linux/net/mac80211/main.c
<<
>>
Prefs
   1/*
   2 * Copyright 2002-2005, Instant802 Networks, Inc.
   3 * Copyright 2005-2006, Devicescape Software, Inc.
   4 * Copyright 2006-2007  Jiri Benc <jbenc@suse.cz>
   5 *
   6 * This program is free software; you can redistribute it and/or modify
   7 * it under the terms of the GNU General Public License version 2 as
   8 * published by the Free Software Foundation.
   9 */
  10
  11#include <net/mac80211.h>
  12#include <net/ieee80211_radiotap.h>
  13#include <linux/module.h>
  14#include <linux/init.h>
  15#include <linux/netdevice.h>
  16#include <linux/types.h>
  17#include <linux/slab.h>
  18#include <linux/skbuff.h>
  19#include <linux/etherdevice.h>
  20#include <linux/if_arp.h>
  21#include <linux/wireless.h>
  22#include <linux/rtnetlink.h>
  23#include <linux/bitmap.h>
  24#include <net/net_namespace.h>
  25#include <net/cfg80211.h>
  26
  27#include "ieee80211_i.h"
  28#include "rate.h"
  29#include "mesh.h"
  30#include "wep.h"
  31#include "wme.h"
  32#include "aes_ccm.h"
  33#include "led.h"
  34#include "cfg.h"
  35#include "debugfs.h"
  36#include "debugfs_netdev.h"
  37
  38/*
  39 * For seeing transmitted packets on monitor interfaces
  40 * we have a radiotap header too.
  41 */
  42struct ieee80211_tx_status_rtap_hdr {
  43        struct ieee80211_radiotap_header hdr;
  44        u8 rate;
  45        u8 padding_for_rate;
  46        __le16 tx_flags;
  47        u8 data_retries;
  48} __attribute__ ((packed));
  49
  50
  51/* must be called under mdev tx lock */
  52void ieee80211_configure_filter(struct ieee80211_local *local)
  53{
  54        unsigned int changed_flags;
  55        unsigned int new_flags = 0;
  56
  57        if (atomic_read(&local->iff_promiscs))
  58                new_flags |= FIF_PROMISC_IN_BSS;
  59
  60        if (atomic_read(&local->iff_allmultis))
  61                new_flags |= FIF_ALLMULTI;
  62
  63        if (local->monitors)
  64                new_flags |= FIF_BCN_PRBRESP_PROMISC;
  65
  66        if (local->fif_fcsfail)
  67                new_flags |= FIF_FCSFAIL;
  68
  69        if (local->fif_plcpfail)
  70                new_flags |= FIF_PLCPFAIL;
  71
  72        if (local->fif_control)
  73                new_flags |= FIF_CONTROL;
  74
  75        if (local->fif_other_bss)
  76                new_flags |= FIF_OTHER_BSS;
  77
  78        changed_flags = local->filter_flags ^ new_flags;
  79
  80        /* be a bit nasty */
  81        new_flags |= (1<<31);
  82
  83        local->ops->configure_filter(local_to_hw(local),
  84                                     changed_flags, &new_flags,
  85                                     local->mdev->mc_count,
  86                                     local->mdev->mc_list);
  87
  88        WARN_ON(new_flags & (1<<31));
  89
  90        local->filter_flags = new_flags & ~(1<<31);
  91}
  92
  93/* master interface */
  94
  95static int header_parse_80211(const struct sk_buff *skb, unsigned char *haddr)
  96{
  97        memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
  98        return ETH_ALEN;
  99}
 100
 101static const struct header_ops ieee80211_header_ops = {
 102        .create         = eth_header,
 103        .parse          = header_parse_80211,
 104        .rebuild        = eth_rebuild_header,
 105        .cache          = eth_header_cache,
 106        .cache_update   = eth_header_cache_update,
 107};
 108
 109static int ieee80211_master_open(struct net_device *dev)
 110{
 111        struct ieee80211_master_priv *mpriv = netdev_priv(dev);
 112        struct ieee80211_local *local = mpriv->local;
 113        struct ieee80211_sub_if_data *sdata;
 114        int res = -EOPNOTSUPP;
 115
 116        /* we hold the RTNL here so can safely walk the list */
 117        list_for_each_entry(sdata, &local->interfaces, list) {
 118                if (netif_running(sdata->dev)) {
 119                        res = 0;
 120                        break;
 121                }
 122        }
 123
 124        if (res)
 125                return res;
 126
 127        netif_tx_start_all_queues(local->mdev);
 128
 129        return 0;
 130}
 131
 132static int ieee80211_master_stop(struct net_device *dev)
 133{
 134        struct ieee80211_master_priv *mpriv = netdev_priv(dev);
 135        struct ieee80211_local *local = mpriv->local;
 136        struct ieee80211_sub_if_data *sdata;
 137
 138        /* we hold the RTNL here so can safely walk the list */
 139        list_for_each_entry(sdata, &local->interfaces, list)
 140                if (netif_running(sdata->dev))
 141                        dev_close(sdata->dev);
 142
 143        return 0;
 144}
 145
 146static void ieee80211_master_set_multicast_list(struct net_device *dev)
 147{
 148        struct ieee80211_master_priv *mpriv = netdev_priv(dev);
 149        struct ieee80211_local *local = mpriv->local;
 150
