diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/mac80211/Kconfig | 8 | ||||
-rw-r--r-- | net/mac80211/agg-rx.c | 72 | ||||
-rw-r--r-- | net/mac80211/agg-tx.c | 14 | ||||
-rw-r--r-- | net/mac80211/cfg.c | 13 | ||||
-rw-r--r-- | net/mac80211/debugfs_netdev.c | 12 | ||||
-rw-r--r-- | net/mac80211/debugfs_sta.c | 12 | ||||
-rw-r--r-- | net/mac80211/driver-trace.h | 275 | ||||
-rw-r--r-- | net/mac80211/ht.c | 3 | ||||
-rw-r--r-- | net/mac80211/ieee80211_i.h | 21 | ||||
-rw-r--r-- | net/mac80211/main.c | 2 | ||||
-rw-r--r-- | net/mac80211/mesh.c | 4 | ||||
-rw-r--r-- | net/mac80211/mesh.h | 2 | ||||
-rw-r--r-- | net/mac80211/mesh_hwmp.c | 4 | ||||
-rw-r--r-- | net/mac80211/mesh_plink.c | 2 | ||||
-rw-r--r-- | net/mac80211/mlme.c | 106 | ||||
-rw-r--r-- | net/mac80211/pm.c | 2 | ||||
-rw-r--r-- | net/mac80211/rx.c | 91 | ||||
-rw-r--r-- | net/mac80211/scan.c | 2 | ||||
-rw-r--r-- | net/mac80211/sta_info.c | 75 | ||||
-rw-r--r-- | net/mac80211/sta_info.h | 10 | ||||
-rw-r--r-- | net/mac80211/tx.c | 7 | ||||
-rw-r--r-- | net/mac80211/util.c | 11 | ||||
-rw-r--r-- | net/mac80211/work.c | 7 | ||||
-rw-r--r-- | net/wireless/core.h | 15 | ||||
-rw-r--r-- | net/wireless/mlme.c | 39 | ||||
-rw-r--r-- | net/wireless/nl80211.c | 22 | ||||
-rw-r--r-- | net/wireless/reg.c | 6 | ||||
-rw-r--r-- | net/wireless/sme.c | 15 | ||||
-rw-r--r-- | net/wireless/util.c | 24 |
29 files changed, 658 insertions, 218 deletions
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig index 334c359da5e8..8a91f6c0bb18 100644 --- a/net/mac80211/Kconfig +++ b/net/mac80211/Kconfig | |||
@@ -221,8 +221,8 @@ config MAC80211_DRIVER_API_TRACER | |||
221 | depends on EVENT_TRACING | 221 | depends on EVENT_TRACING |
222 | help | 222 | help |
223 | Say Y here to make mac80211 register with the ftrace | 223 | Say Y here to make mac80211 register with the ftrace |
224 | framework for the driver API -- you can see which | 224 | framework for the driver API -- you can then see which |
225 | driver methods it is calling then by looking at the | 225 | driver methods it is calling and which API functions |
226 | trace. | 226 | drivers are calling by looking at the trace. |
227 | 227 | ||
228 | If unsure, say N. | 228 | If unsure, say Y. |
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c index f9516a27e233..9598fdb4ad01 100644 --- a/net/mac80211/agg-rx.c +++ b/net/mac80211/agg-rx.c | |||
@@ -23,19 +23,20 @@ void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, | |||
23 | u16 initiator, u16 reason) | 23 | u16 initiator, u16 reason) |
24 | { | 24 | { |
25 | struct ieee80211_local *local = sta->local; | 25 | struct ieee80211_local *local = sta->local; |
26 | struct tid_ampdu_rx *tid_rx; | ||
26 | int i; | 27 | int i; |
27 | 28 | ||
28 | /* check if TID is in operational state */ | ||
29 | spin_lock_bh(&sta->lock); | 29 | spin_lock_bh(&sta->lock); |
30 | if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_OPERATIONAL) { | 30 | |
31 | /* check if TID is in operational state */ | ||
32 | if (!sta->ampdu_mlme.tid_active_rx[tid]) { | ||
31 | spin_unlock_bh(&sta->lock); | 33 | spin_unlock_bh(&sta->lock); |
32 | return; | 34 | return; |
33 | } | 35 | } |
34 | 36 | ||
35 | sta->ampdu_mlme.tid_state_rx[tid] = | 37 | sta->ampdu_mlme.tid_active_rx[tid] = false; |
36 | HT_AGG_STATE_REQ_STOP_BA_MSK | | 38 | |
37 | (initiator << HT_AGG_STATE_INITIATOR_SHIFT); | 39 | tid_rx = sta->ampdu_mlme.tid_rx[tid]; |
38 | spin_unlock_bh(&sta->lock); | ||
39 | 40 | ||
40 | #ifdef CONFIG_MAC80211_HT_DEBUG | 41 | #ifdef CONFIG_MAC80211_HT_DEBUG |
41 | printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n", | 42 | printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n", |
@@ -47,61 +48,35 @@ void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, | |||
47 | printk(KERN_DEBUG "HW problem - can not stop rx " | 48 | printk(KERN_DEBUG "HW problem - can not stop rx " |
48 | "aggregation for tid %d\n", tid); | 49 | "aggregation for tid %d\n", tid); |
49 | 50 | ||
50 | /* shutdown timer has not expired */ | ||
51 | if (initiator != WLAN_BACK_TIMER) | ||
52 | del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer); | ||
53 | |||
54 | /* check if this is a self generated aggregation halt */ | 51 | /* check if this is a self generated aggregation halt */ |
55 | if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER) | 52 | if (initiator == WLAN_BACK_RECIPIENT) |
56 | ieee80211_send_delba(sta->sdata, sta->sta.addr, | 53 | ieee80211_send_delba(sta->sdata, sta->sta.addr, |
57 | tid, 0, reason); | 54 | tid, 0, reason); |
58 | 55 | ||
59 | /* free the reordering buffer */ | 56 | /* free the reordering buffer */ |
60 | for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) { | 57 | for (i = 0; i < tid_rx->buf_size; i++) { |
61 | if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) { | 58 | if (tid_rx->reorder_buf[i]) { |
62 | /* release the reordered frames */ | 59 | /* release the reordered frames */ |
63 | dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]); | 60 | dev_kfree_skb(tid_rx->reorder_buf[i]); |
64 | sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--; | 61 | tid_rx->stored_mpdu_num--; |
65 | sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL; | 62 | tid_rx->reorder_buf[i] = NULL; |
66 | } | 63 | } |
67 | } | 64 | } |
68 | 65 | ||
69 | spin_lock_bh(&sta->lock); | ||
70 | /* free resources */ | 66 | /* free resources */ |
71 | kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf); | 67 | kfree(tid_rx->reorder_buf); |
72 | kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_time); | 68 | kfree(tid_rx->reorder_time); |
69 | sta->ampdu_mlme.tid_rx[tid] = NULL; | ||
73 | 70 | ||
74 | if (!sta->ampdu_mlme.tid_rx[tid]->shutdown) { | ||
75 | kfree(sta->ampdu_mlme.tid_rx[tid]); | ||
76 | sta->ampdu_mlme.tid_rx[tid] = NULL; | ||
77 | } | ||
78 | |||
79 | sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE; | ||
80 | spin_unlock_bh(&sta->lock); | 71 | spin_unlock_bh(&sta->lock); |
81 | } | ||
82 | |||
83 | void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, | ||
84 | u16 initiator, u16 reason) | ||
85 | { | ||
86 | struct sta_info *sta; | ||
87 | |||
88 | rcu_read_lock(); | ||
89 | |||
90 | sta = sta_info_get(sdata, ra); | ||
91 | if (!sta) { | ||
92 | rcu_read_unlock(); | ||
93 | return; | ||
94 | } | ||
95 | |||
96 | __ieee80211_stop_rx_ba_session(sta, tid, initiator, reason); | ||
97 | 72 | ||
98 | rcu_read_unlock(); | 73 | del_timer_sync(&tid_rx->session_timer); |
74 | kfree(tid_rx); | ||
99 | } | 75 | } |
100 | 76 | ||
101 | /* | 77 | /* |
102 | * After accepting the AddBA Request we activated a timer, | 78 | * After accepting the AddBA Request we activated a timer, |
103 | * resetting it after each frame that arrives from the originator. | 79 | * resetting it after each frame that arrives from the originator. |
104 | * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed. | ||
105 | */ | 80 | */ |
106 | static void sta_rx_agg_session_timer_expired(unsigned long data) | 81 | static void sta_rx_agg_session_timer_expired(unsigned long data) |
107 | { | 82 | { |
@@ -117,9 +92,8 @@ static void sta_rx_agg_session_timer_expired(unsigned long data) | |||
117 | #ifdef CONFIG_MAC80211_HT_DEBUG | 92 | #ifdef CONFIG_MAC80211_HT_DEBUG |
118 | printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid); | 93 | printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid); |
119 | #endif | 94 | #endif |
120 | ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->sta.addr, | 95 | __ieee80211_stop_rx_ba_session(sta, *ptid, WLAN_BACK_RECIPIENT, |
121 | (u16)*ptid, WLAN_BACK_TIMER, | 96 | WLAN_REASON_QSTA_TIMEOUT); |
122 | WLAN_REASON_QSTA_TIMEOUT); | ||
123 | } | 97 | } |
124 | 98 | ||
125 | static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid, | 99 | static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid, |
@@ -194,7 +168,7 @@ void ieee80211_process_addba_request(struct ieee80211_local *local, | |||
194 | 168 | ||
195 | status = WLAN_STATUS_REQUEST_DECLINED; | 169 | status = WLAN_STATUS_REQUEST_DECLINED; |
196 | 170 | ||
197 | if (test_sta_flags(sta, WLAN_STA_SUSPEND)) { | 171 | if (test_sta_flags(sta, WLAN_STA_BLOCK_BA)) { |
198 | #ifdef CONFIG_MAC80211_HT_DEBUG | 172 | #ifdef CONFIG_MAC80211_HT_DEBUG |
199 | printk(KERN_DEBUG "Suspend in progress. " | 173 | printk(KERN_DEBUG "Suspend in progress. " |
200 | "Denying ADDBA request\n"); | 174 | "Denying ADDBA request\n"); |
@@ -232,7 +206,7 @@ void ieee80211_process_addba_request(struct ieee80211_local *local, | |||
232 | /* examine state machine */ | 206 | /* examine state machine */ |
233 | spin_lock_bh(&sta->lock); | 207 | spin_lock_bh(&sta->lock); |
234 | 208 | ||
235 | if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) { | 209 | if (sta->ampdu_mlme.tid_active_rx[tid]) { |
236 | #ifdef CONFIG_MAC80211_HT_DEBUG | 210 | #ifdef CONFIG_MAC80211_HT_DEBUG |
237 | if (net_ratelimit()) | 211 | if (net_ratelimit()) |
238 | printk(KERN_DEBUG "unexpected AddBA Req from " | 212 | printk(KERN_DEBUG "unexpected AddBA Req from " |
@@ -294,7 +268,7 @@ void ieee80211_process_addba_request(struct ieee80211_local *local, | |||
294 | } | 268 | } |
295 | 269 | ||
296 | /* change state and send addba resp */ | 270 | /* change state and send addba resp */ |
297 | sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL; | 271 | sta->ampdu_mlme.tid_active_rx[tid] = true; |
298 | tid_agg_rx->dialog_token = dialog_token; | 272 | tid_agg_rx->dialog_token = dialog_token; |
299 | tid_agg_rx->ssn = start_seq_num; | 273 | tid_agg_rx->ssn = start_seq_num; |
300 | tid_agg_rx->head_seq_num = start_seq_num; | 274 | tid_agg_rx->head_seq_num = start_seq_num; |
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c index 96d25348aa59..608063f11797 100644 --- a/net/mac80211/agg-tx.c +++ b/net/mac80211/agg-tx.c | |||
@@ -215,6 +215,8 @@ int ieee80211_start_tx_ba_session(struct ieee80211_sta *pubsta, u16 tid) | |||
215 | int ret = 0; | 215 | int ret = 0; |
216 | u16 start_seq_num; | 216 | u16 start_seq_num; |
217 | 217 | ||
218 | trace_api_start_tx_ba_session(pubsta, tid); | ||
219 | |||
218 | if (WARN_ON(!local->ops->ampdu_action)) | 220 | if (WARN_ON(!local->ops->ampdu_action)) |
219 | return -EINVAL; | 221 | return -EINVAL; |
220 | 222 | ||
@@ -246,7 +248,7 @@ int ieee80211_start_tx_ba_session(struct ieee80211_sta *pubsta, u16 tid) | |||
246 | return -EINVAL; | 248 | return -EINVAL; |
247 | } | 249 | } |
248 | 250 | ||
249 | if (test_sta_flags(sta, WLAN_STA_SUSPEND)) { | 251 | if (test_sta_flags(sta, WLAN_STA_BLOCK_BA)) { |
250 | #ifdef CONFIG_MAC80211_HT_DEBUG | 252 | #ifdef CONFIG_MAC80211_HT_DEBUG |
251 | printk(KERN_DEBUG "Suspend in progress. " | 253 | printk(KERN_DEBUG "Suspend in progress. " |
252 | "Denying BA session request\n"); | 254 | "Denying BA session request\n"); |
@@ -415,7 +417,7 @@ static void ieee80211_agg_tx_operational(struct ieee80211_local *local, | |||
415 | struct sta_info *sta, u16 tid) | 417 | struct sta_info *sta, u16 tid) |
416 | { | 418 | { |
417 | #ifdef CONFIG_MAC80211_HT_DEBUG | 419 | #ifdef CONFIG_MAC80211_HT_DEBUG |
418 | printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid); | 420 | printk(KERN_DEBUG "Aggregation is on for tid %d\n", tid); |
419 | #endif | 421 | #endif |
420 | 422 | ||
421 | spin_lock(&local->ampdu_lock); | 423 | spin_lock(&local->ampdu_lock); |
@@ -441,6 +443,8 @@ void ieee80211_start_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u16 tid) | |||
441 | struct sta_info *sta; | 443 | struct sta_info *sta; |
442 | u8 *state; | 444 | u8 *state; |
443 | 445 | ||
446 | trace_api_start_tx_ba_cb(sdata, ra, tid); | ||
447 | |||
444 | if (tid >= STA_TID_NUM) { | 448 | if (tid >= STA_TID_NUM) { |
445 | #ifdef CONFIG_MAC80211_HT_DEBUG | 449 | #ifdef CONFIG_MAC80211_HT_DEBUG |
446 | printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n", | 450 | printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n", |
@@ -542,6 +546,8 @@ int ieee80211_stop_tx_ba_session(struct ieee80211_sta *pubsta, u16 tid, | |||
542 | struct ieee80211_sub_if_data *sdata = sta->sdata; | 546 | struct ieee80211_sub_if_data *sdata = sta->sdata; |
543 | struct ieee80211_local *local = sdata->local; | 547 | struct ieee80211_local *local = sdata->local; |
544 | 548 | ||
549 | trace_api_stop_tx_ba_session(pubsta, tid, initiator); | ||
550 | |||
545 | if (!local->ops->ampdu_action) | 551 | if (!local->ops->ampdu_action) |
546 | return -EINVAL; | 552 | return -EINVAL; |
547 | 553 | ||
@@ -559,6 +565,8 @@ void ieee80211_stop_tx_ba_cb(struct ieee80211_vif *vif, u8 *ra, u8 tid) | |||
559 | struct sta_info *sta; | 565 | struct sta_info *sta; |
560 | u8 *state; | 566 | u8 *state; |
561 | 567 | ||
568 | trace_api_stop_tx_ba_cb(sdata, ra, tid); | ||
569 | |||
562 | if (tid >= STA_TID_NUM) { | 570 | if (tid >= STA_TID_NUM) { |
563 | #ifdef CONFIG_MAC80211_HT_DEBUG | 571 | #ifdef CONFIG_MAC80211_HT_DEBUG |
564 | printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n", | 572 | printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n", |
@@ -675,7 +683,7 @@ void ieee80211_process_addba_resp(struct ieee80211_local *local, | |||
675 | del_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer); | 683 | del_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer); |
676 | 684 | ||
677 | #ifdef CONFIG_MAC80211_HT_DEBUG | 685 | #ifdef CONFIG_MAC80211_HT_DEBUG |
678 | printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid); | 686 | printk(KERN_DEBUG "switched off addBA timer for tid %d\n", tid); |
