main.c 50.9 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
/*
 * Copyright 2002-2005, Instant802 Networks, Inc.
 * Copyright 2005-2006, Devicescape Software, Inc.
 * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

#include <net/mac80211.h>
#include <net/ieee80211_radiotap.h>
#include <linux/module.h>
#include <linux/init.h>
#include <linux/netdevice.h>
#include <linux/types.h>
#include <linux/slab.h>
#include <linux/skbuff.h>
#include <linux/etherdevice.h>
#include <linux/if_arp.h>
#include <linux/wireless.h>
#include <linux/rtnetlink.h>
#include <linux/bitmap.h>
24
#include <net/net_namespace.h>
25
26
27
#include <net/cfg80211.h>

#include "ieee80211_i.h"
Johannes Berg's avatar
Johannes Berg committed
28
#include "rate.h"
29
#include "mesh.h"
30
31
32
#include "wep.h"
#include "wme.h"
#include "aes_ccm.h"
Johannes Berg's avatar
Johannes Berg committed
33
#include "led.h"
34
#include "cfg.h"
35
36
#include "debugfs.h"
#include "debugfs_netdev.h"
37

38
39
40
41
42
43
44
45
46
47
/*
 * For seeing transmitted packets on monitor interfaces
 * we have a radiotap header too.
 */
struct ieee80211_tx_status_rtap_hdr {
	struct ieee80211_radiotap_header hdr;
	__le16 tx_flags;
	u8 data_retries;
} __attribute__ ((packed));

48
/* common interface routines */
49

50
static int header_parse_80211(const struct sk_buff *skb, unsigned char *haddr)
51
52
53
54
{
	memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
	return ETH_ALEN;
}
55

56
57
58
59
60
61
/* must be called under mdev tx lock */
static void ieee80211_configure_filter(struct ieee80211_local *local)
{
	unsigned int changed_flags;
	unsigned int new_flags = 0;

62
	if (atomic_read(&local->iff_promiscs))
63
64
		new_flags |= FIF_PROMISC_IN_BSS;

65
	if (atomic_read(&local->iff_allmultis))
66
67
68
		new_flags |= FIF_ALLMULTI;

	if (local->monitors)
69
70
71
72
73
74
75
76
77
78
79
80
81
		new_flags |= FIF_BCN_PRBRESP_PROMISC;

	if (local->fif_fcsfail)
		new_flags |= FIF_FCSFAIL;

	if (local->fif_plcpfail)
		new_flags |= FIF_PLCPFAIL;

	if (local->fif_control)
		new_flags |= FIF_CONTROL;

	if (local->fif_other_bss)
		new_flags |= FIF_OTHER_BSS;
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

	changed_flags = local->filter_flags ^ new_flags;

	/* be a bit nasty */
	new_flags |= (1<<31);

	local->ops->configure_filter(local_to_hw(local),
				     changed_flags, &new_flags,
				     local->mdev->mc_count,
				     local->mdev->mc_list);

	WARN_ON(new_flags & (1<<31));

	local->filter_flags = new_flags & ~(1<<31);
}

98
/* master interface */
99

100
101
102
103
104
static int ieee80211_master_open(struct net_device *dev)
{
	struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
	struct ieee80211_sub_if_data *sdata;
	int res = -EOPNOTSUPP;
105

106
107
	/* we hold the RTNL here so can safely walk the list */
	list_for_each_entry(sdata, &local->interfaces, list) {
108
		if (netif_running(sdata->dev)) {
109
110
111
112
			res = 0;
			break;
		}
	}
113
114
115
116

	if (res)
		return res;

117
	netif_tx_start_all_queues(local->mdev);
118
119

	return 0;
120
}
121

122
static int ieee80211_master_stop(struct net_device *dev)
123
{
124
125
	struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
	struct ieee80211_sub_if_data *sdata;
126

127
128
	/* we hold the RTNL here so can safely walk the list */
	list_for_each_entry(sdata, &local->interfaces, list)
129
		if (netif_running(sdata->dev))
130
			dev_close(sdata->dev);
131

132
133
	return 0;
}
134

135
136
137
138
139
140
141
static void ieee80211_master_set_multicast_list(struct net_device *dev)
{
	struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);

	ieee80211_configure_filter(local);
}

142
/* regular interfaces */
143

144
static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
145
{
146
147
148
149
150
	int meshhdrlen;
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);

	meshhdrlen = (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT) ? 5 : 0;

151
152
	/* FIX: what would be proper limits for MTU?
	 * This interface uses 802.3 frames. */
153
	if (new_mtu < 256 ||
154
	    new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6 - meshhdrlen) {
155
156
		return -EINVAL;
	}
157

158
159
160
161
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
	printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
	dev->mtu = new_mtu;
162
163
164
	return 0;
}

