aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/8021q/vlan.c19
-rw-r--r--net/8021q/vlanproc.c2
-rw-r--r--net/Kconfig20
-rw-r--r--net/Makefile1
-rw-r--r--net/appletalk/ddp.c25
-rw-r--r--net/atm/br2684.c4
-rw-r--r--net/atm/clip.c12
-rw-r--r--net/atm/lec.c17
-rw-r--r--net/atm/mpc.c2
-rw-r--r--net/atm/proc.c9
-rw-r--r--net/bluetooth/af_bluetooth.c4
-rw-r--r--net/bluetooth/bnep/netdev.c6
-rw-r--r--net/bridge/br_device.c2
-rw-r--r--net/bridge/br_forward.c3
-rw-r--r--net/bridge/br_if.c1
-rw-r--r--net/bridge/br_netfilter.c96
-rw-r--r--net/bridge/br_private.h3
-rw-r--r--net/bridge/br_stp.c2
-rw-r--r--net/bridge/br_sysfs_if.c17
-rw-r--r--net/compat.c17
-rw-r--r--net/core/datagram.c3
-rw-r--r--net/core/dev.c59
-rw-r--r--net/core/ethtool.c16
-rw-r--r--net/core/neighbour.c95
-rw-r--r--net/core/net-sysfs.c2
-rw-r--r--net/core/net_namespace.c35
-rw-r--r--net/core/netpoll.c6
-rw-r--r--net/core/rtnetlink.c21
-rw-r--r--net/core/skbuff.c3
-rw-r--r--net/core/sock.c16
-rw-r--r--net/dccp/ccids/ccid3.c4
-rw-r--r--net/dccp/feat.c7
-rw-r--r--net/dccp/proto.c4
-rw-r--r--net/decnet/dn_route.c2
-rw-r--r--net/econet/af_econet.c4
-rw-r--r--net/ieee802154/af_ieee802154.c4
-rw-r--r--net/ieee802154/dgram.c78
-rw-r--r--net/ieee802154/netlink.c144
-rw-r--r--net/ieee802154/nl_policy.c3
-rw-r--r--net/ieee802154/raw.c2
-rw-r--r--net/ipv4/af_inet.c12
-rw-r--r--net/ipv4/fib_trie.c52
-rw-r--r--net/ipv4/ip_gre.c6
-rw-r--r--net/ipv4/ipip.c6
-rw-r--r--net/ipv4/ipmr.c2
-rw-r--r--net/ipv4/route.c2
-rw-r--r--net/ipv4/tcp_output.c58
-rw-r--r--net/ipv4/udp.c144
-rw-r--r--net/ipv4/xfrm4_policy.c37
-rw-r--r--net/ipv6/af_inet6.c20
-rw-r--r--net/ipv6/icmp.c17
-rw-r--r--net/ipv6/ip6_fib.c16
-rw-r--r--net/ipv6/ip6_input.c6
-rw-r--r--net/ipv6/ip6_output.c41
-rw-r--r--net/ipv6/ip6_tunnel.c4
-rw-r--r--net/ipv6/ip6mr.c2
-rw-r--r--net/ipv6/ipv6_sockglue.c5
-rw-r--r--net/ipv6/mcast.c1
-rw-r--r--net/ipv6/ndisc.c4
-rw-r--r--net/ipv6/proc.c4
-rw-r--r--net/ipv6/raw.c5
-rw-r--r--net/ipv6/sit.c6
-rw-r--r--net/ipv6/sysctl_net_ipv6.c4
-rw-r--r--net/ipv6/udp.c146
-rw-r--r--net/ipv6/xfrm6_policy.c38
-rw-r--r--net/irda/ircomm/ircomm_event.c4
-rw-r--r--net/irda/ircomm/ircomm_tty_attach.c4
-rw-r--r--net/irda/iriap.c4
-rw-r--r--net/irda/irlan/irlan_common.c4
-rw-r--r--net/irda/irlan/irlan_eth.c4
-rw-r--r--net/irda/irlap.c2
-rw-r--r--net/irda/irlap_event.c4
-rw-r--r--net/irda/irlmp_event.c6
-rw-r--r--net/irda/irnetlink.c2
-rw-r--r--net/lapb/lapb_iface.c2
-rw-r--r--net/llc/llc_proc.c2
-rw-r--r--net/mac80211/Kconfig37
-rw-r--r--net/mac80211/Makefile4
-rw-r--r--net/mac80211/agg-tx.c3
-rw-r--r--net/mac80211/cfg.c234
-rw-r--r--net/mac80211/debugfs.c2
-rw-r--r--net/mac80211/debugfs_netdev.c46
-rw-r--r--net/mac80211/debugfs_sta.c98
-rw-r--r--net/mac80211/driver-ops.h85
-rw-r--r--net/mac80211/driver-trace.c9
-rw-r--r--net/mac80211/driver-trace.h648
-rw-r--r--net/mac80211/event.c23
-rw-r--r--net/mac80211/ibss.c23
-rw-r--r--net/mac80211/ieee80211_i.h237
-rw-r--r--net/mac80211/iface.c139
-rw-r--r--net/mac80211/key.c28
-rw-r--r--net/mac80211/main.c182
-rw-r--r--net/mac80211/mesh.c158
-rw-r--r--net/mac80211/mesh.h33
-rw-r--r--net/mac80211/mesh_hwmp.c26
-rw-r--r--net/mac80211/mesh_pathtbl.c177
-rw-r--r--net/mac80211/mesh_plink.c2
-rw-r--r--net/mac80211/mlme.c1992
-rw-r--r--net/mac80211/pm.c8
-rw-r--r--net/mac80211/rate.c31
-rw-r--r--net/mac80211/rc80211_minstrel.c39
-rw-r--r--net/mac80211/rc80211_pid_algo.c12
-rw-r--r--net/mac80211/rx.c216
-rw-r--r--net/mac80211/scan.c368
-rw-r--r--net/mac80211/sta_info.c2
-rw-r--r--net/mac80211/sta_info.h30
-rw-r--r--net/mac80211/tx.c572
-rw-r--r--net/mac80211/util.c122
-rw-r--r--net/mac80211/wep.c52
-rw-r--r--net/mac80211/wep.h7
-rw-r--r--net/mac80211/wext.c633
-rw-r--r--net/mac80211/wme.c6
-rw-r--r--net/mac80211/wme.h3
-rw-r--r--net/mac80211/wpa.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_app.c19
-rw-r--r--net/netfilter/ipvs/ip_vs_conn.c17
-rw-r--r--net/netfilter/ipvs/ip_vs_core.c27
-rw-r--r--net/netfilter/ipvs/ip_vs_ctl.c67
-rw-r--r--net/netfilter/ipvs/ip_vs_dh.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_est.c4
-rw-r--r--net/netfilter/ipvs/ip_vs_ftp.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_lblc.c9
-rw-r--r--net/netfilter/ipvs/ip_vs_lblcr.c17
-rw-r--r--net/netfilter/ipvs/ip_vs_lc.c5
-rw-r--r--net/netfilter/ipvs/ip_vs_nq.c5
-rw-r--r--net/netfilter/ipvs/ip_vs_proto.c12
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_ah_esp.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_tcp.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_udp.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_rr.c5
-rw-r--r--net/netfilter/ipvs/ip_vs_sched.c41
-rw-r--r--net/netfilter/ipvs/ip_vs_sed.c5
-rw-r--r--net/netfilter/ipvs/ip_vs_sh.c5
-rw-r--r--net/netfilter/ipvs/ip_vs_sync.c53
-rw-r--r--net/netfilter/ipvs/ip_vs_wlc.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_wrr.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_xmit.c43
-rw-r--r--net/netlabel/netlabel_kapi.c6
-rw-r--r--net/netlink/af_netlink.c72
-rw-r--r--net/netlink/genetlink.c186
-rw-r--r--net/netrom/nr_dev.c4
-rw-r--r--net/packet/af_packet.c246
-rw-r--r--net/phonet/datagram.c5
-rw-r--r--net/phonet/pep-gprs.c4
-rw-r--r--net/phonet/pep.c7
-rw-r--r--net/phonet/pn_dev.c8
-rw-r--r--net/phonet/socket.c97
-rw-r--r--net/rds/connection.c49
-rw-r--r--net/rds/ib.c6
-rw-r--r--net/rds/ib.h18
-rw-r--r--net/rds/ib_cm.c62
-rw-r--r--net/rds/ib_rdma.c12
-rw-r--r--net/rds/ib_recv.c53
-rw-r--r--net/rds/ib_stats.c2
-rw-r--r--net/rds/ib_sysctl.c12
-rw-r--r--net/rds/iw.c15
-rw-r--r--net/rds/iw.h1
-rw-r--r--net/rds/iw_rdma.c28
-rw-r--r--net/rds/iw_send.c2
-rw-r--r--net/rds/iw_stats.c2
-rw-r--r--net/rds/rdma_transport.c10
-rw-r--r--net/rds/rds.h3
-rw-r--r--net/rds/recv.c24
-rw-r--r--net/rds/stats.c4
-rw-r--r--net/rfkill/core.c14
-rw-r--r--net/rose/rose_dev.c2
-rw-r--r--net/rxrpc/ar-ack.c2
-rw-r--r--net/sched/sch_generic.c93
-rw-r--r--net/sched/sch_teql.c6
-rw-r--r--net/sctp/debug.c14
-rw-r--r--net/tipc/netlink.c2
-rw-r--r--net/tipc/socket.c6
-rw-r--r--net/wireless/Kconfig43
-rw-r--r--net/wireless/Makefile5
-rw-r--r--net/wireless/chan.c89
-rw-r--r--net/wireless/core.c481
-rw-r--r--net/wireless/core.h232
-rw-r--r--net/wireless/debugfs.c14
-rw-r--r--net/wireless/debugfs.h8
-rw-r--r--net/wireless/ibss.c290
-rw-r--r--net/wireless/mlme.c618
-rw-r--r--net/wireless/nl80211.c1716
-rw-r--r--net/wireless/nl80211.h71
-rw-r--r--net/wireless/reg.c169
-rw-r--r--net/wireless/reg.h15
-rw-r--r--net/wireless/scan.c99
-rw-r--r--net/wireless/sme.c932
-rw-r--r--net/wireless/util.c82
-rw-r--r--net/wireless/wext-compat.c865
-rw-r--r--net/wireless/wext-compat.h49
-rw-r--r--net/wireless/wext-sme.c404
-rw-r--r--net/wireless/wext.c257
192 files changed, 10575 insertions, 5056 deletions
diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c
index fe649081fbdc..a1f16303703a 100644
--- a/net/8021q/vlan.c
+++ b/net/8021q/vlan.c
@@ -225,12 +225,6 @@ int vlan_check_real_dev(struct net_device *real_dev, u16 vlan_id)
225 return -EOPNOTSUPP; 225 return -EOPNOTSUPP;
226 } 226 }
227 227
228 /* The real device must be up and operating in order to
229 * assosciate a VLAN device with it.
230 */
231 if (!(real_dev->flags & IFF_UP))
232 return -ENETDOWN;
233
234 if (__find_vlan_dev(real_dev, vlan_id) != NULL) 228 if (__find_vlan_dev(real_dev, vlan_id) != NULL)
235 return -EEXIST; 229 return -EEXIST;
236 230
@@ -468,6 +462,19 @@ static int vlan_device_event(struct notifier_block *unused, unsigned long event,
468 } 462 }
469 break; 463 break;
470 464
465 case NETDEV_CHANGEMTU:
466 for (i = 0; i < VLAN_GROUP_ARRAY_LEN; i++) {
467 vlandev = vlan_group_get_device(grp, i);
468 if (!vlandev)
469 continue;
470
471 if (vlandev->mtu <= dev->mtu)
472 continue;
473
474 dev_set_mtu(vlandev, dev->mtu);
475 }
476 break;
477
471 case NETDEV_FEAT_CHANGE: 478 case NETDEV_FEAT_CHANGE:
472 /* Propagate device features to underlying device */ 479 /* Propagate device features to underlying device */
473 for (i = 0; i < VLAN_GROUP_ARRAY_LEN; i++) { 480 for (i = 0; i < VLAN_GROUP_ARRAY_LEN; i++) {
diff --git a/net/8021q/vlanproc.c b/net/8021q/vlanproc.c
index b55a091a33df..6262c335f3c2 100644
--- a/net/8021q/vlanproc.c
+++ b/net/8021q/vlanproc.c
@@ -107,7 +107,7 @@ static const struct file_operations vlandev_fops = {
107 */ 107 */
108 108
109/* Strings */ 109/* Strings */
110static const char *vlan_name_type_str[VLAN_NAME_TYPE_HIGHEST] = { 110static const char *const vlan_name_type_str[VLAN_NAME_TYPE_HIGHEST] = {
111 [VLAN_NAME_TYPE_RAW_PLUS_VID] = "VLAN_NAME_TYPE_RAW_PLUS_VID", 111 [VLAN_NAME_TYPE_RAW_PLUS_VID] = "VLAN_NAME_TYPE_RAW_PLUS_VID",
112 [VLAN_NAME_TYPE_PLUS_VID_NO_PAD] = "VLAN_NAME_TYPE_PLUS_VID_NO_PAD", 112 [VLAN_NAME_TYPE_PLUS_VID_NO_PAD] = "VLAN_NAME_TYPE_PLUS_VID_NO_PAD",
113 [VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD] = "VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD", 113 [VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD] = "VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD",
diff --git a/net/Kconfig b/net/Kconfig
index 7051b9710675..041c35edb763 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -23,6 +23,26 @@ menuconfig NET
23 23
24if NET 24if NET
25 25
26config WANT_COMPAT_NETLINK_MESSAGES
27 bool
28 help
29 This option can be selected by other options that need compat
30 netlink messages.
31
32config COMPAT_NETLINK_MESSAGES
33 def_bool y
34 depends on COMPAT
35 depends on WIRELESS_EXT || WANT_COMPAT_NETLINK_MESSAGES
36 help
37 This option makes it possible to send different netlink messages
38 to tasks depending on whether the task is a compat task or not. To
39 achieve this, you need to set skb_shinfo(skb)->frag_list to the
40 compat skb before sending the skb, the netlink code will sort out
41 which message to actually pass to the task.
42
43 Newly written code should NEVER need this option but do
44 compat-independent messages instead!
45
26menu "Networking options" 46menu "Networking options"
27 47
28source "net/packet/Kconfig" 48source "net/packet/Kconfig"
diff --git a/net/Makefile b/net/Makefile
index ba324aefda73..1542e7268a7b 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -24,7 +24,6 @@ obj-y += ipv6/
24endif 24endif
25obj-$(CONFIG_PACKET) += packet/ 25obj-$(CONFIG_PACKET) += packet/
26obj-$(CONFIG_NET_KEY) += key/ 26obj-$(CONFIG_NET_KEY) += key/
27obj-$(CONFIG_NET_SCHED) += sched/
28obj-$(CONFIG_BRIDGE) += bridge/ 27obj-$(CONFIG_BRIDGE) += bridge/
29obj-$(CONFIG_NET_DSA) += dsa/ 28obj-$(CONFIG_NET_DSA) += dsa/
30obj-$(CONFIG_IPX) += ipx/ 29obj-$(CONFIG_IPX) += ipx/
diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index 875eda5dbad7..0d42d5da50ad 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c
@@ -1400,7 +1400,7 @@ static int atalk_rcv(struct sk_buff *skb, struct net_device *dev,
1400 __u16 len_hops; 1400 __u16 len_hops;
1401 1401
1402 if (!net_eq(dev_net(dev), &init_net)) 1402 if (!net_eq(dev_net(dev), &init_net))
1403 goto freeit; 1403 goto drop;
1404 1404
1405 /* Don't mangle buffer if shared */ 1405 /* Don't mangle buffer if shared */
1406 if (!(skb = skb_share_check(skb, GFP_ATOMIC))) 1406 if (!(skb = skb_share_check(skb, GFP_ATOMIC)))
@@ -1408,7 +1408,7 @@ static int atalk_rcv(struct sk_buff *skb, struct net_device *dev,
1408 1408
1409 /* Size check and make sure header is contiguous */ 1409 /* Size check and make sure header is contiguous */
1410 if (!pskb_may_pull(skb, sizeof(*ddp))) 1410 if (!pskb_may_pull(skb, sizeof(*ddp)))
1411 goto freeit; 1411 goto drop;
1412 1412
1413 ddp = ddp_hdr(skb); 1413 ddp = ddp_hdr(skb);
1414 1414
@@ -1426,7 +1426,7 @@ static int atalk_rcv(struct sk_buff *skb, struct net_device *dev,
1426 if (skb->len < sizeof(*ddp) || skb->len < (len_hops & 1023)) { 1426 if (skb->len < sizeof(*ddp) || skb->len < (len_hops & 1023)) {
1427 pr_debug("AppleTalk: dropping corrupted frame (deh_len=%u, " 1427 pr_debug("AppleTalk: dropping corrupted frame (deh_len=%u, "
1428 "skb->len=%u)\n", len_hops & 1023, skb->len); 1428 "skb->len=%u)\n", len_hops & 1023, skb->len);
1429 goto freeit; 1429 goto drop;
1430 } 1430 }
1431 1431
1432 /* 1432 /*
@@ -1436,7 +1436,7 @@ static int atalk_rcv(struct sk_buff *skb, struct net_device *dev,
1436 if (ddp->deh_sum && 1436 if (ddp->deh_sum &&
1437 atalk_checksum(skb, len_hops & 1023) != ddp->deh_sum) 1437 atalk_checksum(skb, len_hops & 1023) != ddp->deh_sum)
1438 /* Not a valid AppleTalk frame - dustbin time */ 1438 /* Not a valid AppleTalk frame - dustbin time */
1439 goto freeit; 1439 goto drop;
1440 1440
1441 /* Check the packet is aimed at us */ 1441 /* Check the packet is aimed at us */
1442 if (!ddp->deh_dnet) /* Net 0 is 'this network' */ 1442 if (!ddp->deh_dnet) /* Net 0 is 'this network' */
@@ -1449,7 +1449,7 @@ static int atalk_rcv(struct sk_buff *skb, struct net_device *dev,
1449 * AppleTalk iface 1449 * AppleTalk iface
1450 */ 1450 */
1451 atalk_route_packet(skb, dev, ddp, len_hops, origlen); 1451 atalk_route_packet(skb, dev, ddp, len_hops, origlen);
1452 goto out; 1452 return NET_RX_SUCCESS;
1453 } 1453 }
1454 1454
1455 /* if IP over DDP is not selected this code will be optimized out */ 1455 /* if IP over DDP is not selected this code will be optimized out */
@@ -1465,18 +1465,21 @@ static int atalk_rcv(struct sk_buff *skb, struct net_device *dev,
1465 1465
1466 sock = atalk_search_socket(&tosat, atif); 1466 sock = atalk_search_socket(&tosat, atif);
1467 if (!sock) /* But not one of our sockets */ 1467 if (!sock) /* But not one of our sockets */
1468 goto freeit; 1468 goto drop;
1469 1469
1470 /* Queue packet (standard) */ 1470 /* Queue packet (standard) */
1471 skb->sk = sock; 1471 skb->sk = sock;
1472 1472
1473 if (sock_queue_rcv_skb(sock, skb) < 0) 1473 if (sock_queue_rcv_skb(sock, skb) < 0)
1474 goto freeit; 1474 goto drop;
1475out: 1475
1476 return 0; 1476 return NET_RX_SUCCESS;
1477freeit: 1477
1478drop:
1478 kfree_skb(skb); 1479 kfree_skb(skb);
1479 goto out; 1480out:
1481 return NET_RX_DROP;
1482
1480} 1483}
1481 1484
1482/* 1485/*
diff --git a/net/atm/br2684.c b/net/atm/br2684.c
index 2912665fc58c..848af113ba2a 100644
--- a/net/atm/br2684.c
+++ b/net/atm/br2684.c
@@ -238,7 +238,7 @@ static int br2684_start_xmit(struct sk_buff *skb, struct net_device *dev)
238 /* netif_stop_queue(dev); */ 238 /* netif_stop_queue(dev); */
239 dev_kfree_skb(skb); 239 dev_kfree_skb(skb);
240 read_unlock(&devs_lock); 240 read_unlock(&devs_lock);
241 return 0; 241 return NETDEV_TX_OK;
242 } 242 }
243 if (!br2684_xmit_vcc(skb, dev, brvcc)) { 243 if (!br2684_xmit_vcc(skb, dev, brvcc)) {
244 /* 244 /*
@@ -252,7 +252,7 @@ static int br2684_start_xmit(struct sk_buff *skb, struct net_device *dev)
252 dev->stats.tx_fifo_errors++; 252 dev->stats.tx_fifo_errors++;
253 } 253 }
254 read_unlock(&devs_lock); 254 read_unlock(&devs_lock);
255 return 0; 255 return NETDEV_TX_OK;
256} 256}
257 257
258/* 258/*
diff --git a/net/atm/clip.c b/net/atm/clip.c
index e65a3b1477f8..64910bb86089 100644
--- a/net/atm/clip.c
+++ b/net/atm/clip.c
@@ -373,7 +373,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
373 printk(KERN_ERR "clip_start_xmit: skb_dst(skb) == NULL\n"); 373 printk(KERN_ERR "clip_start_xmit: skb_dst(skb) == NULL\n");
374 dev_kfree_skb(skb); 374 dev_kfree_skb(skb);
375 dev->stats.tx_dropped++; 375 dev->stats.tx_dropped++;
376 return 0; 376 return NETDEV_TX_OK;
377 } 377 }
378 if (!skb_dst(skb)->neighbour) { 378 if (!skb_dst(skb)->neighbour) {
379#if 0 379#if 0
@@ -387,7 +387,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
387 printk(KERN_ERR "clip_start_xmit: NO NEIGHBOUR !\n"); 387 printk(KERN_ERR "clip_start_xmit: NO NEIGHBOUR !\n");
388 dev_kfree_skb(skb); 388 dev_kfree_skb(skb);
389 dev->stats.tx_dropped++; 389 dev->stats.tx_dropped++;
390 return 0; 390 return NETDEV_TX_OK;
391 } 391 }
392 entry = NEIGH2ENTRY(skb_dst(skb)->neighbour); 392 entry = NEIGH2ENTRY(skb_dst(skb)->neighbour);
393 if (!entry->vccs) { 393 if (!entry->vccs) {
@@ -402,7 +402,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
402 dev_kfree_skb(skb); 402 dev_kfree_skb(skb);
403 dev->stats.tx_dropped++; 403 dev->stats.tx_dropped++;
404 } 404 }
405 return 0; 405 return NETDEV_TX_OK;
406 } 406 }
407 pr_debug("neigh %p, vccs %p\n", entry, entry->vccs); 407 pr_debug("neigh %p, vccs %p\n", entry, entry->vccs);
408 ATM_SKB(skb)->vcc = vcc = entry->vccs->vcc; 408 ATM_SKB(skb)->vcc = vcc = entry->vccs->vcc;
@@ -421,14 +421,14 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
421 old = xchg(&entry->vccs->xoff, 1); /* assume XOFF ... */ 421 old = xchg(&entry->vccs->xoff, 1); /* assume XOFF ... */
422 if (old) { 422 if (old) {
423 printk(KERN_WARNING "clip_start_xmit: XOFF->XOFF transition\n"); 423 printk(KERN_WARNING "clip_start_xmit: XOFF->XOFF transition\n");
424 return 0; 424 return NETDEV_TX_OK;
425 } 425 }
426 dev->stats.tx_packets++; 426 dev->stats.tx_packets++;
427 dev->stats.tx_bytes += skb->len; 427 dev->stats.tx_bytes += skb->len;
428 vcc->send(vcc, skb); 428 vcc->send(vcc, skb);
429 if (atm_may_send(vcc, 0)) { 429 if (atm_may_send(vcc, 0)) {
430 entry->vccs->xoff = 0; 430 entry->vccs->xoff = 0;
431 return 0; 431 return NETDEV_TX_OK;
432 } 432 }
433 spin_lock_irqsave(&clip_priv->xoff_lock, flags); 433 spin_lock_irqsave(&clip_priv->xoff_lock, flags);
434 netif_stop_queue(dev); /* XOFF -> throttle immediately */ 434 netif_stop_queue(dev); /* XOFF -> throttle immediately */
@@ -440,7 +440,7 @@ static int clip_start_xmit(struct sk_buff *skb, struct net_device *dev)
440 of the brief netif_stop_queue. If this isn't true or if it 440 of the brief netif_stop_queue. If this isn't true or if it
441 changes, use netif_wake_queue instead. */ 441 changes, use netif_wake_queue instead. */
442 spin_unlock_irqrestore(&clip_priv->xoff_lock, flags); 442 spin_unlock_irqrestore(&clip_priv->xoff_lock, flags);
443 return 0; 443 return NETDEV_TX_OK;
444} 444}
445 445
446static int clip_mkip(struct atm_vcc *vcc, int timeout) 446static int clip_mkip(struct atm_vcc *vcc, int timeout)
diff --git a/net/atm/lec.c b/net/atm/lec.c
index ff2e594dca9b..8e723c2654cb 100644
--- a/net/atm/lec.c
+++ b/net/atm/lec.c
@@ -289,7 +289,7 @@ static int lec_start_xmit(struct sk_buff *skb, struct net_device *dev)
289 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN); 289 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN);
290 kfree_skb(skb); 290 kfree_skb(skb);
291 if (skb2 == NULL) 291 if (skb2 == NULL)
292 return 0; 292 return NETDEV_TX_OK;
293 skb = skb2; 293 skb = skb2;
294 } 294 }
295 skb_push(skb, 2); 295 skb_push(skb, 2);
@@ -307,7 +307,7 @@ static int lec_start_xmit(struct sk_buff *skb, struct net_device *dev)
307 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN); 307 skb2 = skb_realloc_headroom(skb, LEC_HEADER_LEN);
308 kfree_skb(skb); 308 kfree_skb(skb);
309 if (skb2 == NULL) 309 if (skb2 == NULL)
310 return 0; 310 return NETDEV_TX_OK;
311 skb = skb2; 311 skb = skb2;
312 } 312 }
313#endif 313#endif
@@ -345,7 +345,7 @@ static int lec_start_xmit(struct sk_buff *skb, struct net_device *dev)
345 dev_kfree_skb(skb); 345 dev_kfree_skb(skb);
346 if (skb2 == NULL) { 346 if (skb2 == NULL) {
347 dev->stats.tx_dropped++; 347 dev->stats.tx_dropped++;
348 return 0; 348 return NETDEV_TX_OK;
349 } 349 }
350 skb = skb2; 350 skb = skb2;
351 } 351 }
@@ -416,7 +416,7 @@ out:
416 if (entry) 416 if (entry)
417 lec_arp_put(entry); 417 lec_arp_put(entry);
418 dev->trans_start = jiffies; 418 dev->trans_start = jiffies;
419 return 0; 419 return NETDEV_TX_OK;
420} 420}
421 421
422/* The inverse routine to net_open(). */ 422/* The inverse routine to net_open(). */
@@ -935,9 +935,9 @@ static int lecd_attach(struct atm_vcc *vcc, int arg)
935} 935}
936 936
937#ifdef CONFIG_PROC_FS 937#ifdef CONFIG_PROC_FS
938static char *lec_arp_get_status_string(unsigned char status) 938static const char *lec_arp_get_status_string(unsigned char status)
939{ 939{
940 static char *lec_arp_status_string[] = { 940 static const char *const lec_arp_status_string[] = {
941 "ESI_UNKNOWN ", 941 "ESI_UNKNOWN ",
942 "ESI_ARP_PENDING ", 942 "ESI_ARP_PENDING ",
943 "ESI_VC_PENDING ", 943 "ESI_VC_PENDING ",
@@ -1121,7 +1121,8 @@ static void *lec_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1121 1121
1122static int lec_seq_show(struct seq_file *seq, void *v) 1122static int lec_seq_show(struct seq_file *seq, void *v)
1123{ 1123{
1124 static char lec_banner[] = "Itf MAC ATM destination" 1124 static const char lec_banner[] =
1125 "Itf MAC ATM destination"
1125 " Status Flags " 1126 " Status Flags "
1126 "VPI/VCI Recv VPI/VCI\n"; 1127 "VPI/VCI Recv VPI/VCI\n";
1127 1128
@@ -1505,7 +1506,7 @@ lec_arp_remove(struct lec_priv *priv, struct lec_arp_table *to_remove)
1505} 1506}
1506 1507
1507#if DEBUG_ARP_TABLE 1508#if DEBUG_ARP_TABLE
1508static char *get_status_string(unsigned char st) 1509static const char *get_status_string(unsigned char st)
1509{ 1510{
1510 switch (st) { 1511 switch (st) {
1511 case ESI_UNKNOWN: 1512 case ESI_UNKNOWN:
diff --git a/net/atm/mpc.c b/net/atm/mpc.c
index e5bf11453a18..1ac4b94bf626 100644
--- a/net/atm/mpc.c
+++ b/net/atm/mpc.c
@@ -554,7 +554,7 @@ static int mpc_send_packet(struct sk_buff *skb, struct net_device *dev)
554 while (i < mpc->number_of_mps_macs) { 554 while (i < mpc->number_of_mps_macs) {
555 if (!compare_ether_addr(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN))) 555 if (!compare_ether_addr(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN)))
556 if ( send_via_shortcut(skb, mpc) == 0 ) /* try shortcut */ 556 if ( send_via_shortcut(skb, mpc) == 0 ) /* try shortcut */
557 return 0; /* success! */ 557 return NETDEV_TX_OK; /* success! */
558 i++; 558 i++;
559 } 559 }
560 560
diff --git a/net/atm/proc.c b/net/atm/proc.c
index 38de5ff61ecd..ab8419a324b6 100644
--- a/net/atm/proc.c
+++ b/net/atm/proc.c
@@ -151,8 +151,9 @@ static void *vcc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
151 151
152static void pvc_info(struct seq_file *seq, struct atm_vcc *vcc) 152static void pvc_info(struct seq_file *seq, struct atm_vcc *vcc)
153{ 153{
154 static const char *class_name[] = { "off","UBR","CBR","VBR","ABR" }; 154 static const char *const class_name[] =
155 static const char *aal_name[] = { 155 {"off","UBR","CBR","VBR","ABR"};
156 static const char *const aal_name[] = {
156 "---", "1", "2", "3/4", /* 0- 3 */ 157 "---", "1", "2", "3/4", /* 0- 3 */
157 "???", "5", "???", "???", /* 4- 7 */ 158 "???", "5", "???", "???", /* 4- 7 */
158 "???", "???", "???", "???", /* 8-11 */ 159 "???", "???", "???", "???", /* 8-11 */
@@ -178,7 +179,7 @@ static void pvc_info(struct seq_file *seq, struct atm_vcc *vcc)
178 179
179static const char *vcc_state(struct atm_vcc *vcc) 180static const char *vcc_state(struct atm_vcc *vcc)
180{ 181{
181 static const char *map[] = { ATM_VS2TXT_MAP }; 182 static const char *const map[] = { ATM_VS2TXT_MAP };
182 183
183 return map[ATM_VF2VS(vcc->flags)]; 184 return map[ATM_VF2VS(vcc->flags)];
184} 185}
@@ -335,7 +336,7 @@ static const struct file_operations vcc_seq_fops = {
335 336
336static int svc_seq_show(struct seq_file *seq, void *v) 337static int svc_seq_show(struct seq_file *seq, void *v)
337{ 338{
338 static char atm_svc_banner[] = 339 static const char atm_svc_banner[] =
339 "Itf VPI VCI State Remote\n"; 340 "Itf VPI VCI State Remote\n";
340 341
341 if (v == SEQ_START_TOKEN) 342 if (v == SEQ_START_TOKEN)
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index 0250e0600150..8cfb5a849841 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -49,7 +49,7 @@ static struct net_proto_family *bt_proto[BT_MAX_PROTO];
49static DEFINE_RWLOCK(bt_proto_lock); 49static DEFINE_RWLOCK(bt_proto_lock);
50 50
51static struct lock_class_key bt_lock_key[BT_MAX_PROTO]; 51static struct lock_class_key bt_lock_key[BT_MAX_PROTO];
52static const char *bt_key_strings[BT_MAX_PROTO] = { 52static const char *const bt_key_strings[BT_MAX_PROTO] = {
53 "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP", 53 "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP",
54 "sk_lock-AF_BLUETOOTH-BTPROTO_HCI", 54 "sk_lock-AF_BLUETOOTH-BTPROTO_HCI",
55 "sk_lock-AF_BLUETOOTH-BTPROTO_SCO", 55 "sk_lock-AF_BLUETOOTH-BTPROTO_SCO",
@@ -61,7 +61,7 @@ static const char *bt_key_strings[BT_MAX_PROTO] = {
61}; 61};
62 62
63static struct lock_class_key bt_slock_key[BT_MAX_PROTO]; 63static struct lock_class_key bt_slock_key[BT_MAX_PROTO];
64static const char *bt_slock_key_strings[BT_MAX_PROTO] = { 64static const char *const bt_slock_key_strings[BT_MAX_PROTO] = {
65 "slock-AF_BLUETOOTH-BTPROTO_L2CAP", 65 "slock-AF_BLUETOOTH-BTPROTO_L2CAP",
66 "slock-AF_BLUETOOTH-BTPROTO_HCI", 66 "slock-AF_BLUETOOTH-BTPROTO_HCI",
67 "slock-AF_BLUETOOTH-BTPROTO_SCO", 67 "slock-AF_BLUETOOTH-BTPROTO_SCO",
diff --git a/net/bluetooth/bnep/netdev.c b/net/bluetooth/bnep/netdev.c
index d7a0e9722def..9c42990126a0 100644
--- a/net/bluetooth/bnep/netdev.c
+++ b/net/bluetooth/bnep/netdev.c
@@ -175,14 +175,14 @@ static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev)
175#ifdef CONFIG_BT_BNEP_MC_FILTER 175#ifdef CONFIG_BT_BNEP_MC_FILTER
176 if (bnep_net_mc_filter(skb, s)) { 176 if (bnep_net_mc_filter(skb, s)) {
177 kfree_skb(skb); 177 kfree_skb(skb);
178 return 0; 178 return NETDEV_TX_OK;
179 } 179 }
180#endif 180#endif
181 181
182#ifdef CONFIG_BT_BNEP_PROTO_FILTER 182#ifdef CONFIG_BT_BNEP_PROTO_FILTER
183 if (bnep_net_proto_filter(skb, s)) { 183 if (bnep_net_proto_filter(skb, s)) {
184 kfree_skb(skb); 184 kfree_skb(skb);
185 return 0; 185 return NETDEV_TX_OK;
186 } 186 }
187#endif 187#endif
188 188
@@ -203,7 +203,7 @@ static int bnep_net_xmit(struct sk_buff *skb, struct net_device *dev)
203 netif_stop_queue(dev); 203 netif_stop_queue(dev);
204 } 204 }
205 205
206 return 0; 206 return NETDEV_TX_OK;
207} 207}
208 208
209static const struct net_device_ops bnep_netdev_ops = { 209static const struct net_device_ops bnep_netdev_ops = {
diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
index 18538d7460d7..15d43ba86b53 100644
--- a/net/bridge/br_device.c
+++ b/net/bridge/br_device.c
@@ -39,7 +39,7 @@ int br_dev_xmit(struct sk_buff *skb, struct net_device *dev)
39 else 39 else
40 br_flood_deliver(br, skb); 40 br_flood_deliver(br, skb);
41 41
42 return 0; 42 return NETDEV_TX_OK;
43} 43}
44 44
45static int br_dev_open(struct net_device *dev) 45static int br_dev_open(struct net_device *dev)
diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c
index d2c27c808d3b..bc1704ac6cd9 100644
--- a/net/bridge/br_forward.c
+++ b/net/bridge/br_forward.c
@@ -22,7 +22,8 @@
22static inline int should_deliver(const struct net_bridge_port *p, 22static inline int should_deliver(const struct net_bridge_port *p,
23 const struct sk_buff *skb) 23 const struct sk_buff *skb)
24{ 24{
25 return (skb->dev != p->dev && p->state == BR_STATE_FORWARDING); 25 return (((p->flags & BR_HAIRPIN_MODE) || skb->dev != p->dev) &&
26 p->state == BR_STATE_FORWARDING);
26} 27}
27 28
28static inline unsigned packet_length(const struct sk_buff *skb) 29static inline unsigned packet_length(const struct sk_buff *skb)
diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
index eb404dc3ed6e..e486f1fc3632 100644
--- a/net/bridge/br_if.c
+++ b/net/bridge/br_if.c
@@ -256,6 +256,7 @@ static struct net_bridge_port *new_nbp(struct net_bridge *br,
256 p->path_cost = port_cost(dev); 256 p->path_cost = port_cost(dev);
257 p->priority = 0x8000 >> BR_PORT_BITS; 257 p->priority = 0x8000 >> BR_PORT_BITS;
258 p->port_no = index; 258 p->port_no = index;
259 p->flags = 0;
259 br_init_port(p); 260 br_init_port(p);
260 p->state = BR_STATE_DISABLED; 261 p->state = BR_STATE_DISABLED;
261 br_stp_port_timer_init(p); 262 br_stp_port_timer_init(p);
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index d22f611e4004..4fde7425077d 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -905,46 +905,62 @@ static unsigned int ip_sabotage_in(unsigned int hook, struct sk_buff *skb,
905 * For br_nf_post_routing, we need (prio = NF_BR_PRI_LAST), because 905 * For br_nf_post_routing, we need (prio = NF_BR_PRI_LAST), because
906 * ip_refrag() can return NF_STOLEN. */ 906 * ip_refrag() can return NF_STOLEN. */
907static struct nf_hook_ops br_nf_ops[] __read_mostly = { 907static struct nf_hook_ops br_nf_ops[] __read_mostly = {
908 { .hook = br_nf_pre_routing, 908 {
909 .owner = THIS_MODULE, 909 .hook = br_nf_pre_routing,
910 .pf = PF_BRIDGE, 910 .owner = THIS_MODULE,
911 .hooknum = NF_BR_PRE_ROUTING, 911 .pf = PF_BRIDGE,
912 .priority = NF_BR_PRI_BRNF, }, 912 .hooknum = NF_BR_PRE_ROUTING,
913 { .hook = br_nf_local_in, 913 .priority = NF_BR_PRI_BRNF,
914 .owner = THIS_MODULE, 914 },
915 .pf = PF_BRIDGE, 915 {
916 .hooknum = NF_BR_LOCAL_IN, 916 .hook = br_nf_local_in,
917 .priority = NF_BR_PRI_BRNF, }, 917 .owner = THIS_MODULE,
918 { .hook = br_nf_forward_ip, 918 .pf = PF_BRIDGE,
919 .owner = THIS_MODULE, 919 .hooknum = NF_BR_LOCAL_IN,
920 .pf = PF_BRIDGE, 920 .priority = NF_BR_PRI_BRNF,
921 .hooknum = NF_BR_FORWARD, 921 },
922 .priority = NF_BR_PRI_BRNF - 1, }, 922 {
923 { .hook = br_nf_forward_arp, 923 .hook = br_nf_forward_ip,
924 .owner = THIS_MODULE, 924 .owner = THIS_MODULE,
925 .pf = PF_BRIDGE, 925 .pf = PF_BRIDGE,
926 .hooknum = NF_BR_FORWARD, 926 .hooknum = NF_BR_FORWARD,
927 .priority = NF_BR_PRI_BRNF, }, 927 .priority = NF_BR_PRI_BRNF - 1,
928 { .hook = br_nf_local_out, 928 },
929 .owner = THIS_MODULE, 929 {
930 .pf = PF_BRIDGE, 930 .hook = br_nf_forward_arp,
931 .hooknum = NF_BR_LOCAL_OUT, 931 .owner = THIS_MODULE,
932 .priority = NF_BR_PRI_FIRST, }, 932 .pf = PF_BRIDGE,
933 { .hook = br_nf_post_routing, 933 .hooknum = NF_BR_FORWARD,
934 .owner = THIS_MODULE, 934 .priority = NF_BR_PRI_BRNF,
935 .pf = PF_BRIDGE, 935 },
936 .hooknum = NF_BR_POST_ROUTING, 936 {
937 .priority = NF_BR_PRI_LAST, }, 937 .hook = br_nf_local_out,
938 { .hook = ip_sabotage_in, 938 .owner = THIS_MODULE,
939 .owner = THIS_MODULE, 939 .pf = PF_BRIDGE,
940 .pf = PF_INET, 940 .hooknum = NF_BR_LOCAL_OUT,
941 .hooknum = NF_INET_PRE_ROUTING, 941 .priority = NF_BR_PRI_FIRST,
942 .priority = NF_IP_PRI_FIRST, }, 942 },
943 { .hook = ip_sabotage_in, 943 {
944 .owner = THIS_MODULE, 944 .hook = br_nf_post_routing,
945 .pf = PF_INET6, 945 .owner = THIS_MODULE,
946 .hooknum = NF_INET_PRE_ROUTING, 946 .pf = PF_BRIDGE,
947 .priority = NF_IP6_PRI_FIRST, }, 947 .hooknum = NF_BR_POST_ROUTING,
948 .priority = NF_BR_PRI_LAST,
949 },
950 {
951 .hook = ip_sabotage_in,
952 .owner = THIS_MODULE,
953 .pf = PF_INET,
954 .hooknum = NF_INET_PRE_ROUTING,
955 .priority = NF_IP_PRI_FIRST,
956 },
957 {
958 .hook = ip_sabotage_in,
959 .owner = THIS_MODULE,
960 .pf = PF_INET6,
961 .hooknum = NF_INET_PRE_ROUTING,
962 .priority = NF_IP6_PRI_FIRST,
963 },
948}; 964};
949 965
950#ifdef CONFIG_SYSCTL 966#ifdef CONFIG_SYSCTL
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
index d5b5537272b4..8319247dad5d 100644
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -81,6 +81,9 @@ struct net_bridge_port
81 struct timer_list message_age_timer; 81 struct timer_list message_age_timer;
82 struct kobject kobj; 82 struct kobject kobj;
83 struct rcu_head rcu; 83 struct rcu_head rcu;
84
85 unsigned long flags;
86#define BR_HAIRPIN_MODE 0x00000001
84}; 87};
85 88
86struct net_bridge 89struct net_bridge
diff --git a/net/bridge/br_stp.c b/net/bridge/br_stp.c
index 0660515f3992..fd3f8d6c0998 100644
--- a/net/bridge/br_stp.c
+++ b/net/bridge/br_stp.c
@@ -21,7 +21,7 @@
21 */ 21 */
22#define MESSAGE_AGE_INCR ((HZ < 256) ? 1 : (HZ/256)) 22#define MESSAGE_AGE_INCR ((HZ < 256) ? 1 : (HZ/256))
23 23
24static const char *br_port_state_names[] = { 24static const char *const br_port_state_names[] = {
25 [BR_STATE_DISABLED] = "disabled", 25 [BR_STATE_DISABLED] = "disabled",
26 [BR_STATE_LISTENING] = "listening", 26 [BR_STATE_LISTENING] = "listening",
27 [BR_STATE_LEARNING] = "learning", 27 [BR_STATE_LEARNING] = "learning",
diff --git a/net/bridge/br_sysfs_if.c b/net/bridge/br_sysfs_if.c
index 4a3cdf8f3813..820643a3ba9c 100644
--- a/net/bridge/br_sysfs_if.c
+++ b/net/bridge/br_sysfs_if.c
@@ -143,6 +143,22 @@ static ssize_t store_flush(struct net_bridge_port *p, unsigned long v)
143} 143}
144static BRPORT_ATTR(flush, S_IWUSR, NULL, store_flush); 144static BRPORT_ATTR(flush, S_IWUSR, NULL, store_flush);
145 145
146static ssize_t show_hairpin_mode(struct net_bridge_port *p, char *buf)
147{
148 int hairpin_mode = (p->flags & BR_HAIRPIN_MODE) ? 1 : 0;
149 return sprintf(buf, "%d\n", hairpin_mode);
150}
151static ssize_t store_hairpin_mode(struct net_bridge_port *p, unsigned long v)
152{
153 if (v)
154 p->flags |= BR_HAIRPIN_MODE;
155 else
156 p->flags &= ~BR_HAIRPIN_MODE;
157 return 0;
158}
159static BRPORT_ATTR(hairpin_mode, S_IRUGO | S_IWUSR,
160 show_hairpin_mode, store_hairpin_mode);
161
146static struct brport_attribute *brport_attrs[] = { 162static struct brport_attribute *brport_attrs[] = {
147 &brport_attr_path_cost, 163 &brport_attr_path_cost,
148 &brport_attr_priority, 164 &brport_attr_priority,
@@ -159,6 +175,7 @@ static struct brport_attribute *brport_attrs[] = {
159 &brport_attr_forward_delay_timer, 175 &brport_attr_forward_delay_timer,
160 &brport_attr_hold_timer, 176 &brport_attr_hold_timer,
161 &brport_attr_flush, 177 &brport_attr_flush,
178 &brport_attr_hairpin_mode,
162 NULL 179 NULL
163}; 180};
164 181
diff --git a/net/compat.c b/net/compat.c
index 8d739053afe4..12728b17a226 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -743,6 +743,18 @@ asmlinkage long compat_sys_recvmsg(int fd, struct compat_msghdr __user *msg, uns
743 return sys_recvmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT); 743 return sys_recvmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT);
744} 744}
745 745
746asmlinkage long compat_sys_recv(int fd, void __user *buf, size_t len, unsigned flags)
747{
748 return sys_recv(fd, buf, len, flags | MSG_CMSG_COMPAT);
749}
750
751asmlinkage long compat_sys_recvfrom(int fd, void __user *buf, size_t len,
752 unsigned flags, struct sockaddr __user *addr,
753 int __user *addrlen)
754{
755 return sys_recvfrom(fd, buf, len, flags | MSG_CMSG_COMPAT, addr, addrlen);
756}
757
746asmlinkage long compat_sys_socketcall(int call, u32 __user *args) 758asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
747{ 759{
748 int ret; 760 int ret;
@@ -788,10 +800,11 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
788 ret = sys_sendto(a0, compat_ptr(a1), a[2], a[3], compat_ptr(a[4]), a[5]); 800 ret = sys_sendto(a0, compat_ptr(a1), a[2], a[3], compat_ptr(a[4]), a[5]);
789 break; 801 break;
790 case SYS_RECV: 802 case SYS_RECV:
791 ret = sys_recv(a0, compat_ptr(a1), a[2], a[3]); 803 ret = compat_sys_recv(a0, compat_ptr(a1), a[2], a[3]);
792 break; 804 break;
793 case SYS_RECVFROM: 805 case SYS_RECVFROM:
794 ret = sys_recvfrom(a0, compat_ptr(a1), a[2], a[3], compat_ptr(a[4]), compat_ptr(a[5])); 806 ret = compat_sys_recvfrom(a0, compat_ptr(a1), a[2], a[3],
807 compat_ptr(a[4]), compat_ptr(a[5]));
795 break; 808 break;
796 case SYS_SHUTDOWN: 809 case SYS_SHUTDOWN:
797 ret = sys_shutdown(a0,a1); 810 ret = sys_shutdown(a0,a1);
diff --git a/net/core/datagram.c b/net/core/datagram.c
index b0fe69211eef..1c6cf3a1a4f6 100644
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -55,6 +55,7 @@
55#include <net/checksum.h> 55#include <net/checksum.h>
56#include <net/sock.h> 56#include <net/sock.h>
57#include <net/tcp_states.h> 57#include <net/tcp_states.h>
58#include <trace/events/skb.h>
58 59
59/* 60/*
60 * Is a socket 'connection oriented' ? 61 * Is a socket 'connection oriented' ?
@@ -284,6 +285,8 @@ int skb_copy_datagram_iovec(const struct sk_buff *skb, int offset,
284 int i, copy = start - offset; 285 int i, copy = start - offset;
285 struct sk_buff *frag_iter; 286 struct sk_buff *frag_iter;
286 287
288 trace_skb_copy_datagram_iovec(skb, len);
289
287 /* Copy header. */ 290 /* Copy header. */
288 if (copy > 0) { 291 if (copy > 0) {
289 if (copy > len) 292 if (copy > len)
diff --git a/net/core/dev.c b/net/core/dev.c
index 6a94475aee85..09fb03fa1ae6 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -272,7 +272,7 @@ static const unsigned short netdev_lock_type[] =
272 ARPHRD_PHONET_PIPE, ARPHRD_IEEE802154, ARPHRD_IEEE802154_PHY, 272 ARPHRD_PHONET_PIPE, ARPHRD_IEEE802154, ARPHRD_IEEE802154_PHY,
273 ARPHRD_VOID, ARPHRD_NONE}; 273 ARPHRD_VOID, ARPHRD_NONE};
274 274
275static const char *netdev_lock_name[] = 275static const char *const netdev_lock_name[] =
276 {"_xmit_NETROM", "_xmit_ETHER", "_xmit_EETHER", "_xmit_AX25", 276 {"_xmit_NETROM", "_xmit_ETHER", "_xmit_EETHER", "_xmit_AX25",
277 "_xmit_PRONET", "_xmit_CHAOS", "_xmit_IEEE802", "_xmit_ARCNET", 277 "_xmit_PRONET", "_xmit_CHAOS", "_xmit_IEEE802", "_xmit_ARCNET",
278 "_xmit_APPLETLK", "_xmit_DLCI", "_xmit_ATM", "_xmit_METRICOM", 278 "_xmit_APPLETLK", "_xmit_DLCI", "_xmit_ATM", "_xmit_METRICOM",
@@ -1704,7 +1704,7 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
1704 skb_dst_drop(skb); 1704 skb_dst_drop(skb);
1705 1705
1706 rc = ops->ndo_start_xmit(skb, dev); 1706 rc = ops->ndo_start_xmit(skb, dev);
1707 if (rc == 0) 1707 if (rc == NETDEV_TX_OK)
1708 txq_trans_update(txq); 1708 txq_trans_update(txq);
1709 /* 1709 /*
1710 * TODO: if skb_orphan() was called by 1710 * TODO: if skb_orphan() was called by
@@ -1730,7 +1730,7 @@ gso:
1730 skb->next = nskb->next; 1730 skb->next = nskb->next;
1731 nskb->next = NULL; 1731 nskb->next = NULL;
1732 rc = ops->ndo_start_xmit(nskb, dev); 1732 rc = ops->ndo_start_xmit(nskb, dev);
1733 if (unlikely(rc)) { 1733 if (unlikely(rc != NETDEV_TX_OK)) {
1734 nskb->next = skb->next; 1734 nskb->next = skb->next;
1735 skb->next = nskb; 1735 skb->next = nskb;
1736 return rc; 1736 return rc;
@@ -1744,7 +1744,7 @@ gso:
1744 1744
1745out_kfree_skb: 1745out_kfree_skb:
1746 kfree_skb(skb); 1746 kfree_skb(skb);
1747 return 0; 1747 return NETDEV_TX_OK;
1748} 1748}
1749 1749
1750static u32 skb_tx_hashrnd; 1750static u32 skb_tx_hashrnd;
@@ -1786,6 +1786,40 @@ static struct netdev_queue *dev_pick_tx(struct net_device *dev,
1786 return netdev_get_tx_queue(dev, queue_index); 1786 return netdev_get_tx_queue(dev, queue_index);
1787} 1787}
1788 1788
1789static inline int __dev_xmit_skb(struct sk_buff *skb, struct Qdisc *q,
1790 struct net_device *dev,
1791 struct netdev_queue *txq)
1792{
1793 spinlock_t *root_lock = qdisc_lock(q);
1794 int rc;
1795
1796 spin_lock(root_lock);
1797 if (unlikely(test_bit(__QDISC_STATE_DEACTIVATED, &q->state))) {
1798 kfree_skb(skb);
1799 rc = NET_XMIT_DROP;
1800 } else if ((q->flags & TCQ_F_CAN_BYPASS) && !qdisc_qlen(q) &&
1801 !test_and_set_bit(__QDISC_STATE_RUNNING, &q->state)) {
1802 /*
1803 * This is a work-conserving queue; there are no old skbs
1804 * waiting to be sent out; and the qdisc is not running -
1805 * xmit the skb directly.
1806 */
1807 __qdisc_update_bstats(q, skb->len);
1808 if (sch_direct_xmit(skb, q, dev, txq, root_lock))
1809 __qdisc_run(q);
1810 else
1811 clear_bit(__QDISC_STATE_RUNNING, &q->state);
1812
1813 rc = NET_XMIT_SUCCESS;
1814 } else {
1815 rc = qdisc_enqueue_root(skb, q);
1816 qdisc_run(q);
1817 }
1818 spin_unlock(root_lock);
1819
1820 return rc;
1821}
1822
1789/** 1823/**
1790 * dev_queue_xmit - transmit a buffer 1824 * dev_queue_xmit - transmit a buffer
1791 * @skb: buffer to transmit 1825 * @skb: buffer to transmit
@@ -1859,19 +1893,7 @@ gso:
1859 skb->tc_verd = SET_TC_AT(skb->tc_verd,AT_EGRESS); 1893 skb->tc_verd = SET_TC_AT(skb->tc_verd,AT_EGRESS);
1860#endif 1894#endif
1861 if (q->enqueue) { 1895 if (q->enqueue) {
1862 spinlock_t *root_lock = qdisc_lock(q); 1896 rc = __dev_xmit_skb(skb, q, dev, txq);
1863
1864 spin_lock(root_lock);
1865
1866 if (unlikely(test_bit(__QDISC_STATE_DEACTIVATED, &q->state))) {
1867 kfree_skb(skb);
1868 rc = NET_XMIT_DROP;
1869 } else {
1870 rc = qdisc_enqueue_root(skb, q);
1871 qdisc_run(q);
1872 }
1873 spin_unlock(root_lock);
1874
1875 goto out; 1897 goto out;
1876 } 1898 }
1877 1899
@@ -3927,6 +3949,7 @@ int __dev_addr_sync(struct dev_addr_list **to, int *to_count,
3927 } 3949 }
3928 return err; 3950 return err;
3929} 3951}
3952EXPORT_SYMBOL_GPL(__dev_addr_sync);
3930 3953
3931void __dev_addr_unsync(struct dev_addr_list **to, int *to_count, 3954void __dev_addr_unsync(struct dev_addr_list **to, int *to_count,
3932 struct dev_addr_list **from, int *from_count) 3955 struct dev_addr_list **from, int *from_count)
@@ -3946,6 +3969,7 @@ void __dev_addr_unsync(struct dev_addr_list **to, int *to_count,
3946 da = next; 3969 da = next;
3947 } 3970 }
3948} 3971}
3972EXPORT_SYMBOL_GPL(__dev_addr_unsync);
3949 3973
3950/** 3974/**
3951 * dev_unicast_sync - Synchronize device's unicast list to another device 3975 * dev_unicast_sync - Synchronize device's unicast list to another device
@@ -5347,6 +5371,7 @@ int dev_change_net_namespace(struct net_device *dev, struct net *net, const char
5347out: 5371out:
5348 return err; 5372 return err;
5349} 5373}
5374EXPORT_SYMBOL_GPL(dev_change_net_namespace);
5350 5375
5351static int dev_cpu_callback(struct notifier_block *nfb, 5376static int dev_cpu_callback(struct notifier_block *nfb,
5352 unsigned long action, 5377 unsigned long action,
diff --git a/net/core/ethtool.c b/net/core/ethtool.c
index d9d5160610d5..44e571111d3a 100644
--- a/net/core/ethtool.c
+++ b/net/core/ethtool.c
@@ -30,10 +30,17 @@ u32 ethtool_op_get_link(struct net_device *dev)
30 return netif_carrier_ok(dev) ? 1 : 0; 30 return netif_carrier_ok(dev) ? 1 : 0;
31} 31}
32 32
33u32 ethtool_op_get_rx_csum(struct net_device *dev)
34{
35 return (dev->features & NETIF_F_ALL_CSUM) != 0;
36}
37EXPORT_SYMBOL(ethtool_op_get_rx_csum);
38
33u32 ethtool_op_get_tx_csum(struct net_device *dev) 39u32 ethtool_op_get_tx_csum(struct net_device *dev)
34{ 40{
35 return (dev->features & NETIF_F_ALL_CSUM) != 0; 41 return (dev->features & NETIF_F_ALL_CSUM) != 0;
36} 42}
43EXPORT_SYMBOL(ethtool_op_get_tx_csum);
37 44
38int ethtool_op_set_tx_csum(struct net_device *dev, u32 data) 45int ethtool_op_set_tx_csum(struct net_device *dev, u32 data)
39{ 46{
@@ -1004,7 +1011,9 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
1004 break; 1011 break;
1005 case ETHTOOL_GRXCSUM: 1012 case ETHTOOL_GRXCSUM:
1006 rc = ethtool_get_value(dev, useraddr, ethcmd, 1013 rc = ethtool_get_value(dev, useraddr, ethcmd,
1007 dev->ethtool_ops->get_rx_csum); 1014 (dev->ethtool_ops->get_rx_csum ?
1015 dev->ethtool_ops->get_rx_csum :
1016 ethtool_op_get_rx_csum));
1008 break; 1017 break;
1009 case ETHTOOL_SRXCSUM: 1018 case ETHTOOL_SRXCSUM:
1010 rc = ethtool_set_rx_csum(dev, useraddr); 1019 rc = ethtool_set_rx_csum(dev, useraddr);
@@ -1068,7 +1077,9 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
1068 break; 1077 break;
1069 case ETHTOOL_GFLAGS: 1078 case ETHTOOL_GFLAGS:
1070 rc = ethtool_get_value(dev, useraddr, ethcmd, 1079 rc = ethtool_get_value(dev, useraddr, ethcmd,
1071 dev->ethtool_ops->get_flags); 1080 (dev->ethtool_ops->get_flags ?
1081 dev->ethtool_ops->get_flags :
1082 ethtool_op_get_flags));
1072 break; 1083 break;
1073 case ETHTOOL_SFLAGS: 1084 case ETHTOOL_SFLAGS:
1074 rc = ethtool_set_value(dev, useraddr, 1085 rc = ethtool_set_value(dev, useraddr,
@@ -1116,7 +1127,6 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
1116EXPORT_SYMBOL(ethtool_op_get_link); 1127EXPORT_SYMBOL(ethtool_op_get_link);
1117EXPORT_SYMBOL(ethtool_op_get_sg); 1128EXPORT_SYMBOL(ethtool_op_get_sg);
1118EXPORT_SYMBOL(ethtool_op_get_tso); 1129EXPORT_SYMBOL(ethtool_op_get_tso);
1119EXPORT_SYMBOL(ethtool_op_get_tx_csum);
1120EXPORT_SYMBOL(ethtool_op_set_sg); 1130EXPORT_SYMBOL(ethtool_op_set_sg);
1121EXPORT_SYMBOL(ethtool_op_set_tso); 1131EXPORT_SYMBOL(ethtool_op_set_tso);
1122EXPORT_SYMBOL(ethtool_op_set_tx_csum); 1132EXPORT_SYMBOL(ethtool_op_set_tx_csum);
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 163b4f5b0365..e587e6819698 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -692,75 +692,74 @@ static void neigh_connect(struct neighbour *neigh)
692 hh->hh_output = neigh->ops->hh_output; 692 hh->hh_output = neigh->ops->hh_output;
693} 693}
694 694
695static void neigh_periodic_timer(unsigned long arg) 695static void neigh_periodic_work(struct work_struct *work)
696{ 696{
697 struct neigh_table *tbl = (struct neigh_table *)arg; 697 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
698 struct neighbour *n, **np; 698 struct neighbour *n, **np;
699 unsigned long expire, now = jiffies; 699 unsigned int i;
700 700
701 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs); 701 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
702 702
703 write_lock(&tbl->lock); 703 write_lock_bh(&tbl->lock);
704 704
705 /* 705 /*
706 * periodically recompute ReachableTime from random function 706 * periodically recompute ReachableTime from random function
707 */ 707 */
708 708
709 if (time_after(now, tbl->last_rand + 300 * HZ)) { 709 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
710 struct neigh_parms *p; 710 struct neigh_parms *p;
711 tbl->last_rand = now; 711 tbl->last_rand = jiffies;
712 for (p = &tbl->parms; p; p = p->next) 712 for (p = &tbl->parms; p; p = p->next)
713 p->reachable_time = 713 p->reachable_time =
714 neigh_rand_reach_time(p->base_reachable_time); 714 neigh_rand_reach_time(p->base_reachable_time);
715 } 715 }
716 716
717 np = &tbl->hash_buckets[tbl->hash_chain_gc]; 717 for (i = 0 ; i <= tbl->hash_mask; i++) {
718 tbl->hash_chain_gc = ((tbl->hash_chain_gc + 1) & tbl->hash_mask); 718 np = &tbl->hash_buckets[i];
719 719
720 while ((n = *np) != NULL) { 720 while ((n = *np) != NULL) {
721 unsigned int state; 721 unsigned int state;
722 722
723 write_lock(&n->lock); 723 write_lock(&n->lock);
724 724
725 state = n->nud_state; 725 state = n->nud_state;
726 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) { 726 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) {
727 write_unlock(&n->lock); 727 write_unlock(&n->lock);
728 goto next_elt; 728 goto next_elt;
729 } 729 }
730 730
731 if (time_before(n->used, n->confirmed)) 731 if (time_before(n->used, n->confirmed))
732 n->used = n->confirmed; 732 n->used = n->confirmed;
733 733
734 if (atomic_read(&n->refcnt) == 1 && 734 if (atomic_read(&n->refcnt) == 1 &&
735 (state == NUD_FAILED || 735 (state == NUD_FAILED ||
736 time_after(now, n->used + n->parms->gc_staletime))) { 736 time_after(jiffies, n->used + n->parms->gc_staletime))) {
737 *np = n->next; 737 *np = n->next;
738 n->dead = 1; 738 n->dead = 1;
739 write_unlock(&n->lock);
740 neigh_cleanup_and_release(n);
741 continue;
742 }
739 write_unlock(&n->lock); 743 write_unlock(&n->lock);
740 neigh_cleanup_and_release(n);
741 continue;
742 }
743 write_unlock(&n->lock);
744 744
745next_elt: 745next_elt:
746 np = &n->next; 746 np = &n->next;
747 }
748 /*
749 * It's fine to release lock here, even if hash table
750 * grows while we are preempted.
751 */
752 write_unlock_bh(&tbl->lock);
753 cond_resched();
754 write_lock_bh(&tbl->lock);
747 } 755 }
748
749 /* Cycle through all hash buckets every base_reachable_time/2 ticks. 756 /* Cycle through all hash buckets every base_reachable_time/2 ticks.
750 * ARP entry timeouts range from 1/2 base_reachable_time to 3/2 757 * ARP entry timeouts range from 1/2 base_reachable_time to 3/2
751 * base_reachable_time. 758 * base_reachable_time.
752 */ 759 */
753 expire = tbl->parms.base_reachable_time >> 1; 760 schedule_delayed_work(&tbl->gc_work,
754 expire /= (tbl->hash_mask + 1); 761 tbl->parms.base_reachable_time >> 1);
755 if (!expire) 762 write_unlock_bh(&tbl->lock);
756 expire = 1;
757
758 if (expire>HZ)
759 mod_timer(&tbl->gc_timer, round_jiffies(now + expire));
760 else
761 mod_timer(&tbl->gc_timer, now + expire);
762
763 write_unlock(&tbl->lock);
764} 763}
765 764
766static __inline__ int neigh_max_probes(struct neighbour *n) 765static __inline__ int neigh_max_probes(struct neighbour *n)
@@ -1316,7 +1315,7 @@ void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1316} 1315}
1317EXPORT_SYMBOL(pneigh_enqueue); 1316EXPORT_SYMBOL(pneigh_enqueue);
1318 1317
1319static inline struct neigh_parms *lookup_neigh_params(struct neigh_table *tbl, 1318static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1320 struct net *net, int ifindex) 1319 struct net *net, int ifindex)
1321{ 1320{
1322 struct neigh_parms *p; 1321 struct neigh_parms *p;
@@ -1337,7 +1336,7 @@ struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1337 struct net *net = dev_net(dev); 1336 struct net *net = dev_net(dev);
1338 const struct net_device_ops *ops = dev->netdev_ops; 1337 const struct net_device_ops *ops = dev->netdev_ops;
1339 1338
1340 ref = lookup_neigh_params(tbl, net, 0); 1339 ref = lookup_neigh_parms(tbl, net, 0);
1341 if (!ref) 1340 if (!ref)
1342 return NULL; 1341 return NULL;
1343 1342
@@ -1442,10 +1441,8 @@ void neigh_table_init_no_netlink(struct neigh_table *tbl)
1442 get_random_bytes(&tbl->hash_rnd, sizeof(tbl->hash_rnd)); 1441 get_random_bytes(&tbl->hash_rnd, sizeof(tbl->hash_rnd));
1443 1442
1444 rwlock_init(&tbl->lock); 1443 rwlock_init(&tbl->lock);
1445 setup_timer(&tbl->gc_timer, neigh_periodic_timer, (unsigned long)tbl); 1444 INIT_DELAYED_WORK_DEFERRABLE(&tbl->gc_work, neigh_periodic_work);
1446 tbl->gc_timer.expires = now + 1; 1445 schedule_delayed_work(&tbl->gc_work, tbl->parms.reachable_time);
1447 add_timer(&tbl->gc_timer);
1448
1449 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl); 1446 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl);
1450 skb_queue_head_init_class(&tbl->proxy_queue, 1447 skb_queue_head_init_class(&tbl->proxy_queue,
1451 &neigh_table_proxy_queue_class); 1448 &neigh_table_proxy_queue_class);
@@ -1482,7 +1479,8 @@ int neigh_table_clear(struct neigh_table *tbl)
1482 struct neigh_table **tp; 1479 struct neigh_table **tp;
1483 1480
1484 /* It is not clean... Fix it to unload IPv6 module safely */ 1481 /* It is not clean... Fix it to unload IPv6 module safely */
1485 del_timer_sync(&tbl->gc_timer); 1482 cancel_delayed_work(&tbl->gc_work);
1483 flush_scheduled_work();
1486 del_timer_sync(&tbl->proxy_timer); 1484 del_timer_sync(&tbl->proxy_timer);
1487 pneigh_queue_purge(&tbl->proxy_queue); 1485 pneigh_queue_purge(&tbl->proxy_queue);
1488 neigh_ifdown(tbl, NULL); 1486 neigh_ifdown(tbl, NULL);
@@ -1752,7 +1750,6 @@ static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
1752 .ndtc_last_rand = jiffies_to_msecs(rand_delta), 1750 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
1753 .ndtc_hash_rnd = tbl->hash_rnd, 1751 .ndtc_hash_rnd = tbl->hash_rnd,
1754 .ndtc_hash_mask = tbl->hash_mask, 1752 .ndtc_hash_mask = tbl->hash_mask,
1755 .ndtc_hash_chain_gc = tbl->hash_chain_gc,
1756 .ndtc_proxy_qlen = tbl->proxy_queue.qlen, 1753 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
1757 }; 1754 };
1758 1755
@@ -1906,7 +1903,7 @@ static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1906 if (tbp[NDTPA_IFINDEX]) 1903 if (tbp[NDTPA_IFINDEX])
1907 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]); 1904 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
1908 1905
1909 p = lookup_neigh_params(tbl, net, ifindex); 1906 p = lookup_neigh_parms(tbl, net, ifindex);
1910 if (p == NULL) { 1907 if (p == NULL) {
1911 err = -ENOENT; 1908 err = -ENOENT;
1912 goto errout_tbl_lock; 1909 goto errout_tbl_lock;
diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c
index 3994680c08b9..ad91e9e5f475 100644
--- a/net/core/net-sysfs.c
+++ b/net/core/net-sysfs.c
@@ -141,7 +141,7 @@ static ssize_t show_dormant(struct device *dev,
141 return -EINVAL; 141 return -EINVAL;
142} 142}
143 143
144static const char *operstates[] = { 144static const char *const operstates[] = {
145 "unknown", 145 "unknown",
146 "notpresent", /* currently unused */ 146 "notpresent", /* currently unused */
147 "down", 147 "down",
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index 197283072cc8..1c1af2756f38 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -6,6 +6,8 @@
6#include <linux/delay.h> 6#include <linux/delay.h>
7#include <linux/sched.h> 7#include <linux/sched.h>
8#include <linux/idr.h> 8#include <linux/idr.h>
9#include <linux/rculist.h>
10#include <linux/nsproxy.h>
9#include <net/net_namespace.h> 11#include <net/net_namespace.h>
10#include <net/netns/generic.h> 12#include <net/netns/generic.h>
11 13
@@ -127,7 +129,7 @@ static struct net *net_create(void)
127 rv = setup_net(net); 129 rv = setup_net(net);
128 if (rv == 0) { 130 if (rv == 0) {
129 rtnl_lock(); 131 rtnl_lock();
130 list_add_tail(&net->list, &net_namespace_list); 132 list_add_tail_rcu(&net->list, &net_namespace_list);
131 rtnl_unlock(); 133 rtnl_unlock();
132 } 134 }
133 mutex_unlock(&net_mutex); 135 mutex_unlock(&net_mutex);
@@ -156,9 +158,16 @@ static void cleanup_net(struct work_struct *work)
156 158
157 /* Don't let anyone else find us. */ 159 /* Don't let anyone else find us. */
158 rtnl_lock(); 160 rtnl_lock();
159 list_del(&net->list); 161 list_del_rcu(&net->list);
160 rtnl_unlock(); 162 rtnl_unlock();
161 163
164 /*
165 * Another CPU might be rcu-iterating the list, wait for it.
166 * This needs to be before calling the exit() notifiers, so
167 * the rcu_barrier() below isn't sufficient alone.
168 */
169 synchronize_rcu();
170
162 /* Run all of the network namespace exit methods */ 171 /* Run all of the network namespace exit methods */
163 list_for_each_entry_reverse(ops, &pernet_list, list) { 172 list_for_each_entry_reverse(ops, &pernet_list, list) {
164 if (ops->exit) 173 if (ops->exit)
@@ -193,6 +202,26 @@ struct net *copy_net_ns(unsigned long flags, struct net *old_net)
193} 202}
194#endif 203#endif
195 204
205struct net *get_net_ns_by_pid(pid_t pid)
206{
207 struct task_struct *tsk;
208 struct net *net;
209
210 /* Lookup the network namespace */
211 net = ERR_PTR(-ESRCH);
212 rcu_read_lock();
213 tsk = find_task_by_vpid(pid);
214 if (tsk) {
215 struct nsproxy *nsproxy;
216 nsproxy = task_nsproxy(tsk);
217 if (nsproxy)
218 net = get_net(nsproxy->net_ns);
219 }
220 rcu_read_unlock();
221 return net;
222}
223EXPORT_SYMBOL_GPL(get_net_ns_by_pid);
224
196static int __init net_ns_init(void) 225static int __init net_ns_init(void)
197{ 226{
198 struct net_generic *ng; 227 struct net_generic *ng;
@@ -219,7 +248,7 @@ static int __init net_ns_init(void)
219 panic("Could not setup the initial network namespace"); 248 panic("Could not setup the initial network namespace");
220 249
221 rtnl_lock(); 250 rtnl_lock();
222 list_add_tail(&init_net.list, &net_namespace_list); 251 list_add_tail_rcu(&init_net.list, &net_namespace_list);
223 rtnl_unlock(); 252 rtnl_unlock();
224 253
225 mutex_unlock(&net_mutex); 254 mutex_unlock(&net_mutex);
diff --git a/net/core/netpoll.c b/net/core/netpoll.c
index df30feb2fc72..0ac309154b0d 100644
--- a/net/core/netpoll.c
+++ b/net/core/netpoll.c
@@ -9,6 +9,7 @@
9 * Copyright (C) 2002 Red Hat, Inc. 9 * Copyright (C) 2002 Red Hat, Inc.
10 */ 10 */
11 11
12#include <linux/moduleparam.h>
12#include <linux/netdevice.h> 13#include <linux/netdevice.h>
13#include <linux/etherdevice.h> 14#include <linux/etherdevice.h>
14#include <linux/string.h> 15#include <linux/string.h>
@@ -50,6 +51,9 @@ static atomic_t trapped;
50static void zap_completion_queue(void); 51static void zap_completion_queue(void);
51static void arp_reply(struct sk_buff *skb); 52static void arp_reply(struct sk_buff *skb);
52 53
54static unsigned int carrier_timeout = 4;
55module_param(carrier_timeout, uint, 0644);
56
53static void queue_process(struct work_struct *work) 57static void queue_process(struct work_struct *work)
54{ 58{
55 struct netpoll_info *npinfo = 59 struct netpoll_info *npinfo =
@@ -732,7 +736,7 @@ int netpoll_setup(struct netpoll *np)
732 } 736 }
733 737
734 atleast = jiffies + HZ/10; 738 atleast = jiffies + HZ/10;
735 atmost = jiffies + 4*HZ; 739 atmost = jiffies + carrier_timeout * HZ;
736 while (!netif_carrier_ok(ndev)) { 740 while (!netif_carrier_ok(ndev)) {
737 if (time_after(jiffies, atmost)) { 741 if (time_after(jiffies, atmost)) {
738 printk(KERN_NOTICE 742 printk(KERN_NOTICE
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index d78030f88bd0..b44775f9f2bf 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -35,7 +35,6 @@
35#include <linux/security.h> 35#include <linux/security.h>
36#include <linux/mutex.h> 36#include <linux/mutex.h>
37#include <linux/if_addr.h> 37#include <linux/if_addr.h>
38#include <linux/nsproxy.h>
39 38
40#include <asm/uaccess.h> 39#include <asm/uaccess.h>
41#include <asm/system.h> 40#include <asm/system.h>
@@ -52,6 +51,7 @@
52#include <net/pkt_sched.h> 51#include <net/pkt_sched.h>
53#include <net/fib_rules.h> 52#include <net/fib_rules.h>
54#include <net/rtnetlink.h> 53#include <net/rtnetlink.h>
54#include <net/net_namespace.h>
55 55
56struct rtnl_link 56struct rtnl_link
57{ 57{
@@ -725,25 +725,6 @@ static const struct nla_policy ifla_info_policy[IFLA_INFO_MAX+1] = {
725 [IFLA_INFO_DATA] = { .type = NLA_NESTED }, 725 [IFLA_INFO_DATA] = { .type = NLA_NESTED },
726}; 726};
727 727
728static struct net *get_net_ns_by_pid(pid_t pid)
729{
730 struct task_struct *tsk;
731 struct net *net;
732
733 /* Lookup the network namespace */
734 net = ERR_PTR(-ESRCH);
735 rcu_read_lock();
736 tsk = find_task_by_vpid(pid);
737 if (tsk) {
738 struct nsproxy *nsproxy;
739 nsproxy = task_nsproxy(tsk);
740 if (nsproxy)
741 net = get_net(nsproxy->net_ns);
742 }
743 rcu_read_unlock();
744 return net;
745}
746
747static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[]) 728static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[])
748{ 729{
749 if (dev) { 730 if (dev) {
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 9e0597d189b0..80a96166df39 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -559,9 +559,6 @@ static void __copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
559#endif 559#endif
560#endif 560#endif
561 new->vlan_tci = old->vlan_tci; 561 new->vlan_tci = old->vlan_tci;
562#if defined(CONFIG_MAC80211) || defined(CONFIG_MAC80211_MODULE)
563 new->do_not_encrypt = old->do_not_encrypt;
564#endif
565 562
566 skb_copy_secmark(new, old); 563 skb_copy_secmark(new, old);
567} 564}
diff --git a/net/core/sock.c b/net/core/sock.c
index bbb25be7ddfe..3ac34ea6ec05 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -142,7 +142,7 @@ static struct lock_class_key af_family_slock_keys[AF_MAX];
142 * strings build-time, so that runtime initialization of socket 142 * strings build-time, so that runtime initialization of socket
143 * locks is fast): 143 * locks is fast):
144 */ 144 */
145static const char *af_family_key_strings[AF_MAX+1] = { 145static const char *const af_family_key_strings[AF_MAX+1] = {
146 "sk_lock-AF_UNSPEC", "sk_lock-AF_UNIX" , "sk_lock-AF_INET" , 146 "sk_lock-AF_UNSPEC", "sk_lock-AF_UNIX" , "sk_lock-AF_INET" ,
147 "sk_lock-AF_AX25" , "sk_lock-AF_IPX" , "sk_lock-AF_APPLETALK", 147 "sk_lock-AF_AX25" , "sk_lock-AF_IPX" , "sk_lock-AF_APPLETALK",
148 "sk_lock-AF_NETROM", "sk_lock-AF_BRIDGE" , "sk_lock-AF_ATMPVC" , 148 "sk_lock-AF_NETROM", "sk_lock-AF_BRIDGE" , "sk_lock-AF_ATMPVC" ,
@@ -158,7 +158,7 @@ static const char *af_family_key_strings[AF_MAX+1] = {
158 "sk_lock-AF_IEEE802154", 158 "sk_lock-AF_IEEE802154",
159 "sk_lock-AF_MAX" 159 "sk_lock-AF_MAX"
160}; 160};
161static const char *af_family_slock_key_strings[AF_MAX+1] = { 161static const char *const af_family_slock_key_strings[AF_MAX+1] = {
162 "slock-AF_UNSPEC", "slock-AF_UNIX" , "slock-AF_INET" , 162 "slock-AF_UNSPEC", "slock-AF_UNIX" , "slock-AF_INET" ,
163 "slock-AF_AX25" , "slock-AF_IPX" , "slock-AF_APPLETALK", 163 "slock-AF_AX25" , "slock-AF_IPX" , "slock-AF_APPLETALK",
164 "slock-AF_NETROM", "slock-AF_BRIDGE" , "slock-AF_ATMPVC" , 164 "slock-AF_NETROM", "slock-AF_BRIDGE" , "slock-AF_ATMPVC" ,
@@ -174,7 +174,7 @@ static const char *af_family_slock_key_strings[AF_MAX+1] = {
174 "slock-AF_IEEE802154", 174 "slock-AF_IEEE802154",
175 "slock-AF_MAX" 175 "slock-AF_MAX"
176}; 176};
177static const char *af_family_clock_key_strings[AF_MAX+1] = { 177static const char *const af_family_clock_key_strings[AF_MAX+1] = {
178 "clock-AF_UNSPEC", "clock-AF_UNIX" , "clock-AF_INET" , 178 "clock-AF_UNSPEC", "clock-AF_UNIX" , "clock-AF_INET" ,
179 "clock-AF_AX25" , "clock-AF_IPX" , "clock-AF_APPLETALK", 179 "clock-AF_AX25" , "clock-AF_IPX" , "clock-AF_APPLETALK",
180 "clock-AF_NETROM", "clock-AF_BRIDGE" , "clock-AF_ATMPVC" , 180 "clock-AF_NETROM", "clock-AF_BRIDGE" , "clock-AF_ATMPVC" ,
@@ -482,6 +482,8 @@ int sock_setsockopt(struct socket *sock, int level, int optname,
482 sk->sk_reuse = valbool; 482 sk->sk_reuse = valbool;
483 break; 483 break;
484 case SO_TYPE: 484 case SO_TYPE:
485 case SO_PROTOCOL:
486 case SO_DOMAIN:
485 case SO_ERROR: 487 case SO_ERROR:
486 ret = -ENOPROTOOPT; 488 ret = -ENOPROTOOPT;
487 break; 489 break;
@@ -764,6 +766,14 @@ int sock_getsockopt(struct socket *sock, int level, int optname,
764 v.val = sk->sk_type; 766 v.val = sk->sk_type;
765 break; 767 break;
766 768
769 case SO_PROTOCOL:
770 v.val = sk->sk_protocol;
771 break;
772
773 case SO_DOMAIN:
774 v.val = sk->sk_family;
775 break;
776
767 case SO_ERROR: 777 case SO_ERROR:
768 v.val = -sock_error(sk); 778 v.val = -sock_error(sk);
769 if (v.val == 0) 779 if (v.val == 0)
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
index a27b7f4c19c5..f596ce149c3c 100644
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -52,7 +52,7 @@ static int ccid3_debug;
52#ifdef CONFIG_IP_DCCP_CCID3_DEBUG 52#ifdef CONFIG_IP_DCCP_CCID3_DEBUG
53static const char *ccid3_tx_state_name(enum ccid3_hc_tx_states state) 53static const char *ccid3_tx_state_name(enum ccid3_hc_tx_states state)
54{ 54{
55 static char *ccid3_state_names[] = { 55 static const char *const ccid3_state_names[] = {
56 [TFRC_SSTATE_NO_SENT] = "NO_SENT", 56 [TFRC_SSTATE_NO_SENT] = "NO_SENT",
57 [TFRC_SSTATE_NO_FBACK] = "NO_FBACK", 57 [TFRC_SSTATE_NO_FBACK] = "NO_FBACK",
58 [TFRC_SSTATE_FBACK] = "FBACK", 58 [TFRC_SSTATE_FBACK] = "FBACK",
@@ -646,7 +646,7 @@ enum ccid3_fback_type {
646#ifdef CONFIG_IP_DCCP_CCID3_DEBUG 646#ifdef CONFIG_IP_DCCP_CCID3_DEBUG
647static const char *ccid3_rx_state_name(enum ccid3_hc_rx_states state) 647static const char *ccid3_rx_state_name(enum ccid3_hc_rx_states state)
648{ 648{
649 static char *ccid3_rx_state_names[] = { 649 static const char *const ccid3_rx_state_names[] = {
650 [TFRC_RSTATE_NO_DATA] = "NO_DATA", 650 [TFRC_RSTATE_NO_DATA] = "NO_DATA",
651 [TFRC_RSTATE_DATA] = "DATA", 651 [TFRC_RSTATE_DATA] = "DATA",
652 [TFRC_RSTATE_TERM] = "TERM", 652 [TFRC_RSTATE_TERM] = "TERM",
diff --git a/net/dccp/feat.c b/net/dccp/feat.c
index b04160a2eea5..972b8dc918d6 100644
--- a/net/dccp/feat.c
+++ b/net/dccp/feat.c
@@ -213,7 +213,7 @@ static int dccp_feat_default_value(u8 feat_num)
213 */ 213 */
214static const char *dccp_feat_fname(const u8 feat) 214static const char *dccp_feat_fname(const u8 feat)
215{ 215{
216 static const char *feature_names[] = { 216 static const char *const feature_names[] = {
217 [DCCPF_RESERVED] = "Reserved", 217 [DCCPF_RESERVED] = "Reserved",
218 [DCCPF_CCID] = "CCID", 218 [DCCPF_CCID] = "CCID",
219 [DCCPF_SHORT_SEQNOS] = "Allow Short Seqnos", 219 [DCCPF_SHORT_SEQNOS] = "Allow Short Seqnos",
@@ -236,8 +236,9 @@ static const char *dccp_feat_fname(const u8 feat)
236 return feature_names[feat]; 236 return feature_names[feat];
237} 237}
238 238
239static const char *dccp_feat_sname[] = { "DEFAULT", "INITIALISING", "CHANGING", 239static const char *const dccp_feat_sname[] = {
240 "UNSTABLE", "STABLE" }; 240 "DEFAULT", "INITIALISING", "CHANGING", "UNSTABLE", "STABLE",
241};
241 242
242#ifdef CONFIG_IP_DCCP_DEBUG 243#ifdef CONFIG_IP_DCCP_DEBUG
243static const char *dccp_feat_oname(const u8 opt) 244static const char *dccp_feat_oname(const u8 opt)
diff --git a/net/dccp/proto.c b/net/dccp/proto.c
index 1bca9205104e..923db06c7e55 100644
--- a/net/dccp/proto.c
+++ b/net/dccp/proto.c
@@ -124,7 +124,7 @@ EXPORT_SYMBOL_GPL(dccp_done);
124 124
125const char *dccp_packet_name(const int type) 125const char *dccp_packet_name(const int type)
126{ 126{
127 static const char *dccp_packet_names[] = { 127 static const char *const dccp_packet_names[] = {
128 [DCCP_PKT_REQUEST] = "REQUEST", 128 [DCCP_PKT_REQUEST] = "REQUEST",
129 [DCCP_PKT_RESPONSE] = "RESPONSE", 129 [DCCP_PKT_RESPONSE] = "RESPONSE",
130 [DCCP_PKT_DATA] = "DATA", 130 [DCCP_PKT_DATA] = "DATA",
@@ -147,7 +147,7 @@ EXPORT_SYMBOL_GPL(dccp_packet_name);
147 147
148const char *dccp_state_name(const int state) 148const char *dccp_state_name(const int state)
149{ 149{
150 static char *dccp_state_names[] = { 150 static const char *const dccp_state_names[] = {
151 [DCCP_OPEN] = "OPEN", 151 [DCCP_OPEN] = "OPEN",
152 [DCCP_REQUESTING] = "REQUESTING", 152 [DCCP_REQUESTING] = "REQUESTING",
153 [DCCP_PARTOPEN] = "PARTOPEN", 153 [DCCP_PARTOPEN] = "PARTOPEN",
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c
index 1d6ca8a98dc6..9383d3e5a1ab 100644
--- a/net/decnet/dn_route.c
+++ b/net/decnet/dn_route.c
@@ -774,7 +774,7 @@ static int dn_rt_bug(struct sk_buff *skb)
774 774
775 kfree_skb(skb); 775 kfree_skb(skb);
776 776
777 return NET_RX_BAD; 777 return NET_RX_DROP;
778} 778}
779 779
780static int dn_rt_set_next_hop(struct dn_route *rt, struct dn_fib_res *res) 780static int dn_rt_set_next_hop(struct dn_route *rt, struct dn_fib_res *res)
diff --git a/net/econet/af_econet.c b/net/econet/af_econet.c
index f0bbc57926cd..0e0254fd767d 100644
--- a/net/econet/af_econet.c
+++ b/net/econet/af_econet.c
@@ -1073,7 +1073,7 @@ static int econet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet
1073 skb->protocol = htons(ETH_P_IP); 1073 skb->protocol = htons(ETH_P_IP);
1074 skb_pull(skb, sizeof(struct ec_framehdr)); 1074 skb_pull(skb, sizeof(struct ec_framehdr));
1075 netif_rx(skb); 1075 netif_rx(skb);
1076 return 0; 1076 return NET_RX_SUCCESS;
1077 } 1077 }
1078 1078
1079 sk = ec_listening_socket(hdr->port, hdr->src_stn, hdr->src_net); 1079 sk = ec_listening_socket(hdr->port, hdr->src_stn, hdr->src_net);
@@ -1084,7 +1084,7 @@ static int econet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet
1084 hdr->port)) 1084 hdr->port))
1085 goto drop; 1085 goto drop;
1086 1086
1087 return 0; 1087 return NET_RX_SUCCESS;
1088 1088
1089drop: 1089drop:
1090 kfree_skb(skb); 1090 kfree_skb(skb);
diff --git a/net/ieee802154/af_ieee802154.c b/net/ieee802154/af_ieee802154.c
index af661805b9fa..d504c349cb0c 100644
--- a/net/ieee802154/af_ieee802154.c
+++ b/net/ieee802154/af_ieee802154.c
@@ -34,8 +34,8 @@
34#include <net/tcp_states.h> 34#include <net/tcp_states.h>
35#include <net/route.h> 35#include <net/route.h>
36 36
37#include <net/ieee802154/af_ieee802154.h> 37#include <net/af_ieee802154.h>
38#include <net/ieee802154/netdevice.h> 38#include <net/ieee802154_netdev.h>
39 39
40#include "af802154.h" 40#include "af802154.h"
41 41
diff --git a/net/ieee802154/dgram.c b/net/ieee802154/dgram.c
index ba8b214dda8f..77ae6852b93d 100644
--- a/net/ieee802154/dgram.c
+++ b/net/ieee802154/dgram.c
@@ -26,9 +26,9 @@
26#include <linux/if_arp.h> 26#include <linux/if_arp.h>
27#include <linux/list.h> 27#include <linux/list.h>
28#include <net/sock.h> 28#include <net/sock.h>
29#include <net/ieee802154/af_ieee802154.h> 29#include <net/af_ieee802154.h>
30#include <net/ieee802154/mac_def.h> 30#include <net/ieee802154.h>
31#include <net/ieee802154/netdevice.h> 31#include <net/ieee802154_netdev.h>
32 32
33#include <asm/ioctls.h> 33#include <asm/ioctls.h>
34 34
@@ -40,9 +40,11 @@ static DEFINE_RWLOCK(dgram_lock);
40struct dgram_sock { 40struct dgram_sock {
41 struct sock sk; 41 struct sock sk;
42 42
43 int bound;
44 struct ieee802154_addr src_addr; 43 struct ieee802154_addr src_addr;
45 struct ieee802154_addr dst_addr; 44 struct ieee802154_addr dst_addr;
45
46 unsigned bound:1;
47 unsigned want_ack:1;
46}; 48};
47 49
48static inline struct dgram_sock *dgram_sk(const struct sock *sk) 50static inline struct dgram_sock *dgram_sk(const struct sock *sk)
@@ -50,7 +52,6 @@ static inline struct dgram_sock *dgram_sk(const struct sock *sk)
50 return container_of(sk, struct dgram_sock, sk); 52 return container_of(sk, struct dgram_sock, sk);
51} 53}
52 54
53
54static void dgram_hash(struct sock *sk) 55static void dgram_hash(struct sock *sk)
55{ 56{
56 write_lock_bh(&dgram_lock); 57 write_lock_bh(&dgram_lock);
@@ -73,6 +74,7 @@ static int dgram_init(struct sock *sk)
73 74
74 ro->dst_addr.addr_type = IEEE802154_ADDR_LONG; 75 ro->dst_addr.addr_type = IEEE802154_ADDR_LONG;
75 ro->dst_addr.pan_id = 0xffff; 76 ro->dst_addr.pan_id = 0xffff;
77 ro->want_ack = 1;
76 memset(&ro->dst_addr.hwaddr, 0xff, sizeof(ro->dst_addr.hwaddr)); 78 memset(&ro->dst_addr.hwaddr, 0xff, sizeof(ro->dst_addr.hwaddr));
77 return 0; 79 return 0;
78} 80}
@@ -86,18 +88,18 @@ static int dgram_bind(struct sock *sk, struct sockaddr *uaddr, int len)
86{ 88{
87 struct sockaddr_ieee802154 *addr = (struct sockaddr_ieee802154 *)uaddr; 89 struct sockaddr_ieee802154 *addr = (struct sockaddr_ieee802154 *)uaddr;
88 struct dgram_sock *ro = dgram_sk(sk); 90 struct dgram_sock *ro = dgram_sk(sk);
89 int err = 0; 91 int err = -EINVAL;
90 struct net_device *dev; 92 struct net_device *dev;
91 93
94 lock_sock(sk);
95
92 ro->bound = 0; 96 ro->bound = 0;
93 97
94 if (len < sizeof(*addr)) 98 if (len < sizeof(*addr))
95 return -EINVAL; 99 goto out;
96 100
97 if (addr->family != AF_IEEE802154) 101 if (addr->family != AF_IEEE802154)
98 return -EINVAL; 102 goto out;
99
100 lock_sock(sk);
101 103
102 dev = ieee802154_get_dev(sock_net(sk), &addr->addr); 104 dev = ieee802154_get_dev(sock_net(sk), &addr->addr);
103 if (!dev) { 105 if (!dev) {
@@ -113,6 +115,7 @@ static int dgram_bind(struct sock *sk, struct sockaddr *uaddr, int len)
113 memcpy(&ro->src_addr, &addr->addr, sizeof(struct ieee802154_addr)); 115 memcpy(&ro->src_addr, &addr->addr, sizeof(struct ieee802154_addr));
114 116
115 ro->bound = 1; 117 ro->bound = 1;
118 err = 0;
116out_put: 119out_put:
117 dev_put(dev); 120 dev_put(dev);
118out: 121out:
@@ -235,7 +238,10 @@ static int dgram_sendmsg(struct kiocb *iocb, struct sock *sk,
235 238
236 skb_reset_network_header(skb); 239 skb_reset_network_header(skb);
237 240
238 mac_cb(skb)->flags = IEEE802154_FC_TYPE_DATA | MAC_CB_FLAG_ACKREQ; 241 mac_cb(skb)->flags = IEEE802154_FC_TYPE_DATA;
242 if (ro->want_ack)
243 mac_cb(skb)->flags |= MAC_CB_FLAG_ACKREQ;
244
239 mac_cb(skb)->seq = ieee802154_mlme_ops(dev)->get_dsn(dev); 245 mac_cb(skb)->seq = ieee802154_mlme_ops(dev)->get_dsn(dev);
240 err = dev_hard_header(skb, dev, ETH_P_IEEE802154, &ro->dst_addr, 246 err = dev_hard_header(skb, dev, ETH_P_IEEE802154, &ro->dst_addr,
241 ro->bound ? &ro->src_addr : NULL, size); 247 ro->bound ? &ro->src_addr : NULL, size);
@@ -380,13 +386,59 @@ int ieee802154_dgram_deliver(struct net_device *dev, struct sk_buff *skb)
380static int dgram_getsockopt(struct sock *sk, int level, int optname, 386static int dgram_getsockopt(struct sock *sk, int level, int optname,
381 char __user *optval, int __user *optlen) 387 char __user *optval, int __user *optlen)
382{ 388{
383 return -EOPNOTSUPP; 389 struct dgram_sock *ro = dgram_sk(sk);
390
391 int val, len;
392
393 if (level != SOL_IEEE802154)
394 return -EOPNOTSUPP;
395
396 if (get_user(len, optlen))
397 return -EFAULT;
398
399 len = min_t(unsigned int, len, sizeof(int));
400
401 switch (optname) {
402 case WPAN_WANTACK:
403 val = ro->want_ack;
404 break;
405 default:
406 return -ENOPROTOOPT;
407 }
408
409 if (put_user(len, optlen))
410 return -EFAULT;
411 if (copy_to_user(optval, &val, len))
412 return -EFAULT;
413 return 0;
384} 414}
385 415
386static int dgram_setsockopt(struct sock *sk, int level, int optname, 416static int dgram_setsockopt(struct sock *sk, int level, int optname,
387 char __user *optval, int __user optlen) 417 char __user *optval, int __user optlen)
388{ 418{
389 return -EOPNOTSUPP; 419 struct dgram_sock *ro = dgram_sk(sk);
420 int val;
421 int err = 0;
422
423 if (optlen < sizeof(int))
424 return -EINVAL;
425
426 if (get_user(val, (int __user *)optval))
427 return -EFAULT;
428
429 lock_sock(sk);
430
431 switch (optname) {
432 case WPAN_WANTACK:
433 ro->want_ack = !!val;
434 break;
435 default:
436 err = -ENOPROTOOPT;
437 break;
438 }
439
440 release_sock(sk);
441 return err;
390} 442}
391 443
392struct proto ieee802154_dgram_prot = { 444struct proto ieee802154_dgram_prot = {
diff --git a/net/ieee802154/netlink.c b/net/ieee802154/netlink.c
index 27eda9fdf3c2..cd0567f06716 100644
--- a/net/ieee802154/netlink.c
+++ b/net/ieee802154/netlink.c
@@ -19,6 +19,7 @@
19 * Written by: 19 * Written by:
20 * Sergey Lapin <slapin@ossfans.org> 20 * Sergey Lapin <slapin@ossfans.org>
21 * Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 21 * Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
22 * Maxim Osipov <maxim.osipov@siemens.com>
22 */ 23 */
23 24
24#include <linux/kernel.h> 25#include <linux/kernel.h>
@@ -26,10 +27,12 @@
26#include <linux/netdevice.h> 27#include <linux/netdevice.h>
27#include <net/netlink.h> 28#include <net/netlink.h>
28#include <net/genetlink.h> 29#include <net/genetlink.h>
30#include <net/sock.h>
29#include <linux/nl802154.h> 31#include <linux/nl802154.h>
30#include <net/ieee802154/af_ieee802154.h> 32#include <net/af_ieee802154.h>
31#include <net/ieee802154/nl802154.h> 33#include <net/nl802154.h>
32#include <net/ieee802154/netdevice.h> 34#include <net/ieee802154.h>
35#include <net/ieee802154_netdev.h>
33 36
34static unsigned int ieee802154_seq_num; 37static unsigned int ieee802154_seq_num;
35 38
@@ -73,7 +76,7 @@ static int ieee802154_nl_finish(struct sk_buff *msg)
73 /* XXX: nlh is right at the start of msg */ 76 /* XXX: nlh is right at the start of msg */
74 void *hdr = genlmsg_data(NLMSG_DATA(msg->data)); 77 void *hdr = genlmsg_data(NLMSG_DATA(msg->data));
75 78
76 if (!genlmsg_end(msg, hdr)) 79 if (genlmsg_end(msg, hdr) < 0)
77 goto out; 80 goto out;
78 81
79 return genlmsg_multicast(msg, 0, ieee802154_coord_mcgrp.id, 82 return genlmsg_multicast(msg, 0, ieee802154_coord_mcgrp.id,
@@ -260,6 +263,60 @@ nla_put_failure:
260} 263}
261EXPORT_SYMBOL(ieee802154_nl_scan_confirm); 264EXPORT_SYMBOL(ieee802154_nl_scan_confirm);
262 265
266int ieee802154_nl_start_confirm(struct net_device *dev, u8 status)
267{
268 struct sk_buff *msg;
269
270 pr_debug("%s\n", __func__);
271
272 msg = ieee802154_nl_create(0, IEEE802154_START_CONF);
273 if (!msg)
274 return -ENOBUFS;
275
276 NLA_PUT_STRING(msg, IEEE802154_ATTR_DEV_NAME, dev->name);
277 NLA_PUT_U32(msg, IEEE802154_ATTR_DEV_INDEX, dev->ifindex);
278 NLA_PUT(msg, IEEE802154_ATTR_HW_ADDR, IEEE802154_ADDR_LEN,
279 dev->dev_addr);
280
281 NLA_PUT_U8(msg, IEEE802154_ATTR_STATUS, status);
282
283 return ieee802154_nl_finish(msg);
284
285nla_put_failure:
286 nlmsg_free(msg);
287 return -ENOBUFS;
288}
289EXPORT_SYMBOL(ieee802154_nl_start_confirm);
290
291static int ieee802154_nl_fill_iface(struct sk_buff *msg, u32 pid,
292 u32 seq, int flags, struct net_device *dev)
293{
294 void *hdr;
295
296 pr_debug("%s\n", __func__);
297
298 hdr = genlmsg_put(msg, 0, seq, &ieee802154_coordinator_family, flags,
299 IEEE802154_LIST_IFACE);
300 if (!hdr)
301 goto out;
302
303 NLA_PUT_STRING(msg, IEEE802154_ATTR_DEV_NAME, dev->name);
304 NLA_PUT_U32(msg, IEEE802154_ATTR_DEV_INDEX, dev->ifindex);
305
306 NLA_PUT(msg, IEEE802154_ATTR_HW_ADDR, IEEE802154_ADDR_LEN,
307 dev->dev_addr);
308 NLA_PUT_U16(msg, IEEE802154_ATTR_SHORT_ADDR,
309 ieee802154_mlme_ops(dev)->get_short_addr(dev));
310 NLA_PUT_U16(msg, IEEE802154_ATTR_PAN_ID,
311 ieee802154_mlme_ops(dev)->get_pan_id(dev));
312 return genlmsg_end(msg, hdr);
313
314nla_put_failure:
315 genlmsg_cancel(msg, hdr);
316out:
317 return -EMSGSIZE;
318}
319
263/* Requests from userspace */ 320/* Requests from userspace */
264static struct net_device *ieee802154_nl_get_dev(struct genl_info *info) 321static struct net_device *ieee802154_nl_get_dev(struct genl_info *info)
265{ 322{
@@ -272,7 +329,7 @@ static struct net_device *ieee802154_nl_get_dev(struct genl_info *info)
272 dev = dev_get_by_name(&init_net, name); 329 dev = dev_get_by_name(&init_net, name);
273 } else if (info->attrs[IEEE802154_ATTR_DEV_INDEX]) 330 } else if (info->attrs[IEEE802154_ATTR_DEV_INDEX])
274 dev = dev_get_by_index(&init_net, 331 dev = dev_get_by_index(&init_net,
275 nla_get_u32(info->attrs[IEEE802154_ATTR_DEV_INDEX])); 332 nla_get_u32(info->attrs[IEEE802154_ATTR_DEV_INDEX]));
276 else 333 else
277 return NULL; 334 return NULL;
278 335
@@ -431,6 +488,12 @@ static int ieee802154_start_req(struct sk_buff *skb, struct genl_info *info)
431 blx = nla_get_u8(info->attrs[IEEE802154_ATTR_BAT_EXT]); 488 blx = nla_get_u8(info->attrs[IEEE802154_ATTR_BAT_EXT]);
432 coord_realign = nla_get_u8(info->attrs[IEEE802154_ATTR_COORD_REALIGN]); 489 coord_realign = nla_get_u8(info->attrs[IEEE802154_ATTR_COORD_REALIGN]);
433 490
491 if (addr.short_addr == IEEE802154_ADDR_BROADCAST) {
492 ieee802154_nl_start_confirm(dev, IEEE802154_NO_SHORT_ADDRESS);
493 dev_put(dev);
494 return -EINVAL;
495 }
496
434 ret = ieee802154_mlme_ops(dev)->start_req(dev, &addr, channel, 497 ret = ieee802154_mlme_ops(dev)->start_req(dev, &addr, channel,
435 bcn_ord, sf_ord, pan_coord, blx, coord_realign); 498 bcn_ord, sf_ord, pan_coord, blx, coord_realign);
436 499
@@ -466,6 +529,67 @@ static int ieee802154_scan_req(struct sk_buff *skb, struct genl_info *info)
466 return ret; 529 return ret;
467} 530}
468 531
532static int ieee802154_list_iface(struct sk_buff *skb,
533 struct genl_info *info)
534{
535 /* Request for interface name, index, type, IEEE address,
536 PAN Id, short address */
537 struct sk_buff *msg;
538 struct net_device *dev = NULL;
539 int rc = -ENOBUFS;
540
541 pr_debug("%s\n", __func__);
542
543 dev = ieee802154_nl_get_dev(info);
544 if (!dev)
545 return -ENODEV;
546
547 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
548 if (!msg)
549 goto out_dev;
550
551 rc = ieee802154_nl_fill_iface(msg, info->snd_pid, info->snd_seq,
552 0, dev);
553 if (rc < 0)
554 goto out_free;
555
556 dev_put(dev);
557
558 return genlmsg_unicast(&init_net, msg, info->snd_pid);
559out_free:
560 nlmsg_free(msg);
561out_dev:
562 dev_put(dev);
563 return rc;
564
565}
566
567static int ieee802154_dump_iface(struct sk_buff *skb,
568 struct netlink_callback *cb)
569{
570 struct net *net = sock_net(skb->sk);
571 struct net_device *dev;
572 int idx;
573 int s_idx = cb->args[0];
574
575 pr_debug("%s\n", __func__);
576
577 idx = 0;
578 for_each_netdev(net, dev) {
579 if (idx < s_idx || (dev->type != ARPHRD_IEEE802154))
580 goto cont;
581
582 if (ieee802154_nl_fill_iface(skb, NETLINK_CB(cb->skb).pid,
583 cb->nlh->nlmsg_seq, NLM_F_MULTI, dev) < 0)
584 break;
585cont:
586 idx++;
587 }
588 cb->args[0] = idx;
589
590 return skb->len;
591}
592
469#define IEEE802154_OP(_cmd, _func) \ 593#define IEEE802154_OP(_cmd, _func) \
470 { \ 594 { \
471 .cmd = _cmd, \ 595 .cmd = _cmd, \
@@ -475,12 +599,22 @@ static int ieee802154_scan_req(struct sk_buff *skb, struct genl_info *info)
475 .flags = GENL_ADMIN_PERM, \ 599 .flags = GENL_ADMIN_PERM, \
476 } 600 }
477 601
602#define IEEE802154_DUMP(_cmd, _func, _dump) \
603 { \
604 .cmd = _cmd, \
605 .policy = ieee802154_policy, \
606 .doit = _func, \
607 .dumpit = _dump, \
608 }
609
478static struct genl_ops ieee802154_coordinator_ops[] = { 610static struct genl_ops ieee802154_coordinator_ops[] = {
479 IEEE802154_OP(IEEE802154_ASSOCIATE_REQ, ieee802154_associate_req), 611 IEEE802154_OP(IEEE802154_ASSOCIATE_REQ, ieee802154_associate_req),
480 IEEE802154_OP(IEEE802154_ASSOCIATE_RESP, ieee802154_associate_resp), 612 IEEE802154_OP(IEEE802154_ASSOCIATE_RESP, ieee802154_associate_resp),
481 IEEE802154_OP(IEEE802154_DISASSOCIATE_REQ, ieee802154_disassociate_req), 613 IEEE802154_OP(IEEE802154_DISASSOCIATE_REQ, ieee802154_disassociate_req),
482 IEEE802154_OP(IEEE802154_SCAN_REQ, ieee802154_scan_req), 614 IEEE802154_OP(IEEE802154_SCAN_REQ, ieee802154_scan_req),
483 IEEE802154_OP(IEEE802154_START_REQ, ieee802154_start_req), 615 IEEE802154_OP(IEEE802154_START_REQ, ieee802154_start_req),
616 IEEE802154_DUMP(IEEE802154_LIST_IFACE, ieee802154_list_iface,
617 ieee802154_dump_iface),
484}; 618};
485 619
486static int __init ieee802154_nl_init(void) 620static int __init ieee802154_nl_init(void)
diff --git a/net/ieee802154/nl_policy.c b/net/ieee802154/nl_policy.c
index c7d71d1adcac..83cb4ccef90d 100644
--- a/net/ieee802154/nl_policy.c
+++ b/net/ieee802154/nl_policy.c
@@ -24,7 +24,7 @@
24 24
25#define NLA_HW_ADDR NLA_U64 25#define NLA_HW_ADDR NLA_U64
26 26
27struct nla_policy ieee802154_policy[IEEE802154_ATTR_MAX + 1] = { 27const struct nla_policy ieee802154_policy[IEEE802154_ATTR_MAX + 1] = {
28 [IEEE802154_ATTR_DEV_NAME] = { .type = NLA_STRING, }, 28 [IEEE802154_ATTR_DEV_NAME] = { .type = NLA_STRING, },
29 [IEEE802154_ATTR_DEV_INDEX] = { .type = NLA_U32, }, 29 [IEEE802154_ATTR_DEV_INDEX] = { .type = NLA_U32, },
30 30
@@ -50,3 +50,4 @@ struct nla_policy ieee802154_policy[IEEE802154_ATTR_MAX + 1] = {
50 [IEEE802154_ATTR_DURATION] = { .type = NLA_U8, }, 50 [IEEE802154_ATTR_DURATION] = { .type = NLA_U8, },
51 [IEEE802154_ATTR_ED_LIST] = { .len = 27 }, 51 [IEEE802154_ATTR_ED_LIST] = { .len = 27 },
52}; 52};
53
diff --git a/net/ieee802154/raw.c b/net/ieee802154/raw.c
index 9315977c4c61..60dee69a1d04 100644
--- a/net/ieee802154/raw.c
+++ b/net/ieee802154/raw.c
@@ -26,7 +26,7 @@
26#include <linux/if_arp.h> 26#include <linux/if_arp.h>
27#include <linux/list.h> 27#include <linux/list.h>
28#include <net/sock.h> 28#include <net/sock.h>
29#include <net/ieee802154/af_ieee802154.h> 29#include <net/af_ieee802154.h>
30 30
31#include "af802154.h" 31#include "af802154.h"
32 32
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 566ea6c4321d..197d024b2536 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1187,6 +1187,7 @@ static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features)
1187 int proto; 1187 int proto;
1188 int ihl; 1188 int ihl;
1189 int id; 1189 int id;
1190 unsigned int offset = 0;
1190 1191
1191 if (!(features & NETIF_F_V4_CSUM)) 1192 if (!(features & NETIF_F_V4_CSUM))
1192 features &= ~NETIF_F_SG; 1193 features &= ~NETIF_F_SG;
@@ -1229,7 +1230,14 @@ static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features)
1229 skb = segs; 1230 skb = segs;
1230 do { 1231 do {
1231 iph = ip_hdr(skb); 1232 iph = ip_hdr(skb);
1232 iph->id = htons(id++); 1233 if (proto == IPPROTO_UDP) {
1234 iph->id = htons(id);
1235 iph->frag_off = htons(offset >> 3);
1236 if (skb->next != NULL)
1237 iph->frag_off |= htons(IP_MF);
1238 offset += (skb->len - skb->mac_len - iph->ihl * 4);
1239 } else
1240 iph->id = htons(id++);
1233 iph->tot_len = htons(skb->len - skb->mac_len); 1241 iph->tot_len = htons(skb->len - skb->mac_len);
1234 iph->check = 0; 1242 iph->check = 0;
1235 iph->check = ip_fast_csum(skb_network_header(skb), iph->ihl); 1243 iph->check = ip_fast_csum(skb_network_header(skb), iph->ihl);
@@ -1425,6 +1433,8 @@ static struct net_protocol tcp_protocol = {
1425static struct net_protocol udp_protocol = { 1433static struct net_protocol udp_protocol = {
1426 .handler = udp_rcv, 1434 .handler = udp_rcv,
1427 .err_handler = udp_err, 1435 .err_handler = udp_err,
1436 .gso_send_check = udp4_ufo_send_check,
1437 .gso_segment = udp4_ufo_fragment,
1428 .no_policy = 1, 1438 .no_policy = 1,
1429 .netns_ok = 1, 1439 .netns_ok = 1,
1430}; 1440};
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index 63c2fa7b68c4..fe3c846b99a6 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -164,6 +164,14 @@ static struct tnode *inflate(struct trie *t, struct tnode *tn);
164static struct tnode *halve(struct trie *t, struct tnode *tn); 164static struct tnode *halve(struct trie *t, struct tnode *tn);
165/* tnodes to free after resize(); protected by RTNL */ 165/* tnodes to free after resize(); protected by RTNL */
166static struct tnode *tnode_free_head; 166static struct tnode *tnode_free_head;
167static size_t tnode_free_size;
168
169/*
170 * synchronize_rcu after call_rcu for that many pages; it should be especially
171 * useful before resizing the root node with PREEMPT_NONE configs; the value was
172 * obtained experimentally, aiming to avoid visible slowdown.
173 */
174static const int sync_pages = 128;
167 175
168static struct kmem_cache *fn_alias_kmem __read_mostly; 176static struct kmem_cache *fn_alias_kmem __read_mostly;
169static struct kmem_cache *trie_leaf_kmem __read_mostly; 177static struct kmem_cache *trie_leaf_kmem __read_mostly;
@@ -319,6 +327,8 @@ static const int inflate_threshold = 50;
319static const int halve_threshold_root = 15; 327static const int halve_threshold_root = 15;
320static const int inflate_threshold_root = 25; 328static const int inflate_threshold_root = 25;
321 329
330static int inflate_threshold_root_fix;
331#define INFLATE_FIX_MAX 10 /* a comment in resize() */
322 332
323static void __alias_free_mem(struct rcu_head *head) 333static void __alias_free_mem(struct rcu_head *head)
324{ 334{
@@ -393,6 +403,8 @@ static void tnode_free_safe(struct tnode *tn)
393 BUG_ON(IS_LEAF(tn)); 403 BUG_ON(IS_LEAF(tn));
394 tn->tnode_free = tnode_free_head; 404 tn->tnode_free = tnode_free_head;
395 tnode_free_head = tn; 405 tnode_free_head = tn;
406 tnode_free_size += sizeof(struct tnode) +
407 (sizeof(struct node *) << tn->bits);
396} 408}
397 409
398static void tnode_free_flush(void) 410static void tnode_free_flush(void)
@@ -404,6 +416,11 @@ static void tnode_free_flush(void)
404 tn->tnode_free = NULL; 416 tn->tnode_free = NULL;
405 tnode_free(tn); 417 tnode_free(tn);
406 } 418 }
419
420 if (tnode_free_size >= PAGE_SIZE * sync_pages) {
421 tnode_free_size = 0;
422 synchronize_rcu();
423 }
407} 424}
408 425
409static struct leaf *leaf_new(void) 426static struct leaf *leaf_new(void)
@@ -602,7 +619,8 @@ static struct node *resize(struct trie *t, struct tnode *tn)
602 /* Keep root node larger */ 619 /* Keep root node larger */
603 620
604 if (!tn->parent) 621 if (!tn->parent)
605 inflate_threshold_use = inflate_threshold_root; 622 inflate_threshold_use = inflate_threshold_root +
623 inflate_threshold_root_fix;
606 else 624 else
607 inflate_threshold_use = inflate_threshold; 625 inflate_threshold_use = inflate_threshold;
608 626
@@ -626,15 +644,27 @@ static struct node *resize(struct trie *t, struct tnode *tn)
626 } 644 }
627 645
628 if (max_resize < 0) { 646 if (max_resize < 0) {
629 if (!tn->parent) 647 if (!tn->parent) {
630 pr_warning("Fix inflate_threshold_root." 648 /*
631 " Now=%d size=%d bits\n", 649 * It was observed that during large updates even
632 inflate_threshold_root, tn->bits); 650 * inflate_threshold_root = 35 might be needed to avoid
633 else 651 * this warning; but it should be temporary, so let's
652 * try to handle this automatically.
653 */
654 if (inflate_threshold_root_fix < INFLATE_FIX_MAX)
655 inflate_threshold_root_fix++;
656 else
657 pr_warning("Fix inflate_threshold_root."
658 " Now=%d size=%d bits fix=%d\n",
659 inflate_threshold_root, tn->bits,
660 inflate_threshold_root_fix);
661 } else {
634 pr_warning("Fix inflate_threshold." 662 pr_warning("Fix inflate_threshold."
635 " Now=%d size=%d bits\n", 663 " Now=%d size=%d bits\n",
636 inflate_threshold, tn->bits); 664 inflate_threshold, tn->bits);
637 } 665 }
666 } else if (max_resize > 3 && !tn->parent && inflate_threshold_root_fix)
667 inflate_threshold_root_fix--;
638 668
639 check_tnode(tn); 669 check_tnode(tn);
640 670
@@ -1435,7 +1465,7 @@ static int fn_trie_lookup(struct fib_table *tb, const struct flowi *flp,
1435 cindex = tkey_extract_bits(mask_pfx(key, current_prefix_length), 1465 cindex = tkey_extract_bits(mask_pfx(key, current_prefix_length),
1436 pos, bits); 1466 pos, bits);
1437 1467
1438 n = tnode_get_child(pn, cindex); 1468 n = tnode_get_child_rcu(pn, cindex);
1439 1469
1440 if (n == NULL) { 1470 if (n == NULL) {
1441#ifdef CONFIG_IP_FIB_TRIE_STATS 1471#ifdef CONFIG_IP_FIB_TRIE_STATS
@@ -1570,7 +1600,7 @@ backtrace:
1570 if (chopped_off <= pn->bits) { 1600 if (chopped_off <= pn->bits) {
1571 cindex &= ~(1 << (chopped_off-1)); 1601 cindex &= ~(1 << (chopped_off-1));
1572 } else { 1602 } else {
1573 struct tnode *parent = node_parent((struct node *) pn); 1603 struct tnode *parent = node_parent_rcu((struct node *) pn);
1574 if (!parent) 1604 if (!parent)
1575 goto failed; 1605 goto failed;
1576 1606
@@ -1783,7 +1813,7 @@ static struct leaf *trie_firstleaf(struct trie *t)
1783static struct leaf *trie_nextleaf(struct leaf *l) 1813static struct leaf *trie_nextleaf(struct leaf *l)
1784{ 1814{
1785 struct node *c = (struct node *) l; 1815 struct node *c = (struct node *) l;
1786 struct tnode *p = node_parent(c); 1816 struct tnode *p = node_parent_rcu(c);
1787 1817
1788 if (!p) 1818 if (!p)
1789 return NULL; /* trie with just one leaf */ 1819 return NULL; /* trie with just one leaf */
@@ -2391,7 +2421,7 @@ static inline const char *rtn_scope(char *buf, size_t len, enum rt_scope_t s)
2391 } 2421 }
2392} 2422}
2393 2423
2394static const char *rtn_type_names[__RTN_MAX] = { 2424static const char *const rtn_type_names[__RTN_MAX] = {
2395 [RTN_UNSPEC] = "UNSPEC", 2425 [RTN_UNSPEC] = "UNSPEC",
2396 [RTN_UNICAST] = "UNICAST", 2426 [RTN_UNICAST] = "UNICAST",
2397 [RTN_LOCAL] = "LOCAL", 2427 [RTN_LOCAL] = "LOCAL",
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index cb4a0f4bd5e5..b902ef55be7f 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -821,7 +821,7 @@ static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
821 stats->tx_dropped++; 821 stats->tx_dropped++;
822 dev_kfree_skb(skb); 822 dev_kfree_skb(skb);
823 tunnel->recursion--; 823 tunnel->recursion--;
824 return 0; 824 return NETDEV_TX_OK;
825 } 825 }
826 if (skb->sk) 826 if (skb->sk)
827 skb_set_owner_w(new_skb, skb->sk); 827 skb_set_owner_w(new_skb, skb->sk);
@@ -889,7 +889,7 @@ static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
889 889
890 IPTUNNEL_XMIT(); 890 IPTUNNEL_XMIT();
891 tunnel->recursion--; 891 tunnel->recursion--;
892 return 0; 892 return NETDEV_TX_OK;
893 893
894tx_error_icmp: 894tx_error_icmp:
895 dst_link_failure(skb); 895 dst_link_failure(skb);
@@ -898,7 +898,7 @@ tx_error:
898 stats->tx_errors++; 898 stats->tx_errors++;
899 dev_kfree_skb(skb); 899 dev_kfree_skb(skb);
900 tunnel->recursion--; 900 tunnel->recursion--;
901 return 0; 901 return NETDEV_TX_OK;
902} 902}
903 903
904static int ipgre_tunnel_bind_dev(struct net_device *dev) 904static int ipgre_tunnel_bind_dev(struct net_device *dev)
diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c
index 93e2b787da20..98075b6d619c 100644
--- a/net/ipv4/ipip.c
+++ b/net/ipv4/ipip.c
@@ -486,7 +486,7 @@ static int ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
486 stats->tx_dropped++; 486 stats->tx_dropped++;
487 dev_kfree_skb(skb); 487 dev_kfree_skb(skb);
488 tunnel->recursion--; 488 tunnel->recursion--;
489 return 0; 489 return NETDEV_TX_OK;
490 } 490 }
491 if (skb->sk) 491 if (skb->sk)
492 skb_set_owner_w(new_skb, skb->sk); 492 skb_set_owner_w(new_skb, skb->sk);
@@ -524,7 +524,7 @@ static int ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
524 524
525 IPTUNNEL_XMIT(); 525 IPTUNNEL_XMIT();
526 tunnel->recursion--; 526 tunnel->recursion--;
527 return 0; 527 return NETDEV_TX_OK;
528 528
529tx_error_icmp: 529tx_error_icmp:
530 dst_link_failure(skb); 530 dst_link_failure(skb);
@@ -532,7 +532,7 @@ tx_error:
532 stats->tx_errors++; 532 stats->tx_errors++;
533 dev_kfree_skb(skb); 533 dev_kfree_skb(skb);
534 tunnel->recursion--; 534 tunnel->recursion--;
535 return 0; 535 return NETDEV_TX_OK;
536} 536}
537 537
538static void ipip_tunnel_bind_dev(struct net_device *dev) 538static void ipip_tunnel_bind_dev(struct net_device *dev)
diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
index 9a8da5ed92b7..06c33fb6b321 100644
--- a/net/ipv4/ipmr.c
+++ b/net/ipv4/ipmr.c
@@ -212,7 +212,7 @@ static int reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
212 IGMPMSG_WHOLEPKT); 212 IGMPMSG_WHOLEPKT);
213 read_unlock(&mrt_lock); 213 read_unlock(&mrt_lock);
214 kfree_skb(skb); 214 kfree_skb(skb);
215 return 0; 215 return NETDEV_TX_OK;
216} 216}
217 217
218static const struct net_device_ops reg_vif_netdev_ops = { 218static const struct net_device_ops reg_vif_netdev_ops = {
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 278f46f5011b..fafbe163e2b5 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -3442,7 +3442,7 @@ int __init ip_rt_init(void)
3442 printk(KERN_ERR "Unable to create route proc files\n"); 3442 printk(KERN_ERR "Unable to create route proc files\n");
3443#ifdef CONFIG_XFRM 3443#ifdef CONFIG_XFRM
3444 xfrm_init(); 3444 xfrm_init();
3445 xfrm4_init(); 3445 xfrm4_init(ip_rt_max_size);
3446#endif 3446#endif
3447 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL); 3447 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
3448 3448
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index bd62712848fa..4e004424d400 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -59,6 +59,7 @@ int sysctl_tcp_base_mss __read_mostly = 512;
59/* By default, RFC2861 behavior. */ 59/* By default, RFC2861 behavior. */
60int sysctl_tcp_slow_start_after_idle __read_mostly = 1; 60int sysctl_tcp_slow_start_after_idle __read_mostly = 1;
61 61
62/* Account for new data that has been sent to the network. */
62static void tcp_event_new_data_sent(struct sock *sk, struct sk_buff *skb) 63static void tcp_event_new_data_sent(struct sock *sk, struct sk_buff *skb)
63{ 64{
64 struct tcp_sock *tp = tcp_sk(sk); 65 struct tcp_sock *tp = tcp_sk(sk);
@@ -142,6 +143,7 @@ static void tcp_cwnd_restart(struct sock *sk, struct dst_entry *dst)
142 tp->snd_cwnd_used = 0; 143 tp->snd_cwnd_used = 0;
143} 144}
144 145
146/* Congestion state accounting after a packet has been sent. */
145static void tcp_event_data_sent(struct tcp_sock *tp, 147static void tcp_event_data_sent(struct tcp_sock *tp,
146 struct sk_buff *skb, struct sock *sk) 148 struct sk_buff *skb, struct sock *sk)
147{ 149{
@@ -161,6 +163,7 @@ static void tcp_event_data_sent(struct tcp_sock *tp,
161 icsk->icsk_ack.pingpong = 1; 163 icsk->icsk_ack.pingpong = 1;
162} 164}
163 165
166/* Account for an ACK we sent. */
164static inline void tcp_event_ack_sent(struct sock *sk, unsigned int pkts) 167static inline void tcp_event_ack_sent(struct sock *sk, unsigned int pkts)
165{ 168{
166 tcp_dec_quickack_mode(sk, pkts); 169 tcp_dec_quickack_mode(sk, pkts);
@@ -276,6 +279,7 @@ static u16 tcp_select_window(struct sock *sk)
276 return new_win; 279 return new_win;
277} 280}
278 281
282/* Packet ECN state for a SYN-ACK */
279static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb) 283static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb)
280{ 284{
281 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_CWR; 285 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_CWR;
@@ -283,6 +287,7 @@ static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb)
283 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_ECE; 287 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_ECE;
284} 288}
285 289
290/* Packet ECN state for a SYN. */
286static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb) 291static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb)
287{ 292{
288 struct tcp_sock *tp = tcp_sk(sk); 293 struct tcp_sock *tp = tcp_sk(sk);
@@ -301,6 +306,9 @@ TCP_ECN_make_synack(struct request_sock *req, struct tcphdr *th)
301 th->ece = 1; 306 th->ece = 1;
302} 307}
303 308
309/* Set up ECN state for a packet on a ESTABLISHED socket that is about to
310 * be sent.
311 */
304static inline void TCP_ECN_send(struct sock *sk, struct sk_buff *skb, 312static inline void TCP_ECN_send(struct sock *sk, struct sk_buff *skb,
305 int tcp_header_len) 313 int tcp_header_len)
306{ 314{
@@ -362,7 +370,9 @@ struct tcp_out_options {
362 __u32 tsval, tsecr; /* need to include OPTION_TS */ 370 __u32 tsval, tsecr; /* need to include OPTION_TS */
363}; 371};
364 372
365/* Beware: Something in the Internet is very sensitive to the ordering of 373/* Write previously computed TCP options to the packet.
374 *
375 * Beware: Something in the Internet is very sensitive to the ordering of
366 * TCP options, we learned this through the hard way, so be careful here. 376 * TCP options, we learned this through the hard way, so be careful here.
367 * Luckily we can at least blame others for their non-compliance but from 377 * Luckily we can at least blame others for their non-compliance but from
368 * inter-operatibility perspective it seems that we're somewhat stuck with 378 * inter-operatibility perspective it seems that we're somewhat stuck with
@@ -445,6 +455,9 @@ static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp,
445 } 455 }
446} 456}
447 457
458/* Compute TCP options for SYN packets. This is not the final
459 * network wire format yet.
460 */
448static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb, 461static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb,
449 struct tcp_out_options *opts, 462 struct tcp_out_options *opts,
450 struct tcp_md5sig_key **md5) { 463 struct tcp_md5sig_key **md5) {
@@ -493,6 +506,7 @@ static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb,
493 return size; 506 return size;
494} 507}
495 508
509/* Set up TCP options for SYN-ACKs. */
496static unsigned tcp_synack_options(struct sock *sk, 510static unsigned tcp_synack_options(struct sock *sk,
497 struct request_sock *req, 511 struct request_sock *req,
498 unsigned mss, struct sk_buff *skb, 512 unsigned mss, struct sk_buff *skb,
@@ -541,6 +555,9 @@ static unsigned tcp_synack_options(struct sock *sk,
541 return size; 555 return size;
542} 556}
543 557
558/* Compute TCP options for ESTABLISHED sockets. This is not the
559 * final wire format yet.
560 */
544static unsigned tcp_established_options(struct sock *sk, struct sk_buff *skb, 561static unsigned tcp_established_options(struct sock *sk, struct sk_buff *skb,
545 struct tcp_out_options *opts, 562 struct tcp_out_options *opts,
546 struct tcp_md5sig_key **md5) { 563 struct tcp_md5sig_key **md5) {
@@ -705,7 +722,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it,
705 return net_xmit_eval(err); 722 return net_xmit_eval(err);
706} 723}
707 724
708/* This routine just queue's the buffer 725/* This routine just queues the buffer for sending.
709 * 726 *
710 * NOTE: probe0 timer is not checked, do not forget tcp_push_pending_frames, 727 * NOTE: probe0 timer is not checked, do not forget tcp_push_pending_frames,
711 * otherwise socket can stall. 728 * otherwise socket can stall.
@@ -722,6 +739,7 @@ static void tcp_queue_skb(struct sock *sk, struct sk_buff *skb)
722 sk_mem_charge(sk, skb->truesize); 739 sk_mem_charge(sk, skb->truesize);
723} 740}
724 741
742/* Initialize TSO segments for a packet. */
725static void tcp_set_skb_tso_segs(struct sock *sk, struct sk_buff *skb, 743static void tcp_set_skb_tso_segs(struct sock *sk, struct sk_buff *skb,
726 unsigned int mss_now) 744 unsigned int mss_now)
727{ 745{
@@ -909,6 +927,7 @@ static void __pskb_trim_head(struct sk_buff *skb, int len)
909 skb->len = skb->data_len; 927 skb->len = skb->data_len;
910} 928}
911 929
930/* Remove acked data from a packet in the transmit queue. */
912int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len) 931int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len)
913{ 932{
914 if (skb_cloned(skb) && pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) 933 if (skb_cloned(skb) && pskb_expand_head(skb, 0, 0, GFP_ATOMIC))
@@ -937,7 +956,7 @@ int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len)
937 return 0; 956 return 0;
938} 957}
939 958
940/* Not accounting for SACKs here. */ 959/* Calculate MSS. Not accounting for SACKs here. */
941int tcp_mtu_to_mss(struct sock *sk, int pmtu) 960int tcp_mtu_to_mss(struct sock *sk, int pmtu)
942{ 961{
943 struct tcp_sock *tp = tcp_sk(sk); 962 struct tcp_sock *tp = tcp_sk(sk);
@@ -981,6 +1000,7 @@ int tcp_mss_to_mtu(struct sock *sk, int mss)
981 return mtu; 1000 return mtu;
982} 1001}
983 1002
1003/* MTU probing init per socket */
984void tcp_mtup_init(struct sock *sk) 1004void tcp_mtup_init(struct sock *sk)
985{ 1005{
986 struct tcp_sock *tp = tcp_sk(sk); 1006 struct tcp_sock *tp = tcp_sk(sk);
@@ -1143,7 +1163,8 @@ static inline unsigned int tcp_cwnd_test(struct tcp_sock *tp,
1143 return 0; 1163 return 0;
1144} 1164}
1145 1165
1146/* This must be invoked the first time we consider transmitting 1166/* Intialize TSO state of a skb.
1167 * This must be invoked the first time we consider transmitting
1147 * SKB onto the wire. 1168 * SKB onto the wire.
1148 */ 1169 */
1149static int tcp_init_tso_segs(struct sock *sk, struct sk_buff *skb, 1170static int tcp_init_tso_segs(struct sock *sk, struct sk_buff *skb,
@@ -1158,6 +1179,7 @@ static int tcp_init_tso_segs(struct sock *sk, struct sk_buff *skb,
1158 return tso_segs; 1179 return tso_segs;
1159} 1180}
1160 1181
1182/* Minshall's variant of the Nagle send check. */
1161static inline int tcp_minshall_check(const struct tcp_sock *tp) 1183static inline int tcp_minshall_check(const struct tcp_sock *tp)
1162{ 1184{
1163 return after(tp->snd_sml, tp->snd_una) && 1185 return after(tp->snd_sml, tp->snd_una) &&
@@ -1242,6 +1264,7 @@ static unsigned int tcp_snd_test(struct sock *sk, struct sk_buff *skb,
1242 return cwnd_quota; 1264 return cwnd_quota;
1243} 1265}
1244 1266
1267/* Test if sending is allowed right now. */
1245int tcp_may_send_now(struct sock *sk) 1268int tcp_may_send_now(struct sock *sk)
1246{ 1269{
1247 struct tcp_sock *tp = tcp_sk(sk); 1270 struct tcp_sock *tp = tcp_sk(sk);
@@ -1378,6 +1401,10 @@ send_now:
1378} 1401}
1379 1402
1380/* Create a new MTU probe if we are ready. 1403/* Create a new MTU probe if we are ready.
1404 * MTU probe is regularly attempting to increase the path MTU by
1405 * deliberately sending larger packets. This discovers routing
1406 * changes resulting in larger path MTUs.
1407 *
1381 * Returns 0 if we should wait to probe (no cwnd available), 1408 * Returns 0 if we should wait to probe (no cwnd available),
1382 * 1 if a probe was sent, 1409 * 1 if a probe was sent,
1383 * -1 otherwise 1410 * -1 otherwise
@@ -1790,6 +1817,7 @@ static void tcp_collapse_retrans(struct sock *sk, struct sk_buff *skb)
1790 sk_wmem_free_skb(sk, next_skb); 1817 sk_wmem_free_skb(sk, next_skb);
1791} 1818}
1792 1819
1820/* Check if coalescing SKBs is legal. */
1793static int tcp_can_collapse(struct sock *sk, struct sk_buff *skb) 1821static int tcp_can_collapse(struct sock *sk, struct sk_buff *skb)
1794{ 1822{
1795 if (tcp_skb_pcount(skb) > 1) 1823 if (tcp_skb_pcount(skb) > 1)
@@ -1808,6 +1836,9 @@ static int tcp_can_collapse(struct sock *sk, struct sk_buff *skb)
1808 return 1; 1836 return 1;
1809} 1837}
1810 1838
1839/* Collapse packets in the retransmit queue to make to create
1840 * less packets on the wire. This is only done on retransmission.
1841 */
1811static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to, 1842static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to,
1812 int space) 1843 int space)
1813{ 1844{
@@ -1957,6 +1988,9 @@ int tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb)
1957 return err; 1988 return err;
1958} 1989}
1959 1990
1991/* Check if we forward retransmits are possible in the current
1992 * window/congestion state.
1993 */
1960static int tcp_can_forward_retransmit(struct sock *sk) 1994static int tcp_can_forward_retransmit(struct sock *sk)
1961{ 1995{
1962 const struct inet_connection_sock *icsk = inet_csk(sk); 1996 const struct inet_connection_sock *icsk = inet_csk(sk);
@@ -2145,7 +2179,8 @@ void tcp_send_active_reset(struct sock *sk, gfp_t priority)
2145 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTRSTS); 2179 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTRSTS);
2146} 2180}
2147 2181
2148/* WARNING: This routine must only be called when we have already sent 2182/* Send a crossed SYN-ACK during socket establishment.
2183 * WARNING: This routine must only be called when we have already sent
2149 * a SYN packet that crossed the incoming SYN that caused this routine 2184 * a SYN packet that crossed the incoming SYN that caused this routine
2150 * to get called. If this assumption fails then the initial rcv_wnd 2185 * to get called. If this assumption fails then the initial rcv_wnd
2151 * and rcv_wscale values will not be correct. 2186 * and rcv_wscale values will not be correct.
@@ -2180,9 +2215,7 @@ int tcp_send_synack(struct sock *sk)
2180 return tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC); 2215 return tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC);
2181} 2216}
2182 2217
2183/* 2218/* Prepare a SYN-ACK. */
2184 * Prepare a SYN-ACK.
2185 */
2186struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, 2219struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2187 struct request_sock *req) 2220 struct request_sock *req)
2188{ 2221{
@@ -2269,9 +2302,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2269 return skb; 2302 return skb;
2270} 2303}
2271 2304
2272/* 2305/* Do all connect socket setups that can be done AF independent. */
2273 * Do all connect socket setups that can be done AF independent.
2274 */
2275static void tcp_connect_init(struct sock *sk) 2306static void tcp_connect_init(struct sock *sk)
2276{ 2307{
2277 struct dst_entry *dst = __sk_dst_get(sk); 2308 struct dst_entry *dst = __sk_dst_get(sk);
@@ -2330,9 +2361,7 @@ static void tcp_connect_init(struct sock *sk)
2330 tcp_clear_retrans(tp); 2361 tcp_clear_retrans(tp);
2331} 2362}
2332 2363
2333/* 2364/* Build a SYN and send it off. */
2334 * Build a SYN and send it off.
2335 */
2336int tcp_connect(struct sock *sk) 2365int tcp_connect(struct sock *sk)
2337{ 2366{
2338 struct tcp_sock *tp = tcp_sk(sk); 2367 struct tcp_sock *tp = tcp_sk(sk);
@@ -2493,6 +2522,7 @@ static int tcp_xmit_probe_skb(struct sock *sk, int urgent)
2493 return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC); 2522 return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC);
2494} 2523}
2495 2524
2525/* Initiate keepalive or window probe from timer. */
2496int tcp_write_wakeup(struct sock *sk) 2526int tcp_write_wakeup(struct sock *sk)
2497{ 2527{
2498 struct tcp_sock *tp = tcp_sk(sk); 2528 struct tcp_sock *tp = tcp_sk(sk);
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 80e3812837ad..29ebb0d27a1e 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -110,11 +110,12 @@ struct udp_table udp_table;
110EXPORT_SYMBOL(udp_table); 110EXPORT_SYMBOL(udp_table);
111 111
112int sysctl_udp_mem[3] __read_mostly; 112int sysctl_udp_mem[3] __read_mostly;
113int sysctl_udp_rmem_min __read_mostly;
114int sysctl_udp_wmem_min __read_mostly;
115
116EXPORT_SYMBOL(sysctl_udp_mem); 113EXPORT_SYMBOL(sysctl_udp_mem);
114
115int sysctl_udp_rmem_min __read_mostly;
117EXPORT_SYMBOL(sysctl_udp_rmem_min); 116EXPORT_SYMBOL(sysctl_udp_rmem_min);
117
118int sysctl_udp_wmem_min __read_mostly;
118EXPORT_SYMBOL(sysctl_udp_wmem_min); 119EXPORT_SYMBOL(sysctl_udp_wmem_min);
119 120
120atomic_t udp_memory_allocated; 121atomic_t udp_memory_allocated;
@@ -158,7 +159,7 @@ static int udp_lib_lport_inuse(struct net *net, __u16 num,
158 */ 159 */
159int udp_lib_get_port(struct sock *sk, unsigned short snum, 160int udp_lib_get_port(struct sock *sk, unsigned short snum,
160 int (*saddr_comp)(const struct sock *sk1, 161 int (*saddr_comp)(const struct sock *sk1,
161 const struct sock *sk2 ) ) 162 const struct sock *sk2))
162{ 163{
163 struct udp_hslot *hslot; 164 struct udp_hslot *hslot;
164 struct udp_table *udptable = sk->sk_prot->h.udp_table; 165 struct udp_table *udptable = sk->sk_prot->h.udp_table;
@@ -221,14 +222,15 @@ fail_unlock:
221fail: 222fail:
222 return error; 223 return error;
223} 224}
225EXPORT_SYMBOL(udp_lib_get_port);
224 226
225static int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2) 227static int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
226{ 228{
227 struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2); 229 struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2);
228 230
229 return ( !ipv6_only_sock(sk2) && 231 return (!ipv6_only_sock(sk2) &&
230 (!inet1->rcv_saddr || !inet2->rcv_saddr || 232 (!inet1->rcv_saddr || !inet2->rcv_saddr ||
231 inet1->rcv_saddr == inet2->rcv_saddr )); 233 inet1->rcv_saddr == inet2->rcv_saddr));
232} 234}
233 235
234int udp_v4_get_port(struct sock *sk, unsigned short snum) 236int udp_v4_get_port(struct sock *sk, unsigned short snum)
@@ -383,8 +385,8 @@ found:
383void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable) 385void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable)
384{ 386{
385 struct inet_sock *inet; 387 struct inet_sock *inet;
386 struct iphdr *iph = (struct iphdr*)skb->data; 388 struct iphdr *iph = (struct iphdr *)skb->data;
387 struct udphdr *uh = (struct udphdr*)(skb->data+(iph->ihl<<2)); 389 struct udphdr *uh = (struct udphdr *)(skb->data+(iph->ihl<<2));
388 const int type = icmp_hdr(skb)->type; 390 const int type = icmp_hdr(skb)->type;
389 const int code = icmp_hdr(skb)->code; 391 const int code = icmp_hdr(skb)->code;
390 struct sock *sk; 392 struct sock *sk;
@@ -439,7 +441,7 @@ void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable)
439 if (!harderr || sk->sk_state != TCP_ESTABLISHED) 441 if (!harderr || sk->sk_state != TCP_ESTABLISHED)
440 goto out; 442 goto out;
441 } else { 443 } else {
442 ip_icmp_error(sk, skb, err, uh->dest, info, (u8*)(uh+1)); 444 ip_icmp_error(sk, skb, err, uh->dest, info, (u8 *)(uh+1));
443 } 445 }
444 sk->sk_err = err; 446 sk->sk_err = err;
445 sk->sk_error_report(sk); 447 sk->sk_error_report(sk);
@@ -474,7 +476,7 @@ EXPORT_SYMBOL(udp_flush_pending_frames);
474 * (checksum field must be zeroed out) 476 * (checksum field must be zeroed out)
475 */ 477 */
476static void udp4_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb, 478static void udp4_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb,
477 __be32 src, __be32 dst, int len ) 479 __be32 src, __be32 dst, int len)
478{ 480{
479 unsigned int offset; 481 unsigned int offset;
480 struct udphdr *uh = udp_hdr(skb); 482 struct udphdr *uh = udp_hdr(skb);
@@ -545,7 +547,7 @@ static int udp_push_pending_frames(struct sock *sk)
545 547
546 } else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */ 548 } else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */
547 549
548 udp4_hwcsum_outgoing(sk, skb, fl->fl4_src,fl->fl4_dst, up->len); 550 udp4_hwcsum_outgoing(sk, skb, fl->fl4_src, fl->fl4_dst, up->len);
549 goto send; 551 goto send;
550 552
551 } else /* `normal' UDP */ 553 } else /* `normal' UDP */
@@ -553,7 +555,7 @@ static int udp_push_pending_frames(struct sock *sk)
553 555
554 /* add protocol-dependent pseudo-header */ 556 /* add protocol-dependent pseudo-header */
555 uh->check = csum_tcpudp_magic(fl->fl4_src, fl->fl4_dst, up->len, 557 uh->check = csum_tcpudp_magic(fl->fl4_src, fl->fl4_dst, up->len,
556 sk->sk_protocol, csum ); 558 sk->sk_protocol, csum);
557 if (uh->check == 0) 559 if (uh->check == 0)
558 uh->check = CSUM_MANGLED_0; 560 uh->check = CSUM_MANGLED_0;
559 561
@@ -592,7 +594,7 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
592 * Check the flags. 594 * Check the flags.
593 */ 595 */
594 596
595 if (msg->msg_flags&MSG_OOB) /* Mirror BSD error message compatibility */ 597 if (msg->msg_flags & MSG_OOB) /* Mirror BSD error message compatibility */
596 return -EOPNOTSUPP; 598 return -EOPNOTSUPP;
597 599
598 ipc.opt = NULL; 600 ipc.opt = NULL;
@@ -619,7 +621,7 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
619 * Get and verify the address. 621 * Get and verify the address.
620 */ 622 */
621 if (msg->msg_name) { 623 if (msg->msg_name) {
622 struct sockaddr_in * usin = (struct sockaddr_in*)msg->msg_name; 624 struct sockaddr_in * usin = (struct sockaddr_in *)msg->msg_name;
623 if (msg->msg_namelen < sizeof(*usin)) 625 if (msg->msg_namelen < sizeof(*usin))
624 return -EINVAL; 626 return -EINVAL;
625 if (usin->sin_family != AF_INET) { 627 if (usin->sin_family != AF_INET) {
@@ -684,7 +686,7 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
684 } 686 }
685 687
686 if (connected) 688 if (connected)
687 rt = (struct rtable*)sk_dst_check(sk, 0); 689 rt = (struct rtable *)sk_dst_check(sk, 0);
688 690
689 if (rt == NULL) { 691 if (rt == NULL) {
690 struct flowi fl = { .oif = ipc.oif, 692 struct flowi fl = { .oif = ipc.oif,
@@ -782,6 +784,7 @@ do_confirm:
782 err = 0; 784 err = 0;
783 goto out; 785 goto out;
784} 786}
787EXPORT_SYMBOL(udp_sendmsg);
785 788
786int udp_sendpage(struct sock *sk, struct page *page, int offset, 789int udp_sendpage(struct sock *sk, struct page *page, int offset,
787 size_t size, int flags) 790 size_t size, int flags)
@@ -871,6 +874,7 @@ int udp_ioctl(struct sock *sk, int cmd, unsigned long arg)
871 874
872 return 0; 875 return 0;
873} 876}
877EXPORT_SYMBOL(udp_ioctl);
874 878
875/* 879/*
876 * This should be easy, if there is something there we 880 * This should be easy, if there is something there we
@@ -892,7 +896,7 @@ int udp_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
892 * Check any passed addresses 896 * Check any passed addresses
893 */ 897 */
894 if (addr_len) 898 if (addr_len)
895 *addr_len=sizeof(*sin); 899 *addr_len = sizeof(*sin);
896 900
897 if (flags & MSG_ERRQUEUE) 901 if (flags & MSG_ERRQUEUE)
898 return ip_recv_error(sk, msg, len); 902 return ip_recv_error(sk, msg, len);
@@ -923,9 +927,11 @@ try_again:
923 927
924 if (skb_csum_unnecessary(skb)) 928 if (skb_csum_unnecessary(skb))
925 err = skb_copy_datagram_iovec(skb, sizeof(struct udphdr), 929 err = skb_copy_datagram_iovec(skb, sizeof(struct udphdr),
926 msg->msg_iov, copied ); 930 msg->msg_iov, copied);
927 else { 931 else {
928 err = skb_copy_and_csum_datagram_iovec(skb, sizeof(struct udphdr), msg->msg_iov); 932 err = skb_copy_and_csum_datagram_iovec(skb,
933 sizeof(struct udphdr),
934 msg->msg_iov);
929 935
930 if (err == -EINVAL) 936 if (err == -EINVAL)
931 goto csum_copy_err; 937 goto csum_copy_err;
@@ -941,8 +947,7 @@ try_again:
941 sock_recv_timestamp(msg, sk, skb); 947 sock_recv_timestamp(msg, sk, skb);
942 948
943 /* Copy the address. */ 949 /* Copy the address. */
944 if (sin) 950 if (sin) {
945 {
946 sin->sin_family = AF_INET; 951 sin->sin_family = AF_INET;
947 sin->sin_port = udp_hdr(skb)->source; 952 sin->sin_port = udp_hdr(skb)->source;
948 sin->sin_addr.s_addr = ip_hdr(skb)->saddr; 953 sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
@@ -995,6 +1000,7 @@ int udp_disconnect(struct sock *sk, int flags)
995 sk_dst_reset(sk); 1000 sk_dst_reset(sk);
996 return 0; 1001 return 0;
997} 1002}
1003EXPORT_SYMBOL(udp_disconnect);
998 1004
999void udp_lib_unhash(struct sock *sk) 1005void udp_lib_unhash(struct sock *sk)
1000{ 1006{
@@ -1044,7 +1050,7 @@ drop:
1044 * Note that in the success and error cases, the skb is assumed to 1050 * Note that in the success and error cases, the skb is assumed to
1045 * have either been requeued or freed. 1051 * have either been requeued or freed.
1046 */ 1052 */
1047int udp_queue_rcv_skb(struct sock * sk, struct sk_buff *skb) 1053int udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
1048{ 1054{
1049 struct udp_sock *up = udp_sk(sk); 1055 struct udp_sock *up = udp_sk(sk);
1050 int rc; 1056 int rc;
@@ -1214,7 +1220,7 @@ static inline int udp4_csum_init(struct sk_buff *skb, struct udphdr *uh,
1214 if (uh->check == 0) { 1220 if (uh->check == 0) {
1215 skb->ip_summed = CHECKSUM_UNNECESSARY; 1221 skb->ip_summed = CHECKSUM_UNNECESSARY;
1216 } else if (skb->ip_summed == CHECKSUM_COMPLETE) { 1222 } else if (skb->ip_summed == CHECKSUM_COMPLETE) {
1217 if (!csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len, 1223 if (!csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len,
1218 proto, skb->csum)) 1224 proto, skb->csum))
1219 skb->ip_summed = CHECKSUM_UNNECESSARY; 1225 skb->ip_summed = CHECKSUM_UNNECESSARY;
1220 } 1226 }
@@ -1355,7 +1361,7 @@ int udp_lib_setsockopt(struct sock *sk, int level, int optname,
1355 int err = 0; 1361 int err = 0;
1356 int is_udplite = IS_UDPLITE(sk); 1362 int is_udplite = IS_UDPLITE(sk);
1357 1363
1358 if (optlen<sizeof(int)) 1364 if (optlen < sizeof(int))
1359 return -EINVAL; 1365 return -EINVAL;
1360 1366
1361 if (get_user(val, (int __user *)optval)) 1367 if (get_user(val, (int __user *)optval))
@@ -1426,6 +1432,7 @@ int udp_lib_setsockopt(struct sock *sk, int level, int optname,
1426 1432
1427 return err; 1433 return err;
1428} 1434}
1435EXPORT_SYMBOL(udp_lib_setsockopt);
1429 1436
1430int udp_setsockopt(struct sock *sk, int level, int optname, 1437int udp_setsockopt(struct sock *sk, int level, int optname,
1431 char __user *optval, int optlen) 1438 char __user *optval, int optlen)
@@ -1453,7 +1460,7 @@ int udp_lib_getsockopt(struct sock *sk, int level, int optname,
1453 struct udp_sock *up = udp_sk(sk); 1460 struct udp_sock *up = udp_sk(sk);
1454 int val, len; 1461 int val, len;
1455 1462
1456 if (get_user(len,optlen)) 1463 if (get_user(len, optlen))
1457 return -EFAULT; 1464 return -EFAULT;
1458 1465
1459 len = min_t(unsigned int, len, sizeof(int)); 1466 len = min_t(unsigned int, len, sizeof(int));
@@ -1486,10 +1493,11 @@ int udp_lib_getsockopt(struct sock *sk, int level, int optname,
1486 1493
1487 if (put_user(len, optlen)) 1494 if (put_user(len, optlen))
1488 return -EFAULT; 1495 return -EFAULT;
1489 if (copy_to_user(optval, &val,len)) 1496 if (copy_to_user(optval, &val, len))
1490 return -EFAULT; 1497 return -EFAULT;
1491 return 0; 1498 return 0;
1492} 1499}
1500EXPORT_SYMBOL(udp_lib_getsockopt);
1493 1501
1494int udp_getsockopt(struct sock *sk, int level, int optname, 1502int udp_getsockopt(struct sock *sk, int level, int optname,
1495 char __user *optval, int __user *optlen) 1503 char __user *optval, int __user *optlen)
@@ -1528,9 +1536,9 @@ unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait)
1528 int is_lite = IS_UDPLITE(sk); 1536 int is_lite = IS_UDPLITE(sk);
1529 1537
1530 /* Check for false positives due to checksum errors */ 1538 /* Check for false positives due to checksum errors */
1531 if ( (mask & POLLRDNORM) && 1539 if ((mask & POLLRDNORM) &&
1532 !(file->f_flags & O_NONBLOCK) && 1540 !(file->f_flags & O_NONBLOCK) &&
1533 !(sk->sk_shutdown & RCV_SHUTDOWN)){ 1541 !(sk->sk_shutdown & RCV_SHUTDOWN)) {
1534 struct sk_buff_head *rcvq = &sk->sk_receive_queue; 1542 struct sk_buff_head *rcvq = &sk->sk_receive_queue;
1535 struct sk_buff *skb; 1543 struct sk_buff *skb;
1536 1544
@@ -1552,6 +1560,7 @@ unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait)
1552 return mask; 1560 return mask;
1553 1561
1554} 1562}
1563EXPORT_SYMBOL(udp_poll);
1555 1564
1556struct proto udp_prot = { 1565struct proto udp_prot = {
1557 .name = "UDP", 1566 .name = "UDP",
@@ -1582,6 +1591,7 @@ struct proto udp_prot = {
1582 .compat_getsockopt = compat_udp_getsockopt, 1591 .compat_getsockopt = compat_udp_getsockopt,
1583#endif 1592#endif
1584}; 1593};
1594EXPORT_SYMBOL(udp_prot);
1585 1595
1586/* ------------------------------------------------------------------------ */ 1596/* ------------------------------------------------------------------------ */
1587#ifdef CONFIG_PROC_FS 1597#ifdef CONFIG_PROC_FS
@@ -1703,11 +1713,13 @@ int udp_proc_register(struct net *net, struct udp_seq_afinfo *afinfo)
1703 rc = -ENOMEM; 1713 rc = -ENOMEM;
1704 return rc; 1714 return rc;
1705} 1715}
1716EXPORT_SYMBOL(udp_proc_register);
1706 1717
1707void udp_proc_unregister(struct net *net, struct udp_seq_afinfo *afinfo) 1718void udp_proc_unregister(struct net *net, struct udp_seq_afinfo *afinfo)
1708{ 1719{
1709 proc_net_remove(net, afinfo->name); 1720 proc_net_remove(net, afinfo->name);
1710} 1721}
1722EXPORT_SYMBOL(udp_proc_unregister);
1711 1723
1712/* ------------------------------------------------------------------------ */ 1724/* ------------------------------------------------------------------------ */
1713static void udp4_format_sock(struct sock *sp, struct seq_file *f, 1725static void udp4_format_sock(struct sock *sp, struct seq_file *f,
@@ -1741,7 +1753,7 @@ int udp4_seq_show(struct seq_file *seq, void *v)
1741 int len; 1753 int len;
1742 1754
1743 udp4_format_sock(v, seq, state->bucket, &len); 1755 udp4_format_sock(v, seq, state->bucket, &len);
1744 seq_printf(seq, "%*s\n", 127 - len ,""); 1756 seq_printf(seq, "%*s\n", 127 - len, "");
1745 } 1757 }
1746 return 0; 1758 return 0;
1747} 1759}
@@ -1816,16 +1828,64 @@ void __init udp_init(void)
1816 sysctl_udp_wmem_min = SK_MEM_QUANTUM; 1828 sysctl_udp_wmem_min = SK_MEM_QUANTUM;
1817} 1829}
1818 1830
1819EXPORT_SYMBOL(udp_disconnect); 1831int udp4_ufo_send_check(struct sk_buff *skb)
1820EXPORT_SYMBOL(udp_ioctl); 1832{
1821EXPORT_SYMBOL(udp_prot); 1833 const struct iphdr *iph;
1822EXPORT_SYMBOL(udp_sendmsg); 1834 struct udphdr *uh;
1823EXPORT_SYMBOL(udp_lib_getsockopt); 1835
1824EXPORT_SYMBOL(udp_lib_setsockopt); 1836 if (!pskb_may_pull(skb, sizeof(*uh)))
1825EXPORT_SYMBOL(udp_poll); 1837 return -EINVAL;
1826EXPORT_SYMBOL(udp_lib_get_port); 1838
1839 iph = ip_hdr(skb);
1840 uh = udp_hdr(skb);
1841
1842 uh->check = ~csum_tcpudp_magic(iph->saddr, iph->daddr, skb->len,
1843 IPPROTO_UDP, 0);
1844 skb->csum_start = skb_transport_header(skb) - skb->head;
1845 skb->csum_offset = offsetof(struct udphdr, check);
1846 skb->ip_summed = CHECKSUM_PARTIAL;
1847 return 0;
1848}
1849
1850struct sk_buff *udp4_ufo_fragment(struct sk_buff *skb, int features)
1851{
1852 struct sk_buff *segs = ERR_PTR(-EINVAL);
1853 unsigned int mss;
1854 int offset;
1855 __wsum csum;
1856
1857 mss = skb_shinfo(skb)->gso_size;
1858 if (unlikely(skb->len <= mss))
1859 goto out;
1860
1861 if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
1862 /* Packet is from an untrusted source, reset gso_segs. */
1863 int type = skb_shinfo(skb)->gso_type;
1864
1865 if (unlikely(type & ~(SKB_GSO_UDP | SKB_GSO_DODGY) ||
1866 !(type & (SKB_GSO_UDP))))
1867 goto out;
1868
1869 skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len, mss);
1870
1871 segs = NULL;
1872 goto out;
1873 }
1874
1875 /* Do software UFO. Complete and fill in the UDP checksum as HW cannot
1876 * do checksum of UDP packets sent as multiple IP fragments.
1877 */
1878 offset = skb->csum_start - skb_headroom(skb);
1879 csum = skb_checksum(skb, offset, skb->len - offset, 0);
1880 offset += skb->csum_offset;
1881 *(__sum16 *)(skb->data + offset) = csum_fold(csum);
1882 skb->ip_summed = CHECKSUM_NONE;
1883
1884 /* Fragment the skb. IP headers of the fragments are updated in
1885 * inet_gso_segment()
1886 */
1887 segs = skb_segment(skb, features);
1888out:
1889 return segs;
1890}
1827 1891
1828#ifdef CONFIG_PROC_FS
1829EXPORT_SYMBOL(udp_proc_register);
1830EXPORT_SYMBOL(udp_proc_unregister);
1831#endif
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 0071ee6f441f..74fb2eb833ec 100644
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@@ -264,6 +264,22 @@ static struct xfrm_policy_afinfo xfrm4_policy_afinfo = {
264 .fill_dst = xfrm4_fill_dst, 264 .fill_dst = xfrm4_fill_dst,
265}; 265};
266 266
267#ifdef CONFIG_SYSCTL
268static struct ctl_table xfrm4_policy_table[] = {
269 {
270 .ctl_name = CTL_UNNUMBERED,
271 .procname = "xfrm4_gc_thresh",
272 .data = &xfrm4_dst_ops.gc_thresh,
273 .maxlen = sizeof(int),
274 .mode = 0644,
275 .proc_handler = proc_dointvec,
276 },
277 { }
278};
279
280static struct ctl_table_header *sysctl_hdr;
281#endif
282
267static void __init xfrm4_policy_init(void) 283static void __init xfrm4_policy_init(void)
268{ 284{
269 xfrm_policy_register_afinfo(&xfrm4_policy_afinfo); 285 xfrm_policy_register_afinfo(&xfrm4_policy_afinfo);
@@ -271,12 +287,31 @@ static void __init xfrm4_policy_init(void)
271 287
272static void __exit xfrm4_policy_fini(void) 288static void __exit xfrm4_policy_fini(void)
273{ 289{
290#ifdef CONFIG_SYSCTL
291 if (sysctl_hdr)
292 unregister_net_sysctl_table(sysctl_hdr);
293#endif
274 xfrm_policy_unregister_afinfo(&xfrm4_policy_afinfo); 294 xfrm_policy_unregister_afinfo(&xfrm4_policy_afinfo);
275} 295}
276 296
277void __init xfrm4_init(void) 297void __init xfrm4_init(int rt_max_size)
278{ 298{
279 xfrm4_state_init(); 299 xfrm4_state_init();
280 xfrm4_policy_init(); 300 xfrm4_policy_init();
301 /*
302 * Select a default value for the gc_thresh based on the main route
303 * table hash size. It seems to me the worst case scenario is when
304 * we have ipsec operating in transport mode, in which we create a
305 * dst_entry per socket. The xfrm gc algorithm starts trying to remove
306 * entries at gc_thresh, and prevents new allocations as 2*gc_thresh
307 * so lets set an initial xfrm gc_thresh value at the rt_max_size/2.