679 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | 687 | #endif /* CONFIG_MAC80211_HT_DEBUG */ |
680 | 688 | ||
681 | if (le16_to_cpu(mgmt->u.action.u.addba_resp.status) | 689 | if (le16_to_cpu(mgmt->u.action.u.addba_resp.status) |
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index c41aaba839fa..7dd7cda75cfa 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c | |||
@@ -1137,6 +1137,10 @@ static int ieee80211_set_txq_params(struct wiphy *wiphy, | |||
1137 | return -EINVAL; | 1137 | return -EINVAL; |
1138 | } | 1138 | } |
1139 | 1139 | ||
1140 | /* enable WMM or activate new settings */ | ||
1141 | local->hw.conf.flags |= IEEE80211_CONF_QOS; | ||
1142 | drv_config(local, IEEE80211_CONF_CHANGE_QOS); | ||
1143 | |||
1140 | return 0; | 1144 | return 0; |
1141 | } | 1145 | } |
1142 | 1146 | ||
@@ -1412,9 +1416,6 @@ static int ieee80211_set_cqm_rssi_config(struct wiphy *wiphy, | |||
1412 | struct ieee80211_vif *vif = &sdata->vif; | 1416 | struct ieee80211_vif *vif = &sdata->vif; |
1413 | struct ieee80211_bss_conf *bss_conf = &vif->bss_conf; | 1417 | struct ieee80211_bss_conf *bss_conf = &vif->bss_conf; |
1414 | 1418 | ||
1415 | if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_CQM_RSSI)) | ||
1416 | return -EOPNOTSUPP; | ||
1417 | |||
1418 | if (rssi_thold == bss_conf->cqm_rssi_thold && | 1419 | if (rssi_thold == bss_conf->cqm_rssi_thold && |
1419 | rssi_hyst == bss_conf->cqm_rssi_hyst) | 1420 | rssi_hyst == bss_conf->cqm_rssi_hyst) |
1420 | return 0; | 1421 | return 0; |
@@ -1422,6 +1423,12 @@ static int ieee80211_set_cqm_rssi_config(struct wiphy *wiphy, | |||
1422 | bss_conf->cqm_rssi_thold = rssi_thold; | 1423 | bss_conf->cqm_rssi_thold = rssi_thold; |
1423 | bss_conf->cqm_rssi_hyst = rssi_hyst; | 1424 | bss_conf->cqm_rssi_hyst = rssi_hyst; |
1424 | 1425 | ||
1426 | if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_CQM_RSSI)) { | ||
1427 | if (sdata->vif.type != NL80211_IFTYPE_STATION) | ||
1428 | return -EOPNOTSUPP; | ||
1429 | return 0; | ||
1430 | } | ||
1431 | |||
1425 | /* tell the driver upon association, unless already associated */ | 1432 | /* tell the driver upon association, unless already associated */ |
1426 | if (sdata->u.mgd.associated) | 1433 | if (sdata->u.mgd.associated) |
1427 | ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_CQM); | 1434 | ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_CQM); |
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c index 83d4289d954b..20b2998fa0ed 100644 --- a/net/mac80211/debugfs_netdev.c +++ b/net/mac80211/debugfs_netdev.c | |||
@@ -100,6 +100,14 @@ static ssize_t ieee80211_if_fmt_##name( \ | |||
100 | return scnprintf(buf, buflen, "%pM\n", sdata->field); \ | 100 | return scnprintf(buf, buflen, "%pM\n", sdata->field); \ |
101 | } | 101 | } |
102 | 102 | ||
103 | #define IEEE80211_IF_FMT_DEC_DIV_16(name, field) \ | ||
104 | static ssize_t ieee80211_if_fmt_##name( \ | ||
105 | const struct ieee80211_sub_if_data *sdata, \ | ||
106 | char *buf, int buflen) \ | ||
107 | { \ | ||
108 | return scnprintf(buf, buflen, "%d\n", sdata->field / 16); \ | ||
109 | } | ||
110 | |||
103 | #define __IEEE80211_IF_FILE(name, _write) \ | 111 | #define __IEEE80211_IF_FILE(name, _write) \ |
104 | static ssize_t ieee80211_if_read_##name(struct file *file, \ | 112 | static ssize_t ieee80211_if_read_##name(struct file *file, \ |
105 | char __user *userbuf, \ | 113 | char __user *userbuf, \ |
@@ -140,6 +148,8 @@ IEEE80211_IF_FILE(rc_rateidx_mask_5ghz, rc_rateidx_mask[IEEE80211_BAND_5GHZ], | |||
140 | /* STA attributes */ | 148 | /* STA attributes */ |
141 | IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC); | 149 | IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC); |
142 | IEEE80211_IF_FILE(aid, u.mgd.aid, DEC); | 150 | IEEE80211_IF_FILE(aid, u.mgd.aid, DEC); |
151 | IEEE80211_IF_FILE(last_beacon, u.mgd.last_beacon_signal, DEC); | ||
152 | IEEE80211_IF_FILE(ave_beacon, u.mgd.ave_beacon_signal, DEC_DIV_16); | ||
143 | 153 | ||
144 | static int ieee80211_set_smps(struct ieee80211_sub_if_data *sdata, | 154 | static int ieee80211_set_smps(struct ieee80211_sub_if_data *sdata, |
145 | enum ieee80211_smps_mode smps_mode) | 155 | enum ieee80211_smps_mode smps_mode) |
@@ -276,6 +286,8 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata) | |||
276 | 286 | ||
277 | DEBUGFS_ADD(bssid); | 287 | DEBUGFS_ADD(bssid); |
278 | DEBUGFS_ADD(aid); | 288 | DEBUGFS_ADD(aid); |
289 | DEBUGFS_ADD(last_beacon); | ||
290 | DEBUGFS_ADD(ave_beacon); | ||
279 | DEBUGFS_ADD_MODE(smps, 0600); | 291 | DEBUGFS_ADD_MODE(smps, 0600); |
280 | } | 292 | } |
281 | 293 | ||
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c index 23e720034577..6bc9b07c3eda 100644 --- a/net/mac80211/debugfs_sta.c +++ b/net/mac80211/debugfs_sta.c | |||
@@ -119,7 +119,7 @@ STA_OPS(last_seq_ctrl); | |||
119 | static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf, | 119 | static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf, |
120 | size_t count, loff_t *ppos) | 120 | size_t count, loff_t *ppos) |
121 | { | 121 | { |
122 | char buf[64 + STA_TID_NUM * 40], *p = buf; | 122 | char buf[71 + STA_TID_NUM * 40], *p = buf; |
123 | int i; | 123 | int i; |
124 | struct sta_info *sta = file->private_data; | 124 | struct sta_info *sta = file->private_data; |
125 | 125 | ||
@@ -127,16 +127,16 @@ static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf, | |||
127 | p += scnprintf(p, sizeof(buf) + buf - p, "next dialog_token: %#02x\n", | 127 | p += scnprintf(p, sizeof(buf) + buf - p, "next dialog_token: %#02x\n", |
128 | sta->ampdu_mlme.dialog_token_allocator + 1); | 128 | sta->ampdu_mlme.dialog_token_allocator + 1); |
129 | p += scnprintf(p, sizeof(buf) + buf - p, | 129 | p += scnprintf(p, sizeof(buf) + buf - p, |
130 | "TID\t\tRX\tDTKN\tSSN\t\tTX\tDTKN\tSSN\tpending\n"); | 130 | "TID\t\tRX active\tDTKN\tSSN\t\tTX\tDTKN\tSSN\tpending\n"); |
131 | for (i = 0; i < STA_TID_NUM; i++) { | 131 | for (i = 0; i < STA_TID_NUM; i++) { |
132 | p += scnprintf(p, sizeof(buf) + buf - p, "%02d", i); | 132 | p += scnprintf(p, sizeof(buf) + buf - p, "%02d", i); |
133 | p += scnprintf(p, sizeof(buf) + buf - p, "\t\t%x", | 133 | p += scnprintf(p, sizeof(buf) + buf - p, "\t\t%x", |
134 | sta->ampdu_mlme.tid_state_rx[i]); | 134 | sta->ampdu_mlme.tid_active_rx[i]); |
135 | p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.2x", | 135 | p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.2x", |
136 | sta->ampdu_mlme.tid_state_rx[i] ? | 136 | sta->ampdu_mlme.tid_active_rx[i] ? |
137 | sta->ampdu_mlme.tid_rx[i]->dialog_token : 0); | 137 | sta->ampdu_mlme.tid_rx[i]->dialog_token : 0); |
138 | p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.3x", | 138 | p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.3x", |
139 | sta->ampdu_mlme.tid_state_rx[i] ? | 139 | sta->ampdu_mlme.tid_active_rx[i] ? |
140 | sta->ampdu_mlme.tid_rx[i]->ssn : 0); | 140 | sta->ampdu_mlme.tid_rx[i]->ssn : 0); |
141 | 141 | ||
142 | p += scnprintf(p, sizeof(buf) + buf - p, "\t\t%x", | 142 | p += scnprintf(p, sizeof(buf) + buf - p, "\t\t%x", |
@@ -176,7 +176,7 @@ static ssize_t sta_ht_capa_read(struct file *file, char __user *userbuf, | |||
176 | if (htc->ht_supported) { | 176 | if (htc->ht_supported) { |
177 | p += scnprintf(p, sizeof(buf)+buf-p, "cap: %#.4x\n", htc->cap); | 177 | p += scnprintf(p, sizeof(buf)+buf-p, "cap: %#.4x\n", htc->cap); |
178 | 178 | ||
179 | PRINT_HT_CAP((htc->cap & BIT(0)), "RX LDCP"); | 179 | PRINT_HT_CAP((htc->cap & BIT(0)), "RX LDPC"); |
180 | PRINT_HT_CAP((htc->cap & BIT(1)), "HT20/HT40"); | 180 | PRINT_HT_CAP((htc->cap & BIT(1)), "HT20/HT40"); |
181 | PRINT_HT_CAP(!(htc->cap & BIT(1)), "HT20"); | 181 | PRINT_HT_CAP(!(htc->cap & BIT(1)), "HT20"); |
182 | 182 | ||
diff --git a/net/mac80211/driver-trace.h b/net/mac80211/driver-trace.h index 41baf730a5c7..e209cb82ff29 100644 --- a/net/mac80211/driver-trace.h +++ b/net/mac80211/driver-trace.h | |||
@@ -32,6 +32,10 @@ static inline void trace_ ## name(proto) {} | |||
32 | #define VIF_PR_FMT " vif:%s(%d)" | 32 | #define VIF_PR_FMT " vif:%s(%d)" |
33 | #define VIF_PR_ARG __get_str(vif_name), __entry->vif_type | 33 | #define VIF_PR_ARG __get_str(vif_name), __entry->vif_type |
34 | 34 | ||
35 | /* | ||
36 | * Tracing for driver callbacks. | ||
37 | */ | ||
38 | |||
35 | TRACE_EVENT(drv_start, | 39 | TRACE_EVENT(drv_start, |
36 | TP_PROTO(struct ieee80211_local *local, int ret), | 40 | TP_PROTO(struct ieee80211_local *local, int ret), |
37 | 41 | ||
@@ -766,6 +770,277 @@ TRACE_EVENT(drv_flush, | |||
766 | LOCAL_PR_ARG, __entry->drop | 770 | LOCAL_PR_ARG, __entry->drop |
767 | ) | 771 | ) |
768 | ); | 772 | ); |
773 | |||
774 | /* | ||
775 | * Tracing for API calls that drivers call. | ||
776 | */ | ||
777 | |||
778 | TRACE_EVENT(api_start_tx_ba_session, | ||
779 | TP_PROTO(struct ieee80211_sta *sta, u16 tid), | ||
780 | |||
781 | TP_ARGS(sta, tid), | ||
782 | |||
783 | TP_STRUCT__entry( | ||
784 | STA_ENTRY | ||
785 | __field(u16, tid) | ||
786 | ), | ||
787 | |||
788 | TP_fast_assign( | ||
789 | STA_ASSIGN; | ||
790 | __entry->tid = tid; | ||
791 | ), | ||
792 | |||
793 | TP_printk( | ||
794 | STA_PR_FMT " tid:%d", | ||
795 | STA_PR_ARG, __entry->tid | ||
796 | ) | ||
797 | ); | ||
798 | |||
799 | TRACE_EVENT(api_start_tx_ba_cb, | ||
800 | TP_PROTO(struct ieee80211_sub_if_data *sdata, const u8 *ra, u16 tid), | ||
801 | |||
802 | TP_ARGS(sdata, ra, tid), | ||
803 | |||
804 | TP_STRUCT__entry( | ||
805 | VIF_ENTRY | ||
806 | __array(u8, ra, ETH_ALEN) | ||
807 | __field(u16, tid) | ||
808 | ), | ||
809 | |||
810 | TP_fast_assign( | ||
811 | VIF_ASSIGN; | ||
812 | memcpy(__entry->ra, ra, ETH_ALEN); | ||
813 | __entry->tid = tid; | ||
814 | ), | ||
815 | |||
816 | TP_printk( | ||
817 | VIF_PR_FMT " ra:%pM tid:%d", | ||
818 | VIF_PR_ARG, __entry->ra, __entry->tid | ||
819 | ) | ||
820 | ); | ||
821 | |||
822 | TRACE_EVENT(api_stop_tx_ba_session, | ||
823 | TP_PROTO(struct ieee80211_sta *sta, u16 tid, u16 initiator), | ||
824 | |||
825 | TP_ARGS(sta, tid, initiator), | ||
826 | |||
827 | TP_STRUCT__entry( | ||
828 | STA_ENTRY | ||
829 | __field(u16, tid) | ||
830 | __field(u16, initiator) | ||
831 | ), | ||
832 | |||
833 | TP_fast_assign( | ||
834 | STA_ASSIGN; | ||
835 | __entry->tid = tid; | ||
836 | __entry->initiator = initiator; | ||
837 | ), | ||
838 | |||
839 | TP_printk( | ||
840 | STA_PR_FMT " tid:%d initiator:%d", | ||
841 | STA_PR_ARG, __entry->tid, __entry->initiator | ||
842 | ) | ||
843 | ); | ||
844 | |||
845 | TRACE_EVENT(api_stop_tx_ba_cb, | ||
846 | TP_PROTO(struct ieee80211_sub_if_data *sdata, const u8 *ra, u16 tid), | ||
847 | |||
848 | TP_ARGS(sdata, ra, tid), | ||
849 | |||
850 | TP_STRUCT__entry( | ||
851 | VIF_ENTRY | ||
852 | __array(u8, ra, ETH_ALEN) | ||
853 | __field(u16, tid) | ||
854 | ), | ||
855 | |||
856 | TP_fast_assign( | ||
857 | VIF_ASSIGN; | ||
858 | memcpy(__entry->ra, ra, ETH_ALEN); | ||
859 | __entry->tid = tid; | ||
860 | ), | ||
861 | |||
862 | TP_printk( | ||
863 | VIF_PR_FMT " ra:%pM tid:%d", | ||
864 | VIF_PR_ARG, __entry->ra, __entry->tid | ||
865 | ) | ||
866 | ); | ||
867 | |||
868 | TRACE_EVENT(api_restart_hw, | ||
869 | TP_PROTO(struct ieee80211_local *local), | ||
870 | |||
871 | TP_ARGS(local), | ||
872 | |||
873 | TP_STRUCT__entry( | ||
874 | LOCAL_ENTRY | ||
875 | ), | ||
876 | |||
877 | TP_fast_assign( | ||
878 | LOCAL_ASSIGN; | ||
879 | ), | ||
880 | |||
881 | TP_printk( | ||
882 | LOCAL_PR_FMT, | ||
883 | LOCAL_PR_ARG | ||
884 | ) | ||
885 | ); | ||
886 | |||
887 | TRACE_EVENT(api_beacon_loss, | ||
888 | TP_PROTO(struct ieee80211_sub_if_data *sdata), | ||
889 | |||
890 | TP_ARGS(sdata), | ||
891 | |||
892 | TP_STRUCT__entry( | ||
893 | VIF_ENTRY | ||
894 | ), | ||
895 | |||
896 | TP_fast_assign( | ||
897 | VIF_ASSIGN; | ||
898 | ), | ||
899 | |||
900 | TP_printk( | ||
901 | VIF_PR_FMT, | ||
902 | VIF_PR_ARG | ||
903 | ) | ||
904 | ); | ||
905 | |||
906 | TRACE_EVENT(api_connection_loss, | ||
907 | TP_PROTO(struct ieee80211_sub_if_data *sdata), | ||
908 | |||
909 | TP_ARGS(sdata), | ||
910 | |||
911 | TP_STRUCT__entry( | ||
912 | VIF_ENTRY | ||
913 | ), | ||
914 | |||
915 | TP_fast_assign( | ||
916 | VIF_ASSIGN; | ||
917 | ), | ||
918 | |||
919 | TP_printk( | ||
920 | VIF_PR_FMT, | ||
921 | VIF_PR_ARG | ||
922 | ) | ||
923 | ); | ||
924 | |||
925 | TRACE_EVENT(api_cqm_rssi_notify, | ||
926 | TP_PROTO(struct ieee80211_sub_if_data *sdata, | ||
927 | enum nl80211_cqm_rssi_threshold_event rssi_event), | ||
928 | |||
929 | TP_ARGS(sdata, rssi_event), | ||
930 | |||
931 | TP_STRUCT__entry( | ||
932 | VIF_ENTRY | ||
933 | __field(u32, rssi_event) | ||
934 | ), | ||
935 | |||
936 | TP_fast_assign( | ||
937 | VIF_ASSIGN; | ||
938 | __entry->rssi_event = rssi_event; | ||
939 | ), | ||
940 | |||
941 | TP_printk( | ||
942 | VIF_PR_FMT " event:%d", | ||
943 | VIF_PR_ARG, __entry->rssi_event | ||
944 | ) | ||
945 | ); | ||
946 | |||
947 | TRACE_EVENT(api_scan_completed, | ||
948 | TP_PROTO(struct ieee80211_local *local, bool aborted), | ||
949 | |||
950 | TP_ARGS(local, aborted), | ||
951 | |||
952 | TP_STRUCT__entry( | ||
953 | LOCAL_ENTRY | ||
954 | __field(bool, aborted) | ||
955 | ), | ||
956 | |||
957 | TP_fast_assign( | ||
958 | LOCAL_ASSIGN; | ||
959 | __entry->aborted = aborted; | ||
960 | ), | ||
961 | |||
962 | TP_printk( | ||
963 | LOCAL_PR_FMT " aborted:%d", | ||
964 | LOCAL_PR_ARG, __entry->aborted | ||
965 | ) | ||
966 | ); | ||
967 | |||
968 | TRACE_EVENT(api_sta_block_awake, | ||
969 | TP_PROTO(struct ieee80211_local *local, | ||
