINUE;
1120} 1137}
1121 1138
1122/*
1123 * NB: @tx is uninitialised when passed in here
1124 */
1125static int ieee80211_tx_prepare(struct ieee80211_local *local,
1126 struct ieee80211_tx_data *tx,
1127 struct sk_buff *skb)
1128{
1129 struct net_device *dev;
1130
1131 dev = dev_get_by_index(&init_net, skb->iif);
1132 if (unlikely(dev && !is_ieee80211_device(local, dev))) {
1133 dev_put(dev);
1134 dev = NULL;
1135 }
1136 if (unlikely(!dev))
1137 return -ENODEV;
1138 /*
1139 * initialises tx with control
1140 *
1141 * return value is safe to ignore here because this function
1142 * can only be invoked for multicast frames
1143 *
1144 * XXX: clean up
1145 */
1146 __ieee80211_tx_prepare(tx, skb, dev);
1147 dev_put(dev);
1148 return 0;
1149}
1150
1151static int __ieee80211_tx(struct ieee80211_local *local, 1139static int __ieee80211_tx(struct ieee80211_local *local,
1152 struct sk_buff **skbp, 1140 struct sk_buff **skbp,
1153 struct sta_info *sta) 1141 struct sta_info *sta,
1142 bool txpending)
1154{ 1143{
1155 struct sk_buff *skb = *skbp, *next; 1144 struct sk_buff *skb = *skbp, *next;
1156 struct ieee80211_tx_info *info; 1145 struct ieee80211_tx_info *info;
1146 unsigned long flags;
1157 int ret, len; 1147 int ret, len;
1158 bool fragm = false; 1148 bool fragm = false;
1159 1149
1160 local->mdev->trans_start = jiffies;
1161
1162 while (skb) { 1150 while (skb) {
1163 if (ieee80211_queue_stopped(&local->hw, 1151 int q = skb_get_queue_mapping(skb);
1164 skb_get_queue_mapping(skb))) 1152
1165 return IEEE80211_TX_PENDING; 1153 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1154 ret = IEEE80211_TX_OK;
1155 if (local->queue_stop_reasons[q] ||
1156 (!txpending && !skb_queue_empty(&local->pending[q])))
1157 ret = IEEE80211_TX_PENDING;
1158 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1159 if (ret != IEEE80211_TX_OK)
1160 return ret;
1166 1161
1167 info = IEEE80211_SKB_CB(skb); 1162 info = IEEE80211_SKB_CB(skb);
1168 1163
@@ -1234,10 +1229,10 @@ static int invoke_tx_handlers(struct ieee80211_tx_data *tx)
1234 return 0; 1229 return 0;
1235} 1230}
1236 1231
1237static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb, 1232static void ieee80211_tx(struct ieee80211_sub_if_data *sdata,
1238 bool txpending) 1233 struct sk_buff *skb, bool txpending)
1239{ 1234{
1240 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1235 struct ieee80211_local *local = sdata->local;
1241 struct ieee80211_tx_data tx; 1236 struct ieee80211_tx_data tx;
1242 ieee80211_tx_result res_prepare; 1237 ieee80211_tx_result res_prepare;
1243 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1238 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
@@ -1248,8 +1243,6 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1248 1243
1249 queue = skb_get_queue_mapping(skb); 1244 queue = skb_get_queue_mapping(skb);
1250 1245
1251 WARN_ON(!txpending && !skb_queue_empty(&local->pending[queue]));
1252
1253 if (unlikely(skb->len < 10)) { 1246 if (unlikely(skb->len < 10)) {
1254 dev_kfree_skb(skb); 1247 dev_kfree_skb(skb);
1255 return; 1248 return;
@@ -1258,7 +1251,7 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1258 rcu_read_lock(); 1251 rcu_read_lock();
1259 1252
1260 /* initialises tx */ 1253 /* initialises tx */
1261 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev); 1254 res_prepare = ieee80211_tx_prepare(sdata, &tx, skb);
1262 1255
1263 if (unlikely(res_prepare == TX_DROP)) { 1256 if (unlikely(res_prepare == TX_DROP)) {
1264 dev_kfree_skb(skb); 1257 dev_kfree_skb(skb);
@@ -1277,7 +1270,7 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1277 1270
1278 retries = 0; 1271 retries = 0;
1279 retry: 1272 retry:
1280 ret = __ieee80211_tx(local, &tx.skb, tx.sta); 1273 ret = __ieee80211_tx(local, &tx.skb, tx.sta, txpending);
1281 switch (ret) { 1274 switch (ret) {
1282 case IEEE80211_TX_OK: 1275 case IEEE80211_TX_OK:
1283 break; 1276 break;
@@ -1295,34 +1288,35 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1295 1288
1296 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1289 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1297 1290
1298 if (__netif_subqueue_stopped(local->mdev, queue)) { 1291 if (local->queue_stop_reasons[queue] ||
1292 !skb_queue_empty(&local->pending[queue])) {
1293 /*
1294 * if queue is stopped, queue up frames for later
1295 * transmission from the tasklet
1296 */
1299 do { 1297 do {
1300 next = skb->next; 1298 next = skb->next;
1301 skb->next = NULL; 1299 skb->next = NULL;
1302 if (unlikely(txpending)) 1300 if (unlikely(txpending))
1303 skb_queue_head(&local->pending[queue], 1301 __skb_queue_head(&local->pending[queue],
1304 skb); 1302 skb);
1305 else 1303 else
1306 skb_queue_tail(&local->pending[queue], 1304 __skb_queue_tail(&local->pending[queue],
1307 skb); 1305 skb);
1308 } while ((skb = next)); 1306 } while ((skb = next));
1309 1307
1310 /*
1311 * Make sure nobody will enable the queue on us
1312 * (without going through the tasklet) nor disable the
1313 * netdev queue underneath the pending handling code.
1314 */
1315 __set_bit(IEEE80211_QUEUE_STOP_REASON_PENDING,
1316 &local->queue_stop_reasons[queue]);
1317
1318 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1308 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1319 flags); 1309 flags);
1320 } else { 1310 } else {
1311 /*
1312 * otherwise retry, but this is a race condition or
1313 * a driver bug (which we warn about if it persists)
1314 */
1321 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1315 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1322 flags); 1316 flags);
1323 1317
1324 retries++; 1318 retries++;
1325 if (WARN(retries > 10, "tx refused but queue active")) 1319 if (WARN(retries > 10, "tx refused but queue active\n"))
1326 goto drop; 1320 goto drop;
1327 goto retry; 1321 goto retry;
1328 } 1322 }
@@ -1383,14 +1377,13 @@ static int ieee80211_skb_resize(struct ieee80211_local *local,
1383 return 0; 1377 return 0;
1384} 1378}
1385 1379
1386int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev) 1380static void ieee80211_xmit(struct ieee80211_sub_if_data *sdata,
1381 struct sk_buff *skb)
1387{ 1382{
1388 struct ieee80211_master_priv *mpriv = netdev_priv(dev); 1383 struct ieee80211_local *local = sdata->local;
1389 struct ieee80211_local *local = mpriv->local;
1390 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1384 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1391 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1385 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1392 struct net_device *odev = NULL; 1386 struct ieee80211_sub_if_data *tmp_sdata;
1393 struct ieee80211_sub_if_data *osdata;
1394 int headroom; 1387 int headroom;
1395 bool may_encrypt; 1388 bool may_encrypt;
1396 enum { 1389 enum {
@@ -1399,20 +1392,7 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1399 UNKNOWN_ADDRESS, 1392 UNKNOWN_ADDRESS,
1400 } monitor_iface = NOT_MONITOR; 1393 } monitor_iface = NOT_MONITOR;
1401 1394
1402 if (skb->iif) 1395 dev_hold(sdata->dev);
1403 odev = dev_get_by_index(&init_net, skb->iif);
1404 if (unlikely(odev && !is_ieee80211_device(local, odev))) {
1405 dev_put(odev);
1406 odev = NULL;
1407 }
1408 if (unlikely(!odev)) {
1409#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1410 printk(KERN_DEBUG "%s: Discarded packet with nonexistent "
1411 "originating device\n", dev->name);
1412#endif
1413 dev_kfree_skb(skb);
1414 return NETDEV_TX_OK;
1415 }
1416 1396
1417 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 1397 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
1418 local->hw.conf.dynamic_ps_timeout > 0 && 1398 local->hw.conf.dynamic_ps_timeout > 0 &&
@@ -1428,26 +1408,18 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1428 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout)); 1408 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
1429 } 1409 }
1430 1410
1431 memset(info, 0, sizeof(*info));
1432
1433 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS; 1411 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
1434 1412
1435 osdata = IEEE80211_DEV_TO_SUB_IF(odev); 1413 if (ieee80211_vif_is_mesh(&sdata->vif) &&
1436
1437 if (ieee80211_vif_is_mesh(&osdata->vif) &&
1438 ieee80211_is_data(hdr->frame_control)) { 1414 ieee80211_is_data(hdr->frame_control)) {
1439 if (is_multicast_ether_addr(hdr->addr3)) 1415 if (is_multicast_ether_addr(hdr->addr3))
1440 memcpy(hdr->addr1, hdr->addr3, ETH_ALEN); 1416 memcpy(hdr->addr1, hdr->addr3, ETH_ALEN);
1441 else 1417 else
1442 if (mesh_nexthop_lookup(skb, osdata)) { 1418 if (mesh_nexthop_lookup(skb, sdata)) {
1443 dev_put(odev); 1419 dev_put(sdata->dev);
1444 return NETDEV_TX_OK; 1420 return;
1445 } 1421 }
1446 if (memcmp(odev->dev_addr, hdr->addr4, ETH_ALEN) != 0) 1422 } else if (unlikely(sdata->vif.type == NL80211_IFTYPE_MONITOR)) {
1447 IEEE80211_IFSTA_MESH_CTR_INC(&osdata->u.mesh,
1448 fwded_frames);
1449 } else if (unlikely(osdata->vif.type == NL80211_IFTYPE_MONITOR)) {
1450 struct ieee80211_sub_if_data *sdata;
1451 int hdrlen; 1423 int hdrlen;
1452 u16 len_rthdr; 1424 u16 len_rthdr;
1453 1425
@@ -1471,19 +1443,17 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1471 */ 1443 */
1472 1444
1473 rcu_read_lock(); 1445 rcu_read_lock();
1474 list_for_each_entry_rcu(sdata, &local->interfaces, 1446 list_for_each_entry_rcu(tmp_sdata, &local->interfaces,
1475 list) { 1447 list) {
1476 if (!netif_running(sdata->dev)) 1448 if (!netif_running(tmp_sdata->dev))
1477 continue; 1449 continue;
1478 if (sdata->vif.type != NL80211_IFTYPE_AP) 1450 if (tmp_sdata->vif.type != NL80211_IFTYPE_AP)
1479 continue; 1451 continue;
1480 if (compare_ether_addr(sdata->dev->dev_addr, 1452 if (compare_ether_addr(tmp_sdata->dev->dev_addr,
1481 hdr->addr2)) { 1453 hdr->addr2)) {
1482 dev_hold(sdata->dev); 1454 dev_hold(tmp_sdata->dev);
1483 dev_put(odev); 1455 dev_put(sdata->dev);
1484 osdata = sdata; 1456 sdata = tmp_sdata;
1485 odev = osdata->dev;
1486 skb->iif = sdata->dev->ifindex;
1487 monitor_iface = FOUND_SDATA; 1457 monitor_iface = FOUND_SDATA;
1488 break; 1458 break;
1489 } 1459 }
@@ -1492,31 +1462,31 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1492 } 1462 }
1493 } 1463 }
1494 1464
1495 may_encrypt = !skb->do_not_encrypt; 1465 may_encrypt = !(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT);
1496 1466
1497 headroom = osdata->local->tx_headroom; 1467 headroom = local->tx_headroom;
1498 if (may_encrypt) 1468 if (may_encrypt)
1499 headroom += IEEE80211_ENCRYPT_HEADROOM; 1469 headroom += IEEE80211_ENCRYPT_HEADROOM;
1500 headroom -= skb_headroom(skb); 1470 headroom -= skb_headroom(skb);
1501 headroom = max_t(int, 0, headroom); 1471 headroom = max_t(int, 0, headroom);
1502 1472
1503 if (ieee80211_skb_resize(osdata->local, skb, headroom, may_encrypt)) { 1473 if (ieee80211_skb_resize(local, skb, headroom, may_encrypt)) {
1504 dev_kfree_skb(skb); 1474 dev_kfree_skb(skb);
1505 dev_put(odev); 1475 dev_put(sdata->dev);
1506 return NETDEV_TX_OK; 1476 return;
1507 } 1477 }
1508 1478
1509 if (osdata->vif.type == NL80211_IFTYPE_AP_VLAN) 1479 tmp_sdata = sdata;
1510 osdata = container_of(osdata->bss, 1480 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
1511 struct ieee80211_sub_if_data, 1481 tmp_sdata = container_of(sdata->bss,
1512 u.ap); 1482 struct ieee80211_sub_if_data,
1483 u.ap);
1513 if (likely(monitor_iface != UNKNOWN_ADDRESS)) 1484 if (likely(monitor_iface != UNKNOWN_ADDRESS))
1514 info->control.vif = &osdata->vif; 1485 info->control.vif = &tmp_sdata->vif;
1515
1516 ieee80211_tx(odev, skb, false);
1517 dev_put(odev);
1518 1486
1519 return NETDEV_TX_OK; 1487 ieee80211_select_queue(local, skb);
1488 ieee80211_tx(sdata, skb, false);
1489 dev_put(sdata->dev);
1520} 1490}
1521 1491
1522int ieee80211_monitor_start_xmit(struct sk_buff *skb, 1492int ieee80211_monitor_start_xmit(struct sk_buff *skb,
@@ -1526,6 +1496,7 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1526 struct ieee80211_channel *chan = local->hw.conf.channel; 1496 struct ieee80211_channel *chan = local->hw.conf.channel;
1527 struct ieee80211_radiotap_header *prthdr = 1497 struct ieee80211_radiotap_header *prthdr =
1528 (struct ieee80211_radiotap_header *)skb->data; 1498 (struct ieee80211_radiotap_header *)skb->data;
1499 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1529 u16 len_rthdr; 1500 u16 len_rthdr;
1530 1501
1531 /* 1502 /*
@@ -1563,15 +1534,9 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1563 if (unlikely(skb->len < len_rthdr)) 1534 if (unlikely(skb->len < len_rthdr))
1564 goto fail; /* skb too short for claimed rt header extent */ 1535 goto fail; /* skb too short for claimed rt header extent */
1565 1536
1566 skb->dev = local->mdev;
1567
1568 /* needed because we set skb device to master */ 1537 /* needed because we set skb device to master */
1569 skb->iif = dev->ifindex; 1538 skb->iif = dev->ifindex;
1570 1539
1571 /* sometimes we do encrypt injected frames, will be fixed
1572 * up in radiotap parser if not wanted */
1573 skb->do_not_encrypt = 0;
1574
1575 /* 1540 /*
1576 * fix up the pointers accounting for the radiotap 1541 * fix up the pointers accounting for the radiotap
1577 * header still being in there. We are being given 1542 * header still being in there. We are being given
@@ -1586,8 +1551,10 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1586 skb_set_network_header(skb, len_rthdr); 1551 skb_set_network_header(skb, len_rthdr);
1587 skb_set_transport_header(skb, len_rthdr); 1552 skb_set_transport_header(skb, len_rthdr);
1588 1553
1589 /* pass the radiotap header up to the next stage intact */ 1554 memset(info, 0, sizeof(*info));
1590 dev_queue_xmit(skb); 1555
1556 /* pass the radiotap header up to xmit */
1557 ieee80211_xmit(IEEE80211_DEV_TO_SUB_IF(dev), skb);
1591 return NETDEV_TX_OK; 1558 return NETDEV_TX_OK;
1592 1559
1593fail: 1560fail:
@@ -1615,6 +1582,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1615{ 1582{
1616 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1583 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1617 struct ieee80211_local *local = sdata->local; 1584 struct ieee80211_local *local = sdata->local;
1585 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1618 int ret = NETDEV_TX_BUSY, head_need; 1586 int ret = NETDEV_TX_BUSY, head_need;
1619 u16 ethertype, hdrlen, meshhdrlen = 0; 1587 u16 ethertype, hdrlen, meshhdrlen = 0;
1620 __le16 fc; 1588 __le16 fc;
@@ -1627,7 +1595,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1627 u32 sta_flags = 0; 1595 u32 sta_flags = 0;
1628 1596
1629 if (unlikely(skb->len < ETH_HLEN)) { 1597 if (unlikely(skb->len < ETH_HLEN)) {
1630 ret = 0; 1598 ret = NETDEV_TX_OK;
1631 goto fail; 1599 goto fail;
1632 } 1600 }
1633 1601
@@ -1664,7 +1632,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1664 if (!sdata->u.mesh.mshcfg.dot11MeshTTL) { 1632 if (!sdata->u.mesh.mshcfg.dot11MeshTTL) {
1665 /* Do not send frames with mesh_ttl == 0 */ 1633 /* Do not send frames with mesh_ttl == 0 */
1666 sdata->u.mesh.mshstats.dropped_frames_ttl++; 1634 sdata->u.mesh.mshstats.dropped_frames_ttl++;
1667 ret = 0; 1635 ret = NETDEV_TX_OK;
1668 goto fail; 1636 goto fail;
1669 } 1637 }
1670 memset(&mesh_hdr, 0, sizeof(mesh_hdr)); 1638 memset(&mesh_hdr, 0, sizeof(mesh_hdr));
@@ -1724,7 +1692,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1724 hdrlen = 24; 1692 hdrlen = 24;
1725 break; 1693 break;
1726 default: 1694 default:
1727 ret = 0; 1695 ret = NETDEV_TX_OK;
1728 goto fail; 1696 goto fail;
1729 } 1697 }
1730 1698
@@ -1766,7 +1734,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1766 1734
1767 I802_DEBUG_INC(local->tx_handlers_drop_unauth_port); 1735 I802_DEBUG_INC(local->tx_handlers_drop_unauth_port);
1768 1736
1769 ret = 0; 1737 ret = NETDEV_TX_OK;
1770 goto fail; 1738 goto fail;
1771 } 1739 }
1772 1740
@@ -1844,7 +1812,6 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1844 1812
1845 skb->iif = dev->ifindex; 1813 skb->iif = dev->ifindex;
1846 1814
1847 skb->dev = local->mdev;
1848 dev->stats.tx_packets++; 1815 dev->stats.tx_packets++;
1849 dev->stats.tx_bytes += skb->len; 1816 dev->stats.tx_bytes += skb->len;
1850 1817
@@ -1855,13 +1822,15 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1855 skb_set_network_header(skb, nh_pos); 1822 skb_set_network_header(skb, nh_pos);
1856 skb_set_transport_header(skb, h_pos); 1823 skb_set_transport_header(skb, h_pos);
1857 1824
1825 memset(info, 0, sizeof(*info));
1826
1858 dev->trans_start = jiffies; 1827 dev->trans_start = jiffies;
1859 dev_queue_xmit(skb); 1828 ieee80211_xmit(sdata, skb);
1860 1829
1861 return 0; 1830 return NETDEV_TX_OK;
1862 1831
1863 fail: 1832 fail:
1864 if (!ret) 1833 if (ret == NETDEV_TX_OK)
1865 dev_kfree_skb(skb); 1834 dev_kfree_skb(skb);
1866 1835
1867 return ret; 1836 return ret;
@@ -1898,7 +1867,6 @@ static bool ieee80211_tx_pending_skb(struct ieee80211_local *local,
1898 return true; 1867 return true;
1899 } 1868 }
1900 1869
1901 /* validate info->control.vif against skb->iif */
1902 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1870 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1903 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 1871 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
1904 sdata = container_of(sdata->bss, 1872 sdata = container_of(sdata->bss,
@@ -1912,12 +1880,13 @@ static bool ieee80211_tx_pending_skb(struct ieee80211_local *local,
1912 } 1880 }
1913 1881
1914 if (info->flags & IEEE80211_TX_INTFL_NEED_TXPROCESSING) { 1882 if (info->flags & IEEE80211_TX_INTFL_NEED_TXPROCESSING) {
1915 ieee80211_tx(dev, skb, true); 1883 /* do not use sdata, it may have been changed above */
1884 ieee80211_tx(IEEE80211_DEV_TO_SUB_IF(dev), skb, true);
1916 } else { 1885 } else {
1917 hdr = (struct ieee80211_hdr *)skb->data; 1886 hdr = (struct ieee80211_hdr *)skb->data;
1918 sta = sta_info_get(local, hdr->addr1); 1887 sta = sta_info_get(local, hdr->addr1);
1919 1888
1920 ret = __ieee80211_tx(local, &skb, sta); 1889 ret = __ieee80211_tx(local, &skb, sta, true);
1921 if (ret != IEEE80211_TX_OK) 1890 if (ret != IEEE80211_TX_OK)
1922 result = false; 1891 result = false;
1923 } 1892 }
@@ -1929,59 +1898,43 @@ static bool ieee80211_tx_pending_skb(struct ieee80211_local *local,
1929} 1898}
1930 1899
1931/* 1900/*
1932 * Transmit all pending packets. Called from tasklet, locks master device 1901 * Transmit all pending packets. Called from tasklet.
1933 * TX lock so that no new packets can come in.
1934 */ 1902 */
1935void ieee80211_tx_pending(unsigned long data) 1903void ieee80211_tx_pending(unsigned long data)
1936{ 1904{
1937 struct ieee80211_local *local = (struct ieee80211_local *)data; 1905 struct ieee80211_local *local = (struct ieee80211_local *)data;
1938 struct net_device *dev = local->mdev;
1939 unsigned long flags; 1906 unsigned long flags;
1940 int i; 1907 int i;
1941 bool next; 1908 bool txok;
1942 1909
1943 rcu_read_lock(); 1910 rcu_read_lock();
1944 netif_tx_lock_bh(dev);
1945 1911
1912 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1946 for (i = 0; i < local->hw.queues; i++) { 1913 for (i = 0; i < local->hw.queues; i++) {
1947 /* 1914 /*
1948 * If queue is stopped by something other than due to pending 1915 * If queue is stopped by something other than due to pending
1949 * frames, or we have no pending frames, proceed to next queue. 1916 * frames, or we have no pending frames, proceed to next queue.
1950 */ 1917 */
1951 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1918 if (local->queue_stop_reasons[i] ||
1952 next = false;
1953 if (local->queue_stop_reasons[i] !=
1954 BIT(IEEE80211_QUEUE_STOP_REASON_PENDING) ||
1955 skb_queue_empty(&local->pending[i])) 1919 skb_queue_empty(&local->pending[i]))
1956 next = true;
1957 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1958
1959 if (next)
1960 continue; 1920 continue;
1961 1921
1962 /*
1963 * start the queue now to allow processing our packets,
1964 * we're under the tx lock here anyway so nothing will
1965 * happen as a result of this
1966 */
1967 netif_start_subqueue(local->mdev, i);
1968
1969 while (!skb_queue_empty(&local->pending[i])) { 1922 while (!skb_queue_empty(&local->pending[i])) {
1970 struct sk_buff *skb = skb_dequeue(&local->pending[i]); 1923 struct sk_buff *skb = __skb_dequeue(&local->pending[i]);
1971 1924 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1972 if (!ieee80211_tx_pending_skb(local, skb)) { 1925 flags);
1973 skb_queue_head(&local->pending[i], skb); 1926
1927 txok = ieee80211_tx_pending_skb(local, skb);
1928 if (!txok)
1929 __skb_queue_head(&local->pending[i], skb);
1930 spin_lock_irqsave(&local->queue_stop_reason_lock,
1931 flags);
1932 if (!txok)
1974 break; 1933 break;
1975 }
1976 } 1934 }
1977
1978 /* Start regular packet processing again. */
1979 if (skb_queue_empty(&local->pending[i]))
1980 ieee80211_wake_queue_by_reason(&local->hw, i,
1981 IEEE80211_QUEUE_STOP_REASON_PENDING);
1982 } 1935 }
1936 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1983 1937
1984 netif_tx_unlock_bh(dev);
1985 rcu_read_unlock(); 1938 rcu_read_unlock();
1986} 1939}
1987 1940
@@ -2156,8 +2109,7 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
2156 2109
2157 info = IEEE80211_SKB_CB(skb); 2110 info = IEEE80211_SKB_CB(skb);
2158 2111
2159 skb->do_not_encrypt = 1; 2112 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
2160
2161 info->band = band; 2113 info->band = band;
2162 /* 2114 /*
2163 * XXX: For now, always use the lowest rate 2115 * XXX: For now, always use the lowest rate
@@ -2228,9 +2180,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2228 sdata = vif_to_sdata(vif); 2180 sdata = vif_to_sdata(vif);
2229 bss = &sdata->u.ap; 2181 bss = &sdata->u.ap;
2230 2182
2231 if (!bss)
2232 return NULL;
2233
2234 rcu_read_lock(); 2183 rcu_read_lock();
2235 beacon = rcu_dereference(bss->beacon); 2184 beacon = rcu_dereference(bss->beacon);
2236 2185
@@ -2256,7 +2205,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2256 cpu_to_le16(IEEE80211_FCTL_MOREDATA); 2205 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
2257 } 2206 }
2258 2207
2259 if (!ieee80211_tx_prepare(local, &tx, skb)) 2208 if (!ieee80211_tx_prepare(sdata, &tx, skb))
2260 break; 2209 break;
2261 dev_kfree_skb_any(skb); 2210 dev_kfree_skb_any(skb);
2262 } 2211 }
@@ -2276,3 +2225,25 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2276 return skb; 2225 return skb;
2277} 2226}
2278EXPORT_SYMBOL(ieee80211_get_buffered_bc); 2227EXPORT_SYMBOL(ieee80211_get_buffered_bc);
2228
2229void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
2230 int encrypt)
2231{
2232 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
2233 skb_set_mac_header(skb, 0);
2234 skb_set_network_header(skb, 0);
2235 skb_set_transport_header(skb, 0);
2236
2237 skb->iif = sdata->dev->ifindex;
2238 if (!encrypt)
2239 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
2240
2241 /*
2242 * The other path calling ieee80211_xmit is from the tasklet,
2243 * and while we can handle concurrent transmissions locking
2244 * requirements are that we do not come into tx with bhs on.
2245 */
2246 local_bh_disable();
2247 ieee80211_xmit(sdata, skb);
2248 local_bh_enable();
2249}
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 915e77769312..7fc55846d601 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -31,6 +31,7 @@
31#include "mesh.h" 31#include "mesh.h"
32#include "wme.h" 32#include "wme.h"
33#include "led.h" 33#include "led.h"
34#include "wep.h"
34 35
35/* privid for wiphys to determine whether they belong to us or not */ 36/* privid for wiphys to determine whether they belong to us or not */
36void *mac80211_wiphy_privid = &mac80211_wiphy_privid; 37void *mac80211_wiphy_privid = &mac80211_wiphy_privid;
@@ -274,16 +275,12 @@ static void __ieee80211_wake_queue(struct ieee80211_hw *hw, int queue,
274 275
275 __clear_bit(reason, &local->queue_stop_reasons[queue]); 276 __clear_bit(reason, &local->queue_stop_reasons[queue]);
276 277
277 if (!skb_queue_empty(&local->pending[queue]) &&
278 local->queue_stop_reasons[queue] ==
279 BIT(IEEE80211_QUEUE_STOP_REASON_PENDING))
280 tasklet_schedule(&local->tx_pending_tasklet);
281
282 if (local->queue_stop_reasons[queue] != 0) 278 if (local->queue_stop_reasons[queue] != 0)
283 /* someone still has this queue stopped */ 279 /* someone still has this queue stopped */
284 return; 280 return;
285 281
286 netif_wake_subqueue(local->mdev, queue); 282 if (!skb_queue_empty(&local->pending[queue]))
283 tasklet_schedule(&local->tx_pending_tasklet);
287} 284}
288 285
289void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue, 286void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue,
@@ -312,14 +309,6 @@ static void __ieee80211_stop_queue(struct ieee80211_hw *hw, int queue,
312 if (WARN_ON(queue >= hw->queues)) 309 if (WARN_ON(queue >= hw->queues))
313 return; 310 return;
314 311
315 /*
316 * Only stop if it was previously running, this is necessary
317 * for correct pending packets handling because there we may
318 * start (but not wake) the queue and rely on that.
319 */
320 if (!local->queue_stop_reasons[queue])
321 netif_stop_subqueue(local->mdev, queue);
322
323 __set_bit(reason, &local->queue_stop_reasons[queue]); 312 __set_bit(reason, &local->queue_stop_reasons[queue]);
324} 313}
325 314
@@ -350,8 +339,7 @@ void ieee80211_add_pending_skb(struct ieee80211_local *local,
350 339
351 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 340 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
352 __ieee80211_stop_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD); 341 __ieee80211_stop_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
353 __ieee80211_stop_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_PENDING); 342 __skb_queue_tail(&local->pending[queue], skb);
354 skb_queue_tail(&local->pending[queue], skb);
355 __ieee80211_wake_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD); 343 __ieee80211_wake_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
356 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 344 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
357} 345}
@@ -372,16 +360,12 @@ int ieee80211_add_pending_skbs(struct ieee80211_local *local,
372 while ((skb = skb_dequeue(skbs))) { 360 while ((skb = skb_dequeue(skbs))) {
373 ret++; 361 ret++;
374 queue = skb_get_queue_mapping(skb); 362 queue = skb_get_queue_mapping(skb);
375 skb_queue_tail(&local->pending[queue], skb); 363 __skb_queue_tail(&local->pending[queue], skb);
376 } 364 }
377 365
378 for (i = 0; i < hw->queues; i++) { 366 for (i = 0; i < hw->queues; i++)
379 if (ret)
380 __ieee80211_stop_queue(hw, i,
381 IEEE80211_QUEUE_STOP_REASON_PENDING);
382 __ieee80211_wake_queue(hw, i, 367 __ieee80211_wake_queue(hw, i,
383 IEEE80211_QUEUE_STOP_REASON_SKB_ADD); 368 IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
384 }
385 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 369 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
386 370
387 return ret; 371 return ret;
@@ -412,11 +396,16 @@ EXPORT_SYMBOL(ieee80211_stop_queues);
412int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue) 396int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue)
413{ 397{
414 struct ieee80211_local *local = hw_to_local(hw); 398 struct ieee80211_local *local = hw_to_local(hw);
399 unsigned long flags;
400 int ret;
415 401
416 if (WARN_ON(queue >= hw->queues)) 402 if (WARN_ON(queue >= hw->queues))
417 return true; 403 return true;
418 404
419 return __netif_subqueue_stopped(local->mdev, queue); 405 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
406 ret = !!local->queue_stop_reasons[queue];
407 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
408 return ret;
420} 409}
421EXPORT_SYMBOL(ieee80211_queue_stopped); 410EXPORT_SYMBOL(ieee80211_queue_stopped);
422 411
@@ -760,20 +749,6 @@ void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
760 ieee80211_set_wmm_default(sdata); 749 ieee80211_set_wmm_default(sdata);
761} 750}
762 751
763void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
764 int encrypt)
765{
766 skb->dev = sdata->local->mdev;
767 skb_set_mac_header(skb, 0);
768 skb_set_network_header(skb, 0);
769 skb_set_transport_header(skb, 0);
770
771 skb->iif = sdata->dev->ifindex;
772 skb->do_not_encrypt = !encrypt;
773
774 dev_queue_xmit(skb);
775}
776
777u32 ieee80211_mandatory_rates(struct ieee80211_local *local, 752u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
778 enum ieee80211_band band) 753 enum ieee80211_band band)
779{ 754{
@@ -804,12 +779,13 @@ u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
804 779
805void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, 780void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
806 u16 transaction, u16 auth_alg, 781 u16 transaction, u16 auth_alg,
807 u8 *extra, size_t extra_len, 782 u8 *extra, size_t extra_len, const u8 *bssid,
808 const u8 *bssid, int encrypt) 783 const u8 *key, u8 key_len, u8 key_idx)
809{ 784{
810 struct ieee80211_local *local = sdata->local; 785 struct ieee80211_local *local = sdata->local;
811 struct sk_buff *skb; 786 struct sk_buff *skb;
812 struct ieee80211_mgmt *mgmt; 787 struct ieee80211_mgmt *mgmt;
788 int err;
813 789
814 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 790 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
815 sizeof(*mgmt) + 6 + extra_len); 791 sizeof(*mgmt) + 6 + extra_len);
@@ -824,8 +800,6 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
824 memset(mgmt, 0, 24 + 6); 800 memset(mgmt, 0, 24 + 6);
825 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 801 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
826 IEEE80211_STYPE_AUTH); 802 IEEE80211_STYPE_AUTH);
827 if (encrypt)
828 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
829 memcpy(mgmt->da, bssid, ETH_ALEN); 803 memcpy(mgmt->da, bssid, ETH_ALEN);
830 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 804 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
831 memcpy(mgmt->bssid, bssid, ETH_ALEN); 805 memcpy(mgmt->bssid, bssid, ETH_ALEN);
@@ -835,7 +809,13 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
835 if (extra) 809 if (extra)
836 memcpy(skb_put(skb, extra_len), extra, extra_len); 810 memcpy(skb_put(skb, extra_len), extra, extra_len);
837 811
838 ieee80211_tx_skb(sdata, skb, encrypt); 812 if (auth_alg == WLAN_AUTH_SHARED_KEY && transaction == 3) {
813 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
814 err = ieee80211_wep_encrypt(local, skb, key, key_len, key_idx);
815 WARN_ON(err);
816 }
817
818 ieee80211_tx_skb(sdata, skb, 0);
839} 819}
840 820
841int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 821int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
@@ -1043,9 +1023,9 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1043 /* reconfigure hardware */ 1023 /* reconfigure hardware */
1044 ieee80211_hw_config(local, ~0); 1024 ieee80211_hw_config(local, ~0);
1045 1025
1046 netif_addr_lock_bh(local->mdev); 1026 spin_lock_bh(&local->filter_lock);
1047 ieee80211_configure_filter(local); 1027 ieee80211_configure_filter(local);
1048 netif_addr_unlock_bh(local->mdev); 1028 spin_unlock_bh(&local->filter_lock);
1049 1029
1050 /* Finally also reconfigure all the BSS information */ 1030 /* Finally also reconfigure all the BSS information */
1051 list_for_each_entry(sdata, &local->interfaces, list) { 1031 list_for_each_entry(sdata, &local->interfaces, list) {
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index ef73105b3061..8a980f136941 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -67,10 +67,10 @@ static inline bool ieee80211_wep_weak_iv(u32 iv, int keylen)
67 67
68 68
69static void ieee80211_wep_get_iv(struct ieee80211_local *local, 69static void ieee80211_wep_get_iv(struct ieee80211_local *local,
70 struct ieee80211_key *key, u8 *iv) 70 int keylen, int keyidx, u8 *iv)
71{ 71{
72 local->wep_iv++; 72 local->wep_iv++;
73 if (ieee80211_wep_weak_iv(local->wep_iv, key->conf.keylen)) 73 if (ieee80211_wep_weak_iv(local->wep_iv, keylen))
74 local->wep_iv += 0x0100; 74 local->wep_iv += 0x0100;
75 75
76 if (!iv) 76 if (!iv)
@@ -79,13 +79,13 @@ static void ieee80211_wep_get_iv(struct ieee80211_local *local,
79 *iv++ = (local->wep_iv >> 16) & 0xff; 79 *iv++ = (local->wep_iv >> 16) & 0xff;
80 *iv++ = (local->wep_iv >> 8) & 0xff; 80 *iv++ = (local->wep_iv >> 8) & 0xff;
81 *iv++ = local->wep_iv & 0xff; 81 *iv++ = local->wep_iv & 0xff;
82 *iv++ = key->conf.keyidx << 6; 82 *iv++ = keyidx << 6;
83} 83}
84 84
85 85
86static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local, 86static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local,
87 struct sk_buff *skb, 87 struct sk_buff *skb,
88 struct ieee80211_key *key) 88 int keylen, int keyidx)
89{ 89{
90 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 90 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
91 unsigned int hdrlen; 91 unsigned int hdrlen;
@@ -100,7 +100,7 @@ static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local,
100 hdrlen = ieee80211_hdrlen(hdr->frame_control); 100 hdrlen = ieee80211_hdrlen(hdr->frame_control);
101 newhdr = skb_push(skb, WEP_IV_LEN); 101 newhdr = skb_push(skb, WEP_IV_LEN);
102 memmove(newhdr, newhdr + WEP_IV_LEN, hdrlen); 102 memmove(newhdr, newhdr + WEP_IV_LEN, hdrlen);
103 ieee80211_wep_get_iv(local, key, newhdr + hdrlen); 103 ieee80211_wep_get_iv(local, keylen, keyidx, newhdr + hdrlen);
104 return newhdr + hdrlen; 104 return newhdr + hdrlen;
105} 105}
106 106
@@ -144,26 +144,17 @@ void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
144 * 144 *
145 * WEP frame payload: IV + TX key idx, RC4(data), ICV = RC4(CRC32(data)) 145 * WEP frame payload: IV + TX key idx, RC4(data), ICV = RC4(CRC32(data))
146 */ 146 */
147int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb, 147int ieee80211_wep_encrypt(struct ieee80211_local *local,
148 struct ieee80211_key *key) 148 struct sk_buff *skb,
149 const u8 *key, int keylen, int keyidx)
149{ 150{
150 u32 klen; 151 u8 *iv;
151 u8 *rc4key, *iv;
152 size_t len; 152 size_t len;
153 u8 rc4key[3 + WLAN_KEY_LEN_WEP104];
153 154
154 if (!key || key->conf.alg != ALG_WEP) 155 iv = ieee80211_wep_add_iv(local, skb, keylen, keyidx);
155 return -1; 156 if (!iv)
156
157 klen = 3 + key->conf.keylen;
158 rc4key = kmalloc(klen, GFP_ATOMIC);
159 if (!rc4key)
160 return -1;
161
162 iv = ieee80211_wep_add_iv(local, skb, key);
163 if (!iv) {
164 kfree(rc4key);
165 return -1; 157 return -1;
166 }
167 158
168 len = skb->len - (iv + WEP_IV_LEN - skb->data); 159 len = skb->len - (iv + WEP_IV_LEN - skb->data);
169 160
@@ -171,16 +162,14 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
171 memcpy(rc4key, iv, 3); 162 memcpy(rc4key, iv, 3);
172 163
173 /* Copy rest of the WEP key (the secret part) */ 164 /* Copy rest of the WEP key (the secret part) */
174 memcpy(rc4key + 3, key->conf.key, key->conf.keylen); 165 memcpy(rc4key + 3, key, keylen);
175 166
176 /* Add room for ICV */ 167 /* Add room for ICV */
177 skb_put(skb, WEP_ICV_LEN); 168 skb_put(skb, WEP_ICV_LEN);
178 169
179 ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, klen, 170 ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3,
180 iv + WEP_IV_LEN, len); 171 iv + WEP_IV_LEN, len);
181 172
182 kfree(rc4key);
183
184 return 0; 173 return 0;
185} 174}
186 175
@@ -216,8 +205,9 @@ int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
216 * failure. If frame is OK, IV and ICV will be removed, i.e., decrypted payload 205 * failure. If frame is OK, IV and ICV will be removed, i.e., decrypted payload
217 * is moved to the beginning of the skb and skb length will be reduced. 206 * is moved to the beginning of the skb and skb length will be reduced.
218 */ 207 */
219int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb, 208static int ieee80211_wep_decrypt(struct ieee80211_local *local,
220 struct ieee80211_key *key) 209 struct sk_buff *skb,
210 struct ieee80211_key *key)
221{ 211{
222 u32 klen; 212 u32 klen;
223 u8 *rc4key; 213 u8 *rc4key;
@@ -314,12 +304,16 @@ static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
314 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 304 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
315 305
316 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 306 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
317 if (ieee80211_wep_encrypt(tx->local, skb, tx->key)) 307 if (ieee80211_wep_encrypt(tx->local, skb, tx->key->conf.key,
308 tx->key->conf.keylen,
309 tx->key->conf.keyidx))
318 return -1; 310 return -1;
319 } else { 311 } else {
320 info->control.hw_key = &tx->key->conf; 312 info->control.hw_key = &tx->key->conf;
321 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) { 313 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) {
322 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key)) 314 if (!ieee80211_wep_add_iv(tx->local, skb,
315 tx->key->conf.keylen,
316 tx->key->conf.keyidx))
323 return -1; 317 return -1;
324 } 318 }
325 } 319 }
diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h
index d3f0db48314e..fe29d7e5759f 100644
--- a/net/mac80211/wep.h
+++ b/net/mac80211/wep.h
@@ -20,12 +20,11 @@ int ieee80211_wep_init(struct ieee80211_local *local);
20void ieee80211_wep_free(struct ieee80211_local *local); 20void ieee80211_wep_free(struct ieee80211_local *local);
21void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key, 21void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
22 size_t klen, u8 *data, size_t data_len); 22 size_t klen, u8 *data, size_t data_len);
23int ieee80211_wep_encrypt(struct ieee80211_local *local,
24 struct sk_buff *skb,
25 const u8 *key, int keylen, int keyidx);
23int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key, 26int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
24 size_t klen, u8 *data, size_t data_len); 27 size_t klen, u8 *data, size_t data_len);
25int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
26 struct ieee80211_key *key);
27int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
28 struct ieee80211_key *key);
29bool ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key); 28bool ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
30 29
31ieee80211_rx_result 30ieee80211_rx_result
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index 1da81f456744..5acb8140ee58 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -27,29 +27,6 @@
27#include "aes_ccm.h" 27#include "aes_ccm.h"
28 28
29 29
30static int ieee80211_ioctl_siwgenie(struct net_device *dev,
31 struct iw_request_info *info,
32 struct iw_point *data, char *extra)
33{
34 struct ieee80211_sub_if_data *sdata;
35
36 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
37
38 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
39 int ret = ieee80211_sta_set_extra_ie(sdata, extra, data->length);
40 if (ret && ret != -EALREADY)
41 return ret;
42 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
43 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
44 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
45 if (ret != -EALREADY)
46 ieee80211_sta_req_auth(sdata);
47 return 0;
48 }
49
50 return -EOPNOTSUPP;
51}
52
53static int ieee80211_ioctl_siwfreq(struct net_device *dev, 30static int ieee80211_ioctl_siwfreq(struct net_device *dev,
54 struct iw_request_info *info, 31 struct iw_request_info *info,
55 struct iw_freq *freq, char *extra) 32 struct iw_freq *freq, char *extra)
@@ -61,16 +38,13 @@ static int ieee80211_ioctl_siwfreq(struct net_device *dev,
61 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 38 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
62 return cfg80211_ibss_wext_siwfreq(dev, info, freq, extra); 39 return cfg80211_ibss_wext_siwfreq(dev, info, freq, extra);
63 else if (sdata->vif.type == NL80211_IFTYPE_STATION) 40 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
64 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL; 41 return cfg80211_mgd_wext_siwfreq(dev, info, freq, extra);
65 42
66 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */ 43 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */
67 if (freq->e == 0) { 44 if (freq->e == 0) {
68 if (freq->m < 0) { 45 if (freq->m < 0)
69 if (sdata->vif.type == NL80211_IFTYPE_STATION) 46 return -EINVAL;
70 sdata->u.mgd.flags |= 47 else
71 IEEE80211_STA_AUTO_CHANNEL_SEL;
72 return 0;
73 } else
74 chan = ieee80211_get_channel(local->hw.wiphy, 48 chan = ieee80211_get_channel(local->hw.wiphy,
75 ieee80211_channel_to_frequency(freq->m)); 49 ieee80211_channel_to_frequency(freq->m));
76 } else { 50 } else {
@@ -95,9 +69,6 @@ static int ieee80211_ioctl_siwfreq(struct net_device *dev,
95 if (local->oper_channel == chan) 69 if (local->oper_channel == chan)
96 return 0; 70 return 0;
97 71
98 if (sdata->vif.type == NL80211_IFTYPE_STATION)
99 ieee80211_sta_req_auth(sdata);
100
101 local->oper_channel = chan; 72 local->oper_channel = chan;
102 local->oper_channel_type = NL80211_CHAN_NO_HT; 73 local->oper_channel_type = NL80211_CHAN_NO_HT;
103 ieee80211_hw_config(local, 0); 74 ieee80211_hw_config(local, 0);
@@ -115,6 +86,8 @@ static int ieee80211_ioctl_giwfreq(struct net_device *dev,
115 86
116 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 87 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
117 return cfg80211_ibss_wext_giwfreq(dev, info, freq, extra); 88 return cfg80211_ibss_wext_giwfreq(dev, info, freq, extra);
89 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
90 return cfg80211_mgd_wext_giwfreq(dev, info, freq, extra);
118 91
119 freq->m = local->oper_channel->center_freq; 92 freq->m = local->oper_channel->center_freq;
120 freq->e = 6; 93 freq->e = 6;
@@ -128,31 +101,11 @@ static int ieee80211_ioctl_siwessid(struct net_device *dev,
128 struct iw_point *data, char *ssid) 101 struct iw_point *data, char *ssid)
129{ 102{
130 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 103 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
131 size_t len = data->length;
132 int ret;
133 104
134 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 105 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
135 return cfg80211_ibss_wext_siwessid(dev, info, data, ssid); 106 return cfg80211_ibss_wext_siwessid(dev, info, data, ssid);
136 107 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
137 /* iwconfig uses nul termination in SSID.. */ 108 return cfg80211_mgd_wext_siwessid(dev, info, data, ssid);
138 if (len > 0 && ssid[len - 1] == '\0')
139 len--;
140
141 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
142 if (data->flags)
143 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
144 else
145 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
146
147 ret = ieee80211_sta_set_ssid(sdata, ssid, len);
148 if (ret)
149 return ret;
150
151 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
152 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
153 ieee80211_sta_req_auth(sdata);
154 return 0;
155 }
156 109
157 return -EOPNOTSUPP; 110 return -EOPNOTSUPP;
158} 111}
@@ -162,23 +115,14 @@ static int ieee80211_ioctl_giwessid(struct net_device *dev,
162 struct iw_request_info *info, 115 struct iw_request_info *info,
163 struct iw_point *data, char *ssid) 116 struct iw_point *data, char *ssid)
164{ 117{
165 size_t len;
166 struct ieee80211_sub_if_data *sdata; 118 struct ieee80211_sub_if_data *sdata;
167 119
168 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 120 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
169 121
170 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 122 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
171 return cfg80211_ibss_wext_giwessid(dev, info, data, ssid); 123 return cfg80211_ibss_wext_giwessid(dev, info, data, ssid);
172 124 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
173 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 125 return cfg80211_mgd_wext_giwessid(dev, info, data, ssid);
174 int res = ieee80211_sta_get_ssid(sdata, ssid, &len);
175 if (res == 0) {
176 data->length = len;
177 data->flags = 1;
178 } else
179 data->flags = 0;
180 return res;
181 }
182 126
183 return -EOPNOTSUPP; 127 return -EOPNOTSUPP;
184} 128}
@@ -193,40 +137,11 @@ static int ieee80211_ioctl_siwap(struct net_device *dev,
193 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 137 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
194 return cfg80211_ibss_wext_siwap(dev, info, ap_addr, extra); 138 return cfg80211_ibss_wext_siwap(dev, info, ap_addr, extra);
195 139
196 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 140 if (sdata->vif.type == NL80211_IFTYPE_STATION)
197 int ret; 141 return cfg80211_mgd_wext_siwap(dev, info, ap_addr, extra);
198
199 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data))
200 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL |
201 IEEE80211_STA_AUTO_CHANNEL_SEL;
202 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
203 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL;
204 else
205 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
206 ret = ieee80211_sta_set_bssid(sdata, (u8 *) &ap_addr->sa_data);
207 if (ret)
208 return ret;
209 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
210 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
211 ieee80211_sta_req_auth(sdata);
212 return 0;
213 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
214 /*
215 * If it is necessary to update the WDS peer address
216 * while the interface is running, then we need to do
217 * more work here, namely if it is running we need to
218 * add a new and remove the old STA entry, this is
219 * normally handled by _open() and _stop().
220 */
221 if (netif_running(dev))
222 return -EBUSY;
223
224 memcpy(&sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data,
225 ETH_ALEN);
226
227 return 0;
228 }
229 142
143 if (sdata->vif.type == NL80211_IFTYPE_WDS)
144 return cfg80211_wds_wext_siwap(dev, info, ap_addr, extra);
230 return -EOPNOTSUPP; 145 return -EOPNOTSUPP;
231} 146}
232 147
@@ -240,326 +155,13 @@ static int ieee80211_ioctl_giwap(struct net_device *dev,
240 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 155 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
241 return cfg80211_ibss_wext_giwap(dev, info, ap_addr, extra); 156 return cfg80211_ibss_wext_giwap(dev, info, ap_addr, extra);
242 157
243 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
244 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATED) {
245 ap_addr->sa_family = ARPHRD_ETHER;
246 memcpy(&ap_addr->sa_data, sdata->u.mgd.bssid, ETH_ALEN);
247 } else
248 memset(&ap_addr->sa_data, 0, ETH_ALEN);
249 return 0;
250 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
251 ap_addr->sa_family = ARPHRD_ETHER;
252 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN);
253 return 0;
254 }
255
256 return -EOPNOTSUPP;
257}
258
259
260static int ieee80211_ioctl_siwrate(struct net_device *dev,
261 struct iw_request_info *info,
262 struct iw_param *rate, char *extra)
263{
264 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
265 int i, err = -EINVAL;
266 u32 target_rate = rate->value / 100000;
267 struct ieee80211_sub_if_data *sdata;
268 struct ieee80211_supported_band *sband;
269
270 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
271
272 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
273
274 /* target_rate = -1, rate->fixed = 0 means auto only, so use all rates
275 * target_rate = X, rate->fixed = 1 means only rate X
276 * target_rate = X, rate->fixed = 0 means all rates <= X */
277 sdata->max_ratectrl_rateidx = -1;
278 sdata->force_unicast_rateidx = -1;
279 if (rate->value < 0)
280 return 0;
281
282 for (i=0; i< sband->n_bitrates; i++) {
283 struct ieee80211_rate *brate = &sband->bitrates[i];
284 int this_rate = brate->bitrate;
285
286 if (target_rate == this_rate) {
287 sdata->max_ratectrl_rateidx = i;
288 if (rate->fixed)
289 sdata->force_unicast_rateidx = i;
290 err = 0;
291 break;
292 }
293 }
294 return err;
295}
296
297static int ieee80211_ioctl_giwrate(struct net_device *dev,
298 struct iw_request_info *info,
299 struct iw_param *rate, char *extra)
300{
301 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
302 struct sta_info *sta;
303 struct ieee80211_sub_if_data *sdata;
304 struct ieee80211_supported_band *sband;
305
306 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
307
308 if (sdata->vif.type != NL80211_IFTYPE_STATION)
309 return -EOPNOTSUPP;
310
311 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
312
313 rcu_read_lock();
314
315 sta = sta_info_get(local, sdata->u.mgd.bssid);
316
317 if (sta && !(sta->last_tx_rate.flags & IEEE80211_TX_RC_MCS))
318 rate->value = sband->bitrates[sta->last_tx_rate.idx].bitrate;
319 else
320 rate->value = 0;
321
322 rcu_read_unlock();
323
324 if (!sta)
325 return -ENODEV;
326
327 rate->value *= 100000;
328
329 return 0;
330}
331
332static int ieee80211_ioctl_siwpower(struct net_device *dev,
333 struct iw_request_info *info,
334 struct iw_param *wrq,
335 char *extra)
336{
337 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
338 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
339 struct ieee80211_conf *conf = &local->hw.conf;
340 int timeout = 0;
341 bool ps;
342
343 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
344 return -EOPNOTSUPP;
345
346 if (sdata->vif.type != NL80211_IFTYPE_STATION)
347 return -EINVAL;
348
349 if (wrq->disabled) {
350 ps = false;
351 timeout = 0;
352 goto set;
353 }
354
355 switch (wrq->flags & IW_POWER_MODE) {
356 case IW_POWER_ON: /* If not specified */
357 case IW_POWER_MODE: /* If set all mask */
358 case IW_POWER_ALL_R: /* If explicitely state all */
359 ps = true;
360 break;
361 default: /* Otherwise we ignore */
362 return -EINVAL;
363 }
364
365 if (wrq->flags & ~(IW_POWER_MODE | IW_POWER_TIMEOUT))
366 return -EINVAL;
367
368 if (wrq->flags & IW_POWER_TIMEOUT)
369 timeout = wrq->value / 1000;
370
371 set:
372 if (ps == sdata->u.mgd.powersave && timeout == conf->dynamic_ps_timeout)
373 return 0;
374
375 sdata->u.mgd.powersave = ps;
376 conf->dynamic_ps_timeout = timeout;
377
378 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
379 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
380
381 ieee80211_recalc_ps(local, -1);
382
383 return 0;
384}
385
386static int ieee80211_ioctl_giwpower(struct net_device *dev,
387 struct iw_request_info *info,
388 union iwreq_data *wrqu,
389 char *extra)
390{
391 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
392
393 wrqu->power.disabled = !sdata->u.mgd.powersave;
394
395 return 0;
396}
397
398static int ieee80211_ioctl_siwauth(struct net_device *dev,
399 struct iw_request_info *info,
400 struct iw_param *data, char *extra)
401{
402 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
403 int ret = 0;
404
405 switch (data->flags & IW_AUTH_INDEX) {
406 case IW_AUTH_WPA_VERSION:
407 case IW_AUTH_CIPHER_GROUP:
408 case IW_AUTH_WPA_ENABLED:
409 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
410 case IW_AUTH_KEY_MGMT:
411 case IW_AUTH_CIPHER_GROUP_MGMT:
412 break;
413 case IW_AUTH_CIPHER_PAIRWISE:
414 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
415 if (data->value & (IW_AUTH_CIPHER_WEP40 |
416 IW_AUTH_CIPHER_WEP104 | IW_AUTH_CIPHER_TKIP))
417 sdata->u.mgd.flags |=
418 IEEE80211_STA_TKIP_WEP_USED;
419 else
420 sdata->u.mgd.flags &=
421 ~IEEE80211_STA_TKIP_WEP_USED;
422 }
423 break;
424 case IW_AUTH_DROP_UNENCRYPTED:
425 sdata->drop_unencrypted = !!data->value;
426 break;
427 case IW_AUTH_PRIVACY_INVOKED:
428 if (sdata->vif.type != NL80211_IFTYPE_STATION)
429 ret = -EINVAL;
430 else {
431 sdata->u.mgd.flags &= ~IEEE80211_STA_PRIVACY_INVOKED;
432 /*
433 * Privacy invoked by wpa_supplicant, store the
434 * value and allow associating to a protected
435 * network without having a key up front.
436 */
437 if (data->value)
438 sdata->u.mgd.flags |=
439 IEEE80211_STA_PRIVACY_INVOKED;
440 }
441 break;
442 case IW_AUTH_80211_AUTH_ALG:
443 if (sdata->vif.type == NL80211_IFTYPE_STATION)
444 sdata->u.mgd.auth_algs = data->value;
445 else
446 ret = -EOPNOTSUPP;
447 break;
448 case IW_AUTH_MFP:
449 if (!(sdata->local->hw.flags & IEEE80211_HW_MFP_CAPABLE)) {
450 ret = -EOPNOTSUPP;
451 break;
452 }
453 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
454 switch (data->value) {
455 case IW_AUTH_MFP_DISABLED:
456 sdata->u.mgd.mfp = IEEE80211_MFP_DISABLED;
457 break;
458 case IW_AUTH_MFP_OPTIONAL:
459 sdata->u.mgd.mfp = IEEE80211_MFP_OPTIONAL;
460 break;
461 case IW_AUTH_MFP_REQUIRED:
462 sdata->u.mgd.mfp = IEEE80211_MFP_REQUIRED;
463 break;
464 default:
465 ret = -EINVAL;
466 }
467 } else
468 ret = -EOPNOTSUPP;
469 break;
470 default:
471 ret = -EOPNOTSUPP;
472 break;
473 }
474 return ret;
475}
476
477/* Get wireless statistics. Called by /proc/net/wireless and by SIOCGIWSTATS */
478static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev)
479{
480 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
481 struct iw_statistics *wstats = &local->wstats;
482 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
483 struct sta_info *sta = NULL;
484
485 rcu_read_lock();
486
487 if (sdata->vif.type == NL80211_IFTYPE_STATION) 158 if (sdata->vif.type == NL80211_IFTYPE_STATION)
488 sta = sta_info_get(local, sdata->u.mgd.bssid); 159 return cfg80211_mgd_wext_giwap(dev, info, ap_addr, extra);
489
490 if (!sta) {
491 wstats->discard.fragment = 0;
492 wstats->discard.misc = 0;
493 wstats->qual.qual = 0;
494 wstats->qual.level = 0;
495 wstats->qual.noise = 0;
496 wstats->qual.updated = IW_QUAL_ALL_INVALID;
497 } else {
498 wstats->qual.updated = 0;
499 /*
500 * mirror what cfg80211 does for iwrange/scan results,
501 * otherwise userspace gets confused.
502 */
503 if (local->hw.flags & (IEEE80211_HW_SIGNAL_UNSPEC |
504 IEEE80211_HW_SIGNAL_DBM)) {
505 wstats->qual.updated |= IW_QUAL_LEVEL_UPDATED;
506 wstats->qual.updated |= IW_QUAL_QUAL_UPDATED;
507 } else {
508 wstats->qual.updated |= IW_QUAL_LEVEL_INVALID;
509 wstats->qual.updated |= IW_QUAL_QUAL_INVALID;
510 }
511
512 if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC) {
513 wstats->qual.level = sta->last_signal;
514 wstats->qual.qual = sta->last_signal;
515 } else if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {
516 int sig = sta->last_signal;
517
518 wstats->qual.updated |= IW_QUAL_DBM;
519 wstats->qual.level = sig;
520 if (sig < -110)
521 sig = -110;
522 else if (sig > -40)
523 sig = -40;
524 wstats->qual.qual = sig + 110;
525 }
526
527 if (local->hw.flags & IEEE80211_HW_NOISE_DBM) {
528 /*
529 * This assumes that if driver reports noise, it also
530 * reports signal in dBm.