308 * That will let us store an ipsec connection per route table entry,
309 * and start cleaning when were 1/2 full
310 */
311 xfrm4_dst_ops.gc_thresh = rt_max_size/2;
312#ifdef CONFIG_SYSCTL
313 sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv4_ctl_path,
314 xfrm4_policy_table);
315#endif
281} 316}
282 317
diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
index caa0278d30a9..bf85d5f97032 100644
--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -772,6 +772,11 @@ static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features)
772 struct sk_buff *segs = ERR_PTR(-EINVAL); 772 struct sk_buff *segs = ERR_PTR(-EINVAL);
773 struct ipv6hdr *ipv6h; 773 struct ipv6hdr *ipv6h;
774 struct inet6_protocol *ops; 774 struct inet6_protocol *ops;
775 int proto;
776 struct frag_hdr *fptr;
777 unsigned int unfrag_ip6hlen;
778 u8 *prevhdr;
779 int offset = 0;
775 780
776 if (!(features & NETIF_F_V6_CSUM)) 781 if (!(features & NETIF_F_V6_CSUM))
777 features &= ~NETIF_F_SG; 782 features &= ~NETIF_F_SG;
@@ -791,10 +796,9 @@ static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features)
791 __skb_pull(skb, sizeof(*ipv6h)); 796 __skb_pull(skb, sizeof(*ipv6h));
792 segs = ERR_PTR(-EPROTONOSUPPORT); 797 segs = ERR_PTR(-EPROTONOSUPPORT);
793 798
799 proto = ipv6_gso_pull_exthdrs(skb, ipv6h->nexthdr);
794 rcu_read_lock(); 800 rcu_read_lock();
795 ops = rcu_dereference(inet6_protos[ 801 ops = rcu_dereference(inet6_protos[proto]);
796 ipv6_gso_pull_exthdrs(skb, ipv6h->nexthdr)]);
797
798 if (likely(ops && ops->gso_segment)) { 802 if (likely(ops && ops->gso_segment)) {
799 skb_reset_transport_header(skb); 803 skb_reset_transport_header(skb);
800 segs = ops->gso_segment(skb, features); 804 segs = ops->gso_segment(skb, features);
@@ -808,6 +812,16 @@ static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features)
808 ipv6h = ipv6_hdr(skb); 812 ipv6h = ipv6_hdr(skb);
809 ipv6h->payload_len = htons(skb->len - skb->mac_len - 813 ipv6h->payload_len = htons(skb->len - skb->mac_len -
810 sizeof(*ipv6h)); 814 sizeof(*ipv6h));
815 if (proto == IPPROTO_UDP) {
816 unfrag_ip6hlen = ip6_find_1stfragopt(skb, &prevhdr);
817 fptr = (struct frag_hdr *)(skb_network_header(skb) +
818 unfrag_ip6hlen);
819 fptr->frag_off = htons(offset);
820 if (skb->next != NULL)
821 fptr->frag_off |= htons(IP6_MF);
822 offset += (ntohs(ipv6h->payload_len) -
823 sizeof(struct frag_hdr));
824 }
811 } 825 }
812 826
813out: 827out:
diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c
index eab62a7a8f06..e2325f6a05fb 100644
--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -323,7 +323,7 @@ void icmpv6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info,
323 int iif = 0; 323 int iif = 0;
324 int addr_type = 0; 324 int addr_type = 0;
325 int len; 325 int len;
326 int hlimit, tclass; 326 int hlimit;
327 int err = 0; 327 int err = 0;
328 328
329 if ((u8 *)hdr < skb->head || 329 if ((u8 *)hdr < skb->head ||
@@ -469,10 +469,6 @@ route_done:
469 if (hlimit < 0) 469 if (hlimit < 0)
470 hlimit = ip6_dst_hoplimit(dst); 470 hlimit = ip6_dst_hoplimit(dst);
471 471
472 tclass = np->tclass;
473 if (tclass < 0)
474 tclass = 0;
475
476 msg.skb = skb; 472 msg.skb = skb;
477 msg.offset = skb_network_offset(skb); 473 msg.offset = skb_network_offset(skb);
478 msg.type = type; 474 msg.type = type;
@@ -488,8 +484,8 @@ route_done:
488 484
489 err = ip6_append_data(sk, icmpv6_getfrag, &msg, 485 err = ip6_append_data(sk, icmpv6_getfrag, &msg,
490 len + sizeof(struct icmp6hdr), 486 len + sizeof(struct icmp6hdr),
491 sizeof(struct icmp6hdr), 487 sizeof(struct icmp6hdr), hlimit,
492 hlimit, tclass, NULL, &fl, (struct rt6_info*)dst, 488 np->tclass, NULL, &fl, (struct rt6_info*)dst,
493 MSG_DONTWAIT); 489 MSG_DONTWAIT);
494 if (err) { 490 if (err) {
495 ip6_flush_pending_frames(sk); 491 ip6_flush_pending_frames(sk);
@@ -522,7 +518,6 @@ static void icmpv6_echo_reply(struct sk_buff *skb)
522 struct dst_entry *dst; 518 struct dst_entry *dst;
523 int err = 0; 519 int err = 0;
524 int hlimit; 520 int hlimit;
525 int tclass;
526 521
527 saddr = &ipv6_hdr(skb)->daddr; 522 saddr = &ipv6_hdr(skb)->daddr;
528 523
@@ -562,10 +557,6 @@ static void icmpv6_echo_reply(struct sk_buff *skb)
562 if (hlimit < 0) 557 if (hlimit < 0)
563 hlimit = ip6_dst_hoplimit(dst); 558 hlimit = ip6_dst_hoplimit(dst);
564 559
565 tclass = np->tclass;
566 if (tclass < 0)
567 tclass = 0;
568
569 idev = in6_dev_get(skb->dev); 560 idev = in6_dev_get(skb->dev);
570 561
571 msg.skb = skb; 562 msg.skb = skb;
@@ -573,7 +564,7 @@ static void icmpv6_echo_reply(struct sk_buff *skb)
573 msg.type = ICMPV6_ECHO_REPLY; 564 msg.type = ICMPV6_ECHO_REPLY;
574 565
575 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr), 566 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr),
576 sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl, 567 sizeof(struct icmp6hdr), hlimit, np->tclass, NULL, &fl,
577 (struct rt6_info*)dst, MSG_DONTWAIT); 568 (struct rt6_info*)dst, MSG_DONTWAIT);
578 569
579 if (err) { 570 if (err) {
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 52ee1dced2ff..0e93ca56eb69 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -164,12 +164,6 @@ static __inline__ void rt6_release(struct rt6_info *rt)
164 dst_free(&rt->u.dst); 164 dst_free(&rt->u.dst);
165} 165}
166 166
167#ifdef CONFIG_IPV6_MULTIPLE_TABLES
168#define FIB_TABLE_HASHSZ 256
169#else
170#define FIB_TABLE_HASHSZ 1
171#endif
172
173static void fib6_link_table(struct net *net, struct fib6_table *tb) 167static void fib6_link_table(struct net *net, struct fib6_table *tb)
174{ 168{
175 unsigned int h; 169 unsigned int h;
@@ -180,7 +174,7 @@ static void fib6_link_table(struct net *net, struct fib6_table *tb)
180 */ 174 */
181 rwlock_init(&tb->tb6_lock); 175 rwlock_init(&tb->tb6_lock);
182 176
183 h = tb->tb6_id & (FIB_TABLE_HASHSZ - 1); 177 h = tb->tb6_id & (FIB6_TABLE_HASHSZ - 1);
184 178
185 /* 179 /*
186 * No protection necessary, this is the only list mutatation 180 * No protection necessary, this is the only list mutatation
@@ -231,7 +225,7 @@ struct fib6_table *fib6_get_table(struct net *net, u32 id)
231 225
232 if (id == 0) 226 if (id == 0)
233 id = RT6_TABLE_MAIN; 227 id = RT6_TABLE_MAIN;
234 h = id & (FIB_TABLE_HASHSZ - 1); 228 h = id & (FIB6_TABLE_HASHSZ - 1);
235 rcu_read_lock(); 229 rcu_read_lock();
236 head = &net->ipv6.fib_table_hash[h]; 230 head = &net->ipv6.fib_table_hash[h];
237 hlist_for_each_entry_rcu(tb, node, head, tb6_hlist) { 231 hlist_for_each_entry_rcu(tb, node, head, tb6_hlist) {
@@ -382,7 +376,7 @@ static int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)
382 arg.net = net; 376 arg.net = net;
383 w->args = &arg; 377 w->args = &arg;
384 378
385 for (h = s_h; h < FIB_TABLE_HASHSZ; h++, s_e = 0) { 379 for (h = s_h; h < FIB6_TABLE_HASHSZ; h++, s_e = 0) {
386 e = 0; 380 e = 0;
387 head = &net->ipv6.fib_table_hash[h]; 381 head = &net->ipv6.fib_table_hash[h];
388 hlist_for_each_entry(tb, node, head, tb6_hlist) { 382 hlist_for_each_entry(tb, node, head, tb6_hlist) {
@@ -1368,7 +1362,7 @@ void fib6_clean_all(struct net *net, int (*func)(struct rt6_info *, void *arg),
1368 unsigned int h; 1362 unsigned int h;
1369 1363
1370 rcu_read_lock(); 1364 rcu_read_lock();
1371 for (h = 0; h < FIB_TABLE_HASHSZ; h++) { 1365 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
1372 head = &net->ipv6.fib_table_hash[h]; 1366 head = &net->ipv6.fib_table_hash[h];
1373 hlist_for_each_entry_rcu(table, node, head, tb6_hlist) { 1367 hlist_for_each_entry_rcu(table, node, head, tb6_hlist) {
1374 write_lock_bh(&table->tb6_lock); 1368 write_lock_bh(&table->tb6_lock);
@@ -1483,7 +1477,7 @@ static int fib6_net_init(struct net *net)
1483 if (!net->ipv6.rt6_stats) 1477 if (!net->ipv6.rt6_stats)
1484 goto out_timer; 1478 goto out_timer;
1485 1479
1486 net->ipv6.fib_table_hash = kcalloc(FIB_TABLE_HASHSZ, 1480 net->ipv6.fib_table_hash = kcalloc(FIB6_TABLE_HASHSZ,
1487 sizeof(*net->ipv6.fib_table_hash), 1481 sizeof(*net->ipv6.fib_table_hash),
1488 GFP_KERNEL); 1482 GFP_KERNEL);
1489 if (!net->ipv6.fib_table_hash) 1483 if (!net->ipv6.fib_table_hash)
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
index 6d6a4277c677..2d9cbaa67edb 100644
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -63,7 +63,7 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
63 63
64 if (skb->pkt_type == PACKET_OTHERHOST) { 64 if (skb->pkt_type == PACKET_OTHERHOST) {
65 kfree_skb(skb); 65 kfree_skb(skb);
66 return 0; 66 return NET_RX_DROP;
67 } 67 }
68 68
69 rcu_read_lock(); 69 rcu_read_lock();
@@ -133,7 +133,7 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
133 if (ipv6_parse_hopopts(skb) < 0) { 133 if (ipv6_parse_hopopts(skb) < 0) {
134 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_INHDRERRORS); 134 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_INHDRERRORS);
135 rcu_read_unlock(); 135 rcu_read_unlock();
136 return 0; 136 return NET_RX_DROP;
137 } 137 }
138 } 138 }
139 139
@@ -149,7 +149,7 @@ err:
149drop: 149drop:
150 rcu_read_unlock(); 150 rcu_read_unlock();
151 kfree_skb(skb); 151 kfree_skb(skb);
152 return 0; 152 return NET_RX_DROP;
153} 153}
154 154
155/* 155/*
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 87f8419a68fd..6ad5aadf81ad 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -57,18 +57,6 @@
57 57
58static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)); 58static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *));
59 59
60static __inline__ void ipv6_select_ident(struct sk_buff *skb, struct frag_hdr *fhdr)
61{
62 static u32 ipv6_fragmentation_id = 1;
63 static DEFINE_SPINLOCK(ip6_id_lock);
64
65 spin_lock_bh(&ip6_id_lock);
66 fhdr->identification = htonl(ipv6_fragmentation_id);
67 if (++ipv6_fragmentation_id == 0)
68 ipv6_fragmentation_id = 1;
69 spin_unlock_bh(&ip6_id_lock);
70}
71
72int __ip6_local_out(struct sk_buff *skb) 60int __ip6_local_out(struct sk_buff *skb)
73{ 61{
74 int len; 62 int len;
@@ -206,7 +194,8 @@ int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
206 struct ipv6hdr *hdr; 194 struct ipv6hdr *hdr;
207 u8 proto = fl->proto; 195 u8 proto = fl->proto;
208 int seg_len = skb->len; 196 int seg_len = skb->len;
209 int hlimit, tclass; 197 int hlimit = -1;
198 int tclass = 0;
210 u32 mtu; 199 u32 mtu;
211 200
212 if (opt) { 201 if (opt) {
@@ -249,19 +238,13 @@ int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
249 /* 238 /*
250 * Fill in the IPv6 header 239 * Fill in the IPv6 header
251 */ 240 */
252 241 if (np) {
253 hlimit = -1; 242 tclass = np->tclass;
254 if (np)
255 hlimit = np->hop_limit; 243 hlimit = np->hop_limit;
244 }
256 if (hlimit < 0) 245 if (hlimit < 0)
257 hlimit = ip6_dst_hoplimit(dst); 246 hlimit = ip6_dst_hoplimit(dst);
258 247
259 tclass = -1;
260 if (np)
261 tclass = np->tclass;
262 if (tclass < 0)
263 tclass = 0;
264
265 *(__be32 *)hdr = htonl(0x60000000 | (tclass << 20)) | fl->fl6_flowlabel; 248 *(__be32 *)hdr = htonl(0x60000000 | (tclass << 20)) | fl->fl6_flowlabel;
266 249
267 hdr->payload_len = htons(seg_len); 250 hdr->payload_len = htons(seg_len);
@@ -706,7 +689,7 @@ static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
706 skb_reset_network_header(skb); 689 skb_reset_network_header(skb);
707 memcpy(skb_network_header(skb), tmp_hdr, hlen); 690 memcpy(skb_network_header(skb), tmp_hdr, hlen);
708 691
709 ipv6_select_ident(skb, fh); 692 ipv6_select_ident(fh);
710 fh->nexthdr = nexthdr; 693 fh->nexthdr = nexthdr;
711 fh->reserved = 0; 694 fh->reserved = 0;
712 fh->frag_off = htons(IP6_MF); 695 fh->frag_off = htons(IP6_MF);
@@ -844,7 +827,7 @@ slow_path:
844 fh->nexthdr = nexthdr; 827 fh->nexthdr = nexthdr;
845 fh->reserved = 0; 828 fh->reserved = 0;
846 if (!frag_id) { 829 if (!frag_id) {
847 ipv6_select_ident(skb, fh); 830 ipv6_select_ident(fh);
848 frag_id = fh->identification; 831 frag_id = fh->identification;
849 } else 832 } else
850 fh->identification = frag_id; 833 fh->identification = frag_id;
@@ -1087,11 +1070,13 @@ static inline int ip6_ufo_append_data(struct sock *sk,
1087 if (!err) { 1070 if (!err) {
1088 struct frag_hdr fhdr; 1071 struct frag_hdr fhdr;
1089 1072
1090 /* specify the length of each IP datagram fragment*/ 1073 /* Specify the length of each IPv6 datagram fragment.
1091 skb_shinfo(skb)->gso_size = mtu - fragheaderlen - 1074 * It has to be a multiple of 8.
1092 sizeof(struct frag_hdr); 1075 */
1076 skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
1077 sizeof(struct frag_hdr)) & ~7;
1093 skb_shinfo(skb)->gso_type = SKB_GSO_UDP; 1078 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1094 ipv6_select_ident(skb, &fhdr); 1079 ipv6_select_ident(&fhdr);
1095 skb_shinfo(skb)->ip6_frag_id = fhdr.identification; 1080 skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
1096 __skb_queue_tail(&sk->sk_write_queue, skb); 1081 __skb_queue_tail(&sk->sk_write_queue, skb);
1097 1082
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 51f410e7775a..a1d6045c4694 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -1063,14 +1063,14 @@ ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1063 goto tx_err; 1063 goto tx_err;
1064 1064
1065 t->recursion--; 1065 t->recursion--;
1066 return 0; 1066 return NETDEV_TX_OK;
1067 1067
1068tx_err: 1068tx_err:
1069 stats->tx_errors++; 1069 stats->tx_errors++;
1070 stats->tx_dropped++; 1070 stats->tx_dropped++;
1071 kfree_skb(skb); 1071 kfree_skb(skb);
1072 t->recursion--; 1072 t->recursion--;
1073 return 0; 1073 return NETDEV_TX_OK;
1074} 1074}
1075 1075
1076static void ip6_tnl_set_cap(struct ip6_tnl *t) 1076static void ip6_tnl_set_cap(struct ip6_tnl *t)
diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c
index c769f155c698..07ded5075b33 100644
--- a/net/ipv6/ip6mr.c
+++ b/net/ipv6/ip6mr.c
@@ -427,7 +427,7 @@ static int reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
427 MRT6MSG_WHOLEPKT); 427 MRT6MSG_WHOLEPKT);
428 read_unlock(&mrt_lock); 428 read_unlock(&mrt_lock);
429 kfree_skb(skb); 429 kfree_skb(skb);
430 return 0; 430 return NETDEV_TX_OK;
431} 431}
432 432
433static const struct net_device_ops reg_vif_netdev_ops = { 433static const struct net_device_ops reg_vif_netdev_ops = {
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index a7fdf9a27f15..f5e0682b402d 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -315,6 +315,9 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
315 goto e_inval; 315 goto e_inval;
316 if (val < -1 || val > 0xff) 316 if (val < -1 || val > 0xff)
317 goto e_inval; 317 goto e_inval;
318 /* RFC 3542, 6.5: default traffic class of 0x0 */
319 if (val == -1)
320 val = 0;
318 np->tclass = val; 321 np->tclass = val;
319 retv = 0; 322 retv = 0;
320 break; 323 break;
@@ -1037,8 +1040,6 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
1037 1040
1038 case IPV6_TCLASS: 1041 case IPV6_TCLASS:
1039 val = np->tclass; 1042 val = np->tclass;
1040 if (val < 0)
1041 val = 0;
1042 break; 1043 break;
1043 1044
1044 case IPV6_RECVTCLASS: 1045 case IPV6_RECVTCLASS:
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index 4b264ed40a8c..71c3dacec1ed 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -2107,7 +2107,6 @@ static int ip6_mc_add_src(struct inet6_dev *idev, struct in6_addr *pmca,
2107 for (j=0; j<i; j++) 2107 for (j=0; j<i; j++)
2108 (void) ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]); 2108 (void) ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]);
2109 } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) { 2109 } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) {
2110 struct inet6_dev *idev = pmc->idev;
2111 struct ip6_sf_list *psf; 2110 struct ip6_sf_list *psf;
2112 2111
2113 /* filter mode change */ 2112 /* filter mode change */
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
index 9eb68e92cc18..1ba42bd65577 100644
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -955,8 +955,8 @@ static void ndisc_recv_na(struct sk_buff *skb)
955 */ 955 */
956 if (skb->pkt_type != PACKET_LOOPBACK) 956 if (skb->pkt_type != PACKET_LOOPBACK)
957 ND_PRINTK1(KERN_WARNING 957 ND_PRINTK1(KERN_WARNING
958 "ICMPv6 NA: someone advertises our address on %s!\n", 958 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
959 ifp->idev->dev->name); 959 &ifp->addr, ifp->idev->dev->name);
960 in6_ifa_put(ifp); 960 in6_ifa_put(ifp);
961 return; 961 return;
962 } 962 }
diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c
index 590ddefb7ffc..c9605c3ad91f 100644
--- a/net/ipv6/proc.c
+++ b/net/ipv6/proc.c
@@ -101,7 +101,7 @@ static struct snmp_mib snmp6_icmp6_list[] = {
101}; 101};
102 102
103/* RFC 4293 v6 ICMPMsgStatsTable; named items for RFC 2466 compatibility */ 103/* RFC 4293 v6 ICMPMsgStatsTable; named items for RFC 2466 compatibility */
104static char *icmp6type2name[256] = { 104static const char *const icmp6type2name[256] = {
105 [ICMPV6_DEST_UNREACH] = "DestUnreachs", 105 [ICMPV6_DEST_UNREACH] = "DestUnreachs",
106 [ICMPV6_PKT_TOOBIG] = "PktTooBigs", 106 [ICMPV6_PKT_TOOBIG] = "PktTooBigs",
107 [ICMPV6_TIME_EXCEED] = "TimeExcds", 107 [ICMPV6_TIME_EXCEED] = "TimeExcds",
@@ -144,7 +144,7 @@ static void snmp6_seq_show_icmpv6msg(struct seq_file *seq, void **mib)
144 /* print by name -- deprecated items */ 144 /* print by name -- deprecated items */
145 for (i = 0; i < ICMP6MSG_MIB_MAX; i++) { 145 for (i = 0; i < ICMP6MSG_MIB_MAX; i++) {
146 int icmptype; 146 int icmptype;
147 char *p; 147 const char *p;
148 148
149 icmptype = i & 0xff; 149 icmptype = i & 0xff;
150 p = icmp6type2name[icmptype]; 150 p = icmp6type2name[icmptype];
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index d6c3c1c34b2d..506841030fbe 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -877,11 +877,8 @@ static int rawv6_sendmsg(struct kiocb *iocb, struct sock *sk,
877 hlimit = ip6_dst_hoplimit(dst); 877 hlimit = ip6_dst_hoplimit(dst);
878 } 878 }
879 879
880 if (tclass < 0) { 880 if (tclass < 0)
881 tclass = np->tclass; 881 tclass = np->tclass;
882 if (tclass < 0)
883 tclass = 0;
884 }
885 882
886 if (msg->msg_flags&MSG_CONFIRM) 883 if (msg->msg_flags&MSG_CONFIRM)
887 goto do_confirm; 884 goto do_confirm;
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 98b7327d0949..d335a306a4db 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -753,7 +753,7 @@ static int ipip6_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
753 stats->tx_dropped++; 753 stats->tx_dropped++;
754 dev_kfree_skb(skb); 754 dev_kfree_skb(skb);
755 tunnel->recursion--; 755 tunnel->recursion--;
756 return 0; 756 return NETDEV_TX_OK;
757 } 757 }
758 if (skb->sk) 758 if (skb->sk)
759 skb_set_owner_w(new_skb, skb->sk); 759 skb_set_owner_w(new_skb, skb->sk);
@@ -794,7 +794,7 @@ static int ipip6_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
794 794
795 IPTUNNEL_XMIT(); 795 IPTUNNEL_XMIT();
796 tunnel->recursion--; 796 tunnel->recursion--;
797 return 0; 797 return NETDEV_TX_OK;
798 798
799tx_error_icmp: 799tx_error_icmp:
800 dst_link_failure(skb); 800 dst_link_failure(skb);
@@ -802,7 +802,7 @@ tx_error:
802 stats->tx_errors++; 802 stats->tx_errors++;
803 dev_kfree_skb(skb); 803 dev_kfree_skb(skb);
804 tunnel->recursion--; 804 tunnel->recursion--;
805 return 0; 805 return NETDEV_TX_OK;
806} 806}
807 807
808static void ipip6_tunnel_bind_dev(struct net_device *dev) 808static void ipip6_tunnel_bind_dev(struct net_device *dev)
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index a031034720b4..0dc6a4e5ed4a 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -40,7 +40,7 @@ static ctl_table ipv6_table_template[] = {
40 { .ctl_name = 0 } 40 { .ctl_name = 0 }
41}; 41};
42 42
43static ctl_table ipv6_table[] = { 43static ctl_table ipv6_rotable[] = {
44 { 44 {
45 .ctl_name = NET_IPV6_MLD_MAX_MSF, 45 .ctl_name = NET_IPV6_MLD_MAX_MSF,
46 .procname = "mld_max_msf", 46 .procname = "mld_max_msf",
@@ -130,7 +130,7 @@ int ipv6_sysctl_register(void)
130{ 130{
131 int err = -ENOMEM; 131 int err = -ENOMEM;
132 132
133 ip6_header = register_net_sysctl_rotable(net_ipv6_ctl_path, ipv6_table); 133 ip6_header = register_net_sysctl_rotable(net_ipv6_ctl_path, ipv6_rotable);
134 if (ip6_header == NULL) 134 if (ip6_header == NULL)
135 goto out; 135 goto out;
136 136
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index 33b59bd92c4d..20d2ffc15f0d 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -638,6 +638,47 @@ static void udp_v6_flush_pending_frames(struct sock *sk)
638 } 638 }
639} 639}
640 640
641/**
642 * udp6_hwcsum_outgoing - handle outgoing HW checksumming
643 * @sk: socket we are sending on
644 * @skb: sk_buff containing the filled-in UDP header
645 * (checksum field must be zeroed out)
646 */
647static void udp6_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb,
648 const struct in6_addr *saddr,
649 const struct in6_addr *daddr, int len)
650{
651 unsigned int offset;
652 struct udphdr *uh = udp_hdr(skb);
653 __wsum csum = 0;
654
655 if (skb_queue_len(&sk->sk_write_queue) == 1) {
656 /* Only one fragment on the socket. */
657 skb->csum_start = skb_transport_header(skb) - skb->head;
658 skb->csum_offset = offsetof(struct udphdr, check);
659 uh->check = ~csum_ipv6_magic(saddr, daddr, len, IPPROTO_UDP, 0);
660 } else {
661 /*
662 * HW-checksum won't work as there are two or more
663 * fragments on the socket so that all csums of sk_buffs
664 * should be together
665 */
666 offset = skb_transport_offset(skb);
667 skb->csum = skb_checksum(skb, offset, skb->len - offset, 0);
668
669 skb->ip_summed = CHECKSUM_NONE;
670
671 skb_queue_walk(&sk->sk_write_queue, skb) {
672 csum = csum_add(csum, skb->csum);
673 }
674
675 uh->check = csum_ipv6_magic(saddr, daddr, len, IPPROTO_UDP,
676 csum);
677 if (uh->check == 0)
678 uh->check = CSUM_MANGLED_0;
679 }
680}
681
641/* 682/*
642 * Sending 683 * Sending
643 */ 684 */
@@ -668,7 +709,11 @@ static int udp_v6_push_pending_frames(struct sock *sk)
668 709
669 if (is_udplite) 710 if (is_udplite)
670 csum = udplite_csum_outgoing(sk, skb); 711 csum = udplite_csum_outgoing(sk, skb);
671 else 712 else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */
713 udp6_hwcsum_outgoing(sk, skb, &fl->fl6_src, &fl->fl6_dst,
714 up->len);
715 goto send;
716 } else
672 csum = udp_csum_outgoing(sk, skb); 717 csum = udp_csum_outgoing(sk, skb);
673 718
674 /* add protocol-dependent pseudo-header */ 719 /* add protocol-dependent pseudo-header */
@@ -677,6 +722,7 @@ static int udp_v6_push_pending_frames(struct sock *sk)
677 if (uh->check == 0) 722 if (uh->check == 0)
678 uh->check = CSUM_MANGLED_0; 723 uh->check = CSUM_MANGLED_0;
679 724
725send:
680 err = ip6_push_pending_frames(sk); 726 err = ip6_push_pending_frames(sk);
681out: 727out:
682 up->len = 0; 728 up->len = 0;
@@ -900,11 +946,8 @@ do_udp_sendmsg:
900 hlimit = ip6_dst_hoplimit(dst); 946 hlimit = ip6_dst_hoplimit(dst);
901 } 947 }
902 948
903 if (tclass < 0) { 949 if (tclass < 0)
904 tclass = np->tclass; 950 tclass = np->tclass;
905 if (tclass < 0)
906 tclass = 0;
907 }
908 951
909 if (msg->msg_flags&MSG_CONFIRM) 952 if (msg->msg_flags&MSG_CONFIRM)
910 goto do_confirm; 953 goto do_confirm;
@@ -1032,9 +1075,102 @@ int compat_udpv6_getsockopt(struct sock *sk, int level, int optname,
1032} 1075}
1033#endif 1076#endif
1034 1077
1078static int udp6_ufo_send_check(struct sk_buff *skb)
1079{
1080 struct ipv6hdr *ipv6h;
1081 struct udphdr *uh;
1082
1083 if (!pskb_may_pull(skb, sizeof(*uh)))
1084 return -EINVAL;
1085
1086 ipv6h = ipv6_hdr(skb);
1087 uh = udp_hdr(skb);
1088
1089 uh->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
1090 IPPROTO_UDP, 0);
1091 skb->csum_start = skb_transport_header(skb) - skb->head;
1092 skb->csum_offset = offsetof(struct udphdr, check);
1093 skb->ip_summed = CHECKSUM_PARTIAL;
1094 return 0;
1095}
1096
1097static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb, int features)
1098{
1099 struct sk_buff *segs = ERR_PTR(-EINVAL);
1100 unsigned int mss;
1101 unsigned int unfrag_ip6hlen, unfrag_len;
1102 struct frag_hdr *fptr;
1103 u8 *mac_start, *prevhdr;
1104 u8 nexthdr;
1105 u8 frag_hdr_sz = sizeof(struct frag_hdr);
1106 int offset;
1107 __wsum csum;
1108
1109 mss = skb_shinfo(skb)->gso_size;
1110 if (unlikely(skb->len <= mss))
1111 goto out;
1112
1113 if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
1114 /* Packet is from an untrusted source, reset gso_segs. */
1115 int type = skb_shinfo(skb)->gso_type;
1116
1117 if (unlikely(type & ~(SKB_GSO_UDP | SKB_GSO_DODGY) ||
1118 !(type & (SKB_GSO_UDP))))
1119 goto out;
1120
1121 skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len, mss);
1122
1123 segs = NULL;
1124 goto out;
1125 }
1126
1127 /* Do software UFO. Complete and fill in the UDP checksum as HW cannot
1128 * do checksum of UDP packets sent as multiple IP fragments.
1129 */
1130 offset = skb->csum_start - skb_headroom(skb);
1131 csum = skb_checksum(skb, offset, skb->len- offset, 0);
1132 offset += skb->csum_offset;
1133 *(__sum16 *)(skb->data + offset) = csum_fold(csum);
1134 skb->ip_summed = CHECKSUM_NONE;
1135
1136 /* Check if there is enough headroom to insert fragment header. */
1137 if ((skb_headroom(skb) < frag_hdr_sz) &&
1138 pskb_expand_head(skb, frag_hdr_sz, 0, GFP_ATOMIC))
1139 goto out;
1140
1141 /* Find the unfragmentable header and shift it left by frag_hdr_sz
1142 * bytes to insert fragment header.
1143 */
1144 unfrag_ip6hlen = ip6_find_1stfragopt(skb, &prevhdr);
1145 nexthdr = *prevhdr;
1146 *prevhdr = NEXTHDR_FRAGMENT;
1147 unfrag_len = skb_network_header(skb) - skb_mac_header(skb) +
1148 unfrag_ip6hlen;
1149 mac_start = skb_mac_header(skb);
1150 memmove(mac_start-frag_hdr_sz, mac_start, unfrag_len);
1151
1152 skb->mac_header -= frag_hdr_sz;
1153 skb->network_header -= frag_hdr_sz;
1154
1155 fptr = (struct frag_hdr *)(skb_network_header(skb) + unfrag_ip6hlen);
1156 fptr->nexthdr = nexthdr;
1157 fptr->reserved = 0;
1158 ipv6_select_ident(fptr);
1159
1160 /* Fragment the skb. ipv6 header and the remaining fields of the
1161 * fragment header are updated in ipv6_gso_segment()
1162 */
1163 segs = skb_segment(skb, features);
1164
1165out:
1166 return segs;
1167}
1168
1035static struct inet6_protocol udpv6_protocol = { 1169static struct inet6_protocol udpv6_protocol = {
1036 .handler = udpv6_rcv, 1170 .handler = udpv6_rcv,
1037 .err_handler = udpv6_err, 1171 .err_handler = udpv6_err,
1172 .gso_send_check = udp6_ufo_send_check,
1173 .gso_segment = udp6_ufo_fragment,
1038 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1174 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1039}; 1175};
1040 1176
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 3a3c677bc0f2..8ec3d45cd1d9 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -306,9 +306,26 @@ static void xfrm6_policy_fini(void)
306 xfrm_policy_unregister_afinfo(&xfrm6_policy_afinfo); 306 xfrm_policy_unregister_afinfo(&xfrm6_policy_afinfo);
307} 307}
308 308
309#ifdef CONFIG_SYSCTL
310static struct ctl_table xfrm6_policy_table[] = {
311 {
312 .ctl_name = CTL_UNNUMBERED,
313 .procname = "xfrm6_gc_thresh",
314 .data = &xfrm6_dst_ops.gc_thresh,
315 .maxlen = sizeof(int),
316 .mode = 0644,
317 .proc_handler = proc_dointvec,
318 },
319 { }
320};
321
322static struct ctl_table_header *sysctl_hdr;
323#endif
324
309int __init xfrm6_init(void) 325int __init xfrm6_init(void)
310{ 326{
311 int ret; 327 int ret;
328 unsigned int gc_thresh;
312 329
313 ret = xfrm6_policy_init(); 330 ret = xfrm6_policy_init();
314 if (ret) 331 if (ret)
@@ -317,6 +334,23 @@ int __init xfrm6_init(void)
317 ret = xfrm6_state_init(); 334 ret = xfrm6_state_init();
318 if (ret) 335 if (ret)
319 goto out_policy; 336 goto out_policy;
337 /*
338 * We need a good default value for the xfrm6 gc threshold.
339 * In ipv4 we set it to the route hash table size * 8, which
340 * is half the size of the maximaum route cache for ipv4. It
341 * would be good to do the same thing for v6, except the table is
342 * constructed differently here. Here each table for a net namespace
343 * can have FIB_TABLE_HASHSZ entries, so lets go with the same
344 * computation that we used for ipv4 here. Also, lets keep the initial
345 * gc_thresh to a minimum of 1024, since, the ipv6 route cache defaults
346 * to that as a minimum as well
347 */
348 gc_thresh = FIB6_TABLE_HASHSZ * 8;
349 xfrm6_dst_ops.gc_thresh = (gc_thresh < 1024) ? 1024 : gc_thresh;
350#ifdef CONFIG_SYSCTL
351 sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv6_ctl_path,
352 xfrm6_policy_table);
353#endif
320out: 354out:
321 return ret; 355 return ret;
322out_policy: 356out_policy:
@@ -326,6 +360,10 @@ out_policy:
326 360
327void xfrm6_fini(void) 361void xfrm6_fini(void)
328{ 362{
363#ifdef CONFIG_SYSCTL
364 if (sysctl_hdr)
365 unregister_net_sysctl_table(sysctl_hdr);
366#endif
329 //xfrm6_input_fini(); 367 //xfrm6_input_fini();
330 xfrm6_policy_fini(); 368 xfrm6_policy_fini();
331 xfrm6_state_fini(); 369 xfrm6_state_fini();
diff --git a/net/irda/ircomm/ircomm_event.c b/net/irda/ircomm/ircomm_event.c
index c35b3ef5c2f0..d78554fedbac 100644
--- a/net/irda/ircomm/ircomm_event.c
+++ b/net/irda/ircomm/ircomm_event.c
@@ -49,7 +49,7 @@ static int ircomm_state_waitr(struct ircomm_cb *self, IRCOMM_EVENT event,
49static int ircomm_state_conn(struct ircomm_cb *self, IRCOMM_EVENT event, 49static int ircomm_state_conn(struct ircomm_cb *self, IRCOMM_EVENT event,
50 struct sk_buff *skb, struct ircomm_info *info); 50 struct sk_buff *skb, struct ircomm_info *info);
51 51
52char *ircomm_state[] = { 52const char *const ircomm_state[] = {
53 "IRCOMM_IDLE", 53 "IRCOMM_IDLE",
54 "IRCOMM_WAITI", 54 "IRCOMM_WAITI",
55 "IRCOMM_WAITR", 55 "IRCOMM_WAITR",
@@ -57,7 +57,7 @@ char *ircomm_state[] = {
57}; 57};
58 58
59#ifdef CONFIG_IRDA_DEBUG 59#ifdef CONFIG_IRDA_DEBUG
60static char *ircomm_event[] = { 60static const char *const ircomm_event[] = {
61 "IRCOMM_CONNECT_REQUEST", 61 "IRCOMM_CONNECT_REQUEST",
62 "IRCOMM_CONNECT_RESPONSE", 62 "IRCOMM_CONNECT_RESPONSE",
63 "IRCOMM_TTP_CONNECT_INDICATION", 63 "IRCOMM_TTP_CONNECT_INDICATION",
diff --git a/net/irda/ircomm/ircomm_tty_attach.c b/net/irda/ircomm/ircomm_tty_attach.c
index 9032a1d1190d..eafc010907c2 100644
--- a/net/irda/ircomm/ircomm_tty_attach.c
+++ b/net/irda/ircomm/ircomm_tty_attach.c
@@ -80,7 +80,7 @@ static int ircomm_tty_state_ready(struct ircomm_tty_cb *self,
80 struct sk_buff *skb, 80 struct sk_buff *skb,
81 struct ircomm_tty_info *info); 81 struct ircomm_tty_info *info);
82 82
83char *ircomm_tty_state[] = { 83const char *const ircomm_tty_state[] = {
84 "IRCOMM_TTY_IDLE", 84 "IRCOMM_TTY_IDLE",
85 "IRCOMM_TTY_SEARCH", 85 "IRCOMM_TTY_SEARCH",
86 "IRCOMM_TTY_QUERY_PARAMETERS", 86 "IRCOMM_TTY_QUERY_PARAMETERS",
@@ -91,7 +91,7 @@ char *ircomm_tty_state[] = {
91}; 91};
92 92
93#ifdef CONFIG_IRDA_DEBUG 93#ifdef CONFIG_IRDA_DEBUG
94static char *ircomm_tty_event[] = { 94static const char *const ircomm_tty_event[] = {
95 "IRCOMM_TTY_ATTACH_CABLE", 95 "IRCOMM_TTY_ATTACH_CABLE",
96 "IRCOMM_TTY_DETACH_CABLE", 96 "IRCOMM_TTY_DETACH_CABLE",
97 "IRCOMM_TTY_DATA_REQUEST", 97 "IRCOMM_TTY_DATA_REQUEST",
diff --git a/net/irda/iriap.c b/net/irda/iriap.c
index 4a105dc32dcd..294e34d3517c 100644
--- a/net/irda/iriap.c
+++ b/net/irda/iriap.c
@@ -44,7 +44,7 @@
44 44
45#ifdef CONFIG_IRDA_DEBUG 45#ifdef CONFIG_IRDA_DEBUG
46/* FIXME: This one should go in irlmp.c */ 46/* FIXME: This one should go in irlmp.c */
47static const char *ias_charset_types[] = { 47static const char *const ias_charset_types[] = {
48 "CS_ASCII", 48 "CS_ASCII",
49 "CS_ISO_8859_1", 49 "CS_ISO_8859_1",
50 "CS_ISO_8859_2", 50 "CS_ISO_8859_2",
@@ -966,7 +966,7 @@ static void iriap_watchdog_timer_expired(void *data)
966 966
967#ifdef CONFIG_PROC_FS 967#ifdef CONFIG_PROC_FS
968 968
969static const char *ias_value_types[] = { 969static const char *const ias_value_types[] = {
970 "IAS_MISSING", 970 "IAS_MISSING",
971 "IAS_INTEGER", 971 "IAS_INTEGER",
972 "IAS_OCT_SEQ", 972 "IAS_OCT_SEQ",
diff --git a/net/irda/irlan/irlan_common.c b/net/irda/irlan/irlan_common.c
index 774d73a76852..62116829b817 100644
--- a/net/irda/irlan/irlan_common.c
+++ b/net/irda/irlan/irlan_common.c
@@ -69,14 +69,14 @@ static int eth; /* Use "eth" or "irlan" name for devices */
69static int access = ACCESS_PEER; /* PEER, DIRECT or HOSTED */ 69static int access = ACCESS_PEER; /* PEER, DIRECT or HOSTED */
70 70
71#ifdef CONFIG_PROC_FS 71#ifdef CONFIG_PROC_FS
72static const char *irlan_access[] = { 72static const char *const irlan_access[] = {
73 "UNKNOWN", 73 "UNKNOWN",
74 "DIRECT", 74 "DIRECT",
75 "PEER", 75 "PEER",
76 "HOSTED" 76 "HOSTED"
77}; 77};
78 78
79static const char *irlan_media[] = { 79static const char *const irlan_media[] = {
80 "UNKNOWN", 80 "UNKNOWN",
81 "802.3", 81 "802.3",
82 "802.5" 82 "802.5"
diff --git a/net/irda/irlan/irlan_eth.c b/net/irda/irlan/irlan_eth.c
index 724bcf951b80..64230cffcfee 100644
--- a/net/irda/irlan/irlan_eth.c
+++ b/net/irda/irlan/irlan_eth.c
@@ -177,7 +177,7 @@ static int irlan_eth_xmit(struct sk_buff *skb, struct net_device *dev)
177 177
178 /* Did the realloc succeed? */ 178 /* Did the realloc succeed? */
179 if (new_skb == NULL) 179 if (new_skb == NULL)
180 return 0; 180 return NETDEV_TX_OK;
181 181
182 /* Use the new skb instead */ 182 /* Use the new skb instead */
183 skb = new_skb; 183 skb = new_skb;
@@ -209,7 +209,7 @@ static int irlan_eth_xmit(struct sk_buff *skb, struct net_device *dev)
209 self->stats.tx_bytes += skb->len; 209 self->stats.tx_bytes += skb->len;
210 } 210 }
211 211
212 return 0; 212 return NETDEV_TX_OK;
213} 213}
214 214
215/* 215/*
diff --git a/net/irda/irlap.c b/net/irda/irlap.c
index e4965b764b9b..356e65b1dc42 100644
--- a/net/irda/irlap.c
+++ b/net/irda/irlap.c
@@ -63,7 +63,7 @@ static void irlap_init_qos_capabilities(struct irlap_cb *self,
63 struct qos_info *qos_user); 63 struct qos_info *qos_user);
64 64
65#ifdef CONFIG_IRDA_DEBUG 65#ifdef CONFIG_IRDA_DEBUG
66static char *lap_reasons[] = { 66static const char *const lap_reasons[] = {
67 "ERROR, NOT USED", 67 "ERROR, NOT USED",
68 "LAP_DISC_INDICATION", 68 "LAP_DISC_INDICATION",
69 "LAP_NO_RESPONSE", 69 "LAP_NO_RESPONSE",
diff --git a/net/irda/irlap_event.c b/net/irda/irlap_event.c
index 16c4ef0f5c1a..c5c51959e3ce 100644
--- a/net/irda/irlap_event.c
+++ b/net/irda/irlap_event.c
@@ -78,7 +78,7 @@ static int irlap_state_reset_check(struct irlap_cb *, IRLAP_EVENT event,
78 struct sk_buff *, struct irlap_info *); 78 struct sk_buff *, struct irlap_info *);
79 79
80#ifdef CONFIG_IRDA_DEBUG 80#ifdef CONFIG_IRDA_DEBUG
81static const char *irlap_event[] = { 81static const char *const irlap_event[] = {
82 "DISCOVERY_REQUEST", 82 "DISCOVERY_REQUEST",
83 "CONNECT_REQUEST", 83 "CONNECT_REQUEST",
84 "CONNECT_RESPONSE", 84 "CONNECT_RESPONSE",
@@ -120,7 +120,7 @@ static const char *irlap_event[] = {
120}; 120};
121#endif /* CONFIG_IRDA_DEBUG */ 121#endif /* CONFIG_IRDA_DEBUG */
122 122
123const char *irlap_state[] = { 123const char *const irlap_state[] = {
124 "LAP_NDM", 124 "LAP_NDM",
125 "LAP_QUERY", 125 "LAP_QUERY",
126 "LAP_REPLY", 126 "LAP_REPLY",
diff --git a/net/irda/irlmp_event.c b/net/irda/irlmp_event.c
index 78cce0cb073f..c1fb5db81042 100644
--- a/net/irda/irlmp_event.c
+++ b/net/irda/irlmp_event.c
@@ -33,13 +33,13 @@
33#include <net/irda/irlmp_frame.h> 33#include <net/irda/irlmp_frame.h>
34#include <net/irda/irlmp_event.h> 34#include <net/irda/irlmp_event.h>
35 35
36const char *irlmp_state[] = { 36const char *const irlmp_state[] = {
37 "LAP_STANDBY", 37 "LAP_STANDBY",
38 "LAP_U_CONNECT", 38 "LAP_U_CONNECT",
39 "LAP_ACTIVE", 39 "LAP_ACTIVE",
40}; 40};
41 41
42const char *irlsap_state[] = { 42const char *const irlsap_state[] = {
43 "LSAP_DISCONNECTED", 43 "LSAP_DISCONNECTED",
44 "LSAP_CONNECT", 44 "LSAP_CONNECT",
45 "LSAP_CONNECT_PEND", 45 "LSAP_CONNECT_PEND",
@@ -49,7 +49,7 @@ const char *irlsap_state[] = {
49}; 49};
50 50
51#ifdef CONFIG_IRDA_DEBUG 51#ifdef CONFIG_IRDA_DEBUG
52static const char *irlmp_event[] = { 52static const char *const irlmp_event[] = {
53 "LM_CONNECT_REQUEST", 53 "LM_CONNECT_REQUEST",
54 "LM_CONNECT_CONFIRM", 54 "LM_CONNECT_CONFIRM",
55 "LM_CONNECT_RESPONSE", 55 "LM_CONNECT_RESPONSE",
diff --git a/net/irda/irnetlink.c b/net/irda/irnetlink.c
index 8dd7ed7e7c1f..476b307bd801 100644
--- a/net/irda/irnetlink.c
+++ b/net/irda/irnetlink.c
@@ -115,7 +115,7 @@ static int irda_nl_get_mode(struct sk_buff *skb, struct genl_info *info)
115 115
116 genlmsg_end(msg, hdr); 116 genlmsg_end(msg, hdr);
117 117
118 return genlmsg_unicast(msg, info->snd_pid); 118 return genlmsg_reply(msg, info);
119 119
120 err_out: 120 err_out:
121 nlmsg_free(msg); 121 nlmsg_free(msg);
diff --git a/net/lapb/lapb_iface.c b/net/lapb/lapb_iface.c
index 2ba1bc4f3c3a..bda96d18fd98 100644
--- a/net/lapb/lapb_iface.c
+++ b/net/lapb/lapb_iface.c
@@ -407,7 +407,7 @@ int lapb_data_indication(struct lapb_cb *lapb, struct sk_buff *skb)
407 return lapb->callbacks.data_indication(lapb->dev, skb); 407 return lapb->callbacks.data_indication(lapb->dev, skb);
408 408
409 kfree_skb(skb); 409 kfree_skb(skb);
410 return NET_RX_CN_HIGH; /* For now; must be != NET_RX_DROP */ 410 return NET_RX_SUCCESS; /* For now; must be != NET_RX_DROP */
411} 411}
412 412
413int lapb_data_transmit(struct lapb_cb *lapb, struct sk_buff *skb) 413int lapb_data_transmit(struct lapb_cb *lapb, struct sk_buff *skb)
diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c
index f97be471fe2e..be47ac427f6b 100644
--- a/net/llc/llc_proc.c
+++ b/net/llc/llc_proc.c
@@ -143,7 +143,7 @@ out:
143 return 0; 143 return 0;
144} 144}
145 145
146static char *llc_conn_state_names[] = { 146static const char *const llc_conn_state_names[] = {
147 [LLC_CONN_STATE_ADM] = "adm", 147 [LLC_CONN_STATE_ADM] = "adm",
148 [LLC_CONN_STATE_SETUP] = "setup", 148 [LLC_CONN_STATE_SETUP] = "setup",
149 [LLC_CONN_STATE_NORMAL] = "normal", 149 [LLC_CONN_STATE_NORMAL] = "normal",
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index 7836ee928983..9db4ff836a3d 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -6,7 +6,6 @@ config MAC80211
6 select CRYPTO_ARC4 6 select CRYPTO_ARC4
7 select CRYPTO_AES 7 select CRYPTO_AES
8 select CRC32 8 select CRC32
9 select WIRELESS_EXT
10 ---help--- 9 ---help---
11 This option enables the hardware independent IEEE 802.11 10 This option enables the hardware independent IEEE 802.11
12 networking stack. 11 networking stack.
@@ -14,22 +13,6 @@ config MAC80211
14comment "CFG80211 needs to be enabled for MAC80211" 13comment "CFG80211 needs to be enabled for MAC80211"
15 depends on CFG80211=n 14 depends on CFG80211=n
16 15
17config MAC80211_DEFAULT_PS
18 bool "enable powersave by default"
19 depends on MAC80211
20 default y
21 help
22 This option enables powersave mode by default.
23
24 If this causes your applications to misbehave you should fix your
25 applications instead -- they need to register their network
26 latency requirement, see Documentation/power/pm_qos_interface.txt.
27
28config MAC80211_DEFAULT_PS_VALUE
29 int
30 default 1 if MAC80211_DEFAULT_PS
31 default 0
32
33menu "Rate control algorithm selection" 16menu "Rate control algorithm selection"
34 depends on MAC80211 != n 17 depends on MAC80211 != n
35 18
@@ -83,12 +66,12 @@ endmenu
83config MAC80211_MESH 66config MAC80211_MESH
84 bool "Enable mac80211 mesh networking (pre-802.11s) support" 67 bool "Enable mac80211 mesh networking (pre-802.11s) support"
85 depends on MAC80211 && EXPERIMENTAL 68 depends on MAC80211 && EXPERIMENTAL
86 depends on BROKEN
87 ---help--- 69 ---help---
88 This options enables support of Draft 802.11s mesh networking. 70 This options enables support of Draft 802.11s mesh networking.
89 The implementation is based on Draft 1.08 of the Mesh Networking 71 The implementation is based on Draft 2.08 of the Mesh Networking
90 amendment. For more information visit http://o11s.org/. 72 amendment. However, no compliance with that draft is claimed or even
91 73 possible, as drafts leave a number of identifiers to be defined after
74 ratification. For more information visit http://o11s.org/.
92 75
93config MAC80211_LEDS 76config MAC80211_LEDS
94 bool "Enable LED triggers" 77 bool "Enable LED triggers"
@@ -222,3 +205,15 @@ config MAC80211_DEBUG_COUNTERS
222 and show them in debugfs. 205 and show them in debugfs.
223 206
224 If unsure, say N. 207 If unsure, say N.
208
209config MAC80211_DRIVER_API_TRACER
210 bool "Driver API tracer"
211 depends on MAC80211_DEBUG_MENU
212 depends on EVENT_TRACING
213 help
214 Say Y here to make mac80211 register with the ftrace
215 framework for the driver API -- you can see which
216 driver methods it is calling then by looking at the
217 trace.
218
219 If unsure, say N.
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index 0e3ab88bb706..9f3cf7129324 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -3,7 +3,6 @@ obj-$(CONFIG_MAC80211) += mac80211.o
3# mac80211 objects 3# mac80211 objects
4mac80211-y := \ 4mac80211-y := \
5 main.o \ 5 main.o \
6 wext.o \
7 sta_info.o \ 6 sta_info.o \
8 wep.o \ 7 wep.o \
9 wpa.o \ 8 wpa.o \
@@ -41,6 +40,9 @@ mac80211-$(CONFIG_MAC80211_MESH) += \
41 40
42mac80211-$(CONFIG_PM) += pm.o 41mac80211-$(CONFIG_PM) += pm.o
43 42
43mac80211-$(CONFIG_MAC80211_DRIVER_API_TRACER) += driver-trace.o
44CFLAGS_driver-trace.o := -I$(src)
45
44# objects for PID algorithm 46# objects for PID algorithm
45rc80211_pid-y := rc80211_pid_algo.o 47rc80211_pid-y := rc80211_pid_algo.o
46rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o 48rc80211_pid-$(CONFIG_MAC80211_DEBUGFS) += rc80211_pid_debugfs.o
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c
index a24e59816b93..bd765f30dba2 100644
--- a/net/mac80211/agg-tx.c
+++ b/net/mac80211/agg-tx.c
@@ -391,9 +391,6 @@ static void ieee80211_agg_splice_packets(struct ieee80211_local *local,
391 391
392 if (!skb_queue_empty(&sta->ampdu_mlme.tid_tx[tid]->pending)) { 392 if (!skb_queue_empty(&sta->ampdu_mlme.tid_tx[tid]->pending)) {
393 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 393 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
394 /* mark queue as pending, it is stopped already */
395 __set_bit(IEEE80211_QUEUE_STOP_REASON_PENDING,
396 &local->queue_stop_reasons[queue]);
397 /* copy over remaining packets */ 394 /* copy over remaining packets */
398 skb_queue_splice_tail_init( 395 skb_queue_splice_tail_init(
399 &sta->ampdu_mlme.tid_tx[tid]->pending, 396 &sta->ampdu_mlme.tid_tx[tid]->pending,
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 3f47276caeb8..5608f6c68413 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -57,36 +57,21 @@ static int ieee80211_add_iface(struct wiphy *wiphy, char *name,
57 return 0; 57 return 0;
58} 58}
59 59
60static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex) 60static int ieee80211_del_iface(struct wiphy *wiphy, struct net_device *dev)
61{ 61{
62 struct net_device *dev; 62 ieee80211_if_remove(IEEE80211_DEV_TO_SUB_IF(dev));
63 struct ieee80211_sub_if_data *sdata;
64
65 /* we're under RTNL */
66 dev = __dev_get_by_index(&init_net, ifindex);
67 if (!dev)
68 return -ENODEV;
69
70 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
71
72 ieee80211_if_remove(sdata);
73 63
74 return 0; 64 return 0;
75} 65}
76 66
77static int ieee80211_change_iface(struct wiphy *wiphy, int ifindex, 67static int ieee80211_change_iface(struct wiphy *wiphy,
68 struct net_device *dev,
78 enum nl80211_iftype type, u32 *flags, 69 enum nl80211_iftype type, u32 *flags,
79 struct vif_params *params) 70 struct vif_params *params)
80{ 71{
81 struct net_device *dev;
82 struct ieee80211_sub_if_data *sdata; 72 struct ieee80211_sub_if_data *sdata;
83 int ret; 73 int ret;
84 74
85 /* we're under RTNL */
86 dev = __dev_get_by_index(&init_net, ifindex);
87 if (!dev)
88 return -ENODEV;
89
90 if (!nl80211_type_check(type)) 75 if (!nl80211_type_check(type))
91 return -EINVAL; 76 return -EINVAL;
92 77
@@ -338,6 +323,8 @@ static void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
338{ 323{
339 struct ieee80211_sub_if_data *sdata = sta->sdata; 324 struct ieee80211_sub_if_data *sdata = sta->sdata;
340 325
326 sinfo->generation = sdata->local->sta_generation;
327
341 sinfo->filled = STATION_INFO_INACTIVE_TIME | 328 sinfo->filled = STATION_INFO_INACTIVE_TIME |
342 STATION_INFO_RX_BYTES | 329 STATION_INFO_RX_BYTES |
343 STATION_INFO_TX_BYTES | 330 STATION_INFO_TX_BYTES |
@@ -924,6 +911,8 @@ static void mpath_set_pinfo(struct mesh_path *mpath, u8 *next_hop,
924 else 911 else
925 memset(next_hop, 0, ETH_ALEN); 912 memset(next_hop, 0, ETH_ALEN);
926 913
914 pinfo->generation = mesh_paths_generation;
915
927 pinfo->filled = MPATH_INFO_FRAME_QLEN | 916 pinfo->filled = MPATH_INFO_FRAME_QLEN |
928 MPATH_INFO_DSN | 917 MPATH_INFO_DSN |
929 MPATH_INFO_METRIC | 918 MPATH_INFO_METRIC |
@@ -1177,123 +1166,29 @@ static int ieee80211_scan(struct wiphy *wiphy,
1177static int ieee80211_auth(struct wiphy *wiphy, struct net_device *dev, 1166static int ieee80211_auth(struct wiphy *wiphy, struct net_device *dev,
1178 struct cfg80211_auth_request *req) 1167 struct cfg80211_auth_request *req)
1179{ 1168{
1180 struct ieee80211_sub_if_data *sdata; 1169 return ieee80211_mgd_auth(IEEE80211_DEV_TO_SUB_IF(dev), req);
1181
1182 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1183
1184 switch (req->auth_type) {
1185 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1186 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_OPEN;
1187 break;
1188 case NL80211_AUTHTYPE_SHARED_KEY:
1189 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_SHARED_KEY;
1190 break;
1191 case NL80211_AUTHTYPE_FT:
1192 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_FT;
1193 break;
1194 case NL80211_AUTHTYPE_NETWORK_EAP:
1195 sdata->u.mgd.auth_algs = IEEE80211_AUTH_ALG_LEAP;
1196 break;
1197 default:
1198 return -EOPNOTSUPP;
1199 }
1200
1201 memcpy(sdata->u.mgd.bssid, req->peer_addr, ETH_ALEN);
1202 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
1203 sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
1204
1205 /* TODO: req->chan */
1206 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_CHANNEL_SEL;
1207
1208 if (req->ssid) {
1209 sdata->u.mgd.flags |= IEEE80211_STA_SSID_SET;
1210 memcpy(sdata->u.mgd.ssid, req->ssid, req->ssid_len);
1211 sdata->u.mgd.ssid_len = req->ssid_len;
1212 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
1213 }
1214
1215 kfree(sdata->u.mgd.sme_auth_ie);
1216 sdata->u.mgd.sme_auth_ie = NULL;
1217 sdata->u.mgd.sme_auth_ie_len = 0;
1218 if (req->ie) {
1219 sdata->u.mgd.sme_auth_ie = kmalloc(req->ie_len, GFP_KERNEL);
1220 if (sdata->u.mgd.sme_auth_ie == NULL)
1221 return -ENOMEM;
1222 memcpy(sdata->u.mgd.sme_auth_ie, req->ie, req->ie_len);
1223 sdata->u.mgd.sme_auth_ie_len = req->ie_len;
1224 }
1225
1226 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
1227 sdata->u.mgd.state = IEEE80211_STA_MLME_DIRECT_PROBE;
1228 ieee80211_sta_req_auth(sdata);
1229 return 0;
1230} 1170}
1231 1171
1232static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev, 1172static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev,
1233 struct cfg80211_assoc_request *req) 1173 struct cfg80211_assoc_request *req)
1234{ 1174{
1235 struct ieee80211_sub_if_data *sdata; 1175 return ieee80211_mgd_assoc(IEEE80211_DEV_TO_SUB_IF(dev), req);
1236 int ret;
1237
1238 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1239
1240 if (memcmp(sdata->u.mgd.bssid, req->peer_addr, ETH_ALEN) != 0 ||
1241 !(sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED))
1242 return -ENOLINK; /* not authenticated */
1243
1244 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
1245 sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
1246
1247 /* TODO: req->chan */
1248 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_CHANNEL_SEL;
1249
1250 if (req->ssid) {
1251 sdata->u.mgd.flags |= IEEE80211_STA_SSID_SET;
1252 memcpy(sdata->u.mgd.ssid, req->ssid, req->ssid_len);
1253 sdata->u.mgd.ssid_len = req->ssid_len;
1254 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
1255 } else
1256 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
1257
1258 ret = ieee80211_sta_set_extra_ie(sdata, req->ie, req->ie_len);
1259 if (ret && ret != -EALREADY)
1260 return ret;
1261
1262 if (req->use_mfp) {
1263 sdata->u.mgd.mfp = IEEE80211_MFP_REQUIRED;
1264 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED;
1265 } else {
1266 sdata->u.mgd.mfp = IEEE80211_MFP_DISABLED;
1267 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED;
1268 }
1269
1270 if (req->control_port)
1271 sdata->u.mgd.flags |= IEEE80211_STA_CONTROL_PORT;
1272 else
1273 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
1274
1275 sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
1276 sdata->u.mgd.state = IEEE80211_STA_MLME_ASSOCIATE;
1277 ieee80211_sta_req_auth(sdata);
1278 return 0;
1279} 1176}
1280 1177
1281static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev, 1178static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev,
1282 struct cfg80211_deauth_request *req) 1179 struct cfg80211_deauth_request *req,
1180 void *cookie)
1283{ 1181{
1284 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1182 return ieee80211_mgd_deauth(IEEE80211_DEV_TO_SUB_IF(dev),
1285 1183 req, cookie);
1286 /* TODO: req->ie, req->peer_addr */
1287 return ieee80211_sta_deauthenticate(sdata, req->reason_code);
1288} 1184}
1289 1185
1290static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev, 1186static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev,
1291 struct cfg80211_disassoc_request *req) 1187 struct cfg80211_disassoc_request *req,
1188 void *cookie)
1292{ 1189{
1293 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1190 return ieee80211_mgd_disassoc(IEEE80211_DEV_TO_SUB_IF(dev),
1294 1191 req, cookie);
1295 /* TODO: req->ie, req->peer_addr */
1296 return ieee80211_sta_disassociate(sdata, req->reason_code);
1297} 1192}
1298 1193
1299static int ieee80211_join_ibss(struct wiphy *wiphy, struct net_device *dev, 1194static int ieee80211_join_ibss(struct wiphy *wiphy, struct net_device *dev,
@@ -1374,6 +1269,16 @@ static int ieee80211_get_tx_power(struct wiphy *wiphy, int *dbm)
1374 return 0; 1269 return 0;
1375} 1270}
1376 1271
1272static int ieee80211_set_wds_peer(struct wiphy *wiphy, struct net_device *dev,
1273 u8 *addr)
1274{
1275 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1276
1277 memcpy(&sdata->u.wds.remote_addr, addr, ETH_ALEN);
1278
1279 return 0;
1280}
1281
1377static void ieee80211_rfkill_poll(struct wiphy *wiphy) 1282static void ieee80211_rfkill_poll(struct wiphy *wiphy)
1378{ 1283{
1379 struct ieee80211_local *local = wiphy_priv(wiphy); 1284 struct ieee80211_local *local = wiphy_priv(wiphy);
@@ -1381,6 +1286,85 @@ static void ieee80211_rfkill_poll(struct wiphy *wiphy)
1381 drv_rfkill_poll(local); 1286 drv_rfkill_poll(local);
1382} 1287}
1383 1288
1289#ifdef CONFIG_NL80211_TESTMODE
1290static int ieee80211_testmode_cmd(struct wiphy *wiphy, void *data, int len)
1291{
1292 struct ieee80211_local *local = wiphy_priv(wiphy);
1293
1294 if (!local->ops->testmode_cmd)
1295 return -EOPNOTSUPP;
1296
1297 return local->ops->testmode_cmd(&local->hw, data, len);
1298}
1299#endif
1300
1301static int ieee80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
1302 bool enabled, int timeout)
1303{
1304 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1305 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1306 struct ieee80211_conf *conf = &local->hw.conf;
1307
1308 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
1309 return -EOPNOTSUPP;
1310
1311 if (enabled == sdata->u.mgd.powersave &&
1312 timeout == conf->dynamic_ps_timeout)
1313 return 0;
1314
1315 sdata->u.mgd.powersave = enabled;
1316 conf->dynamic_ps_timeout = timeout;
1317
1318 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
1319 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
1320
1321 ieee80211_recalc_ps(local, -1);
1322
1323 return 0;
1324}
1325
1326static int ieee80211_set_bitrate_mask(struct wiphy *wiphy,
1327 struct net_device *dev,
1328 const u8 *addr,
1329 const struct cfg80211_bitrate_mask *mask)
1330{
1331 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1332 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1333 int i, err = -EINVAL;
1334 u32 target_rate;
1335 struct ieee80211_supported_band *sband;
1336
1337 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1338
1339 /* target_rate = -1, rate->fixed = 0 means auto only, so use all rates
1340 * target_rate = X, rate->fixed = 1 means only rate X
1341 * target_rate = X, rate->fixed = 0 means all rates <= X */
1342 sdata->max_ratectrl_rateidx = -1;
1343 sdata->force_unicast_rateidx = -1;
1344
1345 if (mask->fixed)
1346 target_rate = mask->fixed / 100;
1347 else if (mask->maxrate)
1348 target_rate = mask->maxrate / 100;
1349 else
1350 return 0;
1351
1352 for (i=0; i< sband->n_bitrates; i++) {
1353 struct ieee80211_rate *brate = &sband->bitrates[i];
1354 int this_rate = brate->bitrate;
1355
1356 if (target_rate == this_rate) {
1357 sdata->max_ratectrl_rateidx = i;
1358 if (mask->fixed)
1359 sdata->force_unicast_rateidx = i;
1360 err = 0;
1361 break;
1362 }
1363 }
1364
1365 return err;
1366}
1367
1384struct cfg80211_ops mac80211_config_ops = { 1368struct cfg80211_ops mac80211_config_ops = {
1385 .add_virtual_intf = ieee80211_add_iface, 1369 .add_virtual_intf = ieee80211_add_iface,
1386 .del_virtual_intf = ieee80211_del_iface, 1370 .del_virtual_intf = ieee80211_del_iface,
@@ -1422,5 +1406,9 @@ struct cfg80211_ops mac80211_config_ops = {
1422 .set_wiphy_params = ieee80211_set_wiphy_params, 1406 .set_wiphy_params = ieee80211_set_wiphy_params,
1423 .set_tx_power = ieee80211_set_tx_power, 1407 .set_tx_power = ieee80211_set_tx_power,
1424 .get_tx_power = ieee80211_get_tx_power, 1408 .get_tx_power = ieee80211_get_tx_power,
1409 .set_wds_peer = ieee80211_set_wds_peer,
1425 .rfkill_poll = ieee80211_rfkill_poll, 1410 .rfkill_poll = ieee80211_rfkill_poll,
1411 CFG80211_TESTMODE_CMD(ieee80211_testmode_cmd)
1412 .set_power_mgmt = ieee80211_set_power_mgmt,
1413 .set_bitrate_mask = ieee80211_set_bitrate_mask,
1426}; 1414};
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index 6c439cd5ccea..96991b68f048 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -175,7 +175,7 @@ static ssize_t queues_read(struct file *file, char __user *user_buf,
175 for (q = 0; q < local->hw.queues; q++) 175 for (q = 0; q < local->hw.queues; q++)
176 res += sprintf(buf + res, "%02d: %#.8lx/%d\n", q, 176 res += sprintf(buf + res, "%02d: %#.8lx/%d\n", q,
177 local->queue_stop_reasons[q], 177 local->queue_stop_reasons[q],
178 __netif_subqueue_stopped(local->mdev, q)); 178 skb_queue_len(&local->pending[q]));
179 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 179 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
180 180
181 return simple_read_from_buffer(user_buf, count, ppos, buf, res); 181 return simple_read_from_buffer(user_buf, count, ppos, buf, res);
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index e3420329f4e6..e9ec6cae2d39 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -95,33 +95,9 @@ IEEE80211_IF_FILE(force_unicast_rateidx, force_unicast_rateidx, DEC);
95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC); 95IEEE80211_IF_FILE(max_ratectrl_rateidx, max_ratectrl_rateidx, DEC);
96 96
97/* STA attributes */ 97/* STA attributes */
98IEEE80211_IF_FILE(state, u.mgd.state, DEC);
99IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC); 98IEEE80211_IF_FILE(bssid, u.mgd.bssid, MAC);
100IEEE80211_IF_FILE(prev_bssid, u.mgd.prev_bssid, MAC);
101IEEE80211_IF_FILE(ssid_len, u.mgd.ssid_len, SIZE);
102IEEE80211_IF_FILE(aid, u.mgd.aid, DEC); 99IEEE80211_IF_FILE(aid, u.mgd.aid, DEC);
103IEEE80211_IF_FILE(ap_capab, u.mgd.ap_capab, HEX);
104IEEE80211_IF_FILE(capab, u.mgd.capab, HEX); 100IEEE80211_IF_FILE(capab, u.mgd.capab, HEX);
105IEEE80211_IF_FILE(extra_ie_len, u.mgd.extra_ie_len, SIZE);
106IEEE80211_IF_FILE(auth_tries, u.mgd.auth_tries, DEC);
107IEEE80211_IF_FILE(assoc_tries, u.mgd.assoc_tries, DEC);
108IEEE80211_IF_FILE(auth_algs, u.mgd.auth_algs, HEX);
109IEEE80211_IF_FILE(auth_alg, u.mgd.auth_alg, DEC);
110IEEE80211_IF_FILE(auth_transaction, u.mgd.auth_transaction, DEC);
111
112static ssize_t ieee80211_if_fmt_flags(
113 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
114{
115 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n",
116 sdata->u.mgd.flags & IEEE80211_STA_SSID_SET ? "SSID\n" : "",
117 sdata->u.mgd.flags & IEEE80211_STA_BSSID_SET ? "BSSID\n" : "",
118 sdata->u.mgd.flags & IEEE80211_STA_PREV_BSSID_SET ? "prev BSSID\n" : "",
119 sdata->u.mgd.flags & IEEE80211_STA_AUTHENTICATED ? "AUTH\n" : "",
120 sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED ? "ASSOC\n" : "",
121 sdata->u.mgd.flags & IEEE80211_STA_PROBEREQ_POLL ? "PROBEREQ POLL\n" : "",
122 sdata->vif.bss_conf.use_cts_prot ? "CTS prot\n" : "");
123}
124__IEEE80211_IF_FILE(flags);
125 101
126/* AP attributes */ 102/* AP attributes */
127IEEE80211_IF_FILE(num_sta_ps, u.ap.num_sta_ps, ATOMIC); 103IEEE80211_IF_FILE(num_sta_ps, u.ap.num_sta_ps, ATOMIC);
@@ -184,20 +160,9 @@ static void add_sta_files(struct ieee80211_sub_if_data *sdata)
184 DEBUGFS_ADD(force_unicast_rateidx, sta); 160 DEBUGFS_ADD(force_unicast_rateidx, sta);
185 DEBUGFS_ADD(max_ratectrl_rateidx, sta); 161 DEBUGFS_ADD(max_ratectrl_rateidx, sta);
186 162
187 DEBUGFS_ADD(state, sta);
188 DEBUGFS_ADD(bssid, sta); 163 DEBUGFS_ADD(bssid, sta);
189 DEBUGFS_ADD(prev_bssid, sta);
190 DEBUGFS_ADD(ssid_len, sta);
191 DEBUGFS_ADD(aid, sta); 164 DEBUGFS_ADD(aid, sta);
192 DEBUGFS_ADD(ap_capab, sta);
193 DEBUGFS_ADD(capab, sta); 165 DEBUGFS_ADD(capab, sta);
194 DEBUGFS_ADD(extra_ie_len, sta);
195 DEBUGFS_ADD(auth_tries, sta);
196 DEBUGFS_ADD(assoc_tries, sta);
197 DEBUGFS_ADD(auth_algs, sta);
198 DEBUGFS_ADD(auth_alg, sta);
199 DEBUGFS_ADD(auth_transaction, sta);
200 DEBUGFS_ADD(flags, sta);
201} 166}
202 167
203static void add_ap_files(struct ieee80211_sub_if_data *sdata) 168static void add_ap_files(struct ieee80211_sub_if_data *sdata)
@@ -317,20 +282,9 @@ static void del_sta_files(struct ieee80211_sub_if_data *sdata)
317 DEBUGFS_DEL(force_unicast_rateidx, sta); 282 DEBUGFS_DEL(force_unicast_rateidx, sta);
318 DEBUGFS_DEL(max_ratectrl_rateidx, sta); 283 DEBUGFS_DEL(max_ratectrl_rateidx, sta);
319 284
320 DEBUGFS_DEL(state, sta);
321 DEBUGFS_DEL(bssid, sta); 285 DEBUGFS_DEL(bssid, sta);
322 DEBUGFS_DEL(prev_bssid, sta);
323 DEBUGFS_DEL(ssid_len, sta);
324 DEBUGFS_DEL(aid, sta); 286 DEBUGFS_DEL(aid, sta);
325 DEBUGFS_DEL(ap_capab, sta);
326 DEBUGFS_DEL(capab, sta); 287 DEBUGFS_DEL(capab, sta);
327 DEBUGFS_DEL(extra_ie_len, sta);
328 DEBUGFS_DEL(auth_tries, sta);
329 DEBUGFS_DEL(assoc_tries, sta);
330 DEBUGFS_DEL(auth_algs, sta);
331 DEBUGFS_DEL(auth_alg, sta);
332 DEBUGFS_DEL(auth_transaction, sta);
333 DEBUGFS_DEL(flags, sta);
334} 288}
335 289
336static void del_ap_files(struct ieee80211_sub_if_data *sdata) 290static void del_ap_files(struct ieee80211_sub_if_data *sdata)
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index 90230c718b5b..33a2e892115b 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -120,45 +120,38 @@ STA_OPS(last_seq_ctrl);
120static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf, 120static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf,
121 size_t count, loff_t *ppos) 121 size_t count, loff_t *ppos)
122{ 122{
123 char buf[768], *p = buf; 123 char buf[30 + STA_TID_NUM * 70], *p = buf;
124 int i; 124 int i;
125 struct sta_info *sta = file->private_data; 125 struct sta_info *sta = file->private_data;
126 p += scnprintf(p, sizeof(buf)+buf-p, "Agg state for STA is:\n");
127 p += scnprintf(p, sizeof(buf)+buf-p, " STA next dialog_token is %d \n "
128 "TIDs info is: \n TID :",
129 (sta->ampdu_mlme.dialog_token_allocator + 1));
130 for (i = 0; i < STA_TID_NUM; i++)
131 p += scnprintf(p, sizeof(buf)+buf-p, "%5d", i);
132
133 p += scnprintf(p, sizeof(buf)+buf-p, "\n RX :");
134 for (i = 0; i < STA_TID_NUM; i++)
135 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
136 sta->ampdu_mlme.tid_state_rx[i]);
137
138 p += scnprintf(p, sizeof(buf)+buf-p, "\n DTKN:");
139 for (i = 0; i < STA_TID_NUM; i++)
140 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
141 sta->ampdu_mlme.tid_state_rx[i] ?
142 sta->ampdu_mlme.tid_rx[i]->dialog_token : 0);
143
144 p += scnprintf(p, sizeof(buf)+buf-p, "\n TX :");
145 for (i = 0; i < STA_TID_NUM; i++)
146 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
147 sta->ampdu_mlme.tid_state_tx[i]);
148
149 p += scnprintf(p, sizeof(buf)+buf-p, "\n DTKN:");
150 for (i = 0; i < STA_TID_NUM; i++)
151 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
152 sta->ampdu_mlme.tid_state_tx[i] ?
153 sta->ampdu_mlme.tid_tx[i]->dialog_token : 0);
154
155 p += scnprintf(p, sizeof(buf)+buf-p, "\n SSN :");
156 for (i = 0; i < STA_TID_NUM; i++)
157 p += scnprintf(p, sizeof(buf)+buf-p, "%5d",
158 sta->ampdu_mlme.tid_state_tx[i] ?
159 sta->ampdu_mlme.tid_tx[i]->ssn : 0);
160 126
161 p += scnprintf(p, sizeof(buf)+buf-p, "\n"); 127 spin_lock_bh(&sta->lock);
128 p += scnprintf(p, sizeof(buf)+buf-p, "next dialog_token is %#02x\n",
129 sta->ampdu_mlme.dialog_token_allocator + 1);
130 for (i = 0; i < STA_TID_NUM; i++) {
131 p += scnprintf(p, sizeof(buf)+buf-p, "TID %02d:", i);
132 p += scnprintf(p, sizeof(buf)+buf-p, " RX=%x",
133 sta->ampdu_mlme.tid_state_rx[i]);
134 p += scnprintf(p, sizeof(buf)+buf-p, "/DTKN=%#.2x",
135 sta->ampdu_mlme.tid_state_rx[i] ?
136 sta->ampdu_mlme.tid_rx[i]->dialog_token : 0);
137 p += scnprintf(p, sizeof(buf)+buf-p, "/SSN=%#.3x",
138 sta->ampdu_mlme.tid_state_rx[i] ?
139 sta->ampdu_mlme.tid_rx[i]->ssn : 0);
140
141 p += scnprintf(p, sizeof(buf)+buf-p, " TX=%x",
142 sta->ampdu_mlme.tid_state_tx[i]);
143 p += scnprintf(p, sizeof(buf)+buf-p, "/DTKN=%#.2x",
144 sta->ampdu_mlme.tid_state_tx[i] ?
145 sta->ampdu_mlme.tid_tx[i]->dialog_token : 0);
146 p += scnprintf(p, sizeof(buf)+buf-p, "/SSN=%#.3x",
147 sta->ampdu_mlme.tid_state_tx[i] ?
148 sta->ampdu_mlme.tid_tx[i]->ssn : 0);
149 p += scnprintf(p, sizeof(buf)+buf-p, "/pending=%03d",
150 sta->ampdu_mlme.tid_state_tx[i] ?
151 skb_queue_len(&sta->ampdu_mlme.tid_tx[i]->pending) : 0);
152 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
153 }
154 spin_unlock_bh(&sta->lock);
162 155
163 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); 156 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
164} 157}
@@ -203,6 +196,22 @@ void ieee80211_sta_debugfs_add(struct sta_info *sta)
203 DEBUGFS_ADD(inactive_ms); 196 DEBUGFS_ADD(inactive_ms);
204 DEBUGFS_ADD(last_seq_ctrl); 197 DEBUGFS_ADD(last_seq_ctrl);
205 DEBUGFS_ADD(agg_status); 198 DEBUGFS_ADD(agg_status);
199 DEBUGFS_ADD(dev);
200 DEBUGFS_ADD(rx_packets);
201 DEBUGFS_ADD(tx_packets);
202 DEBUGFS_ADD(rx_bytes);
203 DEBUGFS_ADD(tx_bytes);
204 DEBUGFS_ADD(rx_duplicates);
205 DEBUGFS_ADD(rx_fragments);
206 DEBUGFS_ADD(rx_dropped);
207 DEBUGFS_ADD(tx_fragments);
208 DEBUGFS_ADD(tx_filtered);
209 DEBUGFS_ADD(tx_retry_failed);
210 DEBUGFS_ADD(tx_retry_count);
211 DEBUGFS_ADD(last_signal);
212 DEBUGFS_ADD(last_qual);
213 DEBUGFS_ADD(last_noise);
214 DEBUGFS_ADD(wep_weak_iv_count);
206} 215}
207 216
208void ieee80211_sta_debugfs_remove(struct sta_info *sta) 217void ieee80211_sta_debugfs_remove(struct sta_info *sta)
@@ -212,6 +221,23 @@ void ieee80211_sta_debugfs_remove(struct sta_info *sta)
212 DEBUGFS_DEL(inactive_ms); 221 DEBUGFS_DEL(inactive_ms);
213 DEBUGFS_DEL(last_seq_ctrl); 222 DEBUGFS_DEL(last_seq_ctrl);
214 DEBUGFS_DEL(agg_status); 223 DEBUGFS_DEL(agg_status);
224 DEBUGFS_DEL(aid);
225 DEBUGFS_DEL(dev);
226 DEBUGFS_DEL(rx_packets);
227 DEBUGFS_DEL(tx_packets);
228 DEBUGFS_DEL(rx_bytes);
229 DEBUGFS_DEL(tx_bytes);
230 DEBUGFS_DEL(rx_duplicates);
231 DEBUGFS_DEL(rx_fragments);
232 DEBUGFS_DEL(rx_dropped);
233 DEBUGFS_DEL(tx_fragments);
234 DEBUGFS_DEL(tx_filtered);
235 DEBUGFS_DEL(tx_retry_failed);
236 DEBUGFS_DEL(tx_retry_count);
237 DEBUGFS_DEL(last_signal);
238 DEBUGFS_DEL(last_qual);
239 DEBUGFS_DEL(last_noise);
240 DEBUGFS_DEL(wep_weak_iv_count);
215 241
216 debugfs_remove(sta->debugfs.dir); 242 debugfs_remove(sta->debugfs.dir);
217 sta->debugfs.dir = NULL; 243 sta->debugfs.dir = NULL;
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index b13446afd48f..4100c361a99d 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -3,6 +3,7 @@
3 3
4#include <net/mac80211.h> 4#include <net/mac80211.h>
5#include "ieee80211_i.h" 5#include "ieee80211_i.h"
6#include "driver-trace.h"
6 7
7static inline int drv_tx(struct ieee80211_local *local, struct sk_buff *skb) 8static inline int drv_tx(struct ieee80211_local *local, struct sk_buff *skb)
8{ 9{
@@ -11,29 +12,37 @@ static inline int drv_tx(struct ieee80211_local *local, struct sk_buff *skb)
11 12
12static inline int drv_start(struct ieee80211_local *local) 13static inline int drv_start(struct ieee80211_local *local)
13{ 14{
14 return local->ops->start(&local->hw); 15 int ret = local->ops->start(&local->hw);
16 trace_drv_start(local, ret);
17 return ret;
15} 18}
16 19
17static inline void drv_stop(struct ieee80211_local *local) 20static inline void drv_stop(struct ieee80211_local *local)
18{ 21{
19 local->ops->stop(&local->hw); 22 local->ops->stop(&local->hw);
23 trace_drv_stop(local);
20} 24}
21 25
22static inline int drv_add_interface(struct ieee80211_local *local, 26static inline int drv_add_interface(struct ieee80211_local *local,
23 struct ieee80211_if_init_conf *conf) 27 struct ieee80211_if_init_conf *conf)
24{ 28{
25 return local->ops->add_interface(&local->hw, conf); 29 int ret = local->ops->add_interface(&local->hw, conf);
30 trace_drv_add_interface(local, conf->mac_addr, conf->vif, ret);
31 return ret;
26} 32}
27 33
28static inline void drv_remove_interface(struct ieee80211_local *local, 34static inline void drv_remove_interface(struct ieee80211_local *local,
29 struct ieee80211_if_init_conf *conf) 35 struct ieee80211_if_init_conf *conf)
30{ 36{
31 local->ops->remove_interface(&local->hw, conf); 37 local->ops->remove_interface(&local->hw, conf);
38 trace_drv_remove_interface(local, conf->mac_addr, conf->vif);
32} 39}
33 40
34static inline int drv_config(struct ieee80211_local *local, u32 changed) 41static inline int drv_config(struct ieee80211_local *local, u32 changed)
35{ 42{
36 return local->ops->config(&local->hw, changed); 43 int ret = local->ops->config(&local->hw, changed);
44 trace_drv_config(local, changed, ret);
45 return ret;
37} 46}
38 47
39static inline void drv_bss_info_changed(struct ieee80211_local *local, 48static inline void drv_bss_info_changed(struct ieee80211_local *local,
@@ -43,6 +52,7 @@ static inline void drv_bss_info_changed(struct ieee80211_local *local,
43{ 52{
44 if (local->ops->bss_info_changed) 53 if (local->ops->bss_info_changed)
45 local->ops->bss_info_changed(&local->hw, vif, info, changed); 54 local->ops->bss_info_changed(&local->hw, vif, info, changed);
55 trace_drv_bss_info_changed(local, vif, info, changed);
46} 56}
47 57
48static inline void drv_configure_filter(struct ieee80211_local *local, 58static inline void drv_configure_filter(struct ieee80211_local *local,
@@ -53,14 +63,18 @@ static inline void drv_configure_filter(struct ieee80211_local *local,
53{ 63{
54 local->ops->configure_filter(&local->hw, changed_flags, total_flags, 64 local->ops->configure_filter(&local->hw, changed_flags, total_flags,
55 mc_count, mc_list); 65 mc_count, mc_list);
66 trace_drv_configure_filter(local, changed_flags, total_flags,
67 mc_count);
56} 68}
57 69
58static inline int drv_set_tim(struct ieee80211_local *local, 70static inline int drv_set_tim(struct ieee80211_local *local,
59 struct ieee80211_sta *sta, bool set) 71 struct ieee80211_sta *sta, bool set)
60{ 72{
73 int ret = 0;
61 if (local->ops->set_tim) 74 if (local->ops->set_tim)
62 return local->ops->set_tim(&local->hw, sta, set); 75 ret = local->ops->set_tim(&local->hw, sta, set);
63 return 0; 76 trace_drv_set_tim(local, sta, set, ret);
77 return ret;
64} 78}
65 79
66static inline int drv_set_key(struct ieee80211_local *local, 80static inline int drv_set_key(struct ieee80211_local *local,
@@ -68,7 +82,9 @@ static inline int drv_set_key(struct ieee80211_local *local,
68 struct ieee80211_sta *sta, 82 struct ieee80211_sta *sta,
69 struct ieee80211_key_conf *key) 83 struct ieee80211_key_conf *key)
70{ 84{
71 return local->ops->set_key(&local->hw, cmd, vif, sta, key); 85 int ret = local->ops->set_key(&local->hw, cmd, vif, sta, key);
86 trace_drv_set_key(local, cmd, vif, sta, key, ret);
87 return ret;
72} 88}
73 89
74static inline void drv_update_tkip_key(struct ieee80211_local *local, 90static inline void drv_update_tkip_key(struct ieee80211_local *local,
@@ -79,32 +95,41 @@ static inline void drv_update_tkip_key(struct ieee80211_local *local,
79 if (local->ops->update_tkip_key) 95 if (local->ops->update_tkip_key)
80 local->ops->update_tkip_key(&local->hw, conf, address, 96 local->ops->update_tkip_key(&local->hw, conf, address,
81 iv32, phase1key); 97 iv32, phase1key);
98 trace_drv_update_tkip_key(local, conf, address, iv32);
82} 99}
83 100
84static inline int drv_hw_scan(struct ieee80211_local *local, 101static inline int drv_hw_scan(struct ieee80211_local *local,
85 struct cfg80211_scan_request *req) 102 struct cfg80211_scan_request *req)
86{ 103{
87 return local->ops->hw_scan(&local->hw, req); 104 int ret = local->ops->hw_scan(&local->hw, req);
105 trace_drv_hw_scan(local, req, ret);
106 return ret;
88} 107}
89 108
90static inline void drv_sw_scan_start(struct ieee80211_local *local) 109static inline void drv_sw_scan_start(struct ieee80211_local *local)
91{ 110{
92 if (local->ops->sw_scan_start) 111 if (local->ops->sw_scan_start)
93 local->ops->sw_scan_start(&local->hw); 112 local->ops->sw_scan_start(&local->hw);
113 trace_drv_sw_scan_start(local);
94} 114}
95 115
96static inline void drv_sw_scan_complete(struct ieee80211_local *local) 116static inline void drv_sw_scan_complete(struct ieee80211_local *local)
97{ 117{
98 if (local->ops->sw_scan_complete) 118 if (local->ops->sw_scan_complete)
99 local->ops->sw_scan_complete(&local->hw); 119 local->ops->sw_scan_complete(&local->hw);
120 trace_drv_sw_scan_complete(local);
100} 121}
101 122
102static inline int drv_get_stats(struct ieee80211_local *local, 123static inline int drv_get_stats(struct ieee80211_local *local,
103 struct ieee80211_low_level_stats *stats) 124 struct ieee80211_low_level_stats *stats)
104{ 125{
105 if (!local->ops->get_stats) 126 int ret = -EOPNOTSUPP;
106 return -EOPNOTSUPP; 127
107 return local->ops->get_stats(&local->hw, stats); 128 if (local->ops->get_stats)
129 ret = local->ops->get_stats(&local->hw, stats);
130 trace_drv_get_stats(local, stats, ret);
131
132 return ret;
108} 133}
109 134
110static inline void drv_get_tkip_seq(struct ieee80211_local *local, 135static inline void drv_get_tkip_seq(struct ieee80211_local *local,
@@ -112,14 +137,17 @@ static inline void drv_get_tkip_seq(struct ieee80211_local *local,
112{ 137{
113 if (local->ops->get_tkip_seq) 138 if (local->ops->get_tkip_seq)
114 local->ops->get_tkip_seq(&local->hw, hw_key_idx, iv32, iv16); 139 local->ops->get_tkip_seq(&local->hw, hw_key_idx, iv32, iv16);
140 trace_drv_get_tkip_seq(local, hw_key_idx, iv32, iv16);
115} 141}
116 142
117static inline int drv_set_rts_threshold(struct ieee80211_local *local, 143static inline int drv_set_rts_threshold(struct ieee80211_local *local,
118 u32 value) 144 u32 value)
119{ 145{
146 int ret = 0;
120 if (local->ops->set_rts_threshold) 147 if (local->ops->set_rts_threshold)
121 return local->ops->set_rts_threshold(&local->hw, value); 148 ret = local->ops->set_rts_threshold(&local->hw, value);
122 return 0; 149 trace_drv_set_rts_threshold(local, value, ret);
150 return ret;
123} 151}
124 152
125static inline void drv_sta_notify(struct ieee80211_local *local, 153static inline void drv_sta_notify(struct ieee80211_local *local,
@@ -129,46 +157,57 @@ static inline void drv_sta_notify(struct ieee80211_local *local,
129{ 157{
130 if (local->ops->sta_notify) 158 if (local->ops->sta_notify)
131 local->ops->sta_notify(&local->hw, vif, cmd, sta); 159 local->ops->sta_notify(&local->hw, vif, cmd, sta);
160 trace_drv_sta_notify(local, vif, cmd, sta);
132} 161}
133 162
134static inline int drv_conf_tx(struct ieee80211_local *local, u16 queue, 163static inline int drv_conf_tx(struct ieee80211_local *local, u16 queue,
135 const struct ieee80211_tx_queue_params *params) 164 const struct ieee80211_tx_queue_params *params)
136{ 165{
166 int ret = -EOPNOTSUPP;
137 if (local->ops->conf_tx) 167 if (local->ops->conf_tx)
138 return local->ops->conf_tx(&local->hw, queue, params); 168 ret = local->ops->conf_tx(&local->hw, queue, params);
139 return -EOPNOTSUPP; 169 trace_drv_conf_tx(local, queue, params, ret);
170 return ret;
140} 171}
141 172
142static inline int drv_get_tx_stats(struct ieee80211_local *local, 173static inline int drv_get_tx_stats(struct ieee80211_local *local,
143 struct ieee80211_tx_queue_stats *stats) 174 struct ieee80211_tx_queue_stats *stats)
144{ 175{
145 return local->ops->get_tx_stats(&local->hw, stats); 176 int ret = local->ops->get_tx_stats(&local->hw, stats);
177 trace_drv_get_tx_stats(local, stats, ret);
178 return ret;
146} 179}
147 180
148static inline u64 drv_get_tsf(struct ieee80211_local *local) 181static inline u64 drv_get_tsf(struct ieee80211_local *local)
149{ 182{
183 u64 ret = -1ULL;
150 if (local->ops->get_tsf) 184 if (local->ops->get_tsf)
151 return local->ops->get_tsf(&local->hw); 185 ret = local->ops->get_tsf(&local->hw);
152 return -1ULL; 186 trace_drv_get_tsf(local, ret);
187 return ret;
153} 188}
154 189
155static inline void drv_set_tsf(struct ieee80211_local *local, u64 tsf) 190static inline void drv_set_tsf(struct ieee80211_local *local, u64 tsf)
156{ 191{
157 if (local->ops->set_tsf) 192 if (local->ops->set_tsf)
158 local->ops->set_tsf(&local->hw, tsf); 193 local->ops->set_tsf(&local->hw, tsf);
194 trace_drv_set_tsf(local, tsf);
159} 195}
160 196
161static inline void drv_reset_tsf(struct ieee80211_local *local) 197static inline void drv_reset_tsf(struct ieee80211_local *local)
162{ 198{
163 if (local->ops->reset_tsf) 199 if (local->ops->reset_tsf)
164 local->ops->reset_tsf(&local->hw); 200 local->ops->reset_tsf(&local->hw);
201 trace_drv_reset_tsf(local);
165} 202}
166 203
167static inline int drv_tx_last_beacon(struct ieee80211_local *local) 204static inline int drv_tx_last_beacon(struct ieee80211_local *local)
168{ 205{
206 int ret = 1;
169 if (local->ops->tx_last_beacon) 207 if (local->ops->tx_last_beacon)
170 return local->ops->tx_last_beacon(&local->hw); 208 ret = local->ops->tx_last_beacon(&local->hw);
171 return 1; 209 trace_drv_tx_last_beacon(local, ret);
210 return ret;
172} 211}
173 212
174static inline int drv_ampdu_action(struct ieee80211_local *local, 213static inline int drv_ampdu_action(struct ieee80211_local *local,
@@ -176,10 +215,12 @@ static inline int drv_ampdu_action(struct ieee80211_local *local,
176 struct ieee80211_sta *sta, u16 tid, 215 struct ieee80211_sta *sta, u16 tid,
177 u16 *ssn) 216 u16 *ssn)
178{ 217{
218 int ret = -EOPNOTSUPP;
179 if (local->ops->ampdu_action) 219 if (local->ops->ampdu_action)
180 return local->ops->ampdu_action(&local->hw, action, 220 ret = local->ops->ampdu_action(&local->hw, action,
181 sta, tid, ssn); 221 sta, tid, ssn);
182 return -EOPNOTSUPP; 222 trace_drv_ampdu_action(local, action, sta, tid, ssn, ret);
223 return ret;
183} 224}
184 225
185 226
diff --git a/net/mac80211/driver-trace.c b/net/mac80211/driver-trace.c
new file mode 100644
index 000000000000..8ed8711b1a6d
--- /dev/null
+++ b/net/mac80211/driver-trace.c
@@ -0,0 +1,9 @@
1/* bug in tracepoint.h, it should include this */
2#include <linux/module.h>
3
4/* sparse isn't too happy with all macros... */
5#ifndef __CHECKER__
6#include "driver-ops.h"
7#define CREATE_TRACE_POINTS
8#include "driver-trace.h"
9#endif
diff --git a/net/mac80211/driver-trace.h b/net/mac80211/driver-trace.h
new file mode 100644
index 000000000000..5a10da2d70fd
--- /dev/null
+++ b/net/mac80211/driver-trace.h
@@ -0,0 +1,648 @@
1#if !defined(__MAC80211_DRIVER_TRACE) || defined(TRACE_HEADER_MULTI_READ)
2#define __MAC80211_DRIVER_TRACE
3
4#include <linux/tracepoint.h>
5#include <net/mac80211.h>
6#include "ieee80211_i.h"
7
8#if !defined(CONFIG_MAC80211_DRIVER_API_TRACER) || defined(__CHECKER__)
9#undef TRACE_EVENT
10#define TRACE_EVENT(name, proto, ...) \
11static inline void trace_ ## name(proto) {}
12#endif
13
14#undef TRACE_SYSTEM
15#define TRACE_SYSTEM mac80211
16
17#define MAXNAME 32
18#define LOCAL_ENTRY __array(char, wiphy_name, 32)
19#define LOCAL_ASSIGN strlcpy(__entry->wiphy_name, wiphy_name(local->hw.wiphy), MAXNAME)
20#define LOCAL_PR_FMT "%s"
21#define LOCAL_PR_ARG __entry->wiphy_name
22
23#define STA_ENTRY __array(char, sta_addr, ETH_ALEN)
24#define STA_ASSIGN (sta ? memcpy(__entry->sta_addr, sta->addr, ETH_ALEN) : memset(__entry->sta_addr, 0, ETH_ALEN))
25#define STA_PR_FMT " sta:%pM"
26#define STA_PR_ARG __entry->sta_addr
27
28#define VIF_ENTRY __field(enum nl80211_iftype, vif_type) __field(void *, vif)
29#define VIF_ASSIGN __entry->vif_type = vif ? vif->type : 0; __entry->vif = vif
30#define VIF_PR_FMT " vif:%p(%d)"
31#define VIF_PR_ARG __entry->vif, __entry->vif_type
32
33TRACE_EVENT(drv_start,
34 TP_PROTO(struct ieee80211_local *local, int ret),
35
36 TP_ARGS(local, ret),
37
38 TP_STRUCT__entry(
39 LOCAL_ENTRY
40 __field(int, ret)
41 ),
42
43 TP_fast_assign(
44 LOCAL_ASSIGN;
45 __entry->ret = ret;
46 ),
47
48 TP_printk(
49 LOCAL_PR_FMT, LOCAL_PR_ARG
50 )
51);
52
53TRACE_EVENT(drv_stop,
54 TP_PROTO(struct ieee80211_local *local),
55
56 TP_ARGS(local),
57
58 TP_STRUCT__entry(
59 LOCAL_ENTRY
60 ),
61
62 TP_fast_assign(
63 LOCAL_ASSIGN;
64 ),
65
66 TP_printk(
67 LOCAL_PR_FMT, LOCAL_PR_ARG
68 )
69);
70
71TRACE_EVENT(drv_add_interface,
72 TP_PROTO(struct ieee80211_local *local,
73 const u8 *addr,
74 struct ieee80211_vif *vif,
75 int ret),
76
77 TP_ARGS(local, addr, vif, ret),
78
79 TP_STRUCT__entry(
80 LOCAL_ENTRY
81 VIF_ENTRY
82 __array(char, addr, 6)
83 __field(int, ret)
84 ),
85
86 TP_fast_assign(
87 LOCAL_ASSIGN;
88 VIF_ASSIGN;
89 memcpy(__entry->addr, addr, 6);
90 __entry->ret = ret;
91 ),
92
93 TP_printk(
94 LOCAL_PR_FMT VIF_PR_FMT " addr:%pM ret:%d",
95 LOCAL_PR_ARG, VIF_PR_ARG, __entry->addr, __entry->ret
96 )
97);
98
99TRACE_EVENT(drv_remove_interface,
100 TP_PROTO(struct ieee80211_local *local,
101 const u8 *addr, struct ieee80211_vif *vif),
102
103 TP_ARGS(local, addr, vif),
104
105 TP_STRUCT__entry(
106 LOCAL_ENTRY
107 VIF_ENTRY
108 __array(char, addr, 6)
109 ),
110
111 TP_fast_assign(
112 LOCAL_ASSIGN;
113 VIF_ASSIGN;
114 memcpy(__entry->addr, addr, 6);
115 ),
116
117 TP_printk(
118 LOCAL_PR_FMT VIF_PR_FMT " addr:%pM",
119 LOCAL_PR_ARG, VIF_PR_ARG, __entry->addr
120 )
121);
122
123TRACE_EVENT(drv_config,
124 TP_PROTO(struct ieee80211_local *local,
125 u32 changed,
126 int ret),
127
128 TP_ARGS(local, changed, ret),
129
130 TP_STRUCT__entry(
131 LOCAL_ENTRY
132 __field(u32, changed)
133 __field(int, ret)
134 ),
135
136 TP_fast_assign(
137 LOCAL_ASSIGN;
138 __entry->changed = changed;
139 __entry->ret = ret;
140 ),
141
142 TP_printk(
143 LOCAL_PR_FMT " ch:%#x ret:%d",
144 LOCAL_PR_ARG, __entry->changed, __entry->ret
145 )
146);
147
148TRACE_EVENT(drv_bss_info_changed,
149 TP_PROTO(struct ieee80211_local *local,
150 struct ieee80211_vif *vif,
151 struct ieee80211_bss_conf *info,
152 u32 changed),
153
154 TP_ARGS(local, vif, info, changed),
155
156 TP_STRUCT__entry(
157 LOCAL_ENTRY
158 VIF_ENTRY
159 __field(bool, assoc)
160 __field(u16, aid)
161 __field(bool, cts)
162 __field(bool, shortpre)
163 __field(bool, shortslot)
164 __field(u8, dtimper)
165 __field(u16, bcnint)
166 __field(u16, assoc_cap)
167 __field(u64, timestamp)
168 __field(u32, basic_rates)
169 __field(u32, changed)
170 ),
171
172 TP_fast_assign(
173 LOCAL_ASSIGN;
174 VIF_ASSIGN;
175 __entry->changed = changed;
176 __entry->aid = info->aid;
177 __entry->assoc = info->assoc;
178 __entry->shortpre = info->use_short_preamble;
179 __entry->cts = info->use_cts_prot;
180 __entry->shortslot = info->use_short_slot;
181 __entry->dtimper = info->dtim_period;
182 __entry->bcnint = info->beacon_int;
183 __entry->assoc_cap = info->assoc_capability;
184 __entry->timestamp = info->timestamp;
185 __entry->basic_rates = info->basic_rates;
186 ),
187
188 TP_printk(
189 LOCAL_PR_FMT VIF_PR_FMT " changed:%#x",
190 LOCAL_PR_ARG, VIF_PR_ARG, __entry->changed
191 )
192);
193
194TRACE_EVENT(drv_configure_filter,
195 TP_PROTO(struct ieee80211_local *local,
196 unsigned int changed_flags,
197 unsigned int *total_flags,
198 int mc_count),
199
200 TP_ARGS(local, changed_flags, total_flags, mc_count),
201
202 TP_STRUCT__entry(
203 LOCAL_ENTRY
204 __field(unsigned int, changed)
205 __field(unsigned int, total)
206 __field(int, mc)
207 ),
208
209 TP_fast_assign(
210 LOCAL_ASSIGN;
211 __entry->changed = changed_flags;
212 __entry->total = *total_flags;
213 __entry->mc = mc_count;
214 ),
215
216 TP_printk(
217 LOCAL_PR_FMT " changed:%#x total:%#x mc:%d",
218 LOCAL_PR_ARG, __entry->changed, __entry->total, __entry->mc
219 )
220);
221
222TRACE_EVENT(drv_set_tim,
223 TP_PROTO(struct ieee80211_local *local,
224 struct ieee80211_sta *sta, bool set, int ret),
225
226 TP_ARGS(local, sta, set, ret),
227
228 TP_STRUCT__entry(
229 LOCAL_ENTRY
230 STA_ENTRY
231 __field(bool, set)
232 __field(int, ret)
233 ),
234
235 TP_fast_assign(
236 LOCAL_ASSIGN;
237 STA_ASSIGN;
238 __entry->set = set;
239 __entry->ret = ret;
240 ),
241
242 TP_printk(
243 LOCAL_PR_FMT STA_PR_FMT " set:%d ret:%d",
244 LOCAL_PR_ARG, STA_PR_FMT, __entry->set, __entry->ret
245 )
246);
247
248TRACE_EVENT(drv_set_key,
249 TP_PROTO(struct ieee80211_local *local,
250 enum set_key_cmd cmd, struct ieee80211_vif *vif,
251 struct ieee80211_sta *sta,
252 struct ieee80211_key_conf *key, int ret),
253
254 TP_ARGS(local, cmd, vif, sta, key, ret),
255
256 TP_STRUCT__entry(
257 LOCAL_ENTRY
258 VIF_ENTRY
259 STA_ENTRY
260 __field(enum ieee80211_key_alg, alg)
261 __field(u8, hw_key_idx)
262 __field(u8, flags)
263 __field(s8, keyidx)
264 __field(int, ret)
265 ),
266
267 TP_fast_assign(
268 LOCAL_ASSIGN;
269 VIF_ASSIGN;
270 STA_ASSIGN;
271 __entry->alg = key->alg;
272 __entry->flags = key->flags;
273 __entry->keyidx = key->keyidx;
274 __entry->hw_key_idx = key->hw_key_idx;
275 __entry->ret = ret;
276 ),
277
278 TP_printk(
279 LOCAL_PR_FMT VIF_PR_FMT STA_PR_FMT " ret:%d",
280 LOCAL_PR_ARG, VIF_PR_ARG, STA_PR_ARG, __entry->ret
281 )
282);
283
284TRACE_EVENT(drv_update_tkip_key,
285 TP_PROTO(struct ieee80211_local *local,
286 struct ieee80211_key_conf *conf,
287 const u8 *address, u32 iv32),
288
289 TP_ARGS(local, conf, address, iv32),
290
291 TP_STRUCT__entry(
292 LOCAL_ENTRY
293 __array(u8, addr, 6)
294 __field(u32, iv32)
295 ),
296
297 TP_fast_assign(
298 LOCAL_ASSIGN;
299 memcpy(__entry->addr, address, 6);
300 __entry->iv32 = iv32;
301 ),
302
303 TP_printk(
304 LOCAL_PR_FMT " addr:%pM iv32:%#x",
305 LOCAL_PR_ARG, __entry->addr, __entry->iv32
306 )
307);
308
309TRACE_EVENT(drv_hw_scan,
310 TP_PROTO(struct ieee80211_local *local,
311 struct cfg80211_scan_request *req, int ret),
312
313 TP_ARGS(local, req, ret),
314
315 TP_STRUCT__entry(
316 LOCAL_ENTRY
317 __field(int, ret)
318 ),
319
320 TP_fast_assign(
321 LOCAL_ASSIGN;
322 __entry->ret = ret;
323 ),
324
325 TP_printk(
326 LOCAL_PR_FMT " ret:%d",
327 LOCAL_PR_ARG, __entry->ret
328 )
329);
330
331TRACE_EVENT(drv_sw_scan_start,
332 TP_PROTO(struct ieee80211_local *local),
333
334 TP_ARGS(local),
335
336 TP_STRUCT__entry(
337 LOCAL_ENTRY
338 ),
339
340 TP_fast_assign(
341 LOCAL_ASSIGN;
342 ),
343
344 TP_printk(
345 LOCAL_PR_FMT, LOCAL_PR_ARG
346 )
347);
348
349TRACE_EVENT(drv_sw_scan_complete,
350 TP_PROTO(struct ieee80211_local *local),
351
352 TP_ARGS(local),
353
354 TP_STRUCT__entry(
355 LOCAL_ENTRY
356 ),
357
358 TP_fast_assign(
359 LOCAL_ASSIGN;
360 ),
361
362 TP_printk(
363 LOCAL_PR_FMT, LOCAL_PR_ARG
364 )
365);
366
367TRACE_EVENT(drv_get_stats,
368 TP_PROTO(struct ieee80211_local *local,
369 struct ieee80211_low_level_stats *stats,
370 int ret),
371
372 TP_ARGS(local, stats, ret),
373
374 TP_STRUCT__entry(
375 LOCAL_ENTRY
376 __field(int, ret)
377 __field(unsigned int, ackfail)
378 __field(unsigned int, rtsfail)
379 __field(unsigned int, fcserr)
380 __field(unsigned int, rtssucc)
381 ),
382
383 TP_fast_assign(
384 LOCAL_ASSIGN;
385 __entry->ret = ret;
386 __entry->ackfail = stats->dot11ACKFailureCount;
387 __entry->rtsfail = stats->dot11RTSFailureCount;
388 __entry->fcserr = stats->dot11FCSErrorCount;
389 __entry->rtssucc = stats->dot11RTSSuccessCount;
390 ),
391
392 TP_printk(
393 LOCAL_PR_FMT " ret:%d",
394 LOCAL_PR_ARG, __entry->ret
395 )
396);
397
398TRACE_EVENT(drv_get_tkip_seq,
399 TP_PROTO(struct ieee80211_local *local,
400 u8 hw_key_idx, u32 *iv32, u16 *iv16),
401
402 TP_ARGS(local, hw_key_idx, iv32, iv16),
403
404 TP_STRUCT__entry(
405 LOCAL_ENTRY
406 __field(u8, hw_key_idx)
407 __field(u32, iv32)
408 __field(u16, iv16)
409 ),
410
411 TP_fast_assign(
412 LOCAL_ASSIGN;
413 __entry->hw_key_idx = hw_key_idx;
414 __entry->iv32 = *iv32;
415 __entry->iv16 = *iv16;
416 ),
417
418 TP_printk(
419 LOCAL_PR_FMT, LOCAL_PR_ARG
420 )
421);
422
423TRACE_EVENT(drv_set_rts_threshold,
424 TP_PROTO(struct ieee80211_local *local, u32 value, int ret),
425
426 TP_ARGS(local, value, ret),
427
428 TP_STRUCT__entry(
429 LOCAL_ENTRY
430 __field(u32, value)
431 __field(int, ret)
432 ),
433
434 TP_fast_assign(
435 LOCAL_ASSIGN;
436 __entry->ret = ret;
437 __entry->value = value;
438 ),
439
440 TP_printk(
441 LOCAL_PR_FMT " value:%d ret:%d",
442 LOCAL_PR_ARG, __entry->value, __entry->ret
443 )
444);
445
446TRACE_EVENT(drv_sta_notify,
447 TP_PROTO(struct ieee80211_local *local,
448 struct ieee80211_vif *vif,
449 enum sta_notify_cmd cmd,
450 struct ieee80211_sta *sta),
451
452 TP_ARGS(local, vif, cmd, sta),
453
454 TP_STRUCT__entry(
455 LOCAL_ENTRY
456 VIF_ENTRY
457 STA_ENTRY
458 __field(u32, cmd)
459 ),
460
461 TP_fast_assign(
462 LOCAL_ASSIGN;
463 VIF_ASSIGN;
464 STA_ASSIGN;
465 __entry->cmd = cmd;
466 ),
467
468 TP_printk(
469 LOCAL_PR_FMT VIF_PR_FMT STA_PR_FMT " cmd:%d",
470 LOCAL_PR_ARG, VIF_PR_ARG, STA_PR_ARG, __entry->cmd
471 )
472);
473
474TRACE_EVENT(drv_conf_tx,
475 TP_PROTO(struct ieee80211_local *local, u16 queue,
476 const struct ieee80211_tx_queue_params *params,
477 int ret),
478
479 TP_ARGS(local, queue, params, ret),
480
481 TP_STRUCT__entry(
482 LOCAL_ENTRY
483 __field(u16, queue)
484 __field(u16, txop)
485 __field(u16, cw_min)
486 __field(u16, cw_max)
487 __field(u8, aifs)
488 __field(int, ret)
489 ),
490
491 TP_fast_assign(
492 LOCAL_ASSIGN;
493 __entry->queue = queue;
494 __entry->ret = ret;
495 __entry->txop = params->txop;
496 __entry->cw_max = params->cw_max;
497 __entry->cw_min = params->cw_min;
498 __entry->aifs = params->aifs;
499 ),
500
501 TP_printk(
502 LOCAL_PR_FMT " queue:%d ret:%d",
503 LOCAL_PR_ARG, __entry->queue, __entry->ret
504 )
505);
506
507TRACE_EVENT(drv_get_tx_stats,
508 TP_PROTO(struct ieee80211_local *local,
509 struct ieee80211_tx_queue_stats *stats,
510 int ret),
511
512 TP_ARGS(local, stats, ret),
513
514 TP_STRUCT__entry(
515 LOCAL_ENTRY
516 __field(int, ret)
517 ),
518
519 TP_fast_assign(
520 LOCAL_ASSIGN;
521 __entry->ret = ret;
522 ),
523
524 TP_printk(
525 LOCAL_PR_FMT " ret:%d",
526 LOCAL_PR_ARG, __entry->ret
527 )
528);
529
530TRACE_EVENT(drv_get_tsf,
531 TP_PROTO(struct ieee80211_local *local, u64 ret),
532
533 TP_ARGS(local, ret),
534
535 TP_STRUCT__entry(
536 LOCAL_ENTRY
537 __field(u64, ret)
538 ),
539
540 TP_fast_assign(
541 LOCAL_ASSIGN;
542 __entry->ret = ret;
543 ),
544
545 TP_printk(
546 LOCAL_PR_FMT " ret:%llu",
547 LOCAL_PR_ARG, (unsigned long long)__entry->ret
548 )
549);
550
551TRACE_EVENT(drv_set_tsf,
552 TP_PROTO(struct ieee80211_local *local, u64 tsf),
553
554 TP_ARGS(local, tsf),
555
556 TP_STRUCT__entry(
557 LOCAL_ENTRY
558 __field(u64, tsf)
559 ),
560
561 TP_fast_assign(
562 LOCAL_ASSIGN;
563 __entry->tsf = tsf;
564 ),
565
566 TP_printk(
567 LOCAL_PR_FMT " tsf:%llu",
568 LOCAL_PR_ARG, (unsigned long long)__entry->tsf
569 )
570);
571
572TRACE_EVENT(drv_reset_tsf,
573 TP_PROTO(struct ieee80211_local *local),
574
575 TP_ARGS(local),
576
577 TP_STRUCT__entry(
578 LOCAL_ENTRY
579 ),
580
581 TP_fast_assign(
582 LOCAL_ASSIGN;
583 ),
584
585 TP_printk(
586 LOCAL_PR_FMT, LOCAL_PR_ARG
587 )
588);
589
590TRACE_EVENT(drv_tx_last_beacon,
591 TP_PROTO(struct ieee80211_local *local, int ret),
592
593 TP_ARGS(local, ret),
594
595 TP_STRUCT__entry(
596 LOCAL_ENTRY
597 __field(int, ret)
598 ),
599
600 TP_fast_assign(
601 LOCAL_ASSIGN;
602 __entry->ret = ret;
603 ),
604
605 TP_printk(
606 LOCAL_PR_FMT " ret:%d",
607 LOCAL_PR_ARG, __entry->ret
608 )
609);
610
611TRACE_EVENT(drv_ampdu_action,
612 TP_PROTO(struct ieee80211_local *local,
613 enum ieee80211_ampdu_mlme_action action,
614 struct ieee80211_sta *sta, u16 tid,
615 u16 *ssn, int ret),
616
617 TP_ARGS(local, action, sta, tid, ssn, ret),
618
619 TP_STRUCT__entry(
620 LOCAL_ENTRY
621 STA_ENTRY
622 __field(u32, action)
623 __field(u16, tid)
624 __field(u16, ssn)
625 __field(int, ret)
626 ),
627
628 TP_fast_assign(
629 LOCAL_ASSIGN;
630 STA_ASSIGN;
631 __entry->ret = ret;
632 __entry->action = action;
633 __entry->tid = tid;
634 __entry->ssn = *ssn;
635 ),
636
637 TP_printk(
638 LOCAL_PR_FMT STA_PR_FMT " action:%d tid:%d ret:%d",
639 LOCAL_PR_ARG, STA_PR_ARG, __entry->action, __entry->tid, __entry->ret
640 )
641);
642#endif /* !__MAC80211_DRIVER_TRACE || TRACE_HEADER_MULTI_READ */
643
644#undef TRACE_INCLUDE_PATH
645#define TRACE_INCLUDE_PATH .
646#undef TRACE_INCLUDE_FILE
647#define TRACE_INCLUDE_FILE driver-trace
648#include <trace/define_trace.h>
diff --git a/net/mac80211/event.c b/net/mac80211/event.c
index f288d01a6344..01ae759518f6 100644
--- a/net/mac80211/event.c
+++ b/net/mac80211/event.c
@@ -7,8 +7,7 @@
7 * 7 *
8 * mac80211 - events 8 * mac80211 - events
9 */ 9 */
10 10#include <net/cfg80211.h>
11#include <net/iw_handler.h>
12#include "ieee80211_i.h" 11#include "ieee80211_i.h"
13 12
14/* 13/*
@@ -17,26 +16,12 @@
17 * driver or is still in the frame), it should provide that information. 16 * driver or is still in the frame), it should provide that information.
18 */ 17 */
19void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx, 18void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx,
20 struct ieee80211_hdr *hdr, const u8 *tsc) 19 struct ieee80211_hdr *hdr, const u8 *tsc,
20 gfp_t gfp)
21{ 21{
22 union iwreq_data wrqu;
23 char *buf = kmalloc(128, GFP_ATOMIC);
24
25 if (buf) {
26 /* TODO: needed parameters: count, key type, TSC */
27 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
28 "keyid=%d %scast addr=%pM)",
29 keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
30 hdr->addr2);
31 memset(&wrqu, 0, sizeof(wrqu));
32 wrqu.data.length = strlen(buf);
33 wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
34 kfree(buf);
35 }
36
37 cfg80211_michael_mic_failure(sdata->dev, hdr->addr2, 22 cfg80211_michael_mic_failure(sdata->dev, hdr->addr2,
38 (hdr->addr1[0] & 0x01) ? 23 (hdr->addr1[0] & 0x01) ?
39 NL80211_KEYTYPE_GROUP : 24 NL80211_KEYTYPE_GROUP :
40 NL80211_KEYTYPE_PAIRWISE, 25 NL80211_KEYTYPE_PAIRWISE,
41 keyidx, tsc); 26 keyidx, tsc, gfp);
42} 27}
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 0b30277eb366..920ec8792f4b 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -57,7 +57,7 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
57 */ 57 */
58 if (auth_alg == WLAN_AUTH_OPEN && auth_transaction == 1) 58 if (auth_alg == WLAN_AUTH_OPEN && auth_transaction == 1)
59 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0, 59 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, NULL, 0,
60 sdata->u.ibss.bssid, 0); 60 sdata->u.ibss.bssid, NULL, 0, 0);
61} 61}
62 62
63static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 63static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
@@ -494,7 +494,7 @@ static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
494 494
495 capability = WLAN_CAPABILITY_IBSS; 495 capability = WLAN_CAPABILITY_IBSS;
496 496
497 if (sdata->default_key) 497 if (ifibss->privacy)
498 capability |= WLAN_CAPABILITY_PRIVACY; 498 capability |= WLAN_CAPABILITY_PRIVACY;
499 else 499 else
500 sdata->drop_unencrypted = 0; 500 sdata->drop_unencrypted = 0;
@@ -524,9 +524,8 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
524 return; 524 return;
525 525
526 capability = WLAN_CAPABILITY_IBSS; 526 capability = WLAN_CAPABILITY_IBSS;
527 if (sdata->default_key) 527 if (ifibss->privacy)
528 capability |= WLAN_CAPABILITY_PRIVACY; 528 capability |= WLAN_CAPABILITY_PRIVACY;
529
530 if (ifibss->fixed_bssid) 529 if (ifibss->fixed_bssid)
531 bssid = ifibss->bssid; 530 bssid = ifibss->bssid;
532 if (ifibss->fixed_channel) 531 if (ifibss->fixed_channel)
@@ -705,7 +704,7 @@ static void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
705 struct ieee80211_mgmt *mgmt; 704 struct ieee80211_mgmt *mgmt;
706 u16 fc; 705 u16 fc;
707 706
708 rx_status = (struct ieee80211_rx_status *) skb->cb; 707 rx_status = IEEE80211_SKB_RXCB(skb);
709 mgmt = (struct ieee80211_mgmt *) skb->data; 708 mgmt = (struct ieee80211_mgmt *) skb->data;
710 fc = le16_to_cpu(mgmt->frame_control); 709 fc = le16_to_cpu(mgmt->frame_control);
711 710
@@ -743,7 +742,7 @@ static void ieee80211_ibss_work(struct work_struct *work)
743 if (!netif_running(sdata->dev)) 742 if (!netif_running(sdata->dev))
744 return; 743 return;
745 744
746 if (local->sw_scanning || local->hw_scanning) 745 if (local->scanning)
747 return; 746 return;
748 747
749 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_ADHOC)) 748 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_ADHOC))
@@ -782,7 +781,7 @@ static void ieee80211_ibss_timer(unsigned long data)
782 } 781 }
783 782
784 set_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request); 783 set_bit(IEEE80211_IBSS_REQ_RUN, &ifibss->request);
785 queue_work(local->hw.workqueue, &ifibss->work); 784 ieee80211_queue_work(&local->hw, &ifibss->work);
786} 785}
787 786
788#ifdef CONFIG_PM 787#ifdef CONFIG_PM
@@ -836,8 +835,7 @@ void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
836} 835}
837 836
838ieee80211_rx_result 837ieee80211_rx_result
839ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 838ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
840 struct ieee80211_rx_status *rx_status)
841{ 839{
842 struct ieee80211_local *local = sdata->local; 840 struct ieee80211_local *local = sdata->local;
843 struct ieee80211_mgmt *mgmt; 841 struct ieee80211_mgmt *mgmt;
@@ -852,11 +850,10 @@ ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
852 switch (fc & IEEE80211_FCTL_STYPE) { 850 switch (fc & IEEE80211_FCTL_STYPE) {
853 case IEEE80211_STYPE_PROBE_RESP: 851 case IEEE80211_STYPE_PROBE_RESP:
854 case IEEE80211_STYPE_BEACON: 852 case IEEE80211_STYPE_BEACON:
855 memcpy(skb->cb, rx_status, sizeof(*rx_status));
856 case IEEE80211_STYPE_PROBE_REQ: 853 case IEEE80211_STYPE_PROBE_REQ:
857 case IEEE80211_STYPE_AUTH: 854 case IEEE80211_STYPE_AUTH:
858 skb_queue_tail(&sdata->u.ibss.skb_queue, skb); 855 skb_queue_tail(&sdata->u.ibss.skb_queue, skb);
859 queue_work(local->hw.workqueue, &sdata->u.ibss.work); 856 ieee80211_queue_work(&local->hw, &sdata->u.ibss.work);
860 return RX_QUEUED; 857 return RX_QUEUED;
861 } 858 }
862 859
@@ -874,6 +871,8 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
874 } else 871 } else
875 sdata->u.ibss.fixed_bssid = false; 872 sdata->u.ibss.fixed_bssid = false;
876 873
874 sdata->u.ibss.privacy = params->privacy;
875
877 sdata->vif.bss_conf.beacon_int = params->beacon_interval; 876 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
878 877
879 sdata->u.ibss.channel = params->channel; 878 sdata->u.ibss.channel = params->channel;
@@ -913,7 +912,7 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
913 ieee80211_recalc_idle(sdata->local); 912 ieee80211_recalc_idle(sdata->local);
914 913
915 set_bit(IEEE80211_IBSS_REQ_RUN, &sdata->u.ibss.request); 914 set_bit(IEEE80211_IBSS_REQ_RUN, &sdata->u.ibss.request);
916 queue_work(sdata->local->hw.workqueue, &sdata->u.ibss.work); 915 ieee80211_queue_work(&sdata->local->hw, &sdata->u.ibss.work);
917 916
918 return 0; 917 return 0;
919} 918}
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 68eb5052179a..a6abc7dfd903 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -24,7 +24,6 @@
24#include <linux/spinlock.h> 24#include <linux/spinlock.h>
25#include <linux/etherdevice.h> 25#include <linux/etherdevice.h>
26#include <net/cfg80211.h> 26#include <net/cfg80211.h>
27#include <net/iw_handler.h>
28#include <net/mac80211.h> 27#include <net/mac80211.h>
29#include "key.h" 28#include "key.h"
30#include "sta_info.h" 29#include "sta_info.h"
@@ -227,86 +226,81 @@ struct mesh_preq_queue {
227 u8 flags; 226 u8 flags;
228}; 227};
229 228
229enum ieee80211_mgd_state {
230 IEEE80211_MGD_STATE_IDLE,
231 IEEE80211_MGD_STATE_PROBE,
232 IEEE80211_MGD_STATE_AUTH,
233 IEEE80211_MGD_STATE_ASSOC,
234};
235
236struct ieee80211_mgd_work {
237 struct list_head list;
238 struct ieee80211_bss *bss;
239 int ie_len;
240 u8 prev_bssid[ETH_ALEN];
241 u8 ssid[IEEE80211_MAX_SSID_LEN];
242 u8 ssid_len;
243 unsigned long timeout;
244 enum ieee80211_mgd_state state;
245 u16 auth_alg, auth_transaction;
246
247 int tries;
248
249 u8 key[WLAN_KEY_LEN_WEP104];
250 u8 key_len, key_idx;
251
252 /* must be last */
253 u8 ie[0]; /* for auth or assoc frame, not probe */
254};
255
230/* flags used in struct ieee80211_if_managed.flags */ 256/* flags used in struct ieee80211_if_managed.flags */
231#define IEEE80211_STA_SSID_SET BIT(0) 257enum ieee80211_sta_flags {
232#define IEEE80211_STA_BSSID_SET BIT(1) 258 IEEE80211_STA_BEACON_POLL = BIT(0),
233#define IEEE80211_STA_PREV_BSSID_SET BIT(2) 259 IEEE80211_STA_CONNECTION_POLL = BIT(1),
234#define IEEE80211_STA_AUTHENTICATED BIT(3) 260 IEEE80211_STA_CONTROL_PORT = BIT(2),
235#define IEEE80211_STA_ASSOCIATED BIT(4) 261 IEEE80211_STA_WMM_ENABLED = BIT(3),
236#define IEEE80211_STA_PROBEREQ_POLL BIT(5) 262 IEEE80211_STA_DISABLE_11N = BIT(4),
237#define IEEE80211_STA_CREATE_IBSS BIT(6) 263 IEEE80211_STA_CSA_RECEIVED = BIT(5),
238#define IEEE80211_STA_CONTROL_PORT BIT(7) 264 IEEE80211_STA_MFP_ENABLED = BIT(6),
239#define IEEE80211_STA_WMM_ENABLED BIT(8) 265};
240/* hole at 9, please re-use */
241#define IEEE80211_STA_AUTO_SSID_SEL BIT(10)
242#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11)
243#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12)
244#define IEEE80211_STA_PRIVACY_INVOKED BIT(13)
245#define IEEE80211_STA_TKIP_WEP_USED BIT(14)
246#define IEEE80211_STA_CSA_RECEIVED BIT(15)
247#define IEEE80211_STA_MFP_ENABLED BIT(16)
248#define IEEE80211_STA_EXT_SME BIT(17)
249/* flags for MLME request */
250#define IEEE80211_STA_REQ_SCAN 0
251#define IEEE80211_STA_REQ_AUTH 1
252#define IEEE80211_STA_REQ_RUN 2
253 266
254/* bitfield of allowed auth algs */ 267/* flags for MLME request */
255#define IEEE80211_AUTH_ALG_OPEN BIT(0) 268enum ieee80211_sta_request {
256#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1) 269 IEEE80211_STA_REQ_SCAN,
257#define IEEE80211_AUTH_ALG_LEAP BIT(2) 270};
258#define IEEE80211_AUTH_ALG_FT BIT(3)
259 271
260struct ieee80211_if_managed { 272struct ieee80211_if_managed {
261 struct timer_list timer; 273 struct timer_list timer;
274 struct timer_list conn_mon_timer;
275 struct timer_list bcn_mon_timer;
262 struct timer_list chswitch_timer; 276 struct timer_list chswitch_timer;
263 struct work_struct work; 277 struct work_struct work;
278 struct work_struct monitor_work;
264 struct work_struct chswitch_work; 279 struct work_struct chswitch_work;
265 struct work_struct beacon_loss_work; 280 struct work_struct beacon_loss_work;
266 281
267 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN]; 282 unsigned long probe_timeout;
283 int probe_send_count;
268 284
269 u8 ssid[IEEE80211_MAX_SSID_LEN]; 285 struct mutex mtx;
270 size_t ssid_len; 286 struct ieee80211_bss *associated;
287 struct ieee80211_mgd_work *old_associate_work;
288 struct list_head work_list;
271 289
272 enum { 290 u8 bssid[ETH_ALEN];
273 IEEE80211_STA_MLME_DISABLED,
274 IEEE80211_STA_MLME_DIRECT_PROBE,
275 IEEE80211_STA_MLME_AUTHENTICATE,
276 IEEE80211_STA_MLME_ASSOCIATE,
277 IEEE80211_STA_MLME_ASSOCIATED,
278 } state;
279 291
280 u16 aid; 292 u16 aid;
281 u16 ap_capab, capab; 293 u16 capab;
282 u8 *extra_ie; /* to be added to the end of AssocReq */
283 size_t extra_ie_len;
284
285 /* The last AssocReq/Resp IEs */
286 u8 *assocreq_ies, *assocresp_ies;
287 size_t assocreq_ies_len, assocresp_ies_len;
288 294
289 struct sk_buff_head skb_queue; 295 struct sk_buff_head skb_queue;
290 296
291 int assoc_scan_tries; /* number of scans done pre-association */
292 int direct_probe_tries; /* retries for direct probes */
293 int auth_tries; /* retries for auth req */
294 int assoc_tries; /* retries for assoc req */
295
296 unsigned long timers_running; /* used for quiesce/restart */ 297 unsigned long timers_running; /* used for quiesce/restart */
297 bool powersave; /* powersave requested for this iface */ 298 bool powersave; /* powersave requested for this iface */
298 299
299 unsigned long request; 300 unsigned long request;
300 301
301 unsigned long last_probe;
302 unsigned long last_beacon;
303
304 unsigned int flags; 302 unsigned int flags;
305 303
306 unsigned int auth_algs; /* bitfield of allowed auth algs */
307 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */
308 int auth_transaction;
309
310 u32 beacon_crc; 304 u32 beacon_crc;
311 305
312 enum { 306 enum {
@@ -316,10 +310,6 @@ struct ieee80211_if_managed {
316 } mfp; /* management frame protection */ 310 } mfp; /* management frame protection */
317 311
318 int wmm_last_param_set; 312 int wmm_last_param_set;
319
320 /* Extra IE data for management frames */
321 u8 *sme_auth_ie;
322 size_t sme_auth_ie_len;
323}; 313};
324 314
325enum ieee80211_ibss_request { 315enum ieee80211_ibss_request {
@@ -339,6 +329,7 @@ struct ieee80211_if_ibss {
339 329
340 bool fixed_bssid; 330 bool fixed_bssid;
341 bool fixed_channel; 331 bool fixed_channel;
332 bool privacy;
342 333
343 u8 bssid[ETH_ALEN]; 334 u8 bssid[ETH_ALEN];
344 u8 ssid[IEEE80211_MAX_SSID_LEN]; 335 u8 ssid[IEEE80211_MAX_SSID_LEN];
@@ -364,7 +355,7 @@ struct ieee80211_if_mesh {
364 355
365 unsigned long timers_running; 356 unsigned long timers_running;
366 357
367 bool housekeeping; 358 unsigned long wrkq_flags;
368 359
369 u8 mesh_id[IEEE80211_MAX_MESH_ID_LEN]; 360 u8 mesh_id[IEEE80211_MAX_MESH_ID_LEN];
370 size_t mesh_id_len; 361 size_t mesh_id_len;
@@ -478,20 +469,9 @@ struct ieee80211_sub_if_data {
478 union { 469 union {
479 struct { 470 struct {
480 struct dentry *drop_unencrypted; 471 struct dentry *drop_unencrypted;
481 struct dentry *state;
482 struct dentry *bssid; 472 struct dentry *bssid;
483 struct dentry *prev_bssid;
484 struct dentry *ssid_len;
485 struct dentry *aid; 473 struct dentry *aid;
486 struct dentry *ap_capab;
487 struct dentry *capab; 474 struct dentry *capab;
488 struct dentry *extra_ie_len;
489 struct dentry *auth_tries;
490 struct dentry *assoc_tries;
491 struct dentry *auth_algs;
492 struct dentry *auth_alg;
493 struct dentry *auth_transaction;
494 struct dentry *flags;
495 struct dentry *force_unicast_rateidx; 475 struct dentry *force_unicast_rateidx;
496 struct dentry *max_ratectrl_rateidx; 476 struct dentry *max_ratectrl_rateidx;
497 } sta; 477 } sta;
@@ -588,12 +568,44 @@ enum queue_stop_reason {
588 IEEE80211_QUEUE_STOP_REASON_CSA, 568 IEEE80211_QUEUE_STOP_REASON_CSA,
589 IEEE80211_QUEUE_STOP_REASON_AGGREGATION, 569 IEEE80211_QUEUE_STOP_REASON_AGGREGATION,
590 IEEE80211_QUEUE_STOP_REASON_SUSPEND, 570 IEEE80211_QUEUE_STOP_REASON_SUSPEND,
591 IEEE80211_QUEUE_STOP_REASON_PENDING,
592 IEEE80211_QUEUE_STOP_REASON_SKB_ADD, 571 IEEE80211_QUEUE_STOP_REASON_SKB_ADD,
593}; 572};
594 573
595struct ieee80211_master_priv { 574/**
596 struct ieee80211_local *local; 575 * mac80211 scan flags - currently active scan mode
576 *
577 * @SCAN_SW_SCANNING: We're currently in the process of scanning but may as
578 * well be on the operating channel
579 * @SCAN_HW_SCANNING: The hardware is scanning for us, we have no way to
580 * determine if we are on the operating channel or not
581 * @SCAN_OFF_CHANNEL: We're off our operating channel for scanning,
582 * gets only set in conjunction with SCAN_SW_SCANNING
583 */
584enum {
585 SCAN_SW_SCANNING,
586 SCAN_HW_SCANNING,
587 SCAN_OFF_CHANNEL,
588};
589
590/**
591 * enum mac80211_scan_state - scan state machine states
592 *
593 * @SCAN_DECISION: Main entry point to the scan state machine, this state
594 * determines if we should keep on scanning or switch back to the
595 * operating channel
596 * @SCAN_SET_CHANNEL: Set the next channel to be scanned
597 * @SCAN_SEND_PROBE: Send probe requests and wait for probe responses
598 * @SCAN_LEAVE_OPER_CHANNEL: Leave the operating channel, notify the AP
599 * about us leaving the channel and stop all associated STA interfaces
600 * @SCAN_ENTER_OPER_CHANNEL: Enter the operating channel again, notify the
601 * AP about us being back and restart all associated STA interfaces
602 */
603enum mac80211_scan_state {
604 SCAN_DECISION,
605 SCAN_SET_CHANNEL,
606 SCAN_SEND_PROBE,
607 SCAN_LEAVE_OPER_CHANNEL,
608 SCAN_ENTER_OPER_CHANNEL,
597}; 609};
598 610
599struct ieee80211_local { 611struct ieee80211_local {
@@ -604,17 +616,30 @@ struct ieee80211_local {
604 616
605 const struct ieee80211_ops *ops; 617 const struct ieee80211_ops *ops;
606 618
619 /*
620 * private workqueue to mac80211. mac80211 makes this accessible
621 * via ieee80211_queue_work()
622 */
623 struct workqueue_struct *workqueue;
624
607 unsigned long queue_stop_reasons[IEEE80211_MAX_QUEUES]; 625 unsigned long queue_stop_reasons[IEEE80211_MAX_QUEUES];
608 /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */ 626 /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */
609 spinlock_t queue_stop_reason_lock; 627 spinlock_t queue_stop_reason_lock;
610 628
611 struct net_device *mdev; /* wmaster# - "master" 802.11 device */
612 int open_count; 629 int open_count;
613 int monitors, cooked_mntrs; 630 int monitors, cooked_mntrs;
614 /* number of interfaces with corresponding FIF_ flags */ 631 /* number of interfaces with corresponding FIF_ flags */
615 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss; 632 int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss, fif_pspoll;
616 unsigned int filter_flags; /* FIF_* */ 633 unsigned int filter_flags; /* FIF_* */
617 struct iw_statistics wstats; 634 struct iw_statistics wstats;
635
636 /* protects the aggregated multicast list and filter calls */
637 spinlock_t filter_lock;
638
639 /* aggregated multicast list */
640 struct dev_addr_list *mc_list;
641 int mc_count;
642
618 bool tim_in_locked_section; /* see ieee80211_beacon_get() */ 643 bool tim_in_locked_section; /* see ieee80211_beacon_get() */
619 644
620 /* 645 /*
@@ -653,6 +678,7 @@ struct ieee80211_local {
653 struct list_head sta_list; 678 struct list_head sta_list;
654 struct sta_info *sta_hash[STA_HASH_SIZE]; 679 struct sta_info *sta_hash[STA_HASH_SIZE];
655 struct timer_list sta_cleanup; 680 struct timer_list sta_cleanup;
681 int sta_generation;
656 682
657 struct sk_buff_head pending[IEEE80211_MAX_QUEUES]; 683 struct sk_buff_head pending[IEEE80211_MAX_QUEUES];
658 struct tasklet_struct tx_pending_tasklet; 684 struct tasklet_struct tx_pending_tasklet;
@@ -687,9 +713,9 @@ struct ieee80211_local {
687 713
688 /* Scanning and BSS list */ 714 /* Scanning and BSS list */
689 struct mutex scan_mtx; 715 struct mutex scan_mtx;
690 bool sw_scanning, hw_scanning; 716 unsigned long scanning;
691 struct cfg80211_ssid scan_ssid; 717 struct cfg80211_ssid scan_ssid;
692 struct cfg80211_scan_request int_scan_req; 718 struct cfg80211_scan_request *int_scan_req;
693 struct cfg80211_scan_request *scan_req; 719 struct cfg80211_scan_request *scan_req;
694 struct ieee80211_channel *scan_channel; 720 struct ieee80211_channel *scan_channel;
695 const u8 *orig_ies; 721 const u8 *orig_ies;
@@ -697,7 +723,7 @@ struct ieee80211_local {
697 int scan_channel_idx; 723 int scan_channel_idx;
698 int scan_ies_len; 724 int scan_ies_len;
699 725
700 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state; 726 enum mac80211_scan_state next_scan_state;
701 struct delayed_work scan_work; 727 struct delayed_work scan_work;
702 struct ieee80211_sub_if_data *scan_sdata; 728 struct ieee80211_sub_if_data *scan_sdata;
703 enum nl80211_channel_type oper_channel_type; 729 enum nl80211_channel_type oper_channel_type;
@@ -834,10 +860,6 @@ struct ieee80211_local {
834static inline struct ieee80211_sub_if_data * 860static inline struct ieee80211_sub_if_data *
835IEEE80211_DEV_TO_SUB_IF(struct net_device *dev) 861IEEE80211_DEV_TO_SUB_IF(struct net_device *dev)
836{ 862{
837 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
838
839 BUG_ON(!local || local->mdev == dev);
840
841 return netdev_priv(dev); 863 return netdev_priv(dev);
842} 864}
843 865
@@ -937,21 +959,20 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
937void ieee80211_configure_filter(struct ieee80211_local *local); 959void ieee80211_configure_filter(struct ieee80211_local *local);
938u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata); 960u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata);
939 961
940/* wireless extensions */
941extern const struct iw_handler_def ieee80211_iw_handler_def;
942
943/* STA code */ 962/* STA code */
944void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata); 963void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata);
964int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
965 struct cfg80211_auth_request *req);
966int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
967 struct cfg80211_assoc_request *req);
968int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
969 struct cfg80211_deauth_request *req,
970 void *cookie);
971int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
972 struct cfg80211_disassoc_request *req,
973 void *cookie);
945ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, 974ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
946 struct sk_buff *skb, 975 struct sk_buff *skb);
947 struct ieee80211_rx_status *rx_status);
948int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata);
949int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len);
950int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len);
951int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid);
952void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata);
953int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason);
954int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason);
955void ieee80211_send_pspoll(struct ieee80211_local *local, 976void ieee80211_send_pspoll(struct ieee80211_local *local,
956 struct ieee80211_sub_if_data *sdata); 977 struct ieee80211_sub_if_data *sdata);
957void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency); 978void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency);
@@ -967,8 +988,7 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata);
967void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local); 988void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local);
968void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata); 989void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata);
969ieee80211_rx_result 990ieee80211_rx_result
970ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 991ieee80211_ibss_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb);
971 struct ieee80211_rx_status *rx_status);
972struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, 992struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
973 u8 *bssid, u8 *addr, u32 supp_rates); 993 u8 *bssid, u8 *addr, u32 supp_rates);
974int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata, 994int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
@@ -983,16 +1003,9 @@ int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
983 const u8 *ssid, u8 ssid_len); 1003 const u8 *ssid, u8 ssid_len);
984int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 1004int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
985 struct cfg80211_scan_request *req); 1005 struct cfg80211_scan_request *req);
986int ieee80211_scan_results(struct ieee80211_local *local,
987 struct iw_request_info *info,
988 char *buf, size_t len);
989void ieee80211_scan_cancel(struct ieee80211_local *local); 1006void ieee80211_scan_cancel(struct ieee80211_local *local);
990ieee80211_rx_result 1007ieee80211_rx_result
991ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, 1008ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb);
992 struct sk_buff *skb,
993 struct ieee80211_rx_status *rx_status);
994int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata,
995 const char *ie, size_t len);
996 1009
997void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local); 1010void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local);
998struct ieee80211_bss * 1011struct ieee80211_bss *
@@ -1008,8 +1021,6 @@ ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
1008 u8 *ssid, u8 ssid_len); 1021 u8 *ssid, u8 ssid_len);
1009void ieee80211_rx_bss_put(struct ieee80211_local *local, 1022void ieee80211_rx_bss_put(struct ieee80211_local *local,
1010 struct ieee80211_bss *bss); 1023 struct ieee80211_bss *bss);
1011void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
1012 int freq, u8 *ssid, u8 ssid_len);
1013 1024
1014/* interface handling */ 1025/* interface handling */
1015int ieee80211_if_add(struct ieee80211_local *local, const char *name, 1026int ieee80211_if_add(struct ieee80211_local *local, const char *name,
@@ -1025,7 +1036,6 @@ void ieee80211_recalc_idle(struct ieee80211_local *local);
1025/* tx handling */ 1036/* tx handling */
1026void ieee80211_clear_tx_pending(struct ieee80211_local *local); 1037void ieee80211_clear_tx_pending(struct ieee80211_local *local);
1027void ieee80211_tx_pending(unsigned long data); 1038void ieee80211_tx_pending(unsigned long data);
1028int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev);
1029int ieee80211_monitor_start_xmit(struct sk_buff *skb, struct net_device *dev); 1039int ieee80211_monitor_start_xmit(struct sk_buff *skb, struct net_device *dev);
1030int ieee80211_subif_start_xmit(struct sk_buff *skb, struct net_device *dev); 1040int ieee80211_subif_start_xmit(struct sk_buff *skb, struct net_device *dev);
1031 1041
@@ -1092,7 +1102,8 @@ u8 *ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len,
1092int ieee80211_frame_duration(struct ieee80211_local *local, size_t len, 1102int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
1093 int rate, int erp, int short_preamble); 1103 int rate, int erp, int short_preamble);
1094void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx, 1104void mac80211_ev_michael_mic_failure(struct ieee80211_sub_if_data *sdata, int keyidx,
1095 struct ieee80211_hdr *hdr, const u8 *tsc); 1105 struct ieee80211_hdr *hdr, const u8 *tsc,
1106 gfp_t gfp);
1096void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata); 1107void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata);
1097void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 1108void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
1098 int encrypt); 1109 int encrypt);
@@ -1129,8 +1140,8 @@ int ieee80211_add_pending_skbs(struct ieee80211_local *local,
1129 1140
1130void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, 1141void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1131 u16 transaction, u16 auth_alg, 1142 u16 transaction, u16 auth_alg,
1132 u8 *extra, size_t extra_len, 1143 u8 *extra, size_t extra_len, const u8 *bssid,
1133 const u8 *bssid, int encrypt); 1144 const u8 *key, u8 key_len, u8 key_idx);
1134int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 1145int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
1135 const u8 *ie, size_t ie_len); 1146 const u8 *ie, size_t ie_len);
1136void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 1147void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index b7c8a4484298..e8fb03b91a44 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -190,10 +190,6 @@ static int ieee80211_open(struct net_device *dev)
190 ETH_ALEN); 190 ETH_ALEN);
191 } 191 }
192 192
193 if (compare_ether_addr(null_addr, local->mdev->dev_addr) == 0)
194 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr,
195 ETH_ALEN);
196
197 /* 193 /*
198 * Validate the MAC address for this device. 194 * Validate the MAC address for this device.
199 */ 195 */
@@ -224,18 +220,17 @@ static int ieee80211_open(struct net_device *dev)
224 local->fif_fcsfail++; 220 local->fif_fcsfail++;
225 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL) 221 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL)
226 local->fif_plcpfail++; 222 local->fif_plcpfail++;
227 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL) 223 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL) {
228 local->fif_control++; 224 local->fif_control++;
225 local->fif_pspoll++;
226 }
229 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS) 227 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
230 local->fif_other_bss++; 228 local->fif_other_bss++;
231 229
232 netif_addr_lock_bh(local->mdev); 230 spin_lock_bh(&local->filter_lock);
233 ieee80211_configure_filter(local); 231 ieee80211_configure_filter(local);
234 netif_addr_unlock_bh(local->mdev); 232 spin_unlock_bh(&local->filter_lock);
235 break; 233 break;
236 case NL80211_IFTYPE_STATION:
237 sdata->u.mgd.flags &= ~IEEE80211_STA_PREV_BSSID_SET;
238 /* fall through */
239 default: 234 default:
240 conf.vif = &sdata->vif; 235 conf.vif = &sdata->vif;
241 conf.type = sdata->vif.type; 236 conf.type = sdata->vif.type;
@@ -246,12 +241,19 @@ static int ieee80211_open(struct net_device *dev)
246 241
247 if (ieee80211_vif_is_mesh(&sdata->vif)) { 242 if (ieee80211_vif_is_mesh(&sdata->vif)) {
248 local->fif_other_bss++; 243 local->fif_other_bss++;
249 netif_addr_lock_bh(local->mdev); 244 spin_lock_bh(&local->filter_lock);
250 ieee80211_configure_filter(local); 245 ieee80211_configure_filter(local);
251 netif_addr_unlock_bh(local->mdev); 246 spin_unlock_bh(&local->filter_lock);
252 247
253 ieee80211_start_mesh(sdata); 248 ieee80211_start_mesh(sdata);
249 } else if (sdata->vif.type == NL80211_IFTYPE_AP) {
250 local->fif_pspoll++;
251
252 spin_lock_bh(&local->filter_lock);
253 ieee80211_configure_filter(local);
254 spin_unlock_bh(&local->filter_lock);
254 } 255 }
256
255 changed |= ieee80211_reset_erp_info(sdata); 257 changed |= ieee80211_reset_erp_info(sdata);
256 ieee80211_bss_info_change_notify(sdata, changed); 258 ieee80211_bss_info_change_notify(sdata, changed);
257 ieee80211_enable_keys(sdata); 259 ieee80211_enable_keys(sdata);
@@ -282,10 +284,6 @@ static int ieee80211_open(struct net_device *dev)
282 } 284 }
283 285
284 if (local->open_count == 0) { 286 if (local->open_count == 0) {
285 res = dev_open(local->mdev);
286 WARN_ON(res);
287 if (res)
288 goto err_del_interface;
289 tasklet_enable(&local->tx_pending_tasklet); 287 tasklet_enable(&local->tx_pending_tasklet);
290 tasklet_enable(&local->tasklet); 288 tasklet_enable(&local->tasklet);
291 } 289 }
@@ -323,7 +321,7 @@ static int ieee80211_open(struct net_device *dev)
323 * to fix this. 321 * to fix this.
324 */ 322 */
325 if (sdata->vif.type == NL80211_IFTYPE_STATION) 323 if (sdata->vif.type == NL80211_IFTYPE_STATION)
326 queue_work(local->hw.workqueue, &sdata->u.mgd.work); 324 ieee80211_queue_work(&local->hw, &sdata->u.mgd.work);
327 325
328 netif_tx_start_all_queues(dev); 326 netif_tx_start_all_queues(dev);
329 327
@@ -346,7 +344,10 @@ static int ieee80211_stop(struct net_device *dev)
346 struct ieee80211_local *local = sdata->local; 344 struct ieee80211_local *local = sdata->local;
347 struct ieee80211_if_init_conf conf; 345 struct ieee80211_if_init_conf conf;
348 struct sta_info *sta; 346 struct sta_info *sta;
347 unsigned long flags;
348 struct sk_buff *skb, *tmp;
349 u32 hw_reconf_flags = 0; 349 u32 hw_reconf_flags = 0;
350 int i;
350 351
351 /* 352 /*
352 * Stop TX on this interface first. 353 * Stop TX on this interface first.
@@ -366,18 +367,6 @@ static int ieee80211_stop(struct net_device *dev)
366 rcu_read_unlock(); 367 rcu_read_unlock();
367 368
368 /* 369 /*
369 * Announce that we are leaving the network, in case we are a
370 * station interface type. This must be done before removing
371 * all stations associated with sta_info_flush, otherwise STA
372 * information will be gone and no announce being done.
373 */
374 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
375 if (sdata->u.mgd.state != IEEE80211_STA_MLME_DISABLED)
376 ieee80211_sta_deauthenticate(sdata,
377 WLAN_REASON_DEAUTH_LEAVING);
378 }
379
380 /*
381 * Remove all stations associated with this interface. 370 * Remove all stations associated with this interface.
382 * 371 *
383 * This must be done before calling ops->remove_interface() 372 * This must be done before calling ops->remove_interface()
@@ -408,13 +397,23 @@ static int ieee80211_stop(struct net_device *dev)
408 if (sdata->flags & IEEE80211_SDATA_PROMISC) 397 if (sdata->flags & IEEE80211_SDATA_PROMISC)
409 atomic_dec(&local->iff_promiscs); 398 atomic_dec(&local->iff_promiscs);
410 399
411 dev_mc_unsync(local->mdev, dev); 400 if (sdata->vif.type == NL80211_IFTYPE_AP)
401 local->fif_pspoll--;
402
403 netif_addr_lock_bh(dev);
404 spin_lock_bh(&local->filter_lock);
405 __dev_addr_unsync(&local->mc_list, &local->mc_count,
406 &dev->mc_list, &dev->mc_count);
407 ieee80211_configure_filter(local);
408 spin_unlock_bh(&local->filter_lock);
409 netif_addr_unlock_bh(dev);
410
412 del_timer_sync(&local->dynamic_ps_timer); 411 del_timer_sync(&local->dynamic_ps_timer);
413 cancel_work_sync(&local->dynamic_ps_enable_work); 412 cancel_work_sync(&local->dynamic_ps_enable_work);
414 413
415 /* APs need special treatment */ 414 /* APs need special treatment */
416 if (sdata->vif.type == NL80211_IFTYPE_AP) { 415 if (sdata->vif.type == NL80211_IFTYPE_AP) {
417 struct ieee80211_sub_if_data *vlan, *tmp; 416 struct ieee80211_sub_if_data *vlan, *tmpsdata;
418 struct beacon_data *old_beacon = sdata->u.ap.beacon; 417 struct beacon_data *old_beacon = sdata->u.ap.beacon;
419 418
420 /* remove beacon */ 419 /* remove beacon */
@@ -423,7 +422,7 @@ static int ieee80211_stop(struct net_device *dev)
423 kfree(old_beacon); 422 kfree(old_beacon);
424 423
425 /* down all dependent devices, that is VLANs */ 424 /* down all dependent devices, that is VLANs */
426 list_for_each_entry_safe(vlan, tmp, &sdata->u.ap.vlans, 425 list_for_each_entry_safe(vlan, tmpsdata, &sdata->u.ap.vlans,
427 u.vlan.list) 426 u.vlan.list)
428 dev_close(vlan->dev); 427 dev_close(vlan->dev);
429 WARN_ON(!list_empty(&sdata->u.ap.vlans)); 428 WARN_ON(!list_empty(&sdata->u.ap.vlans));
@@ -452,29 +451,32 @@ static int ieee80211_stop(struct net_device *dev)
452 local->fif_fcsfail--; 451 local->fif_fcsfail--;
453 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL) 452 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL)
454 local->fif_plcpfail--; 453 local->fif_plcpfail--;
455 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL) 454 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL) {
455 local->fif_pspoll--;
456 local->fif_control--; 456 local->fif_control--;
457 }
457 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS) 458 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
458 local->fif_other_bss--; 459 local->fif_other_bss--;
459 460
460 netif_addr_lock_bh(local->mdev); 461 spin_lock_bh(&local->filter_lock);
461 ieee80211_configure_filter(local); 462 ieee80211_configure_filter(local);
462 netif_addr_unlock_bh(local->mdev); 463 spin_unlock_bh(&local->filter_lock);
463 break; 464 break;
464 case NL80211_IFTYPE_STATION: 465 case NL80211_IFTYPE_STATION:
465 memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
466 del_timer_sync(&sdata->u.mgd.chswitch_timer); 466 del_timer_sync(&sdata->u.mgd.chswitch_timer);
467 del_timer_sync(&sdata->u.mgd.timer); 467 del_timer_sync(&sdata->u.mgd.timer);
468 del_timer_sync(&sdata->u.mgd.conn_mon_timer);
469 del_timer_sync(&sdata->u.mgd.bcn_mon_timer);
468 /* 470 /*
469 * If the timer fired while we waited for it, it will have 471 * If any of the timers fired while we waited for it, it will
470 * requeued the work. Now the work will be running again 472 * have queued its work. Now the work will be running again
471 * but will not rearm the timer again because it checks 473 * but will not rearm the timer again because it checks
472 * whether the interface is running, which, at this point, 474 * whether the interface is running, which, at this point,
473 * it no longer is. 475 * it no longer is.
474 */ 476 */
475 cancel_work_sync(&sdata->u.mgd.work); 477 cancel_work_sync(&sdata->u.mgd.work);
476 cancel_work_sync(&sdata->u.mgd.chswitch_work); 478 cancel_work_sync(&sdata->u.mgd.chswitch_work);
477 479 cancel_work_sync(&sdata->u.mgd.monitor_work);
478 cancel_work_sync(&sdata->u.mgd.beacon_loss_work); 480 cancel_work_sync(&sdata->u.mgd.beacon_loss_work);
479 481
480 /* 482 /*
@@ -485,12 +487,6 @@ static int ieee80211_stop(struct net_device *dev)
485 */ 487 */
486 synchronize_rcu(); 488 synchronize_rcu();
487 skb_queue_purge(&sdata->u.mgd.skb_queue); 489 skb_queue_purge(&sdata->u.mgd.skb_queue);
488
489 sdata->u.mgd.flags &= ~(IEEE80211_STA_PRIVACY_INVOKED |
490 IEEE80211_STA_TKIP_WEP_USED);
491 kfree(sdata->u.mgd.extra_ie);
492 sdata->u.mgd.extra_ie = NULL;
493 sdata->u.mgd.extra_ie_len = 0;
494 /* fall through */ 490 /* fall through */
495 case NL80211_IFTYPE_ADHOC: 491 case NL80211_IFTYPE_ADHOC:
496 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { 492 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
@@ -507,9 +503,9 @@ static int ieee80211_stop(struct net_device *dev)
507 local->fif_other_bss--; 503 local->fif_other_bss--;
508 atomic_dec(&local->iff_allmultis); 504 atomic_dec(&local->iff_allmultis);
509 505
510 netif_addr_lock_bh(local->mdev); 506 spin_lock_bh(&local->filter_lock);
511 ieee80211_configure_filter(local); 507 ieee80211_configure_filter(local);
512 netif_addr_unlock_bh(local->mdev); 508 spin_unlock_bh(&local->filter_lock);
513 509
514 ieee80211_stop_mesh(sdata); 510 ieee80211_stop_mesh(sdata);
515 } 511 }
@@ -536,10 +532,20 @@ static int ieee80211_stop(struct net_device *dev)
536 * the scan_sdata is NULL already don't send out a 532 * the scan_sdata is NULL already don't send out a
537 * scan event to userspace -- the scan is incomplete. 533 * scan event to userspace -- the scan is incomplete.