970 | struct ieee80211_sta *sta, bool block), | ||
971 | |||
972 | TP_ARGS(local, sta, block), | ||
973 | |||
974 | TP_STRUCT__entry( | ||
975 | LOCAL_ENTRY | ||
976 | STA_ENTRY | ||
977 | __field(bool, block) | ||
978 | ), | ||
979 | |||
980 | TP_fast_assign( | ||
981 | LOCAL_ASSIGN; | ||
982 | STA_ASSIGN; | ||
983 | __entry->block = block; | ||
984 | ), | ||
985 | |||
986 | TP_printk( | ||
987 | LOCAL_PR_FMT STA_PR_FMT " block:%d", | ||
988 | LOCAL_PR_ARG, STA_PR_FMT, __entry->block | ||
989 | ) | ||
990 | ); | ||
991 | |||
992 | /* | ||
993 | * Tracing for internal functions | ||
994 | * (which may also be called in response to driver calls) | ||
995 | */ | ||
996 | |||
997 | TRACE_EVENT(wake_queue, | ||
998 | TP_PROTO(struct ieee80211_local *local, u16 queue, | ||
999 | enum queue_stop_reason reason), | ||
1000 | |||
1001 | TP_ARGS(local, queue, reason), | ||
1002 | |||
1003 | TP_STRUCT__entry( | ||
1004 | LOCAL_ENTRY | ||
1005 | __field(u16, queue) | ||
1006 | __field(u32, reason) | ||
1007 | ), | ||
1008 | |||
1009 | TP_fast_assign( | ||
1010 | LOCAL_ASSIGN; | ||
1011 | __entry->queue = queue; | ||
1012 | __entry->reason = reason; | ||
1013 | ), | ||
1014 | |||
1015 | TP_printk( | ||
1016 | LOCAL_PR_FMT " queue:%d, reason:%d", | ||
1017 | LOCAL_PR_ARG, __entry->queue, __entry->reason | ||
1018 | ) | ||
1019 | ); | ||
1020 | |||
1021 | TRACE_EVENT(stop_queue, | ||
1022 | TP_PROTO(struct ieee80211_local *local, u16 queue, | ||
1023 | enum queue_stop_reason reason), | ||
1024 | |||
1025 | TP_ARGS(local, queue, reason), | ||
1026 | |||
1027 | TP_STRUCT__entry( | ||
1028 | LOCAL_ENTRY | ||
1029 | __field(u16, queue) | ||
1030 | __field(u32, reason) | ||
1031 | ), | ||
1032 | |||
1033 | TP_fast_assign( | ||
1034 | LOCAL_ASSIGN; | ||
1035 | __entry->queue = queue; | ||
1036 | __entry->reason = reason; | ||
1037 | ), | ||
1038 | |||
1039 | TP_printk( | ||
1040 | LOCAL_PR_FMT " queue:%d, reason:%d", | ||
1041 | LOCAL_PR_ARG, __entry->queue, __entry->reason | ||
1042 | ) | ||
1043 | ); | ||
769 | #endif /* !__MAC80211_DRIVER_TRACE || TRACE_HEADER_MULTI_READ */ | 1044 | #endif /* !__MAC80211_DRIVER_TRACE || TRACE_HEADER_MULTI_READ */ |
770 | 1045 | ||
771 | #undef TRACE_INCLUDE_PATH | 1046 | #undef TRACE_INCLUDE_PATH |
diff --git a/net/mac80211/ht.c b/net/mac80211/ht.c index bb677a73b7c9..2ab106a0a491 100644 --- a/net/mac80211/ht.c +++ b/net/mac80211/ht.c | |||
@@ -175,8 +175,7 @@ void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata, | |||
175 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | 175 | #endif /* CONFIG_MAC80211_HT_DEBUG */ |
176 | 176 | ||
177 | if (initiator == WLAN_BACK_INITIATOR) | 177 | if (initiator == WLAN_BACK_INITIATOR) |
178 | ieee80211_sta_stop_rx_ba_session(sdata, sta->sta.addr, tid, | 178 | __ieee80211_stop_rx_ba_session(sta, tid, WLAN_BACK_INITIATOR, 0); |
179 | WLAN_BACK_INITIATOR, 0); | ||
180 | else { /* WLAN_BACK_RECIPIENT */ | 179 | else { /* WLAN_BACK_RECIPIENT */ |
181 | spin_lock_bh(&sta->lock); | 180 | spin_lock_bh(&sta->lock); |
182 | if (sta->ampdu_mlme.tid_state_tx[tid] & HT_ADDBA_REQUESTED_MSK) | 181 | if (sta->ampdu_mlme.tid_state_tx[tid] & HT_ADDBA_REQUESTED_MSK) |
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index 7fdacf9408b1..c9712f35e596 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h | |||
@@ -317,6 +317,7 @@ enum ieee80211_sta_flags { | |||
317 | IEEE80211_STA_MFP_ENABLED = BIT(6), | 317 | IEEE80211_STA_MFP_ENABLED = BIT(6), |
318 | IEEE80211_STA_UAPSD_ENABLED = BIT(7), | 318 | IEEE80211_STA_UAPSD_ENABLED = BIT(7), |
319 | IEEE80211_STA_NULLFUNC_ACKED = BIT(8), | 319 | IEEE80211_STA_NULLFUNC_ACKED = BIT(8), |
320 | IEEE80211_STA_RESET_SIGNAL_AVE = BIT(9), | ||
320 | }; | 321 | }; |
321 | 322 | ||
322 | struct ieee80211_if_managed { | 323 | struct ieee80211_if_managed { |
@@ -359,6 +360,24 @@ struct ieee80211_if_managed { | |||
359 | int wmm_last_param_set; | 360 | int wmm_last_param_set; |
360 | 361 | ||
361 | u8 use_4addr; | 362 | u8 use_4addr; |
363 | |||
364 | /* Signal strength from the last Beacon frame in the current BSS. */ | ||
365 | int last_beacon_signal; | ||
366 | |||
367 | /* | ||
368 | * Weighted average of the signal strength from Beacon frames in the | ||
369 | * current BSS. This is in units of 1/16 of the signal unit to maintain | ||
370 | * accuracy and to speed up calculations, i.e., the value need to be | ||
371 | * divided by 16 to get the actual value. | ||
372 | */ | ||
373 | int ave_beacon_signal; | ||
374 | |||
375 | /* | ||
376 | * Last Beacon frame signal strength average (ave_beacon_signal / 16) | ||
377 | * that triggered a cqm event. 0 indicates that no event has been | ||
378 | * generated for the current association. | ||
379 | */ | ||
380 | int last_cqm_event_signal; | ||
362 | }; | 381 | }; |
363 | 382 | ||
364 | enum ieee80211_ibss_request { | 383 | enum ieee80211_ibss_request { |
@@ -1078,8 +1097,6 @@ int ieee80211_send_smps_action(struct ieee80211_sub_if_data *sdata, | |||
1078 | enum ieee80211_smps_mode smps, const u8 *da, | 1097 | enum ieee80211_smps_mode smps, const u8 *da, |
1079 | const u8 *bssid); | 1098 | const u8 *bssid); |
1080 | 1099 | ||
1081 | void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *da, | ||
1082 | u16 tid, u16 initiator, u16 reason); | ||
1083 | void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, | 1100 | void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, |
1084 | u16 initiator, u16 reason); | 1101 | u16 initiator, u16 reason); |
1085 | void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta); | 1102 | void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta); |
diff --git a/net/mac80211/main.c b/net/mac80211/main.c index 50c1b1ada884..011ee85bcd57 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c | |||
@@ -309,6 +309,8 @@ void ieee80211_restart_hw(struct ieee80211_hw *hw) | |||
309 | { | 309 | { |
310 | struct ieee80211_local *local = hw_to_local(hw); | 310 | struct ieee80211_local *local = hw_to_local(hw); |
311 | 311 | ||
312 | trace_api_restart_hw(local); | ||
313 | |||
312 | /* use this reason, __ieee80211_resume will unblock it */ | 314 | /* use this reason, __ieee80211_resume will unblock it */ |
313 | ieee80211_stop_queues_by_reason(hw, | 315 | ieee80211_stop_queues_by_reason(hw, |
314 | IEEE80211_QUEUE_STOP_REASON_SUSPEND); | 316 | IEEE80211_QUEUE_STOP_REASON_SUSPEND); |
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c index 859ee5f3d941..7e93524459fc 100644 --- a/net/mac80211/mesh.c +++ b/net/mac80211/mesh.c | |||
@@ -601,10 +601,10 @@ static void ieee80211_mesh_rx_mgmt_action(struct ieee80211_sub_if_data *sdata, | |||
601 | struct ieee80211_rx_status *rx_status) | 601 | struct ieee80211_rx_status *rx_status) |
602 | { | 602 | { |
603 | switch (mgmt->u.action.category) { | 603 | switch (mgmt->u.action.category) { |
604 | case MESH_PLINK_CATEGORY: | 604 | case WLAN_CATEGORY_MESH_PLINK: |
605 | mesh_rx_plink_frame(sdata, mgmt, len, rx_status); | 605 | mesh_rx_plink_frame(sdata, mgmt, len, rx_status); |
606 | break; | 606 | break; |
607 | case MESH_PATH_SEL_CATEGORY: | 607 | case WLAN_CATEGORY_MESH_PATH_SEL: |
608 | mesh_rx_path_sel_frame(sdata, mgmt, len); | 608 | mesh_rx_path_sel_frame(sdata, mgmt, len); |
609 | break; | 609 | break; |
610 | } | 610 | } |
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h index 85562c59d7d6..c88087f1cd0f 100644 --- a/net/mac80211/mesh.h +++ b/net/mac80211/mesh.h | |||
@@ -209,8 +209,6 @@ struct mesh_rmc { | |||
209 | #define MESH_MAX_MPATHS 1024 | 209 | #define MESH_MAX_MPATHS 1024 |
210 | 210 | ||
211 | /* Pending ANA approval */ | 211 | /* Pending ANA approval */ |
212 | #define MESH_PLINK_CATEGORY 30 | ||
213 | #define MESH_PATH_SEL_CATEGORY 32 | ||
214 | #define MESH_PATH_SEL_ACTION 0 | 212 | #define MESH_PATH_SEL_ACTION 0 |
215 | 213 | ||
216 | /* PERR reason codes */ | 214 | /* PERR reason codes */ |
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c index fefc45c4b4e8..d89ed7f2592b 100644 --- a/net/mac80211/mesh_hwmp.c +++ b/net/mac80211/mesh_hwmp.c | |||
@@ -132,7 +132,7 @@ static int mesh_path_sel_frame_tx(enum mpath_frame_type action, u8 flags, | |||
132 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); | 132 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); |
133 | /* BSSID == SA */ | 133 | /* BSSID == SA */ |
134 | memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); | 134 | memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); |
135 | mgmt->u.action.category = MESH_PATH_SEL_CATEGORY; | 135 | mgmt->u.action.category = WLAN_CATEGORY_MESH_PATH_SEL; |
136 | mgmt->u.action.u.mesh_action.action_code = MESH_PATH_SEL_ACTION; | 136 | mgmt->u.action.u.mesh_action.action_code = MESH_PATH_SEL_ACTION; |
137 | 137 | ||
138 | switch (action) { | 138 | switch (action) { |
@@ -225,7 +225,7 @@ int mesh_path_error_tx(u8 ttl, u8 *target, __le32 target_sn, | |||
225 | memcpy(mgmt->da, ra, ETH_ALEN); | 225 | memcpy(mgmt->da, ra, ETH_ALEN); |
226 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); | 226 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); |
227 | /* BSSID is left zeroed, wildcard value */ | 227 | /* BSSID is left zeroed, wildcard value */ |
228 | mgmt->u.action.category = MESH_PATH_SEL_CATEGORY; | 228 | mgmt->u.action.category = WLAN_CATEGORY_MESH_PATH_SEL; |
229 | mgmt->u.action.u.mesh_action.action_code = MESH_PATH_SEL_ACTION; | 229 | mgmt->u.action.u.mesh_action.action_code = MESH_PATH_SEL_ACTION; |
230 | ie_len = 15; | 230 | ie_len = 15; |
231 | pos = skb_put(skb, 2 + ie_len); | 231 | pos = skb_put(skb, 2 + ie_len); |
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c index 7b7080e2b49f..3cd5f7b5d693 100644 --- a/net/mac80211/mesh_plink.c +++ b/net/mac80211/mesh_plink.c | |||
@@ -172,7 +172,7 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata, | |||
172 | memcpy(mgmt->da, da, ETH_ALEN); | 172 | memcpy(mgmt->da, da, ETH_ALEN); |
173 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); | 173 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); |
174 | /* BSSID is left zeroed, wildcard value */ | 174 | /* BSSID is left zeroed, wildcard value */ |
175 | mgmt->u.action.category = MESH_PLINK_CATEGORY; | 175 | mgmt->u.action.category = WLAN_CATEGORY_MESH_PLINK; |
176 | mgmt->u.action.u.plink_action.action_code = action; | 176 | mgmt->u.action.u.plink_action.action_code = action; |
177 | 177 | ||
178 | if (action == PLINK_CLOSE) | 178 | if (action == PLINK_CLOSE) |
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index 71ff42a0465b..35d850223a75 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c | |||
@@ -47,6 +47,13 @@ | |||
47 | */ | 47 | */ |
48 | #define IEEE80211_PROBE_WAIT (HZ / 2) | 48 | #define IEEE80211_PROBE_WAIT (HZ / 2) |
49 | 49 | ||
50 | /* | ||
51 | * Weight given to the latest Beacon frame when calculating average signal | ||
52 | * strength for Beacon frames received in the current BSS. This must be | ||
53 | * between 1 and 15. | ||
54 | */ | ||
55 | #define IEEE80211_SIGNAL_AVE_WEIGHT 3 | ||
56 | |||
50 | #define TMR_RUNNING_TIMER 0 | 57 | #define TMR_RUNNING_TIMER 0 |
51 | #define TMR_RUNNING_CHANSW 1 | 58 | #define TMR_RUNNING_CHANSW 1 |
52 | 59 | ||
@@ -204,7 +211,7 @@ static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata, | |||
204 | 211 | ||
205 | static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, | 212 | static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, |
206 | const u8 *bssid, u16 stype, u16 reason, | 213 | const u8 *bssid, u16 stype, u16 reason, |
207 | void *cookie) | 214 | void *cookie, bool send_frame) |
208 | { | 215 | { |
209 | struct ieee80211_local *local = sdata->local; | 216 | struct ieee80211_local *local = sdata->local; |
210 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; | 217 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; |
@@ -241,7 +248,11 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, | |||
241 | cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len); | 248 | cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len); |
242 | if (!(ifmgd->flags & IEEE80211_STA_MFP_ENABLED)) | 249 | if (!(ifmgd->flags & IEEE80211_STA_MFP_ENABLED)) |
243 | IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; | 250 | IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; |
244 | ieee80211_tx_skb(sdata, skb); | 251 | |
252 | if (send_frame) | ||
253 | ieee80211_tx_skb(sdata, skb); | ||
254 | else | ||
255 | kfree_skb(skb); | ||
245 | } | 256 | } |
246 | 257 | ||
247 | void ieee80211_send_pspoll(struct ieee80211_local *local, | 258 | void ieee80211_send_pspoll(struct ieee80211_local *local, |
@@ -590,6 +601,9 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local, | |||
590 | int count; | 601 | int count; |
591 | u8 *pos, uapsd_queues = 0; | 602 | u8 *pos, uapsd_queues = 0; |
592 | 603 | ||
604 | if (!local->ops->conf_tx) | ||
605 | return; | ||
606 | |||
593 | if (local->hw.queues < 4) | 607 | if (local->hw.queues < 4) |
594 | return; | 608 | return; |
595 | 609 | ||
@@ -664,11 +678,15 @@ static void ieee80211_sta_wmm_params(struct ieee80211_local *local, | |||
664 | params.aifs, params.cw_min, params.cw_max, params.txop, | 678 | params.aifs, params.cw_min, params.cw_max, params.txop, |
665 | params.uapsd); | 679 | params.uapsd); |
666 | #endif | 680 | #endif |
667 | if (drv_conf_tx(local, queue, ¶ms) && local->ops->conf_tx) | 681 | if (drv_conf_tx(local, queue, ¶ms)) |
668 | printk(KERN_DEBUG "%s: failed to set TX queue " | 682 | printk(KERN_DEBUG "%s: failed to set TX queue " |