165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
static inline int identical_mac_addr_allowed(int type1, int type2)
{
	return (type1 == IEEE80211_IF_TYPE_MNTR ||
		type2 == IEEE80211_IF_TYPE_MNTR ||
		(type1 == IEEE80211_IF_TYPE_AP &&
		 type2 == IEEE80211_IF_TYPE_WDS) ||
		(type1 == IEEE80211_IF_TYPE_WDS &&
		 (type2 == IEEE80211_IF_TYPE_WDS ||
		  type2 == IEEE80211_IF_TYPE_AP)) ||
		(type1 == IEEE80211_IF_TYPE_AP &&
		 type2 == IEEE80211_IF_TYPE_VLAN) ||
		(type1 == IEEE80211_IF_TYPE_VLAN &&
		 (type2 == IEEE80211_IF_TYPE_AP ||
		  type2 == IEEE80211_IF_TYPE_VLAN)));
}
180

181
static int ieee80211_open(struct net_device *dev)
182
{
183
184
	struct ieee80211_sub_if_data *sdata, *nsdata;
	struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
185
	struct sta_info *sta;
186
	struct ieee80211_if_init_conf conf;
187
	u32 changed = 0;
188
	int res;
189
	bool need_hw_reconfig = 0;
190
	u8 null_addr[ETH_ALEN] = {0};
191

192
	sdata = IEEE80211_DEV_TO_SUB_IF(dev);
193

194
195
196
197
198
	/* fail early if user set an invalid address */
	if (compare_ether_addr(dev->dev_addr, null_addr) &&
	    !is_valid_ether_addr(dev->dev_addr))
		return -EADDRNOTAVAIL;

199
200
	/* we hold the RTNL here so can safely walk the list */
	list_for_each_entry(nsdata, &local->interfaces, list) {
201
		struct net_device *ndev = nsdata->dev;
202

203
		if (ndev != dev && netif_running(ndev)) {
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
			/*
			 * Allow only a single IBSS interface to be up at any
			 * time. This is restricted because beacon distribution
			 * cannot work properly if both are in the same IBSS.
			 *
			 * To remove this restriction we'd have to disallow them
			 * from setting the same SSID on different IBSS interfaces
			 * belonging to the same hardware. Then, however, we're
			 * faced with having to adopt two different TSF timers...
			 */
			if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
			    nsdata->vif.type == IEEE80211_IF_TYPE_IBSS)
				return -EBUSY;

			/*
			 * The remaining checks are only performed for interfaces
			 * with the same MAC address.
			 */
			if (compare_ether_addr(dev->dev_addr, ndev->dev_addr))
				continue;

225
226
227
			/*
			 * check whether it may have the same address
			 */
228
229
			if (!identical_mac_addr_allowed(sdata->vif.type,
							nsdata->vif.type))
230
231
232
233
234
				return -ENOTUNIQ;

			/*
			 * can only add VLANs to enabled APs
			 */
235
			if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN &&
236
			    nsdata->vif.type == IEEE80211_IF_TYPE_AP)
237
				sdata->bss = &nsdata->u.ap;
238
239
		}
	}
240

241
	switch (sdata->vif.type) {
242
	case IEEE80211_IF_TYPE_WDS:
243
		if (!is_valid_ether_addr(sdata->u.wds.remote_addr))
244
245
246
			return -ENOLINK;
		break;
	case IEEE80211_IF_TYPE_VLAN:
247
		if (!sdata->bss)
248
			return -ENOLINK;
249
		list_add(&sdata->u.vlan.list, &sdata->bss->vlans);
250
		break;
Johannes Berg's avatar
Johannes Berg committed
251
	case IEEE80211_IF_TYPE_AP:
252
253
		sdata->bss = &sdata->u.ap;
		break;
254
255
256
257
	case IEEE80211_IF_TYPE_MESH_POINT:
		/* mesh ifaces must set allmulti to forward mcast traffic */
		atomic_inc(&local->iff_allmultis);
		break;
Johannes Berg's avatar
Johannes Berg committed
258
259
260
261
262
	case IEEE80211_IF_TYPE_STA:
	case IEEE80211_IF_TYPE_MNTR:
	case IEEE80211_IF_TYPE_IBSS:
		/* no special treatment */
		break;
263
264
265
266
	case IEEE80211_IF_TYPE_INVALID:
		/* cannot happen */
		WARN_ON(1);
		break;
267
	}
268

269
270
	if (local->open_count == 0) {
		res = 0;
271
272
273
		if (local->ops->start)
			res = local->ops->start(local_to_hw(local));
		if (res)
274
			goto err_del_bss;
275
		need_hw_reconfig = 1;
276
		ieee80211_led_radio(local, local->hw.conf.radio_enabled);
277
	}
278