 151        ieee80211_configure_filter(local);
 152}
 153
 154/* everything else */
 155
 156int ieee80211_if_config(struct ieee80211_sub_if_data *sdata, u32 changed)
 157{
 158        struct ieee80211_local *local = sdata->local;
 159        struct ieee80211_if_conf conf;
 160
 161        if (WARN_ON(!netif_running(sdata->dev)))
 162                return 0;
 163
 164        memset(&conf, 0, sizeof(conf));
 165
 166        if (sdata->vif.type == NL80211_IFTYPE_STATION)
 167                conf.bssid = sdata->u.mgd.bssid;
 168        else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
 169                conf.bssid = sdata->u.ibss.bssid;
 170        else if (sdata->vif.type == NL80211_IFTYPE_AP)
 171                conf.bssid = sdata->dev->dev_addr;
 172        else if (ieee80211_vif_is_mesh(&sdata->vif)) {
 173                static const u8 zero[ETH_ALEN] = { 0 };
 174                conf.bssid = zero;
 175        } else {
 176                WARN_ON(1);
 177                return -EINVAL;
 178        }
 179
 180        if (!local->ops->config_interface)
 181                return 0;
 182
 183        switch (sdata->vif.type) {
 184        case NL80211_IFTYPE_AP:
 185        case NL80211_IFTYPE_ADHOC:
 186        case NL80211_IFTYPE_MESH_POINT:
 187                break;
 188        default:
 189                /* do not warn to simplify caller in scan.c */
 190                changed &= ~IEEE80211_IFCC_BEACON_ENABLED;
 191                if (WARN_ON(changed & IEEE80211_IFCC_BEACON))
 192                        return -EINVAL;
 193                changed &= ~IEEE80211_IFCC_BEACON;
 194                break;
 195        }
 196
 197        if (changed & IEEE80211_IFCC_BEACON_ENABLED) {
 198                if (local->sw_scanning) {
 199                        conf.enable_beacon = false;
 200                } else {
 201                        /*
 202                         * Beacon should be enabled, but AP mode must
 203                         * check whether there is a beacon configured.
 204                         */
 205                        switch (sdata->vif.type) {
 206                        case NL80211_IFTYPE_AP:
 207                                conf.enable_beacon =
 208                                        !!rcu_dereference(sdata->u.ap.beacon);
 209                                break;
 210                        case NL80211_IFTYPE_ADHOC:
 211                                conf.enable_beacon = !!sdata->u.ibss.probe_resp;
 212                                break;
 213                        case NL80211_IFTYPE_MESH_POINT:
 214                                conf.enable_beacon = true;
 215                                break;
 216                        default:
 217                                /* not reached */
 218                                WARN_ON(1);
 219                                break;
 220                        }
 221                }
 222        }
 223
 224        conf.changed = changed;
 225
 226        return local->ops->config_interface(local_to_hw(local),
 227                                            &sdata->vif, &conf);
 228}
 229
 230int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
 231{
 232        struct ieee80211_channel *chan;
 233        int ret = 0;
 234        int power;
 235        enum nl80211_channel_type channel_type;
 236
 237        might_sleep();
 238
 239        if (local->sw_scanning) {
 240                chan = local->scan_channel;
 241                channel_type = NL80211_CHAN_NO_HT;
 242        } else {
 243                chan = local->oper_channel;
 244                channel_type = local->oper_channel_type;
 245        }
 246
 247        if (chan != local->hw.conf.channel ||
 248            channel_type != local->hw.conf.channel_type) {
 249                local->hw.conf.channel = chan;
 250                local->hw.conf.channel_type = channel_type;
 251                changed |= IEEE80211_CONF_CHANGE_CHANNEL;
 252        }
 253
 254        if (local->sw_scanning)
 255                power = chan->max_power;
 256        else
 257                power = local->power_constr_level ?
 258                        (chan->max_power - local->power_constr_level) :
 259                        chan->max_power;
 260
 261        if (local->user_power_level >= 0)
 262                power = min(power, local->user_power_level);
 263
 264        if (local->hw.conf.power_level != power) {
 265                changed |= IEEE80211_CONF_CHANGE_POWER;
 266                local->hw.conf.power_level = power;
 267        }
 268
 269        if (changed && local->open_count) {
 270                ret = local->ops->config(local_to_hw(local), changed);
 271                /*
 272                 * Goal:
 273                 * HW reconfiguration should never fail, the driver has told
 274                 * us what it can support so it should live up to that promise.