669 | "parameters for queue %d\n", | 683 | "parameters for queue %d\n", |
670 | wiphy_name(local->hw.wiphy), queue); | 684 | wiphy_name(local->hw.wiphy), queue); |
671 | } | 685 | } |
686 | |||
687 | /* enable WMM or activate new settings */ | ||
688 | local->hw.conf.flags |= IEEE80211_CONF_QOS; | ||
689 | drv_config(local, IEEE80211_CONF_CHANGE_QOS); | ||
672 | } | 690 | } |
673 | 691 | ||
674 | static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, | 692 | static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata, |
@@ -729,6 +747,8 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, | |||
729 | sdata->u.mgd.associated = cbss; | 747 | sdata->u.mgd.associated = cbss; |
730 | memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN); | 748 | memcpy(sdata->u.mgd.bssid, cbss->bssid, ETH_ALEN); |
731 | 749 | ||
750 | sdata->u.mgd.flags |= IEEE80211_STA_RESET_SIGNAL_AVE; | ||
751 | |||
732 | /* just to be sure */ | 752 | /* just to be sure */ |
733 | sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL | | 753 | sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL | |
734 | IEEE80211_STA_BEACON_POLL); | 754 | IEEE80211_STA_BEACON_POLL); |
@@ -770,7 +790,8 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, | |||
770 | netif_carrier_on(sdata->dev); | 790 | netif_carrier_on(sdata->dev); |
771 | } | 791 | } |
772 | 792 | ||
773 | static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata) | 793 | static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, |
794 | bool remove_sta) | ||
774 | { | 795 | { |
775 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; | 796 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; |
776 | struct ieee80211_local *local = sdata->local; | 797 | struct ieee80211_local *local = sdata->local; |
@@ -843,7 +864,8 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata) | |||
843 | changed |= BSS_CHANGED_BSSID; | 864 | changed |= BSS_CHANGED_BSSID; |
844 | ieee80211_bss_info_change_notify(sdata, changed); | 865 | ieee80211_bss_info_change_notify(sdata, changed); |
845 | 866 | ||
846 | sta_info_destroy_addr(sdata, bssid); | 867 | if (remove_sta) |
868 | sta_info_destroy_addr(sdata, bssid); | ||
847 | } | 869 | } |
848 | 870 | ||
849 | void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, | 871 | void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, |
@@ -956,7 +978,7 @@ static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata) | |||
956 | 978 | ||
957 | printk(KERN_DEBUG "Connection to AP %pM lost.\n", bssid); | 979 | printk(KERN_DEBUG "Connection to AP %pM lost.\n", bssid); |
958 | 980 | ||
959 | ieee80211_set_disassoc(sdata); | 981 | ieee80211_set_disassoc(sdata, true); |
960 | ieee80211_recalc_idle(local); | 982 | ieee80211_recalc_idle(local); |
961 | mutex_unlock(&ifmgd->mtx); | 983 | mutex_unlock(&ifmgd->mtx); |
962 | /* | 984 | /* |
@@ -966,7 +988,7 @@ static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata) | |||
966 | ieee80211_send_deauth_disassoc(sdata, bssid, | 988 | ieee80211_send_deauth_disassoc(sdata, bssid, |
967 | IEEE80211_STYPE_DEAUTH, | 989 | IEEE80211_STYPE_DEAUTH, |
968 | WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, | 990 | WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, |
969 | NULL); | 991 | NULL, true); |
970 | } | 992 | } |
971 | 993 | ||
972 | void ieee80211_beacon_connection_loss_work(struct work_struct *work) | 994 | void ieee80211_beacon_connection_loss_work(struct work_struct *work) |
@@ -986,6 +1008,8 @@ void ieee80211_beacon_loss(struct ieee80211_vif *vif) | |||
986 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); | 1008 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); |
987 | struct ieee80211_hw *hw = &sdata->local->hw; | 1009 | struct ieee80211_hw *hw = &sdata->local->hw; |
988 | 1010 | ||
1011 | trace_api_beacon_loss(sdata); | ||
1012 | |||
989 | WARN_ON(hw->flags & IEEE80211_HW_CONNECTION_MONITOR); | 1013 | WARN_ON(hw->flags & IEEE80211_HW_CONNECTION_MONITOR); |
990 | ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); | 1014 | ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); |
991 | } | 1015 | } |
@@ -996,6 +1020,8 @@ void ieee80211_connection_loss(struct ieee80211_vif *vif) | |||
996 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); | 1020 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); |
997 | struct ieee80211_hw *hw = &sdata->local->hw; | 1021 | struct ieee80211_hw *hw = &sdata->local->hw; |
998 | 1022 | ||
1023 | trace_api_connection_loss(sdata); | ||
1024 | |||
999 | WARN_ON(!(hw->flags & IEEE80211_HW_CONNECTION_MONITOR)); | 1025 | WARN_ON(!(hw->flags & IEEE80211_HW_CONNECTION_MONITOR)); |
1000 | ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); | 1026 | ieee80211_queue_work(hw, &sdata->u.mgd.beacon_connection_loss_work); |
1001 | } | 1027 | } |
@@ -1022,7 +1048,7 @@ ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, | |||
1022 | printk(KERN_DEBUG "%s: deauthenticated from %pM (Reason: %u)\n", | 1048 | printk(KERN_DEBUG "%s: deauthenticated from %pM (Reason: %u)\n", |
1023 | sdata->name, bssid, reason_code); | 1049 | sdata->name, bssid, reason_code); |
1024 | 1050 | ||
1025 | ieee80211_set_disassoc(sdata); | 1051 | ieee80211_set_disassoc(sdata, true); |
1026 | ieee80211_recalc_idle(sdata->local); | 1052 | ieee80211_recalc_idle(sdata->local); |
1027 | 1053 | ||
1028 | return RX_MGMT_CFG80211_DEAUTH; | 1054 | return RX_MGMT_CFG80211_DEAUTH; |
@@ -1052,7 +1078,7 @@ ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, | |||
1052 | printk(KERN_DEBUG "%s: disassociated from %pM (Reason: %u)\n", | 1078 | printk(KERN_DEBUG "%s: disassociated from %pM (Reason: %u)\n", |
1053 | sdata->name, mgmt->sa, reason_code); | 1079 | sdata->name, mgmt->sa, reason_code); |
1054 | 1080 | ||
1055 | ieee80211_set_disassoc(sdata); | 1081 | ieee80211_set_disassoc(sdata, true); |
1056 | ieee80211_recalc_idle(sdata->local); | 1082 | ieee80211_recalc_idle(sdata->local); |
1057 | return RX_MGMT_CFG80211_DISASSOC; | 1083 | return RX_MGMT_CFG80211_DISASSOC; |
1058 | } | 1084 | } |
@@ -1344,6 +1370,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, | |||
1344 | struct ieee80211_rx_status *rx_status) | 1370 | struct ieee80211_rx_status *rx_status) |
1345 | { | 1371 | { |
1346 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; | 1372 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; |
1373 | struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; | ||
1347 | size_t baselen; | 1374 | size_t baselen; |
1348 | struct ieee802_11_elems elems; | 1375 | struct ieee802_11_elems elems; |
1349 | struct ieee80211_local *local = sdata->local; | 1376 | struct ieee80211_local *local = sdata->local; |
@@ -1379,6 +1406,41 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata, | |||
1379 | if (memcmp(bssid, mgmt->bssid, ETH_ALEN) != 0) | 1406 | if (memcmp(bssid, mgmt->bssid, ETH_ALEN) != 0) |
1380 | return; | 1407 | return; |
1381 | 1408 | ||
1409 | /* Track average RSSI from the Beacon frames of the current AP */ | ||
1410 | ifmgd->last_beacon_signal = rx_status->signal; | ||
1411 | if (ifmgd->flags & IEEE80211_STA_RESET_SIGNAL_AVE) { | ||
1412 | ifmgd->flags &= ~IEEE80211_STA_RESET_SIGNAL_AVE; | ||
1413 | ifmgd->ave_beacon_signal = rx_status->signal; | ||
1414 | ifmgd->last_cqm_event_signal = 0; | ||
1415 | } else { | ||
1416 | ifmgd->ave_beacon_signal = | ||
1417 | (IEEE80211_SIGNAL_AVE_WEIGHT * rx_status->signal * 16 + | ||
1418 | (16 - IEEE80211_SIGNAL_AVE_WEIGHT) * | ||
1419 | ifmgd->ave_beacon_signal) / 16; | ||
1420 | } | ||
1421 | if (bss_conf->cqm_rssi_thold && | ||
1422 | !(local->hw.flags & IEEE80211_HW_SUPPORTS_CQM_RSSI)) { | ||
1423 | int sig = ifmgd->ave_beacon_signal / 16; | ||
1424 | int last_event = ifmgd->last_cqm_event_signal; | ||
1425 | int thold = bss_conf->cqm_rssi_thold; | ||
1426 | int hyst = bss_conf->cqm_rssi_hyst; | ||
1427 | if (sig < thold && | ||
1428 | (last_event == 0 || sig < last_event - hyst)) { | ||
1429 | ifmgd->last_cqm_event_signal = sig; | ||
1430 | ieee80211_cqm_rssi_notify( | ||
1431 | &sdata->vif, | ||
1432 | NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW, | ||
1433 | GFP_KERNEL); | ||
1434 | } else if (sig > thold && | ||
1435 | (last_event == 0 || sig > last_event + hyst)) { | ||
1436 | ifmgd->last_cqm_event_signal = sig; | ||
1437 | ieee80211_cqm_rssi_notify( | ||
1438 | &sdata->vif, | ||
1439 | NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH, | ||
1440 | GFP_KERNEL); | ||
1441 | } | ||
1442 | } | ||
1443 | |||
1382 | if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) { | 1444 | if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) { |
1383 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG | 1445 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG |
1384 | if (net_ratelimit()) { | 1446 | if (net_ratelimit()) { |
@@ -1664,7 +1726,7 @@ static void ieee80211_sta_work(struct work_struct *work) | |||
1664 | printk(KERN_DEBUG "No probe response from AP %pM" | 1726 | printk(KERN_DEBUG "No probe response from AP %pM" |
1665 | " after %dms, disconnecting.\n", | 1727 | " after %dms, disconnecting.\n", |
1666 | bssid, (1000 * IEEE80211_PROBE_WAIT)/HZ); | 1728 | bssid, (1000 * IEEE80211_PROBE_WAIT)/HZ); |
1667 | ieee80211_set_disassoc(sdata); | 1729 | ieee80211_set_disassoc(sdata, true); |
1668 | ieee80211_recalc_idle(local); | 1730 | ieee80211_recalc_idle(local); |
1669 | mutex_unlock(&ifmgd->mtx); | 1731 | mutex_unlock(&ifmgd->mtx); |
1670 | /* | 1732 | /* |
@@ -1674,7 +1736,7 @@ static void ieee80211_sta_work(struct work_struct *work) | |||
1674 | ieee80211_send_deauth_disassoc(sdata, bssid, | 1736 | ieee80211_send_deauth_disassoc(sdata, bssid, |
1675 | IEEE80211_STYPE_DEAUTH, | 1737 | IEEE80211_STYPE_DEAUTH, |
1676 | WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, | 1738 | WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, |
1677 | NULL); | 1739 | NULL, true); |
1678 | mutex_lock(&ifmgd->mtx); | 1740 | mutex_lock(&ifmgd->mtx); |
1679 | } | 1741 | } |
1680 | } | 1742 | } |
@@ -1858,6 +1920,9 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, | |||
1858 | struct ieee80211_work *wk; | 1920 | struct ieee80211_work *wk; |
1859 | u16 auth_alg; | 1921 | u16 auth_alg; |
1860 | 1922 | ||
1923 | if (req->local_state_change) | ||
1924 | return 0; /* no need to update mac80211 state */ | ||
1925 | |||
1861 | switch (req->auth_type) { | 1926 | switch (req->auth_type) { |
1862 | case NL80211_AUTHTYPE_OPEN_SYSTEM: | 1927 | case NL80211_AUTHTYPE_OPEN_SYSTEM: |
1863 | auth_alg = WLAN_AUTH_OPEN; | 1928 | auth_alg = WLAN_AUTH_OPEN; |
@@ -1966,7 +2031,7 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata, | |||
1966 | } | 2031 | } |
1967 | 2032 | ||
1968 | /* Trying to reassociate - clear previous association state */ | 2033 | /* Trying to reassociate - clear previous association state */ |
1969 | ieee80211_set_disassoc(sdata); | 2034 | ieee80211_set_disassoc(sdata, true); |
1970 | } | 2035 | } |
1971 | mutex_unlock(&ifmgd->mtx); | 2036 | mutex_unlock(&ifmgd->mtx); |
1972 | 2037 | ||
@@ -2070,7 +2135,7 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, | |||
2070 | 2135 | ||
2071 | if (ifmgd->associated == req->bss) { | 2136 | if (ifmgd->associated == req->bss) { |
2072 | bssid = req->bss->bssid; | 2137 | bssid = req->bss->bssid; |
2073 | ieee80211_set_disassoc(sdata); | 2138 | ieee80211_set_disassoc(sdata, true); |
2074 | mutex_unlock(&ifmgd->mtx); | 2139 | mutex_unlock(&ifmgd->mtx); |
2075 | } else { | 2140 | } else { |
2076 | bool not_auth_yet = false; | 2141 | bool not_auth_yet = false; |
@@ -2113,9 +2178,9 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, | |||
2113 | printk(KERN_DEBUG "%s: deauthenticating from %pM by local choice (reason=%d)\n", | 2178 | printk(KERN_DEBUG "%s: deauthenticating from %pM by local choice (reason=%d)\n", |
2114 | sdata->name, bssid, req->reason_code); | 2179 | sdata->name, bssid, req->reason_code); |
2115 | 2180 | ||
2116 | ieee80211_send_deauth_disassoc(sdata, bssid, | 2181 | ieee80211_send_deauth_disassoc(sdata, bssid, IEEE80211_STYPE_DEAUTH, |
2117 | IEEE80211_STYPE_DEAUTH, req->reason_code, | 2182 | req->reason_code, cookie, |
2118 | cookie); | 2183 | !req->local_state_change); |
2119 | 2184 | ||
2120 | ieee80211_recalc_idle(sdata->local); | 2185 | ieee80211_recalc_idle(sdata->local); |
2121 | 2186 | ||
@@ -2127,6 +2192,7 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata, | |||
2127 | void *cookie) | 2192 | void *cookie) |
2128 | { | 2193 | { |
2129 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; | 2194 | struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; |
2195 | u8 bssid[ETH_ALEN]; | ||
2130 | 2196 | ||
2131 | mutex_lock(&ifmgd->mtx); | 2197 | mutex_lock(&ifmgd->mtx); |
2132 | 2198 | ||
@@ -2144,13 +2210,15 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata, | |||
2144 | printk(KERN_DEBUG "%s: disassociating from %pM by local choice (reason=%d)\n", | 2210 | printk(KERN_DEBUG "%s: disassociating from %pM by local choice (reason=%d)\n", |
2145 | sdata->name, req->bss->bssid, req->reason_code); | 2211 | sdata->name, req->bss->bssid, req->reason_code); |
2146 | 2212 | ||
2147 | ieee80211_set_disassoc(sdata); | 2213 | memcpy(bssid, req->bss->bssid, ETH_ALEN); |
2214 | ieee80211_set_disassoc(sdata, false); | ||
2148 | 2215 | ||
2149 | mutex_unlock(&ifmgd->mtx); | 2216 | mutex_unlock(&ifmgd->mtx); |
2150 | 2217 | ||
2151 | ieee80211_send_deauth_disassoc(sdata, req->bss->bssid, | 2218 | ieee80211_send_deauth_disassoc(sdata, req->bss->bssid, |
