1 /* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 2 as 8 * published by the Free Software Foundation. 9 */ 10 11 #include <net/mac80211.h> 12 #include <net/ieee80211_radiotap.h> 13 #include <linux/module.h> 14 #include <linux/init.h> 15 #include <linux/netdevice.h> 16 #include <linux/types.h> 17 #include <linux/slab.h> 18 #include <linux/skbuff.h> 19 #include <linux/etherdevice.h> 20 #include <linux/if_arp.h> 21 #include <linux/wireless.h> 22 #include <linux/rtnetlink.h> 23 #include <linux/bitmap.h> 24 #include <net/net_namespace.h> 25 #include <net/cfg80211.h> 26 27 #include "ieee80211_i.h" 28 #include "rate.h" 29 #include "mesh.h" 30 #include "wep.h" 31 #include "wme.h" 32 #include "aes_ccm.h" 33 #include "led.h" 34 #include "cfg.h" 35 #include "debugfs.h" 36 #include "debugfs_netdev.h" 37 38 #define SUPP_MCS_SET_LEN 16 39 40 /* 41 * For seeing transmitted packets on monitor interfaces 42 * we have a radiotap header too. 43 */ 44 struct ieee80211_tx_status_rtap_hdr { 45 struct ieee80211_radiotap_header hdr; 46 __le16 tx_flags; 47 u8 data_retries; 48 } __attribute__ ((packed)); 49 50 /* common interface routines */ 51 52 static int header_parse_80211(const struct sk_buff *skb, unsigned char *haddr) 53 { 54 memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */ 55 return ETH_ALEN; 56 } 57 58 /* must be called under mdev tx lock */ 59 static void ieee80211_configure_filter(struct ieee80211_local *local) 60 { 61 unsigned int changed_flags; 62 unsigned int new_flags = 0; 63 64 if (atomic_read(&local->iff_promiscs)) 65 new_flags |= FIF_PROMISC_IN_BSS; 66 67 if (atomic_read(&local->iff_allmultis)) 68 new_flags |= FIF_ALLMULTI; 69 70 if (local->monitors) 71 new_flags |= FIF_BCN_PRBRESP_PROMISC; 72 73 if (local->fif_fcsfail) 74 new_flags |= FIF_FCSFAIL; 75 76 if (local->fif_plcpfail) 77 new_flags |= FIF_PLCPFAIL; 78 79 if (local->fif_control) 80 new_flags |= FIF_CONTROL; 81 82 if (local->fif_other_bss) 83 new_flags |= FIF_OTHER_BSS; 84 85 changed_flags = local->filter_flags ^ new_flags; 86 87 /* be a bit nasty */ 88 new_flags |= (1<<31); 89 90 local->ops->configure_filter(local_to_hw(local), 91 changed_flags, &new_flags, 92 local->mdev->mc_count, 93 local->mdev->mc_list); 94 95 WARN_ON(new_flags & (1<<31)); 96 97 local->filter_flags = new_flags & ~(1<<31); 98 } 99 100 /* master interface */ 101 102 static int ieee80211_master_open(struct net_device *dev) 103 { 104 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 105 struct ieee80211_sub_if_data *sdata; 106 int res = -EOPNOTSUPP; 107 108 /* we hold the RTNL here so can safely walk the list */ 109 list_for_each_entry(sdata, &local->interfaces, list) { 110 if (sdata->dev != dev && netif_running(sdata->dev)) { 111 res = 0; 112 break; 113 } 114 } 115 return res; 116 } 117 118 static int ieee80211_master_stop(struct net_device *dev) 119 { 120 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 121 struct ieee80211_sub_if_data *sdata; 122 123 /* we hold the RTNL here so can safely walk the list */ 124 list_for_each_entry(sdata, &local->interfaces, list) 125 if (sdata->dev != dev && netif_running(sdata->dev)) 126 dev_close(sdata->dev); 127 128 return 0; 129 } 130 131 static void ieee80211_master_set_multicast_list(struct net_device *dev) 132 { 133 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 134 135 ieee80211_configure_filter(local); 136 } 137 138 /* regular interfaces */ 139 140 static int ieee80211_change_mtu(struct net_device *dev, int new_mtu) 141 { 142 int meshhdrlen; 143 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 144 145 meshhdrlen = (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT) ? 5 : 0; 146 147 /* FIX: what would be proper limits for MTU? 148 * This interface uses 802.3 frames. */ 149 if (new_mtu < 256 || 150 new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6 - meshhdrlen) { 151 printk(KERN_WARNING "%s: invalid MTU %d\n", 152 dev->name, new_mtu); 153 return -EINVAL; 154 } 155 156 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 157 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu); 158 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 159 dev->mtu = new_mtu; 160 return 0; 161 } 162 163 static inline int identical_mac_addr_allowed(int type1, int type2) 164 { 165 return (type1 == IEEE80211_IF_TYPE_MNTR || 166 type2 == IEEE80211_IF_TYPE_MNTR || 167 (type1 == IEEE80211_IF_TYPE_AP && 168 type2 == IEEE80211_IF_TYPE_WDS) || 169 (type1 == IEEE80211_IF_TYPE_WDS && 170 (type2 == IEEE80211_IF_TYPE_WDS || 171 type2 == IEEE80211_IF_TYPE_AP)) || 172 (type1 == IEEE80211_IF_TYPE_AP && 173 type2 == IEEE80211_IF_TYPE_VLAN) || 174 (type1 == IEEE80211_IF_TYPE_VLAN && 175 (type2 == IEEE80211_IF_TYPE_AP || 176 type2 == IEEE80211_IF_TYPE_VLAN))); 177 } 178 179 static int ieee80211_open(struct net_device *dev) 180 { 181 struct ieee80211_sub_if_data *sdata, *nsdata; 182 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 183 struct ieee80211_if_init_conf conf; 184 int res; 185 bool need_hw_reconfig = 0; 186 struct sta_info *sta; 187 188 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 189 190 /* we hold the RTNL here so can safely walk the list */ 191 list_for_each_entry(nsdata, &local->interfaces, list) { 192 struct net_device *ndev = nsdata->dev; 193 194 if (ndev != dev && ndev != local->mdev && netif_running(ndev)) { 195 /* 196 * Allow only a single IBSS interface to be up at any 197 * time. This is restricted because beacon distribution 198 * cannot work properly if both are in the same IBSS. 199 * 200 * To remove this restriction we'd have to disallow them 201 * from setting the same SSID on different IBSS interfaces 202 * belonging to the same hardware. Then, however, we're 203 * faced with having to adopt two different TSF timers... 204 */ 205 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && 206 nsdata->vif.type == IEEE80211_IF_TYPE_IBSS) 207 return -EBUSY; 208 209 /* 210 * Disallow multiple IBSS/STA mode interfaces. 211 * 212 * This is a technical restriction, it is possible although 213 * most likely not IEEE 802.11 compliant to have multiple 214 * STAs with just a single hardware (the TSF timer will not 215 * be adjusted properly.) 216 * 217 * However, because mac80211 uses the master device's BSS 218 * information for each STA/IBSS interface, doing this will 219 * currently corrupt that BSS information completely, unless, 220 * a not very useful case, both STAs are associated to the 221 * same BSS. 222 * 223 * To remove this restriction, the BSS information needs to 224 * be embedded in the STA/IBSS mode sdata instead of using 225 * the master device's BSS structure. 226 */ 227 if ((sdata->vif.type == IEEE80211_IF_TYPE_STA || 228 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) && 229 (nsdata->vif.type == IEEE80211_IF_TYPE_STA || 230 nsdata->vif.type == IEEE80211_IF_TYPE_IBSS)) 231 return -EBUSY; 232 233 /* 234 * The remaining checks are only performed for interfaces 235 * with the same MAC address. 