 275                 *
 276                 * Current status:
 277                 * rfkill is not integrated with mac80211 and a
 278                 * configuration command can thus fail if hardware rfkill
 279                 * is enabled
 280                 *
 281                 * FIXME: integrate rfkill with mac80211 and then add this
 282                 * WARN_ON() back
 283                 *
 284                 */
 285                /* WARN_ON(ret); */
 286        }
 287
 288        return ret;
 289}
 290
 291void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
 292                                      u32 changed)
 293{
 294        struct ieee80211_local *local = sdata->local;
 295
 296        if (WARN_ON(sdata->vif.type == NL80211_IFTYPE_AP_VLAN))
 297                return;
 298
 299        if (!changed)
 300                return;
 301
 302        if (local->ops->bss_info_changed)
 303                local->ops->bss_info_changed(local_to_hw(local),
 304                                             &sdata->vif,
 305                                             &sdata->vif.bss_conf,
 306                                             changed);
 307}
 308
 309u32 ieee80211_reset_erp_info(struct ieee80211_sub_if_data *sdata)
 310{
 311        sdata->vif.bss_conf.use_cts_prot = false;
 312        sdata->vif.bss_conf.use_short_preamble = false;
 313        sdata->vif.bss_conf.use_short_slot = false;
 314        return BSS_CHANGED_ERP_CTS_PROT |
 315               BSS_CHANGED_ERP_PREAMBLE |
 316               BSS_CHANGED_ERP_SLOT;
 317}
 318
 319void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
 320                                 struct sk_buff *skb)
 321{
 322        struct ieee80211_local *local = hw_to_local(hw);
 323        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 324        int tmp;
 325
 326        skb->dev = local->mdev;
 327        skb->pkt_type = IEEE80211_TX_STATUS_MSG;
 328        skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ?
 329                       &local->skb_queue : &local->skb_queue_unreliable, skb);
 330        tmp = skb_queue_len(&local->skb_queue) +
 331                skb_queue_len(&local->skb_queue_unreliable);
 332        while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
 333               (skb = skb_dequeue(&local->skb_queue_unreliable))) {
 334                dev_kfree_skb_irq(skb);
 335                tmp--;
 336                I802_DEBUG_INC(local->tx_status_drop);
 337        }
 338        tasklet_schedule(&local->tasklet);
 339}
 340EXPORT_SYMBOL(ieee80211_tx_status_irqsafe);
 341
 342static void ieee80211_tasklet_handler(unsigned long data)
 343{
 344        struct ieee80211_local *local = (struct ieee80211_local *) data;
 345        struct sk_buff *skb;
 346        struct ieee80211_rx_status rx_status;
 347        struct ieee80211_ra_tid *ra_tid;
 348
 349        while ((skb = skb_dequeue(&local->skb_queue)) ||
 350               (skb = skb_dequeue(&local->skb_queue_unreliable))) {
 351                switch (skb->pkt_type) {
 352                case IEEE80211_RX_MSG:
 353                        /* status is in skb->cb */
 354                        memcpy(&rx_status, skb->cb, sizeof(rx_status));
 355                        /* Clear skb->pkt_type in order to not confuse kernel
 356                         * netstack. */
 357                        skb->pkt_type = 0;
 358                        __ieee80211_rx(local_to_hw(local), skb, &rx_status);
 359                        break;
 360                case IEEE80211_TX_STATUS_MSG:
 361                        skb->pkt_type = 0;
 362                        ieee80211_tx_status(local_to_hw(local), skb);
 363                        break;
 364                case IEEE80211_DELBA_MSG:
 365                        ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
 366                        ieee80211_stop_tx_ba_cb(local_to_hw(local),
 367                                                ra_tid->ra, ra_tid->tid);
 368                        dev_kfree_skb(skb);
 369                        break;
 370                case IEEE80211_ADDBA_MSG:
 371                        ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
 372                        ieee80211_start_tx_ba_cb(local_to_hw(local),
 373                                                 ra_tid->ra, ra_tid->tid);
 374                        dev_kfree_skb(skb);
 375                        break ;
 376                default:
 377                        WARN(1, "mac80211: Packet is of unknown type %d\n",
 378                             skb->pkt_type);
 379                        dev_kfree_skb(skb);
 380                        break;
 381                }
 382        }
 383}
 384
 385/* Remove added headers (e.g., QoS control), encryption header/MIC, etc. to
 386 * make a prepared TX frame (one that has been given to hw) to look like brand
 387 * new IEEE 802.11 frame that is ready to go through TX processing again.
 388 */
 389static void ieee80211_remove_tx_extra(struct ieee80211_local *local,
 390                                      struct ieee80211_key *key,
 391                                      struct sk_buff *skb)
 392{
 393        unsigned int hdrlen, iv_len, mic_len;
 394        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
 395
 396        hdrlen = ieee80211_hdrlen(hdr->frame_control);
 397
 398        if (!key)
 399                goto no_key;
 400
 401        switch (key->conf.alg) {
 402        case ALG_WEP:
 403                iv_len = WEP_IV_LEN;
 404                mic_len = WEP_ICV_LEN;
 405                break;
 406        case ALG_TKIP:
 407                iv_len = TKIP_IV_LEN;
 408                mic_len = TKIP_ICV_LEN;
 409                break;
 410        case ALG_CCMP:
 411                iv_len = CCMP_HDR_LEN;
 412                mic_len = CCMP_MIC_LEN;
 413                break;
 414        default:
 415                goto no_key;
 416        }
 417
 418        if (skb->len >= hdrlen + mic_len &&
 419            !(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
 420                skb_trim(skb, skb->len - mic_len);
 421        if (skb->len >= hdrlen + iv_len) {
 422                memmove(skb->data + iv_len, skb->data, hdrlen);
 423                hdr = (struct ieee80211_hdr *)skb_pull(skb, iv_len);
 424        }
 425
 426no_key:
 427        if (ieee80211_is_data_qos(hdr->frame_control)) {
 428                hdr->frame_control &= ~cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
 429                memmove(skb->data + IEEE80211_QOS_CTL_LEN, skb->data,
 430                        hdrlen - IEEE80211_QOS_CTL_LEN);
 431                skb_pull(skb, IEEE80211_QOS_CTL_LEN);
 432        }
 433}
 434
 435static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
 436                                            struct sta_info *sta,
 437                                            struct sk_buff *skb)
 438{
 439        sta->tx_filtered_count++;
 440
 441        /*
 442         * Clear the TX filter mask for this STA when sending the next
 443         * packet. If the STA went to power save mode, this will happen
 444         * when it wakes up for the next time.