531 */
532 wstats->qual.noise = sta->last_noise;
533 wstats->qual.updated |= IW_QUAL_NOISE_UPDATED;
534 } else {
535 wstats->qual.updated |= IW_QUAL_NOISE_INVALID;
536 }
537 }
538 160
539 rcu_read_unlock(); 161 if (sdata->vif.type == NL80211_IFTYPE_WDS)
540 162 return cfg80211_wds_wext_giwap(dev, info, ap_addr, extra);
541 return wstats;
542}
543 163
544static int ieee80211_ioctl_giwauth(struct net_device *dev, 164 return -EOPNOTSUPP;
545 struct iw_request_info *info,
546 struct iw_param *data, char *extra)
547{
548 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
549 int ret = 0;
550
551 switch (data->flags & IW_AUTH_INDEX) {
552 case IW_AUTH_80211_AUTH_ALG:
553 if (sdata->vif.type == NL80211_IFTYPE_STATION)
554 data->value = sdata->u.mgd.auth_algs;
555 else
556 ret = -EOPNOTSUPP;
557 break;
558 default:
559 ret = -EOPNOTSUPP;
560 break;
561 }
562 return ret;
563} 165}
564 166
565 167
@@ -599,8 +201,8 @@ static const iw_handler ieee80211_handler[] =
599 (iw_handler) NULL, /* SIOCGIWNICKN */ 201 (iw_handler) NULL, /* SIOCGIWNICKN */
600 (iw_handler) NULL, /* -- hole -- */ 202 (iw_handler) NULL, /* -- hole -- */
601 (iw_handler) NULL, /* -- hole -- */ 203 (iw_handler) NULL, /* -- hole -- */
602 (iw_handler) ieee80211_ioctl_siwrate, /* SIOCSIWRATE */ 204 (iw_handler) cfg80211_wext_siwrate, /* SIOCSIWRATE */
603 (iw_handler) ieee80211_ioctl_giwrate, /* SIOCGIWRATE */ 205 (iw_handler) cfg80211_wext_giwrate, /* SIOCGIWRATE */
604 (iw_handler) cfg80211_wext_siwrts, /* SIOCSIWRTS */ 206 (iw_handler) cfg80211_wext_siwrts, /* SIOCSIWRTS */
605 (iw_handler) cfg80211_wext_giwrts, /* SIOCGIWRTS */ 207 (iw_handler) cfg80211_wext_giwrts, /* SIOCGIWRTS */
606 (iw_handler) cfg80211_wext_siwfrag, /* SIOCSIWFRAG */ 208 (iw_handler) cfg80211_wext_siwfrag, /* SIOCSIWFRAG */
@@ -611,14 +213,14 @@ static const iw_handler ieee80211_handler[] =
611 (iw_handler) cfg80211_wext_giwretry, /* SIOCGIWRETRY */ 213 (iw_handler) cfg80211_wext_giwretry, /* SIOCGIWRETRY */
612 (iw_handler) cfg80211_wext_siwencode, /* SIOCSIWENCODE */ 214 (iw_handler) cfg80211_wext_siwencode, /* SIOCSIWENCODE */
613 (iw_handler) cfg80211_wext_giwencode, /* SIOCGIWENCODE */ 215 (iw_handler) cfg80211_wext_giwencode, /* SIOCGIWENCODE */
614 (iw_handler) ieee80211_ioctl_siwpower, /* SIOCSIWPOWER */ 216 (iw_handler) cfg80211_wext_siwpower, /* SIOCSIWPOWER */
615 (iw_handler) ieee80211_ioctl_giwpower, /* SIOCGIWPOWER */ 217 (iw_handler) cfg80211_wext_giwpower, /* SIOCGIWPOWER */
616 (iw_handler) NULL, /* -- hole -- */ 218 (iw_handler) NULL, /* -- hole -- */
617 (iw_handler) NULL, /* -- hole -- */ 219 (iw_handler) NULL, /* -- hole -- */
618 (iw_handler) ieee80211_ioctl_siwgenie, /* SIOCSIWGENIE */ 220 (iw_handler) cfg80211_wext_siwgenie, /* SIOCSIWGENIE */
619 (iw_handler) NULL, /* SIOCGIWGENIE */ 221 (iw_handler) NULL, /* SIOCGIWGENIE */
620 (iw_handler) ieee80211_ioctl_siwauth, /* SIOCSIWAUTH */ 222 (iw_handler) cfg80211_wext_siwauth, /* SIOCSIWAUTH */
621 (iw_handler) ieee80211_ioctl_giwauth, /* SIOCGIWAUTH */ 223 (iw_handler) cfg80211_wext_giwauth, /* SIOCGIWAUTH */
622 (iw_handler) cfg80211_wext_siwencodeext, /* SIOCSIWENCODEEXT */ 224 (iw_handler) cfg80211_wext_siwencodeext, /* SIOCSIWENCODEEXT */
623 (iw_handler) NULL, /* SIOCGIWENCODEEXT */ 225 (iw_handler) NULL, /* SIOCGIWENCODEEXT */
624 (iw_handler) NULL, /* SIOCSIWPMKSA */ 226 (iw_handler) NULL, /* SIOCSIWPMKSA */
@@ -629,5 +231,5 @@ const struct iw_handler_def ieee80211_iw_handler_def =
629{ 231{
630 .num_standard = ARRAY_SIZE(ieee80211_handler), 232 .num_standard = ARRAY_SIZE(ieee80211_handler),
631 .standard = (iw_handler *) ieee80211_handler, 233 .standard = (iw_handler *) ieee80211_handler,
632 .get_wireless_stats = ieee80211_get_wireless_stats, 234 .get_wireless_stats = cfg80211_wireless_stats,
633}; 235};
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index 116a923b14d6..b19b7696f3a2 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -85,10 +85,8 @@ static u16 classify80211(struct ieee80211_local *local, struct sk_buff *skb)
85 return ieee802_1d_to_ac[skb->priority]; 85 return ieee802_1d_to_ac[skb->priority];
86} 86}
87 87
88u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb) 88void ieee80211_select_queue(struct ieee80211_local *local, struct sk_buff *skb)
89{ 89{
90 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
91 struct ieee80211_local *local = mpriv->local;
92 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 90 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
93 u16 queue; 91 u16 queue;
94 u8 tid; 92 u8 tid;
@@ -113,5 +111,5 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
113 *p = 0; 111 *p = 0;
114 } 112 }
115 113
116 return queue; 114 skb_set_queue_mapping(skb, queue);
117} 115}
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
index 7520d2e014dc..d4fd87ca5118 100644
--- a/net/mac80211/wme.h
+++ b/net/mac80211/wme.h
@@ -20,6 +20,7 @@
20 20
21extern const int ieee802_1d_to_ac[8]; 21extern const int ieee802_1d_to_ac[8];
22 22
23u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb); 23void ieee80211_select_queue(struct ieee80211_local *local,
24 struct sk_buff *skb);
24 25
25#endif /* _WME_H */ 26#endif /* _WME_H */
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index dcfae8884b86..70778694877b 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -122,7 +122,8 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
122 return RX_DROP_UNUSABLE; 122 return RX_DROP_UNUSABLE;
123 123
124 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx, 124 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx,
125 (void *) skb->data, NULL); 125 (void *) skb->data, NULL,
126 GFP_ATOMIC);
126 return RX_DROP_UNUSABLE; 127 return RX_DROP_UNUSABLE;
127 } 128 }
128 129
diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c
index 201b8ea3020d..c1781f80daf2 100644
--- a/net/netfilter/ipvs/ip_vs_app.c
+++ b/net/netfilter/ipvs/ip_vs_app.c
@@ -18,6 +18,9 @@
18 * 18 *
19 */ 19 */
20 20
21#define KMSG_COMPONENT "IPVS"
22#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/kernel.h> 25#include <linux/kernel.h>
23#include <linux/skbuff.h> 26#include <linux/skbuff.h>
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index 77bfdfeb966e..4173d7b1d4cc 100644
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -22,6 +22,9 @@
22 * 22 *
23 */ 23 */
24 24
25#define KMSG_COMPONENT "IPVS"
26#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
27
25#include <linux/interrupt.h> 28#include <linux/interrupt.h>
26#include <linux/in.h> 29#include <linux/in.h>
27#include <linux/net.h> 30#include <linux/net.h>
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index 8dddb17a947a..6811dcaca0f6 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -24,6 +24,9 @@
24 * 24 *
25 */ 25 */
26 26
27#define KMSG_COMPONENT "IPVS"
28#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
29
27#include <linux/module.h> 30#include <linux/module.h>
28#include <linux/kernel.h> 31#include <linux/kernel.h>
29#include <linux/ip.h> 32#include <linux/ip.h>
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 7c1333c67ff3..e6133ea1ea4c 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -18,6 +18,9 @@
18 * 18 *
19 */ 19 */
20 20
21#define KMSG_COMPONENT "IPVS"
22#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/init.h> 25#include <linux/init.h>
23#include <linux/types.h> 26#include <linux/types.h>
@@ -3231,7 +3234,7 @@ static int ip_vs_genl_get_cmd(struct sk_buff *skb, struct genl_info *info)
3231 } 3234 }
3232 3235
3233 genlmsg_end(msg, reply); 3236 genlmsg_end(msg, reply);
3234 ret = genlmsg_unicast(msg, info->snd_pid); 3237 ret = genlmsg_reply(msg, info);
3235 goto out; 3238 goto out;
3236 3239
3237nla_put_failure: 3240nla_put_failure:
diff --git a/net/netfilter/ipvs/ip_vs_dh.c b/net/netfilter/ipvs/ip_vs_dh.c
index a9dac74bb13f..d0c0594d1e2e 100644
--- a/net/netfilter/ipvs/ip_vs_dh.c
+++ b/net/netfilter/ipvs/ip_vs_dh.c
@@ -35,6 +35,9 @@
35 * 35 *
36 */ 36 */
37 37
38#define KMSG_COMPONENT "IPVS"
39#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
40
38#include <linux/ip.h> 41#include <linux/ip.h>
39#include <linux/module.h> 42#include <linux/module.h>
40#include <linux/kernel.h> 43#include <linux/kernel.h>
diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c
index 2eb2860dabb5..702b53ca937c 100644
--- a/net/netfilter/ipvs/ip_vs_est.c
+++ b/net/netfilter/ipvs/ip_vs_est.c
@@ -11,6 +11,10 @@
11 * Changes: 11 * Changes:
12 * 12 *
13 */ 13 */
14
15#define KMSG_COMPONENT "IPVS"
16#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
17
14#include <linux/kernel.h> 18#include <linux/kernel.h>
15#include <linux/jiffies.h> 19#include <linux/jiffies.h>
16#include <linux/slab.h> 20#include <linux/slab.h>
diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index 428edbf481cc..9c16a3f64c1b 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -22,6 +22,9 @@
22 * 22 *
23 */ 23 */
24 24
25#define KMSG_COMPONENT "IPVS"
26#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
27
25#include <linux/module.h> 28#include <linux/module.h>
26#include <linux/moduleparam.h> 29#include <linux/moduleparam.h>
27#include <linux/kernel.h> 30#include <linux/kernel.h>
diff --git a/net/netfilter/ipvs/ip_vs_lblc.c b/net/netfilter/ipvs/ip_vs_lblc.c
index 3eb5e2660c49..98fb185d890b 100644
--- a/net/netfilter/ipvs/ip_vs_lblc.c
+++ b/net/netfilter/ipvs/ip_vs_lblc.c
@@ -39,6 +39,9 @@
39 * me to write this module. 39 * me to write this module.
40 */ 40 */
41 41
42#define KMSG_COMPONENT "IPVS"
43#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
44
42#include <linux/ip.h> 45#include <linux/ip.h>
43#include <linux/module.h> 46#include <linux/module.h>
44#include <linux/kernel.h> 47#include <linux/kernel.h>
diff --git a/net/netfilter/ipvs/ip_vs_lblcr.c b/net/netfilter/ipvs/ip_vs_lblcr.c
index c04ce56c7f0f..5f5e5f4bad5e 100644
--- a/net/netfilter/ipvs/ip_vs_lblcr.c
+++ b/net/netfilter/ipvs/ip_vs_lblcr.c
@@ -37,6 +37,9 @@
37 * 37 *
38 */ 38 */
39 39
40#define KMSG_COMPONENT "IPVS"
41#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
42
40#include <linux/ip.h> 43#include <linux/ip.h>
41#include <linux/module.h> 44#include <linux/module.h>
42#include <linux/kernel.h> 45#include <linux/kernel.h>
diff --git a/net/netfilter/ipvs/ip_vs_lc.c b/net/netfilter/ipvs/ip_vs_lc.c
index d0dadc8a65fd..4ecd5e19c39a 100644
--- a/net/netfilter/ipvs/ip_vs_lc.c
+++ b/net/netfilter/ipvs/ip_vs_lc.c
@@ -14,6 +14,9 @@
14 * 14 *
15 */ 15 */
16 16
17#define KMSG_COMPONENT "IPVS"
18#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
19
17#include <linux/module.h> 20#include <linux/module.h>
18#include <linux/kernel.h> 21#include <linux/kernel.h>
19 22
diff --git a/net/netfilter/ipvs/ip_vs_nq.c b/net/netfilter/ipvs/ip_vs_nq.c
index 694952db5026..2224478bdea8 100644
--- a/net/netfilter/ipvs/ip_vs_nq.c
+++ b/net/netfilter/ipvs/ip_vs_nq.c
@@ -31,6 +31,9 @@
31 * 31 *
32 */ 32 */
33 33
34#define KMSG_COMPONENT "IPVS"
35#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
36
34#include <linux/module.h> 37#include <linux/module.h>
35#include <linux/kernel.h> 38#include <linux/kernel.h>
36 39
diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c
index a01520e3d6b8..a95bc4021c90 100644
--- a/net/netfilter/ipvs/ip_vs_proto.c
+++ b/net/netfilter/ipvs/ip_vs_proto.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/module.h> 19#include <linux/module.h>
17#include <linux/kernel.h> 20#include <linux/kernel.h>
18#include <linux/skbuff.h> 21#include <linux/skbuff.h>
@@ -181,7 +184,7 @@ ip_vs_tcpudp_debug_packet_v4(struct ip_vs_protocol *pp,
181 &ih->daddr, ntohs(pptr[1])); 184 &ih->daddr, ntohs(pptr[1]));
182 } 185 }
183 186
184 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 187 pr_debug("%s: %s\n", msg, buf);
185} 188}
186 189
187#ifdef CONFIG_IP_VS_IPV6 190#ifdef CONFIG_IP_VS_IPV6
@@ -215,7 +218,7 @@ ip_vs_tcpudp_debug_packet_v6(struct ip_vs_protocol *pp,
215 &ih->daddr, ntohs(pptr[1])); 218 &ih->daddr, ntohs(pptr[1]));
216 } 219 }
217 220
218 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 221 pr_debug("%s: %s\n", msg, buf);
219} 222}
220#endif 223#endif
221 224
diff --git a/net/netfilter/ipvs/ip_vs_proto_ah_esp.c b/net/netfilter/ipvs/ip_vs_proto_ah_esp.c
index 79f56c1e7c19..c30b43c36cd7 100644
--- a/net/netfilter/ipvs/ip_vs_proto_ah_esp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_ah_esp.c
@@ -10,6 +10,9 @@
10 * 10 *
11 */ 11 */
12 12
13#define KMSG_COMPONENT "IPVS"
14#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
15
13#include <linux/in.h> 16#include <linux/in.h>
14#include <linux/ip.h> 17#include <linux/ip.h>
15#include <linux/module.h> 18#include <linux/module.h>
@@ -138,7 +141,7 @@ ah_esp_debug_packet_v4(struct ip_vs_protocol *pp, const struct sk_buff *skb,
138 sprintf(buf, "%s %pI4->%pI4", 141 sprintf(buf, "%s %pI4->%pI4",
139 pp->name, &ih->saddr, &ih->daddr); 142 pp->name, &ih->saddr, &ih->daddr);
140 143
141 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 144 pr_debug("%s: %s\n", msg, buf);
142} 145}
143 146
144#ifdef CONFIG_IP_VS_IPV6 147#ifdef CONFIG_IP_VS_IPV6
@@ -156,7 +159,7 @@ ah_esp_debug_packet_v6(struct ip_vs_protocol *pp, const struct sk_buff *skb,
156 sprintf(buf, "%s %pI6->%pI6", 159 sprintf(buf, "%s %pI6->%pI6",
157 pp->name, &ih->saddr, &ih->daddr); 160 pp->name, &ih->saddr, &ih->daddr);
158 161
159 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 162 pr_debug("%s: %s\n", msg, buf);
160} 163}
161#endif 164#endif
162 165
diff --git a/net/netfilter/ipvs/ip_vs_proto_tcp.c b/net/netfilter/ipvs/ip_vs_proto_tcp.c
index 8cba41802850..c36c80d3a2b4 100644
--- a/net/netfilter/ipvs/ip_vs_proto_tcp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_tcp.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/kernel.h> 19#include <linux/kernel.h>
17#include <linux/ip.h> 20#include <linux/ip.h>
18#include <linux/tcp.h> /* for tcphdr */ 21#include <linux/tcp.h> /* for tcphdr */
diff --git a/net/netfilter/ipvs/ip_vs_proto_udp.c b/net/netfilter/ipvs/ip_vs_proto_udp.c
index d2930a71084b..96ebe40bc537 100644
--- a/net/netfilter/ipvs/ip_vs_proto_udp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_udp.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/in.h> 19#include <linux/in.h>
17#include <linux/ip.h> 20#include <linux/ip.h>
18#include <linux/kernel.h> 21#include <linux/kernel.h>
diff --git a/net/netfilter/ipvs/ip_vs_rr.c b/net/netfilter/ipvs/ip_vs_rr.c
index 2d16ab7f8c1e..b01007e1c11e 100644
--- a/net/netfilter/ipvs/ip_vs_rr.c
+++ b/net/netfilter/ipvs/ip_vs_rr.c
@@ -19,6 +19,9 @@
19 * 19 *
20 */ 20 */
21 21
22#define KMSG_COMPONENT "IPVS"
23#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
24
22#include <linux/module.h> 25#include <linux/module.h>
23#include <linux/kernel.h> 26#include <linux/kernel.h>
24 27
diff --git a/net/netfilter/ipvs/ip_vs_sched.c b/net/netfilter/ipvs/ip_vs_sched.c
index a46ad9e35016..87bc5ea0ef29 100644
--- a/net/netfilter/ipvs/ip_vs_sched.c
+++ b/net/netfilter/ipvs/ip_vs_sched.c
@@ -17,6 +17,9 @@
17 * 17 *
18 */ 18 */
19 19
20#define KMSG_COMPONENT "IPVS"
21#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
22
20#include <linux/module.h> 23#include <linux/module.h>
21#include <linux/spinlock.h> 24#include <linux/spinlock.h>
22#include <linux/interrupt.h> 25#include <linux/interrupt.h>
diff --git a/net/netfilter/ipvs/ip_vs_sed.c b/net/netfilter/ipvs/ip_vs_sed.c
index 20e4657d2f3b..4f745dd86dd8 100644
--- a/net/netfilter/ipvs/ip_vs_sed.c
+++ b/net/netfilter/ipvs/ip_vs_sed.c
@@ -35,6 +35,9 @@
35 * 35 *
36 */ 36 */
37 37
38#define KMSG_COMPONENT "IPVS"
39#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
40
38#include <linux/module.h> 41#include <linux/module.h>
39#include <linux/kernel.h> 42#include <linux/kernel.h>
40 43
diff --git a/net/netfilter/ipvs/ip_vs_sh.c b/net/netfilter/ipvs/ip_vs_sh.c
index 75709ebeb630..fb4d2d23f2fe 100644
--- a/net/netfilter/ipvs/ip_vs_sh.c
+++ b/net/netfilter/ipvs/ip_vs_sh.c
@@ -32,6 +32,9 @@
32 * 32 *
33 */ 33 */
34 34
35#define KMSG_COMPONENT "IPVS"
36#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
37
35#include <linux/ip.h> 38#include <linux/ip.h>
36#include <linux/module.h> 39#include <linux/module.h>
37#include <linux/kernel.h> 40#include <linux/kernel.h>
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index 5c48378a852f..cc04c99815fd 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -17,6 +17,9 @@
17 * Justin Ossevoort : Fix endian problem on sync message size. 17 * Justin Ossevoort : Fix endian problem on sync message size.
18 */ 18 */
19 19
20#define KMSG_COMPONENT "IPVS"
21#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
22
20#include <linux/module.h> 23#include <linux/module.h>
21#include <linux/slab.h> 24#include <linux/slab.h>
22#include <linux/inetdevice.h> 25#include <linux/inetdevice.h>
diff --git a/net/netfilter/ipvs/ip_vs_wlc.c b/net/netfilter/ipvs/ip_vs_wlc.c
index 8e942565b47d..bbddfdb10db2 100644
--- a/net/netfilter/ipvs/ip_vs_wlc.c
+++ b/net/netfilter/ipvs/ip_vs_wlc.c
@@ -19,6 +19,9 @@
19 * 19 *
20 */ 20 */
21 21
22#define KMSG_COMPONENT "IPVS"
23#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
24
22#include <linux/module.h> 25#include <linux/module.h>
23#include <linux/kernel.h> 26#include <linux/kernel.h>
24 27
diff --git a/net/netfilter/ipvs/ip_vs_wrr.c b/net/netfilter/ipvs/ip_vs_wrr.c
index f7d74ef1ecf9..c39ebb6c5a54 100644
--- a/net/netfilter/ipvs/ip_vs_wrr.c
+++ b/net/netfilter/ipvs/ip_vs_wrr.c
@@ -18,6 +18,9 @@
18 * 18 *
19 */ 19 */
20 20
21#define KMSG_COMPONENT "IPVS"
22#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/kernel.h> 25#include <linux/kernel.h>
23#include <linux/net.h> 26#include <linux/net.h>
diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c
index 5874657af7f2..061e76dfdad9 100644
--- a/net/netfilter/ipvs/ip_vs_xmit.c
+++ b/net/netfilter/ipvs/ip_vs_xmit.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/kernel.h> 19#include <linux/kernel.h>
17#include <linux/tcp.h> /* for tcphdr */ 20#include <linux/tcp.h> /* for tcphdr */
18#include <net/ip.h> 21#include <net/ip.h>
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c
index 16e6c4378ff1..6ce00205f342 100644
--- a/net/netlabel/netlabel_kapi.c
+++ b/net/netlabel/netlabel_kapi.c
@@ -185,8 +185,7 @@ int netlbl_cfg_unlbl_map_add(const char *domain,
185 return 0; 185 return 0;
186 186
187cfg_unlbl_map_add_failure: 187cfg_unlbl_map_add_failure:
188 if (entry != NULL) 188 kfree(entry->domain);
189 kfree(entry->domain);
190 kfree(entry); 189 kfree(entry);
191 kfree(addrmap); 190 kfree(addrmap);
192 kfree(map4); 191 kfree(map4);
@@ -385,8 +384,7 @@ int netlbl_cfg_cipsov4_map_add(u32 doi,
385 384
386cfg_cipsov4_map_add_failure: 385cfg_cipsov4_map_add_failure:
387 cipso_v4_doi_putdef(doi_def); 386 cipso_v4_doi_putdef(doi_def);
388 if (entry != NULL) 387 kfree(entry->domain);
389 kfree(entry->domain);
390 kfree(entry); 388 kfree(entry);
391 kfree(addrmap); 389 kfree(addrmap);
392 kfree(addrinfo); 390 kfree(addrinfo);
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 2936fa3b6dc8..da3163d15ef0 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -83,6 +83,11 @@ struct netlink_sock {
83 struct module *module; 83 struct module *module;
84}; 84};
85 85
86struct listeners_rcu_head {
87 struct rcu_head rcu_head;
88 void *ptr;
89};
90
86#define NETLINK_KERNEL_SOCKET 0x1 91#define NETLINK_KERNEL_SOCKET 0x1
87#define NETLINK_RECV_PKTINFO 0x2 92#define NETLINK_RECV_PKTINFO 0x2
88#define NETLINK_BROADCAST_SEND_ERROR 0x4 93#define NETLINK_BROADCAST_SEND_ERROR 0x4
@@ -1356,7 +1361,7 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1356 struct netlink_sock *nlk = nlk_sk(sk); 1361 struct netlink_sock *nlk = nlk_sk(sk);
1357 int noblock = flags&MSG_DONTWAIT; 1362 int noblock = flags&MSG_DONTWAIT;
1358 size_t copied; 1363 size_t copied;
1359 struct sk_buff *skb; 1364 struct sk_buff *skb, *frag __maybe_unused = NULL;
1360 int err; 1365 int err;
1361 1366
1362 if (flags&MSG_OOB) 1367 if (flags&MSG_OOB)
@@ -1368,6 +1373,35 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1368 if (skb == NULL) 1373 if (skb == NULL)
1369 goto out; 1374 goto out;
1370 1375
1376#ifdef CONFIG_COMPAT_NETLINK_MESSAGES
1377 if (unlikely(skb_shinfo(skb)->frag_list)) {
1378 bool need_compat = !!(flags & MSG_CMSG_COMPAT);
1379
1380 /*
1381 * If this skb has a frag_list, then here that means that
1382 * we will have to use the frag_list skb for compat tasks
1383 * and the regular skb for non-compat tasks.
1384 *
1385 * The skb might (and likely will) be cloned, so we can't
1386 * just reset frag_list and go on with things -- we need to
1387 * keep that. For the compat case that's easy -- simply get
1388 * a reference to the compat skb and free the regular one
1389 * including the frag. For the non-compat case, we need to
1390 * avoid sending the frag to the user -- so assign NULL but
1391 * restore it below before freeing the skb.
1392 */
1393 if (need_compat) {
1394 struct sk_buff *compskb = skb_shinfo(skb)->frag_list;
1395 skb_get(compskb);
1396 kfree_skb(skb);
1397 skb = compskb;
1398 } else {
1399 frag = skb_shinfo(skb)->frag_list;
1400 skb_shinfo(skb)->frag_list = NULL;
1401 }
1402 }
1403#endif
1404
1371 msg->msg_namelen = 0; 1405 msg->msg_namelen = 0;
1372 1406
1373 copied = skb->len; 1407 copied = skb->len;
@@ -1398,6 +1432,11 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1398 siocb->scm->creds = *NETLINK_CREDS(skb); 1432 siocb->scm->creds = *NETLINK_CREDS(skb);
1399 if (flags & MSG_TRUNC) 1433 if (flags & MSG_TRUNC)
1400 copied = skb->len; 1434 copied = skb->len;
1435
1436#ifdef CONFIG_COMPAT_NETLINK_MESSAGES
1437 skb_shinfo(skb)->frag_list = frag;
1438#endif
1439
1401 skb_free_datagram(sk, skb); 1440 skb_free_datagram(sk, skb);
1402 1441
1403 if (nlk->cb && atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf / 2) 1442 if (nlk->cb && atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf / 2)
@@ -1453,7 +1492,8 @@ netlink_kernel_create(struct net *net, int unit, unsigned int groups,
1453 if (groups < 32) 1492 if (groups < 32)
1454 groups = 32; 1493 groups = 32;
1455 1494
1456 listeners = kzalloc(NLGRPSZ(groups), GFP_KERNEL); 1495 listeners = kzalloc(NLGRPSZ(groups) + sizeof(struct listeners_rcu_head),
1496 GFP_KERNEL);
1457 if (!listeners) 1497 if (!listeners)
1458 goto out_sock_release; 1498 goto out_sock_release;
1459 1499
@@ -1501,6 +1541,14 @@ netlink_kernel_release(struct sock *sk)
1501EXPORT_SYMBOL(netlink_kernel_release); 1541EXPORT_SYMBOL(netlink_kernel_release);
1502 1542
1503 1543
1544static void netlink_free_old_listeners(struct rcu_head *rcu_head)
1545{
1546 struct listeners_rcu_head *lrh;
1547
1548 lrh = container_of(rcu_head, struct listeners_rcu_head, rcu_head);
1549 kfree(lrh->ptr);
1550}
1551
1504/** 1552/**
1505 * netlink_change_ngroups - change number of multicast groups 1553 * netlink_change_ngroups - change number of multicast groups
1506 * 1554 *
@@ -1516,6 +1564,7 @@ EXPORT_SYMBOL(netlink_kernel_release);
1516int netlink_change_ngroups(struct sock *sk, unsigned int groups) 1564int netlink_change_ngroups(struct sock *sk, unsigned int groups)
1517{ 1565{
1518 unsigned long *listeners, *old = NULL; 1566 unsigned long *listeners, *old = NULL;
1567 struct listeners_rcu_head *old_rcu_head;
1519 struct netlink_table *tbl = &nl_table[sk->sk_protocol]; 1568 struct netlink_table *tbl = &nl_table[sk->sk_protocol];
1520 int err = 0; 1569 int err = 0;
1521 1570
@@ -1524,7 +1573,9 @@ int netlink_change_ngroups(struct sock *sk, unsigned int groups)
1524 1573
1525 netlink_table_grab(); 1574 netlink_table_grab();
1526 if (NLGRPSZ(tbl->groups) < NLGRPSZ(groups)) { 1575 if (NLGRPSZ(tbl->groups) < NLGRPSZ(groups)) {
1527 listeners = kzalloc(NLGRPSZ(groups), GFP_ATOMIC); 1576 listeners = kzalloc(NLGRPSZ(groups) +
1577 sizeof(struct listeners_rcu_head),
1578 GFP_ATOMIC);
1528 if (!listeners) { 1579 if (!listeners) {
1529 err = -ENOMEM; 1580 err = -ENOMEM;
1530 goto out_ungrab; 1581 goto out_ungrab;
@@ -1532,16 +1583,24 @@ int netlink_change_ngroups(struct sock *sk, unsigned int groups)
1532 old = tbl->listeners; 1583 old = tbl->listeners;
1533 memcpy(listeners, old, NLGRPSZ(tbl->groups)); 1584 memcpy(listeners, old, NLGRPSZ(tbl->groups));
1534 rcu_assign_pointer(tbl->listeners, listeners); 1585 rcu_assign_pointer(tbl->listeners, listeners);
1586 /*
1587 * Free the old memory after an RCU grace period so we
1588 * don't leak it. We use call_rcu() here in order to be
1589 * able to call this function from atomic contexts. The
1590 * allocation of this memory will have reserved enough
1591 * space for struct listeners_rcu_head at the end.
1592 */
1593 old_rcu_head = (void *)(tbl->listeners +
1594 NLGRPLONGS(tbl->groups));
1595 old_rcu_head->ptr = old;
1596 call_rcu(&old_rcu_head->rcu_head, netlink_free_old_listeners);
1535 } 1597 }
1536 tbl->groups = groups; 1598 tbl->groups = groups;
1537 1599
1538 out_ungrab: 1600 out_ungrab:
1539 netlink_table_ungrab(); 1601 netlink_table_ungrab();
1540 synchronize_rcu();
1541 kfree(old);
1542 return err; 1602 return err;
1543} 1603}
1544EXPORT_SYMBOL(netlink_change_ngroups);
1545 1604
1546/** 1605/**
1547 * netlink_clear_multicast_users - kick off multicast listeners 1606 * netlink_clear_multicast_users - kick off multicast listeners
@@ -1564,7 +1623,6 @@ void netlink_clear_multicast_users(struct sock *ksk, unsigned int group)
1564 1623
1565 netlink_table_ungrab(); 1624 netlink_table_ungrab();
1566} 1625}
1567EXPORT_SYMBOL(netlink_clear_multicast_users);
1568 1626
1569void netlink_set_nonroot(int protocol, unsigned int flags) 1627void netlink_set_nonroot(int protocol, unsigned int flags)
1570{ 1628{
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index eed4c6a8afc0..575c64341508 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -18,8 +18,6 @@
18#include <net/sock.h> 18#include <net/sock.h>
19#include <net/genetlink.h> 19#include <net/genetlink.h>
20 20
21struct sock *genl_sock = NULL;
22
23static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ 21static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */
24 22
25static inline void genl_lock(void) 23static inline void genl_lock(void)
@@ -175,10 +173,31 @@ int genl_register_mc_group(struct genl_family *family,
175 mc_groups_longs++; 173 mc_groups_longs++;
176 } 174 }
177 175
178 err = netlink_change_ngroups(genl_sock, 176 if (family->netnsok) {
179 mc_groups_longs * BITS_PER_LONG); 177 struct net *net;
180 if (err) 178
181 goto out; 179 rcu_read_lock();
180 for_each_net_rcu(net) {
181 err = netlink_change_ngroups(net->genl_sock,
182 mc_groups_longs * BITS_PER_LONG);
183 if (err) {
184 /*
185 * No need to roll back, can only fail if
186 * memory allocation fails and then the
187 * number of _possible_ groups has been
188 * increased on some sockets which is ok.
189 */
190 rcu_read_unlock();
191 goto out;
192 }
193 }
194 rcu_read_unlock();
195 } else {
196 err = netlink_change_ngroups(init_net.genl_sock,
197 mc_groups_longs * BITS_PER_LONG);
198 if (err)
199 goto out;
200 }
182 201
183 grp->id = id; 202 grp->id = id;
184 set_bit(id, mc_groups); 203 set_bit(id, mc_groups);
@@ -195,8 +214,14 @@ EXPORT_SYMBOL(genl_register_mc_group);
195static void __genl_unregister_mc_group(struct genl_family *family, 214static void __genl_unregister_mc_group(struct genl_family *family,
196 struct genl_multicast_group *grp) 215 struct genl_multicast_group *grp)
197{ 216{
217 struct net *net;
198 BUG_ON(grp->family != family); 218 BUG_ON(grp->family != family);
199 netlink_clear_multicast_users(genl_sock, grp->id); 219
220 rcu_read_lock();
221 for_each_net_rcu(net)
222 netlink_clear_multicast_users(net->genl_sock, grp->id);
223 rcu_read_unlock();
224
200 clear_bit(grp->id, mc_groups); 225 clear_bit(grp->id, mc_groups);
201 list_del(&grp->list); 226 list_del(&grp->list);
202 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp); 227 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
@@ -467,6 +492,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
467{ 492{
468 struct genl_ops *ops; 493 struct genl_ops *ops;
469 struct genl_family *family; 494 struct genl_family *family;
495 struct net *net = sock_net(skb->sk);
470 struct genl_info info; 496 struct genl_info info;
471 struct genlmsghdr *hdr = nlmsg_data(nlh); 497 struct genlmsghdr *hdr = nlmsg_data(nlh);
472 int hdrlen, err; 498 int hdrlen, err;
@@ -475,6 +501,10 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
475 if (family == NULL) 501 if (family == NULL)
476 return -ENOENT; 502 return -ENOENT;
477 503
504 /* this family doesn't exist in this netns */
505 if (!family->netnsok && !net_eq(net, &init_net))
506 return -ENOENT;
507
478 hdrlen = GENL_HDRLEN + family->hdrsize; 508 hdrlen = GENL_HDRLEN + family->hdrsize;
479 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) 509 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
480 return -EINVAL; 510 return -EINVAL;
@@ -492,7 +522,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
492 return -EOPNOTSUPP; 522 return -EOPNOTSUPP;
493 523
494 genl_unlock(); 524 genl_unlock();
495 err = netlink_dump_start(genl_sock, skb, nlh, 525 err = netlink_dump_start(net->genl_sock, skb, nlh,
496 ops->dumpit, ops->done); 526 ops->dumpit, ops->done);
497 genl_lock(); 527 genl_lock();
498 return err; 528 return err;
@@ -514,6 +544,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
514 info.genlhdr = nlmsg_data(nlh); 544 info.genlhdr = nlmsg_data(nlh);
515 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN; 545 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN;
516 info.attrs = family->attrbuf; 546 info.attrs = family->attrbuf;
547 genl_info_net_set(&info, net);
517 548
518 return ops->doit(skb, &info); 549 return ops->doit(skb, &info);
519} 550}
@@ -534,6 +565,7 @@ static struct genl_family genl_ctrl = {
534 .name = "nlctrl", 565 .name = "nlctrl",
535 .version = 0x2, 566 .version = 0x2,
536 .maxattr = CTRL_ATTR_MAX, 567 .maxattr = CTRL_ATTR_MAX,
568 .netnsok = true,
537}; 569};
538 570
539static int ctrl_fill_info(struct genl_family *family, u32 pid, u32 seq, 571static int ctrl_fill_info(struct genl_family *family, u32 pid, u32 seq,
@@ -650,6 +682,7 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
650 682
651 int i, n = 0; 683 int i, n = 0;
652 struct genl_family *rt; 684 struct genl_family *rt;
685 struct net *net = sock_net(skb->sk);
653 int chains_to_skip = cb->args[0]; 686 int chains_to_skip = cb->args[0];
654 int fams_to_skip = cb->args[1]; 687 int fams_to_skip = cb->args[1];
655 688
@@ -658,6 +691,8 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
658 continue; 691 continue;
659 n = 0; 692 n = 0;
660 list_for_each_entry(rt, genl_family_chain(i), family_list) { 693 list_for_each_entry(rt, genl_family_chain(i), family_list) {
694 if (!rt->netnsok && !net_eq(net, &init_net))
695 continue;
661 if (++n < fams_to_skip) 696 if (++n < fams_to_skip)
662 continue; 697 continue;
663 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).pid, 698 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).pid,
@@ -729,6 +764,7 @@ static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info)
729 if (info->attrs[CTRL_ATTR_FAMILY_ID]) { 764 if (info->attrs[CTRL_ATTR_FAMILY_ID]) {
730 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]); 765 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]);
731 res = genl_family_find_byid(id); 766 res = genl_family_find_byid(id);
767 err = -ENOENT;
732 } 768 }
733 769
734 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) { 770 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) {
@@ -736,49 +772,61 @@ static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info)
736 772
737 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]); 773 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]);
738 res = genl_family_find_byname(name); 774 res = genl_family_find_byname(name);
775 err = -ENOENT;
739 } 776 }
740 777
741 if (res == NULL) { 778 if (res == NULL)
742 err = -ENOENT; 779 return err;
743 goto errout; 780
781 if (!res->netnsok && !net_eq(genl_info_net(info), &init_net)) {
782 /* family doesn't exist here */
783 return -ENOENT;
744 } 784 }
745 785
746 msg = ctrl_build_family_msg(res, info->snd_pid, info->snd_seq, 786 msg = ctrl_build_family_msg(res, info->snd_pid, info->snd_seq,
747 CTRL_CMD_NEWFAMILY); 787 CTRL_CMD_NEWFAMILY);
748 if (IS_ERR(msg)) { 788 if (IS_ERR(msg))
749 err = PTR_ERR(msg); 789 return PTR_ERR(msg);
750 goto errout;
751 }
752 790
753 err = genlmsg_reply(msg, info); 791 return genlmsg_reply(msg, info);
754errout:
755 return err;
756} 792}
757 793
758static int genl_ctrl_event(int event, void *data) 794static int genl_ctrl_event(int event, void *data)
759{ 795{
760 struct sk_buff *msg; 796 struct sk_buff *msg;
797 struct genl_family *family;
798 struct genl_multicast_group *grp;
761 799
762 if (genl_sock == NULL) 800 /* genl is still initialising */
801 if (!init_net.genl_sock)
763 return 0; 802 return 0;
764 803
765 switch (event) { 804 switch (event) {
766 case CTRL_CMD_NEWFAMILY: 805 case CTRL_CMD_NEWFAMILY:
767 case CTRL_CMD_DELFAMILY: 806 case CTRL_CMD_DELFAMILY:
768 msg = ctrl_build_family_msg(data, 0, 0, event); 807 family = data;
769 if (IS_ERR(msg)) 808 msg = ctrl_build_family_msg(family, 0, 0, event);
770 return PTR_ERR(msg);
771
772 genlmsg_multicast(msg, 0, GENL_ID_CTRL, GFP_KERNEL);
773 break; 809 break;
774 case CTRL_CMD_NEWMCAST_GRP: 810 case CTRL_CMD_NEWMCAST_GRP:
775 case CTRL_CMD_DELMCAST_GRP: 811 case CTRL_CMD_DELMCAST_GRP:
812 grp = data;
813 family = grp->family;
776 msg = ctrl_build_mcgrp_msg(data, 0, 0, event); 814 msg = ctrl_build_mcgrp_msg(data, 0, 0, event);
777 if (IS_ERR(msg))
778 return PTR_ERR(msg);
779
780 genlmsg_multicast(msg, 0, GENL_ID_CTRL, GFP_KERNEL);
781 break; 815 break;
816 default:
817 return -EINVAL;
818 }
819
820 if (IS_ERR(msg))
821 return PTR_ERR(msg);
822
823 if (!family->netnsok) {
824 genlmsg_multicast_netns(&init_net, msg, 0,
825 GENL_ID_CTRL, GFP_KERNEL);
826 } else {
827 rcu_read_lock();
828 genlmsg_multicast_allns(msg, 0, GENL_ID_CTRL, GFP_ATOMIC);
829 rcu_read_unlock();
782 } 830 }
783 831
784 return 0; 832 return 0;
@@ -795,6 +843,33 @@ static struct genl_multicast_group notify_grp = {
795 .name = "notify", 843 .name = "notify",
796}; 844};
797 845
846static int __net_init genl_pernet_init(struct net *net)
847{
848 /* we'll bump the group number right afterwards */
849 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, 0,
850 genl_rcv, &genl_mutex,
851 THIS_MODULE);
852
853 if (!net->genl_sock && net_eq(net, &init_net))
854 panic("GENL: Cannot initialize generic netlink\n");
855
856 if (!net->genl_sock)
857 return -ENOMEM;
858
859 return 0;
860}
861
862static void __net_exit genl_pernet_exit(struct net *net)
863{
864 netlink_kernel_release(net->genl_sock);
865 net->genl_sock = NULL;
866}
867
868static struct pernet_operations genl_pernet_ops = {
869 .init = genl_pernet_init,
870 .exit = genl_pernet_exit,
871};
872
798static int __init genl_init(void) 873static int __init genl_init(void)
799{ 874{
800 int i, err; 875 int i, err;
@@ -804,36 +879,67 @@ static int __init genl_init(void)
804 879
805 err = genl_register_family(&genl_ctrl); 880 err = genl_register_family(&genl_ctrl);
806 if (err < 0) 881 if (err < 0)
807 goto errout; 882 goto problem;
808 883
809 err = genl_register_ops(&genl_ctrl, &genl_ctrl_ops); 884 err = genl_register_ops(&genl_ctrl, &genl_ctrl_ops);
810 if (err < 0) 885 if (err < 0)
811 goto errout_register; 886 goto problem;
812 887
813 netlink_set_nonroot(NETLINK_GENERIC, NL_NONROOT_RECV); 888 netlink_set_nonroot(NETLINK_GENERIC, NL_NONROOT_RECV);
814 889
815 /* we'll bump the group number right afterwards */ 890 err = register_pernet_subsys(&genl_pernet_ops);
816 genl_sock = netlink_kernel_create(&init_net, NETLINK_GENERIC, 0, 891 if (err)
817 genl_rcv, &genl_mutex, THIS_MODULE); 892 goto problem;
818 if (genl_sock == NULL)
819 panic("GENL: Cannot initialize generic netlink\n");
820 893
821 err = genl_register_mc_group(&genl_ctrl, &notify_grp); 894 err = genl_register_mc_group(&genl_ctrl, &notify_grp);
822 if (err < 0) 895 if (err < 0)
823 goto errout_register; 896 goto problem;
824 897
825 return 0; 898 return 0;
826 899
827errout_register: 900problem:
828 genl_unregister_family(&genl_ctrl);
829errout:
830 panic("GENL: Cannot register controller: %d\n", err); 901 panic("GENL: Cannot register controller: %d\n", err);
831} 902}
832 903
833subsys_initcall(genl_init); 904subsys_initcall(genl_init);
834 905
835EXPORT_SYMBOL(genl_sock);
836EXPORT_SYMBOL(genl_register_ops); 906EXPORT_SYMBOL(genl_register_ops);
837EXPORT_SYMBOL(genl_unregister_ops); 907EXPORT_SYMBOL(genl_unregister_ops);
838EXPORT_SYMBOL(genl_register_family); 908EXPORT_SYMBOL(genl_register_family);
839EXPORT_SYMBOL(genl_unregister_family); 909EXPORT_SYMBOL(genl_unregister_family);
910
911static int genlmsg_mcast(struct sk_buff *skb, u32 pid, unsigned long group,
912 gfp_t flags)
913{
914 struct sk_buff *tmp;
915 struct net *net, *prev = NULL;
916 int err;
917
918 for_each_net_rcu(net) {
919 if (prev) {
920 tmp = skb_clone(skb, flags);
921 if (!tmp) {
922 err = -ENOMEM;
923 goto error;
924 }
925 err = nlmsg_multicast(prev->genl_sock, tmp,
926 pid, group, flags);
927 if (err)
928 goto error;
929 }
930
931 prev = net;
932 }
933
934 return nlmsg_multicast(prev->genl_sock, skb, pid, group, flags);
935 error:
936 kfree_skb(skb);
937 return err;
938}
939
940int genlmsg_multicast_allns(struct sk_buff *skb, u32 pid, unsigned int group,
941 gfp_t flags)
942{
943 return genlmsg_mcast(skb, pid, group, flags);
944}
945EXPORT_SYMBOL(genlmsg_multicast_allns);
diff --git a/net/netrom/nr_dev.c b/net/netrom/nr_dev.c
index 351372463fed..c7b7838a0519 100644
--- a/net/netrom/nr_dev.c
+++ b/net/netrom/nr_dev.c
@@ -177,13 +177,13 @@ static int nr_xmit(struct sk_buff *skb, struct net_device *dev)
177 if (!nr_route_frame(skb, NULL)) { 177 if (!nr_route_frame(skb, NULL)) {
178 kfree_skb(skb); 178 kfree_skb(skb);
179 stats->tx_errors++; 179 stats->tx_errors++;
180 return 0; 180 return NETDEV_TX_OK;
181 } 181 }
182 182
183 stats->tx_packets++; 183 stats->tx_packets++;
184 stats->tx_bytes += len; 184 stats->tx_bytes += len;
185 185
186 return 0; 186 return NETDEV_TX_OK;
187} 187}
188 188
189static const struct header_ops nr_header_ops = { 189static const struct header_ops nr_header_ops = {
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index ebe5718baa31..d3d52c66cdc2 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -137,8 +137,7 @@ dev->hard_header == NULL (ll header is added by device, we cannot control it)
137 137
138/* Private packet socket structures. */ 138/* Private packet socket structures. */
139 139
140struct packet_mclist 140struct packet_mclist {
141{
142 struct packet_mclist *next; 141 struct packet_mclist *next;
143 int ifindex; 142 int ifindex;
144 int count; 143 int count;
@@ -149,8 +148,7 @@ struct packet_mclist
149/* identical to struct packet_mreq except it has 148/* identical to struct packet_mreq except it has
150 * a longer address field. 149 * a longer address field.
151 */ 150 */
152struct packet_mreq_max 151struct packet_mreq_max {
153{
154 int mr_ifindex; 152 int mr_ifindex;
155 unsigned short mr_type; 153 unsigned short mr_type;
156 unsigned short mr_alen; 154 unsigned short mr_alen;
@@ -162,7 +160,7 @@ static int packet_set_ring(struct sock *sk, struct tpacket_req *req,
162 int closing, int tx_ring); 160 int closing, int tx_ring);
163 161
164struct packet_ring_buffer { 162struct packet_ring_buffer {
165 char * *pg_vec; 163 char **pg_vec;
166 unsigned int head; 164 unsigned int head;
167 unsigned int frames_per_block; 165 unsigned int frames_per_block;
168 unsigned int frame_size; 166 unsigned int frame_size;
@@ -239,7 +237,7 @@ static void __packet_set_status(struct packet_sock *po, void *frame, int status)
239 flush_dcache_page(virt_to_page(&h.h2->tp_status)); 237 flush_dcache_page(virt_to_page(&h.h2->tp_status));
240 break; 238 break;
241 default: 239 default:
242 printk(KERN_ERR "TPACKET version not supported\n"); 240 pr_err("TPACKET version not supported\n");
243 BUG(); 241 BUG();
244 } 242 }
245 243
@@ -265,7 +263,7 @@ static int __packet_get_status(struct packet_sock *po, void *frame)
265 flush_dcache_page(virt_to_page(&h.h2->tp_status)); 263 flush_dcache_page(virt_to_page(&h.h2->tp_status));
266 return h.h2->tp_status; 264 return h.h2->tp_status;
267 default: 265 default:
268 printk(KERN_ERR "TPACKET version not supported\n"); 266 pr_err("TPACKET version not supported\n");
269 BUG(); 267 BUG();
270 return 0; 268 return 0;
271 } 269 }
@@ -327,7 +325,7 @@ static void packet_sock_destruct(struct sock *sk)
327 WARN_ON(atomic_read(&sk->sk_wmem_alloc)); 325 WARN_ON(atomic_read(&sk->sk_wmem_alloc));
328 326
329 if (!sock_flag(sk, SOCK_DEAD)) { 327 if (!sock_flag(sk, SOCK_DEAD)) {
330 printk("Attempt to release alive packet socket: %p\n", sk); 328 pr_err("Attempt to release alive packet socket: %p\n", sk);
331 return; 329 return;
332 } 330 }
333 331
@@ -339,7 +337,8 @@ static const struct proto_ops packet_ops;
339 337
340static const struct proto_ops packet_ops_spkt; 338static const struct proto_ops packet_ops_spkt;
341 339
342static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) 340static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev,
341 struct packet_type *pt, struct net_device *orig_dev)
343{ 342{
344 struct sock *sk; 343 struct sock *sk;
345 struct sockaddr_pkt *spkt; 344 struct sockaddr_pkt *spkt;
@@ -368,7 +367,8 @@ static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct
368 if (dev_net(dev) != sock_net(sk)) 367 if (dev_net(dev) != sock_net(sk))
369 goto out; 368 goto out;
370 369
371 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) 370 skb = skb_share_check(skb, GFP_ATOMIC);
371 if (skb == NULL)
372 goto oom; 372 goto oom;
373 373
374 /* drop any routing info */ 374 /* drop any routing info */
@@ -394,7 +394,7 @@ static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct
394 * to prevent sockets using all the memory up. 394 * to prevent sockets using all the memory up.
395 */ 395 */
396 396
397 if (sock_queue_rcv_skb(sk,skb) == 0) 397 if (sock_queue_rcv_skb(sk, skb) == 0)
398 return 0; 398 return 0;
399 399
400out: 400out:
@@ -413,25 +413,23 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
413 struct msghdr *msg, size_t len) 413 struct msghdr *msg, size_t len)
414{ 414{
415 struct sock *sk = sock->sk; 415 struct sock *sk = sock->sk;
416 struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name; 416 struct sockaddr_pkt *saddr = (struct sockaddr_pkt *)msg->msg_name;
417 struct sk_buff *skb; 417 struct sk_buff *skb;
418 struct net_device *dev; 418 struct net_device *dev;
419 __be16 proto=0; 419 __be16 proto = 0;
420 int err; 420 int err;
421 421
422 /* 422 /*
423 * Get and verify the address. 423 * Get and verify the address.
424 */ 424 */
425 425
426 if (saddr) 426 if (saddr) {
427 {
428 if (msg->msg_namelen < sizeof(struct sockaddr)) 427 if (msg->msg_namelen < sizeof(struct sockaddr))
429 return(-EINVAL); 428 return -EINVAL;
430 if (msg->msg_namelen==sizeof(struct sockaddr_pkt)) 429 if (msg->msg_namelen == sizeof(struct sockaddr_pkt))
431 proto=saddr->spkt_protocol; 430 proto = saddr->spkt_protocol;
432 } 431 } else
433 else 432 return -ENOTCONN; /* SOCK_PACKET must be sent giving an address */
434 return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */
435 433
436 /* 434 /*
437 * Find the device first to size check it 435 * Find the device first to size check it
@@ -448,8 +446,8 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
448 goto out_unlock; 446 goto out_unlock;
449 447
450 /* 448 /*
451 * You may not queue a frame bigger than the mtu. This is the lowest level 449 * You may not queue a frame bigger than the mtu. This is the lowest level
452 * raw protocol and you must do your own fragmentation at this level. 450 * raw protocol and you must do your own fragmentation at this level.
453 */ 451 */
454 452
455 err = -EMSGSIZE; 453 err = -EMSGSIZE;
@@ -460,9 +458,9 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
460 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL); 458 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL);
461 459
462 /* 460 /*
463 * If the write buffer is full, then tough. At this level the user gets to 461 * If the write buffer is full, then tough. At this level the user
464 * deal with the problem - do your own algorithmic backoffs. That's far 462 * gets to deal with the problem - do your own algorithmic backoffs.
465 * more flexible. 463 * That's far more flexible.
466 */ 464 */
467 465
468 if (skb == NULL) 466 if (skb == NULL)
@@ -488,7 +486,7 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
488 } 486 }
489 487
490 /* Returns -EFAULT on error */ 488 /* Returns -EFAULT on error */
491 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); 489 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
492 skb->protocol = proto; 490 skb->protocol = proto;
493 skb->dev = dev; 491 skb->dev = dev;
494 skb->priority = sk->sk_priority; 492 skb->priority = sk->sk_priority;
@@ -501,7 +499,7 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
501 499
502 dev_queue_xmit(skb); 500 dev_queue_xmit(skb);
503 dev_put(dev); 501 dev_put(dev);
504 return(len); 502 return len;
505 503
506out_free: 504out_free:
507 kfree_skb(skb); 505 kfree_skb(skb);
@@ -537,12 +535,13 @@ static inline unsigned int run_filter(struct sk_buff *skb, struct sock *sk,
537 we will not harm anyone. 535 we will not harm anyone.
538 */ 536 */
539 537
540static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) 538static int packet_rcv(struct sk_buff *skb, struct net_device *dev,
539 struct packet_type *pt, struct net_device *orig_dev)
541{ 540{
542 struct sock *sk; 541 struct sock *sk;
543 struct sockaddr_ll *sll; 542 struct sockaddr_ll *sll;
544 struct packet_sock *po; 543 struct packet_sock *po;
545 u8 * skb_head = skb->data; 544 u8 *skb_head = skb->data;
546 int skb_len = skb->len; 545 int skb_len = skb->len;
547 unsigned int snaplen, res; 546 unsigned int snaplen, res;
548 547
@@ -648,7 +647,8 @@ drop:
648} 647}
649 648
650#ifdef CONFIG_PACKET_MMAP 649#ifdef CONFIG_PACKET_MMAP
651static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) 650static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev,
651 struct packet_type *pt, struct net_device *orig_dev)
652{ 652{
653 struct sock *sk; 653 struct sock *sk;
654 struct packet_sock *po; 654 struct packet_sock *po;
@@ -658,7 +658,7 @@ static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packe
658 struct tpacket2_hdr *h2; 658 struct tpacket2_hdr *h2;
659 void *raw; 659 void *raw;
660 } h; 660 } h;
661 u8 * skb_head = skb->data; 661 u8 *skb_head = skb->data;
662 int skb_len = skb->len; 662 int skb_len = skb->len;
663 unsigned int snaplen, res; 663 unsigned int snaplen, res;
664 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER; 664 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER;
@@ -821,7 +821,7 @@ ring_is_full:
821static void tpacket_destruct_skb(struct sk_buff *skb) 821static void tpacket_destruct_skb(struct sk_buff *skb)
822{ 822{
823 struct packet_sock *po = pkt_sk(skb->sk); 823 struct packet_sock *po = pkt_sk(skb->sk);
824 void * ph; 824 void *ph;
825 825
826 BUG_ON(skb == NULL); 826 BUG_ON(skb == NULL);
827 827
@@ -836,9 +836,9 @@ static void tpacket_destruct_skb(struct sk_buff *skb)
836 sock_wfree(skb); 836 sock_wfree(skb);
837} 837}
838 838
839static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb, 839static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb,
840 void * frame, struct net_device *dev, int size_max, 840 void *frame, struct net_device *dev, int size_max,
841 __be16 proto, unsigned char * addr) 841 __be16 proto, unsigned char *addr)
842{ 842{
843 union { 843 union {
844 struct tpacket_hdr *h1; 844 struct tpacket_hdr *h1;
@@ -867,8 +867,7 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb,
867 break; 867 break;
868 } 868 }
869 if (unlikely(tp_len > size_max)) { 869 if (unlikely(tp_len > size_max)) {
870 printk(KERN_ERR "packet size is too long (%d > %d)\n", 870 pr_err("packet size is too long (%d > %d)\n", tp_len, size_max);
871 tp_len, size_max);
872 return -EMSGSIZE; 871 return -EMSGSIZE;
873 } 872 }
874 873
@@ -883,12 +882,11 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb,
883 NULL, tp_len); 882 NULL, tp_len);
884 if (unlikely(err < 0)) 883 if (unlikely(err < 0))
885 return -EINVAL; 884 return -EINVAL;
886 } else if (dev->hard_header_len ) { 885 } else if (dev->hard_header_len) {
887 /* net device doesn't like empty head */ 886 /* net device doesn't like empty head */
888 if (unlikely(tp_len <= dev->hard_header_len)) { 887 if (unlikely(tp_len <= dev->hard_header_len)) {
889 printk(KERN_ERR "packet size is too short " 888 pr_err("packet size is too short (%d < %d)\n",
890 "(%d < %d)\n", tp_len, 889 tp_len, dev->hard_header_len);
891 dev->hard_header_len);
892 return -EINVAL; 890 return -EINVAL;
893 } 891 }
894 892
@@ -917,9 +915,8 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb,
917 nr_frags = skb_shinfo(skb)->nr_frags; 915 nr_frags = skb_shinfo(skb)->nr_frags;
918 916
919 if (unlikely(nr_frags >= MAX_SKB_FRAGS)) { 917 if (unlikely(nr_frags >= MAX_SKB_FRAGS)) {
920 printk(KERN_ERR "Packet exceed the number " 918 pr_err("Packet exceed the number of skb frags(%lu)\n",
921 "of skb frags(%lu)\n", 919 MAX_SKB_FRAGS);
922 MAX_SKB_FRAGS);
923 return -EFAULT; 920 return -EFAULT;
924 } 921 }
925 922
@@ -944,8 +941,8 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
944 struct net_device *dev; 941 struct net_device *dev;
945 __be16 proto; 942 __be16 proto;
946 int ifindex, err, reserve = 0; 943 int ifindex, err, reserve = 0;
947 void * ph; 944 void *ph;
948 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name; 945 struct sockaddr_ll *saddr = (struct sockaddr_ll *)msg->msg_name;
949 int tp_len, size_max; 946 int tp_len, size_max;
950 unsigned char *addr; 947 unsigned char *addr;
951 int len_sum = 0; 948 int len_sum = 0;
@@ -1038,8 +1035,7 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
1038 goto out_xmit; 1035 goto out_xmit;
1039 packet_increment_head(&po->tx_ring); 1036 packet_increment_head(&po->tx_ring);
1040 len_sum += tp_len; 1037 len_sum += tp_len;
1041 } 1038 } while (likely((ph != NULL) || ((!(msg->msg_flags & MSG_DONTWAIT))
1042 while (likely((ph != NULL) || ((!(msg->msg_flags & MSG_DONTWAIT))
1043 && (atomic_read(&po->tx_ring.pending)))) 1039 && (atomic_read(&po->tx_ring.pending))))
1044 ); 1040 );
1045 1041
@@ -1064,7 +1060,7 @@ static int packet_snd(struct socket *sock,
1064 struct msghdr *msg, size_t len) 1060 struct msghdr *msg, size_t len)
1065{ 1061{
1066 struct sock *sk = sock->sk; 1062 struct sock *sk = sock->sk;
1067 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name; 1063 struct sockaddr_ll *saddr = (struct sockaddr_ll *)msg->msg_name;
1068 struct sk_buff *skb; 1064 struct sk_buff *skb;
1069 struct net_device *dev; 1065 struct net_device *dev;
1070 __be16 proto; 1066 __be16 proto;
@@ -1110,7 +1106,7 @@ static int packet_snd(struct socket *sock,
1110 1106
1111 skb = sock_alloc_send_skb(sk, len + LL_ALLOCATED_SPACE(dev), 1107 skb = sock_alloc_send_skb(sk, len + LL_ALLOCATED_SPACE(dev),
1112 msg->msg_flags & MSG_DONTWAIT, &err); 1108 msg->msg_flags & MSG_DONTWAIT, &err);
1113 if (skb==NULL) 1109 if (skb == NULL)
1114 goto out_unlock; 1110 goto out_unlock;
1115 1111
1116 skb_reserve(skb, LL_RESERVED_SPACE(dev)); 1112 skb_reserve(skb, LL_RESERVED_SPACE(dev));
@@ -1122,7 +1118,7 @@ static int packet_snd(struct socket *sock,
1122 goto out_free; 1118 goto out_free;
1123 1119
1124 /* Returns -EFAULT on error */ 1120 /* Returns -EFAULT on error */
1125 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); 1121 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
1126 if (err) 1122 if (err)
1127 goto out_free; 1123 goto out_free;
1128 1124
@@ -1140,7 +1136,7 @@ static int packet_snd(struct socket *sock,
1140 1136
1141 dev_put(dev); 1137 dev_put(dev);
1142 1138
1143 return(len); 1139 return len;
1144 1140
1145out_free: 1141out_free:
1146 kfree_skb(skb); 1142 kfree_skb(skb);
@@ -1283,9 +1279,10 @@ out_unlock:
1283 * Bind a packet socket to a device 1279 * Bind a packet socket to a device
1284 */ 1280 */
1285 1281
1286static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1282static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr,
1283 int addr_len)
1287{ 1284{
1288 struct sock *sk=sock->sk; 1285 struct sock *sk = sock->sk;
1289 char name[15]; 1286 char name[15];
1290 struct net_device *dev; 1287 struct net_device *dev;
1291 int err = -ENODEV; 1288 int err = -ENODEV;
@@ -1296,7 +1293,7 @@ static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int add
1296 1293
1297 if (addr_len != sizeof(struct sockaddr)) 1294 if (addr_len != sizeof(struct sockaddr))
1298 return -EINVAL; 1295 return -EINVAL;
1299 strlcpy(name,uaddr->sa_data,sizeof(name)); 1296 strlcpy(name, uaddr->sa_data, sizeof(name));
1300 1297
1301 dev = dev_get_by_name(sock_net(sk), name); 1298 dev = dev_get_by_name(sock_net(sk), name);
1302 if (dev) { 1299 if (dev) {
@@ -1308,8 +1305,8 @@ static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int add
1308 1305
1309static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1306static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1310{ 1307{
1311 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; 1308 struct sockaddr_ll *sll = (struct sockaddr_ll *)uaddr;
1312 struct sock *sk=sock->sk; 1309 struct sock *sk = sock->sk;
1313 struct net_device *dev = NULL; 1310 struct net_device *dev = NULL;
1314 int err; 1311 int err;
1315 1312
@@ -1404,7 +1401,7 @@ static int packet_create(struct net *net, struct socket *sock, int protocol)
1404 sk_add_node(sk, &net->packet.sklist); 1401 sk_add_node(sk, &net->packet.sklist);
1405 sock_prot_inuse_add(net, &packet_proto, 1); 1402 sock_prot_inuse_add(net, &packet_proto, 1);
1406 write_unlock_bh(&net->packet.sklist_lock); 1403 write_unlock_bh(&net->packet.sklist_lock);
1407 return(0); 1404 return 0;
1408out: 1405out:
1409 return err; 1406 return err;
1410} 1407}
@@ -1441,7 +1438,7 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1441 * but then it will block. 1438 * but then it will block.