236 */ 237 if (compare_ether_addr(dev->dev_addr, ndev->dev_addr)) 238 continue; 239 240 /* 241 * check whether it may have the same address 242 */ 243 if (!identical_mac_addr_allowed(sdata->vif.type, 244 nsdata->vif.type)) 245 return -ENOTUNIQ; 246 247 /* 248 * can only add VLANs to enabled APs 249 */ 250 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN && 251 nsdata->vif.type == IEEE80211_IF_TYPE_AP) 252 sdata->u.vlan.ap = nsdata; 253 } 254 } 255 256 switch (sdata->vif.type) { 257 case IEEE80211_IF_TYPE_WDS: 258 if (!is_valid_ether_addr(sdata->u.wds.remote_addr)) 259 return -ENOLINK; 260 break; 261 case IEEE80211_IF_TYPE_VLAN: 262 if (!sdata->u.vlan.ap) 263 return -ENOLINK; 264 break; 265 case IEEE80211_IF_TYPE_AP: 266 case IEEE80211_IF_TYPE_STA: 267 case IEEE80211_IF_TYPE_MNTR: 268 case IEEE80211_IF_TYPE_IBSS: 269 case IEEE80211_IF_TYPE_MESH_POINT: 270 /* no special treatment */ 271 break; 272 case IEEE80211_IF_TYPE_INVALID: 273 /* cannot happen */ 274 WARN_ON(1); 275 break; 276 } 277 278 if (local->open_count == 0) { 279 res = 0; 280 if (local->ops->start) 281 res = local->ops->start(local_to_hw(local)); 282 if (res) 283 return res; 284 need_hw_reconfig = 1; 285 ieee80211_led_radio(local, local->hw.conf.radio_enabled); 286 } 287 288 switch (sdata->vif.type) { 289 case IEEE80211_IF_TYPE_VLAN: 290 list_add(&sdata->u.vlan.list, &sdata->u.vlan.ap->u.ap.vlans); 291 /* no need to tell driver */ 292 break; 293 case IEEE80211_IF_TYPE_MNTR: 294 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) { 295 local->cooked_mntrs++; 296 break; 297 } 298 299 /* must be before the call to ieee80211_configure_filter */ 300 local->monitors++; 301 if (local->monitors == 1) 302 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP; 303 304 if (sdata->u.mntr_flags & MONITOR_FLAG_FCSFAIL) 305 local->fif_fcsfail++; 306 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL) 307 local->fif_plcpfail++; 308 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL) 309 local->fif_control++; 310 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS) 311 local->fif_other_bss++; 312 313 netif_tx_lock_bh(local->mdev); 314 ieee80211_configure_filter(local); 315 netif_tx_unlock_bh(local->mdev); 316 break; 317 case IEEE80211_IF_TYPE_STA: 318 case IEEE80211_IF_TYPE_IBSS: 319 sdata->u.sta.flags &= ~IEEE80211_STA_PREV_BSSID_SET; 320 /* fall through */ 321 default: 322 conf.vif = &sdata->vif; 323 conf.type = sdata->vif.type; 324 conf.mac_addr = dev->dev_addr; 325 res = local->ops->add_interface(local_to_hw(local), &conf); 326 if (res) 327 goto err_stop; 328 329 ieee80211_if_config(dev); 330 ieee80211_reset_erp_info(dev); 331 ieee80211_enable_keys(sdata); 332 333 if (sdata->vif.type == IEEE80211_IF_TYPE_STA && 334 !(sdata->flags & IEEE80211_SDATA_USERSPACE_MLME)) 335 netif_carrier_off(dev); 336 else 337 netif_carrier_on(dev); 338 } 339 340 if (sdata->vif.type == IEEE80211_IF_TYPE_WDS) { 341 /* Create STA entry for the WDS peer */ 342 sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr, 343 GFP_KERNEL); 344 if (!sta) { 345 res = -ENOMEM; 346 goto err_del_interface; 347 } 348 349 sta->flags |= WLAN_STA_AUTHORIZED; 350 351 res = sta_info_insert(sta); 352 if (res) { 353 /* STA has been freed */ 354 goto err_del_interface; 355 } 356 } 357 358 if (local->open_count == 0) { 359 res = dev_open(local->mdev); 360 WARN_ON(res); 361 if (res) 362 goto err_del_interface; 363 tasklet_enable(&local->tx_pending_tasklet); 364 tasklet_enable(&local->tasklet); 365 } 366 367 /* 368 * set_multicast_list will be invoked by the networking core 369 * which will check whether any increments here were done in 370 * error and sync them down to the hardware as filter flags. 371 */ 372 if (sdata->flags & IEEE80211_SDATA_ALLMULTI) 373 atomic_inc(&local->iff_allmultis); 374 375 if (sdata->flags & IEEE80211_SDATA_PROMISC) 376 atomic_inc(&local->iff_promiscs); 377 378 local->open_count++; 379 if (need_hw_reconfig) 380 ieee80211_hw_config(local); 381 382 /* 383 * ieee80211_sta_work is disabled while network interface 384 * is down. Therefore, some configuration changes may not 385 * yet be effective. Trigger execution of ieee80211_sta_work 386 * to fix this. 387 */ 388 if(sdata->vif.type == IEEE80211_IF_TYPE_STA || 389 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) { 390 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 391 queue_work(local->hw.workqueue, &ifsta->work); 392 } 393 394 netif_start_queue(dev); 395 396 return 0; 397 err_del_interface: 398 local->ops->remove_interface(local_to_hw(local), &conf); 399 err_stop: 400 if (!local->open_count && local->ops->stop) 401 local->ops->stop(local_to_hw(local)); 402 return res; 403 } 404 405 static int ieee80211_stop(struct net_device *dev) 406 { 407 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 408 struct ieee80211_local *local = sdata->local; 409 struct ieee80211_if_init_conf conf; 410 struct sta_info *sta; 411 412 /* 413 * Stop TX on this interface first. 414 */ 415 netif_stop_queue(dev); 416 417 /* 418 * Now delete all active aggregation sessions. 419 */ 420 rcu_read_lock(); 421 422 list_for_each_entry_rcu(sta, &local->sta_list, list) { 423 if (sta->sdata == sdata) 424 ieee80211_sta_tear_down_BA_sessions(dev, sta->addr); 425 } 426 427 rcu_read_unlock(); 428 429 /* 430 * Remove all stations associated with this interface. 431 * 432 * This must be done before calling ops->remove_interface() 433 * because otherwise we can later invoke ops->sta_notify() 434 * whenever the STAs are removed, and that invalidates driver 435 * assumptions about always getting a vif pointer that is valid 436 * (because if we remove a STA after ops->remove_interface() 437 * the driver will have removed the vif info already!) 438 * 439 * We could relax this and only unlink the stations from the 440 * hash table and list but keep them on a per-sdata list that 441 * will be inserted back again when the interface is brought 442 * up again, but I don't currently see a use case for that, 443 * except with WDS which gets a STA entry created when it is 444 * brought up. 445 */ 446 sta_info_flush(local, sdata); 447 448 /* 449 * Don't count this interface for promisc/allmulti while it 450 * is down. dev_mc_unsync() will invoke set_multicast_list 451 * on the master interface which will sync these down to the 452 * hardware as filter flags. 453 */ 454 if (sdata->flags & IEEE80211_SDATA_ALLMULTI) 455 atomic_dec(&local->iff_allmultis); 456 457 if (sdata->flags & IEEE80211_SDATA_PROMISC) 458 atomic_dec(&local->iff_promiscs); 459 460 dev_mc_unsync(local->mdev, dev); 461 462 /* APs need special treatment */ 463 if (sdata->vif.type == IEEE80211_IF_TYPE_AP) { 464 struct ieee80211_sub_if_data *vlan, *tmp; 465 struct beacon_data *old_beacon = sdata->u.ap.beacon; 466 467 /* remove beacon */ 468 rcu_assign_pointer(sdata->u.ap.beacon, NULL); 469 synchronize_rcu(); 470 kfree(old_beacon); 471 472 /* down all dependent devices, that is VLANs */ 473 list_for_each_entry_safe(vlan, tmp, &sdata->u.ap.vlans, 474 u.vlan.list) 475 dev_close(vlan->dev); 476 WARN_ON(!list_empty(&sdata->u.ap.vlans)); 477 } 478 479 local->open_count--; 480 481 switch (sdata->vif.type) { 482 case IEEE80211_IF_TYPE_VLAN: 483 list_del(&sdata->u.vlan.list); 484 sdata->u.vlan.ap = NULL; 485 /* no need to tell driver */ 486 break; 487 case IEEE80211_IF_TYPE_MNTR: 488 if (sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) { 489 local->cooked_mntrs--; 490 break; 491 } 492 493 local->monitors--; 494 if (local->monitors == 0) 495 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP; 496 497 if (sdata->u.mntr_flags & MONITOR_FLAG_FCSFAIL) 498 local->fif_fcsfail--; 499 if (sdata->u.mntr_flags & MONITOR_FLAG_PLCPFAIL) 500 local->fif_plcpfail--; 501 if (sdata->u.mntr_flags & MONITOR_FLAG_CONTROL) 502 