2152 | IEEE80211_STYPE_DISASSOC, req->reason_code, | 2219 | IEEE80211_STYPE_DISASSOC, req->reason_code, |
2153 | cookie); | 2220 | cookie, !req->local_state_change); |
2221 | sta_info_destroy_addr(sdata, bssid); | ||
2154 | 2222 | ||
2155 | ieee80211_recalc_idle(sdata->local); | 2223 | ieee80211_recalc_idle(sdata->local); |
2156 | 2224 | ||
@@ -2198,6 +2266,8 @@ void ieee80211_cqm_rssi_notify(struct ieee80211_vif *vif, | |||
2198 | { | 2266 | { |
2199 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); | 2267 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); |
2200 | 2268 | ||
2269 | trace_api_cqm_rssi_notify(sdata, rssi_event); | ||
2270 | |||
2201 | cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp); | 2271 | cfg80211_cqm_rssi_notify(sdata->dev, rssi_event, gfp); |
2202 | } | 2272 | } |
2203 | EXPORT_SYMBOL(ieee80211_cqm_rssi_notify); | 2273 | EXPORT_SYMBOL(ieee80211_cqm_rssi_notify); |
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c index 0e64484e861c..75202b295a4e 100644 --- a/net/mac80211/pm.c +++ b/net/mac80211/pm.c | |||
@@ -46,7 +46,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw) | |||
46 | 46 | ||
47 | if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) { | 47 | if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) { |
48 | list_for_each_entry_rcu(sta, &local->sta_list, list) { | 48 | list_for_each_entry_rcu(sta, &local->sta_list, list) { |
49 | set_sta_flags(sta, WLAN_STA_SUSPEND); | 49 | set_sta_flags(sta, WLAN_STA_BLOCK_BA); |
50 | ieee80211_sta_tear_down_BA_sessions(sta); | 50 | ieee80211_sta_tear_down_BA_sessions(sta); |
51 | } | 51 | } |
52 | } | 52 | } |
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index e0c944fb6fc9..72efbd87c1eb 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c | |||
@@ -39,7 +39,7 @@ static struct sk_buff *remove_monitor_info(struct ieee80211_local *local, | |||
39 | { | 39 | { |
40 | if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) { | 40 | if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) { |
41 | if (likely(skb->len > FCS_LEN)) | 41 | if (likely(skb->len > FCS_LEN)) |
42 | skb_trim(skb, skb->len - FCS_LEN); | 42 | __pskb_trim(skb, skb->len - FCS_LEN); |
43 | else { | 43 | else { |
44 | /* driver bug */ | 44 | /* driver bug */ |
45 | WARN_ON(1); | 45 | WARN_ON(1); |
@@ -228,6 +228,12 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb, | |||
228 | if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) | 228 | if (local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) |
229 | present_fcs_len = FCS_LEN; | 229 | present_fcs_len = FCS_LEN; |
230 | 230 | ||
231 | /* make sure hdr->frame_control is on the linear part */ | ||
232 | if (!pskb_may_pull(origskb, 2)) { | ||
233 | dev_kfree_skb(origskb); | ||
234 | return NULL; | ||
235 | } | ||
236 | |||
231 | if (!local->monitors) { | 237 | if (!local->monitors) { |
232 | if (should_drop_frame(origskb, present_fcs_len)) { | 238 | if (should_drop_frame(origskb, present_fcs_len)) { |
233 | dev_kfree_skb(origskb); | 239 | dev_kfree_skb(origskb); |
@@ -485,7 +491,7 @@ ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx) | |||
485 | 491 | ||
486 | if (ieee80211_is_action(hdr->frame_control)) { | 492 | if (ieee80211_is_action(hdr->frame_control)) { |
487 | mgmt = (struct ieee80211_mgmt *)hdr; | 493 | mgmt = (struct ieee80211_mgmt *)hdr; |
488 | if (mgmt->u.action.category != MESH_PLINK_CATEGORY) | 494 | if (mgmt->u.action.category != WLAN_CATEGORY_MESH_PLINK) |
489 | return RX_DROP_MONITOR; | 495 | return RX_DROP_MONITOR; |
490 | return RX_CONTINUE; | 496 | return RX_CONTINUE; |
491 | } | 497 | } |
@@ -715,14 +721,16 @@ static void ieee80211_rx_reorder_ampdu(struct ieee80211_rx_data *rx, | |||
715 | 721 | ||
716 | tid = *ieee80211_get_qos_ctl(hdr) & IEEE80211_QOS_CTL_TID_MASK; | 722 | tid = *ieee80211_get_qos_ctl(hdr) & IEEE80211_QOS_CTL_TID_MASK; |
717 | 723 | ||
718 | if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_OPERATIONAL) | 724 | spin_lock(&sta->lock); |
719 | goto dont_reorder; | 725 | |
726 | if (!sta->ampdu_mlme.tid_active_rx[tid]) | ||
727 | goto dont_reorder_unlock; | ||
720 | 728 | ||
721 | tid_agg_rx = sta->ampdu_mlme.tid_rx[tid]; | 729 | tid_agg_rx = sta->ampdu_mlme.tid_rx[tid]; |
722 | 730 | ||
723 | /* qos null data frames are excluded */ | 731 | /* qos null data frames are excluded */ |
724 | if (unlikely(hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_NULLFUNC))) | 732 | if (unlikely(hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_NULLFUNC))) |
725 | goto dont_reorder; | 733 | goto dont_reorder_unlock; |
726 | 734 | ||
727 | /* new, potentially un-ordered, ampdu frame - process it */ | 735 | /* new, potentially un-ordered, ampdu frame - process it */ |
728 | 736 | ||
@@ -734,15 +742,20 @@ static void ieee80211_rx_reorder_ampdu(struct ieee80211_rx_data *rx, | |||
734 | /* if this mpdu is fragmented - terminate rx aggregation session */ | 742 | /* if this mpdu is fragmented - terminate rx aggregation session */ |
735 | sc = le16_to_cpu(hdr->seq_ctrl); | 743 | sc = le16_to_cpu(hdr->seq_ctrl); |
736 | if (sc & IEEE80211_SCTL_FRAG) { | 744 | if (sc & IEEE80211_SCTL_FRAG) { |
737 | ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->sta.addr, | 745 | spin_unlock(&sta->lock); |
738 | tid, 0, WLAN_REASON_QSTA_REQUIRE_SETUP); | 746 | __ieee80211_stop_rx_ba_session(sta, tid, WLAN_BACK_RECIPIENT, |
747 | WLAN_REASON_QSTA_REQUIRE_SETUP); | ||
739 | dev_kfree_skb(skb); | 748 | dev_kfree_skb(skb); |
740 | return; | 749 | return; |
741 | } | 750 | } |
742 | 751 | ||
743 | if (ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb, frames)) | 752 | if (ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb, frames)) { |
753 | spin_unlock(&sta->lock); | ||
744 | return; | 754 | return; |
755 | } | ||
745 | 756 | ||
757 | dont_reorder_unlock: | ||
758 | spin_unlock(&sta->lock); | ||
746 | dont_reorder: | 759 | dont_reorder: |
747 | __skb_queue_tail(frames, skb); | 760 | __skb_queue_tail(frames, skb); |
748 | } | 761 | } |
@@ -889,6 +902,7 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) | |||
889 | rx->key = key; | 902 | rx->key = key; |
890 | return RX_CONTINUE; | 903 | return RX_CONTINUE; |
891 | } else { | 904 | } else { |
905 | u8 keyid; | ||
892 | /* | 906 | /* |
893 | * The device doesn't give us the IV so we won't be | 907 | * The device doesn't give us the IV so we won't be |
894 | * able to look up the key. That's ok though, we | 908 | * able to look up the key. That's ok though, we |
@@ -911,7 +925,8 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) | |||
911 | * no need to call ieee80211_wep_get_keyidx, | 925 | * no need to call ieee80211_wep_get_keyidx, |
912 | * it verifies a bunch of things we've done already | 926 | * it verifies a bunch of things we've done already |
913 | */ | 927 | */ |
914 | keyidx = rx->skb->data[hdrlen + 3] >> 6; | 928 | skb_copy_bits(rx->skb, hdrlen + 3, &keyid, 1); |
929 | keyidx = keyid >> 6; | ||
915 | 930 | ||
916 | rx->key = rcu_dereference(rx->sdata->keys[keyidx]); | 931 | rx->key = rcu_dereference(rx->sdata->keys[keyidx]); |
917 | 932 | ||
@@ -932,6 +947,11 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx) | |||
932 | return RX_DROP_MONITOR; | 947 | return RX_DROP_MONITOR; |
933 | } | 948 | } |
934 | 949 | ||
950 | if (skb_linearize(rx->skb)) | ||
951 | return RX_DROP_UNUSABLE; | ||
952 | |||
953 | hdr = (struct ieee80211_hdr *)rx->skb->data; | ||
954 | |||
935 | /* Check for weak IVs if possible */ | 955 | /* Check for weak IVs if possible */ |
936 | if (rx->sta && rx->key->conf.alg == ALG_WEP && | 956 | if (rx->sta && rx->key->conf.alg == ALG_WEP && |
937 | ieee80211_is_data(hdr->frame_control) && | 957 | ieee80211_is_data(hdr->frame_control) && |
@@ -1232,6 +1252,9 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) | |||
1232 | } | 1252 | } |
1233 | I802_DEBUG_INC(rx->local->rx_handlers_fragments); | 1253 | I802_DEBUG_INC(rx->local->rx_handlers_fragments); |
1234 | 1254 | ||
1255 | if (skb_linearize(rx->skb)) | ||
1256 | return RX_DROP_UNUSABLE; | ||
1257 | |||
1235 | seq = (sc & IEEE80211_SCTL_SEQ) >> 4; | 1258 | seq = (sc & IEEE80211_SCTL_SEQ) >> 4; |
1236 | 1259 | ||
1237 | if (frag == 0) { | 1260 | if (frag == 0) { |
@@ -1397,21 +1420,24 @@ static int | |||
1397 | ieee80211_drop_unencrypted_mgmt(struct ieee80211_rx_data *rx) | 1420 | ieee80211_drop_unencrypted_mgmt(struct ieee80211_rx_data *rx) |
1398 | { | 1421 | { |
1399 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; | 1422 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; |
1423 | struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb); | ||
1400 | __le16 fc = hdr->frame_control; | 1424 | __le16 fc = hdr->frame_control; |
1401 | int res; | ||
1402 | 1425 | ||
1403 | res = ieee80211_drop_unencrypted(rx, fc); | 1426 | /* |
1404 | if (unlikely(res)) | 1427 | * Pass through unencrypted frames if the hardware has |
1405 | return res; | 1428 | * decrypted them already. |
1429 | */ | ||
1430 | if (status->flag & RX_FLAG_DECRYPTED) | ||
1431 | return 0; | ||
1406 | 1432 | ||
1407 | if (rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP)) { | 1433 | if (rx->sta && test_sta_flags(rx->sta, WLAN_STA_MFP)) { |
1408 | if (unlikely(ieee80211_is_unicast_robust_mgmt_frame(rx->skb) && | 1434 | if (unlikely(!ieee80211_has_protected(fc) && |
1435 | ieee80211_is_unicast_robust_mgmt_frame(rx->skb) && | ||
1409 | rx->key)) | 1436 | rx->key)) |
1410 | return -EACCES; | 1437 | return -EACCES; |
1411 | /* BIP does not use Protected field, so need to check MMIE */ | 1438 | /* BIP does not use Protected field, so need to check MMIE */ |
1412 | if (unlikely(ieee80211_is_multicast_robust_mgmt_frame(rx->skb) && | 1439 | if (unlikely(ieee80211_is_multicast_robust_mgmt_frame(rx->skb) && |
1413 | ieee80211_get_mmie_keyidx(rx->skb) < 0 && | 1440 | ieee80211_get_mmie_keyidx(rx->skb) < 0)) |
1414 | rx->key)) | ||
1415 | return -EACCES; | 1441 | return -EACCES; |
1416 | /* | 1442 | /* |
1417 | * When using MFP, Action frames are not allowed prior to | 1443 | * When using MFP, Action frames are not allowed prior to |
@@ -1589,6 +1615,9 @@ ieee80211_rx_h_amsdu(struct ieee80211_rx_data *rx) | |||
1589 | skb->dev = dev; | 1615 | skb->dev = dev; |
1590 | __skb_queue_head_init(&frame_list); | 1616 | __skb_queue_head_init(&frame_list); |
1591 | 1617 | ||
1618 | if (skb_linearize(skb)) | ||
1619 | return RX_DROP_UNUSABLE; | ||
1620 | |||
1592 | ieee80211_amsdu_to_8023s(skb, &frame_list, dev->dev_addr, | 1621 | ieee80211_amsdu_to_8023s(skb, &frame_list, dev->dev_addr, |
1593 | rx->sdata->vif.type, | 1622 | rx->sdata->vif.type, |
1594 | rx->local->hw.extra_tx_headroom); | 1623 | rx->local->hw.extra_tx_headroom); |
@@ -1787,10 +1816,12 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx, struct sk_buff_head *frames) | |||
1787 | if (ieee80211_is_back_req(bar->frame_control)) { | 1816 | if (ieee80211_is_back_req(bar->frame_control)) { |
1788 | if (!rx->sta) | 1817 | if (!rx->sta) |
1789 | return RX_DROP_MONITOR; | 1818 | return RX_DROP_MONITOR; |
1819 | spin_lock(&rx->sta->lock); | ||
1790 | tid = le16_to_cpu(bar->control) >> 12; | 1820 | tid = le16_to_cpu(bar->control) >> 12; |
1791 | if (rx->sta->ampdu_mlme.tid_state_rx[tid] | 1821 | if (!rx->sta->ampdu_mlme.tid_active_rx[tid]) { |
1792 | != HT_AGG_STATE_OPERATIONAL) | 1822 | spin_unlock(&rx->sta->lock); |
1793 | return RX_DROP_MONITOR; | 1823 | return RX_DROP_MONITOR; |
1824 | } | ||
1794 | tid_agg_rx = rx->sta->ampdu_mlme.tid_rx[tid]; | 1825 | tid_agg_rx = rx->sta->ampdu_mlme.tid_rx[tid]; |
1795 | 1826 | ||
1796 | start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4; | 1827 | start_seq_num = le16_to_cpu(bar->start_seq_num) >> 4; |
@@ -1804,6 +1835,7 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx, struct sk_buff_head *frames) | |||
1804 | ieee80211_release_reorder_frames(hw, tid_agg_rx, start_seq_num, | 1835 | ieee80211_release_reorder_frames(hw, tid_agg_rx, start_seq_num, |
1805 | frames); | 1836 | frames); |
1806 | kfree_skb(skb); | 1837 | kfree_skb(skb); |
1838 | spin_unlock(&rx->sta->lock); | ||
1807 | return RX_QUEUED; | 1839 | return RX_QUEUED; |
1808 | } | 1840 | } |
1809 | 1841 | ||
@@ -1965,8 +1997,8 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx) | |||
1965 | goto handled; | 1997 | goto handled; |
1966 | } | 1998 | } |
1967 | break; | 1999 | break; |
1968 | case MESH_PLINK_CATEGORY: | 2000 | case WLAN_CATEGORY_MESH_PLINK: |
1969 | case MESH_PATH_SEL_CATEGORY: | 2001 | case WLAN_CATEGORY_MESH_PATH_SEL: |
1970 | if (ieee80211_vif_is_mesh(&sdata->vif)) | 2002 | if (ieee80211_vif_is_mesh(&sdata->vif)) |
1971 | return ieee80211_mesh_rx_mgmt(sdata, rx->skb); | 2003 | return ieee80211_mesh_rx_mgmt(sdata, rx->skb); |
1972 | break; | 2004 | break; |
@@ -2363,29 +2395,42 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, | |||
2363 | struct ieee80211_local *local = hw_to_local(hw); | 2395 | struct ieee80211_local *local = hw_to_local(hw); |
2364 | struct ieee80211_sub_if_data *sdata; | 2396 | struct ieee80211_sub_if_data *sdata; |
2365 | struct ieee80211_hdr *hdr; | 2397 | struct ieee80211_hdr *hdr; |
2398 | __le16 fc; | ||
2366 | struct ieee80211_rx_data rx; | 2399 | struct ieee80211_rx_data rx; |
2367 | int prepares; | 2400 | int prepares; |
2368 | struct ieee80211_sub_if_data *prev = NULL; | 2401 | struct ieee80211_sub_if_data *prev = NULL; |
2369 | struct sk_buff *skb_new; | 2402 | struct sk_buff *skb_new; |
2370 | struct sta_info *sta, *tmp; | 2403 | struct sta_info *sta, *tmp; |
2371 | bool found_sta = false; | 2404 | bool found_sta = false; |