279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
	/*
	 * Check all interfaces and copy the hopefully now-present
	 * MAC address to those that have the special null one.
	 */
	list_for_each_entry(nsdata, &local->interfaces, list) {
		struct net_device *ndev = nsdata->dev;

		/*
		 * No need to check netif_running since we do not allow
		 * it to start up with this invalid address.
		 */
		if (compare_ether_addr(null_addr, ndev->dev_addr) == 0)
			memcpy(ndev->dev_addr,
			       local->hw.wiphy->perm_addr,
			       ETH_ALEN);
	}

	if (compare_ether_addr(null_addr, local->mdev->dev_addr) == 0)
		memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr,
		       ETH_ALEN);

	/*
	 * Validate the MAC address for this device.
	 */
	if (!is_valid_ether_addr(dev->dev_addr)) {
		if (!local->open_count && local->ops->stop)
			local->ops->stop(local_to_hw(local));
		return -EADDRNOTAVAIL;
	}

309
	switch (sdata->vif.type) {
310
311
312
	case IEEE80211_IF_TYPE_VLAN:
		/* no need to tell driver */
		break;
313
	case IEEE80211_IF_TYPE_MNTR:
314
315
316
317
318
		if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) {
			local->cooked_mntrs++;
			break;
		}

319
		/* must be before the call to ieee80211_configure_filter */
320
		local->monitors++;
321
		if (local->monitors == 1)
322
			local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
323
324
325
326
327
328
329
330
331
332

		if (sdata->u.mntr_flags & MONITOR_FLAG_FCSFAIL)
			local->fif_fcsfail++;
		if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL)
			local->fif_plcpfail++;
		if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL)
			local->fif_control++;
		if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
			local->fif_other_bss++;

333
		netif_addr_lock_bh(local->mdev);
334
		ieee80211_configure_filter(local);
335
		netif_addr_unlock_bh(local->mdev);
336
337
338
339
340
341
		break;
	case IEEE80211_IF_TYPE_STA:
	case IEEE80211_IF_TYPE_IBSS:
		sdata->u.sta.flags &= ~IEEE80211_STA_PREV_BSSID_SET;
		/* fall through */
	default:
342
		conf.vif = &sdata->vif;
343
		conf.type = sdata->vif.type;
344
345
346
		conf.mac_addr = dev->dev_addr;
		res = local->ops->add_interface(local_to_hw(local), &conf);
		if (res)
347
			goto err_stop;
348

349
		if (ieee80211_vif_is_mesh(&sdata->vif))
350
351
			ieee80211_start_mesh(sdata);
		changed |= ieee80211_reset_erp_info(sdata);
352
		ieee80211_bss_info_change_notify(sdata, changed);
353
		ieee80211_enable_keys(sdata);
354

355
		if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
356
		    !(sdata->flags & IEEE80211_SDATA_USERSPACE_MLME))
357
358
359
			netif_carrier_off(dev);
		else
			netif_carrier_on(dev);
360
	}
361

362
363
364
365
366
367
368
369
370
	if (sdata->vif.type == IEEE80211_IF_TYPE_WDS) {
		/* Create STA entry for the WDS peer */
		sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
				     GFP_KERNEL);
		if (!sta) {
			res = -ENOMEM;
			goto err_del_interface;
		}

371
		/* no locking required since STA is not live yet */
372
373
374
375
376
377
378
379
380
		sta->flags |= WLAN_STA_AUTHORIZED;

		res = sta_info_insert(sta);
		if (res) {
			/* STA has been freed */
			goto err_del_interface;
		}
	}

381
382
383
	if (local->open_count == 0) {
		res = dev_open(local->mdev);
		WARN_ON(res);
384
385
		if (res)
			goto err_del_interface;
386
387
388
389
		tasklet_enable(&local->tx_pending_tasklet);
		tasklet_enable(&local->tasklet);
	}

390
391
392
393
394
395
396
397
398
399
400
	/*
	 * set_multicast_list will be invoked by the networking core
	 * which will check whether any increments here were done in
	 * error and sync them down to the hardware as filter flags.
	 */
	if (sdata->flags & IEEE80211_SDATA_ALLMULTI)
		atomic_inc(&local->iff_allmultis);

	if (sdata->flags & IEEE80211_SDATA_PROMISC)
		atomic_inc(&local->iff_promiscs);

401
	local->open_count++;
402
403
	if (need_hw_reconfig)
		ieee80211_hw_config(local);
404

405
406
407
408
409
410
	/*
	 * ieee80211_sta_work is disabled while network interface
	 * is down. Therefore, some configuration changes may not
	 * yet be effective. Trigger execution of ieee80211_sta_work
	 * to fix this.
	 */
Johannes Berg's avatar
Johannes Berg committed
411
412
	if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
	    sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
413
414
415
416
		struct ieee80211_if_sta *ifsta = &sdata->u.sta;
		queue_work(local->hw.workqueue, &ifsta->work);
	}