local->fif_control--; 503 if (sdata->u.mntr_flags & MONITOR_FLAG_OTHER_BSS) 504 local->fif_other_bss--; 505 506 netif_tx_lock_bh(local->mdev); 507 ieee80211_configure_filter(local); 508 netif_tx_unlock_bh(local->mdev); 509 break; 510 case IEEE80211_IF_TYPE_MESH_POINT: 511 case IEEE80211_IF_TYPE_STA: 512 case IEEE80211_IF_TYPE_IBSS: 513 sdata->u.sta.state = IEEE80211_DISABLED; 514 del_timer_sync(&sdata->u.sta.timer); 515 /* 516 * When we get here, the interface is marked down. 517 * Call synchronize_rcu() to wait for the RX path 518 * should it be using the interface and enqueuing 519 * frames at this very time on another CPU. 520 */ 521 synchronize_rcu(); 522 skb_queue_purge(&sdata->u.sta.skb_queue); 523 524 if (local->scan_dev == sdata->dev) { 525 if (!local->ops->hw_scan) { 526 local->sta_sw_scanning = 0; 527 cancel_delayed_work(&local->scan_work); 528 } else 529 local->sta_hw_scanning = 0; 530 } 531 532 flush_workqueue(local->hw.workqueue); 533 534 sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; 535 kfree(sdata->u.sta.extra_ie); 536 sdata->u.sta.extra_ie = NULL; 537 sdata->u.sta.extra_ie_len = 0; 538 /* fall through */ 539 default: 540 conf.vif = &sdata->vif; 541 conf.type = sdata->vif.type; 542 conf.mac_addr = dev->dev_addr; 543 /* disable all keys for as long as this netdev is down */ 544 ieee80211_disable_keys(sdata); 545 local->ops->remove_interface(local_to_hw(local), &conf); 546 } 547 548 if (local->open_count == 0) { 549 if (netif_running(local->mdev)) 550 dev_close(local->mdev); 551 552 if (local->ops->stop) 553 local->ops->stop(local_to_hw(local)); 554 555 ieee80211_led_radio(local, 0); 556 557 tasklet_disable(&local->tx_pending_tasklet); 558 tasklet_disable(&local->tasklet); 559 } 560 561 return 0; 562 } 563 564 int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid) 565 { 566 struct ieee80211_local *local = hw_to_local(hw); 567 struct sta_info *sta; 568 struct ieee80211_sub_if_data *sdata; 569 u16 start_seq_num = 0; 570 u8 *state; 571 int ret; 572 DECLARE_MAC_BUF(mac); 573 574 if (tid >= STA_TID_NUM) 575 return -EINVAL; 576 577 #ifdef CONFIG_MAC80211_HT_DEBUG 578 printk(KERN_DEBUG "Open BA session requested for %s tid %u\n", 579 print_mac(mac, ra), tid); 580 #endif /* CONFIG_MAC80211_HT_DEBUG */ 581 582 rcu_read_lock(); 583 584 sta = sta_info_get(local, ra); 585 if (!sta) { 586 printk(KERN_DEBUG "Could not find the station\n"); 587 rcu_read_unlock(); 588 return -ENOENT; 589 } 590 591 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 592 593 /* we have tried too many times, receiver does not want A-MPDU */ 594 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) { 595 ret = -EBUSY; 596 goto start_ba_exit; 597 } 598 599 state = &sta->ampdu_mlme.tid_state_tx[tid]; 600 /* check if the TID is not in aggregation flow already */ 601 if (*state != HT_AGG_STATE_IDLE) { 602 #ifdef CONFIG_MAC80211_HT_DEBUG 603 printk(KERN_DEBUG "BA request denied - session is not " 604 "idle on tid %u\n", tid); 605 #endif /* CONFIG_MAC80211_HT_DEBUG */ 606 ret = -EAGAIN; 607 goto start_ba_exit; 608 } 609 610 /* prepare A-MPDU MLME for Tx aggregation */ 611 sta->ampdu_mlme.tid_tx[tid] = 612 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC); 613 if (!sta->ampdu_mlme.tid_tx[tid]) { 614 if (net_ratelimit()) 615 printk(KERN_ERR "allocate tx mlme to tid %d failed\n", 616 tid); 617 ret = -ENOMEM; 618 goto start_ba_exit; 619 } 620 /* Tx timer */ 621 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function = 622 sta_addba_resp_timer_expired; 623 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data = 624 (unsigned long)&sta->timer_to_tid[tid]; 625 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer); 626 627 /* ensure that TX flow won't interrupt us 628 * until the end of the call to requeue function */ 629 spin_lock_bh(&local->mdev->queue_lock); 630 631 /* create a new queue for this aggregation */ 632 ret = ieee80211_ht_agg_queue_add(local, sta, tid); 633 634 /* case no queue is available to aggregation 635 * don't switch to aggregation */ 636 if (ret) { 637 #ifdef CONFIG_MAC80211_HT_DEBUG 638 printk(KERN_DEBUG "BA request denied - queue unavailable for" 639 " tid %d\n", tid); 640 #endif /* CONFIG_MAC80211_HT_DEBUG */ 641 goto start_ba_err; 642 } 643 sdata = sta->sdata; 644 645 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the 646 * call back right away, it must see that the flow has begun */ 647 *state |= HT_ADDBA_REQUESTED_MSK; 648 649 if (local->ops->ampdu_action) 650 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START, 651 ra, tid, &start_seq_num); 652 653 if (ret) { 654 /* No need to requeue the packets in the agg queue, since we 655 * held the tx lock: no packet could be enqueued to the newly 656 * allocated queue */ 657 ieee80211_ht_agg_queue_remove(local, sta, tid, 0); 658 #ifdef CONFIG_MAC80211_HT_DEBUG 659 printk(KERN_DEBUG "BA request denied - HW unavailable for" 660 " tid %d\n", tid); 661 #endif /* CONFIG_MAC80211_HT_DEBUG */ 662 *state = HT_AGG_STATE_IDLE; 663 goto start_ba_err; 664 } 665 666 /* Will put all the packets in the new SW queue */ 667 ieee80211_requeue(local, ieee802_1d_to_ac[tid]); 668 spin_unlock_bh(&local->mdev->queue_lock); 669 670 /* send an addBA request */ 671 sta->ampdu_mlme.dialog_token_allocator++; 672 sta->ampdu_mlme.tid_tx[tid]->dialog_token = 673 sta->ampdu_mlme.dialog_token_allocator; 674 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num; 675 676 ieee80211_send_addba_request(sta->sdata->dev, ra, tid, 677 sta->ampdu_mlme.tid_tx[tid]->dialog_token, 678 sta->ampdu_mlme.tid_tx[tid]->ssn, 679 0x40, 5000); 680 681 /* activate the timer for the recipient's addBA response */ 682 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires = 683 jiffies + ADDBA_RESP_INTERVAL; 684 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer); 685 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid); 686 goto start_ba_exit; 687 688 start_ba_err: 689 kfree(sta->ampdu_mlme.tid_tx[tid]); 690 sta->ampdu_mlme.tid_tx[tid] = NULL; 691 spin_unlock_bh(&local->mdev->queue_lock); 692 ret = -EBUSY; 693 start_ba_exit: 694 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 695 rcu_read_unlock(); 696 return ret; 697 } 698 EXPORT_SYMBOL(ieee80211_start_tx_ba_session); 699 700 int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw, 701 u8 *ra, u16 tid, 702 enum ieee80211_back_parties initiator) 703 { 704 struct ieee80211_local *local = hw_to_local(hw); 705 struct sta_info *sta; 706 u8 *state; 707 int ret = 0; 708 DECLARE_MAC_BUF(mac); 709 710 if (tid >= STA_TID_NUM) 711 return -EINVAL; 712 713 rcu_read_lock(); 714 sta = sta_info_get(local, ra); 715 if (!sta) { 716 rcu_read_unlock(); 717 return -ENOENT; 718 } 719 720 /* check if the TID is in aggregation */ 721 state = &sta->ampdu_mlme.tid_state_tx[tid]; 722 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 723 724 if (*state != HT_AGG_STATE_OPERATIONAL) { 725 ret = -ENOENT; 726 goto stop_BA_exit; 727 } 728 729 #ifdef CONFIG_MAC80211_HT_DEBUG 730 printk(KERN_DEBUG "Tx BA session stop requested for %s tid %u\n", 731 print_mac(mac, ra), tid); 732 #endif /* CONFIG_MAC80211_HT_DEBUG */ 733 734 ieee80211_stop_queue(hw, sta->tid_to_tx_q[tid]); 735 736 *state = HT_AGG_STATE_REQ_STOP_BA_MSK | 737 (initiator << HT_AGG_STATE_INITIATOR_SHIFT); 738 739 if (local->ops->ampdu_action) 740 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_STOP, 741 ra, tid, NULL); 742 743 /* case HW denied going back to legacy */ 744 if (ret) { 745 WARN_ON(ret != -EBUSY); 746 *state = HT_AGG_STATE_OPERATIONAL; 747 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]); 748 goto stop_BA_exit; 749 } 750 751 stop_BA_exit: 752 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 753 rcu_read_unlock(); 754 return ret; 755 } 756 EXPORT_SYMBOL(ieee80211_stop_tx_ba_session); 757 758 void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid) 759 { 760 struct ieee80211_local *local = hw_to_local(hw); 761 struct sta_info *sta; 762 u8 *state; 763 DECLARE_MAC_BUF(mac); 764 765 if (tid >= STA_TID_NUM) { 766 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n", 767 tid, STA_TID_NUM); 768 return; 769 } 770 771 rcu_read_lock(); 772 sta = sta_info_get(local, ra); 773 if (!sta) { 774 rcu_read_unlock(); 775 printk(KERN_DEBUG "Could not find station: %s\n", 776 print_mac(mac, ra)); 777 return; 778 } 779 780 state = &sta->ampdu_mlme.tid_state_tx[tid]; 781 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 782 783 if (!