538 */ 534 */
539 if (local->sw_scanning) 535 if (test_bit(SCAN_SW_SCANNING, &local->scanning))
540 ieee80211_scan_completed(&local->hw, true); 536 ieee80211_scan_completed(&local->hw, true);
541 } 537 }
542 538
539 /*
540 * Disable beaconing for AP and mesh, IBSS can't
541 * still be joined to a network at this point.
542 */
543 if (sdata->vif.type == NL80211_IFTYPE_AP ||
544 sdata->vif.type == NL80211_IFTYPE_MESH_POINT) {
545 ieee80211_bss_info_change_notify(sdata,
546 BSS_CHANGED_BEACON_ENABLED);
547 }
548
543 conf.vif = &sdata->vif; 549 conf.vif = &sdata->vif;
544 conf.type = sdata->vif.type; 550 conf.type = sdata->vif.type;
545 conf.mac_addr = dev->dev_addr; 551 conf.mac_addr = dev->dev_addr;
@@ -555,14 +561,11 @@ static int ieee80211_stop(struct net_device *dev)
555 ieee80211_recalc_ps(local, -1); 561 ieee80211_recalc_ps(local, -1);
556 562
557 if (local->open_count == 0) { 563 if (local->open_count == 0) {
558 if (netif_running(local->mdev))
559 dev_close(local->mdev);
560
561 drv_stop(local); 564 drv_stop(local);
562 565
563 ieee80211_led_radio(local, false); 566 ieee80211_led_radio(local, false);
564 567
565 flush_workqueue(local->hw.workqueue); 568 flush_workqueue(local->workqueue);
566 569
567 tasklet_disable(&local->tx_pending_tasklet); 570 tasklet_disable(&local->tx_pending_tasklet);
568 tasklet_disable(&local->tasklet); 571 tasklet_disable(&local->tasklet);
@@ -575,6 +578,18 @@ static int ieee80211_stop(struct net_device *dev)
575 if (hw_reconf_flags) 578 if (hw_reconf_flags)
576 ieee80211_hw_config(local, hw_reconf_flags); 579 ieee80211_hw_config(local, hw_reconf_flags);
577 580
581 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
582 for (i = 0; i < IEEE80211_MAX_QUEUES; i++) {
583 skb_queue_walk_safe(&local->pending[i], skb, tmp) {
584 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
585 if (info->control.vif == &sdata->vif) {
586 __skb_unlink(skb, &local->pending[i]);
587 dev_kfree_skb_irq(skb);
588 }
589 }
590 }
591 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
592
578 return 0; 593 return 0;
579} 594}
580 595
@@ -604,8 +619,11 @@ static void ieee80211_set_multicast_list(struct net_device *dev)
604 atomic_dec(&local->iff_promiscs); 619 atomic_dec(&local->iff_promiscs);
605 sdata->flags ^= IEEE80211_SDATA_PROMISC; 620 sdata->flags ^= IEEE80211_SDATA_PROMISC;
606 } 621 }
607 622 spin_lock_bh(&local->filter_lock);
608 dev_mc_sync(local->mdev, dev); 623 __dev_addr_sync(&local->mc_list, &local->mc_count,
624 &dev->mc_list, &dev->mc_count);
625 ieee80211_configure_filter(local);
626 spin_unlock_bh(&local->filter_lock);
609} 627}
610 628
611/* 629/*
@@ -652,11 +670,6 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
652 kfree_skb(sdata->u.ibss.presp); 670 kfree_skb(sdata->u.ibss.presp);
653 break; 671 break;
654 case NL80211_IFTYPE_STATION: 672 case NL80211_IFTYPE_STATION:
655 kfree(sdata->u.mgd.extra_ie);
656 kfree(sdata->u.mgd.assocreq_ies);
657 kfree(sdata->u.mgd.assocresp_ies);
658 kfree(sdata->u.mgd.sme_auth_ie);
659 break;
660 case NL80211_IFTYPE_WDS: 673 case NL80211_IFTYPE_WDS:
661 case NL80211_IFTYPE_AP_VLAN: 674 case NL80211_IFTYPE_AP_VLAN:
662 case NL80211_IFTYPE_MONITOR: 675 case NL80211_IFTYPE_MONITOR:
@@ -695,7 +708,6 @@ static void ieee80211_if_setup(struct net_device *dev)
695{ 708{
696 ether_setup(dev); 709 ether_setup(dev);
697 dev->netdev_ops = &ieee80211_dataif_ops; 710 dev->netdev_ops = &ieee80211_dataif_ops;
698 dev->wireless_handlers = &ieee80211_iw_handler_def;
699 dev->destructor = free_netdev; 711 dev->destructor = free_netdev;
700} 712}
701 713
@@ -798,6 +810,7 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
798 name, ieee80211_if_setup); 810 name, ieee80211_if_setup);
799 if (!ndev) 811 if (!ndev)
800 return -ENOMEM; 812 return -ENOMEM;
813 dev_net_set(ndev, wiphy_net(local->hw.wiphy));
801 814
802 ndev->needed_headroom = local->tx_headroom + 815 ndev->needed_headroom = local->tx_headroom +
803 4*6 /* four MAC addresses */ 816 4*6 /* four MAC addresses */
@@ -814,7 +827,6 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
814 827
815 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN); 828 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
816 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy)); 829 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
817 ndev->features |= NETIF_F_NETNS_LOCAL;
818 830
819 /* don't use IEEE80211_DEV_TO_SUB_IF because it checks too much */ 831 /* don't use IEEE80211_DEV_TO_SUB_IF because it checks too much */
820 sdata = netdev_priv(ndev); 832 sdata = netdev_priv(ndev);
@@ -931,7 +943,7 @@ u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
931 struct ieee80211_sub_if_data *sdata; 943 struct ieee80211_sub_if_data *sdata;
932 int count = 0; 944 int count = 0;
933 945
934 if (local->hw_scanning || local->sw_scanning) 946 if (local->scanning)
935 return ieee80211_idle_off(local, "scanning"); 947 return ieee80211_idle_off(local, "scanning");
936 948
937 list_for_each_entry(sdata, &local->interfaces, list) { 949 list_for_each_entry(sdata, &local->interfaces, list) {
@@ -939,7 +951,8 @@ u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
939 continue; 951 continue;
940 /* do not count disabled managed interfaces */ 952 /* do not count disabled managed interfaces */
941 if (sdata->vif.type == NL80211_IFTYPE_STATION && 953 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
942 sdata->u.mgd.state == IEEE80211_STA_MLME_DISABLED) 954 !sdata->u.mgd.associated &&
955 list_empty(&sdata->u.mgd.work_list))
943 continue; 956 continue;
944 /* do not count unused IBSS interfaces */ 957 /* do not count unused IBSS interfaces */
945 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && 958 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index ce267565e180..659a42d529e3 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -67,6 +67,8 @@ static DECLARE_WORK(todo_work, key_todo);
67 * 67 *
68 * @key: key to add to do item for 68 * @key: key to add to do item for
69 * @flag: todo flag(s) 69 * @flag: todo flag(s)
70 *
71 * Must be called with IRQs or softirqs disabled.
70 */ 72 */
71static void add_todo(struct ieee80211_key *key, u32 flag) 73static void add_todo(struct ieee80211_key *key, u32 flag)
72{ 74{
@@ -140,9 +142,9 @@ static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
140 ret = drv_set_key(key->local, SET_KEY, &sdata->vif, sta, &key->conf); 142 ret = drv_set_key(key->local, SET_KEY, &sdata->vif, sta, &key->conf);
141 143
142 if (!ret) { 144 if (!ret) {
143 spin_lock(&todo_lock); 145 spin_lock_bh(&todo_lock);
144 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 146 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
145 spin_unlock(&todo_lock); 147 spin_unlock_bh(&todo_lock);
146 } 148 }
147 149
148 if (ret && ret != -ENOSPC && ret != -EOPNOTSUPP) 150 if (ret && ret != -ENOSPC && ret != -EOPNOTSUPP)
@@ -164,12 +166,12 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
164 if (!key || !key->local->ops->set_key) 166 if (!key || !key->local->ops->set_key)
165 return; 167 return;
166 168
167 spin_lock(&todo_lock); 169 spin_lock_bh(&todo_lock);
168 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 170 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
169 spin_unlock(&todo_lock); 171 spin_unlock_bh(&todo_lock);
170 return; 172 return;
171 } 173 }
172 spin_unlock(&todo_lock); 174 spin_unlock_bh(&todo_lock);
173 175
174 sta = get_sta_for_key(key); 176 sta = get_sta_for_key(key);
175 sdata = key->sdata; 177 sdata = key->sdata;
@@ -188,9 +190,9 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
188 wiphy_name(key->local->hw.wiphy), 190 wiphy_name(key->local->hw.wiphy),
189 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret); 191 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
190 192
191 spin_lock(&todo_lock); 193 spin_lock_bh(&todo_lock);
192 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 194 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
193 spin_unlock(&todo_lock); 195 spin_unlock_bh(&todo_lock);
194} 196}
195 197
196static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 198static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
@@ -437,14 +439,14 @@ void ieee80211_key_link(struct ieee80211_key *key,
437 439
438 __ieee80211_key_replace(sdata, sta, old_key, key); 440 __ieee80211_key_replace(sdata, sta, old_key, key);
439 441
440 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
441
442 /* free old key later */ 442 /* free old key later */
443 add_todo(old_key, KEY_FLAG_TODO_DELETE); 443 add_todo(old_key, KEY_FLAG_TODO_DELETE);
444 444
445 add_todo(key, KEY_FLAG_TODO_ADD_DEBUGFS); 445 add_todo(key, KEY_FLAG_TODO_ADD_DEBUGFS);
446 if (netif_running(sdata->dev)) 446 if (netif_running(sdata->dev))
447 add_todo(key, KEY_FLAG_TODO_HWACCEL_ADD); 447 add_todo(key, KEY_FLAG_TODO_HWACCEL_ADD);
448
449 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
448} 450}
449 451
450static void __ieee80211_key_free(struct ieee80211_key *key) 452static void __ieee80211_key_free(struct ieee80211_key *key)
@@ -547,7 +549,7 @@ static void __ieee80211_key_todo(void)
547 */ 549 */
548 synchronize_rcu(); 550 synchronize_rcu();
549 551
550 spin_lock(&todo_lock); 552 spin_lock_bh(&todo_lock);
551 while (!list_empty(&todo_list)) { 553 while (!list_empty(&todo_list)) {
552 key = list_first_entry(&todo_list, struct ieee80211_key, todo); 554 key = list_first_entry(&todo_list, struct ieee80211_key, todo);
553 list_del_init(&key->todo); 555 list_del_init(&key->todo);
@@ -558,7 +560,7 @@ static void __ieee80211_key_todo(void)
558 KEY_FLAG_TODO_HWACCEL_REMOVE | 560 KEY_FLAG_TODO_HWACCEL_REMOVE |
559 KEY_FLAG_TODO_DELETE); 561 KEY_FLAG_TODO_DELETE);
560 key->flags &= ~todoflags; 562 key->flags &= ~todoflags;
561 spin_unlock(&todo_lock); 563 spin_unlock_bh(&todo_lock);
562 564
563 work_done = false; 565 work_done = false;
564 566
@@ -591,9 +593,9 @@ static void __ieee80211_key_todo(void)
591 593
592 WARN_ON(!work_done); 594 WARN_ON(!work_done);
593 595
594 spin_lock(&todo_lock); 596 spin_lock_bh(&todo_lock);
595 } 597 }
596 spin_unlock(&todo_lock); 598 spin_unlock_bh(&todo_lock);
597} 599}
598 600
599void ieee80211_key_todo(void) 601void ieee80211_key_todo(void)
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 092a017b237e..b03fd84777fa 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -77,81 +77,23 @@ void ieee80211_configure_filter(struct ieee80211_local *local)
77 if (local->fif_other_bss) 77 if (local->fif_other_bss)
78 new_flags |= FIF_OTHER_BSS; 78 new_flags |= FIF_OTHER_BSS;
79 79
80 if (local->fif_pspoll)
81 new_flags |= FIF_PSPOLL;
82
80 changed_flags = local->filter_flags ^ new_flags; 83 changed_flags = local->filter_flags ^ new_flags;
81 84
82 /* be a bit nasty */ 85 /* be a bit nasty */
83 new_flags |= (1<<31); 86 new_flags |= (1<<31);
84 87
85 drv_configure_filter(local, changed_flags, &new_flags, 88 drv_configure_filter(local, changed_flags, &new_flags,
86 local->mdev->mc_count, 89 local->mc_count,
87 local->mdev->mc_list); 90 local->mc_list);
88 91
89 WARN_ON(new_flags & (1<<31)); 92 WARN_ON(new_flags & (1<<31));
90 93
91 local->filter_flags = new_flags & ~(1<<31); 94 local->filter_flags = new_flags & ~(1<<31);
92} 95}
93 96
94/* master interface */
95
96static int header_parse_80211(const struct sk_buff *skb, unsigned char *haddr)
97{
98 memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
99 return ETH_ALEN;
100}
101
102static const struct header_ops ieee80211_header_ops = {
103 .create = eth_header,
104 .parse = header_parse_80211,
105 .rebuild = eth_rebuild_header,
106 .cache = eth_header_cache,
107 .cache_update = eth_header_cache_update,
108};
109
110static int ieee80211_master_open(struct net_device *dev)
111{
112 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
113 struct ieee80211_local *local = mpriv->local;
114 struct ieee80211_sub_if_data *sdata;
115 int res = -EOPNOTSUPP;
116
117 /* we hold the RTNL here so can safely walk the list */
118 list_for_each_entry(sdata, &local->interfaces, list) {
119 if (netif_running(sdata->dev)) {
120 res = 0;
121 break;
122 }
123 }
124
125 if (res)
126 return res;
127
128 netif_tx_start_all_queues(local->mdev);
129
130 return 0;
131}
132
133static int ieee80211_master_stop(struct net_device *dev)
134{
135 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
136 struct ieee80211_local *local = mpriv->local;
137 struct ieee80211_sub_if_data *sdata;
138
139 /* we hold the RTNL here so can safely walk the list */
140 list_for_each_entry(sdata, &local->interfaces, list)
141 if (netif_running(sdata->dev))
142 dev_close(sdata->dev);
143
144 return 0;
145}
146
147static void ieee80211_master_set_multicast_list(struct net_device *dev)
148{
149 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
150 struct ieee80211_local *local = mpriv->local;
151
152 ieee80211_configure_filter(local);
153}
154
155int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) 97int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
156{ 98{
157 struct ieee80211_channel *chan, *scan_chan; 99 struct ieee80211_channel *chan, *scan_chan;
@@ -259,7 +201,8 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
259 } 201 }
260 202
261 if (changed & BSS_CHANGED_BEACON_ENABLED) { 203 if (changed & BSS_CHANGED_BEACON_ENABLED) {
262 if (local->sw_scanning) { 204 if (local->quiescing || !netif_running(sdata->dev) ||
205 test_bit(SCAN_SW_SCANNING, &local->scanning)) {
263 sdata->vif.bss_conf.enable_beacon = false; 206 sdata->vif.bss_conf.enable_beacon = false;
264 } else { 207 } else {
265 /* 208 /*
@@ -310,7 +253,6 @@ void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
310 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 253 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
311 int tmp; 254 int tmp;
312 255
313 skb->dev = local->mdev;
314 skb->pkt_type = IEEE80211_TX_STATUS_MSG; 256 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
315 skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ? 257 skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ?
316 &local->skb_queue : &local->skb_queue_unreliable, skb); 258 &local->skb_queue : &local->skb_queue_unreliable, skb);
@@ -330,19 +272,16 @@ static void ieee80211_tasklet_handler(unsigned long data)
330{ 272{
331 struct ieee80211_local *local = (struct ieee80211_local *) data; 273 struct ieee80211_local *local = (struct ieee80211_local *) data;
332 struct sk_buff *skb; 274 struct sk_buff *skb;
333 struct ieee80211_rx_status rx_status;
334 struct ieee80211_ra_tid *ra_tid; 275 struct ieee80211_ra_tid *ra_tid;
335 276
336 while ((skb = skb_dequeue(&local->skb_queue)) || 277 while ((skb = skb_dequeue(&local->skb_queue)) ||
337 (skb = skb_dequeue(&local->skb_queue_unreliable))) { 278 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
338 switch (skb->pkt_type) { 279 switch (skb->pkt_type) {
339 case IEEE80211_RX_MSG: 280 case IEEE80211_RX_MSG:
340 /* status is in skb->cb */
341 memcpy(&rx_status, skb->cb, sizeof(rx_status));
342 /* Clear skb->pkt_type in order to not confuse kernel 281 /* Clear skb->pkt_type in order to not confuse kernel
343 * netstack. */ 282 * netstack. */
344 skb->pkt_type = 0; 283 skb->pkt_type = 0;
345 __ieee80211_rx(local_to_hw(local), skb, &rx_status); 284 ieee80211_rx(local_to_hw(local), skb);
346 break; 285 break;
347 case IEEE80211_TX_STATUS_MSG: 286 case IEEE80211_TX_STATUS_MSG:
348 skb->pkt_type = 0; 287 skb->pkt_type = 0;
@@ -375,6 +314,31 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
375{ 314{
376 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 315 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
377 316
317 /*
318 * XXX: This is temporary!
319 *
320 * The problem here is that when we get here, the driver will
321 * quite likely have pretty much overwritten info->control by
322 * using info->driver_data or info->rate_driver_data. Thus,
323 * when passing out the frame to the driver again, we would be
324 * passing completely bogus data since the driver would then
325 * expect a properly filled info->control. In mac80211 itself
326 * the same problem occurs, since we need info->control.vif
327 * internally.
328 *
329 * To fix this, we should send the frame through TX processing
330 * again. However, it's not that simple, since the frame will
331 * have been software-encrypted (if applicable) already, and
332 * encrypting it again doesn't do much good. So to properly do
333 * that, we not only have to skip the actual 'raw' encryption
334 * (key selection etc. still has to be done!) but also the
335 * sequence number assignment since that impacts the crypto
336 * encapsulation, of course.
337 *
338 * Hence, for now, fix the bug by just dropping the frame.
339 */
340 goto drop;
341
378 sta->tx_filtered_count++; 342 sta->tx_filtered_count++;
379 343
380 /* 344 /*
@@ -428,6 +392,7 @@ static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
428 return; 392 return;
429 } 393 }
430 394
395 drop:
431#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 396#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
432 if (net_ratelimit()) 397 if (net_ratelimit())
433 printk(KERN_DEBUG "%s: dropped TX filtered frame, " 398 printk(KERN_DEBUG "%s: dropped TX filtered frame, "
@@ -685,6 +650,7 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
685 if (!wiphy) 650 if (!wiphy)
686 return NULL; 651 return NULL;
687 652
653 wiphy->netnsok = true;
688 wiphy->privid = mac80211_wiphy_privid; 654 wiphy->privid = mac80211_wiphy_privid;
689 655
690 /* Yes, putting cfg80211_bss into ieee80211_bss is a hack */ 656 /* Yes, putting cfg80211_bss into ieee80211_bss is a hack */
@@ -719,7 +685,7 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
719 mutex_init(&local->scan_mtx); 685 mutex_init(&local->scan_mtx);
720 686
721 spin_lock_init(&local->key_lock); 687 spin_lock_init(&local->key_lock);
722 688 spin_lock_init(&local->filter_lock);
723 spin_lock_init(&local->queue_stop_reason_lock); 689 spin_lock_init(&local->queue_stop_reason_lock);
724 690
725 INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work); 691 INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work);
@@ -755,30 +721,11 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
755} 721}
756EXPORT_SYMBOL(ieee80211_alloc_hw); 722EXPORT_SYMBOL(ieee80211_alloc_hw);
757 723
758static const struct net_device_ops ieee80211_master_ops = {
759 .ndo_start_xmit = ieee80211_master_start_xmit,
760 .ndo_open = ieee80211_master_open,
761 .ndo_stop = ieee80211_master_stop,
762 .ndo_set_multicast_list = ieee80211_master_set_multicast_list,
763 .ndo_select_queue = ieee80211_select_queue,
764};
765
766static void ieee80211_master_setup(struct net_device *mdev)
767{
768 mdev->type = ARPHRD_IEEE80211;
769 mdev->netdev_ops = &ieee80211_master_ops;
770 mdev->header_ops = &ieee80211_header_ops;
771 mdev->tx_queue_len = 1000;
772 mdev->addr_len = ETH_ALEN;
773}
774
775int ieee80211_register_hw(struct ieee80211_hw *hw) 724int ieee80211_register_hw(struct ieee80211_hw *hw)
776{ 725{
777 struct ieee80211_local *local = hw_to_local(hw); 726 struct ieee80211_local *local = hw_to_local(hw);
778 int result; 727 int result;
779 enum ieee80211_band band; 728 enum ieee80211_band band;
780 struct net_device *mdev;
781 struct ieee80211_master_priv *mpriv;
782 int channels, i, j, max_bitrates; 729 int channels, i, j, max_bitrates;
783 bool supp_ht; 730 bool supp_ht;
784 static const u32 cipher_suites[] = { 731 static const u32 cipher_suites[] = {
@@ -818,9 +765,9 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
818 supp_ht = supp_ht || sband->ht_cap.ht_supported; 765 supp_ht = supp_ht || sband->ht_cap.ht_supported;
819 } 766 }
820 767
821 local->int_scan_req.n_channels = channels; 768 local->int_scan_req = kzalloc(sizeof(*local->int_scan_req) +
822 local->int_scan_req.channels = kzalloc(sizeof(void *) * channels, GFP_KERNEL); 769 sizeof(void *) * channels, GFP_KERNEL);
823 if (!local->int_scan_req.channels) 770 if (!local->int_scan_req)
824 return -ENOMEM; 771 return -ENOMEM;
825 772
826 /* if low-level driver supports AP, we also support VLAN */ 773 /* if low-level driver supports AP, we also support VLAN */
@@ -877,19 +824,9 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
877 if (hw->queues > IEEE80211_MAX_QUEUES) 824 if (hw->queues > IEEE80211_MAX_QUEUES)
878 hw->queues = IEEE80211_MAX_QUEUES; 825 hw->queues = IEEE80211_MAX_QUEUES;
879 826
880 mdev = alloc_netdev_mq(sizeof(struct ieee80211_master_priv), 827 local->workqueue =
881 "wmaster%d", ieee80211_master_setup,
882 hw->queues);
883 if (!mdev)
884 goto fail_mdev_alloc;
885
886 mpriv = netdev_priv(mdev);
887 mpriv->local = local;
888 local->mdev = mdev;
889
890 local->hw.workqueue =
891 create_singlethread_workqueue(wiphy_name(local->hw.wiphy)); 828 create_singlethread_workqueue(wiphy_name(local->hw.wiphy));
892 if (!local->hw.workqueue) { 829 if (!local->workqueue) {
893 result = -ENOMEM; 830 result = -ENOMEM;
894 goto fail_workqueue; 831 goto fail_workqueue;
895 } 832 }
@@ -921,17 +858,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
921 } 858 }
922 859
923 rtnl_lock(); 860 rtnl_lock();
924 result = dev_alloc_name(local->mdev, local->mdev->name);
925 if (result < 0)
926 goto fail_dev;
927
928 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
929 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
930 local->mdev->features |= NETIF_F_NETNS_LOCAL;
931
932 result = register_netdevice(local->mdev);
933 if (result < 0)
934 goto fail_dev;
935 861
936 result = ieee80211_init_rate_ctrl_alg(local, 862 result = ieee80211_init_rate_ctrl_alg(local,
937 hw->rate_control_algorithm); 863 hw->rate_control_algorithm);
@@ -956,13 +882,13 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
956 882
957 /* alloc internal scan request */ 883 /* alloc internal scan request */
958 i = 0; 884 i = 0;
959 local->int_scan_req.ssids = &local->scan_ssid; 885 local->int_scan_req->ssids = &local->scan_ssid;
960 local->int_scan_req.n_ssids = 1; 886 local->int_scan_req->n_ssids = 1;
961 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 887 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
962 if (!hw->wiphy->bands[band]) 888 if (!hw->wiphy->bands[band])
963 continue; 889 continue;
964 for (j = 0; j < hw->wiphy->bands[band]->n_channels; j++) { 890 for (j = 0; j < hw->wiphy->bands[band]->n_channels; j++) {
965 local->int_scan_req.channels[i] = 891 local->int_scan_req->channels[i] =
966 &hw->wiphy->bands[band]->channels[j]; 892 &hw->wiphy->bands[band]->channels[j];
967 i++; 893 i++;
968 } 894 }
@@ -984,23 +910,17 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
984 ieee80211_led_exit(local); 910 ieee80211_led_exit(local);
985 ieee80211_remove_interfaces(local); 911 ieee80211_remove_interfaces(local);
986 fail_rate: 912 fail_rate:
987 unregister_netdevice(local->mdev);
988 local->mdev = NULL;
989 fail_dev:
990 rtnl_unlock(); 913 rtnl_unlock();
991 ieee80211_wep_free(local); 914 ieee80211_wep_free(local);
992 fail_wep: 915 fail_wep:
993 sta_info_stop(local); 916 sta_info_stop(local);
994 fail_sta_info: 917 fail_sta_info:
995 debugfs_hw_del(local); 918 debugfs_hw_del(local);
996 destroy_workqueue(local->hw.workqueue); 919 destroy_workqueue(local->workqueue);
997 fail_workqueue: 920 fail_workqueue:
998 if (local->mdev)
999 free_netdev(local->mdev);
1000 fail_mdev_alloc:
1001 wiphy_unregister(local->hw.wiphy); 921 wiphy_unregister(local->hw.wiphy);
1002 fail_wiphy_register: 922 fail_wiphy_register:
1003 kfree(local->int_scan_req.channels); 923 kfree(local->int_scan_req->channels);
1004 return result; 924 return result;
1005} 925}
1006EXPORT_SYMBOL(ieee80211_register_hw); 926EXPORT_SYMBOL(ieee80211_register_hw);
@@ -1022,13 +942,8 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1022 * because the driver cannot be handing us frames any 942 * because the driver cannot be handing us frames any
1023 * more and the tasklet is killed. 943 * more and the tasklet is killed.
1024 */ 944 */
1025
1026 /* First, we remove all virtual interfaces. */
1027 ieee80211_remove_interfaces(local); 945 ieee80211_remove_interfaces(local);
1028 946
1029 /* then, finally, remove the master interface */
1030 unregister_netdevice(local->mdev);
1031
1032 rtnl_unlock(); 947 rtnl_unlock();
1033 948
1034 ieee80211_clear_tx_pending(local); 949 ieee80211_clear_tx_pending(local);
@@ -1043,12 +958,11 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw)
1043 skb_queue_purge(&local->skb_queue); 958 skb_queue_purge(&local->skb_queue);
1044 skb_queue_purge(&local->skb_queue_unreliable); 959 skb_queue_purge(&local->skb_queue_unreliable);
1045 960
1046 destroy_workqueue(local->hw.workqueue); 961 destroy_workqueue(local->workqueue);
1047 wiphy_unregister(local->hw.wiphy); 962 wiphy_unregister(local->hw.wiphy);
1048 ieee80211_wep_free(local); 963 ieee80211_wep_free(local);
1049 ieee80211_led_exit(local); 964 ieee80211_led_exit(local);
1050 free_netdev(local->mdev); 965 kfree(local->int_scan_req);
1051 kfree(local->int_scan_req.channels);
1052} 966}
1053EXPORT_SYMBOL(ieee80211_unregister_hw); 967EXPORT_SYMBOL(ieee80211_unregister_hw);
1054 968
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 11cf45bce38a..3185e18c8214 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -47,14 +47,14 @@ static void ieee80211_mesh_housekeeping_timer(unsigned long data)
47 struct ieee80211_local *local = sdata->local; 47 struct ieee80211_local *local = sdata->local;
48 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 48 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
49 49
50 ifmsh->housekeeping = true; 50 ifmsh->wrkq_flags |= MESH_WORK_HOUSEKEEPING;
51 51
52 if (local->quiescing) { 52 if (local->quiescing) {
53 set_bit(TMR_RUNNING_HK, &ifmsh->timers_running); 53 set_bit(TMR_RUNNING_HK, &ifmsh->timers_running);
54 return; 54 return;
55 } 55 }
56 56
57 queue_work(local->hw.workqueue, &ifmsh->work); 57 ieee80211_queue_work(&local->hw, &ifmsh->work);
58} 58}
59 59
60/** 60/**
@@ -320,30 +320,6 @@ struct mesh_table *mesh_table_alloc(int size_order)
320 return newtbl; 320 return newtbl;
321} 321}
322 322
323static void __mesh_table_free(struct mesh_table *tbl)
324{
325 kfree(tbl->hash_buckets);
326 kfree(tbl->hashwlock);
327 kfree(tbl);
328}
329
330void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
331{
332 struct hlist_head *mesh_hash;
333 struct hlist_node *p, *q;
334 int i;
335
336 mesh_hash = tbl->hash_buckets;
337 for (i = 0; i <= tbl->hash_mask; i++) {
338 spin_lock(&tbl->hashwlock[i]);
339 hlist_for_each_safe(p, q, &mesh_hash[i]) {
340 tbl->free_node(p, free_leafs);
341 atomic_dec(&tbl->entries);
342 }
343 spin_unlock(&tbl->hashwlock[i]);
344 }
345 __mesh_table_free(tbl);
346}
347 323
348static void ieee80211_mesh_path_timer(unsigned long data) 324static void ieee80211_mesh_path_timer(unsigned long data)
349{ 325{
@@ -357,63 +333,79 @@ static void ieee80211_mesh_path_timer(unsigned long data)
357 return; 333 return;
358 } 334 }
359 335
360 queue_work(local->hw.workqueue, &ifmsh->work); 336 ieee80211_queue_work(&local->hw, &ifmsh->work);
361} 337}
362 338
363struct mesh_table *mesh_table_grow(struct mesh_table *tbl) 339/**
364{ 340 * ieee80211_fill_mesh_addresses - fill addresses of a locally originated mesh frame
365 struct mesh_table *newtbl; 341 * @hdr: 802.11 frame header
366 struct hlist_head *oldhash; 342 * @fc: frame control field
367 struct hlist_node *p, *q; 343 * @meshda: destination address in the mesh
368 int i; 344 * @meshsa: source address address in the mesh. Same as TA, as frame is
369 345 * locally originated.
370 if (atomic_read(&tbl->entries) 346 *
371 < tbl->mean_chain_len * (tbl->hash_mask + 1)) 347 * Return the length of the 802.11 (does not include a mesh control header)
372 goto endgrow; 348 */
373 349int ieee80211_fill_mesh_addresses(struct ieee80211_hdr *hdr, __le16 *fc, char
374 newtbl = mesh_table_alloc(tbl->size_order + 1); 350 *meshda, char *meshsa) {
375 if (!newtbl) 351 if (is_multicast_ether_addr(meshda)) {
376 goto endgrow; 352 *fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS);
377 353 /* DA TA SA */
378 newtbl->free_node = tbl->free_node; 354 memcpy(hdr->addr1, meshda, ETH_ALEN);
379 newtbl->mean_chain_len = tbl->mean_chain_len; 355 memcpy(hdr->addr2, meshsa, ETH_ALEN);
380 newtbl->copy_node = tbl->copy_node; 356 memcpy(hdr->addr3, meshsa, ETH_ALEN);
381 atomic_set(&newtbl->entries, atomic_read(&tbl->entries)); 357 return 24;
382 358 } else {
383 oldhash = tbl->hash_buckets; 359 *fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS |
384 for (i = 0; i <= tbl->hash_mask; i++) 360 IEEE80211_FCTL_TODS);
385 hlist_for_each(p, &oldhash[i]) 361 /* RA TA DA SA */
386 if (tbl->copy_node(p, newtbl) < 0) 362 memset(hdr->addr1, 0, ETH_ALEN); /* RA is resolved later */
387 goto errcopy; 363 memcpy(hdr->addr2, meshsa, ETH_ALEN);
388 364 memcpy(hdr->addr3, meshda, ETH_ALEN);
389 return newtbl; 365 memcpy(hdr->addr4, meshsa, ETH_ALEN);
390 366 return 30;
391errcopy:
392 for (i = 0; i <= newtbl->hash_mask; i++) {
393 hlist_for_each_safe(p, q, &newtbl->hash_buckets[i])
394 tbl->free_node(p, 0);
395 } 367 }
396 __mesh_table_free(newtbl);
397endgrow:
398 return NULL;
399} 368}
400 369
401/** 370/**
402 * ieee80211_new_mesh_header - create a new mesh header 371 * ieee80211_new_mesh_header - create a new mesh header
403 * @meshhdr: uninitialized mesh header 372 * @meshhdr: uninitialized mesh header
404 * @sdata: mesh interface to be used 373 * @sdata: mesh interface to be used
374 * @addr4: addr4 of the mesh frame (1st in ae header)
375 * may be NULL
376 * @addr5: addr5 of the mesh frame (1st or 2nd in ae header)
377 * may be NULL unless addr6 is present
378 * @addr6: addr6 of the mesh frame (2nd or 3rd in ae header)
379 * may be NULL unless addr5 is present
405 * 380 *
406 * Return the header length. 381 * Return the header length.
407 */ 382 */
408int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr, 383int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
409 struct ieee80211_sub_if_data *sdata) 384 struct ieee80211_sub_if_data *sdata, char *addr4,
385 char *addr5, char *addr6)
410{ 386{
411 meshhdr->flags = 0; 387 int aelen = 0;
388 memset(meshhdr, 0, sizeof(meshhdr));
412 meshhdr->ttl = sdata->u.mesh.mshcfg.dot11MeshTTL; 389 meshhdr->ttl = sdata->u.mesh.mshcfg.dot11MeshTTL;
413 put_unaligned(cpu_to_le32(sdata->u.mesh.mesh_seqnum), &meshhdr->seqnum); 390 put_unaligned(cpu_to_le32(sdata->u.mesh.mesh_seqnum), &meshhdr->seqnum);
414 sdata->u.mesh.mesh_seqnum++; 391 sdata->u.mesh.mesh_seqnum++;
415 392 if (addr4) {
416 return 6; 393 meshhdr->flags |= MESH_FLAGS_AE_A4;
394 aelen += ETH_ALEN;
395 memcpy(meshhdr->eaddr1, addr4, ETH_ALEN);
396 }
397 if (addr5 && addr6) {
398 meshhdr->flags |= MESH_FLAGS_AE_A5_A6;
399 aelen += 2 * ETH_ALEN;
400 if (!addr4) {
401 memcpy(meshhdr->eaddr1, addr5, ETH_ALEN);
402 memcpy(meshhdr->eaddr2, addr6, ETH_ALEN);
403 } else {
404 memcpy(meshhdr->eaddr2, addr5, ETH_ALEN);
405 memcpy(meshhdr->eaddr3, addr6, ETH_ALEN);
406 }
407 }
408 return 6 + aelen;
417} 409}
418 410
419static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata, 411static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata,
@@ -433,7 +425,6 @@ static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata,
433 if (free_plinks != sdata->u.mesh.accepting_plinks) 425 if (free_plinks != sdata->u.mesh.accepting_plinks)
434 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON); 426 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
435 427
436 ifmsh->housekeeping = false;
437 mod_timer(&ifmsh->housekeeping_timer, 428 mod_timer(&ifmsh->housekeeping_timer,
438 round_jiffies(jiffies + IEEE80211_MESH_HOUSEKEEPING_INTERVAL)); 429 round_jiffies(jiffies + IEEE80211_MESH_HOUSEKEEPING_INTERVAL));
439} 430}
@@ -470,10 +461,12 @@ void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
470 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 461 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
471 struct ieee80211_local *local = sdata->local; 462 struct ieee80211_local *local = sdata->local;
472 463
473 ifmsh->housekeeping = true; 464 ifmsh->wrkq_flags |= MESH_WORK_HOUSEKEEPING;
474 queue_work(local->hw.workqueue, &ifmsh->work); 465 ieee80211_queue_work(&local->hw, &ifmsh->work);
466 sdata->vif.bss_conf.beacon_int = MESH_DEFAULT_BEACON_INTERVAL;
475 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON | 467 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON |
476 BSS_CHANGED_BEACON_ENABLED); 468 BSS_CHANGED_BEACON_ENABLED |
469 BSS_CHANGED_BEACON_INT);
477} 470}
478 471
479void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata) 472void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
@@ -568,7 +561,7 @@ static void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
568 561
569 ifmsh = &sdata->u.mesh; 562 ifmsh = &sdata->u.mesh;
570 563
571 rx_status = (struct ieee80211_rx_status *) skb->cb; 564 rx_status = IEEE80211_SKB_RXCB(skb);
572 mgmt = (struct ieee80211_mgmt *) skb->data; 565 mgmt = (struct ieee80211_mgmt *) skb->data;
573 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; 566 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
574 567
@@ -597,7 +590,7 @@ static void ieee80211_mesh_work(struct work_struct *work)
597 if (!netif_running(sdata->dev)) 590 if (!netif_running(sdata->dev))
598 return; 591 return;
599 592
600 if (local->sw_scanning || local->hw_scanning) 593 if (local->scanning)
601 return; 594 return;
602 595
603 while ((skb = skb_dequeue(&ifmsh->skb_queue))) 596 while ((skb = skb_dequeue(&ifmsh->skb_queue)))
@@ -608,7 +601,13 @@ static void ieee80211_mesh_work(struct work_struct *work)
608 ifmsh->last_preq + msecs_to_jiffies(ifmsh->mshcfg.dot11MeshHWMPpreqMinInterval))) 601 ifmsh->last_preq + msecs_to_jiffies(ifmsh->mshcfg.dot11MeshHWMPpreqMinInterval)))
609 mesh_path_start_discovery(sdata); 602 mesh_path_start_discovery(sdata);
610 603
611 if (ifmsh->housekeeping) 604 if (test_and_clear_bit(MESH_WORK_GROW_MPATH_TABLE, &ifmsh->wrkq_flags))
605 mesh_mpath_table_grow();
606
607 if (test_and_clear_bit(MESH_WORK_GROW_MPATH_TABLE, &ifmsh->wrkq_flags))
608 mesh_mpp_table_grow();
609
610 if (test_and_clear_bit(MESH_WORK_HOUSEKEEPING, &ifmsh->wrkq_flags))
612 ieee80211_mesh_housekeeping(sdata, ifmsh); 611 ieee80211_mesh_housekeeping(sdata, ifmsh);
613} 612}
614 613
@@ -619,7 +618,7 @@ void ieee80211_mesh_notify_scan_completed(struct ieee80211_local *local)
619 rcu_read_lock(); 618 rcu_read_lock();
620 list_for_each_entry_rcu(sdata, &local->interfaces, list) 619 list_for_each_entry_rcu(sdata, &local->interfaces, list)
621 if (ieee80211_vif_is_mesh(&sdata->vif)) 620 if (ieee80211_vif_is_mesh(&sdata->vif))
622 queue_work(local->hw.workqueue, &sdata->u.mesh.work); 621 ieee80211_queue_work(&local->hw, &sdata->u.mesh.work);
623 rcu_read_unlock(); 622 rcu_read_unlock();
624} 623}
625 624
@@ -671,8 +670,7 @@ void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
671} 670}
672 671
673ieee80211_rx_result 672ieee80211_rx_result
674ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 673ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
675 struct ieee80211_rx_status *rx_status)
676{ 674{
677 struct ieee80211_local *local = sdata->local; 675 struct ieee80211_local *local = sdata->local;
678 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 676 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
@@ -686,12 +684,14 @@ ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
686 fc = le16_to_cpu(mgmt->frame_control); 684 fc = le16_to_cpu(mgmt->frame_control);
687 685
688 switch (fc & IEEE80211_FCTL_STYPE) { 686 switch (fc & IEEE80211_FCTL_STYPE) {
687 case IEEE80211_STYPE_ACTION:
688 if (skb->len < IEEE80211_MIN_ACTION_SIZE)
689 return RX_DROP_MONITOR;
690 /* fall through */
689 case IEEE80211_STYPE_PROBE_RESP: 691 case IEEE80211_STYPE_PROBE_RESP:
690 case IEEE80211_STYPE_BEACON: 692 case IEEE80211_STYPE_BEACON:
691 case IEEE80211_STYPE_ACTION:
692 memcpy(skb->cb, rx_status, sizeof(*rx_status));
693 skb_queue_tail(&ifmsh->skb_queue, skb); 693 skb_queue_tail(&ifmsh->skb_queue, skb);
694 queue_work(local->hw.workqueue, &ifmsh->work); 694 ieee80211_queue_work(&local->hw, &ifmsh->work);
695 return RX_QUEUED; 695 return RX_QUEUED;
696 } 696 }
697 697
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index c7d72819cdd2..eb23fc639b2b 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -44,6 +44,23 @@ enum mesh_path_flags {
44}; 44};
45 45
46/** 46/**
47 * enum mesh_deferred_task_flags - mac80211 mesh deferred tasks
48 *
49 *
50 *
51 * @MESH_WORK_HOUSEKEEPING: run the periodic mesh housekeeping tasks
52 * @MESH_WORK_GROW_MPATH_TABLE: the mesh path table is full and needs
53 * to grow.
54 * @MESH_WORK_GROW_MPP_TABLE: the mesh portals table is full and needs to
55 * grow
56 */
57enum mesh_deferred_task_flags {
58 MESH_WORK_HOUSEKEEPING,
59 MESH_WORK_GROW_MPATH_TABLE,
60 MESH_WORK_GROW_MPP_TABLE,
61};
62
63/**
47 * struct mesh_path - mac80211 mesh path structure 64 * struct mesh_path - mac80211 mesh path structure
48 * 65 *
49 * @dst: mesh path destination mac address 66 * @dst: mesh path destination mac address
@@ -61,7 +78,7 @@ enum mesh_path_flags {
61 * retry 78 * retry
62 * @discovery_retries: number of discovery retries 79 * @discovery_retries: number of discovery retries
63 * @flags: mesh path flags, as specified on &enum mesh_path_flags 80 * @flags: mesh path flags, as specified on &enum mesh_path_flags
64 * @state_lock: mesh pat state lock 81 * @state_lock: mesh path state lock
65 * 82 *
66 * 83 *
67 * The combination of dst and sdata is unique in the mesh path table. Since the 84 * The combination of dst and sdata is unique in the mesh path table. Since the
@@ -174,6 +191,7 @@ struct mesh_rmc {
174 */ 191 */
175#define MESH_PATH_REFRESH_TIME 1000 192#define MESH_PATH_REFRESH_TIME 1000
176#define MESH_MIN_DISCOVERY_TIMEOUT (2 * MESH_DIAM_TRAVERSAL_TIME) 193#define MESH_MIN_DISCOVERY_TIMEOUT (2 * MESH_DIAM_TRAVERSAL_TIME)
194#define MESH_DEFAULT_BEACON_INTERVAL 1000 /* in 1024 us units */
177 195
178#define MESH_MAX_PREQ_RETRIES 4 196#define MESH_MAX_PREQ_RETRIES 4
179#define MESH_PATH_EXPIRE (600 * HZ) 197#define MESH_PATH_EXPIRE (600 * HZ)
@@ -193,8 +211,11 @@ struct mesh_rmc {
193 211
194/* Public interfaces */ 212/* Public interfaces */
195/* Various */ 213/* Various */
214int ieee80211_fill_mesh_addresses(struct ieee80211_hdr *hdr, __le16 *fc,
215 char *da, char *sa);
196int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr, 216int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
197 struct ieee80211_sub_if_data *sdata); 217 struct ieee80211_sub_if_data *sdata, char *addr4,
218 char *addr5, char *addr6);
198int mesh_rmc_check(u8 *addr, struct ieee80211s_hdr *mesh_hdr, 219int mesh_rmc_check(u8 *addr, struct ieee80211s_hdr *mesh_hdr,
199 struct ieee80211_sub_if_data *sdata); 220 struct ieee80211_sub_if_data *sdata);
200bool mesh_matches_local(struct ieee802_11_elems *ie, 221bool mesh_matches_local(struct ieee802_11_elems *ie,
@@ -208,8 +229,7 @@ void ieee80211s_init(void);
208void ieee80211s_stop(void); 229void ieee80211s_stop(void);
209void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata); 230void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata);
210ieee80211_rx_result 231ieee80211_rx_result
211ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 232ieee80211_mesh_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb);
212 struct ieee80211_rx_status *rx_status);
213void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata); 233void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata);
214void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata); 234void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata);
215 235
@@ -247,7 +267,8 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata,
247/* Mesh tables */ 267/* Mesh tables */
248struct mesh_table *mesh_table_alloc(int size_order); 268struct mesh_table *mesh_table_alloc(int size_order);
249void mesh_table_free(struct mesh_table *tbl, bool free_leafs); 269void mesh_table_free(struct mesh_table *tbl, bool free_leafs);
250struct mesh_table *mesh_table_grow(struct mesh_table *tbl); 270void mesh_mpath_table_grow(void);
271void mesh_mpp_table_grow(void);
251u32 mesh_table_hash(u8 *addr, struct ieee80211_sub_if_data *sdata, 272u32 mesh_table_hash(u8 *addr, struct ieee80211_sub_if_data *sdata,
252 struct mesh_table *tbl); 273 struct mesh_table *tbl);
253/* Mesh paths */ 274/* Mesh paths */
@@ -266,6 +287,8 @@ void mesh_path_discard_frame(struct sk_buff *skb,
266void mesh_path_quiesce(struct ieee80211_sub_if_data *sdata); 287void mesh_path_quiesce(struct ieee80211_sub_if_data *sdata);
267void mesh_path_restart(struct ieee80211_sub_if_data *sdata); 288void mesh_path_restart(struct ieee80211_sub_if_data *sdata);
268 289
290extern int mesh_paths_generation;
291
269#ifdef CONFIG_MAC80211_MESH 292#ifdef CONFIG_MAC80211_MESH
270extern int mesh_allocated; 293extern int mesh_allocated;
271 294
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index f49ef288e2e2..ef1efd362691 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -397,7 +397,8 @@ static u32 hwmp_route_info_get(struct ieee80211_sub_if_data *sdata,
397 397
398static void hwmp_preq_frame_process(struct ieee80211_sub_if_data *sdata, 398static void hwmp_preq_frame_process(struct ieee80211_sub_if_data *sdata,
399 struct ieee80211_mgmt *mgmt, 399 struct ieee80211_mgmt *mgmt,
400 u8 *preq_elem, u32 metric) { 400 u8 *preq_elem, u32 metric)
401{
401 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 402 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
402 struct mesh_path *mpath; 403 struct mesh_path *mpath;
403 u8 *dst_addr, *orig_addr; 404 u8 *dst_addr, *orig_addr;
@@ -430,7 +431,7 @@ static void hwmp_preq_frame_process(struct ieee80211_sub_if_data *sdata,
430 if ((!(mpath->flags & MESH_PATH_DSN_VALID)) || 431 if ((!(mpath->flags & MESH_PATH_DSN_VALID)) ||
431 DSN_LT(mpath->dsn, dst_dsn)) { 432 DSN_LT(mpath->dsn, dst_dsn)) {
432 mpath->dsn = dst_dsn; 433 mpath->dsn = dst_dsn;
433 mpath->flags &= MESH_PATH_DSN_VALID; 434 mpath->flags |= MESH_PATH_DSN_VALID;
434 } else if ((!(dst_flags & MP_F_DO)) && 435 } else if ((!(dst_flags & MP_F_DO)) &&
435 (mpath->flags & MESH_PATH_ACTIVE)) { 436 (mpath->flags & MESH_PATH_ACTIVE)) {
436 reply = true; 437 reply = true;
@@ -660,14 +661,14 @@ static void mesh_queue_preq(struct mesh_path *mpath, u8 flags)
660 spin_unlock(&ifmsh->mesh_preq_queue_lock); 661 spin_unlock(&ifmsh->mesh_preq_queue_lock);
661 662
662 if (time_after(jiffies, ifmsh->last_preq + min_preq_int_jiff(sdata))) 663 if (time_after(jiffies, ifmsh->last_preq + min_preq_int_jiff(sdata)))
663 queue_work(sdata->local->hw.workqueue, &ifmsh->work); 664 ieee80211_queue_work(&sdata->local->hw, &ifmsh->work);
664 665
665 else if (time_before(jiffies, ifmsh->last_preq)) { 666 else if (time_before(jiffies, ifmsh->last_preq)) {
666 /* avoid long wait if did not send preqs for a long time 667 /* avoid long wait if did not send preqs for a long time
667 * and jiffies wrapped around 668 * and jiffies wrapped around
668 */ 669 */
669 ifmsh->last_preq = jiffies - min_preq_int_jiff(sdata) - 1; 670 ifmsh->last_preq = jiffies - min_preq_int_jiff(sdata) - 1;
670 queue_work(sdata->local->hw.workqueue, &ifmsh->work); 671 ieee80211_queue_work(&sdata->local->hw, &ifmsh->work);
671 } else 672 } else
672 mod_timer(&ifmsh->mesh_path_timer, ifmsh->last_preq + 673 mod_timer(&ifmsh->mesh_path_timer, ifmsh->last_preq +
673 min_preq_int_jiff(sdata)); 674 min_preq_int_jiff(sdata));
@@ -686,11 +687,11 @@ void mesh_path_start_discovery(struct ieee80211_sub_if_data *sdata)
686 u8 ttl, dst_flags; 687 u8 ttl, dst_flags;
687 u32 lifetime; 688 u32 lifetime;
688 689
689 spin_lock(&ifmsh->mesh_preq_queue_lock); 690 spin_lock_bh(&ifmsh->mesh_preq_queue_lock);
690 if (!ifmsh->preq_queue_len || 691 if (!ifmsh->preq_queue_len ||
691 time_before(jiffies, ifmsh->last_preq + 692 time_before(jiffies, ifmsh->last_preq +
692 min_preq_int_jiff(sdata))) { 693 min_preq_int_jiff(sdata))) {
693 spin_unlock(&ifmsh->mesh_preq_queue_lock); 694 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock);
694 return; 695 return;
695 } 696 }
696 697
@@ -698,7 +699,7 @@ void mesh_path_start_discovery(struct ieee80211_sub_if_data *sdata)
698 struct mesh_preq_queue, list); 699 struct mesh_preq_queue, list);
699 list_del(&preq_node->list); 700 list_del(&preq_node->list);
700 --ifmsh->preq_queue_len; 701 --ifmsh->preq_queue_len;
701 spin_unlock(&ifmsh->mesh_preq_queue_lock); 702 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock);
702 703
703 rcu_read_lock(); 704 rcu_read_lock();
704 mpath = mesh_path_lookup(preq_node->dst, sdata); 705 mpath = mesh_path_lookup(preq_node->dst, sdata);
@@ -784,7 +785,6 @@ int mesh_nexthop_lookup(struct sk_buff *skb,
784 mesh_path_add(dst_addr, sdata); 785 mesh_path_add(dst_addr, sdata);
785 mpath = mesh_path_lookup(dst_addr, sdata); 786 mpath = mesh_path_lookup(dst_addr, sdata);
786 if (!mpath) { 787 if (!mpath) {
787 dev_kfree_skb(skb);
788 sdata->u.mesh.mshstats.dropped_frames_no_route++; 788 sdata->u.mesh.mshstats.dropped_frames_no_route++;
789 err = -ENOSPC; 789 err = -ENOSPC;
790 goto endlookup; 790 goto endlookup;
@@ -792,7 +792,7 @@ int mesh_nexthop_lookup(struct sk_buff *skb,
792 } 792 }
793 793
794 if (mpath->flags & MESH_PATH_ACTIVE) { 794 if (mpath->flags & MESH_PATH_ACTIVE) {
795 if (time_after(jiffies, mpath->exp_time - 795 if (time_after(jiffies, mpath->exp_time +
796 msecs_to_jiffies(sdata->u.mesh.mshcfg.path_refresh_time)) 796 msecs_to_jiffies(sdata->u.mesh.mshcfg.path_refresh_time))
797 && !memcmp(sdata->dev->dev_addr, hdr->addr4, 797 && !memcmp(sdata->dev->dev_addr, hdr->addr4,
798 ETH_ALEN) 798 ETH_ALEN)
@@ -804,17 +804,17 @@ int mesh_nexthop_lookup(struct sk_buff *skb,
804 memcpy(hdr->addr1, mpath->next_hop->sta.addr, 804 memcpy(hdr->addr1, mpath->next_hop->sta.addr,
805 ETH_ALEN); 805 ETH_ALEN);
806 } else { 806 } else {
807 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
807 if (!(mpath->flags & MESH_PATH_RESOLVING)) { 808 if (!(mpath->flags & MESH_PATH_RESOLVING)) {
808 /* Start discovery only if it is not running yet */ 809 /* Start discovery only if it is not running yet */
809 mesh_queue_preq(mpath, PREQ_Q_F_START); 810 mesh_queue_preq(mpath, PREQ_Q_F_START);
810 } 811 }
811 812
812 if (skb_queue_len(&mpath->frame_queue) >= 813 if (skb_queue_len(&mpath->frame_queue) >=
813 MESH_FRAME_QUEUE_LEN) { 814 MESH_FRAME_QUEUE_LEN)
814 skb_to_free = mpath->frame_queue.next; 815 skb_to_free = skb_dequeue(&mpath->frame_queue);
815 skb_unlink(skb_to_free, &mpath->frame_queue);
816 }
817 816
817 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
818 skb_queue_tail(&mpath->frame_queue, skb); 818 skb_queue_tail(&mpath->frame_queue, skb);
819 if (skb_to_free) 819 if (skb_to_free)
820 mesh_path_discard_frame(skb_to_free, sdata); 820 mesh_path_discard_frame(skb_to_free, sdata);
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
index 479597e88583..751c4d0e2b36 100644
--- a/net/mac80211/mesh_pathtbl.c
+++ b/net/mac80211/mesh_pathtbl.c
@@ -38,6 +38,71 @@ struct mpath_node {
38static struct mesh_table *mesh_paths; 38static struct mesh_table *mesh_paths;
39static struct mesh_table *mpp_paths; /* Store paths for MPP&MAP */ 39static struct mesh_table *mpp_paths; /* Store paths for MPP&MAP */
40 40
41int mesh_paths_generation;
42static void __mesh_table_free(struct mesh_table *tbl)
43{
44 kfree(tbl->hash_buckets);
45 kfree(tbl->hashwlock);
46 kfree(tbl);
47}
48
49void mesh_table_free(struct mesh_table *tbl, bool free_leafs)
50{
51 struct hlist_head *mesh_hash;
52 struct hlist_node *p, *q;
53 int i;
54
55 mesh_hash = tbl->hash_buckets;
56 for (i = 0; i <= tbl->hash_mask; i++) {
57 spin_lock(&tbl->hashwlock[i]);
58 hlist_for_each_safe(p, q, &mesh_hash[i]) {
59 tbl->free_node(p, free_leafs);
60 atomic_dec(&tbl->entries);
61 }
62 spin_unlock(&tbl->hashwlock[i]);
63 }
64 __mesh_table_free(tbl);
65}
66
67static struct mesh_table *mesh_table_grow(struct mesh_table *tbl)
68{
69 struct mesh_table *newtbl;
70 struct hlist_head *oldhash;
71 struct hlist_node *p, *q;
72 int i;
73
74 if (atomic_read(&tbl->entries)
75 < tbl->mean_chain_len * (tbl->hash_mask + 1))
76 goto endgrow;
77
78 newtbl = mesh_table_alloc(tbl->size_order + 1);
79 if (!newtbl)
80 goto endgrow;
81
82 newtbl->free_node = tbl->free_node;
83 newtbl->mean_chain_len = tbl->mean_chain_len;
84 newtbl->copy_node = tbl->copy_node;
85 atomic_set(&newtbl->entries, atomic_read(&tbl->entries));
86
87 oldhash = tbl->hash_buckets;
88 for (i = 0; i <= tbl->hash_mask; i++)
89 hlist_for_each(p, &oldhash[i])
90 if (tbl->copy_node(p, newtbl) < 0)
91 goto errcopy;
92
93 return newtbl;
94
95errcopy:
96 for (i = 0; i <= newtbl->hash_mask; i++) {
97 hlist_for_each_safe(p, q, &newtbl->hash_buckets[i])
98 tbl->free_node(p, 0);
99 }
100 __mesh_table_free(newtbl);
101endgrow:
102 return NULL;
103}
104
105
41/* This lock will have the grow table function as writer and add / delete nodes 106/* This lock will have the grow table function as writer and add / delete nodes
42 * as readers. When reading the table (i.e. doing lookups) we are well protected 107 * as readers. When reading the table (i.e. doing lookups) we are well protected
43 * by RCU 108 * by RCU
@@ -55,7 +120,25 @@ static DEFINE_RWLOCK(pathtbl_resize_lock);
55 */ 120 */
56void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta) 121void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta)
57{ 122{
123 struct sk_buff *skb;
124 struct ieee80211_hdr *hdr;
125 struct sk_buff_head tmpq;
126 unsigned long flags;
127
58 rcu_assign_pointer(mpath->next_hop, sta); 128 rcu_assign_pointer(mpath->next_hop, sta);
129
130 __skb_queue_head_init(&tmpq);
131
132 spin_lock_irqsave(&mpath->frame_queue.lock, flags);
133
134 while ((skb = __skb_dequeue(&mpath->frame_queue)) != NULL) {
135 hdr = (struct ieee80211_hdr *) skb->data;
136 memcpy(hdr->addr1, sta->sta.addr, ETH_ALEN);
137 __skb_queue_tail(&tmpq, skb);
138 }
139
140 skb_queue_splice(&tmpq, &mpath->frame_queue);
141 spin_unlock_irqrestore(&mpath->frame_queue.lock, flags);
59} 142}
60 143
61 144
@@ -167,6 +250,8 @@ struct mesh_path *mesh_path_lookup_by_idx(int idx, struct ieee80211_sub_if_data
167 */ 250 */
168int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata) 251int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata)
169{ 252{
253 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
254 struct ieee80211_local *local = sdata->local;
170 struct mesh_path *mpath, *new_mpath; 255 struct mesh_path *mpath, *new_mpath;
171 struct mpath_node *node, *new_node; 256 struct mpath_node *node, *new_node;
172 struct hlist_head *bucket; 257 struct hlist_head *bucket;
@@ -175,8 +260,6 @@ int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata)
175 int err = 0; 260 int err = 0;
176 u32 hash_idx; 261 u32 hash_idx;
177 262
178 might_sleep();
179
180 if (memcmp(dst, sdata->dev->dev_addr, ETH_ALEN) == 0) 263 if (memcmp(dst, sdata->dev->dev_addr, ETH_ALEN) == 0)
181 /* never add ourselves as neighbours */ 264 /* never add ourselves as neighbours */
182 return -ENOTSUPP; 265 return -ENOTSUPP;
@@ -188,11 +271,11 @@ int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata)
188 return -ENOSPC; 271 return -ENOSPC;
189 272
190 err = -ENOMEM; 273 err = -ENOMEM;
191 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL); 274 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_ATOMIC);
192 if (!new_mpath) 275 if (!new_mpath)
193 goto err_path_alloc; 276 goto err_path_alloc;
194 277
195 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL); 278 new_node = kmalloc(sizeof(struct mpath_node), GFP_ATOMIC);
196 if (!new_node) 279 if (!new_node)
197 goto err_node_alloc; 280 goto err_node_alloc;
198 281
@@ -225,23 +308,13 @@ int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata)
225 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1)) 308 mesh_paths->mean_chain_len * (mesh_paths->hash_mask + 1))
226 grow = 1; 309 grow = 1;
227 310
311 mesh_paths_generation++;
312
228 spin_unlock(&mesh_paths->hashwlock[hash_idx]); 313 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
229 read_unlock(&pathtbl_resize_lock); 314 read_unlock(&pathtbl_resize_lock);
230 if (grow) { 315 if (grow) {
231 struct mesh_table *oldtbl, *newtbl; 316 set_bit(MESH_WORK_GROW_MPATH_TABLE, &ifmsh->wrkq_flags);
232 317 ieee80211_queue_work(&local->hw, &ifmsh->work);
233 write_lock(&pathtbl_resize_lock);
234 oldtbl = mesh_paths;
235 newtbl = mesh_table_grow(mesh_paths);
236 if (!newtbl) {
237 write_unlock(&pathtbl_resize_lock);
238 return 0;
239 }
240 rcu_assign_pointer(mesh_paths, newtbl);
241 write_unlock(&pathtbl_resize_lock);
242
243 synchronize_rcu();
244 mesh_table_free(oldtbl, false);
245 } 318 }
246 return 0; 319 return 0;
247 320
@@ -256,9 +329,46 @@ err_path_alloc:
256 return err; 329 return err;
257} 330}
258 331
332void mesh_mpath_table_grow(void)
333{
334 struct mesh_table *oldtbl, *newtbl;
335
336 write_lock(&pathtbl_resize_lock);
337 oldtbl = mesh_paths;
338 newtbl = mesh_table_grow(mesh_paths);
339 if (!newtbl) {
340 write_unlock(&pathtbl_resize_lock);
341 return;
342 }
343 rcu_assign_pointer(mesh_paths, newtbl);
344 write_unlock(&pathtbl_resize_lock);
345
346 synchronize_rcu();
347 mesh_table_free(oldtbl, false);
348}
349
350void mesh_mpp_table_grow(void)
351{
352 struct mesh_table *oldtbl, *newtbl;
353
354 write_lock(&pathtbl_resize_lock);
355 oldtbl = mpp_paths;
356 newtbl = mesh_table_grow(mpp_paths);
357 if (!newtbl) {
358 write_unlock(&pathtbl_resize_lock);
359 return;
360 }
361 rcu_assign_pointer(mpp_paths, newtbl);
362 write_unlock(&pathtbl_resize_lock);
363
364 synchronize_rcu();
365 mesh_table_free(oldtbl, false);
366}
259 367
260int mpp_path_add(u8 *dst, u8 *mpp, struct ieee80211_sub_if_data *sdata) 368int mpp_path_add(u8 *dst, u8 *mpp, struct ieee80211_sub_if_data *sdata)
261{ 369{
370 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
371 struct ieee80211_local *local = sdata->local;
262 struct mesh_path *mpath, *new_mpath; 372 struct mesh_path *mpath, *new_mpath;
263 struct mpath_node *node, *new_node; 373 struct mpath_node *node, *new_node;
264 struct hlist_head *bucket; 374 struct hlist_head *bucket;
@@ -267,8 +377,6 @@ int mpp_path_add(u8 *dst, u8 *mpp, struct ieee80211_sub_if_data *sdata)
267 int err = 0; 377 int err = 0;
268 u32 hash_idx; 378 u32 hash_idx;
269 379
270 might_sleep();
271
272 if (memcmp(dst, sdata->dev->dev_addr, ETH_ALEN) == 0) 380 if (memcmp(dst, sdata->dev->dev_addr, ETH_ALEN) == 0)
273 /* never add ourselves as neighbours */ 381 /* never add ourselves as neighbours */
274 return -ENOTSUPP; 382 return -ENOTSUPP;
@@ -277,11 +385,11 @@ int mpp_path_add(u8 *dst, u8 *mpp, struct ieee80211_sub_if_data *sdata)
277 return -ENOTSUPP; 385 return -ENOTSUPP;
278 386
279 err = -ENOMEM; 387 err = -ENOMEM;
280 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_KERNEL); 388 new_mpath = kzalloc(sizeof(struct mesh_path), GFP_ATOMIC);
281 if (!new_mpath) 389 if (!new_mpath)
282 goto err_path_alloc; 390 goto err_path_alloc;
283 391
284 new_node = kmalloc(sizeof(struct mpath_node), GFP_KERNEL); 392 new_node = kmalloc(sizeof(struct mpath_node), GFP_ATOMIC);
285 if (!new_node) 393 if (!new_node)
286 goto err_node_alloc; 394 goto err_node_alloc;
287 395
@@ -315,20 +423,8 @@ int mpp_path_add(u8 *dst, u8 *mpp, struct ieee80211_sub_if_data *sdata)
315 spin_unlock(&mpp_paths->hashwlock[hash_idx]); 423 spin_unlock(&mpp_paths->hashwlock[hash_idx]);
316 read_unlock(&pathtbl_resize_lock); 424 read_unlock(&pathtbl_resize_lock);
317 if (grow) { 425 if (grow) {
318 struct mesh_table *oldtbl, *newtbl; 426 set_bit(MESH_WORK_GROW_MPP_TABLE, &ifmsh->wrkq_flags);
319 427 ieee80211_queue_work(&local->hw, &ifmsh->work);
320 write_lock(&pathtbl_resize_lock);
321 oldtbl = mpp_paths;
322 newtbl = mesh_table_grow(mpp_paths);
323 if (!newtbl) {
324 write_unlock(&pathtbl_resize_lock);
325 return 0;
326 }
327 rcu_assign_pointer(mpp_paths, newtbl);
328 write_unlock(&pathtbl_resize_lock);
329
330 synchronize_rcu();
331 mesh_table_free(oldtbl, false);
332 } 428 }
333 return 0; 429 return 0;
334 430
@@ -466,6 +562,7 @@ int mesh_path_del(u8 *addr, struct ieee80211_sub_if_data *sdata)
466 562
467 err = -ENXIO; 563 err = -ENXIO;
468enddel: 564enddel:
565 mesh_paths_generation++;
469 spin_unlock(&mesh_paths->hashwlock[hash_idx]); 566 spin_unlock(&mesh_paths->hashwlock[hash_idx]);
470 read_unlock(&pathtbl_resize_lock); 567 read_unlock(&pathtbl_resize_lock);
471 return err; 568 return err;
@@ -481,11 +578,9 @@ enddel:
481 */ 578 */
482void mesh_path_tx_pending(struct mesh_path *mpath) 579void mesh_path_tx_pending(struct mesh_path *mpath)
483{ 580{
484 struct sk_buff *skb; 581 if (mpath->flags & MESH_PATH_ACTIVE)
485 582 ieee80211_add_pending_skbs(mpath->sdata->local,
486 while ((skb = skb_dequeue(&mpath->frame_queue)) && 583 &mpath->frame_queue);
487 (mpath->flags & MESH_PATH_ACTIVE))
488 dev_queue_xmit(skb);
489} 584}
490 585
491/** 586/**
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index cb14253587f1..ffcbad75e09b 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -409,7 +409,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
409 baselen = (u8 *) mgmt->u.action.u.plink_action.variable - (u8 *) mgmt; 409 baselen = (u8 *) mgmt->u.action.u.plink_action.variable - (u8 *) mgmt;
410 if (mgmt->u.action.u.plink_action.action_code == PLINK_CONFIRM) { 410 if (mgmt->u.action.u.plink_action.action_code == PLINK_CONFIRM) {
411 baseaddr += 4; 411 baseaddr += 4;
412 baselen -= 4; 412 baselen += 4;
413 } 413 }
414 ieee802_11_parse_elems(baseaddr, len - baselen, &elems); 414 ieee802_11_parse_elems(baseaddr, len - baselen, &elems);
415 if (!elems.peer_link) { 415 if (!elems.peer_link) {
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 07e7e41816be..c374d2d73fa4 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -27,43 +27,99 @@
27#include "rate.h" 27#include "rate.h"
28#include "led.h" 28#include "led.h"
29 29
30#define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
31#define IEEE80211_AUTH_TIMEOUT (HZ / 5) 30#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
32#define IEEE80211_AUTH_MAX_TRIES 3 31#define IEEE80211_AUTH_MAX_TRIES 3
33#define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 32#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
34#define IEEE80211_ASSOC_MAX_TRIES 3 33#define IEEE80211_ASSOC_MAX_TRIES 3
35#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 34#define IEEE80211_MAX_PROBE_TRIES 5
36#define IEEE80211_PROBE_WAIT (HZ / 5) 35
37#define IEEE80211_PROBE_IDLE_TIME (60 * HZ) 36/*
38#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 37 * beacon loss detection timeout
38 * XXX: should depend on beacon interval
39 */
40#define IEEE80211_BEACON_LOSS_TIME (2 * HZ)
41/*
42 * Time the connection can be idle before we probe
43 * it to see if we can still talk to the AP.
44 */
45#define IEEE80211_CONNECTION_IDLE_TIME (30 * HZ)
46/*
47 * Time we wait for a probe response after sending
48 * a probe request because of beacon loss or for
49 * checking the connection still works.
50 */
51#define IEEE80211_PROBE_WAIT (HZ / 2)
39 52
40#define TMR_RUNNING_TIMER 0 53#define TMR_RUNNING_TIMER 0
41#define TMR_RUNNING_CHANSW 1 54#define TMR_RUNNING_CHANSW 1
42 55
56/*
57 * All cfg80211 functions have to be called outside a locked
58 * section so that they can acquire a lock themselves... This
59 * is much simpler than queuing up things in cfg80211, but we
60 * do need some indirection for that here.
61 */
62enum rx_mgmt_action {
63 /* no action required */
64 RX_MGMT_NONE,
65
66 /* caller must call cfg80211_send_rx_auth() */
67 RX_MGMT_CFG80211_AUTH,
68
69 /* caller must call cfg80211_send_rx_assoc() */
70 RX_MGMT_CFG80211_ASSOC,
71
72 /* caller must call cfg80211_send_deauth() */
73 RX_MGMT_CFG80211_DEAUTH,
74
75 /* caller must call cfg80211_send_disassoc() */
76 RX_MGMT_CFG80211_DISASSOC,
77
78 /* caller must call cfg80211_auth_timeout() & free work */
79 RX_MGMT_CFG80211_AUTH_TO,
80
81 /* caller must call cfg80211_assoc_timeout() & free work */
82 RX_MGMT_CFG80211_ASSOC_TO,
83};
84
43/* utils */ 85/* utils */
44static int ecw2cw(int ecw) 86static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd)
45{ 87{
46 return (1 << ecw) - 1; 88 WARN_ON(!mutex_is_locked(&ifmgd->mtx));
47} 89}
48 90
49static u8 *ieee80211_bss_get_ie(struct ieee80211_bss *bss, u8 ie) 91/*
92 * We can have multiple work items (and connection probing)
93 * scheduling this timer, but we need to take care to only
94 * reschedule it when it should fire _earlier_ than it was
95 * asked for before, or if it's not pending right now. This
96 * function ensures that. Note that it then is required to
97 * run this function for all timeouts after the first one
98 * has happened -- the work that runs from this timer will
99 * do that.
100 */
101static void run_again(struct ieee80211_if_managed *ifmgd,
102 unsigned long timeout)
50{ 103{
51 u8 *end, *pos; 104 ASSERT_MGD_MTX(ifmgd);
52 105
53 pos = bss->cbss.information_elements; 106 if (!timer_pending(&ifmgd->timer) ||
54 if (pos == NULL) 107 time_before(timeout, ifmgd->timer.expires))
55 return NULL; 108 mod_timer(&ifmgd->timer, timeout);
56 end = pos + bss->cbss.len_information_elements; 109}
57 110
58 while (pos + 1 < end) { 111static void mod_beacon_timer(struct ieee80211_sub_if_data *sdata)
59 if (pos + 2 + pos[1] > end) 112{
60 break; 113 if (sdata->local->hw.flags & IEEE80211_HW_BEACON_FILTER)
61 if (pos[0] == ie) 114 return;
62 return pos;
63 pos += 2 + pos[1];
64 }
65 115
66 return NULL; 116 mod_timer(&sdata->u.mgd.bcn_mon_timer,
117 round_jiffies_up(jiffies + IEEE80211_BEACON_LOSS_TIME));
118}
119
120static int ecw2cw(int ecw)
121{
122 return (1 << ecw) - 1;
67} 123}
68 124
69static int ieee80211_compatible_rates(struct ieee80211_bss *bss, 125static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
@@ -94,11 +150,10 @@ static int ieee80211_compatible_rates(struct ieee80211_bss *bss,
94 */ 150 */
95static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata, 151static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
96 struct ieee80211_ht_info *hti, 152 struct ieee80211_ht_info *hti,
97 u16 ap_ht_cap_flags) 153 const u8 *bssid, u16 ap_ht_cap_flags)
98{ 154{
99 struct ieee80211_local *local = sdata->local; 155 struct ieee80211_local *local = sdata->local;
100 struct ieee80211_supported_band *sband; 156 struct ieee80211_supported_band *sband;
101 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
102 struct sta_info *sta; 157 struct sta_info *sta;
103 u32 changed = 0; 158 u32 changed = 0;
104 u16 ht_opmode; 159 u16 ht_opmode;
@@ -147,12 +202,10 @@ static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
147 ieee80211_hw_config(local, 0); 202 ieee80211_hw_config(local, 0);
148 203
149 rcu_read_lock(); 204 rcu_read_lock();
150 205 sta = sta_info_get(local, bssid);
151 sta = sta_info_get(local, ifmgd->bssid);
152 if (sta) 206 if (sta)
153 rate_control_rate_update(local, sband, sta, 207 rate_control_rate_update(local, sband, sta,
154 IEEE80211_RC_HT_CHANGED); 208 IEEE80211_RC_HT_CHANGED);
155
156 rcu_read_unlock(); 209 rcu_read_unlock();
157 } 210 }
158 211
@@ -175,23 +228,24 @@ static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
175 228
176/* frame sending functions */ 229/* frame sending functions */
177 230
178static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 231static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
232 struct ieee80211_mgd_work *wk)
179{ 233{
180 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 234 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
181 struct ieee80211_local *local = sdata->local; 235 struct ieee80211_local *local = sdata->local;
182 struct sk_buff *skb; 236 struct sk_buff *skb;
183 struct ieee80211_mgmt *mgmt; 237 struct ieee80211_mgmt *mgmt;
184 u8 *pos, *ies, *ht_ie; 238 u8 *pos;
239 const u8 *ies, *ht_ie;
185 int i, len, count, rates_len, supp_rates_len; 240 int i, len, count, rates_len, supp_rates_len;
186 u16 capab; 241 u16 capab;
187 struct ieee80211_bss *bss;
188 int wmm = 0; 242 int wmm = 0;
189 struct ieee80211_supported_band *sband; 243 struct ieee80211_supported_band *sband;
190 u32 rates = 0; 244 u32 rates = 0;
191 245
192 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 246 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
193 sizeof(*mgmt) + 200 + ifmgd->extra_ie_len + 247 sizeof(*mgmt) + 200 + wk->ie_len +
194 ifmgd->ssid_len); 248 wk->ssid_len);
195 if (!skb) { 249 if (!skb) {
196 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc " 250 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
197 "frame\n", sdata->dev->name); 251 "frame\n", sdata->dev->name);
@@ -210,45 +264,35 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
210 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; 264 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
211 } 265 }
212 266
213 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 267 if (wk->bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
214 local->hw.conf.channel->center_freq, 268 capab |= WLAN_CAPABILITY_PRIVACY;
215 ifmgd->ssid, ifmgd->ssid_len); 269 if (wk->bss->wmm_used)
216 if (bss) { 270 wmm = 1;
217 if (bss->cbss.capability & WLAN_CAPABILITY_PRIVACY)
218 capab |= WLAN_CAPABILITY_PRIVACY;
219 if (bss->wmm_used)
220 wmm = 1;
221 271
222 /* get all rates supported by the device and the AP as 272 /* get all rates supported by the device and the AP as
223 * some APs don't like getting a superset of their rates 273 * some APs don't like getting a superset of their rates
224 * in the association request (e.g. D-Link DAP 1353 in 274 * in the association request (e.g. D-Link DAP 1353 in
225 * b-only mode) */ 275 * b-only mode) */
226 rates_len = ieee80211_compatible_rates(bss, sband, &rates); 276 rates_len = ieee80211_compatible_rates(wk->bss, sband, &rates);
227 277
228 if ((bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) && 278 if ((wk->bss->cbss.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
229 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT)) 279 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
230 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT; 280 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
231
232 ieee80211_rx_bss_put(local, bss);
233 } else {
234 rates = ~0;
235 rates_len = sband->n_bitrates;
236 }
237 281
238 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 282 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
239 memset(mgmt, 0, 24); 283 memset(mgmt, 0, 24);
240 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN); 284 memcpy(mgmt->da, wk->bss->cbss.bssid, ETH_ALEN);
241 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 285 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
242 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN); 286 memcpy(mgmt->bssid, wk->bss->cbss.bssid, ETH_ALEN);
243 287
244 if (ifmgd->flags & IEEE80211_STA_PREV_BSSID_SET) { 288 if (!is_zero_ether_addr(wk->prev_bssid)) {
245 skb_put(skb, 10); 289 skb_put(skb, 10);
246 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 290 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
247 IEEE80211_STYPE_REASSOC_REQ); 291 IEEE80211_STYPE_REASSOC_REQ);
248 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 292 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
249 mgmt->u.reassoc_req.listen_interval = 293 mgmt->u.reassoc_req.listen_interval =
250 cpu_to_le16(local->hw.conf.listen_interval); 294 cpu_to_le16(local->hw.conf.listen_interval);
251 memcpy(mgmt->u.reassoc_req.current_ap, ifmgd->prev_bssid, 295 memcpy(mgmt->u.reassoc_req.current_ap, wk->prev_bssid,
252 ETH_ALEN); 296 ETH_ALEN);
253 } else { 297 } else {
254 skb_put(skb, 4); 298 skb_put(skb, 4);
@@ -260,10 +304,10 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
260 } 304 }
261 305
262 /* SSID */ 306 /* SSID */
263 ies = pos = skb_put(skb, 2 + ifmgd->ssid_len); 307 ies = pos = skb_put(skb, 2 + wk->ssid_len);
264 *pos++ = WLAN_EID_SSID; 308 *pos++ = WLAN_EID_SSID;
265 *pos++ = ifmgd->ssid_len; 309 *pos++ = wk->ssid_len;
266 memcpy(pos, ifmgd->ssid, ifmgd->ssid_len); 310 memcpy(pos, wk->ssid, wk->ssid_len);
267 311
268 /* add all rates which were marked to be used above */ 312 /* add all rates which were marked to be used above */
269 supp_rates_len = rates_len; 313 supp_rates_len = rates_len;
@@ -318,9 +362,9 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
318 } 362 }
319 } 363 }
320 364
321 if (ifmgd->extra_ie) { 365 if (wk->ie_len && wk->ie) {
322 pos = skb_put(skb, ifmgd->extra_ie_len); 366 pos = skb_put(skb, wk->ie_len);
323 memcpy(pos, ifmgd->extra_ie, ifmgd->extra_ie_len); 367 memcpy(pos, wk->ie, wk->ie_len);
324 } 368 }
325 369
326 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) { 370 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED)) {
@@ -345,9 +389,9 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
345 */ 389 */
346 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) && 390 if (wmm && (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
347 sband->ht_cap.ht_supported && 391 sband->ht_cap.ht_supported &&
348 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && 392 (ht_ie = ieee80211_bss_get_ie(&wk->bss->cbss, WLAN_EID_HT_INFORMATION)) &&
349 ht_ie[1] >= sizeof(struct ieee80211_ht_info) && 393 ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
350 (!(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))) { 394 (!(ifmgd->flags & IEEE80211_STA_DISABLE_11N))) {
351 struct ieee80211_ht_info *ht_info = 395 struct ieee80211_ht_info *ht_info =
352 (struct ieee80211_ht_info *)(ht_ie + 2); 396 (struct ieee80211_ht_info *)(ht_ie + 2);
353 u16 cap = sband->ht_cap.cap; 397 u16 cap = sband->ht_cap.cap;
@@ -382,18 +426,13 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
382 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs)); 426 memcpy(pos, &sband->ht_cap.mcs, sizeof(sband->ht_cap.mcs));
383 } 427 }
384 428
385 kfree(ifmgd->assocreq_ies);
386 ifmgd->assocreq_ies_len = (skb->data + skb->len) - ies;
387 ifmgd->assocreq_ies = kmalloc(ifmgd->assocreq_ies_len, GFP_KERNEL);
388 if (ifmgd->assocreq_ies)
389 memcpy(ifmgd->assocreq_ies, ies, ifmgd->assocreq_ies_len);
390
391 ieee80211_tx_skb(sdata, skb, 0); 429 ieee80211_tx_skb(sdata, skb, 0);
392} 430}
393 431
394 432
395static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata, 433static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
396 u16 stype, u16 reason) 434 const u8 *bssid, u16 stype, u16 reason,
435 void *cookie)
397{ 436{
398 struct ieee80211_local *local = sdata->local; 437 struct ieee80211_local *local = sdata->local;
399 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 438 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
@@ -410,18 +449,18 @@ static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
410 449
411 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 450 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
412 memset(mgmt, 0, 24); 451 memset(mgmt, 0, 24);
413 memcpy(mgmt->da, ifmgd->bssid, ETH_ALEN); 452 memcpy(mgmt->da, bssid, ETH_ALEN);
414 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 453 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
415 memcpy(mgmt->bssid, ifmgd->bssid, ETH_ALEN); 454 memcpy(mgmt->bssid, bssid, ETH_ALEN);
416 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype); 455 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
417 skb_put(skb, 2); 456 skb_put(skb, 2);
418 /* u.deauth.reason_code == u.disassoc.reason_code */ 457 /* u.deauth.reason_code == u.disassoc.reason_code */
419 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 458 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
420 459
421 if (stype == IEEE80211_STYPE_DEAUTH) 460 if (stype == IEEE80211_STYPE_DEAUTH)
422 cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, skb->len); 461 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len, cookie);
423 else 462 else
424 cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, skb->len); 463 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len, cookie);
425 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED); 464 ieee80211_tx_skb(sdata, skb, ifmgd->flags & IEEE80211_STA_MFP_ENABLED);
426} 465}
427 466
@@ -494,28 +533,26 @@ static void ieee80211_chswitch_work(struct work_struct *work)
494{ 533{
495 struct ieee80211_sub_if_data *sdata = 534 struct ieee80211_sub_if_data *sdata =
496 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work); 535 container_of(work, struct ieee80211_sub_if_data, u.mgd.chswitch_work);
497 struct ieee80211_bss *bss;
498 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 536 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
499 537
500 if (!netif_running(sdata->dev)) 538 if (!netif_running(sdata->dev))
501 return; 539 return;
502 540
503 bss = ieee80211_rx_bss_get(sdata->local, ifmgd->bssid, 541 mutex_lock(&ifmgd->mtx);
504 sdata->local->hw.conf.channel->center_freq, 542 if (!ifmgd->associated)
505 ifmgd->ssid, ifmgd->ssid_len); 543 goto out;
506 if (!bss)
507 goto exit;
508 544
509 sdata->local->oper_channel = sdata->local->csa_channel; 545 sdata->local->oper_channel = sdata->local->csa_channel;
546 ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL);
547
510 /* XXX: shouldn't really modify cfg80211-owned data! */ 548 /* XXX: shouldn't really modify cfg80211-owned data! */
511 if (!ieee80211_hw_config(sdata->local, IEEE80211_CONF_CHANGE_CHANNEL)) 549 ifmgd->associated->cbss.channel = sdata->local->oper_channel;
512 bss->cbss.channel = sdata->local->oper_channel;
513 550
514 ieee80211_rx_bss_put(sdata->local, bss);
515exit:
516 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
517 ieee80211_wake_queues_by_reason(&sdata->local->hw, 551 ieee80211_wake_queues_by_reason(&sdata->local->hw,
518 IEEE80211_QUEUE_STOP_REASON_CSA); 552 IEEE80211_QUEUE_STOP_REASON_CSA);
553 out:
554 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
555 mutex_unlock(&ifmgd->mtx);
519} 556}
520 557
521static void ieee80211_chswitch_timer(unsigned long data) 558static void ieee80211_chswitch_timer(unsigned long data)
@@ -529,7 +566,7 @@ static void ieee80211_chswitch_timer(unsigned long data)
529 return; 566 return;
530 } 567 }
531 568
532 queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work); 569 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
533} 570}
534 571
535void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata, 572void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
@@ -540,10 +577,12 @@ void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
540 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 577 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
541 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num); 578 int new_freq = ieee80211_channel_to_frequency(sw_elem->new_ch_num);
542 579
543 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATED) 580 ASSERT_MGD_MTX(ifmgd);
581
582 if (!ifmgd->associated)
544 return; 583 return;
545 584
546 if (sdata->local->sw_scanning || sdata->local->hw_scanning) 585 if (sdata->local->scanning)
547 return; 586 return;
548 587
549 /* Disregard subsequent beacons if we are already running a timer 588 /* Disregard subsequent beacons if we are already running a timer
@@ -559,7 +598,7 @@ void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
559 sdata->local->csa_channel = new_ch; 598 sdata->local->csa_channel = new_ch;
560 599
561 if (sw_elem->count <= 1) { 600 if (sw_elem->count <= 1) {
562 queue_work(sdata->local->hw.workqueue, &ifmgd->chswitch_work); 601 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
563 } else { 602 } else {
564 ieee80211_stop_queues_by_reason(&sdata->local->hw, 603 ieee80211_stop_queues_by_reason(&sdata->local->hw,
565 IEEE80211_QUEUE_STOP_REASON_CSA); 604 IEEE80211_QUEUE_STOP_REASON_CSA);
@@ -601,7 +640,7 @@ static void ieee80211_enable_ps(struct ieee80211_local *local,
601 * If we are scanning right now then the parameters will 640 * If we are scanning right now then the parameters will
602 * take effect when scan finishes. 641 * take effect when scan finishes.
603 */ 642 */
604 if (local->hw_scanning || local->sw_scanning) 643 if (local->scanning)
605 return; 644 return;
606 645
607 if (conf->dynamic_ps_timeout > 0 && 646 if (conf->dynamic_ps_timeout > 0 &&
@@ -651,8 +690,9 @@ void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
651 } 690 }
652 691
653 if (count == 1 && found->u.mgd.powersave && 692 if (count == 1 && found->u.mgd.powersave &&
654 (found->u.mgd.flags & IEEE80211_STA_ASSOCIATED) && 693 found->u.mgd.associated && list_empty(&found->u.mgd.work_list) &&
655 !(found->u.mgd.flags & IEEE80211_STA_PROBEREQ_POLL)) { 694 !(found->u.mgd.flags & (IEEE80211_STA_BEACON_POLL |
695 IEEE80211_STA_CONNECTION_POLL))) {
656 s32 beaconint_us; 696 s32 beaconint_us;
657 697
658 if (latency < 0) 698 if (latency < 0)
@@ -724,7 +764,7 @@ void ieee80211_dynamic_ps_timer(unsigned long data)
724 if (local->quiescing || local->suspended) 764 if (local->quiescing || local->suspended)
725 return; 765 return;
726 766
727 queue_work(local->hw.workqueue, &local->dynamic_ps_enable_work); 767 ieee80211_queue_work(&local->hw, &local->dynamic_ps_enable_work);
728} 768}
729 769
730/* MLME */ 770/* MLME */
@@ -806,9 +846,6 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
806 u16 capab, bool erp_valid, u8 erp) 846 u16 capab, bool erp_valid, u8 erp)
807{ 847{
808 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; 848 struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;
809#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
810 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
811#endif
812 u32 changed = 0; 849 u32 changed = 0;
813 bool use_protection; 850 bool use_protection;
814 bool use_short_preamble; 851 bool use_short_preamble;
@@ -825,42 +862,16 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
825 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 862 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
826 863
827 if (use_protection != bss_conf->use_cts_prot) { 864 if (use_protection != bss_conf->use_cts_prot) {
828#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
829 if (net_ratelimit()) {
830 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=%pM)\n",
831 sdata->dev->name,
832 use_protection ? "enabled" : "disabled",
833 ifmgd->bssid);
834 }
835#endif
836 bss_conf->use_cts_prot = use_protection; 865 bss_conf->use_cts_prot = use_protection;
837 changed |= BSS_CHANGED_ERP_CTS_PROT; 866 changed |= BSS_CHANGED_ERP_CTS_PROT;
838 } 867 }
839 868
840 if (use_short_preamble != bss_conf->use_short_preamble) { 869 if (use_short_preamble != bss_conf->use_short_preamble) {
841#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
842 if (net_ratelimit()) {
843 printk(KERN_DEBUG "%s: switched to %s barker preamble"
844 " (BSSID=%pM)\n",
845 sdata->dev->name,
846 use_short_preamble ? "short" : "long",
847 ifmgd->bssid);
848 }
849#endif
850 bss_conf->use_short_preamble = use_short_preamble; 870 bss_conf->use_short_preamble = use_short_preamble;
851 changed |= BSS_CHANGED_ERP_PREAMBLE; 871 changed |= BSS_CHANGED_ERP_PREAMBLE;
852 } 872 }
853 873
854 if (use_short_slot != bss_conf->use_short_slot) { 874 if (use_short_slot != bss_conf->use_short_slot) {
855#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
856 if (net_ratelimit()) {
857 printk(KERN_DEBUG "%s: switched to %s slot time"
858 " (BSSID=%pM)\n",
859 sdata->dev->name,
860 use_short_slot ? "short" : "long",
861 ifmgd->bssid);
862 }
863#endif
864 bss_conf->use_short_slot = use_short_slot; 875 bss_conf->use_short_slot = use_short_slot;
865 changed |= BSS_CHANGED_ERP_SLOT; 876 changed |= BSS_CHANGED_ERP_SLOT;
866 } 877 }
@@ -868,105 +879,31 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
868 return changed; 879 return changed;
869} 880}
870 881
871static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata)
872{
873 union iwreq_data wrqu;
874
875 memset(&wrqu, 0, sizeof(wrqu));
876 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED)
877 memcpy(wrqu.ap_addr.sa_data, sdata->u.mgd.bssid, ETH_ALEN);
878 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
879 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
880}
881
882static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata)
883{
884 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
885 char *buf;
886 size_t len;
887 int i;
888 union iwreq_data wrqu;
889
890 if (!ifmgd->assocreq_ies && !ifmgd->assocresp_ies)
891 return;
892
893 buf = kmalloc(50 + 2 * (ifmgd->assocreq_ies_len +
894 ifmgd->assocresp_ies_len), GFP_KERNEL);
895 if (!buf)
896 return;
897
898 len = sprintf(buf, "ASSOCINFO(");
899 if (ifmgd->assocreq_ies) {
900 len += sprintf(buf + len, "ReqIEs=");
901 for (i = 0; i < ifmgd->assocreq_ies_len; i++) {
902 len += sprintf(buf + len, "%02x",
903 ifmgd->assocreq_ies[i]);
904 }
905 }
906 if (ifmgd->assocresp_ies) {
907 if (ifmgd->assocreq_ies)
908 len += sprintf(buf + len, " ");
909 len += sprintf(buf + len, "RespIEs=");
910 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
911 len += sprintf(buf + len, "%02x",
912 ifmgd->assocresp_ies[i]);
913 }
914 }
915 len += sprintf(buf + len, ")");
916
917 if (len > IW_CUSTOM_MAX) {
918 len = sprintf(buf, "ASSOCRESPIE=");
919 for (i = 0; i < ifmgd->assocresp_ies_len; i++) {
920 len += sprintf(buf + len, "%02x",
921 ifmgd->assocresp_ies[i]);
922 }
923 }
924
925 if (len <= IW_CUSTOM_MAX) {
926 memset(&wrqu, 0, sizeof(wrqu));
927 wrqu.data.length = len;
928 wireless_send_event(sdata->dev, IWEVCUSTOM, &wrqu, buf);
929 }
930
931 kfree(buf);
932}
933
934
935static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata, 882static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
883 struct ieee80211_mgd_work *wk,
936 u32 bss_info_changed) 884 u32 bss_info_changed)
937{ 885{
938 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
939 struct ieee80211_local *local = sdata->local; 886 struct ieee80211_local *local = sdata->local;
940 struct ieee80211_conf *conf = &local_to_hw(local)->conf; 887 struct ieee80211_bss *bss = wk->bss;
941
942 struct ieee80211_bss *bss;
943 888
944 bss_info_changed |= BSS_CHANGED_ASSOC; 889 bss_info_changed |= BSS_CHANGED_ASSOC;
945 ifmgd->flags |= IEEE80211_STA_ASSOCIATED; 890 /* set timing information */
891 sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
892 sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
893 sdata->vif.bss_conf.dtim_period = bss->dtim_period;
946 894
947 bss = ieee80211_rx_bss_get(local, ifmgd->bssid, 895 bss_info_changed |= BSS_CHANGED_BEACON_INT;
948 conf->channel->center_freq, 896 bss_info_changed |= ieee80211_handle_bss_capability(sdata,
949 ifmgd->ssid, ifmgd->ssid_len); 897 bss->cbss.capability, bss->has_erp_value, bss->erp_value);
950 if (bss) {
951 /* set timing information */
952 sdata->vif.bss_conf.beacon_int = bss->cbss.beacon_interval;
953 sdata->vif.bss_conf.timestamp = bss->cbss.tsf;
954 sdata->vif.bss_conf.dtim_period = bss->dtim_period;
955 898
956 bss_info_changed |= BSS_CHANGED_BEACON_INT; 899 sdata->u.mgd.associated = bss;
957 bss_info_changed |= ieee80211_handle_bss_capability(sdata, 900 sdata->u.mgd.old_associate_work = wk;
958 bss->cbss.capability, bss->has_erp_value, bss->erp_value); 901 memcpy(sdata->u.mgd.bssid, bss->cbss.bssid, ETH_ALEN);
959 902
960 cfg80211_hold_bss(&bss->cbss); 903 /* just to be sure */
904 sdata->u.mgd.flags &= ~(IEEE80211_STA_CONNECTION_POLL |
905 IEEE80211_STA_BEACON_POLL);
961 906
962 ieee80211_rx_bss_put(local, bss);
963 }
964
965 ifmgd->flags |= IEEE80211_STA_PREV_BSSID_SET;
966 memcpy(ifmgd->prev_bssid, sdata->u.mgd.bssid, ETH_ALEN);
967 ieee80211_sta_send_associnfo(sdata);
968
969 ifmgd->last_probe = jiffies;
970 ieee80211_led_assoc(local, 1); 907 ieee80211_led_assoc(local, 1);
971 908
972 sdata->vif.bss_conf.assoc = 1; 909 sdata->vif.bss_conf.assoc = 1;
@@ -982,176 +919,157 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
982 919
983 ieee80211_bss_info_change_notify(sdata, bss_info_changed); 920 ieee80211_bss_info_change_notify(sdata, bss_info_changed);
984 921
985 /* will be same as sdata */ 922 mutex_lock(&local->iflist_mtx);
986 if (local->ps_sdata) { 923 ieee80211_recalc_ps(local, -1);
987 mutex_lock(&local->iflist_mtx); 924 mutex_unlock(&local->iflist_mtx);
988 ieee80211_recalc_ps(local, -1);
989 mutex_unlock(&local->iflist_mtx);
990 }
991 925
992 netif_tx_start_all_queues(sdata->dev); 926 netif_tx_start_all_queues(sdata->dev);
993 netif_carrier_on(sdata->dev); 927 netif_carrier_on(sdata->dev);
994
995 ieee80211_sta_send_apinfo(sdata);
996} 928}
997 929
998static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata) 930static enum rx_mgmt_action __must_check
931ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
932 struct ieee80211_mgd_work *wk)
999{ 933{
1000 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 934 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1001 struct ieee80211_local *local = sdata->local; 935 struct ieee80211_local *local = sdata->local;
1002 936
1003 ifmgd->direct_probe_tries++; 937 wk->tries++;
1004 if (ifmgd->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) { 938 if (wk->tries > IEEE80211_AUTH_MAX_TRIES) {
1005 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n", 939 printk(KERN_DEBUG "%s: direct probe to AP %pM timed out\n",
1006 sdata->dev->name, ifmgd->bssid); 940 sdata->dev->name, wk->bss->cbss.bssid);
1007 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1008 ieee80211_recalc_idle(local);
1009 cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid);
1010 941
1011 /* 942 /*
1012 * Most likely AP is not in the range so remove the 943 * Most likely AP is not in the range so remove the
1013 * bss information associated to the AP 944 * bss struct for that AP.
1014 */ 945 */
1015 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 946 cfg80211_unlink_bss(local->hw.wiphy, &wk->bss->cbss);
1016 sdata->local->hw.conf.channel->center_freq,
1017 ifmgd->ssid, ifmgd->ssid_len);
1018 947
1019 /* 948 /*
1020 * We might have a pending scan which had no chance to run yet 949 * We might have a pending scan which had no chance to run yet
1021 * due to state == IEEE80211_STA_MLME_DIRECT_PROBE. 950 * due to work needing to be done. Hence, queue the STAs work
1022 * Hence, queue the STAs work again 951 * again for that.
1023 */ 952 */
1024 queue_work(local->hw.workqueue, &ifmgd->work); 953 ieee80211_queue_work(&local->hw, &ifmgd->work);
1025 return; 954 return RX_MGMT_CFG80211_AUTH_TO;
1026 } 955 }
1027 956
1028 printk(KERN_DEBUG "%s: direct probe to AP %pM try %d\n", 957 printk(KERN_DEBUG "%s: direct probe to AP %pM (try %d)\n",
1029 sdata->dev->name, ifmgd->bssid, 958 sdata->dev->name, wk->bss->cbss.bssid,
1030 ifmgd->direct_probe_tries); 959 wk->tries);
1031
1032 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1033 960
1034 /* Direct probe is sent to broadcast address as some APs 961 /*
962 * Direct probe is sent to broadcast address as some APs
1035 * will not answer to direct packet in unassociated state. 963 * will not answer to direct packet in unassociated state.
1036 */ 964 */
1037 ieee80211_send_probe_req(sdata, NULL, 965 ieee80211_send_probe_req(sdata, NULL, wk->ssid, wk->ssid_len, NULL, 0);
1038 ifmgd->ssid, ifmgd->ssid_len, NULL, 0); 966
967 wk->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
968 run_again(ifmgd, wk->timeout);
1039 969
1040 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 970 return RX_MGMT_NONE;
1041} 971}
1042 972
1043 973
1044static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata) 974static enum rx_mgmt_action __must_check
975ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
976 struct ieee80211_mgd_work *wk)
1045{ 977{
1046 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 978 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1047 struct ieee80211_local *local = sdata->local; 979 struct ieee80211_local *local = sdata->local;
1048 u8 *ies;
1049 size_t ies_len;
1050 980
1051 ifmgd->auth_tries++; 981 wk->tries++;
1052 if (ifmgd->auth_tries > IEEE80211_AUTH_MAX_TRIES) { 982 if (wk->tries > IEEE80211_AUTH_MAX_TRIES) {
1053 printk(KERN_DEBUG "%s: authentication with AP %pM" 983 printk(KERN_DEBUG "%s: authentication with AP %pM"
1054 " timed out\n", 984 " timed out\n",
1055 sdata->dev->name, ifmgd->bssid); 985 sdata->dev->name, wk->bss->cbss.bssid);
1056 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 986
1057 ieee80211_recalc_idle(local); 987 /*
1058 cfg80211_send_auth_timeout(sdata->dev, ifmgd->bssid); 988 * Most likely AP is not in the range so remove the
1059 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 989 * bss struct for that AP.
1060 sdata->local->hw.conf.channel->center_freq, 990 */
1061 ifmgd->ssid, ifmgd->ssid_len); 991 cfg80211_unlink_bss(local->hw.wiphy, &wk->bss->cbss);
1062 992
1063 /* 993 /*
1064 * We might have a pending scan which had no chance to run yet 994 * We might have a pending scan which had no chance to run yet
1065 * due to state == IEEE80211_STA_MLME_AUTHENTICATE. 995 * due to work needing to be done. Hence, queue the STAs work
1066 * Hence, queue the STAs work again 996 * again for that.
1067 */ 997 */
1068 queue_work(local->hw.workqueue, &ifmgd->work); 998 ieee80211_queue_work(&local->hw, &ifmgd->work);
1069 return; 999 return RX_MGMT_CFG80211_AUTH_TO;
1070 } 1000 }
1071 1001
1072 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE; 1002 printk(KERN_DEBUG "%s: authenticate with AP %pM (try %d)\n",
1073 printk(KERN_DEBUG "%s: authenticate with AP %pM\n", 1003 sdata->dev->name, wk->bss->cbss.bssid, wk->tries);
1074 sdata->dev->name, ifmgd->bssid);
1075 1004
1076 if (ifmgd->flags & IEEE80211_STA_EXT_SME) { 1005 ieee80211_send_auth(sdata, 1, wk->auth_alg, wk->ie, wk->ie_len,
1077 ies = ifmgd->sme_auth_ie; 1006 wk->bss->cbss.bssid, NULL, 0, 0);
1078 ies_len = ifmgd->sme_auth_ie_len; 1007 wk->auth_transaction = 2;
1079 } else {
1080 ies = NULL;
1081 ies_len = 0;
1082 }
1083 ieee80211_send_auth(sdata, 1, ifmgd->auth_alg, ies, ies_len,
1084 ifmgd->bssid, 0);
1085 ifmgd->auth_transaction = 2;
1086 1008
1087 mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 1009 wk->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
1010 run_again(ifmgd, wk->timeout);
1011
1012 return RX_MGMT_NONE;
1088} 1013}
1089 1014
1090/*
1091 * The disassoc 'reason' argument can be either our own reason
1092 * if self disconnected or a reason code from the AP.
1093 */
1094static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, 1015static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1095 bool deauth, bool self_disconnected, 1016 bool deauth)
1096 u16 reason)
1097{ 1017{
1098 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1018 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1099 struct ieee80211_local *local = sdata->local; 1019 struct ieee80211_local *local = sdata->local;
1100 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
1101 struct ieee80211_bss *bss;
1102 struct sta_info *sta; 1020 struct sta_info *sta;
1103 u32 changed = 0, config_changed = 0; 1021 u32 changed = 0, config_changed = 0;
1022 u8 bssid[ETH_ALEN];
1023
1024 ASSERT_MGD_MTX(ifmgd);
1025
1026 if (WARN_ON(!ifmgd->associated))
1027 return;
1028
1029 memcpy(bssid, ifmgd->associated->cbss.bssid, ETH_ALEN);
1030
1031 ifmgd->associated = NULL;
1032 memset(ifmgd->bssid, 0, ETH_ALEN);
1104 1033
1105 if (deauth) { 1034 if (deauth) {
1106 ifmgd->direct_probe_tries = 0; 1035 kfree(ifmgd->old_associate_work);
1107 ifmgd->auth_tries = 0; 1036 ifmgd->old_associate_work = NULL;
1037 } else {
1038 struct ieee80211_mgd_work *wk = ifmgd->old_associate_work;
1039
1040 wk->state = IEEE80211_MGD_STATE_IDLE;
1041 list_add(&wk->list, &ifmgd->work_list);
1108 } 1042 }
1109 ifmgd->assoc_scan_tries = 0; 1043
1110 ifmgd->assoc_tries = 0; 1044 /*
1045 * we need to commit the associated = NULL change because the
1046 * scan code uses that to determine whether this iface should
1047 * go to/wake up from powersave or not -- and could otherwise
1048 * wake the queues erroneously.
1049 */
1050 smp_mb();
1051
1052 /*
1053 * Thus, we can only afterwards stop the queues -- to account
1054 * for the case where another CPU is finishing a scan at this
1055 * time -- we don't want the scan code to enable queues.
1056 */
1111 1057
1112 netif_tx_stop_all_queues(sdata->dev); 1058 netif_tx_stop_all_queues(sdata->dev);
1113 netif_carrier_off(sdata->dev); 1059 netif_carrier_off(sdata->dev);
1114 1060
1115 rcu_read_lock(); 1061 rcu_read_lock();
1116 sta = sta_info_get(local, ifmgd->bssid); 1062 sta = sta_info_get(local, bssid);
1117 if (sta) 1063 if (sta)
1118 ieee80211_sta_tear_down_BA_sessions(sta); 1064 ieee80211_sta_tear_down_BA_sessions(sta);
1119 rcu_read_unlock(); 1065 rcu_read_unlock();
1120 1066
1121 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
1122 conf->channel->center_freq,
1123 ifmgd->ssid, ifmgd->ssid_len);
1124
1125 if (bss) {
1126 cfg80211_unhold_bss(&bss->cbss);
1127 ieee80211_rx_bss_put(local, bss);
1128 }
1129
1130 if (self_disconnected) {
1131 if (deauth)
1132 ieee80211_send_deauth_disassoc(sdata,
1133 IEEE80211_STYPE_DEAUTH, reason);
1134 else
1135 ieee80211_send_deauth_disassoc(sdata,
1136 IEEE80211_STYPE_DISASSOC, reason);
1137 }
1138
1139 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
1140 changed |= ieee80211_reset_erp_info(sdata); 1067 changed |= ieee80211_reset_erp_info(sdata);
1141 1068
1142 ieee80211_led_assoc(local, 0); 1069 ieee80211_led_assoc(local, 0);
1143 changed |= BSS_CHANGED_ASSOC; 1070 changed |= BSS_CHANGED_ASSOC;
1144 sdata->vif.bss_conf.assoc = false; 1071 sdata->vif.bss_conf.assoc = false;
1145 1072
1146 ieee80211_sta_send_apinfo(sdata);
1147
1148 if (self_disconnected || reason == WLAN_REASON_DISASSOC_STA_HAS_LEFT) {
1149 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1150 ieee80211_rx_bss_remove(sdata, ifmgd->bssid,
1151 sdata->local->hw.conf.channel->center_freq,
1152 ifmgd->ssid, ifmgd->ssid_len);
1153 }
1154
1155 ieee80211_set_wmm_default(sdata); 1073 ieee80211_set_wmm_default(sdata);
1156 1074
1157 ieee80211_recalc_idle(local); 1075 ieee80211_recalc_idle(local);
@@ -1180,7 +1098,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1180 1098
1181 rcu_read_lock(); 1099 rcu_read_lock();
1182 1100
1183 sta = sta_info_get(local, ifmgd->bssid); 1101 sta = sta_info_get(local, bssid);
1184 if (!sta) { 1102 if (!sta) {
1185 rcu_read_unlock(); 1103 rcu_read_unlock();
1186 return; 1104 return;
@@ -1193,83 +1111,42 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1193 sta_info_destroy(sta); 1111 sta_info_destroy(sta);
1194} 1112}
1195 1113
1196static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata) 1114static enum rx_mgmt_action __must_check
1197{ 1115ieee80211_associate(struct ieee80211_sub_if_data *sdata,
1198 if (!sdata || !sdata->default_key || 1116 struct ieee80211_mgd_work *wk)
1199 sdata->default_key->conf.alg != ALG_WEP)
1200 return 0;
1201 return 1;
1202}
1203
1204static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata)
1205{
1206 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1207 struct ieee80211_local *local = sdata->local;
1208 struct ieee80211_bss *bss;
1209 int bss_privacy;
1210 int wep_privacy;
1211 int privacy_invoked;
1212
1213 if (!ifmgd || (ifmgd->flags & IEEE80211_STA_EXT_SME))
1214 return 0;
1215
1216 bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
1217 local->hw.conf.channel->center_freq,
1218 ifmgd->ssid, ifmgd->ssid_len);
1219 if (!bss)
1220 return 0;
1221
1222 bss_privacy = !!(bss->cbss.capability & WLAN_CAPABILITY_PRIVACY);
1223 wep_privacy = !!ieee80211_sta_wep_configured(sdata);
1224 privacy_invoked = !!(ifmgd->flags & IEEE80211_STA_PRIVACY_INVOKED);
1225
1226 ieee80211_rx_bss_put(local, bss);
1227
1228 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
1229 return 0;
1230
1231 return 1;
1232}
1233
1234static void ieee80211_associate(struct ieee80211_sub_if_data *sdata)
1235{ 1117{
1236 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1118 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1237 struct ieee80211_local *local = sdata->local; 1119 struct ieee80211_local *local = sdata->local;
1238 1120
1239 ifmgd->assoc_tries++; 1121 wk->tries++;
1240 if (ifmgd->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) { 1122 if (wk->tries > IEEE80211_ASSOC_MAX_TRIES) {
1241 printk(KERN_DEBUG "%s: association with AP %pM" 1123 printk(KERN_DEBUG "%s: association with AP %pM"
1242 " timed out\n", 1124 " timed out\n",
1243 sdata->dev->name, ifmgd->bssid); 1125 sdata->dev->name, wk->bss->cbss.bssid);
1244 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 1126
1245 ieee80211_recalc_idle(local); 1127 /*
1246 cfg80211_send_assoc_timeout(sdata->dev, ifmgd->bssid); 1128 * Most likely AP is not in the range so remove the
1247 ieee80211_rx_bss_remove(sdata, ifmgd->bssid, 1129 * bss struct for that AP.
1248 sdata->local->hw.conf.channel->center_freq, 1130 */
1249 ifmgd->ssid, ifmgd->ssid_len); 1131 cfg80211_unlink_bss(local->hw.wiphy, &wk->bss->cbss);
1132
1250 /* 1133 /*
1251 * We might have a pending scan which had no chance to run yet 1134 * We might have a pending scan which had no chance to run yet
1252 * due to state == IEEE80211_STA_MLME_ASSOCIATE. 1135 * due to work needing to be done. Hence, queue the STAs work
1253 * Hence, queue the STAs work again 1136 * again for that.
1254 */ 1137 */
1255 queue_work(local->hw.workqueue, &ifmgd->work); 1138 ieee80211_queue_work(&local->hw, &ifmgd->work);
1256 return; 1139 return RX_MGMT_CFG80211_ASSOC_TO;
1257 } 1140 }
1258 1141
1259 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE; 1142 printk(KERN_DEBUG "%s: associate with AP %pM (try %d)\n",
1260 printk(KERN_DEBUG "%s: associate with AP %pM\n", 1143 sdata->dev->name, wk->bss->cbss.bssid, wk->tries);
1261 sdata->dev->name, ifmgd->bssid); 1144 ieee80211_send_assoc(sdata, wk);
1262 if (ieee80211_privacy_mismatch(sdata)) {
1263 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
1264 "mixed-cell disabled - abort association\n", sdata->dev->name);
1265 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1266 ieee80211_recalc_idle(local);
1267 return;
1268 }
1269 1145
1270 ieee80211_send_assoc(sdata); 1146 wk->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT;
1147 run_again(ifmgd, wk->timeout);
1271 1148
1272 mod_timer(&ifmgd->timer, jiffies + IEEE80211_ASSOC_TIMEOUT); 1149 return RX_MGMT_NONE;
1273} 1150}
1274 1151
1275void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata, 1152void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
@@ -1280,160 +1157,113 @@ void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
1280 * from AP because we know that the connection is working both ways 1157 * from AP because we know that the connection is working both ways
1281 * at that time. But multicast frames (and hence also beacons) must 1158 * at that time. But multicast frames (and hence also beacons) must
1282 * be ignored here, because we need to trigger the timer during 1159 * be ignored here, because we need to trigger the timer during
1283 * data idle periods for sending the periodical probe request to 1160 * data idle periods for sending the periodic probe request to the
1284 * the AP. 1161 * AP we're connected to.
1285 */
1286 if (!is_multicast_ether_addr(hdr->addr1))
1287 mod_timer(&sdata->u.mgd.timer,
1288 jiffies + IEEE80211_MONITORING_INTERVAL);
1289}
1290
1291void ieee80211_beacon_loss_work(struct work_struct *work)
1292{
1293 struct ieee80211_sub_if_data *sdata =
1294 container_of(work, struct ieee80211_sub_if_data,
1295 u.mgd.beacon_loss_work);
1296 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1297
1298 /*
1299 * The driver has already reported this event and we have
1300 * already sent a probe request. Maybe the AP died and the
1301 * driver keeps reporting until we disassociate... We have
1302 * to ignore that because otherwise we would continually
1303 * reset the timer and never check whether we received a
1304 * probe response!
1305 */ 1162 */
1306 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) 1163 if (is_multicast_ether_addr(hdr->addr1))
1307 return; 1164 return;
1308 1165
1309#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1166 mod_timer(&sdata->u.mgd.conn_mon_timer,
1310 if (net_ratelimit()) { 1167 round_jiffies_up(jiffies + IEEE80211_CONNECTION_IDLE_TIME));
1311 printk(KERN_DEBUG "%s: driver reports beacon loss from AP %pM "
1312 "- sending probe request\n", sdata->dev->name,
1313 sdata->u.mgd.bssid);
1314 }
1315#endif
1316
1317 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
1318
1319 mutex_lock(&sdata->local->iflist_mtx);
1320 ieee80211_recalc_ps(sdata->local, -1);
1321 mutex_unlock(&sdata->local->iflist_mtx);
1322
1323 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
1324 ifmgd->ssid_len, NULL, 0);
1325
1326 mod_timer(&ifmgd->timer, jiffies + IEEE80211_PROBE_WAIT);
1327} 1168}
1328 1169
1329void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1170static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
1330{ 1171{
1331 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1172 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1173 const u8 *ssid;
1174
1175 ssid = ieee80211_bss_get_ie(&ifmgd->associated->cbss, WLAN_EID_SSID);
1176 ieee80211_send_probe_req(sdata, ifmgd->associated->cbss.bssid,
1177 ssid + 2, ssid[1], NULL, 0);
1332 1178
1333 queue_work(sdata->local->hw.workqueue, 1179 ifmgd->probe_send_count++;
1334 &sdata->u.mgd.beacon_loss_work); 1180 ifmgd->probe_timeout = jiffies + IEEE80211_PROBE_WAIT;
1181 run_again(ifmgd, ifmgd->probe_timeout);
1335} 1182}
1336EXPORT_SYMBOL(ieee80211_beacon_loss);
1337 1183
1338static void ieee80211_associated(struct ieee80211_sub_if_data *sdata) 1184static void ieee80211_mgd_probe_ap(struct ieee80211_sub_if_data *sdata,
1185 bool beacon)
1339{ 1186{
1340 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1187 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1341 struct ieee80211_local *local = sdata->local; 1188 bool already = false;
1342 struct sta_info *sta;
1343 unsigned long last_rx;
1344 bool disassoc = false;
1345 1189
1346 /* TODO: start monitoring current AP signal quality and number of 1190 if (!netif_running(sdata->dev))
1347 * missed beacons. Scan other channels every now and then and search 1191 return;
1348 * for better APs. */
1349 /* TODO: remove expired BSSes */
1350 1192
1351 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATED; 1193 if (sdata->local->scanning)
1194 return;
1352 1195
1353 rcu_read_lock(); 1196 mutex_lock(&ifmgd->mtx);
1354 1197
1355 sta = sta_info_get(local, ifmgd->bssid); 1198 if (!ifmgd->associated)
1356 if (!sta) {
1357 printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n",
1358 sdata->dev->name, ifmgd->bssid);
1359 disassoc = true;
1360 rcu_read_unlock();
1361 goto out; 1199 goto out;
1362 }
1363
1364 last_rx = sta->last_rx;
1365 rcu_read_unlock();
1366 1200
1367 if ((ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) && 1201#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1368 time_after(jiffies, last_rx + IEEE80211_PROBE_WAIT)) { 1202 if (beacon && net_ratelimit())
1369 printk(KERN_DEBUG "%s: no probe response from AP %pM " 1203 printk(KERN_DEBUG "%s: detected beacon loss from AP "
1370 "- disassociating\n", 1204 "- sending probe request\n", sdata->dev->name);
1371 sdata->dev->name, ifmgd->bssid); 1205#endif
1372 disassoc = true;
1373 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1374 goto out;
1375 }
1376 1206
1377 /* 1207 /*
1378 * Beacon filtering is only enabled with power save and then the 1208 * The driver/our work has already reported this event or the
1379 * stack should not check for beacon loss. 1209 * connection monitoring has kicked in and we have already sent
1210 * a probe request. Or maybe the AP died and the driver keeps
1211 * reporting until we disassociate...
1212 *
1213 * In either case we have to ignore the current call to this
1214 * function (except for setting the correct probe reason bit)
1215 * because otherwise we would reset the timer every time and
1216 * never check whether we received a probe response!
1380 */ 1217 */
1381 if (!((local->hw.flags & IEEE80211_HW_BEACON_FILTER) && 1218 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
1382 (local->hw.conf.flags & IEEE80211_CONF_PS)) && 1219 IEEE80211_STA_CONNECTION_POLL))
1383 time_after(jiffies, 1220 already = true;
1384 ifmgd->last_beacon + IEEE80211_MONITORING_INTERVAL)) { 1221
1385#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1222 if (beacon)
1386 if (net_ratelimit()) { 1223 ifmgd->flags |= IEEE80211_STA_BEACON_POLL;
1387 printk(KERN_DEBUG "%s: beacon loss from AP %pM " 1224 else
1388 "- sending probe request\n", 1225 ifmgd->flags |= IEEE80211_STA_CONNECTION_POLL;
1389 sdata->dev->name, ifmgd->bssid); 1226
1390 } 1227 if (already)
1391#endif
1392 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
1393 mutex_lock(&local->iflist_mtx);
1394 ieee80211_recalc_ps(local, -1);
1395 mutex_unlock(&local->iflist_mtx);
1396 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
1397 ifmgd->ssid_len, NULL, 0);
1398 mod_timer(&ifmgd->timer, jiffies + IEEE80211_PROBE_WAIT);
1399 goto out; 1228 goto out;
1400 }
1401 1229
1402 if (time_after(jiffies, last_rx + IEEE80211_PROBE_IDLE_TIME)) { 1230 mutex_lock(&sdata->local->iflist_mtx);
1403 ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL; 1231 ieee80211_recalc_ps(sdata->local, -1);
1404 mutex_lock(&local->iflist_mtx); 1232 mutex_unlock(&sdata->local->iflist_mtx);
1405 ieee80211_recalc_ps(local, -1);
1406 mutex_unlock(&local->iflist_mtx);
1407 ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
1408 ifmgd->ssid_len, NULL, 0);
1409 }
1410 1233
1234 ifmgd->probe_send_count = 0;
1235 ieee80211_mgd_probe_ap_send(sdata);
1411 out: 1236 out:
1412 if (!disassoc) 1237 mutex_unlock(&ifmgd->mtx);
1413 mod_timer(&ifmgd->timer,
1414 jiffies + IEEE80211_MONITORING_INTERVAL);
1415 else
1416 ieee80211_set_disassoc(sdata, true, true,
1417 WLAN_REASON_PREV_AUTH_NOT_VALID);
1418} 1238}
1419 1239
1240void ieee80211_beacon_loss_work(struct work_struct *work)
1241{
1242 struct ieee80211_sub_if_data *sdata =
1243 container_of(work, struct ieee80211_sub_if_data,
1244 u.mgd.beacon_loss_work);
1245
1246 ieee80211_mgd_probe_ap(sdata, true);
1247}
1420 1248
1421static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata) 1249void ieee80211_beacon_loss(struct ieee80211_vif *vif)
1422{ 1250{
1423 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1251 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1424 1252
1253 ieee80211_queue_work(&sdata->local->hw, &sdata->u.mgd.beacon_loss_work);
1254}
1255EXPORT_SYMBOL(ieee80211_beacon_loss);
1256
1257static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
1258 struct ieee80211_mgd_work *wk)
1259{
1260 wk->state = IEEE80211_MGD_STATE_IDLE;
1425 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name); 1261 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1426 ifmgd->flags |= IEEE80211_STA_AUTHENTICATED;
1427 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
1428 /* Wait for SME to request association */
1429 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1430 ieee80211_recalc_idle(sdata->local);
1431 } else
1432 ieee80211_associate(sdata);
1433} 1262}
1434 1263
1435 1264
1436static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata, 1265static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1266 struct ieee80211_mgd_work *wk,
1437 struct ieee80211_mgmt *mgmt, 1267 struct ieee80211_mgmt *mgmt,
1438 size_t len) 1268 size_t len)
1439{ 1269{
@@ -1444,161 +1274,133 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1444 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); 1274 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1445 if (!elems.challenge) 1275 if (!elems.challenge)
1446 return; 1276 return;
1447 ieee80211_send_auth(sdata, 3, sdata->u.mgd.auth_alg, 1277 ieee80211_send_auth(sdata, 3, wk->auth_alg,
1448 elems.challenge - 2, elems.challenge_len + 2, 1278 elems.challenge - 2, elems.challenge_len + 2,
1449 sdata->u.mgd.bssid, 1); 1279 wk->bss->cbss.bssid,
1450 sdata->u.mgd.auth_transaction = 4; 1280 wk->key, wk->key_len, wk->key_idx);
1281 wk->auth_transaction = 4;
1451} 1282}
1452 1283
1453static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, 1284static enum rx_mgmt_action __must_check
1454 struct ieee80211_mgmt *mgmt, 1285ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1455 size_t len) 1286 struct ieee80211_mgd_work *wk,
1287 struct ieee80211_mgmt *mgmt, size_t len)
1456{ 1288{
1457 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1458 u16 auth_alg, auth_transaction, status_code; 1289 u16 auth_alg, auth_transaction, status_code;
1459 1290
1460 if (ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE) 1291 if (wk->state != IEEE80211_MGD_STATE_AUTH)
1461 return; 1292 return RX_MGMT_NONE;
1462 1293
1463 if (len < 24 + 6) 1294 if (len < 24 + 6)
1464 return; 1295 return RX_MGMT_NONE;
1465 1296
1466 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0) 1297 if (memcmp(wk->bss->cbss.bssid, mgmt->sa, ETH_ALEN) != 0)
1467 return; 1298 return RX_MGMT_NONE;
1468 1299
1469 if (memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0) 1300 if (memcmp(wk->bss->cbss.bssid, mgmt->bssid, ETH_ALEN) != 0)
1470 return; 1301 return RX_MGMT_NONE;
1471 1302
1472 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 1303 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1473 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 1304 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1474 status_code = le16_to_cpu(mgmt->u.auth.status_code); 1305 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1475 1306
1476 if (auth_alg != ifmgd->auth_alg || 1307 if (auth_alg != wk->auth_alg ||
1477 auth_transaction != ifmgd->auth_transaction) 1308 auth_transaction != wk->auth_transaction)
1478 return; 1309 return RX_MGMT_NONE;
1479 1310
1480 if (status_code != WLAN_STATUS_SUCCESS) { 1311 if (status_code != WLAN_STATUS_SUCCESS) {
1481 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { 1312 list_del(&wk->list);
1482 u8 algs[3]; 1313 kfree(wk);
1483 const int num_algs = ARRAY_SIZE(algs); 1314 return RX_MGMT_CFG80211_AUTH;
1484 int i, pos;
1485 algs[0] = algs[1] = algs[2] = 0xff;
1486 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1487 algs[0] = WLAN_AUTH_OPEN;
1488 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1489 algs[1] = WLAN_AUTH_SHARED_KEY;
1490 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1491 algs[2] = WLAN_AUTH_LEAP;
1492 if (ifmgd->auth_alg == WLAN_AUTH_OPEN)
1493 pos = 0;
1494 else if (ifmgd->auth_alg == WLAN_AUTH_SHARED_KEY)
1495 pos = 1;
1496 else
1497 pos = 2;
1498 for (i = 0; i < num_algs; i++) {
1499 pos++;
1500 if (pos >= num_algs)
1501 pos = 0;
1502 if (algs[pos] == ifmgd->auth_alg ||
1503 algs[pos] == 0xff)
1504 continue;
1505 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1506 !ieee80211_sta_wep_configured(sdata))
1507 continue;
1508 ifmgd->auth_alg = algs[pos];
1509 break;
1510 }
1511 }
1512 return;
1513 } 1315 }
1514 1316
1515 switch (ifmgd->auth_alg) { 1317 switch (wk->auth_alg) {
1516 case WLAN_AUTH_OPEN: 1318 case WLAN_AUTH_OPEN:
1517 case WLAN_AUTH_LEAP: 1319 case WLAN_AUTH_LEAP:
1518 case WLAN_AUTH_FT: 1320 case WLAN_AUTH_FT:
1519 ieee80211_auth_completed(sdata); 1321 ieee80211_auth_completed(sdata, wk);
1520 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len); 1322 return RX_MGMT_CFG80211_AUTH;
1521 break;
1522 case WLAN_AUTH_SHARED_KEY: 1323 case WLAN_AUTH_SHARED_KEY:
1523 if (ifmgd->auth_transaction == 4) { 1324 if (wk->auth_transaction == 4) {
1524 ieee80211_auth_completed(sdata); 1325 ieee80211_auth_completed(sdata, wk);
1525 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, len); 1326 return RX_MGMT_CFG80211_AUTH;
1526 } else 1327 } else
1527 ieee80211_auth_challenge(sdata, mgmt, len); 1328 ieee80211_auth_challenge(sdata, wk, mgmt, len);
1528 break; 1329 break;
1529 } 1330 }
1331
1332 return RX_MGMT_NONE;
1530} 1333}
1531 1334
1532 1335
1533static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, 1336static enum rx_mgmt_action __must_check
1534 struct ieee80211_mgmt *mgmt, 1337ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
1535 size_t len) 1338 struct ieee80211_mgd_work *wk,
1339 struct ieee80211_mgmt *mgmt, size_t len)
1536{ 1340{
1537 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1341 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1342 const u8 *bssid = NULL;
1538 u16 reason_code; 1343 u16 reason_code;
1539 1344
1540 if (len < 24 + 2) 1345 if (len < 24 + 2)
1541 return; 1346 return RX_MGMT_NONE;
1542 1347
1543 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN)) 1348 ASSERT_MGD_MTX(ifmgd);
1544 return; 1349
1350 if (wk)
1351 bssid = wk->bss->cbss.bssid;
1352 else
1353 bssid = ifmgd->associated->cbss.bssid;
1545 1354
1546 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1355 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1547 1356
1548 if (ifmgd->flags & IEEE80211_STA_AUTHENTICATED) 1357 printk(KERN_DEBUG "%s: deauthenticated from %pM (Reason: %u)\n",
1549 printk(KERN_DEBUG "%s: deauthenticated (Reason: %u)\n", 1358 sdata->dev->name, bssid, reason_code);
1550 sdata->dev->name, reason_code);
1551 1359
1552 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 1360 if (!wk) {
1553 (ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE || 1361 ieee80211_set_disassoc(sdata, true);
1554 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE || 1362 } else {
1555 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)) { 1363 list_del(&wk->list);
1556 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE; 1364 kfree(wk);
1557 mod_timer(&ifmgd->timer, jiffies +
1558 IEEE80211_RETRY_AUTH_INTERVAL);
1559 } 1365 }
1560 1366
1561 ieee80211_set_disassoc(sdata, true, false, 0); 1367 return RX_MGMT_CFG80211_DEAUTH;
1562 ifmgd->flags &= ~IEEE80211_STA_AUTHENTICATED;
1563 cfg80211_send_deauth(sdata->dev, (u8 *) mgmt, len);
1564} 1368}
1565 1369
1566 1370
1567static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, 1371static enum rx_mgmt_action __must_check
1568 struct ieee80211_mgmt *mgmt, 1372ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
1569 size_t len) 1373 struct ieee80211_mgmt *mgmt, size_t len)
1570{ 1374{
1571 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1375 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1572 u16 reason_code; 1376 u16 reason_code;
1573 1377
1574 if (len < 24 + 2) 1378 if (len < 24 + 2)
1575 return; 1379 return RX_MGMT_NONE;
1576 1380
1577 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN)) 1381 ASSERT_MGD_MTX(ifmgd);
1578 return;
1579 1382
1580 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1383 if (WARN_ON(!ifmgd->associated))
1384 return RX_MGMT_NONE;
1581 1385
1582 if (ifmgd->flags & IEEE80211_STA_ASSOCIATED) 1386 if (WARN_ON(memcmp(ifmgd->associated->cbss.bssid, mgmt->sa, ETH_ALEN)))
1583 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n", 1387 return RX_MGMT_NONE;
1584 sdata->dev->name, reason_code);
1585 1388
1586 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 1389 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1587 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED) {
1588 ifmgd->state = IEEE80211_STA_MLME_ASSOCIATE;
1589 mod_timer(&ifmgd->timer, jiffies +
1590 IEEE80211_RETRY_AUTH_INTERVAL);
1591 }
1592 1390
1593 ieee80211_set_disassoc(sdata, false, false, reason_code); 1391 printk(KERN_DEBUG "%s: disassociated (Reason: %u)\n",
1594 cfg80211_send_disassoc(sdata->dev, (u8 *) mgmt, len); 1392 sdata->dev->name, reason_code);
1393
1394 ieee80211_set_disassoc(sdata, false);
1395 return RX_MGMT_CFG80211_DISASSOC;
1595} 1396}
1596 1397
1597 1398
1598static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, 1399static enum rx_mgmt_action __must_check
1599 struct ieee80211_mgmt *mgmt, 1400ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1600 size_t len, 1401 struct ieee80211_mgd_work *wk,
1601 int reassoc) 1402 struct ieee80211_mgmt *mgmt, size_t len,
1403 bool reassoc)
1602{ 1404{
1603 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1405 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1604 struct ieee80211_local *local = sdata->local; 1406 struct ieee80211_local *local = sdata->local;
@@ -1614,17 +1416,16 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1614 bool have_higher_than_11mbit = false, newsta = false; 1416 bool have_higher_than_11mbit = false, newsta = false;
1615 u16 ap_ht_cap_flags; 1417 u16 ap_ht_cap_flags;
1616 1418
1617 /* AssocResp and ReassocResp have identical structure, so process both 1419 /*
1618 * of them in this function. */ 1420 * AssocResp and ReassocResp have identical structure, so process both
1619 1421 * of them in this function.
1620 if (ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE) 1422 */
1621 return;
1622 1423
1623 if (len < 24 + 6) 1424 if (len < 24 + 6)
1624 return; 1425 return RX_MGMT_NONE;
1625 1426
1626 if (memcmp(ifmgd->bssid, mgmt->sa, ETH_ALEN) != 0) 1427 if (memcmp(wk->bss->cbss.bssid, mgmt->sa, ETH_ALEN) != 0)
1627 return; 1428 return RX_MGMT_NONE;
1628 1429
1629 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1430 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1630 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 1431 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
@@ -1647,26 +1448,18 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1647 printk(KERN_DEBUG "%s: AP rejected association temporarily; " 1448 printk(KERN_DEBUG "%s: AP rejected association temporarily; "
1648 "comeback duration %u TU (%u ms)\n", 1449 "comeback duration %u TU (%u ms)\n",
1649 sdata->dev->name, tu, ms); 1450 sdata->dev->name, tu, ms);
1451 wk->timeout = jiffies + msecs_to_jiffies(ms);
1650 if (ms > IEEE80211_ASSOC_TIMEOUT) 1452 if (ms > IEEE80211_ASSOC_TIMEOUT)
1651 mod_timer(&ifmgd->timer, 1453 run_again(ifmgd, jiffies + msecs_to_jiffies(ms));
1652 jiffies + msecs_to_jiffies(ms)); 1454 return RX_MGMT_NONE;
1653 return;
1654 } 1455 }
1655 1456
1656 if (status_code != WLAN_STATUS_SUCCESS) { 1457 if (status_code != WLAN_STATUS_SUCCESS) {
1657 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n", 1458 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1658 sdata->dev->name, status_code); 1459 sdata->dev->name, status_code);
1659 /* if this was a reassociation, ensure we try a "full" 1460 list_del(&wk->list);
1660 * association next time. This works around some broken APs 1461 kfree(wk);
1661 * which do not correctly reject reassociation requests. */ 1462 return RX_MGMT_CFG80211_ASSOC;
1662 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1663 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len);
1664 if (ifmgd->flags & IEEE80211_STA_EXT_SME) {
1665 /* Wait for SME to decide what to do next */
1666 ifmgd->state = IEEE80211_STA_MLME_DISABLED;
1667 ieee80211_recalc_idle(local);
1668 }
1669 return;
1670 } 1463 }
1671 1464
1672 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 1465 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
@@ -1677,51 +1470,35 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1677 if (!elems.supp_rates) { 1470 if (!elems.supp_rates) {
1678 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", 1471 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1679 sdata->dev->name); 1472 sdata->dev->name);
1680 return; 1473 return RX_MGMT_NONE;
1681 } 1474 }
1682 1475
1683 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name); 1476 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
1684 ifmgd->aid = aid; 1477 ifmgd->aid = aid;
1685 ifmgd->ap_capab = capab_info;
1686
1687 kfree(ifmgd->assocresp_ies);
1688 ifmgd->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1689 ifmgd->assocresp_ies = kmalloc(ifmgd->assocresp_ies_len, GFP_KERNEL);
1690 if (ifmgd->assocresp_ies)
1691 memcpy(ifmgd->assocresp_ies, pos, ifmgd->assocresp_ies_len);
1692 1478
1693 rcu_read_lock(); 1479 rcu_read_lock();
1694 1480
1695 /* Add STA entry for the AP */ 1481 /* Add STA entry for the AP */
1696 sta = sta_info_get(local, ifmgd->bssid); 1482 sta = sta_info_get(local, wk->bss->cbss.bssid);
1697 if (!sta) { 1483 if (!sta) {
1698 newsta = true; 1484 newsta = true;
1699 1485
1700 sta = sta_info_alloc(sdata, ifmgd->bssid, GFP_ATOMIC); 1486 rcu_read_unlock();
1487
1488 sta = sta_info_alloc(sdata, wk->bss->cbss.bssid, GFP_KERNEL);
1701 if (!sta) { 1489 if (!sta) {
1702 printk(KERN_DEBUG "%s: failed to alloc STA entry for" 1490 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1703 " the AP\n", sdata->dev->name); 1491 " the AP\n", sdata->dev->name);
1704 rcu_read_unlock(); 1492 return RX_MGMT_NONE;
1705 return;
1706 } 1493 }
1707 1494
1708 /* update new sta with its last rx activity */ 1495 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC |
1709 sta->last_rx = jiffies; 1496 WLAN_STA_ASSOC_AP);
1710 } 1497 if (!(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
1498 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
1711 1499
1712 /* 1500 rcu_read_lock();
1713 * FIXME: Do we really need to update the sta_info's information here? 1501 }
1714 * We already know about the AP (we found it in our list) so it
1715 * should already be filled with the right info, no?
1716 * As is stands, all this is racy because typically we assume
1717 * the information that is filled in here (except flags) doesn't
1718 * change while a STA structure is alive. As such, it should move
1719 * to between the sta_info_alloc() and sta_info_insert() above.
1720 */
1721
1722 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP);
1723 if (!(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
1724 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
1725 1502
1726 rates = 0; 1503 rates = 0;
1727 basic_rates = 0; 1504 basic_rates = 0;
@@ -1771,8 +1548,7 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1771 else 1548 else
1772 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 1549 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
1773 1550
1774 /* If TKIP/WEP is used, no need to parse AP's HT capabilities */ 1551 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_11N))
1775 if (elems.ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED))
1776 ieee80211_ht_cap_ie_to_sta_ht_cap(sband, 1552 ieee80211_ht_cap_ie_to_sta_ht_cap(sband,
1777 elems.ht_cap_elem, &sta->sta.ht_cap); 1553 elems.ht_cap_elem, &sta->sta.ht_cap);
1778 1554
@@ -1792,7 +1568,7 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1792 printk(KERN_DEBUG "%s: failed to insert STA entry for" 1568 printk(KERN_DEBUG "%s: failed to insert STA entry for"
1793 " the AP (error %d)\n", sdata->dev->name, err); 1569 " the AP (error %d)\n", sdata->dev->name, err);
1794 rcu_read_unlock(); 1570 rcu_read_unlock();
1795 return; 1571 return RX_MGMT_NONE;
1796 } 1572 }
1797 } 1573 }
1798 1574
@@ -1806,24 +1582,29 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1806 1582
1807 if (elems.ht_info_elem && elems.wmm_param && 1583 if (elems.ht_info_elem && elems.wmm_param &&
1808 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) && 1584 (ifmgd->flags & IEEE80211_STA_WMM_ENABLED) &&
1809 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) 1585 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N))
1810 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1586 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem,
1587 wk->bss->cbss.bssid,
1811 ap_ht_cap_flags); 1588 ap_ht_cap_flags);
1812 1589
1590 /* delete work item -- must be before set_associated for PS */
1591 list_del(&wk->list);
1592
1813 /* set AID and assoc capability, 1593 /* set AID and assoc capability,
1814 * ieee80211_set_associated() will tell the driver */ 1594 * ieee80211_set_associated() will tell the driver */
1815 bss_conf->aid = aid; 1595 bss_conf->aid = aid;
1816 bss_conf->assoc_capability = capab_info; 1596 bss_conf->assoc_capability = capab_info;
1817 ieee80211_set_associated(sdata, changed); 1597 /* this will take ownership of wk */
1598 ieee80211_set_associated(sdata, wk, changed);
1818 1599
1819 /* 1600 /*
1820 * initialise the time of last beacon to be the association time, 1601 * Start timer to probe the connection to the AP now.
1821 * otherwise beacon loss check will trigger immediately 1602 * Also start the timer that will detect beacon loss.
1822 */ 1603 */
1823 ifmgd->last_beacon = jiffies; 1604 ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt);
1605 mod_beacon_timer(sdata);
1824 1606
1825 ieee80211_associated(sdata); 1607 return RX_MGMT_CFG80211_ASSOC;
1826 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len);
1827} 1608}
1828 1609
1829 1610
@@ -1851,23 +1632,25 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
1851 1632
1852 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 1633 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
1853 channel, beacon); 1634 channel, beacon);
1854 if (!bss) 1635 if (bss)
1636 ieee80211_rx_bss_put(local, bss);
1637
1638 if (!sdata->u.mgd.associated)
1855 return; 1639 return;
1856 1640
1857 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) && 1641 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) &&
1858 (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN) == 0)) { 1642 (memcmp(mgmt->bssid, sdata->u.mgd.associated->cbss.bssid,
1643 ETH_ALEN) == 0)) {
1859 struct ieee80211_channel_sw_ie *sw_elem = 1644 struct ieee80211_channel_sw_ie *sw_elem =
1860 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem; 1645 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem;
1861 ieee80211_sta_process_chanswitch(sdata, sw_elem, bss); 1646 ieee80211_sta_process_chanswitch(sdata, sw_elem, bss);
1862 } 1647 }
1863
1864 ieee80211_rx_bss_put(local, bss);
1865} 1648}
1866 1649
1867 1650
1868static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata, 1651static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1869 struct ieee80211_mgmt *mgmt, 1652 struct ieee80211_mgd_work *wk,
1870 size_t len, 1653 struct ieee80211_mgmt *mgmt, size_t len,
1871 struct ieee80211_rx_status *rx_status) 1654 struct ieee80211_rx_status *rx_status)
1872{ 1655{
1873 struct ieee80211_if_managed *ifmgd; 1656 struct ieee80211_if_managed *ifmgd;
@@ -1876,6 +1659,8 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1876 1659
1877 ifmgd = &sdata->u.mgd; 1660 ifmgd = &sdata->u.mgd;
1878 1661
1662 ASSERT_MGD_MTX(ifmgd);
1663
1879 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN)) 1664 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
1880 return; /* ignore ProbeResp to foreign address */ 1665 return; /* ignore ProbeResp to foreign address */
1881 1666
@@ -1889,17 +1674,32 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
1889 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false); 1674 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems, false);
1890 1675
1891 /* direct probe may be part of the association flow */ 1676 /* direct probe may be part of the association flow */
1892 if (ifmgd->state == IEEE80211_STA_MLME_DIRECT_PROBE) { 1677 if (wk && wk->state == IEEE80211_MGD_STATE_PROBE) {
1893 printk(KERN_DEBUG "%s direct probe responded\n", 1678 printk(KERN_DEBUG "%s direct probe responded\n",
1894 sdata->dev->name); 1679 sdata->dev->name);
1895 ieee80211_authenticate(sdata); 1680 wk->tries = 0;
1681 wk->state = IEEE80211_MGD_STATE_AUTH;
1682 WARN_ON(ieee80211_authenticate(sdata, wk) != RX_MGMT_NONE);
1896 } 1683 }
1897 1684
1898 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) { 1685 if (ifmgd->associated &&
1899 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 1686 memcmp(mgmt->bssid, ifmgd->associated->cbss.bssid, ETH_ALEN) == 0 &&
1687 ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
1688 IEEE80211_STA_CONNECTION_POLL)) {
1689 ifmgd->flags &= ~(IEEE80211_STA_CONNECTION_POLL |
1690 IEEE80211_STA_BEACON_POLL);
1900 mutex_lock(&sdata->local->iflist_mtx); 1691 mutex_lock(&sdata->local->iflist_mtx);
1901 ieee80211_recalc_ps(sdata->local, -1); 1692 ieee80211_recalc_ps(sdata->local, -1);
1902 mutex_unlock(&sdata->local->iflist_mtx); 1693 mutex_unlock(&sdata->local->iflist_mtx);
1694 /*
1695 * We've received a probe response, but are not sure whether
1696 * we have or will be receiving any beacons or data, so let's
1697 * schedule the timers again, just in case.
1698 */
1699 mod_beacon_timer(sdata);
1700 mod_timer(&ifmgd->conn_mon_timer,
1701 round_jiffies_up(jiffies +
1702 IEEE80211_CONNECTION_IDLE_TIME));
1903 } 1703 }
1904} 1704}
1905 1705
@@ -1937,6 +1737,9 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1937 bool erp_valid, directed_tim = false; 1737 bool erp_valid, directed_tim = false;
1938 u8 erp_value = 0; 1738 u8 erp_value = 0;
1939 u32 ncrc; 1739 u32 ncrc;
1740 u8 *bssid;
1741
1742 ASSERT_MGD_MTX(ifmgd);
1940 1743
1941 /* Process beacon from the current BSS */ 1744 /* Process beacon from the current BSS */
1942 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 1745 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
@@ -1946,23 +1749,41 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
1946 if (rx_status->freq != local->hw.conf.channel->center_freq) 1749 if (rx_status->freq != local->hw.conf.channel->center_freq)
1947 return; 1750 return;
1948 1751
1949 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED) || 1752 /*
1950 memcmp(ifmgd->bssid, mgmt->bssid, ETH_ALEN) != 0) 1753 * We might have received a number of frames, among them a
1754 * disassoc frame and a beacon...
1755 */
1756 if (!ifmgd->associated)
1951 return; 1757 return;
1952 1758
1953 if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) { 1759 bssid = ifmgd->associated->cbss.bssid;
1760
1761 /*
1762 * And in theory even frames from a different AP we were just
1763 * associated to a split-second ago!
1764 */
1765 if (memcmp(bssid, mgmt->bssid, ETH_ALEN) != 0)
1766 return;
1767
1768 if (ifmgd->flags & IEEE80211_STA_BEACON_POLL) {
1954#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1769#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1955 if (net_ratelimit()) { 1770 if (net_ratelimit()) {
1956 printk(KERN_DEBUG "%s: cancelling probereq poll due " 1771 printk(KERN_DEBUG "%s: cancelling probereq poll due "
1957 "to a received beacon\n", sdata->dev->name); 1772 "to a received beacon\n", sdata->dev->name);
1958 } 1773 }
1959#endif 1774#endif
1960 ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL; 1775 ifmgd->flags &= ~IEEE80211_STA_BEACON_POLL;
1961 mutex_lock(&local->iflist_mtx); 1776 mutex_lock(&local->iflist_mtx);
1962 ieee80211_recalc_ps(local, -1); 1777 ieee80211_recalc_ps(local, -1);
1963 mutex_unlock(&local->iflist_mtx); 1778 mutex_unlock(&local->iflist_mtx);
1964 } 1779 }
1965 1780
1781 /*
1782 * Push the beacon loss detection into the future since
1783 * we are processing a beacon from the AP just now.
1784 */
1785 mod_beacon_timer(sdata);
1786
1966 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4); 1787 ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4);
1967 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable, 1788 ncrc = ieee802_11_parse_elems_crc(mgmt->u.beacon.variable,
1968 len - baselen, &elems, 1789 len - baselen, &elems,
@@ -2019,15 +1840,15 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2019 1840
2020 1841
2021 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param && 1842 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
2022 !(ifmgd->flags & IEEE80211_STA_TKIP_WEP_USED)) { 1843 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) {
2023 struct sta_info *sta; 1844 struct sta_info *sta;
2024 struct ieee80211_supported_band *sband; 1845 struct ieee80211_supported_band *sband;
2025 u16 ap_ht_cap_flags; 1846 u16 ap_ht_cap_flags;
2026 1847
2027 rcu_read_lock(); 1848 rcu_read_lock();
2028 1849
2029 sta = sta_info_get(local, ifmgd->bssid); 1850 sta = sta_info_get(local, bssid);
2030 if (!sta) { 1851 if (WARN_ON(!sta)) {
2031 rcu_read_unlock(); 1852 rcu_read_unlock();
2032 return; 1853 return;
2033 } 1854 }
@@ -2042,15 +1863,11 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2042 rcu_read_unlock(); 1863 rcu_read_unlock();
2043 1864
2044 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem, 1865 changed |= ieee80211_enable_ht(sdata, elems.ht_info_elem,
2045 ap_ht_cap_flags); 1866 bssid, ap_ht_cap_flags);
2046 } 1867 }
2047 1868
1869 /* Note: country IE parsing is done for us by cfg80211 */
2048 if (elems.country_elem) { 1870 if (elems.country_elem) {
2049 /* Note we are only reviewing this on beacons
2050 * for the BSSID we are associated to */
2051 regulatory_hint_11d(local->hw.wiphy,
2052 elems.country_elem, elems.country_elem_len);
2053
2054 /* TODO: IBSS also needs this */ 1871 /* TODO: IBSS also needs this */
2055 if (elems.pwr_constr_elem) 1872 if (elems.pwr_constr_elem)
2056 ieee80211_handle_pwr_constr(sdata, 1873 ieee80211_handle_pwr_constr(sdata,
@@ -2063,8 +1880,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2063} 1880}
2064 1881
2065ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, 1882ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
2066 struct sk_buff *skb, 1883 struct sk_buff *skb)
2067 struct ieee80211_rx_status *rx_status)
2068{ 1884{
2069 struct ieee80211_local *local = sdata->local; 1885 struct ieee80211_local *local = sdata->local;
2070 struct ieee80211_mgmt *mgmt; 1886 struct ieee80211_mgmt *mgmt;
@@ -2080,14 +1896,14 @@ ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
2080 case IEEE80211_STYPE_PROBE_REQ: 1896 case IEEE80211_STYPE_PROBE_REQ:
2081 case IEEE80211_STYPE_PROBE_RESP: 1897 case IEEE80211_STYPE_PROBE_RESP:
2082 case IEEE80211_STYPE_BEACON: 1898 case IEEE80211_STYPE_BEACON:
2083 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2084 case IEEE80211_STYPE_AUTH: 1899 case IEEE80211_STYPE_AUTH:
2085 case IEEE80211_STYPE_ASSOC_RESP: 1900 case IEEE80211_STYPE_ASSOC_RESP:
2086 case IEEE80211_STYPE_REASSOC_RESP: 1901 case IEEE80211_STYPE_REASSOC_RESP:
2087 case IEEE80211_STYPE_DEAUTH: 1902 case IEEE80211_STYPE_DEAUTH:
2088 case IEEE80211_STYPE_DISASSOC: 1903 case IEEE80211_STYPE_DISASSOC:
1904 case IEEE80211_STYPE_ACTION:
2089 skb_queue_tail(&sdata->u.mgd.skb_queue, skb); 1905 skb_queue_tail(&sdata->u.mgd.skb_queue, skb);
2090 queue_work(local->hw.workqueue, &sdata->u.mgd.work); 1906 ieee80211_queue_work(&local->hw, &sdata->u.mgd.work);
2091 return RX_QUEUED; 1907 return RX_QUEUED;
2092 } 1908 }
2093 1909
@@ -2097,40 +1913,119 @@ ieee80211_rx_result ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata,
2097static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 1913static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
2098 struct sk_buff *skb) 1914 struct sk_buff *skb)
2099{ 1915{
1916 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2100 struct ieee80211_rx_status *rx_status; 1917 struct ieee80211_rx_status *rx_status;
2101 struct ieee80211_mgmt *mgmt; 1918 struct ieee80211_mgmt *mgmt;
1919 struct ieee80211_mgd_work *wk;
1920 enum rx_mgmt_action rma = RX_MGMT_NONE;
2102 u16 fc; 1921 u16 fc;
2103 1922
2104 rx_status = (struct ieee80211_rx_status *) skb->cb; 1923 rx_status = (struct ieee80211_rx_status *) skb->cb;
2105 mgmt = (struct ieee80211_mgmt *) skb->data; 1924 mgmt = (struct ieee80211_mgmt *) skb->data;
2106 fc = le16_to_cpu(mgmt->frame_control); 1925 fc = le16_to_cpu(mgmt->frame_control);
2107 1926
2108 switch (fc & IEEE80211_FCTL_STYPE) { 1927 mutex_lock(&ifmgd->mtx);
2109 case IEEE80211_STYPE_PROBE_RESP: 1928
2110 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, 1929 if (ifmgd->associated &&
2111 rx_status); 1930 memcmp(ifmgd->associated->cbss.bssid, mgmt->bssid,
2112 break; 1931 ETH_ALEN) == 0) {
2113 case IEEE80211_STYPE_BEACON: 1932 switch (fc & IEEE80211_FCTL_STYPE) {
2114 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, 1933 case IEEE80211_STYPE_BEACON:
2115 rx_status); 1934 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len,
2116 break; 1935 rx_status);
2117 case IEEE80211_STYPE_AUTH: 1936 break;
2118 ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len); 1937 case IEEE80211_STYPE_PROBE_RESP:
1938 ieee80211_rx_mgmt_probe_resp(sdata, NULL, mgmt,
1939 skb->len, rx_status);
1940 break;
1941 case IEEE80211_STYPE_DEAUTH:
1942 rma = ieee80211_rx_mgmt_deauth(sdata, NULL,
1943 mgmt, skb->len);
1944 break;
1945 case IEEE80211_STYPE_DISASSOC:
1946 rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
1947 break;
1948 case IEEE80211_STYPE_ACTION:
1949 /* XXX: differentiate, can only happen for CSA now! */
1950 ieee80211_sta_process_chanswitch(sdata,
1951 &mgmt->u.action.u.chan_switch.sw_elem,
1952 ifmgd->associated);
1953 break;
1954 }
1955 mutex_unlock(&ifmgd->mtx);
1956
1957 switch (rma) {
1958 case RX_MGMT_NONE:
1959 /* no action */
1960 break;
1961 case RX_MGMT_CFG80211_DEAUTH:
1962 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len,
1963 NULL);
1964 break;
1965 case RX_MGMT_CFG80211_DISASSOC:
1966 cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len,
1967 NULL);
1968 break;
1969 default:
1970 WARN(1, "unexpected: %d", rma);
1971 }
1972 goto out;
1973 }
1974
1975 list_for_each_entry(wk, &ifmgd->work_list, list) {
1976 if (memcmp(wk->bss->cbss.bssid, mgmt->bssid, ETH_ALEN) != 0)
1977 continue;
1978
1979 switch (fc & IEEE80211_FCTL_STYPE) {
1980 case IEEE80211_STYPE_PROBE_RESP:
1981 ieee80211_rx_mgmt_probe_resp(sdata, wk, mgmt, skb->len,
1982 rx_status);
1983 break;
1984 case IEEE80211_STYPE_AUTH:
1985 rma = ieee80211_rx_mgmt_auth(sdata, wk, mgmt, skb->len);
1986 break;
1987 case IEEE80211_STYPE_ASSOC_RESP:
1988 rma = ieee80211_rx_mgmt_assoc_resp(sdata, wk, mgmt,
1989 skb->len, false);
1990 break;
1991 case IEEE80211_STYPE_REASSOC_RESP:
1992 rma = ieee80211_rx_mgmt_assoc_resp(sdata, wk, mgmt,
1993 skb->len, true);
1994 break;
1995 case IEEE80211_STYPE_DEAUTH:
1996 rma = ieee80211_rx_mgmt_deauth(sdata, wk, mgmt,
1997 skb->len);
1998 break;
1999 }
2000 /*
2001 * We've processed this frame for that work, so it can't
2002 * belong to another work struct.
2003 * NB: this is also required for correctness because the
2004 * called functions can free 'wk', and for 'rma'!
2005 */
2119 break; 2006 break;
2120 case IEEE80211_STYPE_ASSOC_RESP: 2007 }
2121 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 0); 2008
2009 mutex_unlock(&ifmgd->mtx);
2010
2011 switch (rma) {
2012 case RX_MGMT_NONE:
2013 /* no action */
2122 break; 2014 break;
2123 case IEEE80211_STYPE_REASSOC_RESP: 2015 case RX_MGMT_CFG80211_AUTH:
2124 ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, 1); 2016 cfg80211_send_rx_auth(sdata->dev, (u8 *) mgmt, skb->len);
2125 break; 2017 break;
2126 case IEEE80211_STYPE_DEAUTH: 2018 case RX_MGMT_CFG80211_ASSOC:
2127 ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len); 2019 cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, skb->len);
2128 break; 2020 break;
2129 case IEEE80211_STYPE_DISASSOC: 2021 case RX_MGMT_CFG80211_DEAUTH:
2130 ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len); 2022 cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len, NULL);
2131 break; 2023 break;
2024 default:
2025 WARN(1, "unexpected: %d", rma);
2132 } 2026 }
2133 2027
2028 out:
2134 kfree_skb(skb); 2029 kfree_skb(skb);
2135} 2030}
2136 2031
@@ -2146,215 +2041,220 @@ static void ieee80211_sta_timer(unsigned long data)
2146 return; 2041 return;
2147 } 2042 }
2148 2043
2149 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request); 2044 ieee80211_queue_work(&local->hw, &ifmgd->work);
2150 queue_work(local->hw.workqueue, &ifmgd->work);
2151} 2045}
2152 2046
2153static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata) 2047static void ieee80211_sta_work(struct work_struct *work)
2154{ 2048{
2155 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2049 struct ieee80211_sub_if_data *sdata =
2050 container_of(work, struct ieee80211_sub_if_data, u.mgd.work);
2156 struct ieee80211_local *local = sdata->local; 2051 struct ieee80211_local *local = sdata->local;
2052 struct ieee80211_if_managed *ifmgd;
2053 struct sk_buff *skb;
2054 struct ieee80211_mgd_work *wk, *tmp;
2055 LIST_HEAD(free_work);
2056 enum rx_mgmt_action rma;
2057 bool anybusy = false;
2157 2058
2158 /* Reset own TSF to allow time synchronization work. */ 2059 if (!netif_running(sdata->dev))
2159 drv_reset_tsf(local); 2060 return;
2160 2061
2161 ifmgd->wmm_last_param_set = -1; /* allow any WMM update */ 2062 if (local->scanning)
2063 return;
2162 2064
2065 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2066 return;
2163 2067
2164 if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_OPEN) 2068 /*
2165 ifmgd->auth_alg = WLAN_AUTH_OPEN; 2069 * ieee80211_queue_work() should have picked up most cases,
2166 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 2070 * here we'll pick the the rest.