 445         */
 446        set_sta_flags(sta, WLAN_STA_CLEAR_PS_FILT);
 447
 448        /*
 449         * This code races in the following way:
 450         *
 451         *  (1) STA sends frame indicating it will go to sleep and does so
 452         *  (2) hardware/firmware adds STA to filter list, passes frame up
 453         *  (3) hardware/firmware processes TX fifo and suppresses a frame
 454         *  (4) we get TX status before having processed the frame and
 455         *      knowing that the STA has gone to sleep.
 456         *
 457         * This is actually quite unlikely even when both those events are
 458         * processed from interrupts coming in quickly after one another or
 459         * even at the same time because we queue both TX status events and
 460         * RX frames to be processed by a tasklet and process them in the
 461         * same order that they were received or TX status last. Hence, there
 462         * is no race as long as the frame RX is processed before the next TX
 463         * status, which drivers can ensure, see below.
 464         *
 465         * Note that this can only happen if the hardware or firmware can
 466         * actually add STAs to the filter list, if this is done by the
 467         * driver in response to set_tim() (which will only reduce the race
 468         * this whole filtering tries to solve, not completely solve it)
 469         * this situation cannot happen.
 470         *
 471         * To completely solve this race drivers need to make sure that they
 472         *  (a) don't mix the irq-safe/not irq-safe TX status/RX processing
 473         *      functions and
 474         *  (b) always process RX events before TX status events if ordering
 475         *      can be unknown, for example with different interrupt status
 476         *      bits.
 477         */
 478        if (test_sta_flags(sta, WLAN_STA_PS) &&
 479            skb_queue_len(&sta->tx_filtered) < STA_MAX_TX_BUFFER) {
 480                ieee80211_remove_tx_extra(local, sta->key, skb);
 481                skb_queue_tail(&sta->tx_filtered, skb);
 482                return;
 483        }
 484
 485        if (!test_sta_flags(sta, WLAN_STA_PS) && !skb->requeue) {
 486                /* Software retry the packet once */
 487                skb->requeue = 1;
 488                ieee80211_remove_tx_extra(local, sta->key, skb);
 489                dev_queue_xmit(skb);
 490                return;
 491        }
 492
 493#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
 494        if (net_ratelimit())
 495                printk(KERN_DEBUG "%s: dropped TX filtered frame, "
 496                       "queue_len=%d PS=%d @%lu\n",
 497                       wiphy_name(local->hw.wiphy),
 498                       skb_queue_len(&sta->tx_filtered),
 499                       !!test_sta_flags(sta, WLAN_STA_PS), jiffies);
 500#endif
 501        dev_kfree_skb(skb);
 502}
 503
 504void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
 505{
 506        struct sk_buff *skb2;
 507        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
 508        struct ieee80211_local *local = hw_to_local(hw);
 509        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 510        u16 frag, type;
 511        __le16 fc;
 512        struct ieee80211_supported_band *sband;
 513        struct ieee80211_tx_status_rtap_hdr *rthdr;
 514        struct ieee80211_sub_if_data *sdata;
 515        struct net_device *prev_dev = NULL;
 516        struct sta_info *sta;
 517        int retry_count = -1, i;
 518
 519        for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
 520                /* the HW cannot have attempted that rate */
 521                if (i >= hw->max_rates) {
 522                        info->status.rates[i].idx = -1;
 523                        info->status.rates[i].count = 0;
 524                }
 525
 526                retry_count += info->status.rates[i].count;
 527        }
 528        if (retry_count < 0)
 529                retry_count = 0;
 530
 531        rcu_read_lock();
 532
 533        sband = local->hw.wiphy->bands[info->band];
 534
 535        sta = sta_info_get(local, hdr->addr1);
 536
 537        if (sta) {
 538                if (!(info->flags & IEEE80211_TX_STAT_ACK) &&
 539                    test_sta_flags(sta, WLAN_STA_PS)) {
 540                        /*
 541                         * The STA is in power save mode, so assume
 542                         * that this TX packet failed because of that.