(*state & HT_ADDBA_REQUESTED_MSK)) { 784 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n", 785 *state); 786 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 787 rcu_read_unlock(); 788 return; 789 } 790 791 WARN_ON_ONCE(*state & HT_ADDBA_DRV_READY_MSK); 792 793 *state |= HT_ADDBA_DRV_READY_MSK; 794 795 if (*state == HT_AGG_STATE_OPERATIONAL) { 796 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid); 797 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]); 798 } 799 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 800 rcu_read_unlock(); 801 } 802 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb); 803 804 void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid) 805 { 806 struct ieee80211_local *local = hw_to_local(hw); 807 struct sta_info *sta; 808 u8 *state; 809 int agg_queue; 810 DECLARE_MAC_BUF(mac); 811 812 if (tid >= STA_TID_NUM) { 813 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n", 814 tid, STA_TID_NUM); 815 return; 816 } 817 818 #ifdef CONFIG_MAC80211_HT_DEBUG 819 printk(KERN_DEBUG "Stopping Tx BA session for %s tid %d\n", 820 print_mac(mac, ra), tid); 821 #endif /* CONFIG_MAC80211_HT_DEBUG */ 822 823 rcu_read_lock(); 824 sta = sta_info_get(local, ra); 825 if (!sta) { 826 printk(KERN_DEBUG "Could not find station: %s\n", 827 print_mac(mac, ra)); 828 rcu_read_unlock(); 829 return; 830 } 831 state = &sta->ampdu_mlme.tid_state_tx[tid]; 832 833 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 834 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) { 835 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n"); 836 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 837 rcu_read_unlock(); 838 return; 839 } 840 841 if (*state & HT_AGG_STATE_INITIATOR_MSK) 842 ieee80211_send_delba(sta->sdata->dev, ra, tid, 843 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE); 844 845 agg_queue = sta->tid_to_tx_q[tid]; 846 847 /* avoid ordering issues: we are the only one that can modify 848 * the content of the qdiscs */ 849 spin_lock_bh(&local->mdev->queue_lock); 850 /* remove the queue for this aggregation */ 851 ieee80211_ht_agg_queue_remove(local, sta, tid, 1); 852 spin_unlock_bh(&local->mdev->queue_lock); 853 854 /* we just requeued the all the frames that were in the removed 855 * queue, and since we might miss a softirq we do netif_schedule. 856 * ieee80211_wake_queue is not used here as this queue is not 857 * necessarily stopped */ 858 netif_schedule(local->mdev); 859 *state = HT_AGG_STATE_IDLE; 860 sta->ampdu_mlme.addba_req_num[tid] = 0; 861 kfree(sta->ampdu_mlme.tid_tx[tid]); 862 sta->ampdu_mlme.tid_tx[tid] = NULL; 863 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 864 865 rcu_read_unlock(); 866 } 867 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb); 868 869 void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw, 870 const u8 *ra, u16 tid) 871 { 872 struct ieee80211_local *local = hw_to_local(hw); 873 struct ieee80211_ra_tid *ra_tid; 874 struct sk_buff *skb = dev_alloc_skb(0); 875 876 if (unlikely(!skb)) { 877 if (net_ratelimit()) 878 printk(KERN_WARNING "%s: Not enough memory, " 879 "dropping start BA session", skb->dev->name); 880 return; 881 } 882 ra_tid = (struct ieee80211_ra_tid *) &skb->cb; 883 memcpy(&ra_tid->ra, ra, ETH_ALEN); 884 ra_tid->tid = tid; 885 886 skb->pkt_type = IEEE80211_ADDBA_MSG; 887 skb_queue_tail(&local->skb_queue, skb); 888 tasklet_schedule(&local->tasklet); 889 } 890 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe); 891 892 void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw, 893 const u8 *ra, u16 tid) 894 { 895 struct ieee80211_local *local = hw_to_local(hw); 896 struct ieee80211_ra_tid *ra_tid; 897 struct sk_buff *skb = dev_alloc_skb(0); 898 899 if (unlikely(!skb)) { 900 if (net_ratelimit()) 901 printk(KERN_WARNING "%s: Not enough memory, " 902 "dropping stop BA session", skb->dev->name); 903 return; 904 } 905 ra_tid = (struct ieee80211_ra_tid *) &skb->cb; 906 memcpy(&ra_tid->ra, ra, ETH_ALEN); 907 ra_tid->tid = tid; 908 909 skb->pkt_type = IEEE80211_DELBA_MSG; 910 skb_queue_tail(&local->skb_queue, skb); 911 tasklet_schedule(&local->tasklet); 912 } 913 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe); 914 915 static void ieee80211_set_multicast_list(struct net_device *dev) 916 { 917 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 918 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 919 int allmulti, promisc, sdata_allmulti, sdata_promisc; 920 921 allmulti = !!(dev->flags & IFF_ALLMULTI); 922 promisc = !!(dev->flags & IFF_PROMISC); 923 sdata_allmulti = !!(sdata->flags & IEEE80211_SDATA_ALLMULTI); 924 sdata_promisc = !!(sdata->flags & IEEE80211_SDATA_PROMISC); 925 926 if (allmulti != sdata_allmulti) { 927 if (dev->flags & IFF_ALLMULTI) 928 atomic_inc(&local->iff_allmultis); 929 else 930 atomic_dec(&local->iff_allmultis); 931 sdata->flags ^= IEEE80211_SDATA_ALLMULTI; 932 } 933 934 if (promisc != sdata_promisc) { 935 if (dev->flags & IFF_PROMISC) 936 atomic_inc(&local->iff_promiscs); 937 else 938 atomic_dec(&local->iff_promiscs); 939 sdata->flags ^= IEEE80211_SDATA_PROMISC; 940 } 941 942 dev_mc_sync(local->mdev, dev); 943 } 944 945 static const struct header_ops ieee80211_header_ops = { 946 .create = eth_header, 947 .parse = header_parse_80211, 948 .rebuild = eth_rebuild_header, 949 .cache = eth_header_cache, 950 .cache_update = eth_header_cache_update, 951 }; 952 953 /* Must not be called for mdev */ 954 void ieee80211_if_setup(struct net_device *dev) 955 { 956 ether_setup(dev); 957 dev->hard_start_xmit = ieee80211_subif_start_xmit; 958 dev->wireless_handlers = &ieee80211_iw_handler_def; 959 dev->set_multicast_list = ieee80211_set_multicast_list; 960 dev->change_mtu = ieee80211_change_mtu; 961 dev->open = ieee80211_open; 962 dev->stop = ieee80211_stop; 963 dev->destructor = ieee80211_if_free; 964 } 965 966 /* everything else */ 967 968 static int __ieee80211_if_config(struct net_device *dev, 969 struct sk_buff *beacon, 970 struct ieee80211_tx_control *control) 971 { 972 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 973 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 974 struct ieee80211_if_conf conf; 975 976 if (!local->ops->config_interface || !netif_running(dev)) 977 return 0; 978 979 memset(&conf, 0, sizeof(conf)); 980 conf.type = sdata->vif.type; 981 if (sdata->vif.type == IEEE80211_IF_TYPE_STA || 982 sdata->vif.type == IEEE80211_IF_TYPE_IBSS) { 983 conf.bssid = sdata->u.sta.bssid; 984 conf.ssid = sdata->u.sta.ssid; 985 conf.ssid_len = sdata->u.sta.ssid_len; 986 } else if (ieee80211_vif_is_mesh(&sdata->vif)) { 987 conf.beacon = beacon; 988 conf.beacon_control = control; 989 ieee80211_start_mesh(dev); 990 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) { 991 conf.ssid = sdata->u.ap.ssid; 992 conf.ssid_len = sdata->u.ap.ssid_len; 993 conf.beacon = beacon; 994 conf.beacon_control = control; 995 } 996 return local->ops->config_interface(local_to_hw(local), 997 &sdata->vif, &conf); 998 } 999 1000 int ieee80211_if_config(struct net_device *dev) 1001 { 1002 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1003 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1004 if (sdata->vif.type == IEEE80211_IF_TYPE_MESH_POINT && 1005 (local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE)) 1006 return ieee80211_if_config_beacon(dev); 1007 return __ieee80211_if_config(dev, NULL, NULL); 1008 } 1009 1010 int ieee80211_if_config_beacon(struct net_device *dev) 1011 { 1012 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1013 struct ieee80211_tx_control control; 1014 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1015 struct sk_buff *skb; 1016 1017 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE)) 1018 return 0; 1019 skb = ieee80211_beacon_get(local_to_hw(local), &sdata->vif, 1020 &control); 1021 if (!skb) 1022 return -ENOMEM; 1023 return __ieee80211_if_config(dev, skb, &control); 1024 } 1025 1026 int ieee80211_hw_config(struct ieee80211_local *local) 1027 { 1028 struct ieee80211_channel *chan; 1029 int ret = 0; 1030 1031 if (local->sta_sw_scanning) 1032 chan = local->scan_channel; 1033 else 1034 chan = local->oper_channel; 1035 1036 local->hw.conf.channel = chan; 1037 1038 if (!local->hw.conf.power_level) 1039 local->hw.conf.power_level = chan->max_power; 1040 else 1041 local->hw.conf.power_level = min(chan->max_power, 1042 local->hw.conf.power_level); 1043 1044 local->hw.conf.max_antenna_gain = chan->max_antenna_gain; 1045 1046 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG 1047 printk(KERN_DEBUG "%s: HW CONFIG: freq=%d\n", 1048 wiphy_name(local->hw.wiphy), chan->center_freq); 1049 #endif 1050 1051 if (local->open_count) 1052 ret = local->ops->config(local_to_hw(local), &local->hw.conf); 1053 1054 return ret; 1055 } 1056 1057 /** 1058 * ieee80211_handle_ht should be used only after legacy configuration 1059 * has been determined namely band, as ht configuration depends upon 1060 * the hardware's HT abilities for a _specific_ band. 1061 */ 1062 u32 ieee80211_handle_ht(struct ieee80211_local *local, int enable_ht, 1063 struct ieee80211_ht_info *req_ht_cap, 1064 struct ieee80211_ht_bss_info *req_bss_cap) 1065 { 1066 struct ieee80211_conf *conf = &local->hw.conf; 1067 struct ieee80211_supported_band *sband; 1068 struct ieee80211_ht_info ht_conf; 1069 struct ieee80211_ht_bss_info ht_bss_conf; 1070 int i; 1071 u32 changed = 0; 1072 1073 sband = local->hw.wiphy->bands[conf->channel->band]; 1074 1075 /* HT is not supported */ 1076 if (!sband->ht_info.ht_supported) { 1077 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE; 1078 return 0; 1079 } 1080 1081 memset(&ht_conf, 0, sizeof(struct ieee80211_ht_info)); 1082 memset(&ht_bss_conf, 0, sizeof(struct ieee80211_ht_bss_info)); 1083 1084 if (enable_ht) { 1085 if (!(conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE)) 1086 changed |= BSS_CHANGED_HT; 1087 1088 conf->flags |= IEEE80211_CONF_SUPPORT_HT_MODE; 1089 ht_conf.ht_supported = 1; 1090 1091 ht_conf.cap = req_ht_cap->cap & sband->ht_info.cap; 1092 ht_conf.cap &= ~(IEEE80211_HT_CAP_MIMO_PS); 1093 ht_conf.cap |= sband->ht_info.cap & IEEE80211_HT_CAP_MIMO_PS; 1094 1095 for (i = 0; i < SUPP_MCS_SET_LEN; i++) 1096 ht_conf.supp_mcs_set[i] = 1097 sband->ht_info.supp_mcs_set[i] & 1098 req_ht_cap->supp_mcs_set[i]; 1099 1100 ht_bss_conf.primary_channel = req_bss_cap->primary_channel; 1101 ht_bss_conf.bss_cap = req_bss_cap->bss_cap; 1102 ht_bss_conf.bss_op_mode = req_bss_cap->bss_op_mode; 1103 1104 ht_conf.ampdu_factor = req_ht_cap->ampdu_factor; 1105 ht_conf.ampdu_density = req_ht_cap->ampdu_density; 1106 1107 /* if bss configuration changed store the new one */ 1108 if (memcmp(&conf->ht_conf, &ht_conf, sizeof(ht_conf)) || 1109 memcmp(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf))) { 1110 changed |= BSS_CHANGED_HT; 1111 memcpy(&conf->ht_conf, &ht_conf, sizeof(ht_conf)); 1112 memcpy(&conf->ht_bss_conf, &ht_bss_conf, sizeof(ht_bss_conf)); 1113 } 1114 } else { 1115 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) 1116 changed |= BSS_CHANGED_HT; 1117 conf->flags &= ~IEEE80211_CONF_SUPPORT_HT_MODE; 1118 } 1119 1120 return changed; 1121 } 1122 1123 void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata, 1124 u32 changed) 1125 { 1126 struct ieee80211_local *local = sdata->local; 1127 1128 if (!changed) 1129 return; 1130 1131 if (local->ops->bss_info_changed) 1132 local->ops->bss_info_changed(local_to_hw(local), 1133 &sdata->vif, 1134 &sdata->bss_conf, 1135 changed); 1136 } 1137 1138 void ieee80211_reset_erp_info(struct net_device *dev) 1139 { 1140 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1141 1142 sdata->bss_conf.use_cts_prot = 0; 1143 sdata->bss_conf.use_short_preamble = 0; 1144 ieee80211_bss_info_change_notify(sdata, 1145 BSS_CHANGED_ERP_CTS_PROT | 1146 BSS_CHANGED_ERP_PREAMBLE); 1147 } 1148 1149 void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw, 1150 struct sk_buff *skb, 1151 struct ieee80211_tx_status *status) 1152 { 1153 struct ieee80211_local *local = hw_to_local(hw); 1154 struct ieee80211_tx_status *saved; 1155 int tmp; 1156 1157 skb->dev = local->mdev; 1158 saved = kmalloc(sizeof(struct ieee80211_tx_status), GFP_ATOMIC); 1159 if (unlikely(!saved)) { 1160 if (net_ratelimit()) 1161 printk(KERN_WARNING "%s: Not enough memory, " 1162 "dropping tx status", skb->dev->name); 1163 /* should be dev_kfree_skb_irq, but due to this function being 1164 * named _irqsafe instead of just _irq we can't be sure that 1165 * people won't call it from non-irq contexts */ 1166 dev_kfree_skb_any(skb); 1167 return; 1168 } 1169 memcpy(saved, status, sizeof(struct ieee80211_tx_status)); 1170 /* copy pointer to saved status into skb->cb for use by tasklet */ 1171 memcpy(skb->cb, &saved, sizeof(saved)); 1172 1173 skb->pkt_type = IEEE80211_TX_STATUS_MSG; 1174 skb_queue_tail(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS ? 