2405 | int err = 0; | ||
2372 | 2406 | ||
2373 | hdr = (struct ieee80211_hdr *)skb->data; | 2407 | fc = ((struct ieee80211_hdr *)skb->data)->frame_control; |
2374 | memset(&rx, 0, sizeof(rx)); | 2408 | memset(&rx, 0, sizeof(rx)); |
2375 | rx.skb = skb; | 2409 | rx.skb = skb; |
2376 | rx.local = local; | 2410 | rx.local = local; |
2377 | 2411 | ||
2378 | if (ieee80211_is_data(hdr->frame_control) || ieee80211_is_mgmt(hdr->frame_control)) | 2412 | if (ieee80211_is_data(fc) || ieee80211_is_mgmt(fc)) |
2379 | local->dot11ReceivedFragmentCount++; | 2413 | local->dot11ReceivedFragmentCount++; |
2380 | 2414 | ||
2381 | if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning) || | 2415 | if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning) || |
2382 | test_bit(SCAN_OFF_CHANNEL, &local->scanning))) | 2416 | test_bit(SCAN_OFF_CHANNEL, &local->scanning))) |
2383 | rx.flags |= IEEE80211_RX_IN_SCAN; | 2417 | rx.flags |= IEEE80211_RX_IN_SCAN; |
2384 | 2418 | ||
2419 | if (ieee80211_is_mgmt(fc)) | ||
2420 | err = skb_linearize(skb); | ||
2421 | else | ||
2422 | err = !pskb_may_pull(skb, ieee80211_hdrlen(fc)); | ||
2423 | |||
2424 | if (err) { | ||
2425 | dev_kfree_skb(skb); | ||
2426 | return; | ||
2427 | } | ||
2428 | |||
2429 | hdr = (struct ieee80211_hdr *)skb->data; | ||
2385 | ieee80211_parse_qos(&rx); | 2430 | ieee80211_parse_qos(&rx); |
2386 | ieee80211_verify_alignment(&rx); | 2431 | ieee80211_verify_alignment(&rx); |
2387 | 2432 | ||
2388 | if (ieee80211_is_data(hdr->frame_control)) { | 2433 | if (ieee80211_is_data(fc)) { |
2389 | for_each_sta_info(local, hdr->addr2, sta, tmp) { | 2434 | for_each_sta_info(local, hdr->addr2, sta, tmp) { |
2390 | rx.sta = sta; | 2435 | rx.sta = sta; |
2391 | found_sta = true; | 2436 | found_sta = true; |
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c index 1ce4ce8af80f..e1a3defdf581 100644 --- a/net/mac80211/scan.c +++ b/net/mac80211/scan.c | |||
@@ -248,6 +248,8 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted) | |||
248 | struct ieee80211_local *local = hw_to_local(hw); | 248 | struct ieee80211_local *local = hw_to_local(hw); |
249 | bool was_hw_scan; | 249 | bool was_hw_scan; |
250 | 250 | ||
251 | trace_api_scan_completed(local, aborted); | ||
252 | |||
251 | mutex_lock(&local->scan_mtx); | 253 | mutex_lock(&local->scan_mtx); |
252 | 254 | ||
253 | /* | 255 | /* |
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c index fb12cec4d333..ff0eb948917b 100644 --- a/net/mac80211/sta_info.c +++ b/net/mac80211/sta_info.c | |||
@@ -250,9 +250,6 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata, | |||
250 | * enable session_timer's data differentiation. refer to | 250 | * enable session_timer's data differentiation. refer to |
251 | * sta_rx_agg_session_timer_expired for useage */ | 251 | * sta_rx_agg_session_timer_expired for useage */ |
252 | sta->timer_to_tid[i] = i; | 252 | sta->timer_to_tid[i] = i; |
253 | /* rx */ | ||
254 | sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE; | ||
255 | sta->ampdu_mlme.tid_rx[i] = NULL; | ||
256 | /* tx */ | 253 | /* tx */ |
257 | sta->ampdu_mlme.tid_state_tx[i] = HT_AGG_STATE_IDLE; | 254 | sta->ampdu_mlme.tid_state_tx[i] = HT_AGG_STATE_IDLE; |
258 | sta->ampdu_mlme.tid_tx[i] = NULL; | 255 | sta->ampdu_mlme.tid_tx[i] = NULL; |
@@ -619,7 +616,7 @@ static int __must_check __sta_info_destroy(struct sta_info *sta) | |||
619 | struct ieee80211_sub_if_data *sdata; | 616 | struct ieee80211_sub_if_data *sdata; |
620 | struct sk_buff *skb; | 617 | struct sk_buff *skb; |
621 | unsigned long flags; | 618 | unsigned long flags; |
622 | int ret, i; | 619 | int ret; |
623 | 620 | ||
624 | might_sleep(); | 621 | might_sleep(); |
625 | 622 | ||
@@ -629,6 +626,15 @@ static int __must_check __sta_info_destroy(struct sta_info *sta) | |||
629 | local = sta->local; | 626 | local = sta->local; |
630 | sdata = sta->sdata; | 627 | sdata = sta->sdata; |
631 | 628 | ||
629 | /* | ||
630 | * Before removing the station from the driver and | ||
631 | * rate control, it might still start new aggregation | ||
632 | * sessions -- block that to make sure the tear-down | ||
633 | * will be sufficient. | ||
634 | */ | ||
635 | set_sta_flags(sta, WLAN_STA_BLOCK_BA); | ||
636 | ieee80211_sta_tear_down_BA_sessions(sta); | ||
637 | |||
632 | spin_lock_irqsave(&local->sta_lock, flags); | 638 | spin_lock_irqsave(&local->sta_lock, flags); |
633 | ret = sta_info_hash_del(local, sta); | 639 | ret = sta_info_hash_del(local, sta); |
634 | /* this might still be the pending list ... which is fine */ | 640 | /* this might still be the pending list ... which is fine */ |
@@ -645,9 +651,6 @@ static int __must_check __sta_info_destroy(struct sta_info *sta) | |||
645 | * may mean it is removed from hardware which requires that | 651 | * may mean it is removed from hardware which requires that |
646 | * the key->sta pointer is still valid, so flush the key todo | 652 | * the key->sta pointer is still valid, so flush the key todo |
647 | * list here. | 653 | * list here. |
648 | * | ||
649 | * ieee80211_key_todo() will synchronize_rcu() so after this | ||
650 | * nothing can reference this sta struct any more. | ||
651 | */ | 654 | */ |
652 | ieee80211_key_todo(); | 655 | ieee80211_key_todo(); |
653 | 656 | ||
@@ -679,11 +682,17 @@ static int __must_check __sta_info_destroy(struct sta_info *sta) | |||
679 | sdata = sta->sdata; | 682 | sdata = sta->sdata; |
680 | } | 683 | } |
681 | 684 | ||
685 | /* | ||
686 | * At this point, after we wait for an RCU grace period, | ||
687 | * neither mac80211 nor the driver can reference this | ||
688 | * sta struct any more except by still existing timers | ||
689 | * associated with this station that we clean up below. | ||
690 | */ | ||
691 | synchronize_rcu(); | ||
692 | |||
682 | #ifdef CONFIG_MAC80211_MESH | 693 | #ifdef CONFIG_MAC80211_MESH |
683 | if (ieee80211_vif_is_mesh(&sdata->vif)) { | 694 | if (ieee80211_vif_is_mesh(&sdata->vif)) |
684 | mesh_accept_plinks_update(sdata); | 695 | mesh_accept_plinks_update(sdata); |
685 | del_timer(&sta->plink_timer); | ||
686 | } | ||
687 | #endif | 696 | #endif |
688 | 697 | ||
689 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG | 698 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG |
@@ -710,50 +719,6 @@ static int __must_check __sta_info_destroy(struct sta_info *sta) | |||
710 | while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) | 719 | while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) |
711 | dev_kfree_skb_any(skb); | 720 | dev_kfree_skb_any(skb); |
712 | 721 | ||
713 | for (i = 0; i < STA_TID_NUM; i++) { | ||
714 | struct tid_ampdu_rx *tid_rx; | ||
715 | struct tid_ampdu_tx *tid_tx; | ||
716 | |||
717 | spin_lock_bh(&sta->lock); | ||
718 | tid_rx = sta->ampdu_mlme.tid_rx[i]; | ||
719 | /* Make sure timer won't free the tid_rx struct, see below */ | ||
720 | if (tid_rx) | ||
721 | tid_rx->shutdown = true; | ||
722 | |||
723 | spin_unlock_bh(&sta->lock); | ||
724 | |||
725 | /* | ||
726 | * Outside spinlock - shutdown is true now so that the timer | ||
727 | * won't free tid_rx, we have to do that now. Can't let the | ||
728 | * timer do it because we have to sync the timer outside the | ||
729 | * lock that it takes itself. | ||
730 | */ | ||
731 | if (tid_rx) { | ||
732 | del_timer_sync(&tid_rx->session_timer); | ||
733 | kfree(tid_rx); | ||
734 | } | ||
735 | |||
736 | /* | ||
737 | * No need to do such complications for TX agg sessions, the | ||
738 | * path leading to freeing the tid_tx struct goes via a call | ||
739 | * from the driver, and thus needs to look up the sta struct | ||
740 | * again, which cannot be found when we get here. Hence, we | ||
741 | * just need to delete the timer and free the aggregation | ||
742 | * info; we won't be telling the peer about it then but that | ||
743 | * doesn't matter if we're not talking to it again anyway. | ||
744 | */ | ||
745 | tid_tx = sta->ampdu_mlme.tid_tx[i]; | ||
746 | if (tid_tx) { | ||
747 | del_timer_sync(&tid_tx->addba_resp_timer); | ||
748 | /* | ||
749 | * STA removed while aggregation session being | ||
750 | * started? Bit odd, but purge frames anyway. | ||
751 | */ | ||
752 | skb_queue_purge(&tid_tx->pending); | ||
753 | kfree(tid_tx); | ||
754 | } | ||
755 | } | ||
756 | |||
757 | __sta_info_free(local, sta); | 722 | __sta_info_free(local, sta); |
758 | 723 | ||
759 | return 0; | 724 | return 0; |
@@ -992,6 +957,8 @@ void ieee80211_sta_block_awake(struct ieee80211_hw *hw, | |||
992 | { | 957 | { |
993 | struct sta_info *sta = container_of(pubsta, struct sta_info, sta); | 958 | struct sta_info *sta = container_of(pubsta, struct sta_info, sta); |
994 | 959 | ||
960 | trace_api_sta_block_awake(sta->local, pubsta, block); | ||
961 | |||
995 | if (block) | 962 | if (block) |
996 | set_sta_flags(sta, WLAN_STA_PS_DRIVER); | 963 | set_sta_flags(sta, WLAN_STA_PS_DRIVER); |
997 | else | 964 | else |
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h index 2b635909de5c..48a5e80957f0 100644 --- a/net/mac80211/sta_info.h +++ b/net/mac80211/sta_info.h | |||
@@ -35,8 +35,8 @@ | |||
35 | * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next | 35 | * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next |
36 | * frame to this station is transmitted. | 36 | * frame to this station is transmitted. |
37 | * @WLAN_STA_MFP: Management frame protection is used with this STA. | 37 | * @WLAN_STA_MFP: Management frame protection is used with this STA. |
38 | * @WLAN_STA_SUSPEND: Set/cleared during a suspend/resume cycle. | 38 | * @WLAN_STA_BLOCK_BA: Used to deny ADDBA requests (both TX and RX) |
39 | * Used to deny ADDBA requests (both TX and RX). | 39 | * during suspend/resume and station removal. |
40 | * @WLAN_STA_PS_DRIVER: driver requires keeping this station in | 40 | * @WLAN_STA_PS_DRIVER: driver requires keeping this station in |
41 | * power-save mode logically to flush frames that might still | 41 | * power-save mode logically to flush frames that might still |
42 | * be in the queues | 42 | * be in the queues |
@@ -57,7 +57,7 @@ enum ieee80211_sta_info_flags { | |||
57 | WLAN_STA_WDS = 1<<7, | 57 | WLAN_STA_WDS = 1<<7, |
58 | WLAN_STA_CLEAR_PS_FILT = 1<<9, | 58 | WLAN_STA_CLEAR_PS_FILT = 1<<9, |
59 | WLAN_STA_MFP = 1<<10, | 59 | WLAN_STA_MFP = 1<<10, |
60 | WLAN_STA_SUSPEND = 1<<11, | 60 | WLAN_STA_BLOCK_BA = 1<<11, |
61 | WLAN_STA_PS_DRIVER = 1<<12, | 61 | WLAN_STA_PS_DRIVER = 1<<12, |
62 | WLAN_STA_PSPOLL = 1<<13, | 62 | WLAN_STA_PSPOLL = 1<<13, |
63 | WLAN_STA_DISASSOC = 1<<14, | 63 | WLAN_STA_DISASSOC = 1<<14, |
@@ -106,7 +106,6 @@ struct tid_ampdu_tx { | |||
106 | * @buf_size: buffer size for incoming A-MPDUs | 106 | * @buf_size: buffer size for incoming A-MPDUs |
107 | * @timeout: reset timer value (in TUs). | 107 | * @timeout: reset timer value (in TUs). |
108 | * @dialog_token: dialog token for aggregation session | 108 | * @dialog_token: dialog token for aggregation session |
109 | * @shutdown: this session is being shut down due to STA removal | ||
110 | */ | 109 | */ |
111 | struct tid_ampdu_rx { | 110 | struct tid_ampdu_rx { |
112 | struct sk_buff **reorder_buf; | 111 | struct sk_buff **reorder_buf; |
@@ -118,7 +117,6 @@ struct tid_ampdu_rx { | |||
118 | u16 buf_size; | 117 | u16 buf_size; |
119 | u16 timeout; | 118 | u16 timeout; |
120 | u8 dialog_token; | 119 | u8 dialog_token; |
121 | bool shutdown; | ||
122 | }; | 120 | }; |
123 | 121 | ||
124 | /** | 122 | /** |
@@ -156,7 +154,7 @@ enum plink_state { | |||
156 | */ | 154 | */ |
157 | struct sta_ampdu_mlme { | 155 | struct sta_ampdu_mlme { |
158 | /* rx */ | 156 | /* rx */ |
159 | u8 tid_state_rx[STA_TID_NUM]; | 157 | bool tid_active_rx[STA_TID_NUM]; |
160 | struct tid_ampdu_rx *tid_rx[STA_TID_NUM]; | 158 | struct tid_ampdu_rx *tid_rx[STA_TID_NUM]; |
161 | /* tx */ | 159 | /* tx */ |
162 | u8 tid_state_tx[STA_TID_NUM]; | 160 | u8 tid_state_tx[STA_TID_NUM]; |
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c index db25fa9ef135..2cb77267f733 100644 --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c | |||
@@ -513,6 +513,8 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx) | |||
513 | else if (tx->sta && (key = rcu_dereference(tx->sta->key))) | 513 | else if (tx->sta && (key = rcu_dereference(tx->sta->key))) |
514 | tx->key = key; | 514 | tx->key = key; |
515 | else if (ieee80211_is_mgmt(hdr->frame_control) && | 515 | else if (ieee80211_is_mgmt(hdr->frame_control) && |
516 | is_multicast_ether_addr(hdr->addr1) && | ||
517 | ieee80211_is_robust_mgmt_frame(hdr) && | ||
516 | (key = rcu_dereference(tx->sdata->default_mgmt_key))) | 518 | (key = rcu_dereference(tx->sdata->default_mgmt_key))) |
517 | tx->key = key; | 519 | tx->key = key; |
518 | else if ((key = rcu_dereference(tx->sdata->default_key))) | 520 | else if ((key = rcu_dereference(tx->sdata->default_key))) |
@@ -1142,13 +1144,12 @@ ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata, | |||
1142 | 1144 | ||
1143 | if (tx->sta && ieee80211_is_data_qos(hdr->frame_control) && | 1145 | if (tx->sta && ieee80211_is_data_qos(hdr->frame_control) && |
1144 | (local->hw.flags & IEEE80211_HW_AMPDU_AGGREGATION)) { | 1146 | (local->hw.flags & IEEE80211_HW_AMPDU_AGGREGATION)) { |
1145 | unsigned long flags; | ||
1146 | struct tid_ampdu_tx *tid_tx; | 1147 | struct tid_ampdu_tx *tid_tx; |
1147 | 1148 | ||
1148 | qc = ieee80211_get_qos_ctl(hdr); | 1149 | qc = ieee80211_get_qos_ctl(hdr); |
1149 | tid = *qc & IEEE80211_QOS_CTL_TID_MASK; | 1150 | tid = *qc & IEEE80211_QOS_CTL_TID_MASK; |