1442 */ 1439 */
1443 1440
1444 skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err); 1441 skb = skb_recv_datagram(sk, flags, flags & MSG_DONTWAIT, &err);
1445 1442
1446 /* 1443 /*
1447 * An error occurred so return it. Because skb_recv_datagram() 1444 * An error occurred so return it. Because skb_recv_datagram()
@@ -1469,10 +1466,9 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1469 */ 1466 */
1470 1467
1471 copied = skb->len; 1468 copied = skb->len;
1472 if (copied > len) 1469 if (copied > len) {
1473 { 1470 copied = len;
1474 copied=len; 1471 msg->msg_flags |= MSG_TRUNC;
1475 msg->msg_flags|=MSG_TRUNC;
1476 } 1472 }
1477 1473
1478 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 1474 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
@@ -1539,7 +1535,7 @@ static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
1539 struct net_device *dev; 1535 struct net_device *dev;
1540 struct sock *sk = sock->sk; 1536 struct sock *sk = sock->sk;
1541 struct packet_sock *po = pkt_sk(sk); 1537 struct packet_sock *po = pkt_sk(sk);
1542 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; 1538 struct sockaddr_ll *sll = (struct sockaddr_ll *)uaddr;
1543 1539
1544 if (peer) 1540 if (peer)
1545 return -EOPNOTSUPP; 1541 return -EOPNOTSUPP;
@@ -1584,14 +1580,15 @@ static int packet_dev_mc(struct net_device *dev, struct packet_mclist *i,
1584 else 1580 else
1585 return dev_unicast_delete(dev, i->addr); 1581 return dev_unicast_delete(dev, i->addr);
1586 break; 1582 break;
1587 default:; 1583 default:
1584 break;
1588 } 1585 }
1589 return 0; 1586 return 0;
1590} 1587}
1591 1588
1592static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what) 1589static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what)
1593{ 1590{
1594 for ( ; i; i=i->next) { 1591 for ( ; i; i = i->next) {
1595 if (i->ifindex == dev->ifindex) 1592 if (i->ifindex == dev->ifindex)
1596 packet_dev_mc(dev, i, what); 1593 packet_dev_mc(dev, i, what);
1597 } 1594 }
@@ -1693,7 +1690,8 @@ static void packet_flush_mclist(struct sock *sk)
1693 struct net_device *dev; 1690 struct net_device *dev;
1694 1691
1695 po->mclist = ml->next; 1692 po->mclist = ml->next;
1696 if ((dev = dev_get_by_index(sock_net(sk), ml->ifindex)) != NULL) { 1693 dev = dev_get_by_index(sock_net(sk), ml->ifindex);
1694 if (dev != NULL) {
1697 packet_dev_mc(dev, ml, -1); 1695 packet_dev_mc(dev, ml, -1);
1698 dev_put(dev); 1696 dev_put(dev);
1699 } 1697 }
@@ -1723,7 +1721,7 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
1723 return -EINVAL; 1721 return -EINVAL;
1724 if (len > sizeof(mreq)) 1722 if (len > sizeof(mreq))
1725 len = sizeof(mreq); 1723 len = sizeof(mreq);
1726 if (copy_from_user(&mreq,optval,len)) 1724 if (copy_from_user(&mreq, optval, len))
1727 return -EFAULT; 1725 return -EFAULT;
1728 if (len < (mreq.mr_alen + offsetof(struct packet_mreq, mr_address))) 1726 if (len < (mreq.mr_alen + offsetof(struct packet_mreq, mr_address)))
1729 return -EINVAL; 1727 return -EINVAL;
@@ -1740,9 +1738,9 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
1740 { 1738 {
1741 struct tpacket_req req; 1739 struct tpacket_req req;
1742 1740
1743 if (optlen<sizeof(req)) 1741 if (optlen < sizeof(req))
1744 return -EINVAL; 1742 return -EINVAL;
1745 if (copy_from_user(&req,optval,sizeof(req))) 1743 if (copy_from_user(&req, optval, sizeof(req)))
1746 return -EFAULT; 1744 return -EFAULT;
1747 return packet_set_ring(sk, &req, 0, optname == PACKET_TX_RING); 1745 return packet_set_ring(sk, &req, 0, optname == PACKET_TX_RING);
1748 } 1746 }
@@ -1750,9 +1748,9 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
1750 { 1748 {
1751 int val; 1749 int val;
1752 1750
1753 if (optlen!=sizeof(val)) 1751 if (optlen != sizeof(val))
1754 return -EINVAL; 1752 return -EINVAL;
1755 if (copy_from_user(&val,optval,sizeof(val))) 1753 if (copy_from_user(&val, optval, sizeof(val)))
1756 return -EFAULT; 1754 return -EFAULT;
1757 1755
1758 pkt_sk(sk)->copy_thresh = val; 1756 pkt_sk(sk)->copy_thresh = val;
@@ -1985,51 +1983,51 @@ static int packet_ioctl(struct socket *sock, unsigned int cmd,
1985 struct sock *sk = sock->sk; 1983 struct sock *sk = sock->sk;
1986 1984
1987 switch (cmd) { 1985 switch (cmd) {
1988 case SIOCOUTQ: 1986 case SIOCOUTQ:
1989 { 1987 {
1990 int amount = sk_wmem_alloc_get(sk); 1988 int amount = sk_wmem_alloc_get(sk);
1991 1989
1992 return put_user(amount, (int __user *)arg); 1990 return put_user(amount, (int __user *)arg);
1993 } 1991 }
1994 case SIOCINQ: 1992 case SIOCINQ:
1995 { 1993 {
1996 struct sk_buff *skb; 1994 struct sk_buff *skb;
1997 int amount = 0; 1995 int amount = 0;
1998 1996
1999 spin_lock_bh(&sk->sk_receive_queue.lock); 1997 spin_lock_bh(&sk->sk_receive_queue.lock);
2000 skb = skb_peek(&sk->sk_receive_queue); 1998 skb = skb_peek(&sk->sk_receive_queue);
2001 if (skb) 1999 if (skb)
2002 amount = skb->len; 2000 amount = skb->len;
2003 spin_unlock_bh(&sk->sk_receive_queue.lock); 2001 spin_unlock_bh(&sk->sk_receive_queue.lock);
2004 return put_user(amount, (int __user *)arg); 2002 return put_user(amount, (int __user *)arg);
2005 } 2003 }
2006 case SIOCGSTAMP: 2004 case SIOCGSTAMP:
2007 return sock_get_timestamp(sk, (struct timeval __user *)arg); 2005 return sock_get_timestamp(sk, (struct timeval __user *)arg);
2008 case SIOCGSTAMPNS: 2006 case SIOCGSTAMPNS:
2009 return sock_get_timestampns(sk, (struct timespec __user *)arg); 2007 return sock_get_timestampns(sk, (struct timespec __user *)arg);
2010 2008
2011#ifdef CONFIG_INET 2009#ifdef CONFIG_INET
2012 case SIOCADDRT: 2010 case SIOCADDRT:
2013 case SIOCDELRT: 2011 case SIOCDELRT:
2014 case SIOCDARP: 2012 case SIOCDARP:
2015 case SIOCGARP: 2013 case SIOCGARP:
2016 case SIOCSARP: 2014 case SIOCSARP:
2017 case SIOCGIFADDR: 2015 case SIOCGIFADDR:
2018 case SIOCSIFADDR: 2016 case SIOCSIFADDR:
2019 case SIOCGIFBRDADDR: 2017 case SIOCGIFBRDADDR:
2020 case SIOCSIFBRDADDR: 2018 case SIOCSIFBRDADDR:
2021 case SIOCGIFNETMASK: 2019 case SIOCGIFNETMASK:
2022 case SIOCSIFNETMASK: 2020 case SIOCSIFNETMASK:
2023 case SIOCGIFDSTADDR: 2021 case SIOCGIFDSTADDR:
2024 case SIOCSIFDSTADDR: 2022 case SIOCSIFDSTADDR:
2025 case SIOCSIFFLAGS: 2023 case SIOCSIFFLAGS:
2026 if (!net_eq(sock_net(sk), &init_net)) 2024 if (!net_eq(sock_net(sk), &init_net))
2027 return -ENOIOCTLCMD; 2025 return -ENOIOCTLCMD;
2028 return inet_dgram_ops.ioctl(sock, cmd, arg); 2026 return inet_dgram_ops.ioctl(sock, cmd, arg);
2029#endif 2027#endif
2030 2028
2031 default: 2029 default:
2032 return -ENOIOCTLCMD; 2030 return -ENOIOCTLCMD;
2033 } 2031 }
2034 return 0; 2032 return 0;
2035} 2033}
@@ -2039,7 +2037,7 @@ static int packet_ioctl(struct socket *sock, unsigned int cmd,
2039#define packet_poll datagram_poll 2037#define packet_poll datagram_poll
2040#else 2038#else
2041 2039
2042static unsigned int packet_poll(struct file * file, struct socket *sock, 2040static unsigned int packet_poll(struct file *file, struct socket *sock,
2043 poll_table *wait) 2041 poll_table *wait)
2044{ 2042{
2045 struct sock *sk = sock->sk; 2043 struct sock *sk = sock->sk;
@@ -2069,7 +2067,7 @@ static unsigned int packet_poll(struct file * file, struct socket *sock,
2069static void packet_mm_open(struct vm_area_struct *vma) 2067static void packet_mm_open(struct vm_area_struct *vma)
2070{ 2068{
2071 struct file *file = vma->vm_file; 2069 struct file *file = vma->vm_file;
2072 struct socket * sock = file->private_data; 2070 struct socket *sock = file->private_data;
2073 struct sock *sk = sock->sk; 2071 struct sock *sk = sock->sk;
2074 2072
2075 if (sk) 2073 if (sk)
@@ -2079,7 +2077,7 @@ static void packet_mm_open(struct vm_area_struct *vma)
2079static void packet_mm_close(struct vm_area_struct *vma) 2077static void packet_mm_close(struct vm_area_struct *vma)
2080{ 2078{
2081 struct file *file = vma->vm_file; 2079 struct file *file = vma->vm_file;
2082 struct socket * sock = file->private_data; 2080 struct socket *sock = file->private_data;
2083 struct sock *sk = sock->sk; 2081 struct sock *sk = sock->sk;
2084 2082
2085 if (sk) 2083 if (sk)
@@ -2087,8 +2085,8 @@ static void packet_mm_close(struct vm_area_struct *vma)
2087} 2085}
2088 2086
2089static struct vm_operations_struct packet_mmap_ops = { 2087static struct vm_operations_struct packet_mmap_ops = {
2090 .open = packet_mm_open, 2088 .open = packet_mm_open,
2091 .close =packet_mm_close, 2089 .close = packet_mm_close,
2092}; 2090};
2093 2091
2094static void free_pg_vec(char **pg_vec, unsigned int order, unsigned int len) 2092static void free_pg_vec(char **pg_vec, unsigned int order, unsigned int len)
@@ -2239,8 +2237,8 @@ static int packet_set_ring(struct sock *sk, struct tpacket_req *req,
2239 skb_queue_purge(rb_queue); 2237 skb_queue_purge(rb_queue);
2240#undef XC 2238#undef XC
2241 if (atomic_read(&po->mapped)) 2239 if (atomic_read(&po->mapped))
2242 printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", 2240 pr_err("packet_mmap: vma is busy: %d\n",
2243 atomic_read(&po->mapped)); 2241 atomic_read(&po->mapped));
2244 } 2242 }
2245 mutex_unlock(&po->pg_vec_lock); 2243 mutex_unlock(&po->pg_vec_lock);
2246 2244
@@ -2303,7 +2301,7 @@ static int packet_mmap(struct file *file, struct socket *sock,
2303 int pg_num; 2301 int pg_num;
2304 2302
2305 for (pg_num = 0; pg_num < rb->pg_vec_pages; 2303 for (pg_num = 0; pg_num < rb->pg_vec_pages;
2306 pg_num++,page++) { 2304 pg_num++, page++) {
2307 err = vm_insert_page(vma, start, page); 2305 err = vm_insert_page(vma, start, page);
2308 if (unlikely(err)) 2306 if (unlikely(err))
2309 goto out; 2307 goto out;
@@ -2372,7 +2370,7 @@ static struct net_proto_family packet_family_ops = {
2372}; 2370};
2373 2371
2374static struct notifier_block packet_netdev_notifier = { 2372static struct notifier_block packet_netdev_notifier = {
2375 .notifier_call =packet_notifier, 2373 .notifier_call = packet_notifier,
2376}; 2374};
2377 2375
2378#ifdef CONFIG_PROC_FS 2376#ifdef CONFIG_PROC_FS
@@ -2402,7 +2400,7 @@ static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2402 ++*pos; 2400 ++*pos;
2403 return (v == SEQ_START_TOKEN) 2401 return (v == SEQ_START_TOKEN)
2404 ? sk_head(&net->packet.sklist) 2402 ? sk_head(&net->packet.sklist)
2405 : sk_next((struct sock*)v) ; 2403 : sk_next((struct sock *)v) ;
2406} 2404}
2407 2405
2408static void packet_seq_stop(struct seq_file *seq, void *v) 2406static void packet_seq_stop(struct seq_file *seq, void *v)
@@ -2430,7 +2428,7 @@ static int packet_seq_show(struct seq_file *seq, void *v)
2430 po->running, 2428 po->running,
2431 atomic_read(&s->sk_rmem_alloc), 2429 atomic_read(&s->sk_rmem_alloc),
2432 sock_i_uid(s), 2430 sock_i_uid(s),
2433 sock_i_ino(s) ); 2431 sock_i_ino(s));
2434 } 2432 }
2435 2433
2436 return 0; 2434 return 0;
diff --git a/net/phonet/datagram.c b/net/phonet/datagram.c
index e087862ed7e4..ef5c75c372e4 100644
--- a/net/phonet/datagram.c
+++ b/net/phonet/datagram.c
@@ -159,8 +159,11 @@ out_nofree:
159static int pn_backlog_rcv(struct sock *sk, struct sk_buff *skb) 159static int pn_backlog_rcv(struct sock *sk, struct sk_buff *skb)
160{ 160{
161 int err = sock_queue_rcv_skb(sk, skb); 161 int err = sock_queue_rcv_skb(sk, skb);
162 if (err < 0) 162 if (err < 0) {
163 kfree_skb(skb); 163 kfree_skb(skb);
164 if (err == -ENOMEM)
165 atomic_inc(&sk->sk_drops);
166 }
164 return err ? NET_RX_DROP : NET_RX_SUCCESS; 167 return err ? NET_RX_DROP : NET_RX_SUCCESS;
165} 168}
166 169
diff --git a/net/phonet/pep-gprs.c b/net/phonet/pep-gprs.c
index 480839dfc560..4667af51ed71 100644
--- a/net/phonet/pep-gprs.c
+++ b/net/phonet/pep-gprs.c
@@ -195,7 +195,7 @@ static int gprs_xmit(struct sk_buff *skb, struct net_device *dev)
195 break; 195 break;
196 default: 196 default:
197 dev_kfree_skb(skb); 197 dev_kfree_skb(skb);
198 return 0; 198 return NETDEV_TX_OK;
199 } 199 }
200 200
201 skb_orphan(skb); 201 skb_orphan(skb);
@@ -215,7 +215,7 @@ static int gprs_xmit(struct sk_buff *skb, struct net_device *dev)
215 netif_stop_queue(dev); 215 netif_stop_queue(dev);
216 if (pep_writeable(sk)) 216 if (pep_writeable(sk))
217 netif_wake_queue(dev); 217 netif_wake_queue(dev);
218 return 0; 218 return NETDEV_TX_OK;
219} 219}
220 220
221static int gprs_set_mtu(struct net_device *dev, int new_mtu) 221static int gprs_set_mtu(struct net_device *dev, int new_mtu)
diff --git a/net/phonet/pep.c b/net/phonet/pep.c
index eef833ea6d7b..b8252d289cd7 100644
--- a/net/phonet/pep.c
+++ b/net/phonet/pep.c
@@ -346,8 +346,10 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb)
346 break; 346 break;
347 347
348 case PNS_PEP_CTRL_REQ: 348 case PNS_PEP_CTRL_REQ:
349 if (skb_queue_len(&pn->ctrlreq_queue) >= PNPIPE_CTRLREQ_MAX) 349 if (skb_queue_len(&pn->ctrlreq_queue) >= PNPIPE_CTRLREQ_MAX) {
350 atomic_inc(&sk->sk_drops);
350 break; 351 break;
352 }
351 __skb_pull(skb, 4); 353 __skb_pull(skb, 4);
352 queue = &pn->ctrlreq_queue; 354 queue = &pn->ctrlreq_queue;
353 goto queue; 355 goto queue;
@@ -358,10 +360,13 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb)
358 err = sock_queue_rcv_skb(sk, skb); 360 err = sock_queue_rcv_skb(sk, skb);
359 if (!err) 361 if (!err)
360 return 0; 362 return 0;
363 if (err == -ENOMEM)
364 atomic_inc(&sk->sk_drops);
361 break; 365 break;
362 } 366 }
363 367
364 if (pn->rx_credits == 0) { 368 if (pn->rx_credits == 0) {
369 atomic_inc(&sk->sk_drops);
365 err = -ENOBUFS; 370 err = -ENOBUFS;
366 break; 371 break;
367 } 372 }
diff --git a/net/phonet/pn_dev.c b/net/phonet/pn_dev.c
index b0d6ddd82a9d..5ae4c01e8388 100644
--- a/net/phonet/pn_dev.c
+++ b/net/phonet/pn_dev.c
@@ -27,6 +27,7 @@
27#include <linux/net.h> 27#include <linux/net.h>
28#include <linux/netdevice.h> 28#include <linux/netdevice.h>
29#include <linux/phonet.h> 29#include <linux/phonet.h>
30#include <linux/proc_fs.h>
30#include <net/sock.h> 31#include <net/sock.h>
31#include <net/netns/generic.h> 32#include <net/netns/generic.h>
32#include <net/phonet/pn_dev.h> 33#include <net/phonet/pn_dev.h>
@@ -96,7 +97,7 @@ struct net_device *phonet_device_get(struct net *net)
96{ 97{
97 struct phonet_device_list *pndevs = phonet_device_list(net); 98 struct phonet_device_list *pndevs = phonet_device_list(net);
98 struct phonet_device *pnd; 99 struct phonet_device *pnd;
99 struct net_device *dev; 100 struct net_device *dev = NULL;
100 101
101 spin_lock_bh(&pndevs->lock); 102 spin_lock_bh(&pndevs->lock);
102 list_for_each_entry(pnd, &pndevs->list, list) { 103 list_for_each_entry(pnd, &pndevs->list, list) {
@@ -218,6 +219,11 @@ static int phonet_init_net(struct net *net)
218 if (!pnn) 219 if (!pnn)
219 return -ENOMEM; 220 return -ENOMEM;
220 221
222 if (!proc_net_fops_create(net, "phonet", 0, &pn_sock_seq_fops)) {
223 kfree(pnn);
224 return -ENOMEM;
225 }
226
221 INIT_LIST_HEAD(&pnn->pndevs.list); 227 INIT_LIST_HEAD(&pnn->pndevs.list);
222 spin_lock_init(&pnn->pndevs.lock); 228 spin_lock_init(&pnn->pndevs.lock);
223 net_assign_generic(net, phonet_net_id, pnn); 229 net_assign_generic(net, phonet_net_id, pnn);
@@ -233,6 +239,8 @@ static void phonet_exit_net(struct net *net)
233 for_each_netdev(net, dev) 239 for_each_netdev(net, dev)
234 phonet_device_destroy(dev); 240 phonet_device_destroy(dev);
235 rtnl_unlock(); 241 rtnl_unlock();
242
243 proc_net_remove(net, "phonet");
236 kfree(pnn); 244 kfree(pnn);
237} 245}
238 246
diff --git a/net/phonet/socket.c b/net/phonet/socket.c
index ada2a35bf7a2..aa1617a7f265 100644
--- a/net/phonet/socket.c
+++ b/net/phonet/socket.c
@@ -412,3 +412,99 @@ found:
412 return 0; 412 return 0;
413} 413}
414EXPORT_SYMBOL(pn_sock_get_port); 414EXPORT_SYMBOL(pn_sock_get_port);
415
416static struct sock *pn_sock_get_idx(struct seq_file *seq, loff_t pos)
417{
418 struct net *net = seq_file_net(seq);
419 struct hlist_node *node;
420 struct sock *sknode;
421
422 sk_for_each(sknode, node, &pnsocks.hlist) {
423 if (!net_eq(net, sock_net(sknode)))
424 continue;
425 if (!pos)
426 return sknode;
427 pos--;
428 }
429 return NULL;
430}
431
432static struct sock *pn_sock_get_next(struct seq_file *seq, struct sock *sk)
433{
434 struct net *net = seq_file_net(seq);
435
436 do
437 sk = sk_next(sk);
438 while (sk && !net_eq(net, sock_net(sk)));
439
440 return sk;
441}
442
443static void *pn_sock_seq_start(struct seq_file *seq, loff_t *pos)
444 __acquires(pnsocks.lock)
445{
446 spin_lock_bh(&pnsocks.lock);
447 return *pos ? pn_sock_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
448}
449
450static void *pn_sock_seq_next(struct seq_file *seq, void *v, loff_t *pos)
451{
452 struct sock *sk;
453
454 if (v == SEQ_START_TOKEN)
455 sk = pn_sock_get_idx(seq, 0);
456 else
457 sk = pn_sock_get_next(seq, v);
458 (*pos)++;
459 return sk;
460}
461
462static void pn_sock_seq_stop(struct seq_file *seq, void *v)
463 __releases(pnsocks.lock)
464{
465 spin_unlock_bh(&pnsocks.lock);
466}
467
468static int pn_sock_seq_show(struct seq_file *seq, void *v)
469{
470 int len;
471
472 if (v == SEQ_START_TOKEN)
473 seq_printf(seq, "%s%n", "pt loc rem rs st tx_queue rx_queue "
474 " uid inode ref pointer drops", &len);
475 else {
476 struct sock *sk = v;
477 struct pn_sock *pn = pn_sk(sk);
478
479 seq_printf(seq, "%2d %04X:%04X:%02X %02X %08X:%08X %5d %lu "
480 "%d %p %d%n",
481 sk->sk_protocol, pn->sobject, 0, pn->resource,
482 sk->sk_state,
483 sk_wmem_alloc_get(sk), sk_rmem_alloc_get(sk),
484 sock_i_uid(sk), sock_i_ino(sk),
485 atomic_read(&sk->sk_refcnt), sk,
486 atomic_read(&sk->sk_drops), &len);
487 }
488 seq_printf(seq, "%*s\n", 127 - len, "");
489 return 0;
490}
491
492static const struct seq_operations pn_sock_seq_ops = {
493 .start = pn_sock_seq_start,
494 .next = pn_sock_seq_next,
495 .stop = pn_sock_seq_stop,
496 .show = pn_sock_seq_show,
497};
498
499static int pn_sock_open(struct inode *inode, struct file *file)
500{
501 return seq_open(file, &pn_sock_seq_ops);
502}
503
504const struct file_operations pn_sock_seq_fops = {
505 .owner = THIS_MODULE,
506 .open = pn_sock_open,
507 .read = seq_read,
508 .llseek = seq_lseek,
509 .release = seq_release,
510};
diff --git a/net/rds/connection.c b/net/rds/connection.c
index d14445c48304..b420a20d84fd 100644
--- a/net/rds/connection.c
+++ b/net/rds/connection.c
@@ -126,7 +126,7 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr,
126 struct rds_transport *trans, gfp_t gfp, 126 struct rds_transport *trans, gfp_t gfp,
127 int is_outgoing) 127 int is_outgoing)
128{ 128{
129 struct rds_connection *conn, *tmp, *parent = NULL; 129 struct rds_connection *conn, *parent = NULL;
130 struct hlist_head *head = rds_conn_bucket(laddr, faddr); 130 struct hlist_head *head = rds_conn_bucket(laddr, faddr);
131 unsigned long flags; 131 unsigned long flags;
132 int ret; 132 int ret;
@@ -155,7 +155,6 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr,
155 } 155 }
156 156
157 INIT_HLIST_NODE(&conn->c_hash_node); 157 INIT_HLIST_NODE(&conn->c_hash_node);
158 conn->c_version = RDS_PROTOCOL_3_0;
159 conn->c_laddr = laddr; 158 conn->c_laddr = laddr;
160 conn->c_faddr = faddr; 159 conn->c_faddr = faddr;
161 spin_lock_init(&conn->c_lock); 160 spin_lock_init(&conn->c_lock);
@@ -211,26 +210,40 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr,
211 trans->t_name ? trans->t_name : "[unknown]", 210 trans->t_name ? trans->t_name : "[unknown]",
212 is_outgoing ? "(outgoing)" : ""); 211 is_outgoing ? "(outgoing)" : "");
213 212
213 /*
214 * Since we ran without holding the conn lock, someone could
215 * have created the same conn (either normal or passive) in the
216 * interim. We check while holding the lock. If we won, we complete
217 * init and return our conn. If we lost, we rollback and return the
218 * other one.
219 */
214 spin_lock_irqsave(&rds_conn_lock, flags); 220 spin_lock_irqsave(&rds_conn_lock, flags);
215 if (parent == NULL) { 221 if (parent) {
216 tmp = rds_conn_lookup(head, laddr, faddr, trans); 222 /* Creating passive conn */
217 if (tmp == NULL) 223 if (parent->c_passive) {
218 hlist_add_head(&conn->c_hash_node, head); 224 trans->conn_free(conn->c_transport_data);
219 } else { 225 kmem_cache_free(rds_conn_slab, conn);
220 tmp = parent->c_passive; 226 conn = parent->c_passive;
221 if (!tmp) 227 } else {
222 parent->c_passive = conn; 228 parent->c_passive = conn;
223 } 229 rds_cong_add_conn(conn);
224 230 rds_conn_count++;
225 if (tmp) { 231 }
226 trans->conn_free(conn->c_transport_data);
227 kmem_cache_free(rds_conn_slab, conn);
228 conn = tmp;
229 } else { 232 } else {
230 rds_cong_add_conn(conn); 233 /* Creating normal conn */
231 rds_conn_count++; 234 struct rds_connection *found;
235
236 found = rds_conn_lookup(head, laddr, faddr, trans);
237 if (found) {
238 trans->conn_free(conn->c_transport_data);
239 kmem_cache_free(rds_conn_slab, conn);
240 conn = found;
241 } else {
242 hlist_add_head(&conn->c_hash_node, head);
243 rds_cong_add_conn(conn);
244 rds_conn_count++;
245 }
232 } 246 }
233
234 spin_unlock_irqrestore(&rds_conn_lock, flags); 247 spin_unlock_irqrestore(&rds_conn_lock, flags);
235 248
236out: 249out:
diff --git a/net/rds/ib.c b/net/rds/ib.c
index b9bcd32431e1..868559ac42d7 100644
--- a/net/rds/ib.c
+++ b/net/rds/ib.c
@@ -43,11 +43,14 @@
43 43
44unsigned int fmr_pool_size = RDS_FMR_POOL_SIZE; 44unsigned int fmr_pool_size = RDS_FMR_POOL_SIZE;
45unsigned int fmr_message_size = RDS_FMR_SIZE + 1; /* +1 allows for unaligned MRs */ 45unsigned int fmr_message_size = RDS_FMR_SIZE + 1; /* +1 allows for unaligned MRs */
46unsigned int rds_ib_retry_count = RDS_IB_DEFAULT_RETRY_COUNT;
46 47
47module_param(fmr_pool_size, int, 0444); 48module_param(fmr_pool_size, int, 0444);
48MODULE_PARM_DESC(fmr_pool_size, " Max number of fmr per HCA"); 49MODULE_PARM_DESC(fmr_pool_size, " Max number of fmr per HCA");
49module_param(fmr_message_size, int, 0444); 50module_param(fmr_message_size, int, 0444);
50MODULE_PARM_DESC(fmr_message_size, " Max size of a RDMA transfer"); 51MODULE_PARM_DESC(fmr_message_size, " Max size of a RDMA transfer");
52module_param(rds_ib_retry_count, int, 0444);
53MODULE_PARM_DESC(rds_ib_retry_count, " Number of hw retries before reporting an error");
51 54
52struct list_head rds_ib_devices; 55struct list_head rds_ib_devices;
53 56
@@ -82,9 +85,6 @@ void rds_ib_add_one(struct ib_device *device)
82 rds_ibdev->max_wrs = dev_attr->max_qp_wr; 85 rds_ibdev->max_wrs = dev_attr->max_qp_wr;
83 rds_ibdev->max_sge = min(dev_attr->max_sge, RDS_IB_MAX_SGE); 86 rds_ibdev->max_sge = min(dev_attr->max_sge, RDS_IB_MAX_SGE);
84 87
85 rds_ibdev->fmr_page_shift = max(9, ffs(dev_attr->page_size_cap) - 1);
86 rds_ibdev->fmr_page_size = 1 << rds_ibdev->fmr_page_shift;
87 rds_ibdev->fmr_page_mask = ~((u64) rds_ibdev->fmr_page_size - 1);
88 rds_ibdev->fmr_max_remaps = dev_attr->max_map_per_fmr?: 32; 88 rds_ibdev->fmr_max_remaps = dev_attr->max_map_per_fmr?: 32;
89 rds_ibdev->max_fmrs = dev_attr->max_fmr ? 89 rds_ibdev->max_fmrs = dev_attr->max_fmr ?
90 min_t(unsigned int, dev_attr->max_fmr, fmr_pool_size) : 90 min_t(unsigned int, dev_attr->max_fmr, fmr_pool_size) :
diff --git a/net/rds/ib.h b/net/rds/ib.h
index 455ae73047fe..1378b854cac0 100644
--- a/net/rds/ib.h
+++ b/net/rds/ib.h
@@ -15,6 +15,8 @@
15#define RDS_IB_DEFAULT_RECV_WR 1024 15#define RDS_IB_DEFAULT_RECV_WR 1024
16#define RDS_IB_DEFAULT_SEND_WR 256 16#define RDS_IB_DEFAULT_SEND_WR 256
17 17
18#define RDS_IB_DEFAULT_RETRY_COUNT 2
19
18#define RDS_IB_SUPPORTED_PROTOCOLS 0x00000003 /* minor versions supported */ 20#define RDS_IB_SUPPORTED_PROTOCOLS 0x00000003 /* minor versions supported */
19 21
20extern struct list_head rds_ib_devices; 22extern struct list_head rds_ib_devices;
@@ -157,9 +159,6 @@ struct rds_ib_device {
157 struct ib_pd *pd; 159 struct ib_pd *pd;
158 struct ib_mr *mr; 160 struct ib_mr *mr;
159 struct rds_ib_mr_pool *mr_pool; 161 struct rds_ib_mr_pool *mr_pool;
160 int fmr_page_shift;
161 int fmr_page_size;
162 u64 fmr_page_mask;
163 unsigned int fmr_max_remaps; 162 unsigned int fmr_max_remaps;
164 unsigned int max_fmrs; 163 unsigned int max_fmrs;
165 int max_sge; 164 int max_sge;
@@ -247,6 +246,7 @@ extern struct ib_client rds_ib_client;
247 246
248extern unsigned int fmr_pool_size; 247extern unsigned int fmr_pool_size;
249extern unsigned int fmr_message_size; 248extern unsigned int fmr_message_size;
249extern unsigned int rds_ib_retry_count;
250 250
251extern spinlock_t ib_nodev_conns_lock; 251extern spinlock_t ib_nodev_conns_lock;
252extern struct list_head ib_nodev_conns; 252extern struct list_head ib_nodev_conns;
@@ -355,17 +355,25 @@ extern ctl_table rds_ib_sysctl_table[];
355/* 355/*
356 * Helper functions for getting/setting the header and data SGEs in 356 * Helper functions for getting/setting the header and data SGEs in
357 * RDS packets (not RDMA) 357 * RDS packets (not RDMA)
358 *
359 * From version 3.1 onwards, header is in front of data in the sge.
358 */ 360 */
359static inline struct ib_sge * 361static inline struct ib_sge *
360rds_ib_header_sge(struct rds_ib_connection *ic, struct ib_sge *sge) 362rds_ib_header_sge(struct rds_ib_connection *ic, struct ib_sge *sge)
361{ 363{
362 return &sge[0]; 364 if (ic->conn->c_version > RDS_PROTOCOL_3_0)
365 return &sge[0];
366 else
367 return &sge[1];
363} 368}
364 369
365static inline struct ib_sge * 370static inline struct ib_sge *
366rds_ib_data_sge(struct rds_ib_connection *ic, struct ib_sge *sge) 371rds_ib_data_sge(struct rds_ib_connection *ic, struct ib_sge *sge)
367{ 372{
368 return &sge[1]; 373 if (ic->conn->c_version > RDS_PROTOCOL_3_0)
374 return &sge[1];
375 else
376 return &sge[0];
369} 377}
370 378
371#endif 379#endif
diff --git a/net/rds/ib_cm.c b/net/rds/ib_cm.c
index f8e40e1a6038..c2d372f13dbb 100644
--- a/net/rds/ib_cm.c
+++ b/net/rds/ib_cm.c
@@ -98,21 +98,34 @@ void rds_ib_cm_connect_complete(struct rds_connection *conn, struct rdma_cm_even
98 struct ib_qp_attr qp_attr; 98 struct ib_qp_attr qp_attr;
99 int err; 99 int err;
100 100
101 if (event->param.conn.private_data_len) { 101 if (event->param.conn.private_data_len >= sizeof(*dp)) {
102 dp = event->param.conn.private_data; 102 dp = event->param.conn.private_data;
103 103
104 rds_ib_set_protocol(conn, 104 /* make sure it isn't empty data */
105 if (dp->dp_protocol_major) {
106 rds_ib_set_protocol(conn,
105 RDS_PROTOCOL(dp->dp_protocol_major, 107 RDS_PROTOCOL(dp->dp_protocol_major,
106 dp->dp_protocol_minor)); 108 dp->dp_protocol_minor));
107 rds_ib_set_flow_control(conn, be32_to_cpu(dp->dp_credit)); 109 rds_ib_set_flow_control(conn, be32_to_cpu(dp->dp_credit));
110 }
108 } 111 }
109 112
110 printk(KERN_NOTICE "RDS/IB: connected to %pI4 version %u.%u%s\n", 113 printk(KERN_NOTICE "RDS/IB: connected to %pI4 version %u.%u%s\n",
111 &conn->c_laddr, 114 &conn->c_faddr,
112 RDS_PROTOCOL_MAJOR(conn->c_version), 115 RDS_PROTOCOL_MAJOR(conn->c_version),
113 RDS_PROTOCOL_MINOR(conn->c_version), 116 RDS_PROTOCOL_MINOR(conn->c_version),
114 ic->i_flowctl ? ", flow control" : ""); 117 ic->i_flowctl ? ", flow control" : "");
115 118
119 /*
120 * Init rings and fill recv. this needs to wait until protocol negotiation
121 * is complete, since ring layout is different from 3.0 to 3.1.
122 */
123 rds_ib_send_init_ring(ic);
124 rds_ib_recv_init_ring(ic);
125 /* Post receive buffers - as a side effect, this will update
126 * the posted credit count. */
127 rds_ib_recv_refill(conn, GFP_KERNEL, GFP_HIGHUSER, 1);
128
116 /* Tune RNR behavior */ 129 /* Tune RNR behavior */
117 rds_ib_tune_rnr(ic, &qp_attr); 130 rds_ib_tune_rnr(ic, &qp_attr);
118 131
@@ -145,7 +158,7 @@ static void rds_ib_cm_fill_conn_param(struct rds_connection *conn,
145 /* XXX tune these? */ 158 /* XXX tune these? */
146 conn_param->responder_resources = 1; 159 conn_param->responder_resources = 1;
147 conn_param->initiator_depth = 1; 160 conn_param->initiator_depth = 1;
148 conn_param->retry_count = 7; 161 conn_param->retry_count = min_t(unsigned int, rds_ib_retry_count, 7);
149 conn_param->rnr_retry_count = 7; 162 conn_param->rnr_retry_count = 7;
150 163
151 if (dp) { 164 if (dp) {
@@ -190,9 +203,9 @@ static void rds_ib_qp_event_handler(struct ib_event *event, void *data)
190 rdma_notify(ic->i_cm_id, IB_EVENT_COMM_EST); 203 rdma_notify(ic->i_cm_id, IB_EVENT_COMM_EST);
191 break; 204 break;
192 default: 205 default:
193 printk(KERN_WARNING "RDS/ib: unhandled QP event %u " 206 rds_ib_conn_error(conn, "RDS/IB: Fatal QP Event %u "
194 "on connection to %pI4\n", event->event, 207 "- connection %pI4->%pI4, reconnecting\n",
195 &conn->c_faddr); 208 event->event, &conn->c_laddr, &conn->c_faddr);
196 break; 209 break;
197 } 210 }
198} 211}
@@ -321,7 +334,7 @@ static int rds_ib_setup_qp(struct rds_connection *conn)
321 rdsdebug("send allocation failed\n"); 334 rdsdebug("send allocation failed\n");
322 goto out; 335 goto out;
323 } 336 }
324 rds_ib_send_init_ring(ic); 337 memset(ic->i_sends, 0, ic->i_send_ring.w_nr * sizeof(struct rds_ib_send_work));
325 338
326 ic->i_recvs = vmalloc(ic->i_recv_ring.w_nr * sizeof(struct rds_ib_recv_work)); 339 ic->i_recvs = vmalloc(ic->i_recv_ring.w_nr * sizeof(struct rds_ib_recv_work));
327 if (ic->i_recvs == NULL) { 340 if (ic->i_recvs == NULL) {
@@ -329,14 +342,10 @@ static int rds_ib_setup_qp(struct rds_connection *conn)
329 rdsdebug("recv allocation failed\n"); 342 rdsdebug("recv allocation failed\n");
330 goto out; 343 goto out;
331 } 344 }
345 memset(ic->i_recvs, 0, ic->i_recv_ring.w_nr * sizeof(struct rds_ib_recv_work));
332 346
333 rds_ib_recv_init_ring(ic);
334 rds_ib_recv_init_ack(ic); 347 rds_ib_recv_init_ack(ic);
335 348
336 /* Post receive buffers - as a side effect, this will update
337 * the posted credit count. */
338 rds_ib_recv_refill(conn, GFP_KERNEL, GFP_HIGHUSER, 1);
339
340 rdsdebug("conn %p pd %p mr %p cq %p %p\n", conn, ic->i_pd, ic->i_mr, 349 rdsdebug("conn %p pd %p mr %p cq %p %p\n", conn, ic->i_pd, ic->i_mr,
341 ic->i_send_cq, ic->i_recv_cq); 350 ic->i_send_cq, ic->i_recv_cq);
342 351
@@ -344,19 +353,32 @@ out:
344 return ret; 353 return ret;
345} 354}
346 355
347static u32 rds_ib_protocol_compatible(const struct rds_ib_connect_private *dp) 356static u32 rds_ib_protocol_compatible(struct rdma_cm_event *event)
348{ 357{
358 const struct rds_ib_connect_private *dp = event->param.conn.private_data;
349 u16 common; 359 u16 common;
350 u32 version = 0; 360 u32 version = 0;
351 361
352 /* rdma_cm private data is odd - when there is any private data in the 362 /*
363 * rdma_cm private data is odd - when there is any private data in the
353 * request, we will be given a pretty large buffer without telling us the 364 * request, we will be given a pretty large buffer without telling us the
354 * original size. The only way to tell the difference is by looking at 365 * original size. The only way to tell the difference is by looking at
355 * the contents, which are initialized to zero. 366 * the contents, which are initialized to zero.
356 * If the protocol version fields aren't set, this is a connection attempt 367 * If the protocol version fields aren't set, this is a connection attempt
357 * from an older version. This could could be 3.0 or 2.0 - we can't tell. 368 * from an older version. This could could be 3.0 or 2.0 - we can't tell.
358 * We really should have changed this for OFED 1.3 :-( */ 369 * We really should have changed this for OFED 1.3 :-(
359 if (dp->dp_protocol_major == 0) 370 */
371
372 /* Be paranoid. RDS always has privdata */
373 if (!event->param.conn.private_data_len) {
374 printk(KERN_NOTICE "RDS incoming connection has no private data, "
375 "rejecting\n");
376 return 0;
377 }
378
379 /* Even if len is crap *now* I still want to check it. -ASG */
380 if (event->param.conn.private_data_len < sizeof (*dp)
381 || dp->dp_protocol_major == 0)
360 return RDS_PROTOCOL_3_0; 382 return RDS_PROTOCOL_3_0;
361 383
362 common = be16_to_cpu(dp->dp_protocol_minor_mask) & RDS_IB_SUPPORTED_PROTOCOLS; 384 common = be16_to_cpu(dp->dp_protocol_minor_mask) & RDS_IB_SUPPORTED_PROTOCOLS;
@@ -388,7 +410,7 @@ int rds_ib_cm_handle_connect(struct rdma_cm_id *cm_id,
388 int err, destroy = 1; 410 int err, destroy = 1;
389 411
390 /* Check whether the remote protocol version matches ours. */ 412 /* Check whether the remote protocol version matches ours. */
391 version = rds_ib_protocol_compatible(dp); 413 version = rds_ib_protocol_compatible(event);
392 if (!version) 414 if (!version)
393 goto out; 415 goto out;
394 416
diff --git a/net/rds/ib_rdma.c b/net/rds/ib_rdma.c
index 81033af93020..ef3ab5b7283e 100644
--- a/net/rds/ib_rdma.c
+++ b/net/rds/ib_rdma.c
@@ -211,7 +211,7 @@ struct rds_ib_mr_pool *rds_ib_create_mr_pool(struct rds_ib_device *rds_ibdev)
211 211
212 pool->fmr_attr.max_pages = fmr_message_size; 212 pool->fmr_attr.max_pages = fmr_message_size;
213 pool->fmr_attr.max_maps = rds_ibdev->fmr_max_remaps; 213 pool->fmr_attr.max_maps = rds_ibdev->fmr_max_remaps;
214 pool->fmr_attr.page_shift = rds_ibdev->fmr_page_shift; 214 pool->fmr_attr.page_shift = PAGE_SHIFT;
215 pool->max_free_pinned = rds_ibdev->max_fmrs * fmr_message_size / 4; 215 pool->max_free_pinned = rds_ibdev->max_fmrs * fmr_message_size / 4;
216 216
217 /* We never allow more than max_items MRs to be allocated. 217 /* We never allow more than max_items MRs to be allocated.
@@ -349,13 +349,13 @@ static int rds_ib_map_fmr(struct rds_ib_device *rds_ibdev, struct rds_ib_mr *ibm
349 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]); 349 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]);
350 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]); 350 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]);
351 351
352 if (dma_addr & ~rds_ibdev->fmr_page_mask) { 352 if (dma_addr & ~PAGE_MASK) {
353 if (i > 0) 353 if (i > 0)
354 return -EINVAL; 354 return -EINVAL;
355 else 355 else
356 ++page_cnt; 356 ++page_cnt;
357 } 357 }
358 if ((dma_addr + dma_len) & ~rds_ibdev->fmr_page_mask) { 358 if ((dma_addr + dma_len) & ~PAGE_MASK) {
359 if (i < sg_dma_len - 1) 359 if (i < sg_dma_len - 1)
360 return -EINVAL; 360 return -EINVAL;
361 else 361 else
@@ -365,7 +365,7 @@ static int rds_ib_map_fmr(struct rds_ib_device *rds_ibdev, struct rds_ib_mr *ibm
365 len += dma_len; 365 len += dma_len;
366 } 366 }
367 367
368 page_cnt += len >> rds_ibdev->fmr_page_shift; 368 page_cnt += len >> PAGE_SHIFT;
369 if (page_cnt > fmr_message_size) 369 if (page_cnt > fmr_message_size)
370 return -EINVAL; 370 return -EINVAL;
371 371
@@ -378,9 +378,9 @@ static int rds_ib_map_fmr(struct rds_ib_device *rds_ibdev, struct rds_ib_mr *ibm
378 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]); 378 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]);
379 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]); 379 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]);
380 380
381 for (j = 0; j < dma_len; j += rds_ibdev->fmr_page_size) 381 for (j = 0; j < dma_len; j += PAGE_SIZE)
382 dma_pages[page_cnt++] = 382 dma_pages[page_cnt++] =
383 (dma_addr & rds_ibdev->fmr_page_mask) + j; 383 (dma_addr & PAGE_MASK) + j;
384 } 384 }
385 385
386 ret = ib_map_phys_fmr(ibmr->fmr, 386 ret = ib_map_phys_fmr(ibmr->fmr,
diff --git a/net/rds/ib_recv.c b/net/rds/ib_recv.c
index 5709bad28329..cd7a6cfcab03 100644
--- a/net/rds/ib_recv.c
+++ b/net/rds/ib_recv.c
@@ -555,6 +555,47 @@ u64 rds_ib_piggyb_ack(struct rds_ib_connection *ic)
555 return rds_ib_get_ack(ic); 555 return rds_ib_get_ack(ic);
556} 556}
557 557
558static struct rds_header *rds_ib_get_header(struct rds_connection *conn,
559 struct rds_ib_recv_work *recv,
560 u32 data_len)
561{
562 struct rds_ib_connection *ic = conn->c_transport_data;
563 void *hdr_buff = &ic->i_recv_hdrs[recv - ic->i_recvs];
564 void *addr;
565 u32 misplaced_hdr_bytes;
566
567 /*
568 * Support header at the front (RDS 3.1+) as well as header-at-end.
569 *
570 * Cases:
571 * 1) header all in header buff (great!)
572 * 2) header all in data page (copy all to header buff)
573 * 3) header split across hdr buf + data page
574 * (move bit in hdr buff to end before copying other bit from data page)
575 */
576 if (conn->c_version > RDS_PROTOCOL_3_0 || data_len == RDS_FRAG_SIZE)
577 return hdr_buff;
578
579 if (data_len <= (RDS_FRAG_SIZE - sizeof(struct rds_header))) {
580 addr = kmap_atomic(recv->r_frag->f_page, KM_SOFTIRQ0);
581 memcpy(hdr_buff,
582 addr + recv->r_frag->f_offset + data_len,
583 sizeof(struct rds_header));
584 kunmap_atomic(addr, KM_SOFTIRQ0);
585 return hdr_buff;
586 }
587
588 misplaced_hdr_bytes = (sizeof(struct rds_header) - (RDS_FRAG_SIZE - data_len));
589
590 memmove(hdr_buff + misplaced_hdr_bytes, hdr_buff, misplaced_hdr_bytes);
591
592 addr = kmap_atomic(recv->r_frag->f_page, KM_SOFTIRQ0);
593 memcpy(hdr_buff, addr + recv->r_frag->f_offset + data_len,
594 sizeof(struct rds_header) - misplaced_hdr_bytes);
595 kunmap_atomic(addr, KM_SOFTIRQ0);
596 return hdr_buff;
597}
598
558/* 599/*
559 * It's kind of lame that we're copying from the posted receive pages into 600 * It's kind of lame that we're copying from the posted receive pages into
560 * long-lived bitmaps. We could have posted the bitmaps and rdma written into 601 * long-lived bitmaps. We could have posted the bitmaps and rdma written into
@@ -645,7 +686,7 @@ struct rds_ib_ack_state {
645}; 686};
646 687
647static void rds_ib_process_recv(struct rds_connection *conn, 688static void rds_ib_process_recv(struct rds_connection *conn,
648 struct rds_ib_recv_work *recv, u32 byte_len, 689 struct rds_ib_recv_work *recv, u32 data_len,
649 struct rds_ib_ack_state *state) 690 struct rds_ib_ack_state *state)
650{ 691{
651 struct rds_ib_connection *ic = conn->c_transport_data; 692 struct rds_ib_connection *ic = conn->c_transport_data;
@@ -655,9 +696,9 @@ static void rds_ib_process_recv(struct rds_connection *conn,
655 /* XXX shut down the connection if port 0,0 are seen? */ 696 /* XXX shut down the connection if port 0,0 are seen? */
656 697
657 rdsdebug("ic %p ibinc %p recv %p byte len %u\n", ic, ibinc, recv, 698 rdsdebug("ic %p ibinc %p recv %p byte len %u\n", ic, ibinc, recv,
658 byte_len); 699 data_len);
659 700
660 if (byte_len < sizeof(struct rds_header)) { 701 if (data_len < sizeof(struct rds_header)) {
661 rds_ib_conn_error(conn, "incoming message " 702 rds_ib_conn_error(conn, "incoming message "
662 "from %pI4 didn't inclue a " 703 "from %pI4 didn't inclue a "
663 "header, disconnecting and " 704 "header, disconnecting and "
@@ -665,9 +706,9 @@ static void rds_ib_process_recv(struct rds_connection *conn,
665 &conn->c_faddr); 706 &conn->c_faddr);
666 return; 707 return;
667 } 708 }
668 byte_len -= sizeof(struct rds_header); 709 data_len -= sizeof(struct rds_header);
669 710
670 ihdr = &ic->i_recv_hdrs[recv - ic->i_recvs]; 711 ihdr = rds_ib_get_header(conn, recv, data_len);
671 712
672 /* Validate the checksum. */ 713 /* Validate the checksum. */
673 if (!rds_message_verify_checksum(ihdr)) { 714 if (!rds_message_verify_checksum(ihdr)) {
@@ -687,7 +728,7 @@ static void rds_ib_process_recv(struct rds_connection *conn,
687 if (ihdr->h_credit) 728 if (ihdr->h_credit)
688 rds_ib_send_add_credits(conn, ihdr->h_credit); 729 rds_ib_send_add_credits(conn, ihdr->h_credit);
689 730
690 if (ihdr->h_sport == 0 && ihdr->h_dport == 0 && byte_len == 0) { 731 if (ihdr->h_sport == 0 && ihdr->h_dport == 0 && data_len == 0) {
691 /* This is an ACK-only packet. The fact that it gets 732 /* This is an ACK-only packet. The fact that it gets
692 * special treatment here is that historically, ACKs 733 * special treatment here is that historically, ACKs
693 * were rather special beasts. 734 * were rather special beasts.
diff --git a/net/rds/ib_sysctl.c b/net/rds/ib_sysctl.c
index d87830db93a0..84b5ffcb280f 100644
--- a/net/rds/ib_sysctl.c
+++ b/net/rds/ib_sysctl.c
@@ -53,7 +53,17 @@ unsigned long rds_ib_sysctl_max_unsig_bytes = (16 << 20);
53static unsigned long rds_ib_sysctl_max_unsig_bytes_min = 1; 53static unsigned long rds_ib_sysctl_max_unsig_bytes_min = 1;
54static unsigned long rds_ib_sysctl_max_unsig_bytes_max = ~0UL; 54static unsigned long rds_ib_sysctl_max_unsig_bytes_max = ~0UL;
55 55
56unsigned int rds_ib_sysctl_flow_control = 1; 56/*
57 * This sysctl does nothing.
58 *
59 * Backwards compatibility with RDS 3.0 wire protocol
60 * disables initial FC credit exchange.
61 * If it's ever possible to drop 3.0 support,
62 * setting this to 1 and moving init/refill of send/recv
63 * rings from ib_cm_connect_complete() back into ib_setup_qp()
64 * will cause credits to be added before protocol negotiation.
65 */
66unsigned int rds_ib_sysctl_flow_control = 0;
57 67
58ctl_table rds_ib_sysctl_table[] = { 68ctl_table rds_ib_sysctl_table[] = {
59 { 69 {
diff --git a/net/rds/iw.c b/net/rds/iw.c
index d16e1cbc8e83..f5e9a29a80a7 100644
--- a/net/rds/iw.c
+++ b/net/rds/iw.c
@@ -83,23 +83,16 @@ void rds_iw_add_one(struct ib_device *device)
83 rds_iwdev->max_wrs = dev_attr->max_qp_wr; 83 rds_iwdev->max_wrs = dev_attr->max_qp_wr;
84 rds_iwdev->max_sge = min(dev_attr->max_sge, RDS_IW_MAX_SGE); 84 rds_iwdev->max_sge = min(dev_attr->max_sge, RDS_IW_MAX_SGE);
85 85
86 rds_iwdev->page_shift = max(PAGE_SHIFT, ffs(dev_attr->page_size_cap) - 1);
87
88 rds_iwdev->dev = device; 86 rds_iwdev->dev = device;
89 rds_iwdev->pd = ib_alloc_pd(device); 87 rds_iwdev->pd = ib_alloc_pd(device);
90 if (IS_ERR(rds_iwdev->pd)) 88 if (IS_ERR(rds_iwdev->pd))
91 goto free_dev; 89 goto free_dev;
92 90
93 if (!rds_iwdev->dma_local_lkey) { 91 if (!rds_iwdev->dma_local_lkey) {
94 if (device->node_type != RDMA_NODE_RNIC) { 92 rds_iwdev->mr = ib_get_dma_mr(rds_iwdev->pd,
95 rds_iwdev->mr = ib_get_dma_mr(rds_iwdev->pd, 93 IB_ACCESS_REMOTE_READ |
96 IB_ACCESS_LOCAL_WRITE); 94 IB_ACCESS_REMOTE_WRITE |
97 } else { 95 IB_ACCESS_LOCAL_WRITE);
98 rds_iwdev->mr = ib_get_dma_mr(rds_iwdev->pd,
99 IB_ACCESS_REMOTE_READ |
100 IB_ACCESS_REMOTE_WRITE |
101 IB_ACCESS_LOCAL_WRITE);
102 }
103 if (IS_ERR(rds_iwdev->mr)) 96 if (IS_ERR(rds_iwdev->mr))
104 goto err_pd; 97 goto err_pd;
105 } else 98 } else
diff --git a/net/rds/iw.h b/net/rds/iw.h
index 0715dde323e7..dd72b62bd506 100644
--- a/net/rds/iw.h
+++ b/net/rds/iw.h
@@ -181,7 +181,6 @@ struct rds_iw_device {
181 struct ib_pd *pd; 181 struct ib_pd *pd;
182 struct ib_mr *mr; 182 struct ib_mr *mr;
183 struct rds_iw_mr_pool *mr_pool; 183 struct rds_iw_mr_pool *mr_pool;
184 int page_shift;
185 int max_sge; 184 int max_sge;
186 unsigned int max_wrs; 185 unsigned int max_wrs;
187 unsigned int dma_local_lkey:1; 186 unsigned int dma_local_lkey:1;
diff --git a/net/rds/iw_rdma.c b/net/rds/iw_rdma.c
index dcdb37da80f2..de4a1b16bf7b 100644
--- a/net/rds/iw_rdma.c
+++ b/net/rds/iw_rdma.c
@@ -263,18 +263,12 @@ static void rds_iw_set_scatterlist(struct rds_iw_scatterlist *sg,
263} 263}
264 264
265static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev, 265static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev,
266 struct rds_iw_scatterlist *sg, 266 struct rds_iw_scatterlist *sg)
267 unsigned int dma_page_shift)
268{ 267{
269 struct ib_device *dev = rds_iwdev->dev; 268 struct ib_device *dev = rds_iwdev->dev;
270 u64 *dma_pages = NULL; 269 u64 *dma_pages = NULL;
271 u64 dma_mask;
272 unsigned int dma_page_size;
273 int i, j, ret; 270 int i, j, ret;
274 271
275 dma_page_size = 1 << dma_page_shift;
276 dma_mask = dma_page_size - 1;
277
278 WARN_ON(sg->dma_len); 272 WARN_ON(sg->dma_len);
279 273
280 sg->dma_len = ib_dma_map_sg(dev, sg->list, sg->len, DMA_BIDIRECTIONAL); 274 sg->dma_len = ib_dma_map_sg(dev, sg->list, sg->len, DMA_BIDIRECTIONAL);
@@ -295,18 +289,18 @@ static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev,
295 sg->bytes += dma_len; 289 sg->bytes += dma_len;
296 290
297 end_addr = dma_addr + dma_len; 291 end_addr = dma_addr + dma_len;
298 if (dma_addr & dma_mask) { 292 if (dma_addr & PAGE_MASK) {
299 if (i > 0) 293 if (i > 0)
300 goto out_unmap; 294 goto out_unmap;
301 dma_addr &= ~dma_mask; 295 dma_addr &= ~PAGE_MASK;
302 } 296 }
303 if (end_addr & dma_mask) { 297 if (end_addr & PAGE_MASK) {
304 if (i < sg->dma_len - 1) 298 if (i < sg->dma_len - 1)
305 goto out_unmap; 299 goto out_unmap;
306 end_addr = (end_addr + dma_mask) & ~dma_mask; 300 end_addr = (end_addr + PAGE_MASK) & ~PAGE_MASK;
307 } 301 }
308 302
309 sg->dma_npages += (end_addr - dma_addr) >> dma_page_shift; 303 sg->dma_npages += (end_addr - dma_addr) >> PAGE_SHIFT;
310 } 304 }
311 305
312 /* Now gather the dma addrs into one list */ 306 /* Now gather the dma addrs into one list */
@@ -325,8 +319,8 @@ static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev,
325 u64 end_addr; 319 u64 end_addr;
326 320
327 end_addr = dma_addr + dma_len; 321 end_addr = dma_addr + dma_len;
328 dma_addr &= ~dma_mask; 322 dma_addr &= ~PAGE_MASK;
329 for (; dma_addr < end_addr; dma_addr += dma_page_size) 323 for (; dma_addr < end_addr; dma_addr += PAGE_SIZE)
330 dma_pages[j++] = dma_addr; 324 dma_pages[j++] = dma_addr;
331 BUG_ON(j > sg->dma_npages); 325 BUG_ON(j > sg->dma_npages);
332 } 326 }
@@ -727,7 +721,7 @@ static int rds_iw_rdma_build_fastreg(struct rds_iw_mapping *mapping)
727 f_wr.wr.fast_reg.rkey = mapping->m_rkey; 721 f_wr.wr.fast_reg.rkey = mapping->m_rkey;
728 f_wr.wr.fast_reg.page_list = ibmr->page_list; 722 f_wr.wr.fast_reg.page_list = ibmr->page_list;
729 f_wr.wr.fast_reg.page_list_len = mapping->m_sg.dma_len; 723 f_wr.wr.fast_reg.page_list_len = mapping->m_sg.dma_len;
730 f_wr.wr.fast_reg.page_shift = ibmr->device->page_shift; 724 f_wr.wr.fast_reg.page_shift = PAGE_SHIFT;
731 f_wr.wr.fast_reg.access_flags = IB_ACCESS_LOCAL_WRITE | 725 f_wr.wr.fast_reg.access_flags = IB_ACCESS_LOCAL_WRITE |
732 IB_ACCESS_REMOTE_READ | 726 IB_ACCESS_REMOTE_READ |
733 IB_ACCESS_REMOTE_WRITE; 727 IB_ACCESS_REMOTE_WRITE;
@@ -780,9 +774,7 @@ static int rds_iw_map_fastreg(struct rds_iw_mr_pool *pool,
780 774
781 rds_iw_set_scatterlist(&mapping->m_sg, sg, sg_len); 775 rds_iw_set_scatterlist(&mapping->m_sg, sg, sg_len);
782 776
783 dma_pages = rds_iw_map_scatterlist(rds_iwdev, 777 dma_pages = rds_iw_map_scatterlist(rds_iwdev, &mapping->m_sg);
784 &mapping->m_sg,
785 rds_iwdev->page_shift);
786 if (IS_ERR(dma_pages)) { 778 if (IS_ERR(dma_pages)) {
787 ret = PTR_ERR(dma_pages); 779 ret = PTR_ERR(dma_pages);
788 dma_pages = NULL; 780 dma_pages = NULL;
diff --git a/net/rds/iw_send.c b/net/rds/iw_send.c
index 44a6a0551f28..1f5abe3cf2b4 100644
--- a/net/rds/iw_send.c
+++ b/net/rds/iw_send.c
@@ -779,7 +779,7 @@ static void rds_iw_build_send_fastreg(struct rds_iw_device *rds_iwdev, struct rd
779 send->s_wr.wr.fast_reg.rkey = send->s_mr->rkey; 779 send->s_wr.wr.fast_reg.rkey = send->s_mr->rkey;
780 send->s_wr.wr.fast_reg.page_list = send->s_page_list; 780 send->s_wr.wr.fast_reg.page_list = send->s_page_list;
781 send->s_wr.wr.fast_reg.page_list_len = nent; 781 send->s_wr.wr.fast_reg.page_list_len = nent;
782 send->s_wr.wr.fast_reg.page_shift = rds_iwdev->page_shift; 782 send->s_wr.wr.fast_reg.page_shift = PAGE_SHIFT;
783 send->s_wr.wr.fast_reg.access_flags = IB_ACCESS_REMOTE_WRITE; 783 send->s_wr.wr.fast_reg.access_flags = IB_ACCESS_REMOTE_WRITE;
784 send->s_wr.wr.fast_reg.iova_start = sg_addr; 784 send->s_wr.wr.fast_reg.iova_start = sg_addr;
785 785
diff --git a/net/rds/rdma_transport.c b/net/rds/rdma_transport.c
index 7d0f901c93d5..981a5e6ea5bc 100644
--- a/net/rds/rdma_transport.c
+++ b/net/rds/rdma_transport.c
@@ -101,7 +101,7 @@ int rds_rdma_cm_event_handler(struct rdma_cm_id *cm_id,
101 break; 101 break;
102 102
103 case RDMA_CM_EVENT_DISCONNECTED: 103 case RDMA_CM_EVENT_DISCONNECTED:
104 printk(KERN_WARNING "RDS/IW: DISCONNECT event - dropping connection " 104 printk(KERN_WARNING "RDS/RDMA: DISCONNECT event - dropping connection "
105 "%pI4->%pI4\n", &conn->c_laddr, 105 "%pI4->%pI4\n", &conn->c_laddr,
106 &conn->c_faddr); 106 &conn->c_faddr);
107 rds_conn_drop(conn); 107 rds_conn_drop(conn);
@@ -132,7 +132,7 @@ static int __init rds_rdma_listen_init(void)
132 cm_id = rdma_create_id(rds_rdma_cm_event_handler, NULL, RDMA_PS_TCP); 132 cm_id = rdma_create_id(rds_rdma_cm_event_handler, NULL, RDMA_PS_TCP);
133 if (IS_ERR(cm_id)) { 133 if (IS_ERR(cm_id)) {
134 ret = PTR_ERR(cm_id); 134 ret = PTR_ERR(cm_id);
135 printk(KERN_ERR "RDS/IW: failed to setup listener, " 135 printk(KERN_ERR "RDS/RDMA: failed to setup listener, "
136 "rdma_create_id() returned %d\n", ret); 136 "rdma_create_id() returned %d\n", ret);
137 goto out; 137 goto out;
138 } 138 }
@@ -147,14 +147,14 @@ static int __init rds_rdma_listen_init(void)
147 */ 147 */
148 ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin); 148 ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin);
149 if (ret) { 149 if (ret) {
150 printk(KERN_ERR "RDS/IW: failed to setup listener, " 150 printk(KERN_ERR "RDS/RDMA: failed to setup listener, "
151 "rdma_bind_addr() returned %d\n", ret); 151 "rdma_bind_addr() returned %d\n", ret);
152 goto out; 152 goto out;
153 } 153 }
154 154
155 ret = rdma_listen(cm_id, 128); 155 ret = rdma_listen(cm_id, 128);
156 if (ret) { 156 if (ret) {
157 printk(KERN_ERR "RDS/IW: failed to setup listener, " 157 printk(KERN_ERR "RDS/RDMA: failed to setup listener, "
158 "rdma_listen() returned %d\n", ret); 158 "rdma_listen() returned %d\n", ret);
159 goto out; 159 goto out;
160 } 160 }
diff --git a/net/rds/recv.c b/net/rds/recv.c
index f2118c51cfa3..86bc1a06ebbd 100644
--- a/net/rds/recv.c
+++ b/net/rds/recv.c
@@ -409,18 +409,18 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
409 if (msg_flags & MSG_OOB) 409 if (msg_flags & MSG_OOB)
410 goto out; 410 goto out;
411 411
412 /* If there are pending notifications, do those - and nothing else */ 412 while (1) {
413 if (!list_empty(&rs->rs_notify_queue)) { 413 /* If there are pending notifications, do those - and nothing else */
414 ret = rds_notify_queue_get(rs, msg); 414 if (!list_empty(&rs->rs_notify_queue)) {
415 goto out; 415 ret = rds_notify_queue_get(rs, msg);
416 } 416 break;
417 }
417 418
418 if (rs->rs_cong_notify) { 419 if (rs->rs_cong_notify) {
419 ret = rds_notify_cong(rs, msg); 420 ret = rds_notify_cong(rs, msg);
420 goto out; 421 break;
421 } 422 }
422 423
423 while (1) {
424 if (!rds_next_incoming(rs, &inc)) { 424 if (!rds_next_incoming(rs, &inc)) {
425 if (nonblock) { 425 if (nonblock) {
426 ret = -EAGAIN; 426 ret = -EAGAIN;
@@ -428,7 +428,9 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
428 } 428 }
429 429
430 timeo = wait_event_interruptible_timeout(*sk->sk_sleep, 430 timeo = wait_event_interruptible_timeout(*sk->sk_sleep,
431 rds_next_incoming(rs, &inc), 431 (!list_empty(&rs->rs_notify_queue)
432 || rs->rs_cong_notify
433 || rds_next_incoming(rs, &inc)),
432 timeo); 434 timeo);
433 rdsdebug("recvmsg woke inc %p timeo %ld\n", inc, 435 rdsdebug("recvmsg woke inc %p timeo %ld\n", inc,
434 timeo); 436 timeo);
diff --git a/net/rfkill/core.c b/net/rfkill/core.c
index 2fc4a1724eb8..044de1c6af3d 100644
--- a/net/rfkill/core.c
+++ b/net/rfkill/core.c
@@ -1091,10 +1091,16 @@ static ssize_t rfkill_fop_write(struct file *file, const char __user *buf,
1091 struct rfkill_event ev; 1091 struct rfkill_event ev;
1092 1092
1093 /* we don't need the 'hard' variable but accept it */ 1093 /* we don't need the 'hard' variable but accept it */
1094 if (count < sizeof(ev) - 1) 1094 if (count < RFKILL_EVENT_SIZE_V1 - 1)
1095 return -EINVAL; 1095 return -EINVAL;
1096 1096
1097 if (copy_from_user(&ev, buf, sizeof(ev) - 1)) 1097 /*
1098 * Copy as much data as we can accept into our 'ev' buffer,
1099 * but tell userspace how much we've copied so it can determine
1100 * our API version even in a write() call, if it cares.