1175 &local->skb_queue : &local->skb_queue_unreliable, skb); 1176 tmp = skb_queue_len(&local->skb_queue) + 1177 skb_queue_len(&local->skb_queue_unreliable); 1178 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT && 1179 (skb = skb_dequeue(&local->skb_queue_unreliable))) { 1180 memcpy(&saved, skb->cb, sizeof(saved)); 1181 kfree(saved); 1182 dev_kfree_skb_irq(skb); 1183 tmp--; 1184 I802_DEBUG_INC(local->tx_status_drop); 1185 } 1186 tasklet_schedule(&local->tasklet); 1187 } 1188 EXPORT_SYMBOL(ieee80211_tx_status_irqsafe); 1189 1190 static void ieee80211_tasklet_handler(unsigned long data) 1191 { 1192 struct ieee80211_local *local = (struct ieee80211_local *) data; 1193 struct sk_buff *skb; 1194 struct ieee80211_rx_status rx_status; 1195 struct ieee80211_tx_status *tx_status; 1196 struct ieee80211_ra_tid *ra_tid; 1197 1198 while ((skb = skb_dequeue(&local->skb_queue)) || 1199 (skb = skb_dequeue(&local->skb_queue_unreliable))) { 1200 switch (skb->pkt_type) { 1201 case IEEE80211_RX_MSG: 1202 /* status is in skb->cb */ 1203 memcpy(&rx_status, skb->cb, sizeof(rx_status)); 1204 /* Clear skb->pkt_type in order to not confuse kernel 1205 * netstack. */ 1206 skb->pkt_type = 0; 1207 __ieee80211_rx(local_to_hw(local), skb, &rx_status); 1208 break; 1209 case IEEE80211_TX_STATUS_MSG: 1210 /* get pointer to saved status out of skb->cb */ 1211 memcpy(&tx_status, skb->cb, sizeof(tx_status)); 1212 skb->pkt_type = 0; 1213 ieee80211_tx_status(local_to_hw(local), 1214 skb, tx_status); 1215 kfree(tx_status); 1216 break; 1217 case IEEE80211_DELBA_MSG: 1218 ra_tid = (struct ieee80211_ra_tid *) &skb->cb; 1219 ieee80211_stop_tx_ba_cb(local_to_hw(local), 1220 ra_tid->ra, ra_tid->tid); 1221 dev_kfree_skb(skb); 1222 break; 1223 case IEEE80211_ADDBA_MSG: 1224 ra_tid = (struct ieee80211_ra_tid *) &skb->cb; 1225 ieee80211_start_tx_ba_cb(local_to_hw(local), 1226 ra_tid->ra, ra_tid->tid); 1227 dev_kfree_skb(skb); 1228 break ; 1229 default: /* should never get here! */ 1230 printk(KERN_ERR "%s: Unknown message type (%d)\n", 1231 wiphy_name(local->hw.wiphy), skb->pkt_type); 1232 dev_kfree_skb(skb); 1233 break; 1234 } 1235 } 1236 } 1237 1238 /* Remove added headers (e.g., QoS control), encryption header/MIC, etc. to 1239 * make a prepared TX frame (one that has been given to hw) to look like brand 1240 * new IEEE 802.11 frame that is ready to go through TX processing again. 1241 * Also, tx_packet_data in cb is restored from tx_control. */ 1242 static void ieee80211_remove_tx_extra(struct ieee80211_local *local, 1243 struct ieee80211_key *key, 1244 struct sk_buff *skb, 1245 struct ieee80211_tx_control *control) 1246 { 1247 int hdrlen, iv_len, mic_len; 1248 struct ieee80211_tx_packet_data *pkt_data; 1249 1250 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; 1251 pkt_data->ifindex = vif_to_sdata(control->vif)->dev->ifindex; 1252 pkt_data->flags = 0; 1253 if (control->flags & IEEE80211_TXCTL_REQ_TX_STATUS) 1254 pkt_data->flags |= IEEE80211_TXPD_REQ_TX_STATUS; 1255 if (control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT) 1256 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT; 1257 if (control->flags & IEEE80211_TXCTL_REQUEUE) 1258 pkt_data->flags |= IEEE80211_TXPD_REQUEUE; 1259 if (control->flags & IEEE80211_TXCTL_EAPOL_FRAME) 1260 pkt_data->flags |= IEEE80211_TXPD_EAPOL_FRAME; 1261 pkt_data->queue = control->queue; 1262 1263 hdrlen = ieee80211_get_hdrlen_from_skb(skb); 1264 1265 if (!key) 1266 goto no_key; 1267 1268 switch (key->conf.alg) { 1269 case ALG_WEP: 1270 iv_len = WEP_IV_LEN; 1271 mic_len = WEP_ICV_LEN; 1272 break; 1273 case ALG_TKIP: 1274 iv_len = TKIP_IV_LEN; 1275 mic_len = TKIP_ICV_LEN; 1276 break; 1277 case ALG_CCMP: 1278 iv_len = CCMP_HDR_LEN; 1279 mic_len = CCMP_MIC_LEN; 1280 break; 1281 default: 1282 goto no_key; 1283 } 1284 1285 if (skb->len >= mic_len && 1286 !(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 1287 skb_trim(skb, skb->len - mic_len); 1288 if (skb->len >= iv_len && skb->len > hdrlen) { 1289 memmove(skb->data + iv_len, skb->data, hdrlen); 1290 skb_pull(skb, iv_len); 1291 } 1292 1293 no_key: 1294 { 1295 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1296 u16 fc = le16_to_cpu(hdr->frame_control); 1297 if ((fc & 0x8C) == 0x88) /* QoS Control Field */ { 1298 fc &= ~IEEE80211_STYPE_QOS_DATA; 1299 hdr->frame_control = cpu_to_le16(fc); 1300 memmove(skb->data + 2, skb->data, hdrlen - 2); 1301 skb_pull(skb, 2); 1302 } 1303 } 1304 } 1305 1306 static void ieee80211_handle_filtered_frame(struct ieee80211_local *local, 1307 struct sta_info *sta, 1308 struct sk_buff *skb, 1309 struct ieee80211_tx_status *status) 1310 { 1311 sta->tx_filtered_count++; 1312 1313 /* 1314 * Clear the TX filter mask for this STA when sending the next 1315 * packet. If the STA went to power save mode, this will happen 1316 * when it wakes up for the next time. 1317 */ 1318 sta->flags |= WLAN_STA_CLEAR_PS_FILT; 1319 1320 /* 1321 * This code races in the following way: 1322 * 1323 * (1) STA sends frame indicating it will go to sleep and does so 1324 * (2) hardware/firmware adds STA to filter list, passes frame up 1325 * (3) hardware/firmware processes TX fifo and suppresses a frame 1326 * (4) we get TX status before having processed the frame and 1327 * knowing that the STA has gone to sleep. 1328 * 1329 * This is actually quite unlikely even when both those events are 1330 * processed from interrupts coming in quickly after one another or 1331 * even at the same time because we queue both TX status events and 1332 * RX frames to be processed by a tasklet and process them in the 1333 * same order that they were received or TX status last. Hence, there 1334 * is no race as long as the frame RX is processed before the next TX 1335 * status, which drivers can ensure, see below. 1336 * 1337 * Note that this can only happen if the hardware or firmware can 1338 * actually add STAs to the filter list, if this is done by the 1339 * driver in response to set_tim() (which will only reduce the race 1340 * this whole filtering tries to solve, not completely solve it) 1341 * this situation cannot happen. 1342 * 1343 * To completely solve this race drivers need to make sure that they 1344 * (a) don't mix the irq-safe/not irq-safe TX status/RX processing 1345 * functions and 1346 * (b) always process RX events before TX status events if ordering 1347 * can be unknown, for example with different interrupt status 1348 * bits. 1349 */ 1350 if (sta->flags & WLAN_STA_PS && 1351 skb_queue_len(&sta->tx_filtered) < STA_MAX_TX_BUFFER) { 1352 ieee80211_remove_tx_extra(local, sta->key, skb, 1353 &status->control); 1354 skb_queue_tail(&sta->tx_filtered, skb); 1355 return; 1356 } 1357 1358 if (!(sta->flags & WLAN_STA_PS) && 1359 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) { 1360 /* Software retry the packet once */ 1361 status->control.flags |= IEEE80211_TXCTL_REQUEUE; 1362 ieee80211_remove_tx_extra(local, sta->key, skb, 1363 &status->control); 1364 dev_queue_xmit(skb); 1365 return; 1366 } 1367 1368 if (net_ratelimit()) 1369 printk(KERN_DEBUG "%s: dropped TX filtered frame, " 1370 "queue_len=%d PS=%d @%lu\n", 1371 wiphy_name(local->hw.wiphy), 1372 skb_queue_len(&sta->tx_filtered), 1373 !!