2167 ifmgd->auth_alg = WLAN_AUTH_SHARED_KEY; 2071 */
2168 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_LEAP) 2072 if (WARN(local->suspended, "STA MLME work scheduled while "
2169 ifmgd->auth_alg = WLAN_AUTH_LEAP; 2073 "going to suspend\n"))
2170 else if (ifmgd->auth_algs & IEEE80211_AUTH_ALG_FT) 2074 return;
2171 ifmgd->auth_alg = WLAN_AUTH_FT;
2172 else
2173 ifmgd->auth_alg = WLAN_AUTH_OPEN;
2174 ifmgd->auth_transaction = -1;
2175 ifmgd->flags &= ~IEEE80211_STA_ASSOCIATED;
2176 ifmgd->assoc_scan_tries = 0;
2177 ifmgd->direct_probe_tries = 0;
2178 ifmgd->auth_tries = 0;
2179 ifmgd->assoc_tries = 0;
2180 netif_tx_stop_all_queues(sdata->dev);
2181 netif_carrier_off(sdata->dev);
2182}
2183 2075
2184static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata) 2076 ifmgd = &sdata->u.mgd;
2185{
2186 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2187 struct ieee80211_local *local = sdata->local;
2188 struct ieee80211_bss *bss;
2189 u8 *bssid = ifmgd->bssid, *ssid = ifmgd->ssid;
2190 u8 ssid_len = ifmgd->ssid_len;
2191 u16 capa_mask = WLAN_CAPABILITY_ESS;
2192 u16 capa_val = WLAN_CAPABILITY_ESS;
2193 struct ieee80211_channel *chan = local->oper_channel;
2194 2077
2195 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) && 2078 /* first process frames to avoid timing out while a frame is pending */
2196 ifmgd->flags & (IEEE80211_STA_AUTO_SSID_SEL | 2079 while ((skb = skb_dequeue(&ifmgd->skb_queue)))
2197 IEEE80211_STA_AUTO_BSSID_SEL | 2080 ieee80211_sta_rx_queued_mgmt(sdata, skb);
2198 IEEE80211_STA_AUTO_CHANNEL_SEL)) {
2199 capa_mask |= WLAN_CAPABILITY_PRIVACY;
2200 if (sdata->default_key)
2201 capa_val |= WLAN_CAPABILITY_PRIVACY;
2202 }
2203 2081
2204 if (ifmgd->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) 2082 /* then process the rest of the work */
2205 chan = NULL; 2083 mutex_lock(&ifmgd->mtx);
2206 2084
2207 if (ifmgd->flags & IEEE80211_STA_AUTO_BSSID_SEL) 2085 if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
2208 bssid = NULL; 2086 IEEE80211_STA_CONNECTION_POLL) &&
2087 ifmgd->associated) {
2088 u8 bssid[ETH_ALEN];
2209 2089
2210 if (ifmgd->flags & IEEE80211_STA_AUTO_SSID_SEL) { 2090 memcpy(bssid, ifmgd->associated->cbss.bssid, ETH_ALEN);
2211 ssid = NULL; 2091 if (time_is_after_jiffies(ifmgd->probe_timeout))
2212 ssid_len = 0; 2092 run_again(ifmgd, ifmgd->probe_timeout);
2093
2094 else if (ifmgd->probe_send_count < IEEE80211_MAX_PROBE_TRIES) {
2095#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2096 printk(KERN_DEBUG "No probe response from AP %pM"
2097 " after %dms, try %d\n", bssid,
2098 (1000 * IEEE80211_PROBE_WAIT)/HZ,
2099 ifmgd->probe_send_count);
2100#endif
2101 ieee80211_mgd_probe_ap_send(sdata);
2102 } else {
2103 /*
2104 * We actually lost the connection ... or did we?
2105 * Let's make sure!
2106 */
2107 ifmgd->flags &= ~(IEEE80211_STA_CONNECTION_POLL |
2108 IEEE80211_STA_BEACON_POLL);
2109 printk(KERN_DEBUG "No probe response from AP %pM"
2110 " after %dms, disconnecting.\n",
2111 bssid, (1000 * IEEE80211_PROBE_WAIT)/HZ);
2112 ieee80211_set_disassoc(sdata, true);
2113 mutex_unlock(&ifmgd->mtx);
2114 /*
2115 * must be outside lock due to cfg80211,
2116 * but that's not a problem.
2117 */
2118 ieee80211_send_deauth_disassoc(sdata, bssid,
2119 IEEE80211_STYPE_DEAUTH,
2120 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
2121 NULL);
2122 mutex_lock(&ifmgd->mtx);
2123 }
2213 } 2124 }
2214 2125
2215 bss = (void *)cfg80211_get_bss(local->hw.wiphy, chan, 2126 list_for_each_entry(wk, &ifmgd->work_list, list) {
2216 bssid, ssid, ssid_len, 2127 if (wk->state != IEEE80211_MGD_STATE_IDLE) {
2217 capa_mask, capa_val); 2128 anybusy = true;
2129 break;
2130 }
2131 }
2218 2132
2219 if (bss) { 2133 ieee80211_recalc_idle(local);
2220 local->oper_channel = bss->cbss.channel;
2221 local->oper_channel_type = NL80211_CHAN_NO_HT;
2222 ieee80211_hw_config(local, 0);
2223 2134
2224 if (!(ifmgd->flags & IEEE80211_STA_SSID_SET)) 2135 if (!anybusy) {
2225 ieee80211_sta_set_ssid(sdata, bss->ssid, 2136 mutex_unlock(&ifmgd->mtx);
2226 bss->ssid_len);
2227 ieee80211_sta_set_bssid(sdata, bss->cbss.bssid);
2228 ieee80211_sta_def_wmm_params(sdata, bss->supp_rates_len,
2229 bss->supp_rates);
2230 if (sdata->u.mgd.mfp == IEEE80211_MFP_REQUIRED)
2231 sdata->u.mgd.flags |= IEEE80211_STA_MFP_ENABLED;
2232 else
2233 sdata->u.mgd.flags &= ~IEEE80211_STA_MFP_ENABLED;
2234
2235 /* Send out direct probe if no probe resp was received or
2236 * the one we have is outdated
2237 */
2238 if (!bss->last_probe_resp ||
2239 time_after(jiffies, bss->last_probe_resp
2240 + IEEE80211_SCAN_RESULT_EXPIRE))
2241 ifmgd->state = IEEE80211_STA_MLME_DIRECT_PROBE;
2242 else
2243 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE;
2244 2137
2245 ieee80211_rx_bss_put(local, bss); 2138 if (test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request))
2246 ieee80211_sta_reset_auth(sdata); 2139 ieee80211_queue_delayed_work(&local->hw,
2247 return 0; 2140 &local->scan_work,
2248 } else { 2141 round_jiffies_relative(0));
2249 if (ifmgd->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) { 2142 return;
2143 }
2250 2144
2251 ifmgd->assoc_scan_tries++; 2145 list_for_each_entry_safe(wk, tmp, &ifmgd->work_list, list) {
2146 if (time_is_after_jiffies(wk->timeout)) {
2147 /*
2148 * This work item isn't supposed to be worked on
2149 * right now, but take care to adjust the timer
2150 * properly.
2151 */
2152 run_again(ifmgd, wk->timeout);
2153 continue;
2154 }
2252 2155
2253 ieee80211_request_internal_scan(sdata, ifmgd->ssid, 2156 switch (wk->state) {
2254 ssid_len); 2157 default:
2158 WARN_ON(1);
2159 /* fall through */
2160 case IEEE80211_MGD_STATE_IDLE:
2161 /* nothing */
2162 rma = RX_MGMT_NONE;
2163 break;
2164 case IEEE80211_MGD_STATE_PROBE:
2165 rma = ieee80211_direct_probe(sdata, wk);
2166 break;
2167 case IEEE80211_MGD_STATE_AUTH:
2168 rma = ieee80211_authenticate(sdata, wk);
2169 break;
2170 case IEEE80211_MGD_STATE_ASSOC:
2171 rma = ieee80211_associate(sdata, wk);
2172 break;
2173 }
2255 2174
2256 ifmgd->state = IEEE80211_STA_MLME_AUTHENTICATE; 2175 switch (rma) {
2257 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request); 2176 case RX_MGMT_NONE:
2258 } else { 2177 /* no action required */
2259 ifmgd->assoc_scan_tries = 0; 2178 break;
2260 ifmgd->state = IEEE80211_STA_MLME_DISABLED; 2179 case RX_MGMT_CFG80211_AUTH_TO:
2261 ieee80211_recalc_idle(local); 2180 case RX_MGMT_CFG80211_ASSOC_TO:
2181 list_del(&wk->list);
2182 list_add(&wk->list, &free_work);
2183 wk->tries = rma; /* small abuse but only local */
2184 break;
2185 default:
2186 WARN(1, "unexpected: %d", rma);
2262 } 2187 }
2263 } 2188 }
2264 return -1;
2265}
2266 2189
2190 mutex_unlock(&ifmgd->mtx);
2267 2191
2268static void ieee80211_sta_work(struct work_struct *work) 2192 list_for_each_entry_safe(wk, tmp, &free_work, list) {
2269{ 2193 switch (wk->tries) {
2270 struct ieee80211_sub_if_data *sdata = 2194 case RX_MGMT_CFG80211_AUTH_TO:
2271 container_of(work, struct ieee80211_sub_if_data, u.mgd.work); 2195 cfg80211_send_auth_timeout(sdata->dev,
2272 struct ieee80211_local *local = sdata->local; 2196 wk->bss->cbss.bssid);
2273 struct ieee80211_if_managed *ifmgd; 2197 break;
2274 struct sk_buff *skb; 2198 case RX_MGMT_CFG80211_ASSOC_TO:
2199 cfg80211_send_assoc_timeout(sdata->dev,
2200 wk->bss->cbss.bssid);
2201 break;
2202 default:
2203 WARN(1, "unexpected: %d", wk->tries);
2204 }
2275 2205
2276 if (!netif_running(sdata->dev)) 2206 list_del(&wk->list);
2277 return; 2207 kfree(wk);
2208 }
2278 2209
2279 if (local->sw_scanning || local->hw_scanning) 2210 ieee80211_recalc_idle(local);
2280 return; 2211}
2281 2212
2282 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) 2213static void ieee80211_sta_bcn_mon_timer(unsigned long data)
2283 return; 2214{
2215 struct ieee80211_sub_if_data *sdata =
2216 (struct ieee80211_sub_if_data *) data;
2217 struct ieee80211_local *local = sdata->local;
2284 2218
2285 /* 2219 if (local->quiescing)
2286 * Nothing should have been stuffed into the workqueue during
2287 * the suspend->resume cycle. If this WARN is seen then there
2288 * is a bug with either the driver suspend or something in
2289 * mac80211 stuffing into the workqueue which we haven't yet
2290 * cleared during mac80211's suspend cycle.
2291 */
2292 if (WARN_ON(local->suspended))
2293 return; 2220 return;
2294 2221
2295 ifmgd = &sdata->u.mgd; 2222 ieee80211_queue_work(&sdata->local->hw, &sdata->u.mgd.beacon_loss_work);
2296 2223}
2297 while ((skb = skb_dequeue(&ifmgd->skb_queue)))
2298 ieee80211_sta_rx_queued_mgmt(sdata, skb);
2299 2224
2300 if (ifmgd->state != IEEE80211_STA_MLME_DIRECT_PROBE && 2225static void ieee80211_sta_conn_mon_timer(unsigned long data)
2301 ifmgd->state != IEEE80211_STA_MLME_AUTHENTICATE && 2226{
2302 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE && 2227 struct ieee80211_sub_if_data *sdata =
2303 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request)) { 2228 (struct ieee80211_sub_if_data *) data;
2304 queue_delayed_work(local->hw.workqueue, &local->scan_work, 2229 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2305 round_jiffies_relative(0)); 2230 struct ieee80211_local *local = sdata->local;
2306 return;
2307 }
2308 2231
2309 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request)) { 2232 if (local->quiescing)
2310 if (ieee80211_sta_config_auth(sdata))
2311 return;
2312 clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request);
2313 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request))
2314 return; 2233 return;
2315 2234
2316 ieee80211_recalc_idle(local); 2235 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work);
2317 2236}
2318 switch (ifmgd->state) {
2319 case IEEE80211_STA_MLME_DISABLED:
2320 break;
2321 case IEEE80211_STA_MLME_DIRECT_PROBE:
2322 ieee80211_direct_probe(sdata);
2323 break;
2324 case IEEE80211_STA_MLME_AUTHENTICATE:
2325 ieee80211_authenticate(sdata);
2326 break;
2327 case IEEE80211_STA_MLME_ASSOCIATE:
2328 ieee80211_associate(sdata);
2329 break;
2330 case IEEE80211_STA_MLME_ASSOCIATED:
2331 ieee80211_associated(sdata);
2332 break;
2333 default:
2334 WARN_ON(1);
2335 break;
2336 }
2337 2237
2338 if (ieee80211_privacy_mismatch(sdata)) { 2238static void ieee80211_sta_monitor_work(struct work_struct *work)
2339 printk(KERN_DEBUG "%s: privacy configuration mismatch and " 2239{
2340 "mixed-cell disabled - disassociate\n", sdata->dev->name); 2240 struct ieee80211_sub_if_data *sdata =
2241 container_of(work, struct ieee80211_sub_if_data,
2242 u.mgd.monitor_work);
2341 2243
2342 ieee80211_set_disassoc(sdata, false, true, 2244 ieee80211_mgd_probe_ap(sdata, false);
2343 WLAN_REASON_UNSPECIFIED);
2344 }
2345} 2245}
2346 2246
2347static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata) 2247static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
2348{ 2248{
2349 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 2249 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
2350 /* 2250 sdata->u.mgd.flags &= ~(IEEE80211_STA_BEACON_POLL |
2351 * Need to update last_beacon to avoid beacon loss 2251 IEEE80211_STA_CONNECTION_POLL);
2352 * test to trigger. 2252
2353 */ 2253 /* let's probe the connection once */
2354 sdata->u.mgd.last_beacon = jiffies; 2254 ieee80211_queue_work(&sdata->local->hw,
2355 2255 &sdata->u.mgd.monitor_work);
2356 2256 /* and do all the other regular work too */
2357 queue_work(sdata->local->hw.workqueue, 2257 ieee80211_queue_work(&sdata->local->hw,
2358 &sdata->u.mgd.work); 2258 &sdata->u.mgd.work);
2359 } 2259 }
2360} 2260}
@@ -2378,6 +2278,11 @@ void ieee80211_sta_quiesce(struct ieee80211_sub_if_data *sdata)
2378 cancel_work_sync(&ifmgd->chswitch_work); 2278 cancel_work_sync(&ifmgd->chswitch_work);
2379 if (del_timer_sync(&ifmgd->chswitch_timer)) 2279 if (del_timer_sync(&ifmgd->chswitch_timer))
2380 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running); 2280 set_bit(TMR_RUNNING_CHANSW, &ifmgd->timers_running);
2281
2282 cancel_work_sync(&ifmgd->monitor_work);
2283 /* these will just be re-established on connection */
2284 del_timer_sync(&ifmgd->conn_mon_timer);
2285 del_timer_sync(&ifmgd->bcn_mon_timer);
2381} 2286}
2382 2287
2383void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata) 2288void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
@@ -2395,210 +2300,277 @@ void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata)
2395void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) 2300void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
2396{ 2301{
2397 struct ieee80211_if_managed *ifmgd; 2302 struct ieee80211_if_managed *ifmgd;
2398 u32 hw_flags;
2399 2303
2400 ifmgd = &sdata->u.mgd; 2304 ifmgd = &sdata->u.mgd;
2401 INIT_WORK(&ifmgd->work, ieee80211_sta_work); 2305 INIT_WORK(&ifmgd->work, ieee80211_sta_work);
2306 INIT_WORK(&ifmgd->monitor_work, ieee80211_sta_monitor_work);
2402 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 2307 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
2403 INIT_WORK(&ifmgd->beacon_loss_work, ieee80211_beacon_loss_work); 2308 INIT_WORK(&ifmgd->beacon_loss_work, ieee80211_beacon_loss_work);
2404 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 2309 setup_timer(&ifmgd->timer, ieee80211_sta_timer,
2405 (unsigned long) sdata); 2310 (unsigned long) sdata);
2311 setup_timer(&ifmgd->bcn_mon_timer, ieee80211_sta_bcn_mon_timer,
2312 (unsigned long) sdata);
2313 setup_timer(&ifmgd->conn_mon_timer, ieee80211_sta_conn_mon_timer,
2314 (unsigned long) sdata);
2406 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer, 2315 setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer,
2407 (unsigned long) sdata); 2316 (unsigned long) sdata);
2408 skb_queue_head_init(&ifmgd->skb_queue); 2317 skb_queue_head_init(&ifmgd->skb_queue);
2409 2318
2319 INIT_LIST_HEAD(&ifmgd->work_list);
2320
2410 ifmgd->capab = WLAN_CAPABILITY_ESS; 2321 ifmgd->capab = WLAN_CAPABILITY_ESS;
2411 ifmgd->auth_algs = IEEE80211_AUTH_ALG_OPEN | 2322 ifmgd->flags = 0;
2412 IEEE80211_AUTH_ALG_SHARED_KEY;
2413 ifmgd->flags |= IEEE80211_STA_CREATE_IBSS |
2414 IEEE80211_STA_AUTO_BSSID_SEL |
2415 IEEE80211_STA_AUTO_CHANNEL_SEL;
2416 if (sdata->local->hw.queues >= 4) 2323 if (sdata->local->hw.queues >= 4)
2417 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED; 2324 ifmgd->flags |= IEEE80211_STA_WMM_ENABLED;
2418 2325
2419 hw_flags = sdata->local->hw.flags; 2326 mutex_init(&ifmgd->mtx);
2420
2421 if (hw_flags & IEEE80211_HW_SUPPORTS_PS) {
2422 ifmgd->powersave = CONFIG_MAC80211_DEFAULT_PS_VALUE;
2423 sdata->local->hw.conf.dynamic_ps_timeout = 500;
2424 }
2425} 2327}
2426 2328
2427/* configuration hooks */ 2329/* scan finished notification */
2428void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata) 2330void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
2429{ 2331{
2430 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2332 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
2431 struct ieee80211_local *local = sdata->local;
2432
2433 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION))
2434 return;
2435
2436 if ((ifmgd->flags & (IEEE80211_STA_BSSID_SET |
2437 IEEE80211_STA_AUTO_BSSID_SEL)) &&
2438 (ifmgd->flags & (IEEE80211_STA_SSID_SET |
2439 IEEE80211_STA_AUTO_SSID_SEL))) {
2440
2441 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2442 ieee80211_set_disassoc(sdata, true, true,
2443 WLAN_REASON_DEAUTH_LEAVING);
2444
2445 if (ifmgd->ssid_len == 0) {
2446 /*
2447 * Only allow association to be started if a valid SSID
2448 * is configured.
2449 */
2450 return;
2451 }
2452 2333
2453 if (!(ifmgd->flags & IEEE80211_STA_EXT_SME) || 2334 /* Restart STA timers */
2454 ifmgd->state != IEEE80211_STA_MLME_ASSOCIATE) 2335 rcu_read_lock();
2455 set_bit(IEEE80211_STA_REQ_AUTH, &ifmgd->request); 2336 list_for_each_entry_rcu(sdata, &local->interfaces, list)
2456 else if (ifmgd->flags & IEEE80211_STA_EXT_SME) 2337 ieee80211_restart_sta_timer(sdata);
2457 set_bit(IEEE80211_STA_REQ_RUN, &ifmgd->request); 2338 rcu_read_unlock();
2458 queue_work(local->hw.workqueue, &ifmgd->work);
2459 }
2460} 2339}
2461 2340
2462int ieee80211_sta_commit(struct ieee80211_sub_if_data *sdata) 2341int ieee80211_max_network_latency(struct notifier_block *nb,
2342 unsigned long data, void *dummy)
2463{ 2343{
2464 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2344 s32 latency_usec = (s32) data;
2345 struct ieee80211_local *local =
2346 container_of(nb, struct ieee80211_local,
2347 network_latency_notifier);
2465 2348
2466 if (ifmgd->ssid_len) 2349 mutex_lock(&local->iflist_mtx);
2467 ifmgd->flags |= IEEE80211_STA_SSID_SET; 2350 ieee80211_recalc_ps(local, latency_usec);
2468 else 2351 mutex_unlock(&local->iflist_mtx);
2469 ifmgd->flags &= ~IEEE80211_STA_SSID_SET;
2470 2352
2471 return 0; 2353 return 0;
2472} 2354}
2473 2355
2474int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len) 2356/* config hooks */
2357int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
2358 struct cfg80211_auth_request *req)
2475{ 2359{
2476 struct ieee80211_if_managed *ifmgd; 2360 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2361 const u8 *ssid;
2362 struct ieee80211_mgd_work *wk;
2363 u16 auth_alg;
2477 2364
2478 if (len > IEEE80211_MAX_SSID_LEN) 2365 switch (req->auth_type) {
2479 return -EINVAL; 2366 case NL80211_AUTHTYPE_OPEN_SYSTEM:
2367 auth_alg = WLAN_AUTH_OPEN;
2368 break;
2369 case NL80211_AUTHTYPE_SHARED_KEY:
2370 auth_alg = WLAN_AUTH_SHARED_KEY;
2371 break;
2372 case NL80211_AUTHTYPE_FT:
2373 auth_alg = WLAN_AUTH_FT;
2374 break;
2375 case NL80211_AUTHTYPE_NETWORK_EAP:
2376 auth_alg = WLAN_AUTH_LEAP;
2377 break;
2378 default:
2379 return -EOPNOTSUPP;
2380 }
2480 2381
2481 ifmgd = &sdata->u.mgd; 2382 wk = kzalloc(sizeof(*wk) + req->ie_len, GFP_KERNEL);
2383 if (!wk)
2384 return -ENOMEM;
2482 2385
2483 if (ifmgd->ssid_len != len || memcmp(ifmgd->ssid, ssid, len) != 0) { 2386 wk->bss = (void *)req->bss;
2484 if (ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2485 ieee80211_set_disassoc(sdata, true, true,
2486 WLAN_REASON_DEAUTH_LEAVING);
2487 2387
2488 /* 2388 if (req->ie && req->ie_len) {
2489 * Do not use reassociation if SSID is changed (different ESS). 2389 memcpy(wk->ie, req->ie, req->ie_len);
2490 */ 2390 wk->ie_len = req->ie_len;
2491 ifmgd->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2492 memset(ifmgd->ssid, 0, sizeof(ifmgd->ssid));
2493 memcpy(ifmgd->ssid, ssid, len);
2494 ifmgd->ssid_len = len;
2495 } 2391 }
2496 2392
2497 return ieee80211_sta_commit(sdata); 2393 if (req->key && req->key_len) {
2498} 2394 wk->key_len = req->key_len;
2395 wk->key_idx = req->key_idx;
2396 memcpy(wk->key, req->key, req->key_len);
2397 }
2499 2398
2500int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len) 2399 ssid = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);
2501{ 2400 memcpy(wk->ssid, ssid + 2, ssid[1]);
2502 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2401 wk->ssid_len = ssid[1];
2503 memcpy(ssid, ifmgd->ssid, ifmgd->ssid_len); 2402
2504 *len = ifmgd->ssid_len; 2403 wk->state = IEEE80211_MGD_STATE_PROBE;
2404 wk->auth_alg = auth_alg;
2405 wk->timeout = jiffies; /* run right away */
2406
2407 /*
2408 * XXX: if still associated need to tell AP that we're going
2409 * to sleep and then change channel etc.
2410 */
2411 sdata->local->oper_channel = req->bss->channel;
2412 ieee80211_hw_config(sdata->local, 0);
2413
2414 mutex_lock(&ifmgd->mtx);
2415 list_add(&wk->list, &sdata->u.mgd.work_list);
2416 mutex_unlock(&ifmgd->mtx);
2417
2418 ieee80211_queue_work(&sdata->local->hw, &sdata->u.mgd.work);
2505 return 0; 2419 return 0;
2506} 2420}
2507 2421
2508int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid) 2422int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
2423 struct cfg80211_assoc_request *req)
2509{ 2424{
2510 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2425 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2426 struct ieee80211_mgd_work *wk, *found = NULL;
2427 int i, err;
2511 2428
2512 if (compare_ether_addr(bssid, ifmgd->bssid) != 0 && 2429 mutex_lock(&ifmgd->mtx);
2513 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATED)
2514 ieee80211_set_disassoc(sdata, true, true,
2515 WLAN_REASON_DEAUTH_LEAVING);
2516 2430
2517 if (is_valid_ether_addr(bssid)) { 2431 list_for_each_entry(wk, &ifmgd->work_list, list) {
2518 memcpy(ifmgd->bssid, bssid, ETH_ALEN); 2432 if (&wk->bss->cbss == req->bss &&
2519 ifmgd->flags |= IEEE80211_STA_BSSID_SET; 2433 wk->state == IEEE80211_MGD_STATE_IDLE) {
2520 } else { 2434 found = wk;
2521 memset(ifmgd->bssid, 0, ETH_ALEN); 2435 break;
2522 ifmgd->flags &= ~IEEE80211_STA_BSSID_SET; 2436 }
2523 } 2437 }
2524 2438
2525 return ieee80211_sta_commit(sdata); 2439 if (!found) {
2526} 2440 err = -ENOLINK;
2441 goto out;
2442 }
2527 2443
2528int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, 2444 list_del(&found->list);
2529 const char *ie, size_t len)
2530{
2531 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2532 2445
2533 if (len == 0 && ifmgd->extra_ie_len == 0) 2446 wk = krealloc(found, sizeof(*wk) + req->ie_len, GFP_KERNEL);
2534 return -EALREADY; 2447 if (!wk) {
2448 list_add(&found->list, &ifmgd->work_list);
2449 err = -ENOMEM;
2450 goto out;
2451 }
2535 2452
2536 if (len == ifmgd->extra_ie_len && ifmgd->extra_ie && 2453 list_add(&wk->list, &ifmgd->work_list);
2537 memcmp(ifmgd->extra_ie, ie, len) == 0)
2538 return -EALREADY;
2539 2454
2540 kfree(ifmgd->extra_ie); 2455 ifmgd->flags &= ~IEEE80211_STA_DISABLE_11N;
2541 if (len == 0) { 2456
2542 ifmgd->extra_ie = NULL; 2457 for (i = 0; i < req->crypto.n_ciphers_pairwise; i++)
2543 ifmgd->extra_ie_len = 0; 2458 if (req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP40 ||
2544 return 0; 2459 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
2545 } 2460 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104)
2546 ifmgd->extra_ie = kmalloc(len, GFP_KERNEL); 2461 ifmgd->flags |= IEEE80211_STA_DISABLE_11N;
2547 if (!ifmgd->extra_ie) { 2462
2548 ifmgd->extra_ie_len = 0; 2463 sdata->local->oper_channel = req->bss->channel;
2549 return -ENOMEM; 2464 ieee80211_hw_config(sdata->local, 0);
2465
2466 if (req->ie && req->ie_len) {
2467 memcpy(wk->ie, req->ie, req->ie_len);
2468 wk->ie_len = req->ie_len;
2469 } else
2470 wk->ie_len = 0;
2471
2472 if (req->prev_bssid)
2473 memcpy(wk->prev_bssid, req->prev_bssid, ETH_ALEN);
2474
2475 wk->state = IEEE80211_MGD_STATE_ASSOC;
2476 wk->tries = 0;
2477 wk->timeout = jiffies; /* run right away */
2478
2479 if (req->use_mfp) {
2480 ifmgd->mfp = IEEE80211_MFP_REQUIRED;
2481 ifmgd->flags |= IEEE80211_STA_MFP_ENABLED;
2482 } else {
2483 ifmgd->mfp = IEEE80211_MFP_DISABLED;
2484 ifmgd->flags &= ~IEEE80211_STA_MFP_ENABLED;
2550 } 2485 }
2551 memcpy(ifmgd->extra_ie, ie, len);
2552 ifmgd->extra_ie_len = len;
2553 return 0;
2554}
2555 2486
2556int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason) 2487 if (req->crypto.control_port)
2557{ 2488 ifmgd->flags |= IEEE80211_STA_CONTROL_PORT;
2558 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n", 2489 else
2559 sdata->dev->name, reason); 2490 ifmgd->flags &= ~IEEE80211_STA_CONTROL_PORT;
2560 2491
2561 ieee80211_set_disassoc(sdata, true, true, reason); 2492 ieee80211_queue_work(&sdata->local->hw, &sdata->u.mgd.work);
2562 return 0; 2493
2494 err = 0;
2495
2496 out:
2497 mutex_unlock(&ifmgd->mtx);
2498 return err;
2563} 2499}
2564 2500
2565int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason) 2501int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
2502 struct cfg80211_deauth_request *req,
2503 void *cookie)
2566{ 2504{
2567 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2505 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2506 struct ieee80211_mgd_work *wk;
2507 const u8 *bssid = NULL;
2568 2508
2569 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n", 2509 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
2570 sdata->dev->name, reason); 2510 sdata->dev->name, req->reason_code);
2511
2512 mutex_lock(&ifmgd->mtx);
2513
2514 if (ifmgd->associated && &ifmgd->associated->cbss == req->bss) {
2515 bssid = req->bss->bssid;
2516 ieee80211_set_disassoc(sdata, true);
2517 } else list_for_each_entry(wk, &ifmgd->work_list, list) {
2518 if (&wk->bss->cbss == req->bss) {
2519 bssid = req->bss->bssid;
2520 list_del(&wk->list);
2521 kfree(wk);
2522 break;
2523 }
2524 }
2571 2525
2572 if (!(ifmgd->flags & IEEE80211_STA_ASSOCIATED)) 2526 /*
2527 * cfg80211 should catch this ... but it's racy since
2528 * we can receive a deauth frame, process it, hand it
2529 * to cfg80211 while that's in a locked section already
2530 * trying to tell us that the user wants to disconnect.
2531 */
2532 if (!bssid) {
2533 mutex_unlock(&ifmgd->mtx);
2573 return -ENOLINK; 2534 return -ENOLINK;
2535 }
2536
2537 mutex_unlock(&ifmgd->mtx);
2538
2539 ieee80211_send_deauth_disassoc(sdata, bssid,
2540 IEEE80211_STYPE_DEAUTH, req->reason_code,
2541 cookie);
2574 2542
2575 ieee80211_set_disassoc(sdata, false, true, reason);
2576 return 0; 2543 return 0;
2577} 2544}
2578 2545
2579/* scan finished notification */ 2546int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
2580void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local) 2547 struct cfg80211_disassoc_request *req,
2548 void *cookie)
2581{ 2549{
2582 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 2550 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2583 2551
2584 /* Restart STA timers */ 2552 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
2585 rcu_read_lock(); 2553 sdata->dev->name, req->reason_code);
2586 list_for_each_entry_rcu(sdata, &local->interfaces, list)
2587 ieee80211_restart_sta_timer(sdata);
2588 rcu_read_unlock();
2589}
2590 2554
2591int ieee80211_max_network_latency(struct notifier_block *nb, 2555 mutex_lock(&ifmgd->mtx);
2592 unsigned long data, void *dummy)
2593{
2594 s32 latency_usec = (s32) data;
2595 struct ieee80211_local *local =
2596 container_of(nb, struct ieee80211_local,
2597 network_latency_notifier);
2598 2556
2599 mutex_lock(&local->iflist_mtx); 2557 /*
2600 ieee80211_recalc_ps(local, latency_usec); 2558 * cfg80211 should catch this ... but it's racy since
2601 mutex_unlock(&local->iflist_mtx); 2559 * we can receive a disassoc frame, process it, hand it
2560 * to cfg80211 while that's in a locked section already
2561 * trying to tell us that the user wants to disconnect.
2562 */
2563 if (&ifmgd->associated->cbss != req->bss) {
2564 mutex_unlock(&ifmgd->mtx);
2565 return -ENOLINK;
2566 }
2567
2568 ieee80211_set_disassoc(sdata, false);
2569
2570 mutex_unlock(&ifmgd->mtx);
2602 2571
2572 ieee80211_send_deauth_disassoc(sdata, req->bss->bssid,
2573 IEEE80211_STYPE_DISASSOC, req->reason_code,
2574 cookie);
2603 return 0; 2575 return 0;
2604} 2576}
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
index 5e3d476972f9..a5d2f1fb4417 100644
--- a/net/mac80211/pm.c
+++ b/net/mac80211/pm.c
@@ -26,7 +26,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
26 /* make quiescing visible to timers everywhere */ 26 /* make quiescing visible to timers everywhere */
27 mb(); 27 mb();
28 28
29 flush_workqueue(local->hw.workqueue); 29 flush_workqueue(local->workqueue);
30 30
31 /* Don't try to run timers while suspended. */ 31 /* Don't try to run timers while suspended. */
32 del_timer_sync(&local->sta_cleanup); 32 del_timer_sync(&local->sta_cleanup);
@@ -96,6 +96,10 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
96 if (!netif_running(sdata->dev)) 96 if (!netif_running(sdata->dev))
97 continue; 97 continue;
98 98
99 /* disable beaconing */
100 ieee80211_bss_info_change_notify(sdata,
101 BSS_CHANGED_BEACON_ENABLED);
102
99 conf.vif = &sdata->vif; 103 conf.vif = &sdata->vif;
100 conf.type = sdata->vif.type; 104 conf.type = sdata->vif.type;
101 conf.mac_addr = sdata->dev->dev_addr; 105 conf.mac_addr = sdata->dev->dev_addr;
@@ -113,7 +117,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw)
113 * shouldn't be doing (or cancel everything in the 117 * shouldn't be doing (or cancel everything in the
114 * stop callback) that but better safe than sorry. 118 * stop callback) that but better safe than sorry.
115 */ 119 */
116 flush_workqueue(local->hw.workqueue); 120 flush_workqueue(local->workqueue);
117 121
118 local->suspended = true; 122 local->suspended = true;
119 /* need suspended to be visible before quiescing is false */ 123 /* need suspended to be visible before quiescing is false */
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index 4641f00a1e5c..b33efc4fc267 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -198,6 +198,35 @@ static void rate_control_release(struct kref *kref)
198 kfree(ctrl_ref); 198 kfree(ctrl_ref);
199} 199}
200 200
201static bool rc_no_data_or_no_ack(struct ieee80211_tx_rate_control *txrc)
202{
203 struct sk_buff *skb = txrc->skb;
204 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
205 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
206 __le16 fc;
207
208 fc = hdr->frame_control;
209
210 return ((info->flags & IEEE80211_TX_CTL_NO_ACK) || !ieee80211_is_data(fc));
211}
212
213bool rate_control_send_low(struct ieee80211_sta *sta,
214 void *priv_sta,
215 struct ieee80211_tx_rate_control *txrc)
216{
217 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(txrc->skb);
218
219 if (!sta || !priv_sta || rc_no_data_or_no_ack(txrc)) {
220 info->control.rates[0].idx = rate_lowest_index(txrc->sband, sta);
221 info->control.rates[0].count =
222 (info->flags & IEEE80211_TX_CTL_NO_ACK) ?
223 1 : txrc->hw->max_rate_tries;
224 return true;
225 }
226 return false;
227}
228EXPORT_SYMBOL(rate_control_send_low);
229
201void rate_control_get_rate(struct ieee80211_sub_if_data *sdata, 230void rate_control_get_rate(struct ieee80211_sub_if_data *sdata,
202 struct sta_info *sta, 231 struct sta_info *sta,
203 struct ieee80211_tx_rate_control *txrc) 232 struct ieee80211_tx_rate_control *txrc)
@@ -258,7 +287,7 @@ int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
258 struct rate_control_ref *ref, *old; 287 struct rate_control_ref *ref, *old;
259 288
260 ASSERT_RTNL(); 289 ASSERT_RTNL();
261 if (local->open_count || netif_running(local->mdev)) 290 if (local->open_count)
262 return -EBUSY; 291 return -EBUSY;
263 292
264 ref = rate_control_alloc(name, local); 293 ref = rate_control_alloc(name, local);
diff --git a/net/mac80211/rc80211_minstrel.c b/net/mac80211/rc80211_minstrel.c
index 37771abd8f5a..007164919e02 100644
--- a/net/mac80211/rc80211_minstrel.c
+++ b/net/mac80211/rc80211_minstrel.c
@@ -51,6 +51,7 @@
51#include <linux/random.h> 51#include <linux/random.h>
52#include <linux/ieee80211.h> 52#include <linux/ieee80211.h>
53#include <net/mac80211.h> 53#include <net/mac80211.h>
54#include "mesh.h"
54#include "rate.h" 55#include "rate.h"
55#include "rc80211_minstrel.h" 56#include "rc80211_minstrel.h"
56 57
@@ -70,20 +71,6 @@ rix_to_ndx(struct minstrel_sta_info *mi, int rix)
70 return i; 71 return i;
71} 72}
72 73
73static inline bool
74use_low_rate(struct sk_buff *skb)
75{
76 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
77 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
78 u16 fc;
79
80 fc = le16_to_cpu(hdr->frame_control);
81
82 return ((info->flags & IEEE80211_TX_CTL_NO_ACK) ||
83 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA);
84}
85
86
87static void 74static void
88minstrel_update_stats(struct minstrel_priv *mp, struct minstrel_sta_info *mi) 75minstrel_update_stats(struct minstrel_priv *mp, struct minstrel_sta_info *mi)
89{ 76{
@@ -169,12 +156,16 @@ minstrel_tx_status(void *priv, struct ieee80211_supported_band *sband,
169 struct sk_buff *skb) 156 struct sk_buff *skb)
170{ 157{
171 struct minstrel_sta_info *mi = priv_sta; 158 struct minstrel_sta_info *mi = priv_sta;
159 struct minstrel_priv *mp = (struct minstrel_priv *)priv;
172 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 160 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
173 struct ieee80211_tx_rate *ar = info->status.rates; 161 struct ieee80211_tx_rate *ar = info->status.rates;
162 struct ieee80211_local *local = hw_to_local(mp->hw);
163 struct sta_info *si;
174 int i, ndx; 164 int i, ndx;
175 int success; 165 int success;
176 166
177 success = !!(info->flags & IEEE80211_TX_STAT_ACK); 167 success = !!(info->flags & IEEE80211_TX_STAT_ACK);
168 si = sta_info_get(local, sta->addr);
178 169
179 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) { 170 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
180 if (ar[i].idx < 0) 171 if (ar[i].idx < 0)
@@ -186,8 +177,17 @@ minstrel_tx_status(void *priv, struct ieee80211_supported_band *sband,
186 177
187 mi->r[ndx].attempts += ar[i].count; 178 mi->r[ndx].attempts += ar[i].count;
188 179
189 if ((i != IEEE80211_TX_MAX_RATES - 1) && (ar[i + 1].idx < 0)) 180 if ((i != IEEE80211_TX_MAX_RATES - 1) && (ar[i + 1].idx < 0)) {
190 mi->r[ndx].success += success; 181 mi->r[ndx].success += success;
182 if (si) {
183 si->fail_avg = (18050 - mi->r[ndx].probability)
184 / 180;
185 WARN_ON(si->fail_avg > 100);
186 if (si->fail_avg == 100 &&
187 ieee80211_vif_is_mesh(&si->sdata->vif))
188 mesh_plink_broken(si);
189 }
190 }
191 } 191 }
192 192
193 if ((info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) && (i >= 0)) 193 if ((info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) && (i >= 0))
@@ -232,7 +232,6 @@ minstrel_get_rate(void *priv, struct ieee80211_sta *sta,
232 void *priv_sta, struct ieee80211_tx_rate_control *txrc) 232 void *priv_sta, struct ieee80211_tx_rate_control *txrc)
233{ 233{
234 struct sk_buff *skb = txrc->skb; 234 struct sk_buff *skb = txrc->skb;
235 struct ieee80211_supported_band *sband = txrc->sband;
236 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 235 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
237 struct minstrel_sta_info *mi = priv_sta; 236 struct minstrel_sta_info *mi = priv_sta;
238 struct minstrel_priv *mp = priv; 237 struct minstrel_priv *mp = priv;
@@ -245,14 +244,8 @@ minstrel_get_rate(void *priv, struct ieee80211_sta *sta,
245 int mrr_ndx[3]; 244 int mrr_ndx[3];
246 int sample_rate; 245 int sample_rate;
247 246
248 if (!sta || !mi || use_low_rate(skb)) { 247 if (rate_control_send_low(sta, priv_sta, txrc))
249 ar[0].idx = rate_lowest_index(sband, sta);
250 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
251 ar[0].count = 1;
252 else
253 ar[0].count = mp->max_retry;
254 return; 248 return;
255 }
256 249
257 mrr = mp->has_mrr && !txrc->rts && !txrc->bss_conf->use_cts_prot; 250 mrr = mp->has_mrr && !txrc->rts && !txrc->bss_conf->use_cts_prot;
258 251
diff --git a/net/mac80211/rc80211_pid_algo.c b/net/mac80211/rc80211_pid_algo.c
index a0bef767ceb5..8c053be9dc24 100644
--- a/net/mac80211/rc80211_pid_algo.c
+++ b/net/mac80211/rc80211_pid_algo.c
@@ -276,11 +276,9 @@ rate_control_pid_get_rate(void *priv, struct ieee80211_sta *sta,
276{ 276{
277 struct sk_buff *skb = txrc->skb; 277 struct sk_buff *skb = txrc->skb;
278 struct ieee80211_supported_band *sband = txrc->sband; 278 struct ieee80211_supported_band *sband = txrc->sband;
279 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
280 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 279 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
281 struct rc_pid_sta_info *spinfo = priv_sta; 280 struct rc_pid_sta_info *spinfo = priv_sta;
282 int rateidx; 281 int rateidx;
283 u16 fc;
284 282
285 if (txrc->rts) 283 if (txrc->rts)
286 info->control.rates[0].count = 284 info->control.rates[0].count =
@@ -290,16 +288,8 @@ rate_control_pid_get_rate(void *priv, struct ieee80211_sta *sta,
290 txrc->hw->conf.short_frame_max_tx_count; 288 txrc->hw->conf.short_frame_max_tx_count;
291 289
292 /* Send management frames and NO_ACK data using lowest rate. */ 290 /* Send management frames and NO_ACK data using lowest rate. */
293 fc = le16_to_cpu(hdr->frame_control); 291 if (rate_control_send_low(sta, priv_sta, txrc))
294 if (!sta || !spinfo ||
295 (fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
296 info->flags & IEEE80211_TX_CTL_NO_ACK) {
297 info->control.rates[0].idx = rate_lowest_index(sband, sta);
298 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
299 info->control.rates[0].count = 1;
300
301 return; 292 return;
302 }
303 293
304 rateidx = spinfo->txrate_idx; 294 rateidx = spinfo->txrate_idx;
305 295
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 0936fc24942d..4cd9e45b1443 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -30,7 +30,6 @@
30static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw, 30static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
31 struct tid_ampdu_rx *tid_agg_rx, 31 struct tid_ampdu_rx *tid_agg_rx,
32 struct sk_buff *skb, 32 struct sk_buff *skb,
33 struct ieee80211_rx_status *status,
34 u16 mpdu_seq_num, 33 u16 mpdu_seq_num,
35 int bar_req); 34 int bar_req);
36/* 35/*
@@ -59,11 +58,11 @@ static struct sk_buff *remove_monitor_info(struct ieee80211_local *local,
59 return skb; 58 return skb;
60} 59}
61 60
62static inline int should_drop_frame(struct ieee80211_rx_status *status, 61static inline int should_drop_frame(struct sk_buff *skb,
63 struct sk_buff *skb,
64 int present_fcs_len, 62 int present_fcs_len,
65 int radiotap_len) 63 int radiotap_len)
66{ 64{
65 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
67 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 66 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
68 67
69 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC)) 68 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC))
@@ -111,10 +110,10 @@ ieee80211_rx_radiotap_len(struct ieee80211_local *local,
111static void 110static void
112ieee80211_add_rx_radiotap_header(struct ieee80211_local *local, 111ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
113 struct sk_buff *skb, 112 struct sk_buff *skb,
114 struct ieee80211_rx_status *status,
115 struct ieee80211_rate *rate, 113 struct ieee80211_rate *rate,
116 int rtap_len) 114 int rtap_len)
117{ 115{
116 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
118 struct ieee80211_radiotap_header *rthdr; 117 struct ieee80211_radiotap_header *rthdr;
119 unsigned char *pos; 118 unsigned char *pos;
120 119
@@ -220,9 +219,9 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
220 */ 219 */
221static struct sk_buff * 220static struct sk_buff *
222ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb, 221ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
223 struct ieee80211_rx_status *status,
224 struct ieee80211_rate *rate) 222 struct ieee80211_rate *rate)
225{ 223{
224 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(origskb);
226 struct ieee80211_sub_if_data *sdata; 225 struct ieee80211_sub_if_data *sdata;
227 int needed_headroom = 0; 226 int needed_headroom = 0;
228 struct sk_buff *skb, *skb2; 227 struct sk_buff *skb, *skb2;
@@ -248,8 +247,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
248 present_fcs_len = FCS_LEN; 247 present_fcs_len = FCS_LEN;
249 248
250 if (!local->monitors) { 249 if (!local->monitors) {
251 if (should_drop_frame(status, origskb, present_fcs_len, 250 if (should_drop_frame(origskb, present_fcs_len, rtap_len)) {
252 rtap_len)) {
253 dev_kfree_skb(origskb); 251 dev_kfree_skb(origskb);
254 return NULL; 252 return NULL;
255 } 253 }
@@ -257,7 +255,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
257 return remove_monitor_info(local, origskb, rtap_len); 255 return remove_monitor_info(local, origskb, rtap_len);
258 } 256 }
259 257
260 if (should_drop_frame(status, origskb, present_fcs_len, rtap_len)) { 258 if (should_drop_frame(origskb, present_fcs_len, rtap_len)) {
261 /* only need to expand headroom if necessary */ 259 /* only need to expand headroom if necessary */
262 skb = origskb; 260 skb = origskb;
263 origskb = NULL; 261 origskb = NULL;
@@ -289,7 +287,7 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
289 287
290 /* if necessary, prepend radiotap information */ 288 /* if necessary, prepend radiotap information */
291 if (!(status->flag & RX_FLAG_RADIOTAP)) 289 if (!(status->flag & RX_FLAG_RADIOTAP))
292 ieee80211_add_rx_radiotap_header(local, skb, status, rate, 290 ieee80211_add_rx_radiotap_header(local, skb, rate,
293 needed_headroom); 291 needed_headroom);
294 292
295 skb_reset_mac_header(skb); 293 skb_reset_mac_header(skb);
@@ -420,13 +418,13 @@ ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx)
420 struct ieee80211_local *local = rx->local; 418 struct ieee80211_local *local = rx->local;
421 struct sk_buff *skb = rx->skb; 419 struct sk_buff *skb = rx->skb;
422 420
423 if (unlikely(local->hw_scanning)) 421 if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning)))
424 return ieee80211_scan_rx(rx->sdata, skb, rx->status); 422 return ieee80211_scan_rx(rx->sdata, skb);
425 423
426 if (unlikely(local->sw_scanning)) { 424 if (unlikely(test_bit(SCAN_SW_SCANNING, &local->scanning) &&
425 (rx->flags & IEEE80211_RX_IN_SCAN))) {
427 /* drop all the other packets during a software scan anyway */ 426 /* drop all the other packets during a software scan anyway */
428 if (ieee80211_scan_rx(rx->sdata, skb, rx->status) 427 if (ieee80211_scan_rx(rx->sdata, skb) != RX_QUEUED)
429 != RX_QUEUED)
430 dev_kfree_skb(skb); 428 dev_kfree_skb(skb);
431 return RX_QUEUED; 429 return RX_QUEUED;
432 } 430 }
@@ -491,12 +489,21 @@ ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx)
491{ 489{
492 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 490 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
493 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control); 491 unsigned int hdrlen = ieee80211_hdrlen(hdr->frame_control);
492 char *dev_addr = rx->dev->dev_addr;
494 493
495 if (ieee80211_is_data(hdr->frame_control)) { 494 if (ieee80211_is_data(hdr->frame_control)) {
496 if (!ieee80211_has_a4(hdr->frame_control)) 495 if (is_multicast_ether_addr(hdr->addr1)) {
497 return RX_DROP_MONITOR; 496 if (ieee80211_has_tods(hdr->frame_control) ||
498 if (memcmp(hdr->addr4, rx->dev->dev_addr, ETH_ALEN) == 0) 497 !ieee80211_has_fromds(hdr->frame_control))
499 return RX_DROP_MONITOR; 498 return RX_DROP_MONITOR;
499 if (memcmp(hdr->addr3, dev_addr, ETH_ALEN) == 0)
500 return RX_DROP_MONITOR;
501 } else {
502 if (!ieee80211_has_a4(hdr->frame_control))
503 return RX_DROP_MONITOR;
504 if (memcmp(hdr->addr4, dev_addr, ETH_ALEN) == 0)
505 return RX_DROP_MONITOR;
506 }
500 } 507 }
501 508
502 /* If there is not an established peer link and this is not a peer link 509 /* If there is not an established peer link and this is not a peer link
@@ -529,7 +536,7 @@ ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx)
529 536
530 if (ieee80211_is_data(hdr->frame_control) && 537 if (ieee80211_is_data(hdr->frame_control) &&
531 is_multicast_ether_addr(hdr->addr1) && 538 is_multicast_ether_addr(hdr->addr1) &&
532 mesh_rmc_check(hdr->addr4, msh_h_get(hdr, hdrlen), rx->sdata)) 539 mesh_rmc_check(hdr->addr3, msh_h_get(hdr, hdrlen), rx->sdata))
533 return RX_DROP_MONITOR; 540 return RX_DROP_MONITOR;
534#undef msh_h_get 541#undef msh_h_get
535 542
@@ -785,7 +792,7 @@ static void ap_sta_ps_start(struct sta_info *sta)
785 struct ieee80211_local *local = sdata->local; 792 struct ieee80211_local *local = sdata->local;
786 793
787 atomic_inc(&sdata->bss->num_sta_ps); 794 atomic_inc(&sdata->bss->num_sta_ps);
788 set_and_clear_sta_flags(sta, WLAN_STA_PS, WLAN_STA_PSPOLL); 795 set_sta_flags(sta, WLAN_STA_PS);
789 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_SLEEP, &sta->sta); 796 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_SLEEP, &sta->sta);
790#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 797#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
791 printk(KERN_DEBUG "%s: STA %pM aid %d enters power save mode\n", 798 printk(KERN_DEBUG "%s: STA %pM aid %d enters power save mode\n",
@@ -801,7 +808,7 @@ static int ap_sta_ps_end(struct sta_info *sta)
801 808
802 atomic_dec(&sdata->bss->num_sta_ps); 809 atomic_dec(&sdata->bss->num_sta_ps);
803 810
804 clear_sta_flags(sta, WLAN_STA_PS | WLAN_STA_PSPOLL); 811 clear_sta_flags(sta, WLAN_STA_PS);
805 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_AWAKE, &sta->sta); 812 drv_sta_notify(local, &sdata->vif, STA_NOTIFY_AWAKE, &sta->sta);
806 813
807 if (!skb_queue_empty(&sta->ps_tx_buf)) 814 if (!skb_queue_empty(&sta->ps_tx_buf))
@@ -836,28 +843,22 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
836 if (!sta) 843 if (!sta)
837 return RX_CONTINUE; 844 return RX_CONTINUE;
838 845
839 /* Update last_rx only for IBSS packets which are for the current 846 /*
840 * BSSID to avoid keeping the current IBSS network alive in cases where 847 * Update last_rx only for IBSS packets which are for the current
841 * other STAs are using different BSSID. */ 848 * BSSID to avoid keeping the current IBSS network alive in cases
849 * where other STAs start using different BSSID.
850 */
842 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) { 851 if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) {
843 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len, 852 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len,
844 NL80211_IFTYPE_ADHOC); 853 NL80211_IFTYPE_ADHOC);
845 if (compare_ether_addr(bssid, rx->sdata->u.ibss.bssid) == 0) 854 if (compare_ether_addr(bssid, rx->sdata->u.ibss.bssid) == 0)
846 sta->last_rx = jiffies; 855 sta->last_rx = jiffies;
847 } else 856 } else if (!is_multicast_ether_addr(hdr->addr1)) {
848 if (!is_multicast_ether_addr(hdr->addr1) || 857 /*
849 rx->sdata->vif.type == NL80211_IFTYPE_STATION) {
850 /* Update last_rx only for unicast frames in order to prevent
851 * the Probe Request frames (the only broadcast frames from a
852 * STA in infrastructure mode) from keeping a connection alive.
853 * Mesh beacons will update last_rx when if they are found to 858 * Mesh beacons will update last_rx when if they are found to
854 * match the current local configuration when processed. 859 * match the current local configuration when processed.
855 */ 860 */
856 if (rx->sdata->vif.type == NL80211_IFTYPE_STATION && 861 sta->last_rx = jiffies;
857 ieee80211_is_beacon(hdr->frame_control)) {
858 rx->sdata->u.mgd.last_beacon = jiffies;
859 } else
860 sta->last_rx = jiffies;
861 } 862 }
862 863
863 if (!(rx->flags & IEEE80211_RX_RA_MATCH)) 864 if (!(rx->flags & IEEE80211_RX_RA_MATCH))
@@ -1125,14 +1126,15 @@ ieee80211_rx_h_ps_poll(struct ieee80211_rx_data *rx)
1125 skb_queue_empty(&rx->sta->ps_tx_buf); 1126 skb_queue_empty(&rx->sta->ps_tx_buf);
1126 1127
1127 if (skb) { 1128 if (skb) {
1129 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1128 struct ieee80211_hdr *hdr = 1130 struct ieee80211_hdr *hdr =
1129 (struct ieee80211_hdr *) skb->data; 1131 (struct ieee80211_hdr *) skb->data;
1130 1132
1131 /* 1133 /*
1132 * Tell TX path to send one frame even though the STA may 1134 * Tell TX path to send this frame even though the STA may
1133 * still remain is PS mode after this frame exchange. 1135 * still remain is PS mode after this frame exchange.
1134 */ 1136 */
1135 set_sta_flags(rx->sta, WLAN_STA_PSPOLL); 1137 info->flags |= IEEE80211_TX_CTL_PSPOLL_RESPONSE;
1136 1138
1137#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 1139#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1138 printk(KERN_DEBUG "STA %pM aid %d: PS Poll (entries after %d)\n", 1140 printk(KERN_DEBUG "STA %pM aid %d: PS Poll (entries after %d)\n",
@@ -1147,7 +1149,7 @@ ieee80211_rx_h_ps_poll(struct ieee80211_rx_data *rx)
1147 else 1149 else
1148 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA); 1150 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA);
1149 1151
1150 dev_queue_xmit(skb); 1152 ieee80211_add_pending_skb(rx->local, skb);
1151 1153
1152 if (no_pending_pkts) 1154 if (no_pending_pkts)
1153 sta_info_clear_tim_bit(rx->sta); 1155 sta_info_clear_tim_bit(rx->sta);
@@ -1487,10 +1489,13 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1487 struct ieee80211s_hdr *mesh_hdr; 1489 struct ieee80211s_hdr *mesh_hdr;
1488 unsigned int hdrlen; 1490 unsigned int hdrlen;
1489 struct sk_buff *skb = rx->skb, *fwd_skb; 1491 struct sk_buff *skb = rx->skb, *fwd_skb;
1492 struct ieee80211_local *local = rx->local;
1493 struct ieee80211_sub_if_data *sdata;
1490 1494
1491 hdr = (struct ieee80211_hdr *) skb->data; 1495 hdr = (struct ieee80211_hdr *) skb->data;
1492 hdrlen = ieee80211_hdrlen(hdr->frame_control); 1496 hdrlen = ieee80211_hdrlen(hdr->frame_control);
1493 mesh_hdr = (struct ieee80211s_hdr *) (skb->data + hdrlen); 1497 mesh_hdr = (struct ieee80211s_hdr *) (skb->data + hdrlen);
1498 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1494 1499
1495 if (!ieee80211_is_data(hdr->frame_control)) 1500 if (!ieee80211_is_data(hdr->frame_control))
1496 return RX_CONTINUE; 1501 return RX_CONTINUE;
@@ -1499,11 +1504,10 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1499 /* illegal frame */ 1504 /* illegal frame */
1500 return RX_DROP_MONITOR; 1505 return RX_DROP_MONITOR;
1501 1506
1502 if (mesh_hdr->flags & MESH_FLAGS_AE_A5_A6){ 1507 if (!is_multicast_ether_addr(hdr->addr1) &&
1503 struct ieee80211_sub_if_data *sdata; 1508 (mesh_hdr->flags & MESH_FLAGS_AE_A5_A6)) {
1504 struct mesh_path *mppath; 1509 struct mesh_path *mppath;
1505 1510
1506 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1507 rcu_read_lock(); 1511 rcu_read_lock();
1508 mppath = mpp_path_lookup(mesh_hdr->eaddr2, sdata); 1512 mppath = mpp_path_lookup(mesh_hdr->eaddr2, sdata);
1509 if (!mppath) { 1513 if (!mppath) {
@@ -1518,7 +1522,9 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1518 rcu_read_unlock(); 1522 rcu_read_unlock();
1519 } 1523 }
1520 1524
1521 if (compare_ether_addr(rx->dev->dev_addr, hdr->addr3) == 0) 1525 /* Frame has reached destination. Don't forward */
1526 if (!is_multicast_ether_addr(hdr->addr1) &&
1527 compare_ether_addr(rx->dev->dev_addr, hdr->addr3) == 0)
1522 return RX_CONTINUE; 1528 return RX_CONTINUE;
1523 1529
1524 mesh_hdr->ttl--; 1530 mesh_hdr->ttl--;
@@ -1529,6 +1535,8 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1529 dropped_frames_ttl); 1535 dropped_frames_ttl);
1530 else { 1536 else {
1531 struct ieee80211_hdr *fwd_hdr; 1537 struct ieee80211_hdr *fwd_hdr;
1538 struct ieee80211_tx_info *info;
1539
1532 fwd_skb = skb_copy(skb, GFP_ATOMIC); 1540 fwd_skb = skb_copy(skb, GFP_ATOMIC);
1533 1541
1534 if (!fwd_skb && net_ratelimit()) 1542 if (!fwd_skb && net_ratelimit())
@@ -1536,19 +1544,34 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
1536 rx->dev->name); 1544 rx->dev->name);
1537 1545
1538 fwd_hdr = (struct ieee80211_hdr *) fwd_skb->data; 1546 fwd_hdr = (struct ieee80211_hdr *) fwd_skb->data;
1539 /*
1540 * Save TA to addr1 to send TA a path error if a
1541 * suitable next hop is not found
1542 */
1543 memcpy(fwd_hdr->addr1, fwd_hdr->addr2, ETH_ALEN);
1544 memcpy(fwd_hdr->addr2, rx->dev->dev_addr, ETH_ALEN); 1547 memcpy(fwd_hdr->addr2, rx->dev->dev_addr, ETH_ALEN);
1545 fwd_skb->dev = rx->local->mdev; 1548 info = IEEE80211_SKB_CB(fwd_skb);
1546 fwd_skb->iif = rx->dev->ifindex; 1549 memset(info, 0, sizeof(*info));
1547 dev_queue_xmit(fwd_skb); 1550 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
1551 info->control.vif = &rx->sdata->vif;
1552 ieee80211_select_queue(local, fwd_skb);
1553 if (!is_multicast_ether_addr(fwd_hdr->addr1)) {
1554 int err;
1555 /*
1556 * Save TA to addr1 to send TA a path error if a
1557 * suitable next hop is not found
1558 */
1559 memcpy(fwd_hdr->addr1, fwd_hdr->addr2,
1560 ETH_ALEN);
1561 err = mesh_nexthop_lookup(fwd_skb, sdata);
1562 /* Failed to immediately resolve next hop:
1563 * fwded frame was dropped or will be added
1564 * later to the pending skb queue. */
1565 if (err)
1566 return RX_DROP_MONITOR;
1567 }
1568 IEEE80211_IFSTA_MESH_CTR_INC(&sdata->u.mesh,
1569 fwded_frames);
1570 ieee80211_add_pending_skb(local, fwd_skb);
1548 } 1571 }
1549 } 1572 }
1550 1573
1551 if (is_multicast_ether_addr(hdr->addr3) || 1574 if (is_multicast_ether_addr(hdr->addr1) ||
1552 rx->dev->flags & IFF_PROMISC) 1575 rx->dev->flags & IFF_PROMISC)
1553 return RX_CONTINUE; 1576 return RX_CONTINUE;
1554 else 1577 else
@@ -1620,7 +1643,7 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
1620 /* manage reordering buffer according to requested */ 1643 /* manage reordering buffer according to requested */
1621 /* sequence number */ 1644 /* sequence number */
1622 rcu_read_lock(); 1645 rcu_read_lock();
1623 ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, NULL, NULL, 1646 ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, NULL,
1624 start_seq_num, 1); 1647 start_seq_num, 1);
1625 rcu_read_unlock(); 1648 rcu_read_unlock();
1626 return RX_DROP_UNUSABLE; 1649 return RX_DROP_UNUSABLE;
@@ -1644,12 +1667,7 @@ static void ieee80211_process_sa_query_req(struct ieee80211_sub_if_data *sdata,
1644 1667
1645 if (compare_ether_addr(mgmt->sa, sdata->u.mgd.bssid) != 0 || 1668 if (compare_ether_addr(mgmt->sa, sdata->u.mgd.bssid) != 0 ||
1646 compare_ether_addr(mgmt->bssid, sdata->u.mgd.bssid) != 0) { 1669 compare_ether_addr(mgmt->bssid, sdata->u.mgd.bssid) != 0) {
1647 /* Not from the current AP. */ 1670 /* Not from the current AP or not associated yet. */
1648 return;
1649 }
1650
1651 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATE) {
1652 /* Association in progress; ignore SA Query */
1653 return; 1671 return;
1654 } 1672 }
1655 1673
@@ -1686,7 +1704,6 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1686 struct ieee80211_local *local = rx->local; 1704 struct ieee80211_local *local = rx->local;
1687 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev); 1705 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
1688 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data; 1706 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) rx->skb->data;
1689 struct ieee80211_bss *bss;
1690 int len = rx->skb->len; 1707 int len = rx->skb->len;
1691 1708
1692 if (!ieee80211_is_action(mgmt->frame_control)) 1709 if (!ieee80211_is_action(mgmt->frame_control))
@@ -1764,17 +1781,7 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
1764 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN)) 1781 if (memcmp(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN))
1765 return RX_DROP_MONITOR; 1782 return RX_DROP_MONITOR;
1766 1783
1767 bss = ieee80211_rx_bss_get(local, sdata->u.mgd.bssid, 1784 return ieee80211_sta_rx_mgmt(sdata, rx->skb);
1768 local->hw.conf.channel->center_freq,
1769 sdata->u.mgd.ssid,
1770 sdata->u.mgd.ssid_len);
1771 if (!bss)
1772 return RX_DROP_MONITOR;
1773
1774 ieee80211_sta_process_chanswitch(sdata,
1775 &mgmt->u.action.u.chan_switch.sw_elem, bss);
1776 ieee80211_rx_bss_put(local, bss);
1777 break;
1778 } 1785 }
1779 break; 1786 break;
1780 case WLAN_CATEGORY_SA_QUERY: 1787 case WLAN_CATEGORY_SA_QUERY:
@@ -1817,19 +1824,18 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
1817 return RX_DROP_MONITOR; 1824 return RX_DROP_MONITOR;
1818 1825
1819 if (ieee80211_vif_is_mesh(&sdata->vif)) 1826 if (ieee80211_vif_is_mesh(&sdata->vif))
1820 return ieee80211_mesh_rx_mgmt(sdata, rx->skb, rx->status); 1827 return ieee80211_mesh_rx_mgmt(sdata, rx->skb);
1821 1828
1822 if (sdata->vif.type == NL80211_IFTYPE_ADHOC) 1829 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
1823 return ieee80211_ibss_rx_mgmt(sdata, rx->skb, rx->status); 1830 return ieee80211_ibss_rx_mgmt(sdata, rx->skb);
1824 1831
1825 if (sdata->vif.type == NL80211_IFTYPE_STATION) 1832 if (sdata->vif.type == NL80211_IFTYPE_STATION)
1826 return ieee80211_sta_rx_mgmt(sdata, rx->skb, rx->status); 1833 return ieee80211_sta_rx_mgmt(sdata, rx->skb);
1827 1834
1828 return RX_DROP_MONITOR; 1835 return RX_DROP_MONITOR;
1829} 1836}
1830 1837
1831static void ieee80211_rx_michael_mic_report(struct net_device *dev, 1838static void ieee80211_rx_michael_mic_report(struct ieee80211_hdr *hdr,
1832 struct ieee80211_hdr *hdr,
1833 struct ieee80211_rx_data *rx) 1839 struct ieee80211_rx_data *rx)
1834{ 1840{
1835 int keyidx; 1841 int keyidx;
@@ -1866,7 +1872,8 @@ static void ieee80211_rx_michael_mic_report(struct net_device *dev,
1866 !ieee80211_is_auth(hdr->frame_control)) 1872 !ieee80211_is_auth(hdr->frame_control))
1867 goto ignore; 1873 goto ignore;
1868 1874
1869 mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr, NULL); 1875 mac80211_ev_michael_mic_failure(rx->sdata, keyidx, hdr, NULL,
1876 GFP_ATOMIC);
1870 ignore: 1877 ignore:
1871 dev_kfree_skb(rx->skb); 1878 dev_kfree_skb(rx->skb);
1872 rx->skb = NULL; 1879 rx->skb = NULL;
@@ -2028,13 +2035,8 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2028 case NL80211_IFTYPE_STATION: 2035 case NL80211_IFTYPE_STATION:
2029 if (!bssid) 2036 if (!bssid)
2030 return 0; 2037 return 0;
2031 if (!ieee80211_bssid_match(bssid, sdata->u.mgd.bssid)) { 2038 if (!multicast &&
2032 if (!(rx->flags & IEEE80211_RX_IN_SCAN)) 2039 compare_ether_addr(sdata->dev->dev_addr, hdr->addr1) != 0) {
2033 return 0;
2034 rx->flags &= ~IEEE80211_RX_RA_MATCH;
2035 } else if (!multicast &&
2036 compare_ether_addr(sdata->dev->dev_addr,
2037 hdr->addr1) != 0) {
2038 if (!(sdata->dev->flags & IFF_PROMISC)) 2040 if (!(sdata->dev->flags & IFF_PROMISC))
2039 return 0; 2041 return 0;
2040 rx->flags &= ~IEEE80211_RX_RA_MATCH; 2042 rx->flags &= ~IEEE80211_RX_RA_MATCH;
@@ -2114,9 +2116,9 @@ static int prepare_for_handlers(struct ieee80211_sub_if_data *sdata,
2114 */ 2116 */
2115static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, 2117static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2116 struct sk_buff *skb, 2118 struct sk_buff *skb,
2117 struct ieee80211_rx_status *status,
2118 struct ieee80211_rate *rate) 2119 struct ieee80211_rate *rate)
2119{ 2120{
2121 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
2120 struct ieee80211_local *local = hw_to_local(hw); 2122 struct ieee80211_local *local = hw_to_local(hw);
2121 struct ieee80211_sub_if_data *sdata; 2123 struct ieee80211_sub_if_data *sdata;
2122 struct ieee80211_hdr *hdr; 2124 struct ieee80211_hdr *hdr;
@@ -2143,11 +2145,12 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
2143 } 2145 }
2144 2146
2145 if ((status->flag & RX_FLAG_MMIC_ERROR)) { 2147 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
2146 ieee80211_rx_michael_mic_report(local->mdev, hdr, &rx); 2148 ieee80211_rx_michael_mic_report(hdr, &rx);
2147 return; 2149 return;
2148 } 2150 }
2149 2151
2150 if (unlikely(local->sw_scanning || local->hw_scanning)) 2152 if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning) ||
2153 test_bit(SCAN_OFF_CHANNEL, &local->scanning)))
2151 rx.flags |= IEEE80211_RX_IN_SCAN; 2154 rx.flags |= IEEE80211_RX_IN_SCAN;
2152 2155
2153 ieee80211_parse_qos(&rx); 2156 ieee80211_parse_qos(&rx);
@@ -2227,20 +2230,21 @@ static void ieee80211_release_reorder_frame(struct ieee80211_hw *hw,
2227{ 2230{
2228 struct ieee80211_supported_band *sband; 2231 struct ieee80211_supported_band *sband;
2229 struct ieee80211_rate *rate; 2232 struct ieee80211_rate *rate;
2230 struct ieee80211_rx_status status; 2233 struct sk_buff *skb = tid_agg_rx->reorder_buf[index];
2234 struct ieee80211_rx_status *status;
2231 2235
2232 if (!tid_agg_rx->reorder_buf[index]) 2236 if (!skb)
2233 goto no_frame; 2237 goto no_frame;
2234 2238
2239 status = IEEE80211_SKB_RXCB(skb);
2240
2235 /* release the reordered frames to stack */ 2241 /* release the reordered frames to stack */
2236 memcpy(&status, tid_agg_rx->reorder_buf[index]->cb, sizeof(status)); 2242 sband = hw->wiphy->bands[status->band];
2237 sband = hw->wiphy->bands[status.band]; 2243 if (status->flag & RX_FLAG_HT)
2238 if (status.flag & RX_FLAG_HT)
2239 rate = sband->bitrates; /* TODO: HT rates */ 2244 rate = sband->bitrates; /* TODO: HT rates */
2240 else 2245 else
2241 rate = &sband->bitrates[status.rate_idx]; 2246 rate = &sband->bitrates[status->rate_idx];
2242 __ieee80211_rx_handle_packet(hw, tid_agg_rx->reorder_buf[index], 2247 __ieee80211_rx_handle_packet(hw, skb, rate);
2243 &status, rate);
2244 tid_agg_rx->stored_mpdu_num--; 2248 tid_agg_rx->stored_mpdu_num--;
2245 tid_agg_rx->reorder_buf[index] = NULL; 2249 tid_agg_rx->reorder_buf[index] = NULL;
2246 2250
@@ -2265,7 +2269,6 @@ no_frame:
2265static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw, 2269static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2266 struct tid_ampdu_rx *tid_agg_rx, 2270 struct tid_ampdu_rx *tid_agg_rx,
2267 struct sk_buff *skb, 2271 struct sk_buff *skb,
2268 struct ieee80211_rx_status *rxstatus,
2269 u16 mpdu_seq_num, 2272 u16 mpdu_seq_num,
2270 int bar_req) 2273 int bar_req)
2271{ 2274{
@@ -2324,8 +2327,6 @@ static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2324 /* put the frame in the reordering buffer */ 2327 /* put the frame in the reordering buffer */
2325 tid_agg_rx->reorder_buf[index] = skb; 2328 tid_agg_rx->reorder_buf[index] = skb;
2326 tid_agg_rx->reorder_time[index] = jiffies; 2329 tid_agg_rx->reorder_time[index] = jiffies;
2327 memcpy(tid_agg_rx->reorder_buf[index]->cb, rxstatus,
2328 sizeof(*rxstatus));
2329 tid_agg_rx->stored_mpdu_num++; 2330 tid_agg_rx->stored_mpdu_num++;
2330 /* release the buffer until next missing frame */ 2331 /* release the buffer until next missing frame */
2331 index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) 2332 index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn)
@@ -2374,8 +2375,7 @@ static u8 ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
2374} 2375}
2375 2376
2376static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local, 2377static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2377 struct sk_buff *skb, 2378 struct sk_buff *skb)
2378 struct ieee80211_rx_status *status)
2379{ 2379{
2380 struct ieee80211_hw *hw = &local->hw; 2380 struct ieee80211_hw *hw = &local->hw;
2381 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 2381 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
@@ -2424,7 +2424,7 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2424 2424
2425 /* according to mpdu sequence number deal with reordering buffer */ 2425 /* according to mpdu sequence number deal with reordering buffer */
2426 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4; 2426 mpdu_seq_num = (sc & IEEE80211_SCTL_SEQ) >> 4;
2427 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb, status, 2427 ret = ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb,
2428 mpdu_seq_num, 0); 2428 mpdu_seq_num, 0);
2429 end_reorder: 2429 end_reorder:
2430 return ret; 2430 return ret;
@@ -2434,12 +2434,12 @@ static u8 ieee80211_rx_reorder_ampdu(struct ieee80211_local *local,
2434 * This is the receive path handler. It is called by a low level driver when an 2434 * This is the receive path handler. It is called by a low level driver when an
2435 * 802.11 MPDU is received from the hardware. 2435 * 802.11 MPDU is received from the hardware.
2436 */ 2436 */
2437void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb, 2437void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb)
2438 struct ieee80211_rx_status *status)
2439{ 2438{
2440 struct ieee80211_local *local = hw_to_local(hw); 2439 struct ieee80211_local *local = hw_to_local(hw);
2441 struct ieee80211_rate *rate = NULL; 2440 struct ieee80211_rate *rate = NULL;
2442 struct ieee80211_supported_band *sband; 2441 struct ieee80211_supported_band *sband;
2442 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
2443 2443
2444 if (status->band < 0 || 2444 if (status->band < 0 ||
2445 status->band >= IEEE80211_NUM_BANDS) { 2445 status->band >= IEEE80211_NUM_BANDS) {
@@ -2494,7 +2494,7 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2494 * if it was previously present. 2494 * if it was previously present.
2495 * Also, frames with less than 16 bytes are dropped. 2495 * Also, frames with less than 16 bytes are dropped.
2496 */ 2496 */
2497 skb = ieee80211_rx_monitor(local, skb, status, rate); 2497 skb = ieee80211_rx_monitor(local, skb, rate);
2498 if (!skb) { 2498 if (!skb) {
2499 rcu_read_unlock(); 2499 rcu_read_unlock();
2500 return; 2500 return;
@@ -2512,8 +2512,8 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2512 * frames from other than operational channel), but that should not 2512 * frames from other than operational channel), but that should not
2513 * happen in normal networks. 2513 * happen in normal networks.
2514 */ 2514 */
2515 if (!ieee80211_rx_reorder_ampdu(local, skb, status)) 2515 if (!ieee80211_rx_reorder_ampdu(local, skb))
2516 __ieee80211_rx_handle_packet(hw, skb, status, rate); 2516 __ieee80211_rx_handle_packet(hw, skb, rate);
2517 2517
2518 rcu_read_unlock(); 2518 rcu_read_unlock();
2519} 2519}
@@ -2521,16 +2521,12 @@ EXPORT_SYMBOL(__ieee80211_rx);
2521 2521
2522/* This is a version of the rx handler that can be called from hard irq 2522/* This is a version of the rx handler that can be called from hard irq
2523 * context. Post the skb on the queue and schedule the tasklet */ 2523 * context. Post the skb on the queue and schedule the tasklet */
2524void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb, 2524void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb)
2525 struct ieee80211_rx_status *status)
2526{ 2525{
2527 struct ieee80211_local *local = hw_to_local(hw); 2526 struct ieee80211_local *local = hw_to_local(hw);
2528 2527
2529 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb)); 2528 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb));
2530 2529
2531 skb->dev = local->mdev;
2532 /* copy status into skb->cb for use by tasklet */
2533 memcpy(skb->cb, status, sizeof(*status));
2534 skb->pkt_type = IEEE80211_RX_MSG; 2530 skb->pkt_type = IEEE80211_RX_MSG;
2535 skb_queue_tail(&local->skb_queue, skb); 2531 skb_queue_tail(&local->skb_queue, skb);
2536 tasklet_schedule(&local->tasklet); 2532 tasklet_schedule(&local->tasklet);
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 2a8d09ad17ff..e091cbc3434f 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -18,7 +18,6 @@
18#include <linux/if_arp.h> 18#include <linux/if_arp.h>
19#include <linux/rtnetlink.h> 19#include <linux/rtnetlink.h>
20#include <net/mac80211.h> 20#include <net/mac80211.h>
21#include <net/iw_handler.h>
22 21
23#include "ieee80211_i.h" 22#include "ieee80211_i.h"
24#include "driver-ops.h" 23#include "driver-ops.h"
@@ -26,7 +25,7 @@
26 25
27#define IEEE80211_PROBE_DELAY (HZ / 33) 26#define IEEE80211_PROBE_DELAY (HZ / 33)
28#define IEEE80211_CHANNEL_TIME (HZ / 33) 27#define IEEE80211_CHANNEL_TIME (HZ / 33)
29#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5) 28#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 8)
30 29
31struct ieee80211_bss * 30struct ieee80211_bss *
32ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq, 31ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
@@ -121,23 +120,10 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
121 return bss; 120 return bss;
122} 121}
123 122
124void ieee80211_rx_bss_remove(struct ieee80211_sub_if_data *sdata, u8 *bssid,
125 int freq, u8 *ssid, u8 ssid_len)
126{
127 struct ieee80211_bss *bss;
128 struct ieee80211_local *local = sdata->local;
129
130 bss = ieee80211_rx_bss_get(local, bssid, freq, ssid, ssid_len);
131 if (bss) {
132 cfg80211_unlink_bss(local->hw.wiphy, (void *)bss);
133 ieee80211_rx_bss_put(local, bss);
134 }
135}
136
137ieee80211_rx_result 123ieee80211_rx_result
138ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, 124ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
139 struct ieee80211_rx_status *rx_status)
140{ 125{
126 struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
141 struct ieee80211_mgmt *mgmt; 127 struct ieee80211_mgmt *mgmt;
142 struct ieee80211_bss *bss; 128 struct ieee80211_bss *bss;
143 u8 *elements; 129 u8 *elements;
@@ -278,7 +264,7 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
278 264
279 mutex_lock(&local->scan_mtx); 265 mutex_lock(&local->scan_mtx);
280 266
281 if (WARN_ON(!local->hw_scanning && !local->sw_scanning)) { 267 if (WARN_ON(!local->scanning)) {
282 mutex_unlock(&local->scan_mtx); 268 mutex_unlock(&local->scan_mtx);
283 return; 269 return;
284 } 270 }
@@ -288,16 +274,15 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
288 return; 274 return;
289 } 275 }
290 276
291 if (local->hw_scanning) 277 if (test_bit(SCAN_HW_SCANNING, &local->scanning))
292 ieee80211_restore_scan_ies(local); 278 ieee80211_restore_scan_ies(local);
293 279
294 if (local->scan_req != &local->int_scan_req) 280 if (local->scan_req != local->int_scan_req)
295 cfg80211_scan_done(local->scan_req, aborted); 281 cfg80211_scan_done(local->scan_req, aborted);
296 local->scan_req = NULL; 282 local->scan_req = NULL;
297 283
298 was_hw_scan = local->hw_scanning; 284 was_hw_scan = test_bit(SCAN_HW_SCANNING, &local->scanning);
299 local->hw_scanning = false; 285 local->scanning = 0;
300 local->sw_scanning = false;
301 local->scan_channel = NULL; 286 local->scan_channel = NULL;
302 287
303 /* we only have to protect scan_req and hw/sw scan */ 288 /* we only have to protect scan_req and hw/sw scan */
@@ -307,16 +292,13 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
307 if (was_hw_scan) 292 if (was_hw_scan)
308 goto done; 293 goto done;
309 294
310 netif_tx_lock_bh(local->mdev); 295 spin_lock_bh(&local->filter_lock);
311 netif_addr_lock(local->mdev);
312 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC; 296 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
313 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC, 297 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC,
314 &local->filter_flags, 298 &local->filter_flags,
315 local->mdev->mc_count, 299 local->mc_count,
316 local->mdev->mc_list); 300 local->mc_list);
317 301 spin_unlock_bh(&local->filter_lock);
318 netif_addr_unlock(local->mdev);
319 netif_tx_unlock_bh(local->mdev);
320 302
321 drv_sw_scan_complete(local); 303 drv_sw_scan_complete(local);
322 304
@@ -327,7 +309,7 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
327 309
328 /* Tell AP we're back */ 310 /* Tell AP we're back */
329 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 311 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
330 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) { 312 if (sdata->u.mgd.associated) {
331 ieee80211_scan_ps_disable(sdata); 313 ieee80211_scan_ps_disable(sdata);
332 netif_tx_wake_all_queues(sdata->dev); 314 netif_tx_wake_all_queues(sdata->dev);
333 } 315 }
@@ -382,30 +364,30 @@ static int ieee80211_start_sw_scan(struct ieee80211_local *local)
382 ieee80211_bss_info_change_notify( 364 ieee80211_bss_info_change_notify(
383 sdata, BSS_CHANGED_BEACON_ENABLED); 365 sdata, BSS_CHANGED_BEACON_ENABLED);
384 366
385 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 367 /*
386 if (sdata->u.mgd.flags & IEEE80211_STA_ASSOCIATED) { 368 * only handle non-STA interfaces here, STA interfaces
387 netif_tx_stop_all_queues(sdata->dev); 369 * are handled in the scan state machine
388 ieee80211_scan_ps_enable(sdata); 370 */
389 } 371 if (sdata->vif.type != NL80211_IFTYPE_STATION)
390 } else
391 netif_tx_stop_all_queues(sdata->dev); 372 netif_tx_stop_all_queues(sdata->dev);
392 } 373 }
393 mutex_unlock(&local->iflist_mtx); 374 mutex_unlock(&local->iflist_mtx);
394 375
395 local->scan_state = SCAN_SET_CHANNEL; 376 local->next_scan_state = SCAN_DECISION;
396 local->scan_channel_idx = 0; 377 local->scan_channel_idx = 0;
397 378
398 netif_addr_lock_bh(local->mdev); 379 spin_lock_bh(&local->filter_lock);
399 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC; 380 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
400 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC, 381 drv_configure_filter(local, FIF_BCN_PRBRESP_PROMISC,
401 &local->filter_flags, 382 &local->filter_flags,
402 local->mdev->mc_count, 383 local->mc_count,
403 local->mdev->mc_list); 384 local->mc_list);
404 netif_addr_unlock_bh(local->mdev); 385 spin_unlock_bh(&local->filter_lock);
405 386
406 /* TODO: start scan as soon as all nullfunc frames are ACKed */ 387 /* TODO: start scan as soon as all nullfunc frames are ACKed */
407 queue_delayed_work(local->hw.workqueue, &local->scan_work, 388 ieee80211_queue_delayed_work(&local->hw,
408 IEEE80211_CHANNEL_TIME); 389 &local->scan_work,
390 IEEE80211_CHANNEL_TIME);
409 391
410 return 0; 392 return 0;
411} 393}
@@ -441,20 +423,18 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
441 local->scan_req = req; 423 local->scan_req = req;
442 local->scan_sdata = sdata; 424 local->scan_sdata = sdata;
443 425
444 if (req != &local->int_scan_req && 426 if (req != local->int_scan_req &&
445 sdata->vif.type == NL80211_IFTYPE_STATION && 427 sdata->vif.type == NL80211_IFTYPE_STATION &&
446 (ifmgd->state == IEEE80211_STA_MLME_DIRECT_PROBE || 428 !list_empty(&ifmgd->work_list)) {
447 ifmgd->state == IEEE80211_STA_MLME_AUTHENTICATE || 429 /* actually wait for the work it's doing to finish/time out */
448 ifmgd->state == IEEE80211_STA_MLME_ASSOCIATE)) {
449 /* actually wait for the assoc to finish/time out */
450 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request); 430 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request);
451 return 0; 431 return 0;
452 } 432 }
453 433
454 if (local->ops->hw_scan) 434 if (local->ops->hw_scan)
455 local->hw_scanning = true; 435 __set_bit(SCAN_HW_SCANNING, &local->scanning);
456 else 436 else
457 local->sw_scanning = true; 437 __set_bit(SCAN_SW_SCANNING, &local->scanning);
458 /* 438 /*
459 * Kicking off the scan need not be protected, 439 * Kicking off the scan need not be protected,
460 * only the scan variable stuff, since now 440 * only the scan variable stuff, since now
@@ -477,11 +457,9 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
477 mutex_lock(&local->scan_mtx); 457 mutex_lock(&local->scan_mtx);
478 458
479 if (rc) { 459 if (rc) {
480 if (local->ops->hw_scan) { 460 if (local->ops->hw_scan)
481 local->hw_scanning = false;
482 ieee80211_restore_scan_ies(local); 461 ieee80211_restore_scan_ies(local);
483 } else 462 local->scanning = 0;
484 local->sw_scanning = false;
485 463
486 ieee80211_recalc_idle(local); 464 ieee80211_recalc_idle(local);
487 465
@@ -492,13 +470,195 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
492 return rc; 470 return rc;
493} 471}
494 472
473static int ieee80211_scan_state_decision(struct ieee80211_local *local,
474 unsigned long *next_delay)
475{
476 bool associated = false;
477 struct ieee80211_sub_if_data *sdata;
478
479 /* if no more bands/channels left, complete scan and advance to the idle state */
480 if (local->scan_channel_idx >= local->scan_req->n_channels) {
481 ieee80211_scan_completed(&local->hw, false);
482 return 1;
483 }
484
485 /* check if at least one STA interface is associated */
486 mutex_lock(&local->iflist_mtx);
487 list_for_each_entry(sdata, &local->interfaces, list) {
488 if (!netif_running(sdata->dev))
489 continue;
490
491 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
492 if (sdata->u.mgd.associated) {
493 associated = true;
494 break;
495 }
496 }
497 }
498 mutex_unlock(&local->iflist_mtx);
499
500 if (local->scan_channel) {
501 /*
502 * we're currently scanning a different channel, let's
503 * switch back to the operating channel now if at least
504 * one interface is associated. Otherwise just scan the
505 * next channel
506 */
507 if (associated)
508 local->next_scan_state = SCAN_ENTER_OPER_CHANNEL;
509 else
510 local->next_scan_state = SCAN_SET_CHANNEL;
511 } else {
512 /*
513 * we're on the operating channel currently, let's
514 * leave that channel now to scan another one
515 */
516 local->next_scan_state = SCAN_LEAVE_OPER_CHANNEL;
517 }
518
519 *next_delay = 0;
520 return 0;
521}
522
523static void ieee80211_scan_state_leave_oper_channel(struct ieee80211_local *local,
524 unsigned long *next_delay)
525{
526 struct ieee80211_sub_if_data *sdata;
527
528 /*
529 * notify the AP about us leaving the channel and stop all STA interfaces
530 */
531 mutex_lock(&local->iflist_mtx);
532 list_for_each_entry(sdata, &local->interfaces, list) {
533 if (!netif_running(sdata->dev))
534 continue;
535
536 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
537 netif_tx_stop_all_queues(sdata->dev);
538 if (sdata->u.mgd.associated)
539 ieee80211_scan_ps_enable(sdata);
540 }
541 }
542 mutex_unlock(&local->iflist_mtx);
543
544 __set_bit(SCAN_OFF_CHANNEL, &local->scanning);
545
546 /* advance to the next channel to be scanned */
547 *next_delay = HZ / 10;
548 local->next_scan_state = SCAN_SET_CHANNEL;
549}
550
551static void ieee80211_scan_state_enter_oper_channel(struct ieee80211_local *local,
552 unsigned long *next_delay)
553{
554 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
555
556 /* switch back to the operating channel */
557 local->scan_channel = NULL;
558 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
559
560 /*
561 * notify the AP about us being back and restart all STA interfaces
562 */
563 mutex_lock(&local->iflist_mtx);
564 list_for_each_entry(sdata, &local->interfaces, list) {
565 if (!netif_running(sdata->dev))
566 continue;
567
568 /* Tell AP we're back */
569 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
570 if (sdata->u.mgd.associated)
571 ieee80211_scan_ps_disable(sdata);
572 netif_tx_wake_all_queues(sdata->dev);
573 }
574 }
575 mutex_unlock(&local->iflist_mtx);
576
577 __clear_bit(SCAN_OFF_CHANNEL, &local->scanning);
578
579 *next_delay = HZ / 5;
580 local->next_scan_state = SCAN_DECISION;
581}
582
583static void ieee80211_scan_state_set_channel(struct ieee80211_local *local,
584 unsigned long *next_delay)
585{
586 int skip;
587 struct ieee80211_channel *chan;
588 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
589
590 skip = 0;
591 chan = local->scan_req->channels[local->scan_channel_idx];
592
593 if (chan->flags & IEEE80211_CHAN_DISABLED ||
594 (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
595 chan->flags & IEEE80211_CHAN_NO_IBSS))
596 skip = 1;
597
598 if (!skip) {
599 local->scan_channel = chan;
600 if (ieee80211_hw_config(local,
601 IEEE80211_CONF_CHANGE_CHANNEL))
602 skip = 1;
603 }
604
605 /* advance state machine to next channel/band */
606 local->scan_channel_idx++;
607
608 if (skip) {
609 /* if we skip this channel return to the decision state */
610 local->next_scan_state = SCAN_DECISION;
611 return;
612 }
613
614 /*
615 * Probe delay is used to update the NAV, cf. 11.1.3.2.2
616 * (which unfortunately doesn't say _why_ step a) is done,
617 * but it waits for the probe delay or until a frame is
618 * received - and the received frame would update the NAV).
619 * For now, we do not support waiting until a frame is
620 * received.
621 *
622 * In any case, it is not necessary for a passive scan.
623 */
624 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
625 !local->scan_req->n_ssids) {
626 *next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
627 local->next_scan_state = SCAN_DECISION;
628 return;
629 }
630
631 /* active scan, send probes */
632 *next_delay = IEEE80211_PROBE_DELAY;
633 local->next_scan_state = SCAN_SEND_PROBE;
634}
635
636static void ieee80211_scan_state_send_probe(struct ieee80211_local *local,
637 unsigned long *next_delay)
638{
639 int i;
640 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
641
642 for (i = 0; i < local->scan_req->n_ssids; i++)
643 ieee80211_send_probe_req(
644 sdata, NULL,
645 local->scan_req->ssids[i].ssid,
646 local->scan_req->ssids[i].ssid_len,
647 local->scan_req->ie, local->scan_req->ie_len);
648
649 /*
650 * After sending probe requests, wait for probe responses
651 * on the channel.
652 */
653 *next_delay = IEEE80211_CHANNEL_TIME;
654 local->next_scan_state = SCAN_DECISION;
655}
656
495void ieee80211_scan_work(struct work_struct *work) 657void ieee80211_scan_work(struct work_struct *work)
496{ 658{
497 struct ieee80211_local *local = 659 struct ieee80211_local *local =
498 container_of(work, struct ieee80211_local, scan_work.work); 660 container_of(work, struct ieee80211_local, scan_work.work);
499 struct ieee80211_sub_if_data *sdata = local->scan_sdata; 661 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
500 struct ieee80211_channel *chan;
501 int skip, i;
502 unsigned long next_delay = 0; 662 unsigned long next_delay = 0;
503 663
504 mutex_lock(&local->scan_mtx); 664 mutex_lock(&local->scan_mtx);
@@ -507,7 +667,7 @@ void ieee80211_scan_work(struct work_struct *work)
507 return; 667 return;
508 } 668 }
509 669
510 if (local->scan_req && !(local->sw_scanning || local->hw_scanning)) { 670 if (local->scan_req && !local->scanning) {
511 struct cfg80211_scan_request *req = local->scan_req; 671 struct cfg80211_scan_request *req = local->scan_req;
512 int rc; 672 int rc;
513 673
@@ -531,72 +691,32 @@ void ieee80211_scan_work(struct work_struct *work)
531 return; 691 return;
532 } 692 }
533 693
534 switch (local->scan_state) { 694 /*
535 case SCAN_SET_CHANNEL: 695 * as long as no delay is required advance immediately
536 /* if no more bands/channels left, complete scan */ 696 * without scheduling a new work
537 if (local->scan_channel_idx >= local->scan_req->n_channels) { 697 */
538 ieee80211_scan_completed(&local->hw, false); 698 do {
539 return; 699 switch (local->next_scan_state) {
540 } 700 case SCAN_DECISION:
541 skip = 0; 701 if (ieee80211_scan_state_decision(local, &next_delay))
542 chan = local->scan_req->channels[local->scan_channel_idx]; 702 return;
543
544 if (chan->flags & IEEE80211_CHAN_DISABLED ||
545 (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
546 chan->flags & IEEE80211_CHAN_NO_IBSS))
547 skip = 1;
548
549 if (!skip) {
550 local->scan_channel = chan;
551 if (ieee80211_hw_config(local,
552 IEEE80211_CONF_CHANGE_CHANNEL))
553 skip = 1;
554 }
555
556 /* advance state machine to next channel/band */
557 local->scan_channel_idx++;
558
559 if (skip)
560 break; 703 break;
561 704 case SCAN_SET_CHANNEL:
562 /* 705 ieee80211_scan_state_set_channel(local, &next_delay);
563 * Probe delay is used to update the NAV, cf. 11.1.3.2.2 706 break;
564 * (which unfortunately doesn't say _why_ step a) is done, 707 case SCAN_SEND_PROBE:
565 * but it waits for the probe delay or until a frame is 708 ieee80211_scan_state_send_probe(local, &next_delay);
566 * received - and the received frame would update the NAV). 709 break;
567 * For now, we do not support waiting until a frame is 710 case SCAN_LEAVE_OPER_CHANNEL:
568 * received. 711 ieee80211_scan_state_leave_oper_channel(local, &next_delay);
569 * 712 break;
570 * In any case, it is not necessary for a passive scan. 713 case SCAN_ENTER_OPER_CHANNEL:
571 */ 714 ieee80211_scan_state_enter_oper_channel(local, &next_delay);
572 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
573 !local->scan_req->n_ssids) {
574 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
575 break; 715 break;
576 } 716 }
717 } while (next_delay == 0);
577 718
578 next_delay = IEEE80211_PROBE_DELAY; 719 ieee80211_queue_delayed_work(&local->hw, &local->scan_work, next_delay);
579 local->scan_state = SCAN_SEND_PROBE;
580 break;
581 case SCAN_SEND_PROBE:
582 for (i = 0; i < local->scan_req->n_ssids; i++)
583 ieee80211_send_probe_req(
584 sdata, NULL,
585 local->scan_req->ssids[i].ssid,
586 local->scan_req->ssids[i].ssid_len,
587 local->scan_req->ie, local->scan_req->ie_len);
588
589 /*
590 * After sending probe requests, wait for probe responses
591 * on the channel.
592 */
593 next_delay = IEEE80211_CHANNEL_TIME;
594 local->scan_state = SCAN_SET_CHANNEL;
595 break;
596 }
597
598 queue_delayed_work(local->hw.workqueue, &local->scan_work,
599 next_delay);
600} 720}
601 721
602int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata, 722int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
@@ -623,10 +743,10 @@ int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
623 if (local->scan_req) 743 if (local->scan_req)
624 goto unlock; 744 goto unlock;
625 745
626 memcpy(local->int_scan_req.ssids[0].ssid, ssid, IEEE80211_MAX_SSID_LEN); 746 memcpy(local->int_scan_req->ssids[0].ssid, ssid, IEEE80211_MAX_SSID_LEN);
627 local->int_scan_req.ssids[0].ssid_len = ssid_len; 747 local->int_scan_req->ssids[0].ssid_len = ssid_len;
628 748
629 ret = __ieee80211_start_scan(sdata, &sdata->local->int_scan_req); 749 ret = __ieee80211_start_scan(sdata, sdata->local->int_scan_req);
630 unlock: 750 unlock:
631 mutex_unlock(&local->scan_mtx); 751 mutex_unlock(&local->scan_mtx);
632 return ret; 752 return ret;
@@ -643,7 +763,7 @@ void ieee80211_scan_cancel(struct ieee80211_local *local)
643 * queued -- mostly at suspend under RTNL. 763 * queued -- mostly at suspend under RTNL.
644 */ 764 */
645 mutex_lock(&local->scan_mtx); 765 mutex_lock(&local->scan_mtx);
646 swscan = local->sw_scanning; 766 swscan = test_bit(SCAN_SW_SCANNING, &local->scanning);
647 mutex_unlock(&local->scan_mtx); 767 mutex_unlock(&local->scan_mtx);
648 768
649 if (swscan) 769 if (swscan)
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index a360bceeba59..eec001491e66 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -349,6 +349,7 @@ int sta_info_insert(struct sta_info *sta)
349 goto out_free; 349 goto out_free;
350 } 350 }
351 list_add(&sta->list, &local->sta_list); 351 list_add(&sta->list, &local->sta_list);
352 local->sta_generation++;
352 local->num_sta++; 353 local->num_sta++;
353 sta_info_hash_add(local, sta); 354 sta_info_hash_add(local, sta);
354 355
@@ -485,6 +486,7 @@ static void __sta_info_unlink(struct sta_info **sta)
485 } 486 }
486 487
487 local->num_sta--; 488 local->num_sta--;
489 local->sta_generation++;
488 490
489 if (local->ops->sta_notify) { 491 if (local->ops->sta_notify) {
490 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 492 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 49a1a1f76511..ccc3adf962c7 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -30,7 +30,6 @@
30 * @WLAN_STA_ASSOC_AP: We're associated to that station, it is an AP. 30 * @WLAN_STA_ASSOC_AP: We're associated to that station, it is an AP.
31 * @WLAN_STA_WME: Station is a QoS-STA. 31 * @WLAN_STA_WME: Station is a QoS-STA.
32 * @WLAN_STA_WDS: Station is one of our WDS peers. 32 * @WLAN_STA_WDS: Station is one of our WDS peers.
33 * @WLAN_STA_PSPOLL: Station has just PS-polled us.
34 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the 33 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
35 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next 34 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next
36 * frame to this station is transmitted. 35 * frame to this station is transmitted.
@@ -47,7 +46,6 @@ enum ieee80211_sta_info_flags {
47 WLAN_STA_ASSOC_AP = 1<<5, 46 WLAN_STA_ASSOC_AP = 1<<5,
48 WLAN_STA_WME = 1<<6, 47 WLAN_STA_WME = 1<<6,
49 WLAN_STA_WDS = 1<<7, 48 WLAN_STA_WDS = 1<<7,
50 WLAN_STA_PSPOLL = 1<<8,
51 WLAN_STA_CLEAR_PS_FILT = 1<<9, 49 WLAN_STA_CLEAR_PS_FILT = 1<<9,
52 WLAN_STA_MFP = 1<<10, 50 WLAN_STA_MFP = 1<<10,
53 WLAN_STA_SUSPEND = 1<<11 51 WLAN_STA_SUSPEND = 1<<11
@@ -308,6 +306,23 @@ struct sta_info {
308 struct dentry *inactive_ms; 306 struct dentry *inactive_ms;
309 struct dentry *last_seq_ctrl; 307 struct dentry *last_seq_ctrl;
310 struct dentry *agg_status; 308 struct dentry *agg_status;
309 struct dentry *aid;
310 struct dentry *dev;
311 struct dentry *rx_packets;
312 struct dentry *tx_packets;
313 struct dentry *rx_bytes;
314 struct dentry *tx_bytes;
315 struct dentry *rx_duplicates;
316 struct dentry *rx_fragments;
317 struct dentry *rx_dropped;
318 struct dentry *tx_fragments;
319 struct dentry *tx_filtered;
320 struct dentry *tx_retry_failed;
321 struct dentry *tx_retry_count;
322 struct dentry *last_signal;
323 struct dentry *last_qual;
324 struct dentry *last_noise;
325 struct dentry *wep_weak_iv_count;
311 bool add_has_run; 326 bool add_has_run;
312 } debugfs; 327 } debugfs;
313#endif 328#endif
@@ -342,17 +357,6 @@ static inline void clear_sta_flags(struct sta_info *sta, const u32 flags)
342 spin_unlock_irqrestore(&sta->flaglock, irqfl); 357 spin_unlock_irqrestore(&sta->flaglock, irqfl);
343} 358}
344 359
345static inline void set_and_clear_sta_flags(struct sta_info *sta,
346 const u32 set, const u32 clear)
347{
348 unsigned long irqfl;
349
350 spin_lock_irqsave(&sta->flaglock, irqfl);
351 sta->flags |= set;
352 sta->flags &= ~clear;
353 spin_unlock_irqrestore(&sta->flaglock, irqfl);
354}
355
356static inline u32 test_sta_flags(struct sta_info *sta, const u32 flags) 360static inline u32 test_sta_flags(struct sta_info *sta, const u32 flags)
357{ 361{
358 u32 ret; 362 u32 ret;
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 3a8922cd1038..0c08d1e60cb5 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -192,7 +192,7 @@ ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
192 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) 192 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED))
193 return TX_CONTINUE; 193 return TX_CONTINUE;
194 194
195 if (unlikely(tx->local->sw_scanning) && 195 if (unlikely(test_bit(SCAN_OFF_CHANNEL, &tx->local->scanning)) &&
196 !ieee80211_is_probe_req(hdr->frame_control) && 196 !ieee80211_is_probe_req(hdr->frame_control) &&
197 !ieee80211_is_nullfunc(hdr->frame_control)) 197 !ieee80211_is_nullfunc(hdr->frame_control))
198 /* 198 /*
@@ -317,30 +317,30 @@ ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
317 if (!atomic_read(&tx->sdata->bss->num_sta_ps)) 317 if (!atomic_read(&tx->sdata->bss->num_sta_ps))
318 return TX_CONTINUE; 318 return TX_CONTINUE;
319 319
320 /* buffered in hardware */
321 if (!(tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING)) {
322 info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM;
323
324 return TX_CONTINUE;
325 }
326
320 /* buffered in mac80211 */ 327 /* buffered in mac80211 */
321 if (tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING) { 328 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
322 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER) 329 purge_old_ps_buffers(tx->local);
323 purge_old_ps_buffers(tx->local); 330
324 if (skb_queue_len(&tx->sdata->bss->ps_bc_buf) >= 331 if (skb_queue_len(&tx->sdata->bss->ps_bc_buf) >= AP_MAX_BC_BUFFER) {
325 AP_MAX_BC_BUFFER) {
326#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 332#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
327 if (net_ratelimit()) { 333 if (net_ratelimit())
328 printk(KERN_DEBUG "%s: BC TX buffer full - " 334 printk(KERN_DEBUG "%s: BC TX buffer full - dropping the oldest frame\n",
329 "dropping the oldest frame\n", 335 tx->dev->name);
330 tx->dev->name);
331 }
332#endif 336#endif
333 dev_kfree_skb(skb_dequeue(&tx->sdata->bss->ps_bc_buf)); 337 dev_kfree_skb(skb_dequeue(&tx->sdata->bss->ps_bc_buf));
334 } else 338 } else
335 tx->local->total_ps_buffered++; 339 tx->local->total_ps_buffered++;
336 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb);
337 return TX_QUEUED;
338 }
339 340
340 /* buffered in hardware */ 341 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb);
341 info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM;
342 342
343 return TX_CONTINUE; 343 return TX_QUEUED;
344} 344}
345 345
346static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta, 346static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta,
@@ -373,7 +373,7 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
373 staflags = get_sta_flags(sta); 373 staflags = get_sta_flags(sta);
374 374
375 if (unlikely((staflags & WLAN_STA_PS) && 375 if (unlikely((staflags & WLAN_STA_PS) &&
376 !(staflags & WLAN_STA_PSPOLL))) { 376 !(info->flags & IEEE80211_TX_CTL_PSPOLL_RESPONSE))) {
377#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG 377#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
378 printk(KERN_DEBUG "STA %pM aid %d: PS buffer (entries " 378 printk(KERN_DEBUG "STA %pM aid %d: PS buffer (entries "
379 "before %d)\n", 379 "before %d)\n",
@@ -400,6 +400,7 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
400 sta_info_set_tim_bit(sta); 400 sta_info_set_tim_bit(sta);
401 401
402 info->control.jiffies = jiffies; 402 info->control.jiffies = jiffies;
403 info->control.vif = &tx->sdata->vif;
403 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING; 404 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
404 skb_queue_tail(&sta->ps_tx_buf, tx->skb); 405 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
405 return TX_QUEUED; 406 return TX_QUEUED;
@@ -411,24 +412,7 @@ ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
411 sta->sta.addr); 412 sta->sta.addr);
412 } 413 }
413#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */ 414#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
414 if (test_and_clear_sta_flags(sta, WLAN_STA_PSPOLL)) {
415 /*
416 * The sleeping station with pending data is now snoozing.
417 * It queried us for its buffered frames and will go back
418 * to deep sleep once it got everything.
419 *
420 * inform the driver, in case the hardware does powersave
421 * frame filtering and keeps a station blacklist on its own
422 * (e.g: p54), so that frames can be delivered unimpeded.
423 *
424 * Note: It should be safe to disable the filter now.
425 * As, it is really unlikely that we still have any pending
426 * frame for this station in the hw's buffers/fifos left,
427 * that is not rejected with a unsuccessful tx_status yet.
428 */
429 415
430 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
431 }
432 return TX_CONTINUE; 416 return TX_CONTINUE;
433} 417}
434 418
@@ -451,7 +435,7 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
451 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb); 435 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
452 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; 436 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
453 437
454 if (unlikely(tx->skb->do_not_encrypt)) 438 if (unlikely(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT))
455 tx->key = NULL; 439 tx->key = NULL;
456 else if (tx->sta && (key = rcu_dereference(tx->sta->key))) 440 else if (tx->sta && (key = rcu_dereference(tx->sta->key)))
457 tx->key = key; 441 tx->key = key;
@@ -497,7 +481,7 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
497 } 481 }
498 482
499 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 483 if (!tx->key || !(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
500 tx->skb->do_not_encrypt = 1; 484 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
501 485
502 return TX_CONTINUE; 486 return TX_CONTINUE;
503} 487}
@@ -512,6 +496,7 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
512 int i, len; 496 int i, len;
513 bool inval = false, rts = false, short_preamble = false; 497 bool inval = false, rts = false, short_preamble = false;
514 struct ieee80211_tx_rate_control txrc; 498 struct ieee80211_tx_rate_control txrc;
499 u32 sta_flags;
515 500
516 memset(&txrc, 0, sizeof(txrc)); 501 memset(&txrc, 0, sizeof(txrc));
517 502
@@ -544,7 +529,26 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
544 (tx->sta && test_sta_flags(tx->sta, WLAN_STA_SHORT_PREAMBLE)))) 529 (tx->sta && test_sta_flags(tx->sta, WLAN_STA_SHORT_PREAMBLE))))
545 txrc.short_preamble = short_preamble = true; 530 txrc.short_preamble = short_preamble = true;
546 531
532 sta_flags = tx->sta ? get_sta_flags(tx->sta) : 0;
533
534 /*
535 * Lets not bother rate control if we're associated and cannot
536 * talk to the sta. This should not happen.
537 */
538 if (WARN(test_bit(SCAN_SW_SCANNING, &tx->local->scanning) &&
539 (sta_flags & WLAN_STA_ASSOC) &&
540 !rate_usable_index_exists(sband, &tx->sta->sta),
541 "%s: Dropped data frame as no usable bitrate found while "
542 "scanning and associated. Target station: "
543 "%pM on %d GHz band\n",
544 tx->dev->name, hdr->addr1,
545 tx->channel->band ? 5 : 2))
546 return TX_DROP;
547 547
548 /*
549 * If we're associated with the sta at this point we know we can at
550 * least send the frame at the lowest bit rate.
551 */
548 rate_control_get_rate(tx->sdata, tx->sta, &txrc); 552 rate_control_get_rate(tx->sdata, tx->sta, &txrc);
549 553
550 if (unlikely(info->control.rates[0].idx < 0)) 554 if (unlikely(info->control.rates[0].idx < 0))
@@ -676,7 +680,7 @@ ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx)
676 * number, if we have no matching interface then we 680 * number, if we have no matching interface then we
677 * neither assign one ourselves nor ask the driver to. 681 * neither assign one ourselves nor ask the driver to.
678 */ 682 */
679 if (unlikely(!info->control.vif)) 683 if (unlikely(info->control.vif->type == NL80211_IFTYPE_MONITOR))
680 return TX_CONTINUE; 684 return TX_CONTINUE;
681 685
682 if (unlikely(ieee80211_is_ctl(hdr->frame_control))) 686 if (unlikely(ieee80211_is_ctl(hdr->frame_control)))
@@ -696,7 +700,6 @@ ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx)
696 /* for pure STA mode without beacons, we can do it */ 700 /* for pure STA mode without beacons, we can do it */
697 hdr->seq_ctrl = cpu_to_le16(tx->sdata->sequence_number); 701 hdr->seq_ctrl = cpu_to_le16(tx->sdata->sequence_number);
698 tx->sdata->sequence_number += 0x10; 702 tx->sdata->sequence_number += 0x10;
699 tx->sdata->sequence_number &= IEEE80211_SCTL_SEQ;
700 return TX_CONTINUE; 703 return TX_CONTINUE;
701 } 704 }
702 705
@@ -754,9 +757,7 @@ static int ieee80211_fragment(struct ieee80211_local *local,
754 memcpy(tmp->cb, skb->cb, sizeof(tmp->cb)); 757 memcpy(tmp->cb, skb->cb, sizeof(tmp->cb));
755 skb_copy_queue_mapping(tmp, skb); 758 skb_copy_queue_mapping(tmp, skb);
756 tmp->priority = skb->priority; 759 tmp->priority = skb->priority;
757 tmp->do_not_encrypt = skb->do_not_encrypt;
758 tmp->dev = skb->dev; 760 tmp->dev = skb->dev;
759 tmp->iif = skb->iif;
760 761
761 /* copy header and data */ 762 /* copy header and data */
762 memcpy(skb_put(tmp, hdrlen), skb->data, hdrlen); 763 memcpy(skb_put(tmp, hdrlen), skb->data, hdrlen);
@@ -784,7 +785,7 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
784 785
785 /* 786 /*
786 * Warn when submitting a fragmented A-MPDU frame and drop it. 787 * Warn when submitting a fragmented A-MPDU frame and drop it.
787 * This scenario is handled in __ieee80211_tx_prepare but extra 788 * This scenario is handled in ieee80211_tx_prepare but extra
788 * caution taken here as fragmented ampdu may cause Tx stop. 789 * caution taken here as fragmented ampdu may cause Tx stop.
789 */ 790 */
790 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU)) 791 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU))
@@ -842,6 +843,23 @@ ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
842} 843}
843 844
844static ieee80211_tx_result debug_noinline 845static ieee80211_tx_result debug_noinline
846ieee80211_tx_h_stats(struct ieee80211_tx_data *tx)
847{
848 struct sk_buff *skb = tx->skb;
849
850 if (!tx->sta)
851 return TX_CONTINUE;
852
853 tx->sta->tx_packets++;
854 do {
855 tx->sta->tx_fragments++;
856 tx->sta->tx_bytes += skb->len;
857 } while ((skb = skb->next));
858
859 return TX_CONTINUE;
860}
861
862static ieee80211_tx_result debug_noinline
845ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx) 863ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
846{ 864{
847 if (!tx->key) 865 if (!tx->key)
@@ -885,23 +903,6 @@ ieee80211_tx_h_calculate_duration(struct ieee80211_tx_data *tx)
885 return TX_CONTINUE; 903 return TX_CONTINUE;
886} 904}
887 905
888static ieee80211_tx_result debug_noinline
889ieee80211_tx_h_stats(struct ieee80211_tx_data *tx)
890{
891 struct sk_buff *skb = tx->skb;
892
893 if (!tx->sta)
894 return TX_CONTINUE;
895
896 tx->sta->tx_packets++;
897 do {
898 tx->sta->tx_fragments++;
899 tx->sta->tx_bytes += skb->len;
900 } while ((skb = skb->next));
901
902 return TX_CONTINUE;
903}
904
905/* actual transmit path */ 906/* actual transmit path */
906 907
907/* 908/*
@@ -923,11 +924,12 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
923 struct ieee80211_radiotap_header *rthdr = 924 struct ieee80211_radiotap_header *rthdr =
924 (struct ieee80211_radiotap_header *) skb->data; 925 (struct ieee80211_radiotap_header *) skb->data;
925 struct ieee80211_supported_band *sband; 926 struct ieee80211_supported_band *sband;
927 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
926 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len); 928 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len);
927 929
928 sband = tx->local->hw.wiphy->bands[tx->channel->band]; 930 sband = tx->local->hw.wiphy->bands[tx->channel->band];
929 931
930 skb->do_not_encrypt = 1; 932 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
931 tx->flags &= ~IEEE80211_TX_FRAGMENTED; 933 tx->flags &= ~IEEE80211_TX_FRAGMENTED;
932 934
933 /* 935 /*
@@ -965,7 +967,7 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
965 skb_trim(skb, skb->len - FCS_LEN); 967 skb_trim(skb, skb->len - FCS_LEN);
966 } 968 }
967 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP) 969 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP)
968 tx->skb->do_not_encrypt = 0; 970 info->flags &= ~IEEE80211_TX_INTFL_DONT_ENCRYPT;
969 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG) 971 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG)
970 tx->flags |= IEEE80211_TX_FRAGMENTED; 972 tx->flags |= IEEE80211_TX_FRAGMENTED;
971 break; 973 break;
@@ -998,13 +1000,12 @@ static bool __ieee80211_parse_tx_radiotap(struct ieee80211_tx_data *tx,
998 * initialises @tx 1000 * initialises @tx
999 */ 1001 */
1000static ieee80211_tx_result 1002static ieee80211_tx_result
1001__ieee80211_tx_prepare(struct ieee80211_tx_data *tx, 1003ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata,
1002 struct sk_buff *skb, 1004 struct ieee80211_tx_data *tx,
1003 struct net_device *dev) 1005 struct sk_buff *skb)
1004{ 1006{
1005 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1007 struct ieee80211_local *local = sdata->local;
1006 struct ieee80211_hdr *hdr; 1008 struct ieee80211_hdr *hdr;
1007 struct ieee80211_sub_if_data *sdata;
1008 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1009 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1009 int hdrlen, tid; 1010 int hdrlen, tid;
1010 u8 *qc, *state; 1011 u8 *qc, *state;
@@ -1012,9 +1013,9 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1012 1013
1013 memset(tx, 0, sizeof(*tx)); 1014 memset(tx, 0, sizeof(*tx));
1014 tx->skb = skb; 1015 tx->skb = skb;
1015 tx->dev = dev; /* use original interface */ 1016 tx->dev = sdata->dev; /* use original interface */
1016 tx->local = local; 1017 tx->local = local;
1017 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1018 tx->sdata = sdata;
1018 tx->channel = local->hw.conf.channel; 1019 tx->channel = local->hw.conf.channel;
1019 /* 1020 /*
1020 * Set this flag (used below to indicate "automatic fragmentation"), 1021 * Set this flag (used below to indicate "automatic fragmentation"),
@@ -1023,7 +1024,6 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1023 tx->flags |= IEEE80211_TX_FRAGMENTED; 1024 tx->flags |= IEEE80211_TX_FRAGMENTED;
1024 1025
1025 /* process and remove the injection radiotap header */ 1026 /* process and remove the injection radiotap header */
1026 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1027 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) { 1027 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) {
1028 if (!__ieee80211_parse_tx_radiotap(tx, skb)) 1028 if (!__ieee80211_parse_tx_radiotap(tx, skb))
1029 return TX_DROP; 1029 return TX_DROP;
@@ -1075,6 +1075,7 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1075 } else if (*state != HT_AGG_STATE_IDLE) { 1075 } else if (*state != HT_AGG_STATE_IDLE) {
1076 /* in progress */ 1076 /* in progress */
1077 queued = true; 1077 queued = true;
1078 info->control.vif = &sdata->vif;
1078 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING; 1079 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
1079 __skb_queue_tail(&tid_tx->pending, skb); 1080 __skb_queue_tail(&tid_tx->pending, skb);
1080 } 1081 }
@@ -1119,50 +1120,29 @@ __ieee80211_tx_prepare(struct ieee80211_tx_data *tx,
1119 return TX_CONTINUE; 1120 return TX_CONTINUE;
1120} 1121}
1121 1122
1122/*
1123 * NB: @tx is uninitialised when passed in here
1124 */
1125static int ieee80211_tx_prepare(struct ieee80211_local *local,
1126 struct ieee80211_tx_data *tx,
1127 struct sk_buff *skb)
1128{
1129 struct net_device *dev;
1130
1131 dev = dev_get_by_index(&init_net, skb->iif);
1132 if (unlikely(dev && !is_ieee80211_device(local, dev))) {
1133 dev_put(dev);
1134 dev = NULL;
1135 }
1136 if (unlikely(!dev))
1137 return -ENODEV;
1138 /*
1139 * initialises tx with control
1140 *
1141 * return value is safe to ignore here because this function
1142 * can only be invoked for multicast frames
1143 *
1144 * XXX: clean up
1145 */
1146 __ieee80211_tx_prepare(tx, skb, dev);
1147 dev_put(dev);
1148 return 0;
1149}
1150
1151static int __ieee80211_tx(struct ieee80211_local *local, 1123static int __ieee80211_tx(struct ieee80211_local *local,
1152 struct sk_buff **skbp, 1124 struct sk_buff **skbp,
1153 struct sta_info *sta) 1125 struct sta_info *sta,
1126 bool txpending)
1154{ 1127{
1155 struct sk_buff *skb = *skbp, *next; 1128 struct sk_buff *skb = *skbp, *next;
1156 struct ieee80211_tx_info *info; 1129 struct ieee80211_tx_info *info;
1130 struct ieee80211_sub_if_data *sdata;
1131 unsigned long flags;
1157 int ret, len; 1132 int ret, len;
1158 bool fragm = false; 1133 bool fragm = false;
1159 1134
1160 local->mdev->trans_start = jiffies;
1161
1162 while (skb) { 1135 while (skb) {
1163 if (ieee80211_queue_stopped(&local->hw, 1136 int q = skb_get_queue_mapping(skb);
1164 skb_get_queue_mapping(skb))) 1137
1165 return IEEE80211_TX_PENDING; 1138 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1139 ret = IEEE80211_TX_OK;
1140 if (local->queue_stop_reasons[q] ||
1141 (!txpending && !skb_queue_empty(&local->pending[q])))
1142 ret = IEEE80211_TX_PENDING;
1143 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1144 if (ret != IEEE80211_TX_OK)
1145 return ret;
1166 1146
1167 info = IEEE80211_SKB_CB(skb); 1147 info = IEEE80211_SKB_CB(skb);
1168 1148
@@ -1172,13 +1152,35 @@ static int __ieee80211_tx(struct ieee80211_local *local,
1172 1152
1173 next = skb->next; 1153 next = skb->next;
1174 len = skb->len; 1154 len = skb->len;
1155
1156 if (next)
1157 info->flags |= IEEE80211_TX_CTL_MORE_FRAMES;
1158
1159 sdata = vif_to_sdata(info->control.vif);
1160
1161 switch (sdata->vif.type) {
1162 case NL80211_IFTYPE_MONITOR:
1163 info->control.vif = NULL;
1164 break;
1165 case NL80211_IFTYPE_AP_VLAN:
1166 info->control.vif = &container_of(sdata->bss,
1167 struct ieee80211_sub_if_data, u.ap)->vif;
1168 break;
1169 default:
1170 /* keep */
1171 break;
1172 }
1173
1175 ret = drv_tx(local, skb); 1174 ret = drv_tx(local, skb);
1176 if (WARN_ON(ret != NETDEV_TX_OK && skb->len != len)) { 1175 if (WARN_ON(ret != NETDEV_TX_OK && skb->len != len)) {
1177 dev_kfree_skb(skb); 1176 dev_kfree_skb(skb);
1178 ret = NETDEV_TX_OK; 1177 ret = NETDEV_TX_OK;
1179 } 1178 }
1180 if (ret != NETDEV_TX_OK) 1179 if (ret != NETDEV_TX_OK) {
1180 info->control.vif = &sdata->vif;
1181 return IEEE80211_TX_AGAIN; 1181 return IEEE80211_TX_AGAIN;
1182 }
1183
1182 *skbp = skb = next; 1184 *skbp = skb = next;
1183 ieee80211_led_tx(local, 1); 1185 ieee80211_led_tx(local, 1);
1184 fragm = true; 1186 fragm = true;
@@ -1210,9 +1212,9 @@ static int invoke_tx_handlers(struct ieee80211_tx_data *tx)
1210 CALL_TXH(ieee80211_tx_h_sequence) 1212 CALL_TXH(ieee80211_tx_h_sequence)
1211 CALL_TXH(ieee80211_tx_h_fragment) 1213 CALL_TXH(ieee80211_tx_h_fragment)
1212 /* handlers after fragment must be aware of tx info fragmentation! */ 1214 /* handlers after fragment must be aware of tx info fragmentation! */
1215 CALL_TXH(ieee80211_tx_h_stats)
1213 CALL_TXH(ieee80211_tx_h_encrypt) 1216 CALL_TXH(ieee80211_tx_h_encrypt)
1214 CALL_TXH(ieee80211_tx_h_calculate_duration) 1217 CALL_TXH(ieee80211_tx_h_calculate_duration)
1215 CALL_TXH(ieee80211_tx_h_stats)
1216#undef CALL_TXH 1218#undef CALL_TXH
1217 1219
1218 txh_done: 1220 txh_done:
@@ -1234,10 +1236,10 @@ static int invoke_tx_handlers(struct ieee80211_tx_data *tx)
1234 return 0; 1236 return 0;
1235} 1237}
1236 1238
1237static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb, 1239static void ieee80211_tx(struct ieee80211_sub_if_data *sdata,
1238 bool txpending) 1240 struct sk_buff *skb, bool txpending)
1239{ 1241{
1240 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1242 struct ieee80211_local *local = sdata->local;
1241 struct ieee80211_tx_data tx; 1243 struct ieee80211_tx_data tx;
1242 ieee80211_tx_result res_prepare; 1244 ieee80211_tx_result res_prepare;
1243 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1245 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
@@ -1248,8 +1250,6 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1248 1250
1249 queue = skb_get_queue_mapping(skb); 1251 queue = skb_get_queue_mapping(skb);
1250 1252
1251 WARN_ON(!txpending && !skb_queue_empty(&local->pending[queue]));
1252
1253 if (unlikely(skb->len < 10)) { 1253 if (unlikely(skb->len < 10)) {
1254 dev_kfree_skb(skb); 1254 dev_kfree_skb(skb);
1255 return; 1255 return;
@@ -1258,7 +1258,7 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1258 rcu_read_lock(); 1258 rcu_read_lock();
1259 1259
1260 /* initialises tx */ 1260 /* initialises tx */
1261 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev); 1261 res_prepare = ieee80211_tx_prepare(sdata, &tx, skb);
1262 1262
1263 if (unlikely(res_prepare == TX_DROP)) { 1263 if (unlikely(res_prepare == TX_DROP)) {
1264 dev_kfree_skb(skb); 1264 dev_kfree_skb(skb);
@@ -1277,7 +1277,7 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1277 1277
1278 retries = 0; 1278 retries = 0;
1279 retry: 1279 retry:
1280 ret = __ieee80211_tx(local, &tx.skb, tx.sta); 1280 ret = __ieee80211_tx(local, &tx.skb, tx.sta, txpending);
1281 switch (ret) { 1281 switch (ret) {
1282 case IEEE80211_TX_OK: 1282 case IEEE80211_TX_OK:
1283 break; 1283 break;
@@ -1295,34 +1295,35 @@ static void ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1295 1295
1296 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1296 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1297 1297
1298 if (__netif_subqueue_stopped(local->mdev, queue)) { 1298 if (local->queue_stop_reasons[queue] ||
1299 !skb_queue_empty(&local->pending[queue])) {
1300 /*
1301 * if queue is stopped, queue up frames for later
1302 * transmission from the tasklet
1303 */
1299 do { 1304 do {
1300 next = skb->next; 1305 next = skb->next;
1301 skb->next = NULL; 1306 skb->next = NULL;
1302 if (unlikely(txpending)) 1307 if (unlikely(txpending))
1303 skb_queue_head(&local->pending[queue], 1308 __skb_queue_head(&local->pending[queue],
1304 skb); 1309 skb);
1305 else 1310 else
1306 skb_queue_tail(&local->pending[queue], 1311 __skb_queue_tail(&local->pending[queue],
1307 skb); 1312 skb);
1308 } while ((skb = next)); 1313 } while ((skb = next));
1309 1314
1310 /*
1311 * Make sure nobody will enable the queue on us
1312 * (without going through the tasklet) nor disable the
1313 * netdev queue underneath the pending handling code.
1314 */
1315 __set_bit(IEEE80211_QUEUE_STOP_REASON_PENDING,
1316 &local->queue_stop_reasons[queue]);
1317
1318 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1315 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1319 flags); 1316 flags);
1320 } else { 1317 } else {
1318 /*
1319 * otherwise retry, but this is a race condition or
1320 * a driver bug (which we warn about if it persists)
1321 */
1321 spin_unlock_irqrestore(&local->queue_stop_reason_lock, 1322 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1322 flags); 1323 flags);
1323 1324
1324 retries++; 1325 retries++;
1325 if (WARN(retries > 10, "tx refused but queue active")) 1326 if (WARN(retries > 10, "tx refused but queue active\n"))
1326 goto drop; 1327 goto drop;
1327 goto retry; 1328 goto retry;
1328 } 1329 }
@@ -1383,44 +1384,25 @@ static int ieee80211_skb_resize(struct ieee80211_local *local,
1383 return 0; 1384 return 0;
1384} 1385}
1385 1386
1386int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev) 1387static void ieee80211_xmit(struct ieee80211_sub_if_data *sdata,
1388 struct sk_buff *skb)
1387{ 1389{
1388 struct ieee80211_master_priv *mpriv = netdev_priv(dev); 1390 struct ieee80211_local *local = sdata->local;
1389 struct ieee80211_local *local = mpriv->local;
1390 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1391 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1391 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1392 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1392 struct net_device *odev = NULL; 1393 struct ieee80211_sub_if_data *tmp_sdata;
1393 struct ieee80211_sub_if_data *osdata;
1394 int headroom; 1394 int headroom;
1395 bool may_encrypt; 1395 bool may_encrypt;
1396 enum { 1396
1397 NOT_MONITOR, 1397 dev_hold(sdata->dev);
1398 FOUND_SDATA,
1399 UNKNOWN_ADDRESS,
1400 } monitor_iface = NOT_MONITOR;
1401
1402 if (skb->iif)
1403 odev = dev_get_by_index(&init_net, skb->iif);
1404 if (unlikely(odev && !is_ieee80211_device(local, odev))) {
1405 dev_put(odev);
1406 odev = NULL;
1407 }
1408 if (unlikely(!odev)) {
1409#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1410 printk(KERN_DEBUG "%s: Discarded packet with nonexistent "
1411 "originating device\n", dev->name);
1412#endif
1413 dev_kfree_skb(skb);
1414 return NETDEV_TX_OK;
1415 }
1416 1398
1417 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) && 1399 if ((local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK) &&
1418 local->hw.conf.dynamic_ps_timeout > 0 && 1400 local->hw.conf.dynamic_ps_timeout > 0 &&
1419 !local->sw_scanning && !local->hw_scanning && local->ps_sdata) { 1401 !(local->scanning) && local->ps_sdata) {
1420 if (local->hw.conf.flags & IEEE80211_CONF_PS) { 1402 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
1421 ieee80211_stop_queues_by_reason(&local->hw, 1403 ieee80211_stop_queues_by_reason(&local->hw,
1422 IEEE80211_QUEUE_STOP_REASON_PS); 1404 IEEE80211_QUEUE_STOP_REASON_PS);
1423 queue_work(local->hw.workqueue, 1405 ieee80211_queue_work(&local->hw,
1424 &local->dynamic_ps_disable_work); 1406 &local->dynamic_ps_disable_work);
1425 } 1407 }
1426 1408
@@ -1428,31 +1410,13 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1428 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout)); 1410 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
1429 } 1411 }
1430 1412
1431 memset(info, 0, sizeof(*info));
1432
1433 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS; 1413 info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
1434 1414
1435 osdata = IEEE80211_DEV_TO_SUB_IF(odev); 1415 if (unlikely(sdata->vif.type == NL80211_IFTYPE_MONITOR)) {
1436
1437 if (ieee80211_vif_is_mesh(&osdata->vif) &&
1438 ieee80211_is_data(hdr->frame_control)) {
1439 if (is_multicast_ether_addr(hdr->addr3))
1440 memcpy(hdr->addr1, hdr->addr3, ETH_ALEN);
1441 else
1442 if (mesh_nexthop_lookup(skb, osdata)) {
1443 dev_put(odev);
1444 return NETDEV_TX_OK;
1445 }
1446 if (memcmp(odev->dev_addr, hdr->addr4, ETH_ALEN) != 0)
1447 IEEE80211_IFSTA_MESH_CTR_INC(&osdata->u.mesh,
1448 fwded_frames);
1449 } else if (unlikely(osdata->vif.type == NL80211_IFTYPE_MONITOR)) {
1450 struct ieee80211_sub_if_data *sdata;
1451 int hdrlen; 1416 int hdrlen;
1452 u16 len_rthdr; 1417 u16 len_rthdr;
1453 1418
1454 info->flags |= IEEE80211_TX_CTL_INJECTED; 1419 info->flags |= IEEE80211_TX_CTL_INJECTED;
1455 monitor_iface = UNKNOWN_ADDRESS;
1456 1420
1457 len_rthdr = ieee80211_get_radiotap_len(skb->data); 1421 len_rthdr = ieee80211_get_radiotap_len(skb->data);
1458 hdr = (struct ieee80211_hdr *)(skb->data + len_rthdr); 1422 hdr = (struct ieee80211_hdr *)(skb->data + len_rthdr);
@@ -1471,20 +1435,17 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1471 */ 1435 */
1472 1436
1473 rcu_read_lock(); 1437 rcu_read_lock();
1474 list_for_each_entry_rcu(sdata, &local->interfaces, 1438 list_for_each_entry_rcu(tmp_sdata, &local->interfaces,
1475 list) { 1439 list) {
1476 if (!netif_running(sdata->dev)) 1440 if (!netif_running(tmp_sdata->dev))
1477 continue; 1441 continue;
1478 if (sdata->vif.type != NL80211_IFTYPE_AP) 1442 if (tmp_sdata->vif.type != NL80211_IFTYPE_AP)
1479 continue; 1443 continue;
1480 if (compare_ether_addr(sdata->dev->dev_addr, 1444 if (compare_ether_addr(tmp_sdata->dev->dev_addr,
1481 hdr->addr2)) { 1445 hdr->addr2)) {
1482 dev_hold(sdata->dev); 1446 dev_hold(tmp_sdata->dev);
1483 dev_put(odev); 1447 dev_put(sdata->dev);
1484 osdata = sdata; 1448 sdata = tmp_sdata;
1485 odev = osdata->dev;
1486 skb->iif = sdata->dev->ifindex;
1487 monitor_iface = FOUND_SDATA;
1488 break; 1449 break;
1489 } 1450 }
1490 } 1451 }
@@ -1492,31 +1453,34 @@ int ieee80211_master_start_xmit(struct sk_buff *skb, struct net_device *dev)
1492 } 1453 }
1493 } 1454 }
1494 1455
1495 may_encrypt = !skb->do_not_encrypt; 1456 may_encrypt = !(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT);
1496 1457
1497 headroom = osdata->local->tx_headroom; 1458 headroom = local->tx_headroom;
1498 if (may_encrypt) 1459 if (may_encrypt)
1499 headroom += IEEE80211_ENCRYPT_HEADROOM; 1460 headroom += IEEE80211_ENCRYPT_HEADROOM;
1500 headroom -= skb_headroom(skb); 1461 headroom -= skb_headroom(skb);
1501 headroom = max_t(int, 0, headroom); 1462 headroom = max_t(int, 0, headroom);
1502 1463
1503 if (ieee80211_skb_resize(osdata->local, skb, headroom, may_encrypt)) { 1464 if (ieee80211_skb_resize(local, skb, headroom, may_encrypt)) {
1504 dev_kfree_skb(skb); 1465 dev_kfree_skb(skb);
1505 dev_put(odev); 1466 dev_put(sdata->dev);
1506 return NETDEV_TX_OK; 1467 return;
1507 } 1468 }
1508 1469
1509 if (osdata->vif.type == NL80211_IFTYPE_AP_VLAN) 1470 info->control.vif = &sdata->vif;
1510 osdata = container_of(osdata->bss,
1511 struct ieee80211_sub_if_data,
1512 u.ap);
1513 if (likely(monitor_iface != UNKNOWN_ADDRESS))
1514 info->control.vif = &osdata->vif;
1515 1471
1516 ieee80211_tx(odev, skb, false); 1472 if (ieee80211_vif_is_mesh(&sdata->vif) &&
1517 dev_put(odev); 1473 ieee80211_is_data(hdr->frame_control) &&
1474 !is_multicast_ether_addr(hdr->addr1))
1475 if (mesh_nexthop_lookup(skb, sdata)) {
1476 /* skb queued: don't free */
1477 dev_put(sdata->dev);
1478 return;
1479 }
1518 1480
1519 return NETDEV_TX_OK; 1481 ieee80211_select_queue(local, skb);
1482 ieee80211_tx(sdata, skb, false);
1483 dev_put(sdata->dev);
1520} 1484}
1521 1485
1522int ieee80211_monitor_start_xmit(struct sk_buff *skb, 1486int ieee80211_monitor_start_xmit(struct sk_buff *skb,
@@ -1526,6 +1490,7 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1526 struct ieee80211_channel *chan = local->hw.conf.channel; 1490 struct ieee80211_channel *chan = local->hw.conf.channel;
1527 struct ieee80211_radiotap_header *prthdr = 1491 struct ieee80211_radiotap_header *prthdr =
1528 (struct ieee80211_radiotap_header *)skb->data; 1492 (struct ieee80211_radiotap_header *)skb->data;
1493 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1529 u16 len_rthdr; 1494 u16 len_rthdr;
1530 1495
1531 /* 1496 /*
@@ -1563,15 +1528,6 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1563 if (unlikely(skb->len < len_rthdr)) 1528 if (unlikely(skb->len < len_rthdr))
1564 goto fail; /* skb too short for claimed rt header extent */ 1529 goto fail; /* skb too short for claimed rt header extent */
1565 1530
1566 skb->dev = local->mdev;
1567
1568 /* needed because we set skb device to master */
1569 skb->iif = dev->ifindex;
1570
1571 /* sometimes we do encrypt injected frames, will be fixed
1572 * up in radiotap parser if not wanted */
1573 skb->do_not_encrypt = 0;
1574
1575 /* 1531 /*
1576 * fix up the pointers accounting for the radiotap 1532 * fix up the pointers accounting for the radiotap
1577 * header still being in there. We are being given 1533 * header still being in there. We are being given
@@ -1586,8 +1542,10 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb,
1586 skb_set_network_header(skb, len_rthdr); 1542 skb_set_network_header(skb, len_rthdr);
1587 skb_set_transport_header(skb, len_rthdr); 1543 skb_set_transport_header(skb, len_rthdr);
1588 1544
1589 /* pass the radiotap header up to the next stage intact */ 1545 memset(info, 0, sizeof(*info));
1590 dev_queue_xmit(skb); 1546
1547 /* pass the radiotap header up to xmit */
1548 ieee80211_xmit(IEEE80211_DEV_TO_SUB_IF(dev), skb);
1591 return NETDEV_TX_OK; 1549 return NETDEV_TX_OK;
1592 1550
1593fail: 1551fail:
@@ -1615,6 +1573,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1615{ 1573{
1616 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1574 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1617 struct ieee80211_local *local = sdata->local; 1575 struct ieee80211_local *local = sdata->local;
1576 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1618 int ret = NETDEV_TX_BUSY, head_need; 1577 int ret = NETDEV_TX_BUSY, head_need;
1619 u16 ethertype, hdrlen, meshhdrlen = 0; 1578 u16 ethertype, hdrlen, meshhdrlen = 0;
1620 __le16 fc; 1579 __le16 fc;
@@ -1627,7 +1586,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1627 u32 sta_flags = 0; 1586 u32 sta_flags = 0;
1628 1587
1629 if (unlikely(skb->len < ETH_HLEN)) { 1588 if (unlikely(skb->len < ETH_HLEN)) {
1630 ret = 0; 1589 ret = NETDEV_TX_OK;
1631 goto fail; 1590 goto fail;
1632 } 1591 }
1633 1592
@@ -1660,52 +1619,58 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1660 break; 1619 break;
1661#ifdef CONFIG_MAC80211_MESH 1620#ifdef CONFIG_MAC80211_MESH
1662 case NL80211_IFTYPE_MESH_POINT: 1621 case NL80211_IFTYPE_MESH_POINT:
1663 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS);
1664 if (!sdata->u.mesh.mshcfg.dot11MeshTTL) { 1622 if (!sdata->u.mesh.mshcfg.dot11MeshTTL) {
1665 /* Do not send frames with mesh_ttl == 0 */ 1623 /* Do not send frames with mesh_ttl == 0 */
1666 sdata->u.mesh.mshstats.dropped_frames_ttl++; 1624 sdata->u.mesh.mshstats.dropped_frames_ttl++;
1667 ret = 0; 1625 ret = NETDEV_TX_OK;
1668 goto fail; 1626 goto fail;
1669 } 1627 }
1670 memset(&mesh_hdr, 0, sizeof(mesh_hdr));
1671 1628
1672 if (compare_ether_addr(dev->dev_addr, 1629 if (compare_ether_addr(dev->dev_addr,
1673 skb->data + ETH_ALEN) == 0) { 1630 skb->data + ETH_ALEN) == 0) {
1674 /* RA TA DA SA */ 1631 hdrlen = ieee80211_fill_mesh_addresses(&hdr, &fc,
1675 memset(hdr.addr1, 0, ETH_ALEN); 1632 skb->data, skb->data + ETH_ALEN);
1676 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN); 1633 meshhdrlen = ieee80211_new_mesh_header(&mesh_hdr,
1677 memcpy(hdr.addr3, skb->data, ETH_ALEN); 1634 sdata, NULL, NULL, NULL);
1678 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1679 meshhdrlen = ieee80211_new_mesh_header(&mesh_hdr, sdata);
1680 } else { 1635 } else {
1681 /* packet from other interface */ 1636 /* packet from other interface */
1682 struct mesh_path *mppath; 1637 struct mesh_path *mppath;
1638 int is_mesh_mcast = 1;
1639 char *mesh_da;
1683 1640
1684 memset(hdr.addr1, 0, ETH_ALEN); 1641 rcu_read_lock();
1685 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1686 memcpy(hdr.addr4, dev->dev_addr, ETH_ALEN);
1687
1688 if (is_multicast_ether_addr(skb->data)) 1642 if (is_multicast_ether_addr(skb->data))
1689 memcpy(hdr.addr3, skb->data, ETH_ALEN); 1643 /* DA TA mSA AE:SA */
1644 mesh_da = skb->data;
1690 else { 1645 else {
1691 rcu_read_lock();
1692 mppath = mpp_path_lookup(skb->data, sdata); 1646 mppath = mpp_path_lookup(skb->data, sdata);
1693 if (mppath) 1647 if (mppath) {
1694 memcpy(hdr.addr3, mppath->mpp, ETH_ALEN); 1648 /* RA TA mDA mSA AE:DA SA */
1695 else 1649 mesh_da = mppath->mpp;
1696 memset(hdr.addr3, 0xff, ETH_ALEN); 1650 is_mesh_mcast = 0;
1697 rcu_read_unlock(); 1651 } else
1652 /* DA TA mSA AE:SA */
1653 mesh_da = dev->broadcast;
1698 } 1654 }
1655 hdrlen = ieee80211_fill_mesh_addresses(&hdr, &fc,
1656 mesh_da, dev->dev_addr);
1657 rcu_read_unlock();
1658 if (is_mesh_mcast)
1659 meshhdrlen =
1660 ieee80211_new_mesh_header(&mesh_hdr,
1661 sdata,
1662 skb->data + ETH_ALEN,
1663 NULL,
1664 NULL);
1665 else
1666 meshhdrlen =
1667 ieee80211_new_mesh_header(&mesh_hdr,
1668 sdata,
1669 NULL,
1670 skb->data,
1671 skb->data + ETH_ALEN);
1699 1672
1700 mesh_hdr.flags |= MESH_FLAGS_AE_A5_A6;
1701 mesh_hdr.ttl = sdata->u.mesh.mshcfg.dot11MeshTTL;
1702 put_unaligned(cpu_to_le32(sdata->u.mesh.mesh_seqnum), &mesh_hdr.seqnum);
1703 memcpy(mesh_hdr.eaddr1, skb->data, ETH_ALEN);
1704 memcpy(mesh_hdr.eaddr2, skb->data + ETH_ALEN, ETH_ALEN);
1705 sdata->u.mesh.mesh_seqnum++;
1706 meshhdrlen = 18;
1707 } 1673 }
1708 hdrlen = 30;
1709 break; 1674 break;
1710#endif 1675#endif
1711 case NL80211_IFTYPE_STATION: 1676 case NL80211_IFTYPE_STATION:
@@ -1724,7 +1689,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1724 hdrlen = 24; 1689 hdrlen = 24;
1725 break; 1690 break;
1726 default: 1691 default:
1727 ret = 0; 1692 ret = NETDEV_TX_OK;
1728 goto fail; 1693 goto fail;
1729 } 1694 }
1730 1695
@@ -1766,7 +1731,7 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1766 1731
1767 I802_DEBUG_INC(local->tx_handlers_drop_unauth_port); 1732 I802_DEBUG_INC(local->tx_handlers_drop_unauth_port);
1768 1733
1769 ret = 0; 1734 ret = NETDEV_TX_OK;
1770 goto fail; 1735 goto fail;
1771 } 1736 }
1772 1737
@@ -1842,9 +1807,6 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1842 nh_pos += hdrlen; 1807 nh_pos += hdrlen;
1843 h_pos += hdrlen; 1808 h_pos += hdrlen;
1844 1809
1845 skb->iif = dev->ifindex;
1846
1847 skb->dev = local->mdev;
1848 dev->stats.tx_packets++; 1810 dev->stats.tx_packets++;
1849 dev->stats.tx_bytes += skb->len; 1811 dev->stats.tx_bytes += skb->len;
1850 1812
@@ -1855,13 +1817,15 @@ int ieee80211_subif_start_xmit(struct sk_buff *skb,
1855 skb_set_network_header(skb, nh_pos); 1817 skb_set_network_header(skb, nh_pos);
1856 skb_set_transport_header(skb, h_pos); 1818 skb_set_transport_header(skb, h_pos);
1857 1819
1820 memset(info, 0, sizeof(*info));
1821
1858 dev->trans_start = jiffies; 1822 dev->trans_start = jiffies;
1859 dev_queue_xmit(skb); 1823 ieee80211_xmit(sdata, skb);
1860 1824
1861 return 0; 1825 return NETDEV_TX_OK;
1862 1826
1863 fail: 1827 fail:
1864 if (!ret) 1828 if (ret == NETDEV_TX_OK)
1865 dev_kfree_skb(skb); 1829 dev_kfree_skb(skb);
1866 1830
1867 return ret; 1831 return ret;
@@ -1887,101 +1851,74 @@ static bool ieee80211_tx_pending_skb(struct ieee80211_local *local,
1887 struct ieee80211_sub_if_data *sdata; 1851 struct ieee80211_sub_if_data *sdata;
1888 struct sta_info *sta; 1852 struct sta_info *sta;
1889 struct ieee80211_hdr *hdr; 1853 struct ieee80211_hdr *hdr;
1890 struct net_device *dev;
1891 int ret; 1854 int ret;
1892 bool result = true; 1855 bool result = true;
1893 1856
1894 /* does interface still exist? */ 1857 sdata = vif_to_sdata(info->control.vif);
1895 dev = dev_get_by_index(&init_net, skb->iif);
1896 if (!dev) {
1897 dev_kfree_skb(skb);
1898 return true;
1899 }
1900
1901 /* validate info->control.vif against skb->iif */
1902 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1903 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
1904 sdata = container_of(sdata->bss,
1905 struct ieee80211_sub_if_data,
1906 u.ap);
1907
1908 if (unlikely(info->control.vif && info->control.vif != &sdata->vif)) {
1909 dev_kfree_skb(skb);
1910 result = true;
1911 goto out;
1912 }
1913 1858
1914 if (info->flags & IEEE80211_TX_INTFL_NEED_TXPROCESSING) { 1859 if (info->flags & IEEE80211_TX_INTFL_NEED_TXPROCESSING) {
1915 ieee80211_tx(dev, skb, true); 1860 ieee80211_tx(sdata, skb, true);
1916 } else { 1861 } else {
1917 hdr = (struct ieee80211_hdr *)skb->data; 1862 hdr = (struct ieee80211_hdr *)skb->data;
1918 sta = sta_info_get(local, hdr->addr1); 1863 sta = sta_info_get(local, hdr->addr1);
1919 1864
1920 ret = __ieee80211_tx(local, &skb, sta); 1865 ret = __ieee80211_tx(local, &skb, sta, true);
1921 if (ret != IEEE80211_TX_OK) 1866 if (ret != IEEE80211_TX_OK)
1922 result = false; 1867 result = false;
1923 } 1868 }
1924 1869
1925 out:
1926 dev_put(dev);
1927
1928 return result; 1870 return result;
1929} 1871}
1930 1872
1931/* 1873/*
1932 * Transmit all pending packets. Called from tasklet, locks master device 1874 * Transmit all pending packets. Called from tasklet.
1933 * TX lock so that no new packets can come in.
1934 */ 1875 */
1935void ieee80211_tx_pending(unsigned long data) 1876void ieee80211_tx_pending(unsigned long data)
1936{ 1877{
1937 struct ieee80211_local *local = (struct ieee80211_local *)data; 1878 struct ieee80211_local *local = (struct ieee80211_local *)data;
1938 struct net_device *dev = local->mdev;
1939 unsigned long flags; 1879 unsigned long flags;
1940 int i; 1880 int i;
1941 bool next; 1881 bool txok;
1942 1882
1943 rcu_read_lock(); 1883 rcu_read_lock();
1944 netif_tx_lock_bh(dev);
1945 1884
1885 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1946 for (i = 0; i < local->hw.queues; i++) { 1886 for (i = 0; i < local->hw.queues; i++) {
1947 /* 1887 /*
1948 * If queue is stopped by something other than due to pending 1888 * If queue is stopped by something other than due to pending
1949 * frames, or we have no pending frames, proceed to next queue. 1889 * frames, or we have no pending frames, proceed to next queue.
1950 */ 1890 */
1951 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 1891 if (local->queue_stop_reasons[i] ||
1952 next = false;
1953 if (local->queue_stop_reasons[i] !=
1954 BIT(IEEE80211_QUEUE_STOP_REASON_PENDING) ||
1955 skb_queue_empty(&local->pending[i])) 1892 skb_queue_empty(&local->pending[i]))
1956 next = true;
1957 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1958
1959 if (next)
1960 continue; 1893 continue;
1961 1894
1962 /*
1963 * start the queue now to allow processing our packets,
1964 * we're under the tx lock here anyway so nothing will
1965 * happen as a result of this
1966 */
1967 netif_start_subqueue(local->mdev, i);
1968
1969 while (!skb_queue_empty(&local->pending[i])) { 1895 while (!skb_queue_empty(&local->pending[i])) {
1970 struct sk_buff *skb = skb_dequeue(&local->pending[i]); 1896 struct sk_buff *skb = __skb_dequeue(&local->pending[i]);
1897 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1898 struct ieee80211_sub_if_data *sdata;
1971 1899
1972 if (!ieee80211_tx_pending_skb(local, skb)) { 1900 if (WARN_ON(!info->control.vif)) {
1973 skb_queue_head(&local->pending[i], skb); 1901 kfree_skb(skb);
1974 break; 1902 continue;
1975 } 1903 }
1976 }
1977 1904
1978 /* Start regular packet processing again. */ 1905 sdata = vif_to_sdata(info->control.vif);
1979 if (skb_queue_empty(&local->pending[i])) 1906 dev_hold(sdata->dev);
1980 ieee80211_wake_queue_by_reason(&local->hw, i, 1907 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1981 IEEE80211_QUEUE_STOP_REASON_PENDING); 1908 flags);
1909
1910 txok = ieee80211_tx_pending_skb(local, skb);
1911 dev_put(sdata->dev);
1912 if (!txok)
1913 __skb_queue_head(&local->pending[i], skb);
1914 spin_lock_irqsave(&local->queue_stop_reason_lock,
1915 flags);
1916 if (!txok)
1917 break;
1918 }
1982 } 1919 }
1920 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1983 1921
1984 netif_tx_unlock_bh(dev);
1985 rcu_read_unlock(); 1922 rcu_read_unlock();
1986} 1923}
1987 1924
@@ -2156,8 +2093,7 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
2156 2093
2157 info = IEEE80211_SKB_CB(skb); 2094 info = IEEE80211_SKB_CB(skb);
2158 2095
2159 skb->do_not_encrypt = 1; 2096 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
2160
2161 info->band = band; 2097 info->band = band;
2162 /* 2098 /*
2163 * XXX: For now, always use the lowest rate 2099 * XXX: For now, always use the lowest rate
@@ -2228,9 +2164,6 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2228 sdata = vif_to_sdata(vif); 2164 sdata = vif_to_sdata(vif);
2229 bss = &sdata->u.ap; 2165 bss = &sdata->u.ap;
2230 2166
2231 if (!bss)
2232 return NULL;
2233
2234 rcu_read_lock(); 2167 rcu_read_lock();
2235 beacon = rcu_dereference(bss->beacon); 2168 beacon = rcu_dereference(bss->beacon);
2236 2169
@@ -2256,7 +2189,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2256 cpu_to_le16(IEEE80211_FCTL_MOREDATA); 2189 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
2257 } 2190 }
2258 2191
2259 if (!ieee80211_tx_prepare(local, &tx, skb)) 2192 if (!ieee80211_tx_prepare(sdata, &tx, skb))
2260 break; 2193 break;
2261 dev_kfree_skb_any(skb); 2194 dev_kfree_skb_any(skb);
2262 } 2195 }
@@ -2276,3 +2209,24 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2276 return skb; 2209 return skb;
2277} 2210}
2278EXPORT_SYMBOL(ieee80211_get_buffered_bc); 2211EXPORT_SYMBOL(ieee80211_get_buffered_bc);
2212
2213void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
2214 int encrypt)
2215{
2216 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
2217 skb_set_mac_header(skb, 0);
2218 skb_set_network_header(skb, 0);
2219 skb_set_transport_header(skb, 0);
2220
2221 if (!encrypt)
2222 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
2223
2224 /*
2225 * The other path calling ieee80211_xmit is from the tasklet,
2226 * and while we can handle concurrent transmissions locking
2227 * requirements are that we do not come into tx with bhs on.
2228 */
2229 local_bh_disable();
2230 ieee80211_xmit(sdata, skb);
2231 local_bh_enable();
2232}
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 915e77769312..e55d57f559ec 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -31,6 +31,7 @@
31#include "mesh.h" 31#include "mesh.h"
32#include "wme.h" 32#include "wme.h"
33#include "led.h" 33#include "led.h"
34#include "wep.h"
34 35
35/* privid for wiphys to determine whether they belong to us or not */ 36/* privid for wiphys to determine whether they belong to us or not */
36void *mac80211_wiphy_privid = &mac80211_wiphy_privid; 37void *mac80211_wiphy_privid = &mac80211_wiphy_privid;
@@ -274,16 +275,12 @@ static void __ieee80211_wake_queue(struct ieee80211_hw *hw, int queue,
274 275
275 __clear_bit(reason, &local->queue_stop_reasons[queue]); 276 __clear_bit(reason, &local->queue_stop_reasons[queue]);
276 277
277 if (!skb_queue_empty(&local->pending[queue]) &&
278 local->queue_stop_reasons[queue] ==
279 BIT(IEEE80211_QUEUE_STOP_REASON_PENDING))
280 tasklet_schedule(&local->tx_pending_tasklet);
281
282 if (local->queue_stop_reasons[queue] != 0) 278 if (local->queue_stop_reasons[queue] != 0)
283 /* someone still has this queue stopped */ 279 /* someone still has this queue stopped */
284 return; 280 return;
285 281
286 netif_wake_subqueue(local->mdev, queue); 282 if (!skb_queue_empty(&local->pending[queue]))
283 tasklet_schedule(&local->tx_pending_tasklet);
287} 284}
288 285
289void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue, 286void ieee80211_wake_queue_by_reason(struct ieee80211_hw *hw, int queue,
@@ -312,14 +309,6 @@ static void __ieee80211_stop_queue(struct ieee80211_hw *hw, int queue,
312 if (WARN_ON(queue >= hw->queues)) 309 if (WARN_ON(queue >= hw->queues))
313 return; 310 return;
314 311
315 /*
316 * Only stop if it was previously running, this is necessary
317 * for correct pending packets handling because there we may
318 * start (but not wake) the queue and rely on that.
319 */
320 if (!local->queue_stop_reasons[queue])
321 netif_stop_subqueue(local->mdev, queue);
322
323 __set_bit(reason, &local->queue_stop_reasons[queue]); 312 __set_bit(reason, &local->queue_stop_reasons[queue]);
324} 313}
325 314
@@ -347,11 +336,16 @@ void ieee80211_add_pending_skb(struct ieee80211_local *local,
347 struct ieee80211_hw *hw = &local->hw; 336 struct ieee80211_hw *hw = &local->hw;
348 unsigned long flags; 337 unsigned long flags;
349 int queue = skb_get_queue_mapping(skb); 338 int queue = skb_get_queue_mapping(skb);
339 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
340
341 if (WARN_ON(!info->control.vif)) {
342 kfree(skb);
343 return;
344 }
350 345
351 spin_lock_irqsave(&local->queue_stop_reason_lock, flags); 346 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
352 __ieee80211_stop_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD); 347 __ieee80211_stop_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
353 __ieee80211_stop_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_PENDING); 348 __skb_queue_tail(&local->pending[queue], skb);
354 skb_queue_tail(&local->pending[queue], skb);
355 __ieee80211_wake_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD); 349 __ieee80211_wake_queue(hw, queue, IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
356 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 350 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
357} 351}
@@ -370,18 +364,21 @@ int ieee80211_add_pending_skbs(struct ieee80211_local *local,
370 IEEE80211_QUEUE_STOP_REASON_SKB_ADD); 364 IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
371 365
372 while ((skb = skb_dequeue(skbs))) { 366 while ((skb = skb_dequeue(skbs))) {
367 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
368
369 if (WARN_ON(!info->control.vif)) {
370 kfree(skb);
371 continue;
372 }
373
373 ret++; 374 ret++;
374 queue = skb_get_queue_mapping(skb); 375 queue = skb_get_queue_mapping(skb);
375 skb_queue_tail(&local->pending[queue], skb); 376 __skb_queue_tail(&local->pending[queue], skb);
376 } 377 }
377 378
378 for (i = 0; i < hw->queues; i++) { 379 for (i = 0; i < hw->queues; i++)
379 if (ret)
380 __ieee80211_stop_queue(hw, i,
381 IEEE80211_QUEUE_STOP_REASON_PENDING);
382 __ieee80211_wake_queue(hw, i, 380 __ieee80211_wake_queue(hw, i,
383 IEEE80211_QUEUE_STOP_REASON_SKB_ADD); 381 IEEE80211_QUEUE_STOP_REASON_SKB_ADD);
384 }
385 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 382 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
386 383
387 return ret; 384 return ret;
@@ -412,11 +409,16 @@ EXPORT_SYMBOL(ieee80211_stop_queues);
412int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue) 409int ieee80211_queue_stopped(struct ieee80211_hw *hw, int queue)
413{ 410{
414 struct ieee80211_local *local = hw_to_local(hw); 411 struct ieee80211_local *local = hw_to_local(hw);
412 unsigned long flags;
413 int ret;
415 414
416 if (WARN_ON(queue >= hw->queues)) 415 if (WARN_ON(queue >= hw->queues))
417 return true; 416 return true;
418 417
419 return __netif_subqueue_stopped(local->mdev, queue); 418 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
419 ret = !!local->queue_stop_reasons[queue];
420 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
421 return ret;
420} 422}
421EXPORT_SYMBOL(ieee80211_queue_stopped); 423EXPORT_SYMBOL(ieee80211_queue_stopped);
422 424
@@ -509,6 +511,46 @@ void ieee80211_iterate_active_interfaces_atomic(
509} 511}
510EXPORT_SYMBOL_GPL(ieee80211_iterate_active_interfaces_atomic); 512EXPORT_SYMBOL_GPL(ieee80211_iterate_active_interfaces_atomic);
511 513
514/*
515 * Nothing should have been stuffed into the workqueue during
516 * the suspend->resume cycle. If this WARN is seen then there
517 * is a bug with either the driver suspend or something in
518 * mac80211 stuffing into the workqueue which we haven't yet
519 * cleared during mac80211's suspend cycle.