1101 */
1102 count = min(count, sizeof(ev));
1103 if (copy_from_user(&ev, buf, count))
1098 return -EFAULT; 1104 return -EFAULT;
1099 1105
1100 if (ev.op != RFKILL_OP_CHANGE && ev.op != RFKILL_OP_CHANGE_ALL) 1106 if (ev.op != RFKILL_OP_CHANGE && ev.op != RFKILL_OP_CHANGE_ALL)
diff --git a/net/rose/rose_dev.c b/net/rose/rose_dev.c
index 389d6e0d7740..c711e2edf5ce 100644
--- a/net/rose/rose_dev.c
+++ b/net/rose/rose_dev.c
@@ -141,7 +141,7 @@ static int rose_xmit(struct sk_buff *skb, struct net_device *dev)
141 } 141 }
142 dev_kfree_skb(skb); 142 dev_kfree_skb(skb);
143 stats->tx_errors++; 143 stats->tx_errors++;
144 return 0; 144 return NETDEV_TX_OK;
145} 145}
146 146
147static const struct header_ops rose_header_ops = { 147static const struct header_ops rose_header_ops = {
diff --git a/net/sched/sch_teql.c b/net/sched/sch_teql.c
index 9c002b6e0533..12434b6c2042 100644
--- a/net/sched/sch_teql.c
+++ b/net/sched/sch_teql.c
@@ -314,7 +314,7 @@ restart:
314 netif_wake_queue(dev); 314 netif_wake_queue(dev);
315 txq->tx_packets++; 315 txq->tx_packets++;
316 txq->tx_bytes += length; 316 txq->tx_bytes += length;
317 return 0; 317 return NETDEV_TX_OK;
318 } 318 }
319 __netif_tx_unlock(slave_txq); 319 __netif_tx_unlock(slave_txq);
320 } 320 }
@@ -323,7 +323,7 @@ restart:
323 break; 323 break;
324 case 1: 324 case 1:
325 master->slaves = NEXT_SLAVE(q); 325 master->slaves = NEXT_SLAVE(q);
326 return 0; 326 return NETDEV_TX_OK;
327 default: 327 default:
328 nores = 1; 328 nores = 1;
329 break; 329 break;
@@ -345,7 +345,7 @@ restart:
345drop: 345drop:
346 txq->tx_dropped++; 346 txq->tx_dropped++;
347 dev_kfree_skb(skb); 347 dev_kfree_skb(skb);
348 return 0; 348 return NETDEV_TX_OK;
349} 349}
350 350
351static int teql_master_open(struct net_device *dev) 351static int teql_master_open(struct net_device *dev)
diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c
index 3c57005e44d1..7bda8e3d1398 100644
--- a/net/tipc/netlink.c
+++ b/net/tipc/netlink.c
@@ -62,7 +62,7 @@ static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
62 rep_nlh = nlmsg_hdr(rep_buf); 62 rep_nlh = nlmsg_hdr(rep_buf);
63 memcpy(rep_nlh, req_nlh, hdr_space); 63 memcpy(rep_nlh, req_nlh, hdr_space);
64 rep_nlh->nlmsg_len = rep_buf->len; 64 rep_nlh->nlmsg_len = rep_buf->len;
65 genlmsg_unicast(rep_buf, NETLINK_CB(skb).pid); 65 genlmsg_unicast(&init_net, rep_buf, NETLINK_CB(skb).pid);
66 } 66 }
67 67
68 return 0; 68 return 0;
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 1848693ebb82..e8254e809b79 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -1748,6 +1748,12 @@ static int getsockopt(struct socket *sock,
1748 value = jiffies_to_msecs(sk->sk_rcvtimeo); 1748 value = jiffies_to_msecs(sk->sk_rcvtimeo);
1749 /* no need to set "res", since already 0 at this point */ 1749 /* no need to set "res", since already 0 at this point */
1750 break; 1750 break;
1751 case TIPC_NODE_RECVQ_DEPTH:
1752 value = (u32)atomic_read(&tipc_queue_size);
1753 break;
1754 case TIPC_SOCK_RECVQ_DEPTH:
1755 value = skb_queue_len(&sk->sk_receive_queue);
1756 break;
1751 default: 1757 default:
1752 res = -EINVAL; 1758 res = -EINVAL;
1753 } 1759 }
diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig
index 4428dd5e911d..c6031d5b135f 100644
--- a/net/wireless/Kconfig
+++ b/net/wireless/Kconfig
@@ -2,6 +2,21 @@ config CFG80211
2 tristate "Improved wireless configuration API" 2 tristate "Improved wireless configuration API"
3 depends on RFKILL || !RFKILL 3 depends on RFKILL || !RFKILL
4 4
5config NL80211_TESTMODE
6 bool "nl80211 testmode command"
7 depends on CFG80211
8 help
9 The nl80211 testmode command helps implementing things like
10 factory calibration or validation tools for wireless chips.
11
12 Select this option ONLY for kernels that are specifically
13 built for such purposes.
14
15 Debugging tools that are supposed to end up in the hands of
16 users should better be implemented with debugfs.
17
18 Say N.
19
5config CFG80211_REG_DEBUG 20config CFG80211_REG_DEBUG
6 bool "cfg80211 regulatory debugging" 21 bool "cfg80211 regulatory debugging"
7 depends on CFG80211 22 depends on CFG80211
@@ -11,6 +26,22 @@ config CFG80211_REG_DEBUG
11 26
12 If unsure, say N. 27 If unsure, say N.
13 28
29config CFG80211_DEFAULT_PS
30 bool "enable powersave by default"
31 depends on CFG80211
32 default y
33 help
34 This option enables powersave mode by default.
35
36 If this causes your applications to misbehave you should fix your
37 applications instead -- they need to register their network
38 latency requirement, see Documentation/power/pm_qos_interface.txt.
39
40config CFG80211_DEFAULT_PS_VALUE
41 int
42 default 1 if CFG80211_DEFAULT_PS
43 default 0
44
14config CFG80211_DEBUGFS 45config CFG80211_DEBUGFS
15 bool "cfg80211 DebugFS entries" 46 bool "cfg80211 DebugFS entries"
16 depends on CFG80211 && DEBUG_FS 47 depends on CFG80211 && DEBUG_FS
@@ -35,19 +66,13 @@ config WIRELESS_OLD_REGULATORY
35 66
36config WIRELESS_EXT 67config WIRELESS_EXT
37 bool "Wireless extensions" 68 bool "Wireless extensions"
38 default n 69 default y
39 ---help--- 70 ---help---
40 This option enables the legacy wireless extensions 71 This option enables the legacy wireless extensions
41 (wireless network interface configuration via ioctls.) 72 (wireless network interface configuration via ioctls.)
42 73
43 Wireless extensions will be replaced by cfg80211 and 74 Say Y unless you've upgraded all your userspace to use
44 will be required only by legacy drivers that implement 75 nl80211 instead of wireless extensions.
45 wireless extension handlers. This option does not
46 affect the wireless-extension backward compatibility
47 code in cfg80211.
48
49 Say N (if you can) unless you know you need wireless
50 extensions for external modules.
51 76
52config WIRELESS_EXT_SYSFS 77config WIRELESS_EXT_SYSFS
53 bool "Wireless extensions sysfs files" 78 bool "Wireless extensions sysfs files"
diff --git a/net/wireless/Makefile b/net/wireless/Makefile
index f78c4832a9ca..d74cc77fa57a 100644
--- a/net/wireless/Makefile
+++ b/net/wireless/Makefile
@@ -5,8 +5,8 @@ obj-$(CONFIG_LIB80211_CRYPT_WEP) += lib80211_crypt_wep.o
5obj-$(CONFIG_LIB80211_CRYPT_CCMP) += lib80211_crypt_ccmp.o 5obj-$(CONFIG_LIB80211_CRYPT_CCMP) += lib80211_crypt_ccmp.o
6obj-$(CONFIG_LIB80211_CRYPT_TKIP) += lib80211_crypt_tkip.o 6obj-$(CONFIG_LIB80211_CRYPT_TKIP) += lib80211_crypt_tkip.o
7 7
8cfg80211-y += core.o sysfs.o radiotap.o util.o reg.o scan.o nl80211.o mlme.o ibss.o 8cfg80211-y += core.o sysfs.o radiotap.o util.o reg.o scan.o nl80211.o mlme.o ibss.o sme.o
9cfg80211-$(CONFIG_CFG80211_DEBUGFS) += debugfs.o 9cfg80211-$(CONFIG_CFG80211_DEBUGFS) += debugfs.o
10cfg80211-$(CONFIG_WIRELESS_EXT) += wext-compat.o 10cfg80211-$(CONFIG_WIRELESS_EXT) += wext-compat.o wext-sme.o
11 11
12ccflags-y += -D__CHECK_ENDIAN__ 12ccflags-y += -D__CHECK_ENDIAN__
diff --git a/net/wireless/core.c b/net/wireless/core.c
index d5850292b3df..6891cd0e38d5 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -30,10 +30,10 @@ MODULE_DESCRIPTION("wireless configuration support");
30/* RCU might be appropriate here since we usually 30/* RCU might be appropriate here since we usually
31 * only read the list, and that can happen quite 31 * only read the list, and that can happen quite
32 * often because we need to do it for each command */ 32 * often because we need to do it for each command */
33LIST_HEAD(cfg80211_drv_list); 33LIST_HEAD(cfg80211_rdev_list);
34 34
35/* 35/*
36 * This is used to protect the cfg80211_drv_list, cfg80211_regdomain, 36 * This is used to protect the cfg80211_rdev_list, cfg80211_regdomain,
37 * country_ie_regdomain, the reg_beacon_list and the the last regulatory 37 * country_ie_regdomain, the reg_beacon_list and the the last regulatory
38 * request receipt (last_request). 38 * request receipt (last_request).
39 */ 39 */
@@ -43,18 +43,18 @@ DEFINE_MUTEX(cfg80211_mutex);
43static struct dentry *ieee80211_debugfs_dir; 43static struct dentry *ieee80211_debugfs_dir;
44 44
45/* requires cfg80211_mutex to be held! */ 45/* requires cfg80211_mutex to be held! */
46struct cfg80211_registered_device *cfg80211_drv_by_wiphy_idx(int wiphy_idx) 46struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx)
47{ 47{
48 struct cfg80211_registered_device *result = NULL, *drv; 48 struct cfg80211_registered_device *result = NULL, *rdev;
49 49
50 if (!wiphy_idx_valid(wiphy_idx)) 50 if (!wiphy_idx_valid(wiphy_idx))
51 return NULL; 51 return NULL;
52 52
53 assert_cfg80211_lock(); 53 assert_cfg80211_lock();
54 54
55 list_for_each_entry(drv, &cfg80211_drv_list, list) { 55 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
56 if (drv->wiphy_idx == wiphy_idx) { 56 if (rdev->wiphy_idx == wiphy_idx) {
57 result = drv; 57 result = rdev;
58 break; 58 break;
59 } 59 }
60 } 60 }
@@ -64,32 +64,32 @@ struct cfg80211_registered_device *cfg80211_drv_by_wiphy_idx(int wiphy_idx)
64 64
65int get_wiphy_idx(struct wiphy *wiphy) 65int get_wiphy_idx(struct wiphy *wiphy)
66{ 66{
67 struct cfg80211_registered_device *drv; 67 struct cfg80211_registered_device *rdev;
68 if (!wiphy) 68 if (!wiphy)
69 return WIPHY_IDX_STALE; 69 return WIPHY_IDX_STALE;
70 drv = wiphy_to_dev(wiphy); 70 rdev = wiphy_to_dev(wiphy);
71 return drv->wiphy_idx; 71 return rdev->wiphy_idx;
72} 72}
73 73
74/* requires cfg80211_drv_mutex to be held! */ 74/* requires cfg80211_rdev_mutex to be held! */
75struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx) 75struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx)
76{ 76{
77 struct cfg80211_registered_device *drv; 77 struct cfg80211_registered_device *rdev;
78 78
79 if (!wiphy_idx_valid(wiphy_idx)) 79 if (!wiphy_idx_valid(wiphy_idx))
80 return NULL; 80 return NULL;
81 81
82 assert_cfg80211_lock(); 82 assert_cfg80211_lock();
83 83
84 drv = cfg80211_drv_by_wiphy_idx(wiphy_idx); 84 rdev = cfg80211_rdev_by_wiphy_idx(wiphy_idx);
85 if (!drv) 85 if (!rdev)
86 return NULL; 86 return NULL;
87 return &drv->wiphy; 87 return &rdev->wiphy;
88} 88}
89 89
90/* requires cfg80211_mutex to be held! */ 90/* requires cfg80211_mutex to be held! */
91struct cfg80211_registered_device * 91struct cfg80211_registered_device *
92__cfg80211_drv_from_info(struct genl_info *info) 92__cfg80211_rdev_from_info(struct genl_info *info)
93{ 93{
94 int ifindex; 94 int ifindex;
95 struct cfg80211_registered_device *bywiphyidx = NULL, *byifidx = NULL; 95 struct cfg80211_registered_device *bywiphyidx = NULL, *byifidx = NULL;
@@ -99,7 +99,7 @@ __cfg80211_drv_from_info(struct genl_info *info)
99 assert_cfg80211_lock(); 99 assert_cfg80211_lock();
100 100
101 if (info->attrs[NL80211_ATTR_WIPHY]) { 101 if (info->attrs[NL80211_ATTR_WIPHY]) {
102 bywiphyidx = cfg80211_drv_by_wiphy_idx( 102 bywiphyidx = cfg80211_rdev_by_wiphy_idx(
103 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY])); 103 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY]));
104 err = -ENODEV; 104 err = -ENODEV;
105 } 105 }
@@ -134,26 +134,26 @@ __cfg80211_drv_from_info(struct genl_info *info)
134struct cfg80211_registered_device * 134struct cfg80211_registered_device *
135cfg80211_get_dev_from_info(struct genl_info *info) 135cfg80211_get_dev_from_info(struct genl_info *info)
136{ 136{
137 struct cfg80211_registered_device *drv; 137 struct cfg80211_registered_device *rdev;
138 138
139 mutex_lock(&cfg80211_mutex); 139 mutex_lock(&cfg80211_mutex);
140 drv = __cfg80211_drv_from_info(info); 140 rdev = __cfg80211_rdev_from_info(info);
141 141
142 /* if it is not an error we grab the lock on 142 /* if it is not an error we grab the lock on
143 * it to assure it won't be going away while 143 * it to assure it won't be going away while
144 * we operate on it */ 144 * we operate on it */
145 if (!IS_ERR(drv)) 145 if (!IS_ERR(rdev))
146 mutex_lock(&drv->mtx); 146 mutex_lock(&rdev->mtx);
147 147
148 mutex_unlock(&cfg80211_mutex); 148 mutex_unlock(&cfg80211_mutex);
149 149
150 return drv; 150 return rdev;
151} 151}
152 152
153struct cfg80211_registered_device * 153struct cfg80211_registered_device *
154cfg80211_get_dev_from_ifindex(int ifindex) 154cfg80211_get_dev_from_ifindex(int ifindex)
155{ 155{
156 struct cfg80211_registered_device *drv = ERR_PTR(-ENODEV); 156 struct cfg80211_registered_device *rdev = ERR_PTR(-ENODEV);
157 struct net_device *dev; 157 struct net_device *dev;
158 158
159 mutex_lock(&cfg80211_mutex); 159 mutex_lock(&cfg80211_mutex);
@@ -161,27 +161,21 @@ cfg80211_get_dev_from_ifindex(int ifindex)
161 if (!dev) 161 if (!dev)
162 goto out; 162 goto out;
163 if (dev->ieee80211_ptr) { 163 if (dev->ieee80211_ptr) {
164 drv = wiphy_to_dev(dev->ieee80211_ptr->wiphy); 164 rdev = wiphy_to_dev(dev->ieee80211_ptr->wiphy);
165 mutex_lock(&drv->mtx); 165 mutex_lock(&rdev->mtx);
166 } else 166 } else
167 drv = ERR_PTR(-ENODEV); 167 rdev = ERR_PTR(-ENODEV);
168 dev_put(dev); 168 dev_put(dev);
169 out: 169 out:
170 mutex_unlock(&cfg80211_mutex); 170 mutex_unlock(&cfg80211_mutex);
171 return drv; 171 return rdev;
172}
173
174void cfg80211_put_dev(struct cfg80211_registered_device *drv)
175{
176 BUG_ON(IS_ERR(drv));
177 mutex_unlock(&drv->mtx);
178} 172}
179 173
180/* requires cfg80211_mutex to be held */ 174/* requires cfg80211_mutex to be held */
181int cfg80211_dev_rename(struct cfg80211_registered_device *rdev, 175int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
182 char *newname) 176 char *newname)
183{ 177{
184 struct cfg80211_registered_device *drv; 178 struct cfg80211_registered_device *rdev2;
185 int wiphy_idx, taken = -1, result, digits; 179 int wiphy_idx, taken = -1, result, digits;
186 180
187 assert_cfg80211_lock(); 181 assert_cfg80211_lock();
@@ -207,8 +201,8 @@ int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
207 return 0; 201 return 0;
208 202
209 /* Ensure another device does not already have this name. */ 203 /* Ensure another device does not already have this name. */
210 list_for_each_entry(drv, &cfg80211_drv_list, list) 204 list_for_each_entry(rdev2, &cfg80211_rdev_list, list)
211 if (strcmp(newname, dev_name(&drv->wiphy.dev)) == 0) 205 if (strcmp(newname, dev_name(&rdev2->wiphy.dev)) == 0)
212 return -EINVAL; 206 return -EINVAL;
213 207
214 result = device_rename(&rdev->wiphy.dev, newname); 208 result = device_rename(&rdev->wiphy.dev, newname);
@@ -230,26 +224,26 @@ int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
230 224
231static void cfg80211_rfkill_poll(struct rfkill *rfkill, void *data) 225static void cfg80211_rfkill_poll(struct rfkill *rfkill, void *data)
232{ 226{
233 struct cfg80211_registered_device *drv = data; 227 struct cfg80211_registered_device *rdev = data;
234 228
235 drv->ops->rfkill_poll(&drv->wiphy); 229 rdev->ops->rfkill_poll(&rdev->wiphy);
236} 230}
237 231
238static int cfg80211_rfkill_set_block(void *data, bool blocked) 232static int cfg80211_rfkill_set_block(void *data, bool blocked)
239{ 233{
240 struct cfg80211_registered_device *drv = data; 234 struct cfg80211_registered_device *rdev = data;
241 struct wireless_dev *wdev; 235 struct wireless_dev *wdev;
242 236
243 if (!blocked) 237 if (!blocked)
244 return 0; 238 return 0;
245 239
246 rtnl_lock(); 240 rtnl_lock();
247 mutex_lock(&drv->devlist_mtx); 241 mutex_lock(&rdev->devlist_mtx);
248 242
249 list_for_each_entry(wdev, &drv->netdev_list, list) 243 list_for_each_entry(wdev, &rdev->netdev_list, list)
250 dev_close(wdev->netdev); 244 dev_close(wdev->netdev);
251 245
252 mutex_unlock(&drv->devlist_mtx); 246 mutex_unlock(&rdev->devlist_mtx);
253 rtnl_unlock(); 247 rtnl_unlock();
254 248
255 return 0; 249 return 0;
@@ -257,10 +251,75 @@ static int cfg80211_rfkill_set_block(void *data, bool blocked)
257 251
258static void cfg80211_rfkill_sync_work(struct work_struct *work) 252static void cfg80211_rfkill_sync_work(struct work_struct *work)
259{ 253{
260 struct cfg80211_registered_device *drv; 254 struct cfg80211_registered_device *rdev;
261 255
262 drv = container_of(work, struct cfg80211_registered_device, rfkill_sync); 256 rdev = container_of(work, struct cfg80211_registered_device, rfkill_sync);
263 cfg80211_rfkill_set_block(drv, rfkill_blocked(drv->rfkill)); 257 cfg80211_rfkill_set_block(rdev, rfkill_blocked(rdev->rfkill));
258}
259
260static void cfg80211_process_events(struct wireless_dev *wdev)
261{
262 struct cfg80211_event *ev;
263 unsigned long flags;
264
265 spin_lock_irqsave(&wdev->event_lock, flags);
266 while (!list_empty(&wdev->event_list)) {
267 ev = list_first_entry(&wdev->event_list,
268 struct cfg80211_event, list);
269 list_del(&ev->list);
270 spin_unlock_irqrestore(&wdev->event_lock, flags);
271
272 wdev_lock(wdev);
273 switch (ev->type) {
274 case EVENT_CONNECT_RESULT:
275 __cfg80211_connect_result(
276 wdev->netdev, ev->cr.bssid,
277 ev->cr.req_ie, ev->cr.req_ie_len,
278 ev->cr.resp_ie, ev->cr.resp_ie_len,
279 ev->cr.status,
280 ev->cr.status == WLAN_STATUS_SUCCESS);
281 break;
282 case EVENT_ROAMED:
283 __cfg80211_roamed(wdev, ev->rm.bssid,
284 ev->rm.req_ie, ev->rm.req_ie_len,
285 ev->rm.resp_ie, ev->rm.resp_ie_len);
286 break;
287 case EVENT_DISCONNECTED:
288 __cfg80211_disconnected(wdev->netdev,
289 ev->dc.ie, ev->dc.ie_len,
290 ev->dc.reason, true);
291 break;
292 case EVENT_IBSS_JOINED:
293 __cfg80211_ibss_joined(wdev->netdev, ev->ij.bssid);
294 break;
295 }
296 wdev_unlock(wdev);
297
298 kfree(ev);
299
300 spin_lock_irqsave(&wdev->event_lock, flags);
301 }
302 spin_unlock_irqrestore(&wdev->event_lock, flags);
303}
304
305static void cfg80211_event_work(struct work_struct *work)
306{
307 struct cfg80211_registered_device *rdev;
308 struct wireless_dev *wdev;
309
310 rdev = container_of(work, struct cfg80211_registered_device,
311 event_work);
312
313 rtnl_lock();
314 cfg80211_lock_rdev(rdev);
315 mutex_lock(&rdev->devlist_mtx);
316
317 list_for_each_entry(wdev, &rdev->netdev_list, list)
318 cfg80211_process_events(wdev);
319
320 mutex_unlock(&rdev->devlist_mtx);
321 cfg80211_unlock_rdev(rdev);
322 rtnl_unlock();
264} 323}
265 324
266/* exported functions */ 325/* exported functions */
@@ -269,76 +328,84 @@ struct wiphy *wiphy_new(const struct cfg80211_ops *ops, int sizeof_priv)
269{ 328{
270 static int wiphy_counter; 329 static int wiphy_counter;
271 330
272 struct cfg80211_registered_device *drv; 331 struct cfg80211_registered_device *rdev;
273 int alloc_size; 332 int alloc_size;
274 333
275 WARN_ON(!ops->add_key && ops->del_key); 334 WARN_ON(ops->add_key && (!ops->del_key || !ops->set_default_key));
276 WARN_ON(ops->add_key && !ops->del_key); 335 WARN_ON(ops->auth && (!ops->assoc || !ops->deauth || !ops->disassoc));
336 WARN_ON(ops->connect && !ops->disconnect);
337 WARN_ON(ops->join_ibss && !ops->leave_ibss);
338 WARN_ON(ops->add_virtual_intf && !ops->del_virtual_intf);
339 WARN_ON(ops->add_station && !ops->del_station);
340 WARN_ON(ops->add_mpath && !ops->del_mpath);
277 341
278 alloc_size = sizeof(*drv) + sizeof_priv; 342 alloc_size = sizeof(*rdev) + sizeof_priv;
279 343
280 drv = kzalloc(alloc_size, GFP_KERNEL); 344 rdev = kzalloc(alloc_size, GFP_KERNEL);
281 if (!drv) 345 if (!rdev)
282 return NULL; 346 return NULL;
283 347
284 drv->ops = ops; 348 rdev->ops = ops;
285 349
286 mutex_lock(&cfg80211_mutex); 350 mutex_lock(&cfg80211_mutex);
287 351
288 drv->wiphy_idx = wiphy_counter++; 352 rdev->wiphy_idx = wiphy_counter++;
289 353
290 if (unlikely(!wiphy_idx_valid(drv->wiphy_idx))) { 354 if (unlikely(!wiphy_idx_valid(rdev->wiphy_idx))) {
291 wiphy_counter--; 355 wiphy_counter--;
292 mutex_unlock(&cfg80211_mutex); 356 mutex_unlock(&cfg80211_mutex);
293 /* ugh, wrapped! */ 357 /* ugh, wrapped! */
294 kfree(drv); 358 kfree(rdev);
295 return NULL; 359 return NULL;
296 } 360 }
297 361
298 mutex_unlock(&cfg80211_mutex); 362 mutex_unlock(&cfg80211_mutex);
299 363
300 /* give it a proper name */ 364 /* give it a proper name */
301 dev_set_name(&drv->wiphy.dev, PHY_NAME "%d", drv->wiphy_idx); 365 dev_set_name(&rdev->wiphy.dev, PHY_NAME "%d", rdev->wiphy_idx);
302 366
303 mutex_init(&drv->mtx); 367 mutex_init(&rdev->mtx);
304 mutex_init(&drv->devlist_mtx); 368 mutex_init(&rdev->devlist_mtx);
305 INIT_LIST_HEAD(&drv->netdev_list); 369 INIT_LIST_HEAD(&rdev->netdev_list);
306 spin_lock_init(&drv->bss_lock); 370 spin_lock_init(&rdev->bss_lock);
307 INIT_LIST_HEAD(&drv->bss_list); 371 INIT_LIST_HEAD(&rdev->bss_list);
308 372 INIT_WORK(&rdev->scan_done_wk, __cfg80211_scan_done);
309 device_initialize(&drv->wiphy.dev); 373
310 drv->wiphy.dev.class = &ieee80211_class; 374 device_initialize(&rdev->wiphy.dev);
311 drv->wiphy.dev.platform_data = drv; 375 rdev->wiphy.dev.class = &ieee80211_class;
312 376 rdev->wiphy.dev.platform_data = rdev;
313 drv->rfkill_ops.set_block = cfg80211_rfkill_set_block; 377
314 drv->rfkill = rfkill_alloc(dev_name(&drv->wiphy.dev), 378 rdev->rfkill_ops.set_block = cfg80211_rfkill_set_block;
315 &drv->wiphy.dev, RFKILL_TYPE_WLAN, 379 rdev->rfkill = rfkill_alloc(dev_name(&rdev->wiphy.dev),
316 &drv->rfkill_ops, drv); 380 &rdev->wiphy.dev, RFKILL_TYPE_WLAN,
317 381 &rdev->rfkill_ops, rdev);
318 if (!drv->rfkill) { 382
319 kfree(drv); 383 if (!rdev->rfkill) {
384 kfree(rdev);
320 return NULL; 385 return NULL;
321 } 386 }
322 387
323 INIT_WORK(&drv->rfkill_sync, cfg80211_rfkill_sync_work); 388 INIT_WORK(&rdev->rfkill_sync, cfg80211_rfkill_sync_work);
389 INIT_WORK(&rdev->conn_work, cfg80211_conn_work);
390 INIT_WORK(&rdev->event_work, cfg80211_event_work);
324 391
325 /* 392 /*
326 * Initialize wiphy parameters to IEEE 802.11 MIB default values. 393 * Initialize wiphy parameters to IEEE 802.11 MIB default values.
327 * Fragmentation and RTS threshold are disabled by default with the 394 * Fragmentation and RTS threshold are disabled by default with the
328 * special -1 value. 395 * special -1 value.
329 */ 396 */
330 drv->wiphy.retry_short = 7; 397 rdev->wiphy.retry_short = 7;
331 drv->wiphy.retry_long = 4; 398 rdev->wiphy.retry_long = 4;
332 drv->wiphy.frag_threshold = (u32) -1; 399 rdev->wiphy.frag_threshold = (u32) -1;
333 drv->wiphy.rts_threshold = (u32) -1; 400 rdev->wiphy.rts_threshold = (u32) -1;
334 401
335 return &drv->wiphy; 402 return &rdev->wiphy;
336} 403}
337EXPORT_SYMBOL(wiphy_new); 404EXPORT_SYMBOL(wiphy_new);
338 405
339int wiphy_register(struct wiphy *wiphy) 406int wiphy_register(struct wiphy *wiphy)
340{ 407{
341 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 408 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
342 int res; 409 int res;
343 enum ieee80211_band band; 410 enum ieee80211_band band;
344 struct ieee80211_supported_band *sband; 411 struct ieee80211_supported_band *sband;
@@ -346,9 +413,6 @@ int wiphy_register(struct wiphy *wiphy)
346 int i; 413 int i;
347 u16 ifmodes = wiphy->interface_modes; 414 u16 ifmodes = wiphy->interface_modes;
348 415
349 if (WARN_ON(wiphy->max_scan_ssids < 1))
350 return -EINVAL;
351
352 /* sanity check ifmodes */ 416 /* sanity check ifmodes */
353 WARN_ON(!ifmodes); 417 WARN_ON(!ifmodes);
354 ifmodes &= ((1 << __NL80211_IFTYPE_AFTER_LAST) - 1) & ~1; 418 ifmodes &= ((1 << __NL80211_IFTYPE_AFTER_LAST) - 1) & ~1;
@@ -395,11 +459,11 @@ int wiphy_register(struct wiphy *wiphy)
395 /* check and set up bitrates */ 459 /* check and set up bitrates */
396 ieee80211_set_bitrate_flags(wiphy); 460 ieee80211_set_bitrate_flags(wiphy);
397 461
398 res = device_add(&drv->wiphy.dev); 462 res = device_add(&rdev->wiphy.dev);
399 if (res) 463 if (res)
400 return res; 464 return res;
401 465
402 res = rfkill_register(drv->rfkill); 466 res = rfkill_register(rdev->rfkill);
403 if (res) 467 if (res)
404 goto out_rm_dev; 468 goto out_rm_dev;
405 469
@@ -408,16 +472,16 @@ int wiphy_register(struct wiphy *wiphy)
408 /* set up regulatory info */ 472 /* set up regulatory info */
409 wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE); 473 wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE);
410 474
411 list_add(&drv->list, &cfg80211_drv_list); 475 list_add(&rdev->list, &cfg80211_rdev_list);
412 476
413 mutex_unlock(&cfg80211_mutex); 477 mutex_unlock(&cfg80211_mutex);
414 478
415 /* add to debugfs */ 479 /* add to debugfs */
416 drv->wiphy.debugfsdir = 480 rdev->wiphy.debugfsdir =
417 debugfs_create_dir(wiphy_name(&drv->wiphy), 481 debugfs_create_dir(wiphy_name(&rdev->wiphy),
418 ieee80211_debugfs_dir); 482 ieee80211_debugfs_dir);
419 if (IS_ERR(drv->wiphy.debugfsdir)) 483 if (IS_ERR(rdev->wiphy.debugfsdir))
420 drv->wiphy.debugfsdir = NULL; 484 rdev->wiphy.debugfsdir = NULL;
421 485
422 if (wiphy->custom_regulatory) { 486 if (wiphy->custom_regulatory) {
423 struct regulatory_request request; 487 struct regulatory_request request;
@@ -430,48 +494,48 @@ int wiphy_register(struct wiphy *wiphy)
430 nl80211_send_reg_change_event(&request); 494 nl80211_send_reg_change_event(&request);
431 } 495 }
432 496
433 cfg80211_debugfs_drv_add(drv); 497 cfg80211_debugfs_rdev_add(rdev);
434 498
435 return 0; 499 return 0;
436 500
437 out_rm_dev: 501 out_rm_dev:
438 device_del(&drv->wiphy.dev); 502 device_del(&rdev->wiphy.dev);
439 return res; 503 return res;
440} 504}
441EXPORT_SYMBOL(wiphy_register); 505EXPORT_SYMBOL(wiphy_register);
442 506
443void wiphy_rfkill_start_polling(struct wiphy *wiphy) 507void wiphy_rfkill_start_polling(struct wiphy *wiphy)
444{ 508{
445 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 509 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
446 510
447 if (!drv->ops->rfkill_poll) 511 if (!rdev->ops->rfkill_poll)
448 return; 512 return;
449 drv->rfkill_ops.poll = cfg80211_rfkill_poll; 513 rdev->rfkill_ops.poll = cfg80211_rfkill_poll;
450 rfkill_resume_polling(drv->rfkill); 514 rfkill_resume_polling(rdev->rfkill);
451} 515}
452EXPORT_SYMBOL(wiphy_rfkill_start_polling); 516EXPORT_SYMBOL(wiphy_rfkill_start_polling);
453 517
454void wiphy_rfkill_stop_polling(struct wiphy *wiphy) 518void wiphy_rfkill_stop_polling(struct wiphy *wiphy)
455{ 519{
456 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 520 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
457 521
458 rfkill_pause_polling(drv->rfkill); 522 rfkill_pause_polling(rdev->rfkill);
459} 523}
460EXPORT_SYMBOL(wiphy_rfkill_stop_polling); 524EXPORT_SYMBOL(wiphy_rfkill_stop_polling);
461 525
462void wiphy_unregister(struct wiphy *wiphy) 526void wiphy_unregister(struct wiphy *wiphy)
463{ 527{
464 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 528 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
465 529
466 rfkill_unregister(drv->rfkill); 530 rfkill_unregister(rdev->rfkill);
467 531
468 /* protect the device list */ 532 /* protect the device list */
469 mutex_lock(&cfg80211_mutex); 533 mutex_lock(&cfg80211_mutex);
470 534
471 BUG_ON(!list_empty(&drv->netdev_list)); 535 BUG_ON(!list_empty(&rdev->netdev_list));
472 536
473 /* 537 /*
474 * Try to grab drv->mtx. If a command is still in progress, 538 * Try to grab rdev->mtx. If a command is still in progress,
475 * hopefully the driver will refuse it since it's tearing 539 * hopefully the driver will refuse it since it's tearing
476 * down the device already. We wait for this command to complete 540 * down the device already. We wait for this command to complete
477 * before unlinking the item from the list. 541 * before unlinking the item from the list.
@@ -480,33 +544,38 @@ void wiphy_unregister(struct wiphy *wiphy)
480 * get to lock contention here if userspace issues a command 544 * get to lock contention here if userspace issues a command
481 * that identified the hardware by wiphy index. 545 * that identified the hardware by wiphy index.
482 */ 546 */
483 mutex_lock(&drv->mtx); 547 mutex_lock(&rdev->mtx);
484 /* unlock again before freeing */ 548 /* unlock again before freeing */
485 mutex_unlock(&drv->mtx); 549 mutex_unlock(&rdev->mtx);
486 550
487 cfg80211_debugfs_drv_del(drv); 551 cfg80211_debugfs_rdev_del(rdev);
488 552
489 /* If this device got a regulatory hint tell core its 553 /* If this device got a regulatory hint tell core its
490 * free to listen now to a new shiny device regulatory hint */ 554 * free to listen now to a new shiny device regulatory hint */
491 reg_device_remove(wiphy); 555 reg_device_remove(wiphy);
492 556
493 list_del(&drv->list); 557 list_del(&rdev->list);
494 device_del(&drv->wiphy.dev); 558 device_del(&rdev->wiphy.dev);
495 debugfs_remove(drv->wiphy.debugfsdir); 559 debugfs_remove(rdev->wiphy.debugfsdir);
496 560
497 mutex_unlock(&cfg80211_mutex); 561 mutex_unlock(&cfg80211_mutex);
562
563 cancel_work_sync(&rdev->conn_work);
564 cancel_work_sync(&rdev->scan_done_wk);
565 kfree(rdev->scan_req);
566 flush_work(&rdev->event_work);
498} 567}
499EXPORT_SYMBOL(wiphy_unregister); 568EXPORT_SYMBOL(wiphy_unregister);
500 569
501void cfg80211_dev_free(struct cfg80211_registered_device *drv) 570void cfg80211_dev_free(struct cfg80211_registered_device *rdev)
502{ 571{
503 struct cfg80211_internal_bss *scan, *tmp; 572 struct cfg80211_internal_bss *scan, *tmp;
504 rfkill_destroy(drv->rfkill); 573 rfkill_destroy(rdev->rfkill);
505 mutex_destroy(&drv->mtx); 574 mutex_destroy(&rdev->mtx);
506 mutex_destroy(&drv->devlist_mtx); 575 mutex_destroy(&rdev->devlist_mtx);
507 list_for_each_entry_safe(scan, tmp, &drv->bss_list, list) 576 list_for_each_entry_safe(scan, tmp, &rdev->bss_list, list)
508 cfg80211_put_bss(&scan->pub); 577 cfg80211_put_bss(&scan->pub);
509 kfree(drv); 578 kfree(rdev);
510} 579}
511 580
512void wiphy_free(struct wiphy *wiphy) 581void wiphy_free(struct wiphy *wiphy)
@@ -517,10 +586,10 @@ EXPORT_SYMBOL(wiphy_free);
517 586
518void wiphy_rfkill_set_hw_state(struct wiphy *wiphy, bool blocked) 587void wiphy_rfkill_set_hw_state(struct wiphy *wiphy, bool blocked)
519{ 588{
520 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 589 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
521 590
522 if (rfkill_set_hw_state(drv->rfkill, blocked)) 591 if (rfkill_set_hw_state(rdev->rfkill, blocked))
523 schedule_work(&drv->rfkill_sync); 592 schedule_work(&rdev->rfkill_sync);
524} 593}
525EXPORT_SYMBOL(wiphy_rfkill_set_hw_state); 594EXPORT_SYMBOL(wiphy_rfkill_set_hw_state);
526 595
@@ -529,56 +598,101 @@ static int cfg80211_netdev_notifier_call(struct notifier_block * nb,
529 void *ndev) 598 void *ndev)
530{ 599{
531 struct net_device *dev = ndev; 600 struct net_device *dev = ndev;
601 struct wireless_dev *wdev = dev->ieee80211_ptr;
532 struct cfg80211_registered_device *rdev; 602 struct cfg80211_registered_device *rdev;
533 603
534 if (!dev->ieee80211_ptr) 604 if (!wdev)
535 return NOTIFY_DONE; 605 return NOTIFY_DONE;
536 606
537 rdev = wiphy_to_dev(dev->ieee80211_ptr->wiphy); 607 rdev = wiphy_to_dev(wdev->wiphy);
538 608
539 WARN_ON(dev->ieee80211_ptr->iftype == NL80211_IFTYPE_UNSPECIFIED); 609 WARN_ON(wdev->iftype == NL80211_IFTYPE_UNSPECIFIED);
540 610
541 switch (state) { 611 switch (state) {
542 case NETDEV_REGISTER: 612 case NETDEV_REGISTER:
613 mutex_init(&wdev->mtx);
614 INIT_LIST_HEAD(&wdev->event_list);
615 spin_lock_init(&wdev->event_lock);
543 mutex_lock(&rdev->devlist_mtx); 616 mutex_lock(&rdev->devlist_mtx);
544 list_add(&dev->ieee80211_ptr->list, &rdev->netdev_list); 617 list_add(&wdev->list, &rdev->netdev_list);
545 if (sysfs_create_link(&dev->dev.kobj, &rdev->wiphy.dev.kobj, 618 if (sysfs_create_link(&dev->dev.kobj, &rdev->wiphy.dev.kobj,
546 "phy80211")) { 619 "phy80211")) {
547 printk(KERN_ERR "wireless: failed to add phy80211 " 620 printk(KERN_ERR "wireless: failed to add phy80211 "
548 "symlink to netdev!\n"); 621 "symlink to netdev!\n");
549 } 622 }
550 dev->ieee80211_ptr->netdev = dev; 623 wdev->netdev = dev;
624 wdev->sme_state = CFG80211_SME_IDLE;
625 mutex_unlock(&rdev->devlist_mtx);
551#ifdef CONFIG_WIRELESS_EXT 626#ifdef CONFIG_WIRELESS_EXT
552 dev->ieee80211_ptr->wext.default_key = -1; 627 wdev->wext.default_key = -1;
553 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 628 wdev->wext.default_mgmt_key = -1;
629 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
630 wdev->wext.ps = CONFIG_CFG80211_DEFAULT_PS_VALUE;
631 wdev->wext.ps_timeout = 500;
632 if (rdev->ops->set_power_mgmt)
633 if (rdev->ops->set_power_mgmt(wdev->wiphy, dev,
634 wdev->wext.ps,
635 wdev->wext.ps_timeout)) {
636 /* assume this means it's off */
637 wdev->wext.ps = false;
638 }
554#endif 639#endif
555 mutex_unlock(&rdev->devlist_mtx);
556 break; 640 break;
557 case NETDEV_GOING_DOWN: 641 case NETDEV_GOING_DOWN:
558 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 642 switch (wdev->iftype) {
643 case NL80211_IFTYPE_ADHOC:
644 cfg80211_leave_ibss(rdev, dev, true);
645 break;
646 case NL80211_IFTYPE_STATION:
647 wdev_lock(wdev);
648#ifdef CONFIG_WIRELESS_EXT
649 kfree(wdev->wext.ie);
650 wdev->wext.ie = NULL;
651 wdev->wext.ie_len = 0;
652 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
653#endif
654 __cfg80211_disconnect(rdev, dev,
655 WLAN_REASON_DEAUTH_LEAVING, true);
656 cfg80211_mlme_down(rdev, dev);
657 wdev_unlock(wdev);
559 break; 658 break;
560 if (!dev->ieee80211_ptr->ssid_len) 659 default:
561 break; 660 break;
562 cfg80211_leave_ibss(rdev, dev, true); 661 }
563 break; 662 break;
564 case NETDEV_UP: 663 case NETDEV_UP:
565#ifdef CONFIG_WIRELESS_EXT 664#ifdef CONFIG_WIRELESS_EXT
566 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 665 cfg80211_lock_rdev(rdev);
666 wdev_lock(wdev);
667 switch (wdev->iftype) {
668 case NL80211_IFTYPE_ADHOC:
669 cfg80211_ibss_wext_join(rdev, wdev);
567 break; 670 break;
568 if (!dev->ieee80211_ptr->wext.ibss.ssid_len) 671 case NL80211_IFTYPE_STATION:
672 cfg80211_mgd_wext_connect(rdev, wdev);
569 break; 673 break;
570 cfg80211_join_ibss(rdev, dev, &dev->ieee80211_ptr->wext.ibss); 674 default:
571 break; 675 break;
676 }
677 wdev_unlock(wdev);
678 cfg80211_unlock_rdev(rdev);
572#endif 679#endif
680 break;
573 case NETDEV_UNREGISTER: 681 case NETDEV_UNREGISTER:
574 mutex_lock(&rdev->devlist_mtx); 682 mutex_lock(&rdev->devlist_mtx);
575 if (!list_empty(&dev->ieee80211_ptr->list)) { 683 if (!list_empty(&wdev->list)) {
576 sysfs_remove_link(&dev->dev.kobj, "phy80211"); 684 sysfs_remove_link(&dev->dev.kobj, "phy80211");
577 list_del_init(&dev->ieee80211_ptr->list); 685 list_del_init(&wdev->list);
578 } 686 }
579 mutex_unlock(&rdev->devlist_mtx); 687 mutex_unlock(&rdev->devlist_mtx);
688 mutex_destroy(&wdev->mtx);
689#ifdef CONFIG_WIRELESS_EXT
690 kfree(wdev->wext.keys);
691#endif
580 break; 692 break;
581 case NETDEV_PRE_UP: 693 case NETDEV_PRE_UP:
694 if (!(wdev->wiphy->interface_modes & BIT(wdev->iftype)))
695 return notifier_from_errno(-EOPNOTSUPP);
582 if (rfkill_blocked(rdev->rfkill)) 696 if (rfkill_blocked(rdev->rfkill))
583 return notifier_from_errno(-ERFKILL); 697 return notifier_from_errno(-ERFKILL);
584 break; 698 break;
diff --git a/net/wireless/core.h b/net/wireless/core.h
index bfa340c7abb5..2ec8ddbe57de 100644
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -57,6 +57,14 @@ struct cfg80211_registered_device {
57 u32 bss_generation; 57 u32 bss_generation;
58 struct cfg80211_scan_request *scan_req; /* protected by RTNL */ 58 struct cfg80211_scan_request *scan_req; /* protected by RTNL */
59 unsigned long suspend_at; 59 unsigned long suspend_at;
60 struct work_struct scan_done_wk;
61
62#ifdef CONFIG_NL80211_TESTMODE
63 struct genl_info *testmode_info;
64#endif
65
66 struct work_struct conn_work;
67 struct work_struct event_work;
60 68
61#ifdef CONFIG_CFG80211_DEBUGFS 69#ifdef CONFIG_CFG80211_DEBUGFS
62 /* Debugfs entries */ 70 /* Debugfs entries */
@@ -89,13 +97,13 @@ bool wiphy_idx_valid(int wiphy_idx)
89} 97}
90 98
91extern struct mutex cfg80211_mutex; 99extern struct mutex cfg80211_mutex;
92extern struct list_head cfg80211_drv_list; 100extern struct list_head cfg80211_rdev_list;
93 101
94#define assert_cfg80211_lock() WARN_ON(!mutex_is_locked(&cfg80211_mutex)) 102#define assert_cfg80211_lock() WARN_ON(!mutex_is_locked(&cfg80211_mutex))
95 103
96/* 104/*
97 * You can use this to mark a wiphy_idx as not having an associated wiphy. 105 * You can use this to mark a wiphy_idx as not having an associated wiphy.
98 * It guarantees cfg80211_drv_by_wiphy_idx(wiphy_idx) will return NULL 106 * It guarantees cfg80211_rdev_by_wiphy_idx(wiphy_idx) will return NULL
99 */ 107 */
100#define WIPHY_IDX_STALE -1 108#define WIPHY_IDX_STALE -1
101 109
@@ -104,17 +112,35 @@ struct cfg80211_internal_bss {
104 struct rb_node rbn; 112 struct rb_node rbn;
105 unsigned long ts; 113 unsigned long ts;
106 struct kref ref; 114 struct kref ref;
107 bool hold, ies_allocated; 115 atomic_t hold;
116 bool ies_allocated;
108 117
109 /* must be last because of priv member */ 118 /* must be last because of priv member */
110 struct cfg80211_bss pub; 119 struct cfg80211_bss pub;
111}; 120};
112 121
113struct cfg80211_registered_device *cfg80211_drv_by_wiphy_idx(int wiphy_idx); 122static inline struct cfg80211_internal_bss *bss_from_pub(struct cfg80211_bss *pub)
123{
124 return container_of(pub, struct cfg80211_internal_bss, pub);
125}
126
127static inline void cfg80211_hold_bss(struct cfg80211_internal_bss *bss)
128{
129 atomic_inc(&bss->hold);
130}
131
132static inline void cfg80211_unhold_bss(struct cfg80211_internal_bss *bss)
133{
134 int r = atomic_dec_return(&bss->hold);
135 WARN_ON(r < 0);
136}
137
138
139struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx);
114int get_wiphy_idx(struct wiphy *wiphy); 140int get_wiphy_idx(struct wiphy *wiphy);
115 141
116struct cfg80211_registered_device * 142struct cfg80211_registered_device *
117__cfg80211_drv_from_info(struct genl_info *info); 143__cfg80211_rdev_from_info(struct genl_info *info);
118 144
119/* 145/*
120 * This function returns a pointer to the driver 146 * This function returns a pointer to the driver
@@ -122,12 +148,12 @@ __cfg80211_drv_from_info(struct genl_info *info);
122 * If successful, it returns non-NULL and also locks 148 * If successful, it returns non-NULL and also locks
123 * the driver's mutex! 149 * the driver's mutex!
124 * 150 *
125 * This means that you need to call cfg80211_put_dev() 151 * This means that you need to call cfg80211_unlock_rdev()
126 * before being allowed to acquire &cfg80211_mutex! 152 * before being allowed to acquire &cfg80211_mutex!
127 * 153 *
128 * This is necessary because we need to lock the global 154 * This is necessary because we need to lock the global
129 * mutex to get an item off the list safely, and then 155 * mutex to get an item off the list safely, and then
130 * we lock the drv mutex so it doesn't go away under us. 156 * we lock the rdev mutex so it doesn't go away under us.
131 * 157 *
132 * We don't want to keep cfg80211_mutex locked 158 * We don't want to keep cfg80211_mutex locked
133 * for all the time in order to allow requests on 159 * for all the time in order to allow requests on
@@ -139,19 +165,90 @@ __cfg80211_drv_from_info(struct genl_info *info);
139extern struct cfg80211_registered_device * 165extern struct cfg80211_registered_device *
140cfg80211_get_dev_from_info(struct genl_info *info); 166cfg80211_get_dev_from_info(struct genl_info *info);
141 167
142/* requires cfg80211_drv_mutex to be held! */ 168/* requires cfg80211_rdev_mutex to be held! */
143struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx); 169struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx);
144 170
145/* identical to cfg80211_get_dev_from_info but only operate on ifindex */ 171/* identical to cfg80211_get_dev_from_info but only operate on ifindex */
146extern struct cfg80211_registered_device * 172extern struct cfg80211_registered_device *
147cfg80211_get_dev_from_ifindex(int ifindex); 173cfg80211_get_dev_from_ifindex(int ifindex);
148 174
149extern void cfg80211_put_dev(struct cfg80211_registered_device *drv); 175static inline void cfg80211_lock_rdev(struct cfg80211_registered_device *rdev)
176{
177 mutex_lock(&rdev->mtx);
178}
179
180static inline void cfg80211_unlock_rdev(struct cfg80211_registered_device *rdev)
181{
182 BUG_ON(IS_ERR(rdev) || !rdev);
183 mutex_unlock(&rdev->mtx);
184}
185
186static inline void wdev_lock(struct wireless_dev *wdev)
187 __acquires(wdev)
188{
189 mutex_lock(&wdev->mtx);
190 __acquire(wdev->mtx);
191}
192
193static inline void wdev_unlock(struct wireless_dev *wdev)
194 __releases(wdev)
195{
196 __release(wdev->mtx);
197 mutex_unlock(&wdev->mtx);
198}
199
200#define ASSERT_RDEV_LOCK(rdev) WARN_ON(!mutex_is_locked(&(rdev)->mtx));
201#define ASSERT_WDEV_LOCK(wdev) WARN_ON(!mutex_is_locked(&(wdev)->mtx));
202
203enum cfg80211_event_type {
204 EVENT_CONNECT_RESULT,
205 EVENT_ROAMED,
206 EVENT_DISCONNECTED,
207 EVENT_IBSS_JOINED,
208};
209
210struct cfg80211_event {
211 struct list_head list;
212 enum cfg80211_event_type type;
213
214 union {
215 struct {
216 u8 bssid[ETH_ALEN];
217 const u8 *req_ie;
218 const u8 *resp_ie;
219 size_t req_ie_len;
220 size_t resp_ie_len;
221 u16 status;
222 } cr;
223 struct {
224 u8 bssid[ETH_ALEN];
225 const u8 *req_ie;
226 const u8 *resp_ie;
227 size_t req_ie_len;
228 size_t resp_ie_len;
229 } rm;
230 struct {
231 const u8 *ie;
232 size_t ie_len;
233 u16 reason;
234 } dc;
235 struct {
236 u8 bssid[ETH_ALEN];
237 } ij;
238 };
239};
240
241struct cfg80211_cached_keys {
242 struct key_params params[6];
243 u8 data[6][WLAN_MAX_KEY_LEN];
244 int def, defmgmt;
245};
246
150 247
151/* free object */ 248/* free object */
152extern void cfg80211_dev_free(struct cfg80211_registered_device *drv); 249extern void cfg80211_dev_free(struct cfg80211_registered_device *rdev);
153 250
154extern int cfg80211_dev_rename(struct cfg80211_registered_device *drv, 251extern int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
155 char *newname); 252 char *newname);
156 253
157void ieee80211_set_bitrate_flags(struct wiphy *wiphy); 254void ieee80211_set_bitrate_flags(struct wiphy *wiphy);
@@ -163,15 +260,98 @@ void cfg80211_bss_age(struct cfg80211_registered_device *dev,
163 unsigned long age_secs); 260 unsigned long age_secs);
164 261
165/* IBSS */ 262/* IBSS */
263int __cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
264 struct net_device *dev,
265 struct cfg80211_ibss_params *params,
266 struct cfg80211_cached_keys *connkeys);
166int cfg80211_join_ibss(struct cfg80211_registered_device *rdev, 267int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
167 struct net_device *dev, 268 struct net_device *dev,
168 struct cfg80211_ibss_params *params); 269 struct cfg80211_ibss_params *params,
270 struct cfg80211_cached_keys *connkeys);
169void cfg80211_clear_ibss(struct net_device *dev, bool nowext); 271void cfg80211_clear_ibss(struct net_device *dev, bool nowext);
170int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev, 272int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
171 struct net_device *dev, bool nowext); 273 struct net_device *dev, bool nowext);
274void __cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid);
275int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev,
276 struct wireless_dev *wdev);
277
278/* MLME */
279int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
280 struct net_device *dev,
281 struct ieee80211_channel *chan,
282 enum nl80211_auth_type auth_type,
283 const u8 *bssid,
284 const u8 *ssid, int ssid_len,
285 const u8 *ie, int ie_len,
286 const u8 *key, int key_len, int key_idx);
287int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
288 struct net_device *dev, struct ieee80211_channel *chan,
289 enum nl80211_auth_type auth_type, const u8 *bssid,
290 const u8 *ssid, int ssid_len,
291 const u8 *ie, int ie_len,
292 const u8 *key, int key_len, int key_idx);
293int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
294 struct net_device *dev,
295 struct ieee80211_channel *chan,
296 const u8 *bssid, const u8 *prev_bssid,
297 const u8 *ssid, int ssid_len,
298 const u8 *ie, int ie_len, bool use_mfp,
299 struct cfg80211_crypto_settings *crypt);
300int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
301 struct net_device *dev, struct ieee80211_channel *chan,
302 const u8 *bssid, const u8 *prev_bssid,
303 const u8 *ssid, int ssid_len,
304 const u8 *ie, int ie_len, bool use_mfp,
305 struct cfg80211_crypto_settings *crypt);
306int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
307 struct net_device *dev, const u8 *bssid,
308 const u8 *ie, int ie_len, u16 reason);
309int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
310 struct net_device *dev, const u8 *bssid,
311 const u8 *ie, int ie_len, u16 reason);
312int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
313 struct net_device *dev, const u8 *bssid,
314 const u8 *ie, int ie_len, u16 reason);
315void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
316 struct net_device *dev);
317void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
318 const u8 *req_ie, size_t req_ie_len,
319 const u8 *resp_ie, size_t resp_ie_len,
320 u16 status, bool wextev);
321
322/* SME */
323int __cfg80211_connect(struct cfg80211_registered_device *rdev,
324 struct net_device *dev,
325 struct cfg80211_connect_params *connect,
326 struct cfg80211_cached_keys *connkeys);
327int cfg80211_connect(struct cfg80211_registered_device *rdev,
328 struct net_device *dev,
329 struct cfg80211_connect_params *connect,
330 struct cfg80211_cached_keys *connkeys);
331int __cfg80211_disconnect(struct cfg80211_registered_device *rdev,
332 struct net_device *dev, u16 reason,
333 bool wextev);
334int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
335 struct net_device *dev, u16 reason,
336 bool wextev);
337void __cfg80211_roamed(struct wireless_dev *wdev, const u8 *bssid,
338 const u8 *req_ie, size_t req_ie_len,
339 const u8 *resp_ie, size_t resp_ie_len);
340int cfg80211_mgd_wext_connect(struct cfg80211_registered_device *rdev,
341 struct wireless_dev *wdev);
342
343void cfg80211_conn_work(struct work_struct *work);
172 344
173/* internal helpers */ 345/* internal helpers */
174int cfg80211_validate_key_settings(struct key_params *params, int key_idx, 346int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
347 struct key_params *params, int key_idx,
175 const u8 *mac_addr); 348 const u8 *mac_addr);
349void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
350 size_t ie_len, u16 reason, bool from_ap);
351void cfg80211_sme_scan_done(struct net_device *dev);
352void cfg80211_sme_rx_auth(struct net_device *dev, const u8 *buf, size_t len);
353void cfg80211_sme_disassoc(struct net_device *dev, int idx);
354void __cfg80211_scan_done(struct work_struct *wk);
355void cfg80211_upload_connect_keys(struct wireless_dev *wdev);
176 356
177#endif /* __NET_WIRELESS_CORE_H */ 357#endif /* __NET_WIRELESS_CORE_H */
diff --git a/net/wireless/debugfs.c b/net/wireless/debugfs.c
index 679ddfcec1ee..13d93d84f902 100644
--- a/net/wireless/debugfs.c
+++ b/net/wireless/debugfs.c
@@ -104,15 +104,15 @@ static const struct file_operations ht40allow_map_ops = {
104}; 104};
105 105
106#define DEBUGFS_ADD(name) \ 106#define DEBUGFS_ADD(name) \
107 drv->debugfs.name = debugfs_create_file(#name, S_IRUGO, phyd, \ 107 rdev->debugfs.name = debugfs_create_file(#name, S_IRUGO, phyd, \
108 &drv->wiphy, &name## _ops); 108 &rdev->wiphy, &name## _ops);
109#define DEBUGFS_DEL(name) \ 109#define DEBUGFS_DEL(name) \
110 debugfs_remove(drv->debugfs.name); \ 110 debugfs_remove(rdev->debugfs.name); \
111 drv->debugfs.name = NULL; 111 rdev->debugfs.name = NULL;
112 112
113void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv) 113void cfg80211_debugfs_rdev_add(struct cfg80211_registered_device *rdev)
114{ 114{
115 struct dentry *phyd = drv->wiphy.debugfsdir; 115 struct dentry *phyd = rdev->wiphy.debugfsdir;
116 116
117 DEBUGFS_ADD(rts_threshold); 117 DEBUGFS_ADD(rts_threshold);
118 DEBUGFS_ADD(fragmentation_threshold); 118 DEBUGFS_ADD(fragmentation_threshold);
@@ -121,7 +121,7 @@ void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv)
121 DEBUGFS_ADD(ht40allow_map); 121 DEBUGFS_ADD(ht40allow_map);
122} 122}
123 123
124void cfg80211_debugfs_drv_del(struct cfg80211_registered_device *drv) 124void cfg80211_debugfs_rdev_del(struct cfg80211_registered_device *rdev)
125{ 125{
126 DEBUGFS_DEL(rts_threshold); 126 DEBUGFS_DEL(rts_threshold);
127 DEBUGFS_DEL(fragmentation_threshold); 127 DEBUGFS_DEL(fragmentation_threshold);
diff --git a/net/wireless/debugfs.h b/net/wireless/debugfs.h
index c226983ae66b..6419b6d6ce3e 100644
--- a/net/wireless/debugfs.h
+++ b/net/wireless/debugfs.h
@@ -2,13 +2,13 @@
2#define __CFG80211_DEBUGFS_H 2#define __CFG80211_DEBUGFS_H
3 3
4#ifdef CONFIG_CFG80211_DEBUGFS 4#ifdef CONFIG_CFG80211_DEBUGFS
5void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv); 5void cfg80211_debugfs_rdev_add(struct cfg80211_registered_device *rdev);
6void cfg80211_debugfs_drv_del(struct cfg80211_registered_device *drv); 6void cfg80211_debugfs_rdev_del(struct cfg80211_registered_device *rdev);
7#else 7#else
8static inline 8static inline
9void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv) {} 9void cfg80211_debugfs_rdev_add(struct cfg80211_registered_device *rdev) {}
10static inline 10static inline
11void cfg80211_debugfs_drv_del(struct cfg80211_registered_device *drv) {} 11void cfg80211_debugfs_rdev_del(struct cfg80211_registered_device *rdev) {}
12#endif 12#endif
13 13
14#endif /* __CFG80211_DEBUGFS_H */ 14#endif /* __CFG80211_DEBUGFS_H */
diff --git a/net/wireless/ibss.c b/net/wireless/ibss.c
index a4a1c3498ff2..8b65e212ae49 100644
--- a/net/wireless/ibss.c
+++ b/net/wireless/ibss.c
@@ -10,7 +10,7 @@
10#include "nl80211.h" 10#include "nl80211.h"
11 11
12 12
13void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp) 13void __cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid)
14{ 14{
15 struct wireless_dev *wdev = dev->ieee80211_ptr; 15 struct wireless_dev *wdev = dev->ieee80211_ptr;
16 struct cfg80211_bss *bss; 16 struct cfg80211_bss *bss;
@@ -24,9 +24,6 @@ void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp)
24 if (WARN_ON(!wdev->ssid_len)) 24 if (WARN_ON(!wdev->ssid_len))
25 return; 25 return;
26 26
27 if (memcmp(bssid, wdev->bssid, ETH_ALEN) == 0)
28 return;
29
30 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid, 27 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
31 wdev->ssid, wdev->ssid_len, 28 wdev->ssid, wdev->ssid_len,
32 WLAN_CAPABILITY_IBSS, WLAN_CAPABILITY_IBSS); 29 WLAN_CAPABILITY_IBSS, WLAN_CAPABILITY_IBSS);
@@ -36,39 +33,69 @@ void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp)
36 33
37 if (wdev->current_bss) { 34 if (wdev->current_bss) {
38 cfg80211_unhold_bss(wdev->current_bss); 35 cfg80211_unhold_bss(wdev->current_bss);
39 cfg80211_put_bss(wdev->current_bss); 36 cfg80211_put_bss(&wdev->current_bss->pub);
40 } 37 }
41 38
42 cfg80211_hold_bss(bss); 39 cfg80211_hold_bss(bss_from_pub(bss));
43 wdev->current_bss = bss; 40 wdev->current_bss = bss_from_pub(bss);
44 memcpy(wdev->bssid, bssid, ETH_ALEN);
45 41
46 nl80211_send_ibss_bssid(wiphy_to_dev(wdev->wiphy), dev, bssid, gfp); 42 cfg80211_upload_connect_keys(wdev);
43
44 nl80211_send_ibss_bssid(wiphy_to_dev(wdev->wiphy), dev, bssid,
45 GFP_KERNEL);
47#ifdef CONFIG_WIRELESS_EXT 46#ifdef CONFIG_WIRELESS_EXT
48 memset(&wrqu, 0, sizeof(wrqu)); 47 memset(&wrqu, 0, sizeof(wrqu));
49 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN); 48 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
50 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 49 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
51#endif 50#endif
52} 51}
52
53void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp)
54{
55 struct wireless_dev *wdev = dev->ieee80211_ptr;
56 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
57 struct cfg80211_event *ev;
58 unsigned long flags;
59
60 ev = kzalloc(sizeof(*ev), gfp);
61 if (!ev)
62 return;
63
64 ev->type = EVENT_IBSS_JOINED;
65 memcpy(ev->cr.bssid, bssid, ETH_ALEN);
66
67 spin_lock_irqsave(&wdev->event_lock, flags);
68 list_add_tail(&ev->list, &wdev->event_list);
69 spin_unlock_irqrestore(&wdev->event_lock, flags);
70 schedule_work(&rdev->event_work);
71}
53EXPORT_SYMBOL(cfg80211_ibss_joined); 72EXPORT_SYMBOL(cfg80211_ibss_joined);
54 73
55int cfg80211_join_ibss(struct cfg80211_registered_device *rdev, 74int __cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
56 struct net_device *dev, 75 struct net_device *dev,
57 struct cfg80211_ibss_params *params) 76 struct cfg80211_ibss_params *params,
77 struct cfg80211_cached_keys *connkeys)
58{ 78{
59 struct wireless_dev *wdev = dev->ieee80211_ptr; 79 struct wireless_dev *wdev = dev->ieee80211_ptr;
60 int err; 80 int err;
61 81
82 ASSERT_WDEV_LOCK(wdev);
83
62 if (wdev->ssid_len) 84 if (wdev->ssid_len)
63 return -EALREADY; 85 return -EALREADY;
64 86
87 if (WARN_ON(wdev->connect_keys))
88 kfree(wdev->connect_keys);
89 wdev->connect_keys = connkeys;
90
65#ifdef CONFIG_WIRELESS_EXT 91#ifdef CONFIG_WIRELESS_EXT
66 wdev->wext.ibss.channel = params->channel; 92 wdev->wext.ibss.channel = params->channel;
67#endif 93#endif
68 err = rdev->ops->join_ibss(&rdev->wiphy, dev, params); 94 err = rdev->ops->join_ibss(&rdev->wiphy, dev, params);
69 95 if (err) {
70 if (err) 96 wdev->connect_keys = NULL;
71 return err; 97 return err;
98 }
72 99
73 memcpy(wdev->ssid, params->ssid, params->ssid_len); 100 memcpy(wdev->ssid, params->ssid, params->ssid_len);
74 wdev->ssid_len = params->ssid_len; 101 wdev->ssid_len = params->ssid_len;
@@ -76,45 +103,105 @@ int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
76 return 0; 103 return 0;
77} 104}
78 105
79void cfg80211_clear_ibss(struct net_device *dev, bool nowext) 106int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
107 struct net_device *dev,
108 struct cfg80211_ibss_params *params,
109 struct cfg80211_cached_keys *connkeys)
80{ 110{
81 struct wireless_dev *wdev = dev->ieee80211_ptr; 111 struct wireless_dev *wdev = dev->ieee80211_ptr;
112 int err;
113
114 wdev_lock(wdev);
115 err = __cfg80211_join_ibss(rdev, dev, params, connkeys);
116 wdev_unlock(wdev);
117
118 return err;
119}
120
121static void __cfg80211_clear_ibss(struct net_device *dev, bool nowext)
122{
123 struct wireless_dev *wdev = dev->ieee80211_ptr;
124 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
125 int i;
126
127 ASSERT_WDEV_LOCK(wdev);
128
129 kfree(wdev->connect_keys);
130 wdev->connect_keys = NULL;
131
132 /*
133 * Delete all the keys ... pairwise keys can't really
134 * exist any more anyway, but default keys might.