(sta->flags & WLAN_STA_PS), jiffies); 1374 dev_kfree_skb(skb); 1375 } 1376 1377 void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb, 1378 struct ieee80211_tx_status *status) 1379 { 1380 struct sk_buff *skb2; 1381 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1382 struct ieee80211_local *local = hw_to_local(hw); 1383 u16 frag, type; 1384 struct ieee80211_tx_status_rtap_hdr *rthdr; 1385 struct ieee80211_sub_if_data *sdata; 1386 struct net_device *prev_dev = NULL; 1387 1388 if (!status) { 1389 printk(KERN_ERR 1390 "%s: ieee80211_tx_status called with NULL status\n", 1391 wiphy_name(local->hw.wiphy)); 1392 dev_kfree_skb(skb); 1393 return; 1394 } 1395 1396 rcu_read_lock(); 1397 1398 if (status->excessive_retries) { 1399 struct sta_info *sta; 1400 sta = sta_info_get(local, hdr->addr1); 1401 if (sta) { 1402 if (sta->flags & WLAN_STA_PS) { 1403 /* 1404 * The STA is in power save mode, so assume 1405 * that this TX packet failed because of that. 1406 */ 1407 status->excessive_retries = 0; 1408 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED; 1409 ieee80211_handle_filtered_frame(local, sta, 1410 skb, status); 1411 rcu_read_unlock(); 1412 return; 1413 } 1414 } 1415 } 1416 1417 if (status->flags & IEEE80211_TX_STATUS_TX_FILTERED) { 1418 struct sta_info *sta; 1419 sta = sta_info_get(local, hdr->addr1); 1420 if (sta) { 1421 ieee80211_handle_filtered_frame(local, sta, skb, 1422 status); 1423 rcu_read_unlock(); 1424 return; 1425 } 1426 } else 1427 rate_control_tx_status(local->mdev, skb, status); 1428 1429 rcu_read_unlock(); 1430 1431 ieee80211_led_tx(local, 0); 1432 1433 /* SNMP counters 1434 * Fragments are passed to low-level drivers as separate skbs, so these 1435 * are actually fragments, not frames. Update frame counters only for 1436 * the first fragment of the frame. */ 1437 1438 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG; 1439 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE; 1440 1441 if (status->flags & IEEE80211_TX_STATUS_ACK) { 1442 if (frag == 0) { 1443 local->dot11TransmittedFrameCount++; 1444 if (is_multicast_ether_addr(hdr->addr1)) 1445 local->dot11MulticastTransmittedFrameCount++; 1446 if (status->retry_count > 0) 1447 local->dot11RetryCount++; 1448 if (status->retry_count > 1) 1449 local->dot11MultipleRetryCount++; 1450 } 1451 1452 /* This counter shall be incremented for an acknowledged MPDU 1453 * with an individual address in the address 1 field or an MPDU 1454 * with a multicast address in the address 1 field of type Data 1455 * or Management. */ 1456 if (!is_multicast_ether_addr(hdr->addr1) || 1457 type == IEEE80211_FTYPE_DATA || 1458 type == IEEE80211_FTYPE_MGMT) 1459 local->dot11TransmittedFragmentCount++; 1460 } else { 1461 if (frag == 0) 1462 local->dot11FailedCount++; 1463 } 1464 1465 /* this was a transmitted frame, but now we want to reuse it */ 1466 skb_orphan(skb); 1467 1468 /* 1469 * This is a bit racy but we can avoid a lot of work 1470 * with this test... 1471 */ 1472 if (!local->monitors && !local->cooked_mntrs) { 1473 dev_kfree_skb(skb); 1474 return; 1475 } 1476 1477 /* send frame to monitor interfaces now */ 1478 1479 if (skb_headroom(skb) < sizeof(*rthdr)) { 1480 printk(KERN_ERR "ieee80211_tx_status: headroom too small\n"); 1481 dev_kfree_skb(skb); 1482 return; 1483 } 1484 1485 rthdr = (struct ieee80211_tx_status_rtap_hdr*) 1486 skb_push(skb, sizeof(*rthdr)); 1487 1488 memset(rthdr, 0, sizeof(*rthdr)); 1489 rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr)); 1490 rthdr->hdr.it_present = 1491 cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) | 1492 (1 << IEEE80211_RADIOTAP_DATA_RETRIES)); 1493 1494 if (!(status->flags & IEEE80211_TX_STATUS_ACK) && 1495 !is_multicast_ether_addr(hdr->addr1)) 1496 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_FAIL); 1497 1498 if ((status->control.flags & IEEE80211_TXCTL_USE_RTS_CTS) && 1499 (status->control.flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) 1500 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_CTS); 1501 else if (status->control.flags & IEEE80211_TXCTL_USE_RTS_CTS) 1502 rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_RTS); 1503 1504 rthdr->data_retries = status->retry_count; 1505 1506 /* XXX: is this sufficient for BPF? */ 1507 skb_set_mac_header(skb, 0); 1508 skb->ip_summed = CHECKSUM_UNNECESSARY; 1509 skb->pkt_type = PACKET_OTHERHOST; 1510 skb->protocol = htons(ETH_P_802_2); 1511 memset(skb->cb, 0, sizeof(skb->cb)); 1512 1513 rcu_read_lock(); 1514 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 1515 if (sdata->vif.type == IEEE80211_IF_TYPE_MNTR) { 1516 if (!netif_running(sdata->dev)) 1517 continue; 1518 1519 if (prev_dev) { 1520 skb2 = skb_clone(skb, GFP_ATOMIC); 1521 if (skb2) { 1522 skb2->dev = prev_dev; 1523 netif_rx(skb2); 1524 } 1525 } 1526 1527 prev_dev = sdata->dev; 1528 } 1529 } 1530 if (prev_dev) { 1531 skb->dev = prev_dev; 1532 netif_rx(skb); 1533 skb = NULL; 1534 } 1535 rcu_read_unlock(); 1536 dev_kfree_skb(skb); 1537 } 1538 EXPORT_SYMBOL(ieee80211_tx_status); 1539 1540 struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len, 1541 const struct ieee80211_ops *ops) 1542 { 1543 struct ieee80211_local *local; 1544 int priv_size; 1545 struct wiphy *wiphy; 1546 1547 /* Ensure 32-byte alignment of our private data and hw private data. 1548 * We use the wiphy priv data for both our ieee80211_local and for 1549 * the driver's private data 1550 * 1551 * In memory it'll be like this: 1552 * 1553 * +-------------------------+ 1554 * | struct wiphy | 1555 * +-------------------------+ 1556 * | struct ieee80211_local | 1557 * +-------------------------+ 1558 * | driver's private data | 1559 * +-------------------------+ 1560 * 1561 */ 1562 priv_size = ((sizeof(struct ieee80211_local) + 1563 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST) + 1564 priv_data_len; 1565 1566 wiphy = wiphy_new(&mac80211_config_ops, priv_size); 1567 1568 if (!wiphy) 1569 return NULL; 1570 1571 wiphy->privid = mac80211_wiphy_privid; 1572 1573 local = wiphy_priv(wiphy); 1574 local->hw.wiphy = wiphy; 1575 1576 local->hw.priv = (char *)local + 1577 ((sizeof(struct ieee80211_local) + 1578 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST); 1579 1580 BUG_ON(!ops->tx); 1581 BUG_ON(!ops->start); 1582 BUG_ON(!ops->stop); 1583 BUG_ON(!ops->config); 1584 BUG_ON(!ops->add_interface); 1585 BUG_ON(!ops->remove_interface); 1586 BUG_ON(!ops->configure_filter); 1587 local->ops = ops; 1588 1589 local->hw.queues = 1; /* default */ 1590 1591 local->bridge_packets = 1; 1592 1593 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD; 1594 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD; 1595 local->short_retry_limit = 7; 1596 local->long_retry_limit = 4; 1597 local->hw.conf.radio_enabled = 1; 1598 1599 INIT_LIST_HEAD(&local->interfaces); 1600 1601 spin_lock_init(&local->key_lock); 1602 1603 INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work); 1604 1605 sta_info_init(local); 1606 1607 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending, 1608 (unsigned long)local); 1609 tasklet_disable(&local->tx_pending_tasklet); 1610 1611 tasklet_init(&local->tasklet, 1612 ieee80211_tasklet_handler, 1613 (unsigned long) local); 1614 tasklet_disable(&local->tasklet); 1615 1616 skb_queue_head_init(&local->skb_queue); 1617 skb_queue_head_init(&local->skb_queue_unreliable); 1618 1619 return local_to_hw(local); 1620 } 1621 EXPORT_SYMBOL(ieee80211_alloc_hw); 1622 1623 int ieee80211_register_hw(struct ieee80211_hw *hw) 1624 { 1625 struct ieee80211_local *local = hw_to_local(hw); 1626 const char *name; 1627 int result; 1628 enum ieee80211_band band; 1629 struct net_device *mdev; 1630 struct ieee80211_sub_if_data *sdata; 1631 1632 /* 1633 * generic code guarantees at least one band, 1634 * set this very early because much code assumes 1635 * that hw.conf.channel is assigned 1636 */ 1637 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1638 struct ieee80211_supported_band *sband; 1639 1640 sband = local->hw.wiphy->bands[band]; 1641 if (sband) { 1642 /* init channel we're on */ 1643 local->hw.conf.channel = 1644 local->oper_channel = 1645 local->scan_channel = &sband->channels[0]; 1646 break; 1647 } 1648 } 1649 1650 result = wiphy_register(local->hw.wiphy); 1651 if (result < 0) 1652 return result; 1653 1654 /* for now, mdev needs sub_if_data :/ */ 1655 