520 */
521static bool ieee80211_can_queue_work(struct ieee80211_local *local)
522{
523 if (WARN(local->suspended, "queueing ieee80211 work while "
524 "going to suspend\n"))
525 return false;
526
527 return true;
528}
529
530void ieee80211_queue_work(struct ieee80211_hw *hw, struct work_struct *work)
531{
532 struct ieee80211_local *local = hw_to_local(hw);
533
534 if (!ieee80211_can_queue_work(local))
535 return;
536
537 queue_work(local->workqueue, work);
538}
539EXPORT_SYMBOL(ieee80211_queue_work);
540
541void ieee80211_queue_delayed_work(struct ieee80211_hw *hw,
542 struct delayed_work *dwork,
543 unsigned long delay)
544{
545 struct ieee80211_local *local = hw_to_local(hw);
546
547 if (!ieee80211_can_queue_work(local))
548 return;
549
550 queue_delayed_work(local->workqueue, dwork, delay);
551}
552EXPORT_SYMBOL(ieee80211_queue_delayed_work);
553
512void ieee802_11_parse_elems(u8 *start, size_t len, 554void ieee802_11_parse_elems(u8 *start, size_t len,
513 struct ieee802_11_elems *elems) 555 struct ieee802_11_elems *elems)
514{ 556{
@@ -760,20 +802,6 @@ void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
760 ieee80211_set_wmm_default(sdata); 802 ieee80211_set_wmm_default(sdata);
761} 803}
762 804
763void ieee80211_tx_skb(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
764 int encrypt)
765{
766 skb->dev = sdata->local->mdev;
767 skb_set_mac_header(skb, 0);
768 skb_set_network_header(skb, 0);
769 skb_set_transport_header(skb, 0);
770
771 skb->iif = sdata->dev->ifindex;
772 skb->do_not_encrypt = !encrypt;
773
774 dev_queue_xmit(skb);
775}
776
777u32 ieee80211_mandatory_rates(struct ieee80211_local *local, 805u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
778 enum ieee80211_band band) 806 enum ieee80211_band band)
779{ 807{
@@ -804,12 +832,13 @@ u32 ieee80211_mandatory_rates(struct ieee80211_local *local,
804 832
805void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, 833void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
806 u16 transaction, u16 auth_alg, 834 u16 transaction, u16 auth_alg,
807 u8 *extra, size_t extra_len, 835 u8 *extra, size_t extra_len, const u8 *bssid,
808 const u8 *bssid, int encrypt) 836 const u8 *key, u8 key_len, u8 key_idx)
809{ 837{
810 struct ieee80211_local *local = sdata->local; 838 struct ieee80211_local *local = sdata->local;
811 struct sk_buff *skb; 839 struct sk_buff *skb;
812 struct ieee80211_mgmt *mgmt; 840 struct ieee80211_mgmt *mgmt;
841 int err;
813 842
814 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 843 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
815 sizeof(*mgmt) + 6 + extra_len); 844 sizeof(*mgmt) + 6 + extra_len);
@@ -824,8 +853,6 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
824 memset(mgmt, 0, 24 + 6); 853 memset(mgmt, 0, 24 + 6);
825 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 854 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
826 IEEE80211_STYPE_AUTH); 855 IEEE80211_STYPE_AUTH);
827 if (encrypt)
828 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
829 memcpy(mgmt->da, bssid, ETH_ALEN); 856 memcpy(mgmt->da, bssid, ETH_ALEN);
830 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN); 857 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
831 memcpy(mgmt->bssid, bssid, ETH_ALEN); 858 memcpy(mgmt->bssid, bssid, ETH_ALEN);
@@ -835,7 +862,13 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
835 if (extra) 862 if (extra)
836 memcpy(skb_put(skb, extra_len), extra, extra_len); 863 memcpy(skb_put(skb, extra_len), extra, extra_len);
837 864
838 ieee80211_tx_skb(sdata, skb, encrypt); 865 if (auth_alg == WLAN_AUTH_SHARED_KEY && transaction == 3) {
866 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
867 err = ieee80211_wep_encrypt(local, skb, key, key_len, key_idx);
868 WARN_ON(err);
869 }
870
871 ieee80211_tx_skb(sdata, skb, 0);
839} 872}
840 873
841int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 874int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
@@ -1043,9 +1076,9 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1043 /* reconfigure hardware */ 1076 /* reconfigure hardware */
1044 ieee80211_hw_config(local, ~0); 1077 ieee80211_hw_config(local, ~0);
1045 1078
1046 netif_addr_lock_bh(local->mdev); 1079 spin_lock_bh(&local->filter_lock);
1047 ieee80211_configure_filter(local); 1080 ieee80211_configure_filter(local);
1048 netif_addr_unlock_bh(local->mdev); 1081 spin_unlock_bh(&local->filter_lock);
1049 1082
1050 /* Finally also reconfigure all the BSS information */ 1083 /* Finally also reconfigure all the BSS information */
1051 list_for_each_entry(sdata, &local->interfaces, list) { 1084 list_for_each_entry(sdata, &local->interfaces, list) {
@@ -1121,3 +1154,4 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1121#endif 1154#endif
1122 return 0; 1155 return 0;
1123} 1156}
1157
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
index ef73105b3061..8a980f136941 100644
--- a/net/mac80211/wep.c
+++ b/net/mac80211/wep.c
@@ -67,10 +67,10 @@ static inline bool ieee80211_wep_weak_iv(u32 iv, int keylen)
67 67
68 68
69static void ieee80211_wep_get_iv(struct ieee80211_local *local, 69static void ieee80211_wep_get_iv(struct ieee80211_local *local,
70 struct ieee80211_key *key, u8 *iv) 70 int keylen, int keyidx, u8 *iv)
71{ 71{
72 local->wep_iv++; 72 local->wep_iv++;
73 if (ieee80211_wep_weak_iv(local->wep_iv, key->conf.keylen)) 73 if (ieee80211_wep_weak_iv(local->wep_iv, keylen))
74 local->wep_iv += 0x0100; 74 local->wep_iv += 0x0100;
75 75
76 if (!iv) 76 if (!iv)
@@ -79,13 +79,13 @@ static void ieee80211_wep_get_iv(struct ieee80211_local *local,
79 *iv++ = (local->wep_iv >> 16) & 0xff; 79 *iv++ = (local->wep_iv >> 16) & 0xff;
80 *iv++ = (local->wep_iv >> 8) & 0xff; 80 *iv++ = (local->wep_iv >> 8) & 0xff;
81 *iv++ = local->wep_iv & 0xff; 81 *iv++ = local->wep_iv & 0xff;
82 *iv++ = key->conf.keyidx << 6; 82 *iv++ = keyidx << 6;
83} 83}
84 84
85 85
86static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local, 86static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local,
87 struct sk_buff *skb, 87 struct sk_buff *skb,
88 struct ieee80211_key *key) 88 int keylen, int keyidx)
89{ 89{
90 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 90 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
91 unsigned int hdrlen; 91 unsigned int hdrlen;
@@ -100,7 +100,7 @@ static u8 *ieee80211_wep_add_iv(struct ieee80211_local *local,
100 hdrlen = ieee80211_hdrlen(hdr->frame_control); 100 hdrlen = ieee80211_hdrlen(hdr->frame_control);
101 newhdr = skb_push(skb, WEP_IV_LEN); 101 newhdr = skb_push(skb, WEP_IV_LEN);
102 memmove(newhdr, newhdr + WEP_IV_LEN, hdrlen); 102 memmove(newhdr, newhdr + WEP_IV_LEN, hdrlen);
103 ieee80211_wep_get_iv(local, key, newhdr + hdrlen); 103 ieee80211_wep_get_iv(local, keylen, keyidx, newhdr + hdrlen);
104 return newhdr + hdrlen; 104 return newhdr + hdrlen;
105} 105}
106 106
@@ -144,26 +144,17 @@ void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
144 * 144 *
145 * WEP frame payload: IV + TX key idx, RC4(data), ICV = RC4(CRC32(data)) 145 * WEP frame payload: IV + TX key idx, RC4(data), ICV = RC4(CRC32(data))
146 */ 146 */
147int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb, 147int ieee80211_wep_encrypt(struct ieee80211_local *local,
148 struct ieee80211_key *key) 148 struct sk_buff *skb,
149 const u8 *key, int keylen, int keyidx)
149{ 150{
150 u32 klen; 151 u8 *iv;
151 u8 *rc4key, *iv;
152 size_t len; 152 size_t len;
153 u8 rc4key[3 + WLAN_KEY_LEN_WEP104];
153 154
154 if (!key || key->conf.alg != ALG_WEP) 155 iv = ieee80211_wep_add_iv(local, skb, keylen, keyidx);
155 return -1; 156 if (!iv)
156
157 klen = 3 + key->conf.keylen;
158 rc4key = kmalloc(klen, GFP_ATOMIC);
159 if (!rc4key)
160 return -1;
161
162 iv = ieee80211_wep_add_iv(local, skb, key);
163 if (!iv) {
164 kfree(rc4key);
165 return -1; 157 return -1;
166 }
167 158
168 len = skb->len - (iv + WEP_IV_LEN - skb->data); 159 len = skb->len - (iv + WEP_IV_LEN - skb->data);
169 160
@@ -171,16 +162,14 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
171 memcpy(rc4key, iv, 3); 162 memcpy(rc4key, iv, 3);
172 163
173 /* Copy rest of the WEP key (the secret part) */ 164 /* Copy rest of the WEP key (the secret part) */
174 memcpy(rc4key + 3, key->conf.key, key->conf.keylen); 165 memcpy(rc4key + 3, key, keylen);
175 166
176 /* Add room for ICV */ 167 /* Add room for ICV */
177 skb_put(skb, WEP_ICV_LEN); 168 skb_put(skb, WEP_ICV_LEN);
178 169
179 ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, klen, 170 ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3,
180 iv + WEP_IV_LEN, len); 171 iv + WEP_IV_LEN, len);
181 172
182 kfree(rc4key);
183
184 return 0; 173 return 0;
185} 174}
186 175
@@ -216,8 +205,9 @@ int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
216 * failure. If frame is OK, IV and ICV will be removed, i.e., decrypted payload 205 * failure. If frame is OK, IV and ICV will be removed, i.e., decrypted payload
217 * is moved to the beginning of the skb and skb length will be reduced. 206 * is moved to the beginning of the skb and skb length will be reduced.
218 */ 207 */
219int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb, 208static int ieee80211_wep_decrypt(struct ieee80211_local *local,
220 struct ieee80211_key *key) 209 struct sk_buff *skb,
210 struct ieee80211_key *key)
221{ 211{
222 u32 klen; 212 u32 klen;
223 u8 *rc4key; 213 u8 *rc4key;
@@ -314,12 +304,16 @@ static int wep_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
314 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 304 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
315 305
316 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) { 306 if (!(tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
317 if (ieee80211_wep_encrypt(tx->local, skb, tx->key)) 307 if (ieee80211_wep_encrypt(tx->local, skb, tx->key->conf.key,
308 tx->key->conf.keylen,
309 tx->key->conf.keyidx))
318 return -1; 310 return -1;
319 } else { 311 } else {
320 info->control.hw_key = &tx->key->conf; 312 info->control.hw_key = &tx->key->conf;
321 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) { 313 if (tx->key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) {
322 if (!ieee80211_wep_add_iv(tx->local, skb, tx->key)) 314 if (!ieee80211_wep_add_iv(tx->local, skb,
315 tx->key->conf.keylen,
316 tx->key->conf.keyidx))
323 return -1; 317 return -1;
324 } 318 }
325 } 319 }
diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h
index d3f0db48314e..fe29d7e5759f 100644
--- a/net/mac80211/wep.h
+++ b/net/mac80211/wep.h
@@ -20,12 +20,11 @@ int ieee80211_wep_init(struct ieee80211_local *local);
20void ieee80211_wep_free(struct ieee80211_local *local); 20void ieee80211_wep_free(struct ieee80211_local *local);
21void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key, 21void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
22 size_t klen, u8 *data, size_t data_len); 22 size_t klen, u8 *data, size_t data_len);
23int ieee80211_wep_encrypt(struct ieee80211_local *local,
24 struct sk_buff *skb,
25 const u8 *key, int keylen, int keyidx);
23int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key, 26int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
24 size_t klen, u8 *data, size_t data_len); 27 size_t klen, u8 *data, size_t data_len);
25int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
26 struct ieee80211_key *key);
27int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
28 struct ieee80211_key *key);
29bool ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key); 28bool ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
30 29
31ieee80211_rx_result 30ieee80211_rx_result
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
deleted file mode 100644
index 1da81f456744..000000000000
--- a/net/mac80211/wext.c
+++ /dev/null
@@ -1,633 +0,0 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/init.h>
12#include <linux/netdevice.h>
13#include <linux/types.h>
14#include <linux/slab.h>
15#include <linux/skbuff.h>
16#include <linux/etherdevice.h>
17#include <linux/if_arp.h>
18#include <linux/wireless.h>
19#include <net/iw_handler.h>
20#include <asm/uaccess.h>
21
22#include <net/mac80211.h>
23#include "ieee80211_i.h"
24#include "led.h"
25#include "rate.h"
26#include "wpa.h"
27#include "aes_ccm.h"
28
29
30static int ieee80211_ioctl_siwgenie(struct net_device *dev,
31 struct iw_request_info *info,
32 struct iw_point *data, char *extra)
33{
34 struct ieee80211_sub_if_data *sdata;
35
36 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
37
38 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
39 int ret = ieee80211_sta_set_extra_ie(sdata, extra, data->length);
40 if (ret && ret != -EALREADY)
41 return ret;
42 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
43 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
44 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
45 if (ret != -EALREADY)
46 ieee80211_sta_req_auth(sdata);
47 return 0;
48 }
49
50 return -EOPNOTSUPP;
51}
52
53static int ieee80211_ioctl_siwfreq(struct net_device *dev,
54 struct iw_request_info *info,
55 struct iw_freq *freq, char *extra)
56{
57 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
58 struct ieee80211_local *local = sdata->local;
59 struct ieee80211_channel *chan;
60
61 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
62 return cfg80211_ibss_wext_siwfreq(dev, info, freq, extra);
63 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
64 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_CHANNEL_SEL;
65
66 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */
67 if (freq->e == 0) {
68 if (freq->m < 0) {
69 if (sdata->vif.type == NL80211_IFTYPE_STATION)
70 sdata->u.mgd.flags |=
71 IEEE80211_STA_AUTO_CHANNEL_SEL;
72 return 0;
73 } else
74 chan = ieee80211_get_channel(local->hw.wiphy,
75 ieee80211_channel_to_frequency(freq->m));
76 } else {
77 int i, div = 1000000;
78 for (i = 0; i < freq->e; i++)
79 div /= 10;
80 if (div <= 0)
81 return -EINVAL;
82 chan = ieee80211_get_channel(local->hw.wiphy, freq->m / div);
83 }
84
85 if (!chan)
86 return -EINVAL;
87
88 if (chan->flags & IEEE80211_CHAN_DISABLED)
89 return -EINVAL;
90
91 /*
92 * no change except maybe auto -> fixed, ignore the HT
93 * setting so you can fix a channel you're on already
94 */
95 if (local->oper_channel == chan)
96 return 0;
97
98 if (sdata->vif.type == NL80211_IFTYPE_STATION)
99 ieee80211_sta_req_auth(sdata);
100
101 local->oper_channel = chan;
102 local->oper_channel_type = NL80211_CHAN_NO_HT;
103 ieee80211_hw_config(local, 0);
104
105 return 0;
106}
107
108
109static int ieee80211_ioctl_giwfreq(struct net_device *dev,
110 struct iw_request_info *info,
111 struct iw_freq *freq, char *extra)
112{
113 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
114 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
115
116 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
117 return cfg80211_ibss_wext_giwfreq(dev, info, freq, extra);
118
119 freq->m = local->oper_channel->center_freq;
120 freq->e = 6;
121
122 return 0;
123}
124
125
126static int ieee80211_ioctl_siwessid(struct net_device *dev,
127 struct iw_request_info *info,
128 struct iw_point *data, char *ssid)
129{
130 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
131 size_t len = data->length;
132 int ret;
133
134 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
135 return cfg80211_ibss_wext_siwessid(dev, info, data, ssid);
136
137 /* iwconfig uses nul termination in SSID.. */
138 if (len > 0 && ssid[len - 1] == '\0')
139 len--;
140
141 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
142 if (data->flags)
143 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
144 else
145 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
146
147 ret = ieee80211_sta_set_ssid(sdata, ssid, len);
148 if (ret)
149 return ret;
150
151 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
152 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
153 ieee80211_sta_req_auth(sdata);
154 return 0;
155 }
156
157 return -EOPNOTSUPP;
158}
159
160
161static int ieee80211_ioctl_giwessid(struct net_device *dev,
162 struct iw_request_info *info,
163 struct iw_point *data, char *ssid)
164{
165 size_t len;
166 struct ieee80211_sub_if_data *sdata;
167
168 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
169
170 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
171 return cfg80211_ibss_wext_giwessid(dev, info, data, ssid);
172
173 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
174 int res = ieee80211_sta_get_ssid(sdata, ssid, &len);
175 if (res == 0) {
176 data->length = len;
177 data->flags = 1;
178 } else
179 data->flags = 0;
180 return res;
181 }
182
183 return -EOPNOTSUPP;
184}
185
186
187static int ieee80211_ioctl_siwap(struct net_device *dev,
188 struct iw_request_info *info,
189 struct sockaddr *ap_addr, char *extra)
190{
191 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
192
193 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
194 return cfg80211_ibss_wext_siwap(dev, info, ap_addr, extra);
195
196 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
197 int ret;
198
199 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data))
200 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL |
201 IEEE80211_STA_AUTO_CHANNEL_SEL;
202 else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
203 sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL;
204 else
205 sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
206 ret = ieee80211_sta_set_bssid(sdata, (u8 *) &ap_addr->sa_data);
207 if (ret)
208 return ret;
209 sdata->u.mgd.flags &= ~IEEE80211_STA_EXT_SME;
210 sdata->u.mgd.flags &= ~IEEE80211_STA_CONTROL_PORT;
211 ieee80211_sta_req_auth(sdata);
212 return 0;
213 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
214 /*
215 * If it is necessary to update the WDS peer address
216 * while the interface is running, then we need to do
217 * more work here, namely if it is running we need to
218 * add a new and remove the old STA entry, this is
219 * normally handled by _open() and _stop().
220 */
221 if (netif_running(dev))
222 return -EBUSY;
223
224 memcpy(&sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data,
225 ETH_ALEN);
226
227 return 0;
228 }
229
230 return -EOPNOTSUPP;
231}
232
233
234static int ieee80211_ioctl_giwap(struct net_device *dev,
235 struct iw_request_info *info,
236 struct sockaddr *ap_addr, char *extra)
237{
238 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
239
240 if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
241 return cfg80211_ibss_wext_giwap(dev, info, ap_addr, extra);
242
243 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
244 if (sdata->u.mgd.state == IEEE80211_STA_MLME_ASSOCIATED) {
245 ap_addr->sa_family = ARPHRD_ETHER;
246 memcpy(&ap_addr->sa_data, sdata->u.mgd.bssid, ETH_ALEN);
247 } else
248 memset(&ap_addr->sa_data, 0, ETH_ALEN);
249 return 0;
250 } else if (sdata->vif.type == NL80211_IFTYPE_WDS) {
251 ap_addr->sa_family = ARPHRD_ETHER;
252 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN);
253 return 0;
254 }
255
256 return -EOPNOTSUPP;
257}
258
259
260static int ieee80211_ioctl_siwrate(struct net_device *dev,
261 struct iw_request_info *info,
262 struct iw_param *rate, char *extra)
263{
264 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
265 int i, err = -EINVAL;
266 u32 target_rate = rate->value / 100000;
267 struct ieee80211_sub_if_data *sdata;
268 struct ieee80211_supported_band *sband;
269
270 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
271
272 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
273
274 /* target_rate = -1, rate->fixed = 0 means auto only, so use all rates
275 * target_rate = X, rate->fixed = 1 means only rate X
276 * target_rate = X, rate->fixed = 0 means all rates <= X */
277 sdata->max_ratectrl_rateidx = -1;
278 sdata->force_unicast_rateidx = -1;
279 if (rate->value < 0)
280 return 0;
281
282 for (i=0; i< sband->n_bitrates; i++) {
283 struct ieee80211_rate *brate = &sband->bitrates[i];
284 int this_rate = brate->bitrate;
285
286 if (target_rate == this_rate) {
287 sdata->max_ratectrl_rateidx = i;
288 if (rate->fixed)
289 sdata->force_unicast_rateidx = i;
290 err = 0;
291 break;
292 }
293 }
294 return err;
295}
296
297static int ieee80211_ioctl_giwrate(struct net_device *dev,
298 struct iw_request_info *info,
299 struct iw_param *rate, char *extra)
300{
301 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
302 struct sta_info *sta;
303 struct ieee80211_sub_if_data *sdata;
304 struct ieee80211_supported_band *sband;
305
306 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
307
308 if (sdata->vif.type != NL80211_IFTYPE_STATION)
309 return -EOPNOTSUPP;
310
311 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
312
313 rcu_read_lock();
314
315 sta = sta_info_get(local, sdata->u.mgd.bssid);
316
317 if (sta && !(sta->last_tx_rate.flags & IEEE80211_TX_RC_MCS))
318 rate->value = sband->bitrates[sta->last_tx_rate.idx].bitrate;
319 else
320 rate->value = 0;
321
322 rcu_read_unlock();
323
324 if (!sta)
325 return -ENODEV;
326
327 rate->value *= 100000;
328
329 return 0;
330}
331
332static int ieee80211_ioctl_siwpower(struct net_device *dev,
333 struct iw_request_info *info,
334 struct iw_param *wrq,
335 char *extra)
336{
337 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
338 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
339 struct ieee80211_conf *conf = &local->hw.conf;
340 int timeout = 0;
341 bool ps;
342
343 if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS))
344 return -EOPNOTSUPP;
345
346 if (sdata->vif.type != NL80211_IFTYPE_STATION)
347 return -EINVAL;
348
349 if (wrq->disabled) {
350 ps = false;
351 timeout = 0;
352 goto set;
353 }
354
355 switch (wrq->flags & IW_POWER_MODE) {
356 case IW_POWER_ON: /* If not specified */
357 case IW_POWER_MODE: /* If set all mask */
358 case IW_POWER_ALL_R: /* If explicitely state all */
359 ps = true;
360 break;
361 default: /* Otherwise we ignore */
362 return -EINVAL;
363 }
364
365 if (wrq->flags & ~(IW_POWER_MODE | IW_POWER_TIMEOUT))
366 return -EINVAL;
367
368 if (wrq->flags & IW_POWER_TIMEOUT)
369 timeout = wrq->value / 1000;
370
371 set:
372 if (ps == sdata->u.mgd.powersave && timeout == conf->dynamic_ps_timeout)
373 return 0;
374
375 sdata->u.mgd.powersave = ps;
376 conf->dynamic_ps_timeout = timeout;
377
378 if (local->hw.flags & IEEE80211_HW_SUPPORTS_DYNAMIC_PS)
379 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
380
381 ieee80211_recalc_ps(local, -1);
382
383 return 0;
384}
385
386static int ieee80211_ioctl_giwpower(struct net_device *dev,
387 struct iw_request_info *info,
388 union iwreq_data *wrqu,
389 char *extra)
390{
391 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
392
393 wrqu->power.disabled = !sdata->u.mgd.powersave;
394
395 return 0;
396}
397
398static int ieee80211_ioctl_siwauth(struct net_device *dev,
399 struct iw_request_info *info,
400 struct iw_param *data, char *extra)
401{
402 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
403 int ret = 0;
404
405 switch (data->flags & IW_AUTH_INDEX) {
406 case IW_AUTH_WPA_VERSION:
407 case IW_AUTH_CIPHER_GROUP:
408 case IW_AUTH_WPA_ENABLED:
409 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
410 case IW_AUTH_KEY_MGMT:
411 case IW_AUTH_CIPHER_GROUP_MGMT:
412 break;
413 case IW_AUTH_CIPHER_PAIRWISE:
414 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
415 if (data->value & (IW_AUTH_CIPHER_WEP40 |
416 IW_AUTH_CIPHER_WEP104 | IW_AUTH_CIPHER_TKIP))
417 sdata->u.mgd.flags |=
418 IEEE80211_STA_TKIP_WEP_USED;
419 else
420 sdata->u.mgd.flags &=
421 ~IEEE80211_STA_TKIP_WEP_USED;
422 }
423 break;
424 case IW_AUTH_DROP_UNENCRYPTED:
425 sdata->drop_unencrypted = !!data->value;
426 break;
427 case IW_AUTH_PRIVACY_INVOKED:
428 if (sdata->vif.type != NL80211_IFTYPE_STATION)
429 ret = -EINVAL;
430 else {
431 sdata->u.mgd.flags &= ~IEEE80211_STA_PRIVACY_INVOKED;
432 /*
433 * Privacy invoked by wpa_supplicant, store the
434 * value and allow associating to a protected
435 * network without having a key up front.
436 */
437 if (data->value)
438 sdata->u.mgd.flags |=
439 IEEE80211_STA_PRIVACY_INVOKED;
440 }
441 break;
442 case IW_AUTH_80211_AUTH_ALG:
443 if (sdata->vif.type == NL80211_IFTYPE_STATION)
444 sdata->u.mgd.auth_algs = data->value;
445 else
446 ret = -EOPNOTSUPP;
447 break;
448 case IW_AUTH_MFP:
449 if (!(sdata->local->hw.flags & IEEE80211_HW_MFP_CAPABLE)) {
450 ret = -EOPNOTSUPP;
451 break;
452 }
453 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
454 switch (data->value) {
455 case IW_AUTH_MFP_DISABLED:
456 sdata->u.mgd.mfp = IEEE80211_MFP_DISABLED;
457 break;
458 case IW_AUTH_MFP_OPTIONAL:
459 sdata->u.mgd.mfp = IEEE80211_MFP_OPTIONAL;
460 break;
461 case IW_AUTH_MFP_REQUIRED:
462 sdata->u.mgd.mfp = IEEE80211_MFP_REQUIRED;
463 break;
464 default:
465 ret = -EINVAL;
466 }
467 } else
468 ret = -EOPNOTSUPP;
469 break;
470 default:
471 ret = -EOPNOTSUPP;
472 break;
473 }
474 return ret;
475}
476
477/* Get wireless statistics. Called by /proc/net/wireless and by SIOCGIWSTATS */
478static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev)
479{
480 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
481 struct iw_statistics *wstats = &local->wstats;
482 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
483 struct sta_info *sta = NULL;
484
485 rcu_read_lock();
486
487 if (sdata->vif.type == NL80211_IFTYPE_STATION)
488 sta = sta_info_get(local, sdata->u.mgd.bssid);
489
490 if (!sta) {
491 wstats->discard.fragment = 0;
492 wstats->discard.misc = 0;
493 wstats->qual.qual = 0;
494 wstats->qual.level = 0;
495 wstats->qual.noise = 0;
496 wstats->qual.updated = IW_QUAL_ALL_INVALID;
497 } else {
498 wstats->qual.updated = 0;
499 /*
500 * mirror what cfg80211 does for iwrange/scan results,
501 * otherwise userspace gets confused.
502 */
503 if (local->hw.flags & (IEEE80211_HW_SIGNAL_UNSPEC |
504 IEEE80211_HW_SIGNAL_DBM)) {
505 wstats->qual.updated |= IW_QUAL_LEVEL_UPDATED;
506 wstats->qual.updated |= IW_QUAL_QUAL_UPDATED;
507 } else {
508 wstats->qual.updated |= IW_QUAL_LEVEL_INVALID;
509 wstats->qual.updated |= IW_QUAL_QUAL_INVALID;
510 }
511
512 if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC) {
513 wstats->qual.level = sta->last_signal;
514 wstats->qual.qual = sta->last_signal;
515 } else if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM) {
516 int sig = sta->last_signal;
517
518 wstats->qual.updated |= IW_QUAL_DBM;
519 wstats->qual.level = sig;
520 if (sig < -110)
521 sig = -110;
522 else if (sig > -40)
523 sig = -40;
524 wstats->qual.qual = sig + 110;
525 }
526
527 if (local->hw.flags & IEEE80211_HW_NOISE_DBM) {
528 /*
529 * This assumes that if driver reports noise, it also
530 * reports signal in dBm.
531 */
532 wstats->qual.noise = sta->last_noise;
533 wstats->qual.updated |= IW_QUAL_NOISE_UPDATED;
534 } else {
535 wstats->qual.updated |= IW_QUAL_NOISE_INVALID;
536 }
537 }
538
539 rcu_read_unlock();
540
541 return wstats;
542}
543
544static int ieee80211_ioctl_giwauth(struct net_device *dev,
545 struct iw_request_info *info,
546 struct iw_param *data, char *extra)
547{
548 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
549 int ret = 0;
550
551 switch (data->flags & IW_AUTH_INDEX) {
552 case IW_AUTH_80211_AUTH_ALG:
553 if (sdata->vif.type == NL80211_IFTYPE_STATION)
554 data->value = sdata->u.mgd.auth_algs;
555 else
556 ret = -EOPNOTSUPP;
557 break;
558 default:
559 ret = -EOPNOTSUPP;
560 break;
561 }
562 return ret;
563}
564
565
566/* Structures to export the Wireless Handlers */
567
568static const iw_handler ieee80211_handler[] =
569{
570 (iw_handler) NULL, /* SIOCSIWCOMMIT */
571 (iw_handler) cfg80211_wext_giwname, /* SIOCGIWNAME */
572 (iw_handler) NULL, /* SIOCSIWNWID */
573 (iw_handler) NULL, /* SIOCGIWNWID */
574 (iw_handler) ieee80211_ioctl_siwfreq, /* SIOCSIWFREQ */
575 (iw_handler) ieee80211_ioctl_giwfreq, /* SIOCGIWFREQ */
576 (iw_handler) cfg80211_wext_siwmode, /* SIOCSIWMODE */
577 (iw_handler) cfg80211_wext_giwmode, /* SIOCGIWMODE */
578 (iw_handler) NULL, /* SIOCSIWSENS */
579 (iw_handler) NULL, /* SIOCGIWSENS */
580 (iw_handler) NULL /* not used */, /* SIOCSIWRANGE */
581 (iw_handler) cfg80211_wext_giwrange, /* SIOCGIWRANGE */
582 (iw_handler) NULL /* not used */, /* SIOCSIWPRIV */
583 (iw_handler) NULL /* kernel code */, /* SIOCGIWPRIV */
584 (iw_handler) NULL /* not used */, /* SIOCSIWSTATS */
585 (iw_handler) NULL /* kernel code */, /* SIOCGIWSTATS */
586 (iw_handler) NULL, /* SIOCSIWSPY */
587 (iw_handler) NULL, /* SIOCGIWSPY */
588 (iw_handler) NULL, /* SIOCSIWTHRSPY */
589 (iw_handler) NULL, /* SIOCGIWTHRSPY */
590 (iw_handler) ieee80211_ioctl_siwap, /* SIOCSIWAP */
591 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */
592 (iw_handler) cfg80211_wext_siwmlme, /* SIOCSIWMLME */
593 (iw_handler) NULL, /* SIOCGIWAPLIST */
594 (iw_handler) cfg80211_wext_siwscan, /* SIOCSIWSCAN */
595 (iw_handler) cfg80211_wext_giwscan, /* SIOCGIWSCAN */
596 (iw_handler) ieee80211_ioctl_siwessid, /* SIOCSIWESSID */
597 (iw_handler) ieee80211_ioctl_giwessid, /* SIOCGIWESSID */
598 (iw_handler) NULL, /* SIOCSIWNICKN */
599 (iw_handler) NULL, /* SIOCGIWNICKN */
600 (iw_handler) NULL, /* -- hole -- */
601 (iw_handler) NULL, /* -- hole -- */
602 (iw_handler) ieee80211_ioctl_siwrate, /* SIOCSIWRATE */
603 (iw_handler) ieee80211_ioctl_giwrate, /* SIOCGIWRATE */
604 (iw_handler) cfg80211_wext_siwrts, /* SIOCSIWRTS */
605 (iw_handler) cfg80211_wext_giwrts, /* SIOCGIWRTS */
606 (iw_handler) cfg80211_wext_siwfrag, /* SIOCSIWFRAG */
607 (iw_handler) cfg80211_wext_giwfrag, /* SIOCGIWFRAG */
608 (iw_handler) cfg80211_wext_siwtxpower, /* SIOCSIWTXPOW */
609 (iw_handler) cfg80211_wext_giwtxpower, /* SIOCGIWTXPOW */
610 (iw_handler) cfg80211_wext_siwretry, /* SIOCSIWRETRY */
611 (iw_handler) cfg80211_wext_giwretry, /* SIOCGIWRETRY */
612 (iw_handler) cfg80211_wext_siwencode, /* SIOCSIWENCODE */
613 (iw_handler) cfg80211_wext_giwencode, /* SIOCGIWENCODE */
614 (iw_handler) ieee80211_ioctl_siwpower, /* SIOCSIWPOWER */
615 (iw_handler) ieee80211_ioctl_giwpower, /* SIOCGIWPOWER */
616 (iw_handler) NULL, /* -- hole -- */
617 (iw_handler) NULL, /* -- hole -- */
618 (iw_handler) ieee80211_ioctl_siwgenie, /* SIOCSIWGENIE */
619 (iw_handler) NULL, /* SIOCGIWGENIE */
620 (iw_handler) ieee80211_ioctl_siwauth, /* SIOCSIWAUTH */
621 (iw_handler) ieee80211_ioctl_giwauth, /* SIOCGIWAUTH */
622 (iw_handler) cfg80211_wext_siwencodeext, /* SIOCSIWENCODEEXT */
623 (iw_handler) NULL, /* SIOCGIWENCODEEXT */
624 (iw_handler) NULL, /* SIOCSIWPMKSA */
625 (iw_handler) NULL, /* -- hole -- */
626};
627
628const struct iw_handler_def ieee80211_iw_handler_def =
629{
630 .num_standard = ARRAY_SIZE(ieee80211_handler),
631 .standard = (iw_handler *) ieee80211_handler,
632 .get_wireless_stats = ieee80211_get_wireless_stats,
633};
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index 116a923b14d6..b19b7696f3a2 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -85,10 +85,8 @@ static u16 classify80211(struct ieee80211_local *local, struct sk_buff *skb)
85 return ieee802_1d_to_ac[skb->priority]; 85 return ieee802_1d_to_ac[skb->priority];
86} 86}
87 87
88u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb) 88void ieee80211_select_queue(struct ieee80211_local *local, struct sk_buff *skb)
89{ 89{
90 struct ieee80211_master_priv *mpriv = netdev_priv(dev);
91 struct ieee80211_local *local = mpriv->local;
92 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 90 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
93 u16 queue; 91 u16 queue;
94 u8 tid; 92 u8 tid;
@@ -113,5 +111,5 @@ u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb)
113 *p = 0; 111 *p = 0;
114 } 112 }
115 113
116 return queue; 114 skb_set_queue_mapping(skb, queue);
117} 115}
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
index 7520d2e014dc..d4fd87ca5118 100644
--- a/net/mac80211/wme.h
+++ b/net/mac80211/wme.h
@@ -20,6 +20,7 @@
20 20
21extern const int ieee802_1d_to_ac[8]; 21extern const int ieee802_1d_to_ac[8];
22 22
23u16 ieee80211_select_queue(struct net_device *dev, struct sk_buff *skb); 23void ieee80211_select_queue(struct ieee80211_local *local,
24 struct sk_buff *skb);
24 25
25#endif /* _WME_H */ 26#endif /* _WME_H */
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index dcfae8884b86..70778694877b 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -122,7 +122,8 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx)
122 return RX_DROP_UNUSABLE; 122 return RX_DROP_UNUSABLE;
123 123
124 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx, 124 mac80211_ev_michael_mic_failure(rx->sdata, rx->key->conf.keyidx,
125 (void *) skb->data, NULL); 125 (void *) skb->data, NULL,
126 GFP_ATOMIC);
126 return RX_DROP_UNUSABLE; 127 return RX_DROP_UNUSABLE;
127 } 128 }
128 129
diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c
index 201b8ea3020d..3c7e42735b60 100644
--- a/net/netfilter/ipvs/ip_vs_app.c
+++ b/net/netfilter/ipvs/ip_vs_app.c
@@ -18,6 +18,9 @@
18 * 18 *
19 */ 19 */
20 20
21#define KMSG_COMPONENT "IPVS"
22#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/kernel.h> 25#include <linux/kernel.h>
23#include <linux/skbuff.h> 26#include <linux/skbuff.h>
@@ -262,12 +265,12 @@ static inline void vs_fix_seq(const struct ip_vs_seq *vseq, struct tcphdr *th)
262 if (vseq->delta || vseq->previous_delta) { 265 if (vseq->delta || vseq->previous_delta) {
263 if(after(seq, vseq->init_seq)) { 266 if(after(seq, vseq->init_seq)) {
264 th->seq = htonl(seq + vseq->delta); 267 th->seq = htonl(seq + vseq->delta);
265 IP_VS_DBG(9, "vs_fix_seq(): added delta (%d) to seq\n", 268 IP_VS_DBG(9, "%s(): added delta (%d) to seq\n",
266 vseq->delta); 269 __func__, vseq->delta);
267 } else { 270 } else {
268 th->seq = htonl(seq + vseq->previous_delta); 271 th->seq = htonl(seq + vseq->previous_delta);
269 IP_VS_DBG(9, "vs_fix_seq(): added previous_delta " 272 IP_VS_DBG(9, "%s(): added previous_delta (%d) to seq\n",
270 "(%d) to seq\n", vseq->previous_delta); 273 __func__, vseq->previous_delta);
271 } 274 }
272 } 275 }
273} 276}
@@ -291,14 +294,14 @@ vs_fix_ack_seq(const struct ip_vs_seq *vseq, struct tcphdr *th)
291 to receive next, so compare it with init_seq+delta */ 294 to receive next, so compare it with init_seq+delta */
292 if(after(ack_seq, vseq->init_seq+vseq->delta)) { 295 if(after(ack_seq, vseq->init_seq+vseq->delta)) {
293 th->ack_seq = htonl(ack_seq - vseq->delta); 296 th->ack_seq = htonl(ack_seq - vseq->delta);
294 IP_VS_DBG(9, "vs_fix_ack_seq(): subtracted delta " 297 IP_VS_DBG(9, "%s(): subtracted delta "
295 "(%d) from ack_seq\n", vseq->delta); 298 "(%d) from ack_seq\n", __func__, vseq->delta);
296 299
297 } else { 300 } else {
298 th->ack_seq = htonl(ack_seq - vseq->previous_delta); 301 th->ack_seq = htonl(ack_seq - vseq->previous_delta);
299 IP_VS_DBG(9, "vs_fix_ack_seq(): subtracted " 302 IP_VS_DBG(9, "%s(): subtracted "
300 "previous_delta (%d) from ack_seq\n", 303 "previous_delta (%d) from ack_seq\n",
301 vseq->previous_delta); 304 __func__, vseq->previous_delta);
302 } 305 }
303 } 306 }
304} 307}
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index 77bfdfeb966e..27c30cf933da 100644
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -22,6 +22,9 @@
22 * 22 *
23 */ 23 */
24 24
25#define KMSG_COMPONENT "IPVS"
26#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
27
25#include <linux/interrupt.h> 28#include <linux/interrupt.h>
26#include <linux/in.h> 29#include <linux/in.h>
27#include <linux/net.h> 30#include <linux/net.h>
@@ -150,8 +153,8 @@ static inline int ip_vs_conn_hash(struct ip_vs_conn *cp)
150 atomic_inc(&cp->refcnt); 153 atomic_inc(&cp->refcnt);
151 ret = 1; 154 ret = 1;
152 } else { 155 } else {
153 IP_VS_ERR("ip_vs_conn_hash(): request for already hashed, " 156 pr_err("%s(): request for already hashed, called from %pF\n",
154 "called from %p\n", __builtin_return_address(0)); 157 __func__, __builtin_return_address(0));
155 ret = 0; 158 ret = 0;
156 } 159 }
157 160
@@ -689,7 +692,7 @@ ip_vs_conn_new(int af, int proto, const union nf_inet_addr *caddr, __be16 cport,
689 692
690 cp = kmem_cache_zalloc(ip_vs_conn_cachep, GFP_ATOMIC); 693 cp = kmem_cache_zalloc(ip_vs_conn_cachep, GFP_ATOMIC);
691 if (cp == NULL) { 694 if (cp == NULL) {
692 IP_VS_ERR_RL("ip_vs_conn_new: no memory available.\n"); 695 IP_VS_ERR_RL("%s(): no memory\n", __func__);
693 return NULL; 696 return NULL;
694 } 697 }
695 698
@@ -1073,10 +1076,10 @@ int __init ip_vs_conn_init(void)
1073 return -ENOMEM; 1076 return -ENOMEM;
1074 } 1077 }
1075 1078
1076 IP_VS_INFO("Connection hash table configured " 1079 pr_info("Connection hash table configured "
1077 "(size=%d, memory=%ldKbytes)\n", 1080 "(size=%d, memory=%ldKbytes)\n",
1078 IP_VS_CONN_TAB_SIZE, 1081 IP_VS_CONN_TAB_SIZE,
1079 (long)(IP_VS_CONN_TAB_SIZE*sizeof(struct list_head))/1024); 1082 (long)(IP_VS_CONN_TAB_SIZE*sizeof(struct list_head))/1024);
1080 IP_VS_DBG(0, "Each connection entry needs %Zd bytes at least\n", 1083 IP_VS_DBG(0, "Each connection entry needs %Zd bytes at least\n",
1081 sizeof(struct ip_vs_conn)); 1084 sizeof(struct ip_vs_conn));
1082 1085
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index 8dddb17a947a..b227750af752 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -24,6 +24,9 @@
24 * 24 *
25 */ 25 */
26 26
27#define KMSG_COMPONENT "IPVS"
28#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
29
27#include <linux/module.h> 30#include <linux/module.h>
28#include <linux/kernel.h> 31#include <linux/kernel.h>
29#include <linux/ip.h> 32#include <linux/ip.h>
@@ -388,9 +391,9 @@ ip_vs_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
388 */ 391 */
389 if (!svc->fwmark && pptr[1] != svc->port) { 392 if (!svc->fwmark && pptr[1] != svc->port) {
390 if (!svc->port) 393 if (!svc->port)
391 IP_VS_ERR("Schedule: port zero only supported " 394 pr_err("Schedule: port zero only supported "
392 "in persistent services, " 395 "in persistent services, "
393 "check your ipvs configuration\n"); 396 "check your ipvs configuration\n");
394 return NULL; 397 return NULL;
395 } 398 }
396 399
@@ -462,7 +465,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
462 ip_vs_service_put(svc); 465 ip_vs_service_put(svc);
463 466
464 /* create a new connection entry */ 467 /* create a new connection entry */
465 IP_VS_DBG(6, "ip_vs_leave: create a cache_bypass entry\n"); 468 IP_VS_DBG(6, "%s(): create a cache_bypass entry\n", __func__);
466 cp = ip_vs_conn_new(svc->af, iph.protocol, 469 cp = ip_vs_conn_new(svc->af, iph.protocol,
467 &iph.saddr, pptr[0], 470 &iph.saddr, pptr[0],
468 &iph.daddr, pptr[1], 471 &iph.daddr, pptr[1],
@@ -664,8 +667,8 @@ static int handle_response_icmp(int af, struct sk_buff *skb,
664 unsigned int verdict = NF_DROP; 667 unsigned int verdict = NF_DROP;
665 668
666 if (IP_VS_FWD_METHOD(cp) != 0) { 669 if (IP_VS_FWD_METHOD(cp) != 0) {
667 IP_VS_ERR("shouldn't reach here, because the box is on the " 670 pr_err("shouldn't reach here, because the box is on the "
668 "half connection in the tun/dr module.\n"); 671 "half connection in the tun/dr module.\n");
669 } 672 }
670 673
671 /* Ensure the checksum is correct */ 674 /* Ensure the checksum is correct */
@@ -1487,7 +1490,7 @@ static int __init ip_vs_init(void)
1487 1490
1488 ret = ip_vs_control_init(); 1491 ret = ip_vs_control_init();
1489 if (ret < 0) { 1492 if (ret < 0) {
1490 IP_VS_ERR("can't setup control.\n"); 1493 pr_err("can't setup control.\n");
1491 goto cleanup_estimator; 1494 goto cleanup_estimator;
1492 } 1495 }
1493 1496
@@ -1495,23 +1498,23 @@ static int __init ip_vs_init(void)
1495 1498
1496 ret = ip_vs_app_init(); 1499 ret = ip_vs_app_init();
1497 if (ret < 0) { 1500 if (ret < 0) {
1498 IP_VS_ERR("can't setup application helper.\n"); 1501 pr_err("can't setup application helper.\n");
1499 goto cleanup_protocol; 1502 goto cleanup_protocol;
1500 } 1503 }
1501 1504
1502 ret = ip_vs_conn_init(); 1505 ret = ip_vs_conn_init();
1503 if (ret < 0) { 1506 if (ret < 0) {
1504 IP_VS_ERR("can't setup connection table.\n"); 1507 pr_err("can't setup connection table.\n");
1505 goto cleanup_app; 1508 goto cleanup_app;
1506 } 1509 }
1507 1510
1508 ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); 1511 ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops));
1509 if (ret < 0) { 1512 if (ret < 0) {
1510 IP_VS_ERR("can't register hooks.\n"); 1513 pr_err("can't register hooks.\n");
1511 goto cleanup_conn; 1514 goto cleanup_conn;
1512 } 1515 }
1513 1516
1514 IP_VS_INFO("ipvs loaded.\n"); 1517 pr_info("ipvs loaded.\n");
1515 return ret; 1518 return ret;
1516 1519
1517 cleanup_conn: 1520 cleanup_conn:
@@ -1534,7 +1537,7 @@ static void __exit ip_vs_cleanup(void)
1534 ip_vs_protocol_cleanup(); 1537 ip_vs_protocol_cleanup();
1535 ip_vs_control_cleanup(); 1538 ip_vs_control_cleanup();
1536 ip_vs_estimator_cleanup(); 1539 ip_vs_estimator_cleanup();
1537 IP_VS_INFO("ipvs unloaded.\n"); 1540 pr_info("ipvs unloaded.\n");
1538} 1541}
1539 1542
1540module_init(ip_vs_init); 1543module_init(ip_vs_init);
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 7c1333c67ff3..fba2892b99e1 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -18,6 +18,9 @@
18 * 18 *
19 */ 19 */
20 20
21#define KMSG_COMPONENT "IPVS"
22#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/init.h> 25#include <linux/init.h>
23#include <linux/types.h> 26#include <linux/types.h>
@@ -340,8 +343,8 @@ static int ip_vs_svc_hash(struct ip_vs_service *svc)
340 unsigned hash; 343 unsigned hash;
341 344
342 if (svc->flags & IP_VS_SVC_F_HASHED) { 345 if (svc->flags & IP_VS_SVC_F_HASHED) {
343 IP_VS_ERR("ip_vs_svc_hash(): request for already hashed, " 346 pr_err("%s(): request for already hashed, called from %pF\n",
344 "called from %p\n", __builtin_return_address(0)); 347 __func__, __builtin_return_address(0));
345 return 0; 348 return 0;
346 } 349 }
347 350
@@ -374,8 +377,8 @@ static int ip_vs_svc_hash(struct ip_vs_service *svc)
374static int ip_vs_svc_unhash(struct ip_vs_service *svc) 377static int ip_vs_svc_unhash(struct ip_vs_service *svc)
375{ 378{
376 if (!(svc->flags & IP_VS_SVC_F_HASHED)) { 379 if (!(svc->flags & IP_VS_SVC_F_HASHED)) {
377 IP_VS_ERR("ip_vs_svc_unhash(): request for unhash flagged, " 380 pr_err("%s(): request for unhash flagged, called from %pF\n",
378 "called from %p\n", __builtin_return_address(0)); 381 __func__, __builtin_return_address(0));
379 return 0; 382 return 0;
380 } 383 }
381 384
@@ -841,7 +844,7 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest,
841 844
842 dest = kzalloc(sizeof(struct ip_vs_dest), GFP_ATOMIC); 845 dest = kzalloc(sizeof(struct ip_vs_dest), GFP_ATOMIC);
843 if (dest == NULL) { 846 if (dest == NULL) {
844 IP_VS_ERR("ip_vs_new_dest: kmalloc failed.\n"); 847 pr_err("%s(): no memory.\n", __func__);
845 return -ENOMEM; 848 return -ENOMEM;
846 } 849 }
847 850
@@ -885,13 +888,13 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest)
885 EnterFunction(2); 888 EnterFunction(2);
886 889
887 if (udest->weight < 0) { 890 if (udest->weight < 0) {
888 IP_VS_ERR("ip_vs_add_dest(): server weight less than zero\n"); 891 pr_err("%s(): server weight less than zero\n", __func__);
889 return -ERANGE; 892 return -ERANGE;
890 } 893 }
891 894
892 if (udest->l_threshold > udest->u_threshold) { 895 if (udest->l_threshold > udest->u_threshold) {
893 IP_VS_ERR("ip_vs_add_dest(): lower threshold is higher than " 896 pr_err("%s(): lower threshold is higher than upper threshold\n",
894 "upper threshold\n"); 897 __func__);
895 return -ERANGE; 898 return -ERANGE;
896 } 899 }
897 900
@@ -903,7 +906,7 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest)
903 dest = ip_vs_lookup_dest(svc, &daddr, dport); 906 dest = ip_vs_lookup_dest(svc, &daddr, dport);
904 907
905 if (dest != NULL) { 908 if (dest != NULL) {
906 IP_VS_DBG(1, "ip_vs_add_dest(): dest already exists\n"); 909 IP_VS_DBG(1, "%s(): dest already exists\n", __func__);
907 return -EEXIST; 910 return -EEXIST;
908 } 911 }
909 912
@@ -997,13 +1000,13 @@ ip_vs_edit_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest)
997 EnterFunction(2); 1000 EnterFunction(2);
998 1001
999 if (udest->weight < 0) { 1002 if (udest->weight < 0) {
1000 IP_VS_ERR("ip_vs_edit_dest(): server weight less than zero\n"); 1003 pr_err("%s(): server weight less than zero\n", __func__);
1001 return -ERANGE; 1004 return -ERANGE;
1002 } 1005 }
1003 1006
1004 if (udest->l_threshold > udest->u_threshold) { 1007 if (udest->l_threshold > udest->u_threshold) {
1005 IP_VS_ERR("ip_vs_edit_dest(): lower threshold is higher than " 1008 pr_err("%s(): lower threshold is higher than upper threshold\n",
1006 "upper threshold\n"); 1009 __func__);
1007 return -ERANGE; 1010 return -ERANGE;
1008 } 1011 }
1009 1012
@@ -1015,7 +1018,7 @@ ip_vs_edit_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest)
1015 dest = ip_vs_lookup_dest(svc, &daddr, dport); 1018 dest = ip_vs_lookup_dest(svc, &daddr, dport);
1016 1019
1017 if (dest == NULL) { 1020 if (dest == NULL) {
1018 IP_VS_DBG(1, "ip_vs_edit_dest(): dest doesn't exist\n"); 1021 IP_VS_DBG(1, "%s(): dest doesn't exist\n", __func__);
1019 return -ENOENT; 1022 return -ENOENT;
1020 } 1023 }
1021 1024
@@ -1115,7 +1118,7 @@ ip_vs_del_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest)
1115 dest = ip_vs_lookup_dest(svc, &udest->addr, dport); 1118 dest = ip_vs_lookup_dest(svc, &udest->addr, dport);
1116 1119
1117 if (dest == NULL) { 1120 if (dest == NULL) {
1118 IP_VS_DBG(1, "ip_vs_del_dest(): destination not found!\n"); 1121 IP_VS_DBG(1, "%s(): destination not found!\n", __func__);
1119 return -ENOENT; 1122 return -ENOENT;
1120 } 1123 }
1121 1124
@@ -1161,8 +1164,7 @@ ip_vs_add_service(struct ip_vs_service_user_kern *u,
1161 /* Lookup the scheduler by 'u->sched_name' */ 1164 /* Lookup the scheduler by 'u->sched_name' */
1162 sched = ip_vs_scheduler_get(u->sched_name); 1165 sched = ip_vs_scheduler_get(u->sched_name);
1163 if (sched == NULL) { 1166 if (sched == NULL) {
1164 IP_VS_INFO("Scheduler module ip_vs_%s not found\n", 1167 pr_info("Scheduler module ip_vs_%s not found\n", u->sched_name);
1165 u->sched_name);
1166 ret = -ENOENT; 1168 ret = -ENOENT;
1167 goto out_mod_dec; 1169 goto out_mod_dec;
1168 } 1170 }
@@ -1176,7 +1178,7 @@ ip_vs_add_service(struct ip_vs_service_user_kern *u,
1176 1178
1177 svc = kzalloc(sizeof(struct ip_vs_service), GFP_ATOMIC); 1179 svc = kzalloc(sizeof(struct ip_vs_service), GFP_ATOMIC);
1178 if (svc == NULL) { 1180 if (svc == NULL) {
1179 IP_VS_DBG(1, "ip_vs_add_service: kmalloc failed.\n"); 1181 IP_VS_DBG(1, "%s(): no memory\n", __func__);
1180 ret = -ENOMEM; 1182 ret = -ENOMEM;
1181 goto out_err; 1183 goto out_err;
1182 } 1184 }
@@ -1259,8 +1261,7 @@ ip_vs_edit_service(struct ip_vs_service *svc, struct ip_vs_service_user_kern *u)
1259 */ 1261 */
1260 sched = ip_vs_scheduler_get(u->sched_name); 1262 sched = ip_vs_scheduler_get(u->sched_name);
1261 if (sched == NULL) { 1263 if (sched == NULL) {
1262 IP_VS_INFO("Scheduler module ip_vs_%s not found\n", 1264 pr_info("Scheduler module ip_vs_%s not found\n", u->sched_name);
1263 u->sched_name);
1264 return -ENOENT; 1265 return -ENOENT;
1265 } 1266 }
1266 old_sched = sched; 1267 old_sched = sched;
@@ -2077,8 +2078,8 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len)
2077 return -EPERM; 2078 return -EPERM;
2078 2079
2079 if (len != set_arglen[SET_CMDID(cmd)]) { 2080 if (len != set_arglen[SET_CMDID(cmd)]) {
2080 IP_VS_ERR("set_ctl: len %u != %u\n", 2081 pr_err("set_ctl: len %u != %u\n",
2081 len, set_arglen[SET_CMDID(cmd)]); 2082 len, set_arglen[SET_CMDID(cmd)]);
2082 return -EINVAL; 2083 return -EINVAL;
2083 } 2084 }
2084 2085
@@ -2129,9 +2130,9 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len)
2129 2130
2130 /* Check for valid protocol: TCP or UDP, even for fwmark!=0 */ 2131 /* Check for valid protocol: TCP or UDP, even for fwmark!=0 */
2131 if (usvc.protocol != IPPROTO_TCP && usvc.protocol != IPPROTO_UDP) { 2132 if (usvc.protocol != IPPROTO_TCP && usvc.protocol != IPPROTO_UDP) {
2132 IP_VS_ERR("set_ctl: invalid protocol: %d %pI4:%d %s\n", 2133 pr_err("set_ctl: invalid protocol: %d %pI4:%d %s\n",
2133 usvc.protocol, &usvc.addr.ip, 2134 usvc.protocol, &usvc.addr.ip,
2134 ntohs(usvc.port), usvc.sched_name); 2135 ntohs(usvc.port), usvc.sched_name);
2135 ret = -EFAULT; 2136 ret = -EFAULT;
2136 goto out_unlock; 2137 goto out_unlock;
2137 } 2138 }
@@ -2356,8 +2357,8 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
2356 return -EPERM; 2357 return -EPERM;
2357 2358
2358 if (*len < get_arglen[GET_CMDID(cmd)]) { 2359 if (*len < get_arglen[GET_CMDID(cmd)]) {
2359 IP_VS_ERR("get_ctl: len %u < %u\n", 2360 pr_err("get_ctl: len %u < %u\n",
2360 *len, get_arglen[GET_CMDID(cmd)]); 2361 *len, get_arglen[GET_CMDID(cmd)]);
2361 return -EINVAL; 2362 return -EINVAL;
2362 } 2363 }
2363 2364
@@ -2402,7 +2403,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
2402 size = sizeof(*get) + 2403 size = sizeof(*get) +
2403 sizeof(struct ip_vs_service_entry) * get->num_services; 2404 sizeof(struct ip_vs_service_entry) * get->num_services;
2404 if (*len != size) { 2405 if (*len != size) {
2405 IP_VS_ERR("length: %u != %u\n", *len, size); 2406 pr_err("length: %u != %u\n", *len, size);
2406 ret = -EINVAL; 2407 ret = -EINVAL;
2407 goto out; 2408 goto out;
2408 } 2409 }
@@ -2442,7 +2443,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
2442 size = sizeof(*get) + 2443 size = sizeof(*get) +
2443 sizeof(struct ip_vs_dest_entry) * get->num_dests; 2444 sizeof(struct ip_vs_dest_entry) * get->num_dests;
2444 if (*len != size) { 2445 if (*len != size) {
2445 IP_VS_ERR("length: %u != %u\n", *len, size); 2446 pr_err("length: %u != %u\n", *len, size);
2446 ret = -EINVAL; 2447 ret = -EINVAL;
2447 goto out; 2448 goto out;
2448 } 2449 }
@@ -3170,7 +3171,7 @@ static int ip_vs_genl_get_cmd(struct sk_buff *skb, struct genl_info *info)
3170 else if (cmd == IPVS_CMD_GET_CONFIG) 3171 else if (cmd == IPVS_CMD_GET_CONFIG)
3171 reply_cmd = IPVS_CMD_SET_CONFIG; 3172 reply_cmd = IPVS_CMD_SET_CONFIG;
3172 else { 3173 else {
3173 IP_VS_ERR("unknown Generic Netlink command\n"); 3174 pr_err("unknown Generic Netlink command\n");
3174 return -EINVAL; 3175 return -EINVAL;
3175 } 3176 }
3176 3177
@@ -3231,11 +3232,11 @@ static int ip_vs_genl_get_cmd(struct sk_buff *skb, struct genl_info *info)
3231 } 3232 }
3232 3233
3233 genlmsg_end(msg, reply); 3234 genlmsg_end(msg, reply);
3234 ret = genlmsg_unicast(msg, info->snd_pid); 3235 ret = genlmsg_reply(msg, info);
3235 goto out; 3236 goto out;
3236 3237
3237nla_put_failure: 3238nla_put_failure:
3238 IP_VS_ERR("not enough space in Netlink message\n"); 3239 pr_err("not enough space in Netlink message\n");
3239 ret = -EMSGSIZE; 3240 ret = -EMSGSIZE;
3240 3241
3241out_err: 3242out_err:
@@ -3366,13 +3367,13 @@ int __init ip_vs_control_init(void)
3366 3367
3367 ret = nf_register_sockopt(&ip_vs_sockopts); 3368 ret = nf_register_sockopt(&ip_vs_sockopts);
3368 if (ret) { 3369 if (ret) {
3369 IP_VS_ERR("cannot register sockopt.\n"); 3370 pr_err("cannot register sockopt.\n");
3370 return ret; 3371 return ret;
3371 } 3372 }
3372 3373
3373 ret = ip_vs_genl_register(); 3374 ret = ip_vs_genl_register();
3374 if (ret) { 3375 if (ret) {
3375 IP_VS_ERR("cannot register Generic Netlink interface.\n"); 3376 pr_err("cannot register Generic Netlink interface.\n");
3376 nf_unregister_sockopt(&ip_vs_sockopts); 3377 nf_unregister_sockopt(&ip_vs_sockopts);
3377 return ret; 3378 return ret;
3378 } 3379 }
diff --git a/net/netfilter/ipvs/ip_vs_dh.c b/net/netfilter/ipvs/ip_vs_dh.c
index a9dac74bb13f..fe3e18834b91 100644
--- a/net/netfilter/ipvs/ip_vs_dh.c
+++ b/net/netfilter/ipvs/ip_vs_dh.c
@@ -35,6 +35,9 @@
35 * 35 *
36 */ 36 */
37 37
38#define KMSG_COMPONENT "IPVS"
39#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
40
38#include <linux/ip.h> 41#include <linux/ip.h>
39#include <linux/module.h> 42#include <linux/module.h>
40#include <linux/kernel.h> 43#include <linux/kernel.h>
@@ -147,7 +150,7 @@ static int ip_vs_dh_init_svc(struct ip_vs_service *svc)
147 tbl = kmalloc(sizeof(struct ip_vs_dh_bucket)*IP_VS_DH_TAB_SIZE, 150 tbl = kmalloc(sizeof(struct ip_vs_dh_bucket)*IP_VS_DH_TAB_SIZE,
148 GFP_ATOMIC); 151 GFP_ATOMIC);
149 if (tbl == NULL) { 152 if (tbl == NULL) {
150 IP_VS_ERR("ip_vs_dh_init_svc(): no memory\n"); 153 pr_err("%s(): no memory\n", __func__);
151 return -ENOMEM; 154 return -ENOMEM;
152 } 155 }
153 svc->sched_data = tbl; 156 svc->sched_data = tbl;
@@ -214,7 +217,7 @@ ip_vs_dh_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
214 217
215 ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph); 218 ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph);
216 219
217 IP_VS_DBG(6, "ip_vs_dh_schedule(): Scheduling...\n"); 220 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
218 221
219 tbl = (struct ip_vs_dh_bucket *)svc->sched_data; 222 tbl = (struct ip_vs_dh_bucket *)svc->sched_data;
220 dest = ip_vs_dh_get(svc->af, tbl, &iph.daddr); 223 dest = ip_vs_dh_get(svc->af, tbl, &iph.daddr);
diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c
index 2eb2860dabb5..702b53ca937c 100644
--- a/net/netfilter/ipvs/ip_vs_est.c
+++ b/net/netfilter/ipvs/ip_vs_est.c
@@ -11,6 +11,10 @@
11 * Changes: 11 * Changes:
12 * 12 *
13 */ 13 */
14
15#define KMSG_COMPONENT "IPVS"
16#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
17
14#include <linux/kernel.h> 18#include <linux/kernel.h>
15#include <linux/jiffies.h> 19#include <linux/jiffies.h>
16#include <linux/slab.h> 20#include <linux/slab.h>
diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index 428edbf481cc..33e2c799cba7 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -22,6 +22,9 @@
22 * 22 *
23 */ 23 */
24 24
25#define KMSG_COMPONENT "IPVS"
26#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
27
25#include <linux/module.h> 28#include <linux/module.h>
26#include <linux/moduleparam.h> 29#include <linux/moduleparam.h>
27#include <linux/kernel.h> 30#include <linux/kernel.h>
@@ -382,8 +385,8 @@ static int __init ip_vs_ftp_init(void)
382 ret = register_ip_vs_app_inc(app, app->protocol, ports[i]); 385 ret = register_ip_vs_app_inc(app, app->protocol, ports[i]);
383 if (ret) 386 if (ret)
384 break; 387 break;
385 IP_VS_INFO("%s: loaded support on port[%d] = %d\n", 388 pr_info("%s: loaded support on port[%d] = %d\n",
386 app->name, i, ports[i]); 389 app->name, i, ports[i]);
387 } 390 }
388 391
389 if (ret) 392 if (ret)
diff --git a/net/netfilter/ipvs/ip_vs_lblc.c b/net/netfilter/ipvs/ip_vs_lblc.c
index 3eb5e2660c49..c1757f3620cd 100644
--- a/net/netfilter/ipvs/ip_vs_lblc.c
+++ b/net/netfilter/ipvs/ip_vs_lblc.c
@@ -39,6 +39,9 @@
39 * me to write this module. 39 * me to write this module.
40 */ 40 */
41 41
42#define KMSG_COMPONENT "IPVS"
43#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
44
42#include <linux/ip.h> 45#include <linux/ip.h>
43#include <linux/module.h> 46#include <linux/module.h>
44#include <linux/kernel.h> 47#include <linux/kernel.h>
@@ -199,7 +202,7 @@ ip_vs_lblc_new(struct ip_vs_lblc_table *tbl, const union nf_inet_addr *daddr,
199 if (!en) { 202 if (!en) {
200 en = kmalloc(sizeof(*en), GFP_ATOMIC); 203 en = kmalloc(sizeof(*en), GFP_ATOMIC);
201 if (!en) { 204 if (!en) {
202 IP_VS_ERR("ip_vs_lblc_new(): no memory\n"); 205 pr_err("%s(): no memory\n", __func__);
203 return NULL; 206 return NULL;
204 } 207 }
205 208
@@ -332,7 +335,7 @@ static int ip_vs_lblc_init_svc(struct ip_vs_service *svc)
332 */ 335 */
333 tbl = kmalloc(sizeof(*tbl), GFP_ATOMIC); 336 tbl = kmalloc(sizeof(*tbl), GFP_ATOMIC);
334 if (tbl == NULL) { 337 if (tbl == NULL) {
335 IP_VS_ERR("ip_vs_lblc_init_svc(): no memory\n"); 338 pr_err("%s(): no memory\n", __func__);
336 return -ENOMEM; 339 return -ENOMEM;
337 } 340 }
338 svc->sched_data = tbl; 341 svc->sched_data = tbl;
@@ -477,7 +480,7 @@ ip_vs_lblc_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
477 480
478 ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph); 481 ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph);
479 482
480 IP_VS_DBG(6, "ip_vs_lblc_schedule(): Scheduling...\n"); 483 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
481 484
482 /* First look in our cache */ 485 /* First look in our cache */
483 read_lock(&svc->sched_lock); 486 read_lock(&svc->sched_lock);
diff --git a/net/netfilter/ipvs/ip_vs_lblcr.c b/net/netfilter/ipvs/ip_vs_lblcr.c
index c04ce56c7f0f..715b57f9540d 100644
--- a/net/netfilter/ipvs/ip_vs_lblcr.c
+++ b/net/netfilter/ipvs/ip_vs_lblcr.c
@@ -37,6 +37,9 @@
37 * 37 *
38 */ 38 */
39 39
40#define KMSG_COMPONENT "IPVS"
41#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
42
40#include <linux/ip.h> 43#include <linux/ip.h>
41#include <linux/module.h> 44#include <linux/module.h>
42#include <linux/kernel.h> 45#include <linux/kernel.h>
@@ -108,7 +111,7 @@ ip_vs_dest_set_insert(struct ip_vs_dest_set *set, struct ip_vs_dest *dest)
108 111
109 e = kmalloc(sizeof(*e), GFP_ATOMIC); 112 e = kmalloc(sizeof(*e), GFP_ATOMIC);
110 if (e == NULL) { 113 if (e == NULL) {
111 IP_VS_ERR("ip_vs_dest_set_insert(): no memory\n"); 114 pr_err("%s(): no memory\n", __func__);
112 return NULL; 115 return NULL;
113 } 116 }
114 117
@@ -202,8 +205,9 @@ static inline struct ip_vs_dest *ip_vs_dest_set_min(struct ip_vs_dest_set *set)
202 } 205 }
203 } 206 }
204 207
205 IP_VS_DBG_BUF(6, "ip_vs_dest_set_min: server %s:%d " 208 IP_VS_DBG_BUF(6, "%s(): server %s:%d "
206 "activeconns %d refcnt %d weight %d overhead %d\n", 209 "activeconns %d refcnt %d weight %d overhead %d\n",
210 __func__,
207 IP_VS_DBG_ADDR(least->af, &least->addr), 211 IP_VS_DBG_ADDR(least->af, &least->addr),
208 ntohs(least->port), 212 ntohs(least->port),
209 atomic_read(&least->activeconns), 213 atomic_read(&least->activeconns),
@@ -249,8 +253,9 @@ static inline struct ip_vs_dest *ip_vs_dest_set_max(struct ip_vs_dest_set *set)
249 } 253 }
250 } 254 }
251 255
252 IP_VS_DBG_BUF(6, "ip_vs_dest_set_max: server %s:%d " 256 IP_VS_DBG_BUF(6, "%s(): server %s:%d "
253 "activeconns %d refcnt %d weight %d overhead %d\n", 257 "activeconns %d refcnt %d weight %d overhead %d\n",
258 __func__,
254 IP_VS_DBG_ADDR(most->af, &most->addr), ntohs(most->port), 259 IP_VS_DBG_ADDR(most->af, &most->addr), ntohs(most->port),
255 atomic_read(&most->activeconns), 260 atomic_read(&most->activeconns),
256 atomic_read(&most->refcnt), 261 atomic_read(&most->refcnt),
@@ -374,7 +379,7 @@ ip_vs_lblcr_new(struct ip_vs_lblcr_table *tbl, const union nf_inet_addr *daddr,
374 if (!en) { 379 if (!en) {
375 en = kmalloc(sizeof(*en), GFP_ATOMIC); 380 en = kmalloc(sizeof(*en), GFP_ATOMIC);
376 if (!en) { 381 if (!en) {
377 IP_VS_ERR("ip_vs_lblcr_new(): no memory\n"); 382 pr_err("%s(): no memory\n", __func__);
378 return NULL; 383 return NULL;
379 } 384 }
380 385
@@ -508,7 +513,7 @@ static int ip_vs_lblcr_init_svc(struct ip_vs_service *svc)
508 */ 513 */
509 tbl = kmalloc(sizeof(*tbl), GFP_ATOMIC); 514 tbl = kmalloc(sizeof(*tbl), GFP_ATOMIC);
510 if (tbl == NULL) { 515 if (tbl == NULL) {
511 IP_VS_ERR("ip_vs_lblcr_init_svc(): no memory\n"); 516 pr_err("%s(): no memory\n", __func__);
512 return -ENOMEM; 517 return -ENOMEM;
513 } 518 }
514 svc->sched_data = tbl; 519 svc->sched_data = tbl;
@@ -654,7 +659,7 @@ ip_vs_lblcr_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
654 659
655 ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph); 660 ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph);
656 661
657 IP_VS_DBG(6, "ip_vs_lblcr_schedule(): Scheduling...\n"); 662 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
658 663
659 /* First look in our cache */ 664 /* First look in our cache */
660 read_lock(&svc->sched_lock); 665 read_lock(&svc->sched_lock);
diff --git a/net/netfilter/ipvs/ip_vs_lc.c b/net/netfilter/ipvs/ip_vs_lc.c
index d0dadc8a65fd..4f69db1fac56 100644
--- a/net/netfilter/ipvs/ip_vs_lc.c
+++ b/net/netfilter/ipvs/ip_vs_lc.c
@@ -14,6 +14,9 @@
14 * 14 *
15 */ 15 */
16 16
17#define KMSG_COMPONENT "IPVS"
18#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
19
17#include <linux/module.h> 20#include <linux/module.h>
18#include <linux/kernel.h> 21#include <linux/kernel.h>
19 22
@@ -44,7 +47,7 @@ ip_vs_lc_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
44 struct ip_vs_dest *dest, *least = NULL; 47 struct ip_vs_dest *dest, *least = NULL;
45 unsigned int loh = 0, doh; 48 unsigned int loh = 0, doh;
46 49
47 IP_VS_DBG(6, "ip_vs_lc_schedule(): Scheduling...\n"); 50 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
48 51
49 /* 52 /*
50 * Simply select the server with the least number of 53 * Simply select the server with the least number of
diff --git a/net/netfilter/ipvs/ip_vs_nq.c b/net/netfilter/ipvs/ip_vs_nq.c
index 694952db5026..c413e1830823 100644
--- a/net/netfilter/ipvs/ip_vs_nq.c
+++ b/net/netfilter/ipvs/ip_vs_nq.c
@@ -31,6 +31,9 @@
31 * 31 *
32 */ 32 */
33 33
34#define KMSG_COMPONENT "IPVS"
35#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
36
34#include <linux/module.h> 37#include <linux/module.h>
35#include <linux/kernel.h> 38#include <linux/kernel.h>
36 39
@@ -57,7 +60,7 @@ ip_vs_nq_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
57 struct ip_vs_dest *dest, *least = NULL; 60 struct ip_vs_dest *dest, *least = NULL;
58 unsigned int loh = 0, doh; 61 unsigned int loh = 0, doh;
59 62
60 IP_VS_DBG(6, "ip_vs_nq_schedule(): Scheduling...\n"); 63 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
61 64
62 /* 65 /*
63 * We calculate the load of each dest server as follows: 66 * We calculate the load of each dest server as follows:
diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c
index a01520e3d6b8..3e7671674549 100644
--- a/net/netfilter/ipvs/ip_vs_proto.c
+++ b/net/netfilter/ipvs/ip_vs_proto.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/module.h> 19#include <linux/module.h>
17#include <linux/kernel.h> 20#include <linux/kernel.h>
18#include <linux/skbuff.h> 21#include <linux/skbuff.h>
@@ -124,7 +127,8 @@ ip_vs_create_timeout_table(int *table, int size)
124 * Set timeout value for state specified by name 127 * Set timeout value for state specified by name
125 */ 128 */
126int 129int
127ip_vs_set_state_timeout(int *table, int num, char **names, char *name, int to) 130ip_vs_set_state_timeout(int *table, int num, const char *const *names,
131 const char *name, int to)
128{ 132{
129 int i; 133 int i;
130 134
@@ -181,7 +185,7 @@ ip_vs_tcpudp_debug_packet_v4(struct ip_vs_protocol *pp,
181 &ih->daddr, ntohs(pptr[1])); 185 &ih->daddr, ntohs(pptr[1]));
182 } 186 }
183 187
184 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 188 pr_debug("%s: %s\n", msg, buf);
185} 189}
186 190
187#ifdef CONFIG_IP_VS_IPV6 191#ifdef CONFIG_IP_VS_IPV6
@@ -215,7 +219,7 @@ ip_vs_tcpudp_debug_packet_v6(struct ip_vs_protocol *pp,
215 &ih->daddr, ntohs(pptr[1])); 219 &ih->daddr, ntohs(pptr[1]));
216 } 220 }
217 221
218 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 222 pr_debug("%s: %s\n", msg, buf);
219} 223}
220#endif 224#endif
221 225
@@ -259,7 +263,7 @@ int __init ip_vs_protocol_init(void)
259#ifdef CONFIG_IP_VS_PROTO_ESP 263#ifdef CONFIG_IP_VS_PROTO_ESP
260 REGISTER_PROTOCOL(&ip_vs_protocol_esp); 264 REGISTER_PROTOCOL(&ip_vs_protocol_esp);
261#endif 265#endif
262 IP_VS_INFO("Registered protocols (%s)\n", &protocols[2]); 266 pr_info("Registered protocols (%s)\n", &protocols[2]);
263 267
264 return 0; 268 return 0;
265} 269}
diff --git a/net/netfilter/ipvs/ip_vs_proto_ah_esp.c b/net/netfilter/ipvs/ip_vs_proto_ah_esp.c
index 79f56c1e7c19..c30b43c36cd7 100644
--- a/net/netfilter/ipvs/ip_vs_proto_ah_esp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_ah_esp.c
@@ -10,6 +10,9 @@
10 * 10 *
11 */ 11 */
12 12
13#define KMSG_COMPONENT "IPVS"
14#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
15
13#include <linux/in.h> 16#include <linux/in.h>
14#include <linux/ip.h> 17#include <linux/ip.h>
15#include <linux/module.h> 18#include <linux/module.h>
@@ -138,7 +141,7 @@ ah_esp_debug_packet_v4(struct ip_vs_protocol *pp, const struct sk_buff *skb,
138 sprintf(buf, "%s %pI4->%pI4", 141 sprintf(buf, "%s %pI4->%pI4",
139 pp->name, &ih->saddr, &ih->daddr); 142 pp->name, &ih->saddr, &ih->daddr);
140 143
141 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 144 pr_debug("%s: %s\n", msg, buf);
142} 145}
143 146
144#ifdef CONFIG_IP_VS_IPV6 147#ifdef CONFIG_IP_VS_IPV6
@@ -156,7 +159,7 @@ ah_esp_debug_packet_v6(struct ip_vs_protocol *pp, const struct sk_buff *skb,
156 sprintf(buf, "%s %pI6->%pI6", 159 sprintf(buf, "%s %pI6->%pI6",
157 pp->name, &ih->saddr, &ih->daddr); 160 pp->name, &ih->saddr, &ih->daddr);
158 161
159 printk(KERN_DEBUG "IPVS: %s: %s\n", msg, buf); 162 pr_debug("%s: %s\n", msg, buf);
160} 163}
161#endif 164#endif
162 165
diff --git a/net/netfilter/ipvs/ip_vs_proto_tcp.c b/net/netfilter/ipvs/ip_vs_proto_tcp.c
index 8cba41802850..91d28e073742 100644
--- a/net/netfilter/ipvs/ip_vs_proto_tcp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_tcp.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/kernel.h> 19#include <linux/kernel.h>
17#include <linux/ip.h> 20#include <linux/ip.h>
18#include <linux/tcp.h> /* for tcphdr */ 21#include <linux/tcp.h> /* for tcphdr */
@@ -374,7 +377,7 @@ static int tcp_timeouts[IP_VS_TCP_S_LAST+1] = {
374 [IP_VS_TCP_S_LAST] = 2*HZ, 377 [IP_VS_TCP_S_LAST] = 2*HZ,
375}; 378};
376 379
377static char * tcp_state_name_table[IP_VS_TCP_S_LAST+1] = { 380static const char *const tcp_state_name_table[IP_VS_TCP_S_LAST+1] = {
378 [IP_VS_TCP_S_NONE] = "NONE", 381 [IP_VS_TCP_S_NONE] = "NONE",
379 [IP_VS_TCP_S_ESTABLISHED] = "ESTABLISHED", 382 [IP_VS_TCP_S_ESTABLISHED] = "ESTABLISHED",
380 [IP_VS_TCP_S_SYN_SENT] = "SYN_SENT", 383 [IP_VS_TCP_S_SYN_SENT] = "SYN_SENT",
@@ -661,7 +664,7 @@ tcp_app_conn_bind(struct ip_vs_conn *cp)
661 break; 664 break;
662 spin_unlock(&tcp_app_lock); 665 spin_unlock(&tcp_app_lock);
663 666
664 IP_VS_DBG_BUF(9, "%s: Binding conn %s:%u->" 667 IP_VS_DBG_BUF(9, "%s(): Binding conn %s:%u->"
665 "%s:%u to app %s on port %u\n", 668 "%s:%u to app %s on port %u\n",
666 __func__, 669 __func__,
667 IP_VS_DBG_ADDR(cp->af, &cp->caddr), 670 IP_VS_DBG_ADDR(cp->af, &cp->caddr),
diff --git a/net/netfilter/ipvs/ip_vs_proto_udp.c b/net/netfilter/ipvs/ip_vs_proto_udp.c
index d2930a71084b..e7a6885e0167 100644
--- a/net/netfilter/ipvs/ip_vs_proto_udp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_udp.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/in.h> 19#include <linux/in.h>
17#include <linux/ip.h> 20#include <linux/ip.h>
18#include <linux/kernel.h> 21#include <linux/kernel.h>
@@ -442,7 +445,7 @@ static int udp_app_conn_bind(struct ip_vs_conn *cp)
442 break; 445 break;
443 spin_unlock(&udp_app_lock); 446 spin_unlock(&udp_app_lock);
444 447
445 IP_VS_DBG_BUF(9, "%s: Binding conn %s:%u->" 448 IP_VS_DBG_BUF(9, "%s(): Binding conn %s:%u->"
446 "%s:%u to app %s on port %u\n", 449 "%s:%u to app %s on port %u\n",
447 __func__, 450 __func__,
448 IP_VS_DBG_ADDR(cp->af, &cp->caddr), 451 IP_VS_DBG_ADDR(cp->af, &cp->caddr),
@@ -469,7 +472,7 @@ static int udp_timeouts[IP_VS_UDP_S_LAST+1] = {
469 [IP_VS_UDP_S_LAST] = 2*HZ, 472 [IP_VS_UDP_S_LAST] = 2*HZ,
470}; 473};
471 474
472static char * udp_state_name_table[IP_VS_UDP_S_LAST+1] = { 475static const char *const udp_state_name_table[IP_VS_UDP_S_LAST+1] = {
473 [IP_VS_UDP_S_NORMAL] = "UDP", 476 [IP_VS_UDP_S_NORMAL] = "UDP",
474 [IP_VS_UDP_S_LAST] = "BUG!", 477 [IP_VS_UDP_S_LAST] = "BUG!",
475}; 478};
diff --git a/net/netfilter/ipvs/ip_vs_rr.c b/net/netfilter/ipvs/ip_vs_rr.c
index 2d16ab7f8c1e..e210f37d8ea2 100644
--- a/net/netfilter/ipvs/ip_vs_rr.c
+++ b/net/netfilter/ipvs/ip_vs_rr.c
@@ -19,6 +19,9 @@
19 * 19 *
20 */ 20 */
21 21
22#define KMSG_COMPONENT "IPVS"
23#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
24
22#include <linux/module.h> 25#include <linux/module.h>
23#include <linux/kernel.h> 26#include <linux/kernel.h>
24 27
@@ -48,7 +51,7 @@ ip_vs_rr_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
48 struct list_head *p, *q; 51 struct list_head *p, *q;
49 struct ip_vs_dest *dest; 52 struct ip_vs_dest *dest;
50 53
51 IP_VS_DBG(6, "ip_vs_rr_schedule(): Scheduling...\n"); 54 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
52 55
53 write_lock(&svc->sched_lock); 56 write_lock(&svc->sched_lock);
54 p = (struct list_head *)svc->sched_data; 57 p = (struct list_head *)svc->sched_data;
diff --git a/net/netfilter/ipvs/ip_vs_sched.c b/net/netfilter/ipvs/ip_vs_sched.c
index a46ad9e35016..bbc1ac795952 100644
--- a/net/netfilter/ipvs/ip_vs_sched.c
+++ b/net/netfilter/ipvs/ip_vs_sched.c
@@ -17,6 +17,9 @@
17 * 17 *
18 */ 18 */
19 19
20#define KMSG_COMPONENT "IPVS"
21#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
22
20#include <linux/module.h> 23#include <linux/module.h>
21#include <linux/spinlock.h> 24#include <linux/spinlock.h>
22#include <linux/interrupt.h> 25#include <linux/interrupt.h>
@@ -44,11 +47,11 @@ int ip_vs_bind_scheduler(struct ip_vs_service *svc,
44 int ret; 47 int ret;
45 48
46 if (svc == NULL) { 49 if (svc == NULL) {
47 IP_VS_ERR("ip_vs_bind_scheduler(): svc arg NULL\n"); 50 pr_err("%s(): svc arg NULL\n", __func__);
48 return -EINVAL; 51 return -EINVAL;
49 } 52 }
50 if (scheduler == NULL) { 53 if (scheduler == NULL) {
51 IP_VS_ERR("ip_vs_bind_scheduler(): scheduler arg NULL\n"); 54 pr_err("%s(): scheduler arg NULL\n", __func__);
52 return -EINVAL; 55 return -EINVAL;
53 } 56 }
54 57
@@ -57,7 +60,7 @@ int ip_vs_bind_scheduler(struct ip_vs_service *svc,
57 if (scheduler->init_service) { 60 if (scheduler->init_service) {
58 ret = scheduler->init_service(svc); 61 ret = scheduler->init_service(svc);
59 if (ret) { 62 if (ret) {
60 IP_VS_ERR("ip_vs_bind_scheduler(): init error\n"); 63 pr_err("%s(): init error\n", __func__);
61 return ret; 64 return ret;
62 } 65 }
63 } 66 }
@@ -74,19 +77,19 @@ int ip_vs_unbind_scheduler(struct ip_vs_service *svc)
74 struct ip_vs_scheduler *sched; 77 struct ip_vs_scheduler *sched;
75 78
76 if (svc == NULL) { 79 if (svc == NULL) {
77 IP_VS_ERR("ip_vs_unbind_scheduler(): svc arg NULL\n"); 80 pr_err("%s(): svc arg NULL\n", __func__);
78 return -EINVAL; 81 return -EINVAL;
79 } 82 }
80 83
81 sched = svc->scheduler; 84 sched = svc->scheduler;
82 if (sched == NULL) { 85 if (sched == NULL) {
83 IP_VS_ERR("ip_vs_unbind_scheduler(): svc isn't bound\n"); 86 pr_err("%s(): svc isn't bound\n", __func__);
84 return -EINVAL; 87 return -EINVAL;
85 } 88 }
86 89
87 if (sched->done_service) { 90 if (sched->done_service) {
88 if (sched->done_service(svc) != 0) { 91 if (sched->done_service(svc) != 0) {
89 IP_VS_ERR("ip_vs_unbind_scheduler(): done error\n"); 92 pr_err("%s(): done error\n", __func__);
90 return -EINVAL; 93 return -EINVAL;
91 } 94 }
92 } 95 }
@@ -103,8 +106,7 @@ static struct ip_vs_scheduler *ip_vs_sched_getbyname(const char *sched_name)
103{ 106{
104 struct ip_vs_scheduler *sched; 107 struct ip_vs_scheduler *sched;
105 108
106 IP_VS_DBG(2, "ip_vs_sched_getbyname(): sched_name \"%s\"\n", 109 IP_VS_DBG(2, "%s(): sched_name \"%s\"\n", __func__, sched_name);
107 sched_name);
108 110
109 read_lock_bh(&__ip_vs_sched_lock); 111 read_lock_bh(&__ip_vs_sched_lock);
110 112
@@ -170,12 +172,12 @@ int register_ip_vs_scheduler(struct ip_vs_scheduler *scheduler)
170 struct ip_vs_scheduler *sched; 172 struct ip_vs_scheduler *sched;
171 173
172 if (!scheduler) { 174 if (!scheduler) {
173 IP_VS_ERR("register_ip_vs_scheduler(): NULL arg\n"); 175 pr_err("%s(): NULL arg\n", __func__);
174 return -EINVAL; 176 return -EINVAL;
175 } 177 }
176 178
177 if (!scheduler->name) { 179 if (!scheduler->name) {
178 IP_VS_ERR("register_ip_vs_scheduler(): NULL scheduler_name\n"); 180 pr_err("%s(): NULL scheduler_name\n", __func__);
179 return -EINVAL; 181 return -EINVAL;
180 } 182 }
181 183
@@ -187,8 +189,8 @@ int register_ip_vs_scheduler(struct ip_vs_scheduler *scheduler)
187 if (!list_empty(&scheduler->n_list)) { 189 if (!list_empty(&scheduler->n_list)) {
188 write_unlock_bh(&__ip_vs_sched_lock); 190 write_unlock_bh(&__ip_vs_sched_lock);
189 ip_vs_use_count_dec(); 191 ip_vs_use_count_dec();
190 IP_VS_ERR("register_ip_vs_scheduler(): [%s] scheduler " 192 pr_err("%s(): [%s] scheduler already linked\n",
191 "already linked\n", scheduler->name); 193 __func__, scheduler->name);
192 return -EINVAL; 194 return -EINVAL;
193 } 195 }
194 196
@@ -200,9 +202,8 @@ int register_ip_vs_scheduler(struct ip_vs_scheduler *scheduler)
200 if (strcmp(scheduler->name, sched->name) == 0) { 202 if (strcmp(scheduler->name, sched->name) == 0) {
201 write_unlock_bh(&__ip_vs_sched_lock); 203 write_unlock_bh(&__ip_vs_sched_lock);
202 ip_vs_use_count_dec(); 204 ip_vs_use_count_dec();
203 IP_VS_ERR("register_ip_vs_scheduler(): [%s] scheduler " 205 pr_err("%s(): [%s] scheduler already existed "
204 "already existed in the system\n", 206 "in the system\n", __func__, scheduler->name);
205 scheduler->name);
206 return -EINVAL; 207 return -EINVAL;
207 } 208 }
208 } 209 }
@@ -212,7 +213,7 @@ int register_ip_vs_scheduler(struct ip_vs_scheduler *scheduler)
212 list_add(&scheduler->n_list, &ip_vs_schedulers); 213 list_add(&scheduler->n_list, &ip_vs_schedulers);
213 write_unlock_bh(&__ip_vs_sched_lock); 214 write_unlock_bh(&__ip_vs_sched_lock);
214 215
215 IP_VS_INFO("[%s] scheduler registered.\n", scheduler->name); 216 pr_info("[%s] scheduler registered.\n", scheduler->name);
216 217
217 return 0; 218 return 0;
218} 219}
@@ -224,15 +225,15 @@ int register_ip_vs_scheduler(struct ip_vs_scheduler *scheduler)
224int unregister_ip_vs_scheduler(struct ip_vs_scheduler *scheduler) 225int unregister_ip_vs_scheduler(struct ip_vs_scheduler *scheduler)
225{ 226{
226 if (!scheduler) { 227 if (!scheduler) {
227 IP_VS_ERR( "unregister_ip_vs_scheduler(): NULL arg\n"); 228 pr_err("%s(): NULL arg\n", __func__);
228 return -EINVAL; 229 return -EINVAL;
229 } 230 }
230 231
231 write_lock_bh(&__ip_vs_sched_lock); 232 write_lock_bh(&__ip_vs_sched_lock);
232 if (list_empty(&scheduler->n_list)) { 233 if (list_empty(&scheduler->n_list)) {
233 write_unlock_bh(&__ip_vs_sched_lock); 234 write_unlock_bh(&__ip_vs_sched_lock);
234 IP_VS_ERR("unregister_ip_vs_scheduler(): [%s] scheduler " 235 pr_err("%s(): [%s] scheduler is not in the list. failed\n",
235 "is not in the list. failed\n", scheduler->name); 236 __func__, scheduler->name);
236 return -EINVAL; 237 return -EINVAL;
237 } 238 }
238 239
@@ -245,7 +246,7 @@ int unregister_ip_vs_scheduler(struct ip_vs_scheduler *scheduler)
245 /* decrease the module use count */ 246 /* decrease the module use count */
246 ip_vs_use_count_dec(); 247 ip_vs_use_count_dec();
247 248
248 IP_VS_INFO("[%s] scheduler unregistered.\n", scheduler->name); 249 pr_info("[%s] scheduler unregistered.\n", scheduler->name);
249 250
250 return 0; 251 return 0;
251} 252}
diff --git a/net/netfilter/ipvs/ip_vs_sed.c b/net/netfilter/ipvs/ip_vs_sed.c
index 20e4657d2f3b..1ab75a9dc400 100644
--- a/net/netfilter/ipvs/ip_vs_sed.c
+++ b/net/netfilter/ipvs/ip_vs_sed.c
@@ -35,6 +35,9 @@
35 * 35 *
36 */ 36 */
37 37
38#define KMSG_COMPONENT "IPVS"
39#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
40
38#include <linux/module.h> 41#include <linux/module.h>
39#include <linux/kernel.h> 42#include <linux/kernel.h>
40 43
@@ -61,7 +64,7 @@ ip_vs_sed_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
61 struct ip_vs_dest *dest, *least; 64 struct ip_vs_dest *dest, *least;
62 unsigned int loh, doh; 65 unsigned int loh, doh;
63 66
64 IP_VS_DBG(6, "ip_vs_sed_schedule(): Scheduling...\n"); 67 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
65 68
66 /* 69 /*
67 * We calculate the load of each dest server as follows: 70 * We calculate the load of each dest server as follows:
diff --git a/net/netfilter/ipvs/ip_vs_sh.c b/net/netfilter/ipvs/ip_vs_sh.c
index 75709ebeb630..8e6cfd36e6f0 100644
--- a/net/netfilter/ipvs/ip_vs_sh.c
+++ b/net/netfilter/ipvs/ip_vs_sh.c
@@ -32,6 +32,9 @@
32 * 32 *
33 */ 33 */
34 34
35#define KMSG_COMPONENT "IPVS"
36#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
37
35#include <linux/ip.h> 38#include <linux/ip.h>
36#include <linux/module.h> 39#include <linux/module.h>
37#include <linux/kernel.h> 40#include <linux/kernel.h>
@@ -144,7 +147,7 @@ static int ip_vs_sh_init_svc(struct ip_vs_service *svc)
144 tbl = kmalloc(sizeof(struct ip_vs_sh_bucket)*IP_VS_SH_TAB_SIZE, 147 tbl = kmalloc(sizeof(struct ip_vs_sh_bucket)*IP_VS_SH_TAB_SIZE,
145 GFP_ATOMIC); 148 GFP_ATOMIC);
146 if (tbl == NULL) { 149 if (tbl == NULL) {
147 IP_VS_ERR("ip_vs_sh_init_svc(): no memory\n"); 150 pr_err("%s(): no memory\n", __func__);
148 return -ENOMEM; 151 return -ENOMEM;
149 } 152 }
150 svc->sched_data = tbl; 153 svc->sched_data = tbl;
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index 5c48378a852f..e177f0dc2084 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -17,6 +17,9 @@
17 * Justin Ossevoort : Fix endian problem on sync message size. 17 * Justin Ossevoort : Fix endian problem on sync message size.
18 */ 18 */
19 19
20#define KMSG_COMPONENT "IPVS"
21#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
22
20#include <linux/module.h> 23#include <linux/module.h>
21#include <linux/slab.h> 24#include <linux/slab.h>
22#include <linux/inetdevice.h> 25#include <linux/inetdevice.h>
@@ -243,7 +246,7 @@ void ip_vs_sync_conn(struct ip_vs_conn *cp)
243 if (!curr_sb) { 246 if (!curr_sb) {
244 if (!(curr_sb=ip_vs_sync_buff_create())) { 247 if (!(curr_sb=ip_vs_sync_buff_create())) {
245 spin_unlock(&curr_sb_lock); 248 spin_unlock(&curr_sb_lock);
246 IP_VS_ERR("ip_vs_sync_buff_create failed.\n"); 249 pr_err("ip_vs_sync_buff_create failed.\n");
247 return; 250 return;
248 } 251 }
249 } 252 }
@@ -409,7 +412,7 @@ static void ip_vs_process_message(const char *buffer, const size_t buflen)
409 if (dest) 412 if (dest)
410 atomic_dec(&dest->refcnt); 413 atomic_dec(&dest->refcnt);
411 if (!cp) { 414 if (!cp) {
412 IP_VS_ERR("ip_vs_conn_new failed\n"); 415 pr_err("ip_vs_conn_new failed\n");
413 return; 416 return;
414 } 417 }
415 } else if (!cp->dest) { 418 } else if (!cp->dest) {
@@ -577,8 +580,8 @@ static int bind_mcastif_addr(struct socket *sock, char *ifname)
577 580
578 addr = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE); 581 addr = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
579 if (!addr) 582 if (!addr)
580 IP_VS_ERR("You probably need to specify IP address on " 583 pr_err("You probably need to specify IP address on "
581 "multicast interface.\n"); 584 "multicast interface.\n");
582 585
583 IP_VS_DBG(7, "binding socket with (%s) %pI4\n", 586 IP_VS_DBG(7, "binding socket with (%s) %pI4\n",
584 ifname, &addr); 587 ifname, &addr);
@@ -602,13 +605,13 @@ static struct socket * make_send_sock(void)
602 /* First create a socket */ 605 /* First create a socket */
603 result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock); 606 result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock);
604 if (result < 0) { 607 if (result < 0) {
605 IP_VS_ERR("Error during creation of socket; terminating\n"); 608 pr_err("Error during creation of socket; terminating\n");
606 return ERR_PTR(result); 609 return ERR_PTR(result);
607 } 610 }
608 611
609 result = set_mcast_if(sock->sk, ip_vs_master_mcast_ifn); 612 result = set_mcast_if(sock->sk, ip_vs_master_mcast_ifn);
610 if (result < 0) { 613 if (result < 0) {
611 IP_VS_ERR("Error setting outbound mcast interface\n"); 614 pr_err("Error setting outbound mcast interface\n");
612 goto error; 615 goto error;
613 } 616 }
614 617
@@ -617,14 +620,14 @@ static struct socket * make_send_sock(void)
617 620
618 result = bind_mcastif_addr(sock, ip_vs_master_mcast_ifn); 621 result = bind_mcastif_addr(sock, ip_vs_master_mcast_ifn);
619 if (result < 0) { 622 if (result < 0) {
620 IP_VS_ERR("Error binding address of the mcast interface\n"); 623 pr_err("Error binding address of the mcast interface\n");
621 goto error; 624 goto error;
622 } 625 }
623 626
624 result = sock->ops->connect(sock, (struct sockaddr *) &mcast_addr, 627 result = sock->ops->connect(sock, (struct sockaddr *) &mcast_addr,
625 sizeof(struct sockaddr), 0); 628 sizeof(struct sockaddr), 0);
626 if (result < 0) { 629 if (result < 0) {
627 IP_VS_ERR("Error connecting to the multicast addr\n"); 630 pr_err("Error connecting to the multicast addr\n");
628 goto error; 631 goto error;
629 } 632 }
630 633
@@ -647,7 +650,7 @@ static struct socket * make_receive_sock(void)
647 /* First create a socket */ 650 /* First create a socket */
648 result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock); 651 result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock);
649 if (result < 0) { 652 if (result < 0) {
650 IP_VS_ERR("Error during creation of socket; terminating\n"); 653 pr_err("Error during creation of socket; terminating\n");
651 return ERR_PTR(result); 654 return ERR_PTR(result);
652 } 655 }
653 656
@@ -657,7 +660,7 @@ static struct socket * make_receive_sock(void)
657 result = sock->ops->bind(sock, (struct sockaddr *) &mcast_addr, 660 result = sock->ops->bind(sock, (struct sockaddr *) &mcast_addr,
658 sizeof(struct sockaddr)); 661 sizeof(struct sockaddr));
659 if (result < 0) { 662 if (result < 0) {
660 IP_VS_ERR("Error binding to the multicast addr\n"); 663 pr_err("Error binding to the multicast addr\n");
661 goto error; 664 goto error;
662 } 665 }
663 666
@@ -666,7 +669,7 @@ static struct socket * make_receive_sock(void)
666 (struct in_addr *) &mcast_addr.sin_addr, 669 (struct in_addr *) &mcast_addr.sin_addr,
667 ip_vs_backup_mcast_ifn); 670 ip_vs_backup_mcast_ifn);
668 if (result < 0) { 671 if (result < 0) {
669 IP_VS_ERR("Error joining to the multicast group\n"); 672 pr_err("Error joining to the multicast group\n");
670 goto error; 673 goto error;
671 } 674 }
672 675
@@ -706,7 +709,7 @@ ip_vs_send_sync_msg(struct socket *sock, struct ip_vs_sync_mesg *msg)
706 msg->size = htons(msg->size); 709 msg->size = htons(msg->size);
707 710
708 if (ip_vs_send_async(sock, (char *)msg, msize) != msize) 711 if (ip_vs_send_async(sock, (char *)msg, msize) != msize)
709 IP_VS_ERR("ip_vs_send_async error\n"); 712 pr_err("ip_vs_send_async error\n");
710} 713}
711 714
712static int 715static int
@@ -737,9 +740,9 @@ static int sync_thread_master(void *data)
737 struct ip_vs_sync_thread_data *tinfo = data; 740 struct ip_vs_sync_thread_data *tinfo = data;
738 struct ip_vs_sync_buff *sb; 741 struct ip_vs_sync_buff *sb;
739 742
740 IP_VS_INFO("sync thread started: state = MASTER, mcast_ifn = %s, " 743 pr_info("sync thread started: state = MASTER, mcast_ifn = %s, "
741 "syncid = %d\n", 744 "syncid = %d\n",
742 ip_vs_master_mcast_ifn, ip_vs_master_syncid); 745 ip_vs_master_mcast_ifn, ip_vs_master_syncid);
743 746
744 while (!kthread_should_stop()) { 747 while (!kthread_should_stop()) {
745 while ((sb = sb_dequeue())) { 748 while ((sb = sb_dequeue())) {
@@ -780,9 +783,9 @@ static int sync_thread_backup(void *data)
780 struct ip_vs_sync_thread_data *tinfo = data; 783 struct ip_vs_sync_thread_data *tinfo = data;
781 int len; 784 int len;
782 785
783 IP_VS_INFO("sync thread started: state = BACKUP, mcast_ifn = %s, " 786 pr_info("sync thread started: state = BACKUP, mcast_ifn = %s, "
784 "syncid = %d\n", 787 "syncid = %d\n",
785 ip_vs_backup_mcast_ifn, ip_vs_backup_syncid); 788 ip_vs_backup_mcast_ifn, ip_vs_backup_syncid);
786 789
787 while (!kthread_should_stop()) { 790 while (!kthread_should_stop()) {
788 wait_event_interruptible(*tinfo->sock->sk->sk_sleep, 791 wait_event_interruptible(*tinfo->sock->sk->sk_sleep,
@@ -794,7 +797,7 @@ static int sync_thread_backup(void *data)
794 len = ip_vs_receive(tinfo->sock, tinfo->buf, 797 len = ip_vs_receive(tinfo->sock, tinfo->buf,
795 sync_recv_mesg_maxlen); 798 sync_recv_mesg_maxlen);
796 if (len <= 0) { 799 if (len <= 0) {
797 IP_VS_ERR("receiving message error\n"); 800 pr_err("receiving message error\n");
798 break; 801 break;
799 } 802 }
800 803
@@ -824,7 +827,7 @@ int start_sync_thread(int state, char *mcast_ifn, __u8 syncid)
824 int (*threadfn)(void *data); 827 int (*threadfn)(void *data);
825 int result = -ENOMEM; 828 int result = -ENOMEM;
826 829
827 IP_VS_DBG(7, "%s: pid %d\n", __func__, task_pid_nr(current)); 830 IP_VS_DBG(7, "%s(): pid %d\n", __func__, task_pid_nr(current));
828 IP_VS_DBG(7, "Each ip_vs_sync_conn entry needs %Zd bytes\n", 831 IP_VS_DBG(7, "Each ip_vs_sync_conn entry needs %Zd bytes\n",
829 sizeof(struct ip_vs_sync_conn)); 832 sizeof(struct ip_vs_sync_conn));
830 833
@@ -901,14 +904,14 @@ out:
901 904
902int stop_sync_thread(int state) 905int stop_sync_thread(int state)
903{ 906{
904 IP_VS_DBG(7, "%s: pid %d\n", __func__, task_pid_nr(current)); 907 IP_VS_DBG(7, "%s(): pid %d\n", __func__, task_pid_nr(current));
905 908
906 if (state == IP_VS_STATE_MASTER) { 909 if (state == IP_VS_STATE_MASTER) {
907 if (!sync_master_thread) 910 if (!sync_master_thread)
908 return -ESRCH; 911 return -ESRCH;
909 912
910 IP_VS_INFO("stopping master sync thread %d ...\n", 913 pr_info("stopping master sync thread %d ...\n",
911 task_pid_nr(sync_master_thread)); 914 task_pid_nr(sync_master_thread));
912 915
913 /* 916 /*
914 * The lock synchronizes with sb_queue_tail(), so that we don't 917 * The lock synchronizes with sb_queue_tail(), so that we don't
@@ -925,8 +928,8 @@ int stop_sync_thread(int state)
925 if (!sync_backup_thread) 928 if (!sync_backup_thread)
926 return -ESRCH; 929 return -ESRCH;
927 930
928 IP_VS_INFO("stopping backup sync thread %d ...\n", 931 pr_info("stopping backup sync thread %d ...\n",
929 task_pid_nr(sync_backup_thread)); 932 task_pid_nr(sync_backup_thread));
930 933
931 ip_vs_sync_state &= ~IP_VS_STATE_BACKUP; 934 ip_vs_sync_state &= ~IP_VS_STATE_BACKUP;
932 kthread_stop(sync_backup_thread); 935 kthread_stop(sync_backup_thread);
diff --git a/net/netfilter/ipvs/ip_vs_wlc.c b/net/netfilter/ipvs/ip_vs_wlc.c
index 8e942565b47d..bbddfdb10db2 100644
--- a/net/netfilter/ipvs/ip_vs_wlc.c
+++ b/net/netfilter/ipvs/ip_vs_wlc.c
@@ -19,6 +19,9 @@
19 * 19 *
20 */ 20 */
21 21
22#define KMSG_COMPONENT "IPVS"
23#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
24
22#include <linux/module.h> 25#include <linux/module.h>
23#include <linux/kernel.h> 26#include <linux/kernel.h>
24 27
diff --git a/net/netfilter/ipvs/ip_vs_wrr.c b/net/netfilter/ipvs/ip_vs_wrr.c
index f7d74ef1ecf9..70ff82cda57d 100644
--- a/net/netfilter/ipvs/ip_vs_wrr.c
+++ b/net/netfilter/ipvs/ip_vs_wrr.c
@@ -18,6 +18,9 @@
18 * 18 *
19 */ 19 */
20 20
21#define KMSG_COMPONENT "IPVS"
22#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/kernel.h> 25#include <linux/kernel.h>
23#include <linux/net.h> 26#include <linux/net.h>
@@ -94,7 +97,7 @@ static int ip_vs_wrr_init_svc(struct ip_vs_service *svc)
94 */ 97 */
95 mark = kmalloc(sizeof(struct ip_vs_wrr_mark), GFP_ATOMIC); 98 mark = kmalloc(sizeof(struct ip_vs_wrr_mark), GFP_ATOMIC);
96 if (mark == NULL) { 99 if (mark == NULL) {
97 IP_VS_ERR("ip_vs_wrr_init_svc(): no memory\n"); 100 pr_err("%s(): no memory\n", __func__);
98 return -ENOMEM; 101 return -ENOMEM;
99 } 102 }
100 mark->cl = &svc->destinations; 103 mark->cl = &svc->destinations;
@@ -141,7 +144,7 @@ ip_vs_wrr_schedule(struct ip_vs_service *svc, const struct sk_buff *skb)
141 struct ip_vs_wrr_mark *mark = svc->sched_data; 144 struct ip_vs_wrr_mark *mark = svc->sched_data;
142 struct list_head *p; 145 struct list_head *p;
143 146
144 IP_VS_DBG(6, "ip_vs_wrr_schedule(): Scheduling...\n"); 147 IP_VS_DBG(6, "%s(): Scheduling...\n", __func__);
145 148
146 /* 149 /*
147 * This loop will always terminate, because mark->cw in (0, max_weight] 150 * This loop will always terminate, because mark->cw in (0, max_weight]
diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c
index 5874657af7f2..30b3189bd29c 100644
--- a/net/netfilter/ipvs/ip_vs_xmit.c
+++ b/net/netfilter/ipvs/ip_vs_xmit.c
@@ -13,6 +13,9 @@
13 * 13 *
14 */ 14 */
15 15
16#define KMSG_COMPONENT "IPVS"
17#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
18
16#include <linux/kernel.h> 19#include <linux/kernel.h>
17#include <linux/tcp.h> /* for tcphdr */ 20#include <linux/tcp.h> /* for tcphdr */
18#include <net/ip.h> 21#include <net/ip.h>
@@ -235,8 +238,8 @@ ip_vs_bypass_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
235 EnterFunction(10); 238 EnterFunction(10);
236 239
237 if (ip_route_output_key(&init_net, &rt, &fl)) { 240 if (ip_route_output_key(&init_net, &rt, &fl)) {
238 IP_VS_DBG_RL("ip_vs_bypass_xmit(): ip_route_output error, dest: %pI4\n", 241 IP_VS_DBG_RL("%s(): ip_route_output error, dest: %pI4\n",
239 &iph->daddr); 242 __func__, &iph->daddr);
240 goto tx_error_icmp; 243 goto tx_error_icmp;
241 } 244 }
242 245
@@ -245,7 +248,7 @@ ip_vs_bypass_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
245 if ((skb->len > mtu) && (iph->frag_off & htons(IP_DF))) { 248 if ((skb->len > mtu) && (iph->frag_off & htons(IP_DF))) {
246 ip_rt_put(rt); 249 ip_rt_put(rt);
247 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu)); 250 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
248 IP_VS_DBG_RL("ip_vs_bypass_xmit(): frag needed\n"); 251 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
249 goto tx_error; 252 goto tx_error;
250 } 253 }
251 254
@@ -299,8 +302,8 @@ ip_vs_bypass_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
299 302
300 rt = (struct rt6_info *)ip6_route_output(&init_net, NULL, &fl); 303 rt = (struct rt6_info *)ip6_route_output(&init_net, NULL, &fl);
301 if (!rt) { 304 if (!rt) {
302 IP_VS_DBG_RL("ip_vs_bypass_xmit_v6(): ip6_route_output error, dest: %pI6\n", 305 IP_VS_DBG_RL("%s(): ip6_route_output error, dest: %pI6\n",
303 &iph->daddr); 306 __func__, &iph->daddr);
304 goto tx_error_icmp; 307 goto tx_error_icmp;
305 } 308 }
306 309
@@ -309,7 +312,7 @@ ip_vs_bypass_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
309 if (skb->len > mtu) { 312 if (skb->len > mtu) {
310 dst_release(&rt->u.dst); 313 dst_release(&rt->u.dst);
311 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 314 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev);
312 IP_VS_DBG_RL("ip_vs_bypass_xmit_v6(): frag needed\n"); 315 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
313 goto tx_error; 316 goto tx_error;
314 } 317 }
315 318
@@ -536,9 +539,9 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
536 EnterFunction(10); 539 EnterFunction(10);
537 540
538 if (skb->protocol != htons(ETH_P_IP)) { 541 if (skb->protocol != htons(ETH_P_IP)) {
539 IP_VS_DBG_RL("ip_vs_tunnel_xmit(): protocol error, " 542 IP_VS_DBG_RL("%s(): protocol error, "
540 "ETH_P_IP: %d, skb protocol: %d\n", 543 "ETH_P_IP: %d, skb protocol: %d\n",
541 htons(ETH_P_IP), skb->protocol); 544 __func__, htons(ETH_P_IP), skb->protocol);
542 goto tx_error; 545 goto tx_error;
543 } 546 }
544 547
@@ -550,7 +553,7 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
550 mtu = dst_mtu(&rt->u.dst) - sizeof(struct iphdr); 553 mtu = dst_mtu(&rt->u.dst) - sizeof(struct iphdr);
551 if (mtu < 68) { 554 if (mtu < 68) {
552 ip_rt_put(rt); 555 ip_rt_put(rt);
553 IP_VS_DBG_RL("ip_vs_tunnel_xmit(): mtu less than 68\n"); 556 IP_VS_DBG_RL("%s(): mtu less than 68\n", __func__);
554 goto tx_error; 557 goto tx_error;
555 } 558 }
556 if (skb_dst(skb)) 559 if (skb_dst(skb))
@@ -562,7 +565,7 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
562 && mtu < ntohs(old_iph->tot_len)) { 565 && mtu < ntohs(old_iph->tot_len)) {
563 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu)); 566 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
564 ip_rt_put(rt); 567 ip_rt_put(rt);
565 IP_VS_DBG_RL("ip_vs_tunnel_xmit(): frag needed\n"); 568 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
566 goto tx_error; 569 goto tx_error;
567 } 570 }
568 571
@@ -578,7 +581,7 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
578 if (!new_skb) { 581 if (!new_skb) {
579 ip_rt_put(rt); 582 ip_rt_put(rt);
580 kfree_skb(skb); 583 kfree_skb(skb);
581 IP_VS_ERR_RL("ip_vs_tunnel_xmit(): no memory\n"); 584 IP_VS_ERR_RL("%s(): no memory\n", __func__);
582 return NF_STOLEN; 585 return NF_STOLEN;
583 } 586 }
584 kfree_skb(skb); 587 kfree_skb(skb);
@@ -646,9 +649,9 @@ ip_vs_tunnel_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
646 EnterFunction(10); 649 EnterFunction(10);
647 650
648 if (skb->protocol != htons(ETH_P_IPV6)) { 651 if (skb->protocol != htons(ETH_P_IPV6)) {
649 IP_VS_DBG_RL("ip_vs_tunnel_xmit_v6(): protocol error, " 652 IP_VS_DBG_RL("%s(): protocol error, "
650 "ETH_P_IPV6: %d, skb protocol: %d\n", 653 "ETH_P_IPV6: %d, skb protocol: %d\n",
651 htons(ETH_P_IPV6), skb->protocol); 654 __func__, htons(ETH_P_IPV6), skb->protocol);
652 goto tx_error; 655 goto tx_error;
653 } 656 }
654 657
@@ -662,7 +665,7 @@ ip_vs_tunnel_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
662 /* TODO IPv6: do we need this check in IPv6? */ 665 /* TODO IPv6: do we need this check in IPv6? */
663 if (mtu < 1280) { 666 if (mtu < 1280) {
664 dst_release(&rt->u.dst); 667 dst_release(&rt->u.dst);
665 IP_VS_DBG_RL("ip_vs_tunnel_xmit_v6(): mtu less than 1280\n"); 668 IP_VS_DBG_RL("%s(): mtu less than 1280\n", __func__);
666 goto tx_error; 669 goto tx_error;
667 } 670 }
668 if (skb_dst(skb)) 671 if (skb_dst(skb))
@@ -671,7 +674,7 @@ ip_vs_tunnel_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
671 if (mtu < ntohs(old_iph->payload_len) + sizeof(struct ipv6hdr)) { 674 if (mtu < ntohs(old_iph->payload_len) + sizeof(struct ipv6hdr)) {
672 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 675 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev);
673 dst_release(&rt->u.dst); 676 dst_release(&rt->u.dst);
674 IP_VS_DBG_RL("ip_vs_tunnel_xmit_v6(): frag needed\n"); 677 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
675 goto tx_error; 678 goto tx_error;
676 } 679 }
677 680
@@ -687,7 +690,7 @@ ip_vs_tunnel_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
687 if (!new_skb) { 690 if (!new_skb) {
688 dst_release(&rt->u.dst); 691 dst_release(&rt->u.dst);
689 kfree_skb(skb); 692 kfree_skb(skb);
690 IP_VS_ERR_RL("ip_vs_tunnel_xmit_v6(): no memory\n"); 693 IP_VS_ERR_RL("%s(): no memory\n", __func__);
691 return NF_STOLEN; 694 return NF_STOLEN;
692 } 695 }
693 kfree_skb(skb); 696 kfree_skb(skb);
@@ -760,7 +763,7 @@ ip_vs_dr_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
760 if ((iph->frag_off & htons(IP_DF)) && skb->len > mtu) { 763 if ((iph->frag_off & htons(IP_DF)) && skb->len > mtu) {
761 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu)); 764 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
762 ip_rt_put(rt); 765 ip_rt_put(rt);
763 IP_VS_DBG_RL("ip_vs_dr_xmit(): frag needed\n"); 766 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
764 goto tx_error; 767 goto tx_error;
765 } 768 }
766 769
@@ -813,7 +816,7 @@ ip_vs_dr_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
813 if (skb->len > mtu) { 816 if (skb->len > mtu) {
814 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 817 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev);
815 dst_release(&rt->u.dst); 818 dst_release(&rt->u.dst);
816 IP_VS_DBG_RL("ip_vs_dr_xmit_v6(): frag needed\n"); 819 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
817 goto tx_error; 820 goto tx_error;
818 } 821 }
819 822
@@ -888,7 +891,7 @@ ip_vs_icmp_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
888 if ((skb->len > mtu) && (ip_hdr(skb)->frag_off & htons(IP_DF))) { 891 if ((skb->len > mtu) && (ip_hdr(skb)->frag_off & htons(IP_DF))) {
889 ip_rt_put(rt); 892 ip_rt_put(rt);
890 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); 893 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
891 IP_VS_DBG_RL("ip_vs_in_icmp(): frag needed\n"); 894 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
892 goto tx_error; 895 goto tx_error;
893 } 896 }
894 897
@@ -963,7 +966,7 @@ ip_vs_icmp_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
963 if (skb->len > mtu) { 966 if (skb->len > mtu) {
964 dst_release(&rt->u.dst); 967 dst_release(&rt->u.dst);
965 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 968 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev);
966 IP_VS_DBG_RL("ip_vs_in_icmp(): frag needed\n"); 969 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
967 goto tx_error; 970 goto tx_error;
968 } 971 }
969 972
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c
index 16e6c4378ff1..6ce00205f342 100644
--- a/net/netlabel/netlabel_kapi.c
+++ b/net/netlabel/netlabel_kapi.c
@@ -185,8 +185,7 @@ int netlbl_cfg_unlbl_map_add(const char *domain,
185 return 0; 185 return 0;
186 186
187cfg_unlbl_map_add_failure: 187cfg_unlbl_map_add_failure:
188 if (entry != NULL) 188 kfree(entry->domain);
189 kfree(entry->domain);
190 kfree(entry); 189 kfree(entry);
191 kfree(addrmap); 190 kfree(addrmap);
192 kfree(map4); 191 kfree(map4);
@@ -385,8 +384,7 @@ int netlbl_cfg_cipsov4_map_add(u32 doi,
385 384
386cfg_cipsov4_map_add_failure: 385cfg_cipsov4_map_add_failure:
387 cipso_v4_doi_putdef(doi_def); 386 cipso_v4_doi_putdef(doi_def);
388 if (entry != NULL) 387 kfree(entry->domain);
389 kfree(entry->domain);
390 kfree(entry); 388 kfree(entry);
391 kfree(addrmap); 389 kfree(addrmap);
392 kfree(addrinfo); 390 kfree(addrinfo);
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 2936fa3b6dc8..da3163d15ef0 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -83,6 +83,11 @@ struct netlink_sock {
83 struct module *module; 83 struct module *module;
84}; 84};
85 85
86struct listeners_rcu_head {
87 struct rcu_head rcu_head;
88 void *ptr;
89};
90
86#define NETLINK_KERNEL_SOCKET 0x1 91#define NETLINK_KERNEL_SOCKET 0x1
87#define NETLINK_RECV_PKTINFO 0x2 92#define NETLINK_RECV_PKTINFO 0x2
88#define NETLINK_BROADCAST_SEND_ERROR 0x4 93#define NETLINK_BROADCAST_SEND_ERROR 0x4
@@ -1356,7 +1361,7 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1356 struct netlink_sock *nlk = nlk_sk(sk); 1361 struct netlink_sock *nlk = nlk_sk(sk);
1357 int noblock = flags&MSG_DONTWAIT; 1362 int noblock = flags&MSG_DONTWAIT;
1358 size_t copied; 1363 size_t copied;
1359 struct sk_buff *skb; 1364 struct sk_buff *skb, *frag __maybe_unused = NULL;
1360 int err; 1365 int err;
1361 1366
1362 if (flags&MSG_OOB) 1367 if (flags&MSG_OOB)
@@ -1368,6 +1373,35 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1368 if (skb == NULL) 1373 if (skb == NULL)
1369 goto out; 1374 goto out;
1370 1375
1376#ifdef CONFIG_COMPAT_NETLINK_MESSAGES
1377 if (unlikely(skb_shinfo(skb)->frag_list)) {
1378 bool need_compat = !!(flags & MSG_CMSG_COMPAT);
1379
1380 /*
1381 * If this skb has a frag_list, then here that means that
1382 * we will have to use the frag_list skb for compat tasks
1383 * and the regular skb for non-compat tasks.
1384 *
1385 * The skb might (and likely will) be cloned, so we can't
1386 * just reset frag_list and go on with things -- we need to
1387 * keep that. For the compat case that's easy -- simply get
1388 * a reference to the compat skb and free the regular one
1389 * including the frag. For the non-compat case, we need to
1390 * avoid sending the frag to the user -- so assign NULL but
1391 * restore it below before freeing the skb.
1392 */
1393 if (need_compat) {
1394 struct sk_buff *compskb = skb_shinfo(skb)->frag_list;
1395 skb_get(compskb);
1396 kfree_skb(skb);
1397 skb = compskb;
1398 } else {
1399 frag = skb_shinfo(skb)->frag_list;
1400 skb_shinfo(skb)->frag_list = NULL;
1401 }
1402 }
1403#endif
1404
1371 msg->msg_namelen = 0; 1405 msg->msg_namelen = 0;
1372 1406
1373 copied = skb->len; 1407 copied = skb->len;
@@ -1398,6 +1432,11 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1398 siocb->scm->creds = *NETLINK_CREDS(skb); 1432 siocb->scm->creds = *NETLINK_CREDS(skb);
1399 if (flags & MSG_TRUNC) 1433 if (flags & MSG_TRUNC)
1400 copied = skb->len; 1434 copied = skb->len;
1435
1436#ifdef CONFIG_COMPAT_NETLINK_MESSAGES
1437 skb_shinfo(skb)->frag_list = frag;
1438#endif
1439
1401 skb_free_datagram(sk, skb); 1440 skb_free_datagram(sk, skb);
1402 1441
1403 if (nlk->cb && atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf / 2) 1442 if (nlk->cb && atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf / 2)
@@ -1453,7 +1492,8 @@ netlink_kernel_create(struct net *net, int unit, unsigned int groups,
1453 if (groups < 32) 1492 if (groups < 32)
1454 groups = 32; 1493 groups = 32;
1455 1494
1456 listeners = kzalloc(NLGRPSZ(groups), GFP_KERNEL); 1495 listeners = kzalloc(NLGRPSZ(groups) + sizeof(struct listeners_rcu_head),
1496 GFP_KERNEL);
1457 if (!listeners) 1497 if (!listeners)
1458 goto out_sock_release; 1498 goto out_sock_release;
1459 1499
@@ -1501,6 +1541,14 @@ netlink_kernel_release(struct sock *sk)
1501EXPORT_SYMBOL(netlink_kernel_release); 1541EXPORT_SYMBOL(netlink_kernel_release);
1502 1542
1503 1543
1544static void netlink_free_old_listeners(struct rcu_head *rcu_head)
1545{
1546 struct listeners_rcu_head *lrh;
1547
1548 lrh = container_of(rcu_head, struct listeners_rcu_head, rcu_head);
1549 kfree(lrh->ptr);
1550}
1551
1504/** 1552/**
1505 * netlink_change_ngroups - change number of multicast groups 1553 * netlink_change_ngroups - change number of multicast groups
1506 * 1554 *
@@ -1516,6 +1564,7 @@ EXPORT_SYMBOL(netlink_kernel_release);
1516int netlink_change_ngroups(struct sock *sk, unsigned int groups) 1564int netlink_change_ngroups(struct sock *sk, unsigned int groups)
1517{ 1565{
1518 unsigned long *listeners, *old = NULL; 1566 unsigned long *listeners, *old = NULL;
1567 struct listeners_rcu_head *old_rcu_head;
1519 struct netlink_table *tbl = &nl_table[sk->sk_protocol]; 1568 struct netlink_table *tbl = &nl_table[sk->sk_protocol];
1520 int err = 0; 1569 int err = 0;
1521 1570
@@ -1524,7 +1573,9 @@ int netlink_change_ngroups(struct sock *sk, unsigned int groups)
1524 1573
1525 netlink_table_grab(); 1574 netlink_table_grab();
1526 if (NLGRPSZ(tbl->groups) < NLGRPSZ(groups)) { 1575 if (NLGRPSZ(tbl->groups) < NLGRPSZ(groups)) {
1527 listeners = kzalloc(NLGRPSZ(groups), GFP_ATOMIC); 1576 listeners = kzalloc(NLGRPSZ(groups) +
1577 sizeof(struct listeners_rcu_head),
1578 GFP_ATOMIC);
1528 if (!listeners) { 1579 if (!listeners) {
1529 err = -ENOMEM; 1580 err = -ENOMEM;
1530 goto out_ungrab; 1581 goto out_ungrab;
@@ -1532,16 +1583,24 @@ int netlink_change_ngroups(struct sock *sk, unsigned int groups)
1532 old = tbl->listeners; 1583 old = tbl->listeners;
1533 memcpy(listeners, old, NLGRPSZ(tbl->groups)); 1584 memcpy(listeners, old, NLGRPSZ(tbl->groups));
1534 rcu_assign_pointer(tbl->listeners, listeners); 1585 rcu_assign_pointer(tbl->listeners, listeners);
1586 /*
1587 * Free the old memory after an RCU grace period so we
1588 * don't leak it. We use call_rcu() here in order to be
1589 * able to call this function from atomic contexts. The
1590 * allocation of this memory will have reserved enough
1591 * space for struct listeners_rcu_head at the end.
1592 */
1593 old_rcu_head = (void *)(tbl->listeners +
1594 NLGRPLONGS(tbl->groups));
1595 old_rcu_head->ptr = old;
1596 call_rcu(&old_rcu_head->rcu_head, netlink_free_old_listeners);
1535 } 1597 }
1536 tbl->groups = groups; 1598 tbl->groups = groups;
1537 1599
1538 out_ungrab: 1600 out_ungrab:
1539 netlink_table_ungrab(); 1601 netlink_table_ungrab();
1540 synchronize_rcu();
1541 kfree(old);
1542 return err; 1602 return err;
1543} 1603}
1544EXPORT_SYMBOL(netlink_change_ngroups);
1545 1604
1546/** 1605/**
1547 * netlink_clear_multicast_users - kick off multicast listeners 1606 * netlink_clear_multicast_users - kick off multicast listeners
@@ -1564,7 +1623,6 @@ void netlink_clear_multicast_users(struct sock *ksk, unsigned int group)
1564 1623
1565 netlink_table_ungrab(); 1624 netlink_table_ungrab();
1566} 1625}
1567EXPORT_SYMBOL(netlink_clear_multicast_users);
1568 1626
1569void netlink_set_nonroot(int protocol, unsigned int flags) 1627void netlink_set_nonroot(int protocol, unsigned int flags)
1570{ 1628{
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index eed4c6a8afc0..575c64341508 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -18,8 +18,6 @@
18#include <net/sock.h> 18#include <net/sock.h>
19#include <net/genetlink.h> 19#include <net/genetlink.h>
20 20
21struct sock *genl_sock = NULL;
22
23static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ 21static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */
24 22
25static inline void genl_lock(void) 23static inline void genl_lock(void)
@@ -175,10 +173,31 @@ int genl_register_mc_group(struct genl_family *family,
175 mc_groups_longs++; 173 mc_groups_longs++;
176 } 174 }
177 175
178 err = netlink_change_ngroups(genl_sock, 176 if (family->netnsok) {
179 mc_groups_longs * BITS_PER_LONG); 177 struct net *net;
180 if (err) 178
181 goto out; 179 rcu_read_lock();
180 for_each_net_rcu(net) {
181 err = netlink_change_ngroups(net->genl_sock,
182 mc_groups_longs * BITS_PER_LONG);
183 if (err) {
184 /*
185 * No need to roll back, can only fail if
186 * memory allocation fails and then the
187 * number of _possible_ groups has been
188 * increased on some sockets which is ok.
189 */
190 rcu_read_unlock();
191 goto out;
192 }
193 }
194 rcu_read_unlock();
195 } else {
196 err = netlink_change_ngroups(init_net.genl_sock,
197 mc_groups_longs * BITS_PER_LONG);
198 if (err)
199 goto out;
200 }
182 201
183 grp->id = id; 202 grp->id = id;
184 set_bit(id, mc_groups); 203 set_bit(id, mc_groups);
@@ -195,8 +214,14 @@ EXPORT_SYMBOL(genl_register_mc_group);
195static void __genl_unregister_mc_group(struct genl_family *family, 214static void __genl_unregister_mc_group(struct genl_family *family,
196 struct genl_multicast_group *grp) 215 struct genl_multicast_group *grp)
197{ 216{
217 struct net *net;
198 BUG_ON(grp->family != family); 218 BUG_ON(grp->family != family);
199 netlink_clear_multicast_users(genl_sock, grp->id); 219
220 rcu_read_lock();
221 for_each_net_rcu(net)
222 netlink_clear_multicast_users(net->genl_sock, grp->id);
223 rcu_read_unlock();
224
200 clear_bit(grp->id, mc_groups); 225 clear_bit(grp->id, mc_groups);
201 list_del(&grp->list); 226 list_del(&grp->list);
202 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp); 227 genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
@@ -467,6 +492,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
467{ 492{
468 struct genl_ops *ops; 493 struct genl_ops *ops;
469 struct genl_family *family; 494 struct genl_family *family;
495 struct net *net = sock_net(skb->sk);
470 struct genl_info info; 496 struct genl_info info;
471 struct genlmsghdr *hdr = nlmsg_data(nlh); 497 struct genlmsghdr *hdr = nlmsg_data(nlh);
472 int hdrlen, err; 498 int hdrlen, err;
@@ -475,6 +501,10 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
475 if (family == NULL) 501 if (family == NULL)
476 return -ENOENT; 502 return -ENOENT;
477 503
504 /* this family doesn't exist in this netns */
505 if (!family->netnsok && !net_eq(net, &init_net))
506 return -ENOENT;
507
478 hdrlen = GENL_HDRLEN + family->hdrsize; 508 hdrlen = GENL_HDRLEN + family->hdrsize;
479 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) 509 if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
480 return -EINVAL; 510 return -EINVAL;
@@ -492,7 +522,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
492 return -EOPNOTSUPP; 522 return -EOPNOTSUPP;
493 523
494 genl_unlock(); 524 genl_unlock();
495 err = netlink_dump_start(genl_sock, skb, nlh, 525 err = netlink_dump_start(net->genl_sock, skb, nlh,
496 ops->dumpit, ops->done); 526 ops->dumpit, ops->done);
497 genl_lock(); 527 genl_lock();
498 return err; 528 return err;
@@ -514,6 +544,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
514 info.genlhdr = nlmsg_data(nlh); 544 info.genlhdr = nlmsg_data(nlh);
515 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN; 545 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN;
516 info.attrs = family->attrbuf; 546 info.attrs = family->attrbuf;
547 genl_info_net_set(&info, net);
517 548
518 return ops->doit(skb, &info); 549 return ops->doit(skb, &info);
519} 550}
@@ -534,6 +565,7 @@ static struct genl_family genl_ctrl = {
534 .name = "nlctrl", 565 .name = "nlctrl",
535 .version = 0x2, 566 .version = 0x2,
536 .maxattr = CTRL_ATTR_MAX, 567 .maxattr = CTRL_ATTR_MAX,
568 .netnsok = true,
537}; 569};
538 570
539static int ctrl_fill_info(struct genl_family *family, u32 pid, u32 seq, 571static int ctrl_fill_info(struct genl_family *family, u32 pid, u32 seq,
@@ -650,6 +682,7 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
650 682
651 int i, n = 0; 683 int i, n = 0;
652 struct genl_family *rt; 684 struct genl_family *rt;
685 struct net *net = sock_net(skb->sk);
653 int chains_to_skip = cb->args[0]; 686 int chains_to_skip = cb->args[0];
654 int fams_to_skip = cb->args[1]; 687 int fams_to_skip = cb->args[1];
655 688
@@ -658,6 +691,8 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
658 continue; 691 continue;
659 n = 0; 692 n = 0;
660 list_for_each_entry(rt, genl_family_chain(i), family_list) { 693 list_for_each_entry(rt, genl_family_chain(i), family_list) {
694 if (!rt->netnsok && !net_eq(net, &init_net))
695 continue;
661 if (++n < fams_to_skip) 696 if (++n < fams_to_skip)
662 continue; 697 continue;
663 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).pid, 698 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).pid,
@@ -729,6 +764,7 @@ static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info)
729 if (info->attrs[CTRL_ATTR_FAMILY_ID]) { 764 if (info->attrs[CTRL_ATTR_FAMILY_ID]) {
730 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]); 765 u16 id = nla_get_u16(info->attrs[CTRL_ATTR_FAMILY_ID]);
731 res = genl_family_find_byid(id); 766 res = genl_family_find_byid(id);
767 err = -ENOENT;
732 } 768 }
733 769
734 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) { 770 if (info->attrs[CTRL_ATTR_FAMILY_NAME]) {
@@ -736,49 +772,61 @@ static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info)
736 772
737 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]); 773 name = nla_data(info->attrs[CTRL_ATTR_FAMILY_NAME]);
738 res = genl_family_find_byname(name); 774 res = genl_family_find_byname(name);
775 err = -ENOENT;
739 } 776 }
740 777
741 if (res == NULL) { 778 if (res == NULL)
742 err = -ENOENT; 779 return err;
743 goto errout; 780
781 if (!res->netnsok && !net_eq(genl_info_net(info), &init_net)) {
782 /* family doesn't exist here */
783 return -ENOENT;
744 } 784 }
745 785
746 msg = ctrl_build_family_msg(res, info->snd_pid, info->snd_seq, 786 msg = ctrl_build_family_msg(res, info->snd_pid, info->snd_seq,
747 CTRL_CMD_NEWFAMILY); 787 CTRL_CMD_NEWFAMILY);
748 if (IS_ERR(msg)) { 788 if (IS_ERR(msg))
749 err = PTR_ERR(msg); 789 return PTR_ERR(msg);
750 goto errout;
751 }
752 790
753 err = genlmsg_reply(msg, info); 791 return genlmsg_reply(msg, info);
754errout:
755 return err;
756} 792}
757 793
758static int genl_ctrl_event(int event, void *data) 794static int genl_ctrl_event(int event, void *data)
759{ 795{
760 struct sk_buff *msg; 796 struct sk_buff *msg;
797 struct genl_family *family;
798 struct genl_multicast_group *grp;
761 799
762 if (genl_sock == NULL) 800 /* genl is still initialising */
801 if (!init_net.genl_sock)
763 return 0; 802 return 0;
764 803
765 switch (event) { 804 switch (event) {
766 case CTRL_CMD_NEWFAMILY: 805 case CTRL_CMD_NEWFAMILY:
767 case CTRL_CMD_DELFAMILY: 806 case CTRL_CMD_DELFAMILY:
768 msg = ctrl_build_family_msg(data, 0, 0, event); 807 family = data;
769 if (IS_ERR(msg)) 808 msg = ctrl_build_family_msg(family, 0, 0, event);
770 return PTR_ERR(msg);
771
772 genlmsg_multicast(msg, 0, GENL_ID_CTRL, GFP_KERNEL);
773 break; 809 break;
774 case CTRL_CMD_NEWMCAST_GRP: 810 case CTRL_CMD_NEWMCAST_GRP:
775 case CTRL_CMD_DELMCAST_GRP: 811 case CTRL_CMD_DELMCAST_GRP:
812 grp = data;
813 family = grp->family;
776 msg = ctrl_build_mcgrp_msg(data, 0, 0, event); 814 msg = ctrl_build_mcgrp_msg(data, 0, 0, event);
777 if (IS_ERR(msg))
778 return PTR_ERR(msg);
779
780 genlmsg_multicast(msg, 0, GENL_ID_CTRL, GFP_KERNEL);
781 break; 815 break;
816 default:
817 return -EINVAL;
818 }
819
820 if (IS_ERR(msg))
821 return PTR_ERR(msg);
822
823 if (!family->netnsok) {
824 genlmsg_multicast_netns(&init_net, msg, 0,
825 GENL_ID_CTRL, GFP_KERNEL);
826 } else {
827 rcu_read_lock();
828 genlmsg_multicast_allns(msg, 0, GENL_ID_CTRL, GFP_ATOMIC);
829 rcu_read_unlock();
782 } 830 }
783 831
784 return 0; 832 return 0;
@@ -795,6 +843,33 @@ static struct genl_multicast_group notify_grp = {
795 .name = "notify", 843 .name = "notify",
796}; 844};
797 845
846static int __net_init genl_pernet_init(struct net *net)
847{
848 /* we'll bump the group number right afterwards */
849 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, 0,
850 genl_rcv, &genl_mutex,
851 THIS_MODULE);
852
853 if (!net->genl_sock && net_eq(net, &init_net))
854 panic("GENL: Cannot initialize generic netlink\n");
855
856 if (!net->genl_sock)
857 return -ENOMEM;
858
859 return 0;
860}
861
862static void __net_exit genl_pernet_exit(struct net *net)
863{
864 netlink_kernel_release(net->genl_sock);
865 net->genl_sock = NULL;
866}
867
868static struct pernet_operations genl_pernet_ops = {
869 .init = genl_pernet_init,
870 .exit = genl_pernet_exit,
871};
872
798static int __init genl_init(void) 873static int __init genl_init(void)
799{ 874{
800 int i, err; 875 int i, err;
@@ -804,36 +879,67 @@ static int __init genl_init(void)
804 879
805 err = genl_register_family(&genl_ctrl); 880 err = genl_register_family(&genl_ctrl);
806 if (err < 0) 881 if (err < 0)
807 goto errout; 882 goto problem;
808 883
809 err = genl_register_ops(&genl_ctrl, &genl_ctrl_ops); 884 err = genl_register_ops(&genl_ctrl, &genl_ctrl_ops);
810 if (err < 0) 885 if (err < 0)
811 goto errout_register; 886 goto problem;
812 887
813 netlink_set_nonroot(NETLINK_GENERIC, NL_NONROOT_RECV); 888 netlink_set_nonroot(NETLINK_GENERIC, NL_NONROOT_RECV);
814 889
815 /* we'll bump the group number right afterwards */ 890 err = register_pernet_subsys(&genl_pernet_ops);
816 genl_sock = netlink_kernel_create(&init_net, NETLINK_GENERIC, 0, 891 if (err)
817 genl_rcv, &genl_mutex, THIS_MODULE); 892 goto problem;
818 if (genl_sock == NULL)
819 panic("GENL: Cannot initialize generic netlink\n");
820 893
821 err = genl_register_mc_group(&genl_ctrl, &notify_grp); 894 err = genl_register_mc_group(&genl_ctrl, &notify_grp);
822 if (err < 0) 895 if (err < 0)
823 goto errout_register; 896 goto problem;
824 897
825 return 0; 898 return 0;
826 899
827errout_register: 900problem:
828 genl_unregister_family(&genl_ctrl);
829errout:
830 panic("GENL: Cannot register controller: %d\n", err); 901 panic("GENL: Cannot register controller: %d\n", err);
831} 902}
832 903
833subsys_initcall(genl_init); 904subsys_initcall(genl_init);
834 905
835EXPORT_SYMBOL(genl_sock);
836EXPORT_SYMBOL(genl_register_ops); 906EXPORT_SYMBOL(genl_register_ops);
837EXPORT_SYMBOL(genl_unregister_ops); 907EXPORT_SYMBOL(genl_unregister_ops);
838EXPORT_SYMBOL(genl_register_family); 908EXPORT_SYMBOL(genl_register_family);
839EXPORT_SYMBOL(genl_unregister_family); 909EXPORT_SYMBOL(genl_unregister_family);
910
911static int genlmsg_mcast(struct sk_buff *skb, u32 pid, unsigned long group,
912 gfp_t flags)
913{
914 struct sk_buff *tmp;
915 struct net *net, *prev = NULL;
916 int err;
917
918 for_each_net_rcu(net) {
919 if (prev) {
920 tmp = skb_clone(skb, flags);
921 if (!tmp) {
922 err = -ENOMEM;
923 goto error;
924 }
925 err = nlmsg_multicast(prev->genl_sock, tmp,
926 pid, group, flags);
927 if (err)
928 goto error;
929 }
930
931 prev = net;
932 }
933
934 return nlmsg_multicast(prev->genl_sock, skb, pid, group, flags);
935 error:
936 kfree_skb(skb);
937 return err;
938}
939
940int genlmsg_multicast_allns(struct sk_buff *skb, u32 pid, unsigned int group,
941 gfp_t flags)
942{
943 return genlmsg_mcast(skb, pid, group, flags);
944}
945EXPORT_SYMBOL(genlmsg_multicast_allns);
diff --git a/net/netrom/nr_dev.c b/net/netrom/nr_dev.c
index 351372463fed..c7b7838a0519 100644
--- a/net/netrom/nr_dev.c
+++ b/net/netrom/nr_dev.c
@@ -177,13 +177,13 @@ static int nr_xmit(struct sk_buff *skb, struct net_device *dev)
177 if (!nr_route_frame(skb, NULL)) { 177 if (!nr_route_frame(skb, NULL)) {
178 kfree_skb(skb); 178 kfree_skb(skb);
179 stats->tx_errors++; 179 stats->tx_errors++;
180 return 0; 180 return NETDEV_TX_OK;
181 } 181 }
182 182
183 stats->tx_packets++; 183 stats->tx_packets++;
184 stats->tx_bytes += len; 184 stats->tx_bytes += len;
185 185
186 return 0; 186 return NETDEV_TX_OK;
187} 187}
188 188
189static const struct header_ops nr_header_ops = { 189static const struct header_ops nr_header_ops = {
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index ebe5718baa31..d3d52c66cdc2 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -137,8 +137,7 @@ dev->hard_header == NULL (ll header is added by device, we cannot control it)
137 137
138/* Private packet socket structures. */ 138/* Private packet socket structures. */
139 139
140struct packet_mclist 140struct packet_mclist {
141{
142 struct packet_mclist *next; 141 struct packet_mclist *next;
143 int ifindex; 142 int ifindex;
144 int count; 143 int count;
@@ -149,8 +148,7 @@ struct packet_mclist
149/* identical to struct packet_mreq except it has 148/* identical to struct packet_mreq except it has
150 * a longer address field. 149 * a longer address field.
151 */ 150 */
152struct packet_mreq_max 151struct packet_mreq_max {
153{
154 int mr_ifindex; 152 int mr_ifindex;
155 unsigned short mr_type; 153 unsigned short mr_type;
156 unsigned short mr_alen; 154 unsigned short mr_alen;
@@ -162,7 +160,7 @@ static int packet_set_ring(struct sock *sk, struct tpacket_req *req,
162 int closing, int tx_ring); 160 int closing, int tx_ring);
163 161
164struct packet_ring_buffer { 162struct packet_ring_buffer {
165 char * *pg_vec; 163 char **pg_vec;
166 unsigned int head; 164 unsigned int head;
167 unsigned int frames_per_block; 165 unsigned int frames_per_block;
168 unsigned int frame_size; 166 unsigned int frame_size;
@@ -239,7 +237,7 @@ static void __packet_set_status(struct packet_sock *po, void *frame, int status)
239 flush_dcache_page(virt_to_page(&h.h2->tp_status)); 237 flush_dcache_page(virt_to_page(&h.h2->tp_status));
240 break; 238 break;
241 default: 239 default:
242 printk(KERN_ERR "TPACKET version not supported\n"); 240 pr_err("TPACKET version not supported\n");
243 BUG(); 241 BUG();
244 } 242 }
245 243
@@ -265,7 +263,7 @@ static int __packet_get_status(struct packet_sock *po, void *frame)
265 flush_dcache_page(virt_to_page(&h.h2->tp_status)); 263 flush_dcache_page(virt_to_page(&h.h2->tp_status));
266 return h.h2->tp_status; 264 return h.h2->tp_status;
267 default: 265 default:
268 printk(KERN_ERR "TPACKET version not supported\n"); 266 pr_err("TPACKET version not supported\n");
269 BUG(); 267 BUG();
270 return 0; 268 return 0;
271 } 269 }
@@ -327,7 +325,7 @@ static void packet_sock_destruct(struct sock *sk)
327 WARN_ON(atomic_read(&sk->sk_wmem_alloc)); 325 WARN_ON(atomic_read(&sk->sk_wmem_alloc));
328 326
329 if (!sock_flag(sk, SOCK_DEAD)) { 327 if (!sock_flag(sk, SOCK_DEAD)) {
330 printk("Attempt to release alive packet socket: %p\n", sk); 328 pr_err("Attempt to release alive packet socket: %p\n", sk);
331 return; 329 return;
332 } 330 }
333 331
@@ -339,7 +337,8 @@ static const struct proto_ops packet_ops;
339 337
340static const struct proto_ops packet_ops_spkt; 338static const struct proto_ops packet_ops_spkt;
341 339
342static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) 340static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev,
341 struct packet_type *pt, struct net_device *orig_dev)
343{ 342{
344 struct sock *sk; 343 struct sock *sk;
345 struct sockaddr_pkt *spkt; 344 struct sockaddr_pkt *spkt;
@@ -368,7 +367,8 @@ static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct
368 if (dev_net(dev) != sock_net(sk)) 367 if (dev_net(dev) != sock_net(sk))
369 goto out; 368 goto out;
370 369
371 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) 370 skb = skb_share_check(skb, GFP_ATOMIC);
371 if (skb == NULL)
372 goto oom; 372 goto oom;
373 373
374 /* drop any routing info */ 374 /* drop any routing info */
@@ -394,7 +394,7 @@ static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct
394 * to prevent sockets using all the memory up. 394 * to prevent sockets using all the memory up.
395 */ 395 */
396 396
397 if (sock_queue_rcv_skb(sk,skb) == 0) 397 if (sock_queue_rcv_skb(sk, skb) == 0)
398 return 0; 398 return 0;
399 399
400out: 400out:
@@ -413,25 +413,23 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
413 struct msghdr *msg, size_t len) 413 struct msghdr *msg, size_t len)
414{ 414{
415 struct sock *sk = sock->sk; 415 struct sock *sk = sock->sk;
416 struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name; 416 struct sockaddr_pkt *saddr = (struct sockaddr_pkt *)msg->msg_name;
417 struct sk_buff *skb; 417 struct sk_buff *skb;
418 struct net_device *dev; 418 struct net_device *dev;
419 __be16 proto=0; 419 __be16 proto = 0;
420 int err; 420 int err;
421 421
422 /* 422 /*
423 * Get and verify the address. 423 * Get and verify the address.
424 */ 424 */
425 425
426 if (saddr) 426 if (saddr) {
427 {
428 if (msg->msg_namelen < sizeof(struct sockaddr)) 427 if (msg->msg_namelen < sizeof(struct sockaddr))
429 return(-EINVAL); 428 return -EINVAL;
430 if (msg->msg_namelen==sizeof(struct sockaddr_pkt)) 429 if (msg->msg_namelen == sizeof(struct sockaddr_pkt))
431 proto=saddr->spkt_protocol; 430 proto = saddr->spkt_protocol;
432 } 431 } else
433 else 432 return -ENOTCONN; /* SOCK_PACKET must be sent giving an address */
434 return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */
435 433
436 /* 434 /*
437 * Find the device first to size check it 435 * Find the device first to size check it
@@ -448,8 +446,8 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
448 goto out_unlock; 446 goto out_unlock;
449 447
450 /* 448 /*
451 * You may not queue a frame bigger than the mtu. This is the lowest level 449 * You may not queue a frame bigger than the mtu. This is the lowest level
452 * raw protocol and you must do your own fragmentation at this level. 450 * raw protocol and you must do your own fragmentation at this level.
453 */ 451 */
454 452
455 err = -EMSGSIZE; 453 err = -EMSGSIZE;
@@ -460,9 +458,9 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
460 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL); 458 skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL);
461 459
462 /* 460 /*
463 * If the write buffer is full, then tough. At this level the user gets to 461 * If the write buffer is full, then tough. At this level the user
464 * deal with the problem - do your own algorithmic backoffs. That's far 462 * gets to deal with the problem - do your own algorithmic backoffs.
465 * more flexible. 463 * That's far more flexible.
466 */ 464 */
467 465
468 if (skb == NULL) 466 if (skb == NULL)
@@ -488,7 +486,7 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
488 } 486 }
489 487
490 /* Returns -EFAULT on error */ 488 /* Returns -EFAULT on error */
491 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); 489 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
492 skb->protocol = proto; 490 skb->protocol = proto;
493 skb->dev = dev; 491 skb->dev = dev;
494 skb->priority = sk->sk_priority; 492 skb->priority = sk->sk_priority;
@@ -501,7 +499,7 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
501 499
502 dev_queue_xmit(skb); 500 dev_queue_xmit(skb);
503 dev_put(dev); 501 dev_put(dev);
504 return(len); 502 return len;
505 503
506out_free: 504out_free:
507 kfree_skb(skb); 505 kfree_skb(skb);
@@ -537,12 +535,13 @@ static inline unsigned int run_filter(struct sk_buff *skb, struct sock *sk,
537 we will not harm anyone. 535 we will not harm anyone.
538 */ 536 */
539 537
540static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) 538static int packet_rcv(struct sk_buff *skb, struct net_device *dev,
539 struct packet_type *pt, struct net_device *orig_dev)
541{ 540{
542 struct sock *sk; 541 struct sock *sk;
543 struct sockaddr_ll *sll; 542 struct sockaddr_ll *sll;
544 struct packet_sock *po; 543 struct packet_sock *po;
545 u8 * skb_head = skb->data; 544 u8 *skb_head = skb->data;
546 int skb_len = skb->len; 545 int skb_len = skb->len;
547 unsigned int snaplen, res; 546 unsigned int snaplen, res;
548 547
@@ -648,7 +647,8 @@ drop:
648} 647}
649 648
650#ifdef CONFIG_PACKET_MMAP 649#ifdef CONFIG_PACKET_MMAP
651static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) 650static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev,
651 struct packet_type *pt, struct net_device *orig_dev)
652{ 652{
653 struct sock *sk; 653 struct sock *sk;
654 struct packet_sock *po; 654 struct packet_sock *po;
@@ -658,7 +658,7 @@ static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packe
658 struct tpacket2_hdr *h2; 658 struct tpacket2_hdr *h2;
659 void *raw; 659 void *raw;
660 } h; 660 } h;
661 u8 * skb_head = skb->data; 661 u8 *skb_head = skb->data;
662 int skb_len = skb->len; 662 int skb_len = skb->len;
663 unsigned int snaplen, res; 663 unsigned int snaplen, res;
664 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER; 664 unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER;
@@ -821,7 +821,7 @@ ring_is_full:
821static void tpacket_destruct_skb(struct sk_buff *skb) 821static void tpacket_destruct_skb(struct sk_buff *skb)
822{ 822{
823 struct packet_sock *po = pkt_sk(skb->sk); 823 struct packet_sock *po = pkt_sk(skb->sk);
824 void * ph; 824 void *ph;
825 825
826 BUG_ON(skb == NULL); 826 BUG_ON(skb == NULL);
827 827
@@ -836,9 +836,9 @@ static void tpacket_destruct_skb(struct sk_buff *skb)
836 sock_wfree(skb); 836 sock_wfree(skb);
837} 837}
838 838
839static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb, 839static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb,
840 void * frame, struct net_device *dev, int size_max, 840 void *frame, struct net_device *dev, int size_max,
841 __be16 proto, unsigned char * addr) 841 __be16 proto, unsigned char *addr)
842{ 842{
843 union { 843 union {
844 struct tpacket_hdr *h1; 844 struct tpacket_hdr *h1;
@@ -867,8 +867,7 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb,
867 break; 867 break;
868 } 868 }
869 if (unlikely(tp_len > size_max)) { 869 if (unlikely(tp_len > size_max)) {
870 printk(KERN_ERR "packet size is too long (%d > %d)\n", 870 pr_err("packet size is too long (%d > %d)\n", tp_len, size_max);
871 tp_len, size_max);
872 return -EMSGSIZE; 871 return -EMSGSIZE;
873 } 872 }
874 873
@@ -883,12 +882,11 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb,
883 NULL, tp_len); 882 NULL, tp_len);
884 if (unlikely(err < 0)) 883 if (unlikely(err < 0))
885 return -EINVAL; 884 return -EINVAL;
886 } else if (dev->hard_header_len ) { 885 } else if (dev->hard_header_len) {
887 /* net device doesn't like empty head */ 886 /* net device doesn't like empty head */
888 if (unlikely(tp_len <= dev->hard_header_len)) { 887 if (unlikely(tp_len <= dev->hard_header_len)) {
889 printk(KERN_ERR "packet size is too short " 888 pr_err("packet size is too short (%d < %d)\n",
890 "(%d < %d)\n", tp_len, 889 tp_len, dev->hard_header_len);
891 dev->hard_header_len);
892 return -EINVAL; 890 return -EINVAL;
893 } 891 }
894 892
@@ -917,9 +915,8 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff * skb,
917 nr_frags = skb_shinfo(skb)->nr_frags; 915 nr_frags = skb_shinfo(skb)->nr_frags;
918 916
919 if (unlikely(nr_frags >= MAX_SKB_FRAGS)) { 917 if (unlikely(nr_frags >= MAX_SKB_FRAGS)) {
920 printk(KERN_ERR "Packet exceed the number " 918 pr_err("Packet exceed the number of skb frags(%lu)\n",
921 "of skb frags(%lu)\n", 919 MAX_SKB_FRAGS);
922 MAX_SKB_FRAGS);
923 return -EFAULT; 920 return -EFAULT;
924 } 921 }
925 922
@@ -944,8 +941,8 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
944 struct net_device *dev; 941 struct net_device *dev;
945 __be16 proto; 942 __be16 proto;
946 int ifindex, err, reserve = 0; 943 int ifindex, err, reserve = 0;
947 void * ph; 944 void *ph;
948 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name; 945 struct sockaddr_ll *saddr = (struct sockaddr_ll *)msg->msg_name;
949 int tp_len, size_max; 946 int tp_len, size_max;
950 unsigned char *addr; 947 unsigned char *addr;
951 int len_sum = 0; 948 int len_sum = 0;
@@ -1038,8 +1035,7 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
1038 goto out_xmit; 1035 goto out_xmit;
1039 packet_increment_head(&po->tx_ring); 1036 packet_increment_head(&po->tx_ring);
1040 len_sum += tp_len; 1037 len_sum += tp_len;
1041 } 1038 } while (likely((ph != NULL) || ((!(msg->msg_flags & MSG_DONTWAIT))
1042 while (likely((ph != NULL) || ((!(msg->msg_flags & MSG_DONTWAIT))
1043 && (atomic_read(&po->tx_ring.pending)))) 1039 && (atomic_read(&po->tx_ring.pending))))
1044 ); 1040 );
1045 1041
@@ -1064,7 +1060,7 @@ static int packet_snd(struct socket *sock,
1064 struct msghdr *msg, size_t len) 1060 struct msghdr *msg, size_t len)
1065{ 1061{
1066 struct sock *sk = sock->sk; 1062 struct sock *sk = sock->sk;
1067 struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name; 1063 struct sockaddr_ll *saddr = (struct sockaddr_ll *)msg->msg_name;
1068 struct sk_buff *skb; 1064 struct sk_buff *skb;
1069 struct net_device *dev; 1065 struct net_device *dev;
1070 __be16 proto; 1066 __be16 proto;
@@ -1110,7 +1106,7 @@ static int packet_snd(struct socket *sock,
1110 1106
1111 skb = sock_alloc_send_skb(sk, len + LL_ALLOCATED_SPACE(dev), 1107 skb = sock_alloc_send_skb(sk, len + LL_ALLOCATED_SPACE(dev),
1112 msg->msg_flags & MSG_DONTWAIT, &err); 1108 msg->msg_flags & MSG_DONTWAIT, &err);
1113 if (skb==NULL) 1109 if (skb == NULL)
1114 goto out_unlock; 1110 goto out_unlock;
1115 1111
1116 skb_reserve(skb, LL_RESERVED_SPACE(dev)); 1112 skb_reserve(skb, LL_RESERVED_SPACE(dev));
@@ -1122,7 +1118,7 @@ static int packet_snd(struct socket *sock,
1122 goto out_free; 1118 goto out_free;
1123 1119
1124 /* Returns -EFAULT on error */ 1120 /* Returns -EFAULT on error */
1125 err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); 1121 err = memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len);
1126 if (err) 1122 if (err)
1127 goto out_free; 1123 goto out_free;
1128 1124
@@ -1140,7 +1136,7 @@ static int packet_snd(struct socket *sock,
1140 1136
1141 dev_put(dev); 1137 dev_put(dev);
1142 1138
1143 return(len); 1139 return len;
1144 1140
1145out_free: 1141out_free:
1146 kfree_skb(skb); 1142 kfree_skb(skb);
@@ -1283,9 +1279,10 @@ out_unlock:
1283 * Bind a packet socket to a device 1279 * Bind a packet socket to a device
1284 */ 1280 */
1285 1281
1286static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1282static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr,
1283 int addr_len)
1287{ 1284{
1288 struct sock *sk=sock->sk; 1285 struct sock *sk = sock->sk;
1289 char name[15]; 1286 char name[15];
1290 struct net_device *dev; 1287 struct net_device *dev;
1291 int err = -ENODEV; 1288 int err = -ENODEV;
@@ -1296,7 +1293,7 @@ static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int add
1296 1293
1297 if (addr_len != sizeof(struct sockaddr)) 1294 if (addr_len != sizeof(struct sockaddr))
1298 return -EINVAL; 1295 return -EINVAL;
1299 strlcpy(name,uaddr->sa_data,sizeof(name)); 1296 strlcpy(name, uaddr->sa_data, sizeof(name));
1300 1297
1301 dev = dev_get_by_name(sock_net(sk), name); 1298 dev = dev_get_by_name(sock_net(sk), name);
1302 if (dev) { 1299 if (dev) {
@@ -1308,8 +1305,8 @@ static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int add
1308 1305
1309static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 1306static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1310{ 1307{
1311 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; 1308 struct sockaddr_ll *sll = (struct sockaddr_ll *)uaddr;
1312 struct sock *sk=sock->sk; 1309 struct sock *sk = sock->sk;
1313 struct net_device *dev = NULL; 1310 struct net_device *dev = NULL;
1314 int err; 1311 int err;
1315 1312
@@ -1404,7 +1401,7 @@ static int packet_create(struct net *net, struct socket *sock, int protocol)
1404 sk_add_node(sk, &net->packet.sklist); 1401 sk_add_node(sk, &net->packet.sklist);
1405 sock_prot_inuse_add(net, &packet_proto, 1); 1402 sock_prot_inuse_add(net, &packet_proto, 1);
1406 write_unlock_bh(&net->packet.sklist_lock); 1403 write_unlock_bh(&net->packet.sklist_lock);
1407 return(0); 1404 return 0;
1408out: 1405out:
1409 return err; 1406 return err;
1410} 1407}
@@ -1441,7 +1438,7 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1441 * but then it will block. 1438 * but then it will block.