135 */
136 if (rdev->ops->del_key)
137 for (i = 0; i < 6; i++)
138 rdev->ops->del_key(wdev->wiphy, dev, i, NULL);
82 139
83 if (wdev->current_bss) { 140 if (wdev->current_bss) {
84 cfg80211_unhold_bss(wdev->current_bss); 141 cfg80211_unhold_bss(wdev->current_bss);
85 cfg80211_put_bss(wdev->current_bss); 142 cfg80211_put_bss(&wdev->current_bss->pub);
86 } 143 }
87 144
88 wdev->current_bss = NULL; 145 wdev->current_bss = NULL;
89 wdev->ssid_len = 0; 146 wdev->ssid_len = 0;
90 memset(wdev->bssid, 0, ETH_ALEN);
91#ifdef CONFIG_WIRELESS_EXT 147#ifdef CONFIG_WIRELESS_EXT
92 if (!nowext) 148 if (!nowext)
93 wdev->wext.ibss.ssid_len = 0; 149 wdev->wext.ibss.ssid_len = 0;
94#endif 150#endif
95} 151}
96 152
97int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev, 153void cfg80211_clear_ibss(struct net_device *dev, bool nowext)
98 struct net_device *dev, bool nowext) 154{
155 struct wireless_dev *wdev = dev->ieee80211_ptr;
156
157 wdev_lock(wdev);
158 __cfg80211_clear_ibss(dev, nowext);
159 wdev_unlock(wdev);
160}
161
162static int __cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
163 struct net_device *dev, bool nowext)
99{ 164{
165 struct wireless_dev *wdev = dev->ieee80211_ptr;
100 int err; 166 int err;
101 167
168 ASSERT_WDEV_LOCK(wdev);
169
170 if (!wdev->ssid_len)
171 return -ENOLINK;
172
102 err = rdev->ops->leave_ibss(&rdev->wiphy, dev); 173 err = rdev->ops->leave_ibss(&rdev->wiphy, dev);
103 174
104 if (err) 175 if (err)
105 return err; 176 return err;
106 177
107 cfg80211_clear_ibss(dev, nowext); 178 __cfg80211_clear_ibss(dev, nowext);
108 179
109 return 0; 180 return 0;
110} 181}
111 182
183int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
184 struct net_device *dev, bool nowext)
185{
186 struct wireless_dev *wdev = dev->ieee80211_ptr;
187 int err;
188
189 wdev_lock(wdev);
190 err = __cfg80211_leave_ibss(rdev, dev, nowext);
191 wdev_unlock(wdev);
192
193 return err;
194}
195
112#ifdef CONFIG_WIRELESS_EXT 196#ifdef CONFIG_WIRELESS_EXT
113static int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev, 197int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev,
114 struct wireless_dev *wdev) 198 struct wireless_dev *wdev)
115{ 199{
200 struct cfg80211_cached_keys *ck = NULL;
116 enum ieee80211_band band; 201 enum ieee80211_band band;
117 int i; 202 int i, err;
203
204 ASSERT_WDEV_LOCK(wdev);
118 205
119 if (!wdev->wext.ibss.beacon_interval) 206 if (!wdev->wext.ibss.beacon_interval)
120 wdev->wext.ibss.beacon_interval = 100; 207 wdev->wext.ibss.beacon_interval = 100;
@@ -154,8 +241,24 @@ static int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev,
154 if (!netif_running(wdev->netdev)) 241 if (!netif_running(wdev->netdev))
155 return 0; 242 return 0;
156 243
157 return cfg80211_join_ibss(wiphy_to_dev(wdev->wiphy), 244 if (wdev->wext.keys)
158 wdev->netdev, &wdev->wext.ibss); 245 wdev->wext.keys->def = wdev->wext.default_key;
246
247 wdev->wext.ibss.privacy = wdev->wext.default_key != -1;
248
249 if (wdev->wext.keys) {
250 ck = kmemdup(wdev->wext.keys, sizeof(*ck), GFP_KERNEL);
251 if (!ck)
252 return -ENOMEM;
253 for (i = 0; i < 6; i++)
254 ck->params[i].key = ck->data[i];
255 }
256 err = __cfg80211_join_ibss(rdev, wdev->netdev,
257 &wdev->wext.ibss, ck);
258 if (err)
259 kfree(ck);
260
261 return err;
159} 262}
160 263
161int cfg80211_ibss_wext_siwfreq(struct net_device *dev, 264int cfg80211_ibss_wext_siwfreq(struct net_device *dev,
@@ -185,12 +288,15 @@ int cfg80211_ibss_wext_siwfreq(struct net_device *dev,
185 if (wdev->wext.ibss.channel == chan) 288 if (wdev->wext.ibss.channel == chan)
186 return 0; 289 return 0;
187 290
188 if (wdev->ssid_len) { 291 wdev_lock(wdev);
189 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy), 292 err = 0;
190 dev, true); 293 if (wdev->ssid_len)
191 if (err) 294 err = __cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy),
192 return err; 295 dev, true);
193 } 296 wdev_unlock(wdev);
297
298 if (err)
299 return err;
194 300
195 if (chan) { 301 if (chan) {
196 wdev->wext.ibss.channel = chan; 302 wdev->wext.ibss.channel = chan;
@@ -200,7 +306,11 @@ int cfg80211_ibss_wext_siwfreq(struct net_device *dev,
200 wdev->wext.ibss.channel_fixed = false; 306 wdev->wext.ibss.channel_fixed = false;
201 } 307 }
202 308
203 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev); 309 wdev_lock(wdev);
310 err = cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev);
311 wdev_unlock(wdev);
312
313 return err;
204} 314}
205/* temporary symbol - mark GPL - in the future the handler won't be */ 315/* temporary symbol - mark GPL - in the future the handler won't be */
206EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwfreq); 316EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwfreq);
@@ -216,10 +326,12 @@ int cfg80211_ibss_wext_giwfreq(struct net_device *dev,
216 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC)) 326 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
217 return -EINVAL; 327 return -EINVAL;
218 328
329 wdev_lock(wdev);
219 if (wdev->current_bss) 330 if (wdev->current_bss)
220 chan = wdev->current_bss->channel; 331 chan = wdev->current_bss->pub.channel;
221 else if (wdev->wext.ibss.channel) 332 else if (wdev->wext.ibss.channel)
222 chan = wdev->wext.ibss.channel; 333 chan = wdev->wext.ibss.channel;
334 wdev_unlock(wdev);
223 335
224 if (chan) { 336 if (chan) {
225 freq->m = chan->center_freq; 337 freq->m = chan->center_freq;
@@ -248,12 +360,15 @@ int cfg80211_ibss_wext_siwessid(struct net_device *dev,
248 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss) 360 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss)
249 return -EOPNOTSUPP; 361 return -EOPNOTSUPP;
250 362
251 if (wdev->ssid_len) { 363 wdev_lock(wdev);
252 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy), 364 err = 0;
253 dev, true); 365 if (wdev->ssid_len)
254 if (err) 366 err = __cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy),
255 return err; 367 dev, true);
256 } 368 wdev_unlock(wdev);
369
370 if (err)
371 return err;
257 372
258 /* iwconfig uses nul termination in SSID.. */ 373 /* iwconfig uses nul termination in SSID.. */
259 if (len > 0 && ssid[len - 1] == '\0') 374 if (len > 0 && ssid[len - 1] == '\0')
@@ -263,7 +378,11 @@ int cfg80211_ibss_wext_siwessid(struct net_device *dev,
263 memcpy(wdev->wext.ibss.ssid, ssid, len); 378 memcpy(wdev->wext.ibss.ssid, ssid, len);
264 wdev->wext.ibss.ssid_len = len; 379 wdev->wext.ibss.ssid_len = len;
265 380
266 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev); 381 wdev_lock(wdev);
382 err = cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev);
383 wdev_unlock(wdev);
384
385 return err;
267} 386}
268/* temporary symbol - mark GPL - in the future the handler won't be */ 387/* temporary symbol - mark GPL - in the future the handler won't be */
269EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwessid); 388EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwessid);
@@ -280,6 +399,7 @@ int cfg80211_ibss_wext_giwessid(struct net_device *dev,
280 399
281 data->flags = 0; 400 data->flags = 0;
282 401
402 wdev_lock(wdev);
283 if (wdev->ssid_len) { 403 if (wdev->ssid_len) {
284 data->flags = 1; 404 data->flags = 1;
285 data->length = wdev->ssid_len; 405 data->length = wdev->ssid_len;
@@ -289,6 +409,7 @@ int cfg80211_ibss_wext_giwessid(struct net_device *dev,
289 data->length = wdev->wext.ibss.ssid_len; 409 data->length = wdev->wext.ibss.ssid_len;
290 memcpy(ssid, wdev->wext.ibss.ssid, data->length); 410 memcpy(ssid, wdev->wext.ibss.ssid, data->length);
291 } 411 }
412 wdev_unlock(wdev);
292 413
293 return 0; 414 return 0;
294} 415}
@@ -326,12 +447,15 @@ int cfg80211_ibss_wext_siwap(struct net_device *dev,
326 compare_ether_addr(bssid, wdev->wext.ibss.bssid) == 0) 447 compare_ether_addr(bssid, wdev->wext.ibss.bssid) == 0)
327 return 0; 448 return 0;
328 449
329 if (wdev->ssid_len) { 450 wdev_lock(wdev);
330 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy), 451 err = 0;
331 dev, true); 452 if (wdev->ssid_len)
332 if (err) 453 err = __cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy),
333 return err; 454 dev, true);
334 } 455 wdev_unlock(wdev);
456
457 if (err)
458 return err;
335 459
336 if (bssid) { 460 if (bssid) {
337 memcpy(wdev->wext.bssid, bssid, ETH_ALEN); 461 memcpy(wdev->wext.bssid, bssid, ETH_ALEN);
@@ -339,7 +463,11 @@ int cfg80211_ibss_wext_siwap(struct net_device *dev,
339 } else 463 } else
340 wdev->wext.ibss.bssid = NULL; 464 wdev->wext.ibss.bssid = NULL;
341 465
342 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev); 466 wdev_lock(wdev);
467 err = cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev);
468 wdev_unlock(wdev);
469
470 return err;
343} 471}
344/* temporary symbol - mark GPL - in the future the handler won't be */ 472/* temporary symbol - mark GPL - in the future the handler won't be */
345EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwap); 473EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwap);
@@ -356,12 +484,16 @@ int cfg80211_ibss_wext_giwap(struct net_device *dev,
356 484
357 ap_addr->sa_family = ARPHRD_ETHER; 485 ap_addr->sa_family = ARPHRD_ETHER;
358 486
359 if (wdev->wext.ibss.bssid) { 487 wdev_lock(wdev);
488 if (wdev->current_bss)
489 memcpy(ap_addr->sa_data, wdev->current_bss->pub.bssid, ETH_ALEN);
490 else if (wdev->wext.ibss.bssid)
360 memcpy(ap_addr->sa_data, wdev->wext.ibss.bssid, ETH_ALEN); 491 memcpy(ap_addr->sa_data, wdev->wext.ibss.bssid, ETH_ALEN);
361 return 0; 492 else
362 } 493 memset(ap_addr->sa_data, 0, ETH_ALEN);
494
495 wdev_unlock(wdev);
363 496
364 memcpy(ap_addr->sa_data, wdev->bssid, ETH_ALEN);
365 return 0; 497 return 0;
366} 498}
367/* temporary symbol - mark GPL - in the future the handler won't be */ 499/* temporary symbol - mark GPL - in the future the handler won't be */
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 42184361a109..5b9b22120824 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -14,69 +14,608 @@
14 14
15void cfg80211_send_rx_auth(struct net_device *dev, const u8 *buf, size_t len) 15void cfg80211_send_rx_auth(struct net_device *dev, const u8 *buf, size_t len)
16{ 16{
17 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 17 struct wireless_dev *wdev = dev->ieee80211_ptr;
18 struct wiphy *wiphy = wdev->wiphy;
18 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 19 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
19 nl80211_send_rx_auth(rdev, dev, buf, len); 20 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
21 u8 *bssid = mgmt->bssid;
22 int i;
23 u16 status = le16_to_cpu(mgmt->u.auth.status_code);
24 bool done = false;
25
26 wdev_lock(wdev);
27
28 for (i = 0; i < MAX_AUTH_BSSES; i++) {
29 if (wdev->authtry_bsses[i] &&
30 memcmp(wdev->authtry_bsses[i]->pub.bssid, bssid,
31 ETH_ALEN) == 0) {
32 if (status == WLAN_STATUS_SUCCESS) {
33 wdev->auth_bsses[i] = wdev->authtry_bsses[i];
34 } else {
35 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
36 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
37 }
38 wdev->authtry_bsses[i] = NULL;
39 done = true;
40 break;
41 }
42 }
43
44 WARN_ON(!done);
45
46 nl80211_send_rx_auth(rdev, dev, buf, len, GFP_KERNEL);
47 cfg80211_sme_rx_auth(dev, buf, len);
48
49 wdev_unlock(wdev);
20} 50}
21EXPORT_SYMBOL(cfg80211_send_rx_auth); 51EXPORT_SYMBOL(cfg80211_send_rx_auth);
22 52
23void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len) 53void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
24{ 54{
25 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 55 u16 status_code;
56 struct wireless_dev *wdev = dev->ieee80211_ptr;
57 struct wiphy *wiphy = wdev->wiphy;
26 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 58 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
27 nl80211_send_rx_assoc(rdev, dev, buf, len); 59 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
60 u8 *ie = mgmt->u.assoc_resp.variable;
61 int i, ieoffs = offsetof(struct ieee80211_mgmt, u.assoc_resp.variable);
62 bool done;
63
64 wdev_lock(wdev);
65
66 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
67
68 nl80211_send_rx_assoc(rdev, dev, buf, len, GFP_KERNEL);
69
70 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, ie, len - ieoffs,
71 status_code,
72 status_code == WLAN_STATUS_SUCCESS);
73
74 if (status_code == WLAN_STATUS_SUCCESS) {
75 for (i = 0; wdev->current_bss && i < MAX_AUTH_BSSES; i++) {
76 if (wdev->auth_bsses[i] == wdev->current_bss) {
77 cfg80211_unhold_bss(wdev->auth_bsses[i]);
78 cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
79 wdev->auth_bsses[i] = NULL;
80 done = true;
81 break;
82 }
83 }
84
85 WARN_ON(!done);
86 }
87
88 wdev_unlock(wdev);
28} 89}
29EXPORT_SYMBOL(cfg80211_send_rx_assoc); 90EXPORT_SYMBOL(cfg80211_send_rx_assoc);
30 91
31void cfg80211_send_deauth(struct net_device *dev, const u8 *buf, size_t len) 92static void __cfg80211_send_deauth(struct net_device *dev,
93 const u8 *buf, size_t len)
32{ 94{
33 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 95 struct wireless_dev *wdev = dev->ieee80211_ptr;
96 struct wiphy *wiphy = wdev->wiphy;
34 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 97 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
35 nl80211_send_deauth(rdev, dev, buf, len); 98 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
99 const u8 *bssid = mgmt->bssid;
100 int i;
101 bool done = false;
102
103 ASSERT_WDEV_LOCK(wdev);
104
105 nl80211_send_deauth(rdev, dev, buf, len, GFP_KERNEL);
106
107 if (wdev->current_bss &&
108 memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
109 done = true;
110 cfg80211_unhold_bss(wdev->current_bss);
111 cfg80211_put_bss(&wdev->current_bss->pub);
112 wdev->current_bss = NULL;
113 } else for (i = 0; i < MAX_AUTH_BSSES; i++) {
114 if (wdev->auth_bsses[i] &&
115 memcmp(wdev->auth_bsses[i]->pub.bssid, bssid, ETH_ALEN) == 0) {
116 cfg80211_unhold_bss(wdev->auth_bsses[i]);
117 cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
118 wdev->auth_bsses[i] = NULL;
119 done = true;
120 break;
121 }
122 if (wdev->authtry_bsses[i] &&
123 memcmp(wdev->authtry_bsses[i]->pub.bssid, bssid, ETH_ALEN) == 0) {
124 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
125 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
126 wdev->authtry_bsses[i] = NULL;
127 done = true;
128 break;
129 }
130 }
131
132 WARN_ON(!done);
133
134 if (wdev->sme_state == CFG80211_SME_CONNECTED) {
135 u16 reason_code;
136 bool from_ap;
137
138 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
139
140 from_ap = memcmp(mgmt->da, dev->dev_addr, ETH_ALEN) == 0;
141 __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap);
142 } else if (wdev->sme_state == CFG80211_SME_CONNECTING) {
143 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0,
144 WLAN_STATUS_UNSPECIFIED_FAILURE,
145 false);
146 }
147}
148
149
150void cfg80211_send_deauth(struct net_device *dev, const u8 *buf, size_t len,
151 void *cookie)
152{
153 struct wireless_dev *wdev = dev->ieee80211_ptr;
154
155 BUG_ON(cookie && wdev != cookie);
156
157 if (cookie) {
158 /* called within callback */
159 __cfg80211_send_deauth(dev, buf, len);
160 } else {
161 wdev_lock(wdev);
162 __cfg80211_send_deauth(dev, buf, len);
163 wdev_unlock(wdev);
164 }
36} 165}
37EXPORT_SYMBOL(cfg80211_send_deauth); 166EXPORT_SYMBOL(cfg80211_send_deauth);
38 167
39void cfg80211_send_disassoc(struct net_device *dev, const u8 *buf, size_t len) 168static void __cfg80211_send_disassoc(struct net_device *dev,
169 const u8 *buf, size_t len)
40{ 170{
41 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 171 struct wireless_dev *wdev = dev->ieee80211_ptr;
172 struct wiphy *wiphy = wdev->wiphy;
42 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 173 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
43 nl80211_send_disassoc(rdev, dev, buf, len); 174 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
175 const u8 *bssid = mgmt->bssid;
176 int i;
177 u16 reason_code;
178 bool from_ap;
179 bool done = false;
180
181 ASSERT_WDEV_LOCK(wdev);
182
183 nl80211_send_disassoc(rdev, dev, buf, len, GFP_KERNEL);
184
185 if (wdev->sme_state != CFG80211_SME_CONNECTED)
186 return;
187
188 if (wdev->current_bss &&
189 memcmp(wdev->current_bss, bssid, ETH_ALEN) == 0) {
190 for (i = 0; i < MAX_AUTH_BSSES; i++) {
191 if (wdev->authtry_bsses[i] || wdev->auth_bsses[i])
192 continue;
193 wdev->auth_bsses[i] = wdev->current_bss;
194 wdev->current_bss = NULL;
195 done = true;
196 cfg80211_sme_disassoc(dev, i);
197 break;
198 }
199 WARN_ON(!done);
200 } else
201 WARN_ON(1);
202
203
204 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
205
206 from_ap = memcmp(mgmt->da, dev->dev_addr, ETH_ALEN) == 0;
207 __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap);
44} 208}
45EXPORT_SYMBOL(cfg80211_send_disassoc);
46 209
47static void cfg80211_wext_disconnected(struct net_device *dev) 210void cfg80211_send_disassoc(struct net_device *dev, const u8 *buf, size_t len,
211 void *cookie)
48{ 212{
49#ifdef CONFIG_WIRELESS_EXT 213 struct wireless_dev *wdev = dev->ieee80211_ptr;
50 union iwreq_data wrqu; 214
51 memset(&wrqu, 0, sizeof(wrqu)); 215 BUG_ON(cookie && wdev != cookie);
52 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 216
53#endif 217 if (cookie) {
218 /* called within callback */
219 __cfg80211_send_disassoc(dev, buf, len);
220 } else {
221 wdev_lock(wdev);
222 __cfg80211_send_disassoc(dev, buf, len);
223 wdev_unlock(wdev);
224 }
54} 225}
226EXPORT_SYMBOL(cfg80211_send_disassoc);
55 227
56void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr) 228void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr)
57{ 229{
58 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 230 struct wireless_dev *wdev = dev->ieee80211_ptr;
231 struct wiphy *wiphy = wdev->wiphy;
59 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 232 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
60 nl80211_send_auth_timeout(rdev, dev, addr); 233 int i;
61 cfg80211_wext_disconnected(dev); 234 bool done = false;
235
236 wdev_lock(wdev);
237
238 nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL);
239 if (wdev->sme_state == CFG80211_SME_CONNECTING)
240 __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0,
241 WLAN_STATUS_UNSPECIFIED_FAILURE,
242 false);
243
244 for (i = 0; addr && i < MAX_AUTH_BSSES; i++) {
245 if (wdev->authtry_bsses[i] &&
246 memcmp(wdev->authtry_bsses[i]->pub.bssid,
247 addr, ETH_ALEN) == 0) {
248 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
249 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
250 wdev->authtry_bsses[i] = NULL;
251 done = true;
252 break;
253 }
254 }
255
256 WARN_ON(!done);
257
258 wdev_unlock(wdev);
62} 259}
63EXPORT_SYMBOL(cfg80211_send_auth_timeout); 260EXPORT_SYMBOL(cfg80211_send_auth_timeout);
64 261
65void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr) 262void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr)
66{ 263{
67 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 264 struct wireless_dev *wdev = dev->ieee80211_ptr;
265 struct wiphy *wiphy = wdev->wiphy;
68 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 266 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
69 nl80211_send_assoc_timeout(rdev, dev, addr); 267 int i;
70 cfg80211_wext_disconnected(dev); 268 bool done = false;
269
270 wdev_lock(wdev);
271
272 nl80211_send_assoc_timeout(rdev, dev, addr, GFP_KERNEL);
273 if (wdev->sme_state == CFG80211_SME_CONNECTING)
274 __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0,
275 WLAN_STATUS_UNSPECIFIED_FAILURE,
276 false);
277
278 for (i = 0; addr && i < MAX_AUTH_BSSES; i++) {
279 if (wdev->auth_bsses[i] &&
280 memcmp(wdev->auth_bsses[i]->pub.bssid,
281 addr, ETH_ALEN) == 0) {
282 cfg80211_unhold_bss(wdev->auth_bsses[i]);
283 cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
284 wdev->auth_bsses[i] = NULL;
285 done = true;
286 break;
287 }
288 }
289
290 WARN_ON(!done);
291
292 wdev_unlock(wdev);
71} 293}
72EXPORT_SYMBOL(cfg80211_send_assoc_timeout); 294EXPORT_SYMBOL(cfg80211_send_assoc_timeout);
73 295
74void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr, 296void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr,
75 enum nl80211_key_type key_type, int key_id, 297 enum nl80211_key_type key_type, int key_id,
76 const u8 *tsc) 298 const u8 *tsc, gfp_t gfp)
77{ 299{
78 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 300 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
79 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 301 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
80 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc); 302#ifdef CONFIG_WIRELESS_EXT
303 union iwreq_data wrqu;
304 char *buf = kmalloc(128, gfp);
305
306 if (buf) {
307 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
308 "keyid=%d %scast addr=%pM)", key_id,
309 key_type == NL80211_KEYTYPE_GROUP ? "broad" : "uni",
310 addr);
311 memset(&wrqu, 0, sizeof(wrqu));
312 wrqu.data.length = strlen(buf);
313 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
314 kfree(buf);
315 }
316#endif
317
318 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp);
81} 319}
82EXPORT_SYMBOL(cfg80211_michael_mic_failure); 320EXPORT_SYMBOL(cfg80211_michael_mic_failure);
321
322/* some MLME handling for userspace SME */
323int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
324 struct net_device *dev,
325 struct ieee80211_channel *chan,
326 enum nl80211_auth_type auth_type,
327 const u8 *bssid,
328 const u8 *ssid, int ssid_len,
329 const u8 *ie, int ie_len,
330 const u8 *key, int key_len, int key_idx)
331{
332 struct wireless_dev *wdev = dev->ieee80211_ptr;
333 struct cfg80211_auth_request req;
334 struct cfg80211_internal_bss *bss;
335 int i, err, slot = -1, nfree = 0;
336
337 ASSERT_WDEV_LOCK(wdev);
338
339 if (auth_type == NL80211_AUTHTYPE_SHARED_KEY)
340 if (!key || !key_len || key_idx < 0 || key_idx > 4)
341 return -EINVAL;
342
343 if (wdev->current_bss &&
344 memcmp(bssid, wdev->current_bss->pub.bssid, ETH_ALEN) == 0)
345 return -EALREADY;
346
347 for (i = 0; i < MAX_AUTH_BSSES; i++) {
348 if (wdev->authtry_bsses[i] &&
349 memcmp(bssid, wdev->authtry_bsses[i]->pub.bssid,
350 ETH_ALEN) == 0)
351 return -EALREADY;
352 if (wdev->auth_bsses[i] &&
353 memcmp(bssid, wdev->auth_bsses[i]->pub.bssid,
354 ETH_ALEN) == 0)
355 return -EALREADY;
356 }
357
358 memset(&req, 0, sizeof(req));
359
360 req.ie = ie;
361 req.ie_len = ie_len;
362 req.auth_type = auth_type;
363 req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len,
364 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
365 req.key = key;
366 req.key_len = key_len;
367 req.key_idx = key_idx;
368 if (!req.bss)
369 return -ENOENT;
370
371 bss = bss_from_pub(req.bss);
372
373 for (i = 0; i < MAX_AUTH_BSSES; i++) {
374 if (!wdev->auth_bsses[i] && !wdev->authtry_bsses[i]) {
375 slot = i;
376 nfree++;
377 }
378 }
379
380 /* we need one free slot for disassoc and one for this auth */
381 if (nfree < 2) {
382 err = -ENOSPC;
383 goto out;
384 }
385
386 wdev->authtry_bsses[slot] = bss;
387 cfg80211_hold_bss(bss);
388
389 err = rdev->ops->auth(&rdev->wiphy, dev, &req);
390 if (err) {
391 wdev->authtry_bsses[slot] = NULL;
392 cfg80211_unhold_bss(bss);
393 }
394
395 out:
396 if (err)
397 cfg80211_put_bss(req.bss);
398 return err;
399}
400
401int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
402 struct net_device *dev, struct ieee80211_channel *chan,
403 enum nl80211_auth_type auth_type, const u8 *bssid,
404 const u8 *ssid, int ssid_len,
405 const u8 *ie, int ie_len,
406 const u8 *key, int key_len, int key_idx)
407{
408 int err;
409
410 wdev_lock(dev->ieee80211_ptr);
411 err = __cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
412 ssid, ssid_len, ie, ie_len,
413 key, key_len, key_idx);
414 wdev_unlock(dev->ieee80211_ptr);
415
416 return err;
417}
418
419int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
420 struct net_device *dev,
421 struct ieee80211_channel *chan,
422 const u8 *bssid, const u8 *prev_bssid,
423 const u8 *ssid, int ssid_len,
424 const u8 *ie, int ie_len, bool use_mfp,
425 struct cfg80211_crypto_settings *crypt)
426{
427 struct wireless_dev *wdev = dev->ieee80211_ptr;
428 struct cfg80211_assoc_request req;
429 struct cfg80211_internal_bss *bss;
430 int i, err, slot = -1;
431
432 ASSERT_WDEV_LOCK(wdev);
433
434 memset(&req, 0, sizeof(req));
435
436 if (wdev->current_bss)
437 return -EALREADY;
438
439 req.ie = ie;
440 req.ie_len = ie_len;
441 memcpy(&req.crypto, crypt, sizeof(req.crypto));
442 req.use_mfp = use_mfp;
443 req.prev_bssid = prev_bssid;
444 req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len,
445 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
446 if (!req.bss)
447 return -ENOENT;
448
449 bss = bss_from_pub(req.bss);
450
451 for (i = 0; i < MAX_AUTH_BSSES; i++) {
452 if (bss == wdev->auth_bsses[i]) {
453 slot = i;
454 break;
455 }
456 }
457
458 if (slot < 0) {
459 err = -ENOTCONN;
460 goto out;
461 }
462
463 err = rdev->ops->assoc(&rdev->wiphy, dev, &req);
464 out:
465 /* still a reference in wdev->auth_bsses[slot] */
466 cfg80211_put_bss(req.bss);
467 return err;
468}
469
470int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
471 struct net_device *dev,
472 struct ieee80211_channel *chan,
473 const u8 *bssid, const u8 *prev_bssid,
474 const u8 *ssid, int ssid_len,
475 const u8 *ie, int ie_len, bool use_mfp,
476 struct cfg80211_crypto_settings *crypt)
477{
478 struct wireless_dev *wdev = dev->ieee80211_ptr;
479 int err;
480
481 wdev_lock(wdev);
482 err = __cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid,
483 ssid, ssid_len, ie, ie_len, use_mfp, crypt);
484 wdev_unlock(wdev);
485
486 return err;
487}
488
489int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
490 struct net_device *dev, const u8 *bssid,
491 const u8 *ie, int ie_len, u16 reason)
492{
493 struct wireless_dev *wdev = dev->ieee80211_ptr;
494 struct cfg80211_deauth_request req;
495 int i;
496
497 ASSERT_WDEV_LOCK(wdev);
498
499 memset(&req, 0, sizeof(req));
500 req.reason_code = reason;
501 req.ie = ie;
502 req.ie_len = ie_len;
503 if (wdev->current_bss &&
504 memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
505 req.bss = &wdev->current_bss->pub;
506 } else for (i = 0; i < MAX_AUTH_BSSES; i++) {
507 if (wdev->auth_bsses[i] &&
508 memcmp(bssid, wdev->auth_bsses[i]->pub.bssid, ETH_ALEN) == 0) {
509 req.bss = &wdev->auth_bsses[i]->pub;
510 break;
511 }
512 if (wdev->authtry_bsses[i] &&
513 memcmp(bssid, wdev->authtry_bsses[i]->pub.bssid, ETH_ALEN) == 0) {
514 req.bss = &wdev->authtry_bsses[i]->pub;
515 break;
516 }
517 }
518
519 if (!req.bss)
520 return -ENOTCONN;
521
522 return rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
523}
524
525int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
526 struct net_device *dev, const u8 *bssid,
527 const u8 *ie, int ie_len, u16 reason)
528{
529 struct wireless_dev *wdev = dev->ieee80211_ptr;
530 int err;
531
532 wdev_lock(wdev);
533 err = __cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason);
534 wdev_unlock(wdev);
535
536 return err;
537}
538
539static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
540 struct net_device *dev, const u8 *bssid,
541 const u8 *ie, int ie_len, u16 reason)
542{
543 struct wireless_dev *wdev = dev->ieee80211_ptr;
544 struct cfg80211_disassoc_request req;
545
546 ASSERT_WDEV_LOCK(wdev);
547
548 memset(&req, 0, sizeof(req));
549 req.reason_code = reason;
550 req.ie = ie;
551 req.ie_len = ie_len;
552 if (memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0)
553 req.bss = &wdev->current_bss->pub;
554 else
555 return -ENOTCONN;
556
557 return rdev->ops->disassoc(&rdev->wiphy, dev, &req, wdev);
558}
559
560int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
561 struct net_device *dev, const u8 *bssid,
562 const u8 *ie, int ie_len, u16 reason)
563{
564 struct wireless_dev *wdev = dev->ieee80211_ptr;
565 int err;
566
567 wdev_lock(wdev);
568 err = __cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason);
569 wdev_unlock(wdev);
570
571 return err;
572}
573
574void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
575 struct net_device *dev)
576{
577 struct wireless_dev *wdev = dev->ieee80211_ptr;
578 struct cfg80211_deauth_request req;
579 int i;
580
581 ASSERT_WDEV_LOCK(wdev);
582
583 if (!rdev->ops->deauth)
584 return;
585
586 memset(&req, 0, sizeof(req));
587 req.reason_code = WLAN_REASON_DEAUTH_LEAVING;
588 req.ie = NULL;
589 req.ie_len = 0;
590
591 if (wdev->current_bss) {
592 req.bss = &wdev->current_bss->pub;
593 rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
594 if (wdev->current_bss) {
595 cfg80211_unhold_bss(wdev->current_bss);
596 cfg80211_put_bss(&wdev->current_bss->pub);
597 wdev->current_bss = NULL;
598 }
599 }
600
601 for (i = 0; i < MAX_AUTH_BSSES; i++) {
602 if (wdev->auth_bsses[i]) {
603 req.bss = &wdev->auth_bsses[i]->pub;
604 rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
605 if (wdev->auth_bsses[i]) {
606 cfg80211_unhold_bss(wdev->auth_bsses[i]);
607 cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
608 wdev->auth_bsses[i] = NULL;
609 }
610 }
611 if (wdev->authtry_bsses[i]) {
612 req.bss = &wdev->authtry_bsses[i]->pub;
613 rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
614 if (wdev->authtry_bsses[i]) {
615 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
616 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
617 wdev->authtry_bsses[i] = NULL;
618 }
619 }
620 }
621}
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 634496b3ed77..da450ef1fc7e 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -29,9 +29,9 @@ static struct genl_family nl80211_fam = {
29 .maxattr = NL80211_ATTR_MAX, 29 .maxattr = NL80211_ATTR_MAX,
30}; 30};
31 31
32/* internal helper: get drv and dev */ 32/* internal helper: get rdev and dev */
33static int get_drv_dev_by_info_ifindex(struct nlattr **attrs, 33static int get_rdev_dev_by_info_ifindex(struct nlattr **attrs,
34 struct cfg80211_registered_device **drv, 34 struct cfg80211_registered_device **rdev,
35 struct net_device **dev) 35 struct net_device **dev)
36{ 36{
37 int ifindex; 37 int ifindex;
@@ -44,10 +44,10 @@ static int get_drv_dev_by_info_ifindex(struct nlattr **attrs,
44 if (!*dev) 44 if (!*dev)
45 return -ENODEV; 45 return -ENODEV;
46 46
47 *drv = cfg80211_get_dev_from_ifindex(ifindex); 47 *rdev = cfg80211_get_dev_from_ifindex(ifindex);
48 if (IS_ERR(*drv)) { 48 if (IS_ERR(*rdev)) {
49 dev_put(*dev); 49 dev_put(*dev);
50 return PTR_ERR(*drv); 50 return PTR_ERR(*rdev);
51 } 51 }
52 52
53 return 0; 53 return 0;
@@ -71,7 +71,9 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
71 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 71 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
72 72
73 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 73 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN },
74 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN },
74 75
76 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
75 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 77 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
76 .len = WLAN_MAX_KEY_LEN }, 78 .len = WLAN_MAX_KEY_LEN },
77 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 79 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
@@ -128,6 +130,20 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
128 .len = sizeof(struct nl80211_sta_flag_update), 130 .len = sizeof(struct nl80211_sta_flag_update),
129 }, 131 },
130 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 132 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
133 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
134 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
135 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
136};
137
138/* policy for the attributes */
139static struct nla_policy
140nl80211_key_policy[NL80211_KEY_MAX + 1] __read_mostly = {
141 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
142 [NL80211_KEY_IDX] = { .type = NLA_U8 },
143 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
144 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 },
145 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
146 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
131}; 147};
132 148
133/* IE validation */ 149/* IE validation */
@@ -194,6 +210,177 @@ static int nl80211_msg_put_channel(struct sk_buff *msg,
194 210
195/* netlink command implementations */ 211/* netlink command implementations */
196 212
213struct key_parse {
214 struct key_params p;
215 int idx;
216 bool def, defmgmt;
217};
218
219static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
220{
221 struct nlattr *tb[NL80211_KEY_MAX + 1];
222 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
223 nl80211_key_policy);
224 if (err)
225 return err;
226
227 k->def = !!tb[NL80211_KEY_DEFAULT];
228 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
229
230 if (tb[NL80211_KEY_IDX])
231 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
232
233 if (tb[NL80211_KEY_DATA]) {
234 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
235 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
236 }
237
238 if (tb[NL80211_KEY_SEQ]) {
239 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
240 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
241 }
242
243 if (tb[NL80211_KEY_CIPHER])
244 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
245
246 return 0;
247}
248
249static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
250{
251 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
252 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
253 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
254 }
255
256 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
257 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
258 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
259 }
260
261 if (info->attrs[NL80211_ATTR_KEY_IDX])
262 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
263
264 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
265 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
266
267 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
268 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
269
270 return 0;
271}
272
273static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
274{
275 int err;
276
277 memset(k, 0, sizeof(*k));
278 k->idx = -1;
279
280 if (info->attrs[NL80211_ATTR_KEY])
281 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
282 else
283 err = nl80211_parse_key_old(info, k);
284
285 if (err)
286 return err;
287
288 if (k->def && k->defmgmt)
289 return -EINVAL;
290
291 if (k->idx != -1) {
292 if (k->defmgmt) {
293 if (k->idx < 4 || k->idx > 5)
294 return -EINVAL;
295 } else if (k->def) {
296 if (k->idx < 0 || k->idx > 3)
297 return -EINVAL;
298 } else {
299 if (k->idx < 0 || k->idx > 5)
300 return -EINVAL;
301 }
302 }
303
304 return 0;
305}
306
307static struct cfg80211_cached_keys *
308nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
309 struct nlattr *keys)
310{
311 struct key_parse parse;
312 struct nlattr *key;
313 struct cfg80211_cached_keys *result;
314 int rem, err, def = 0;
315
316 result = kzalloc(sizeof(*result), GFP_KERNEL);
317 if (!result)
318 return ERR_PTR(-ENOMEM);
319
320 result->def = -1;
321 result->defmgmt = -1;
322
323 nla_for_each_nested(key, keys, rem) {
324 memset(&parse, 0, sizeof(parse));
325 parse.idx = -1;
326
327 err = nl80211_parse_key_new(key, &parse);
328 if (err)
329 goto error;
330 err = -EINVAL;
331 if (!parse.p.key)
332 goto error;
333 if (parse.idx < 0 || parse.idx > 4)
334 goto error;
335 if (parse.def) {
336 if (def)
337 goto error;
338 def = 1;
339 result->def = parse.idx;
340 } else if (parse.defmgmt)
341 goto error;
342 err = cfg80211_validate_key_settings(rdev, &parse.p,
343 parse.idx, NULL);
344 if (err)
345 goto error;
346 result->params[parse.idx].cipher = parse.p.cipher;
347 result->params[parse.idx].key_len = parse.p.key_len;
348 result->params[parse.idx].key = result->data[parse.idx];
349 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
350 }
351
352 return result;
353 error:
354 kfree(result);
355 return ERR_PTR(err);
356}
357
358static int nl80211_key_allowed(struct wireless_dev *wdev)
359{
360 ASSERT_WDEV_LOCK(wdev);
361
362 if (!netif_running(wdev->netdev))
363 return -ENETDOWN;
364
365 switch (wdev->iftype) {
366 case NL80211_IFTYPE_AP:
367 case NL80211_IFTYPE_AP_VLAN:
368 break;
369 case NL80211_IFTYPE_ADHOC:
370 if (!wdev->current_bss)
371 return -ENOLINK;
372 break;
373 case NL80211_IFTYPE_STATION:
374 if (wdev->sme_state != CFG80211_SME_CONNECTED)
375 return -ENOLINK;
376 break;
377 default:
378 return -EINVAL;
379 }
380
381 return 0;
382}
383
197static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 384static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
198 struct cfg80211_registered_device *dev) 385 struct cfg80211_registered_device *dev)
199{ 386{
@@ -347,6 +534,17 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
347 CMD(join_ibss, JOIN_IBSS); 534 CMD(join_ibss, JOIN_IBSS);
348 535
349#undef CMD 536#undef CMD
537
538 if (dev->ops->connect || dev->ops->auth) {
539 i++;
540 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT);
541 }
542
543 if (dev->ops->disconnect || dev->ops->deauth) {
544 i++;
545 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT);
546 }
547
350 nla_nest_end(msg, nl_cmds); 548 nla_nest_end(msg, nl_cmds);
351 549
352 return genlmsg_end(msg, hdr); 550 return genlmsg_end(msg, hdr);
@@ -363,7 +561,7 @@ static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
363 struct cfg80211_registered_device *dev; 561 struct cfg80211_registered_device *dev;
364 562
365 mutex_lock(&cfg80211_mutex); 563 mutex_lock(&cfg80211_mutex);
366 list_for_each_entry(dev, &cfg80211_drv_list, list) { 564 list_for_each_entry(dev, &cfg80211_rdev_list, list) {
367 if (++idx <= start) 565 if (++idx <= start)
368 continue; 566 continue;
369 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 567 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid,
@@ -396,14 +594,14 @@ static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
396 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) 594 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0)
397 goto out_free; 595 goto out_free;
398 596
399 cfg80211_put_dev(dev); 597 cfg80211_unlock_rdev(dev);
400 598
401 return genlmsg_unicast(msg, info->snd_pid); 599 return genlmsg_reply(msg, info);
402 600
403 out_free: 601 out_free:
404 nlmsg_free(msg); 602 nlmsg_free(msg);
405 out_err: 603 out_err:
406 cfg80211_put_dev(dev); 604 cfg80211_unlock_rdev(dev);
407 return -ENOBUFS; 605 return -ENOBUFS;
408} 606}
409 607
@@ -445,7 +643,7 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
445 643
446 mutex_lock(&cfg80211_mutex); 644 mutex_lock(&cfg80211_mutex);
447 645
448 rdev = __cfg80211_drv_from_info(info); 646 rdev = __cfg80211_rdev_from_info(info);
449 if (IS_ERR(rdev)) { 647 if (IS_ERR(rdev)) {
450 mutex_unlock(&cfg80211_mutex); 648 mutex_unlock(&cfg80211_mutex);
451 result = PTR_ERR(rdev); 649 result = PTR_ERR(rdev);
@@ -668,7 +866,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *
668 struct wireless_dev *wdev; 866 struct wireless_dev *wdev;
669 867
670 mutex_lock(&cfg80211_mutex); 868 mutex_lock(&cfg80211_mutex);
671 list_for_each_entry(dev, &cfg80211_drv_list, list) { 869 list_for_each_entry(dev, &cfg80211_rdev_list, list) {
672 if (wp_idx < wp_start) { 870 if (wp_idx < wp_start) {
673 wp_idx++; 871 wp_idx++;
674 continue; 872 continue;
@@ -709,7 +907,7 @@ static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
709 struct net_device *netdev; 907 struct net_device *netdev;
710 int err; 908 int err;
711 909
712 err = get_drv_dev_by_info_ifindex(info->attrs, &dev, &netdev); 910 err = get_rdev_dev_by_info_ifindex(info->attrs, &dev, &netdev);
713 if (err) 911 if (err)
714 return err; 912 return err;
715 913
@@ -722,15 +920,15 @@ static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
722 goto out_free; 920 goto out_free;
723 921
724 dev_put(netdev); 922 dev_put(netdev);
725 cfg80211_put_dev(dev); 923 cfg80211_unlock_rdev(dev);
726 924
727 return genlmsg_unicast(msg, info->snd_pid); 925 return genlmsg_reply(msg, info);
728 926
729 out_free: 927 out_free:
730 nlmsg_free(msg); 928 nlmsg_free(msg);
731 out_err: 929 out_err:
732 dev_put(netdev); 930 dev_put(netdev);
733 cfg80211_put_dev(dev); 931 cfg80211_unlock_rdev(dev);
734 return -ENOBUFS; 932 return -ENOBUFS;
735} 933}
736 934
@@ -765,9 +963,9 @@ static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
765 963
766static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 964static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
767{ 965{
768 struct cfg80211_registered_device *drv; 966 struct cfg80211_registered_device *rdev;
769 struct vif_params params; 967 struct vif_params params;
770 int err, ifindex; 968 int err;
771 enum nl80211_iftype otype, ntype; 969 enum nl80211_iftype otype, ntype;
772 struct net_device *dev; 970 struct net_device *dev;
773 u32 _flags, *flags = NULL; 971 u32 _flags, *flags = NULL;
@@ -777,13 +975,11 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
777 975
778 rtnl_lock(); 976 rtnl_lock();
779 977
780 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 978 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
781 if (err) 979 if (err)
782 goto unlock_rtnl; 980 goto unlock_rtnl;
783 981
784 ifindex = dev->ifindex;
785 otype = ntype = dev->ieee80211_ptr->iftype; 982 otype = ntype = dev->ieee80211_ptr->iftype;
786 dev_put(dev);
787 983
788 if (info->attrs[NL80211_ATTR_IFTYPE]) { 984 if (info->attrs[NL80211_ATTR_IFTYPE]) {
789 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 985 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
@@ -795,8 +991,8 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
795 } 991 }
796 } 992 }
797 993
798 if (!drv->ops->change_virtual_intf || 994 if (!rdev->ops->change_virtual_intf ||
799 !(drv->wiphy.interface_modes & (1 << ntype))) { 995 !(rdev->wiphy.interface_modes & (1 << ntype))) {
800 err = -EOPNOTSUPP; 996 err = -EOPNOTSUPP;
801 goto unlock; 997 goto unlock;
802 } 998 }
@@ -826,21 +1022,21 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
826 } 1022 }
827 1023
828 if (change) 1024 if (change)
829 err = drv->ops->change_virtual_intf(&drv->wiphy, ifindex, 1025 err = rdev->ops->change_virtual_intf(&rdev->wiphy, dev,
830 ntype, flags, &params); 1026 ntype, flags, &params);
831 else 1027 else
832 err = 0; 1028 err = 0;
833 1029
834 dev = __dev_get_by_index(&init_net, ifindex); 1030 WARN_ON(!err && dev->ieee80211_ptr->iftype != ntype);
835 WARN_ON(!dev || (!err && dev->ieee80211_ptr->iftype != ntype));
836 1031
837 if (dev && !err && (ntype != otype)) { 1032 if (!err && (ntype != otype)) {
838 if (otype == NL80211_IFTYPE_ADHOC) 1033 if (otype == NL80211_IFTYPE_ADHOC)
839 cfg80211_clear_ibss(dev, false); 1034 cfg80211_clear_ibss(dev, false);
840 } 1035 }
841 1036
842 unlock: 1037 unlock:
843 cfg80211_put_dev(drv); 1038 dev_put(dev);
1039 cfg80211_unlock_rdev(rdev);
844 unlock_rtnl: 1040 unlock_rtnl:
845 rtnl_unlock(); 1041 rtnl_unlock();
846 return err; 1042 return err;
@@ -848,7 +1044,7 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
848 1044
849static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1045static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
850{ 1046{
851 struct cfg80211_registered_device *drv; 1047 struct cfg80211_registered_device *rdev;
852 struct vif_params params; 1048 struct vif_params params;
853 int err; 1049 int err;
854 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1050 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
@@ -867,14 +1063,14 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
867 1063
868 rtnl_lock(); 1064 rtnl_lock();
869 1065
870 drv = cfg80211_get_dev_from_info(info); 1066 rdev = cfg80211_get_dev_from_info(info);
871 if (IS_ERR(drv)) { 1067 if (IS_ERR(rdev)) {
872 err = PTR_ERR(drv); 1068 err = PTR_ERR(rdev);
873 goto unlock_rtnl; 1069 goto unlock_rtnl;
874 } 1070 }
875 1071
876 if (!drv->ops->add_virtual_intf || 1072 if (!rdev->ops->add_virtual_intf ||
877 !(drv->wiphy.interface_modes & (1 << type))) { 1073 !(rdev->wiphy.interface_modes & (1 << type))) {
878 err = -EOPNOTSUPP; 1074 err = -EOPNOTSUPP;
879 goto unlock; 1075 goto unlock;
880 } 1076 }
@@ -888,12 +1084,12 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
888 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1084 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
889 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1085 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
890 &flags); 1086 &flags);
891 err = drv->ops->add_virtual_intf(&drv->wiphy, 1087 err = rdev->ops->add_virtual_intf(&rdev->wiphy,
892 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1088 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
893 type, err ? NULL : &flags, &params); 1089 type, err ? NULL : &flags, &params);
894 1090
895 unlock: 1091 unlock:
896 cfg80211_put_dev(drv); 1092 cfg80211_unlock_rdev(rdev);
897 unlock_rtnl: 1093 unlock_rtnl:
898 rtnl_unlock(); 1094 rtnl_unlock();
899 return err; 1095 return err;
@@ -901,27 +1097,27 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
901 1097
902static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1098static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
903{ 1099{
904 struct cfg80211_registered_device *drv; 1100 struct cfg80211_registered_device *rdev;
905 int ifindex, err; 1101 int ifindex, err;
906 struct net_device *dev; 1102 struct net_device *dev;
907 1103
908 rtnl_lock(); 1104 rtnl_lock();
909 1105
910 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1106 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
911 if (err) 1107 if (err)
912 goto unlock_rtnl; 1108 goto unlock_rtnl;
913 ifindex = dev->ifindex; 1109 ifindex = dev->ifindex;
914 dev_put(dev); 1110 dev_put(dev);
915 1111
916 if (!drv->ops->del_virtual_intf) { 1112 if (!rdev->ops->del_virtual_intf) {
917 err = -EOPNOTSUPP; 1113 err = -EOPNOTSUPP;
918 goto out; 1114 goto out;
919 } 1115 }
920 1116
921 err = drv->ops->del_virtual_intf(&drv->wiphy, ifindex); 1117 err = rdev->ops->del_virtual_intf(&rdev->wiphy, ifindex);
922 1118
923 out: 1119 out:
924 cfg80211_put_dev(drv); 1120 cfg80211_unlock_rdev(rdev);
925 unlock_rtnl: 1121 unlock_rtnl:
926 rtnl_unlock(); 1122 rtnl_unlock();
927 return err; 1123 return err;
@@ -930,10 +1126,12 @@ static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
930struct get_key_cookie { 1126struct get_key_cookie {
931 struct sk_buff *msg; 1127 struct sk_buff *msg;
932 int error; 1128 int error;
1129 int idx;
933}; 1130};
934 1131
935static void get_key_callback(void *c, struct key_params *params) 1132static void get_key_callback(void *c, struct key_params *params)
936{ 1133{
1134 struct nlattr *key;
937 struct get_key_cookie *cookie = c; 1135 struct get_key_cookie *cookie = c;
938 1136
939 if (params->key) 1137 if (params->key)
@@ -948,6 +1146,26 @@ static void get_key_callback(void *c, struct key_params *params)
948 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1146 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
949 params->cipher); 1147 params->cipher);
950 1148
1149 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
1150 if (!key)
1151 goto nla_put_failure;
1152
1153 if (params->key)
1154 NLA_PUT(cookie->msg, NL80211_KEY_DATA,
1155 params->key_len, params->key);
1156
1157 if (params->seq)
1158 NLA_PUT(cookie->msg, NL80211_KEY_SEQ,
1159 params->seq_len, params->seq);
1160
1161 if (params->cipher)
1162 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER,
1163 params->cipher);
1164
1165 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx);
1166
1167 nla_nest_end(cookie->msg, key);
1168
951 return; 1169 return;
952 nla_put_failure: 1170 nla_put_failure:
953 cookie->error = 1; 1171 cookie->error = 1;
@@ -955,7 +1173,7 @@ static void get_key_callback(void *c, struct key_params *params)
955 1173
956static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1174static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
957{ 1175{
958 struct cfg80211_registered_device *drv; 1176 struct cfg80211_registered_device *rdev;
959 int err; 1177 int err;
960 struct net_device *dev; 1178 struct net_device *dev;
961 u8 key_idx = 0; 1179 u8 key_idx = 0;
@@ -977,11 +1195,11 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
977 1195
978 rtnl_lock(); 1196 rtnl_lock();
979 1197
980 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1198 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
981 if (err) 1199 if (err)
982 goto unlock_rtnl; 1200 goto unlock_rtnl;
983 1201
984 if (!drv->ops->get_key) { 1202 if (!rdev->ops->get_key) {
985 err = -EOPNOTSUPP; 1203 err = -EOPNOTSUPP;
986 goto out; 1204 goto out;
987 } 1205 }
@@ -1001,13 +1219,14 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1001 } 1219 }
1002 1220
1003 cookie.msg = msg; 1221 cookie.msg = msg;
1222 cookie.idx = key_idx;
1004 1223
1005 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1224 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1006 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1225 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1007 if (mac_addr) 1226 if (mac_addr)
1008 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1227 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
1009 1228
1010 err = drv->ops->get_key(&drv->wiphy, dev, key_idx, mac_addr, 1229 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, mac_addr,
1011 &cookie, get_key_callback); 1230 &cookie, get_key_callback);
1012 1231
1013 if (err) 1232 if (err)
@@ -1017,7 +1236,7 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1017 goto nla_put_failure; 1236 goto nla_put_failure;
1018 1237
1019 genlmsg_end(msg, hdr); 1238 genlmsg_end(msg, hdr);
1020 err = genlmsg_unicast(msg, info->snd_pid); 1239 err = genlmsg_reply(msg, info);
1021 goto out; 1240 goto out;
1022 1241
1023 nla_put_failure: 1242 nla_put_failure:
@@ -1025,7 +1244,7 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1025 free_msg: 1244 free_msg:
1026 nlmsg_free(msg); 1245 nlmsg_free(msg);
1027 out: 1246 out:
1028 cfg80211_put_dev(drv); 1247 cfg80211_unlock_rdev(rdev);
1029 dev_put(dev); 1248 dev_put(dev);
1030 unlock_rtnl: 1249 unlock_rtnl:
1031 rtnl_unlock(); 1250 rtnl_unlock();
@@ -1035,57 +1254,57 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1035 1254
1036static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1255static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
1037{ 1256{
1038 struct cfg80211_registered_device *drv; 1257 struct cfg80211_registered_device *rdev;
1258 struct key_parse key;
1039 int err; 1259 int err;
1040 struct net_device *dev; 1260 struct net_device *dev;
1041 u8 key_idx;
1042 int (*func)(struct wiphy *wiphy, struct net_device *netdev, 1261 int (*func)(struct wiphy *wiphy, struct net_device *netdev,
1043 u8 key_index); 1262 u8 key_index);
1044 1263
1045 if (!info->attrs[NL80211_ATTR_KEY_IDX]) 1264 err = nl80211_parse_key(info, &key);
1046 return -EINVAL; 1265 if (err)
1047 1266 return err;
1048 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1049 1267
1050 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]) { 1268 if (key.idx < 0)
1051 if (key_idx < 4 || key_idx > 5)
1052 return -EINVAL;
1053 } else if (key_idx > 3)
1054 return -EINVAL; 1269 return -EINVAL;
1055 1270
1056 /* currently only support setting default key */ 1271 /* only support setting default key */
1057 if (!info->attrs[NL80211_ATTR_KEY_DEFAULT] && 1272 if (!key.def && !key.defmgmt)
1058 !info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT])
1059 return -EINVAL; 1273 return -EINVAL;
1060 1274
1061 rtnl_lock(); 1275 rtnl_lock();
1062 1276
1063 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1277 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1064 if (err) 1278 if (err)
1065 goto unlock_rtnl; 1279 goto unlock_rtnl;
1066 1280
1067 if (info->attrs[NL80211_ATTR_KEY_DEFAULT]) 1281 if (key.def)
1068 func = drv->ops->set_default_key; 1282 func = rdev->ops->set_default_key;
1069 else 1283 else
1070 func = drv->ops->set_default_mgmt_key; 1284 func = rdev->ops->set_default_mgmt_key;
1071 1285
1072 if (!func) { 1286 if (!func) {
1073 err = -EOPNOTSUPP; 1287 err = -EOPNOTSUPP;
1074 goto out; 1288 goto out;
1075 } 1289 }
1076 1290
1077 err = func(&drv->wiphy, dev, key_idx); 1291 wdev_lock(dev->ieee80211_ptr);
1292 err = nl80211_key_allowed(dev->ieee80211_ptr);
1293 if (!err)
1294 err = func(&rdev->wiphy, dev, key.idx);
1295
1078#ifdef CONFIG_WIRELESS_EXT 1296#ifdef CONFIG_WIRELESS_EXT
1079 if (!err) { 1297 if (!err) {
1080 if (func == drv->ops->set_default_key) 1298 if (func == rdev->ops->set_default_key)
1081 dev->ieee80211_ptr->wext.default_key = key_idx; 1299 dev->ieee80211_ptr->wext.default_key = key.idx;
1082 else 1300 else
1083 dev->ieee80211_ptr->wext.default_mgmt_key = key_idx; 1301 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
1084 } 1302 }
1085#endif 1303#endif
1304 wdev_unlock(dev->ieee80211_ptr);
1086 1305
1087 out: 1306 out:
1088 cfg80211_put_dev(drv); 1307 cfg80211_unlock_rdev(rdev);
1089 dev_put(dev); 1308 dev_put(dev);
1090 1309
1091 unlock_rtnl: 1310 unlock_rtnl:
@@ -1096,62 +1315,47 @@ static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
1096 1315
1097static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1316static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
1098{ 1317{
1099 struct cfg80211_registered_device *drv; 1318 struct cfg80211_registered_device *rdev;
1100 int err, i; 1319 int err;
1101 struct net_device *dev; 1320 struct net_device *dev;
1102 struct key_params params; 1321 struct key_parse key;
1103 u8 key_idx = 0;
1104 u8 *mac_addr = NULL; 1322 u8 *mac_addr = NULL;
1105 1323
1106 memset(&params, 0, sizeof(params)); 1324 err = nl80211_parse_key(info, &key);
1325 if (err)
1326 return err;
1107 1327
1108 if (!info->attrs[NL80211_ATTR_KEY_CIPHER]) 1328 if (!key.p.key)
1109 return -EINVAL; 1329 return -EINVAL;
1110 1330
1111 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
1112 params.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
1113 params.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
1114 }
1115
1116 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
1117 params.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
1118 params.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
1119 }
1120
1121 if (info->attrs[NL80211_ATTR_KEY_IDX])
1122 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1123
1124 params.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
1125
1126 if (info->attrs[NL80211_ATTR_MAC]) 1331 if (info->attrs[NL80211_ATTR_MAC])
1127 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1332 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1128 1333
1129 if (cfg80211_validate_key_settings(&params, key_idx, mac_addr))
1130 return -EINVAL;
1131
1132 rtnl_lock(); 1334 rtnl_lock();
1133 1335
1134 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1336 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1135 if (err) 1337 if (err)
1136 goto unlock_rtnl; 1338 goto unlock_rtnl;
1137 1339
1138 for (i = 0; i < drv->wiphy.n_cipher_suites; i++) 1340 if (!rdev->ops->add_key) {
1139 if (params.cipher == drv->wiphy.cipher_suites[i]) 1341 err = -EOPNOTSUPP;
1140 break;
1141 if (i == drv->wiphy.n_cipher_suites) {
1142 err = -EINVAL;
1143 goto out; 1342 goto out;
1144 } 1343 }
1145 1344
1146 if (!drv->ops->add_key) { 1345 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, mac_addr)) {
1147 err = -EOPNOTSUPP; 1346 err = -EINVAL;
1148 goto out; 1347 goto out;
1149 } 1348 }
1150 1349
1151 err = drv->ops->add_key(&drv->wiphy, dev, key_idx, mac_addr, &params); 1350 wdev_lock(dev->ieee80211_ptr);
1351 err = nl80211_key_allowed(dev->ieee80211_ptr);
1352 if (!err)
1353 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx,
1354 mac_addr, &key.p);
1355 wdev_unlock(dev->ieee80211_ptr);
1152 1356
1153 out: 1357 out:
1154 cfg80211_put_dev(drv); 1358 cfg80211_unlock_rdev(rdev);
1155 dev_put(dev); 1359 dev_put(dev);
1156 unlock_rtnl: 1360 unlock_rtnl:
1157 rtnl_unlock(); 1361 rtnl_unlock();
@@ -1161,45 +1365,47 @@ static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
1161 1365
1162static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1366static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
1163{ 1367{
1164 struct cfg80211_registered_device *drv; 1368 struct cfg80211_registered_device *rdev;
1165 int err; 1369 int err;
1166 struct net_device *dev; 1370 struct net_device *dev;
1167 u8 key_idx = 0;
1168 u8 *mac_addr = NULL; 1371 u8 *mac_addr = NULL;
1372 struct key_parse key;
1169 1373
1170 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1374 err = nl80211_parse_key(info, &key);
1171 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1375 if (err)
1172 1376 return err;
1173 if (key_idx > 5)
1174 return -EINVAL;
1175 1377
1176 if (info->attrs[NL80211_ATTR_MAC]) 1378 if (info->attrs[NL80211_ATTR_MAC])