 543                         */
 544                        ieee80211_handle_filtered_frame(local, sta, skb);
 545                        rcu_read_unlock();
 546                        return;
 547                }
 548
 549                fc = hdr->frame_control;
 550
 551                if ((info->flags & IEEE80211_TX_STAT_AMPDU_NO_BACK) &&
 552                    (ieee80211_is_data_qos(fc))) {
 553                        u16 tid, ssn;
 554                        u8 *qc;
 555
 556                        qc = ieee80211_get_qos_ctl(hdr);
 557                        tid = qc[0] & 0xf;
 558                        ssn = ((le16_to_cpu(hdr->seq_ctrl) + 0x10)
 559                                                & IEEE80211_SCTL_SEQ);
 560                        ieee80211_send_bar(sta->sdata, hdr->addr1,
 561                                           tid, ssn);
 562                }
 563
 564                if (info->flags & IEEE80211_TX_STAT_TX_FILTERED) {
 565                        ieee80211_handle_filtered_frame(local, sta, skb);
 566                        rcu_read_unlock();
 567                        return;
 568                } else {
 569                        if (!(info->flags & IEEE80211_TX_STAT_ACK))
 570                                sta->tx_retry_failed++;
 571                        sta->tx_retry_count += retry_count;
 572                }
 573
 574                rate_control_tx_status(local, sband, sta, skb);
 575        }
 576
 577        rcu_read_unlock();
 578
 579        ieee80211_led_tx(local, 0);
 580
 581        /* SNMP counters
 582         * Fragments are passed to low-level drivers as separate skbs, so these
 583         * are actually fragments, not frames. Update frame counters only for
 584         * the first fragment of the frame. */
 585
 586        frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
 587        type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
 588
 589        if (info->flags & IEEE80211_TX_STAT_ACK) {
 590                if (frag == 0) {
 591                        local->dot11TransmittedFrameCount++;
 592                        if (is_multicast_ether_addr(hdr->addr1))
 593                                local->dot11MulticastTransmittedFrameCount++;
 594                        if (retry_count > 0)
 595                                local->dot11RetryCount++;
 596                        if (retry_count > 1)
 597                                local->dot11MultipleRetryCount++;
 598                }
 599
 600                /* This counter shall be incremented for an acknowledged MPDU
 601                 * with an individual address in the address 1 field or an MPDU
 602                 * with a multicast address in the address 1 field of type Data
 603                 * or Management. */
 604                if (!is_multicast_ether_addr(hdr->addr1) ||
 605                    type == IEEE80211_FTYPE_DATA ||
 606                    type == IEEE80211_FTYPE_MGMT)
 607                        local->dot11TransmittedFragmentCount++;
 608        } else {
 609                if (frag == 0)
 610                        local->dot11FailedCount++;
 611        }
 612
 613        /* this was a transmitted frame, but now we want to reuse it */
 614        skb_orphan(skb);
 615
 616        /*
 617         * This is a bit racy but we can avoid a lot of work
 618         * with this test...
 619         */
 620        if (!local->monitors && !local->cooked_mntrs) {
 621                dev_kfree_skb(skb);
 622                return;
 623        }
 624
 625        /* send frame to monitor interfaces now */
 626
 627        if (skb_headroom(skb) < sizeof(*rthdr)) {
 628                printk(KERN_ERR "ieee80211_tx_status: headroom too small\n");
 629                dev_kfree_skb(skb);
 630                return;
 631        }
 632
 633        rthdr = (struct ieee80211_tx_status_rtap_hdr *)
 634                                skb_push(skb, sizeof(*rthdr));
 635
 636        memset(rthdr, 0, sizeof(*rthdr));
 637        rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr));
 638        rthdr->hdr.it_present =
 639                cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) |
 640                            (1 << IEEE80211_RADIOTAP_DATA_RETRIES) |
 641                            (1 << IEEE80211_RADIOTAP_RATE));
 642
 643        if (!(info->flags & IEEE80211_TX_STAT_ACK) &&
 644            !is_multicast_ether_addr(hdr->addr1))
 645                rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_FAIL);
 646
 647        /*
 648         * XXX: Once radiotap gets the bitmap reset thing the vendor
 649         *      extensions proposal contains, we can actually report
 650         *      the whole set of tries we did.