417
	netif_tx_start_all_queues(dev);
418

419
	return 0;
420
421
422
423
424
 err_del_interface:
	local->ops->remove_interface(local_to_hw(local), &conf);
 err_stop:
	if (!local->open_count && local->ops->stop)
		local->ops->stop(local_to_hw(local));
425
426
427
428
 err_del_bss:
	sdata->bss = NULL;
	if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN)
		list_del(&sdata->u.vlan.list);
429
	return res;
430
431
}

432
static int ieee80211_stop(struct net_device *dev)
433
{
434
435
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	struct ieee80211_local *local = sdata->local;
436
	struct ieee80211_if_init_conf conf;
437
	struct sta_info *sta;
438

439
440
441
	/*
	 * Stop TX on this interface first.
	 */
442
	netif_tx_stop_all_queues(dev);
443

444
445
446
	/*
	 * Now delete all active aggregation sessions.
	 */
447
448
449
450
	rcu_read_lock();

	list_for_each_entry_rcu(sta, &local->sta_list, list) {
		if (sta->sdata == sdata)
451
			ieee80211_sta_tear_down_BA_sessions(sdata, sta->addr);
452
453
	}

454
455
	rcu_read_unlock();

456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
	/*
	 * Remove all stations associated with this interface.
	 *
	 * This must be done before calling ops->remove_interface()
	 * because otherwise we can later invoke ops->sta_notify()
	 * whenever the STAs are removed, and that invalidates driver
	 * assumptions about always getting a vif pointer that is valid
	 * (because if we remove a STA after ops->remove_interface()
	 * the driver will have removed the vif info already!)
	 *
	 * We could relax this and only unlink the stations from the
	 * hash table and list but keep them on a per-sdata list that
	 * will be inserted back again when the interface is brought
	 * up again, but I don't currently see a use case for that,
	 * except with WDS which gets a STA entry created when it is
	 * brought up.
	 */
	sta_info_flush(local, sdata);
474

475
476
477
478
479
480
481
482
483
484
485
486
	/*
	 * Don't count this interface for promisc/allmulti while it
	 * is down. dev_mc_unsync() will invoke set_multicast_list
	 * on the master interface which will sync these down to the
	 * hardware as filter flags.
	 */
	if (sdata->flags & IEEE80211_SDATA_ALLMULTI)
		atomic_dec(&local->iff_allmultis);

	if (sdata->flags & IEEE80211_SDATA_PROMISC)
		atomic_dec(&local->iff_promiscs);

487
488
	dev_mc_unsync(local->mdev, dev);

489
	/* APs need special treatment */
490
	if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
491
		struct ieee80211_sub_if_data *vlan, *tmp;
492
		struct beacon_data *old_beacon = sdata->u.ap.beacon;
493

494
495
496
497
498
499
		/* remove beacon */
		rcu_assign_pointer(sdata->u.ap.beacon, NULL);
		synchronize_rcu();
		kfree(old_beacon);

		/* down all dependent devices, that is VLANs */
500
501
502
503
504
505
		list_for_each_entry_safe(vlan, tmp, &sdata->u.ap.vlans,
					 u.vlan.list)
			dev_close(vlan->dev);
		WARN_ON(!list_empty(&sdata->u.ap.vlans));
	}

506
	local->open_count--;
507

508
	switch (sdata->vif.type) {
509
510
511
512
	case IEEE80211_IF_TYPE_VLAN:
		list_del(&sdata->u.vlan.list);
		/* no need to tell driver */
		break;
513
	case IEEE80211_IF_TYPE_MNTR:
514
515
516
517
518
		if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) {
			local->cooked_mntrs--;
			break;
		}

519
		local->monitors--;
520
		if (local->monitors == 0)
521
			local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
522
523
524
525
526
527
528
529
530
531

		if (sdata->u.mntr_flags & MONITOR_FLAG_FCSFAIL)
			local->fif_fcsfail--;
		if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL)
			local->fif_plcpfail--;
		if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL)
			local->fif_control--;
		if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS)
			local->fif_other_bss--;

532
		netif_addr_lock_bh(local->mdev);
533
		ieee80211_configure_filter(local);
534
		netif_addr_unlock_bh(local->mdev);
535
		break;
536
	case IEEE80211_IF_TYPE_MESH_POINT:
537
538
539
		/* allmulti is always set on mesh ifaces */
		atomic_dec(&local->iff_allmultis);
		/* fall through */
540
541
542
	case IEEE80211_IF_TYPE_STA:
	case IEEE80211_IF_TYPE_IBSS:
		sdata->u.sta.state = IEEE80211_DISABLED;
543
		memset(sdata->u.sta.bssid, 0, ETH_ALEN);
544
		del_timer_sync(&sdata->u.sta.timer);
545
		/*
546
547
548
549
		 * When we get here, the interface is marked down.
		 * Call synchronize_rcu() to wait for the RX path
		 * should it be using the interface and enqueuing
		 * frames at this very time on another CPU.
550
		 */
551
		synchronize_rcu();
552
		skb_queue_purge(&sdata->u.sta.skb_queue);
553