1177 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1379 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1178 1380
1179 rtnl_lock(); 1381 rtnl_lock();
1180 1382
1181 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1383 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1182 if (err) 1384 if (err)
1183 goto unlock_rtnl; 1385 goto unlock_rtnl;
1184 1386
1185 if (!drv->ops->del_key) { 1387 if (!rdev->ops->del_key) {
1186 err = -EOPNOTSUPP; 1388 err = -EOPNOTSUPP;
1187 goto out; 1389 goto out;
1188 } 1390 }
1189 1391
1190 err = drv->ops->del_key(&drv->wiphy, dev, key_idx, mac_addr); 1392 wdev_lock(dev->ieee80211_ptr);
1393 err = nl80211_key_allowed(dev->ieee80211_ptr);
1394 if (!err)
1395 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, mac_addr);
1191 1396
1192#ifdef CONFIG_WIRELESS_EXT 1397#ifdef CONFIG_WIRELESS_EXT
1193 if (!err) { 1398 if (!err) {
1194 if (key_idx == dev->ieee80211_ptr->wext.default_key) 1399 if (key.idx == dev->ieee80211_ptr->wext.default_key)
1195 dev->ieee80211_ptr->wext.default_key = -1; 1400 dev->ieee80211_ptr->wext.default_key = -1;
1196 else if (key_idx == dev->ieee80211_ptr->wext.default_mgmt_key) 1401 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
1197 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 1402 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
1198 } 1403 }
1199#endif 1404#endif
1405 wdev_unlock(dev->ieee80211_ptr);
1200 1406
1201 out: 1407 out:
1202 cfg80211_put_dev(drv); 1408 cfg80211_unlock_rdev(rdev);
1203 dev_put(dev); 1409 dev_put(dev);
1204 1410
1205 unlock_rtnl: 1411 unlock_rtnl:
@@ -1212,7 +1418,7 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1212{ 1418{
1213 int (*call)(struct wiphy *wiphy, struct net_device *dev, 1419 int (*call)(struct wiphy *wiphy, struct net_device *dev,
1214 struct beacon_parameters *info); 1420 struct beacon_parameters *info);
1215 struct cfg80211_registered_device *drv; 1421 struct cfg80211_registered_device *rdev;
1216 int err; 1422 int err;
1217 struct net_device *dev; 1423 struct net_device *dev;
1218 struct beacon_parameters params; 1424 struct beacon_parameters params;
@@ -1223,7 +1429,7 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1223 1429
1224 rtnl_lock(); 1430 rtnl_lock();
1225 1431
1226 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1432 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1227 if (err) 1433 if (err)
1228 goto unlock_rtnl; 1434 goto unlock_rtnl;
1229 1435
@@ -1242,10 +1448,10 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1242 goto out; 1448 goto out;
1243 } 1449 }
1244 1450
1245 call = drv->ops->add_beacon; 1451 call = rdev->ops->add_beacon;
1246 break; 1452 break;
1247 case NL80211_CMD_SET_BEACON: 1453 case NL80211_CMD_SET_BEACON:
1248 call = drv->ops->set_beacon; 1454 call = rdev->ops->set_beacon;
1249 break; 1455 break;
1250 default: 1456 default:
1251 WARN_ON(1); 1457 WARN_ON(1);
@@ -1291,10 +1497,10 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1291 goto out; 1497 goto out;
1292 } 1498 }
1293 1499
1294 err = call(&drv->wiphy, dev, &params); 1500 err = call(&rdev->wiphy, dev, &params);
1295 1501
1296 out: 1502 out:
1297 cfg80211_put_dev(drv); 1503 cfg80211_unlock_rdev(rdev);
1298 dev_put(dev); 1504 dev_put(dev);
1299 unlock_rtnl: 1505 unlock_rtnl:
1300 rtnl_unlock(); 1506 rtnl_unlock();
@@ -1304,17 +1510,17 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1304 1510
1305static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 1511static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info)
1306{ 1512{
1307 struct cfg80211_registered_device *drv; 1513 struct cfg80211_registered_device *rdev;
1308 int err; 1514 int err;
1309 struct net_device *dev; 1515 struct net_device *dev;
1310 1516
1311 rtnl_lock(); 1517 rtnl_lock();
1312 1518
1313 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1519 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1314 if (err) 1520 if (err)
1315 goto unlock_rtnl; 1521 goto unlock_rtnl;
1316 1522
1317 if (!drv->ops->del_beacon) { 1523 if (!rdev->ops->del_beacon) {
1318 err = -EOPNOTSUPP; 1524 err = -EOPNOTSUPP;
1319 goto out; 1525 goto out;
1320 } 1526 }
@@ -1323,10 +1529,10 @@ static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info)
1323 err = -EOPNOTSUPP; 1529 err = -EOPNOTSUPP;
1324 goto out; 1530 goto out;
1325 } 1531 }
1326 err = drv->ops->del_beacon(&drv->wiphy, dev); 1532 err = rdev->ops->del_beacon(&rdev->wiphy, dev);
1327 1533
1328 out: 1534 out:
1329 cfg80211_put_dev(drv); 1535 cfg80211_unlock_rdev(rdev);
1330 dev_put(dev); 1536 dev_put(dev);
1331 unlock_rtnl: 1537 unlock_rtnl:
1332 rtnl_unlock(); 1538 rtnl_unlock();
@@ -1560,7 +1766,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
1560 cb->args[1] = sta_idx; 1766 cb->args[1] = sta_idx;
1561 err = skb->len; 1767 err = skb->len;
1562 out_err: 1768 out_err:
1563 cfg80211_put_dev(dev); 1769 cfg80211_unlock_rdev(dev);
1564 out_rtnl: 1770 out_rtnl:
1565 rtnl_unlock(); 1771 rtnl_unlock();
1566 1772
@@ -1569,7 +1775,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
1569 1775
1570static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 1776static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1571{ 1777{
1572 struct cfg80211_registered_device *drv; 1778 struct cfg80211_registered_device *rdev;
1573 int err; 1779 int err;
1574 struct net_device *dev; 1780 struct net_device *dev;
1575 struct station_info sinfo; 1781 struct station_info sinfo;
@@ -1585,16 +1791,16 @@ static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1585 1791
1586 rtnl_lock(); 1792 rtnl_lock();
1587 1793
1588 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1794 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1589 if (err) 1795 if (err)
1590 goto out_rtnl; 1796 goto out_rtnl;
1591 1797
1592 if (!drv->ops->get_station) { 1798 if (!rdev->ops->get_station) {
1593 err = -EOPNOTSUPP; 1799 err = -EOPNOTSUPP;
1594 goto out; 1800 goto out;
1595 } 1801 }
1596 1802
1597 err = drv->ops->get_station(&drv->wiphy, dev, mac_addr, &sinfo); 1803 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo);
1598 if (err) 1804 if (err)
1599 goto out; 1805 goto out;
1600 1806
@@ -1606,13 +1812,13 @@ static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1606 dev, mac_addr, &sinfo) < 0) 1812 dev, mac_addr, &sinfo) < 0)
1607 goto out_free; 1813 goto out_free;
1608 1814
1609 err = genlmsg_unicast(msg, info->snd_pid); 1815 err = genlmsg_reply(msg, info);
1610 goto out; 1816 goto out;
1611 1817
1612 out_free: 1818 out_free:
1613 nlmsg_free(msg); 1819 nlmsg_free(msg);
1614 out: 1820 out:
1615 cfg80211_put_dev(drv); 1821 cfg80211_unlock_rdev(rdev);
1616 dev_put(dev); 1822 dev_put(dev);
1617 out_rtnl: 1823 out_rtnl:
1618 rtnl_unlock(); 1824 rtnl_unlock();
@@ -1643,7 +1849,7 @@ static int get_vlan(struct nlattr *vlanattr,
1643 1849
1644static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 1850static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1645{ 1851{
1646 struct cfg80211_registered_device *drv; 1852 struct cfg80211_registered_device *rdev;
1647 int err; 1853 int err;
1648 struct net_device *dev; 1854 struct net_device *dev;
1649 struct station_parameters params; 1855 struct station_parameters params;
@@ -1685,11 +1891,11 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1685 1891
1686 rtnl_lock(); 1892 rtnl_lock();
1687 1893
1688 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1894 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1689 if (err) 1895 if (err)
1690 goto out_rtnl; 1896 goto out_rtnl;
1691 1897
1692 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], drv, &params.vlan); 1898 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], rdev, &params.vlan);
1693 if (err) 1899 if (err)
1694 goto out; 1900 goto out;
1695 1901
@@ -1738,17 +1944,17 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1738 if (err) 1944 if (err)
1739 goto out; 1945 goto out;
1740 1946
1741 if (!drv->ops->change_station) { 1947 if (!rdev->ops->change_station) {
1742 err = -EOPNOTSUPP; 1948 err = -EOPNOTSUPP;
1743 goto out; 1949 goto out;
1744 } 1950 }
1745 1951
1746 err = drv->ops->change_station(&drv->wiphy, dev, mac_addr, &params); 1952 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, &params);
1747 1953
1748 out: 1954 out:
1749 if (params.vlan) 1955 if (params.vlan)
1750 dev_put(params.vlan); 1956 dev_put(params.vlan);
1751 cfg80211_put_dev(drv); 1957 cfg80211_unlock_rdev(rdev);
1752 dev_put(dev); 1958 dev_put(dev);
1753 out_rtnl: 1959 out_rtnl:
1754 rtnl_unlock(); 1960 rtnl_unlock();
@@ -1758,7 +1964,7 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1758 1964
1759static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 1965static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1760{ 1966{
1761 struct cfg80211_registered_device *drv; 1967 struct cfg80211_registered_device *rdev;
1762 int err; 1968 int err;
1763 struct net_device *dev; 1969 struct net_device *dev;
1764 struct station_parameters params; 1970 struct station_parameters params;
@@ -1798,11 +2004,11 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1798 2004
1799 rtnl_lock(); 2005 rtnl_lock();
1800 2006
1801 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2007 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1802 if (err) 2008 if (err)
1803 goto out_rtnl; 2009 goto out_rtnl;
1804 2010
1805 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], drv, &params.vlan); 2011 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], rdev, &params.vlan);
1806 if (err) 2012 if (err)
1807 goto out; 2013 goto out;
1808 2014
@@ -1838,7 +2044,7 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1838 if (err) 2044 if (err)
1839 goto out; 2045 goto out;
1840 2046
1841 if (!drv->ops->add_station) { 2047 if (!rdev->ops->add_station) {
1842 err = -EOPNOTSUPP; 2048 err = -EOPNOTSUPP;
1843 goto out; 2049 goto out;
1844 } 2050 }
@@ -1848,12 +2054,12 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1848 goto out; 2054 goto out;
1849 } 2055 }
1850 2056
1851 err = drv->ops->add_station(&drv->wiphy, dev, mac_addr, &params); 2057 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, &params);
1852 2058
1853 out: 2059 out:
1854 if (params.vlan) 2060 if (params.vlan)
1855 dev_put(params.vlan); 2061 dev_put(params.vlan);
1856 cfg80211_put_dev(drv); 2062 cfg80211_unlock_rdev(rdev);
1857 dev_put(dev); 2063 dev_put(dev);
1858 out_rtnl: 2064 out_rtnl:
1859 rtnl_unlock(); 2065 rtnl_unlock();
@@ -1863,7 +2069,7 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1863 2069
1864static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2070static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1865{ 2071{
1866 struct cfg80211_registered_device *drv; 2072 struct cfg80211_registered_device *rdev;
1867 int err; 2073 int err;
1868 struct net_device *dev; 2074 struct net_device *dev;
1869 u8 *mac_addr = NULL; 2075 u8 *mac_addr = NULL;
@@ -1873,7 +2079,7 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1873 2079
1874 rtnl_lock(); 2080 rtnl_lock();
1875 2081
1876 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2082 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1877 if (err) 2083 if (err)
1878 goto out_rtnl; 2084 goto out_rtnl;
1879 2085
@@ -1884,15 +2090,15 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1884 goto out; 2090 goto out;
1885 } 2091 }
1886 2092
1887 if (!drv->ops->del_station) { 2093 if (!rdev->ops->del_station) {
1888 err = -EOPNOTSUPP; 2094 err = -EOPNOTSUPP;
1889 goto out; 2095 goto out;
1890 } 2096 }
1891 2097
1892 err = drv->ops->del_station(&drv->wiphy, dev, mac_addr); 2098 err = rdev->ops->del_station(&rdev->wiphy, dev, mac_addr);
1893 2099
1894 out: 2100 out:
1895 cfg80211_put_dev(drv); 2101 cfg80211_unlock_rdev(rdev);
1896 dev_put(dev); 2102 dev_put(dev);
1897 out_rtnl: 2103 out_rtnl:
1898 rtnl_unlock(); 2104 rtnl_unlock();
@@ -2023,7 +2229,7 @@ static int nl80211_dump_mpath(struct sk_buff *skb,
2023 cb->args[1] = path_idx; 2229 cb->args[1] = path_idx;
2024 err = skb->len; 2230 err = skb->len;
2025 out_err: 2231 out_err:
2026 cfg80211_put_dev(dev); 2232 cfg80211_unlock_rdev(dev);
2027 out_rtnl: 2233 out_rtnl:
2028 rtnl_unlock(); 2234 rtnl_unlock();
2029 2235
@@ -2032,7 +2238,7 @@ static int nl80211_dump_mpath(struct sk_buff *skb,
2032 2238
2033static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2239static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2034{ 2240{
2035 struct cfg80211_registered_device *drv; 2241 struct cfg80211_registered_device *rdev;
2036 int err; 2242 int err;
2037 struct net_device *dev; 2243 struct net_device *dev;
2038 struct mpath_info pinfo; 2244 struct mpath_info pinfo;
@@ -2049,11 +2255,11 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2049 2255
2050 rtnl_lock(); 2256 rtnl_lock();
2051 2257
2052 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2258 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2053 if (err) 2259 if (err)
2054 goto out_rtnl; 2260 goto out_rtnl;
2055 2261
2056 if (!drv->ops->get_mpath) { 2262 if (!rdev->ops->get_mpath) {
2057 err = -EOPNOTSUPP; 2263 err = -EOPNOTSUPP;
2058 goto out; 2264 goto out;
2059 } 2265 }
@@ -2063,7 +2269,7 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2063 goto out; 2269 goto out;
2064 } 2270 }
2065 2271
2066 err = drv->ops->get_mpath(&drv->wiphy, dev, dst, next_hop, &pinfo); 2272 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo);
2067 if (err) 2273 if (err)
2068 goto out; 2274 goto out;
2069 2275
@@ -2075,13 +2281,13 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2075 dev, dst, next_hop, &pinfo) < 0) 2281 dev, dst, next_hop, &pinfo) < 0)
2076 goto out_free; 2282 goto out_free;
2077 2283
2078 err = genlmsg_unicast(msg, info->snd_pid); 2284 err = genlmsg_reply(msg, info);
2079 goto out; 2285 goto out;
2080 2286
2081 out_free: 2287 out_free:
2082 nlmsg_free(msg); 2288 nlmsg_free(msg);
2083 out: 2289 out:
2084 cfg80211_put_dev(drv); 2290 cfg80211_unlock_rdev(rdev);
2085 dev_put(dev); 2291 dev_put(dev);
2086 out_rtnl: 2292 out_rtnl:
2087 rtnl_unlock(); 2293 rtnl_unlock();
@@ -2091,7 +2297,7 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2091 2297
2092static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2298static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2093{ 2299{
2094 struct cfg80211_registered_device *drv; 2300 struct cfg80211_registered_device *rdev;
2095 int err; 2301 int err;
2096 struct net_device *dev; 2302 struct net_device *dev;
2097 u8 *dst = NULL; 2303 u8 *dst = NULL;
@@ -2108,11 +2314,11 @@ static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2108 2314
2109 rtnl_lock(); 2315 rtnl_lock();
2110 2316
2111 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2317 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2112 if (err) 2318 if (err)
2113 goto out_rtnl; 2319 goto out_rtnl;
2114 2320
2115 if (!drv->ops->change_mpath) { 2321 if (!rdev->ops->change_mpath) {
2116 err = -EOPNOTSUPP; 2322 err = -EOPNOTSUPP;
2117 goto out; 2323 goto out;
2118 } 2324 }
@@ -2127,10 +2333,10 @@ static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2127 goto out; 2333 goto out;
2128 } 2334 }
2129 2335
2130 err = drv->ops->change_mpath(&drv->wiphy, dev, dst, next_hop); 2336 err = rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop);
2131 2337
2132 out: 2338 out:
2133 cfg80211_put_dev(drv); 2339 cfg80211_unlock_rdev(rdev);
2134 dev_put(dev); 2340 dev_put(dev);
2135 out_rtnl: 2341 out_rtnl:
2136 rtnl_unlock(); 2342 rtnl_unlock();
@@ -2139,7 +2345,7 @@ static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2139} 2345}
2140static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2346static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2141{ 2347{
2142 struct cfg80211_registered_device *drv; 2348 struct cfg80211_registered_device *rdev;
2143 int err; 2349 int err;
2144 struct net_device *dev; 2350 struct net_device *dev;
2145 u8 *dst = NULL; 2351 u8 *dst = NULL;
@@ -2156,11 +2362,11 @@ static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2156 2362
2157 rtnl_lock(); 2363 rtnl_lock();
2158 2364
2159 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2365 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2160 if (err) 2366 if (err)
2161 goto out_rtnl; 2367 goto out_rtnl;
2162 2368
2163 if (!drv->ops->add_mpath) { 2369 if (!rdev->ops->add_mpath) {
2164 err = -EOPNOTSUPP; 2370 err = -EOPNOTSUPP;
2165 goto out; 2371 goto out;
2166 } 2372 }
@@ -2175,10 +2381,10 @@ static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2175 goto out; 2381 goto out;
2176 } 2382 }
2177 2383
2178 err = drv->ops->add_mpath(&drv->wiphy, dev, dst, next_hop); 2384 err = rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop);
2179 2385
2180 out: 2386 out:
2181 cfg80211_put_dev(drv); 2387 cfg80211_unlock_rdev(rdev);
2182 dev_put(dev); 2388 dev_put(dev);
2183 out_rtnl: 2389 out_rtnl:
2184 rtnl_unlock(); 2390 rtnl_unlock();
@@ -2188,7 +2394,7 @@ static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2188 2394
2189static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2395static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
2190{ 2396{
2191 struct cfg80211_registered_device *drv; 2397 struct cfg80211_registered_device *rdev;
2192 int err; 2398 int err;
2193 struct net_device *dev; 2399 struct net_device *dev;
2194 u8 *dst = NULL; 2400 u8 *dst = NULL;
@@ -2198,19 +2404,19 @@ static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
2198 2404
2199 rtnl_lock(); 2405 rtnl_lock();
2200 2406
2201 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2407 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2202 if (err) 2408 if (err)
2203 goto out_rtnl; 2409 goto out_rtnl;
2204 2410
2205 if (!drv->ops->del_mpath) { 2411 if (!rdev->ops->del_mpath) {
2206 err = -EOPNOTSUPP; 2412 err = -EOPNOTSUPP;
2207 goto out; 2413 goto out;
2208 } 2414 }
2209 2415
2210 err = drv->ops->del_mpath(&drv->wiphy, dev, dst); 2416 err = rdev->ops->del_mpath(&rdev->wiphy, dev, dst);
2211 2417
2212 out: 2418 out:
2213 cfg80211_put_dev(drv); 2419 cfg80211_unlock_rdev(rdev);
2214 dev_put(dev); 2420 dev_put(dev);
2215 out_rtnl: 2421 out_rtnl:
2216 rtnl_unlock(); 2422 rtnl_unlock();
@@ -2220,7 +2426,7 @@ static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
2220 2426
2221static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2427static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2222{ 2428{
2223 struct cfg80211_registered_device *drv; 2429 struct cfg80211_registered_device *rdev;
2224 int err; 2430 int err;
2225 struct net_device *dev; 2431 struct net_device *dev;
2226 struct bss_parameters params; 2432 struct bss_parameters params;
@@ -2249,11 +2455,11 @@ static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2249 2455
2250 rtnl_lock(); 2456 rtnl_lock();
2251 2457
2252 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2458 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2253 if (err) 2459 if (err)
2254 goto out_rtnl; 2460 goto out_rtnl;
2255 2461
2256 if (!drv->ops->change_bss) { 2462 if (!rdev->ops->change_bss) {
2257 err = -EOPNOTSUPP; 2463 err = -EOPNOTSUPP;
2258 goto out; 2464 goto out;
2259 } 2465 }
@@ -2263,10 +2469,10 @@ static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2263 goto out; 2469 goto out;
2264 } 2470 }
2265 2471
2266 err = drv->ops->change_bss(&drv->wiphy, dev, &params); 2472 err = rdev->ops->change_bss(&rdev->wiphy, dev, &params);
2267 2473
2268 out: 2474 out:
2269 cfg80211_put_dev(drv); 2475 cfg80211_unlock_rdev(rdev);
2270 dev_put(dev); 2476 dev_put(dev);
2271 out_rtnl: 2477 out_rtnl:
2272 rtnl_unlock(); 2478 rtnl_unlock();
@@ -2357,7 +2563,7 @@ static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
2357static int nl80211_get_mesh_params(struct sk_buff *skb, 2563static int nl80211_get_mesh_params(struct sk_buff *skb,
2358 struct genl_info *info) 2564 struct genl_info *info)
2359{ 2565{
2360 struct cfg80211_registered_device *drv; 2566 struct cfg80211_registered_device *rdev;
2361 struct mesh_config cur_params; 2567 struct mesh_config cur_params;
2362 int err; 2568 int err;
2363 struct net_device *dev; 2569 struct net_device *dev;
@@ -2368,17 +2574,17 @@ static int nl80211_get_mesh_params(struct sk_buff *skb,
2368 rtnl_lock(); 2574 rtnl_lock();
2369 2575
2370 /* Look up our device */ 2576 /* Look up our device */
2371 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2577 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2372 if (err) 2578 if (err)
2373 goto out_rtnl; 2579 goto out_rtnl;
2374 2580
2375 if (!drv->ops->get_mesh_params) { 2581 if (!rdev->ops->get_mesh_params) {
2376 err = -EOPNOTSUPP; 2582 err = -EOPNOTSUPP;
2377 goto out; 2583 goto out;
2378 } 2584 }
2379 2585
2380 /* Get the mesh params */ 2586 /* Get the mesh params */
2381 err = drv->ops->get_mesh_params(&drv->wiphy, dev, &cur_params); 2587 err = rdev->ops->get_mesh_params(&rdev->wiphy, dev, &cur_params);
2382 if (err) 2588 if (err)
2383 goto out; 2589 goto out;
2384 2590
@@ -2424,7 +2630,7 @@ static int nl80211_get_mesh_params(struct sk_buff *skb,
2424 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 2630 cur_params.dot11MeshHWMPnetDiameterTraversalTime);
2425 nla_nest_end(msg, pinfoattr); 2631 nla_nest_end(msg, pinfoattr);
2426 genlmsg_end(msg, hdr); 2632 genlmsg_end(msg, hdr);
2427 err = genlmsg_unicast(msg, info->snd_pid); 2633 err = genlmsg_reply(msg, info);
2428 goto out; 2634 goto out;
2429 2635
2430 nla_put_failure: 2636 nla_put_failure:
@@ -2432,7 +2638,7 @@ static int nl80211_get_mesh_params(struct sk_buff *skb,
2432 err = -EMSGSIZE; 2638 err = -EMSGSIZE;
2433 out: 2639 out:
2434 /* Cleanup */ 2640 /* Cleanup */
2435 cfg80211_put_dev(drv); 2641 cfg80211_unlock_rdev(rdev);
2436 dev_put(dev); 2642 dev_put(dev);
2437 out_rtnl: 2643 out_rtnl:
2438 rtnl_unlock(); 2644 rtnl_unlock();
@@ -2470,7 +2676,7 @@ static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info)
2470{ 2676{
2471 int err; 2677 int err;
2472 u32 mask; 2678 u32 mask;
2473 struct cfg80211_registered_device *drv; 2679 struct cfg80211_registered_device *rdev;
2474 struct net_device *dev; 2680 struct net_device *dev;
2475 struct mesh_config cfg; 2681 struct mesh_config cfg;
2476 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 2682 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
@@ -2485,11 +2691,11 @@ static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info)
2485 2691
2486 rtnl_lock(); 2692 rtnl_lock();
2487 2693
2488 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2694 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2489 if (err) 2695 if (err)
2490 goto out_rtnl; 2696 goto out_rtnl;
2491 2697
2492 if (!drv->ops->set_mesh_params) { 2698 if (!rdev->ops->set_mesh_params) {
2493 err = -EOPNOTSUPP; 2699 err = -EOPNOTSUPP;
2494 goto out; 2700 goto out;
2495 } 2701 }
@@ -2534,11 +2740,11 @@ static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info)
2534 nla_get_u16); 2740 nla_get_u16);
2535 2741
2536 /* Apply changes */ 2742 /* Apply changes */
2537 err = drv->ops->set_mesh_params(&drv->wiphy, dev, &cfg, mask); 2743 err = rdev->ops->set_mesh_params(&rdev->wiphy, dev, &cfg, mask);
2538 2744
2539 out: 2745 out:
2540 /* cleanup */ 2746 /* cleanup */
2541 cfg80211_put_dev(drv); 2747 cfg80211_unlock_rdev(rdev);
2542 dev_put(dev); 2748 dev_put(dev);
2543 out_rtnl: 2749 out_rtnl:
2544 rtnl_unlock(); 2750 rtnl_unlock();
@@ -2612,7 +2818,7 @@ static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
2612 nla_nest_end(msg, nl_reg_rules); 2818 nla_nest_end(msg, nl_reg_rules);
2613 2819
2614 genlmsg_end(msg, hdr); 2820 genlmsg_end(msg, hdr);
2615 err = genlmsg_unicast(msg, info->snd_pid); 2821 err = genlmsg_reply(msg, info);
2616 goto out; 2822 goto out;
2617 2823
2618nla_put_failure: 2824nla_put_failure:
@@ -2698,16 +2904,41 @@ static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
2698 return r; 2904 return r;
2699} 2905}
2700 2906
2907static int validate_scan_freqs(struct nlattr *freqs)
2908{
2909 struct nlattr *attr1, *attr2;
2910 int n_channels = 0, tmp1, tmp2;
2911
2912 nla_for_each_nested(attr1, freqs, tmp1) {
2913 n_channels++;
2914 /*
2915 * Some hardware has a limited channel list for
2916 * scanning, and it is pretty much nonsensical
2917 * to scan for a channel twice, so disallow that
2918 * and don't require drivers to check that the
2919 * channel list they get isn't longer than what
2920 * they can scan, as long as they can scan all
2921 * the channels they registered at once.
2922 */
2923 nla_for_each_nested(attr2, freqs, tmp2)
2924 if (attr1 != attr2 &&
2925 nla_get_u32(attr1) == nla_get_u32(attr2))
2926 return 0;
2927 }
2928
2929 return n_channels;
2930}
2931
2701static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 2932static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2702{ 2933{
2703 struct cfg80211_registered_device *drv; 2934 struct cfg80211_registered_device *rdev;
2704 struct net_device *dev; 2935 struct net_device *dev;
2705 struct cfg80211_scan_request *request; 2936 struct cfg80211_scan_request *request;
2706 struct cfg80211_ssid *ssid; 2937 struct cfg80211_ssid *ssid;
2707 struct ieee80211_channel *channel; 2938 struct ieee80211_channel *channel;
2708 struct nlattr *attr; 2939 struct nlattr *attr;
2709 struct wiphy *wiphy; 2940 struct wiphy *wiphy;
2710 int err, tmp, n_ssids = 0, n_channels = 0, i; 2941 int err, tmp, n_ssids = 0, n_channels, i;
2711 enum ieee80211_band band; 2942 enum ieee80211_band band;
2712 size_t ie_len; 2943 size_t ie_len;
2713 2944
@@ -2716,13 +2947,13 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2716 2947
2717 rtnl_lock(); 2948 rtnl_lock();
2718 2949
2719 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2950 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
2720 if (err) 2951 if (err)
2721 goto out_rtnl; 2952 goto out_rtnl;
2722 2953
2723 wiphy = &drv->wiphy; 2954 wiphy = &rdev->wiphy;
2724 2955
2725 if (!drv->ops->scan) { 2956 if (!rdev->ops->scan) {
2726 err = -EOPNOTSUPP; 2957 err = -EOPNOTSUPP;
2727 goto out; 2958 goto out;
2728 } 2959 }
@@ -2732,19 +2963,21 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2732 goto out; 2963 goto out;
2733 } 2964 }
2734 2965
2735 if (drv->scan_req) { 2966 if (rdev->scan_req) {
2736 err = -EBUSY; 2967 err = -EBUSY;
2737 goto out; 2968 goto out;
2738 } 2969 }
2739 2970
2740 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 2971 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
2741 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) 2972 n_channels = validate_scan_freqs(
2742 n_channels++; 2973 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
2743 if (!n_channels) { 2974 if (!n_channels) {
2744 err = -EINVAL; 2975 err = -EINVAL;
2745 goto out; 2976 goto out;
2746 } 2977 }
2747 } else { 2978 } else {
2979 n_channels = 0;
2980
2748 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 2981 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
2749 if (wiphy->bands[band]) 2982 if (wiphy->bands[band])
2750 n_channels += wiphy->bands[band]->n_channels; 2983 n_channels += wiphy->bands[band]->n_channels;
@@ -2837,18 +3070,21 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2837 } 3070 }
2838 3071
2839 request->ifidx = dev->ifindex; 3072 request->ifidx = dev->ifindex;
2840 request->wiphy = &drv->wiphy; 3073 request->wiphy = &rdev->wiphy;
3074
3075 rdev->scan_req = request;
3076 err = rdev->ops->scan(&rdev->wiphy, dev, request);
2841 3077
2842 drv->scan_req = request; 3078 if (!err)
2843 err = drv->ops->scan(&drv->wiphy, dev, request); 3079 nl80211_send_scan_start(rdev, dev);
2844 3080
2845 out_free: 3081 out_free:
2846 if (err) { 3082 if (err) {
2847 drv->scan_req = NULL; 3083 rdev->scan_req = NULL;
2848 kfree(request); 3084 kfree(request);
2849 } 3085 }
2850 out: 3086 out:
2851 cfg80211_put_dev(drv); 3087 cfg80211_unlock_rdev(rdev);
2852 dev_put(dev); 3088 dev_put(dev);
2853 out_rtnl: 3089 out_rtnl:
2854 rtnl_unlock(); 3090 rtnl_unlock();
@@ -2858,11 +3094,15 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2858 3094
2859static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags, 3095static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
2860 struct cfg80211_registered_device *rdev, 3096 struct cfg80211_registered_device *rdev,
2861 struct net_device *dev, 3097 struct wireless_dev *wdev,
2862 struct cfg80211_bss *res) 3098 struct cfg80211_internal_bss *intbss)
2863{ 3099{
3100 struct cfg80211_bss *res = &intbss->pub;
2864 void *hdr; 3101 void *hdr;
2865 struct nlattr *bss; 3102 struct nlattr *bss;
3103 int i;
3104
3105 ASSERT_WDEV_LOCK(wdev);
2866 3106
2867 hdr = nl80211hdr_put(msg, pid, seq, flags, 3107 hdr = nl80211hdr_put(msg, pid, seq, flags,
2868 NL80211_CMD_NEW_SCAN_RESULTS); 3108 NL80211_CMD_NEW_SCAN_RESULTS);
@@ -2871,7 +3111,7 @@ static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
2871 3111
2872 NLA_PUT_U32(msg, NL80211_ATTR_SCAN_GENERATION, 3112 NLA_PUT_U32(msg, NL80211_ATTR_SCAN_GENERATION,
2873 rdev->bss_generation); 3113 rdev->bss_generation);
2874 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3114 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex);
2875 3115
2876 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3116 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
2877 if (!bss) 3117 if (!bss)
@@ -2900,6 +3140,28 @@ static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
2900 break; 3140 break;
2901 } 3141 }
2902 3142
3143 switch (wdev->iftype) {
3144 case NL80211_IFTYPE_STATION:
3145 if (intbss == wdev->current_bss)
3146 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3147 NL80211_BSS_STATUS_ASSOCIATED);
3148 else for (i = 0; i < MAX_AUTH_BSSES; i++) {
3149 if (intbss != wdev->auth_bsses[i])
3150 continue;
3151 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3152 NL80211_BSS_STATUS_AUTHENTICATED);
3153 break;
3154 }
3155 break;
3156 case NL80211_IFTYPE_ADHOC:
3157 if (intbss == wdev->current_bss)
3158 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3159 NL80211_BSS_STATUS_IBSS_JOINED);
3160 break;
3161 default:
3162 break;
3163 }
3164
2903 nla_nest_end(msg, bss); 3165 nla_nest_end(msg, bss);
2904 3166
2905 return genlmsg_end(msg, hdr); 3167 return genlmsg_end(msg, hdr);
@@ -2912,9 +3174,10 @@ static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
2912static int nl80211_dump_scan(struct sk_buff *skb, 3174static int nl80211_dump_scan(struct sk_buff *skb,
2913 struct netlink_callback *cb) 3175 struct netlink_callback *cb)
2914{ 3176{
2915 struct cfg80211_registered_device *dev; 3177 struct cfg80211_registered_device *rdev;
2916 struct net_device *netdev; 3178 struct net_device *dev;
2917 struct cfg80211_internal_bss *scan; 3179 struct cfg80211_internal_bss *scan;
3180 struct wireless_dev *wdev;
2918 int ifidx = cb->args[0]; 3181 int ifidx = cb->args[0];
2919 int start = cb->args[1], idx = 0; 3182 int start = cb->args[1], idx = 0;
2920 int err; 3183 int err;
@@ -2935,58 +3198,83 @@ static int nl80211_dump_scan(struct sk_buff *skb,
2935 cb->args[0] = ifidx; 3198 cb->args[0] = ifidx;
2936 } 3199 }
2937 3200
2938 netdev = dev_get_by_index(&init_net, ifidx); 3201 dev = dev_get_by_index(&init_net, ifidx);
2939 if (!netdev) 3202 if (!dev)
2940 return -ENODEV; 3203 return -ENODEV;
2941 3204
2942 dev = cfg80211_get_dev_from_ifindex(ifidx); 3205 rdev = cfg80211_get_dev_from_ifindex(ifidx);
2943 if (IS_ERR(dev)) { 3206 if (IS_ERR(rdev)) {
2944 err = PTR_ERR(dev); 3207 err = PTR_ERR(rdev);
2945 goto out_put_netdev; 3208 goto out_put_netdev;
2946 } 3209 }
2947 3210
2948 spin_lock_bh(&dev->bss_lock); 3211 wdev = dev->ieee80211_ptr;
2949 cfg80211_bss_expire(dev);
2950 3212
2951 list_for_each_entry(scan, &dev->bss_list, list) { 3213 wdev_lock(wdev);
3214 spin_lock_bh(&rdev->bss_lock);
3215 cfg80211_bss_expire(rdev);
3216
3217 list_for_each_entry(scan, &rdev->bss_list, list) {
2952 if (++idx <= start) 3218 if (++idx <= start)
2953 continue; 3219 continue;
2954 if (nl80211_send_bss(skb, 3220 if (nl80211_send_bss(skb,
2955 NETLINK_CB(cb->skb).pid, 3221 NETLINK_CB(cb->skb).pid,
2956 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3222 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2957 dev, netdev, &scan->pub) < 0) { 3223 rdev, wdev, scan) < 0) {
2958 idx--; 3224 idx--;
2959 goto out; 3225 goto out;
2960 } 3226 }
2961 } 3227 }
2962 3228
2963 out: 3229 out:
2964 spin_unlock_bh(&dev->bss_lock); 3230 spin_unlock_bh(&rdev->bss_lock);
3231 wdev_unlock(wdev);
2965 3232
2966 cb->args[1] = idx; 3233 cb->args[1] = idx;
2967 err = skb->len; 3234 err = skb->len;
2968 cfg80211_put_dev(dev); 3235 cfg80211_unlock_rdev(rdev);
2969 out_put_netdev: 3236 out_put_netdev:
2970 dev_put(netdev); 3237 dev_put(dev);
2971 3238
2972 return err; 3239 return err;
2973} 3240}
2974 3241
2975static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 3242static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type)
2976{ 3243{
2977 return auth_type == NL80211_AUTHTYPE_OPEN_SYSTEM || 3244 return auth_type <= NL80211_AUTHTYPE_MAX;
2978 auth_type == NL80211_AUTHTYPE_SHARED_KEY ||
2979 auth_type == NL80211_AUTHTYPE_FT ||
2980 auth_type == NL80211_AUTHTYPE_NETWORK_EAP;
2981} 3245}
2982 3246
3247static bool nl80211_valid_wpa_versions(u32 wpa_versions)
3248{
3249 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
3250 NL80211_WPA_VERSION_2));
3251}
3252
3253static bool nl80211_valid_akm_suite(u32 akm)
3254{
3255 return akm == WLAN_AKM_SUITE_8021X ||
3256 akm == WLAN_AKM_SUITE_PSK;
3257}
3258
3259static bool nl80211_valid_cipher_suite(u32 cipher)
3260{
3261 return cipher == WLAN_CIPHER_SUITE_WEP40 ||
3262 cipher == WLAN_CIPHER_SUITE_WEP104 ||
3263 cipher == WLAN_CIPHER_SUITE_TKIP ||
3264 cipher == WLAN_CIPHER_SUITE_CCMP ||
3265 cipher == WLAN_CIPHER_SUITE_AES_CMAC;
3266}
3267
3268
2983static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 3269static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
2984{ 3270{
2985 struct cfg80211_registered_device *drv; 3271 struct cfg80211_registered_device *rdev;
2986 struct net_device *dev; 3272 struct net_device *dev;
2987 struct cfg80211_auth_request req; 3273 struct ieee80211_channel *chan;
2988 struct wiphy *wiphy; 3274 const u8 *bssid, *ssid, *ie = NULL;
2989 int err; 3275 int err, ssid_len, ie_len = 0;
3276 enum nl80211_auth_type auth_type;
3277 struct key_parse key;
2990 3278
2991 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3279 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
2992 return -EINVAL; 3280 return -EINVAL;
@@ -2997,13 +3285,38 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
2997 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 3285 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
2998 return -EINVAL; 3286 return -EINVAL;
2999 3287
3288 if (!info->attrs[NL80211_ATTR_SSID])
3289 return -EINVAL;
3290
3291 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
3292 return -EINVAL;
3293
3294 err = nl80211_parse_key(info, &key);
3295 if (err)
3296 return err;
3297
3298 if (key.idx >= 0) {
3299 if (!key.p.key || !key.p.key_len)
3300 return -EINVAL;
3301 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
3302 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
3303 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
3304 key.p.key_len != WLAN_KEY_LEN_WEP104))
3305 return -EINVAL;
3306 if (key.idx > 4)
3307 return -EINVAL;
3308 } else {
3309 key.p.key_len = 0;
3310 key.p.key = NULL;
3311 }
3312
3000 rtnl_lock(); 3313 rtnl_lock();
3001 3314
3002 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3315 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
3003 if (err) 3316 if (err)
3004 goto unlock_rtnl; 3317 goto unlock_rtnl;
3005 3318
3006 if (!drv->ops->auth) { 3319 if (!rdev->ops->auth) {
3007 err = -EOPNOTSUPP; 3320 err = -EOPNOTSUPP;
3008 goto out; 3321 goto out;
3009 } 3322 }
@@ -3018,69 +3331,128 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
3018 goto out; 3331 goto out;
3019 } 3332 }
3020 3333
3021 wiphy = &drv->wiphy; 3334 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3022 memset(&req, 0, sizeof(req)); 3335 chan = ieee80211_get_channel(&rdev->wiphy,
3023 3336 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3024 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 3337 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) {
3025 3338 err = -EINVAL;
3026 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 3339 goto out;
3027 req.chan = ieee80211_get_channel(
3028 wiphy,
3029 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3030 if (!req.chan) {
3031 err = -EINVAL;
3032 goto out;
3033 }
3034 } 3340 }
3035 3341
3036 if (info->attrs[NL80211_ATTR_SSID]) { 3342 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3037 req.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3343 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3038 req.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3039 }
3040 3344
3041 if (info->attrs[NL80211_ATTR_IE]) { 3345 if (info->attrs[NL80211_ATTR_IE]) {
3042 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3346 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3043 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3347 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3044 } 3348 }
3045 3349
3046 req.auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3350 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
3047 if (!nl80211_valid_auth_type(req.auth_type)) { 3351 if (!nl80211_valid_auth_type(auth_type)) {
3048 err = -EINVAL; 3352 err = -EINVAL;
3049 goto out; 3353 goto out;
3050 } 3354 }
3051 3355
3052 err = drv->ops->auth(&drv->wiphy, dev, &req); 3356 err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
3357 ssid, ssid_len, ie, ie_len,
3358 key.p.key, key.p.key_len, key.idx);
3053 3359
3054out: 3360out:
3055 cfg80211_put_dev(drv); 3361 cfg80211_unlock_rdev(rdev);
3056 dev_put(dev); 3362 dev_put(dev);
3057unlock_rtnl: 3363unlock_rtnl:
3058 rtnl_unlock(); 3364 rtnl_unlock();
3059 return err; 3365 return err;
3060} 3366}
3061 3367
3368static int nl80211_crypto_settings(struct genl_info *info,
3369 struct cfg80211_crypto_settings *settings,
3370 int cipher_limit)
3371{
3372 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
3373
3374 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
3375 void *data;
3376 int len, i;
3377
3378 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
3379 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
3380 settings->n_ciphers_pairwise = len / sizeof(u32);
3381
3382 if (len % sizeof(u32))
3383 return -EINVAL;
3384
3385 if (settings->n_ciphers_pairwise > cipher_limit)
3386 return -EINVAL;
3387
3388 memcpy(settings->ciphers_pairwise, data, len);
3389
3390 for (i = 0; i < settings->n_ciphers_pairwise; i++)
3391 if (!nl80211_valid_cipher_suite(
3392 settings->ciphers_pairwise[i]))
3393 return -EINVAL;
3394 }
3395
3396 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
3397 settings->cipher_group =
3398 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
3399 if (!nl80211_valid_cipher_suite(settings->cipher_group))
3400 return -EINVAL;
3401 }
3402
3403 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
3404 settings->wpa_versions =
3405 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
3406 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
3407 return -EINVAL;
3408 }
3409
3410 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
3411 void *data;
3412 int len, i;
3413
3414 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
3415 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
3416 settings->n_akm_suites = len / sizeof(u32);
3417
3418 if (len % sizeof(u32))
3419 return -EINVAL;
3420
3421 memcpy(settings->akm_suites, data, len);
3422
3423 for (i = 0; i < settings->n_ciphers_pairwise; i++)
3424 if (!nl80211_valid_akm_suite(settings->akm_suites[i]))
3425 return -EINVAL;
3426 }
3427
3428 return 0;
3429}
3430
3062static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 3431static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
3063{ 3432{
3064 struct cfg80211_registered_device *drv; 3433 struct cfg80211_registered_device *rdev;
3065 struct net_device *dev; 3434 struct net_device *dev;
3066 struct cfg80211_assoc_request req; 3435 struct cfg80211_crypto_settings crypto;
3067 struct wiphy *wiphy; 3436 struct ieee80211_channel *chan;
3068 int err; 3437 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL;
3438 int err, ssid_len, ie_len = 0;
3439 bool use_mfp = false;
3069 3440
3070 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3441 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3071 return -EINVAL; 3442 return -EINVAL;
3072 3443
3073 if (!info->attrs[NL80211_ATTR_MAC] || 3444 if (!info->attrs[NL80211_ATTR_MAC] ||
3074 !info->attrs[NL80211_ATTR_SSID]) 3445 !info->attrs[NL80211_ATTR_SSID] ||
3446 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
3075 return -EINVAL; 3447 return -EINVAL;
3076 3448
3077 rtnl_lock(); 3449 rtnl_lock();
3078 3450
3079 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3451 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
3080 if (err) 3452 if (err)
3081 goto unlock_rtnl; 3453 goto unlock_rtnl;
3082 3454
3083 if (!drv->ops->assoc) { 3455 if (!rdev->ops->assoc) {
3084 err = -EOPNOTSUPP; 3456 err = -EOPNOTSUPP;
3085 goto out; 3457 goto out;
3086 } 3458 }
@@ -3095,46 +3467,45 @@ static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
3095 goto out; 3467 goto out;
3096 } 3468 }
3097 3469
3098 wiphy = &drv->wiphy; 3470 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3099 memset(&req, 0, sizeof(req));
3100 3471
3101 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 3472 chan = ieee80211_get_channel(&rdev->wiphy,
3102 3473 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3103 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 3474 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) {
3104 req.chan = ieee80211_get_channel( 3475 err = -EINVAL;
3105 wiphy, 3476 goto out;
3106 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3107 if (!req.chan) {
3108 err = -EINVAL;
3109 goto out;
3110 }
3111 } 3477 }
3112 3478
3113 req.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3479 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3114 req.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3480 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3115 3481
3116 if (info->attrs[NL80211_ATTR_IE]) { 3482 if (info->attrs[NL80211_ATTR_IE]) {
3117 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3483 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3118 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3484 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3119 } 3485 }
3120 3486
3121 if (info->attrs[NL80211_ATTR_USE_MFP]) { 3487 if (info->attrs[NL80211_ATTR_USE_MFP]) {
3122 enum nl80211_mfp use_mfp = 3488 enum nl80211_mfp mfp =
3123 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 3489 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
3124 if (use_mfp == NL80211_MFP_REQUIRED) 3490 if (mfp == NL80211_MFP_REQUIRED)
3125 req.use_mfp = true; 3491 use_mfp = true;
3126 else if (use_mfp != NL80211_MFP_NO) { 3492 else if (mfp != NL80211_MFP_NO) {
3127 err = -EINVAL; 3493 err = -EINVAL;
3128 goto out; 3494 goto out;
3129 } 3495 }
3130 } 3496 }
3131 3497
3132 req.control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 3498 if (info->attrs[NL80211_ATTR_PREV_BSSID])
3499 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
3133 3500
3134 err = drv->ops->assoc(&drv->wiphy, dev, &req); 3501 err = nl80211_crypto_settings(info, &crypto, 1);
3502 if (!err)
3503 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid,
3504 ssid, ssid_len, ie, ie_len, use_mfp,
3505 &crypto);
3135 3506
3136out: 3507out:
3137 cfg80211_put_dev(drv); 3508 cfg80211_unlock_rdev(rdev);
3138 dev_put(dev); 3509 dev_put(dev);
3139unlock_rtnl: 3510unlock_rtnl:
3140 rtnl_unlock(); 3511 rtnl_unlock();
@@ -3143,11 +3514,11 @@ unlock_rtnl:
3143 3514
3144static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 3515static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
3145{ 3516{
3146 struct cfg80211_registered_device *drv; 3517 struct cfg80211_registered_device *rdev;
3147 struct net_device *dev; 3518 struct net_device *dev;
3148 struct cfg80211_deauth_request req; 3519 const u8 *ie = NULL, *bssid;
3149 struct wiphy *wiphy; 3520 int err, ie_len = 0;
3150 int err; 3521 u16 reason_code;
3151 3522
3152 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3523 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3153 return -EINVAL; 3524 return -EINVAL;
@@ -3160,11 +3531,11 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
3160 3531
3161 rtnl_lock(); 3532 rtnl_lock();
3162 3533
3163 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3534 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
3164 if (err) 3535 if (err)
3165 goto unlock_rtnl; 3536 goto unlock_rtnl;
3166 3537
3167 if (!drv->ops->deauth) { 3538 if (!rdev->ops->deauth) {
3168 err = -EOPNOTSUPP; 3539 err = -EOPNOTSUPP;
3169 goto out; 3540 goto out;
3170 } 3541 }
@@ -3179,27 +3550,24 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
3179 goto out; 3550 goto out;
3180 } 3551 }
3181 3552
3182 wiphy = &drv->wiphy; 3553 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3183 memset(&req, 0, sizeof(req));
3184
3185 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3186 3554
3187 req.reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3555 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3188 if (req.reason_code == 0) { 3556 if (reason_code == 0) {
3189 /* Reason Code 0 is reserved */ 3557 /* Reason Code 0 is reserved */
3190 err = -EINVAL; 3558 err = -EINVAL;
3191 goto out; 3559 goto out;
3192 } 3560 }
3193 3561
3194 if (info->attrs[NL80211_ATTR_IE]) { 3562 if (info->attrs[NL80211_ATTR_IE]) {
3195 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3563 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3196 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3564 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3197 } 3565 }
3198 3566
3199 err = drv->ops->deauth(&drv->wiphy, dev, &req); 3567 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code);
3200 3568
3201out: 3569out:
3202 cfg80211_put_dev(drv); 3570 cfg80211_unlock_rdev(rdev);
3203 dev_put(dev); 3571 dev_put(dev);
3204unlock_rtnl: 3572unlock_rtnl:
3205 rtnl_unlock(); 3573 rtnl_unlock();
@@ -3208,11 +3576,11 @@ unlock_rtnl:
3208 3576
3209static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 3577static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
3210{ 3578{
3211 struct cfg80211_registered_device *drv; 3579 struct cfg80211_registered_device *rdev;
3212 struct net_device *dev; 3580 struct net_device *dev;
3213 struct cfg80211_disassoc_request req; 3581 const u8 *ie = NULL, *bssid;
3214 struct wiphy *wiphy; 3582 int err, ie_len = 0;
3215 int err; 3583 u16 reason_code;
3216 3584
3217 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3585 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3218 return -EINVAL; 3586 return -EINVAL;
@@ -3225,11 +3593,11 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
3225 3593
3226 rtnl_lock(); 3594 rtnl_lock();
3227 3595
3228 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3596 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
3229 if (err) 3597 if (err)
3230 goto unlock_rtnl; 3598 goto unlock_rtnl;
3231 3599
3232 if (!drv->ops->disassoc) { 3600 if (!rdev->ops->disassoc) {
3233 err = -EOPNOTSUPP; 3601 err = -EOPNOTSUPP;
3234 goto out; 3602 goto out;
3235 } 3603 }
@@ -3244,27 +3612,24 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
3244 goto out; 3612 goto out;
3245 } 3613 }
3246 3614
3247 wiphy = &drv->wiphy; 3615 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3248 memset(&req, 0, sizeof(req));
3249 3616
3250 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 3617 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3251 3618 if (reason_code == 0) {
3252 req.reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3253 if (req.reason_code == 0) {
3254 /* Reason Code 0 is reserved */ 3619 /* Reason Code 0 is reserved */
3255 err = -EINVAL; 3620 err = -EINVAL;
3256 goto out; 3621 goto out;
3257 } 3622 }
3258 3623
3259 if (info->attrs[NL80211_ATTR_IE]) { 3624 if (info->attrs[NL80211_ATTR_IE]) {
3260 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3625 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3261 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3626 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3262 } 3627 }
3263 3628
3264 err = drv->ops->disassoc(&drv->wiphy, dev, &req); 3629 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code);
3265 3630
3266out: 3631out:
3267 cfg80211_put_dev(drv); 3632 cfg80211_unlock_rdev(rdev);
3268 dev_put(dev); 3633 dev_put(dev);
3269unlock_rtnl: 3634unlock_rtnl:
3270 rtnl_unlock(); 3635 rtnl_unlock();
@@ -3273,10 +3638,11 @@ unlock_rtnl:
3273 3638
3274static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 3639static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3275{ 3640{
3276 struct cfg80211_registered_device *drv; 3641 struct cfg80211_registered_device *rdev;
3277 struct net_device *dev; 3642 struct net_device *dev;
3278 struct cfg80211_ibss_params ibss; 3643 struct cfg80211_ibss_params ibss;
3279 struct wiphy *wiphy; 3644 struct wiphy *wiphy;
3645 struct cfg80211_cached_keys *connkeys = NULL;
3280 int err; 3646 int err;
3281 3647
3282 memset(&ibss, 0, sizeof(ibss)); 3648 memset(&ibss, 0, sizeof(ibss));
@@ -3300,11 +3666,11 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3300 3666
3301 rtnl_lock(); 3667 rtnl_lock();
3302 3668
3303 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3669 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
3304 if (err) 3670 if (err)
3305 goto unlock_rtnl; 3671 goto unlock_rtnl;
3306 3672
3307 if (!drv->ops->join_ibss) { 3673 if (!rdev->ops->join_ibss) {
3308 err = -EOPNOTSUPP; 3674 err = -EOPNOTSUPP;
3309 goto out; 3675 goto out;
3310 } 3676 }
@@ -3319,7 +3685,7 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3319 goto out; 3685 goto out;
3320 } 3686 }
3321 3687
3322 wiphy = &drv->wiphy; 3688 wiphy = &rdev->wiphy;
3323 3689
3324 if (info->attrs[NL80211_ATTR_MAC]) 3690 if (info->attrs[NL80211_ATTR_MAC])
3325 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3691 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
@@ -3341,30 +3707,43 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3341 } 3707 }
3342 3708
3343 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 3709 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
3710 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
3711
3712 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
3713 connkeys = nl80211_parse_connkeys(rdev,
3714 info->attrs[NL80211_ATTR_KEYS]);
3715 if (IS_ERR(connkeys)) {
3716 err = PTR_ERR(connkeys);
3717 connkeys = NULL;
3718 goto out;
3719 }
3720 }
3344 3721
3345 err = cfg80211_join_ibss(drv, dev, &ibss); 3722 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
3346 3723
3347out: 3724out:
3348 cfg80211_put_dev(drv); 3725 cfg80211_unlock_rdev(rdev);
3349 dev_put(dev); 3726 dev_put(dev);
3350unlock_rtnl: 3727unlock_rtnl:
3728 if (err)
3729 kfree(connkeys);
3351 rtnl_unlock(); 3730 rtnl_unlock();
3352 return err; 3731 return err;
3353} 3732}
3354 3733
3355static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 3734static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
3356{ 3735{
3357 struct cfg80211_registered_device *drv; 3736 struct cfg80211_registered_device *rdev;
3358 struct net_device *dev; 3737 struct net_device *dev;
3359 int err; 3738 int err;
3360 3739
3361 rtnl_lock(); 3740 rtnl_lock();
3362 3741
3363 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3742 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
3364 if (err) 3743 if (err)
3365 goto unlock_rtnl; 3744 goto unlock_rtnl;
3366 3745
3367 if (!drv->ops->leave_ibss) { 3746 if (!rdev->ops->leave_ibss) {
3368 err = -EOPNOTSUPP; 3747 err = -EOPNOTSUPP;
3369 goto out; 3748 goto out;
3370 } 3749 }
@@ -3379,10 +3758,266 @@ static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
3379 goto out; 3758 goto out;
3380 } 3759 }
3381 3760
3382 err = cfg80211_leave_ibss(drv, dev, false); 3761 err = cfg80211_leave_ibss(rdev, dev, false);
3762
3763out:
3764 cfg80211_unlock_rdev(rdev);
3765 dev_put(dev);
3766unlock_rtnl:
3767 rtnl_unlock();
3768 return err;
3769}
3770
3771#ifdef CONFIG_NL80211_TESTMODE
3772static struct genl_multicast_group nl80211_testmode_mcgrp = {
3773 .name = "testmode",
3774};
3775
3776static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
3777{
3778 struct cfg80211_registered_device *rdev;
3779 int err;
3780
3781 if (!info->attrs[NL80211_ATTR_TESTDATA])
3782 return -EINVAL;
3783
3784 rtnl_lock();
3785
3786 rdev = cfg80211_get_dev_from_info(info);
3787 if (IS_ERR(rdev)) {
3788 err = PTR_ERR(rdev);
3789 goto unlock_rtnl;
3790 }
3791
3792 err = -EOPNOTSUPP;
3793 if (rdev->ops->testmode_cmd) {
3794 rdev->testmode_info = info;
3795 err = rdev->ops->testmode_cmd(&rdev->wiphy,
3796 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
3797 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
3798 rdev->testmode_info = NULL;
3799 }
3800
3801 cfg80211_unlock_rdev(rdev);
3802
3803 unlock_rtnl:
3804 rtnl_unlock();
3805 return err;
3806}
3807
3808static struct sk_buff *
3809__cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev,
3810 int approxlen, u32 pid, u32 seq, gfp_t gfp)
3811{
3812 struct sk_buff *skb;
3813 void *hdr;
3814 struct nlattr *data;
3815
3816 skb = nlmsg_new(approxlen + 100, gfp);
3817 if (!skb)
3818 return NULL;
3819
3820 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE);
3821 if (!hdr) {
3822 kfree_skb(skb);
3823 return NULL;
3824 }
3825
3826 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
3827 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
3828
3829 ((void **)skb->cb)[0] = rdev;
3830 ((void **)skb->cb)[1] = hdr;
3831 ((void **)skb->cb)[2] = data;
3832
3833 return skb;
3834
3835 nla_put_failure:
3836 kfree_skb(skb);
3837 return NULL;
3838}
3839
3840struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
3841 int approxlen)
3842{
3843 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
3844
3845 if (WARN_ON(!rdev->testmode_info))
3846 return NULL;
3847
3848 return __cfg80211_testmode_alloc_skb(rdev, approxlen,
3849 rdev->testmode_info->snd_pid,
3850 rdev->testmode_info->snd_seq,
3851 GFP_KERNEL);
3852}
3853EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb);
3854
3855int cfg80211_testmode_reply(struct sk_buff *skb)
3856{
3857 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
3858 void *hdr = ((void **)skb->cb)[1];
3859 struct nlattr *data = ((void **)skb->cb)[2];
3860
3861 if (WARN_ON(!rdev->testmode_info)) {
3862 kfree_skb(skb);
3863 return -EINVAL;
3864 }
3865
3866 nla_nest_end(skb, data);
3867 genlmsg_end(skb, hdr);
3868 return genlmsg_reply(skb, rdev->testmode_info);
3869}
3870EXPORT_SYMBOL(cfg80211_testmode_reply);
3871
3872struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy,
3873 int approxlen, gfp_t gfp)
3874{
3875 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
3876
3877 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp);
3878}
3879EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb);
3880
3881void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
3882{
3883 void *hdr = ((void **)skb->cb)[1];
3884 struct nlattr *data = ((void **)skb->cb)[2];
3885
3886 nla_nest_end(skb, data);
3887 genlmsg_end(skb, hdr);
3888 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
3889}
3890EXPORT_SYMBOL(cfg80211_testmode_event);
3891#endif
3892
3893static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
3894{
3895 struct cfg80211_registered_device *rdev;
3896 struct net_device *dev;
3897 struct cfg80211_connect_params connect;
3898 struct wiphy *wiphy;
3899 struct cfg80211_cached_keys *connkeys = NULL;
3900 int err;
3901
3902 memset(&connect, 0, sizeof(connect));
3903
3904 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3905 return -EINVAL;
3906
3907 if (!info->attrs[NL80211_ATTR_SSID] ||
3908 !nla_len(info->attrs[NL80211_ATTR_SSID]))
3909 return -EINVAL;
3910
3911 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
3912 connect.auth_type =
3913 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
3914 if (!nl80211_valid_auth_type(connect.auth_type))
3915 return -EINVAL;
3916 } else
3917 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
3918
3919 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
3920
3921 err = nl80211_crypto_settings(info, &connect.crypto,
3922 NL80211_MAX_NR_CIPHER_SUITES);
3923 if (err)
3924 return err;
3925 rtnl_lock();
3926
3927 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
3928 if (err)
3929 goto unlock_rtnl;
3930
3931 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
3932 err = -EOPNOTSUPP;
3933 goto out;
3934 }
3935
3936 if (!netif_running(dev)) {
3937 err = -ENETDOWN;
3938 goto out;
3939 }