 651         */
 652        if ((info->status.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS) ||
 653            (info->status.rates[0].flags & IEEE80211_TX_RC_USE_CTS_PROTECT))
 654                rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_CTS);
 655        else if (info->status.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS)
 656                rthdr->tx_flags |= cpu_to_le16(IEEE80211_RADIOTAP_F_TX_RTS);
 657        if (info->status.rates[0].idx >= 0 &&
 658            !(info->status.rates[0].flags & IEEE80211_TX_RC_MCS))
 659                rthdr->rate = sband->bitrates[
 660                                info->status.rates[0].idx].bitrate / 5;
 661
 662        /* for now report the total retry_count */
 663        rthdr->data_retries = retry_count;
 664
 665        /* XXX: is this sufficient for BPF? */
 666        skb_set_mac_header(skb, 0);
 667        skb->ip_summed = CHECKSUM_UNNECESSARY;
 668        skb->pkt_type = PACKET_OTHERHOST;
 669        skb->protocol = htons(ETH_P_802_2);
 670        memset(skb->cb, 0, sizeof(skb->cb));
 671
 672        rcu_read_lock();
 673        list_for_each_entry_rcu(sdata, &local->interfaces, list) {
 674                if (sdata->vif.type == NL80211_IFTYPE_MONITOR) {
 675                        if (!netif_running(sdata->dev))
 676                                continue;
 677
 678                        if (prev_dev) {
 679                                skb2 = skb_clone(skb, GFP_ATOMIC);
 680                                if (skb2) {
 681                                        skb2->dev = prev_dev;
 682                                        netif_rx(skb2);
 683                                }
 684                        }
 685
 686                        prev_dev = sdata->dev;
 687                }
 688        }
 689        if (prev_dev) {
 690                skb->dev = prev_dev;
 691                netif_rx(skb);
 692                skb = NULL;
 693        }
 694        rcu_read_unlock();
 695        dev_kfree_skb(skb);
 696}
 697EXPORT_SYMBOL(ieee80211_tx_status);
 698
 699struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
 700                                        const struct ieee80211_ops *ops)
 701{
 702        struct ieee80211_local *local;
 703        int priv_size, i;
 704        struct wiphy *wiphy;
 705
 706        /* Ensure 32-byte alignment of our private data and hw private data.
 707         * We use the wiphy priv data for both our ieee80211_local and for
 708         * the driver's private data
 709         *
 710         * In memory it'll be like this:
 711         *
 712         * +-------------------------+
 713         * | struct wiphy           |
 714         * +-------------------------+
 715         * | struct ieee80211_local  |
 716         * +-------------------------+
 717         * | driver's private data   |
 718         * +-------------------------+
 719         *
 720         */
 721        priv_size = ((sizeof(struct ieee80211_local) +
 722                      NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST) +
 723                    priv_data_len;
 724
 725        wiphy = wiphy_new(&mac80211_config_ops, priv_size);
 726
 727        if (!wiphy)
 728                return NULL;
 729
 730        wiphy->privid = mac80211_wiphy_privid;
 731        wiphy->max_scan_ssids = 4;
 732        /* Yes, putting cfg80211_bss into ieee80211_bss is a hack */
 733        wiphy->bss_priv_size = sizeof(struct ieee80211_bss) -
 734                               sizeof(struct cfg80211_bss);
 735
 736        local = wiphy_priv(wiphy);
 737        local->hw.wiphy = wiphy;
 738
 739        local->hw.priv = (char *)local +
 740                         ((sizeof(struct ieee80211_local) +
 741                           NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST);
 742
 743        BUG_ON(!ops->tx);
 744        BUG_ON(!ops->start);
 745        BUG_ON(!ops->stop);
 746        BUG_ON(!ops->config);
 747        BUG_ON(!ops->add_interface);
 748        BUG_ON(!ops->remove_interface);
 749        BUG_ON(!ops->configure_filter);
 750        local->ops = ops;
 751
 752        /* set up some defaults */
 753        local->hw.queues = 1;
 754        local->hw.max_rates = 1;
 755        local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
 756        local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
 757        local->hw.conf.long_frame_max_tx_count = 4;
 758        local->hw.conf.short_frame_max_tx_count = 7;
 759        local->hw.conf.radio_enabled = true;
 760        local->user_power_level = -1;
 761
 762        INIT_LIST_HEAD(&local->interfaces);
 763        mutex_init(&local->iflist_mtx);
 764
 765        spin_lock_init(&local->key_lock);
 766
 767        spin_lock_init(&local->queue_stop_reason_lock);
 768
 769        INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work);
 770
 771        INIT_WORK(&local->dynamic_ps_enable_work,
 772                  ieee80211_dynamic_ps_enable_work);
 773        INIT_WORK(&local->dynamic_ps_disable_work,
 774                  ieee80211_dynamic_ps_disable_work);
 775        setup_timer(&local->dynamic_ps_timer,
 776                    ieee80211_dynamic_ps_timer, (unsigned long) local);
 777
 778        sta_info_init(local);
 779
 780        for (i = 0; i < IEEE80211_MAX_QUEUES; i++)
 781                skb_queue_head_init(&local->pending[i]);
 782        tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
 783                     (unsigned long)local);
 784        tasklet_disable(&local->tx_pending_tasklet);