1442 */ 1439 */
1443 1440
1444 skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err); 1441 skb = skb_recv_datagram(sk, flags, flags & MSG_DONTWAIT, &err);
1445 1442
1446 /* 1443 /*
1447 * An error occurred so return it. Because skb_recv_datagram() 1444 * An error occurred so return it. Because skb_recv_datagram()
@@ -1469,10 +1466,9 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
1469 */ 1466 */
1470 1467
1471 copied = skb->len; 1468 copied = skb->len;
1472 if (copied > len) 1469 if (copied > len) {
1473 { 1470 copied = len;
1474 copied=len; 1471 msg->msg_flags |= MSG_TRUNC;
1475 msg->msg_flags|=MSG_TRUNC;
1476 } 1472 }
1477 1473
1478 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 1474 err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
@@ -1539,7 +1535,7 @@ static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
1539 struct net_device *dev; 1535 struct net_device *dev;
1540 struct sock *sk = sock->sk; 1536 struct sock *sk = sock->sk;
1541 struct packet_sock *po = pkt_sk(sk); 1537 struct packet_sock *po = pkt_sk(sk);
1542 struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; 1538 struct sockaddr_ll *sll = (struct sockaddr_ll *)uaddr;
1543 1539
1544 if (peer) 1540 if (peer)
1545 return -EOPNOTSUPP; 1541 return -EOPNOTSUPP;
@@ -1584,14 +1580,15 @@ static int packet_dev_mc(struct net_device *dev, struct packet_mclist *i,
1584 else 1580 else
1585 return dev_unicast_delete(dev, i->addr); 1581 return dev_unicast_delete(dev, i->addr);
1586 break; 1582 break;
1587 default:; 1583 default:
1584 break;
1588 } 1585 }
1589 return 0; 1586 return 0;
1590} 1587}
1591 1588
1592static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what) 1589static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what)
1593{ 1590{
1594 for ( ; i; i=i->next) { 1591 for ( ; i; i = i->next) {
1595 if (i->ifindex == dev->ifindex) 1592 if (i->ifindex == dev->ifindex)
1596 packet_dev_mc(dev, i, what); 1593 packet_dev_mc(dev, i, what);
1597 } 1594 }
@@ -1693,7 +1690,8 @@ static void packet_flush_mclist(struct sock *sk)
1693 struct net_device *dev; 1690 struct net_device *dev;
1694 1691
1695 po->mclist = ml->next; 1692 po->mclist = ml->next;
1696 if ((dev = dev_get_by_index(sock_net(sk), ml->ifindex)) != NULL) { 1693 dev = dev_get_by_index(sock_net(sk), ml->ifindex);
1694 if (dev != NULL) {
1697 packet_dev_mc(dev, ml, -1); 1695 packet_dev_mc(dev, ml, -1);
1698 dev_put(dev); 1696 dev_put(dev);
1699 } 1697 }
@@ -1723,7 +1721,7 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
1723 return -EINVAL; 1721 return -EINVAL;
1724 if (len > sizeof(mreq)) 1722 if (len > sizeof(mreq))
1725 len = sizeof(mreq); 1723 len = sizeof(mreq);
1726 if (copy_from_user(&mreq,optval,len)) 1724 if (copy_from_user(&mreq, optval, len))
1727 return -EFAULT; 1725 return -EFAULT;
1728 if (len < (mreq.mr_alen + offsetof(struct packet_mreq, mr_address))) 1726 if (len < (mreq.mr_alen + offsetof(struct packet_mreq, mr_address)))
1729 return -EINVAL; 1727 return -EINVAL;
@@ -1740,9 +1738,9 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
1740 { 1738 {
1741 struct tpacket_req req; 1739 struct tpacket_req req;
1742 1740
1743 if (optlen<sizeof(req)) 1741 if (optlen < sizeof(req))
1744 return -EINVAL; 1742 return -EINVAL;
1745 if (copy_from_user(&req,optval,sizeof(req))) 1743 if (copy_from_user(&req, optval, sizeof(req)))
1746 return -EFAULT; 1744 return -EFAULT;
1747 return packet_set_ring(sk, &req, 0, optname == PACKET_TX_RING); 1745 return packet_set_ring(sk, &req, 0, optname == PACKET_TX_RING);
1748 } 1746 }
@@ -1750,9 +1748,9 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
1750 { 1748 {
1751 int val; 1749 int val;
1752 1750
1753 if (optlen!=sizeof(val)) 1751 if (optlen != sizeof(val))
1754 return -EINVAL; 1752 return -EINVAL;
1755 if (copy_from_user(&val,optval,sizeof(val))) 1753 if (copy_from_user(&val, optval, sizeof(val)))
1756 return -EFAULT; 1754 return -EFAULT;
1757 1755
1758 pkt_sk(sk)->copy_thresh = val; 1756 pkt_sk(sk)->copy_thresh = val;
@@ -1985,51 +1983,51 @@ static int packet_ioctl(struct socket *sock, unsigned int cmd,
1985 struct sock *sk = sock->sk; 1983 struct sock *sk = sock->sk;
1986 1984
1987 switch (cmd) { 1985 switch (cmd) {
1988 case SIOCOUTQ: 1986 case SIOCOUTQ:
1989 { 1987 {
1990 int amount = sk_wmem_alloc_get(sk); 1988 int amount = sk_wmem_alloc_get(sk);
1991 1989
1992 return put_user(amount, (int __user *)arg); 1990 return put_user(amount, (int __user *)arg);
1993 } 1991 }
1994 case SIOCINQ: 1992 case SIOCINQ:
1995 { 1993 {
1996 struct sk_buff *skb; 1994 struct sk_buff *skb;
1997 int amount = 0; 1995 int amount = 0;
1998 1996
1999 spin_lock_bh(&sk->sk_receive_queue.lock); 1997 spin_lock_bh(&sk->sk_receive_queue.lock);
2000 skb = skb_peek(&sk->sk_receive_queue); 1998 skb = skb_peek(&sk->sk_receive_queue);
2001 if (skb) 1999 if (skb)
2002 amount = skb->len; 2000 amount = skb->len;
2003 spin_unlock_bh(&sk->sk_receive_queue.lock); 2001 spin_unlock_bh(&sk->sk_receive_queue.lock);
2004 return put_user(amount, (int __user *)arg); 2002 return put_user(amount, (int __user *)arg);
2005 } 2003 }
2006 case SIOCGSTAMP: 2004 case SIOCGSTAMP:
2007 return sock_get_timestamp(sk, (struct timeval __user *)arg); 2005 return sock_get_timestamp(sk, (struct timeval __user *)arg);
2008 case SIOCGSTAMPNS: 2006 case SIOCGSTAMPNS:
2009 return sock_get_timestampns(sk, (struct timespec __user *)arg); 2007 return sock_get_timestampns(sk, (struct timespec __user *)arg);
2010 2008
2011#ifdef CONFIG_INET 2009#ifdef CONFIG_INET
2012 case SIOCADDRT: 2010 case SIOCADDRT:
2013 case SIOCDELRT: 2011 case SIOCDELRT:
2014 case SIOCDARP: 2012 case SIOCDARP:
2015 case SIOCGARP: 2013 case SIOCGARP:
2016 case SIOCSARP: 2014 case SIOCSARP:
2017 case SIOCGIFADDR: 2015 case SIOCGIFADDR:
2018 case SIOCSIFADDR: 2016 case SIOCSIFADDR:
2019 case SIOCGIFBRDADDR: 2017 case SIOCGIFBRDADDR:
2020 case SIOCSIFBRDADDR: 2018 case SIOCSIFBRDADDR:
2021 case SIOCGIFNETMASK: 2019 case SIOCGIFNETMASK:
2022 case SIOCSIFNETMASK: 2020 case SIOCSIFNETMASK:
2023 case SIOCGIFDSTADDR: 2021 case SIOCGIFDSTADDR:
2024 case SIOCSIFDSTADDR: 2022 case SIOCSIFDSTADDR:
2025 case SIOCSIFFLAGS: 2023 case SIOCSIFFLAGS:
2026 if (!net_eq(sock_net(sk), &init_net)) 2024 if (!net_eq(sock_net(sk), &init_net))
2027 return -ENOIOCTLCMD; 2025 return -ENOIOCTLCMD;
2028 return inet_dgram_ops.ioctl(sock, cmd, arg); 2026 return inet_dgram_ops.ioctl(sock, cmd, arg);
2029#endif 2027#endif
2030 2028
2031 default: 2029 default:
2032 return -ENOIOCTLCMD; 2030 return -ENOIOCTLCMD;
2033 } 2031 }
2034 return 0; 2032 return 0;
2035} 2033}
@@ -2039,7 +2037,7 @@ static int packet_ioctl(struct socket *sock, unsigned int cmd,
2039#define packet_poll datagram_poll 2037#define packet_poll datagram_poll
2040#else 2038#else
2041 2039
2042static unsigned int packet_poll(struct file * file, struct socket *sock, 2040static unsigned int packet_poll(struct file *file, struct socket *sock,
2043 poll_table *wait) 2041 poll_table *wait)
2044{ 2042{
2045 struct sock *sk = sock->sk; 2043 struct sock *sk = sock->sk;
@@ -2069,7 +2067,7 @@ static unsigned int packet_poll(struct file * file, struct socket *sock,
2069static void packet_mm_open(struct vm_area_struct *vma) 2067static void packet_mm_open(struct vm_area_struct *vma)
2070{ 2068{
2071 struct file *file = vma->vm_file; 2069 struct file *file = vma->vm_file;
2072 struct socket * sock = file->private_data; 2070 struct socket *sock = file->private_data;
2073 struct sock *sk = sock->sk; 2071 struct sock *sk = sock->sk;
2074 2072
2075 if (sk) 2073 if (sk)
@@ -2079,7 +2077,7 @@ static void packet_mm_open(struct vm_area_struct *vma)
2079static void packet_mm_close(struct vm_area_struct *vma) 2077static void packet_mm_close(struct vm_area_struct *vma)
2080{ 2078{
2081 struct file *file = vma->vm_file; 2079 struct file *file = vma->vm_file;
2082 struct socket * sock = file->private_data; 2080 struct socket *sock = file->private_data;
2083 struct sock *sk = sock->sk; 2081 struct sock *sk = sock->sk;
2084 2082
2085 if (sk) 2083 if (sk)
@@ -2087,8 +2085,8 @@ static void packet_mm_close(struct vm_area_struct *vma)
2087} 2085}
2088 2086
2089static struct vm_operations_struct packet_mmap_ops = { 2087static struct vm_operations_struct packet_mmap_ops = {
2090 .open = packet_mm_open, 2088 .open = packet_mm_open,
2091 .close =packet_mm_close, 2089 .close = packet_mm_close,
2092}; 2090};
2093 2091
2094static void free_pg_vec(char **pg_vec, unsigned int order, unsigned int len) 2092static void free_pg_vec(char **pg_vec, unsigned int order, unsigned int len)
@@ -2239,8 +2237,8 @@ static int packet_set_ring(struct sock *sk, struct tpacket_req *req,
2239 skb_queue_purge(rb_queue); 2237 skb_queue_purge(rb_queue);
2240#undef XC 2238#undef XC
2241 if (atomic_read(&po->mapped)) 2239 if (atomic_read(&po->mapped))
2242 printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", 2240 pr_err("packet_mmap: vma is busy: %d\n",
2243 atomic_read(&po->mapped)); 2241 atomic_read(&po->mapped));
2244 } 2242 }
2245 mutex_unlock(&po->pg_vec_lock); 2243 mutex_unlock(&po->pg_vec_lock);
2246 2244
@@ -2303,7 +2301,7 @@ static int packet_mmap(struct file *file, struct socket *sock,
2303 int pg_num; 2301 int pg_num;
2304 2302
2305 for (pg_num = 0; pg_num < rb->pg_vec_pages; 2303 for (pg_num = 0; pg_num < rb->pg_vec_pages;
2306 pg_num++,page++) { 2304 pg_num++, page++) {
2307 err = vm_insert_page(vma, start, page); 2305 err = vm_insert_page(vma, start, page);
2308 if (unlikely(err)) 2306 if (unlikely(err))
2309 goto out; 2307 goto out;
@@ -2372,7 +2370,7 @@ static struct net_proto_family packet_family_ops = {
2372}; 2370};
2373 2371
2374static struct notifier_block packet_netdev_notifier = { 2372static struct notifier_block packet_netdev_notifier = {
2375 .notifier_call =packet_notifier, 2373 .notifier_call = packet_notifier,
2376}; 2374};
2377 2375
2378#ifdef CONFIG_PROC_FS 2376#ifdef CONFIG_PROC_FS
@@ -2402,7 +2400,7 @@ static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2402 ++*pos; 2400 ++*pos;
2403 return (v == SEQ_START_TOKEN) 2401 return (v == SEQ_START_TOKEN)
2404 ? sk_head(&net->packet.sklist) 2402 ? sk_head(&net->packet.sklist)
2405 : sk_next((struct sock*)v) ; 2403 : sk_next((struct sock *)v) ;
2406} 2404}
2407 2405
2408static void packet_seq_stop(struct seq_file *seq, void *v) 2406static void packet_seq_stop(struct seq_file *seq, void *v)
@@ -2430,7 +2428,7 @@ static int packet_seq_show(struct seq_file *seq, void *v)
2430 po->running, 2428 po->running,
2431 atomic_read(&s->sk_rmem_alloc), 2429 atomic_read(&s->sk_rmem_alloc),
2432 sock_i_uid(s), 2430 sock_i_uid(s),
2433 sock_i_ino(s) ); 2431 sock_i_ino(s));
2434 } 2432 }
2435 2433
2436 return 0; 2434 return 0;
diff --git a/net/phonet/datagram.c b/net/phonet/datagram.c
index e087862ed7e4..ef5c75c372e4 100644
--- a/net/phonet/datagram.c
+++ b/net/phonet/datagram.c
@@ -159,8 +159,11 @@ out_nofree:
159static int pn_backlog_rcv(struct sock *sk, struct sk_buff *skb) 159static int pn_backlog_rcv(struct sock *sk, struct sk_buff *skb)
160{ 160{
161 int err = sock_queue_rcv_skb(sk, skb); 161 int err = sock_queue_rcv_skb(sk, skb);
162 if (err < 0) 162 if (err < 0) {
163 kfree_skb(skb); 163 kfree_skb(skb);
164 if (err == -ENOMEM)
165 atomic_inc(&sk->sk_drops);
166 }
164 return err ? NET_RX_DROP : NET_RX_SUCCESS; 167 return err ? NET_RX_DROP : NET_RX_SUCCESS;
165} 168}
166 169
diff --git a/net/phonet/pep-gprs.c b/net/phonet/pep-gprs.c
index 480839dfc560..4667af51ed71 100644
--- a/net/phonet/pep-gprs.c
+++ b/net/phonet/pep-gprs.c
@@ -195,7 +195,7 @@ static int gprs_xmit(struct sk_buff *skb, struct net_device *dev)
195 break; 195 break;
196 default: 196 default:
197 dev_kfree_skb(skb); 197 dev_kfree_skb(skb);
198 return 0; 198 return NETDEV_TX_OK;
199 } 199 }
200 200
201 skb_orphan(skb); 201 skb_orphan(skb);
@@ -215,7 +215,7 @@ static int gprs_xmit(struct sk_buff *skb, struct net_device *dev)
215 netif_stop_queue(dev); 215 netif_stop_queue(dev);
216 if (pep_writeable(sk)) 216 if (pep_writeable(sk))
217 netif_wake_queue(dev); 217 netif_wake_queue(dev);
218 return 0; 218 return NETDEV_TX_OK;
219} 219}
220 220
221static int gprs_set_mtu(struct net_device *dev, int new_mtu) 221static int gprs_set_mtu(struct net_device *dev, int new_mtu)
diff --git a/net/phonet/pep.c b/net/phonet/pep.c
index eef833ea6d7b..b8252d289cd7 100644
--- a/net/phonet/pep.c
+++ b/net/phonet/pep.c
@@ -346,8 +346,10 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb)
346 break; 346 break;
347 347
348 case PNS_PEP_CTRL_REQ: 348 case PNS_PEP_CTRL_REQ:
349 if (skb_queue_len(&pn->ctrlreq_queue) >= PNPIPE_CTRLREQ_MAX) 349 if (skb_queue_len(&pn->ctrlreq_queue) >= PNPIPE_CTRLREQ_MAX) {
350 atomic_inc(&sk->sk_drops);
350 break; 351 break;
352 }
351 __skb_pull(skb, 4); 353 __skb_pull(skb, 4);
352 queue = &pn->ctrlreq_queue; 354 queue = &pn->ctrlreq_queue;
353 goto queue; 355 goto queue;
@@ -358,10 +360,13 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb)
358 err = sock_queue_rcv_skb(sk, skb); 360 err = sock_queue_rcv_skb(sk, skb);
359 if (!err) 361 if (!err)
360 return 0; 362 return 0;
363 if (err == -ENOMEM)
364 atomic_inc(&sk->sk_drops);
361 break; 365 break;
362 } 366 }
363 367
364 if (pn->rx_credits == 0) { 368 if (pn->rx_credits == 0) {
369 atomic_inc(&sk->sk_drops);
365 err = -ENOBUFS; 370 err = -ENOBUFS;
366 break; 371 break;
367 } 372 }
diff --git a/net/phonet/pn_dev.c b/net/phonet/pn_dev.c
index c2b77a698695..5ae4c01e8388 100644
--- a/net/phonet/pn_dev.c
+++ b/net/phonet/pn_dev.c
@@ -27,6 +27,7 @@
27#include <linux/net.h> 27#include <linux/net.h>
28#include <linux/netdevice.h> 28#include <linux/netdevice.h>
29#include <linux/phonet.h> 29#include <linux/phonet.h>
30#include <linux/proc_fs.h>
30#include <net/sock.h> 31#include <net/sock.h>
31#include <net/netns/generic.h> 32#include <net/netns/generic.h>
32#include <net/phonet/pn_dev.h> 33#include <net/phonet/pn_dev.h>
@@ -218,6 +219,11 @@ static int phonet_init_net(struct net *net)
218 if (!pnn) 219 if (!pnn)
219 return -ENOMEM; 220 return -ENOMEM;
220 221
222 if (!proc_net_fops_create(net, "phonet", 0, &pn_sock_seq_fops)) {
223 kfree(pnn);
224 return -ENOMEM;
225 }
226
221 INIT_LIST_HEAD(&pnn->pndevs.list); 227 INIT_LIST_HEAD(&pnn->pndevs.list);
222 spin_lock_init(&pnn->pndevs.lock); 228 spin_lock_init(&pnn->pndevs.lock);
223 net_assign_generic(net, phonet_net_id, pnn); 229 net_assign_generic(net, phonet_net_id, pnn);
@@ -233,6 +239,8 @@ static void phonet_exit_net(struct net *net)
233 for_each_netdev(net, dev) 239 for_each_netdev(net, dev)
234 phonet_device_destroy(dev); 240 phonet_device_destroy(dev);
235 rtnl_unlock(); 241 rtnl_unlock();
242
243 proc_net_remove(net, "phonet");
236 kfree(pnn); 244 kfree(pnn);
237} 245}
238 246
diff --git a/net/phonet/socket.c b/net/phonet/socket.c
index ada2a35bf7a2..5f26c3711a1e 100644
--- a/net/phonet/socket.c
+++ b/net/phonet/socket.c
@@ -412,3 +412,100 @@ found:
412 return 0; 412 return 0;
413} 413}
414EXPORT_SYMBOL(pn_sock_get_port); 414EXPORT_SYMBOL(pn_sock_get_port);
415
416static struct sock *pn_sock_get_idx(struct seq_file *seq, loff_t pos)
417{
418 struct net *net = seq_file_net(seq);
419 struct hlist_node *node;
420 struct sock *sknode;
421
422 sk_for_each(sknode, node, &pnsocks.hlist) {
423 if (!net_eq(net, sock_net(sknode)))
424 continue;
425 if (!pos)
426 return sknode;
427 pos--;
428 }
429 return NULL;
430}
431
432static struct sock *pn_sock_get_next(struct seq_file *seq, struct sock *sk)
433{
434 struct net *net = seq_file_net(seq);
435
436 do
437 sk = sk_next(sk);
438 while (sk && !net_eq(net, sock_net(sk)));
439
440 return sk;
441}
442
443static void *pn_sock_seq_start(struct seq_file *seq, loff_t *pos)
444 __acquires(pnsocks.lock)
445{
446 spin_lock_bh(&pnsocks.lock);
447 return *pos ? pn_sock_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
448}
449
450static void *pn_sock_seq_next(struct seq_file *seq, void *v, loff_t *pos)
451{
452 struct sock *sk;
453
454 if (v == SEQ_START_TOKEN)
455 sk = pn_sock_get_idx(seq, 0);
456 else
457 sk = pn_sock_get_next(seq, v);
458 (*pos)++;
459 return sk;
460}
461
462static void pn_sock_seq_stop(struct seq_file *seq, void *v)
463 __releases(pnsocks.lock)
464{
465 spin_unlock_bh(&pnsocks.lock);
466}
467
468static int pn_sock_seq_show(struct seq_file *seq, void *v)
469{
470 int len;
471
472 if (v == SEQ_START_TOKEN)
473 seq_printf(seq, "%s%n", "pt loc rem rs st tx_queue rx_queue "
474 " uid inode ref pointer drops", &len);
475 else {
476 struct sock *sk = v;
477 struct pn_sock *pn = pn_sk(sk);
478
479 seq_printf(seq, "%2d %04X:%04X:%02X %02X %08X:%08X %5d %lu "
480 "%d %p %d%n",
481 sk->sk_protocol, pn->sobject, 0, pn->resource,
482 sk->sk_state,
483 sk_wmem_alloc_get(sk), sk_rmem_alloc_get(sk),
484 sock_i_uid(sk), sock_i_ino(sk),
485 atomic_read(&sk->sk_refcnt), sk,
486 atomic_read(&sk->sk_drops), &len);
487 }
488 seq_printf(seq, "%*s\n", 127 - len, "");
489 return 0;
490}
491
492static const struct seq_operations pn_sock_seq_ops = {
493 .start = pn_sock_seq_start,
494 .next = pn_sock_seq_next,
495 .stop = pn_sock_seq_stop,
496 .show = pn_sock_seq_show,
497};
498
499static int pn_sock_open(struct inode *inode, struct file *file)
500{
501 return seq_open_net(inode, file, &pn_sock_seq_ops,
502 sizeof(struct seq_net_private));
503}
504
505const struct file_operations pn_sock_seq_fops = {
506 .owner = THIS_MODULE,
507 .open = pn_sock_open,
508 .read = seq_read,
509 .llseek = seq_lseek,
510 .release = seq_release_net,
511};
diff --git a/net/rds/connection.c b/net/rds/connection.c
index d14445c48304..b420a20d84fd 100644
--- a/net/rds/connection.c
+++ b/net/rds/connection.c
@@ -126,7 +126,7 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr,
126 struct rds_transport *trans, gfp_t gfp, 126 struct rds_transport *trans, gfp_t gfp,
127 int is_outgoing) 127 int is_outgoing)
128{ 128{
129 struct rds_connection *conn, *tmp, *parent = NULL; 129 struct rds_connection *conn, *parent = NULL;
130 struct hlist_head *head = rds_conn_bucket(laddr, faddr); 130 struct hlist_head *head = rds_conn_bucket(laddr, faddr);
131 unsigned long flags; 131 unsigned long flags;
132 int ret; 132 int ret;
@@ -155,7 +155,6 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr,
155 } 155 }
156 156
157 INIT_HLIST_NODE(&conn->c_hash_node); 157 INIT_HLIST_NODE(&conn->c_hash_node);
158 conn->c_version = RDS_PROTOCOL_3_0;
159 conn->c_laddr = laddr; 158 conn->c_laddr = laddr;
160 conn->c_faddr = faddr; 159 conn->c_faddr = faddr;
161 spin_lock_init(&conn->c_lock); 160 spin_lock_init(&conn->c_lock);
@@ -211,26 +210,40 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr,
211 trans->t_name ? trans->t_name : "[unknown]", 210 trans->t_name ? trans->t_name : "[unknown]",
212 is_outgoing ? "(outgoing)" : ""); 211 is_outgoing ? "(outgoing)" : "");
213 212
213 /*
214 * Since we ran without holding the conn lock, someone could
215 * have created the same conn (either normal or passive) in the
216 * interim. We check while holding the lock. If we won, we complete
217 * init and return our conn. If we lost, we rollback and return the
218 * other one.
219 */
214 spin_lock_irqsave(&rds_conn_lock, flags); 220 spin_lock_irqsave(&rds_conn_lock, flags);
215 if (parent == NULL) { 221 if (parent) {
216 tmp = rds_conn_lookup(head, laddr, faddr, trans); 222 /* Creating passive conn */
217 if (tmp == NULL) 223 if (parent->c_passive) {
218 hlist_add_head(&conn->c_hash_node, head); 224 trans->conn_free(conn->c_transport_data);
219 } else { 225 kmem_cache_free(rds_conn_slab, conn);
220 tmp = parent->c_passive; 226 conn = parent->c_passive;
221 if (!tmp) 227 } else {
222 parent->c_passive = conn; 228 parent->c_passive = conn;
223 } 229 rds_cong_add_conn(conn);
224 230 rds_conn_count++;
225 if (tmp) { 231 }
226 trans->conn_free(conn->c_transport_data);
227 kmem_cache_free(rds_conn_slab, conn);
228 conn = tmp;
229 } else { 232 } else {
230 rds_cong_add_conn(conn); 233 /* Creating normal conn */
231 rds_conn_count++; 234 struct rds_connection *found;
235
236 found = rds_conn_lookup(head, laddr, faddr, trans);
237 if (found) {
238 trans->conn_free(conn->c_transport_data);
239 kmem_cache_free(rds_conn_slab, conn);
240 conn = found;
241 } else {
242 hlist_add_head(&conn->c_hash_node, head);
243 rds_cong_add_conn(conn);
244 rds_conn_count++;
245 }
232 } 246 }
233
234 spin_unlock_irqrestore(&rds_conn_lock, flags); 247 spin_unlock_irqrestore(&rds_conn_lock, flags);
235 248
236out: 249out:
diff --git a/net/rds/ib.c b/net/rds/ib.c
index b9bcd32431e1..868559ac42d7 100644
--- a/net/rds/ib.c
+++ b/net/rds/ib.c
@@ -43,11 +43,14 @@
43 43
44unsigned int fmr_pool_size = RDS_FMR_POOL_SIZE; 44unsigned int fmr_pool_size = RDS_FMR_POOL_SIZE;
45unsigned int fmr_message_size = RDS_FMR_SIZE + 1; /* +1 allows for unaligned MRs */ 45unsigned int fmr_message_size = RDS_FMR_SIZE + 1; /* +1 allows for unaligned MRs */
46unsigned int rds_ib_retry_count = RDS_IB_DEFAULT_RETRY_COUNT;
46 47
47module_param(fmr_pool_size, int, 0444); 48module_param(fmr_pool_size, int, 0444);
48MODULE_PARM_DESC(fmr_pool_size, " Max number of fmr per HCA"); 49MODULE_PARM_DESC(fmr_pool_size, " Max number of fmr per HCA");
49module_param(fmr_message_size, int, 0444); 50module_param(fmr_message_size, int, 0444);
50MODULE_PARM_DESC(fmr_message_size, " Max size of a RDMA transfer"); 51MODULE_PARM_DESC(fmr_message_size, " Max size of a RDMA transfer");
52module_param(rds_ib_retry_count, int, 0444);
53MODULE_PARM_DESC(rds_ib_retry_count, " Number of hw retries before reporting an error");
51 54
52struct list_head rds_ib_devices; 55struct list_head rds_ib_devices;
53 56
@@ -82,9 +85,6 @@ void rds_ib_add_one(struct ib_device *device)
82 rds_ibdev->max_wrs = dev_attr->max_qp_wr; 85 rds_ibdev->max_wrs = dev_attr->max_qp_wr;
83 rds_ibdev->max_sge = min(dev_attr->max_sge, RDS_IB_MAX_SGE); 86 rds_ibdev->max_sge = min(dev_attr->max_sge, RDS_IB_MAX_SGE);
84 87
85 rds_ibdev->fmr_page_shift = max(9, ffs(dev_attr->page_size_cap) - 1);
86 rds_ibdev->fmr_page_size = 1 << rds_ibdev->fmr_page_shift;
87 rds_ibdev->fmr_page_mask = ~((u64) rds_ibdev->fmr_page_size - 1);
88 rds_ibdev->fmr_max_remaps = dev_attr->max_map_per_fmr?: 32; 88 rds_ibdev->fmr_max_remaps = dev_attr->max_map_per_fmr?: 32;
89 rds_ibdev->max_fmrs = dev_attr->max_fmr ? 89 rds_ibdev->max_fmrs = dev_attr->max_fmr ?
90 min_t(unsigned int, dev_attr->max_fmr, fmr_pool_size) : 90 min_t(unsigned int, dev_attr->max_fmr, fmr_pool_size) :
diff --git a/net/rds/ib.h b/net/rds/ib.h
index 455ae73047fe..1378b854cac0 100644
--- a/net/rds/ib.h
+++ b/net/rds/ib.h
@@ -15,6 +15,8 @@
15#define RDS_IB_DEFAULT_RECV_WR 1024 15#define RDS_IB_DEFAULT_RECV_WR 1024
16#define RDS_IB_DEFAULT_SEND_WR 256 16#define RDS_IB_DEFAULT_SEND_WR 256
17 17
18#define RDS_IB_DEFAULT_RETRY_COUNT 2
19
18#define RDS_IB_SUPPORTED_PROTOCOLS 0x00000003 /* minor versions supported */ 20#define RDS_IB_SUPPORTED_PROTOCOLS 0x00000003 /* minor versions supported */
19 21
20extern struct list_head rds_ib_devices; 22extern struct list_head rds_ib_devices;
@@ -157,9 +159,6 @@ struct rds_ib_device {
157 struct ib_pd *pd; 159 struct ib_pd *pd;
158 struct ib_mr *mr; 160 struct ib_mr *mr;
159 struct rds_ib_mr_pool *mr_pool; 161 struct rds_ib_mr_pool *mr_pool;
160 int fmr_page_shift;
161 int fmr_page_size;
162 u64 fmr_page_mask;
163 unsigned int fmr_max_remaps; 162 unsigned int fmr_max_remaps;
164 unsigned int max_fmrs; 163 unsigned int max_fmrs;
165 int max_sge; 164 int max_sge;
@@ -247,6 +246,7 @@ extern struct ib_client rds_ib_client;
247 246
248extern unsigned int fmr_pool_size; 247extern unsigned int fmr_pool_size;
249extern unsigned int fmr_message_size; 248extern unsigned int fmr_message_size;
249extern unsigned int rds_ib_retry_count;
250 250
251extern spinlock_t ib_nodev_conns_lock; 251extern spinlock_t ib_nodev_conns_lock;
252extern struct list_head ib_nodev_conns; 252extern struct list_head ib_nodev_conns;
@@ -355,17 +355,25 @@ extern ctl_table rds_ib_sysctl_table[];
355/* 355/*
356 * Helper functions for getting/setting the header and data SGEs in 356 * Helper functions for getting/setting the header and data SGEs in
357 * RDS packets (not RDMA) 357 * RDS packets (not RDMA)
358 *
359 * From version 3.1 onwards, header is in front of data in the sge.
358 */ 360 */
359static inline struct ib_sge * 361static inline struct ib_sge *
360rds_ib_header_sge(struct rds_ib_connection *ic, struct ib_sge *sge) 362rds_ib_header_sge(struct rds_ib_connection *ic, struct ib_sge *sge)
361{ 363{
362 return &sge[0]; 364 if (ic->conn->c_version > RDS_PROTOCOL_3_0)
365 return &sge[0];
366 else
367 return &sge[1];
363} 368}
364 369
365static inline struct ib_sge * 370static inline struct ib_sge *
366rds_ib_data_sge(struct rds_ib_connection *ic, struct ib_sge *sge) 371rds_ib_data_sge(struct rds_ib_connection *ic, struct ib_sge *sge)
367{ 372{
368 return &sge[1]; 373 if (ic->conn->c_version > RDS_PROTOCOL_3_0)
374 return &sge[1];
375 else
376 return &sge[0];
369} 377}
370 378
371#endif 379#endif
diff --git a/net/rds/ib_cm.c b/net/rds/ib_cm.c
index f8e40e1a6038..c2d372f13dbb 100644
--- a/net/rds/ib_cm.c
+++ b/net/rds/ib_cm.c
@@ -98,21 +98,34 @@ void rds_ib_cm_connect_complete(struct rds_connection *conn, struct rdma_cm_even
98 struct ib_qp_attr qp_attr; 98 struct ib_qp_attr qp_attr;
99 int err; 99 int err;
100 100
101 if (event->param.conn.private_data_len) { 101 if (event->param.conn.private_data_len >= sizeof(*dp)) {
102 dp = event->param.conn.private_data; 102 dp = event->param.conn.private_data;
103 103
104 rds_ib_set_protocol(conn, 104 /* make sure it isn't empty data */
105 if (dp->dp_protocol_major) {
106 rds_ib_set_protocol(conn,
105 RDS_PROTOCOL(dp->dp_protocol_major, 107 RDS_PROTOCOL(dp->dp_protocol_major,
106 dp->dp_protocol_minor)); 108 dp->dp_protocol_minor));
107 rds_ib_set_flow_control(conn, be32_to_cpu(dp->dp_credit)); 109 rds_ib_set_flow_control(conn, be32_to_cpu(dp->dp_credit));
110 }
108 } 111 }
109 112
110 printk(KERN_NOTICE "RDS/IB: connected to %pI4 version %u.%u%s\n", 113 printk(KERN_NOTICE "RDS/IB: connected to %pI4 version %u.%u%s\n",
111 &conn->c_laddr, 114 &conn->c_faddr,
112 RDS_PROTOCOL_MAJOR(conn->c_version), 115 RDS_PROTOCOL_MAJOR(conn->c_version),
113 RDS_PROTOCOL_MINOR(conn->c_version), 116 RDS_PROTOCOL_MINOR(conn->c_version),
114 ic->i_flowctl ? ", flow control" : ""); 117 ic->i_flowctl ? ", flow control" : "");
115 118
119 /*
120 * Init rings and fill recv. this needs to wait until protocol negotiation
121 * is complete, since ring layout is different from 3.0 to 3.1.
122 */
123 rds_ib_send_init_ring(ic);
124 rds_ib_recv_init_ring(ic);
125 /* Post receive buffers - as a side effect, this will update
126 * the posted credit count. */
127 rds_ib_recv_refill(conn, GFP_KERNEL, GFP_HIGHUSER, 1);
128
116 /* Tune RNR behavior */ 129 /* Tune RNR behavior */
117 rds_ib_tune_rnr(ic, &qp_attr); 130 rds_ib_tune_rnr(ic, &qp_attr);
118 131
@@ -145,7 +158,7 @@ static void rds_ib_cm_fill_conn_param(struct rds_connection *conn,
145 /* XXX tune these? */ 158 /* XXX tune these? */
146 conn_param->responder_resources = 1; 159 conn_param->responder_resources = 1;
147 conn_param->initiator_depth = 1; 160 conn_param->initiator_depth = 1;
148 conn_param->retry_count = 7; 161 conn_param->retry_count = min_t(unsigned int, rds_ib_retry_count, 7);
149 conn_param->rnr_retry_count = 7; 162 conn_param->rnr_retry_count = 7;
150 163
151 if (dp) { 164 if (dp) {
@@ -190,9 +203,9 @@ static void rds_ib_qp_event_handler(struct ib_event *event, void *data)
190 rdma_notify(ic->i_cm_id, IB_EVENT_COMM_EST); 203 rdma_notify(ic->i_cm_id, IB_EVENT_COMM_EST);
191 break; 204 break;
192 default: 205 default:
193 printk(KERN_WARNING "RDS/ib: unhandled QP event %u " 206 rds_ib_conn_error(conn, "RDS/IB: Fatal QP Event %u "
194 "on connection to %pI4\n", event->event, 207 "- connection %pI4->%pI4, reconnecting\n",
195 &conn->c_faddr); 208 event->event, &conn->c_laddr, &conn->c_faddr);
196 break; 209 break;
197 } 210 }
198} 211}
@@ -321,7 +334,7 @@ static int rds_ib_setup_qp(struct rds_connection *conn)
321 rdsdebug("send allocation failed\n"); 334 rdsdebug("send allocation failed\n");
322 goto out; 335 goto out;
323 } 336 }
324 rds_ib_send_init_ring(ic); 337 memset(ic->i_sends, 0, ic->i_send_ring.w_nr * sizeof(struct rds_ib_send_work));
325 338
326 ic->i_recvs = vmalloc(ic->i_recv_ring.w_nr * sizeof(struct rds_ib_recv_work)); 339 ic->i_recvs = vmalloc(ic->i_recv_ring.w_nr * sizeof(struct rds_ib_recv_work));
327 if (ic->i_recvs == NULL) { 340 if (ic->i_recvs == NULL) {
@@ -329,14 +342,10 @@ static int rds_ib_setup_qp(struct rds_connection *conn)
329 rdsdebug("recv allocation failed\n"); 342 rdsdebug("recv allocation failed\n");
330 goto out; 343 goto out;
331 } 344 }
345 memset(ic->i_recvs, 0, ic->i_recv_ring.w_nr * sizeof(struct rds_ib_recv_work));
332 346
333 rds_ib_recv_init_ring(ic);
334 rds_ib_recv_init_ack(ic); 347 rds_ib_recv_init_ack(ic);
335 348
336 /* Post receive buffers - as a side effect, this will update
337 * the posted credit count. */
338 rds_ib_recv_refill(conn, GFP_KERNEL, GFP_HIGHUSER, 1);
339
340 rdsdebug("conn %p pd %p mr %p cq %p %p\n", conn, ic->i_pd, ic->i_mr, 349 rdsdebug("conn %p pd %p mr %p cq %p %p\n", conn, ic->i_pd, ic->i_mr,
341 ic->i_send_cq, ic->i_recv_cq); 350 ic->i_send_cq, ic->i_recv_cq);
342 351
@@ -344,19 +353,32 @@ out:
344 return ret; 353 return ret;
345} 354}
346 355
347static u32 rds_ib_protocol_compatible(const struct rds_ib_connect_private *dp) 356static u32 rds_ib_protocol_compatible(struct rdma_cm_event *event)
348{ 357{
358 const struct rds_ib_connect_private *dp = event->param.conn.private_data;
349 u16 common; 359 u16 common;
350 u32 version = 0; 360 u32 version = 0;
351 361
352 /* rdma_cm private data is odd - when there is any private data in the 362 /*
363 * rdma_cm private data is odd - when there is any private data in the
353 * request, we will be given a pretty large buffer without telling us the 364 * request, we will be given a pretty large buffer without telling us the
354 * original size. The only way to tell the difference is by looking at 365 * original size. The only way to tell the difference is by looking at
355 * the contents, which are initialized to zero. 366 * the contents, which are initialized to zero.
356 * If the protocol version fields aren't set, this is a connection attempt 367 * If the protocol version fields aren't set, this is a connection attempt
357 * from an older version. This could could be 3.0 or 2.0 - we can't tell. 368 * from an older version. This could could be 3.0 or 2.0 - we can't tell.
358 * We really should have changed this for OFED 1.3 :-( */ 369 * We really should have changed this for OFED 1.3 :-(
359 if (dp->dp_protocol_major == 0) 370 */
371
372 /* Be paranoid. RDS always has privdata */
373 if (!event->param.conn.private_data_len) {
374 printk(KERN_NOTICE "RDS incoming connection has no private data, "
375 "rejecting\n");
376 return 0;
377 }
378
379 /* Even if len is crap *now* I still want to check it. -ASG */
380 if (event->param.conn.private_data_len < sizeof (*dp)
381 || dp->dp_protocol_major == 0)
360 return RDS_PROTOCOL_3_0; 382 return RDS_PROTOCOL_3_0;
361 383
362 common = be16_to_cpu(dp->dp_protocol_minor_mask) & RDS_IB_SUPPORTED_PROTOCOLS; 384 common = be16_to_cpu(dp->dp_protocol_minor_mask) & RDS_IB_SUPPORTED_PROTOCOLS;
@@ -388,7 +410,7 @@ int rds_ib_cm_handle_connect(struct rdma_cm_id *cm_id,
388 int err, destroy = 1; 410 int err, destroy = 1;
389 411
390 /* Check whether the remote protocol version matches ours. */ 412 /* Check whether the remote protocol version matches ours. */
391 version = rds_ib_protocol_compatible(dp); 413 version = rds_ib_protocol_compatible(event);
392 if (!version) 414 if (!version)
393 goto out; 415 goto out;
394 416
diff --git a/net/rds/ib_rdma.c b/net/rds/ib_rdma.c
index 81033af93020..ef3ab5b7283e 100644
--- a/net/rds/ib_rdma.c
+++ b/net/rds/ib_rdma.c
@@ -211,7 +211,7 @@ struct rds_ib_mr_pool *rds_ib_create_mr_pool(struct rds_ib_device *rds_ibdev)
211 211
212 pool->fmr_attr.max_pages = fmr_message_size; 212 pool->fmr_attr.max_pages = fmr_message_size;
213 pool->fmr_attr.max_maps = rds_ibdev->fmr_max_remaps; 213 pool->fmr_attr.max_maps = rds_ibdev->fmr_max_remaps;
214 pool->fmr_attr.page_shift = rds_ibdev->fmr_page_shift; 214 pool->fmr_attr.page_shift = PAGE_SHIFT;
215 pool->max_free_pinned = rds_ibdev->max_fmrs * fmr_message_size / 4; 215 pool->max_free_pinned = rds_ibdev->max_fmrs * fmr_message_size / 4;
216 216
217 /* We never allow more than max_items MRs to be allocated. 217 /* We never allow more than max_items MRs to be allocated.
@@ -349,13 +349,13 @@ static int rds_ib_map_fmr(struct rds_ib_device *rds_ibdev, struct rds_ib_mr *ibm
349 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]); 349 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]);
350 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]); 350 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]);
351 351
352 if (dma_addr & ~rds_ibdev->fmr_page_mask) { 352 if (dma_addr & ~PAGE_MASK) {
353 if (i > 0) 353 if (i > 0)
354 return -EINVAL; 354 return -EINVAL;
355 else 355 else
356 ++page_cnt; 356 ++page_cnt;
357 } 357 }
358 if ((dma_addr + dma_len) & ~rds_ibdev->fmr_page_mask) { 358 if ((dma_addr + dma_len) & ~PAGE_MASK) {
359 if (i < sg_dma_len - 1) 359 if (i < sg_dma_len - 1)
360 return -EINVAL; 360 return -EINVAL;
361 else 361 else
@@ -365,7 +365,7 @@ static int rds_ib_map_fmr(struct rds_ib_device *rds_ibdev, struct rds_ib_mr *ibm
365 len += dma_len; 365 len += dma_len;
366 } 366 }
367 367
368 page_cnt += len >> rds_ibdev->fmr_page_shift; 368 page_cnt += len >> PAGE_SHIFT;
369 if (page_cnt > fmr_message_size) 369 if (page_cnt > fmr_message_size)
370 return -EINVAL; 370 return -EINVAL;
371 371
@@ -378,9 +378,9 @@ static int rds_ib_map_fmr(struct rds_ib_device *rds_ibdev, struct rds_ib_mr *ibm
378 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]); 378 unsigned int dma_len = ib_sg_dma_len(dev, &scat[i]);
379 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]); 379 u64 dma_addr = ib_sg_dma_address(dev, &scat[i]);
380 380
381 for (j = 0; j < dma_len; j += rds_ibdev->fmr_page_size) 381 for (j = 0; j < dma_len; j += PAGE_SIZE)
382 dma_pages[page_cnt++] = 382 dma_pages[page_cnt++] =
383 (dma_addr & rds_ibdev->fmr_page_mask) + j; 383 (dma_addr & PAGE_MASK) + j;
384 } 384 }
385 385
386 ret = ib_map_phys_fmr(ibmr->fmr, 386 ret = ib_map_phys_fmr(ibmr->fmr,
diff --git a/net/rds/ib_recv.c b/net/rds/ib_recv.c
index 5709bad28329..cd7a6cfcab03 100644
--- a/net/rds/ib_recv.c
+++ b/net/rds/ib_recv.c
@@ -555,6 +555,47 @@ u64 rds_ib_piggyb_ack(struct rds_ib_connection *ic)
555 return rds_ib_get_ack(ic); 555 return rds_ib_get_ack(ic);
556} 556}
557 557
558static struct rds_header *rds_ib_get_header(struct rds_connection *conn,
559 struct rds_ib_recv_work *recv,
560 u32 data_len)
561{
562 struct rds_ib_connection *ic = conn->c_transport_data;
563 void *hdr_buff = &ic->i_recv_hdrs[recv - ic->i_recvs];
564 void *addr;
565 u32 misplaced_hdr_bytes;
566
567 /*
568 * Support header at the front (RDS 3.1+) as well as header-at-end.
569 *
570 * Cases:
571 * 1) header all in header buff (great!)
572 * 2) header all in data page (copy all to header buff)
573 * 3) header split across hdr buf + data page
574 * (move bit in hdr buff to end before copying other bit from data page)
575 */
576 if (conn->c_version > RDS_PROTOCOL_3_0 || data_len == RDS_FRAG_SIZE)
577 return hdr_buff;
578
579 if (data_len <= (RDS_FRAG_SIZE - sizeof(struct rds_header))) {
580 addr = kmap_atomic(recv->r_frag->f_page, KM_SOFTIRQ0);
581 memcpy(hdr_buff,
582 addr + recv->r_frag->f_offset + data_len,
583 sizeof(struct rds_header));
584 kunmap_atomic(addr, KM_SOFTIRQ0);
585 return hdr_buff;
586 }
587
588 misplaced_hdr_bytes = (sizeof(struct rds_header) - (RDS_FRAG_SIZE - data_len));
589
590 memmove(hdr_buff + misplaced_hdr_bytes, hdr_buff, misplaced_hdr_bytes);
591
592 addr = kmap_atomic(recv->r_frag->f_page, KM_SOFTIRQ0);
593 memcpy(hdr_buff, addr + recv->r_frag->f_offset + data_len,
594 sizeof(struct rds_header) - misplaced_hdr_bytes);
595 kunmap_atomic(addr, KM_SOFTIRQ0);
596 return hdr_buff;
597}
598
558/* 599/*
559 * It's kind of lame that we're copying from the posted receive pages into 600 * It's kind of lame that we're copying from the posted receive pages into
560 * long-lived bitmaps. We could have posted the bitmaps and rdma written into 601 * long-lived bitmaps. We could have posted the bitmaps and rdma written into
@@ -645,7 +686,7 @@ struct rds_ib_ack_state {
645}; 686};
646 687
647static void rds_ib_process_recv(struct rds_connection *conn, 688static void rds_ib_process_recv(struct rds_connection *conn,
648 struct rds_ib_recv_work *recv, u32 byte_len, 689 struct rds_ib_recv_work *recv, u32 data_len,
649 struct rds_ib_ack_state *state) 690 struct rds_ib_ack_state *state)
650{ 691{
651 struct rds_ib_connection *ic = conn->c_transport_data; 692 struct rds_ib_connection *ic = conn->c_transport_data;
@@ -655,9 +696,9 @@ static void rds_ib_process_recv(struct rds_connection *conn,
655 /* XXX shut down the connection if port 0,0 are seen? */ 696 /* XXX shut down the connection if port 0,0 are seen? */
656 697
657 rdsdebug("ic %p ibinc %p recv %p byte len %u\n", ic, ibinc, recv, 698 rdsdebug("ic %p ibinc %p recv %p byte len %u\n", ic, ibinc, recv,
658 byte_len); 699 data_len);
659 700
660 if (byte_len < sizeof(struct rds_header)) { 701 if (data_len < sizeof(struct rds_header)) {
661 rds_ib_conn_error(conn, "incoming message " 702 rds_ib_conn_error(conn, "incoming message "
662 "from %pI4 didn't inclue a " 703 "from %pI4 didn't inclue a "
663 "header, disconnecting and " 704 "header, disconnecting and "
@@ -665,9 +706,9 @@ static void rds_ib_process_recv(struct rds_connection *conn,
665 &conn->c_faddr); 706 &conn->c_faddr);
666 return; 707 return;
667 } 708 }
668 byte_len -= sizeof(struct rds_header); 709 data_len -= sizeof(struct rds_header);
669 710
670 ihdr = &ic->i_recv_hdrs[recv - ic->i_recvs]; 711 ihdr = rds_ib_get_header(conn, recv, data_len);
671 712
672 /* Validate the checksum. */ 713 /* Validate the checksum. */
673 if (!rds_message_verify_checksum(ihdr)) { 714 if (!rds_message_verify_checksum(ihdr)) {
@@ -687,7 +728,7 @@ static void rds_ib_process_recv(struct rds_connection *conn,
687 if (ihdr->h_credit) 728 if (ihdr->h_credit)
688 rds_ib_send_add_credits(conn, ihdr->h_credit); 729 rds_ib_send_add_credits(conn, ihdr->h_credit);
689 730
690 if (ihdr->h_sport == 0 && ihdr->h_dport == 0 && byte_len == 0) { 731 if (ihdr->h_sport == 0 && ihdr->h_dport == 0 && data_len == 0) {
691 /* This is an ACK-only packet. The fact that it gets 732 /* This is an ACK-only packet. The fact that it gets
692 * special treatment here is that historically, ACKs 733 * special treatment here is that historically, ACKs
693 * were rather special beasts. 734 * were rather special beasts.
diff --git a/net/rds/ib_stats.c b/net/rds/ib_stats.c
index 02e3e3d50d4a..8d8488306fe4 100644
--- a/net/rds/ib_stats.c
+++ b/net/rds/ib_stats.c
@@ -39,7 +39,7 @@
39 39
40DEFINE_PER_CPU(struct rds_ib_statistics, rds_ib_stats) ____cacheline_aligned; 40DEFINE_PER_CPU(struct rds_ib_statistics, rds_ib_stats) ____cacheline_aligned;
41 41
42static char *rds_ib_stat_names[] = { 42static const char *const rds_ib_stat_names[] = {
43 "ib_connect_raced", 43 "ib_connect_raced",
44 "ib_listen_closed_stale", 44 "ib_listen_closed_stale",
45 "ib_tx_cq_call", 45 "ib_tx_cq_call",
diff --git a/net/rds/ib_sysctl.c b/net/rds/ib_sysctl.c
index d87830db93a0..84b5ffcb280f 100644
--- a/net/rds/ib_sysctl.c
+++ b/net/rds/ib_sysctl.c
@@ -53,7 +53,17 @@ unsigned long rds_ib_sysctl_max_unsig_bytes = (16 << 20);
53static unsigned long rds_ib_sysctl_max_unsig_bytes_min = 1; 53static unsigned long rds_ib_sysctl_max_unsig_bytes_min = 1;
54static unsigned long rds_ib_sysctl_max_unsig_bytes_max = ~0UL; 54static unsigned long rds_ib_sysctl_max_unsig_bytes_max = ~0UL;
55 55
56unsigned int rds_ib_sysctl_flow_control = 1; 56/*
57 * This sysctl does nothing.
58 *
59 * Backwards compatibility with RDS 3.0 wire protocol
60 * disables initial FC credit exchange.
61 * If it's ever possible to drop 3.0 support,
62 * setting this to 1 and moving init/refill of send/recv
63 * rings from ib_cm_connect_complete() back into ib_setup_qp()
64 * will cause credits to be added before protocol negotiation.
65 */
66unsigned int rds_ib_sysctl_flow_control = 0;
57 67
58ctl_table rds_ib_sysctl_table[] = { 68ctl_table rds_ib_sysctl_table[] = {
59 { 69 {
diff --git a/net/rds/iw.c b/net/rds/iw.c
index d16e1cbc8e83..f5e9a29a80a7 100644
--- a/net/rds/iw.c
+++ b/net/rds/iw.c
@@ -83,23 +83,16 @@ void rds_iw_add_one(struct ib_device *device)
83 rds_iwdev->max_wrs = dev_attr->max_qp_wr; 83 rds_iwdev->max_wrs = dev_attr->max_qp_wr;
84 rds_iwdev->max_sge = min(dev_attr->max_sge, RDS_IW_MAX_SGE); 84 rds_iwdev->max_sge = min(dev_attr->max_sge, RDS_IW_MAX_SGE);
85 85
86 rds_iwdev->page_shift = max(PAGE_SHIFT, ffs(dev_attr->page_size_cap) - 1);
87
88 rds_iwdev->dev = device; 86 rds_iwdev->dev = device;
89 rds_iwdev->pd = ib_alloc_pd(device); 87 rds_iwdev->pd = ib_alloc_pd(device);
90 if (IS_ERR(rds_iwdev->pd)) 88 if (IS_ERR(rds_iwdev->pd))
91 goto free_dev; 89 goto free_dev;
92 90
93 if (!rds_iwdev->dma_local_lkey) { 91 if (!rds_iwdev->dma_local_lkey) {
94 if (device->node_type != RDMA_NODE_RNIC) { 92 rds_iwdev->mr = ib_get_dma_mr(rds_iwdev->pd,
95 rds_iwdev->mr = ib_get_dma_mr(rds_iwdev->pd, 93 IB_ACCESS_REMOTE_READ |
96 IB_ACCESS_LOCAL_WRITE); 94 IB_ACCESS_REMOTE_WRITE |
97 } else { 95 IB_ACCESS_LOCAL_WRITE);
98 rds_iwdev->mr = ib_get_dma_mr(rds_iwdev->pd,
99 IB_ACCESS_REMOTE_READ |
100 IB_ACCESS_REMOTE_WRITE |
101 IB_ACCESS_LOCAL_WRITE);
102 }
103 if (IS_ERR(rds_iwdev->mr)) 96 if (IS_ERR(rds_iwdev->mr))
104 goto err_pd; 97 goto err_pd;
105 } else 98 } else
diff --git a/net/rds/iw.h b/net/rds/iw.h
index 0715dde323e7..dd72b62bd506 100644
--- a/net/rds/iw.h
+++ b/net/rds/iw.h
@@ -181,7 +181,6 @@ struct rds_iw_device {
181 struct ib_pd *pd; 181 struct ib_pd *pd;
182 struct ib_mr *mr; 182 struct ib_mr *mr;
183 struct rds_iw_mr_pool *mr_pool; 183 struct rds_iw_mr_pool *mr_pool;
184 int page_shift;
185 int max_sge; 184 int max_sge;
186 unsigned int max_wrs; 185 unsigned int max_wrs;
187 unsigned int dma_local_lkey:1; 186 unsigned int dma_local_lkey:1;
diff --git a/net/rds/iw_rdma.c b/net/rds/iw_rdma.c
index dcdb37da80f2..de4a1b16bf7b 100644
--- a/net/rds/iw_rdma.c
+++ b/net/rds/iw_rdma.c
@@ -263,18 +263,12 @@ static void rds_iw_set_scatterlist(struct rds_iw_scatterlist *sg,
263} 263}
264 264
265static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev, 265static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev,
266 struct rds_iw_scatterlist *sg, 266 struct rds_iw_scatterlist *sg)
267 unsigned int dma_page_shift)
268{ 267{
269 struct ib_device *dev = rds_iwdev->dev; 268 struct ib_device *dev = rds_iwdev->dev;
270 u64 *dma_pages = NULL; 269 u64 *dma_pages = NULL;
271 u64 dma_mask;
272 unsigned int dma_page_size;
273 int i, j, ret; 270 int i, j, ret;
274 271
275 dma_page_size = 1 << dma_page_shift;
276 dma_mask = dma_page_size - 1;
277
278 WARN_ON(sg->dma_len); 272 WARN_ON(sg->dma_len);
279 273
280 sg->dma_len = ib_dma_map_sg(dev, sg->list, sg->len, DMA_BIDIRECTIONAL); 274 sg->dma_len = ib_dma_map_sg(dev, sg->list, sg->len, DMA_BIDIRECTIONAL);
@@ -295,18 +289,18 @@ static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev,
295 sg->bytes += dma_len; 289 sg->bytes += dma_len;
296 290
297 end_addr = dma_addr + dma_len; 291 end_addr = dma_addr + dma_len;
298 if (dma_addr & dma_mask) { 292 if (dma_addr & PAGE_MASK) {
299 if (i > 0) 293 if (i > 0)
300 goto out_unmap; 294 goto out_unmap;
301 dma_addr &= ~dma_mask; 295 dma_addr &= ~PAGE_MASK;
302 } 296 }
303 if (end_addr & dma_mask) { 297 if (end_addr & PAGE_MASK) {
304 if (i < sg->dma_len - 1) 298 if (i < sg->dma_len - 1)
305 goto out_unmap; 299 goto out_unmap;
306 end_addr = (end_addr + dma_mask) & ~dma_mask; 300 end_addr = (end_addr + PAGE_MASK) & ~PAGE_MASK;
307 } 301 }
308 302
309 sg->dma_npages += (end_addr - dma_addr) >> dma_page_shift; 303 sg->dma_npages += (end_addr - dma_addr) >> PAGE_SHIFT;
310 } 304 }
311 305
312 /* Now gather the dma addrs into one list */ 306 /* Now gather the dma addrs into one list */
@@ -325,8 +319,8 @@ static u64 *rds_iw_map_scatterlist(struct rds_iw_device *rds_iwdev,
325 u64 end_addr; 319 u64 end_addr;
326 320
327 end_addr = dma_addr + dma_len; 321 end_addr = dma_addr + dma_len;
328 dma_addr &= ~dma_mask; 322 dma_addr &= ~PAGE_MASK;
329 for (; dma_addr < end_addr; dma_addr += dma_page_size) 323 for (; dma_addr < end_addr; dma_addr += PAGE_SIZE)
330 dma_pages[j++] = dma_addr; 324 dma_pages[j++] = dma_addr;
331 BUG_ON(j > sg->dma_npages); 325 BUG_ON(j > sg->dma_npages);
332 } 326 }
@@ -727,7 +721,7 @@ static int rds_iw_rdma_build_fastreg(struct rds_iw_mapping *mapping)
727 f_wr.wr.fast_reg.rkey = mapping->m_rkey; 721 f_wr.wr.fast_reg.rkey = mapping->m_rkey;
728 f_wr.wr.fast_reg.page_list = ibmr->page_list; 722 f_wr.wr.fast_reg.page_list = ibmr->page_list;
729 f_wr.wr.fast_reg.page_list_len = mapping->m_sg.dma_len; 723 f_wr.wr.fast_reg.page_list_len = mapping->m_sg.dma_len;
730 f_wr.wr.fast_reg.page_shift = ibmr->device->page_shift; 724 f_wr.wr.fast_reg.page_shift = PAGE_SHIFT;
731 f_wr.wr.fast_reg.access_flags = IB_ACCESS_LOCAL_WRITE | 725 f_wr.wr.fast_reg.access_flags = IB_ACCESS_LOCAL_WRITE |
732 IB_ACCESS_REMOTE_READ | 726 IB_ACCESS_REMOTE_READ |
733 IB_ACCESS_REMOTE_WRITE; 727 IB_ACCESS_REMOTE_WRITE;
@@ -780,9 +774,7 @@ static int rds_iw_map_fastreg(struct rds_iw_mr_pool *pool,
780 774
781 rds_iw_set_scatterlist(&mapping->m_sg, sg, sg_len); 775 rds_iw_set_scatterlist(&mapping->m_sg, sg, sg_len);
782 776
783 dma_pages = rds_iw_map_scatterlist(rds_iwdev, 777 dma_pages = rds_iw_map_scatterlist(rds_iwdev, &mapping->m_sg);
784 &mapping->m_sg,
785 rds_iwdev->page_shift);
786 if (IS_ERR(dma_pages)) { 778 if (IS_ERR(dma_pages)) {
787 ret = PTR_ERR(dma_pages); 779 ret = PTR_ERR(dma_pages);
788 dma_pages = NULL; 780 dma_pages = NULL;
diff --git a/net/rds/iw_send.c b/net/rds/iw_send.c
index 44a6a0551f28..1f5abe3cf2b4 100644
--- a/net/rds/iw_send.c
+++ b/net/rds/iw_send.c
@@ -779,7 +779,7 @@ static void rds_iw_build_send_fastreg(struct rds_iw_device *rds_iwdev, struct rd
779 send->s_wr.wr.fast_reg.rkey = send->s_mr->rkey; 779 send->s_wr.wr.fast_reg.rkey = send->s_mr->rkey;
780 send->s_wr.wr.fast_reg.page_list = send->s_page_list; 780 send->s_wr.wr.fast_reg.page_list = send->s_page_list;
781 send->s_wr.wr.fast_reg.page_list_len = nent; 781 send->s_wr.wr.fast_reg.page_list_len = nent;
782 send->s_wr.wr.fast_reg.page_shift = rds_iwdev->page_shift; 782 send->s_wr.wr.fast_reg.page_shift = PAGE_SHIFT;
783 send->s_wr.wr.fast_reg.access_flags = IB_ACCESS_REMOTE_WRITE; 783 send->s_wr.wr.fast_reg.access_flags = IB_ACCESS_REMOTE_WRITE;
784 send->s_wr.wr.fast_reg.iova_start = sg_addr; 784 send->s_wr.wr.fast_reg.iova_start = sg_addr;
785 785
diff --git a/net/rds/iw_stats.c b/net/rds/iw_stats.c
index ccc7e8f0bf0e..d33ea790484e 100644
--- a/net/rds/iw_stats.c
+++ b/net/rds/iw_stats.c
@@ -39,7 +39,7 @@
39 39
40DEFINE_PER_CPU(struct rds_iw_statistics, rds_iw_stats) ____cacheline_aligned; 40DEFINE_PER_CPU(struct rds_iw_statistics, rds_iw_stats) ____cacheline_aligned;
41 41
42static char *rds_iw_stat_names[] = { 42static const char *const rds_iw_stat_names[] = {
43 "iw_connect_raced", 43 "iw_connect_raced",
44 "iw_listen_closed_stale", 44 "iw_listen_closed_stale",
45 "iw_tx_cq_call", 45 "iw_tx_cq_call",
diff --git a/net/rds/rdma_transport.c b/net/rds/rdma_transport.c
index 7d0f901c93d5..7a6c748cb56c 100644
--- a/net/rds/rdma_transport.c
+++ b/net/rds/rdma_transport.c
@@ -101,7 +101,7 @@ int rds_rdma_cm_event_handler(struct rdma_cm_id *cm_id,
101 break; 101 break;
102 102
103 case RDMA_CM_EVENT_DISCONNECTED: 103 case RDMA_CM_EVENT_DISCONNECTED:
104 printk(KERN_WARNING "RDS/IW: DISCONNECT event - dropping connection " 104 printk(KERN_WARNING "RDS/RDMA: DISCONNECT event - dropping connection "
105 "%pI4->%pI4\n", &conn->c_laddr, 105 "%pI4->%pI4\n", &conn->c_laddr,
106 &conn->c_faddr); 106 &conn->c_faddr);
107 rds_conn_drop(conn); 107 rds_conn_drop(conn);
@@ -132,12 +132,12 @@ static int __init rds_rdma_listen_init(void)
132 cm_id = rdma_create_id(rds_rdma_cm_event_handler, NULL, RDMA_PS_TCP); 132 cm_id = rdma_create_id(rds_rdma_cm_event_handler, NULL, RDMA_PS_TCP);
133 if (IS_ERR(cm_id)) { 133 if (IS_ERR(cm_id)) {
134 ret = PTR_ERR(cm_id); 134 ret = PTR_ERR(cm_id);
135 printk(KERN_ERR "RDS/IW: failed to setup listener, " 135 printk(KERN_ERR "RDS/RDMA: failed to setup listener, "
136 "rdma_create_id() returned %d\n", ret); 136 "rdma_create_id() returned %d\n", ret);
137 goto out; 137 goto out;
138 } 138 }
139 139
140 sin.sin_family = PF_INET, 140 sin.sin_family = AF_INET,
141 sin.sin_addr.s_addr = (__force u32)htonl(INADDR_ANY); 141 sin.sin_addr.s_addr = (__force u32)htonl(INADDR_ANY);
142 sin.sin_port = (__force u16)htons(RDS_PORT); 142 sin.sin_port = (__force u16)htons(RDS_PORT);
143 143
@@ -147,14 +147,14 @@ static int __init rds_rdma_listen_init(void)
147 */ 147 */
148 ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin); 148 ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin);
149 if (ret) { 149 if (ret) {
150 printk(KERN_ERR "RDS/IW: failed to setup listener, " 150 printk(KERN_ERR "RDS/RDMA: failed to setup listener, "
151 "rdma_bind_addr() returned %d\n", ret); 151 "rdma_bind_addr() returned %d\n", ret);
152 goto out; 152 goto out;
153 } 153 }
154 154
155 ret = rdma_listen(cm_id, 128); 155 ret = rdma_listen(cm_id, 128);
156 if (ret) { 156 if (ret) {
157 printk(KERN_ERR "RDS/IW: failed to setup listener, " 157 printk(KERN_ERR "RDS/RDMA: failed to setup listener, "
158 "rdma_listen() returned %d\n", ret); 158 "rdma_listen() returned %d\n", ret);
159 goto out; 159 goto out;
160 } 160 }
diff --git a/net/rds/rds.h b/net/rds/rds.h
index dbe111236783..290566c69d28 100644
--- a/net/rds/rds.h
+++ b/net/rds/rds.h
@@ -652,7 +652,8 @@ DECLARE_PER_CPU_SHARED_ALIGNED(struct rds_statistics, rds_stats);
652int __init rds_stats_init(void); 652int __init rds_stats_init(void);
653void rds_stats_exit(void); 653void rds_stats_exit(void);
654void rds_stats_info_copy(struct rds_info_iterator *iter, 654void rds_stats_info_copy(struct rds_info_iterator *iter,
655 uint64_t *values, char **names, size_t nr); 655 uint64_t *values, const char *const *names,
656 size_t nr);
656 657
657/* sysctl.c */ 658/* sysctl.c */
658int __init rds_sysctl_init(void); 659int __init rds_sysctl_init(void);
diff --git a/net/rds/recv.c b/net/rds/recv.c
index f2118c51cfa3..86bc1a06ebbd 100644
--- a/net/rds/recv.c
+++ b/net/rds/recv.c
@@ -409,18 +409,18 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
409 if (msg_flags & MSG_OOB) 409 if (msg_flags & MSG_OOB)
410 goto out; 410 goto out;
411 411
412 /* If there are pending notifications, do those - and nothing else */ 412 while (1) {
413 if (!list_empty(&rs->rs_notify_queue)) { 413 /* If there are pending notifications, do those - and nothing else */
414 ret = rds_notify_queue_get(rs, msg); 414 if (!list_empty(&rs->rs_notify_queue)) {
415 goto out; 415 ret = rds_notify_queue_get(rs, msg);
416 } 416 break;
417 }
417 418
418 if (rs->rs_cong_notify) { 419 if (rs->rs_cong_notify) {
419 ret = rds_notify_cong(rs, msg); 420 ret = rds_notify_cong(rs, msg);
420 goto out; 421 break;
421 } 422 }
422 423
423 while (1) {
424 if (!rds_next_incoming(rs, &inc)) { 424 if (!rds_next_incoming(rs, &inc)) {
425 if (nonblock) { 425 if (nonblock) {
426 ret = -EAGAIN; 426 ret = -EAGAIN;
@@ -428,7 +428,9 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
428 } 428 }
429 429
430 timeo = wait_event_interruptible_timeout(*sk->sk_sleep, 430 timeo = wait_event_interruptible_timeout(*sk->sk_sleep,
431 rds_next_incoming(rs, &inc), 431 (!list_empty(&rs->rs_notify_queue)
432 || rs->rs_cong_notify
433 || rds_next_incoming(rs, &inc)),
432 timeo); 434 timeo);
433 rdsdebug("recvmsg woke inc %p timeo %ld\n", inc, 435 rdsdebug("recvmsg woke inc %p timeo %ld\n", inc,
434 timeo); 436 timeo);
diff --git a/net/rds/stats.c b/net/rds/stats.c
index 637146893cf3..91d8c58b8335 100644
--- a/net/rds/stats.c
+++ b/net/rds/stats.c
@@ -40,7 +40,7 @@ DEFINE_PER_CPU_SHARED_ALIGNED(struct rds_statistics, rds_stats);
40 40
41/* :.,$s/unsigned long\>.*\<s_\(.*\);/"\1",/g */ 41/* :.,$s/unsigned long\>.*\<s_\(.*\);/"\1",/g */
42 42
43static char *rds_stat_names[] = { 43static const char *const rds_stat_names[] = {
44 "conn_reset", 44 "conn_reset",
45 "recv_drop_bad_checksum", 45 "recv_drop_bad_checksum",
46 "recv_drop_old_seq", 46 "recv_drop_old_seq",
@@ -77,7 +77,7 @@ static char *rds_stat_names[] = {
77}; 77};
78 78
79void rds_stats_info_copy(struct rds_info_iterator *iter, 79void rds_stats_info_copy(struct rds_info_iterator *iter,
80 uint64_t *values, char **names, size_t nr) 80 uint64_t *values, const char *const *names, size_t nr)
81{ 81{
82 struct rds_info_counter ctr; 82 struct rds_info_counter ctr;
83 size_t i; 83 size_t i;
diff --git a/net/rfkill/core.c b/net/rfkill/core.c
index 2fc4a1724eb8..dbeaf2983822 100644
--- a/net/rfkill/core.c
+++ b/net/rfkill/core.c
@@ -589,11 +589,13 @@ static const char *rfkill_get_type_str(enum rfkill_type type)
589 return "wimax"; 589 return "wimax";
590 case RFKILL_TYPE_WWAN: 590 case RFKILL_TYPE_WWAN:
591 return "wwan"; 591 return "wwan";
592 case RFKILL_TYPE_GPS:
593 return "gps";
592 default: 594 default:
593 BUG(); 595 BUG();
594 } 596 }
595 597
596 BUILD_BUG_ON(NUM_RFKILL_TYPES != RFKILL_TYPE_WWAN + 1); 598 BUILD_BUG_ON(NUM_RFKILL_TYPES != RFKILL_TYPE_GPS + 1);
597} 599}
598 600
599static ssize_t rfkill_type_show(struct device *dev, 601static ssize_t rfkill_type_show(struct device *dev,
@@ -1091,10 +1093,16 @@ static ssize_t rfkill_fop_write(struct file *file, const char __user *buf,
1091 struct rfkill_event ev; 1093 struct rfkill_event ev;
1092 1094
1093 /* we don't need the 'hard' variable but accept it */ 1095 /* we don't need the 'hard' variable but accept it */
1094 if (count < sizeof(ev) - 1) 1096 if (count < RFKILL_EVENT_SIZE_V1 - 1)
1095 return -EINVAL; 1097 return -EINVAL;
1096 1098
1097 if (copy_from_user(&ev, buf, sizeof(ev) - 1)) 1099 /*
1100 * Copy as much data as we can accept into our 'ev' buffer,
1101 * but tell userspace how much we've copied so it can determine
1102 * our API version even in a write() call, if it cares.
1103 */
1104 count = min(count, sizeof(ev));
1105 if (copy_from_user(&ev, buf, count))
1098 return -EFAULT; 1106 return -EFAULT;
1099 1107
1100 if (ev.op != RFKILL_OP_CHANGE && ev.op != RFKILL_OP_CHANGE_ALL) 1108 if (ev.op != RFKILL_OP_CHANGE && ev.op != RFKILL_OP_CHANGE_ALL)
diff --git a/net/rose/rose_dev.c b/net/rose/rose_dev.c
index 389d6e0d7740..c711e2edf5ce 100644
--- a/net/rose/rose_dev.c
+++ b/net/rose/rose_dev.c
@@ -141,7 +141,7 @@ static int rose_xmit(struct sk_buff *skb, struct net_device *dev)
141 } 141 }
142 dev_kfree_skb(skb); 142 dev_kfree_skb(skb);
143 stats->tx_errors++; 143 stats->tx_errors++;
144 return 0; 144 return NETDEV_TX_OK;
145} 145}
146 146
147static const struct header_ops rose_header_ops = { 147static const struct header_ops rose_header_ops = {
diff --git a/net/rxrpc/ar-ack.c b/net/rxrpc/ar-ack.c
index 3ac1672e1070..c9f1f0a3a2ff 100644
--- a/net/rxrpc/ar-ack.c
+++ b/net/rxrpc/ar-ack.c
@@ -20,7 +20,7 @@
20 20
21static unsigned rxrpc_ack_defer = 1; 21static unsigned rxrpc_ack_defer = 1;
22 22
23static const char *rxrpc_acks[] = { 23static const char *const rxrpc_acks[] = {
24 "---", "REQ", "DUP", "OOS", "WIN", "MEM", "PNG", "PNR", "DLY", "IDL", 24 "---", "REQ", "DUP", "OOS", "WIN", "MEM", "PNG", "PNR", "DLY", "IDL",
25 "-?-" 25 "-?-"
26}; 26};
diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c
index 27d03816ec3e..693df7ae33d8 100644
--- a/net/sched/sch_generic.c
+++ b/net/sched/sch_generic.c
@@ -37,15 +37,11 @@
37 * - updates to tree and tree walking are only done under the rtnl mutex. 37 * - updates to tree and tree walking are only done under the rtnl mutex.
38 */ 38 */
39 39
40static inline int qdisc_qlen(struct Qdisc *q)
41{
42 return q->q.qlen;
43}
44
45static inline int dev_requeue_skb(struct sk_buff *skb, struct Qdisc *q) 40static inline int dev_requeue_skb(struct sk_buff *skb, struct Qdisc *q)
46{ 41{
47 q->gso_skb = skb; 42 q->gso_skb = skb;
48 q->qstats.requeues++; 43 q->qstats.requeues++;
44 q->q.qlen++; /* it's still part of the queue */
49 __netif_schedule(q); 45 __netif_schedule(q);
50 46
51 return 0; 47 return 0;
@@ -61,9 +57,11 @@ static inline struct sk_buff *dequeue_skb(struct Qdisc *q)
61 57
62 /* check the reason of requeuing without tx lock first */ 58 /* check the reason of requeuing without tx lock first */
63 txq = netdev_get_tx_queue(dev, skb_get_queue_mapping(skb)); 59 txq = netdev_get_tx_queue(dev, skb_get_queue_mapping(skb));
64 if (!netif_tx_queue_stopped(txq) && !netif_tx_queue_frozen(txq)) 60 if (!netif_tx_queue_stopped(txq) &&
61 !netif_tx_queue_frozen(txq)) {
65 q->gso_skb = NULL; 62 q->gso_skb = NULL;
66 else 63 q->q.qlen--;
64 } else
67 skb = NULL; 65 skb = NULL;
68 } else { 66 } else {
69 skb = q->dequeue(q); 67 skb = q->dequeue(q);
@@ -103,44 +101,23 @@ static inline int handle_dev_cpu_collision(struct sk_buff *skb,
103} 101}
104 102
105/* 103/*
106 * NOTE: Called under qdisc_lock(q) with locally disabled BH. 104 * Transmit one skb, and handle the return status as required. Holding the
107 * 105 * __QDISC_STATE_RUNNING bit guarantees that only one CPU can execute this
108 * __QDISC_STATE_RUNNING guarantees only one CPU can process 106 * function.
109 * this qdisc at a time. qdisc_lock(q) serializes queue accesses for
110 * this queue.
111 *
112 * netif_tx_lock serializes accesses to device driver.
113 *
114 * qdisc_lock(q) and netif_tx_lock are mutually exclusive,
115 * if one is grabbed, another must be free.
116 *
117 * Note, that this procedure can be called by a watchdog timer
118 * 107 *
119 * Returns to the caller: 108 * Returns to the caller:
120 * 0 - queue is empty or throttled. 109 * 0 - queue is empty or throttled.
121 * >0 - queue is not empty. 110 * >0 - queue is not empty.
122 *
123 */ 111 */
124static inline int qdisc_restart(struct Qdisc *q) 112int sch_direct_xmit(struct sk_buff *skb, struct Qdisc *q,
113 struct net_device *dev, struct netdev_queue *txq,
114 spinlock_t *root_lock)
125{ 115{
126 struct netdev_queue *txq;
127 int ret = NETDEV_TX_BUSY; 116 int ret = NETDEV_TX_BUSY;
128 struct net_device *dev;
129 spinlock_t *root_lock;
130 struct sk_buff *skb;
131
132 /* Dequeue packet */
133 if (unlikely((skb = dequeue_skb(q)) == NULL))
134 return 0;
135
136 root_lock = qdisc_lock(q);
137 117
138 /* And release qdisc */ 118 /* And release qdisc */
139 spin_unlock(root_lock); 119 spin_unlock(root_lock);
140 120
141 dev = qdisc_dev(q);
142 txq = netdev_get_tx_queue(dev, skb_get_queue_mapping(skb));
143
144 HARD_TX_LOCK(dev, txq, smp_processor_id()); 121 HARD_TX_LOCK(dev, txq, smp_processor_id());
145 if (!netif_tx_queue_stopped(txq) && 122 if (!netif_tx_queue_stopped(txq) &&
146 !netif_tx_queue_frozen(txq)) 123 !netif_tx_queue_frozen(txq))
@@ -177,6 +154,44 @@ static inline int qdisc_restart(struct Qdisc *q)
177 return ret; 154 return ret;
178} 155}
179 156
157/*
158 * NOTE: Called under qdisc_lock(q) with locally disabled BH.
159 *
160 * __QDISC_STATE_RUNNING guarantees only one CPU can process
161 * this qdisc at a time. qdisc_lock(q) serializes queue accesses for
162 * this queue.
163 *
164 * netif_tx_lock serializes accesses to device driver.
165 *
166 * qdisc_lock(q) and netif_tx_lock are mutually exclusive,
167 * if one is grabbed, another must be free.
168 *
169 * Note, that this procedure can be called by a watchdog timer
170 *
171 * Returns to the caller:
172 * 0 - queue is empty or throttled.
173 * >0 - queue is not empty.
174 *
175 */
176static inline int qdisc_restart(struct Qdisc *q)
177{
178 struct netdev_queue *txq;
179 struct net_device *dev;
180 spinlock_t *root_lock;
181 struct sk_buff *skb;
182
183 /* Dequeue packet */
184 skb = dequeue_skb(q);
185 if (unlikely(!skb))
186 return 0;
187
188 root_lock = qdisc_lock(q);
189 dev = qdisc_dev(q);
190 txq = netdev_get_tx_queue(dev, skb_get_queue_mapping(skb));
191
192 return sch_direct_xmit(skb, q, dev, txq, root_lock);
193}
194
180void __qdisc_run(struct Qdisc *q) 195void __qdisc_run(struct Qdisc *q)
181{ 196{
182 unsigned long start_time = jiffies; 197 unsigned long start_time = jiffies;
@@ -547,8 +562,11 @@ void qdisc_reset(struct Qdisc *qdisc)
547 if (ops->reset) 562 if (ops->reset)
548 ops->reset(qdisc); 563 ops->reset(qdisc);
549 564
550 kfree_skb(qdisc->gso_skb); 565 if (qdisc->gso_skb) {
551 qdisc->gso_skb = NULL; 566 kfree_skb(qdisc->gso_skb);
567 qdisc->gso_skb = NULL;
568 qdisc->q.qlen = 0;
569 }
552} 570}
553EXPORT_SYMBOL(qdisc_reset); 571EXPORT_SYMBOL(qdisc_reset);
554 572
@@ -605,6 +623,9 @@ static void attach_one_default_qdisc(struct net_device *dev,
605 printk(KERN_INFO "%s: activation failed\n", dev->name); 623 printk(KERN_INFO "%s: activation failed\n", dev->name);
606 return; 624 return;
607 } 625 }
626
627 /* Can by-pass the queue discipline for default qdisc */
628 qdisc->flags |= TCQ_F_CAN_BYPASS;
608 } else { 629 } else {
609 qdisc = &noqueue_qdisc; 630 qdisc = &noqueue_qdisc;
610 } 631 }
diff --git a/net/sched/sch_teql.c b/net/sched/sch_teql.c
index 9c002b6e0533..12434b6c2042 100644
--- a/net/sched/sch_teql.c
+++ b/net/sched/sch_teql.c
@@ -314,7 +314,7 @@ restart:
314 netif_wake_queue(dev); 314 netif_wake_queue(dev);
315 txq->tx_packets++; 315 txq->tx_packets++;
316 txq->tx_bytes += length; 316 txq->tx_bytes += length;
317 return 0; 317 return NETDEV_TX_OK;
318 } 318 }
319 __netif_tx_unlock(slave_txq); 319 __netif_tx_unlock(slave_txq);
320 } 320 }
@@ -323,7 +323,7 @@ restart:
323 break; 323 break;
324 case 1: 324 case 1:
325 master->slaves = NEXT_SLAVE(q); 325 master->slaves = NEXT_SLAVE(q);
326 return 0; 326 return NETDEV_TX_OK;
327 default: 327 default:
328 nores = 1; 328 nores = 1;
329 break; 329 break;
@@ -345,7 +345,7 @@ restart:
345drop: 345drop:
346 txq->tx_dropped++; 346 txq->tx_dropped++;
347 dev_kfree_skb(skb); 347 dev_kfree_skb(skb);
348 return 0; 348 return NETDEV_TX_OK;
349} 349}
350 350
351static int teql_master_open(struct net_device *dev) 351static int teql_master_open(struct net_device *dev)
diff --git a/net/sctp/debug.c b/net/sctp/debug.c
index 7ff548a30cfb..bf24fa697de2 100644
--- a/net/sctp/debug.c
+++ b/net/sctp/debug.c
@@ -52,7 +52,7 @@ int sctp_debug_flag = 1; /* Initially enable DEBUG */
52#endif /* SCTP_DEBUG */ 52#endif /* SCTP_DEBUG */
53 53
54/* These are printable forms of Chunk ID's from section 3.1. */ 54/* These are printable forms of Chunk ID's from section 3.1. */
55static const char *sctp_cid_tbl[SCTP_NUM_BASE_CHUNK_TYPES] = { 55static const char *const sctp_cid_tbl[SCTP_NUM_BASE_CHUNK_TYPES] = {
56 "DATA", 56 "DATA",
57 "INIT", 57 "INIT",
58 "INIT_ACK", 58 "INIT_ACK",
@@ -97,7 +97,7 @@ const char *sctp_cname(const sctp_subtype_t cid)
97} 97}
98 98
99/* These are printable forms of the states. */ 99/* These are printable forms of the states. */
100const char *sctp_state_tbl[SCTP_STATE_NUM_STATES] = { 100const char *const sctp_state_tbl[SCTP_STATE_NUM_STATES] = {
101 "STATE_EMPTY", 101 "STATE_EMPTY",
102 "STATE_CLOSED", 102 "STATE_CLOSED",
103 "STATE_COOKIE_WAIT", 103 "STATE_COOKIE_WAIT",
@@ -110,7 +110,7 @@ const char *sctp_state_tbl[SCTP_STATE_NUM_STATES] = {
110}; 110};
111 111
112/* Events that could change the state of an association. */ 112/* Events that could change the state of an association. */
113const char *sctp_evttype_tbl[] = { 113const char *const sctp_evttype_tbl[] = {
114 "EVENT_T_unknown", 114 "EVENT_T_unknown",
115 "EVENT_T_CHUNK", 115 "EVENT_T_CHUNK",
116 "EVENT_T_TIMEOUT", 116 "EVENT_T_TIMEOUT",
@@ -119,7 +119,7 @@ const char *sctp_evttype_tbl[] = {
119}; 119};
120 120
121/* Return value of a state function */ 121/* Return value of a state function */
122const char *sctp_status_tbl[] = { 122const char *const sctp_status_tbl[] = {
123 "DISPOSITION_DISCARD", 123 "DISPOSITION_DISCARD",
124 "DISPOSITION_CONSUME", 124 "DISPOSITION_CONSUME",
125 "DISPOSITION_NOMEM", 125 "DISPOSITION_NOMEM",
@@ -132,7 +132,7 @@ const char *sctp_status_tbl[] = {
132}; 132};
133 133
134/* Printable forms of primitives */ 134/* Printable forms of primitives */
135static const char *sctp_primitive_tbl[SCTP_NUM_PRIMITIVE_TYPES] = { 135static const char *const sctp_primitive_tbl[SCTP_NUM_PRIMITIVE_TYPES] = {
136 "PRIMITIVE_ASSOCIATE", 136 "PRIMITIVE_ASSOCIATE",
137 "PRIMITIVE_SHUTDOWN", 137 "PRIMITIVE_SHUTDOWN",
138 "PRIMITIVE_ABORT", 138 "PRIMITIVE_ABORT",
@@ -149,7 +149,7 @@ const char *sctp_pname(const sctp_subtype_t id)
149 return "unknown_primitive"; 149 return "unknown_primitive";
150} 150}
151 151
152static const char *sctp_other_tbl[] = { 152static const char *const sctp_other_tbl[] = {
153 "NO_PENDING_TSN", 153 "NO_PENDING_TSN",
154 "ICMP_PROTO_UNREACH", 154 "ICMP_PROTO_UNREACH",
155}; 155};
@@ -162,7 +162,7 @@ const char *sctp_oname(const sctp_subtype_t id)
162 return "unknown 'other' event"; 162 return "unknown 'other' event";
163} 163}
164 164
165static const char *sctp_timer_tbl[] = { 165static const char *const sctp_timer_tbl[] = {
166 "TIMEOUT_NONE", 166 "TIMEOUT_NONE",
167 "TIMEOUT_T1_COOKIE", 167 "TIMEOUT_T1_COOKIE",
168 "TIMEOUT_T1_INIT", 168 "TIMEOUT_T1_INIT",
diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c
index 3c57005e44d1..7bda8e3d1398 100644
--- a/net/tipc/netlink.c
+++ b/net/tipc/netlink.c
@@ -62,7 +62,7 @@ static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
62 rep_nlh = nlmsg_hdr(rep_buf); 62 rep_nlh = nlmsg_hdr(rep_buf);
63 memcpy(rep_nlh, req_nlh, hdr_space); 63 memcpy(rep_nlh, req_nlh, hdr_space);
64 rep_nlh->nlmsg_len = rep_buf->len; 64 rep_nlh->nlmsg_len = rep_buf->len;
65 genlmsg_unicast(rep_buf, NETLINK_CB(skb).pid); 65 genlmsg_unicast(&init_net, rep_buf, NETLINK_CB(skb).pid);
66 } 66 }
67 67
68 return 0; 68 return 0;
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 1848693ebb82..e8254e809b79 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -1748,6 +1748,12 @@ static int getsockopt(struct socket *sock,
1748 value = jiffies_to_msecs(sk->sk_rcvtimeo); 1748 value = jiffies_to_msecs(sk->sk_rcvtimeo);
1749 /* no need to set "res", since already 0 at this point */ 1749 /* no need to set "res", since already 0 at this point */
1750 break; 1750 break;
1751 case TIPC_NODE_RECVQ_DEPTH:
1752 value = (u32)atomic_read(&tipc_queue_size);
1753 break;
1754 case TIPC_SOCK_RECVQ_DEPTH:
1755 value = skb_queue_len(&sk->sk_receive_queue);
1756 break;
1751 default: 1757 default:
1752 res = -EINVAL; 1758 res = -EINVAL;
1753 } 1759 }
diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig
index 4428dd5e911d..c6031d5b135f 100644
--- a/net/wireless/Kconfig
+++ b/net/wireless/Kconfig
@@ -2,6 +2,21 @@ config CFG80211
2 tristate "Improved wireless configuration API" 2 tristate "Improved wireless configuration API"
3 depends on RFKILL || !RFKILL 3 depends on RFKILL || !RFKILL
4 4
5config NL80211_TESTMODE
6 bool "nl80211 testmode command"
7 depends on CFG80211
8 help
9 The nl80211 testmode command helps implementing things like
10 factory calibration or validation tools for wireless chips.
11
12 Select this option ONLY for kernels that are specifically
13 built for such purposes.
14
15 Debugging tools that are supposed to end up in the hands of
16 users should better be implemented with debugfs.
17
18 Say N.
19
5config CFG80211_REG_DEBUG 20config CFG80211_REG_DEBUG
6 bool "cfg80211 regulatory debugging" 21 bool "cfg80211 regulatory debugging"
7 depends on CFG80211 22 depends on CFG80211
@@ -11,6 +26,22 @@ config CFG80211_REG_DEBUG
11 26
12 If unsure, say N. 27 If unsure, say N.
13 28
29config CFG80211_DEFAULT_PS
30 bool "enable powersave by default"
31 depends on CFG80211
32 default y
33 help
34 This option enables powersave mode by default.
35
36 If this causes your applications to misbehave you should fix your
37 applications instead -- they need to register their network
38 latency requirement, see Documentation/power/pm_qos_interface.txt.
39
40config CFG80211_DEFAULT_PS_VALUE
41 int
42 default 1 if CFG80211_DEFAULT_PS
43 default 0
44
14config CFG80211_DEBUGFS 45config CFG80211_DEBUGFS
15 bool "cfg80211 DebugFS entries" 46 bool "cfg80211 DebugFS entries"
16 depends on CFG80211 && DEBUG_FS 47 depends on CFG80211 && DEBUG_FS
@@ -35,19 +66,13 @@ config WIRELESS_OLD_REGULATORY
35 66
36config WIRELESS_EXT 67config WIRELESS_EXT
37 bool "Wireless extensions" 68 bool "Wireless extensions"
38 default n 69 default y
39 ---help--- 70 ---help---
40 This option enables the legacy wireless extensions 71 This option enables the legacy wireless extensions
41 (wireless network interface configuration via ioctls.) 72 (wireless network interface configuration via ioctls.)
42 73
43 Wireless extensions will be replaced by cfg80211 and 74 Say Y unless you've upgraded all your userspace to use
44 will be required only by legacy drivers that implement 75 nl80211 instead of wireless extensions.
45 wireless extension handlers. This option does not
46 affect the wireless-extension backward compatibility
47 code in cfg80211.
48
49 Say N (if you can) unless you know you need wireless
50 extensions for external modules.
51 76
52config WIRELESS_EXT_SYSFS 77config WIRELESS_EXT_SYSFS
53 bool "Wireless extensions sysfs files" 78 bool "Wireless extensions sysfs files"
diff --git a/net/wireless/Makefile b/net/wireless/Makefile
index f78c4832a9ca..3ecaa9179977 100644
--- a/net/wireless/Makefile
+++ b/net/wireless/Makefile
@@ -5,8 +5,9 @@ obj-$(CONFIG_LIB80211_CRYPT_WEP) += lib80211_crypt_wep.o
5obj-$(CONFIG_LIB80211_CRYPT_CCMP) += lib80211_crypt_ccmp.o 5obj-$(CONFIG_LIB80211_CRYPT_CCMP) += lib80211_crypt_ccmp.o
6obj-$(CONFIG_LIB80211_CRYPT_TKIP) += lib80211_crypt_tkip.o 6obj-$(CONFIG_LIB80211_CRYPT_TKIP) += lib80211_crypt_tkip.o
7 7
8cfg80211-y += core.o sysfs.o radiotap.o util.o reg.o scan.o nl80211.o mlme.o ibss.o 8cfg80211-y += core.o sysfs.o radiotap.o util.o reg.o scan.o nl80211.o
9cfg80211-y += mlme.o ibss.o sme.o chan.o
9cfg80211-$(CONFIG_CFG80211_DEBUGFS) += debugfs.o 10cfg80211-$(CONFIG_CFG80211_DEBUGFS) += debugfs.o
10cfg80211-$(CONFIG_WIRELESS_EXT) += wext-compat.o 11cfg80211-$(CONFIG_WIRELESS_EXT) += wext-compat.o wext-sme.o
11 12
12ccflags-y += -D__CHECK_ENDIAN__ 13ccflags-y += -D__CHECK_ENDIAN__
diff --git a/net/wireless/chan.c b/net/wireless/chan.c
new file mode 100644
index 000000000000..a46ac6c9b365
--- /dev/null
+++ b/net/wireless/chan.c
@@ -0,0 +1,89 @@
1/*
2 * This file contains helper code to handle channel
3 * settings and keeping track of what is possible at
4 * any point in time.
5 *
6 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
7 */
8
9#include <net/cfg80211.h>
10#include "core.h"
11
12struct ieee80211_channel *
13rdev_fixed_channel(struct cfg80211_registered_device *rdev,
14 struct wireless_dev *for_wdev)
15{
16 struct wireless_dev *wdev;
17 struct ieee80211_channel *result = NULL;
18
19 WARN_ON(!mutex_is_locked(&rdev->devlist_mtx));
20
21 list_for_each_entry(wdev, &rdev->netdev_list, list) {
22 if (wdev == for_wdev)
23 continue;
24
25 /*
26 * Lock manually to tell lockdep about allowed
27 * nesting here if for_wdev->mtx is held already.
28 * This is ok as it's all under the rdev devlist
29 * mutex and as such can only be done once at any
30 * given time.
31 */
32 mutex_lock_nested(&wdev->mtx, SINGLE_DEPTH_NESTING);
33 if (wdev->current_bss)
34 result = wdev->current_bss->pub.channel;
35 wdev_unlock(wdev);
36
37 if (result)
38 break;
39 }
40
41 return result;
42}
43
44int rdev_set_freq(struct cfg80211_registered_device *rdev,
45 struct wireless_dev *for_wdev,
46 int freq, enum nl80211_channel_type channel_type)
47{
48 struct ieee80211_channel *chan;
49 struct ieee80211_sta_ht_cap *ht_cap;
50 int result;
51
52 if (rdev_fixed_channel(rdev, for_wdev))
53 return -EBUSY;
54
55 if (!rdev->ops->set_channel)
56 return -EOPNOTSUPP;
57
58 chan = ieee80211_get_channel(&rdev->wiphy, freq);
59
60 /* Primary channel not allowed */
61 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED)
62 return -EINVAL;
63
64 if (channel_type == NL80211_CHAN_HT40MINUS &&
65 chan->flags & IEEE80211_CHAN_NO_HT40MINUS)
66 return -EINVAL;
67 else if (channel_type == NL80211_CHAN_HT40PLUS &&
68 chan->flags & IEEE80211_CHAN_NO_HT40PLUS)
69 return -EINVAL;
70
71 ht_cap = &rdev->wiphy.bands[chan->band]->ht_cap;
72
73 if (channel_type != NL80211_CHAN_NO_HT) {
74 if (!ht_cap->ht_supported)
75 return -EINVAL;
76
77 if (!(ht_cap->cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) ||
78 ht_cap->cap & IEEE80211_HT_CAP_40MHZ_INTOLERANT)
79 return -EINVAL;
80 }
81
82 result = rdev->ops->set_channel(&rdev->wiphy, chan, channel_type);
83 if (result)
84 return result;
85
86 rdev->channel = chan;
87
88 return 0;
89}
diff --git a/net/wireless/core.c b/net/wireless/core.c
index d5850292b3df..bc99e4ec7463 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -19,6 +19,7 @@
19#include "core.h" 19#include "core.h"
20#include "sysfs.h" 20#include "sysfs.h"
21#include "debugfs.h" 21#include "debugfs.h"
22#include "wext-compat.h"
22 23
23/* name for sysfs, %d is appended */ 24/* name for sysfs, %d is appended */
24#define PHY_NAME "phy" 25#define PHY_NAME "phy"
@@ -30,12 +31,11 @@ MODULE_DESCRIPTION("wireless configuration support");
30/* RCU might be appropriate here since we usually 31/* RCU might be appropriate here since we usually
31 * only read the list, and that can happen quite 32 * only read the list, and that can happen quite
32 * often because we need to do it for each command */ 33 * often because we need to do it for each command */
33LIST_HEAD(cfg80211_drv_list); 34LIST_HEAD(cfg80211_rdev_list);
35int cfg80211_rdev_list_generation;
34 36
35/* 37/*
36 * This is used to protect the cfg80211_drv_list, cfg80211_regdomain, 38 * This is used to protect the cfg80211_rdev_list
37 * country_ie_regdomain, the reg_beacon_list and the the last regulatory
38 * request receipt (last_request).
39 */ 39 */
40DEFINE_MUTEX(cfg80211_mutex); 40DEFINE_MUTEX(cfg80211_mutex);
41 41
@@ -43,18 +43,18 @@ DEFINE_MUTEX(cfg80211_mutex);
43static struct dentry *ieee80211_debugfs_dir; 43static struct dentry *ieee80211_debugfs_dir;
44 44
45/* requires cfg80211_mutex to be held! */ 45/* requires cfg80211_mutex to be held! */
46struct cfg80211_registered_device *cfg80211_drv_by_wiphy_idx(int wiphy_idx) 46struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx)
47{ 47{
48 struct cfg80211_registered_device *result = NULL, *drv; 48 struct cfg80211_registered_device *result = NULL, *rdev;
49 49
50 if (!wiphy_idx_valid(wiphy_idx)) 50 if (!wiphy_idx_valid(wiphy_idx))
51 return NULL; 51 return NULL;
52 52
53 assert_cfg80211_lock(); 53 assert_cfg80211_lock();
54 54
55 list_for_each_entry(drv, &cfg80211_drv_list, list) { 55 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
56 if (drv->wiphy_idx == wiphy_idx) { 56 if (rdev->wiphy_idx == wiphy_idx) {
57 result = drv; 57 result = rdev;
58 break; 58 break;
59 } 59 }
60 } 60 }
@@ -64,32 +64,32 @@ struct cfg80211_registered_device *cfg80211_drv_by_wiphy_idx(int wiphy_idx)
64 64
65int get_wiphy_idx(struct wiphy *wiphy) 65int get_wiphy_idx(struct wiphy *wiphy)
66{ 66{
67 struct cfg80211_registered_device *drv; 67 struct cfg80211_registered_device *rdev;
68 if (!wiphy) 68 if (!wiphy)
69 return WIPHY_IDX_STALE; 69 return WIPHY_IDX_STALE;
70 drv = wiphy_to_dev(wiphy); 70 rdev = wiphy_to_dev(wiphy);
71 return drv->wiphy_idx; 71 return rdev->wiphy_idx;
72} 72}
73 73
74/* requires cfg80211_drv_mutex to be held! */ 74/* requires cfg80211_rdev_mutex to be held! */
75struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx) 75struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx)
76{ 76{
77 struct cfg80211_registered_device *drv; 77 struct cfg80211_registered_device *rdev;
78 78
79 if (!wiphy_idx_valid(wiphy_idx)) 79 if (!wiphy_idx_valid(wiphy_idx))
80 return NULL; 80 return NULL;
81 81
82 assert_cfg80211_lock(); 82 assert_cfg80211_lock();
83 83
84 drv = cfg80211_drv_by_wiphy_idx(wiphy_idx); 84 rdev = cfg80211_rdev_by_wiphy_idx(wiphy_idx);
85 if (!drv) 85 if (!rdev)
86 return NULL; 86 return NULL;
87 return &drv->wiphy; 87 return &rdev->wiphy;
88} 88}
89 89
90/* requires cfg80211_mutex to be held! */ 90/* requires cfg80211_mutex to be held! */
91struct cfg80211_registered_device * 91struct cfg80211_registered_device *
92__cfg80211_drv_from_info(struct genl_info *info) 92__cfg80211_rdev_from_info(struct genl_info *info)
93{ 93{
94 int ifindex; 94 int ifindex;
95 struct cfg80211_registered_device *bywiphyidx = NULL, *byifidx = NULL; 95 struct cfg80211_registered_device *bywiphyidx = NULL, *byifidx = NULL;
@@ -99,14 +99,14 @@ __cfg80211_drv_from_info(struct genl_info *info)
99 assert_cfg80211_lock(); 99 assert_cfg80211_lock();
100 100
101 if (info->attrs[NL80211_ATTR_WIPHY]) { 101 if (info->attrs[NL80211_ATTR_WIPHY]) {
102 bywiphyidx = cfg80211_drv_by_wiphy_idx( 102 bywiphyidx = cfg80211_rdev_by_wiphy_idx(
103 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY])); 103 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY]));
104 err = -ENODEV; 104 err = -ENODEV;
105 } 105 }
106 106
107 if (info->attrs[NL80211_ATTR_IFINDEX]) { 107 if (info->attrs[NL80211_ATTR_IFINDEX]) {
108 ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 108 ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
109 dev = dev_get_by_index(&init_net, ifindex); 109 dev = dev_get_by_index(genl_info_net(info), ifindex);
110 if (dev) { 110 if (dev) {
111 if (dev->ieee80211_ptr) 111 if (dev->ieee80211_ptr)
112 byifidx = 112 byifidx =
@@ -134,54 +134,48 @@ __cfg80211_drv_from_info(struct genl_info *info)
134struct cfg80211_registered_device * 134struct cfg80211_registered_device *
135cfg80211_get_dev_from_info(struct genl_info *info) 135cfg80211_get_dev_from_info(struct genl_info *info)
136{ 136{
137 struct cfg80211_registered_device *drv; 137 struct cfg80211_registered_device *rdev;
138 138
139 mutex_lock(&cfg80211_mutex); 139 mutex_lock(&cfg80211_mutex);
140 drv = __cfg80211_drv_from_info(info); 140 rdev = __cfg80211_rdev_from_info(info);
141 141
142 /* if it is not an error we grab the lock on 142 /* if it is not an error we grab the lock on
143 * it to assure it won't be going away while 143 * it to assure it won't be going away while
144 * we operate on it */ 144 * we operate on it */
145 if (!IS_ERR(drv)) 145 if (!IS_ERR(rdev))
146 mutex_lock(&drv->mtx); 146 mutex_lock(&rdev->mtx);
147 147
148 mutex_unlock(&cfg80211_mutex); 148 mutex_unlock(&cfg80211_mutex);
149 149
150 return drv; 150 return rdev;
151} 151}
152 152
153struct cfg80211_registered_device * 153struct cfg80211_registered_device *
154cfg80211_get_dev_from_ifindex(int ifindex) 154cfg80211_get_dev_from_ifindex(struct net *net, int ifindex)
155{ 155{
156 struct cfg80211_registered_device *drv = ERR_PTR(-ENODEV); 156 struct cfg80211_registered_device *rdev = ERR_PTR(-ENODEV);
157 struct net_device *dev; 157 struct net_device *dev;
158 158
159 mutex_lock(&cfg80211_mutex); 159 mutex_lock(&cfg80211_mutex);
160 dev = dev_get_by_index(&init_net, ifindex); 160 dev = dev_get_by_index(net, ifindex);
161 if (!dev) 161 if (!dev)
162 goto out; 162 goto out;
163 if (dev->ieee80211_ptr) { 163 if (dev->ieee80211_ptr) {
164 drv = wiphy_to_dev(dev->ieee80211_ptr->wiphy); 164 rdev = wiphy_to_dev(dev->ieee80211_ptr->wiphy);
165 mutex_lock(&drv->mtx); 165 mutex_lock(&rdev->mtx);
166 } else 166 } else
167 drv = ERR_PTR(-ENODEV); 167 rdev = ERR_PTR(-ENODEV);
168 dev_put(dev); 168 dev_put(dev);
169 out: 169 out:
170 mutex_unlock(&cfg80211_mutex); 170 mutex_unlock(&cfg80211_mutex);
171 return drv; 171 return rdev;
172}
173
174void cfg80211_put_dev(struct cfg80211_registered_device *drv)
175{
176 BUG_ON(IS_ERR(drv));
177 mutex_unlock(&drv->mtx);
178} 172}
179 173
180/* requires cfg80211_mutex to be held */ 174/* requires cfg80211_mutex to be held */
181int cfg80211_dev_rename(struct cfg80211_registered_device *rdev, 175int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
182 char *newname) 176 char *newname)
183{ 177{
184 struct cfg80211_registered_device *drv; 178 struct cfg80211_registered_device *rdev2;
185 int wiphy_idx, taken = -1, result, digits; 179 int wiphy_idx, taken = -1, result, digits;
186 180
187 assert_cfg80211_lock(); 181 assert_cfg80211_lock();
@@ -207,8 +201,8 @@ int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
207 return 0; 201 return 0;
208 202
209 /* Ensure another device does not already have this name. */ 203 /* Ensure another device does not already have this name. */
210 list_for_each_entry(drv, &cfg80211_drv_list, list) 204 list_for_each_entry(rdev2, &cfg80211_rdev_list, list)
211 if (strcmp(newname, dev_name(&drv->wiphy.dev)) == 0) 205 if (strcmp(newname, dev_name(&rdev2->wiphy.dev)) == 0)
212 return -EINVAL; 206 return -EINVAL;
213 207
214 result = device_rename(&rdev->wiphy.dev, newname); 208 result = device_rename(&rdev->wiphy.dev, newname);
@@ -228,28 +222,64 @@ int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
228 return 0; 222 return 0;
229} 223}
230 224
225int cfg80211_switch_netns(struct cfg80211_registered_device *rdev,
226 struct net *net)
227{
228 struct wireless_dev *wdev;
229 int err = 0;
230
231 if (!rdev->wiphy.netnsok)
232 return -EOPNOTSUPP;
233
234 list_for_each_entry(wdev, &rdev->netdev_list, list) {
235 wdev->netdev->features &= ~NETIF_F_NETNS_LOCAL;
236 err = dev_change_net_namespace(wdev->netdev, net, "wlan%d");
237 if (err)
238 break;
239 wdev->netdev->features |= NETIF_F_NETNS_LOCAL;
240 }
241
242 if (err) {
243 /* failed -- clean up to old netns */
244 net = wiphy_net(&rdev->wiphy);
245
246 list_for_each_entry_continue_reverse(wdev, &rdev->netdev_list,
247 list) {
248 wdev->netdev->features &= ~NETIF_F_NETNS_LOCAL;
249 err = dev_change_net_namespace(wdev->netdev, net,
250 "wlan%d");
251 WARN_ON(err);
252 wdev->netdev->features |= NETIF_F_NETNS_LOCAL;
253 }
254 }
255
256 wiphy_net_set(&rdev->wiphy, net);
257
258 return err;
259}
260
231static void cfg80211_rfkill_poll(struct rfkill *rfkill, void *data) 261static void cfg80211_rfkill_poll(struct rfkill *rfkill, void *data)
232{ 262{
233 struct cfg80211_registered_device *drv = data; 263 struct cfg80211_registered_device *rdev = data;
234 264
235 drv->ops->rfkill_poll(&drv->wiphy); 265 rdev->ops->rfkill_poll(&rdev->wiphy);
236} 266}
237 267
238static int cfg80211_rfkill_set_block(void *data, bool blocked) 268static int cfg80211_rfkill_set_block(void *data, bool blocked)
239{ 269{
240 struct cfg80211_registered_device *drv = data; 270 struct cfg80211_registered_device *rdev = data;
241 struct wireless_dev *wdev; 271 struct wireless_dev *wdev;
242 272
243 if (!blocked) 273 if (!blocked)
244 return 0; 274 return 0;
245 275
246 rtnl_lock(); 276 rtnl_lock();
247 mutex_lock(&drv->devlist_mtx); 277 mutex_lock(&rdev->devlist_mtx);
248 278
249 list_for_each_entry(wdev, &drv->netdev_list, list) 279 list_for_each_entry(wdev, &rdev->netdev_list, list)
250 dev_close(wdev->netdev); 280 dev_close(wdev->netdev);
251 281
252 mutex_unlock(&drv->devlist_mtx); 282 mutex_unlock(&rdev->devlist_mtx);
253 rtnl_unlock(); 283 rtnl_unlock();
254 284
255 return 0; 285 return 0;
@@ -257,10 +287,76 @@ static int cfg80211_rfkill_set_block(void *data, bool blocked)
257 287
258static void cfg80211_rfkill_sync_work(struct work_struct *work) 288static void cfg80211_rfkill_sync_work(struct work_struct *work)
259{ 289{
260 struct cfg80211_registered_device *drv; 290 struct cfg80211_registered_device *rdev;
291
292 rdev = container_of(work, struct cfg80211_registered_device, rfkill_sync);
293 cfg80211_rfkill_set_block(rdev, rfkill_blocked(rdev->rfkill));
294}
295
296static void cfg80211_process_events(struct wireless_dev *wdev)
297{
298 struct cfg80211_event *ev;
299 unsigned long flags;
300
301 spin_lock_irqsave(&wdev->event_lock, flags);
302 while (!list_empty(&wdev->event_list)) {
303 ev = list_first_entry(&wdev->event_list,
304 struct cfg80211_event, list);
305 list_del(&ev->list);
306 spin_unlock_irqrestore(&wdev->event_lock, flags);
307
308 wdev_lock(wdev);
309 switch (ev->type) {
310 case EVENT_CONNECT_RESULT:
311 __cfg80211_connect_result(
312 wdev->netdev, ev->cr.bssid,
313 ev->cr.req_ie, ev->cr.req_ie_len,
314 ev->cr.resp_ie, ev->cr.resp_ie_len,
315 ev->cr.status,
316 ev->cr.status == WLAN_STATUS_SUCCESS,
317 NULL);
318 break;
319 case EVENT_ROAMED:
320 __cfg80211_roamed(wdev, ev->rm.bssid,
321 ev->rm.req_ie, ev->rm.req_ie_len,
322 ev->rm.resp_ie, ev->rm.resp_ie_len);
323 break;
324 case EVENT_DISCONNECTED:
325 __cfg80211_disconnected(wdev->netdev,
326 ev->dc.ie, ev->dc.ie_len,
327 ev->dc.reason, true);
328 break;
329 case EVENT_IBSS_JOINED:
330 __cfg80211_ibss_joined(wdev->netdev, ev->ij.bssid);
331 break;
332 }
333 wdev_unlock(wdev);
334
335 kfree(ev);
336
337 spin_lock_irqsave(&wdev->event_lock, flags);
338 }
339 spin_unlock_irqrestore(&wdev->event_lock, flags);
340}
341
342static void cfg80211_event_work(struct work_struct *work)
343{
344 struct cfg80211_registered_device *rdev;
345 struct wireless_dev *wdev;
346
347 rdev = container_of(work, struct cfg80211_registered_device,
348 event_work);
349
350 rtnl_lock();
351 cfg80211_lock_rdev(rdev);
352 mutex_lock(&rdev->devlist_mtx);
353
354 list_for_each_entry(wdev, &rdev->netdev_list, list)
355 cfg80211_process_events(wdev);
261 356
262 drv = container_of(work, struct cfg80211_registered_device, rfkill_sync); 357 mutex_unlock(&rdev->devlist_mtx);
263 cfg80211_rfkill_set_block(drv, rfkill_blocked(drv->rfkill)); 358 cfg80211_unlock_rdev(rdev);
359 rtnl_unlock();
264} 360}
265 361
266/* exported functions */ 362/* exported functions */
@@ -269,76 +365,88 @@ struct wiphy *wiphy_new(const struct cfg80211_ops *ops, int sizeof_priv)
269{ 365{
270 static int wiphy_counter; 366 static int wiphy_counter;
271 367
272 struct cfg80211_registered_device *drv; 368 struct cfg80211_registered_device *rdev;
273 int alloc_size; 369 int alloc_size;
274 370
275 WARN_ON(!ops->add_key && ops->del_key); 371 WARN_ON(ops->add_key && (!ops->del_key || !ops->set_default_key));
276 WARN_ON(ops->add_key && !ops->del_key); 372 WARN_ON(ops->auth && (!ops->assoc || !ops->deauth || !ops->disassoc));
373 WARN_ON(ops->connect && !ops->disconnect);
374 WARN_ON(ops->join_ibss && !ops->leave_ibss);
375 WARN_ON(ops->add_virtual_intf && !ops->del_virtual_intf);
376 WARN_ON(ops->add_station && !ops->del_station);
377 WARN_ON(ops->add_mpath && !ops->del_mpath);
277 378
278 alloc_size = sizeof(*drv) + sizeof_priv; 379 alloc_size = sizeof(*rdev) + sizeof_priv;
279 380
280 drv = kzalloc(alloc_size, GFP_KERNEL); 381 rdev = kzalloc(alloc_size, GFP_KERNEL);
281 if (!drv) 382 if (!rdev)
282 return NULL; 383 return NULL;
283 384
284 drv->ops = ops; 385 rdev->ops = ops;
285 386
286 mutex_lock(&cfg80211_mutex); 387 mutex_lock(&cfg80211_mutex);
287 388
288 drv->wiphy_idx = wiphy_counter++; 389 rdev->wiphy_idx = wiphy_counter++;
289 390
290 if (unlikely(!wiphy_idx_valid(drv->wiphy_idx))) { 391 if (unlikely(!wiphy_idx_valid(rdev->wiphy_idx))) {
291 wiphy_counter--; 392 wiphy_counter--;
292 mutex_unlock(&cfg80211_mutex); 393 mutex_unlock(&cfg80211_mutex);
293 /* ugh, wrapped! */ 394 /* ugh, wrapped! */
294 kfree(drv); 395 kfree(rdev);
295 return NULL; 396 return NULL;
296 } 397 }
297 398
298 mutex_unlock(&cfg80211_mutex); 399 mutex_unlock(&cfg80211_mutex);
299 400
300 /* give it a proper name */ 401 /* give it a proper name */
301 dev_set_name(&drv->wiphy.dev, PHY_NAME "%d", drv->wiphy_idx); 402 dev_set_name(&rdev->wiphy.dev, PHY_NAME "%d", rdev->wiphy_idx);
403
404 mutex_init(&rdev->mtx);
405 mutex_init(&rdev->devlist_mtx);
406 INIT_LIST_HEAD(&rdev->netdev_list);
407 spin_lock_init(&rdev->bss_lock);
408 INIT_LIST_HEAD(&rdev->bss_list);
409 INIT_WORK(&rdev->scan_done_wk, __cfg80211_scan_done);
302 410
303 mutex_init(&drv->mtx); 411 device_initialize(&rdev->wiphy.dev);
304 mutex_init(&drv->devlist_mtx); 412 rdev->wiphy.dev.class = &ieee80211_class;
305 INIT_LIST_HEAD(&drv->netdev_list); 413 rdev->wiphy.dev.platform_data = rdev;
306 spin_lock_init(&drv->bss_lock);
307 INIT_LIST_HEAD(&drv->bss_list);
308 414
309 device_initialize(&drv->wiphy.dev); 415 rdev->wiphy.ps_default = CONFIG_CFG80211_DEFAULT_PS_VALUE;
310 drv->wiphy.dev.class = &ieee80211_class;
311 drv->wiphy.dev.platform_data = drv;
312 416
313 drv->rfkill_ops.set_block = cfg80211_rfkill_set_block; 417 wiphy_net_set(&rdev->wiphy, &init_net);
314 drv->rfkill = rfkill_alloc(dev_name(&drv->wiphy.dev),
315 &drv->wiphy.dev, RFKILL_TYPE_WLAN,
316 &drv->rfkill_ops, drv);
317 418
318 if (!drv->rfkill) { 419 rdev->rfkill_ops.set_block = cfg80211_rfkill_set_block;
319 kfree(drv); 420 rdev->rfkill = rfkill_alloc(dev_name(&rdev->wiphy.dev),
421 &rdev->wiphy.dev, RFKILL_TYPE_WLAN,
422 &rdev->rfkill_ops, rdev);
423
424 if (!rdev->rfkill) {
425 kfree(rdev);
320 return NULL; 426 return NULL;
321 } 427 }
322 428
323 INIT_WORK(&drv->rfkill_sync, cfg80211_rfkill_sync_work); 429 INIT_WORK(&rdev->rfkill_sync, cfg80211_rfkill_sync_work);
430 INIT_WORK(&rdev->conn_work, cfg80211_conn_work);
431 INIT_WORK(&rdev->event_work, cfg80211_event_work);
324 432
325 /* 433 /*
326 * Initialize wiphy parameters to IEEE 802.11 MIB default values. 434 * Initialize wiphy parameters to IEEE 802.11 MIB default values.
327 * Fragmentation and RTS threshold are disabled by default with the 435 * Fragmentation and RTS threshold are disabled by default with the
328 * special -1 value. 436 * special -1 value.
329 */ 437 */
330 drv->wiphy.retry_short = 7; 438 rdev->wiphy.retry_short = 7;
331 drv->wiphy.retry_long = 4; 439 rdev->wiphy.retry_long = 4;
332 drv->wiphy.frag_threshold = (u32) -1; 440 rdev->wiphy.frag_threshold = (u32) -1;
333 drv->wiphy.rts_threshold = (u32) -1; 441 rdev->wiphy.rts_threshold = (u32) -1;
334 442
335 return &drv->wiphy; 443 return &rdev->wiphy;
336} 444}
337EXPORT_SYMBOL(wiphy_new); 445EXPORT_SYMBOL(wiphy_new);
338 446
339int wiphy_register(struct wiphy *wiphy) 447int wiphy_register(struct wiphy *wiphy)
340{ 448{
341 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 449 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
342 int res; 450 int res;
343 enum ieee80211_band band; 451 enum ieee80211_band band;
344 struct ieee80211_supported_band *sband; 452 struct ieee80211_supported_band *sband;
@@ -346,9 +454,6 @@ int wiphy_register(struct wiphy *wiphy)
346 int i; 454 int i;
347 u16 ifmodes = wiphy->interface_modes; 455 u16 ifmodes = wiphy->interface_modes;
348 456
349 if (WARN_ON(wiphy->max_scan_ssids < 1))
350 return -EINVAL;
351
352 /* sanity check ifmodes */ 457 /* sanity check ifmodes */
353 WARN_ON(!ifmodes); 458 WARN_ON(!ifmodes);
354 ifmodes &= ((1 << __NL80211_IFTYPE_AFTER_LAST) - 1) & ~1; 459 ifmodes &= ((1 << __NL80211_IFTYPE_AFTER_LAST) - 1) & ~1;
@@ -395,11 +500,11 @@ int wiphy_register(struct wiphy *wiphy)
395 /* check and set up bitrates */ 500 /* check and set up bitrates */
396 ieee80211_set_bitrate_flags(wiphy); 501 ieee80211_set_bitrate_flags(wiphy);
397 502
398 res = device_add(&drv->wiphy.dev); 503 res = device_add(&rdev->wiphy.dev);
399 if (res) 504 if (res)
400 return res; 505 return res;
401 506
402 res = rfkill_register(drv->rfkill); 507 res = rfkill_register(rdev->rfkill);
403 if (res) 508 if (res)
404 goto out_rm_dev; 509 goto out_rm_dev;
405 510
@@ -408,16 +513,17 @@ int wiphy_register(struct wiphy *wiphy)
408 /* set up regulatory info */ 513 /* set up regulatory info */
409 wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE); 514 wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE);
410 515
411 list_add(&drv->list, &cfg80211_drv_list); 516 list_add(&rdev->list, &cfg80211_rdev_list);
517 cfg80211_rdev_list_generation++;
412 518
413 mutex_unlock(&cfg80211_mutex); 519 mutex_unlock(&cfg80211_mutex);
414 520
415 /* add to debugfs */ 521 /* add to debugfs */
416 drv->wiphy.debugfsdir = 522 rdev->wiphy.debugfsdir =
417 debugfs_create_dir(wiphy_name(&drv->wiphy), 523 debugfs_create_dir(wiphy_name(&rdev->wiphy),
418 ieee80211_debugfs_dir); 524 ieee80211_debugfs_dir);
419 if (IS_ERR(drv->wiphy.debugfsdir)) 525 if (IS_ERR(rdev->wiphy.debugfsdir))
420 drv->wiphy.debugfsdir = NULL; 526 rdev->wiphy.debugfsdir = NULL;
421 527
422 if (wiphy->custom_regulatory) { 528 if (wiphy->custom_regulatory) {
423 struct regulatory_request request; 529 struct regulatory_request request;
@@ -430,48 +536,48 @@ int wiphy_register(struct wiphy *wiphy)
430 nl80211_send_reg_change_event(&request); 536 nl80211_send_reg_change_event(&request);
431 } 537 }
432 538
433 cfg80211_debugfs_drv_add(drv); 539 cfg80211_debugfs_rdev_add(rdev);
434 540
435 return 0; 541 return 0;
436 542
437 out_rm_dev: 543 out_rm_dev:
438 device_del(&drv->wiphy.dev); 544 device_del(&rdev->wiphy.dev);
439 return res; 545 return res;
440} 546}
441EXPORT_SYMBOL(wiphy_register); 547EXPORT_SYMBOL(wiphy_register);
442 548
443void wiphy_rfkill_start_polling(struct wiphy *wiphy) 549void wiphy_rfkill_start_polling(struct wiphy *wiphy)
444{ 550{
445 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 551 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
446 552
447 if (!drv->ops->rfkill_poll) 553 if (!rdev->ops->rfkill_poll)
448 return; 554 return;
449 drv->rfkill_ops.poll = cfg80211_rfkill_poll; 555 rdev->rfkill_ops.poll = cfg80211_rfkill_poll;
450 rfkill_resume_polling(drv->rfkill); 556 rfkill_resume_polling(rdev->rfkill);
451} 557}
452EXPORT_SYMBOL(wiphy_rfkill_start_polling); 558EXPORT_SYMBOL(wiphy_rfkill_start_polling);
453 559
454void wiphy_rfkill_stop_polling(struct wiphy *wiphy) 560void wiphy_rfkill_stop_polling(struct wiphy *wiphy)
455{ 561{
456 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 562 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
457 563
458 rfkill_pause_polling(drv->rfkill); 564 rfkill_pause_polling(rdev->rfkill);
459} 565}
460EXPORT_SYMBOL(wiphy_rfkill_stop_polling); 566EXPORT_SYMBOL(wiphy_rfkill_stop_polling);
461 567
462void wiphy_unregister(struct wiphy *wiphy) 568void wiphy_unregister(struct wiphy *wiphy)
463{ 569{
464 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 570 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
465 571
466 rfkill_unregister(drv->rfkill); 572 rfkill_unregister(rdev->rfkill);
467 573
468 /* protect the device list */ 574 /* protect the device list */
469 mutex_lock(&cfg80211_mutex); 575 mutex_lock(&cfg80211_mutex);
470 576
471 BUG_ON(!list_empty(&drv->netdev_list)); 577 BUG_ON(!list_empty(&rdev->netdev_list));
472 578
473 /* 579 /*
474 * Try to grab drv->mtx. If a command is still in progress, 580 * Try to grab rdev->mtx. If a command is still in progress,
475 * hopefully the driver will refuse it since it's tearing 581 * hopefully the driver will refuse it since it's tearing
476 * down the device already. We wait for this command to complete 582 * down the device already. We wait for this command to complete
477 * before unlinking the item from the list. 583 * before unlinking the item from the list.
@@ -480,33 +586,39 @@ void wiphy_unregister(struct wiphy *wiphy)
480 * get to lock contention here if userspace issues a command 586 * get to lock contention here if userspace issues a command
481 * that identified the hardware by wiphy index. 587 * that identified the hardware by wiphy index.
482 */ 588 */
483 mutex_lock(&drv->mtx); 589 mutex_lock(&rdev->mtx);
484 /* unlock again before freeing */ 590 /* unlock again before freeing */
485 mutex_unlock(&drv->mtx); 591 mutex_unlock(&rdev->mtx);
486 592
487 cfg80211_debugfs_drv_del(drv); 593 cfg80211_debugfs_rdev_del(rdev);
488 594
489 /* If this device got a regulatory hint tell core its 595 /* If this device got a regulatory hint tell core its
490 * free to listen now to a new shiny device regulatory hint */ 596 * free to listen now to a new shiny device regulatory hint */
491 reg_device_remove(wiphy); 597 reg_device_remove(wiphy);
492 598
493 list_del(&drv->list); 599 list_del(&rdev->list);
494 device_del(&drv->wiphy.dev); 600 cfg80211_rdev_list_generation++;
495 debugfs_remove(drv->wiphy.debugfsdir); 601 device_del(&rdev->wiphy.dev);
602 debugfs_remove(rdev->wiphy.debugfsdir);
496 603
497 mutex_unlock(&cfg80211_mutex); 604 mutex_unlock(&cfg80211_mutex);
605
606 flush_work(&rdev->scan_done_wk);
607 cancel_work_sync(&rdev->conn_work);
608 kfree(rdev->scan_req);
609 flush_work(&rdev->event_work);
498} 610}
499EXPORT_SYMBOL(wiphy_unregister); 611EXPORT_SYMBOL(wiphy_unregister);
500 612
501void cfg80211_dev_free(struct cfg80211_registered_device *drv) 613void cfg80211_dev_free(struct cfg80211_registered_device *rdev)
502{ 614{
503 struct cfg80211_internal_bss *scan, *tmp; 615 struct cfg80211_internal_bss *scan, *tmp;
504 rfkill_destroy(drv->rfkill); 616 rfkill_destroy(rdev->rfkill);
505 mutex_destroy(&drv->mtx); 617 mutex_destroy(&rdev->mtx);
506 mutex_destroy(&drv->devlist_mtx); 618 mutex_destroy(&rdev->devlist_mtx);
507 list_for_each_entry_safe(scan, tmp, &drv->bss_list, list) 619 list_for_each_entry_safe(scan, tmp, &rdev->bss_list, list)
508 cfg80211_put_bss(&scan->pub); 620 cfg80211_put_bss(&scan->pub);
509 kfree(drv); 621 kfree(rdev);
510} 622}
511 623
512void wiphy_free(struct wiphy *wiphy) 624void wiphy_free(struct wiphy *wiphy)
@@ -517,10 +629,10 @@ EXPORT_SYMBOL(wiphy_free);
517 629
518void wiphy_rfkill_set_hw_state(struct wiphy *wiphy, bool blocked) 630void wiphy_rfkill_set_hw_state(struct wiphy *wiphy, bool blocked)
519{ 631{
520 struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy); 632 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
521 633
522 if (rfkill_set_hw_state(drv->rfkill, blocked)) 634 if (rfkill_set_hw_state(rdev->rfkill, blocked))
523 schedule_work(&drv->rfkill_sync); 635 schedule_work(&rdev->rfkill_sync);
524} 636}
525EXPORT_SYMBOL(wiphy_rfkill_set_hw_state); 637EXPORT_SYMBOL(wiphy_rfkill_set_hw_state);
526 638
@@ -529,56 +641,125 @@ static int cfg80211_netdev_notifier_call(struct notifier_block * nb,
529 void *ndev) 641 void *ndev)
530{ 642{
531 struct net_device *dev = ndev; 643 struct net_device *dev = ndev;
644 struct wireless_dev *wdev = dev->ieee80211_ptr;
532 struct cfg80211_registered_device *rdev; 645 struct cfg80211_registered_device *rdev;
533 646
534 if (!dev->ieee80211_ptr) 647 if (!wdev)
535 return NOTIFY_DONE; 648 return NOTIFY_DONE;
536 649
537 rdev = wiphy_to_dev(dev->ieee80211_ptr->wiphy); 650 rdev = wiphy_to_dev(wdev->wiphy);
538 651
539 WARN_ON(dev->ieee80211_ptr->iftype == NL80211_IFTYPE_UNSPECIFIED); 652 WARN_ON(wdev->iftype == NL80211_IFTYPE_UNSPECIFIED);
540 653
541 switch (state) { 654 switch (state) {
542 case NETDEV_REGISTER: 655 case NETDEV_REGISTER:
656 mutex_init(&wdev->mtx);
657 INIT_LIST_HEAD(&wdev->event_list);
658 spin_lock_init(&wdev->event_lock);
543 mutex_lock(&rdev->devlist_mtx); 659 mutex_lock(&rdev->devlist_mtx);
544 list_add(&dev->ieee80211_ptr->list, &rdev->netdev_list); 660 list_add(&wdev->list, &rdev->netdev_list);
661 rdev->devlist_generation++;
662 /* can only change netns with wiphy */
663 dev->features |= NETIF_F_NETNS_LOCAL;
664
545 if (sysfs_create_link(&dev->dev.kobj, &rdev->wiphy.dev.kobj, 665 if (sysfs_create_link(&dev->dev.kobj, &rdev->wiphy.dev.kobj,
546 "phy80211")) { 666 "phy80211")) {
547 printk(KERN_ERR "wireless: failed to add phy80211 " 667 printk(KERN_ERR "wireless: failed to add phy80211 "
548 "symlink to netdev!\n"); 668 "symlink to netdev!\n");
549 } 669 }
550 dev->ieee80211_ptr->netdev = dev; 670 wdev->netdev = dev;
671 wdev->sme_state = CFG80211_SME_IDLE;
672 mutex_unlock(&rdev->devlist_mtx);
551#ifdef CONFIG_WIRELESS_EXT 673#ifdef CONFIG_WIRELESS_EXT
552 dev->ieee80211_ptr->wext.default_key = -1; 674 if (!dev->wireless_handlers)
553 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 675 dev->wireless_handlers = &cfg80211_wext_handler;
676 wdev->wext.default_key = -1;
677 wdev->wext.default_mgmt_key = -1;
678 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
679 wdev->wext.ps = wdev->wiphy->ps_default;
680 wdev->wext.ps_timeout = 100;
681 if (rdev->ops->set_power_mgmt)
682 if (rdev->ops->set_power_mgmt(wdev->wiphy, dev,
683 wdev->wext.ps,
684 wdev->wext.ps_timeout)) {
685 /* assume this means it's off */
686 wdev->wext.ps = false;
687 }
554#endif 688#endif
555 mutex_unlock(&rdev->devlist_mtx);
556 break; 689 break;
557 case NETDEV_GOING_DOWN: 690 case NETDEV_GOING_DOWN:
558 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 691 switch (wdev->iftype) {
692 case NL80211_IFTYPE_ADHOC:
693 cfg80211_leave_ibss(rdev, dev, true);
559 break; 694 break;
560 if (!dev->ieee80211_ptr->ssid_len) 695 case NL80211_IFTYPE_STATION:
696 wdev_lock(wdev);
697#ifdef CONFIG_WIRELESS_EXT
698 kfree(wdev->wext.ie);
699 wdev->wext.ie = NULL;
700 wdev->wext.ie_len = 0;
701 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
702#endif
703 __cfg80211_disconnect(rdev, dev,
704 WLAN_REASON_DEAUTH_LEAVING, true);
705 cfg80211_mlme_down(rdev, dev);
706 wdev_unlock(wdev);
707 break;
708 default:
561 break; 709 break;
562 cfg80211_leave_ibss(rdev, dev, true); 710 }
563 break; 711 break;
564 case NETDEV_UP: 712 case NETDEV_UP:
565#ifdef CONFIG_WIRELESS_EXT 713#ifdef CONFIG_WIRELESS_EXT
566 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 714 cfg80211_lock_rdev(rdev);
715 mutex_lock(&rdev->devlist_mtx);
716 wdev_lock(wdev);
717 switch (wdev->iftype) {
718 case NL80211_IFTYPE_ADHOC:
719 cfg80211_ibss_wext_join(rdev, wdev);
567 break; 720 break;
568 if (!dev->ieee80211_ptr->wext.ibss.ssid_len) 721 case NL80211_IFTYPE_STATION:
722 cfg80211_mgd_wext_connect(rdev, wdev);
569 break; 723 break;
570 cfg80211_join_ibss(rdev, dev, &dev->ieee80211_ptr->wext.ibss); 724 default:
571 break; 725 break;
726 }
727 wdev_unlock(wdev);
728 mutex_unlock(&rdev->devlist_mtx);
729 cfg80211_unlock_rdev(rdev);
572#endif 730#endif
731 break;
573 case NETDEV_UNREGISTER: 732 case NETDEV_UNREGISTER:
733 cfg80211_lock_rdev(rdev);
734
735 if (WARN_ON(rdev->scan_req && rdev->scan_req->dev == dev)) {
736 rdev->scan_req->aborted = true;
737 ___cfg80211_scan_done(rdev);
738 }
739
574 mutex_lock(&rdev->devlist_mtx); 740 mutex_lock(&rdev->devlist_mtx);
575 if (!list_empty(&dev->ieee80211_ptr->list)) { 741 /*
742 * It is possible to get NETDEV_UNREGISTER
743 * multiple times. To detect that, check
744 * that the interface is still on the list
745 * of registered interfaces, and only then
746 * remove and clean it up.
747 */
748 if (!list_empty(&wdev->list)) {
576 sysfs_remove_link(&dev->dev.kobj, "phy80211"); 749 sysfs_remove_link(&dev->dev.kobj, "phy80211");
577 list_del_init(&dev->ieee80211_ptr->list); 750 list_del_init(&wdev->list);
751 rdev->devlist_generation++;
752 mutex_destroy(&wdev->mtx);
753#ifdef CONFIG_WIRELESS_EXT
754 kfree(wdev->wext.keys);
755#endif
578 } 756 }
579 mutex_unlock(&rdev->devlist_mtx); 757 mutex_unlock(&rdev->devlist_mtx);
758 cfg80211_unlock_rdev(rdev);
580 break; 759 break;
581 case NETDEV_PRE_UP: 760 case NETDEV_PRE_UP:
761 if (!(wdev->wiphy->interface_modes & BIT(wdev->iftype)))
762 return notifier_from_errno(-EOPNOTSUPP);
582 if (rfkill_blocked(rdev->rfkill)) 763 if (rfkill_blocked(rdev->rfkill))
583 return notifier_from_errno(-ERFKILL); 764 return notifier_from_errno(-ERFKILL);
584 break; 765 break;
@@ -591,10 +772,32 @@ static struct notifier_block cfg80211_netdev_notifier = {
591 .notifier_call = cfg80211_netdev_notifier_call, 772 .notifier_call = cfg80211_netdev_notifier_call,
592}; 773};
593 774
594static int cfg80211_init(void) 775static void __net_exit cfg80211_pernet_exit(struct net *net)
776{
777 struct cfg80211_registered_device *rdev;
778
779 rtnl_lock();
780 mutex_lock(&cfg80211_mutex);
781 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
782 if (net_eq(wiphy_net(&rdev->wiphy), net))
783 WARN_ON(cfg80211_switch_netns(rdev, &init_net));
784 }
785 mutex_unlock(&cfg80211_mutex);
786 rtnl_unlock();
787}
788
789static struct pernet_operations cfg80211_pernet_ops = {
790 .exit = cfg80211_pernet_exit,
791};
792
793static int __init cfg80211_init(void)
595{ 794{
596 int err; 795 int err;
597 796
797 err = register_pernet_device(&cfg80211_pernet_ops);
798 if (err)
799 goto out_fail_pernet;
800
598 err = wiphy_sysfs_init(); 801 err = wiphy_sysfs_init();
599 if (err) 802 if (err)
600 goto out_fail_sysfs; 803 goto out_fail_sysfs;
@@ -622,9 +825,10 @@ out_fail_nl80211:
622out_fail_notifier: 825out_fail_notifier:
623 wiphy_sysfs_exit(); 826 wiphy_sysfs_exit();
624out_fail_sysfs: 827out_fail_sysfs:
828 unregister_pernet_device(&cfg80211_pernet_ops);
829out_fail_pernet:
625 return err; 830 return err;
626} 831}
627
628subsys_initcall(cfg80211_init); 832subsys_initcall(cfg80211_init);
629 833
630static void cfg80211_exit(void) 834static void cfg80211_exit(void)
@@ -634,5 +838,6 @@ static void cfg80211_exit(void)
634 unregister_netdevice_notifier(&cfg80211_netdev_notifier); 838 unregister_netdevice_notifier(&cfg80211_netdev_notifier);
635 wiphy_sysfs_exit(); 839 wiphy_sysfs_exit();
636 regulatory_exit(); 840 regulatory_exit();
841 unregister_pernet_device(&cfg80211_pernet_ops);
637} 842}
638module_exit(cfg80211_exit); 843module_exit(cfg80211_exit);
diff --git a/net/wireless/core.h b/net/wireless/core.h
index bfa340c7abb5..c603f5286326 100644
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -49,6 +49,7 @@ struct cfg80211_registered_device {
49 /* associate netdev list */ 49 /* associate netdev list */
50 struct mutex devlist_mtx; 50 struct mutex devlist_mtx;
51 struct list_head netdev_list; 51 struct list_head netdev_list;
52 int devlist_generation;
52 53
53 /* BSSes/scanning */ 54 /* BSSes/scanning */
54 spinlock_t bss_lock; 55 spinlock_t bss_lock;
@@ -57,6 +58,17 @@ struct cfg80211_registered_device {
57 u32 bss_generation; 58 u32 bss_generation;
58 struct cfg80211_scan_request *scan_req; /* protected by RTNL */ 59 struct cfg80211_scan_request *scan_req; /* protected by RTNL */
59 unsigned long suspend_at; 60 unsigned long suspend_at;
61 struct work_struct scan_done_wk;
62
63#ifdef CONFIG_NL80211_TESTMODE
64 struct genl_info *testmode_info;
65#endif
66
67 struct work_struct conn_work;
68 struct work_struct event_work;
69
70 /* current channel */
71 struct ieee80211_channel *channel;
60 72
61#ifdef CONFIG_CFG80211_DEBUGFS 73#ifdef CONFIG_CFG80211_DEBUGFS
62 /* Debugfs entries */ 74 /* Debugfs entries */
@@ -89,13 +101,14 @@ bool wiphy_idx_valid(int wiphy_idx)
89} 101}
90 102
91extern struct mutex cfg80211_mutex; 103extern struct mutex cfg80211_mutex;
92extern struct list_head cfg80211_drv_list; 104extern struct list_head cfg80211_rdev_list;
105extern int cfg80211_rdev_list_generation;
93 106
94#define assert_cfg80211_lock() WARN_ON(!mutex_is_locked(&cfg80211_mutex)) 107#define assert_cfg80211_lock() WARN_ON(!mutex_is_locked(&cfg80211_mutex))
95 108
96/* 109/*
97 * You can use this to mark a wiphy_idx as not having an associated wiphy. 110 * You can use this to mark a wiphy_idx as not having an associated wiphy.
98 * It guarantees cfg80211_drv_by_wiphy_idx(wiphy_idx) will return NULL 111 * It guarantees cfg80211_rdev_by_wiphy_idx(wiphy_idx) will return NULL
99 */ 112 */
100#define WIPHY_IDX_STALE -1 113#define WIPHY_IDX_STALE -1
101 114
@@ -104,17 +117,40 @@ struct cfg80211_internal_bss {
104 struct rb_node rbn; 117 struct rb_node rbn;
105 unsigned long ts; 118 unsigned long ts;
106 struct kref ref; 119 struct kref ref;
107 bool hold, ies_allocated; 120 atomic_t hold;
121 bool ies_allocated;
108 122
109 /* must be last because of priv member */ 123 /* must be last because of priv member */
110 struct cfg80211_bss pub; 124 struct cfg80211_bss pub;
111}; 125};
112 126
113struct cfg80211_registered_device *cfg80211_drv_by_wiphy_idx(int wiphy_idx); 127static inline struct cfg80211_internal_bss *bss_from_pub(struct cfg80211_bss *pub)
128{
129 return container_of(pub, struct cfg80211_internal_bss, pub);
130}
131
132static inline void cfg80211_ref_bss(struct cfg80211_internal_bss *bss)
133{
134 kref_get(&bss->ref);
135}
136
137static inline void cfg80211_hold_bss(struct cfg80211_internal_bss *bss)
138{
139 atomic_inc(&bss->hold);
140}
141
142static inline void cfg80211_unhold_bss(struct cfg80211_internal_bss *bss)
143{
144 int r = atomic_dec_return(&bss->hold);
145 WARN_ON(r < 0);
146}
147
148
149struct cfg80211_registered_device *cfg80211_rdev_by_wiphy_idx(int wiphy_idx);
114int get_wiphy_idx(struct wiphy *wiphy); 150int get_wiphy_idx(struct wiphy *wiphy);
115 151
116struct cfg80211_registered_device * 152struct cfg80211_registered_device *
117__cfg80211_drv_from_info(struct genl_info *info); 153__cfg80211_rdev_from_info(struct genl_info *info);
118 154
119/* 155/*
120 * This function returns a pointer to the driver 156 * This function returns a pointer to the driver
@@ -122,12 +158,12 @@ __cfg80211_drv_from_info(struct genl_info *info);
122 * If successful, it returns non-NULL and also locks 158 * If successful, it returns non-NULL and also locks
123 * the driver's mutex! 159 * the driver's mutex!
124 * 160 *
125 * This means that you need to call cfg80211_put_dev() 161 * This means that you need to call cfg80211_unlock_rdev()
126 * before being allowed to acquire &cfg80211_mutex! 162 * before being allowed to acquire &cfg80211_mutex!
127 * 163 *
128 * This is necessary because we need to lock the global 164 * This is necessary because we need to lock the global
129 * mutex to get an item off the list safely, and then 165 * mutex to get an item off the list safely, and then
130 * we lock the drv mutex so it doesn't go away under us. 166 * we lock the rdev mutex so it doesn't go away under us.
131 * 167 *
132 * We don't want to keep cfg80211_mutex locked 168 * We don't want to keep cfg80211_mutex locked
133 * for all the time in order to allow requests on 169 * for all the time in order to allow requests on
@@ -139,19 +175,93 @@ __cfg80211_drv_from_info(struct genl_info *info);
139extern struct cfg80211_registered_device * 175extern struct cfg80211_registered_device *
140cfg80211_get_dev_from_info(struct genl_info *info); 176cfg80211_get_dev_from_info(struct genl_info *info);
141 177
142/* requires cfg80211_drv_mutex to be held! */ 178/* requires cfg80211_rdev_mutex to be held! */
143struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx); 179struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx);
144 180
145/* identical to cfg80211_get_dev_from_info but only operate on ifindex */ 181/* identical to cfg80211_get_dev_from_info but only operate on ifindex */
146extern struct cfg80211_registered_device * 182extern struct cfg80211_registered_device *
147cfg80211_get_dev_from_ifindex(int ifindex); 183cfg80211_get_dev_from_ifindex(struct net *net, int ifindex);
184
185int cfg80211_switch_netns(struct cfg80211_registered_device *rdev,
186 struct net *net);
187
188static inline void cfg80211_lock_rdev(struct cfg80211_registered_device *rdev)
189{
190 mutex_lock(&rdev->mtx);
191}
192
193static inline void cfg80211_unlock_rdev(struct cfg80211_registered_device *rdev)
194{
195 BUG_ON(IS_ERR(rdev) || !rdev);
196 mutex_unlock(&rdev->mtx);
197}
198
199static inline void wdev_lock(struct wireless_dev *wdev)
200 __acquires(wdev)
201{
202 mutex_lock(&wdev->mtx);
203 __acquire(wdev->mtx);
204}
205
206static inline void wdev_unlock(struct wireless_dev *wdev)
207 __releases(wdev)
208{
209 __release(wdev->mtx);
210 mutex_unlock(&wdev->mtx);
211}
212
213#define ASSERT_RDEV_LOCK(rdev) WARN_ON(!mutex_is_locked(&(rdev)->mtx));
214#define ASSERT_WDEV_LOCK(wdev) WARN_ON(!mutex_is_locked(&(wdev)->mtx));
215
216enum cfg80211_event_type {
217 EVENT_CONNECT_RESULT,
218 EVENT_ROAMED,
219 EVENT_DISCONNECTED,
220 EVENT_IBSS_JOINED,
221};
222
223struct cfg80211_event {
224 struct list_head list;
225 enum cfg80211_event_type type;
226
227 union {
228 struct {
229 u8 bssid[ETH_ALEN];
230 const u8 *req_ie;
231 const u8 *resp_ie;
232 size_t req_ie_len;
233 size_t resp_ie_len;
234 u16 status;
235 } cr;
236 struct {
237 u8 bssid[ETH_ALEN];
238 const u8 *req_ie;
239 const u8 *resp_ie;
240 size_t req_ie_len;
241 size_t resp_ie_len;
242 } rm;
243 struct {
244 const u8 *ie;
245 size_t ie_len;
246 u16 reason;
247 } dc;
248 struct {
249 u8 bssid[ETH_ALEN];
250 } ij;
251 };
252};
253
254struct cfg80211_cached_keys {
255 struct key_params params[6];
256 u8 data[6][WLAN_MAX_KEY_LEN];
257 int def, defmgmt;
258};
148 259
149extern void cfg80211_put_dev(struct cfg80211_registered_device *drv);
150 260
151/* free object */ 261/* free object */
152extern void cfg80211_dev_free(struct cfg80211_registered_device *drv); 262extern void cfg80211_dev_free(struct cfg80211_registered_device *rdev);
153 263
154extern int cfg80211_dev_rename(struct cfg80211_registered_device *drv, 264extern int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
155 char *newname); 265 char *newname);
156 266
157void ieee80211_set_bitrate_flags(struct wiphy *wiphy); 267void ieee80211_set_bitrate_flags(struct wiphy *wiphy);
@@ -163,15 +273,109 @@ void cfg80211_bss_age(struct cfg80211_registered_device *dev,
163 unsigned long age_secs); 273 unsigned long age_secs);
164 274
165/* IBSS */ 275/* IBSS */
276int __cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
277 struct net_device *dev,
278 struct cfg80211_ibss_params *params,
279 struct cfg80211_cached_keys *connkeys);
166int cfg80211_join_ibss(struct cfg80211_registered_device *rdev, 280int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
167 struct net_device *dev, 281 struct net_device *dev,
168 struct cfg80211_ibss_params *params); 282 struct cfg80211_ibss_params *params,
283 struct cfg80211_cached_keys *connkeys);
169void cfg80211_clear_ibss(struct net_device *dev, bool nowext); 284void cfg80211_clear_ibss(struct net_device *dev, bool nowext);
170int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev, 285int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
171 struct net_device *dev, bool nowext); 286 struct net_device *dev, bool nowext);
287void __cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid);
288int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev,
289 struct wireless_dev *wdev);
290
291/* MLME */
292int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
293 struct net_device *dev,
294 struct ieee80211_channel *chan,
295 enum nl80211_auth_type auth_type,
296 const u8 *bssid,
297 const u8 *ssid, int ssid_len,
298 const u8 *ie, int ie_len,
299 const u8 *key, int key_len, int key_idx);
300int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
301 struct net_device *dev, struct ieee80211_channel *chan,
302 enum nl80211_auth_type auth_type, const u8 *bssid,
303 const u8 *ssid, int ssid_len,
304 const u8 *ie, int ie_len,
305 const u8 *key, int key_len, int key_idx);
306int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
307 struct net_device *dev,
308 struct ieee80211_channel *chan,
309 const u8 *bssid, const u8 *prev_bssid,
310 const u8 *ssid, int ssid_len,
311 const u8 *ie, int ie_len, bool use_mfp,
312 struct cfg80211_crypto_settings *crypt);
313int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
314 struct net_device *dev, struct ieee80211_channel *chan,
315 const u8 *bssid, const u8 *prev_bssid,
316 const u8 *ssid, int ssid_len,
317 const u8 *ie, int ie_len, bool use_mfp,
318 struct cfg80211_crypto_settings *crypt);
319int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
320 struct net_device *dev, const u8 *bssid,
321 const u8 *ie, int ie_len, u16 reason);
322int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
323 struct net_device *dev, const u8 *bssid,
324 const u8 *ie, int ie_len, u16 reason);
325int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
326 struct net_device *dev, const u8 *bssid,
327 const u8 *ie, int ie_len, u16 reason);
328void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
329 struct net_device *dev);
330void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
331 const u8 *req_ie, size_t req_ie_len,
332 const u8 *resp_ie, size_t resp_ie_len,
333 u16 status, bool wextev,
334 struct cfg80211_bss *bss);
335
336/* SME */
337int __cfg80211_connect(struct cfg80211_registered_device *rdev,
338 struct net_device *dev,
339 struct cfg80211_connect_params *connect,
340 struct cfg80211_cached_keys *connkeys,
341 const u8 *prev_bssid);
342int cfg80211_connect(struct cfg80211_registered_device *rdev,
343 struct net_device *dev,
344 struct cfg80211_connect_params *connect,
345 struct cfg80211_cached_keys *connkeys);
346int __cfg80211_disconnect(struct cfg80211_registered_device *rdev,
347 struct net_device *dev, u16 reason,
348 bool wextev);
349int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
350 struct net_device *dev, u16 reason,
351 bool wextev);
352void __cfg80211_roamed(struct wireless_dev *wdev, const u8 *bssid,
353 const u8 *req_ie, size_t req_ie_len,
354 const u8 *resp_ie, size_t resp_ie_len);
355int cfg80211_mgd_wext_connect(struct cfg80211_registered_device *rdev,
356 struct wireless_dev *wdev);
357
358void cfg80211_conn_work(struct work_struct *work);
359bool cfg80211_sme_failed_reassoc(struct wireless_dev *wdev);
172 360
173/* internal helpers */ 361/* internal helpers */
174int cfg80211_validate_key_settings(struct key_params *params, int key_idx, 362int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
363 struct key_params *params, int key_idx,
175 const u8 *mac_addr); 364 const u8 *mac_addr);
365void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
366 size_t ie_len, u16 reason, bool from_ap);
367void cfg80211_sme_scan_done(struct net_device *dev);
368void cfg80211_sme_rx_auth(struct net_device *dev, const u8 *buf, size_t len);
369void cfg80211_sme_disassoc(struct net_device *dev, int idx);
370void __cfg80211_scan_done(struct work_struct *wk);
371void ___cfg80211_scan_done(struct cfg80211_registered_device *rdev);
372void cfg80211_upload_connect_keys(struct wireless_dev *wdev);
373
374struct ieee80211_channel *
375rdev_fixed_channel(struct cfg80211_registered_device *rdev,
376 struct wireless_dev *for_wdev);
377int rdev_set_freq(struct cfg80211_registered_device *rdev,
378 struct wireless_dev *for_wdev,
379 int freq, enum nl80211_channel_type channel_type);
176 380
177#endif /* __NET_WIRELESS_CORE_H */ 381#endif /* __NET_WIRELESS_CORE_H */
diff --git a/net/wireless/debugfs.c b/net/wireless/debugfs.c
index 679ddfcec1ee..13d93d84f902 100644
--- a/net/wireless/debugfs.c
+++ b/net/wireless/debugfs.c
@@ -104,15 +104,15 @@ static const struct file_operations ht40allow_map_ops = {
104}; 104};
105 105
106#define DEBUGFS_ADD(name) \ 106#define DEBUGFS_ADD(name) \
107 drv->debugfs.name = debugfs_create_file(#name, S_IRUGO, phyd, \ 107 rdev->debugfs.name = debugfs_create_file(#name, S_IRUGO, phyd, \
108 &drv->wiphy, &name## _ops); 108 &rdev->wiphy, &name## _ops);
109#define DEBUGFS_DEL(name) \ 109#define DEBUGFS_DEL(name) \
110 debugfs_remove(drv->debugfs.name); \ 110 debugfs_remove(rdev->debugfs.name); \
111 drv->debugfs.name = NULL; 111 rdev->debugfs.name = NULL;
112 112
113void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv) 113void cfg80211_debugfs_rdev_add(struct cfg80211_registered_device *rdev)
114{ 114{
115 struct dentry *phyd = drv->wiphy.debugfsdir; 115 struct dentry *phyd = rdev->wiphy.debugfsdir;
116 116
117 DEBUGFS_ADD(rts_threshold); 117 DEBUGFS_ADD(rts_threshold);
118 DEBUGFS_ADD(fragmentation_threshold); 118 DEBUGFS_ADD(fragmentation_threshold);
@@ -121,7 +121,7 @@ void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv)
121 DEBUGFS_ADD(ht40allow_map); 121 DEBUGFS_ADD(ht40allow_map);
122} 122}
123 123
124void cfg80211_debugfs_drv_del(struct cfg80211_registered_device *drv) 124void cfg80211_debugfs_rdev_del(struct cfg80211_registered_device *rdev)
125{ 125{
126 DEBUGFS_DEL(rts_threshold); 126 DEBUGFS_DEL(rts_threshold);
127 DEBUGFS_DEL(fragmentation_threshold); 127 DEBUGFS_DEL(fragmentation_threshold);
diff --git a/net/wireless/debugfs.h b/net/wireless/debugfs.h
index c226983ae66b..6419b6d6ce3e 100644
--- a/net/wireless/debugfs.h
+++ b/net/wireless/debugfs.h
@@ -2,13 +2,13 @@
2#define __CFG80211_DEBUGFS_H 2#define __CFG80211_DEBUGFS_H
3 3
4#ifdef CONFIG_CFG80211_DEBUGFS 4#ifdef CONFIG_CFG80211_DEBUGFS
5void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv); 5void cfg80211_debugfs_rdev_add(struct cfg80211_registered_device *rdev);
6void cfg80211_debugfs_drv_del(struct cfg80211_registered_device *drv); 6void cfg80211_debugfs_rdev_del(struct cfg80211_registered_device *rdev);
7#else 7#else
8static inline 8static inline
9void cfg80211_debugfs_drv_add(struct cfg80211_registered_device *drv) {} 9void cfg80211_debugfs_rdev_add(struct cfg80211_registered_device *rdev) {}
10static inline 10static inline
11void cfg80211_debugfs_drv_del(struct cfg80211_registered_device *drv) {} 11void cfg80211_debugfs_rdev_del(struct cfg80211_registered_device *rdev) {}
12#endif 12#endif
13 13
14#endif /* __CFG80211_DEBUGFS_H */ 14#endif /* __CFG80211_DEBUGFS_H */
diff --git a/net/wireless/ibss.c b/net/wireless/ibss.c
index a4a1c3498ff2..42840a01be74 100644
--- a/net/wireless/ibss.c
+++ b/net/wireless/ibss.c
@@ -7,10 +7,11 @@
7#include <linux/etherdevice.h> 7#include <linux/etherdevice.h>
8#include <linux/if_arp.h> 8#include <linux/if_arp.h>
9#include <net/cfg80211.h> 9#include <net/cfg80211.h>
10#include "wext-compat.h"
10#include "nl80211.h" 11#include "nl80211.h"
11 12
12 13
13void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp) 14void __cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid)
14{ 15{
15 struct wireless_dev *wdev = dev->ieee80211_ptr; 16 struct wireless_dev *wdev = dev->ieee80211_ptr;
16 struct cfg80211_bss *bss; 17 struct cfg80211_bss *bss;
@@ -24,9 +25,6 @@ void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp)
24 if (WARN_ON(!wdev->ssid_len)) 25 if (WARN_ON(!wdev->ssid_len))
25 return; 26 return;
26 27
27 if (memcmp(bssid, wdev->bssid, ETH_ALEN) == 0)
28 return;
29
30 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid, 28 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
31 wdev->ssid, wdev->ssid_len, 29 wdev->ssid, wdev->ssid_len,
32 WLAN_CAPABILITY_IBSS, WLAN_CAPABILITY_IBSS); 30 WLAN_CAPABILITY_IBSS, WLAN_CAPABILITY_IBSS);
@@ -36,39 +34,74 @@ void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp)
36 34
37 if (wdev->current_bss) { 35 if (wdev->current_bss) {
38 cfg80211_unhold_bss(wdev->current_bss); 36 cfg80211_unhold_bss(wdev->current_bss);
39 cfg80211_put_bss(wdev->current_bss); 37 cfg80211_put_bss(&wdev->current_bss->pub);
40 } 38 }
41 39
42 cfg80211_hold_bss(bss); 40 cfg80211_hold_bss(bss_from_pub(bss));
43 wdev->current_bss = bss; 41 wdev->current_bss = bss_from_pub(bss);
44 memcpy(wdev->bssid, bssid, ETH_ALEN);
45 42
46 nl80211_send_ibss_bssid(wiphy_to_dev(wdev->wiphy), dev, bssid, gfp); 43 cfg80211_upload_connect_keys(wdev);
44
45 nl80211_send_ibss_bssid(wiphy_to_dev(wdev->wiphy), dev, bssid,
46 GFP_KERNEL);
47#ifdef CONFIG_WIRELESS_EXT 47#ifdef CONFIG_WIRELESS_EXT
48 memset(&wrqu, 0, sizeof(wrqu)); 48 memset(&wrqu, 0, sizeof(wrqu));
49 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN); 49 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
50 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 50 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
51#endif 51#endif
52} 52}
53
54void cfg80211_ibss_joined(struct net_device *dev, const u8 *bssid, gfp_t gfp)
55{
56 struct wireless_dev *wdev = dev->ieee80211_ptr;
57 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
58 struct cfg80211_event *ev;
59 unsigned long flags;
60
61 ev = kzalloc(sizeof(*ev), gfp);
62 if (!ev)
63 return;
64
65 ev->type = EVENT_IBSS_JOINED;
66 memcpy(ev->cr.bssid, bssid, ETH_ALEN);
67
68 spin_lock_irqsave(&wdev->event_lock, flags);
69 list_add_tail(&ev->list, &wdev->event_list);
70 spin_unlock_irqrestore(&wdev->event_lock, flags);
71 schedule_work(&rdev->event_work);
72}
53EXPORT_SYMBOL(cfg80211_ibss_joined); 73EXPORT_SYMBOL(cfg80211_ibss_joined);
54 74
55int cfg80211_join_ibss(struct cfg80211_registered_device *rdev, 75int __cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
56 struct net_device *dev, 76 struct net_device *dev,
57 struct cfg80211_ibss_params *params) 77 struct cfg80211_ibss_params *params,
78 struct cfg80211_cached_keys *connkeys)
58{ 79{
59 struct wireless_dev *wdev = dev->ieee80211_ptr; 80 struct wireless_dev *wdev = dev->ieee80211_ptr;
81 struct ieee80211_channel *chan;
60 int err; 82 int err;
61 83
84 ASSERT_WDEV_LOCK(wdev);
85
86 chan = rdev_fixed_channel(rdev, wdev);
87 if (chan && chan != params->channel)
88 return -EBUSY;
89
62 if (wdev->ssid_len) 90 if (wdev->ssid_len)
63 return -EALREADY; 91 return -EALREADY;
64 92
93 if (WARN_ON(wdev->connect_keys))
94 kfree(wdev->connect_keys);
95 wdev->connect_keys = connkeys;
96
65#ifdef CONFIG_WIRELESS_EXT 97#ifdef CONFIG_WIRELESS_EXT
66 wdev->wext.ibss.channel = params->channel; 98 wdev->wext.ibss.channel = params->channel;
67#endif 99#endif
68 err = rdev->ops->join_ibss(&rdev->wiphy, dev, params); 100 err = rdev->ops->join_ibss(&rdev->wiphy, dev, params);
69 101 if (err) {
70 if (err) 102 wdev->connect_keys = NULL;
71 return err; 103 return err;
104 }
72 105
73 memcpy(wdev->ssid, params->ssid, params->ssid_len); 106 memcpy(wdev->ssid, params->ssid, params->ssid_len);
74 wdev->ssid_len = params->ssid_len; 107 wdev->ssid_len = params->ssid_len;
@@ -76,45 +109,107 @@ int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
76 return 0; 109 return 0;
77} 110}
78 111
79void cfg80211_clear_ibss(struct net_device *dev, bool nowext) 112int cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
113 struct net_device *dev,
114 struct cfg80211_ibss_params *params,
115 struct cfg80211_cached_keys *connkeys)
116{
117 struct wireless_dev *wdev = dev->ieee80211_ptr;
118 int err;
119
120 mutex_lock(&rdev->devlist_mtx);
121 wdev_lock(wdev);
122 err = __cfg80211_join_ibss(rdev, dev, params, connkeys);
123 wdev_unlock(wdev);
124 mutex_unlock(&rdev->devlist_mtx);
125
126 return err;
127}
128
129static void __cfg80211_clear_ibss(struct net_device *dev, bool nowext)
80{ 130{
81 struct wireless_dev *wdev = dev->ieee80211_ptr; 131 struct wireless_dev *wdev = dev->ieee80211_ptr;
132 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
133 int i;
134
135 ASSERT_WDEV_LOCK(wdev);
136
137 kfree(wdev->connect_keys);
138 wdev->connect_keys = NULL;
139
140 /*
141 * Delete all the keys ... pairwise keys can't really
142 * exist any more anyway, but default keys might.