Zhu Yi's avatar
Zhu Yi committed
554
555
556
557
558
559
		if (local->scan_dev == sdata->dev) {
			if (!local->ops->hw_scan) {
				local->sta_sw_scanning = 0;
				cancel_delayed_work(&local->scan_work);
			} else
				local->sta_hw_scanning = 0;
560
		}
Zhu Yi's avatar
Zhu Yi committed
561

562
563
564
565
		sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED;
		kfree(sdata->u.sta.extra_ie);
		sdata->u.sta.extra_ie = NULL;
		sdata->u.sta.extra_ie_len = 0;
566
567
		/* fall through */
	default:
568
		conf.vif = &sdata->vif;
569
		conf.type = sdata->vif.type;
570
		conf.mac_addr = dev->dev_addr;
571
572
		/* disable all keys for as long as this netdev is down */
		ieee80211_disable_keys(sdata);
573
		local->ops->remove_interface(local_to_hw(local), &conf);
574
575
	}

576
577
	sdata->bss = NULL;

578
579
580
	if (local->open_count == 0) {
		if (netif_running(local->mdev))
			dev_close(local->mdev);
581

582
583
		if (local->ops->stop)
			local->ops->stop(local_to_hw(local));
584

585
586
		ieee80211_led_radio(local, 0);

587
588
		flush_workqueue(local->hw.workqueue);

589
590
591
592
		tasklet_disable(&local->tx_pending_tasklet);
		tasklet_disable(&local->tasklet);
	}

593
594
595
	return 0;
}

596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
{
	struct ieee80211_local *local = hw_to_local(hw);
	struct sta_info *sta;
	struct ieee80211_sub_if_data *sdata;
	u16 start_seq_num = 0;
	u8 *state;
	int ret;
	DECLARE_MAC_BUF(mac);

	if (tid >= STA_TID_NUM)
		return -EINVAL;

#ifdef CONFIG_MAC80211_HT_DEBUG
	printk(KERN_DEBUG "Open BA session requested for %s tid %u\n",
				print_mac(mac, ra), tid);
#endif /* CONFIG_MAC80211_HT_DEBUG */

614
615
	rcu_read_lock();

616
617
	sta = sta_info_get(local, ra);
	if (!sta) {
618
#ifdef CONFIG_MAC80211_HT_DEBUG
619
		printk(KERN_DEBUG "Could not find the station\n");
620
#endif
621
622
		ret = -ENOENT;
		goto exit;
623
624
	}

625
	spin_lock_bh(&sta->lock);
626
627

	/* we have tried too many times, receiver does not want A-MPDU */
628
	if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
629
		ret = -EBUSY;
630
		goto err_unlock_sta;
631
632
	}

633
	state = &sta->ampdu_mlme.tid_state_tx[tid];
634
635
636
637
638
639
640
	/* check if the TID is not in aggregation flow already */
	if (*state != HT_AGG_STATE_IDLE) {
#ifdef CONFIG_MAC80211_HT_DEBUG
		printk(KERN_DEBUG "BA request denied - session is not "
				 "idle on tid %u\n", tid);
#endif /* CONFIG_MAC80211_HT_DEBUG */
		ret = -EAGAIN;
641
		goto err_unlock_sta;
642
643
	}

644
645
646
647
	/* prepare A-MPDU MLME for Tx aggregation */
	sta->ampdu_mlme.tid_tx[tid] =
			kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
	if (!sta->ampdu_mlme.tid_tx[tid]) {
648
#ifdef CONFIG_MAC80211_HT_DEBUG
649
650
651
		if (net_ratelimit())
			printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
					tid);
652
#endif
653
		ret = -ENOMEM;
654
		goto err_unlock_sta;
655
656
657
658
659
660
661
662
	}
	/* Tx timer */
	sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
			sta_addba_resp_timer_expired;
	sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
			(unsigned long)&sta->timer_to_tid[tid];
	init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);

663
	/* create a new queue for this aggregation */
664
	ret = ieee80211_ht_agg_queue_add(local, sta, tid);
665
666
667
668
669

	/* case no queue is available to aggregation
	 * don't switch to aggregation */
	if (ret) {
#ifdef CONFIG_MAC80211_HT_DEBUG
670
		printk(KERN_DEBUG "BA request denied - queue unavailable for"
671
672
					" tid %d\n", tid);
#endif /* CONFIG_MAC80211_HT_DEBUG */
673
		goto err_unlock_queue;
674
	}
675
	sdata = sta->sdata;
676
677
678
679
680
681
682
683
684
685
686
687
688