 785
 786        tasklet_init(&local->tasklet,
 787                     ieee80211_tasklet_handler,
 788                     (unsigned long) local);
 789        tasklet_disable(&local->tasklet);
 790
 791        skb_queue_head_init(&local->skb_queue);
 792        skb_queue_head_init(&local->skb_queue_unreliable);
 793
 794        spin_lock_init(&local->ampdu_lock);
 795
 796        return local_to_hw(local);
 797}
 798EXPORT_SYMBOL(ieee80211_alloc_hw);
 799
 800static const struct net_device_ops ieee80211_master_ops = {
 801        .ndo_start_xmit = ieee80211_master_start_xmit,
 802        .ndo_open = ieee80211_master_open,
 803        .ndo_stop = ieee80211_master_stop,
 804        .ndo_set_multicast_list = ieee80211_master_set_multicast_list,
 805        .ndo_select_queue = ieee80211_select_queue,
 806};
 807
 808static void ieee80211_master_setup(struct net_device *mdev)
 809{
 810        mdev->type = ARPHRD_IEEE80211;
 811        mdev->netdev_ops = &ieee80211_master_ops;
 812        mdev->header_ops = &ieee80211_header_ops;
 813        mdev->tx_queue_len = 1000;
 814        mdev->addr_len = ETH_ALEN;
 815}
 816
 817int ieee80211_register_hw(struct ieee80211_hw *hw)
 818{
 819        struct ieee80211_local *local = hw_to_local(hw);
 820        int result;
 821        enum ieee80211_band band;
 822        struct net_device *mdev;
 823        struct ieee80211_master_priv *mpriv;
 824        int channels, i, j;
 825
 826        /*
 827         * generic code guarantees at least one band,
 828         * set this very early because much code assumes
 829         * that hw.conf.channel is assigned
 830         */
 831        channels = 0;
 832        for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
 833                struct ieee80211_supported_band *sband;
 834
 835                sband = local->hw.wiphy->bands[band];
 836                if (sband && !local->oper_channel) {
 837                        /* init channel we're on */
 838                        local->hw.conf.channel =
 839                        local->oper_channel =
 840                        local->scan_channel = &sband->channels[0];
 841                }
 842                if (sband)
 843                        channels += sband->n_channels;
 844        }
 845
 846        local->int_scan_req.n_channels = channels;
 847        local->int_scan_req.channels = kzalloc(sizeof(void *) * channels, GFP_KERNEL);
 848        if (!local->int_scan_req.channels)
 849                return -ENOMEM;
 850
 851        /* if low-level driver supports AP, we also support VLAN */
 852        if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_AP))
 853                local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP_VLAN);
 854
 855        /* mac80211 always supports monitor */
 856        local->hw.wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
 857
 858        if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
 859                local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
 860        else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
 861                local->hw.wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;
 862
 863        result = wiphy_register(local->hw.wiphy);
 864        if (result < 0)
 865                goto fail_wiphy_register;
 866
 867        /*
 868         * We use the number of queues for feature tests (QoS, HT) internally
 869         * so restrict them appropriately.
 870         */
 871        if (hw->queues > IEEE80211_MAX_QUEUES)
 872                hw->queues = IEEE80211_MAX_QUEUES;
 873
 874        mdev = alloc_netdev_mq(sizeof(struct ieee80211_master_priv),
 875                               "wmaster%d", ieee80211_master_setup,
 876                               hw->queues);
 877        if (!mdev)
 878                goto fail_mdev_alloc;
 879
 880        mpriv = netdev_priv(mdev);
 881        mpriv->local = local;
 882        local->mdev = mdev;
 883
 884        local->hw.workqueue =
 885                create_singlethread_workqueue(wiphy_name(local->hw.wiphy));
 886        if (!local->hw.workqueue) {
 887                result = -ENOMEM;
 888                goto fail_workqueue;
 889        }
 890
 891        /*
 892         * The hardware needs headroom for sending the frame,
 893         * and we need some headroom for passing the frame to monitor
 894         * interfaces, but never both at the same time.
 895         */
 896        local->tx_headroom = max_t(unsigned int , local->hw.extra_tx_headroom,
 897                                   sizeof(struct ieee80211_tx_status_rtap_hdr));
 898
 899        debugfs_hw_add(local);
 900
 901        if (local->hw.conf.beacon_int < 10)
 902                local->hw.conf.beacon_int = 100;
 903
 904        if (local->hw.max_listen_interval == 0)
 905                local->hw.max_listen_interval = 1;
 906
 907        local->hw.conf.listen_interval = local->hw.max_listen_interval;
 908
 909        result = sta_info_start(local);
 910        if (result < 0)
 911                goto fail_sta_info;
 912
 913        result = ieee80211_wep_init(local);
 914        if (result < 0) {
 915                printk(KERN_DEBUG "%s: Failed to initialize wep: %d\n",
 916                       wiphy_name(local->hw.wiphy), result);
 917                goto fail_wep;
 918        }
 919
 920        rtnl_lock();
 921        result = dev_alloc_name(local->mdev, local->mdev->name);
 922        if (result < 0)
 923                goto fail_dev;
 924
 925        memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