143 */
144 if (rdev->ops->del_key)
145 for (i = 0; i < 6; i++)
146 rdev->ops->del_key(wdev->wiphy, dev, i, NULL);
82 147
83 if (wdev->current_bss) { 148 if (wdev->current_bss) {
84 cfg80211_unhold_bss(wdev->current_bss); 149 cfg80211_unhold_bss(wdev->current_bss);
85 cfg80211_put_bss(wdev->current_bss); 150 cfg80211_put_bss(&wdev->current_bss->pub);
86 } 151 }
87 152
88 wdev->current_bss = NULL; 153 wdev->current_bss = NULL;
89 wdev->ssid_len = 0; 154 wdev->ssid_len = 0;
90 memset(wdev->bssid, 0, ETH_ALEN);
91#ifdef CONFIG_WIRELESS_EXT 155#ifdef CONFIG_WIRELESS_EXT
92 if (!nowext) 156 if (!nowext)
93 wdev->wext.ibss.ssid_len = 0; 157 wdev->wext.ibss.ssid_len = 0;
94#endif 158#endif
95} 159}
96 160
97int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev, 161void cfg80211_clear_ibss(struct net_device *dev, bool nowext)
98 struct net_device *dev, bool nowext) 162{
163 struct wireless_dev *wdev = dev->ieee80211_ptr;
164
165 wdev_lock(wdev);
166 __cfg80211_clear_ibss(dev, nowext);
167 wdev_unlock(wdev);
168}
169
170static int __cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
171 struct net_device *dev, bool nowext)
99{ 172{
173 struct wireless_dev *wdev = dev->ieee80211_ptr;
100 int err; 174 int err;
101 175
176 ASSERT_WDEV_LOCK(wdev);
177
178 if (!wdev->ssid_len)
179 return -ENOLINK;
180
102 err = rdev->ops->leave_ibss(&rdev->wiphy, dev); 181 err = rdev->ops->leave_ibss(&rdev->wiphy, dev);
103 182
104 if (err) 183 if (err)
105 return err; 184 return err;
106 185
107 cfg80211_clear_ibss(dev, nowext); 186 __cfg80211_clear_ibss(dev, nowext);
108 187
109 return 0; 188 return 0;
110} 189}
111 190
191int cfg80211_leave_ibss(struct cfg80211_registered_device *rdev,
192 struct net_device *dev, bool nowext)
193{
194 struct wireless_dev *wdev = dev->ieee80211_ptr;
195 int err;
196
197 wdev_lock(wdev);
198 err = __cfg80211_leave_ibss(rdev, dev, nowext);
199 wdev_unlock(wdev);
200
201 return err;
202}
203
112#ifdef CONFIG_WIRELESS_EXT 204#ifdef CONFIG_WIRELESS_EXT
113static int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev, 205int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev,
114 struct wireless_dev *wdev) 206 struct wireless_dev *wdev)
115{ 207{
208 struct cfg80211_cached_keys *ck = NULL;
116 enum ieee80211_band band; 209 enum ieee80211_band band;
117 int i; 210 int i, err;
211
212 ASSERT_WDEV_LOCK(wdev);
118 213
119 if (!wdev->wext.ibss.beacon_interval) 214 if (!wdev->wext.ibss.beacon_interval)
120 wdev->wext.ibss.beacon_interval = 100; 215 wdev->wext.ibss.beacon_interval = 100;
@@ -154,43 +249,66 @@ static int cfg80211_ibss_wext_join(struct cfg80211_registered_device *rdev,
154 if (!netif_running(wdev->netdev)) 249 if (!netif_running(wdev->netdev))
155 return 0; 250 return 0;
156 251
157 return cfg80211_join_ibss(wiphy_to_dev(wdev->wiphy), 252 if (wdev->wext.keys)
158 wdev->netdev, &wdev->wext.ibss); 253 wdev->wext.keys->def = wdev->wext.default_key;
254
255 wdev->wext.ibss.privacy = wdev->wext.default_key != -1;
256
257 if (wdev->wext.keys) {
258 ck = kmemdup(wdev->wext.keys, sizeof(*ck), GFP_KERNEL);
259 if (!ck)
260 return -ENOMEM;
261 for (i = 0; i < 6; i++)
262 ck->params[i].key = ck->data[i];
263 }
264 err = __cfg80211_join_ibss(rdev, wdev->netdev,
265 &wdev->wext.ibss, ck);
266 if (err)
267 kfree(ck);
268
269 return err;
159} 270}
160 271
161int cfg80211_ibss_wext_siwfreq(struct net_device *dev, 272int cfg80211_ibss_wext_siwfreq(struct net_device *dev,
162 struct iw_request_info *info, 273 struct iw_request_info *info,
163 struct iw_freq *freq, char *extra) 274 struct iw_freq *wextfreq, char *extra)
164{ 275{
165 struct wireless_dev *wdev = dev->ieee80211_ptr; 276 struct wireless_dev *wdev = dev->ieee80211_ptr;
166 struct ieee80211_channel *chan; 277 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
167 int err; 278 struct ieee80211_channel *chan = NULL;
279 int err, freq;
168 280
169 /* call only for ibss! */ 281 /* call only for ibss! */
170 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC)) 282 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
171 return -EINVAL; 283 return -EINVAL;
172 284
173 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss) 285 if (!rdev->ops->join_ibss)
174 return -EOPNOTSUPP; 286 return -EOPNOTSUPP;
175 287
176 chan = cfg80211_wext_freq(wdev->wiphy, freq); 288 freq = cfg80211_wext_freq(wdev->wiphy, wextfreq);
177 if (chan && IS_ERR(chan)) 289 if (freq < 0)
178 return PTR_ERR(chan); 290 return freq;
179 291
180 if (chan && 292 if (freq) {
181 (chan->flags & IEEE80211_CHAN_NO_IBSS || 293 chan = ieee80211_get_channel(wdev->wiphy, freq);
182 chan->flags & IEEE80211_CHAN_DISABLED)) 294 if (!chan)
183 return -EINVAL; 295 return -EINVAL;
296 if (chan->flags & IEEE80211_CHAN_NO_IBSS ||
297 chan->flags & IEEE80211_CHAN_DISABLED)
298 return -EINVAL;
299 }
184 300
185 if (wdev->wext.ibss.channel == chan) 301 if (wdev->wext.ibss.channel == chan)
186 return 0; 302 return 0;
187 303
188 if (wdev->ssid_len) { 304 wdev_lock(wdev);
189 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy), 305 err = 0;
190 dev, true); 306 if (wdev->ssid_len)
191 if (err) 307 err = __cfg80211_leave_ibss(rdev, dev, true);
192 return err; 308 wdev_unlock(wdev);
193 } 309
310 if (err)
311 return err;
194 312
195 if (chan) { 313 if (chan) {
196 wdev->wext.ibss.channel = chan; 314 wdev->wext.ibss.channel = chan;
@@ -200,10 +318,14 @@ int cfg80211_ibss_wext_siwfreq(struct net_device *dev,
200 wdev->wext.ibss.channel_fixed = false; 318 wdev->wext.ibss.channel_fixed = false;
201 } 319 }
202 320
203 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev); 321 mutex_lock(&rdev->devlist_mtx);
322 wdev_lock(wdev);
323 err = cfg80211_ibss_wext_join(rdev, wdev);
324 wdev_unlock(wdev);
325 mutex_unlock(&rdev->devlist_mtx);
326
327 return err;
204} 328}
205/* temporary symbol - mark GPL - in the future the handler won't be */
206EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwfreq);
207 329
208int cfg80211_ibss_wext_giwfreq(struct net_device *dev, 330int cfg80211_ibss_wext_giwfreq(struct net_device *dev,
209 struct iw_request_info *info, 331 struct iw_request_info *info,
@@ -216,10 +338,12 @@ int cfg80211_ibss_wext_giwfreq(struct net_device *dev,
216 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC)) 338 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
217 return -EINVAL; 339 return -EINVAL;
218 340
341 wdev_lock(wdev);
219 if (wdev->current_bss) 342 if (wdev->current_bss)
220 chan = wdev->current_bss->channel; 343 chan = wdev->current_bss->pub.channel;
221 else if (wdev->wext.ibss.channel) 344 else if (wdev->wext.ibss.channel)
222 chan = wdev->wext.ibss.channel; 345 chan = wdev->wext.ibss.channel;
346 wdev_unlock(wdev);
223 347
224 if (chan) { 348 if (chan) {
225 freq->m = chan->center_freq; 349 freq->m = chan->center_freq;
@@ -230,14 +354,13 @@ int cfg80211_ibss_wext_giwfreq(struct net_device *dev,
230 /* no channel if not joining */ 354 /* no channel if not joining */
231 return -EINVAL; 355 return -EINVAL;
232} 356}
233/* temporary symbol - mark GPL - in the future the handler won't be */
234EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_giwfreq);
235 357
236int cfg80211_ibss_wext_siwessid(struct net_device *dev, 358int cfg80211_ibss_wext_siwessid(struct net_device *dev,
237 struct iw_request_info *info, 359 struct iw_request_info *info,
238 struct iw_point *data, char *ssid) 360 struct iw_point *data, char *ssid)
239{ 361{
240 struct wireless_dev *wdev = dev->ieee80211_ptr; 362 struct wireless_dev *wdev = dev->ieee80211_ptr;
363 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
241 size_t len = data->length; 364 size_t len = data->length;
242 int err; 365 int err;
243 366
@@ -245,15 +368,17 @@ int cfg80211_ibss_wext_siwessid(struct net_device *dev,
245 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC)) 368 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
246 return -EINVAL; 369 return -EINVAL;
247 370
248 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss) 371 if (!rdev->ops->join_ibss)
249 return -EOPNOTSUPP; 372 return -EOPNOTSUPP;
250 373
251 if (wdev->ssid_len) { 374 wdev_lock(wdev);
252 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy), 375 err = 0;
253 dev, true); 376 if (wdev->ssid_len)
254 if (err) 377 err = __cfg80211_leave_ibss(rdev, dev, true);
255 return err; 378 wdev_unlock(wdev);
256 } 379
380 if (err)
381 return err;
257 382
258 /* iwconfig uses nul termination in SSID.. */ 383 /* iwconfig uses nul termination in SSID.. */
259 if (len > 0 && ssid[len - 1] == '\0') 384 if (len > 0 && ssid[len - 1] == '\0')
@@ -263,10 +388,14 @@ int cfg80211_ibss_wext_siwessid(struct net_device *dev,
263 memcpy(wdev->wext.ibss.ssid, ssid, len); 388 memcpy(wdev->wext.ibss.ssid, ssid, len);
264 wdev->wext.ibss.ssid_len = len; 389 wdev->wext.ibss.ssid_len = len;
265 390
266 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev); 391 mutex_lock(&rdev->devlist_mtx);
392 wdev_lock(wdev);
393 err = cfg80211_ibss_wext_join(rdev, wdev);
394 wdev_unlock(wdev);
395 mutex_unlock(&rdev->devlist_mtx);
396
397 return err;
267} 398}
268/* temporary symbol - mark GPL - in the future the handler won't be */
269EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwessid);
270 399
271int cfg80211_ibss_wext_giwessid(struct net_device *dev, 400int cfg80211_ibss_wext_giwessid(struct net_device *dev,
272 struct iw_request_info *info, 401 struct iw_request_info *info,
@@ -280,6 +409,7 @@ int cfg80211_ibss_wext_giwessid(struct net_device *dev,
280 409
281 data->flags = 0; 410 data->flags = 0;
282 411
412 wdev_lock(wdev);
283 if (wdev->ssid_len) { 413 if (wdev->ssid_len) {
284 data->flags = 1; 414 data->flags = 1;
285 data->length = wdev->ssid_len; 415 data->length = wdev->ssid_len;
@@ -289,17 +419,17 @@ int cfg80211_ibss_wext_giwessid(struct net_device *dev,
289 data->length = wdev->wext.ibss.ssid_len; 419 data->length = wdev->wext.ibss.ssid_len;
290 memcpy(ssid, wdev->wext.ibss.ssid, data->length); 420 memcpy(ssid, wdev->wext.ibss.ssid, data->length);
291 } 421 }
422 wdev_unlock(wdev);
292 423
293 return 0; 424 return 0;
294} 425}
295/* temporary symbol - mark GPL - in the future the handler won't be */
296EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_giwessid);
297 426
298int cfg80211_ibss_wext_siwap(struct net_device *dev, 427int cfg80211_ibss_wext_siwap(struct net_device *dev,
299 struct iw_request_info *info, 428 struct iw_request_info *info,
300 struct sockaddr *ap_addr, char *extra) 429 struct sockaddr *ap_addr, char *extra)
301{ 430{
302 struct wireless_dev *wdev = dev->ieee80211_ptr; 431 struct wireless_dev *wdev = dev->ieee80211_ptr;
432 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
303 u8 *bssid = ap_addr->sa_data; 433 u8 *bssid = ap_addr->sa_data;
304 int err; 434 int err;
305 435
@@ -307,7 +437,7 @@ int cfg80211_ibss_wext_siwap(struct net_device *dev,
307 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC)) 437 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_ADHOC))
308 return -EINVAL; 438 return -EINVAL;
309 439
310 if (!wiphy_to_dev(wdev->wiphy)->ops->join_ibss) 440 if (!rdev->ops->join_ibss)
311 return -EOPNOTSUPP; 441 return -EOPNOTSUPP;
312 442
313 if (ap_addr->sa_family != ARPHRD_ETHER) 443 if (ap_addr->sa_family != ARPHRD_ETHER)
@@ -326,12 +456,14 @@ int cfg80211_ibss_wext_siwap(struct net_device *dev,
326 compare_ether_addr(bssid, wdev->wext.ibss.bssid) == 0) 456 compare_ether_addr(bssid, wdev->wext.ibss.bssid) == 0)
327 return 0; 457 return 0;
328 458
329 if (wdev->ssid_len) { 459 wdev_lock(wdev);
330 err = cfg80211_leave_ibss(wiphy_to_dev(wdev->wiphy), 460 err = 0;
331 dev, true); 461 if (wdev->ssid_len)
332 if (err) 462 err = __cfg80211_leave_ibss(rdev, dev, true);
333 return err; 463 wdev_unlock(wdev);
334 } 464
465 if (err)
466 return err;
335 467
336 if (bssid) { 468 if (bssid) {
337 memcpy(wdev->wext.bssid, bssid, ETH_ALEN); 469 memcpy(wdev->wext.bssid, bssid, ETH_ALEN);
@@ -339,10 +471,14 @@ int cfg80211_ibss_wext_siwap(struct net_device *dev,
339 } else 471 } else
340 wdev->wext.ibss.bssid = NULL; 472 wdev->wext.ibss.bssid = NULL;
341 473
342 return cfg80211_ibss_wext_join(wiphy_to_dev(wdev->wiphy), wdev); 474 mutex_lock(&rdev->devlist_mtx);
475 wdev_lock(wdev);
476 err = cfg80211_ibss_wext_join(rdev, wdev);
477 wdev_unlock(wdev);
478 mutex_unlock(&rdev->devlist_mtx);
479
480 return err;
343} 481}
344/* temporary symbol - mark GPL - in the future the handler won't be */
345EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_siwap);
346 482
347int cfg80211_ibss_wext_giwap(struct net_device *dev, 483int cfg80211_ibss_wext_giwap(struct net_device *dev,
348 struct iw_request_info *info, 484 struct iw_request_info *info,
@@ -356,14 +492,16 @@ int cfg80211_ibss_wext_giwap(struct net_device *dev,
356 492
357 ap_addr->sa_family = ARPHRD_ETHER; 493 ap_addr->sa_family = ARPHRD_ETHER;
358 494
359 if (wdev->wext.ibss.bssid) { 495 wdev_lock(wdev);
496 if (wdev->current_bss)
497 memcpy(ap_addr->sa_data, wdev->current_bss->pub.bssid, ETH_ALEN);
498 else if (wdev->wext.ibss.bssid)
360 memcpy(ap_addr->sa_data, wdev->wext.ibss.bssid, ETH_ALEN); 499 memcpy(ap_addr->sa_data, wdev->wext.ibss.bssid, ETH_ALEN);
361 return 0; 500 else
362 } 501 memset(ap_addr->sa_data, 0, ETH_ALEN);
502
503 wdev_unlock(wdev);
363 504
364 memcpy(ap_addr->sa_data, wdev->bssid, ETH_ALEN);
365 return 0; 505 return 0;
366} 506}
367/* temporary symbol - mark GPL - in the future the handler won't be */
368EXPORT_SYMBOL_GPL(cfg80211_ibss_wext_giwap);
369#endif 507#endif
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 42184361a109..da64071ceb84 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -8,75 +8,643 @@
8#include <linux/module.h> 8#include <linux/module.h>
9#include <linux/netdevice.h> 9#include <linux/netdevice.h>
10#include <linux/nl80211.h> 10#include <linux/nl80211.h>
11#include <linux/wireless.h>
11#include <net/cfg80211.h> 12#include <net/cfg80211.h>
13#include <net/iw_handler.h>
12#include "core.h" 14#include "core.h"
13#include "nl80211.h" 15#include "nl80211.h"
14 16
15void cfg80211_send_rx_auth(struct net_device *dev, const u8 *buf, size_t len) 17void cfg80211_send_rx_auth(struct net_device *dev, const u8 *buf, size_t len)
16{ 18{
17 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 19 struct wireless_dev *wdev = dev->ieee80211_ptr;
20 struct wiphy *wiphy = wdev->wiphy;
18 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 21 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
19 nl80211_send_rx_auth(rdev, dev, buf, len); 22 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
23 u8 *bssid = mgmt->bssid;
24 int i;
25 u16 status = le16_to_cpu(mgmt->u.auth.status_code);
26 bool done = false;
27
28 wdev_lock(wdev);
29
30 for (i = 0; i < MAX_AUTH_BSSES; i++) {
31 if (wdev->authtry_bsses[i] &&
32 memcmp(wdev->authtry_bsses[i]->pub.bssid, bssid,
33 ETH_ALEN) == 0) {
34 if (status == WLAN_STATUS_SUCCESS) {
35 wdev->auth_bsses[i] = wdev->authtry_bsses[i];
36 } else {
37 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
38 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
39 }
40 wdev->authtry_bsses[i] = NULL;
41 done = true;
42 break;
43 }
44 }
45
46 WARN_ON(!done);
47
48 nl80211_send_rx_auth(rdev, dev, buf, len, GFP_KERNEL);
49 cfg80211_sme_rx_auth(dev, buf, len);
50
51 wdev_unlock(wdev);
20} 52}
21EXPORT_SYMBOL(cfg80211_send_rx_auth); 53EXPORT_SYMBOL(cfg80211_send_rx_auth);
22 54
23void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len) 55void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
24{ 56{
25 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 57 u16 status_code;
58 struct wireless_dev *wdev = dev->ieee80211_ptr;
59 struct wiphy *wiphy = wdev->wiphy;
26 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 60 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
27 nl80211_send_rx_assoc(rdev, dev, buf, len); 61 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
62 u8 *ie = mgmt->u.assoc_resp.variable;
63 int i, ieoffs = offsetof(struct ieee80211_mgmt, u.assoc_resp.variable);
64 struct cfg80211_internal_bss *bss = NULL;
65
66 wdev_lock(wdev);
67
68 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
69
70 /*
71 * This is a bit of a hack, we don't notify userspace of
72 * a (re-)association reply if we tried to send a reassoc
73 * and got a reject -- we only try again with an assoc
74 * frame instead of reassoc.
75 */
76 if (status_code != WLAN_STATUS_SUCCESS && wdev->conn &&
77 cfg80211_sme_failed_reassoc(wdev))
78 goto out;
79
80 nl80211_send_rx_assoc(rdev, dev, buf, len, GFP_KERNEL);
81
82 if (status_code == WLAN_STATUS_SUCCESS) {
83 for (i = 0; i < MAX_AUTH_BSSES; i++) {
84 if (!wdev->auth_bsses[i])
85 continue;
86 if (memcmp(wdev->auth_bsses[i]->pub.bssid, mgmt->bssid,
87 ETH_ALEN) == 0) {
88 bss = wdev->auth_bsses[i];
89 wdev->auth_bsses[i] = NULL;
90 /* additional reference to drop hold */
91 cfg80211_ref_bss(bss);
92 break;
93 }
94 }
95
96 WARN_ON(!bss);
97 }
98
99 /* this consumes one bss reference (unless bss is NULL) */
100 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, ie, len - ieoffs,
101 status_code,
102 status_code == WLAN_STATUS_SUCCESS,
103 bss ? &bss->pub : NULL);
104 /* drop hold now, and also reference acquired above */
105 if (bss) {
106 cfg80211_unhold_bss(bss);
107 cfg80211_put_bss(&bss->pub);
108 }
109
110 out:
111 wdev_unlock(wdev);
28} 112}
29EXPORT_SYMBOL(cfg80211_send_rx_assoc); 113EXPORT_SYMBOL(cfg80211_send_rx_assoc);
30 114
31void cfg80211_send_deauth(struct net_device *dev, const u8 *buf, size_t len) 115static void __cfg80211_send_deauth(struct net_device *dev,
116 const u8 *buf, size_t len)
32{ 117{
33 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 118 struct wireless_dev *wdev = dev->ieee80211_ptr;
119 struct wiphy *wiphy = wdev->wiphy;
34 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 120 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
35 nl80211_send_deauth(rdev, dev, buf, len); 121 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
122 const u8 *bssid = mgmt->bssid;
123 int i;
124 bool done = false;
125
126 ASSERT_WDEV_LOCK(wdev);
127
128 nl80211_send_deauth(rdev, dev, buf, len, GFP_KERNEL);
129
130 if (wdev->current_bss &&
131 memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
132 done = true;
133 cfg80211_unhold_bss(wdev->current_bss);
134 cfg80211_put_bss(&wdev->current_bss->pub);
135 wdev->current_bss = NULL;
136 } else for (i = 0; i < MAX_AUTH_BSSES; i++) {
137 if (wdev->auth_bsses[i] &&
138 memcmp(wdev->auth_bsses[i]->pub.bssid, bssid, ETH_ALEN) == 0) {
139 cfg80211_unhold_bss(wdev->auth_bsses[i]);
140 cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
141 wdev->auth_bsses[i] = NULL;
142 done = true;
143 break;
144 }
145 if (wdev->authtry_bsses[i] &&
146 memcmp(wdev->authtry_bsses[i]->pub.bssid, bssid, ETH_ALEN) == 0) {
147 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
148 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
149 wdev->authtry_bsses[i] = NULL;
150 done = true;
151 break;
152 }
153 }
154
155 WARN_ON(!done);
156
157 if (wdev->sme_state == CFG80211_SME_CONNECTED) {
158 u16 reason_code;
159 bool from_ap;
160
161 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
162
163 from_ap = memcmp(mgmt->sa, dev->dev_addr, ETH_ALEN) != 0;
164 __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap);
165 } else if (wdev->sme_state == CFG80211_SME_CONNECTING) {
166 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0,
167 WLAN_STATUS_UNSPECIFIED_FAILURE,
168 false, NULL);
169 }
170}
171
172
173void cfg80211_send_deauth(struct net_device *dev, const u8 *buf, size_t len,
174 void *cookie)
175{
176 struct wireless_dev *wdev = dev->ieee80211_ptr;
177
178 BUG_ON(cookie && wdev != cookie);
179
180 if (cookie) {
181 /* called within callback */
182 __cfg80211_send_deauth(dev, buf, len);
183 } else {
184 wdev_lock(wdev);
185 __cfg80211_send_deauth(dev, buf, len);
186 wdev_unlock(wdev);
187 }
36} 188}
37EXPORT_SYMBOL(cfg80211_send_deauth); 189EXPORT_SYMBOL(cfg80211_send_deauth);
38 190
39void cfg80211_send_disassoc(struct net_device *dev, const u8 *buf, size_t len) 191static void __cfg80211_send_disassoc(struct net_device *dev,
192 const u8 *buf, size_t len)
40{ 193{
41 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 194 struct wireless_dev *wdev = dev->ieee80211_ptr;
195 struct wiphy *wiphy = wdev->wiphy;
42 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 196 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
43 nl80211_send_disassoc(rdev, dev, buf, len); 197 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
198 const u8 *bssid = mgmt->bssid;
199 int i;
200 u16 reason_code;
201 bool from_ap;
202 bool done = false;
203
204 ASSERT_WDEV_LOCK(wdev);
205
206 nl80211_send_disassoc(rdev, dev, buf, len, GFP_KERNEL);
207
208 if (wdev->sme_state != CFG80211_SME_CONNECTED)
209 return;
210
211 if (wdev->current_bss &&
212 memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
213 for (i = 0; i < MAX_AUTH_BSSES; i++) {
214 if (wdev->authtry_bsses[i] || wdev->auth_bsses[i])
215 continue;
216 wdev->auth_bsses[i] = wdev->current_bss;
217 wdev->current_bss = NULL;
218 done = true;
219 cfg80211_sme_disassoc(dev, i);
220 break;
221 }
222 WARN_ON(!done);
223 } else
224 WARN_ON(1);
225
226
227 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
228
229 from_ap = memcmp(mgmt->sa, dev->dev_addr, ETH_ALEN) != 0;
230 __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap);
44} 231}
45EXPORT_SYMBOL(cfg80211_send_disassoc);
46 232
47static void cfg80211_wext_disconnected(struct net_device *dev) 233void cfg80211_send_disassoc(struct net_device *dev, const u8 *buf, size_t len,
234 void *cookie)
48{ 235{
49#ifdef CONFIG_WIRELESS_EXT 236 struct wireless_dev *wdev = dev->ieee80211_ptr;
50 union iwreq_data wrqu; 237
51 memset(&wrqu, 0, sizeof(wrqu)); 238 BUG_ON(cookie && wdev != cookie);
52 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 239
53#endif 240 if (cookie) {
241 /* called within callback */
242 __cfg80211_send_disassoc(dev, buf, len);
243 } else {
244 wdev_lock(wdev);
245 __cfg80211_send_disassoc(dev, buf, len);
246 wdev_unlock(wdev);
247 }
54} 248}
249EXPORT_SYMBOL(cfg80211_send_disassoc);
55 250
56void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr) 251void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr)
57{ 252{
58 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 253 struct wireless_dev *wdev = dev->ieee80211_ptr;
254 struct wiphy *wiphy = wdev->wiphy;
59 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 255 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
60 nl80211_send_auth_timeout(rdev, dev, addr); 256 int i;
61 cfg80211_wext_disconnected(dev); 257 bool done = false;
258
259 wdev_lock(wdev);
260
261 nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL);
262 if (wdev->sme_state == CFG80211_SME_CONNECTING)
263 __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0,
264 WLAN_STATUS_UNSPECIFIED_FAILURE,
265 false, NULL);
266
267 for (i = 0; addr && i < MAX_AUTH_BSSES; i++) {
268 if (wdev->authtry_bsses[i] &&
269 memcmp(wdev->authtry_bsses[i]->pub.bssid,
270 addr, ETH_ALEN) == 0) {
271 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
272 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
273 wdev->authtry_bsses[i] = NULL;
274 done = true;
275 break;
276 }
277 }
278
279 WARN_ON(!done);
280
281 wdev_unlock(wdev);
62} 282}
63EXPORT_SYMBOL(cfg80211_send_auth_timeout); 283EXPORT_SYMBOL(cfg80211_send_auth_timeout);
64 284
65void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr) 285void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr)
66{ 286{
67 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 287 struct wireless_dev *wdev = dev->ieee80211_ptr;
288 struct wiphy *wiphy = wdev->wiphy;
68 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 289 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
69 nl80211_send_assoc_timeout(rdev, dev, addr); 290 int i;
70 cfg80211_wext_disconnected(dev); 291 bool done = false;
292
293 wdev_lock(wdev);
294
295 nl80211_send_assoc_timeout(rdev, dev, addr, GFP_KERNEL);
296 if (wdev->sme_state == CFG80211_SME_CONNECTING)
297 __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0,
298 WLAN_STATUS_UNSPECIFIED_FAILURE,
299 false, NULL);
300
301 for (i = 0; addr && i < MAX_AUTH_BSSES; i++) {
302 if (wdev->auth_bsses[i] &&
303 memcmp(wdev->auth_bsses[i]->pub.bssid,
304 addr, ETH_ALEN) == 0) {
305 cfg80211_unhold_bss(wdev->auth_bsses[i]);
306 cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
307 wdev->auth_bsses[i] = NULL;
308 done = true;
309 break;
310 }
311 }
312
313 WARN_ON(!done);
314
315 wdev_unlock(wdev);
71} 316}
72EXPORT_SYMBOL(cfg80211_send_assoc_timeout); 317EXPORT_SYMBOL(cfg80211_send_assoc_timeout);
73 318
74void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr, 319void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr,
75 enum nl80211_key_type key_type, int key_id, 320 enum nl80211_key_type key_type, int key_id,
76 const u8 *tsc) 321 const u8 *tsc, gfp_t gfp)
77{ 322{
78 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 323 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
79 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 324 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
80 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc); 325#ifdef CONFIG_WIRELESS_EXT
326 union iwreq_data wrqu;
327 char *buf = kmalloc(128, gfp);
328
329 if (buf) {
330 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
331 "keyid=%d %scast addr=%pM)", key_id,
332 key_type == NL80211_KEYTYPE_GROUP ? "broad" : "uni",
333 addr);
334 memset(&wrqu, 0, sizeof(wrqu));
335 wrqu.data.length = strlen(buf);
336 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
337 kfree(buf);
338 }
339#endif
340
341 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp);
81} 342}
82EXPORT_SYMBOL(cfg80211_michael_mic_failure); 343EXPORT_SYMBOL(cfg80211_michael_mic_failure);
344
345/* some MLME handling for userspace SME */
346int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
347 struct net_device *dev,
348 struct ieee80211_channel *chan,
349 enum nl80211_auth_type auth_type,
350 const u8 *bssid,
351 const u8 *ssid, int ssid_len,
352 const u8 *ie, int ie_len,
353 const u8 *key, int key_len, int key_idx)
354{
355 struct wireless_dev *wdev = dev->ieee80211_ptr;
356 struct cfg80211_auth_request req;
357 struct cfg80211_internal_bss *bss;
358 int i, err, slot = -1, nfree = 0;
359
360 ASSERT_WDEV_LOCK(wdev);
361
362 if (auth_type == NL80211_AUTHTYPE_SHARED_KEY)
363 if (!key || !key_len || key_idx < 0 || key_idx > 4)
364 return -EINVAL;
365
366 if (wdev->current_bss &&
367 memcmp(bssid, wdev->current_bss->pub.bssid, ETH_ALEN) == 0)
368 return -EALREADY;
369
370 for (i = 0; i < MAX_AUTH_BSSES; i++) {
371 if (wdev->authtry_bsses[i] &&
372 memcmp(bssid, wdev->authtry_bsses[i]->pub.bssid,
373 ETH_ALEN) == 0)
374 return -EALREADY;
375 if (wdev->auth_bsses[i] &&
376 memcmp(bssid, wdev->auth_bsses[i]->pub.bssid,
377 ETH_ALEN) == 0)
378 return -EALREADY;
379 }
380
381 memset(&req, 0, sizeof(req));
382
383 req.ie = ie;
384 req.ie_len = ie_len;
385 req.auth_type = auth_type;
386 req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len,
387 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
388 req.key = key;
389 req.key_len = key_len;
390 req.key_idx = key_idx;
391 if (!req.bss)
392 return -ENOENT;
393
394 bss = bss_from_pub(req.bss);
395
396 for (i = 0; i < MAX_AUTH_BSSES; i++) {
397 if (!wdev->auth_bsses[i] && !wdev->authtry_bsses[i]) {
398 slot = i;
399 nfree++;
400 }
401 }
402
403 /* we need one free slot for disassoc and one for this auth */
404 if (nfree < 2) {
405 err = -ENOSPC;
406 goto out;
407 }
408
409 wdev->authtry_bsses[slot] = bss;
410 cfg80211_hold_bss(bss);
411
412 err = rdev->ops->auth(&rdev->wiphy, dev, &req);
413 if (err) {
414 wdev->authtry_bsses[slot] = NULL;
415 cfg80211_unhold_bss(bss);
416 }
417
418 out:
419 if (err)
420 cfg80211_put_bss(req.bss);
421 return err;
422}
423
424int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
425 struct net_device *dev, struct ieee80211_channel *chan,
426 enum nl80211_auth_type auth_type, const u8 *bssid,
427 const u8 *ssid, int ssid_len,
428 const u8 *ie, int ie_len,
429 const u8 *key, int key_len, int key_idx)
430{
431 int err;
432
433 wdev_lock(dev->ieee80211_ptr);
434 err = __cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
435 ssid, ssid_len, ie, ie_len,
436 key, key_len, key_idx);
437 wdev_unlock(dev->ieee80211_ptr);
438
439 return err;
440}
441
442int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
443 struct net_device *dev,
444 struct ieee80211_channel *chan,
445 const u8 *bssid, const u8 *prev_bssid,
446 const u8 *ssid, int ssid_len,
447 const u8 *ie, int ie_len, bool use_mfp,
448 struct cfg80211_crypto_settings *crypt)
449{
450 struct wireless_dev *wdev = dev->ieee80211_ptr;
451 struct cfg80211_assoc_request req;
452 struct cfg80211_internal_bss *bss;
453 int i, err, slot = -1;
454
455 ASSERT_WDEV_LOCK(wdev);
456
457 memset(&req, 0, sizeof(req));
458
459 if (wdev->current_bss)
460 return -EALREADY;
461
462 req.ie = ie;
463 req.ie_len = ie_len;
464 memcpy(&req.crypto, crypt, sizeof(req.crypto));
465 req.use_mfp = use_mfp;
466 req.prev_bssid = prev_bssid;
467 req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len,
468 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
469 if (!req.bss)
470 return -ENOENT;
471
472 bss = bss_from_pub(req.bss);
473
474 for (i = 0; i < MAX_AUTH_BSSES; i++) {
475 if (bss == wdev->auth_bsses[i]) {
476 slot = i;
477 break;
478 }
479 }
480
481 if (slot < 0) {
482 err = -ENOTCONN;
483 goto out;
484 }
485
486 err = rdev->ops->assoc(&rdev->wiphy, dev, &req);
487 out:
488 /* still a reference in wdev->auth_bsses[slot] */
489 cfg80211_put_bss(req.bss);
490 return err;
491}
492
493int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
494 struct net_device *dev,
495 struct ieee80211_channel *chan,
496 const u8 *bssid, const u8 *prev_bssid,
497 const u8 *ssid, int ssid_len,
498 const u8 *ie, int ie_len, bool use_mfp,
499 struct cfg80211_crypto_settings *crypt)
500{
501 struct wireless_dev *wdev = dev->ieee80211_ptr;
502 int err;
503
504 wdev_lock(wdev);
505 err = __cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid,
506 ssid, ssid_len, ie, ie_len, use_mfp, crypt);
507 wdev_unlock(wdev);
508
509 return err;
510}
511
512int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
513 struct net_device *dev, const u8 *bssid,
514 const u8 *ie, int ie_len, u16 reason)
515{
516 struct wireless_dev *wdev = dev->ieee80211_ptr;
517 struct cfg80211_deauth_request req;
518 int i;
519
520 ASSERT_WDEV_LOCK(wdev);
521
522 memset(&req, 0, sizeof(req));
523 req.reason_code = reason;
524 req.ie = ie;
525 req.ie_len = ie_len;
526 if (wdev->current_bss &&
527 memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
528 req.bss = &wdev->current_bss->pub;
529 } else for (i = 0; i < MAX_AUTH_BSSES; i++) {
530 if (wdev->auth_bsses[i] &&
531 memcmp(bssid, wdev->auth_bsses[i]->pub.bssid, ETH_ALEN) == 0) {
532 req.bss = &wdev->auth_bsses[i]->pub;
533 break;
534 }
535 if (wdev->authtry_bsses[i] &&
536 memcmp(bssid, wdev->authtry_bsses[i]->pub.bssid, ETH_ALEN) == 0) {
537 req.bss = &wdev->authtry_bsses[i]->pub;
538 break;
539 }
540 }
541
542 if (!req.bss)
543 return -ENOTCONN;
544
545 return rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
546}
547
548int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
549 struct net_device *dev, const u8 *bssid,
550 const u8 *ie, int ie_len, u16 reason)
551{
552 struct wireless_dev *wdev = dev->ieee80211_ptr;
553 int err;
554
555 wdev_lock(wdev);
556 err = __cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason);
557 wdev_unlock(wdev);
558
559 return err;
560}
561
562static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
563 struct net_device *dev, const u8 *bssid,
564 const u8 *ie, int ie_len, u16 reason)
565{
566 struct wireless_dev *wdev = dev->ieee80211_ptr;
567 struct cfg80211_disassoc_request req;
568
569 ASSERT_WDEV_LOCK(wdev);
570
571 if (wdev->sme_state != CFG80211_SME_CONNECTED)
572 return -ENOTCONN;
573
574 if (WARN_ON(!wdev->current_bss))
575 return -ENOTCONN;
576
577 memset(&req, 0, sizeof(req));
578 req.reason_code = reason;
579 req.ie = ie;
580 req.ie_len = ie_len;
581 if (memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0)
582 req.bss = &wdev->current_bss->pub;
583 else
584 return -ENOTCONN;
585
586 return rdev->ops->disassoc(&rdev->wiphy, dev, &req, wdev);
587}
588
589int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
590 struct net_device *dev, const u8 *bssid,
591 const u8 *ie, int ie_len, u16 reason)
592{
593 struct wireless_dev *wdev = dev->ieee80211_ptr;
594 int err;
595
596 wdev_lock(wdev);
597 err = __cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason);
598 wdev_unlock(wdev);
599
600 return err;
601}
602
603void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
604 struct net_device *dev)
605{
606 struct wireless_dev *wdev = dev->ieee80211_ptr;
607 struct cfg80211_deauth_request req;
608 int i;
609
610 ASSERT_WDEV_LOCK(wdev);
611
612 if (!rdev->ops->deauth)
613 return;
614
615 memset(&req, 0, sizeof(req));
616 req.reason_code = WLAN_REASON_DEAUTH_LEAVING;
617 req.ie = NULL;
618 req.ie_len = 0;
619
620 if (wdev->current_bss) {
621 req.bss = &wdev->current_bss->pub;
622 rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
623 if (wdev->current_bss) {
624 cfg80211_unhold_bss(wdev->current_bss);
625 cfg80211_put_bss(&wdev->current_bss->pub);
626 wdev->current_bss = NULL;
627 }
628 }
629
630 for (i = 0; i < MAX_AUTH_BSSES; i++) {
631 if (wdev->auth_bsses[i]) {
632 req.bss = &wdev->auth_bsses[i]->pub;
633 rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
634 if (wdev->auth_bsses[i]) {
635 cfg80211_unhold_bss(wdev->auth_bsses[i]);
636 cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
637 wdev->auth_bsses[i] = NULL;
638 }
639 }
640 if (wdev->authtry_bsses[i]) {
641 req.bss = &wdev->authtry_bsses[i]->pub;
642 rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
643 if (wdev->authtry_bsses[i]) {
644 cfg80211_unhold_bss(wdev->authtry_bsses[i]);
645 cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
646 wdev->authtry_bsses[i] = NULL;
647 }
648 }
649 }
650}
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 634496b3ed77..a8aaadeb6773 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -14,8 +14,10 @@
14#include <linux/rtnetlink.h> 14#include <linux/rtnetlink.h>
15#include <linux/netlink.h> 15#include <linux/netlink.h>
16#include <linux/etherdevice.h> 16#include <linux/etherdevice.h>
17#include <net/net_namespace.h>
17#include <net/genetlink.h> 18#include <net/genetlink.h>
18#include <net/cfg80211.h> 19#include <net/cfg80211.h>
20#include <net/sock.h>
19#include "core.h" 21#include "core.h"
20#include "nl80211.h" 22#include "nl80211.h"
21#include "reg.h" 23#include "reg.h"
@@ -27,27 +29,29 @@ static struct genl_family nl80211_fam = {
27 .hdrsize = 0, /* no private header */ 29 .hdrsize = 0, /* no private header */
28 .version = 1, /* no particular meaning now */ 30 .version = 1, /* no particular meaning now */
29 .maxattr = NL80211_ATTR_MAX, 31 .maxattr = NL80211_ATTR_MAX,
32 .netnsok = true,
30}; 33};
31 34
32/* internal helper: get drv and dev */ 35/* internal helper: get rdev and dev */
33static int get_drv_dev_by_info_ifindex(struct nlattr **attrs, 36static int get_rdev_dev_by_info_ifindex(struct genl_info *info,
34 struct cfg80211_registered_device **drv, 37 struct cfg80211_registered_device **rdev,
35 struct net_device **dev) 38 struct net_device **dev)
36{ 39{
40 struct nlattr **attrs = info->attrs;
37 int ifindex; 41 int ifindex;
38 42
39 if (!attrs[NL80211_ATTR_IFINDEX]) 43 if (!attrs[NL80211_ATTR_IFINDEX])
40 return -EINVAL; 44 return -EINVAL;
41 45
42 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 46 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
43 *dev = dev_get_by_index(&init_net, ifindex); 47 *dev = dev_get_by_index(genl_info_net(info), ifindex);
44 if (!*dev) 48 if (!*dev)
45 return -ENODEV; 49 return -ENODEV;
46 50
47 *drv = cfg80211_get_dev_from_ifindex(ifindex); 51 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex);
48 if (IS_ERR(*drv)) { 52 if (IS_ERR(*rdev)) {
49 dev_put(*dev); 53 dev_put(*dev);
50 return PTR_ERR(*drv); 54 return PTR_ERR(*rdev);
51 } 55 }
52 56
53 return 0; 57 return 0;
@@ -71,7 +75,9 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
71 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 75 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
72 76
73 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 77 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN },
78 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN },
74 79
80 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
75 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 81 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
76 .len = WLAN_MAX_KEY_LEN }, 82 .len = WLAN_MAX_KEY_LEN },
77 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 83 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
@@ -128,6 +134,21 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
128 .len = sizeof(struct nl80211_sta_flag_update), 134 .len = sizeof(struct nl80211_sta_flag_update),
129 }, 135 },
130 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 136 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
137 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
138 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
139 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
140 [NL80211_ATTR_PID] = { .type = NLA_U32 },
141};
142
143/* policy for the attributes */
144static struct nla_policy
145nl80211_key_policy[NL80211_KEY_MAX + 1] __read_mostly = {
146 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
147 [NL80211_KEY_IDX] = { .type = NLA_U8 },
148 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
149 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 },
150 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
151 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
131}; 152};
132 153
133/* IE validation */ 154/* IE validation */
@@ -194,6 +215,177 @@ static int nl80211_msg_put_channel(struct sk_buff *msg,
194 215
195/* netlink command implementations */ 216/* netlink command implementations */
196 217
218struct key_parse {
219 struct key_params p;
220 int idx;
221 bool def, defmgmt;
222};
223
224static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
225{
226 struct nlattr *tb[NL80211_KEY_MAX + 1];
227 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
228 nl80211_key_policy);
229 if (err)
230 return err;
231
232 k->def = !!tb[NL80211_KEY_DEFAULT];
233 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
234
235 if (tb[NL80211_KEY_IDX])
236 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
237
238 if (tb[NL80211_KEY_DATA]) {
239 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
240 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
241 }
242
243 if (tb[NL80211_KEY_SEQ]) {
244 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
245 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
246 }
247
248 if (tb[NL80211_KEY_CIPHER])
249 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
250
251 return 0;
252}
253
254static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
255{
256 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
257 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
258 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
259 }
260
261 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
262 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
263 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
264 }
265
266 if (info->attrs[NL80211_ATTR_KEY_IDX])
267 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
268
269 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
270 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
271
272 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
273 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
274
275 return 0;
276}
277
278static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
279{
280 int err;
281
282 memset(k, 0, sizeof(*k));
283 k->idx = -1;
284
285 if (info->attrs[NL80211_ATTR_KEY])
286 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
287 else
288 err = nl80211_parse_key_old(info, k);
289
290 if (err)
291 return err;
292
293 if (k->def && k->defmgmt)
294 return -EINVAL;
295
296 if (k->idx != -1) {
297 if (k->defmgmt) {
298 if (k->idx < 4 || k->idx > 5)
299 return -EINVAL;
300 } else if (k->def) {
301 if (k->idx < 0 || k->idx > 3)
302 return -EINVAL;
303 } else {
304 if (k->idx < 0 || k->idx > 5)
305 return -EINVAL;
306 }
307 }
308
309 return 0;
310}
311
312static struct cfg80211_cached_keys *
313nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
314 struct nlattr *keys)
315{
316 struct key_parse parse;
317 struct nlattr *key;
318 struct cfg80211_cached_keys *result;
319 int rem, err, def = 0;
320
321 result = kzalloc(sizeof(*result), GFP_KERNEL);
322 if (!result)
323 return ERR_PTR(-ENOMEM);
324
325 result->def = -1;
326 result->defmgmt = -1;
327
328 nla_for_each_nested(key, keys, rem) {
329 memset(&parse, 0, sizeof(parse));
330 parse.idx = -1;
331
332 err = nl80211_parse_key_new(key, &parse);
333 if (err)
334 goto error;
335 err = -EINVAL;
336 if (!parse.p.key)
337 goto error;
338 if (parse.idx < 0 || parse.idx > 4)
339 goto error;
340 if (parse.def) {
341 if (def)
342 goto error;
343 def = 1;
344 result->def = parse.idx;
345 } else if (parse.defmgmt)
346 goto error;
347 err = cfg80211_validate_key_settings(rdev, &parse.p,
348 parse.idx, NULL);
349 if (err)
350 goto error;
351 result->params[parse.idx].cipher = parse.p.cipher;
352 result->params[parse.idx].key_len = parse.p.key_len;
353 result->params[parse.idx].key = result->data[parse.idx];
354 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
355 }
356
357 return result;
358 error:
359 kfree(result);
360 return ERR_PTR(err);
361}
362
363static int nl80211_key_allowed(struct wireless_dev *wdev)
364{
365 ASSERT_WDEV_LOCK(wdev);
366
367 if (!netif_running(wdev->netdev))
368 return -ENETDOWN;
369
370 switch (wdev->iftype) {
371 case NL80211_IFTYPE_AP:
372 case NL80211_IFTYPE_AP_VLAN:
373 break;
374 case NL80211_IFTYPE_ADHOC:
375 if (!wdev->current_bss)
376 return -ENOLINK;
377 break;
378 case NL80211_IFTYPE_STATION:
379 if (wdev->sme_state != CFG80211_SME_CONNECTED)
380 return -ENOLINK;
381 break;
382 default:
383 return -EINVAL;
384 }
385
386 return 0;
387}
388
197static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 389static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
198 struct cfg80211_registered_device *dev) 390 struct cfg80211_registered_device *dev)
199{ 391{
@@ -216,6 +408,9 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
216 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 408 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx);
217 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 409 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy));
218 410
411 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION,
412 cfg80211_rdev_list_generation);
413
219 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 414 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
220 dev->wiphy.retry_short); 415 dev->wiphy.retry_short);
221 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 416 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
@@ -345,8 +540,23 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
345 CMD(deauth, DEAUTHENTICATE); 540 CMD(deauth, DEAUTHENTICATE);
346 CMD(disassoc, DISASSOCIATE); 541 CMD(disassoc, DISASSOCIATE);
347 CMD(join_ibss, JOIN_IBSS); 542 CMD(join_ibss, JOIN_IBSS);
543 if (dev->wiphy.netnsok) {
544 i++;
545 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS);
546 }
348 547
349#undef CMD 548#undef CMD
549
550 if (dev->ops->connect || dev->ops->auth) {
551 i++;
552 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT);
553 }
554
555 if (dev->ops->disconnect || dev->ops->deauth) {
556 i++;
557 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT);
558 }
559
350 nla_nest_end(msg, nl_cmds); 560 nla_nest_end(msg, nl_cmds);
351 561
352 return genlmsg_end(msg, hdr); 562 return genlmsg_end(msg, hdr);
@@ -363,7 +573,9 @@ static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
363 struct cfg80211_registered_device *dev; 573 struct cfg80211_registered_device *dev;
364 574
365 mutex_lock(&cfg80211_mutex); 575 mutex_lock(&cfg80211_mutex);
366 list_for_each_entry(dev, &cfg80211_drv_list, list) { 576 list_for_each_entry(dev, &cfg80211_rdev_list, list) {
577 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk)))
578 continue;
367 if (++idx <= start) 579 if (++idx <= start)
368 continue; 580 continue;
369 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 581 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid,
@@ -396,14 +608,14 @@ static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
396 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) 608 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0)
397 goto out_free; 609 goto out_free;
398 610
399 cfg80211_put_dev(dev); 611 cfg80211_unlock_rdev(dev);
400 612
401 return genlmsg_unicast(msg, info->snd_pid); 613 return genlmsg_reply(msg, info);
402 614
403 out_free: 615 out_free:
404 nlmsg_free(msg); 616 nlmsg_free(msg);
405 out_err: 617 out_err:
406 cfg80211_put_dev(dev); 618 cfg80211_unlock_rdev(dev);
407 return -ENOBUFS; 619 return -ENOBUFS;
408} 620}
409 621
@@ -445,7 +657,7 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
445 657
446 mutex_lock(&cfg80211_mutex); 658 mutex_lock(&cfg80211_mutex);
447 659
448 rdev = __cfg80211_drv_from_info(info); 660 rdev = __cfg80211_rdev_from_info(info);
449 if (IS_ERR(rdev)) { 661 if (IS_ERR(rdev)) {
450 mutex_unlock(&cfg80211_mutex); 662 mutex_unlock(&cfg80211_mutex);
451 result = PTR_ERR(rdev); 663 result = PTR_ERR(rdev);
@@ -492,15 +704,8 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
492 704
493 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 705 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
494 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 706 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
495 struct ieee80211_channel *chan;
496 struct ieee80211_sta_ht_cap *ht_cap;
497 u32 freq; 707 u32 freq;
498 708
499 if (!rdev->ops->set_channel) {
500 result = -EOPNOTSUPP;
501 goto bad_res;
502 }
503
504 result = -EINVAL; 709 result = -EINVAL;
505 710
506 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 711 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
@@ -514,38 +719,10 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
514 } 719 }
515 720
516 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 721 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
517 chan = ieee80211_get_channel(&rdev->wiphy, freq);
518 722
519 /* Primary channel not allowed */ 723 mutex_lock(&rdev->devlist_mtx);
520 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) 724 result = rdev_set_freq(rdev, NULL, freq, channel_type);
521 goto bad_res; 725 mutex_unlock(&rdev->devlist_mtx);
522
523 if (channel_type == NL80211_CHAN_HT40MINUS &&
524 (chan->flags & IEEE80211_CHAN_NO_HT40MINUS))
525 goto bad_res;
526 else if (channel_type == NL80211_CHAN_HT40PLUS &&
527 (chan->flags & IEEE80211_CHAN_NO_HT40PLUS))
528 goto bad_res;
529
530 /*
531 * At this point we know if that if HT40 was requested
532 * we are allowed to use it and the extension channel
533 * exists.
534 */
535
536 ht_cap = &rdev->wiphy.bands[chan->band]->ht_cap;
537
538 /* no HT capabilities or intolerant */
539 if (channel_type != NL80211_CHAN_NO_HT) {
540 if (!ht_cap->ht_supported)
541 goto bad_res;
542 if (!(ht_cap->cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) ||
543 (ht_cap->cap & IEEE80211_HT_CAP_40MHZ_INTOLERANT))
544 goto bad_res;
545 }
546
547 result = rdev->ops->set_channel(&rdev->wiphy, chan,
548 channel_type);
549 if (result) 726 if (result)
550 goto bad_res; 727 goto bad_res;
551 } 728 }
@@ -651,6 +828,11 @@ static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags,
651 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 828 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
652 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 829 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name);
653 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 830 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype);
831
832 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION,
833 rdev->devlist_generation ^
834 (cfg80211_rdev_list_generation << 2));
835
654 return genlmsg_end(msg, hdr); 836 return genlmsg_end(msg, hdr);
655 837
656 nla_put_failure: 838 nla_put_failure:
@@ -664,32 +846,34 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *
664 int if_idx = 0; 846 int if_idx = 0;
665 int wp_start = cb->args[0]; 847 int wp_start = cb->args[0];
666 int if_start = cb->args[1]; 848 int if_start = cb->args[1];
667 struct cfg80211_registered_device *dev; 849 struct cfg80211_registered_device *rdev;
668 struct wireless_dev *wdev; 850 struct wireless_dev *wdev;
669 851
670 mutex_lock(&cfg80211_mutex); 852 mutex_lock(&cfg80211_mutex);
671 list_for_each_entry(dev, &cfg80211_drv_list, list) { 853 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
854 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
855 continue;
672 if (wp_idx < wp_start) { 856 if (wp_idx < wp_start) {
673 wp_idx++; 857 wp_idx++;
674 continue; 858 continue;
675 } 859 }
676 if_idx = 0; 860 if_idx = 0;
677 861
678 mutex_lock(&dev->devlist_mtx); 862 mutex_lock(&rdev->devlist_mtx);
679 list_for_each_entry(wdev, &dev->netdev_list, list) { 863 list_for_each_entry(wdev, &rdev->netdev_list, list) {
680 if (if_idx < if_start) { 864 if (if_idx < if_start) {
681 if_idx++; 865 if_idx++;
682 continue; 866 continue;
683 } 867 }
684 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 868 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid,
685 cb->nlh->nlmsg_seq, NLM_F_MULTI, 869 cb->nlh->nlmsg_seq, NLM_F_MULTI,
686 dev, wdev->netdev) < 0) { 870 rdev, wdev->netdev) < 0) {
687 mutex_unlock(&dev->devlist_mtx); 871 mutex_unlock(&rdev->devlist_mtx);
688 goto out; 872 goto out;
689 } 873 }
690 if_idx++; 874 if_idx++;
691 } 875 }
692 mutex_unlock(&dev->devlist_mtx); 876 mutex_unlock(&rdev->devlist_mtx);
693 877
694 wp_idx++; 878 wp_idx++;
695 } 879 }
@@ -709,7 +893,7 @@ static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
709 struct net_device *netdev; 893 struct net_device *netdev;
710 int err; 894 int err;
711 895
712 err = get_drv_dev_by_info_ifindex(info->attrs, &dev, &netdev); 896 err = get_rdev_dev_by_info_ifindex(info, &dev, &netdev);
713 if (err) 897 if (err)
714 return err; 898 return err;
715 899
@@ -722,15 +906,15 @@ static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
722 goto out_free; 906 goto out_free;
723 907
724 dev_put(netdev); 908 dev_put(netdev);
725 cfg80211_put_dev(dev); 909 cfg80211_unlock_rdev(dev);
726 910
727 return genlmsg_unicast(msg, info->snd_pid); 911 return genlmsg_reply(msg, info);
728 912
729 out_free: 913 out_free:
730 nlmsg_free(msg); 914 nlmsg_free(msg);
731 out_err: 915 out_err:
732 dev_put(netdev); 916 dev_put(netdev);
733 cfg80211_put_dev(dev); 917 cfg80211_unlock_rdev(dev);
734 return -ENOBUFS; 918 return -ENOBUFS;
735} 919}
736 920
@@ -765,9 +949,9 @@ static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
765 949
766static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 950static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
767{ 951{
768 struct cfg80211_registered_device *drv; 952 struct cfg80211_registered_device *rdev;
769 struct vif_params params; 953 struct vif_params params;
770 int err, ifindex; 954 int err;
771 enum nl80211_iftype otype, ntype; 955 enum nl80211_iftype otype, ntype;
772 struct net_device *dev; 956 struct net_device *dev;
773 u32 _flags, *flags = NULL; 957 u32 _flags, *flags = NULL;
@@ -777,13 +961,11 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
777 961
778 rtnl_lock(); 962 rtnl_lock();
779 963
780 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 964 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
781 if (err) 965 if (err)
782 goto unlock_rtnl; 966 goto unlock_rtnl;
783 967
784 ifindex = dev->ifindex;
785 otype = ntype = dev->ieee80211_ptr->iftype; 968 otype = ntype = dev->ieee80211_ptr->iftype;
786 dev_put(dev);
787 969
788 if (info->attrs[NL80211_ATTR_IFTYPE]) { 970 if (info->attrs[NL80211_ATTR_IFTYPE]) {
789 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 971 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
@@ -795,8 +977,8 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
795 } 977 }
796 } 978 }
797 979
798 if (!drv->ops->change_virtual_intf || 980 if (!rdev->ops->change_virtual_intf ||
799 !(drv->wiphy.interface_modes & (1 << ntype))) { 981 !(rdev->wiphy.interface_modes & (1 << ntype))) {
800 err = -EOPNOTSUPP; 982 err = -EOPNOTSUPP;
801 goto unlock; 983 goto unlock;
802 } 984 }
@@ -826,21 +1008,21 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
826 } 1008 }
827 1009
828 if (change) 1010 if (change)
829 err = drv->ops->change_virtual_intf(&drv->wiphy, ifindex, 1011 err = rdev->ops->change_virtual_intf(&rdev->wiphy, dev,
830 ntype, flags, &params); 1012 ntype, flags, &params);
831 else 1013 else
832 err = 0; 1014 err = 0;
833 1015
834 dev = __dev_get_by_index(&init_net, ifindex); 1016 WARN_ON(!err && dev->ieee80211_ptr->iftype != ntype);
835 WARN_ON(!dev || (!err && dev->ieee80211_ptr->iftype != ntype));
836 1017
837 if (dev && !err && (ntype != otype)) { 1018 if (!err && (ntype != otype)) {
838 if (otype == NL80211_IFTYPE_ADHOC) 1019 if (otype == NL80211_IFTYPE_ADHOC)
839 cfg80211_clear_ibss(dev, false); 1020 cfg80211_clear_ibss(dev, false);
840 } 1021 }
841 1022
842 unlock: 1023 unlock:
843 cfg80211_put_dev(drv); 1024 dev_put(dev);
1025 cfg80211_unlock_rdev(rdev);
844 unlock_rtnl: 1026 unlock_rtnl:
845 rtnl_unlock(); 1027 rtnl_unlock();
846 return err; 1028 return err;
@@ -848,7 +1030,7 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
848 1030
849static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1031static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
850{ 1032{
851 struct cfg80211_registered_device *drv; 1033 struct cfg80211_registered_device *rdev;
852 struct vif_params params; 1034 struct vif_params params;
853 int err; 1035 int err;
854 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1036 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
@@ -867,14 +1049,14 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
867 1049
868 rtnl_lock(); 1050 rtnl_lock();
869 1051
870 drv = cfg80211_get_dev_from_info(info); 1052 rdev = cfg80211_get_dev_from_info(info);
871 if (IS_ERR(drv)) { 1053 if (IS_ERR(rdev)) {
872 err = PTR_ERR(drv); 1054 err = PTR_ERR(rdev);
873 goto unlock_rtnl; 1055 goto unlock_rtnl;
874 } 1056 }
875 1057
876 if (!drv->ops->add_virtual_intf || 1058 if (!rdev->ops->add_virtual_intf ||
877 !(drv->wiphy.interface_modes & (1 << type))) { 1059 !(rdev->wiphy.interface_modes & (1 << type))) {
878 err = -EOPNOTSUPP; 1060 err = -EOPNOTSUPP;
879 goto unlock; 1061 goto unlock;
880 } 1062 }
@@ -888,12 +1070,12 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
888 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1070 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
889 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1071 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
890 &flags); 1072 &flags);
891 err = drv->ops->add_virtual_intf(&drv->wiphy, 1073 err = rdev->ops->add_virtual_intf(&rdev->wiphy,
892 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1074 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
893 type, err ? NULL : &flags, &params); 1075 type, err ? NULL : &flags, &params);
894 1076
895 unlock: 1077 unlock:
896 cfg80211_put_dev(drv); 1078 cfg80211_unlock_rdev(rdev);
897 unlock_rtnl: 1079 unlock_rtnl:
898 rtnl_unlock(); 1080 rtnl_unlock();
899 return err; 1081 return err;
@@ -901,27 +1083,26 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
901 1083
902static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1084static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
903{ 1085{
904 struct cfg80211_registered_device *drv; 1086 struct cfg80211_registered_device *rdev;
905 int ifindex, err; 1087 int err;
906 struct net_device *dev; 1088 struct net_device *dev;
907 1089
908 rtnl_lock(); 1090 rtnl_lock();
909 1091
910 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1092 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
911 if (err) 1093 if (err)
912 goto unlock_rtnl; 1094 goto unlock_rtnl;
913 ifindex = dev->ifindex;
914 dev_put(dev);
915 1095
916 if (!drv->ops->del_virtual_intf) { 1096 if (!rdev->ops->del_virtual_intf) {
917 err = -EOPNOTSUPP; 1097 err = -EOPNOTSUPP;
918 goto out; 1098 goto out;
919 } 1099 }
920 1100
921 err = drv->ops->del_virtual_intf(&drv->wiphy, ifindex); 1101 err = rdev->ops->del_virtual_intf(&rdev->wiphy, dev);
922 1102
923 out: 1103 out:
924 cfg80211_put_dev(drv); 1104 cfg80211_unlock_rdev(rdev);
1105 dev_put(dev);
925 unlock_rtnl: 1106 unlock_rtnl:
926 rtnl_unlock(); 1107 rtnl_unlock();
927 return err; 1108 return err;
@@ -930,10 +1111,12 @@ static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
930struct get_key_cookie { 1111struct get_key_cookie {
931 struct sk_buff *msg; 1112 struct sk_buff *msg;
932 int error; 1113 int error;
1114 int idx;
933}; 1115};
934 1116
935static void get_key_callback(void *c, struct key_params *params) 1117static void get_key_callback(void *c, struct key_params *params)
936{ 1118{
1119 struct nlattr *key;
937 struct get_key_cookie *cookie = c; 1120 struct get_key_cookie *cookie = c;
938 1121
939 if (params->key) 1122 if (params->key)
@@ -948,6 +1131,26 @@ static void get_key_callback(void *c, struct key_params *params)
948 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1131 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
949 params->cipher); 1132 params->cipher);
950 1133
1134 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
1135 if (!key)
1136 goto nla_put_failure;
1137
1138 if (params->key)
1139 NLA_PUT(cookie->msg, NL80211_KEY_DATA,
1140 params->key_len, params->key);
1141
1142 if (params->seq)
1143 NLA_PUT(cookie->msg, NL80211_KEY_SEQ,
1144 params->seq_len, params->seq);
1145
1146 if (params->cipher)
1147 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER,
1148 params->cipher);
1149
1150 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx);
1151
1152 nla_nest_end(cookie->msg, key);
1153
951 return; 1154 return;
952 nla_put_failure: 1155 nla_put_failure:
953 cookie->error = 1; 1156 cookie->error = 1;
@@ -955,7 +1158,7 @@ static void get_key_callback(void *c, struct key_params *params)
955 1158
956static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1159static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
957{ 1160{
958 struct cfg80211_registered_device *drv; 1161 struct cfg80211_registered_device *rdev;
959 int err; 1162 int err;
960 struct net_device *dev; 1163 struct net_device *dev;
961 u8 key_idx = 0; 1164 u8 key_idx = 0;
@@ -977,11 +1180,11 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
977 1180
978 rtnl_lock(); 1181 rtnl_lock();
979 1182
980 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1183 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
981 if (err) 1184 if (err)
982 goto unlock_rtnl; 1185 goto unlock_rtnl;
983 1186
984 if (!drv->ops->get_key) { 1187 if (!rdev->ops->get_key) {
985 err = -EOPNOTSUPP; 1188 err = -EOPNOTSUPP;
986 goto out; 1189 goto out;
987 } 1190 }
@@ -1001,13 +1204,14 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1001 } 1204 }
1002 1205
1003 cookie.msg = msg; 1206 cookie.msg = msg;
1207 cookie.idx = key_idx;
1004 1208
1005 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1209 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1006 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1210 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1007 if (mac_addr) 1211 if (mac_addr)
1008 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1212 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
1009 1213
1010 err = drv->ops->get_key(&drv->wiphy, dev, key_idx, mac_addr, 1214 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, mac_addr,
1011 &cookie, get_key_callback); 1215 &cookie, get_key_callback);
1012 1216
1013 if (err) 1217 if (err)
@@ -1017,7 +1221,7 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1017 goto nla_put_failure; 1221 goto nla_put_failure;
1018 1222
1019 genlmsg_end(msg, hdr); 1223 genlmsg_end(msg, hdr);
1020 err = genlmsg_unicast(msg, info->snd_pid); 1224 err = genlmsg_reply(msg, info);
1021 goto out; 1225 goto out;
1022 1226
1023 nla_put_failure: 1227 nla_put_failure:
@@ -1025,7 +1229,7 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1025 free_msg: 1229 free_msg:
1026 nlmsg_free(msg); 1230 nlmsg_free(msg);
1027 out: 1231 out:
1028 cfg80211_put_dev(drv); 1232 cfg80211_unlock_rdev(rdev);
1029 dev_put(dev); 1233 dev_put(dev);
1030 unlock_rtnl: 1234 unlock_rtnl:
1031 rtnl_unlock(); 1235 rtnl_unlock();
@@ -1035,57 +1239,57 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1035 1239
1036static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1240static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
1037{ 1241{
1038 struct cfg80211_registered_device *drv; 1242 struct cfg80211_registered_device *rdev;
1243 struct key_parse key;
1039 int err; 1244 int err;
1040 struct net_device *dev; 1245 struct net_device *dev;
1041 u8 key_idx;
1042 int (*func)(struct wiphy *wiphy, struct net_device *netdev, 1246 int (*func)(struct wiphy *wiphy, struct net_device *netdev,
1043 u8 key_index); 1247 u8 key_index);
1044 1248
1045 if (!info->attrs[NL80211_ATTR_KEY_IDX]) 1249 err = nl80211_parse_key(info, &key);
1046 return -EINVAL; 1250 if (err)
1047 1251 return err;
1048 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1049 1252
1050 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]) { 1253 if (key.idx < 0)
1051 if (key_idx < 4 || key_idx > 5)
1052 return -EINVAL;
1053 } else if (key_idx > 3)
1054 return -EINVAL; 1254 return -EINVAL;
1055 1255
1056 /* currently only support setting default key */ 1256 /* only support setting default key */
1057 if (!info->attrs[NL80211_ATTR_KEY_DEFAULT] && 1257 if (!key.def && !key.defmgmt)
1058 !info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT])
1059 return -EINVAL; 1258 return -EINVAL;
1060 1259
1061 rtnl_lock(); 1260 rtnl_lock();
1062 1261
1063 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1262 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1064 if (err) 1263 if (err)
1065 goto unlock_rtnl; 1264 goto unlock_rtnl;
1066 1265
1067 if (info->attrs[NL80211_ATTR_KEY_DEFAULT]) 1266 if (key.def)
1068 func = drv->ops->set_default_key; 1267 func = rdev->ops->set_default_key;
1069 else 1268 else
1070 func = drv->ops->set_default_mgmt_key; 1269 func = rdev->ops->set_default_mgmt_key;
1071 1270
1072 if (!func) { 1271 if (!func) {
1073 err = -EOPNOTSUPP; 1272 err = -EOPNOTSUPP;
1074 goto out; 1273 goto out;
1075 } 1274 }
1076 1275
1077 err = func(&drv->wiphy, dev, key_idx); 1276 wdev_lock(dev->ieee80211_ptr);
1277 err = nl80211_key_allowed(dev->ieee80211_ptr);
1278 if (!err)
1279 err = func(&rdev->wiphy, dev, key.idx);
1280
1078#ifdef CONFIG_WIRELESS_EXT 1281#ifdef CONFIG_WIRELESS_EXT
1079 if (!err) { 1282 if (!err) {
1080 if (func == drv->ops->set_default_key) 1283 if (func == rdev->ops->set_default_key)
1081 dev->ieee80211_ptr->wext.default_key = key_idx; 1284 dev->ieee80211_ptr->wext.default_key = key.idx;
1082 else 1285 else
1083 dev->ieee80211_ptr->wext.default_mgmt_key = key_idx; 1286 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
1084 } 1287 }
1085#endif 1288#endif
1289 wdev_unlock(dev->ieee80211_ptr);
1086 1290
1087 out: 1291 out:
1088 cfg80211_put_dev(drv); 1292 cfg80211_unlock_rdev(rdev);
1089 dev_put(dev); 1293 dev_put(dev);
1090 1294
1091 unlock_rtnl: 1295 unlock_rtnl:
@@ -1096,62 +1300,47 @@ static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
1096 1300
1097static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1301static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
1098{ 1302{
1099 struct cfg80211_registered_device *drv; 1303 struct cfg80211_registered_device *rdev;
1100 int err, i; 1304 int err;
1101 struct net_device *dev; 1305 struct net_device *dev;
1102 struct key_params params; 1306 struct key_parse key;
1103 u8 key_idx = 0;
1104 u8 *mac_addr = NULL; 1307 u8 *mac_addr = NULL;
1105 1308
1106 memset(&params, 0, sizeof(params)); 1309 err = nl80211_parse_key(info, &key);
1310 if (err)
1311 return err;
1107 1312
1108 if (!info->attrs[NL80211_ATTR_KEY_CIPHER]) 1313 if (!key.p.key)
1109 return -EINVAL; 1314 return -EINVAL;
1110 1315
1111 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
1112 params.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
1113 params.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
1114 }
1115
1116 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
1117 params.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
1118 params.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
1119 }
1120
1121 if (info->attrs[NL80211_ATTR_KEY_IDX])
1122 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1123
1124 params.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
1125
1126 if (info->attrs[NL80211_ATTR_MAC]) 1316 if (info->attrs[NL80211_ATTR_MAC])
1127 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1317 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1128 1318
1129 if (cfg80211_validate_key_settings(&params, key_idx, mac_addr))
1130 return -EINVAL;
1131
1132 rtnl_lock(); 1319 rtnl_lock();
1133 1320
1134 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1321 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1135 if (err) 1322 if (err)
1136 goto unlock_rtnl; 1323 goto unlock_rtnl;
1137 1324
1138 for (i = 0; i < drv->wiphy.n_cipher_suites; i++) 1325 if (!rdev->ops->add_key) {
1139 if (params.cipher == drv->wiphy.cipher_suites[i]) 1326 err = -EOPNOTSUPP;
1140 break;
1141 if (i == drv->wiphy.n_cipher_suites) {
1142 err = -EINVAL;
1143 goto out; 1327 goto out;
1144 } 1328 }
1145 1329
1146 if (!drv->ops->add_key) { 1330 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, mac_addr)) {
1147 err = -EOPNOTSUPP; 1331 err = -EINVAL;
1148 goto out; 1332 goto out;
1149 } 1333 }
1150 1334
1151 err = drv->ops->add_key(&drv->wiphy, dev, key_idx, mac_addr, &params); 1335 wdev_lock(dev->ieee80211_ptr);
1336 err = nl80211_key_allowed(dev->ieee80211_ptr);
1337 if (!err)
1338 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx,
1339 mac_addr, &key.p);
1340 wdev_unlock(dev->ieee80211_ptr);
1152 1341
1153 out: 1342 out:
1154 cfg80211_put_dev(drv); 1343 cfg80211_unlock_rdev(rdev);
1155 dev_put(dev); 1344 dev_put(dev);
1156 unlock_rtnl: 1345 unlock_rtnl:
1157 rtnl_unlock(); 1346 rtnl_unlock();
@@ -1161,45 +1350,47 @@ static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
1161 1350
1162static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1351static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
1163{ 1352{
1164 struct cfg80211_registered_device *drv; 1353 struct cfg80211_registered_device *rdev;
1165 int err; 1354 int err;
1166 struct net_device *dev; 1355 struct net_device *dev;
1167 u8 key_idx = 0;
1168 u8 *mac_addr = NULL; 1356 u8 *mac_addr = NULL;
1357 struct key_parse key;
1169 1358
1170 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1359 err = nl80211_parse_key(info, &key);
1171 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1360 if (err)
1172 1361 return err;
1173 if (key_idx > 5)
1174 return -EINVAL;
1175 1362
1176 if (info->attrs[NL80211_ATTR_MAC]) 1363 if (info->attrs[NL80211_ATTR_MAC])
1177 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1364 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1178 1365
1179 rtnl_lock(); 1366 rtnl_lock();
1180 1367
1181 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1368 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1182 if (err) 1369 if (err)
1183 goto unlock_rtnl; 1370 goto unlock_rtnl;
1184 1371
1185 if (!drv->ops->del_key) { 1372 if (!rdev->ops->del_key) {
1186 err = -EOPNOTSUPP; 1373 err = -EOPNOTSUPP;
1187 goto out; 1374 goto out;
1188 } 1375 }
1189 1376
1190 err = drv->ops->del_key(&drv->wiphy, dev, key_idx, mac_addr); 1377 wdev_lock(dev->ieee80211_ptr);
1378 err = nl80211_key_allowed(dev->ieee80211_ptr);
1379 if (!err)
1380 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, mac_addr);
1191 1381
1192#ifdef CONFIG_WIRELESS_EXT 1382#ifdef CONFIG_WIRELESS_EXT
1193 if (!err) { 1383 if (!err) {
1194 if (key_idx == dev->ieee80211_ptr->wext.default_key) 1384 if (key.idx == dev->ieee80211_ptr->wext.default_key)
1195 dev->ieee80211_ptr->wext.default_key = -1; 1385 dev->ieee80211_ptr->wext.default_key = -1;
1196 else if (key_idx == dev->ieee80211_ptr->wext.default_mgmt_key) 1386 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
1197 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 1387 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
1198 } 1388 }
1199#endif 1389#endif
1390 wdev_unlock(dev->ieee80211_ptr);
1200 1391
1201 out: 1392 out:
1202 cfg80211_put_dev(drv); 1393 cfg80211_unlock_rdev(rdev);
1203 dev_put(dev); 1394 dev_put(dev);
1204 1395
1205 unlock_rtnl: 1396 unlock_rtnl:
@@ -1212,7 +1403,7 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1212{ 1403{
1213 int (*call)(struct wiphy *wiphy, struct net_device *dev, 1404 int (*call)(struct wiphy *wiphy, struct net_device *dev,
1214 struct beacon_parameters *info); 1405 struct beacon_parameters *info);
1215 struct cfg80211_registered_device *drv; 1406 struct cfg80211_registered_device *rdev;
1216 int err; 1407 int err;
1217 struct net_device *dev; 1408 struct net_device *dev;
1218 struct beacon_parameters params; 1409 struct beacon_parameters params;
@@ -1223,7 +1414,7 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1223 1414
1224 rtnl_lock(); 1415 rtnl_lock();
1225 1416
1226 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1417 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1227 if (err) 1418 if (err)
1228 goto unlock_rtnl; 1419 goto unlock_rtnl;
1229 1420
@@ -1242,10 +1433,10 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1242 goto out; 1433 goto out;
1243 } 1434 }
1244 1435
1245 call = drv->ops->add_beacon; 1436 call = rdev->ops->add_beacon;
1246 break; 1437 break;
1247 case NL80211_CMD_SET_BEACON: 1438 case NL80211_CMD_SET_BEACON:
1248 call = drv->ops->set_beacon; 1439 call = rdev->ops->set_beacon;
1249 break; 1440 break;
1250 default: 1441 default:
1251 WARN_ON(1); 1442 WARN_ON(1);
@@ -1291,10 +1482,10 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1291 goto out; 1482 goto out;
1292 } 1483 }
1293 1484
1294 err = call(&drv->wiphy, dev, &params); 1485 err = call(&rdev->wiphy, dev, &params);
1295 1486
1296 out: 1487 out:
1297 cfg80211_put_dev(drv); 1488 cfg80211_unlock_rdev(rdev);
1298 dev_put(dev); 1489 dev_put(dev);
1299 unlock_rtnl: 1490 unlock_rtnl:
1300 rtnl_unlock(); 1491 rtnl_unlock();
@@ -1304,17 +1495,17 @@ static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1304 1495
1305static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 1496static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info)
1306{ 1497{
1307 struct cfg80211_registered_device *drv; 1498 struct cfg80211_registered_device *rdev;
1308 int err; 1499 int err;
1309 struct net_device *dev; 1500 struct net_device *dev;
1310 1501
1311 rtnl_lock(); 1502 rtnl_lock();
1312 1503
1313 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1504 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1314 if (err) 1505 if (err)
1315 goto unlock_rtnl; 1506 goto unlock_rtnl;
1316 1507
1317 if (!drv->ops->del_beacon) { 1508 if (!rdev->ops->del_beacon) {
1318 err = -EOPNOTSUPP; 1509 err = -EOPNOTSUPP;
1319 goto out; 1510 goto out;
1320 } 1511 }
@@ -1323,10 +1514,10 @@ static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info)
1323 err = -EOPNOTSUPP; 1514 err = -EOPNOTSUPP;
1324 goto out; 1515 goto out;
1325 } 1516 }
1326 err = drv->ops->del_beacon(&drv->wiphy, dev); 1517 err = rdev->ops->del_beacon(&rdev->wiphy, dev);
1327 1518
1328 out: 1519 out:
1329 cfg80211_put_dev(drv); 1520 cfg80211_unlock_rdev(rdev);
1330 dev_put(dev); 1521 dev_put(dev);
1331 unlock_rtnl: 1522 unlock_rtnl:
1332 rtnl_unlock(); 1523 rtnl_unlock();
@@ -1433,6 +1624,8 @@ static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
1433 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1624 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1434 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1625 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
1435 1626
1627 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation);
1628
1436 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 1629 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
1437 if (!sinfoattr) 1630 if (!sinfoattr)
1438 goto nla_put_failure; 1631 goto nla_put_failure;
@@ -1520,13 +1713,13 @@ static int nl80211_dump_station(struct sk_buff *skb,
1520 1713
1521 rtnl_lock(); 1714 rtnl_lock();
1522 1715
1523 netdev = __dev_get_by_index(&init_net, ifidx); 1716 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
1524 if (!netdev) { 1717 if (!netdev) {
1525 err = -ENODEV; 1718 err = -ENODEV;
1526 goto out_rtnl; 1719 goto out_rtnl;
1527 } 1720 }
1528 1721
1529 dev = cfg80211_get_dev_from_ifindex(ifidx); 1722 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
1530 if (IS_ERR(dev)) { 1723 if (IS_ERR(dev)) {
1531 err = PTR_ERR(dev); 1724 err = PTR_ERR(dev);
1532 goto out_rtnl; 1725 goto out_rtnl;
@@ -1560,7 +1753,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
1560 cb->args[1] = sta_idx; 1753 cb->args[1] = sta_idx;
1561 err = skb->len; 1754 err = skb->len;
1562 out_err: 1755 out_err:
1563 cfg80211_put_dev(dev); 1756 cfg80211_unlock_rdev(dev);
1564 out_rtnl: 1757 out_rtnl:
1565 rtnl_unlock(); 1758 rtnl_unlock();
1566 1759
@@ -1569,7 +1762,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
1569 1762
1570static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 1763static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1571{ 1764{
1572 struct cfg80211_registered_device *drv; 1765 struct cfg80211_registered_device *rdev;
1573 int err; 1766 int err;
1574 struct net_device *dev; 1767 struct net_device *dev;
1575 struct station_info sinfo; 1768 struct station_info sinfo;
@@ -1585,16 +1778,16 @@ static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1585 1778
1586 rtnl_lock(); 1779 rtnl_lock();
1587 1780
1588 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1781 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1589 if (err) 1782 if (err)
1590 goto out_rtnl; 1783 goto out_rtnl;
1591 1784
1592 if (!drv->ops->get_station) { 1785 if (!rdev->ops->get_station) {
1593 err = -EOPNOTSUPP; 1786 err = -EOPNOTSUPP;
1594 goto out; 1787 goto out;
1595 } 1788 }
1596 1789
1597 err = drv->ops->get_station(&drv->wiphy, dev, mac_addr, &sinfo); 1790 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo);
1598 if (err) 1791 if (err)
1599 goto out; 1792 goto out;
1600 1793
@@ -1606,13 +1799,13 @@ static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1606 dev, mac_addr, &sinfo) < 0) 1799 dev, mac_addr, &sinfo) < 0)
1607 goto out_free; 1800 goto out_free;
1608 1801
1609 err = genlmsg_unicast(msg, info->snd_pid); 1802 err = genlmsg_reply(msg, info);
1610 goto out; 1803 goto out;
1611 1804
1612 out_free: 1805 out_free:
1613 nlmsg_free(msg); 1806 nlmsg_free(msg);
1614 out: 1807 out:
1615 cfg80211_put_dev(drv); 1808 cfg80211_unlock_rdev(rdev);
1616 dev_put(dev); 1809 dev_put(dev);
1617 out_rtnl: 1810 out_rtnl:
1618 rtnl_unlock(); 1811 rtnl_unlock();
@@ -1623,14 +1816,16 @@ static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1623/* 1816/*
1624 * Get vlan interface making sure it is on the right wiphy. 1817 * Get vlan interface making sure it is on the right wiphy.
1625 */ 1818 */
1626static int get_vlan(struct nlattr *vlanattr, 1819static int get_vlan(struct genl_info *info,
1627 struct cfg80211_registered_device *rdev, 1820 struct cfg80211_registered_device *rdev,
1628 struct net_device **vlan) 1821 struct net_device **vlan)
1629{ 1822{
1823 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
1630 *vlan = NULL; 1824 *vlan = NULL;
1631 1825
1632 if (vlanattr) { 1826 if (vlanattr) {
1633 *vlan = dev_get_by_index(&init_net, nla_get_u32(vlanattr)); 1827 *vlan = dev_get_by_index(genl_info_net(info),
1828 nla_get_u32(vlanattr));
1634 if (!*vlan) 1829 if (!*vlan)
1635 return -ENODEV; 1830 return -ENODEV;
1636 if (!(*vlan)->ieee80211_ptr) 1831 if (!(*vlan)->ieee80211_ptr)
@@ -1643,7 +1838,7 @@ static int get_vlan(struct nlattr *vlanattr,
1643 1838
1644static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 1839static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1645{ 1840{
1646 struct cfg80211_registered_device *drv; 1841 struct cfg80211_registered_device *rdev;
1647 int err; 1842 int err;
1648 struct net_device *dev; 1843 struct net_device *dev;
1649 struct station_parameters params; 1844 struct station_parameters params;
@@ -1685,11 +1880,11 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1685 1880
1686 rtnl_lock(); 1881 rtnl_lock();
1687 1882
1688 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1883 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1689 if (err) 1884 if (err)
1690 goto out_rtnl; 1885 goto out_rtnl;
1691 1886
1692 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], drv, &params.vlan); 1887 err = get_vlan(info, rdev, &params.vlan);
1693 if (err) 1888 if (err)
1694 goto out; 1889 goto out;
1695 1890
@@ -1738,17 +1933,17 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1738 if (err) 1933 if (err)
1739 goto out; 1934 goto out;
1740 1935
1741 if (!drv->ops->change_station) { 1936 if (!rdev->ops->change_station) {
1742 err = -EOPNOTSUPP; 1937 err = -EOPNOTSUPP;
1743 goto out; 1938 goto out;
1744 } 1939 }
1745 1940
1746 err = drv->ops->change_station(&drv->wiphy, dev, mac_addr, &params); 1941 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, &params);
1747 1942
1748 out: 1943 out:
1749 if (params.vlan) 1944 if (params.vlan)
1750 dev_put(params.vlan); 1945 dev_put(params.vlan);
1751 cfg80211_put_dev(drv); 1946 cfg80211_unlock_rdev(rdev);
1752 dev_put(dev); 1947 dev_put(dev);
1753 out_rtnl: 1948 out_rtnl:
1754 rtnl_unlock(); 1949 rtnl_unlock();
@@ -1758,7 +1953,7 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
1758 1953
1759static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 1954static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1760{ 1955{
1761 struct cfg80211_registered_device *drv; 1956 struct cfg80211_registered_device *rdev;
1762 int err; 1957 int err;
1763 struct net_device *dev; 1958 struct net_device *dev;
1764 struct station_parameters params; 1959 struct station_parameters params;
@@ -1798,11 +1993,11 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1798 1993
1799 rtnl_lock(); 1994 rtnl_lock();
1800 1995
1801 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 1996 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1802 if (err) 1997 if (err)
1803 goto out_rtnl; 1998 goto out_rtnl;
1804 1999
1805 err = get_vlan(info->attrs[NL80211_ATTR_STA_VLAN], drv, &params.vlan); 2000 err = get_vlan(info, rdev, &params.vlan);
1806 if (err) 2001 if (err)
1807 goto out; 2002 goto out;
1808 2003
@@ -1838,7 +2033,7 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1838 if (err) 2033 if (err)
1839 goto out; 2034 goto out;
1840 2035
1841 if (!drv->ops->add_station) { 2036 if (!rdev->ops->add_station) {
1842 err = -EOPNOTSUPP; 2037 err = -EOPNOTSUPP;
1843 goto out; 2038 goto out;
1844 } 2039 }
@@ -1848,12 +2043,12 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1848 goto out; 2043 goto out;
1849 } 2044 }
1850 2045
1851 err = drv->ops->add_station(&drv->wiphy, dev, mac_addr, &params); 2046 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, &params);
1852 2047
1853 out: 2048 out:
1854 if (params.vlan) 2049 if (params.vlan)
1855 dev_put(params.vlan); 2050 dev_put(params.vlan);
1856 cfg80211_put_dev(drv); 2051 cfg80211_unlock_rdev(rdev);
1857 dev_put(dev); 2052 dev_put(dev);
1858 out_rtnl: 2053 out_rtnl:
1859 rtnl_unlock(); 2054 rtnl_unlock();
@@ -1863,7 +2058,7 @@ static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
1863 2058
1864static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2059static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1865{ 2060{
1866 struct cfg80211_registered_device *drv; 2061 struct cfg80211_registered_device *rdev;
1867 int err; 2062 int err;
1868 struct net_device *dev; 2063 struct net_device *dev;
1869 u8 *mac_addr = NULL; 2064 u8 *mac_addr = NULL;
@@ -1873,7 +2068,7 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1873 2068
1874 rtnl_lock(); 2069 rtnl_lock();
1875 2070
1876 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2071 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1877 if (err) 2072 if (err)
1878 goto out_rtnl; 2073 goto out_rtnl;
1879 2074
@@ -1884,15 +2079,15 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
1884 goto out; 2079 goto out;
1885 } 2080 }
1886 2081
1887 if (!drv->ops->del_station) { 2082 if (!rdev->ops->del_station) {
1888 err = -EOPNOTSUPP; 2083 err = -EOPNOTSUPP;
1889 goto out; 2084 goto out;
1890 } 2085 }
1891 2086
1892 err = drv->ops->del_station(&drv->wiphy, dev, mac_addr); 2087 err = rdev->ops->del_station(&rdev->wiphy, dev, mac_addr);
1893 2088
1894 out: 2089 out:
1895 cfg80211_put_dev(drv); 2090 cfg80211_unlock_rdev(rdev);
1896 dev_put(dev); 2091 dev_put(dev);
1897 out_rtnl: 2092 out_rtnl:
1898 rtnl_unlock(); 2093 rtnl_unlock();
@@ -1916,6 +2111,8 @@ static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq,
1916 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2111 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
1917 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2112 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop);
1918 2113
2114 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation);
2115
1919 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2116 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
1920 if (!pinfoattr) 2117 if (!pinfoattr)
1921 goto nla_put_failure; 2118 goto nla_put_failure;
@@ -1979,13 +2176,13 @@ static int nl80211_dump_mpath(struct sk_buff *skb,
1979 2176
1980 rtnl_lock(); 2177 rtnl_lock();
1981 2178
1982 netdev = __dev_get_by_index(&init_net, ifidx); 2179 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
1983 if (!netdev) { 2180 if (!netdev) {
1984 err = -ENODEV; 2181 err = -ENODEV;
1985 goto out_rtnl; 2182 goto out_rtnl;
1986 } 2183 }
1987 2184
1988 dev = cfg80211_get_dev_from_ifindex(ifidx); 2185 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
1989 if (IS_ERR(dev)) { 2186 if (IS_ERR(dev)) {
1990 err = PTR_ERR(dev); 2187 err = PTR_ERR(dev);
1991 goto out_rtnl; 2188 goto out_rtnl;
@@ -2023,7 +2220,7 @@ static int nl80211_dump_mpath(struct sk_buff *skb,
2023 cb->args[1] = path_idx; 2220 cb->args[1] = path_idx;
2024 err = skb->len; 2221 err = skb->len;
2025 out_err: 2222 out_err:
2026 cfg80211_put_dev(dev); 2223 cfg80211_unlock_rdev(dev);
2027 out_rtnl: 2224 out_rtnl:
2028 rtnl_unlock(); 2225 rtnl_unlock();
2029 2226
@@ -2032,7 +2229,7 @@ static int nl80211_dump_mpath(struct sk_buff *skb,
2032 2229
2033static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2230static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2034{ 2231{
2035 struct cfg80211_registered_device *drv; 2232 struct cfg80211_registered_device *rdev;
2036 int err; 2233 int err;
2037 struct net_device *dev; 2234 struct net_device *dev;
2038 struct mpath_info pinfo; 2235 struct mpath_info pinfo;
@@ -2049,11 +2246,11 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2049 2246
2050 rtnl_lock(); 2247 rtnl_lock();
2051 2248
2052 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2249 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2053 if (err) 2250 if (err)
2054 goto out_rtnl; 2251 goto out_rtnl;
2055 2252
2056 if (!drv->ops->get_mpath) { 2253 if (!rdev->ops->get_mpath) {
2057 err = -EOPNOTSUPP; 2254 err = -EOPNOTSUPP;
2058 goto out; 2255 goto out;
2059 } 2256 }
@@ -2063,7 +2260,7 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2063 goto out; 2260 goto out;
2064 } 2261 }
2065 2262
2066 err = drv->ops->get_mpath(&drv->wiphy, dev, dst, next_hop, &pinfo); 2263 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo);
2067 if (err) 2264 if (err)
2068 goto out; 2265 goto out;
2069 2266
@@ -2075,13 +2272,13 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2075 dev, dst, next_hop, &pinfo) < 0) 2272 dev, dst, next_hop, &pinfo) < 0)
2076 goto out_free; 2273 goto out_free;
2077 2274
2078 err = genlmsg_unicast(msg, info->snd_pid); 2275 err = genlmsg_reply(msg, info);
2079 goto out; 2276 goto out;
2080 2277
2081 out_free: 2278 out_free:
2082 nlmsg_free(msg); 2279 nlmsg_free(msg);
2083 out: 2280 out:
2084 cfg80211_put_dev(drv); 2281 cfg80211_unlock_rdev(rdev);
2085 dev_put(dev); 2282 dev_put(dev);
2086 out_rtnl: 2283 out_rtnl:
2087 rtnl_unlock(); 2284 rtnl_unlock();
@@ -2091,7 +2288,7 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2091 2288
2092static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2289static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2093{ 2290{
2094 struct cfg80211_registered_device *drv; 2291 struct cfg80211_registered_device *rdev;
2095 int err; 2292 int err;
2096 struct net_device *dev; 2293 struct net_device *dev;
2097 u8 *dst = NULL; 2294 u8 *dst = NULL;
@@ -2108,11 +2305,11 @@ static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2108 2305
2109 rtnl_lock(); 2306 rtnl_lock();
2110 2307
2111 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2308 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2112 if (err) 2309 if (err)
2113 goto out_rtnl; 2310 goto out_rtnl;
2114 2311
2115 if (!drv->ops->change_mpath) { 2312 if (!rdev->ops->change_mpath) {
2116 err = -EOPNOTSUPP; 2313 err = -EOPNOTSUPP;
2117 goto out; 2314 goto out;
2118 } 2315 }
@@ -2127,10 +2324,10 @@ static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2127 goto out; 2324 goto out;
2128 } 2325 }
2129 2326
2130 err = drv->ops->change_mpath(&drv->wiphy, dev, dst, next_hop); 2327 err = rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop);
2131 2328
2132 out: 2329 out:
2133 cfg80211_put_dev(drv); 2330 cfg80211_unlock_rdev(rdev);
2134 dev_put(dev); 2331 dev_put(dev);
2135 out_rtnl: 2332 out_rtnl:
2136 rtnl_unlock(); 2333 rtnl_unlock();
@@ -2139,7 +2336,7 @@ static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2139} 2336}
2140static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2337static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2141{ 2338{
2142 struct cfg80211_registered_device *drv; 2339 struct cfg80211_registered_device *rdev;
2143 int err; 2340 int err;
2144 struct net_device *dev; 2341 struct net_device *dev;
2145 u8 *dst = NULL; 2342 u8 *dst = NULL;
@@ -2156,11 +2353,11 @@ static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2156 2353
2157 rtnl_lock(); 2354 rtnl_lock();
2158 2355
2159 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2356 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2160 if (err) 2357 if (err)
2161 goto out_rtnl; 2358 goto out_rtnl;
2162 2359
2163 if (!drv->ops->add_mpath) { 2360 if (!rdev->ops->add_mpath) {
2164 err = -EOPNOTSUPP; 2361 err = -EOPNOTSUPP;
2165 goto out; 2362 goto out;
2166 } 2363 }
@@ -2175,10 +2372,10 @@ static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2175 goto out; 2372 goto out;
2176 } 2373 }
2177 2374
2178 err = drv->ops->add_mpath(&drv->wiphy, dev, dst, next_hop); 2375 err = rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop);
2179 2376
2180 out: 2377 out:
2181 cfg80211_put_dev(drv); 2378 cfg80211_unlock_rdev(rdev);
2182 dev_put(dev); 2379 dev_put(dev);
2183 out_rtnl: 2380 out_rtnl:
2184 rtnl_unlock(); 2381 rtnl_unlock();
@@ -2188,7 +2385,7 @@ static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2188 2385
2189static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2386static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
2190{ 2387{
2191 struct cfg80211_registered_device *drv; 2388 struct cfg80211_registered_device *rdev;
2192 int err; 2389 int err;
2193 struct net_device *dev; 2390 struct net_device *dev;
2194 u8 *dst = NULL; 2391 u8 *dst = NULL;
@@ -2198,19 +2395,19 @@ static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
2198 2395
2199 rtnl_lock(); 2396 rtnl_lock();
2200 2397
2201 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2398 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2202 if (err) 2399 if (err)
2203 goto out_rtnl; 2400 goto out_rtnl;
2204 2401
2205 if (!drv->ops->del_mpath) { 2402 if (!rdev->ops->del_mpath) {
2206 err = -EOPNOTSUPP; 2403 err = -EOPNOTSUPP;
2207 goto out; 2404 goto out;
2208 } 2405 }
2209 2406
2210 err = drv->ops->del_mpath(&drv->wiphy, dev, dst); 2407 err = rdev->ops->del_mpath(&rdev->wiphy, dev, dst);
2211 2408
2212 out: 2409 out:
2213 cfg80211_put_dev(drv); 2410 cfg80211_unlock_rdev(rdev);
2214 dev_put(dev); 2411 dev_put(dev);
2215 out_rtnl: 2412 out_rtnl:
2216 rtnl_unlock(); 2413 rtnl_unlock();
@@ -2220,7 +2417,7 @@ static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
2220 2417
2221static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2418static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2222{ 2419{
2223 struct cfg80211_registered_device *drv; 2420 struct cfg80211_registered_device *rdev;
2224 int err; 2421 int err;
2225 struct net_device *dev; 2422 struct net_device *dev;
2226 struct bss_parameters params; 2423 struct bss_parameters params;
@@ -2249,11 +2446,11 @@ static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2249 2446
2250 rtnl_lock(); 2447 rtnl_lock();
2251 2448
2252 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2449 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2253 if (err) 2450 if (err)
2254 goto out_rtnl; 2451 goto out_rtnl;
2255 2452
2256 if (!drv->ops->change_bss) { 2453 if (!rdev->ops->change_bss) {
2257 err = -EOPNOTSUPP; 2454 err = -EOPNOTSUPP;
2258 goto out; 2455 goto out;
2259 } 2456 }
@@ -2263,10 +2460,10 @@ static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2263 goto out; 2460 goto out;
2264 } 2461 }
2265 2462
2266 err = drv->ops->change_bss(&drv->wiphy, dev, &params); 2463 err = rdev->ops->change_bss(&rdev->wiphy, dev, &params);
2267 2464
2268 out: 2465 out:
2269 cfg80211_put_dev(drv); 2466 cfg80211_unlock_rdev(rdev);
2270 dev_put(dev); 2467 dev_put(dev);
2271 out_rtnl: 2468 out_rtnl:
2272 rtnl_unlock(); 2469 rtnl_unlock();
@@ -2357,7 +2554,7 @@ static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
2357static int nl80211_get_mesh_params(struct sk_buff *skb, 2554static int nl80211_get_mesh_params(struct sk_buff *skb,
2358 struct genl_info *info) 2555 struct genl_info *info)
2359{ 2556{
2360 struct cfg80211_registered_device *drv; 2557 struct cfg80211_registered_device *rdev;
2361 struct mesh_config cur_params; 2558 struct mesh_config cur_params;
2362 int err; 2559 int err;
2363 struct net_device *dev; 2560 struct net_device *dev;
@@ -2368,17 +2565,17 @@ static int nl80211_get_mesh_params(struct sk_buff *skb,
2368 rtnl_lock(); 2565 rtnl_lock();
2369 2566
2370 /* Look up our device */ 2567 /* Look up our device */
2371 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2568 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2372 if (err) 2569 if (err)
2373 goto out_rtnl; 2570 goto out_rtnl;
2374 2571
2375 if (!drv->ops->get_mesh_params) { 2572 if (!rdev->ops->get_mesh_params) {
2376 err = -EOPNOTSUPP; 2573 err = -EOPNOTSUPP;
2377 goto out; 2574 goto out;
2378 } 2575 }
2379 2576
2380 /* Get the mesh params */ 2577 /* Get the mesh params */
2381 err = drv->ops->get_mesh_params(&drv->wiphy, dev, &cur_params); 2578 err = rdev->ops->get_mesh_params(&rdev->wiphy, dev, &cur_params);
2382 if (err) 2579 if (err)
2383 goto out; 2580 goto out;
2384 2581
@@ -2424,7 +2621,7 @@ static int nl80211_get_mesh_params(struct sk_buff *skb,
2424 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 2621 cur_params.dot11MeshHWMPnetDiameterTraversalTime);
2425 nla_nest_end(msg, pinfoattr); 2622 nla_nest_end(msg, pinfoattr);
2426 genlmsg_end(msg, hdr); 2623 genlmsg_end(msg, hdr);
2427 err = genlmsg_unicast(msg, info->snd_pid); 2624 err = genlmsg_reply(msg, info);
2428 goto out; 2625 goto out;
2429 2626
2430 nla_put_failure: 2627 nla_put_failure:
@@ -2432,7 +2629,7 @@ static int nl80211_get_mesh_params(struct sk_buff *skb,
2432 err = -EMSGSIZE; 2629 err = -EMSGSIZE;
2433 out: 2630 out:
2434 /* Cleanup */ 2631 /* Cleanup */
2435 cfg80211_put_dev(drv); 2632 cfg80211_unlock_rdev(rdev);
2436 dev_put(dev); 2633 dev_put(dev);
2437 out_rtnl: 2634 out_rtnl:
2438 rtnl_unlock(); 2635 rtnl_unlock();
@@ -2470,7 +2667,7 @@ static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info)
2470{ 2667{
2471 int err; 2668 int err;
2472 u32 mask; 2669 u32 mask;
2473 struct cfg80211_registered_device *drv; 2670 struct cfg80211_registered_device *rdev;
2474 struct net_device *dev; 2671 struct net_device *dev;
2475 struct mesh_config cfg; 2672 struct mesh_config cfg;
2476 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 2673 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
@@ -2485,11 +2682,11 @@ static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info)
2485 2682
2486 rtnl_lock(); 2683 rtnl_lock();
2487 2684
2488 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2685 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2489 if (err) 2686 if (err)
2490 goto out_rtnl; 2687 goto out_rtnl;
2491 2688
2492 if (!drv->ops->set_mesh_params) { 2689 if (!rdev->ops->set_mesh_params) {
2493 err = -EOPNOTSUPP; 2690 err = -EOPNOTSUPP;
2494 goto out; 2691 goto out;
2495 } 2692 }
@@ -2534,11 +2731,11 @@ static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info)
2534 nla_get_u16); 2731 nla_get_u16);
2535 2732
2536 /* Apply changes */ 2733 /* Apply changes */
2537 err = drv->ops->set_mesh_params(&drv->wiphy, dev, &cfg, mask); 2734 err = rdev->ops->set_mesh_params(&rdev->wiphy, dev, &cfg, mask);
2538 2735
2539 out: 2736 out:
2540 /* cleanup */ 2737 /* cleanup */
2541 cfg80211_put_dev(drv); 2738 cfg80211_unlock_rdev(rdev);
2542 dev_put(dev); 2739 dev_put(dev);
2543 out_rtnl: 2740 out_rtnl:
2544 rtnl_unlock(); 2741 rtnl_unlock();
@@ -2612,7 +2809,7 @@ static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
2612 nla_nest_end(msg, nl_reg_rules); 2809 nla_nest_end(msg, nl_reg_rules);
2613 2810
2614 genlmsg_end(msg, hdr); 2811 genlmsg_end(msg, hdr);
2615 err = genlmsg_unicast(msg, info->snd_pid); 2812 err = genlmsg_reply(msg, info);
2616 goto out; 2813 goto out;
2617 2814
2618nla_put_failure: 2815nla_put_failure:
@@ -2698,16 +2895,41 @@ static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
2698 return r; 2895 return r;
2699} 2896}
2700 2897
2898static int validate_scan_freqs(struct nlattr *freqs)
2899{
2900 struct nlattr *attr1, *attr2;
2901 int n_channels = 0, tmp1, tmp2;
2902
2903 nla_for_each_nested(attr1, freqs, tmp1) {
2904 n_channels++;
2905 /*
2906 * Some hardware has a limited channel list for
2907 * scanning, and it is pretty much nonsensical
2908 * to scan for a channel twice, so disallow that
2909 * and don't require drivers to check that the
2910 * channel list they get isn't longer than what
2911 * they can scan, as long as they can scan all
2912 * the channels they registered at once.
2913 */
2914 nla_for_each_nested(attr2, freqs, tmp2)
2915 if (attr1 != attr2 &&
2916 nla_get_u32(attr1) == nla_get_u32(attr2))
2917 return 0;
2918 }
2919
2920 return n_channels;
2921}
2922
2701static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 2923static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2702{ 2924{
2703 struct cfg80211_registered_device *drv; 2925 struct cfg80211_registered_device *rdev;
2704 struct net_device *dev; 2926 struct net_device *dev;
2705 struct cfg80211_scan_request *request; 2927 struct cfg80211_scan_request *request;
2706 struct cfg80211_ssid *ssid; 2928 struct cfg80211_ssid *ssid;
2707 struct ieee80211_channel *channel; 2929 struct ieee80211_channel *channel;
2708 struct nlattr *attr; 2930 struct nlattr *attr;
2709 struct wiphy *wiphy; 2931 struct wiphy *wiphy;
2710 int err, tmp, n_ssids = 0, n_channels = 0, i; 2932 int err, tmp, n_ssids = 0, n_channels, i;
2711 enum ieee80211_band band; 2933 enum ieee80211_band band;
2712 size_t ie_len; 2934 size_t ie_len;
2713 2935
@@ -2716,13 +2938,13 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2716 2938
2717 rtnl_lock(); 2939 rtnl_lock();
2718 2940
2719 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 2941 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2720 if (err) 2942 if (err)
2721 goto out_rtnl; 2943 goto out_rtnl;
2722 2944
2723 wiphy = &drv->wiphy; 2945 wiphy = &rdev->wiphy;
2724 2946
2725 if (!drv->ops->scan) { 2947 if (!rdev->ops->scan) {
2726 err = -EOPNOTSUPP; 2948 err = -EOPNOTSUPP;
2727 goto out; 2949 goto out;
2728 } 2950 }
@@ -2732,19 +2954,21 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2732 goto out; 2954 goto out;
2733 } 2955 }
2734 2956
2735 if (drv->scan_req) { 2957 if (rdev->scan_req) {
2736 err = -EBUSY; 2958 err = -EBUSY;
2737 goto out; 2959 goto out;
2738 } 2960 }
2739 2961
2740 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 2962 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
2741 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) 2963 n_channels = validate_scan_freqs(
2742 n_channels++; 2964 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
2743 if (!n_channels) { 2965 if (!n_channels) {
2744 err = -EINVAL; 2966 err = -EINVAL;
2745 goto out; 2967 goto out;
2746 } 2968 }
2747 } else { 2969 } else {
2970 n_channels = 0;
2971
2748 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 2972 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
2749 if (wiphy->bands[band]) 2973 if (wiphy->bands[band])
2750 n_channels += wiphy->bands[band]->n_channels; 2974 n_channels += wiphy->bands[band]->n_channels;
@@ -2778,10 +3002,9 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2778 goto out; 3002 goto out;
2779 } 3003 }
2780 3004
2781 request->channels = (void *)((char *)request + sizeof(*request));
2782 request->n_channels = n_channels; 3005 request->n_channels = n_channels;
2783 if (n_ssids) 3006 if (n_ssids)
2784 request->ssids = (void *)(request->channels + n_channels); 3007 request->ssids = (void *)&request->channels[n_channels];
2785 request->n_ssids = n_ssids; 3008 request->n_ssids = n_ssids;
2786 if (ie_len) { 3009 if (ie_len) {
2787 if (request->ssids) 3010 if (request->ssids)
@@ -2836,19 +3059,24 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2836 request->ie_len); 3059 request->ie_len);
2837 } 3060 }
2838 3061
2839 request->ifidx = dev->ifindex; 3062 request->dev = dev;
2840 request->wiphy = &drv->wiphy; 3063 request->wiphy = &rdev->wiphy;
2841 3064
2842 drv->scan_req = request; 3065 rdev->scan_req = request;
2843 err = drv->ops->scan(&drv->wiphy, dev, request); 3066 err = rdev->ops->scan(&rdev->wiphy, dev, request);
3067
3068 if (!err) {
3069 nl80211_send_scan_start(rdev, dev);
3070 dev_hold(dev);
3071 }
2844 3072
2845 out_free: 3073 out_free:
2846 if (err) { 3074 if (err) {
2847 drv->scan_req = NULL; 3075 rdev->scan_req = NULL;
2848 kfree(request); 3076 kfree(request);
2849 } 3077 }
2850 out: 3078 out:
2851 cfg80211_put_dev(drv); 3079 cfg80211_unlock_rdev(rdev);
2852 dev_put(dev); 3080 dev_put(dev);
2853 out_rtnl: 3081 out_rtnl:
2854 rtnl_unlock(); 3082 rtnl_unlock();
@@ -2858,20 +3086,23 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
2858 3086
2859static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags, 3087static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
2860 struct cfg80211_registered_device *rdev, 3088 struct cfg80211_registered_device *rdev,
2861 struct net_device *dev, 3089 struct wireless_dev *wdev,
2862 struct cfg80211_bss *res) 3090 struct cfg80211_internal_bss *intbss)
2863{ 3091{
3092 struct cfg80211_bss *res = &intbss->pub;
2864 void *hdr; 3093 void *hdr;
2865 struct nlattr *bss; 3094 struct nlattr *bss;
3095 int i;
3096
3097 ASSERT_WDEV_LOCK(wdev);
2866 3098
2867 hdr = nl80211hdr_put(msg, pid, seq, flags, 3099 hdr = nl80211hdr_put(msg, pid, seq, flags,
2868 NL80211_CMD_NEW_SCAN_RESULTS); 3100 NL80211_CMD_NEW_SCAN_RESULTS);
2869 if (!hdr) 3101 if (!hdr)
2870 return -1; 3102 return -1;
2871 3103
2872 NLA_PUT_U32(msg, NL80211_ATTR_SCAN_GENERATION, 3104 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation);
2873 rdev->bss_generation); 3105 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex);
2874 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
2875 3106
2876 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3107 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
2877 if (!bss) 3108 if (!bss)
@@ -2900,6 +3131,28 @@ static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
2900 break; 3131 break;
2901 } 3132 }
2902 3133
3134 switch (wdev->iftype) {
3135 case NL80211_IFTYPE_STATION:
3136 if (intbss == wdev->current_bss)
3137 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3138 NL80211_BSS_STATUS_ASSOCIATED);
3139 else for (i = 0; i < MAX_AUTH_BSSES; i++) {
3140 if (intbss != wdev->auth_bsses[i])
3141 continue;
3142 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3143 NL80211_BSS_STATUS_AUTHENTICATED);
3144 break;
3145 }
3146 break;
3147 case NL80211_IFTYPE_ADHOC:
3148 if (intbss == wdev->current_bss)
3149 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3150 NL80211_BSS_STATUS_IBSS_JOINED);
3151 break;
3152 default:
3153 break;
3154 }
3155
2903 nla_nest_end(msg, bss); 3156 nla_nest_end(msg, bss);
2904 3157
2905 return genlmsg_end(msg, hdr); 3158 return genlmsg_end(msg, hdr);
@@ -2912,9 +3165,10 @@ static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
2912static int nl80211_dump_scan(struct sk_buff *skb, 3165static int nl80211_dump_scan(struct sk_buff *skb,
2913 struct netlink_callback *cb) 3166 struct netlink_callback *cb)
2914{ 3167{
2915 struct cfg80211_registered_device *dev; 3168 struct cfg80211_registered_device *rdev;
2916 struct net_device *netdev; 3169 struct net_device *dev;
2917 struct cfg80211_internal_bss *scan; 3170 struct cfg80211_internal_bss *scan;
3171 struct wireless_dev *wdev;
2918 int ifidx = cb->args[0]; 3172 int ifidx = cb->args[0];
2919 int start = cb->args[1], idx = 0; 3173 int start = cb->args[1], idx = 0;
2920 int err; 3174 int err;
@@ -2935,58 +3189,83 @@ static int nl80211_dump_scan(struct sk_buff *skb,
2935 cb->args[0] = ifidx; 3189 cb->args[0] = ifidx;
2936 } 3190 }
2937 3191
2938 netdev = dev_get_by_index(&init_net, ifidx); 3192 dev = dev_get_by_index(sock_net(skb->sk), ifidx);
2939 if (!netdev) 3193 if (!dev)
2940 return -ENODEV; 3194 return -ENODEV;
2941 3195
2942 dev = cfg80211_get_dev_from_ifindex(ifidx); 3196 rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
2943 if (IS_ERR(dev)) { 3197 if (IS_ERR(rdev)) {
2944 err = PTR_ERR(dev); 3198 err = PTR_ERR(rdev);
2945 goto out_put_netdev; 3199 goto out_put_netdev;
2946 } 3200 }
2947 3201
2948 spin_lock_bh(&dev->bss_lock); 3202 wdev = dev->ieee80211_ptr;
2949 cfg80211_bss_expire(dev);
2950 3203
2951 list_for_each_entry(scan, &dev->bss_list, list) { 3204 wdev_lock(wdev);
3205 spin_lock_bh(&rdev->bss_lock);
3206 cfg80211_bss_expire(rdev);
3207
3208 list_for_each_entry(scan, &rdev->bss_list, list) {
2952 if (++idx <= start) 3209 if (++idx <= start)
2953 continue; 3210 continue;
2954 if (nl80211_send_bss(skb, 3211 if (nl80211_send_bss(skb,
2955 NETLINK_CB(cb->skb).pid, 3212 NETLINK_CB(cb->skb).pid,
2956 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3213 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2957 dev, netdev, &scan->pub) < 0) { 3214 rdev, wdev, scan) < 0) {
2958 idx--; 3215 idx--;
2959 goto out; 3216 goto out;
2960 } 3217 }
2961 } 3218 }
2962 3219
2963 out: 3220 out:
2964 spin_unlock_bh(&dev->bss_lock); 3221 spin_unlock_bh(&rdev->bss_lock);
3222 wdev_unlock(wdev);
2965 3223
2966 cb->args[1] = idx; 3224 cb->args[1] = idx;
2967 err = skb->len; 3225 err = skb->len;
2968 cfg80211_put_dev(dev); 3226 cfg80211_unlock_rdev(rdev);
2969 out_put_netdev: 3227 out_put_netdev:
2970 dev_put(netdev); 3228 dev_put(dev);
2971 3229
2972 return err; 3230 return err;
2973} 3231}
2974 3232
2975static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 3233static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type)
2976{ 3234{
2977 return auth_type == NL80211_AUTHTYPE_OPEN_SYSTEM || 3235 return auth_type <= NL80211_AUTHTYPE_MAX;
2978 auth_type == NL80211_AUTHTYPE_SHARED_KEY || 3236}
2979 auth_type == NL80211_AUTHTYPE_FT || 3237
2980 auth_type == NL80211_AUTHTYPE_NETWORK_EAP; 3238static bool nl80211_valid_wpa_versions(u32 wpa_versions)
3239{
3240 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
3241 NL80211_WPA_VERSION_2));
3242}
3243
3244static bool nl80211_valid_akm_suite(u32 akm)
3245{
3246 return akm == WLAN_AKM_SUITE_8021X ||
3247 akm == WLAN_AKM_SUITE_PSK;
2981} 3248}
2982 3249
3250static bool nl80211_valid_cipher_suite(u32 cipher)
3251{
3252 return cipher == WLAN_CIPHER_SUITE_WEP40 ||
3253 cipher == WLAN_CIPHER_SUITE_WEP104 ||
3254 cipher == WLAN_CIPHER_SUITE_TKIP ||
3255 cipher == WLAN_CIPHER_SUITE_CCMP ||
3256 cipher == WLAN_CIPHER_SUITE_AES_CMAC;
3257}
3258
3259
2983static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 3260static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
2984{ 3261{
2985 struct cfg80211_registered_device *drv; 3262 struct cfg80211_registered_device *rdev;
2986 struct net_device *dev; 3263 struct net_device *dev;
2987 struct cfg80211_auth_request req; 3264 struct ieee80211_channel *chan;
2988 struct wiphy *wiphy; 3265 const u8 *bssid, *ssid, *ie = NULL;
2989 int err; 3266 int err, ssid_len, ie_len = 0;
3267 enum nl80211_auth_type auth_type;
3268 struct key_parse key;
2990 3269
2991 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3270 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
2992 return -EINVAL; 3271 return -EINVAL;
@@ -2997,13 +3276,38 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
2997 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 3276 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
2998 return -EINVAL; 3277 return -EINVAL;
2999 3278
3279 if (!info->attrs[NL80211_ATTR_SSID])
3280 return -EINVAL;
3281
3282 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
3283 return -EINVAL;
3284
3285 err = nl80211_parse_key(info, &key);
3286 if (err)
3287 return err;
3288
3289 if (key.idx >= 0) {
3290 if (!key.p.key || !key.p.key_len)
3291 return -EINVAL;
3292 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
3293 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
3294 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
3295 key.p.key_len != WLAN_KEY_LEN_WEP104))
3296 return -EINVAL;
3297 if (key.idx > 4)
3298 return -EINVAL;
3299 } else {
3300 key.p.key_len = 0;
3301 key.p.key = NULL;
3302 }
3303
3000 rtnl_lock(); 3304 rtnl_lock();
3001 3305
3002 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3306 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3003 if (err) 3307 if (err)
3004 goto unlock_rtnl; 3308 goto unlock_rtnl;
3005 3309
3006 if (!drv->ops->auth) { 3310 if (!rdev->ops->auth) {
3007 err = -EOPNOTSUPP; 3311 err = -EOPNOTSUPP;
3008 goto out; 3312 goto out;
3009 } 3313 }
@@ -3018,69 +3322,130 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
3018 goto out; 3322 goto out;
3019 } 3323 }
3020 3324
3021 wiphy = &drv->wiphy; 3325 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3022 memset(&req, 0, sizeof(req)); 3326 chan = ieee80211_get_channel(&rdev->wiphy,
3023 3327 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3024 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 3328 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) {
3025 3329 err = -EINVAL;
3026 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 3330 goto out;
3027 req.chan = ieee80211_get_channel(
3028 wiphy,
3029 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3030 if (!req.chan) {
3031 err = -EINVAL;
3032 goto out;
3033 }
3034 } 3331 }
3035 3332
3036 if (info->attrs[NL80211_ATTR_SSID]) { 3333 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3037 req.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3334 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3038 req.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3039 }
3040 3335
3041 if (info->attrs[NL80211_ATTR_IE]) { 3336 if (info->attrs[NL80211_ATTR_IE]) {
3042 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3337 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3043 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3338 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3044 } 3339 }
3045 3340
3046 req.auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3341 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
3047 if (!nl80211_valid_auth_type(req.auth_type)) { 3342 if (!nl80211_valid_auth_type(auth_type)) {
3048 err = -EINVAL; 3343 err = -EINVAL;
3049 goto out; 3344 goto out;
3050 } 3345 }
3051 3346
3052 err = drv->ops->auth(&drv->wiphy, dev, &req); 3347 err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
3348 ssid, ssid_len, ie, ie_len,
3349 key.p.key, key.p.key_len, key.idx);
3053 3350
3054out: 3351out:
3055 cfg80211_put_dev(drv); 3352 cfg80211_unlock_rdev(rdev);
3056 dev_put(dev); 3353 dev_put(dev);
3057unlock_rtnl: 3354unlock_rtnl:
3058 rtnl_unlock(); 3355 rtnl_unlock();
3059 return err; 3356 return err;
3060} 3357}
3061 3358
3359static int nl80211_crypto_settings(struct genl_info *info,
3360 struct cfg80211_crypto_settings *settings,
3361 int cipher_limit)
3362{
3363 memset(settings, 0, sizeof(*settings));
3364
3365 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
3366
3367 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
3368 void *data;
3369 int len, i;
3370
3371 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
3372 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
3373 settings->n_ciphers_pairwise = len / sizeof(u32);
3374
3375 if (len % sizeof(u32))
3376 return -EINVAL;
3377
3378 if (settings->n_ciphers_pairwise > cipher_limit)
3379 return -EINVAL;
3380
3381 memcpy(settings->ciphers_pairwise, data, len);
3382
3383 for (i = 0; i < settings->n_ciphers_pairwise; i++)
3384 if (!nl80211_valid_cipher_suite(
3385 settings->ciphers_pairwise[i]))
3386 return -EINVAL;
3387 }
3388
3389 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
3390 settings->cipher_group =
3391 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
3392 if (!nl80211_valid_cipher_suite(settings->cipher_group))
3393 return -EINVAL;
3394 }
3395
3396 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
3397 settings->wpa_versions =
3398 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
3399 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
3400 return -EINVAL;
3401 }
3402
3403 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
3404 void *data;
3405 int len, i;
3406
3407 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
3408 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
3409 settings->n_akm_suites = len / sizeof(u32);
3410
3411 if (len % sizeof(u32))
3412 return -EINVAL;
3413
3414 memcpy(settings->akm_suites, data, len);
3415
3416 for (i = 0; i < settings->n_ciphers_pairwise; i++)
3417 if (!nl80211_valid_akm_suite(settings->akm_suites[i]))
3418 return -EINVAL;
3419 }
3420
3421 return 0;
3422}
3423
3062static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 3424static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
3063{ 3425{
3064 struct cfg80211_registered_device *drv; 3426 struct cfg80211_registered_device *rdev;
3065 struct net_device *dev; 3427 struct net_device *dev;
3066 struct cfg80211_assoc_request req; 3428 struct cfg80211_crypto_settings crypto;
3067 struct wiphy *wiphy; 3429 struct ieee80211_channel *chan, *fixedchan;
3068 int err; 3430 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL;
3431 int err, ssid_len, ie_len = 0;
3432 bool use_mfp = false;
3069 3433
3070 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3434 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3071 return -EINVAL; 3435 return -EINVAL;
3072 3436
3073 if (!info->attrs[NL80211_ATTR_MAC] || 3437 if (!info->attrs[NL80211_ATTR_MAC] ||
3074 !info->attrs[NL80211_ATTR_SSID]) 3438 !info->attrs[NL80211_ATTR_SSID] ||
3439 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
3075 return -EINVAL; 3440 return -EINVAL;
3076 3441
3077 rtnl_lock(); 3442 rtnl_lock();
3078 3443
3079 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3444 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3080 if (err) 3445 if (err)
3081 goto unlock_rtnl; 3446 goto unlock_rtnl;
3082 3447
3083 if (!drv->ops->assoc) { 3448 if (!rdev->ops->assoc) {
3084 err = -EOPNOTSUPP; 3449 err = -EOPNOTSUPP;
3085 goto out; 3450 goto out;
3086 } 3451 }
@@ -3095,46 +3460,54 @@ static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
3095 goto out; 3460 goto out;
3096 } 3461 }
3097 3462
3098 wiphy = &drv->wiphy; 3463 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3099 memset(&req, 0, sizeof(req));
3100 3464
3101 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 3465 chan = ieee80211_get_channel(&rdev->wiphy,
3466 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3467 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) {
3468 err = -EINVAL;
3469 goto out;
3470 }
3102 3471
3103 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 3472 mutex_lock(&rdev->devlist_mtx);
3104 req.chan = ieee80211_get_channel( 3473 fixedchan = rdev_fixed_channel(rdev, NULL);
3105 wiphy, 3474 if (fixedchan && chan != fixedchan) {
3106 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3475 err = -EBUSY;
3107 if (!req.chan) { 3476 mutex_unlock(&rdev->devlist_mtx);
3108 err = -EINVAL; 3477 goto out;
3109 goto out;
3110 }
3111 } 3478 }
3479 mutex_unlock(&rdev->devlist_mtx);
3112 3480
3113 req.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3481 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3114 req.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3482 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3115 3483
3116 if (info->attrs[NL80211_ATTR_IE]) { 3484 if (info->attrs[NL80211_ATTR_IE]) {
3117 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3485 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3118 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3486 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3119 } 3487 }
3120 3488
3121 if (info->attrs[NL80211_ATTR_USE_MFP]) { 3489 if (info->attrs[NL80211_ATTR_USE_MFP]) {
3122 enum nl80211_mfp use_mfp = 3490 enum nl80211_mfp mfp =
3123 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 3491 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
3124 if (use_mfp == NL80211_MFP_REQUIRED) 3492 if (mfp == NL80211_MFP_REQUIRED)
3125 req.use_mfp = true; 3493 use_mfp = true;
3126 else if (use_mfp != NL80211_MFP_NO) { 3494 else if (mfp != NL80211_MFP_NO) {
3127 err = -EINVAL; 3495 err = -EINVAL;
3128 goto out; 3496 goto out;
3129 } 3497 }
3130 } 3498 }
3131 3499
3132 req.control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 3500 if (info->attrs[NL80211_ATTR_PREV_BSSID])
3501 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
3133 3502
3134 err = drv->ops->assoc(&drv->wiphy, dev, &req); 3503 err = nl80211_crypto_settings(info, &crypto, 1);
3504 if (!err)
3505 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid,
3506 ssid, ssid_len, ie, ie_len, use_mfp,
3507 &crypto);
3135 3508
3136out: 3509out:
3137 cfg80211_put_dev(drv); 3510 cfg80211_unlock_rdev(rdev);
3138 dev_put(dev); 3511 dev_put(dev);
3139unlock_rtnl: 3512unlock_rtnl:
3140 rtnl_unlock(); 3513 rtnl_unlock();
@@ -3143,11 +3516,11 @@ unlock_rtnl:
3143 3516
3144static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 3517static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
3145{ 3518{
3146 struct cfg80211_registered_device *drv; 3519 struct cfg80211_registered_device *rdev;
3147 struct net_device *dev; 3520 struct net_device *dev;
3148 struct cfg80211_deauth_request req; 3521 const u8 *ie = NULL, *bssid;
3149 struct wiphy *wiphy; 3522 int err, ie_len = 0;
3150 int err; 3523 u16 reason_code;
3151 3524
3152 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3525 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3153 return -EINVAL; 3526 return -EINVAL;
@@ -3160,11 +3533,11 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
3160 3533
3161 rtnl_lock(); 3534 rtnl_lock();
3162 3535
3163 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3536 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3164 if (err) 3537 if (err)
3165 goto unlock_rtnl; 3538 goto unlock_rtnl;
3166 3539
3167 if (!drv->ops->deauth) { 3540 if (!rdev->ops->deauth) {
3168 err = -EOPNOTSUPP; 3541 err = -EOPNOTSUPP;
3169 goto out; 3542 goto out;
3170 } 3543 }
@@ -3179,27 +3552,24 @@ static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
3179 goto out; 3552 goto out;
3180 } 3553 }
3181 3554
3182 wiphy = &drv->wiphy; 3555 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3183 memset(&req, 0, sizeof(req));
3184
3185 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3186 3556
3187 req.reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3557 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3188 if (req.reason_code == 0) { 3558 if (reason_code == 0) {
3189 /* Reason Code 0 is reserved */ 3559 /* Reason Code 0 is reserved */
3190 err = -EINVAL; 3560 err = -EINVAL;
3191 goto out; 3561 goto out;
3192 } 3562 }
3193 3563
3194 if (info->attrs[NL80211_ATTR_IE]) { 3564 if (info->attrs[NL80211_ATTR_IE]) {
3195 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3565 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3196 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3566 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3197 } 3567 }
3198 3568
3199 err = drv->ops->deauth(&drv->wiphy, dev, &req); 3569 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code);
3200 3570
3201out: 3571out:
3202 cfg80211_put_dev(drv); 3572 cfg80211_unlock_rdev(rdev);
3203 dev_put(dev); 3573 dev_put(dev);
3204unlock_rtnl: 3574unlock_rtnl:
3205 rtnl_unlock(); 3575 rtnl_unlock();
@@ -3208,11 +3578,11 @@ unlock_rtnl:
3208 3578
3209static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 3579static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
3210{ 3580{
3211 struct cfg80211_registered_device *drv; 3581 struct cfg80211_registered_device *rdev;
3212 struct net_device *dev; 3582 struct net_device *dev;
3213 struct cfg80211_disassoc_request req; 3583 const u8 *ie = NULL, *bssid;
3214 struct wiphy *wiphy; 3584 int err, ie_len = 0;
3215 int err; 3585 u16 reason_code;
3216 3586
3217 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3587 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3218 return -EINVAL; 3588 return -EINVAL;
@@ -3225,11 +3595,11 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
3225 3595
3226 rtnl_lock(); 3596 rtnl_lock();
3227 3597
3228 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3598 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3229 if (err) 3599 if (err)
3230 goto unlock_rtnl; 3600 goto unlock_rtnl;
3231 3601
3232 if (!drv->ops->disassoc) { 3602 if (!rdev->ops->disassoc) {
3233 err = -EOPNOTSUPP; 3603 err = -EOPNOTSUPP;
3234 goto out; 3604 goto out;
3235 } 3605 }
@@ -3244,27 +3614,24 @@ static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
3244 goto out; 3614 goto out;
3245 } 3615 }
3246 3616
3247 wiphy = &drv->wiphy; 3617 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3248 memset(&req, 0, sizeof(req));
3249
3250 req.peer_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3251 3618
3252 req.reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3619 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3253 if (req.reason_code == 0) { 3620 if (reason_code == 0) {
3254 /* Reason Code 0 is reserved */ 3621 /* Reason Code 0 is reserved */
3255 err = -EINVAL; 3622 err = -EINVAL;
3256 goto out; 3623 goto out;
3257 } 3624 }
3258 3625
3259 if (info->attrs[NL80211_ATTR_IE]) { 3626 if (info->attrs[NL80211_ATTR_IE]) {
3260 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3627 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3261 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3628 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3262 } 3629 }
3263 3630
3264 err = drv->ops->disassoc(&drv->wiphy, dev, &req); 3631 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code);
3265 3632
3266out: 3633out:
3267 cfg80211_put_dev(drv); 3634 cfg80211_unlock_rdev(rdev);
3268 dev_put(dev); 3635 dev_put(dev);
3269unlock_rtnl: 3636unlock_rtnl:
3270 rtnl_unlock(); 3637 rtnl_unlock();
@@ -3273,10 +3640,11 @@ unlock_rtnl:
3273 3640
3274static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 3641static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3275{ 3642{
3276 struct cfg80211_registered_device *drv; 3643 struct cfg80211_registered_device *rdev;
3277 struct net_device *dev; 3644 struct net_device *dev;
3278 struct cfg80211_ibss_params ibss; 3645 struct cfg80211_ibss_params ibss;
3279 struct wiphy *wiphy; 3646 struct wiphy *wiphy;
3647 struct cfg80211_cached_keys *connkeys = NULL;
3280 int err; 3648 int err;
3281 3649
3282 memset(&ibss, 0, sizeof(ibss)); 3650 memset(&ibss, 0, sizeof(ibss));
@@ -3300,11 +3668,11 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3300 3668
3301 rtnl_lock(); 3669 rtnl_lock();
3302 3670
3303 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3671 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3304 if (err) 3672 if (err)
3305 goto unlock_rtnl; 3673 goto unlock_rtnl;
3306 3674
3307 if (!drv->ops->join_ibss) { 3675 if (!rdev->ops->join_ibss) {
3308 err = -EOPNOTSUPP; 3676 err = -EOPNOTSUPP;
3309 goto out; 3677 goto out;
3310 } 3678 }
@@ -3319,7 +3687,7 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3319 goto out; 3687 goto out;
3320 } 3688 }
3321 3689
3322 wiphy = &drv->wiphy; 3690 wiphy = &rdev->wiphy;
3323 3691
3324 if (info->attrs[NL80211_ATTR_MAC]) 3692 if (info->attrs[NL80211_ATTR_MAC])
3325 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3693 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
@@ -3341,30 +3709,43 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3341 } 3709 }
3342 3710
3343 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 3711 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
3712 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
3713
3714 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
3715 connkeys = nl80211_parse_connkeys(rdev,
3716 info->attrs[NL80211_ATTR_KEYS]);
3717 if (IS_ERR(connkeys)) {
3718 err = PTR_ERR(connkeys);
3719 connkeys = NULL;
3720 goto out;
3721 }
3722 }
3344 3723
3345 err = cfg80211_join_ibss(drv, dev, &ibss); 3724 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
3346 3725
3347out: 3726out:
3348 cfg80211_put_dev(drv); 3727 cfg80211_unlock_rdev(rdev);
3349 dev_put(dev); 3728 dev_put(dev);
3350unlock_rtnl: 3729unlock_rtnl:
3730 if (err)
3731 kfree(connkeys);
3351 rtnl_unlock(); 3732 rtnl_unlock();
3352 return err; 3733 return err;
3353} 3734}
3354 3735
3355static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 3736static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
3356{ 3737{
3357 struct cfg80211_registered_device *drv; 3738 struct cfg80211_registered_device *rdev;
3358 struct net_device *dev; 3739 struct net_device *dev;
3359 int err; 3740 int err;
3360 3741
3361 rtnl_lock(); 3742 rtnl_lock();
3362 3743
3363 err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev); 3744 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3364 if (err) 3745 if (err)
3365 goto unlock_rtnl; 3746 goto unlock_rtnl;
3366 3747
3367 if (!drv->ops->leave_ibss) { 3748 if (!rdev->ops->leave_ibss) {
3368 err = -EOPNOTSUPP; 3749 err = -EOPNOTSUPP;
3369 goto out; 3750 goto out;
3370 } 3751 }
@@ -3379,12 +3760,309 @@ static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
3379 goto out; 3760 goto out;
3380 } 3761 }
3381 3762
3382 err = cfg80211_leave_ibss(drv, dev, false); 3763 err = cfg80211_leave_ibss(rdev, dev, false);
3764
3765out:
3766 cfg80211_unlock_rdev(rdev);
3767 dev_put(dev);
3768unlock_rtnl:
3769 rtnl_unlock();
3770 return err;
3771}
3772
3773#ifdef CONFIG_NL80211_TESTMODE
3774static struct genl_multicast_group nl80211_testmode_mcgrp = {
3775 .name = "testmode",
3776};
3777
3778static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
3779{
3780 struct cfg80211_registered_device *rdev;
3781 int err;
3782
3783 if (!info->attrs[NL80211_ATTR_TESTDATA])
3784 return -EINVAL;
3785
3786 rtnl_lock();
3787
3788 rdev = cfg80211_get_dev_from_info(info);
3789 if (IS_ERR(rdev)) {
3790 err = PTR_ERR(rdev);
3791 goto unlock_rtnl;
3792 }
3793
3794 err = -EOPNOTSUPP;
3795 if (rdev->ops->testmode_cmd) {
3796 rdev->testmode_info = info;
3797 err = rdev->ops->testmode_cmd(&rdev->wiphy,
3798 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
3799 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
3800 rdev->testmode_info = NULL;
3801 }
3802
3803 cfg80211_unlock_rdev(rdev);
3804
3805 unlock_rtnl:
3806 rtnl_unlock();
3807 return err;
3808}
3809
3810static struct sk_buff *
3811__cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev,
3812 int approxlen, u32 pid, u32 seq, gfp_t gfp)
3813{
3814 struct sk_buff *skb;
3815 void *hdr;
3816 struct nlattr *data;
3817
3818 skb = nlmsg_new(approxlen + 100, gfp);
3819 if (!skb)
3820 return NULL;
3821
3822 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE);
3823 if (!hdr) {
3824 kfree_skb(skb);
3825 return NULL;
3826 }
3827
3828 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
3829 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
3830
3831 ((void **)skb->cb)[0] = rdev;
3832 ((void **)skb->cb)[1] = hdr;
3833 ((void **)skb->cb)[2] = data;
3834
3835 return skb;
3836
3837 nla_put_failure:
3838 kfree_skb(skb);
3839 return NULL;
3840}
3841
3842struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
3843 int approxlen)
3844{
3845 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
3846
3847 if (WARN_ON(!rdev->testmode_info))
3848 return NULL;
3849
3850 return __cfg80211_testmode_alloc_skb(rdev, approxlen,
3851 rdev->testmode_info->snd_pid,
3852 rdev->testmode_info->snd_seq,
3853 GFP_KERNEL);
3854}
3855EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb);
3856
3857int cfg80211_testmode_reply(struct sk_buff *skb)
3858{
3859 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
3860 void *hdr = ((void **)skb->cb)[1];
3861 struct nlattr *data = ((void **)skb->cb)[2];
3862
3863 if (WARN_ON(!rdev->testmode_info)) {
3864 kfree_skb(skb);
3865 return -EINVAL;
3866 }
3867
3868 nla_nest_end(skb, data);
3869 genlmsg_end(skb, hdr);
3870 return genlmsg_reply(skb, rdev->testmode_info);
3871}
3872EXPORT_SYMBOL(cfg80211_testmode_reply);
3873
3874struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy,
3875 int approxlen, gfp_t gfp)
3876{
3877 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
3878
3879 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp);
3880}
3881EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb);
3882
3883void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
3884{
3885 void *hdr = ((void **)skb->cb)[1];
3886 struct nlattr *data = ((void **)skb->cb)[2];
3887
3888 nla_nest_end(skb, data);
3889 genlmsg_end(skb, hdr);
3890 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
3891}
3892EXPORT_SYMBOL(cfg80211_testmode_event);
3893#endif
3894
3895static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
3896{
3897 struct cfg80211_registered_device *rdev;
3898 struct net_device *dev;
3899 struct cfg80211_connect_params connect;
3900 struct wiphy *wiphy;
3901 struct cfg80211_cached_keys *connkeys = NULL;
3902 int err;
3903
3904 memset(&connect, 0, sizeof(connect));
3905
3906 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3907 return -EINVAL;
3908
3909 if (!info->attrs[NL80211_ATTR_SSID] ||
3910 !nla_len(info->attrs[NL80211_ATTR_SSID]))
3911 return -EINVAL;
3912
3913 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
3914 connect.auth_type =
3915 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
3916 if (!nl80211_valid_auth_type(connect.auth_type))
3917 return -EINVAL;
3918 } else
3919 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
3920
3921 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
3922
3923 err = nl80211_crypto_settings(info, &connect.crypto,
3924 NL80211_MAX_NR_CIPHER_SUITES);
3925 if (err)
3926 return err;
3927 rtnl_lock();
3928
3929 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3930 if (err)
3931 goto unlock_rtnl;
3932
3933 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
3934 err = -EOPNOTSUPP;
3935 goto out;
3936 }
3937
3938 if (!netif_running(dev)) {
3939 err = -ENETDOWN;
3940 goto out;
3941 }
3942
3943 wiphy = &rdev->wiphy;
3944
3945 if (info->attrs[NL80211_ATTR_MAC])
3946 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3947 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3948 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3949
3950 if (info->attrs[NL80211_ATTR_IE]) {
3951 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3952 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3953 }
3954
3955 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
3956 connect.channel =
3957 ieee80211_get_channel(wiphy,
3958 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3959 if (!connect.channel ||
3960 connect.channel->flags & IEEE80211_CHAN_DISABLED) {
3961 err = -EINVAL;
3962 goto out;
3963 }
3964 }
3965
3966 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
3967 connkeys = nl80211_parse_connkeys(rdev,
3968 info->attrs[NL80211_ATTR_KEYS]);
3969 if (IS_ERR(connkeys)) {
3970 err = PTR_ERR(connkeys);
3971 connkeys = NULL;
3972 goto out;
3973 }
3974 }
3975
3976 err = cfg80211_connect(rdev, dev, &connect, connkeys);
3383 3977
3384out: 3978out:
3385 cfg80211_put_dev(drv); 3979 cfg80211_unlock_rdev(rdev);
3386 dev_put(dev); 3980 dev_put(dev);
3387unlock_rtnl: 3981unlock_rtnl:
3982 if (err)
3983 kfree(connkeys);
3984 rtnl_unlock();
3985 return err;
3986}
3987
3988static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
3989{
3990 struct cfg80211_registered_device *rdev;
3991 struct net_device *dev;
3992 int err;
3993 u16 reason;
3994
3995 if (!info->attrs[NL80211_ATTR_REASON_CODE])
3996 reason = WLAN_REASON_DEAUTH_LEAVING;
3997 else
3998 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3999
4000 if (reason == 0)
4001 return -EINVAL;
4002
4003 rtnl_lock();
4004
4005 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4006 if (err)
4007 goto unlock_rtnl;
4008
4009 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
4010 err = -EOPNOTSUPP;
4011 goto out;
4012 }
4013
4014 if (!netif_running(dev)) {
4015 err = -ENETDOWN;
4016 goto out;
4017 }
4018
4019 err = cfg80211_disconnect(rdev, dev, reason, true);
4020
4021out:
4022 cfg80211_unlock_rdev(rdev);
4023 dev_put(dev);
4024unlock_rtnl:
4025 rtnl_unlock();
4026 return err;
4027}
4028
4029static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
4030{
4031 struct cfg80211_registered_device *rdev;
4032 struct net *net;
4033 int err;
4034 u32 pid;
4035
4036 if (!info->attrs[NL80211_ATTR_PID])
4037 return -EINVAL;
4038
4039 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
4040
4041 rtnl_lock();
4042
4043 rdev = cfg80211_get_dev_from_info(info);
4044 if (IS_ERR(rdev)) {
4045 err = PTR_ERR(rdev);
4046 goto out;
4047 }
4048
4049 net = get_net_ns_by_pid(pid);
4050 if (IS_ERR(net)) {
4051 err = PTR_ERR(net);
4052 goto out;
4053 }
4054
4055 err = 0;
4056
4057 /* check if anything to do */
4058 if (net_eq(wiphy_net(&rdev->wiphy), net))
4059 goto out_put_net;
4060
4061 err = cfg80211_switch_netns(rdev, net);
4062 out_put_net:
4063 put_net(net);
4064 out:
4065 cfg80211_unlock_rdev(rdev);
3388 rtnl_unlock(); 4066 rtnl_unlock();
3389 return err; 4067 return err;
3390} 4068}
@@ -3602,6 +4280,32 @@ static struct genl_ops nl80211_ops[] = {
3602 .policy = nl80211_policy, 4280 .policy = nl80211_policy,
3603 .flags = GENL_ADMIN_PERM, 4281 .flags = GENL_ADMIN_PERM,
3604 }, 4282 },
4283#ifdef CONFIG_NL80211_TESTMODE
4284 {
4285 .cmd = NL80211_CMD_TESTMODE,
4286 .doit = nl80211_testmode_do,
4287 .policy = nl80211_policy,
4288 .flags = GENL_ADMIN_PERM,
4289 },
4290#endif
4291 {
4292 .cmd = NL80211_CMD_CONNECT,
4293 .doit = nl80211_connect,
4294 .policy = nl80211_policy,
4295 .flags = GENL_ADMIN_PERM,
4296 },
4297 {
4298 .cmd = NL80211_CMD_DISCONNECT,
4299 .doit = nl80211_disconnect,
4300 .policy = nl80211_policy,
4301 .flags = GENL_ADMIN_PERM,
4302 },
4303 {
4304 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
4305 .doit = nl80211_wiphy_netns,
4306 .policy = nl80211_policy,
4307 .flags = GENL_ADMIN_PERM,
4308 },
3605}; 4309};
3606static struct genl_multicast_group nl80211_mlme_mcgrp = { 4310static struct genl_multicast_group nl80211_mlme_mcgrp = {
3607 .name = "mlme", 4311 .name = "mlme",
@@ -3633,7 +4337,8 @@ void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev)
3633 return; 4337 return;
3634 } 4338 }
3635 4339
3636 genlmsg_multicast(msg, 0, nl80211_config_mcgrp.id, GFP_KERNEL); 4340 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4341 nl80211_config_mcgrp.id, GFP_KERNEL);
3637} 4342}
3638 4343
3639static int nl80211_add_scan_req(struct sk_buff *msg, 4344static int nl80211_add_scan_req(struct sk_buff *msg,
@@ -3643,6 +4348,8 @@ static int nl80211_add_scan_req(struct sk_buff *msg,
3643 struct nlattr *nest; 4348 struct nlattr *nest;
3644 int i; 4349 int i;
3645 4350
4351 ASSERT_RDEV_LOCK(rdev);
4352
3646 if (WARN_ON(!req)) 4353 if (WARN_ON(!req))
3647 return 0; 4354 return 0;
3648 4355
@@ -3668,11 +4375,11 @@ static int nl80211_add_scan_req(struct sk_buff *msg,
3668 return -ENOBUFS; 4375 return -ENOBUFS;
3669} 4376}
3670 4377
3671static int nl80211_send_scan_donemsg(struct sk_buff *msg, 4378static int nl80211_send_scan_msg(struct sk_buff *msg,
3672 struct cfg80211_registered_device *rdev, 4379 struct cfg80211_registered_device *rdev,
3673 struct net_device *netdev, 4380 struct net_device *netdev,
3674 u32 pid, u32 seq, int flags, 4381 u32 pid, u32 seq, int flags,
3675 u32 cmd) 4382 u32 cmd)
3676{ 4383{
3677 void *hdr; 4384 void *hdr;
3678 4385
@@ -3693,6 +4400,25 @@ static int nl80211_send_scan_donemsg(struct sk_buff *msg,
3693 return -EMSGSIZE; 4400 return -EMSGSIZE;
3694} 4401}
3695 4402
4403void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
4404 struct net_device *netdev)
4405{
4406 struct sk_buff *msg;
4407
4408 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
4409 if (!msg)
4410 return;
4411
4412 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
4413 NL80211_CMD_TRIGGER_SCAN) < 0) {
4414 nlmsg_free(msg);
4415 return;
4416 }
4417
4418 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4419 nl80211_scan_mcgrp.id, GFP_KERNEL);
4420}
4421
3696void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 4422void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
3697 struct net_device *netdev) 4423 struct net_device *netdev)
3698{ 4424{
@@ -3702,13 +4428,14 @@ void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
3702 if (!msg) 4428 if (!msg)
3703 return; 4429 return;
3704 4430
3705 if (nl80211_send_scan_donemsg(msg, rdev, netdev, 0, 0, 0, 4431 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
3706 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 4432 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
3707 nlmsg_free(msg); 4433 nlmsg_free(msg);
3708 return; 4434 return;
3709 } 4435 }
3710 4436
3711 genlmsg_multicast(msg, 0, nl80211_scan_mcgrp.id, GFP_KERNEL); 4437 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4438 nl80211_scan_mcgrp.id, GFP_KERNEL);
3712} 4439}
3713 4440
3714void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 4441void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
@@ -3720,13 +4447,14 @@ void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
3720 if (!msg) 4447 if (!msg)
3721 return; 4448 return;
3722 4449
3723 if (nl80211_send_scan_donemsg(msg, rdev, netdev, 0, 0, 0, 4450 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
3724 NL80211_CMD_SCAN_ABORTED) < 0) { 4451 NL80211_CMD_SCAN_ABORTED) < 0) {
3725 nlmsg_free(msg); 4452 nlmsg_free(msg);
3726 return; 4453 return;
3727 } 4454 }
3728 4455
3729 genlmsg_multicast(msg, 0, nl80211_scan_mcgrp.id, GFP_KERNEL); 4456 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4457 nl80211_scan_mcgrp.id, GFP_KERNEL);
3730} 4458}
3731 4459
3732/* 4460/*
@@ -3775,7 +4503,10 @@ void nl80211_send_reg_change_event(struct regulatory_request *request)
3775 return; 4503 return;
3776 } 4504 }
3777 4505
3778 genlmsg_multicast(msg, 0, nl80211_regulatory_mcgrp.id, GFP_KERNEL); 4506 rcu_read_lock();
4507 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
4508 GFP_ATOMIC);
4509 rcu_read_unlock();
3779 4510
3780 return; 4511 return;
3781 4512
@@ -3787,12 +4518,12 @@ nla_put_failure:
3787static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 4518static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
3788 struct net_device *netdev, 4519 struct net_device *netdev,
3789 const u8 *buf, size_t len, 4520 const u8 *buf, size_t len,
3790 enum nl80211_commands cmd) 4521 enum nl80211_commands cmd, gfp_t gfp)
3791{ 4522{
3792 struct sk_buff *msg; 4523 struct sk_buff *msg;
3793 void *hdr; 4524 void *hdr;
3794 4525
3795 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 4526 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
3796 if (!msg) 4527 if (!msg)
3797 return; 4528 return;
3798 4529
@@ -3811,7 +4542,8 @@ static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
3811 return; 4542 return;
3812 } 4543 }
3813 4544
3814 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_ATOMIC); 4545 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4546 nl80211_mlme_mcgrp.id, gfp);
3815 return; 4547 return;
3816 4548
3817 nla_put_failure: 4549 nla_put_failure:
@@ -3820,42 +4552,45 @@ static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
3820} 4552}
3821 4553
3822void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 4554void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
3823 struct net_device *netdev, const u8 *buf, size_t len) 4555 struct net_device *netdev, const u8 *buf,
4556 size_t len, gfp_t gfp)
3824{ 4557{
3825 nl80211_send_mlme_event(rdev, netdev, buf, len, 4558 nl80211_send_mlme_event(rdev, netdev, buf, len,
3826 NL80211_CMD_AUTHENTICATE); 4559 NL80211_CMD_AUTHENTICATE, gfp);
3827} 4560}
3828 4561
3829void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 4562void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
3830 struct net_device *netdev, const u8 *buf, 4563 struct net_device *netdev, const u8 *buf,
3831 size_t len) 4564 size_t len, gfp_t gfp)
3832{ 4565{
3833 nl80211_send_mlme_event(rdev, netdev, buf, len, NL80211_CMD_ASSOCIATE); 4566 nl80211_send_mlme_event(rdev, netdev, buf, len,
4567 NL80211_CMD_ASSOCIATE, gfp);
3834} 4568}
3835 4569
3836void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 4570void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
3837 struct net_device *netdev, const u8 *buf, size_t len) 4571 struct net_device *netdev, const u8 *buf,
4572 size_t len, gfp_t gfp)
3838{ 4573{
3839 nl80211_send_mlme_event(rdev, netdev, buf, len, 4574 nl80211_send_mlme_event(rdev, netdev, buf, len,
3840 NL80211_CMD_DEAUTHENTICATE); 4575 NL80211_CMD_DEAUTHENTICATE, gfp);
3841} 4576}
3842 4577
3843void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 4578void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
3844 struct net_device *netdev, const u8 *buf, 4579 struct net_device *netdev, const u8 *buf,
3845 size_t len) 4580 size_t len, gfp_t gfp)
3846{ 4581{
3847 nl80211_send_mlme_event(rdev, netdev, buf, len, 4582 nl80211_send_mlme_event(rdev, netdev, buf, len,
3848 NL80211_CMD_DISASSOCIATE); 4583 NL80211_CMD_DISASSOCIATE, gfp);
3849} 4584}
3850 4585
3851static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 4586static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
3852 struct net_device *netdev, int cmd, 4587 struct net_device *netdev, int cmd,
3853 const u8 *addr) 4588 const u8 *addr, gfp_t gfp)
3854{ 4589{
3855 struct sk_buff *msg; 4590 struct sk_buff *msg;
3856 void *hdr; 4591 void *hdr;
3857 4592
3858 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 4593 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
3859 if (!msg) 4594 if (!msg)
3860 return; 4595 return;
3861 4596
@@ -3875,7 +4610,8 @@ static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
3875 return; 4610 return;
3876 } 4611 }
3877 4612
3878 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_ATOMIC); 4613 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4614 nl80211_mlme_mcgrp.id, gfp);
3879 return; 4615 return;
3880 4616
3881 nla_put_failure: 4617 nla_put_failure:
@@ -3884,16 +4620,145 @@ static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
3884} 4620}
3885 4621
3886void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 4622void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
3887 struct net_device *netdev, const u8 *addr) 4623 struct net_device *netdev, const u8 *addr,
4624 gfp_t gfp)
3888{ 4625{
3889 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 4626 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
3890 addr); 4627 addr, gfp);
3891} 4628}
3892 4629
3893void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 4630void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
3894 struct net_device *netdev, const u8 *addr) 4631 struct net_device *netdev, const u8 *addr,
4632 gfp_t gfp)
3895{ 4633{
3896 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, addr); 4634 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
4635 addr, gfp);
4636}
4637
4638void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
4639 struct net_device *netdev, const u8 *bssid,
4640 const u8 *req_ie, size_t req_ie_len,
4641 const u8 *resp_ie, size_t resp_ie_len,
4642 u16 status, gfp_t gfp)
4643{
4644 struct sk_buff *msg;
4645 void *hdr;
4646
4647 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
4648 if (!msg)
4649 return;
4650
4651 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
4652 if (!hdr) {
4653 nlmsg_free(msg);
4654 return;
4655 }
4656
4657 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
4658 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
4659 if (bssid)
4660 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
4661 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status);
4662 if (req_ie)
4663 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
4664 if (resp_ie)
4665 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
4666
4667 if (genlmsg_end(msg, hdr) < 0) {
4668 nlmsg_free(msg);
4669 return;
4670 }
4671
4672 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4673 nl80211_mlme_mcgrp.id, gfp);
4674 return;
4675
4676 nla_put_failure:
4677 genlmsg_cancel(msg, hdr);
4678 nlmsg_free(msg);
4679
4680}
4681
4682void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
4683 struct net_device *netdev, const u8 *bssid,
4684 const u8 *req_ie, size_t req_ie_len,
4685 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
4686{
4687 struct sk_buff *msg;
4688 void *hdr;
4689
4690 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
4691 if (!msg)
4692 return;
4693
4694 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
4695 if (!hdr) {
4696 nlmsg_free(msg);
4697 return;
4698 }
4699
4700 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
4701 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
4702 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
4703 if (req_ie)
4704 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
4705 if (resp_ie)
4706 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
4707
4708 if (genlmsg_end(msg, hdr) < 0) {
4709 nlmsg_free(msg);
4710 return;
4711 }
4712
4713 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4714 nl80211_mlme_mcgrp.id, gfp);
4715 return;
4716
4717 nla_put_failure:
4718 genlmsg_cancel(msg, hdr);
4719 nlmsg_free(msg);
4720
4721}
4722
4723void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
4724 struct net_device *netdev, u16 reason,
4725 const u8 *ie, size_t ie_len, bool from_ap)
4726{
4727 struct sk_buff *msg;
4728 void *hdr;
4729
4730 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
4731 if (!msg)
4732 return;
4733
4734 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
4735 if (!hdr) {
4736 nlmsg_free(msg);
4737 return;
4738 }
4739
4740 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
4741 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
4742 if (from_ap && reason)
4743 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason);
4744 if (from_ap)
4745 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP);
4746 if (ie)
4747 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie);
4748
4749 if (genlmsg_end(msg, hdr) < 0) {
4750 nlmsg_free(msg);
4751 return;
4752 }
4753
4754 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4755 nl80211_mlme_mcgrp.id, GFP_KERNEL);
4756 return;
4757
4758 nla_put_failure:
4759 genlmsg_cancel(msg, hdr);
4760 nlmsg_free(msg);
4761
3897} 4762}
3898 4763
3899void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 4764void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
@@ -3922,7 +4787,8 @@ void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
3922 return; 4787 return;
3923 } 4788 }
3924 4789
3925 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 4790 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4791 nl80211_mlme_mcgrp.id, gfp);
3926 return; 4792 return;
3927 4793
3928 nla_put_failure: 4794 nla_put_failure:
@@ -3933,12 +4799,12 @@ void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
3933void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 4799void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
3934 struct net_device *netdev, const u8 *addr, 4800 struct net_device *netdev, const u8 *addr,
3935 enum nl80211_key_type key_type, int key_id, 4801 enum nl80211_key_type key_type, int key_id,
3936 const u8 *tsc) 4802 const u8 *tsc, gfp_t gfp)
3937{ 4803{
3938 struct sk_buff *msg; 4804 struct sk_buff *msg;
3939 void *hdr; 4805 void *hdr;
3940 4806
3941 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 4807 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
3942 if (!msg) 4808 if (!msg)
3943 return; 4809 return;
3944 4810
@@ -3962,7 +4828,8 @@ void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
3962 return; 4828 return;
3963 } 4829 }
3964 4830
3965 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, GFP_ATOMIC); 4831 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
4832 nl80211_mlme_mcgrp.id, gfp);
3966 return; 4833 return;
3967 4834
3968 nla_put_failure: 4835 nla_put_failure:
@@ -4015,7 +4882,10 @@ void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
4015 return; 4882 return;
4016 } 4883 }
4017 4884
4018 genlmsg_multicast(msg, 0, nl80211_regulatory_mcgrp.id, GFP_ATOMIC); 4885 rcu_read_lock();
4886 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
4887 GFP_ATOMIC);
4888 rcu_read_unlock();
4019 4889
4020 return; 4890 return;
4021 4891
@@ -4051,6 +4921,12 @@ int nl80211_init(void)
4051 if (err) 4921 if (err)
4052 goto err_out; 4922 goto err_out;
4053 4923
4924#ifdef CONFIG_NL80211_TESTMODE
4925 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp);
4926 if (err)
4927 goto err_out;
4928#endif
4929
4054 return 0; 4930 return 0;
4055 err_out: 4931 err_out:
4056 genl_unregister_family(&nl80211_fam); 4932 genl_unregister_family(&nl80211_fam);
diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h
index 5c12ad13499b..44cc2a76a1b0 100644
--- a/net/wireless/nl80211.h
+++ b/net/wireless/nl80211.h
@@ -3,39 +3,54 @@
3 3
4#include "core.h" 4#include "core.h"
5 5
6extern int nl80211_init(void); 6int nl80211_init(void);
7extern void nl80211_exit(void); 7void nl80211_exit(void);
8extern void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev); 8void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev);
9extern void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 9void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
10 struct net_device *netdev); 10 struct net_device *netdev);
11extern void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 11void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
12 struct net_device *netdev); 12 struct net_device *netdev);
13extern void nl80211_send_reg_change_event(struct regulatory_request *request); 13void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
14extern void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 14 struct net_device *netdev);
15 struct net_device *netdev, 15void nl80211_send_reg_change_event(struct regulatory_request *request);
16 const u8 *buf, size_t len); 16void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
17extern void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 17 struct net_device *netdev,
18 struct net_device *netdev, 18 const u8 *buf, size_t len, gfp_t gfp);
19 const u8 *buf, size_t len); 19void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
20extern void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 20 struct net_device *netdev,
21 const u8 *buf, size_t len, gfp_t gfp);
22void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
23 struct net_device *netdev,
24 const u8 *buf, size_t len, gfp_t gfp);
25void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
26 struct net_device *netdev,
27 const u8 *buf, size_t len, gfp_t gfp);
28void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
29 struct net_device *netdev,
30 const u8 *addr, gfp_t gfp);
31void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
21 struct net_device *netdev, 32 struct net_device *netdev,
22 const u8 *buf, size_t len); 33 const u8 *addr, gfp_t gfp);
23extern void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 34void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
24 struct net_device *netdev, 35 struct net_device *netdev, const u8 *bssid,
25 const u8 *buf, size_t len); 36 const u8 *req_ie, size_t req_ie_len,
26extern void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 37 const u8 *resp_ie, size_t resp_ie_len,
27 struct net_device *netdev, 38 u16 status, gfp_t gfp);
28 const u8 *addr); 39void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
29extern void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 40 struct net_device *netdev, const u8 *bssid,
30 struct net_device *netdev, 41 const u8 *req_ie, size_t req_ie_len,
31 const u8 *addr); 42 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp);
32extern void 43void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
44 struct net_device *netdev, u16 reason,
45 const u8 *ie, size_t ie_len, bool from_ap);
46
47void
33nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 48nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
34 struct net_device *netdev, const u8 *addr, 49 struct net_device *netdev, const u8 *addr,
35 enum nl80211_key_type key_type, 50 enum nl80211_key_type key_type,
36 int key_id, const u8 *tsc); 51 int key_id, const u8 *tsc, gfp_t gfp);
37 52
38extern void 53void
39nl80211_send_beacon_hint_event(struct wiphy *wiphy, 54nl80211_send_beacon_hint_event(struct wiphy *wiphy,
40 struct ieee80211_channel *channel_before, 55 struct ieee80211_channel *channel_before,
41 struct ieee80211_channel *channel_after); 56 struct ieee80211_channel *channel_after);
diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index 75a406d33619..f256dfffbf46 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -62,6 +62,16 @@ const struct ieee80211_regdomain *cfg80211_regdomain;
62 */ 62 */
63static const struct ieee80211_regdomain *country_ie_regdomain; 63static const struct ieee80211_regdomain *country_ie_regdomain;
64 64
65/*
66 * Protects static reg.c components:
67 * - cfg80211_world_regdom
68 * - cfg80211_regdom
69 * - country_ie_regdomain
70 * - last_request
71 */
72DEFINE_MUTEX(reg_mutex);
73#define assert_reg_lock() WARN_ON(!mutex_is_locked(&reg_mutex))
74
65/* Used to queue up regulatory hints */ 75/* Used to queue up regulatory hints */
66static LIST_HEAD(reg_requests_list); 76static LIST_HEAD(reg_requests_list);
67static spinlock_t reg_requests_lock; 77static spinlock_t reg_requests_lock;
@@ -113,11 +123,7 @@ static const struct ieee80211_regdomain world_regdom = {
113static const struct ieee80211_regdomain *cfg80211_world_regdom = 123static const struct ieee80211_regdomain *cfg80211_world_regdom =
114 &world_regdom; 124 &world_regdom;
115 125
116#ifdef CONFIG_WIRELESS_OLD_REGULATORY
117static char *ieee80211_regdom = "US";
118#else
119static char *ieee80211_regdom = "00"; 126static char *ieee80211_regdom = "00";
120#endif
121 127
122module_param(ieee80211_regdom, charp, 0444); 128module_param(ieee80211_regdom, charp, 0444);
123MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code"); 129MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code");
@@ -1012,7 +1018,6 @@ static void handle_channel(struct wiphy *wiphy, enum ieee80211_band band,
1012 map_regdom_flags(reg_rule->flags) | bw_flags; 1018 map_regdom_flags(reg_rule->flags) | bw_flags;
1013 chan->max_antenna_gain = chan->orig_mag = 1019 chan->max_antenna_gain = chan->orig_mag =
1014 (int) MBI_TO_DBI(power_rule->max_antenna_gain); 1020 (int) MBI_TO_DBI(power_rule->max_antenna_gain);
1015 chan->max_bandwidth = KHZ_TO_MHZ(desired_bw_khz);
1016 chan->max_power = chan->orig_mpwr = 1021 chan->max_power = chan->orig_mpwr =
1017 (int) MBM_TO_DBM(power_rule->max_eirp); 1022 (int) MBM_TO_DBM(power_rule->max_eirp);
1018 return; 1023 return;
@@ -1021,7 +1026,6 @@ static void handle_channel(struct wiphy *wiphy, enum ieee80211_band band,
1021 chan->flags = flags | bw_flags | map_regdom_flags(reg_rule->flags); 1026 chan->flags = flags | bw_flags | map_regdom_flags(reg_rule->flags);
1022 chan->max_antenna_gain = min(chan->orig_mag, 1027 chan->max_antenna_gain = min(chan->orig_mag,
1023 (int) MBI_TO_DBI(power_rule->max_antenna_gain)); 1028 (int) MBI_TO_DBI(power_rule->max_antenna_gain));
1024 chan->max_bandwidth = KHZ_TO_MHZ(desired_bw_khz);
1025 if (chan->orig_mpwr) 1029 if (chan->orig_mpwr)
1026 chan->max_power = min(chan->orig_mpwr, 1030 chan->max_power = min(chan->orig_mpwr,
1027 (int) MBM_TO_DBM(power_rule->max_eirp)); 1031 (int) MBM_TO_DBM(power_rule->max_eirp));
@@ -1061,10 +1065,10 @@ static bool ignore_reg_update(struct wiphy *wiphy,
1061 1065
1062static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator) 1066static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator)
1063{ 1067{
1064 struct cfg80211_registered_device *drv; 1068 struct cfg80211_registered_device *rdev;
1065 1069
1066 list_for_each_entry(drv, &cfg80211_drv_list, list) 1070 list_for_each_entry(rdev, &cfg80211_rdev_list, list)
1067 wiphy_update_regulatory(&drv->wiphy, initiator); 1071 wiphy_update_regulatory(&rdev->wiphy, initiator);
1068} 1072}
1069 1073
1070static void handle_reg_beacon(struct wiphy *wiphy, 1074static void handle_reg_beacon(struct wiphy *wiphy,
@@ -1298,7 +1302,7 @@ static void handle_channel_custom(struct wiphy *wiphy,
1298 struct ieee80211_supported_band *sband; 1302 struct ieee80211_supported_band *sband;
1299 struct ieee80211_channel *chan; 1303 struct ieee80211_channel *chan;
1300 1304
1301 assert_cfg80211_lock(); 1305 assert_reg_lock();
1302 1306
1303 sband = wiphy->bands[band]; 1307 sband = wiphy->bands[band];
1304 BUG_ON(chan_idx >= sband->n_channels); 1308 BUG_ON(chan_idx >= sband->n_channels);
@@ -1323,7 +1327,6 @@ static void handle_channel_custom(struct wiphy *wiphy,
1323 1327
1324 chan->flags |= map_regdom_flags(reg_rule->flags) | bw_flags; 1328 chan->flags |= map_regdom_flags(reg_rule->flags) | bw_flags;
1325 chan->max_antenna_gain = (int) MBI_TO_DBI(power_rule->max_antenna_gain); 1329 chan->max_antenna_gain = (int) MBI_TO_DBI(power_rule->max_antenna_gain);
1326 chan->max_bandwidth = KHZ_TO_MHZ(desired_bw_khz);
1327 chan->max_power = (int) MBM_TO_DBM(power_rule->max_eirp); 1330 chan->max_power = (int) MBM_TO_DBM(power_rule->max_eirp);
1328} 1331}
1329 1332
@@ -1347,14 +1350,14 @@ void wiphy_apply_custom_regulatory(struct wiphy *wiphy,
1347 enum ieee80211_band band; 1350 enum ieee80211_band band;
1348 unsigned int bands_set = 0; 1351 unsigned int bands_set = 0;
1349 1352
1350 mutex_lock(&cfg80211_mutex); 1353 mutex_lock(&reg_mutex);
1351 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1354 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1352 if (!wiphy->bands[band]) 1355 if (!wiphy->bands[band])
1353 continue; 1356 continue;
1354 handle_band_custom(wiphy, band, regd); 1357 handle_band_custom(wiphy, band, regd);
1355 bands_set++; 1358 bands_set++;
1356 } 1359 }
1357 mutex_unlock(&cfg80211_mutex); 1360 mutex_unlock(&reg_mutex);
1358 1361
1359 /* 1362 /*
1360 * no point in calling this if it won't have any effect 1363 * no point in calling this if it won't have any effect
@@ -1421,7 +1424,7 @@ static int ignore_request(struct wiphy *wiphy,
1421 if (last_wiphy != wiphy) { 1424 if (last_wiphy != wiphy) {
1422 /* 1425 /*
1423 * Two cards with two APs claiming different 1426 * Two cards with two APs claiming different
1424 * different Country IE alpha2s. We could 1427 * Country IE alpha2s. We could
1425 * intersect them, but that seems unlikely 1428 * intersect them, but that seems unlikely
1426 * to be correct. Reject second one for now. 1429 * to be correct. Reject second one for now.