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data), 1656 "wmaster%d", ether_setup); 1657 if (!mdev) 1658 goto fail_mdev_alloc; 1659 1660 sdata = IEEE80211_DEV_TO_SUB_IF(mdev); 1661 mdev->ieee80211_ptr = &sdata->wdev; 1662 sdata->wdev.wiphy = local->hw.wiphy; 1663 1664 local->mdev = mdev; 1665 1666 ieee80211_rx_bss_list_init(mdev); 1667 1668 mdev->hard_start_xmit = ieee80211_master_start_xmit; 1669 mdev->open = ieee80211_master_open; 1670 mdev->stop = ieee80211_master_stop; 1671 mdev->type = ARPHRD_IEEE80211; 1672 mdev->header_ops = &ieee80211_header_ops; 1673 mdev->set_multicast_list = ieee80211_master_set_multicast_list; 1674 1675 sdata->vif.type = IEEE80211_IF_TYPE_AP; 1676 sdata->dev = mdev; 1677 sdata->local = local; 1678 sdata->u.ap.force_unicast_rateidx = -1; 1679 sdata->u.ap.max_ratectrl_rateidx = -1; 1680 ieee80211_if_sdata_init(sdata); 1681 1682 /* no RCU needed since we're still during init phase */ 1683 list_add_tail(&sdata->list, &local->interfaces); 1684 1685 name = wiphy_dev(local->hw.wiphy)->driver->name; 1686 local->hw.workqueue = create_singlethread_workqueue(name); 1687 if (!local->hw.workqueue) { 1688 result = -ENOMEM; 1689 goto fail_workqueue; 1690 } 1691 1692 /* 1693 * The hardware needs headroom for sending the frame, 1694 * and we need some headroom for passing the frame to monitor 1695 * interfaces, but never both at the same time. 1696 */ 1697 local->tx_headroom = max_t(unsigned int , local->hw.extra_tx_headroom, 1698 sizeof(struct ieee80211_tx_status_rtap_hdr)); 1699 1700 debugfs_hw_add(local); 1701 1702 local->hw.conf.beacon_int = 1000; 1703 1704 local->wstats_flags |= local->hw.max_rssi ? 1705 IW_QUAL_LEVEL_UPDATED : IW_QUAL_LEVEL_INVALID; 1706 local->wstats_flags |= local->hw.max_signal ? 1707 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID; 1708 local->wstats_flags |= local->hw.max_noise ? 1709 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID; 1710 if (local->hw.max_rssi < 0 || local->hw.max_noise < 0) 1711 local->wstats_flags |= IW_QUAL_DBM; 1712 1713 result = sta_info_start(local); 1714 if (result < 0) 1715 goto fail_sta_info; 1716 1717 rtnl_lock(); 1718 result = dev_alloc_name(local->mdev, local->mdev->name); 1719 if (result < 0) 1720 goto fail_dev; 1721 1722 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN); 1723 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy)); 1724 1725 result = register_netdevice(local->mdev); 1726 if (result < 0) 1727 goto fail_dev; 1728 1729 ieee80211_debugfs_add_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev)); 1730 ieee80211_if_set_type(local->mdev, IEEE80211_IF_TYPE_AP); 1731 1732 result = ieee80211_init_rate_ctrl_alg(local, 1733 hw->rate_control_algorithm); 1734 if (result < 0) { 1735 printk(KERN_DEBUG "%s: Failed to initialize rate control " 1736 "algorithm\n", wiphy_name(local->hw.wiphy)); 1737 goto fail_rate; 1738 } 1739 1740 result = ieee80211_wep_init(local); 1741 1742 if (result < 0) { 1743 printk(KERN_DEBUG "%s: Failed to initialize wep\n", 1744 wiphy_name(local->hw.wiphy)); 1745 goto fail_wep; 1746 } 1747 1748 ieee80211_install_qdisc(local->mdev); 1749 1750 /* add one default STA interface */ 1751 result = ieee80211_if_add(local->mdev, "wlan%d", NULL, 1752 IEEE80211_IF_TYPE_STA, NULL); 1753 if (result) 1754 printk(KERN_WARNING "%s: Failed to add default virtual iface\n", 1755 wiphy_name(local->hw.wiphy)); 1756 1757 local->reg_state = IEEE80211_DEV_REGISTERED; 1758 rtnl_unlock(); 1759 1760 ieee80211_led_init(local); 1761 1762 return 0; 1763 1764 fail_wep: 1765 rate_control_deinitialize(local); 1766 fail_rate: 1767 ieee80211_debugfs_remove_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev)); 1768 unregister_netdevice(local->mdev); 1769 local->mdev = NULL; 1770 fail_dev: 1771 rtnl_unlock(); 1772 sta_info_stop(local); 1773 fail_sta_info: 1774 debugfs_hw_del(local); 1775 destroy_workqueue(local->hw.workqueue); 1776 fail_workqueue: 1777 if (local->mdev != NULL) { 1778 ieee80211_if_free(local->mdev); 1779 local->mdev = NULL; 1780 } 1781 fail_mdev_alloc: 1782 wiphy_unregister(local->hw.wiphy); 1783 return result; 1784 } 1785 EXPORT_SYMBOL(ieee80211_register_hw); 1786 1787 void ieee80211_unregister_hw(struct ieee80211_hw *hw) 1788 { 1789 struct ieee80211_local *local = hw_to_local(hw); 1790 struct ieee80211_sub_if_data *sdata, *tmp; 1791 1792 tasklet_kill(&local->tx_pending_tasklet); 1793 tasklet_kill(&local->tasklet); 1794 1795 rtnl_lock(); 1796 1797 BUG_ON(local->reg_state != IEEE80211_DEV_REGISTERED); 1798 1799 local->reg_state = IEEE80211_DEV_UNREGISTERED; 1800 1801 /* 1802 * At this point, interface list manipulations are fine 1803 * because the driver cannot be handing us frames any 1804 * more and the tasklet is killed. 1805 */ 1806 1807 /* 1808 * First, we remove all non-master interfaces. Do this because they 1809 * may have bss pointer dependency on the master, and when we free 1810 * the master these would be freed as well, breaking our list 1811 * iteration completely. 1812 */ 1813 list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) { 1814 if (sdata->dev == local->mdev) 1815 continue; 1816 list_del(&sdata->list); 1817 __ieee80211_if_del(local, sdata); 1818 } 1819 1820 /* then, finally, remove the master interface */ 1821 __ieee80211_if_del(local, IEEE80211_DEV_TO_SUB_IF(local->mdev)); 1822 1823 rtnl_unlock(); 1824 1825 ieee80211_rx_bss_list_deinit(local->mdev); 1826 ieee80211_clear_tx_pending(local); 1827 sta_info_stop(local); 1828 rate_control_deinitialize(local); 1829 debugfs_hw_del(local); 1830 1831 if (skb_queue_len(&local->skb_queue) 1832 || skb_queue_len(&local->skb_queue_unreliable)) 1833 printk(KERN_WARNING "%s: skb_queue not empty\n", 1834 wiphy_name(local->hw.wiphy)); 1835 skb_queue_purge(&local->skb_queue); 1836 skb_queue_purge(&local->skb_queue_unreliable); 1837 1838 destroy_workqueue(local->hw.workqueue); 1839 wiphy_unregister(local->hw.wiphy); 1840 ieee80211_wep_free(local); 1841 ieee80211_led_exit(local); 1842 ieee80211_if_free(local->mdev); 1843 local->mdev = NULL; 1844 } 1845 EXPORT_SYMBOL(ieee80211_unregister_hw); 1846 1847 void ieee80211_free_hw(struct ieee80211_hw *hw) 1848 { 1849 struct ieee80211_local *local = hw_to_local(hw); 1850 1851 wiphy_free(local->hw.wiphy); 1852 } 1853 EXPORT_SYMBOL(ieee80211_free_hw); 1854 1855 static int __init ieee80211_init(void) 1856 { 1857 struct sk_buff *skb; 1858 int ret; 1859 1860 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb)); 1861 1862 ret = rc80211_pid_init(); 1863 if (ret) 1864 goto out; 1865 1866 ret = ieee80211_wme_register(); 1867 if (ret) { 1868 printk(KERN_DEBUG "ieee80211_init: failed to " 1869 "initialize WME (err=%d)\n", ret); 1870 goto out_cleanup_pid; 1871 } 1872 1873 ieee80211_debugfs_netdev_init(); 1874 1875 return 0; 1876 1877 out_cleanup_pid: 1878 rc80211_pid_exit(); 1879 out: 1880 return ret; 1881 } 1882 1883 static void __exit ieee80211_exit(void) 1884 { 1885 rc80211_pid_exit(); 1886 1887 /* 1888 * For key todo, it'll be empty by now but the work 1889 * might still be scheduled. 1890 */ 1891 flush_scheduled_work(); 1892 1893 if (mesh_allocated) 1894 ieee80211s_stop(); 1895 1896 ieee80211_wme_unregister(); 1897 ieee80211_debugfs_netdev_exit(); 1898 } 1899 1900 1901 subsys_initcall(ieee80211_init); 1902 module_exit(ieee80211_exit); 1903 1904 MODULE_DESCRIPTION("IEEE 802.11 subsystem"); 1905 MODULE_LICENSE("GPL"); 1906