 926        SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
 927        local->mdev->features |= NETIF_F_NETNS_LOCAL;
 928
 929        result = register_netdevice(local->mdev);
 930        if (result < 0)
 931                goto fail_dev;
 932
 933        result = ieee80211_init_rate_ctrl_alg(local,
 934                                              hw->rate_control_algorithm);
 935        if (result < 0) {
 936                printk(KERN_DEBUG "%s: Failed to initialize rate control "
 937                       "algorithm\n", wiphy_name(local->hw.wiphy));
 938                goto fail_rate;
 939        }
 940
 941        /* add one default STA interface if supported */
 942        if (local->hw.wiphy->interface_modes & BIT(NL80211_IFTYPE_STATION)) {
 943                result = ieee80211_if_add(local, "wlan%d", NULL,
 944                                          NL80211_IFTYPE_STATION, NULL);
 945                if (result)
 946                        printk(KERN_WARNING "%s: Failed to add default virtual iface\n",
 947                               wiphy_name(local->hw.wiphy));
 948        }
 949
 950        rtnl_unlock();
 951
 952        ieee80211_led_init(local);
 953
 954        /* alloc internal scan request */
 955        i = 0;
 956        local->int_scan_req.ssids = &local->scan_ssid;
 957        local->int_scan_req.n_ssids = 1;
 958        for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
 959                if (!hw->wiphy->bands[band])
 960                        continue;
 961                for (j = 0; j < hw->wiphy->bands[band]->n_channels; j++) {
 962                        local->int_scan_req.channels[i] =
 963                                &hw->wiphy->bands[band]->channels[j];
 964                        i++;
 965                }
 966        }
 967
 968        return 0;
 969
 970fail_rate:
 971        unregister_netdevice(local->mdev);
 972        local->mdev = NULL;
 973fail_dev:
 974        rtnl_unlock();
 975        ieee80211_wep_free(local);
 976fail_wep:
 977        sta_info_stop(local);
 978fail_sta_info:
 979        debugfs_hw_del(local);
 980        destroy_workqueue(local->hw.workqueue);
 981fail_workqueue:
 982        if (local->mdev)
 983                free_netdev(local->mdev);
 984fail_mdev_alloc:
 985        wiphy_unregister(local->hw.wiphy);
 986fail_wiphy_register:
 987        kfree(local->int_scan_req.channels);
 988        return result;
 989}
 990EXPORT_SYMBOL(ieee80211_register_hw);
 991
 992void ieee80211_unregister_hw(struct ieee80211_hw *hw)
 993{
 994        struct ieee80211_local *local = hw_to_local(hw);
 995
 996        tasklet_kill(&local->tx_pending_tasklet);
 997        tasklet_kill(&local->tasklet);
 998
 999        rtnl_lock();
1000
1001        /*
1002         * At this point, interface list manipulations are fine
1003         * because the driver cannot be handing us frames any
1004         * more and the tasklet is killed.
1005         */
1006
1007        /* First, we remove all virtual interfaces. */
1008        ieee80211_remove_interfaces(local);
1009
1010        /* then, finally, remove the master interface */
1011        unregister_netdevice(local->mdev);
1012
1013        rtnl_unlock();
1014
1015        ieee80211_clear_tx_pending(local);
1016        sta_info_stop(local);
1017        rate_control_deinitialize(local);
1018        debugfs_hw_del(local);
1019
1020        if (skb_queue_len(&local->skb_queue)
1021                        || skb_queue_len(&local->skb_queue_unreliable))
1022                printk(KERN_WARNING "%s: skb_queue not empty\n",
1023                       wiphy_name(local->hw.wiphy));
1024        skb_queue_purge(&local->skb_queue);
1025        skb_queue_purge(&local->skb_queue_unreliable);
1026
1027        destroy_workqueue(local->hw.workqueue);
1028        wiphy_unregister(local->hw.wiphy);
1029        ieee80211_wep_free(local);
1030        ieee80211_led_exit(local);
1031        free_netdev(local->mdev);
1032        kfree(local->int_scan_req.channels);
1033}
1034EXPORT_SYMBOL(ieee80211_unregister_hw);
1035
1036void ieee80211_free_hw(struct ieee80211_hw *hw)
1037{
1038        struct ieee80211_local *local = hw_to_local(hw);
1039
1040        mutex_destroy(&local->iflist_mtx);
1041
1042        wiphy_free(local->hw.wiphy);
1043}
1044EXPORT_SYMBOL(ieee80211_free_hw);
1045
1046static int __init ieee80211_init(void)
1047{
1048        struct sk_buff *skb;
1049        int ret;
1050
1051        BUILD_BUG_ON(sizeof(struct ieee80211_tx_info) > sizeof(skb->cb));
1052        BUILD_BUG_ON(offsetof(struct ieee80211_tx_info, driver_data) +
1053                     IEEE80211_TX_INFO_DRIVER_DATA_SIZE > sizeof(skb->cb));
1054
1055        ret = rc80211_minstrel_init();
1056        if (ret)
1057                return ret;
1058
1059        ret = rc80211_pid_init();
1060        if (ret)
1061                return ret;
1062
1063        ieee80211_debugfs_netdev_init();
1064
1065        return 0;
1066}
1067
1068static void __exit ieee80211_exit(void)
1069{
1070        rc80211_pid_exit();
1071        rc80211_minstrel_exit();
1072
1073        /*
1074         * For key todo, it'll be empty by now but the work
1075         * might still be scheduled.
1076         */
1077        flush_scheduled_work();
1078
1079        if (mesh_allocated)
1080                ieee80211s_stop();
1081
1082        ieee80211_debugfs_netdev_exit();
1083}
1084
1085
1086subsys_initcall(ieee80211_init);
1087module_exit(ieee80211_exit);
1088
1089MODULE_DESCRIPTION("IEEE 802.11 subsystem");
1090MODULE_LICENSE("GPL");
1091