1427 */ 1430 */
@@ -1500,7 +1503,7 @@ static int ignore_request(struct wiphy *wiphy,
1500 * Returns zero if all went fine, %-EALREADY if a regulatory domain had 1503 * Returns zero if all went fine, %-EALREADY if a regulatory domain had
1501 * already been set or other standard error codes. 1504 * already been set or other standard error codes.
1502 * 1505 *
1503 * Caller must hold &cfg80211_mutex 1506 * Caller must hold &cfg80211_mutex and &reg_mutex
1504 */ 1507 */
1505static int __regulatory_hint(struct wiphy *wiphy, 1508static int __regulatory_hint(struct wiphy *wiphy,
1506 struct regulatory_request *pending_request) 1509 struct regulatory_request *pending_request)
@@ -1575,6 +1578,7 @@ static void reg_process_hint(struct regulatory_request *reg_request)
1575 BUG_ON(!reg_request->alpha2); 1578 BUG_ON(!reg_request->alpha2);
1576 1579
1577 mutex_lock(&cfg80211_mutex); 1580 mutex_lock(&cfg80211_mutex);
1581 mutex_lock(&reg_mutex);
1578 1582
1579 if (wiphy_idx_valid(reg_request->wiphy_idx)) 1583 if (wiphy_idx_valid(reg_request->wiphy_idx))
1580 wiphy = wiphy_idx_to_wiphy(reg_request->wiphy_idx); 1584 wiphy = wiphy_idx_to_wiphy(reg_request->wiphy_idx);
@@ -1590,6 +1594,7 @@ static void reg_process_hint(struct regulatory_request *reg_request)
1590 if (r == -EALREADY && wiphy && wiphy->strict_regulatory) 1594 if (r == -EALREADY && wiphy && wiphy->strict_regulatory)
1591 wiphy_update_regulatory(wiphy, reg_request->initiator); 1595 wiphy_update_regulatory(wiphy, reg_request->initiator);
1592out: 1596out:
1597 mutex_unlock(&reg_mutex);
1593 mutex_unlock(&cfg80211_mutex); 1598 mutex_unlock(&cfg80211_mutex);
1594} 1599}
1595 1600
@@ -1615,9 +1620,13 @@ static void reg_process_pending_hints(void)
1615/* Processes beacon hints -- this has nothing to do with country IEs */ 1620/* Processes beacon hints -- this has nothing to do with country IEs */
1616static void reg_process_pending_beacon_hints(void) 1621static void reg_process_pending_beacon_hints(void)
1617{ 1622{
1618 struct cfg80211_registered_device *drv; 1623 struct cfg80211_registered_device *rdev;
1619 struct reg_beacon *pending_beacon, *tmp; 1624 struct reg_beacon *pending_beacon, *tmp;
1620 1625
1626 /*
1627 * No need to hold the reg_mutex here as we just touch wiphys
1628 * and do not read or access regulatory variables.
1629 */
1621 mutex_lock(&cfg80211_mutex); 1630 mutex_lock(&cfg80211_mutex);
1622 1631
1623 /* This goes through the _pending_ beacon list */ 1632 /* This goes through the _pending_ beacon list */
@@ -1634,8 +1643,8 @@ static void reg_process_pending_beacon_hints(void)
1634 list_del_init(&pending_beacon->list); 1643 list_del_init(&pending_beacon->list);
1635 1644
1636 /* Applies the beacon hint to current wiphys */ 1645 /* Applies the beacon hint to current wiphys */
1637 list_for_each_entry(drv, &cfg80211_drv_list, list) 1646 list_for_each_entry(rdev, &cfg80211_rdev_list, list)
1638 wiphy_update_new_beacon(&drv->wiphy, pending_beacon); 1647 wiphy_update_new_beacon(&rdev->wiphy, pending_beacon);
1639 1648
1640 /* Remembers the beacon hint for new wiphys or reg changes */ 1649 /* Remembers the beacon hint for new wiphys or reg changes */
1641 list_add_tail(&pending_beacon->list, &reg_beacon_list); 1650 list_add_tail(&pending_beacon->list, &reg_beacon_list);
@@ -1739,12 +1748,13 @@ int regulatory_hint(struct wiphy *wiphy, const char *alpha2)
1739} 1748}
1740EXPORT_SYMBOL(regulatory_hint); 1749EXPORT_SYMBOL(regulatory_hint);
1741 1750
1751/* Caller must hold reg_mutex */
1742static bool reg_same_country_ie_hint(struct wiphy *wiphy, 1752static bool reg_same_country_ie_hint(struct wiphy *wiphy,
1743 u32 country_ie_checksum) 1753 u32 country_ie_checksum)
1744{ 1754{
1745 struct wiphy *request_wiphy; 1755 struct wiphy *request_wiphy;
1746 1756
1747 assert_cfg80211_lock(); 1757 assert_reg_lock();
1748 1758
1749 if (unlikely(last_request->initiator != 1759 if (unlikely(last_request->initiator !=
1750 NL80211_REGDOM_SET_BY_COUNTRY_IE)) 1760 NL80211_REGDOM_SET_BY_COUNTRY_IE))
@@ -1767,6 +1777,10 @@ static bool reg_same_country_ie_hint(struct wiphy *wiphy,
1767 return false; 1777 return false;
1768} 1778}
1769 1779
1780/*
1781 * We hold wdev_lock() here so we cannot hold cfg80211_mutex() and
1782 * therefore cannot iterate over the rdev list here.
1783 */
1770void regulatory_hint_11d(struct wiphy *wiphy, 1784void regulatory_hint_11d(struct wiphy *wiphy,
1771 u8 *country_ie, 1785 u8 *country_ie,
1772 u8 country_ie_len) 1786 u8 country_ie_len)
@@ -1777,12 +1791,10 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1777 enum environment_cap env = ENVIRON_ANY; 1791 enum environment_cap env = ENVIRON_ANY;
1778 struct regulatory_request *request; 1792 struct regulatory_request *request;
1779 1793
1780 mutex_lock(&cfg80211_mutex); 1794 mutex_lock(&reg_mutex);
1781 1795
1782 if (unlikely(!last_request)) { 1796 if (unlikely(!last_request))
1783 mutex_unlock(&cfg80211_mutex); 1797 goto out;
1784 return;
1785 }
1786 1798
1787 /* IE len must be evenly divisible by 2 */ 1799 /* IE len must be evenly divisible by 2 */
1788 if (country_ie_len & 0x01) 1800 if (country_ie_len & 0x01)
@@ -1808,54 +1820,14 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1808 env = ENVIRON_OUTDOOR; 1820 env = ENVIRON_OUTDOOR;
1809 1821
1810 /* 1822 /*
1811 * We will run this for *every* beacon processed for the BSSID, so 1823 * We will run this only upon a successful connection on cfg80211.
1812 * we optimize an early check to exit out early if we don't have to 1824 * We leave conflict resolution to the workqueue, where can hold
1813 * do anything 1825 * cfg80211_mutex.
1814 */ 1826 */
1815 if (likely(last_request->initiator == 1827 if (likely(last_request->initiator ==
1816 NL80211_REGDOM_SET_BY_COUNTRY_IE && 1828 NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1817 wiphy_idx_valid(last_request->wiphy_idx))) { 1829 wiphy_idx_valid(last_request->wiphy_idx)))
1818 struct cfg80211_registered_device *drv_last_ie; 1830 goto out;
1819
1820 drv_last_ie =
1821 cfg80211_drv_by_wiphy_idx(last_request->wiphy_idx);
1822
1823 /*
1824 * Lets keep this simple -- we trust the first AP
1825 * after we intersect with CRDA
1826 */
1827 if (likely(&drv_last_ie->wiphy == wiphy)) {
1828 /*
1829 * Ignore IEs coming in on this wiphy with
1830 * the same alpha2 and environment cap
1831 */
1832 if (likely(alpha2_equal(drv_last_ie->country_ie_alpha2,
1833 alpha2) &&
1834 env == drv_last_ie->env)) {
1835 goto out;
1836 }
1837 /*
1838 * the wiphy moved on to another BSSID or the AP
1839 * was reconfigured. XXX: We need to deal with the
1840 * case where the user suspends and goes to goes
1841 * to another country, and then gets IEs from an
1842 * AP with different settings
1843 */
1844 goto out;
1845 } else {
1846 /*
1847 * Ignore IEs coming in on two separate wiphys with
1848 * the same alpha2 and environment cap
1849 */
1850 if (likely(alpha2_equal(drv_last_ie->country_ie_alpha2,
1851 alpha2) &&
1852 env == drv_last_ie->env)) {
1853 goto out;
1854 }
1855 /* We could potentially intersect though */
1856 goto out;
1857 }
1858 }
1859 1831
1860 rd = country_ie_2_rd(country_ie, country_ie_len, &checksum); 1832 rd = country_ie_2_rd(country_ie, country_ie_len, &checksum);
1861 if (!rd) 1833 if (!rd)
@@ -1890,7 +1862,7 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1890 request->country_ie_checksum = checksum; 1862 request->country_ie_checksum = checksum;
1891 request->country_ie_env = env; 1863 request->country_ie_env = env;
1892 1864
1893 mutex_unlock(&cfg80211_mutex); 1865 mutex_unlock(&reg_mutex);
1894 1866
1895 queue_regulatory_request(request); 1867 queue_regulatory_request(request);
1896 1868
@@ -1899,9 +1871,8 @@ void regulatory_hint_11d(struct wiphy *wiphy,
1899free_rd_out: 1871free_rd_out:
1900 kfree(rd); 1872 kfree(rd);
1901out: 1873out:
1902 mutex_unlock(&cfg80211_mutex); 1874 mutex_unlock(&reg_mutex);
1903} 1875}
1904EXPORT_SYMBOL(regulatory_hint_11d);
1905 1876
1906static bool freq_is_chan_12_13_14(u16 freq) 1877static bool freq_is_chan_12_13_14(u16 freq)
1907{ 1878{
@@ -1996,14 +1967,14 @@ static void print_regdomain(const struct ieee80211_regdomain *rd)
1996 1967
1997 if (last_request->initiator == 1968 if (last_request->initiator ==
1998 NL80211_REGDOM_SET_BY_COUNTRY_IE) { 1969 NL80211_REGDOM_SET_BY_COUNTRY_IE) {
1999 struct cfg80211_registered_device *drv; 1970 struct cfg80211_registered_device *rdev;
2000 drv = cfg80211_drv_by_wiphy_idx( 1971 rdev = cfg80211_rdev_by_wiphy_idx(
2001 last_request->wiphy_idx); 1972 last_request->wiphy_idx);
2002 if (drv) { 1973 if (rdev) {
2003 printk(KERN_INFO "cfg80211: Current regulatory " 1974 printk(KERN_INFO "cfg80211: Current regulatory "
2004 "domain updated by AP to: %c%c\n", 1975 "domain updated by AP to: %c%c\n",
2005 drv->country_ie_alpha2[0], 1976 rdev->country_ie_alpha2[0],
2006 drv->country_ie_alpha2[1]); 1977 rdev->country_ie_alpha2[1]);
2007 } else 1978 } else
2008 printk(KERN_INFO "cfg80211: Current regulatory " 1979 printk(KERN_INFO "cfg80211: Current regulatory "
2009 "domain intersected: \n"); 1980 "domain intersected: \n");
@@ -2064,7 +2035,7 @@ static inline void reg_country_ie_process_debug(
2064static int __set_regdom(const struct ieee80211_regdomain *rd) 2035static int __set_regdom(const struct ieee80211_regdomain *rd)
2065{ 2036{
2066 const struct ieee80211_regdomain *intersected_rd = NULL; 2037 const struct ieee80211_regdomain *intersected_rd = NULL;
2067 struct cfg80211_registered_device *drv = NULL; 2038 struct cfg80211_registered_device *rdev = NULL;
2068 struct wiphy *request_wiphy; 2039 struct wiphy *request_wiphy;
2069 /* Some basic sanity checks first */ 2040 /* Some basic sanity checks first */
2070 2041
@@ -2203,11 +2174,11 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2203 if (!intersected_rd) 2174 if (!intersected_rd)
2204 return -EINVAL; 2175 return -EINVAL;
2205 2176
2206 drv = wiphy_to_dev(request_wiphy); 2177 rdev = wiphy_to_dev(request_wiphy);
2207 2178
2208 drv->country_ie_alpha2[0] = rd->alpha2[0]; 2179 rdev->country_ie_alpha2[0] = rd->alpha2[0];
2209 drv->country_ie_alpha2[1] = rd->alpha2[1]; 2180 rdev->country_ie_alpha2[1] = rd->alpha2[1];
2210 drv->env = last_request->country_ie_env; 2181 rdev->env = last_request->country_ie_env;
2211 2182
2212 BUG_ON(intersected_rd == rd); 2183 BUG_ON(intersected_rd == rd);
2213 2184
@@ -2232,10 +2203,13 @@ int set_regdom(const struct ieee80211_regdomain *rd)
2232 2203
2233 assert_cfg80211_lock(); 2204 assert_cfg80211_lock();
2234 2205
2206 mutex_lock(&reg_mutex);
2207
2235 /* Note that this doesn't update the wiphys, this is done below */ 2208 /* Note that this doesn't update the wiphys, this is done below */
2236 r = __set_regdom(rd); 2209 r = __set_regdom(rd);
2237 if (r) { 2210 if (r) {
2238 kfree(rd); 2211 kfree(rd);
2212 mutex_unlock(&reg_mutex);
2239 return r; 2213 return r;
2240 } 2214 }
2241 2215
@@ -2250,6 +2224,8 @@ int set_regdom(const struct ieee80211_regdomain *rd)
2250 2224
2251 nl80211_send_reg_change_event(last_request); 2225 nl80211_send_reg_change_event(last_request);
2252 2226
2227 mutex_unlock(&reg_mutex);
2228
2253 return r; 2229 return r;
2254} 2230}
2255 2231
@@ -2260,16 +2236,20 @@ void reg_device_remove(struct wiphy *wiphy)
2260 2236
2261 assert_cfg80211_lock(); 2237 assert_cfg80211_lock();
2262 2238
2239 mutex_lock(&reg_mutex);
2240
2263 kfree(wiphy->regd); 2241 kfree(wiphy->regd);
2264 2242
2265 if (last_request) 2243 if (last_request)
2266 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 2244 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
2267 2245
2268 if (!request_wiphy || request_wiphy != wiphy) 2246 if (!request_wiphy || request_wiphy != wiphy)
2269 return; 2247 goto out;
2270 2248
2271 last_request->wiphy_idx = WIPHY_IDX_STALE; 2249 last_request->wiphy_idx = WIPHY_IDX_STALE;
2272 last_request->country_ie_env = ENVIRON_ANY; 2250 last_request->country_ie_env = ENVIRON_ANY;
2251out:
2252 mutex_unlock(&reg_mutex);
2273} 2253}
2274 2254
2275int regulatory_init(void) 2255int regulatory_init(void)
@@ -2288,22 +2268,12 @@ int regulatory_init(void)
2288 2268
2289 printk(KERN_INFO "cfg80211: Using static regulatory domain info\n"); 2269 printk(KERN_INFO "cfg80211: Using static regulatory domain info\n");
2290 print_regdomain_info(cfg80211_regdomain); 2270 print_regdomain_info(cfg80211_regdomain);
2291 /*
2292 * The old code still requests for a new regdomain and if
2293 * you have CRDA you get it updated, otherwise you get
2294 * stuck with the static values. Since "EU" is not a valid
2295 * ISO / IEC 3166 alpha2 code we can't expect userpace to
2296 * give us a regulatory domain for it. We need last_request
2297 * iniitalized though so lets just send a request which we
2298 * know will be ignored... this crap will be removed once
2299 * OLD_REG dies.
2300 */
2301 err = regulatory_hint_core(ieee80211_regdom);
2302#else 2271#else
2303 cfg80211_regdomain = cfg80211_world_regdom; 2272 cfg80211_regdomain = cfg80211_world_regdom;
2304 2273
2305 err = regulatory_hint_core(ieee80211_regdom);
2306#endif 2274#endif
2275 /* We always try to get an update for the static regdomain */
2276 err = regulatory_hint_core(cfg80211_regdomain->alpha2);
2307 if (err) { 2277 if (err) {
2308 if (err == -ENOMEM) 2278 if (err == -ENOMEM)
2309 return err; 2279 return err;
@@ -2322,6 +2292,13 @@ int regulatory_init(void)
2322#endif 2292#endif
2323 } 2293 }
2324 2294
2295 /*
2296 * Finally, if the user set the module parameter treat it
2297 * as a user hint.
2298 */
2299 if (!is_world_regdom(ieee80211_regdom))
2300 regulatory_hint_user(ieee80211_regdom);
2301
2325 return 0; 2302 return 0;
2326} 2303}
2327 2304
@@ -2333,6 +2310,7 @@ void regulatory_exit(void)
2333 cancel_work_sync(&reg_work); 2310 cancel_work_sync(&reg_work);
2334 2311
2335 mutex_lock(&cfg80211_mutex); 2312 mutex_lock(&cfg80211_mutex);
2313 mutex_lock(&reg_mutex);
2336 2314
2337 reset_regdomains(); 2315 reset_regdomains();
2338 2316
@@ -2371,5 +2349,6 @@ void regulatory_exit(void)
2371 } 2349 }
2372 spin_unlock(&reg_requests_lock); 2350 spin_unlock(&reg_requests_lock);
2373 2351
2352 mutex_unlock(&reg_mutex);
2374 mutex_unlock(&cfg80211_mutex); 2353 mutex_unlock(&cfg80211_mutex);
2375} 2354}
diff --git a/net/wireless/reg.h b/net/wireless/reg.h
index 4e167a8e11be..3362c7c069b2 100644
--- a/net/wireless/reg.h
+++ b/net/wireless/reg.h
@@ -37,4 +37,19 @@ int regulatory_hint_found_beacon(struct wiphy *wiphy,
37 struct ieee80211_channel *beacon_chan, 37 struct ieee80211_channel *beacon_chan,
38 gfp_t gfp); 38 gfp_t gfp);
39 39
40/**
41 * regulatory_hint_11d - hints a country IE as a regulatory domain
42 * @wiphy: the wireless device giving the hint (used only for reporting
43 * conflicts)
44 * @country_ie: pointer to the country IE
45 * @country_ie_len: length of the country IE
46 *
47 * We will intersect the rd with the what CRDA tells us should apply
48 * for the alpha2 this country IE belongs to, this prevents APs from
49 * sending us incorrect or outdated information against a country.
50 */
51void regulatory_hint_11d(struct wiphy *wiphy,
52 u8 *country_ie,
53 u8 country_ie_len);
54
40#endif /* __NET_WIRELESS_REG_H */ 55#endif /* __NET_WIRELESS_REG_H */
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index 7e595ce24eeb..fe575a24c95c 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -14,29 +14,36 @@
14#include <net/iw_handler.h> 14#include <net/iw_handler.h>
15#include "core.h" 15#include "core.h"
16#include "nl80211.h" 16#include "nl80211.h"
17#include "wext-compat.h"
17 18
18#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ) 19#define IEEE80211_SCAN_RESULT_EXPIRE (15 * HZ)
19 20
20void cfg80211_scan_done(struct cfg80211_scan_request *request, bool aborted) 21void ___cfg80211_scan_done(struct cfg80211_registered_device *rdev)
21{ 22{
23 struct cfg80211_scan_request *request;
22 struct net_device *dev; 24 struct net_device *dev;
23#ifdef CONFIG_WIRELESS_EXT 25#ifdef CONFIG_WIRELESS_EXT
24 union iwreq_data wrqu; 26 union iwreq_data wrqu;
25#endif 27#endif
26 28
27 dev = dev_get_by_index(&init_net, request->ifidx); 29 request = rdev->scan_req;
28 if (!dev)
29 goto out;
30 30
31 WARN_ON(request != wiphy_to_dev(request->wiphy)->scan_req); 31 dev = request->dev;
32
33 /*
34 * This must be before sending the other events!
35 * Otherwise, wpa_supplicant gets completely confused with
36 * wext events.
37 */
38 cfg80211_sme_scan_done(dev);
32 39
33 if (aborted) 40 if (request->aborted)
34 nl80211_send_scan_aborted(wiphy_to_dev(request->wiphy), dev); 41 nl80211_send_scan_aborted(rdev, dev);
35 else 42 else
36 nl80211_send_scan_done(wiphy_to_dev(request->wiphy), dev); 43 nl80211_send_scan_done(rdev, dev);
37 44
38#ifdef CONFIG_WIRELESS_EXT 45#ifdef CONFIG_WIRELESS_EXT
39 if (!aborted) { 46 if (!request->aborted) {
40 memset(&wrqu, 0, sizeof(wrqu)); 47 memset(&wrqu, 0, sizeof(wrqu));
41 48
42 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL); 49 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
@@ -45,10 +52,29 @@ void cfg80211_scan_done(struct cfg80211_scan_request *request, bool aborted)
45 52
46 dev_put(dev); 53 dev_put(dev);
47 54
48 out: 55 rdev->scan_req = NULL;
49 wiphy_to_dev(request->wiphy)->scan_req = NULL;
50 kfree(request); 56 kfree(request);
51} 57}
58
59void __cfg80211_scan_done(struct work_struct *wk)
60{
61 struct cfg80211_registered_device *rdev;
62
63 rdev = container_of(wk, struct cfg80211_registered_device,
64 scan_done_wk);
65
66 cfg80211_lock_rdev(rdev);
67 ___cfg80211_scan_done(rdev);
68 cfg80211_unlock_rdev(rdev);
69}
70
71void cfg80211_scan_done(struct cfg80211_scan_request *request, bool aborted)
72{
73 WARN_ON(request != wiphy_to_dev(request->wiphy)->scan_req);
74
75 request->aborted = aborted;
76 schedule_work(&wiphy_to_dev(request->wiphy)->scan_done_wk);
77}
52EXPORT_SYMBOL(cfg80211_scan_done); 78EXPORT_SYMBOL(cfg80211_scan_done);
53 79
54static void bss_release(struct kref *ref) 80static void bss_release(struct kref *ref)
@@ -62,6 +88,8 @@ static void bss_release(struct kref *ref)
62 if (bss->ies_allocated) 88 if (bss->ies_allocated)
63 kfree(bss->pub.information_elements); 89 kfree(bss->pub.information_elements);
64 90
91 BUG_ON(atomic_read(&bss->hold));
92
65 kfree(bss); 93 kfree(bss);
66} 94}
67 95
@@ -84,8 +112,9 @@ void cfg80211_bss_expire(struct cfg80211_registered_device *dev)
84 bool expired = false; 112 bool expired = false;
85 113
86 list_for_each_entry_safe(bss, tmp, &dev->bss_list, list) { 114 list_for_each_entry_safe(bss, tmp, &dev->bss_list, list) {
87 if (bss->hold || 115 if (atomic_read(&bss->hold))
88 !time_after(jiffies, bss->ts + IEEE80211_SCAN_RESULT_EXPIRE)) 116 continue;
117 if (!time_after(jiffies, bss->ts + IEEE80211_SCAN_RESULT_EXPIRE))
89 continue; 118 continue;
90 list_del(&bss->list); 119 list_del(&bss->list);
91 rb_erase(&bss->rbn, &dev->bss_tree); 120 rb_erase(&bss->rbn, &dev->bss_tree);
@@ -539,6 +568,7 @@ void cfg80211_unlink_bss(struct wiphy *wiphy, struct cfg80211_bss *pub)
539 spin_lock_bh(&dev->bss_lock); 568 spin_lock_bh(&dev->bss_lock);
540 569
541 list_del(&bss->list); 570 list_del(&bss->list);
571 dev->bss_generation++;
542 rb_erase(&bss->rbn, &dev->bss_tree); 572 rb_erase(&bss->rbn, &dev->bss_tree);
543 573
544 spin_unlock_bh(&dev->bss_lock); 574 spin_unlock_bh(&dev->bss_lock);
@@ -547,30 +577,6 @@ void cfg80211_unlink_bss(struct wiphy *wiphy, struct cfg80211_bss *pub)
547} 577}
548EXPORT_SYMBOL(cfg80211_unlink_bss); 578EXPORT_SYMBOL(cfg80211_unlink_bss);
549 579
550void cfg80211_hold_bss(struct cfg80211_bss *pub)
551{
552 struct cfg80211_internal_bss *bss;
553
554 if (!pub)
555 return;
556
557 bss = container_of(pub, struct cfg80211_internal_bss, pub);
558 bss->hold = true;
559}
560EXPORT_SYMBOL(cfg80211_hold_bss);
561
562void cfg80211_unhold_bss(struct cfg80211_bss *pub)
563{
564 struct cfg80211_internal_bss *bss;
565
566 if (!pub)
567 return;
568
569 bss = container_of(pub, struct cfg80211_internal_bss, pub);
570 bss->hold = false;
571}
572EXPORT_SYMBOL(cfg80211_unhold_bss);
573
574#ifdef CONFIG_WIRELESS_EXT 580#ifdef CONFIG_WIRELESS_EXT
575int cfg80211_wext_siwscan(struct net_device *dev, 581int cfg80211_wext_siwscan(struct net_device *dev,
576 struct iw_request_info *info, 582 struct iw_request_info *info,
@@ -586,7 +592,7 @@ int cfg80211_wext_siwscan(struct net_device *dev,
586 if (!netif_running(dev)) 592 if (!netif_running(dev))
587 return -ENETDOWN; 593 return -ENETDOWN;
588 594
589 rdev = cfg80211_get_dev_from_ifindex(dev->ifindex); 595 rdev = cfg80211_get_dev_from_ifindex(dev_net(dev), dev->ifindex);
590 596
591 if (IS_ERR(rdev)) 597 if (IS_ERR(rdev))
592 return PTR_ERR(rdev); 598 return PTR_ERR(rdev);
@@ -611,9 +617,9 @@ int cfg80211_wext_siwscan(struct net_device *dev,
611 } 617 }
612 618
613 creq->wiphy = wiphy; 619 creq->wiphy = wiphy;
614 creq->ifidx = dev->ifindex; 620 creq->dev = dev;
615 creq->ssids = (void *)(creq + 1); 621 /* SSIDs come after channels */
616 creq->channels = (void *)(creq->ssids + 1); 622 creq->ssids = (void *)&creq->channels[n_channels];
617 creq->n_channels = n_channels; 623 creq->n_channels = n_channels;
618 creq->n_ssids = 1; 624 creq->n_ssids = 1;
619 625
@@ -648,9 +654,12 @@ int cfg80211_wext_siwscan(struct net_device *dev,
648 if (err) { 654 if (err) {
649 rdev->scan_req = NULL; 655 rdev->scan_req = NULL;
650 kfree(creq); 656 kfree(creq);
657 } else {
658 nl80211_send_scan_start(rdev, dev);
659 dev_hold(dev);
651 } 660 }
652 out: 661 out:
653 cfg80211_put_dev(rdev); 662 cfg80211_unlock_rdev(rdev);
654 return err; 663 return err;
655} 664}
656EXPORT_SYMBOL_GPL(cfg80211_wext_siwscan); 665EXPORT_SYMBOL_GPL(cfg80211_wext_siwscan);
@@ -941,7 +950,7 @@ int cfg80211_wext_giwscan(struct net_device *dev,
941 if (!netif_running(dev)) 950 if (!netif_running(dev))
942 return -ENETDOWN; 951 return -ENETDOWN;
943 952
944 rdev = cfg80211_get_dev_from_ifindex(dev->ifindex); 953 rdev = cfg80211_get_dev_from_ifindex(dev_net(dev), dev->ifindex);
945 954
946 if (IS_ERR(rdev)) 955 if (IS_ERR(rdev))
947 return PTR_ERR(rdev); 956 return PTR_ERR(rdev);
@@ -959,7 +968,7 @@ int cfg80211_wext_giwscan(struct net_device *dev,
959 } 968 }
960 969
961 out: 970 out:
962 cfg80211_put_dev(rdev); 971 cfg80211_unlock_rdev(rdev);
963 return res; 972 return res;
964} 973}
965EXPORT_SYMBOL_GPL(cfg80211_wext_giwscan); 974EXPORT_SYMBOL_GPL(cfg80211_wext_giwscan);
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
new file mode 100644
index 000000000000..8e2ef54ea714
--- /dev/null
+++ b/net/wireless/sme.c
@@ -0,0 +1,932 @@
1/*
2 * SME code for cfg80211's connect emulation.
3 *
4 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright (C) 2009 Intel Corporation. All rights reserved.
6 */
7
8#include <linux/etherdevice.h>
9#include <linux/if_arp.h>
10#include <linux/workqueue.h>
11#include <linux/wireless.h>
12#include <net/iw_handler.h>
13#include <net/cfg80211.h>
14#include <net/rtnetlink.h>
15#include "nl80211.h"
16#include "reg.h"
17
18struct cfg80211_conn {
19 struct cfg80211_connect_params params;
20 /* these are sub-states of the _CONNECTING sme_state */
21 enum {
22 CFG80211_CONN_IDLE,
23 CFG80211_CONN_SCANNING,
24 CFG80211_CONN_SCAN_AGAIN,
25 CFG80211_CONN_AUTHENTICATE_NEXT,
26 CFG80211_CONN_AUTHENTICATING,
27 CFG80211_CONN_ASSOCIATE_NEXT,
28 CFG80211_CONN_ASSOCIATING,
29 } state;
30 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
31 u8 *ie;
32 size_t ie_len;
33 bool auto_auth, prev_bssid_valid;
34};
35
36
37static int cfg80211_conn_scan(struct wireless_dev *wdev)
38{
39 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
40 struct cfg80211_scan_request *request;
41 int n_channels, err;
42
43 ASSERT_RTNL();
44 ASSERT_RDEV_LOCK(rdev);
45 ASSERT_WDEV_LOCK(wdev);
46
47 if (rdev->scan_req)
48 return -EBUSY;
49
50 if (wdev->conn->params.channel) {
51 n_channels = 1;
52 } else {
53 enum ieee80211_band band;
54 n_channels = 0;
55
56 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
57 if (!wdev->wiphy->bands[band])
58 continue;
59 n_channels += wdev->wiphy->bands[band]->n_channels;
60 }
61 }
62 request = kzalloc(sizeof(*request) + sizeof(request->ssids[0]) +
63 sizeof(request->channels[0]) * n_channels,
64 GFP_KERNEL);
65 if (!request)
66 return -ENOMEM;
67
68 if (wdev->conn->params.channel)
69 request->channels[0] = wdev->conn->params.channel;
70 else {
71 int i = 0, j;
72 enum ieee80211_band band;
73
74 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
75 if (!wdev->wiphy->bands[band])
76 continue;
77 for (j = 0; j < wdev->wiphy->bands[band]->n_channels;
78 i++, j++)
79 request->channels[i] =
80 &wdev->wiphy->bands[band]->channels[j];
81 }
82 }
83 request->n_channels = n_channels;
84 request->ssids = (void *)&request->channels[n_channels];
85 request->n_ssids = 1;
86
87 memcpy(request->ssids[0].ssid, wdev->conn->params.ssid,
88 wdev->conn->params.ssid_len);
89 request->ssids[0].ssid_len = wdev->conn->params.ssid_len;
90
91 request->dev = wdev->netdev;
92 request->wiphy = &rdev->wiphy;
93
94 rdev->scan_req = request;
95
96 err = rdev->ops->scan(wdev->wiphy, wdev->netdev, request);
97 if (!err) {
98 wdev->conn->state = CFG80211_CONN_SCANNING;
99 nl80211_send_scan_start(rdev, wdev->netdev);
100 dev_hold(wdev->netdev);
101 } else {
102 rdev->scan_req = NULL;
103 kfree(request);
104 }
105 return err;
106}
107
108static int cfg80211_conn_do_work(struct wireless_dev *wdev)
109{
110 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
111 struct cfg80211_connect_params *params;
112 const u8 *prev_bssid = NULL;
113 int err;
114
115 ASSERT_WDEV_LOCK(wdev);
116
117 if (!wdev->conn)
118 return 0;
119
120 params = &wdev->conn->params;
121
122 switch (wdev->conn->state) {
123 case CFG80211_CONN_SCAN_AGAIN:
124 return cfg80211_conn_scan(wdev);
125 case CFG80211_CONN_AUTHENTICATE_NEXT:
126 BUG_ON(!rdev->ops->auth);
127 wdev->conn->state = CFG80211_CONN_AUTHENTICATING;
128 return __cfg80211_mlme_auth(rdev, wdev->netdev,
129 params->channel, params->auth_type,
130 params->bssid,
131 params->ssid, params->ssid_len,
132 NULL, 0,
133 params->key, params->key_len,
134 params->key_idx);
135 case CFG80211_CONN_ASSOCIATE_NEXT:
136 BUG_ON(!rdev->ops->assoc);
137 wdev->conn->state = CFG80211_CONN_ASSOCIATING;
138 if (wdev->conn->prev_bssid_valid)
139 prev_bssid = wdev->conn->prev_bssid;
140 err = __cfg80211_mlme_assoc(rdev, wdev->netdev,
141 params->channel, params->bssid,
142 prev_bssid,
143 params->ssid, params->ssid_len,
144 params->ie, params->ie_len,
145 false, &params->crypto);
146 if (err)
147 __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
148 NULL, 0,
149 WLAN_REASON_DEAUTH_LEAVING);
150 return err;
151 default:
152 return 0;
153 }
154}
155
156void cfg80211_conn_work(struct work_struct *work)
157{
158 struct cfg80211_registered_device *rdev =
159 container_of(work, struct cfg80211_registered_device, conn_work);
160 struct wireless_dev *wdev;
161
162 rtnl_lock();
163 cfg80211_lock_rdev(rdev);
164 mutex_lock(&rdev->devlist_mtx);
165
166 list_for_each_entry(wdev, &rdev->netdev_list, list) {
167 wdev_lock(wdev);
168 if (!netif_running(wdev->netdev)) {
169 wdev_unlock(wdev);
170 continue;
171 }
172 if (wdev->sme_state != CFG80211_SME_CONNECTING) {
173 wdev_unlock(wdev);
174 continue;
175 }
176 if (cfg80211_conn_do_work(wdev))
177 __cfg80211_connect_result(
178 wdev->netdev,
179 wdev->conn->params.bssid,
180 NULL, 0, NULL, 0,
181 WLAN_STATUS_UNSPECIFIED_FAILURE,
182 false, NULL);
183 wdev_unlock(wdev);
184 }
185
186 mutex_unlock(&rdev->devlist_mtx);
187 cfg80211_unlock_rdev(rdev);
188 rtnl_unlock();
189}
190
191static bool cfg80211_get_conn_bss(struct wireless_dev *wdev)
192{
193 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
194 struct cfg80211_bss *bss;
195 u16 capa = WLAN_CAPABILITY_ESS;
196
197 ASSERT_WDEV_LOCK(wdev);
198
199 if (wdev->conn->params.privacy)
200 capa |= WLAN_CAPABILITY_PRIVACY;
201
202 bss = cfg80211_get_bss(wdev->wiphy, NULL, wdev->conn->params.bssid,
203 wdev->conn->params.ssid,
204 wdev->conn->params.ssid_len,
205 WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_PRIVACY,
206 capa);
207 if (!bss)
208 return false;
209
210 memcpy(wdev->conn->bssid, bss->bssid, ETH_ALEN);
211 wdev->conn->params.bssid = wdev->conn->bssid;
212 wdev->conn->params.channel = bss->channel;
213 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
214 schedule_work(&rdev->conn_work);
215
216 cfg80211_put_bss(bss);
217 return true;
218}
219
220static void __cfg80211_sme_scan_done(struct net_device *dev)
221{
222 struct wireless_dev *wdev = dev->ieee80211_ptr;
223 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
224
225 ASSERT_WDEV_LOCK(wdev);
226
227 if (wdev->sme_state != CFG80211_SME_CONNECTING)
228 return;
229
230 if (!wdev->conn)
231 return;
232
233 if (wdev->conn->state != CFG80211_CONN_SCANNING &&
234 wdev->conn->state != CFG80211_CONN_SCAN_AGAIN)
235 return;
236
237 if (!cfg80211_get_conn_bss(wdev)) {
238 /* not found */
239 if (wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)
240 schedule_work(&rdev->conn_work);
241 else
242 __cfg80211_connect_result(
243 wdev->netdev,
244 wdev->conn->params.bssid,
245 NULL, 0, NULL, 0,
246 WLAN_STATUS_UNSPECIFIED_FAILURE,
247 false, NULL);
248 }
249}
250
251void cfg80211_sme_scan_done(struct net_device *dev)
252{
253 struct wireless_dev *wdev = dev->ieee80211_ptr;
254
255 mutex_lock(&wiphy_to_dev(wdev->wiphy)->devlist_mtx);
256 wdev_lock(wdev);
257 __cfg80211_sme_scan_done(dev);
258 wdev_unlock(wdev);
259 mutex_unlock(&wiphy_to_dev(wdev->wiphy)->devlist_mtx);
260}
261
262void cfg80211_sme_rx_auth(struct net_device *dev,
263 const u8 *buf, size_t len)
264{
265 struct wireless_dev *wdev = dev->ieee80211_ptr;
266 struct wiphy *wiphy = wdev->wiphy;
267 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
268 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
269 u16 status_code = le16_to_cpu(mgmt->u.auth.status_code);
270
271 ASSERT_WDEV_LOCK(wdev);
272
273 /* should only RX auth frames when connecting */
274 if (wdev->sme_state != CFG80211_SME_CONNECTING)
275 return;
276
277 if (WARN_ON(!wdev->conn))
278 return;
279
280 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG &&
281 wdev->conn->auto_auth &&
282 wdev->conn->params.auth_type != NL80211_AUTHTYPE_NETWORK_EAP) {
283 /* select automatically between only open, shared, leap */
284 switch (wdev->conn->params.auth_type) {
285 case NL80211_AUTHTYPE_OPEN_SYSTEM:
286 if (wdev->connect_keys)
287 wdev->conn->params.auth_type =
288 NL80211_AUTHTYPE_SHARED_KEY;
289 else
290 wdev->conn->params.auth_type =
291 NL80211_AUTHTYPE_NETWORK_EAP;
292 break;
293 case NL80211_AUTHTYPE_SHARED_KEY:
294 wdev->conn->params.auth_type =
295 NL80211_AUTHTYPE_NETWORK_EAP;
296 break;
297 default:
298 /* huh? */
299 wdev->conn->params.auth_type =
300 NL80211_AUTHTYPE_OPEN_SYSTEM;
301 break;
302 }
303 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
304 schedule_work(&rdev->conn_work);
305 } else if (status_code != WLAN_STATUS_SUCCESS) {
306 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0,
307 status_code, false, NULL);
308 } else if (wdev->sme_state == CFG80211_SME_CONNECTING &&
309 wdev->conn->state == CFG80211_CONN_AUTHENTICATING) {
310 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT;
311 schedule_work(&rdev->conn_work);
312 }
313}
314
315bool cfg80211_sme_failed_reassoc(struct wireless_dev *wdev)
316{
317 struct wiphy *wiphy = wdev->wiphy;
318 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
319
320 if (WARN_ON(!wdev->conn))
321 return false;
322
323 if (!wdev->conn->prev_bssid_valid)
324 return false;
325
326 /*
327 * Some stupid APs don't accept reassoc, so we
328 * need to fall back to trying regular assoc.
329 */
330 wdev->conn->prev_bssid_valid = false;
331 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT;
332 schedule_work(&rdev->conn_work);
333
334 return true;
335}
336
337void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
338 const u8 *req_ie, size_t req_ie_len,
339 const u8 *resp_ie, size_t resp_ie_len,
340 u16 status, bool wextev,
341 struct cfg80211_bss *bss)
342{
343 struct wireless_dev *wdev = dev->ieee80211_ptr;
344 u8 *country_ie;
345#ifdef CONFIG_WIRELESS_EXT
346 union iwreq_data wrqu;
347#endif
348
349 ASSERT_WDEV_LOCK(wdev);
350
351 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
352 return;
353
354 if (wdev->sme_state == CFG80211_SME_CONNECTED)
355 nl80211_send_roamed(wiphy_to_dev(wdev->wiphy), dev,
356 bssid, req_ie, req_ie_len,
357 resp_ie, resp_ie_len, GFP_KERNEL);
358 else
359 nl80211_send_connect_result(wiphy_to_dev(wdev->wiphy), dev,
360 bssid, req_ie, req_ie_len,
361 resp_ie, resp_ie_len,
362 status, GFP_KERNEL);
363
364#ifdef CONFIG_WIRELESS_EXT
365 if (wextev) {
366 if (req_ie && status == WLAN_STATUS_SUCCESS) {
367 memset(&wrqu, 0, sizeof(wrqu));
368 wrqu.data.length = req_ie_len;
369 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, req_ie);
370 }
371
372 if (resp_ie && status == WLAN_STATUS_SUCCESS) {
373 memset(&wrqu, 0, sizeof(wrqu));
374 wrqu.data.length = resp_ie_len;
375 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, resp_ie);
376 }
377
378 memset(&wrqu, 0, sizeof(wrqu));
379 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
380 if (bssid && status == WLAN_STATUS_SUCCESS) {
381 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
382 memcpy(wdev->wext.prev_bssid, bssid, ETH_ALEN);
383 wdev->wext.prev_bssid_valid = true;
384 }
385 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
386 }
387#endif
388
389 if (wdev->current_bss) {
390 cfg80211_unhold_bss(wdev->current_bss);
391 cfg80211_put_bss(&wdev->current_bss->pub);
392 wdev->current_bss = NULL;
393 }
394
395 if (status == WLAN_STATUS_SUCCESS &&
396 wdev->sme_state == CFG80211_SME_IDLE)
397 goto success;
398
399 if (wdev->sme_state != CFG80211_SME_CONNECTING)
400 return;
401
402 if (wdev->conn)
403 wdev->conn->state = CFG80211_CONN_IDLE;
404
405 if (status != WLAN_STATUS_SUCCESS) {
406 wdev->sme_state = CFG80211_SME_IDLE;
407 kfree(wdev->conn);
408 wdev->conn = NULL;
409 kfree(wdev->connect_keys);
410 wdev->connect_keys = NULL;
411 wdev->ssid_len = 0;
412 return;
413 }
414
415 success:
416 if (!bss)
417 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
418 wdev->ssid, wdev->ssid_len,
419 WLAN_CAPABILITY_ESS,
420 WLAN_CAPABILITY_ESS);
421
422 if (WARN_ON(!bss))
423 return;
424
425 cfg80211_hold_bss(bss_from_pub(bss));
426 wdev->current_bss = bss_from_pub(bss);
427
428 wdev->sme_state = CFG80211_SME_CONNECTED;
429 cfg80211_upload_connect_keys(wdev);
430
431 country_ie = (u8 *) ieee80211_bss_get_ie(bss, WLAN_EID_COUNTRY);
432
433 if (!country_ie)
434 return;
435
436 /*
437 * ieee80211_bss_get_ie() ensures we can access:
438 * - country_ie + 2, the start of the country ie data, and
439 * - and country_ie[1] which is the IE length
440 */
441 regulatory_hint_11d(wdev->wiphy,
442 country_ie + 2,
443 country_ie[1]);
444}
445
446void cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
447 const u8 *req_ie, size_t req_ie_len,
448 const u8 *resp_ie, size_t resp_ie_len,
449 u16 status, gfp_t gfp)
450{
451 struct wireless_dev *wdev = dev->ieee80211_ptr;
452 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
453 struct cfg80211_event *ev;
454 unsigned long flags;
455
456 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
457 if (!ev)
458 return;
459
460 ev->type = EVENT_CONNECT_RESULT;
461 memcpy(ev->cr.bssid, bssid, ETH_ALEN);
462 ev->cr.req_ie = ((u8 *)ev) + sizeof(*ev);
463 ev->cr.req_ie_len = req_ie_len;
464 memcpy((void *)ev->cr.req_ie, req_ie, req_ie_len);
465 ev->cr.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
466 ev->cr.resp_ie_len = resp_ie_len;
467 memcpy((void *)ev->cr.resp_ie, resp_ie, resp_ie_len);
468 ev->cr.status = status;
469
470 spin_lock_irqsave(&wdev->event_lock, flags);
471 list_add_tail(&ev->list, &wdev->event_list);
472 spin_unlock_irqrestore(&wdev->event_lock, flags);
473 schedule_work(&rdev->event_work);
474}
475EXPORT_SYMBOL(cfg80211_connect_result);
476
477void __cfg80211_roamed(struct wireless_dev *wdev, const u8 *bssid,
478 const u8 *req_ie, size_t req_ie_len,
479 const u8 *resp_ie, size_t resp_ie_len)
480{
481 struct cfg80211_bss *bss;
482#ifdef CONFIG_WIRELESS_EXT
483 union iwreq_data wrqu;
484#endif
485
486 ASSERT_WDEV_LOCK(wdev);
487
488 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
489 return;
490
491 if (WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED))
492 return;
493
494 /* internal error -- how did we get to CONNECTED w/o BSS? */
495 if (WARN_ON(!wdev->current_bss)) {
496 return;
497 }
498
499 cfg80211_unhold_bss(wdev->current_bss);
500 cfg80211_put_bss(&wdev->current_bss->pub);
501 wdev->current_bss = NULL;
502
503 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
504 wdev->ssid, wdev->ssid_len,
505 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
506
507 if (WARN_ON(!bss))
508 return;
509
510 cfg80211_hold_bss(bss_from_pub(bss));
511 wdev->current_bss = bss_from_pub(bss);
512
513 nl80211_send_roamed(wiphy_to_dev(wdev->wiphy), wdev->netdev, bssid,
514 req_ie, req_ie_len, resp_ie, resp_ie_len,
515 GFP_KERNEL);
516
517#ifdef CONFIG_WIRELESS_EXT
518 if (req_ie) {
519 memset(&wrqu, 0, sizeof(wrqu));
520 wrqu.data.length = req_ie_len;
521 wireless_send_event(wdev->netdev, IWEVASSOCREQIE,
522 &wrqu, req_ie);
523 }
524
525 if (resp_ie) {
526 memset(&wrqu, 0, sizeof(wrqu));
527 wrqu.data.length = resp_ie_len;
528 wireless_send_event(wdev->netdev, IWEVASSOCRESPIE,
529 &wrqu, resp_ie);
530 }
531
532 memset(&wrqu, 0, sizeof(wrqu));
533 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
534 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
535 memcpy(wdev->wext.prev_bssid, bssid, ETH_ALEN);
536 wdev->wext.prev_bssid_valid = true;
537 wireless_send_event(wdev->netdev, SIOCGIWAP, &wrqu, NULL);
538#endif
539}
540
541void cfg80211_roamed(struct net_device *dev, const u8 *bssid,
542 const u8 *req_ie, size_t req_ie_len,
543 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
544{
545 struct wireless_dev *wdev = dev->ieee80211_ptr;
546 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
547 struct cfg80211_event *ev;
548 unsigned long flags;
549
550 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
551 if (!ev)
552 return;
553
554 ev->type = EVENT_ROAMED;
555 memcpy(ev->rm.bssid, bssid, ETH_ALEN);
556 ev->rm.req_ie = ((u8 *)ev) + sizeof(*ev);
557 ev->rm.req_ie_len = req_ie_len;
558 memcpy((void *)ev->rm.req_ie, req_ie, req_ie_len);
559 ev->rm.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
560 ev->rm.resp_ie_len = resp_ie_len;
561 memcpy((void *)ev->rm.resp_ie, resp_ie, resp_ie_len);
562
563 spin_lock_irqsave(&wdev->event_lock, flags);
564 list_add_tail(&ev->list, &wdev->event_list);
565 spin_unlock_irqrestore(&wdev->event_lock, flags);
566 schedule_work(&rdev->event_work);
567}
568EXPORT_SYMBOL(cfg80211_roamed);
569
570void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
571 size_t ie_len, u16 reason, bool from_ap)
572{
573 struct wireless_dev *wdev = dev->ieee80211_ptr;
574 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
575 int i;
576#ifdef CONFIG_WIRELESS_EXT
577 union iwreq_data wrqu;
578#endif
579
580 ASSERT_WDEV_LOCK(wdev);
581
582 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
583 return;
584
585 if (WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED))
586 return;
587
588 if (wdev->current_bss) {
589 cfg80211_unhold_bss(wdev->current_bss);
590 cfg80211_put_bss(&wdev->current_bss->pub);
591 }
592
593 wdev->current_bss = NULL;
594 wdev->sme_state = CFG80211_SME_IDLE;
595 wdev->ssid_len = 0;
596
597 if (wdev->conn) {
598 const u8 *bssid;
599 int ret;
600
601 kfree(wdev->conn->ie);
602 wdev->conn->ie = NULL;
603 kfree(wdev->conn);
604 wdev->conn = NULL;
605
606 /*
607 * If this disconnect was due to a disassoc, we
608 * we might still have an auth BSS around. For
609 * the userspace SME that's currently expected,
610 * but for the kernel SME (nl80211 CONNECT or
611 * wireless extensions) we want to clear up all
612 * state.
613 */
614 for (i = 0; i < MAX_AUTH_BSSES; i++) {
615 if (!wdev->auth_bsses[i])
616 continue;
617 bssid = wdev->auth_bsses[i]->pub.bssid;
618 ret = __cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0,
619 WLAN_REASON_DEAUTH_LEAVING);
620 WARN(ret, "deauth failed: %d\n", ret);
621 }
622 }
623
624 nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap);
625
626 /*
627 * Delete all the keys ... pairwise keys can't really
628 * exist any more anyway, but default keys might.
629 */
630 if (rdev->ops->del_key)
631 for (i = 0; i < 6; i++)
632 rdev->ops->del_key(wdev->wiphy, dev, i, NULL);
633
634#ifdef CONFIG_WIRELESS_EXT
635 memset(&wrqu, 0, sizeof(wrqu));
636 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
637 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
638#endif
639}
640
641void cfg80211_disconnected(struct net_device *dev, u16 reason,
642 u8 *ie, size_t ie_len, gfp_t gfp)
643{
644 struct wireless_dev *wdev = dev->ieee80211_ptr;
645 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
646 struct cfg80211_event *ev;
647 unsigned long flags;
648
649 ev = kzalloc(sizeof(*ev) + ie_len, gfp);
650 if (!ev)
651 return;
652
653 ev->type = EVENT_DISCONNECTED;
654 ev->dc.ie = ((u8 *)ev) + sizeof(*ev);
655 ev->dc.ie_len = ie_len;
656 memcpy((void *)ev->dc.ie, ie, ie_len);
657 ev->dc.reason = reason;
658
659 spin_lock_irqsave(&wdev->event_lock, flags);
660 list_add_tail(&ev->list, &wdev->event_list);
661 spin_unlock_irqrestore(&wdev->event_lock, flags);
662 schedule_work(&rdev->event_work);
663}
664EXPORT_SYMBOL(cfg80211_disconnected);
665
666int __cfg80211_connect(struct cfg80211_registered_device *rdev,
667 struct net_device *dev,
668 struct cfg80211_connect_params *connect,
669 struct cfg80211_cached_keys *connkeys,
670 const u8 *prev_bssid)
671{
672 struct wireless_dev *wdev = dev->ieee80211_ptr;
673 struct ieee80211_channel *chan;
674 int err;
675
676 ASSERT_WDEV_LOCK(wdev);
677
678 if (wdev->sme_state != CFG80211_SME_IDLE)
679 return -EALREADY;
680
681 chan = rdev_fixed_channel(rdev, wdev);
682 if (chan && chan != connect->channel)
683 return -EBUSY;
684
685 if (WARN_ON(wdev->connect_keys)) {
686 kfree(wdev->connect_keys);
687 wdev->connect_keys = NULL;
688 }
689
690 if (connkeys && connkeys->def >= 0) {
691 int idx;
692 u32 cipher;
693
694 idx = connkeys->def;
695 cipher = connkeys->params[idx].cipher;
696 /* If given a WEP key we may need it for shared key auth */
697 if (cipher == WLAN_CIPHER_SUITE_WEP40 ||
698 cipher == WLAN_CIPHER_SUITE_WEP104) {
699 connect->key_idx = idx;
700 connect->key = connkeys->params[idx].key;
701 connect->key_len = connkeys->params[idx].key_len;
702
703 /*
704 * If ciphers are not set (e.g. when going through
705 * iwconfig), we have to set them appropriately here.
706 */
707 if (connect->crypto.cipher_group == 0)
708 connect->crypto.cipher_group = cipher;
709
710 if (connect->crypto.n_ciphers_pairwise == 0) {
711 connect->crypto.n_ciphers_pairwise = 1;
712 connect->crypto.ciphers_pairwise[0] = cipher;
713 }
714 }
715 }
716
717 if (!rdev->ops->connect) {
718 if (!rdev->ops->auth || !rdev->ops->assoc)
719 return -EOPNOTSUPP;
720
721 if (WARN_ON(wdev->conn))
722 return -EINPROGRESS;
723
724 wdev->conn = kzalloc(sizeof(*wdev->conn), GFP_KERNEL);
725 if (!wdev->conn)
726 return -ENOMEM;
727
728 /*
729 * Copy all parameters, and treat explicitly IEs, BSSID, SSID.
730 */
731 memcpy(&wdev->conn->params, connect, sizeof(*connect));
732 if (connect->bssid) {
733 wdev->conn->params.bssid = wdev->conn->bssid;
734 memcpy(wdev->conn->bssid, connect->bssid, ETH_ALEN);
735 }
736
737 if (connect->ie) {
738 wdev->conn->ie = kmemdup(connect->ie, connect->ie_len,
739 GFP_KERNEL);
740 wdev->conn->params.ie = wdev->conn->ie;
741 if (!wdev->conn->ie) {
742 kfree(wdev->conn);
743 wdev->conn = NULL;
744 return -ENOMEM;
745 }
746 }
747
748 if (connect->auth_type == NL80211_AUTHTYPE_AUTOMATIC) {
749 wdev->conn->auto_auth = true;
750 /* start with open system ... should mostly work */
751 wdev->conn->params.auth_type =
752 NL80211_AUTHTYPE_OPEN_SYSTEM;
753 } else {
754 wdev->conn->auto_auth = false;
755 }
756
757 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
758 wdev->ssid_len = connect->ssid_len;
759 wdev->conn->params.ssid = wdev->ssid;
760 wdev->conn->params.ssid_len = connect->ssid_len;
761
762 /* don't care about result -- but fill bssid & channel */
763 if (!wdev->conn->params.bssid || !wdev->conn->params.channel)
764 cfg80211_get_conn_bss(wdev);
765
766 wdev->sme_state = CFG80211_SME_CONNECTING;
767 wdev->connect_keys = connkeys;
768
769 if (prev_bssid) {
770 memcpy(wdev->conn->prev_bssid, prev_bssid, ETH_ALEN);
771 wdev->conn->prev_bssid_valid = true;
772 }
773
774 /* we're good if we have both BSSID and channel */
775 if (wdev->conn->params.bssid && wdev->conn->params.channel) {
776 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
777 err = cfg80211_conn_do_work(wdev);
778 } else {
779 /* otherwise we'll need to scan for the AP first */
780 err = cfg80211_conn_scan(wdev);
781 /*
782 * If we can't scan right now, then we need to scan again
783 * after the current scan finished, since the parameters
784 * changed (unless we find a good AP anyway).
785 */
786 if (err == -EBUSY) {
787 err = 0;
788 wdev->conn->state = CFG80211_CONN_SCAN_AGAIN;
789 }
790 }
791 if (err) {
792 kfree(wdev->conn);
793 wdev->conn = NULL;
794 wdev->sme_state = CFG80211_SME_IDLE;
795 wdev->connect_keys = NULL;
796 wdev->ssid_len = 0;
797 }
798
799 return err;
800 } else {
801 wdev->sme_state = CFG80211_SME_CONNECTING;
802 wdev->connect_keys = connkeys;
803 err = rdev->ops->connect(&rdev->wiphy, dev, connect);
804 if (err) {
805 wdev->connect_keys = NULL;
806 wdev->sme_state = CFG80211_SME_IDLE;
807 return err;
808 }
809
810 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
811 wdev->ssid_len = connect->ssid_len;
812
813 return 0;
814 }
815}
816
817int cfg80211_connect(struct cfg80211_registered_device *rdev,
818 struct net_device *dev,
819 struct cfg80211_connect_params *connect,
820 struct cfg80211_cached_keys *connkeys)
821{
822 int err;
823
824 mutex_lock(&rdev->devlist_mtx);
825 wdev_lock(dev->ieee80211_ptr);
826 err = __cfg80211_connect(rdev, dev, connect, connkeys, NULL);
827 wdev_unlock(dev->ieee80211_ptr);
828 mutex_unlock(&rdev->devlist_mtx);
829
830 return err;
831}
832
833int __cfg80211_disconnect(struct cfg80211_registered_device *rdev,
834 struct net_device *dev, u16 reason, bool wextev)
835{
836 struct wireless_dev *wdev = dev->ieee80211_ptr;
837 int err;
838
839 ASSERT_WDEV_LOCK(wdev);
840
841 if (wdev->sme_state == CFG80211_SME_IDLE)
842 return -EINVAL;
843
844 kfree(wdev->connect_keys);
845 wdev->connect_keys = NULL;
846
847 if (!rdev->ops->disconnect) {
848 if (!rdev->ops->deauth)
849 return -EOPNOTSUPP;
850
851 /* was it connected by userspace SME? */
852 if (!wdev->conn) {
853 cfg80211_mlme_down(rdev, dev);
854 return 0;
855 }
856
857 if (wdev->sme_state == CFG80211_SME_CONNECTING &&
858 (wdev->conn->state == CFG80211_CONN_SCANNING ||
859 wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)) {
860 wdev->sme_state = CFG80211_SME_IDLE;
861 kfree(wdev->conn);
862 wdev->conn = NULL;
863 wdev->ssid_len = 0;
864 return 0;
865 }
866
867 /* wdev->conn->params.bssid must be set if > SCANNING */
868 err = __cfg80211_mlme_deauth(rdev, dev,
869 wdev->conn->params.bssid,
870 NULL, 0, reason);
871 if (err)
872 return err;
873 } else {
874 err = rdev->ops->disconnect(&rdev->wiphy, dev, reason);
875 if (err)
876 return err;
877 }
878
879 if (wdev->sme_state == CFG80211_SME_CONNECTED)
880 __cfg80211_disconnected(dev, NULL, 0, 0, false);
881 else if (wdev->sme_state == CFG80211_SME_CONNECTING)
882 __cfg80211_connect_result(dev, NULL, NULL, 0, NULL, 0,
883 WLAN_STATUS_UNSPECIFIED_FAILURE,
884 wextev, NULL);
885
886 return 0;
887}
888
889int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
890 struct net_device *dev,
891 u16 reason, bool wextev)
892{
893 int err;
894
895 wdev_lock(dev->ieee80211_ptr);
896 err = __cfg80211_disconnect(rdev, dev, reason, wextev);
897 wdev_unlock(dev->ieee80211_ptr);
898
899 return err;
900}
901
902void cfg80211_sme_disassoc(struct net_device *dev, int idx)
903{
904 struct wireless_dev *wdev = dev->ieee80211_ptr;
905 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
906 u8 bssid[ETH_ALEN];
907
908 ASSERT_WDEV_LOCK(wdev);
909
910 if (!wdev->conn)
911 return;
912
913 if (wdev->conn->state == CFG80211_CONN_IDLE)
914 return;
915
916 /*
917 * Ok, so the association was made by this SME -- we don't
918 * want it any more so deauthenticate too.
919 */
920
921 if (!wdev->auth_bsses[idx])
922 return;
923
924 memcpy(bssid, wdev->auth_bsses[idx]->pub.bssid, ETH_ALEN);
925 if (__cfg80211_mlme_deauth(rdev, dev, bssid,
926 NULL, 0, WLAN_REASON_DEAUTH_LEAVING)) {
927 /* whatever -- assume gone anyway */
928 cfg80211_unhold_bss(wdev->auth_bsses[idx]);
929 cfg80211_put_bss(&wdev->auth_bsses[idx]->pub);
930 wdev->auth_bsses[idx] = NULL;
931 }
932}
diff --git a/net/wireless/util.c b/net/wireless/util.c
index 25550692dda6..693275a16a26 100644
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -141,9 +141,12 @@ void ieee80211_set_bitrate_flags(struct wiphy *wiphy)
141 set_mandatory_flags_band(wiphy->bands[band], band); 141 set_mandatory_flags_band(wiphy->bands[band], band);
142} 142}
143 143
144int cfg80211_validate_key_settings(struct key_params *params, int key_idx, 144int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
145 struct key_params *params, int key_idx,
145 const u8 *mac_addr) 146 const u8 *mac_addr)
146{ 147{
148 int i;
149
147 if (key_idx > 5) 150 if (key_idx > 5)
148 return -EINVAL; 151 return -EINVAL;
149 152
@@ -197,6 +200,12 @@ int cfg80211_validate_key_settings(struct key_params *params, int key_idx,
197 } 200 }
198 } 201 }
199 202
203 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++)
204 if (params->cipher == rdev->wiphy.cipher_suites[i])
205 break;
206 if (i == rdev->wiphy.n_cipher_suites)
207 return -EINVAL;
208
200 return 0; 209 return 0;
201} 210}
202 211
@@ -265,11 +274,11 @@ static int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr)
265 switch (ae) { 274 switch (ae) {
266 case 0: 275 case 0:
267 return 6; 276 return 6;
268 case 1: 277 case MESH_FLAGS_AE_A4:
269 return 12; 278 return 12;
270 case 2: 279 case MESH_FLAGS_AE_A5_A6:
271 return 18; 280 return 18;
272 case 3: 281 case (MESH_FLAGS_AE_A4 | MESH_FLAGS_AE_A5_A6):
273 return 24; 282 return 24;
274 default: 283 default:
275 return 6; 284 return 6;
@@ -324,10 +333,18 @@ int ieee80211_data_to_8023(struct sk_buff *skb, u8 *addr,
324 } 333 }
325 break; 334 break;
326 case cpu_to_le16(IEEE80211_FCTL_FROMDS): 335 case cpu_to_le16(IEEE80211_FCTL_FROMDS):
327 if (iftype != NL80211_IFTYPE_STATION || 336 if ((iftype != NL80211_IFTYPE_STATION &&
337 iftype != NL80211_IFTYPE_MESH_POINT) ||
328 (is_multicast_ether_addr(dst) && 338 (is_multicast_ether_addr(dst) &&
329 !compare_ether_addr(src, addr))) 339 !compare_ether_addr(src, addr)))
330 return -1; 340 return -1;
341 if (iftype == NL80211_IFTYPE_MESH_POINT) {
342 struct ieee80211s_hdr *meshdr =
343 (struct ieee80211s_hdr *) (skb->data + hdrlen);
344 hdrlen += ieee80211_get_mesh_hdrlen(meshdr);
345 if (meshdr->flags & MESH_FLAGS_AE_A4)
346 memcpy(src, meshdr->eaddr1, ETH_ALEN);
347 }
331 break; 348 break;
332 case cpu_to_le16(0): 349 case cpu_to_le16(0):
333 if (iftype != NL80211_IFTYPE_ADHOC) 350 if (iftype != NL80211_IFTYPE_ADHOC)
@@ -502,3 +519,58 @@ unsigned int cfg80211_classify8021d(struct sk_buff *skb)
502 return dscp >> 5; 519 return dscp >> 5;
503} 520}
504EXPORT_SYMBOL(cfg80211_classify8021d); 521EXPORT_SYMBOL(cfg80211_classify8021d);
522
523const u8 *ieee80211_bss_get_ie(struct cfg80211_bss *bss, u8 ie)
524{
525 u8 *end, *pos;
526
527 pos = bss->information_elements;
528 if (pos == NULL)
529 return NULL;
530 end = pos + bss->len_information_elements;
531
532 while (pos + 1 < end) {
533 if (pos + 2 + pos[1] > end)
534 break;
535 if (pos[0] == ie)
536 return pos;
537 pos += 2 + pos[1];
538 }
539
540 return NULL;
541}
542EXPORT_SYMBOL(ieee80211_bss_get_ie);
543
544void cfg80211_upload_connect_keys(struct wireless_dev *wdev)
545{
546 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
547 struct net_device *dev = wdev->netdev;
548 int i;
549
550 if (!wdev->connect_keys)
551 return;
552
553 for (i = 0; i < 6; i++) {
554 if (!wdev->connect_keys->params[i].cipher)
555 continue;
556 if (rdev->ops->add_key(wdev->wiphy, dev, i, NULL,
557 &wdev->connect_keys->params[i])) {
558 printk(KERN_ERR "%s: failed to set key %d\n",
559 dev->name, i);
560 continue;
561 }
562 if (wdev->connect_keys->def == i)
563 if (rdev->ops->set_default_key(wdev->wiphy, dev, i)) {
564 printk(KERN_ERR "%s: failed to set defkey %d\n",
565 dev->name, i);
566 continue;
567 }
568 if (wdev->connect_keys->defmgmt == i)
569 if (rdev->ops->set_default_mgmt_key(wdev->wiphy, dev, i))
570 printk(KERN_ERR "%s: failed to set mgtdef %d\n",
571 dev->name, i);
572 }
573
574 kfree(wdev->connect_keys);
575 wdev->connect_keys = NULL;
576}
diff --git a/net/wireless/wext-compat.c b/net/wireless/wext-compat.c
index d030c5315672..c44917492210 100644
--- a/net/wireless/wext-compat.c
+++ b/net/wireless/wext-compat.c
@@ -14,6 +14,7 @@
14#include <linux/etherdevice.h> 14#include <linux/etherdevice.h>
15#include <net/iw_handler.h> 15#include <net/iw_handler.h>
16#include <net/cfg80211.h> 16#include <net/cfg80211.h>
17#include "wext-compat.h"
17#include "core.h" 18#include "core.h"
18 19
19int cfg80211_wext_giwname(struct net_device *dev, 20int cfg80211_wext_giwname(struct net_device *dev,
@@ -103,7 +104,7 @@ int cfg80211_wext_siwmode(struct net_device *dev, struct iw_request_info *info,
103 104
104 memset(&vifparams, 0, sizeof(vifparams)); 105 memset(&vifparams, 0, sizeof(vifparams));
105 106
106 ret = rdev->ops->change_virtual_intf(wdev->wiphy, dev->ifindex, type, 107 ret = rdev->ops->change_virtual_intf(wdev->wiphy, dev, type,
107 NULL, &vifparams); 108 NULL, &vifparams);
108 WARN_ON(!ret && wdev->iftype != type); 109 WARN_ON(!ret && wdev->iftype != type);
109 110
@@ -154,7 +155,7 @@ int cfg80211_wext_giwrange(struct net_device *dev,
154 struct wireless_dev *wdev = dev->ieee80211_ptr; 155 struct wireless_dev *wdev = dev->ieee80211_ptr;
155 struct iw_range *range = (struct iw_range *) extra; 156 struct iw_range *range = (struct iw_range *) extra;
156 enum ieee80211_band band; 157 enum ieee80211_band band;
157 int c = 0; 158 int i, c = 0;
158 159
159 if (!wdev) 160 if (!wdev)
160 return -EOPNOTSUPP; 161 return -EOPNOTSUPP;
@@ -173,9 +174,6 @@ int cfg80211_wext_giwrange(struct net_device *dev,
173 range->min_frag = 256; 174 range->min_frag = 256;
174 range->max_frag = 2346; 175 range->max_frag = 2346;
175 176
176 range->encoding_size[0] = 5;
177 range->encoding_size[1] = 13;
178 range->num_encoding_sizes = 2;
179 range->max_encoding_tokens = 4; 177 range->max_encoding_tokens = 4;
180 178
181 range->max_qual.updated = IW_QUAL_NOISE_INVALID; 179 range->max_qual.updated = IW_QUAL_NOISE_INVALID;
@@ -204,11 +202,31 @@ int cfg80211_wext_giwrange(struct net_device *dev,
204 range->avg_qual.noise = range->max_qual.noise / 2; 202 range->avg_qual.noise = range->max_qual.noise / 2;
205 range->avg_qual.updated = range->max_qual.updated; 203 range->avg_qual.updated = range->max_qual.updated;
206 204
207 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 | 205 for (i = 0; i < wdev->wiphy->n_cipher_suites; i++) {
208 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP; 206 switch (wdev->wiphy->cipher_suites[i]) {
207 case WLAN_CIPHER_SUITE_TKIP:
208 range->enc_capa |= (IW_ENC_CAPA_CIPHER_TKIP |
209 IW_ENC_CAPA_WPA);
210 break;
211
212 case WLAN_CIPHER_SUITE_CCMP:
213 range->enc_capa |= (IW_ENC_CAPA_CIPHER_CCMP |
214 IW_ENC_CAPA_WPA2);
215 break;
216
217 case WLAN_CIPHER_SUITE_WEP40:
218 range->encoding_size[range->num_encoding_sizes++] =
219 WLAN_KEY_LEN_WEP40;
220 break;
221
222 case WLAN_CIPHER_SUITE_WEP104:
223 range->encoding_size[range->num_encoding_sizes++] =
224 WLAN_KEY_LEN_WEP104;
225 break;
226 }
227 }
209 228
210 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) { 229 for (band = 0; band < IEEE80211_NUM_BANDS; band ++) {
211 int i;
212 struct ieee80211_supported_band *sband; 230 struct ieee80211_supported_band *sband;
213 231
214 sband = wdev->wiphy->bands[band]; 232 sband = wdev->wiphy->bands[band];
@@ -236,97 +254,40 @@ int cfg80211_wext_giwrange(struct net_device *dev,
236 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP); 254 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
237 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN); 255 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
238 256
239 range->scan_capa |= IW_SCAN_CAPA_ESSID; 257 if (wdev->wiphy->max_scan_ssids > 0)
258 range->scan_capa |= IW_SCAN_CAPA_ESSID;
240 259
241 return 0; 260 return 0;
242} 261}
243EXPORT_SYMBOL_GPL(cfg80211_wext_giwrange); 262EXPORT_SYMBOL_GPL(cfg80211_wext_giwrange);
244 263
245int cfg80211_wext_siwmlme(struct net_device *dev,
246 struct iw_request_info *info,
247 struct iw_point *data, char *extra)
248{
249 struct wireless_dev *wdev = dev->ieee80211_ptr;
250 struct iw_mlme *mlme = (struct iw_mlme *)extra;
251 struct cfg80211_registered_device *rdev;
252 union {
253 struct cfg80211_disassoc_request disassoc;
254 struct cfg80211_deauth_request deauth;
255 } cmd;
256
257 if (!wdev)
258 return -EOPNOTSUPP;
259
260 rdev = wiphy_to_dev(wdev->wiphy);
261
262 if (wdev->iftype != NL80211_IFTYPE_STATION)
263 return -EINVAL;
264
265 if (mlme->addr.sa_family != ARPHRD_ETHER)
266 return -EINVAL;
267
268 memset(&cmd, 0, sizeof(cmd));
269
270 switch (mlme->cmd) {
271 case IW_MLME_DEAUTH:
272 if (!rdev->ops->deauth)
273 return -EOPNOTSUPP;
274 cmd.deauth.peer_addr = mlme->addr.sa_data;
275 cmd.deauth.reason_code = mlme->reason_code;
276 return rdev->ops->deauth(wdev->wiphy, dev, &cmd.deauth);
277 case IW_MLME_DISASSOC:
278 if (!rdev->ops->disassoc)
279 return -EOPNOTSUPP;
280 cmd.disassoc.peer_addr = mlme->addr.sa_data;
281 cmd.disassoc.reason_code = mlme->reason_code;
282 return rdev->ops->disassoc(wdev->wiphy, dev, &cmd.disassoc);
283 default:
284 return -EOPNOTSUPP;
285 }
286}
287EXPORT_SYMBOL_GPL(cfg80211_wext_siwmlme);
288
289 264
290/** 265/**
291 * cfg80211_wext_freq - get wext frequency for non-"auto" 266 * cfg80211_wext_freq - get wext frequency for non-"auto"
292 * @wiphy: the wiphy 267 * @wiphy: the wiphy
293 * @freq: the wext freq encoding 268 * @freq: the wext freq encoding
294 * 269 *
295 * Returns a channel, %NULL for auto, or an ERR_PTR for errors! 270 * Returns a frequency, or a negative error code, or 0 for auto.
296 */ 271 */
297struct ieee80211_channel *cfg80211_wext_freq(struct wiphy *wiphy, 272int cfg80211_wext_freq(struct wiphy *wiphy, struct iw_freq *freq)
298 struct iw_freq *freq)
299{ 273{
300 struct ieee80211_channel *chan;
301 int f;
302
303 /* 274 /*
304 * Parse frequency - return NULL for auto and 275 * Parse frequency - return 0 for auto and
305 * -EINVAL for impossible things. 276 * -EINVAL for impossible things.
306 */ 277 */
307 if (freq->e == 0) { 278 if (freq->e == 0) {
308 if (freq->m < 0) 279 if (freq->m < 0)
309 return NULL; 280 return 0;
310 f = ieee80211_channel_to_frequency(freq->m); 281 return ieee80211_channel_to_frequency(freq->m);
311 } else { 282 } else {
312 int i, div = 1000000; 283 int i, div = 1000000;
313 for (i = 0; i < freq->e; i++) 284 for (i = 0; i < freq->e; i++)
314 div /= 10; 285 div /= 10;
315 if (div <= 0) 286 if (div <= 0)
316 return ERR_PTR(-EINVAL); 287 return -EINVAL;
317 f = freq->m / div; 288 return freq->m / div;
318 } 289 }
319
320 /*
321 * Look up channel struct and return -EINVAL when
322 * it cannot be found.
323 */
324 chan = ieee80211_get_channel(wiphy, f);
325 if (!chan)
326 return ERR_PTR(-EINVAL);
327 return chan;
328} 290}
329EXPORT_SYMBOL_GPL(cfg80211_wext_freq);
330 291
331int cfg80211_wext_siwrts(struct net_device *dev, 292int cfg80211_wext_siwrts(struct net_device *dev,
332 struct iw_request_info *info, 293 struct iw_request_info *info,
@@ -479,15 +440,32 @@ int cfg80211_wext_giwretry(struct net_device *dev,
479} 440}
480EXPORT_SYMBOL_GPL(cfg80211_wext_giwretry); 441EXPORT_SYMBOL_GPL(cfg80211_wext_giwretry);
481 442
482static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev, 443static int __cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
483 struct net_device *dev, const u8 *addr, 444 struct net_device *dev, const u8 *addr,
484 bool remove, bool tx_key, int idx, 445 bool remove, bool tx_key, int idx,
485 struct key_params *params) 446 struct key_params *params)
486{ 447{
487 struct wireless_dev *wdev = dev->ieee80211_ptr; 448 struct wireless_dev *wdev = dev->ieee80211_ptr;
488 int err; 449 int err, i;
450
451 if (!wdev->wext.keys) {
452 wdev->wext.keys = kzalloc(sizeof(*wdev->wext.keys),
453 GFP_KERNEL);
454 if (!wdev->wext.keys)
455 return -ENOMEM;
456 for (i = 0; i < 6; i++)
457 wdev->wext.keys->params[i].key =
458 wdev->wext.keys->data[i];
459 }
460
461 if (wdev->iftype != NL80211_IFTYPE_ADHOC &&
462 wdev->iftype != NL80211_IFTYPE_STATION)
463 return -EOPNOTSUPP;
489 464
490 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC) { 465 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
466 if (!wdev->current_bss)
467 return -ENOLINK;
468
491 if (!rdev->ops->set_default_mgmt_key) 469 if (!rdev->ops->set_default_mgmt_key)
492 return -EOPNOTSUPP; 470 return -EOPNOTSUPP;
493 471
@@ -497,8 +475,14 @@ static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
497 return -EINVAL; 475 return -EINVAL;
498 476
499 if (remove) { 477 if (remove) {
500 err = rdev->ops->del_key(&rdev->wiphy, dev, idx, addr); 478 err = 0;
479 if (wdev->current_bss)
480 err = rdev->ops->del_key(&rdev->wiphy, dev, idx, addr);
501 if (!err) { 481 if (!err) {
482 if (!addr) {
483 wdev->wext.keys->params[idx].key_len = 0;
484 wdev->wext.keys->params[idx].cipher = 0;
485 }
502 if (idx == wdev->wext.default_key) 486 if (idx == wdev->wext.default_key)
503 wdev->wext.default_key = -1; 487 wdev->wext.default_key = -1;
504 else if (idx == wdev->wext.default_mgmt_key) 488 else if (idx == wdev->wext.default_mgmt_key)
@@ -512,36 +496,65 @@ static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
512 return 0; 496 return 0;
513 497
514 return err; 498 return err;
515 } else { 499 }
516 if (addr)
517 tx_key = false;
518 500
519 if (cfg80211_validate_key_settings(params, idx, addr)) 501 if (addr)
520 return -EINVAL; 502 tx_key = false;
521 503
504 if (cfg80211_validate_key_settings(rdev, params, idx, addr))
505 return -EINVAL;
506
507 err = 0;
508 if (wdev->current_bss)
522 err = rdev->ops->add_key(&rdev->wiphy, dev, idx, addr, params); 509 err = rdev->ops->add_key(&rdev->wiphy, dev, idx, addr, params);
523 if (err) 510 if (err)
524 return err; 511 return err;
512
513 if (!addr) {
514 wdev->wext.keys->params[idx] = *params;
515 memcpy(wdev->wext.keys->data[idx],
516 params->key, params->key_len);
517 wdev->wext.keys->params[idx].key =
518 wdev->wext.keys->data[idx];
519 }
525 520
526 if (tx_key || (!addr && wdev->wext.default_key == -1)) { 521 if ((params->cipher == WLAN_CIPHER_SUITE_WEP40 ||
522 params->cipher == WLAN_CIPHER_SUITE_WEP104) &&
523 (tx_key || (!addr && wdev->wext.default_key == -1))) {
524 if (wdev->current_bss)
527 err = rdev->ops->set_default_key(&rdev->wiphy, 525 err = rdev->ops->set_default_key(&rdev->wiphy,
528 dev, idx); 526 dev, idx);
529 if (!err) 527 if (!err)
530 wdev->wext.default_key = idx; 528 wdev->wext.default_key = idx;
531 return err; 529 return err;
532 } 530 }
533 531
534 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC && 532 if (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC &&
535 (tx_key || (!addr && wdev->wext.default_mgmt_key == -1))) { 533 (tx_key || (!addr && wdev->wext.default_mgmt_key == -1))) {
534 if (wdev->current_bss)
536 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 535 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy,
537 dev, idx); 536 dev, idx);
538 if (!err) 537 if (!err)
539 wdev->wext.default_mgmt_key = idx; 538 wdev->wext.default_mgmt_key = idx;
540 return err; 539 return err;
541 }
542
543 return 0;
544 } 540 }
541
542 return 0;
543}
544
545static int cfg80211_set_encryption(struct cfg80211_registered_device *rdev,
546 struct net_device *dev, const u8 *addr,
547 bool remove, bool tx_key, int idx,
548 struct key_params *params)
549{
550 int err;
551
552 wdev_lock(dev->ieee80211_ptr);
553 err = __cfg80211_set_encryption(rdev, dev, addr, remove,
554 tx_key, idx, params);
555 wdev_unlock(dev->ieee80211_ptr);
556
557 return err;
545} 558}
546 559
547int cfg80211_wext_siwencode(struct net_device *dev, 560int cfg80211_wext_siwencode(struct net_device *dev,
@@ -554,6 +567,10 @@ int cfg80211_wext_siwencode(struct net_device *dev,
554 bool remove = false; 567 bool remove = false;
555 struct key_params params; 568 struct key_params params;
556 569
570 if (wdev->iftype != NL80211_IFTYPE_STATION &&
571 wdev->iftype != NL80211_IFTYPE_ADHOC)
572 return -EOPNOTSUPP;
573
557 /* no use -- only MFP (set_default_mgmt_key) is optional */ 574 /* no use -- only MFP (set_default_mgmt_key) is optional */
558 if (!rdev->ops->del_key || 575 if (!rdev->ops->del_key ||
559 !rdev->ops->add_key || 576 !rdev->ops->add_key ||
@@ -574,9 +591,14 @@ int cfg80211_wext_siwencode(struct net_device *dev,
574 remove = true; 591 remove = true;
575 else if (erq->length == 0) { 592 else if (erq->length == 0) {
576 /* No key data - just set the default TX key index */ 593 /* No key data - just set the default TX key index */
577 err = rdev->ops->set_default_key(&rdev->wiphy, dev, idx); 594 err = 0;
595 wdev_lock(wdev);
596 if (wdev->current_bss)
597 err = rdev->ops->set_default_key(&rdev->wiphy,
598 dev, idx);
578 if (!err) 599 if (!err)
579 wdev->wext.default_key = idx; 600 wdev->wext.default_key = idx;
601 wdev_unlock(wdev);
580 return err; 602 return err;
581 } 603 }
582 604
@@ -609,6 +631,10 @@ int cfg80211_wext_siwencodeext(struct net_device *dev,
609 struct key_params params; 631 struct key_params params;
610 u32 cipher; 632 u32 cipher;
611 633
634 if (wdev->iftype != NL80211_IFTYPE_STATION &&
635 wdev->iftype != NL80211_IFTYPE_ADHOC)
636 return -EOPNOTSUPP;
637
612 /* no use -- only MFP (set_default_mgmt_key) is optional */ 638 /* no use -- only MFP (set_default_mgmt_key) is optional */
613 if (!rdev->ops->del_key || 639 if (!rdev->ops->del_key ||
614 !rdev->ops->add_key || 640 !rdev->ops->add_key ||
@@ -682,37 +708,15 @@ int cfg80211_wext_siwencodeext(struct net_device *dev,
682} 708}
683EXPORT_SYMBOL_GPL(cfg80211_wext_siwencodeext); 709EXPORT_SYMBOL_GPL(cfg80211_wext_siwencodeext);
684 710
685struct giwencode_cookie {
686 size_t buflen;
687 char *keybuf;
688};
689
690static void giwencode_get_key_cb(void *cookie, struct key_params *params)
691{
692 struct giwencode_cookie *data = cookie;
693
694 if (!params->key) {
695 data->buflen = 0;
696 return;
697 }
698
699 data->buflen = min_t(size_t, data->buflen, params->key_len);
700 memcpy(data->keybuf, params->key, data->buflen);
701}
702
703int cfg80211_wext_giwencode(struct net_device *dev, 711int cfg80211_wext_giwencode(struct net_device *dev,
704 struct iw_request_info *info, 712 struct iw_request_info *info,
705 struct iw_point *erq, char *keybuf) 713 struct iw_point *erq, char *keybuf)
706{ 714{
707 struct wireless_dev *wdev = dev->ieee80211_ptr; 715 struct wireless_dev *wdev = dev->ieee80211_ptr;
708 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 716 int idx;
709 int idx, err;
710 struct giwencode_cookie data = {
711 .keybuf = keybuf,
712 .buflen = erq->length,
713 };
714 717
715 if (!rdev->ops->get_key) 718 if (wdev->iftype != NL80211_IFTYPE_STATION &&
719 wdev->iftype != NL80211_IFTYPE_ADHOC)
716 return -EOPNOTSUPP; 720 return -EOPNOTSUPP;
717 721
718 idx = erq->flags & IW_ENCODE_INDEX; 722 idx = erq->flags & IW_ENCODE_INDEX;
@@ -727,24 +731,69 @@ int cfg80211_wext_giwencode(struct net_device *dev,
727 731
728 erq->flags = idx + 1; 732 erq->flags = idx + 1;
729 733
730 err = rdev->ops->get_key(&rdev->wiphy, dev, idx, NULL, &data, 734 if (!wdev->wext.keys || !wdev->wext.keys->params[idx].cipher) {
731 giwencode_get_key_cb);
732 if (!err) {
733 erq->length = data.buflen;
734 erq->flags |= IW_ENCODE_ENABLED;
735 return 0;
736 }
737
738 if (err == -ENOENT) {
739 erq->flags |= IW_ENCODE_DISABLED; 735 erq->flags |= IW_ENCODE_DISABLED;
740 erq->length = 0; 736 erq->length = 0;
741 return 0; 737 return 0;
742 } 738 }
743 739
744 return err; 740 erq->length = min_t(size_t, erq->length,
741 wdev->wext.keys->params[idx].key_len);
742 memcpy(keybuf, wdev->wext.keys->params[idx].key, erq->length);
743 erq->flags |= IW_ENCODE_ENABLED;
744
745 return 0;
745} 746}
746EXPORT_SYMBOL_GPL(cfg80211_wext_giwencode); 747EXPORT_SYMBOL_GPL(cfg80211_wext_giwencode);
747 748
749int cfg80211_wext_siwfreq(struct net_device *dev,
750 struct iw_request_info *info,
751 struct iw_freq *wextfreq, char *extra)
752{
753 struct wireless_dev *wdev = dev->ieee80211_ptr;
754 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
755 int freq, err;
756
757 switch (wdev->iftype) {
758 case NL80211_IFTYPE_STATION:
759 return cfg80211_mgd_wext_siwfreq(dev, info, wextfreq, extra);
760 case NL80211_IFTYPE_ADHOC:
761 return cfg80211_ibss_wext_siwfreq(dev, info, wextfreq, extra);
762 default:
763 freq = cfg80211_wext_freq(wdev->wiphy, wextfreq);
764 if (freq < 0)
765 return freq;
766 if (freq == 0)
767 return -EINVAL;
768 mutex_lock(&rdev->devlist_mtx);
769 err = rdev_set_freq(rdev, NULL, freq, NL80211_CHAN_NO_HT);
770 mutex_unlock(&rdev->devlist_mtx);
771 return err;
772 }
773}
774
775int cfg80211_wext_giwfreq(struct net_device *dev,
776 struct iw_request_info *info,
777 struct iw_freq *freq, char *extra)
778{
779 struct wireless_dev *wdev = dev->ieee80211_ptr;
780 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
781
782 switch (wdev->iftype) {
783 case NL80211_IFTYPE_STATION:
784 return cfg80211_mgd_wext_giwfreq(dev, info, freq, extra);
785 case NL80211_IFTYPE_ADHOC:
786 return cfg80211_ibss_wext_giwfreq(dev, info, freq, extra);
787 default:
788 if (!rdev->channel)
789 return -EINVAL;
790 freq->m = rdev->channel->center_freq;
791 freq->e = 6;
792 return 0;
793 }
794}
795EXPORT_SYMBOL_GPL(cfg80211_wext_giwfreq);
796
748int cfg80211_wext_siwtxpower(struct net_device *dev, 797int cfg80211_wext_siwtxpower(struct net_device *dev,
749 struct iw_request_info *info, 798 struct iw_request_info *info,
750 union iwreq_data *data, char *extra) 799 union iwreq_data *data, char *extra)
@@ -827,3 +876,547 @@ int cfg80211_wext_giwtxpower(struct net_device *dev,
827 return 0; 876 return 0;
828} 877}
829EXPORT_SYMBOL_GPL(cfg80211_wext_giwtxpower); 878EXPORT_SYMBOL_GPL(cfg80211_wext_giwtxpower);
879
880static int cfg80211_set_auth_alg(struct wireless_dev *wdev,
881 s32 auth_alg)
882{
883 int nr_alg = 0;
884
885 if (!auth_alg)
886 return -EINVAL;
887
888 if (auth_alg & ~(IW_AUTH_ALG_OPEN_SYSTEM |
889 IW_AUTH_ALG_SHARED_KEY |
890 IW_AUTH_ALG_LEAP))
891 return -EINVAL;
892
893 if (auth_alg & IW_AUTH_ALG_OPEN_SYSTEM) {
894 nr_alg++;
895 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_OPEN_SYSTEM;
896 }
897
898 if (auth_alg & IW_AUTH_ALG_SHARED_KEY) {
899 nr_alg++;
900 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_SHARED_KEY;
901 }
902
903 if (auth_alg & IW_AUTH_ALG_LEAP) {
904 nr_alg++;
905 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_NETWORK_EAP;
906 }
907
908 if (nr_alg > 1)
909 wdev->wext.connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
910
911 return 0;
912}
913
914static int cfg80211_set_wpa_version(struct wireless_dev *wdev, u32 wpa_versions)
915{
916 wdev->wext.connect.crypto.wpa_versions = 0;
917
918 if (wpa_versions & ~(IW_AUTH_WPA_VERSION_WPA |
919 IW_AUTH_WPA_VERSION_WPA2|
920 IW_AUTH_WPA_VERSION_DISABLED))
921 return -EINVAL;
922
923 if ((wpa_versions & IW_AUTH_WPA_VERSION_DISABLED) &&
924 (wpa_versions & (IW_AUTH_WPA_VERSION_WPA|
925 IW_AUTH_WPA_VERSION_WPA2)))
926 return -EINVAL;
927
928 if (wpa_versions & IW_AUTH_WPA_VERSION_DISABLED)
929 wdev->wext.connect.crypto.wpa_versions &=
930 ~(NL80211_WPA_VERSION_1|NL80211_WPA_VERSION_2);
931
932 if (wpa_versions & IW_AUTH_WPA_VERSION_WPA)
933 wdev->wext.connect.crypto.wpa_versions |=
934 NL80211_WPA_VERSION_1;
935
936 if (wpa_versions & IW_AUTH_WPA_VERSION_WPA2)
937 wdev->wext.connect.crypto.wpa_versions |=
938 NL80211_WPA_VERSION_2;
939
940 return 0;
941}
942
943static int cfg80211_set_cipher_group(struct wireless_dev *wdev, u32 cipher)
944{
945 wdev->wext.connect.crypto.cipher_group = 0;
946
947 if (cipher & IW_AUTH_CIPHER_WEP40)
948 wdev->wext.connect.crypto.cipher_group =
949 WLAN_CIPHER_SUITE_WEP40;
950 else if (cipher & IW_AUTH_CIPHER_WEP104)
951 wdev->wext.connect.crypto.cipher_group =
952 WLAN_CIPHER_SUITE_WEP104;
953 else if (cipher & IW_AUTH_CIPHER_TKIP)
954 wdev->wext.connect.crypto.cipher_group =
955 WLAN_CIPHER_SUITE_TKIP;
956 else if (cipher & IW_AUTH_CIPHER_CCMP)
957 wdev->wext.connect.crypto.cipher_group =
958 WLAN_CIPHER_SUITE_CCMP;
959 else if (cipher & IW_AUTH_CIPHER_AES_CMAC)
960 wdev->wext.connect.crypto.cipher_group =
961 WLAN_CIPHER_SUITE_AES_CMAC;
962 else
963 return -EINVAL;
964
965 return 0;
966}
967
968static int cfg80211_set_cipher_pairwise(struct wireless_dev *wdev, u32 cipher)
969{
970 int nr_ciphers = 0;
971 u32 *ciphers_pairwise = wdev->wext.connect.crypto.ciphers_pairwise;
972
973 if (cipher & IW_AUTH_CIPHER_WEP40) {
974 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_WEP40;
975 nr_ciphers++;
976 }
977
978 if (cipher & IW_AUTH_CIPHER_WEP104) {
979 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_WEP104;
980 nr_ciphers++;
981 }
982
983 if (cipher & IW_AUTH_CIPHER_TKIP) {
984 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_TKIP;
985 nr_ciphers++;
986 }
987
988 if (cipher & IW_AUTH_CIPHER_CCMP) {
989 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_CCMP;
990 nr_ciphers++;
991 }
992
993 if (cipher & IW_AUTH_CIPHER_AES_CMAC) {
994 ciphers_pairwise[nr_ciphers] = WLAN_CIPHER_SUITE_AES_CMAC;
995 nr_ciphers++;
996 }
997
998 BUILD_BUG_ON(NL80211_MAX_NR_CIPHER_SUITES < 5);
999
1000 wdev->wext.connect.crypto.n_ciphers_pairwise = nr_ciphers;
1001
1002 return 0;
1003}
1004
1005
1006static int cfg80211_set_key_mgt(struct wireless_dev *wdev, u32 key_mgt)
1007{
1008 int nr_akm_suites = 0;
1009
1010 if (key_mgt & ~(IW_AUTH_KEY_MGMT_802_1X |
1011 IW_AUTH_KEY_MGMT_PSK))
1012 return -EINVAL;
1013
1014 if (key_mgt & IW_AUTH_KEY_MGMT_802_1X) {
1015 wdev->wext.connect.crypto.akm_suites[nr_akm_suites] =
1016 WLAN_AKM_SUITE_8021X;
1017 nr_akm_suites++;
1018 }
1019
1020 if (key_mgt & IW_AUTH_KEY_MGMT_PSK) {
1021 wdev->wext.connect.crypto.akm_suites[nr_akm_suites] =
1022 WLAN_AKM_SUITE_PSK;
1023 nr_akm_suites++;
1024 }
1025
1026 wdev->wext.connect.crypto.n_akm_suites = nr_akm_suites;
1027
1028 return 0;
1029}
1030
1031int cfg80211_wext_siwauth(struct net_device *dev,
1032 struct iw_request_info *info,
1033 struct iw_param *data, char *extra)
1034{
1035 struct wireless_dev *wdev = dev->ieee80211_ptr;
1036
1037 if (wdev->iftype != NL80211_IFTYPE_STATION)
1038 return -EOPNOTSUPP;
1039
1040 switch (data->flags & IW_AUTH_INDEX) {
1041 case IW_AUTH_PRIVACY_INVOKED:
1042 wdev->wext.connect.privacy = data->value;
1043 return 0;
1044 case IW_AUTH_WPA_VERSION:
1045 return cfg80211_set_wpa_version(wdev, data->value);
1046 case IW_AUTH_CIPHER_GROUP:
1047 return cfg80211_set_cipher_group(wdev, data->value);
1048 case IW_AUTH_KEY_MGMT:
1049 return cfg80211_set_key_mgt(wdev, data->value);
1050 case IW_AUTH_CIPHER_PAIRWISE:
1051 return cfg80211_set_cipher_pairwise(wdev, data->value);
1052 case IW_AUTH_80211_AUTH_ALG:
1053 return cfg80211_set_auth_alg(wdev, data->value);
1054 case IW_AUTH_WPA_ENABLED:
1055 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1056 case IW_AUTH_DROP_UNENCRYPTED:
1057 case IW_AUTH_MFP:
1058 return 0;
1059 default:
1060 return -EOPNOTSUPP;
1061 }
1062}
1063EXPORT_SYMBOL_GPL(cfg80211_wext_siwauth);
1064
1065int cfg80211_wext_giwauth(struct net_device *dev,
1066 struct iw_request_info *info,
1067 struct iw_param *data, char *extra)
1068{
1069 /* XXX: what do we need? */
1070
1071 return -EOPNOTSUPP;
1072}
1073EXPORT_SYMBOL_GPL(cfg80211_wext_giwauth);
1074
1075int cfg80211_wext_siwpower(struct net_device *dev,
1076 struct iw_request_info *info,
1077 struct iw_param *wrq, char *extra)
1078{
1079 struct wireless_dev *wdev = dev->ieee80211_ptr;
1080 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1081 bool ps = wdev->wext.ps;
1082 int timeout = wdev->wext.ps_timeout;
1083 int err;
1084
1085 if (wdev->iftype != NL80211_IFTYPE_STATION)
1086 return -EINVAL;
1087
1088 if (!rdev->ops->set_power_mgmt)
1089 return -EOPNOTSUPP;
1090
1091 if (wrq->disabled) {
1092 ps = false;
1093 } else {
1094 switch (wrq->flags & IW_POWER_MODE) {
1095 case IW_POWER_ON: /* If not specified */
1096 case IW_POWER_MODE: /* If set all mask */
1097 case IW_POWER_ALL_R: /* If explicitely state all */
1098 ps = true;
1099 break;
1100 default: /* Otherwise we ignore */
1101 return -EINVAL;
1102 }
1103
1104 if (wrq->flags & ~(IW_POWER_MODE | IW_POWER_TIMEOUT))
1105 return -EINVAL;
1106
1107 if (wrq->flags & IW_POWER_TIMEOUT)
1108 timeout = wrq->value / 1000;
1109 }
1110
1111 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, ps, timeout);
1112 if (err)
1113 return err;
1114
1115 wdev->wext.ps = ps;
1116 wdev->wext.ps_timeout = timeout;
1117
1118 return 0;
1119
1120}
1121EXPORT_SYMBOL_GPL(cfg80211_wext_siwpower);
1122
1123int cfg80211_wext_giwpower(struct net_device *dev,
1124 struct iw_request_info *info,
1125 struct iw_param *wrq, char *extra)
1126{
1127 struct wireless_dev *wdev = dev->ieee80211_ptr;
1128
1129 wrq->disabled = !wdev->wext.ps;
1130
1131 return 0;
1132}
1133EXPORT_SYMBOL_GPL(cfg80211_wext_giwpower);
1134
1135static int cfg80211_wds_wext_siwap(struct net_device *dev,
1136 struct iw_request_info *info,
1137 struct sockaddr *addr, char *extra)
1138{
1139 struct wireless_dev *wdev = dev->ieee80211_ptr;
1140 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1141 int err;
1142
1143 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_WDS))
1144 return -EINVAL;
1145
1146 if (addr->sa_family != ARPHRD_ETHER)
1147 return -EINVAL;
1148
1149 if (netif_running(dev))
1150 return -EBUSY;
1151
1152 if (!rdev->ops->set_wds_peer)
1153 return -EOPNOTSUPP;
1154
1155 err = rdev->ops->set_wds_peer(wdev->wiphy, dev, (u8 *) &addr->sa_data);
1156 if (err)
1157 return err;
1158
1159 memcpy(&wdev->wext.bssid, (u8 *) &addr->sa_data, ETH_ALEN);
1160
1161 return 0;
1162}
1163
1164static int cfg80211_wds_wext_giwap(struct net_device *dev,
1165 struct iw_request_info *info,
1166 struct sockaddr *addr, char *extra)
1167{
1168 struct wireless_dev *wdev = dev->ieee80211_ptr;
1169
1170 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_WDS))
1171 return -EINVAL;
1172
1173 addr->sa_family = ARPHRD_ETHER;
1174 memcpy(&addr->sa_data, wdev->wext.bssid, ETH_ALEN);
1175
1176 return 0;
1177}
1178
1179int cfg80211_wext_siwrate(struct net_device *dev,
1180 struct iw_request_info *info,
1181 struct iw_param *rate, char *extra)
1182{
1183 struct wireless_dev *wdev = dev->ieee80211_ptr;
1184 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1185 struct cfg80211_bitrate_mask mask;
1186
1187 if (!rdev->ops->set_bitrate_mask)
1188 return -EOPNOTSUPP;
1189
1190 mask.fixed = 0;
1191 mask.maxrate = 0;
1192
1193 if (rate->value < 0) {
1194 /* nothing */
1195 } else if (rate->fixed) {
1196 mask.fixed = rate->value / 1000; /* kbps */
1197 } else {
1198 mask.maxrate = rate->value / 1000; /* kbps */
1199 }
1200
1201 return rdev->ops->set_bitrate_mask(wdev->wiphy, dev, NULL, &mask);
1202}
1203EXPORT_SYMBOL_GPL(cfg80211_wext_siwrate);
1204
1205int cfg80211_wext_giwrate(struct net_device *dev,
1206 struct iw_request_info *info,
1207 struct iw_param *rate, char *extra)
1208{
1209 struct wireless_dev *wdev = dev->ieee80211_ptr;
1210 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1211 /* we are under RTNL - globally locked - so can use a static struct */
1212 static struct station_info sinfo;
1213 u8 addr[ETH_ALEN];
1214 int err;
1215
1216 if (wdev->iftype != NL80211_IFTYPE_STATION)
1217 return -EOPNOTSUPP;
1218
1219 if (!rdev->ops->get_station)
1220 return -EOPNOTSUPP;
1221
1222 err = 0;
1223 wdev_lock(wdev);
1224 if (wdev->current_bss)
1225 memcpy(addr, wdev->current_bss->pub.bssid, ETH_ALEN);
1226 else
1227 err = -EOPNOTSUPP;
1228 wdev_unlock(wdev);
1229 if (err)
1230 return err;
1231
1232 err = rdev->ops->get_station(&rdev->wiphy, dev, addr, &sinfo);
1233 if (err)
1234 return err;
1235
1236 if (!(sinfo.filled & STATION_INFO_TX_BITRATE))
1237 return -EOPNOTSUPP;
1238
1239 rate->value = 0;
1240
1241 if (!(sinfo.txrate.flags & RATE_INFO_FLAGS_MCS))
1242 rate->value = 100000 * sinfo.txrate.legacy;
1243
1244 return 0;
1245}
1246EXPORT_SYMBOL_GPL(cfg80211_wext_giwrate);
1247
1248/* Get wireless statistics. Called by /proc/net/wireless and by SIOCGIWSTATS */
1249struct iw_statistics *cfg80211_wireless_stats(struct net_device *dev)
1250{
1251 struct wireless_dev *wdev = dev->ieee80211_ptr;
1252 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
1253 /* we are under RTNL - globally locked - so can use static structs */
1254 static struct iw_statistics wstats;
1255 static struct station_info sinfo;
1256 u8 bssid[ETH_ALEN];
1257
1258 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION)
1259 return NULL;
1260
1261 if (!rdev->ops->get_station)
1262 return NULL;
1263
1264 /* Grab BSSID of current BSS, if any */
1265 wdev_lock(wdev);
1266 if (!wdev->current_bss) {
1267 wdev_unlock(wdev);
1268 return NULL;
1269 }
1270 memcpy(bssid, wdev->current_bss->pub.bssid, ETH_ALEN);
1271 wdev_unlock(wdev);
1272
1273 if (rdev->ops->get_station(&rdev->wiphy, dev, bssid, &sinfo))
1274 return NULL;
1275
1276 memset(&wstats, 0, sizeof(wstats));
1277
1278 switch (rdev->wiphy.signal_type) {
1279 case CFG80211_SIGNAL_TYPE_MBM:
1280 if (sinfo.filled & STATION_INFO_SIGNAL) {
1281 int sig = sinfo.signal;
1282 wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
1283 wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
1284 wstats.qual.updated |= IW_QUAL_DBM;
1285 wstats.qual.level = sig;
1286 if (sig < -110)
1287 sig = -110;
1288 else if (sig > -40)
1289 sig = -40;
1290 wstats.qual.qual = sig + 110;
1291 break;
1292 }
1293 case CFG80211_SIGNAL_TYPE_UNSPEC:
1294 if (sinfo.filled & STATION_INFO_SIGNAL) {
1295 wstats.qual.updated |= IW_QUAL_LEVEL_UPDATED;
1296 wstats.qual.updated |= IW_QUAL_QUAL_UPDATED;
1297 wstats.qual.level = sinfo.signal;
1298 wstats.qual.qual = sinfo.signal;
1299 break;
1300 }
1301 default:
1302 wstats.qual.updated |= IW_QUAL_LEVEL_INVALID;
1303 wstats.qual.updated |= IW_QUAL_QUAL_INVALID;
1304 }
1305
1306 wstats.qual.updated |= IW_QUAL_NOISE_INVALID;
1307
1308 return &wstats;
1309}
1310EXPORT_SYMBOL_GPL(cfg80211_wireless_stats);
1311
1312int cfg80211_wext_siwap(struct net_device *dev,
1313 struct iw_request_info *info,
1314 struct sockaddr *ap_addr, char *extra)
1315{
1316 struct wireless_dev *wdev = dev->ieee80211_ptr;
1317
1318 switch (wdev->iftype) {
1319 case NL80211_IFTYPE_ADHOC:
1320 return cfg80211_ibss_wext_siwap(dev, info, ap_addr, extra);
1321 case NL80211_IFTYPE_STATION:
1322 return cfg80211_mgd_wext_siwap(dev, info, ap_addr, extra);
1323 case NL80211_IFTYPE_WDS:
1324 return cfg80211_wds_wext_siwap(dev, info, ap_addr, extra);
1325 default:
1326 return -EOPNOTSUPP;
1327 }
1328}
1329EXPORT_SYMBOL_GPL(cfg80211_wext_siwap);
1330
1331int cfg80211_wext_giwap(struct net_device *dev,
1332 struct iw_request_info *info,
1333 struct sockaddr *ap_addr, char *extra)
1334{
1335 struct wireless_dev *wdev = dev->ieee80211_ptr;
1336
1337 switch (wdev->iftype) {
1338 case NL80211_IFTYPE_ADHOC:
1339 return cfg80211_ibss_wext_giwap(dev, info, ap_addr, extra);
1340 case NL80211_IFTYPE_STATION:
1341 return cfg80211_mgd_wext_giwap(dev, info, ap_addr, extra);
1342 case NL80211_IFTYPE_WDS:
1343 return cfg80211_wds_wext_giwap(dev, info, ap_addr, extra);
1344 default:
1345 return -EOPNOTSUPP;
1346 }
1347}
1348EXPORT_SYMBOL_GPL(cfg80211_wext_giwap);
1349
1350int cfg80211_wext_siwessid(struct net_device *dev,
1351 struct iw_request_info *info,
1352 struct iw_point *data, char *ssid)
1353{
1354 struct wireless_dev *wdev = dev->ieee80211_ptr;
1355
1356 switch (wdev->iftype) {
1357 case NL80211_IFTYPE_ADHOC:
1358 return cfg80211_ibss_wext_siwessid(dev, info, data, ssid);
1359 case NL80211_IFTYPE_STATION:
1360 return cfg80211_mgd_wext_siwessid(dev, info, data, ssid);
1361 default:
1362 return -EOPNOTSUPP;
1363 }
1364}
1365EXPORT_SYMBOL_GPL(cfg80211_wext_siwessid);
1366
1367int cfg80211_wext_giwessid(struct net_device *dev,
1368 struct iw_request_info *info,
1369 struct iw_point *data, char *ssid)
1370{
1371 struct wireless_dev *wdev = dev->ieee80211_ptr;
1372
1373 switch (wdev->iftype) {
1374 case NL80211_IFTYPE_ADHOC:
1375 return cfg80211_ibss_wext_giwessid(dev, info, data, ssid);
1376 case NL80211_IFTYPE_STATION:
1377 return cfg80211_mgd_wext_giwessid(dev, info, data, ssid);
1378 default:
1379 return -EOPNOTSUPP;
1380 }
1381}
1382EXPORT_SYMBOL_GPL(cfg80211_wext_giwessid);
1383
1384static const iw_handler cfg80211_handlers[] = {
1385 [IW_IOCTL_IDX(SIOCGIWNAME)] = (iw_handler) cfg80211_wext_giwname,
1386 [IW_IOCTL_IDX(SIOCSIWFREQ)] = (iw_handler) cfg80211_wext_siwfreq,
1387 [IW_IOCTL_IDX(SIOCGIWFREQ)] = (iw_handler) cfg80211_wext_giwfreq,
1388 [IW_IOCTL_IDX(SIOCSIWMODE)] = (iw_handler) cfg80211_wext_siwmode,
1389 [IW_IOCTL_IDX(SIOCGIWMODE)] = (iw_handler) cfg80211_wext_giwmode,
1390 [IW_IOCTL_IDX(SIOCGIWRANGE)] = (iw_handler) cfg80211_wext_giwrange,
1391 [IW_IOCTL_IDX(SIOCSIWAP)] = (iw_handler) cfg80211_wext_siwap,
1392 [IW_IOCTL_IDX(SIOCGIWAP)] = (iw_handler) cfg80211_wext_giwap,
1393 [IW_IOCTL_IDX(SIOCSIWMLME)] = (iw_handler) cfg80211_wext_siwmlme,
1394 [IW_IOCTL_IDX(SIOCSIWSCAN)] = (iw_handler) cfg80211_wext_siwscan,
1395 [IW_IOCTL_IDX(SIOCGIWSCAN)] = (iw_handler) cfg80211_wext_giwscan,
1396 [IW_IOCTL_IDX(SIOCSIWESSID)] = (iw_handler) cfg80211_wext_siwessid,
1397 [IW_IOCTL_IDX(SIOCGIWESSID)] = (iw_handler) cfg80211_wext_giwessid,
1398 [IW_IOCTL_IDX(SIOCSIWRATE)] = (iw_handler) cfg80211_wext_siwrate,
1399 [IW_IOCTL_IDX(SIOCGIWRATE)] = (iw_handler) cfg80211_wext_giwrate,
1400 [IW_IOCTL_IDX(SIOCSIWRTS)] = (iw_handler) cfg80211_wext_siwrts,
1401 [IW_IOCTL_IDX(SIOCGIWRTS)] = (iw_handler) cfg80211_wext_giwrts,
1402 [IW_IOCTL_IDX(SIOCSIWFRAG)] = (iw_handler) cfg80211_wext_siwfrag,
1403 [IW_IOCTL_IDX(SIOCGIWFRAG)] = (iw_handler) cfg80211_wext_giwfrag,
1404 [IW_IOCTL_IDX(SIOCSIWTXPOW)] = (iw_handler) cfg80211_wext_siwtxpower,
1405 [IW_IOCTL_IDX(SIOCGIWTXPOW)] = (iw_handler) cfg80211_wext_giwtxpower,
1406 [IW_IOCTL_IDX(SIOCSIWRETRY)] = (iw_handler) cfg80211_wext_siwretry,
1407 [IW_IOCTL_IDX(SIOCGIWRETRY)] = (iw_handler) cfg80211_wext_giwretry,
1408 [IW_IOCTL_IDX(SIOCSIWENCODE)] = (iw_handler) cfg80211_wext_siwencode,
1409 [IW_IOCTL_IDX(SIOCGIWENCODE)] = (iw_handler) cfg80211_wext_giwencode,
1410 [IW_IOCTL_IDX(SIOCSIWPOWER)] = (iw_handler) cfg80211_wext_siwpower,
1411 [IW_IOCTL_IDX(SIOCGIWPOWER)] = (iw_handler) cfg80211_wext_giwpower,
1412 [IW_IOCTL_IDX(SIOCSIWGENIE)] = (iw_handler) cfg80211_wext_siwgenie,
1413 [IW_IOCTL_IDX(SIOCSIWAUTH)] = (iw_handler) cfg80211_wext_siwauth,
1414 [IW_IOCTL_IDX(SIOCGIWAUTH)] = (iw_handler) cfg80211_wext_giwauth,
1415 [IW_IOCTL_IDX(SIOCSIWENCODEEXT)]= (iw_handler) cfg80211_wext_siwencodeext,
1416};
1417
1418const struct iw_handler_def cfg80211_wext_handler = {
1419 .num_standard = ARRAY_SIZE(cfg80211_handlers),
1420 .standard = cfg80211_handlers,
1421 .get_wireless_stats = cfg80211_wireless_stats,
1422};
diff --git a/net/wireless/wext-compat.h b/net/wireless/wext-compat.h
new file mode 100644
index 000000000000..20b3daef6964
--- /dev/null
+++ b/net/wireless/wext-compat.h
@@ -0,0 +1,49 @@
1#ifndef __WEXT_COMPAT
2#define __WEXT_COMPAT
3
4#include <net/iw_handler.h>
5#include <linux/wireless.h>
6
7int cfg80211_ibss_wext_siwfreq(struct net_device *dev,
8 struct iw_request_info *info,
9 struct iw_freq *freq, char *extra);
10int cfg80211_ibss_wext_giwfreq(struct net_device *dev,
11 struct iw_request_info *info,
12 struct iw_freq *freq, char *extra);
13int cfg80211_ibss_wext_siwap(struct net_device *dev,
14 struct iw_request_info *info,
15 struct sockaddr *ap_addr, char *extra);
16int cfg80211_ibss_wext_giwap(struct net_device *dev,
17 struct iw_request_info *info,
18 struct sockaddr *ap_addr, char *extra);
19int cfg80211_ibss_wext_siwessid(struct net_device *dev,
20 struct iw_request_info *info,
21 struct iw_point *data, char *ssid);
22int cfg80211_ibss_wext_giwessid(struct net_device *dev,
23 struct iw_request_info *info,
24 struct iw_point *data, char *ssid);
25
26int cfg80211_mgd_wext_siwfreq(struct net_device *dev,
27 struct iw_request_info *info,
28 struct iw_freq *freq, char *extra);
29int cfg80211_mgd_wext_giwfreq(struct net_device *dev,
30 struct iw_request_info *info,
31 struct iw_freq *freq, char *extra);
32int cfg80211_mgd_wext_siwap(struct net_device *dev,
33 struct iw_request_info *info,
34 struct sockaddr *ap_addr, char *extra);
35int cfg80211_mgd_wext_giwap(struct net_device *dev,
36 struct iw_request_info *info,
37 struct sockaddr *ap_addr, char *extra);
38int cfg80211_mgd_wext_siwessid(struct net_device *dev,
39 struct iw_request_info *info,
40 struct iw_point *data, char *ssid);
41int cfg80211_mgd_wext_giwessid(struct net_device *dev,
42 struct iw_request_info *info,
43 struct iw_point *data, char *ssid);
44
45int cfg80211_wext_freq(struct wiphy *wiphy, struct iw_freq *freq);
46
47
48extern const struct iw_handler_def cfg80211_wext_handler;
49#endif /* __WEXT_COMPAT */
diff --git a/net/wireless/wext-sme.c b/net/wireless/wext-sme.c
new file mode 100644
index 000000000000..d16cd9ea4d00
--- /dev/null
+++ b/net/wireless/wext-sme.c
@@ -0,0 +1,404 @@
1/*
2 * cfg80211 wext compat for managed mode.
3 *
4 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright (C) 2009 Intel Corporation. All rights reserved.
6 */
7
8#include <linux/etherdevice.h>
9#include <linux/if_arp.h>
10#include <net/cfg80211.h>
11#include "wext-compat.h"
12#include "nl80211.h"
13
14int cfg80211_mgd_wext_connect(struct cfg80211_registered_device *rdev,
15 struct wireless_dev *wdev)
16{
17 struct cfg80211_cached_keys *ck = NULL;
18 const u8 *prev_bssid = NULL;
19 int err, i;
20
21 ASSERT_RDEV_LOCK(rdev);
22 ASSERT_WDEV_LOCK(wdev);
23
24 if (!netif_running(wdev->netdev))
25 return 0;
26
27 wdev->wext.connect.ie = wdev->wext.ie;
28 wdev->wext.connect.ie_len = wdev->wext.ie_len;
29 wdev->wext.connect.privacy = wdev->wext.default_key != -1;
30
31 if (wdev->wext.keys) {
32 wdev->wext.keys->def = wdev->wext.default_key;
33 wdev->wext.keys->defmgmt = wdev->wext.default_mgmt_key;
34 }
35
36 if (!wdev->wext.connect.ssid_len)
37 return 0;
38
39 if (wdev->wext.keys) {
40 ck = kmemdup(wdev->wext.keys, sizeof(*ck), GFP_KERNEL);
41 if (!ck)
42 return -ENOMEM;
43 for (i = 0; i < 6; i++)
44 ck->params[i].key = ck->data[i];
45 }
46
47 if (wdev->wext.prev_bssid_valid)
48 prev_bssid = wdev->wext.prev_bssid;
49
50 err = __cfg80211_connect(rdev, wdev->netdev,
51 &wdev->wext.connect, ck, prev_bssid);
52 if (err)
53 kfree(ck);
54
55 return err;
56}
57
58int cfg80211_mgd_wext_siwfreq(struct net_device *dev,
59 struct iw_request_info *info,
60 struct iw_freq *wextfreq, char *extra)
61{
62 struct wireless_dev *wdev = dev->ieee80211_ptr;
63 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
64 struct ieee80211_channel *chan = NULL;
65 int err, freq;
66
67 /* call only for station! */
68 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
69 return -EINVAL;
70
71 freq = cfg80211_wext_freq(wdev->wiphy, wextfreq);
72 if (freq < 0)
73 return freq;
74
75 if (freq) {
76 chan = ieee80211_get_channel(wdev->wiphy, freq);
77 if (!chan)
78 return -EINVAL;
79 if (chan->flags & IEEE80211_CHAN_DISABLED)
80 return -EINVAL;
81 }
82
83 cfg80211_lock_rdev(rdev);
84 mutex_lock(&rdev->devlist_mtx);
85 wdev_lock(wdev);
86
87 if (wdev->sme_state != CFG80211_SME_IDLE) {
88 bool event = true;
89
90 if (wdev->wext.connect.channel == chan) {
91 err = 0;
92 goto out;
93 }
94
95 /* if SSID set, we'll try right again, avoid event */
96 if (wdev->wext.connect.ssid_len)
97 event = false;
98 err = __cfg80211_disconnect(rdev, dev,
99 WLAN_REASON_DEAUTH_LEAVING, event);
100 if (err)
101 goto out;
102 }
103
104
105 wdev->wext.connect.channel = chan;
106
107 /* SSID is not set, we just want to switch channel */
108 if (chan && !wdev->wext.connect.ssid_len) {
109 err = rdev_set_freq(rdev, wdev, freq, NL80211_CHAN_NO_HT);
110 goto out;
111 }
112
113 err = cfg80211_mgd_wext_connect(rdev, wdev);
114 out:
115 wdev_unlock(wdev);
116 mutex_unlock(&rdev->devlist_mtx);
117 cfg80211_unlock_rdev(rdev);
118 return err;
119}
120
121int cfg80211_mgd_wext_giwfreq(struct net_device *dev,
122 struct iw_request_info *info,
123 struct iw_freq *freq, char *extra)
124{
125 struct wireless_dev *wdev = dev->ieee80211_ptr;
126 struct ieee80211_channel *chan = NULL;
127
128 /* call only for station! */
129 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
130 return -EINVAL;
131
132 wdev_lock(wdev);
133 if (wdev->current_bss)
134 chan = wdev->current_bss->pub.channel;
135 else if (wdev->wext.connect.channel)
136 chan = wdev->wext.connect.channel;
137 wdev_unlock(wdev);
138
139 if (chan) {
140 freq->m = chan->center_freq;
141 freq->e = 6;
142 return 0;
143 }
144
145 /* no channel if not joining */
146 return -EINVAL;
147}
148
149int cfg80211_mgd_wext_siwessid(struct net_device *dev,
150 struct iw_request_info *info,
151 struct iw_point *data, char *ssid)
152{
153 struct wireless_dev *wdev = dev->ieee80211_ptr;
154 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
155 size_t len = data->length;
156 int err;
157
158 /* call only for station! */
159 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
160 return -EINVAL;
161
162 if (!data->flags)
163 len = 0;
164
165 /* iwconfig uses nul termination in SSID.. */
166 if (len > 0 && ssid[len - 1] == '\0')
167 len--;
168
169 cfg80211_lock_rdev(rdev);
170 mutex_lock(&rdev->devlist_mtx);
171 wdev_lock(wdev);
172
173 err = 0;
174
175 if (wdev->sme_state != CFG80211_SME_IDLE) {
176 bool event = true;
177
178 if (wdev->wext.connect.ssid && len &&
179 len == wdev->wext.connect.ssid_len &&
180 memcmp(wdev->wext.connect.ssid, ssid, len) == 0)
181 goto out;
182
183 /* if SSID set now, we'll try to connect, avoid event */
184 if (len)
185 event = false;
186 err = __cfg80211_disconnect(rdev, dev,
187 WLAN_REASON_DEAUTH_LEAVING, event);
188 if (err)
189 goto out;
190 }
191
192 wdev->wext.prev_bssid_valid = false;
193 wdev->wext.connect.ssid = wdev->wext.ssid;
194 memcpy(wdev->wext.ssid, ssid, len);
195 wdev->wext.connect.ssid_len = len;
196
197 wdev->wext.connect.crypto.control_port = false;
198
199 err = cfg80211_mgd_wext_connect(rdev, wdev);
200 out:
201 wdev_unlock(wdev);
202 mutex_unlock(&rdev->devlist_mtx);
203 cfg80211_unlock_rdev(rdev);
204 return err;
205}
206
207int cfg80211_mgd_wext_giwessid(struct net_device *dev,
208 struct iw_request_info *info,
209 struct iw_point *data, char *ssid)
210{
211 struct wireless_dev *wdev = dev->ieee80211_ptr;
212
213 /* call only for station! */
214 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
215 return -EINVAL;
216
217 data->flags = 0;
218
219 wdev_lock(wdev);
220 if (wdev->current_bss) {
221 const u8 *ie = ieee80211_bss_get_ie(&wdev->current_bss->pub,
222 WLAN_EID_SSID);
223 if (ie) {
224 data->flags = 1;
225 data->length = ie[1];
226 memcpy(ssid, ie + 2, data->length);
227 }
228 } else if (wdev->wext.connect.ssid && wdev->wext.connect.ssid_len) {
229 data->flags = 1;
230 data->length = wdev->wext.connect.ssid_len;
231 memcpy(ssid, wdev->wext.connect.ssid, data->length);
232 } else
233 data->flags = 0;
234 wdev_unlock(wdev);
235
236 return 0;
237}
238
239int cfg80211_mgd_wext_siwap(struct net_device *dev,
240 struct iw_request_info *info,
241 struct sockaddr *ap_addr, char *extra)
242{
243 struct wireless_dev *wdev = dev->ieee80211_ptr;
244 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
245 u8 *bssid = ap_addr->sa_data;
246 int err;
247
248 /* call only for station! */
249 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
250 return -EINVAL;
251
252 if (ap_addr->sa_family != ARPHRD_ETHER)
253 return -EINVAL;
254
255 /* automatic mode */
256 if (is_zero_ether_addr(bssid) || is_broadcast_ether_addr(bssid))
257 bssid = NULL;
258
259 cfg80211_lock_rdev(rdev);
260 mutex_lock(&rdev->devlist_mtx);
261 wdev_lock(wdev);
262
263 if (wdev->sme_state != CFG80211_SME_IDLE) {
264 err = 0;
265 /* both automatic */
266 if (!bssid && !wdev->wext.connect.bssid)
267 goto out;
268
269 /* fixed already - and no change */
270 if (wdev->wext.connect.bssid && bssid &&
271 compare_ether_addr(bssid, wdev->wext.connect.bssid) == 0)
272 goto out;
273
274 err = __cfg80211_disconnect(rdev, dev,
275 WLAN_REASON_DEAUTH_LEAVING, false);
276 if (err)
277 goto out;
278 }
279
280 if (bssid) {
281 memcpy(wdev->wext.bssid, bssid, ETH_ALEN);
282 wdev->wext.connect.bssid = wdev->wext.bssid;
283 } else
284 wdev->wext.connect.bssid = NULL;
285
286 err = cfg80211_mgd_wext_connect(rdev, wdev);
287 out:
288 wdev_unlock(wdev);
289 mutex_unlock(&rdev->devlist_mtx);
290 cfg80211_unlock_rdev(rdev);
291 return err;
292}
293
294int cfg80211_mgd_wext_giwap(struct net_device *dev,
295 struct iw_request_info *info,
296 struct sockaddr *ap_addr, char *extra)
297{
298 struct wireless_dev *wdev = dev->ieee80211_ptr;
299
300 /* call only for station! */
301 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION))
302 return -EINVAL;
303
304 ap_addr->sa_family = ARPHRD_ETHER;
305
306 wdev_lock(wdev);
307 if (wdev->current_bss)
308 memcpy(ap_addr->sa_data, wdev->current_bss->pub.bssid, ETH_ALEN);
309 else if (wdev->wext.connect.bssid)
310 memcpy(ap_addr->sa_data, wdev->wext.connect.bssid, ETH_ALEN);
311 else
312 memset(ap_addr->sa_data, 0, ETH_ALEN);
313 wdev_unlock(wdev);
314
315 return 0;
316}
317
318int cfg80211_wext_siwgenie(struct net_device *dev,
319 struct iw_request_info *info,
320 struct iw_point *data, char *extra)
321{
322 struct wireless_dev *wdev = dev->ieee80211_ptr;
323 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
324 u8 *ie = extra;
325 int ie_len = data->length, err;
326
327 if (wdev->iftype != NL80211_IFTYPE_STATION)
328 return -EOPNOTSUPP;
329
330 if (!ie_len)
331 ie = NULL;
332
333 wdev_lock(wdev);
334
335 /* no change */
336 err = 0;
337 if (wdev->wext.ie_len == ie_len &&
338 memcmp(wdev->wext.ie, ie, ie_len) == 0)
339 goto out;
340
341 if (ie_len) {
342 ie = kmemdup(extra, ie_len, GFP_KERNEL);
343 if (!ie) {
344 err = -ENOMEM;
345 goto out;
346 }
347 } else
348 ie = NULL;
349
350 kfree(wdev->wext.ie);
351 wdev->wext.ie = ie;
352 wdev->wext.ie_len = ie_len;
353
354 if (wdev->sme_state != CFG80211_SME_IDLE) {
355 err = __cfg80211_disconnect(rdev, dev,
356 WLAN_REASON_DEAUTH_LEAVING, false);
357 if (err)
358 goto out;
359 }
360
361 /* userspace better not think we'll reconnect */
362 err = 0;
363 out:
364 wdev_unlock(wdev);
365 return err;
366}
367EXPORT_SYMBOL_GPL(cfg80211_wext_siwgenie);
368
369int cfg80211_wext_siwmlme(struct net_device *dev,
370 struct iw_request_info *info,
371 struct iw_point *data, char *extra)
372{
373 struct wireless_dev *wdev = dev->ieee80211_ptr;
374 struct iw_mlme *mlme = (struct iw_mlme *)extra;
375 struct cfg80211_registered_device *rdev;
376 int err;
377
378 if (!wdev)
379 return -EOPNOTSUPP;
380
381 rdev = wiphy_to_dev(wdev->wiphy);
382
383 if (wdev->iftype != NL80211_IFTYPE_STATION)
384 return -EINVAL;
385
386 if (mlme->addr.sa_family != ARPHRD_ETHER)
387 return -EINVAL;
388
389 wdev_lock(wdev);
390 switch (mlme->cmd) {
391 case IW_MLME_DEAUTH:
392 case IW_MLME_DISASSOC:
393 err = __cfg80211_disconnect(rdev, dev, mlme->reason_code,
394 true);
395 break;
396 default:
397 err = -EOPNOTSUPP;
398 break;
399 }
400 wdev_unlock(wdev);
401
402 return err;
403}
404EXPORT_SYMBOL_GPL(cfg80211_wext_siwmlme);
diff --git a/net/wireless/wext.c b/net/wireless/wext.c
index 252c2010c2e2..5b4a0cee4418 100644
--- a/net/wireless/wext.c
+++ b/net/wireless/wext.c
@@ -417,6 +417,21 @@ static const int event_type_size[] = {
417 IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */ 417 IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
418}; 418};
419 419
420#ifdef CONFIG_COMPAT
421static const int compat_event_type_size[] = {
422 IW_EV_COMPAT_LCP_LEN, /* IW_HEADER_TYPE_NULL */
423 0,
424 IW_EV_COMPAT_CHAR_LEN, /* IW_HEADER_TYPE_CHAR */
425 0,
426 IW_EV_COMPAT_UINT_LEN, /* IW_HEADER_TYPE_UINT */
427 IW_EV_COMPAT_FREQ_LEN, /* IW_HEADER_TYPE_FREQ */
428 IW_EV_COMPAT_ADDR_LEN, /* IW_HEADER_TYPE_ADDR */
429 0,
430 IW_EV_COMPAT_POINT_LEN, /* Without variable payload */
431 IW_EV_COMPAT_PARAM_LEN, /* IW_HEADER_TYPE_PARAM */
432 IW_EV_COMPAT_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
433};
434#endif
420 435
421/************************ COMMON SUBROUTINES ************************/ 436/************************ COMMON SUBROUTINES ************************/
422/* 437/*
@@ -610,6 +625,11 @@ static void wireless_seq_printf_stats(struct seq_file *seq,
610{ 625{
611 /* Get stats from the driver */ 626 /* Get stats from the driver */
612 struct iw_statistics *stats = get_wireless_stats(dev); 627 struct iw_statistics *stats = get_wireless_stats(dev);
628 static struct iw_statistics nullstats = {};
629
630 /* show device if it's wireless regardless of current stats */
631 if (!stats && dev->wireless_handlers)
632 stats = &nullstats;
613 633
614 if (stats) { 634 if (stats) {
615 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d " 635 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d "
@@ -628,7 +648,9 @@ static void wireless_seq_printf_stats(struct seq_file *seq,
628 stats->discard.nwid, stats->discard.code, 648 stats->discard.nwid, stats->discard.code,
629 stats->discard.fragment, stats->discard.retries, 649 stats->discard.fragment, stats->discard.retries,
630 stats->discard.misc, stats->miss.beacon); 650 stats->discard.misc, stats->miss.beacon);
631 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED; 651
652 if (stats != &nullstats)
653 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
632 } 654 }
633} 655}
634 656
@@ -1250,65 +1272,57 @@ int compat_wext_handle_ioctl(struct net *net, unsigned int cmd,
1250} 1272}
1251#endif 1273#endif
1252 1274
1253/************************* EVENT PROCESSING *************************/ 1275static int __net_init wext_pernet_init(struct net *net)
1254/* 1276{
1255 * Process events generated by the wireless layer or the driver. 1277 skb_queue_head_init(&net->wext_nlevents);
1256 * Most often, the event will be propagated through rtnetlink 1278 return 0;
1257 */ 1279}
1258 1280
1259/* ---------------------------------------------------------------- */ 1281static void __net_exit wext_pernet_exit(struct net *net)
1260/* 1282{
1261 * Locking... 1283 skb_queue_purge(&net->wext_nlevents);
1262 * ---------- 1284}
1263 *
1264 * Thanks to Herbert Xu <herbert@gondor.apana.org.au> for fixing
1265 * the locking issue in here and implementing this code !
1266 *
1267 * The issue : wireless_send_event() is often called in interrupt context,
1268 * while the Netlink layer can never be called in interrupt context.
1269 * The fully formed RtNetlink events are queued, and then a tasklet is run
1270 * to feed those to Netlink.
1271 * The skb_queue is interrupt safe, and its lock is not held while calling
1272 * Netlink, so there is no possibility of dealock.
1273 * Jean II
1274 */
1275 1285
1276static struct sk_buff_head wireless_nlevent_queue; 1286static struct pernet_operations wext_pernet_ops = {
1287 .init = wext_pernet_init,
1288 .exit = wext_pernet_exit,
1289};
1277 1290
1278static int __init wireless_nlevent_init(void) 1291static int __init wireless_nlevent_init(void)
1279{ 1292{
1280 skb_queue_head_init(&wireless_nlevent_queue); 1293 return register_pernet_subsys(&wext_pernet_ops);
1281 return 0;
1282} 1294}
1283 1295
1284subsys_initcall(wireless_nlevent_init); 1296subsys_initcall(wireless_nlevent_init);
1285 1297
1286static void wireless_nlevent_process(unsigned long data) 1298/* Process events generated by the wireless layer or the driver. */
1299static void wireless_nlevent_process(struct work_struct *work)
1287{ 1300{
1288 struct sk_buff *skb; 1301 struct sk_buff *skb;
1302 struct net *net;
1289 1303
1290 while ((skb = skb_dequeue(&wireless_nlevent_queue))) 1304 rtnl_lock();
1291 rtnl_notify(skb, &init_net, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC); 1305
1306 for_each_net(net) {
1307 while ((skb = skb_dequeue(&net->wext_nlevents)))
1308 rtnl_notify(skb, net, 0, RTNLGRP_LINK, NULL,
1309 GFP_KERNEL);
1310 }
1311
1312 rtnl_unlock();
1292} 1313}
1293 1314
1294static DECLARE_TASKLET(wireless_nlevent_tasklet, wireless_nlevent_process, 0); 1315static DECLARE_WORK(wireless_nlevent_work, wireless_nlevent_process);
1295 1316
1296/* ---------------------------------------------------------------- */ 1317static struct nlmsghdr *rtnetlink_ifinfo_prep(struct net_device *dev,
1297/* 1318 struct sk_buff *skb)
1298 * Fill a rtnetlink message with our event data.
1299 * Note that we propage only the specified event and don't dump the
1300 * current wireless config. Dumping the wireless config is far too
1301 * expensive (for each parameter, the driver need to query the hardware).
1302 */
1303static int rtnetlink_fill_iwinfo(struct sk_buff *skb, struct net_device *dev,
1304 int type, char *event, int event_len)
1305{ 1319{
1306 struct ifinfomsg *r; 1320 struct ifinfomsg *r;
1307 struct nlmsghdr *nlh; 1321 struct nlmsghdr *nlh;
1308 1322
1309 nlh = nlmsg_put(skb, 0, 0, type, sizeof(*r), 0); 1323 nlh = nlmsg_put(skb, 0, 0, RTM_NEWLINK, sizeof(*r), 0);
1310 if (nlh == NULL) 1324 if (!nlh)
1311 return -EMSGSIZE; 1325 return NULL;
1312 1326
1313 r = nlmsg_data(nlh); 1327 r = nlmsg_data(nlh);
1314 r->ifi_family = AF_UNSPEC; 1328 r->ifi_family = AF_UNSPEC;
@@ -1319,48 +1333,14 @@ static int rtnetlink_fill_iwinfo(struct sk_buff *skb, struct net_device *dev,
1319 r->ifi_change = 0; /* Wireless changes don't affect those flags */ 1333 r->ifi_change = 0; /* Wireless changes don't affect those flags */
1320 1334
1321 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name); 1335 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name);
1322 /* Add the wireless events in the netlink packet */
1323 NLA_PUT(skb, IFLA_WIRELESS, event_len, event);
1324 1336
1325 return nlmsg_end(skb, nlh); 1337 return nlh;
1326 1338 nla_put_failure:
1327nla_put_failure:
1328 nlmsg_cancel(skb, nlh); 1339 nlmsg_cancel(skb, nlh);
1329 return -EMSGSIZE; 1340 return NULL;
1330} 1341}
1331 1342
1332/* ---------------------------------------------------------------- */
1333/*
1334 * Create and broadcast and send it on the standard rtnetlink socket
1335 * This is a pure clone rtmsg_ifinfo() in net/core/rtnetlink.c
1336 * Andrzej Krzysztofowicz mandated that I used a IFLA_XXX field
1337 * within a RTM_NEWLINK event.
1338 */
1339static void rtmsg_iwinfo(struct net_device *dev, char *event, int event_len)
1340{
1341 struct sk_buff *skb;
1342 int err;
1343
1344 if (!net_eq(dev_net(dev), &init_net))
1345 return;
1346
1347 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1348 if (!skb)
1349 return;
1350 1343
1351 err = rtnetlink_fill_iwinfo(skb, dev, RTM_NEWLINK, event, event_len);
1352 if (err < 0) {
1353 WARN_ON(err == -EMSGSIZE);
1354 kfree_skb(skb);
1355 return;
1356 }
1357
1358 NETLINK_CB(skb).dst_group = RTNLGRP_LINK;
1359 skb_queue_tail(&wireless_nlevent_queue, skb);
1360 tasklet_schedule(&wireless_nlevent_tasklet);
1361}
1362
1363/* ---------------------------------------------------------------- */
1364/* 1344/*
1365 * Main event dispatcher. Called from other parts and drivers. 1345 * Main event dispatcher. Called from other parts and drivers.
1366 * Send the event on the appropriate channels. 1346 * Send the event on the appropriate channels.
@@ -1369,7 +1349,7 @@ static void rtmsg_iwinfo(struct net_device *dev, char *event, int event_len)
1369void wireless_send_event(struct net_device * dev, 1349void wireless_send_event(struct net_device * dev,
1370 unsigned int cmd, 1350 unsigned int cmd,
1371 union iwreq_data * wrqu, 1351 union iwreq_data * wrqu,
1372 char * extra) 1352 const char * extra)
1373{ 1353{
1374 const struct iw_ioctl_description * descr = NULL; 1354 const struct iw_ioctl_description * descr = NULL;
1375 int extra_len = 0; 1355 int extra_len = 0;
@@ -1379,6 +1359,25 @@ void wireless_send_event(struct net_device * dev,
1379 int wrqu_off = 0; /* Offset in wrqu */ 1359 int wrqu_off = 0; /* Offset in wrqu */
1380 /* Don't "optimise" the following variable, it will crash */ 1360 /* Don't "optimise" the following variable, it will crash */
1381 unsigned cmd_index; /* *MUST* be unsigned */ 1361 unsigned cmd_index; /* *MUST* be unsigned */
1362 struct sk_buff *skb;
1363 struct nlmsghdr *nlh;
1364 struct nlattr *nla;
1365#ifdef CONFIG_COMPAT
1366 struct __compat_iw_event *compat_event;
1367 struct compat_iw_point compat_wrqu;
1368 struct sk_buff *compskb;
1369#endif
1370
1371 /*
1372 * Nothing in the kernel sends scan events with data, be safe.
1373 * This is necessary because we cannot fix up scan event data
1374 * for compat, due to being contained in 'extra', but normally
1375 * applications are required to retrieve the scan data anyway
1376 * and no data is included in the event, this codifies that
1377 * practice.
1378 */
1379 if (WARN_ON(cmd == SIOCGIWSCAN && extra))
1380 extra = NULL;
1382 1381
1383 /* Get the description of the Event */ 1382 /* Get the description of the Event */
1384 if (cmd <= SIOCIWLAST) { 1383 if (cmd <= SIOCIWLAST) {
@@ -1426,25 +1425,107 @@ void wireless_send_event(struct net_device * dev,
1426 hdr_len = event_type_size[descr->header_type]; 1425 hdr_len = event_type_size[descr->header_type];
1427 event_len = hdr_len + extra_len; 1426 event_len = hdr_len + extra_len;
1428 1427
1429 /* Create temporary buffer to hold the event */ 1428 /*
1430 event = kmalloc(event_len, GFP_ATOMIC); 1429 * The problem for 64/32 bit.
1431 if (event == NULL) 1430 *
1431 * On 64-bit, a regular event is laid out as follows:
1432 * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
1433 * | event.len | event.cmd | p a d d i n g |
1434 * | wrqu data ... (with the correct size) |
1435 *
1436 * This padding exists because we manipulate event->u,
1437 * and 'event' is not packed.
1438 *
1439 * An iw_point event is laid out like this instead:
1440 * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
1441 * | event.len | event.cmd | p a d d i n g |
1442 * | iwpnt.len | iwpnt.flg | p a d d i n g |
1443 * | extra data ...
1444 *
1445 * The second padding exists because struct iw_point is extended,
1446 * but this depends on the platform...
1447 *
1448 * On 32-bit, all the padding shouldn't be there.
1449 */
1450
1451 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1452 if (!skb)
1453 return;
1454
1455 /* Send via the RtNetlink event channel */
1456 nlh = rtnetlink_ifinfo_prep(dev, skb);
1457 if (WARN_ON(!nlh)) {
1458 kfree_skb(skb);
1459 return;
1460 }
1461
1462 /* Add the wireless events in the netlink packet */
1463 nla = nla_reserve(skb, IFLA_WIRELESS, event_len);
1464 if (!nla) {
1465 kfree_skb(skb);
1432 return; 1466 return;
1467 }
1468 event = nla_data(nla);
1433 1469
1434 /* Fill event */ 1470 /* Fill event - first clear to avoid data leaking */
1471 memset(event, 0, hdr_len);
1435 event->len = event_len; 1472 event->len = event_len;
1436 event->cmd = cmd; 1473 event->cmd = cmd;
1437 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN); 1474 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN);
1438 if (extra) 1475 if (extra_len)
1439 memcpy(((char *) event) + hdr_len, extra, extra_len); 1476 memcpy(((char *) event) + hdr_len, extra, extra_len);
1440 1477
1478 nlmsg_end(skb, nlh);
1479#ifdef CONFIG_COMPAT
1480 hdr_len = compat_event_type_size[descr->header_type];
1481 event_len = hdr_len + extra_len;
1482
1483 compskb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1484 if (!compskb) {
1485 kfree_skb(skb);
1486 return;
1487 }
1488
1441 /* Send via the RtNetlink event channel */ 1489 /* Send via the RtNetlink event channel */
1442 rtmsg_iwinfo(dev, (char *) event, event_len); 1490 nlh = rtnetlink_ifinfo_prep(dev, compskb);
1491 if (WARN_ON(!nlh)) {
1492 kfree_skb(skb);
1493 kfree_skb(compskb);
1494 return;
1495 }
1443 1496
1444 /* Cleanup */ 1497 /* Add the wireless events in the netlink packet */
1445 kfree(event); 1498 nla = nla_reserve(compskb, IFLA_WIRELESS, event_len);
1499 if (!nla) {
1500 kfree_skb(skb);
1501 kfree_skb(compskb);
1502 return;
1503 }
1504 compat_event = nla_data(nla);
1446 1505
1447 return; /* Always success, I guess ;-) */ 1506 compat_event->len = event_len;
1507 compat_event->cmd = cmd;
1508 if (descr->header_type == IW_HEADER_TYPE_POINT) {
1509 compat_wrqu.length = wrqu->data.length;
1510 compat_wrqu.flags = wrqu->data.flags;
1511 memcpy(&compat_event->pointer,
1512 ((char *) &compat_wrqu) + IW_EV_COMPAT_POINT_OFF,
1513 hdr_len - IW_EV_COMPAT_LCP_LEN);
1514 if (extra_len)
1515 memcpy(((char *) compat_event) + hdr_len,
1516 extra, extra_len);
1517 } else {
1518 /* extra_len must be zero, so no if (extra) needed */
1519 memcpy(&compat_event->pointer, wrqu,
1520 hdr_len - IW_EV_COMPAT_LCP_LEN);
1521 }
1522
1523 nlmsg_end(compskb, nlh);
1524
1525 skb_shinfo(skb)->frag_list = compskb;
1526#endif
1527 skb_queue_tail(&dev_net(dev)->wext_nlevents, skb);
1528 schedule_work(&wireless_nlevent_work);
1448} 1529}
1449EXPORT_SYMBOL(wireless_send_event); 1530EXPORT_SYMBOL(wireless_send_event);
1450 1531
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-29 16:36:50 -0500