1150 | 1151 | ||
1151 | spin_lock_irqsave(&tx->sta->lock, flags); | 1152 | spin_lock(&tx->sta->lock); |
1152 | /* | 1153 | /* |
1153 | * XXX: This spinlock could be fairly expensive, but see the | 1154 | * XXX: This spinlock could be fairly expensive, but see the |
1154 | * comment in agg-tx.c:ieee80211_agg_tx_operational(). | 1155 | * comment in agg-tx.c:ieee80211_agg_tx_operational(). |
@@ -1173,7 +1174,7 @@ ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata, | |||
1173 | info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING; | 1174 | info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING; |
1174 | __skb_queue_tail(&tid_tx->pending, skb); | 1175 | __skb_queue_tail(&tid_tx->pending, skb); |
1175 | } | 1176 | } |
1176 | spin_unlock_irqrestore(&tx->sta->lock, flags); | 1177 | spin_unlock(&tx->sta->lock); |
1177 | 1178 | ||
1178 | if (unlikely(queued)) | 1179 | if (unlikely(queued)) |
1179 | return TX_QUEUED; | 1180 | return TX_QUEUED; |
diff --git a/net/mac80211/util.c b/net/mac80211/util.c index 53af57047435..2b75b4fb68f4 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c | |||
@@ -270,6 +270,8 @@ static void __ieee80211_wake_queue(struct ieee80211_hw *hw, int queue, | |||
270 | struct ieee80211_local *local = hw_to_local(hw); | 270 | struct ieee80211_local *local = hw_to_local(hw); |
271 | struct ieee80211_sub_if_data *sdata; | 271 | struct ieee80211_sub_if_data *sdata; |
272 | 272 | ||
273 | trace_wake_queue(local, queue, reason); | ||
274 | |||
273 | if (WARN_ON(queue >= hw->queues)) | 275 | if (WARN_ON(queue >= hw->queues)) |
274 | return; | 276 | return; |
275 | 277 | ||
@@ -312,6 +314,8 @@ static void __ieee80211_stop_queue(struct ieee80211_hw *hw, int queue, | |||
312 | struct ieee80211_local *local = hw_to_local(hw); | 314 | struct ieee80211_local *local = hw_to_local(hw); |
313 | struct ieee80211_sub_if_data *sdata; | 315 | struct ieee80211_sub_if_data *sdata; |
314 | 316 | ||
317 | trace_stop_queue(local, queue, reason); | ||
318 | |||
315 | if (WARN_ON(queue >= hw->queues)) | 319 | if (WARN_ON(queue >= hw->queues)) |
316 | return; | 320 | return; |
317 | 321 | ||
@@ -796,6 +800,11 @@ void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata) | |||
796 | 800 | ||
797 | drv_conf_tx(local, queue, &qparam); | 801 | drv_conf_tx(local, queue, &qparam); |
798 | } | 802 | } |
803 | |||
804 | /* after reinitialize QoS TX queues setting to default, | ||
805 | * disable QoS at all */ | ||
806 | local->hw.conf.flags &= ~IEEE80211_CONF_QOS; | ||
807 | drv_config(local, IEEE80211_CONF_CHANGE_QOS); | ||
799 | } | 808 | } |
800 | 809 | ||
801 | void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata, | 810 | void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata, |
@@ -1135,7 +1144,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) | |||
1135 | 1144 | ||
1136 | if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) { | 1145 | if (hw->flags & IEEE80211_HW_AMPDU_AGGREGATION) { |
1137 | list_for_each_entry_rcu(sta, &local->sta_list, list) { | 1146 | list_for_each_entry_rcu(sta, &local->sta_list, list) { |
1138 | clear_sta_flags(sta, WLAN_STA_SUSPEND); | 1147 | clear_sta_flags(sta, WLAN_STA_BLOCK_BA); |
1139 | } | 1148 | } |
1140 | } | 1149 | } |
1141 | 1150 | ||
diff --git a/net/mac80211/work.c b/net/mac80211/work.c index 15e1ba931b87..bdb1d05b16fc 100644 --- a/net/mac80211/work.c +++ b/net/mac80211/work.c | |||
@@ -920,11 +920,16 @@ static void ieee80211_work_work(struct work_struct *work) | |||
920 | run_again(local, jiffies + HZ/2); | 920 | run_again(local, jiffies + HZ/2); |
921 | } | 921 | } |
922 | 922 | ||
923 | if (list_empty(&local->work_list) && local->scan_req) | 923 | mutex_lock(&local->scan_mtx); |
924 | |||
925 | if (list_empty(&local->work_list) && local->scan_req && | ||
926 | !local->scanning) | ||
924 | ieee80211_queue_delayed_work(&local->hw, | 927 | ieee80211_queue_delayed_work(&local->hw, |
925 | &local->scan_work, | 928 | &local->scan_work, |
926 | round_jiffies_relative(0)); | 929 | round_jiffies_relative(0)); |
927 | 930 | ||
931 | mutex_unlock(&local->scan_mtx); | ||
932 | |||
928 | mutex_unlock(&local->work_mtx); | 933 | mutex_unlock(&local->work_mtx); |
929 | 934 | ||
930 | ieee80211_recalc_idle(local); | 935 | ieee80211_recalc_idle(local); |
diff --git a/net/wireless/core.h b/net/wireless/core.h index d52da913145a..b2234b436ead 100644 --- a/net/wireless/core.h +++ b/net/wireless/core.h | |||
@@ -293,13 +293,15 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, | |||
293 | const u8 *bssid, | 293 | const u8 *bssid, |
294 | const u8 *ssid, int ssid_len, | 294 | const u8 *ssid, int ssid_len, |
295 | const u8 *ie, int ie_len, | 295 | const u8 *ie, int ie_len, |
296 | const u8 *key, int key_len, int key_idx); | 296 | const u8 *key, int key_len, int key_idx, |
297 | bool local_state_change); | ||
297 | int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, | 298 | int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, |
298 | struct net_device *dev, struct ieee80211_channel *chan, | 299 | struct net_device *dev, struct ieee80211_channel *chan, |
299 | enum nl80211_auth_type auth_type, const u8 *bssid, | 300 | enum nl80211_auth_type auth_type, const u8 *bssid, |
300 | const u8 *ssid, int ssid_len, | 301 | const u8 *ssid, int ssid_len, |
301 | const u8 *ie, int ie_len, | 302 | const u8 *ie, int ie_len, |
302 | const u8 *key, int key_len, int key_idx); | 303 | const u8 *key, int key_len, int key_idx, |
304 | bool local_state_change); | ||
303 | int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, | 305 | int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, |
304 | struct net_device *dev, | 306 | struct net_device *dev, |
305 | struct ieee80211_channel *chan, | 307 | struct ieee80211_channel *chan, |
@@ -315,13 +317,16 @@ int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, | |||
315 | struct cfg80211_crypto_settings *crypt); | 317 | struct cfg80211_crypto_settings *crypt); |
316 | int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | 318 | int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, |
317 | struct net_device *dev, const u8 *bssid, | 319 | struct net_device *dev, const u8 *bssid, |
318 | const u8 *ie, int ie_len, u16 reason); | 320 | const u8 *ie, int ie_len, u16 reason, |
321 | bool local_state_change); | ||
319 | int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | 322 | int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, |
320 | struct net_device *dev, const u8 *bssid, | 323 | struct net_device *dev, const u8 *bssid, |
321 | const u8 *ie, int ie_len, u16 reason); | 324 | const u8 *ie, int ie_len, u16 reason, |
325 | bool local_state_change); | ||
322 | int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, | 326 | int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, |
323 | struct net_device *dev, const u8 *bssid, | 327 | struct net_device *dev, const u8 *bssid, |
324 | const u8 *ie, int ie_len, u16 reason); | 328 | const u8 *ie, int ie_len, u16 reason, |
329 | bool local_state_change); | ||
325 | void cfg80211_mlme_down(struct cfg80211_registered_device *rdev, | 330 | void cfg80211_mlme_down(struct cfg80211_registered_device *rdev, |
326 | struct net_device *dev); | 331 | struct net_device *dev); |
327 | void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid, | 332 | void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid, |
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c index 4bb734a95f57..48ead6f0426d 100644 --- a/net/wireless/mlme.c +++ b/net/wireless/mlme.c | |||
@@ -378,7 +378,8 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, | |||
378 | const u8 *bssid, | 378 | const u8 *bssid, |
379 | const u8 *ssid, int ssid_len, | 379 | const u8 *ssid, int ssid_len, |
380 | const u8 *ie, int ie_len, | 380 | const u8 *ie, int ie_len, |
381 | const u8 *key, int key_len, int key_idx) | 381 | const u8 *key, int key_len, int key_idx, |
382 | bool local_state_change) | ||
382 | { | 383 | { |
383 | struct wireless_dev *wdev = dev->ieee80211_ptr; | 384 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
384 | struct cfg80211_auth_request req; | 385 | struct cfg80211_auth_request req; |
@@ -408,6 +409,7 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, | |||
408 | 409 | ||
409 | memset(&req, 0, sizeof(req)); | 410 | memset(&req, 0, sizeof(req)); |
410 | 411 | ||
412 | req.local_state_change = local_state_change; | ||
411 | req.ie = ie; | 413 | req.ie = ie; |
412 | req.ie_len = ie_len; | 414 | req.ie_len = ie_len; |
413 | req.auth_type = auth_type; | 415 | req.auth_type = auth_type; |
@@ -434,12 +436,18 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, | |||
434 | goto out; | 436 | goto out; |
435 | } | 437 | } |
436 | 438 | ||
437 | wdev->authtry_bsses[slot] = bss; | 439 | if (local_state_change) |
440 | wdev->auth_bsses[slot] = bss; | ||
441 | else | ||
442 | wdev->authtry_bsses[slot] = bss; | ||
438 | cfg80211_hold_bss(bss); | 443 | cfg80211_hold_bss(bss); |
439 | 444 | ||
440 | err = rdev->ops->auth(&rdev->wiphy, dev, &req); | 445 | err = rdev->ops->auth(&rdev->wiphy, dev, &req); |
441 | if (err) { | 446 | if (err) { |
442 | wdev->authtry_bsses[slot] = NULL; | 447 | if (local_state_change) |
448 | wdev->auth_bsses[slot] = NULL; | ||
449 | else | ||
450 | wdev->authtry_bsses[slot] = NULL; | ||
443 | cfg80211_unhold_bss(bss); | 451 | cfg80211_unhold_bss(bss); |
444 | } | 452 | } |
445 | 453 | ||
@@ -454,14 +462,15 @@ int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, | |||
454 | enum nl80211_auth_type auth_type, const u8 *bssid, | 462 | enum nl80211_auth_type auth_type, const u8 *bssid, |
455 | const u8 *ssid, int ssid_len, | 463 | const u8 *ssid, int ssid_len, |
456 | const u8 *ie, int ie_len, | 464 | const u8 *ie, int ie_len, |
457 | const u8 *key, int key_len, int key_idx) | 465 | const u8 *key, int key_len, int key_idx, |
466 | bool local_state_change) | ||
458 | { | 467 | { |
459 | int err; | 468 | int err; |
460 | 469 | ||
461 | wdev_lock(dev->ieee80211_ptr); | 470 | wdev_lock(dev->ieee80211_ptr); |
462 | err = __cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, | 471 | err = __cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, |
463 | ssid, ssid_len, ie, ie_len, | 472 | ssid, ssid_len, ie, ie_len, |
464 | key, key_len, key_idx); | 473 | key, key_len, key_idx, local_state_change); |
465 | wdev_unlock(dev->ieee80211_ptr); | 474 | wdev_unlock(dev->ieee80211_ptr); |
466 | 475 | ||
467 | return err; | 476 | return err; |
@@ -555,7 +564,8 @@ int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, | |||
555 | 564 | ||
556 | int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | 565 | int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, |
557 | struct net_device *dev, const u8 *bssid, | 566 | struct net_device *dev, const u8 *bssid, |
558 | const u8 *ie, int ie_len, u16 reason) | 567 | const u8 *ie, int ie_len, u16 reason, |
568 | bool local_state_change) | ||
559 | { | 569 | { |
560 | struct wireless_dev *wdev = dev->ieee80211_ptr; | 570 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
561 | struct cfg80211_deauth_request req; | 571 | struct cfg80211_deauth_request req; |
@@ -565,6 +575,7 @@ int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | |||
565 | 575 | ||
566 | memset(&req, 0, sizeof(req)); | 576 | memset(&req, 0, sizeof(req)); |
567 | req.reason_code = reason; | 577 | req.reason_code = reason; |
578 | req.local_state_change = local_state_change; | ||
568 | req.ie = ie; | 579 | req.ie = ie; |
569 | req.ie_len = ie_len; | 580 | req.ie_len = ie_len; |
570 | if (wdev->current_bss && | 581 | if (wdev->current_bss && |
@@ -591,13 +602,15 @@ int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | |||
591 | 602 | ||
592 | int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | 603 | int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, |
593 | struct net_device *dev, const u8 *bssid, | 604 | struct net_device *dev, const u8 *bssid, |
594 | const u8 *ie, int ie_len, u16 reason) | 605 | const u8 *ie, int ie_len, u16 reason, |
606 | bool local_state_change) | ||
595 | { | 607 | { |
596 | struct wireless_dev *wdev = dev->ieee80211_ptr; | 608 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
597 | int err; | 609 | int err; |
598 | 610 | ||
599 | wdev_lock(wdev); | 611 | wdev_lock(wdev); |
600 | err = __cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason); | 612 | err = __cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason, |
613 | local_state_change); | ||
601 | wdev_unlock(wdev); | 614 | wdev_unlock(wdev); |
602 | 615 | ||
603 | return err; | 616 | return err; |
@@ -605,7 +618,8 @@ int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | |||
605 | 618 | ||
606 | static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, | 619 | static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, |
607 | struct net_device *dev, const u8 *bssid, | 620 | struct net_device *dev, const u8 *bssid, |
608 | const u8 *ie, int ie_len, u16 reason) | 621 | const u8 *ie, int ie_len, u16 reason, |
622 | bool local_state_change) | ||
609 | { | 623 | { |
610 | struct wireless_dev *wdev = dev->ieee80211_ptr; | 624 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
611 | struct cfg80211_disassoc_request req; | 625 | struct cfg80211_disassoc_request req; |
@@ -620,6 +634,7 @@ static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, | |||
620 | 634 | ||
621 | memset(&req, 0, sizeof(req)); | 635 | memset(&req, 0, sizeof(req)); |
622 | req.reason_code = reason; | 636 | req.reason_code = reason; |