	/* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
	 * call back right away, it must see that the flow has begun */
	*state |= HT_ADDBA_REQUESTED_MSK;

	if (local->ops->ampdu_action)
		ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
						ra, tid, &start_seq_num);

	if (ret) {
		/* No need to requeue the packets in the agg queue, since we
		 * held the tx lock: no packet could be enqueued to the newly
		 * allocated queue */
689
		ieee80211_ht_agg_queue_remove(local, sta, tid, 0);
690
#ifdef CONFIG_MAC80211_HT_DEBUG
691
692
		printk(KERN_DEBUG "BA request denied - HW unavailable for"
					" tid %d\n", tid);
693
694
#endif /* CONFIG_MAC80211_HT_DEBUG */
		*state = HT_AGG_STATE_IDLE;
695
		goto err_unlock_queue;
696
697
698
	}

	/* Will put all the packets in the new SW queue */
699
	ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
700
	spin_unlock_bh(&sta->lock);
701
702
703

	/* send an addBA request */
	sta->ampdu_mlme.dialog_token_allocator++;
704
	sta->ampdu_mlme.tid_tx[tid]->dialog_token =
705
			sta->ampdu_mlme.dialog_token_allocator;
706
	sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
707

708

709
	ieee80211_send_addba_request(sta->sdata, ra, tid,
710
711
			 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
			 sta->ampdu_mlme.tid_tx[tid]->ssn,
712
713
			 0x40, 5000);
	/* activate the timer for the recipient's addBA response */
714
	sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
715
				jiffies + ADDBA_RESP_INTERVAL;
716
	add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
717
#ifdef CONFIG_MAC80211_HT_DEBUG
718
	printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
719
#endif
720
	goto exit;
721

722
err_unlock_queue:
723
724
725
	kfree(sta->ampdu_mlme.tid_tx[tid]);
	sta->ampdu_mlme.tid_tx[tid] = NULL;
	ret = -EBUSY;
726
err_unlock_sta:
727
	spin_unlock_bh(&sta->lock);
728
exit:
729
	rcu_read_unlock();
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
	return ret;
}
EXPORT_SYMBOL(ieee80211_start_tx_ba_session);

int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
				 u8 *ra, u16 tid,
				 enum ieee80211_back_parties initiator)
{
	struct ieee80211_local *local = hw_to_local(hw);
	struct sta_info *sta;
	u8 *state;
	int ret = 0;
	DECLARE_MAC_BUF(mac);

	if (tid >= STA_TID_NUM)
		return -EINVAL;

747
	rcu_read_lock();
748
	sta = sta_info_get(local, ra);
749
750
	if (!sta) {
		rcu_read_unlock();
751
		return -ENOENT;
752
	}
753
754

	/* check if the TID is in aggregation */
755
	state = &sta->ampdu_mlme.tid_state_tx[tid];
756
	spin_lock_bh(&sta->lock);
757
758
759
760
761
762

	if (*state != HT_AGG_STATE_OPERATIONAL) {
		ret = -ENOENT;
		goto stop_BA_exit;
	}

763
764
765
766
767
#ifdef CONFIG_MAC80211_HT_DEBUG
	printk(KERN_DEBUG "Tx BA session stop requested for %s tid %u\n",
				print_mac(mac, ra), tid);
#endif /* CONFIG_MAC80211_HT_DEBUG */

768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
	ieee80211_stop_queue(hw, sta->tid_to_tx_q[tid]);

	*state = HT_AGG_STATE_REQ_STOP_BA_MSK |
		(initiator << HT_AGG_STATE_INITIATOR_SHIFT);

	if (local->ops->ampdu_action)
		ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_STOP,
						ra, tid, NULL);

	/* case HW denied going back to legacy */
	if (ret) {
		WARN_ON(ret != -EBUSY);
		*state = HT_AGG_STATE_OPERATIONAL;
		ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
		goto stop_BA_exit;
	}

stop_BA_exit:
786
	spin_unlock_bh(&sta->lock);
787
	rcu_read_unlock();
788
789
790
791
792
793
794
795
796
797
798
799
	return ret;
}
EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);

void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
{
	struct ieee80211_local *local = hw_to_local(hw);
	struct sta_info *sta;
	u8 *state;
	DECLARE_MAC_BUF(mac);

	if (tid >= STA_TID_NUM) {
800
#ifdef CONFIG_MAC80211_HT_DEBUG
801
802
		printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
				tid, STA_TID_NUM);
803
#endif
804
805
806
		return;
	}

807
	rcu_read_lock();
808
809
	sta = sta_info_get(local, ra);
	if (!sta) {
810
		rcu_read_unlock();
811
#ifdef CONFIG_MAC80211_HT_DEBUG
812
813
		printk(KERN_DEBUG "Could not find station: %s\n",
				print_mac(mac, ra));
814
#endif
815
816
817
		return;
	}