3940
3941 wiphy = &rdev->wiphy;
3942
3943 if (info->attrs[NL80211_ATTR_MAC])
3944 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3945 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3946 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3947
3948 if (info->attrs[NL80211_ATTR_IE]) {
3949 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3950 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3951 }
3952
3953 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
3954 connect.channel =
3955 ieee80211_get_channel(wiphy,
3956 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3957 if (!connect.channel ||
3958 connect.channel->flags & IEEE80211_CHAN_DISABLED) {
3959 err = -EINVAL;
3960 goto out;
3961 }
3962 }
3963
3964 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
3965 connkeys = nl80211_parse_connkeys(rdev,
3966 info->attrs[NL80211_ATTR_KEYS]);
3967 if (IS_ERR(connkeys)) {
3968 err = PTR_ERR(connkeys);
3969 connkeys = NULL;
3970 goto out;
3971 }
3972 }
3973
3974 err = cfg80211_connect(rdev, dev, &connect, connkeys);
3383 3975
3384out: 3976out:
3385 cfg80211_put_dev(drv); 3977 cfg80211_unlock_rdev(rdev);
3978 dev_put(dev);
3979unlock_rtnl:
3980 if (err)
3981 kfree(connkeys);
3982 rtnl_unlock();
3983 return err;
3984}
3985
3986static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
3987{
3988 struct cfg80211_registered_device *rdev;
3989 struct net_device *dev;
3990 int err;
3991 u16 reason;
3992
3993 if (!info->attrs[NL80211_ATTR_REASON_CODE])
3994 reason = WLAN_REASON_DEAUTH_LEAVING;
3995 else
3996 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3997
3998 if (reason == 0)
3999 return -EINVAL;
4000
4001 rtnl_lock();
4002
4003 err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
4004 if (err)
4005 goto unlock_rtnl;
4006
4007 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
4008 err = -EOPNOTSUPP;
4009 goto out;
4010 }
4011
4012 if (!netif_running(dev)) {
4013 err = -ENETDOWN;
4014 goto out;
4015 }
4016
4017 err = cfg80211_disconnect(rdev, dev, reason, true);
4018
4019out:
4020 cfg80211_unlock_rdev(rdev);
3386 dev_put(dev); 4021 dev_put(dev);
3387unlock_rtnl: 4022unlock_rtnl:
3388 rtnl_unlock(); 4023 rtnl_unlock();
@@ -3602,6 +4237,26 @@ static struct genl_ops nl80211_ops[] = {
3602 .policy = nl80211_policy, 4237 .policy = nl80211_policy,
3603 .flags = GENL_ADMIN_PERM, 4238 .flags = GENL_ADMIN_PERM,
3604 }, 4239 },
4240#ifdef CONFIG_NL80211_TESTMODE
4241 {
4242 .cmd = NL80211_CMD_TESTMODE,
4243 .doit = nl80211_testmode_do,
4244 .policy = nl80211_policy,
4245 .flags = GENL_ADMIN_PERM,
4246 },
4247#endif
4248 {
4249 .cmd = NL80211_CMD_CONNECT,
4250 .doit = nl80211_connect,
4251 .policy = nl80211_policy,
4252 .flags = GENL_ADMIN_PERM,
4253 },
4254 {
4255 .cmd = NL80211_CMD_DISCONNECT,
4256 .doit = nl80211_disconnect,
4257 .policy = nl80211_policy,
4258 .flags = GENL_ADMIN_PERM,
4259 },
3605}; 4260};
3606static struct genl_multicast_group nl80211_mlme_mcgrp = { 4261static struct genl_multicast_group nl80211_mlme_mcgrp = {
3607 .name = "mlme", 4262 .name = "mlme",
@@ -3643,6 +4298,8 @@ static int nl80211_add_scan_req(struct sk_buff *msg,
3643 struct nlattr *nest; 4298 struct nlattr *nest;
3644 int i; 4299 int i;
3645 4300
4301 ASSERT_RDEV_LOCK(rdev);
4302
3646 if (WARN_ON(!req)) 4303 if (WARN_ON(!req))
3647 return 0; 4304 return 0;
3648 4305
@@ -3668,11 +4325,11 @@ static int nl80211_add_scan_req(struct sk_buff *msg,
3668 return -ENOBUFS; 4325 return -ENOBUFS;
3669} 4326}
3670 4327
3671static int nl80211_send_scan_donemsg(struct sk_buff *msg, 4328static int nl80211_send_scan_msg(struct sk_buff *msg,
3672 struct cfg80211_registered_device *rdev, 4329 struct cfg80211_registered_device *rdev,
3673 struct net_device *netdev, 4330 struct net_device *netdev,
3674 u32 pid, u32 seq, int flags, 4331 u32 pid, u32 seq, int flags,
3675 u32 cmd) 4332 u32 cmd)
3676{ 4333{
3677 void *hdr; 4334 void *hdr;
3678 4335
@@ -3693,6 +4350,24 @@ static int nl80211_send_scan_donemsg(struct sk_buff *msg,
3693 return -EMSGSIZE; 4350 return -EMSGSIZE;
3694} 4351}
3695 4352
4353void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
4354 struct net_device *netdev)
4355{
4356 struct sk_buff *msg;
4357
4358 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
4359 if (!msg)
4360 return;
4361
4362 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
4363 NL80211_CMD_TRIGGER_SCAN) < 0) {
4364 nlmsg_free(msg);
4365 return;
4366 }
4367
4368 genlmsg_multicast(msg, 0, nl80211_scan_mcgrp.id, GFP_KERNEL);
4369}
4370
3696void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 4371void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
3697 struct net_device *netdev) 4372 struct net_device *netdev)
3698{ 4373{
@@ -3702,8 +4377,8 @@ void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
3702 if (!msg) 4377 if (!msg)
3703 return; 4378 return;
3704 4379
3705 if (nl80211_send_scan_donemsg(msg, rdev, netdev, 0, 0, 0, 4380 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
3706 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 4381 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
3707 nlmsg_free(msg); 4382 nlmsg_free(msg);
3708 return; 4383 return;
3709 } 4384 }
@@ -3720,8 +4395,8 @@ void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
3720 if (!msg) 4395 if (!msg)
3721 return; 4396 return;
3722 4397
3723 if (nl80211_send_scan_donemsg(msg, rdev, netdev, 0, 0, 0, 4398 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
3724 NL80211_CMD_SCAN_ABORTED) < 0) { 4399 NL80211_CMD_SCAN_ABORTED) < 0) {
3725 nlmsg_free(msg); 4400 nlmsg_free(msg);
3726 return; 4401 return;
3727 } 4402 }
@@ -3787,12 +4462,12 @@ nla_put_failure:
3787static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 4462static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
3788 struct net_device *netdev, 4463 struct net_device *netdev,
3789 const u8 *buf, size_t len, 4464 const u8 *buf, size_t len,
3790 enum nl80211_commands cmd) 4465 enum nl80211_commands cmd, gfp_t gfp)
3791{ 4466{
3792 struct sk_buff *msg; 4467 struct sk_buff *msg;
3793 void *hdr; 4468 void *hdr;
3794 4469
3795 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 4470 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
3796 if (!msg) 4471 if (!msg)
3797 return; 4472 return;
3798 4473
@@ -3811,7 +4486,7 @@ static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
3811 return; 4486 return;
3812 } 4487 }
3813 4488
3814 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_ATOMIC); 4489 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
3815 return; 4490 return;
3816 4491
3817 nla_put_failure: 4492 nla_put_failure:
@@ -3820,42 +4495,45 @@ static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
3820} 4495}
3821 4496
3822void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 4497void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
3823 struct net_device *netdev, const u8 *buf, size_t len) 4498 struct net_device *netdev, const u8 *buf,
4499 size_t len, gfp_t gfp)
3824{ 4500{
3825 nl80211_send_mlme_event(rdev, netdev, buf, len, 4501 nl80211_send_mlme_event(rdev, netdev, buf, len,
3826 NL80211_CMD_AUTHENTICATE); 4502 NL80211_CMD_AUTHENTICATE, gfp);
3827} 4503}
3828 4504
3829void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 4505void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
3830 struct net_device *netdev, const u8 *buf, 4506 struct net_device *netdev, const u8 *buf,
3831 size_t len) 4507 size_t len, gfp_t gfp)
3832{ 4508{
3833 nl80211_send_mlme_event(rdev, netdev, buf, len, NL80211_CMD_ASSOCIATE); 4509 nl80211_send_mlme_event(rdev, netdev, buf, len,
4510 NL80211_CMD_ASSOCIATE, gfp);
3834} 4511}
3835 4512
3836void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 4513void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
3837 struct net_device *netdev, const u8 *buf, size_t len) 4514 struct net_device *netdev, const u8 *buf,
4515 size_t len, gfp_t gfp)
3838{ 4516{
3839 nl80211_send_mlme_event(rdev, netdev, buf, len, 4517 nl80211_send_mlme_event(rdev, netdev, buf, len,
3840 NL80211_CMD_DEAUTHENTICATE); 4518 NL80211_CMD_DEAUTHENTICATE, gfp);
3841} 4519}
3842 4520
3843void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 4521void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
3844 struct net_device *netdev, const u8 *buf, 4522 struct net_device *netdev, const u8 *buf,
3845 size_t len) 4523 size_t len, gfp_t gfp)
3846{ 4524{
3847 nl80211_send_mlme_event(rdev, netdev, buf, len, 4525 nl80211_send_mlme_event(rdev, netdev, buf, len,
3848 NL80211_CMD_DISASSOCIATE); 4526 NL80211_CMD_DISASSOCIATE, gfp);
3849} 4527}
3850 4528
3851static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 4529static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
3852 struct net_device *netdev, int cmd, 4530 struct net_device *netdev, int cmd,
3853 const u8 *addr) 4531 const u8 *addr, gfp_t gfp)
3854{ 4532{
3855 struct sk_buff *msg; 4533 struct sk_buff *msg;
3856 void *hdr; 4534 void *hdr;
3857 4535
3858 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 4536 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
3859 if (!msg) 4537 if (!msg)
3860 return; 4538 return;
3861 4539
@@ -3875,7 +4553,7 @@ static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
3875 return; 4553 return;
3876 } 4554 }
3877 4555
3878 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_ATOMIC); 4556 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
3879 return; 4557 return;
3880 4558
3881 nla_put_failure: 4559 nla_put_failure:
@@ -3884,16 +4562,142 @@ static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
3884} 4562}
3885 4563
3886void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 4564void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
3887 struct net_device *netdev, const u8 *addr) 4565 struct net_device *netdev, const u8 *addr,
4566 gfp_t gfp)
3888{ 4567{
3889 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 4568 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
3890 addr); 4569 addr, gfp);
3891} 4570}
3892 4571
3893void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 4572void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
3894 struct net_device *netdev, const u8 *addr) 4573 struct net_device *netdev, const u8 *addr,
4574 gfp_t gfp)
3895{ 4575{
3896 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, addr); 4576 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
4577 addr, gfp);
4578}
4579
4580void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
4581 struct net_device *netdev, const u8 *bssid,
4582 const u8 *req_ie, size_t req_ie_len,
4583 const u8 *resp_ie, size_t resp_ie_len,
4584 u16 status, gfp_t gfp)
4585{
4586 struct sk_buff *msg;
4587 void *hdr;
4588
4589 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
4590 if (!msg)
4591 return;
4592
4593 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
4594 if (!hdr) {
4595 nlmsg_free(msg);
4596 return;
4597 }
4598
4599 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
4600 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
4601 if (bssid)
4602 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
4603 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status);
4604 if (req_ie)
4605 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
4606 if (resp_ie)
4607 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
4608
4609 if (genlmsg_end(msg, hdr) < 0) {
4610 nlmsg_free(msg);
4611 return;
4612 }
4613
4614 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
4615 return;
4616
4617 nla_put_failure:
4618 genlmsg_cancel(msg, hdr);
4619 nlmsg_free(msg);
4620
4621}
4622
4623void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
4624 struct net_device *netdev, const u8 *bssid,
4625 const u8 *req_ie, size_t req_ie_len,
4626 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
4627{
4628 struct sk_buff *msg;
4629 void *hdr;
4630
4631 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
4632 if (!msg)
4633 return;
4634
4635 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
4636 if (!hdr) {
4637 nlmsg_free(msg);
4638 return;
4639 }
4640
4641 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
4642 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
4643 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
4644 if (req_ie)
4645 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
4646 if (resp_ie)
4647 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
4648
4649 if (genlmsg_end(msg, hdr) < 0) {
4650 nlmsg_free(msg);
4651 return;
4652 }
4653
4654 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
4655 return;
4656
4657 nla_put_failure:
4658 genlmsg_cancel(msg, hdr);
4659 nlmsg_free(msg);
4660
4661}
4662
4663void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
4664 struct net_device *netdev, u16 reason,
4665 const u8 *ie, size_t ie_len, bool from_ap)
4666{
4667 struct sk_buff *msg;
4668 void *hdr;
4669
4670 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
4671 if (!msg)
4672 return;
4673
4674 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
4675 if (!hdr) {
4676 nlmsg_free(msg);
4677 return;
4678 }
4679
4680 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
4681 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
4682 if (from_ap && reason)
4683 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason);
4684 if (from_ap)
4685 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP);
4686 if (ie)
4687 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie);
4688
4689 if (genlmsg_end(msg, hdr) < 0) {
4690 nlmsg_free(msg);
4691 return;
4692 }
4693
4694 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_KERNEL);
4695 return;
4696
4697 nla_put_failure:
4698 genlmsg_cancel(msg, hdr);
4699 nlmsg_free(msg);
4700
3897} 4701}
3898 4702
3899void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 4703void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
@@ -3933,12 +4737,12 @@ void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
3933void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 4737void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
3934 struct net_device *netdev, const u8 *addr, 4738 struct net_device *netdev, const u8 *addr,
3935 enum nl80211_key_type key_type, int key_id, 4739 enum nl80211_key_type key_type, int key_id,
3936 const u8 *tsc) 4740 const u8 *tsc, gfp_t gfp)
3937{ 4741{
3938 struct sk_buff *msg; 4742 struct sk_buff *msg;
3939 void *hdr; 4743 void *hdr;
3940 4744
3941 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 4745 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
3942 if (!msg) 4746 if (!msg)
3943 return; 4747 return;
3944 4748
@@ -3962,7 +4766,7 @@ void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
3962 return; 4766 return;
3963 } 4767 }
3964 4768
3965 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_ATOMIC); 4769 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
3966 return; 4770 return;
3967 4771
3968 nla_put_failure: 4772 nla_put_failure:
@@ -4051,6 +4855,12 @@ int nl80211_init(void)
4051 if (err) 4855 if (err)
4052 goto err_out; 4856 goto err_out;
4053 4857
4858#ifdef CONFIG_NL80211_TESTMODE
4859 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp);
4860 if (err)
4861 goto err_out;
4862#endif
4863
4054 return 0; 4864 return 0;
4055 err_out: 4865 err_out:
4056 genl_unregister_family(&nl80211_fam); 4866 genl_unregister_family(&nl80211_fam);
diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h
index 5c12ad13499b..44cc2a76a1b0 100644
--- a/net/wireless/nl80211.h
+++ b/net/wireless/nl80211.h
@@ -3,39 +3,54 @@
3 3
4#include "core.h" 4#include "core.h"
5 5
6extern int nl80211_init(void); 6int nl80211_init(void);
7extern void nl80211_exit(void); 7void nl80211_exit(void);
8extern void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev); 8void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev);
9extern void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 9void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
10 struct net_device *netdev); 10 struct net_device *netdev);
11extern void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 11void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
12 struct net_device *netdev); 12 struct net_device *netdev);
13extern void nl80211_send_reg_change_event(struct regulatory_request *request); 13void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
14extern void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 14 struct net_device *netdev);
15 struct net_device *netdev, 15void nl80211_send_reg_change_event(struct regulatory_request *request);
16 const u8 *buf, size_t len); 16void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
17extern void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 17 struct net_device *netdev,
18 struct net_device *netdev, 18 const u8 *buf, size_t len, gfp_t gfp);
19 const u8 *buf, size_t len); 19void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
20extern void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 20 struct net_device *netdev,
21 const u8 *buf, size_t len, gfp_t gfp);
22void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
23 struct net_device *netdev,
24 const u8 *buf, size_t len, gfp_t gfp);
25void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
26 struct net_device *netdev,
27 const u8 *buf, size_t len, gfp_t gfp);
28void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
29 struct net_device *netdev,
30 const u8 *addr, gfp_t gfp);
31void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
21 struct net_device *netdev, 32 struct net_device *netdev,
22 const u8 *buf, size_t len); 33 const u8 *addr, gfp_t gfp);
23extern void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 34void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
24 struct net_device *netdev, 35 struct net_device *netdev, const u8 *bssid,
25 const u8 *buf, size_t len); 36 const u8 *req_ie, size_t req_ie_len,
26extern void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 37 const u8 *resp_ie, size_t resp_ie_len,
27 struct net_device *netdev, 38 u16 status, gfp_t gfp);
28 const u8 *addr); 39void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
29extern void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 40 struct net_device *netdev, const u8 *bssid,
30 struct net_device *netdev, 41 const u8 *req_ie, size_t req_ie_len,
31 const u8 *addr); 42 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp);
32extern void 43void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
44 struct net_device *netdev, u16 reason,
45 const u8 *ie, size_t ie_len, bool from_ap);
46
47void
33nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 48nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
34 struct net_device *netdev, const u8 *addr, 49 struct net_device *netdev, const u8 *addr,
35 enum nl80211_key_type key_type, 50 enum nl80211_key_type key_type,
36 int key_id, const u8 *tsc); 51 int key_id, const u8 *tsc, gfp_t gfp);
37 52
38extern void 53void
39nl80211_send_beacon_hint_event(struct wiphy *wiphy, 54nl80211_send_beacon_hint_event(struct wiphy *wiphy,
40 struct ieee80211_channel *channel_before, 55 struct ieee80211_channel *channel_before,
41 struct ieee80211_channel *channel_after); 56 struct ieee80211_channel *channel_after);
diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index 5e14371cda70..fb40428a5946 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -113,11 +113,7 @@ static const struct ieee80211_regdomain world_regdom = {
113static const struct ieee80211_regdomain *cfg80211_world_regdom = 113static const struct ieee80211_regdomain *cfg80211_world_regdom =
114 &world_regdom; 114 &world_regdom;
115 115
116#ifdef CONFIG_WIRELESS_OLD_REGULATORY
117static char *ieee80211_regdom = "US";
118#else
119static char *ieee80211_regdom = "00"; 116static char *ieee80211_regdom = "00";
120#endif
121 117
122module_param(ieee80211_regdom, charp, 0444); 118module_param(ieee80211_regdom, charp, 0444);
123MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code"); 119MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code");
@@ -1061,10 +1057,10 @@ static bool ignore_reg_update(struct wiphy *wiphy,
1061 1057
1062static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator) 1058static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator)
1063{ 1059{
1064 struct cfg80211_registered_device *drv; 1060 struct cfg80211_registered_device *rdev;
1065 1061
1066 list_for_each_entry(drv, &cfg80211_drv_list, list) 1062 list_for_each_entry(rdev, &cfg80211_rdev_list, list)
1067 wiphy_update_regulatory(&drv->wiphy, initiator); 1063 wiphy_update_regulatory(&rdev->wiphy, initiator);
1068} 1064}
1069 1065
1070static void handle_reg_beacon(struct wiphy *wiphy, 1066static void handle_reg_beacon(struct wiphy *wiphy,
@@ -1614,7 +1610,7 @@ static void reg_process_pending_hints(void)
1614/* Processes beacon hints -- this has nothing to do with country IEs */ 1610/* Processes beacon hints -- this has nothing to do with country IEs */
1615static void reg_process_pending_beacon_hints(void) 1611static void reg_process_pending_beacon_hints(void)
1616{ 1612{
1617 struct cfg80211_registered_device *drv; 1613 struct cfg80211_registered_device *rdev;
1618 struct reg_beacon *pending_beacon, *tmp; 1614 struct reg_beacon *pending_beacon, *tmp;
1619 1615
1620 mutex_lock(&cfg80211_mutex); 1616 mutex_lock(&cfg80211_mutex);
@@ -1633,8 +1629,8 @@ static void reg_process_pending_beacon_hints(void)
1633 list_del_init(&pending_beacon->list); 1629 list_del_init(&pending_beacon->list);
1634 1630
1635 /* Applies the beacon hint to current wiphys */ 1631 /* Applies the beacon hint to current wiphys */
1636 list_for_each_entry(drv, &cfg80211_drv_list, list) 1632 list_for_each_entry(rdev, &cfg80211_rdev_list, list)
1637 wiphy_update_new_beacon(&drv->wiphy, pending_beacon); 1633 wiphy_update_new_beacon(&rdev->wiphy, pending_beacon);
1638 1634
1639 /* Remembers the beacon hint for new wiphys or reg changes */ 1635 /* Remembers the beacon hint for new wiphys or reg changes */
1640 list_add_tail(&pending_beacon->list, &reg_beacon_list); 1636 list_add_tail(&pending_beacon->list, &reg_beacon_list);
@@ -1814,23 +1810,23 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1814 if (likely(last_request->initiator == 1810 if (likely(last_request->initiator ==
1815 NL80211_REGDOM_SET_BY_COUNTRY_IE && 1811 NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1816 wiphy_idx_valid(last_request->wiphy_idx))) { 1812 wiphy_idx_valid(last_request->wiphy_idx))) {
1817 struct cfg80211_registered_device *drv_last_ie; 1813 struct cfg80211_registered_device *rdev_last_ie;
1818 1814
1819 drv_last_ie = 1815 rdev_last_ie =
1820 cfg80211_drv_by_wiphy_idx(last_request->wiphy_idx); 1816 cfg80211_rdev_by_wiphy_idx(last_request->wiphy_idx);
1821 1817
1822 /* 1818 /*
1823 * Lets keep this simple -- we trust the first AP 1819 * Lets keep this simple -- we trust the first AP
1824 * after we intersect with CRDA 1820 * after we intersect with CRDA
1825 */ 1821 */
1826 if (likely(&drv_last_ie->wiphy == wiphy)) { 1822 if (likely(&rdev_last_ie->wiphy == wiphy)) {
1827 /* 1823 /*
1828 * Ignore IEs coming in on this wiphy with 1824 * Ignore IEs coming in on this wiphy with
1829 * the same alpha2 and environment cap 1825 * the same alpha2 and environment cap
1830 */ 1826 */
1831 if (likely(alpha2_equal(drv_last_ie->country_ie_alpha2, 1827 if (likely(alpha2_equal(rdev_last_ie->country_ie_alpha2,
1832 alpha2) && 1828 alpha2) &&
1833 env == drv_last_ie->env)) { 1829 env == rdev_last_ie->env)) {
1834 goto out; 1830 goto out;
1835 } 1831 }
1836 /* 1832 /*
@@ -1846,9 +1842,9 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1846 * Ignore IEs coming in on two separate wiphys with 1842 * Ignore IEs coming in on two separate wiphys with
1847 * the same alpha2 and environment cap 1843 * the same alpha2 and environment cap
1848 */ 1844 */
1849 if (likely(alpha2_equal(drv_last_ie->country_ie_alpha2, 1845 if (likely(alpha2_equal(rdev_last_ie->country_ie_alpha2,
1850 alpha2) && 1846 alpha2) &&
1851 env == drv_last_ie->env)) { 1847 env == rdev_last_ie->env)) {
1852 goto out; 1848 goto out;
1853 } 1849 }
1854 /* We could potentially intersect though */ 1850 /* We could potentially intersect though */
@@ -1995,14 +1991,14 @@ static void print_regdomain(const struct ieee80211_regdomain *rd)
1995 1991
1996 if (last_request->initiator == 1992 if (last_request->initiator ==
1997 NL80211_REGDOM_SET_BY_COUNTRY_IE) { 1993 NL80211_REGDOM_SET_BY_COUNTRY_IE) {
1998 struct cfg80211_registered_device *drv; 1994 struct cfg80211_registered_device *rdev;
1999 drv = cfg80211_drv_by_wiphy_idx( 1995 rdev = cfg80211_rdev_by_wiphy_idx(
2000 last_request->wiphy_idx); 1996 last_request->wiphy_idx);
2001 if (drv) { 1997 if (rdev) {
2002 printk(KERN_INFO "cfg80211: Current regulatory " 1998 printk(KERN_INFO "cfg80211: Current regulatory "
2003 "domain updated by AP to: %c%c\n", 1999 "domain updated by AP to: %c%c\n",
2004 drv->country_ie_alpha2[0], 2000 rdev->country_ie_alpha2[0],
2005 drv->country_ie_alpha2[1]); 2001 rdev->country_ie_alpha2[1]);
2006 } else 2002 } else
2007 printk(KERN_INFO "cfg80211: Current regulatory " 2003 printk(KERN_INFO "cfg80211: Current regulatory "
2008 "domain intersected: \n"); 2004 "domain intersected: \n");
@@ -2063,7 +2059,7 @@ static inline void reg_country_ie_process_debug(
2063static int __set_regdom(const struct ieee80211_regdomain *rd) 2059static int __set_regdom(const struct ieee80211_regdomain *rd)
2064{ 2060{
2065 const struct ieee80211_regdomain *intersected_rd = NULL; 2061 const struct ieee80211_regdomain *intersected_rd = NULL;
2066 struct cfg80211_registered_device *drv = NULL; 2062 struct cfg80211_registered_device *rdev = NULL;
2067 struct wiphy *request_wiphy; 2063 struct wiphy *request_wiphy;
2068 /* Some basic sanity checks first */ 2064 /* Some basic sanity checks first */
2069 2065
@@ -2202,11 +2198,11 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2202 if (!intersected_rd) 2198 if (!intersected_rd)
2203 return -EINVAL; 2199 return -EINVAL;
2204 2200
2205 drv = wiphy_to_dev(request_wiphy); 2201 rdev = wiphy_to_dev(request_wiphy);
2206 2202
2207 drv->country_ie_alpha2[0] = rd->alpha2[0]; 2203 rdev->country_ie_alpha2[0] = rd->alpha2[0];
2208 drv->country_ie_alpha2[1] = rd->alpha2[1]; 2204 rdev->country_ie_alpha2[1] = rd->alpha2[1];
2209 drv->env = last_request->country_ie_env; 2205 rdev->env = last_request->country_ie_env;
2210 2206
2211 BUG_ON(intersected_rd == rd); 2207 BUG_ON(intersected_rd == rd);
2212 2208
@@ -2287,22 +2283,12 @@ int regulatory_init(void)
2287 2283
2288 printk(KERN_INFO "cfg80211: Using static regulatory domain info\n"); 2284 printk(KERN_INFO "cfg80211: Using static regulatory domain info\n");
2289 print_regdomain_info(cfg80211_regdomain); 2285 print_regdomain_info(cfg80211_regdomain);
2290 /*
2291 * The old code still requests for a new regdomain and if
2292 * you have CRDA you get it updated, otherwise you get
2293 * stuck with the static values. Since "EU" is not a valid
2294 * ISO / IEC 3166 alpha2 code we can't expect userpace to
2295 * give us a regulatory domain for it. We need last_request
2296 * iniitalized though so lets just send a request which we
2297 * know will be ignored... this crap will be removed once
2298 * OLD_REG dies.
2299 */
2300 err = regulatory_hint_core(ieee80211_regdom);
2301#else 2286#else
2302 cfg80211_regdomain = cfg80211_world_regdom; 2287 cfg80211_regdomain = cfg80211_world_regdom;
2303 2288
2304 err = regulatory_hint_core(ieee80211_regdom);
2305#endif 2289#endif
2290 /* We always try to get an update for the static regdomain */
2291 err = regulatory_hint_core(cfg80211_regdomain->alpha2);
2306 if (err) { 2292 if (err) {
2307 if (err == -ENOMEM) 2293 if (err == -ENOMEM)
2308 return err; 2294 return err;
@@ -2321,6 +2307,13 @@ int regulatory_init(void)
2321#endif 2307#endif
2322 } 2308 }
2323 2309
2310 /*
2311 * Finally, if the user set the module parameter treat it
2312 * as a user hint.
2313 */
2314 if (!is_world_regdom(ieee80211_regdom))
2315 regulatory_hint_user(ieee80211_regdom);
2316
2324 return 0; 2317 return 0;
2325} 2318}
2326 2319
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index 9271118e1fc4..decc59fe0ee8 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -17,26 +17,39 @@
17 17
18#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ) 18#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
19 19
20void cfg80211_scan_done(struct cfg80211_scan_request *request, bool aborted) 20void __cfg80211_scan_done(struct work_struct *wk)
21{ 21{
22 struct cfg80211_registered_device *rdev;
23 struct cfg80211_scan_request *request;
22 struct net_device *dev; 24 struct net_device *dev;
23#ifdef CONFIG_WIRELESS_EXT 25#ifdef CONFIG_WIRELESS_EXT
24 union iwreq_data wrqu; 26 union iwreq_data wrqu;
25#endif 27#endif
26 28
29 rdev = container_of(wk, struct cfg80211_registered_device,
30 scan_done_wk);
31
32 mutex_lock(&rdev->mtx);
33 request = rdev->scan_req;
34
27 dev = dev_get_by_index(&init_net, request->ifidx); 35 dev = dev_get_by_index(&init_net, request->ifidx);
28 if (!dev) 36 if (!dev)
29 goto out; 37 goto out;
30 38
31 WARN_ON(request != wiphy_to_dev(request->wiphy)->scan_req); 39 /*
40 * This must be before sending the other events!
41 * Otherwise, wpa_supplicant gets completely confused with
42 * wext events.
43 */
44 cfg80211_sme_scan_done(dev);
32 45
33 if (aborted) 46 if (request->aborted)
34 nl80211_send_scan_aborted(wiphy_to_dev(request->wiphy), dev); 47 nl80211_send_scan_aborted(wiphy_to_dev(request->wiphy), dev);
35 else 48 else
36 nl80211_send_scan_done(wiphy_to_dev(request->wiphy), dev); 49 nl80211_send_scan_done(wiphy_to_dev(request->wiphy), dev);
37 50
38#ifdef CONFIG_WIRELESS_EXT 51#ifdef CONFIG_WIRELESS_EXT
39 if (!aborted) { 52 if (!request->aborted) {
40 memset(&wrqu, 0, sizeof(wrqu)); 53 memset(&wrqu, 0, sizeof(wrqu));
41 54
42 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL); 55 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
@@ -46,9 +59,25 @@ void cfg80211_scan_done(struct cfg80211_scan_request *request, bool aborted)
46 dev_put(dev); 59 dev_put(dev);
47 60
48 out: 61 out:
62 cfg80211_unlock_rdev(rdev);
49 wiphy_to_dev(request->wiphy)->scan_req = NULL; 63 wiphy_to_dev(request->wiphy)->scan_req = NULL;
50 kfree(request); 64 kfree(request);
51} 65}
66
67void cfg80211_scan_done(struct cfg80211_scan_request *request, bool aborted)
68{
69 struct net_device *dev = dev_get_by_index(&init_net, request->ifidx);
70 if (WARN_ON(!dev)) {
71 kfree(request);
72 return;
73 }
74
75 WARN_ON(request != wiphy_to_dev(request->wiphy)->scan_req);
76
77 request->aborted = aborted;
78 schedule_work(&wiphy_to_dev(request->wiphy)->scan_done_wk);
79 dev_put(dev);
80}
52EXPORT_SYMBOL(cfg80211_scan_done); 81EXPORT_SYMBOL(cfg80211_scan_done);
53 82
54static void bss_release(struct kref *ref) 83static void bss_release(struct kref *ref)
@@ -62,6 +91,8 @@ static void bss_release(struct kref *ref)
62 if (bss->ies_allocated) 91 if (bss->ies_allocated)
63 kfree(bss->pub.information_elements); 92 kfree(bss->pub.information_elements);
64 93
94 BUG_ON(atomic_read(&bss->hold));
95
65 kfree(bss); 96 kfree(bss);
66} 97}
67 98
@@ -84,8 +115,9 @@ void cfg80211_bss_expire(struct cfg80211_registered_device *dev)
84 bool expired = false; 115 bool expired = false;
85 116
86 list_for_each_entry_safe(bss, tmp, &dev->bss_list, list) { 117 list_for_each_entry_safe(bss, tmp, &dev->bss_list, list) {
87 if (bss->hold || 118 if (atomic_read(&bss->hold))
88 !time_after(jiffies, bss->ts + IEEE80211_SCAN_RESULT_EXPIRE)) 119 continue;
120 if (!time_after(jiffies, bss->ts + IEEE80211_SCAN_RESULT_EXPIRE))
89 continue; 121 continue;
90 list_del(&bss->list); 122 list_del(&bss->list);
91 rb_erase(&bss->rbn, &dev->bss_tree); 123 rb_erase(&bss->rbn, &dev->bss_tree);
@@ -545,30 +577,6 @@ void cfg80211_unlink_bss(struct wiphy *wiphy, struct cfg80211_bss *pub)
545} 577}
546EXPORT_SYMBOL(cfg80211_unlink_bss); 578EXPORT_SYMBOL(cfg80211_unlink_bss);
547 579
548void cfg80211_hold_bss(struct cfg80211_bss *pub)
549{
550 struct cfg80211_internal_bss *bss;
551
552 if (!pub)
553 return;
554
555 bss = container_of(pub, struct cfg80211_internal_bss, pub);
556 bss->hold = true;
557}
558EXPORT_SYMBOL(cfg80211_hold_bss);
559
560void cfg80211_unhold_bss(struct cfg80211_bss *pub)
561{
562 struct cfg80211_internal_bss *bss;
563
564 if (!pub)
565 return;
566
567 bss = container_of(pub, struct cfg80211_internal_bss, pub);
568 bss->hold = false;
569}
570EXPORT_SYMBOL(cfg80211_unhold_bss);
571
572#ifdef CONFIG_WIRELESS_EXT 580#ifdef CONFIG_WIRELESS_EXT
573int cfg80211_wext_siwscan(struct net_device *dev, 581int cfg80211_wext_siwscan(struct net_device *dev,
574 struct iw_request_info *info, 582 struct iw_request_info *info,
@@ -646,9 +654,10 @@ int cfg80211_wext_siwscan(struct net_device *dev,
646 if (err) { 654 if (err) {
647 rdev->scan_req = NULL; 655 rdev->scan_req = NULL;
648 kfree(creq); 656 kfree(creq);
649 } 657 } else
658 nl80211_send_scan_start(rdev, dev);
650 out: 659 out:
651 cfg80211_put_dev(rdev); 660 cfg80211_unlock_rdev(rdev);
652 return err; 661 return err;
653} 662}
654EXPORT_SYMBOL_GPL(cfg80211_wext_siwscan); 663EXPORT_SYMBOL_GPL(cfg80211_wext_siwscan);
@@ -957,7 +966,7 @@ int cfg80211_wext_giwscan(struct net_device *dev,
957 } 966 }
958 967
959 out: 968 out:
960 cfg80211_put_dev(rdev); 969 cfg80211_unlock_rdev(rdev);
961 return res; 970 return res;
962} 971}
963EXPORT_SYMBOL_GPL(cfg80211_wext_giwscan); 972EXPORT_SYMBOL_GPL(cfg80211_wext_giwscan);
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
new file mode 100644
index 000000000000..82de2d9795f4
--- /dev/null
+++ b/net/wireless/sme.c
@@ -0,0 +1,836 @@
1/*
2 * SME code for cfg80211's connect emulation.
3 *
4 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright (C) 2009 Intel Corporation. All rights reserved.
6 */
7
8#include <linux/etherdevice.h>
9#include <linux/if_arp.h>
10#include <linux/workqueue.h>
11#include <net/cfg80211.h>
12#include <net/rtnetlink.h>
13#include "nl80211.h"
14
15struct cfg80211_conn {
16 struct cfg80211_connect_params params;
17 /* these are sub-states of the _CONNECTING sme_state */
18 enum {
19 CFG80211_CONN_IDLE,
20 CFG80211_CONN_SCANNING,
21 CFG80211_CONN_SCAN_AGAIN,
22 CFG80211_CONN_AUTHENTICATE_NEXT,
23 CFG80211_CONN_AUTHENTICATING,
24 CFG80211_CONN_ASSOCIATE_NEXT,
25 CFG80211_CONN_ASSOCIATING,
26 } state;
27 u8 bssid[ETH_ALEN];
28 u8 *ie;
29 size_t ie_len;
30 bool auto_auth;
31};
32
33
34static int cfg80211_conn_scan(struct wireless_dev *wdev)
35{
36 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
37 struct cfg80211_scan_request *request;
38 int n_channels, err;
39
40 ASSERT_RTNL();
41 ASSERT_RDEV_LOCK(rdev);
42 ASSERT_WDEV_LOCK(wdev);
43
44 if (rdev->scan_req)
45 return -EBUSY;
46
47 if (wdev->conn->params.channel) {
48 n_channels = 1;
49 } else {
50 enum ieee80211_band band;
51 n_channels = 0;
52
53 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
54 if (!wdev->wiphy->bands[band])
55 continue;
56 n_channels += wdev->wiphy->bands[band]->n_channels;
57 }
58 }
59 request = kzalloc(sizeof(*request) + sizeof(request->ssids[0]) +
60 sizeof(request->channels[0]) * n_channels,
61 GFP_KERNEL);
62 if (!request)
63 return -ENOMEM;
64
65 request->channels = (void *)((char *)request + sizeof(*request));
66 if (wdev->conn->params.channel)
67 request->channels[0] = wdev->conn->params.channel;
68 else {
69 int i = 0, j;
70 enum ieee80211_band band;
71
72 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
73 if (!wdev->wiphy->bands[band])
74 continue;
75 for (j = 0; j < wdev->wiphy->bands[band]->n_channels;
76 i++, j++)
77 request->channels[i] =
78 &wdev->wiphy->bands[band]->channels[j];
79 }
80 }
81 request->n_channels = n_channels;
82 request->ssids = (void *)(request->channels + n_channels);
83 request->n_ssids = 1;
84
85 memcpy(request->ssids[0].ssid, wdev->conn->params.ssid,
86 wdev->conn->params.ssid_len);
87 request->ssids[0].ssid_len = wdev->conn->params.ssid_len;
88
89 request->ifidx = wdev->netdev->ifindex;
90 request->wiphy = &rdev->wiphy;
91
92 rdev->scan_req = request;
93
94 err = rdev->ops->scan(wdev->wiphy, wdev->netdev, request);
95 if (!err) {
96 wdev->conn->state = CFG80211_CONN_SCANNING;
97 nl80211_send_scan_start(rdev, wdev->netdev);
98 } else {
99 rdev->scan_req = NULL;
100 kfree(request);
101 }
102 return err;
103}
104
105static int cfg80211_conn_do_work(struct wireless_dev *wdev)
106{
107 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
108 struct cfg80211_connect_params *params;
109 int err;
110
111 ASSERT_WDEV_LOCK(wdev);
112
113 if (!wdev->conn)
114 return 0;
115
116 params = &wdev->conn->params;
117
118 switch (wdev->conn->state) {
119 case CFG80211_CONN_SCAN_AGAIN:
120 return cfg80211_conn_scan(wdev);
121 case CFG80211_CONN_AUTHENTICATE_NEXT:
122 BUG_ON(!rdev->ops->auth);
123 wdev->conn->state = CFG80211_CONN_AUTHENTICATING;
124 return __cfg80211_mlme_auth(rdev, wdev->netdev,
125 params->channel, params->auth_type,
126 params->bssid,
127 params->ssid, params->ssid_len,
128 NULL, 0,
129 params->key, params->key_len,
130 params->key_idx);
131 case CFG80211_CONN_ASSOCIATE_NEXT:
132 BUG_ON(!rdev->ops->assoc);
133 wdev->conn->state = CFG80211_CONN_ASSOCIATING;
134 /*
135 * We could, later, implement roaming here and then actually
136 * set prev_bssid to non-NULL. But then we need to be aware
137 * that some APs don't like that -- so we'd need to retry
138 * the association.
139 */
140 err = __cfg80211_mlme_assoc(rdev, wdev->netdev,
141 params->channel, params->bssid,
142 NULL,
143 params->ssid, params->ssid_len,
144 params->ie, params->ie_len,
145 false, &params->crypto);
146 if (err)
147 __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
148 NULL, 0,
149 WLAN_REASON_DEAUTH_LEAVING);
150 return err;
151 default:
152 return 0;
153 }
154}
155
156void cfg80211_conn_work(struct work_struct *work)
157{
158 struct cfg80211_registered_device *rdev =
159 container_of(work, struct cfg80211_registered_device, conn_work);
160 struct wireless_dev *wdev;
161
162 rtnl_lock();
163 cfg80211_lock_rdev(rdev);
164 mutex_lock(&rdev->devlist_mtx);
165
166 list_for_each_entry(wdev, &rdev->netdev_list, list) {
167 wdev_lock(wdev);
168 if (!netif_running(wdev->netdev)) {
169 wdev_unlock(wdev);
170 continue;
171 }
172 if (wdev->sme_state != CFG80211_SME_CONNECTING) {
173 wdev_unlock(wdev);
174 continue;
175 }
176 if (cfg80211_conn_do_work(wdev))
177 __cfg80211_connect_result(
178 wdev->netdev,
179 wdev->conn->params.bssid,
180 NULL, 0, NULL, 0,
181 WLAN_STATUS_UNSPECIFIED_FAILURE,
182 false);
183 wdev_unlock(wdev);
184 }
185
186 mutex_unlock(&rdev->devlist_mtx);
187 cfg80211_unlock_rdev(rdev);
188 rtnl_unlock();
189}
190
191static bool cfg80211_get_conn_bss(struct wireless_dev *wdev)
192{
193 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
194 struct cfg80211_bss *bss;
195 u16 capa = WLAN_CAPABILITY_ESS;
196
197 ASSERT_WDEV_LOCK(wdev);
198
199 if (wdev->conn->params.privacy)
200 capa |= WLAN_CAPABILITY_PRIVACY;
201
202 bss = cfg80211_get_bss(wdev->wiphy, NULL, wdev->conn->params.bssid,
203 wdev->conn->params.ssid,
204 wdev->conn->params.ssid_len,
205 WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_PRIVACY,
206 capa);
207 if (!bss)
208 return false;
209
210 memcpy(wdev->conn->bssid, bss->bssid, ETH_ALEN);
211 wdev->conn->params.bssid = wdev->conn->bssid;
212 wdev->conn->params.channel = bss->channel;
213 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
214 schedule_work(&rdev->conn_work);
215
216 cfg80211_put_bss(bss);
217 return true;
218}
219
220static void __cfg80211_sme_scan_done(struct net_device *dev)
221{
222 struct wireless_dev *wdev = dev->ieee80211_ptr;
223 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
224
225 ASSERT_WDEV_LOCK(wdev);
226
227 if (wdev->sme_state != CFG80211_SME_CONNECTING)
228 return;
229
230 if (!wdev->conn)
231 return;
232
233 if (wdev->conn->state != CFG80211_CONN_SCANNING &&
234 wdev->conn->state != CFG80211_CONN_SCAN_AGAIN)
235 return;
236
237 if (!cfg80211_get_conn_bss(wdev)) {
238 /* not found */
239 if (wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)
240 schedule_work(&rdev->conn_work);
241 else
242 __cfg80211_connect_result(
243 wdev->netdev,
244 wdev->conn->params.bssid,
245 NULL, 0, NULL, 0,
246 WLAN_STATUS_UNSPECIFIED_FAILURE,
247 false);
248 }
249}
250
251void cfg80211_sme_scan_done(struct net_device *dev)
252{
253 struct wireless_dev *wdev = dev->ieee80211_ptr;
254
255 wdev_lock(wdev);
256 __cfg80211_sme_scan_done(dev);
257 wdev_unlock(wdev);
258}
259
260void cfg80211_sme_rx_auth(struct net_device *dev,
261 const u8 *buf, size_t len)
262{
263 struct wireless_dev *wdev = dev->ieee80211_ptr;
264 struct wiphy *wiphy = wdev->wiphy;
265 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
266 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
267 u16 status_code = le16_to_cpu(mgmt->u.auth.status_code);
268
269 ASSERT_WDEV_LOCK(wdev);
270
271 /* should only RX auth frames when connecting */
272 if (wdev->sme_state != CFG80211_SME_CONNECTING)
273 return;
274
275 if (WARN_ON(!wdev->conn))
276 return;
277
278 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG &&
279 wdev->conn->auto_auth &&
280 wdev->conn->params.auth_type != NL80211_AUTHTYPE_NETWORK_EAP) {
281 /* select automatically between only open, shared, leap */
282 switch (wdev->conn->params.auth_type) {
283 case NL80211_AUTHTYPE_OPEN_SYSTEM:
284 if (wdev->connect_keys)
285 wdev->conn->params.auth_type =
286 NL80211_AUTHTYPE_SHARED_KEY;
287 else
288 wdev->conn->params.auth_type =
289 NL80211_AUTHTYPE_NETWORK_EAP;
290 break;
291 case NL80211_AUTHTYPE_SHARED_KEY:
292 wdev->conn->params.auth_type =
293 NL80211_AUTHTYPE_NETWORK_EAP;
294 break;
295 default:
296 /* huh? */
297 wdev->conn->params.auth_type =
298 NL80211_AUTHTYPE_OPEN_SYSTEM;
299 break;
300 }
301 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
302 schedule_work(&rdev->conn_work);
303 } else if (status_code != WLAN_STATUS_SUCCESS) {
304 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0,
305 status_code, false);
306 } else if (wdev->sme_state == CFG80211_SME_CONNECTING &&
307 wdev->conn->state == CFG80211_CONN_AUTHENTICATING) {
308 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT;
309 schedule_work(&rdev->conn_work);
310 }
311}
312
313void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
314 const u8 *req_ie, size_t req_ie_len,
315 const u8 *resp_ie, size_t resp_ie_len,
316 u16 status, bool wextev)
317{
318 struct wireless_dev *wdev = dev->ieee80211_ptr;
319 struct cfg80211_bss *bss;
320#ifdef CONFIG_WIRELESS_EXT
321 union iwreq_data wrqu;
322#endif
323
324 ASSERT_WDEV_LOCK(wdev);
325
326 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
327 return;
328
329 if (wdev->sme_state == CFG80211_SME_CONNECTED)
330 nl80211_send_roamed(wiphy_to_dev(wdev->wiphy), dev,
331 bssid, req_ie, req_ie_len,
332 resp_ie, resp_ie_len, GFP_KERNEL);
333 else
334 nl80211_send_connect_result(wiphy_to_dev(wdev->wiphy), dev,
335 bssid, req_ie, req_ie_len,
336 resp_ie, resp_ie_len,
337 status, GFP_KERNEL);
338
339#ifdef CONFIG_WIRELESS_EXT
340 if (wextev) {
341 if (req_ie && status == WLAN_STATUS_SUCCESS) {
342 memset(&wrqu, 0, sizeof(wrqu));
343 wrqu.data.length = req_ie_len;
344 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, req_ie);
345 }
346
347 if (resp_ie && status == WLAN_STATUS_SUCCESS) {
348 memset(&wrqu, 0, sizeof(wrqu));
349 wrqu.data.length = resp_ie_len;
350 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, resp_ie);
351 }
352
353 memset(&wrqu, 0, sizeof(wrqu));
354 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
355 if (bssid && status == WLAN_STATUS_SUCCESS)
356 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
357 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
358 }
359#endif
360
361 if (status == WLAN_STATUS_SUCCESS &&
362 wdev->sme_state == CFG80211_SME_IDLE)
363 goto success;
364
365 if (wdev->sme_state != CFG80211_SME_CONNECTING)
366 return;
367
368 if (wdev->current_bss) {
369 cfg80211_unhold_bss(wdev->current_bss);
370 cfg80211_put_bss(&wdev->current_bss->pub);
371 wdev->current_bss = NULL;
372 }
373
374 if (wdev->conn)
375 wdev->conn->state = CFG80211_CONN_IDLE;
376
377 if (status != WLAN_STATUS_SUCCESS) {
378 wdev->sme_state = CFG80211_SME_IDLE;
379 kfree(wdev->conn);
380 wdev->conn = NULL;
381 kfree(wdev->connect_keys);
382 wdev->connect_keys = NULL;
383 return;
384 }
385
386 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
387 wdev->ssid, wdev->ssid_len,
388 WLAN_CAPABILITY_ESS,
389 WLAN_CAPABILITY_ESS);
390
391 if (WARN_ON(!bss))
392 return;
393
394 cfg80211_hold_bss(bss_from_pub(bss));
395 wdev->current_bss = bss_from_pub(bss);
396
397 success:
398 wdev->sme_state = CFG80211_SME_CONNECTED;
399 cfg80211_upload_connect_keys(wdev);
400}
401
402void cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
403 const u8 *req_ie, size_t req_ie_len,
404 const u8 *resp_ie, size_t resp_ie_len,
405 u16 status, gfp_t gfp)
406{
407 struct wireless_dev *wdev = dev->ieee80211_ptr;
408 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
409 struct cfg80211_event *ev;
410 unsigned long flags;
411
412 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
413 if (!ev)
414 return;
415
416 ev->type = EVENT_CONNECT_RESULT;
417 memcpy(ev->cr.bssid, bssid, ETH_ALEN);
418 ev->cr.req_ie = ((u8 *)ev) + sizeof(*ev);
419 ev->cr.req_ie_len = req_ie_len;
420 memcpy((void *)ev->cr.req_ie, req_ie, req_ie_len);
421 ev->cr.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
422 ev->cr.resp_ie_len = resp_ie_len;
423 memcpy((void *)ev->cr.resp_ie, resp_ie, resp_ie_len);
424 ev->cr.status = status;
425
426 spin_lock_irqsave(&wdev->event_lock, flags);
427 list_add_tail(&ev->list, &wdev->event_list);
428 spin_unlock_irqrestore(&wdev->event_lock, flags);
429 schedule_work(&rdev->event_work);
430}
431EXPORT_SYMBOL(cfg80211_connect_result);
432
433void __cfg80211_roamed(struct wireless_dev *wdev, const u8 *bssid,
434 const u8 *req_ie, size_t req_ie_len,
435 const u8 *resp_ie, size_t resp_ie_len)
436{
437 struct cfg80211_bss *bss;
438#ifdef CONFIG_WIRELESS_EXT
439 union iwreq_data wrqu;
440#endif
441
442 ASSERT_WDEV_LOCK(wdev);
443
444 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
445 return;
446
447 if (WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED))
448 return;
449
450 /* internal error -- how did we get to CONNECTED w/o BSS? */
451 if (WARN_ON(!wdev->current_bss)) {
452 return;
453 }
454
455 cfg80211_unhold_bss(wdev->current_bss);
456 cfg80211_put_bss(&wdev->current_bss->pub);
457 wdev->current_bss = NULL;
458
459 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
460 wdev->ssid, wdev->ssid_len,
461 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
462
463 if (WARN_ON(!bss))
464 return;
465
466 cfg80211_hold_bss(bss_from_pub(bss));
467 wdev->current_bss = bss_from_pub(bss);
468
469 nl80211_send_roamed(wiphy_to_dev(wdev->wiphy), wdev->netdev, bssid,
470 req_ie, req_ie_len, resp_ie, resp_ie_len,
471 GFP_KERNEL);
472
473#ifdef CONFIG_WIRELESS_EXT
474 if (req_ie) {
475 memset(&wrqu, 0, sizeof(wrqu));
476 wrqu.data.length = req_ie_len;
477 wireless_send_event(wdev->netdev, IWEVASSOCREQIE,
478 &wrqu, req_ie);
479 }
480
481 if (resp_ie) {
482 memset(&wrqu, 0, sizeof(wrqu));
483 wrqu.data.length = resp_ie_len;
484 wireless_send_event(wdev->netdev, IWEVASSOCRESPIE,
485 &wrqu, resp_ie);
486 }
487
488 memset(&wrqu, 0, sizeof(wrqu));
489 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
490 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
491 wireless_send_event(wdev->netdev, SIOCGIWAP, &wrqu, NULL);
492#endif
493}
494
495void cfg80211_roamed(struct net_device *dev, const u8 *bssid,
496 const u8 *req_ie, size_t req_ie_len,
497 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
498{
499 struct wireless_dev *wdev = dev->ieee80211_ptr;
500 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
501 struct cfg80211_event *ev;
502 unsigned long flags;
503
504 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
505 if (!ev)
506 return;
507
508 ev->type = EVENT_ROAMED;
509 memcpy(ev->rm.bssid, bssid, ETH_ALEN);
510 ev->rm.req_ie = ((u8 *)ev) + sizeof(*ev);
511 ev->rm.req_ie_len = req_ie_len;
512 memcpy((void *)ev->rm.req_ie, req_ie, req_ie_len);
513 ev->rm.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
514 ev->rm.resp_ie_len = resp_ie_len;
515 memcpy((void *)ev->rm.resp_ie, resp_ie, resp_ie_len);
516
517 spin_lock_irqsave(&wdev->event_lock, flags);
518 list_add_tail(&ev->list, &wdev->event_list);
519 spin_unlock_irqrestore(&wdev->event_lock, flags);
520 schedule_work(&rdev->event_work);
521}
522EXPORT_SYMBOL(cfg80211_roamed);
523
524void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
525 size_t ie_len, u16 reason, bool from_ap)
526{
527 struct wireless_dev *wdev = dev->ieee80211_ptr;
528 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
529 int i;
530#ifdef CONFIG_WIRELESS_EXT
531 union iwreq_data wrqu;
532#endif
533
534 ASSERT_WDEV_LOCK(wdev);
535
536 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
537 return;
538
539 if (WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED))
540 return;
541
542 if (wdev->current_bss) {
543 cfg80211_unhold_bss(wdev->current_bss);
544 cfg80211_put_bss(&wdev->current_bss->pub);
545 }
546
547 wdev->current_bss = NULL;
548 wdev->sme_state = CFG80211_SME_IDLE;
549
550 if (wdev->conn) {
551 kfree(wdev->conn->ie);
552 wdev->conn->ie = NULL;
553 kfree(wdev->conn);
554 wdev->conn = NULL;
555 }
556
557 nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap);
558
559 /*
560 * Delete all the keys ... pairwise keys can't really
561 * exist any more anyway, but default keys might.
562 */
563 if (rdev->ops->del_key)
564 for (i = 0; i < 6; i++)
565 rdev->ops->del_key(wdev->wiphy, dev, i, NULL);
566
567#ifdef CONFIG_WIRELESS_EXT
568 memset(&wrqu, 0, sizeof(wrqu));
569 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
570 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
571#endif
572}
573
574void cfg80211_disconnected(struct net_device *dev, u16 reason,
575 u8 *ie, size_t ie_len, gfp_t gfp)
576{
577 struct wireless_dev *wdev = dev->ieee80211_ptr;
578 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
579 struct cfg80211_event *ev;
580 unsigned long flags;
581
582 ev = kzalloc(sizeof(*ev) + ie_len, gfp);
583 if (!ev)
584 return;
585
586 ev->type = EVENT_DISCONNECTED;
587 ev->dc.ie = ((u8 *)ev) + sizeof(*ev);
588 ev->dc.ie_len = ie_len;
589 memcpy((void *)ev->dc.ie, ie, ie_len);
590 ev->dc.reason = reason;
591
592 spin_lock_irqsave(&wdev->event_lock, flags);
593 list_add_tail(&ev->list, &wdev->event_list);
594 spin_unlock_irqrestore(&wdev->event_lock, flags);
595 schedule_work(&rdev->event_work);
596}
597EXPORT_SYMBOL(cfg80211_disconnected);
598
599int __cfg80211_connect(struct cfg80211_registered_device *rdev,
600 struct net_device *dev,
601 struct cfg80211_connect_params *connect,
602 struct cfg80211_cached_keys *connkeys)
603{
604 struct wireless_dev *wdev = dev->ieee80211_ptr;
605 int err;
606
607 ASSERT_WDEV_LOCK(wdev);
608
609 if (wdev->sme_state != CFG80211_SME_IDLE)
610 return -EALREADY;
611
612 if (WARN_ON(wdev->connect_keys)) {
613 kfree(wdev->connect_keys);
614 wdev->connect_keys = NULL;
615 }
616
617 if (connkeys && connkeys->def >= 0) {
618 int idx;
619
620 idx = connkeys->def;
621 /* If given a WEP key we may need it for shared key auth */
622 if (connkeys->params[idx].cipher == WLAN_CIPHER_SUITE_WEP40 ||
623 connkeys->params[idx].cipher == WLAN_CIPHER_SUITE_WEP104) {
624 connect->key_idx = idx;
625 connect->key = connkeys->params[idx].key;
626 connect->key_len = connkeys->params[idx].key_len;
627 }
628 }
629
630 if (!rdev->ops->connect) {
631 if (!rdev->ops->auth || !rdev->ops->assoc)
632 return -EOPNOTSUPP;
633
634 if (WARN_ON(wdev->conn))
635 return -EINPROGRESS;
636
637 wdev->conn = kzalloc(sizeof(*wdev->conn), GFP_KERNEL);
638 if (!wdev->conn)
639 return -ENOMEM;
640
641 /*
642 * Copy all parameters, and treat explicitly IEs, BSSID, SSID.
643 */
644 memcpy(&wdev->conn->params, connect, sizeof(*connect));
645 if (connect->bssid) {
646 wdev->conn->params.bssid = wdev->conn->bssid;
647 memcpy(wdev->conn->bssid, connect->bssid, ETH_ALEN);
648 }
649
650 if (connect->ie) {
651 wdev->conn->ie = kmemdup(connect->ie, connect->ie_len,
652 GFP_KERNEL);
653 wdev->conn->params.ie = wdev->conn->ie;
654 if (!wdev->conn->ie) {
655 kfree(wdev->conn);
656 wdev->conn = NULL;
657 return -ENOMEM;
658 }
659 }
660
661 if (connect->auth_type == NL80211_AUTHTYPE_AUTOMATIC) {
662 wdev->conn->auto_auth = true;
663 /* start with open system ... should mostly work */
664 wdev->conn->params.auth_type =
665 NL80211_AUTHTYPE_OPEN_SYSTEM;
666 } else {
667 wdev->conn->auto_auth = false;
668 }
669
670 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
671 wdev->ssid_len = connect->ssid_len;
672 wdev->conn->params.ssid = wdev->ssid;
673 wdev->conn->params.ssid_len = connect->ssid_len;
674
675 /* don't care about result -- but fill bssid & channel */
676 if (!wdev->conn->params.bssid || !wdev->conn->params.channel)
677 cfg80211_get_conn_bss(wdev);
678
679 wdev->sme_state = CFG80211_SME_CONNECTING;
680 wdev->connect_keys = connkeys;
681
682 /* we're good if we have both BSSID and channel */
683 if (wdev->conn->params.bssid && wdev->conn->params.channel) {
684 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
685 err = cfg80211_conn_do_work(wdev);
686 } else {
687 /* otherwise we'll need to scan for the AP first */
688 err = cfg80211_conn_scan(wdev);
689 /*
690 * If we can't scan right now, then we need to scan again
691 * after the current scan finished, since the parameters
692 * changed (unless we find a good AP anyway).
693 */
694 if (err == -EBUSY) {
695 err = 0;
696 wdev->conn->state = CFG80211_CONN_SCAN_AGAIN;
697 }
698 }
699 if (err) {
700 kfree(wdev->conn);
701 wdev->conn = NULL;
702 wdev->sme_state = CFG80211_SME_IDLE;
703 wdev->connect_keys = NULL;
704 }
705
706 return err;
707 } else {
708 wdev->sme_state = CFG80211_SME_CONNECTING;
709 wdev->connect_keys = connkeys;
710 err = rdev->ops->connect(&rdev->wiphy, dev, connect);
711 if (err) {
712 wdev->connect_keys = NULL;
713 wdev->sme_state = CFG80211_SME_IDLE;
714 return err;
715 }
716
717 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
718 wdev->ssid_len = connect->ssid_len;
719
720 return 0;
721 }
722}
723
724int cfg80211_connect(struct cfg80211_registered_device *rdev,
725 struct net_device *dev,
726 struct cfg80211_connect_params *connect,
727 struct cfg80211_cached_keys *connkeys)
728{
729 int err;
730
731 wdev_lock(dev->ieee80211_ptr);
732 err = __cfg80211_connect(rdev, dev, connect, connkeys);
733 wdev_unlock(dev->ieee80211_ptr);
734
735 return err;
736}
737
738int __cfg80211_disconnect(struct cfg80211_registered_device *rdev,
739 struct net_device *dev, u16 reason, bool wextev)
740{
741 struct wireless_dev *wdev = dev->ieee80211_ptr;
742 int err;
743
744 ASSERT_WDEV_LOCK(wdev);
745
746 if (wdev->sme_state == CFG80211_SME_IDLE)
747 return -EINVAL;
748
749 kfree(wdev->connect_keys);
750 wdev->connect_keys = NULL;
751
752 if (!rdev->ops->disconnect) {
753 if (!rdev->ops->deauth)
754 return -EOPNOTSUPP;
755
756 /* was it connected by userspace SME? */
757 if (!wdev->conn) {
758 cfg80211_mlme_down(rdev, dev);
759 return 0;
760 }
761
762 if (wdev->sme_state == CFG80211_SME_CONNECTING &&
763 (wdev->conn->state == CFG80211_CONN_SCANNING ||
764 wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)) {
765 wdev->sme_state = CFG80211_SME_IDLE;
766 kfree(wdev->conn);
767 wdev->conn = NULL;
768 return 0;
769 }
770
771 /* wdev->conn->params.bssid must be set if > SCANNING */
772 err = __cfg80211_mlme_deauth(rdev, dev,
773 wdev->conn->params.bssid,
774 NULL, 0, reason);
775 if (err)
776 return err;
777 } else {
778 err = rdev->ops->disconnect(&rdev->wiphy, dev, reason);
779 if (err)
780 return err;
781 }
782
783 if (wdev->sme_state == CFG80211_SME_CONNECTED)
784 __cfg80211_disconnected(dev, NULL, 0, 0, false);
785 else if (wdev->sme_state == CFG80211_SME_CONNECTING)
786 __cfg80211_connect_result(dev, NULL, NULL, 0, NULL, 0,
787 WLAN_STATUS_UNSPECIFIED_FAILURE,
788 wextev);
789
790 return 0;
791}
792
793int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
794 struct net_device *dev,
795 u16 reason, bool wextev)
796{
797 int err;
798
799 wdev_lock(dev->ieee80211_ptr);
800 err = __cfg80211_disconnect(rdev, dev, reason, wextev);
801 wdev_unlock(dev->ieee80211_ptr);
802
803 return err;
804}
805
806void cfg80211_sme_disassoc(struct net_device *dev, int idx)
807{
808 struct wireless_dev *wdev = dev->ieee80211_ptr;
809 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
810 u8 bssid[ETH_ALEN];
811
812 ASSERT_WDEV_LOCK(wdev);
813
814 if (!wdev->conn)
815 return;
816
817 if (wdev->conn->state == CFG80211_CONN_IDLE)
818 return;
819
820 /*
821 * Ok, so the association was made by this SME -- we don't
822 * want it any more so deauthenticate too.