637 | req.local_state_change = local_state_change; | ||
623 | req.ie = ie; | 638 | req.ie = ie; |
624 | req.ie_len = ie_len; | 639 | req.ie_len = ie_len; |
625 | if (memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) | 640 | if (memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) |
@@ -632,13 +647,15 @@ static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, | |||
632 | 647 | ||
633 | int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, | 648 | int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, |
634 | struct net_device *dev, const u8 *bssid, | 649 | struct net_device *dev, const u8 *bssid, |
635 | const u8 *ie, int ie_len, u16 reason) | 650 | const u8 *ie, int ie_len, u16 reason, |
651 | bool local_state_change) | ||
636 | { | 652 | { |
637 | struct wireless_dev *wdev = dev->ieee80211_ptr; | 653 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
638 | int err; | 654 | int err; |
639 | 655 | ||
640 | wdev_lock(wdev); | 656 | wdev_lock(wdev); |
641 | err = __cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason); | 657 | err = __cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason, |
658 | local_state_change); | ||
642 | wdev_unlock(wdev); | 659 | wdev_unlock(wdev); |
643 | 660 | ||
644 | return err; | 661 | return err; |
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 596bf189549a..356a84a5daee 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c | |||
@@ -151,6 +151,7 @@ static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { | |||
151 | [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, | 151 | [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, |
152 | [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, | 152 | [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, |
153 | [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, | 153 | [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, |
154 | [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, | ||
154 | }; | 155 | }; |
155 | 156 | ||
156 | /* policy for the attributes */ | 157 | /* policy for the attributes */ |
@@ -2097,7 +2098,8 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) | |||
2097 | goto out_rtnl; | 2098 | goto out_rtnl; |
2098 | 2099 | ||
2099 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && | 2100 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
2100 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN) { | 2101 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && |
2102 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { | ||
2101 | err = -EINVAL; | 2103 | err = -EINVAL; |
2102 | goto out; | 2104 | goto out; |
2103 | } | 2105 | } |
@@ -3393,6 +3395,7 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) | |||
3393 | int err, ssid_len, ie_len = 0; | 3395 | int err, ssid_len, ie_len = 0; |
3394 | enum nl80211_auth_type auth_type; | 3396 | enum nl80211_auth_type auth_type; |
3395 | struct key_parse key; | 3397 | struct key_parse key; |
3398 | bool local_state_change; | ||
3396 | 3399 | ||
3397 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) | 3400 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
3398 | return -EINVAL; | 3401 | return -EINVAL; |
@@ -3471,9 +3474,12 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) | |||
3471 | goto out; | 3474 | goto out; |
3472 | } | 3475 | } |
3473 | 3476 | ||
3477 | local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; | ||
3478 | |||
3474 | err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, | 3479 | err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, |
3475 | ssid, ssid_len, ie, ie_len, | 3480 | ssid, ssid_len, ie, ie_len, |
3476 | key.p.key, key.p.key_len, key.idx); | 3481 | key.p.key, key.p.key_len, key.idx, |
3482 | local_state_change); | ||
3477 | 3483 | ||
3478 | out: | 3484 | out: |
3479 | cfg80211_unlock_rdev(rdev); | 3485 | cfg80211_unlock_rdev(rdev); |
@@ -3650,6 +3656,7 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) | |||
3650 | const u8 *ie = NULL, *bssid; | 3656 | const u8 *ie = NULL, *bssid; |
3651 | int err, ie_len = 0; | 3657 | int err, ie_len = 0; |
3652 | u16 reason_code; | 3658 | u16 reason_code; |
3659 | bool local_state_change; | ||
3653 | 3660 | ||
3654 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) | 3661 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
3655 | return -EINVAL; | 3662 | return -EINVAL; |
@@ -3695,7 +3702,10 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) | |||
3695 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); | 3702 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
3696 | } | 3703 | } |
3697 | 3704 | ||
3698 | err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code); | 3705 | local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; |
3706 | |||
3707 | err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, | ||
3708 | local_state_change); | ||
3699 | 3709 | ||
3700 | out: | 3710 | out: |
3701 | cfg80211_unlock_rdev(rdev); | 3711 | cfg80211_unlock_rdev(rdev); |
@@ -3712,6 +3722,7 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) | |||
3712 | const u8 *ie = NULL, *bssid; | 3722 | const u8 *ie = NULL, *bssid; |
3713 | int err, ie_len = 0; | 3723 | int err, ie_len = 0; |
3714 | u16 reason_code; | 3724 | u16 reason_code; |
3725 | bool local_state_change; | ||
3715 | 3726 | ||
3716 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) | 3727 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
3717 | return -EINVAL; | 3728 | return -EINVAL; |
@@ -3757,7 +3768,10 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) | |||
3757 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); | 3768 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
3758 | } | 3769 | } |
3759 | 3770 | ||
3760 | err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code); | 3771 | local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; |
3772 | |||
3773 | err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, | ||
3774 | local_state_change); | ||
3761 | 3775 | ||
3762 | out: | 3776 | out: |
3763 | cfg80211_unlock_rdev(rdev); | 3777 | cfg80211_unlock_rdev(rdev); |
diff --git a/net/wireless/reg.c b/net/wireless/reg.c index 422da20d1e5b..8f0d97dd3109 100644 --- a/net/wireless/reg.c +++ b/net/wireless/reg.c | |||
@@ -2356,10 +2356,10 @@ static void print_regdomain(const struct ieee80211_regdomain *rd) | |||
2356 | rdev->country_ie_alpha2[1]); | 2356 | rdev->country_ie_alpha2[1]); |
2357 | } else | 2357 | } else |
2358 | printk(KERN_INFO "cfg80211: Current regulatory " | 2358 | printk(KERN_INFO "cfg80211: Current regulatory " |
2359 | "domain intersected: \n"); | 2359 | "domain intersected:\n"); |
2360 | } else | 2360 | } else |
2361 | printk(KERN_INFO "cfg80211: Current regulatory " | 2361 | printk(KERN_INFO "cfg80211: Current regulatory " |
2362 | "domain intersected: \n"); | 2362 | "domain intersected:\n"); |
2363 | } else if (is_world_regdom(rd->alpha2)) | 2363 | } else if (is_world_regdom(rd->alpha2)) |
2364 | printk(KERN_INFO "cfg80211: World regulatory " | 2364 | printk(KERN_INFO "cfg80211: World regulatory " |
2365 | "domain updated:\n"); | 2365 | "domain updated:\n"); |
diff --git a/net/wireless/sme.c b/net/wireless/sme.c index f4dfd5f5f2ea..c2735775ec19 100644 --- a/net/wireless/sme.c +++ b/net/wireless/sme.c | |||
@@ -171,7 +171,7 @@ static int cfg80211_conn_do_work(struct wireless_dev *wdev) | |||
171 | params->ssid, params->ssid_len, | 171 | params->ssid, params->ssid_len, |
172 | NULL, 0, | 172 | NULL, 0, |
173 | params->key, params->key_len, | 173 | params->key, params->key_len, |
174 | params->key_idx); | 174 | params->key_idx, false); |
175 | case CFG80211_CONN_ASSOCIATE_NEXT: | 175 | case CFG80211_CONN_ASSOCIATE_NEXT: |
176 | BUG_ON(!rdev->ops->assoc); | 176 | BUG_ON(!rdev->ops->assoc); |
177 | wdev->conn->state = CFG80211_CONN_ASSOCIATING; | 177 | wdev->conn->state = CFG80211_CONN_ASSOCIATING; |
@@ -186,12 +186,13 @@ static int cfg80211_conn_do_work(struct wireless_dev *wdev) | |||
186 | if (err) | 186 | if (err) |
187 | __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid, | 187 | __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid, |
188 | NULL, 0, | 188 | NULL, 0, |
189 | WLAN_REASON_DEAUTH_LEAVING); | 189 | WLAN_REASON_DEAUTH_LEAVING, |
190 | false); | ||
190 | return err; | 191 | return err; |
191 | case CFG80211_CONN_DEAUTH_ASSOC_FAIL: | 192 | case CFG80211_CONN_DEAUTH_ASSOC_FAIL: |
192 | __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid, | 193 | __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid, |
193 | NULL, 0, | 194 | NULL, 0, |
194 | WLAN_REASON_DEAUTH_LEAVING); | 195 | WLAN_REASON_DEAUTH_LEAVING, false); |
195 | /* return an error so that we call __cfg80211_connect_result() */ | 196 | /* return an error so that we call __cfg80211_connect_result() */ |
196 | return -EINVAL; | 197 | return -EINVAL; |
197 | default: | 198 | default: |
@@ -676,7 +677,8 @@ void __cfg80211_disconnected(struct net_device *dev, const u8 *ie, | |||
676 | continue; | 677 | continue; |
677 | bssid = wdev->auth_bsses[i]->pub.bssid; | 678 | bssid = wdev->auth_bsses[i]->pub.bssid; |
678 | ret = __cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0, | 679 | ret = __cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0, |
679 | WLAN_REASON_DEAUTH_LEAVING); | 680 | WLAN_REASON_DEAUTH_LEAVING, |
681 | false); | ||
680 | WARN(ret, "deauth failed: %d\n", ret); | 682 | WARN(ret, "deauth failed: %d\n", ret); |
681 | } | 683 | } |
682 | } | 684 | } |
@@ -935,7 +937,7 @@ int __cfg80211_disconnect(struct cfg80211_registered_device *rdev, | |||
935 | /* wdev->conn->params.bssid must be set if > SCANNING */ | 937 | /* wdev->conn->params.bssid must be set if > SCANNING */ |
936 | err = __cfg80211_mlme_deauth(rdev, dev, | 938 | err = __cfg80211_mlme_deauth(rdev, dev, |
937 | wdev->conn->params.bssid, | 939 | wdev->conn->params.bssid, |
938 | NULL, 0, reason); | 940 | NULL, 0, reason, false); |
939 | if (err) | 941 | if (err) |
940 | return err; | 942 | return err; |
941 | } else { | 943 | } else { |
@@ -991,7 +993,8 @@ void cfg80211_sme_disassoc(struct net_device *dev, int idx) | |||
991 | 993 | ||
992 | memcpy(bssid, wdev->auth_bsses[idx]->pub.bssid, ETH_ALEN); | 994 | memcpy(bssid, wdev->auth_bsses[idx]->pub.bssid, ETH_ALEN); |
993 | if (__cfg80211_mlme_deauth(rdev, dev, bssid, | 995 | if (__cfg80211_mlme_deauth(rdev, dev, bssid, |
994 | NULL, 0, WLAN_REASON_DEAUTH_LEAVING)) { | 996 | NULL, 0, WLAN_REASON_DEAUTH_LEAVING, |
997 | false)) { | ||
995 | /* whatever -- assume gone anyway */ | 998 | /* whatever -- assume gone anyway */ |
996 | cfg80211_unhold_bss(wdev->auth_bsses[idx]); | 999 | cfg80211_unhold_bss(wdev->auth_bsses[idx]); |
997 | cfg80211_put_bss(&wdev->auth_bsses[idx]->pub); | 1000 | cfg80211_put_bss(&wdev->auth_bsses[idx]->pub); |
diff --git a/net/wireless/util.c b/net/wireless/util.c index d3574a4eb3ba..3416373a9c0c 100644 --- a/net/wireless/util.c +++ b/net/wireless/util.c | |||
@@ -331,11 +331,18 @@ int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr, | |||
331 | if (iftype == NL80211_IFTYPE_MESH_POINT) { | 331 | if (iftype == NL80211_IFTYPE_MESH_POINT) { |
332 | struct ieee80211s_hdr *meshdr = | 332 | struct ieee80211s_hdr *meshdr = |
333 | (struct ieee80211s_hdr *) (skb->data + hdrlen); | 333 | (struct ieee80211s_hdr *) (skb->data + hdrlen); |
334 | hdrlen += ieee80211_get_mesh_hdrlen(meshdr); | 334 | /* make sure meshdr->flags is on the linear part */ |
335 | if (!pskb_may_pull(skb, hdrlen + 1)) | ||
336 | return -1; | ||
335 | if (meshdr->flags & MESH_FLAGS_AE_A5_A6) { | 337 | if (meshdr->flags & MESH_FLAGS_AE_A5_A6) { |
336 | memcpy(dst, meshdr->eaddr1, ETH_ALEN); | 338 | skb_copy_bits(skb, hdrlen + |
337 | memcpy(src, meshdr->eaddr2, ETH_ALEN); | 339 | offsetof(struct ieee80211s_hdr, eaddr1), |
340 | dst, ETH_ALEN); | ||
341 | skb_copy_bits(skb, hdrlen + | ||
342 | offsetof(struct ieee80211s_hdr, eaddr2), | ||
343 | src, ETH_ALEN); | ||
338 | } | 344 | } |
345 | hdrlen += ieee80211_get_mesh_hdrlen(meshdr); | ||
339 | } | 346 | } |
340 | break; | 347 | break; |
341 | case cpu_to_le16(IEEE80211_FCTL_FROMDS): | 348 | case cpu_to_le16(IEEE80211_FCTL_FROMDS): |
@@ -347,9 +354,14 @@ int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr, | |||
347 | if (iftype == NL80211_IFTYPE_MESH_POINT) { | 354 | if (iftype == NL80211_IFTYPE_MESH_POINT) { |
348 | struct ieee80211s_hdr *meshdr = | 355 | struct ieee80211s_hdr *meshdr = |
349 | (struct ieee80211s_hdr *) (skb->data + hdrlen); | 356 | (struct ieee80211s_hdr *) (skb->data + hdrlen); |
350 | hdrlen += ieee80211_get_mesh_hdrlen(meshdr); | 357 | /* make sure meshdr->flags is on the linear part */ |
358 | if (!pskb_may_pull(skb, hdrlen + 1)) | ||
359 | return -1; | ||
351 | if (meshdr->flags & MESH_FLAGS_AE_A4) | 360 | if (meshdr->flags & MESH_FLAGS_AE_A4) |
352 | memcpy(src, meshdr->eaddr1, ETH_ALEN); | 361 | skb_copy_bits(skb, hdrlen + |
362 | offsetof(struct ieee80211s_hdr, eaddr1), | ||
363 | src, ETH_ALEN); | ||
364 | hdrlen += ieee80211_get_mesh_hdrlen(meshdr); | ||
353 | } | 365 | } |
354 | break; | 366 | break; |
355 | case cpu_to_le16(0): | 367 | case cpu_to_le16(0): |
@@ -358,7 +370,7 @@ int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr, | |||
358 | break; | 370 | break; |
359 | } | 371 | } |
360 | 372 | ||
361 | if (unlikely(skb->len - hdrlen < 8)) | 373 | if (!pskb_may_pull(skb, hdrlen + 8)) |
362 | return -1; | 374 | return -1; |
363 | 375 | ||
364 | payload = skb->data + hdrlen; | 376 | payload = skb->data + hdrlen; |