818
	state = &sta->ampdu_mlme.tid_state_tx[tid];
819
	spin_lock_bh(&sta->lock);
820
821

	if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
822
#ifdef CONFIG_MAC80211_HT_DEBUG
823
824
		printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
				*state);
825
#endif
826
		spin_unlock_bh(&sta->lock);
827
		rcu_read_unlock();
828
829
830
831
832
833
834
835
		return;
	}

	WARN_ON_ONCE(*state & HT_ADDBA_DRV_READY_MSK);

	*state |= HT_ADDBA_DRV_READY_MSK;

	if (*state == HT_AGG_STATE_OPERATIONAL) {
836
#ifdef CONFIG_MAC80211_HT_DEBUG
837
		printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
838
#endif
839
840
		ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
	}
841
	spin_unlock_bh(&sta->lock);
842
	rcu_read_unlock();
843
844
845
846
847
848
849
850
851
852
853
854
}
EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);

void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
{
	struct ieee80211_local *local = hw_to_local(hw);
	struct sta_info *sta;
	u8 *state;
	int agg_queue;
	DECLARE_MAC_BUF(mac);

	if (tid >= STA_TID_NUM) {
855
#ifdef CONFIG_MAC80211_HT_DEBUG
856
857
		printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
				tid, STA_TID_NUM);
858
#endif
859
860
861
		return;
	}

862
863
#ifdef CONFIG_MAC80211_HT_DEBUG
	printk(KERN_DEBUG "Stopping Tx BA session for %s tid %d\n",
864
				print_mac(mac, ra), tid);
865
#endif /* CONFIG_MAC80211_HT_DEBUG */
866

867
	rcu_read_lock();
868
869
	sta = sta_info_get(local, ra);
	if (!sta) {
870
#ifdef CONFIG_MAC80211_HT_DEBUG
871
872
		printk(KERN_DEBUG "Could not find station: %s\n",
				print_mac(mac, ra));
873
#endif
874
		rcu_read_unlock();
875
876
		return;
	}
877
	state = &sta->ampdu_mlme.tid_state_tx[tid];
878

879
	/* NOTE: no need to use sta->lock in this state check, as
880
881
882
	 * ieee80211_stop_tx_ba_session will let only one stop call to
	 * pass through per sta/tid
	 */
883
	if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
884
#ifdef CONFIG_MAC80211_HT_DEBUG
885
		printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
886
#endif
887
		rcu_read_unlock();
888
889
890
891
		return;
	}

	if (*state & HT_AGG_STATE_INITIATOR_MSK)
892
		ieee80211_send_delba(sta->sdata, ra, tid,
893
894
895
896
			WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);

	agg_queue = sta->tid_to_tx_q[tid];

897
	ieee80211_ht_agg_queue_remove(local, sta, tid, 1);
898

899
900
901
902
903
904
	/* We just requeued the all the frames that were in the
	 * removed queue, and since we might miss a softirq we do
	 * netif_schedule_queue.  ieee80211_wake_queue is not used
	 * here as this queue is not necessarily stopped
	 */
	netif_schedule_queue(netdev_get_tx_queue(local->mdev, agg_queue));
905
	spin_lock_bh(&sta->lock);
906
	*state = HT_AGG_STATE_IDLE;
907
908
909
	sta->ampdu_mlme.addba_req_num[tid] = 0;
	kfree(sta->ampdu_mlme.tid_tx[tid]);
	sta->ampdu_mlme.tid_tx[tid] = NULL;
910
	spin_unlock_bh(&sta->lock);
911

912
	rcu_read_unlock();
913
914
915
916
917
918
919
920
921
922
923
}
EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);

void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
				      const u8 *ra, u16 tid)
{
	struct ieee80211_local *local = hw_to_local(hw);
	struct ieee80211_ra_tid *ra_tid;
	struct sk_buff *skb = dev_alloc_skb(0);

	if (unlikely(!skb)) {
924
#ifdef CONFIG_MAC80211_HT_DEBUG
925
926
927
		if (net_ratelimit())
			printk(KERN_WARNING "%s: Not enough memory, "
			       "dropping start BA session", skb->dev->name);
928
#endif
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
		return;
	}
	ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
	memcpy(&ra_tid->ra, ra, ETH_ALEN);
	ra_tid->tid = tid;

	skb->pkt_type = IEEE80211_ADDBA_MSG;
	skb_queue_tail(&local->skb_queue, skb);
	tasklet_schedule(&local->tasklet);
}
EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);

void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
				     const u8 *ra, u16 tid)
{
	struct ieee80211_local *local = hw_to_local(hw);
	struct ieee80211_ra_tid *ra_tid;
	struct sk_buff *skb = dev_alloc_skb(0);

	if (unlikely(!skb)) {
949
#ifdef CONFIG_MAC80211_HT_DEBUG
950
951
952
		if (net_ratelimit())
			printk(KERN_WARNING "%s: Not enough memory, "
			       "dropping stop BA session", skb->dev->name);
953
#endif
954
955
956
957
958
959
960
961
962
963
964
965
		return;
	}
	ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
	memcpy(&ra_tid->ra, ra, ETH_ALEN);
	ra_tid->tid = tid;

	skb->pkt_type = IEEE80211_DELBA_MSG;
	skb_queue_tail(&local->skb_queue, skb);
	tasklet_schedule(&local->tasklet);
}
EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);