823 */
824
825 if (!wdev->auth_bsses[idx])
826 return;
827
828 memcpy(bssid, wdev->auth_bsses[idx]->pub.bssid, ETH_ALEN);
829 if (__cfg80211_mlme_deauth(rdev, dev, bssid,
830 NULL, 0, WLAN_REASON_DEAUTH_LEAVING)) {
831 /* whatever -- assume gone anyway */
832 cfg80211_unhold_bss(wdev->auth_bsses[idx]);
833 cfg80211_put_bss(&wdev->auth_bsses[idx]->pub);
834 wdev->auth_bsses[idx] = NULL;
835 }
836}
diff --git a/net/wireless/util.c b/net/wireless/util.c
index 25550692dda6..ba387d85dcfd 100644
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -141,9 +141,12 @@ void ieee80211_set_bitrate_flags(struct wiphy *wiphy)
141 set_mandatory_flags_band(wiphy->bands[band], band); 141 set_mandatory_flags_band(wiphy->bands[band], band);
142} 142}
143 143
144int cfg80211_validate_key_settings(struct key_params *params, int key_idx, 144int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
145 struct key_params *params, int key_idx,
145 const u8 *mac_addr) 146 const u8 *mac_addr)
146{ 147{
148 int i;
149
147 if (key_idx > 5) 150 if (key_idx > 5)
148 return -EINVAL; 151 return -EINVAL;
149 152
@@ -197,6 +200,12 @@ int cfg80211_validate_key_settings(struct key_params *params, int key_idx,
197 } 200 }
198 } 201 }
199 202
203 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++)
204 if (params->cipher == rdev->wiphy.cipher_suites[i])
205 break;
206 if (i == rdev->wiphy.n_cipher_suites)
207 return -EINVAL;
208
200 return 0; 209 return 0;
201} 210}
202 211
@@ -502,3 +511,58 @@ unsigned int cfg80211_classify8021d(struct sk_buff *skb)
502 return dscp >> 5; 511 return dscp >> 5;
503} 512}
504EXPORT_SYMBOL(cfg80211_classify8021d); 513EXPORT_SYMBOL(cfg80211_classify8021d);
514
515const u8 *ieee80211_bss_get_ie(struct cfg80211_bss *bss, u8 ie)
516{
517 u8 *end, *pos;
518
519 pos = bss->information_elements;
520 if (pos == NULL)
521 return NULL;
522 end = pos + bss->len_information_elements;
523
524 while (pos + 1 < end) {
525 if (pos + 2 + pos[1] > end)
526 break;
527 if (pos[0] == ie)
528 return pos;
529 pos += 2 + pos[1];
530 }
531
532 return NULL;
533}
534EXPORT_SYMBOL(ieee80211_bss_get_ie);
535
536void cfg80211_upload_connect_keys(struct wireless_dev *wdev)
537{
538 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
539 struct net_device *dev = wdev->netdev;
540 int i;
541
542 if (!wdev->connect_keys)
543 return;
544
545 for (i = 0; i < 6; i++) {
546 if (!wdev->connect_keys->params[i].cipher)
547 continue;
548 if (rdev->ops->add_key(wdev->wiphy, dev, i, NULL,
549 &wdev->connect_keys->params[i])) {
550 printk(KERN_ERR "%s: failed to set key %d\n",
551 dev->name, i);
552 continue;
553 }
554 if (wdev->connect_keys->def == i)
555 if (rdev->ops->set_default_key(wdev->wiphy, dev, i)) {
556 printk(KERN_ERR "%s: failed to set defkey %d\n",
557 dev->name, i);
558 continue;
559 }
560 if (wdev->connect_keys->defmgmt == i)
561 if (rdev->ops->set_default_mgmt_key(wdev->wiphy, dev, i))
562 printk(KERN_ERR "%s: failed to set mgtdef %d\n",
563 dev->name, i);
564 }
565
566 kfree(wdev->connect_keys);
567 wdev->connect_keys = NULL;
568}
diff --git a/net/wireless/wext-compat.c b/net/wireless/wext-compat.c
index d030c5315672..c7351a98e660 100644
--- a/net/wireless/wext-compat.c
+++ b/net/wireless/wext-compat.c
@@ -103,7 +103,7 @@ int cfg80211_wext_siwmode(struct net_device *dev, struct iw_request_info *info,
103 103
104 memset(&vifparams, 0, sizeof(vifparams)); 104 memset(&vifparams, 0, sizeof(vifparams));
105 105
106 ret = rdev->ops->change_virtual_intf(wdev->wiphy, dev->ifindex, type, 106 ret = rdev->ops->change_virtual_intf(wdev->wiphy, dev, type,
107 NULL, &vifparams); 107 NULL, &vifparams);
108 WARN_ON(!ret && wdev->iftype != type); 108 WARN_ON(!ret && wdev->iftype != type);
109 109
@@ -154,7 +154,7 @@ int cfg80211_wext_giwrange(struct net_device *dev,
154 struct wireless_dev *wdev = dev->ieee80211_ptr; 154 struct wireless_dev *wdev = dev->ieee80211_ptr;
155 struct iw_range *range = (struct iw_range *) extra; 155 struct iw_range *range = (struct iw_range *) extra;
156 enum ieee80211_band band; 156 enum ieee80211_band band;
157 int c = 0; 157 int i, c = 0;
158 158
159 if (!wdev) 159 if (!wdev)
160 return -EOPNOTSUPP; 160 return -EOPNOTSUPP;
@@ -173,9 +173,6 @@ int cfg80211_wext_giwrange(struct net_device *dev,
173 range->min_frag = 256; 173 range->min_frag = 256;
174 range->max_frag = 2346; 174 range->max_frag = 2346;
175 175
176 range->encoding_size[0] = 5;
177 range->encoding_size[1] = 13;
178 range->num_encoding_sizes = 2;
179 range->max_encoding_tokens = 4; 176 range->max_encoding_tokens = 4;
180 177
181 range->max_qual.updated = IW_QUAL_NOISE_INVALID; 178 range->max_qual.updated = IW_QUAL_NOISE_INVALID;
@@ -204,11 +201,31 @@ int cfg80211_wext_giwrange(struct net_device *dev,
204 range->avg_qual.noise = range->max_qual.noise / 2; 201 range->avg_qual.noise = range->max_qual.noise / 2;
205 range->avg_qual.updated = range->max_qual.updated; 202 range->avg_qual.updated = range->max_qual.updated;
206 203
207 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 | 204 for (i = 0; i < wdev->wiphy->n_cipher_suites; i++) {
208 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP; 205 switch (wdev->wiphy->cipher_suites[i]) {
206 case WLAN_CIPHER_SUITE_TKIP:
207 range->enc_capa |= (IW_ENC_CAPA_CIPHER_TKIP |
208 IW_ENC_CAPA_WPA);
209 break;
210
211 case WLAN_CIPHER_SUITE_CCMP:
212 range->enc_capa |= (IW_ENC_CAPA_CIPHER_CCMP |
213 IW_ENC_CAPA_WPA2);
214 break;
215
216 case WLAN_CIPHER_SUITE_WEP40:
217 range->encoding_size[range->num_encoding_sizes++] =
218 WLAN_KEY_LEN_WEP40;
219 break;
220
221 case WLAN_CIPHER_SUITE_WEP104:
222 range->encoding_size[range->num_encoding_sizes++] =
223 WLAN_KEY_LEN_WEP104;
224 break;
225 }
226 }
209 227
210 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) { 228 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) {
211 int i;
212 struct ieee80211_supported_band *sband; 229 struct ieee80211_supported_band *sband;
213 230
214 sband = wdev->wiphy->bands[band]; 231 sband = wdev->wiphy->bands[band];
@@ -236,56 +253,13 @@ int cfg80211_wext_giwrange(struct net_device *dev,
236 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP); 253 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
237 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN); 254 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
238 255
239 range->scan_capa |= IW_SCAN_CAPA_ESSID; 256 if (wdev->wiphy->max_scan_ssids > 0)
257 range->scan_capa |= IW_SCAN_CAPA_ESSID;
240 258
241 return 0; 259 return 0;
242} 260}
243EXPORT_SYMBOL_GPL(cfg80211_wext_giwrange); 261EXPORT_SYMBOL_GPL(cfg80211_wext_giwrange);
244 262
245int cfg80211_wext_siwmlme(struct net_device *dev,
246 struct iw_request_info *info,
247 struct iw_point *data, char *extra)
248{
249 struct wireless_dev *wdev = dev->ieee80211_ptr;
250 struct iw_mlme *mlme = (struct iw_mlme *)extra;
251 struct cfg80211_registered_device *rdev;
252 union {
253 struct cfg80211_disassoc_request disassoc;
254 struct cfg80211_deauth_request deauth;
255 } cmd;
256
257 if (!wdev)
258 return -EOPNOTSUPP;
259
260 rdev = wiphy_to_dev(wdev->wiphy);
261
262 if (wdev->iftype != NL80211_IFTYPE_STATION)
263 return -EINVAL;
264
265 if (mlme->addr.sa_family != ARPHRD_ETHER)
266 return -EINVAL;
267
268 memset(&cmd, 0, sizeof(cmd));
269
270 switch (mlme->cmd) {
271 case IW_MLME_DEAUTH:
272 if (!rdev->ops->deauth)
273 return -EOPNOTSUPP;
274 cmd.deauth.peer_addr = mlme->addr.sa_data;
275 cmd.deauth.reason_code = mlme->reason_code;
276 return rdev->ops->deauth(wdev->wiphy, dev, &cmd.deauth);
277 case IW_MLME_DISASSOC:
278 if (!rdev->ops->disassoc)
279 return -EOPNOTSUPP;
280 cmd.disassoc.peer_addr = mlme->addr.sa_data;
281 cmd.disassoc.reason_code = mlme->reason_code;
282 return rdev->ops->disassoc(wdev->wiphy, dev, &cmd.disassoc);
283 default:
284 return -EOPNOTSUPP;
285 }
286}
287EXPORT_SYMBOL_GPL(cfg80211_wext_siwmlme);
288
289 263
290/** 264/**
291 * cfg80211_wext_freq - get wext frequency for non-"auto" 265 * cfg80211_wext_freq - get wext frequency for non-"auto"
@@ -479,15 +453,32 @@ int cfg80211_wext_giwretry(struct net_device *dev,
479} 453}
480EXPORT_SYMBOL_GPL(cfg80211_wext_giwretry); 454EXPORT_SYMBOL_GPL(cfg80211_wext_giwretry);
481 455
482static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev, 456static int __cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
483 struct net_device *dev, const u8 *addr, 457 struct net_device *dev, const u8 *addr,
484 bool remove, bool tx_key, int idx, 458 bool remove, bool tx_key, int idx,
485 struct key_params *params) 459 struct key_params *params)
486{ 460{
487 struct wireless_dev *wdev = dev->ieee80211_ptr; 461 struct wireless_dev *wdev = dev->ieee80211_ptr;
488 int err; 462 int err, i;
463
464 if (!wdev->wext.keys) {
465 wdev->wext.keys = kzalloc(sizeof(*wdev->wext.keys),
466 GFP_KERNEL);
467 if (!wdev->wext.keys)
468 return -ENOMEM;
469 for (i = 0; i < 6; i++)
470 wdev->wext.keys->params[i].key =
471 wdev->wext.keys->data[i];
472 }
473
474 if (wdev->iftype != NL80211_IFTYPE_ADHOC &&
475 wdev->iftype != NL80211_IFTYPE_STATION)
476 return -EOPNOTSUPP;
489 477
490 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC) { 478 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
479 if (!wdev->current_bss)
480 return -ENOLINK;
481
491 if (!rdev->ops->set_default_mgmt_key) 482 if (!rdev->ops->set_default_mgmt_key)
492 return -EOPNOTSUPP; 483 return -EOPNOTSUPP;
493 484
@@ -497,8 +488,14 @@ static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
497 return -EINVAL; 488 return -EINVAL;
498 489
499 if (remove) { 490 if (remove) {
500 err = rdev->ops->del_key(&rdev->wiphy, dev, idx, addr); 491 err = 0;
492 if (wdev->current_bss)
493 err = rdev->ops->del_key(&rdev->wiphy, dev, idx, addr);
501 if (!err) { 494 if (!err) {
495 if (!addr) {
496 wdev->wext.keys->params[idx].key_len = 0;
497 wdev->wext.keys->params[idx].cipher = 0;
498 }
502 if (idx == wdev->wext.default_key) 499 if (idx == wdev->wext.default_key)
503 wdev->wext.default_key = -1; 500 wdev->wext.default_key = -1;
504 else if (idx == wdev->wext.default_mgmt_key) 501 else if (idx == wdev->wext.default_mgmt_key)
@@ -512,36 +509,65 @@ static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
512 return 0; 509 return 0;
513 510
514 return err; 511 return err;
515 } else { 512 }
516 if (addr)
517 tx_key = false;
518 513
519 if (cfg80211_validate_key_settings(params, idx, addr)) 514 if (addr)
520 return -EINVAL; 515 tx_key = false;
521 516
517 if (cfg80211_validate_key_settings(rdev, params, idx, addr))
518 return -EINVAL;
519
520 err = 0;
521 if (wdev->current_bss)
522 err = rdev->ops->add_key(&rdev->wiphy, dev, idx, addr, params); 522 err = rdev->ops->add_key(&rdev->wiphy, dev, idx, addr, params);
523 if (err) 523 if (err)
524 return err; 524 return err;
525
526 if (!addr) {
527 wdev->wext.keys->params[idx] = *params;
528 memcpy(wdev->wext.keys->data[idx],
529 params->key, params->key_len);
530 wdev->wext.keys->params[idx].key =
531 wdev->wext.keys->data[idx];
532 }
525 533
526 if (tx_key || (!addr && wdev->wext.default_key == -1)) { 534 if ((params->cipher == WLAN_CIPHER_SUITE_WEP40 ||
535 params->cipher == WLAN_CIPHER_SUITE_WEP104) &&
536 (tx_key || (!addr && wdev->wext.default_key == -1))) {
537 if (wdev->current_bss)
527 err = rdev->ops->set_default_key(&rdev->wiphy, 538 err = rdev->ops->set_default_key(&rdev->wiphy,
528 dev, idx); 539 dev, idx);
529 if (!err) 540 if (!err)
530 wdev->wext.default_key = idx; 541 wdev->wext.default_key = idx;
531 return err; 542 return err;
532 } 543 }
533 544
534 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC && 545 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC &&
535 (tx_key || (!addr && wdev->wext.default_mgmt_key == -1))) { 546 (tx_key || (!addr && wdev->wext.default_mgmt_key == -1))) {
547 if (wdev->current_bss)
536 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 548 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy,
537 dev, idx); 549 dev, idx);
538 if (!err) 550 if (!err)
539 wdev->wext.default_mgmt_key = idx; 551 wdev->wext.default_mgmt_key = idx;
540 return err; 552 return err;
541 }
542
543 return 0;
544 } 553 }
554
555 return 0;
556}
557
558static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
559 struct net_device *dev, const u8 *addr,
560 bool remove, bool tx_key, int idx,
561 struct key_params *params)
562{
563 int err;
564
565 wdev_lock(dev->ieee80211_ptr);
566 err = __cfg80211_set_encryption(rdev, dev, addr, remove,
567 tx_key, idx, params);
568 wdev_unlock(dev->ieee80211_ptr);
569
570 return err;
545} 571}
546 572
547int cfg80211_wext_siwencode(struct net_device *dev, 573int cfg80211_wext_siwencode(struct net_device *dev,
@@ -554,6 +580,10 @@ int cfg80211_wext_siwencode(struct net_device *dev,
554 bool remove = false; 580 bool remove = false;
555 struct key_params params; 581 struct key_params params;
556 582
583 if (wdev->iftype != NL80211_IFTYPE_STATION &&
584 wdev->iftype != NL80211_IFTYPE_ADHOC)
585 return -EOPNOTSUPP;
586
557 /* no use -- only MFP (set_default_mgmt_key) is optional */ 587 /* no use -- only MFP (set_default_mgmt_key) is optional */
558 if (!rdev->ops->del_key || 588 if (!rdev->ops->del_key ||
559 !rdev->ops->add_key || 589 !rdev->ops->add_key ||
@@ -574,9 +604,14 @@ int cfg80211_wext_siwencode(struct net_device *dev,
574 remove = true; 604 remove = true;
575 else if (erq->length == 0) { 605 else if (erq->length == 0) {
576 /* No key data - just set the default TX key index */ 606 /* No key data - just set the default TX key index */
577 err = rdev->ops->set_default_key(&rdev->wiphy, dev, idx); 607 err = 0;
608 wdev_lock(wdev);
609 if (wdev->current_bss)
610 err = rdev->ops->set_default_key(&rdev->wiphy,
611 dev, idx);
578 if (!err) 612 if (!err)
579 wdev->wext.default_key = idx; 613 wdev->wext.default_key = idx;
614 wdev_unlock(wdev);
580 return err; 615 return err;
581 } 616 }
582 617
@@ -609,6 +644,10 @@ int cfg80211_wext_siwencodeext(struct net_device *dev,
609 struct key_params params; 644 struct key_params params;
610 u32 cipher; 645 u32 cipher;
611 646
647 if (wdev->iftype != NL80211_IFTYPE_STATION &&
648 wdev->iftype != NL80211_IFTYPE_ADHOC)
649 return -EOPNOTSUPP;
650
612 /* no use -- only MFP (set_default_mgmt_key) is optional */ 651 /* no use -- only MFP (set_default_mgmt_key) is optional */
613 if (!rdev->ops->del_key || 652 if (!rdev->ops->del_key ||
614 !rdev->ops->add_key || 653 !rdev->ops->add_key ||
@@ -682,37 +721,15 @@ int cfg80211_wext_siwencodeext(struct net_device *dev,
682} 721}
683EXPORT_SYMBOL_GPL(cfg80211_wext_siwencodeext); 722EXPORT_SYMBOL_GPL(cfg80211_wext_siwencodeext);
684 723
685struct giwencode_cookie {
686 size_t buflen;
687 char *keybuf;
688};
689
690static void giwencode_get_key_cb(void *cookie, struct key_params *params)
691{
692 struct giwencode_cookie *data = cookie;
693
694 if (!params->key) {
695 data->buflen = 0;
696 return;
697 }
698
699 data->buflen = min_t(size_t, data->buflen, params->key_len);
700 memcpy(data->keybuf, params->key, data->buflen);
701}
702
703int cfg80211_wext_giwencode(struct net_device *dev, 724int cfg80211_wext_giwencode(struct net_device *dev,
704 struct iw_request_info *info, 725 struct iw_request_info *info,
705 struct iw_point *erq, char *keybuf) 726 struct iw_point *erq, char *keybuf)
706{ 727{
707 struct wireless_dev *wdev = dev->ieee80211_ptr; 728 struct wireless_dev *wdev = dev->ieee80211_ptr;
708 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 729 int idx;
709 int idx, err;
710 struct giwencode_cookie data = {
711 .keybuf = keybuf,
712 .buflen = erq->length,
713 };
714 730
715 if (!rdev->ops->get_key) 731 if (wdev->iftype != NL80211_IFTYPE_STATION &&
732 wdev->iftype != NL80211_IFTYPE_ADHOC)
716 return -EOPNOTSUPP; 733 return -EOPNOTSUPP;
717 734
718 idx = erq->flags & IW_ENCODE_INDEX; 735 idx = erq->flags & IW_ENCODE_INDEX;
@@ -727,21 +744,18 @@ int cfg80211_wext_giwencode(struct net_device *dev,
727 744
728 erq->flags = idx + 1; 745 erq->flags = idx + 1;
729 746
730 err = rdev->ops->get_key(&rdev->wiphy, dev, idx, NULL, &data, 747 if (!wdev->wext.keys || !wdev->wext.keys->params[idx].cipher) {
731 giwencode_get_key_cb);
732 if (!err) {
733 erq->length = data.buflen;
734 erq->flags |= IW_ENCODE_ENABLED;
735 return 0;
736 }
737
738 if (err == -ENOENT) {
739 erq->flags |= IW_ENCODE_DISABLED; 748 erq->flags |= IW_ENCODE_DISABLED;
740 erq->length = 0; 749 erq->length = 0;
741 return 0; 750 return 0;
742 } 751 }
743 752
744 return err; 753 erq->length = min_t(size_t, erq->length,
754 wdev->wext.keys->params[idx].key_len);
755 memcpy(keybuf, wdev->wext.keys->params[idx].key, erq->length);
756 erq->flags |= IW_ENCODE_ENABLED;
757
758 return 0;
745} 759}
746EXPORT_SYMBOL_GPL(cfg80211_wext_giwencode); 760EXPORT_SYMBOL_GPL(cfg80211_wext_giwencode);
747 761
@@ -827,3 +841,437 @@ int cfg80211_wext_giwtxpower(struct net_device *dev,
827 return 0; 841 return 0;
828} 842}
829EXPORT_SYMBOL_GPL(cfg80211_wext_giwtxpower); 843EXPORT_SYMBOL_GPL(cfg80211_wext_giwtxpower);
844
845static int cfg80211_set_auth_alg(struct wireless_dev *wdev,
846 s32 auth_alg)
847{
848 int nr_alg = 0;
849
850 if (!auth_alg)
851 return -EINVAL;
852
853 if (auth_alg & ~(IW_AUTH_ALG_OPEN_SYSTEM |
854 IW_AUTH_ALG_SHARED_KEY |
855 IW_AUTH_ALG_LEAP))
856 return -EINVAL;
857
858 if (auth_alg & IW_AUTH_ALG_OPEN_SYSTEM) {
859 nr_alg++;
860 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_OPEN_SYSTEM;
861 }
862
863 if (auth_alg & IW_AUTH_ALG_SHARED_KEY) {
864 nr_alg++;
865 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_SHARED_KEY;
866 }
867
868 if (auth_alg & IW_AUTH_ALG_LEAP) {
869 nr_alg++;
870 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_NETWORK_EAP;
871 }
872
873 if (nr_alg > 1)
874 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
875
876 return 0;
877}
878
879static int cfg80211_set_wpa_version(struct wireless_dev *wdev, u32 wpa_versions)
880{
881 wdev->wext.connect.crypto.wpa_versions = 0;
882
883 if (wpa_versions & ~(IW_AUTH_WPA_VERSION_WPA |
884 IW_AUTH_WPA_VERSION_WPA2|
885 IW_AUTH_WPA_VERSION_DISABLED))
886 return -EINVAL;
887
888 if ((wpa_versions & IW_AUTH_WPA_VERSION_DISABLED) &&
889 (wpa_versions & (IW_AUTH_WPA_VERSION_WPA|
890 IW_AUTH_WPA_VERSION_WPA2)))
891 return -EINVAL;
892
893 if (wpa_versions & IW_AUTH_WPA_VERSION_DISABLED)
894 wdev->wext.connect.crypto.wpa_versions &=
895 ~(NL80211_WPA_VERSION_1|NL80211_WPA_VERSION_2);
896
897 if (wpa_versions & IW_AUTH_WPA_VERSION_WPA)
898 wdev->wext.connect.crypto.wpa_versions |=
899 NL80211_WPA_VERSION_1;
900
901 if (wpa_versions & IW_AUTH_WPA_VERSION_WPA2)
902 wdev->wext.connect.crypto.wpa_versions |=
903 NL80211_WPA_VERSION_2;
904
905 return 0;
906}
907
908static int cfg80211_set_cipher_group(struct wireless_dev *wdev, u32 cipher)
909{
910 wdev->wext.connect.crypto.cipher_group = 0;
911
912 if (cipher & IW_AUTH_CIPHER_WEP40)
913 wdev->wext.connect.crypto.cipher_group =
914 WLAN_CIPHER_SUITE_WEP40;
915 else if (cipher & IW_AUTH_CIPHER_WEP104)
916 wdev->wext.connect.crypto.cipher_group =
917 WLAN_CIPHER_SUITE_WEP104;
918 else if (cipher & IW_AUTH_CIPHER_TKIP)
919 wdev->wext.connect.crypto.cipher_group =
920 WLAN_CIPHER_SUITE_TKIP;
921 else if (cipher & IW_AUTH_CIPHER_CCMP)
922 wdev->wext.connect.crypto.cipher_group =
923 WLAN_CIPHER_SUITE_CCMP;
924 else if (cipher & IW_AUTH_CIPHER_AES_CMAC)
925 wdev->wext.connect.crypto.cipher_group =
926 WLAN_CIPHER_SUITE_AES_CMAC;
927 else
928 return -EINVAL;
929
930 return 0;
931}
932
933static int cfg80211_set_cipher_pairwise(struct wireless_dev *wdev, u32 cipher)
934{
935 int nr_ciphers = 0;
936 u32 *ciphers_pairwise = wdev->wext.connect.crypto.ciphers_pairwise;
937
938 if (cipher & IW_AUTH_CIPHER_WEP40) {
939 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_WEP40;
940 nr_ciphers++;
941 }
942
943 if (cipher & IW_AUTH_CIPHER_WEP104) {
944 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_WEP104;
945 nr_ciphers++;
946 }
947
948 if (cipher & IW_AUTH_CIPHER_TKIP) {
949 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_TKIP;
950 nr_ciphers++;
951 }
952
953 if (cipher & IW_AUTH_CIPHER_CCMP) {
954 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_CCMP;
955 nr_ciphers++;
956 }
957
958 if (cipher & IW_AUTH_CIPHER_AES_CMAC) {
959 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_AES_CMAC;
960 nr_ciphers++;
961 }
962
963 BUILD_BUG_ON(NL80211_MAX_NR_CIPHER_SUITES < 5);
964
965 wdev->wext.connect.crypto.n_ciphers_pairwise = nr_ciphers;
966
967 return 0;
968}
969
970
971static int cfg80211_set_key_mgt(struct wireless_dev *wdev, u32 key_mgt)
972{
973 int nr_akm_suites = 0;
974
975 if (key_mgt & ~(IW_AUTH_KEY_MGMT_802_1X |
976 IW_AUTH_KEY_MGMT_PSK))
977 return -EINVAL;
978
979 if (key_mgt & IW_AUTH_KEY_MGMT_802_1X) {
980 wdev->wext.connect.crypto.akm_suites[nr_akm_suites] =
981 WLAN_AKM_SUITE_8021X;
982 nr_akm_suites++;
983 }
984
985 if (key_mgt & IW_AUTH_KEY_MGMT_PSK) {
986 wdev->wext.connect.crypto.akm_suites[nr_akm_suites] =
987 WLAN_AKM_SUITE_PSK;
988 nr_akm_suites++;
989 }
990
991 wdev->wext.connect.crypto.n_akm_suites = nr_akm_suites;
992
993 return 0;
994}
995
996int cfg80211_wext_siwauth(struct net_device *dev,
997 struct iw_request_info *info,
998 struct iw_param *data, char *extra)
999{
1000 struct wireless_dev *wdev = dev->ieee80211_ptr;
1001
1002 if (wdev->iftype != NL80211_IFTYPE_STATION)
1003 return -EOPNOTSUPP;
1004
1005 switch (data->flags & IW_AUTH_INDEX) {
1006 case IW_AUTH_PRIVACY_INVOKED:
1007 wdev->wext.connect.privacy = data->value;
1008 return 0;
1009 case IW_AUTH_WPA_VERSION:
1010 return cfg80211_set_wpa_version(wdev, data->value);
1011 case IW_AUTH_CIPHER_GROUP:
1012 return cfg80211_set_cipher_group(wdev, data->value);
1013 case IW_AUTH_KEY_MGMT:
1014 return cfg80211_set_key_mgt(wdev, data->value);
1015 case IW_AUTH_CIPHER_PAIRWISE:
1016 return cfg80211_set_cipher_pairwise(wdev, data->value);
1017 case IW_AUTH_80211_AUTH_ALG:
1018 return cfg80211_set_auth_alg(wdev, data->value);
1019 case IW_AUTH_WPA_ENABLED:
1020 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1021 case IW_AUTH_DROP_UNENCRYPTED:
1022 case IW_AUTH_MFP:
1023 return 0;
1024 default:
1025 return -EOPNOTSUPP;
1026 }
1027}
1028EXPORT_SYMBOL_GPL(cfg80211_wext_siwauth);
1029
1030int cfg80211_wext_giwauth(struct net_device *dev,
1031 struct iw_request_info *info,
1032 struct iw_param *data, char *extra)
1033{
1034 /* XXX: what do we need? */
1035
1036 return -EOPNOTSUPP;
1037}
1038EXPORT_SYMBOL_GPL(cfg80211_wext_giwauth);
1039
1040int cfg80211_wext_siwpower(struct net_device *dev,
1041 struct iw_request_info *info,
1042 struct iw_param *wrq, char *extra)
1043{
1044 struct wireless_dev *wdev = dev->ieee80211_ptr;
1045 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1046 bool ps = wdev->wext.ps;
1047 int timeout = wdev->wext.ps_timeout;
1048 int err;
1049
1050 if (wdev->iftype != NL80211_IFTYPE_STATION)
1051 return -EINVAL;
1052
1053 if (!rdev->ops->set_power_mgmt)
1054 return -EOPNOTSUPP;
1055
1056 if (wrq->disabled) {
1057 ps = false;
1058 } else {
1059 switch (wrq->flags & IW_POWER_MODE) {
1060 case IW_POWER_ON: /* If not specified */
1061 case IW_POWER_MODE: /* If set all mask */
1062 case IW_POWER_ALL_R: /* If explicitely state all */
1063 ps = true;
1064 break;
1065 default: /* Otherwise we ignore */
1066 return -EINVAL;
1067 }
1068
1069 if (wrq->flags & ~(IW_POWER_MODE | IW_POWER_TIMEOUT))
1070 return -EINVAL;
1071
1072 if (wrq->flags & IW_POWER_TIMEOUT)
1073 timeout = wrq->value / 1000;
1074 }
1075
1076 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, ps, timeout);
1077 if (err)
1078 return err;
1079
1080 wdev->wext.ps = ps;
1081 wdev->wext.ps_timeout = timeout;
1082
1083 return 0;
1084
1085}
1086EXPORT_SYMBOL_GPL(cfg80211_wext_siwpower);
1087
1088int cfg80211_wext_giwpower(struct net_device *dev,
1089 struct iw_request_info *info,
1090 struct iw_param *wrq, char *extra)
1091{
1092 struct wireless_dev *wdev = dev->ieee80211_ptr;
1093
1094 wrq->disabled = !wdev->wext.ps;
1095
1096 return 0;
1097}
1098EXPORT_SYMBOL_GPL(cfg80211_wext_giwpower);
1099
1100int cfg80211_wds_wext_siwap(struct net_device *dev,
1101 struct iw_request_info *info,
1102 struct sockaddr *addr, char *extra)
1103{
1104 struct wireless_dev *wdev = dev->ieee80211_ptr;
1105 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1106 int err;
1107
1108 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_WDS))
1109 return -EINVAL;
1110
1111 if (addr->sa_family != ARPHRD_ETHER)
1112 return -EINVAL;
1113
1114 if (netif_running(dev))
1115 return -EBUSY;
1116
1117 if (!rdev->ops->set_wds_peer)
1118 return -EOPNOTSUPP;
1119
1120 err = rdev->ops->set_wds_peer(wdev->wiphy, dev, (u8 *) &addr->sa_data);
1121 if (err)
1122 return err;
1123
1124 memcpy(&wdev->wext.bssid, (u8 *) &addr->sa_data, ETH_ALEN);
1125
1126 return 0;
1127}
1128EXPORT_SYMBOL_GPL(cfg80211_wds_wext_siwap);
1129
1130int cfg80211_wds_wext_giwap(struct net_device *dev,
1131 struct iw_request_info *info,
1132 struct sockaddr *addr, char *extra)
1133{
1134 struct wireless_dev *wdev = dev->ieee80211_ptr;
1135
1136 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_WDS))
1137 return -EINVAL;
1138
1139 addr->sa_family = ARPHRD_ETHER;
1140 memcpy(&addr->sa_data, wdev->wext.bssid, ETH_ALEN);
1141
1142 return 0;
1143}
1144EXPORT_SYMBOL_GPL(cfg80211_wds_wext_giwap);
1145
1146int cfg80211_wext_siwrate(struct net_device *dev,
1147 struct iw_request_info *info,
1148 struct iw_param *rate, char *extra)
1149{
1150 struct wireless_dev *wdev = dev->ieee80211_ptr;
1151 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1152 struct cfg80211_bitrate_mask mask;
1153
1154 if (!rdev->ops->set_bitrate_mask)
1155 return -EOPNOTSUPP;
1156
1157 mask.fixed = 0;
1158 mask.maxrate = 0;
1159
1160 if (rate->value < 0) {
1161 /* nothing */
1162 } else if (rate->fixed) {
1163 mask.fixed = rate->value / 1000; /* kbps */
1164 } else {
1165 mask.maxrate = rate->value / 1000; /* kbps */
1166 }
1167
1168 return rdev->ops->set_bitrate_mask(wdev->wiphy, dev, NULL, &mask);
1169}
1170EXPORT_SYMBOL_GPL(cfg80211_wext_siwrate);
1171
1172int cfg80211_wext_giwrate(struct net_device *dev,
1173 struct iw_request_info *info,
1174 struct iw_param *rate, char *extra)
1175{
1176 struct wireless_dev *wdev = dev->ieee80211_ptr;
1177 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1178 /* we are under RTNL - globally locked - so can use a static struct */
1179 static struct station_info sinfo;
1180 u8 addr[ETH_ALEN];
1181 int err;
1182
1183 if (wdev->iftype != NL80211_IFTYPE_STATION)
1184 return -EOPNOTSUPP;
1185
1186 if (!rdev->ops->get_station)
1187 return -EOPNOTSUPP;
1188
1189 err = 0;
1190 wdev_lock(wdev);
1191 if (wdev->current_bss)
1192 memcpy(addr, wdev->current_bss->pub.bssid, ETH_ALEN);
1193 else
1194 err = -EOPNOTSUPP;
1195 wdev_unlock(wdev);
1196 if (err)
1197 return err;
1198
1199 err = rdev->ops->get_station(&rdev->wiphy, dev, addr, &sinfo);
1200 if (err)
1201 return err;
1202
1203 if (!(sinfo.filled & STATION_INFO_TX_BITRATE))
1204 return -EOPNOTSUPP;
1205
1206 rate->value = 0;
1207
1208 if (!(sinfo.txrate.flags & RATE_INFO_FLAGS_MCS))
1209 rate->value = 100000 * sinfo.txrate.legacy;
1210
1211 return 0;
1212}
1213EXPORT_SYMBOL_GPL(cfg80211_wext_giwrate);
1214
1215/* Get wireless statistics. Called by /proc/net/wireless and by SIOCGIWSTATS */
1216struct iw_statistics *cfg80211_wireless_stats(struct net_device *dev)
1217{
1218 struct wireless_dev *wdev = dev->ieee80211_ptr;
1219 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1220 /* we are under RTNL - globally locked - so can use static structs */
1221 static struct iw_statistics wstats;
1222 static struct station_info sinfo;
1223 u8 bssid[ETH_ALEN];
1224
1225 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION)
1226 return NULL;
1227
1228 if (!rdev->ops->get_station)
1229 return NULL;
1230
1231 /* Grab BSSID of current BSS, if any */
1232 wdev_lock(wdev);
1233 if (!wdev->current_bss) {
1234 wdev_unlock(wdev);
1235 return NULL;
1236 }
1237 memcpy(bssid, wdev->current_bss->pub.bssid, ETH_ALEN);
1238 wdev_unlock(wdev);
1239
1240 if (rdev->ops->get_station(&rdev->wiphy, dev, bssid, &sinfo))
1241 return NULL;
1242
1243 memset(&wstats, 0, sizeof(wstats));
1244
1245 switch (rdev->wiphy.signal_type) {
1246 case CFG80211_SIGNAL_TYPE_MBM:
1247 if (sinfo.filled & STATION_INFO_SIGNAL) {
1248 int sig = sinfo.signal;
1249 wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
1250 wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
1251 wstats.qual.updated |= IW_QUAL_DBM;
1252 wstats.qual.level = sig;
1253 if (sig < -110)
1254 sig = -110;
1255 else if (sig > -40)
1256 sig = -40;
1257 wstats.qual.qual = sig + 110;
1258 break;
1259 }
1260 case CFG80211_SIGNAL_TYPE_UNSPEC:
1261 if (sinfo.filled & STATION_INFO_SIGNAL) {
1262 wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
1263 wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
1264 wstats.qual.level = sinfo.signal;
1265 wstats.qual.qual = sinfo.signal;
1266 break;
1267 }
1268 default:
1269 wstats.qual.updated |= IW_QUAL_LEVEL_INVALID;
1270 wstats.qual.updated |= IW_QUAL_QUAL_INVALID;
1271 }
1272
1273 wstats.qual.updated |= IW_QUAL_NOISE_INVALID;
1274
1275 return &wstats;
1276}
1277EXPORT_SYMBOL_GPL(cfg80211_wireless_stats);
diff --git a/net/wireless/wext-sme.c b/net/wireless/wext-sme.c
new file mode 100644
index 000000000000..4c689fd865b0
--- /dev/null
+++ b/net/wireless/wext-sme.c
@@ -0,0 +1,394 @@
1/*
2 * cfg80211 wext compat for managed mode.
3 *
4 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright (C) 2009 Intel Corporation. All rights reserved.
6 */
7
8#include <linux/etherdevice.h>
9#include <linux/if_arp.h>
10#include <net/cfg80211.h>
11#include "nl80211.h"
12
13int cfg80211_mgd_wext_connect(struct cfg80211_registered_device *rdev,
14 struct wireless_dev *wdev)
15{
16 struct cfg80211_cached_keys *ck = NULL;
17 int err, i;
18
19 ASSERT_RDEV_LOCK(rdev);
20 ASSERT_WDEV_LOCK(wdev);
21
22 if (!netif_running(wdev->netdev))
23 return 0;
24
25 wdev->wext.connect.ie = wdev->wext.ie;
26 wdev->wext.connect.ie_len = wdev->wext.ie_len;
27 wdev->wext.connect.privacy = wdev->wext.default_key != -1;
28
29 if (wdev->wext.keys) {
30 wdev->wext.keys->def = wdev->wext.default_key;
31 wdev->wext.keys->defmgmt = wdev->wext.default_mgmt_key;
32 }
33
34 if (!wdev->wext.connect.ssid_len)
35 return 0;
36
37 if (wdev->wext.keys) {
38 ck = kmemdup(wdev->wext.keys, sizeof(*ck), GFP_KERNEL);
39 if (!ck)
40 return -ENOMEM;
41 for (i = 0; i < 6; i++)
42 ck->params[i].key = ck->data[i];
43 }
44 err = __cfg80211_connect(rdev, wdev->netdev,
45 &wdev->wext.connect, ck);
46 if (err)
47 kfree(ck);
48
49 return err;
50}
51
52int cfg80211_mgd_wext_siwfreq(struct net_device *dev,
53 struct iw_request_info *info,
54 struct iw_freq *freq, char *extra)
55{
56 struct wireless_dev *wdev = dev->ieee80211_ptr;
57 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
58 struct ieee80211_channel *chan;
59 int err;
60
61 /* call only for station! */
62 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
63 return -EINVAL;
64
65 chan = cfg80211_wext_freq(wdev->wiphy, freq);
66 if (chan && IS_ERR(chan))
67 return PTR_ERR(chan);
68
69 if (chan && (chan->flags & IEEE80211_CHAN_DISABLED))
70 return -EINVAL;
71
72 cfg80211_lock_rdev(rdev);
73 wdev_lock(wdev);
74
75 if (wdev->sme_state != CFG80211_SME_IDLE) {
76 bool event = true;
77
78 if (wdev->wext.connect.channel == chan) {
79 err = 0;
80 goto out;
81 }
82
83 /* if SSID set, we'll try right again, avoid event */
84 if (wdev->wext.connect.ssid_len)
85 event = false;
86 err = __cfg80211_disconnect(wiphy_to_dev(wdev->wiphy),
87 dev, WLAN_REASON_DEAUTH_LEAVING,
88 event);
89 if (err)
90 goto out;
91 }
92
93
94 wdev->wext.connect.channel = chan;
95
96 /* SSID is not set, we just want to switch channel */
97 if (wdev->wext.connect.ssid_len && chan) {
98 err = -EOPNOTSUPP;
99 if (rdev->ops->set_channel)
100 err = rdev->ops->set_channel(wdev->wiphy, chan,
101 NL80211_CHAN_NO_HT);
102 goto out;
103 }
104
105 err = cfg80211_mgd_wext_connect(wiphy_to_dev(wdev->wiphy), wdev);
106 out:
107 wdev_unlock(wdev);
108 cfg80211_unlock_rdev(rdev);
109 return err;
110}
111/* temporary symbol - mark GPL - in the future the handler won't be */
112EXPORT_SYMBOL_GPL(cfg80211_mgd_wext_siwfreq);
113
114int cfg80211_mgd_wext_giwfreq(struct net_device *dev,
115 struct iw_request_info *info,
116 struct iw_freq *freq, char *extra)
117{
118 struct wireless_dev *wdev = dev->ieee80211_ptr;
119 struct ieee80211_channel *chan = NULL;
120
121 /* call only for station! */
122 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
123 return -EINVAL;
124
125 wdev_lock(wdev);
126 if (wdev->current_bss)
127 chan = wdev->current_bss->pub.channel;
128 else if (wdev->wext.connect.channel)
129 chan = wdev->wext.connect.channel;
130 wdev_unlock(wdev);
131
132 if (chan) {
133 freq->m = chan->center_freq;
134 freq->e = 6;
135 return 0;
136 }
137
138 /* no channel if not joining */
139 return -EINVAL;
140}
141/* temporary symbol - mark GPL - in the future the handler won't be */
142EXPORT_SYMBOL_GPL(cfg80211_mgd_wext_giwfreq);
143
144int cfg80211_mgd_wext_siwessid(struct net_device *dev,
145 struct iw_request_info *info,
146 struct iw_point *data, char *ssid)
147{
148 struct wireless_dev *wdev = dev->ieee80211_ptr;
149 size_t len = data->length;
150 int err;
151
152 /* call only for station! */
153 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
154 return -EINVAL;
155
156 if (!data->flags)
157 len = 0;
158
159 /* iwconfig uses nul termination in SSID.. */
160 if (len > 0 && ssid[len - 1] == '\0')
161 len--;
162
163 cfg80211_lock_rdev(wiphy_to_dev(wdev->wiphy));
164 wdev_lock(wdev);
165
166 err = 0;
167
168 if (wdev->sme_state != CFG80211_SME_IDLE) {
169 bool event = true;
170
171 if (wdev->wext.connect.ssid && len &&
172 len == wdev->wext.connect.ssid_len &&
173 memcmp(wdev->wext.connect.ssid, ssid, len) == 0)
174 goto out;
175
176 /* if SSID set now, we'll try to connect, avoid event */
177 if (len)
178 event = false;
179 err = __cfg80211_disconnect(wiphy_to_dev(wdev->wiphy),
180 dev, WLAN_REASON_DEAUTH_LEAVING,
181 event);
182 if (err)
183 goto out;
184 }
185
186 wdev->wext.connect.ssid = wdev->wext.ssid;
187 memcpy(wdev->wext.ssid, ssid, len);
188 wdev->wext.connect.ssid_len = len;
189
190 wdev->wext.connect.crypto.control_port = false;
191
192 err = cfg80211_mgd_wext_connect(wiphy_to_dev(wdev->wiphy), wdev);
193 out:
194 wdev_unlock(wdev);
195 cfg80211_unlock_rdev(wiphy_to_dev(wdev->wiphy));
196 return err;
197}
198/* temporary symbol - mark GPL - in the future the handler won't be */
199EXPORT_SYMBOL_GPL(cfg80211_mgd_wext_siwessid);
200
201int cfg80211_mgd_wext_giwessid(struct net_device *dev,
202 struct iw_request_info *info,
203 struct iw_point *data, char *ssid)
204{
205 struct wireless_dev *wdev = dev->ieee80211_ptr;
206
207 /* call only for station! */
208 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
209 return -EINVAL;
210
211 data->flags = 0;
212
213 wdev_lock(wdev);
214 if (wdev->wext.connect.ssid && wdev->wext.connect.ssid_len) {
215 data->flags = 1;
216 data->length = wdev->wext.connect.ssid_len;
217 memcpy(ssid, wdev->wext.connect.ssid, data->length);
218 } else
219 data->flags = 0;
220 wdev_unlock(wdev);
221
222 return 0;
223}
224/* temporary symbol - mark GPL - in the future the handler won't be */
225EXPORT_SYMBOL_GPL(cfg80211_mgd_wext_giwessid);
226
227int cfg80211_mgd_wext_siwap(struct net_device *dev,
228 struct iw_request_info *info,
229 struct sockaddr *ap_addr, char *extra)
230{
231 struct wireless_dev *wdev = dev->ieee80211_ptr;
232 u8 *bssid = ap_addr->sa_data;
233 int err;
234
235 /* call only for station! */
236 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
237 return -EINVAL;
238
239 if (ap_addr->sa_family != ARPHRD_ETHER)
240 return -EINVAL;
241
242 /* automatic mode */
243 if (is_zero_ether_addr(bssid) || is_broadcast_ether_addr(bssid))
244 bssid = NULL;
245
246 cfg80211_lock_rdev(wiphy_to_dev(wdev->wiphy));
247 wdev_lock(wdev);
248
249 if (wdev->sme_state != CFG80211_SME_IDLE) {
250 err = 0;
251 /* both automatic */
252 if (!bssid && !wdev->wext.connect.bssid)
253 goto out;
254
255 /* fixed already - and no change */
256 if (wdev->wext.connect.bssid && bssid &&
257 compare_ether_addr(bssid, wdev->wext.connect.bssid) == 0)
258 goto out;
259
260 err = __cfg80211_disconnect(wiphy_to_dev(wdev->wiphy),
261 dev, WLAN_REASON_DEAUTH_LEAVING,
262 false);
263 if (err)
264 goto out;
265 }
266
267 if (bssid) {
268 memcpy(wdev->wext.bssid, bssid, ETH_ALEN);
269 wdev->wext.connect.bssid = wdev->wext.bssid;
270 } else
271 wdev->wext.connect.bssid = NULL;
272
273 err = cfg80211_mgd_wext_connect(wiphy_to_dev(wdev->wiphy), wdev);
274 out:
275 wdev_unlock(wdev);
276 cfg80211_unlock_rdev(wiphy_to_dev(wdev->wiphy));
277 return err;
278}
279/* temporary symbol - mark GPL - in the future the handler won't be */
280EXPORT_SYMBOL_GPL(cfg80211_mgd_wext_siwap);
281
282int cfg80211_mgd_wext_giwap(struct net_device *dev,
283 struct iw_request_info *info,
284 struct sockaddr *ap_addr, char *extra)
285{
286 struct wireless_dev *wdev = dev->ieee80211_ptr;
287
288 /* call only for station! */
289 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
290 return -EINVAL;
291
292 ap_addr->sa_family = ARPHRD_ETHER;
293
294 wdev_lock(wdev);
295 if (wdev->current_bss)
296 memcpy(ap_addr->sa_data, wdev->current_bss->pub.bssid, ETH_ALEN);
297 else if (wdev->wext.connect.bssid)
298 memcpy(ap_addr->sa_data, wdev->wext.connect.bssid, ETH_ALEN);
299 else
300 memset(ap_addr->sa_data, 0, ETH_ALEN);
301 wdev_unlock(wdev);
302
303 return 0;
304}
305/* temporary symbol - mark GPL - in the future the handler won't be */
306EXPORT_SYMBOL_GPL(cfg80211_mgd_wext_giwap);
307
308int cfg80211_wext_siwgenie(struct net_device *dev,
309 struct iw_request_info *info,
310 struct iw_point *data, char *extra)
311{
312 struct wireless_dev *wdev = dev->ieee80211_ptr;
313 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
314 u8 *ie = extra;
315 int ie_len = data->length, err;
316
317 if (wdev->iftype != NL80211_IFTYPE_STATION)
318 return -EOPNOTSUPP;
319
320 if (!ie_len)
321 ie = NULL;
322
323 wdev_lock(wdev);
324
325 /* no change */
326 err = 0;
327 if (wdev->wext.ie_len == ie_len &&
328 memcmp(wdev->wext.ie, ie, ie_len) == 0)
329 goto out;
330
331 if (ie_len) {
332 ie = kmemdup(extra, ie_len, GFP_KERNEL);
333 if (!ie) {
334 err = -ENOMEM;
335 goto out;
336 }
337 } else
338 ie = NULL;
339
340 kfree(wdev->wext.ie);
341 wdev->wext.ie = ie;
342 wdev->wext.ie_len = ie_len;
343
344 if (wdev->sme_state != CFG80211_SME_IDLE) {
345 err = __cfg80211_disconnect(rdev, dev,
346 WLAN_REASON_DEAUTH_LEAVING, false);
347 if (err)
348 goto out;
349 }
350
351 /* userspace better not think we'll reconnect */
352 err = 0;
353 out:
354 wdev_unlock(wdev);
355 return err;
356}
357EXPORT_SYMBOL_GPL(cfg80211_wext_siwgenie);
358
359int cfg80211_wext_siwmlme(struct net_device *dev,
360 struct iw_request_info *info,
361 struct iw_point *data, char *extra)
362{
363 struct wireless_dev *wdev = dev->ieee80211_ptr;
364 struct iw_mlme *mlme = (struct iw_mlme *)extra;
365 struct cfg80211_registered_device *rdev;
366 int err;
367
368 if (!wdev)
369 return -EOPNOTSUPP;
370
371 rdev = wiphy_to_dev(wdev->wiphy);
372
373 if (wdev->iftype != NL80211_IFTYPE_STATION)
374 return -EINVAL;
375
376 if (mlme->addr.sa_family != ARPHRD_ETHER)
377 return -EINVAL;
378
379 wdev_lock(wdev);
380 switch (mlme->cmd) {
381 case IW_MLME_DEAUTH:
382 case IW_MLME_DISASSOC:
383 err = __cfg80211_disconnect(rdev, dev, mlme->reason_code,
384 true);
385 break;
386 default:
387 err = -EOPNOTSUPP;
388 break;
389 }
390 wdev_unlock(wdev);
391
392 return err;
393}
394EXPORT_SYMBOL_GPL(cfg80211_wext_siwmlme);
diff --git a/net/wireless/wext.c b/net/wireless/wext.c
index 252c2010c2e2..3fe3c2c0ce11 100644
--- a/net/wireless/wext.c
+++ b/net/wireless/wext.c
@@ -417,6 +417,21 @@ static const int event_type_size[] = {
417 IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */ 417 IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
418}; 418};
419 419
420#ifdef CONFIG_COMPAT
421static const int compat_event_type_size[] = {
422 IW_EV_COMPAT_LCP_LEN, /* IW_HEADER_TYPE_NULL */
423 0,
424 IW_EV_COMPAT_CHAR_LEN, /* IW_HEADER_TYPE_CHAR */
425 0,
426 IW_EV_COMPAT_UINT_LEN, /* IW_HEADER_TYPE_UINT */
427 IW_EV_COMPAT_FREQ_LEN, /* IW_HEADER_TYPE_FREQ */
428 IW_EV_COMPAT_ADDR_LEN, /* IW_HEADER_TYPE_ADDR */
429 0,
430 IW_EV_COMPAT_POINT_LEN, /* Without variable payload */
431 IW_EV_COMPAT_PARAM_LEN, /* IW_HEADER_TYPE_PARAM */
432 IW_EV_COMPAT_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
433};
434#endif
420 435
421/************************ COMMON SUBROUTINES ************************/ 436/************************ COMMON SUBROUTINES ************************/
422/* 437/*
@@ -610,6 +625,11 @@ static void wireless_seq_printf_stats(struct seq_file *seq,
610{ 625{
611 /* Get stats from the driver */ 626 /* Get stats from the driver */
612 struct iw_statistics *stats = get_wireless_stats(dev); 627 struct iw_statistics *stats = get_wireless_stats(dev);
628 static struct iw_statistics nullstats = {};
629
630 /* show device if it's wireless regardless of current stats */
631 if (!stats && dev->wireless_handlers)
632 stats = &nullstats;
613 633
614 if (stats) { 634 if (stats) {
615 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d " 635 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d "
@@ -628,7 +648,9 @@ static void wireless_seq_printf_stats(struct seq_file *seq,
628 stats->discard.nwid, stats->discard.code, 648 stats->discard.nwid, stats->discard.code,
629 stats->discard.fragment, stats->discard.retries, 649 stats->discard.fragment, stats->discard.retries,
630 stats->discard.misc, stats->miss.beacon); 650 stats->discard.misc, stats->miss.beacon);
631 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED; 651
652 if (stats != &nullstats)
653 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
632 } 654 }
633} 655}
634 656
@@ -1250,65 +1272,58 @@ int compat_wext_handle_ioctl(struct net *net, unsigned int cmd,
1250} 1272}
1251#endif 1273#endif
1252 1274
1253/************************* EVENT PROCESSING *************************/ 1275static int __net_init wext_pernet_init(struct net *net)
1254/* 1276{
1255 * Process events generated by the wireless layer or the driver. 1277 skb_queue_head_init(&net->wext_nlevents);
1256 * Most often, the event will be propagated through rtnetlink 1278 return 0;
1257 */ 1279}
1258 1280
1259/* ---------------------------------------------------------------- */ 1281static void __net_exit wext_pernet_exit(struct net *net)
1260/* 1282{
1261 * Locking... 1283 skb_queue_purge(&net->wext_nlevents);
1262 * ---------- 1284}
1263 *
1264 * Thanks to Herbert Xu <herbert@gondor.apana.org.au> for fixing
1265 * the locking issue in here and implementing this code !
1266 *
1267 * The issue : wireless_send_event() is often called in interrupt context,
1268 * while the Netlink layer can never be called in interrupt context.
1269 * The fully formed RtNetlink events are queued, and then a tasklet is run
1270 * to feed those to Netlink.
1271 * The skb_queue is interrupt safe, and its lock is not held while calling
1272 * Netlink, so there is no possibility of dealock.
1273 * Jean II
1274 */
1275 1285
1276static struct sk_buff_head wireless_nlevent_queue; 1286static struct pernet_operations wext_pernet_ops = {
1287 .init = wext_pernet_init,
1288 .exit = wext_pernet_exit,
1289};
1277 1290
1278static int __init wireless_nlevent_init(void) 1291static int __init wireless_nlevent_init(void)
1279{ 1292{
1280 skb_queue_head_init(&wireless_nlevent_queue); 1293 return register_pernet_subsys(&wext_pernet_ops);
1281 return 0; 1294 return 0;
1282} 1295}
1283 1296
1284subsys_initcall(wireless_nlevent_init); 1297subsys_initcall(wireless_nlevent_init);
1285 1298
1286static void wireless_nlevent_process(unsigned long data) 1299/* Process events generated by the wireless layer or the driver. */
1300static void wireless_nlevent_process(struct work_struct *work)
1287{ 1301{
1288 struct sk_buff *skb; 1302 struct sk_buff *skb;
1303 struct net *net;
1304
1305 rtnl_lock();
1306
1307 for_each_net(net) {
1308 while ((skb = skb_dequeue(&net->wext_nlevents)))
1309 rtnl_notify(skb, net, 0, RTNLGRP_LINK, NULL,
1310 GFP_KERNEL);
1311 }
1289 1312
1290 while ((skb = skb_dequeue(&wireless_nlevent_queue))) 1313 rtnl_unlock();
1291 rtnl_notify(skb, &init_net, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC);
1292} 1314}
1293 1315
1294static DECLARE_TASKLET(wireless_nlevent_tasklet, wireless_nlevent_process, 0); 1316static DECLARE_WORK(wireless_nlevent_work, wireless_nlevent_process);
1295 1317
1296/* ---------------------------------------------------------------- */ 1318static struct nlmsghdr *rtnetlink_ifinfo_prep(struct net_device *dev,
1297/* 1319 struct sk_buff *skb)
1298 * Fill a rtnetlink message with our event data.
1299 * Note that we propage only the specified event and don't dump the
1300 * current wireless config. Dumping the wireless config is far too
1301 * expensive (for each parameter, the driver need to query the hardware).
1302 */
1303static int rtnetlink_fill_iwinfo(struct sk_buff *skb, struct net_device *dev,
1304 int type, char *event, int event_len)
1305{ 1320{
1306 struct ifinfomsg *r; 1321 struct ifinfomsg *r;
1307 struct nlmsghdr *nlh; 1322 struct nlmsghdr *nlh;
1308 1323
1309 nlh = nlmsg_put(skb, 0, 0, type, sizeof(*r), 0); 1324 nlh = nlmsg_put(skb, 0, 0, RTM_NEWLINK, sizeof(*r), 0);
1310 if (nlh == NULL) 1325 if (!nlh)
1311 return -EMSGSIZE; 1326 return NULL;
1312 1327
1313 r = nlmsg_data(nlh); 1328 r = nlmsg_data(nlh);
1314 r->ifi_family = AF_UNSPEC; 1329 r->ifi_family = AF_UNSPEC;
@@ -1319,48 +1334,14 @@ static int rtnetlink_fill_iwinfo(struct sk_buff *skb, struct net_device *dev,
1319 r->ifi_change = 0; /* Wireless changes don't affect those flags */ 1334 r->ifi_change = 0; /* Wireless changes don't affect those flags */
1320 1335
1321 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name); 1336 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name);
1322 /* Add the wireless events in the netlink packet */
1323 NLA_PUT(skb, IFLA_WIRELESS, event_len, event);
1324 1337
1325 return nlmsg_end(skb, nlh); 1338 return nlh;
1326 1339 nla_put_failure:
1327nla_put_failure:
1328 nlmsg_cancel(skb, nlh); 1340 nlmsg_cancel(skb, nlh);
1329 return -EMSGSIZE; 1341 return NULL;
1330} 1342}
1331 1343
1332/* ---------------------------------------------------------------- */
1333/*
1334 * Create and broadcast and send it on the standard rtnetlink socket
1335 * This is a pure clone rtmsg_ifinfo() in net/core/rtnetlink.c
1336 * Andrzej Krzysztofowicz mandated that I used a IFLA_XXX field
1337 * within a RTM_NEWLINK event.
1338 */
1339static void rtmsg_iwinfo(struct net_device *dev, char *event, int event_len)
1340{
1341 struct sk_buff *skb;
1342 int err;
1343
1344 if (!net_eq(dev_net(dev), &init_net))
1345 return;
1346
1347 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1348 if (!skb)
1349 return;
1350
1351 err = rtnetlink_fill_iwinfo(skb, dev, RTM_NEWLINK, event, event_len);
1352 if (err < 0) {
1353 WARN_ON(err == -EMSGSIZE);
1354 kfree_skb(skb);
1355 return;
1356 }
1357
1358 NETLINK_CB(skb).dst_group = RTNLGRP_LINK;
1359 skb_queue_tail(&wireless_nlevent_queue, skb);
1360 tasklet_schedule(&wireless_nlevent_tasklet);
1361}
1362 1344
1363/* ---------------------------------------------------------------- */
1364/* 1345/*
1365 * Main event dispatcher. Called from other parts and drivers. 1346 * Main event dispatcher. Called from other parts and drivers.
1366 * Send the event on the appropriate channels. 1347 * Send the event on the appropriate channels.
@@ -1369,7 +1350,7 @@ static void rtmsg_iwinfo(struct net_device *dev, char *event, int event_len)
1369void wireless_send_event(struct net_device * dev, 1350void wireless_send_event(struct net_device * dev,
1370 unsigned int cmd, 1351 unsigned int cmd,
1371 union iwreq_data * wrqu, 1352 union iwreq_data * wrqu,
1372 char * extra) 1353 const char * extra)
1373{ 1354{
1374 const struct iw_ioctl_description * descr = NULL; 1355 const struct iw_ioctl_description * descr = NULL;
1375 int extra_len = 0; 1356 int extra_len = 0;
@@ -1379,6 +1360,25 @@ void wireless_send_event(struct net_device * dev,
1379 int wrqu_off = 0; /* Offset in wrqu */ 1360 int wrqu_off = 0; /* Offset in wrqu */
1380 /* Don't "optimise" the following variable, it will crash */ 1361 /* Don't "optimise" the following variable, it will crash */
1381 unsigned cmd_index; /* *MUST* be unsigned */ 1362 unsigned cmd_index; /* *MUST* be unsigned */
1363 struct sk_buff *skb;
1364 struct nlmsghdr *nlh;
1365 struct nlattr *nla;
1366#ifdef CONFIG_COMPAT
1367 struct __compat_iw_event *compat_event;
1368 struct compat_iw_point compat_wrqu;
1369 struct sk_buff *compskb;
1370#endif
1371
1372 /*
1373 * Nothing in the kernel sends scan events with data, be safe.
1374 * This is necessary because we cannot fix up scan event data
1375 * for compat, due to being contained in 'extra', but normally
1376 * applications are required to retrieve the scan data anyway
1377 * and no data is included in the event, this codifies that
1378 * practice.
1379 */
1380 if (WARN_ON(cmd == SIOCGIWSCAN && extra))
1381 extra = NULL;
1382 1382
1383 /* Get the description of the Event */ 1383 /* Get the description of the Event */
1384 if (cmd <= SIOCIWLAST) { 1384 if (cmd <= SIOCIWLAST) {
@@ -1426,25 +1426,107 @@ void wireless_send_event(struct net_device * dev,
1426 hdr_len = event_type_size[descr->header_type]; 1426 hdr_len = event_type_size[descr->header_type];
1427 event_len = hdr_len + extra_len; 1427 event_len = hdr_len + extra_len;
1428 1428
1429 /* Create temporary buffer to hold the event */ 1429 /*
1430 event = kmalloc(event_len, GFP_ATOMIC); 1430 * The problem for 64/32 bit.
1431 if (event == NULL) 1431 *
1432 * On 64-bit, a regular event is laid out as follows:
1433 * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
1434 * | event.len | event.cmd | p a d d i n g |
1435 * | wrqu data ... (with the correct size) |
1436 *
1437 * This padding exists because we manipulate event->u,
1438 * and 'event' is not packed.
1439 *
1440 * An iw_point event is laid out like this instead:
1441 * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
1442 * | event.len | event.cmd | p a d d i n g |
1443 * | iwpnt.len | iwpnt.flg | p a d d i n g |
1444 * | extra data ...
1445 *
1446 * The second padding exists because struct iw_point is extended,
1447 * but this depends on the platform...
1448 *
1449 * On 32-bit, all the padding shouldn't be there.
1450 */
1451
1452 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1453 if (!skb)
1454 return;
1455
1456 /* Send via the RtNetlink event channel */
1457 nlh = rtnetlink_ifinfo_prep(dev, skb);
1458 if (WARN_ON(!nlh)) {
1459 kfree_skb(skb);
1460 return;
1461 }
1462
1463 /* Add the wireless events in the netlink packet */
1464 nla = nla_reserve(skb, IFLA_WIRELESS, event_len);
1465 if (!nla) {
1466 kfree_skb(skb);
1432 return; 1467 return;
1468 }
1469 event = nla_data(nla);
1433 1470
1434 /* Fill event */ 1471 /* Fill event - first clear to avoid data leaking */
1472 memset(event, 0, hdr_len);
1435 event->len = event_len; 1473 event->len = event_len;
1436 event->cmd = cmd; 1474 event->cmd = cmd;
1437 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN); 1475 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN);
1438 if (extra) 1476 if (extra_len)
1439 memcpy(((char *) event) + hdr_len, extra, extra_len); 1477 memcpy(((char *) event) + hdr_len, extra, extra_len);
1440 1478
1479 nlmsg_end(skb, nlh);
1480#ifdef CONFIG_COMPAT
1481 hdr_len = compat_event_type_size[descr->header_type];
1482 event_len = hdr_len + extra_len;
1483
1484 compskb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1485 if (!compskb) {
1486 kfree_skb(skb);
1487 return;
1488 }
1489
1441 /* Send via the RtNetlink event channel */ 1490 /* Send via the RtNetlink event channel */
1442 rtmsg_iwinfo(dev, (char *) event, event_len); 1491 nlh = rtnetlink_ifinfo_prep(dev, compskb);
1492 if (WARN_ON(!nlh)) {
1493 kfree_skb(skb);
1494 kfree_skb(compskb);
1495 return;
1496 }
1443 1497
1444 /* Cleanup */ 1498 /* Add the wireless events in the netlink packet */
1445 kfree(event); 1499 nla = nla_reserve(compskb, IFLA_WIRELESS, event_len);
1500 if (!nla) {
1501 kfree_skb(skb);
1502 kfree_skb(compskb);
1503 return;
1504 }
1505 compat_event = nla_data(nla);
1446 1506
1447 return; /* Always success, I guess ;-) */ 1507 compat_event->len = event_len;
1508 compat_event->cmd = cmd;
1509 if (descr->header_type == IW_HEADER_TYPE_POINT) {
1510 compat_wrqu.length = wrqu->data.length;
1511 compat_wrqu.flags = wrqu->data.flags;
1512 memcpy(&compat_event->pointer,
1513 ((char *) &compat_wrqu) + IW_EV_COMPAT_POINT_OFF,
1514 hdr_len - IW_EV_COMPAT_LCP_LEN);
1515 if (extra_len)
1516 memcpy(((char *) compat_event) + hdr_len,
1517 extra, extra_len);
1518 } else {
1519 /* extra_len must be zero, so no if (extra) needed */
1520 memcpy(&compat_event->pointer, wrqu,
1521 hdr_len - IW_EV_COMPAT_LCP_LEN);
1522 }
1523
1524 nlmsg_end(compskb, nlh);
1525
1526 skb_shinfo(skb)->frag_list = compskb;
1527#endif
1528 skb_queue_tail(&dev_net(dev)->wext_nlevents, skb);
1529 schedule_work(&wireless_nlevent_work);
1448} 1530}
1449EXPORT_SYMBOL(wireless_send_event); 1531EXPORT_SYMBOL(wireless_send_event);
1450 1532
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-18 14:00:27 -0500