966
967
968
969
static void ieee80211_set_multicast_list(struct net_device *dev)
{
	struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
970
	int allmulti, promisc, sdata_allmulti, sdata_promisc;
971

972
973
	allmulti = !!(dev->flags & IFF_ALLMULTI);
	promisc = !!(dev->flags & IFF_PROMISC);
974
975
	sdata_allmulti = !!(sdata->flags & IEEE80211_SDATA_ALLMULTI);
	sdata_promisc = !!(sdata->flags & IEEE80211_SDATA_PROMISC);
976
977
978

	if (allmulti != sdata_allmulti) {
		if (dev->flags & IFF_ALLMULTI)
979
			atomic_inc(&local->iff_allmultis);
980
		else
981
			atomic_dec(&local->iff_allmultis);
982
		sdata->flags ^= IEEE80211_SDATA_ALLMULTI;
983
	}
984
985
986

	if (promisc != sdata_promisc) {
		if (dev->flags & IFF_PROMISC)
987
			atomic_inc(&local->iff_promiscs);
988
		else
989
			atomic_dec(&local->iff_promiscs);
990
		sdata->flags ^= IEEE80211_SDATA_PROMISC;
991
	}
992
993

	dev_mc_sync(local->mdev, dev);
994
995
}

996
997
998
999
1000
1001
1002
1003
static const struct header_ops ieee80211_header_ops = {
	.create		= eth_header,
	.parse		= header_parse_80211,
	.rebuild	= eth_rebuild_header,
	.cache		= eth_header_cache,
	.cache_update	= eth_header_cache_update,
};

1004
void ieee80211_if_setup(struct net_device *dev)
1005
{
1006
1007
1008
1009
1010
1011
1012
	ether_setup(dev);
	dev->hard_start_xmit = ieee80211_subif_start_xmit;
	dev->wireless_handlers = &ieee80211_iw_handler_def;
	dev->set_multicast_list = ieee80211_set_multicast_list;
	dev->change_mtu = ieee80211_change_mtu;
	dev->open = ieee80211_open;
	dev->stop = ieee80211_stop;
1013
	dev->destructor = free_netdev;
1014
1015
	/* we will validate the address ourselves in ->open */
	dev->validate_addr = NULL;
1016
}
1017

1018
1019
/* everything else */

1020
int ieee80211_if_config(struct ieee80211_sub_if_data *sdata, u32 changed)
1021
{
1022
	struct ieee80211_local *local = sdata->local;
1023
1024
	struct ieee80211_if_conf conf;

1025
1026
1027
1028
	if (WARN_ON(!netif_running(sdata->dev)))
		return 0;

	if (!local->ops->config_interface)
1029
1030
		return 0;

1031
	memset(&conf, 0, sizeof(conf));
1032
1033
	conf.changed = changed;

1034
1035
	if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
	    sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
1036
		conf.bssid = sdata->u.sta.bssid;
1037
1038
		conf.ssid = sdata->u.sta.ssid;
		conf.ssid_len = sdata->u.sta.ssid_len;
1039
	} else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
1040
		conf.bssid = sdata->dev->dev_addr;
1041
1042
		conf.ssid = sdata->u.ap.ssid;
		conf.ssid_len = sdata->u.ap.ssid_len;
1043
1044
1045
1046
1047
1048
1049
1050
	} else if (ieee80211_vif_is_mesh(&sdata->vif)) {
		u8 zero[ETH_ALEN] = { 0 };
		conf.bssid = zero;
		conf.ssid = zero;
		conf.ssid_len = 0;
	} else {
		WARN_ON(1);
		return -EINVAL;
1051
1052
	}

1053
1054
	if (WARN_ON(!conf.bssid && (changed & IEEE80211_IFCC_BSSID)))
		return -EINVAL;
1055

1056
1057
	if (WARN_ON(!conf.ssid && (changed & IEEE80211_IFCC_SSID)))
		return -EINVAL;
1058

1059
1060
	return local->ops->config_interface(local_to_hw(local),
					    &sdata->vif, &conf);
1061
}
1062

1063
1064
1065
1066
int ieee80211_hw_config(struct ieee80211_local *local)
{
	struct ieee80211_channel *chan;
	int ret = 0;